.text:00401000 ; .text:00401000 ; +-------------------------------------------------------------------------+ .text:00401000 ; ¦ This file is generated by The Interactive Disassembler (IDA) ¦ .text:00401000 ; ¦ Copyright (c) 2010 by Hex-Rays SA, ¦ .text:00401000 ; ¦ Licensed to: Freeware version ¦ .text:00401000 ; +-------------------------------------------------------------------------+ .text:00401000 ; .text:00401000 ; Input MD5 : 8F31FF8F2E23937BA4C6B985D82F89BB .text:00401000 .text:00401000 ; File Name : C:\Users\chamberlin\Documents\Reversing\Key Gen Project\Release\Backwards.exe .text:00401000 ; Format : Portable executable for 80386 (PE) .text:00401000 ; Imagebase : 400000 .text:00401000 ; Section 1. (virtual address 00001000) .text:00401000 ; Virtual size : 000008AA ( 2218.) .text:00401000 ; Section size in file : 00000A00 ( 2560.) .text:00401000 ; Offset to raw data for section: 00000400 .text:00401000 ; Flags 60000020: Text Executable Readable .text:00401000 ; Alignment : default .text:00401000 .text:00401000 .text:00401000 unicode macro page,string,zero .text:00401000 irpc c, .text:00401000 db '&c', page .text:00401000 endm .text:00401000 ifnb .text:00401000 dw zero .text:00401000 endif .text:00401000 endm .text:00401000 .text:00401000 .686p .text:00401000 .mmx .text:00401000 .model flat .text:00401000 .text:00401000 ; --------------------------------------------------------------------------- .text:00401000 .text:00401000 ; Segment type: Pure code .text:00401000 ; Segment permissions: Read/Execute .text:00401000 _text segment para public 'CODE' use32 .text:00401000 assume cs:_text .text:00401000 ;org 401000h .text:00401000 assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing .text:00401000 .text:00401000 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401000 .text:00401000 .text:00401000 ; int __fastcall MakeReverseString(char *) .text:00401000 MakeReverseString proc near ; CODE XREF: main+29p .text:00401000 53 push ebx .text:00401001 55 push ebp .text:00401002 56 push esi .text:00401003 8B E9 mov ebp, ecx .text:00401005 57 push edi .text:00401006 55 push ebp ; char * .text:00401007 8B DA mov ebx, edx .text:00401009 FF 15 98 20 40 00 call ds:__imp__strlen .text:0040100F 8B F0 mov esi, eax .text:00401011 33 FF xor edi, edi .text:00401013 59 pop ecx .text:00401014 85 F6 test esi, esi .text:00401016 7E 10 jle short loc_401028 .text:00401018 8D 4B FF lea ecx, [ebx-1] .text:0040101B 03 CE add ecx, esi .text:0040101D .text:0040101D loc_40101D: ; CODE XREF: MakeReverseString+26j .text:0040101D 8A 04 2F mov al, [edi+ebp] .text:00401020 47 inc edi .text:00401021 88 01 mov [ecx], al .text:00401023 49 dec ecx .text:00401024 3B FE cmp edi, esi .text:00401026 7C F5 jl short loc_40101D .text:00401028 .text:00401028 loc_401028: ; CODE XREF: MakeReverseString+16j .text:00401028 5F pop edi .text:00401029 C6 04 1E 00 mov byte ptr [esi+ebx], 0 .text:0040102D 5E pop esi .text:0040102E 5D pop ebp .text:0040102F 5B pop ebx .text:00401030 C3 retn .text:00401030 MakeReverseString endp .text:00401030 .text:00401031 .text:00401031 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401031 .text:00401031 ; Attributes: bp-based frame .text:00401031 .text:00401031 main proc near ; CODE XREF: __tmainCRTStartup+F8p .text:00401031 .text:00401031 var_40 = byte ptr -40h .text:00401031 var_20 = byte ptr -20h .text:00401031 .text:00401031 55 push ebp .text:00401032 8B EC mov ebp, esp .text:00401034 83 EC 40 sub esp, 40h ; char * .text:00401037 56 push esi .text:00401038 8B 35 90 20 40 00 mov esi, ds:__imp__printf .text:0040103E 68 00 21 40 00 push offset aWhatIsYourName ; "What is your name? " .text:00401043 FF D6 call esi ; __imp__printf .text:00401045 8D 45 E0 lea eax, [ebp+var_20] .text:00401048 50 push eax .text:00401049 68 14 21 40 00 push offset a31s ; "%31s" .text:0040104E FF 15 8C 20 40 00 call ds:__imp__scanf .text:00401054 8D 55 C0 lea edx, [ebp+var_40] .text:00401057 8D 4D E0 lea ecx, [ebp+var_20] ; char * .text:0040105A E8 A1 FF FF FF call MakeReverseString .text:0040105F 68 1C 21 40 00 push offset aYourSecretCode ; "Your secret code is: " .text:00401064 FF D6 call esi ; __imp__printf .text:00401066 8D 45 C0 lea eax, [ebp+var_40] .text:00401069 50 push eax ; char * .text:0040106A FF D6 call esi ; __imp__printf .text:0040106C 83 C4 14 add esp, 14h .text:0040106F 33 C0 xor eax, eax .text:00401071 5E pop esi .text:00401072 C9 leave .text:00401073 C3 retn .text:00401073 main endp .text:00401073 .text:00401074 .text:00401074 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401074 .text:00401074 .text:00401074 pre_c_init proc near ; DATA XREF: .rdata:pcinito .text:00401074 B8 4D 5A 00 00 mov eax, 5A4Dh .text:00401079 66 39 05 00 00 40 00 cmp ds:400000h, ax .text:00401080 74 04 jz short loc_401086 .text:00401082 .text:00401082 loc_401082: ; CODE XREF: pre_c_init+22j .text:00401082 ; pre_c_init+30j .text:00401082 33 C0 xor eax, eax .text:00401084 EB 34 jmp short loc_4010BA .text:00401086 ; --------------------------------------------------------------------------- .text:00401086 .text:00401086 loc_401086: ; CODE XREF: pre_c_init+Cj .text:00401086 8B 0D 3C 00 40 00 mov ecx, ds:40003Ch .text:0040108C 81 B9 00 00 40 00 50+ cmp dword ptr [ecx+400000h], 4550h .text:00401096 75 EA jnz short loc_401082 .text:00401098 B8 0B 01 00 00 mov eax, 10Bh .text:0040109D 66 39 81 18 00 40 00 cmp [ecx+400018h], ax .text:004010A4 75 DC jnz short loc_401082 .text:004010A6 33 C0 xor eax, eax .text:004010A8 83 B9 74 00 40 00 0E cmp dword ptr [ecx+400074h], 0Eh .text:004010AF 76 09 jbe short loc_4010BA .text:004010B1 39 81 E8 00 40 00 cmp [ecx+4000E8h], eax .text:004010B7 0F 95 C0 setnz al .text:004010BA .text:004010BA loc_4010BA: ; CODE XREF: pre_c_init+10j .text:004010BA ; pre_c_init+3Bj .text:004010BA 6A 01 push 1 .text:004010BC A3 38 30 40 00 mov managedapp, eax .text:004010C1 FF 15 7C 20 40 00 call ds:__imp____set_app_type .text:004010C7 59 pop ecx .text:004010C8 6A FF push 0FFFFFFFFh .text:004010CA FF 15 18 20 40 00 call ds:__imp__EncodePointer@4 ; EncodePointer(x) .text:004010D0 8B 0D 3C 20 40 00 mov ecx, ds:_imp___fmode .text:004010D6 A3 78 33 40 00 mov __onexitend, eax .text:004010DB A3 7C 33 40 00 mov __onexitbegin, eax .text:004010E0 A1 4C 30 40 00 mov eax, dword_40304C .text:004010E5 89 01 mov [ecx], eax .text:004010E7 8B 0D 40 20 40 00 mov ecx, ds:_imp___commode .text:004010ED A1 40 30 40 00 mov eax, dword_403040 .text:004010F2 89 01 mov [ecx], eax .text:004010F4 E8 2B 05 00 00 call _RTC_Initialize .text:004010F9 E8 2D 04 00 00 call _matherr .text:004010FE 83 3D 00 30 40 00 00 cmp __defaultmatherr, 0 .text:00401105 75 0C jnz short loc_401113 .text:00401107 68 2B 15 40 00 push offset _matherr .text:0040110C FF 15 2C 20 40 00 call ds:__imp____setusermatherr .text:00401112 59 pop ecx .text:00401113 .text:00401113 loc_401113: ; CODE XREF: pre_c_init+91j .text:00401113 E8 4C 05 00 00 call _setdefaultprecision .text:00401118 83 3D 10 30 40 00 FF cmp __globallocalestatus, 0FFFFFFFFh .text:0040111F 75 09 jnz short loc_40112A .text:00401121 6A FF push 0FFFFFFFFh .text:00401123 FF 15 28 20 40 00 call ds:__imp___configthreadlocale .text:00401129 59 pop ecx .text:0040112A .text:0040112A loc_40112A: ; CODE XREF: pre_c_init+ABj .text:0040112A 33 C0 xor eax, eax .text:0040112C C3 retn .text:0040112C pre_c_init endp ; sp = 4 .text:0040112C .text:0040112D .text:0040112D ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:0040112D .text:0040112D .text:0040112D pre_cpp_init proc near ; DATA XREF: .rdata:pcppinito .text:0040112D .text:0040112D var_4 = dword ptr -4 .text:0040112D .text:0040112D 68 44 16 40 00 push offset _RTC_Terminate ; _onexit_t .text:00401132 E8 D8 04 00 00 call atexit .text:00401137 A1 48 30 40 00 mov eax, _newmode .text:0040113C C7 04 24 3C 30 40 00 mov [esp+4+var_4], offset startinfo .text:00401143 FF 35 44 30 40 00 push _dowildcard .text:00401149 A3 3C 30 40 00 mov startinfo, eax .text:0040114E 68 30 30 40 00 push offset envp .text:00401153 68 2C 30 40 00 push offset argv .text:00401158 68 28 30 40 00 push offset argc .text:0040115D FF 15 80 20 40 00 call ds:__imp____getmainargs .text:00401163 83 C4 14 add esp, 14h .text:00401166 A3 34 30 40 00 mov argret, eax .text:0040116B 85 C0 test eax, eax .text:0040116D 79 08 jns short locret_401177 .text:0040116F 6A 08 push 8 .text:00401171 E8 C6 01 00 00 call __amsg_exit .text:00401176 59 pop ecx .text:00401177 .text:00401177 locret_401177: ; CODE XREF: pre_cpp_init+40j .text:00401177 C3 retn .text:00401177 pre_cpp_init endp .text:00401177 .text:00401178 .text:00401178 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401178 .text:00401178 ; Attributes: bp-based frame .text:00401178 .text:00401178 __tmainCRTStartup proc near ; CODE XREF: mainCRTStartup+5j .text:00401178 .text:00401178 ms_exc = CPPEH_RECORD ptr -18h .text:00401178 .text:00401178 6A 0C push 0Ch .text:0040117A 68 08 22 40 00 push offset unk_402208 .text:0040117F E8 1C 05 00 00 call __SEH_prolog4 .text:00401184 33 DB xor ebx, ebx .text:00401186 89 5D FC mov [ebp+ms_exc.disabled], ebx .text:00401189 64 A1 18 00 00 00 mov eax, large fs:18h .text:0040118F 8B 50 04 mov edx, [eax+4] .text:00401192 8B FB mov edi, ebx .text:00401194 BE 70 33 40 00 mov esi, offset __native_startup_lock .text:00401199 .text:00401199 loc_401199: ; CODE XREF: __tmainCRTStartup+2Fj .text:00401199 8B CA mov ecx, edx .text:0040119B 33 C0 xor eax, eax .text:0040119D F0 0F B1 0E lock cmpxchg [esi], ecx .text:004011A1 85 C0 test eax, eax .text:004011A3 74 0B jz short loc_4011B0 .text:004011A5 3B C2 cmp eax, edx .text:004011A7 75 F0 jnz short loc_401199 .text:004011A9 33 F6 xor esi, esi .text:004011AB 46 inc esi .text:004011AC 8B FE mov edi, esi .text:004011AE EB 03 jmp short loc_4011B3 .text:004011B0 ; --------------------------------------------------------------------------- .text:004011B0 .text:004011B0 loc_4011B0: ; CODE XREF: __tmainCRTStartup+2Bj .text:004011B0 33 F6 xor esi, esi .text:004011B2 46 inc esi .text:004011B3 .text:004011B3 loc_4011B3: ; CODE XREF: __tmainCRTStartup+36j .text:004011B3 39 35 74 33 40 00 cmp __native_startup_state, esi .text:004011B9 75 0A jnz short loc_4011C5 .text:004011BB 6A 1F push 1Fh .text:004011BD E8 7A 01 00 00 call __amsg_exit .text:004011C2 59 pop ecx .text:004011C3 EB 3A jmp short loc_4011FF .text:004011C5 ; --------------------------------------------------------------------------- .text:004011C5 .text:004011C5 loc_4011C5: ; CODE XREF: __tmainCRTStartup+41j .text:004011C5 39 1D 74 33 40 00 cmp __native_startup_state, ebx .text:004011CB 75 2C jnz short loc_4011F9 .text:004011CD 89 35 74 33 40 00 mov __native_startup_state, esi .text:004011D3 68 BC 20 40 00 push offset __xi_z .text:004011D8 68 AC 20 40 00 push offset __xi_a .text:004011DD E8 AA 04 00 00 call __initterm_e .text:004011E2 59 pop ecx .text:004011E3 59 pop ecx .text:004011E4 85 C0 test eax, eax .text:004011E6 74 17 jz short loc_4011FF .text:004011E8 C7 45 FC FE FF FF FF mov [ebp+ms_exc.disabled], 0FFFFFFFEh .text:004011EF B8 FF 00 00 00 mov eax, 0FFh .text:004011F4 E9 DE 00 00 00 jmp loc_4012D7 .text:004011F9 ; --------------------------------------------------------------------------- .text:004011F9 .text:004011F9 loc_4011F9: ; CODE XREF: __tmainCRTStartup+53j .text:004011F9 89 35 24 30 40 00 mov has_cctor, esi .text:004011FF .text:004011FF loc_4011FF: ; CODE XREF: __tmainCRTStartup+4Bj .text:004011FF ; __tmainCRTStartup+6Ej .text:004011FF 39 35 74 33 40 00 cmp __native_startup_state, esi .text:00401205 75 1B jnz short loc_401222 .text:00401207 68 A8 20 40 00 push offset __xc_z .text:0040120C 68 A0 20 40 00 push offset __xc_a .text:00401211 E8 7C 04 00 00 call __initterm .text:00401216 59 pop ecx .text:00401217 59 pop ecx .text:00401218 C7 05 74 33 40 00 02+ mov __native_startup_state, 2 .text:00401222 .text:00401222 loc_401222: ; CODE XREF: __tmainCRTStartup+8Dj .text:00401222 85 FF test edi, edi .text:00401224 75 09 jnz short loc_40122F .text:00401226 33 C0 xor eax, eax .text:00401228 B9 70 33 40 00 mov ecx, offset __native_startup_lock .text:0040122D 87 01 xchg eax, [ecx] .text:0040122F .text:0040122F loc_40122F: ; CODE XREF: __tmainCRTStartup+ACj .text:0040122F 83 3D 80 33 40 00 00 cmp __dyn_tls_init_callback, 0 .text:00401236 74 19 jz short loc_401251 .text:00401238 68 80 33 40 00 push offset __dyn_tls_init_callback .text:0040123D E8 5E 01 00 00 call _IsNonwritableInCurrentImage .text:00401242 59 pop ecx .text:00401243 85 C0 test eax, eax .text:00401245 74 0A jz short loc_401251 .text:00401247 53 push ebx .text:00401248 6A 02 push 2 .text:0040124A 53 push ebx .text:0040124B FF 15 80 33 40 00 call __dyn_tls_init_callback .text:00401251 .text:00401251 loc_401251: ; CODE XREF: __tmainCRTStartup+BEj .text:00401251 ; __tmainCRTStartup+CDj .text:00401251 8B 0D 30 30 40 00 mov ecx, envp .text:00401257 A1 38 20 40 00 mov eax, ds:_imp____initenv .text:0040125C 89 08 mov [eax], ecx .text:0040125E FF 35 30 30 40 00 push envp .text:00401264 FF 35 2C 30 40 00 push argv .text:0040126A FF 35 28 30 40 00 push argc .text:00401270 E8 BC FD FF FF call main .text:00401275 83 C4 0C add esp, 0Ch .text:00401278 A3 20 30 40 00 mov mainret, eax .text:0040127D 83 3D 38 30 40 00 00 cmp managedapp, 0 .text:00401284 75 36 jnz short loc_4012BC .text:00401286 50 push eax ; int .text:00401287 FF 15 78 20 40 00 call ds:__imp__exit .text:0040128D ; --------------------------------------------------------------------------- .text:0040128D 8B 4D EC mov ecx, [ebp-14h] .text:00401290 8B 01 mov eax, [ecx] .text:00401292 8B 00 mov eax, [eax] .text:00401294 89 45 E4 mov [ebp-1Ch], eax .text:00401297 51 push ecx .text:00401298 50 push eax .text:00401299 E8 98 00 00 00 call __XcptFilter .text:0040129E 59 pop ecx .text:0040129F 59 pop ecx .text:004012A0 C3 retn .text:004012A1 ; --------------------------------------------------------------------------- .text:004012A1 8B 65 E8 mov esp, [ebp-18h] .text:004012A4 8B 45 E4 mov eax, [ebp-1Ch] .text:004012A7 A3 20 30 40 00 mov mainret, eax .text:004012AC 83 3D 38 30 40 00 00 cmp managedapp, 0 .text:004012B3 75 07 jnz short loc_4012BC .text:004012B5 50 push eax .text:004012B6 FF 15 48 20 40 00 call ds:__imp___exit .text:004012BC ; --------------------------------------------------------------------------- .text:004012BC .text:004012BC loc_4012BC: ; CODE XREF: __tmainCRTStartup+10Cj .text:004012BC ; __tmainCRTStartup+13Bj .text:004012BC 83 3D 24 30 40 00 00 cmp has_cctor, 0 .text:004012C3 75 0B jnz short loc_4012D0 .text:004012C5 FF 15 24 20 40 00 call ds:__imp___cexit .text:004012CB A1 20 30 40 00 mov eax, mainret .text:004012D0 .text:004012D0 loc_4012D0: ; CODE XREF: __tmainCRTStartup+14Bj .text:004012D0 C7 45 FC FE FF FF FF mov [ebp+ms_exc.disabled], 0FFFFFFFEh .text:004012D7 .text:004012D7 loc_4012D7: ; CODE XREF: __tmainCRTStartup+7Cj .text:004012D7 E8 09 04 00 00 call __SEH_epilog4 .text:004012DC C3 retn .text:004012DC __tmainCRTStartup endp .text:004012DC .text:004012DD .text:004012DD ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:004012DD .text:004012DD ; Attributes: library function .text:004012DD .text:004012DD public mainCRTStartup .text:004012DD mainCRTStartup proc near .text:004012DD E8 AF 01 00 00 call __security_init_cookie .text:004012E2 E9 91 FE FF FF jmp __tmainCRTStartup .text:004012E2 mainCRTStartup endp .text:004012E2 .text:004012E7 .text:004012E7 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:004012E7 .text:004012E7 ; Attributes: bp-based frame .text:004012E7 .text:004012E7 __CxxUnhandledExceptionFilter proc near ; DATA XREF: __CxxSetUnhandledExceptionFiltero .text:004012E7 .text:004012E7 arg_0 = dword ptr 8 .text:004012E7 .text:004012E7 55 push ebp .text:004012E8 8B EC mov ebp, esp .text:004012EA 8B 45 08 mov eax, [ebp+arg_0] .text:004012ED 8B 00 mov eax, [eax] .text:004012EF 81 38 63 73 6D E0 cmp dword ptr [eax], 0E06D7363h .text:004012F5 75 25 jnz short loc_40131C .text:004012F7 83 78 10 03 cmp dword ptr [eax+10h], 3 .text:004012FB 75 1F jnz short loc_40131C .text:004012FD 8B 40 14 mov eax, [eax+14h] .text:00401300 3D 20 05 93 19 cmp eax, 19930520h .text:00401305 74 1B jz short loc_401322 .text:00401307 3D 21 05 93 19 cmp eax, 19930521h .text:0040130C 74 14 jz short loc_401322 .text:0040130E 3D 22 05 93 19 cmp eax, 19930522h .text:00401313 74 0D jz short loc_401322 .text:00401315 3D 00 40 99 01 cmp eax, 1994000h .text:0040131A 74 06 jz short loc_401322 .text:0040131C .text:0040131C loc_40131C: ; CODE XREF: __CxxUnhandledExceptionFilter+Ej .text:0040131C ; __CxxUnhandledExceptionFilter+14j .text:0040131C 33 C0 xor eax, eax .text:0040131E 5D pop ebp .text:0040131F C2 04 00 retn 4 .text:00401322 ; --------------------------------------------------------------------------- .text:00401322 .text:00401322 loc_401322: ; CODE XREF: __CxxUnhandledExceptionFilter+1Ej .text:00401322 ; __CxxUnhandledExceptionFilter+25j ... .text:00401322 E8 F5 03 00 00 call ?terminate@@YAXXZ ; terminate(void) .text:00401327 CC int 3 ; Trap to Debugger .text:00401327 __CxxUnhandledExceptionFilter endp .text:00401327 .text:00401328 .text:00401328 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401328 .text:00401328 .text:00401328 __CxxSetUnhandledExceptionFilter proc near .text:00401328 ; DATA XREF: .rdata:004020B8o .text:00401328 68 E7 12 40 00 push offset __CxxUnhandledExceptionFilter .text:0040132D E8 F0 03 00 00 call ___crtSetUnhandledExceptionFilter .text:00401332 59 pop ecx .text:00401333 33 C0 xor eax, eax .text:00401335 C3 retn .text:00401335 __CxxSetUnhandledExceptionFilter endp .text:00401335 .text:00401336 .text:00401336 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401336 .text:00401336 ; Attributes: thunk .text:00401336 .text:00401336 __XcptFilter proc near ; CODE XREF: __tmainCRTStartup+121p .text:00401336 FF 25 88 20 40 00 jmp ds:__imp___XcptFilter .text:00401336 __XcptFilter endp .text:00401336 .text:0040133C .text:0040133C ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:0040133C .text:0040133C ; Attributes: thunk .text:0040133C .text:0040133C __amsg_exit proc near ; CODE XREF: pre_cpp_init+44p .text:0040133C ; __tmainCRTStartup+45p .text:0040133C FF 25 84 20 40 00 jmp ds:__imp___amsg_exit .text:0040133C __amsg_exit endp .text:0040133C .text:0040133C ; --------------------------------------------------------------------------- .text:00401342 CC CC CC CC CC CC CC+ align 10h .text:00401350 .text:00401350 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401350 .text:00401350 ; Attributes: bp-based frame .text:00401350 .text:00401350 _FindPESection proc near ; CODE XREF: _IsNonwritableInCurrentImage+59p .text:00401350 .text:00401350 arg_0 = dword ptr 8 .text:00401350 arg_4 = dword ptr 0Ch .text:00401350 .text:00401350 55 push ebp .text:00401351 8B EC mov ebp, esp .text:00401353 8B 45 08 mov eax, [ebp+arg_0] .text:00401356 53 push ebx .text:00401357 8B 48 3C mov ecx, [eax+3Ch] .text:0040135A 03 C8 add ecx, eax .text:0040135C 56 push esi .text:0040135D 0F B7 41 14 movzx eax, word ptr [ecx+14h] .text:00401361 0F B7 59 06 movzx ebx, word ptr [ecx+6] .text:00401365 83 C0 18 add eax, 18h .text:00401368 33 D2 xor edx, edx .text:0040136A 03 C1 add eax, ecx .text:0040136C 57 push edi .text:0040136D 85 DB test ebx, ebx .text:0040136F 74 1B jz short loc_40138C .text:00401371 8B 7D 0C mov edi, [ebp+arg_4] .text:00401374 .text:00401374 loc_401374: ; CODE XREF: _FindPESection+3Aj .text:00401374 8B 70 0C mov esi, [eax+0Ch] .text:00401377 3B FE cmp edi, esi .text:00401379 72 09 jb short loc_401384 .text:0040137B 8B 48 08 mov ecx, [eax+8] .text:0040137E 03 CE add ecx, esi .text:00401380 3B F9 cmp edi, ecx .text:00401382 72 0A jb short loc_40138E .text:00401384 .text:00401384 loc_401384: ; CODE XREF: _FindPESection+29j .text:00401384 42 inc edx .text:00401385 83 C0 28 add eax, 28h .text:00401388 3B D3 cmp edx, ebx .text:0040138A 72 E8 jb short loc_401374 .text:0040138C .text:0040138C loc_40138C: ; CODE XREF: _FindPESection+1Fj .text:0040138C 33 C0 xor eax, eax .text:0040138E .text:0040138E loc_40138E: ; CODE XREF: _FindPESection+32j .text:0040138E 5F pop edi .text:0040138F 5E pop esi .text:00401390 5B pop ebx .text:00401391 5D pop ebp .text:00401392 C3 retn .text:00401392 _FindPESection endp .text:00401392 .text:00401392 ; --------------------------------------------------------------------------- .text:00401393 CC CC CC CC CC CC CC+ align 10h .text:004013A0 .text:004013A0 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:004013A0 .text:004013A0 ; Attributes: bp-based frame .text:004013A0 .text:004013A0 _IsNonwritableInCurrentImage proc near ; CODE XREF: __tmainCRTStartup+C5p .text:004013A0 .text:004013A0 var_18 = dword ptr -18h .text:004013A0 var_10 = dword ptr -10h .text:004013A0 var_8 = dword ptr -8 .text:004013A0 var_4 = dword ptr -4 .text:004013A0 arg_0 = dword ptr 8 .text:004013A0 .text:004013A0 55 push ebp .text:004013A1 8B EC mov ebp, esp .text:004013A3 6A FE push 0FFFFFFFEh .text:004013A5 68 28 22 40 00 push offset unk_402228 .text:004013AA 68 F9 16 40 00 push offset _except_handler4 .text:004013AF 64 A1 00 00 00 00 mov eax, large fs:0 .text:004013B5 50 push eax .text:004013B6 83 EC 08 sub esp, 8 .text:004013B9 53 push ebx .text:004013BA 56 push esi .text:004013BB 57 push edi .text:004013BC A1 18 30 40 00 mov eax, __security_cookie .text:004013C1 31 45 F8 xor [ebp+var_8], eax .text:004013C4 33 C5 xor eax, ebp .text:004013C6 50 push eax .text:004013C7 8D 45 F0 lea eax, [ebp+var_10] .text:004013CA 64 A3 00 00 00 00 mov large fs:0, eax .text:004013D0 89 65 E8 mov [ebp+var_18], esp .text:004013D3 C7 45 FC 00 00 00 00 mov [ebp+var_4], 0 .text:004013DA 68 00 00 40 00 push 400000h .text:004013DF E8 7C 00 00 00 call _ValidateImageBase .text:004013E4 83 C4 04 add esp, 4 .text:004013E7 85 C0 test eax, eax .text:004013E9 74 54 jz short loc_40143F .text:004013EB 8B 45 08 mov eax, [ebp+arg_0] .text:004013EE 2D 00 00 40 00 sub eax, 400000h .text:004013F3 50 push eax .text:004013F4 68 00 00 40 00 push 400000h .text:004013F9 E8 52 FF FF FF call _FindPESection .text:004013FE 83 C4 08 add esp, 8 .text:00401401 85 C0 test eax, eax .text:00401403 74 3A jz short loc_40143F .text:00401405 8B 40 24 mov eax, [eax+24h] .text:00401408 C1 E8 1F shr eax, 1Fh .text:0040140B F7 D0 not eax .text:0040140D 83 E0 01 and eax, 1 .text:00401410 C7 45 FC FE FF FF FF mov [ebp+var_4], 0FFFFFFFEh .text:00401417 8B 4D F0 mov ecx, [ebp+var_10] .text:0040141A 64 89 0D 00 00 00 00 mov large fs:0, ecx .text:00401421 59 pop ecx .text:00401422 5F pop edi .text:00401423 5E pop esi .text:00401424 5B pop ebx .text:00401425 8B E5 mov esp, ebp .text:00401427 5D pop ebp .text:00401428 C3 retn .text:00401429 ; --------------------------------------------------------------------------- .text:00401429 8B 45 EC mov eax, [ebp-14h] .text:0040142C 8B 00 mov eax, [eax] .text:0040142E 33 C9 xor ecx, ecx .text:00401430 81 38 05 00 00 C0 cmp dword ptr [eax], 0C0000005h .text:00401436 0F 94 C1 setz cl .text:00401439 8B C1 mov eax, ecx .text:0040143B C3 retn .text:0040143C ; --------------------------------------------------------------------------- .text:0040143C 8B 65 E8 mov esp, [ebp-18h] .text:0040143F .text:0040143F loc_40143F: ; CODE XREF: _IsNonwritableInCurrentImage+49j .text:0040143F ; _IsNonwritableInCurrentImage+63j .text:0040143F C7 45 FC FE FF FF FF mov [ebp+var_4], 0FFFFFFFEh .text:00401446 33 C0 xor eax, eax .text:00401448 8B 4D F0 mov ecx, [ebp+var_10] .text:0040144B 64 89 0D 00 00 00 00 mov large fs:0, ecx .text:00401452 59 pop ecx .text:00401453 5F pop edi .text:00401454 5E pop esi .text:00401455 5B pop ebx .text:00401456 8B E5 mov esp, ebp .text:00401458 5D pop ebp .text:00401459 C3 retn .text:00401459 _IsNonwritableInCurrentImage endp .text:00401459 .text:00401459 ; --------------------------------------------------------------------------- .text:0040145A CC CC CC CC CC CC align 10h .text:00401460 .text:00401460 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401460 .text:00401460 ; Attributes: bp-based frame .text:00401460 .text:00401460 _ValidateImageBase proc near ; CODE XREF: _IsNonwritableInCurrentImage+3Fp .text:00401460 .text:00401460 arg_0 = dword ptr 8 .text:00401460 .text:00401460 55 push ebp .text:00401461 8B EC mov ebp, esp .text:00401463 8B 45 08 mov eax, [ebp+arg_0] .text:00401466 B9 4D 5A 00 00 mov ecx, 5A4Dh .text:0040146B 66 39 08 cmp [eax], cx .text:0040146E 74 04 jz short loc_401474 .text:00401470 33 C0 xor eax, eax .text:00401472 5D pop ebp .text:00401473 C3 retn .text:00401474 ; --------------------------------------------------------------------------- .text:00401474 .text:00401474 loc_401474: ; CODE XREF: _ValidateImageBase+Ej .text:00401474 8B 48 3C mov ecx, [eax+3Ch] .text:00401477 03 C8 add ecx, eax .text:00401479 33 C0 xor eax, eax .text:0040147B 81 39 50 45 00 00 cmp dword ptr [ecx], 4550h .text:00401481 75 0C jnz short loc_40148F .text:00401483 BA 0B 01 00 00 mov edx, 10Bh .text:00401488 66 39 51 18 cmp [ecx+18h], dx .text:0040148C 0F 94 C0 setz al .text:0040148F .text:0040148F loc_40148F: ; CODE XREF: _ValidateImageBase+21j .text:0040148F 5D pop ebp .text:00401490 C3 retn .text:00401490 _ValidateImageBase endp .text:00401490 .text:00401491 .text:00401491 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401491 .text:00401491 ; Attributes: bp-based frame .text:00401491 .text:00401491 __security_init_cookie proc near ; CODE XREF: mainCRTStartupp .text:00401491 .text:00401491 PerformanceCount= LARGE_INTEGER ptr -14h .text:00401491 SystemTimeAsFileTime= _FILETIME ptr -0Ch .text:00401491 var_4 = dword ptr -4 .text:00401491 .text:00401491 55 push ebp .text:00401492 8B EC mov ebp, esp .text:00401494 83 EC 14 sub esp, 14h .text:00401497 A1 18 30 40 00 mov eax, __security_cookie .text:0040149C 83 65 F4 00 and [ebp+SystemTimeAsFileTime.dwLowDateTime], 0 .text:004014A0 83 65 F8 00 and [ebp+SystemTimeAsFileTime.dwHighDateTime], 0 .text:004014A4 56 push esi .text:004014A5 57 push edi .text:004014A6 BF 4E E6 40 BB mov edi, 0BB40E64Eh .text:004014AB BE 00 00 FF FF mov esi, 0FFFF0000h .text:004014B0 3B C7 cmp eax, edi .text:004014B2 74 0D jz short loc_4014C1 .text:004014B4 85 C6 test eax, esi .text:004014B6 74 09 jz short loc_4014C1 .text:004014B8 F7 D0 not eax .text:004014BA A3 1C 30 40 00 mov __security_cookie_complement, eax .text:004014BF EB 66 jmp short loc_401527 .text:004014C1 ; --------------------------------------------------------------------------- .text:004014C1 .text:004014C1 loc_4014C1: ; CODE XREF: __security_init_cookie+21j .text:004014C1 ; __security_init_cookie+25j .text:004014C1 8D 45 F4 lea eax, [ebp+SystemTimeAsFileTime] .text:004014C4 50 push eax ; lpSystemTimeAsFileTime .text:004014C5 FF 15 0C 20 40 00 call ds:__imp__GetSystemTimeAsFileTime@4 ; GetSystemTimeAsFileTime(x) .text:004014CB 8B 45 F8 mov eax, [ebp+SystemTimeAsFileTime.dwHighDateTime] .text:004014CE 33 45 F4 xor eax, [ebp+SystemTimeAsFileTime.dwLowDateTime] .text:004014D1 89 45 FC mov [ebp+var_4], eax .text:004014D4 FF 15 10 20 40 00 call ds:__imp__GetCurrentThreadId@0 ; GetCurrentThreadId() .text:004014DA 31 45 FC xor [ebp+var_4], eax .text:004014DD FF 15 08 20 40 00 call ds:__imp__GetTickCount64@0 ; GetTickCount64() .text:004014E3 31 45 FC xor [ebp+var_4], eax .text:004014E6 8D 45 EC lea eax, [ebp+PerformanceCount] .text:004014E9 50 push eax ; lpPerformanceCount .text:004014EA FF 15 14 20 40 00 call ds:__imp__QueryPerformanceCounter@4 ; QueryPerformanceCounter(x) .text:004014F0 8B 4D F0 mov ecx, dword ptr [ebp+PerformanceCount+4] .text:004014F3 33 4D EC xor ecx, dword ptr [ebp+PerformanceCount] .text:004014F6 8D 45 FC lea eax, [ebp+var_4] .text:004014F9 33 4D FC xor ecx, [ebp+var_4] .text:004014FC 33 C8 xor ecx, eax .text:004014FE 3B CF cmp ecx, edi .text:00401500 75 07 jnz short loc_401509 .text:00401502 B9 4F E6 40 BB mov ecx, 0BB40E64Fh .text:00401507 EB 10 jmp short loc_401519 .text:00401509 ; --------------------------------------------------------------------------- .text:00401509 .text:00401509 loc_401509: ; CODE XREF: __security_init_cookie+6Fj .text:00401509 85 CE test ecx, esi .text:0040150B 75 0C jnz short loc_401519 .text:0040150D 8B C1 mov eax, ecx .text:0040150F 0D 11 47 00 00 or eax, 4711h .text:00401514 C1 E0 10 shl eax, 10h .text:00401517 0B C8 or ecx, eax .text:00401519 .text:00401519 loc_401519: ; CODE XREF: __security_init_cookie+76j .text:00401519 ; __security_init_cookie+7Aj .text:00401519 89 0D 18 30 40 00 mov __security_cookie, ecx .text:0040151F F7 D1 not ecx .text:00401521 89 0D 1C 30 40 00 mov __security_cookie_complement, ecx .text:00401527 .text:00401527 loc_401527: ; CODE XREF: __security_init_cookie+2Ej .text:00401527 5F pop edi .text:00401528 5E pop esi .text:00401529 C9 leave .text:0040152A C3 retn .text:0040152A __security_init_cookie endp .text:0040152A .text:0040152B .text:0040152B ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:0040152B .text:0040152B .text:0040152B _matherr proc near ; CODE XREF: pre_c_init+85p .text:0040152B ; DATA XREF: pre_c_init+93o .text:0040152B 33 C0 xor eax, eax .text:0040152D C3 retn .text:0040152D _matherr endp .text:0040152D .text:0040152E .text:0040152E ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:0040152E .text:0040152E .text:0040152E __atonexitinit proc near ; DATA XREF: .rdata:pinito .text:0040152E 83 3D 7C 33 40 00 00 cmp __onexitbegin, 0 .text:00401535 74 03 jz short loc_40153A .text:00401537 33 C0 xor eax, eax .text:00401539 C3 retn .text:0040153A ; --------------------------------------------------------------------------- .text:0040153A .text:0040153A loc_40153A: ; CODE XREF: __atonexitinit+7j .text:0040153A 56 push esi .text:0040153B 6A 04 push 4 .text:0040153D 6A 20 push 20h .text:0040153F FF 15 54 20 40 00 call ds:__imp___calloc_crt .text:00401545 59 pop ecx .text:00401546 59 pop ecx .text:00401547 8B F0 mov esi, eax .text:00401549 56 push esi .text:0040154A FF 15 18 20 40 00 call ds:__imp__EncodePointer@4 ; EncodePointer(x) .text:00401550 A3 7C 33 40 00 mov __onexitbegin, eax .text:00401555 A3 78 33 40 00 mov __onexitend, eax .text:0040155A 85 F6 test esi, esi .text:0040155C 75 05 jnz short loc_401563 .text:0040155E 6A 18 push 18h .text:00401560 58 pop eax .text:00401561 5E pop esi .text:00401562 C3 retn .text:00401563 ; --------------------------------------------------------------------------- .text:00401563 .text:00401563 loc_401563: ; CODE XREF: __atonexitinit+2Ej .text:00401563 83 26 00 and dword ptr [esi], 0 .text:00401566 33 C0 xor eax, eax .text:00401568 5E pop esi .text:00401569 C3 retn .text:00401569 __atonexitinit endp .text:00401569 .text:0040156A .text:0040156A ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:0040156A .text:0040156A ; Attributes: bp-based frame .text:0040156A .text:0040156A ; _onexit_t __cdecl onexit(_onexit_t) .text:0040156A _onexit proc near ; CODE XREF: atexit+6p .text:0040156A .text:0040156A var_24 = dword ptr -24h .text:0040156A var_20 = dword ptr -20h .text:0040156A var_1C = dword ptr -1Ch .text:0040156A ms_exc = CPPEH_RECORD ptr -18h .text:0040156A arg_0 = dword ptr 8 .text:0040156A .text:0040156A 6A 14 push 14h .text:0040156C 68 48 22 40 00 push offset unk_402248 .text:00401571 E8 2A 01 00 00 call __SEH_prolog4 .text:00401576 FF 35 7C 33 40 00 push __onexitbegin .text:0040157C 8B 35 04 20 40 00 mov esi, ds:__imp__DecodePointer@4 ; DecodePointer(x) .text:00401582 FF D6 call esi ; DecodePointer(x) ; DecodePointer(x) .text:00401584 89 45 E4 mov [ebp+var_1C], eax .text:00401587 83 F8 FF cmp eax, 0FFFFFFFFh .text:0040158A 75 0C jnz short loc_401598 .text:0040158C FF 75 08 push [ebp+arg_0] .text:0040158F FF 15 5C 20 40 00 call ds:_imp___onexit .text:00401595 59 pop ecx .text:00401596 EB 65 jmp short loc_4015FD .text:00401598 ; --------------------------------------------------------------------------- .text:00401598 .text:00401598 loc_401598: ; CODE XREF: _onexit+20j .text:00401598 6A 08 push 8 .text:0040159A E8 89 01 00 00 call __lock .text:0040159F 59 pop ecx .text:004015A0 83 65 FC 00 and [ebp+ms_exc.disabled], 0 .text:004015A4 FF 35 7C 33 40 00 push __onexitbegin .text:004015AA FF D6 call esi ; DecodePointer(x) ; DecodePointer(x) .text:004015AC 89 45 E4 mov [ebp+var_1C], eax .text:004015AF FF 35 78 33 40 00 push __onexitend .text:004015B5 FF D6 call esi ; DecodePointer(x) ; DecodePointer(x) .text:004015B7 89 45 E0 mov [ebp+var_20], eax .text:004015BA 8D 45 E0 lea eax, [ebp+var_20] .text:004015BD 50 push eax .text:004015BE 8D 45 E4 lea eax, [ebp+var_1C] .text:004015C1 50 push eax .text:004015C2 FF 75 08 push [ebp+arg_0] .text:004015C5 8B 35 18 20 40 00 mov esi, ds:__imp__EncodePointer@4 ; EncodePointer(x) .text:004015CB FF D6 call esi ; EncodePointer(x) ; EncodePointer(x) .text:004015CD 50 push eax .text:004015CE E8 61 01 00 00 call ___dllonexit .text:004015D3 83 C4 0C add esp, 0Ch .text:004015D6 8B F8 mov edi, eax .text:004015D8 89 7D DC mov [ebp+var_24], edi .text:004015DB FF 75 E4 push [ebp+var_1C] .text:004015DE FF D6 call esi ; EncodePointer(x) ; EncodePointer(x) .text:004015E0 A3 7C 33 40 00 mov __onexitbegin, eax .text:004015E5 FF 75 E0 push [ebp+var_20] .text:004015E8 FF D6 call esi ; EncodePointer(x) ; EncodePointer(x) .text:004015EA A3 78 33 40 00 mov __onexitend, eax .text:004015EF C7 45 FC FE FF FF FF mov [ebp+ms_exc.disabled], 0FFFFFFFEh .text:004015F6 E8 0B 00 00 00 call sub_401606 .text:004015FB 8B C7 mov eax, edi .text:004015FD .text:004015FD loc_4015FD: ; CODE XREF: _onexit+2Cj .text:004015FD E8 E3 00 00 00 call __SEH_epilog4 .text:00401602 C3 retn .text:00401602 _onexit endp .text:00401602 .text:00401603 ; --------------------------------------------------------------------------- .text:00401603 8B 7D DC mov edi, [ebp-24h] .text:00401606 .text:00401606 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401606 .text:00401606 .text:00401606 sub_401606 proc near ; CODE XREF: _onexit+8Cp .text:00401606 6A 08 push 8 .text:00401608 E8 21 01 00 00 call __unlock .text:0040160D 59 pop ecx .text:0040160E C3 retn .text:0040160E sub_401606 endp .text:0040160E .text:0040160F .text:0040160F ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:0040160F .text:0040160F ; Attributes: bp-based frame .text:0040160F .text:0040160F ; int __cdecl atexit(_onexit_t) .text:0040160F atexit proc near ; CODE XREF: pre_cpp_init+5p .text:0040160F .text:0040160F arg_0 = dword ptr 8 .text:0040160F .text:0040160F 55 push ebp .text:00401610 8B EC mov ebp, esp .text:00401612 FF 75 08 push [ebp+arg_0] ; _onexit_t .text:00401615 E8 50 FF FF FF call _onexit .text:0040161A F7 D8 neg eax .text:0040161C 1B C0 sbb eax, eax .text:0040161E F7 D8 neg eax .text:00401620 59 pop ecx .text:00401621 48 dec eax .text:00401622 5D pop ebp .text:00401623 C3 retn .text:00401623 atexit endp .text:00401623 .text:00401624 .text:00401624 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401624 .text:00401624 .text:00401624 _RTC_Initialize proc near ; CODE XREF: pre_c_init+80p .text:00401624 56 push esi .text:00401625 57 push edi .text:00401626 BE FC 21 40 00 mov esi, offset __rtc_izz .text:0040162B BF FC 21 40 00 mov edi, offset __rtc_izz .text:00401630 EB 0B jmp short loc_40163D .text:00401632 ; --------------------------------------------------------------------------- .text:00401632 .text:00401632 loc_401632: ; CODE XREF: _RTC_Initialize+1Bj .text:00401632 8B 06 mov eax, [esi] .text:00401634 85 C0 test eax, eax .text:00401636 74 02 jz short loc_40163A .text:00401638 FF D0 call eax .text:0040163A .text:0040163A loc_40163A: ; CODE XREF: _RTC_Initialize+12j .text:0040163A 83 C6 04 add esi, 4 .text:0040163D .text:0040163D loc_40163D: ; CODE XREF: _RTC_Initialize+Cj .text:0040163D 3B F7 cmp esi, edi .text:0040163F 72 F1 jb short loc_401632 .text:00401641 5F pop edi .text:00401642 5E pop esi .text:00401643 C3 retn .text:00401643 _RTC_Initialize endp .text:00401643 .text:00401644 .text:00401644 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401644 .text:00401644 .text:00401644 ; int RTC_Terminate(void) .text:00401644 _RTC_Terminate proc near ; DATA XREF: pre_cpp_inito .text:00401644 56 push esi .text:00401645 57 push edi .text:00401646 BE 04 22 40 00 mov esi, offset __rtc_tzz .text:0040164B BF 04 22 40 00 mov edi, offset __rtc_tzz .text:00401650 EB 0B jmp short loc_40165D .text:00401652 ; --------------------------------------------------------------------------- .text:00401652 .text:00401652 loc_401652: ; CODE XREF: _RTC_Terminate+1Bj .text:00401652 8B 06 mov eax, [esi] .text:00401654 85 C0 test eax, eax .text:00401656 74 02 jz short loc_40165A .text:00401658 FF D0 call eax .text:0040165A .text:0040165A loc_40165A: ; CODE XREF: _RTC_Terminate+12j .text:0040165A 83 C6 04 add esi, 4 .text:0040165D .text:0040165D loc_40165D: ; CODE XREF: _RTC_Terminate+Cj .text:0040165D 3B F7 cmp esi, edi .text:0040165F 72 F1 jb short loc_401652 .text:00401661 5F pop edi .text:00401662 5E pop esi .text:00401663 C3 retn .text:00401663 _RTC_Terminate endp .text:00401663 .text:00401664 ; --------------------------------------------------------------------------- .text:00401664 .text:00401664 _setdefaultprecision: ; CODE XREF: pre_c_init:loc_401113p .text:00401664 56 push esi .text:00401665 68 00 00 03 00 push 30000h .text:0040166A 68 00 00 01 00 push 10000h .text:0040166F 33 F6 xor esi, esi .text:00401671 56 push esi .text:00401672 E8 C9 00 00 00 call __controlfp_s .text:00401677 83 C4 0C add esp, 0Ch .text:0040167A 85 C0 test eax, eax .text:0040167C 75 02 jnz short loc_401680 .text:0040167E 5E pop esi .text:0040167F C3 retn .text:00401680 ; --------------------------------------------------------------------------- .text:00401680 .text:00401680 loc_401680: ; CODE XREF: .text:0040167Cj .text:00401680 56 push esi .text:00401681 56 push esi .text:00401682 56 push esi .text:00401683 56 push esi .text:00401684 56 push esi .text:00401685 E8 B0 00 00 00 call __invoke_watson .text:00401685 ; --------------------------------------------------------------------------- .text:0040168A CC CC dw 0CCCCh .text:0040168C ; [00000006 BYTES: COLLAPSED FUNCTION __initterm_e. PRESS KEYPAD "+" TO EXPAND] .text:00401692 ; [00000006 BYTES: COLLAPSED FUNCTION __initterm. PRESS KEYPAD "+" TO EXPAND] .text:00401698 CC CC CC CC CC CC CC+ align 10h .text:004016A0 .text:004016A0 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:004016A0 .text:004016A0 .text:004016A0 __SEH_prolog4 proc near ; CODE XREF: __tmainCRTStartup+7p .text:004016A0 ; _onexit+7p .text:004016A0 .text:004016A0 arg_4 = dword ptr 8 .text:004016A0 .text:004016A0 68 F9 16 40 00 push offset _except_handler4 .text:004016A5 64 FF 35 00 00 00 00 push large dword ptr fs:0 .text:004016AC 8B 44 24 10 mov eax, [esp+8+arg_4] .text:004016B0 89 6C 24 10 mov [esp+8+arg_4], ebp .text:004016B4 8D 6C 24 10 lea ebp, [esp+8+arg_4] .text:004016B8 2B E0 sub esp, eax .text:004016BA 53 push ebx .text:004016BB 56 push esi .text:004016BC 57 push edi .text:004016BD A1 18 30 40 00 mov eax, __security_cookie .text:004016C2 31 45 FC xor [ebp-4], eax .text:004016C5 33 C5 xor eax, ebp .text:004016C7 50 push eax .text:004016C8 89 65 E8 mov [ebp-18h], esp .text:004016CB FF 75 F8 push dword ptr [ebp-8] .text:004016CE 8B 45 FC mov eax, [ebp-4] .text:004016D1 C7 45 FC FE FF FF FF mov dword ptr [ebp-4], 0FFFFFFFEh .text:004016D8 89 45 F8 mov [ebp-8], eax .text:004016DB 8D 45 F0 lea eax, [ebp-10h] .text:004016DE 64 A3 00 00 00 00 mov large fs:0, eax .text:004016E4 C3 retn .text:004016E4 __SEH_prolog4 endp ; sp = -1Ch .text:004016E4 .text:004016E5 .text:004016E5 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:004016E5 .text:004016E5 .text:004016E5 __SEH_epilog4 proc near ; CODE XREF: __tmainCRTStartup:loc_4012D7p .text:004016E5 ; _onexit:loc_4015FDp .text:004016E5 8B 4D F0 mov ecx, [ebp-10h] .text:004016E8 64 89 0D 00 00 00 00 mov large fs:0, ecx .text:004016EF 59 pop ecx .text:004016F0 5F pop edi .text:004016F1 5F pop edi .text:004016F2 5E pop esi .text:004016F3 5B pop ebx .text:004016F4 8B E5 mov esp, ebp .text:004016F6 5D pop ebp .text:004016F7 51 push ecx .text:004016F8 C3 retn .text:004016F8 __SEH_epilog4 endp .text:004016F8 .text:004016F9 .text:004016F9 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:004016F9 .text:004016F9 ; Attributes: bp-based frame .text:004016F9 .text:004016F9 _except_handler4 proc near ; DATA XREF: _IsNonwritableInCurrentImage+Ao .text:004016F9 ; __SEH_prolog4o .text:004016F9 .text:004016F9 arg_0 = dword ptr 8 .text:004016F9 arg_4 = dword ptr 0Ch .text:004016F9 arg_8 = dword ptr 10h .text:004016F9 arg_C = dword ptr 14h .text:004016F9 .text:004016F9 55 push ebp .text:004016FA 8B EC mov ebp, esp .text:004016FC FF 75 14 push [ebp+arg_C] .text:004016FF FF 75 10 push [ebp+arg_8] .text:00401702 FF 75 0C push [ebp+arg_4] .text:00401705 FF 75 08 push [ebp+arg_0] .text:00401708 68 46 17 40 00 push offset __security_check_cookie .text:0040170D 68 18 30 40 00 push offset __security_cookie .text:00401712 E8 3F 00 00 00 call __except_handler4_common .text:00401717 83 C4 18 add esp, 18h .text:0040171A 5D pop ebp .text:0040171B C3 retn .text:0040171B _except_handler4 endp .text:0040171B .text:0040171C ; [00000006 BYTES: COLLAPSED FUNCTION terminate(void). PRESS KEYPAD "+" TO EXPAND] .text:00401722 ; [00000006 BYTES: COLLAPSED FUNCTION ___crtSetUnhandledExceptionFilter. PRESS KEYPAD "+" TO EXPAND] .text:00401728 ; [00000006 BYTES: COLLAPSED FUNCTION __lock. PRESS KEYPAD "+" TO EXPAND] .text:0040172E ; [00000006 BYTES: COLLAPSED FUNCTION __unlock. PRESS KEYPAD "+" TO EXPAND] .text:00401734 ; [00000006 BYTES: COLLAPSED FUNCTION ___dllonexit. PRESS KEYPAD "+" TO EXPAND] .text:0040173A ; [00000006 BYTES: COLLAPSED FUNCTION __invoke_watson. PRESS KEYPAD "+" TO EXPAND] .text:00401740 ; [00000006 BYTES: COLLAPSED FUNCTION __controlfp_s. PRESS KEYPAD "+" TO EXPAND] .text:00401746 .text:00401746 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401746 .text:00401746 .text:00401746 __security_check_cookie proc near ; DATA XREF: _except_handler4+Fo .text:00401746 3B 0D 18 30 40 00 cmp ecx, __security_cookie .text:0040174C 75 02 jnz short loc_401750 .text:0040174E F3 C3 rep retn .text:00401750 ; --------------------------------------------------------------------------- .text:00401750 .text:00401750 loc_401750: ; CODE XREF: __security_check_cookie+6j .text:00401750 E9 44 00 00 00 jmp __report_gsfailure .text:00401750 __security_check_cookie endp .text:00401750 .text:00401750 ; --------------------------------------------------------------------------- .text:00401755 CC align 2 .text:00401756 ; [00000006 BYTES: COLLAPSED FUNCTION __except_handler4_common. PRESS KEYPAD "+" TO EXPAND] .text:0040175C .text:0040175C ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:0040175C .text:0040175C ; Attributes: bp-based frame .text:0040175C .text:0040175C __raise_securityfailure proc near ; CODE XREF: __report_gsfailure+F2p .text:0040175C .text:0040175C arg_0 = dword ptr 8 .text:0040175C .text:0040175C 55 push ebp .text:0040175D 8B EC mov ebp, esp .text:0040175F FF 15 00 20 40 00 call ds:__imp__IsDebuggerPresent@0 ; IsDebuggerPresent() .text:00401765 6A 01 push 1 .text:00401767 A3 6C 33 40 00 mov DebuggerWasPresent, eax .text:0040176C E8 21 01 00 00 call __crt_debugger_hook .text:00401771 FF 75 08 push [ebp+arg_0] .text:00401774 E8 1F 01 00 00 call ___crtUnhandledException .text:00401779 83 3D 6C 33 40 00 00 cmp DebuggerWasPresent, 0 .text:00401780 59 pop ecx .text:00401781 59 pop ecx .text:00401782 75 08 jnz short loc_40178C .text:00401784 6A 01 push 1 .text:00401786 E8 07 01 00 00 call __crt_debugger_hook .text:0040178B 59 pop ecx .text:0040178C .text:0040178C loc_40178C: ; CODE XREF: __raise_securityfailure+26j .text:0040178C 68 09 04 00 C0 push 0C0000409h .text:00401791 E8 08 01 00 00 call ___crtTerminateProcess .text:00401796 59 pop ecx .text:00401797 5D pop ebp .text:00401798 C3 retn .text:00401798 __raise_securityfailure endp .text:00401798 .text:00401799 .text:00401799 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ .text:00401799 .text:00401799 ; Attributes: bp-based frame .text:00401799 .text:00401799 __report_gsfailure proc near ; CODE XREF: __security_check_cookie:loc_401750j .text:00401799 .text:00401799 var_324 = dword ptr -324h .text:00401799 var_8 = dword ptr -8 .text:00401799 arg_0 = dword ptr 8 .text:00401799 .text:00401799 55 push ebp .text:0040179A 8B EC mov ebp, esp .text:0040179C 81 EC 24 03 00 00 sub esp, 324h .text:004017A2 6A 17 push 17h ; ProcessorFeature .text:004017A4 E8 FB 00 00 00 call _IsProcessorFeaturePresent@4 ; IsProcessorFeaturePresent(x) .text:004017A9 85 C0 test eax, eax .text:004017AB 74 05 jz short loc_4017B2 .text:004017AD 6A 02 push 2 .text:004017AF 59 pop ecx .text:004017B0 CD 29 int 29h ; DOS 2+ internal - FAST PUTCHAR .text:004017B0 ; AL = character to display .text:004017B2 .text:004017B2 loc_4017B2: ; CODE XREF: __report_gsfailure+12j .text:004017B2 A3 50 31 40 00 mov dword_403150, eax .text:004017B7 89 0D 4C 31 40 00 mov dword_40314C, ecx .text:004017BD 89 15 48 31 40 00 mov dword_403148, edx .text:004017C3 89 1D 44 31 40 00 mov dword_403144, ebx .text:004017C9 89 35 40 31 40 00 mov dword_403140, esi .text:004017CF 89 3D 3C 31 40 00 mov dword_40313C, edi .text:004017D5 66 8C 15 68 31 40 00 mov word_403168, ss .text:004017DC 66 8C 0D 5C 31 40 00 mov word_40315C, cs .text:004017E3 66 8C 1D 38 31 40 00 mov word_403138, ds .text:004017EA 66 8C 05 34 31 40 00 mov word_403134, es .text:004017F1 66 8C 25 30 31 40 00 mov word_403130, fs .text:004017F8 66 8C 2D 2C 31 40 00 mov word_40312C, gs .text:004017FF 9C pushf .text:00401800 8F 05 60 31 40 00 pop dword_403160 .text:00401806 8B 45 00 mov eax, [ebp+0] .text:00401809 A3 54 31 40 00 mov dword_403154, eax .text:0040180E 8B 45 04 mov eax, [ebp+4] .text:00401811 A3 58 31 40 00 mov dword_403158, eax .text:00401816 8D 45 08 lea eax, [ebp+arg_0] .text:00401819 A3 64 31 40 00 mov dword_403164, eax .text:0040181E 8B 85 DC FC FF FF mov eax, [ebp+var_324] .text:00401824 C7 05 A0 30 40 00 01+ mov GS_ContextRecord, 10001h .text:0040182E A1 58 31 40 00 mov eax, dword_403158 .text:00401833 A3 5C 30 40 00 mov dword_40305C, eax .text:00401838 C7 05 50 30 40 00 09+ mov GS_ExceptionRecord, 0C0000409h .text:00401842 C7 05 54 30 40 00 01+ mov dword_403054, 1 .text:0040184C C7 05 60 30 40 00 01+ mov dword_403060, 1 .text:00401856 6A 04 push 4 .text:00401858 58 pop eax .text:00401859 6B C0 00 imul eax, 0 .text:0040185C C7 80 64 30 40 00 02+ mov dword_403064[eax], 2 .text:00401866 6A 04 push 4 .text:00401868 58 pop eax .text:00401869 6B C0 00 imul eax, 0 .text:0040186C 8B 0D 18 30 40 00 mov ecx, __security_cookie .text:00401872 89 4C 05 F8 mov [ebp+eax+var_8], ecx .text:00401876 6A 04 push 4 .text:00401878 58 pop eax .text:00401879 C1 E0 00 shl eax, 0 .text:0040187C 8B 0D 1C 30 40 00 mov ecx, __security_cookie_complement .text:00401882 89 4C 05 F8 mov [ebp+eax+var_8], ecx .text:00401886 68 F8 20 40 00 push offset GS_ExceptionPointers .text:0040188B E8 CC FE FF FF call __raise_securityfailure .text:00401890 C9 leave .text:00401891 C3 retn .text:00401891 __report_gsfailure endp .text:00401891 .text:00401892 ; [00000006 BYTES: COLLAPSED FUNCTION __crt_debugger_hook. PRESS KEYPAD "+" TO EXPAND] .text:00401898 ; [00000006 BYTES: COLLAPSED FUNCTION ___crtUnhandledException. PRESS KEYPAD "+" TO EXPAND] .text:0040189E ; [00000006 BYTES: COLLAPSED FUNCTION ___crtTerminateProcess. PRESS KEYPAD "+" TO EXPAND] .text:004018A4 ; [00000006 BYTES: COLLAPSED FUNCTION IsProcessorFeaturePresent(x). PRESS KEYPAD "+" TO EXPAND] .text:004018AA 00 00 00 00 00 00 00+ align 200h .text:004018AA 00 00 00 00 00 00 00+_text ends .text:004018AA 00 00 00 00 00 00 00+