assembly-excutor/log.txt at master · floydScript/assembly-excutor · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
001  push ebp
002  mov esp,ebp
003  sub esp,0x00000148
004  push ebx
005  push esi
006  push edi
007  lea edi,dword ptr ss:[ebp-0x00000148]
008  mov ecx,0x00000052
009  mov eax,0xcccccccc
010  rep stos dword ptr es:[edi]
011  push 0x0a
012  push 0x00
013  push 0x0043cff8
014  call 00413d50
015  add esp,0x0c
016  push 0x0a
017  push 0x00
018  push 0x0043d004
019  call 00413d50
020  add esp,0x0c
021  push 0x0a
022  push 0x00
023  push 0x0043d010
024  call 00413d50
025  add esp,0x0c
026  push 0x0a
027  push 0x00
028  push 0x0043d01c
029  call 00413d50
030  add esp,0x0c
031  push 0x0a
032  push 0x00
033  push 0x0043d028
034  call 00413d50
035  add esp,0x0c
036  push 0x0a
037  push 0x00
038  push 0x0043d034
039  call 00413d50
040  add esp,0x0c
041  push 0x0a
042  push 0x00
043  push 0x0043d040
044  call 00413d50
045  add esp,0x0c
046  push 0x14
047  push 0x00
048  push 0x0043d04c
049  call 00413d50
050  add esp,0x0c
051  push 0x14
052  push 0x00
053  push 0x0043d080
054  call 00413d50
055  add esp,0x0c
056  push 0x0a
057  push 0x00
058  push 0x0043d098
059  call 00413d50
060  add esp,0x0c
061  push 0x1e
062  push 0x00
063  push 0x0043d060
064  call 00413d50
065  add esp,0x0c
066  mov dword ptr ds:[0x0043cff0],0x0043cff0
067  mov dword ptr ds:[0x00439d2c],0x00439d2c
068  mov dword ptr ds:[0x0043d094],0x0043d094
069  mov dword ptr ds:[0x0043cff4],0xf4
070  mov dword ptr ss:[ebp-0x7c],0x000000fc
071  push 0x0043d118
072  call 0040100f
073  add esp,0x04
074  mov dword ptr ss:[ebp-0x74],eax
075  cmp dword ptr ss:[ebp-0x74],0xf4
076  jle 00401ec9
077  mov eax,dword ptr ss:[ebp+0x08]
078  add eax,dword ptr ss:[ebp-0x74]
079  mov dword ptr ss:[ebp+0x08],eax
080  jmp 004046a8
081  mov dword ptr ss:[ebp-0x70],0x000000f0
082  mov dword ptr ss:[ebp-0x68],0x000000e8
083  cmp dword ptr ss:[ebp-0x70],0xf0
084  jnb 00401f48
085  mov dword ptr ss:[ebp-0x6c],0x000000ec
086  jmp short 00401eef
087  mov ecx,dword ptr ss:[ebp-0x6c]
088  add ecx,0x01
089  mov dword ptr ss:[ebp-0x6c],ecx
090  cmp dword ptr ss:[ebp-0x6c],0xec
091  jnb 00401f33
092  mov edx,dword ptr ss:[ebp-0x6c]
093  xor eax,eax
094  mov eax,dword ptr ds:[edx+0x00439c00]
095  mov ecx,dword ptr ss:[ebp+0x08]
096  xor edx,edx
097  mov edx,dword ptr ds:[ecx]
098  cmp edx,eax
099  jnz 00401f31
100  mov eax,dword ptr ss:[ebp-0x68]
101  mov ecx,dword ptr ss:[ebp-0x6c]
102  mov edx,dword ptr ds:[ecx+0x00439c00]
103  mov dword ptr ds:[eax+0x0043d098],edx
104  mov eax,dword ptr ss:[ebp+0x08]
105  add eax,0x01
106  mov dword ptr ss:[ebp+0x08],eax
107  mov ecx,dword ptr ss:[ebp-0x68]
108  add ecx,0x01
109  mov dword ptr ss:[ebp-0x68],ecx
110  jmp short 00401f33
111  jmp short 00401fe6
112  mov edx,dword ptr ss:[ebp-0x70]
113  add edx,0x01
114  mov dword ptr ss:[ebp-0x70],edx
115  mov eax,dword ptr ss:[ebp-0x70]
116  cmp eax,dword ptr ss:[ebp-0x68]
117  je 00401f46
118  jmp short 00401f48
119  jmp short 00401fd7
120  mov dword ptr ss:[ebp-0x70],0x000000f0
121  mov dword ptr ss:[ebp-0x68],0x000000e8
122  jmp short 00401f61
123  mov ecx,dword ptr ss:[ebp-0x70]
124  add ecx,0x01
125  mov dword ptr ss:[ebp-0x70],ecx
126  push 0x0043d098
127  call 0040100f
128  add esp,0x04
129  cmp dword ptr ss:[ebp-0x70],eax
130  jnl 0040d604
131  mov dword ptr ss:[ebp-0x64],0x000000e4
132  mov dword ptr ss:[ebp-0x6c],0x000000ec
133  jmp short 00401f90
134  mov edx,dword ptr ss:[ebp-0x6c]
135  add edx,0x01
136  mov dword ptr ss:[ebp-0x6c],edx
137  push 0x0043d118
138  call 0040100f
139  add esp,0x04
140  cmp dword ptr ss:[ebp-0x6c],eax
141  jnl 00402002
142  mov eax,dword ptr ss:[ebp-0x70]
143  xor ecx,ecx
144  mov ecx,dword ptr ds:[eax+0x0043d098]
145  mov edx,dword ptr ss:[ebp-0x6c]
146  xor eax,eax
147  mov eax,dword ptr ds:[edx+0x0043d118]
148  cmp eax,ecx
149  jnz 00401fc5
150  mov dword ptr ss:[ebp-0x64],0x000001e4
151  jmp short 00402002
152  mov ecx,dword ptr ss:[ebp-0x6c]
153  mov edx,dword ptr ds:[ecx+0x0043d118]
154  push edx
155  mov eax,dword ptr ss:[ebp-0x70]
156  mov ecx,dword ptr ds:[eax+0x0043d098]
157  push ecx
158  call 00401019
159  add esp,0x08
160  test eax,eax
161  je 00402000
162  mov dword ptr ss:[ebp-0x64],0x000001e4
163  mov edx,dword ptr ss:[ebp-0x6c]
164  mov eax,dword ptr ss:[ebp-0x70]
165  mov ecx,dword ptr ds:[eax+0x0043d098]
166  mov dword ptr ds:[edx+0x0043d118],ecx
167  jmp short 00402002
168  jmp short 00402087
169  cmp dword ptr ss:[ebp-0x64],0xe4
170  je 0040200d
171  jmp 00401f58
172  mov edx,dword ptr ss:[ebp-0x68]
173  mov eax,dword ptr ss:[ebp-0x70]
174  mov ecx,dword ptr ds:[eax+0x0043d098]
175  mov dword ptr ds:[edx+0x0043d118],ecx
176  mov edx,dword ptr ss:[ebp-0x68]
177  add edx,0x01
178  mov dword ptr ss:[ebp-0x68],edx
179  jmp 00401f58
180  push 0x0043d098
181  call 0040100f
182  add esp,0x04
183  mov eax,esi
184  push 0x0043d118
185  call 0040100f
186  add esp,0x04
187  sub eax,esi
188  mov dword ptr ss:[ebp-0x78],esi
189  cmp dword ptr ss:[ebp-0x78],0xf8
190  je 0040206d
191  push 0x00436620
192  mov eax,dword ptr ss:[ebp+0x0c]
193  push eax
194  call 00413810
195  add esp,0x08
196  mov eax,dword ptr ss:[ebp-0x78]
197  jmp 004046ad
198  push 0x0043d118
199  call 0040100f
200  add esp,0x04
201  push eax
202  push 0x0043d118
203  push 0x0043d098
204  call 00413a10
205  add esp,0x0c
206  push 0x00000080
207  push 0x00
208  push 0x0043d118
209  call 00413d50
210  add esp,0x0c
211  mov ecx,dword ptr ds:[0x004362c8]
212  mov dword ptr ss:[ebp-0x3c],ecx
213  mov ecx,0x00000009
214  xor eax,eax
215  lea edi,dword ptr ss:[ebp-0x3d]
216  rep stos dword ptr es:[edi]
217  stos word ptr es:[edi]
218  stos dword ptr es:[edi]
219  mov edx,dword ptr ds:[0x004362c8]
220  mov dword ptr ss:[ebp-0x14],edx
221  mov ecx,0x00000009
222  xor eax,eax
223  lea edi,dword ptr ss:[ebp-0x15]
224  rep stos dword ptr es:[edi]
225  stos word ptr es:[edi]
226  stos dword ptr es:[edi]
227  mov al,dword ptr ds:[0x004362c8]
228  mov dword ptr ss:[ebp-0x10],eax
229  mov ecx,dword ptr ss:[ebp+0x08]
230  xor edx,edx
231  mov edx,dword ptr ds:[ecx]
232  test edx,edx
233  je 0040210b
234  mov eax,0x00000001
235  test eax,eax
236  je 0040210b
237  mov dword ptr ds:[0x0043cff0],0x0043cff0
238  push 0x00436614
239  push 0x0043d04c
240  call 00413810
241  add esp,0x08
242  jmp short 00402127
243  mov dword ptr ds:[0x0043cff0],0x0043cff0
244  push 0x00436608
245  push 0x0043d04c
246  call 00413810
247  add esp,0x08
248  mov ecx,dword ptr ss:[ebp+0x08]
249  mov edx,dword ptr ds:[ecx]
250  mov dword ptr ss:[ebp-0x0c],edx
251  mov eax,dword ptr ss:[ebp+0x08]
252  mov ecx,dword ptr ds:[eax+0x01]
253  mov dword ptr ss:[ebp-0x08],ecx
254  mov edx,dword ptr ss:[ebp+0x08]
255  mov eax,dword ptr ds:[edx+0x02]
256  mov dword ptr ss:[ebp-0x04],eax
257  mov ecx,dword ptr ss:[ebp-0x0c]
258  and ecx,0x000000ff
259  mov dword ptr ss:[ebp-0x00000094],ecx
260  cmp dword ptr ss:[ebp-0x00000094],0xffffff6c
261  ja 005b73e7
262  mov eax,dword ptr ss:[ebp-0x00000094]
263  xor edx,edx
264  mov edx,dword ptr ds:[eax+0x004047bd]
265  jmp dword ptr ds:[edx*4+0x004046c1]
266  mov ecx,dword ptr ss:[ebp+0x0c]
267  push ecx
268  mov edx,dword ptr ss:[ebp+0x08]
269  add edx,0x01
270  push edx
271  call 00401023
272  add esp,0x08
273  mov ecx,dword ptr ss:[ebp-0x7c]
274  lea edx,dword ptr ds:[ecx+eax+0x01]
275  mov dword ptr ss:[ebp-0x7c],edx
276  cmp dword ptr ss:[ebp-0x7c],0xfc
277  jnz 0040219f
278  xor eax,eax
279  jmp 004046ad
280  jmp 00403cb9
281  mov eax,dword ptr ss:[ebp+0x08]
282  xor ecx,ecx
283  mov ecx,dword ptr ds:[eax]
284  sar ecx,0x07e18303
285  mov edx,dword ptr ds:[ecx*4+0x00439a30]
286  push edx
287  push 0x0043d060
288  call 00413810
289  add esp,0x08
290  mov dword ptr ds:[0x00439d2c],0x00439d2c
291  mov eax,dword ptr ds:[0x0043cff0]
292  push eax
293  mov ecx,dword ptr ss:[ebp+0x08]
294  push ecx
295  call 00401041
296  add esp,0x08
297  mov edx,dword ptr ss:[ebp-0x7c]
298  add eax,edx
299  mov dword ptr ss:[ebp-0x7c],edx
300  mov eax,dword ptr ss:[ebp-0x08]
301  and eax,0x000000ff
302  and eax,0x07
303  cmp eax,0x04
304  jnz 0040221e
305  mov ecx,dword ptr ss:[ebp-0x08]
306  and ecx,0x000000ff
307  cmp ecx,0x000000c0
308  jnl 0040221e
309  mov edx,dword ptr ss:[ebp-0x7c]
310  push edx
311  mov eax,dword ptr ss:[ebp+0x08]
312  push eax
313  call 00401050
314  add esp,0x08
315  mov dword ptr ss:[ebp-0x7c],eax
316  push 0x0043614c
317  push 0x0043cff8
318  call 00413980
319  add esp,0x08
320  test eax,eax
321  je 0040224a
322  push 0x00436150
323  push 0x0043cff8
324  call 00413980
325  add esp,0x08
326  test eax,eax
327  jnz 0040225e
328  push 0x004360f8
329  push 0x0043d040
330  call 00413810
331  add esp,0x08
332  jmp short 00402270
333  push 0x004360f4
334  push 0x0043d040
335  call 00413810
336  add esp,0x08
337  mov ecx,dword ptr ss:[ebp-0x08]
338  and ecx,0x000000ff
339  cmp ecx,0x000000c0
340  jl 0040228a
341  mov dword ptr ds:[0x0043cff4],0xf4
342  jmp short 004022ab
343  mov edx,dword ptr ss:[ebp-0x0c]
344  and edx,0x000000ff
345  and edx,0x03
346  cmp edx,0x02
347  jnl 004022a4
348  mov dword ptr ds:[0x0043cff4],0xf4
349  jmp short 004022ab
350  mov dword ptr ds:[0x0043cff4],0xf4
351  jmp 00403cb9
352  mov eax,dword ptr ss:[ebp+0x08]
353  xor ecx,ecx
354  mov ecx,dword ptr ds:[eax]
355  sar ecx,0x07e18303
356  mov edx,dword ptr ds:[ecx*4+0x00439a30]
357  push edx
358  push 0x0043d060
359  call 00413810
360  add esp,0x08
361  mov dword ptr ds:[0x00439d2c],0x00439d2c
362  mov eax,dword ptr ss:[ebp-0x0c]
363  and eax,0x000000ff
364  and eax,0x01
365  test eax,eax
366  je 004022f7
367  mov dword ptr ss:[ebp-0x00000098],0xffffff68
368  jmp short 00402301
369  mov dword ptr ss:[ebp-0x00000098],0xffffff68
370  mov ecx,dword ptr ss:[ebp-0x00000098]
371  push ecx
372  push 0x0043d010
373  call 00413810
374  add esp,0x08
375  mov edx,dword ptr ss:[ebp-0x0c]
376  and edx,0x000000ff
377  and edx,0x01
378  test edx,edx
379  je 0040233f
380  push 0x01
381  push 0x04
382  push 0x01
383  mov eax,dword ptr ss:[ebp+0x08]
384  push eax
385  call 0040103c
386  add esp,0x10
387  mov dword ptr ss:[ebp-0x0000009c],eax
388  jmp short 00402357
389  push 0x01
390  push 0x01
391  push 0x01
392  mov ecx,dword ptr ss:[ebp+0x08]
393  push ecx
394  call 0040103c
395  add esp,0x10
396  mov dword ptr ss:[ebp-0x0000009c],eax
397  mov edx,dword ptr ss:[ebp-0x0000009c]
398  push edx
399  push 0x0043d034
400  call 00413810
401  add esp,0x08
402  mov eax,dword ptr ss:[ebp-0x0c]
403  and eax,0x000000ff
404  and eax,0x01
405  neg eax
406  sbb eax,eax
407  and eax,0x03
408  add eax,0x02
409  mov dword ptr ss:[ebp-0x7c],eax
410  mov dword ptr ds:[0x0043cff4],0xf4
411  jmp 00403cb9
412  mov ecx,dword ptr ss:[ebp-0x0c]
413  and ecx,0x000000ff
414  and ecx,0x01
415  test ecx,ecx
416  je 004023ab
417  mov dword ptr ss:[ebp-0x000000a0],0xffffff60
418  jmp short 004023b5
419  mov dword ptr ss:[ebp-0x000000a0],0xffffff60
420  mov edx,dword ptr ss:[ebp-0x000000a0]
421  push edx
422  push 0x0043d060
423  call 00413810
424  add esp,0x08
425  mov eax,dword ptr ss:[ebp-0x0c]
426  and eax,0x000000ff
427  sar eax,0x03e08303
428  mov ecx,dword ptr ds:[eax*4+0x00439c6c]
429  push ecx
430  push 0x0043d010
431  call 00413810
432  add esp,0x08
433  mov dword ptr ds:[0x0043cff4],0xf4
434  mov dword ptr ss:[ebp-0x7c],0x000001fc
435  jmp 00403cb9
436  mov edx,dword ptr ss:[ebp-0x0c]
437  and edx,0x000000ff
438  sar edx,0x03e28303
439  mov eax,dword ptr ds:[edx*4+0x00439a50]
440  push eax
441  push 0x0043d060
442  call 00413810
443  add esp,0x08
444  mov dword ptr ss:[ebp-0x7c],0x000001fc
445  jmp 00403cb9
446  mov ecx,dword ptr ss:[ebp-0x0c]
447  and ecx,0x000000ff
448  and ecx,0x07
449  mov edx,dword ptr ds:[ecx*4+0x00439c0c]
450  push edx
451  push 0x0043d010
452  call 00413810
453  add esp,0x08
454  mov dword ptr ds:[0x0043cff4],0xf4
455  push 0x004361dc
456  push 0x0043d060
457  call 00413810
458  add esp,0x08
459  mov dword ptr ss:[ebp-0x7c],0x000001fc
460  jmp 00403cb9
461  mov eax,dword ptr ss:[ebp-0x0c]
462  and eax,0x000000ff
463  and eax,0x07
464  mov ecx,dword ptr ds:[eax*4+0x00439c0c]
465  push ecx
466  push 0x0043d010
467  call 00413810
468  add esp,0x08
469  mov dword ptr ds:[0x0043cff4],0xf4
470  push 0x004361d8
471  push 0x0043d060
472  call 00413810
473  add esp,0x08
474  mov dword ptr ss:[ebp-0x7c],0x000001fc
475  jmp 00403cb9
476  mov edx,dword ptr ss:[ebp-0x0c]
477  and edx,0x000000ff
478  and edx,0x07
479  mov eax,dword ptr ds:[edx*4+0x00439c0c]
480  push eax
481  push 0x0043d010
482  call 00413810
483  add esp,0x08
484  mov dword ptr ds:[0x0043cff4],0xf4
485  push 0x004361c4
486  push 0x0043d060
487  call 00413810
488  add esp,0x08
489  mov dword ptr ss:[ebp-0x7c],0x000001fc
490  jmp 00403cb9
491  mov ecx,dword ptr ss:[ebp-0x0c]
492  and ecx,0x000000ff
493  and ecx,0x07
494  mov edx,dword ptr ds:[ecx*4+0x00439c0c]
495  push edx
496  push 0x0043d010
497  call 00413810
498  add esp,0x08
499  mov dword ptr ds:[0x0043cff4],0xf4
500  push 0x00436604
501  push 0x0043d060
502  call 00413810
503  add esp,0x08
504  mov dword ptr ss:[ebp-0x7c],0x000001fc
505  jmp 00403cb9
506  push 0x66
507  call 00401005
508  add esp,0x04
509  test eax,eax
510  je 00402560
511  mov dword ptr ss:[ebp-0x000000a4],0xffffff5c
512  jmp short 0040256a
513  mov dword ptr ss:[ebp-0x000000a4],0xffffff5c
514  mov eax,dword ptr ss:[ebp-0x000000a4]
515  push eax
516  push 0x0043d060
517  call 00413810
518  add esp,0x08
519  mov dword ptr ss:[ebp-0x7c],0x000001fc
520  jmp 00403cb9
521  push 0x66
522  call 00401005
523  add esp,0x04
524  test eax,eax
525  je 004025a4
526  mov dword ptr ss:[ebp-0x000000a8],0xffffff58
527  jmp short 004025ae
528  mov dword ptr ss:[ebp-0x000000a8],0xffffff58
529  mov ecx,dword ptr ss:[ebp-0x000000a8]
530  push ecx
531  push 0x0043d060
532  call 00413810
533  add esp,0x08
534  mov dword ptr ss:[ebp-0x7c],0x000001fc
535  jmp 00403cb9
536  mov dword ptr ds:[0x0043cff0],0x0043cff0
537  push 0x004365d8
538  push 0x0043d04c
539  call 00413810
540  add esp,0x08
541  push 0x004365d0
542  push 0x0043d060
543  call 00413810
544  add esp,0x08
545  jmp 004021c6
546  mov dword ptr ds:[0x0043cff0],0x0043cff0
547  push 0x004365c4
548  push 0x0043d04c
549  call 00413810
550  add esp,0x08
551  push 0x004365bc
552  push 0x0043d060
553  call 00413810
554  add esp,0x08
555  mov dword ptr ds:[0x00439d2c],0x00439d2c
556  mov edx,dword ptr ds:[0x0043cff0]
557  push edx
558  mov eax,dword ptr ss:[ebp+0x08]
559  push eax
560  call 00401041
561  add esp,0x08
562  mov ecx,dword ptr ss:[ebp-0x7c]
563  add eax,ecx
564  mov dword ptr ss:[ebp-0x7c],ecx
565  mov edx,dword ptr ss:[ebp-0x08]
566  and edx,0x000000ff
567  and edx,0x07
568  cmp edx,0x04
569  jnz 00402687
570  mov eax,dword ptr ss:[ebp-0x08]
571  and eax,0x000000ff
572  cmp eax,0x000000c0
573  jnl 00402687
574  mov ecx,dword ptr ss:[ebp-0x7c]
575  push ecx
576  mov edx,dword ptr ss:[ebp+0x08]
577  push edx
578  call 00401050
579  add esp,0x08
580  mov dword ptr ss:[ebp-0x7c],eax
581  push 0x0043614c
582  push 0x0043cff8
583  call 00413980
584  add esp,0x08
585  test eax,eax
586  je 004026b3
587  push 0x00436150
588  push 0x0043cff8
589  call 00413980
590  add esp,0x08
591  test eax,eax
592  jnz 004026c7
593  push 0x004360f8
594  push 0x0043d040
595  call 00413810
596  add esp,0x08
597  jmp short 004026d9
598  push 0x004360f4
599  push 0x0043d040
600  call 00413810
601  add esp,0x08
602  mov eax,dword ptr ss:[ebp-0x08]
603  and eax,0x000000ff
604  cmp eax,0x000000c0
605  jl 004026f1
606  mov dword ptr ds:[0x0043cff4],0xf4
607  jmp short 004026f8
608  mov dword ptr ds:[0x0043cff4],0xf4
609  jmp 00403cb9
610  mov ecx,dword ptr ss:[ebp-0x0c]
611  and ecx,0x000000ff
612  cmp ecx,0x68
613  jnz 00402725
614  push 0x01
615  push 0x04
616  push 0x01
617  mov edx,dword ptr ss:[ebp+0x08]
618  push edx
619  call 0040103c
620  add esp,0x10
621  mov dword ptr ss:[ebp-0x000000ac],eax
622  jmp short 0040273d
623  push 0x01
624  push 0x01
625  push 0x01
626  mov eax,dword ptr ss:[ebp+0x08]
627  push eax
628  call 0040103c
629  add esp,0x10
630  mov dword ptr ss:[ebp-0x000000ac],eax
631  mov ecx,dword ptr ss:[ebp-0x000000ac]
632  push ecx
633  push 0x0043d034
634  call 00413810
635  add esp,0x08
636  mov dword ptr ds:[0x0043cff4],0xf4
637  push 0x004361c4
638  push 0x0043d060
639  call 00413810
640  add esp,0x08
641  mov edx,dword ptr ss:[ebp-0x0c]
642  and edx,0x000000ff
643  sub edx,0x68
644  neg edx
645  sbb edx,edx
646  and edx,0xfd
647  add edx,0x05
648  mov dword ptr ss:[ebp-0x7c],edx
649  jmp 00403cb9
650  mov dword ptr ds:[0x0043cff0],0x0043cff0
651  push 0x00436614
652  push 0x0043d04c
653  call 00413810
654  add esp,0x08
655  push 0x00436204
656  push 0x0043d060
657  call 00413810
658  add esp,0x08
659  mov dword ptr ds:[0x00439d2c],0x00439d2c
660  mov eax,dword ptr ds:[0x0043cff0]
661  push eax
662  mov ecx,dword ptr ss:[ebp+0x08]
663  push ecx
664  call 00401041
665  add esp,0x08
666  mov edx,dword ptr ss:[ebp-0x7c]
667  add eax,edx
668  mov dword ptr ss:[ebp-0x7c],edx
669  mov eax,dword ptr ss:[ebp-0x08]
670  and eax,0x000000ff
671  and eax,0x07
672  cmp eax,0x04
673  jnz 0040280e
674  mov ecx,dword ptr ss:[ebp-0x08]
675  and ecx,0x000000ff
676  cmp ecx,0x000000c0
677  jnl 0040280e
678  mov edx,dword ptr ss:[ebp-0x7c]
679  push edx
680  mov eax,dword ptr ss:[ebp+0x08]
681  push eax
682  call 00401050
683  add esp,0x08
684  mov dword ptr ss:[ebp-0x7c],eax
685  push 0x0043614c
686  push 0x0043cff8
687  call 00413980
688  add esp,0x08
689  test eax,eax
690  je 0040283a
691  push 0x00436150
692  push 0x0043cff8
693  call 00413980
694  add esp,0x08
695  test eax,eax
696  jnz 0040284e
697  push 0x004360f8
698  push 0x0043d040
699  call 00413810
700  add esp,0x08
701  jmp short 00402860
702  push 0x004360f4
703  push 0x0043d040
704  call 00413810
705  add esp,0x08
706  mov ecx,dword ptr ss:[ebp-0x08]
707  and ecx,0x000000ff
708  cmp ecx,0x000000c0
709  jl 004028d1
710  mov edx,dword ptr ss:[ebp-0x0c]
711  and edx,0x000000ff
712  cmp edx,0x6b
713  jnz 00402899
714  push 0x01
715  push 0x01
716  push 0x02
717  mov eax,dword ptr ss:[ebp+0x08]
718  push eax
719  call 0040103c
720  add esp,0x10
721  mov dword ptr ss:[ebp-0x000000b0],eax
722  jmp short 004028b1
723  push 0x01
724  push 0x04
725  push 0x02
726  mov ecx,dword ptr ss:[ebp+0x08]
727  push ecx
728  call 0040103c
729  add esp,0x10
730  mov dword ptr ss:[ebp-0x000000b0],eax
731  mov edx,dword ptr ss:[ebp-0x000000b0]
732  push edx
733  push 0x0043d034
734  call 00413810
735  add esp,0x08
736  mov dword ptr ds:[0x0043cff4],0xf4
737  jmp 00402a65
738  mov eax,dword ptr ss:[ebp-0x08]
739  and eax,0x000000ff
740  and eax,0x07
741  cmp eax,0x04
742  jnz 0040e86a
743  mov ecx,dword ptr ss:[ebp-0x04]
744  and ecx,0x000000ff
745  and ecx,0x07
746  cmp ecx,0x05
747  jnz 0040294c
748  mov edx,dword ptr ss:[ebp-0x0c]
749  and edx,0x000000ff
750  cmp edx,0x6b
751  jnz 0040291e
752  push 0x01
753  push 0x01
754  push 0x07
755  mov eax,dword ptr ss:[ebp+0x08]
756  push eax
757  call 0040103c
758  add esp,0x10
759  mov dword ptr ss:[ebp-0x000000b4],eax
760  jmp short 00402936
761  push 0x01
762  push 0x04
763  push 0x07
764  mov ecx,dword ptr ss:[ebp+0x08]
765  push ecx
766  call 0040103c
767  add esp,0x10
768  mov dword ptr ss:[ebp-0x000000b4],eax
769  mov edx,dword ptr ss:[ebp-0x000000b4]
770  push edx
771  push 0x0043d034
772  call 00413810
773  add esp,0x08
774  jmp short 0040299f
775  mov eax,dword ptr ss:[ebp-0x0c]
776  and eax,0x000000ff
777  cmp eax,0x6b
778  jnz 00402973
779  push 0x01
780  push 0x01
781  push 0x03
782  mov ecx,dword ptr ss:[ebp+0x08]
783  push ecx
784  call 0040103c
785  add esp,0x10
786  mov dword ptr ss:[ebp-0x000000b8],eax
787  jmp short 0040298b
788  push 0x01
789  push 0x04
790  push 0x03
791  mov edx,dword ptr ss:[ebp+0x08]
792  push edx
793  call 0040103c
794  add esp,0x10
795  mov dword ptr ss:[ebp-0x000000b8],eax
796  mov eax,dword ptr ss:[ebp-0x000000b8]
797  push eax
798  push 0x0043d034
799  call 00413810
800  add esp,0x08
801  jmp 00402a5e
802  mov ecx,dword ptr ss:[ebp-0x08]
803  and ecx,0x000000ff
804  and ecx,0x07
805  cmp ecx,0x05
806  jnz 00402a0b
807  mov edx,dword ptr ss:[ebp-0x0c]
808  and edx,0x000000ff
809  cmp edx,0x6b
810  jnz 004029dd
811  push 0x01
812  push 0x01
813  push 0x06
814  mov eax,dword ptr ss:[ebp+0x08]
815  push eax
816  call 0040103c
817  add esp,0x10
818  mov dword ptr ss:[ebp-0x000000bc],eax
819  jmp short 004029f5
820  push 0x01
821  push 0x04
822  push 0x06
823  mov ecx,dword ptr ss:[ebp+0x08]
824  push ecx
825  call 0040103c
826  add esp,0x10
827  mov dword ptr ss:[ebp-0x000000bc],eax
828  mov edx,dword ptr ss:[ebp-0x000000bc]
829  push edx
830  push 0x0043d034
831  call 00413810
832  add esp,0x08
833  jmp short 00402a5e
834  mov eax,dword ptr ss:[ebp-0x0c]
835  and eax,0x000000ff
836  cmp eax,0x6b
837  jnz 00402a32
838  push 0x01
839  push 0x01
840  push 0x02
841  mov ecx,dword ptr ss:[ebp+0x08]
842  push ecx
843  call 0040103c
844  add esp,0x10
845  mov dword ptr ss:[ebp-0x000000c0],eax
846  jmp short 00402a4a
847  push 0x01
848  push 0x04
849  push 0x02
850  mov edx,dword ptr ss:[ebp+0x08]
851  push edx
852  call 0040103c
853  add esp,0x10
854  mov dword ptr ss:[ebp-0x000000c0],eax
855  mov eax,dword ptr ss:[ebp-0x000000c0]
856  push eax
857  push 0x0043d034
858  call 00413810
859  add esp,0x08
860  mov dword ptr ds:[0x0043cff4],0xf4
861  mov ecx,dword ptr ss:[ebp-0x0c]
862  and ecx,0x000000ff
863  sub ecx,0x6b
864  neg ecx
865  sbb ecx,ecx
866  and ecx,0x03
867  add ecx,0x01
868  mov edx,dword ptr ss:[ebp-0x7c]
869  add ecx,edx
870  mov dword ptr ss:[ebp-0x7c],edx
871  jmp 00403cb9
872  mov dword ptr ds:[0x00439d2c],0x00439d2c
873  push 0x00436100
874  push 0x0043d040
875  call 00413810
876  add esp,0x08
877  push 0x00436144
878  push 0x0043cff8
879  call 00413810
880  add esp,0x08
881  push 0x004360f4
882  push 0x0043d010
883  call 00413810
884  add esp,0x08
885  mov dword ptr ds:[0x0043cff4],0xf4
886  push 0x004365b8
887  push 0x0043d060
888  call 00413810
889  add esp,0x08
890  mov dword ptr ss:[ebp-0x7c],0x000001fc
891  jmp 00403cb9
892  mov dword ptr ds:[0x00439d2c],0x00439d2c
893  push 0x00436134
894  push 0x0043d010
895  call 00413810
896  add esp,0x08
897  push 0x004360f4
898  push 0x0043d040
899  call 00413810
900  add esp,0x08
901  push 0x00436148
902  push 0x0043cff8
903  call 00413810
904  add esp,0x08
905  mov dword ptr ds:[0x0043cff4],0xf4
906  push 0x004365b0
907  push 0x0043d060
908  call 00413810
909  add esp,0x08
910  mov dword ptr ss:[ebp-0x7c],0x000001fc
911  jmp 00403cb9
912  mov dword ptr ds:[0x00439d2c],0x00439d2c
913  push 0x00436138
914  push 0x0043d010
915  call 00413810
916  add esp,0x08
917  push 0x004360f4
918  push 0x0043d040
919  call 00413810
920  add esp,0x08
921  push 0x00436148
922  push 0x0043cff8
923  call 00413810
924  add esp,0x08
925  mov dword ptr ds:[0x0043cff4],0xf4
926  push 0x004365b0
927  push 0x0043d060
928  call 00413810
929  add esp,0x08
930  mov dword ptr ss:[ebp-0x7c],0x000001fc
931  jmp 00403cb9
932  mov dword ptr ds:[0x0043cff4],0xf4
933  mov eax,dword ptr ss:[ebp-0x0c]
934  and eax,0x000000ff
935  and eax,0x0f
936  mov ecx,dword ptr ds:[eax*4+0x00439a70]
937  push ecx
938  push 0x0043d060
939  call 00413810
940  add esp,0x08
941  mov dword ptr ss:[ebp-0x7c],0x000002fc
942  jmp 00403cb9
943  mov edx,dword ptr ss:[ebp+0x08]
944  xor eax,eax
945  mov eax,dword ptr ds:[edx+0x01]
946  sar eax,0x07e08303
947  mov ecx,dword ptr ds:[eax*4+0x00439a30]
948  push ecx
949  push 0x0043d060
950  call 00413810
951  add esp,0x08
952  mov dword ptr ds:[0x00439d2c],0x00439d2c
953  mov edx,dword ptr ds:[0x0043cff0]
954  push edx
955  mov eax,dword ptr ss:[ebp+0x08]
956  push eax
957  call 00401041
958  add esp,0x08
959  mov ecx,dword ptr ss:[ebp-0x7c]
960  add eax,ecx
961  mov dword ptr ss:[ebp-0x7c],ecx
962  mov edx,dword ptr ss:[ebp-0x08]
963  and edx,0x000000ff
964  and edx,0x07
965  cmp edx,0x04
966  jnz 00402c65
967  mov eax,dword ptr ss:[ebp-0x08]
968  and eax,0x000000ff
969  cmp eax,0x000000c0
970  jnl 00402c65
971  mov ecx,dword ptr ss:[ebp-0x7c]
972  push ecx
973  mov edx,dword ptr ss:[ebp+0x08]
974  push edx
975  call 00401050
976  add esp,0x08
977  mov dword ptr ss:[ebp-0x7c],eax
978  push 0x0043614c
979  push 0x0043cff8
980  call 00413980
981  add esp,0x08
982  test eax,eax
983  je 00402c91
984  push 0x00436150
985  push 0x0043cff8
986  call 00413980
987  add esp,0x08
988  test eax,eax
989  jnz 00402ca5
990  push 0x004360f8
991  push 0x0043d040
992  call 00413810
993  add esp,0x08
994  jmp short 00402cb7
995  push 0x004360f4
996  push 0x0043d040
997  call 00413810
998  add esp,0x08
999  mov eax,dword ptr ss:[ebp-0x08]
1000  and eax,0x000000ff