Disassembly of File:
C:\Users\hervet\Desktop\Crackme3\Crackme3.exe Code Offset =
00000400, Code Size = 00040C00 Data Offset = 00041000, Data Size =
00000E00 Number of Objects = 0008 (dec), Imagebase = 00400000h
Object01: CODE 020 Object02: DATA 040 Object03: BSS 000 Object04:
.idata 040 Object05: .tls 000 Object06: .rdata 040 Object07: .reloc
040 Object08: .rsrc 040 +++++++++++++++++++ MENU INFORMATION
++++++++++++++++++ There Are No Menu Resources in This Application
+++++++++++++++++ DIALOG INFORMATION ++++++++++++++++++ There Are
No Dialog Resources in This Application +++++++++++++++++++
IMPORTED FUNCTIONS ++++++++++++++++++ Number of Imported Modules =
11 (decimal) Import Import Import Import Import Import Import
Import Import Import Import Module Module Module Module Module
Module Module Module Module Module Module 001: 002: 003: 004: 005:
006: 007: 008: 009: 010: 011: kernel32.dll user32.dll advapi32.dll
oleaut32.dll kernel32.dll advapi32.dll kernel32.dll gdi32.dll
user32.dll ole32.dll comctl32.dll RVA: 0004D000 Offset: 00048A00
Size: 00003200 Flags: 50000 RVA: 00048000 Offset: 00044000 Size:
00004A00 Flags: 50000 RVA: 00047000 Offset: 00043E00 Size: 00000200
Flags: 50000 RVA: 00046000 Offset: 00043E00 Size: 00000000 Flags:
C0000 RVA: 00044000 Offset: 00041E00 Size: 00002000 Flags: C0000
RVA: 00043000 Offset: 00041E00 Size: 00000000 Flags: C0000 RVA:
00042000 Offset: 00041000 Size: 00000E00 Flags: C0000 RVA: 00001000
Offset: 00000400 Size: 00040C00 Flags: 60000
+++++++++++++++++++ IMPORT MODULE DETAILS +++++++++++++++ Import
Module 001: kernel32.dll Addr:0004469E Addr:000446B4 Addr:000446CC
Addr:000446E4 Addr:000446FC Addr:00044718 Addr:00044726
Addr:00044736 Addr:00044742 hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
Name: Name: Name: Name: Name: Name: Name: Name: Name:
GetCurrentThreadId DeleteCriticalSection LeaveCriticalSection
EnterCriticalSection InitializeCriticalSection VirtualFree
VirtualAlloc LocalFree LocalAlloc
Addr:00044750 Addr:00044768 Addr:00044780 Addr:00044790
Addr:000447A6 Addr:000447BC Addr:000447C8 Addr:000447D4
Addr:000447E6 Addr:000447F8 Addr:0004480A Addr:00044820
Addr:00044832 Addr:00044842 Addr:00044854 Addr:00044862
Addr:00044870 Addr:0004487C Addr:0004488E Addr:0004489E
Addr:000448AA Addr:000448B6 Addr:000448C8 Addr:000448D8
Addr:000448E6 Addr:000448F4 Addr:00044902
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000)
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name:
InterlockedDecrement InterlockedIncrement VirtualQuery
WideCharToMultiByte MultiByteToWideChar lstrlenA lstrcpyA
LoadLibraryExA GetThreadLocale GetStartupInfoA GetModuleFileNameA
GetLocaleInfoA GetLastError GetCommandLineA FreeLibrary ExitProcess
WriteFile SetFilePointer SetEndOfFile RtlUnwind ReadFile
RaiseException GetStdHandle GetFileSize GetFileType CreateFileA
CloseHandle
Import Module 002: user32.dll Addr:0004491C hint(0000) Name:
GetKeyboardType Addr:0004492E hint(0000) Name: LoadStringA
Addr:0004493C hint(0000) Name: MessageBoxA Import Module 003:
advapi32.dll Addr:00044958 hint(0000) Name: RegQueryValueExA
Addr:0004496C hint(0000) Name: RegOpenKeyExA Addr:0004497C
hint(0000) Name: RegCloseKey Import Module 004: oleaut32.dll
Addr:00044998 Addr:000449AE Addr:000449C0 Addr:000449D0
Addr:000449E0 Addr:000449F0 Addr:00044A06 hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) Name: Name:
Name: Name: Name: Name: Name: VariantChangeTypeEx VariantCopyInd
VariantClear SysStringLen SysFreeString SysReAllocStringLen
SysAllocStringLen
Import Module 005: kernel32.dll Addr:00044A28 Addr:00044A36
Addr:00044A44 Addr:00044A52 Addr:00044A66 hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) Name: Name: Name: Name: Name:
TlsSetValue TlsGetValue LocalAlloc GetModuleHandleA
GetModuleFileNameA
Import Module 006: advapi32.dll
Addr:00044A8A hint(0000) Name: RegQueryValueExA Addr:00044A9E
hint(0000) Name: RegOpenKeyExA Addr:00044AAE hint(0000) Name:
RegCloseKey Import Module 007: kernel32.dll Addr:00044ACA
Addr:00044AD6 Addr:00044AE2 Addr:00044AF8 Addr:00044B08
Addr:00044B18 Addr:00044B20 Addr:00044B32 Addr:00044B44
Addr:00044B56 Addr:00044B62 Addr:00044B72 Addr:00044B82
Addr:00044B8E Addr:00044B98 Addr:00044BA8 Addr:00044BB8
Addr:00044BC8 Addr:00044BE0 Addr:00044BFC Addr:00044C0C
Addr:00044C1C Addr:00044C2C Addr:00044C3A Addr:00044C48
Addr:00044C5C Addr:00044C6A Addr:00044C7C Addr:00044C8C
Addr:00044C9A Addr:00044CAA Addr:00044CBC Addr:00044CCC
Addr:00044CDE Addr:00044CF2 Addr:00044D08 Addr:00044D1A
Addr:00044D2A Addr:00044D3E Addr:00044D54 Addr:00044D6A
Addr:00044D76 Addr:00044D86 Addr:00044D94 Addr:00044DA6
Addr:00044DB6 Addr:00044DCA Addr:00044DE2 Addr:00044DFA
Addr:00044E0A Addr:00044E18 Addr:00044E28 Addr:00044E3A hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: lstrcpyA WriteFile
WaitForSingleObject VirtualQuery VirtualAlloc Sleep SizeofResource
SetThreadLocale SetFilePointer SetEvent SetErrorMode SetEndOfFile
ReadFile MulDiv LockResource LoadResource LoadLibraryA
LeaveCriticalSection InitializeCriticalSection GlobalUnlock
GlobalReAlloc GlobalHandle GlobalLock GlobalFree GlobalDeleteAtom
GlobalAlloc GlobalAddAtomA GetVersionExA GetVersion GetTickCount
GetThreadLocale GetSystemInfo GetProcAddress GetModuleHandleA
GetModuleFileNameA GetLocaleInfoA GetLastError GetDiskFreeSpaceA
GetCurrentThreadId GetCurrentProcessId GetCPInfo FreeResource
FreeLibrary FormatMessageA FindResourceA EnumCalendarInfoA
EnterCriticalSection DeleteCriticalSection CreateThread CreateFileA
CreateEventA CompareStringA CloseHandle
Import Module 008: gdi32.dll Addr:00044E52 Addr:00044E64
Addr:00044E72 Addr:00044E84 Addr:00044E9A Addr:00044EAE
Addr:00044EBE Addr:00044ED2 Addr:00044EDC Addr:00044EE8
Addr:00044EFE Addr:00044F12 Addr:00044F22 Addr:00044F2E
Addr:00044F3C Addr:00044F4C Addr:00044F5C Addr:00044F66
Addr:00044F72 Addr:00044F7E Addr:00044F8C Addr:00044F9E
Addr:00044FB0 Addr:00044FBA Addr:00044FC6 Addr:00044FD0
Addr:00044FDA Addr:00044FEE Addr:00045000 Addr:00045016
Addr:00045028 Addr:0004503E Addr:00045058 Addr:0004506A
Addr:00045076 Addr:0004508A Addr:00045098 Addr:000450B8
Addr:000450D0 Addr:000450E6 Addr:000450F6 Addr:00045102
Addr:00045116 Addr:00045124 Addr:0004513C Addr:0004514A
Addr:0004515A Addr:0004516A Addr:0004517C Addr:0004518A
Addr:000451A0 Addr:000451B0 Addr:000451C4 Addr:000451D0
Addr:000451E4 Addr:000451F4 Addr:00045208 Addr:00045218 hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name:
UnrealizeObject StretchBlt SetWindowOrgEx SetWinMetaFileBits
SetViewportOrgEx SetTextColor SetStretchBltMode SetROP2 SetPixel
SetEnhMetaFileBits SetDIBColorTable SetBrushOrgEx SetBkMode
SetBkColor SelectPalette SelectObject SaveDC RestoreDC Rectangle
RectVisible RealizePalette PlayEnhMetaFile PatBlt MoveToEx MaskBlt
LineTo IntersectClipRect GetWindowOrgEx GetWinMetaFileBits
GetTextMetricsA GetTextExtentPointA GetSystemPaletteEntries
GetStockObject GetPixel GetPaletteEntries GetObjectA
GetEnhMetaFilePaletteEntries GetEnhMetaFileHeader
GetEnhMetaFileBits GetDeviceCaps GetDIBits GetDIBColorTable
GetDCOrgEx GetCurrentPositionEx GetClipBox GetBrushOrgEx
GetBitmapBits ExcludeClipRect EnumFontsA EnumFontFamiliesExA
DeleteObject DeleteEnhMetaFile DeleteDC CreateSolidBrush
CreateRectRgn CreatePenIndirect CreatePalette
CreateHalftonePalette
Addr:00045230 Addr:00045246 Addr:00045258 Addr:0004526C
Addr:00045282 Addr:0004529C Addr:000452B2 Addr:000452C2
Addr:000452D6
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000)
Name: Name: Name: Name: Name: Name: Name: Name: Name:
CreateFontIndirectA CreateDIBitmap CreateDIBSection
CreateCompatibleDC CreateCompatibleBitmap CreateBrushIndirect
CreateBitmap CopyEnhMetaFileA BitBlt
Import Module 009: user32.dll Addr:000452EC Addr:000452FE
Addr:0004530A Addr:00045318 Addr:00045328 Addr:0004533C
Addr:00045352 Addr:00045366 Addr:0004537E Addr:00045390
Addr:000453A8 Addr:000453B6 Addr:000453C6 Addr:000453D8
Addr:000453E6 Addr:000453F6 Addr:0004540A Addr:0004541C
Addr:0004542C Addr:00045442 Addr:00045454 Addr:00045460
Addr:00045472 Addr:00045482 Addr:00045492 Addr:0004549C
Addr:000454A8 Addr:000454BC Addr:000454C6 Addr:000454DC
Addr:000454E8 Addr:000454F4 Addr:00045502 Addr:00045514
Addr:00045524 Addr:00045534 Addr:00045546 Addr:00045554
Addr:00045562 Addr:0004556E Addr:00045580 Addr:0004559A
Addr:000455B6 Addr:000455C8 Addr:000455D4 Addr:000455E6
Addr:000455F6 Addr:00045606 hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
WindowFromPoint WinHelpA WaitMessage UpdateWindow UnregisterClassA
UnhookWindowsHookEx TranslateMessage TranslateMDISysAccel
TrackPopupMenu SystemParametersInfoA ShowWindow ShowScrollBar
ShowOwnedPopups ShowCursor SetWindowRgn SetWindowsHookExA
SetWindowTextA SetWindowPos SetWindowPlacement SetWindowLongA
SetTimer SetScrollRange SetScrollPos SetScrollInfo SetRect SetPropA
SetMenuItemInfoA SetMenu SetForegroundWindow SetFocus SetCursor
SetCapture SetActiveWindow SendMessageA ScrollWindow ScreenToClient
RemovePropA RemoveMenu ReleaseDC ReleaseCapture
RegisterWindowMessageA RegisterClipboardFormatA RegisterClassA
PtInRect PostQuitMessage PostMessageA PeekMessageA OffsetRect
Addr:00045614 Addr:00045622 Addr:00045630 Addr:00045642
Addr:00045654 Addr:00045662 Addr:0004566E Addr:0004567C
Addr:0004568A Addr:00045696 Addr:000456A2 Addr:000456B4
Addr:000456C6 Addr:000456D2 Addr:000456DE Addr:000456F2
Addr:000456FC Addr:0004570E Addr:0004571E Addr:00045730
Addr:0004573E Addr:0004574C Addr:00045768 Addr:0004577A
Addr:0004578A Addr:0004579A Addr:000457B0 Addr:000457C2
Addr:000457D0 Addr:000457E0 Addr:000457F4 Addr:00045804
Addr:00045812 Addr:00045820 Addr:00045832 Addr:00045842
Addr:00045852 Addr:0004585E Addr:0004586A Addr:00045876
Addr:00045888 Addr:00045898 Addr:000458AC Addr:000458BC
Addr:000458D0 Addr:000458DA Addr:000458F0 Addr:00045904
Addr:0004591C Addr:00045930 Addr:0004593E Addr:00045950
Addr:0004595E Addr:00045974 Addr:00045980 Addr:00045994
Addr:0004599E Addr:000459A6 Addr:000459B6 Addr:000459C2
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000)
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name:
OemToCharA MessageBoxA MapWindowPoints MapVirtualKeyA
LoadStringA LoadIconA LoadCursorA LoadBitmapA KillTimer IsZoomed
IsWindowVisible IsWindowEnabled IsWindow IsIconic IsDialogMessageA
IsChild InvalidateRect IntersectRect InsertMenuItemA InsertMenuA
InflateRect GetWindowThreadProcessId GetWindowTextA GetWindowRgn
GetWindowRect GetWindowPlacement GetWindowLongA GetWindowDC
GetTopWindow GetSystemMetrics GetSystemMenu GetSysColor GetSubMenu
GetScrollRange GetScrollPos GetScrollInfo GetPropA GetParent
GetWindow GetMenuStringA GetMenuState GetMenuItemInfoA
GetMenuItemID GetMenuItemCount GetMenu GetLastActivePopup
GetKeyboardState GetKeyboardLayoutList GetKeyboardLayout
GetKeyState GetKeyNameTextA GetIconInfo GetForegroundWindow
GetFocus GetDesktopWindow GetDCEx GetDC GetCursorPos GetCursor
GetClipboardData
Addr:000459D6 Addr:000459E6 Addr:000459F6 Addr:00045A04
Addr:00045A16 Addr:00045A22 Addr:00045A30 Addr:00045A3C
Addr:00045A48 Addr:00045A56 Addr:00045A6A Addr:00045A76
Addr:00045A86 Addr:00045A98 Addr:00045AAA Addr:00045AB6
Addr:00045AC4 Addr:00045AD0 Addr:00045AE4 Addr:00045AF0
Addr:00045B04 Addr:00045B14 Addr:00045B22 Addr:00045B30
Addr:00045B40 Addr:00045B4E Addr:00045B60 Addr:00045B74
Addr:00045B84 Addr:00045B96 Addr:00045BA8 Addr:00045BB6
Addr:00045BC4 Addr:00045BD6 Addr:00045BE6 Addr:00045BF8
Addr:00045C0A Addr:00045C18 Addr:00045C2A Addr:00045C38
Addr:00045C4E
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000)
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name: Name:
GetClientRect GetClassInfoA GetCapture GetActiveWindow FrameRect
FindWindowA FillRect EqualRect EnumWindows EnumThreadWindows
EndPaint EnableWindow EnableScrollBar EnableMenuItem DrawTextA
DrawMenuBar DrawIcon DrawFrameControl DrawEdge DispatchMessageA
DestroyWindow DestroyMenu DestroyIcon DestroyCursor DeleteMenu
DefWindowProcA DefMDIChildProcA DefFrameProcA CreateWindowExA
CreatePopupMenu CreateMenu CreateIcon ClientToScreen CheckMenuItem
CallWindowProcA CallNextHookEx BeginPaint CharLowerBuffA CharLowerA
AdjustWindowRectEx ActivateKeyboardLayout
Import Module 010: ole32.dll Addr:00045C72 hint(0000) Name:
IsEqualGUID Import Module 011: comctl32.dll Addr:00045C8E
Addr:00045CA8 Addr:00045CC0 Addr:00045CD8 Addr:00045CEA
Addr:00045D04 Addr:00045D20 Addr:00045D40 Addr:00045D56
Addr:00045D6C Addr:00045D82 Addr:00045D96 hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) Name: Name: Name: Name:
Name: Name: Name: Name: Name: Name: Name: Name:
ImageList_GetImageInfo ImageList_SetIconSize ImageList_GetIconSize
ImageList_Read ImageList_GetDragImage ImageList_DragShowNolock
ImageList_SetDragCursorImage ImageList_DragMove ImageList_DragLeave
ImageList_DragEnter ImageList_EndDrag ImageList_BeginDrag
Addr:00045DAC Addr:00045DC0 Addr:00045DD4 Addr:00045DE6
Addr:00045DFE Addr:00045E16 Addr:00045E2E Addr:00045E3E
Addr:00045E58 Addr:00045E6C
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
hint(0000) hint(0000) hint(0000) hint(0000) hint(0000)
Name: Name: Name: Name: Name: Name: Name: Name: Name: Name:
ImageList_Remove ImageList_DrawEx ImageList_Draw
ImageList_GetBkColor ImageList_SetBkColor ImageList_ReplaceIcon
ImageList_Add ImageList_GetImageCount ImageList_Destroy
ImageList_Create
+++++++++++++++++++ EXPORTED FUNCTIONS ++++++++++++++++++ Number
of Exported Functions = 0000 (decimal)
+++++++++++++++++++ ASSEMBLY CODE LISTING ++++++++++++++++++
//********************** Start of Code in Object CODE
************** Program Entry Point = 004419C4
(C:\Users\hervet\Desktop\Crackme3\Crackme3.exe Fi le
Offset:000829C4) :00401000 :00401002 :00401003 :00401005 :00401006
:00401007 :00401008 :00401009 :0040100A :0040100B :0040100C
:0040100D :0040100F 0410 40 0003 07 42 6F 6F 6C 65 61 6E 0100
000000 add al, 10 inc eax add byte ptr [ebx], al pop es inc edx
outsd outsd insb BYTE 065h popad outsb add dword ptr [eax], eax
BYTE 3 DUP(0) add dword ptr [eax], eax BYTE 3 DUP(0) adc byte ptr
[eax+00], al add eax, 736C6146 BYTE 065h add al, 54 jb 00401099
DWORD 00408D65 DWORD 0040102C add al, byte ptr [ebx+2*eax] push
00017261 BYTE 3 DUP(0)
:00401012 0100 :00401014 000000 :00401017 104000 :0040101A
0546616C73 :0040101F 65 :00401020 0454 :00401022 7275 :00401024
658D4000 :00401028 2C104000 :0040102C 020443 :0040102F 6861720100
:00401034 000000
:00401037 :00401039 :0040103B :0040103C :0040103D :00401040
:00401042 :00401043 :00401044 :00401046 :00401047
FF00 0000 90 40 104000 0107 49 6E 7465 67 65
inc dword ptr [eax] add byte ptr [eax], al nop inc eax adc byte
ptr [eax+00], al add dword ptr [edi], eax dec ecx outsb je 004010AB
BYTE 067h BYTE 065h jb 0040104E BYTE 3 DUP(0) cmp bh, FF BYTE 0ffh
jg 00400FDE rcr byte ptr [eax+10], 40 add byte ptr [ecx], al add
al, 42 jns 004010D1 add dword ptr gs:[eax], eax BYTE 3 DUP(0) inc
dword ptr [eax] add byte ptr [eax], al nop insb adc byte ptr
[eax+00], al add dword ptr [edi+2*edx], eax outsd jb 004010D6 add
eax, dword ptr [eax] BYTE 3 DUP(0) BYTE 2 DUP(0ffh) add byte ptr
[eax], nop adc byte ptr [eax], add byte ptr [edx], push es push ebx
je 004010F7 imul ebp, dword ptr BYTE 10 DUP(0) BYTE 10 DUP(0) BYTE
8 DUP(0) aam (base16) inc eax al 40 cl
:00401048 7204 :0040104A 000000 :0040104D :00401050 :00401051
:00401053 :00401057 :00401059 :0040105B :0040105D :00401060
:00401063 :00401065 :00401067 :00401068 :00401069 :0040106C
:0040106F :00401070 :00401072 :00401074 80FFFF FF 7F8B C0581040
0001 0442 7974 650100 000000 FF00 0000 90 6C 104000 010457 6F 7264
0300 000000
:00401077 FFFF :00401079 :0040107B :0040107C :0040107F :00401081
:00401082 :00401083 :00401085 :0040108C :00401096 :004010A0 0000 90
801040 000A 06 53 7472 696E67D4104000 00000000000000000000
00000000000000000000 0000000000000000
[esi+67], 004010D4
:004010A8 D410 :004010AA 40
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401044(C) :004010AB 000400 :004010AE 000000000000 add
byte ptr [eax+eax], al BYTE 6 DUP(0)
:004010B4 :004010B8 :004010BC :004010C0 :004010C4 :004010C8
:004010CC :004010D0
282E4000 342E4000 382E4000 3C2E4000 302E4000 B42B4000 C82B4000
102C4000
DWORD DWORD DWORD DWORD DWORD DWORD DWORD DWORD
00402E28 00402E34 00402E38 00402E3C 00402E30 00402BB4 00402BC8
00402C10
:004010D4 07 :004010D5 54
pop es push esp
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401070(C) :004010D6 :004010D7 :004010DA :004010DE
:004010DF :004010E1 :004010E2 :004010E3 :004010E4 :004010E7
:004010EB :004010EC 4F 626A65 6374E010 40 0007 07 54 4F 626A65
6374D410 40 00000000000000 dec edi bound ebp, dword ptr [edx+65]
arpl dword ptr [eax+10], esi inc eax add byte ptr [edi], al pop es
push esp dec edi bound ebp, dword ptr [edx+65] arpl dword ptr
[esp+8*edx+10], esi inc eax BYTE 7 DUP(0) push es push ebx jns
0040116A
:004010F3 06 :004010F4 53 :004010F5 7973
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401083(C) :004010F7 7465 :004010F9 6D :004010FA 000000
:004010FD :00401100 :00401102 :00401103 :00401104 :00401105
:00401109 :0040110A 114000 0F08 49 55 6E 6B6E6F77 6E 00000000 je
0040115E insd BYTE 3 DUP(0) adc dword ptr [eax+00], eax invd dec
ecx push ebp outsb imul ebp, dword ptr [esi+6F], 00000077 outsb
BYTE 4 DUP(0)
:0040110E 0100 :00401110 00000000000000 :00401117 C00000
:0040111A 00000000 :0040111E :0040111F :00401120 :00401121
:00401123 :00401125 :00401126 :00401128 :00401129 :0040112E
:00401133 :00401138 :0040113D :00401142 :00401147 :00401148
:00401149 46 06 53 7973 7465 6D 0000 CC 83442404F8 E9993D0000
83442404F8 E9B73D0000 83442404F8 E9C13D0000 CC CC CC
add dword ptr [eax], eax BYTE 7 DUP(0) rol byte ptr [eax], 00
BYTE 4 DUP(0) inc esi push es push ebx jns 00401196 je 0040118A
insd add byte ptr [eax], al int 03 add dword ptr [esp+04], FFFFFFF8
jmp 00404ECC add dword ptr [esp+04], FFFFFFF8 jmp 00404EF4 add
dword ptr [esp+04], FFFFFFF8 jmp 00404F08 int 03 int 03 int 03
DWORD 00401129 DWORD 00401133 DWORD 0040113D add dword ptr [eax],
eax BYTE 10 DUP(0) rol byte ptr [eax], 00 BYTE 4 DUP(0) inc esi
:0040114A 29114000 :0040114E 33114000 :00401152 3D114000
:00401156 :00401158 :00401162 :00401165 0100 00000000000000000000
C00000 00000000
:00401169 46
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004010F5(C) :0040116A :0040116B :0040116E :00401170 4A
114000 0800 000000000000 dec edx adc dword ptr [eax+00], eax or
byte ptr [eax], al BYTE 6 DUP(0) mov eax, eax DWORD 004011C4 DWORD
00401156 BYTE 10 DUP(0)
:00401176 8BC0 :00401178 C4114000 :0040117C 56114000 :00401180
00000000000000000000
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401123(C) :0040118A 00000000000000000000 BYTE 10
DUP(0)
:00401194 00000000 :00401198 :0040119A :0040119B :0040119E
:004011A0 :004011A4 :004011A8 :004011AC :004011B0 :004011B4
:004011B8 :004011BC :004011C0 :004011C4 :004011C8 :004011CA
:004011CC :004011CD :004011D0 :004011D1 :004011D4 C411 40 000C00
0000 88104000 282E4000 342E4000 BC4E4000 3C2E4000 302E4000 B42B4000
C82B4000 102C4000 1154496E 7465 7266 61 636564 4F 626A65
63748BC0
BYTE 4 DUP(0) les inc add add edx, dword ptr [ecx] eax byte ptr
[eax+eax], cl byte ptr [eax], al 00401088 00402E28 00402E34
00404EBC 00402E3C 00402E30 00402BB4 00402BC8 00402C10
DWORD DWORD DWORD DWORD DWORD DWORD DWORD DWORD DWORD
adc dword ptr [ecx+2*ecx+6E], edx je 0040122F jb 00401232 popad
arpl dword ptr [ebp+64], esp dec edi bound ebp, dword ptr [edx+65]
arpl dword ptr [ebx+4*ecx-40], esi
* Referenced by a CALL at Addresses: :00404F9D , :00405119 *
Reference To: kernel32.CloseHandle, Ord:0000h :004011D8
FF257C414400 :004011DE 8BC0 * Referenced by a CALL at Address:
:00405033 * Reference To: kernel32.CreateFileA, Ord:0000h :004011E0
FF2578414400 :004011E6 8BC0 * Referenced by a CALL at Address:
:004050FE * Reference To: kernel32.GetFileType, Ord:0000h :004011E8
FF2574414400 :004011EE 8BC0 * Referenced by a CALL at Address:
:00405057 * Reference To: kernel32.GetFileSize, Ord:0000h Jmp dword
ptr [00444174] mov eax, eax Jmp dword ptr [00444178] mov eax, eax
Jmp dword ptr [0044417C] mov eax, eax
:004011F0 FF2570414400 :004011F6 8BC0 * Referenced by a CALL at
Address: :004050E7
Jmp dword ptr [00444170] mov eax, eax
* Reference To: kernel32.GetStdHandle, Ord:0000h :004011F8
FF256C414400 :004011FE 8BC0 Jmp dword ptr [0044416C] mov eax, eax ,
:00403028 , :00403048
* Referenced by a CALL at Addresses: :00402F88 , :00402FA6 ,
:00402FBA :00403065
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004032C3(U) * Reference To: kernel32.RaiseException,
Ord:0000h :00401200 FF2568414400 :00401206 8BC0 Jmp dword ptr
[00444168] mov eax, eax
* Referenced by a CALL at Addresses: :00404F4D , :00405094 *
Reference To: kernel32.ReadFile, Ord:0000h :00401208 FF2564414400
:0040120E 8BC0 Jmp dword ptr [00444164] mov eax, eax
* Referenced by a CALL at Addresses: :004030E9 , :0040321E ,
:00403434 * Reference To: kernel32.RtlUnwind, Ord:0000h :00401210
FF2560414400 :00401216 8BC0 * Referenced by a CALL at Address:
:004050C7 * Reference To: kernel32.SetEndOfFile, Ord:0000h
:00401218 FF255C414400 :0040121E 8BC0 Jmp dword ptr [0044415C] mov
eax, eax Jmp dword ptr [00444160] mov eax, eax
* Referenced by a CALL at Addresses: :00405073 , :004050BD *
Reference To: kernel32.SetFilePointer, Ord:0000h
:00401220 FF2558414400 :00401226 8BC0 * Referenced by a CALL at
Address: :00404F80
Jmp dword ptr [00444158] mov eax, eax
* Reference To: kernel32.WriteFile, Ord:0000h :00401228
FF2554414400 :0040122E 8BC0 * Referenced by a CALL at Address:
:0040375C * Reference To: kernel32.ExitProcess, Ord:0000h :00401230
FF2550414400 :00401236 8BC0 * Referenced by a CALL at Address:
:004036F2 * Reference To: user32.MessageBoxA, Ord:0000h :00401238
FF258C414400 :0040123E 8BC0 * Referenced by a CALL at Address:
:00403736 * Reference To: kernel32.FreeLibrary, Ord:0000h :00401240
FF254C414400 :00401246 8BC0 * Referenced by a CALL at Address:
:00405A60 * Reference To: kernel32.GetCommandLineA, Ord:0000h
:00401248 FF2548414400 :0040124E 8BC0 Jmp dword ptr [00444148] mov
eax, eax , :00405133 Jmp dword ptr [0044414C] mov eax, eax Jmp
dword ptr [0044418C] mov eax, eax Jmp dword ptr [00444150] mov eax,
eax Jmp dword ptr [00444154] mov eax, eax
* Referenced by a CALL at Addresses: :00404F59 , :00404F8D ,
:00404FA6
* Reference To: kernel32.GetLastError, Ord:0000h :00401250
FF2544414400 :00401256 8BC0 * Referenced by a CALL at Address:
:00404BBC Jmp dword ptr [00444144] mov eax, eax
* Reference To: kernel32.GetLocaleInfoA, Ord:0000h :00401258
FF2540414400 :0040125E 8BC0 * Referenced by a CALL at Address:
:00404AEC * Reference To: kernel32.GetModuleFileNameA, Ord:0000h
:00401260 FF253C414400 :00401266 8BC0 * Referenced by a CALL at
Address: :0040131A * Reference To: kernel32.GetStartupInfoA,
Ord:0000h :00401268 FF2538414400 :0040126E 8BC0 * Referenced by a
CALL at Address: :00404BB6 * Reference To:
kernel32.GetThreadLocale, Ord:0000h :00401270 FF2534414400
:00401276 8BC0 Jmp dword ptr [00444134] mov eax, eax Jmp dword ptr
[00444138] mov eax, eax Jmp dword ptr [0044413C] mov eax, eax Jmp
dword ptr [00444140] mov eax, eax
* Referenced by a CALL at Addresses: :00404C2E , :00404C54 ,
:00404C78 * Reference To: kernel32.LoadLibraryExA, Ord:0000h
:00401278 FF2530414400 :0040127E 8BC0 * Referenced by a CALL at
Address: :00404E55 * Reference To: user32.LoadStringA, Ord:0000h
:00401280 FF2588414400 :00401286 8BC0 Jmp dword ptr [00444188] mov
eax, eax , :00404C68 Jmp dword ptr [00444130] mov eax, eax
* Referenced by a CALL at Addresses: :00404BA9 , :00404C1E ,
:00404C44
* Reference To: kernel32.lstrcpyA, Ord:0000h :00401288
FF252C414400 :0040128E 8BC0 Jmp dword ptr [0044412C] mov eax,
eax
* Referenced by a CALL at Address: :00404BE7 * Reference To:
kernel32.lstrlenA, Ord:0000h :00401290 FF2528414400 :00401296 8BC0
Jmp dword ptr [00444128] mov eax, eax , :00404406 , :00404424
* Referenced by a CALL at Addresses: :00403E19 , :00403E3B ,
:00403E57 :0040443D
* Reference To: kernel32.MultiByteToWideChar, Ord:0000h
:00401298 FF2524414400 :0040129E 8BC0 Jmp dword ptr [00444124] mov
eax, eax
* Referenced by a CALL at Addresses: :00402B03 , :00404B91 *
Reference To: advapi32.RegCloseKey, Ord:0000h :004012A0
FF259C414400 :004012A6 8BC0 Jmp dword ptr [0044419C] mov eax,
eax
* Referenced by a CALL at Addresses: :00402ABA , :00404B0A ,
:00404B28 * Reference To: advapi32.RegOpenKeyExA, Ord:0000h
:004012A8 FF2598414400 :004012AE 8BC0 Jmp dword ptr [00444198] mov
eax, eax
* Referenced by a CALL at Addresses: :00402AED , :00404B5D ,
:00404B7B * Reference To: advapi32.RegQueryValueExA, Ord:0000h
:004012B0 FF2594414400 :004012B6 8BC0 Jmp dword ptr [00444194] mov
eax, eax , :00404355 , :00404375
* Referenced by a CALL at Addresses: :00403905 , :0040392B ,
:0040394B :00404395
* Reference To: kernel32.WideCharToMultiByte, Ord:0000h
:004012B8 FF2520414400 :004012BE 8BC0 * Referenced by a CALL at
Address: :00404A87 Jmp dword ptr [00444120] mov eax, eax
* Reference To: kernel32.VirtualQuery, Ord:0000h :004012C0
FF251C414400 :004012C6 8BC0 Jmp dword ptr [0044411C] mov eax, eax ,
:0040442E , :0040480D
* Referenced by a CALL at Addresses: :00403E73 , :00403EAF ,
:00404411
* Reference To: oleaut32.SysAllocStringLen, Ord:0000h :004012C8
FF25BC414400 :004012CE 8BC0 * Referenced by a CALL at Address:
:00403DD6 * Reference To: oleaut32.SysReAllocStringLen, Ord:0000h
:004012D0 FF25B8414400 :004012D6 8BC0 Jmp dword ptr [004441B8] mov
eax, eax , :00403E85 Jmp dword ptr [004441BC] mov eax, eax
* Referenced by a CALL at Addresses: :00403D7D , :00403D92 ,
:00403DAF
* Reference To: oleaut32.SysFreeString, Ord:0000h :004012D8
FF25B4414400 :004012DE 8BC0 * Referenced by a CALL at Address:
:004043B7 * Reference To: oleaut32.SysStringLen, Ord:0000h
:004012E0 FF25B0414400 :004012E6 8BC0 Jmp dword ptr [004441B0] mov
eax, eax Jmp dword ptr [004441B4] mov eax, eax
* Referenced by a CALL at Addresses: :0040449C , :004044C3 *
Reference To: oleaut32.VariantClear, Ord:0000h :004012E8
FF25AC414400 :004012EE 8BC0 * Referenced by a CALL at Address:
:0040452E * Reference To: oleaut32.VariantCopyInd, Ord:0000h
:004012F0 FF25A8414400 :004012F6 8BC0 Jmp dword ptr [004441A8] mov
eax, eax Jmp dword ptr [004441AC] mov eax, eax
* Referenced by a CALL at Addresses:
:004045DA
, :00404619
* Reference To: oleaut32.VariantChangeTypeEx, Ord:0000h
:004012F8 FF25A4414400 :004012FE 8BC0 * Referenced by a CALL at
Address: :00404EFE * Reference To: kernel32.InterlockedIncrement,
Ord:0000h :00401300 FF2518414400 :00401306 8BC0 * Referenced by a
CALL at Address: :00404F14 * Reference To:
kernel32.InterlockedDecrement, Ord:0000h :00401308 FF2514414400
:0040130E 8BC0 * Referenced by a CALL at Address: :00405A6A
:00401310 :00401311 :00401314 :00401319 53 83C4BC BB0A000000 54
push ebx add esp, FFFFFFBC mov ebx, 0000000A push esp Jmp dword ptr
[00444114] mov eax, eax Jmp dword ptr [00444118] mov eax, eax Jmp
dword ptr [004441A4] mov eax, eax
* Reference To: kernel32.GetStartupInfoA, Ord:0000h :0040131A
:0040131F :00401324 :00401326 E849FFFFFF F644242C01 7405 0FB75C2430
Call 00401268 test [esp+2C], 01 je 0040132B movzx ebx, word ptr
[esp+30]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401324(C) :0040132B :0040132D :00401330 :00401331 8BC3
83C444 5B C3 mov eax, ebx add esp, 00000044 pop ebx ret mov eax,
eax
:00401332 8BC0
* Referenced by a CALL at Addresses: :00401387 , :00401A53 *
Reference To: kernel32.LocalAlloc, Ord:0000h :00401334 FF2510414400
:0040133A 8BC0 Jmp dword ptr [00444110] mov eax, eax
* Referenced by a CALL at Addresses: :00401B03 , :00401B61 *
Reference To: kernel32.LocalFree, Ord:0000h :0040133C FF250C414400
:00401342 8BC0 Jmp dword ptr [0044410C] mov eax, eax ,
:00401719
* Referenced by a CALL at Addresses: :00401547 , :0040159A ,
:004015BF
* Reference To: kernel32.VirtualAlloc, Ord:0000h :00401344
FF2508414400 :0040134A 8BC0 Jmp dword ptr [00444108] mov eax, eax ,
:0040179A , :00401B22
* Referenced by a CALL at Addresses: :0040156E , :004015E5 ,
:00401658
* Reference To: kernel32.VirtualFree, Ord:0000h :0040134C
FF2504414400 :00401352 8BC0 * Referenced by a CALL at Address:
:00401A16 * Reference To: kernel32.InitializeCriticalSection,
Ord:0000h :00401354 FF2500414400 :0040135A 8BC0 Jmp dword ptr
[00444100] mov eax, eax , :004022B0 , :00402613 Jmp dword ptr
[00444104] mov eax, eax
* Referenced by a CALL at Addresses: :00401A29 , :00401AF1 ,
:00402117
* Reference To: kernel32.EnterCriticalSection, Ord:0000h
:0040135C FF25FC404400 :00401362 8BC0 Jmp dword ptr [004440FC] mov
eax, eax , :004023E8 , :0040267B
* Referenced by a CALL at Addresses: :00401AB0 , :00401B8A ,
:00402242
* Reference To: kernel32.LeaveCriticalSection, Ord:0000h
:00401364 FF25F8404400 :0040136A 8BC0 * Referenced by a CALL at
Address: :00401B94 * Reference To: kernel32.DeleteCriticalSection,
Ord:0000h Jmp dword ptr [004440F8] mov eax, eax
:0040136C FF25F4404400 :00401372 8BC0 * Referenced by a CALL at
Address: :004013D2 :00401374 :00401375 :00401376 :0040137B
:0040137E :00401380 :00401385 53 56 BE50344400 833E00 753A
6844060000 6A00
Jmp dword ptr [004440F4] mov eax, eax
push ebx push esi mov esi, 00443450 cmp dword ptr [esi],
00000000 jne 004013BA push 00000644 push 00000000
* Reference To: kernel32.LocalAlloc, Ord:0000h :00401387
:0040138C :0040138E :00401390 :00401392 :00401394 :00401395
:00401396 E8A8FFFFFF 8BC8 85C9 7505 33C0 5E 5B C3 Call 00401334 mov
ecx, eax test ecx, ecx jne 00401397 xor eax, eax pop esi pop ebx
ret
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401390(C) :00401397 :0040139C :0040139E :004013A4
A14C344400 8901 890D4C344400 33D2 mov mov mov xor eax, dword ptr
[0044344C] dword ptr [ecx], eax dword ptr [0044344C], ecx edx,
edx
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004013B8(C) :004013A6 :004013A8 :004013AA :004013AE
:004013B0 :004013B2 :004013B4 :004013B5 :004013B8 8BC2 03C0
8D44C104 8B1E 8918 8906 42 83FA64 75EC mov add lea mov mov mov inc
cmp jne eax, edx eax, eax eax, dword ptr [ecx+8*eax+04] ebx, dword
ptr [esi] dword ptr [eax], ebx dword ptr [esi], eax edx edx,
00000064 004013A6
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040137E(C) :004013BA :004013BC :004013BE :004013C0
:004013C1 :004013C2 8B06 8B10 8916 5E 5B C3 mov mov mov pop pop ret
eax, dword ptr [esi] edx, dword ptr [eax] dword ptr [esi], edx esi
ebx
:004013C3 90
nop , :00401B36 , :00401B40
* Referenced by a CALL at Addresses: :00401A33 , :00401A3D ,
:00401A47 :00401B4A :004013C4 8900 :004013C6 894004 :004013C9 C3
:004013CA 8BC0
mov dword ptr [eax], eax mov dword ptr [eax+04], eax ret mov
eax, eax , :004015D2
* Referenced by a CALL at Addresses: :00401472 , :004014F7 ,
:0040155B :004013CC :004013CD :004013CE :004013D0 :004013D2
:004013D7 :004013D9 :004013DB :004013DD :004013DE :004013DF 53 56
8BF2 8BD8 E89DFFFFFF 85C0 7505 33C0 5E 5B C3
push ebx push esi mov esi, edx mov ebx, eax call 00401374 test
eax, eax jne 004013E0 xor eax, eax pop esi pop ebx ret
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004013D9(C) :004013E0 :004013E2 :004013E5 :004013E8
:004013EB :004013ED :004013EF :004013F2 :004013F5 :004013F7
:004013F9 :004013FA :004013FB 8B16 895008 8B5604 89500C 8B13 8910
895804 894204 8903 B001 5E 5B C3 mov mov mov mov mov mov mov mov
mov mov pop pop ret edx, dword ptr [esi] dword ptr [eax+08], edx
edx, dword ptr [esi+04] dword ptr [eax+0C], edx edx, dword ptr
[ebx] dword ptr [eax], edx dword ptr [eax+04], ebx dword ptr
[edx+04], eax dword ptr [ebx], eax al, 01 esi ebx
* Referenced by a CALL at Addresses: :00401440 , :0040145D ,
:004014C2 :0040195D :004013FC :004013FF :00401401 :00401403
:00401406 :0040140C :0040140E 8B5004 8B08 890A 895104 8B1550344400
8910 A350344400 mov mov mov mov mov mov mov
, :0040166D
, :0040180B
edx, dword ptr [eax+04] ecx, dword ptr [eax] dword ptr [edx],
ecx dword ptr [ecx+04], edx edx, dword ptr [00443450] dword ptr
[eax], edx dword ptr [00443450], eax
:00401413 C3
ret
* Referenced by a CALL at Addresses: :0040182C , :004018B2 ,
:004018F9 :00401414 :00401415 :00401416 :00401417 :00401418
:00401419 :0040141B :0040141E :00401420 :00401423 :00401426
:00401428 :0040142A :0040142D 53 56 57 55 51 8BF1 891424 8BE8
8B5D00 8B0424 8B10 8916 8B5004 895604
, :004019B2
, :00401EE7
push ebx push esi push edi push ebp push ecx mov esi, ecx mov
dword ptr [esp], edx mov ebp, eax mov ebx, dword ptr [ebp+00] mov
eax, dword ptr [esp] mov edx, dword ptr [eax] mov dword ptr [esi],
edx mov edx, dword ptr [eax+04] mov dword ptr [esi+04], edx
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040146C(C) :00401430 :00401432 :00401435 :00401437
:0040143A :0040143C :0040143E :00401440 :00401445 :00401448
:0040144A :0040144D :00401450 8B3B 8B4308 8BD0 03530C 3B16 7514
8BC3 E8B7FFFFFF 8B4308 8906 8B430C 014604 EB16 mov edi, dword ptr
[ebx] mov eax, dword ptr [ebx+08] mov edx, eax add edx, dword ptr
[ebx+0C] cmp edx, dword ptr [esi] jne 00401452 mov eax, ebx call
004013FC mov eax, dword ptr [ebx+08] mov dword ptr [esi], eax mov
eax, dword ptr [ebx+0C] add dword ptr [esi+04], eax jmp
00401468
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040143C(C) :00401452 :00401454 :00401457 :00401459
:0040145B :0040145D :00401462 :00401465 8B16 035604 3BC2 750D 8BC3
E89AFFFFFF 8B430C 014604 mov edx, dword ptr [esi] add edx, dword
ptr [esi+04] cmp eax, edx jne 00401468 mov eax, ebx call 004013FC
mov eax, dword ptr [ebx+0C] add dword ptr [esi+04], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :00401450(U), :00401459(C) :00401468 :0040146A :0040146C
:0040146E :00401470 :00401472 8BDF 3BEB 75C2 8BD6 8BC5 E855FFFFFF
mov ebx, edi cmp ebp, ebx jne 00401430 mov edx, esi mov eax, ebp
call 004013CC
:00401477 :00401479 :0040147B :0040147D
84C0 7504 33C0 8906
test al, al jne 0040147F xor eax, eax mov dword ptr [esi],
eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401479(C) :0040147F :00401480 :00401481 :00401482
:00401483 :00401484 5A 5D 5F 5E 5B C3 pop pop pop pop pop ret edx
ebp edi esi ebx
:00401485 8D4000
lea eax, dword ptr [eax+00]
* Referenced by a CALL at Addresses: :004019EE , :00401DE6
:00401488 :00401489 :0040148A :0040148B :0040148C :0040148F
:00401491 53 56 57 55 83C4F8 8BD8 8BFB push ebx push esi push edi
push ebp add esp, FFFFFFF8 mov ebx, eax mov edi, ebx
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040150C(C) :00401493 :00401495 :00401498 :0040149A
:0040149C :0040149E :004014A1 :004014A3 :004014A6 :004014A8
:004014AA :004014AC :004014AE :004014B1 :004014B4 :004014B7
:004014BA :004014BE :004014C0 :004014C2 :004014C7 8B32 8B4308 3BF0
726C 8BCE 034A04 8BE8 036B0C 3BCD 775E 3BF0 751B 8B4204 014308
8B4204 29430C 837B0C00 7544 8BC3 E835FFFFFF EB3B mov esi, dword ptr
[edx] mov eax, dword ptr [ebx+08] cmp esi, eax jb 00401508 mov ecx,
esi add ecx, dword ptr [edx+04] mov ebp, eax add ebp, dword ptr
[ebx+0C] cmp ecx, ebp ja 00401508 cmp esi, eax jne 004014C9 mov
eax, dword ptr [edx+04] add dword ptr [ebx+08], eax mov eax, dword
ptr [edx+04] sub dword ptr [ebx+0C], eax cmp dword ptr [ebx+0C],
00000000 jne 00401504 mov eax, ebx call 004013FC jmp 00401504
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004014AC(C) :004014C9 8B0A :004014CB 8B7204 :004014CE
03CE mov ecx, dword ptr [edx] mov esi, dword ptr [edx+04] add ecx,
esi
:004014D0 :004014D2 :004014D5 :004014D7 :004014D9 :004014DC
8BF8 037B0C 3BCF 7505 29730C EB26
mov add cmp jne sub jmp
edi, eax edi, dword ptr [ebx+0C] ecx, edi 004014DE dword ptr
[ebx+0C], esi 00401504
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004014D7(C) :004014DE :004014E0 :004014E3 :004014E6
:004014E8 :004014EC :004014EE :004014F0 :004014F3 :004014F5
:004014F7 :004014FC :004014FE :00401500 :00401502 8B0A 034A04
890C24 2BF9 897C2404 8B12 2BD0 89530C 8BD4 8BC3 E8D0FEFFFF 84C0
7504 33C0 EB0C mov ecx, dword ptr [edx] add ecx, dword ptr [edx+04]
mov dword ptr [esp], ecx sub edi, ecx mov dword ptr [esp+04], edi
mov edx, dword ptr [edx] sub edx, eax mov dword ptr [ebx+0C], edx
mov edx, esp mov eax, ebx call 004013CC test al, al jne 00401504
xor eax, eax jmp 00401510
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :004014BE(C), :004014C7(U), :004014DC(U), :004014FE(C)
:00401504 B001 :00401506 EB08 mov al, 01 jmp 00401510
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :0040149A(C), :004014A8(C) :00401508 :0040150A :0040150C
:0040150E 8B1B 3BFB 7585 33C0 mov cmp jne xor ebx, dword ptr [ebx]
edi, ebx 00401493 eax, eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :00401502(U), :00401506(U) :00401510 :00401511 :00401512
:00401513 :00401514 :00401515 :00401516 59 5A 5D 5F 5E 5B C3 pop
pop pop pop pop pop ret nop ecx edx ebp edi esi ebx
:00401517 90 * Referenced by a CALL at Address: :0040181C
:00401518 53 :00401519 56 :0040151A 57
push ebx push esi push edi
:0040151B :0040151D :0040151F :00401525 :00401527 :0040152C
8BDA 8BF0 81FE00001000 7D07 BE00001000 EB0C
mov mov cmp jge mov jmp
ebx, edx esi, eax esi, 00100000 0040152E esi, 00100000
0040153A
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401525(C) :0040152E 81C6FFFF0000 :00401534 81E60000FFFF
add esi, 0000FFFF and esi, FFFF0000
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040152C(U) :0040153A :0040153D :0040153F :00401544
:00401545 897304 6A01 6800200000 56 6A00 mov dword ptr [ebx+04],
esi push 00000001 push 00002000 push esi push 00000000
* Reference To: kernel32.VirtualAlloc, Ord:0000h :00401547
:0040154C :0040154E :00401550 :00401552 :00401554 :00401556
:0040155B :00401560 :00401562 :00401564 :00401569 :0040156B
:0040156D E8F8FDFFFF 8BF8 893B 85FF 7423 8BD3 B854344400 E86CFEFFFF
84C0 7513 6800800000 6A00 8B03 50 Call 00401344 mov edi, eax mov
dword ptr [ebx], edi test edi, edi je 00401577 mov edx, ebx mov
eax, 00443454 call 004013CC test al, al jne 00401577 push 00008000
push 00000000 mov eax, dword ptr [ebx] push eax
* Reference To: kernel32.VirtualFree, Ord:0000h :0040156E
E8D9FDFFFF :00401573 33C0 :00401575 8903 Call 0040134C xor eax, eax
mov dword ptr [ebx], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :00401552(C), :00401562(C) :00401577 :00401578 :00401579
:0040157A 5F 5E 5B C3 pop edi pop esi pop ebx ret nop
:0040157B 90
* Referenced by a CALL at Addresses: :0040189C , :004018E3
:0040157C 53 push ebx
:0040157D :0040157E :0040157F :00401580 :00401582 :00401584
:00401586 :0040158D :0040158F :00401594 :00401599
56 57 55 8BD9 8BF2 8BE8 C7430400001000 6A04 6800200000
6800001000 55
push esi push edi push ebp mov ebx, ecx mov esi, edx mov ebp,
eax mov [ebx+04], 00100000 push 00000004 push 00002000 push
00100000 push ebp
* Reference To: kernel32.VirtualAlloc, Ord:0000h :0040159A
:0040159F :004015A1 :004015A3 :004015A5 :004015A7 :004015AD
:004015B3 :004015B6 :004015B8 :004015BD :004015BE E8A5FDFFFF 8BF8
893B 85FF 751F 81C6FFFF0000 81E60000FFFF 897304 6A04 6800200000 56
55 Call 00401344 mov edi, eax mov dword ptr [ebx], edi test edi,
edi jne 004015C6 add esi, 0000FFFF and esi, FFFF0000 mov dword ptr
[ebx+04], esi push 00000004 push 00002000 push esi push ebp
* Reference To: kernel32.VirtualAlloc, Ord:0000h :004015BF
E880FDFFFF :004015C4 8903 Call 00401344 mov dword ptr [ebx],
eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004015A5(C) :004015C6 :004015C9 :004015CB :004015CD
:004015D2 :004015D7 :004015D9 :004015DB :004015E0 :004015E2
:004015E4 833B00 7423 8BD3 B854344400 E8F5FDFFFF 84C0 7513
6800800000 6A00 8B03 50 cmp dword ptr [ebx], 00000000 je 004015EE
mov edx, ebx mov eax, 00443454 call 004013CC test al, al jne
004015EE push 00008000 push 00000000 mov eax, dword ptr [ebx] push
eax
* Reference To: kernel32.VirtualFree, Ord:0000h :004015E5
E862FDFFFF :004015EA 33C0 :004015EC 8903 Call 0040134C xor eax, eax
mov dword ptr [ebx], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :004015C9(C), :004015D9(C) :004015EE :004015EF :004015F0
:004015F1 5D 5F 5E 5B pop pop pop pop ebp edi esi ebx
:004015F2 C3 :004015F3 90
ret nop , :004019C9
* Referenced by a CALL at Addresses: :0040183E , :004018CA ,
:00401915 :004015F4 :004015F5 :004015F6 :004015F7 :004015F8
:004015FB :004015FF :00401602 :0040160A :0040160C :00401610
:00401612 :00401615 :00401617 :0040161B :00401621 53 56 57 55
83C4EC 894C2404 891424 C7442408FFFFFFFF 33D2 8954240C 8BE8 8B0424
03C5 89442410 8B1D54344400 EB51
push ebx push esi push edi push ebp add esp, FFFFFFEC mov dword
ptr [esp+04], ecx mov dword ptr [esp], edx mov [esp+08], FFFFFFFF
xor edx, edx mov dword ptr [esp+0C], edx mov ebp, eax mov eax,
dword ptr [esp] add eax, ebp mov dword ptr [esp+10], eax mov ebx,
dword ptr [00443454] jmp 00401674
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040167A(C) :00401623 :00401625 :00401628 :0040162A
:0040162C :0040162E :00401631 :00401635 :00401637 :0040163B
:0040163D 8B3B 8B7308 3BEE 7746 8BC6 03430C 3B442410 773B 3B742408
7304 89742408 mov edi, dword ptr [ebx] mov esi, dword ptr [ebx+08]
cmp ebp, esi ja 00401672 mov eax, esi add eax, dword ptr [ebx+0C]
cmp eax, dword ptr [esp+10] ja 00401672 cmp esi, dword ptr [esp+08]
jnb 00401641 mov dword ptr [esp+08], esi
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040163B(C) :00401641 :00401643 :00401646 :0040164A
:0040164C 8BC6 03430C 3B44240C 7604 8944240C mov add cmp jbe mov
eax, esi eax, dword ptr [ebx+0C] eax, dword ptr [esp+0C] 00401650
dword ptr [esp+0C], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040164A(C) :00401650 6800800000 :00401655 6A00 :00401657
56 push 00008000 push 00000000 push esi
* Reference To: kernel32.VirtualFree, Ord:0000h :00401658
E8EFFCFFFF :0040165D 85C0 Call 0040134C test eax, eax
:0040165F 750A :00401661 C7053034440001000000
jne 0040166B mov dword ptr [00443430], 00000001
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040165F(C) :0040166B 8BC3 :0040166D E88AFDFFFF mov eax,
ebx call 004013FC
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :0040162A(C), :00401635(C) :00401672 8BDF mov ebx,
edi
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401621(U) :00401674 :0040167A :0040167C :00401680
:00401682 :00401684 :00401689 :0040168B :0040168F :00401693
:00401695 :00401699 :0040169D :004016A1 81FB54344400 75A7 8B442404
33D2 8910 837C240C00 7419 8B442404 8B542408 8910 8B44240C 2B442408
8B542404 894204 cmp ebx, 00443454 jne 00401623 mov eax, dword ptr
[esp+04] xor edx, edx mov dword ptr [eax], edx cmp dword ptr
[esp+0C], 00000000 je 004016A4 mov eax, dword ptr [esp+04] mov edx,
dword ptr [esp+08] mov dword ptr [eax], edx mov eax, dword ptr
[esp+0C] sub eax, dword ptr [esp+08] mov edx, dword ptr [esp+04]
mov dword ptr [edx+04], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401689(C) :004016A4 :004016A7 :004016A8 :004016A9
:004016AA :004016AB 83C414 5D 5F 5E 5B C3 add pop pop pop pop ret
esp, 00000014 ebp edi esi ebx
* Referenced by a CALL at Addresses: :004017ED , :00401936
:004016AC :004016AD :004016AE :004016AF :004016B0 :004016B3
:004016B7 :004016BA :004016BC :004016BE :004016C4 :004016C7
:004016CD 53 56 57 55 83C4F4 894C2404 891424 8BD0 8BEA 81E500F0FFFF
031424 81C2FF0F0000 81E200F0FFFF push ebx push esi push edi push
ebp add esp, FFFFFFF4 mov dword ptr [esp+04], ecx mov dword ptr
[esp], edx mov edx, eax mov ebp, edx and ebp, FFFFF000 add edx,
dword ptr [esp] add edx, 00000FFF and edx, FFFFF000
:004016D3 :004016D7 :004016DB :004016DD :004016E1 :004016E3
:004016E7 :004016EA :004016F0
89542408 8B442404 8928 8B442408 2BC5 8B542404 894204
8B3554344400 EB3C
mov mov mov mov sub mov mov mov jmp
dword ptr [esp+08], edx eax, dword ptr [esp+04] dword ptr [eax],
ebp eax, dword ptr [esp+08] eax, ebp edx, dword ptr [esp+04] dword
ptr [edx+04], eax esi, dword ptr [00443454] 0040172E
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401734(C) :004016F2 :004016F5 :004016F8 :004016FA
:004016FC :004016FE 8B5E08 8B7E0C 03FB 3BEB 7602 8BDD mov mov add
cmp jbe mov ebx, dword ptr [esi+08] edi, dword ptr [esi+0C] edi,
ebx ebp, ebx 00401700 ebx, ebp
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004016FC(C) :00401700 3B7C2408 :00401704 7604 :00401706
8B7C2408 cmp edi, dword ptr [esp+08] jbe 0040170A mov edi, dword
ptr [esp+08]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401704(C) :0040170A :0040170C :0040170E :00401710
:00401715 :00401717 :00401718 3BFB 761E 6A04 6800100000 2BFB 57 53
cmp edi, ebx jbe 0040172C push 00000004 push 00001000 sub edi, ebx
push edi push ebx
* Reference To: kernel32.VirtualAlloc, Ord:0000h :00401719
:0040171E :00401720 :00401722 :00401726 :00401728 :0040172A
E826FCFFFF 85C0 750A 8B442404 33D2 8910 EB0A Call 00401344 test
eax, eax jne 0040172C mov eax, dword ptr [esp+04] xor edx, edx mov
dword ptr [eax], edx jmp 00401736
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :0040170C(C), :00401720(C) :0040172C 8B36 mov esi, dword
ptr [esi]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004016F0(U) :0040172E 81FE54344400 :00401734 75BC cmp
esi, 00443454 jne 004016F2
* Referenced by a (U)nconditional or (C)onditional Jump at
Address:
:0040172A(U) :00401736 :00401739 :0040173A :0040173B :0040173C
:0040173D 83C40C 5D 5F 5E 5B C3 add pop pop pop pop ret esp,
0000000C ebp edi esi ebx
:0040173E 8BC0 * Referenced by a CALL at Address: :004019A2
:00401740 :00401741 :00401742 :00401743 :00401744 :00401745
:00401747 :00401749 :0040174F :00401755 :00401758 :0040175A
:0040175C :00401762 :00401765 :00401767 :00401769 :0040176C
:0040176F :00401775 53 56 57 55 51 8BD8 8BF3 81C6FF0F0000
81E600F0FFFF 893424 8BEB 03EA 81E500F0FFFF 8B0424 8901 8BC5 2B0424
894104 8B3554344400 EB38
mov eax, eax
push ebx push esi push edi push ebp push ecx mov ebx, eax mov
esi, ebx add esi, 00000FFF and esi, FFFFF000 mov dword ptr [esp],
esi mov ebp, ebx add ebp, edx and ebp, FFFFF000 mov eax, dword ptr
[esp] mov dword ptr [ecx], eax mov eax, ebp sub eax, dword ptr
[esp] mov dword ptr [ecx+04], eax mov esi, dword ptr [00443454] jmp
004017AF
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004017B5(C) :00401777 :0040177A :0040177D :0040177F
:00401782 :00401784 8B5E08 8B7E0C 03FB 3B1C24 7303 8B1C24 mov mov
add cmp jnb mov ebx, dword edi, dword edi, ebx ebx, dword 00401787
ebx, dword ptr [esi+08] ptr [esi+0C] ptr [esp] ptr [esp]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401782(C) :00401787 3BEF :00401789 7302 :0040178B 8BFD
cmp ebp, edi jnb 0040178D mov edi, ebp
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401789(C) :0040178D :0040178F :00401791 :00401796 3BFB
761C 6800400000 2BFB cmp edi, ebx jbe 004017AD push 00004000 sub
edi, ebx
:00401798 57 :00401799 53
push edi push ebx
* Reference To: kernel32.VirtualFree, Ord:0000h :0040179A
:0040179F :004017A1 :004017A3 E8ADFBFFFF 85C0 750A
C7053034440002000000 Call 0040134C test eax, eax jne 004017AD mov
dword ptr [00443430], 00000002
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :0040178F(C), :004017A1(C) :004017AD 8B36 mov esi, dword
ptr [esi]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401775(U) :004017AF :004017B5 :004017B7 :004017B8
:004017B9 :004017BA :004017BB :004017BC 81FE54344400 75C0 5A 5D 5F
5E 5B C3 cmp jne pop pop pop pop pop ret esi, 00443454 00401777 edx
ebp edi esi ebx
:004017BD 8D4000 * Referenced by a CALL at Address: :00401F5F
:004017C0 :004017C1 :004017C2 :004017C3 :004017C4 :004017C7
:004017C9 :004017CB :004017D0 :004017D6 53 56 57 55 83C4F8 8BF2
8BF8 BD64344400 81C7FF3F0000 81E700C0FFFF
lea eax, dword ptr [eax+00]
push ebx push esi push edi push ebp add esp, mov esi, mov edi,
mov ebp, add edi, and edi,
FFFFFFF8 edx eax 00443464 00003FFF FFFFC000
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401835(C) :004017DC 8B5D00 :004017DF EB33 mov ebx,
dword ptr [ebp+00] jmp 00401814
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401816(C) :004017E1 :004017E4 :004017E6 :004017E8
:004017EA :004017ED :004017F2 3B7B0C 7F2C 8BCE 8BD7 8B4308
E8BAFEFFFF 833E00 cmp edi, dword ptr [ebx+0C] jg 00401812 mov ecx,
esi mov edx, edi mov eax, dword ptr [ebx+08] call 004016AC cmp
dword ptr [esi], 00000000
:004017F5 :004017F7 :004017FA :004017FD :00401800 :00401803
:00401807 :00401809 :0040180B :00401810
7450 8B4604 014308 8B4604 29430C 837B0C00 753E 8BC3 E8ECFBFFFF
EB35
je 00401847 mov eax, dword ptr [esi+04] add dword ptr [ebx+08],
eax mov eax, dword ptr [esi+04] sub dword ptr [ebx+0C], eax cmp
dword ptr [ebx+0C], 00000000 jne 00401847 mov eax, ebx call
004013FC jmp 00401847
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004017E4(C) :00401812 8B1B mov ebx, dword ptr [ebx]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004017DF(U) :00401814 :00401816 :00401818 :0040181A
:0040181C :00401821 :00401824 :00401826 :00401828 :0040182A
:0040182C :00401831 :00401835 :00401837 :00401839 :0040183C
:0040183E :00401843 :00401845 3BDD 75C9 8BD6 8BC7 E8F7FCFFFF 833E00
7421 8BCC 8BD6 8BC5 E8E3FBFFFF 833C2400 75A5 8BCC 8B5604 8B06
E8B1FDFFFF 33C0 8906 cmp ebx, ebp jne 004017E1 mov edx, esi mov
eax, edi call 00401518 cmp dword ptr [esi], 00000000 je 00401847
mov ecx, esp mov edx, esi mov eax, ebp call 00401414 cmp dword ptr
[esp], 00000000 jne 004017DC mov ecx, esp mov edx, dword ptr
[esi+04] mov eax, dword ptr [esi] call 004015F4 xor eax, eax mov
dword ptr [esi], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :004017F5(C), :00401807(C), :00401810(U), :00401824(C)
:00401847 :00401848 :00401849 :0040184A :0040184B :0040184C
:0040184D 59 5A 5D 5F 5E 5B C3 pop pop pop pop pop pop ret ecx edx
ebp edi esi ebx
:0040184E 8BC0 * Referenced by a CALL at Address: :00401F90
:00401850 :00401851 :00401852 :00401853 53 56 57 55
mov eax, eax
push push push push
ebx esi edi ebp
:00401854 :00401857 :0040185A :0040185C :0040185E :00401863
:00401869
83C4EC 890C24 8BFA 8BF0 BD64344400 81C7FF3F0000 81E700C0FFFF
add mov mov mov mov add and
esp, FFFFFFEC dword ptr [esp], ecx edi, edx esi, eax ebp,
00443464 edi, 00003FFF edi, FFFFC000
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :004018BC(C), :00401903(C) :0040186F 8B5D00 :00401872
EB02 mov ebx, dword ptr [ebp+00] jmp 00401876
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040187D(C) :00401874 8B1B mov ebx, dword ptr [ebx]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401872(U) :00401876 :00401878 :0040187A :0040187D 3BDD
7405 3B7308 75F5 cmp ebx, ebp je 0040187F cmp esi, dword ptr
[ebx+08] jne 00401874
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401878(C) :0040187F :00401882 :00401884 :00401887
:0040188D :00401891 :00401893 :00401896 :00401899 :0040189C
:004018A1 :004018A6 :004018A8 :004018AC :004018B0 :004018B2
:004018B7 :004018BC :004018BE :004018C2 :004018C6 :004018CA
:004018CF :004018D2 :004018D4 :004018D6 3B7308 7557 3B7B0C
0F8E96000000 8D4C2404 8BD7 2B530C 8B4308 03430C E8DBFCFFFF
837C240400 7433 8D4C240C 8D542404 8BC5 E85DFBFFFF 837C240C00 75B1
8D4C240C 8B542408 8B442404 E825FDFFFF 8B0424 33D2 8910 E990000000
cmp esi, dword ptr [ebx+08] jne 004018DB cmp edi, dword ptr
[ebx+0C] jle 00401923 lea ecx, dword ptr [esp+04] mov edx, edi sub
edx, dword ptr [ebx+0C] mov eax, dword ptr [ebx+08] add eax, dword
ptr [ebx+0C] call 0040157C cmp dword ptr [esp+04], 00000000 je
004018DB lea ecx, dword ptr [esp+0C] lea edx, dword ptr [esp+04]
mov eax, ebp call 00401414 cmp dword ptr [esp+0C], 00000000 jne
0040186F lea ecx, dword ptr [esp+0C] mov edx, dword ptr [esp+08]
mov eax, dword ptr [esp+04] call 004015F4 mov eax, dword ptr [esp]
xor edx, edx mov dword ptr [eax], edx jmp 0040196B
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :00401882(C), :004018A6(C)
:004018DB :004018DF :004018E1 :004018E3 :004018E8 :004018ED
:004018EF :004018F3 :004018F7 :004018F9 :004018FE :00401903
:00401909 :0040190D :00401911 :00401915 :0040191A :0040191D
:0040191F :00401921
8D4C2404 8BD7 8BC6 E894FCFFFF 837C240400 7434 8D4C240C 8D542404
8BC5 E816FBFFFF 837C240C00 0F8566FFFFFF 8D4C240C 8B542408 8B442404
E8DAFCFFFF 8B0424 33D2 8910 EB48
lea ecx, dword ptr [esp+04] mov edx, edi mov eax, esi call
0040157C cmp dword ptr [esp+04], 00000000 je 00401923 lea ecx,
dword ptr [esp+0C] lea edx, dword ptr [esp+04] mov eax, ebp call
00401414 cmp dword ptr [esp+0C], 00000000 jne 0040186F lea ecx,
dword ptr [esp+0C] mov edx, dword ptr [esp+08] mov eax, dword ptr
[esp+04] call 004015F4 mov eax, dword ptr [esp] xor edx, edx mov
dword ptr [eax], edx jmp 0040196B
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :00401887(C), :004018ED(C) :00401923 :00401926 :00401928
:0040192A :0040192D :0040192F :00401932 :00401934 :00401936
:0040193B :0040193E :00401941 :00401943 :00401946 :00401949
:0040194C :0040194F :00401952 :00401955 :00401959 :0040195B
:0040195D :00401962 8B6B08 3BF5 753A 3B7B0C 7F35 8B0C24 8BD7 8BC5
E871FDFFFF 8B0424 833800 7428 8B0424 8B4004 014308 8B0424 8B4004
29430C 837B0C00 7510 8BC3 E89AFAFFFF EB07 mov ebp, dword ptr
[ebx+08] cmp esi, ebp jne 00401964 cmp edi, dword ptr [ebx+0C] jg
00401964 mov ecx, dword ptr [esp] mov edx, edi mov eax, ebp call
004016AC mov eax, dword ptr [esp] cmp dword ptr [eax], 00000000 je
0040196B mov eax, dword ptr [esp] mov eax, dword ptr [eax+04] add
dword ptr [ebx+08], eax mov eax, dword ptr [esp] mov eax, dword ptr
[eax+04] sub dword ptr [ebx+0C], eax cmp dword ptr [ebx+0C],
00000000 jne 0040196B mov eax, ebx call 004013FC jmp 0040196B
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :00401928(C), :0040192D(C) :00401964 8B0424 :00401967
33D2 :00401969 8910 mov eax, dword ptr [esp] xor edx, edx mov dword
ptr [eax], edx
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :004018D6(U), :00401921(U), :00401941(C), :00401959(C),
:00401962(U) :0040196B 83C414 :0040196E 5D add esp, 00000014 pop
ebp
:0040196F :00401970 :00401971 :00401972
5F 5E 5B C3
pop edi pop esi pop ebx ret nop
:00401973 90
* Referenced by a CALL at Addresses: :00401D9C , :00401DAD
:00401974 :00401975 :00401976 :00401977 :0040197A :0040197C
:0040197F :00401985 :0040198B :0040198E :00401990 :00401996
:00401998 :0040199A :0040199C :0040199E :004019A0 :004019A2
:004019A7 :004019AB :004019AD :004019B2 :004019B7 :004019BB
:004019BD :004019BF :004019C3 :004019C7 :004019C9 :004019CE
:004019D2 :004019D6 :004019DA 53 56 57 83C4EC 8BF9 891424
8D98FF3F0000 81E300C0FFFF 8B3424 03F0 81E600C0FFFF 3BDE 735B 8BCF
8BD6 2BD3 8BC3 E899FDFFFF 8D4C2404 8BD7 B864344400 E85DFAFFFF
8B5C2404 85DB 741F 8D4C240C 8B542408 8BC3 E826FCFFFF 8B44240C
89442404 8B442410 89442408 push ebx push esi push edi add esp,
FFFFFFEC mov edi, ecx mov dword ptr [esp], edx lea ebx, dword ptr
[eax+00003FFF] and ebx, FFFFC000 mov esi, dword ptr [esp] add esi,
eax and esi, FFFFC000 cmp ebx, esi jnb 004019F5 mov ecx, edi mov
edx, esi sub edx, ebx mov eax, ebx call 00401740 lea ecx, dword ptr
[esp+04] mov edx, edi mov eax, 00443464 call 00401414 mov ebx,
dword ptr [esp+04] test ebx, ebx je 004019DE lea ecx, dword ptr
[esp+0C] mov edx, dword ptr [esp+08] mov eax, ebx call 004015F4 mov
eax, dword ptr [esp+0C] mov dword ptr [esp+04], eax mov eax, dword
ptr [esp+10] mov dword ptr [esp+08], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :004019BD(C) :004019DE :004019E3 :004019E5 :004019E9
:004019EE :004019F3 837C240400 7414 8D542404 B864344400 E895FAFFFF
EB04 cmp dword ptr [esp+04], 00000000 je 004019F9 lea edx, dword
ptr [esp+04] mov eax, 00443464 call 00401488 jmp 004019F9
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401998(C) :004019F5 33C0 :004019F7 8907 xor eax, eax
mov dword ptr [edi], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :004019E3(C), :004019F3(U) :004019F9 :004019FC :004019FD
:004019FE :004019FF 83C414 5F 5E 5B C3 add pop pop pop ret esp,
00000014 edi esi ebx
* Referenced by a CALL at Addresses: :004020E8 , :00402275 ,
:004025E4 :00401A00 :00401A01 :00401A03 :00401A05 :00401A06
:00401A0B :00401A0E :00401A11 55 8BEC 33D2 55 68B61A4000 64FF32
648922 6834344400 push ebp mov ebp, esp xor edx, edx push ebp push
00401AB6 push dword ptr fs:[edx] mov dword ptr fs:[edx], esp push
00443434
* Reference To: kernel32.InitializeCriticalSection, Ord:0000h
:00401A16 :00401A1B :00401A22 :00401A24 E839F9FFFF 803D4530440000
740A 6834344400 Call 00401354 cmp byte ptr [00443045], 00 je
00401A2E push 00443434
* Reference To: kernel32.EnterCriticalSection, Ord:0000h
:00401A29 E82EF9FFFF Call 0040135C
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401A22(C) :00401A2E :00401A33 :00401A38 :00401A3D
:00401A42 :00401A47 :00401A4C :00401A51 B854344400 E88CF9FFFF
B864344400 E882F9FFFF B890344400 E878F9FFFF 68F80F0000 6A00 mov
eax, 00443454 call 004013C4 mov eax, 00443464 call 004013C4 mov
eax, 00443490 call 004013C4 push 00000FF8 push 00000000
* Reference To: kernel32.LocalAlloc, Ord:0000h :00401A53
:00401A58 :00401A5D :00401A64 :00401A66 E8DCF8FFFF A38C344400
833D8C34440000 742F B803000000 Call 00401334 mov dword ptr
[0044348C], eax cmp dword ptr [0044348C], 00000000 je 00401A95 mov
eax, 00000003
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401A7D(C) :00401A6B 8B158C344400 :00401A71 33C9 mov
edx, dword ptr [0044348C] xor ecx, ecx
:00401A73 :00401A77 :00401A78 :00401A7D :00401A7F :00401A84
:00401A87 :00401A89 :00401A8E
894C82F4 40 3D01040000 75EC B874344400 894004 8900 A380344400
C6052C34440001
mov inc cmp jne mov mov mov mov mov
dword ptr [edx+4*eax-0C], ecx eax eax, 00000401 00401A6B eax,
00443474 dword ptr [eax+04], eax dword ptr [eax], eax dword ptr
[00443480], eax byte ptr [0044342C], 01
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401A64(C) :00401A95 :00401A97 :00401A98 :00401A99
:00401A9A :00401A9D 33C0 5A 59 59 648910 68BD1A4000 xor eax, eax
pop edx pop ecx pop ecx mov dword ptr fs:[eax], edx push
00401ABD
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401ABB(U) :00401AA2 803D4530440000 :00401AA9 740A
:00401AAB 6834344400 cmp byte ptr [00443045], 00 je 00401AB5 push
00443434
* Reference To: kernel32.LeaveCriticalSection, Ord:0000h
:00401AB0 E8AFF8FFFF Call 00401364
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401AA9(C) :00401AB5 :00401AB6 :00401ABB :00401ABD
:00401AC2 :00401AC3 C3 E9BD170000 EBE5 A02C344400 5D C3 ret jmp jmp
mov pop ret 00403278 00401AA2 al, byte ptr [0044342C] ebp
* Referenced by a CALL at Address: :00405969 :00401AC4 :00401AC5
:00401AC7 :00401AC8 :00401ACF :00401AD5 :00401AD7 :00401AD8
:00401ADD :00401AE0 :00401AE3 :00401AEA :00401AEC 55 8BEC 53
803D2C34440000 0F84CC000000 33D2 55 689A1B4000 64FF32 648922
803D4530440000 740A 6834344400 push ebp mov ebp, esp push ebx cmp
byte ptr [0044342C], 00 je 00401BA1 xor edx, edx push ebp push
00401B9A push dword ptr fs:[edx] mov dword ptr fs:[edx], esp cmp
byte ptr [00443045], 00 je 00401AF6 push 00443434
* Reference To: kernel32.EnterCriticalSection, Ord:0000h
:00401AF1 E866F8FFFF Call 0040135C
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401AEA(C) :00401AF6 C6052C34440000 :00401AFD A18C344400
:00401B02 50 mov byte ptr [0044342C], 00 mov eax, dword ptr
[0044348C] push eax
* Reference To: kernel32.LocalFree, Ord:0000h :00401B03
:00401B08 :00401B0A :00401B0F :00401B15 E834F8FFFF 33C0 A38C344400
8B1D54344400 EB12 Call 0040133C xor eax, eax mov dword ptr
[0044348C], eax mov ebx, dword ptr [00443454] jmp 00401B29
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401B2F(C) :00401B17 :00401B1C :00401B1E :00401B21
6800800000 6A00 8B4308 50 push 00008000 push 00000000 mov eax,
dword ptr [ebx+08] push eax
* Reference To: kernel32.VirtualFree, Ord:0000h :00401B22
E825F8FFFF :00401B27 8B1B Call 0040134C mov ebx, dword ptr
[ebx]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401B15(U) :00401B29 :00401B2F :00401B31 :00401B36
:00401B3B :00401B40 :00401B45 :00401B4A :00401B4F :00401B54
:00401B56 81FB54344400 75E6 B854344400 E889F8FFFF B864344400
E87FF8FFFF B890344400 E875F8FFFF A14C344400 85C0 7417 cmp ebx,
00443454 jne 00401B17 mov eax, 00443454 call 004013C4 mov eax,
00443464 call 004013C4 mov eax, 00443490 call 004013C4 mov eax,
dword ptr [0044344C] test eax, eax je 00401B6F
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401B6D(C) :00401B58 8B10 :00401B5A 89154C344400
:00401B60 50 mov edx, dword ptr [eax] mov dword ptr [0044344C], edx
push eax
* Reference To: kernel32.LocalFree, Ord:0000h :00401B61
:00401B66 :00401B6B :00401B6D E8D6F7FFFF A14C344400 85C0 75E9 Call
0040133C mov eax, dword ptr [0044344C] test eax, eax jne
00401B58
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401B56(C) :00401B6F :00401B71 :00401B72 :00401B73
:00401B74 :00401B77 33C0 5A 59 59 648910 68A11B4000 xor eax, eax
pop edx pop ecx pop ecx mov dword ptr fs:[eax], edx push
00401BA1
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401B9F(U) :00401B7C 803D4530440000 :00401B83 740A
:00401B85 6834344400 cmp byte ptr [00443045], 00 je 00401B8F push
00443434
* Reference To: kernel32.LeaveCriticalSection, Ord:0000h
:00401B8A E8D5F7FFFF Call 00401364
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401B83(C) :00401B8F 6834344400 push 00443434
* Reference To: kernel32.DeleteCriticalSection, Ord:0000h
:00401B94 E8D3F7FFFF :00401B99 C3 :00401B9A E9D9160000 :00401B9F
EBDB Call 0040136C ret jmp 00403278 jmp 00401B7C
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401ACF(C) :00401BA1 5B :00401BA2 5D :00401BA3 C3 pop
ebx pop ebp ret
* Referenced by a CALL at Addresses: :00401D15 , :00401D47 ,
:00402085 :0040248B , :00402555 :00401BA4 :00401BA5 :00401BAB
:00401BAD :00401BB0 53 3B0580344400 7509 8B5004 891580344400
, :0040232B
, :004023B7
push ebx cmp eax, dword ptr [00443480] jne 00401BB6 mov edx,
dword ptr [eax+04] mov dword ptr [00443480], edx
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401BAB(C) :00401BB6 8B5004 :00401BB9 8B4808 mov edx,
dword ptr [eax+04] mov ecx, dword ptr [eax+08]
:00401BBC :00401BC2 :00401BC4 :00401BC6 :00401BC8 :00401BCA
:00401BCC
81F900100000 7F38 3BC2 7517 85C9 7903 83C103
cmp ecx, 00001000 jg 00401BFC cmp eax, edx jne 00401BDF test
ecx, ecx jns 00401BCF add ecx, 00000003
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401BCA(C) :00401BCF :00401BD2 :00401BD7 :00401BD9
:00401BDD C1F902 A18C344400 33D2 895488F4 EB24 sar mov xor mov jmp
ecx, 02 eax, dword ptr [0044348C] edx, edx dword ptr
[eax+4*ecx-0C], edx 00401C03
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401BC6(C) :00401BDF 85C9 :00401BE1 7903 :00401BE3
83C103 test ecx, ecx jns 00401BE6 add ecx, 00000003
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401BE1(C) :00401BE6 :00401BE9 :00401BEF :00401BF3
:00401BF5 :00401BF7 :00401BFA :00401BFB C1F902 8B1D8C344400
89548BF4 8B00 8902 895004 5B C3 sar mov mov mov mov mov pop ret
ecx, 02 ebx, dword ptr [0044348C] dword ptr [ebx+4*ecx-0C], edx
eax, dword ptr [eax] dword ptr [edx], eax dword ptr [eax+04], edx
ebx
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401BC2(C) :00401BFC 8B00 :00401BFE 8902 :00401C00
895004 mov eax, dword ptr [eax] mov dword ptr [edx], eax mov dword
ptr [eax+04], edx
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401BDD(U) :00401C03 5B :00401C04 C3 :00401C05 8D4000 *
Referenced by a CALL at Address: :00401D69 :00401C08 8B1590344400
:00401C0E EB10 mov edx, dword ptr [00443490] jmp 00401C20 pop ebx
ret lea eax, dword ptr [eax+00]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401C26(C) :00401C10 :00401C13 :00401C15 :00401C17
:00401C1A :00401C1C 8B4A08 3BC1 7207 034A0C 3BC1 7216 mov ecx,
dword ptr [edx+08] cmp eax, ecx jb 00401C1E add ecx, dword ptr
[edx+0C] cmp eax, ecx jb 00401C34
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401C15(C) :00401C1E 8B12 mov edx, dword ptr [edx]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401C0E(U) :00401C20 :00401C26 :00401C28 :00401C32
81FA90344400 75E8 C7053034440003000000 33D2 cmp jne mov xor edx,
00443490 00401C10 dword ptr [00443430], 00000003 edx, edx
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401C1C(C) :00401C34 8BC2 :00401C36 C3 :00401C37 90 mov
eax, edx ret nop
* Referenced by a CALL at Addresses: :00401DC3 , :00401F30
:00401C38 :00401C39 :00401C3B :00401C3E :00401C41 :00401C44
:00401C46 :00401C4C :00401C4E :00401C53 :00401C54 53 8BCA 83E904
8D1C01 83FA10 7C0F C70307000080 8BD1 E8A1010000 5B C3 push ebx mov
ecx, edx sub ecx, 00000004 lea ebx, dword ptr [ecx+eax] cmp edx,
00000010 jl 00401C55 mov dword ptr [ebx], 80000007 mov edx, ecx
call 00401DF4 pop ebx ret
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401C44(C) :00401C55 :00401C58 :00401C5A :00401C5C
:00401C62 :00401C64 83FA04 7C0C 8BCA 81C902000080 8908 890B cmp
edx, 00000004 jl 00401C66 mov ecx, edx or ecx, 80000002 mov dword
ptr [eax], ecx mov dword ptr [ebx], ecx
* Referenced by a (U)nconditional or (C)onditional Jump at
Address:
:00401C58(C) :00401C66 5B :00401C67 C3 pop ebx ret
* Referenced by a CALL at Addresses: :00401C99 , :00401EB2 ,
:004024A7 :00401C68 :00401C6E :00401C70 :00401C73 :00401C75
:00401C7B :00401C7E :00401C84 :00401C89 FF0520344400 8BD0 83EA04
8B12 81E2FCFFFF7F 83EA04 011524344400 E8D3050000 C3 inc dword ptr
[00443420] mov edx, eax sub edx, 00000004 mov edx, dword ptr [edx]
and edx, 7FFFFFFC sub edx, 00000004 add dword ptr [00443424], edx
call 0040225C ret mov eax, eax
:00401C8A 8BC0 * Referenced by a CALL at Address: :00401DDD
:00401C8C :00401C8F :00401C91 :00401C94 :00401C96 :00401C99
:00401C9E 83FA0C 7C0E 83CA02 8910 83C004 E8CAFFFFFF C3
cmp edx, 0000000C jl 00401C9F or edx, 00000002 mov dword ptr
[eax], edx add eax, 00000004 call 00401C68 ret
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401C8F(C) :00401C9F :00401CA2 :00401CA4 :00401CA6
:00401CAC 83FA04 7C0A 8BCA 81C902000080 8908 cmp edx, 00000004 jl
00401CAE mov ecx, edx or ecx, 80000002 mov dword ptr [eax], ecx
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401CA2(C) :00401CAE 03C2 :00401CB0 8320FE :00401CB3 C3
add eax, edx and dword ptr [eax], FFFFFFFE ret
* Referenced by a CALL at Address: :00401EFE :00401CB4 53
:00401CB5 56 :00401CB6 8BD0 push ebx push esi mov edx, eax
:00401CB8 :00401CBB :00401CBD :00401CBF :00401CC5 :00401CCB
:00401CCD
83EA04 8B12 8BCA 81E102000080 81F902000080 740A
C7053034440004000000
sub edx, 00000004 mov edx, dword ptr [edx] mov ecx, edx and ecx,
80000002 cmp ecx, 80000002 je 00401CD7 mov dword ptr [00443430],
00000004
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401CCB(C) :00401CD7 :00401CD9 :00401CDF :00401CE1
:00401CE3 :00401CE5 :00401CEB :00401CED 8BDA 81E3FCFFFF7F 2BC3 8BC8
3311 F7C2FEFFFFFF 740A C7053034440005000000 mov ebx, edx and ebx,
7FFFFFFC sub eax, ebx mov ecx, eax xor edx, dword ptr [ecx] test
edx, FFFFFFFE je 00401CF7 mov dword ptr [00443430], 00000005
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401CEB(C) :00401CF7 :00401CFA :00401CFC :00401CFE
:00401D01 :00401D04 :00401D06 :00401D09 :00401D0B F60101 7420 8BD0
83EA0C 8B7208 2BC6 3B7008 740A C7053034440006000000 test byte ptr
[ecx], 01 je 00401D1C mov edx, eax sub edx, 0000000C mov esi, dword
ptr [edx+08] sub eax, esi cmp esi, dword ptr [eax+08] je 00401D15
mov dword ptr [00443430], 00000006
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401D09(C) :00401D15 E88AFEFFFF :00401D1A 03DE call
00401BA4 add ebx, esi
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401CFA(C) :00401D1C :00401D1E :00401D1F :00401D20 8BC3
5E 5B C3 mov eax, ebx pop esi pop ebx ret lea eax, dword ptr
[eax+00]
:00401D21 8D4000 * Referenced by a CALL at Address: :00401F17
:00401D24 :00401D25 :00401D26 :00401D27 :00401D29 :00401D2B
:00401D2D 53 56 57 8BD8 33FF 8B03 A900000080
push ebx push esi push edi mov ebx, eax xor edi, edi mov eax,
dword ptr [ebx] test eax, 80000000
:00401D32 :00401D34 :00401D39 :00401D3B :00401D3D
740B 25FCFFFF7F 03F8 03D8 8B03
je 00401D3F and eax, 7FFFFFFC add edi, eax add ebx, eax mov eax,
dword ptr [ebx]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401D32(C) :00401D3F :00401D41 :00401D43 :00401D45
:00401D47 :00401D4C :00401D4F :00401D51 :00401D53 A802 7513 8BF3
8BC6 E858FEFFFF 8B4608 03F8 03D8 8323FE test al, 02 jne 00401D56
mov esi, ebx mov eax, esi call 00401BA4 mov eax, dword ptr [esi+08]
add edi, eax add ebx, eax and dword ptr [ebx], FFFFFFFE
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401D41(C) :00401D56 :00401D58 :00401D59 :00401D5A
:00401D5B 8BC7 5F 5E 5B C3 mov pop pop pop ret eax, edi edi esi
ebx
* Referenced by a CALL at Address: :00401E55 :00401D5C :00401D5D
:00401D5E :00401D5F :00401D60 :00401D63 :00401D65 :00401D67
:00401D69 :00401D6E :00401D70 :00401D73 :00401D75 :00401D78
:00401D7A :00401D7D :00401D7F :00401D82 :00401D84 :00401D86 53 56
57 55 83C4F8 8BFA 8BF0 8BC6 E89AFEFFFF 8BD8 8B6B08 8BC5 03430C 8BD0
8D0C37 2BD1 83FA0C 7F04 8BF8 2BFE push ebx push esi push edi push
ebp add esp, FFFFFFF8 mov edi, edx mov esi, eax mov eax, esi call
00401C08 mov ebx, eax mov ebp, dword ptr [ebx+08] mov eax, ebp add
eax, dword ptr [ebx+0C] mov edx, eax lea ecx, dword ptr [edi+esi]
sub edx, ecx cmp edx, 0000000C jg 00401D88 mov edi, eax sub edi,
esi
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401D82(C) :00401D88 8BC6 :00401D8A 2BC5 :00401D8C
83F80C mov eax, esi sub eax, ebp cmp eax, 0000000C
:00401D8F :00401D91 :00401D93 :00401D95 :00401D98 :00401D9A
:00401D9C :00401DA1
7D12 8BCC 8BD6 2B5308 03D7 8BC5 E8D3FBFFFF EB0F
jge 00401DA3 mov ecx, esp mov edx, esi sub edx, dword ptr
[ebx+08] add edx, edi mov eax, ebp call 00401974 jmp 00401DB2
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401D8F(C) :00401DA3 :00401DA5 :00401DA7 :00401DAA
:00401DAD 8BCC 8BD7 83EA04 8D4604 E8C2FBFFFF mov ecx, esp mov edx,
edi sub edx, 00000004 lea eax, dword ptr [esi+04] call 00401974
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401DA1(U) :00401DB2 :00401DB5 :00401DB7 :00401DB9
:00401DBB 8B2C24 85ED 7504 33C0 EB30 mov ebp, dword ptr [esp] test
ebp, ebp jne 00401DBD xor eax, eax jmp 00401DED
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401DB7(C) :00401DBD :00401DBF :00401DC1 :00401DC3
:00401DC8 :00401DCA :00401DCE :00401DD1 :00401DD4 :00401DD6
:00401DD8 :00401DDB :00401DDD 8BD5 2BD6 8BC6 E870FEFFFF 8BC5
03442404 8B5308 03530C 3BC2 730A 8D1437 2BD0 E8AAFEFFFF mov edx,
ebp sub edx, esi mov eax, esi call 00401C38 mov eax, ebp add eax,
dword mov edx, dword add edx, dword cmp eax, edx jnb 00401DE2 lea
edx, dword sub edx, eax call 00401C8C
ptr [esp+04] ptr [ebx+08] ptr [ebx+0C] ptr [edi+esi]
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401DD6(C) :00401DE2 :00401DE4 :00401DE6 :00401DEB 8BD4
8BC3 E89DF6FFFF B001 mov edx, esp mov eax, ebx call 00401488 mov
al, 01
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401DBB(U) :00401DED :00401DEE :00401DEF :00401DF0
:00401DF1 59 5A 5D 5F 5E pop pop pop pop pop ecx edx ebp edi
esi
:00401DF2 5B :00401DF3 C3
pop ebx ret
* Referenced by a CALL at Addresses: :00401C4E , :0040209B ,
:004023C0 :00401DF4 :00401DF5 :00401DF6 :00401DF7 :00401DF9
:00401DFB :00401DFD :00401E00 :00401E02 :00401E04 :00401E07
:00401E0A :00401E10 :00401E12 :00401E14 :00401E16 :00401E18 53 56
57 8BF2 8BF8 8BDF 897308 8BC3 03C6 83E80C 897008 81FE00100000 7F37
8BD6 85D2 7903 83C203
, :0040256E
push ebx push esi push edi mov esi, edx mov edi, eax mov ebx,
edi mov dword ptr [ebx+08], esi mov eax, ebx add eax, esi sub eax,
0000000C mov dword ptr [eax+08], esi cmp esi, 00001000 jg 00401E49
mov edx, esi test edx, edx jns 00401E1B add edx, 00000003
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401E16(C) :00401E1B :00401E1E :00401E23 :00401E27
:00401E29 :00401E2B :00401E30 :00401E34 :00401E37 :00401E39 C1FA02
A18C344400 8B4490F4 85C0 7510 A18C344400 895C90F4 895B04 891B EB3A
sar edx, 02 mov eax, dword ptr [0044348C] mov eax, dword ptr
[eax+4*edx-0C] test eax, eax jne 00401E3B mov eax, dword ptr
[0044348C] mov dword ptr [eax+4*edx-0C], ebx mov dword ptr
[ebx+04], ebx mov dword ptr [ebx], ebx jmp 00401E75
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401E29(C) :00401E3B :00401E3D :00401E40 :00401E42
:00401E44 :00401E47 8B10 894304 8913 8918 895A04 EB2C mov mov mov
mov mov jmp edx, dword ptr [eax] dword ptr [ebx+04], eax dword ptr
[ebx], edx dword ptr [eax], ebx dword ptr [edx+04], ebx
00401E75
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401E10(C) :00401E49 :00401E4F :00401E51 :00401E53
:00401E55 :00401E5A :00401E5C 81FE003C0000 7C0D 8BD6 8BC7
E802FFFFFF 84C0 7517 cmp esi, 00003C00 jl 00401E5E mov edx, esi mov
eax, edi call 00401D5C test al, al jne 00401E75
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401E4F(C) :00401E5E :00401E63 :00401E69 :00401E6B
:00401E6E :00401E70 :00401E72 A180344400 891D80344400 8B10 894304
8913 8918 895A04 mov mov mov mov mov mov mov eax, dword ptr
[00443480] dword ptr [00443480], ebx edx, dword ptr [eax] dword ptr
[ebx+04], eax dword ptr [ebx], edx dword ptr [eax], ebx dword ptr
[edx+04], ebx
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :00401E39(U), :00401E47(U), :00401E5C(C) :00401E75
:00401E76 :00401E77 :00401E78 5F 5E 5B C3 pop edi pop esi pop ebx
ret lea eax, dword ptr [eax+00]
:00401E79 8D4000
* Referenced by a CALL at Addresses: :00401ED7 , :0040235C ,
:00402526 :00401E7C :00401E83 :00401E85 :00401E8C :00401E8E
:00401E98 833D8434440000 7E40 833D843444000C 7D0C
C7053034440007000000 EB2B cmp jle cmp jge mov jmp dword ptr
[00443484], 00000000 00401EC5 dword ptr [00443484], 0000000C
00401E9A dword ptr [00443430], 00000007 00401EC5
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401E8C(C) :00401E9A :00401E9F :00401EA2 :00401EA8
:00401EAA :00401EAF :00401EB2 :00401EB7 :00401EB9 :00401EBE
:00401EC0 A184344400 83C802 8B1588344400 8902 A188344400 83C004
E8B1FDFFFF 33C0 A388344400 33C0 A384344400 mov eax, dword ptr
[00443484] or eax, 00000002 mov edx, dword ptr [00443488] mov dword
ptr [edx], eax mov eax, dword ptr [00443488] add eax, 00000004 call
00401C68 xor eax, eax mov dword ptr [00443488], eax xor eax, eax
mov dword ptr [00443484], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :00401E83(C), :00401E98(U) :00401EC5 C3 :00401EC6 8BC0
ret mov eax, eax
* Referenced by a CALL at Addresses: :00401F6C , :00401F9D
:00401EC8 53 :00401EC9 56 :00401ECA 57 push ebx push esi push
edi
:00401ECB :00401ECE :00401ED0 :00401ED3 :00401ED4 :00401ED5
:00401ED7 :00401EDC :00401EE0 :00401EE2 :00401EE7 :00401EEC
:00401EF0 :00401EF2 :00401EF4 :00401EF6
83C4F0 8BF0 8D3C24 A5 A5 8BFC E8A0FFFFFF 8D4C2408 8BD7
B890344400 E828F5FFFF 8B5C2408 85DB 7504 33C0 EB52
add esp, FFFFFFF0 mov esi, eax lea edi, dword ptr [esp] movsd
movsd mov edi, esp call 00401E7C lea ecx, dword ptr [esp+08] mov
edx, edi mov eax, 00443490 call 00401414 mov ebx, dword ptr
[esp+08] test ebx, ebx jne 00401EF8 xor eax, eax jmp 00401F4A
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401EF2(C) :00401EF8 :00401EFA :00401EFC :00401EFE
:00401F03 :00401F05 8B07 3BD8 730A E8B1FDFFFF 2907 014704 mov eax,
dword ptr [edi] cmp ebx, eax jnb 00401F08 call 00401CB4 sub dword
ptr [edi], eax add dword ptr [edi+04], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401EFC(C) :00401F08 :00401F0A :00401F0D :00401F0F
:00401F13 :00401F15 :00401F17 :00401F1C 8B07 034704 8BF3 0374240C
3BC6 7308 E808FEFFFF 014704 mov eax, dword ptr [edi] add eax, dword
ptr [edi+04] mov esi, ebx add esi, dword ptr [esp+0C] cmp eax, esi
jnb 00401F1F call 00401D24 add dword ptr [edi+04], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401F15(C) :00401F1F :00401F21 :00401F24 :00401F26
:00401F28 :00401F2B :00401F30 :00401F35 8B07 034704 3BF0 7511
83E804 BA04000000 E803FDFFFF 836F0404 mov eax, dword ptr [edi] add
eax, dword ptr [edi+04] cmp esi, eax jne 00401F39 sub eax, 00000004
mov edx, 00000004 call 00401C38 sub dword ptr [edi+04],
00000004
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401F26(C) :00401F39 :00401F3B :00401F40 :00401F43
:00401F48 8B07 A388344400 8B4704 A384344400 B001 mov mov mov mov
mov eax, dword ptr [edi] dword ptr [00443488], eax eax, dword ptr
[edi+04] dword ptr [00443484], eax al, 01
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401EF6(U) :00401F4A :00401F4D :00401F4E :00401F4F
:00401F50 83C410 5F 5E 5B C3 add pop pop pop ret esp, 00000010 edi
esi ebx
:00401F51 8D4000 * Referenced by a CALL at Address: :00402037
:00401F54 :00401F55 :00401F58 :00401F5A :00401F5C :00401F5F
:00401F64 :00401F68 :00401F6A :00401F6C :00401F71 :00401F73 53
83C4F8 8BD8 8BD4 8D4304 E85CF8FFFF 833C2400 740B 8BC4 E857FFFFFF
84C0 7504
lea eax, dword ptr [eax+00]
push ebx add esp, FFFFFFF8 mov ebx, eax mov edx, esp lea eax,
dword ptr [ebx+04] call 004017C0 cmp dword ptr [esp], 00000000 je
00401F75 mov eax, esp call 00401EC8 test al, al jne 00401F79
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401F68(C) :00401F75 33C0 :00401F77 EB02 xor eax, eax
jmp 00401F7B
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401F73(C) :00401F79 B001 mov al, 01
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401F77(U) :00401F7B :00401F7C :00401F7D :00401F7E 59 5A
5B C3 pop ecx pop edx pop ebx ret nop
:00401F7F 90 * Referenced by a CALL at Address: :00402599
:00401F80 :00401F81 :00401F82 :00401F85 :00401F87 :00401F89
:00401F8B 53 56 83C4F8 8BF2 8BD8 8BCC 8D5604
push ebx push esi add esp, mov esi, mov ebx, mov ecx, lea
edx,
FFFFFFF8 edx eax esp dword ptr [esi+04]
:00401F8E :00401F90 :00401F95 :00401F99 :00401F9B :00401F9D
:00401FA2 :00401FA4
8BC3 E8BBF8FFFF 833C2400 740B 8BC4 E826FFFFFF 84C0 7504
mov eax, ebx call 00401850 cmp dword ptr [esp], 00000000 je
00401FA6 mov eax, esp call 00401EC8 test al, al jne 00401FAA
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401F99(C) :00401FA6 33C0 :00401FA8 EB02 xor eax, eax
jmp 00401FAC
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401FA4(C) :00401FAA B001 mov al, 01
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401FA8(U) :00401FAC :00401FAD :00401FAE :00401FAF
:00401FB0 59 5A 5E 5B C3 pop pop pop pop ret ecx edx esi ebx
:00401FB1 8D4000 * Referenced by a CALL at Address: :0040202A
:00401FB4 :00401FB6 :00401FB8 :00401FBA 33D2 85C0 7903 83C003
lea eax, dword ptr [eax+00]
xor edx, edx test eax, eax jns 00401FBD add eax, 00000003
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401FB8(C) :00401FBD C1F802 :00401FC0 3D00040000
:00401FC5 7F16 sar eax, 02 cmp eax, 00000400 jg 00401FDD
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00401FDB(C) :00401FC7 :00401FCD :00401FD1 :00401FD3
:00401FD5 :00401FD6 :00401FDB 8B158C344400 8B5482F4 85D2 7508 40
3D01040000 75EA mov edx, dword ptr [0044348C] mov edx, dword ptr
[edx+4*eax-0C] test edx, edx jne 00401FDD inc eax cmp eax, 00000401
jne 00401FC7
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :00401FC5(C), :00401FD3(C)
:00401FDD 8BC2 :00401FDF C3
mov eax, edx ret
* Referenced by a CALL at Address: :0040221F :00401FE0 :00401FE1
:00401FE2 :00401FE3 :00401FE4 :00401FE6 :00401FEB 53 56 57 55 8BF0
BF80344400 BD84344400 push ebx push esi push edi push ebp mov esi,
eax mov edi, 00443480 mov ebp, 00443484
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040204A(C) :00401FF0 :00401FF6 :00401FF9 :00401FFF
:00402001 :00402004 :00402006 :00402008 8B1D78344400 3B7308
0F8E84000000 8B1F 8B4308 3BF0 7E7B 897308 mov cmp jle mov mov cmp
jle mov ebx, dword ptr [00443478] esi, dword ptr [ebx+08] 00402083
ebx, dword ptr [edi] eax, dword ptr [ebx+08] esi, eax 00402083
dword ptr [ebx+08], esi
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00402011(C) :0040200B :0040200E :00402011 :00402013
:00402015 :00402018 :0040201A :0040201C :0040201E 8B5B04 3B7308
7FF8 8B17 894208 3B1F 7404 891F EB63 mov ebx, dword ptr [ebx+04]
cmp esi, dword ptr [ebx+08] jg 0040200B mov edx, dword ptr [edi]
mov dword ptr [edx+08], eax cmp ebx, dword ptr [edi] je 00402020
mov dword ptr [edi], ebx jmp 00402083
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040201A(C) :00402020 :00402026 :00402028 :0040202A
:0040202F :00402031 :00402033 81FE00100000 7F0D 8BC6 E885FFFFFF
8BD8 85DB 754E cmp esi, 00001000 jg 00402035 mov eax, esi call
00401FB4 mov ebx, eax test ebx, ebx jne 00402083
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00402026(C) :00402035 :00402037 :0040203C :0040203E 8BC6
E818FFFFFF 84C0 7507 mov eax, esi call 00401F54 test al, al jne
00402047
:00402040 33C0 :00402042 E988000000
xor eax, eax jmp 004020CF
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :0040203E(C) :00402047 :0040204A :0040204C :0040204F
:00402053 :00402055 :00402058 :0040205A 3B7500 7FA4 297500 837D000C
7D08 037500 33C0 894500 cmp esi, dword ptr [ebp+00] jg 00401FF0 sub
dword ptr [ebp+00], esi cmp dword ptr [ebp+00], 0000000C jge
0040205D add esi, dword ptr [ebp+00] xor eax, eax mov dword ptr
[ebp+00], eax
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00402053(C) :0040205D :00402062 :00402068 :0040206A
:0040206D :0040206F :00402072 :00402078 :0040207B :00402081
A188344400 013588344400 8BD6 83CA02 8910 83C004 FF0520344400 83EE04
013524344400 EB4C mov eax, dword ptr [00443488] add dword ptr
[00443488], esi mov edx, esi or edx, 00000002 mov dword ptr [eax],
edx add eax, 00000004 inc dword ptr [00443420] sub esi, 00000004
add dword ptr [00443424], esi jmp 004020CF
* Referenced by a (U)nconditional or (C)onditional Jump at
Addresses: :00401FF9(C), :00402006(C), :0040201E(U), :00402033(C)
:00402083 :00402085 :0040208A :0040208D :0040208F :00402091
:00402094 :00402096 :00402098 :0040209A :0040209B :004020A0 8BC3
E81AFBFFFF 8B5308 8BC2 2BC6 83F80C 7C0C 8BD3 03D6 92 E854FDFFFF
EB12 mov eax, ebx call 00401BA4 mov edx, dword ptr [ebx+08] mov
eax, edx sub eax, esi cmp eax, 0000000C jl 004020A2 mov edx, ebx
add edx, esi xchg eax,edx call 00401DF4 jmp 004020B4
* Referenced by a (U)nconditional or (C)onditional Jump at
Address: :00402094(C) :004020A2 :004020A4 :004020A6 :004020A8
:004020AB 8BF2 3B1F 7505 8B4304 89
![Team Hashcat writeup for Crack Me If You Can 2014 · Team Hashcat writeup for Crack Me If You Can 2014 [Active Members] alotdv EvilMog NullMode ToXiC atom hashtka philsmd undeath](https://img.pdfslide.us/doc/110x75/5e03532eec8ffb4c01294833/team-hashcat-writeup-for-crack-me-if-you-can-2014-team-hashcat-writeup-for-crack.jpg)
