Advertisement
GlobalHell2K17

create_random_hidden_directory (FUN_00401b5f) Decompiled

May 18th, 2019
213
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 2.11 KB | None | 0 0
  1.  
  2. uint __cdecl create_random_hidden_directory(wchar_t *cwd_out)
  3.  
  4. {
  5.   DWORD pd_attr;
  6.   wchar_t *pwVar1;
  7.   int iVar2;
  8.   undefined4 *puVar3;
  9.   undefined2 local_4d8;
  10.   WCHAR programdata_path;
  11.   undefined4 local_2d2 [129];
  12.   WCHAR randomstring_w;
  13.   undefined4 local_ca [49];
  14.  
  15.   programdata_path = DAT_0040f874;
  16.   iVar2 = 0x81;
  17.   puVar3 = (undefined4 *)&stack0xfffffb26;
  18.   while (iVar2 != 0) {
  19.     iVar2 = iVar2 + -1;
  20.     *puVar3 = 0;
  21.     puVar3 = puVar3 + 1;
  22.   }
  23.   *(undefined2 *)puVar3 = 0;
  24.   iVar2 = 0x81;
  25.   puVar3 = local_2d2;
  26.   while (iVar2 != 0) {
  27.     iVar2 = iVar2 + -1;
  28.     *puVar3 = 0;
  29.     puVar3 = puVar3 + 1;
  30.   }
  31.   *(undefined2 *)puVar3 = 0;
  32.   iVar2 = 0x31;
  33.   randomstring_w = programdata_path;
  34.   puVar3 = local_ca;
  35.   while (iVar2 != 0) {
  36.     iVar2 = iVar2 + -1;
  37.     *puVar3 = 0;
  38.     puVar3 = puVar3 + 1;
  39.   }
  40.   *(undefined2 *)puVar3 = 0;
  41.   MultiByteToWideChar(0,0,(LPCSTR)&randomstring,-1,&randomstring_w,99);
  42.                     /* Get C:\ Or C:\Windows */
  43.   GetWindowsDirectoryW((LPWSTR)&stack0xfffffb24,0x104);
  44.   local_4d8 = 0;
  45.                     /* C:\ProgramData Or C:\Windows\ProgramData */
  46.   swprintf(&programdata_path,u_%s\ProgramData_0040f40c,&stack0xfffffb24);
  47.   pd_attr = GetFileAttributesW(&programdata_path);
  48.   if ((pd_attr == 0xffffffff) ||
  49.      (iVar2 = create_and_cwd_dir(&programdata_path,&randomstring_w,cwd_out), iVar2 == 0)) {
  50.                     /* C:\Intel Or C:\Windows\Intel */
  51.     swprintf(&programdata_path,u_%s\Intel_0040f3f8,(wchar_t *)&stack0xfffffb24);
  52.     iVar2 = create_and_cwd_dir(&programdata_path,&randomstring_w,cwd_out);
  53.     if ((iVar2 == 0) &&
  54.        (iVar2 = create_and_cwd_dir((LPCWSTR)&stack0xfffffb24,&randomstring_w,cwd_out), iVar2 == 0))
  55.     {
  56.                     /* C:\*randomstring* */
  57.       GetTempPathW(0x104,&programdata_path);
  58.       pwVar1 = wcsrchr(&programdata_path,L'\\');
  59.       if (pwVar1 != (wchar_t *)0x0) {
  60.         pwVar1 = wcsrchr(&programdata_path,L'\\');
  61.         *pwVar1 = L'\0';
  62.       }
  63.       iVar2 = create_and_cwd_dir(&programdata_path,&randomstring_w,cwd_out);
  64.       return (uint)(iVar2 != 0);
  65.     }
  66.   }
  67.   return 1;
  68. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement