Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- wtf_WITH_BUFFER proc near ; CODE XREF: EncryptFile+368↑p
- var_E0 = byte ptr -0E0h
- var_DE = byte ptr -0DEh
- var_A0 = dword ptr -0A0h
- var_9C = dword ptr -9Ch
- var_98 = dword ptr -98h
- var_94 = dword ptr -94h
- var_90 = xmmword ptr -90h
- var_80 = xmmword ptr -80h
- var_70 = xmmword ptr -70h
- var_60 = xmmword ptr -60h
- var_50 = qword ptr -50h
- var_48 = dword ptr -48h
- var_44 = dword ptr -44h
- var_40 = dword ptr -40h
- var_3C = dword ptr -3Ch
- var_38 = dword ptr -38h
- var_34 = dword ptr -34h
- var_30 = dword ptr -30h
- var_2C = dword ptr -2Ch
- var_28 = dword ptr -28h
- var_24 = dword ptr -24h
- var_20 = dword ptr -20h
- var_1C = dword ptr -1Ch
- var_18 = dword ptr -18h
- var_14 = dword ptr -14h
- var_10 = dword ptr -10h
- var_C = dword ptr -0Ch
- var_8 = dword ptr -8
- var_4 = dword ptr -4
- arg_0 = dword ptr 8
- arg_4 = dword ptr 0Ch
- arg_8 = qword ptr 10h
- push ebp
- mov ebp, esp
- sub esp, 0E0h
- mov eax, dword ptr [ebp+arg_8]
- mov edx, dword ptr [ebp+arg_8+4]
- mov [ebp+var_10], eax
- or eax, edx
- mov [ebp+var_48], ecx
- mov [ebp+var_34], edx
- jz loc_402B56
- push ebx
- mov eax, ecx
- lea edx, [ebp+var_DE]
- sub eax, edx
- push esi
- mov [ebp+var_A0], eax
- push edi
- loc_4027F3: ; CODE XREF: wtf_WITH_BUFFER+38D↓j
- movups xmm0, xmmword ptr [ecx]
- mov [ebp+var_C], 0Ah
- movups [ebp+var_90], xmm0
- mov esi, dword ptr [ebp+var_90+4]
- movups xmm0, xmmword ptr [ecx+10h]
- mov [ebp+var_30], esi
- movups [ebp+var_80], xmm0
- movups xmm0, xmmword ptr [ecx+20h]
- movups [ebp+var_70], xmm0
- mov ebx, dword ptr [ebp+var_70+0Ch]
- movups xmm0, xmmword ptr [ecx+30h]
- mov ecx, dword ptr [ebp+var_90]
- mov [ebp+var_8], ebx
- movups [ebp+var_60], xmm0
- mov eax, dword ptr [ebp+var_60+8]
- mov edi, dword ptr [ebp+var_60+0Ch]
- mov edx, dword ptr [ebp+var_60]
- mov [ebp+var_24], eax
- mov eax, dword ptr [ebp+var_60+4]
- mov dword ptr [ebp+arg_8+4], eax
- mov eax, dword ptr [ebp+var_70+8]
- mov [ebp+var_20], eax
- mov eax, dword ptr [ebp+var_70+4]
- mov [ebp+var_1C], eax
- mov eax, dword ptr [ebp+var_70]
- mov [ebp+var_18], eax
- mov eax, dword ptr [ebp+var_80+0Ch]
- mov [ebp+var_40], eax
- mov eax, dword ptr [ebp+var_80+4]
- mov [ebp+var_44], eax
- mov eax, dword ptr [ebp+var_80]
- mov [ebp+var_14], eax
- mov eax, dword ptr [ebp+var_90+0Ch]
- mov [ebp+var_28], edi
- mov edi, dword ptr [ebp+var_80+8]
- mov [ebp+var_3C], eax
- mov eax, dword ptr [ebp+var_90+8]
- mov [ebp+var_2C], edi
- mov [ebp+var_38], eax
- mov [ebp+var_4], ecx
- loc_402885: ; CODE XREF: wtf_WITH_BUFFER+2A3↓j
- lea eax, [ecx+edx]
- rol eax, 7
- xor eax, [ebp+var_14]
- add ecx, eax
- mov [ebp+var_14], eax
- rol ecx, 9
- xor ecx, [ebp+var_18]
- add eax, ecx
- mov [ebp+var_94], ecx
- rol eax, 0Dh
- xor eax, edx
- mov edx, [ebp+var_44]
- mov [ebp+var_9C], eax
- add eax, ecx
- ror eax, 0Eh
- xor eax, [ebp+var_4]
- mov [ebp+var_4], eax
- lea eax, [esi+edx]
- rol eax, 7
- xor eax, [ebp+var_1C]
- mov [ebp+var_18], eax
- lea ecx, [eax+edx]
- rol ecx, 9
- xor ecx, dword ptr [ebp+arg_8+4]
- mov dword ptr [ebp+var_50+4], ecx
- lea esi, [eax+ecx]
- rol esi, 0Dh
- xor esi, [ebp+var_30]
- lea eax, [esi+ecx]
- ror eax, 0Eh
- xor eax, edx
- mov edx, [ebp+var_20]
- mov [ebp+var_1C], eax
- lea eax, [edi+edx]
- rol eax, 7
- xor eax, [ebp+var_24]
- mov [ebp+var_98], eax
- lea ecx, [eax+edx]
- rol ecx, 9
- xor ecx, [ebp+var_38]
- lea edi, [ecx+eax]
- rol edi, 0Dh
- xor edi, [ebp+var_2C]
- mov [ebp+var_24], edi
- lea eax, [ecx+edi]
- ror eax, 0Eh
- xor eax, edx
- mov edx, [ebp+var_28]
- mov [ebp+var_20], eax
- lea eax, [ebx+edx]
- rol eax, 7
- xor eax, [ebp+var_3C]
- add edx, eax
- rol edx, 9
- xor edx, [ebp+var_40]
- lea ebx, [edx+eax]
- rol ebx, 0Dh
- xor ebx, [ebp+var_8]
- mov [ebp+var_8], ebx
- lea edi, [edx+ebx]
- mov ebx, edi
- mov dword ptr [ebp+arg_8+4], edi
- ror ebx, 0Eh
- xor ebx, [ebp+var_28]
- mov dword ptr [ebp+arg_8+4], ebx
- mov ebx, [ebp+var_4]
- add ebx, eax
- rol ebx, 7
- xor ebx, esi
- mov esi, [ebp+var_4]
- mov [ebp+var_30], ebx
- mov dword ptr [ebp+var_90+4], ebx
- lea edi, [ebx+esi]
- rol edi, 9
- xor edi, ecx
- mov [ebp+var_38], edi
- mov dword ptr [ebp+var_90+8], edi
- lea ecx, [edi+ebx]
- rol ecx, 0Dh
- xor ecx, eax
- mov [ebp+var_3C], ecx
- lea eax, [edi+ecx]
- mov dword ptr [ebp+var_90+0Ch], ecx
- mov ecx, [ebp+var_14]
- ror eax, 0Eh
- xor eax, esi
- mov [ebp+var_4], eax
- mov dword ptr [ebp+var_90], eax
- mov eax, [ebp+var_1C]
- lea ebx, [ecx+eax]
- rol ebx, 7
- xor ebx, [ebp+var_24]
- mov [ebp+var_2C], ebx
- mov dword ptr [ebp+var_80+8], ebx
- mov edi, [ebp+var_2C]
- lea esi, [eax+ebx]
- rol esi, 9
- xor esi, edx
- mov [ebp+var_40], esi
- mov dword ptr [ebp+var_80+0Ch], esi
- lea edx, [esi+ebx]
- rol edx, 0Dh
- xor edx, ecx
- mov [ebp+var_14], edx
- mov dword ptr [ebp+var_80], edx
- lea ecx, [edx+esi]
- ror ecx, 0Eh
- xor ecx, eax
- mov eax, [ebp+var_20]
- mov [ebp+var_44], ecx
- mov dword ptr [ebp+var_80+4], ecx
- mov ecx, [ebp+var_18]
- lea edx, [ecx+eax]
- rol edx, 7
- xor edx, [ebp+var_8]
- mov [ebp+var_8], edx
- mov dword ptr [ebp+var_70+0Ch], edx
- lea ebx, [eax+edx]
- rol ebx, 9
- xor ebx, [ebp+var_94]
- add edx, ebx
- mov [ebp+var_18], ebx
- rol edx, 0Dh
- xor edx, ecx
- mov dword ptr [ebp+var_70], ebx
- mov [ebp+var_1C], edx
- mov dword ptr [ebp+var_70+4], edx
- lea ecx, [edx+ebx]
- ror ecx, 0Eh
- xor ecx, eax
- mov eax, dword ptr [ebp+arg_8+4]
- mov [ebp+var_20], ecx
- mov dword ptr [ebp+var_70+8], ecx
- mov ecx, [ebp+var_98]
- lea edx, [eax+ecx]
- rol edx, 7
- xor edx, [ebp+var_9C]
- lea ebx, [eax+edx]
- rol ebx, 9
- xor ebx, dword ptr [ebp+var_50+4]
- mov dword ptr [ebp+arg_8+4], ebx
- mov dword ptr [ebp+var_60+4], ebx
- lea esi, [ebx+edx]
- rol esi, 0Dh
- xor esi, ecx
- mov [ebp+var_24], esi
- mov dword ptr [ebp+var_60+8], esi
- lea ecx, [esi+ebx]
- mov ebx, [ebp+var_8]
- mov esi, [ebp+var_30]
- ror ecx, 0Eh
- xor ecx, eax
- sub [ebp+var_C], 1
- mov [ebp+var_28], ecx
- mov dword ptr [ebp+var_60+0Ch], ecx
- mov ecx, [ebp+var_4]
- jnz loc_402885
- mov dword ptr [ebp+var_60], edx
- xor eax, eax
- xchg ax, ax
- loc_402A70: ; CODE XREF: wtf_WITH_BUFFER+2F1↓j
- mov ecx, [ebp+var_A0]
- lea esi, [ebp+var_DE]
- add esi, eax
- mov ecx, [esi+ecx]
- add dword ptr [ebp+eax+var_90], ecx
- mov edx, dword ptr [ebp+eax+var_90]
- mov ecx, edx
- shr ecx, 8
- mov [esi-1], cl
- mov ecx, edx
- mov [ebp+eax+var_E0], dl
- add eax, 4
- shr ecx, 10h
- shr edx, 18h
- mov [esi], cl
- mov [esi+1], dl
- cmp eax, 40h
- jb short loc_402A70
- mov ecx, [ebp+var_48]
- mov eax, 0
- mov esi, [ebp+var_34]
- mov ebx, [ebp+var_10]
- add dword ptr [ecx+20h], 1
- setz al
- add [ecx+24h], eax
- test esi, esi
- jl short loc_402AE6
- jg short loc_402AD6
- cmp ebx, 40h
- jb short loc_402AE6
- loc_402AD6: ; CODE XREF: wtf_WITH_BUFFER+30F↑j
- mov [ebp+var_C], 40h
- mov dword ptr [ebp+arg_8+4], 0
- jmp short loc_402AF6
- ; ---------------------------------------------------------------------------
- loc_402AE6: ; CODE XREF: wtf_WITH_BUFFER+30D↑j
- ; wtf_WITH_BUFFER+314↑j
- mov [ebp+var_C], ebx
- mov dword ptr [ebp+arg_8+4], esi
- test esi, esi
- jl short loc_402B49
- jg short loc_402AF6
- test ebx, ebx
- jz short loc_402B49
- loc_402AF6: ; CODE XREF: wtf_WITH_BUFFER+324↑j
- ; wtf_WITH_BUFFER+330↑j
- mov edi, [ebp+arg_4]
- xorps xmm0, xmm0
- movlpd qword ptr [ebp-50h], xmm0
- mov edx, dword ptr [ebp+var_50+4]
- mov ecx, dword ptr [ebp+var_50]
- nop word ptr [eax+eax+00000000h]
- loc_402B10: ; CODE XREF: wtf_WITH_BUFFER+377↓j
- ; wtf_WITH_BUFFER+37E↓j
- mov esi, [ebp+arg_0]
- mov al, [ebp+ecx+var_E0]
- inc [ebp+arg_0]
- xor al, [esi]
- mov esi, [ebp+var_34]
- mov [edi], al
- inc edi
- add ecx, 1
- adc edx, 0
- add ebx, 0FFFFFFFFh
- adc esi, 0FFFFFFFFh
- mov [ebp+var_34], esi
- cmp edx, dword ptr [ebp+arg_8+4]
- jl short loc_402B10
- jg short loc_402B40
- cmp ecx, [ebp+var_C]
- jb short loc_402B10
- loc_402B40: ; CODE XREF: wtf_WITH_BUFFER+379↑j
- mov ecx, [ebp+var_48]
- mov [ebp+arg_4], edi
- mov [ebp+var_10], ebx
- loc_402B49: ; CODE XREF: wtf_WITH_BUFFER+32E↑j
- ; wtf_WITH_BUFFER+334↑j
- mov eax, ebx
- or eax, esi
- jnz loc_4027F3
- pop edi
- pop esi
- pop ebx
- loc_402B56: ; CODE XREF: wtf_WITH_BUFFER+1A↑j
- mov esp, ebp
- pop ebp
- retn 10h
- wtf_WITH_BUFFER endp
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
