Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- .data:00000000 55 push ebp
- .data:00000001 8b ec mov ebp,esp
- .data:00000003 81 c4 00 fa ff ff add esp,0xfffffa00
- .data:00000009 53 push ebx
- .data:0000000a 56 push esi
- .data:0000000b 57 push edi
- .data:0000000c 53 push ebx
- .data:0000000d 56 push esi
- .data:0000000e 57 push edi
- .data:0000000f fc cld
- .data:00000010 31 d2 xor edx,edx
- .data:00000012 64 8b 52 30 mov edx,DWORD PTR fs:[edx+0x30]
- .data:00000016 8b 52 0c mov edx,DWORD PTR [edx+0xc]
- .data:00000019 8b 52 14 mov edx,DWORD PTR [edx+0x14]
- .data:0000001c 8b 72 28 mov esi,DWORD PTR [edx+0x28]
- .data:0000001f 6a 18 push 0x18
- .data:00000021 59 pop ecx
- .data:00000022 31 ff xor edi,edi
- .data:00000024 31 c0 xor eax,eax
- .data:00000026 ac lods al,BYTE PTR ds:[esi]
- .data:00000027 3c 61 cmp al,0x61
- .data:00000029 7c 02 jl 0x0000002d
- .data:0000002b 2c 20 sub al,0x20
- .data:0000002d c1 cf 0d ror edi,0xd
- .data:00000030 01 c7 add edi,eax
- .data:00000032 e2 f0 loop 0x00000024
- .data:00000034 81 ff 5b bc 4a 6a cmp edi,0x6a4abc5b
- .data:0000003a 8b 5a 10 mov ebx,DWORD PTR [edx+0x10]
- .data:0000003d 8b 12 mov edx,DWORD PTR [edx]
- .data:0000003f 75 db jne 0x0000001c
- .data:00000041 89 5d fc mov DWORD PTR [ebp-0x4],ebx
- .data:00000044 5f pop edi
- .data:00000045 5e pop esi
- .data:00000046 5b pop ebx
- .data:00000047 8b 45 fc mov eax,DWORD PTR [ebp-0x4]
- .data:0000004a 89 45 d4 mov DWORD PTR [ebp-0x2c],eax
- .data:0000004d 8b 45 d4 mov eax,DWORD PTR [ebp-0x2c]
- .data:00000050 66 81 38 4d 5a cmp WORD PTR [eax],0x5a4d
- .data:00000055 0f 85 0f 02 00 00 jne 0x0000026a
- .data:0000005b 8b 45 fc mov eax,DWORD PTR [ebp-0x4]
- .data:0000005e 33 d2 xor edx,edx
- .data:00000060 52 push edx
- .data:00000061 50 push eax
- .data:00000062 8b 45 d4 mov eax,DWORD PTR [ebp-0x2c]
- .data:00000065 8b 40 3c mov eax,DWORD PTR [eax+0x3c]
- .data:00000068 99 cdq
- .data:00000069 03 04 24 add eax,DWORD PTR [esp]
- .data:0000006c 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:00000070 83 c4 08 add esp,0x8
- .data:00000073 89 45 d0 mov DWORD PTR [ebp-0x30],eax
- .data:00000076 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:00000079 81 38 50 45 00 00 cmp DWORD PTR [eax],0x4550
- .data:0000007f 0f 85 e5 01 00 00 jne 0x0000026a
- .data:00000085 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:00000088 8b 40 78 mov eax,DWORD PTR [eax+0x78]
- .data:0000008b 03 45 fc add eax,DWORD PTR [ebp-0x4]
- .data:0000008e 89 45 cc mov DWORD PTR [ebp-0x34],eax
- .data:00000091 8b 45 cc mov eax,DWORD PTR [ebp-0x34]
- .data:00000094 8b 40 18 mov eax,DWORD PTR [eax+0x18]
- .data:00000097 85 c0 test eax,eax
- .data:00000099 0f 8c cb 01 00 00 jl 0x0000026a
- .data:0000009f 40 inc eax
- .data:000000a0 89 85 3c ff ff ff mov DWORD PTR [ebp-0xc4],eax
- .data:000000a6 33 f6 xor esi,esi
- .data:000000a8 8b 45 fc mov eax,DWORD PTR [ebp-0x4]
- .data:000000ab 33 d2 xor edx,edx
- .data:000000ad 52 push edx
- .data:000000ae 50 push eax
- .data:000000af 8b 45 cc mov eax,DWORD PTR [ebp-0x34]
- .data:000000b2 8b 40 20 mov eax,DWORD PTR [eax+0x20]
- .data:000000b5 33 d2 xor edx,edx
- .data:000000b7 52 push edx
- .data:000000b8 50 push eax
- .data:000000b9 8b c6 mov eax,esi
- .data:000000bb c1 e0 02 shl eax,0x2
- .data:000000be 99 cdq
- .data:000000bf 03 04 24 add eax,DWORD PTR [esp]
- .data:000000c2 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:000000c6 83 c4 08 add esp,0x8
- .data:000000c9 03 04 24 add eax,DWORD PTR [esp]
- .data:000000cc 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:000000d0 83 c4 08 add esp,0x8
- .data:000000d3 8b 08 mov ecx,DWORD PTR [eax]
- .data:000000d5 03 4d fc add ecx,DWORD PTR [ebp-0x4]
- .data:000000d8 81 39 4c 6f 61 64 cmp DWORD PTR [ecx],0x64616f4c
- .data:000000de 75 56 jne 0x00000136
- .data:000000e0 8d 41 04 lea eax,[ecx+0x4]
- .data:000000e3 81 38 4c 69 62 72 cmp DWORD PTR [eax],0x7262694c
- .data:000000e9 75 4b jne 0x00000136
- .data:000000eb 8d 41 08 lea eax,[ecx+0x8]
- .data:000000ee 81 38 61 72 79 41 cmp DWORD PTR [eax],0x41797261
- .data:000000f4 75 40 jne 0x00000136
- .data:000000f6 8d 41 0c lea eax,[ecx+0xc]
- .data:000000f9 80 38 00 cmp BYTE PTR [eax],0x0
- .data:000000fc 75 38 jne 0x00000136
- .data:000000fe 8b 45 cc mov eax,DWORD PTR [ebp-0x34]
- .data:00000101 8b 40 24 mov eax,DWORD PTR [eax+0x24]
- .data:00000104 03 45 fc add eax,DWORD PTR [ebp-0x4]
- .data:00000107 33 d2 xor edx,edx
- .data:00000109 52 push edx
- .data:0000010a 50 push eax
- .data:0000010b 8b c6 mov eax,esi
- .data:0000010d 03 c0 add eax,eax
- .data:0000010f 99 cdq
- .data:00000110 03 04 24 add eax,DWORD PTR [esp]
- .data:00000113 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:00000117 83 c4 08 add esp,0x8
- .data:0000011a 66 8b 00 mov ax,WORD PTR [eax]
- .data:0000011d 8b 55 cc mov edx,DWORD PTR [ebp-0x34]
- .data:00000120 8b 52 1c mov edx,DWORD PTR [edx+0x1c]
- .data:00000123 03 55 fc add edx,DWORD PTR [ebp-0x4]
- .data:00000126 0f b7 c0 movzx eax,ax
- .data:00000129 c1 e0 02 shl eax,0x2
- .data:0000012c 03 d0 add edx,eax
- .data:0000012e 8b 02 mov eax,DWORD PTR [edx]
- .data:00000130 03 45 fc add eax,DWORD PTR [ebp-0x4]
- .data:00000133 89 45 bc mov DWORD PTR [ebp-0x44],eax
- .data:00000136 81 39 47 65 74 50 cmp DWORD PTR [ecx],0x50746547
- .data:0000013c 75 56 jne 0x00000194
- .data:0000013e 8d 41 04 lea eax,[ecx+0x4]
- .data:00000141 81 38 72 6f 63 41 cmp DWORD PTR [eax],0x41636f72
- .data:00000147 75 4b jne 0x00000194
- .data:00000149 8d 41 08 lea eax,[ecx+0x8]
- .data:0000014c 81 38 64 64 72 65 cmp DWORD PTR [eax],0x65726464
- .data:00000152 75 40 jne 0x00000194
- .data:00000154 8d 41 0e lea eax,[ecx+0xe]
- .data:00000157 80 38 00 cmp BYTE PTR [eax],0x0
- .data:0000015a 75 38 jne 0x00000194
- .data:0000015c 8b 45 cc mov eax,DWORD PTR [ebp-0x34]
- .data:0000015f 8b 40 24 mov eax,DWORD PTR [eax+0x24]
- .data:00000162 03 45 fc add eax,DWORD PTR [ebp-0x4]
- .data:00000165 33 d2 xor edx,edx
- .data:00000167 52 push edx
- .data:00000168 50 push eax
- .data:00000169 8b c6 mov eax,esi
- .data:0000016b 03 c0 add eax,eax
- .data:0000016d 99 cdq
- .data:0000016e 03 04 24 add eax,DWORD PTR [esp]
- .data:00000171 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:00000175 83 c4 08 add esp,0x8
- .data:00000178 66 8b 00 mov ax,WORD PTR [eax]
- .data:0000017b 8b 55 cc mov edx,DWORD PTR [ebp-0x34]
- .data:0000017e 8b 52 1c mov edx,DWORD PTR [edx+0x1c]
- .data:00000181 03 55 fc add edx,DWORD PTR [ebp-0x4]
- .data:00000184 0f b7 c0 movzx eax,ax
- .data:00000187 c1 e0 02 shl eax,0x2
- .data:0000018a 03 d0 add edx,eax
- .data:0000018c 8b 02 mov eax,DWORD PTR [edx]
- .data:0000018e 03 45 fc add eax,DWORD PTR [ebp-0x4]
- .data:00000191 89 45 b8 mov DWORD PTR [ebp-0x48],eax
- .data:00000194 81 39 56 69 72 74 cmp DWORD PTR [ecx],0x74726956
- .data:0000019a 75 56 jne 0x000001f2
- .data:0000019c 8d 41 04 lea eax,[ecx+0x4]
- .data:0000019f 81 38 75 61 6c 41 cmp DWORD PTR [eax],0x416c6175
- .data:000001a5 75 4b jne 0x000001f2
- .data:000001a7 8d 41 08 lea eax,[ecx+0x8]
- .data:000001aa 81 38 6c 6c 6f 63 cmp DWORD PTR [eax],0x636f6c6c
- .data:000001b0 75 40 jne 0x000001f2
- .data:000001b2 8d 41 0c lea eax,[ecx+0xc]
- .data:000001b5 80 38 00 cmp BYTE PTR [eax],0x0
- .data:000001b8 75 38 jne 0x000001f2
- .data:000001ba 8b 45 cc mov eax,DWORD PTR [ebp-0x34]
- .data:000001bd 8b 40 24 mov eax,DWORD PTR [eax+0x24]
- .data:000001c0 03 45 fc add eax,DWORD PTR [ebp-0x4]
- .data:000001c3 33 d2 xor edx,edx
- .data:000001c5 52 push edx
- .data:000001c6 50 push eax
- .data:000001c7 8b c6 mov eax,esi
- .data:000001c9 03 c0 add eax,eax
- .data:000001cb 99 cdq
- .data:000001cc 03 04 24 add eax,DWORD PTR [esp]
- .data:000001cf 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:000001d3 83 c4 08 add esp,0x8
- .data:000001d6 66 8b 00 mov ax,WORD PTR [eax]
- .data:000001d9 8b 55 cc mov edx,DWORD PTR [ebp-0x34]
- .data:000001dc 8b 52 1c mov edx,DWORD PTR [edx+0x1c]
- .data:000001df 03 55 fc add edx,DWORD PTR [ebp-0x4]
- .data:000001e2 0f b7 c0 movzx eax,ax
- .data:000001e5 c1 e0 02 shl eax,0x2
- .data:000001e8 03 d0 add edx,eax
- .data:000001ea 8b 02 mov eax,DWORD PTR [edx]
- .data:000001ec 03 45 fc add eax,DWORD PTR [ebp-0x4]
- .data:000001ef 89 45 a8 mov DWORD PTR [ebp-0x58],eax
- .data:000001f2 81 39 45 78 69 74 cmp DWORD PTR [ecx],0x74697845
- .data:000001f8 75 63 jne 0x0000025d
- .data:000001fa 8d 41 04 lea eax,[ecx+0x4]
- .data:000001fd 81 38 50 72 6f 63 cmp DWORD PTR [eax],0x636f7250
- .data:00000203 75 58 jne 0x0000025d
- .data:00000205 8d 41 08 lea eax,[ecx+0x8]
- .data:00000208 80 38 65 cmp BYTE PTR [eax],0x65
- .data:0000020b 75 50 jne 0x0000025d
- .data:0000020d 8d 41 09 lea eax,[ecx+0x9]
- .data:00000210 80 38 73 cmp BYTE PTR [eax],0x73
- .data:00000213 75 48 jne 0x0000025d
- .data:00000215 8d 41 0a lea eax,[ecx+0xa]
- .data:00000218 80 38 73 cmp BYTE PTR [eax],0x73
- .data:0000021b 75 40 jne 0x0000025d
- .data:0000021d 83 c1 0b add ecx,0xb
- .data:00000220 80 39 00 cmp BYTE PTR [ecx],0x0
- .data:00000223 75 38 jne 0x0000025d
- .data:00000225 8b 45 cc mov eax,DWORD PTR [ebp-0x34]
- .data:00000228 8b 40 24 mov eax,DWORD PTR [eax+0x24]
- .data:0000022b 03 45 fc add eax,DWORD PTR [ebp-0x4]
- .data:0000022e 33 d2 xor edx,edx
- .data:00000230 52 push edx
- .data:00000231 50 push eax
- .data:00000232 8b c6 mov eax,esi
- .data:00000234 03 c0 add eax,eax
- .data:00000236 99 cdq
- .data:00000237 03 04 24 add eax,DWORD PTR [esp]
- .data:0000023a 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:0000023e 83 c4 08 add esp,0x8
- .data:00000241 66 8b 00 mov ax,WORD PTR [eax]
- .data:00000244 8b 55 cc mov edx,DWORD PTR [ebp-0x34]
- .data:00000247 8b 52 1c mov edx,DWORD PTR [edx+0x1c]
- .data:0000024a 03 55 fc add edx,DWORD PTR [ebp-0x4]
- .data:0000024d 0f b7 c0 movzx eax,ax
- .data:00000250 c1 e0 02 shl eax,0x2
- .data:00000253 03 d0 add edx,eax
- .data:00000255 8b 02 mov eax,DWORD PTR [edx]
- .data:00000257 03 45 fc add eax,DWORD PTR [ebp-0x4]
- .data:0000025a 89 45 a4 mov DWORD PTR [ebp-0x5c],eax
- .data:0000025d 46 inc esi
- .data:0000025e ff 8d 3c ff ff ff dec DWORD PTR [ebp-0xc4]
- .data:00000264 0f 85 3e fe ff ff jne 0x000000a8
- .data:0000026a c6 85 2f ff ff ff 61 mov BYTE PTR [ebp-0xd1],0x61
- .data:00000271 c6 85 30 ff ff ff 64 mov BYTE PTR [ebp-0xd0],0x64
- .data:00000278 c6 85 31 ff ff ff 76 mov BYTE PTR [ebp-0xcf],0x76
- .data:0000027f c6 85 32 ff ff ff 61 mov BYTE PTR [ebp-0xce],0x61
- .data:00000286 c6 85 33 ff ff ff 70 mov BYTE PTR [ebp-0xcd],0x70
- .data:0000028d c6 85 34 ff ff ff 69 mov BYTE PTR [ebp-0xcc],0x69
- .data:00000294 c6 85 35 ff ff ff 33 mov BYTE PTR [ebp-0xcb],0x33
- .data:0000029b c6 85 36 ff ff ff 32 mov BYTE PTR [ebp-0xca],0x32
- .data:000002a2 c6 85 37 ff ff ff 2e mov BYTE PTR [ebp-0xc9],0x2e
- .data:000002a9 c6 85 38 ff ff ff 64 mov BYTE PTR [ebp-0xc8],0x64
- .data:000002b0 c6 85 39 ff ff ff 6c mov BYTE PTR [ebp-0xc7],0x6c
- .data:000002b7 c6 85 3a ff ff ff 6c mov BYTE PTR [ebp-0xc6],0x6c
- .data:000002be c6 85 3b ff ff ff 00 mov BYTE PTR [ebp-0xc5],0x0
- .data:000002c5 8d 85 2f ff ff ff lea eax,[ebp-0xd1]
- .data:000002cb 50 push eax
- .data:000002cc ff 55 bc call DWORD PTR [ebp-0x44]
- .data:000002cf 8b d8 mov ebx,eax
- .data:000002d1 85 db test ebx,ebx
- .data:000002d3 75 05 jne 0x000002da
- .data:000002d5 6a 00 push 0x0
- .data:000002d7 ff 55 a4 call DWORD PTR [ebp-0x5c]
- .data:000002da 89 5d d4 mov DWORD PTR [ebp-0x2c],ebx
- .data:000002dd 8b 45 d4 mov eax,DWORD PTR [ebp-0x2c]
- .data:000002e0 66 81 38 4d 5a cmp WORD PTR [eax],0x5a4d
- .data:000002e5 0f 85 4f 01 00 00 jne 0x0000043a
- .data:000002eb 8b c3 mov eax,ebx
- .data:000002ed 33 d2 xor edx,edx
- .data:000002ef 52 push edx
- .data:000002f0 50 push eax
- .data:000002f1 8b 45 d4 mov eax,DWORD PTR [ebp-0x2c]
- .data:000002f4 8b 40 3c mov eax,DWORD PTR [eax+0x3c]
- .data:000002f7 99 cdq
- .data:000002f8 03 04 24 add eax,DWORD PTR [esp]
- .data:000002fb 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:000002ff 83 c4 08 add esp,0x8
- .data:00000302 89 45 d0 mov DWORD PTR [ebp-0x30],eax
- .data:00000305 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:00000308 81 38 50 45 00 00 cmp DWORD PTR [eax],0x4550
- .data:0000030e 0f 85 26 01 00 00 jne 0x0000043a
- .data:00000314 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:00000317 8b 40 78 mov eax,DWORD PTR [eax+0x78]
- .data:0000031a 03 c3 add eax,ebx
- .data:0000031c 89 45 cc mov DWORD PTR [ebp-0x34],eax
- .data:0000031f 8b 45 cc mov eax,DWORD PTR [ebp-0x34]
- .data:00000322 8b 40 18 mov eax,DWORD PTR [eax+0x18]
- .data:00000325 85 c0 test eax,eax
- .data:00000327 0f 8c 0d 01 00 00 jl 0x0000043a
- .data:0000032d 40 inc eax
- .data:0000032e 89 85 3c ff ff ff mov DWORD PTR [ebp-0xc4],eax
- .data:00000334 33 f6 xor esi,esi
- .data:00000336 8b c3 mov eax,ebx
- .data:00000338 33 d2 xor edx,edx
- .data:0000033a 52 push edx
- .data:0000033b 50 push eax
- .data:0000033c 8b 45 cc mov eax,DWORD PTR [ebp-0x34]
- .data:0000033f 8b 40 20 mov eax,DWORD PTR [eax+0x20]
- .data:00000342 33 d2 xor edx,edx
- .data:00000344 52 push edx
- .data:00000345 50 push eax
- .data:00000346 8b c6 mov eax,esi
- .data:00000348 c1 e0 02 shl eax,0x2
- .data:0000034b 99 cdq
- .data:0000034c 03 04 24 add eax,DWORD PTR [esp]
- .data:0000034f 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:00000353 83 c4 08 add esp,0x8
- .data:00000356 03 04 24 add eax,DWORD PTR [esp]
- .data:00000359 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:0000035d 83 c4 08 add esp,0x8
- .data:00000360 8b 08 mov ecx,DWORD PTR [eax]
- .data:00000362 03 cb add ecx,ebx
- .data:00000364 81 39 52 65 67 4f cmp DWORD PTR [ecx],0x4f676552
- .data:0000036a 75 5b jne 0x000003c7
- .data:0000036c 8d 41 04 lea eax,[ecx+0x4]
- .data:0000036f 81 38 70 65 6e 4b cmp DWORD PTR [eax],0x4b6e6570
- .data:00000375 75 50 jne 0x000003c7
- .data:00000377 8d 41 08 lea eax,[ecx+0x8]
- .data:0000037a 81 38 65 79 45 78 cmp DWORD PTR [eax],0x78457965
- .data:00000380 75 45 jne 0x000003c7
- .data:00000382 8d 41 0c lea eax,[ecx+0xc]
- .data:00000385 80 38 41 cmp BYTE PTR [eax],0x41
- .data:00000388 75 3d jne 0x000003c7
- .data:0000038a 8d 41 0d lea eax,[ecx+0xd]
- .data:0000038d 80 38 00 cmp BYTE PTR [eax],0x0
- .data:00000390 75 35 jne 0x000003c7
- .data:00000392 8b 45 cc mov eax,DWORD PTR [ebp-0x34]
- .data:00000395 8b 40 24 mov eax,DWORD PTR [eax+0x24]
- .data:00000398 03 c3 add eax,ebx
- .data:0000039a 33 d2 xor edx,edx
- .data:0000039c 52 push edx
- .data:0000039d 50 push eax
- .data:0000039e 8b c6 mov eax,esi
- .data:000003a0 03 c0 add eax,eax
- .data:000003a2 99 cdq
- .data:000003a3 03 04 24 add eax,DWORD PTR [esp]
- .data:000003a6 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:000003aa 83 c4 08 add esp,0x8
- .data:000003ad 66 8b 00 mov ax,WORD PTR [eax]
- .data:000003b0 8b 55 cc mov edx,DWORD PTR [ebp-0x34]
- .data:000003b3 8b 52 1c mov edx,DWORD PTR [edx+0x1c]
- .data:000003b6 03 d3 add edx,ebx
- .data:000003b8 0f b7 c0 movzx eax,ax
- .data:000003bb c1 e0 02 shl eax,0x2
- .data:000003be 03 d0 add edx,eax
- .data:000003c0 8b 02 mov eax,DWORD PTR [edx]
- .data:000003c2 03 c3 add eax,ebx
- .data:000003c4 89 45 b0 mov DWORD PTR [ebp-0x50],eax
- .data:000003c7 81 39 52 65 67 51 cmp DWORD PTR [ecx],0x51676552
- .data:000003cd 75 5e jne 0x0000042d
- .data:000003cf 8d 41 04 lea eax,[ecx+0x4]
- .data:000003d2 81 38 75 65 72 79 cmp DWORD PTR [eax],0x79726575
- .data:000003d8 75 53 jne 0x0000042d
- .data:000003da 8d 41 08 lea eax,[ecx+0x8]
- .data:000003dd 81 38 56 61 6c 75 cmp DWORD PTR [eax],0x756c6156
- .data:000003e3 75 48 jne 0x0000042d
- .data:000003e5 8d 41 0c lea eax,[ecx+0xc]
- .data:000003e8 81 38 65 45 78 41 cmp DWORD PTR [eax],0x41784565
- .data:000003ee 75 3d jne 0x0000042d
- .data:000003f0 83 c1 10 add ecx,0x10
- .data:000003f3 80 39 00 cmp BYTE PTR [ecx],0x0
- .data:000003f6 75 35 jne 0x0000042d
- .data:000003f8 8b 45 cc mov eax,DWORD PTR [ebp-0x34]
- .data:000003fb 8b 40 24 mov eax,DWORD PTR [eax+0x24]
- .data:000003fe 03 c3 add eax,ebx
- .data:00000400 33 d2 xor edx,edx
- .data:00000402 52 push edx
- .data:00000403 50 push eax
- .data:00000404 8b c6 mov eax,esi
- .data:00000406 03 c0 add eax,eax
- .data:00000408 99 cdq
- .data:00000409 03 04 24 add eax,DWORD PTR [esp]
- .data:0000040c 13 54 24 04 adc edx,DWORD PTR [esp+0x4]
- .data:00000410 83 c4 08 add esp,0x8
- .data:00000413 66 8b 00 mov ax,WORD PTR [eax]
- .data:00000416 8b 55 cc mov edx,DWORD PTR [ebp-0x34]
- .data:00000419 8b 52 1c mov edx,DWORD PTR [edx+0x1c]
- .data:0000041c 03 d3 add edx,ebx
- .data:0000041e 0f b7 c0 movzx eax,ax
- .data:00000421 c1 e0 02 shl eax,0x2
- .data:00000424 03 d0 add edx,eax
- .data:00000426 8b 02 mov eax,DWORD PTR [edx]
- .data:00000428 03 c3 add eax,ebx
- .data:0000042a 89 45 ac mov DWORD PTR [ebp-0x54],eax
- .data:0000042d 46 inc esi
- .data:0000042e ff 8d 3c ff ff ff dec DWORD PTR [ebp-0xc4]
- .data:00000434 0f 85 fc fe ff ff jne 0x00000336
- .data:0000043a 8b 45 08 mov eax,DWORD PTR [ebp+0x8]
- .data:0000043d 05 48 0a 00 00 add eax,0xa48
- .data:00000442 89 85 7c ff ff ff mov DWORD PTR [ebp-0x84],eax
- .data:00000448 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:0000044e 05 e4 00 00 00 add eax,0xe4
- .data:00000453 89 85 78 ff ff ff mov DWORD PTR [ebp-0x88],eax
- .data:00000459 33 db xor ebx,ebx
- .data:0000045b 33 c0 xor eax,eax
- .data:0000045d 89 85 64 ff ff ff mov DWORD PTR [ebp-0x9c],eax
- .data:00000463 33 c0 xor eax,eax
- .data:00000465 89 85 60 ff ff ff mov DWORD PTR [ebp-0xa0],eax
- .data:0000046b 8d 85 70 ff ff ff lea eax,[ebp-0x90]
- .data:00000471 50 push eax
- .data:00000472 6a 01 push 0x1
- .data:00000474 6a 00 push 0x0
- .data:00000476 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:0000047c 50 push eax
- .data:0000047d 68 02 00 00 80 push 0x80000002
- .data:00000482 ff 55 b0 call DWORD PTR [ebp-0x50]
- .data:00000485 85 c0 test eax,eax
- .data:00000487 0f 85 86 00 00 00 jne 0x00000513
- .data:0000048d 8d 85 60 ff ff ff lea eax,[ebp-0xa0]
- .data:00000493 50 push eax
- .data:00000494 6a 00 push 0x0
- .data:00000496 8d 85 6c ff ff ff lea eax,[ebp-0x94]
- .data:0000049c 50 push eax
- .data:0000049d 6a 00 push 0x0
- .data:0000049f 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:000004a5 83 c0 41 add eax,0x41
- .data:000004a8 50 push eax
- .data:000004a9 8b 85 70 ff ff ff mov eax,DWORD PTR [ebp-0x90]
- .data:000004af 50 push eax
- .data:000004b0 ff 55 ac call DWORD PTR [ebp-0x54]
- .data:000004b3 85 c0 test eax,eax
- .data:000004b5 75 5c jne 0x00000513
- .data:000004b7 83 bd 60 ff ff ff 64 cmp DWORD PTR [ebp-0xa0],0x64
- .data:000004be 76 53 jbe 0x00000513
- .data:000004c0 6a 40 push 0x40
- .data:000004c2 68 00 30 00 00 push 0x3000
- .data:000004c7 8b 85 60 ff ff ff mov eax,DWORD PTR [ebp-0xa0]
- .data:000004cd 50 push eax
- .data:000004ce 6a 00 push 0x0
- .data:000004d0 ff 55 a8 call DWORD PTR [ebp-0x58]
- .data:000004d3 89 85 64 ff ff ff mov DWORD PTR [ebp-0x9c],eax
- .data:000004d9 83 bd 64 ff ff ff 00 cmp DWORD PTR [ebp-0x9c],0x0
- .data:000004e0 74 31 je 0x00000513
- .data:000004e2 8d 85 60 ff ff ff lea eax,[ebp-0xa0]
- .data:000004e8 50 push eax
- .data:000004e9 8b 85 64 ff ff ff mov eax,DWORD PTR [ebp-0x9c]
- .data:000004ef 50 push eax
- .data:000004f0 8d 85 6c ff ff ff lea eax,[ebp-0x94]
- .data:000004f6 50 push eax
- .data:000004f7 6a 00 push 0x0
- .data:000004f9 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:000004ff 83 c0 41 add eax,0x41
- .data:00000502 50 push eax
- .data:00000503 8b 85 70 ff ff ff mov eax,DWORD PTR [ebp-0x90]
- .data:00000509 50 push eax
- .data:0000050a ff 55 ac call DWORD PTR [ebp-0x54]
- .data:0000050d 85 c0 test eax,eax
- .data:0000050f 75 02 jne 0x00000513
- .data:00000511 b3 01 mov bl,0x1
- .data:00000513 33 c0 xor eax,eax
- .data:00000515 89 85 70 ff ff ff mov DWORD PTR [ebp-0x90],eax
- .data:0000051b 84 db test bl,bl
- .data:0000051d 0f 85 b8 00 00 00 jne 0x000005db
- .data:00000523 33 c0 xor eax,eax
- .data:00000525 89 85 64 ff ff ff mov DWORD PTR [ebp-0x9c],eax
- .data:0000052b 33 c0 xor eax,eax
- .data:0000052d 89 85 60 ff ff ff mov DWORD PTR [ebp-0xa0],eax
- .data:00000533 8d 85 70 ff ff ff lea eax,[ebp-0x90]
- .data:00000539 50 push eax
- .data:0000053a 6a 01 push 0x1
- .data:0000053c 6a 00 push 0x0
- .data:0000053e 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:00000544 50 push eax
- .data:00000545 68 01 00 00 80 push 0x80000001
- .data:0000054a ff 55 b0 call DWORD PTR [ebp-0x50]
- .data:0000054d 85 c0 test eax,eax
- .data:0000054f 0f 85 86 00 00 00 jne 0x000005db
- .data:00000555 8d 85 60 ff ff ff lea eax,[ebp-0xa0]
- .data:0000055b 50 push eax
- .data:0000055c 6a 00 push 0x0
- .data:0000055e 8d 85 6c ff ff ff lea eax,[ebp-0x94]
- .data:00000564 50 push eax
- .data:00000565 6a 00 push 0x0
- .data:00000567 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:0000056d 83 c0 41 add eax,0x41
- .data:00000570 50 push eax
- .data:00000571 8b 85 70 ff ff ff mov eax,DWORD PTR [ebp-0x90]
- .data:00000577 50 push eax
- .data:00000578 ff 55 ac call DWORD PTR [ebp-0x54]
- .data:0000057b 85 c0 test eax,eax
- .data:0000057d 75 5c jne 0x000005db
- .data:0000057f 83 bd 60 ff ff ff 64 cmp DWORD PTR [ebp-0xa0],0x64
- .data:00000586 76 53 jbe 0x000005db
- .data:00000588 6a 40 push 0x40
- .data:0000058a 68 00 30 00 00 push 0x3000
- .data:0000058f 8b 85 60 ff ff ff mov eax,DWORD PTR [ebp-0xa0]
- .data:00000595 50 push eax
- .data:00000596 6a 00 push 0x0
- .data:00000598 ff 55 a8 call DWORD PTR [ebp-0x58]
- .data:0000059b 89 85 64 ff ff ff mov DWORD PTR [ebp-0x9c],eax
- .data:000005a1 83 bd 64 ff ff ff 00 cmp DWORD PTR [ebp-0x9c],0x0
- .data:000005a8 74 31 je 0x000005db
- .data:000005aa 8d 85 60 ff ff ff lea eax,[ebp-0xa0]
- .data:000005b0 50 push eax
- .data:000005b1 8b 85 64 ff ff ff mov eax,DWORD PTR [ebp-0x9c]
- .data:000005b7 50 push eax
- .data:000005b8 8d 85 6c ff ff ff lea eax,[ebp-0x94]
- .data:000005be 50 push eax
- .data:000005bf 6a 00 push 0x0
- .data:000005c1 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:000005c7 83 c0 41 add eax,0x41
- .data:000005ca 50 push eax
- .data:000005cb 8b 85 70 ff ff ff mov eax,DWORD PTR [ebp-0x90]
- .data:000005d1 50 push eax
- .data:000005d2 ff 55 ac call DWORD PTR [ebp-0x54]
- .data:000005d5 85 c0 test eax,eax
- .data:000005d7 75 02 jne 0x000005db
- .data:000005d9 b3 01 mov bl,0x1
- .data:000005db 84 db test bl,bl
- .data:000005dd 75 05 jne 0x000005e4
- .data:000005df 6a 00 push 0x0
- .data:000005e1 ff 55 a4 call DWORD PTR [ebp-0x5c]
- .data:000005e4 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:000005ea 8b 80 dc 00 00 00 mov eax,DWORD PTR [eax+0xdc]
- .data:000005f0 50 push eax
- .data:000005f1 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:000005f7 83 c0 52 add eax,0x52
- .data:000005fa 50 push eax
- .data:000005fb 8d 85 00 fa ff ff lea eax,[ebp-0x600]
- .data:00000601 50 push eax
- .data:00000602 ff 95 78 ff ff ff call DWORD PTR [ebp-0x88]
- .data:00000608 33 f6 xor esi,esi
- .data:0000060a 8d 8d 00 fb ff ff lea ecx,[ebp-0x500]
- .data:00000610 89 31 mov DWORD PTR [ecx],esi
- .data:00000612 46 inc esi
- .data:00000613 83 c1 04 add ecx,0x4
- .data:00000616 81 fe 00 01 00 00 cmp esi,0x100
- .data:0000061c 75 f2 jne 0x00000610
- .data:0000061e 33 db xor ebx,ebx
- .data:00000620 33 f6 xor esi,esi
- .data:00000622 8d 8d 00 fb ff ff lea ecx,[ebp-0x500]
- .data:00000628 03 19 add ebx,DWORD PTR [ecx]
- .data:0000062a 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:00000630 ff b0 dc 00 00 00 push DWORD PTR [eax+0xdc]
- .data:00000636 8b c6 mov eax,esi
- .data:00000638 5a pop edx
- .data:00000639 8b fa mov edi,edx
- .data:0000063b 33 d2 xor edx,edx
- .data:0000063d f7 f7 div edi
- .data:0000063f 33 c0 xor eax,eax
- .data:00000641 8a 84 15 00 fa ff ff mov al,BYTE PTR [ebp+edx*1-0x600]
- .data:00000648 03 d8 add ebx,eax
- .data:0000064a 81 e3 ff 00 00 00 and ebx,0xff
- .data:00000650 8a 01 mov al,BYTE PTR [ecx]
- .data:00000652 8b 94 9d 00 fb ff ff mov edx,DWORD PTR [ebp+ebx*4-0x500]
- .data:00000659 89 11 mov DWORD PTR [ecx],edx
- .data:0000065b 25 ff 00 00 00 and eax,0xff
- .data:00000660 89 84 9d 00 fb ff ff mov DWORD PTR [ebp+ebx*4-0x500],eax
- .data:00000667 46 inc esi
- .data:00000668 83 c1 04 add ecx,0x4
- .data:0000066b 81 fe 00 01 00 00 cmp esi,0x100
- .data:00000671 75 b5 jne 0x00000628
- .data:00000673 33 db xor ebx,ebx
- .data:00000675 33 ff xor edi,edi
- .data:00000677 6a 40 push 0x40
- .data:00000679 68 00 30 00 00 push 0x3000
- .data:0000067e 8b 85 60 ff ff ff mov eax,DWORD PTR [ebp-0xa0]
- .data:00000684 50 push eax
- .data:00000685 6a 00 push 0x0
- .data:00000687 ff 55 a8 call DWORD PTR [ebp-0x58]
- .data:0000068a 89 85 5c ff ff ff mov DWORD PTR [ebp-0xa4],eax
- .data:00000690 83 bd 5c ff ff ff 00 cmp DWORD PTR [ebp-0xa4],0x0
- .data:00000697 74 29 je 0x000006c2
- .data:00000699 8b 85 5c ff ff ff mov eax,DWORD PTR [ebp-0xa4]
- .data:0000069f 89 85 4c ff ff ff mov DWORD PTR [ebp-0xb4],eax
- .data:000006a5 8b 85 60 ff ff ff mov eax,DWORD PTR [ebp-0xa0]
- .data:000006ab 50 push eax
- .data:000006ac 8b 85 64 ff ff ff mov eax,DWORD PTR [ebp-0x9c]
- .data:000006b2 50 push eax
- .data:000006b3 8b 85 4c ff ff ff mov eax,DWORD PTR [ebp-0xb4]
- .data:000006b9 50 push eax
- .data:000006ba ff 95 78 ff ff ff call DWORD PTR [ebp-0x88]
- .data:000006c0 eb 05 jmp 0x000006c7
- .data:000006c2 6a 00 push 0x0
- .data:000006c4 ff 55 a4 call DWORD PTR [ebp-0x5c]
- .data:000006c7 8b 85 60 ff ff ff mov eax,DWORD PTR [ebp-0xa0]
- .data:000006cd 48 dec eax
- .data:000006ce 85 c0 test eax,eax
- .data:000006d0 72 74 jb 0x00000746
- .data:000006d2 40 inc eax
- .data:000006d3 89 85 3c ff ff ff mov DWORD PTR [ebp-0xc4],eax
- .data:000006d9 33 f6 xor esi,esi
- .data:000006db 43 inc ebx
- .data:000006dc 81 e3 ff 00 00 00 and ebx,0xff
- .data:000006e2 03 bc 9d 00 fb ff ff add edi,DWORD PTR [ebp+ebx*4-0x500]
- .data:000006e9 81 e7 ff 00 00 00 and edi,0xff
- .data:000006ef 8a 84 9d 00 fb ff ff mov al,BYTE PTR [ebp+ebx*4-0x500]
- .data:000006f6 8b 94 bd 00 fb ff ff mov edx,DWORD PTR [ebp+edi*4-0x500]
- .data:000006fd 89 94 9d 00 fb ff ff mov DWORD PTR [ebp+ebx*4-0x500],edx
- .data:00000704 25 ff 00 00 00 and eax,0xff
- .data:00000709 89 84 bd 00 fb ff ff mov DWORD PTR [ebp+edi*4-0x500],eax
- .data:00000710 8b 85 4c ff ff ff mov eax,DWORD PTR [ebp-0xb4]
- .data:00000716 8a 04 30 mov al,BYTE PTR [eax+esi*1]
- .data:00000719 8b 94 9d 00 fb ff ff mov edx,DWORD PTR [ebp+ebx*4-0x500]
- .data:00000720 03 94 bd 00 fb ff ff add edx,DWORD PTR [ebp+edi*4-0x500]
- .data:00000727 81 e2 ff 00 00 00 and edx,0xff
- .data:0000072d 32 84 95 00 fb ff ff xor al,BYTE PTR [ebp+edx*4-0x500]
- .data:00000734 8b 95 4c ff ff ff mov edx,DWORD PTR [ebp-0xb4]
- .data:0000073a 88 04 32 mov BYTE PTR [edx+esi*1],al
- .data:0000073d 46 inc esi
- .data:0000073e ff 8d 3c ff ff ff dec DWORD PTR [ebp-0xc4]
- .data:00000744 75 95 jne 0x000006db
- .data:00000746 8b 85 4c ff ff ff mov eax,DWORD PTR [ebp-0xb4]
- .data:0000074c 89 45 d4 mov DWORD PTR [ebp-0x2c],eax
- .data:0000074f 8b 45 d4 mov eax,DWORD PTR [ebp-0x2c]
- .data:00000752 66 81 38 4d 5a cmp WORD PTR [eax],0x5a4d
- .data:00000757 0f 85 da 02 00 00 jne 0x00000a37
- .data:0000075d 8b 45 d4 mov eax,DWORD PTR [ebp-0x2c]
- .data:00000760 8b 40 3c mov eax,DWORD PTR [eax+0x3c]
- .data:00000763 03 85 4c ff ff ff add eax,DWORD PTR [ebp-0xb4]
- .data:00000769 89 45 d0 mov DWORD PTR [ebp-0x30],eax
- .data:0000076c 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:0000076f 81 38 50 45 00 00 cmp DWORD PTR [eax],0x4550
- .data:00000775 0f 85 bc 02 00 00 jne 0x00000a37
- .data:0000077b 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:0000077e 8b 58 50 mov ebx,DWORD PTR [eax+0x50]
- .data:00000781 03 db add ebx,ebx
- .data:00000783 6a 40 push 0x40
- .data:00000785 68 00 30 00 00 push 0x3000
- .data:0000078a 53 push ebx
- .data:0000078b 6a 00 push 0x0
- .data:0000078d ff 55 a8 call DWORD PTR [ebp-0x58]
- .data:00000790 89 45 f8 mov DWORD PTR [ebp-0x8],eax
- .data:00000793 83 7d f8 00 cmp DWORD PTR [ebp-0x8],0x0
- .data:00000797 0f 84 9a 02 00 00 je 0x00000a37
- .data:0000079d 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:000007a0 8b 40 54 mov eax,DWORD PTR [eax+0x54]
- .data:000007a3 50 push eax
- .data:000007a4 8b 85 4c ff ff ff mov eax,DWORD PTR [ebp-0xb4]
- .data:000007aa 50 push eax
- .data:000007ab 8b 45 f8 mov eax,DWORD PTR [ebp-0x8]
- .data:000007ae 50 push eax
- .data:000007af ff 95 78 ff ff ff call DWORD PTR [ebp-0x88]
- .data:000007b5 6a 04 push 0x4
- .data:000007b7 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:000007bd 05 e0 00 00 00 add eax,0xe0
- .data:000007c2 50 push eax
- .data:000007c3 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:000007c6 8b 40 50 mov eax,DWORD PTR [eax+0x50]
- .data:000007c9 03 45 f8 add eax,DWORD PTR [ebp-0x8]
- .data:000007cc 50 push eax
- .data:000007cd ff 95 78 ff ff ff call DWORD PTR [ebp-0x88]
- .data:000007d3 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:000007d9 8b 80 e0 00 00 00 mov eax,DWORD PTR [eax+0xe0]
- .data:000007df 50 push eax
- .data:000007e0 8b 85 4c ff ff ff mov eax,DWORD PTR [ebp-0xb4]
- .data:000007e6 50 push eax
- .data:000007e7 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:000007ea 8b 40 50 mov eax,DWORD PTR [eax+0x50]
- .data:000007ed 03 45 f8 add eax,DWORD PTR [ebp-0x8]
- .data:000007f0 83 c0 04 add eax,0x4
- .data:000007f3 50 push eax
- .data:000007f4 ff 95 78 ff ff ff call DWORD PTR [ebp-0x88]
- .data:000007fa 6a 60 push 0x60
- .data:000007fc 8b 85 7c ff ff ff mov eax,DWORD PTR [ebp-0x84]
- .data:00000802 83 c0 7a add eax,0x7a
- .data:00000805 50 push eax
- .data:00000806 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:00000809 8b 40 50 mov eax,DWORD PTR [eax+0x50]
- .data:0000080c 03 45 f8 add eax,DWORD PTR [ebp-0x8]
- .data:0000080f 83 c0 04 add eax,0x4
- .data:00000812 8b 95 7c ff ff ff mov edx,DWORD PTR [ebp-0x84]
- .data:00000818 03 82 e0 00 00 00 add eax,DWORD PTR [edx+0xe0]
- .data:0000081e 50 push eax
- .data:0000081f ff 95 78 ff ff ff call DWORD PTR [ebp-0x88]
- .data:00000825 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:00000828 0f b7 40 06 movzx eax,WORD PTR [eax+0x6]
- .data:0000082c 48 dec eax
- .data:0000082d 85 c0 test eax,eax
- .data:0000082f 7c 5f jl 0x00000890
- .data:00000831 40 inc eax
- .data:00000832 89 85 3c ff ff ff mov DWORD PTR [ebp-0xc4],eax
- .data:00000838 33 f6 xor esi,esi
- .data:0000083a 8b 55 d4 mov edx,DWORD PTR [ebp-0x2c]
- .data:0000083d 8b 52 3c mov edx,DWORD PTR [edx+0x3c]
- .data:00000840 8b 85 4c ff ff ff mov eax,DWORD PTR [ebp-0xb4]
- .data:00000846 03 d0 add edx,eax
- .data:00000848 81 c2 f8 00 00 00 add edx,0xf8
- .data:0000084e 8b ce mov ecx,esi
- .data:00000850 c1 e1 03 shl ecx,0x3
- .data:00000853 8d 0c 89 lea ecx,[ecx+ecx*4]
- .data:00000856 03 d1 add edx,ecx
- .data:00000858 89 95 50 ff ff ff mov DWORD PTR [ebp-0xb0],edx
- .data:0000085e 8b 95 50 ff ff ff mov edx,DWORD PTR [ebp-0xb0]
- .data:00000864 8b 52 10 mov edx,DWORD PTR [edx+0x10]
- .data:00000867 52 push edx
- .data:00000868 8b 95 50 ff ff ff mov edx,DWORD PTR [ebp-0xb0]
- .data:0000086e 8b 52 14 mov edx,DWORD PTR [edx+0x14]
- .data:00000871 03 d0 add edx,eax
- .data:00000873 52 push edx
- .data:00000874 8b 85 50 ff ff ff mov eax,DWORD PTR [ebp-0xb0]
- .data:0000087a 8b 40 0c mov eax,DWORD PTR [eax+0xc]
- .data:0000087d 03 45 f8 add eax,DWORD PTR [ebp-0x8]
- .data:00000880 50 push eax
- .data:00000881 ff 95 78 ff ff ff call DWORD PTR [ebp-0x88]
- .data:00000887 46 inc esi
- .data:00000888 ff 8d 3c ff ff ff dec DWORD PTR [ebp-0xc4]
- .data:0000088e 75 aa jne 0x0000083a
- .data:00000890 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:00000893 8b 40 34 mov eax,DWORD PTR [eax+0x34]
- .data:00000896 3b 45 f8 cmp eax,DWORD PTR [ebp-0x8]
- .data:00000899 0f 84 cb 00 00 00 je 0x0000096a
- .data:0000089f 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:000008a2 8b 55 f8 mov edx,DWORD PTR [ebp-0x8]
- .data:000008a5 2b 50 34 sub edx,DWORD PTR [eax+0x34]
- .data:000008a8 89 55 d8 mov DWORD PTR [ebp-0x28],edx
- .data:000008ab 8b 45 f8 mov eax,DWORD PTR [ebp-0x8]
- .data:000008ae 89 45 f0 mov DWORD PTR [ebp-0x10],eax
- .data:000008b1 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:000008b4 83 b8 a4 00 00 00 00 cmp DWORD PTR [eax+0xa4],0x0
- .data:000008bb 0f 86 87 00 00 00 jbe 0x00000948
- .data:000008c1 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:000008c4 8b 80 a0 00 00 00 mov eax,DWORD PTR [eax+0xa0]
- .data:000008ca 03 45 f0 add eax,DWORD PTR [ebp-0x10]
- .data:000008cd 89 45 ec mov DWORD PTR [ebp-0x14],eax
- .data:000008d0 eb 6e jmp 0x00000940
- .data:000008d2 8b 45 ec mov eax,DWORD PTR [ebp-0x14]
- .data:000008d5 8b 00 mov eax,DWORD PTR [eax]
- .data:000008d7 03 45 f0 add eax,DWORD PTR [ebp-0x10]
- .data:000008da 89 45 e8 mov DWORD PTR [ebp-0x18],eax
- .data:000008dd 8b 45 ec mov eax,DWORD PTR [ebp-0x14]
- .data:000008e0 83 c0 08 add eax,0x8
- .data:000008e3 89 45 e4 mov DWORD PTR [ebp-0x1c],eax
- .data:000008e6 8b 45 ec mov eax,DWORD PTR [ebp-0x14]
- .data:000008e9 8b 40 04 mov eax,DWORD PTR [eax+0x4]
- .data:000008ec 83 e8 08 sub eax,0x8
- .data:000008ef d1 e8 shr eax,1
- .data:000008f1 48 dec eax
- .data:000008f2 85 c0 test eax,eax
- .data:000008f4 72 3e jb 0x00000934
- .data:000008f6 40 inc eax
- .data:000008f7 89 85 3c ff ff ff mov DWORD PTR [ebp-0xc4],eax
- .data:000008fd 8b 45 e4 mov eax,DWORD PTR [ebp-0x1c]
- .data:00000900 66 8b 10 mov dx,WORD PTR [eax]
- .data:00000903 0f b7 c2 movzx eax,dx
- .data:00000906 c1 e8 0c shr eax,0xc
- .data:00000909 8b ca mov ecx,edx
- .data:0000090b 66 81 e1 ff 0f and cx,0xfff
- .data:00000910 0f b7 c9 movzx ecx,cx
- .data:00000913 83 f8 03 cmp eax,0x3
- .data:00000916 75 10 jne 0x00000928
- .data:00000918 8b 45 e8 mov eax,DWORD PTR [ebp-0x18]
- .data:0000091b 03 c1 add eax,ecx
- .data:0000091d 89 45 e0 mov DWORD PTR [ebp-0x20],eax
- .data:00000920 8b 45 e0 mov eax,DWORD PTR [ebp-0x20]
- .data:00000923 8b 55 d8 mov edx,DWORD PTR [ebp-0x28]
- .data:00000926 01 10 add DWORD PTR [eax],edx
- .data:00000928 83 45 e4 02 add DWORD PTR [ebp-0x1c],0x2
- .data:0000092c ff 8d 3c ff ff ff dec DWORD PTR [ebp-0xc4]
- .data:00000932 75 c9 jne 0x000008fd
- .data:00000934 8b 45 ec mov eax,DWORD PTR [ebp-0x14]
- .data:00000937 8b 40 04 mov eax,DWORD PTR [eax+0x4]
- .data:0000093a 03 45 ec add eax,DWORD PTR [ebp-0x14]
- .data:0000093d 89 45 ec mov DWORD PTR [ebp-0x14],eax
- .data:00000940 8b 45 ec mov eax,DWORD PTR [ebp-0x14]
- .data:00000943 83 38 00 cmp DWORD PTR [eax],0x0
- .data:00000946 77 8a ja 0x000008d2
- .data:00000948 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:0000094b 8b 55 f8 mov edx,DWORD PTR [ebp-0x8]
- .data:0000094e 89 50 34 mov DWORD PTR [eax+0x34],edx
- .data:00000951 68 f8 00 00 00 push 0xf8
- .data:00000956 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:00000959 50 push eax
- .data:0000095a 8b 45 d4 mov eax,DWORD PTR [ebp-0x2c]
- .data:0000095d 8b 40 3c mov eax,DWORD PTR [eax+0x3c]
- .data:00000960 03 45 f8 add eax,DWORD PTR [ebp-0x8]
- .data:00000963 50 push eax
- .data:00000964 ff 95 78 ff ff ff call DWORD PTR [ebp-0x88]
- .data:0000096a 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:0000096d 05 80 00 00 00 add eax,0x80
- .data:00000972 89 45 90 mov DWORD PTR [ebp-0x70],eax
- .data:00000975 8b 45 90 mov eax,DWORD PTR [ebp-0x70]
- .data:00000978 83 78 04 00 cmp DWORD PTR [eax+0x4],0x0
- .data:0000097c 0f 86 9e 00 00 00 jbe 0x00000a20
- .data:00000982 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:00000985 8b 80 80 00 00 00 mov eax,DWORD PTR [eax+0x80]
- .data:0000098b 03 45 f8 add eax,DWORD PTR [ebp-0x8]
- .data:0000098e 89 45 8c mov DWORD PTR [ebp-0x74],eax
- .data:00000991 eb 7f jmp 0x00000a12
- .data:00000993 03 7d f8 add edi,DWORD PTR [ebp-0x8]
- .data:00000996 57 push edi
- .data:00000997 ff 55 bc call DWORD PTR [ebp-0x44]
- .data:0000099a 8b d8 mov ebx,eax
- .data:0000099c 85 db test ebx,ebx
- .data:0000099e 74 72 je 0x00000a12
- .data:000009a0 8b 45 8c mov eax,DWORD PTR [ebp-0x74]
- .data:000009a3 83 38 00 cmp DWORD PTR [eax],0x0
- .data:000009a6 74 0d je 0x000009b5
- .data:000009a8 8b 45 8c mov eax,DWORD PTR [ebp-0x74]
- .data:000009ab 8b 00 mov eax,DWORD PTR [eax]
- .data:000009ad 03 45 f8 add eax,DWORD PTR [ebp-0x8]
- .data:000009b0 89 45 88 mov DWORD PTR [ebp-0x78],eax
- .data:000009b3 eb 0c jmp 0x000009c1
- .data:000009b5 8b 45 8c mov eax,DWORD PTR [ebp-0x74]
- .data:000009b8 8b 40 10 mov eax,DWORD PTR [eax+0x10]
- .data:000009bb 03 45 f8 add eax,DWORD PTR [ebp-0x8]
- .data:000009be 89 45 88 mov DWORD PTR [ebp-0x78],eax
- .data:000009c1 8b 45 8c mov eax,DWORD PTR [ebp-0x74]
- .data:000009c4 8b 40 10 mov eax,DWORD PTR [eax+0x10]
- .data:000009c7 03 45 f8 add eax,DWORD PTR [ebp-0x8]
- .data:000009ca 89 45 84 mov DWORD PTR [ebp-0x7c],eax
- .data:000009cd eb 37 jmp 0x00000a06
- .data:000009cf 8b 45 88 mov eax,DWORD PTR [ebp-0x78]
- .data:000009d2 8b 30 mov esi,DWORD PTR [eax]
- .data:000009d4 f7 c6 00 00 00 80 test esi,0x80000000
- .data:000009da 74 12 je 0x000009ee
- .data:000009dc 81 e6 ff ff 00 00 and esi,0xffff
- .data:000009e2 56 push esi
- .data:000009e3 53 push ebx
- .data:000009e4 ff 55 b8 call DWORD PTR [ebp-0x48]
- .data:000009e7 8b 55 84 mov edx,DWORD PTR [ebp-0x7c]
- .data:000009ea 89 02 mov DWORD PTR [edx],eax
- .data:000009ec eb 10 jmp 0x000009fe
- .data:000009ee 03 75 f8 add esi,DWORD PTR [ebp-0x8]
- .data:000009f1 83 c6 02 add esi,0x2
- .data:000009f4 56 push esi
- .data:000009f5 53 push ebx
- .data:000009f6 ff 55 b8 call DWORD PTR [ebp-0x48]
- .data:000009f9 8b 55 84 mov edx,DWORD PTR [ebp-0x7c]
- .data:000009fc 89 02 mov DWORD PTR [edx],eax
- .data:000009fe 83 45 88 04 add DWORD PTR [ebp-0x78],0x4
- .data:00000a02 83 45 84 04 add DWORD PTR [ebp-0x7c],0x4
- .data:00000a06 8b 45 88 mov eax,DWORD PTR [ebp-0x78]
- .data:00000a09 83 38 00 cmp DWORD PTR [eax],0x0
- .data:00000a0c 75 c1 jne 0x000009cf
- .data:00000a0e 83 45 8c 14 add DWORD PTR [ebp-0x74],0x14
- .data:00000a12 8b 45 8c mov eax,DWORD PTR [ebp-0x74]
- .data:00000a15 8b 78 0c mov edi,DWORD PTR [eax+0xc]
- .data:00000a18 85 ff test edi,edi
- .data:00000a1a 0f 85 73 ff ff ff jne 0x00000993
- .data:00000a20 8b 45 d0 mov eax,DWORD PTR [ebp-0x30]
- .data:00000a23 8b 40 28 mov eax,DWORD PTR [eax+0x28]
- .data:00000a26 03 45 f8 add eax,DWORD PTR [ebp-0x8]
- .data:00000a29 89 45 f4 mov DWORD PTR [ebp-0xc],eax
- .data:00000a2c 31 c0 xor eax,eax
- .data:00000a2e 50 push eax
- .data:00000a2f 6a 01 push 0x1
- .data:00000a31 ff 75 f8 push DWORD PTR [ebp-0x8]
- .data:00000a34 ff 55 f4 call DWORD PTR [ebp-0xc]
- .data:00000a37 6a 00 push 0x0
- .data:00000a39 ff 55 a4 call DWORD PTR [ebp-0x5c]
- .data:00000a3c 5f pop edi
- .data:00000a3d 5e pop esi
- .data:00000a3e 5b pop ebx
- .data:00000a3f 8b e5 mov esp,ebp
- .data:00000a41 5d pop ebp
- .data:00000a42 c2 04 00 ret 0x4
- .data:00000a45 8d 40 00 lea eax,[eax+0x0]
- .data:00000a48 73 6f jae 0x00000ab9
- .data:00000a4a 66 74 77 data16 je 0x00000ac4
- .data:00000a4d 61 popa
- .data:00000a4e 72 65 jb 0x00000ab5
- .data:00000a50 5c pop esp
- .data:00000a51 5a pop edx
- .data:00000a52 69 71 52 65 61 42 61 imul esi,DWORD PTR [ecx+0x52],0x61426165
- .data:00000a59 00 00 add BYTE PTR [eax],al
- .data:00000a5b 00 a4 f8 a0 03 7c 5b add BYTE PTR [eax+edi*8+0x5b7c03a0],ah
- .data:00000a62 16 push ss
- .data:00000a63 75 00 jne 0x00000a65
- .data:00000a65 00 00 add BYTE PTR [eax],al
- .data:00000a67 00 84 5b 16 75 41 2d add BYTE PTR [ebx+ebx*2+0x2d417516],al
- .data:00000a6e d9 8f 2c 7b 0a 00 (bad) [edi+0xa7b2c]
- .data:00000a74 01 00 add DWORD PTR [eax],eax
- .data:00000a76 00 80 00 00 00 00 add BYTE PTR [eax+0x0],al
- .data:00000a7c 00 00 add BYTE PTR [eax],al
- .data:00000a7e 00 00 add BYTE PTR [eax],al
- .data:00000a80 00 00 add BYTE PTR [eax],al
- .data:00000a82 00 00 add BYTE PTR [eax],al
- .data:00000a84 58 pop eax
- .data:00000a85 6a 51 push 0x51
- .data:00000a87 00 e0 add al,ah
- .data:00000a89 58 pop eax
- .data:00000a8a 70 32 jo 0x00000abe
- .data:00000a8c 30 5a 6b xor BYTE PTR [edx+0x6b],bl
- .data:00000a8f 00 12 add BYTE PTR [edx],dl
- .data:00000a91 00 12 add BYTE PTR [edx],dl
- .data:00000a93 00 24 b8 add BYTE PTR [eax+edi*4],ah
- .data:00000a96 20 03 and BYTE PTR [ebx],al
- .data:00000a98 00 00 add BYTE PTR [eax],al
- .data:00000a9a f1 icebp
- .data:00000a9b b7 90 mov bh,0x90
- .data:00000a9d 38 26 cmp BYTE PTR [esi],ah
- .data:00000a9f 51 push ecx
- .data:00000aa0 08 6e 74 or BYTE PTR [esi+0x74],ch
- .data:00000aa3 e4 55 in al,0x55
- .data:00000aa5 1a f5 sbb dh,ch
- .data:00000aa7 e9 8a 0a ca 3c jmp 0x3cca1536
- .data:00000aac e5 e3 in eax,0xe3
- .data:00000aae 1e push ds
- .data:00000aaf e1 11 loope 0x00000ac2
- .data:00000ab1 88 dd mov ch,bl
- .data:00000ab3 4a dec edx
- .data:00000ab4 db f8 fnop
- .data:00000ab6 a0 03 3d 2d d9 mov al,ds:0xd92d3d03
- .data:00000abb 8f (bad)
- .data:00000abc 14 f9 adc al,0xf9
- .data:00000abe a0 03 bb 3f 73 mov al,ds:0x733fbb03
- .data:00000ac3 00 68 00 add BYTE PTR [eax+0x0],ch
- .data:00000ac6 65 00 6c 00 6c add BYTE PTR gs:[eax+eax*1+0x6c],ch
- .data:00000acb 00 3c 00 add BYTE PTR [eax+eax*1],bh
- .data:00000ace 3c 00 cmp al,0x0
- .data:00000ad0 3a 00 cmp al,BYTE PTR [eax]
- .data:00000ad2 3a 00 cmp al,BYTE PTR [eax]
- .data:00000ad4 3e 00 3e add BYTE PTR ds:[esi],bh
- .data:00000ad7 00 73 00 add BYTE PTR [ebx+0x0],dh
- .data:00000ada 68 00 65 00 6c push 0x6c006500
- .data:00000adf 00 6c 00 00 add BYTE PTR [eax+eax*1+0x0],ch
- .data:00000ae3 00 00 add BYTE PTR [eax],al
- .data:00000ae5 00 00 add BYTE PTR [eax],al
- .data:00000ae7 00 68 cd add BYTE PTR [eax-0x33],ch
- .data:00000aea 20 03 and BYTE PTR [ebx],al
- .data:00000aec e8 f8 a0 03 3a call 0x3a03abe9
- .data:00000af1 44 inc esp
- .data:00000af2 26 75 bc es jne 0x00000ab1
- .data:00000af5 66 43 inc bx
- .data:00000af7 75 00 jne 0x00000af9
- .data:00000af9 00 00 add BYTE PTR [eax],al
- .data:00000afb 00 1a add BYTE PTR [edx],bl
- .data:00000afd 00 00 add BYTE PTR [eax],al
- .data:00000aff 00 08 add BYTE PTR [eax],cl
- .data:00000b01 00 00 add BYTE PTR [eax],al
- .data:00000b03 00 0c f9 add BYTE PTR [ecx+edi*8],cl
- .data:00000b06 a0 03 00 00 00 mov al,ds:0x3
- .data:00000b0b 00 d4 add ah,dl
- .data:00000b0d b3 81 mov bl,0x81
- .data:00000b0f 03 1a add ebx,DWORD PTR [edx]
- .data:00000b11 00 00 add BYTE PTR [eax],al
- .data:00000b13 00 0c f9 add BYTE PTR [ecx+edi*8],cl
- .data:00000b16 a0 03 74 26 05 mov al,ds:0x5267403
- .data:00000b1b 00 24 74 add BYTE PTR [esp+esi*2],ah
- .data:00000b1e 0a 00 or al,BYTE PTR [eax]
- .data:00000b20 7c 26 jl 0x00000b48
- .data:00000b22 05 00 1b 00 00 add eax,0x1b00
- .data:00000b27 00 00 add BYTE PTR [eax],al
- .data:00000b29 d4 05 aam 0x5
- .data:00000b2b 00 55 8b add BYTE PTR [ebp-0x75],dl
- .data:00000b2e ec in al,dx
- .data:00000b2f 60 pusha
- .data:00000b30 8b 7d 08 mov edi,DWORD PTR [ebp+0x8]
- .data:00000b33 8b 75 0c mov esi,DWORD PTR [ebp+0xc]
- .data:00000b36 8b 4d 10 mov ecx,DWORD PTR [ebp+0x10]
- .data:00000b39 f3 a4 rep movs BYTE PTR es:[edi],BYTE PTR ds:[esi]
- .data:00000b3b 61 popa
- .data:00000b3c 5d pop ebp
- .data:00000b3d c2 0c 00 ret 0xc
- .data:00000b40 13 ad 84 b5 fe 66 adc ebp,DWORD PTR [ebp+0x66feb584]
- .data:00000b46 e1 36 loope 0x00000b7e
- .data:00000b48 76 5a jbe 0x00000ba4
- .data:00000b4a e5 2c in eax,0x2c
- .data:00000b4c 1d d7 58 a1 71 sbb eax,0x71a158d7
- .data:00000b51 7b d3 jnp 0x00000b26
- .data:00000b53 ef out dx,eax
- .data:00000b54 d0 02 rol BYTE PTR [edx],1
- .data:00000b56 3e 72 e8 ds jb 0x00000b41
- .data:00000b59 1c 63 sbb al,0x63
- .data:00000b5b a0 34 a2 6d 92 mov al,ds:0x926da234
- .data:00000b60 7f c9 jg 0x00000b2b
- .data:00000b62 44 inc esp
- .data:00000b63 2a 8e 26 2f 51 65 sub cl,BYTE PTR [esi+0x65512f26]
- .data:00000b69 ad lods eax,DWORD PTR ds:[esi]
- .data:00000b6a 34 1c xor al,0x1c
- .data:00000b6c cb retf
- .data:00000b6d 03 10 add edx,DWORD PTR [eax]
- .data:00000b6f b8 fd b0 c5 7a mov eax,0x7ac5b0fd
- .data:00000b74 c6 (bad)
- .data:00000b75 29 17 sub DWORD PTR [edi],edx
- .data:00000b77 6d ins DWORD PTR es:[edi],dx
- .data:00000b78 4c dec esp
- .data:00000b79 b2 78 mov dl,0x78
- .data:00000b7b 32 63 85 xor ah,BYTE PTR [ebx-0x7b]
- .data:00000b7e 3c 27 cmp al,0x27
- .data:00000b80 35 d5 18 0e 76 xor eax,0x760e18d5
- .data:00000b85 8b 38 mov edi,DWORD PTR [eax]
- .data:00000b87 b1 94 mov cl,0x94
- .data:00000b89 d2 7a 45 sar BYTE PTR [edx+0x45],cl
- .data:00000b8c 82 (bad)
- .data:00000b8d da a1 7e 1c 61 7d fisub DWORD PTR [ecx+0x7d611c7e]
- .data:00000b93 98 cwde
- .data:00000b94 3c e8 cmp al,0xe8
- .data:00000b96 5d pop ebp
- .data:00000b97 cc int3
- .data:00000b98 03 .byte 0x3
- .data:00000b99 af scas eax,DWORD PTR es:[edi]
- .data:00000b9a 60 pusha
- .data:00000b9b f6 .byte 0xf6
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
