File Information hashes and primary classification
File name
0dc710737c12ea1c1215fbd39e00347649fff1fb0e512287c86873f66a9f0a35
File size
993.5 KiB
Architecture
X86
- MD5
- 9a726a20223147f7a0cb9daaba4dd80f
- SHA1
- f5a4a7ff303f22c6ad6eccffb7bd7ae4a24e6cc9
- SHA256
- 0dc710737c12ea1c1215fbd39e00347649fff1fb0e512287c86873f66a9f0a35
- TLSH
- T19d25d02ff737d840d3e82ff6458307a85977aca9b922521729d63a1a7cf6bd03c22544
- Imphash
- 48c67d6a901541a84e7e8bc49cd63032
- Rich header
- -
Metadata parser-extracted fields
YARA Signatures 0 matching rules
No YARA rule matched.
Kesakode similarity verdict
No Kesakode verdict available.
Anomalies signals worth reviewing
entropy:
BigBufferNoXrefMediumToHighEntropy
imports:
BoundImports
UnreferencedImports
resources:
ExtraSpaceAfterResourcesDataDirectory
sections:
InvalidSizeOfInitializedData
code:
ManyHighValueImmediates
ManyUniqueImmediateBytes
SequentialFunction
XorInLoop
Constants identified constants and patterns
code:
PEBx86
1
hash:
SSH_RSA_id_sha1_OBJ_ID__oiw_14__secsig_3__algorithms_2__26__8_byt_15
1
oid:
localityName
8
organizationName
8
commonName
7
countryName
6
stateOrProvinceName
6
rsaEncryption
5
basicConstraints
4
keyUsage
4
sha384WithRSAEncryption
4
subjectKeyIdentifier
4
authorityInfoAccess
3
ocsp
3
anyPolicy
2
caIssuers
2
certificatePolicies
2
codeSigning
2
cRLDistributionPoints
2
extKeyUsage
2
sha1
2
sha1WithRSAEncryption
2
spcIndirectDataContext
2
authorityKeyIdentifier
1
contentType
1
cps
1
individualCodeSigning
1
messageDigest
1
netscape-cert-type
1
postalCode
1
sha256WithRSAEncryption
1
signedData
1
signingTime
1
spcPEImageData
1
Strings highest-value extracted strings
| Address | String | Refs | Encoding | Score |
|---|---|---|---|---|
| 0x4FB058 | <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">\n <trustInfo xmlns="urn:schemas-microsoft-... | 1 | ASCII | 134 |
| 0x4F6D66 | oledlg.dll | 1 | ASCII | 122 |
| - | oledlg.dll | 1 | ASCII | 122 |
| - | oleacc.dll | 1 | ASCII | 119 |
| 0x4F6048 | oleacc.dll | 1 | ASCII | 119 |
| - | advapi32.dll | 1 | ASCII | 118 |
| - | comctl32.dll | 1 | ASCII | 118 |
| - | kernel32.dll | 1 | ASCII | 118 |
| 0x4F5D44 | kernel32.dll | 1 | ASCII | 118 |
| 0x4F68FC | comctl32.dll | 1 | ASCII | 118 |
| 0x4F662A | advapi32.dll | 1 | ASCII | 118 |
| 0x4F6808 | gdiplus.dll | 1 | ASCII | 118 |
| - | gdiplus.dll | 1 | ASCII | 118 |
| - | winmm.dll | 1 | ASCII | 116 |
| 0x4F627E | winmm.dll | 1 | ASCII | 116 |
| 0x4F69F0 | gdi32.dll | 1 | ASCII | 116 |
| - | gdi32.dll | 1 | ASCII | 116 |
| - | ole32.dll | 1 | ASCII | 116 |
| 0x4F6B82 | ole32.dll | 1 | ASCII | 116 |
| 0x4F5E6E | imagehlp.dll | 1 | ASCII | 115 |
| 0x4F5F7C | oleaut32.dll | 1 | ASCII | 115 |
| - | oleaut32.dll | 1 | ASCII | 115 |
| - | imagehlp.dll | 1 | ASCII | 115 |
| - | shlwapi.dll | 1 | ASCII | 115 |
| - | msimg32.dll | 1 | ASCII | 115 |
| 0x4F6C9C | shlwapi.dll | 1 | ASCII | 115 |
| 0x4F6436 | msimg32.dll | 1 | ASCII | 115 |
| 0x4F6152 | winspool.drv | 1 | ASCII | 112 |
| - | winspool.drv | 1 | ASCII | 112 |
| 0x4FC154 | winspool.drv | 1 | ASCII | 112 |
| - | user32.dll | 1 | ASCII | 112 |
| 0x4F63EC | user32.dll | 1 | ASCII | 112 |
| - | ?http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl0v | 0 | ASCII | 108 |
| - | 3http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt0% | 0 | ASCII | 104 |
| - | 2http://crl.comodoca.com/AAACertificateServices.crl06 | 0 | ASCII | 104 |
| - | 2http://crl.sectigo.com/SectigoRSACodeSigningCA.crl0s | 0 | ASCII | 104 |
| - | 2http://crl.comodoca.com/AAACertificateServices.crl04 | 0 | ASCII | 104 |
| - | 2http://crt.sectigo.com/SectigoRSACodeSigningCA.crt0# | 0 | ASCII | 104 |
| - | 0http://crl.comodo.net/AAACertificateServices.crl0\r | 0 | ASCII | 102 |
| 0x4F2A15 | \nlA\nNE | 1 | ASCII | 95 |
| - | http://ocsp.usertrust.com0\r | 0 | ASCII | 93 |
| - | http://ocsp.comodoca.com0\r | 0 | ASCII | 93 |
| - | http://ocsp.sectigo.com0) | 0 | ASCII | 89 |
| - | https://sectigo.com/CPS0 | 0 | ASCII | 86 |
| 0x4F64BA | CreatePrivateObjectSecurityWithMultipleInheritance | 0 | ASCII | 85 |
| 0x4FB1BC | PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADD | 0 | ASCII | 81 |
| 0x4F66E8 | GdipGetPathGradientCenterPointI | 0 | ASCII | 79 |
| 0x4F6444 | AccessCheckByTypeResultListAndAuditAlarmW | 0 | ASCII | 78 |
| 0x4F6494 | ConvertSecurityDescriptorToAccessW | 0 | ASCII | 77 |
| 0x4F6A0C | CoGetSystemSecurityPermissions | 0 | ASCII | 77 |
| 0x4F611E | GetPrintProcessorDirectoryA | 0 | ASCII | 77 |
| - | <<<Obsolete>> | 0 | UTF16 | 76 |
| 0x4F6A3A | CoInvalidateRemoteMachineBindings | 0 | ASCII | 75 |
| 0x4F67E6 | GdipStringFormatGetGenericDefault | 0 | ASCII | 75 |
| 0x4F6726 | GdipImageGetFrameDimensionsCount | 0 | ASCII | 75 |
| 0x4F6662 | GdipCreateBitmapFromStreamICM | 0 | ASCII | 75 |
| 0x4F65B2 | SetServiceObjectSecurity | 0 | ASCII | 75 |
| 0x4F5EA2 | DosDateTimeToVariantTime | 0 | ASCII | 75 |
| - | \r200904000000Z | 0 | ASCII | 75 |
| - | \r181102000000Z | 0 | ASCII | 75 |
| - | \r040101000000Z | 0 | ASCII | 75 |
| - | umbrella.smolyaninov@yandex.ru0\r | 0 | ASCII | 74 |
| 0x4F66CC | GdipGetPathGradientBlend | 0 | ASCII | 74 |
| - | %USERTrust RSA Certification Authority0 | 0 | ASCII | 73 |
| - | %USERTrust RSA Certification Authority0 | 0 | ASCII | 73 |
| 0x4F6502 | LsaQueryDomainInformationPolicy | 0 | ASCII | 73 |
| 0x4F60C2 | EnumPrintProcessorDatatypesW | 0 | ASCII | 73 |
| 0x4F60A2 | EnumPrintProcessorDatatypesA | 0 | ASCII | 73 |
| 0x4F6CBE | OleUICanConvertOrActivateAs | 0 | ASCII | 73 |
| 0x4F5D62 | ImageGetCertificateData | 0 | ASCII | 73 |
| 0x4F6A5E | CoRegisterMessageFilter | 0 | ASCII | 73 |
| - | \r190312000000Z | 0 | ASCII | 73 |
| - | Sectigo RSA Code Signing CA | 0 | ASCII | 72 |
| 0x4F606E | AdvancedDocumentPropertiesA | 0 | ASCII | 72 |
| 0x4F670A | GdipGetPathGradientRectI | 0 | ASCII | 72 |
| 0x4F6B08 | OpenOrCreateStream | 0 | ASCII | 72 |
| 0x4F6564 | RegisterServiceCtrlHandlerExA | 0 | ASCII | 71 |
| - | Sectigo RSA Code Signing CA0 | 0 | ASCII | 71 |
| - | Sectigo RSA Code Signing CA0 | 0 | ASCII | 71 |
| - | AAA Certificate Services0 | 0 | ASCII | 71 |
| - | AAA Certificate Services0 | 0 | ASCII | 71 |
| - | AAA Certificate Services0 | 0 | ASCII | 71 |
| 0x4F6610 | WmiQueryAllDataMultipleW | 0 | ASCII | 71 |
| 0x4F5C98 | GetPrivateProfileStructA | 0 | ASCII | 71 |
| 0x4F5ED8 | SafeArrayCreateVectorEx | 0 | ASCII | 71 |
| 0x4F68E6 | InitCommonControlsEx | 0 | ASCII | 71 |
| 0x4F6380 | MonitorFromPoint | 0 | ASCII | 71 |
| - | !This program cannot be run in DOS mode.\r\r\n$ | 0 | ASCII | 70 |
| 0x4F677C | GdipLoadImageFromStreamICM | 0 | ASCII | 70 |
| 0x4F679A | GdipRotateTextureTransform | 0 | ASCII | 70 |
| 0x4F6762 | GdipLoadImageFromStream | 0 | ASCII | 70 |
| 0x4F68BA | ImageList_SetImageCount | 0 | ASCII | 70 |
| 0x4F5D7C | ImageRemoveCertificate | 0 | ASCII | 70 |
| 0x4F6B70 | WriteStringStream | 0 | ASCII | 70 |
| 0x4F61C0 | midiStreamRestart | 0 | ASCII | 70 |
| - | \r301231235959Z0|1 | 0 | ASCII | 70 |
| 0x4E6D43 | DD\nAD\n | 0 | ASCII | 70 |
| 0x4E8506 | \n\nU\n | 0 | ASCII | 70 |
| 0x4E8899 | \nPP\n | 0 | ASCII | 70 |
| 0x4EBFF7 | E""E | 0 | ASCII | 70 |
| 0x4D4FE8 | \n\nE\n | 0 | ASCII | 70 |
| 0x4CEDFE | D\n\nD | 0 | ASCII | 70 |
| 0x4E4406 | "D"" | 0 | ASCII | 70 |
| 0x4F5F8C | AccessibleObjectFromEvent | 0 | ASCII | 69 |
| 0x4F6646 | GdipCreateBitmapFromHICON | 0 | ASCII | 69 |
| 0x4F60E2 | EnumPrintProcessorsA | 0 | ASCII | 69 |
| 0x4F674A | GdipIsInfiniteRegion | 0 | ASCII | 69 |
| 0x4F5FA8 | DllUnregisterServer | 0 | ASCII | 69 |
| 0x4F6BB2 | PathCompactPathA | 0 | ASCII | 69 |
| 0x4F6BC6 | PathCompactPathW | 0 | ASCII | 69 |
| - | \r201005213607Z0 | 0 | ASCII | 69 |
| - | \r281231235959Z0 | 0 | ASCII | 69 |
| 0x4F63D0 | SetMessageQueue | 0 | ASCII | 69 |
| - | \r210904235959Z0 | 0 | ASCII | 69 |
| 0x4F69FC | CoCancelCall | 0 | ASCII | 69 |
| - | "Vodopyanova street, 7a, office 2401 | 0 | ASCII | 68 |
| 0x4F65F2 | TreeResetNamedSecurityInfoW | 0 | ASCII | 68 |
| 0x4F5DAA | RemovePrivateCvSymbolicEx | 0 | ASCII | 68 |
| 0x4F6394 | MsgWaitForMultipleObjects | 0 | ASCII | 68 |
| 0x4F67B8 | GdipRotateWorldTransform | 0 | ASCII | 68 |
| 0x4F6A8C | CoWaitForMultipleHandles | 0 | ASCII | 68 |
| 0x4F634A | GetWindowModuleFileName | 0 | ASCII | 68 |
| 0x4F6006 | IID_IAccessibleHandler | 0 | ASCII | 68 |
| - | \r281231235959Z0{1 | 0 | ASCII | 68 |
| 0x4F5FF6 | GetStateTextA | 0 | ASCII | 68 |
| 0x4F5471 | pwocpwo | 0 | ASCII | 68 |
| 0x4F5EBE | GetRecordInfoFromGuids | 0 | ASCII | 67 |
| 0x4F6162 | GetDriverModuleHandle | 0 | ASCII | 67 |
| 0x4F5C54 | GetDefaultCommConfigA | 0 | ASCII | 67 |
| 0x4F686C | FlatSB_GetScrollRange | 0 | ASCII | 67 |
| 0x4F6B34 | STGMEDIUM_UserMarshal | 0 | ASCII | 67 |
| 0x4F69DA | QueryFontAssocStatus | 0 | ASCII | 67 |
| 0x4F5C6C | GetHandleInformation | 0 | ASCII | 67 |
| 0x4F5C2A | DelayLoadFailureHook | 0 | ASCII | 67 |
| 0x4F6234 | waveOutGetErrorTextA | 0 | ASCII | 67 |
| 0x4F608C | DeviceCapabilitiesA | 0 | ASCII | 67 |
| - | Greater Manchester1 | 0 | ASCII | 67 |
| 0x4F6322 | EnumWindowStationsW | 0 | ASCII | 67 |
| 0x4F629A | CascadeChildWindows | 0 | ASCII | 67 |
| - | Greater Manchester1 | 0 | ASCII | 67 |
| - | Greater Manchester1 | 0 | ASCII | 67 |
| - | Greater Manchester1 | 0 | ASCII | 67 |
| - | Greater Manchester1 | 0 | ASCII | 67 |
| - | Greater Manchester1 | 0 | ASCII | 67 |
| 0x4F60FA | GetPrinterDataA | 0 | ASCII | 67 |
| 0x4F610C | GetPrinterDataW | 0 | ASCII | 67 |
| 0x4F5E0A | SymGetSymNext64 | 0 | ASCII | 67 |
| 0x4F6C30 | PathUnExpandEnvStringsW | 0 | ASCII | 66 |
| 0x4F5CD6 | OutputDebugStringW | 0 | ASCII | 66 |
| 0x4F5E1C | SymGetTypeFromName | 0 | ASCII | 66 |
| 0x4F62C2 | CreateDialogParamW | 0 | ASCII | 66 |
| 0x4F6ABC | DllGetClassObject | 0 | ASCII | 66 |
| 0x4F6AA8 | CreateFileMoniker | 0 | ASCII | 66 |
| 0x4F6924 | DeleteColorSpace | 0 | ASCII | 66 |
| 0x4EAA55 | D";D\nPP _Q"^E\nEQ | 0 | ASCII | 66 |
| 0x4F6938 | DeleteDC | 0 | ASCII | 66 |
| 0x4C94F9 | FP"AA"UA | 0 | ASCII | 66 |
| 0x4B3C92 | \nQ\n-Q | 0 | ASCII | 66 |
| 0x4B9A05 | U\n:U\n | 0 | ASCII | 66 |
| 0x4F5DC6 | SymEnumerateSymbolsW64 | 0 | ASCII | 65 |
| 0x4F5FBE | GetOleaccVersionInfo | 0 | ASCII | 65 |
| 0x4F6020 | LIBID_Accessibility | 0 | ASCII | 65 |
| 0x4F621E | waveInGetErrorTextA | 0 | ASCII | 65 |
| 0x4F6892 | ImageList_BeginDrag | 0 | ASCII | 65 |
| 0x4F69B8 | GetTextCharset | 0 | ASCII | 65 |
| 0x4F5CB4 | GetProcAddress | 0 | ASCII | 65 |
| 0x4F61D4 | midiStreamStop | 0 | ASCII | 65 |
| 0x4F65CE | StartServiceW | 0 | ASCII | 65 |
| 0x4F63C0 | SetDlgItemInt | 0 | ASCII | 65 |
| 0x4F6BEE | PathIsContentTypeW | 0 | ASCII | 64 |
| 0x4F6D14 | OleUIPasteSpecialA | 0 | ASCII | 64 |
| 0x4F5CEC | ReadConsoleOutputA | 0 | ASCII | 64 |
| 0x4F6584 | SaferIdentifyLevel | 0 | ASCII | 64 |
| 0x4F6D2A | OleUIPasteSpecialW | 0 | ASCII | 64 |
| 0x4F6BDA | PathFindFileNameA | 0 | ASCII | 64 |
| 0x4F618C | joyReleaseCapture | 0 | ASCII | 64 |
| 0x4F6CAA | OleUIAddVerbMenuA | 0 | ASCII | 64 |
| 0x4F6A78 | CoRevokeMallocSpy | 0 | ASCII | 64 |
| 0x4F6970 | GdiTransparentBlt | 0 | ASCII | 64 |
| 0x4F5C84 | GetModuleHandleA | 0 | ASCII | 64 |
| 0x4B13E6 | T("T"T | 0 | ASCII | 64 |
| 0x4F55E2 | Il\rTIl | 0 | ASCII | 64 |
| 0x4CAF9C | QQ\n_Q" | 0 | ASCII | 64 |
| 0x4E1532 | eQ\nQQ" | 0 | ASCII | 64 |
| - | The USERTRUST Network1.0, | 0 | ASCII | 63 |
| - | The USERTRUST Network1.0, | 0 | ASCII | 63 |
| 0x4F6C04 | PathMakeSystemFolderA | 0 | ASCII | 63 |
| 0x4F659A | SetNamedSecurityInfoA | 0 | ASCII | 63 |
| - | Comodo CA Limited1!0 | 0 | ASCII | 63 |
| 0x4F653C | QueryServiceConfig2W | 0 | ASCII | 63 |
| - | Comodo CA Limited1!0 | 0 | ASCII | 63 |
| - | Comodo CA Limited1!0 | 0 | ASCII | 63 |
| 0x4F6524 | QueryServiceConfig2A | 0 | ASCII | 63 |
| 0x4F630C | EnumDisplayDevicesA | 0 | ASCII | 63 |
| 0x4F626A | WOW32DriverCallback | 0 | ASCII | 63 |
| 0x4F5FE6 | GetRoleTextW | 0 | ASCII | 63 |
| 0x4F5FD6 | GetRoleTextA | 0 | ASCII | 63 |
| 0x4F5E32 | UnMapAndLoad | 0 | ASCII | 63 |
| 0x4F5CC6 | LoadLibraryA | 0 | ASCII | 63 |
| 0x4F5F6E | VarUI8FromI8 | 0 | ASCII | 63 |
| 0x4F613C | SeekPrinter | 0 | ASCII | 63 |
| 0x4C700E | \nJ@*j@*j@*j | 0 | ASCII | 63 |
| 0x4F6060 | AddPrinterA | 0 | ASCII | 63 |
| 0x4CAFE4 | KD\nnD\nV | 0 | ASCII | 63 |
| 0x4B3B53 | "kP"9D" | 0 | ASCII | 63 |
| 0x4EC70E | E\n"Q"XE | 0 | ASCII | 63 |
| 0x4D6EB3 | E"xE\nPP | 0 | ASCII | 63 |
| - | 6601251 | 0 | ASCII | 63 |
| 0x4F6056 | AddJobA | 0 | ASCII | 63 |
| 0x4F62D8 | DdeCmpStringHandles | 0 | ASCII | 62 |
| 0x4F6B1E | PropStgNameToFmtId | 0 | ASCII | 62 |
| 0x4F6B8E | PathCanonicalizeW | 0 | ASCII | 62 |
| 0x4F65DE | SystemFunction007 | 0 | ASCII | 62 |
| 0x4F6036 | ObjectFromLresult | 0 | ASCII | 62 |
| 0x4F5D96 | ImageRvaToSection | 0 | ASCII | 62 |
| 0x4F69A4 | GetStringBitmapW | 0 | ASCII | 62 |
| 0x4F66B8 | GdipEmfToWmfBits | 0 | ASCII | 62 |
| 0x4F5E7E | BSTR_UserMarshal | 0 | ASCII | 62 |
| 0x4F6694 | GdipDrawEllipseI | 0 | ASCII | 62 |
| 0x4F6D54 | OleUIPromptUserW | 0 | ASCII | 62 |
| 0x4F6D40 | OleUIPromptUserA | 0 | ASCII | 62 |
| 0x4F685A | DrawStatusTextA | 0 | ASCII | 62 |
| 0x4F617A | joyGetThreshold | 0 | ASCII | 62 |
| 0x4F61A0 | mciGetYieldProc | 0 | ASCII | 62 |
| 0x4F68D4 | ImageList_Write | 0 | ASCII | 62 |
| 0x4F5D34 | VirtualProtect | 0 | ASCII | 62 |
| 0x4F684A | DPA_InsertPtr | 0 | ASCII | 62 |
| 0x4F6554 | RegCreateKeyA | 0 | ASCII | 62 |
| 0x4F6408 | DllInitialize | 0 | ASCII | 62 |
| 0x4F620E | timeEndPeriod | 0 | ASCII | 62 |
| 0x4B08F7 | A\nAD\nIA* | 0 | ASCII | 62 |
| 0x4F6B4C | STGMEDIUM_UserSize | 0 | ASCII | 61 |
| 0x4F61F4 | mmioClose | 0 | ASCII | 61 |
| 0x4C0554 | D"_D | 0 | ASCII | 61 |
| 0x4DF4D1 | ]@"@ | 0 | ASCII | 61 |
| 0x4EDA3D | T\nYT | 0 | ASCII | 61 |
| 0x4D522D | D\nDU | 0 | ASCII | 61 |
| 0x4B2136 | P\nEP | 0 | ASCII | 61 |
| 0x4C1E53 | D"OD | 0 | ASCII | 61 |
| 0x4ECA3F | \n.E\n | 0 | ASCII | 61 |
| 0x4F2556 | "<@" | 0 | ASCII | 61 |
| 0x4F259B | \nKQ\n | 0 | ASCII | 61 |
| 0x4C4F8E | U\n:U | 0 | ASCII | 61 |
| 0x4EC9D0 | \nwE\n | 0 | ASCII | 61 |
| 0x4EC88F | \nb@\n | 0 | ASCII | 61 |
| 0x4AA82E | D"RD | 0 | ASCII | 61 |
| 0x4B3CAF | "GQ" | 0 | ASCII | 61 |
| 0x4B3CD1 | O@"@ | 0 | ASCII | 61 |
| 0x4C6994 | TT\nX | 0 | ASCII | 61 |
| 0x4E11C0 | 7@\n\n | 0 | ASCII | 61 |
| 0x4DA8EC | "OQ" | 0 | ASCII | 61 |
| 0x4EC496 | \nAE\n | 0 | ASCII | 61 |
| 0x4AAAA2 | "@D" | 0 | ASCII | 61 |
| 0x4EC41D | E\nsE | 0 | ASCII | 61 |
| 0x4C6CA3 | ^D\n\n | 0 | ASCII | 61 |
| 0x4B130E | E""Q | 0 | ASCII | 61 |
Functions high-value functions
Function listings
0x40396C sub_40396c str 0 api 3 imm 12 Unknown
sub_40396c() {
push edi
mov edi, ebx
or edi, ebx
mov ebx, edi
pop edi
jnz .2
push esi
add dword ptr [esp], 0xFFFF0000
sub [esp], esi
call sub_40b864()
push ebx
or [esp], ebx
pop ebx
jz .2
push ecx
mov dword ptr [esp], 0x04
push ebx
mov dword ptr [esp], 0x1000
push esi
push edx
mov edx, [ebx+0x4F41F4]
mov [esp+0x04], edx
pop edx
push 0x00
call [ebx+kernel32.VirtualAlloc]
.2:
and dword ptr [ebp-0x04], 0x00
push [ebp-0x04]
add [esp], eax
pop [ebx+0x4F40B0]
push eax
mov dword ptr [esp], 0x02
pop [ebx+0x4F4238]
push edx
sub edx, [esp]
or edx, eax
and dword ptr [ebx+0x4F4384], 0x00
xor [ebx+0x4F4384], edx
pop edx
cmp dword ptr [ebx+0x4F42F0], 0x00
jbe .4
lea eax, [ebx+0x4F4238]
push ecx
xor [esp], ecx
mov [esp], eax
push ebx
mov dword ptr [esp], 0x40
push eax
mov eax, [ebx+0x4F42A0]
xchg [esp], eax
push eax
mov eax, [ebx+0x4F42F0]
xchg [esp], eax
call [ebx+kernel32.VirtualProtect]
push ecx
add dword ptr [esp], 0x46A
sub [esp], ecx
push esi
add dword ptr [esp], 0x22D9A
sub [esp], esi
call sub_408352()
push eax
or [esp], eax
pop eax
jnz .4
push ebp
mov ebp, [ebx+0x4F40B0]
xchg [esp], ebp
push ecx
push edi
mov edi, [ebx+0x4F4354]
mov [esp+0x04], edi
pop edi
call sub_40130c()
.4:
mov [ebp-0x04], edi
and edi, 0x00
or edi, [ebx+0x4F42A0]
and ecx, 0x00
or ecx, edi
mov edi, [ebp-0x04]
mov [ebp-0x04], ecx
xor ecx, ecx
xor ecx, [ebx+0x4F42F0]
mov edi, ecx
mov ecx, [ebp-0x04]
push eax
xor [esp], eax
pop eax
rep stosb
cmp dword ptr [ebx+0x4F40B0], 0x00
jbe .6
push ebx
add dword ptr [esp], 0x46B
sub [esp], ebx
push ebp
add dword ptr [esp], 0x22D9B
sub [esp], ebp
call sub_408352()
cmp eax, ebx
jz .6
push esi
mov esi, [ebx+0x4F40B0]
xchg [esp], esi
call sub_40c4b6()
push ecx
add dword ptr [esp], 0x8000
sub [esp], ecx
push 0x00
push esi
mov esi, [ebx+0x4F40B0]
xchg [esp], esi
call [ebx+kernel32.VirtualFree]
.6:
push ecx
and ecx, 0x00
xor ecx, [ebx+0x4F4110]
and edx, 0x00
xor edx, ecx
pop ecx
mov [ebp-0x04], eax
and eax, 0x00
xor eax, edx
and dword ptr [ebp+0x04], 0x00
or [ebp+0x04], eax
mov eax, [ebp-0x04]
popad
leave
ret
}
/* WARNING: Removing unreachable block (ram,0x0040398d) */
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 sub_40396c(void)
{
uint32_t uVar1;
uint32_t in_EAX;
int32_t iVar2;
int32_t iVar3;
int32_t unaff_EBX;
int32_t unaff_EBP;
undefined4 unaff_EDI;
undefined *puVar4;
undefined4 in_stack_00000014;
undefined4 in_stack_0000001c;
if (unaff_EBX == 0) {
in_EAX = sub_40b864(0xffff0000);
}
*(unaff_EBP + -4) = 0;
*(unaff_EBX + 0x4f40b0) = *(unaff_EBP + -4) + in_EAX;
*(unaff_EBX + 0x4f4238) = 2;
*(unaff_EBX + 0x4f4384) = 0;
*(unaff_EBX + 0x4f4384) = *(unaff_EBX + 0x4f4384) ^ in_EAX;
if (*(unaff_EBX + 0x4f42f0) != 0) {
LOCK();
UNLOCK();
LOCK();
UNLOCK();
(**(&kernel32.VirtualProtect + unaff_EBX))
(*(unaff_EBX + 0x4f42f0), *(unaff_EBX + 0x4f42a0), 0x40, unaff_EBX + 0x4f4238);
iVar2 = sub_408352(0x22d9a, 0x46a);
if (iVar2 == 0) {
LOCK();
UNLOCK();
sub_40130c(*(unaff_EBX + 0x4f4354), *(unaff_EBX + 0x4f40b0));
}
}
*(unaff_EBP + -4) = unaff_EDI;
*(unaff_EBP + -4) = *(unaff_EBX + 0x4f42a0);
iVar2 = 0;
puVar4 = *(unaff_EBX + 0x4f42f0);
for (iVar3 = *(unaff_EBP + -4); iVar3 != 0; iVar3 = iVar3 + -1) {
*puVar4 = 0;
puVar4 = puVar4 + 1;
}
if ((*(unaff_EBX + 0x4f40b0) != 0) && (iVar2 = sub_408352(0x22d9b, 0x46b), iVar2 != unaff_EBX)) {
LOCK();
UNLOCK();
sub_40c4b6(*(unaff_EBX + 0x4f40b0));
LOCK();
UNLOCK();
iVar2 = (**(&kernel32.VirtualFree + unaff_EBX))(*(unaff_EBX + 0x4f40b0), 0, 0x8000);
}
uVar1 = *(unaff_EBX + 0x4f4110);
*(unaff_EBP + -4) = iVar2;
*(unaff_EBP + 4) = 0;
*(unaff_EBP + 4) = *(unaff_EBP + 4) | uVar1;
return CONCAT44(in_stack_00000014, in_stack_0000001c);
}
0x40455F sub_40455f str 0 api 3 imm 8 Unknown
sub_40455f() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFE8
mov dword ptr [ebp-0x10], 0x00
push [ebp-0x10]
add [esp], esi
push ecx
sub [esp], ecx
or [esp], edi
mov [ebp-0x14], esi
xor esi, [ebp-0x14]
xor esi, [ebp+0x08]
and edi, 0x00
or edi, esi
mov esi, [ebp-0x14]
push 0x00
mov [esp], eax
push edi
pop eax
add eax, [edi+0x3C]
mov edi, eax
pop eax
cmp dword ptr [edi+0x80], 0x00
jnz .3
xor edi, edi
pop [ebp-0x18]
xor edi, [ebp-0x18]
and esi, 0x00
add esi, [esp]
sub esp, 0xFFFFFFFC
leave
ret 0x04
.3:
mov edi, [edi+0x80]
push 0x00
or [esp], ecx
push edi
pop ecx
add ecx, [ebp+0x08]
mov edi, ecx
pop ecx
.4:
cmp dword ptr [edi], 0x00
jnz .5
push [edi+0x10]
pop [ebp-0x10]
push [ebp-0x10]
pop esi
jmp .6
.5:
push 0x00
mov [esp], ebp
xor ebp, ebp
xor ebp, [edi]
mov esi, ebp
pop ebp
.6:
push ecx
mov ecx, [edi+0x10]
xchg [esp], ecx
pop [ebp-0x0C]
push ebx
and ebx, 0x00
or ebx, [ebp+0x08]
and eax, 0x00
or eax, ebx
pop ebx
mov [ebp-0x10], edx
mov edx, eax
add edx, [ebp-0x0C]
push edx
mov edx, [ebp-0x10]
pop [ebp-0x0C]
push edx
xor edx, [esp]
or edx, [edi+0x0C]
and ecx, 0x00
xor ecx, edx
pop edx
mov [ebp-0x10], ebx
mov ebx, [ebp+0x08]
add ebx, ecx
push ebx
mov ebx, [ebp-0x10]
pop ecx
push 0x00
or [esp], ecx
push esi
pop ecx
add ecx, [ebp+0x08]
mov esi, ecx
pop ecx
push ebx
and dword ptr [esp], 0x00
add [esp], ecx
pushad
push 0x00
call [ebx+kernel32.GetModuleHandleA]
popad
call [ebx+kernel32.LoadLibraryA]
mov [ebp-0x18], ebx
and ebx, 0x00
or ebx, eax
and dword ptr [ebp-0x08], 0x00
or [ebp-0x08], ebx
mov ebx, [ebp-0x18]
.11:
test dword ptr [esi], 0x80000000
jnz .15
push [ebp-0x10]
mov [esp], esi
mov esi, [esi]
mov [ebp-0x14], edx
mov edx, [ebp+0x08]
add edx, esi
push edx
mov edx, [ebp-0x14]
pop esi
push ebp
mov ebp, esi
add ebp, 0x02
mov esi, ebp
pop ebp
mov [ebp-0x18], eax
and eax, 0x00
xor eax, esi
and dword ptr [ebp-0x04], 0x00
or [ebp-0x04], eax
mov eax, [ebp-0x18]
and esi, 0x00
mov esi, [esp]
add esp, 0x04
jmp .16
.15:
push eax
push edx
mov edx, [esi]
mov [esp+0x04], edx
pop edx
pop [ebp-0x04]
and dword ptr [ebp-0x04], 0xFFFF
.16:
mov [ebp-0x10], ebx
xor ebx, [ebp-0x10]
xor ebx, [ebp-0x04]
and eax, 0x00
xor eax, ebx
mov ebx, [ebp-0x10]
push ebx
mov ebx, [ebp-0x04]
xchg [esp], ebx
push esi
sub esi, [esp]
or esi, [ebp-0x08]
and eax, 0x00
or eax, esi
pop esi
and dword ptr [ebp-0x14], 0x00
push [ebp-0x14]
or [esp], eax
call [ebx+kernel32.GetProcAddress]
push edi
and dword ptr [esp], 0x00
or [esp], esi
push 0x00
mov [esp], edi
xor edi, edi
or edi, [ebp-0x0C]
mov esi, edi
pop edi
mov [ebp-0x14], ebx
sub ebx, ebx
xor ebx, eax
mov [esi], ebx
mov ebx, [ebp-0x14]
and esi, 0x00
xor esi, [esp]
sub esp, 0xFFFFFFFC
push esi
mov dword ptr [esp], 0x04
pop eax
push edx
mov edx, eax
push esi
pop [ebp-0x10]
add [ebp-0x10], edx
push [ebp-0x10]
pop esi
pop edx
push 0x00
mov [esp], esi
push [ebp-0x0C]
pop esi
add esi, eax
mov [ebp-0x0C], esi
pop esi
cmp dword ptr [esi], 0x00
jnz .11
push ebx
mov ebx, edi
add ebx, 0x14
mov edi, ebx
pop ebx
cmp dword ptr [edi], 0x00
jnz .4
cmp dword ptr [edi+0x10], 0x00
jnz .4
push eax
xor [esp], eax
pop eax
xor edi, edi
mov edi, [esp]
add esp, 0x04
sub esi, esi
pop [ebp-0x10]
or esi, [ebp-0x10]
leave
ret 0x04
}
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined4 __fastcall sub_40455f(undefined4 param_1,undefined4 param_2,int32_t param_3)
{
int32_t *piVar1;
uint32_t uVar2;
undefined4 in_EAX;
int32_t iVar3;
uint32_t *puVar4;
undefined *puVar5;
undefined4 unaff_EBX;
undefined4 unaff_ESI;
uint32_t uVar6;
undefined8 uVar7;
code *in_stack_004f551c;
int32_t aiStack_28 [2];
undefined4 uStack_20;
puVar5 = &stack0xfffffffc;
iVar3 = param_3 + *(param_3 + 0x3c);
if (*(iVar3 + 0x80) == 0) {
return in_EAX;
}
puVar4 = *(iVar3 + 0x80) + param_3;
uStack_20 = unaff_ESI;
do {
if (*puVar4 == 0) {
*(puVar5 + -0x10) = puVar4[4];
uVar6 = *(puVar5 + -0x10);
}
else {
uVar6 = *puVar4;
}
LOCK();
UNLOCK();
*(puVar5 + -0xc) = puVar4[4];
iVar3 = *(puVar5 + 8);
*(puVar5 + -0x10) = param_2;
*(puVar5 + -0xc) = iVar3 + *(puVar5 + -0xc);
uVar2 = puVar4[3];
*(puVar5 + -0x10) = unaff_EBX;
aiStack_28[0] = *(puVar5 + 8) + uVar2;
piVar1 = puVar5 + -0x10;
puVar5 = uVar6 + *(puVar5 + 8);
(**(&kernel32.GetModuleHandleA + *piVar1))();
uVar7 = (*in_stack_004f551c)(iVar3);
*(puVar5 + -0x18) = aiStack_28;
*(puVar5 + -8) = 0;
*(puVar5 + -8) = *(puVar5 + -8) | uVar7;
unaff_EBX = *(puVar5 + -0x18);
do {
if ((*puVar4 & 0x80000000) == 0) {
uVar6 = *puVar4;
*(puVar5 + -0x18) = uVar7;
*(puVar5 + -4) = 0;
*(puVar5 + -4) = *(puVar5 + -4) | *(puVar5 + 8) + uVar6 + 2;
}
else {
*(puVar5 + -4) = *puVar4;
*(puVar5 + -4) = *(puVar5 + -4) & 0xffff;
}
*(puVar5 + -0x10) = unaff_EBX;
iVar3 = *(puVar5 + -0x10);
aiStack_28[0] = *(puVar5 + -4);
LOCK();
UNLOCK();
*(puVar5 + -0x14) = 0;
uVar7 = (**(&kernel32.GetProcAddress + iVar3))(*(puVar5 + -0x14) | *(puVar5 + -8));
param_2 = uVar7 >> 0x20;
*(puVar5 + -0x14) = iVar3;
**(puVar5 + -0xc) = uVar7;
unaff_EBX = *(puVar5 + -0x14);
uVar7 = CONCAT44(param_2, 4);
*(puVar5 + -0x10) = puVar4;
*(puVar5 + -0x10) = *(puVar5 + -0x10) + 4;
puVar4 = *(puVar5 + -0x10);
*(puVar5 + -0xc) = *(puVar5 + -0xc) + 4;
} while (*puVar4 != 0);
puVar4 = 0x14;
} while (([0x0x14] != 0) || ([0x0x24] != 0));
*(puVar5 + -0x10) = uStack_20;
return 0;
}
0x40388A EntryPoint str 0 api 2 imm 11 Unknown
EntryPoint() {
push eax
push ebp
mov ebp, esp
add esp, 0xFFFFFFFC
pushad
and ebx, 0x00
push ecx
mov ecx, ebx
or ecx, ebx
mov ebx, ecx
pop ecx
jnz .1
push ebp
mov dword ptr [esp], 0x469
push esi
add dword ptr [esp], 0x22D99
sub [esp], esi
call sub_408352()
cmp ebx, eax
jnz .1
push ecx
mov dword ptr [esp], 0x40
push eax
add dword ptr [esp], 0x1000
sub [esp], eax
push ebp
push ecx
mov ecx, [ebx+0x4F42A0]
mov [esp+0x04], ecx
pop ecx
and dword ptr [ebp-0x04], 0x00
push [ebp-0x04]
add [esp], eax
call [ebx+kernel32.VirtualAlloc]
.1:
push edx
and edx, 0x00
or edx, eax
and edi, 0x00
or edi, edx
pop edx
push 0x00
mov [esp], ecx
sub ecx, ecx
or ecx, edi
mov [ebx+0x4F4200], ecx
pop ecx
push edi
and edi, 0x00
or edi, [ebx+0x4F42F0]
and esi, 0x00
xor esi, edi
pop edi
mov [ebp-0x04], eax
xor eax, eax
xor eax, [ebx+0x4F42A0]
mov ecx, eax
mov eax, [ebp-0x04]
cld
rep movsb
push edi
mov dword ptr [esp], 0xFFFFF
pop ecx
push ebp
xor ebp, [esp]
or ebp, [ebx+0x4F4200]
and eax, 0x00
xor eax, ebp
pop ebp
push esi
add dword ptr [esp], sub_40396c()
sub [esp], esi
pop [ebx+0x4F4110]
and [ebx+0x4F4110], ecx
push 0x00
xor [esp], ebp
push eax
pop ebp
add ebp, [ebx+0x4F4110]
mov eax, ebp
pop ebp
jmp eax
}
/* DISPLAY WARNING: Type casts are NOT being printed */
void EntryPoint(void)
{
undefined *puVar1;
undefined *puVar2;
int32_t iVar3;
undefined *puVar4;
puVar2 = sub_408352(0x22d99, 0x469);
iVar3 = [0x0x4f42a0];
puVar4 = 0x4f42f0;
puVar1 = puVar2;
if (puVar2 == 0x0) {
puVar2 = (*kernel32.VirtualAlloc)(0, [0x0x4f42a0], 0x1000, 0x40);
iVar3 = [0x0x4f42a0];
puVar4 = 0x4f42f0;
puVar1 = puVar2;
}
for (; 0x4f4200 = puVar1, iVar3 != 0; iVar3 = iVar3 + -1) {
*puVar2 = *puVar4;
puVar4 = puVar4 + 1;
puVar2 = puVar2 + 1;
puVar1 = 0x4f4200;
}
004f4110 = 0x396c;
/* WARNING: Could not recover jumptable at 0x0040396a. Too many branches */
/* WARNING: Treating indirect jump as call */
(*(0x4f4200 + 0x396c))();
return;
}
0x40C4B6 sub_40c4b6 str 0 api 1 imm 9 Unknown
sub_40c4b6() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFF0
mov [ebp-0x10], edx
sub edx, [ebp-0x10]
xor edx, [ebp+0x08]
and eax, 0x00
or eax, edx
mov edx, [ebp-0x10]
push ebx
mov ebx, [eax+0x3C]
push eax
pop [ebp-0x0C]
add [ebp-0x0C], ebx
push [ebp-0x0C]
pop eax
pop ebx
mov dword ptr [ebp-0x0C], 0x00
push [ebp-0x0C]
or [esp], eax
push esi
sub esi, [esp]
xor esi, eax
and edi, 0x00
or edi, esi
pop esi
movzx eax, word ptr [edi+0x06]
push eax
pop [ebp-0x08]
push [ebp-0x08]
pop [ebp-0x04]
mov dword ptr [ebp-0x10], 0x00
push [ebp-0x10]
or [esp], edi
push [edi+0x54]
pop [ebp-0x08]
push [ebp-0x08]
pop edx
push [ebx+0x4F42F0]
pop [ebp-0x08]
push [ebp-0x08]
pop edi
push ecx
and ecx, 0x00
xor ecx, [ebp+0x08]
and esi, 0x00
or esi, ecx
pop ecx
push eax
xor eax, [esp]
xor eax, edx
and ecx, 0x00
xor ecx, eax
pop eax
cmp edi, esi
jz .4
.3:
movsb
dec ecx
jnz .3
mov [ebp-0x0C], esi
and esi, 0x00
or esi, [ebx+0x4F42F0]
and edi, 0x00
xor edi, esi
mov esi, [ebp-0x0C]
push esi
mov dword ptr [esp], 0x40
pop [ebx+0x4F4238]
lea eax, [ebx+0x4F4238]
push [ebp-0x08]
mov [esp], eax
push ecx
add dword ptr [esp], 0x02
sub [esp], ecx
mov dword ptr [ebp-0x10], 0x00
push [ebp-0x10]
add [esp], edx
push edx
xor [esp], edx
add [esp], edi
call [ebx+kernel32.VirtualProtect]
.4:
and edi, 0x00
add edi, [esp]
add esp, 0x04
push esi
mov esi, edi
add esi, 0xF8
mov edi, esi
pop esi
.5:
push [ebp-0x10]
mov [esp], edi
push [ebp+0x08]
pop [ebp-0x08]
push [ebp-0x08]
pop esi
mov [ebp-0x08], eax
sub eax, eax
xor eax, [edi+0x10]
mov ecx, eax
mov eax, [ebp-0x08]
push eax
mov eax, [edi+0x14]
push esi
pop [ebp-0x10]
add [ebp-0x10], eax
push [ebp-0x10]
pop esi
pop eax
mov edi, [edi+0x0C]
mov [ebp-0x10], edx
mov edx, [ebx+0x4F42F0]
add edx, edi
push edx
mov edx, [ebp-0x10]
pop edi
rep movsb
and edi, 0x00
pop [ebp-0x08]
add edi, [ebp-0x08]
push ebx
mov ebx, edi
add ebx, 0x28
mov edi, ebx
pop ebx
dec [ebp-0x04]
jnz .5
sub edi, edi
or edi, [esp]
sub esp, 0xFFFFFFFC
mov [ebp-0x08], edx
xor edx, [ebp-0x08]
xor edx, [edi+0x28]
and eax, 0x00
xor eax, edx
mov edx, [ebp-0x08]
push edi
mov edi, [ebx+0x4F42F0]
push eax
pop [ebp-0x08]
add [ebp-0x08], edi
push [ebp-0x08]
pop eax
pop edi
mov [ebp-0x0C], ecx
and ecx, 0x00
or ecx, eax
and dword ptr [ebx+0x4F4110], 0x00
or [ebx+0x4F4110], ecx
mov ecx, [ebp-0x0C]
mov [ebp-0x0C], edi
sub edi, edi
xor edi, [ebx+0x4F42F0]
mov esi, edi
mov edi, [ebp-0x0C]
cmp esi, 0x00
jbe .7
push ebp
sub [esp], ebp
xor [esp], esi
call sub_40455f()
push [ebp-0x0C]
mov [esp], esi
call sub_40b8df()
push edx
mov edx, [ebx+0x4F40B0]
xchg [esp], edx
call sub_406b33()
.7:
leave
ret 0x04
}
/* DISPLAY WARNING: Type casts are NOT being printed */
void sub_40c4b6(undefined *param_1)
{
int32_t iVar1;
int32_t iVar2;
int32_t extraout_EDX;
int32_t iVar3;
int32_t unaff_EBX;
undefined *puVar4;
undefined *puVar5;
undefined *puVar6;
undefined *puVar7;
uint32_t uStack_8;
puVar4 = param_1 + *(param_1 + 0x3c);
uStack_8 = *(puVar4 + 6);
iVar3 = *(puVar4 + 0x54);
iVar2 = iVar3;
puVar5 = param_1;
puVar6 = *(unaff_EBX + 0x4f42f0);
puVar7 = puVar4;
if (*(unaff_EBX + 0x4f42f0) != param_1) {
do {
iVar1 = iVar2;
*puVar6 = *puVar5;
iVar2 = iVar1 + -1;
puVar5 = puVar5 + 1;
puVar6 = puVar6 + 1;
} while (iVar2 != 0);
*(unaff_EBX + 0x4f4238) = 0x40;
(**(&kernel32.VirtualProtect + unaff_EBX))(*(unaff_EBX + 0x4f42f0), iVar3, iVar1 + 1, unaff_EBX + 0x4f4238);
iVar3 = extraout_EDX;
}
puVar4 = puVar4 + 0xf8;
do {
puVar5 = param_1 + *(puVar4 + 0x14);
puVar6 = *(unaff_EBX + 0x4f42f0) + *(puVar4 + 0xc);
for (iVar2 = *(puVar4 + 0x10); iVar2 != 0; iVar2 = iVar2 + -1) {
*puVar6 = *puVar5;
puVar5 = puVar5 + 1;
puVar6 = puVar6 + 1;
}
puVar4 = puVar4 + 0x28;
uStack_8 = uStack_8 - 1;
} while (uStack_8 != 0);
iVar2 = *(puVar7 + 0x28);
*(unaff_EBX + 0x4f4110) = 0;
*(unaff_EBX + 0x4f4110) = *(unaff_EBX + 0x4f4110) | iVar2 + *(unaff_EBX + 0x4f42f0);
iVar2 = *(unaff_EBX + 0x4f42f0);
if (iVar2 != 0) {
sub_40455f(iVar2, iVar3, puVar7);
sub_40b8df(iVar2);
LOCK();
UNLOCK();
sub_406b33(*(unaff_EBX + 0x4f40b0));
}
return;
}
0x40AE84 sub_40ae84 str 0 api 0 imm 54 Unknown
sub_40ae84() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFF4
push eax
push ecx
push edx
push esi
push edi
cmp ecx, edi
push [ebx+0x4F4288]
push [ebx+0x4F4228]
push [ebx+0x4F422C]
call sub_4075f2()
jo .2
and [ebp+0x08], edx
jmp .3
.2:
sub edi, 0x01
.3:
sub esi, 0x175
and edi, 0x00
xor [ebx+0x4F400C], ecx
cmp dword ptr [ebp+0x08], 0x7A06
jnle .4
push [ebx+0x4F414C]
call sub_40ab51()
or dword ptr [ebp-0x0C], 0x00
mov ecx, 0x00
and eax, 0x01
jmp .5
.4:
mov eax, 0xFFFFFFFF
add eax, 0xFFFFFFFF
.5:
mov [ebp+0x0C], esi
and dword ptr [ebp-0x08], 0x113
sub eax, 0x509
sub edi, [ebp+0x08]
and [ebx+0x4F400C], edi
add esi, 0x01
test edx, edi
and ecx, edi
and dword ptr [ebp+0x0C], 0x631
inc edx
inc ecx
xor edx, 0x00
mov eax, edx
test dword ptr [ebx+0x4F400C], 0xFFFFFFFF
sub eax, 0x141
xor eax, 0xFFFFFFFF
inc [ebp+0x0C]
xor dword ptr [ebp+0x0C], 0x01
or dword ptr [ebp-0x0C], 0xFFFFFFFF
dec [ebx+0x4F400C]
sub edx, [ebp+0x08]
and eax, 0xFFFFF8BD
sub ecx, 0xFFFFFFFF
add eax, 0x01
mov dword ptr [ebp-0x04], 0x424
add eax, esi
test dword ptr [ebp+0x0C], 0x01
xor dword ptr [ebx+0x4F400C], 0xFFFFFFFF
xor eax, 0x00
or edi, 0xFFFFFFFF
xor eax, 0xFFFFFFFF
test dword ptr [ebx+0x4F400C], 0xFFFFFA43
dec [ebp+0x0C]
test dword ptr [ebp-0x0C], 0xFFFFFFFF
sub dword ptr [ebp-0x04], 0x01
sub eax, 0xFFFFFFFF
xor [ebp-0x0C], eax
sub dword ptr [ebp+0x0C], 0xFFFFFE21
inc [ebp+0x08]
or eax, [ebx+0x4F400C]
or edx, [ebp+0x0C]
xor esi, ecx
or [ebp-0x04], esi
or dword ptr [ebx+0x4F400C], 0xFFFFFEEE
xor dword ptr [ebx+0x4F400C], 0x00
inc esi
sub eax, 0xFFFFFFFF
inc edx
add eax, 0xFFFFFBA7
xor esi, 0x2F2
inc [ebp-0x0C]
and [ebp-0x04], ecx
sub eax, 0x5B
sub ecx, [ebp-0x08]
or [ebp+0x08], edi
push [ebx+0x4F4220]
push [ebx+0x4F415C]
call sub_40c693()
inc edx
sub [ebp+0x08], edx
sub eax, 0xFFFFFFFF
test edi, edx
sub esi, 0xFFFFFFFF
sub eax, 0xFFFFFF88
mov [ebp+0x0C], edx
xor ecx, [ebp-0x04]
mov dword ptr [ebp+0x08], 0x01
and esi, 0x00
dec [ebx+0x4F400C]
sub esi, 0xFFFFFF09
add dword ptr [ebp-0x08], 0xFFFFFA1A
test dword ptr [ebp-0x04], 0x77E
mov edx, [ebp-0x04]
test dword ptr [ebp+0x08], 0xFFFFFAAD
xor esi, 0x00
and eax, 0xFFFFFFFF
xor eax, 0x00
and edx, 0xFFFFFFFF
dec edi
test [ebx+0x4F400C], edi
and eax, 0x255
or [ebx+0x4F400C], edi
and edi, edx
add dword ptr [ebp-0x04], 0xFFFFFC5C
mov dword ptr [ebx+0x4F400C], 0x3D0
push ebp
push [ebx+0x4F4304]
push [ebx+0x4F41C8]
call sub_403e2b()
sub [ebp-0x08], edx
xor esi, edx
dec edi
add [ebx+0x4F400C], edx
or dword ptr [ebp-0x0C], 0x01
mov edi, 0x00
mov dword ptr [ebx+0x4F400C], 0x01
add eax, 0xFFFFFFFF
add eax, 0xFFFFFDBE
inc [ebp-0x04]
mov esi, 0x00
dec [ebp+0x0C]
test [ebp+0x0C], edx
inc eax
xor eax, 0xFFFFFFFF
inc edi
and ecx, 0x3E5
test [ebp-0x0C], ecx
sub eax, 0xFFFFFF10
test [ebx+0x4F400C], edi
test [ebx+0x4F400C], edx
xor eax, 0x00
inc [ebx+0x4F400C]
sub dword ptr [ebp+0x0C], 0x4B8
xor dword ptr [ebx+0x4F400C], 0x00
test dword ptr [ebp-0x04], 0x01
or [ebp-0x08], edi
test [ebx+0x4F400C], ecx
mov edx, 0xFFFFFFFF
inc [ebp+0x0C]
add eax, 0xFFFFFFFF
test [ebp-0x0C], ecx
or dword ptr [ebx+0x4F400C], 0xFFFFFFFF
add eax, 0x01
add eax, 0x453
test [ebp-0x04], esi
mov [ebp+0x0C], edx
inc [ebp-0x04]
dec [ebx+0x4F400C]
xor [ebp-0x0C], edi
inc edx
sub dword ptr [ebp+0x08], 0x01
add [ebp-0x04], esi
test ecx, esi
and dword ptr [ebp+0x08], 0x00
sub dword ptr [ebp-0x0C], 0xFFFFF816
dec edi
mov esi, 0x00
add eax, 0x01
and dword ptr [ebx+0x4F400C], 0xFFFFF899
dec [ebp-0x08]
sub eax, 0xFFFFFFFF
or edi, ecx
add eax, 0xFFFFFFFF
sub eax, 0x01
and edi, esi
inc esi
xor edx, 0x00
mov [ebx+0x4F400C], edx
dec esi
and esi, 0x78A
xor ecx, 0x00
mov dword ptr [ebp-0x08], 0xFFFFFFFF
sub eax, 0xFFFFFFFF
add eax, 0x176
dec [ebx+0x4F400C]
sub dword ptr [ebx+0x4F400C], 0x6AA
add edi, edx
xor edi, 0xFFFFF98D
inc [ebp-0x04]
xor eax, 0xFFFFFFFF
dec [ebx+0x4F400C]
inc [ebp-0x04]
sub esi, edi
or [ebp-0x0C], ecx
and esi, 0x00
mov edi, 0x00
add eax, edx
or dword ptr [ebp+0x08], 0x5B2
and eax, 0x01
sub [ebx+0x4F400C], ecx
test dword ptr [ebp-0x08], 0xFFFFFFFF
add edi, 0x01
or edi, 0xFFFFFB9E
test dword ptr [ebx+0x4F400C], 0xFFFFFACF
mov edi, 0xFFFFFFFF
and dword ptr [ebp+0x08], 0x00
or ecx, 0x01
sub eax, [ebp+0x0C]
xor eax, 0x00
and [ebp-0x0C], edx
or edi, 0xFFFFFFFF
sub dword ptr [ebp+0x08], 0xFFFFFF44
xor eax, 0x01
mov [ebp+0x0C], ecx
mov dword ptr [ebx+0x4F400C], 0xFFFFFFFF
; listing truncated
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 __thiscall sub_40ae84(int32_t param_1,uint32_t param_2)
{
uint32_t extraout_ECX;
uint32_t extraout_ECX_00;
uint32_t extraout_EDX;
int32_t extraout_EDX_00;
int32_t unaff_EBX;
int32_t unaff_EDI;
bool bVar1;
undefined4 uVar2;
bVar1 = SBORROW4(param_1, unaff_EDI);
sub_4075f2(*(unaff_EBX + 0x4f422c), *(unaff_EBX + 0x4f4228), *(unaff_EBX + 0x4f4288));
if (!bVar1) {
param_2 = param_2 & extraout_EDX;
}
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) ^ extraout_ECX;
if (param_2 < 0x7a07) {
sub_40ab51(*(unaff_EBX + 0x4f414c));
}
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) & -param_2;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) + -1;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) ^ 0xffffffff;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) | 0xfffffeee;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c);
uVar2 = *(unaff_EBX + 0x4f4220);
sub_40c693(*(unaff_EBX + 0x4f415c));
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) + -1;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) | 0xfffffffe;
*(unaff_EBX + 0x4f400c) = 0x3d0;
sub_403e2b(*(unaff_EBX + 0x4f41c8), *(unaff_EBX + 0x4f4304));
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) + extraout_EDX_00;
*(unaff_EBX + 0x4f400c) = 1;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) + 1;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c);
*(unaff_EBX + 0x4f400c) = 0xffffffff;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) + -1;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) & 0xfffff899;
*(unaff_EBX + 0x4f400c) = 0;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) + -1;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) + -0x6aa;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) + -1;
*(unaff_EBX + 0x4f400c) = *(unaff_EBX + 0x4f400c) - (extraout_ECX_00 & 0x3e5);
*(unaff_EBX + 0x4f400c) = 0xffffffff;
return CONCAT44(&stack0xfffffffc, uVar2);
}
0x4051A0 sub_4051a0 str 0 api 0 imm 46 Unknown
sub_4051a0() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFFC
push eax
push ecx
push edx
push esi
push edi
cmp dword ptr [ebp-0x04], 0x9233
jz .1
add [ebp+0x08], edx
sub eax, edi
add dword ptr [ebp-0x04], 0x01
jmp .2
.1:
dec [ebp+0x08]
.2:
add eax, 0x01
sub eax, 0x01
sub eax, 0x01
cmp dword ptr [ebp+0x08], 0x266D
jz .3
dec [ebp+0x08]
xor esi, [ebx+0x4F407C]
jmp .4
.3:
sub dword ptr [ebp-0x04], 0x6E2
add eax, 0xFFFFFFFF
.4:
sub edx, [ebp-0x04]
xor ecx, 0x00
xor dword ptr [ebp+0x0C], 0xFFFFFFEB
sub [ebp-0x04], esi
mov dword ptr [ebp-0x04], 0xFFFFFE7E
inc [ebx+0x4F407C]
and edi, ecx
xor eax, 0x00
dec edi
xor [ebp-0x04], esi
mov dword ptr [ebp+0x08], 0xFFFFFEA9
test dword ptr [ebp+0x08], 0xFFFFFA3F
dec [ebp-0x04]
add esi, 0x286
add edi, edx
add esi, [ebp+0x0C]
xor edi, 0x00
sub [ebp-0x04], edx
dec [ebp-0x04]
sub [ebp-0x04], esi
dec eax
or [ebx+0x4F407C], edx
mov dword ptr [ebx+0x4F407C], 0xFFFFFFFF
dec [ebx+0x4F407C]
mov edx, 0x00
xor eax, 0x00
sub eax, 0xFFFFFFFF
and eax, 0x4F8
dec eax
test [ebp+0x08], ecx
add dword ptr [ebx+0x4F407C], 0x01
dec ecx
dec [ebp+0x0C]
add dword ptr [ebp+0x08], 0x07
inc [ebx+0x4F407C]
or edi, [ebp-0x04]
add dword ptr [ebp+0x0C], 0x16
xor eax, 0xFFFFFC88
xor eax, 0x00
mov esi, 0x00
mov [ebp+0x0C], edx
mov edi, 0x00
and [ebp+0x0C], edi
sub edx, 0x01
inc [ebp-0x04]
dec [ebp+0x08]
sub [ebp+0x0C], edx
sub eax, 0x01
dec ecx
xor eax, 0x540
mov edx, 0xFFFFFBCA
mov dword ptr [ebp+0x0C], 0x01
inc esi
and eax, 0x00
add edx, 0x6CD
sub eax, [ebp-0x04]
inc [ebp-0x04]
and eax, 0xFFFFFFFF
and dword ptr [ebp+0x08], 0x00
dec edx
add eax, 0xFFFFFFFF
xor eax, 0xFFFFFFFF
dec [ebp+0x0C]
inc [ebp+0x0C]
sub eax, 0x47C
add eax, [ebx+0x4F407C]
xor [ebx+0x4F407C], ecx
mov [ebx+0x4F407C], edx
sub eax, 0xFFFFF8E4
xor [ebp-0x04], edx
sub esi, edx
xor eax, 0xFFFFFFFF
test [ebx+0x4F407C], esi
test [ebp-0x04], esi
and eax, 0x00
dec ecx
or dword ptr [ebx+0x4F407C], 0x00
mov dword ptr [ebx+0x4F407C], 0xFFFFFB8F
and [ebp+0x08], ecx
mov dword ptr [ebp+0x08], 0x01
inc edx
mov [ebx+0x4F407C], esi
or dword ptr [ebp-0x04], 0xFF
sub edx, 0xFFFFFFFF
sub [ebp+0x0C], edx
test dword ptr [ebx+0x4F407C], 0x01
mov edx, 0x00
mov dword ptr [ebp-0x04], 0x356
and edi, 0x01
dec edi
inc eax
test [ebp-0x04], eax
add esi, esi
and eax, 0xFFFFFFFF
inc edi
mov dword ptr [ebp+0x08], 0xFFFFFFFF
and edx, esi
xor edi, 0x01
sub eax, 0x317
sub eax, 0x01
or [ebp-0x04], edi
and eax, 0xFFFFF9FC
xor esi, 0x01
sub eax, 0xFFFFFFFF
mov dword ptr [ebp-0x04], 0xFFFFFFFF
and eax, 0x00
sub eax, 0x764
sub dword ptr [ebx+0x4F407C], 0x01
mov dword ptr [ebp-0x04], 0xFFFFFFFF
mov esi, 0x00
dec edx
inc esi
sub eax, 0x1E9
and dword ptr [ebp+0x08], 0x01
inc [ebp+0x08]
and eax, 0x00
sub eax, 0xFFFFFFFF
dec [ebp-0x04]
inc ecx
sub eax, 0xFFFFFFFF
and ecx, 0x00
test dword ptr [ebp+0x08], 0x52B
and dword ptr [ebx+0x4F407C], 0x00
dec ecx
dec [ebp+0x08]
or dword ptr [ebp+0x0C], 0x00
inc [ebx+0x4F407C]
sub esi, 0xFFFFFFFF
mov edi, edi
add esi, [ebx+0x4F407C]
xor eax, 0xFFFFFF2D
and dword ptr [ebp+0x0C], 0x113
inc [ebp+0x0C]
sub esi, 0x01
add dword ptr [ebp-0x04], 0x01
add eax, 0xFFFFFFFF
test [ebp-0x04], edi
xor dword ptr [ebx+0x4F407C], 0x00
dec [ebx+0x4F407C]
xor edi, edi
add eax, 0x01
dec [ebp-0x04]
test dword ptr [ebp-0x04], 0x01
and eax, 0x00
add eax, 0xFFFFFFFF
add eax, 0xFFFFFFFF
add dword ptr [ebx+0x4F407C], 0x01
sub eax, 0xFFFFFFFF
mov eax, 0xFFFFFFFF
and [ebp-0x04], edi
and dword ptr [ebp-0x04], 0x00
mov dword ptr [ebp+0x0C], 0xFFFFFFFF
add dword ptr [ebp-0x04], 0xFFFFFFFF
xor [ebp+0x0C], edi
or edi, edi
test dword ptr [ebp+0x0C], 0xFFFFF890
mov dword ptr [ebp+0x08], 0xFFFFFFFF
sub dword ptr [ebx+0x4F407C], 0xFFFFFFFF
mov eax, 0xFFFFFFFF
add dword ptr [ebp+0x08], 0xFFFFFFFF
xor eax, 0x565
test esi, edx
add eax, 0x141
inc [ebp+0x08]
sub eax, 0xFFFFFD61
and eax, 0x00
xor eax, 0x00
dec edx
sub eax, 0x01
add eax, 0x2F
xor edx, esi
mov esi, edx
xor edx, edi
and [ebx+0x4F407C], edx
or esi, [ebp+0x08]
sub ecx, eax
pop edi
pop esi
pop edx
pop ecx
pop eax
leave
ret 0x08
}
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 __fastcall sub_4051a0(int32_t param_1,int32_t param_2,int32_t param_3)
{
int32_t iVar1;
undefined4 in_EAX;
int32_t unaff_EBX;
int32_t iStack_8;
if (iStack_8 == 0x9233) {
param_3 = param_3 + -1;
}
else {
param_3 = param_3 + param_2;
iStack_8 = iStack_8 + 1;
}
if (param_3 == 0x266d) {
iStack_8 = iStack_8 + -0x6e2;
}
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) + 1;
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) | param_2 - iStack_8;
*(unaff_EBX + 0x4f407c) = 0xffffffff;
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) + -1;
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) + 1;
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) + 1;
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) ^ param_1 - 2U;
*(unaff_EBX + 0x4f407c) = 0x296;
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c);
*(unaff_EBX + 0x4f407c) = 0xfffffb8f;
*(unaff_EBX + 0x4f407c) = 0xfffffd6b;
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) + -1;
*(unaff_EBX + 0x4f407c) = 0;
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) + 1;
iVar1 = *(unaff_EBX + 0x4f407c);
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c);
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) + -1;
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) + 1;
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) + 1;
*(unaff_EBX + 0x4f407c) = *(unaff_EBX + 0x4f407c) & (iVar1 + 1U ^ 0xfffffffe);
return CONCAT44(param_2, in_EAX);
}
0x4061D1 sub_4061d1 str 0 api 0 imm 46 Unknown
sub_4061d1() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFF8
push eax
push ecx
push edx
push esi
push edi
push [ebx+0x4F4338]
push [ebx+0x4F41D8]
call sub_4028ce()
cmp dword ptr [ebp-0x08], 0xE056
jnb .1
and eax, 0xFFFFFFFF
jmp .2
.1:
dec [ebx+0x4F417C]
mov [ebp-0x08], esi
.2:
test dword ptr [ebp-0x08], 0xFFFFF988
or dword ptr [ebp-0x08], 0x00
cmp eax, 0xC5AB
jnz .3
test dword ptr [ebp-0x04], 0x01
jmp .5
.3:
dec [ebx+0x4F417C]
xor esi, [ebp-0x04]
sub edi, [ebp-0x04]
.5:
and eax, [ebp-0x08]
inc esi
xor eax, 0x00
mov dword ptr [ebx+0x4F417C], 0xFFFFFF28
and eax, 0x1A
and eax, 0x00
and eax, 0x00
dec edx
mov [ebp+0x08], edx
and dword ptr [ebx+0x4F417C], 0x01
xor eax, 0xFFFFFDB3
sub [ebp-0x08], edi
dec edx
mov dword ptr [ebp+0x08], 0x01
and dword ptr [ebx+0x4F417C], 0x01
test dword ptr [ebx+0x4F417C], 0xFFFFF9F1
xor eax, 0x01
and eax, 0x00
inc edx
and eax, 0x00
sub eax, 0xFFFFFFFF
xor [ebp-0x04], ecx
or ecx, esi
add eax, eax
xor edi, 0xFFFFFFFF
add dword ptr [ebp+0x08], 0x40C
add edi, ecx
inc [ebp+0x08]
test edi, edi
dec ecx
and eax, 0xFFFFFFFF
dec edi
xor [ebp+0x08], edi
inc [ebp+0x08]
xor [ebp+0x08], edx
mov [ebp+0x08], eax
add eax, [ebp-0x04]
inc [ebp+0x08]
xor eax, 0x112
add ecx, 0x3F8
xor eax, 0xFFFFFFFF
sub ecx, 0xFFFFFEF4
add eax, edi
xor eax, 0x725
add eax, 0x2F3
and [ebp+0x08], edi
inc ecx
test dword ptr [ebp-0x08], 0x01
inc [ebp-0x08]
dec edx
and [ebx+0x4F417C], ecx
and eax, 0x00
or dword ptr [ebp+0x08], 0x00
and esi, [ebp-0x08]
sub dword ptr [ebx+0x4F417C], 0x4F6
mov ecx, [ebp-0x08]
dec edi
xor edi, 0x00
sub eax, esi
dec eax
mov [ebp-0x08], edi
test dword ptr [ebx+0x4F417C], 0x01
dec ecx
or eax, 0x01
and edi, [ebx+0x4F417C]
mov edi, 0xFFFFFFFF
add esi, 0xFFFFFFFF
mov dword ptr [ebp-0x08], 0xFFFFFFFF
mov eax, 0x4C2
dec edx
or [ebp-0x04], eax
or eax, 0xFFFFFBB1
test dword ptr [ebx+0x4F417C], 0x01
test dword ptr [ebx+0x4F417C], 0xFFFFFFFF
or eax, 0x00
xor eax, [ebp+0x08]
mov edi, eax
sub eax, 0x1BF
sub dword ptr [ebp-0x04], 0x01
add dword ptr [ebp-0x04], 0x01
sub edx, 0xFFFFFFFF
test [ebx+0x4F417C], ecx
test [ebp+0x08], eax
sub ecx, 0xFFFFFFFF
xor [ebx+0x4F417C], eax
add eax, 0x45C
test dword ptr [ebx+0x4F417C], 0xFFFFFFFF
and ecx, 0x01
sub eax, 0xFFFFFFFF
mov [ebx+0x4F417C], ecx
sub dword ptr [ebp+0x08], 0x01
and dword ptr [ebx+0x4F417C], 0xFFFFFFFF
sub [ebp+0x08], eax
xor edx, 0x462
inc esi
mov dword ptr [ebx+0x4F417C], 0xFFFFFFFF
add edx, edx
inc [ebx+0x4F417C]
dec edx
and dword ptr [ebp-0x04], 0xFFFFFC58
and eax, 0x00
and edx, esi
xor [ebp+0x08], esi
sub eax, 0x4C0
test dword ptr [ebp-0x04], 0xFFFFFFFF
mov [ebp-0x04], edx
sub eax, 0x01
inc esi
mov [ebp+0x08], ecx
dec eax
and dword ptr [ebp-0x08], 0x00
mov dword ptr [ebp-0x08], 0x01
add esi, [ebx+0x4F417C]
test dword ptr [ebp+0x08], 0xFFFFF924
xor ecx, esi
xor ecx, 0xFFFFFAF6
xor edi, [ebp+0x08]
xor esi, 0x00
inc edi
xor [ebp+0x08], ecx
and eax, 0x01
test dword ptr [ebx+0x4F417C], 0xFFFFFFFF
xor eax, 0xFFFFFFFF
or ecx, 0x01
or eax, esi
xor dword ptr [ebp-0x08], 0x01
sub eax, 0x01
sub eax, 0x01
xor [ebx+0x4F417C], esi
inc [ebx+0x4F417C]
test ecx, eax
mov edx, 0x00
and eax, 0xFFFFFFFF
mov [ebp-0x04], edx
inc ecx
sub eax, 0xFFFFFFFF
mov dword ptr [ebx+0x4F417C], 0x01
add [ebp-0x04], edi
mov [ebx+0x4F417C], ecx
xor eax, 0x00
test dword ptr [ebp+0x08], 0x01
add eax, 0x5BE
add [ebx+0x4F417C], esi
and eax, 0x154
add eax, 0x592
inc [ebp-0x08]
add ecx, ecx
xor eax, 0x00
sub [ebp+0x08], eax
dec [ebp+0x08]
xor ecx, [ebx+0x4F417C]
add eax, 0x299
dec [ebx+0x4F417C]
mov [ebp+0x08], edi
mov eax, [ebp-0x08]
or [ebp+0x08], edx
sub dword ptr [ebx+0x4F417C], 0x01
test dword ptr [ebp-0x04], 0x161
and eax, 0x6FD
mov dword ptr [ebp-0x08], 0xFFFFF850
dec [ebp+0x08]
or [ebx+0x4F417C], eax
or edi, [ebp+0x08]
inc ecx
and eax, 0x00
sub eax, 0xFFFFFFFF
test [ebp-0x08], eax
test [ebx+0x4F417C], esi
mov dword ptr [ebx+0x4F417C], 0xFFFFFFFF
or edi, 0x00
xor esi, edx
xor eax, 0xFFFFFD68
xor eax, 0x00
inc [ebp+0x08]
and eax, 0x00
and edx, 0x00
pop edi
pop esi
pop edx
pop ecx
pop eax
leave
ret 0x04
}
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 __fastcall sub_4061d1(undefined4 param_1,undefined4 param_2)
{
int32_t iVar1;
uint32_t extraout_ECX;
uint32_t uVar2;
uint32_t uVar3;
int32_t unaff_EBX;
uint32_t unaff_ESI;
uint32_t uVar4;
uint32_t unaff_EDI;
uint32_t in_stack_fffffff4;
uint32_t uStack_8;
iVar1 = sub_4028ce(*(unaff_EBX + 0x4f41d8), *(unaff_EBX + 0x4f4338));
if (0xe055 < in_stack_fffffff4) {
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) + -1;
in_stack_fffffff4 = unaff_ESI;
}
uVar3 = unaff_EDI;
if (iVar1 != 0xc5ab) {
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) + -1;
unaff_ESI = unaff_ESI ^ uStack_8;
uVar3 = unaff_EDI - uStack_8;
}
*(unaff_EBX + 0x4f417c) = 0xffffff28;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) & 1;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) & 1;
uVar2 = extraout_ECX | unaff_ESI + 1;
uVar4 = (in_stack_fffffff4 - uVar3) + 1;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) & uVar2 + 0x504;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) + -0x4f6;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) ^ (((uVar3 ^ 0xffffffff) + uVar2) - 1 & 3 ^ 0xfffffff3) - 0x1bf;
uVar3 = uVar4 & 1;
*(unaff_EBX + 0x4f417c) = uVar3;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c);
*(unaff_EBX + 0x4f417c) = 0xffffffff;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) + 1;
uVar4 = (unaff_ESI + 1 & uVar4) + 1 + *(unaff_EBX + 0x4f417c);
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) ^ uVar4;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) + 1;
*(unaff_EBX + 0x4f417c) = 1;
*(unaff_EBX + 0x4f417c) = (uVar3 ^ uVar4 ^ 0xfffffaf6 | 1) + 1;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) + uVar4;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) + -1;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) + -1;
*(unaff_EBX + 0x4f417c) = *(unaff_EBX + 0x4f417c) | 1;
*(unaff_EBX + 0x4f417c) = 0xffffffff;
return CONCAT44(unaff_EDI, param_2);
}
0x401B6D sub_401b6d str 0 api 0 imm 44 Unknown
sub_401b6d() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFF4
push eax
push ecx
push edx
push esi
push edi
cmp eax, 0x7492
jb .1
dec [ebp-0x0C]
add [ebx+0x4F425C], ecx
jmp .2
.1:
add esi, 0xFFFFFF47
.2:
and eax, 0x00
xor [ebp-0x04], edi
or dword ptr [ebp-0x04], 0x00
add edi, 0x6CF
inc eax
add eax, [ebp+0x08]
sub eax, 0xFFFFF880
mov [ebx+0x4F425C], ecx
sub eax, 0xFFFFFFFF
inc [ebp+0x0C]
add eax, 0xFFFFFFFF
dec edx
xor [ebp+0x0C], edx
dec edx
add edi, 0x16D
test [ebp-0x08], ecx
or [ebp-0x0C], edx
or [ebp-0x08], eax
mov esi, [ebp+0x0C]
xor dword ptr [ebx+0x4F4280], 0x2ED
mov dword ptr [ebx+0x4F4280], 0x01
test [ebx+0x4F4280], esi
test [ebp+0x08], ecx
dec [ebp+0x0C]
inc esi
mov ecx, edx
dec [ebp-0x08]
xor eax, 0x01
add eax, 0x5BD
xor ecx, 0x00
mov edx, 0x00
sub eax, 0xFFFFFF46
xor dword ptr [ebx+0x4F425C], 0xFFFFFA18
dec edx
sub esi, [ebp+0x0C]
and edx, [ebx+0x4F4280]
sub edi, ecx
inc ecx
sub eax, 0x01
sub ecx, 0x01
or [ebp+0x0C], edi
add dword ptr [ebp+0x08], 0xFFFFFAF6
xor dword ptr [ebp-0x0C], 0x00
push [ebx+0x4F41A0]
push [ebx+0x4F40FC]
call sub_404785()
add eax, 0xFFFFFFFF
sub eax, 0xFFFFFFFF
or dword ptr [ebp-0x04], 0x3D8
xor eax, 0xFFFFFA0F
xor [ebx+0x4F425C], eax
or dword ptr [ebp-0x0C], 0x00
xor eax, edi
sub esi, esi
test [ebp-0x04], edx
test edi, eax
and dword ptr [ebp-0x0C], 0x01
mov dword ptr [ebp-0x04], 0x01
xor ecx, [ebp+0x0C]
inc edi
and [ebp+0x0C], eax
sub [ebp+0x0C], eax
or eax, edi
push [ebx+0x4F43C8]
push [ebx+0x4F4088]
call sub_4051a0()
add [ebx+0x4F4280], esi
sub dword ptr [ebx+0x4F425C], 0xFFFFFD02
mov [ebp+0x0C], edx
or edx, ecx
xor dword ptr [ebp-0x04], 0x00
push [ebx+0x4F4158]
push ebp
call sub_4054db()
and eax, 0x00
and [ebp+0x0C], eax
and eax, 0x00
sub dword ptr [ebp+0x0C], 0x185
and eax, 0xFFFFFFFF
push [ebx+0x4F423C]
push [ebx+0x4F4234]
push [ebx+0x4F4018]
call sub_40a814()
mov esi, 0x568
test eax, edx
inc eax
sub [ebp+0x0C], eax
or eax, [ebp+0x0C]
mov [ebx+0x4F4280], edx
add dword ptr [ebp+0x08], 0x01
and eax, 0xFFFFFFFF
mov esi, 0x00
add [ebx+0x4F4280], esi
and [ebp+0x08], esi
or dword ptr [ebp+0x08], 0x01
xor eax, 0xFFFFFFFF
inc edx
dec edi
mov dword ptr [ebx+0x4F4280], 0xFFFFFFFF
dec eax
xor ecx, [ebp+0x0C]
or edx, 0x01
test [ebp-0x08], edx
add eax, 0xFFFFFFFF
xor esi, ecx
dec esi
test dword ptr [ebp-0x04], 0xFFFFFFFF
and eax, 0xFFFFFFFF
add eax, 0xFFFFFFFF
and dword ptr [ebx+0x4F4280], 0xFFFFFDEA
or eax, [ebp+0x08]
add dword ptr [ebp-0x0C], 0x6CA
inc [ebp-0x0C]
sub edi, [ebx+0x4F425C]
xor eax, 0x01
xor dword ptr [ebp+0x0C], 0x00
sub dword ptr [ebx+0x4F425C], 0xFFFFFFFF
and [ebx+0x4F4280], edi
add edi, 0x136
xor edx, 0xFFFFF8B7
sub eax, 0xFFFFFFFF
test dword ptr [ebx+0x4F4280], 0xFFFFF930
inc ecx
dec ecx
dec esi
sub ecx, 0x2D9
mov dword ptr [ebp+0x0C], 0x491
add eax, 0x423
or dword ptr [ebp+0x08], 0x00
and [ebp-0x04], esi
add eax, 0x01
sub esi, eax
and eax, 0xFFFFFFFF
or dword ptr [ebx+0x4F4280], 0x00
sub eax, 0x01
or edx, 0x00
dec [ebx+0x4F4280]
or ecx, [ebp+0x08]
push [ebx+0x4F4248]
push [ebx+0x4F4348]
call sub_406f66()
add eax, 0x01
mov dword ptr [ebp+0x0C], 0xFFFFFFFF
add ecx, esi
and esi, 0x00
sub ecx, 0x01
sub dword ptr [ebp+0x08], 0xFFFFFFFF
dec [ebp-0x04]
test dword ptr [ebp-0x0C], 0xFFFFFD88
dec edx
sub eax, 0x3E9
and eax, 0xFFFFFFFF
inc ecx
mov edi, 0x00
add eax, 0xFFFFFA0A
mov dword ptr [ebp+0x0C], 0xFFFFFFFF
xor eax, 0x00
and [ebp+0x0C], eax
and [ebp+0x0C], eax
sub edi, 0x5AC
xor eax, 0x00
mov esi, 0x00
sub dword ptr [ebp+0x0C], 0xFFFFFFFF
and dword ptr [ebp+0x08], 0xFFFFFAA1
xor edx, esi
add [ebx+0x4F425C], eax
xor esi, [ebp+0x08]
inc ecx
xor dword ptr [ebp-0x08], 0x00
test dword ptr [ebx+0x4F4280], 0xFFFFFFFF
mov edx, 0x01
dec eax
and eax, 0xFFFFFFFF
sub dword ptr [ebx+0x4F425C], 0x01
or edi, [ebp+0x08]
add eax, 0xFFFFFFFF
mov dword ptr [ebp+0x08], 0x4A4
mov dword ptr [ebp+0x08], 0xFFFFFFFF
sub [ebp-0x0C], eax
add [ebx+0x4F4280], ecx
mov dword ptr [ebp+0x08], 0xFFFFFFFF
test dword ptr [ebx+0x4F425C], 0x352
mov esi, 0x01
dec esi
add dword ptr [ebp-0x0C], 0xFFFFFFFF
and eax, 0x00
add eax, 0xFFFFFFFF
sub dword ptr [ebp-0x04], 0x218
sub dword ptr [ebp-0x04], 0x422
add eax, 0x01
and edi, edx
inc [ebx+0x4F4280]
push eax
call sub_40be13()
test dword ptr [ebp+0x0C], 0xFFFFFFFF
pop edi
pop esi
pop edx
pop ecx
pop eax
leave
ret 0x08
}
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 __fastcall sub_401b6d(int32_t param_1,int32_t param_2)
{
undefined4 uVar1;
uint32_t in_EAX;
uint32_t uVar2;
uint32_t uVar3;
int32_t iVar4;
uint32_t extraout_ECX;
int32_t extraout_ECX_00;
int32_t unaff_EBX;
int32_t unaff_EDI;
undefined8 uVar5;
undefined4 uVar6;
if (0x7491 < in_EAX) {
*(unaff_EBX + 0x4f425c) = *(unaff_EBX + 0x4f425c) + param_1;
}
*(unaff_EBX + 0x4f425c) = param_1;
*(unaff_EBX + 0x4f4280) = *(unaff_EBX + 0x4f4280) ^ 0x2ed;
*(unaff_EBX + 0x4f4280) = 1;
*(unaff_EBX + 0x4f425c) = *(unaff_EBX + 0x4f425c) ^ 0xfffffa18;
uVar2 = sub_404785(*(unaff_EBX + 0x4f40fc), *(unaff_EBX + 0x4f41a0));
*(unaff_EBX + 0x4f425c) = *(unaff_EBX + 0x4f425c) ^ uVar2 ^ 0xfffffa0f;
sub_4051a0(*(unaff_EBX + 0x4f4088), *(unaff_EBX + 0x4f43c8));
*(unaff_EBX + 0x4f4280) = *(unaff_EBX + 0x4f4280);
*(unaff_EBX + 0x4f425c) = *(unaff_EBX + 0x4f425c) + 0x2fe;
sub_4054db(&stack0xfffffffc, *(unaff_EBX + 0x4f4158));
uVar6 = *(unaff_EBX + 0x4f4234);
uVar5 = sub_40a814(*(unaff_EBX + 0x4f4018), uVar6, *(unaff_EBX + 0x4f423c));
uVar3 = uVar5 + 1;
uVar2 = -uVar3 - 0x185;
*(unaff_EBX + 0x4f4280) = uVar5 >> 0x20;
*(unaff_EBX + 0x4f4280) = *(unaff_EBX + 0x4f4280);
*(unaff_EBX + 0x4f4280) = 0xffffffff;
*(unaff_EBX + 0x4f4280) = *(unaff_EBX + 0x4f4280) & 0xfffffdea;
iVar4 = *(unaff_EBX + 0x4f425c);
*(unaff_EBX + 0x4f425c) = *(unaff_EBX + 0x4f425c) + 1;
*(unaff_EBX + 0x4f4280) = *(unaff_EBX + 0x4f4280) & ((unaff_EDI + 0x83c) - (param_2 + -2)) - iVar4;
*(unaff_EBX + 0x4f4280) = *(unaff_EBX + 0x4f4280);
*(unaff_EBX + 0x4f4280) = *(unaff_EBX + 0x4f4280) + -1;
uVar1 = *(unaff_EBX + 0x4f4248);
iVar4 = sub_406f66(*(unaff_EBX + 0x4f4348));
*(unaff_EBX + 0x4f425c) = *(unaff_EBX + 0x4f425c) + iVar4 + -0x9de;
*(unaff_EBX + 0x4f425c) = *(unaff_EBX + 0x4f425c) + -1;
*(unaff_EBX + 0x4f4280) =
*(unaff_EBX + 0x4f4280) +
extraout_ECX_00 + ((extraout_ECX ^ uVar2) - (((((uVar3 | uVar2) ^ 0xffffffff) - 3 | 1) ^ 1) + 0x425)) + -1;
*(unaff_EBX + 0x4f4280) = *(unaff_EBX + 0x4f4280) + 1;
sub_40be13(0);
return CONCAT44(uVar1, uVar6);
}
0x4028CE sub_4028ce str 0 api 0 imm 44 Unknown
sub_4028ce() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFF8
push eax
push ecx
push edx
push esi
push edi
cmp eax, 0x36C8
jl .1
xor dword ptr [ebp-0x04], 0x01
jmp .2
.1:
sub ecx, [ebp+0x0C]
and esi, [ebx+0x4F43A4]
dec [ebp-0x08]
.2:
add eax, 0x41A
inc [ebx+0x4F435C]
cmp eax, esi
jnp .3
sub dword ptr [ebx+0x4F41DC], 0x01
jmp .4
.3:
xor dword ptr [ebx+0x4F41DC], 0x00
.4:
sub dword ptr [ebp-0x04], 0xFFFFFFFF
inc eax
dec edx
inc [ebp-0x04]
and dword ptr [ebx+0x4F41DC], 0xFFFFFD50
add edx, [ebp+0x08]
inc [ebp+0x08]
test dword ptr [ebp+0x0C], 0xFFFFFFFF
add edx, 0xFFFFFFFF
or dword ptr [ebp+0x0C], 0x3BF
dec [ebp-0x04]
xor [ebp+0x08], ecx
or ecx, [ebx+0x4F43A4]
test [ebp-0x04], eax
mov dword ptr [ebp-0x04], 0xFFFFF830
mov dword ptr [ebx+0x4F43A4], 0xFFFFFFFF
mov edx, 0x00
add dword ptr [ebp-0x04], 0x308
inc edi
sub edi, 0x02
add edx, edx
add edi, 0xFFFFFFFF
and dword ptr [ebp-0x04], 0x00
test dword ptr [ebp-0x04], 0xFFFFFFFF
xor eax, 0x01
xor eax, 0x1C1
add eax, 0xFFFFFCF7
add eax, [ebx+0x4F43A4]
xor eax, [ebp+0x0C]
mov dword ptr [ebp-0x04], 0x356
and [ebx+0x4F41DC], eax
and ecx, [ebp+0x08]
xor dword ptr [ebx+0x4F41DC], 0xFFFFFFFF
and dword ptr [ebp+0x0C], 0xFFFFFFFF
mov edx, 0xFFFFFCF5
sub esi, 0xFFFFFFFF
mov edx, 0x01
mov edi, 0x00
mov dword ptr [ebx+0x4F43A4], 0xFFFFFFFF
or eax, [ebx+0x4F41DC]
add esi, 0x01
dec esi
sub eax, 0x554
add eax, 0xFFFFFF11
and [ebp-0x08], eax
add eax, 0x01
sub edx, [ebp+0x08]
or [ebp-0x04], esi
sub ecx, [ebx+0x4F43A4]
and edi, [ebp-0x08]
or edx, 0x00
add eax, 0xFFFFFFFF
inc [ebx+0x4F41DC]
or esi, edi
dec edi
inc [ebp-0x04]
dec edi
test dword ptr [ebp-0x04], 0xFFFFFFFF
sub edi, edx
xor edx, 0x00
inc ecx
dec [ebp+0x0C]
mov ecx, [ebp-0x04]
mov edx, 0xFFFFFFFF
add eax, 0x01
sub [ebp+0x08], eax
and eax, esi
push [ebx+0x4F4050]
push [ebx+0x4F42A4]
push ecx
call sub_40c140()
mov eax, 0xFFFFFFFF
and eax, 0x73E
and dword ptr [ebx+0x4F41DC], 0x01
add eax, 0x01
test dword ptr [ebp-0x08], 0x01
and esi, 0x00
mov dword ptr [ebp-0x04], 0xFFFFF9A3
sub eax, 0x272
add eax, 0x01
and dword ptr [ebp-0x04], 0x01
sub eax, 0x7EC
add [ebp+0x08], edi
and dword ptr [ebp+0x0C], 0x00
or [ebx+0x4F41DC], edi
and eax, 0x01
and [ebp-0x08], ecx
and dword ptr [ebp-0x04], 0x00
sub [ebp-0x04], eax
inc esi
sub eax, 0xFFFFFFFF
and eax, 0x01
mov edx, 0x00
dec edx
sub esi, [ebp-0x04]
or ecx, 0x53B
sub eax, 0xFFFFFA5D
sub edx, esi
sub eax, 0x01
sub dword ptr [ebp+0x08], 0xFFFFFFFF
mov [ebp-0x08], ecx
sub dword ptr [ebx+0x4F41DC], 0xFFFFFFFF
xor eax, 0xFFFFFFFF
add eax, 0xFFFFFFFF
dec [ebp+0x0C]
add edi, 0xFFFFFFFF
mov [ebx+0x4F41DC], edi
xor [ebp-0x04], ecx
mov ecx, 0x00
add eax, 0x01
mov dword ptr [ebp-0x08], 0xFFFFFFFF
mov esi, 0x00
or [ebp+0x0C], esi
add [ebp-0x04], esi
test dword ptr [ebp-0x04], 0xFFFFF9C9
or edx, eax
dec [ebp+0x0C]
or ecx, [ebp-0x04]
mov [ebp+0x0C], ecx
add eax, 0xFFFFFFFF
add edx, 0x01
mov edi, 0xFFFFFFFF
or esi, [ebp-0x08]
or [ebp+0x08], edi
sub eax, 0x548
dec [ebp-0x08]
dec ecx
add eax, 0x01
test esi, edx
or dword ptr [ebp-0x08], 0x00
or ecx, 0x01
and [ebp+0x08], esi
mov edx, 0x00
dec edx
sub dword ptr [ebp+0x08], 0xC3
test dword ptr [ebp+0x08], 0x32B
or [ebp+0x08], edx
inc edi
sub [ebx+0x4F41DC], esi
add eax, 0xFFFFFD52
dec [ebx+0x4F41DC]
test dword ptr [ebp-0x08], 0xFFFFFFFF
add edi, eax
xor esi, 0x00
and eax, 0xFFFFFB78
sub eax, 0xFFFFFC81
dec eax
mov dword ptr [ebp-0x04], 0x1D6
add edi, esi
or eax, 0x00
sub ecx, [ebp-0x08]
dec [ebx+0x4F435C]
xor edi, ecx
mov dword ptr [ebp+0x0C], 0xFFFFFFFF
add esi, 0x2E5
mov esi, 0x00
test ecx, esi
sub esi, 0x01
sub eax, 0x01
inc edi
test [ebx+0x4F41DC], edi
mov [ebp+0x08], esi
or dword ptr [ebp-0x08], 0x00
mov [ebp+0x0C], esi
add dword ptr [ebx+0x4F43A4], 0x01
sub ecx, [ebp+0x0C]
and [ebx+0x4F41DC], edx
and eax, 0x00
sub [ebp-0x04], eax
dec edx
add eax, 0x1BA
add dword ptr [ebp-0x08], 0xFFFFFFFF
sub edi, [ebx+0x4F435C]
and eax, 0x00
add dword ptr [ebp-0x08], 0xFFFFFB8F
sub [ebp-0x08], edx
xor esi, [ebx+0x4F43A4]
sub dword ptr [ebp-0x04], 0x01
dec [ebp-0x04]
add edi, eax
test dword ptr [ebp-0x04], 0xFFFFFFFF
dec [ebx+0x4F435C]
or edi, 0x01
sub eax, esi
add eax, 0x01
sub [ebx+0x4F43A4], esi
sub eax, 0x01
and [ebp-0x08], esi
inc ecx
and [ebp-0x04], ecx
add [ebx+0x4F41DC], esi
add eax, 0x236
pop edi
; listing truncated
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 __thiscall sub_4028ce(uint32_t param_1,int32_t param_2,uint32_t param_3)
{
undefined4 uVar1;
int32_t iVar2;
int32_t in_EAX;
int32_t unaff_EBX;
uint32_t unaff_ESI;
uint32_t uVar3;
uVar3 = unaff_ESI;
if (in_EAX < 0x36c8) {
param_1 = param_1 - param_3;
uVar3 = unaff_ESI & *(unaff_EBX + 0x4f43a4);
}
*(unaff_EBX + 0x4f435c) = *(unaff_EBX + 0x4f435c) + 1;
if ((POPCOUNT((in_EAX + 0x41a) - uVar3 & 0xff) & 1U) == 0) {
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc) + -1;
}
else {
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc);
}
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc) & 0xfffffd50;
*(unaff_EBX + 0x4f43a4) = 0xffffffff;
*(unaff_EBX + 0x4f41dc) =
*(unaff_EBX + 0x4f41dc) & (((in_EAX + 0x41bU ^ 0x1c0) - 0x309) + *(unaff_EBX + 0x4f43a4) ^ (param_3 | 0x3bf));
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc) ^ 0xffffffff;
*(unaff_EBX + 0x4f43a4) = 0xffffffff;
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc) + 1;
iVar2 = -(1 - (param_2 + 1U ^ param_1));
uVar1 = *(unaff_EBX + 0x4f4050);
sub_40c140((uVar3 + 1 | 0x356) + 1, *(unaff_EBX + 0x4f42a4));
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc) & 1;
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc) | iVar2 - 2U;
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc) + 1;
*(unaff_EBX + 0x4f41dc) = iVar2 + -3;
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc) + 1;
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc) + -1;
*(unaff_EBX + 0x4f435c) = *(unaff_EBX + 0x4f435c) + -1;
*(unaff_EBX + 0x4f43a4) = *(unaff_EBX + 0x4f43a4) + 1;
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc);
uVar3 = *(unaff_EBX + 0x4f43a4) ^ 0xffffffff;
*(unaff_EBX + 0x4f435c) = *(unaff_EBX + 0x4f435c) + -1;
*(unaff_EBX + 0x4f43a4) = *(unaff_EBX + 0x4f43a4) - uVar3;
*(unaff_EBX + 0x4f41dc) = *(unaff_EBX + 0x4f41dc) + uVar3;
return CONCAT44(uVar1, unaff_ESI);
}
0x40729D sub_40729d str 0 api 0 imm 44 Unknown
sub_40729d() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFFC
push eax
push ecx
push edx
push esi
push edi
cmp eax, 0x14B8
jo .2
mov edx, [ebp+0x0C]
sub esi, 0x01
inc edx
jmp .3
.2:
inc [ebp+0x08]
inc [ebp+0x08]
mov dword ptr [ebp-0x04], 0xFFFFFFFF
.3:
test dword ptr [ebp-0x04], 0x01
and eax, 0x00
mov dword ptr [ebp-0x04], 0xFFFFFFFE
or edi, [ebp+0x0C]
inc [ebp+0x08]
xor dword ptr [ebp+0x08], 0xFFFFFFFF
cmp eax, 0x586A
jns .4
add dword ptr [ebp+0x0C], 0xFFFFFC84
jmp .5
.4:
xor ecx, ecx
or dword ptr [ebp-0x04], 0x01
.5:
sub esi, 0xFFFFFFFF
dec [ebp+0x08]
and eax, 0x00
and dword ptr [ebp+0x08], 0xFFFFFFFF
mov dword ptr [ebp+0x08], 0xFFFFFB15
add eax, [ebp+0x08]
inc [ebx+0x4F41F8]
sub eax, 0xFFFFFFFF
dec eax
xor dword ptr [ebp-0x04], 0x00
mov esi, 0xFFFFFA11
sub esi, 0x01
and edx, 0x01
add ecx, [ebp+0x0C]
test dword ptr [ebp+0x08], 0xFFFFFFCB
dec eax
xor [ebp+0x0C], edi
test [ebp-0x04], edi
and eax, 0xFFFFFFFF
dec edi
inc edx
xor eax, 0xFFFFFE00
sub eax, 0x01
or dword ptr [ebp+0x0C], 0x00
test dword ptr [ebp+0x08], 0x2E
dec [ebx+0x4F40DC]
xor eax, ecx
mov dword ptr [ebx+0x4F4398], 0x4BC
add eax, 0x01
sub eax, 0xFFFFFFFF
xor esi, ecx
xor edi, [ebx+0x4F40DC]
mov esi, [ebx+0x4F40DC]
and dword ptr [ebp-0x04], 0x01
test dword ptr [ebx+0x4F41F8], 0xFFFFFA88
or [ebp-0x04], edx
xor esi, 0xFFFFFFFF
sub eax, 0xFFFFFC52
test [ebp-0x04], ecx
sub ecx, ecx
sub eax, 0xFFFFFFFF
dec [ebp+0x0C]
or dword ptr [ebx+0x4F40DC], 0x00
test dword ptr [ebp-0x04], 0xFFFFFFFF
sub esi, 0xFFFFFFFF
test edx, ecx
add eax, 0x91
mov edx, [ebp+0x08]
sub eax, 0xFFFFFFFF
mov dword ptr [ebp+0x0C], 0xFFFFFFFF
or esi, 0xFFFFFFFF
add ecx, 0xFFFFFFFF
and eax, 0xFFFFFFFF
xor esi, 0x00
mov esi, 0xFFFFFFFF
mov dword ptr [ebx+0x4F41F8], 0xFFFFFF8D
or [ebp+0x08], eax
dec ecx
xor [ebx+0x4F40DC], esi
and eax, 0x00
dec eax
mov edi, 0x00
xor dword ptr [ebp-0x04], 0x00
dec edi
dec [ebp-0x04]
add [ebx+0x4F41F8], edi
xor eax, 0xFFFFFFFF
sub ecx, eax
add eax, 0xFFFFFFFF
inc edi
push [ebx+0x4F40BC]
push [ebx+0x4F43B4]
push [ebx+0x4F40C0]
call sub_40c140()
and eax, 0xFFFFFAD0
and esi, edi
add edi, 0x6ED
test dword ptr [ebp+0x08], 0xFFFFFFFF
xor eax, 0x00
add ecx, [ebx+0x4F41F8]
add dword ptr [ebx+0x4F4398], 0x5E2
mov dword ptr [ebx+0x4F40DC], 0x19C
sub ecx, 0xFFFFFFFF
and eax, 0x01
test dword ptr [ebp+0x0C], 0xFFFFFC3E
inc edi
and eax, 0x00
sub eax, 0xFFFFF89F
or dword ptr [ebx+0x4F4398], 0x00
and [ebx+0x4F4398], edi
inc [ebx+0x4F4398]
mov esi, 0x00
sub dword ptr [ebp+0x0C], 0xFFFFFAD2
and edi, eax
and dword ptr [ebx+0x4F4398], 0x00
mov edx, 0x00
add eax, [ebp+0x08]
dec [ebx+0x4F40DC]
dec esi
xor eax, 0x01
and eax, 0x00
and eax, 0x01
add eax, 0x01
dec [ebp-0x04]
or eax, 0x42B
inc eax
and eax, 0x419
or eax, edx
or dword ptr [ebp+0x0C], 0x01
xor [ebp+0x0C], edi
mov [ebp+0x0C], esi
xor eax, [ebp+0x0C]
add [ebx+0x4F40DC], ecx
and edi, eax
test dword ptr [ebp+0x0C], 0xFFFFFFFF
xor dword ptr [ebp-0x04], 0x00
mov edx, 0x00
sub eax, 0x01
sub dword ptr [ebx+0x4F40DC], 0xFFFFF96B
dec [ebx+0x4F40DC]
sub [ebp-0x04], esi
dec [ebp-0x04]
add eax, 0xFFFFF80D
xor dword ptr [ebp+0x08], 0x01
inc [ebp+0x08]
mov esi, [ebx+0x4F41F8]
xor [ebp-0x04], ecx
or eax, eax
test [ebx+0x4F41F8], edi
and [ebx+0x4F40DC], esi
sub edi, 0xFFFFFD6A
or ecx, 0xFFFFFFFF
test [ebx+0x4F41F8], edi
or [ebp+0x08], edi
or [ebp+0x0C], eax
or dword ptr [ebx+0x4F40DC], 0xFFFFFE27
add [ebp+0x08], esi
and eax, 0xFFFFFFFF
sub edi, [ebp+0x08]
add eax, 0x01
sub dword ptr [ebx+0x4F4398], 0x7A2
xor eax, 0x00
add ecx, 0x45E
test [ebp-0x04], ecx
test dword ptr [ebp-0x04], 0xFFFFFFFF
test dword ptr [ebp-0x04], 0x01
mov [ebp+0x08], eax
test [ebp-0x04], ecx
mov edi, 0x00
inc [ebx+0x4F41F8]
test dword ptr [ebx+0x4F41F8], 0xFFFFFFFF
xor eax, 0x706
mov [ebx+0x4F40DC], edx
xor eax, 0x00
inc [ebp+0x08]
mov eax, 0xFFFFFA85
dec ecx
add ecx, [ebp+0x08]
test dword ptr [ebx+0x4F4398], 0xFFFFFFFF
mov ecx, 0xFFFFFCCE
mov dword ptr [ebp+0x08], 0xFFFFFFFF
mov ecx, 0xFFFFFFFF
sub eax, 0xFFFFFFFF
sub edx, 0x01
pop edi
pop esi
pop edx
pop ecx
pop eax
leave
ret 0x08
}
/* WARNING: Removing unreachable block (ram,0x004072f2) */
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 __thiscall sub_40729d(int32_t param_1,undefined4 param_2,int32_t param_3)
{
undefined4 uVar1;
int32_t extraout_ECX;
int32_t unaff_EBX;
undefined4 unaff_ESI;
*(unaff_EBX + 0x4f41f8) = *(unaff_EBX + 0x4f41f8) + 1;
*(unaff_EBX + 0x4f40dc) = *(unaff_EBX + 0x4f40dc) + -1;
*(unaff_EBX + 0x4f4398) = 0x4bc;
*(unaff_EBX + 0x4f40dc) = *(unaff_EBX + 0x4f40dc);
*(unaff_EBX + 0x4f41f8) = 0xffffff8d;
param_2 = (param_1 + param_3 + -0x37c ^ 0x513U) + 0x443 | 0xfffffb15;
*(unaff_EBX + 0x4f40dc) = *(unaff_EBX + 0x4f40dc) ^ 0xffffffff;
*(unaff_EBX + 0x4f41f8) = *(unaff_EBX + 0x4f41f8) + -1;
uVar1 = *(unaff_EBX + 0x4f40bc);
sub_40c140(*(unaff_EBX + 0x4f40c0), *(unaff_EBX + 0x4f43b4));
*(unaff_EBX + 0x4f4398) = *(unaff_EBX + 0x4f4398) + 0x5e2;
*(unaff_EBX + 0x4f40dc) = 0x19c;
*(unaff_EBX + 0x4f4398) = *(unaff_EBX + 0x4f4398);
*(unaff_EBX + 0x4f4398) = *(unaff_EBX + 0x4f4398) & 0x6ee;
*(unaff_EBX + 0x4f4398) = *(unaff_EBX + 0x4f4398) + 1;
*(unaff_EBX + 0x4f4398) = 0;
*(unaff_EBX + 0x4f40dc) = *(unaff_EBX + 0x4f40dc) + -1;
*(unaff_EBX + 0x4f40dc) = *(unaff_EBX + 0x4f40dc) + extraout_ECX + *(unaff_EBX + 0x4f41f8) + 1;
*(unaff_EBX + 0x4f40dc) = *(unaff_EBX + 0x4f40dc) + 0x695;
*(unaff_EBX + 0x4f40dc) = *(unaff_EBX + 0x4f40dc) + -1;
*(unaff_EBX + 0x4f40dc) = *(unaff_EBX + 0x4f40dc) & *(unaff_EBX + 0x4f41f8);
*(unaff_EBX + 0x4f40dc) = *(unaff_EBX + 0x4f40dc) | 0xfffffe27;
*(unaff_EBX + 0x4f4398) = *(unaff_EBX + 0x4f4398) + -0x7a2;
*(unaff_EBX + 0x4f41f8) = *(unaff_EBX + 0x4f41f8) + 1;
*(unaff_EBX + 0x4f40dc) = 0;
return CONCAT44(uVar1, unaff_ESI);
}
0x406834 sub_406834 str 0 api 0 imm 43 Unknown
sub_406834() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFF4
push eax
push ecx
push edx
push esi
push edi
cmp ebp, [ebp+0x0C]
jb .1
xor ecx, esi
jmp .2
.1:
inc ecx
inc [ebp+0x08]
inc [ebp-0x08]
.2:
test dword ptr [ebp+0x08], 0xFFFFFB68
dec [ebp-0x0C]
or [ebp-0x08], ecx
cmp eax, 0xE0A0
jnle .3
and [ebx+0x4F406C], edx
and eax, 0x00
add edx, 0xFFFFFFFF
jmp .4
.3:
inc edi
add eax, 0x01
mov edi, 0x41B
.4:
xor esi, 0x00
sub eax, 0x01
xor [ebp-0x04], esi
mov eax, 0x01
mov edx, 0xFFFFFFAD
sub [ebp+0x08], esi
sub eax, 0xFFFFFFFF
mov dword ptr [ebp+0x0C], 0x01
mov edx, edi
and dword ptr [ebp-0x08], 0x00
and dword ptr [ebp-0x04], 0xFFFFFFFF
xor [ebx+0x4F4028], ecx
mov esi, 0x00
add [ebp-0x04], ecx
add edx, 0xFFFFFA45
and dword ptr [ebp+0x08], 0x00
xor edx, 0x00
xor eax, 0xFFFFFFFF
sub eax, 0xFFFFFFFC
xor [ebp-0x0C], edx
xor [ebp-0x04], edx
xor edx, 0x609
xor edi, 0x00
mov dword ptr [ebp-0x0C], 0x2D8
add eax, 0xFFFFFFFF
and eax, 0xFFFFFFFF
mov edx, 0x00
inc esi
and edx, 0x00
inc eax
test edx, edx
test [ebp-0x04], esi
and edx, ecx
sub eax, 0x01
inc [ebx+0x4F406C]
and dword ptr [ebp-0x0C], 0x1C9
xor dword ptr [ebp+0x08], 0x01
or esi, esi
dec [ebp+0x0C]
or ecx, 0xFFFFFFFF
sub ecx, esi
add dword ptr [ebp-0x08], 0x01
and eax, 0xFFFFF961
sub eax, 0xFFFFFFFF
mov dword ptr [ebx+0x4F406C], 0x7EA
or edi, 0x00
mov dword ptr [ebp+0x08], 0xFFFFFFFF
xor eax, 0x234
xor [ebp-0x0C], eax
sub edi, 0xFFFFFFFF
add eax, 0xFFFFFCB7
add eax, 0x01
mov eax, 0x00
dec esi
sub [ebp-0x0C], eax
mov ecx, eax
and eax, 0x00
add [ebx+0x4F4028], eax
mov dword ptr [ebp-0x0C], 0x76A
or eax, edi
mov edi, eax
add dword ptr [ebp-0x0C], 0x58A
dec esi
add eax, 0x01
sub eax, 0x01
dec [ebp+0x08]
inc [ebp+0x08]
xor [ebp-0x04], esi
or edi, 0xFFFFFA70
test [ebp+0x0C], edi
dec ecx
and eax, 0x00
sub eax, 0x15F
sub edx, 0xFFFFFFFF
sub dword ptr [ebp+0x0C], 0x01
mov edx, 0x00
xor edx, 0x25A
mov esi, eax
add eax, 0xFFFFFFFF
and esi, esi
and eax, 0x00
add eax, 0x01
add [ebp+0x08], esi
mov ecx, 0x00
and eax, 0xFFFFFFFF
dec ecx
inc eax
mov edx, 0x00
add eax, 0x01
xor eax, 0x01
sub eax, 0xFFFFFFFF
add dword ptr [ebx+0x4F4028], 0xFFFFFFFF
and dword ptr [ebx+0x4F406C], 0x01
add [ebp+0x08], eax
sub eax, 0x01
add eax, 0xFFFFFFFF
inc [ebp-0x0C]
test dword ptr [ebp-0x0C], 0x2E9
mov [ebp-0x04], eax
sub edi, 0xFFFFFFFF
inc [ebp+0x0C]
push [ebx+0x4F41C0]
push edx
call sub_40a4b0()
dec eax
inc esi
and esi, 0xFFFFF813
add edx, 0x01
xor [ebx+0x4F406C], ecx
or eax, eax
xor esi, eax
xor edi, [ebp-0x08]
test dword ptr [ebp-0x0C], 0x01
mov esi, edx
and eax, 0x00
xor [ebp+0x08], ecx
add eax, eax
add eax, 0x01
xor [ebp+0x08], esi
and eax, esi
xor [ebx+0x4F406C], ecx
test [ebp+0x08], eax
or eax, [ebp-0x0C]
add eax, esi
xor eax, 0x00
add eax, 0x01
sub eax, 0xFFFFFFFF
add eax, 0xFFFFF9DF
mov edi, [ebx+0x4F406C]
and edx, edx
xor eax, 0x485
inc [ebx+0x4F406C]
test [ebp-0x08], edx
sub eax, [ebp+0x08]
add eax, 0x01
test [ebp+0x08], eax
sub esi, 0x4C2
test [ebp-0x0C], edi
xor edx, [ebx+0x4F406C]
or dword ptr [ebp-0x0C], 0xFFFFFA43
dec edx
add eax, 0x01
inc edi
add esi, 0x01
mov edx, ecx
dec eax
xor esi, ecx
and eax, 0xFFFFF8DC
xor eax, eax
xor dword ptr [ebp+0x0C], 0x01
mov ecx, 0xFFFFFFFF
sub esi, esi
mov edx, [ebx+0x4F4028]
mov [ebp-0x04], edi
and edx, 0xFFFFFB42
test ecx, ecx
or edx, [ebx+0x4F4028]
add [ebp-0x08], esi
dec [ebp-0x08]
add dword ptr [ebx+0x4F406C], 0xFFFFFFFF
add edi, 0x01
inc esi
test dword ptr [ebx+0x4F406C], 0xFFFFFA5C
sub [ebp-0x04], esi
test dword ptr [ebp-0x04], 0xFFFFFFFF
sub edi, 0x01
test [ebp+0x08], edi
xor eax, 0x3FD
or dword ptr [ebp+0x08], 0x00
sub [ebx+0x4F4028], eax
sub edx, [ebx+0x4F4028]
pop edi
pop esi
pop edx
pop ecx
pop eax
leave
ret 0x08
}
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 __fastcall sub_406834(uint32_t param_1,uint32_t param_2,undefined4 param_3,undefined *param_4)
{
int32_t in_EAX;
uint32_t extraout_ECX;
int32_t unaff_EBX;
uint32_t unaff_ESI;
undefined4 unaff_EDI;
if (&stack0xfffffffc < param_4) {
param_1 = param_1 + 1;
}
else {
param_1 = param_1 ^ unaff_ESI;
}
if (in_EAX < 0xe0a1) {
*(unaff_EBX + 0x4f406c) = *(unaff_EBX + 0x4f406c) & param_2;
}
*(unaff_EBX + 0x4f4028) = *(unaff_EBX + 0x4f4028) ^ param_1;
*(unaff_EBX + 0x4f406c) = *(unaff_EBX + 0x4f406c) + 1;
*(unaff_EBX + 0x4f406c) = 0x7ea;
*(unaff_EBX + 0x4f4028) = *(unaff_EBX + 0x4f4028);
*(unaff_EBX + 0x4f4028) = *(unaff_EBX + 0x4f4028) + -1;
*(unaff_EBX + 0x4f406c) = *(unaff_EBX + 0x4f406c) & 1;
param_3 = 0xfffffea3;
sub_40a4b0(0, *(unaff_EBX + 0x4f41c0));
*(unaff_EBX + 0x4f406c) = *(unaff_EBX + 0x4f406c) ^ extraout_ECX;
*(unaff_EBX + 0x4f406c) = *(unaff_EBX + 0x4f406c) ^ extraout_ECX;
*(unaff_EBX + 0x4f406c) = *(unaff_EBX + 0x4f406c) + 1;
*(unaff_EBX + 0x4f406c) = *(unaff_EBX + 0x4f406c) + -1;
*(unaff_EBX + 0x4f4028) = *(unaff_EBX + 0x4f4028) + -0x3fd;
return CONCAT44(unaff_EDI, param_2);
}
0x406F66 sub_406f66 str 0 api 0 imm 43 Unknown
sub_406f66() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFF4
push eax
push ecx
push edx
push esi
push edi
cmp dword ptr [ebp+0x08], 0xFFF0
jo .1
mov esi, 0x01
sub eax, 0x01
add dword ptr [ebp-0x0C], 0xAF
jmp .2
.1:
test dword ptr [ebp-0x04], 0x01
sub [ebp-0x08], edx
.2:
xor [ebp+0x08], ecx
dec eax
mov esi, edx
test dword ptr [ebp-0x08], 0x7F3
xor [ebp+0x08], edx
sub eax, 0xFFFFFFFF
test dword ptr [ebp-0x04], 0x2BF
or eax, [ebp-0x0C]
test dword ptr [ebp+0x08], 0xFFFFFFFF
and dword ptr [ebp-0x04], 0xFFFFFFFF
dec edi
xor dword ptr [ebx+0x4F42B4], 0x00
mov edx, esi
and eax, 0x592
mov eax, 0xFFFFFA92
sub eax, 0xFFFFFFFF
add eax, 0x01
add dword ptr [ebp-0x08], 0xFFFFFE21
add edi, 0xFFFFFE19
mov esi, 0x01
mov eax, eax
and [ebp+0x08], eax
test dword ptr [ebp-0x04], 0xFFFFFFFF
sub esi, 0xFFFFFFFF
mov eax, 0x01
mov dword ptr [ebx+0x4F42B4], 0xFFFFFBCE
add esi, 0x462
and edx, ecx
test [ebx+0x4F42B4], edi
inc [ebx+0x4F42B4]
mov ecx, 0x01
and dword ptr [ebx+0x4F42B4], 0x01
mov dword ptr [ebx+0x4F42B4], 0x789
add esi, 0x01
dec [ebx+0x4F42B4]
mov dword ptr [ebp-0x04], 0x6BF
add edx, edi
or ecx, ecx
inc ecx
sub edx, edi
and [ebx+0x4F42B4], edi
test dword ptr [ebp-0x0C], 0x01
xor eax, 0xFFFFFFFF
and dword ptr [ebp+0x08], 0xFFFFFFFF
push ebp
push [ebx+0x4F43AC]
push [ebx+0x4F4218]
call sub_40800a()
and [ebp+0x0C], eax
xor eax, 0xFFFFFFFF
dec edi
mov dword ptr [ebx+0x4F42B4], 0x400
add eax, 0xFFFFFFFF
sub eax, 0xFFFFFAE5
add eax, 0x01
sub eax, 0xFFFFFFFF
mov edx, [ebp+0x0C]
inc [ebx+0x4F42B4]
and edi, 0xFFFFFFFF
add eax, ecx
xor dword ptr [ebp-0x04], 0x00
add [ebx+0x4F42B4], edx
inc eax
and eax, 0x00
mov dword ptr [ebp+0x0C], 0x01
add dword ptr [ebx+0x4F42B4], 0x01
and esi, 0xFFFFFAAC
dec [ebp+0x08]
mov esi, esi
mov esi, 0xFFFFFDA9
test [ebx+0x4F42B4], edi
sub [ebp+0x0C], ecx
inc [ebp-0x04]
dec esi
inc eax
or dword ptr [ebp-0x04], 0xFFFFFFFF
test dword ptr [ebp-0x04], 0x119
mov edi, 0xFFFFFFFF
add dword ptr [ebp+0x0C], 0x6B
mov eax, 0xFFFFFFFF
sub eax, 0x709
test [ebp+0x0C], edi
mov esi, [ebp-0x04]
and ecx, ecx
test dword ptr [ebx+0x4F42B4], 0x01
test dword ptr [ebp+0x0C], 0x01
test dword ptr [ebp-0x04], 0x01
sub eax, 0xFFFFFA46
or edx, ecx
and dword ptr [ebx+0x4F42B4], 0x01
sub [ebx+0x4F42B4], esi
xor dword ptr [ebp-0x04], 0x00
sub [ebp-0x04], eax
add eax, 0xFFFFFFFF
mov dword ptr [ebp+0x08], 0xFFFFFDDA
dec [ebx+0x4F42B4]
and eax, 0x00
dec esi
and dword ptr [ebp+0x0C], 0xFFFFFFFF
test dword ptr [ebp+0x0C], 0x01
test dword ptr [ebp+0x0C], 0xFFFFFED1
or dword ptr [ebx+0x4F42B4], 0x00
xor esi, 0x00
and dword ptr [ebp-0x04], 0x01
and [ebp+0x08], edx
add eax, 0xFFFFF8C4
or edx, edi
test [ebx+0x4F42B4], eax
sub edi, 0x427
sub eax, [ebp+0x08]
sub eax, 0xFFFFF80C
test [ebp-0x0C], esi
and edi, [ebp+0x0C]
and eax, 0xFFFFFFFF
and [ebp-0x08], ecx
or dword ptr [ebp+0x0C], 0x01
inc [ebp+0x0C]
mov ecx, 0x00
xor eax, edx
and eax, 0x00
xor edi, 0xFFFFFACD
add edi, [ebp-0x08]
xor [ebx+0x4F42B4], edi
xor [ebp+0x0C], edi
push [ebx+0x4F40E4]
push edi
call sub_404785()
or [ebx+0x4F42B4], edx
sub ecx, edx
inc edx
sub dword ptr [ebp-0x08], 0xFFFFFFFF
add eax, 0xFFFFFFFF
add edx, 0x01
xor esi, [ebp+0x0C]
sub eax, 0xFFFFFFFF
test [ebp-0x04], esi
dec [ebp+0x08]
add eax, 0xFFFFFE13
mov eax, 0x00
add eax, esi
add edi, 0x01
mov dword ptr [ebp-0x08], 0xFFFFFFFF
sub dword ptr [ebp-0x08], 0x01
sub eax, 0x01
or [ebp+0x08], edx
test [ebp+0x08], edi
xor [ebx+0x4F42B4], edi
add eax, 0xFFFFFFFF
sub eax, 0x6F6
add edi, 0xFFFFFA9F
sub eax, 0xFFFFFFFF
inc esi
or [ebp+0x0C], ecx
or [ebp+0x0C], edi
or esi, 0xFFFFFFFF
sub [ebp-0x0C], eax
and [ebp-0x04], esi
add [ebp-0x0C], ecx
add dword ptr [ebx+0x4F42B4], 0xFFFFFFFF
or esi, edx
sub eax, 0xFFFFFFFF
dec eax
mov dword ptr [ebp+0x0C], 0x01
test dword ptr [ebp+0x0C], 0xFFFFFCEE
inc esi
xor [ebp-0x04], esi
dec esi
xor [ebp-0x08], esi
add eax, 0x01
mov [ebp-0x08], ecx
inc eax
xor edi, [ebp-0x08]
and eax, 0xFFFFFF05
mov edi, ecx
and eax, 0x01
inc edi
sub eax, 0xFFFFFD11
add eax, 0x2DD
dec esi
pop edi
pop esi
pop edx
pop ecx
pop eax
leave
ret 0x08
}
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 __fastcall sub_406f66(undefined4 param_1,int32_t param_2,int32_t param_3,uint32_t param_4)
{
uint32_t uVar1;
uint32_t extraout_ECX;
uint32_t extraout_EDX;
int32_t unaff_EBX;
int32_t unaff_EDI;
undefined4 uVar2;
int32_t iStack_c;
if (SBORROW4(param_3, 0xfff0)) {
iStack_c = iStack_c - param_2;
}
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4);
*(unaff_EBX + 0x4f42b4) = 0xfffffbce;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) + 1;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) & 1;
*(unaff_EBX + 0x4f42b4) = 0x789;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) + -1;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) & unaff_EDI - 0x1e8U;
uVar2 = *(unaff_EBX + 0x4f4218);
uVar1 = sub_40800a(uVar2, *(unaff_EBX + 0x4f43ac));
*(unaff_EBX + 0x4f42b4) = 0x400;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) + 1;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) + (param_4 & uVar1);
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) + 1;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) & 1;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) + 1;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) + -1;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4);
uVar1 = (0x6c - extraout_ECX & 0xfffffbd8 ^ 0xfffffacd) + (iStack_c - 0x1dfU & extraout_ECX);
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) ^ uVar1;
sub_404785(uVar1, *(unaff_EBX + 0x4f40e4));
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) | extraout_EDX;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) ^ uVar1 + 1;
*(unaff_EBX + 0x4f42b4) = *(unaff_EBX + 0x4f42b4) + -1;
return CONCAT44(uVar2, &stack0xfffffffc);
}
0x403E2B sub_403e2b str 0 api 0 imm 42 Unknown
sub_403e2b() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFF8
push eax
push ecx
push edx
push esi
push edi
cmp dword ptr [ebx+0x4F42D8], 0xA323
jz .1
sub [ebx+0x4F42D8], ecx
jmp .2
.1:
and edi, [ebx+0x4F42D8]
.2:
and eax, 0x00
test [ebp-0x04], eax
and eax, 0x00
add edi, [ebx+0x4F408C]
test dword ptr [ebp-0x08], 0x2DB
test eax, esi
and dword ptr [ebp-0x04], 0x2D
mov [ebx+0x4F42D8], edi
test dword ptr [ebp+0x10], 0xFFFFFD8C
xor dword ptr [ebp+0x10], 0x01
inc [ebx+0x4F408C]
and [ebx+0x4F408C], eax
sub dword ptr [ebp-0x08], 0x1F3
mov dword ptr [ebp-0x08], 0x01
sub [ebp-0x04], ecx
sub edx, 0xFFFFFFFF
or [ebx+0x4F42D8], esi
sub eax, 0x19
xor esi, 0x00
inc esi
xor eax, 0xFFFFFFFF
sub dword ptr [ebx+0x4F408C], 0x01
mov esi, 0x00
xor eax, 0x00
and edx, 0x01
dec [ebp+0x0C]
mov dword ptr [ebx+0x4F408C], 0xFFFFFFFF
dec ecx
dec esi
sub eax, 0xFFFFFFFF
dec [ebp-0x04]
mov dword ptr [ebp+0x08], 0xE0
add eax, 0xFFFFFFFF
test [ebp-0x08], edx
or edx, 0xFFFFFFFF
test dword ptr [ebx+0x4F408C], 0xFFFFFFFF
mov dword ptr [ebx+0x4F42D8], 0xFFFFF9E2
dec [ebx+0x4F42D8]
and esi, 0x00
add esi, [ebx+0x4F42D8]
test [ebp-0x04], ecx
add edx, eax
xor eax, 0x01
inc [ebp+0x0C]
sub eax, 0x01
test [ebx+0x4F42D8], ecx
xor dword ptr [ebp+0x10], 0x486
inc edi
or edi, [ebp+0x10]
or edx, 0x01
dec [ebp-0x08]
test dword ptr [ebp+0x0C], 0xE6
dec edx
or esi, 0x01
sub ecx, eax
mov dword ptr [ebp-0x04], 0xFFFFFFFF
xor esi, 0x01
or esi, edx
xor eax, 0xFFFFFFFF
and esi, 0x00
mov dword ptr [ebx+0x4F408C], 0x53
xor eax, 0x00
add edi, 0xFFFFFFFF
xor esi, [ebp+0x0C]
mov dword ptr [ebp-0x04], 0x01
sub [ebx+0x4F42D8], esi
sub dword ptr [ebx+0x4F408C], 0xFFFFFFFF
mov [ebx+0x4F408C], eax
add edx, 0x55B
or [ebp+0x08], edi
test dword ptr [ebp+0x0C], 0x01
add esi, 0x01
add dword ptr [ebp+0x08], 0x01
mov eax, esi
sub [ebx+0x4F408C], eax
and eax, 0x3A0
xor eax, 0x00
and edx, esi
and dword ptr [ebx+0x4F408C], 0xFFFFFFFF
test dword ptr [ebp+0x0C], 0xFFFFF9EC
add edx, [ebp+0x08]
and dword ptr [ebx+0x4F408C], 0x00
sub edx, [ebp+0x0C]
inc [ebx+0x4F42D8]
mov esi, 0x00
test [ebp-0x08], edx
add [ebx+0x4F408C], esi
dec [ebx+0x4F408C]
inc edi
inc eax
and ecx, [ebx+0x4F42D8]
sub edx, 0x01
mov [ebp-0x04], esi
add eax, 0x01
sub eax, [ebp-0x08]
xor eax, 0x01
sub [ebp-0x04], edi
mov eax, 0x00
or [ebp-0x08], edi
add [ebp+0x08], esi
sub eax, 0xFFFFFFFF
sub eax, 0x01
inc [ebp-0x04]
sub eax, esi
xor ecx, 0xFFFFFFFF
and dword ptr [ebp+0x08], 0x01
add eax, 0xFFFFFFFF
inc [ebx+0x4F408C]
sub eax, 0x01
mov [ebx+0x4F408C], esi
mov [ebp+0x0C], eax
dec ecx
and eax, 0x7D
test [ebp-0x08], ecx
mov edi, [ebp+0x0C]
add eax, 0x7C5
and dword ptr [ebx+0x4F408C], 0x00
add edi, 0xFFFFFFFF
add eax, 0x01
test [ebp+0x08], edx
add [ebp+0x08], edx
test esi, edx
sub dword ptr [ebp+0x08], 0xFFFFFFFF
inc [ebp+0x08]
xor dword ptr [ebx+0x4F408C], 0xFFFFFFFF
inc [ebx+0x4F408C]
and dword ptr [ebp-0x08], 0xFFFFF84E
inc esi
mov eax, 0xFFFFFFEF
sub [ebx+0x4F42D8], edi
test [ebx+0x4F42D8], edx
or [ebp+0x08], edx
test eax, edx
sub eax, 0x53A
sub esi, 0x61D
xor eax, 0xFFFFFFFF
inc [ebp+0x0C]
inc [ebp+0x10]
xor dword ptr [ebp+0x10], 0x00
and dword ptr [ebp+0x08], 0x43F
add eax, 0xFFFFFFFF
add dword ptr [ebp-0x04], 0x637
xor edi, 0x00
mov ecx, 0xFFFFFFFF
sub dword ptr [ebp+0x10], 0xFFFFFFFF
sub dword ptr [ebp-0x04], 0xFFFFFFFF
inc [ebx+0x4F408C]
or edx, 0xFFFFFD36
mov eax, 0x00
test esi, edi
mov ecx, 0x00
or eax, 0x00
xor dword ptr [ebp-0x08], 0x00
sub eax, 0xFFFFF967
test dword ptr [ebx+0x4F42D8], 0x01
and eax, 0x00
mov edx, 0x00
or dword ptr [ebp-0x08], 0x00
mov esi, 0xFFFFFFFF
inc [ebx+0x4F42D8]
mov dword ptr [ebx+0x4F408C], 0xFFFFF967
inc [ebx+0x4F408C]
xor eax, 0xFFFFFAE2
or eax, 0x00
dec [ebp+0x10]
or ecx, edi
or esi, [ebp-0x08]
add dword ptr [ebx+0x4F42D8], 0x32
test dword ptr [ebp+0x08], 0xFFFFFFFF
xor eax, 0x7DE
add dword ptr [ebp+0x08], 0x01
mov ecx, 0xFFFFFE4C
and [ebx+0x4F408C], ecx
pop edi
pop esi
pop edx
pop ecx
pop eax
leave
ret 0x0C
}
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 __fastcall sub_403e2b(int32_t param_1,undefined4 param_2,undefined4 param_3,int32_t param_4)
{
undefined4 in_EAX;
int32_t unaff_EBX;
uint32_t unaff_ESI;
uint32_t unaff_EDI;
if (*(unaff_EBX + 0x4f42d8) == 0xa323) {
unaff_EDI = unaff_EDI & *(unaff_EBX + 0x4f42d8);
}
else {
*(unaff_EBX + 0x4f42d8) = *(unaff_EBX + 0x4f42d8) - param_1;
}
*(unaff_EBX + 0x4f42d8) = unaff_EDI + *(unaff_EBX + 0x4f408c);
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c) + 1;
*(unaff_EBX + 0x4f408c) = 0;
*(unaff_EBX + 0x4f42d8) = *(unaff_EBX + 0x4f42d8) | unaff_ESI;
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c) + -1;
*(unaff_EBX + 0x4f408c) = 0xffffffff;
*(unaff_EBX + 0x4f42d8) = 0xfffff9e2;
*(unaff_EBX + 0x4f42d8) = *(unaff_EBX + 0x4f42d8) + -1;
*(unaff_EBX + 0x4f408c) = 0x53;
*(unaff_EBX + 0x4f42d8) = *(unaff_EBX + 0x4f42d8) - param_4;
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c) + 1;
*(unaff_EBX + 0x4f408c) = 0xffffffe7;
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c) - (param_4 + 1);
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c);
*(unaff_EBX + 0x4f408c) = 0;
*(unaff_EBX + 0x4f42d8) = *(unaff_EBX + 0x4f42d8) + 1;
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c);
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c) + -1;
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c) + 1;
*(unaff_EBX + 0x4f408c) = 0;
*(unaff_EBX + 0x4f408c) = 0;
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c) ^ 0xffffffff;
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c) + 1;
*(unaff_EBX + 0x4f42d8) = *(unaff_EBX + 0x4f42d8) + 3;
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c) + 1;
*(unaff_EBX + 0x4f42d8) = *(unaff_EBX + 0x4f42d8) + 1;
*(unaff_EBX + 0x4f408c) = 0xfffff967;
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c) + 1;
*(unaff_EBX + 0x4f42d8) = *(unaff_EBX + 0x4f42d8) + 0x32;
*(unaff_EBX + 0x4f408c) = *(unaff_EBX + 0x4f408c) & 0xfffffe4c;
return CONCAT44(param_2, in_EAX);
}
0x409A82 sub_409a82 str 0 api 0 imm 42 Unknown
sub_409a82() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFFC
push eax
push ecx
push edx
push esi
push edi
cmp esp, edi
jns .1
add eax, 0xFFFFF8BB
xor ecx, 0x01
dec edx
jmp .2
.1:
xor [ebx+0x4F4038], edx
add [ebx+0x4F40D0], edx
.2:
mov edi, 0xFFFFFCB6
add eax, 0x01
cmp esp, eax
jb .3
add [ebp-0x04], edi
or [ebp+0x08], ecx
test dword ptr [ebp+0x08], 0x01
jmp .4
.3:
sub eax, [ebp-0x04]
add eax, esi
.4:
sub eax, 0x42
mov dword ptr [ebp+0x0C], 0x01
sub dword ptr [ebp-0x04], 0x01
add eax, 0xFFFFFAD9
add edx, [ebp+0x0C]
sub edi, 0x22E
mov edx, ecx
push [ebx+0x4F4260]
push [ebx+0x4F4214]
call sub_40183f()
inc eax
dec [ebx+0x4F40D0]
add eax, 0x01
mov edi, 0xFFFFF81C
and eax, 0x01
xor [ebp-0x04], esi
mov dword ptr [ebp+0x08], 0x01
and edx, 0x00
mov dword ptr [ebp+0x10], 0xFFFFFCD6
mov dword ptr [ebp+0x10], 0xFFFFFDC8
test dword ptr [ebx+0x4F4048], 0x01
xor eax, 0xFFFFFFFF
mov eax, [ebx+0x4F4038]
sub dword ptr [ebp-0x04], 0x4B
sub dword ptr [ebx+0x4F40D0], 0xFFFFFDE2
xor edi, 0x00
add esi, edx
and eax, 0x00
dec ecx
sub eax, 0x204
add eax, 0x01
or ecx, 0xFFFFFFFF
mov dword ptr [ebp+0x08], 0x01
xor eax, 0x01
and eax, 0x00
xor edi, esi
or dword ptr [ebx+0x4F4048], 0xFFFFF832
or dword ptr [ebx+0x4F4038], 0x00
mov dword ptr [ebp+0x10], 0x01
xor [ebp+0x08], esi
mov edx, [ebp+0x08]
and eax, 0x00
inc ecx
inc ecx
test dword ptr [ebp+0x0C], 0xFFFFFFFF
add edi, [ebp+0x0C]
sub eax, 0xFFFFFFFF
add eax, 0xFFFFFFFF
add edx, 0xD8
add ecx, ecx
mov dword ptr [ebp+0x0C], 0xFFFFFC8C
add eax, 0xFFFFF9B6
dec [ebp-0x04]
test [ebx+0x4F4048], esi
test dword ptr [ebp-0x04], 0x01
xor ecx, 0x00
sub [ebp-0x04], eax
xor eax, 0x01
xor dword ptr [ebp+0x0C], 0xFFFFFFFF
or esi, 0x00
mov esi, 0x01
mov dword ptr [ebp-0x04], 0x01
dec [ebp-0x04]
mov edx, 0xFFFFFFFF
add ecx, [ebx+0x4F4038]
and dword ptr [ebx+0x4F40D0], 0x00
or eax, 0x00
xor [ebp+0x0C], edx
sub [ebx+0x4F4038], ecx
test dword ptr [ebx+0x4F4038], 0xFFFFFFFF
dec edx
inc [ebp+0x10]
and eax, 0x01
add [ebx+0x4F4038], edx
or [ebp-0x04], edi
xor eax, 0x01
xor eax, eax
and eax, [ebx+0x4F4048]
test dword ptr [ebp-0x04], 0x5C5
sub eax, 0xFFFFFE43
test dword ptr [ebp+0x08], 0xFFFFFDA0
test dword ptr [ebx+0x4F4048], 0x01
mov dword ptr [ebp-0x04], 0xFFFFFFFF
mov eax, 0x00
add eax, 0x01
mov [ebx+0x4F4038], edi
sub edi, 0xFFFFFFFF
inc [ebp+0x08]
inc [ebp-0x04]
sub ecx, 0x6D9
sub ecx, edx
or eax, 0x01
add dword ptr [ebp+0x08], 0xFFFFFFFF
sub edx, [ebx+0x4F4038]
xor eax, [ebp-0x04]
push [ebx+0x4F4040]
push [ebx+0x4F43D0]
call sub_405b4b()
xor dword ptr [ebp+0x10], 0x00
sub dword ptr [ebx+0x4F4038], 0x632
or [ebp+0x10], ecx
dec eax
test [ebx+0x4F40D0], eax
xor edi, 0xFFFFFFFF
test dword ptr [ebp+0x0C], 0xFFFFFFFF
add [ebp+0x10], edx
mov dword ptr [ebp+0x10], 0xFFFFFFFF
add eax, 0xFFFFF94E
xor eax, eax
xor [ebp-0x04], ecx
or eax, 0xFFFFFFFF
mov [ebp+0x08], esi
xor eax, 0x00
test dword ptr [ebp+0x10], 0xFFFFF9F0
and dword ptr [ebp+0x10], 0x82
add eax, 0x01
inc [ebp+0x08]
and dword ptr [ebx+0x4F4038], 0x00
sub eax, 0xFFFFFFFF
dec [ebp-0x04]
inc ecx
or dword ptr [ebp+0x10], 0x00
mov [ebp+0x08], esi
or edi, eax
sub eax, 0x01
test [ebx+0x4F4048], esi
dec edx
mov edx, 0x00
and dword ptr [ebx+0x4F40D0], 0x01
sub edi, 0x01
xor edx, 0xFFFFF8CB
dec [ebp-0x04]
inc ecx
and eax, 0x00
or edx, eax
test [ebp+0x0C], edi
sub dword ptr [ebx+0x4F4038], 0xFFFFFFFF
dec eax
add ecx, 0x01
sub eax, 0x01
sub eax, 0x01
and [ebx+0x4F4048], esi
mov dword ptr [ebx+0x4F4038], 0x01
xor dword ptr [ebp-0x04], 0xFFFFF9F2
test [ebx+0x4F4048], ecx
push edx
push [ebx+0x4F4150]
call sub_408a71()
push [ebx+0x4F4148]
push [ebx+0x4F4144]
call sub_406834()
and dword ptr [ebp+0x0C], 0x00
sub [ebp+0x10], esi
mov dword ptr [ebx+0x4F4048], 0xFFFFFFFF
and esi, [ebp-0x04]
add eax, 0x569
sub ecx, 0xFFFFFFFF
mov dword ptr [ebp-0x04], 0xFFFFFA3A
dec [ebp-0x04]
add eax, 0x01
sub dword ptr [ebp-0x04], 0x26B
add ecx, [ebp+0x08]
mov dword ptr [ebp+0x10], 0xFFFFF9E0
sub [ebp-0x04], eax
or eax, 0x01
and edi, [ebp-0x04]
and esi, edi
dec edx
add [ebx+0x4F4038], edi
sub esi, 0xFFFFFFFF
or [ebp-0x04], edi
mov [ebp+0x10], edx
mov dword ptr [ebp-0x04], 0x4BF
xor eax, 0xFFFFFFFF
or esi, 0xFFFFFFFF
sub edi, [ebp-0x04]
add dword ptr [ebp+0x08], 0xFFFFFD6D
and edx, 0x00
sub eax, 0x01
and eax, 0x00
xor dword ptr [ebp+0x10], 0x01
and [ebp-0x04], esi
add eax, edi
sub ecx, 0x01
test dword ptr [ebx+0x4F40D0], 0xFFFFFFFF
test [ebp-0x04], edi
mov edx, 0xFFFFF8E7
add ecx, [ebx+0x4F4038]
and [ebp-0x04], eax
; listing truncated
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 __fastcall sub_409a82(undefined4 param_1,uint32_t param_2)
{
int32_t iVar1;
int32_t unaff_EBX;
uint32_t unaff_ESI;
int32_t unaff_EDI;
int32_t iVar2;
int32_t iStack00000008;
undefined4 uVar3;
undefined4 uVar4;
if (-1 < &stack0xffffffe4 + -unaff_EDI) {
*(unaff_EBX + 0x4f4038) = *(unaff_EBX + 0x4f4038) ^ param_2;
*(unaff_EBX + 0x4f40d0) = *(unaff_EBX + 0x4f40d0) + param_2;
}
iStack00000008 = 1;
sub_40183f(*(unaff_EBX + 0x4f4214), *(unaff_EBX + 0x4f4260));
*(unaff_EBX + 0x4f40d0) = *(unaff_EBX + 0x4f40d0) + -1;
*(unaff_EBX + 0x4f40d0) = *(unaff_EBX + 0x4f40d0) + 0x21e;
*(unaff_EBX + 0x4f4048) = *(unaff_EBX + 0x4f4048) | 0xfffff832;
*(unaff_EBX + 0x4f4038) = *(unaff_EBX + 0x4f4038);
iVar2 = (unaff_ESI ^ 0xfffff81c) + iStack00000008;
*(unaff_EBX + 0x4f40d0) = 0;
iStack00000008 = 0xfffffc8c;
*(unaff_EBX + 0x4f4038) = *(unaff_EBX + 0x4f4038) - (*(unaff_EBX + 0x4f4038) + 2);
*(unaff_EBX + 0x4f4038) = *(unaff_EBX + 0x4f4038) + -2;
*(unaff_EBX + 0x4f4038) = iVar2;
uVar4 = *(unaff_EBX + 0x4f43d0);
sub_405b4b(uVar4, *(unaff_EBX + 0x4f4040));
*(unaff_EBX + 0x4f4038) = *(unaff_EBX + 0x4f4038) + -0x632;
*(unaff_EBX + 0x4f4038) = 0;
*(unaff_EBX + 0x4f40d0) = *(unaff_EBX + 0x4f40d0) & 1;
*(unaff_EBX + 0x4f4038) = *(unaff_EBX + 0x4f4038) + 1;
*(unaff_EBX + 0x4f4048) = *(unaff_EBX + 0x4f4048) & 1;
*(unaff_EBX + 0x4f4038) = 1;
uVar3 = *(unaff_EBX + 0x4f4150);
sub_408a71(uVar3, 0xfffff8cb);
iVar1 = sub_406834(*(unaff_EBX + 0x4f4144), *(unaff_EBX + 0x4f4148));
*(unaff_EBX + 0x4f4048) = 0xffffffff;
*(unaff_EBX + 0x4f4038) = *(unaff_EBX + 0x4f4038) + ((iVar2 + 1U ^ 0xffffffff | 1) - 1 & -(iVar1 + 0x56a) - 0x832U);
*(unaff_EBX + 0x4f4038) = *(unaff_EBX + 0x4f4038) + 1;
return CONCAT44(uVar3, uVar4);
}
0x4083E6 sub_4083e6 str 0 api 0 imm 41 Unknown
sub_4083e6() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFFC
push eax
push ecx
push edx
push esi
push edi
cmp eax, 0xA553
jnp .1
mov eax, edi
jmp .3
.1:
sub dword ptr [ebp+0x08], 0xFFFFFBBA
sub eax, 0x01
.3:
mov edi, 0x00
test [ebp+0x08], eax
cmp dword ptr [ebx+0x4F4030], 0x2B33
jnb .4
and eax, 0x01
jmp .5
.4:
dec [ebp-0x04]
or dword ptr [ebx+0x4F4030], 0x00
.5:
mov edx, 0x00
mov [ebp+0x08], edx
add dword ptr [ebp-0x04], 0x01
inc [ebp-0x04]
dec esi
xor edx, 0xFFFFFFFF
sub eax, 0x01
or ecx, 0x00
dec edi
add eax, 0x3BA
dec [ebp+0x08]
or [ebp+0x08], edi
inc esi
sub dword ptr [ebp+0x08], 0xFFFFFFFF
add dword ptr [ebx+0x4F4030], 0x01
and dword ptr [ebx+0x4F42E4], 0xFFFFF84F
or edi, 0xFFFFFFFF
inc ecx
inc [ebp-0x04]
or dword ptr [ebp+0x08], 0xFFFFFFFF
mov ecx, 0x00
and esi, esi
xor [ebx+0x4F42E4], eax
mov edx, [ebp-0x04]
mov esi, 0x00
sub edx, 0x486
and [ebx+0x4F40D4], eax
inc edx
mov [ebp+0x08], edx
mov esi, 0x00
or edi, 0x00
mov edi, 0x00
dec ecx
sub eax, [ebp-0x04]
inc [ebp-0x04]
xor eax, 0x01
sub dword ptr [ebx+0x4F4030], 0x290
sub eax, 0xFFFFFE88
sub eax, 0xFFFFFFFF
xor eax, esi
add esi, [ebp-0x04]
or edx, 0xFFFFFA58
add dword ptr [ebx+0x4F40D4], 0x3C7
add eax, 0xFFFFFFFF
mov esi, 0x00
and eax, 0x00
add edi, esi
add [ebx+0x4F40D4], eax
add eax, ecx
sub eax, 0xFFFFFBAC
sub [ebp+0x08], edx
add esi, [ebp-0x04]
dec [ebp+0x08]
sub eax, [ebp+0x08]
or [ebp-0x04], edx
test dword ptr [ebp-0x04], 0x304
dec edx
sub dword ptr [ebx+0x4F40D4], 0x6B5
add [ebp-0x04], edi
test [ebx+0x4F4030], esi
inc edx
test [ebx+0x4F40D4], ecx
and ecx, 0xFFFFFFFF
dec esi
mov eax, 0x00
sub eax, edi
test [ebp-0x04], edi
xor eax, ecx
sub ecx, 0xFFFFF893
test [ebp+0x08], edi
or dword ptr [ebp-0x04], 0xFFFFFFFF
or edi, 0x00
mov [ebx+0x4F40D4], edi
dec [ebx+0x4F40D4]
test dword ptr [ebx+0x4F40D4], 0xFFFFFFFF
and [ebp-0x04], eax
mov edx, edi
mov esi, [ebp+0x08]
xor eax, 0xFFFFFF6B
sub esi, [ebp+0x08]
sub eax, 0xFFFFFFFF
xor eax, edx
mov dword ptr [ebx+0x4F4030], 0xFFFFFFFF
inc [ebx+0x4F4030]
sub eax, 0xFFFFFFFF
inc [ebp+0x08]
xor [ebp-0x04], esi
add eax, 0x2C
add eax, 0xFFFFFFFF
sub edi, 0xFFFFFFFF
inc [ebp-0x04]
sub dword ptr [ebp+0x08], 0xFFFFFFFF
xor eax, 0xFFFFFBB0
and [ebx+0x4F4030], ecx
or edx, [ebp-0x04]
inc edx
mov [ebx+0x4F4030], ecx
sub dword ptr [ebx+0x4F40D4], 0xFFFFFB93
sub [ebp+0x08], esi
and edi, 0x00
mov [ebp+0x08], eax
inc [ebx+0x4F4030]
sub eax, 0xFFFFFFF7
mov dword ptr [ebp+0x08], 0x01
xor eax, 0x00
xor [ebp+0x08], edi
mov edx, 0x00
dec esi
or edi, 0x00
or edi, esi
mov esi, eax
and edi, 0x00
test [ebp-0x04], ecx
test dword ptr [ebx+0x4F42E4], 0xFFFFFFFF
add eax, 0x01
mov dword ptr [ebp+0x08], 0x01
add eax, 0xFFFFFAB9
dec [ebx+0x4F42E4]
test dword ptr [ebx+0x4F42E4], 0x764
dec [ebp+0x08]
mov esi, 0x00
and eax, 0x01
add dword ptr [ebp+0x08], 0x01
and eax, 0xFFFFFFFF
and [ebp-0x04], eax
mov [ebp+0x08], ecx
mov eax, 0xFFFFF833
mov esi, 0x00
xor [ebx+0x4F4030], eax
xor eax, 0x3C5
and dword ptr [ebp+0x08], 0x00
and eax, 0x01
and [ebp+0x08], ecx
test [ebp-0x04], edx
sub eax, 0xFFFFFC8C
dec edx
xor eax, 0xFFFFFFFF
mov edi, [ebp-0x04]
test [ebx+0x4F42E4], edx
dec eax
mov [ebp+0x08], edi
xor dword ptr [ebp+0x08], 0x01
and [ebp-0x04], edx
dec [ebp-0x04]
add ecx, 0x21B
xor esi, 0x00
and edx, eax
add [ebp-0x04], esi
add dword ptr [ebx+0x4F4030], 0xFFFFF8AE
or esi, [ebp-0x04]
and edi, 0x00
mov eax, [ebp+0x08]
dec [ebp-0x04]
mov edx, 0xFFFFFB0B
xor eax, 0x01
push [ebx+0x4F426C]
call sub_409413()
test [ebx+0x4F42E4], ecx
or esi, [ebp+0x08]
add eax, 0x01
sub ecx, [ebp-0x04]
mov esi, 0xFFFFF9DB
xor [ebp+0x08], eax
sub edi, edi
dec [ebx+0x4F42E4]
dec ecx
add eax, 0xFFFFFFFF
xor [ebp-0x04], eax
test dword ptr [ebx+0x4F4030], 0x0A
sub [ebp-0x04], edx
sub [ebp-0x04], eax
sub [ebp+0x08], edi
add eax, eax
sub edi, [ebp-0x04]
inc edi
sub eax, 0x01
xor dword ptr [ebx+0x4F40D4], 0x00
or eax, 0x00
dec ecx
dec [ebp+0x08]
inc ecx
and eax, 0x00
inc eax
sub eax, 0x01
sub dword ptr [ebx+0x4F42E4], 0x01
xor eax, 0xFFFFFFFF
test [ebp-0x04], eax
inc [ebp-0x04]
pop edi
pop esi
pop edx
pop ecx
pop eax
; listing truncated
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 __fastcall sub_4083e6(undefined4 param_1)
{
int32_t in_EAX;
int32_t unaff_EBX;
undefined4 unaff_ESI;
uint32_t unaff_EDI;
undefined4 uStack00000004;
if ((POPCOUNT(in_EAX - 0xa553U & 0xff) & 1U) != 0) {
unaff_EDI = in_EAX - 1;
}
if (*(unaff_EBX + 0x4f4030) < 0x2b33) {
unaff_EDI = unaff_EDI & 1;
}
else {
*(unaff_EBX + 0x4f4030) = *(unaff_EBX + 0x4f4030);
}
*(unaff_EBX + 0x4f4030) = *(unaff_EBX + 0x4f4030) + 1;
*(unaff_EBX + 0x4f42e4) = *(unaff_EBX + 0x4f42e4) & 0xfffff84f;
*(unaff_EBX + 0x4f42e4) = *(unaff_EBX + 0x4f42e4) ^ unaff_EDI + 0x3b9;
*(unaff_EBX + 0x4f40d4) = *(unaff_EBX + 0x4f40d4) & unaff_EDI + 0x3b9;
*(unaff_EBX + 0x4f4030) = *(unaff_EBX + 0x4f4030) + -0x290;
*(unaff_EBX + 0x4f40d4) = *(unaff_EBX + 0x4f40d4) + 0x3c7;
*(unaff_EBX + 0x4f40d4) = *(unaff_EBX + 0x4f40d4);
*(unaff_EBX + 0x4f40d4) = *(unaff_EBX + 0x4f40d4) + -0x6b5;
*(unaff_EBX + 0x4f40d4) = 0;
*(unaff_EBX + 0x4f40d4) = *(unaff_EBX + 0x4f40d4) + -1;
*(unaff_EBX + 0x4f4030) = 0xffffffff;
*(unaff_EBX + 0x4f4030) = *(unaff_EBX + 0x4f4030) + 1;
*(unaff_EBX + 0x4f4030) = *(unaff_EBX + 0x4f4030) & 0x76c;
*(unaff_EBX + 0x4f4030) = 0x76c;
*(unaff_EBX + 0x4f40d4) = *(unaff_EBX + 0x4f40d4) + 0x46d;
*(unaff_EBX + 0x4f4030) = *(unaff_EBX + 0x4f4030) + 1;
*(unaff_EBX + 0x4f42e4) = *(unaff_EBX + 0x4f42e4) + -1;
*(unaff_EBX + 0x4f4030) = *(unaff_EBX + 0x4f4030) ^ 0xfffff833;
uStack00000004 = 1;
*(unaff_EBX + 0x4f4030) = *(unaff_EBX + 0x4f4030) + -0x752;
sub_409413(*(unaff_EBX + 0x4f426c));
*(unaff_EBX + 0x4f42e4) = *(unaff_EBX + 0x4f42e4) + -1;
*(unaff_EBX + 0x4f40d4) = *(unaff_EBX + 0x4f40d4);
*(unaff_EBX + 0x4f42e4) = *(unaff_EBX + 0x4f42e4) + -1;
return CONCAT44(unaff_ESI, param_1);
}
0x40BE13 sub_40be13 str 0 api 0 imm 41 Unknown
sub_40be13() {
push ebp
mov ebp, esp
add esp, 0xFFFFFFFC
push eax
push ecx
push edx
push esi
push edi
cmp eax, 0xA02D
jnle .2
or [ebp-0x04], eax
or dword ptr [ebx+0x4F42F4], 0x00
jmp .3
.2:
add edx, 0xFFFFFFFF
xor edx, 0x19F
.3:
xor eax, 0xFFFFFFFF
and ecx, [ebp-0x04]
add ecx, [ebp+0x08]
test dword ptr [ebp-0x04], 0xFFFFFEEF
and ecx, [ebp+0x08]
cmp dword ptr [ebx+0x4F42F4], 0xA5D3
jle .4
dec edx
sub eax, 0xFFFFFFFF
jmp .5
.4:
mov dword ptr [ebp+0x08], 0x222
sub ecx, ecx
and eax, 0x00
.5:
sub eax, 0xFFFFFFFF
add [ebp+0x08], edx
dec ecx
sub dword ptr [ebx+0x4F42F4], 0x5C2
sub esi, 0xFFFFFFFF
inc [ebp+0x08]
xor dword ptr [ebp-0x04], 0x00
mov dword ptr [ebx+0x4F42F4], 0x297
xor dword ptr [ebx+0x4F42F4], 0xFFFFFFFF
xor [ebx+0x4F42F4], edi
sub [ebp+0x08], edx
xor [ebx+0x4F42F4], edi
test [ebp+0x08], eax
xor dword ptr [ebp-0x04], 0xFFFFFFFF
inc eax
add eax, 0xFFFFFFFF
mov esi, 0x01
or ecx, 0xFFFFFFFF
xor esi, 0x00
add eax, 0x01
xor eax, 0x00
add esi, [ebp+0x08]
add eax, 0x310
dec ecx
mov ecx, [ebp-0x04]
mov eax, 0x00
sub dword ptr [ebp+0x08], 0xFFFFFFFF
inc [ebp-0x04]
sub eax, 0x01
sub eax, 0x01
mov dword ptr [ebx+0x4F42F4], 0xFFFFFFFF
sub [ebp-0x04], esi
and dword ptr [ebx+0x4F42F4], 0x00
xor eax, 0x637
dec [ebx+0x4F42F4]
mov [ebp+0x08], edx
inc [ebp+0x08]
mov dword ptr [ebp+0x08], 0x597
add eax, 0xFFFFFFFF
xor [ebx+0x4F42F4], ecx
sub eax, 0xFFFFFFFF
inc [ebp-0x04]
add [ebp+0x08], eax
or edx, 0x00
xor eax, eax
dec eax
and eax, 0x01
or eax, 0x01
add dword ptr [ebp+0x08], 0x3E0
inc [ebp-0x04]
inc edx
sub eax, 0x665
and eax, 0xFFFFFD4C
dec [ebp-0x04]
test esi, edi
sub eax, 0x0B
dec [ebx+0x4F42F4]
and edx, 0xFFFFFF48
test dword ptr [ebp+0x08], 0xFFFFFFFF
mov [ebx+0x4F42F4], ecx
xor eax, 0x00
dec [ebp-0x04]
and ecx, ecx
xor esi, [ebp+0x08]
and eax, 0x00
dec eax
test [ebp-0x04], eax
or edi, [ebx+0x4F42F4]
mov dword ptr [ebp-0x04], 0x7EE
and eax, 0x00
and eax, 0x00
mov dword ptr [ebx+0x4F42F4], 0xFFFFFFFF
inc ecx
sub esi, 0xFFFFFFFF
and dword ptr [ebx+0x4F42F4], 0x00
and ecx, [ebp+0x08]
push [ebx+0x4F4194]
push esi
call sub_409e5a()
call sub_406c35()
add eax, edi
or eax, 0x00
inc ecx
xor dword ptr [ebp-0x04], 0x280
add eax, 0xFFFFFFFF
inc [ebp-0x04]
test [ebx+0x4F42F4], edx
dec esi
add esi, edx
xor eax, 0xFFFFF97D
inc [ebp+0x08]
add eax, 0xFFFFF924
add eax, 0xFFFFFA5F
test [ebx+0x4F42F4], edx
test dword ptr [ebx+0x4F42F4], 0x62B
and [ebp+0x08], edi
test [ebx+0x4F42F4], ecx
mov ecx, 0x00
xor dword ptr [ebx+0x4F42F4], 0xFFFFFFFF
xor dword ptr [ebp+0x08], 0x01
sub [ebp+0x08], edi
test dword ptr [ebp+0x08], 0xFFFFFFFF
test [ebp-0x04], edi
xor dword ptr [ebx+0x4F42F4], 0x00
xor esi, ecx
xor eax, 0xFFFFFCCD
and eax, 0x00
or dword ptr [ebx+0x4F42F4], 0x00
mov edx, [ebx+0x4F42F4]
add eax, 0x7C1
inc eax
and [ebp+0x08], eax
and dword ptr [ebp+0x08], 0x7CA
dec edx
test dword ptr [ebp-0x04], 0xFFFFFFFF
add edx, 0xFFFFFFFF
and eax, 0x00
sub dword ptr [ebp+0x08], 0xFFFFFFFF
mov dword ptr [ebp-0x04], 0x01
add dword ptr [ebp+0x08], 0xFFFFFFFF
add dword ptr [ebp+0x08], 0x01
inc eax
xor edx, edi
mov [ebp+0x08], edx
sub eax, 0x01
mov [ebp+0x08], edx
or esi, [ebp+0x08]
xor eax, 0xFFFFFFFF
mov dword ptr [ebp+0x08], 0xFFFFFFFF
mov [ebp+0x08], edi
and eax, 0x00
mov ecx, 0x00
and ecx, [ebp-0x04]
xor eax, 0x01
dec esi
add ecx, edi
mov eax, 0x00
xor eax, 0xFFFFFFFF
and eax, 0x00
mov edx, [ebx+0x4F42F4]
inc [ebp+0x08]
and eax, [ebp+0x08]
dec [ebp+0x08]
sub eax, 0xFFFFFFFF
or dword ptr [ebp-0x04], 0x01
sub ecx, [ebp+0x08]
or [ebp-0x04], ecx
inc edx
push [ebx+0x4F4358]
push [ebx+0x4F41E0]
push [ebx+0x4F4074]
call sub_405e54()
mov esi, 0x00
add eax, 0x01
sub esi, [ebx+0x4F42F4]
test [ebp-0x04], esi
add eax, 0x6D0
inc [ebp-0x04]
xor eax, 0x00
xor esi, 0x01
xor esi, 0xFFFFFFFF
sub eax, 0xFFFFF8BE
or dword ptr [ebp+0x08], 0x00
or [ebp-0x04], edi
mov eax, 0x01
pop edi
pop esi
pop edx
pop ecx
pop eax
leave
ret 0x04
}
/* DISPLAY WARNING: Type casts are NOT being printed */
undefined8 sub_40be13(int32_t param_1)
{
undefined4 uVar1;
undefined4 uVar2;
uint32_t in_EAX;
int32_t unaff_EBX;
uint32_t unaff_EDI;
uint32_t uStack_8;
if (in_EAX < 0xa02e) {
uStack_8 = uStack_8 | in_EAX;
*(unaff_EBX + 0x4f42f4) = *(unaff_EBX + 0x4f42f4);
}
if (*(unaff_EBX + 0x4f42f4) < 0xa5d4) {
param_1 = 0x222;
}
*(unaff_EBX + 0x4f42f4) = *(unaff_EBX + 0x4f42f4) + -0x5c2;
*(unaff_EBX + 0x4f42f4) = 0x297;
*(unaff_EBX + 0x4f42f4) = *(unaff_EBX + 0x4f42f4) ^ 0xffffffff;
*(unaff_EBX + 0x4f42f4) = *(unaff_EBX + 0x4f42f4) ^ unaff_EDI;
*(unaff_EBX + 0x4f42f4) = *(unaff_EBX + 0x4f42f4) ^ unaff_EDI;
*(unaff_EBX + 0x4f42f4) = 0xffffffff;
*(unaff_EBX + 0x4f42f4) = 0;
*(unaff_EBX + 0x4f42f4) = *(unaff_EBX + 0x4f42f4) + -1;
*(unaff_EBX + 0x4f42f4) = *(unaff_EBX + 0x4f42f4) ^ uStack_8 ^ 0xffffffff;
*(unaff_EBX + 0x4f42f4) = *(unaff_EBX + 0x4f42f4) + -1;
*(unaff_EBX + 0x4f42f4) = uStack_8 ^ 0xffffffff;
*(unaff_EBX + 0x4f42f4) = 0xffffffff;
*(unaff_EBX + 0x4f42f4) = 0;
uVar1 = *(unaff_EBX + 0x4f4194);
sub_409e5a((param_1 + 2U ^ 0x340) + 1);
sub_406c35();
*(unaff_EBX + 0x4f42f4) = *(unaff_EBX + 0x4f42f4) ^ 0xffffffff;
*(unaff_EBX + 0x4f42f4) = *(unaff_EBX + 0x4f42f4);
*(unaff_EBX + 0x4f42f4) = *(unaff_EBX + 0x4f42f4);
uVar2 = *(unaff_EBX + 0x4f4358);
sub_405e54(*(unaff_EBX + 0x4f4074), *(unaff_EBX + 0x4f41e0));
return CONCAT44(uVar2, uVar1);
}
No library functions identified.