diff options
Diffstat (limited to 'src/soc/intel/broadwell/refcode/broadwell_refcode.asm')
-rw-r--r-- | src/soc/intel/broadwell/refcode/broadwell_refcode.asm | 30879 |
1 files changed, 15467 insertions, 15412 deletions
diff --git a/src/soc/intel/broadwell/refcode/broadwell_refcode.asm b/src/soc/intel/broadwell/refcode/broadwell_refcode.asm index 4ceeb64950..24f3c32753 100644 --- a/src/soc/intel/broadwell/refcode/broadwell_refcode.asm +++ b/src/soc/intel/broadwell/refcode/broadwell_refcode.asm @@ -1,20 +1,15 @@ ;; Generated with r2dumpbin (https://github.com/mytbk/r2dumpbin) - -;; First convert the ELF file to binary, and pad it to MemSiz of -;; the loadable segment: -;; objcopy -O binary refcode.elf refcode.bin -;; fallocate -l 201288 refcode.bin - -;; Then get the relocation addresses: -;; readelf -r refcode.elf | cut -d' ' -f1 | grep '^[0-9]' \ -;; | sed -e 's/^/0x/g' -e 's/$/,/g' > refcode_reloc.txt - -;; Run these in r2 before running dumpbin.py: -;; f va @ 0 -;; f reloc:refcode_reloc.txt @ 0 +;; +;; objcopy -O binary broadwell_refcode_librem.elf refcode.bin +;; fallocate -l 201464 refcode.bin +;; readelf -r broadwell_refcode_librem.elf | cut -d' ' -f1 \ +;; | grep '^[0-9]' | sed -e 's/^/0x/g' -e 's/$/,/g' \ +;; > refcode_reloc.txt +;; +;; [0x00000000]> f va @ 0 +;; [0x00000000]> f reloc:refcode_reloc.txt bits 32 - global refcode_entry refcode_entry: @@ -35,39 +30,39 @@ push ebx sub esp, 0x1c mov esi, dword [ebp + 8] push esi -call fcn_000163a4 ; call 0x163a4 +call fcn_00016434 ; call 0x16434 add esp, 0x10 mov ebx, eax test eax, eax je loc_000000c4 ; je 0xc4 sub esp, 0xc -push ref_000205f8 ; push 0x205f8 -call fcn_000153ce ; call 0x153ce +push ref_00020688 ; push 0x20688 +call fcn_0001545e ; call 0x1545e pop eax pop edx push ebx push 0 -call fcn_0000dfb2 ; call 0xdfb2 -mov dword [esp], ref_0002060a ; mov dword [esp], 0x2060a -call fcn_000153ce ; call 0x153ce +call fcn_0000e020 ; call 0xe020 +mov dword [esp], ref_0002069a ; mov dword [esp], 0x2069a +call fcn_0001545e ; call 0x1545e pop ecx pop eax push ebx push 0 call fcn_0000058b ; call 0x58b -mov dword [esp], ref_00020625 ; mov dword [esp], 0x20625 -call fcn_000153ce ; call 0x153ce +mov dword [esp], ref_000206b5 ; mov dword [esp], 0x206b5 +call fcn_0001545e ; call 0x1545e add esp, 0xc push 0 push 0 push ebx -call fcn_0000d811 ; call 0xd811 +call fcn_0000d87f ; call 0xd87f lea eax, [ebp - 0xc] push eax push 0 push 0 -push ref_0002912c ; push 0x2912c -call fcn_00019699 ; call 0x19699 +push ref_000291dc ; push 0x291dc +call fcn_0001975d ; call 0x1975d mov eax, dword [ebp - 0xc] add esp, 0x20 movzx edx, byte [eax] @@ -76,15 +71,15 @@ push edx push dword [esi + 0x1a] push dword [esi + 0x1e] push eax -call fcn_000116c1 ; call 0x116c1 +call fcn_00011751 ; call 0x11751 mov eax, dword [ebp - 0xc] pop edx pop ecx push dword [eax + 4] push eax -call fcn_0001501f ; call 0x1501f -mov dword [esp], ref_00020637 ; mov dword [esp], 0x20637 -call fcn_000153ce ; call 0x153ce +call fcn_000150af ; call 0x150af +mov dword [esp], ref_000206c7 ; mov dword [esp], 0x206c7 +call fcn_0001545e ; call 0x1545e add esp, 0x10 xor eax, eax jmp short loc_000000c7 ; jmp 0xc7 @@ -108,41 +103,41 @@ sub esp, 0x14 push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x48 mov dword [esp], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 mov ebx, eax lea eax, [ebp - 0xc] and ebx, 0xfffffffe push eax push 0 push 0 -push ref_0002925c ; push 0x2925c -call fcn_00019699 ; call 0x19699 +push ref_0002930c ; push 0x2930c +call fcn_0001975d ; call 0x1975d add esp, 0x20 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al je short loc_0000014a ; je 0x14a test esi, esi jns short loc_0000014a ; jns 0x14a -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000132 ; je 0x132 push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000132: ; not directly referenced push esi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x126 -push ref_00020678 ; push 0x20678 -call fcn_000153fc ; call 0x153fc +push ref_00020708 ; push 0x20708 +call fcn_0001548c ; call 0x1548c add esp, 0x10 loc_0000014a: ; not directly referenced @@ -151,16 +146,16 @@ push 0x600 push 0xfffff9ff lea eax, [ebx + 0x5f00] push eax -call fcn_00018aa4 ; call 0x18aa4 -call fcn_000153e9 ; call 0x153e9 +call fcn_00018b68 ; call 0x18b68 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al je short loc_0000017e ; je 0x17e push edx push edx -push ref_000206a8 ; push 0x206a8 +push ref_00020738 ; push 0x20738 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_0000017e: ; not directly referenced @@ -169,7 +164,7 @@ add ebx, 0x5da8 push eax push 3 push ebx -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 lea esp, [ebp - 8] xor eax, eax pop ebx @@ -182,13 +177,13 @@ push ebp mov ebp, esp push esi push ebx -call fcn_0001c5b4 ; call 0x1c5b4 +call fcn_0001c678 ; call 0x1c678 mov esi, eax -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 sub esp, 0xc -push ref_000294ac ; push 0x294ac +push ref_0002955c ; push 0x2955c mov ebx, eax -call fcn_00019039 ; call 0x19039 +call fcn_000190fd ; call 0x190fd add esp, 0x10 test eax, eax je short loc_000001c4 ; je 0x1c4 @@ -196,14 +191,14 @@ cmp byte [eax + 0x4a], 0 jne short loc_00000228 ; jne 0x228 loc_000001c4: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_000001de ; je 0x1de push eax push eax -push ref_000206e4 ; push 0x206e4 +push ref_00020774 ; push 0x20774 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_000001de: ; not directly referenced @@ -217,7 +212,7 @@ push esi push 0 push 1 push 0x2e7 -call fcn_0001784b ; call 0x1784b +call fcn_0001790f ; call 0x1790f add esp, 0x10 loc_000001fc: ; not directly referenced @@ -231,13 +226,13 @@ push eax push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 1 sub eax, 0xffffff80 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 loc_00000228: ; not directly referenced @@ -256,14 +251,14 @@ push esi push ebx sub esp, 0xc mov ebx, dword [ebp + 8] -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 push edx mov esi, eax push 0 and esi, 0xffffffef push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc xor edx, edx mov edi, eax @@ -274,7 +269,7 @@ or eax, 1 push eax lea eax, [edi + 0x48] push eax -call fcn_00017e64 ; call 0x17e64 +call fcn_00017f28 ; call 0x17f28 mov eax, dword [ebx + 1] add esp, 0xc xor edx, edx @@ -285,7 +280,7 @@ push eax lea eax, [edi + 0x68] add edi, 0x40 push eax -call fcn_00017e64 ; call 0x17e64 +call fcn_00017f28 ; call 0x17f28 mov eax, dword [ebx + 1] add esp, 0xc xor edx, edx @@ -294,7 +289,7 @@ push edx or eax, 1 push eax push edi -call fcn_00017e64 ; call 0x17e64 +call fcn_00017f28 ; call 0x17f28 mov ecx, dword [ebx + 1] add esp, 0xc xor edx, edx @@ -305,7 +300,7 @@ push eax mov eax, dword [ecx + 4] add eax, 0x5420 push eax -call fcn_00017e64 ; call 0x17e64 +call fcn_00017f28 ; call 0x17f28 add esp, 0x10 cmp esi, 0x40660 jne short loc_000002e8 ; jne 0x2e8 @@ -319,7 +314,7 @@ push eax mov eax, dword [ecx + 4] add eax, 0x5408 push eax -call fcn_00017e64 ; call 0x17e64 +call fcn_00017f28 ; call 0x17f28 add esp, 0x10 loc_000002e8: @@ -340,7 +335,7 @@ mov eax, dword [eax + 1] mov eax, dword [eax + 4] add eax, 0x5f00 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 leave ret @@ -357,35 +352,35 @@ lea eax, [ebp - 0x20] push eax push 0x73 push 4 -call fcn_0001971b ; call 0x1971b +call fcn_000197df ; call 0x197df mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al je short loc_00000371 ; je 0x371 test esi, esi jns short loc_00000371 ; jns 0x371 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000359 ; je 0x359 push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000359: push edi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x18b -push ref_00020678 ; push 0x20678 -call fcn_000153fc ; call 0x153fc +push ref_00020708 ; push 0x20708 +call fcn_0001548c ; call 0x1548c add esp, 0x10 loc_00000371: mov eax, dword [ebp - 0x20] -mov esi, ref_000294ac ; mov esi, 0x294ac +mov esi, ref_0002955c ; mov esi, 0x2955c mov ecx, 4 lea edi, [eax + 8] add eax, 0x18 @@ -394,21 +389,21 @@ push edi push edi push 8 push eax -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff pop eax mov eax, dword [ebp - 0x20] pop edx add eax, 0x20 push 8 push eax -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff mov eax, dword [ebp - 0x20] pop ecx pop esi add eax, 0x29 push 0x21 push eax -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff mov eax, dword [ebp - 0x20] add esp, 0x10 mov byte [eax + 0x28], 0 @@ -431,31 +426,31 @@ lea eax, [ebp - 0x1c] push eax push 0 push 0 -push ref_000291dc ; push 0x291dc -call fcn_00019699 ; call 0x19699 +push ref_0002928c ; push 0x2928c +call fcn_0001975d ; call 0x1975d mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al je short loc_00000434 ; je 0x434 test ebx, ebx jns short loc_00000434 ; jns 0x434 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_0000041c ; je 0x41c push esi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_0000041c: push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x1a6 -push ref_00020678 ; push 0x20678 -call fcn_000153fc ; call 0x153fc +push ref_00020708 ; push 0x20708 +call fcn_0001548c ; call 0x1548c add esp, 0x10 loc_00000434: @@ -474,7 +469,7 @@ mov eax, dword [eax + 9] mov eax, dword [eax + 4] push dword [eax + 0x1c] push dword [eax + 0x18] -call fcn_0001718b ; call 0x1718b +call fcn_0001724f ; call 0x1724f add esp, 0x10 mov byte [ebx + 0x19], al @@ -491,14 +486,14 @@ mov dl, byte [edx + 0x301] mov byte [eax + 0x21], dl loc_00000489: -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_000004a3 ; je 0x4a3 push eax push eax -push ref_000206fe ; push 0x206fe +push ref_0002078e ; push 0x2078e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_000004a3: @@ -516,69 +511,69 @@ mov ebp, esp push ebx push edx mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_000004cf ; je 0x4cf push eax push eax -push ref_00020715 ; push 0x20715 +push ref_000207a5 ; push 0x207a5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_000004cf: -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_000004ea ; je 0x4ea push eax push 2 -push ref_00020759 ; push 0x20759 +push ref_000207e9 ; push 0x207e9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_000004ea: -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000505 ; je 0x505 push eax -push 4 -push ref_0002079d ; push 0x2079d +push 6 +push ref_0002082d ; push 0x2082d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000505: -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000520 ; je 0x520 push eax push 0 -push ref_000207e1 ; push 0x207e1 +push ref_00020871 ; push 0x20871 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000520: -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_0000053b ; je 0x53b push eax push 0 -push ref_00020825 ; push 0x20825 +push ref_000208b5 ; push 0x208b5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_0000053b: -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000555 ; je 0x555 push eax push eax -push ref_00020869 ; push 0x20869 +push ref_000208f9 ; push 0x208f9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000555: @@ -590,15 +585,15 @@ mov eax, dword [ebx + 1] mov eax, dword [eax + 8] add eax, 0x71c push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop edx pop ecx -push 0x2040000 +push 0x2060000 mov eax, dword [ebx + 1] mov eax, dword [eax + 8] add eax, 0x720 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f xor eax, eax mov ebx, dword [ebp - 4] leave @@ -612,48 +607,48 @@ push esi push ebx sub esp, 0x1c mov esi, dword [ebp + 0xc] -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov edi, eax lea eax, [ebp - 0x24] push eax push 0 push 0 -push ref_0002925c ; push 0x2925c -call fcn_00019699 ; call 0x19699 +push ref_0002930c ; push 0x2930c +call fcn_0001975d ; call 0x1975d mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al je short loc_000005f7 ; je 0x5f7 test ebx, ebx jns short loc_000005f7 ; jns 0x5f7 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_000005df ; je 0x5df push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_000005df: push ebx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x8e -push ref_00020678 ; push 0x20678 -call fcn_000153fc ; call 0x153fc +push ref_00020708 ; push 0x20708 +call fcn_0001548c ; call 0x1548c add esp, 0x10 loc_000005f7: -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000611 ; je 0x611 push ecx push ecx -push ref_000208ad ; push 0x208ad +push ref_0002093d ; push 0x2093d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000611: @@ -665,15 +660,15 @@ pop edx push dword [ebp - 0x24] push esi call fcn_00000311 ; call 0x311 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al je short loc_00000644 ; je 0x644 push eax push eax -push ref_000208c2 ; push 0x208c2 +push ref_00020952 ; push 0x20952 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000644: @@ -689,14 +684,14 @@ or bl, al je short loc_00000684 ; je 0x684 loc_00000668: -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_000006b0 ; je 0x6b0 push ecx push ecx -push ref_000208e2 ; push 0x208e2 +push ref_00020972 ; push 0x20972 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 jmp short loc_000006b0 ; jmp 0x6b0 @@ -707,10 +702,10 @@ push eax push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 jne short loc_00000668 ; jne 0x668 @@ -721,20 +716,20 @@ push edx push edx push dword [ebp - 0x24] push esi -call fcn_000020ad ; call 0x20ad +call fcn_0000211b ; call 0x211b add esp, 0x10 test bl, bl je short loc_000006de ; je 0x6de loc_000006c2: -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000706 ; je 0x706 push eax push eax -push ref_000208f4 ; push 0x208f4 +push ref_00020984 ; push 0x20984 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 jmp short loc_00000706 ; jmp 0x706 @@ -747,10 +742,10 @@ push eax push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 jne short loc_000006c2 ; jne 0x6c2 @@ -761,18 +756,18 @@ push eax push eax push dword [ebp - 0x24] push esi -call fcn_00004a9a ; call 0x4a9a +call fcn_00004b08 ; call 0x4b08 add esp, 0x10 loc_00000714: -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_0000072e ; je 0x72e push eax push eax -push ref_0002090a ; push 0x2090a +push ref_0002099a ; push 0x2099a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_0000072e: @@ -780,16 +775,16 @@ push eax push eax push dword [ebp - 0x24] push esi -call fcn_000015f5 ; call 0x15f5 -call fcn_000153e9 ; call 0x153e9 +call fcn_00001663 ; call 0x1663 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al je short loc_00000756 ; je 0x756 push eax push eax -push ref_00020921 ; push 0x20921 +push ref_000209b1 ; push 0x209b1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000756: @@ -798,15 +793,15 @@ push edi push dword [ebp - 0x24] push esi call fcn_000009ac ; call 0x9ac -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al je short loc_0000077e ; je 0x77e push ebx push ebx -push ref_00020949 ; push 0x20949 +push ref_000209d9 ; push 0x209d9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_0000077e: @@ -814,64 +809,64 @@ push ecx push ecx push dword [ebp - 0x24] push esi -call fcn_00001ddb ; call 0x1ddb -call fcn_000153e9 ; call 0x153e9 +call fcn_00001e49 ; call 0x1e49 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al je short loc_000007a6 ; je 0x7a6 push edx push edx -push ref_00020969 ; push 0x20969 +push ref_000209f9 ; push 0x209f9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_000007a6: sub esp, 0xc push dword [ebp - 0x24] call fcn_000002f0 ; call 0x2f0 -mov dword [esp], ref_00026e34 ; mov dword [esp], 0x26e34 -call fcn_000196bb ; call 0x196bb +mov dword [esp], ref_00026ee4 ; mov dword [esp], 0x26ee4 +call fcn_0001977f ; call 0x1977f mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al je short loc_00000804 ; je 0x804 test ebx, ebx jns short loc_00000804 ; jns 0x804 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_000007ec ; je 0x7ec push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_000007ec: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xde -push ref_00020678 ; push 0x20678 -call fcn_000153fc ; call 0x153fc +push ref_00020708 ; push 0x20708 +call fcn_0001548c ; call 0x1548c add esp, 0x10 loc_00000804: sub esp, 0xc lea eax, [ebp - 0x20] push eax -call fcn_000196d3 ; call 0x196d3 +call fcn_00019797 ; call 0x19797 mov ebx, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al je short loc_00000831 ; je 0x831 push eax push dword [ebp - 0x20] -push ref_00020986 ; push 0x20986 +push ref_00020a16 ; push 0x20a16 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000831: @@ -879,40 +874,40 @@ test ebx, ebx jne short loc_000008a9 ; jne 0x8a9 cmp dword [ebp - 0x20], 0x11 jne short loc_000008a9 ; jne 0x8a9 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000855 ; je 0x855 push eax push eax -push ref_0002099a ; push 0x2099a +push ref_00020a2a ; push 0x20a2a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000855: sub esp, 0xc -push ref_00026e28 ; push 0x26e28 -call fcn_000196bb ; call 0x196bb +push ref_00026ed8 ; push 0x26ed8 +call fcn_0001977f ; call 0x1977f mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al je loc_00000949 ; je 0x949 test ebx, ebx jns loc_00000949 ; jns 0x949 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000899 ; je 0x899 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000899: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xe8 jmp near loc_0000093c ; jmp 0x93c @@ -921,86 +916,86 @@ lea eax, [ebp - 0x1c] push eax push 0 push 0 -push ref_0002927c ; push 0x2927c +push ref_0002932c ; push 0x2932c mov dword [ebp - 0x1c], 0 -call fcn_00019699 ; call 0x19699 +call fcn_0001975d ; call 0x1975d mov eax, dword [ebp - 0x1c] add esp, 0x10 test eax, eax je short loc_00000949 ; je 0x949 test byte [eax + 1], 1 je short loc_00000949 ; je 0x949 -call fcn_00016597 ; call 0x16597 +call fcn_00016627 ; call 0x16627 dec al jne short loc_00000949 ; jne 0x949 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_000008f5 ; je 0x8f5 push edi push edi -push ref_000209be ; push 0x209be +push ref_00020a4e ; push 0x20a4e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_000008f5: sub esp, 0xc -push ref_00026e28 ; push 0x26e28 -call fcn_000196bb ; call 0x196bb +push ref_00026ed8 ; push 0x26ed8 +call fcn_0001977f ; call 0x1977f mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al je short loc_00000949 ; je 0x949 test ebx, ebx jns short loc_00000949 ; jns 0x949 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000931 ; je 0x931 push esi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000931: push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xf8 loc_0000093c: -push ref_00020678 ; push 0x20678 -call fcn_000153fc ; call 0x153fc +push ref_00020708 ; push 0x20708 +call fcn_0001548c ; call 0x1548c add esp, 0x10 loc_00000949: sub esp, 0xc -push ref_00026e40 ; push 0x26e40 -call fcn_00019667 ; call 0x19667 +push ref_00026ef0 ; push 0x26ef0 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al je short loc_0000099d ; je 0x99d test ebx, ebx jns short loc_0000099d ; jns 0x99d -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000985 ; je 0x985 push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000985: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x102 -push ref_00020678 ; push 0x20678 -call fcn_000153fc ; call 0x153fc +push ref_00020708 ; push 0x20708 +call fcn_0001548c ; call 0x1548c add esp, 0x10 loc_0000099d: @@ -1026,23 +1021,23 @@ push esi push ebx sub esp, 0x3c mov ebx, dword [ebp + 0xc] -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov dword [ebp - 0x34], 0 -mov esi, eax +mov edi, eax mov eax, dword [ebx + 0x11] cmp byte [eax + 0xb], 0 jne short loc_000009f7 ; jne 0x9f7 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 xor ebx, ebx test al, al -je loc_00000ca8 ; je 0xca8 +je loc_00000d16 ; je 0xd16 push ecx push ecx -push ref_000209f3 ; push 0x209f3 +push ref_00020a83 ; push 0x20a83 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp near loc_00000ca8 ; jmp 0xca8 +jmp near loc_00000d16 ; jmp 0xd16 loc_000009f7: push eax @@ -1050,88 +1045,138 @@ push eax push 7 lea eax, [ebp - 0x26] push eax -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff pop eax pop edx lea eax, [ebp - 0x1f] push 7 push eax -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff lea eax, [ebp - 0x30] push eax push 0 push 0 -push ref_000290ec ; push 0x290ec -call fcn_00019699 ; call 0x19699 +push ref_0002919c ; push 0x2919c +call fcn_0001975d ; call 0x1975d add esp, 0x20 mov dword [ebp - 0x3c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al je short loc_00000a6c ; je 0xa6c cmp dword [ebp - 0x3c], 0 jns short loc_00000a6c ; jns 0xa6c -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al je short loc_00000a57 ; je 0xa57 push eax push dword [ebp - 0x3c] -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 loc_00000a57: -push edi -push ref_00020664 ; push 0x20664 +push esi +push ref_000206f4 ; push 0x206f4 push 0x54 -push ref_00020a33 ; push 0x20a33 -call fcn_000153fc ; call 0x153fc +push ref_00020ac3 ; push 0x20ac3 +call fcn_0001548c ; call 0x1548c add esp, 0x10 loc_00000a6c: -cmp esi, 0x40670 -jne short loc_00000ad8 ; jne 0xad8 -mov eax, dword [ebx + 0x11] -cmp byte [eax + 0x10], 0 -je short loc_00000ad8 ; je 0xad8 -call fcn_000153e9 ; call 0x153e9 -test al, al -je short loc_00000a9e ; je 0xa9e -push esi -mov eax, dword [ebx + 0x11] -movzx eax, byte [eax + 0x10] -push eax -push ref_00020a61 ; push 0x20a61 -push 0x40 -call fcn_000153f7 ; call 0x153f7 -add esp, 0x10 - -loc_00000a9e: -push eax +push ecx +and edi, 0xfff0ff0 push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x48 mov dword [esp], eax -call fcn_00017e14 ; call 0x17e14 -pop edx +call fcn_00017ed8 ; call 0x17ed8 +add esp, 0x10 +cmp edi, 0x40670 +jne loc_00000b4a ; jne 0xb4a mov edx, dword [ebx + 0x11] -pop ecx -mov dl, byte [edx + 0x10] +cmp byte [edx + 0x10], 0 +je loc_00000b4a ; je 0xb4a and eax, 0xfffffffe -add eax, 0x5e08 -and edx, 0x7f -or edx, 0x80000000 +mov esi, eax +mov eax, dword [ebx + 9] +mov eax, dword [eax + 0x64] +cmp eax, 0x7735940 +je short loc_00000ada ; je 0xada +ja short loc_00000ac6 ; ja 0xac6 +cmp eax, 0x5f5e100 +jne short loc_00000af3 ; jne 0xaf3 +push edx push edx +push 1 +jmp short loc_00000ae4 ; jmp 0xae4 + +loc_00000ac6: +cmp eax, 0x9f437c0 +je short loc_00000ae0 ; je 0xae0 +cmp eax, 0xee6b280 +jne short loc_00000af3 ; jne 0xaf3 +push eax push eax -call fcn_00017dcb ; call 0x17dcb +push 0xe +jmp short loc_00000ae4 ; jmp 0xae4 + +loc_00000ada: +push eax +push eax +push 6 +jmp short loc_00000ae4 ; jmp 0xae4 + +loc_00000ae0: +push eax +push eax +push 0xa + +loc_00000ae4: +lea eax, [esi + 0x5da0] +push eax +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_00000ad8: +loc_00000af3: +push eax +push eax +push 0x80000014 +lea eax, [esi + 0x5da4] +push eax +call fcn_00017e8f ; call 0x17e8f +call fcn_00015479 ; call 0x15479 +add esp, 0x10 +test al, al +je short loc_00000b2a ; je 0xb2a +push eax +mov eax, dword [ebx + 0x11] +movzx eax, byte [eax + 0x10] +push eax +push ref_00020af1 ; push 0x20af1 +push 0x40 +call fcn_00015487 ; call 0x15487 +add esp, 0x10 + +loc_00000b2a: +push eax +add esi, 0x5e08 +push eax +mov eax, dword [ebx + 0x11] +mov al, byte [eax + 0x10] +and eax, 0x7f +or eax, 0x80000000 +push eax +push esi +call fcn_00017e8f ; call 0x17e8f +add esp, 0x10 + +loc_00000b4a: mov dword [ebp - 0x40], 1 -loc_00000adf: +loc_00000b51: mov ecx, dword [ebp - 0x40] cmp cl, 1 mov eax, ecx @@ -1141,17 +1186,17 @@ sub eax, 3 cmp al, 2 mov byte [ebp - 0x43], cl setbe byte [ebp - 0x42] -jbe short loc_00000b03 ; jbe 0xb03 +jbe short loc_00000b75 ; jbe 0xb75 test cl, cl -je loc_00000c98 ; je 0xc98 +je loc_00000d06 ; je 0xd06 -loc_00000b03: +loc_00000b75: push ecx push ecx push 5 lea eax, [ebp - 0x2b] push eax -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff mov al, byte [ebp - 0x41] pop esi pop edi @@ -1160,25 +1205,25 @@ lea eax, [ebp - 0x34] push eax lea eax, [ebp - 0x2b] push eax -call fcn_0001d2de ; call 0x1d2de +call fcn_0001d3a2 ; call 0x1d3a2 add esp, 0x10 cmp dword [ebp - 0x34], 0 mov dword [ebp - 0x3c], eax -jne loc_00000c77 ; jne 0xc77 +jne loc_00000ce5 ; jne 0xce5 cmp byte [ebp - 0x2a], 0 -jne short loc_00000b4b ; jne 0xb4b +jne short loc_00000bbd ; jne 0xbbd cmp byte [ebp - 0x29], 0 -jne short loc_00000b4b ; jne 0xb4b +jne short loc_00000bbd ; jne 0xbbd cmp byte [ebp - 0x28], 0 -je loc_00000c61 ; je 0xc61 +je loc_00000ccf ; je 0xccf -loc_00000b4b: +loc_00000bbd: push edi push edi push 7 lea edi, [ebp - 0x26] push edi -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff mov al, byte [ebp - 0x41] mov byte [ebp - 0x20], al pop eax @@ -1186,38 +1231,38 @@ pop edx lea eax, [ebp - 0x34] push eax push edi -call fcn_0001d131 ; call 0x1d131 +call fcn_0001d1f5 ; call 0x1d1f5 add esp, 0x10 mov dword [ebp - 0x3c], eax test eax, eax -jne loc_00000c98 ; jne 0xc98 +jne loc_00000d06 ; jne 0xd06 cmp dword [ebp - 0x34], 0 -jne loc_00000c98 ; jne 0xc98 +jne loc_00000d06 ; jne 0xd06 push esi push esi push 7 lea esi, [ebp - 0x1f] push esi -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff mov al, byte [ebp - 0x41] add esp, 0x10 cmp byte [ebp - 0x43], 0 mov byte [ebp - 0x19], al -je short loc_00000c08 ; je 0xc08 +je short loc_00000c7a ; je 0xc7a mov eax, dword [ebx + 0x11] mov dx, word [eax + 6] mov byte [ebp - 0x1f], dl mov dl, byte [eax + 0xa] mov byte [ebp - 0x1e], dl test dl, dl -jne short loc_00000bb8 ; jne 0xbb8 +jne short loc_00000c2a ; jne 0xc2a mov dx, word [eax + 4] -jmp short loc_00000bbc ; jmp 0xbbc +jmp short loc_00000c2e ; jmp 0xc2e -loc_00000bb8: +loc_00000c2a: mov dx, word [eax + 2] -loc_00000bbc: +loc_00000c2e: mov word [ebp - 0x1d], dx mov ax, word [eax] push ecx @@ -1225,12 +1270,12 @@ push 7 push edi push esi mov word [ebp - 0x1b], ax -call fcn_00016fa3 ; call 0x16fa3 +call fcn_00017067 ; call 0x17067 add esp, 0x10 test al, al -loc_00000bd6: -je loc_00000c98 ; je 0xc98 +loc_00000c48: +je loc_00000d06 ; je 0xd06 mov eax, dword [ebp - 0x30] sub esp, 0xc push 0x3c @@ -1243,86 +1288,84 @@ push edx push edx mov edi, esp rep movsb ; rep movsb byte es:[edi], byte ptr [esi] -call fcn_0001d1b8 ; call 0x1d1b8 +call fcn_0001d27c ; call 0x1d27c add esp, 0x10 mov esi, eax test eax, eax -je short loc_00000c44 ; je 0xc44 -jmp short loc_00000c4a ; jmp 0xc4a +je short loc_00000cb2 ; je 0xcb2 +jmp short loc_00000cb8 ; jmp 0xcb8 -loc_00000c08: +loc_00000c7a: cmp byte [ebp - 0x42], 0 -je loc_00000c98 ; je 0xc98 -movzx edi, byte [ebp - 0x41] -mov eax, edi -cmp al, 4 +je loc_00000d06 ; je 0xd06 +mov cl, byte [ebp - 0x41] mov eax, dword [ebx + 0x11] -je short loc_00000c2c ; je 0xc2c -mov ecx, edi +cmp cl, 4 +je short loc_00000c9a ; je 0xc9a cmp cl, 5 -je short loc_00000c32 ; je 0xc32 +je short loc_00000ca0 ; je 0xca0 mov ax, word [eax + 8] -jmp short loc_00000c36 ; jmp 0xc36 +jmp short loc_00000ca4 ; jmp 0xca4 -loc_00000c2c: +loc_00000c9a: mov ax, word [eax + 0xc] -jmp short loc_00000c36 ; jmp 0xc36 +jmp short loc_00000ca4 ; jmp 0xca4 -loc_00000c32: +loc_00000ca0: mov ax, word [eax + 0xe] -loc_00000c36: +loc_00000ca4: mov word [ebp - 0x1b], ax mov ax, word [ebp - 0x22] cmp word [ebp - 0x1b], ax -jmp short loc_00000bd6 ; jmp 0xbd6 +jmp short loc_00000c48 ; jmp 0xc48 -loc_00000c44: +loc_00000cb2: cmp dword [ebp - 0x34], 0 -je short loc_00000c98 ; je 0xc98 +je short loc_00000d06 ; je 0xd06 -loc_00000c4a: -call fcn_000153e9 ; call 0x153e9 +loc_00000cb8: +call fcn_00015479 ; call 0x15479 mov dword [ebp - 0x3c], esi test al, al -je short loc_00000c98 ; je 0xc98 +je short loc_00000d06 ; je 0xd06 push dword [ebp - 0x34] push esi -push ref_00020a87 ; push 0x20a87 -jmp short loc_00000c8b ; jmp 0xc8b +push ref_00020b17 ; push 0x20b17 +jmp short loc_00000cf9 ; jmp 0xcf9 -loc_00000c61: -call fcn_000153e9 ; call 0x153e9 +loc_00000ccf: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00000c98 ; je 0xc98 +je short loc_00000d06 ; je 0xd06 push eax push dword [ebp - 0x40] -push ref_00020ad0 ; push 0x20ad0 +push ref_00020b60 ; push 0x20b60 push 0x40 -jmp short loc_00000c90 ; jmp 0xc90 +jmp short loc_00000cfe ; jmp 0xcfe -loc_00000c77: -call fcn_000153e9 ; call 0x153e9 +loc_00000ce5: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00000c98 ; je 0xc98 +je short loc_00000d06 ; je 0xd06 push dword [ebp - 0x40] push dword [ebp - 0x34] -push ref_00020af9 ; push 0x20af9 +push ref_00020b89 ; push 0x20b89 -loc_00000c8b: +loc_00000cf9: push 0x80000000 -loc_00000c90: -call fcn_000153f7 ; call 0x153f7 +loc_00000cfe: +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00000c98: +loc_00000d06: inc dword [ebp - 0x40] cmp dword [ebp - 0x40], 6 -jne loc_00000adf ; jne 0xadf +jne loc_00000b51 ; jne 0xb51 mov ebx, dword [ebp - 0x3c] -loc_00000ca8: +loc_00000d16: lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -1331,7 +1374,7 @@ pop edi pop ebp ret -fcn_00000cb2: +fcn_00000d20: push ebp mov ebp, esp push edi @@ -1344,53 +1387,53 @@ mov dword [eax], 0 push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [ebp - 0x1c], eax add eax, 0xb mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 cmp al, 6 -je short loc_00000d67 ; je 0xd67 +je short loc_00000dd5 ; je 0xdd5 -loc_00000cec: +loc_00000d5a: mov eax, dword [ebp - 0x1c] sub esp, 0xc lea ebx, [esi + eax] push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edi, eax pop eax pop edx push 0 push ebx -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e pop ecx pop eax push 0xffffffffffffffff push ebx -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov dword [esp], ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 cmp edi, eax -je short loc_00000d28 ; je 0xd28 +je short loc_00000d96 ; je 0xd96 test edi, 1 -je short loc_00000d36 ; je 0xd36 +je short loc_00000da4 ; je 0xda4 -loc_00000d28: +loc_00000d96: push ecx push ecx push edi push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -jmp short loc_00000d5f ; jmp 0xd5f +jmp short loc_00000dcd ; jmp 0xdcd -loc_00000d36: +loc_00000da4: sub esp, 0xc push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp + 0x14] and eax, 0xfffffff0 sub dword [edx], eax @@ -1399,18 +1442,18 @@ pop edx push edi and edi, 6 push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 cmp edi, 4 lea eax, [esi + 4] cmove esi, eax -loc_00000d5f: +loc_00000dcd: add esi, 4 cmp esi, 0x24 -jbe short loc_00000cec ; jbe 0xcec +jbe short loc_00000d5a ; jbe 0xd5a -loc_00000d67: +loc_00000dd5: lea esp, [ebp - 0xc] pop ebx pop esi @@ -1418,7 +1461,7 @@ pop edi pop ebp ret -fcn_00000d6f: +fcn_00000ddd: push ebp mov ebp, esp push edi @@ -1433,25 +1476,25 @@ mov byte [ebp - 0x19], al movzx eax, al mov dword [ebp - 0x20], eax -loc_00000d8b: +loc_00000df9: push eax push 0 push esi push dword [ebp - 0x20] -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov ebx, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je loc_00000e2d ; je 0xe2d +je loc_00000e9b ; je 0xe9b sub esp, 0xc lea eax, [ebx + 0xa] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp ax, 0x604 -jne short loc_00000e2d ; jne 0xe2d +jne short loc_00000e9b ; jne 0xe9b mov al, byte [ebp - 0x19] inc eax mov byte [ebp - 0x19], al @@ -1460,7 +1503,7 @@ push eax push dword [ebp - 0x20] lea eax, [ebx + 0x18] push eax -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 movzx edi, byte [ebp - 0x19] lea eax, [ebx + 0x19] pop edx @@ -1468,24 +1511,24 @@ add ebx, 0x1a pop ecx push edi push eax -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 pop eax pop edx push 0xff push ebx -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 add esp, 0xc push 0 push 0 push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop ecx pop edx push 0 push eax -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 mov dword [esp], edi -call fcn_00000d6f ; call 0xd6f +call fcn_00000ddd ; call 0xddd pop ecx mov edi, eax pop eax @@ -1493,15 +1536,15 @@ mov eax, edi movzx eax, al push eax push ebx -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 mov eax, edi add esp, 0x10 mov byte [ebp - 0x19], al -loc_00000e2d: +loc_00000e9b: inc esi cmp esi, 0x20 -jne loc_00000d8b ; jne 0xd8b +jne loc_00000df9 ; jne 0xdf9 mov eax, edi test al, al mov al, byte [ebp - 0x24] @@ -1513,7 +1556,7 @@ pop edi pop ebp ret -fcn_00000e49: +fcn_00000eb7: push ebp mov ebp, esp push edi @@ -1524,85 +1567,85 @@ lea eax, [ebp - 0x1c] push eax push 0 push 0 -push ref_0002901c ; push 0x2901c +push ref_000290cc ; push 0x290cc mov dword [ebp - 0x20], 0 -call fcn_00019699 ; call 0x19699 +call fcn_0001975d ; call 0x1975d mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00000eb2 ; je 0xeb2 +je short loc_00000f20 ; je 0xf20 test ebx, ebx -jns short loc_00000eb2 ; jns 0xeb2 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00000f20 ; jns 0xf20 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00000e9a ; je 0xe9a +je short loc_00000f08 ; je 0xf08 push esi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00000e9a: +loc_00000f08: push ebx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x2d0 -push ref_00020b42 ; push 0x20b42 -call fcn_000153fc ; call 0x153fc +push ref_00020bd2 ; push 0x20bd2 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00000eb2: +loc_00000f20: mov byte [ebp - 0x29], 0 mov esi, 0x10100 xor ebx, ebx -loc_00000ebd: -call fcn_0001c0fb ; call 0x1c0fb +loc_00000f2b: +call fcn_0001c1bf ; call 0x1c1bf cmp bl, al -jae loc_00000f52 ; jae 0xf52 +jae loc_00000fc0 ; jae 0xfc0 movzx eax, bl push ecx push eax push 0x1c push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov edi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je short loc_00000f4c ; je 0xf4c +je short loc_00000fba ; je 0xfba push eax push eax push esi lea eax, [edi + 0x18] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f lea eax, [edi + 0x19] add edi, 0x1a mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b pop edx pop ecx push 0xff push edi mov esi, eax -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 add esp, 0xc mov eax, esi push 0 movzx esi, al push 0 push esi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0 push eax -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 mov dword [esp], esi -call fcn_00000d6f ; call 0xd6f +call fcn_00000ddd ; call 0xddd movzx esi, al mov byte [ebp - 0x29], al pop eax @@ -1610,66 +1653,66 @@ pop edx push esi inc esi push edi -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 shl esi, 8 add esp, 0x10 -loc_00000f4c: +loc_00000fba: inc ebx -jmp near loc_00000ebd ; jmp 0xebd +jmp near loc_00000f2b ; jmp 0xf2b -loc_00000f52: +loc_00000fc0: mov byte [ebp - 0x2b], 0 mov byte [ebp - 0x2d], 1 -loc_00000f5a: +loc_00000fc8: mov al, byte [ebp - 0x29] mov dl, byte [ebp - 0x2d] cmp dl, al -ja loc_00001071 ; ja 0x1071 +ja loc_000010df ; ja 0x10df xor ebx, ebx movzx esi, dl -loc_00000f6d: +loc_00000fdb: push eax push 0 push ebx push esi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov edi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je loc_00001035 ; je 0x1035 +je loc_000010a3 ; je 0x10a3 sub esp, 0xc add edi, 0xe push edi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x2c], 0 mov byte [ebp - 0x2a], al sar byte [ebp - 0x2a], 7 and byte [ebp - 0x2a], 7 -loc_00000faa: +loc_00001018: movzx edi, byte [ebp - 0x2c] push eax push edi push ebx push esi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je short loc_00001026 ; je 0x1026 +je short loc_00001094 ; je 0x1094 lea eax, [ebp - 0x20] push eax push edi push ebx push esi -call fcn_00000cb2 ; call 0xcb2 +call fcn_00000d20 ; call 0xd20 mov ecx, dword [ebp + 0xc] add esp, 0xc mov eax, dword [ebp - 0x20] @@ -1677,110 +1720,110 @@ add dword [ecx], eax push edi push ebx push esi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xa mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp ax, 0x300 -jne short loc_00001026 ; jne 0x1026 +jne short loc_00001094 ; jne 0x1094 cmp byte [ebp - 0x2b], 1 -je short loc_00001022 ; je 0x1022 +je short loc_00001090 ; je 0x1090 mov eax, dword [ebp + 0x10] mov dword [eax], 2 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00001022 ; je 0x1022 +je short loc_00001090 ; je 0x1090 push eax push eax -push ref_00020b74 ; push 0x20b74 +push ref_00020c04 ; push 0x20c04 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00001022: +loc_00001090: mov byte [ebp - 0x2b], 1 -loc_00001026: +loc_00001094: inc byte [ebp - 0x2c] mov al, byte [ebp - 0x2a] cmp byte [ebp - 0x2c], al -jbe loc_00000faa ; jbe 0xfaa +jbe loc_00001018 ; jbe 0x1018 -loc_00001035: +loc_000010a3: inc ebx cmp ebx, 0x20 -jne loc_00000f6d ; jne 0xf6d +jne loc_00000fdb ; jne 0xfdb inc byte [ebp - 0x2d] -jmp near loc_00000f5a ; jmp 0xf5a +jmp near loc_00000fc8 ; jmp 0xfc8 -loc_00001047: +loc_000010b5: movzx edi, byte [ebp - 0x29] xor ebx, ebx -loc_0000104d: +loc_000010bb: push eax push 0 push ebx push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov esi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne short loc_0000107b ; jne 0x107b +jne short loc_000010e9 ; jne 0x10e9 -loc_00001068: +loc_000010d6: inc ebx cmp ebx, 0x20 -jne short loc_0000104d ; jne 0x104d +jne short loc_000010bb ; jne 0x10bb dec byte [ebp - 0x29] -loc_00001071: +loc_000010df: cmp byte [ebp - 0x29], 0 -jne short loc_00001047 ; jne 0x1047 +jne short loc_000010b5 ; jne 0x10b5 xor ebx, ebx -jmp short loc_000010a2 ; jmp 0x10a2 +jmp short loc_00001110 ; jmp 0x1110 -loc_0000107b: +loc_000010e9: sub esp, 0xc lea eax, [esi + 0xa] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp ax, 0x604 -jne short loc_00001068 ; jne 0x1068 +jne short loc_000010d6 ; jne 0x10d6 push eax add esi, 0x18 push eax push 0 push esi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -jmp short loc_00001068 ; jmp 0x1068 +jmp short loc_000010d6 ; jmp 0x10d6 -loc_000010a2: -call fcn_0001c0fb ; call 0x1c0fb +loc_00001110: +call fcn_0001c1bf ; call 0x1c1bf cmp bl, al -jae short loc_000010cc ; jae 0x10cc +jae short loc_0000113a ; jae 0x113a push eax movzx eax, bl push eax inc ebx push 0x1c push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0 add eax, 0x18 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -jmp short loc_000010a2 ; jmp 0x10a2 +jmp short loc_00001110 ; jmp 0x1110 -loc_000010cc: +loc_0000113a: lea esp, [ebp - 0xc] pop ebx pop esi @@ -1788,7 +1831,7 @@ pop edi pop ebp ret -fcn_000010d4: +fcn_00001142: push ebp mov ebp, esp push edi @@ -1804,7 +1847,7 @@ push ecx mov dword [ebp - 0x38], ecx mov dword [ebp - 0x34], edx mov dword [ebp - 0x30], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ebx, eax pop eax pop edx @@ -1812,54 +1855,54 @@ lea eax, [ebx + 0x19] add ebx, 0x1a push 1 push eax -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 pop ecx pop esi lea esi, [ebp - 0x1c] push 0xff push ebx -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 add esp, 0xc push 0 push 0 push 1 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edi pop edx push 0 push eax -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 mov dword [esp], 1 -call fcn_00000d6f ; call 0xd6f +call fcn_00000ddd ; call 0xddd add esp, 0x10 mov byte [ebp - 0x2b], 0 mov byte [ebp - 0x2a], 1 mov byte [ebp - 0x29], al -loc_0000114e: +loc_000011bc: mov al, byte [ebp - 0x29] mov dl, byte [ebp - 0x2a] cmp dl, al -ja loc_000011e3 ; ja 0x11e3 +ja loc_00001251 ; ja 0x1251 xor ebx, ebx movzx edi, dl -loc_00001161: +loc_000011cf: push eax push 0 push ebx push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je short loc_000011b4 ; je 0x11b4 +je short loc_00001222 ; je 0x1222 push esi push 0 push ebx push edi -call fcn_00000cb2 ; call 0xcb2 +call fcn_00000d20 ; call 0xd20 mov ecx, dword [ebp + 0x14] add esp, 0xc mov eax, dword [ebp - 0x1c] @@ -1867,82 +1910,82 @@ add dword [ecx], eax push 0 push ebx push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xa mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp ax, 0x300 -je short loc_000011b0 ; je 0x11b0 +je short loc_0000121e ; je 0x121e dec ax -jne short loc_000011b4 ; jne 0x11b4 +jne short loc_00001222 ; jne 0x1222 -loc_000011b0: +loc_0000121e: mov byte [ebp - 0x2b], 1 -loc_000011b4: +loc_00001222: inc ebx cmp ebx, 0x20 -jne short loc_00001161 ; jne 0x1161 +jne short loc_000011cf ; jne 0x11cf inc byte [ebp - 0x2a] -jmp short loc_0000114e ; jmp 0x114e +jmp short loc_000011bc ; jmp 0x11bc -loc_000011bf: +loc_0000122d: push eax push 0 push ebx push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov esi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne short loc_000011f1 ; jne 0x11f1 +jne short loc_0000125f ; jne 0x125f -loc_000011da: +loc_00001248: inc ebx cmp ebx, 0x20 -jne short loc_000011bf ; jne 0x11bf +jne short loc_0000122d ; jne 0x122d dec byte [ebp - 0x29] -loc_000011e3: +loc_00001251: mov al, byte [ebp - 0x29] test al, al -je short loc_00001218 ; je 0x1218 +je short loc_00001286 ; je 0x1286 xor ebx, ebx movzx edi, al -jmp short loc_000011bf ; jmp 0x11bf +jmp short loc_0000122d ; jmp 0x122d -loc_000011f1: +loc_0000125f: sub esp, 0xc lea eax, [esi + 0xa] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp ax, 0x604 -jne short loc_000011da ; jne 0x11da +jne short loc_00001248 ; jne 0x1248 push eax add esi, 0x18 push eax push 0 push esi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -jmp short loc_000011da ; jmp 0x11da +jmp short loc_00001248 ; jmp 0x1248 -loc_00001218: +loc_00001286: push eax push dword [ebp - 0x30] push dword [ebp - 0x34] push dword [ebp - 0x38] -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0 add eax, 0x18 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov al, byte [ebp - 0x2b] lea esp, [ebp - 0xc] pop ebx @@ -1951,13 +1994,13 @@ pop edi pop ebp ret -fcn_0000123f: +fcn_000012ad: push ebp mov ecx, 0xf mov ebp, esp push edi push esi -mov esi, ref_00020310 ; mov esi, 0x20310 +mov esi, ref_000203a0 ; mov esi, 0x203a0 push ebx sub esp, 0x50 mov al, byte [ebp + 0xc] @@ -1971,26 +2014,26 @@ mov byte [ebp - 0x4f], al mov al, byte [ebp + 0x14] mov dword [ebp - 0x2c], 0 mov byte [ebp - 0x50], al -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0 push 0 mov esi, eax mov dword [ebp - 0x48], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x54 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0xc push 0 push 2 push 0 mov word [ebp - 0x3c], ax and word [ebp - 0x3c], 0xe -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov byte [ebp - 0x39], 0xff inc ax @@ -1999,7 +2042,7 @@ setne byte [ebp - 0x4e] add eax, 0xe mov dword [ebp - 0x54], eax -loc_000012ca: +loc_00001338: mov al, byte [edi] mov bx, word [edi + 3] mov cl, al @@ -2015,110 +2058,110 @@ movzx eax, dl push eax movzx eax, cl push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 mov esi, eax test word [ebp - 0x3c], bx -je loc_000014c6 ; je 0x14c6 +je loc_00001534 ; je 0x1534 sub esp, 0xc lea eax, [eax + 0xba] push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x40 -je loc_000014c6 ; je 0x14c6 +je loc_00001534 ; je 0x1534 push edx push 0x10100 push 0xff0000ff lea eax, [esi + 0x18] push eax mov dword [ebp - 0x40], eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop ecx pop ebx mov ebx, dword [ebp - 0x48] push 0 push ebx -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 mov dword [esp], ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je loc_000014c6 ; je 0x14c6 +je loc_00001534 ; je 0x1534 sub esp, 0xc push dword [ebp - 0x54] -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x44], 0 mov bl, al sar bl, 7 and ebx, 7 -loc_0000136d: +loc_000013db: movzx edx, byte [ebp - 0x44] push eax push edx push 0 push 1 mov dword [ebp - 0x58], edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je short loc_000013aa ; je 0x13aa +je short loc_00001418 ; je 0x1418 mov edx, dword [ebp - 0x58] lea eax, [ebp - 0x2c] push eax push edx push 0 push 1 -call fcn_00000cb2 ; call 0xcb2 +call fcn_00000d20 ; call 0xd20 mov ecx, dword [ebp + 0x18] add esp, 0x10 mov eax, dword [ebp - 0x2c] add dword [ecx], eax -loc_000013aa: +loc_00001418: inc byte [ebp - 0x44] cmp byte [ebp - 0x44], bl -jbe short loc_0000136d ; jbe 0x136d +jbe short loc_000013db ; jbe 0x13db mov eax, dword [ebp - 0x48] sub esp, 0xc add eax, 0xb push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 cmp al, 3 -jne short loc_00001442 ; jne 0x1442 +jne short loc_000014b0 ; jne 0x14b0 cmp byte [ebp - 0x4f], 0 -jne short loc_000013ea ; jne 0x13ea +jne short loc_00001458 ; jne 0x1458 cmp byte [ebp - 0x4e], 0 -je short loc_000013de ; je 0x13de +je short loc_0000144c ; je 0x144c cmp byte [ebp - 0x50], 0 -je loc_000014b4 ; je 0x14b4 +je loc_00001522 ; je 0x1522 -loc_000013de: +loc_0000144c: mov eax, dword [ebp + 0x10] cmp dword [eax], 2 -je loc_000014b4 ; je 0x14b4 +je loc_00001522 ; je 0x1522 -loc_000013ea: +loc_00001458: mov eax, dword [ebp + 0x10] cmp dword [eax], 1 -je loc_0000153f ; je 0x153f +je loc_000015ad ; je 0x15ad push ebx add esi, 0x3e push ebx push 0x18 push esi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 mov eax, dword [ebp + 0x10] mov dword [eax], 1 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je loc_00001545 ; je 0x1545 +je loc_000015b3 ; je 0x15b3 movzx edx, byte [ebp - 0x3a] movzx eax, byte [ebp - 0x4d] movzx ebx, byte [ebp - 0x4c] @@ -2128,15 +2171,15 @@ push eax push ebx push edx push eax -push ref_00020b95 ; push 0x20b95 +push ref_00020c25 ; push 0x20c25 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -jmp near loc_00001545 ; jmp 0x1545 +jmp near loc_000015b3 ; jmp 0x15b3 -loc_00001442: +loc_000014b0: cmp al, 6 -jne short loc_000014b4 ; jne 0x14b4 +jne short loc_00001522 ; jne 0x1522 push dword [ebp + 0x18] movzx edx, byte [ebp - 0x3a] movzx ebx, byte [ebp - 0x4d] @@ -2146,61 +2189,61 @@ push ebx push eax mov dword [ebp - 0x44], eax mov dword [ebp - 0x4c], edx -call fcn_000010d4 ; call 0x10d4 +call fcn_00001142 ; call 0x1142 add esp, 0x10 dec al -jne short loc_000014b4 ; jne 0x14b4 +jne short loc_00001522 ; jne 0x1522 mov eax, dword [ebp + 0x10] cmp dword [eax], 1 -je short loc_000014b4 ; je 0x14b4 +je short loc_00001522 ; je 0x1522 push eax add esi, 0x3e push eax push 0x18 push esi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 mov eax, dword [ebp + 0x10] mov dword [eax], 1 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 mov cl, byte [ebp - 0x3a] add esp, 0x10 mov edx, dword [ebp - 0x4c] mov byte [ebp - 0x39], cl test al, al -je short loc_000014b4 ; je 0x14b4 +je short loc_00001522 ; je 0x1522 push esi push edx push ebx push dword [ebp - 0x44] push edx push ebx -push ref_00020b95 ; push 0x20b95 +push ref_00020c25 ; push 0x20c25 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_000014b4: +loc_00001522: push ecx push ecx push 0xff0000ff push dword [ebp - 0x40] -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_000014c6: +loc_00001534: add edi, 5 lea eax, [ebp - 0x18] cmp edi, eax -jne loc_000012ca ; jne 0x12ca +jne loc_00001338 ; jne 0x1338 cmp byte [ebp - 0x39], 0xff -je short loc_00001550 ; je 0x1550 +je short loc_000015be ; je 0x15be lea ebx, [ebp - 0x27] mov byte [ebp - 0x3a], 0 -loc_000014e1: +loc_0000154f: mov al, byte [ebp - 0x3a] cmp byte [ebp - 0x39], al -je short loc_00001531 ; je 0x1531 +je short loc_0000159f ; je 0x159f push edx movzx esi, byte [ebx + 2] push esi @@ -2209,46 +2252,46 @@ push edi movzx ecx, byte [ebx] push ecx mov dword [ebp - 0x40], ecx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop ecx pop edx push 4 add eax, 0x3e push eax -call fcn_00018863 ; call 0x18863 -call fcn_000153e9 ; call 0x153e9 +call fcn_00018927 ; call 0x18927 +call fcn_00015479 ; call 0x15479 add esp, 0x10 mov ecx, dword [ebp - 0x40] test al, al -je short loc_00001531 ; je 0x1531 +je short loc_0000159f ; je 0x159f push eax push esi push edi push ecx push esi push edi -push ref_00020bc6 ; push 0x20bc6 +push ref_00020c56 ; push 0x20c56 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00001531: +loc_0000159f: inc byte [ebp - 0x3a] add ebx, 5 cmp byte [ebp - 0x3a], 3 -jne short loc_000014e1 ; jne 0x14e1 -jmp short loc_00001550 ; jmp 0x1550 +jne short loc_0000154f ; jne 0x154f +jmp short loc_000015be ; jmp 0x15be -loc_0000153f: +loc_000015ad: mov al, byte [ebp - 0x39] mov byte [ebp - 0x3a], al -loc_00001545: +loc_000015b3: mov al, byte [ebp - 0x3a] mov byte [ebp - 0x39], al -jmp near loc_000014b4 ; jmp 0x14b4 +jmp near loc_00001522 ; jmp 0x1522 -loc_00001550: +loc_000015be: lea esp, [ebp - 0xc] pop ebx pop esi @@ -2256,7 +2299,7 @@ pop edi pop ebp ret -fcn_00001558: +fcn_000015c6: push ebp mov ebp, esp push edi @@ -2274,20 +2317,20 @@ push edi mov dword [ebp - 0x20], eax mov eax, dword [ebp + 0x20] mov dword [ebp - 0x24], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov ecx, eax -loc_00001589: +loc_000015f7: and ecx, dword [ebp - 0x20] cmp ecx, dword [ebp - 0x24] -je short loc_000015bc ; je 0x15bc +je short loc_0000162a ; je 0x162a cmp bx, 0xbb8 -je short loc_000015bc ; je 0x15bc +je short loc_0000162a ; je 0x162a sub esp, 0xc inc ebx push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0xc push 0x3e8 push esi @@ -2296,25 +2339,25 @@ mov dword [ebp - 0x28], eax call dword [esi + 4] ; ucall add esp, 0x10 mov ecx, dword [ebp - 0x28] -jmp short loc_00001589 ; jmp 0x1589 +jmp short loc_000015f7 ; jmp 0x15f7 -loc_000015bc: -call fcn_000153f0 ; call 0x153f0 +loc_0000162a: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000015ed ; je 0x15ed +je short loc_0000165b ; je 0x165b cmp bx, 0xbb8 -jne short loc_000015ed ; jne 0x15ed -mov dword [ebp + 0x10], ref_00020bee ; mov dword [ebp + 0x10], 0x20bee +jne short loc_0000165b ; jne 0x165b +mov dword [ebp + 0x10], ref_00020c7e ; mov dword [ebp + 0x10], 0x20c7e mov dword [ebp + 0xc], 0x41b -mov dword [ebp + 8], ref_00020b42 ; mov dword [ebp + 8], 0x20b42 +mov dword [ebp + 8], ref_00020bd2 ; mov dword [ebp + 8], 0x20bd2 lea esp, [ebp - 0xc] pop ebx pop esi pop edi pop ebp -jmp near fcn_000153fc ; jmp 0x153fc +jmp near fcn_0001548c ; jmp 0x1548c -loc_000015ed: +loc_0000165b: lea esp, [ebp - 0xc] pop ebx pop esi @@ -2322,7 +2365,7 @@ pop edi pop ebp ret -fcn_000015f5: +fcn_00001663: push ebp mov ebp, esp push edi @@ -2336,110 +2379,110 @@ push 0 mov dword [ebp - 0x30], 0 mov dword [ebp - 0x2c], 0 mov dword [ebp - 0x28], 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 2 push 0 mov ebx, eax mov dword [ebp - 0x4c], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [ebp - 0x44], eax mov eax, ebx add eax, 0x48 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [ebp - 0x54], eax -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov dword [ebp - 0x3c], eax lea eax, [ebp - 0x1c] mov dword [esp], eax -call fcn_000196d3 ; call 0x196d3 +call fcn_00019797 ; call 0x19797 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000169e ; je 0x169e +je short loc_0000170c ; je 0x170c test ebx, ebx -jns short loc_0000169e ; jns 0x169e -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000170c ; jns 0x170c +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00001689 ; je 0x1689 +je short loc_000016f7 ; je 0x16f7 push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00001689: +loc_000016f7: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x55 -push ref_00020b42 ; push 0x20b42 -call fcn_000153fc ; call 0x153fc +push ref_00020bd2 ; push 0x20bd2 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000169e: +loc_0000170c: lea eax, [ebp - 0x20] push eax push 0 push 0 -push ref_0002912c ; push 0x2912c -call fcn_00019699 ; call 0x19699 +push ref_000291dc ; push 0x291dc +call fcn_0001975d ; call 0x1975d mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_000016f4 ; je 0x16f4 +je short loc_00001762 ; je 0x1762 test ebx, ebx -jns short loc_000016f4 ; jns 0x16f4 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00001762 ; jns 0x1762 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000016df ; je 0x16df +je short loc_0000174d ; je 0x174d push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000016df: +loc_0000174d: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x60 -push ref_00020b42 ; push 0x20b42 -call fcn_000153fc ; call 0x153fc +push ref_00020bd2 ; push 0x20bd2 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000016f4: +loc_00001762: mov eax, dword [ebp - 0x4c] lea ebx, [eax + 0x50] push eax push eax push 2 push ebx -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 pop eax push dword [ebp - 0x44] mov dword [ebp - 0x34], 0 -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp byte [edi], 0x10 mov word [ebp - 0x40], ax -jbe short loc_00001729 ; jbe 0x1729 +jbe short loc_00001797 ; jbe 0x1797 mov eax, dword [edi + 1] cmp byte [eax + 0x33], 0 -jne short loc_0000175c ; jne 0x175c +jne short loc_000017ca ; jne 0x17ca -loc_00001729: +loc_00001797: lea esi, [ebp - 0x34] push eax push esi lea edx, [ebp - 0x30] push edx push dword [ebp + 8] -call fcn_00000e49 ; call 0xe49 +call fcn_00000eb7 ; call 0xeb7 lea edx, [ebp - 0x2c] mov dword [esp], edx mov edx, dword [edi + 5] @@ -2450,37 +2493,37 @@ mov eax, dword [edi + 0xd] movzx eax, byte [eax + 4] push eax push dword [ebp + 8] -call fcn_0000123f ; call 0x123f +call fcn_000012ad ; call 0x12ad add esp, 0x20 -loc_0000175c: +loc_000017ca: mov eax, dword [edi + 5] mov eax, dword [eax + 8] test eax, eax -jne short loc_000017aa ; jne 0x17aa -call fcn_000153e9 ; call 0x153e9 +jne short loc_00001818 ; jne 0x1818 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00001780 ; je 0x1780 +je short loc_000017ee ; je 0x17ee push esi push esi -push ref_00020c03 ; push 0x20c03 +push ref_00020c93 ; push 0x20c93 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00001780: -call fcn_000153f0 ; call 0x153f0 +loc_000017ee: +call fcn_00015480 ; call 0x15480 test al, al -je loc_00001cc0 ; je 0x1cc0 +je loc_00001d2e ; je 0x1d2e push ebx -push ref_00020c4e ; push 0x20c4e +push ref_00020cde ; push 0x20cde push 0x83 -push ref_00020b42 ; push 0x20b42 -call fcn_000153fc ; call 0x153fc +push ref_00020bd2 ; push 0x20bd2 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp near loc_00001cc0 ; jmp 0x1cc0 +jmp near loc_00001d2e ; jmp 0x1d2e -loc_000017aa: +loc_00001818: mov edx, dword [ebp - 0x3c] cmp edx, 0x40650 sete cl @@ -2489,17 +2532,17 @@ sete dl or dl, cl mov byte [ebp - 0x47], cl mov byte [ebp - 0x45], dl -jne short loc_000017da ; jne 0x17da +jne short loc_00001848 ; jne 0x1848 mov edx, eax and edx, 0xff000000 cmp dword [ebp - 0x3c], 0x40660 -jne short loc_000017e1 ; jne 0x17e1 +jne short loc_0000184f ; jne 0x184f -loc_000017da: +loc_00001848: and eax, 0xffc00000 mov edx, eax -loc_000017e1: +loc_0000184f: mov eax, dword [ebp - 0x44] cmp word [ebp - 0x40], 0xffff setne byte [ebp - 0x46] @@ -2510,9 +2553,9 @@ push eax push eax push edx push esi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov dword [esp], esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edx pop ecx push 6 @@ -2522,140 +2565,140 @@ and dword [ebp - 0x40], 0xfffffff0 add eax, 4 push eax mov dword [ebp - 0x50], eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 cmp byte [ebp - 0x46], 0 -je loc_00001a8c ; je 0x1a8c +je loc_00001afa ; je 0x1afa cmp dword [ebp - 0x34], 0 mov eax, dword [edi + 5] -je short loc_0000183c ; je 0x183c +je short loc_000018aa ; je 0x18aa cmp byte [eax + 6], 0 -jne short loc_00001842 ; jne 0x1842 +jne short loc_000018b0 ; jne 0x18b0 -loc_0000183c: +loc_000018aa: cmp byte [eax + 5], 0 -jne short loc_0000184c ; jne 0x184c +jne short loc_000018ba ; jne 0x18ba -loc_00001842: +loc_000018b0: cmp byte [eax + 5], 1 -jne loc_00001a8c ; jne 0x1a8c +jne loc_00001afa ; jne 0x1afa -loc_0000184c: -call fcn_000153e9 ; call 0x153e9 +loc_000018ba: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00001866 ; je 0x1866 +je short loc_000018d4 ; je 0x18d4 push eax push eax -push ref_00020c5c ; push 0x20c5c +push ref_00020cec ; push 0x20cec push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00001866: +loc_000018d4: push eax push eax mov eax, dword [ebp - 0x20] push 1 push dword [eax + 4] -call fcn_0001c50d ; call 0x1c50d +call fcn_0001c5d1 ; call 0x1c5d1 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_000018bc ; je 0x18bc +je short loc_0000192a ; je 0x192a test esi, esi -jns short loc_000018bc ; jns 0x18bc -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000192a ; jns 0x192a +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000018a4 ; je 0x18a4 +je short loc_00001912 ; je 0x1912 push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000018a4: +loc_00001912: push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xae -push ref_00020b42 ; push 0x20b42 -call fcn_000153fc ; call 0x153fc +push ref_00020bd2 ; push 0x20bd2 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000018bc: +loc_0000192a: mov eax, dword [edi + 5] cmp byte [ebp - 0x45], 0 movzx esi, byte [eax + 4] -jne short loc_000018d2 ; jne 0x18d2 +jne short loc_00001940 ; jne 0x1940 cmp dword [ebp - 0x3c], 0x40660 -jne short loc_000018f4 ; jne 0x18f4 +jne short loc_00001962 ; jne 0x1962 -loc_000018d2: +loc_00001940: push eax push eax push 0xff07 push ebx -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 pop eax pop edx lea eax, [esi*8] movzx esi, al push esi push ebx -call fcn_0001866c ; call 0x1866c -jmp short loc_00001913 ; jmp 0x1913 +call fcn_00018730 ; call 0x18730 +jmp short loc_00001981 ; jmp 0x1981 -loc_000018f4: +loc_00001962: push eax push eax push 0xff push ebx -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 shl esi, 8 pop edx and esi, 0x3f00 pop ecx push esi push ebx -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 -loc_00001913: +loc_00001981: mov eax, dword [edi + 5] add esp, 0x10 cmp word [eax + 2], 0 mov eax, dword [ebp - 0x44] lea esi, [eax + 0x62] -je short loc_00001995 ; je 0x1995 +je short loc_00001a03 ; je 0x1a03 cmp byte [ebp - 0x45], 0 -jne short loc_00001935 ; jne 0x1935 +jne short loc_000019a3 ; jne 0x19a3 cmp dword [ebp - 0x3c], 0x40660 -jne short loc_0000194b ; jne 0x194b +jne short loc_000019b9 ; jne 0x19b9 -loc_00001935: +loc_000019a3: push eax push 0x200 push 0xfcff push ebx -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 -jmp short loc_00001995 ; jmp 0x1995 +jmp short loc_00001a03 ; jmp 0x1a03 -loc_0000194b: -call fcn_000153f0 ; call 0x153f0 +loc_000019b9: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00001976 ; je 0x1976 +je short loc_000019e4 ; je 0x19e4 mov eax, dword [edi + 5] cmp word [eax + 2], 3 -jbe short loc_00001976 ; jbe 0x1976 +jbe short loc_000019e4 ; jbe 0x19e4 push eax -push ref_00020c6a ; push 0x20c6a +push ref_00020cfa ; push 0x20cfa push 0xd0 -push ref_00020b42 ; push 0x20b42 -call fcn_000153fc ; call 0x153fc +push ref_00020bd2 ; push 0x20bd2 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00001976: +loc_000019e4: push eax mov eax, dword [edi + 5] movzx eax, word [eax + 2] @@ -2664,17 +2707,17 @@ movzx eax, al push eax push 0xff3f push ebx -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 -jmp short loc_000019b8 ; jmp 0x19b8 +jmp short loc_00001a26 ; jmp 0x1a26 -loc_00001995: +loc_00001a03: cmp byte [ebp - 0x45], 0 -jne short loc_000019a4 ; jne 0x19a4 +jne short loc_00001a12 ; jne 0x1a12 cmp dword [ebp - 0x3c], 0x40660 -jne short loc_000019b8 ; jne 0x19b8 +jne short loc_00001a26 ; jne 0x1a26 -loc_000019a4: +loc_00001a12: push eax mov eax, dword [edi + 5] mov al, byte [eax + 7] @@ -2682,180 +2725,180 @@ add eax, eax movzx eax, al push eax push 0xf9 -jmp short loc_000019c6 ; jmp 0x19c6 +jmp short loc_00001a34 ; jmp 0x1a34 -loc_000019b8: +loc_00001a26: push eax mov eax, dword [edi + 5] movzx eax, byte [eax + 7] push eax push 0xe0 -loc_000019c6: +loc_00001a34: push esi -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a mov eax, dword [edi + 5] add esp, 0x10 cmp byte [eax + 6], 0 -je short loc_00001a04 ; je 0x1a04 +je short loc_00001a72 ; je 0x1a72 cmp dword [ebp - 0x34], 0 -je short loc_00001a04 ; je 0x1a04 +je short loc_00001a72 ; je 0x1a72 push ecx push ecx push 2 push ebx -call fcn_00018863 ; call 0x18863 -call fcn_000153e9 ; call 0x153e9 +call fcn_00018927 ; call 0x18927 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00001a14 ; je 0x1a14 +je short loc_00001a82 ; je 0x1a82 push edx push edx -push ref_00020c96 ; push 0x20c96 +push ref_00020d26 ; push 0x20d26 push 0x40 -call fcn_000153f7 ; call 0x153f7 -jmp short loc_00001a11 ; jmp 0x1a11 +call fcn_00015487 ; call 0x15487 +jmp short loc_00001a7f ; jmp 0x1a7f -loc_00001a04: +loc_00001a72: push eax push eax push 0xfffd push ebx -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 -loc_00001a11: +loc_00001a7f: add esp, 0x10 -loc_00001a14: +loc_00001a82: mov eax, dword [ebp - 0x3c] cmp eax, 0x40670 -je short loc_00001a25 ; je 0x1a25 +je short loc_00001a93 ; je 0x1a93 cmp eax, 0x306d0 -jne short loc_00001a3d ; jne 0x1a3d +jne short loc_00001aab ; jne 0x1aab -loc_00001a25: +loc_00001a93: push eax push eax mov eax, dword [ebp - 0x40] push 0x4000 add eax, 0x6c004 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_00001a3d: +loc_00001aab: cmp byte [edi], 0xd -jbe short loc_00001a66 ; jbe 0x1a66 +jbe short loc_00001ad4 ; jbe 0x1ad4 mov eax, dword [edi + 5] cmp byte [eax + 0xc], 1 -jne short loc_00001a66 ; jne 0x1a66 +jne short loc_00001ad4 ; jne 0x1ad4 cmp dword [ebp - 0x1c], 0x11 -je short loc_00001a66 ; je 0x1a66 +je short loc_00001ad4 ; je 0x1ad4 push eax push eax mov eax, dword [ebp - 0x40] push 8 add eax, 0xc7204 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_00001a66: +loc_00001ad4: push eax push eax push 0xfff9 push dword [ebp - 0x50] -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 lea eax, [ebp - 0x28] push eax push 0 push 2 push 0 -call fcn_00000cb2 ; call 0xcb2 +call fcn_00000d20 ; call 0xd20 add esp, 0x20 -jmp near loc_00001c56 ; jmp 0x1c56 +jmp near loc_00001cc4 ; jmp 0x1cc4 -loc_00001a8c: +loc_00001afa: push eax push eax mov eax, dword [ebp - 0x20] push 0 push dword [eax + 4] -call fcn_0001c50d ; call 0x1c50d +call fcn_0001c5d1 ; call 0x1c5d1 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00001ae2 ; je 0x1ae2 +je short loc_00001b50 ; je 0x1b50 test esi, esi -jns short loc_00001ae2 ; jns 0x1ae2 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00001b50 ; jns 0x1b50 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00001aca ; je 0x1aca +je short loc_00001b38 ; je 0x1b38 push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00001aca: +loc_00001b38: push esi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x106 -push ref_00020b42 ; push 0x20b42 -call fcn_000153fc ; call 0x153fc +push ref_00020bd2 ; push 0x20bd2 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00001ae2: +loc_00001b50: lea eax, [ebp - 0x24] push eax push 0 push 0 -push ref_0002901c ; push 0x2901c -call fcn_00019699 ; call 0x19699 +push ref_000290cc ; push 0x290cc +call fcn_0001975d ; call 0x1975d mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00001b3b ; je 0x1b3b +je short loc_00001ba9 ; je 0x1ba9 test esi, esi -jns short loc_00001b3b ; jns 0x1b3b -call fcn_000153e9 ; call 0x153e9 +jns short loc_00001ba9 ; jns 0x1ba9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00001b23 ; je 0x1b23 +je short loc_00001b91 ; je 0x1b91 push ecx push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00001b23: +loc_00001b91: push edx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x108 -push ref_00020b42 ; push 0x20b42 -call fcn_000153fc ; call 0x153fc +push ref_00020bd2 ; push 0x20bd2 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00001b3b: +loc_00001ba9: cmp dword [ebp - 0x3c], 0x306d0 -je short loc_00001b4e ; je 0x1b4e +je short loc_00001bbc ; je 0x1bbc cmp byte [ebp - 0x47], 0 -je loc_00001bdd ; je 0x1bdd +je loc_00001c4b ; je 0x1c4b -loc_00001b4e: +loc_00001bbc: push eax mov eax, dword [ebp - 0x40] push 0x80000000 push 0xffffffffffffffff add eax, 0x130040 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp byte [ebp - 0x46], 0 -je short loc_00001b8f ; je 0x1b8f +je short loc_00001bfd ; je 0x1bfd push eax mov eax, dword [ebp - 0x40] xor edx, edx @@ -2866,10 +2909,10 @@ push edx push eax push dword [ebp - 0x24] push dword [ebp + 8] -call fcn_00001558 ; call 0x1558 +call fcn_000015c6 ; call 0x15c6 add esp, 0x20 -loc_00001b8f: +loc_00001bfd: mov esi, dword [ebp - 0x54] push eax push 1 @@ -2877,7 +2920,7 @@ push 0xffffffffffffffff and esi, 0xfffffffe lea eax, [esi + 0x5f0c] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebp - 0x24] add esp, 0xc push 1 @@ -2886,7 +2929,7 @@ push dword [ebp + 8] call dword [eax + 4] ; ucall add esp, 0x10 cmp byte [ebp - 0x46], 0 -je short loc_00001bdd ; je 0x1bdd +je short loc_00001c4b ; je 0x1c4b push eax xor edx, edx push 0 @@ -2896,46 +2939,46 @@ push edx push esi push dword [ebp - 0x24] push dword [ebp + 8] -call fcn_00001558 ; call 0x1558 +call fcn_000015c6 ; call 0x15c6 add esp, 0x20 -loc_00001bdd: +loc_00001c4b: push eax push eax push 0xfff9 push dword [ebp - 0x50] -call fcn_00018890 ; call 0x18890 -call fcn_000153e9 ; call 0x153e9 +call fcn_00018954 ; call 0x18954 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00001c09 ; je 0x1c09 +je short loc_00001c77 ; je 0x1c77 push eax push eax -push ref_00020cd6 ; push 0x20cd6 +push ref_00020d66 ; push 0x20d66 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00001c09: +loc_00001c77: cmp byte [ebp - 0x45], 0 -jne short loc_00001c18 ; jne 0x1c18 +jne short loc_00001c86 ; jne 0x1c86 cmp dword [ebp - 0x3c], 0x40660 -jne short loc_00001c22 ; jne 0x1c22 +jne short loc_00001c90 ; jne 0x1c90 -loc_00001c18: +loc_00001c86: push esi push 2 push 0xfc07 -jmp short loc_00001c27 ; jmp 0x1c27 +jmp short loc_00001c95 ; jmp 0x1c95 -loc_00001c22: +loc_00001c90: push ecx push 2 push 0x3f -loc_00001c27: +loc_00001c95: push ebx -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 mov eax, dword [edi + 5] add esp, 0x10 mov word [eax + 2], 0 @@ -2947,10 +2990,10 @@ push edx push 0xef add eax, 0x54 push eax -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d add esp, 0x10 -loc_00001c56: +loc_00001cc4: mov eax, dword [ebp - 0x2c] mov esi, dword [ebp - 0x30] mov ebx, dword [ebp - 0x28] @@ -2959,39 +3002,39 @@ push eax push eax push 0 push dword [ebp - 0x58] -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e mov eax, dword [edi + 9] add esp, 0x10 cmp byte [eax + 3], 0 -jne short loc_00001cc0 ; jne 0x1cc0 +jne short loc_00001d2e ; jne 0x1d2e add esi, dword [ebp - 0x3c] mov edx, dword [edi + 5] add ebx, esi cmp ebx, 0x3fffffff -jbe short loc_00001c91 ; jbe 0x1c91 +jbe short loc_00001cff ; jbe 0x1cff mov word [edx], 0x800 -jmp short loc_00001cc0 ; jmp 0x1cc0 +jmp short loc_00001d2e ; jmp 0x1d2e -loc_00001c91: +loc_00001cff: cmp ebx, 0x2fffffff -jbe short loc_00001ca0 ; jbe 0x1ca0 +jbe short loc_00001d0e ; jbe 0x1d0e mov word [edx], 0x700 -jmp short loc_00001cc0 ; jmp 0x1cc0 +jmp short loc_00001d2e ; jmp 0x1d2e -loc_00001ca0: +loc_00001d0e: cmp ebx, 0x1fffffff -jbe short loc_00001caf ; jbe 0x1caf +jbe short loc_00001d1d ; jbe 0x1d1d mov word [edx], 0x600 -jmp short loc_00001cc0 ; jmp 0x1cc0 +jmp short loc_00001d2e ; jmp 0x1d2e -loc_00001caf: +loc_00001d1d: cmp ebx, 0x10000000 sbb eax, eax xor al, al add ax, 0x500 mov word [edx], ax -loc_00001cc0: +loc_00001d2e: lea esp, [ebp - 0xc] pop ebx pop esi @@ -2999,7 +3042,7 @@ pop edi pop ebp ret -fcn_00001cc8: +fcn_00001d36: push ebp xor ecx, ecx mov ebp, esp @@ -3012,55 +3055,55 @@ mov esi, dword [ebp + 8] mov edi, dword [ebp + 0xc] mov dword [ebp - 0x1c], 0 -loc_00001ce5: +loc_00001d53: mov eax, dword [esi + ecx*4] mov ebx, edx shl ebx, cl inc ecx or byte [ebp + eax - 0x1c], bl cmp ecx, 8 -jne short loc_00001ce5 ; jne 0x1ce5 +jne short loc_00001d53 ; jne 0x1d53 xor ebx, ebx -loc_00001cf8: +loc_00001d66: cmp byte [esi + ebx*2 + 0x20], 1 mov cl, bl -jne short loc_00001d4f ; jne 0x1d4f +jne short loc_00001dbd ; jne 0x1dbd movzx eax, byte [esi + ebx*2 + 0x21] movzx edx, byte [ebp + ebx - 0x1c] shl eax, 0x18 or edx, 0x80000000 or edx, eax cmp bl, 2 -je short loc_00001d31 ; je 0x1d31 +je short loc_00001d9f ; je 0x1d9f cmp bl, 3 -je short loc_00001d38 ; je 0x1d38 +je short loc_00001da6 ; je 0x1da6 dec cl mov eax, 0x14 mov ecx, 0x20 cmove eax, ecx -jmp short loc_00001d3d ; jmp 0x1d3d +jmp short loc_00001dab ; jmp 0x1dab -loc_00001d31: +loc_00001d9f: mov eax, 0x2c -jmp short loc_00001d3d ; jmp 0x1d3d +jmp short loc_00001dab ; jmp 0x1dab -loc_00001d38: +loc_00001da6: mov eax, 0x38 -loc_00001d3d: +loc_00001dab: push ecx add eax, edi push edx push 0xf8ffff01 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_00001d4f: +loc_00001dbd: inc ebx cmp ebx, 4 -jne short loc_00001cf8 ; jne 0x1cf8 +jne short loc_00001d66 ; jne 0x1d66 push eax xor eax, eax cmp byte [esi + 0x22], 1 @@ -3069,7 +3112,7 @@ add edi, 4 push eax push 0xf8 push edi -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -3078,7 +3121,7 @@ pop edi pop ebp ret -fcn_00001d78: +fcn_00001de6: push ebp mov ebp, esp push edi @@ -3088,16 +3131,16 @@ push ebx sub esp, 0xc mov ebx, dword [ebp + 0xc] -loc_00001d86: +loc_00001df4: mov ecx, dword [ebp + 8] mov eax, edi cmp byte [ecx + edi*2 + 0x20], 1 -je short loc_00001da2 ; je 0x1da2 +je short loc_00001e10 ; je 0x1e10 -loc_00001d92: +loc_00001e00: inc edi cmp edi, 4 -jne short loc_00001d86 ; jne 0x1d86 +jne short loc_00001df4 ; jne 0x1df4 lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -3106,37 +3149,37 @@ pop edi pop ebp ret -loc_00001da2: +loc_00001e10: cmp al, 2 -je short loc_00001dbb ; je 0x1dbb +je short loc_00001e29 ; je 0x1e29 cmp al, 3 -je short loc_00001dc2 ; je 0x1dc2 +je short loc_00001e30 ; je 0x1e30 dec al mov esi, 0x1a mov eax, 0x26 cmove esi, eax -jmp short loc_00001dc7 ; jmp 0x1dc7 +jmp short loc_00001e35 ; jmp 0x1e35 -loc_00001dbb: +loc_00001e29: mov esi, 0x32 -jmp short loc_00001dc7 ; jmp 0x1dc7 +jmp short loc_00001e35 ; jmp 0x1e35 -loc_00001dc2: +loc_00001e30: mov esi, 0x3e -loc_00001dc7: +loc_00001e35: add esi, ebx -loc_00001dc9: +loc_00001e37: sub esp, 0xc push esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 2 -jne short loc_00001dc9 ; jne 0x1dc9 -jmp short loc_00001d92 ; jmp 0x1d92 +jne short loc_00001e37 ; jne 0x1e37 +jmp short loc_00001e00 ; jmp 0x1e00 -fcn_00001ddb: +fcn_00001e49: push ebp mov ebp, esp push edi @@ -3147,115 +3190,115 @@ mov ebx, dword [ebp + 0xc] push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax add esi, 0x68 lea eax, [eax + 0x48] mov dword [esp], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 mov dword [esp], esi -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 and eax, 0xfffffffe mov edi, edx mov esi, eax -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov dword [ebp - 0x30], eax lea eax, [ebp - 0x20] push eax push 0 push 0 -push ref_000290fc ; push 0x290fc -call fcn_00019699 ; call 0x19699 +push ref_000291ac ; push 0x291ac +call fcn_0001975d ; call 0x1975d add esp, 0x20 mov dword [ebp - 0x2c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00001e74 ; je 0x1e74 +je short loc_00001ee2 ; je 0x1ee2 cmp dword [ebp - 0x2c], 0 -jns short loc_00001e74 ; jns 0x1e74 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00001ee2 ; jns 0x1ee2 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00001e5f ; je 0x1e5f +je short loc_00001ecd ; je 0x1ecd push eax push dword [ebp - 0x2c] -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00001e5f: +loc_00001ecd: push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x3e -push ref_00020ceb ; push 0x20ceb -call fcn_000153fc ; call 0x153fc +push ref_00020d7b ; push 0x20d7b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00001e74: +loc_00001ee2: lea eax, [ebp - 0x1c] push eax push 0 push 0 -push ref_000290cc ; push 0x290cc -call fcn_00019699 ; call 0x19699 +push ref_0002917c ; push 0x2917c +call fcn_0001975d ; call 0x1975d mov dword [ebp - 0x2c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00001ecf ; je 0x1ecf +je short loc_00001f3d ; je 0x1f3d cmp dword [ebp - 0x2c], 0 -jns short loc_00001ecf ; jns 0x1ecf -call fcn_000153e9 ; call 0x153e9 +jns short loc_00001f3d ; jns 0x1f3d +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00001eba ; je 0x1eba +je short loc_00001f28 ; je 0x1f28 push edx push dword [ebp - 0x2c] -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00001eba: +loc_00001f28: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x41 -push ref_00020ceb ; push 0x20ceb -call fcn_000153fc ; call 0x153fc +push ref_00020d7b ; push 0x20d7b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00001ecf: +loc_00001f3d: mov eax, dword [ebp - 0x30] cmp eax, 0x40660 -je short loc_00001f1a ; je 0x1f1a +je short loc_00001f88 ; je 0x1f88 cmp eax, 0x306c0 -je short loc_00001f1a ; je 0x1f1a +je short loc_00001f88 ; je 0x1f88 cmp eax, 0x40670 -je short loc_00001efc ; je 0x1efc +je short loc_00001f6a ; je 0x1f6a -loc_00001ee7: +loc_00001f55: push eax push eax push 2 lea eax, [esi + 0xa78] push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -jmp short loc_00001f1a ; jmp 0x1f1a +jmp short loc_00001f88 ; jmp 0x1f88 -loc_00001efc: +loc_00001f6a: push eax push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -je short loc_00001ee7 ; je 0x1ee7 +je short loc_00001f55 ; je 0x1f55 -loc_00001f1a: +loc_00001f88: mov edx, dword [ebx + 0xd] mov eax, dword [ebp - 0x1c] mov dl, byte [edx] @@ -3268,97 +3311,97 @@ mov dl, byte [edx + 2] mov byte [eax + 0x26], dl xor eax, eax -loc_00001f39: +loc_00001fa7: mov edx, dword [ebp - 0x1c] lea ebx, [edx + eax*4] mov ecx, dword [ebx] cmp ecx, 1 -jne short loc_00001f4c ; jne 0x1f4c +jne short loc_00001fba ; jne 0x1fba cmp byte [edx + 0x22], 0 -jmp short loc_00001f60 ; jmp 0x1f60 +jmp short loc_00001fce ; jmp 0x1fce -loc_00001f4c: +loc_00001fba: cmp ecx, 2 -jne short loc_00001f57 ; jne 0x1f57 +jne short loc_00001fc5 ; jne 0x1fc5 cmp byte [edx + 0x24], 0 -jmp short loc_00001f60 ; jmp 0x1f60 +jmp short loc_00001fce ; jmp 0x1fce -loc_00001f57: +loc_00001fc5: cmp ecx, 3 -jne short loc_00001f68 ; jne 0x1f68 +jne short loc_00001fd6 ; jne 0x1fd6 cmp byte [edx + 0x26], 0 -loc_00001f60: -jne short loc_00001f68 ; jne 0x1f68 +loc_00001fce: +jne short loc_00001fd6 ; jne 0x1fd6 mov dword [ebx], 0 -loc_00001f68: +loc_00001fd6: inc eax cmp eax, 8 -jne short loc_00001f39 ; jne 0x1f39 +jne short loc_00001fa7 ; jne 0x1fa7 push eax push edi push esi push dword [ebp - 0x1c] -call fcn_00001cc8 ; call 0x1cc8 +call fcn_00001d36 ; call 0x1d36 mov eax, dword [ebp - 0x20] call dword [eax + 4] ; ucall mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00001fc3 ; je 0x1fc3 +je short loc_00002031 ; je 0x2031 test ebx, ebx -jns short loc_00001fc3 ; jns 0x1fc3 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00002031 ; jns 0x2031 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00001fae ; je 0x1fae +je short loc_0000201c ; je 0x201c push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00001fae: +loc_0000201c: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x62 -push ref_00020ceb ; push 0x20ceb -call fcn_000153fc ; call 0x153fc +push ref_00020d7b ; push 0x20d7b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00001fc3: +loc_00002031: push ecx push edi push esi push dword [ebp - 0x1c] -call fcn_00001d78 ; call 0x1d78 -call fcn_000153f0 ; call 0x153f0 +call fcn_00001de6 ; call 0x1de6 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00002010 ; je 0x2010 +je short loc_0000207e ; je 0x207e test ebx, ebx -jns short loc_00002010 ; jns 0x2010 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000207e ; jns 0x207e +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00001ffb ; je 0x1ffb +je short loc_00002069 ; je 0x2069 push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00001ffb: +loc_00002069: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x68 -push ref_00020ceb ; push 0x20ceb -call fcn_000153fc ; call 0x153fc +push ref_00020d7b ; push 0x20d7b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00002010: +loc_0000207e: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -3367,7 +3410,7 @@ pop edi pop ebp ret -fcn_0000201a: +fcn_00002088: push ebp mov ebp, esp push ebx @@ -3377,21 +3420,21 @@ push 0x20 lea eax, [ebx + 0x88] add ebx, 0x8a push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_0000203b: +loc_000020a9: sub esp, 0xc push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test ah, 8 -jne short loc_0000203b ; jne 0x203b +jne short loc_000020a9 ; jne 0x20a9 mov ebx, dword [ebp - 4] leave ret -fcn_00002051: +fcn_000020bf: push ebp mov ebp, esp push ebx @@ -3401,23 +3444,23 @@ push 0x20000000 push 0xdfffffff lea eax, [ebx + 0x258] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x6b5 push 0xfffff800 lea eax, [ebx + 0x208] add ebx, 0x22c push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 mov dword [ebp + 8], ebx mov ebx, dword [ebp - 4] mov dword [ebp + 0x10], 0x2020 mov dword [ebp + 0xc], 0xffff0000 leave -jmp near fcn_00018aa4 ; jmp 0x18aa4 +jmp near fcn_00018b68 ; jmp 0x18b68 -fcn_000020ad: +fcn_0000211b: push ebp mov ebp, esp push edi @@ -3427,72 +3470,72 @@ sub esp, 0x30 push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ebx, eax lea eax, [eax + 0x48] add ebx, 0x68 mov dword [esp], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 mov dword [esp], ebx mov dword [ebp - 0x30], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 mov ebx, eax lea eax, [ebp - 0x1c] push eax push 0 push 0 -push ref_0002912c ; push 0x2912c +push ref_000291dc ; push 0x291dc mov dword [ebp - 0x2c], edx -call fcn_00019699 ; call 0x19699 +call fcn_0001975d ; call 0x1975d add esp, 0x20 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0000213a ; je 0x213a +je short loc_000021a8 ; je 0x21a8 test esi, esi -jns short loc_0000215c ; jns 0x215c -call fcn_000153e9 ; call 0x153e9 +jns short loc_000021ca ; jns 0x21ca +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00002122 ; je 0x2122 +je short loc_00002190 ; je 0x2190 push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00002122: +loc_00002190: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x13f -push ref_00020ceb ; push 0x20ceb -call fcn_000153fc ; call 0x153fc +push ref_00020d7b ; push 0x20d7b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000213a: +loc_000021a8: test esi, esi -jns short loc_0000215c ; jns 0x215c -call fcn_000153e9 ; call 0x153e9 +jns short loc_000021ca ; jns 0x21ca +call fcn_00015479 ; call 0x15479 test al, al -je loc_000023a3 ; je 0x23a3 +je loc_00002411 ; je 0x2411 push edi push edi -push ref_00020d1a ; push 0x20d1a +push ref_00020daa ; push 0x20daa push 0x80000000 -jmp near loc_000022ee ; jmp 0x22ee +jmp near loc_0000235c ; jmp 0x235c -loc_0000215c: -call fcn_000153e9 ; call 0x153e9 +loc_000021ca: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00002176 ; je 0x2176 +je short loc_000021e4 ; je 0x21e4 push esi push esi -push ref_00020d49 ; push 0x20d49 +push ref_00020dd9 ; push 0x20dd9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00002176: +loc_000021e4: and ebx, 0xfffffffe mov edi, dword [ebp - 0x2c] sub esp, 0xc @@ -3505,24 +3548,24 @@ push esi and ebx, 0xfffffffe push ebx push dword [ebp + 0xc] -call fcn_000041e9 ; call 0x41e9 +call fcn_00004257 ; call 0x4257 add esp, 0x20 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000021b5 ; je 0x21b5 +je short loc_00002223 ; je 0x2223 push ecx push ecx -push ref_00020d58 ; push 0x20d58 +push ref_00020de8 ; push 0x20de8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000021b5: +loc_00002223: push edx push dword [ebp - 0x2c] push ebx push dword [ebp + 0xc] -call fcn_00002051 ; call 0x2051 +call fcn_000020bf ; call 0x20bf mov ecx, dword [ebp + 0xc] add esp, 0x10 mov eax, dword [ecx + 0xd] @@ -3530,57 +3573,57 @@ cmp byte [eax + 3], 0 mov eax, dword [ebp - 0x2c] lea eax, [eax + 0x84] mov dword [ebp - 0x30], eax -jne short loc_00002200 ; jne 0x2200 +jne short loc_0000226e ; jne 0x226e -loc_000021dd: -call fcn_000153e9 ; call 0x153e9 +loc_0000224b: +call fcn_00015479 ; call 0x15479 test al, al -je loc_0000239c ; je 0x239c +je loc_0000240a ; je 0x240a push eax push eax -push ref_00020d78 ; push 0x20d78 +push ref_00020e08 ; push 0x20e08 push 2 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp near loc_0000239c ; jmp 0x239c +jmp near loc_0000240a ; jmp 0x240a -loc_00002200: +loc_0000226e: mov eax, dword [ebp - 0x1c] sub esp, 0xc mov eax, dword [eax + 4] add eax, 0x21a4 push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 and eax, 0xf dec al -je short loc_000021dd ; je 0x21dd +je short loc_0000224b ; je 0x224b push eax push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xe4 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, 0x400000 -jne short loc_000021dd ; jne 0x21dd +jne short loc_0000224b ; jne 0x224b lea eax, [ebp - 0x20] push eax push 0 push 0 -push ref_000290fc ; push 0x290fc -call fcn_00019699 ; call 0x19699 +push ref_000291ac ; push 0x291ac +call fcn_0001975d ; call 0x1975d mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00002269 ; je 0x2269 +je short loc_000022d7 ; je 0x22d7 test ebx, ebx -js loc_000022fb ; js 0x22fb +js loc_00002369 ; js 0x2369 -loc_00002269: +loc_000022d7: mov eax, dword [ebp - 0x20] mov bl, 1 call dword [eax + 8] ; ucall @@ -3588,13 +3631,13 @@ push eax push 2 push 0xfffffffffffffff0 push dword [ebp - 0x30] -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_00002281: +loc_000022ef: sub esp, 0xc push dword [ebp - 0x30] -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0xc and eax, 0xf push eax @@ -3602,110 +3645,110 @@ mov eax, dword [ebp - 0x2c] push 0xfffffffffffffff0 add eax, 0x98 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop ecx pop eax push edi push esi -call fcn_0000201a ; call 0x201a +call fcn_00002088 ; call 0x2088 mov eax, dword [ebp - 0x2c] add esp, 0x10 test bl, bl lea ebx, [eax + 0x8a] -jne short loc_00002335 ; jne 0x2335 +jne short loc_000023a3 ; jne 0x23a3 -loc_000022bc: +loc_0000232a: sub esp, 0xc xor esi, esi push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov ebx, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je loc_000023a3 ; je 0x23a3 +je loc_00002411 ; je 0x2411 mov eax, ebx and eax, 0xf shr bx, 4 push eax and ebx, 0x3f push ebx -push ref_00020dcf ; push 0x20dcf +push ref_00020e5f ; push 0x20e5f push 0x40 -loc_000022ee: -call fcn_000153f7 ; call 0x153f7 +loc_0000235c: +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp near loc_000023a3 ; jmp 0x23a3 +jmp near loc_00002411 ; jmp 0x2411 -loc_000022fb: -call fcn_000153e9 ; call 0x153e9 +loc_00002369: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00002318 ; je 0x2318 +je short loc_00002386 ; je 0x2386 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00002318: +loc_00002386: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x15f -push ref_00020ceb ; push 0x20ceb -call fcn_000153fc ; call 0x153fc +push ref_00020d7b ; push 0x20d7b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp near loc_00002269 ; jmp 0x2269 +jmp near loc_000022d7 ; jmp 0x22d7 -loc_00002335: +loc_000023a3: sub esp, 0xc push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and eax, 0xf cmp ax, 2 -je short loc_00002366 ; je 0x2366 +je short loc_000023d4 ; je 0x23d4 -loc_0000234a: -call fcn_000153e9 ; call 0x153e9 +loc_000023b8: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000238b ; je 0x238b +je short loc_000023f9 ; je 0x23f9 push edx push edx -push ref_00020db0 ; push 0x20db0 +push ref_00020e40 ; push 0x20e40 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_0000238b ; jmp 0x238b +jmp short loc_000023f9 ; jmp 0x23f9 -loc_00002366: +loc_000023d4: mov eax, dword [ebp - 0x1c] sub esp, 0xc mov eax, dword [eax + 4] add eax, 0x21aa push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and eax, 0xf cmp ax, 2 -jne short loc_0000234a ; jne 0x234a -jmp near loc_000022bc ; jmp 0x22bc +jne short loc_000023b8 ; jne 0x23b8 +jmp near loc_0000232a ; jmp 0x232a -loc_0000238b: +loc_000023f9: push eax push eax push edi push esi -call fcn_0000201a ; call 0x201a +call fcn_00002088 ; call 0x2088 add esp, 0x10 -jmp near loc_000022bc ; jmp 0x22bc +jmp near loc_0000232a ; jmp 0x232a -loc_0000239c: +loc_0000240a: xor ebx, ebx -jmp near loc_00002281 ; jmp 0x2281 +jmp near loc_000022ef ; jmp 0x22ef -loc_000023a3: +loc_00002411: lea esp, [ebp - 0xc] mov eax, esi pop ebx @@ -3714,7 +3757,7 @@ pop edi pop ebp ret -fcn_000023ad: +fcn_0000241b: push ebp mov ebp, esp push edi @@ -3730,17 +3773,17 @@ mov eax, dword [ebp + 0xc] mov edi, eax mov eax, dword [ebp + 0x10] mov dword [ebp - 0x1c], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x54 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ebx, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 shr ebx, 1 add esp, 0x10 and ebx, 7 test al, al -je short loc_00002412 ; je 0x2412 +je short loc_00002480 ; je 0x2480 movzx edx, byte [ebp - 0x1c] mov eax, edi push ecx @@ -3752,17 +3795,17 @@ push eax push ecx push edx push eax -push ref_00020dec ; push 0x20dec +push ref_00020e7c ; push 0x20e7c push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00002412: +loc_00002480: movzx edx, byte [ebp - 0x1c] mov eax, 2 sub eax, edx bt ebx, eax -jae loc_000024b6 ; jae 0x24b6 +jae loc_00002524 ; jae 0x2524 mov eax, edi push ecx movzx eax, al @@ -3771,67 +3814,67 @@ push eax mov eax, esi movzx eax, al push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax lea eax, [eax + 0xb2] add esi, 0x11a mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov dword [esp], esi mov ebx, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov esi, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00002484 ; je 0x2484 +je short loc_000024f2 ; je 0x24f2 mov eax, ebx and eax, 0xf shr bx, 4 push eax and ebx, 0x3f push ebx -push ref_00020e02 ; push 0x20e02 +push ref_00020e92 ; push 0x20e92 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00002484: -call fcn_000153e9 ; call 0x153e9 +loc_000024f2: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000024a4 ; je 0x24a4 +je short loc_00002512 ; je 0x2512 shr si, 1 and esi, 1 push eax push esi -push ref_00020e1b ; push 0x20e1b +push ref_00020eab ; push 0x20eab push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000024a4: -call fcn_000153e9 ; call 0x153e9 +loc_00002512: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000024d9 ; je 0x24d9 -mov dword [ebp + 0xc], ref_00021e91 ; mov dword [ebp + 0xc], 0x21e91 -jmp short loc_000024c6 ; jmp 0x24c6 +je short loc_00002547 ; je 0x2547 +mov dword [ebp + 0xc], ref_00021f21 ; mov dword [ebp + 0xc], 0x21f21 +jmp short loc_00002534 ; jmp 0x2534 -loc_000024b6: -call fcn_000153e9 ; call 0x153e9 +loc_00002524: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000024d9 ; je 0x24d9 -mov dword [ebp + 0xc], ref_000216c1 ; mov dword [ebp + 0xc], 0x216c1 +je short loc_00002547 ; je 0x2547 +mov dword [ebp + 0xc], ref_00021751 ; mov dword [ebp + 0xc], 0x21751 -loc_000024c6: +loc_00002534: mov dword [ebp + 8], 0x40 lea esp, [ebp - 0xc] pop ebx pop esi pop edi pop ebp -jmp near fcn_000153f7 ; jmp 0x153f7 +jmp near fcn_00015487 ; jmp 0x15487 -loc_000024d9: +loc_00002547: lea esp, [ebp - 0xc] pop ebx pop esi @@ -3839,7 +3882,7 @@ pop edi pop ebp ret -fcn_000024e1: +fcn_0000254f: push ebp mov ebp, esp push edi @@ -3857,38 +3900,38 @@ movzx eax, al push eax movzx eax, cl push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0 push 0 mov edi, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x54 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, 2 add esp, 0x10 sub edx, ebx shr eax, 1 and eax, 7 bt eax, edx -jae loc_000025be ; jae 0x25be +jae loc_0000262c ; jae 0x262c sub esp, 0xc add edi, 0x11a push edi xor esi, esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov edx, eax shr dx, 1 and edx, 1 -loc_00002559: +loc_000025c7: cmp esi, 0x63 -ja short loc_0000258b ; ja 0x258b +ja short loc_000025f9 ; ja 0x25f9 test dx, dx -je short loc_0000258b ; je 0x258b +je short loc_000025f9 ; je 0x25f9 push eax mov eax, dword [ebp + 0xc] inc esi @@ -3897,19 +3940,19 @@ push dword [ebp + 0xc] push dword [ebp + 8] call dword [eax + 4] ; ucall mov dword [esp], edi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov edx, eax shr dx, 1 and edx, 1 -jmp short loc_00002559 ; jmp 0x2559 +jmp short loc_000025c7 ; jmp 0x25c7 -loc_0000258b: +loc_000025f9: mov dword [ebp - 0x24], edx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 mov edx, dword [ebp - 0x24] test al, al -je short loc_000025be ; je 0x25be +je short loc_0000262c ; je 0x262c sub esp, 0xc movzx eax, byte [ebp - 0x20] movzx edx, dx @@ -3921,12 +3964,12 @@ push eax push edx push ebx push eax -push ref_00020e3a ; push 0x20e3a +push ref_00020eca ; push 0x20eca push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x30 -loc_000025be: +loc_0000262c: lea esp, [ebp - 0xc] pop ebx pop esi @@ -3934,7 +3977,7 @@ pop edi pop ebp ret -fcn_000025c6: +fcn_00002634: push ebp mov ebp, esp push edi @@ -3945,185 +3988,185 @@ mov esi, dword [ebp + 0x14] lea eax, [ebp - 0x1c] mov ebx, dword [ebp + 0x18] push eax -call fcn_000196d3 ; call 0x196d3 +call fcn_00019797 ; call 0x19797 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00002625 ; je 0x2625 +je short loc_00002693 ; je 0x2693 test edi, edi -jns short loc_00002625 ; jns 0x2625 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00002693 ; jns 0x2693 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000260d ; je 0x260d +je short loc_0000267b ; je 0x267b push ecx push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000260d: +loc_0000267b: push edx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xa0 -push ref_00020e7c ; push 0x20e7c -call fcn_000153fc ; call 0x153fc +push ref_00020f0c ; push 0x20f0c +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00002625: +loc_00002693: cmp dword [ebp - 0x1c], 0x11 -jne short loc_00002631 ; jne 0x2631 +jne short loc_0000269f ; jne 0x269f -loc_0000262b: +loc_00002699: test esi, esi -jne short loc_00002648 ; jne 0x2648 -jmp short loc_00002642 ; jmp 0x2642 +jne short loc_000026b6 ; jne 0x26b6 +jmp short loc_000026b0 ; jmp 0x26b0 -loc_00002631: +loc_0000269f: sub esp, 0xc push 1 -call fcn_0001c25d ; call 0x1c25d +call fcn_0001c321 ; call 0x1c321 add esp, 0x10 dec al -je short loc_0000262b ; je 0x262b +je short loc_00002699 ; je 0x2699 -loc_00002642: +loc_000026b0: mov byte [ebp - 0x2a], 0xf8 -jmp short loc_00002676 ; jmp 0x2676 +jmp short loc_000026e4 ; jmp 0x26e4 -loc_00002648: +loc_000026b6: cmp byte [esi + 0x28], 0 -je short loc_00002642 ; je 0x2642 +je short loc_000026b0 ; je 0x26b0 mov al, byte [esi + 0x46] mov byte [ebp - 0x2a], al test al, al -je short loc_00002642 ; je 0x2642 -call fcn_000153e9 ; call 0x153e9 +je short loc_000026b0 ; je 0x26b0 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00002676 ; je 0x2676 +je short loc_000026e4 ; je 0x26e4 push eax movzx eax, byte [esi + 0x46] push eax -push ref_00020eb0 ; push 0x20eb0 +push ref_00020f40 ; push 0x20f40 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00002676: -call fcn_000153e9 ; call 0x153e9 +loc_000026e4: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00002694 ; je 0x2694 +je short loc_00002702 ; je 0x2702 push eax movzx eax, byte [ebp - 0x2a] push eax -push ref_00020eda ; push 0x20eda +push ref_00020f6a ; push 0x20f6a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00002694: +loc_00002702: cmp bl, 2 -je short loc_000026a5 ; je 0x26a5 +je short loc_00002713 ; je 0x2713 xor edi, edi mov al, 6 cmp bl, 3 cmove edi, eax -jmp short loc_000026aa ; jmp 0x26aa +jmp short loc_00002718 ; jmp 0x2718 -loc_000026a5: +loc_00002713: mov edi, 4 -loc_000026aa: +loc_00002718: mov al, byte [ebp - 0x2a] mov byte [ebp - 0x2b], 0 mov byte [ebp - 0x29], 0 or eax, edi mov byte [ebp - 0x2d], al -loc_000026ba: +loc_00002728: xor ebx, ebx mov byte [ebp - 0x2c], 1 -loc_000026c0: +loc_0000272e: mov dl, byte [ebp - 0x2c] mov al, dl and eax, edi cmp dl, al -jne short loc_000026fc ; jne 0x26fc +jne short loc_0000276a ; jne 0x276a cmp byte [ebp - 0x2b], 0 -jne loc_0000276b ; jne 0x276b -call fcn_000153e9 ; call 0x153e9 +jne loc_000027d9 ; jne 0x27d9 +call fcn_00015479 ; call 0x15479 test al, al -je loc_0000276b ; je 0x276b +je loc_000027d9 ; je 0x27d9 push eax push ebx push 1 push 0 push ebx push 1 -push ref_00020eff ; push 0x20eff +push ref_00020f8f ; push 0x20f8f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -jmp short loc_0000276b ; jmp 0x276b +jmp short loc_000027d9 ; jmp 0x27d9 -loc_000026fc: +loc_0000276a: mov al, byte [ebp - 0x29] mov cl, byte [ebp - 0x2c] or al, byte [ebp - 0x2a] and eax, ecx cmp cl, al -je short loc_0000276b ; je 0x276b -call fcn_000153e9 ; call 0x153e9 +je short loc_000027d9 ; je 0x27d9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000272c ; je 0x272c +je short loc_0000279a ; je 0x279a push eax push ebx push 1 push 0 push ebx push 1 -push ref_00020f30 ; push 0x20f30 +push ref_00020fc0 ; push 0x20fc0 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_0000272c: +loc_0000279a: push eax push ebx push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x11a mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 2 -jne short loc_0000276b ; jne 0x276b -call fcn_000153e9 ; call 0x153e9 +jne short loc_000027d9 ; jne 0x27d9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00002765 ; je 0x2765 +je short loc_000027d3 ; je 0x27d3 push eax push eax -push ref_00020f50 ; push 0x20f50 +push ref_00020fe0 ; push 0x20fe0 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00002765: +loc_000027d3: mov al, byte [ebp - 0x2c] or byte [ebp - 0x29], al -loc_0000276b: +loc_000027d9: inc ebx shl byte [ebp - 0x2c], 1 cmp ebx, 3 -jne loc_000026c0 ; jne 0x26c0 +jne loc_0000272e ; jne 0x272e mov al, byte [ebp - 0x2d] or al, byte [ebp - 0x29] inc al -je short loc_000027a4 ; je 0x27a4 +je short loc_00002812 ; je 0x2812 push ecx mov eax, dword [ebp + 0xc] push 0x3e8 @@ -4133,38 +4176,38 @@ call dword [eax + 4] ; ucall inc byte [ebp - 0x2b] add esp, 0x10 cmp byte [ebp - 0x2b], 0x64 -jne loc_000026ba ; jne 0x26ba +jne loc_00002728 ; jne 0x2728 -loc_000027a4: -call fcn_000153e9 ; call 0x153e9 +loc_00002812: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000027c2 ; je 0x27c2 +je short loc_00002830 ; je 0x2830 movzx eax, byte [ebp - 0x2b] push edx push eax -push ref_00020f6e ; push 0x20f6e +push ref_00020ffe ; push 0x20ffe push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000027c2: +loc_00002830: test esi, esi -je short loc_000027ec ; je 0x27ec +je short loc_0000285a ; je 0x285a mov al, byte [ebp - 0x29] not eax mov byte [esi + 0x46], al -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000027ec ; je 0x27ec +je short loc_0000285a ; je 0x285a push eax movzx eax, byte [esi + 0x46] push eax -push ref_00020f84 ; push 0x20f84 +push ref_00021014 ; push 0x21014 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000027ec: +loc_0000285a: lea esp, [ebp - 0xc] pop ebx pop esi @@ -4172,7 +4215,7 @@ pop edi pop ebp ret -fcn_000027f4: +fcn_00002862: push ebp mov ebp, esp push edi @@ -4187,44 +4230,44 @@ movzx eax, byte [ebp + 0xc] push eax movzx eax, byte [ebp + 8] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax lea eax, [eax + 0x34] mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 cmp al, 0xff -jne short loc_0000285a ; jne 0x285a +jne short loc_000028c8 ; jne 0x28c8 -loc_0000282b: +loc_00002899: xor eax, eax -jmp short loc_00002862 ; jmp 0x2862 +jmp short loc_000028d0 ; jmp 0x28d0 -loc_0000282f: +loc_0000289d: mov edi, eax sub esp, 0xc and edi, 0xfc lea ebx, [edi + esi] push ebx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 cmp al, byte [ebp - 0x19] -je short loc_00002860 ; je 0x2860 +je short loc_000028ce ; je 0x28ce sub esp, 0xc lea edx, [ebx + 1] push edx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 -loc_0000285a: +loc_000028c8: test al, al -jne short loc_0000282f ; jne 0x282f -jmp short loc_0000282b ; jmp 0x282b +jne short loc_0000289d ; jne 0x289d +jmp short loc_00002899 ; jmp 0x2899 -loc_00002860: +loc_000028ce: mov eax, edi -loc_00002862: +loc_000028d0: lea esp, [ebp - 0xc] pop ebx pop esi @@ -4232,7 +4275,7 @@ pop edi pop ebp ret -fcn_0000286a: +fcn_000028d8: push ebp mov ebp, esp push edi @@ -4248,49 +4291,49 @@ push eax movzx eax, byte [ebp + 0x10] push eax push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 test bl, bl -je loc_0000296c ; je 0x296c +je loc_000029da ; je 0x29da mov esi, eax lea eax, [ebp - 0x1c] push eax push 0 push 0 -push ref_0002901c ; push 0x2901c -call fcn_00019699 ; call 0x19699 +push ref_000290cc ; push 0x290cc +call fcn_0001975d ; call 0x1975d mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_000028f5 ; je 0x28f5 +je short loc_00002963 ; je 0x2963 test ebx, ebx -jns short loc_000028f5 ; jns 0x28f5 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00002963 ; jns 0x2963 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000028dd ; je 0x28dd +je short loc_0000294b ; je 0x294b push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000028dd: +loc_0000294b: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x146 -push ref_00020e7c ; push 0x20e7c -call fcn_000153fc ; call 0x153fc +push ref_00020f0c ; push 0x20f0c +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000028f5: +loc_00002963: push eax push eax push 0x10 lea ebx, [esi + 0xb0] push ebx -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 mov eax, dword [ebp - 0x1c] add esp, 0xc push 0x3e8 @@ -4302,17 +4345,17 @@ add esp, 0x10 xor edx, edx dec eax cmp al, 7 -ja short loc_0000292c ; ja 0x292c +ja short loc_0000299a ; ja 0x299a movzx eax, al -movzx edx, byte [eax + ref_00020338] ; movzx edx, byte [eax + 0x20338] +movzx edx, byte [eax + ref_000203c8] ; movzx edx, byte [eax + 0x203c8] -loc_0000292c: +loc_0000299a: push eax add esi, 0x224 push edx push 0xffffffffffffffe0 push esi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebp - 0x1c] add esp, 0xc push 0x3e8 @@ -4323,7 +4366,7 @@ pop edx pop ecx push 0xffef push ebx -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 mov eax, dword [ebp - 0x1c] add esp, 0xc push 0x186a0 @@ -4332,7 +4375,7 @@ push edi call dword [eax + 4] ; ucall add esp, 0x10 -loc_0000296c: +loc_000029da: lea esp, [ebp - 0xc] pop ebx pop esi @@ -4340,7 +4383,7 @@ pop edi pop ebp ret -fcn_00002974: +fcn_000029e2: push ebp mov ebp, esp push edi @@ -4369,31 +4412,31 @@ add edx, 0x100000 or ebx, eax or ebx, edx test ecx, ecx -jne short loc_000029d0 ; jne 0x29d0 +jne short loc_00002a3e ; jne 0x2a3e mov dword [ebp + 0xc], ebx add esi, edi -jmp short loc_000029e3 ; jmp 0x29e3 +jmp short loc_00002a51 ; jmp 0x2a51 -loc_000029d0: +loc_00002a3e: push eax push 0 push ecx push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 mov dword [ebp + 0xc], ebx add esi, eax -loc_000029e3: +loc_00002a51: mov dword [ebp + 8], esi lea esp, [ebp - 0xc] pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_000029f2: +fcn_00002a60: push ebp mov ebp, esp push edi @@ -4406,24 +4449,24 @@ shr ebx, 1 shl ebx, 5 add ebx, 0x914 test esi, esi -jne short loc_00002a1b ; jne 0x2a1b +jne short loc_00002a89 ; jne 0x2a89 mov eax, dword [ebp + 8] sub esp, 0xc add eax, ebx push eax -jmp short loc_00002a2b ; jmp 0x2a2b +jmp short loc_00002a99 ; jmp 0x2a99 -loc_00002a1b: +loc_00002a89: push edi push 0 push esi push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, ebx mov dword [esp], eax -loc_00002a2b: -call fcn_00017d8a ; call 0x17d8a +loc_00002a99: +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp + 0x10] add esp, 0x10 mov edi, dword [ebp + 0x14] @@ -4439,28 +4482,28 @@ add ecx, 0x100000 or edi, eax or edi, ecx test esi, esi -jne short loc_00002a6d ; jne 0x2a6d +jne short loc_00002adb ; jne 0x2adb push esi add ebx, dword [ebp + 8] push esi -jmp short loc_00002a7c ; jmp 0x2a7c +jmp short loc_00002aea ; jmp 0x2aea -loc_00002a6d: +loc_00002adb: push eax push 0 push esi push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx add ebx, eax -loc_00002a7c: +loc_00002aea: push edi push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov dword [esp], ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 lea esp, [ebp - 0xc] pop ebx @@ -4471,7 +4514,7 @@ shr eax, 1 and eax, 0x3fff ret -fcn_00002a9d: +fcn_00002b0b: push ebp mov ebp, esp push edi @@ -4484,99 +4527,99 @@ mov esi, dword [ebp + 8] mov ebx, dword [ebp + 0x14] mov dword [ebp - 0x24], edx mov dword [ebp - 0x20], eax -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov dword [ebp - 0x1c], eax -call fcn_0001c5b4 ; call 0x1c5b4 +call fcn_0001c678 ; call 0x1c678 mov edx, dword [ebp - 0x24] cmp dl, 1 -je short loc_00002ad4 ; je 0x2ad4 +je short loc_00002b42 ; je 0x2b42 cmp dl, 2 -je short loc_00002af8 ; je 0x2af8 -jmp short loc_00002b34 ; jmp 0x2b34 +je short loc_00002b66 ; je 0x2b66 +jmp short loc_00002ba2 ; jmp 0x2ba2 -loc_00002ad4: +loc_00002b42: lea edi, [ebx - 8] cmp bl, 7 -ja short loc_00002b36 ; ja 0x2b36 -call fcn_000153e9 ; call 0x153e9 +ja short loc_00002ba4 ; ja 0x2ba4 +call fcn_00015479 ; call 0x15479 test al, al -je loc_00002bc1 ; je 0x2bc1 +je loc_00002c2f ; je 0x2c2f movzx ebx, bl mov dword [ebp + 0x14], ebx mov dword [ebp + 0x10], 1 -jmp short loc_00002b1a ; jmp 0x2b1a +jmp short loc_00002b88 ; jmp 0x2b88 -loc_00002af8: +loc_00002b66: lea edi, [ebx - 0xc] cmp bl, 0xb -ja short loc_00002b36 ; ja 0x2b36 -call fcn_000153e9 ; call 0x153e9 +ja short loc_00002ba4 ; ja 0x2ba4 +call fcn_00015479 ; call 0x15479 test al, al -je loc_00002bc1 ; je 0x2bc1 +je loc_00002c2f ; je 0x2c2f movzx ebx, bl mov dword [ebp + 0x14], ebx mov dword [ebp + 0x10], 2 -loc_00002b1a: -mov dword [ebp + 0xc], ref_00020fa6 ; mov dword [ebp + 0xc], 0x20fa6 +loc_00002b88: +mov dword [ebp + 0xc], ref_00021036 ; mov dword [ebp + 0xc], 0x21036 mov dword [ebp + 8], 2 lea esp, [ebp - 0xc] pop ebx pop esi pop edi pop ebp -jmp near fcn_000153f7 ; jmp 0x153f7 +jmp near fcn_00015487 ; jmp 0x15487 -loc_00002b34: +loc_00002ba2: mov edi, ebx -loc_00002b36: +loc_00002ba4: mov ecx, esi movzx esi, byte [ebp - 0x20] test cl, cl -je short loc_00002b5c ; je 0x2b5c +je short loc_00002bca ; je 0x2bca test edi, 1 -jne short loc_00002b52 ; jne 0x2b52 +jne short loc_00002bc0 ; jne 0x2bc0 shl esi, 8 mov ebx, 0xfffff0ff -jmp short loc_00002b8d ; jmp 0x2b8d +jmp short loc_00002bfb ; jmp 0x2bfb -loc_00002b52: +loc_00002bc0: shl esi, 0x18 mov ebx, 0xf0ffffff -jmp short loc_00002b8d ; jmp 0x2b8d +jmp short loc_00002bfb ; jmp 0x2bfb -loc_00002b5c: +loc_00002bca: test eax, eax -je short loc_00002b78 ; je 0x2b78 +je short loc_00002be6 ; je 0x2be6 cmp dword [ebp - 0x1c], 0x40670 -jne short loc_00002b78 ; jne 0x2b78 +jne short loc_00002be6 ; jne 0x2be6 -loc_00002b69: +loc_00002bd7: test edi, 1 -jne short loc_00002b85 ; jne 0x2b85 +jne short loc_00002bf3 ; jne 0x2bf3 -loc_00002b71: +loc_00002bdf: mov ebx, 0xfffffff0 -jmp short loc_00002b8d ; jmp 0x2b8d +jmp short loc_00002bfb ; jmp 0x2bfb -loc_00002b78: +loc_00002be6: cmp bl, 7 -jbe short loc_00002b69 ; jbe 0x2b69 +jbe short loc_00002bd7 ; jbe 0x2bd7 test edi, 1 -jne short loc_00002b71 ; jne 0x2b71 +jne short loc_00002bdf ; jne 0x2bdf -loc_00002b85: +loc_00002bf3: shl esi, 0x10 mov ebx, 0xfff0ffff -loc_00002b8d: +loc_00002bfb: movzx edx, dl push eax push edx push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edx, edi add esp, 0x10 shr dl, 1 @@ -4590,9 +4633,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018aa4 ; jmp 0x18aa4 +jmp near fcn_00018b68 ; jmp 0x18b68 -loc_00002bc1: +loc_00002c2f: lea esp, [ebp - 0xc] pop ebx pop esi @@ -4600,7 +4643,7 @@ pop edi pop ebp ret -fcn_00002bc9: +fcn_00002c37: push ebp mov ebp, esp push edi @@ -4609,73 +4652,73 @@ push ebx sub esp, 0x1c mov ebx, dword [ebp + 8] mov esi, dword [ebp + 0x14] -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov dword [ebp - 0x1c], eax -call fcn_0001c5b4 ; call 0x1c5b4 +call fcn_0001c678 ; call 0x1c678 mov dword [ebp - 0x20], eax xor eax, eax -loc_00002bea: +loc_00002c58: cmp byte [ebx + eax], 9 -jbe short loc_00002bf4 ; jbe 0x2bf4 +jbe short loc_00002c62 ; jbe 0x2c62 mov byte [ebx + eax], 8 -loc_00002bf4: +loc_00002c62: mov edi, dword [ebp + 0xc] cmp byte [edi + eax], 9 -jbe short loc_00002c01 ; jbe 0x2c01 +jbe short loc_00002c6f ; jbe 0x2c6f mov byte [edi + eax], 7 -loc_00002c01: +loc_00002c6f: mov edi, dword [ebp + 0x10] cmp byte [edi + eax], 6 -jbe short loc_00002c0e ; jbe 0x2c0e +jbe short loc_00002c7c ; jbe 0x2c7c mov byte [edi + eax], 2 -loc_00002c0e: +loc_00002c7c: inc eax cmp eax, 0x10 -jne short loc_00002bea ; jne 0x2bea +jne short loc_00002c58 ; jne 0x2c58 push eax push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 1 push 1 push 0 mov edi, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 2 push 1 push 0 mov dword [ebp - 0x28], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 cmp esi, 2 mov ecx, dword [ebp - 0x28] mov dword [ebp - 0x24], eax -je loc_00002da9 ; je 0x2da9 +je loc_00002e17 ; je 0x2e17 cmp esi, 3 -je short loc_00002c6d ; je 0x2c6d +je short loc_00002cdb ; je 0x2cdb test esi, esi -jne loc_0000314a ; jne 0x314a +jne loc_000031b8 ; jne 0x31b8 add edi, 0xda0 xor esi, esi -jmp near loc_00002f4c ; jmp 0x2f4c +jmp near loc_00002fba ; jmp 0x2fba -loc_00002c6d: +loc_00002cdb: cmp dword [ebp - 0x20], 0 lea ecx, [edi + 0xda0] -je short loc_00002ce4 ; je 0x2ce4 +je short loc_00002d52 ; je 0x2d52 cmp dword [ebp - 0x1c], 0x40670 -jne short loc_00002ce4 ; jne 0x2ce4 +jne short loc_00002d52 ; jne 0x2d52 mov edi, ecx xor esi, esi -loc_00002c86: +loc_00002cf4: mov ecx, dword [ebp + 0x10] push eax mov eax, dword [ebp + 0xc] @@ -4702,16 +4745,16 @@ push eax push 0x80f080f0 push edi add edi, 4 -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, 8 -jne short loc_00002c86 ; jne 0x2c86 -jmp near loc_0000314a ; jmp 0x314a +jne short loc_00002cf4 ; jne 0x2cf4 +jmp near loc_000031b8 ; jmp 0x31b8 -loc_00002ce4: +loc_00002d52: xor esi, esi -loc_00002ce6: +loc_00002d54: push eax mov eax, dword [ebp + 0xc] mov dword [ebp - 0x1c], ecx @@ -4738,15 +4781,15 @@ or edx, eax push edx push 0x80f080f0 push ecx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov ecx, dword [ebp - 0x1c] add esp, 0x10 add ecx, 4 cmp esi, 4 -jne short loc_00002ce6 ; jne 0x2ce6 +jne short loc_00002d54 ; jne 0x2d54 add edi, 0xdb0 -loc_00002d4b: +loc_00002db9: mov ecx, dword [ebp + 0x10] push eax mov eax, dword [ebp + 0xc] @@ -4773,23 +4816,23 @@ push eax push 0x80f080f0 push edi add edi, 4 -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, 8 -jne short loc_00002d4b ; jne 0x2d4b -jmp near loc_0000314a ; jmp 0x314a +jne short loc_00002db9 ; jne 0x2db9 +jmp near loc_000031b8 ; jmp 0x31b8 -loc_00002da9: +loc_00002e17: sub ecx, edi xor esi, esi cmp dword [ebp - 0x20], 0 lea edx, [edi + 0xda0] mov edi, ecx -je loc_00002e8c ; je 0x2e8c +je loc_00002efa ; je 0x2efa cmp dword [ebp - 0x1c], 0x40670 -jne loc_00002e8c ; jne 0x2e8c +jne loc_00002efa ; jne 0x2efa -loc_00002dcc: +loc_00002e3a: mov ecx, dword [ebp + 0x10] push eax mov eax, dword [ebp + 0xc] @@ -4815,7 +4858,7 @@ or eax, ecx push eax push 0x80f080f0 push edx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebp + 0xc] add esp, 0xc mov ecx, dword [ebp + 0x10] @@ -4843,15 +4886,15 @@ push eax push 0x80f080f0 lea eax, [edi + edx] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov edx, dword [ebp - 0x1c] add esp, 0x10 add edx, 4 cmp esi, 4 -jne loc_00002dcc ; jne 0x2dcc -jmp near loc_0000314a ; jmp 0x314a +jne loc_00002e3a ; jne 0x2e3a +jmp near loc_000031b8 ; jmp 0x31b8 -loc_00002e8c: +loc_00002efa: mov ecx, dword [ebp + 0x10] push eax mov eax, dword [ebp + 0xc] @@ -4877,7 +4920,7 @@ or eax, ecx push eax push 0x80f080f0 push edx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebp + 0xc] add esp, 0xc mov ecx, dword [ebp + 0x10] @@ -4905,15 +4948,15 @@ push eax push 0x80f080f0 lea eax, [edi + edx] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov edx, dword [ebp - 0x1c] add esp, 0x10 add edx, 4 cmp esi, 4 -jne loc_00002e8c ; jne 0x2e8c -jmp near loc_0000314a ; jmp 0x314a +jne loc_00002efa ; jne 0x2efa +jmp near loc_000031b8 ; jmp 0x31b8 -loc_00002f4c: +loc_00002fba: mov dword [ebp - 0x28], ecx mov eax, dword [ebp + 0xc] push ecx @@ -4941,22 +4984,22 @@ push eax push 0x80f080f0 push edi add edi, 4 -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, 4 mov ecx, dword [ebp - 0x28] -jne short loc_00002f4c ; jne 0x2f4c +jne short loc_00002fba ; jne 0x2fba cmp dword [ebp - 0x20], 0 lea edi, [ecx + 0xda0] -je loc_0000308c ; je 0x308c +je loc_000030fa ; je 0x30fa cmp dword [ebp - 0x1c], 0x40670 -jne loc_0000308c ; jne 0x308c +jne loc_000030fa ; jne 0x30fa mov eax, dword [ebp - 0x24] xor si, si sub eax, ecx mov dword [ebp - 0x1c], eax -loc_00002fd3: +loc_00003041: mov eax, dword [ebp + 0xc] push edx mov edx, dword [ebp + 0x10] @@ -4981,7 +5024,7 @@ or eax, edx push eax push 0x80f080f0 push edi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov ecx, dword [ebp + 0x10] add esp, 0xc mov eax, dword [ebp + 0xc] @@ -5009,19 +5052,19 @@ push 0x80f080f0 add eax, edi add edi, 4 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, 2 -je loc_0000314a ; je 0x314a -jmp near loc_00002fd3 ; jmp 0x2fd3 +je loc_000031b8 ; je 0x31b8 +jmp near loc_00003041 ; jmp 0x3041 -loc_0000308c: +loc_000030fa: mov eax, dword [ebp - 0x24] xor esi, esi sub eax, ecx mov dword [ebp - 0x1c], eax -loc_00003096: +loc_00003104: mov edx, dword [ebp + 0x10] push eax mov eax, dword [ebp + 0xc] @@ -5046,7 +5089,7 @@ or eax, edx push eax push 0x80f080f0 push edi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov ecx, dword [ebp + 0x10] add esp, 0xc mov eax, dword [ebp + 0xc] @@ -5074,12 +5117,12 @@ push 0x80f080f0 add eax, edi add edi, 4 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, 2 -jne loc_00003096 ; jne 0x3096 +jne loc_00003104 ; jne 0x3104 -loc_0000314a: +loc_000031b8: lea esp, [ebp - 0xc] pop ebx pop esi @@ -5087,7 +5130,7 @@ pop edi pop ebp ret -fcn_00003152: +fcn_000031c0: push ebp mov ebp, esp sub esp, 8 @@ -5100,12 +5143,12 @@ lea edx, [eax + 0x19] add eax, 9 push edx push eax -call fcn_00002bc9 ; call 0x2bc9 +call fcn_00002c37 ; call 0x2c37 add esp, 0x10 leave ret -fcn_00003177: +fcn_000031e5: push ebp mov ebp, esp push edi @@ -5120,18 +5163,18 @@ lea edi, [edx + edx*2] mov dword [ebp - 0x14], edx add edi, eax -loc_00003199: +loc_00003207: mov eax, dword [ebp - 0x14] cmp dword [ebp - 0x10], eax -ja short loc_000031d2 ; ja 0x31d2 +ja short loc_00003240 ; ja 0x3240 mov eax, edi -loc_000031a3: +loc_00003211: cmp eax, ecx -je short loc_000031ca ; je 0x31ca +je short loc_00003238 ; je 0x3238 mov bl, byte [eax - 3] cmp bl, byte [eax] -jbe short loc_000031c5 ; jbe 0x31c5 +jbe short loc_00003233 ; jbe 0x3233 mov dx, word [eax] mov si, word [eax - 2] mov byte [eax], bl @@ -5140,16 +5183,16 @@ mov dl, byte [eax + 2] mov word [eax + 1], si mov byte [eax - 1], dl -loc_000031c5: +loc_00003233: sub eax, 3 -jmp short loc_000031a3 ; jmp 0x31a3 +jmp short loc_00003211 ; jmp 0x3211 -loc_000031ca: +loc_00003238: inc dword [ebp - 0x10] add ecx, 3 -jmp short loc_00003199 ; jmp 0x3199 +jmp short loc_00003207 ; jmp 0x3207 -loc_000031d2: +loc_00003240: pop eax pop edx pop ebx @@ -5158,7 +5201,7 @@ pop edi pop ebp ret -fcn_000031d9: +fcn_00003247: push ebp mov ebp, esp mov edx, dword [ebp + 8] @@ -5170,7 +5213,7 @@ lea eax, [eax + eax*2] movzx eax, byte [edx + eax] ret -fcn_000031ef: +fcn_0000325d: push ebp mov ebp, esp push edi @@ -5181,19 +5224,19 @@ mov ebx, dword [ebp + 0x1c] push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 1 push dword [ebp + 0x14] push 0 mov esi, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 2 push dword [ebp + 0x14] push 0 mov dword [ebp - 0xc88], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ecx, 0xa cmp dword [ebp + 0x18], 0x10 pop edi @@ -5205,63 +5248,63 @@ mov dword [ebp - 0xc98], eax lea eax, [ebp - 0xc78] push 0xc60 push eax -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff add esp, 0x10 cmp ebx, 2 -je short loc_0000327b ; je 0x327b +je short loc_000032e9 ; je 0x32e9 cmp ebx, 1 setb byte [ebp - 0xc7a] setb byte [ebp - 0xc79] -jmp short loc_00003289 ; jmp 0x3289 +jmp short loc_000032f7 ; jmp 0x32f7 -loc_0000327b: +loc_000032e9: mov byte [ebp - 0xc7a], 0 mov byte [ebp - 0xc79], 1 -loc_00003289: -call fcn_000153e9 ; call 0x153e9 +loc_000032f7: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000032a3 ; je 0x32a3 +je short loc_00003311 ; je 0x3311 push ecx push ecx -push ref_00020fe7 ; push 0x20fe7 +push ref_00021077 ; push 0x21077 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000032a3: +loc_00003311: push edx push edx lea eax, [esi + 0xb0] push 0x10 push eax mov dword [ebp - 0xc9c], eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 cmp byte [ebp - 0xc79], 0 -je short loc_000032dd ; je 0x32dd +je short loc_0000334b ; je 0x334b push eax push eax mov eax, dword [ebp - 0xc88] push 0x10 add eax, 0xb0 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_000032dd: +loc_0000334b: cmp byte [ebp - 0xc7a], 0 -je short loc_000032fe ; je 0x32fe +je short loc_0000336c ; je 0x336c mov eax, dword [ebp - 0xc8c] push edi push edi push 0x10 add eax, 0xb0 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_000032fe: +loc_0000336c: mov eax, dword [ebp + 0xc] push ecx push 0x2710 @@ -5274,35 +5317,35 @@ pop esi mov dword [ebp - 0xca0], eax push 0xa800 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 cmp byte [ebp - 0xc79], 0 -je short loc_00003350 ; je 0x3350 +je short loc_000033be ; je 0x33be mov eax, dword [ebp - 0xc88] push edx push edx push 0xa800 add eax, 0xc20 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_00003350: +loc_000033be: cmp byte [ebp - 0xc7a], 0 -je short loc_00003374 ; je 0x3374 +je short loc_000033e2 ; je 0x33e2 push eax push eax mov eax, dword [ebp - 0xc8c] push 0xa800 add eax, 0xc20 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_00003374: +loc_000033e2: mov dword [ebp - 0xc80], 0 -loc_0000337e: +loc_000033ec: mov eax, dword [ebp - 0xc80] mov ecx, 0x64 xor edx, edx @@ -5310,19 +5353,19 @@ sub esp, 0xc xor ebx, ebx div ecx push eax -call fcn_0001a76d ; call 0x1a76d +call fcn_0001a831 ; call 0x1a831 add esp, 0x10 -loc_0000339b: +loc_00003409: cmp ebx, dword [ebp + 0x18] -je short loc_000033ca ; je 0x33ca +je short loc_00003438 ; je 0x3438 sub esp, 0xc push 1 push 0x39 push ebx push dword [ebp + 0x14] push 0 -call fcn_00002974 ; call 0x2974 +call fcn_000029e2 ; call 0x29e2 add esp, 0x14 push 0xc push 0x3a @@ -5330,11 +5373,11 @@ push ebx inc ebx push dword [ebp + 0x14] push 0 -call fcn_00002974 ; call 0x2974 +call fcn_000029e2 ; call 0x29e2 add esp, 0x20 -jmp short loc_0000339b ; jmp 0x339b +jmp short loc_00003409 ; jmp 0x3409 -loc_000033ca: +loc_00003438: push eax mov eax, dword [ebp + 0xc] push dword [ebp - 0xc98] @@ -5346,74 +5389,74 @@ mov dword [ebp - 0xc90], eax mov dword [ebp - 0xc84], 0 add esp, 0x10 -loc_000033f6: +loc_00003464: mov eax, dword [ebp - 0xc84] cmp eax, dword [ebp + 0x18] -je loc_00003509 ; je 0x3509 +je loc_00003577 ; je 0x3577 imul eax, eax, 0xc6 mov edi, dword [ebp - 0xc90] xor ebx, ebx mov dword [ebp - 0xc94], eax -loc_00003419: +loc_00003487: lea eax, [ebx + 0x31] mov esi, 1 push eax push dword [ebp - 0xc84] push dword [ebp + 0x14] push 0 -call fcn_000029f2 ; call 0x29f2 +call fcn_00002a60 ; call 0x2a60 movzx edx, word [edi + 1] add esp, 0x10 and eax, 0x3f mov byte [ebp - 0xc7b], al -loc_00003442: +loc_000034b0: cmp esi, edx -ja short loc_0000346c ; ja 0x346c +ja short loc_000034da ; ja 0x34da lea eax, [esi + esi*2] mov cl, byte [ebp - 0xc7b] cmp byte [edi + eax], cl -jne short loc_00003469 ; jne 0x3469 +jne short loc_000034d7 ; jne 0x34d7 imul edx, ebx, 0x21 add eax, dword [ebp - 0xc94] add eax, edx inc word [ebp + eax - 0xc77] -jmp short loc_000034e7 ; jmp 0x34e7 +jmp short loc_00003555 ; jmp 0x3555 -loc_00003469: +loc_000034d7: inc esi -jmp short loc_00003442 ; jmp 0x3442 +jmp short loc_000034b0 ; jmp 0x34b0 -loc_0000346c: +loc_000034da: cmp esi, 0xb -jne short loc_000034be ; jne 0x34be -call fcn_000153e9 ; call 0x153e9 +jne short loc_0000352c ; jne 0x352c +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000349f ; je 0x349f +je short loc_0000350d ; je 0x350d push eax push 0xa push dword [ebp - 0xc80] push ebx push dword [ebp - 0xc84] push dword [ebp + 0x14] -push ref_00021012 ; push 0x21012 +push ref_000210a2 ; push 0x210a2 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_0000349f: +loc_0000350d: cmp dword [ebp + 0x18], 0x10 -jne loc_00003691 ; jne 0x3691 +jne loc_000036ff ; jne 0x36ff sub esp, 0xc push 0xee -loc_000034b1: -call fcn_0001a76d ; call 0x1a76d +loc_0000351f: +call fcn_0001a831 ; call 0x1a831 add esp, 0x10 -call fcn_00017175 ; call 0x17175 +call fcn_00017239 ; call 0x17239 -loc_000034be: +loc_0000352c: imul eax, ebx, 0x21 lea esi, [esi + esi*2] add esi, dword [ebp - 0xc94] @@ -5423,60 +5466,60 @@ mov al, byte [ebp - 0xc7b] mov word [ebp + esi - 0xc77], 1 mov byte [ebp + esi - 0xc78], al -loc_000034e7: +loc_00003555: inc ebx add edi, 0x21 cmp ebx, 6 -jne loc_00003419 ; jne 0x3419 +jne loc_00003487 ; jne 0x3487 inc dword [ebp - 0xc84] add dword [ebp - 0xc90], 0xc6 -jmp near loc_000033f6 ; jmp 0x33f6 +jmp near loc_00003464 ; jmp 0x3464 -loc_00003509: +loc_00003577: cmp dword [ebp - 0xc80], 0x64 -jbe short loc_00003546 ; jbe 0x3546 +jbe short loc_000035b4 ; jbe 0x35b4 lea ecx, [ebp - 0xc78] xor edx, edx -loc_0000351a: +loc_00003588: cmp edx, dword [ebp + 0x18] -jne short loc_00003523 ; jne 0x3523 +jne short loc_00003591 ; jne 0x3591 -loc_0000351f: +loc_0000358d: xor edi, edi -jmp short loc_0000359d ; jmp 0x359d +jmp short loc_0000360b ; jmp 0x360b -loc_00003523: +loc_00003591: xor eax, eax -loc_00003525: +loc_00003593: mov di, word [ecx + eax + 1] lea ebx, [edi - 2] cmp bx, 2 -jbe short loc_00003546 ; jbe 0x3546 +jbe short loc_000035b4 ; jbe 0x35b4 add eax, 0x21 cmp eax, 0xc6 -jne short loc_00003525 ; jne 0x3525 +jne short loc_00003593 ; jne 0x3593 inc edx add ecx, 0xc6 -jmp short loc_0000351a ; jmp 0x351a +jmp short loc_00003588 ; jmp 0x3588 -loc_00003546: +loc_000035b4: inc dword [ebp - 0xc80] cmp dword [ebp - 0xc80], 0x1f4 -jne loc_0000337e ; jne 0x337e -jmp short loc_0000351f ; jmp 0x351f +jne loc_000033ec ; jne 0x33ec +jmp short loc_0000358d ; jmp 0x358d -loc_0000355e: +loc_000035cc: imul eax, esi, 0x21 sub esp, 0xc add eax, dword [ebp - 0xc80] lea edx, [ebp - 0xc78] lea ebx, [edx + eax] push ebx -call fcn_00003177 ; call 0x3177 +call fcn_000031e5 ; call 0x31e5 mov dword [esp], ebx -call fcn_000031d9 ; call 0x31d9 +call fcn_00003247 ; call 0x3247 mov dword [esp], eax lea eax, [esi + 0x31] inc esi @@ -5484,51 +5527,51 @@ push eax push edi push dword [ebp + 0x14] push 0 -call fcn_00002974 ; call 0x2974 +call fcn_000029e2 ; call 0x29e2 add esp, 0x20 cmp esi, 6 -jne short loc_0000355e ; jne 0x355e +jne short loc_000035cc ; jne 0x35cc inc edi -loc_0000359d: +loc_0000360b: cmp edi, dword [ebp + 0x18] -je short loc_000035b2 ; je 0x35b2 +je short loc_00003620 ; je 0x3620 imul eax, edi, 0xc6 xor esi, esi mov dword [ebp - 0xc80], eax -jmp short loc_0000355e ; jmp 0x355e +jmp short loc_000035cc ; jmp 0x35cc -loc_000035b2: +loc_00003620: push eax push eax push 0 push dword [ebp - 0xca0] -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 cmp byte [ebp - 0xc79], 0 -je short loc_000035e5 ; je 0x35e5 +je short loc_00003653 ; je 0x3653 push eax push eax mov eax, dword [ebp - 0xc88] push 0 add eax, 0xc20 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_000035e5: +loc_00003653: cmp byte [ebp - 0xc7a], 0 -je short loc_00003606 ; je 0x3606 +je short loc_00003674 ; je 0x3674 push eax push eax mov eax, dword [ebp - 0xc8c] push 0 add eax, 0xc20 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_00003606: +loc_00003674: mov eax, dword [ebp + 0xc] push ebx push 0x3e8 @@ -5539,49 +5582,49 @@ pop esi pop edi push 0xffef push dword [ebp - 0xc9c] -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0x10 cmp byte [ebp - 0xc79], 0 -je short loc_00003651 ; je 0x3651 +je short loc_000036bf ; je 0x36bf mov eax, dword [ebp - 0xc88] push ecx push ecx push 0xffef add eax, 0xb0 push eax -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0x10 -loc_00003651: +loc_000036bf: cmp byte [ebp - 0xc7a], 0 -je short loc_00003675 ; je 0x3675 +je short loc_000036e3 ; je 0x36e3 mov eax, dword [ebp - 0xc8c] push edx push edx push 0xffef add eax, 0xb0 push eax -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0x10 -loc_00003675: -call fcn_000153e9 ; call 0x153e9 +loc_000036e3: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000369e ; je 0x369e +je short loc_0000370c ; je 0x370c push eax push eax -push ref_0002106e ; push 0x2106e +push ref_000210fe ; push 0x210fe push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_0000369e ; jmp 0x369e +jmp short loc_0000370c ; jmp 0x370c -loc_00003691: +loc_000036ff: sub esp, 0xc push 0xed -jmp near loc_000034b1 ; jmp 0x34b1 +jmp near loc_0000351f ; jmp 0x351f -loc_0000369e: +loc_0000370c: lea esp, [ebp - 0xc] pop ebx pop esi @@ -5589,7 +5632,7 @@ pop edi pop ebp ret -fcn_000036a6: +fcn_00003714: push ebp mov ebp, esp push edi @@ -5601,24 +5644,24 @@ push 0 mov esi, dword [ebp + 0x18] push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov edi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je short loc_00003711 ; je 0x3711 +je short loc_0000377f ; je 0x377f sub esp, 0xc add edi, 0x214 push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test ax, ax -je short loc_00003711 ; je 0x3711 +je short loc_0000377f ; je 0x377f shr eax, 0x10 and eax, 0xf cmp eax, 6 -jbe short loc_00003711 ; jbe 0x3711 +jbe short loc_0000377f ; jbe 0x377f push eax movzx ebx, bl push eax @@ -5630,10 +5673,10 @@ push 1 push ebx push dword [ebp + 0x10] push dword [ebp + 8] -call fcn_000031ef ; call 0x31ef +call fcn_0000325d ; call 0x325d add esp, 0x20 -loc_00003711: +loc_0000377f: lea esp, [ebp - 0xc] pop ebx pop esi @@ -5641,7 +5684,7 @@ pop edi pop ebp ret -fcn_00003719: +fcn_00003787: push ebp mov ebp, esp push edi @@ -5653,42 +5696,42 @@ mov edi, dword [ebp + 0x14] mov dword [ebp - 0x38], eax lea eax, [ebp - 0x1c] push eax -call fcn_000196d3 ; call 0x196d3 +call fcn_00019797 ; call 0x19797 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000377b ; je 0x377b +je short loc_000037e9 ; je 0x37e9 test ebx, ebx -jns short loc_0000377b ; jns 0x377b -call fcn_000153e9 ; call 0x153e9 +jns short loc_000037e9 ; jns 0x37e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00003763 ; je 0x3763 +je short loc_000037d1 ; je 0x37d1 push esi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00003763: +loc_000037d1: push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x5bc -push ref_00020e7c ; push 0x20e7c -call fcn_000153fc ; call 0x153fc +push ref_00020f0c ; push 0x20f0c +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000377b: +loc_000037e9: imul eax, dword [ebp + 0x1c], 7 add eax, dword [ebp + 0x18] mov ebx, dword [ebp + 0x18] mov byte [ebp - 0x29], 0 mov dword [ebp - 0x30], eax -loc_0000378c: +loc_000037fa: cmp ebx, dword [ebp - 0x30] -je loc_00003837 ; je 0x3837 +je loc_000038a5 ; je 0x38a5 movzx eax, byte [ebx + 2] push edx push eax @@ -5697,27 +5740,27 @@ movzx eax, byte [ebx + 1] push eax movzx eax, byte [ebx] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov esi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je short loc_0000382f ; je 0x382f +je short loc_0000389d ; je 0x389d sub esp, 0xc lea eax, [esi + 0x11a] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 2 -je short loc_0000382f ; je 0x382f +je short loc_0000389d ; je 0x389d sub esp, 0xc lea eax, [esi + 0xba] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 0x40 -je short loc_0000382f ; je 0x382f +je short loc_0000389d ; je 0x389d mov cl, byte [ebp - 0x34] mov eax, 1 lea edx, [esi + 0xb0] @@ -5729,52 +5772,52 @@ push eax push eax push 0x10 push edx -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 pop eax pop edx push 0x200 push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov edx, dword [ebp - 0x34] pop ecx pop esi push 0xffef push edx -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0x10 -loc_0000382f: +loc_0000389d: add ebx, 7 -jmp near loc_0000378c ; jmp 0x378c +jmp near loc_000037fa ; jmp 0x37fa -loc_00003837: +loc_000038a5: cmp byte [ebp - 0x29], 0 -je loc_0000395d ; je 0x395d +je loc_000039cb ; je 0x39cb cmp dword [ebp - 0x1c], 0x11 -jne short loc_0000384d ; jne 0x384d +jne short loc_000038bb ; jne 0x38bb -loc_00003847: +loc_000038b5: test edi, edi -jne short loc_00003860 ; jne 0x3860 -jmp short loc_00003870 ; jmp 0x3870 +jne short loc_000038ce ; jne 0x38ce +jmp short loc_000038de ; jmp 0x38de -loc_0000384d: +loc_000038bb: sub esp, 0xc push 1 -call fcn_0001c25d ; call 0x1c25d +call fcn_0001c321 ; call 0x1c321 add esp, 0x10 dec al -jne short loc_00003870 ; jne 0x3870 -jmp short loc_00003847 ; jmp 0x3847 +jne short loc_000038de ; jne 0x38de +jmp short loc_000038b5 ; jmp 0x38b5 -loc_00003860: +loc_000038ce: cmp byte [edi + 0x28], 0 -je short loc_00003870 ; je 0x3870 +je short loc_000038de ; je 0x38de cmp byte [edi + 0x46], 0 -je short loc_00003870 ; je 0x3870 +je short loc_000038de ; je 0x38de mov byte [edi + 0x46], 0 -loc_00003870: +loc_000038de: movzx esi, byte [ebp - 0x38] sub esp, 0xc push esi @@ -5782,15 +5825,15 @@ push edi push dword [ebp + 0xc] push dword [ebp + 0x10] push dword [ebp + 8] -call fcn_000025c6 ; call 0x25c6 +call fcn_00002634 ; call 0x2634 movzx eax, byte [ebp - 0x29] add esp, 0x20 mov ebx, dword [ebp + 0x18] mov dword [ebp - 0x38], eax -loc_00003894: +loc_00003902: cmp ebx, dword [ebp - 0x30] -je short loc_000038d9 ; je 0x38d9 +je short loc_00003947 ; je 0x3947 mov al, byte [ebx] movzx ecx, byte [ebx + 1] mov byte [ebp - 0x29], al @@ -5799,75 +5842,75 @@ movzx edx, al mov dword [ebp - 0x34], edx mov edx, dword [ebp - 0x38] bt edx, eax -jae short loc_000038d4 ; jae 0x38d4 +jae short loc_00003942 ; jae 0x3942 push eax movzx edx, byte [ebp - 0x29] push dword [ebp - 0x34] push ecx push edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0x20 add eax, 0xb0 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_000038d4: +loc_00003942: add ebx, 7 -jmp short loc_00003894 ; jmp 0x3894 +jmp short loc_00003902 ; jmp 0x3902 -loc_000038d9: +loc_00003947: cmp dword [ebp - 0x1c], 0x11 -jne short loc_000038e5 ; jne 0x38e5 +jne short loc_00003953 ; jne 0x3953 -loc_000038df: +loc_0000394d: test edi, edi -jne short loc_000038f8 ; jne 0x38f8 -jmp short loc_00003908 ; jmp 0x3908 +jne short loc_00003966 ; jne 0x3966 +jmp short loc_00003976 ; jmp 0x3976 -loc_000038e5: +loc_00003953: sub esp, 0xc push 1 -call fcn_0001c25d ; call 0x1c25d +call fcn_0001c321 ; call 0x1c321 add esp, 0x10 dec al -jne short loc_00003908 ; jne 0x3908 -jmp short loc_000038df ; jmp 0x38df +jne short loc_00003976 ; jne 0x3976 +jmp short loc_0000394d ; jmp 0x394d -loc_000038f8: +loc_00003966: cmp byte [edi + 0x28], 0 -je short loc_00003908 ; je 0x3908 +je short loc_00003976 ; je 0x3976 cmp byte [edi + 0x46], 0 -je short loc_00003908 ; je 0x3908 +je short loc_00003976 ; je 0x3976 mov byte [edi + 0x46], 0 -loc_00003908: +loc_00003976: sub esp, 0xc push esi push edi push dword [ebp + 0xc] push dword [ebp + 0x10] push dword [ebp + 8] -call fcn_000025c6 ; call 0x25c6 +call fcn_00002634 ; call 0x2634 add esp, 0x20 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00003938 ; je 0x3938 +je short loc_000039a6 ; je 0x39a6 push edx push edx -push ref_00021098 ; push 0x21098 +push ref_00021128 ; push 0x21128 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00003938: +loc_000039a6: mov ebx, dword [ebp + 0x18] -loc_0000393b: +loc_000039a9: cmp ebx, dword [ebp - 0x30] -je short loc_0000395d ; je 0x395d +je short loc_000039cb ; je 0x39cb push eax movzx eax, byte [ebx + 2] add ebx, 7 @@ -5876,11 +5919,11 @@ movzx eax, byte [ebx - 6] push eax movzx eax, byte [ebx - 7] push eax -call fcn_000023ad ; call 0x23ad +call fcn_0000241b ; call 0x241b add esp, 0x10 -jmp short loc_0000393b ; jmp 0x393b +jmp short loc_000039a9 ; jmp 0x39a9 -loc_0000395d: +loc_000039cb: lea esp, [ebp - 0xc] pop ebx pop esi @@ -5888,7 +5931,7 @@ pop edi pop ebp ret -fcn_00003965: +fcn_000039d3: push ebp mov ebp, esp push edi @@ -5913,66 +5956,66 @@ mov byte [ebp - 0x19], cl mov byte [ebp - 0x1a], dl push edi push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov esi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je loc_00003a9d ; je 0x3a9d +je loc_00003b0b ; je 0x3b0b mov eax, dword [ebx + 0xd] movzx ebx, byte [ebp - 0x20] mov dl, byte [eax + ebx + 5] test dl, dl -jne short loc_000039fc ; jne 0x39fc -call fcn_000153e9 ; call 0x153e9 +jne short loc_00003a6a ; jne 0x3a6a +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000039e6 ; je 0x39e6 +je short loc_00003a54 ; je 0x3a54 push ebx push ebx -push ref_000210c3 ; push 0x210c3 +push ref_00021153 ; push 0x21153 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000039e6: +loc_00003a54: sub esp, 0xc lea eax, [esi + 0xac] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ebx, eax and ebx, 0xf -jmp short loc_00003a22 ; jmp 0x3a22 +jmp short loc_00003a90 ; jmp 0x3a90 -loc_000039fc: +loc_00003a6a: movzx ebx, dl mov dword [ebp - 0x20], edx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 mov edx, dword [ebp - 0x20] test al, al -je short loc_00003a25 ; je 0x3a25 +je short loc_00003a93 ; je 0x3a93 movzx edx, dl push ecx push edx -push ref_000210c9 ; push 0x210c9 +push ref_00021159 ; push 0x21159 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 -loc_00003a22: +loc_00003a90: add esp, 0x10 -loc_00003a25: +loc_00003a93: cmp byte [ebp - 0x24], 0 -jne short loc_00003a37 ; jne 0x3a37 +jne short loc_00003aa5 ; jne 0x3aa5 cmp bx, 2 mov eax, 2 cmova ebx, eax -loc_00003a37: -call fcn_000153e9 ; call 0x153e9 +loc_00003aa5: +call fcn_00015479 ; call 0x15479 movzx ebx, bx test al, al -je short loc_00003a5f ; je 0x3a5f +je short loc_00003acd ; je 0x3acd mov ecx, dword [ebp - 0x28] movzx eax, byte [ebp - 0x19] push ebx @@ -5981,12 +6024,12 @@ push edi push eax push ecx push edi -push ref_000210de ; push 0x210de +push ref_0002116e ; push 0x2116e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00003a5f: +loc_00003acd: push eax movzx eax, byte [ebp - 0x1a] shl eax, 4 @@ -5996,7 +6039,7 @@ push 0xfffffc00 lea eax, [esi + 0xac] add esi, 0xd0 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 mov dword [ebp + 0x10], ebx mov dword [ebp + 8], esi @@ -6006,9 +6049,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_000188bd ; jmp 0x188bd +jmp near fcn_00018981 ; jmp 0x18981 -loc_00003a9d: +loc_00003b0b: lea esp, [ebp - 0xc] pop ebx pop esi @@ -6016,7 +6059,7 @@ pop edi pop ebp ret -fcn_00003aa5: +fcn_00003b13: push ebp mov ebp, esp push ebx @@ -6027,49 +6070,49 @@ movzx eax, byte [ebp + 0x10] push eax movzx eax, byte [ebp + 0xc] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0x2020 push 0xffff0000 mov ebx, eax lea eax, [eax + 0x22c] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x20000000 push 0xdfffffff lea eax, [ebx + 0x258] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 lea eax, [ebx + 0x11a] mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 2 -jne short loc_00003b33 ; jne 0x3b33 +jne short loc_00003ba1 ; jne 0x3ba1 push eax push eax push 0x20 lea eax, [ebx + 0xb0] add ebx, 0xb2 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_00003b22: +loc_00003b90: sub esp, 0xc push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test ah, 8 -jne short loc_00003b22 ; jne 0x3b22 +jne short loc_00003b90 ; jne 0x3b90 -loc_00003b33: +loc_00003ba1: mov ebx, dword [ebp - 4] leave ret -fcn_00003b38: +fcn_00003ba6: push ebp mov ebp, esp push edi @@ -6079,32 +6122,32 @@ sub esp, 0x20 push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x48 mov dword [esp], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 mov ebx, eax and ebx, 0xfffffffe lea eax, [ebx + 0x7400] mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [ebp - 0x1c], eax lea eax, [ebx + 0x7404] mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edi, eax lea eax, [ebx + 0x7408] add ebx, 0x740c mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], ebx xor ebx, ebx mov esi, eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 xor ecx, ecx -loc_00003ba2: +loc_00003c10: mov eax, dword [ebp - 0x1c] mov edx, edi shr edx, cl @@ -6115,25 +6158,25 @@ and eax, 7 add eax, edx add ebx, eax cmp ecx, 0x18 -jne short loc_00003ba2 ; jne 0x3ba2 +jne short loc_00003c10 ; jne 0x3c10 cmp bl, 0x28 -jbe short loc_00003be5 ; jbe 0x3be5 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_00003c53 ; jbe 0x3c53 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00003c10 ; je 0x3c10 +je short loc_00003c7e ; je 0x3c7e movzx ebx, bl push ebx push 0x28 -push ref_0002110b ; push 0x2110b +push ref_0002119b ; push 0x2119b push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_00003c10 ; jmp 0x3c10 +jmp short loc_00003c7e ; jmp 0x3c7e -loc_00003be5: -call fcn_000153e9 ; call 0x153e9 +loc_00003c53: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00003c10 ; je 0x3c10 +je short loc_00003c7e ; je 0x3c7e mov al, 0x28 movzx edx, bl sub eax, ebx @@ -6143,44 +6186,44 @@ lea ecx, [edx + eax] push ecx push eax push edx -push ref_00021159 ; push 0x21159 +push ref_000211e9 ; push 0x211e9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00003c10: +loc_00003c7e: xor ecx, ecx xor eax, eax -loc_00003c14: +loc_00003c82: mov edx, esi shr edx, cl add ecx, 3 and edx, 7 add eax, edx cmp ecx, 0x18 -jne short loc_00003c14 ; jne 0x3c14 +jne short loc_00003c82 ; jne 0x3c82 shr esi, 0x18 and esi, 0x3f lea ebx, [eax + esi] cmp bl, 0x47 -jbe short loc_00003c56 ; jbe 0x3c56 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_00003cc4 ; jbe 0x3cc4 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00003c81 ; je 0x3c81 +je short loc_00003cef ; je 0x3cef movzx ebx, bl push ebx push 0x47 -push ref_00021189 ; push 0x21189 +push ref_00021219 ; push 0x21219 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_00003c81 ; jmp 0x3c81 +jmp short loc_00003cef ; jmp 0x3cef -loc_00003c56: -call fcn_000153e9 ; call 0x153e9 +loc_00003cc4: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00003c81 ; je 0x3c81 +je short loc_00003cef ; je 0x3cef mov al, 0x47 movzx edx, bl sub eax, ebx @@ -6190,12 +6233,12 @@ lea ecx, [edx + eax] push ecx push eax push edx -push ref_000211d7 ; push 0x211d7 +push ref_00021267 ; push 0x21267 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00003c81: +loc_00003cef: lea esp, [ebp - 0xc] pop ebx pop esi @@ -6203,7 +6246,7 @@ pop edi pop ebp ret -fcn_00003c89: +fcn_00003cf7: push ebp mov ebp, esp push edi @@ -6219,138 +6262,138 @@ mov eax, dword [ebp + 0xc] mov dword [ebp - 0x40], eax mov eax, dword [ebp + 0x10] mov dword [ebp - 0x44], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x48 mov dword [esp], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 mov ebx, eax and ebx, 0xfffffffe lea eax, [ebx + 0x7410] mov dword [esp], eax mov dword [ebp - 0x48], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edi, eax lea eax, [ebx + 0x7418] mov dword [esp], eax mov dword [ebp - 0x5c], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov esi, eax lea eax, [ebx + 0x7454] mov dword [esp], eax mov dword [ebp - 0x60], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ebx, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00003d19 ; je 0x3d19 +je short loc_00003d87 ; je 0x3d87 sub esp, 0xc push ebx push esi push edi -push ref_00021207 ; push 0x21207 +push ref_00021297 ; push 0x21297 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00003d19: +loc_00003d87: cmp byte [ebp - 0x3c], 0 mov word [ebp - 0x28], 0 -jne short loc_00003d4c ; jne 0x3d4c +jne short loc_00003dba ; jne 0x3dba push eax push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xb2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and eax, 0x3f0 shr eax, 4 mov dword [ebp - 0x28], eax -loc_00003d4c: +loc_00003dba: cmp byte [ebp - 0x40], 0 mov word [ebp - 0x38], 0 -jne short loc_00003d7f ; jne 0x3d7f +jne short loc_00003ded ; jne 0x3ded push ecx push 1 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xb2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and eax, 0x3f0 shr eax, 4 mov dword [ebp - 0x38], eax -loc_00003d7f: +loc_00003ded: cmp byte [ebp - 0x44], 0 mov word [ebp - 0x58], 0 -jne short loc_00003db2 ; jne 0x3db2 +jne short loc_00003e20 ; jne 0x3e20 push edx push 2 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xb2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and eax, 0x3f0 shr eax, 4 mov dword [ebp - 0x58], eax -loc_00003db2: -call fcn_000153e9 ; call 0x153e9 +loc_00003e20: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00003dd4 ; je 0x3dd4 +je short loc_00003e42 ; je 0x3e42 movzx eax, word [ebp - 0x28] push eax movzx eax, byte [ebp - 0x3c] push eax -push ref_00021235 ; push 0x21235 +push ref_000212c5 ; push 0x212c5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00003dd4: -call fcn_000153e9 ; call 0x153e9 +loc_00003e42: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00003df6 ; je 0x3df6 +je short loc_00003e64 ; je 0x3e64 movzx eax, word [ebp - 0x38] push eax movzx eax, byte [ebp - 0x40] push eax -push ref_0002125b ; push 0x2125b +push ref_000212eb ; push 0x212eb push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00003df6: -call fcn_000153e9 ; call 0x153e9 +loc_00003e64: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00003e18 ; je 0x3e18 +je short loc_00003e86 ; je 0x3e86 movzx eax, word [ebp - 0x58] push eax movzx eax, byte [ebp - 0x44] push eax -push ref_00021281 ; push 0x21281 +push ref_00021311 ; push 0x21311 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00003e18: +loc_00003e86: mov al, byte [ebp - 0x40] or al, byte [ebp - 0x3c] -jne short loc_00003e64 ; jne 0x3e64 +jne short loc_00003ed2 ; jne 0x3ed2 cmp word [ebp - 0x28], 8 -jne short loc_00003e64 ; jne 0x3e64 +jne short loc_00003ed2 ; jne 0x3ed2 cmp word [ebp - 0x38], 8 -jne short loc_00003e64 ; jne 0x3e64 +jne short loc_00003ed2 ; jne 0x3ed2 mov eax, edi and edi, 0x7c00 and eax, 0xfffffc1f @@ -6367,15 +6410,15 @@ and eax, 0xfffff03f shr ebx, 6 or ebx, eax -loc_00003e64: +loc_00003ed2: cmp word [ebp - 0x58], 4 -jne loc_00003efb ; jne 0x3efb +jne loc_00003f69 ; jne 0x3f69 cmp byte [ebp - 0x44], 0 -jne loc_00003efb ; jne 0x3efb +jne loc_00003f69 ; jne 0x3f69 cmp word [ebp - 0x28], 4 -jne short loc_00003ebc ; jne 0x3ebc +jne short loc_00003f2a ; jne 0x3f2a cmp byte [ebp - 0x3c], 0 -jne short loc_00003ebc ; jne 0x3ebc +jne short loc_00003f2a ; jne 0x3f2a mov eax, edi and edi, 0xf8000 and eax, 0xfffffc1f @@ -6392,11 +6435,11 @@ and eax, 0xfffff03f shr ebx, 0xc or ebx, eax -loc_00003ebc: +loc_00003f2a: cmp word [ebp - 0x38], 4 -jne short loc_00003efb ; jne 0x3efb +jne short loc_00003f69 ; jne 0x3f69 cmp byte [ebp - 0x40], 0 -jne short loc_00003efb ; jne 0x3efb +jne short loc_00003f69 ; jne 0x3f69 mov eax, edi and edi, 0xf8000 and ah, 0x83 @@ -6413,30 +6456,30 @@ and eax, 0xfffc0fff shr ebx, 6 or ebx, eax -loc_00003efb: -call fcn_000153e9 ; call 0x153e9 +loc_00003f69: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00003f19 ; je 0x3f19 +je short loc_00003f87 ; je 0x3f87 sub esp, 0xc push ebx push esi push edi -push ref_000212a7 ; push 0x212a7 +push ref_00021337 ; push 0x21337 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00003f19: +loc_00003f87: push eax push edi push 0xfe000000 push dword [ebp - 0x48] -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push esi push 0xfe000000 push dword [ebp - 0x5c] -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebp - 0x60] add esp, 0x10 mov dword [ebp + 0x10], ebx @@ -6447,9 +6490,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018aa4 ; jmp 0x18aa4 +jmp near fcn_00018b68 ; jmp 0x18b68 -fcn_00003f58: +fcn_00003fc6: push ebp mov ebp, esp push edi @@ -6460,7 +6503,7 @@ mov eax, dword [ebp + 0xc] mov esi, dword [ebp + 0x10] mov ebx, dword [ebp + 8] mov dword [ebp - 0x1c], eax -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 movzx ebx, bl mov edi, eax push eax @@ -6470,90 +6513,90 @@ push eax movzx eax, byte [ebp - 0x1c] push eax push ebx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0x1f push 0xfffffeff mov ebx, eax lea eax, [eax + 0x224] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, esi add esp, 0x10 test al, al -jne short loc_00003fb0 ; jne 0x3fb0 +jne short loc_0000401e ; jne 0x401e cmp byte [ebp - 0x1c], 1 -je short loc_00003fc2 ; je 0x3fc2 +je short loc_00004030 ; je 0x4030 -loc_00003fb0: +loc_0000401e: cmp edi, 0x40660 -je short loc_00004000 ; je 0x4000 +je short loc_0000406e ; je 0x406e cmp edi, 0x306c0 -jne short loc_00004014 ; jne 0x4014 -jmp short loc_00004000 ; jmp 0x4000 +jne short loc_00004082 ; jne 0x4082 +jmp short loc_0000406e ; jmp 0x406e -loc_00003fc2: +loc_00004030: push eax push 0 push 0xefffffff lea eax, [ebx + 0x490] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 lea eax, [ebx + 0xa18] add esp, 0x10 lea esi, [ebx + 0x918] mov dword [ebp - 0x1c], eax -loc_00003fe8: +loc_00004056: push eax push 0 push 0xfffffffffffffff3 push esi add esi, 0x20 -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, dword [ebp - 0x1c] -jne short loc_00003fe8 ; jne 0x3fe8 -jmp short loc_00003fb0 ; jmp 0x3fb0 +jne short loc_00004056 ; jne 0x4056 +jmp short loc_0000401e ; jmp 0x401e -loc_00004000: +loc_0000406e: push eax push 0x10 push 0xffffffffffffffef lea eax, [ebx + 0xd14] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_00004014: +loc_00004082: sub esp, 0xc lea esi, [ebx + 0x308] push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edx pop ecx push eax push esi lea esi, [ebx + 0x314] -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov dword [esp], esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edi pop edx push eax push esi lea esi, [ebx + 0x32c] add ebx, 0x330 -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov dword [esp], esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop ecx pop edi push eax push esi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov dword [esp], ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], eax @@ -6562,9 +6605,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_0000407d: +fcn_000040eb: push ebp mov ebp, esp push edi @@ -6582,60 +6625,60 @@ lea eax, [esi + 0x6c04] or ebx, 0x80000000 mov dword [ebp - 0x20], eax -loc_000040b2: +loc_00004120: push ecx push ecx push dword [ebp + 0x14] push dword [ebp - 0x20] -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx push ebx push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 mov edx, 0x64 -loc_000040d0: +loc_0000413e: sub esp, 0xc push edi mov dword [ebp - 0x24], edx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, eax -jns short loc_0000410c ; jns 0x410c +jns short loc_0000417a ; jns 0x417a mov edx, dword [ebp - 0x24] dec edx -jne short loc_000040d0 ; jne 0x40d0 -call fcn_000153e9 ; call 0x153e9 +jne short loc_0000413e ; jne 0x413e +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000410c ; je 0x410c +je short loc_0000417a ; je 0x417a push edx push edx push dword [ebp + 0x14] push dword [ebp + 0xc] push esi push 0x64 -push ref_000212d4 ; push 0x212d4 +push ref_00021364 ; push 0x21364 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_0000410c: +loc_0000417a: sub esp, 0xc push edi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov edx, eax cmp ax, 0x40 -je short loc_00004154 ; je 0x4154 +je short loc_000041c2 ; je 0x41c2 dec dword [ebp - 0x1c] -jne short loc_000040b2 ; jne 0x40b2 +jne short loc_00004120 ; jne 0x4120 mov dword [ebp - 0x1c], edx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 mov edx, dword [ebp - 0x1c] test al, al -je short loc_00004154 ; je 0x4154 +je short loc_000041c2 ; je 0x41c2 movzx edx, dx push eax push edx @@ -6643,12 +6686,12 @@ push dword [ebp + 0x14] push dword [ebp + 0xc] push esi push 0xa -push ref_00021321 ; push 0x21321 +push ref_000213b1 ; push 0x213b1 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00004154: +loc_000041c2: lea esp, [ebp - 0xc] pop ebx pop esi @@ -6656,7 +6699,7 @@ pop edi pop ebp ret -fcn_0000415c: +fcn_000041ca: push ebp mov ebp, esp push edi @@ -6673,14 +6716,14 @@ cmp al, 1 lea ecx, [edx - 0x13] sbb ebx, ebx cmp cx, 1 -jbe short loc_00004189 ; jbe 0x4189 +jbe short loc_000041f7 ; jbe 0x41f7 add ebx, 4 -jmp short loc_0000418c ; jmp 0x418c +jmp short loc_000041fa ; jmp 0x41fa -loc_00004189: +loc_000041f7: add ebx, 2 -loc_0000418c: +loc_000041fa: push ebx cmp al, 1 push 0 @@ -6689,29 +6732,29 @@ push 2 add esi, 8 push edi mov dword [ebp - 0x1c], edx -call fcn_0000407d ; call 0x407d +call fcn_000040eb ; call 0x40eb mov edx, dword [ebp - 0x1c] push dword [ebp + 0xc] movzx edx, dx push 0 push edx push edi -call fcn_0000407d ; call 0x407d +call fcn_000040eb ; call 0x40eb add esp, 0x20 push dword [ebp + 0x14] push 0 push esi push edi -call fcn_0000407d ; call 0x407d +call fcn_000040eb ; call 0x40eb lea eax, [edi + 0x6c04] mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e push ebx push 0 push 3 push edi mov dword [ebp - 0x1c], eax -call fcn_0000407d ; call 0x407d +call fcn_000040eb ; call 0x40eb mov eax, dword [ebp - 0x1c] lea esp, [ebp - 0xc] pop ebx @@ -6720,7 +6763,7 @@ pop edi pop ebp ret -fcn_000041e9: +fcn_00004257: push ebp mov ebp, esp push edi @@ -6731,7 +6774,7 @@ sub esp, 0x1c mov eax, dword [ebp + 0x18] mov ebx, dword [ebp + 0x10] mov dword [ebp - 0x28], eax -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 cmp dword [ebp + 0x14], 1 mov dword [ebp - 0x20], eax mov eax, 4 @@ -6743,9 +6786,9 @@ mov dword [ebp - 0x1c], eax lea eax, [ebx + 0xa00] mov dword [ebp - 0x24], eax -loc_00004226: +loc_00004294: test ebx, ebx -je short loc_0000423a ; je 0x423a +je short loc_000042a8 ; je 0x42a8 push eax mov eax, esi shl eax, 4 @@ -6753,14 +6796,14 @@ add eax, dword [ebp - 0x24] push 0xc push 0xffffffffffffffe0 push eax -jmp short loc_0000425a ; jmp 0x425a +jmp short loc_000042c8 ; jmp 0x42c8 -loc_0000423a: +loc_000042a8: push eax push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc lea edx, [esi + 0xa0] push 0xc @@ -6769,26 +6812,26 @@ push 0xffffffffffffffe0 add edx, eax push edx -loc_0000425a: +loc_000042c8: inc esi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, edi -jb short loc_00004226 ; jb 0x4226 +jb short loc_00004294 ; jb 0x4294 test ebx, ebx -jne loc_000042f7 ; jne 0x42f7 +jne loc_00004365 ; jne 0x4365 cmp byte [ebp - 0x28], 1 mov edi, 2 mov eax, 0xc cmove edi, eax xor esi, esi -loc_00004282: +loc_000042f0: push eax push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc mov edx, esi push edi @@ -6797,10 +6840,10 @@ shl edx, 5 push 0xffffffffffffffe0 lea eax, [eax + edx + 0x904] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, dword [ebp - 0x1c] -jb short loc_00004282 ; jb 0x4282 +jb short loc_000042f0 ; jb 0x42f0 cmp byte [ebp - 0x28], 1 mov edi, 3 mov eax, 0xe @@ -6808,12 +6851,12 @@ cmove edi, eax xor esi, esi shl edi, 5 -loc_000042c6: +loc_00004334: push eax push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc mov edx, esi push edi @@ -6822,32 +6865,32 @@ shl edx, 5 push 0xfffffc1f lea eax, [eax + edx + 0x904] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, dword [ebp - 0x1c] -jb short loc_000042c6 ; jb 0x42c6 +jb short loc_00004334 ; jb 0x4334 -loc_000042f7: +loc_00004365: xor esi, esi lea edi, [ebx + 0x90c] -loc_000042ff: +loc_0000436d: test ebx, ebx -je short loc_00004317 ; je 0x4317 +je short loc_00004385 ; je 0x4385 mov eax, esi push ecx push 0x120 shl eax, 5 push 0xfffff81f add eax, edi -jmp short loc_0000433d ; jmp 0x433d +jmp short loc_000043ab ; jmp 0x43ab -loc_00004317: +loc_00004385: push edx push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc mov edx, esi push 0x120 @@ -6855,23 +6898,23 @@ shl edx, 5 push 0xfffff81f lea eax, [eax + edx + 0x90c] -loc_0000433d: +loc_000043ab: push eax inc esi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, dword [ebp - 0x1c] -jb short loc_000042ff ; jb 0x42ff +jb short loc_0000436d ; jb 0x436d test ebx, ebx -jne loc_000043d6 ; jne 0x43d6 +jne loc_00004444 ; jne 0x4444 xor esi, esi -loc_00004356: +loc_000043c4: push eax push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc mov edx, esi push 0xa00000 @@ -6880,27 +6923,27 @@ shl edx, 5 push 0xfe1fffff lea eax, [eax + edx + 0x90c] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, dword [ebp - 0x1c] -jb short loc_00004356 ; jb 0x4356 +jb short loc_000043c4 ; jb 0x43c4 xor esi, esi -loc_0000438d: +loc_000043fb: mov eax, dword [ebp + 8] mov edi, 0x200 cmp byte [eax], 2 -jbe short loc_000043a5 ; jbe 0x43a5 +jbe short loc_00004413 ; jbe 0x4413 mov eax, dword [eax + 0xd] movzx edi, byte [eax + esi + 0x54] shl edi, 6 -loc_000043a5: +loc_00004413: push eax push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc mov edx, esi push edi @@ -6909,22 +6952,22 @@ shl edx, 5 push 0xfffffc3f lea eax, [eax + edx + 0x910] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, dword [ebp - 0x1c] -jb short loc_0000438d ; jb 0x438d +jb short loc_000043fb ; jb 0x43fb -loc_000043d6: +loc_00004444: xor esi, esi lea edi, [ebx + 0x910] -jmp short loc_00004412 ; jmp 0x4412 +jmp short loc_00004480 ; jmp 0x4480 -loc_000043e0: +loc_0000444e: push eax push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc mov edx, esi push 0 @@ -6932,26 +6975,26 @@ shl edx, 5 push 0xffffc3ff lea eax, [eax + edx + 0x910] -loc_00004403: +loc_00004471: push eax inc esi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, dword [ebp - 0x1c] -jae short loc_00004427 ; jae 0x4427 +jae short loc_00004495 ; jae 0x4495 -loc_00004412: +loc_00004480: test ebx, ebx -je short loc_000043e0 ; je 0x43e0 +je short loc_0000444e ; je 0x444e push eax mov eax, esi push 0 shl eax, 5 push 0xffffc3ff add eax, edi -jmp short loc_00004403 ; jmp 0x4403 +jmp short loc_00004471 ; jmp 0x4471 -loc_00004427: +loc_00004495: mov eax, dword [ebp - 0x20] cmp eax, 0x40660 sete dl @@ -6959,27 +7002,27 @@ cmp eax, 0x306c0 sete al or dl, al mov byte [ebp - 0x24], dl -je short loc_00004495 ; je 0x4495 +je short loc_00004503 ; je 0x4503 xor esi, esi lea edi, [ebx + 0x80c] -loc_00004449: +loc_000044b7: test ebx, ebx -je short loc_0000445e ; je 0x445e +je short loc_000044cc ; je 0x44cc push eax mov eax, esi push 0 shl eax, 5 push 0xffe3ffff add eax, edi -jmp short loc_00004481 ; jmp 0x4481 +jmp short loc_000044ef ; jmp 0x44ef -loc_0000445e: +loc_000044cc: push eax push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc mov edx, esi push 0 @@ -6987,33 +7030,33 @@ shl edx, 5 push 0xffe3ffff lea eax, [eax + edx + 0x80c] -loc_00004481: +loc_000044ef: push eax inc esi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, dword [ebp - 0x1c] -jb short loc_00004449 ; jb 0x4449 -jmp near loc_00004571 ; jmp 0x4571 +jb short loc_000044b7 ; jb 0x44b7 +jmp near loc_000045df ; jmp 0x45df -loc_00004495: +loc_00004503: cmp dword [ebp - 0x20], 0x40670 -jne loc_0000457e ; jne 0x457e +jne loc_000045ec ; jne 0x45ec push ecx push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -je short loc_000044f7 ; je 0x44f7 +je short loc_00004565 ; je 0x4565 -loc_000044c0: +loc_0000452e: test ebx, ebx -je loc_000045af ; je 0x45af +je loc_0000461d ; je 0x461d cmp byte [ebp - 0x28], 1 mov edx, 0x1c000000 mov eax, 0x6000000 @@ -7023,211 +7066,211 @@ push eax push 0xc1ffffff lea eax, [ebx + 0xc00] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp byte [ebp - 0x24], 0 -je short loc_000044ff ; je 0x44ff -jmp short loc_0000451d ; jmp 0x451d +je short loc_0000456d ; je 0x456d +jmp short loc_0000458b ; jmp 0x458b -loc_000044f7: +loc_00004565: test ebx, ebx -je loc_00004852 ; je 0x4852 +je loc_000048c0 ; je 0x48c0 -loc_000044ff: +loc_0000456d: push eax push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -je short loc_0000453a ; je 0x453a +je short loc_000045a8 ; je 0x45a8 -loc_0000451d: +loc_0000458b: push eax push 0x40 push 0xfffffc0f lea eax, [ebx + 0xc08] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp byte [ebp - 0x24], 0 -jne short loc_00004558 ; jne 0x4558 +jne short loc_000045c6 ; jne 0x45c6 -loc_0000453a: +loc_000045a8: push edi push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -je short loc_00004586 ; je 0x4586 +je short loc_000045f4 ; je 0x45f4 -loc_00004558: +loc_000045c6: push esi push 0 push 0xe07fffff lea eax, [ebx + 0xc0c] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 -loc_0000456c: +loc_000045da: add esp, 0x10 -jmp short loc_000045af ; jmp 0x45af +jmp short loc_0000461d ; jmp 0x461d -loc_00004571: +loc_000045df: cmp dword [ebp - 0x20], 0x40670 -je loc_000044c0 ; je 0x44c0 +je loc_0000452e ; je 0x452e -loc_0000457e: +loc_000045ec: test ebx, ebx -je loc_00004852 ; je 0x4852 +je loc_000048c0 ; je 0x48c0 -loc_00004586: +loc_000045f4: push 0 push 0x15 push 0xc0c8001 push dword [ebp + 0xc] -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca and eax, 0xe07fffff push eax push 0x16 push 0xc0c8001 push dword [ebp + 0xc] -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca add esp, 0x20 -loc_000045af: +loc_0000461d: cmp byte [ebp - 0x24], 0 -je short loc_000045f6 ; je 0x45f6 +je short loc_00004664 ; je 0x4664 test ebx, ebx -je short loc_000045d2 ; je 0x45d2 +je short loc_00004640 ; je 0x4640 push ecx push 0x13 push 0xffffffffffffffe0 lea eax, [ebx + 0xc28] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -jmp near loc_000046d0 ; jmp 0x46d0 +jmp near loc_0000473e ; jmp 0x473e -loc_000045d2: +loc_00004640: push edx push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0x13 push 0xffffffffffffffe0 add eax, 0xc28 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -jmp short loc_000045fe ; jmp 0x45fe +jmp short loc_0000466c ; jmp 0x466c -loc_000045f6: +loc_00004664: test ebx, ebx -jne loc_000046d0 ; jne 0x46d0 +jne loc_0000473e ; jne 0x473e -loc_000045fe: +loc_0000466c: push eax push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0xffbf add eax, 0xc38 push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0xc push 1 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0xffbf add eax, 0xc38 push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0xc push 2 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0xffbf add eax, 0xc38 push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0xc push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 2 push 0xfffc add eax, 0x260 push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0xc push 1 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 2 push 0xfffc add eax, 0x260 push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0xc push 2 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 2 push 0xfffc add eax, 0x260 push eax -call fcn_000188bd ; call 0x188bd -jmp short loc_000046f4 ; jmp 0x46f4 +call fcn_00018981 ; call 0x18981 +jmp short loc_00004762 ; jmp 0x4762 -loc_000046d0: +loc_0000473e: push eax push 0 push 0xffffffffffffffbf lea eax, [ebx + 0xc38] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 2 push 0xfffffffffffffffc lea eax, [ebx + 0x260] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 -loc_000046f4: +loc_00004762: add esp, 0x10 xor esi, esi lea edi, [ebx + 0x900] -loc_000046ff: +loc_0000476d: test ebx, ebx -je short loc_00004715 ; je 0x4715 +je short loc_00004783 ; je 0x4783 push eax mov eax, esi push 0 @@ -7235,14 +7278,14 @@ shl eax, 5 push 0xf3ffffff add eax, edi push eax -jmp short loc_00004735 ; jmp 0x4735 +jmp short loc_000047a3 ; jmp 0x47a3 -loc_00004715: +loc_00004783: push eax push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc lea edx, [esi + 0x48] push 0 @@ -7251,32 +7294,32 @@ push 0xf3ffffff add edx, eax push edx -loc_00004735: -call fcn_00018aa4 ; call 0x18aa4 +loc_000047a3: +call fcn_00018b68 ; call 0x18b68 inc esi add esp, 0x10 cmp esi, dword [ebp - 0x1c] -jb short loc_000046ff ; jb 0x46ff +jb short loc_0000476d ; jb 0x476d xor esi, esi lea edi, [ebx + 0x904] -loc_0000474b: +loc_000047b9: test ebx, ebx -je short loc_00004763 ; je 0x4763 +je short loc_000047d1 ; je 0x47d1 push eax mov eax, esi push 0xc00 shl eax, 5 push 0xfffff3ff add eax, edi -jmp short loc_00004789 ; jmp 0x4789 +jmp short loc_000047f7 ; jmp 0x47f7 -loc_00004763: +loc_000047d1: push eax push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc mov edx, esi push 0xc00 @@ -7284,22 +7327,22 @@ shl edx, 5 push 0xfffff3ff lea eax, [eax + edx + 0x904] -loc_00004789: +loc_000047f7: push eax inc esi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, dword [ebp - 0x1c] -jb short loc_0000474b ; jb 0x474b +jb short loc_000047b9 ; jb 0x47b9 test ebx, ebx -jne loc_00004894 ; jne 0x4894 +jne loc_00004902 ; jne 0x4902 -loc_000047a0: +loc_0000480e: push esi push 0 push dword [ebp + 0x14] push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc mov edx, ebx push 0xe000000 @@ -7308,36 +7351,36 @@ shl edx, 5 push 0xc1ffffff lea eax, [eax + edx + 0x90c] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp ebx, dword [ebp - 0x1c] -jb short loc_000047a0 ; jb 0x47a0 +jb short loc_0000480e ; jb 0x480e cmp dword [ebp - 0x20], 0x40670 -jne short loc_00004802 ; jne 0x4802 +jne short loc_00004870 ; jne 0x4870 cmp byte [ebp - 0x24], 0 -jne short loc_00004809 ; jne 0x4809 +jne short loc_00004877 ; jne 0x4877 push ecx push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -jne short loc_00004809 ; jne 0x4809 +jne short loc_00004877 ; jne 0x4877 -loc_00004802: +loc_00004870: xor esi, esi or ebx, 0xffffffff -jmp short loc_00004813 ; jmp 0x4813 +jmp short loc_00004881 ; jmp 0x4881 -loc_00004809: +loc_00004877: mov esi, 0x124 mov ebx, 0xfffffedb -loc_00004813: +loc_00004881: push edx and ebx, 0xc7ffffff push 0 @@ -7346,29 +7389,29 @@ push 1 xor edi, edi push 0 mov dword [ebp - 0x20], ebx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 lea ebx, [eax + 0x91c] -loc_00004839: +loc_000048a7: push eax inc edi push esi push dword [ebp - 0x20] push ebx add ebx, 0x20 -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp edi, dword [ebp - 0x1c] -jb short loc_00004839 ; jb 0x4839 -jmp short loc_00004894 ; jmp 0x4894 +jb short loc_000048a7 ; jb 0x48a7 +jmp short loc_00004902 ; jmp 0x4902 -loc_00004852: +loc_000048c0: push 0 push 0x15 push 0xc008001 push dword [ebp + 0xc] -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca add esp, 0x10 and eax, 0xc1ffffff mov edx, eax @@ -7380,10 +7423,10 @@ push edx push 0x16 push 0xc008001 push dword [ebp + 0xc] -call fcn_0000415c ; call 0x415c -jmp near loc_0000456c ; jmp 0x456c +call fcn_000041ca ; call 0x41ca +jmp near loc_000045da ; jmp 0x45da -loc_00004894: +loc_00004902: lea esp, [ebp - 0xc] pop ebx pop esi @@ -7391,7 +7434,7 @@ pop edi pop ebp ret -fcn_0000489c: +fcn_0000490a: push ebp mov ebp, esp push esi @@ -7400,56 +7443,56 @@ sub esp, 0x10 mov eax, dword [ebp + 0x10] mov ebx, dword [ebp + 0xc] mov dword [ebp - 0xc], eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000048c7 ; je 0x48c7 +je short loc_00004935 ; je 0x4935 push edx push edx -push ref_0002138a ; push 0x2138a +push ref_0002141a ; push 0x2141a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000048c7: +loc_00004935: test bl, bl -jne short loc_000048db ; jne 0x48db +jne short loc_00004949 ; jne 0x4949 cmp byte [ebp - 0xc], 3 sete al lea esi, [eax*4 + 4] -jmp short loc_000048fd ; jmp 0x48fd +jmp short loc_0000496b ; jmp 0x496b -loc_000048db: +loc_00004949: cmp bl, 1 -jne short loc_000048f6 ; jne 0x48f6 +jne short loc_00004964 ; jne 0x4964 cmp byte [ebp - 0xc], 2 mov esi, 4 -je short loc_000048fd ; je 0x48fd +je short loc_0000496b ; je 0x496b -loc_000048eb: +loc_00004959: cmp byte [ebp - 0xc], 1 sbb esi, esi and esi, 2 -jmp short loc_000048fd ; jmp 0x48fd +jmp short loc_0000496b ; jmp 0x496b -loc_000048f6: +loc_00004964: cmp bl, 2 -je short loc_000048eb ; je 0x48eb +je short loc_00004959 ; je 0x4959 xor esi, esi -loc_000048fd: -call fcn_000153e9 ; call 0x153e9 +loc_0000496b: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000491c ; je 0x491c +je short loc_0000498a ; je 0x498a push eax mov eax, esi movzx eax, al push eax -push ref_000213a6 ; push 0x213a6 +push ref_00021436 ; push 0x21436 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000491c: +loc_0000498a: lea esp, [ebp - 8] mov eax, esi pop ebx @@ -7457,7 +7500,7 @@ pop esi pop ebp ret -fcn_00004925: +fcn_00004993: push ebp mov ebp, esp push edi @@ -7473,115 +7516,115 @@ mov dword [ebp - 0x1c], eax mov eax, dword [ebp + 0x10] mov edi, ebx mov dword [ebp - 0x20], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00004969 ; je 0x4969 +je short loc_000049d7 ; je 0x49d7 push eax push eax -push ref_000213be ; push 0x213be +push ref_0002144e ; push 0x2144e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00004969: +loc_000049d7: test bl, bl -jne short loc_00004994 ; jne 0x4994 -call fcn_000153e9 ; call 0x153e9 +jne short loc_00004a02 ; jne 0x4a02 +call fcn_00015479 ; call 0x15479 test al, al -je loc_00004a92 ; je 0x4a92 -mov dword [ebp + 0xc], ref_000213e2 ; mov dword [ebp + 0xc], 0x213e2 +je loc_00004b00 ; je 0x4b00 +mov dword [ebp + 0xc], ref_00021472 ; mov dword [ebp + 0xc], 0x21472 mov dword [ebp + 8], 0x40 lea esp, [ebp - 0xc] pop ebx pop esi pop edi pop ebp -jmp near fcn_000153f7 ; jmp 0x153f7 +jmp near fcn_00015487 ; jmp 0x15487 -loc_00004994: +loc_00004a02: sub esp, 0xc lea eax, [esi + 0xd0c] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 xor ecx, ecx test eax, 0x100000 -je short loc_000049d1 ; je 0x49d1 -call fcn_000153e9 ; call 0x153e9 +je short loc_00004a3f ; je 0x4a3f +call fcn_00015479 ; call 0x15479 mov cl, 1 test al, al -je short loc_000049d1 ; je 0x49d1 +je short loc_00004a3f ; je 0x4a3f push eax push eax -push ref_00021403 ; push 0x21403 +push ref_00021493 ; push 0x21493 push 0x40 mov dword [ebp - 0x24], ecx -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 mov ecx, dword [ebp - 0x24] add esp, 0x10 -loc_000049d1: +loc_00004a3f: cmp byte [ebp - 0x1c], 0 -jne short loc_000049f4 ; jne 0x49f4 +jne short loc_00004a62 ; jne 0x4a62 cmp byte [ebp - 0x20], 3 -jne short loc_000049e7 ; jne 0x49e7 +jne short loc_00004a55 ; jne 0x4a55 xor edx, edx -loc_000049df: +loc_00004a4d: test cl, cl -jne short loc_00004a2a ; jne 0x4a2a +jne short loc_00004a98 ; jne 0x4a98 -loc_000049e3: +loc_00004a51: mov dl, 8 -jmp short loc_00004a18 ; jmp 0x4a18 +jmp short loc_00004a86 ; jmp 0x4a86 -loc_000049e7: +loc_00004a55: mov dl, 4 mov al, dl sub eax, ebx test cl, cl cmove edx, eax -jmp short loc_00004a2a ; jmp 0x4a2a +jmp short loc_00004a98 ; jmp 0x4a98 -loc_000049f4: +loc_00004a62: cmp byte [ebp - 0x1c], 1 -jne short loc_00004a1c ; jne 0x4a1c +jne short loc_00004a8a ; jne 0x4a8a cmp byte [ebp - 0x20], 2 -jne short loc_00004a08 ; jne 0x4a08 +jne short loc_00004a76 ; jne 0x4a76 xor edx, edx test cl, cl -jne short loc_00004a2a ; jne 0x4a2a -jmp short loc_000049e3 ; jmp 0x49e3 +jne short loc_00004a98 ; jne 0x4a98 +jmp short loc_00004a51 ; jmp 0x4a51 -loc_00004a08: +loc_00004a76: xor edx, edx cmp byte [ebp - 0x20], 0 -jne short loc_00004a2a ; jne 0x4a2a +jne short loc_00004a98 ; jne 0x4a98 mov dl, 2 test cl, cl -jne short loc_00004a2a ; jne 0x4a2a +jne short loc_00004a98 ; jne 0x4a98 mov dl, 6 -loc_00004a18: +loc_00004a86: sub edx, ebx -jmp short loc_00004a2a ; jmp 0x4a2a +jmp short loc_00004a98 ; jmp 0x4a98 -loc_00004a1c: +loc_00004a8a: xor edx, edx cmp byte [ebp - 0x1c], 2 -jne short loc_00004a2a ; jne 0x4a2a +jne short loc_00004a98 ; jne 0x4a98 cmp byte [ebp - 0x20], 0 -je short loc_000049df ; je 0x49df +je short loc_00004a4d ; je 0x4a4d -loc_00004a2a: +loc_00004a98: mov dword [ebp - 0x20], edx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 mov edx, dword [ebp - 0x20] test al, al -je short loc_00004a60 ; je 0x4a60 +je short loc_00004ace ; je 0x4ace movzx eax, dl movzx ebx, bl push ecx @@ -7592,22 +7635,22 @@ push eax movzx eax, byte [ebp - 0x1c] push eax push 0 -push ref_0002141c ; push 0x2141c +push ref_000214ac ; push 0x214ac push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 mov edx, dword [ebp - 0x20] add esp, 0x20 -loc_00004a60: +loc_00004ace: xor ebx, ebx add esi, 0x91c -loc_00004a68: +loc_00004ad6: lea eax, [edx + ebx] mov ecx, edi inc ebx cmp cl, bl -jb short loc_00004a92 ; jb 0x4a92 +jb short loc_00004b00 ; jb 0x4b00 mov dword [ebp - 0x1c], edx movzx eax, al push edx @@ -7616,12 +7659,12 @@ shl eax, 5 push 0x80000000 add eax, esi push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 mov edx, dword [ebp - 0x1c] -jmp short loc_00004a68 ; jmp 0x4a68 +jmp short loc_00004ad6 ; jmp 0x4ad6 -loc_00004a92: +loc_00004b00: lea esp, [ebp - 0xc] pop ebx pop esi @@ -7629,13 +7672,13 @@ pop edi pop ebp ret -fcn_00004a9a: +fcn_00004b08: push ebp mov ecx, 0x15 mov ebp, esp push edi push esi -mov esi, ref_00020320 ; mov esi, 0x20320 +mov esi, ref_000203b0 ; mov esi, 0x203b0 push ebx add esp, 0xffffff80 lea edi, [ebp - 0x2d] @@ -7643,207 +7686,207 @@ rep movsb ; rep movsb byte es:[edi], byte ptr [esi] push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 1 push 0 mov edi, eax mov dword [ebp - 0x78], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 1 push 1 push 0 mov ebx, eax mov dword [ebp - 0x40], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 2 push 1 push 0 mov dword [ebp - 0x50], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0 push 1 mov dword [ebp - 0x54], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [ebp - 0x64], eax lea eax, [edi + 0x48] mov dword [esp], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 mov esi, eax lea eax, [edi + 0x68] mov dword [esp], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 mov eax, dword [ebp + 0xc] mov byte [ebp - 0x38], 0 mov eax, dword [eax + 0xd] mov cl, byte [eax + 0x40] mov dword [esp], ebx mov byte [ebp - 0x4a], cl -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne short loc_00004b5f ; jne 0x4b5f -call fcn_000153e9 ; call 0x153e9 +jne short loc_00004bcd ; jne 0x4bcd +call fcn_00015479 ; call 0x15479 test al, al -je loc_00005cda ; je 0x5cda +je loc_00005d48 ; je 0x5d48 push eax push eax -push ref_00021437 ; push 0x21437 +push ref_000214c7 ; push 0x214c7 push 0x40 -call fcn_000153f7 ; call 0x153f7 -jmp near loc_00005c93 ; jmp 0x5c93 +call fcn_00015487 ; call 0x15487 +jmp near loc_00005d01 ; jmp 0x5d01 -loc_00004b5f: +loc_00004bcd: push eax push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x504 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e shr eax, 0x10 and eax, 3 mov byte [ebp - 0x48], al -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00004ba2 ; je 0x4ba2 +je short loc_00004c10 ; je 0x4c10 push eax movzx eax, byte [ebp - 0x48] push eax -push ref_00021454 ; push 0x21454 +push ref_000214e4 ; push 0x214e4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00004ba2: +loc_00004c10: lea eax, [ebp - 0x34] push eax push 0 push 0 -push ref_0002901c ; push 0x2901c -call fcn_00019699 ; call 0x19699 +push ref_000290cc ; push 0x290cc +call fcn_0001975d ; call 0x1975d mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00004bfb ; je 0x4bfb +je short loc_00004c69 ; je 0x4c69 test ebx, ebx -jns short loc_00004bfb ; jns 0x4bfb -call fcn_000153e9 ; call 0x153e9 +jns short loc_00004c69 ; jns 0x4c69 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00004be3 ; je 0x4be3 +je short loc_00004c51 ; je 0x4c51 push edi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00004be3: +loc_00004c51: push ebx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x67c -push ref_00020e7c ; push 0x20e7c -call fcn_000153fc ; call 0x153fc +push ref_00020f0c ; push 0x20f0c +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00004bfb: +loc_00004c69: mov al, byte [ebp - 0x48] test al, al -je short loc_00004c0c ; je 0x4c0c +je short loc_00004c7a ; je 0x4c7a cmp al, 2 -jne short loc_00004c14 ; jne 0x4c14 +jne short loc_00004c82 ; jne 0x4c82 mov byte [ebp - 0x28], 8 -jmp short loc_00004c14 ; jmp 0x4c14 +jmp short loc_00004c82 ; jmp 0x4c82 -loc_00004c0c: +loc_00004c7a: mov byte [ebp - 0x28], 8 mov byte [ebp - 0x21], 4 -loc_00004c14: -call fcn_0001c58d ; call 0x1c58d +loc_00004c82: +call fcn_0001c651 ; call 0x1c651 mov ebx, 1 mov dword [ebp - 0x58], eax -call fcn_0001c5b4 ; call 0x1c5b4 +call fcn_0001c678 ; call 0x1c678 push ecx push 0 push 0 push 0 mov dword [ebp - 0x44], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xe8 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, 0x100000 -je short loc_00004c68 ; je 0x4c68 -call fcn_000153e9 ; call 0x153e9 +je short loc_00004cd6 ; je 0x4cd6 +call fcn_00015479 ; call 0x15479 xor ebx, ebx test al, al -je short loc_00004c68 ; je 0x4c68 +je short loc_00004cd6 ; je 0x4cd6 push edx push edx -push ref_0002146b ; push 0x2146b +push ref_000214fb ; push 0x214fb push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00004c68: +loc_00004cd6: mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] cmp byte [eax + 0x3b], 2 -jne short loc_00004c78 ; jne 0x4c78 +jne short loc_00004ce6 ; jne 0x4ce6 mov byte [eax + 0x3b], 1 -loc_00004c78: +loc_00004ce6: mov eax, dword [ebp + 0xc] cmp byte [eax], 1 -ja short loc_00004c8c ; ja 0x4c8c +ja short loc_00004cfa ; ja 0x4cfa -loc_00004c80: +loc_00004cee: mov dword [ebp - 0x3c], 0 -jmp near loc_00004d55 ; jmp 0x4d55 +jmp near loc_00004dc3 ; jmp 0x4dc3 -loc_00004c8c: +loc_00004cfa: sub esp, 0xc -push ref_000294ac ; push 0x294ac -call fcn_00019039 ; call 0x19039 +push ref_0002955c ; push 0x2955c +call fcn_000190fd ; call 0x190fd add esp, 0x10 mov dword [ebp - 0x3c], eax test eax, eax -je short loc_00004c80 ; je 0x4c80 +je short loc_00004cee ; je 0x4cee mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] cmp dword [eax + 0x44], 0 -jne short loc_00004cc3 ; jne 0x4cc3 +jne short loc_00004d31 ; jne 0x4d31 -loc_00004caf: +loc_00004d1d: mov eax, dword [ebp + 0xc] mov ecx, dword [ebp - 0x3c] mov eax, dword [eax + 0xd] mov al, byte [eax + 0x3b] mov byte [ecx + 0x45], al -jmp near loc_00004d55 ; jmp 0x4d55 +jmp near loc_00004dc3 ; jmp 0x4dc3 -loc_00004cc3: -call fcn_000153e9 ; call 0x153e9 +loc_00004d31: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00004cde ; je 0x4cde +je short loc_00004d4c ; je 0x4d4c push eax push 0x21 -push ref_0002147f ; push 0x2147f +push ref_0002150f ; push 0x2150f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00004cde: +loc_00004d4c: push eax mov eax, dword [ebp + 0xc] push 0x21 @@ -7853,49 +7896,49 @@ push dword [eax + 0x44] mov eax, edi add eax, 0x29 push eax -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e mov eax, dword [ebp + 0xc] add esp, 0x10 mov byte [edi + 0x28], 1 mov eax, dword [eax + 0xd] mov al, byte [eax + 0x3b] cmp byte [edi + 0x45], al -je short loc_00004caf ; je 0x4caf +je short loc_00004d1d ; je 0x4d1d dec al -je short loc_00004caf ; je 0x4caf -call fcn_000153e9 ; call 0x153e9 +je short loc_00004d1d ; je 0x4d1d +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00004d2b ; je 0x4d2b +je short loc_00004d99 ; je 0x4d99 push eax push eax -push ref_000214b1 ; push 0x214b1 +push ref_00021541 ; push 0x21541 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00004d2b: +loc_00004d99: xor eax, eax -loc_00004d2d: +loc_00004d9b: mov ecx, dword [ebp - 0x3c] xor edx, edx mov dword [ecx + eax + 0x29], 0 -loc_00004d3a: +loc_00004da8: mov ecx, dword [ebp - 0x3c] mov byte [ecx + edx + 0x35], 0 inc edx cmp edx, 0x10 -jne short loc_00004d3a ; jne 0x4d3a +jne short loc_00004da8 ; jne 0x4da8 add eax, 4 cmp eax, 0xc -jne short loc_00004d2d ; jne 0x4d2d -jmp near loc_00004caf ; jmp 0x4caf +jne short loc_00004d9b ; jne 0x4d9b +jmp near loc_00004d1d ; jmp 0x4d1d -loc_00004d55: +loc_00004dc3: lea edi, [ebp - 0x2d] -loc_00004d58: +loc_00004dc6: push dword [ebp + 0xc] add edi, 7 movzx eax, byte [edi - 5] @@ -7904,22 +7947,22 @@ movzx eax, byte [edi - 6] push eax movzx eax, byte [edi - 7] push eax -call fcn_00003f58 ; call 0x3f58 +call fcn_00003fc6 ; call 0x3fc6 lea eax, [ebp - 0x18] add esp, 0x10 cmp edi, eax -jne short loc_00004d58 ; jne 0x4d58 -call fcn_000153e9 ; call 0x153e9 +jne short loc_00004dc6 ; jne 0x4dc6 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00004d96 ; je 0x4d96 +je short loc_00004e04 ; je 0x4e04 push eax push eax -push ref_000214ea ; push 0x214ea +push ref_0002157a ; push 0x2157a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00004d96: +loc_00004e04: movzx eax, byte [ebp - 0x4a] sub esp, 0xc and esi, 0xfffffffe @@ -7928,64 +7971,64 @@ push 1 push 0 push esi push dword [ebp + 0xc] -call fcn_000041e9 ; call 0x41e9 +call fcn_00004257 ; call 0x4257 add esp, 0x20 cmp bl, 1 -jne short loc_00004df2 ; jne 0x4df2 +jne short loc_00004e60 ; jne 0x4e60 mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] cmp byte [eax + 8], 0 -je short loc_00004df2 ; je 0x4df2 -call fcn_000153e9 ; call 0x153e9 +je short loc_00004e60 ; je 0x4e60 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00004ddc ; je 0x4ddc +je short loc_00004e4a ; je 0x4e4a push eax push eax -push ref_000214f9 ; push 0x214f9 +push ref_00021589 ; push 0x21589 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00004ddc: +loc_00004e4a: push eax movzx eax, byte [ebp - 0x48] push eax movzx eax, byte [ebp - 0x44] push eax push dword [ebp + 0xc] -call fcn_00003152 ; call 0x3152 +call fcn_000031c0 ; call 0x31c0 add esp, 0x10 -loc_00004df2: +loc_00004e60: mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] cmp byte [eax + 0x39], 2 -jne short loc_00004e02 ; jne 0x4e02 +jne short loc_00004e70 ; jne 0x4e70 mov byte [eax + 0x39], 0 -loc_00004e02: +loc_00004e70: mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] cmp byte [eax + 0x39], 1 -jne loc_00004e9c ; jne 0x4e9c +jne loc_00004f0a ; jne 0x4f0a mov eax, dword [ebp - 0x40] sub esp, 0xc lea edx, [eax + 0xd0] push edx mov dword [ebp - 0x60], edx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov word [ebp - 0x4a], ax mov eax, dword [ebp - 0x50] and word [ebp - 0x4a], 0xf lea edi, [eax + 0xd0] mov dword [esp], edi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov word [ebp - 0x4c], ax mov eax, dword [ebp - 0x54] and word [ebp - 0x4c], 0xf lea esi, [eax + 0xd0] mov dword [esp], esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov edx, dword [ebp - 0x60] add esp, 0xc push 1 @@ -7993,31 +8036,31 @@ push 0xfff0 push edx mov word [ebp - 0x5a], ax and word [ebp - 0x5a], 0xf -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0xc push 1 push 0xfff0 push edi -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0xc push 1 push 0xfff0 push esi -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 -jmp short loc_00004eae ; jmp 0x4eae +jmp short loc_00004f1c ; jmp 0x4f1c -loc_00004e9c: +loc_00004f0a: mov word [ebp - 0x5a], 0 mov word [ebp - 0x4c], 0 mov word [ebp - 0x4a], 0 -loc_00004eae: +loc_00004f1c: movzx eax, byte [ebp - 0x44] xor esi, esi mov dword [ebp - 0x6c], eax -loc_00004eb7: +loc_00004f25: push edi push ebx push dword [ebp - 0x6c] @@ -8028,15 +8071,15 @@ push eax push dword [ebp + 0xc] push dword [ebp - 0x34] push dword [ebp + 8] -call fcn_00003965 ; call 0x3965 +call fcn_000039d3 ; call 0x39d3 add esp, 0x20 cmp esi, 3 -jne short loc_00004eb7 ; jne 0x4eb7 +jne short loc_00004f25 ; jne 0x4f25 mov eax, dword [ebp + 0xc] cmp byte [eax], 2 -ja loc_00004f95 ; ja 0x4f95 +ja loc_00005003 ; ja 0x5003 -loc_00004ee4: +loc_00004f52: mov esi, dword [ebp - 0x40] sub esp, 0xc mov eax, esi @@ -8044,27 +8087,27 @@ add eax, 0xdd8 push eax mov edi, eax mov dword [ebp - 0x60], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop ecx pop ebx or eax, 0x8002 push eax push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop edi pop eax mov eax, esi add eax, 0xc24 push 0xfffeffff push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e pop eax mov eax, dword [ebp - 0x50] pop edx add eax, 0xc24 push 0xfffeffff push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e mov eax, dword [ebp - 0x54] pop ecx pop ebx @@ -8072,7 +8115,7 @@ lea ebx, [ebp - 0x2d] add eax, 0xc24 push 0xfffeffff push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e movzx eax, byte [ebp - 0x48] mov esi, dword [ebp - 0x3c] mov dword [esp], eax @@ -8082,7 +8125,7 @@ push dword [ebp + 0xc] push dword [ebp - 0x34] push dword [ebp + 8] mov dword [ebp - 0x68], eax -call fcn_000025c6 ; call 0x25c6 +call fcn_00002634 ; call 0x2634 add esp, 0x1c push edi push 3 @@ -8093,18 +8136,18 @@ xor esi, esi push dword [ebp - 0x34] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00003719 ; call 0x3719 +call fcn_00003787 ; call 0x3787 mov eax, dword [ebp - 0x64] add esp, 0x20 add eax, 0xc mov dword [ebp - 0x70], eax -jmp near loc_0000502c ; jmp 0x502c +jmp near loc_0000509a ; jmp 0x509a -loc_00004f95: +loc_00005003: mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] cmp byte [eax + 0x52], 1 -jne loc_00004ee4 ; jne 0x4ee4 +jne loc_00004f52 ; jne 0x4f52 push edx mov al, byte [eax + 0x53] xor ebx, ebx @@ -8116,53 +8159,53 @@ mov eax, edi push 0xfff0ffff add eax, 0xd0c push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 lea esi, [edi + 0xa00] add esp, 0x10 -loc_00004fd0: +loc_0000503e: mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] cmp bl, byte [eax + 0x53] -jne short loc_00004fea ; jne 0x4fea +jne short loc_00005058 ; jne 0x5058 push eax push eax push 0xfffffdff push esi -call fcn_00018a7a ; call 0x18a7a -jmp short loc_00004ff7 ; jmp 0x4ff7 +call fcn_00018b3e ; call 0x18b3e +jmp short loc_00005065 ; jmp 0x5065 -loc_00004fea: +loc_00005058: push edi push edi push 0x200 push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 -loc_00004ff7: +loc_00005065: inc ebx add esp, 0x10 add esi, 0x10 cmp bl, 0x10 -jne short loc_00004fd0 ; jne 0x4fd0 -jmp near loc_00004ee4 ; jmp 0x4ee4 +jne short loc_0000503e ; jne 0x503e +jmp near loc_00004f52 ; jmp 0x4f52 -loc_00005008: +loc_00005076: sub esp, 0xc lea eax, [edi + 0xba] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 0x40 -jne short loc_00005053 ; jne 0x5053 +jne short loc_000050c1 ; jne 0x50c1 -loc_0000501e: +loc_0000508c: add ebx, 7 lea eax, [ebp - 0x18] cmp ebx, eax -je loc_000050bc ; je 0x50bc +je loc_0000512a ; je 0x512a -loc_0000502c: +loc_0000509a: push ecx movzx eax, byte [ebx + 2] push eax @@ -8170,40 +8213,40 @@ movzx eax, byte [ebx + 1] push eax movzx eax, byte [ebx] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov edi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne short loc_00005008 ; jne 0x5008 -jmp short loc_0000501e ; jmp 0x501e +jne short loc_00005076 ; jne 0x5076 +jmp short loc_0000508c ; jmp 0x508c -loc_00005053: +loc_000050c1: mov byte [ebx + 4], 1 add edi, 0x18 push ecx push 0x10100 push 0xff0000ff push edi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx push 0 push dword [ebp - 0x64] -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 push 0x10 push 0 push 0 push 1 -call fcn_000027f4 ; call 0x27f4 +call fcn_00002862 ; call 0x2862 add esp, 0x20 test eax, eax -je short loc_000050a7 ; je 0x50a7 +je short loc_00005115 ; je 0x5115 add eax, dword [ebp - 0x70] sub esp, 0xc push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0xf cmp al, 3 @@ -8211,33 +8254,33 @@ mov byte [ebx + 6], al mov al, 1 cmovae esi, eax -loc_000050a7: +loc_00005115: push edx push edx push 0xff0000ff push edi -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -jmp near loc_0000501e ; jmp 0x501e +jmp near loc_0000508c ; jmp 0x508c -loc_000050bc: -call fcn_000153e9 ; call 0x153e9 +loc_0000512a: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000050d6 ; je 0x50d6 +je short loc_00005144 ; je 0x5144 push eax push eax -push ref_00021513 ; push 0x21513 +push ref_000215a3 ; push 0x215a3 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000050d6: +loc_00005144: lea ebx, [ebp - 0x2d] -loc_000050d9: -call fcn_000153e9 ; call 0x153e9 +loc_00005147: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00005107 ; je 0x5107 +je short loc_00005175 ; je 0x5175 push eax push eax movzx eax, byte [ebx + 6] @@ -8248,71 +8291,71 @@ movzx eax, byte [ebx + 2] push eax movzx eax, byte [ebx + 1] push eax -push ref_0002152d ; push 0x2152d +push ref_000215bd ; push 0x215bd push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00005107: +loc_00005175: add ebx, 7 lea eax, [ebp - 0x18] cmp ebx, eax -jne short loc_000050d9 ; jne 0x50d9 +jne short loc_00005147 ; jne 0x5147 mov eax, esi test al, al -jne short loc_0000512c ; jne 0x512c +jne short loc_0000519a ; jne 0x519a -loc_00005117: +loc_00005185: mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] cmp byte [eax + 0x39], 1 -jne loc_00005321 ; jne 0x5321 -jmp near loc_0000528a ; jmp 0x528a +jne loc_0000538f ; jne 0x538f +jmp near loc_000052f8 ; jmp 0x52f8 -loc_0000512c: +loc_0000519a: mov eax, dword [ebp - 0x58] cmp eax, 0x40660 -je short loc_0000513d ; je 0x513d +je short loc_000051ab ; je 0x51ab cmp eax, 0x306c0 -jne short loc_0000514a ; jne 0x514a +jne short loc_000051b8 ; jne 0x51b8 -loc_0000513d: +loc_000051ab: xor ebx, ebx lea esi, [ebp - 0x38] lea edi, [ebp - 0x35] -jmp near loc_000051cc ; jmp 0x51cc +jmp near loc_0000523a ; jmp 0x523a -loc_0000514a: +loc_000051b8: cmp dword [ebp - 0x58], 0x40670 -jne short loc_00005117 ; jne 0x5117 +jne short loc_00005185 ; jne 0x5185 push eax push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -jne short loc_0000513d ; jne 0x513d -jmp short loc_00005117 ; jmp 0x5117 +jne short loc_000051ab ; jne 0x51ab +jmp short loc_00005185 ; jmp 0x5185 -loc_00005173: +loc_000051e1: cmp bl, 0xc -je short loc_000051de ; je 0x51de +je short loc_0000524c ; je 0x524c test bl, bl -jne short loc_00005189 ; jne 0x5189 +jne short loc_000051f7 ; jne 0x51f7 push eax push eax push esi push 0 -loc_00005181: -call fcn_0000930f ; call 0x930f +loc_000051ef: +call fcn_0000937d ; call 0x937d add esp, 0x10 -loc_00005189: +loc_000051f7: sub esp, 0xc movzx ecx, byte [ebp - 0x38] push edi @@ -8327,7 +8370,7 @@ mov dword [ebp - 0x74], edx mov ecx, dword [eax + 0xd] movzx ecx, byte [ecx + ebx + 0x19] push ecx -call fcn_0000936b ; call 0x936b +call fcn_000093d9 ; call 0x93d9 mov edx, dword [ebp - 0x74] add esp, 0x20 mov eax, dword [ebp - 0x70] @@ -8336,54 +8379,54 @@ push edx push eax push ebx inc ebx -call fcn_00009450 ; call 0x9450 +call fcn_000094be ; call 0x94be add esp, 0x10 cmp ebx, 0x10 -je short loc_000051eb ; je 0x51eb +je short loc_00005259 ; je 0x5259 -loc_000051cc: +loc_0000523a: cmp bl, 8 -jne short loc_00005173 ; jne 0x5173 +jne short loc_000051e1 ; jne 0x51e1 cmp byte [ebp - 0x22], 0 -je short loc_00005189 ; je 0x5189 +je short loc_000051f7 ; je 0x51f7 push eax push eax push esi push 8 -jmp short loc_00005181 ; jmp 0x5181 +jmp short loc_000051ef ; jmp 0x51ef -loc_000051de: +loc_0000524c: cmp byte [ebp - 0x1b], 0 -je short loc_00005189 ; je 0x5189 +je short loc_000051f7 ; je 0x51f7 push eax push eax push esi push 0xc -jmp short loc_00005181 ; jmp 0x5181 +jmp short loc_000051ef ; jmp 0x51ef -loc_000051eb: +loc_00005259: cmp dword [ebp - 0x44], 0 -je short loc_00005215 ; je 0x5215 +je short loc_00005283 ; je 0x5283 cmp dword [ebp - 0x58], 0x40670 -jne short loc_00005215 ; jne 0x5215 +jne short loc_00005283 ; jne 0x5283 mov edi, dword [ebp - 0x60] sub esp, 0xc push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edx pop ecx and ah, 0x7f push eax push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_00005215: +loc_00005283: lea ebx, [ebp - 0x2d] -loc_00005218: +loc_00005286: cmp byte [ebx + 4], 0 -je short loc_00005257 ; je 0x5257 +je short loc_000052c5 ; je 0x52c5 push eax movzx eax, byte [ebx + 2] push eax @@ -8391,7 +8434,7 @@ movzx eax, byte [ebx + 1] push eax movzx eax, byte [ebx] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax pop eax pop edx @@ -8399,57 +8442,57 @@ lea eax, [esi + 0xd98] add esi, 0xb0 push 1 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 pop ecx pop edi push 0x20 push esi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_00005257: +loc_000052c5: add ebx, 7 lea eax, [ebp - 0x18] cmp ebx, eax -jne short loc_00005218 ; jne 0x5218 +jne short loc_00005286 ; jne 0x5286 lea ebx, [ebp - 0x2d] -loc_00005264: +loc_000052d2: cmp byte [ebx + 4], 0 -je short loc_0000527b ; je 0x527b +je short loc_000052e9 ; je 0x52e9 push 0 push ebx push dword [ebp - 0x34] push dword [ebp + 8] -call fcn_00005ce2 ; call 0x5ce2 +call fcn_00005d50 ; call 0x5d50 add esp, 0x10 -loc_0000527b: +loc_000052e9: add ebx, 7 lea eax, [ebp - 0x18] cmp ebx, eax -jne short loc_00005264 ; jne 0x5264 -jmp near loc_00005117 ; jmp 0x5117 +jne short loc_000052d2 ; jne 0x52d2 +jmp near loc_00005185 ; jmp 0x5185 -loc_0000528a: -call fcn_000153e9 ; call 0x153e9 +loc_000052f8: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000052a4 ; je 0x52a4 +je short loc_00005312 ; je 0x5312 push eax push eax -push ref_00021565 ; push 0x21565 +push ref_000215f5 ; push 0x215f5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000052a4: +loc_00005312: sub esp, 0xc push dword [ebp - 0x68] push dword [ebp - 0x6c] push dword [ebp - 0x34] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_000036a6 ; call 0x36a6 +call fcn_00003714 ; call 0x3714 movzx eax, word [ebp - 0x4a] add esp, 0x1c push eax @@ -8457,7 +8500,7 @@ mov eax, dword [ebp - 0x40] push 0xfff0 add eax, 0xd0 push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 movzx eax, word [ebp - 0x4c] add esp, 0xc push eax @@ -8465,7 +8508,7 @@ mov eax, dword [ebp - 0x50] push 0xfff0 add eax, 0xd0 push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 movzx eax, word [ebp - 0x5a] add esp, 0xc push eax @@ -8473,7 +8516,7 @@ mov eax, dword [ebp - 0x54] push 0xfff0 add eax, 0xd0 push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 mov eax, dword [ebp - 0x34] add esp, 0xc push 0x186a0 @@ -8482,58 +8525,58 @@ push dword [ebp + 8] call dword [eax + 4] ; ucall add esp, 0x10 -loc_00005321: +loc_0000538f: mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] cmp byte [eax + 0x3b], 2 -jne short loc_00005331 ; jne 0x5331 +jne short loc_0000539f ; jne 0x539f mov byte [eax + 0x3b], 1 -loc_00005331: +loc_0000539f: mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] cmp byte [eax + 0x3b], 1 -jne short loc_00005351 ; jne 0x5351 +jne short loc_000053bf ; jne 0x53bf push dword [ebp - 0x3c] push dword [ebp - 0x34] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00008275 ; call 0x8275 +call fcn_000082e3 ; call 0x82e3 add esp, 0x10 -loc_00005351: +loc_000053bf: cmp dword [ebp - 0x58], 0x40670 sete al cmp dword [ebp - 0x44], 0 mov byte [ebp - 0x74], al -je short loc_00005371 ; je 0x5371 +je short loc_000053df ; je 0x53df test al, al -je short loc_00005371 ; je 0x5371 +je short loc_000053df ; je 0x53df push edi push edi push 0x4000 -jmp short loc_00005378 ; jmp 0x5378 +jmp short loc_000053e6 ; jmp 0x53e6 -loc_00005371: +loc_000053df: push esi push esi push 0xc000 -loc_00005378: +loc_000053e6: push dword [ebp - 0x60] -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000539d ; je 0x539d +je short loc_0000540b ; je 0x540b push ebx push ebx -push ref_00021580 ; push 0x21580 +push ref_00021610 ; push 0x21610 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000539d: +loc_0000540b: mov eax, dword [ebp - 0x64] lea edi, [ebp - 0x2d] mov byte [ebp - 0x60], 0 @@ -8544,7 +8587,7 @@ mov byte [ebp - 0x5a], 0 mov byte [ebp - 0x4a], 0 mov dword [ebp - 0x80], eax -loc_000053bd: +loc_0000542b: mov al, byte [edi] mov ecx, dword [ebp - 0x3c] mov byte [ebp - 0x5c], al @@ -8555,13 +8598,13 @@ mov byte [ebp - 0x6c], al movzx eax, byte [edi + 3] mov byte [ebp - 0x4c], al test ecx, ecx -je short loc_000053ea ; je 0x53ea +je short loc_00005458 ; je 0x5458 mov edx, dword [ebp + 0xc] mov edx, dword [edx + 0xd] mov dl, byte [edx + eax + 0x5c] mov byte [ecx + eax + 0x47], dl -loc_000053ea: +loc_00005458: movzx eax, byte [ebp - 0x6c] push ecx push eax @@ -8569,62 +8612,62 @@ movzx eax, byte [ebp - 0x5b] push eax movzx eax, byte [ebp - 0x5c] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov esi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] -je short loc_0000541c ; je 0x541c +je short loc_0000548a ; je 0x548a cmp byte [edi + 4], 0 -jne short loc_0000542b ; jne 0x542b +jne short loc_00005499 ; jne 0x5499 -loc_0000541c: +loc_0000548a: cmp byte [eax + 4], 0 -je loc_00005720 ; je 0x5720 -jmp near loc_000056fa ; jmp 0x56fa +je loc_0000578e ; je 0x578e +jmp near loc_00005768 ; jmp 0x5768 -loc_0000542b: +loc_00005499: cmp byte [eax + 4], 0 -jne short loc_0000547a ; jne 0x547a +jne short loc_000054e8 ; jne 0x54e8 push eax push 0x10100 push 0xff0000ff lea ebx, [esi + 0x18] push ebx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx push 0 push dword [ebp - 0x64] -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 lea eax, [esi + 0x11a] mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 2 -jne loc_00005720 ; jne 0x5720 +jne loc_0000578e ; jne 0x578e push eax push eax push 0xff0000ff push ebx -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_0000547a: +loc_000054e8: mov eax, dword [ebp + 0xc] cmp byte [eax], 0xf -jbe short loc_000054cf ; jbe 0x54cf +jbe short loc_0000553d ; jbe 0x553d movzx ebx, byte [ebp - 0x4c] mov eax, dword [eax + 0xd] cmp byte [eax + ebx + 0x61], 0 -je short loc_000054cf ; je 0x54cf +je short loc_0000553d ; je 0x553d sub esp, 0xc lea eax, [esi + 0xb2] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov ecx, dword [ebp + 0xc] add esp, 0x10 mov edx, dword [ecx + 0xd] @@ -8632,31 +8675,31 @@ and eax, 0x3f0 sar eax, 4 movzx edx, byte [edx + ebx + 0x61] cmp dl, al -je short loc_000054cf ; je 0x54cf +je short loc_0000553d ; je 0x553d movzx eax, byte [ebp - 0x6c] push eax movzx eax, byte [ebp - 0x5b] push eax push edx push dword [ebp + 8] -call fcn_0000286a ; call 0x286a +call fcn_000028d8 ; call 0x28d8 add esp, 0x10 -loc_000054cf: +loc_0000553d: mov eax, dword [ebp + 0xc] cmp byte [eax], 7 -jbe short loc_000054eb ; jbe 0x54eb +jbe short loc_00005559 ; jbe 0x5559 mov edx, dword [eax + 0xd] movzx eax, byte [ebp - 0x4c] mov bl, byte [edx + eax + 0x5c] cmp bl, 0xff -jne loc_0000560f ; jne 0x560f +jne loc_0000567d ; jne 0x567d -loc_000054eb: +loc_00005559: sub esp, 0xc lea eax, [esi + 0xac] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0xc push 0x10100 push 0xff0000ff @@ -8665,67 +8708,67 @@ push ebx shr eax, 4 and eax, 0x3f mov byte [ebp - 0x79], al -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop edx pop ecx push 0 push dword [ebp - 0x64] -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 pop eax push dword [ebp - 0x64] -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 inc eax -jne short loc_0000557e ; jne 0x557e +jne short loc_000055ec ; jne 0x55ec sub esp, 0xc add esi, 0xb2 push esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov esi, eax and esi, 0x3f0 sar esi, 4 mov eax, esi mov byte [ebp - 0x70], al -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_000055aa ; je 0x55aa +je short loc_00005618 ; je 0x5618 movzx eax, byte [ebp - 0x6c] sub esp, 0xc push esi push eax movzx eax, byte [ebp - 0x5b] push eax -push ref_0002159c ; push 0x2159c +push ref_0002162c ; push 0x2162c push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -jmp short loc_000055aa ; jmp 0x55aa +jmp short loc_00005618 ; jmp 0x5618 -loc_0000557e: +loc_000055ec: push 0x10 push 0 push 0 push 1 -call fcn_000027f4 ; call 0x27f4 +call fcn_00002862 ; call 0x2862 add esp, 0x10 test eax, eax -je short loc_000055aa ; je 0x55aa +je short loc_00005618 ; je 0x5618 add eax, dword [ebp - 0x80] sub esp, 0xc push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 shr eax, 4 and eax, 0x3f mov byte [ebp - 0x70], al -loc_000055aa: +loc_00005618: push eax push eax push 0xff0000ff push ebx -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e mov cl, byte [ebp - 0x79] add esp, 0x10 mov bl, byte [ebp - 0x70] @@ -8739,10 +8782,10 @@ mov al, dl shr al, 1 mov dword [ebp - 0x84], edx mov byte [ebp - 0x60], al -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 mov edx, dword [ebp - 0x84] test al, al -je short loc_00005633 ; je 0x5633 +je short loc_000056a1 ; je 0x56a1 push eax movzx edx, dl push eax @@ -8753,215 +8796,215 @@ push edx push eax movzx eax, byte [ebp - 0x79] push eax -push ref_00021608 ; push 0x21608 +push ref_00021698 ; push 0x21698 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -jmp short loc_00005633 ; jmp 0x5633 +jmp short loc_000056a1 ; jmp 0x56a1 -loc_0000560f: +loc_0000567d: test bl, bl -je short loc_00005633 ; je 0x5633 -call fcn_000153e9 ; call 0x153e9 +je short loc_000056a1 ; je 0x56a1 +call fcn_00015479 ; call 0x15479 mov byte [ebp - 0x60], bl test al, al -je short loc_00005633 ; je 0x5633 +je short loc_000056a1 ; je 0x56a1 push eax movzx eax, bl push eax -push ref_0002167b ; push 0x2167b +push ref_0002170b ; push 0x2170b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00005633: +loc_000056a1: mov eax, dword [ebp - 0x58] cmp eax, 0x40660 -je short loc_00005644 ; je 0x5644 +je short loc_000056b2 ; je 0x56b2 cmp eax, 0x306c0 -jne short loc_0000564a ; jne 0x564a +jne short loc_000056b8 ; jne 0x56b8 -loc_00005644: +loc_000056b2: test bl, bl -je short loc_000056c6 ; je 0x56c6 -jmp short loc_00005670 ; jmp 0x5670 +je short loc_00005734 ; je 0x5734 +jmp short loc_000056de ; jmp 0x56de -loc_0000564a: +loc_000056b8: cmp byte [ebp - 0x74], 0 -je short loc_000056c6 ; je 0x56c6 +je short loc_00005734 ; je 0x5734 push eax push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -jne short loc_00005644 ; jne 0x5644 -jmp short loc_000056c6 ; jmp 0x56c6 +jne short loc_000056b2 ; jne 0x56b2 +jmp short loc_00005734 ; jmp 0x5734 -loc_00005670: +loc_000056de: movzx esi, byte [ebp - 0x6c] push eax push dword [ebp - 0x68] push esi push dword [ebp + 8] -call fcn_0000489c ; call 0x489c +call fcn_0000490a ; call 0x490a add esp, 0x10 mov bl, al cmp byte [ebp - 0x60], al -jbe short loc_000056ad ; jbe 0x56ad -call fcn_000153e9 ; call 0x153e9 +jbe short loc_0000571b ; jbe 0x571b +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000056b0 ; je 0x56b0 +je short loc_0000571e ; je 0x571e push eax movzx eax, bl push eax -push ref_00021646 ; push 0x21646 +push ref_000216d6 ; push 0x216d6 push 0x80000040 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_000056b0 ; jmp 0x56b0 +jmp short loc_0000571e ; jmp 0x571e -loc_000056ad: +loc_0000571b: mov bl, byte [ebp - 0x60] -loc_000056b0: +loc_0000571e: movzx eax, bl push eax push dword [ebp - 0x68] push esi push dword [ebp + 8] -call fcn_00004925 ; call 0x4925 +call fcn_00004993 ; call 0x4993 add esp, 0x10 mov byte [ebp - 0x60], bl -loc_000056c6: -call fcn_000153e9 ; call 0x153e9 +loc_00005734: +call fcn_00015479 ; call 0x15479 movzx esi, byte [ebp - 0x6c] movzx ebx, byte [ebp - 0x5b] test al, al -je short loc_000056e8 ; je 0x56e8 +je short loc_00005756 ; je 0x5756 push esi push ebx -push ref_00021690 ; push 0x21690 +push ref_00021720 ; push 0x21720 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000056e8: +loc_00005756: movzx eax, byte [ebp - 0x5c] push esi push ebx push eax push dword [ebp + 0xc] -call fcn_00003aa5 ; call 0x3aa5 +call fcn_00003b13 ; call 0x3b13 add esp, 0x10 -loc_000056fa: +loc_00005768: cmp byte [ebp - 0x4c], 0 -jne short loc_00005706 ; jne 0x5706 +jne short loc_00005774 ; jne 0x5774 cmp byte [ebp - 0x48], 3 -je short loc_00005763 ; je 0x5763 +je short loc_000057d1 ; je 0x57d1 -loc_00005706: +loc_00005774: cmp byte [ebp - 0x4c], 1 -jne short loc_00005712 ; jne 0x5712 +jne short loc_00005780 ; jne 0x5780 cmp byte [ebp - 0x48], 2 -je short loc_0000577b ; je 0x577b +je short loc_000057e9 ; je 0x57e9 -loc_00005712: +loc_00005780: cmp byte [ebp - 0x4c], 2 -jne short loc_00005753 ; jne 0x5753 +jne short loc_000057c1 ; jne 0x57c1 cmp byte [ebp - 0x48], 0 -je short loc_0000577f ; je 0x577f -jmp short loc_00005753 ; jmp 0x5753 +je short loc_000057ed ; je 0x57ed +jmp short loc_000057c1 ; jmp 0x57c1 -loc_00005720: +loc_0000578e: mov al, byte [ebp - 0x48] cmp al, 3 -je short loc_0000576d ; je 0x576d +je short loc_000057db ; je 0x57db cmp al, 2 -jne short loc_00005737 ; jne 0x5737 +jne short loc_000057a5 ; jne 0x57a5 cmp byte [ebp - 0x4c], 0 mov byte [ebp - 0x44], 1 -je short loc_0000574f ; je 0x574f -jmp short loc_00005767 ; jmp 0x5767 +je short loc_000057bd ; je 0x57bd +jmp short loc_000057d5 ; jmp 0x57d5 -loc_00005737: +loc_000057a5: cmp byte [ebp - 0x48], 0 -jne short loc_00005753 ; jne 0x5753 +jne short loc_000057c1 ; jne 0x57c1 cmp byte [ebp - 0x4c], 0 -je short loc_0000574f ; je 0x574f +je short loc_000057bd ; je 0x57bd cmp byte [ebp - 0x4c], 1 -jne short loc_0000577b ; jne 0x577b +jne short loc_000057e9 ; jne 0x57e9 mov byte [ebp - 0x5a], 1 -jmp short loc_00005753 ; jmp 0x5753 +jmp short loc_000057c1 ; jmp 0x57c1 -loc_0000574f: +loc_000057bd: mov byte [ebp - 0x4a], 1 -loc_00005753: +loc_000057c1: add edi, 7 lea eax, [ebp - 0x18] cmp edi, eax -jne loc_000053bd ; jne 0x53bd -jmp short loc_0000577f ; jmp 0x577f +jne loc_0000542b ; jne 0x542b +jmp short loc_000057ed ; jmp 0x57ed -loc_00005763: +loc_000057d1: mov byte [ebp - 0x44], 1 -loc_00005767: +loc_000057d5: mov byte [ebp - 0x5a], 1 -jmp short loc_0000577f ; jmp 0x577f +jmp short loc_000057ed ; jmp 0x57ed -loc_0000576d: +loc_000057db: mov byte [ebp - 0x44], 1 mov byte [ebp - 0x5a], 1 mov byte [ebp - 0x4a], 1 -jmp short loc_0000577f ; jmp 0x577f +jmp short loc_000057ed ; jmp 0x57ed -loc_0000577b: +loc_000057e9: mov byte [ebp - 0x44], 1 -loc_0000577f: +loc_000057ed: mov dl, byte [ebp - 0x44] xor ebx, ebx mov al, byte [ebp - 0x5a] xor edx, 1 xor eax, 1 or dl, al -je short loc_00005798 ; je 0x5798 +je short loc_00005806 ; je 0x5806 mov bl, byte [ebp - 0x4a] mov byte [ebp - 0x4a], 0 -loc_00005798: +loc_00005806: sub esp, 0xc mov esi, 1 push dword [ebp - 0x40] -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne short loc_000057cb ; jne 0x57cb -call fcn_000153e9 ; call 0x153e9 +jne short loc_00005839 ; jne 0x5839 +call fcn_00015479 ; call 0x15479 xor esi, esi test al, al -je short loc_000057cb ; je 0x57cb +je short loc_00005839 ; je 0x5839 push ecx push ecx -push ref_000216bb ; push 0x216bb +push ref_0002174b ; push 0x2174b push 2 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000057cb: +loc_00005839: or bl, byte [ebp - 0x4a] -je loc_000058fa ; je 0x58fa +je loc_00005968 ; je 0x5968 mov eax, esi test al, al -je loc_000058fa ; je 0x58fa +je loc_00005968 ; je 0x5968 mov edi, dword [ebp - 0x40] mov ebx, 0x3e9 push eax @@ -8970,7 +9013,7 @@ push 0x100 mov eax, edi add eax, 0x224 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 lea esi, [edi + 0x464] pop eax mov eax, edi @@ -8978,19 +9021,19 @@ pop edx add eax, 0xb0 push 0x10 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_00005814: +loc_00005882: sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0x3f cmp eax, 2 -je short loc_0000583e ; je 0x583e +je short loc_000058ac ; je 0x58ac dec bx -je short loc_0000583e ; je 0x583e +je short loc_000058ac ; je 0x58ac mov eax, dword [ebp - 0x34] push edi push 0x64 @@ -8998,104 +9041,104 @@ push eax push dword [ebp + 8] call dword [eax + 4] ; ucall add esp, 0x10 -jmp short loc_00005814 ; jmp 0x5814 +jmp short loc_00005882 ; jmp 0x5882 -loc_0000583e: +loc_000058ac: mov eax, dword [ebp - 0x40] push esi push 0x20 push 0xcf add eax, 0xc20 push eax -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a mov eax, dword [ebp - 0x58] add esp, 0x10 cmp eax, 0x40660 -je short loc_00005868 ; je 0x5868 +je short loc_000058d6 ; je 0x58d6 cmp eax, 0x306c0 -jne short loc_0000588b ; jne 0x588b +jne short loc_000058f9 ; jne 0x58f9 -loc_00005868: +loc_000058d6: mov edi, dword [ebp - 0x68] push ebx push edi push 0 push dword [ebp + 8] -call fcn_0000489c ; call 0x489c +call fcn_0000490a ; call 0x490a movzx eax, al push eax push edi push 0 push dword [ebp + 8] -call fcn_00004925 ; call 0x4925 +call fcn_00004993 ; call 0x4993 add esp, 0x20 -jmp short loc_000058af ; jmp 0x58af +jmp short loc_0000591d ; jmp 0x591d -loc_0000588b: +loc_000058f9: cmp byte [ebp - 0x74], 0 -je short loc_000058af ; je 0x58af +je short loc_0000591d ; je 0x591d push ecx push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -jne short loc_00005868 ; jne 0x5868 +jne short loc_000058d6 ; jne 0x58d6 -loc_000058af: +loc_0000591d: cmp byte [ebp - 0x4a], 0 -je short loc_000058fa ; je 0x58fa +je short loc_00005968 ; je 0x5968 push eax push eax mov eax, dword [ebp - 0x40] push 0x40000000 add eax, 0xd20 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 pop eax mov eax, dword [ebp - 0x78] pop edx add eax, 0x54 push 0xf7 push eax -call fcn_00018699 ; call 0x18699 -call fcn_000153e9 ; call 0x153e9 +call fcn_0001875d ; call 0x1875d +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_000058fa ; je 0x58fa +je short loc_00005968 ; je 0x5968 push eax push eax -push ref_000216bb ; push 0x216bb +push ref_0002174b ; push 0x2174b push 2 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000058fa: +loc_00005968: sub esp, 0xc mov bl, 1 push dword [ebp - 0x50] -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne short loc_0000592a ; jne 0x592a -call fcn_000153e9 ; call 0x153e9 +jne short loc_00005998 ; jne 0x5998 +call fcn_00015479 ; call 0x15479 xor ebx, ebx test al, al -je short loc_0000592a ; je 0x592a +je short loc_00005998 ; je 0x5998 push edi push edi -push ref_000216cc ; push 0x216cc +push ref_0002175c ; push 0x2175c push 2 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000592a: +loc_00005998: test byte [ebp - 0x5a], bl -je loc_00005a4f ; je 0x5a4f +je loc_00005abd ; je 0x5abd mov edi, dword [ebp - 0x50] push ecx push ecx @@ -9103,7 +9146,7 @@ push 0x100 mov eax, edi add eax, 0x224 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov eax, edi pop ebx add eax, 0xb0 @@ -9111,22 +9154,22 @@ pop esi mov ebx, 0x3e9 push 0x10 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 mov eax, dword [ebp - 0x40] add esp, 0x10 lea esi, [eax + 0x464] -loc_0000596c: +loc_000059da: sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 shr eax, 8 and eax, 0x3f cmp eax, 2 -je short loc_00005999 ; je 0x5999 +je short loc_00005a07 ; je 0x5a07 dec bx -je short loc_00005999 ; je 0x5999 +je short loc_00005a07 ; je 0x5a07 mov eax, dword [ebp - 0x34] push edx push 0x64 @@ -9134,102 +9177,102 @@ push eax push dword [ebp + 8] call dword [eax + 4] ; ucall add esp, 0x10 -jmp short loc_0000596c ; jmp 0x596c +jmp short loc_000059da ; jmp 0x59da -loc_00005999: +loc_00005a07: push eax mov eax, dword [ebp - 0x50] push 0x20 push 0xcf add eax, 0xc20 push eax -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a mov eax, dword [ebp - 0x58] add esp, 0x10 cmp eax, 0x40660 -je short loc_000059c3 ; je 0x59c3 +je short loc_00005a31 ; je 0x5a31 cmp eax, 0x306c0 -jne short loc_000059e6 ; jne 0x59e6 +jne short loc_00005a54 ; jne 0x5a54 -loc_000059c3: +loc_00005a31: mov esi, dword [ebp - 0x68] push eax push esi push 1 push dword [ebp + 8] -call fcn_0000489c ; call 0x489c +call fcn_0000490a ; call 0x490a movzx eax, al push eax push esi push 1 push dword [ebp + 8] -call fcn_00004925 ; call 0x4925 +call fcn_00004993 ; call 0x4993 add esp, 0x20 -jmp short loc_00005a0a ; jmp 0x5a0a +jmp short loc_00005a78 ; jmp 0x5a78 -loc_000059e6: +loc_00005a54: cmp byte [ebp - 0x74], 0 -je short loc_00005a0a ; je 0x5a0a +je short loc_00005a78 ; je 0x5a78 push eax push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -jne short loc_000059c3 ; jne 0x59c3 +jne short loc_00005a31 ; jne 0x5a31 -loc_00005a0a: +loc_00005a78: mov eax, dword [ebp - 0x50] push esi push esi push 0x40000000 add eax, 0xd20 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 pop edi pop eax mov eax, dword [ebp - 0x78] push 0xfb add eax, 0x54 push eax -call fcn_00018699 ; call 0x18699 -call fcn_000153e9 ; call 0x153e9 +call fcn_0001875d ; call 0x1875d +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00005a4f ; je 0x5a4f +je short loc_00005abd ; je 0x5abd push ebx push ebx -push ref_000216cc ; push 0x216cc +push ref_0002175c ; push 0x2175c push 2 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00005a4f: +loc_00005abd: sub esp, 0xc mov bl, 1 push dword [ebp - 0x54] -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne short loc_00005a7f ; jne 0x5a7f -call fcn_000153e9 ; call 0x153e9 +jne short loc_00005aed ; jne 0x5aed +call fcn_00015479 ; call 0x15479 xor ebx, ebx test al, al -je short loc_00005a7f ; je 0x5a7f +je short loc_00005aed ; je 0x5aed push ecx push ecx -push ref_000216dd ; push 0x216dd +push ref_0002176d ; push 0x2176d push 2 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00005a7f: +loc_00005aed: test byte [ebp - 0x44], bl -je loc_00005ba4 ; je 0x5ba4 +je loc_00005c12 ; je 0x5c12 mov edi, dword [ebp - 0x54] mov ebx, 0x3e9 push eax @@ -9238,29 +9281,29 @@ push 0x100 mov eax, edi add eax, 0x224 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 pop eax mov eax, edi pop edx add eax, 0xb0 push 0x10 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 mov eax, dword [ebp - 0x40] add esp, 0x10 lea esi, [eax + 0x464] -loc_00005ac1: +loc_00005b2f: sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 shr eax, 0x10 and eax, 0x3f cmp eax, 2 -je short loc_00005aee ; je 0x5aee +je short loc_00005b5c ; je 0x5b5c dec bx -je short loc_00005aee ; je 0x5aee +je short loc_00005b5c ; je 0x5b5c mov eax, dword [ebp - 0x34] push edi push 0x64 @@ -9268,84 +9311,84 @@ push eax push dword [ebp + 8] call dword [eax + 4] ; ucall add esp, 0x10 -jmp short loc_00005ac1 ; jmp 0x5ac1 +jmp short loc_00005b2f ; jmp 0x5b2f -loc_00005aee: +loc_00005b5c: mov eax, dword [ebp - 0x54] push esi push 0x20 push 0xcf add eax, 0xc20 push eax -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a mov eax, dword [ebp - 0x58] add esp, 0x10 cmp eax, 0x40660 -je short loc_00005b18 ; je 0x5b18 +je short loc_00005b86 ; je 0x5b86 cmp eax, 0x306c0 -jne short loc_00005b3b ; jne 0x5b3b +jne short loc_00005ba9 ; jne 0x5ba9 -loc_00005b18: +loc_00005b86: mov edi, dword [ebp - 0x68] push ebx push edi push 2 push dword [ebp + 8] -call fcn_0000489c ; call 0x489c +call fcn_0000490a ; call 0x490a movzx eax, al push eax push edi push 2 push dword [ebp + 8] -call fcn_00004925 ; call 0x4925 +call fcn_00004993 ; call 0x4993 add esp, 0x20 -jmp short loc_00005b5f ; jmp 0x5b5f +jmp short loc_00005bcd ; jmp 0x5bcd -loc_00005b3b: +loc_00005ba9: cmp byte [ebp - 0x74], 0 -je short loc_00005b5f ; je 0x5b5f +je short loc_00005bcd ; je 0x5bcd push ecx push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -jne short loc_00005b18 ; jne 0x5b18 +jne short loc_00005b86 ; jne 0x5b86 -loc_00005b5f: +loc_00005bcd: mov eax, dword [ebp - 0x54] push edi push edi push 0x40000000 add eax, 0xd20 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 pop eax mov eax, dword [ebp - 0x78] pop edx add eax, 0x54 push 0xfd push eax -call fcn_00018699 ; call 0x18699 -call fcn_000153e9 ; call 0x153e9 +call fcn_0001875d ; call 0x1875d +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00005ba4 ; je 0x5ba4 +je short loc_00005c12 ; je 0x5c12 push esi push esi -push ref_000216dd ; push 0x216dd +push ref_0002176d ; push 0x2176d push 2 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00005ba4: +loc_00005c12: lea ebx, [ebp - 0x2d] -loc_00005ba7: +loc_00005c15: movzx eax, byte [ebx + 2] sub esp, 0xc add ebx, 7 @@ -9357,25 +9400,25 @@ push esi push dword [ebp - 0x34] push dword [ebp + 8] mov dword [ebp - 0x48], eax -call fcn_000024e1 ; call 0x24e1 +call fcn_0000254f ; call 0x254f mov eax, dword [ebp - 0x48] add esp, 0x1c push eax push edi push esi -call fcn_000023ad ; call 0x23ad +call fcn_0000241b ; call 0x241b lea eax, [ebp - 0x18] add esp, 0x10 cmp ebx, eax -jne short loc_00005ba7 ; jne 0x5ba7 +jne short loc_00005c15 ; jne 0x5c15 mov edi, dword [ebp - 0x3c] test edi, edi -je loc_00005c71 ; je 0x5c71 +je loc_00005cdf ; je 0x5cdf mov eax, dword [ebp - 0x40] sub esp, 0xc add eax, 0x11a push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 shr ax, 1 xor eax, 1 mov bl, al @@ -9383,7 +9426,7 @@ mov eax, dword [ebp - 0x50] and ebx, 1 add eax, 0x11a mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov dl, bl or edx, 2 test al, 2 @@ -9391,7 +9434,7 @@ mov eax, dword [ebp - 0x54] cmove ebx, edx add eax, 0x11a mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov dl, bl add esp, 0x10 or edx, 4 @@ -9399,31 +9442,31 @@ test al, 2 cmove ebx, edx not ebx cmp byte [edi + 0x46], bl -je short loc_00005c71 ; je 0x5c71 -call fcn_000153e9 ; call 0x153e9 +je short loc_00005cdf ; je 0x5cdf +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00005c6b ; je 0x5c6b +je short loc_00005cd9 ; je 0x5cd9 movzx eax, bl push eax mov eax, dword [ebp - 0x3c] movzx eax, byte [eax + 0x46] push eax -push ref_000216ee ; push 0x216ee +push ref_0002177e ; push 0x2177e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00005c6b: +loc_00005cd9: mov eax, dword [ebp - 0x3c] mov byte [eax + 0x46], bl -loc_00005c71: +loc_00005cdf: mov eax, dword [ebp + 0xc] cmp byte [eax], 0xa -ja short loc_00005c98 ; ja 0x5c98 +ja short loc_00005d06 ; ja 0x5d06 -loc_00005c79: -call fcn_00003b38 ; call 0x3b38 +loc_00005ce7: +call fcn_00003ba6 ; call 0x3ba6 movzx eax, byte [ebp - 0x44] push ebx push eax @@ -9431,20 +9474,20 @@ movzx eax, byte [ebp - 0x5a] push eax movzx eax, byte [ebp - 0x4a] push eax -call fcn_00003c89 ; call 0x3c89 +call fcn_00003cf7 ; call 0x3cf7 -loc_00005c93: +loc_00005d01: add esp, 0x10 -jmp short loc_00005cda ; jmp 0x5cda +jmp short loc_00005d48 ; jmp 0x5d48 -loc_00005c98: +loc_00005d06: mov eax, dword [ebp + 0xc] mov eax, dword [eax + 0xd] cmp byte [eax + 0x5f], 1 -jne short loc_00005c79 ; jne 0x5c79 +jne short loc_00005ce7 ; jne 0x5ce7 lea ebx, [ebp - 0x2d] -loc_00005ca7: +loc_00005d15: push eax movzx eax, byte [ebx + 2] add ebx, 7 @@ -9453,20 +9496,20 @@ movzx eax, byte [ebx - 6] push eax movzx eax, byte [ebx - 7] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 1 add eax, 0x25c push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 lea eax, [ebp - 0x18] add esp, 0x10 cmp ebx, eax -jne short loc_00005ca7 ; jne 0x5ca7 -jmp short loc_00005c79 ; jmp 0x5c79 +jne short loc_00005d15 ; jne 0x5d15 +jmp short loc_00005ce7 ; jmp 0x5ce7 -loc_00005cda: +loc_00005d48: lea esp, [ebp - 0xc] pop ebx pop esi @@ -9474,7 +9517,7 @@ pop edi pop ebp ret -fcn_00005ce2: +fcn_00005d50: push ebp mov ebp, esp push edi @@ -9491,20 +9534,20 @@ push 0 seta bl mov dword [ebp - 0x20], eax mov byte [ebp - 0x19], al -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x48 mov dword [esp], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 add esp, 0x10 mov dword [ebp - 0x24], eax mov eax, edi test al, al -jne short loc_00005d6f ; jne 0x5d6f +jne short loc_00005ddd ; jne 0x5ddd test bl, bl -je short loc_00005d6f ; je 0x5d6f +je short loc_00005ddd ; je 0x5ddd xor edi, edi -loc_00005d28: +loc_00005d96: push eax movzx eax, byte [esi + 2] push eax @@ -9512,13 +9555,13 @@ movzx eax, byte [esi + 1] push eax movzx eax, byte [esi] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xd2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 2 -jne short loc_00005d75 ; jne 0x5d75 +jne short loc_00005de3 ; jne 0x5de3 push ecx mov eax, dword [ebp + 0xc] inc edi @@ -9528,40 +9571,40 @@ push dword [ebp + 8] call dword [eax + 4] ; ucall add esp, 0x10 cmp edi, 0x64 -jne short loc_00005d28 ; jne 0x5d28 +jne short loc_00005d96 ; jne 0x5d96 xor eax, eax -jmp short loc_00005d77 ; jmp 0x5d77 +jmp short loc_00005de5 ; jmp 0x5de5 -loc_00005d6f: +loc_00005ddd: xor eax, eax xor edi, edi -jmp short loc_00005d77 ; jmp 0x5d77 +jmp short loc_00005de5 ; jmp 0x5de5 -loc_00005d75: +loc_00005de3: mov al, 1 -loc_00005d77: +loc_00005de5: test al, al -je short loc_00005d87 ; je 0x5d87 +je short loc_00005df5 ; je 0x5df5 test bl, bl -je short loc_00005d87 ; je 0x5d87 +je short loc_00005df5 ; je 0x5df5 -loc_00005d7f: +loc_00005ded: mov ebx, dword [ebp - 0x24] and ebx, 0xfffffffe -jmp short loc_00005dae ; jmp 0x5dae +jmp short loc_00005e1c ; jmp 0x5e1c -loc_00005d87: +loc_00005df5: test bl, bl -je short loc_00005d7f ; je 0x5d7f +je short loc_00005ded ; je 0x5ded cmp byte [ebp - 0x20], 0 -jne short loc_00005d7f ; jne 0x5d7f +jne short loc_00005ded ; jne 0x5ded -loc_00005d91: +loc_00005dff: mov eax, 0x80000012 -jmp short loc_00005e0f ; jmp 0x5e0f +jmp short loc_00005e7d ; jmp 0x5e7d -loc_00005d98: +loc_00005e06: push eax mov eax, dword [ebp + 0xc] inc edi @@ -9571,16 +9614,16 @@ push dword [ebp + 8] call dword [eax + 4] ; ucall add esp, 0x10 -loc_00005dae: +loc_00005e1c: cmp edi, 0x63 -ja short loc_00005d91 ; ja 0x5d91 +ja short loc_00005dff ; ja 0x5dff cmp byte [ebp - 0x19], 0 -je short loc_00005de0 ; je 0x5de0 +je short loc_00005e4e ; je 0x5e4e push 0 push 0x13 push 0x4648080 push ebx -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca movzx ecx, byte [esi + 2] add esp, 0x10 shl ecx, 3 @@ -9588,12 +9631,12 @@ shr eax, cl and eax, 0x3f cmp eax, 0x10 -loc_00005dda: -jne short loc_00005d98 ; jne 0x5d98 +loc_00005e48: +jne short loc_00005e06 ; jne 0x5e06 xor eax, eax -jmp short loc_00005e0f ; jmp 0x5e0f +jmp short loc_00005e7d ; jmp 0x5e7d -loc_00005de0: +loc_00005e4e: push edx movzx eax, byte [esi + 2] push eax @@ -9601,17 +9644,17 @@ movzx eax, byte [esi + 1] push eax movzx eax, byte [esi] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x214 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 shr eax, 0x10 and eax, 0xf cmp eax, 7 -jmp short loc_00005dda ; jmp 0x5dda +jmp short loc_00005e48 ; jmp 0x5e48 -loc_00005e0f: +loc_00005e7d: lea esp, [ebp - 0xc] pop ebx pop esi @@ -9619,7 +9662,7 @@ pop edi pop ebp ret -fcn_00005e17: +fcn_00005e85: push ebp mov ebp, esp push edi @@ -9631,100 +9674,100 @@ push 0 mov edi, dword [ebp + 0xc] push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax lea eax, [eax + 2] mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov edx, eax and eax, 0xfffffffd cmp ax, 0x8c44 -je short loc_00005eae ; je 0x5eae +je short loc_00005f1c ; je 0x5f1c lea eax, [edx + 0x73b2] cmp ax, 2 -jbe short loc_00005eae ; jbe 0x5eae +jbe short loc_00005f1c ; jbe 0x5f1c lea eax, [edx + 0x73b7] cmp ax, 3 -jbe short loc_00005eae ; jbe 0x5eae +jbe short loc_00005f1c ; jbe 0x5f1c lea eax, [edx + 0x73bf] cmp ax, 1 -jbe short loc_00005eae ; jbe 0x5eae +jbe short loc_00005f1c ; jbe 0x5f1c cmp dx, 0x8c58 -je short loc_00005eae ; je 0x5eae +je short loc_00005f1c ; je 0x5f1c mov eax, edx and eax, 0xfffffffb cmp ax, 0x8c52 -je short loc_00005eae ; je 0x5eae +je short loc_00005f1c ; je 0x5f1c mov eax, edx and eax, 0xfffffff7 cmp ax, 0x8c54 -je short loc_00005eae ; je 0x5eae +je short loc_00005f1c ; je 0x5f1c lea eax, [edx + 0x63bf] cmp ax, 6 -jbe short loc_00005eae ; jbe 0x5eae +jbe short loc_00005f1c ; jbe 0x5f1c add dx, 0x733f cmp dx, 5 -jbe short loc_00005eae ; jbe 0x5eae +jbe short loc_00005f1c ; jbe 0x5f1c -loc_00005ea4: +loc_00005f12: mov eax, 0x80000003 -jmp near loc_00005fa0 ; jmp 0x5fa0 +jmp near loc_0000600e ; jmp 0x600e -loc_00005eae: +loc_00005f1c: sub esp, 0xc add esi, 0x48 push esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and ax, 0xfffc mov word [ebp - 0x20], ax -je short loc_00005ea4 ; je 0x5ea4 +je short loc_00005f12 ; je 0x5f12 cmp bl, 0x1f -jbe short loc_00005f0b ; jbe 0x5f0b +jbe short loc_00005f79 ; jbe 0x5f79 cmp bl, 0x3f -ja short loc_00005ee7 ; ja 0x5ee7 +ja short loc_00005f55 ; ja 0x5f55 lea ecx, [ebx - 0x20] mov esi, 0x30 mov word [ebp - 0x1c], 0x38 mov word [ebp - 0x1a], 0x34 -jmp short loc_00005f1b ; jmp 0x5f1b +jmp short loc_00005f89 ; jmp 0x5f89 -loc_00005ee7: +loc_00005f55: mov eax, 0x80000002 cmp bl, 0x5f -ja loc_00005fa0 ; ja 0x5fa0 +ja loc_0000600e ; ja 0x600e lea ecx, [ebx - 0x40] mov esi, 0x40 mov word [ebp - 0x1c], 0x48 mov word [ebp - 0x1a], 0x44 -jmp short loc_00005f1b ; jmp 0x5f1b +jmp short loc_00005f89 ; jmp 0x5f89 -loc_00005f0b: +loc_00005f79: mov cl, bl xor esi, esi mov word [ebp - 0x1c], 0xc mov word [ebp - 0x1a], 4 -loc_00005f1b: +loc_00005f89: mov dword [ebp - 0x24], ecx and edi, 1 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 mov ecx, dword [ebp - 0x24] test al, al mov eax, edi movzx edi, al -je short loc_00005f49 ; je 0x5f49 +je short loc_00005fb7 ; je 0x5fb7 push edi movzx ebx, bl push ebx -push ref_00021725 ; push 0x21725 +push ref_000217b5 ; push 0x217b5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 mov ecx, dword [ebp - 0x24] add esp, 0x10 -loc_00005f49: +loc_00005fb7: movzx ebx, word [ebp - 0x20] mov edx, 1 push eax @@ -9735,7 +9778,7 @@ add esi, ebx push esi mov dword [ebp - 0x24], ecx mov dword [ebp - 0x20], edx -call fcn_0001829f ; call 0x1829f +call fcn_00018363 ; call 0x18363 mov edx, dword [ebp - 0x20] movzx eax, word [ebp - 0x1a] mov esi, edx @@ -9745,11 +9788,11 @@ pop ecx add eax, ebx push esi push eax -call fcn_000182c9 ; call 0x182c9 +call fcn_0001838d ; call 0x1838d movzx eax, word [ebp - 0x1c] add ebx, eax mov dword [esp], ebx -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 mov ecx, dword [ebp - 0x24] shl edi, cl and eax, esi @@ -9758,11 +9801,11 @@ or eax, edi pop edx push eax push ebx -call fcn_00018ed3 ; call 0x18ed3 +call fcn_00018f97 ; call 0x18f97 add esp, 0x10 xor eax, eax -loc_00005fa0: +loc_0000600e: lea esp, [ebp - 0xc] pop ebx pop esi @@ -9770,30 +9813,30 @@ pop edi pop ebp ret -fcn_00005fa8: +fcn_00006016: push ebp mov ebp, esp push ebx push ebx mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00005fca ; je 0x5fca +je short loc_00006038 ; je 0x6038 push ecx push ecx -push ref_0002173b ; push 0x2173b +push ref_000217cb ; push 0x217cb push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00005fca: +loc_00006038: cmp byte [ebx], 2 mov eax, 0x80000003 -jbe short loc_00005ff7 ; jbe 0x5ff7 +jbe short loc_00006065 ; jbe 0x6065 mov edx, dword [ebx + 0xd] mov edx, dword [edx + 0x4c] cmp byte [edx], 1 -jne short loc_00005ff7 ; jne 0x5ff7 +jne short loc_00006065 ; jne 0x6065 mov eax, dword [edx + 1] push edx push edx @@ -9802,38 +9845,38 @@ and edx, 1 push edx movzx eax, byte [eax] push eax -call fcn_00005e17 ; call 0x5e17 +call fcn_00005e85 ; call 0x5e85 add esp, 0x10 -loc_00005ff7: +loc_00006065: mov ebx, dword [ebp - 4] leave ret -fcn_00005ffc: +fcn_0000606a: push ebp mov ebp, esp push esi push ebx mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000601e ; je 0x601e +je short loc_0000608c ; je 0x608c push ecx push ecx -push ref_00021756 ; push 0x21756 +push ref_000217e6 ; push 0x217e6 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000601e: +loc_0000608c: cmp byte [ebx], 2 mov esi, 0x80000003 -jbe short loc_0000604f ; jbe 0x604f +jbe short loc_000060bd ; jbe 0x60bd mov eax, dword [ebx + 0xd] mov eax, dword [eax + 0x4c] cmp byte [eax], 1 -jne short loc_0000604f ; jne 0x604f +jne short loc_000060bd ; jne 0x60bd mov eax, dword [eax + 1] xor esi, esi push edx @@ -9844,10 +9887,10 @@ and edx, 1 push edx movzx eax, byte [eax] push eax -call fcn_00005e17 ; call 0x5e17 +call fcn_00005e85 ; call 0x5e85 add esp, 0x10 -loc_0000604f: +loc_000060bd: lea esp, [ebp - 8] mov eax, esi pop ebx @@ -9855,7 +9898,7 @@ pop esi pop ebp ret -fcn_00006058: +fcn_000060c6: push ebp mov ebp, esp push edi @@ -9865,44 +9908,44 @@ sub esp, 0x1c mov edi, dword [ebp + 8] mov ebx, dword [ebp + 0xc] mov esi, dword [ebp + 0x10] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006084 ; je 0x6084 +je short loc_000060f2 ; je 0x60f2 push eax push eax -push ref_00021773 ; push 0x21773 +push ref_00021803 ; push 0x21803 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00006084: +loc_000060f2: xor edx, edx -loc_00006086: +loc_000060f4: push eax push edx push 1 push 0 mov dword [ebp - 0x1c], edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0x10 add eax, 0xb0 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 mov edx, dword [ebp - 0x1c] add esp, 0x10 inc edx cmp edx, 3 -jne short loc_00006086 ; jne 0x6086 +jne short loc_000060f4 ; jne 0x60f4 sub esp, 0xc push esi -call fcn_00005fa8 ; call 0x5fa8 +call fcn_00006016 ; call 0x6016 add esp, 0x10 mov edx, eax test eax, eax -js short loc_00006103 ; js 0x6103 +js short loc_00006171 ; js 0x6171 push eax push 0x64 push ebx @@ -9911,51 +9954,51 @@ call dword [ebx + 4] ; ucall add esp, 0x10 xor ebx, ebx -loc_000060ce: +loc_0000613c: push edi push ebx inc ebx push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0xffef add eax, 0xb0 push eax -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0x10 cmp ebx, 3 -jne short loc_000060ce ; jne 0x60ce +jne short loc_0000613c ; jne 0x613c mov dword [ebp + 8], esi lea esp, [ebp - 0xc] pop ebx pop esi pop edi pop ebp -jmp near fcn_00005ffc ; jmp 0x5ffc +jmp near fcn_0000606a ; jmp 0x606a -loc_00006103: +loc_00006171: xor ebx, ebx -loc_00006105: +loc_00006173: push eax push ebx inc ebx push 1 push 0 mov dword [ebp - 0x1c], edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0xffef add eax, 0xb0 push eax -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0x10 cmp ebx, 3 mov edx, dword [ebp - 0x1c] -jne short loc_00006105 ; jne 0x6105 +jne short loc_00006173 ; jne 0x6173 lea esp, [ebp - 0xc] mov eax, edx pop ebx @@ -9964,23 +10007,23 @@ pop edi pop ebp ret -fcn_0000613b: ; not directly referenced +fcn_000061a9: ; not directly referenced push ebp mov ebp, esp push esi push ebx mov ebx, dword [ebp + 0x10] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000615d ; je 0x615d +je short loc_000061cb ; je 0x61cb push ecx push ecx -push ref_0002178d ; push 0x2178d +push ref_0002181d ; push 0x2181d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000615d: ; not directly referenced +loc_000061cb: ; not directly referenced push edx movzx eax, byte [ebx + 2] push eax @@ -9988,36 +10031,36 @@ movzx eax, byte [ebx + 1] push eax movzx eax, byte [ebx] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop ecx lea esi, [eax + 0x3e] pop eax push 0x40 push esi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 pop eax pop edx push 0xffbf push esi -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 push 0 push ebx push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00005ce2 ; call 0x5ce2 +call fcn_00005d50 ; call 0x5d50 add esp, 0x20 mov ebx, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000061b8 ; je 0x61b8 +je short loc_00006226 ; je 0x6226 push eax push eax -push ref_000217a3 ; push 0x217a3 +push ref_00021833 ; push 0x21833 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000061b8: ; not directly referenced +loc_00006226: ; not directly referenced lea esp, [ebp - 8] mov eax, ebx pop ebx @@ -10025,7 +10068,7 @@ pop esi pop ebp ret -fcn_000061c1: ; not directly referenced +fcn_0000622f: ; not directly referenced push ebp mov ebp, esp push edi @@ -10033,16 +10076,16 @@ push esi push ebx sub esp, 0x1c mov esi, dword [ebp + 0x10] -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov edi, eax push eax push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x48 mov dword [esp], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 add esp, 0x10 cmp edi, 0x40660 sete byte [ebp - 0x19] @@ -10050,19 +10093,19 @@ cmp edi, 0x306c0 mov ebx, eax sete al or byte [ebp - 0x19], al -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006220 ; je 0x6220 +je short loc_0000628e ; je 0x628e push eax push eax -push ref_000217b3 ; push 0x217b3 +push ref_00021843 ; push 0x21843 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00006220: ; not directly referenced +loc_0000628e: ; not directly referenced cmp edi, 0x40670 -jne short loc_0000624e ; jne 0x624e +jne short loc_000062bc ; jne 0x62bc push eax movzx eax, byte [esi + 2] push eax @@ -10070,127 +10113,127 @@ movzx eax, byte [esi + 1] push eax movzx eax, byte [esi] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0x10 add eax, 0xc24 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_0000624e: ; not directly referenced +loc_000062bc: ; not directly referenced cmp byte [ebp - 0x19], 0 -je loc_000062e9 ; je 0x62e9 +je loc_00006357 ; je 0x6357 push 0 and ebx, 0xfffffffe push 0x13 push 0x4448080 push ebx -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca and eax, 0xfffffffd push eax push 0x14 push 0x4448080 push ebx -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca add esp, 0x20 push 0 push 0x13 push 0x4448080 push ebx -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca or eax, 1 push eax push 0x14 push 0x4448080 push ebx -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca add esp, 0x20 push 0 push 0x13 push 0x4448080 push ebx -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca or ah, 0x20 push eax push 0x14 push 0x4448080 push ebx -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca add esp, 0x20 push 0 push 0x13 push 0x4448080 push ebx -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca and eax, 0xfffffffe push eax push 0x14 push 0x4448080 push ebx -call fcn_0000415c ; call 0x415c +call fcn_000041ca ; call 0x41ca add esp, 0x20 -jmp short loc_00006361 ; jmp 0x6361 +jmp short loc_000063cf ; jmp 0x63cf -loc_000062e9: ; not directly referenced +loc_00006357: ; not directly referenced push eax push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0xfffffffffffffffd add eax, 0x444 push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0xc push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop ebx pop edx push 1 add eax, 0x444 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0xc push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop ecx pop ebx push 0x2000 add eax, 0x444 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0xc push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0xfffffffffffffffe add eax, 0x444 push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_00006361: ; not directly referenced +loc_000063cf: ; not directly referenced movzx eax, byte [ebp - 0x19] push eax push esi push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00005ce2 ; call 0x5ce2 +call fcn_00005d50 ; call 0x5d50 add esp, 0x10 mov ebx, eax cmp edi, 0x40670 -jne short loc_000063a5 ; jne 0x63a5 +jne short loc_00006413 ; jne 0x6413 push edx movzx eax, byte [esi + 2] push eax @@ -10198,27 +10241,27 @@ movzx eax, byte [esi + 1] push eax movzx eax, byte [esi] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop ecx pop esi push 0xffffffffffffffef add eax, 0xc24 push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_000063a5: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00006413: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000063bf ; je 0x63bf +je short loc_0000642d ; je 0x642d push eax push eax -push ref_000217a3 ; push 0x217a3 +push ref_00021833 ; push 0x21833 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000063bf: ; not directly referenced +loc_0000642d: ; not directly referenced lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -10227,7 +10270,7 @@ pop edi pop ebp ret -fcn_000063c9: +fcn_00006437: push ebp mov ebp, esp push ebx @@ -10239,39 +10282,39 @@ movzx eax, byte [ebx + 1] push eax movzx eax, byte [ebx] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop ecx pop edx push 0x20 add eax, 0xb0 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 push 0 push ebx push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00005ce2 ; call 0x5ce2 +call fcn_00005d50 ; call 0x5d50 add esp, 0x20 mov ebx, eax test eax, eax -jns short loc_00006426 ; jns 0x6426 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00006494 ; jns 0x6494 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006426 ; je 0x6426 +je short loc_00006494 ; je 0x6494 push eax push eax -push ref_000217c5 ; push 0x217c5 +push ref_00021855 ; push 0x21855 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00006426: +loc_00006494: mov eax, ebx mov ebx, dword [ebp - 4] leave ret -fcn_0000642d: +fcn_0000649b: push ebp mov ebp, esp sub esp, 0xc @@ -10282,16 +10325,16 @@ movzx edx, byte [eax + 1] push edx movzx eax, byte [eax] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xb2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 leave shr ax, 4 and eax, 0x3f ret -fcn_0000645f: +fcn_000064cd: push ebp mov ebp, esp push edi @@ -10306,29 +10349,29 @@ movzx eax, byte [esi + 1] push eax movzx eax, byte [esi] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], esi mov edi, eax -call fcn_0000642d ; call 0x642d +call fcn_0000649b ; call 0x649b add esp, 0x10 mov dl, al cmp al, bl -jae loc_00006551 ; jae 0x6551 +jae loc_000065bf ; jae 0x65bf mov dword [ebp - 0x1c], edx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 mov edx, dword [ebp - 0x1c] test al, al -je short loc_000064be ; je 0x64be +je short loc_0000652c ; je 0x652c movzx edx, dl movzx eax, bl push edx push eax -push ref_000217dd ; push 0x217dd +push ref_0002186d ; push 0x2186d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000064be: +loc_0000652c: movzx eax, bl push ecx push eax @@ -10337,12 +10380,12 @@ lea edx, [edi + 0x224] add edi, 0xb0 push edx mov dword [ebp - 0x1c], edx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx push 0x10 push edi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 mov eax, dword [ebp + 0xc] add esp, 0xc push 1 @@ -10353,58 +10396,58 @@ pop ecx pop eax push 0xffef push edi -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 push 0 push esi push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00005ce2 ; call 0x5ce2 +call fcn_00005d50 ; call 0x5d50 mov edx, dword [ebp - 0x1c] add esp, 0x18 push 0x1f push edx mov edi, eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 test edi, edi -js short loc_00006576 ; js 0x6576 +js short loc_000065e4 ; js 0x65e4 sub esp, 0xc push esi -call fcn_0000642d ; call 0x642d +call fcn_0000649b ; call 0x649b add esp, 0x10 cmp al, bl -jne short loc_00006555 ; jne 0x6555 -call fcn_000153e9 ; call 0x153e9 +jne short loc_000065c3 ; jne 0x65c3 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006551 ; je 0x6551 +je short loc_000065bf ; je 0x65bf push edx push edx -push ref_00021801 ; push 0x21801 +push ref_00021891 ; push 0x21891 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00006551: +loc_000065bf: xor ebx, ebx -jmp short loc_00006578 ; jmp 0x6578 +jmp short loc_000065e6 ; jmp 0x65e6 -loc_00006555: -call fcn_000153e9 ; call 0x153e9 +loc_000065c3: +call fcn_00015479 ; call 0x15479 mov ebx, 0x80000007 test al, al -je short loc_00006578 ; je 0x6578 +je short loc_000065e6 ; je 0x65e6 push eax push eax -push ref_0002181c ; push 0x2181c +push ref_000218ac ; push 0x218ac push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_00006578 ; jmp 0x6578 +jmp short loc_000065e6 ; jmp 0x65e6 -loc_00006576: +loc_000065e4: mov ebx, edi -loc_00006578: +loc_000065e6: lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -10413,7 +10456,7 @@ pop edi pop ebp ret -fcn_00006582: +fcn_000065f0: push ebp mov ebp, esp sub esp, 0xc @@ -10424,15 +10467,15 @@ movzx edx, byte [eax + 1] push edx movzx eax, byte [eax] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xb2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 leave and eax, 0xf ret -fcn_000065b0: +fcn_0000661e: push ebp mov ebp, esp push edi @@ -10446,71 +10489,71 @@ mov edi, dword [ebp + 0x18] mov dword [ebp - 0x2c], eax mov eax, dword [ebp + 0x20] mov dword [ebp - 0x30], eax -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov dword [ebp - 0x1c], eax -call fcn_0001c5b4 ; call 0x1c5b4 +call fcn_0001c678 ; call 0x1c678 mov dword [ebp - 0x20], eax test esi, esi -je short loc_000065f4 ; je 0x65f4 +je short loc_00006662 ; je 0x6662 cmp byte [ebx], 1 -jbe short loc_000065f0 ; jbe 0x65f0 +jbe short loc_0000665e ; jbe 0x665e mov eax, dword [ebx + 0xd] cmp byte [eax + 0x48], 0 -jne short loc_000065f4 ; jne 0x65f4 +jne short loc_00006662 ; jne 0x6662 -loc_000065f0: +loc_0000665e: mov byte [esi + 0x71], 1 -loc_000065f4: +loc_00006662: push eax push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0x8000 add eax, 0xdd8 push eax mov dword [ebp - 0x24], eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0xc push ebx push dword [ebp + 0x14] push dword [ebp + 8] -call fcn_00006058 ; call 0x6058 +call fcn_000060c6 ; call 0x60c6 add esp, 0x10 mov esi, eax test eax, eax -jns short loc_0000663f ; jns 0x663f -call fcn_000153e9 ; call 0x153e9 +jns short loc_000066ad ; jns 0x66ad +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006659 ; je 0x6659 +je short loc_000066c7 ; je 0x66c7 push eax push esi -push ref_00021834 ; push 0x21834 -jmp short loc_0000664f ; jmp 0x664f +push ref_000218c4 ; push 0x218c4 +jmp short loc_000066bd ; jmp 0x66bd -loc_0000663f: -call fcn_000153e9 ; call 0x153e9 +loc_000066ad: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006659 ; je 0x6659 +je short loc_000066c7 ; je 0x66c7 push eax push eax -push ref_00021841 ; push 0x21841 +push ref_000218d1 ; push 0x218d1 -loc_0000664f: +loc_000066bd: push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00006659: +loc_000066c7: mov al, byte [edi] movzx ecx, byte [edi + 2] movzx edx, byte [edi + 1] mov byte [ebp - 0x25], al -loc_00006666: +loc_000066d4: push ebx movzx ebx, byte [ebp - 0x25] push ecx @@ -10518,71 +10561,71 @@ push edx push ebx mov dword [ebp - 0x38], ecx mov dword [ebp - 0x34], edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xd2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov edx, dword [ebp - 0x34] mov ecx, dword [ebp - 0x38] test al, 2 -je short loc_00006666 ; je 0x6666 +je short loc_000066d4 ; je 0x66d4 sub esp, 0xc push ecx push edx push ebx push dword [ebp + 0x14] push dword [ebp + 8] -call fcn_000024e1 ; call 0x24e1 +call fcn_0000254f ; call 0x254f add esp, 0x20 cmp dword [ebp - 0x20], 0 -je short loc_000066c8 ; je 0x66c8 +je short loc_00006736 ; je 0x6736 cmp dword [ebp - 0x1c], 0x40670 -jne short loc_000066c8 ; jne 0x66c8 +jne short loc_00006736 ; jne 0x6736 push ecx push ecx push 0xffff7fff push dword [ebp - 0x24] -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_000066c8: +loc_00006736: sub esp, 0xc push edi -call fcn_0000642d ; call 0x642d +call fcn_0000649b ; call 0x649b add esp, 0x10 cmp al, byte [ebp - 0x30] -jae short loc_000066fb ; jae 0x66fb -call fcn_000153e9 ; call 0x153e9 +jae short loc_00006769 ; jae 0x6769 +call fcn_00015479 ; call 0x15479 mov esi, 0x80000012 test al, al -je short loc_000066fb ; je 0x66fb +je short loc_00006769 ; je 0x6769 push edx push edx -push ref_0002184b ; push 0x2184b +push ref_000218db ; push 0x218db push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000066fb: +loc_00006769: sub esp, 0xc push edi -call fcn_00006582 ; call 0x6582 +call fcn_000065f0 ; call 0x65f0 add esp, 0x10 cmp al, byte [ebp - 0x2c] -jae short loc_0000672e ; jae 0x672e -call fcn_000153e9 ; call 0x153e9 +jae short loc_0000679c ; jae 0x679c +call fcn_00015479 ; call 0x15479 mov esi, 0x80000012 test al, al -je short loc_0000672e ; je 0x672e +je short loc_0000679c ; je 0x679c push eax push eax -push ref_00021863 ; push 0x21863 +push ref_000218f3 ; push 0x218f3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000672e: +loc_0000679c: lea esp, [ebp - 0xc] mov eax, esi pop ebx @@ -10591,7 +10634,7 @@ pop edi pop ebp ret -fcn_00006738: +fcn_000067a6: push ebp mov ebp, esp push edi @@ -10604,41 +10647,41 @@ mov eax, dword [ebp + 0x10] mov edi, dword [ebp + 0xc] push esi mov dword [ebp - 0x1c], eax -call fcn_00006582 ; call 0x6582 +call fcn_000065f0 ; call 0x65f0 mov edx, edi add esp, 0x10 cmp dl, al -je short loc_0000677a ; je 0x677a -call fcn_000153e9 ; call 0x153e9 +je short loc_000067e8 ; je 0x67e8 +call fcn_00015479 ; call 0x15479 mov bl, 1 test al, al -je short loc_0000677a ; je 0x677a +je short loc_000067e8 ; je 0x67e8 push edx push edx -push ref_0002187b ; push 0x2187b +push ref_0002190b ; push 0x2190b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000677a: +loc_000067e8: sub esp, 0xc push esi -call fcn_0000642d ; call 0x642d +call fcn_0000649b ; call 0x649b add esp, 0x10 cmp byte [ebp - 0x1c], al -je short loc_000067a7 ; je 0x67a7 -call fcn_000153e9 ; call 0x153e9 +je short loc_00006815 ; je 0x6815 +call fcn_00015479 ; call 0x15479 mov bl, 1 test al, al -je short loc_000067a7 ; je 0x67a7 +je short loc_00006815 ; je 0x6815 push eax push eax -push ref_0002189a ; push 0x2189a +push ref_0002192a ; push 0x2192a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000067a7: +loc_00006815: lea esp, [ebp - 0xc] mov al, bl pop ebx @@ -10647,7 +10690,7 @@ pop edi pop ebp ret -fcn_000067b1: +fcn_0000681f: push ebp mov ebp, esp push edi @@ -10658,70 +10701,70 @@ sub esp, 0x28 mov edi, dword [ebp + 0x10] mov ebx, dword [ebp + 0x14] push edi -call fcn_00006582 ; call 0x6582 +call fcn_000065f0 ; call 0x65f0 add esp, 0x10 mov dl, al cmp al, bl -jae loc_00006859 ; jae 0x6859 +jae loc_000068c7 ; jae 0x68c7 mov dword [ebp - 0x1c], edx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 mov edx, dword [ebp - 0x1c] test al, al -je short loc_000067fb ; je 0x67fb +je short loc_00006869 ; je 0x6869 movzx edx, dl movzx eax, bl push edx push eax -push ref_000218b9 ; push 0x218b9 +push ref_00021949 ; push 0x21949 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000067fb: +loc_00006869: push ecx push edi push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_000063c9 ; call 0x63c9 +call fcn_00006437 ; call 0x6437 add esp, 0x10 mov esi, eax test eax, eax -jns short loc_00006818 ; jns 0x6818 -call fcn_000153e9 ; call 0x153e9 -jmp short loc_00006832 ; jmp 0x6832 +jns short loc_00006886 ; jns 0x6886 +call fcn_00015479 ; call 0x15479 +jmp short loc_000068a0 ; jmp 0x68a0 -loc_00006818: +loc_00006886: sub esp, 0xc push edi -call fcn_00006582 ; call 0x6582 +call fcn_000065f0 ; call 0x65f0 add esp, 0x10 cmp al, bl -jae short loc_0000683f ; jae 0x683f -call fcn_000153e9 ; call 0x153e9 +jae short loc_000068ad ; jae 0x68ad +call fcn_00015479 ; call 0x15479 mov esi, 0x80000007 -loc_00006832: +loc_000068a0: test al, al -je short loc_00006859 ; je 0x6859 +je short loc_000068c7 ; je 0x68c7 push edx push edx -push ref_000218e3 ; push 0x218e3 -jmp short loc_0000684f ; jmp 0x684f +push ref_00021973 ; push 0x21973 +jmp short loc_000068bd ; jmp 0x68bd -loc_0000683f: -call fcn_000153e9 ; call 0x153e9 +loc_000068ad: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006859 ; je 0x6859 +je short loc_000068c7 ; je 0x68c7 push eax push eax -push ref_00021900 ; push 0x21900 +push ref_00021990 ; push 0x21990 -loc_0000684f: +loc_000068bd: push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00006859: +loc_000068c7: lea esp, [ebp - 0xc] mov eax, esi pop ebx @@ -10730,7 +10773,7 @@ pop edi pop ebp ret -fcn_00006863: +fcn_000068d1: push ebp mov ebp, esp push edi @@ -10752,25 +10795,25 @@ push esi push ebx push edi mov dword [ebp - 0x20], eax -call fcn_0000645f ; call 0x645f +call fcn_000064cd ; call 0x64cd add esp, 0x10 test eax, eax movzx eax, byte [ebp - 0x1c] mov dword [ebp - 0x1c], eax -js short loc_000068b9 ; js 0x68b9 +js short loc_00006927 ; js 0x6927 -loc_000068a5: +loc_00006913: push dword [ebp - 0x1c] push esi push ebx push edi -call fcn_000067b1 ; call 0x67b1 +call fcn_0000681f ; call 0x681f add esp, 0x10 test eax, eax -jns short loc_000068f6 ; jns 0x68f6 -jmp short loc_000068da ; jmp 0x68da +jns short loc_00006964 ; jns 0x6964 +jmp short loc_00006948 ; jmp 0x6948 -loc_000068b9: +loc_00006927: push eax push dword [ebp - 0x20] push dword [ebp - 0x1c] @@ -10779,13 +10822,13 @@ push ebx push dword [ebp - 0x28] push dword [ebp - 0x24] push edi -call fcn_000065b0 ; call 0x65b0 +call fcn_0000661e ; call 0x661e add esp, 0x20 test eax, eax -jns short loc_000068a5 ; jns 0x68a5 -jmp near loc_0000695e ; jmp 0x695e +jns short loc_00006913 ; jns 0x6913 +jmp near loc_000069cc ; jmp 0x69cc -loc_000068da: +loc_00006948: push ecx push dword [ebp - 0x20] push dword [ebp - 0x1c] @@ -10794,39 +10837,39 @@ push ebx push dword [ebp - 0x28] push dword [ebp - 0x24] push edi -call fcn_000065b0 ; call 0x65b0 +call fcn_0000661e ; call 0x661e add esp, 0x20 test eax, eax -js short loc_0000695e ; js 0x695e +js short loc_000069cc ; js 0x69cc -loc_000068f6: +loc_00006964: push 0 push esi push ebx push edi -call fcn_00005ce2 ; call 0x5ce2 +call fcn_00005d50 ; call 0x5d50 add esp, 0x10 test eax, eax -jns short loc_0000695e ; jns 0x695e -call fcn_000153e9 ; call 0x153e9 +jns short loc_000069cc ; jns 0x69cc +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006921 ; je 0x6921 +je short loc_0000698f ; je 0x698f push edx push edx -push ref_00021920 ; push 0x21920 +push ref_000219b0 ; push 0x219b0 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00006921: +loc_0000698f: push eax push esi push ebx push edi -call fcn_000063c9 ; call 0x63c9 +call fcn_00006437 ; call 0x6437 add esp, 0x10 test eax, eax -jns short loc_0000695e ; jns 0x695e +jns short loc_000069cc ; jns 0x69cc mov eax, dword [ebp - 0x20] mov dword [ebp + 0x18], esi mov dword [ebp + 0x14], ebx @@ -10843,9 +10886,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_000065b0 ; jmp 0x65b0 +jmp near fcn_0000661e ; jmp 0x661e -loc_0000695e: +loc_000069cc: lea esp, [ebp - 0xc] pop ebx pop esi @@ -10853,7 +10896,7 @@ pop edi pop ebp ret -fcn_00006966: ; not directly referenced +fcn_000069d4: ; not directly referenced push ebp mov ebp, esp push ebx @@ -10862,34 +10905,34 @@ lea eax, [ebp - 0xc] push eax push 0 push 0 -push ref_0002908c ; push 0x2908c -call fcn_00019699 ; call 0x19699 +push ref_0002913c ; push 0x2913c +call fcn_0001975d ; call 0x1975d mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_000069c6 ; je 0x69c6 +je short loc_00006a34 ; je 0x6a34 test ebx, ebx -jns short loc_000069c6 ; jns 0x69c6 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00006a34 ; jns 0x6a34 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000069ae ; je 0x69ae +je short loc_00006a1c ; je 0x6a1c push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000069ae: ; not directly referenced +loc_00006a1c: ; not directly referenced push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x2de -push ref_0002193e ; push 0x2193e -call fcn_000153fc ; call 0x153fc +push ref_000219ce ; push 0x219ce +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000069c6: ; not directly referenced +loc_00006a34: ; not directly referenced mov eax, dword [ebp - 0xc] push edx push edx @@ -10901,58 +10944,58 @@ mov ebx, dword [ebp - 4] leave ret -fcn_000069d8: +fcn_00006a46: push ebp mov eax, 1 mov ebp, esp mov edx, dword [ebp + 8] cmp byte [edx], 2 -jbe short loc_000069fa ; jbe 0x69fa +jbe short loc_00006a68 ; jbe 0x6a68 mov eax, dword [edx + 0xd] mov edx, 1 mov ax, word [eax + 0x50] test ax, ax cmove eax, edx -loc_000069fa: +loc_00006a68: pop ebp ret -fcn_000069fc: +fcn_00006a6a: push ebp mov eax, 2 mov ebp, esp mov edx, dword [ebp + 8] cmp byte [edx], 0x12 -jbe short loc_00006a1e ; jbe 0x6a1e +jbe short loc_00006a8c ; jbe 0x6a8c mov eax, dword [edx + 0xd] mov edx, 2 mov ax, word [eax + 0x67] test ax, ax cmove eax, edx -loc_00006a1e: +loc_00006a8c: pop ebp ret -fcn_00006a20: +fcn_00006a8e: push ebp mov eax, 0x2710 mov ebp, esp mov edx, dword [ebp + 8] cmp byte [edx], 0x12 -jbe short loc_00006a42 ; jbe 0x6a42 +jbe short loc_00006ab0 ; jbe 0x6ab0 mov eax, dword [edx + 0xd] mov edx, 0x2710 mov ax, word [eax + 0x65] test ax, ax cmove eax, edx -loc_00006a42: +loc_00006ab0: pop ebp ret -fcn_00006a44: +fcn_00006ab2: push ebp mov ebp, esp push edi @@ -10962,15 +11005,15 @@ sub esp, 0x30 push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax lea eax, [eax + 0x504] add esi, 0xd0c mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], esi mov ebx, eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0xc push 0 push 0 @@ -10979,47 +11022,47 @@ shr ebx, 0x10 shr eax, 0x14 and eax, 1 mov byte [ebp - 0x2b], al -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 mov dword [ebp - 0x34], eax and ebx, 3 -je short loc_00006ab1 ; je 0x6ab1 +je short loc_00006b1f ; je 0x6b1f cmp ebx, 2 -jne short loc_00006ac4 ; jne 0x6ac4 +jne short loc_00006b32 ; jne 0x6b32 mov byte [ebp - 0x1e], 8 mov esi, 2 mov byte [ebp - 0x1d], 8 -jmp short loc_00006acd ; jmp 0x6acd +jmp short loc_00006b3b ; jmp 0x6b3b -loc_00006ab1: +loc_00006b1f: mov byte [ebp - 0x1e], 8 mov esi, 3 mov byte [ebp - 0x1d], 4 mov byte [ebp - 0x1c], 4 -jmp short loc_00006acd ; jmp 0x6acd +jmp short loc_00006b3b ; jmp 0x6b3b -loc_00006ac4: +loc_00006b32: mov byte [ebp - 0x1e], 0x10 mov esi, 1 -loc_00006acd: +loc_00006b3b: mov eax, dword [ebp + 0xc] xor ebx, ebx mov byte [eax], 0 -loc_00006ad5: +loc_00006b43: cmp byte [ebp + ebx - 0x1e], 0 -je short loc_00006b08 ; je 0x6b08 +je short loc_00006b76 ; je 0x6b76 push eax push ebx push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je short loc_00006b08 ; je 0x6b08 +je short loc_00006b76 ; je 0x6b76 mov eax, dword [ebp + 0xc] mov dl, byte [eax] movzx eax, dl @@ -11028,29 +11071,29 @@ mov byte [ebp + eax - 0x1b], bl mov eax, dword [ebp + 0xc] mov byte [eax], dl -loc_00006b08: +loc_00006b76: inc ebx mov eax, esi cmp al, bl -ja short loc_00006ad5 ; ja 0x6ad5 +ja short loc_00006b43 ; ja 0x6b43 mov eax, dword [ebp + 0xc] cmp byte [eax], 3 -jbe short loc_00006b3c ; jbe 0x6b3c -call fcn_000153e9 ; call 0x153e9 +jbe short loc_00006baa ; jbe 0x6baa +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006b36 ; je 0x6b36 +je short loc_00006ba4 ; je 0x6ba4 push eax push dword [ebp + 0xc] -push ref_0002197c ; push 0x2197c +push ref_00021a0c ; push 0x21a0c push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00006b36: +loc_00006ba4: mov eax, dword [ebp + 0xc] mov byte [eax], 3 -loc_00006b3c: +loc_00006baa: mov eax, dword [ebp + 0x10] mov byte [ebp - 0x2a], 0 mov byte [eax], 0 @@ -11062,11 +11105,11 @@ and byte [ebp - 0x29], 0xf add eax, 0xc mov dword [ebp - 0x38], eax -loc_00006b5b: +loc_00006bc9: mov edi, dword [ebp + 0xc] mov al, byte [ebp - 0x2a] cmp al, byte [edi] -jae loc_00006dde ; jae 0x6dde +jae loc_00006e4c ; jae 0x6e4c movzx ebx, byte [ebp - 0x2a] movzx eax, byte [ebp + ebx - 0x1b] shl ebx, 5 @@ -11084,119 +11127,119 @@ push eax push edi push 1 push 0 -call fcn_000023ad ; call 0x23ad +call fcn_0000241b ; call 0x241b mov dword [esp], ebx -call fcn_0000642d ; call 0x642d +call fcn_0000649b ; call 0x649b add esp, 0x10 xor edx, edx xor ecx, ecx mov byte [ebp - 0x2c], al mov byte [ebx + 0x1c], al -loc_00006bb7: +loc_00006c25: mov byte [ebp - 0x30], dl cmp dl, byte [ebp - 0x2c] -jae short loc_00006bf6 ; jae 0x6bf6 +jae short loc_00006c64 ; jae 0x6c64 mov eax, dword [ebp + 0x10] cmp byte [eax], 0 -je short loc_00006bd2 ; je 0x6bd2 +je short loc_00006c40 ; je 0x6c40 cmp byte [ebp - 0x30], 1 -ja short loc_00006bd2 ; ja 0x6bd2 +ja short loc_00006c40 ; ja 0x6c40 dec byte [ebx + 0x1c] -jmp short loc_00006bf3 ; jmp 0x6bf3 +jmp short loc_00006c61 ; jmp 0x6c61 -loc_00006bd2: +loc_00006c40: cmp cl, 0xf -ja short loc_00006bf2 ; ja 0x6bf2 +ja short loc_00006c60 ; ja 0x6c60 cmp byte [ebp - 0x2b], 0 movzx esi, cl -jne short loc_00006be8 ; jne 0x6be8 +jne short loc_00006c56 ; jne 0x6c56 mov al, byte [ebp - 0x30] add al, byte [ebp - 0x29] -jmp short loc_00006bee ; jmp 0x6bee +jmp short loc_00006c5c ; jmp 0x6c5c -loc_00006be8: +loc_00006c56: mov al, byte [ebp - 0x29] sub eax, dword [ebp - 0x30] -loc_00006bee: +loc_00006c5c: mov byte [ebx + esi + 0xc], al -loc_00006bf2: +loc_00006c60: inc ecx -loc_00006bf3: +loc_00006c61: inc edx -jmp short loc_00006bb7 ; jmp 0x6bb7 +jmp short loc_00006c25 ; jmp 0x6c25 -loc_00006bf6: +loc_00006c64: cmp byte [ebx + 0x1c], 0x10 -jbe short loc_00006c21 ; jbe 0x6c21 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_00006c8f ; jbe 0x6c8f +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006c1d ; je 0x6c1d +je short loc_00006c8b ; je 0x6c8b push eax movzx eax, byte [ebx + 0x1c] push eax -push ref_000219c3 ; push 0x219c3 +push ref_00021a53 ; push 0x21a53 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00006c1d: +loc_00006c8b: mov byte [ebx + 0x1c], 0x10 -loc_00006c21: +loc_00006c8f: push eax push edi push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax lea eax, [eax + 0xac] mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov edx, eax and edx, 0xf cmp edx, 3 mov dword [ebp - 0x30], edx -je short loc_00006c79 ; je 0x6c79 -call fcn_000153e9 ; call 0x153e9 +je short loc_00006ce7 ; je 0x6ce7 +call fcn_00015479 ; call 0x15479 mov edx, dword [ebp - 0x30] test al, al -je short loc_00006c70 ; je 0x6c70 +je short loc_00006cde ; je 0x6cde push edx push edi push 1 push 0 push edi push 1 -push ref_000219f9 ; push 0x219f9 +push ref_00021a89 ; push 0x21a89 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00006c70: +loc_00006cde: mov byte [ebx + 0xb], 0 -jmp near loc_00006dbe ; jmp 0x6dbe +jmp near loc_00006e2c ; jmp 0x6e2c -loc_00006c79: -call fcn_000153e9 ; call 0x153e9 +loc_00006ce7: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006c9a ; je 0x6c9a +je short loc_00006d08 ; je 0x6d08 push eax push edi push 1 push 0 push edi push 1 -push ref_00021a44 ; push 0x21a44 +push ref_00021ad4 ; push 0x21ad4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00006c9a: +loc_00006d08: push ecx push 0x10100 push 0xff0000ff @@ -11204,72 +11247,72 @@ lea eax, [esi + 0x18] add esi, 0x11a push eax mov dword [ebp - 0x30], eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx push 0 push dword [ebp - 0x34] -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 pop ecx push dword [ebp - 0x34] -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [ebx + 7], eax mov dword [esp], esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 2 -je short loc_00006d17 ; je 0x6d17 +je short loc_00006d85 ; je 0x6d85 mov byte [ebx + 0xb], 0 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006d04 ; je 0x6d04 +je short loc_00006d72 ; je 0x6d72 push 3 push edi push 1 push 0 push edi push 1 -push ref_00021a76 ; push 0x21a76 +push ref_00021b06 ; push 0x21b06 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00006d04: +loc_00006d72: push edx push edi push 1 push 0 -call fcn_000023ad ; call 0x23ad +call fcn_0000241b ; call 0x241b add esp, 0x10 -jmp near loc_00006dac ; jmp 0x6dac +jmp near loc_00006e1a ; jmp 0x6e1a -loc_00006d17: +loc_00006d85: push 0x10 push 0 push 0 push 1 -call fcn_000027f4 ; call 0x27f4 +call fcn_00002862 ; call 0x2862 add esp, 0x10 test eax, eax -jne short loc_00006d49 ; jne 0x6d49 +jne short loc_00006db7 ; jne 0x6db7 mov byte [ebx + 0xb], 0 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006dac ; je 0x6dac +je short loc_00006e1a ; je 0x6e1a push 3 push edi push 1 push 0 push edi push 1 -push ref_00021abc ; push 0x21abc -jmp short loc_00006da2 ; jmp 0x6da2 +push ref_00021b4c ; push 0x21b4c +jmp short loc_00006e10 ; jmp 0x6e10 -loc_00006d49: +loc_00006db7: add eax, dword [ebp - 0x38] sub esp, 0xc push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov dl, al and eax, 0xf @@ -11277,47 +11320,47 @@ and edx, 0xf mov esi, eax mov byte [ebx + 6], dl cmp eax, 2 -ja short loc_00006d87 ; ja 0x6d87 +ja short loc_00006df5 ; ja 0x6df5 mov byte [ebx + 0xb], 0 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006dac ; je 0x6dac +je short loc_00006e1a ; je 0x6e1a push esi push edi push 1 push 0 push edi push 1 -push ref_00021b0b ; push 0x21b0b -jmp short loc_00006da2 ; jmp 0x6da2 +push ref_00021b9b ; push 0x21b9b +jmp short loc_00006e10 ; jmp 0x6e10 -loc_00006d87: +loc_00006df5: mov byte [ebx + 0xb], 1 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006dac ; je 0x6dac +je short loc_00006e1a ; je 0x6e1a push esi push edi push 1 push 0 push edi push 1 -push ref_00021b55 ; push 0x21b55 +push ref_00021be5 ; push 0x21be5 -loc_00006da2: +loc_00006e10: push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00006dac: +loc_00006e1a: push eax push eax push 0xff0000ff push dword [ebp - 0x30] -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_00006dbe: +loc_00006e2c: mov al, byte [ebp + edi - 0x1e] mov cl, byte [ebp - 0x29] lea edx, [ecx + eax] @@ -11327,9 +11370,9 @@ mov al, cl cmovne edx, eax mov byte [ebp - 0x29], dl inc byte [ebp - 0x2a] -jmp near loc_00006b5b ; jmp 0x6b5b +jmp near loc_00006bc9 ; jmp 0x6bc9 -loc_00006dde: +loc_00006e4c: lea esp, [ebp - 0xc] pop ebx pop esi @@ -11337,21 +11380,21 @@ pop edi pop ebp ret -fcn_00006de6: +fcn_00006e54: push ebp mov ebp, esp mov edx, dword [ebp + 8] cmp byte [ebp + 0xc], 0 mov al, dl -je short loc_00006df8 ; je 0x6df8 +je short loc_00006e66 ; je 0x6e66 mov al, 0xf sub eax, edx -loc_00006df8: +loc_00006e66: pop ebp ret -fcn_00006dfa: +fcn_00006e68: push ebp mov ebp, esp sub esp, 0xc @@ -11366,12 +11409,12 @@ pop edx movzx eax, byte [eax + 2] push eax push dword [ebp + 0x18] -call fcn_00007b99 ; call 0x7b99 +call fcn_00007c07 ; call 0x7c07 sub eax, dword [ebp + 0x20] leave ret -fcn_00006e24: +fcn_00006e92: push ebp mov ebp, esp push edi @@ -11385,15 +11428,15 @@ mov bl, byte [ebp + 0x30] mov byte [ebp - 0x53], al mov al, byte [ebp + 0x2c] mov byte [ebp - 0x52], al -call fcn_000069fc ; call 0x69fc +call fcn_00006a6a ; call 0x6a6a push esi push esi push 1 mov esi, eax -call fcn_0000961e ; call 0x961e +call fcn_0000968c ; call 0x968c add esp, 0x10 test eax, eax -js loc_00007085 ; js 0x7085 +js loc_000070f3 ; js 0x70f3 mov eax, dword [ebp + 0x20] mov dword [ebp - 0x4c], eax movzx eax, si @@ -11401,11 +11444,11 @@ mov dword [ebp - 0x58], eax movzx eax, bl mov dword [ebp - 0x50], eax -loc_00006e6f: +loc_00006edd: mov al, byte [ebp - 0x4c] sub eax, dword [ebp + 0x20] cmp al, byte [ebp - 0x53] -jae loc_00007078 ; jae 0x7078 +jae loc_000070e6 ; jae 0x70e6 push ecx push ecx lea eax, [ebp - 0x39] @@ -11413,7 +11456,7 @@ push eax mov eax, dword [ebp - 0x4c] movzx ebx, byte [eax] push ebx -call fcn_000098fd ; call 0x98fd +call fcn_0000996b ; call 0x996b mov eax, dword [ebp + 0x34] add esp, 0x10 mov byte [ebp - 0x51], 0 @@ -11421,50 +11464,50 @@ lea eax, [eax + ebx*4] xor ebx, ebx mov dword [ebp - 0x60], eax -loc_00006ea2: +loc_00006f10: test bl, bl -jne loc_00007070 ; jne 0x7070 +jne loc_000070de ; jne 0x70de cmp byte [ebp - 0x51], 2 -ja loc_00007070 ; ja 0x7070 +ja loc_000070de ; ja 0x70de push eax push eax movzx eax, byte [edi + 2] push eax push dword [ebp + 0x1c] -call fcn_00007b99 ; call 0x7b99 +call fcn_00007c07 ; call 0x7c07 mov esi, eax pop eax pop edx lea eax, [ebp - 0x39] push eax push 5 -call fcn_000099b5 ; call 0x99b5 +call fcn_00009a23 ; call 0x9a23 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00006f19 ; je 0x6f19 +je short loc_00006f87 ; je 0x6f87 test ebx, ebx -jns short loc_00006f19 ; jns 0x6f19 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00006f87 ; jns 0x6f87 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006f01 ; je 0x6f01 +je short loc_00006f6f ; je 0x6f6f push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00006f01: +loc_00006f6f: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x350 -push ref_00021b85 ; push 0x21b85 -call fcn_000153fc ; call 0x153fc +push ref_00021c15 ; push 0x21c15 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00006f19: +loc_00006f87: push ebx push esi push edi @@ -11473,64 +11516,64 @@ push dword [ebp + 0x18] push dword [ebp + 0x14] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00006dfa ; call 0x6dfa +call fcn_00006e68 ; call 0x6e68 add esp, 0x20 cmp eax, dword [ebp - 0x58] -jb short loc_00006f3f ; jb 0x6f3f +jb short loc_00006fad ; jb 0x6fad -loc_00006f38: +loc_00006fa6: xor ebx, ebx -jmp near loc_00007001 ; jmp 0x7001 +jmp near loc_0000706f ; jmp 0x706f -loc_00006f3f: +loc_00006fad: movzx ebx, byte [ebp - 0x52] push ecx push dword [ebp - 0x50] push ebx push edi -call fcn_00006738 ; call 0x6738 +call fcn_000067a6 ; call 0x67a6 add esp, 0x10 test al, al -jne short loc_00006f38 ; jne 0x6f38 +jne short loc_00006fa6 ; jne 0x6fa6 push eax push eax movzx eax, byte [edi + 2] push eax push dword [ebp + 0x1c] -call fcn_00007b99 ; call 0x7b99 +call fcn_00007c07 ; call 0x7c07 mov dword [ebp - 0x5c], eax pop eax pop edx lea eax, [ebp - 0x39] push eax push 0xfffffffffffffffa -call fcn_000099b5 ; call 0x99b5 +call fcn_00009a23 ; call 0x9a23 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00006fbb ; je 0x6fbb +je short loc_00007029 ; je 0x7029 test esi, esi -jns short loc_00006fbb ; jns 0x6fbb -call fcn_000153e9 ; call 0x153e9 +jns short loc_00007029 ; jns 0x7029 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00006fa3 ; je 0x6fa3 +je short loc_00007011 ; je 0x7011 push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00006fa3: +loc_00007011: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x35f -push ref_00021b85 ; push 0x21b85 -call fcn_000153fc ; call 0x153fc +push ref_00021c15 ; push 0x21c15 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00006fbb: +loc_00007029: push esi push dword [ebp - 0x5c] push edi @@ -11539,33 +11582,33 @@ push dword [ebp + 0x18] push dword [ebp + 0x14] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00006dfa ; call 0x6dfa +call fcn_00006e68 ; call 0x6e68 add esp, 0x20 cmp eax, dword [ebp - 0x58] -jae loc_00006f38 ; jae 0x6f38 +jae loc_00006fa6 ; jae 0x6fa6 push ecx push dword [ebp - 0x50] push ebx push edi -call fcn_00006738 ; call 0x6738 +call fcn_000067a6 ; call 0x67a6 add esp, 0x10 test al, al -jne loc_00006f38 ; jne 0x6f38 +jne loc_00006fa6 ; jne 0x6fa6 mov eax, dword [ebp - 0x60] mov bl, 1 mov dword [eax], 0xbb8 -loc_00007001: +loc_0000706f: sub esp, 0xc lea eax, [ebp - 0x39] push eax -call fcn_00009992 ; call 0x9992 +call fcn_00009a00 ; call 0x9a00 movzx eax, byte [ebp - 0x52] add esp, 0x10 mov byte [ebp - 0x5c], 3 mov dword [ebp - 0x64], eax -loc_0000701b: +loc_00007089: push edx push dword [ebp - 0x50] push dword [ebp - 0x64] @@ -11574,11 +11617,11 @@ push dword [ebp + 0x14] push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00006863 ; call 0x6863 +call fcn_000068d1 ; call 0x68d1 add esp, 0x20 mov esi, eax test eax, eax -jns short loc_00007068 ; jns 0x7068 +jns short loc_000070d6 ; jns 0x70d6 push eax mov eax, dword [ebp + 0x14] push 0x2710 @@ -11587,29 +11630,29 @@ push dword [ebp + 8] call dword [eax + 4] ; ucall add esp, 0x10 dec byte [ebp - 0x5c] -jne short loc_0000701b ; jne 0x701b +jne short loc_00007089 ; jne 0x7089 sub esp, 0xc push 0 -call fcn_0000961e ; call 0x961e +call fcn_0000968c ; call 0x968c add esp, 0x10 mov eax, esi -jmp short loc_00007085 ; jmp 0x7085 +jmp short loc_000070f3 ; jmp 0x70f3 -loc_00007068: +loc_000070d6: inc byte [ebp - 0x51] -jmp near loc_00006ea2 ; jmp 0x6ea2 +jmp near loc_00006f10 ; jmp 0x6f10 -loc_00007070: +loc_000070de: inc dword [ebp - 0x4c] -jmp near loc_00006e6f ; jmp 0x6e6f +jmp near loc_00006edd ; jmp 0x6edd -loc_00007078: +loc_000070e6: sub esp, 0xc push 0 -call fcn_0000961e ; call 0x961e +call fcn_0000968c ; call 0x968c add esp, 0x10 -loc_00007085: +loc_000070f3: lea esp, [ebp - 0xc] pop ebx pop esi @@ -11617,7 +11660,7 @@ pop edi pop ebp ret -fcn_0000708d: ; not directly referenced +fcn_000070fb: ; not directly referenced push ebp mov ebp, esp mov ecx, dword [ebp + 8] @@ -11633,7 +11676,7 @@ pop ebx pop ebp ret -fcn_000070a7: +fcn_00007115: push ebp xor eax, eax mov ebp, esp @@ -11641,21 +11684,21 @@ mov ecx, dword [ebp + 8] push esi push ebx test ecx, ecx -je short loc_000070f0 ; je 0x70f0 +je short loc_0000715e ; je 0x715e xor ebx, ebx mov esi, 0xa9e -loc_000070bc: +loc_0000712a: cmp ecx, 0x10f -jbe short loc_000070d5 ; jbe 0x70d5 +jbe short loc_00007143 ; jbe 0x7143 imul eax, ecx, 0x3e8 xor edx, edx add ebx, 0x64 div esi mov ecx, eax -jmp short loc_000070bc ; jmp 0x70bc +jmp short loc_0000712a ; jmp 0x712a -loc_000070d5: +loc_00007143: imul eax, ecx, 0xfffffff0 xor edx, edx add eax, 0x2d3a @@ -11665,13 +11708,13 @@ sub eax, 0xeefac div ecx add eax, ebx -loc_000070f0: +loc_0000715e: pop ebx pop esi pop ebp ret -fcn_000070f4: +fcn_00007162: push ebp mov ebp, esp push edi @@ -11686,31 +11729,31 @@ cmp eax, 0x9c40 cmova eax, ebx imul eax, eax, 0x64 push eax -call fcn_000070a7 ; call 0x70a7 +call fcn_00007115 ; call 0x7115 cmp esi, 0x9c40 cmova esi, ebx imul esi, esi, 0x64 mov dword [ebp - 0x10], eax mov dword [esp], esi -call fcn_000070a7 ; call 0x70a7 +call fcn_00007115 ; call 0x7115 cmp dword [ebp + 0x10], 0x9c40 cmovbe ebx, dword [ebp + 0x10] imul ebx, ebx, 0x64 mov esi, eax mov dword [esp], ebx -call fcn_000070a7 ; call 0x70a7 +call fcn_00007115 ; call 0x7115 test edi, edi pop edx mov edx, dword [ebp - 0x10] mov ebx, eax -js short loc_00007178 ; js 0x7178 +js short loc_000071e6 ; js 0x71e6 cmp esi, eax lea ecx, [edi - 1] -jne short loc_0000715f ; jne 0x715f +jne short loc_000071cd ; jne 0x71cd imul eax, ecx, 0x64 -jmp short loc_0000716f ; jmp 0x716f +jmp short loc_000071dd ; jmp 0x71dd -loc_0000715f: +loc_000071cd: sub edx, eax sub esi, ebx imul eax, edx, 0x64 @@ -11719,20 +11762,20 @@ imul ecx, ecx, 0x64 div esi add eax, ecx -loc_0000716f: +loc_000071dd: xor ecx, ecx test eax, eax cmovns ecx, eax -jmp short loc_0000719e ; jmp 0x719e +jmp short loc_0000720c ; jmp 0x720c -loc_00007178: +loc_000071e6: cmp esi, eax lea ecx, [edi + 1] -jne short loc_00007184 ; jne 0x7184 +jne short loc_000071f2 ; jne 0x71f2 imul ecx, ecx, 0x64 -jmp short loc_0000719e ; jmp 0x719e +jmp short loc_0000720c ; jmp 0x720c -loc_00007184: +loc_000071f2: sub edx, eax sub esi, ebx imul eax, edx, 0x64 @@ -11744,7 +11787,7 @@ mov eax, 0 test ecx, ecx cmovg ecx, eax -loc_0000719e: +loc_0000720c: lea esp, [ebp - 0xc] mov eax, ecx pop ebx @@ -11753,7 +11796,7 @@ pop edi pop ebp ret -fcn_000071a8: +fcn_00007216: push ebp mov ebp, esp push edi @@ -11768,7 +11811,7 @@ mov al, byte [ebp + 0x2c] mov byte [ebp - 0x2c], al mov al, byte [ebp + 0x34] mov byte [ebp - 0x41], al -call fcn_000069d8 ; call 0x69d8 +call fcn_00006a46 ; call 0x6a46 mov ecx, dword [ebp + 0x20] pop edi mov dword [ebp - 0x40], ebx @@ -11776,36 +11819,36 @@ mov dword [ebp - 0x38], ecx movzx eax, ax mov dword [ebp - 0x34], eax -loc_000071df: +loc_0000724d: mov bl, byte [ebp - 0x38] sub ebx, dword [ebp + 0x20] cmp bl, byte [ebp - 0x42] -jae loc_00007626 ; jae 0x7626 +jae loc_00007694 ; jae 0x7694 mov eax, dword [ebp - 0x38] mov ecx, dword [ebp + 0x38] cmp byte [ebp - 0x41], 0 movzx eax, byte [eax] mov byte [ebp - 0x19], al mov dword [ecx + eax*4], 0 -je short loc_00007229 ; je 0x7229 +je short loc_00007297 ; je 0x7297 mov esi, dword [ebp + 0xc] push edx push edx mov edx, dword [esi + 1] push dword [edx + 4] push eax -call fcn_00009516 ; call 0x9516 +call fcn_00009584 ; call 0x9584 movzx eax, byte [ebp - 0x19] pop ecx pop esi push 1 push eax -call fcn_000094b3 ; call 0x94b3 +call fcn_00009521 ; call 0x9521 add esp, 0x10 -loc_00007229: +loc_00007297: test bl, bl -je short loc_0000724a ; je 0x724a +je short loc_000072b8 ; je 0x72b8 mov eax, dword [ebp - 0x38] xor esi, esi mov ecx, dword [ebp + 0x38] @@ -11816,22 +11859,22 @@ cdq idiv ecx dec eax cmovns esi, eax -jmp short loc_0000724c ; jmp 0x724c +jmp short loc_000072ba ; jmp 0x72ba -loc_0000724a: +loc_000072b8: xor esi, esi -loc_0000724c: +loc_000072ba: mov byte [ebp - 0x2b], 0 mov byte [ebp - 0x29], 1 mov dword [ebp - 0x3c], 0xffffffff mov byte [ebp - 0x2a], 0 -loc_0000725f: +loc_000072cd: cmp byte [ebp - 0x2b], 0x1d -ja loc_000075b2 ; ja 0x75b2 +ja loc_00007620 ; ja 0x7620 cmp byte [ebp - 0x2a], 1 -ja loc_000075b2 ; ja 0x75b2 +ja loc_00007620 ; ja 0x7620 push eax push eax mov eax, dword [ebp + 0x28] @@ -11839,7 +11882,7 @@ inc byte [ebp - 0x2b] movzx eax, byte [eax + 2] push eax push dword [ebp + 0x1c] -call fcn_00007b99 ; call 0x7b99 +call fcn_00007c07 ; call 0x7c07 add esp, 0xc mov edi, eax mov eax, esi @@ -11848,33 +11891,33 @@ push eax push 1 lea eax, [ebp - 0x19] push eax -call fcn_00009b95 ; call 0x9b95 +call fcn_00009c03 ; call 0x9c03 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_000072e5 ; je 0x72e5 +je short loc_00007353 ; je 0x7353 test ebx, ebx -jns short loc_000072e5 ; jns 0x72e5 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00007353 ; jns 0x7353 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000072cd ; je 0x72cd +je short loc_0000733b ; je 0x733b push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000072cd: +loc_0000733b: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x1f0 -push ref_00021b85 ; push 0x21b85 -call fcn_000153fc ; call 0x153fc +push ref_00021c15 ; push 0x21c15 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000072e5: +loc_00007353: push eax push edi push dword [ebp + 0x28] @@ -11883,75 +11926,75 @@ push dword [ebp + 0x18] push dword [ebp + 0x14] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00006dfa ; call 0x6dfa +call fcn_00006e68 ; call 0x6e68 add esp, 0x20 mov edi, eax cmp eax, dword [ebp - 0x34] -jb short loc_0000731e ; jb 0x731e +jb short loc_0000738c ; jb 0x738c test esi, esi -jne short loc_00007324 ; jne 0x7324 +jne short loc_00007392 ; jne 0x7392 movzx eax, byte [ebp - 0x19] mov bl, 1 mov ecx, dword [ebp + 0x38] mov dword [ecx + eax*4], 0 -jmp short loc_0000732a ; jmp 0x732a +jmp short loc_00007398 ; jmp 0x7398 -loc_0000731e: +loc_0000738c: mov byte [ebp - 0x29], 1 -jmp short loc_00007328 ; jmp 0x7328 +jmp short loc_00007396 ; jmp 0x7396 -loc_00007324: +loc_00007392: mov byte [ebp - 0x29], 0xff -loc_00007328: +loc_00007396: xor ebx, ebx -loc_0000732a: +loc_00007398: mov al, byte [ebp - 0x29] add eax, esi mov byte [ebp - 0x30], al movzx eax, byte [ebp - 0x2c] mov dword [ebp - 0x4c], eax -loc_00007339: +loc_000073a7: test bl, 1 -jne loc_0000748e ; jne 0x748e +jne loc_000074fc ; jne 0x74fc cmp byte [ebp - 0x30], 0x18 -ja loc_0000748e ; ja 0x748e +ja loc_000074fc ; ja 0x74fc push ebx push dword [ebp - 0x40] push dword [ebp - 0x4c] push dword [ebp + 0x28] -call fcn_00006738 ; call 0x6738 +call fcn_000067a6 ; call 0x67a6 add esp, 0x10 mov bl, al test al, al -je short loc_0000739a ; je 0x739a +je short loc_00007408 ; je 0x7408 cmp byte [ebp - 0x29], 0xff -je loc_000074ad ; je 0x74ad +je loc_0000751b ; je 0x751b cmp byte [ebp - 0x30], 0 movzx eax, byte [ebp - 0x19] -jne short loc_00007387 ; jne 0x7387 +jne short loc_000073f5 ; jne 0x73f5 mov esi, dword [ebp + 0x38] mov dword [esi + eax*4], 0 -jmp near loc_000074bc ; jmp 0x74bc +jmp near loc_0000752a ; jmp 0x752a -loc_00007387: +loc_000073f5: movsx edx, byte [ebp - 0x30] mov esi, dword [ebp + 0x38] dec edx imul edx, edx, 0x64 mov dword [esi + eax*4], edx -jmp near loc_000074bc ; jmp 0x74bc +jmp near loc_0000752a ; jmp 0x752a -loc_0000739a: +loc_00007408: mov eax, dword [ebp + 0x28] push ecx push ecx movzx eax, byte [eax + 2] push eax push dword [ebp + 0x1c] -call fcn_00007b99 ; call 0x7b99 +call fcn_00007c07 ; call 0x7c07 add esp, 0xc mov dword [ebp - 0x48], eax movzx eax, byte [ebp - 0x30] @@ -11959,33 +12002,33 @@ push eax push 1 lea eax, [ebp - 0x19] push eax -call fcn_00009b95 ; call 0x9b95 +call fcn_00009c03 ; call 0x9c03 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00007409 ; je 0x7409 +je short loc_00007477 ; je 0x7477 test esi, esi -jns short loc_00007409 ; jns 0x7409 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00007477 ; jns 0x7477 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000073f1 ; je 0x73f1 +je short loc_0000745f ; je 0x745f push edx push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000073f1: +loc_0000745f: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x21b -push ref_00021b85 ; push 0x21b85 -call fcn_000153fc ; call 0x153fc +push ref_00021c15 ; push 0x21c15 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00007409: +loc_00007477: push eax push dword [ebp - 0x48] push dword [ebp + 0x28] @@ -11994,13 +12037,13 @@ push dword [ebp + 0x18] push dword [ebp + 0x14] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00006dfa ; call 0x6dfa +call fcn_00006e68 ; call 0x6e68 add esp, 0x20 cmp byte [ebp - 0x29], 0xff mov esi, eax -jne short loc_00007454 ; jne 0x7454 +jne short loc_000074c2 ; jne 0x74c2 cmp eax, dword [ebp - 0x34] -jae short loc_00007481 ; jae 0x7481 +jae short loc_000074ef ; jae 0x74ef movzx eax, byte [ebp - 0x19] mov ecx, dword [ebp + 0x38] lea ebx, [ecx + eax*4] @@ -12009,14 +12052,14 @@ push eax push esi push edi push dword [ebp - 0x34] -call fcn_000070f4 ; call 0x70f4 +call fcn_00007162 ; call 0x7162 add esp, 0x10 mov dword [ebx], eax -jmp short loc_000074d3 ; jmp 0x74d3 +jmp short loc_00007541 ; jmp 0x7541 -loc_00007454: +loc_000074c2: cmp eax, dword [ebp - 0x34] -jb short loc_00007481 ; jb 0x7481 +jb short loc_000074ef ; jb 0x74ef movzx eax, byte [ebp - 0x19] mov edx, dword [ebp + 0x38] lea edx, [edx + eax*4] @@ -12027,45 +12070,45 @@ push edi mov edi, esi push esi push dword [ebp - 0x34] -call fcn_000070f4 ; call 0x70f4 +call fcn_00007162 ; call 0x7162 mov edx, dword [ebp - 0x48] add esp, 0x10 mov dword [edx], eax -jmp short loc_000074bc ; jmp 0x74bc +jmp short loc_0000752a ; jmp 0x752a -loc_00007481: +loc_000074ef: mov al, byte [ebp - 0x29] mov edi, esi add byte [ebp - 0x30], al -jmp near loc_00007339 ; jmp 0x7339 +jmp near loc_000073a7 ; jmp 0x73a7 -loc_0000748e: +loc_000074fc: cmp byte [ebp - 0x29], 0xff -jne short loc_000074bc ; jne 0x74bc +jne short loc_0000752a ; jne 0x752a cmp edi, dword [ebp - 0x34] -jb short loc_000074d3 ; jb 0x74d3 +jb short loc_00007541 ; jb 0x7541 test bl, bl -jne short loc_000074d3 ; jne 0x74d3 +jne short loc_00007541 ; jne 0x7541 movzx eax, byte [ebp - 0x19] mov esi, dword [ebp + 0x38] mov dword [esi + eax*4], 0 -jmp short loc_000074d3 ; jmp 0x74d3 +jmp short loc_00007541 ; jmp 0x7541 -loc_000074ad: +loc_0000751b: mov byte [ebp - 0x29], 1 mov dword [ebp - 0x3c], 0xffffffff mov byte [ebp - 0x2a], 0 -loc_000074bc: +loc_0000752a: cmp edi, dword [ebp - 0x34] -jae short loc_000074d3 ; jae 0x74d3 +jae short loc_00007541 ; jae 0x7541 test bl, bl -jne short loc_000074d3 ; jne 0x74d3 +jne short loc_00007541 ; jne 0x7541 movzx eax, byte [ebp - 0x19] mov ecx, dword [ebp + 0x38] mov dword [ecx + eax*4], 0x9c4 -loc_000074d3: +loc_00007541: movzx eax, byte [ebp - 0x19] mov ecx, 0x64 xor esi, esi @@ -12079,7 +12122,7 @@ mov dword [ebp - 0x30], edi dec eax cmovns esi, eax cmp ecx, 0xffffffff -je short loc_00007516 ; je 0x7516 +je short loc_00007584 ; je 0x7584 mov edx, ecx mov eax, edi sub eax, ecx @@ -12094,48 +12137,48 @@ mov al, cl cmovle eax, edx mov byte [ebp - 0x2a], al -loc_00007516: +loc_00007584: movzx ebx, byte [ebp - 0x2c] push eax push dword [ebp - 0x40] push ebx push dword [ebp + 0x28] -call fcn_00006738 ; call 0x6738 +call fcn_000067a6 ; call 0x67a6 add esp, 0x10 test al, al -je short loc_00007583 ; je 0x7583 +je short loc_000075f1 ; je 0x75f1 push eax push 0 push 1 lea eax, [ebp - 0x19] push eax -call fcn_00009b95 ; call 0x9b95 +call fcn_00009c03 ; call 0x9c03 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00007583 ; je 0x7583 +je short loc_000075f1 ; je 0x75f1 test edi, edi -jns short loc_00007583 ; jns 0x7583 -call fcn_000153e9 ; call 0x153e9 +jns short loc_000075f1 ; jns 0x75f1 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000756b ; je 0x756b +je short loc_000075d9 ; je 0x75d9 push eax push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000756b: +loc_000075d9: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x252 -push ref_00021b85 ; push 0x21b85 -call fcn_000153fc ; call 0x153fc +push ref_00021c15 ; push 0x21c15 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00007583: +loc_000075f1: push edi push dword [ebp - 0x40] push ebx @@ -12144,65 +12187,65 @@ push dword [ebp + 0x14] push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00006863 ; call 0x6863 +call fcn_000068d1 ; call 0x68d1 add esp, 0x20 test eax, eax -js loc_00007628 ; js 0x7628 +js loc_00007696 ; js 0x7696 mov eax, dword [ebp - 0x30] mov dword [ebp - 0x3c], eax -jmp near loc_0000725f ; jmp 0x725f +jmp near loc_000072cd ; jmp 0x72cd -loc_000075b2: +loc_00007620: push ebx push 0 push 1 lea eax, [ebp - 0x19] push eax -call fcn_00009b95 ; call 0x9b95 +call fcn_00009c03 ; call 0x9c03 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00007607 ; je 0x7607 +je short loc_00007675 ; je 0x7675 test ebx, ebx -jns short loc_00007607 ; jns 0x7607 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00007675 ; jns 0x7675 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000075ef ; je 0x75ef +je short loc_0000765d ; je 0x765d push ecx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000075ef: +loc_0000765d: push edx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x262 -push ref_00021b85 ; push 0x21b85 -call fcn_000153fc ; call 0x153fc +push ref_00021c15 ; push 0x21c15 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00007607: +loc_00007675: cmp byte [ebp - 0x41], 0 -je short loc_0000761e ; je 0x761e +je short loc_0000768c ; je 0x768c push eax push eax movzx eax, byte [ebp - 0x19] push 0 push eax -call fcn_000094b3 ; call 0x94b3 +call fcn_00009521 ; call 0x9521 add esp, 0x10 -loc_0000761e: +loc_0000768c: inc dword [ebp - 0x38] -jmp near loc_000071df ; jmp 0x71df +jmp near loc_0000724d ; jmp 0x724d -loc_00007626: +loc_00007694: xor eax, eax -loc_00007628: +loc_00007696: lea esp, [ebp - 0xc] pop ebx pop esi @@ -12210,7 +12253,7 @@ pop edi pop ebp ret -fcn_00007630: +fcn_0000769e: push ebp mov ebp, esp push edi @@ -12226,7 +12269,7 @@ mov al, byte [ebp + 0x2c] mov byte [ebp - 0x1c], al mov al, byte [ebp + 0x30] mov byte [ebp - 0x31], al -call fcn_000069d8 ; call 0x69d8 +call fcn_00006a46 ; call 0x6a46 movzx ecx, bl pop edx mov byte [ebp - 0x1b], 0 @@ -12238,51 +12281,51 @@ mov byte [ebp - 0x1a], 0 mov dword [ebp - 0x30], ecx mov dword [ebp - 0x24], eax -loc_0000767f: +loc_000076ed: cmp byte [ebp - 0x1b], 0x1d -ja loc_000079df ; ja 0x79df +ja loc_00007a4d ; ja 0x7a4d cmp byte [ebp - 0x1a], 1 -ja loc_000079df ; ja 0x79df +ja loc_00007a4d ; ja 0x7a4d push eax push eax movzx eax, byte [edi + 2] inc byte [ebp - 0x1b] push eax push dword [ebp + 0x1c] -call fcn_00007b99 ; call 0x7b99 +call fcn_00007c07 ; call 0x7c07 add esp, 0xc mov esi, eax movzx eax, byte [ebp - 0x20] push eax push dword [ebp - 0x30] push dword [ebp + 0x20] -call fcn_00009b95 ; call 0x9b95 +call fcn_00009c03 ; call 0x9c03 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00007701 ; je 0x7701 +je short loc_0000776f ; je 0x776f test ebx, ebx -jns short loc_00007701 ; jns 0x7701 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000776f ; jns 0x776f +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000076e9 ; je 0x76e9 +je short loc_00007757 ; je 0x7757 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000076e9: +loc_00007757: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x29f -push ref_00021b85 ; push 0x21b85 -call fcn_000153fc ; call 0x153fc +push ref_00021c15 ; push 0x21c15 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00007701: +loc_0000776f: push eax push esi push edi @@ -12291,31 +12334,31 @@ push dword [ebp + 0x18] push dword [ebp + 0x14] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00006dfa ; call 0x6dfa +call fcn_00006e68 ; call 0x6e68 mov ecx, dword [ebp - 0x24] add esp, 0x20 mov dword [ebp - 0x28], eax cmp eax, ecx -jb short loc_0000773d ; jb 0x773d +jb short loc_000077ab ; jb 0x77ab cmp dword [ebp - 0x20], 0 -jne short loc_00007743 ; jne 0x7743 +jne short loc_000077b1 ; jne 0x77b1 movzx eax, byte [edi + 2] mov bl, 1 mov ecx, dword [ebp + 0x34] mov dword [ecx + eax*4], 0 -jmp short loc_00007749 ; jmp 0x7749 +jmp short loc_000077b7 ; jmp 0x77b7 -loc_0000773d: +loc_000077ab: mov byte [ebp - 0x19], 1 -jmp short loc_00007747 ; jmp 0x7747 +jmp short loc_000077b5 ; jmp 0x77b5 -loc_00007743: +loc_000077b1: mov byte [ebp - 0x19], 0xff -loc_00007747: +loc_000077b5: xor ebx, ebx -loc_00007749: +loc_000077b7: mov al, byte [ebp - 0x20] add al, byte [ebp - 0x19] mov byte [ebp - 0x20], al @@ -12324,76 +12367,76 @@ mov dword [ebp - 0x40], eax movzx eax, byte [ebp - 0x1c] mov dword [ebp - 0x44], eax -loc_00007760: +loc_000077ce: test bl, 1 -jne loc_000078b3 ; jne 0x78b3 +jne loc_00007921 ; jne 0x7921 cmp byte [ebp - 0x20], 0x18 -ja loc_000078b3 ; ja 0x78b3 +ja loc_00007921 ; ja 0x7921 push eax push dword [ebp - 0x40] push dword [ebp - 0x44] push edi -call fcn_00006738 ; call 0x6738 +call fcn_000067a6 ; call 0x67a6 add esp, 0x10 test al, al mov bl, al movzx eax, byte [edi + 2] -je short loc_000077bf ; je 0x77bf +je short loc_0000782d ; je 0x782d cmp byte [ebp - 0x19], 0 -js loc_000078d5 ; js 0x78d5 +js loc_00007943 ; js 0x7943 cmp byte [ebp - 0x20], 0 -jne short loc_000077ac ; jne 0x77ac +jne short loc_0000781a ; jne 0x781a mov ecx, dword [ebp + 0x34] mov dword [ecx + eax*4], 0 -jmp near loc_000078e4 ; jmp 0x78e4 +jmp near loc_00007952 ; jmp 0x7952 -loc_000077ac: +loc_0000781a: movsx edx, byte [ebp - 0x20] mov ecx, dword [ebp + 0x34] dec edx imul edx, edx, 0x64 mov dword [ecx + eax*4], edx -jmp near loc_000078e4 ; jmp 0x78e4 +jmp near loc_00007952 ; jmp 0x7952 -loc_000077bf: +loc_0000782d: push esi push esi push eax push dword [ebp + 0x1c] -call fcn_00007b99 ; call 0x7b99 +call fcn_00007c07 ; call 0x7c07 add esp, 0xc mov dword [ebp - 0x38], eax movzx eax, byte [ebp - 0x20] push eax push dword [ebp - 0x30] push dword [ebp + 0x20] -call fcn_00009b95 ; call 0x9b95 +call fcn_00009c03 ; call 0x9c03 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00007827 ; je 0x7827 +je short loc_00007895 ; je 0x7895 test esi, esi -jns short loc_00007827 ; jns 0x7827 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00007895 ; jns 0x7895 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000780f ; je 0x780f +je short loc_0000787d ; je 0x787d push ecx push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000780f: +loc_0000787d: push edx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x2ca -push ref_00021b85 ; push 0x21b85 -call fcn_000153fc ; call 0x153fc +push ref_00021c15 ; push 0x21c15 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00007827: +loc_00007895: push eax push dword [ebp - 0x38] push edi @@ -12402,13 +12445,13 @@ push dword [ebp + 0x18] push dword [ebp + 0x14] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00006dfa ; call 0x6dfa +call fcn_00006e68 ; call 0x6e68 add esp, 0x20 cmp byte [ebp - 0x19], 0 mov esi, eax -jns short loc_00007875 ; jns 0x7875 +jns short loc_000078e3 ; jns 0x78e3 cmp eax, dword [ebp - 0x24] -jae short loc_000078a5 ; jae 0x78a5 +jae short loc_00007913 ; jae 0x7913 movzx eax, byte [edi + 2] mov ebx, dword [ebp + 0x34] lea ebx, [ebx + eax*4] @@ -12417,14 +12460,14 @@ push eax push esi push dword [ebp - 0x28] push dword [ebp - 0x24] -call fcn_000070f4 ; call 0x70f4 +call fcn_00007162 ; call 0x7162 add esp, 0x10 mov dword [ebx], eax -jmp near loc_000078fe ; jmp 0x78fe +jmp near loc_0000796c ; jmp 0x796c -loc_00007875: +loc_000078e3: cmp eax, dword [ebp - 0x24] -jb short loc_000078a5 ; jb 0x78a5 +jb short loc_00007913 ; jb 0x7913 movzx eax, byte [edi + 2] mov edx, dword [ebp + 0x34] lea edx, [edx + eax*4] @@ -12434,48 +12477,48 @@ push eax push dword [ebp - 0x28] push esi push dword [ebp - 0x24] -call fcn_000070f4 ; call 0x70f4 +call fcn_00007162 ; call 0x7162 mov edx, dword [ebp - 0x38] add esp, 0x10 mov dword [ebp - 0x28], esi mov dword [edx], eax -jmp short loc_000078e4 ; jmp 0x78e4 +jmp short loc_00007952 ; jmp 0x7952 -loc_000078a5: +loc_00007913: mov al, byte [ebp - 0x19] add byte [ebp - 0x20], al mov dword [ebp - 0x28], esi -jmp near loc_00007760 ; jmp 0x7760 +jmp near loc_000077ce ; jmp 0x77ce -loc_000078b3: +loc_00007921: cmp byte [ebp - 0x19], 0 -jns short loc_000078e4 ; jns 0x78e4 +jns short loc_00007952 ; jns 0x7952 mov eax, dword [ebp - 0x24] cmp dword [ebp - 0x28], eax -jb short loc_000078fe ; jb 0x78fe +jb short loc_0000796c ; jb 0x796c test bl, bl -jne short loc_000078fe ; jne 0x78fe +jne short loc_0000796c ; jne 0x796c movzx eax, byte [edi + 2] mov ebx, dword [ebp + 0x34] mov dword [ebx + eax*4], 0 -jmp short loc_000078fe ; jmp 0x78fe +jmp short loc_0000796c ; jmp 0x796c -loc_000078d5: +loc_00007943: mov byte [ebp - 0x19], 1 mov dword [ebp - 0x2c], 0xffffffff mov byte [ebp - 0x1a], 0 -loc_000078e4: +loc_00007952: mov eax, dword [ebp - 0x24] cmp dword [ebp - 0x28], eax -jae short loc_000078fe ; jae 0x78fe +jae short loc_0000796c ; jae 0x796c test bl, bl -jne short loc_000078fe ; jne 0x78fe +jne short loc_0000796c ; jne 0x796c movzx eax, byte [edi + 2] mov ebx, dword [ebp + 0x34] mov dword [ebx + eax*4], 0x9c4 -loc_000078fe: +loc_0000796c: movzx eax, byte [edi + 2] mov ecx, dword [ebp + 0x34] mov esi, dword [ecx + eax*4] @@ -12491,7 +12534,7 @@ cmovs ecx, edx mov dword [ebp - 0x20], ecx mov ecx, dword [ebp - 0x2c] cmp ecx, 0xffffffff -je short loc_00007946 ; je 0x7946 +je short loc_000079b4 ; je 0x79b4 mov edx, ecx mov eax, esi sub eax, ecx @@ -12506,48 +12549,48 @@ mov al, cl cmovle eax, edx mov byte [ebp - 0x1a], al -loc_00007946: +loc_000079b4: movzx esi, byte [ebp - 0x31] movzx ebx, byte [ebp - 0x1c] push eax push esi push ebx push edi -call fcn_00006738 ; call 0x6738 +call fcn_000067a6 ; call 0x67a6 add esp, 0x10 test al, al -je short loc_000079b8 ; je 0x79b8 +je short loc_00007a26 ; je 0x7a26 push eax push 0 push dword [ebp - 0x30] push dword [ebp + 0x20] -call fcn_00009b95 ; call 0x9b95 +call fcn_00009c03 ; call 0x9c03 mov dword [ebp - 0x2c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_000079b8 ; je 0x79b8 +je short loc_00007a26 ; je 0x7a26 cmp dword [ebp - 0x2c], 0 -jns short loc_000079b8 ; jns 0x79b8 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00007a26 ; jns 0x7a26 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000079a0 ; je 0x79a0 +je short loc_00007a0e ; je 0x7a0e push eax push dword [ebp - 0x2c] -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000079a0: +loc_00007a0e: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x301 -push ref_00021b85 ; push 0x21b85 -call fcn_000153fc ; call 0x153fc +push ref_00021c15 ; push 0x21c15 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000079b8: +loc_00007a26: push eax push esi push ebx @@ -12556,53 +12599,53 @@ push dword [ebp + 0x14] push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00006863 ; call 0x6863 +call fcn_000068d1 ; call 0x68d1 add esp, 0x20 test eax, eax -js short loc_00007a3c ; js 0x7a3c +js short loc_00007aaa ; js 0x7aaa mov eax, dword [ebp - 0x28] mov dword [ebp - 0x2c], eax -jmp near loc_0000767f ; jmp 0x767f +jmp near loc_000076ed ; jmp 0x76ed -loc_000079df: +loc_00007a4d: movzx eax, byte [ebp - 0x3c] push ecx push 0 push eax push dword [ebp + 0x20] -call fcn_00009b95 ; call 0x9b95 +call fcn_00009c03 ; call 0x9c03 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 xor edx, edx test al, al -je short loc_00007a3e ; je 0x7a3e +je short loc_00007aac ; je 0x7aac test ebx, ebx -jns short loc_00007a3e ; jns 0x7a3e -call fcn_000153e9 ; call 0x153e9 +jns short loc_00007aac ; jns 0x7aac +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00007a20 ; je 0x7a20 +je short loc_00007a8e ; je 0x7a8e push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00007a20: +loc_00007a8e: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x311 -push ref_00021b85 ; push 0x21b85 -call fcn_000153fc ; call 0x153fc +push ref_00021c15 ; push 0x21c15 +call fcn_0001548c ; call 0x1548c add esp, 0x10 xor edx, edx -jmp short loc_00007a3e ; jmp 0x7a3e +jmp short loc_00007aac ; jmp 0x7aac -loc_00007a3c: +loc_00007aaa: mov edx, eax -loc_00007a3e: +loc_00007aac: lea esp, [ebp - 0xc] mov eax, edx pop ebx @@ -12611,7 +12654,7 @@ pop edi pop ebp ret -fcn_00007a48: +fcn_00007ab6: push ebp xor eax, eax mov ebp, esp @@ -12622,12 +12665,12 @@ sub esp, 0x1c mov edx, dword [ebp + 0x20] mov ecx, dword [ebp + 0x24] -loc_00007a59: +loc_00007ac7: mov edi, dword [ebp + 0x2c] mov dword [edi + eax], 0xffffffff add eax, 4 cmp eax, 0x40 -jne short loc_00007a59 ; jne 0x7a59 +jne short loc_00007ac7 ; jne 0x7ac7 movzx eax, cl xor edi, edi shl eax, 5 @@ -12635,37 +12678,37 @@ lea eax, [edx + eax + 0xc] lea esi, [edx + 0xc] mov dword [ebp - 0x20], eax -loc_00007a7d: +loc_00007aeb: cmp esi, dword [ebp - 0x20] -je loc_00007b8f ; je 0x7b8f +je loc_00007bfd ; je 0x7bfd mov al, byte [esi + 0x10] cmp byte [esi + 0x11], 0 mov byte [ebp - 0x19], al -je loc_00007b87 ; je 0x7b87 +je loc_00007bf5 ; je 0x7bf5 cmp byte [esi + 0x12], 1 -je loc_00007b87 ; je 0x7b87 +je loc_00007bf5 ; je 0x7bf5 cmp byte [esi - 1], 0 mov cl, 3 lea ebx, [esi - 0xc] -jne short loc_00007ab9 ; jne 0x7ab9 +jne short loc_00007b27 ; jne 0x7b27 sub esp, 0xc push ebx -call fcn_00006582 ; call 0x6582 +call fcn_000065f0 ; call 0x65f0 add esp, 0x10 mov cl, al -loc_00007ab9: +loc_00007b27: sub esp, 0xc push ebx mov dword [ebp - 0x24], ecx -call fcn_0000642d ; call 0x642d +call fcn_0000649b ; call 0x649b add esp, 0x10 mov ecx, dword [ebp - 0x24] cmp dword [ebp + 0x28], 1 -je short loc_00007b3d ; je 0x7b3d -jb short loc_00007b08 ; jb 0x7b08 +je short loc_00007bab ; je 0x7bab +jb short loc_00007b76 ; jb 0x7b76 cmp dword [ebp + 0x28], 2 -jne loc_00007b6d ; jne 0x7b6d +jne loc_00007bdb ; jne 0x7bdb push dword [ebp + 0x2c] movzx eax, al movzx ecx, cl @@ -12681,10 +12724,10 @@ push dword [ebp + 0x14] push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00006e24 ; call 0x6e24 -jmp short loc_00007b66 ; jmp 0x7b66 +call fcn_00006e92 ; call 0x6e92 +jmp short loc_00007bd4 ; jmp 0x7bd4 -loc_00007b08: +loc_00007b76: sub esp, 0xc movzx eax, al push dword [ebp + 0x2c] @@ -12702,12 +12745,12 @@ push dword [ebp + 0x14] push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_000071a8 ; call 0x71a8 +call fcn_00007216 ; call 0x7216 add esp, 0x40 mov edi, eax -jmp short loc_00007b87 ; jmp 0x7b87 +jmp short loc_00007bf5 ; jmp 0x7bf5 -loc_00007b3d: +loc_00007bab: push dword [ebp + 0x2c] movzx eax, al movzx ecx, cl @@ -12723,29 +12766,29 @@ push dword [ebp + 0x14] push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00007630 ; call 0x7630 +call fcn_0000769e ; call 0x769e -loc_00007b66: +loc_00007bd4: mov edi, eax add esp, 0x30 -jmp short loc_00007b87 ; jmp 0x7b87 +jmp short loc_00007bf5 ; jmp 0x7bf5 -loc_00007b6d: -call fcn_000153e9 ; call 0x153e9 +loc_00007bdb: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00007b87 ; je 0x7b87 +je short loc_00007bf5 ; je 0x7bf5 push eax push eax -push ref_00021bb7 ; push 0x21bb7 +push ref_00021c47 ; push 0x21c47 push 2 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00007b87: +loc_00007bf5: add esi, 0x20 -jmp near loc_00007a7d ; jmp 0x7a7d +jmp near loc_00007aeb ; jmp 0x7aeb -loc_00007b8f: +loc_00007bfd: lea esp, [ebp - 0xc] mov eax, edi pop ebx @@ -12754,7 +12797,7 @@ pop edi pop ebp ret -fcn_00007b99: +fcn_00007c07: push ebp mov ebp, esp movzx eax, byte [ebp + 0xc] @@ -12763,9 +12806,9 @@ shl eax, 4 lea eax, [edx + eax + 0xc] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00017d8a ; jmp 0x17d8a +jmp near fcn_00017e4e ; jmp 0x17e4e -fcn_00007bb3: +fcn_00007c21: push ebp mov ebp, esp push edi @@ -12778,63 +12821,63 @@ mov ebx, dword [ebp + 8] push 1 push 0 mov dword [ebp - 0x20], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 1 push 1 push 0 mov esi, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 2 push 1 push 0 mov edi, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [ebp - 0x1c], eax pop eax pop edx lea eax, [ebx + 0x6430] push 3 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax lea eax, [ebx + 0x6434] add ebx, 0x6438 push 0x76543210 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx lea eax, [esi + 0x630] push 0xb push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax lea eax, [esi + 0x600] add esi, 0x604 push 0x60b push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx push 0x76543980 push esi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f lea eax, [edi + 0x600] add edi, 0x604 pop ecx pop esi push 0x60b push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx push 0x76543280 push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov edi, dword [ebp - 0x1c] pop ecx pop esi @@ -12842,19 +12885,19 @@ mov eax, edi push 0xb add eax, 0x600 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax mov eax, edi pop edx add eax, 0x604 push 0x76543210 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop esi push 0x680000 push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov eax, dword [ebp - 0x20] add esp, 0x10 mov dword [ebp + 0xc], 0xa @@ -12865,9 +12908,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_00007cce: +fcn_00007d3c: push ebp mov ebp, esp push edi @@ -12880,63 +12923,63 @@ mov ebx, dword [ebp + 8] push 1 push 0 mov dword [ebp - 0x20], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 1 push 1 push 0 mov esi, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 2 push 1 push 0 mov edi, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [ebp - 0x1c], eax pop eax pop edx lea eax, [ebx + 0x6430] push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax lea eax, [ebx + 0x6434] add ebx, 0x6438 push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx lea eax, [esi + 0x630] push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax lea eax, [esi + 0x600] add esi, 0x604 push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx push 0 push esi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f lea eax, [edi + 0x600] add edi, 0x604 pop ecx pop esi push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx push 0 push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov edi, dword [ebp - 0x1c] pop ecx pop esi @@ -12944,19 +12987,19 @@ mov eax, edi push 0 add eax, 0x600 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax mov eax, edi pop edx add eax, 0x604 push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop esi push 0 push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov eax, dword [ebp - 0x20] add esp, 0x10 mov dword [ebp + 0xc], 0 @@ -12967,9 +13010,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_00007dd4: +fcn_00007e42: push ebp mov ebp, esp push ebx @@ -12977,10 +13020,10 @@ sub esp, 8 push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x60 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edx pop ecx push 0x4000 @@ -12988,25 +13031,25 @@ mov ebx, eax and ebx, 0xfffffff8 lea eax, [ebx + 0x54] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0xc push 0 push 0xfed85000 lea eax, [ebx + 0x38010] add ebx, 0x38004 push eax -call fcn_00017e64 ; call 0x17e64 +call fcn_00017f28 ; call 0x17f28 pop eax pop edx push 2 push ebx -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 mov eax, 0xfed85000 mov ebx, dword [ebp - 4] leave ret -fcn_00007e36: +fcn_00007ea4: push ebp mov ebp, esp push ebx @@ -13014,10 +13057,10 @@ sub esp, 8 push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x60 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edx pop ecx push 0xfffd @@ -13025,25 +13068,25 @@ mov ebx, eax and ebx, 0xfffffff8 lea eax, [ebx + 0x38004] push eax -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0xc push 0 push 0xfff lea eax, [ebx + 0x38010] add ebx, 0x54 push eax -call fcn_00018c3e ; call 0x18c3e +call fcn_00018d02 ; call 0x18d02 pop eax pop edx push 0xffffbfff push ebx -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 mov ebx, dword [ebp - 4] leave ret -fcn_00007e99: +fcn_00007f07: push ebp mov ebp, esp push ebx @@ -13051,87 +13094,87 @@ sub esp, 0xc mov ebx, dword [ebp + 8] push 0x40000 push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx lea eax, [ebx + 4] push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax lea eax, [ebx + 0x10] push 0x40000 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx lea eax, [ebx + 0x14] push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax lea eax, [ebx + 0x20] push 0x40000 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx lea eax, [ebx + 0x24] push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax lea eax, [ebx + 8] push 0xff000000 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx lea eax, [ebx + 0x18] push 0xff000000 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax lea eax, [ebx + 0x28] push 0xff000000 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx lea eax, [ebx + 0xc] push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax lea eax, [ebx + 0x1c] add ebx, 0x2c push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx push 0 push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 mov ebx, dword [ebp - 4] leave ret -fcn_00007f54: +fcn_00007fc2: push ebp mov ebp, esp push ebx sub esp, 0x10 mov ebx, dword [ebp + 8] push dword [ebp + 0xc] -call fcn_00007e99 ; call 0x7e99 -call fcn_00007e36 ; call 0x7e36 +call fcn_00007f07 ; call 0x7f07 +call fcn_00007ea4 ; call 0x7ea4 mov eax, dword [ebx + 1] add esp, 0x10 mov ebx, dword [ebp - 4] @@ -13140,9 +13183,9 @@ mov dword [ebp + 0xc], edx mov eax, dword [eax + 4] mov dword [ebp + 8], eax leave -jmp near fcn_00007cce ; jmp 0x7cce +jmp near fcn_00007d3c ; jmp 0x7d3c -fcn_00007f86: +fcn_00007ff4: push ebp mov ebp, esp push edi @@ -13155,24 +13198,24 @@ mov esi, dword [ebp + 0x10] mov edi, dword [ebp + 0xc] lea eax, [ebx + 4] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx lea eax, [ebx + 0x14] push 0xa101 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax lea eax, [ebx + 0x24] push 0xa102 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx push 0x110000 push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0xc push 0x3e8 push esi @@ -13182,14 +13225,14 @@ pop ecx pop esi push 0x22100 push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop edi pop eax lea eax, [ebx + 0x10] add ebx, 0x20 push 0x22101 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], 0x22102 @@ -13198,9 +13241,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_00008019: +fcn_00008087: push ebp mov ebp, esp push ebx @@ -13209,22 +13252,22 @@ mov eax, dword [ebp + 0xc] mov eax, dword [eax + 1] push dword [eax + 0x18] push dword [eax + 4] -call fcn_00007bb3 ; call 0x7bb3 -call fcn_00007dd4 ; call 0x7dd4 +call fcn_00007c21 ; call 0x7c21 +call fcn_00007e42 ; call 0x7e42 mov ebx, eax mov dword [esp], eax -call fcn_00007e99 ; call 0x7e99 +call fcn_00007f07 ; call 0x7f07 add esp, 0xc push dword [ebp + 0x10] push dword [ebp + 8] push ebx -call fcn_00007f86 ; call 0x7f86 +call fcn_00007ff4 ; call 0x7ff4 mov eax, ebx mov ebx, dword [ebp - 4] leave ret -fcn_00008056: ; not directly referenced +fcn_000080c4: ; not directly referenced push ebp mov ebp, esp push edi @@ -13235,7 +13278,7 @@ mov ebx, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov edi, dword [ebp + 0x10] push ebx -call fcn_00007e99 ; call 0x7e99 +call fcn_00007f07 ; call 0x7f07 add esp, 0x10 mov dword [ebp + 0x10], edi mov dword [ebp + 0xc], esi @@ -13245,9 +13288,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00007f86 ; jmp 0x7f86 +jmp near fcn_00007ff4 ; jmp 0x7ff4 -fcn_00008086: +fcn_000080f4: push ebp mov ebp, esp push edi @@ -13259,159 +13302,159 @@ mov ebx, dword [ebp + 0xc] mov edi, dword [ebp + 0x14] mov dword [ebp - 0x1c], eax cmp bl, 0xf -ja loc_000081d9 ; ja 0x81d9 +ja loc_00008247 ; ja 0x8247 mov esi, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000080c3 ; je 0x80c3 +je short loc_00008131 ; je 0x8131 push eax movzx eax, bl push eax -push ref_00021bd7 ; push 0x21bd7 +push ref_00021c67 ; push 0x21c67 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000080c3: +loc_00008131: mov eax, dword [ebp + 8] mov al, byte [eax + 0x1d] test al, al -je loc_0000815b ; je 0x815b +je loc_000081c9 ; je 0x81c9 mov edx, dword [ebp + 8] cmp byte [edx + 0x1f], 0 -je short loc_00008122 ; je 0x8122 -call fcn_000153e9 ; call 0x153e9 +je short loc_00008190 ; je 0x8190 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000080f8 ; je 0x80f8 +je short loc_00008166 ; je 0x8166 push eax movzx eax, byte [ebp - 0x1c] push eax -push ref_00021bed ; push 0x21bed +push ref_00021c7d ; push 0x21c7d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000080f8: +loc_00008166: test edi, edi -je loc_000081c5 ; je 0x81c5 -call fcn_000153e9 ; call 0x153e9 +je loc_00008233 ; je 0x8233 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000811a ; je 0x811a +je short loc_00008188 ; je 0x8188 push eax push eax -push ref_00021c1a ; push 0x21c1a +push ref_00021caa ; push 0x21caa push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000811a: +loc_00008188: movzx ebx, bl mov al, byte [ebp - 0x1c] -jmp short loc_00008155 ; jmp 0x8155 +jmp short loc_000081c3 ; jmp 0x81c3 -loc_00008122: +loc_00008190: test edi, edi -je short loc_0000815b ; je 0x815b +je short loc_000081c9 ; je 0x81c9 mov eax, dword [ebp + 0x10] movzx ebx, bl mov eax, dword [eax + 0xd] movzx esi, byte [eax + ebx + 0x19] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00008153 ; je 0x8153 +je short loc_000081c1 ; je 0x81c1 push eax mov eax, esi movzx eax, al push eax -push ref_00021c00 ; push 0x21c00 +push ref_00021c90 ; push 0x21c90 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00008153: +loc_000081c1: mov eax, esi -loc_00008155: +loc_000081c3: mov byte [edi + ebx + 0x35], al -jmp short loc_000081c5 ; jmp 0x81c5 +jmp short loc_00008233 ; jmp 0x8233 -loc_0000815b: +loc_000081c9: mov ecx, dword [ebp + 8] cmp byte [ecx + 0x1f], 0 -jne short loc_00008191 ; jne 0x8191 +jne short loc_000081ff ; jne 0x81ff test edi, edi -jne loc_00008200 ; jne 0x8200 +jne loc_0000826e ; jne 0x826e mov eax, dword [ebp + 0x10] movzx ebx, bl mov eax, dword [eax + 0xd] movzx esi, byte [eax + ebx + 0x19] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000081c5 ; je 0x81c5 +je short loc_00008233 ; je 0x8233 mov eax, esi movzx eax, al push ebx push eax -push ref_00021c38 ; push 0x21c38 -jmp short loc_000081bb ; jmp 0x81bb +push ref_00021cc8 ; push 0x21cc8 +jmp short loc_00008229 ; jmp 0x8229 -loc_00008191: +loc_000081ff: mov esi, 7 test al, al -jne short loc_000081c5 ; jne 0x81c5 +jne short loc_00008233 ; jne 0x8233 test edi, edi -je short loc_000081c5 ; je 0x81c5 +je short loc_00008233 ; je 0x8233 -loc_0000819e: +loc_0000820c: movzx ebx, bl movzx esi, byte [edi + ebx + 0x35] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000081c5 ; je 0x81c5 +je short loc_00008233 ; je 0x8233 mov eax, esi movzx eax, al push ecx push eax -push ref_00021c53 ; push 0x21c53 +push ref_00021ce3 ; push 0x21ce3 -loc_000081bb: +loc_00008229: push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000081c5: -call fcn_000153e9 ; call 0x153e9 +loc_00008233: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000820b ; je 0x820b +je short loc_00008279 ; je 0x8279 push edx push edx -push ref_00021e91 ; push 0x21e91 +push ref_00021f21 ; push 0x21f21 push 0x40 -jmp short loc_000081f6 ; jmp 0x81f6 +jmp short loc_00008264 ; jmp 0x8264 -loc_000081d9: -call fcn_000153e9 ; call 0x153e9 +loc_00008247: +call fcn_00015479 ; call 0x15479 mov esi, 7 test al, al -je short loc_0000820b ; je 0x820b +je short loc_00008279 ; je 0x8279 movzx ebx, bl push eax push ebx -push ref_00021c71 ; push 0x21c71 +push ref_00021d01 ; push 0x21d01 push 0x80000000 -loc_000081f6: -call fcn_000153f7 ; call 0x153f7 +loc_00008264: +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_0000820b ; jmp 0x820b +jmp short loc_00008279 ; jmp 0x8279 -loc_00008200: +loc_0000826e: mov esi, 7 test al, al -jne short loc_000081c5 ; jne 0x81c5 -jmp short loc_0000819e ; jmp 0x819e +jne short loc_00008233 ; jne 0x8233 +jmp short loc_0000820c ; jmp 0x820c -loc_0000820b: +loc_00008279: lea esp, [ebp - 0xc] mov eax, esi pop ebx @@ -13420,93 +13463,93 @@ pop edi pop ebp ret -fcn_00008215: +fcn_00008283: push ebp mov ebp, esp mov eax, dword [ebp + 8] mov ecx, dword [eax + 0xd] xor eax, eax -loc_00008220: +loc_0000828e: movzx edx, byte [ecx + eax + 5] cmp edx, 3 -je short loc_00008238 ; je 0x8238 +je short loc_000082a6 ; je 0x82a6 test edx, edx -je short loc_00008238 ; je 0x8238 +je short loc_000082a6 ; je 0x82a6 inc eax cmp eax, 3 -jne short loc_00008220 ; jne 0x8220 +jne short loc_0000828e ; jne 0x828e xor eax, eax -jmp short loc_0000823a ; jmp 0x823a +jmp short loc_000082a8 ; jmp 0x82a8 -loc_00008238: +loc_000082a6: mov al, 1 -loc_0000823a: +loc_000082a8: pop ebp ret -fcn_0000823c: +fcn_000082aa: push ebp mov ebp, esp sub esp, 8 mov eax, dword [ebp + 8] cmp byte [eax], 0x12 -jbe short loc_00008254 ; jbe 0x8254 +jbe short loc_000082c2 ; jbe 0x82c2 mov eax, dword [eax + 0xd] mov al, byte [eax + 0x64] cmp al, 1 -jbe short loc_0000826f ; jbe 0x826f +jbe short loc_000082dd ; jbe 0x82dd -loc_00008254: -call fcn_0001c58d ; call 0x1c58d +loc_000082c2: +call fcn_0001c651 ; call 0x1c651 cmp eax, 0x40660 -je short loc_0000826b ; je 0x826b +je short loc_000082d9 ; je 0x82d9 cmp eax, 0x306c0 -loc_00008265: -je short loc_0000826b ; je 0x826b +loc_000082d3: +je short loc_000082d9 ; je 0x82d9 mov al, 1 -jmp short loc_00008273 ; jmp 0x8273 +jmp short loc_000082e1 ; jmp 0x82e1 -loc_0000826b: +loc_000082d9: xor eax, eax -jmp short loc_00008273 ; jmp 0x8273 +jmp short loc_000082e1 ; jmp 0x82e1 -loc_0000826f: +loc_000082dd: test al, al -jmp short loc_00008265 ; jmp 0x8265 +jmp short loc_000082d3 ; jmp 0x82d3 -loc_00008273: +loc_000082e1: leave ret -fcn_00008275: +fcn_000082e3: push ebp mov ebp, esp push edi push esi push ebx sub esp, 0x41c -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov dword [ebp - 0x3ec], eax -call fcn_0001c5b4 ; call 0x1c5b4 +call fcn_0001c678 ; call 0x1c678 push ebx push 0 push 1 push 0 mov dword [ebp - 0x3f4], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [ebp - 0x3f8], eax add eax, 0xd0c mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov byte [ebp - 0x3ee], 3 mov ebx, eax mov eax, dword [ebp + 0xc] cmp byte [eax], 0x12 -jbe short loc_000082e3 ; jbe 0x82e3 +jbe short loc_00008351 ; jbe 0x8351 mov eax, dword [eax + 0xd] mov edi, 3 cmp byte [eax + 0x69], 1 @@ -13515,7 +13558,7 @@ cmove edi, eax mov eax, edi mov byte [ebp - 0x3ee], al -loc_000082e3: +loc_00008351: mov byte [ebp - 0x2a2], 7 xor eax, eax mov byte [ebp - 0x261], 3 @@ -13528,39 +13571,39 @@ mov byte [ebp - 0xdb], 6 mov byte [ebp - 0x9a], 9 mov byte [ebp - 0x59], 4 -loc_00008328: +loc_00008396: mov dword [ebp + eax*4 - 0x3c4], 0xffffffff mov dword [ebp + eax*4 - 0x384], 0xffffffff mov byte [ebp + eax - 0x3d4], 7 inc eax cmp eax, 0x10 -jne short loc_00008328 ; jne 0x8328 -call fcn_000153e9 ; call 0x153e9 +jne short loc_00008396 ; jne 0x8396 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00008366 ; je 0x8366 +je short loc_000083d4 ; je 0x83d4 push ecx push ecx -push ref_00021c82 ; push 0x21c82 +push ref_00021d12 ; push 0x21d12 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00008366: +loc_000083d4: sub esp, 0xc push dword [ebp + 0xc] -call fcn_00008215 ; call 0x8215 +call fcn_00008283 ; call 0x8283 add esp, 0x10 test al, al -jne short loc_00008391 ; jne 0x8391 -call fcn_000153e9 ; call 0x153e9 +jne short loc_000083ff ; jne 0x83ff +call fcn_00015479 ; call 0x15479 test al, al -je loc_00009307 ; je 0x9307 +je loc_00009375 ; je 0x9375 push edx push edx -push ref_00021c9a ; push 0x21c9a -jmp near loc_00008dde ; jmp 0x8dde +push ref_00021d2a ; push 0x21d2a +jmp near loc_00008e4c ; jmp 0x8e4c -loc_00008391: +loc_000083ff: shr ebx, 0x14 sub esp, 0xc mov al, bl @@ -13572,82 +13615,82 @@ mov eax, dword [eax + 0xd] mov ax, word [eax + 0x3c] push dword [ebp + 0xc] mov word [ebp - 0x404], ax -call fcn_00006a20 ; call 0x6a20 +call fcn_00006a8e ; call 0x6a8e add esp, 0x10 mov word [ebp - 0x40c], ax test bl, bl -jne short loc_000083dd ; jne 0x83dd -call fcn_000153e9 ; call 0x153e9 +jne short loc_0000844b ; jne 0x844b +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000083f7 ; je 0x83f7 +je short loc_00008465 ; je 0x8465 push eax push eax -push ref_00021cb7 ; push 0x21cb7 -jmp short loc_000083ed ; jmp 0x83ed +push ref_00021d47 ; push 0x21d47 +jmp short loc_0000845b ; jmp 0x845b -loc_000083dd: -call fcn_000153e9 ; call 0x153e9 +loc_0000844b: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000083f7 ; je 0x83f7 +je short loc_00008465 ; je 0x8465 push eax push eax -push ref_00021cd2 ; push 0x21cd2 +push ref_00021d62 ; push 0x21d62 -loc_000083ed: +loc_0000845b: push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000083f7: +loc_00008465: cmp dword [ebp + 0x14], 0 mov byte [ebp - 0x3d9], 0 -je loc_00008509 ; je 0x8509 +je loc_00008577 ; je 0x8577 mov eax, dword [ebp + 0x14] cmp byte [eax + 0x28], 0 -je loc_00008509 ; je 0x8509 +je loc_00008577 ; je 0x8577 lea eax, [ebp - 0x3d8] push eax push 0 push 0 -push ref_0002914c ; push 0x2914c -call fcn_00019699 ; call 0x19699 +push ref_000291fc ; push 0x291fc +call fcn_0001975d ; call 0x1975d mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00008471 ; je 0x8471 +je short loc_000084df ; je 0x84df test ebx, ebx -jns short loc_00008471 ; jns 0x8471 -call fcn_000153e9 ; call 0x153e9 +jns short loc_000084df ; jns 0x84df +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00008459 ; je 0x8459 +je short loc_000084c7 ; je 0x84c7 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00008459: +loc_000084c7: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xd6 -push ref_00021cec ; push 0x21cec -call fcn_000153fc ; call 0x153fc +push ref_00021d7c ; push 0x21d7c +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00008471: -call fcn_000153e9 ; call 0x153e9 +loc_000084df: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000848b ; je 0x848b +je short loc_000084f9 ; je 0x84f9 push eax push eax -push ref_00021d24 ; push 0x21d24 +push ref_00021db4 ; push 0x21db4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000848b: +loc_000084f9: push eax lea eax, [ebp - 0x3d9] push eax @@ -13656,43 +13699,43 @@ push 0 push dword [ebp + 8] call dword [eax + 5] ; ucall mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_000084e8 ; je 0x84e8 +je short loc_00008556 ; je 0x8556 test ebx, ebx -jns short loc_000084e8 ; jns 0x84e8 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00008556 ; jns 0x8556 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000084d0 ; je 0x84d0 +je short loc_0000853e ; je 0x853e push edi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000084d0: +loc_0000853e: push esi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xd9 -push ref_00021cec ; push 0x21cec -call fcn_000153fc ; call 0x153fc +push ref_00021d7c ; push 0x21d7c +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000084e8: -call fcn_000153e9 ; call 0x153e9 +loc_00008556: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00008509 ; je 0x8509 +je short loc_00008577 ; je 0x8577 movzx eax, byte [ebp - 0x3d9] push ebx push eax -push ref_00021d41 ; push 0x21d41 +push ref_00021dd1 ; push 0x21dd1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00008509: +loc_00008577: lea eax, [ebp - 0x3df] xor ebx, ebx push ecx @@ -13701,12 +13744,12 @@ lea eax, [ebp - 0x3de] push eax lea eax, [ebp - 0x302] push eax -call fcn_00006a44 ; call 0x6a44 +call fcn_00006ab2 ; call 0x6ab2 add esp, 0x10 -loc_00008529: +loc_00008597: cmp bl, byte [ebp - 0x3de] -jae loc_000085bf ; jae 0x85bf +jae loc_0000862d ; jae 0x862d movzx eax, bl shl eax, 5 lea esi, [ebp + eax - 0x302] @@ -13717,50 +13760,50 @@ push edx movzx edx, byte [esi + 1] push edx push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xb2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and eax, 0xf cmp ax, 3 -je short loc_0000857a ; je 0x857a +je short loc_000085e8 ; je 0x85e8 cmp byte [esi + 0xb], 0 -jne short loc_0000857d ; jne 0x857d +jne short loc_000085eb ; jne 0x85eb -loc_0000857a: +loc_000085e8: inc ebx -jmp short loc_00008529 ; jmp 0x8529 +jmp short loc_00008597 ; jmp 0x8597 -loc_0000857d: +loc_000085eb: mov eax, dword [ebp - 0x3f8] push ebx push ebx push 0x8000 lea esi, [eax + 0xdd8] push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0xc push dword [ebp + 0xc] push dword [ebp + 0x10] push dword [ebp + 8] -call fcn_00006058 ; call 0x6058 +call fcn_000060c6 ; call 0x60c6 add esp, 0x10 test eax, eax -jns loc_00008e12 ; jns 0x8e12 +jns loc_00008e80 ; jns 0x8e80 -loc_000085b2: +loc_00008620: cmp dword [ebp - 0x3f4], 0 -jne loc_00008ded ; jne 0x8ded +jne loc_00008e5b ; jne 0x8e5b -loc_000085bf: +loc_0000862d: mov byte [ebp - 0x3f4], 0 mov byte [ebp - 0x3ec], 0 -loc_000085cd: +loc_0000863b: mov cl, byte [ebp - 0x3de] cmp byte [ebp - 0x3ec], cl -jae loc_00008718 ; jae 0x8718 +jae loc_00008786 ; jae 0x8786 movzx ebx, byte [ebp - 0x3ec] mov edx, ebx shl edx, 5 @@ -13773,27 +13816,27 @@ mov byte [ebp - 0x400], cl mov cl, byte [eax + 2] mov byte [ebp - 0x408], cl movzx edx, cl -je short loc_0000863d ; je 0x863d +je short loc_000086ab ; je 0x86ab mov esi, dword [ebp + 0x14] cmp byte [esi + 0x28], 0 -je loc_00008e98 ; je 0x8e98 +je loc_00008f06 ; je 0x8f06 mov eax, dword [eax + 7] mov edi, 1 cmp dword [esi + edx*4 + 0x29], eax -jne loc_00008e9a ; jne 0x8e9a +jne loc_00008f08 ; jne 0x8f08 xor esi, esi -jmp short loc_00008644 ; jmp 0x8644 +jmp short loc_000086b2 ; jmp 0x86b2 -loc_0000863d: +loc_000086ab: mov esi, 1 xor edi, edi -loc_00008644: +loc_000086b2: mov dword [ebp - 0x410], edx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 mov edx, dword [ebp - 0x410] test al, al -je short loc_0000868a ; je 0x868a +je short loc_000086f8 ; je 0x86f8 mov ecx, esi sub esp, 0xc movzx eax, byte [ebp - 0x400] @@ -13808,12 +13851,12 @@ push eax push ecx push edx push eax -push ref_00021d69 ; push 0x21d69 +push ref_00021df9 ; push 0x21df9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x30 -loc_0000868a: +loc_000086f8: push eax movzx eax, byte [ebp - 0x408] push eax @@ -13821,83 +13864,83 @@ movzx eax, byte [ebp - 0x400] push eax movzx eax, byte [ebp - 0x3fc] push eax -call fcn_000023ad ; call 0x23ad +call fcn_0000241b ; call 0x241b mov eax, edi mov ecx, esi xor eax, 1 add esp, 0x10 or cl, al -jne short loc_000086d0 ; jne 0x86d0 +jne short loc_0000873e ; jne 0x873e cmp byte [ebp - 0x3d9], 0 -jne short loc_000086d0 ; jne 0x86d0 +jne short loc_0000873e ; jne 0x873e mov eax, dword [ebp + 0xc] cmp byte [eax], 1 -jbe short loc_000086df ; jbe 0x86df +jbe short loc_0000874d ; jbe 0x874d mov eax, dword [eax + 0xd] cmp byte [eax + 0x48], 1 -jne short loc_000086df ; jne 0x86df +jne short loc_0000874d ; jne 0x874d -loc_000086d0: +loc_0000873e: mov eax, ebx shl eax, 5 mov byte [ebp + eax - 0x2e5], 1 -jmp short loc_000086ec ; jmp 0x86ec +jmp short loc_0000875a ; jmp 0x875a -loc_000086df: +loc_0000874d: mov eax, ebx shl eax, 5 mov byte [ebp + eax - 0x2e5], 0 -loc_000086ec: +loc_0000875a: shl ebx, 5 lea eax, [ebp - 0x18] add ebx, eax cmp byte [ebx - 0x2df], 0 -jne short loc_00008706 ; jne 0x8706 +jne short loc_00008774 ; jne 0x8774 mov byte [ebx - 0x2cd], 0 -jmp short loc_0000870d ; jmp 0x870d +jmp short loc_0000877b ; jmp 0x877b -loc_00008706: +loc_00008774: mov byte [ebp - 0x3f4], 1 -loc_0000870d: +loc_0000877b: inc byte [ebp - 0x3ec] -jmp near loc_000085cd ; jmp 0x85cd +jmp near loc_0000863b ; jmp 0x863b -loc_00008718: +loc_00008786: cmp byte [ebp - 0x3f4], 0 -je short loc_0000872b ; je 0x872b +je short loc_00008799 ; je 0x8799 lea edx, [ebp - 0x302] xor eax, eax -jmp short loc_0000874e ; jmp 0x874e +jmp short loc_000087bc ; jmp 0x87bc -loc_0000872b: -call fcn_000153e9 ; call 0x153e9 +loc_00008799: +call fcn_00015479 ; call 0x15479 test al, al -je loc_00009307 ; je 0x9307 +je loc_00009375 ; je 0x9375 push ecx push ecx -push ref_00021db4 ; push 0x21db4 -jmp near loc_00008dde ; jmp 0x8dde +push ref_00021e44 ; push 0x21e44 +jmp near loc_00008e4c ; jmp 0x8e4c -loc_00008744: +loc_000087b2: add edx, 0x20 cmp byte [edx - 3], 1 -je short loc_0000875e ; je 0x875e +je short loc_000087cc ; je 0x87cc inc eax -loc_0000874e: +loc_000087bc: cmp al, cl -jne short loc_00008744 ; jne 0x8744 +jne short loc_000087b2 ; jne 0x87b2 mov byte [ebp - 0x3ee], 0 -jmp near loc_000088fe ; jmp 0x88fe +jmp near loc_0000896c ; jmp 0x896c -loc_0000875e: +loc_000087cc: push eax push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00008019 ; call 0x8019 +call fcn_00008087 ; call 0x8087 pop edx pop ecx push 0x2000 @@ -13906,7 +13949,7 @@ mov eax, dword [ebp - 0x3f8] add eax, 0x444 push eax mov dword [ebp - 0x410], eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 lea eax, [ebp - 0x2a2] add esp, 0x10 mov dword [ebp - 0x3ec], eax @@ -13916,21 +13959,21 @@ mov dword [ebp - 0x414], eax movzx eax, word [ebp - 0x404] mov dword [ebp - 0x418], eax -loc_000087c1: +loc_0000882f: xor eax, eax -loc_000087c3: +loc_00008831: mov edi, dword [ebp - 0x3ec] mov dword [edi + eax + 1], 0 add eax, 4 cmp eax, 0x40 -jne short loc_000087c3 ; jne 0x87c3 +jne short loc_00008831 ; jne 0x8831 mov byte [ebp - 0x3fc], 0 -loc_000087e0: +loc_0000884e: movzx eax, byte [ebp - 0x3de] cmp byte [ebp - 0x3fc], al -jb loc_00008eb7 ; jb 0x8eb7 +jb loc_00008f25 ; jb 0x8f25 mov esi, dword [ebp - 0x3ec] push ebx push ebx @@ -13946,109 +13989,109 @@ push dword [ebp + 0x10] push dword [ebp + 0x14] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00007a48 ; call 0x7a48 +call fcn_00007ab6 ; call 0x7ab6 add esp, 0x30 test eax, eax -js loc_00009176 ; js 0x9176 +js loc_000091e4 ; js 0x91e4 -loc_00008831: +loc_0000889f: sub esp, 0xc push dword [ebp + 0xc] -call fcn_0000823c ; call 0x823c +call fcn_000082aa ; call 0x82aa add esp, 0x10 test al, al -jne loc_00009193 ; jne 0x9193 +jne loc_00009201 ; jne 0x9201 -loc_00008847: +loc_000088b5: inc byte [ebp - 0x408] mov al, byte [ebp - 0x3ee] add dword [ebp - 0x3ec], 0x41 cmp byte [ebp - 0x408], al -jb loc_000087c1 ; jb 0x87c1 +jb loc_0000882f ; jb 0x882f push eax xor edi, edi push eax push 0xffffdfff push dword [ebp - 0x410] lea ebx, [ebp - 0x384] -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e pop eax pop edx push dword [ebp - 0x3f4] push dword [ebp + 0xc] -call fcn_00007f54 ; call 0x7f54 +call fcn_00007fc2 ; call 0x7fc2 add esp, 0x10 lea edx, [ebp - 0x2a2] -loc_00008899: +loc_00008907: lea eax, [ebp - 0x3c4] -loc_0000889f: +loc_0000890d: mov dword [eax], 0xffffffff add eax, 4 cmp eax, ebx -jne short loc_0000889f ; jne 0x889f +jne short loc_0000890d ; jne 0x890d xor eax, eax -loc_000088ae: +loc_0000891c: mov esi, dword [edx + eax*4 + 1] cmp esi, 0xffffffff -je short loc_000088be ; je 0x88be +je short loc_0000892c ; je 0x892c mov dword [ebp + eax*4 - 0x3c4], esi -loc_000088be: +loc_0000892c: mov esi, dword [ebp + eax*4 - 0x3c4] cmp esi, dword [ebx + eax*4] -jle short loc_000088d6 ; jle 0x88d6 +jle short loc_00008944 ; jle 0x8944 mov cl, byte [edx] mov dword [ebx + eax*4], esi mov byte [ebp + eax - 0x3d4], cl -loc_000088d6: +loc_00008944: inc eax cmp eax, 0x10 -jne short loc_000088ae ; jne 0x88ae +jne short loc_0000891c ; jne 0x891c inc edi add edx, 0x41 mov eax, edi cmp al, byte [ebp - 0x3ee] -jb short loc_00008899 ; jb 0x8899 +jb short loc_00008907 ; jb 0x8907 cmp byte [ebp - 0x3df], 0 -jne loc_0000920a ; jne 0x920a +jne loc_00009278 ; jne 0x9278 -loc_000088f7: +loc_00008965: mov byte [ebp - 0x3ee], 1 -loc_000088fe: +loc_0000896c: mov byte [ebp - 0x3ec], 0 -loc_00008905: +loc_00008973: mov al, byte [ebp - 0x3ec] cmp al, byte [ebp - 0x3de] -jae loc_00008a52 ; jae 0x8a52 +jae loc_00008ac0 ; jae 0x8ac0 movzx edi, byte [ebp - 0x3ec] mov eax, edi shl eax, 5 lea ecx, [ebp + eax - 0x302] cmp byte [ecx + 0xb], 0 mov al, byte [ecx + 2] -je loc_00008a47 ; je 0x8a47 +je loc_00008ab5 ; je 0x8ab5 cmp byte [ebp - 0x3df], 0 -jne short loc_00008952 ; jne 0x8952 +jne short loc_000089c0 ; jne 0x89c0 -loc_00008940: +loc_000089ae: shl edi, 5 xor ebx, ebx lea eax, [ebp - 0x18] mov edx, edi lea edi, [eax + edi] -jmp near loc_000089fa ; jmp 0x89fa +jmp near loc_00008a68 ; jmp 0x8a68 -loc_00008952: +loc_000089c0: cmp al, 1 -je short loc_00008972 ; je 0x8972 +je short loc_000089e0 ; je 0x89e0 cmp al, 2 -je short loc_0000898e ; je 0x898e +je short loc_000089fc ; je 0x89fc mov bl, byte [ebp - 0x3ed] cmp bl, 1 sbb esi, esi @@ -14056,9 +14099,9 @@ neg ebx and esi, 0xfffffff2 and ebx, 0xe add esi, 0xf -jmp short loc_000089a8 ; jmp 0x89a8 +jmp short loc_00008a16 ; jmp 0x8a16 -loc_00008972: +loc_000089e0: mov al, byte [ebp - 0x3ed] cmp al, 1 sbb esi, esi @@ -14068,9 +14111,9 @@ cmp al, 1 sbb ebx, ebx and ebx, 2 add ebx, 6 -jmp short loc_000089a8 ; jmp 0x89a8 +jmp short loc_00008a16 ; jmp 0x8a16 -loc_0000898e: +loc_000089fc: mov al, byte [ebp - 0x3ed] cmp al, 1 sbb esi, esi @@ -14081,15 +14124,15 @@ sbb ebx, ebx and ebx, 0xa add ebx, 2 -loc_000089a8: +loc_00008a16: mov eax, edi shl eax, 5 mov dword [ebp - 0x3f4], eax -loc_000089b3: +loc_00008a21: mov eax, esi cmp bl, al -ja short loc_00008940 ; ja 0x8940 +ja short loc_000089ae ; ja 0x89ae movzx ecx, bl sub esp, 0xc movzx eax, byte [ebp + ecx - 0x3d4] @@ -14102,15 +14145,15 @@ lea eax, [ebp - 0x302] add eax, dword [ebp - 0x3f4] push ecx push eax -call fcn_00008086 ; call 0x8086 +call fcn_000080f4 ; call 0x80f4 mov ecx, dword [ebp - 0x3f8] add esp, 0x20 mov byte [ebp + ecx - 0x3d4], al -jmp short loc_000089b3 ; jmp 0x89b3 +jmp short loc_00008a21 ; jmp 0x8a21 -loc_000089fa: +loc_00008a68: cmp bl, byte [edi - 0x2ce] -jae short loc_00008a47 ; jae 0x8a47 +jae short loc_00008ab5 ; jae 0x8ab5 movzx eax, bl sub esp, 0xc movzx esi, byte [eax + edi - 0x2de] @@ -14124,51 +14167,51 @@ lea eax, [ebp - 0x302] add eax, edx push esi push eax -call fcn_00008086 ; call 0x8086 +call fcn_000080f4 ; call 0x80f4 add esp, 0x20 mov edx, dword [ebp - 0x3f4] mov byte [ebp + esi - 0x3d4], al -jmp short loc_000089fa ; jmp 0x89fa +jmp short loc_00008a68 ; jmp 0x8a68 -loc_00008a47: +loc_00008ab5: inc byte [ebp - 0x3ec] -jmp near loc_00008905 ; jmp 0x8905 +jmp near loc_00008973 ; jmp 0x8973 -loc_00008a52: +loc_00008ac0: cmp byte [ebp - 0x3ee], 0 -je short loc_00008a8e ; je 0x8a8e +je short loc_00008afc ; je 0x8afc xor ebx, ebx -loc_00008a5d: +loc_00008acb: push ecx push ebx inc ebx push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop esi pop edi push 0x10 add eax, 0xb0 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 cmp ebx, 3 -jne short loc_00008a5d ; jne 0x8a5d +jne short loc_00008acb ; jne 0x8acb sub esp, 0xc push dword [ebp + 0xc] -call fcn_00005fa8 ; call 0x5fa8 +call fcn_00006016 ; call 0x6016 add esp, 0x10 -loc_00008a8e: +loc_00008afc: movzx eax, byte [ebp - 0x3ed] mov byte [ebp - 0x3ec], 0 mov dword [ebp - 0x3f8], eax -loc_00008aa2: +loc_00008b10: mov al, byte [ebp - 0x3ec] cmp al, byte [ebp - 0x3de] -jae loc_00008d1f ; jae 0x8d1f +jae loc_00008d8d ; jae 0x8d8d movzx eax, byte [ebp - 0x3ec] mov dword [ebp - 0x3fc], eax shl eax, 5 @@ -14182,25 +14225,25 @@ movzx ebx, byte [edi + 1] mov byte [ebp - 0x3ed], cl push ebx push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 cmp byte [edi + 0xb], 0 mov dword [ebp - 0x400], eax -jne short loc_00008b1b ; jne 0x8b1b -call fcn_000153e9 ; call 0x153e9 +jne short loc_00008b89 ; jne 0x8b89 +call fcn_00015479 ; call 0x15479 test al, al -je loc_00008d14 ; je 0x8d14 +je loc_00008d82 ; je 0x8d82 push esi push ebx -push ref_00021e3a ; push 0x21e3a +push ref_00021eca ; push 0x21eca push 0x40 -call fcn_000153f7 ; call 0x153f7 -jmp near loc_00008d11 ; jmp 0x8d11 +call fcn_00015487 ; call 0x15487 +jmp near loc_00008d7f ; jmp 0x8d7f -loc_00008b1b: +loc_00008b89: mov cl, byte [ebp - 0x3ed] cmp cl, 1 -je short loc_00008b39 ; je 0x8b39 +je short loc_00008ba7 ; je 0x8ba7 cmp cl, 2 mov al, 0xd mov bl, 1 @@ -14208,13 +14251,13 @@ mov dl, 0 cmove ebx, eax mov al, 0xc cmove edx, eax -jmp short loc_00008b3d ; jmp 0x8b3d +jmp short loc_00008bab ; jmp 0x8bab -loc_00008b39: +loc_00008ba7: mov bl, 9 mov dl, 8 -loc_00008b3d: +loc_00008bab: push eax push eax lea eax, [ebp - 0x3da] @@ -14222,27 +14265,27 @@ push eax movzx eax, dl push eax mov dword [ebp - 0x3f4], edx -call fcn_0000930f ; call 0x930f +call fcn_0000937d ; call 0x937d add esp, 0x10 mov edx, dword [ebp - 0x3f4] cmp byte [ebp - 0x3df], 0 -je short loc_00008b76 ; je 0x8b76 +je short loc_00008be4 ; je 0x8be4 movzx eax, byte [ebp - 0x3ed] mov dword [ebp - 0x404], eax -jmp short loc_00008b91 ; jmp 0x8b91 +jmp short loc_00008bff ; jmp 0x8bff -loc_00008b76: +loc_00008be4: mov eax, dword [ebp - 0x3fc] lea esi, [ebp - 0x18] xor edx, edx shl eax, 5 add eax, esi mov dword [ebp - 0x3f4], eax -jmp near loc_00008c25 ; jmp 0x8c25 +jmp near loc_00008c93 ; jmp 0x8c93 -loc_00008b91: +loc_00008bff: cmp dl, bl -ja short loc_00008b76 ; ja 0x8b76 +ja short loc_00008be4 ; ja 0x8be4 push edi movzx esi, dl push edi @@ -14250,7 +14293,7 @@ push dword [ebp - 0x3f8] lea edi, [ebp - 0x3dd] mov dword [ebp - 0x40c], edx push esi -call fcn_00006de6 ; call 0x6de6 +call fcn_00006e54 ; call 0x6e54 movzx ecx, byte [ebp - 0x3da] movzx eax, al movzx eax, byte [ebp + eax - 0x3d4] @@ -14264,7 +14307,7 @@ push ecx push edx mov dword [ebp - 0x3f4], edx mov dword [ebp - 0x408], eax -call fcn_0000936b ; call 0x936b +call fcn_000093d9 ; call 0x93d9 mov eax, dword [ebp - 0x408] add esp, 0x20 lea ecx, [ebp - 0x3db] @@ -14272,21 +14315,21 @@ push ecx push eax push edi push esi -call fcn_00009450 ; call 0x9450 +call fcn_000094be ; call 0x94be push esi push dword [ebp - 0x404] push dword [ebp - 0x3f4] push 1 -call fcn_00002a9d ; call 0x2a9d +call fcn_00002b0b ; call 0x2b0b mov edx, dword [ebp - 0x40c] add esp, 0x20 inc edx -jmp near loc_00008b91 ; jmp 0x8b91 +jmp near loc_00008bff ; jmp 0x8bff -loc_00008c25: +loc_00008c93: mov eax, dword [ebp - 0x3f4] cmp dl, byte [eax - 0x2ce] -jae loc_00008ce9 ; jae 0x8ce9 +jae loc_00008d57 ; jae 0x8d57 mov edi, dword [ebp - 0x3f4] movzx eax, dl push ecx @@ -14298,7 +14341,7 @@ lea edi, [ebp - 0x3dc] mov dword [ebp - 0x404], edx lea esi, [ebp - 0x3dd] push eax -call fcn_00006de6 ; call 0x6de6 +call fcn_00006e54 ; call 0x6e54 movzx ecx, byte [ebp - 0x3da] mov dword [ebp - 0x3fc], eax lea eax, [ebp - 0x3db] @@ -14309,7 +14352,7 @@ push ecx movzx ecx, byte [ebx + 0xc] movzx ecx, byte [ebp + ecx - 0x3d4] push ecx -call fcn_0000936b ; call 0x936b +call fcn_000093d9 ; call 0x93d9 mov eax, dword [ebp - 0x3fc] add esp, 0x20 lea ecx, [ebp - 0x3db] @@ -14319,7 +14362,7 @@ push esi movzx eax, al push eax mov dword [ebp - 0x3fc], eax -call fcn_00009450 ; call 0x9450 +call fcn_000094be ; call 0x94be mov eax, dword [ebp - 0x3fc] push eax movzx eax, byte [ebp - 0x3ed] @@ -14328,13 +14371,13 @@ movzx eax, byte [ebx + 0xc] movzx eax, byte [ebp + eax - 0x3d4] push eax push 1 -call fcn_00002a9d ; call 0x2a9d +call fcn_00002b0b ; call 0x2b0b mov edx, dword [ebp - 0x404] add esp, 0x20 inc edx -jmp near loc_00008c25 ; jmp 0x8c25 +jmp near loc_00008c93 ; jmp 0x8c93 -loc_00008ce9: +loc_00008d57: mov edi, dword [ebp - 0x400] push esi push esi @@ -14342,25 +14385,25 @@ push 1 mov eax, edi add eax, 0xd98 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 pop eax mov eax, edi pop edx add eax, 0xb0 push 0x20 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 -loc_00008d11: +loc_00008d7f: add esp, 0x10 -loc_00008d14: +loc_00008d82: inc byte [ebp - 0x3ec] -jmp near loc_00008aa2 ; jmp 0x8aa2 +jmp near loc_00008b10 ; jmp 0x8b10 -loc_00008d1f: +loc_00008d8d: cmp byte [ebp - 0x3ee], 0 -je short loc_00008d70 ; je 0x8d70 +je short loc_00008dde ; je 0x8dde push ebx mov eax, dword [ebp + 0x10] xor ebx, ebx @@ -14370,33 +14413,33 @@ push dword [ebp + 8] call dword [eax + 4] ; ucall add esp, 0x10 -loc_00008d3c: +loc_00008daa: push edi push ebx inc ebx push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0xffef add eax, 0xb0 push eax -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0x10 cmp ebx, 3 -jne short loc_00008d3c ; jne 0x8d3c +jne short loc_00008daa ; jne 0x8daa sub esp, 0xc push dword [ebp + 0xc] -call fcn_00005ffc ; call 0x5ffc +call fcn_0000606a ; call 0x606a add esp, 0x10 -loc_00008d70: +loc_00008dde: xor edx, edx -loc_00008d72: +loc_00008de0: cmp dl, byte [ebp - 0x3de] -jae short loc_00008dca ; jae 0x8dca +jae short loc_00008e38 ; jae 0x8e38 movzx eax, dl shl eax, 5 lea ecx, [ebp + eax - 0x302] @@ -14410,48 +14453,48 @@ push eax push dword [ebp + 0x10] push dword [ebp + 8] mov dword [ebp - 0x3ec], edx -call fcn_00005ce2 ; call 0x5ce2 +call fcn_00005d50 ; call 0x5d50 add esp, 0xc push edi push esi push ebx -call fcn_000023ad ; call 0x23ad +call fcn_0000241b ; call 0x241b mov edx, dword [ebp - 0x3ec] add esp, 0x10 inc edx -jmp short loc_00008d72 ; jmp 0x8d72 +jmp short loc_00008de0 ; jmp 0x8de0 -loc_00008dca: -call fcn_000153e9 ; call 0x153e9 +loc_00008e38: +call fcn_00015479 ; call 0x15479 test al, al -je loc_00009307 ; je 0x9307 +je loc_00009375 ; je 0x9375 push esi push esi -push ref_00021e75 ; push 0x21e75 +push ref_00021f05 ; push 0x21f05 -loc_00008dde: +loc_00008e4c: push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp near loc_00009307 ; jmp 0x9307 +jmp near loc_00009375 ; jmp 0x9375 -loc_00008ded: +loc_00008e5b: cmp dword [ebp - 0x3ec], 0x40670 -jne loc_000085bf ; jne 0x85bf +jne loc_0000862d ; jne 0x862d push eax push eax push 0xffff7fff push esi -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -jmp near loc_000085bf ; jmp 0x85bf +jmp near loc_0000862d ; jmp 0x862d -loc_00008e12: +loc_00008e80: xor ebx, ebx -loc_00008e14: +loc_00008e82: cmp bl, byte [ebp - 0x3de] -jae loc_000085b2 ; jae 0x85b2 +jae loc_00008620 ; jae 0x8620 movzx eax, bl shl eax, 5 lea edx, [ebp + eax - 0x302] @@ -14460,7 +14503,7 @@ movzx ecx, byte [edx + 2] movzx edx, byte [edx + 1] mov byte [ebp - 0x3fc], al -loc_00008e42: +loc_00008eb0: movzx edi, byte [ebp - 0x3fc] push eax push ecx @@ -14468,15 +14511,15 @@ push edx push edi mov dword [ebp - 0x408], ecx mov dword [ebp - 0x400], edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xd2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov edx, dword [ebp - 0x400] mov ecx, dword [ebp - 0x408] test al, 2 -je short loc_00008e42 ; je 0x8e42 +je short loc_00008eb0 ; je 0x8eb0 sub esp, 0xc inc ebx push ecx @@ -14484,23 +14527,23 @@ push edx push edi push dword [ebp + 0x10] push dword [ebp + 8] -call fcn_000024e1 ; call 0x24e1 +call fcn_0000254f ; call 0x254f add esp, 0x20 -jmp near loc_00008e14 ; jmp 0x8e14 +jmp near loc_00008e82 ; jmp 0x8e82 -loc_00008e98: +loc_00008f06: xor edi, edi -loc_00008e9a: +loc_00008f08: mov eax, ebx mov esi, dword [ebp + 0x14] shl eax, 5 mov eax, dword [ebp + eax - 0x2fb] mov dword [esi + edx*4 + 0x29], eax mov esi, 1 -jmp near loc_00008644 ; jmp 0x8644 +jmp near loc_000086b2 ; jmp 0x86b2 -loc_00008eb7: +loc_00008f25: movzx eax, byte [ebp - 0x3fc] lea edi, [ebp - 0x18] mov dword [ebp - 0x400], eax @@ -14517,26 +14560,26 @@ movzx ebx, byte [edi + 1] mov byte [ebp - 0x3f8], cl push ebx push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 cmp byte [edi + 0xb], 0 mov dword [ebp - 0x404], eax -jne short loc_00008f2c ; jne 0x8f2c -call fcn_000153e9 ; call 0x153e9 +jne short loc_00008f9a ; jne 0x8f9a +call fcn_00015479 ; call 0x15479 test al, al -je loc_0000916b ; je 0x916b +je loc_000091d9 ; je 0x91d9 push esi push ebx -push ref_00021de4 ; push 0x21de4 +push ref_00021e74 ; push 0x21e74 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp near loc_0000916b ; jmp 0x916b +jmp near loc_000091d9 ; jmp 0x91d9 -loc_00008f2c: +loc_00008f9a: mov cl, byte [ebp - 0x3f8] cmp cl, 1 -je short loc_00008f4d ; je 0x8f4d +je short loc_00008fbb ; je 0x8fbb cmp cl, 2 mov al, 0xd mov esi, 1 @@ -14544,20 +14587,20 @@ mov bl, 0 cmove esi, eax mov al, 0xc cmove ebx, eax -jmp short loc_00008f54 ; jmp 0x8f54 +jmp short loc_00008fc2 ; jmp 0x8fc2 -loc_00008f4d: +loc_00008fbb: mov esi, 9 mov bl, 8 -loc_00008f54: +loc_00008fc2: push edi push edi lea eax, [ebp - 0x3da] push eax movzx eax, bl push eax -call fcn_0000930f ; call 0x930f +call fcn_0000937d ; call 0x937d lea edi, [ebp - 0x3db] lea eax, [ebp - 0x3dc] mov dword [esp], edi @@ -14569,26 +14612,26 @@ push eax mov eax, dword [ebp - 0x3ec] movzx eax, byte [eax] push eax -call fcn_0000936b ; call 0x936b +call fcn_000093d9 ; call 0x93d9 add esp, 0x20 cmp byte [ebp - 0x3df], 0 -je short loc_00008fab ; je 0x8fab +je short loc_00009019 ; je 0x9019 mov edx, edi movzx edi, byte [ebp - 0x3f8] -jmp short loc_00008fbe ; jmp 0x8fbe +jmp short loc_0000902c ; jmp 0x902c -loc_00008fab: +loc_00009019: mov esi, dword [ebp - 0x400] lea eax, [ebp - 0x18] xor edx, edx shl esi, 5 lea edi, [eax + esi] -jmp short loc_0000900d ; jmp 0x900d +jmp short loc_0000907b ; jmp 0x907b -loc_00008fbe: +loc_0000902c: mov eax, esi cmp bl, al -ja short loc_00008fab ; ja 0x8fab +ja short loc_00009019 ; ja 0x9019 push edx movzx eax, bl lea ecx, [ebp - 0x3dc] @@ -14599,7 +14642,7 @@ push ecx push eax mov dword [ebp - 0x420], edx mov dword [ebp - 0x41c], eax -call fcn_00009450 ; call 0x9450 +call fcn_000094be ; call 0x94be mov eax, dword [ebp - 0x41c] push eax mov eax, dword [ebp - 0x3ec] @@ -14607,15 +14650,15 @@ push edi movzx eax, byte [eax] push eax push 1 -call fcn_00002a9d ; call 0x2a9d +call fcn_00002b0b ; call 0x2b0b add esp, 0x20 mov edx, dword [ebp - 0x420] -jmp short loc_00008fbe ; jmp 0x8fbe +jmp short loc_0000902c ; jmp 0x902c -loc_0000900d: +loc_0000907b: lea ebx, [edi - 0x2da] cmp dl, byte [edi - 0x2ce] -jae short loc_00009081 ; jae 0x9081 +jae short loc_000090ef ; jae 0x90ef push ebx movzx eax, dl push ebx @@ -14623,7 +14666,7 @@ push dword [ebp - 0x414] movzx eax, byte [eax + edi - 0x2de] mov dword [ebp - 0x41c], edx push eax -call fcn_00006de6 ; call 0x6de6 +call fcn_00006e54 ; call 0x6e54 movzx ebx, al lea eax, [ebp - 0x3db] push eax @@ -14632,7 +14675,7 @@ push eax lea eax, [ebp - 0x3dd] push eax push ebx -call fcn_00009450 ; call 0x9450 +call fcn_000094be ; call 0x94be movzx eax, byte [ebp - 0x3f8] add esp, 0x20 push ebx @@ -14641,13 +14684,13 @@ mov eax, dword [ebp - 0x3ec] movzx eax, byte [eax] push eax push 1 -call fcn_00002a9d ; call 0x2a9d +call fcn_00002b0b ; call 0x2b0b mov edx, dword [ebp - 0x41c] add esp, 0x10 inc edx -jmp short loc_0000900d ; jmp 0x900d +jmp short loc_0000907b ; jmp 0x907b -loc_00009081: +loc_000090ef: mov eax, dword [ebp - 0x404] lea edi, [ebp + esi - 0x302] push ecx @@ -14655,23 +14698,23 @@ push ecx push 1 add eax, 0xd98 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0xc push edi push dword [ebp + 0x10] push dword [ebp + 8] -call fcn_000063c9 ; call 0x63c9 +call fcn_00006437 ; call 0x6437 mov eax, dword [ebp - 0x404] lea esi, [eax + 0xb2] mov dword [esp], esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and eax, 0xf cmp ax, 3 -je short loc_0000910b ; je 0x910b +je short loc_00009179 ; je 0x9179 sub esp, 0xc push edi -call fcn_0000642d ; call 0x642d +call fcn_0000649b ; call 0x649b add esp, 0xc movzx eax, al push eax @@ -14681,25 +14724,25 @@ push dword [ebp + 0x10] push dword [ebp + 0x14] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_000065b0 ; call 0x65b0 +call fcn_0000661e ; call 0x661e add esp, 0x14 push esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and eax, 0xf cmp ax, 3 -je short loc_0000910b ; je 0x910b +je short loc_00009179 ; je 0x9179 mov byte [ebx + 0xe], 1 -jmp short loc_0000916b ; jmp 0x916b +jmp short loc_000091d9 ; jmp 0x91d9 -loc_0000910b: +loc_00009179: movzx esi, byte [ebp - 0x3f8] push edi push edi mov edi, dword [ebp - 0x3f4] push esi push edi -call fcn_00007b99 ; call 0x7b99 +call fcn_00007c07 ; call 0x7c07 add esp, 0xc mov ebx, eax mov eax, dword [ebp + 0xc] @@ -14714,35 +14757,35 @@ pop eax pop edx push esi push edi -call fcn_00007b99 ; call 0x7b99 +call fcn_00007c07 ; call 0x7c07 add esp, 0x10 cmp eax, ebx mov eax, dword [ebp - 0x400] -je short loc_00009160 ; je 0x9160 +je short loc_000091ce ; je 0x91ce shl eax, 5 mov byte [ebp + eax - 0x2e4], 1 -jmp short loc_0000916b ; jmp 0x916b +jmp short loc_000091d9 ; jmp 0x91d9 -loc_00009160: +loc_000091ce: shl eax, 5 mov byte [ebp + eax - 0x2e3], 1 -loc_0000916b: +loc_000091d9: inc byte [ebp - 0x3fc] -jmp near loc_000087e0 ; jmp 0x87e0 +jmp near loc_0000884e ; jmp 0x884e -loc_00009176: +loc_000091e4: xor eax, eax -loc_00009178: +loc_000091e6: mov edi, dword [ebp - 0x3ec] mov dword [edi + eax + 1], 0 add eax, 4 cmp eax, 0x40 -jne short loc_00009178 ; jne 0x9178 -jmp near loc_00008831 ; jmp 0x8831 +jne short loc_000091e6 ; jne 0x91e6 +jmp near loc_0000889f ; jmp 0x889f -loc_00009193: +loc_00009201: push ecx push ecx lea eax, [ebp - 0x344] @@ -14759,44 +14802,44 @@ push dword [ebp + 0x10] push dword [ebp + 0x14] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00007a48 ; call 0x7a48 +call fcn_00007ab6 ; call 0x7ab6 add esp, 0x30 test eax, eax -js loc_00008847 ; js 0x8847 +js loc_000088b5 ; js 0x88b5 xor eax, eax -loc_000091d9: +loc_00009247: mov edx, dword [ebp + eax - 0x344] cmp edx, 0xffffffff -je short loc_000091fd ; je 0x91fd +je short loc_0000926b ; je 0x926b mov esi, dword [ebp - 0x3ec] mov ecx, dword [esi + eax + 1] cmp ecx, 0x18f -jle short loc_000091fd ; jle 0x91fd +jle short loc_0000926b ; jle 0x926b add edx, ecx mov dword [esi + eax + 1], edx -loc_000091fd: +loc_0000926b: add eax, 4 cmp eax, 0x40 -jne short loc_000091d9 ; jne 0x91d9 -jmp near loc_00008847 ; jmp 0x8847 +jne short loc_00009247 ; jne 0x9247 +jmp near loc_000088b5 ; jmp 0x88b5 -loc_0000920a: +loc_00009278: mov byte [ebp - 0x3ec], 0 -loc_00009211: +loc_0000927f: mov al, byte [ebp - 0x3ec] cmp al, byte [ebp - 0x3de] -jae loc_000088f7 ; jae 0x88f7 +jae loc_00008965 ; jae 0x8965 movzx eax, byte [ebp - 0x3ec] shl eax, 5 mov al, byte [ebp + eax - 0x300] cmp al, 1 -je short loc_0000925f ; je 0x925f +je short loc_000092cd ; je 0x92cd cmp al, 2 mov al, byte [ebp - 0x3ed] -je short loc_00009285 ; je 0x9285 +je short loc_000092f3 ; je 0x92f3 cmp al, 1 mov bl, al sbb edi, edi @@ -14808,9 +14851,9 @@ cmp al, 1 sbb edx, edx and edx, 0xfffffff5 add edx, 0xd -jmp short loc_000092a1 ; jmp 0x92a1 +jmp short loc_0000930f ; jmp 0x930f -loc_0000925f: +loc_000092cd: mov al, byte [ebp - 0x3ed] cmp al, 1 sbb edi, edi @@ -14824,9 +14867,9 @@ cmp al, 1 sbb edx, edx and edx, 5 add edx, 5 -jmp short loc_000092a1 ; jmp 0x92a1 +jmp short loc_0000930f ; jmp 0x930f -loc_00009285: +loc_000092f3: cmp al, 1 sbb edi, edi and edi, 0xa @@ -14840,13 +14883,13 @@ sbb edx, edx and edx, 0xd inc edx -loc_000092a1: +loc_0000930f: movzx esi, dl cmp dword [ebp + esi*4 - 0x384], 0xffffffff -je short loc_000092fc ; je 0x92fc -call fcn_000153e9 ; call 0x153e9 +je short loc_0000936a ; je 0x936a +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000092d4 ; je 0x92d4 +je short loc_00009342 ; je 0x9342 mov eax, edi sub esp, 0xc movzx eax, al @@ -14854,28 +14897,28 @@ push eax movzx eax, bl push eax push esi -push ref_00021e09 ; push 0x21e09 +push ref_00021e99 ; push 0x21e99 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_000092d4: +loc_00009342: mov eax, edi cmp bl, al -ja short loc_000092fc ; ja 0x92fc +ja short loc_0000936a ; ja 0x936a mov ecx, dword [ebp + esi*4 - 0x384] movzx eax, bl inc ebx mov dword [ebp + eax*4 - 0x384], ecx mov cl, byte [ebp + esi - 0x3d4] mov byte [ebp + eax - 0x3d4], cl -jmp short loc_000092d4 ; jmp 0x92d4 +jmp short loc_00009342 ; jmp 0x9342 -loc_000092fc: +loc_0000936a: inc byte [ebp - 0x3ec] -jmp near loc_00009211 ; jmp 0x9211 +jmp near loc_0000927f ; jmp 0x927f -loc_00009307: +loc_00009375: lea esp, [ebp - 0xc] pop ebx pop esi @@ -14883,7 +14926,7 @@ pop edi pop ebp ret -fcn_0000930f: +fcn_0000937d: push ebp mov ebp, esp push esi @@ -14893,7 +14936,7 @@ push eax push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx lea ebx, [eax + 0x814] @@ -14903,16 +14946,16 @@ shl edx, 0x13 or edx, 0x2840000 push edx push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov dword [esp], ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov esi, eax pop eax pop edx shr esi, 6 push 0 push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov eax, dword [ebp + 0xc] mov edx, esi and edx, 0x3f @@ -14924,7 +14967,7 @@ pop esi pop ebp ret -fcn_0000936b: +fcn_000093d9: push ebp mov ebp, esp push edi @@ -14935,65 +14978,65 @@ mov ebx, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov edi, dword [ebp + 0x10] cmp bl, 9 -ja short loc_000093b7 ; ja 0x93b7 +ja short loc_00009425 ; ja 0x9425 movzx ebx, bl -jmp dword [ebx*4 + ref_00020340] ; ujmp: jmp dword [ebx*4 + 0x20340] +jmp dword [ebx*4 + ref_000203d0] ; ujmp: jmp dword [ebx*4 + 0x203d0] -loc_0000938c: +loc_000093fa: mov ecx, 0xffffff38 -jmp near loc_0000944c ; jmp 0x944c +jmp near loc_000094ba ; jmp 0x94ba -loc_00009396: +loc_00009404: mov ecx, 0xffffff83 -jmp near loc_0000944c ; jmp 0x944c +jmp near loc_000094ba ; jmp 0x94ba -loc_000093a0: +loc_0000940e: xor ecx, ecx -jmp near loc_0000944c ; jmp 0x944c +jmp near loc_000094ba ; jmp 0x94ba -loc_000093a7: +loc_00009415: mov ecx, 0xffffff83 -jmp short loc_000093dc ; jmp 0x93dc +jmp short loc_0000944a ; jmp 0x944a -loc_000093ae: +loc_0000941c: xor ecx, ecx mov eax, 0xffffff5a -jmp short loc_000093ed ; jmp 0x93ed +jmp short loc_0000945b ; jmp 0x945b -loc_000093b7: -call fcn_000153e9 ; call 0x153e9 +loc_00009425: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000093e3 ; je 0x93e3 +je short loc_00009451 ; je 0x9451 movzx ebx, bl push eax push ebx -push ref_00021e93 ; push 0x21e93 +push ref_00021f23 ; push 0x21f23 push 2 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_000093e3 ; jmp 0x93e3 +jmp short loc_00009451 ; jmp 0x9451 -loc_000093d6: +loc_00009444: xor ecx, ecx -jmp short loc_000093e8 ; jmp 0x93e8 +jmp short loc_00009456 ; jmp 0x9456 -loc_000093da: +loc_00009448: xor ecx, ecx -loc_000093dc: +loc_0000944a: mov eax, 0xffffff83 -jmp short loc_000093ed ; jmp 0x93ed +jmp short loc_0000945b ; jmp 0x945b -loc_000093e3: +loc_00009451: mov ecx, 0xffffff38 -loc_000093e8: +loc_00009456: mov eax, 0xffffff9c -loc_000093ed: +loc_0000945b: neg eax -loc_000093ef: +loc_0000945d: mov ebx, ecx mov edx, esi movzx edx, dl @@ -15029,18 +15072,18 @@ pop edi pop ebp ret -loc_00009440: +loc_000094ae: mov ecx, 0xffffff06 -jmp short loc_0000944c ; jmp 0x944c +jmp short loc_000094ba ; jmp 0x94ba -loc_00009447: +loc_000094b5: mov ecx, 0xffffff59 -loc_0000944c: +loc_000094ba: xor eax, eax -jmp short loc_000093ef ; jmp 0x93ef +jmp short loc_0000945d ; jmp 0x945d -fcn_00009450: +fcn_000094be: push ebp mov ebp, esp mov eax, dword [ebp + 0x14] @@ -15063,13 +15106,13 @@ push eax push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push ebx lea esi, [eax + 0x814] push esi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 mov dword [ebp + 8], esi mov dword [ebp + 0xc], 0 @@ -15077,9 +15120,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_000094b3: +fcn_00009521: push ebp mov ebp, esp push esi @@ -15090,20 +15133,20 @@ push ecx push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edx, esi add esp, 0x10 shr bl, 1 test dl, dl movzx ebx, bl -je short loc_000094f7 ; je 0x94f7 +je short loc_00009565 ; je 0x9565 push edx push 6 shl ebx, 5 push 0xfffffffffffffff9 lea eax, [eax + ebx + 0x900] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 lea esp, [ebp - 8] pop ebx @@ -15111,7 +15154,7 @@ pop esi pop ebp ret -loc_000094f7: +loc_00009565: shl ebx, 5 lea eax, [eax + ebx + 0x900] mov dword [ebp + 0xc], 0xfffffff9 @@ -15120,49 +15163,49 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00018a7a ; jmp 0x18a7a +jmp near fcn_00018b3e ; jmp 0x18b3e -fcn_00009516: +fcn_00009584: push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 8] -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 cmp eax, 0x40660 -je short loc_000095ac ; je 0x95ac +je short loc_0000961a ; je 0x961a cmp eax, 0x306c0 -je short loc_000095ac ; je 0x95ac +je short loc_0000961a ; je 0x961a cmp eax, 0x40670 -je short loc_00009554 ; je 0x9554 +je short loc_000095c2 ; je 0x95c2 -loc_0000953b: -call fcn_000153e9 ; call 0x153e9 +loc_000095a9: +call fcn_00015479 ; call 0x15479 test al, al -je loc_00009617 ; je 0x9617 -mov dword [ebp + 0xc], ref_00021ede ; mov dword [ebp + 0xc], 0x21ede -jmp near loc_00009605 ; jmp 0x9605 +je loc_00009685 ; je 0x9685 +mov dword [ebp + 0xc], ref_00021f6e ; mov dword [ebp + 0xc], 0x21f6e +jmp near loc_00009673 ; jmp 0x9673 -loc_00009554: +loc_000095c2: push edx push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -je short loc_0000953b ; je 0x953b +je short loc_000095a9 ; je 0x95a9 -loc_00009572: +loc_000095e0: push eax push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edx, ebx add esp, 0xc and edx, 1 @@ -15175,123 +15218,123 @@ shl ebx, 5 push 0x3fffffff lea eax, [eax + ebx + 0x80c] push eax -call fcn_00018aa4 ; call 0x18aa4 -jmp short loc_000095f0 ; jmp 0x95f0 +call fcn_00018b68 ; call 0x18b68 +jmp short loc_0000965e ; jmp 0x965e -loc_000095ac: +loc_0000961a: cmp eax, 0x40670 -je short loc_00009572 ; je 0x9572 +je short loc_000095e0 ; je 0x95e0 cmp eax, 0x40660 -je short loc_000095c1 ; je 0x95c1 +je short loc_0000962f ; je 0x962f cmp eax, 0x306c0 -jne short loc_000095f5 ; jne 0x95f5 +jne short loc_00009663 ; jne 0x9663 -loc_000095c1: +loc_0000962f: push 0x1000c movzx ebx, bl push 0 push 2 push esi -call fcn_0000407d ; call 0x407d +call fcn_000040eb ; call 0x40eb push 0 push ebx push 0x1011 push esi -call fcn_0000407d ; call 0x407d +call fcn_000040eb ; call 0x40eb add esp, 0x20 push 0 push 0 push 3 push esi -call fcn_0000407d ; call 0x407d +call fcn_000040eb ; call 0x40eb -loc_000095f0: +loc_0000965e: add esp, 0x10 -jmp short loc_00009617 ; jmp 0x9617 +jmp short loc_00009685 ; jmp 0x9685 -loc_000095f5: -call fcn_000153e9 ; call 0x153e9 +loc_00009663: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00009617 ; je 0x9617 -mov dword [ebp + 0xc], ref_00021f11 ; mov dword [ebp + 0xc], 0x21f11 +je short loc_00009685 ; je 0x9685 +mov dword [ebp + 0xc], ref_00021fa1 ; mov dword [ebp + 0xc], 0x21fa1 -loc_00009605: +loc_00009673: mov dword [ebp + 8], 2 lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_000153f7 ; jmp 0x153f7 +jmp near fcn_00015487 ; jmp 0x15487 -loc_00009617: +loc_00009685: lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0000961e: +fcn_0000968c: push ebp mov ebp, esp push esi mov esi, dword [ebp + 8] push ebx -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov ebx, eax -call fcn_0001c5b4 ; call 0x1c5b4 +call fcn_0001c678 ; call 0x1c678 cmp ebx, 0x40670 -je short loc_0000963e ; je 0x963e +je short loc_000096ac ; je 0x96ac -loc_0000963a: +loc_000096a8: xor edx, edx -jmp short loc_000096a9 ; jmp 0x96a9 +jmp short loc_00009717 ; jmp 0x9717 -loc_0000963e: +loc_000096ac: mov edx, 0x80000003 test eax, eax -je short loc_000096a9 ; je 0x96a9 +je short loc_00009717 ; je 0x9717 mov eax, esi xor ebx, ebx test al, al -je short loc_0000967c ; je 0x967c +je short loc_000096ea ; je 0x96ea -loc_0000964f: +loc_000096bd: push esi push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0x10 lea eax, [eax + ebx + 0x90c] add ebx, 0x20 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 cmp ebx, 0x100 -jne short loc_0000964f ; jne 0x964f -jmp short loc_0000963a ; jmp 0x963a +jne short loc_000096bd ; jne 0x96bd +jmp short loc_000096a8 ; jmp 0x96a8 -loc_0000967c: +loc_000096ea: push eax push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0xffffffffffffffef lea eax, [eax + ebx + 0x90c] add ebx, 0x20 push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 cmp ebx, 0x100 -jne short loc_0000967c ; jne 0x967c -jmp short loc_0000963a ; jmp 0x963a +jne short loc_000096ea ; jne 0x96ea +jmp short loc_000096a8 ; jmp 0x96a8 -loc_000096a9: +loc_00009717: lea esp, [ebp - 8] mov eax, edx pop ebx @@ -15299,7 +15342,7 @@ pop esi pop ebp ret -fcn_000096b2: +fcn_00009720: push ebp mov ebp, esp mov eax, dword [ebp + 0xc] @@ -15317,7 +15360,7 @@ push 0x31 push esi push 1 push 0 -call fcn_00002974 ; call 0x2974 +call fcn_000029e2 ; call 0x29e2 add esp, 0x20 mov dword [ebp + 0x18], ebx mov dword [ebp + 0x10], esi @@ -15328,9 +15371,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00002974 ; jmp 0x2974 +jmp near fcn_000029e2 ; jmp 0x29e2 -fcn_00009706: +fcn_00009774: push ebp mov ebp, esp push ebx @@ -15340,7 +15383,7 @@ push 0x31 push ebx push 1 push 0 -call fcn_000029f2 ; call 0x29f2 +call fcn_00002a60 ; call 0x2a60 mov edx, dword [ebp + 0x10] mov ecx, eax and ecx, 0x3f @@ -15353,7 +15396,7 @@ push 0x32 push ebx push 1 push 0 -call fcn_000029f2 ; call 0x29f2 +call fcn_00002a60 ; call 0x2a60 mov edx, dword [ebp + 0x18] add esp, 0x20 mov ecx, eax @@ -15367,7 +15410,7 @@ mov ebx, dword [ebp - 4] leave ret -fcn_00009759: +fcn_000097c7: push ebp mov ebp, esp push edi @@ -15378,17 +15421,17 @@ mov ecx, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] mov edx, dword [ebp + 0x14] cmp ecx, 0x20 -jne short loc_0000977e ; jne 0x977e +jne short loc_000097ec ; jne 0x97ec mov dword [ebx], 0 mov dword [edx], 0x20 -jmp short loc_000097d1 ; jmp 0x97d1 +jmp short loc_0000983f ; jmp 0x983f -loc_0000977e: +loc_000097ec: mov eax, 0 -jbe short loc_000097a2 ; jbe 0x97a2 +jbe short loc_00009810 ; jbe 0x9810 lea esi, [ecx - 0x20] -loc_00009788: +loc_000097f6: mov ecx, dword [ebp + 8] mov edi, esi sub ecx, eax @@ -15397,17 +15440,17 @@ mov ecx, edi add ecx, 0x20 lea edi, [eax + 1] cmp ecx, 0x3f -jle short loc_000097cd ; jle 0x97cd +jle short loc_0000983b ; jle 0x983b mov eax, edi -jmp short loc_00009788 ; jmp 0x9788 +jmp short loc_000097f6 ; jmp 0x97f6 -loc_000097a2: +loc_00009810: mov esi, 0x20 mov edi, esi sub edi, ecx mov dword [ebp - 0x14], edi -loc_000097ae: +loc_0000981c: mov ecx, dword [ebp + 8] mov edi, dword [ebp - 0x14] sub ecx, eax @@ -15418,15 +15461,15 @@ mov dword [ebp - 0x10], edi mov edi, esi sub edi, ecx mov ecx, edi -jns short loc_000097cd ; jns 0x97cd +jns short loc_0000983b ; jns 0x983b mov eax, dword [ebp - 0x10] -jmp short loc_000097ae ; jmp 0x97ae +jmp short loc_0000981c ; jmp 0x981c -loc_000097cd: +loc_0000983b: mov dword [ebx], eax mov dword [edx], ecx -loc_000097d1: +loc_0000983f: pop eax pop edx pop ebx @@ -15435,7 +15478,7 @@ pop edi pop ebp ret -fcn_000097d8: +fcn_00009846: push ebp mov ebp, esp push ebx @@ -15447,45 +15490,45 @@ lea eax, [ebp - 0xc] push eax push ebx push dword [ebp + 8] -call fcn_00009759 ; call 0x9759 +call fcn_000097c7 ; call 0x97c7 add esp, 0x10 cmp ebx, 0x20 -jbe short loc_0000981b ; jbe 0x981b +jbe short loc_00009889 ; jbe 0x9889 mov eax, dword [ebp - 0xc] test eax, eax -jne short loc_0000980a ; jne 0x980a +jne short loc_00009878 ; jne 0x9878 -loc_00009802: +loc_00009870: mov eax, dword [ebp - 8] sub eax, 0x20 -jmp short loc_00009832 ; jmp 0x9832 +jmp short loc_000098a0 ; jmp 0x98a0 -loc_0000980a: +loc_00009878: mov edx, dword [ebp - 8] add eax, 0xfffffff shl eax, 4 lea eax, [edx + eax - 0x10] -jmp short loc_00009832 ; jmp 0x9832 +jmp short loc_000098a0 ; jmp 0x98a0 -loc_0000981b: -je short loc_00009830 ; je 0x9830 +loc_00009889: +je short loc_0000989e ; je 0x989e mov eax, dword [ebp - 0xc] test eax, eax -je short loc_00009802 ; je 0x9802 +je short loc_00009870 ; je 0x9870 imul eax, eax, 0xffffffef mov edx, dword [ebp - 8] lea eax, [edx + eax - 0x20] -jmp short loc_00009832 ; jmp 0x9832 +jmp short loc_000098a0 ; jmp 0x98a0 -loc_00009830: +loc_0000989e: xor eax, eax -loc_00009832: +loc_000098a0: mov ebx, dword [ebp - 4] leave ret -fcn_00009837: +fcn_000098a5: push ebp mov eax, 0x80000002 mov ebp, esp @@ -15494,94 +15537,94 @@ push esi push ebx lea ecx, [edx + 0x53] cmp ecx, 0xa2 -ja loc_000098f6 ; ja 0x98f6 +ja loc_00009964 ; ja 0x9964 cmp edx, 0 -je loc_000098e3 ; je 0x98e3 +je loc_00009951 ; je 0x9951 lea eax, [edx + 0x20] mov ebx, 0 mov edx, eax -jle short loc_000098b1 ; jle 0x98b1 +jle short loc_0000991f ; jle 0x991f -loc_00009868: +loc_000098d6: test ebx, ebx -jne short loc_00009875 ; jne 0x9875 +jne short loc_000098e3 ; jne 0x98e3 mov esi, edx cmp edx, 0x3f -jg short loc_00009897 ; jg 0x9897 -jmp short loc_000098ea ; jmp 0x98ea +jg short loc_00009905 ; jg 0x9905 +jmp short loc_00009958 ; jmp 0x9958 -loc_00009875: +loc_000098e3: mov esi, eax cmp eax, 0x3f -jg short loc_00009897 ; jg 0x9897 -call fcn_000153f0 ; call 0x153f0 +jg short loc_00009905 ; jg 0x9905 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000098ea ; je 0x98ea +je short loc_00009958 ; je 0x9958 cmp esi, 0x2e -jg short loc_000098ea ; jg 0x98ea +jg short loc_00009958 ; jg 0x9958 push edx -push ref_00021f2c ; push 0x21f2c +push ref_00021fbc ; push 0x21fbc push 0x1ad -jmp short loc_000098d4 ; jmp 0x98d4 +jmp short loc_00009942 ; jmp 0x9942 -loc_00009897: +loc_00009905: inc ebx sub eax, 0x10 cmp ebx, 4 -jne short loc_00009868 ; jne 0x9868 -jmp short loc_000098ea ; jmp 0x98ea +jne short loc_000098d6 ; jne 0x98d6 +jmp short loc_00009958 ; jmp 0x9958 -loc_000098a2: +loc_00009910: mov esi, edx test edx, edx -jns short loc_000098ea ; jns 0x98ea +jns short loc_00009958 ; jns 0x9958 -loc_000098a8: +loc_00009916: inc ebx add eax, 0x11 cmp ebx, 4 -je short loc_000098ea ; je 0x98ea +je short loc_00009958 ; je 0x9958 -loc_000098b1: +loc_0000991f: test ebx, ebx -je short loc_000098a2 ; je 0x98a2 +je short loc_00009910 ; je 0x9910 mov esi, eax test eax, eax -js short loc_000098a8 ; js 0x98a8 -call fcn_000153f0 ; call 0x153f0 +js short loc_00009916 ; js 0x9916 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000098ea ; je 0x98ea +je short loc_00009958 ; je 0x9958 cmp esi, 0x11 -jle short loc_000098ea ; jle 0x98ea +jle short loc_00009958 ; jle 0x9958 push eax -push ref_00021f77 ; push 0x21f77 +push ref_00022007 ; push 0x22007 push 0x1bc -loc_000098d4: -push ref_00021f3c ; push 0x21f3c -call fcn_000153fc ; call 0x153fc +loc_00009942: +push ref_00021fcc ; push 0x21fcc +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp short loc_000098ea ; jmp 0x98ea +jmp short loc_00009958 ; jmp 0x9958 -loc_000098e3: +loc_00009951: mov esi, 0x20 xor ebx, ebx -loc_000098ea: +loc_00009958: mov eax, dword [ebp + 0xc] mov dword [eax], ebx mov eax, dword [ebp + 0x10] mov dword [eax], esi xor eax, eax -loc_000098f6: +loc_00009964: lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_000098fd: +fcn_0000996b: push ebp mov ebp, esp push esi @@ -15600,7 +15643,7 @@ push edx movzx edx, al push edx mov dword [ebp - 0x1c], eax -call fcn_00009706 ; call 0x9706 +call fcn_00009774 ; call 0x9774 mov eax, dword [ebp - 0x1c] add esp, 0x18 mov edx, dword [ebp - 0x14] @@ -15610,7 +15653,7 @@ mov dword [ebx + 5], edx mov dword [ebx + 1], eax push edx push eax -call fcn_000097d8 ; call 0x97d8 +call fcn_00009846 ; call 0x9846 mov edx, dword [ebp - 0xc] mov dword [ebx + 0x11], edx mov dword [ebx + 9], eax @@ -15620,7 +15663,7 @@ pop ecx pop esi push edx push eax -call fcn_000097d8 ; call 0x97d8 +call fcn_00009846 ; call 0x9846 mov edx, dword [ebx + 9] mov ecx, 0x4f mov esi, ecx @@ -15645,7 +15688,7 @@ pop esi pop ebp ret -fcn_00009992: +fcn_00009a00: push ebp mov ebp, esp sub esp, 0x14 @@ -15656,12 +15699,12 @@ push dword [eax + 5] push dword [eax + 1] movzx eax, byte [eax] push eax -call fcn_000096b2 ; call 0x96b2 +call fcn_00009720 ; call 0x9720 add esp, 0x20 leave ret -fcn_000099b5: +fcn_00009a23: push ebp mov ebp, esp push esi @@ -15676,10 +15719,10 @@ push eax mov eax, dword [ebx + 9] add eax, esi push eax -call fcn_00009837 ; call 0x9837 +call fcn_000098a5 ; call 0x98a5 add esp, 0x10 test eax, eax -js short loc_00009a13 ; js 0x9a13 +js short loc_00009a81 ; js 0x9a81 push eax lea eax, [ebp - 0xc] push eax @@ -15687,10 +15730,10 @@ lea eax, [ebp - 0x10] push eax add esi, dword [ebx + 0x15] push esi -call fcn_00009837 ; call 0x9837 +call fcn_000098a5 ; call 0x98a5 add esp, 0x10 test eax, eax -js short loc_00009a13 ; js 0x9a13 +js short loc_00009a81 ; js 0x9a81 sub esp, 0xc push dword [ebp - 0xc] push dword [ebp - 0x10] @@ -15698,18 +15741,18 @@ push dword [ebp - 0x14] push dword [ebp - 0x18] movzx eax, byte [ebx] push eax -call fcn_000096b2 ; call 0x96b2 +call fcn_00009720 ; call 0x9720 add esp, 0x20 xor eax, eax -loc_00009a13: +loc_00009a81: lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_00009a1a: +fcn_00009a88: push ebp mov ebp, esp push edi @@ -15722,36 +15765,36 @@ mov esi, dword [ebp + 8] mov byte [edx], 0 mov byte [ebp - 0xd], al -loc_00009a32: +loc_00009aa0: mov eax, esi sub eax, dword [ebp + 8] cmp al, byte [ebp - 0xd] -jae short loc_00009a62 ; jae 0x9a62 +jae short loc_00009ad0 ; jae 0x9ad0 mov al, byte [esi] xor edi, edi movzx ecx, byte [edx] shr al, 1 -loc_00009a45: +loc_00009ab3: mov ebx, edi cmp cl, bl -jbe short loc_00009a57 ; jbe 0x9a57 +jbe short loc_00009ac5 ; jbe 0x9ac5 mov ebx, dword [ebp + 0x10] inc edi cmp byte [ebx + edi - 1], al -jne short loc_00009a45 ; jne 0x9a45 -jmp short loc_00009a5f ; jmp 0x9a5f +jne short loc_00009ab3 ; jne 0x9ab3 +jmp short loc_00009acd ; jmp 0x9acd -loc_00009a57: +loc_00009ac5: mov ebx, dword [ebp + 0x10] mov byte [ebx + ecx], al inc byte [edx] -loc_00009a5f: +loc_00009acd: inc esi -jmp short loc_00009a32 ; jmp 0x9a32 +jmp short loc_00009aa0 ; jmp 0x9aa0 -loc_00009a62: +loc_00009ad0: add esp, 1 xor eax, eax pop ebx @@ -15760,7 +15803,7 @@ pop edi pop ebp ret -fcn_00009a6c: +fcn_00009ada: push ebp mov ebp, esp push edi @@ -15784,24 +15827,24 @@ mov edi, dword [ebp + 0x1c] mov dword [ebp - 0x38], ebx mov byte [ebp - 0x21], 0 mov dword [ebp - 0x3c], edi -call fcn_00009a1a ; call 0x9a1a +call fcn_00009a88 ; call 0x9a88 add esp, 0xc push 0 push 1 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edx, dword [ebp + 8] add esp, 0x10 mov ebx, eax lea edi, [eax + 0xa00] -loc_00009ac4: +loc_00009b32: mov al, byte [ebp + 8] mov byte [ebp - 0x30], al mov al, dl sub eax, dword [ebp + 8] cmp al, byte [ebp - 0x29] -jae short loc_00009af5 ; jae 0x9af5 +jae short loc_00009b63 ; jae 0x9b63 push ecx push ecx push 0xfffffbff @@ -15810,13 +15853,13 @@ mov dword [ebp - 0x30], edx shl eax, 4 add eax, edi push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e mov edx, dword [ebp - 0x30] add esp, 0x10 inc edx -jmp short loc_00009ac4 ; jmp 0x9ac4 +jmp short loc_00009b32 ; jmp 0x9b32 -loc_00009af5: +loc_00009b63: movzx eax, byte [ebp - 0x34] shl esi, 0x1c xor edx, edx @@ -15825,9 +15868,9 @@ shl eax, 0xa or esi, eax shl edi, 0xb -loc_00009b0a: +loc_00009b78: cmp dl, byte [ebp - 0x21] -jae short loc_00009b56 ; jae 0x9b56 +jae short loc_00009bc4 ; jae 0x9bc4 movzx eax, dl movzx ecx, byte [ebp + eax - 0x20] mov dword [ebp - 0x38], edx @@ -15839,30 +15882,30 @@ push 0xeffc03ff lea eax, [ecx + 0x900] push eax mov dword [ebp - 0x34], ecx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov ecx, dword [ebp - 0x34] add esp, 0xc push edi push 0xfffe07ff add ecx, 0x90c push ecx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov edx, dword [ebp - 0x38] add esp, 0x10 inc edx -jmp short loc_00009b0a ; jmp 0x9b0a +jmp short loc_00009b78 ; jmp 0x9b78 -loc_00009b56: +loc_00009bc4: add ebx, 0xa00 mov esi, dword [ebp + 8] cmp byte [ebp - 0x3c], 0 -je short loc_00009b8b ; je 0x9b8b +je short loc_00009bf9 ; je 0x9bf9 -loc_00009b65: +loc_00009bd3: mov eax, esi sub eax, dword [ebp - 0x30] cmp al, byte [ebp - 0x29] -jae short loc_00009b8b ; jae 0x9b8b +jae short loc_00009bf9 ; jae 0x9bf9 push eax inc esi push eax @@ -15871,11 +15914,11 @@ movzx eax, byte [esi - 1] shl eax, 4 add eax, ebx push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -jmp short loc_00009b65 ; jmp 0x9b65 +jmp short loc_00009bd3 ; jmp 0x9bd3 -loc_00009b8b: +loc_00009bf9: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -15884,7 +15927,7 @@ pop edi pop ebp ret -fcn_00009b95: +fcn_00009c03: push ebp mov ebp, esp push edi @@ -15896,34 +15939,34 @@ mov edi, dword [ebp + 8] mov dword [ebp - 0x1c], eax mov eax, dword [ebp + 0x10] test al, al -je short loc_00009bda ; je 0x9bda +je short loc_00009c48 ; je 0x9c48 mov esi, eax -mov eax, ref_00026e4c ; mov eax, 0x26e4c +mov eax, ref_00026efc ; mov eax, 0x26efc -loc_00009bb5: +loc_00009c23: mov dl, byte [eax + 1] movzx ecx, byte [eax] movzx ebx, byte [eax + 3] mov byte [ebp - 0x1d], dl mov edx, esi cmp byte [eax + 2], dl -je short loc_00009be6 ; je 0x9be6 +je short loc_00009c54 ; je 0x9c54 add eax, 4 -cmp eax, ref_00026eac ; cmp eax, 0x26eac -jne short loc_00009bb5 ; jne 0x9bb5 +cmp eax, ref_00026f5c ; cmp eax, 0x26f5c +jne short loc_00009c23 ; jne 0x9c23 mov eax, 0x80000002 -jmp short loc_00009bff ; jmp 0x9bff +jmp short loc_00009c6d ; jmp 0x9c6d -loc_00009bda: +loc_00009c48: push edx push edx push 0 push 0 push 0 push 0 -jmp short loc_00009bf1 ; jmp 0x9bf1 +jmp short loc_00009c5f ; jmp 0x9c5f -loc_00009be6: +loc_00009c54: push eax movzx edx, byte [ebp - 0x1d] push eax @@ -15932,14 +15975,14 @@ push ebx push ecx push edx -loc_00009bf1: +loc_00009c5f: movzx eax, byte [ebp - 0x1c] push eax push edi -call fcn_00009a6c ; call 0x9a6c +call fcn_00009ada ; call 0x9ada add esp, 0x20 -loc_00009bff: +loc_00009c6d: lea esp, [ebp - 0xc] pop ebx pop esi @@ -15947,7 +15990,7 @@ pop edi pop ebp ret -fcn_00009c07: +fcn_00009c75: push ebp mov ebp, esp push esi @@ -15955,53 +15998,53 @@ mov esi, dword [ebp + 8] push ebx lea ebx, [esi + 0x2338] -loc_00009c15: +loc_00009c83: sub esp, 0xc push ebx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 1 -jne short loc_00009c15 ; jne 0x9c15 +jne short loc_00009c83 ; jne 0x9c83 push eax push eax push dword [ebp + 0xc] lea eax, [esi + 0x2330] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0xc push 0x700 push 0xff push ebx -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 lea eax, [esi + 0x2334] add esi, 0x233a pop edx pop ecx push dword [ebp + 0x10] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx push 0xf000 push esi -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 pop ecx pop esi push 1 push ebx -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_00009c7a: +loc_00009ce8: sub esp, 0xc push ebx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 1 -jne short loc_00009c7a ; jne 0x9c7a +jne short loc_00009ce8 ; jne 0x9ce8 sub esp, 0xc push ebx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 and eax, 6 cmp al, 1 @@ -16014,7 +16057,7 @@ pop esi pop ebp ret -fcn_00009cab: +fcn_00009d19: push ebp mov ebp, esp push esi @@ -16022,61 +16065,61 @@ mov esi, dword [ebp + 8] push ebx lea ebx, [esi + 0x2338] -loc_00009cb9: +loc_00009d27: sub esp, 0xc push ebx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 1 -jne short loc_00009cb9 ; jne 0x9cb9 +jne short loc_00009d27 ; jne 0x9d27 push eax push eax push dword [ebp + 0xc] lea eax, [esi + 0x2330] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0xc push 0x600 push 0xff push ebx -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 lea eax, [esi + 0x233a] pop edx pop ecx push 0xf000 push eax -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 pop eax pop edx push 1 push ebx -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_00009d0d: +loc_00009d7b: sub esp, 0xc push ebx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 1 -jne short loc_00009d0d ; jne 0x9d0d +jne short loc_00009d7b ; jne 0x9d7b sub esp, 0xc push ebx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov edx, 0x80000007 test al, 6 -jne short loc_00009d4b ; jne 0x9d4b +jne short loc_00009db9 ; jne 0x9db9 sub esp, 0xc add esi, 0x2334 push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp + 0x10] add esp, 0x10 mov dword [edx], eax xor edx, edx -loc_00009d4b: +loc_00009db9: lea esp, [ebp - 8] mov eax, edx pop ebx @@ -16084,7 +16127,7 @@ pop esi pop ebp ret -fcn_00009d54: +fcn_00009dc2: push ebp mov ebp, esp push edi @@ -16097,45 +16140,45 @@ mov edi, dword [ebp + 0x14] push eax push esi push dword [ebp + 8] -call fcn_00009cab ; call 0x9cab +call fcn_00009d19 ; call 0x9d19 add esp, 0x10 mov ebx, eax test eax, eax -jns short loc_00009dd2 ; jns 0x9dd2 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00009e40 ; jns 0x9e40 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00009d9c ; je 0x9d9c +je short loc_00009e0a ; je 0x9e0a sub esp, 0xc push edi push dword [ebp + 0x10] push esi -push ref_00021f87 ; push 0x21f87 +push ref_00022017 ; push 0x22017 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00009d9c: -call fcn_000153f0 ; call 0x153f0 +loc_00009e0a: +call fcn_00015480 ; call 0x15480 mov edx, ebx test al, al -je loc_00009e55 ; je 0x9e55 -call fcn_000153e9 ; call 0x153e9 +je loc_00009ec3 ; je 0x9ec3 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00009dc8 ; je 0x9dc8 +je short loc_00009e36 ; je 0x9e36 push edi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00009dc8: +loc_00009e36: push esi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x34 -jmp short loc_00009e46 ; jmp 0x9e46 +jmp short loc_00009eb4 ; jmp 0x9eb4 -loc_00009dd2: +loc_00009e40: mov eax, dword [ebp + 0x10] and eax, dword [ebp - 0x1c] push ecx @@ -16144,51 +16187,51 @@ push eax push esi push dword [ebp + 8] mov dword [ebp - 0x1c], eax -call fcn_00009c07 ; call 0x9c07 +call fcn_00009c75 ; call 0x9c75 add esp, 0x10 mov ebx, eax mov edx, eax test eax, eax -jns short loc_00009e55 ; jns 0x9e55 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00009ec3 ; jns 0x9ec3 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00009e16 ; je 0x9e16 +je short loc_00009e84 ; je 0x9e84 sub esp, 0xc push edi push dword [ebp + 0x10] push esi -push ref_00021ff4 ; push 0x21ff4 +push ref_00022084 ; push 0x22084 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00009e16: -call fcn_000153f0 ; call 0x153f0 +loc_00009e84: +call fcn_00015480 ; call 0x15480 mov edx, ebx test al, al -je short loc_00009e55 ; je 0x9e55 -call fcn_000153e9 ; call 0x153e9 +je short loc_00009ec3 ; je 0x9ec3 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00009e3e ; je 0x9e3e +je short loc_00009eac ; je 0x9eac push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00009e3e: +loc_00009eac: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x40 -loc_00009e46: -push ref_00021fc0 ; push 0x21fc0 -call fcn_000153fc ; call 0x153fc +loc_00009eb4: +push ref_00022050 ; push 0x22050 +call fcn_0001548c ; call 0x1548c add esp, 0x10 mov edx, ebx -loc_00009e55: +loc_00009ec3: lea esp, [ebp - 0xc] mov eax, edx pop ebx @@ -16197,7 +16240,7 @@ pop edi pop ebp ret -fcn_00009e5f: ; not directly referenced +fcn_00009ecd: ; not directly referenced push ebp mov ebp, esp push edi @@ -16208,19 +16251,19 @@ mov ebx, dword [ebp + 8] mov edi, dword [ebp + 0x14] lea esi, [ebx + 0x2338] -loc_00009e74: ; not directly referenced +loc_00009ee2: ; not directly referenced sub esp, 0xc push esi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 1 -jne short loc_00009e74 ; jne 0x9e74 +jne short loc_00009ee2 ; jne 0x9ee2 push ecx push ecx push dword [ebp + 0xc] lea eax, [ebx + 0x2330] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov eax, dword [ebp + 0x10] add esp, 0xc shl eax, 8 @@ -16228,7 +16271,7 @@ movzx eax, ax push eax push 0xff push esi -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 pop eax mov eax, edi pop edx @@ -16237,67 +16280,67 @@ or edi, 0xf000 lea eax, [ebx + 0x233a] push edi push eax -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 mov eax, dword [ebp + 0x10] add esp, 0x10 lea ecx, [eax - 1] cmp ecx, 6 -ja short loc_00009ef6 ; ja 0x9ef6 +ja short loc_00009f64 ; ja 0x9f64 mov eax, 1 shl eax, cl test al, 0x55 -je short loc_00009ef6 ; je 0x9ef6 +je short loc_00009f64 ; je 0x9f64 mov eax, dword [ebp + 0x18] push edx push edx push dword [eax] lea eax, [ebx + 0x2334] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_00009ef6: ; not directly referenced +loc_00009f64: ; not directly referenced push eax push eax push 1 push esi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_00009f03: ; not directly referenced +loc_00009f71: ; not directly referenced sub esp, 0xc push esi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 1 -jne short loc_00009f03 ; jne 0x9f03 +jne short loc_00009f71 ; jne 0x9f71 sub esp, 0xc push esi mov esi, 0x80000007 -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov edx, dword [ebp + 0x1c] add esp, 0x10 and eax, 6 mov byte [edx], al test al, al -jne short loc_00009f5d ; jne 0x9f5d +jne short loc_00009fcb ; jne 0x9fcb xor esi, esi cmp dword [ebp + 0x10], 6 -ja short loc_00009f5d ; ja 0x9f5d +ja short loc_00009fcb ; ja 0x9fcb mov cl, byte [ebp + 0x10] mov eax, 1 shl eax, cl test al, 0x55 -je short loc_00009f5d ; je 0x9f5d +je short loc_00009fcb ; je 0x9fcb sub esp, 0xc add ebx, 0x2334 push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp + 0x18] add esp, 0x10 mov dword [edx], eax -loc_00009f5d: ; not directly referenced +loc_00009fcb: ; not directly referenced lea esp, [ebp - 0xc] mov eax, esi pop ebx @@ -16306,7 +16349,7 @@ pop edi pop ebp ret -fcn_00009f67: ; not directly referenced +fcn_00009fd5: ; not directly referenced push ebp mov ebp, esp push edi @@ -16321,11 +16364,11 @@ movzx eax, byte [ebp + 0xc] push eax movzx eax, byte [ebp + 8] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax lea eax, [eax + 0xe] mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov edx, 0x14 and eax, 0x7f cmp al, 2 @@ -16333,45 +16376,45 @@ mov eax, 0x34 cmovne edx, eax add edx, esi mov dword [esp], edx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 xor ecx, ecx mov bl, al and ebx, 0xfffffffc -loc_00009fbd: ; not directly referenced +loc_0000a02b: ; not directly referenced test bl, bl -je short loc_00009ff7 ; je 0x9ff7 +je short loc_0000a065 ; je 0xa065 inc cl -je short loc_00009ff7 ; je 0x9ff7 +je short loc_0000a065 ; je 0xa065 movzx edi, bl sub esp, 0xc add edi, esi push edi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 cmp al, byte [ebp - 0x19] mov cl, al mov dword [ebp - 0x20], ecx -je short loc_00009ffb ; je 0x9ffb +je short loc_0000a069 ; je 0xa069 sub esp, 0xc inc edi push edi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov ecx, dword [ebp - 0x20] mov bl, al and ebx, 0xfffffffc -jmp short loc_00009fbd ; jmp 0x9fbd +jmp short loc_0000a02b ; jmp 0xa02b -loc_00009ff7: ; not directly referenced +loc_0000a065: ; not directly referenced xor eax, eax -jmp short loc_00009ffd ; jmp 0x9ffd +jmp short loc_0000a06b ; jmp 0xa06b -loc_00009ffb: ; not directly referenced +loc_0000a069: ; not directly referenced mov al, bl -loc_00009ffd: ; not directly referenced +loc_0000a06b: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -16379,7 +16422,7 @@ pop edi pop ebp ret -fcn_0000a005: ; not directly referenced +fcn_0000a073: ; not directly referenced push ebp mov ebp, esp push edi @@ -16396,43 +16439,43 @@ movzx eax, byte [ebp + 0xc] push eax movzx eax, byte [ebp + 8] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 mov dword [ebp - 0x1c], eax -loc_0000a036: ; not directly referenced +loc_0000a0a4: ; not directly referenced test bx, bx -je short loc_0000a076 ; je 0xa076 +je short loc_0000a0e4 ; je 0xa0e4 inc si -je short loc_0000a076 ; je 0xa076 +je short loc_0000a0e4 ; je 0xa0e4 mov eax, dword [ebp - 0x1c] movzx ecx, bx sub esp, 0xc lea edi, [ecx + eax] push edi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov esi, eax cmp ax, word [ebp - 0x1e] -je short loc_0000a07a ; je 0xa07a +je short loc_0000a0e8 ; je 0xa0e8 sub esp, 0xc lea ecx, [edi + 2] push ecx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov ebx, eax shr bx, 4 and ebx, 0xfffffffc -jmp short loc_0000a036 ; jmp 0xa036 +jmp short loc_0000a0a4 ; jmp 0xa0a4 -loc_0000a076: ; not directly referenced +loc_0000a0e4: ; not directly referenced xor eax, eax -jmp short loc_0000a07c ; jmp 0xa07c +jmp short loc_0000a0ea ; jmp 0xa0ea -loc_0000a07a: ; not directly referenced +loc_0000a0e8: ; not directly referenced mov eax, ebx -loc_0000a07c: ; not directly referenced +loc_0000a0ea: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -16440,7 +16483,7 @@ pop edi pop ebp ret -fcn_0000a084: ; not directly referenced +fcn_0000a0f2: ; not directly referenced push ebp mov ebp, esp push edi @@ -16461,26 +16504,26 @@ mov dword [ebp - 0x30], edx mov dword [ebp - 0x1c], eax mov byte [ebp - 0x24], al mov byte [ebp - 0x28], bl -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edx, dword [ebp - 0x30] push 2 push edx push edi push esi mov dword [ebp - 0x2c], eax -call fcn_0000a005 ; call 0xa005 +call fcn_0000a073 ; call 0xa073 add esp, 0x20 mov edx, 0x80000003 mov ecx, dword [ebp - 0x2c] test ax, ax -je loc_0000a1a8 ; je 0xa1a8 +je loc_0000a216 ; je 0xa216 movzx eax, ax lea esi, [ecx + eax + 0x14] push eax push 1 push 0xf0 push esi -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a mov cl, byte [ebp - 0x20] mov eax, 1 pop edx @@ -16491,16 +16534,16 @@ mov dword [ebp - 0x20], eax push eax push esi movzx esi, bl -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 movzx edi, byte [ebp - 0x1c] add esp, 0xc push 0 push esi push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xe mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x1c], 0 mov bl, al @@ -16511,25 +16554,25 @@ mov dword [ebp - 0x28], eax movzx eax, byte [ebp - 0x24] mov dword [ebp - 0x24], eax -loc_0000a146: ; not directly referenced +loc_0000a1b4: ; not directly referenced movzx edx, byte [ebp - 0x1c] push eax push edx push esi push edi mov dword [ebp - 0x30], edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edx, dword [ebp - 0x30] push 2 push edx push dword [ebp - 0x28] push dword [ebp - 0x24] mov dword [ebp - 0x2c], eax -call fcn_0000a005 ; call 0xa005 +call fcn_0000a073 ; call 0xa073 add esp, 0x20 mov ecx, dword [ebp - 0x2c] test ax, ax -je short loc_0000a19e ; je 0xa19e +je short loc_0000a20c ; je 0xa20c movzx eax, ax lea edx, [ecx + eax + 0x14] push eax @@ -16537,22 +16580,22 @@ push 1 push 0xf0 push edx mov dword [ebp - 0x2c], edx -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a pop edx mov edx, dword [ebp - 0x2c] pop ecx push dword [ebp - 0x20] push edx -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 add esp, 0x10 -loc_0000a19e: ; not directly referenced +loc_0000a20c: ; not directly referenced inc byte [ebp - 0x1c] cmp byte [ebp - 0x1c], bl -jbe short loc_0000a146 ; jbe 0xa146 +jbe short loc_0000a1b4 ; jbe 0xa1b4 xor edx, edx -loc_0000a1a8: ; not directly referenced +loc_0000a216: ; not directly referenced lea esp, [ebp - 0xc] mov eax, edx pop ebx @@ -16561,7 +16604,7 @@ pop edi pop ebp ret -fcn_0000a1b2: ; not directly referenced +fcn_0000a220: ; not directly referenced push ebp mov ebp, esp push edi @@ -16583,33 +16626,33 @@ mov dword [ebp - 0x24], ecx mov dword [ebp - 0x1c], eax mov byte [ebp - 0x38], bl mov byte [ebp - 0x3c], al -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ecx, dword [ebp - 0x24] push 0x10 push ecx push esi push edi mov dword [ebp - 0x20], eax -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 add esp, 0x20 test al, al -jne short loc_0000a209 ; jne 0xa209 +jne short loc_0000a277 ; jne 0xa277 -loc_0000a1ff: ; not directly referenced +loc_0000a26d: ; not directly referenced mov eax, 0x80000003 -jmp near loc_0000a374 ; jmp 0xa374 +jmp near loc_0000a3e2 ; jmp 0xa3e2 -loc_0000a209: ; not directly referenced +loc_0000a277: ; not directly referenced movzx eax, al sub esp, 0xc add eax, dword [ebp - 0x20] lea esi, [eax + 0x12] push esi mov dword [ebp - 0x28], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test ah, 0x10 -je short loc_0000a1ff ; je 0xa1ff +je short loc_0000a26d ; je 0xa26d movzx eax, byte [ebp - 0x1c] movzx edx, bl push ecx @@ -16618,40 +16661,40 @@ push eax push edx mov dword [ebp - 0x34], edx mov dword [ebp - 0x30], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ebx, eax lea eax, [eax + 0xe] mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x1c], al sar byte [ebp - 0x1c], 7 and byte [ebp - 0x1c], 7 cmp byte [ebp - 0x2c], 0 -jne short loc_0000a298 ; jne 0xa298 +jne short loc_0000a306 ; jne 0xa306 sub esp, 0xc push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp ax, 0x8086 -jne short loc_0000a298 ; jne 0xa298 +jne short loc_0000a306 ; jne 0xa306 sub esp, 0xc add ebx, 2 push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp ax, 0x93c -jne short loc_0000a298 ; jne 0xa298 +jne short loc_0000a306 ; jne 0xa306 push eax push eax mov eax, dword [ebp - 0x20] push 0x40 add eax, 0x70 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_0000a298: ; not directly referenced +loc_0000a306: ; not directly referenced movzx eax, byte [ebp - 0x3c] xor ebx, ebx mov byte [ebp - 0x24], 0 @@ -16659,92 +16702,92 @@ mov dword [ebp - 0x3c], eax movzx eax, byte [ebp - 0x38] mov dword [ebp - 0x40], eax -loc_0000a2ac: ; not directly referenced +loc_0000a31a: ; not directly referenced push edi movzx edi, byte [ebp - 0x24] push edi push dword [ebp - 0x30] push dword [ebp - 0x34] -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a push 0x10 push edi push dword [ebp - 0x3c] push dword [ebp - 0x40] mov dword [ebp - 0x38], eax -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 add esp, 0x20 test al, al -je short loc_0000a31a ; je 0xa31a +je short loc_0000a388 ; je 0xa388 mov edi, dword [ebp - 0x38] movzx eax, al sub esp, 0xc add edi, eax lea eax, [edi + 0x12] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test ah, 0x10 -je short loc_0000a31a ; je 0xa31a +je short loc_0000a388 ; je 0xa388 test bl, bl -jne short loc_0000a308 ; jne 0xa308 +jne short loc_0000a376 ; jne 0xa376 mov eax, dword [ebp - 0x28] push ebx push ebx push 0x40 add eax, 0x10 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_0000a308: ; not directly referenced +loc_0000a376: ; not directly referenced push ecx add edi, 0x10 push ecx mov bl, 1 push 0x40 push edi -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_0000a31a: ; not directly referenced +loc_0000a388: ; not directly referenced inc byte [ebp - 0x24] mov al, byte [ebp - 0x1c] cmp byte [ebp - 0x24], al -jbe short loc_0000a2ac ; jbe 0xa2ac +jbe short loc_0000a31a ; jbe 0xa31a cmp bl, 1 sbb ebx, ebx and ebx, 0x80000003 cmp byte [ebp - 0x2c], 0 -jne short loc_0000a34e ; jne 0xa34e +jne short loc_0000a3bc ; jne 0xa3bc mov eax, dword [ebp - 0x20] push edx push edx push 0x1040 add eax, 0xd4 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_0000a34e: ; not directly referenced +loc_0000a3bc: ; not directly referenced push eax push eax mov eax, dword [ebp - 0x28] push 0x20 add eax, 0x10 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_0000a361: ; not directly referenced +loc_0000a3cf: ; not directly referenced sub esp, 0xc push esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test ah, 8 -jne short loc_0000a361 ; jne 0xa361 +jne short loc_0000a3cf ; jne 0xa3cf mov eax, ebx -loc_0000a374: ; not directly referenced +loc_0000a3e2: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -16752,7 +16795,7 @@ pop edi pop ebp ret -fcn_0000a37c: ; not directly referenced +fcn_0000a3ea: ; not directly referenced push ebp mov ebp, esp push edi @@ -16766,11 +16809,11 @@ mov dword [ebp - 0x1c], eax mov byte [ebp - 0x24], bl mov dword [ebp - 0x28], esi mov byte [ebp - 0x20], al -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 2 -je short loc_0000a3e0 ; je 0xa3e0 +je short loc_0000a44e ; je 0xa44e -loc_0000a3a4: ; not directly referenced +loc_0000a412: ; not directly referenced movzx edi, byte [ebp - 0x1c] movzx esi, bl xor ebx, ebx @@ -16778,10 +16821,10 @@ push ecx push 0 push edi push esi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xe mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x1c], al movzx eax, byte [ebp - 0x20] @@ -16790,22 +16833,22 @@ and byte [ebp - 0x1c], 7 mov dword [ebp - 0x20], eax movzx eax, byte [ebp - 0x24] mov dword [ebp - 0x24], eax -jmp short loc_0000a447 ; jmp 0xa447 +jmp short loc_0000a4b5 ; jmp 0xa4b5 -loc_0000a3e0: ; not directly referenced +loc_0000a44e: ; not directly referenced push eax push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edi, eax lea eax, [eax + 0xf0] add edi, 0x48 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], edi mov esi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov edi, eax pop eax and edi, 0xfffc @@ -16815,78 +16858,78 @@ push eax mov eax, esi and eax, 0xffffc000 push eax -call fcn_0001c307 ; call 0x1c307 +call fcn_0001c3cb ; call 0x1c3cb movzx eax, al lea eax, [edi + eax*8 + 0x190] mov dword [esp], eax -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 add esp, 0x10 test al, 1 -je loc_0000a3a4 ; je 0xa3a4 -jmp near loc_0000a4e9 ; jmp 0xa4e9 +je loc_0000a412 ; je 0xa412 +jmp near loc_0000a557 ; jmp 0xa557 -loc_0000a447: ; not directly referenced +loc_0000a4b5: ; not directly referenced push 0x10 movzx ecx, bl push ecx push dword [ebp - 0x20] push dword [ebp - 0x24] mov dword [ebp - 0x28], ecx -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 add esp, 0x10 mov ecx, dword [ebp - 0x28] test al, al mov dl, al -jne short loc_0000a471 ; jne 0xa471 +jne short loc_0000a4df ; jne 0xa4df -loc_0000a467: ; not directly referenced +loc_0000a4d5: ; not directly referenced inc ebx cmp bl, byte [ebp - 0x1c] -jbe short loc_0000a447 ; jbe 0xa447 +jbe short loc_0000a4b5 ; jbe 0xa4b5 xor ebx, ebx -jmp short loc_0000a4a1 ; jmp 0xa4a1 +jmp short loc_0000a50f ; jmp 0xa50f -loc_0000a471: ; not directly referenced +loc_0000a4df: ; not directly referenced push eax push ecx push edi push esi mov dword [ebp - 0x28], edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edx, dword [ebp - 0x28] movzx edx, dl lea eax, [eax + edx + 0xc] mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, 0x40000 -jne short loc_0000a467 ; jne 0xa467 -jmp short loc_0000a4e9 ; jmp 0xa4e9 +jne short loc_0000a4d5 ; jne 0xa4d5 +jmp short loc_0000a557 ; jmp 0xa557 -loc_0000a49b: ; not directly referenced +loc_0000a509: ; not directly referenced inc ebx cmp bl, byte [ebp - 0x1c] -ja short loc_0000a4e9 ; ja 0xa4e9 +ja short loc_0000a557 ; ja 0xa557 -loc_0000a4a1: ; not directly referenced +loc_0000a50f: ; not directly referenced push 0x10 movzx ecx, bl push ecx push dword [ebp - 0x20] push dword [ebp - 0x24] mov dword [ebp - 0x28], ecx -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 add esp, 0x10 mov ecx, dword [ebp - 0x28] test al, al mov dl, al -je short loc_0000a49b ; je 0xa49b +je short loc_0000a509 ; je 0xa509 push eax push ecx push edi push esi mov dword [ebp - 0x28], edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx mov edx, dword [ebp - 0x28] pop ecx @@ -16894,11 +16937,11 @@ movzx edx, dl push 0x100 lea eax, [eax + edx + 0x10] push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -jmp short loc_0000a49b ; jmp 0xa49b +jmp short loc_0000a509 ; jmp 0xa509 -loc_0000a4e9: ; not directly referenced +loc_0000a557: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -16906,7 +16949,7 @@ pop edi pop ebp ret -fcn_0000a4f1: ; not directly referenced +fcn_0000a55f: ; not directly referenced push ebp mov ebp, esp push edi @@ -16924,10 +16967,10 @@ push edx push edi mov byte [ebp - 0x1a], bl mov dword [ebp - 0x20], edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xe mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x19], 0 mov dword [ebp - 0x28], edi @@ -16937,32 +16980,32 @@ sar bl, 7 and ebx, 7 mov dword [ebp - 0x24], eax -loc_0000a53f: ; not directly referenced +loc_0000a5ad: ; not directly referenced push ecx movzx ecx, byte [ebp - 0x19] push ecx push dword [ebp - 0x20] mov dword [ebp - 0x2c], ecx push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov esi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je short loc_0000a5c3 ; je 0xa5c3 +je short loc_0000a631 ; je 0xa631 mov ecx, dword [ebp - 0x2c] push 0x10 push ecx push dword [ebp - 0x24] push dword [ebp - 0x28] -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 add esp, 0x10 test al, al -je short loc_0000a5c3 ; je 0xa5c3 +je short loc_0000a631 ; je 0xa631 cmp byte [ebp - 0x1a], 1 movzx eax, al -jne short loc_0000a5a5 ; jne 0xa5a5 +jne short loc_0000a613 ; jne 0xa613 push edx mov edx, dword [ebp + 0x10] lea eax, [esi + eax + 8] @@ -16972,26 +17015,26 @@ movzx ecx, cx push ecx push 0xff1f push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 -jmp short loc_0000a5c3 ; jmp 0xa5c3 +jmp short loc_0000a631 ; jmp 0xa631 -loc_0000a5a5: ; not directly referenced +loc_0000a613: ; not directly referenced sub esp, 0xc lea eax, [esi + eax + 4] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov esi, dword [ebp + 0x10] add esp, 0x10 and eax, 7 cmp word [esi], ax -jbe short loc_0000a5c3 ; jbe 0xa5c3 +jbe short loc_0000a631 ; jbe 0xa631 mov word [esi], ax -loc_0000a5c3: ; not directly referenced +loc_0000a631: ; not directly referenced inc byte [ebp - 0x19] cmp byte [ebp - 0x19], bl -jbe loc_0000a53f ; jbe 0xa53f +jbe loc_0000a5ad ; jbe 0xa5ad lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -17000,7 +17043,7 @@ pop edi pop ebp ret -fcn_0000a5d9: ; not directly referenced +fcn_0000a647: ; not directly referenced push ebp mov ebp, esp push edi @@ -17016,7 +17059,7 @@ movzx edi, bl push eax movzx eax, byte [ebp + 8] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 mov dword [ebp - 0x20], eax @@ -17024,10 +17067,10 @@ mov eax, esi movzx esi, al push esi push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xe mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 xor ecx, ecx mov byte [ebp - 0x19], 0 @@ -17035,7 +17078,7 @@ mov dl, al sar dl, 7 and edx, 7 -loc_0000a62f: ; not directly referenced +loc_0000a69d: ; not directly referenced movzx eax, byte [ebp - 0x19] mov dword [ebp - 0x28], edx push edx @@ -17043,50 +17086,50 @@ push eax push esi push edi mov dword [ebp - 0x24], ecx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ebx, eax lea eax, [eax + 0xb] mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov byte [ebp - 0x1a], al lea eax, [ebx + 0xa] add ebx, 9 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov dword [esp], ebx mov byte [ebp - 0x1b], al -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov ecx, dword [ebp - 0x24] cmp byte [ebp - 0x1b], 0 mov edx, dword [ebp - 0x28] -jne short loc_0000a68a ; jne 0xa68a +jne short loc_0000a6f8 ; jne 0xa6f8 cmp byte [ebp - 0x1a], 8 -jne short loc_0000a68a ; jne 0xa68a +jne short loc_0000a6f8 ; jne 0xa6f8 cmp al, 0x20 -je short loc_0000a688 ; je 0xa688 +je short loc_0000a6f6 ; je 0xa6f6 cmp al, 0x10 -jne short loc_0000a68a ; jne 0xa68a +jne short loc_0000a6f8 ; jne 0xa6f8 -loc_0000a688: ; not directly referenced +loc_0000a6f6: ; not directly referenced mov cl, 1 -loc_0000a68a: ; not directly referenced +loc_0000a6f8: ; not directly referenced inc byte [ebp - 0x19] cmp byte [ebp - 0x19], dl -jbe short loc_0000a62f ; jbe 0xa62f +jbe short loc_0000a69d ; jbe 0xa69d test cl, cl -jne short loc_0000a6ab ; jne 0xa6ab +jne short loc_0000a719 ; jne 0xa719 push eax push eax mov eax, dword [ebp - 0x20] push 2 add eax, 0xd4 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_0000a6ab: ; not directly referenced +loc_0000a719: ; not directly referenced lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -17095,43 +17138,43 @@ pop edi pop ebp ret -fcn_0000a6b5: ; not directly referenced +fcn_0000a723: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 8] push ebx mov ebx, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0000a6f0 ; je 0xa6f0 +je short loc_0000a75e ; je 0xa75e mov ax, word [esi] and eax, 0x1c00 cmp eax, 0x1400 -jbe short loc_0000a6f0 ; jbe 0xa6f0 +jbe short loc_0000a75e ; jbe 0xa75e push edx -push ref_0002202e ; push 0x2202e +push ref_000220be ; push 0x220be push 0x275 -push ref_00022076 ; push 0x22076 -call fcn_000153fc ; call 0x153fc +push ref_00022106 ; push 0x22106 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000a6f0: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0000a75e: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0000a71f ; je 0xa71f +je short loc_0000a78d ; je 0xa78d mov eax, ebx and eax, 0x1c00 cmp eax, 0x1400 -jbe short loc_0000a71f ; jbe 0xa71f +jbe short loc_0000a78d ; jbe 0xa78d push eax -push ref_000220c4 ; push 0x220c4 +push ref_00022154 ; push 0x22154 push 0x276 -push ref_00022076 ; push 0x22076 -call fcn_000153fc ; call 0x153fc +push ref_00022106 ; push 0x22106 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000a71f: ; not directly referenced +loc_0000a78d: ; not directly referenced mov cx, word [esi] mov eax, ecx and ecx, 0x1c00 @@ -17140,7 +17183,7 @@ and eax, 0x3ff lea ecx, [ecx + ecx*4] shl eax, cl test eax, eax -je short loc_0000a757 ; je 0xa757 +je short loc_0000a7c5 ; je 0xa7c5 mov ecx, ebx mov edx, ebx and ecx, 0x1c00 @@ -17149,25 +17192,25 @@ sar ecx, 0xa lea ecx, [ecx + ecx*4] shl edx, cl cmp eax, edx -jle short loc_0000a75a ; jle 0xa75a +jle short loc_0000a7c8 ; jle 0xa7c8 -loc_0000a757: ; not directly referenced +loc_0000a7c5: ; not directly referenced mov word [esi], bx -loc_0000a75a: ; not directly referenced +loc_0000a7c8: ; not directly referenced lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0000a761: ; not directly referenced +fcn_0000a7cf: ; not directly referenced push ebp mov ecx, 4 mov ebp, esp push edi push esi -mov esi, ref_00020368 ; mov esi, 0x20368 +mov esi, ref_000203f8 ; mov esi, 0x203f8 push ebx sub esp, 0x6c mov eax, dword [ebp + 0x28] @@ -17178,7 +17221,7 @@ mov word [ebp - 0x6a], ax mov al, byte [ebp + 0x4c] mov byte [ebp - 0x58], bl mov byte [ebp - 0x6c], al -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov dword [ebp - 0x3c], 0 mov dword [ebp - 0x5c], eax movzx eax, bl @@ -17192,353 +17235,353 @@ mov dword [ebp - 0x70], eax add eax, 4 mov dword [ebp - 0x74], eax -loc_0000a7bb: ; not directly referenced +loc_0000a829: ; not directly referenced push eax push 0 push dword [ebp - 0x3c] push dword [ebp - 0x54] -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov ebx, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne short loc_0000a7ea ; jne 0xa7ea +jne short loc_0000a858 ; jne 0xa858 -loc_0000a7da: ; not directly referenced +loc_0000a848: ; not directly referenced inc dword [ebp - 0x3c] cmp dword [ebp - 0x3c], 0x20 -jne short loc_0000a7bb ; jne 0xa7bb +jne short loc_0000a829 ; jne 0xa829 xor eax, eax -jmp near loc_0000afa4 ; jmp 0xafa4 +jmp near loc_0000b012 ; jmp 0xb012 -loc_0000a7ea: ; not directly referenced +loc_0000a858: ; not directly referenced sub esp, 0xc add ebx, 0xe push ebx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x57], 0 mov byte [ebp - 0x55], al sar byte [ebp - 0x55], 7 and byte [ebp - 0x55], 7 -loc_0000a808: ; not directly referenced +loc_0000a876: ; not directly referenced movzx ebx, byte [ebp - 0x57] push edi mov esi, dword [ebp - 0x54] push ebx push dword [ebp - 0x3c] push esi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov edi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je loc_0000af84 ; je 0xaf84 +je loc_0000aff2 ; je 0xaff2 push 0x10 push ebx push dword [ebp - 0x3c] push esi -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 add esp, 0x10 mov byte [ebp - 0x60], al test al, al -je loc_0000af98 ; je 0xaf98 +je loc_0000b006 ; je 0xb006 sub esp, 0xc push edi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov word [ebp - 0x46], ax lea eax, [edi + 2] mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov word [ebp - 0x48], ax lea eax, [edi + 8] mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 cmp dword [ebp - 0x5c], 2 mov byte [ebp - 0x56], al -jne loc_0000a99e ; jne 0xa99e -call fcn_0001bff9 ; call 0x1bff9 +jne loc_0000aa0c ; jne 0xaa0c +call fcn_0001c0bd ; call 0x1c0bd cmp eax, 2 -jne short loc_0000a8bf ; jne 0xa8bf +jne short loc_0000a92d ; jne 0xa92d cmp word [ebp - 0x46], 0x8086 -jne short loc_0000a8bf ; jne 0xa8bf +jne short loc_0000a92d ; jne 0xa92d sub esp, 0xc lea eax, [edi + 0xa] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp ax, 0x280 -jne short loc_0000a8bf ; jne 0xa8bf +jne short loc_0000a92d ; jne 0xa92d mov eax, dword [ebp + 8] push esi push esi push 0xfc add eax, 0x418 push eax -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d add esp, 0x10 -loc_0000a8bf: ; not directly referenced +loc_0000a92d: ; not directly referenced mov eax, dword [ebp - 0x48] xor ecx, ecx sub ax, 0x8b1 mov word [ebp - 0x40], ax -loc_0000a8cc: ; not directly referenced +loc_0000a93a: ; not directly referenced movzx edx, cl cmp edx, dword [ebp + 0x14] -jae short loc_0000a945 ; jae 0xa945 +jae short loc_0000a9b3 ; jae 0xa9b3 imul edx, edx, 0x18 add edx, dword [ebp + 0x18] mov esi, edx test byte [edx + 8], 2 -je short loc_0000a942 ; je 0xa942 +je short loc_0000a9b0 ; je 0xa9b0 mov ax, word [ebp - 0x46] cmp ax, word [edx] -jne short loc_0000a942 ; jne 0xa942 +jne short loc_0000a9b0 ; jne 0xa9b0 mov eax, dword [ebp - 0x48] cmp ax, word [edx + 2] -jne short loc_0000a942 ; jne 0xa942 +jne short loc_0000a9b0 ; jne 0xa9b0 mov al, byte [edx + 4] cmp byte [ebp - 0x56], al -je short loc_0000a900 ; je 0xa900 +je short loc_0000a96e ; je 0xa96e inc al -jne short loc_0000a942 ; jne 0xa942 +jne short loc_0000a9b0 ; jne 0xa9b0 -loc_0000a900: ; not directly referenced +loc_0000a96e: ; not directly referenced cmp word [ebp - 0x46], 0x8086 -je short loc_0000a91d ; je 0xa91d +je short loc_0000a98b ; je 0xa98b -loc_0000a908: ; not directly referenced +loc_0000a976: ; not directly referenced mov ax, word [esi + 0xa] mov ecx, dword [esi + 0xc] mov word [ebp - 0x40], ax mov dword [ebp - 0x50], ecx test ax, ax -jne short loc_0000a974 ; jne 0xa974 -jmp short loc_0000a94c ; jmp 0xa94c +jne short loc_0000a9e2 ; jne 0xa9e2 +jmp short loc_0000a9ba ; jmp 0xa9ba -loc_0000a91d: ; not directly referenced +loc_0000a98b: ; not directly referenced cmp word [ebp - 0x40], 3 mov dword [ebp - 0x44], ecx -ja short loc_0000a908 ; ja 0xa908 +ja short loc_0000a976 ; ja 0xa976 movzx eax, word [esi + 0xa] sub esp, 0xc add eax, edi push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov ecx, dword [ebp - 0x44] cmp ax, 0xcafe -je short loc_0000a908 ; je 0xa908 +je short loc_0000a976 ; je 0xa976 -loc_0000a942: ; not directly referenced +loc_0000a9b0: ; not directly referenced inc ecx -jmp short loc_0000a8cc ; jmp 0xa8cc +jmp short loc_0000a93a ; jmp 0xa93a -loc_0000a945: ; not directly referenced +loc_0000a9b3: ; not directly referenced mov dword [ebp - 0x50], 0x1f -loc_0000a94c: ; not directly referenced +loc_0000a9ba: ; not directly referenced push 0x1e push ebx push dword [ebp - 0x3c] push dword [ebp - 0x54] -call fcn_0000a005 ; call 0xa005 +call fcn_0000a073 ; call 0xa073 add esp, 0x10 mov dword [ebp - 0x44], 0 mov dword [ebp - 0x4c], 0 mov word [ebp - 0x40], ax test ax, ax -je short loc_0000a9b9 ; je 0xa9b9 +je short loc_0000aa27 ; je 0xaa27 -loc_0000a974: ; not directly referenced +loc_0000a9e2: ; not directly referenced mov eax, dword [ebp - 0x74] sub esp, 0xc add eax, dword [ebp + 8] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [ebp - 0x4c], eax movzx eax, word [ebp - 0x40] lea eax, [edi + eax + 4] mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov dword [ebp - 0x44], eax -jmp short loc_0000a9b9 ; jmp 0xa9b9 +jmp short loc_0000aa27 ; jmp 0xaa27 -loc_0000a99e: ; not directly referenced +loc_0000aa0c: ; not directly referenced mov dword [ebp - 0x50], 0x1f mov dword [ebp - 0x44], 0 mov dword [ebp - 0x4c], 0 mov word [ebp - 0x40], 0 -loc_0000a9b9: ; not directly referenced +loc_0000aa27: ; not directly referenced movzx esi, byte [ebp - 0x60] sub esp, 0xc add esi, edi lea eax, [esi + 0x24] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0x800 mov dword [ebp - 0x60], eax -je short loc_0000a9e1 ; je 0xa9e1 +je short loc_0000aa4f ; je 0xaa4f mov eax, dword [ebp + 0x3c] cmp byte [eax + 0x12], 1 -je short loc_0000a9e7 ; je 0xa9e7 +je short loc_0000aa55 ; je 0xaa55 -loc_0000a9e1: ; not directly referenced +loc_0000aa4f: ; not directly referenced mov eax, dword [ebp + 0x48] mov byte [eax], 0 -loc_0000a9e7: ; not directly referenced +loc_0000aa55: ; not directly referenced cmp dword [ebp + 0x20], 1 -ja loc_0000aced ; ja 0xaced +ja loc_0000ad5b ; ja 0xad5b lea eax, [esi + 0xc] sub esp, 0xc push eax mov dword [ebp - 0x60], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, 0x40000 -jne short loc_0000aa10 ; jne 0xaa10 +jne short loc_0000aa7e ; jne 0xaa7e mov eax, dword [ebp + 0x44] mov byte [eax], 0 -loc_0000aa10: ; not directly referenced +loc_0000aa7e: ; not directly referenced sub esp, 0xc push dword [ebp - 0x60] -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov ebx, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 shr bx, 0xa add esp, 0x10 and ebx, 3 test al, al -je short loc_0000aa46 ; je 0xaa46 +je short loc_0000aab4 ; je 0xaab4 movzx eax, bx push eax push dword [ebp - 0x3c] -push ref_0002210b ; push 0x2210b +push ref_0002219b ; push 0x2219b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000aa46: ; not directly referenced +loc_0000aab4: ; not directly referenced cmp dword [ebp + 0x20], 0 -jne loc_0000aba5 ; jne 0xaba5 +jne loc_0000ac13 ; jne 0xac13 lea eax, [esi + 4] sub esp, 0xc push eax mov dword [ebp - 0x68], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test ax, ax -js short loc_0000aa87 ; js 0xaa87 -call fcn_000153e9 ; call 0x153e9 +js short loc_0000aaf5 ; js 0xaaf5 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000aa81 ; je 0xaa81 +je short loc_0000aaef ; je 0xaaef push ecx push ecx -push ref_00022135 ; push 0x22135 +push ref_000221c5 ; push 0x221c5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000aa81: ; not directly referenced +loc_0000aaef: ; not directly referenced mov eax, dword [ebp + 0x40] mov byte [eax], 1 -loc_0000aa87: ; not directly referenced +loc_0000aaf5: ; not directly referenced sub esp, 0xc xor esi, esi lea eax, [edi + 0xb] push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov byte [ebp - 0x6b], al lea eax, [edi + 0xa] mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 -loc_0000aaa6: ; not directly referenced +loc_0000ab14: ; not directly referenced mov ecx, esi movzx edx, cl cmp edx, dword [ebp + 0x14] -jae short loc_0000ab03 ; jae 0xab03 +jae short loc_0000ab71 ; jae 0xab71 imul edx, edx, 0x18 add edx, dword [ebp + 0x18] test byte [edx + 8], 1 -je short loc_0000ab00 ; je 0xab00 +je short loc_0000ab6e ; je 0xab6e mov cx, word [edx] cmp cx, word [ebp - 0x46] -je short loc_0000aac9 ; je 0xaac9 +je short loc_0000ab37 ; je 0xab37 inc cx -jne short loc_0000ab00 ; jne 0xab00 +jne short loc_0000ab6e ; jne 0xab6e -loc_0000aac9: ; not directly referenced +loc_0000ab37: ; not directly referenced mov cx, word [edx + 2] cmp cx, word [ebp - 0x48] -je short loc_0000aad7 ; je 0xaad7 +je short loc_0000ab45 ; je 0xab45 inc cx -jne short loc_0000ab00 ; jne 0xab00 +jne short loc_0000ab6e ; jne 0xab6e -loc_0000aad7: ; not directly referenced +loc_0000ab45: ; not directly referenced mov cl, byte [edx + 4] cmp cl, byte [ebp - 0x56] -je short loc_0000aae3 ; je 0xaae3 +je short loc_0000ab51 ; je 0xab51 inc cl -jne short loc_0000ab00 ; jne 0xab00 +jne short loc_0000ab6e ; jne 0xab6e -loc_0000aae3: ; not directly referenced +loc_0000ab51: ; not directly referenced mov cl, byte [edx + 5] cmp cl, byte [ebp - 0x6b] -je short loc_0000aaef ; je 0xaaef +je short loc_0000ab5d ; je 0xab5d inc cl -jne short loc_0000ab00 ; jne 0xab00 +jne short loc_0000ab6e ; jne 0xab6e -loc_0000aaef: ; not directly referenced +loc_0000ab5d: ; not directly referenced mov cl, byte [edx + 6] cmp cl, al -jne short loc_0000aafc ; jne 0xaafc +jne short loc_0000ab6a ; jne 0xab6a -loc_0000aaf6: ; not directly referenced +loc_0000ab64: ; not directly referenced movzx ebx, byte [edx + 7] -jmp short loc_0000ab03 ; jmp 0xab03 +jmp short loc_0000ab71 ; jmp 0xab71 -loc_0000aafc: ; not directly referenced +loc_0000ab6a: ; not directly referenced inc cl -je short loc_0000aaf6 ; je 0xaaf6 +je short loc_0000ab64 ; je 0xab64 -loc_0000ab00: ; not directly referenced +loc_0000ab6e: ; not directly referenced inc esi -jmp short loc_0000aaa6 ; jmp 0xaaa6 +jmp short loc_0000ab14 ; jmp 0xab14 -loc_0000ab03: ; not directly referenced +loc_0000ab71: ; not directly referenced test bl, 2 -je short loc_0000ab54 ; je 0xab54 +je short loc_0000abc2 ; je 0xabc2 mov ecx, dword [ebp + 0xc] sub esp, 0xc mov eax, dword [ebp + 8] lea eax, [eax + ecx + 0xc] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop ecx push dword [ebp - 0x60] mov esi, eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e and esi, 0x38000 pop edx push dword [ebp - 0x68] and eax, 0x38000 cmp eax, esi cmovae esi, eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e shr esi, 6 mov edx, ebx and edx, 0xfffffffd @@ -17547,26 +17590,26 @@ and eax, 0xe00 cmp esi, eax cmova ebx, edx -loc_0000ab54: ; not directly referenced +loc_0000abc2: ; not directly referenced test bl, 1 -je short loc_0000aba5 ; je 0xaba5 +je short loc_0000ac13 ; je 0xac13 mov ecx, dword [ebp + 0xc] sub esp, 0xc mov eax, dword [ebp + 8] lea eax, [eax + ecx + 0xc] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov esi, eax pop eax and esi, 0x7000 push dword [ebp - 0x60] -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edx push dword [ebp - 0x68] and eax, 0x7000 cmp eax, esi cmovae esi, eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e shr esi, 6 mov edx, ebx and edx, 0xfffffffe @@ -17575,39 +17618,39 @@ and eax, 0x1c0 cmp esi, eax cmova ebx, edx -loc_0000aba5: ; not directly referenced +loc_0000ac13: ; not directly referenced mov eax, dword [ebp + 0x1c] and word [eax], bx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000abca ; je 0xabca +je short loc_0000ac38 ; je 0xac38 movzx ebx, bx push ebx push dword [ebp - 0x3c] -push ref_00022168 ; push 0x22168 +push ref_000221f8 ; push 0x221f8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000abca: ; not directly referenced +loc_0000ac38: ; not directly referenced cmp dword [ebp - 0x5c], 2 -jne short loc_0000ac4a ; jne 0xac4a +jne short loc_0000acb8 ; jne 0xacb8 cmp word [ebp - 0x40], 0 -je short loc_0000ac4a ; je 0xac4a +je short loc_0000acb8 ; je 0xacb8 cmp word [ebp - 0x6a], 0 -je short loc_0000ac4a ; je 0xac4a +je short loc_0000acb8 ; je 0xacb8 mov eax, dword [ebp - 0x4c] and eax, 0x1f cmp eax, 0x1f -jne short loc_0000ac4a ; jne 0xac4a +jne short loc_0000acb8 ; jne 0xacb8 mov ecx, dword [ebp - 0x50] mov eax, dword [ebp - 0x44] and eax, ecx cmp eax, ecx -jne short loc_0000ac4a ; jne 0xac4a +jne short loc_0000acb8 ; jne 0xacb8 mov eax, dword [ebp + 0x3c] cmp byte [eax + 0x11], 0 -je short loc_0000ac4a ; je 0xac4a +je short loc_0000acb8 ; je 0xacb8 mov eax, dword [ebp + 0x2c] mov ebx, dword [ebp + 0x30] mov byte [eax], 1 @@ -17620,10 +17663,10 @@ shr ecx, 0x13 and edx, 3 and ecx, 0x1f cmp eax, dword [ebx] -jbe short loc_0000ac23 ; jbe 0xac23 +jbe short loc_0000ac91 ; jbe 0xac91 mov dword [ebx], eax -loc_0000ac23: ; not directly referenced +loc_0000ac91: ; not directly referenced mov eax, dword [ebp + 0x38] movzx edx, dl movzx ecx, cl @@ -17634,42 +17677,42 @@ imul ebx, ecx mov eax, dword [ebp + eax*4 - 0x28] imul eax, dword [esi] cmp ebx, eax -jbe short loc_0000ac4a ; jbe 0xac4a +jbe short loc_0000acb8 ; jbe 0xacb8 mov eax, dword [ebp + 0x38] mov dword [esi], ecx mov dword [eax], edx -loc_0000ac4a: ; not directly referenced +loc_0000acb8: ; not directly referenced mov eax, dword [ebp + 0x24] xor edx, edx mov ebx, dword [eax] -loc_0000ac51: ; not directly referenced +loc_0000acbf: ; not directly referenced movzx esi, dl cmp esi, dword [ebp + 0x14] -jae loc_0000ae9a ; jae 0xae9a +jae loc_0000af08 ; jae 0xaf08 imul esi, esi, 0x18 add esi, dword [ebp + 0x18] test byte [esi + 8], 4 -je short loc_0000ace7 ; je 0xace7 +je short loc_0000ad55 ; je 0xad55 mov ax, word [ebp - 0x46] cmp word [esi], ax -jne short loc_0000ace7 ; jne 0xace7 +jne short loc_0000ad55 ; jne 0xad55 mov ax, word [esi + 2] cmp ax, word [ebp - 0x48] -je short loc_0000ac80 ; je 0xac80 +je short loc_0000acee ; je 0xacee inc ax -jne short loc_0000ace7 ; jne 0xace7 +jne short loc_0000ad55 ; jne 0xad55 -loc_0000ac80: ; not directly referenced +loc_0000acee: ; not directly referenced mov al, byte [esi + 4] cmp al, byte [ebp - 0x56] -jne short loc_0000acb7 ; jne 0xacb7 +jne short loc_0000ad25 ; jne 0xad25 -loc_0000ac88: ; not directly referenced +loc_0000acf6: ; not directly referenced movzx eax, word [esi + 0x12] test ax, ax -jns short loc_0000acbd ; jns 0xacbd +jns short loc_0000ad2b ; jns 0xad2b push ecx mov edx, ebx push ecx @@ -17679,60 +17722,60 @@ lea eax, [ebp - 0x2a] push eax shr edx, 0x10 mov word [ebp - 0x2a], dx -call fcn_0000a6b5 ; call 0xa6b5 +call fcn_0000a723 ; call 0xa723 movzx eax, word [ebp - 0x2a] add esp, 0x10 shl eax, 0x10 or ebx, eax -jmp short loc_0000acbd ; jmp 0xacbd +jmp short loc_0000ad2b ; jmp 0xad2b -loc_0000acb7: ; not directly referenced +loc_0000ad25: ; not directly referenced inc al -jne short loc_0000ace7 ; jne 0xace7 -jmp short loc_0000ac88 ; jmp 0xac88 +jne short loc_0000ad55 ; jne 0xad55 +jmp short loc_0000acf6 ; jmp 0xacf6 -loc_0000acbd: ; not directly referenced +loc_0000ad2b: ; not directly referenced movzx eax, word [esi + 0x10] test ax, ax -jns short loc_0000acdd ; jns 0xacdd +jns short loc_0000ad4b ; jns 0xad4b push edx push edx push eax lea eax, [ebp - 0x2a] push eax mov word [ebp - 0x2a], bx -call fcn_0000a6b5 ; call 0xa6b5 +call fcn_0000a723 ; call 0xa723 mov bx, word [ebp - 0x2a] add esp, 0x10 -loc_0000acdd: ; not directly referenced +loc_0000ad4b: ; not directly referenced mov eax, dword [ebp + 0x24] mov dword [eax], ebx -jmp near loc_0000ae9a ; jmp 0xae9a +jmp near loc_0000af08 ; jmp 0xaf08 -loc_0000ace7: ; not directly referenced +loc_0000ad55: ; not directly referenced inc edx -jmp near loc_0000ac51 ; jmp 0xac51 +jmp near loc_0000acbf ; jmp 0xacbf -loc_0000aced: ; not directly referenced +loc_0000ad5b: ; not directly referenced cmp dword [ebp + 0x20], 2 -jne loc_0000ae9a ; jne 0xae9a +jne loc_0000af08 ; jne 0xaf08 cmp dword [ebp - 0x5c], 2 -jne loc_0000adba ; jne 0xadba +jne loc_0000ae28 ; jne 0xae28 cmp word [ebp - 0x40], 0 -je loc_0000adba ; je 0xadba +je loc_0000ae28 ; je 0xae28 mov eax, dword [ebp + 0x2c] cmp byte [eax], 0 -je loc_0000adba ; je 0xadba +je loc_0000ae28 ; je 0xae28 mov eax, dword [ebp - 0x4c] and eax, 0x1f cmp eax, 0x1f -jne loc_0000adba ; jne 0xadba +jne loc_0000ae28 ; jne 0xae28 mov eax, dword [ebp - 0x44] mov ecx, dword [ebp - 0x50] and eax, ecx cmp eax, ecx -jne loc_0000adba ; jne 0xadba +jne loc_0000ae28 ; jne 0xae28 push eax mov eax, dword [ebp + 0x34] movzx edx, word [ebp - 0x40] @@ -17745,14 +17788,14 @@ push eax push 0xffffff07 push ecx mov dword [ebp - 0x40], ecx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebp + 0x38] add esp, 0xc mov ecx, dword [ebp - 0x40] push dword [eax] push 0xfffffffffffffffc push ecx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov edx, dword [ebp - 0x44] add esp, 0xc push 0x40a00000 @@ -17760,44 +17803,44 @@ push 0x1c00ffff add edx, 8 push edx mov dword [ebp - 0x40], edx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebp + 0x3c] add esp, 0x10 mov edx, dword [ebp - 0x40] mov al, byte [eax + 0x11] cmp al, 1 -je short loc_0000ada8 ; je 0xada8 +je short loc_0000ae16 ; je 0xae16 cmp al, 2 setne al movzx eax, al lea eax, [eax + eax + 0xd] -jmp short loc_0000adad ; jmp 0xadad +jmp short loc_0000ae1b ; jmp 0xae1b -loc_0000ada8: ; not directly referenced +loc_0000ae16: ; not directly referenced mov eax, 0xe -loc_0000adad: ; not directly referenced +loc_0000ae1b: ; not directly referenced push ecx push eax push 0xffffffffffffffe0 push edx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_0000adba: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ae28: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000addc ; je 0xaddc +je short loc_0000ae4a ; je 0xae4a mov eax, dword [ebp + 0x1c] movzx eax, word [eax] push eax push dword [ebp - 0x3c] -push ref_00022197 ; push 0x22197 +push ref_00022227 ; push 0x22227 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000addc: ; not directly referenced +loc_0000ae4a: ; not directly referenced push eax mov eax, dword [ebp + 0x1c] movzx eax, word [eax] @@ -17805,31 +17848,31 @@ push eax push 0xfffc lea eax, [esi + 0x10] push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 cmp dword [ebp - 0x60], 0 -je short loc_0000ae17 ; je 0xae17 +je short loc_0000ae85 ; je 0xae85 mov eax, dword [ebp + 0x3c] cmp byte [eax + 0x12], 1 -jne short loc_0000ae17 ; jne 0xae17 +jne short loc_0000ae85 ; jne 0xae85 push ecx add esi, 0x28 push ecx push 0x400 push esi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_0000ae17: ; not directly referenced +loc_0000ae85: ; not directly referenced push 0x18 push ebx push dword [ebp - 0x3c] push dword [ebp - 0x54] -call fcn_0000a005 ; call 0xa005 +call fcn_0000a073 ; call 0xa073 add esp, 0x10 movzx ebx, ax test bx, bx -je short loc_0000ae9a ; je 0xae9a +je short loc_0000af08 ; je 0xaf08 mov eax, dword [ebp + 0x24] lea esi, [ebp - 0x2a] add ebx, edi @@ -17842,7 +17885,7 @@ push edx push edx push eax push esi -call fcn_0000a6b5 ; call 0xa6b5 +call fcn_0000a723 ; call 0xa723 movzx eax, word [ebp - 0x2a] add esp, 0xc push eax @@ -17850,7 +17893,7 @@ push 0xe000 lea eax, [ebx + 4] add ebx, 6 push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 mov eax, dword [ebp + 0x3c] mov edx, dword [ebp - 0x40] pop ecx @@ -17860,40 +17903,40 @@ mov word [ebp - 0x2a], dx pop edx push eax push esi -call fcn_0000a6b5 ; call 0xa6b5 +call fcn_0000a723 ; call 0xa723 movzx eax, word [ebp - 0x2a] add esp, 0xc push eax push 0xe000 push ebx -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 -loc_0000ae9a: ; not directly referenced +loc_0000af08: ; not directly referenced sub esp, 0xc lea eax, [edi + 0xb] push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 cmp al, 6 -jne loc_0000af84 ; jne 0xaf84 +jne loc_0000aff2 ; jne 0xaff2 sub esp, 0xc mov bl, 1 lea eax, [edi + 0x19] push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, al -jne short loc_0000af04 ; jne 0xaf04 +jne short loc_0000af72 ; jne 0xaf72 mov eax, dword [ebp + 8] sub esp, 0xc add eax, 0x1a push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov bl, byte [ebp - 0x58] add esp, 0x10 cmp al, bl -jbe loc_0000af9f ; jbe 0xaf9f +jbe loc_0000b00d ; jbe 0xb00d movzx eax, al shl eax, 0x10 or eax, dword [ebp - 0x64] @@ -17902,15 +17945,15 @@ push eax push 0xff000000 lea eax, [edi + 0x18] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov al, bl add esp, 0x10 inc eax xor ebx, ebx -loc_0000af04: ; not directly referenced +loc_0000af72: ; not directly referenced cmp al, byte [ebp - 0x58] -jbe short loc_0000af84 ; jbe 0xaf84 +jbe short loc_0000aff2 ; jbe 0xaff2 movzx esi, al movzx eax, byte [ebp - 0x6c] push ecx @@ -17933,46 +17976,46 @@ push dword [ebp + 0x14] push esi push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_0000a761 ; call 0xa761 +call fcn_0000a7cf ; call 0xa7cf add esp, 0x50 cmp eax, 0x8000000e -jne short loc_0000af6d ; jne 0xaf6d -call fcn_000153e9 ; call 0x153e9 +jne short loc_0000afdb ; jne 0xafdb +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000af6d ; je 0xaf6d +je short loc_0000afdb ; je 0xafdb push edx push esi -push ref_000221c4 ; push 0x221c4 +push ref_00022254 ; push 0x22254 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000af6d: ; not directly referenced +loc_0000afdb: ; not directly referenced test bl, bl -jne short loc_0000af84 ; jne 0xaf84 +jne short loc_0000aff2 ; jne 0xaff2 push eax push eax push 0xff000000 lea eax, [edi + 0x18] push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_0000af84: ; not directly referenced +loc_0000aff2: ; not directly referenced inc byte [ebp - 0x57] mov al, byte [ebp - 0x55] cmp byte [ebp - 0x57], al -jbe loc_0000a808 ; jbe 0xa808 -jmp near loc_0000a7da ; jmp 0xa7da +jbe loc_0000a876 ; jbe 0xa876 +jmp near loc_0000a848 ; jmp 0xa848 -loc_0000af98: ; not directly referenced +loc_0000b006: ; not directly referenced mov eax, 0x8000000e -jmp short loc_0000afa4 ; jmp 0xafa4 +jmp short loc_0000b012 ; jmp 0xb012 -loc_0000af9f: ; not directly referenced +loc_0000b00d: ; not directly referenced mov eax, 0x80000009 -loc_0000afa4: ; not directly referenced +loc_0000b012: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -17980,7 +18023,7 @@ pop edi pop ebp ret -fcn_0000afac: ; not directly referenced +fcn_0000b01a: ; not directly referenced push ebp mov ebp, esp push edi @@ -18000,9 +18043,9 @@ mov edx, dword [ebp + 0x2c] mov dword [ebp - 0x5c], ecx mov dword [ebp - 0x40], eax mov dword [ebp - 0x60], edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov ecx, edi add esp, 0xc movzx ecx, cl @@ -18016,11 +18059,11 @@ mov dword [ebp - 0x48], eax push ecx push edi mov dword [ebp - 0x50], ecx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edi, eax lea eax, [esi + 0xf0] mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ecx, dword [ebp + 0x28] mov edx, dword [ebp + 0x34] mov dword [ebp - 0x24], 0 @@ -18031,16 +18074,16 @@ mov dword [ebp - 0x40], eax mov dword [esp], edi mov dword [ebp - 0x1c], 0 mov byte [ebp - 0x29], 0 -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je loc_0000b26b ; je 0xb26b +je loc_0000b2d9 ; je 0xb2d9 cmp dword [ebp - 0x48], 2 -jne short loc_0000b0a5 ; jne 0xb0a5 +jne short loc_0000b113 ; jne 0xb113 sub esp, 0xc lea eax, [esi + 0x48] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov esi, dword [ebp - 0x40] and esi, 0xffffc000 mov ebx, eax @@ -18049,49 +18092,49 @@ and ebx, 0xfffc pop edx push dword [ebp - 0x3c] push esi -call fcn_0001c307 ; call 0x1c307 +call fcn_0001c3cb ; call 0x1c3cb movzx eax, al lea eax, [ebx + eax*8 + 0x190] mov dword [esp], eax -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 add esp, 0x10 test al, 1 -jne short loc_0000b0a5 ; jne 0xb0a5 +jne short loc_0000b113 ; jne 0xb113 mov eax, dword [ebp + 0x34] mov byte [eax], 1 -loc_0000b0a5: ; not directly referenced +loc_0000b113: ; not directly referenced push 0x10 push dword [ebp - 0x3c] push dword [ebp - 0x50] push dword [ebp - 0x54] -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 add esp, 0x10 movzx eax, al mov dword [ebp - 0x4c], eax test eax, eax -jne short loc_0000b0ee ; jne 0xb0ee -call fcn_000153f0 ; call 0x153f0 +jne short loc_0000b15c ; jne 0xb15c +call fcn_00015480 ; call 0x15480 mov ebx, 0x80000003 test al, al -je loc_0000b26b ; je 0xb26b +je loc_0000b2d9 ; je 0xb2d9 push esi -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x4f7 -push ref_00022076 ; push 0x22076 -call fcn_000153fc ; call 0x153fc -jmp near loc_0000b268 ; jmp 0xb268 +push ref_00022106 ; push 0x22106 +call fcn_0001548c ; call 0x1548c +jmp near loc_0000b2d6 ; jmp 0xb2d6 -loc_0000b0ee: ; not directly referenced +loc_0000b15c: ; not directly referenced mov eax, dword [ebp - 0x4c] sub esp, 0xc lea esi, [eax + edi] lea eax, [esi + 0x24] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e lea eax, [esi + 0xc] mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov ecx, dword [ebp + 0x30] add esp, 0x10 mov edx, dword [ebp + 0x24] @@ -18100,25 +18143,25 @@ and eax, 3 mov word [ecx], ax mov dl, byte [edx + 0x10] cmp dl, 4 -je short loc_0000b134 ; je 0xb134 +je short loc_0000b1a2 ; je 0xb1a2 and eax, edx mov word [ecx], ax mov dword [ebp - 0x40], 1 -jmp short loc_0000b13b ; jmp 0xb13b +jmp short loc_0000b1a9 ; jmp 0xb1a9 -loc_0000b134: ; not directly referenced +loc_0000b1a2: ; not directly referenced mov dword [ebp - 0x40], 0 -loc_0000b13b: ; not directly referenced +loc_0000b1a9: ; not directly referenced sub esp, 0xc lea eax, [edi + 0x19] push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x41], 1 mov bl, al test al, al -jne short loc_0000b17d ; jne 0xb17d +jne short loc_0000b1eb ; jne 0xb1eb mov ebx, dword [ebp - 0x58] movzx edx, byte [ebp - 0x5c] push ecx @@ -18130,58 +18173,58 @@ push eax push 0xff0000ff lea eax, [edi + 0x18] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 mov byte [ebp - 0x41], 0 -loc_0000b17d: ; not directly referenced +loc_0000b1eb: ; not directly referenced sub esp, 0xc add esi, 0x1a push esi xor esi, esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp dword [ebp - 0x48], 2 mov dword [ebp - 0x28], 0 mov word [ebp - 0x58], ax -jne short loc_0000b1fd ; jne 0xb1fd +jne short loc_0000b26b ; jne 0xb26b push 0x1e push dword [ebp - 0x3c] push dword [ebp - 0x50] push dword [ebp - 0x54] -call fcn_0000a005 ; call 0xa005 +call fcn_0000a073 ; call 0xa073 add esp, 0x10 mov esi, eax test ax, ax -je short loc_0000b1fd ; je 0xb1fd +je short loc_0000b26b ; je 0xb26b movzx eax, ax sub esp, 0xc lea edx, [edi + eax + 4] push edx mov dword [ebp - 0x3c], edx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x3c] mov dword [esp], edx movzx eax, ah mov dword [ebp - 0x24], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x3c] mov dword [esp], edx shr eax, 0x10 and eax, 3 mov dword [ebp - 0x1c], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 shr eax, 0x13 and eax, 0x1f mov dword [ebp - 0x20], eax -loc_0000b1fd: ; not directly referenced +loc_0000b26b: ; not directly referenced xor eax, eax test bl, bl -je short loc_0000b250 ; je 0xb250 +je short loc_0000b2be ; je 0xb2be test byte [ebp - 0x58], 0x40 -je short loc_0000b250 ; je 0xb250 +je short loc_0000b2be ; je 0xb2be movzx eax, byte [ebp - 0x60] movzx ecx, si movzx ebx, bl @@ -18210,24 +18253,24 @@ push dword [ebp + 0x14] push ebx push dword [ebp - 0x4c] push edi -call fcn_0000a761 ; call 0xa761 +call fcn_0000a7cf ; call 0xa7cf add esp, 0x50 -loc_0000b250: ; not directly referenced +loc_0000b2be: ; not directly referenced cmp byte [ebp - 0x41], 0 mov ebx, eax -jne short loc_0000b26b ; jne 0xb26b +jne short loc_0000b2d9 ; jne 0xb2d9 push eax add edi, 0x18 push eax push 0xff0000ff push edi -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e -loc_0000b268: ; not directly referenced +loc_0000b2d6: ; not directly referenced add esp, 0x10 -loc_0000b26b: ; not directly referenced +loc_0000b2d9: ; not directly referenced lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -18236,7 +18279,7 @@ pop edi pop ebp ret -fcn_0000b275: ; not directly referenced +fcn_0000b2e3: ; not directly referenced push ebp mov ebp, esp push edi @@ -18262,9 +18305,9 @@ mov ecx, dword [ebp + 0x34] mov dword [ebp - 0x6c], ecx mov ecx, dword [ebp + 0x3c] mov dword [ebp - 0x70], ecx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ebx, eax -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb add esp, 0xc mov dword [ebp - 0x44], eax mov eax, edi @@ -18277,11 +18320,11 @@ mov dword [ebp - 0x60], eax movzx eax, byte [ebp - 0x3c] push eax mov dword [ebp - 0x64], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax lea eax, [ebx + 0xf0] mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [ebp - 0x28], 0 mov dword [ebp - 0x24], 0 mov dword [ebp - 0x20], 0 @@ -18292,96 +18335,96 @@ mov eax, dword [ebp + 0x28] and dword [ebp - 0x48], 0xffffc000 mov byte [eax], 0 mov dword [esp], esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne short loc_0000b34d ; jne 0xb34d -call fcn_000153f0 ; call 0x153f0 +jne short loc_0000b3bb ; jne 0xb3bb +call fcn_00015480 ; call 0x15480 mov ebx, 0x8000000e test al, al -je loc_0000b8fb ; je 0xb8fb +je loc_0000b969 ; je 0xb969 push ecx -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x5ca -jmp short loc_0000b3c7 ; jmp 0xb3c7 +jmp short loc_0000b435 ; jmp 0xb435 -loc_0000b34d: ; not directly referenced +loc_0000b3bb: ; not directly referenced cmp dword [ebp - 0x44], 2 -jne short loc_0000b38f ; jne 0xb38f +jne short loc_0000b3fd ; jne 0xb3fd sub esp, 0xc add ebx, 0x48 push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov ebx, eax pop eax and ebx, 0xfffc pop edx push edi push dword [ebp - 0x48] -call fcn_0001c307 ; call 0x1c307 +call fcn_0001c3cb ; call 0x1c3cb movzx eax, al lea eax, [ebx + eax*8 + 0x190] mov dword [esp], eax -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 add esp, 0x10 test al, 1 -jne short loc_0000b38f ; jne 0xb38f +jne short loc_0000b3fd ; jne 0xb3fd mov byte [ebp - 0x31], 1 -loc_0000b38f: ; not directly referenced +loc_0000b3fd: ; not directly referenced push 0x10 push edi push dword [ebp - 0x60] push dword [ebp - 0x64] -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 add esp, 0x10 movzx eax, al mov dword [ebp - 0x50], eax test eax, eax -jne short loc_0000b3d9 ; jne 0xb3d9 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0000b447 ; jne 0xb447 +call fcn_00015480 ; call 0x15480 mov ebx, 0x80000003 test al, al -je loc_0000b8fb ; je 0xb8fb +je loc_0000b969 ; je 0xb969 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x5dc -loc_0000b3c7: ; not directly referenced -push ref_00022076 ; push 0x22076 -call fcn_000153fc ; call 0x153fc +loc_0000b435: ; not directly referenced +push ref_00022106 ; push 0x22106 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp near loc_0000b8fb ; jmp 0xb8fb +jmp near loc_0000b969 ; jmp 0xb969 -loc_0000b3d9: ; not directly referenced +loc_0000b447: ; not directly referenced mov eax, dword [ebp - 0x50] sub esp, 0xc add eax, esi mov dword [ebp - 0x4c], eax add eax, 0x24 push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test ah, 8 -je short loc_0000b414 ; je 0xb414 +je short loc_0000b482 ; je 0xb482 mov eax, dword [ebp + 0x24] cmp byte [eax + 0x12], 1 -jne short loc_0000b414 ; jne 0xb414 +jne short loc_0000b482 ; jne 0xb482 push eax push eax mov eax, dword [ebp - 0x4c] push 0x400 add eax, 0x28 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_0000b414: ; not directly referenced +loc_0000b482: ; not directly referenced mov eax, dword [ebp - 0x4c] sub esp, 0xc add eax, 0xc push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov ecx, dword [ebp + 0x24] add esp, 0x10 mov dl, byte [ecx + 0x10] @@ -18389,25 +18432,25 @@ shr ax, 0xa and eax, 3 mov word [ebp - 0x2e], ax cmp dl, 4 -je short loc_0000b449 ; je 0xb449 +je short loc_0000b4b7 ; je 0xb4b7 and eax, edx mov ebx, 1 mov word [ebp - 0x2e], ax -jmp short loc_0000b44b ; jmp 0xb44b +jmp short loc_0000b4b9 ; jmp 0xb4b9 -loc_0000b449: ; not directly referenced +loc_0000b4b7: ; not directly referenced xor ebx, ebx -loc_0000b44b: ; not directly referenced +loc_0000b4b9: ; not directly referenced sub esp, 0xc lea eax, [esi + 0x19] push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x51], 1 mov byte [ebp - 0x3c], al test al, al -jne short loc_0000b492 ; jne 0xb492 +jne short loc_0000b500 ; jne 0xb500 movzx edx, byte [ebp - 0x58] push eax movzx eax, byte [ebp - 0x40] @@ -18418,58 +18461,58 @@ push eax push 0xff0000ff lea eax, [esi + 0x18] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov al, byte [ebp - 0x40] add esp, 0x10 mov byte [ebp - 0x51], 0 mov byte [ebp - 0x3c], al -loc_0000b492: ; not directly referenced +loc_0000b500: ; not directly referenced mov eax, dword [ebp - 0x4c] sub esp, 0xc add eax, 0x1a push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp dword [ebp - 0x44], 2 mov dword [ebp - 0x2c], 0 mov word [ebp - 0x40], 0 mov word [ebp - 0x58], ax -jne short loc_0000b510 ; jne 0xb510 +jne short loc_0000b57e ; jne 0xb57e push 0x1e push edi push dword [ebp - 0x60] push dword [ebp - 0x64] -call fcn_0000a005 ; call 0xa005 +call fcn_0000a073 ; call 0xa073 add esp, 0x10 mov word [ebp - 0x40], ax test ax, ax -je short loc_0000b510 ; je 0xb510 +je short loc_0000b57e ; je 0xb57e movzx eax, ax sub esp, 0xc lea edi, [esi + eax + 4] push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], edi movzx eax, ah mov dword [ebp - 0x28], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], edi shr eax, 0x10 and eax, 3 mov dword [ebp - 0x20], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 shr eax, 0x13 and eax, 0x1f mov dword [ebp - 0x24], eax -loc_0000b510: ; not directly referenced +loc_0000b57e: ; not directly referenced xor edi, edi cmp byte [ebp - 0x3c], 0 -je loc_0000b61b ; je 0xb61b +je loc_0000b689 ; je 0xb689 test byte [ebp - 0x58], 0x40 -je loc_0000b61b ; je 0xb61b +je loc_0000b689 ; je 0xb689 movzx eax, byte [ebp - 0x5c] push edi push edi @@ -18500,14 +18543,14 @@ push dword [ebp + 0x14] push eax push dword [ebp - 0x50] push esi -call fcn_0000a761 ; call 0xa761 +call fcn_0000a7cf ; call 0xa7cf add esp, 0x50 mov edi, eax mov eax, dword [ebp + 0x24] cmp byte [eax + 0x12], 1 -jne loc_0000b61b ; jne 0xb61b +jne loc_0000b689 ; jne 0xb689 cmp byte [eax + 0x18], 1 -jne short loc_0000b5a2 ; jne 0xb5a2 +jne short loc_0000b610 ; jne 0xb610 mov ecx, dword [ebp + 0x24] mov eax, dword [ebp - 0x2c] movzx edx, word [ecx + 0x1a] @@ -18519,10 +18562,10 @@ shl edx, 0xa or eax, edx mov dword [ebp - 0x2c], eax -loc_0000b5a2: ; not directly referenced +loc_0000b610: ; not directly referenced mov eax, dword [ebp + 0x24] cmp byte [eax + 0x1c], 1 -jne short loc_0000b5cc ; jne 0xb5cc +jne short loc_0000b63a ; jne 0xb63a mov ecx, dword [ebp + 0x24] movzx eax, word [ebp - 0x2c] movzx edx, byte [ecx + 0x1d] @@ -18534,16 +18577,16 @@ shl edx, 0x10 or eax, edx mov dword [ebp - 0x2c], eax -loc_0000b5cc: ; not directly referenced +loc_0000b63a: ; not directly referenced mov eax, dword [ebp - 0x2c] test eax, eax -je short loc_0000b61b ; je 0xb61b +je short loc_0000b689 ; je 0xb689 push edx push edx push eax lea eax, [esi + 0x400] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov eax, dword [ebp + 0x24] pop ecx mov ecx, dword [ebp + 0x24] @@ -18562,15 +18605,15 @@ cmove eax, edx push eax lea eax, [esi + 0x404] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_0000b61b: ; not directly referenced +loc_0000b689: ; not directly referenced cmp dword [ebp - 0x44], 2 -jne loc_0000b814 ; jne 0xb814 +jne loc_0000b882 ; jne 0xb882 mov eax, dword [ebp + 0x28] cmp byte [eax], 0 -je loc_0000b6cd ; je 0xb6cd +je loc_0000b73b ; je 0xb73b push eax mov eax, dword [ebp - 0x28] movzx edx, word [ebp - 0x40] @@ -18581,7 +18624,7 @@ lea ebx, [edx + 8] push 0xffff00ff push ebx mov dword [ebp - 0x60], edx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebp - 0x24] add esp, 0xc mov edx, dword [ebp - 0x60] @@ -18591,81 +18634,81 @@ add edx, 0xc push eax push 0xffffff04 push edx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x40a00000 push 0x1c00ffff push ebx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 test byte [ebp - 0x2e], 2 -je short loc_0000b6a3 ; je 0xb6a3 +je short loc_0000b711 ; je 0xb711 cmp byte [ebp - 0x31], 0 -je short loc_0000b6a3 ; je 0xb6a3 +je short loc_0000b711 ; je 0xb711 push ecx push ecx push 1 lea eax, [esi + 0x420] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_0000b6a3: ; not directly referenced +loc_0000b711: ; not directly referenced mov eax, dword [ebp + 0x24] mov al, byte [eax + 0x11] cmp al, 1 -je short loc_0000b6bb ; je 0xb6bb +je short loc_0000b729 ; je 0xb729 cmp al, 2 setne al movzx eax, al lea eax, [eax + eax + 0xd] -jmp short loc_0000b6c0 ; jmp 0xb6c0 +jmp short loc_0000b72e ; jmp 0xb72e -loc_0000b6bb: ; not directly referenced +loc_0000b729: ; not directly referenced mov eax, 0xe -loc_0000b6c0: ; not directly referenced +loc_0000b72e: ; not directly referenced push edx push eax push 0xffffffffffffffe0 push ebx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_0000b6cd: ; not directly referenced +loc_0000b73b: ; not directly referenced test byte [ebp - 0x2e], 2 -je loc_0000b814 ; je 0xb814 +je loc_0000b882 ; je 0xb882 cmp byte [ebp - 0x31], 0 -je loc_0000b814 ; je 0xb814 +je loc_0000b882 ; je 0xb882 mov eax, dword [ebp + 0x28] cmp byte [eax], 0 -je short loc_0000b6ff ; je 0xb6ff +je short loc_0000b76d ; je 0xb76d push eax push eax push 0xfffdffff lea eax, [esi + 0x420] push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_0000b6ff: ; not directly referenced +loc_0000b76d: ; not directly referenced push ebx push ebx push 0x20000000 lea eax, [esi + 0x420] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 cmp byte [ebp - 0x68], 0 -je loc_0000b814 ; je 0xb814 +je loc_0000b882 ; je 0xb882 cmp byte [ebp - 0x6c], 0 -je loc_0000b814 ; je 0xb814 +je loc_0000b882 ; je 0xb882 mov edi, dword [ebp - 0x48] push eax push eax push 0 push edi -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f pop edx pop ecx lea edx, [ebp - 0x2f] @@ -18678,40 +18721,40 @@ push eax push 4 push 0xe00000e0 push edi -call fcn_00009e5f ; call 0x9e5f +call fcn_00009ecd ; call 0x9ecd add esp, 0x20 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0000b79b ; je 0xb79b +je short loc_0000b809 ; je 0xb809 test ebx, ebx -jns short loc_0000b79b ; jns 0xb79b -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000b809 ; jns 0xb809 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000b783 ; je 0xb783 +je short loc_0000b7f1 ; je 0xb7f1 push edi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000b783: ; not directly referenced +loc_0000b7f1: ; not directly referenced push ebx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x6b4 -push ref_00022076 ; push 0x22076 -call fcn_000153fc ; call 0x153fc +push ref_00022106 ; push 0x22106 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000b79b: ; not directly referenced +loc_0000b809: ; not directly referenced mov edi, dword [ebp - 0x48] push eax push eax push 0 push edi or dword [ebp - 0x1c], 0x4000 -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f pop edx pop ecx lea edx, [ebp - 0x2f] @@ -18724,35 +18767,35 @@ push eax push 5 push 0xe00000e0 push edi -call fcn_00009e5f ; call 0x9e5f +call fcn_00009ecd ; call 0x9ecd add esp, 0x20 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0000b814 ; je 0xb814 +je short loc_0000b882 ; je 0xb882 test edi, edi -jns short loc_0000b814 ; jns 0xb814 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000b882 ; jns 0xb882 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000b7fc ; je 0xb7fc +je short loc_0000b86a ; je 0xb86a push eax push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000b7fc: ; not directly referenced +loc_0000b86a: ; not directly referenced push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x6be -push ref_00022076 ; push 0x22076 -call fcn_000153fc ; call 0x153fc +push ref_00022106 ; push 0x22106 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000b814: ; not directly referenced +loc_0000b882: ; not directly referenced cmp byte [ebp - 0x70], 1 -jne short loc_0000b834 ; jne 0xb834 +jne short loc_0000b8a2 ; jne 0xb8a2 push eax movzx eax, word [ebp - 0x2e] push eax @@ -18760,25 +18803,25 @@ mov eax, dword [ebp - 0x4c] push 0xfffc add eax, 0x10 push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 -loc_0000b834: ; not directly referenced +loc_0000b8a2: ; not directly referenced cmp byte [ebp - 0x30], 0 -je short loc_0000b851 ; je 0xb851 +je short loc_0000b8bf ; je 0xb8bf push eax push 0x18 push 0xe3 lea eax, [esi + 0xd4] push eax -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a add esp, 0x10 -loc_0000b851: ; not directly referenced +loc_0000b8bf: ; not directly referenced cmp byte [ebp - 0x3c], 0 -je short loc_0000b8a9 ; je 0xb8a9 +je short loc_0000b917 ; je 0xb917 test byte [ebp - 0x58], 0x40 -je short loc_0000b8a9 ; je 0xb8a9 +je short loc_0000b917 ; je 0xb917 movzx eax, byte [ebp - 0x5c] push ebx push ebx @@ -18809,47 +18852,47 @@ push dword [ebp + 0x14] push eax push dword [ebp - 0x50] push esi -call fcn_0000a761 ; call 0xa761 +call fcn_0000a7cf ; call 0xa7cf add esp, 0x50 mov edi, eax -loc_0000b8a9: ; not directly referenced +loc_0000b917: ; not directly referenced cmp byte [ebp - 0x51], 0 -jne short loc_0000b8c2 ; jne 0xb8c2 +jne short loc_0000b930 ; jne 0xb930 push ecx push ecx push 0xff0000ff lea eax, [esi + 0x18] push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_0000b8c2: ; not directly referenced +loc_0000b930: ; not directly referenced mov ebx, edi test edi, edi -js short loc_0000b8fb ; js 0xb8fb +js short loc_0000b969 ; js 0xb969 cmp word [ebp - 0x2e], 3 -jne short loc_0000b8fb ; jne 0xb8fb +jne short loc_0000b969 ; jne 0xb969 cmp dword [ebp - 0x44], 2 lea ebx, [esi + 0xe8] -jne short loc_0000b8ec ; jne 0xb8ec +jne short loc_0000b95a ; jne 0xb95a push edx push 8 push 0xf3 push ebx -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a add esp, 0x10 -loc_0000b8ec: ; not directly referenced +loc_0000b95a: ; not directly referenced push eax push eax push 2 push ebx mov ebx, edi -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_0000b8fb: ; not directly referenced +loc_0000b969: ; not directly referenced lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -18858,7 +18901,7 @@ pop edi pop ebp ret -fcn_0000b905: ; not directly referenced +fcn_0000b973: ; not directly referenced push ebp mov ebp, esp push edi @@ -18881,15 +18924,15 @@ mov dword [ebp - 0x24], edi mov dword [ebp - 0x28], edx mov byte [ebp - 0x1f], bl mov dword [ebp - 0x1c], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edi, eax lea eax, [eax + 0x19] mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x1e], al test al, al -jne short loc_0000b97d ; jne 0xb97d +jne short loc_0000b9eb ; jne 0xb9eb mov eax, esi movzx edx, bl movzx eax, al @@ -18902,106 +18945,106 @@ push eax push 0xff000000 lea eax, [edi + 0x18] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -jmp short loc_0000b995 ; jmp 0xb995 +jmp short loc_0000ba03 ; jmp 0xba03 -loc_0000b97d: ; not directly referenced +loc_0000b9eb: ; not directly referenced sub esp, 0xc lea eax, [edi + 0x1a] push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x1f], al mov al, byte [ebp - 0x1e] mov byte [ebp - 0x1d], al -loc_0000b995: ; not directly referenced +loc_0000ba03: ; not directly referenced push 0x10 push dword [ebp - 0x24] push dword [ebp - 0x28] push dword [ebp - 0x1c] -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 movzx eax, al lea eax, [edi + eax + 2] mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and eax, 0xf0 sar eax, 4 cmp al, 5 -jne short loc_0000b9e7 ; jne 0xb9e7 +jne short loc_0000ba55 ; jne 0xba55 sub esp, 0xc lea eax, [edi + 0xe] push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x7f -je short loc_0000b9e7 ; je 0xb9e7 +je short loc_0000ba55 ; je 0xba55 -loc_0000b9d6: ; not directly referenced +loc_0000ba44: ; not directly referenced mov al, byte [ebp - 0x1d] xor ebx, ebx inc eax movzx eax, al mov dword [ebp - 0x34], eax -jmp near loc_0000baea ; jmp 0xbaea +jmp near loc_0000bb58 ; jmp 0xbb58 -loc_0000b9e7: ; not directly referenced +loc_0000ba55: ; not directly referenced push eax movzx eax, byte [ebp - 0x1d] mov ebx, 0x186a0 push 0 push 0 push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax pop eax pop edx push 0 push esi -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 add esp, 0x10 -loc_0000ba0a: ; not directly referenced +loc_0000ba78: ; not directly referenced sub esp, 0xc push esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne short loc_0000b9d6 ; jne 0xb9d6 +jne short loc_0000ba44 ; jne 0xba44 sub esp, 0xc push 0xa -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 dec ebx -jne short loc_0000ba0a ; jne 0xba0a -jmp near loc_0000bbb8 ; jmp 0xbbb8 +jne short loc_0000ba78 ; jne 0xba78 +jmp near loc_0000bc26 ; jmp 0xbc26 -loc_0000ba2f: ; not directly referenced +loc_0000ba9d: ; not directly referenced push 0 push dword [ebp + 0x1c] push ebx push esi -call fcn_0000a4f1 ; call 0xa4f1 +call fcn_0000a55f ; call 0xa55f add esp, 0x10 cmp byte [ebp - 0x2d], 0 -jne short loc_0000ba5a ; jne 0xba5a +jne short loc_0000bac8 ; jne 0xbac8 sub esp, 0xc push ebx push esi push dword [ebp - 0x24] push dword [ebp - 0x28] push dword [ebp - 0x1c] -call fcn_0000a5d9 ; call 0xa5d9 +call fcn_0000a647 ; call 0xa647 add esp, 0x20 -loc_0000ba5a: ; not directly referenced +loc_0000bac8: ; not directly referenced push 0x10 push 0 push ebx push esi -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 movzx edx, al mov cl, al add edx, dword [ebp - 0x2c] @@ -19009,19 +19052,19 @@ mov dword [ebp - 0x4c], ecx lea eax, [edx + 2] mov dword [ebp - 0x38], edx mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov word [ebp - 0x48], ax mov eax, dword [ebp - 0x2c] add eax, 0xb mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov edx, dword [ebp - 0x38] mov ecx, dword [ebp - 0x4c] cmp al, 6 -je short loc_0000bb10 ; je 0xbb10 +je short loc_0000bb7e ; je 0xbb7e -loc_0000ba9d: ; not directly referenced +loc_0000bb0b: ; not directly referenced push edx push edx push 0 @@ -19030,49 +19073,49 @@ push esi push dword [ebp - 0x24] push dword [ebp - 0x28] push dword [ebp - 0x1c] -call fcn_0000a084 ; call 0xa084 +call fcn_0000a0f2 ; call 0xa0f2 add esp, 0x14 push ebx push esi push dword [ebp - 0x24] push dword [ebp - 0x28] push dword [ebp - 0x1c] -call fcn_0000a1b2 ; call 0xa1b2 +call fcn_0000a220 ; call 0xa220 add esp, 0x1c push dword [ebp - 0x24] push ebx push esi -call fcn_0000a37c ; call 0xa37c +call fcn_0000a3ea ; call 0xa3ea push 1 push dword [ebp + 0x1c] push ebx push esi -call fcn_0000a4f1 ; call 0xa4f1 +call fcn_0000a55f ; call 0xa55f add esp, 0x20 -loc_0000bae0: ; not directly referenced +loc_0000bb4e: ; not directly referenced inc ebx cmp ebx, 0x20 -je loc_0000bb9b ; je 0xbb9b +je loc_0000bc09 ; je 0xbc09 -loc_0000baea: ; not directly referenced +loc_0000bb58: ; not directly referenced movzx esi, byte [ebp - 0x1d] push eax push 0 push ebx push esi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov dword [ebp - 0x2c], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne loc_0000ba2f ; jne 0xba2f -jmp short loc_0000bae0 ; jmp 0xbae0 +jne loc_0000ba9d ; jne 0xba9d +jmp short loc_0000bb4e ; jmp 0xbb4e -loc_0000bb10: ; not directly referenced +loc_0000bb7e: ; not directly referenced test cl, cl -je short loc_0000ba9d ; je 0xba9d +je short loc_0000bb0b ; je 0xbb0b mov ecx, dword [ebp - 0x48] sub esp, 0xc add edx, 0x1a @@ -19080,20 +19123,20 @@ push edx and ecx, 0xf0 sar ecx, 4 mov dword [ebp - 0x2c], ecx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov ecx, dword [ebp - 0x2c] add esp, 0x10 cmp cl, 5 -je short loc_0000bb4b ; je 0xbb4b +je short loc_0000bbb9 ; je 0xbbb9 cmp cl, 6 -jne loc_0000ba9d ; jne 0xba9d +jne loc_0000bb0b ; jne 0xbb0b test al, 0x40 -je loc_0000ba9d ; je 0xba9d +je loc_0000bb0b ; je 0xbb0b -loc_0000bb4b: ; not directly referenced +loc_0000bbb9: ; not directly referenced mov al, byte [ebp - 0x1d] cmp byte [ebp - 0x1f], al -jbe short loc_0000bb71 ; jbe 0xbb71 +jbe short loc_0000bbdf ; jbe 0xbbdf push eax push eax movzx eax, byte [ebp - 0x1f] @@ -19103,50 +19146,50 @@ push dword [ebp - 0x34] push 0 push ebx push esi -call fcn_0000b905 ; call 0xb905 +call fcn_0000b973 ; call 0xb973 add esp, 0x20 -jmp near loc_0000ba9d ; jmp 0xba9d +jmp near loc_0000bb0b ; jmp 0xbb0b -loc_0000bb71: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0000bbdf: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je loc_0000ba9d ; je 0xba9d +je loc_0000bb0b ; je 0xbb0b push ecx -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x7aa -push ref_00022076 ; push 0x22076 -call fcn_000153fc ; call 0x153fc +push ref_00022106 ; push 0x22106 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp near loc_0000ba9d ; jmp 0xba9d +jmp near loc_0000bb0b ; jmp 0xbb0b -loc_0000bb9b: ; not directly referenced +loc_0000bc09: ; not directly referenced xor bl, bl cmp byte [ebp - 0x1e], 0 -jne short loc_0000bbd6 ; jne 0xbbd6 +jne short loc_0000bc44 ; jne 0xbc44 push eax push eax push 0xff000000 lea eax, [edi + 0x18] push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -jmp short loc_0000bbd6 ; jmp 0xbbd6 +jmp short loc_0000bc44 ; jmp 0xbc44 -loc_0000bbb8: ; not directly referenced +loc_0000bc26: ; not directly referenced cmp byte [ebp - 0x1e], 0 -jne short loc_0000bbd1 ; jne 0xbbd1 +jne short loc_0000bc3f ; jne 0xbc3f push eax push eax push 0xff000000 lea eax, [edi + 0x18] push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_0000bbd1: ; not directly referenced +loc_0000bc3f: ; not directly referenced mov ebx, 0x8000000e -loc_0000bbd6: ; not directly referenced +loc_0000bc44: ; not directly referenced lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -19155,7 +19198,7 @@ pop edi pop ebp ret -fcn_0000bbe0: ; not directly referenced +fcn_0000bc4e: ; not directly referenced push ebp mov ebp, esp push edi @@ -19172,45 +19215,45 @@ push edi push esi push ebx mov dword [ebp - 0x34], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [ebp - 0x2c], eax add eax, 0x5a mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov edx, 0x8000000e test al, 0x40 -je loc_0000bcc0 ; je 0xbcc0 +je loc_0000bd2e ; je 0xbd2e push 0x10 push edi push esi push ebx -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 add esp, 0x10 test al, al -jne short loc_0000bc66 ; jne 0xbc66 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0000bcd4 ; jne 0xbcd4 +call fcn_00015480 ; call 0x15480 mov edx, 0x80000003 test al, al -je short loc_0000bcc0 ; je 0xbcc0 +je short loc_0000bd2e ; je 0xbd2e push ecx -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x81d -push ref_00022076 ; push 0x22076 +push ref_00022106 ; push 0x22106 mov dword [ebp - 0x2c], edx -call fcn_000153fc ; call 0x153fc +call fcn_0001548c ; call 0x1548c add esp, 0x10 mov edx, dword [ebp - 0x2c] -jmp short loc_0000bcc0 ; jmp 0xbcc0 +jmp short loc_0000bd2e ; jmp 0xbd2e -loc_0000bc66: ; not directly referenced +loc_0000bcd4: ; not directly referenced movzx eax, al sub esp, 0xc add eax, dword [ebp - 0x2c] mov dword [ebp - 0x2c], eax add eax, 4 push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 and eax, 7 mov word [ebp - 0x1a], ax pop eax @@ -19224,7 +19267,7 @@ push eax push edi push esi push ebx -call fcn_0000b905 ; call 0xb905 +call fcn_0000b973 ; call 0xb973 mov cx, word [ebp - 0x1a] add esp, 0x1c shl ecx, 5 @@ -19235,11 +19278,11 @@ push ecx push 0xff1f add eax, 8 push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 mov edx, ebx -loc_0000bcc0: ; not directly referenced +loc_0000bd2e: ; not directly referenced lea esp, [ebp - 0xc] mov eax, edx pop ebx @@ -19248,100 +19291,100 @@ pop edi pop ebp ret -fcn_0000bcca: ; not directly referenced +fcn_0000bd38: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000bcec ; je 0xbcec +je short loc_0000bd5a ; je 0xbd5a push ebx push ebx -push ref_00022203 ; push 0x22203 +push ref_00022293 ; push 0x22293 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000bcec: ; not directly referenced +loc_0000bd5a: ; not directly referenced push ecx push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xf0 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov ebx, eax and ebx, 0xffffc000 cmp dword [ebp + 8], 1 -je short loc_0000bd53 ; je 0xbd53 -jb short loc_0000bd22 ; jb 0xbd22 +je short loc_0000bdc1 ; je 0xbdc1 +jb short loc_0000bd90 ; jb 0xbd90 cmp dword [ebp + 8], 2 -jne short loc_0000bd88 ; jne 0xbd88 +jne short loc_0000bdf6 ; jne 0xbdf6 push edx push edx -jmp short loc_0000bd77 ; jmp 0xbd77 +jmp short loc_0000bde5 ; jmp 0xbde5 -loc_0000bd22: ; not directly referenced +loc_0000bd90: ; not directly referenced sub esp, 0xc lea eax, [ebx + 0x38f4] push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 1 -jne short loc_0000bd3f ; jne 0xbd3f +jne short loc_0000bdad ; jne 0xbdad mov word [esi], 0 -jmp short loc_0000bda2 ; jmp 0xbda2 +jmp short loc_0000be10 ; jmp 0xbe10 -loc_0000bd3f: ; not directly referenced +loc_0000bdad: ; not directly referenced sub esp, 0xc add ebx, 0x38f8 push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov word [esi], ax -jmp short loc_0000bd85 ; jmp 0xbd85 +jmp short loc_0000bdf3 ; jmp 0xbdf3 -loc_0000bd53: ; not directly referenced +loc_0000bdc1: ; not directly referenced push ecx push ecx movzx eax, word [esi] push eax lea eax, [ebx + 0x38f8] push eax -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 pop esi pop eax lea eax, [ebx + 0x38f4] push 1 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 pop eax pop edx -loc_0000bd77: ; not directly referenced +loc_0000bde5: ; not directly referenced push 1 add ebx, 0x38f0 push ebx -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 -loc_0000bd85: ; not directly referenced +loc_0000bdf3: ; not directly referenced add esp, 0x10 -loc_0000bd88: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000bdf6: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000bda2 ; je 0xbda2 +je short loc_0000be10 ; je 0xbe10 push eax push eax -push ref_0002221d ; push 0x2221d +push ref_000222ad ; push 0x222ad push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000bda2: ; not directly referenced +loc_0000be10: ; not directly referenced lea esp, [ebp - 8] xor eax, eax pop ebx @@ -19349,7 +19392,7 @@ pop esi pop ebp ret -fcn_0000bdab: ; not directly referenced +fcn_0000be19: ; not directly referenced push ebp mov ebp, esp push ebx @@ -19358,258 +19401,258 @@ mov eax, dword [ebp + 8] push dword [ebp + 0xc] lea ebx, [eax + 0x3418] push ebx -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 mov dword [ebp + 8], ebx mov ebx, dword [ebp - 4] leave -jmp near fcn_00017d8a ; jmp 0x17d8a +jmp near fcn_00017e4e ; jmp 0x17e4e -fcn_0000bdd3: ; not directly referenced +fcn_0000be41: ; not directly referenced push ebp mov ebp, esp push edi push esi push ebx sub esp, 0x1c -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000bdf9 ; je 0xbdf9 +je short loc_0000be67 ; je 0xbe67 push eax push eax -push ref_00022235 ; push 0x22235 +push ref_000222c5 ; push 0x222c5 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000bdf9: ; not directly referenced +loc_0000be67: ; not directly referenced lea eax, [ebp - 0x1c] push eax push 0 push 0 -push ref_0002906c ; push 0x2906c -call fcn_00019699 ; call 0x19699 +push ref_0002911c ; push 0x2911c +call fcn_0001975d ; call 0x1975d add esp, 0x10 test eax, eax -jne short loc_0000be7c ; jne 0xbe7c +jne short loc_0000beea ; jne 0xbeea mov edx, dword [ebp - 0x1c] xor ebx, ebx xor esi, esi -loc_0000be19: ; not directly referenced +loc_0000be87: ; not directly referenced lea eax, [ebx + 0x18] cmp word [edx + eax - 0x16], 0 -je short loc_0000be29 ; je 0xbe29 +je short loc_0000be97 ; je 0xbe97 inc esi mov ebx, eax -jmp short loc_0000be19 ; jmp 0xbe19 +jmp short loc_0000be87 ; jmp 0xbe87 -loc_0000be29: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000be97: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000be43 ; je 0xbe43 +je short loc_0000beb1 ; je 0xbeb1 push eax push esi -push ref_00022253 ; push 0x22253 +push ref_000222e3 ; push 0x222e3 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000be43: ; not directly referenced +loc_0000beb1: ; not directly referenced push eax push ebx push dword [ebp - 0x1c] -push ref_00028f48 ; push 0x28f48 -call fcn_000192a8 ; call 0x192a8 +push ref_00028ff8 ; push 0x28ff8 +call fcn_0001936c ; call 0x1936c mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000be7c ; je 0xbe7c +je short loc_0000beea ; je 0xbeea test ebx, ebx -jne short loc_0000be7c ; jne 0xbe7c +jne short loc_0000beea ; jne 0xbeea push eax -push ref_00022284 ; push 0x22284 +push ref_00022314 ; push 0x22314 push 0x8f5 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000be7c: ; not directly referenced +loc_0000beea: ; not directly referenced xor ebx, ebx -loc_0000be7e: ; not directly referenced +loc_0000beec: ; not directly referenced lea eax, [ebp - 0x20] push eax push 0 push ebx -push ref_0002912c ; push 0x2912c -call fcn_00019699 ; call 0x19699 +push ref_000291dc ; push 0x291dc +call fcn_0001975d ; call 0x1975d add esp, 0x10 test eax, eax -je short loc_0000bec8 ; je 0xbec8 -call fcn_000153f0 ; call 0x153f0 +je short loc_0000bf36 ; je 0xbf36 +call fcn_00015480 ; call 0x15480 test al, al -je loc_0000c033 ; je 0xc033 +je loc_0000c0a1 ; je 0xc0a1 test ebx, ebx -jne loc_0000c033 ; jne 0xc033 +jne loc_0000c0a1 ; jne 0xc0a1 push eax -push ref_000222ba ; push 0x222ba +push ref_0002234a ; push 0x2234a push 0x908 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp near loc_0000c033 ; jmp 0xc033 +jmp near loc_0000c0a1 ; jmp 0xc0a1 -loc_0000bec8: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000bf36: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000bee9 ; je 0xbee9 +je short loc_0000bf57 ; je 0xbf57 mov eax, dword [ebp - 0x20] push edi movzx eax, byte [eax + 1] push eax -push ref_000222c5 ; push 0x222c5 +push ref_00022355 ; push 0x22355 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000bee9: ; not directly referenced +loc_0000bf57: ; not directly referenced push esi push 0x5ac push dword [ebp - 0x20] -push ref_00028f58 ; push 0x28f58 -call fcn_000192a8 ; call 0x192a8 +push ref_00029008 ; push 0x29008 +call fcn_0001936c ; call 0x1936c mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000bf26 ; je 0xbf26 +je short loc_0000bf94 ; je 0xbf94 test esi, esi -jne short loc_0000bf26 ; jne 0xbf26 +jne short loc_0000bf94 ; jne 0xbf94 push ecx -push ref_00022284 ; push 0x22284 +push ref_00022314 ; push 0x22314 push 0x90e -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000bf26: ; not directly referenced +loc_0000bf94: ; not directly referenced push eax mov eax, dword [ebp - 0x20] push 0 push 0x1f movzx eax, byte [eax + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xf0 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov esi, eax and esi, 0xffffc000 lea eax, [esi + 0x3418] mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [ebp - 0x24], eax pop eax pop edx lea eax, [ebp - 0x24] push eax push dword [ebp - 0x20] -call fcn_000121ef ; call 0x121ef +call fcn_0001227f ; call 0x1227f mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000bfb3 ; je 0xbfb3 +je short loc_0000c021 ; je 0xc021 test edi, edi -jns short loc_0000bfb3 ; jns 0xbfb3 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000c021 ; jns 0xc021 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000bf9b ; je 0xbf9b +je short loc_0000c009 ; je 0xc009 push eax push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000bf9b: ; not directly referenced +loc_0000c009: ; not directly referenced push edi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x91d -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000bfb3: ; not directly referenced +loc_0000c021: ; not directly referenced mov eax, dword [ebp - 0x20] cmp byte [eax + 0x370], 0 -je short loc_0000c00b ; je 0xc00b +je short loc_0000c079 ; je 0xc079 push edx push edx push 0 push eax -call fcn_00012d98 ; call 0x12d98 +call fcn_00012e28 ; call 0x12e28 pop ecx push dword [ebp - 0x20] -call fcn_00012e22 ; call 0x12e22 +call fcn_00012eb2 ; call 0x12eb2 add esp, 0x10 test eax, eax -jns short loc_0000c01f ; jns 0xc01f +jns short loc_0000c08d ; jns 0xc08d mov eax, dword [ebp - 0x20] cmp byte [eax + 0x370], 2 -jne short loc_0000c01f ; jne 0xc01f -call fcn_000153e9 ; call 0x153e9 +jne short loc_0000c08d ; jne 0xc08d +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000bfff ; je 0xbfff +je short loc_0000c06d ; je 0xc06d push eax push eax -push ref_000222fa ; push 0x222fa +push ref_0002238a ; push 0x2238a push 2 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000bfff: ; not directly referenced +loc_0000c06d: ; not directly referenced push edi push edi push 0xc0 push dword [ebp - 0x20] -jmp short loc_0000c013 ; jmp 0xc013 +jmp short loc_0000c081 ; jmp 0xc081 -loc_0000c00b: ; not directly referenced +loc_0000c079: ; not directly referenced push ecx push ecx push 0xc0 push eax -loc_0000c013: ; not directly referenced -call fcn_00012d98 ; call 0x12d98 +loc_0000c081: ; not directly referenced +call fcn_00012e28 ; call 0x12e28 add esp, 0x10 or dword [ebp - 0x24], 0x10 -loc_0000c01f: ; not directly referenced +loc_0000c08d: ; not directly referenced push edx inc ebx push edx push dword [ebp - 0x24] push esi -call fcn_0000bdab ; call 0xbdab +call fcn_0000be19 ; call 0xbe19 add esp, 0x10 -jmp near loc_0000be7e ; jmp 0xbe7e +jmp near loc_0000beec ; jmp 0xbeec -loc_0000c033: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000c0a1: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000c050 ; je 0xc050 +je short loc_0000c0be ; je 0xc0be push eax push eax -push ref_0002232e ; push 0x2232e +push ref_000223be ; push 0x223be push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000c050: ; not directly referenced +loc_0000c0be: ; not directly referenced lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -19618,7 +19661,7 @@ pop edi pop ebp ret -fcn_0000c05a: +fcn_0000c0c8: push ebp mov ebp, esp push edi @@ -19627,25 +19670,25 @@ push ebx sub esp, 0x2c mov eax, dword [ebp + 0x18] mov dword [ebp - 0x28], eax -call fcn_0001bb39 ; call 0x1bb39 +call fcn_0001bbfd ; call 0x1bbfd sub esp, 0xc mov edi, eax mov dword [ebp - 0x20], eax mov eax, dword [ebp + 0x10] add eax, 0x410 push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x19], al mov eax, edi dec eax mov dword [ebp - 0x24], eax cmp eax, 0xf -ja short loc_0000c0ba ; ja 0xc0ba +ja short loc_0000c128 ; ja 0xc128 mov cl, byte [ebp - 0x24] mov eax, 1 xor esi, esi -mov edx, ref_0002788c ; mov edx, 0x2788c +mov edx, ref_0002793c ; mov edx, 0x2793c shl eax, cl and eax, 0x8007 cmovne esi, edx @@ -19653,95 +19696,95 @@ cmp eax, 1 sbb ebx, ebx not ebx and ebx, 0x49 -jmp short loc_0000c0be ; jmp 0xc0be +jmp short loc_0000c12c ; jmp 0xc12c -loc_0000c0ba: +loc_0000c128: xor esi, esi xor ebx, ebx -loc_0000c0be: +loc_0000c12c: add esi, 8 mov word [ebp - 0x2c], 0 -loc_0000c0c7: +loc_0000c135: cmp word [ebp - 0x2c], bx -je short loc_0000c12d ; je 0xc12d +je short loc_0000c19b ; je 0xc19b push dword [esi] push dword [esi - 4] push dword [esi - 8] push dword [ebp + 0x14] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000c124 ; je 0xc124 +je short loc_0000c192 ; je 0xc192 test edi, edi -jns short loc_0000c124 ; jns 0xc124 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000c192 ; jns 0xc192 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000c10c ; je 0xc10c +je short loc_0000c17a ; je 0xc17a push eax push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000c10c: +loc_0000c17a: push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x147 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000c124: +loc_0000c192: inc word [ebp - 0x2c] add esi, 0xc -jmp short loc_0000c0c7 ; jmp 0xc0c7 +jmp short loc_0000c135 ; jmp 0xc135 -loc_0000c12d: +loc_0000c19b: mov eax, dword [ebp - 0x20] cmp eax, 0x22 -ja short loc_0000c14b ; ja 0xc14b +ja short loc_0000c1b9 ; ja 0xc1b9 cmp eax, 0x20 -jae short loc_0000c158 ; jae 0xc158 +jae short loc_0000c1c6 ; jae 0xc1c6 cmp eax, 1 -jb short loc_0000c170 ; jb 0xc170 +jb short loc_0000c1de ; jb 0xc1de cmp eax, 3 -jbe short loc_0000c164 ; jbe 0xc164 +jbe short loc_0000c1d2 ; jbe 0xc1d2 cmp eax, 0x10 -je short loc_0000c164 ; je 0xc164 -jmp short loc_0000c170 ; jmp 0xc170 +je short loc_0000c1d2 ; je 0xc1d2 +jmp short loc_0000c1de ; jmp 0xc1de -loc_0000c14b: +loc_0000c1b9: mov eax, dword [ebp - 0x20] sub eax, 0x41 cmp eax, 2 -jbe short loc_0000c176 ; jbe 0xc176 -jmp short loc_0000c170 ; jmp 0xc170 +jbe short loc_0000c1e4 ; jbe 0xc1e4 +jmp short loc_0000c1de ; jmp 0xc1de -loc_0000c158: -mov edx, ref_00028064 ; mov edx, 0x28064 +loc_0000c1c6: +mov edx, ref_00028114 ; mov edx, 0x28114 mov eax, 0x49 -jmp short loc_0000c180 ; jmp 0xc180 +jmp short loc_0000c1ee ; jmp 0xc1ee -loc_0000c164: -mov edx, ref_00027bf8 ; mov edx, 0x27bf8 +loc_0000c1d2: +mov edx, ref_00027ca8 ; mov edx, 0x27ca8 mov eax, 0x24 -jmp short loc_0000c180 ; jmp 0xc180 +jmp short loc_0000c1ee ; jmp 0xc1ee -loc_0000c170: +loc_0000c1de: xor edx, edx xor eax, eax -jmp short loc_0000c180 ; jmp 0xc180 +jmp short loc_0000c1ee ; jmp 0xc1ee -loc_0000c176: -mov edx, ref_000287e8 ; mov edx, 0x287e8 +loc_0000c1e4: +mov edx, ref_00028898 ; mov edx, 0x28898 mov eax, 0x4d -loc_0000c180: +loc_0000c1ee: imul eax, eax, 0xc mov esi, edx add eax, edx @@ -19752,118 +19795,118 @@ and eax, 0x10 and ebx, 0x20 mov byte [ebp - 0x2c], al -loc_0000c198: +loc_0000c206: cmp esi, dword [ebp - 0x30] -je loc_0000c25c ; je 0xc25c +je loc_0000c2ca ; je 0xc2ca cmp dword [ebp + 0xc], 2 -jne short loc_0000c1d8 ; jne 0xc1d8 +jne short loc_0000c246 ; jne 0xc246 mov eax, dword [esi] and eax, 0xfe00 cmp eax, 0x2000 -je short loc_0000c1ec ; je 0xc1ec +je short loc_0000c25a ; je 0xc25a cmp eax, 0x2200 -je short loc_0000c1f9 ; je 0xc1f9 +je short loc_0000c267 ; je 0xc267 cmp eax, 0x2400 -jne short loc_0000c1c9 ; jne 0xc1c9 +jne short loc_0000c237 ; jne 0xc237 test byte [ebp - 0x19], 0x40 -jmp short loc_0000c1fb ; jmp 0xc1fb +jmp short loc_0000c269 ; jmp 0xc269 -loc_0000c1c9: +loc_0000c237: cmp eax, 0x2600 -jne short loc_0000c1fd ; jne 0xc1fd +jne short loc_0000c26b ; jne 0xc26b cmp byte [ebp - 0x19], 0 -jns short loc_0000c1fd ; jns 0xc1fd -jmp short loc_0000c254 ; jmp 0xc254 +jns short loc_0000c26b ; jns 0xc26b +jmp short loc_0000c2c2 ; jmp 0xc2c2 -loc_0000c1d8: +loc_0000c246: cmp dword [ebp + 0xc], 1 -jne short loc_0000c1fd ; jne 0xc1fd +jne short loc_0000c26b ; jne 0xc26b mov eax, dword [esi] and eax, 0xfe00 cmp eax, 0x2000 -jne short loc_0000c1f2 ; jne 0xc1f2 +jne short loc_0000c260 ; jne 0xc260 -loc_0000c1ec: +loc_0000c25a: cmp byte [ebp - 0x2c], 0 -jmp short loc_0000c1fb ; jmp 0xc1fb +jmp short loc_0000c269 ; jmp 0xc269 -loc_0000c1f2: +loc_0000c260: cmp eax, 0x2200 -jne short loc_0000c1fd ; jne 0xc1fd +jne short loc_0000c26b ; jne 0xc26b -loc_0000c1f9: +loc_0000c267: test bl, bl -loc_0000c1fb: -jne short loc_0000c254 ; jne 0xc254 +loc_0000c269: +jne short loc_0000c2c2 ; jne 0xc2c2 -loc_0000c1fd: +loc_0000c26b: push dword [esi + 8] push dword [esi + 4] push dword [esi] push dword [ebp + 0x14] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000c254 ; je 0xc254 +je short loc_0000c2c2 ; je 0xc2c2 test edi, edi -jns short loc_0000c254 ; jns 0xc254 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000c2c2 ; jns 0xc2c2 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000c23c ; je 0xc23c +je short loc_0000c2aa ; je 0xc2aa push edx push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000c23c: +loc_0000c2aa: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x178 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000c254: +loc_0000c2c2: add esi, 0xc -jmp near loc_0000c198 ; jmp 0xc198 +jmp near loc_0000c206 ; jmp 0xc206 -loc_0000c25c: +loc_0000c2ca: mov ecx, dword [ebp - 0x28] mov eax, ecx and eax, 0xfffffffb cmp ax, 0x8c4b -je short loc_0000c2a4 ; je 0xc2a4 +je short loc_0000c312 ; je 0xc312 mov eax, ecx and eax, 0xfffffff7 cmp ax, 0x8c41 -je short loc_0000c2a4 ; je 0xc2a4 +je short loc_0000c312 ; je 0xc312 mov eax, ecx add ax, 0x63bf cmp ax, 6 -jbe short loc_0000c2a4 ; jbe 0xc2a4 +jbe short loc_0000c312 ; jbe 0xc312 cmp word [ebp - 0x28], 0x8cc5 -je short loc_0000c2a4 ; je 0xc2a4 +je short loc_0000c312 ; je 0xc312 mov eax, ecx and eax, 0xfffffffd cmp ax, 0x8cc1 -je short loc_0000c2a4 ; je 0xc2a4 +je short loc_0000c312 ; je 0xc312 mov eax, ecx add ax, 0x633f cmp ax, 0xa -ja loc_0000c471 ; ja 0xc471 +ja loc_0000c4df ; ja 0xc4df -loc_0000c2a4: +loc_0000c312: cmp dword [ebp - 0x24], 0xf -ja short loc_0000c2cf ; ja 0xc2cf +ja short loc_0000c33d ; ja 0xc33d mov cl, byte [ebp - 0x24] mov eax, 1 xor esi, esi -mov edx, ref_00027544 ; mov edx, 0x27544 +mov edx, ref_000275f4 ; mov edx, 0x275f4 shl eax, cl and eax, 0x8007 cmovne esi, edx @@ -19871,95 +19914,95 @@ cmp eax, 1 sbb ebx, ebx not ebx and ebx, 4 -jmp short loc_0000c2d3 ; jmp 0xc2d3 +jmp short loc_0000c341 ; jmp 0xc341 -loc_0000c2cf: +loc_0000c33d: xor esi, esi xor ebx, ebx -loc_0000c2d3: +loc_0000c341: add esi, 8 mov word [ebp - 0x28], 0 -loc_0000c2dc: +loc_0000c34a: cmp word [ebp - 0x28], bx -je short loc_0000c342 ; je 0xc342 +je short loc_0000c3b0 ; je 0xc3b0 push dword [esi] push dword [esi - 4] push dword [esi - 8] push dword [ebp + 0x14] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000c339 ; je 0xc339 +je short loc_0000c3a7 ; je 0xc3a7 test edi, edi -jns short loc_0000c339 ; jns 0xc339 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000c3a7 ; jns 0xc3a7 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000c321 ; je 0xc321 +je short loc_0000c38f ; je 0xc38f push eax push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000c321: +loc_0000c38f: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x19b -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000c339: +loc_0000c3a7: inc word [ebp - 0x28] add esi, 0xc -jmp short loc_0000c2dc ; jmp 0xc2dc +jmp short loc_0000c34a ; jmp 0xc34a -loc_0000c342: +loc_0000c3b0: mov eax, dword [ebp - 0x20] cmp eax, 0x22 -ja short loc_0000c360 ; ja 0xc360 +ja short loc_0000c3ce ; ja 0xc3ce cmp eax, 0x20 -jae short loc_0000c36d ; jae 0xc36d +jae short loc_0000c3db ; jae 0xc3db cmp eax, 1 -jb short loc_0000c385 ; jb 0xc385 +jb short loc_0000c3f3 ; jb 0xc3f3 cmp eax, 3 -jbe short loc_0000c379 ; jbe 0xc379 +jbe short loc_0000c3e7 ; jbe 0xc3e7 cmp eax, 0x10 -je short loc_0000c379 ; je 0xc379 -jmp short loc_0000c385 ; jmp 0xc385 +je short loc_0000c3e7 ; je 0xc3e7 +jmp short loc_0000c3f3 ; jmp 0xc3f3 -loc_0000c360: +loc_0000c3ce: mov eax, dword [ebp - 0x20] sub eax, 0x41 cmp eax, 2 -jbe short loc_0000c38b ; jbe 0xc38b -jmp short loc_0000c385 ; jmp 0xc385 +jbe short loc_0000c3f9 ; jbe 0xc3f9 +jmp short loc_0000c3f3 ; jmp 0xc3f3 -loc_0000c36d: -mov edx, ref_00027fec ; mov edx, 0x27fec +loc_0000c3db: +mov edx, ref_0002809c ; mov edx, 0x2809c mov eax, 4 -jmp short loc_0000c395 ; jmp 0xc395 +jmp short loc_0000c403 ; jmp 0xc403 -loc_0000c379: -mov edx, ref_00027574 ; mov edx, 0x27574 +loc_0000c3e7: +mov edx, ref_00027624 ; mov edx, 0x27624 mov eax, 2 -jmp short loc_0000c395 ; jmp 0xc395 +jmp short loc_0000c403 ; jmp 0xc403 -loc_0000c385: +loc_0000c3f3: xor edx, edx xor eax, eax -jmp short loc_0000c395 ; jmp 0xc395 +jmp short loc_0000c403 ; jmp 0xc403 -loc_0000c38b: -mov edx, ref_000287e8 ; mov edx, 0x287e8 +loc_0000c3f9: +mov edx, ref_00028898 ; mov edx, 0x28898 mov eax, 0x4d -loc_0000c395: +loc_0000c403: imul eax, eax, 0xc mov esi, edx add eax, edx @@ -19970,93 +20013,93 @@ and eax, 0x10 and ebx, 0x20 mov byte [ebp - 0x28], al -loc_0000c3ad: +loc_0000c41b: cmp esi, dword [ebp - 0x2c] -je loc_0000c4fb ; je 0xc4fb +je loc_0000c569 ; je 0xc569 cmp dword [ebp + 0xc], 2 -jne short loc_0000c3ed ; jne 0xc3ed +jne short loc_0000c45b ; jne 0xc45b mov eax, dword [esi] and eax, 0xfe00 cmp eax, 0x2000 -je short loc_0000c401 ; je 0xc401 +je short loc_0000c46f ; je 0xc46f cmp eax, 0x2200 -je short loc_0000c40e ; je 0xc40e +je short loc_0000c47c ; je 0xc47c cmp eax, 0x2400 -jne short loc_0000c3de ; jne 0xc3de +jne short loc_0000c44c ; jne 0xc44c test byte [ebp - 0x19], 0x40 -jmp short loc_0000c410 ; jmp 0xc410 +jmp short loc_0000c47e ; jmp 0xc47e -loc_0000c3de: +loc_0000c44c: cmp eax, 0x2600 -jne short loc_0000c412 ; jne 0xc412 +jne short loc_0000c480 ; jne 0xc480 cmp byte [ebp - 0x19], 0 -jns short loc_0000c412 ; jns 0xc412 -jmp short loc_0000c469 ; jmp 0xc469 +jns short loc_0000c480 ; jns 0xc480 +jmp short loc_0000c4d7 ; jmp 0xc4d7 -loc_0000c3ed: +loc_0000c45b: cmp dword [ebp + 0xc], 1 -jne short loc_0000c412 ; jne 0xc412 +jne short loc_0000c480 ; jne 0xc480 mov eax, dword [esi] and eax, 0xfe00 cmp eax, 0x2000 -jne short loc_0000c407 ; jne 0xc407 +jne short loc_0000c475 ; jne 0xc475 -loc_0000c401: +loc_0000c46f: cmp byte [ebp - 0x28], 0 -jmp short loc_0000c410 ; jmp 0xc410 +jmp short loc_0000c47e ; jmp 0xc47e -loc_0000c407: +loc_0000c475: cmp eax, 0x2200 -jne short loc_0000c412 ; jne 0xc412 +jne short loc_0000c480 ; jne 0xc480 -loc_0000c40e: +loc_0000c47c: test bl, bl -loc_0000c410: -jne short loc_0000c469 ; jne 0xc469 +loc_0000c47e: +jne short loc_0000c4d7 ; jne 0xc4d7 -loc_0000c412: +loc_0000c480: push dword [esi + 8] push dword [esi + 4] push dword [esi] push dword [ebp + 0x14] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000c469 ; je 0xc469 +je short loc_0000c4d7 ; je 0xc4d7 test edi, edi -jns short loc_0000c469 ; jns 0xc469 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000c4d7 ; jns 0xc4d7 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000c451 ; je 0xc451 +je short loc_0000c4bf ; je 0xc4bf push eax push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000c451: +loc_0000c4bf: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x1cc -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000c469: +loc_0000c4d7: add esi, 0xc -jmp near loc_0000c3ad ; jmp 0xc3ad +jmp near loc_0000c41b ; jmp 0xc41b -loc_0000c471: +loc_0000c4df: cmp dword [ebp - 0x24], 0xf -ja loc_0000c52d ; ja 0xc52d +ja loc_0000c59b ; ja 0xc59b mov cl, byte [ebp - 0x24] mov eax, 1 xor esi, esi -mov edx, ref_000274fc ; mov edx, 0x274fc +mov edx, ref_000275ac ; mov edx, 0x275ac shl eax, cl and eax, 0x8007 cmovne esi, edx @@ -20065,24 +20108,24 @@ sbb ebx, ebx not ebx and ebx, 4 -loc_0000c49e: +loc_0000c50c: add esi, 8 mov word [ebp - 0x28], 0 -loc_0000c4a7: +loc_0000c515: cmp word [ebp - 0x28], bx -jne loc_0000c536 ; jne 0xc536 +jne loc_0000c5a4 ; jne 0xc5a4 cmp dword [ebp - 0x20], 0x10 -je loc_0000c5a8 ; je 0xc5a8 +je loc_0000c616 ; je 0xc616 mov eax, dword [ebp - 0x20] -jbe loc_0000c599 ; jbe 0xc599 +jbe loc_0000c607 ; jbe 0xc607 sub eax, 0x20 cmp eax, 2 -ja loc_0000c59f ; ja 0xc59f -mov edx, ref_00027fbc ; mov edx, 0x27fbc +ja loc_0000c60d ; ja 0xc60d +mov edx, ref_0002806c ; mov edx, 0x2806c mov eax, 4 -loc_0000c4da: +loc_0000c548: imul eax, eax, 0xc mov esi, edx add eax, edx @@ -20093,17 +20136,17 @@ and eax, 0x10 and ebx, 0x20 mov byte [ebp - 0x28], al -loc_0000c4f2: +loc_0000c560: cmp esi, dword [ebp - 0x2c] -jne loc_0000c5b7 ; jne 0xc5b7 +jne loc_0000c625 ; jne 0xc625 -loc_0000c4fb: +loc_0000c569: cmp dword [ebp - 0x24], 0xf -ja loc_0000c672 ; ja 0xc672 +ja loc_0000c6e0 ; ja 0xc6e0 mov cl, byte [ebp - 0x24] mov eax, 1 xor edi, edi -mov edx, ref_00027394 ; mov edx, 0x27394 +mov edx, ref_00027444 ; mov edx, 0x27444 shl eax, cl and eax, 0x8007 cmovne edi, edx @@ -20111,190 +20154,190 @@ cmp eax, 1 sbb eax, eax not eax and eax, 0x14 -jmp near loc_0000c676 ; jmp 0xc676 +jmp near loc_0000c6e4 ; jmp 0xc6e4 -loc_0000c52d: +loc_0000c59b: xor esi, esi xor ebx, ebx -jmp near loc_0000c49e ; jmp 0xc49e +jmp near loc_0000c50c ; jmp 0xc50c -loc_0000c536: +loc_0000c5a4: push dword [esi] push dword [esi - 4] push dword [esi - 8] push dword [ebp + 0x14] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000c58d ; je 0xc58d +je short loc_0000c5fb ; je 0xc5fb test edi, edi -jns short loc_0000c58d ; jns 0xc58d -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000c5fb ; jns 0xc5fb +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000c575 ; je 0xc575 +je short loc_0000c5e3 ; je 0xc5e3 push eax push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000c575: +loc_0000c5e3: push edi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x1e8 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000c58d: +loc_0000c5fb: inc word [ebp - 0x28] add esi, 0xc -jmp near loc_0000c4a7 ; jmp 0xc4a7 +jmp near loc_0000c515 ; jmp 0xc515 -loc_0000c599: +loc_0000c607: dec eax cmp eax, 2 -jbe short loc_0000c5a8 ; jbe 0xc5a8 +jbe short loc_0000c616 ; jbe 0xc616 -loc_0000c59f: +loc_0000c60d: xor edx, edx xor eax, eax -jmp near loc_0000c4da ; jmp 0xc4da +jmp near loc_0000c548 ; jmp 0xc548 -loc_0000c5a8: -mov edx, ref_0002752c ; mov edx, 0x2752c +loc_0000c616: +mov edx, ref_000275dc ; mov edx, 0x275dc mov eax, 2 -jmp near loc_0000c4da ; jmp 0xc4da +jmp near loc_0000c548 ; jmp 0xc548 -loc_0000c5b7: +loc_0000c625: cmp dword [ebp + 0xc], 2 -jne short loc_0000c5ee ; jne 0xc5ee +jne short loc_0000c65c ; jne 0xc65c mov eax, dword [esi] and eax, 0xfe00 cmp eax, 0x2000 -je short loc_0000c602 ; je 0xc602 +je short loc_0000c670 ; je 0xc670 cmp eax, 0x2200 -je short loc_0000c60f ; je 0xc60f +je short loc_0000c67d ; je 0xc67d cmp eax, 0x2400 -jne short loc_0000c5df ; jne 0xc5df +jne short loc_0000c64d ; jne 0xc64d test byte [ebp - 0x19], 0x40 -jmp short loc_0000c611 ; jmp 0xc611 +jmp short loc_0000c67f ; jmp 0xc67f -loc_0000c5df: +loc_0000c64d: cmp eax, 0x2600 -jne short loc_0000c613 ; jne 0xc613 +jne short loc_0000c681 ; jne 0xc681 cmp byte [ebp - 0x19], 0 -jns short loc_0000c613 ; jns 0xc613 -jmp short loc_0000c66a ; jmp 0xc66a +jns short loc_0000c681 ; jns 0xc681 +jmp short loc_0000c6d8 ; jmp 0xc6d8 -loc_0000c5ee: +loc_0000c65c: cmp dword [ebp + 0xc], 1 -jne short loc_0000c613 ; jne 0xc613 +jne short loc_0000c681 ; jne 0xc681 mov eax, dword [esi] and eax, 0xfe00 cmp eax, 0x2000 -jne short loc_0000c608 ; jne 0xc608 +jne short loc_0000c676 ; jne 0xc676 -loc_0000c602: +loc_0000c670: cmp byte [ebp - 0x28], 0 -jmp short loc_0000c611 ; jmp 0xc611 +jmp short loc_0000c67f ; jmp 0xc67f -loc_0000c608: +loc_0000c676: cmp eax, 0x2200 -jne short loc_0000c613 ; jne 0xc613 +jne short loc_0000c681 ; jne 0xc681 -loc_0000c60f: +loc_0000c67d: test bl, bl -loc_0000c611: -jne short loc_0000c66a ; jne 0xc66a +loc_0000c67f: +jne short loc_0000c6d8 ; jne 0xc6d8 -loc_0000c613: +loc_0000c681: push dword [esi + 8] push dword [esi + 4] push dword [esi] push dword [ebp + 0x14] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000c66a ; je 0xc66a +je short loc_0000c6d8 ; je 0xc6d8 test edi, edi -jns short loc_0000c66a ; jns 0xc66a -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000c6d8 ; jns 0xc6d8 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000c652 ; je 0xc652 +je short loc_0000c6c0 ; je 0xc6c0 push ecx push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000c652: +loc_0000c6c0: push edx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x213 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000c66a: +loc_0000c6d8: add esi, 0xc -jmp near loc_0000c4f2 ; jmp 0xc4f2 +jmp near loc_0000c560 ; jmp 0xc560 -loc_0000c672: +loc_0000c6e0: xor edi, edi xor eax, eax -loc_0000c676: +loc_0000c6e4: movzx eax, ax imul eax, eax, 0xc mov word [ebp - 0x24], 0 lea eax, [edi + eax + 8] mov dword [ebp - 0x30], eax -loc_0000c689: -call fcn_0001c11d ; call 0x1c11d +loc_0000c6f7: +call fcn_0001c1e1 ; call 0x1c1e1 mov edx, dword [ebp - 0x24] movzx eax, al cmp dx, ax -jae loc_0000c75c ; jae 0xc75c +jae loc_0000c7ca ; jae 0xc7ca movzx eax, dx xor esi, esi imul eax, eax, 0x12 add eax, dword [ebp + 8] mov dword [ebp - 0x28], eax -loc_0000c6ab: +loc_0000c719: mov eax, dword [ebp - 0x28] mov word [ebp - 0x34], si cmp byte [eax + esi*2 + 0x1e4], 1 -je short loc_0000c6c8 ; je 0xc6c8 +je short loc_0000c736 ; je 0xc736 -loc_0000c6bc: +loc_0000c72a: inc esi cmp esi, 3 -jne short loc_0000c6ab ; jne 0xc6ab +jne short loc_0000c719 ; jne 0xc719 inc word [ebp - 0x24] -jmp short loc_0000c689 ; jmp 0xc689 +jmp short loc_0000c6f7 ; jmp 0xc6f7 -loc_0000c6c8: +loc_0000c736: lea ebx, [edi + 8] -loc_0000c6cb: +loc_0000c739: cmp ebx, dword [ebp - 0x30] -je short loc_0000c6bc ; je 0xc6bc +je short loc_0000c72a ; je 0xc72a mov eax, dword [ebp - 0x24] cmp word [ebx - 8], ax -jne short loc_0000c754 ; jne 0xc754 +jne short loc_0000c7c2 ; jne 0xc7c2 mov eax, dword [ebp - 0x34] cmp word [ebx - 6], ax -jne short loc_0000c754 ; jne 0xc754 +jne short loc_0000c7c2 ; jne 0xc7c2 mov eax, dword [ebp - 0x28] mov edx, dword [ebx] movzx ecx, byte [eax + esi*2 + 0x1e3] @@ -20306,76 +20349,76 @@ push eax push edx push dword [ebx - 4] push dword [ebp + 0x14] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov dword [ebp - 0x2c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000c754 ; je 0xc754 +je short loc_0000c7c2 ; je 0xc7c2 cmp dword [ebp - 0x2c], 0 -jns short loc_0000c754 ; jns 0xc754 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000c7c2 ; jns 0xc7c2 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000c73c ; je 0xc73c +je short loc_0000c7aa ; je 0xc7aa push eax push dword [ebp - 0x2c] -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000c73c: +loc_0000c7aa: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x234 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000c754: +loc_0000c7c2: add ebx, 0xc -jmp near loc_0000c6cb ; jmp 0xc6cb +jmp near loc_0000c739 ; jmp 0xc739 -loc_0000c75c: +loc_0000c7ca: mov eax, dword [ebp - 0x20] cmp eax, 0x22 -ja short loc_0000c77a ; ja 0xc77a +ja short loc_0000c7e8 ; ja 0xc7e8 cmp eax, 0x20 -jae short loc_0000c78c ; jae 0xc78c +jae short loc_0000c7fa ; jae 0xc7fa cmp eax, 1 -jb short loc_0000c79f ; jb 0xc79f +jb short loc_0000c80d ; jb 0xc80d cmp eax, 3 -jbe short loc_0000c793 ; jbe 0xc793 +jbe short loc_0000c801 ; jbe 0xc801 cmp eax, 0x10 -je short loc_0000c793 ; je 0xc793 -jmp short loc_0000c79f ; jmp 0xc79f +je short loc_0000c801 ; je 0xc801 +jmp short loc_0000c80d ; jmp 0xc80d -loc_0000c77a: +loc_0000c7e8: mov eax, dword [ebp - 0x20] -mov esi, ref_000286b0 ; mov esi, 0x286b0 +mov esi, ref_00028760 ; mov esi, 0x28760 sub eax, 0x41 cmp eax, 2 -jbe short loc_0000c7a5 ; jbe 0xc7a5 -jmp short loc_0000c79f ; jmp 0xc79f +jbe short loc_0000c813 ; jbe 0xc813 +jmp short loc_0000c80d ; jmp 0xc80d -loc_0000c78c: -mov esi, ref_00027ecc ; mov esi, 0x27ecc -jmp short loc_0000c7a5 ; jmp 0xc7a5 +loc_0000c7fa: +mov esi, ref_00027f7c ; mov esi, 0x27f7c +jmp short loc_0000c813 ; jmp 0xc813 -loc_0000c793: -mov esi, ref_00027484 ; mov esi, 0x27484 +loc_0000c801: +mov esi, ref_00027534 ; mov esi, 0x27534 mov eax, 0xa -jmp short loc_0000c7aa ; jmp 0xc7aa +jmp short loc_0000c818 ; jmp 0xc818 -loc_0000c79f: +loc_0000c80d: xor esi, esi xor eax, eax -jmp short loc_0000c7aa ; jmp 0xc7aa +jmp short loc_0000c818 ; jmp 0xc818 -loc_0000c7a5: +loc_0000c813: mov eax, 0x14 -loc_0000c7aa: +loc_0000c818: imul eax, eax, 0xc mov cl, byte [ebp - 0x19] mov word [ebp - 0x24], 0 @@ -20388,87 +20431,87 @@ mov al, cl and eax, 0x10 mov byte [ebp - 0x30], al -loc_0000c7cd: -call fcn_0001c11d ; call 0x1c11d +loc_0000c83b: +call fcn_0001c1e1 ; call 0x1c1e1 mov ecx, dword [ebp - 0x24] movzx eax, al cmp cx, ax -jae loc_0000c912 ; jae 0xc912 +jae loc_0000c980 ; jae 0xc980 movzx eax, cx imul eax, eax, 0x12 add eax, dword [ebp + 8] mov dword [ebp - 0x20], 0 mov dword [ebp - 0x28], eax -loc_0000c7f4: +loc_0000c862: mov eax, dword [ebp - 0x20] mov edx, dword [ebp - 0x28] mov word [ebp - 0x1c], ax cmp byte [edx + eax*2 + 0x1e4], 1 -je short loc_0000c817 ; je 0xc817 +je short loc_0000c885 ; je 0xc885 -loc_0000c808: +loc_0000c876: inc dword [ebp - 0x20] cmp dword [ebp - 0x20], 3 -jne short loc_0000c7f4 ; jne 0xc7f4 +jne short loc_0000c862 ; jne 0xc862 inc word [ebp - 0x24] -jmp short loc_0000c7cd ; jmp 0xc7cd +jmp short loc_0000c83b ; jmp 0xc83b -loc_0000c817: +loc_0000c885: lea ebx, [esi + 4] -loc_0000c81a: +loc_0000c888: cmp ebx, dword [ebp - 0x34] -je short loc_0000c808 ; je 0xc808 +je short loc_0000c876 ; je 0xc876 mov eax, dword [ebp - 0x24] cmp word [ebx - 4], ax -jne loc_0000c90a ; jne 0xc90a +jne loc_0000c978 ; jne 0xc978 mov eax, dword [ebp - 0x1c] cmp word [ebx - 2], ax -jne loc_0000c90a ; jne 0xc90a +jne loc_0000c978 ; jne 0xc978 cmp dword [ebp + 0xc], 2 -jne short loc_0000c873 ; jne 0xc873 +jne short loc_0000c8e1 ; jne 0xc8e1 mov eax, dword [ebx] and eax, 0xfe00 cmp eax, 0x2000 -je short loc_0000c887 ; je 0xc887 +je short loc_0000c8f5 ; je 0xc8f5 cmp eax, 0x2200 -je short loc_0000c894 ; je 0xc894 +je short loc_0000c902 ; je 0xc902 cmp eax, 0x2400 -jne short loc_0000c861 ; jne 0xc861 +jne short loc_0000c8cf ; jne 0xc8cf test byte [ebp - 0x19], 0x40 -jmp short loc_0000c898 ; jmp 0xc898 +jmp short loc_0000c906 ; jmp 0xc906 -loc_0000c861: +loc_0000c8cf: cmp eax, 0x2600 -jne short loc_0000c89a ; jne 0xc89a +jne short loc_0000c908 ; jne 0xc908 cmp byte [ebp - 0x19], 0 -jns short loc_0000c89a ; jns 0xc89a -jmp near loc_0000c90a ; jmp 0xc90a +jns short loc_0000c908 ; jns 0xc908 +jmp near loc_0000c978 ; jmp 0xc978 -loc_0000c873: +loc_0000c8e1: cmp dword [ebp + 0xc], 1 -jne short loc_0000c89a ; jne 0xc89a +jne short loc_0000c908 ; jne 0xc908 mov eax, dword [ebx] and eax, 0xfe00 cmp eax, 0x2000 -jne short loc_0000c88d ; jne 0xc88d +jne short loc_0000c8fb ; jne 0xc8fb -loc_0000c887: +loc_0000c8f5: cmp byte [ebp - 0x30], 0 -jmp short loc_0000c898 ; jmp 0xc898 +jmp short loc_0000c906 ; jmp 0xc906 -loc_0000c88d: +loc_0000c8fb: cmp eax, 0x2200 -jne short loc_0000c89a ; jne 0xc89a +jne short loc_0000c908 ; jne 0xc908 -loc_0000c894: +loc_0000c902: cmp byte [ebp - 0x2c], 0 -loc_0000c898: -jne short loc_0000c90a ; jne 0xc90a +loc_0000c906: +jne short loc_0000c978 ; jne 0xc978 -loc_0000c89a: +loc_0000c908: mov eax, dword [ebp - 0x28] mov ecx, dword [ebp - 0x20] movzx edi, byte [eax + ecx*2 + 0x1e3] @@ -20481,47 +20524,47 @@ push eax push ecx push dword [ebx] push dword [ebp + 0x14] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000c90a ; je 0xc90a +je short loc_0000c978 ; je 0xc978 test edi, edi -jns short loc_0000c90a ; jns 0xc90a -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000c978 ; jns 0xc978 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000c8f2 ; je 0xc8f2 +je short loc_0000c960 ; je 0xc960 push eax push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000c8f2: +loc_0000c960: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x271 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000c90a: +loc_0000c978: add ebx, 0xc -jmp near loc_0000c81a ; jmp 0xc81a +jmp near loc_0000c888 ; jmp 0xc888 -loc_0000c912: +loc_0000c980: mov eax, dword [ebp + 8] xor ebx, ebx cmp byte [eax], 8 -ja short loc_0000c923 ; ja 0xc923 +ja short loc_0000c991 ; ja 0xc991 -loc_0000c91c: +loc_0000c98a: xor eax, eax -jmp near loc_0000cb86 ; jmp 0xcb86 +jmp near loc_0000cbf4 ; jmp 0xcbf4 -loc_0000c923: +loc_0000c991: mov cl, byte [ebp - 0x19] mov al, cl and eax, 0x10 @@ -20530,235 +20573,235 @@ mov al, cl shr al, 7 mov byte [ebp - 0x28], al -loc_0000c936: -call fcn_0001c11d ; call 0x1c11d +loc_0000c9a4: +call fcn_0001c1e1 ; call 0x1c1e1 movzx eax, al cmp bx, ax -jae short loc_0000c91c ; jae 0xc91c +jae short loc_0000c98a ; jae 0xc98a cmp dword [ebp + 0xc], 1 -jne short loc_0000c971 ; jne 0xc971 +jne short loc_0000c9df ; jne 0xc9df cmp bx, 4 -jne short loc_0000c955 ; jne 0xc955 +jne short loc_0000c9c3 ; jne 0xc9c3 cmp byte [ebp - 0x20], 0 -jmp short loc_0000c95f ; jmp 0xc95f +jmp short loc_0000c9cd ; jmp 0xc9cd -loc_0000c955: +loc_0000c9c3: cmp bx, 5 -jne short loc_0000c965 ; jne 0xc965 +jne short loc_0000c9d3 ; jne 0xc9d3 test byte [ebp - 0x19], 0x20 -loc_0000c95f: -jne loc_0000cb80 ; jne 0xcb80 +loc_0000c9cd: +jne loc_0000cbee ; jne 0xcbee -loc_0000c965: +loc_0000c9d3: movzx eax, bx -mov edi, dword [eax*4 + ref_00020390] ; mov edi, dword [eax*4 + 0x20390] -jmp short loc_0000c9b2 ; jmp 0xc9b2 +mov edi, dword [eax*4 + ref_00020420] ; mov edi, dword [eax*4 + 0x20420] +jmp short loc_0000ca20 ; jmp 0xca20 -loc_0000c971: +loc_0000c9df: test bx, bx -jne short loc_0000c980 ; jne 0xc980 +jne short loc_0000c9ee ; jne 0xc9ee cmp byte [ebp - 0x28], 0 -jne loc_0000cb80 ; jne 0xcb80 +jne loc_0000cbee ; jne 0xcbee -loc_0000c980: +loc_0000c9ee: cmp bx, 1 -jne short loc_0000c98c ; jne 0xc98c +jne short loc_0000c9fa ; jne 0xc9fa test byte [ebp - 0x19], 0x40 -jmp short loc_0000c9a2 ; jmp 0xc9a2 +jmp short loc_0000ca10 ; jmp 0xca10 -loc_0000c98c: +loc_0000c9fa: cmp bx, 2 -jne short loc_0000c998 ; jne 0xc998 +jne short loc_0000ca06 ; jne 0xca06 test byte [ebp - 0x19], 0x20 -jmp short loc_0000c9a2 ; jmp 0xc9a2 +jmp short loc_0000ca10 ; jmp 0xca10 -loc_0000c998: +loc_0000ca06: cmp bx, 3 -jne short loc_0000c9a8 ; jne 0xc9a8 +jne short loc_0000ca16 ; jne 0xca16 cmp byte [ebp - 0x20], 0 -loc_0000c9a2: -jne loc_0000cb80 ; jne 0xcb80 +loc_0000ca10: +jne loc_0000cbee ; jne 0xcbee -loc_0000c9a8: +loc_0000ca16: movzx eax, bx -mov edi, dword [eax*4 + ref_00020378] ; mov edi, dword [eax*4 + 0x20378] +mov edi, dword [eax*4 + ref_00020408] ; mov edi, dword [eax*4 + 0x20408] -loc_0000c9b2: +loc_0000ca20: movzx esi, bx imul eax, esi, 0x12 add eax, dword [ebp + 8] test byte [eax + 0x1ed], 1 -je short loc_0000ca32 ; je 0xca32 +je short loc_0000caa0 ; je 0xcaa0 movzx eax, byte [eax + 0x1e9] cmp al, 0x80 -jbe short loc_0000ca17 ; jbe 0xca17 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_0000ca85 ; jbe 0xca85 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000c9ec ; je 0xc9ec +je short loc_0000ca5a ; je 0xca5a push eax push eax -push ref_0002234a ; push 0x2234a +push ref_000223da ; push 0x223da push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000c9ec: -call fcn_000153f0 ; call 0x153f0 +loc_0000ca5a: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0000ca0d ; je 0xca0d +je short loc_0000ca7b ; je 0xca7b push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x295 -loc_0000ca00: -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +loc_0000ca6e: +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000ca0d: +loc_0000ca7b: mov eax, 0x80000002 -jmp near loc_0000cb86 ; jmp 0xcb86 +jmp near loc_0000cbf4 ; jmp 0xcbf4 -loc_0000ca17: +loc_0000ca85: shl eax, 0x10 push eax push 0xff00ffff lea eax, [edi + 0x88] push eax push dword [ebp + 0x14] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x10 -loc_0000ca32: +loc_0000caa0: imul eax, esi, 0x12 add eax, dword [ebp + 8] test byte [eax + 0x1ed], 2 -je short loc_0000ca9a ; je 0xca9a +je short loc_0000cb08 ; je 0xcb08 movzx eax, byte [eax + 0x1ea] cmp al, 0x80 -jbe short loc_0000ca7f ; jbe 0xca7f -call fcn_000153e9 ; call 0x153e9 +jbe short loc_0000caed ; jbe 0xcaed +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ca69 ; je 0xca69 +je short loc_0000cad7 ; je 0xcad7 push edi push edi -push ref_00022378 ; push 0x22378 +push ref_00022408 ; push 0x22408 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ca69: -call fcn_000153f0 ; call 0x153f0 +loc_0000cad7: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0000ca0d ; je 0xca0d +je short loc_0000ca7b ; je 0xca7b push esi -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x2a5 -jmp short loc_0000ca00 ; jmp 0xca00 +jmp short loc_0000ca6e ; jmp 0xca6e -loc_0000ca7f: +loc_0000caed: shl eax, 0x10 push eax push 0xff00ffff lea eax, [edi + 0x8c] push eax push dword [ebp + 0x14] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x10 -loc_0000ca9a: +loc_0000cb08: imul eax, esi, 0x12 add eax, dword [ebp + 8] test byte [eax + 0x1ed], 4 -je short loc_0000cafc ; je 0xcafc +je short loc_0000cb6a ; je 0xcb6a movzx eax, byte [eax + 0x1eb] lea edx, [eax - 0x39] cmp dl, 0x47 -jbe short loc_0000caf2 ; jbe 0xcaf2 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_0000cb60 ; jbe 0xcb60 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000cad5 ; je 0xcad5 +je short loc_0000cb43 ; je 0xcb43 push ebx push ebx -push ref_000223a7 ; push 0x223a7 +push ref_00022437 ; push 0x22437 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000cad5: -call fcn_000153f0 ; call 0x153f0 +loc_0000cb43: +call fcn_00015480 ; call 0x15480 test al, al -je loc_0000ca0d ; je 0xca0d +je loc_0000ca7b ; je 0xca7b push ecx -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x2b9 -jmp near loc_0000ca00 ; jmp 0xca00 +jmp near loc_0000ca6e ; jmp 0xca6e -loc_0000caf2: +loc_0000cb60: shl eax, 8 mov edx, 0xffff00ff -jmp short loc_0000cb01 ; jmp 0xcb01 +jmp short loc_0000cb6f ; jmp 0xcb6f -loc_0000cafc: +loc_0000cb6a: xor eax, eax or edx, 0xffffffff -loc_0000cb01: +loc_0000cb6f: imul esi, esi, 0x12 add esi, dword [ebp + 8] test byte [esi + 0x1ed], 8 -je short loc_0000cb67 ; je 0xcb67 +je short loc_0000cbd5 ; je 0xcbd5 mov cl, byte [esi + 0x1ec] lea esi, [ecx - 0x45] mov byte [ebp - 0x24], cl mov ecx, esi cmp cl, 0x3b -jbe short loc_0000cb5d ; jbe 0xcb5d -call fcn_000153e9 ; call 0x153e9 +jbe short loc_0000cbcb ; jbe 0xcbcb +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000cb40 ; je 0xcb40 +je short loc_0000cbae ; je 0xcbae push edx push edx -push ref_000223d0 ; push 0x223d0 +push ref_00022460 ; push 0x22460 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000cb40: -call fcn_000153f0 ; call 0x153f0 +loc_0000cbae: +call fcn_00015480 ; call 0x15480 test al, al -je loc_0000ca0d ; je 0xca0d +je loc_0000ca7b ; je 0xca7b push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x2c6 -jmp near loc_0000ca00 ; jmp 0xca00 +jmp near loc_0000ca6e ; jmp 0xca6e -loc_0000cb5d: +loc_0000cbcb: movzx ecx, byte [ebp - 0x24] xor dl, dl or eax, ecx -jmp short loc_0000cb6c ; jmp 0xcb6c +jmp short loc_0000cbda ; jmp 0xcbda -loc_0000cb67: +loc_0000cbd5: cmp edx, 0xffffffff -je short loc_0000cb80 ; je 0xcb80 +je short loc_0000cbee ; je 0xcbee -loc_0000cb6c: +loc_0000cbda: push eax add edi, 0x90 push edx push edi push dword [ebp + 0x14] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x10 -loc_0000cb80: +loc_0000cbee: inc ebx -jmp near loc_0000c936 ; jmp 0xc936 +jmp near loc_0000c9a4 ; jmp 0xc9a4 -loc_0000cb86: +loc_0000cbf4: lea esp, [ebp - 0xc] pop ebx pop esi @@ -20766,115 +20809,115 @@ pop edi pop ebp ret -fcn_0000cb8e: +fcn_0000cbfc: push ebp mov ebp, esp push edi push esi push ebx sub esp, 0x2c -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000cbb1 ; je 0xcbb1 +je short loc_0000cc1f ; je 0xcc1f push eax push eax -push ref_000223fa ; push 0x223fa +push ref_0002248a ; push 0x2248a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000cbb1: -call fcn_0001bef7 ; call 0x1bef7 +loc_0000cc1f: +call fcn_0001bfbb ; call 0x1bfbb mov dword [ebp - 0x2c], eax push eax push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ebx, eax lea eax, [eax + 0xf0] add ebx, 2 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], ebx mov dword [ebp - 0x30], eax and dword [ebp - 0x30], 0xffffc000 -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0xc push 2 push 0x1f push 0 mov ebx, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0x1c push 0 mov esi, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a lea edi, [esi + 0x92] mov dword [esp], edi mov dword [ebp - 0x34], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0xf setne byte [ebp - 0x35] cmp dword [ebp - 0x2c], 1 -jne loc_0000ce71 ; jne 0xce71 +jne loc_0000cedf ; jne 0xcedf sub esp, 0xc push edi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x30 -je short loc_0000cca6 ; je 0xcca6 +je short loc_0000cd14 ; je 0xcd14 -loc_0000cc3e: +loc_0000ccac: push eax lea eax, [ebp - 0x1c] push eax push 0xea000aac push dword [ebp - 0x30] -call fcn_00009cab ; call 0x9cab +call fcn_00009d19 ; call 0x9d19 mov eax, dword [ebp - 0x1c] add esp, 0x10 and eax, 0x30 cmp eax, 0x20 -je loc_0000ce14 ; je 0xce14 -call fcn_000153e9 ; call 0x153e9 +je loc_0000ce82 ; je 0xce82 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000cc7f ; je 0xcc7f +je short loc_0000cced ; je 0xcced push eax push eax -push ref_00022411 ; push 0x22411 +push ref_000224a1 ; push 0x224a1 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000cc7f: -call fcn_000153f0 ; call 0x153f0 +loc_0000cced: +call fcn_00015480 ; call 0x15480 test al, al -je loc_0000ce14 ; je 0xce14 +je loc_0000ce82 ; je 0xce82 push eax -push ref_00024b36 ; push 0x24b36 +push ref_00024be5 ; push 0x24be5 push 0x32e -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc -jmp near loc_0000ce11 ; jmp 0xce11 +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c +jmp near loc_0000ce7f ; jmp 0xce7f -loc_0000cca6: +loc_0000cd14: cmp byte [ebp - 0x35], 1 -je short loc_0000cc3e ; je 0xcc3e +je short loc_0000ccac ; je 0xccac push eax push 0x60 -loc_0000ccaf: +loc_0000cd1d: push 0x3f lea eax, [esi + 0x90] push eax -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a add esp, 0x10 -loc_0000ccc0: +loc_0000cd2e: push eax push 0x183 push 0xfffffe00 @@ -20882,79 +20925,79 @@ lea eax, [esi + 0x94] push eax lea esi, [esi + 0x98] mov dword [ebp - 0x1c], 0xfffffe00 -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx push 0x8000 push edi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 movzx eax, bx mov dword [esp], eax push dword [ebp - 0x30] push dword [ebp - 0x34] push dword [ebp - 0x2c] push dword [ebp + 8] -call fcn_0000c05a ; call 0xc05a +call fcn_0000c0c8 ; call 0xc0c8 mov eax, ebx add esp, 0x20 and eax, 0xfffffffd cmp ax, 0x8c44 -je loc_0000ce30 ; je 0xce30 +je loc_0000ce9e ; je 0xce9e lea eax, [ebx + 0x73b2] cmp ax, 2 -jbe loc_0000ce30 ; jbe 0xce30 +jbe loc_0000ce9e ; jbe 0xce9e cmp bx, 0x8c5c -je loc_0000ce30 ; je 0xce30 +je loc_0000ce9e ; je 0xce9e lea eax, [ebx + 0x73b7] cmp ax, 3 -jbe loc_0000ce30 ; jbe 0xce30 +jbe loc_0000ce9e ; jbe 0xce9e lea eax, [ebx + 0x73bf] cmp ax, 1 -jbe loc_0000ce30 ; jbe 0xce30 +jbe loc_0000ce9e ; jbe 0xce9e lea eax, [ebx + 0x63bf] cmp ax, 6 -jbe loc_0000ce30 ; jbe 0xce30 +jbe loc_0000ce9e ; jbe 0xce9e lea eax, [ebx + 0x733f] cmp ax, 5 -jbe loc_0000ce30 ; jbe 0xce30 +jbe loc_0000ce9e ; jbe 0xce9e add bx, 0x633f cmp bx, 0xa -jbe loc_0000ce30 ; jbe 0xce30 +jbe loc_0000ce9e ; jbe 0xce9e -loc_0000cd84: +loc_0000cdf2: push ebx push ebx push 0x80000 push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0xc push 0x200 push 0xffffe27f push esi mov dword [ebp - 0x1c], 0xffffe27f -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx push 0x100000 push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0xc push 0x20 push 0xffffffffffffff9f push esi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop ecx pop ebx push 0x40000 push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov eax, dword [ebp - 0x34] add eax, 0x410 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 cmp dword [ebp - 0x2c], 1 -jne short loc_0000ce45 ; jne 0xce45 +jne short loc_0000ceb3 ; jne 0xceb3 mov dl, al and edx, 0x10 cmp dl, 1 @@ -20965,45 +21008,45 @@ mov cl, dl or ecx, 0x20 test al, 0x20 -loc_0000ce02: +loc_0000ce70: cmove edx, ecx -loc_0000ce05: +loc_0000ce73: push ecx movzx edx, dl push ecx push edx push edi -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 -loc_0000ce11: +loc_0000ce7f: add esp, 0x10 -loc_0000ce14: -call fcn_000153e9 ; call 0x153e9 +loc_0000ce82: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ce89 ; je 0xce89 +je short loc_0000cef7 ; je 0xcef7 push eax push eax -push ref_0002245f ; push 0x2245f +push ref_000224ef ; push 0x224ef push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_0000ce89 ; jmp 0xce89 +jmp short loc_0000cef7 ; jmp 0xcef7 -loc_0000ce30: +loc_0000ce9e: push eax push eax push 0x400000 push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -jmp near loc_0000cd84 ; jmp 0xcd84 +jmp near loc_0000cdf2 ; jmp 0xcdf2 -loc_0000ce45: +loc_0000ceb3: xor edx, edx cmp dword [ebp - 0x2c], 2 -jne short loc_0000ce05 ; jne 0xce05 +jne short loc_0000ce73 ; jne 0xce73 mov dl, al not edx shr dl, 7 @@ -21018,18 +21061,18 @@ cmove edx, ecx mov cl, dl or ecx, 8 test al, 0x10 -jmp short loc_0000ce02 ; jmp 0xce02 +jmp short loc_0000ce70 ; jmp 0xce70 -loc_0000ce71: +loc_0000cedf: cmp byte [ebp - 0x35], 1 -je short loc_0000ce14 ; je 0xce14 +je short loc_0000ce82 ; je 0xce82 cmp dword [ebp - 0x2c], 2 -jne loc_0000ccc0 ; jne 0xccc0 +jne loc_0000cd2e ; jne 0xcd2e push ecx push 0x40 -jmp near loc_0000ccaf ; jmp 0xccaf +jmp near loc_0000cd1d ; jmp 0xcd1d -loc_0000ce89: +loc_0000cef7: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -21038,7 +21081,7 @@ pop edi pop ebp ret -fcn_0000ce93: +fcn_0000cf01: push ebp mov ebp, esp push edi @@ -21049,11 +21092,11 @@ mov ebx, dword [ebp + 8] mov eax, dword [ebx + 4] add eax, 0x3414 push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov esi, eax pop eax push dword [ebx + 4] -call fcn_0001bdcc ; call 0x1bdcc +call fcn_0001be90 ; call 0x1be90 movzx edx, byte [ebx + 0x37e] add esp, 0x10 mov edi, eax @@ -21062,71 +21105,71 @@ shr al, 5 xor eax, 1 and eax, 1 cmp edx, eax -je loc_0000d0b7 ; je 0xd0b7 +je loc_0000d125 ; je 0xd125 lea eax, [ebp - 0x1c] push eax push 0 push 0 -push ref_0002908c ; push 0x2908c -call fcn_00019699 ; call 0x19699 +push ref_0002913c ; push 0x2913c +call fcn_0001975d ; call 0x1975d mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000cf30 ; je 0xcf30 +je short loc_0000cf9e ; je 0xcf9e test esi, esi -jns short loc_0000cf30 ; jns 0xcf30 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000cf9e ; jns 0xcf9e +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000cf18 ; je 0xcf18 +je short loc_0000cf86 ; je 0xcf86 push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000cf18: +loc_0000cf86: push esi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x467 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000cf30: +loc_0000cf9e: mov eax, dword [ebx + 4] sub esp, 0xc add eax, 0x3420 push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, al -jns short loc_0000cf71 ; jns 0xcf71 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000cfdf ; jns 0xcfdf +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000cf65 ; je 0xcf65 +je short loc_0000cfd3 ; je 0xcfd3 push ecx push ecx -push ref_00022474 ; push 0x22474 +push ref_00022504 ; push 0x22504 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000cf65: +loc_0000cfd3: push edx mov eax, dword [ebp - 0x1c] push edx push 4 -jmp near loc_0000d0b1 ; jmp 0xd0b1 +jmp near loc_0000d11f ; jmp 0xd11f -loc_0000cf71: +loc_0000cfdf: xor esi, esi mov eax, edi cmp byte [ebx + 0x37e], 0 -je short loc_0000cfa8 ; je 0xcfa8 +je short loc_0000d016 ; je 0xd016 dec al -jne loc_0000d04e ; jne 0xd04e +jne loc_0000d0bc ; jne 0xd0bc push eax mov esi, 1 push eax @@ -21134,46 +21177,46 @@ push 0xdf mov eax, dword [ebx + 4] add eax, 0x3414 push eax -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d add esp, 0x10 -jmp near loc_0000d04e ; jmp 0xd04e +jmp near loc_0000d0bc ; jmp 0xd0bc -loc_0000cfa8: +loc_0000d016: dec al -jne loc_0000d039 ; jne 0xd039 +jne loc_0000d0a7 ; jne 0xd0a7 push eax push 0 push 0x19 movzx eax, byte [ebx + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a lea edi, [eax + 0x10] mov esi, eax mov dword [esp], edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [ebp - 0x34], eax pop eax pop edx push dword [ebx + 0x1a] push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f lea eax, [esi + 4] mov dword [esp], eax mov esi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 pop ecx mov dword [ebp - 0x2c], esi mov word [ebp - 0x2e], ax pop eax push 2 push esi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 mov dword [esp], edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e and eax, 0xffff8000 lea edx, [eax + 0x5b54] mov dword [esp], edx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov ecx, eax pop eax movzx eax, word [ebp - 0x2e] @@ -21182,71 +21225,71 @@ pop edx mov esi, ecx push eax push dword [ebp - 0x2c] -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 pop ecx mov ecx, dword [ebp - 0x34] pop eax push ecx push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_0000d039: +loc_0000d0a7: push edi push edi push 0x20 mov eax, dword [ebx + 4] add eax, 0x3414 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_0000d04e: +loc_0000d0bc: mov eax, dword [ebx + 4] sub esp, 0xc add eax, 0x3414 push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov eax, esi add esp, 0x10 test al, al -je short loc_0000d0b7 ; je 0xd0b7 -call fcn_000153e9 ; call 0x153e9 +je short loc_0000d125 ; je 0xd125 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000d085 ; je 0xd085 +je short loc_0000d0f3 ; je 0xd0f3 push esi push esi -push ref_000224c8 ; push 0x224c8 +push ref_00022558 ; push 0x22558 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000d085: +loc_0000d0f3: mov eax, dword [ebx + 4] sub esp, 0xc add eax, 0x3428 push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov edx, 3 test al, 2 -jne short loc_0000d0ab ; jne 0xd0ab +jne short loc_0000d119 ; jne 0xd119 cmp byte [ebx + 0x11], 1 sbb edx, edx add edx, 5 -loc_0000d0ab: +loc_0000d119: mov eax, dword [ebp - 0x1c] push ecx push ecx push edx -loc_0000d0b1: +loc_0000d11f: push eax call dword [eax] ; ucall add esp, 0x10 -loc_0000d0b7: +loc_0000d125: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -21255,7 +21298,7 @@ pop edi pop ebp ret -fcn_0000d0c1: +fcn_0000d12f: push ebp mov ebp, esp push edi @@ -21267,45 +21310,45 @@ mov byte [ebp - 0x1c], 0x1d mov byte [ebp - 0x1b], 0 mov byte [ebp - 0x1a], 0x1a mov byte [ebp - 0x19], 0 -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb push edi push 0 push 0x1f push 0 mov esi, eax mov dword [ebp - 0x34], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 2 push 0x1f mov dword [ebp - 0x38], eax movzx eax, byte [ebx + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 dec esi mov dword [ebp - 0x30], 0 mov edi, eax -jne short loc_0000d128 ; jne 0xd128 +jne short loc_0000d196 ; jne 0xd196 push ecx push 5 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 mov dword [ebp - 0x30], eax -loc_0000d128: +loc_0000d196: push eax push 0 push 0x1c push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax mov eax, dword [ebp - 0x38] add eax, 0xf0 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [ebp - 0x40], eax pop eax mov eax, dword [ebp - 0x38] @@ -21313,15 +21356,15 @@ pop edx add eax, 0xac push 0xffefffff push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 mov byte [ebp - 0x3c], 0 mov byte [ebp - 0x29], 0 -loc_0000d169: -call fcn_0001c0fb ; call 0x1c0fb +loc_0000d1d7: +call fcn_0001c1bf ; call 0x1c1bf cmp byte [ebp - 0x29], al -jae short loc_0000d1f0 ; jae 0xd1f0 +jae short loc_0000d25e ; jae 0xd25e movzx edx, byte [ebp - 0x29] push eax push edx @@ -21329,13 +21372,13 @@ push 0x1c movzx eax, byte [ebx + 1] mov dword [ebp - 0x48], edx push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov dword [ebp - 0x44], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je short loc_0000d1e8 ; je 0xd1e8 +je short loc_0000d256 ; je 0xd256 mov edx, dword [ebp - 0x48] mov ecx, dword [ebp - 0x44] imul edx, edx, 0x2c @@ -21348,48 +21391,48 @@ inc edx push ecx mov dword [ebp - 0x48], edx mov dword [ebp - 0x44], ecx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov edx, dword [ebp - 0x48] add esp, 0x10 movzx edx, dx and eax, 0xf cmp eax, edx -je short loc_0000d1e8 ; je 0xd1e8 +je short loc_0000d256 ; je 0xd256 mov ecx, dword [ebp - 0x44] push eax push edx push 0xfff0 push ecx -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 mov byte [ebp - 0x3c], 1 -loc_0000d1e8: +loc_0000d256: inc byte [ebp - 0x29] -jmp near loc_0000d169 ; jmp 0xd169 +jmp near loc_0000d1d7 ; jmp 0xd1d7 -loc_0000d1f0: +loc_0000d25e: cmp byte [ebp - 0x3c], 0 -je short loc_0000d206 ; je 0xd206 +je short loc_0000d274 ; je 0xd274 sub esp, 0xc push 0x186a0 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 -loc_0000d206: +loc_0000d274: push eax push 0x80 push 0x9f lea eax, [esi + 0xf4] push eax -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a add esp, 0x10 mov byte [ebp - 0x29], 0 -loc_0000d224: -call fcn_0001c181 ; call 0x1c181 +loc_0000d292: +call fcn_0001c245 ; call 0x1c245 cmp byte [ebp - 0x29], al -jae short loc_0000d274 ; jae 0xd274 +jae short loc_0000d2e2 ; jae 0xd2e2 movzx eax, byte [ebp - 0x29] push ecx movzx edx, byte [ebp + eax*2 - 0x1b] @@ -21398,11 +21441,11 @@ push edx push eax movzx eax, byte [ebx + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a lea edx, [eax + 0x88] mov dword [esp], edx mov dword [ebp - 0x3c], edx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edx mov edx, dword [ebp - 0x3c] pop ecx @@ -21410,14 +21453,14 @@ and eax, 0xfffffffb push eax push edx mov dword [ebp - 0x20], eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 inc byte [ebp - 0x29] -jmp short loc_0000d224 ; jmp 0xd224 +jmp short loc_0000d292 ; jmp 0xd292 -loc_0000d274: +loc_0000d2e2: cmp byte [ebx + 0x364], 1 -jne short loc_0000d2c3 ; jne 0xd2c3 +jne short loc_0000d331 ; jne 0xd331 push eax mov eax, dword [ebx + 0x368] shr eax, 0xc @@ -21428,168 +21471,168 @@ push 0xfffffffffffffffc mov eax, dword [ebx + 4] add eax, 0x3404 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebx + 4] add eax, 0x3404 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop eax pop edx push 1 mov eax, dword [ebx + 0x368] add eax, 0x10 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_0000d2c3: +loc_0000d331: cmp byte [ebx + 0xc], 0 mov eax, dword [ebx + 4] -jne short loc_0000d2dd ; jne 0xd2dd +jne short loc_0000d34b ; jne 0xd34b push ecx add eax, 0x3410 push ecx push 0xfffffffffffffffb push eax -call fcn_00018a7a ; call 0x18a7a -jmp short loc_0000d2ec ; jmp 0xd2ec +call fcn_00018b3e ; call 0x18b3e +jmp short loc_0000d35a ; jmp 0xd35a -loc_0000d2dd: +loc_0000d34b: push edx add eax, 0x3410 push edx push 4 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 -loc_0000d2ec: +loc_0000d35a: mov eax, dword [ebx + 4] add esp, 0x10 sub esp, 0xc add eax, 0x3410 push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 cmp dword [ebp - 0x34], 1 -jne loc_0000d3d7 ; jne 0xd3d7 +jne loc_0000d445 ; jne 0xd445 cmp dword [ebx + 0x1db], 0 -jne loc_0000d3b0 ; jne 0xd3b0 +jne loc_0000d41e ; jne 0xd41e push eax add esi, 0x410 push 0x70 push 0xffffff00 lea eax, [edi + 0x34] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx lea eax, [edi + 0x70] push 0xffff00ff push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e pop ecx pop eax lea eax, [edi + 0x90] push 0x1f push eax -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d mov dword [esp], esi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 and eax, 0x30 cmp al, 0x30 -je short loc_0000d3b0 ; je 0xd3b0 +je short loc_0000d41e ; je 0xd41e sub esp, 0xc push esi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x10 -jne short loc_0000d388 ; jne 0xd388 +jne short loc_0000d3f6 ; jne 0xd3f6 push eax push eax mov eax, dword [ebp - 0x30] push 1 add eax, 0x92 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_0000d388: +loc_0000d3f6: sub esp, 0xc push esi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x20 -jne loc_0000d422 ; jne 0xd422 +jne loc_0000d490 ; jne 0xd490 mov eax, dword [ebp - 0x30] push esi push esi push 2 add eax, 0x92 push eax -call fcn_0001866c ; call 0x1866c -jmp short loc_0000d41f ; jmp 0xd41f +call fcn_00018730 ; call 0x18730 +jmp short loc_0000d48d ; jmp 0xd48d -loc_0000d3b0: +loc_0000d41e: push ecx push ecx push 0x2000000 mov eax, dword [ebx + 4] add eax, 0x3418 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov eax, dword [ebx + 4] add eax, 0x3418 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a -jmp short loc_0000d41f ; jmp 0xd41f +call fcn_00017e4e ; call 0x17e4e +jmp short loc_0000d48d ; jmp 0xd48d -loc_0000d3d7: +loc_0000d445: cmp dword [ebp - 0x34], 2 -jne short loc_0000d422 ; jne 0xd422 +jne short loc_0000d490 ; jne 0xd490 cmp dword [ebx + 0x1db], 3 -jne short loc_0000d422 ; jne 0xd422 +jne short loc_0000d490 ; jne 0xd490 push eax push eax push 0x3f lea eax, [edi + 0x90] push eax -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d pop eax pop edx lea eax, [edi + 0xa0] push 0 push eax -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 add esp, 0xc push 0x8000 push 0xffff7fff lea eax, [edi + 0xa4] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 -loc_0000d41f: +loc_0000d48d: add esp, 0x10 -loc_0000d422: +loc_0000d490: cmp dword [ebx + 0x1db], 2 -jne short loc_0000d453 ; jne 0xd453 +jne short loc_0000d4c1 ; jne 0xd4c1 mov eax, dword [ebp - 0x38] sub esp, 0xc add eax, 2 push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0xc push 0x80 push 0x3f lea eax, [edi + 0x90] push eax -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a add esp, 0x10 -loc_0000d453: +loc_0000d4c1: cmp dword [ebp - 0x34], 2 -jne loc_0000d551 ; jne 0xd551 +jne loc_0000d5bf ; jne 0xd5bf mov ebx, dword [ebp - 0x40] push esi lea esi, [ebp - 0x20] @@ -21597,22 +21640,22 @@ push esi push 0xed00015c and ebx, 0xffffc000 push ebx -call fcn_00009cab ; call 0x9cab +call fcn_00009d19 ; call 0x9d19 add esp, 0x10 mov edi, eax test eax, eax -jns short loc_0000d49b ; jns 0xd49b -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000d509 ; jns 0xd509 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000d4b7 ; je 0xd4b7 +je short loc_0000d525 ; je 0xd525 push ecx push edi -push ref_000224fd ; push 0x224fd +push ref_0002258d ; push 0x2258d push 0x80000000 -call fcn_000153f7 ; call 0x153f7 -jmp short loc_0000d4b4 ; jmp 0xd4b4 +call fcn_00015487 ; call 0x15487 +jmp short loc_0000d522 ; jmp 0xd522 -loc_0000d49b: +loc_0000d509: mov eax, dword [ebp - 0x20] push edx and ah, 0xf7 @@ -21621,32 +21664,32 @@ push eax push 0xed00015c push ebx mov dword [ebp - 0x20], eax -call fcn_00009c07 ; call 0x9c07 +call fcn_00009c75 ; call 0x9c75 -loc_0000d4b4: +loc_0000d522: add esp, 0x10 -loc_0000d4b7: +loc_0000d525: push edi push esi push 0xed000118 push ebx -call fcn_00009cab ; call 0x9cab +call fcn_00009d19 ; call 0x9d19 add esp, 0x10 mov edi, eax test eax, eax -jns short loc_0000d4e9 ; jns 0xd4e9 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000d557 ; jns 0xd557 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000d504 ; je 0xd504 +je short loc_0000d572 ; je 0xd572 push ecx push edi -push ref_00022520 ; push 0x22520 +push ref_000225b0 ; push 0x225b0 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 -jmp short loc_0000d501 ; jmp 0xd501 +call fcn_00015487 ; call 0x15487 +jmp short loc_0000d56f ; jmp 0xd56f -loc_0000d4e9: +loc_0000d557: mov eax, dword [ebp - 0x20] push edx or eax, 0xc00000 @@ -21654,32 +21697,32 @@ push eax push 0xed000118 push ebx mov dword [ebp - 0x20], eax -call fcn_00009c07 ; call 0x9c07 +call fcn_00009c75 ; call 0x9c75 -loc_0000d501: +loc_0000d56f: add esp, 0x10 -loc_0000d504: +loc_0000d572: push edi push esi push 0xed000120 push ebx -call fcn_00009cab ; call 0x9cab +call fcn_00009d19 ; call 0x9d19 add esp, 0x10 mov esi, eax test eax, eax -jns short loc_0000d536 ; jns 0xd536 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000d5a4 ; jns 0xd5a4 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000d551 ; je 0xd551 +je short loc_0000d5bf ; je 0xd5bf push ecx push esi -push ref_00022543 ; push 0x22543 +push ref_000225d3 ; push 0x225d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 -jmp short loc_0000d54e ; jmp 0xd54e +call fcn_00015487 ; call 0x15487 +jmp short loc_0000d5bc ; jmp 0xd5bc -loc_0000d536: +loc_0000d5a4: mov eax, dword [ebp - 0x20] push edx or eax, 0x240000 @@ -21687,12 +21730,12 @@ push eax push 0xed000120 push ebx mov dword [ebp - 0x20], eax -call fcn_00009c07 ; call 0x9c07 +call fcn_00009c75 ; call 0x9c75 -loc_0000d54e: +loc_0000d5bc: add esp, 0x10 -loc_0000d551: +loc_0000d5bf: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -21701,7 +21744,7 @@ pop edi pop ebp ret -fcn_0000d55b: +fcn_0000d5c9: push ebp mov ebp, esp push edi @@ -21713,13 +21756,13 @@ push 6 push 0x1f movzx eax, byte [ebx + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0 push 0 mov edi, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, dword [ebx + 0x1a] pop ecx pop eax @@ -21727,98 +21770,98 @@ mov dword [ebp - 0x1c], edi lea edi, [edi + 0x40] push esi push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax mov eax, dword [ebp - 0x1c] pop edx add eax, 0x44 push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax push 1 push edi -call fcn_00018a50 ; call 0x18a50 -call fcn_0001bef7 ; call 0x1bef7 +call fcn_00018b14 ; call 0x18b14 +call fcn_0001bfbb ; call 0x1bfbb add esp, 0x10 cmp eax, 2 lea eax, [esi + 0x10] -jne short loc_0000d5ca ; jne 0xd5ca +jne short loc_0000d638 ; jne 0xd638 push edx push edx push 0x14a -jmp short loc_0000d5d1 ; jmp 0xd5d1 +jmp short loc_0000d63f ; jmp 0xd63f -loc_0000d5ca: +loc_0000d638: push ecx push ecx push 0x154 -loc_0000d5d1: +loc_0000d63f: push eax -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 add esp, 0x10 push eax push eax push 0xff lea eax, [esi + 6] push eax -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 pop eax pop edx lea eax, [esi + 0x80] push 0xff push eax -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 pop ecx pop eax lea eax, [esi + 0x84] push 0 push eax -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 pop eax pop edx lea eax, [esi + 0x82] push 0 push eax -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 add esp, 0xc push 0x403c push 0xffff8003 mov eax, dword [ebx + 4] add eax, 0x38b0 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebx + 4] add eax, 0x38b4 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test ah, 0x40 -je short loc_0000d660 ; je 0xd660 +je short loc_0000d6ce ; je 0xd6ce push eax add esi, 0xa push eax push 1 push esi -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 add esp, 0x10 -loc_0000d660: +loc_0000d6ce: push ecx push ecx push 0xfffffffffffffffe push edi -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e pop esi pop eax push 0 push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 test byte [ebx + 0x426], 1 -je loc_0000d70d ; je 0xd70d +je loc_0000d77b ; je 0xd77b mov cl, byte [ebx + 0x432] mov dl, byte [ebx + 0x436] mov eax, ecx @@ -21842,7 +21885,7 @@ push 0xfff0fff mov eax, dword [ebx + 4] add eax, 0x33d4 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov al, byte [ebx + 0x432] add esp, 0xc shl eax, 8 @@ -21856,10 +21899,10 @@ push 0xfffff0ff mov eax, dword [ebx + 4] add eax, 0x33c8 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_0000d70d: +loc_0000d77b: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -21868,7 +21911,7 @@ pop edi pop ebp ret -fcn_0000d717: +fcn_0000d785: push ebp mov ebp, esp push edi @@ -21880,33 +21923,33 @@ mov eax, dword [edi + 4] mov bl, byte [edi + 0x361] lea esi, [eax + 0x31fe] push esi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 cmp bl, al -je short loc_0000d765 ; je 0xd765 +je short loc_0000d7d3 ; je 0xd7d3 push ebx push ebx push 0xfeff push esi -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 movzx eax, byte [edi + 0x361] add esp, 0xc push eax push 0xff00 push esi -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 -loc_0000d765: +loc_0000d7d3: push eax push eax push 0x100 push esi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 mov dword [esp], esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov dword [esp], esi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b pop edx pop ecx push 0 @@ -21917,45 +21960,45 @@ or ebx, 0xfec00010 or eax, 0xfec00000 push eax mov dword [ebp - 0x1c], eax -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 mov dword [esp], ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dl, byte [edi + 0x360] add esp, 0x10 movzx ecx, dl shr eax, 0x18 cmp ecx, eax -je short loc_0000d7e4 ; je 0xd7e4 +je short loc_0000d852 ; je 0xd852 cmp dl, 0xf -ja short loc_0000d7e4 ; ja 0xd7e4 +ja short loc_0000d852 ; ja 0xd852 push edx push edx push 0 push dword [ebp - 0x1c] -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 pop ecx pop eax movzx eax, byte [edi + 0x360] shl eax, 0x18 push eax push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_0000d7e4: -call fcn_0001bef7 ; call 0x1bef7 +loc_0000d852: +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 2 -jne short loc_0000d807 ; jne 0xd807 +jne short loc_0000d875 ; jne 0xd875 cmp byte [edi + 0x362], 0 -jne short loc_0000d807 ; jne 0xd807 +jne short loc_0000d875 ; jne 0xd875 push eax push eax push 0x800 push esi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_0000d807: +loc_0000d875: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -21964,79 +22007,79 @@ pop edi pop ebp ret -fcn_0000d811: +fcn_0000d87f: push ebp mov ebp, esp push edi push esi push ebx sub esp, 0x1c -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000d834 ; je 0xd834 +je short loc_0000d8a2 ; je 0xd8a2 push eax push eax -push ref_00022566 ; push 0x22566 +push ref_000225f6 ; push 0x225f6 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000d834: +loc_0000d8a2: push eax push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a lea esi, [eax + 0xf0] mov ebx, eax mov dword [esp], esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e lea eax, [ebp - 0x20] push eax push 0 push 0 -push ref_0002912c ; push 0x2912c -call fcn_00019699 ; call 0x19699 +push ref_000291dc ; push 0x291dc +call fcn_0001975d ; call 0x1975d add esp, 0x20 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0000d8a9 ; je 0xd8a9 +je short loc_0000d917 ; je 0xd917 test edi, edi -jns short loc_0000d8a9 ; jns 0xd8a9 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000d917 ; jns 0xd917 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000d891 ; je 0xd891 +je short loc_0000d8ff ; je 0xd8ff push eax push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000d891: +loc_0000d8ff: push edi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x7c4 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000d8a9: -call fcn_000153f0 ; call 0x153f0 +loc_0000d917: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0000d8d5 ; je 0xd8d5 +je short loc_0000d943 ; je 0xd943 mov eax, dword [ebp - 0x20] test word [eax + 4], 0x3fff -je short loc_0000d8d5 ; je 0xd8d5 +je short loc_0000d943 ; je 0xd943 push ecx -push ref_0002257f ; push 0x2257f +push ref_0002260f ; push 0x2260f push 0x7d5 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000d8d5: +loc_0000d943: push eax mov eax, dword [ebp - 0x20] mov eax, dword [eax + 4] @@ -22044,7 +22087,7 @@ or eax, 1 push eax push 0x3fff push esi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 lea esi, [ebx + 0x40] pop eax mov eax, dword [ebp - 0x20] @@ -22052,54 +22095,54 @@ pop edx movzx eax, word [eax + 8] push eax push esi -call fcn_00017dcb ; call 0x17dcb -call fcn_000153f0 ; call 0x153f0 +call fcn_00017e8f ; call 0x17e8f +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000d93e ; je 0xd93e +je short loc_0000d9ac ; je 0xd9ac sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x20] add esp, 0x10 movzx edx, word [edx + 8] and eax, 0xfffc cmp eax, edx -je short loc_0000d93e ; je 0xd93e +je short loc_0000d9ac ; je 0xd9ac push edi -push ref_000225ba ; push 0x225ba +push ref_0002264a ; push 0x2264a push 0x7e1 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000d93e: +loc_0000d9ac: mov eax, dword [ebp - 0x20] cmp word [eax + 8], 0 lea eax, [ebx + 0x44] -je short loc_0000d95a ; je 0xd95a +je short loc_0000d9c8 ; je 0xd9c8 push esi push esi push 0x80 push eax -call fcn_0001866c ; call 0x1866c -jmp short loc_0000d964 ; jmp 0xd964 +call fcn_00018730 ; call 0x18730 +jmp short loc_0000d9d2 ; jmp 0xd9d2 -loc_0000d95a: +loc_0000d9c8: push ecx push ecx push 0x7f push eax -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d -loc_0000d964: +loc_0000d9d2: add esp, 0x10 push eax push eax push 2 lea eax, [ebx + 0xa6] push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 lea esi, [ebx + 0x48] pop eax mov eax, dword [ebp - 0x20] @@ -22107,47 +22150,47 @@ pop edx movzx eax, word [eax + 0xa] push eax push esi -call fcn_00017dcb ; call 0x17dcb -call fcn_000153f0 ; call 0x153f0 +call fcn_00017e8f ; call 0x17e8f +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000d9ca ; je 0xd9ca +je short loc_0000da38 ; je 0xda38 sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x20] add esp, 0x10 movzx edx, word [edx + 0xa] and eax, 0xfffc cmp eax, edx -je short loc_0000d9ca ; je 0xd9ca +je short loc_0000da38 ; je 0xda38 push eax -push ref_00022601 ; push 0x22601 +push ref_00022691 ; push 0x22691 push 0x800 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000d9ca: +loc_0000da38: mov eax, dword [ebp - 0x20] cmp word [eax + 0xa], 0 lea eax, [ebx + 0x4c] -je short loc_0000d9e3 ; je 0xd9e3 +je short loc_0000da51 ; je 0xda51 push edi push edi push 0x10 push eax -call fcn_0001866c ; call 0x1866c -jmp short loc_0000d9f0 ; jmp 0xd9f0 +call fcn_00018730 ; call 0x18730 +jmp short loc_0000da5e ; jmp 0xda5e -loc_0000d9e3: +loc_0000da51: push esi push esi push 0xef push eax -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d -loc_0000d9f0: +loc_0000da5e: mov eax, dword [ebp - 0x20] add esp, 0x10 mov dl, byte [eax + 0x40e] @@ -22166,196 +22209,196 @@ and edx, 0x22 push edx push eax push ebx -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a pop ebx push dword [ebp - 0x20] -call fcn_0000cb8e ; call 0xcb8e +call fcn_0000cbfc ; call 0xcbfc mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000da74 ; je 0xda74 +je short loc_0000dae2 ; je 0xdae2 test ebx, ebx -jns short loc_0000da74 ; jns 0xda74 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000dae2 ; jns 0xdae2 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000da5c ; je 0xda5c +je short loc_0000daca ; je 0xdaca push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000da5c: +loc_0000daca: push edi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x828 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000da74: +loc_0000dae2: sub esp, 0xc push dword [ebp - 0x20] -call fcn_000113df ; call 0x113df +call fcn_0001146f ; call 0x1146f mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000dac6 ; je 0xdac6 +je short loc_0000db34 ; je 0xdb34 test ebx, ebx -jns short loc_0000dac6 ; jns 0xdac6 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000db34 ; jns 0xdb34 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000daae ; je 0xdaae +je short loc_0000db1c ; je 0xdb1c push esi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000daae: +loc_0000db1c: push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x82a -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000dac6: +loc_0000db34: sub esp, 0xc push dword [ebp - 0x20] -call fcn_0000ce93 ; call 0xce93 +call fcn_0000cf01 ; call 0xcf01 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000db18 ; je 0xdb18 +je short loc_0000db86 ; je 0xdb86 test ebx, ebx -jns short loc_0000db18 ; jns 0xdb18 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000db86 ; jns 0xdb86 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000db00 ; je 0xdb00 +je short loc_0000db6e ; je 0xdb6e push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000db00: +loc_0000db6e: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x82d -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000db18: +loc_0000db86: sub esp, 0xc push dword [ebp - 0x20] -call fcn_0000d0c1 ; call 0xd0c1 +call fcn_0000d12f ; call 0xd12f mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000db6a ; je 0xdb6a +je short loc_0000dbd8 ; je 0xdbd8 test ebx, ebx -jns short loc_0000db6a ; jns 0xdb6a -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000dbd8 ; jns 0xdbd8 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000db52 ; je 0xdb52 +je short loc_0000dbc0 ; je 0xdbc0 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000db52: +loc_0000dbc0: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x830 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000db6a: +loc_0000dbd8: sub esp, 0xc push dword [ebp - 0x20] -call fcn_0000d55b ; call 0xd55b +call fcn_0000d5c9 ; call 0xd5c9 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000dbbc ; je 0xdbbc +je short loc_0000dc2a ; je 0xdc2a test ebx, ebx -jns short loc_0000dbbc ; jns 0xdbbc -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000dc2a ; jns 0xdc2a +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000dba4 ; je 0xdba4 +je short loc_0000dc12 ; je 0xdc12 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000dba4: +loc_0000dc12: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x832 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000dbbc: +loc_0000dc2a: sub esp, 0xc push dword [ebp - 0x20] -call fcn_0000d717 ; call 0xd717 +call fcn_0000d785 ; call 0xd785 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000dc0e ; je 0xdc0e +je short loc_0000dc7c ; je 0xdc7c test ebx, ebx -jns short loc_0000dc0e ; jns 0xdc0e -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000dc7c ; jns 0xdc7c +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000dbf6 ; je 0xdbf6 +je short loc_0000dc64 ; je 0xdc64 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000dbf6: +loc_0000dc64: push edi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x834 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000dc0e: +loc_0000dc7c: sub esp, 0xc lea eax, [ebp - 0x1c] push eax -call fcn_000196d3 ; call 0x196d3 +call fcn_00019797 ; call 0x19797 add esp, 0x10 test eax, eax -js short loc_0000dc98 ; js 0xdc98 +js short loc_0000dd06 ; js 0xdd06 mov eax, dword [ebp - 0x1c] cmp eax, 0x11 -je short loc_0000dc98 ; je 0xdc98 +je short loc_0000dd06 ; je 0xdd06 cmp eax, 0x20 -je short loc_0000dc98 ; je 0xdc98 +je short loc_0000dd06 ; je 0xdd06 mov eax, dword [ebp - 0x20] cmp byte [eax + 0x339], 0 -je short loc_0000dc98 ; je 0xdc98 +je short loc_0000dd06 ; je 0xdd06 movzx ecx, byte [eax] add eax, 0x284 mov edx, dword [eax - 0x26a] @@ -22363,73 +22406,73 @@ push ecx push edx push edx push eax -call fcn_000116c1 ; call 0x116c1 +call fcn_00011751 ; call 0x11751 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000dc98 ; je 0xdc98 +je short loc_0000dd06 ; je 0xdd06 test ebx, ebx -jns short loc_0000dc98 ; jns 0xdc98 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000dd06 ; jns 0xdd06 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000dc80 ; je 0xdc80 +je short loc_0000dcee ; je 0xdcee push esi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000dc80: +loc_0000dcee: push ebx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x848 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000dc98: -call fcn_000153e9 ; call 0x153e9 +loc_0000dd06: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000dcb2 ; je 0xdcb2 +je short loc_0000dd20 ; je 0xdd20 push ecx push ecx -push ref_0002264a ; push 0x2264a +push ref_000226da ; push 0x226da push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000dcb2: +loc_0000dd20: sub esp, 0xc -push ref_00026ec4 ; push 0x26ec4 -call fcn_00019667 ; call 0x19667 +push ref_00026f74 ; push 0x26f74 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000dd06 ; je 0xdd06 +je short loc_0000dd74 ; je 0xdd74 test ebx, ebx -jns short loc_0000dd06 ; jns 0xdd06 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000dd74 ; jns 0xdd74 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000dcee ; je 0xdcee +je short loc_0000dd5c ; je 0xdd5c push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000dcee: +loc_0000dd5c: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x853 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000dd06: +loc_0000dd74: lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -22438,7 +22481,7 @@ pop edi pop ebp ret -fcn_0000dd10: ; not directly referenced +fcn_0000dd7e: ; not directly referenced push ebp mov ebp, esp push edi @@ -22446,24 +22489,24 @@ push esi push ebx sub esp, 0x1c mov ebx, dword [ebp + 0xc] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000dd36 ; je 0xdd36 +je short loc_0000dda4 ; je 0xdda4 push eax push eax -push ref_00022661 ; push 0x22661 +push ref_000226f1 ; push 0x226f1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000dd36: ; not directly referenced +loc_0000dda4: ; not directly referenced cmp byte [ebx], 5 -jbe loc_0000ddcb ; jbe 0xddcb +jbe loc_0000de39 ; jbe 0xde39 xor edx, edx -loc_0000dd41: ; not directly referenced +loc_0000ddaf: ; not directly referenced cmp dl, byte [ebx + 0x526] -jae short loc_0000dd72 ; jae 0xdd72 +jae short loc_0000dde0 ; jae 0xdde0 movzx eax, dl mov esi, dword [ebp + 8] push edi @@ -22473,18 +22516,18 @@ push dword [eax + 0x4e2] add esi, dword [eax + 0x4de] mov dword [ebp - 0x1c], edx push esi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov edx, dword [ebp - 0x1c] add esp, 0x10 inc edx -jmp short loc_0000dd41 ; jmp 0xdd41 +jmp short loc_0000ddaf ; jmp 0xddaf -loc_0000dd72: ; not directly referenced +loc_0000dde0: ; not directly referenced xor edx, edx -loc_0000dd74: ; not directly referenced +loc_0000dde2: ; not directly referenced cmp dl, byte [ebx + 0x553] -jae short loc_0000dda8 ; jae 0xdda8 +jae short loc_0000de16 ; jae 0xde16 movzx eax, dl lea eax, [ebx + eax*4] push esi @@ -22495,45 +22538,45 @@ push ecx movzx eax, word [eax + 0x527] add eax, dword [ebp + 8] push eax -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 mov edx, dword [ebp - 0x1c] add esp, 0x10 inc edx -jmp short loc_0000dd74 ; jmp 0xdd74 +jmp short loc_0000dde2 ; jmp 0xdde2 -loc_0000dda8: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000de16: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je loc_0000de59 ; je 0xde59 +je loc_0000dec7 ; je 0xdec7 push eax push eax -push ref_00022688 ; push 0x22688 +push ref_00022718 ; push 0x22718 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp near loc_0000de59 ; jmp 0xde59 +jmp near loc_0000dec7 ; jmp 0xdec7 -loc_0000ddcb: ; not directly referenced -call fcn_0001bef7 ; call 0x1bef7 -mov esi, ref_00026eec ; mov esi, 0x26eec -mov edx, ref_00026f10 ; mov edx, 0x26f10 -mov edi, ref_00026f28 ; mov edi, 0x26f28 +loc_0000de39: ; not directly referenced +call fcn_0001bfbb ; call 0x1bfbb +mov esi, ref_00026f9c ; mov esi, 0x26f9c +mov edx, ref_00026fc0 ; mov edx, 0x26fc0 +mov edi, ref_00026fd8 ; mov edi, 0x26fd8 cmp eax, 2 sete bl setne cl cmovne esi, edx movzx ebx, bl -mov edx, ref_00026f50 ; mov edx, 0x26f50 +mov edx, ref_00027000 ; mov edx, 0x27000 movzx ecx, cl cmovne edi, edx add ecx, 5 lea ebx, [ebx + ebx*2 + 6] xor edx, edx -loc_0000de02: ; not directly referenced +loc_0000de70: ; not directly referenced movzx eax, dl cmp eax, ecx -jae short loc_0000de2e ; jae 0xde2e +jae short loc_0000de9c ; jae 0xde9c mov dword [ebp - 0x20], ecx lea eax, [edi + eax*8] push ecx @@ -22543,21 +22586,21 @@ push dword [eax + 4] add ecx, dword [eax] mov dword [ebp - 0x1c], edx push ecx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov edx, dword [ebp - 0x1c] add esp, 0x10 mov ecx, dword [ebp - 0x20] inc edx -jmp short loc_0000de02 ; jmp 0xde02 +jmp short loc_0000de70 ; jmp 0xde70 -loc_0000de2e: ; not directly referenced +loc_0000de9c: ; not directly referenced xor edi, edi -loc_0000de30: ; not directly referenced +loc_0000de9e: ; not directly referenced mov eax, edi movzx eax, al cmp eax, ebx -jae loc_0000dda8 ; jae 0xdda8 +jae loc_0000de16 ; jae 0xde16 lea eax, [esi + eax*4] inc edi push edx @@ -22567,11 +22610,11 @@ push edx movzx eax, word [eax] add eax, dword [ebp + 8] push eax -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 add esp, 0x10 -jmp short loc_0000de30 ; jmp 0xde30 +jmp short loc_0000de9e ; jmp 0xde9e -loc_0000de59: ; not directly referenced +loc_0000dec7: ; not directly referenced lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -22580,50 +22623,50 @@ pop edi pop ebp ret -fcn_0000de63: +fcn_0000ded1: push ebp mov ebp, esp push edi push esi push ebx sub esp, 0xc -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000de86 ; je 0xde86 +je short loc_0000def4 ; je 0xdef4 push ebx push ebx -push ref_000226ad ; push 0x226ad +push ref_0002273d ; push 0x2273d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000de86: +loc_0000def4: push ecx push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edi, eax lea eax, [eax + 0xa4] mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 4 -je loc_0000df64 ; je 0xdf64 +je loc_0000dfd2 ; je 0xdfd2 push ecx push ecx push 1 push dword [ebp + 8] -call fcn_0001bd8b ; call 0x1bd8b +call fcn_0001be4f ; call 0x1be4f mov dword [esp], 0x70 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 pop esi mov bl, al pop eax and ebx, 0xffffff80 push 0 push dword [ebp + 8] -call fcn_0001bd8b ; call 0x1bd8b +call fcn_0001be4f ; call 0x1be4f mov dl, bl or ebx, 0xb or edx, 0xa @@ -22633,53 +22676,53 @@ movzx esi, dl pop edx push esi push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov dword [esp], 0x71 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 pop ecx pop edx and eax, 0x8f or eax, 0x60 push eax push 0x71 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea pop ecx pop eax push ebx push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea pop eax pop edx push 0x80 push 0x71 -call fcn_00017ebb ; call 0x17ebb +call fcn_00017f7f ; call 0x17f7f pop ecx pop eax push esi push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov dword [esp], 0x71 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 pop edx pop ecx and eax, 0x8f or eax, 0x20 push eax push 0x71 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea pop esi pop eax push ebx push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea pop eax pop edx push 0x7f push 0x71 -call fcn_00017ee8 ; call 0x17ee8 +call fcn_00017fac ; call 0x17fac add esp, 0x10 -loc_0000df64: +loc_0000dfd2: mov eax, dword [ebp + 8] add edi, 0xdc push edx @@ -22687,24 +22730,24 @@ push edx push 0x10 lea esi, [eax + 0x3310] push esi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0xc push 8 push 0xf3 push edi -call fcn_000186c6 ; call 0x186c6 -call fcn_000153e9 ; call 0x153e9 +call fcn_0001878a ; call 0x1878a +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_0000dfaa ; je 0xdfaa +je short loc_0000e018 ; je 0xe018 push eax push eax -push ref_000226c5 ; push 0x226c5 +push ref_00022755 ; push 0x22755 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000dfaa: +loc_0000e018: lea esp, [ebp - 0xc] pop ebx pop esi @@ -22712,217 +22755,217 @@ pop edi pop ebp ret -fcn_0000dfb2: +fcn_0000e020: push ebp mov ebp, esp push esi push ebx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000dfd1 ; je 0xdfd1 +je short loc_0000e03f ; je 0xe03f push esi push esi -push ref_000226db ; push 0x226db +push ref_0002276b ; push 0x2276b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000dfd1: -call fcn_0001bcb1 ; call 0x1bcb1 +loc_0000e03f: +call fcn_0001bd75 ; call 0x1bd75 test al, al -jne short loc_0000e018 ; jne 0xe018 -call fcn_000153e9 ; call 0x153e9 +jne short loc_0000e086 ; jne 0xe086 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000dff7 ; je 0xdff7 +je short loc_0000e065 ; je 0xe065 push ebx push ebx -push ref_000226f8 ; push 0x226f8 +push ref_00022788 ; push 0x22788 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000dff7: -call fcn_000153f0 ; call 0x153f0 +loc_0000e065: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0000e018 ; je 0xe018 +je short loc_0000e086 ; je 0xe086 push ecx -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x974 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000e018: +loc_0000e086: push edx push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xf0 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ebx, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 and ebx, 0xffffc000 add esp, 0x10 test al, al -je short loc_0000e056 ; je 0xe056 +je short loc_0000e0c4 ; je 0xe0c4 push eax push eax -push ref_00022732 ; push 0x22732 +push ref_000227c2 ; push 0x227c2 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e056: -call fcn_000153f0 ; call 0x153f0 +loc_0000e0c4: +call fcn_00015480 ; call 0x15480 sub esp, 0xc push ebx -call fcn_0000de63 ; call 0xde63 +call fcn_0000ded1 ; call 0xded1 mov dword [esp], 0xc -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 mov ebx, eax test eax, eax -jne short loc_0000e0a0 ; jne 0xe0a0 -call fcn_000153e9 ; call 0x153e9 +jne short loc_0000e10e ; jne 0xe10e +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e096 ; je 0xe096 +je short loc_0000e104 ; je 0xe104 push eax push eax -push ref_0002275b ; push 0x2275b +push ref_000227eb ; push 0x227eb -loc_0000e089: +loc_0000e0f7: push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e096: +loc_0000e104: mov ebx, 0x80000009 -jmp near loc_0000e1f4 ; jmp 0xe1f4 +jmp near loc_0000e262 ; jmp 0xe262 -loc_0000e0a0: +loc_0000e10e: sub esp, 0xc push 0x28 -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 mov esi, eax test eax, eax -jne short loc_0000e0c5 ; jne 0xe0c5 -call fcn_000153e9 ; call 0x153e9 +jne short loc_0000e133 ; jne 0xe133 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e096 ; je 0xe096 +je short loc_0000e104 ; je 0xe104 push eax push eax -push ref_00022791 ; push 0x22791 -jmp short loc_0000e089 ; jmp 0xe089 +push ref_00022821 ; push 0x22821 +jmp short loc_0000e0f7 ; jmp 0xe0f7 -loc_0000e0c5: +loc_0000e133: push eax push 0x28 -push ref_00026f80 ; push 0x26f80 +push ref_00027030 ; push 0x27030 push esi -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e mov dword [ebx], 0x80000010 -mov dword [ebx + 4], ref_000290cc ; mov dword [ebx + 4], 0x290cc +mov dword [ebx + 4], ref_0002917c ; mov dword [ebx + 4], 0x2917c mov dword [ebx + 8], esi mov dword [esp], ebx -call fcn_00019667 ; call 0x19667 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000e132 ; je 0xe132 +je short loc_0000e1a0 ; je 0xe1a0 test ebx, ebx -jns short loc_0000e132 ; jns 0xe132 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000e1a0 ; jns 0xe1a0 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e11a ; je 0xe11a +je short loc_0000e188 ; je 0xe188 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e11a: +loc_0000e188: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x99d -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000e132: +loc_0000e1a0: sub esp, 0xc -push ref_00026ed0 ; push 0x26ed0 -call fcn_00019667 ; call 0x19667 +push ref_00026f80 ; push 0x26f80 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000e186 ; je 0xe186 +je short loc_0000e1f4 ; je 0xe1f4 test ebx, ebx -jns short loc_0000e186 ; jns 0xe186 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000e1f4 ; jns 0xe1f4 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e16e ; je 0xe16e +je short loc_0000e1dc ; je 0xe1dc push esi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e16e: +loc_0000e1dc: push ebx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x9a3 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000e186: +loc_0000e1f4: sub esp, 0xc -push ref_00026eac ; push 0x26eac -call fcn_000196bb ; call 0x196bb +push ref_00026f5c ; push 0x26f5c +call fcn_0001977f ; call 0x1977f mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0000e1da ; je 0xe1da +je short loc_0000e248 ; je 0xe248 test ebx, ebx -jns short loc_0000e1da ; jns 0xe1da -call fcn_000153e9 ; call 0x153e9 +jns short loc_0000e248 ; jns 0xe248 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e1c2 ; je 0xe1c2 +je short loc_0000e230 ; je 0xe230 push ecx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e1c2: +loc_0000e230: push edx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x9a9 -push ref_00022290 ; push 0x22290 -call fcn_000153fc ; call 0x153fc +push ref_00022320 ; push 0x22320 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0000e1da: -call fcn_000153e9 ; call 0x153e9 +loc_0000e248: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e1f4 ; je 0xe1f4 +je short loc_0000e262 ; je 0xe262 push eax push eax -push ref_000227c3 ; push 0x227c3 +push ref_00022853 ; push 0x22853 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e1f4: +loc_0000e262: lea esp, [ebp - 8] mov eax, ebx pop ebx @@ -22930,350 +22973,350 @@ pop esi pop ebp ret -fcn_0000e1fd: ; not directly referenced +fcn_0000e26b: ; not directly referenced push ebp mov ebp, esp push esi push ebx mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e21f ; je 0xe21f +je short loc_0000e28d ; je 0xe28d push edx push edx -push ref_000227de ; push 0x227de +push ref_0002286e ; push 0x2286e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e21f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e28d: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e240 ; je 0xe240 +je short loc_0000e2ae ; je 0xe2ae push eax movzx eax, byte [ebx + 0xb4] push eax -push ref_00022814 ; push 0x22814 +push ref_000228a4 ; push 0x228a4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e240: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e2ae: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e261 ; je 0xe261 +je short loc_0000e2cf ; je 0xe2cf push eax movzx eax, byte [ebx + 0xb5] push eax -push ref_00022814 ; push 0x22814 +push ref_000228a4 ; push 0x228a4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e261: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e2cf: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e27f ; je 0xe27f +je short loc_0000e2ed ; je 0xe2ed push eax movzx eax, byte [ebx + 1] push eax -push ref_00022828 ; push 0x22828 +push ref_000228b8 ; push 0x228b8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e27f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e2ed: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e29d ; je 0xe29d +je short loc_0000e30b ; je 0xe30b push eax movzx eax, byte [ebx + 9] push eax -push ref_00022838 ; push 0x22838 +push ref_000228c8 ; push 0x228c8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e29d: ; not directly referenced +loc_0000e30b: ; not directly referenced xor esi, esi -loc_0000e29f: ; not directly referenced -call fcn_0001c19d ; call 0x1c19d +loc_0000e30d: ; not directly referenced +call fcn_0001c261 ; call 0x1c261 movzx eax, al cmp esi, eax -jae short loc_0000e2ec ; jae 0xe2ec -call fcn_000153e9 ; call 0x153e9 +jae short loc_0000e35a ; jae 0xe35a +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e2ca ; je 0xe2ca +je short loc_0000e338 ; je 0xe338 movzx eax, byte [ebx + esi*8 + 0x2c] push eax push esi -push ref_00022848 ; push 0x22848 +push ref_000228d8 ; push 0x228d8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e2ca: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e338: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e2e9 ; je 0xe2e9 +je short loc_0000e357 ; je 0xe357 movzx eax, byte [ebx + esi*8 + 0x32] push eax push esi -push ref_00022867 ; push 0x22867 +push ref_000228f7 ; push 0x228f7 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e2e9: ; not directly referenced +loc_0000e357: ; not directly referenced inc esi -jmp short loc_0000e29f ; jmp 0xe29f +jmp short loc_0000e30d ; jmp 0xe30d -loc_0000e2ec: ; not directly referenced +loc_0000e35a: ; not directly referenced xor esi, esi -loc_0000e2ee: ; not directly referenced -call fcn_0001c234 ; call 0x1c234 +loc_0000e35c: ; not directly referenced +call fcn_0001c2f8 ; call 0x1c2f8 movzx eax, al cmp esi, eax -jae short loc_0000e31f ; jae 0xe31f -call fcn_000153e9 ; call 0x153e9 +jae short loc_0000e38d ; jae 0xe38d +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e31c ; je 0xe31c +je short loc_0000e38a ; je 0xe38a movzx eax, byte [ebx + esi*4 + 0x9c] push eax push esi -push ref_00022888 ; push 0x22888 +push ref_00022918 ; push 0x22918 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e31c: ; not directly referenced +loc_0000e38a: ; not directly referenced inc esi -jmp short loc_0000e2ee ; jmp 0xe2ee +jmp short loc_0000e35c ; jmp 0xe35c -loc_0000e31f: ; not directly referenced +loc_0000e38d: ; not directly referenced xor esi, esi -loc_0000e321: ; not directly referenced -call fcn_0001c181 ; call 0x1c181 +loc_0000e38f: ; not directly referenced +call fcn_0001c245 ; call 0x1c245 movzx eax, al cmp esi, eax -jae short loc_0000e34e ; jae 0xe34e -call fcn_000153e9 ; call 0x153e9 +jae short loc_0000e3bc ; jae 0xe3bc +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e34b ; je 0xe34b +je short loc_0000e3b9 ; je 0xe3b9 movzx eax, byte [ebx + esi*8] push eax push esi -push ref_000228a9 ; push 0x228a9 +push ref_00022939 ; push 0x22939 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e34b: ; not directly referenced +loc_0000e3b9: ; not directly referenced inc esi -jmp short loc_0000e321 ; jmp 0xe321 +jmp short loc_0000e38f ; jmp 0xe38f -loc_0000e34e: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e3bc: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e36c ; je 0xe36c +je short loc_0000e3da ; je 0xe3da push eax movzx eax, byte [ebx + 0x10] push eax -push ref_000228c9 ; push 0x228c9 +push ref_00022959 ; push 0x22959 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e36c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e3da: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e38a ; je 0xe38a +je short loc_0000e3f8 ; je 0xe3f8 push eax movzx eax, byte [ebx + 0x11] push eax -push ref_000228e2 ; push 0x228e2 +push ref_00022972 ; push 0x22972 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e38a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e3f8: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e3a8 ; je 0xe3a8 +je short loc_0000e416 ; je 0xe416 push esi movzx eax, byte [ebx + 0x12] push eax -push ref_00022905 ; push 0x22905 +push ref_00022995 ; push 0x22995 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e3a8: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e416: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e3c6 ; je 0xe3c6 +je short loc_0000e434 ; je 0xe434 push ecx movzx eax, byte [ebx + 0x13] push eax -push ref_0002291e ; push 0x2291e +push ref_000229ae ; push 0x229ae push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e3c6: ; not directly referenced +loc_0000e434: ; not directly referenced xor esi, esi -loc_0000e3c8: ; not directly referenced -call fcn_0001c1d4 ; call 0x1c1d4 +loc_0000e436: ; not directly referenced +call fcn_0001c298 ; call 0x1c298 movzx eax, al cmp esi, eax -jae short loc_0000e40a ; jae 0xe40a +jae short loc_0000e478 ; jae 0xe478 cmp byte [ebx + esi + 0x14], 0 -jne short loc_0000e3ed ; jne 0xe3ed -call fcn_000153e9 ; call 0x153e9 +jne short loc_0000e45b ; jne 0xe45b +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e407 ; je 0xe407 +je short loc_0000e475 ; je 0xe475 push edx push esi -push ref_0002293d ; push 0x2293d -jmp short loc_0000e3fd ; jmp 0xe3fd +push ref_000229cd ; push 0x229cd +jmp short loc_0000e46b ; jmp 0xe46b -loc_0000e3ed: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e45b: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e407 ; je 0xe407 +je short loc_0000e475 ; je 0xe475 push eax push esi -push ref_00022972 ; push 0x22972 +push ref_00022a02 ; push 0x22a02 -loc_0000e3fd: ; not directly referenced +loc_0000e46b: ; not directly referenced push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e407: ; not directly referenced +loc_0000e475: ; not directly referenced inc esi -jmp short loc_0000e3c8 ; jmp 0xe3c8 +jmp short loc_0000e436 ; jmp 0xe436 -loc_0000e40a: ; not directly referenced +loc_0000e478: ; not directly referenced xor esi, esi -loc_0000e40c: ; not directly referenced -call fcn_0001c234 ; call 0x1c234 +loc_0000e47a: ; not directly referenced +call fcn_0001c2f8 ; call 0x1c2f8 movzx eax, al cmp esi, eax -jae short loc_0000e43a ; jae 0xe43a -call fcn_000153e9 ; call 0x153e9 +jae short loc_0000e4a8 ; jae 0xe4a8 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e437 ; je 0xe437 +je short loc_0000e4a5 ; je 0xe4a5 movzx eax, byte [ebx + esi + 0x22] push eax push esi -push ref_000229a7 ; push 0x229a7 +push ref_00022a37 ; push 0x22a37 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e437: ; not directly referenced +loc_0000e4a5: ; not directly referenced inc esi -jmp short loc_0000e40c ; jmp 0xe40c +jmp short loc_0000e47a ; jmp 0xe47a -loc_0000e43a: ; not directly referenced +loc_0000e4a8: ; not directly referenced xor esi, esi -loc_0000e43c: ; not directly referenced -call fcn_0001c19d ; call 0x1c19d +loc_0000e4aa: ; not directly referenced +call fcn_0001c261 ; call 0x1c261 movzx eax, al cmp esi, eax -jae short loc_0000e4a8 ; jae 0xe4a8 -call fcn_000153e9 ; call 0x153e9 +jae short loc_0000e516 ; jae 0xe516 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e467 ; je 0xe467 +je short loc_0000e4d5 ; je 0xe4d5 movzx eax, byte [ebx + esi*8 + 0x2d] push eax push esi -push ref_000229db ; push 0x229db +push ref_00022a6b ; push 0x22a6b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e467: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e4d5: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e486 ; je 0xe486 +je short loc_0000e4f4 ; je 0xe4f4 movzx eax, byte [ebx + esi*8 + 0x2e] push eax push esi -push ref_00022a00 ; push 0x22a00 +push ref_00022a90 ; push 0x22a90 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e486: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e4f4: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e4a5 ; je 0xe4a5 +je short loc_0000e513 ; je 0xe513 movzx eax, byte [ebx + esi*8 + 0x2f] push eax push esi -push ref_00022a30 ; push 0x22a30 +push ref_00022ac0 ; push 0x22ac0 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e4a5: ; not directly referenced +loc_0000e513: ; not directly referenced inc esi -jmp short loc_0000e43c ; jmp 0xe43c +jmp short loc_0000e4aa ; jmp 0xe4aa -loc_0000e4a8: ; not directly referenced +loc_0000e516: ; not directly referenced xor esi, esi -loc_0000e4aa: ; not directly referenced -call fcn_0001c234 ; call 0x1c234 +loc_0000e518: ; not directly referenced +call fcn_0001c2f8 ; call 0x1c2f8 movzx eax, al cmp esi, eax -jae short loc_0000e4fd ; jae 0xe4fd -call fcn_000153e9 ; call 0x153e9 +jae short loc_0000e56b ; jae 0xe56b +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e4d8 ; je 0xe4d8 +je short loc_0000e546 ; je 0xe546 movzx eax, byte [ebx + esi*4 + 0x9d] push eax push esi -push ref_00022a60 ; push 0x22a60 +push ref_00022af0 ; push 0x22af0 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e4d8: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e546: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e4fa ; je 0xe4fa +je short loc_0000e568 ; je 0xe568 movzx eax, byte [ebx + esi*4 + 0x9e] push eax push esi -push ref_00022a85 ; push 0x22a85 +push ref_00022b15 ; push 0x22b15 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e4fa: ; not directly referenced +loc_0000e568: ; not directly referenced inc esi -jmp short loc_0000e4aa ; jmp 0xe4aa +jmp short loc_0000e518 ; jmp 0xe518 -loc_0000e4fd: ; not directly referenced +loc_0000e56b: ; not directly referenced xor esi, esi -loc_0000e4ff: ; not directly referenced -call fcn_0001c158 ; call 0x1c158 +loc_0000e56d: ; not directly referenced +call fcn_0001c21c ; call 0x1c21c movzx eax, al cmp esi, eax -jae short loc_0000e53d ; jae 0xe53d -call fcn_000153e9 ; call 0x153e9 +jae short loc_0000e5ab ; jae 0xe5ab +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e53a ; je 0xe53a +je short loc_0000e5a8 ; je 0xe5a8 mov ax, word [ebx + esi*8 + 0x30] sub esp, 0xc mov edx, eax @@ -23283,175 +23326,175 @@ push edx movzx eax, ax push eax push esi -push ref_00022aac ; push 0x22aac +push ref_00022b3c ; push 0x22b3c push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_0000e53a: ; not directly referenced +loc_0000e5a8: ; not directly referenced inc esi -jmp short loc_0000e4ff ; jmp 0xe4ff +jmp short loc_0000e56d ; jmp 0xe56d -loc_0000e53d: ; not directly referenced +loc_0000e5ab: ; not directly referenced lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0000e544: ; not directly referenced +fcn_0000e5b2: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 8] push ebx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e566 ; je 0xe566 +je short loc_0000e5d4 ; je 0xe5d4 push eax push eax -push ref_00022aca ; push 0x22aca +push ref_00022b5a ; push 0x22b5a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e566: ; not directly referenced +loc_0000e5d4: ; not directly referenced xor ebx, ebx -loc_0000e568: ; not directly referenced -call fcn_0001c234 ; call 0x1c234 +loc_0000e5d6: ; not directly referenced +call fcn_0001c2f8 ; call 0x1c2f8 movzx eax, al cmp ebx, eax -jae loc_0000e6aa ; jae 0xe6aa -call fcn_000153e9 ; call 0x153e9 +jae loc_0000e718 ; jae 0xe718 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e596 ; je 0xe596 +je short loc_0000e604 ; je 0xe604 movzx eax, byte [esi + ebx*8] push eax push ebx -push ref_00022b09 ; push 0x22b09 +push ref_00022b99 ; push 0x22b99 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e596: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e604: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e5b5 ; je 0xe5b5 +je short loc_0000e623 ; je 0xe623 movzx eax, byte [esi + ebx*8 + 1] push eax push ebx -push ref_00022b3a ; push 0x22b3a +push ref_00022bca ; push 0x22bca push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e5b5: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e623: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e5d4 ; je 0xe5d4 +je short loc_0000e642 ; je 0xe642 movzx eax, byte [esi + ebx*8 + 2] push eax push ebx -push ref_00022b6e ; push 0x22b6e +push ref_00022bfe ; push 0x22bfe push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e5d4: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e642: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e5f5 ; je 0xe5f5 +je short loc_0000e663 ; je 0xe663 mov al, byte [esi + ebx*8 + 3] and eax, 1 push eax push ebx -push ref_00022b9b ; push 0x22b9b +push ref_00022c2b ; push 0x22c2b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e5f5: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e663: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e618 ; je 0xe618 +je short loc_0000e686 ; je 0xe686 mov al, byte [esi + ebx*8 + 3] shr al, 1 movzx eax, al push eax push ebx -push ref_00022bc5 ; push 0x22bc5 +push ref_00022c55 ; push 0x22c55 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e618: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e686: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e639 ; je 0xe639 +je short loc_0000e6a7 ; je 0xe6a7 mov al, byte [esi + ebx*8 + 4] and eax, 1 push eax push ebx -push ref_00022bf7 ; push 0x22bf7 +push ref_00022c87 ; push 0x22c87 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e639: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e6a7: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e65c ; je 0xe65c +je short loc_0000e6ca ; je 0xe6ca mov al, byte [esi + ebx*8 + 4] shr al, 1 and eax, 1 push eax push ebx -push ref_00022c2e ; push 0x22c2e +push ref_00022cbe ; push 0x22cbe push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e65c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e6ca: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e680 ; je 0xe680 +je short loc_0000e6ee ; je 0xe6ee mov al, byte [esi + ebx*8 + 4] shr al, 2 and eax, 1 push eax push ebx -push ref_00022c68 ; push 0x22c68 +push ref_00022cf8 ; push 0x22cf8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e680: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e6ee: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e6a4 ; je 0xe6a4 +je short loc_0000e712 ; je 0xe712 mov al, byte [esi + ebx*8 + 4] shr al, 3 and eax, 1 push eax push ebx -push ref_00022c9b ; push 0x22c9b +push ref_00022d2b ; push 0x22d2b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e6a4: ; not directly referenced +loc_0000e712: ; not directly referenced inc ebx -jmp near loc_0000e568 ; jmp 0xe568 +jmp near loc_0000e5d6 ; jmp 0xe5d6 -loc_0000e6aa: ; not directly referenced +loc_0000e718: ; not directly referenced lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0000e6b1: ; not directly referenced +fcn_0000e71f: ; not directly referenced push ebp mov ebp, esp push edi @@ -23459,520 +23502,520 @@ push esi push ebx sub esp, 0xc mov esi, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e6d7 ; je 0xe6d7 +je short loc_0000e745 ; je 0xe745 push eax push eax -push ref_00022cc7 ; push 0x22cc7 +push ref_00022d57 ; push 0x22d57 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e6d7: ; not directly referenced +loc_0000e745: ; not directly referenced lea edi, [esi + 0x1e] xor ebx, ebx -loc_0000e6dc: ; not directly referenced -call fcn_0001c0fb ; call 0x1c0fb +loc_0000e74a: ; not directly referenced +call fcn_0001c1bf ; call 0x1c1bf movzx eax, al cmp ebx, eax -jae loc_0000eb32 ; jae 0xeb32 -call fcn_000153e9 ; call 0x153e9 +jae loc_0000eba0 ; jae 0xeba0 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e70f ; je 0xe70f +je short loc_0000e77d ; je 0xe77d imul eax, ebx, 0x2c mov al, byte [esi + eax] and eax, 1 push eax push ebx -push ref_00022cfe ; push 0x22cfe +push ref_00022d8e ; push 0x22d8e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e70f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e77d: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e734 ; je 0xe734 +je short loc_0000e7a2 ; je 0xe7a2 imul eax, ebx, 0x2c mov al, byte [esi + eax] shr al, 1 and eax, 1 push eax push ebx -push ref_00022d19 ; push 0x22d19 +push ref_00022da9 ; push 0x22da9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e734: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e7a2: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e75a ; je 0xe75a +je short loc_0000e7c8 ; je 0xe7c8 imul eax, ebx, 0x2c mov al, byte [esi + eax] shr al, 2 and eax, 1 push eax push ebx -push ref_00022d31 ; push 0x22d31 +push ref_00022dc1 ; push 0x22dc1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e75a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e7c8: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e780 ; je 0xe780 +je short loc_0000e7ee ; je 0xe7ee imul eax, ebx, 0x2c mov al, byte [esi + eax] shr al, 3 and eax, 1 push eax push ebx -push ref_00022d54 ; push 0x22d54 +push ref_00022de4 ; push 0x22de4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e780: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e7ee: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e7a6 ; je 0xe7a6 +je short loc_0000e814 ; je 0xe814 imul eax, ebx, 0x2c mov al, byte [esi + eax] shr al, 4 and eax, 1 push eax push ebx -push ref_00022d6f ; push 0x22d6f +push ref_00022dff ; push 0x22dff push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e7a6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e814: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e7cc ; je 0xe7cc +je short loc_0000e83a ; je 0xe83a imul eax, ebx, 0x2c mov al, byte [esi + eax] shr al, 5 and eax, 1 push eax push ebx -push ref_00022d88 ; push 0x22d88 +push ref_00022e18 ; push 0x22e18 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e7cc: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e83a: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e7f2 ; je 0xe7f2 +je short loc_0000e860 ; je 0xe860 imul eax, ebx, 0x2c mov al, byte [esi + eax + 4] shr al, 1 and eax, 1 push eax push ebx -push ref_00022da3 ; push 0x22da3 +push ref_00022e33 ; push 0x22e33 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e7f2: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e860: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e819 ; je 0xe819 +je short loc_0000e887 ; je 0xe887 imul eax, ebx, 0x2c mov al, byte [esi + eax + 4] shr al, 2 and eax, 1 push eax push ebx -push ref_00022dcf ; push 0x22dcf +push ref_00022e5f ; push 0x22e5f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e819: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e887: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e840 ; je 0xe840 +je short loc_0000e8ae ; je 0xe8ae imul eax, ebx, 0x2c mov al, byte [esi + eax + 4] shr al, 3 and eax, 1 push eax push ebx -push ref_00022df3 ; push 0x22df3 +push ref_00022e83 ; push 0x22e83 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e840: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e8ae: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e867 ; je 0xe867 +je short loc_0000e8d5 ; je 0xe8d5 imul eax, ebx, 0x2c mov al, byte [esi + eax + 4] shr al, 4 and eax, 1 push eax push ebx -push ref_00022e19 ; push 0x22e19 +push ref_00022ea9 ; push 0x22ea9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e867: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e8d5: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e88e ; je 0xe88e +je short loc_0000e8fc ; je 0xe8fc imul eax, ebx, 0x2c mov al, byte [esi + eax + 4] shr al, 5 and eax, 1 push eax push ebx -push ref_00022e43 ; push 0x22e43 +push ref_00022ed3 ; push 0x22ed3 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e88e: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e8fc: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e8b5 ; je 0xe8b5 +je short loc_0000e923 ; je 0xe923 imul eax, ebx, 0x2c mov al, byte [esi + eax + 4] shr al, 6 and eax, 1 push eax push ebx -push ref_00022e63 ; push 0x22e63 +push ref_00022ef3 ; push 0x22ef3 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e8b5: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e923: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e8dc ; je 0xe8dc +je short loc_0000e94a ; je 0xe94a imul eax, ebx, 0x2c mov al, byte [esi + eax + 4] shr al, 7 movzx eax, al push eax push ebx -push ref_00022e8e ; push 0x22e8e +push ref_00022f1e ; push 0x22f1e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e8dc: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e94a: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e900 ; je 0xe900 +je short loc_0000e96e ; je 0xe96e imul eax, ebx, 0x2c mov al, byte [esi + eax + 5] and eax, 1 push eax push ebx -push ref_00022ebc ; push 0x22ebc +push ref_00022f4c ; push 0x22f4c push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e900: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e96e: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e924 ; je 0xe924 +je short loc_0000e992 ; je 0xe992 imul eax, ebx, 0x2c mov al, byte [esi + eax + 4] and eax, 1 push eax push ebx -push ref_00022eed ; push 0x22eed +push ref_00022f7d ; push 0x22f7d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e924: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e992: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e94a ; je 0xe94a +je short loc_0000e9b8 ; je 0xe9b8 imul eax, ebx, 0x2c mov al, byte [esi + eax] shr al, 6 and eax, 1 push eax push ebx -push ref_00022f17 ; push 0x22f17 +push ref_00022fa7 ; push 0x22fa7 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e94a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e9b8: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e968 ; je 0xe968 +je short loc_0000e9d6 ; je 0xe9d6 movzx eax, byte [edi - 0x16] push eax push ebx -push ref_00022f3f ; push 0x22f3f +push ref_00022fcf ; push 0x22fcf push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e968: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e9d6: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e986 ; je 0xe986 +je short loc_0000e9f4 ; je 0xe9f4 movzx eax, byte [edi - 0x15] push eax push ebx -push ref_00022f5c ; push 0x22f5c +push ref_00022fec ; push 0x22fec push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e986: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000e9f4: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e9a4 ; je 0xe9a4 +je short loc_0000ea12 ; je 0xea12 movzx eax, byte [edi - 0x14] push eax push ebx -push ref_00022f7e ; push 0x22f7e +push ref_0002300e ; push 0x2300e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e9a4: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ea12: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e9c2 ; je 0xe9c2 +je short loc_0000ea30 ; je 0xea30 movzx eax, byte [edi - 0x13] push eax push ebx -push ref_00022fa4 ; push 0x22fa4 +push ref_00023034 ; push 0x23034 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e9c2: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ea30: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e9e0 ; je 0xe9e0 +je short loc_0000ea4e ; je 0xea4e movzx eax, byte [edi - 0xe] push eax push ebx -push ref_00022fc9 ; push 0x22fc9 +push ref_00023059 ; push 0x23059 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e9e0: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ea4e: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000e9fe ; je 0xe9fe +je short loc_0000ea6c ; je 0xea6c movzx eax, byte [edi - 0xd] push eax push ebx -push ref_00022fe1 ; push 0x22fe1 +push ref_00023071 ; push 0x23071 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000e9fe: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ea6c: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ea1c ; je 0xea1c +je short loc_0000ea8a ; je 0xea8a movzx eax, byte [edi - 0xc] push eax push ebx -push ref_00023000 ; push 0x23000 +push ref_00023090 ; push 0x23090 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ea1c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ea8a: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ea3a ; je 0xea3a +je short loc_0000eaa8 ; je 0xeaa8 movzx eax, byte [edi - 0xb] push eax push ebx -push ref_0002301d ; push 0x2301d +push ref_000230ad ; push 0x230ad push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ea3a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eaa8: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ea58 ; je 0xea58 +je short loc_0000eac6 ; je 0xeac6 movzx eax, word [edi - 0xa] push eax push ebx -push ref_0002303e ; push 0x2303e +push ref_000230ce ; push 0x230ce push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ea58: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eac6: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ea76 ; je 0xea76 +je short loc_0000eae4 ; je 0xeae4 movzx eax, word [edi - 8] push eax push ebx -push ref_00023064 ; push 0x23064 +push ref_000230f4 ; push 0x230f4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ea76: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eae4: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ea94 ; je 0xea94 +je short loc_0000eb02 ; je 0xeb02 movzx eax, byte [edi - 6] push eax push ebx -push ref_0002308c ; push 0x2308c +push ref_0002311c ; push 0x2311c push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ea94: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eb02: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000eab2 ; je 0xeab2 +je short loc_0000eb20 ; je 0xeb20 movzx eax, byte [edi - 5] push eax push ebx -push ref_000230b8 ; push 0x230b8 +push ref_00023148 ; push 0x23148 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000eab2: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eb20: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ead0 ; je 0xead0 +je short loc_0000eb3e ; je 0xeb3e movzx eax, word [edi - 4] push eax push ebx -push ref_000230ea ; push 0x230ea +push ref_0002317a ; push 0x2317a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ead0: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eb3e: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000eaee ; je 0xeaee +je short loc_0000eb5c ; je 0xeb5c movzx eax, byte [edi - 2] push eax push ebx -push ref_00023117 ; push 0x23117 +push ref_000231a7 ; push 0x231a7 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000eaee: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eb5c: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000eb0c ; je 0xeb0c +je short loc_0000eb7a ; je 0xeb7a movzx eax, byte [edi - 1] push eax push ebx -push ref_00023146 ; push 0x23146 +push ref_000231d6 ; push 0x231d6 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000eb0c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eb7a: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000eb29 ; je 0xeb29 +je short loc_0000eb97 ; je 0xeb97 movzx eax, word [edi] push eax push ebx -push ref_0002317b ; push 0x2317b +push ref_0002320b ; push 0x2320b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000eb29: ; not directly referenced +loc_0000eb97: ; not directly referenced inc ebx add edi, 0x2c -jmp near loc_0000e6dc ; jmp 0xe6dc +jmp near loc_0000e74a ; jmp 0xe74a -loc_0000eb32: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eba0: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000eb53 ; je 0xeb53 +je short loc_0000ebc1 ; je 0xebc1 push edi movzx eax, byte [esi + 0x160] push eax -push ref_000231ab ; push 0x231ab +push ref_0002323b ; push 0x2323b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000eb53: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ebc1: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000eb74 ; je 0xeb74 +je short loc_0000ebe2 ; je 0xebe2 push ebx movzx eax, byte [esi + 0x161] push eax -push ref_000231c1 ; push 0x231c1 +push ref_00023251 ; push 0x23251 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000eb74: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ebe2: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000eb95 ; je 0xeb95 +je short loc_0000ec03 ; je 0xec03 push ecx movzx eax, byte [esi + 0x162] push eax -push ref_000231d7 ; push 0x231d7 +push ref_00023267 ; push 0x23267 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000eb95: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ec03: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ebb6 ; je 0xebb6 +je short loc_0000ec24 ; je 0xec24 push edx movzx eax, byte [esi + 0x163] push eax -push ref_000231f1 ; push 0x231f1 +push ref_00023281 ; push 0x23281 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ebb6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ec24: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ebd9 ; je 0xebd9 +je short loc_0000ec47 ; je 0xec47 push eax mov al, byte [esi + 0x164] and eax, 1 push eax -push ref_00023210 ; push 0x23210 +push ref_000232a0 ; push 0x232a0 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ebd9: ; not directly referenced +loc_0000ec47: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -23980,7 +24023,7 @@ pop edi pop ebp ret -fcn_0000ebe1: ; not directly referenced +fcn_0000ec4f: ; not directly referenced push ebp mov ebp, esp push edi @@ -23988,184 +24031,184 @@ push esi push ebx sub esp, 0xc mov esi, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ec07 ; je 0xec07 +je short loc_0000ec75 ; je 0xec75 push edi push edi -push ref_0002322f ; push 0x2322f +push ref_000232bf ; push 0x232bf push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ec07: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ec75: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ec24 ; je 0xec24 +je short loc_0000ec92 ; je 0xec92 push ebx movzx eax, byte [esi] push eax -push ref_000233c4 ; push 0x233c4 +push ref_00023454 ; push 0x23454 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ec24: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ec92: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ec40 ; je 0xec40 +je short loc_0000ecae ; je 0xecae push ecx push dword [esi + 1] -push ref_00023266 ; push 0x23266 +push ref_000232f6 ; push 0x232f6 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ec40: ; not directly referenced +loc_0000ecae: ; not directly referenced lea edi, [esi + 0xd] xor ebx, ebx -loc_0000ec45: ; not directly referenced -call fcn_0001c11d ; call 0x1c11d +loc_0000ecb3: ; not directly referenced +call fcn_0001c1e1 ; call 0x1c1e1 movzx eax, al cmp ebx, eax -jae loc_0000efe4 ; jae 0xefe4 -call fcn_000153e9 ; call 0x153e9 +jae loc_0000f052 ; jae 0xf052 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ec79 ; je 0xec79 +je short loc_0000ece7 ; je 0xece7 imul eax, ebx, 0x12 mov al, byte [esi + eax + 5] and eax, 1 push eax push ebx -push ref_00022848 ; push 0x22848 +push ref_000228d8 ; push 0x228d8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ec79: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ece7: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ec9f ; je 0xec9f +je short loc_0000ed0d ; je 0xed0d imul eax, ebx, 0x12 mov al, byte [esi + eax + 5] shr al, 1 and eax, 1 push eax push ebx -push ref_00023275 ; push 0x23275 +push ref_00023305 ; push 0x23305 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ec9f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ed0d: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ecc6 ; je 0xecc6 +je short loc_0000ed34 ; je 0xed34 imul eax, ebx, 0x12 mov al, byte [esi + eax + 5] shr al, 2 and eax, 1 push eax push ebx -push ref_00023294 ; push 0x23294 +push ref_00023324 ; push 0x23324 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ecc6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ed34: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000eced ; je 0xeced +je short loc_0000ed5b ; je 0xed5b imul eax, ebx, 0x12 mov al, byte [esi + eax + 5] shr al, 3 and eax, 1 push eax push ebx -push ref_000232b7 ; push 0x232b7 +push ref_00023347 ; push 0x23347 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000eced: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ed5b: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ed14 ; je 0xed14 +je short loc_0000ed82 ; je 0xed82 imul eax, ebx, 0x12 mov al, byte [esi + eax + 5] shr al, 4 and eax, 1 push eax push ebx -push ref_000232d7 ; push 0x232d7 +push ref_00023367 ; push 0x23367 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ed14: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ed82: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ed3b ; je 0xed3b +je short loc_0000eda9 ; je 0xeda9 imul eax, ebx, 0x12 mov al, byte [esi + eax + 5] shr al, 5 and eax, 1 push eax push ebx -push ref_000232f5 ; push 0x232f5 +push ref_00023385 ; push 0x23385 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ed3b: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eda9: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ed62 ; je 0xed62 +je short loc_0000edd0 ; je 0xedd0 imul eax, ebx, 0x12 mov al, byte [esi + eax + 5] shr al, 6 and eax, 1 push eax push ebx -push ref_0002331c ; push 0x2331c +push ref_000233ac ; push 0x233ac push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ed62: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000edd0: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ed89 ; je 0xed89 +je short loc_0000edf7 ; je 0xedf7 imul eax, ebx, 0x12 mov al, byte [esi + eax + 5] shr al, 7 movzx eax, al push eax push ebx -push ref_0002333a ; push 0x2333a +push ref_000233ca ; push 0x233ca push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ed89: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000edf7: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000edad ; je 0xedad +je short loc_0000ee1b ; je 0xee1b imul eax, ebx, 0x12 mov al, byte [esi + eax + 6] and eax, 0xf push eax push ebx -push ref_00023362 ; push 0x23362 +push ref_000233f2 ; push 0x233f2 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000edad: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ee1b: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ede1 ; je 0xede1 +je short loc_0000ee4f ; je 0xee4f imul edx, ebx, 0x12 add edx, esi mov al, byte [edx + 6] @@ -24177,315 +24220,315 @@ shl eax, 4 or eax, ecx push eax push ebx -push ref_0002337f ; push 0x2337f +push ref_0002340f ; push 0x2340f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ede1: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ee4f: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000edff ; je 0xedff +je short loc_0000ee6d ; je 0xee6d movzx eax, byte [edi - 3] push eax push ebx -push ref_0002339e ; push 0x2339e +push ref_0002342e ; push 0x2342e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000edff: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ee6d: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ee1d ; je 0xee1d +je short loc_0000ee8b ; je 0xee8b movzx eax, byte [edi - 4] push eax push ebx -push ref_000233d1 ; push 0x233d1 +push ref_00023461 ; push 0x23461 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ee1d: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ee8b: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ee3b ; je 0xee3b +je short loc_0000eea9 ; je 0xeea9 movzx eax, byte [edi - 1] push eax push ebx -push ref_00023402 ; push 0x23402 +push ref_00023492 ; push 0x23492 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ee3b: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eea9: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ee59 ; je 0xee59 +je short loc_0000eec7 ; je 0xeec7 movzx eax, byte [edi - 2] push eax push ebx -push ref_00023435 ; push 0x23435 +push ref_000234c5 ; push 0x234c5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ee59: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eec7: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ee77 ; je 0xee77 +je short loc_0000eee5 ; je 0xeee5 movzx eax, byte [edi + 1] push eax push ebx -push ref_00023466 ; push 0x23466 +push ref_000234f6 ; push 0x234f6 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ee77: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000eee5: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ee94 ; je 0xee94 +je short loc_0000ef02 ; je 0xef02 movzx eax, byte [edi] push eax push ebx -push ref_00023499 ; push 0x23499 +push ref_00023529 ; push 0x23529 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ee94: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ef02: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000eeb6 ; je 0xeeb6 +je short loc_0000ef24 ; je 0xef24 imul eax, ebx, 0x12 movzx eax, byte [esi + eax + 0xf] push eax push ebx -push ref_000234ca ; push 0x234ca +push ref_0002355a ; push 0x2355a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000eeb6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ef24: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000eed8 ; je 0xeed8 +je short loc_0000ef46 ; je 0xef46 imul eax, ebx, 0x12 movzx eax, byte [esi + eax + 0x10] push eax push ebx -push ref_00023500 ; push 0x23500 +push ref_00023590 ; push 0x23590 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000eed8: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ef46: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000eefa ; je 0xeefa +je short loc_0000ef68 ; je 0xef68 imul eax, ebx, 0x12 movzx eax, byte [esi + eax + 0x11] push eax push ebx -push ref_00023537 ; push 0x23537 +push ref_000235c7 ; push 0x235c7 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000eefa: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ef68: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ef1c ; je 0xef1c +je short loc_0000ef8a ; je 0xef8a imul eax, ebx, 0x12 movzx eax, byte [esi + eax + 0x12] push eax push ebx -push ref_00023568 ; push 0x23568 +push ref_000235f8 ; push 0x235f8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ef1c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ef8a: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ef40 ; je 0xef40 +je short loc_0000efae ; je 0xefae imul eax, ebx, 0x12 mov al, byte [esi + eax + 0x13] and eax, 1 push eax push ebx -push ref_0002359a ; push 0x2359a +push ref_0002362a ; push 0x2362a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ef40: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000efae: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ef66 ; je 0xef66 +je short loc_0000efd4 ; je 0xefd4 imul eax, ebx, 0x12 mov al, byte [esi + eax + 0x13] shr al, 1 and eax, 1 push eax push ebx -push ref_000235d6 ; push 0x235d6 +push ref_00023666 ; push 0x23666 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ef66: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000efd4: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ef8d ; je 0xef8d +je short loc_0000effb ; je 0xeffb imul eax, ebx, 0x12 mov al, byte [esi + eax + 0x13] shr al, 2 and eax, 1 push eax push ebx -push ref_00023613 ; push 0x23613 +push ref_000236a3 ; push 0x236a3 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ef8d: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000effb: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000efb4 ; je 0xefb4 +je short loc_0000f022 ; je 0xf022 imul eax, ebx, 0x12 mov al, byte [esi + eax + 0x13] shr al, 3 and eax, 1 push eax push ebx -push ref_0002364a ; push 0x2364a +push ref_000236da ; push 0x236da push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000efb4: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f022: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000efdb ; je 0xefdb +je short loc_0000f049 ; je 0xf049 imul eax, ebx, 0x12 mov al, byte [esi + eax + 7] shr al, 6 and eax, 1 push eax push ebx -push ref_00023682 ; push 0x23682 +push ref_00023712 ; push 0x23712 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000efdb: ; not directly referenced +loc_0000f049: ; not directly referenced inc ebx add edi, 0x12 -jmp near loc_0000ec45 ; jmp 0xec45 +jmp near loc_0000ecb3 ; jmp 0xecb3 -loc_0000efe4: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f052: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f004 ; je 0xf004 +je short loc_0000f072 ; je 0xf072 push edx mov al, byte [esi + 0x71] and eax, 1 push eax -push ref_000236b9 ; push 0x236b9 +push ref_00023749 ; push 0x23749 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f004: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f072: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f026 ; je 0xf026 +je short loc_0000f094 ; je 0xf094 push eax mov al, byte [esi + 0x71] shr al, 1 and eax, 1 push eax -push ref_000236cf ; push 0x236cf +push ref_0002375f ; push 0x2375f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f026: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f094: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f049 ; je 0xf049 +je short loc_0000f0b7 ; je 0xf0b7 push eax mov al, byte [esi + 0x71] shr al, 2 and eax, 1 push eax -push ref_000236db ; push 0x236db +push ref_0002376b ; push 0x2376b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f049: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f0b7: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f06c ; je 0xf06c +je short loc_0000f0da ; je 0xf0da push eax mov al, byte [esi + 0x71] shr al, 3 and eax, 1 push eax -push ref_000236e7 ; push 0x236e7 +push ref_00023777 ; push 0x23777 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f06c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f0da: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f08f ; je 0xf08f +je short loc_0000f0fd ; je 0xf0fd push eax mov al, byte [esi + 0x71] shr al, 4 and eax, 1 push eax -push ref_000236f4 ; push 0x236f4 +push ref_00023784 ; push 0x23784 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f08f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f0fd: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f0b2 ; je 0xf0b2 +je short loc_0000f120 ; je 0xf120 push eax mov al, byte [esi + 0x71] shr al, 5 and eax, 1 push eax -push ref_00023700 ; push 0x23700 +push ref_00023790 ; push 0x23790 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f0b2: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f120: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f0d5 ; je 0xf0d5 +je short loc_0000f143 ; je 0xf143 push eax mov al, byte [esi + 0x71] shr al, 6 and eax, 1 push eax -push ref_0002370b ; push 0x2370b +push ref_0002379b ; push 0x2379b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f0d5: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f143: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f103 ; je 0xf103 +je short loc_0000f171 ; je 0xf171 push edi mov al, byte [esi + 0x71] shr al, 7 @@ -24495,187 +24538,187 @@ and eax, 1 add eax, eax or eax, edx push eax -push ref_0002371e ; push 0x2371e +push ref_000237ae ; push 0x237ae push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f103: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f171: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f125 ; je 0xf125 +je short loc_0000f193 ; je 0xf193 push ebx mov al, byte [esi + 0x72] shr al, 1 and eax, 1 push eax -push ref_00023730 ; push 0x23730 +push ref_000237c0 ; push 0x237c0 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f125: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f193: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f148 ; je 0xf148 +je short loc_0000f1b6 ; je 0xf1b6 push ecx mov al, byte [esi + 0x72] shr al, 2 and eax, 1 push eax -push ref_00023740 ; push 0x23740 +push ref_000237d0 ; push 0x237d0 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f148: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f1b6: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f16b ; je 0xf16b +je short loc_0000f1d9 ; je 0xf1d9 push edx mov al, byte [esi + 0x72] shr al, 3 and eax, 1 push eax -push ref_00023750 ; push 0x23750 +push ref_000237e0 ; push 0x237e0 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f16b: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f1d9: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f18e ; je 0xf18e +je short loc_0000f1fc ; je 0xf1fc push eax mov al, byte [esi + 0x72] shr al, 4 and eax, 1 push eax -push ref_0002375f ; push 0x2375f +push ref_000237ef ; push 0x237ef push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f18e: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f1fc: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f1aa ; je 0xf1aa +je short loc_0000f218 ; je 0xf218 push eax push dword [esi + 0x75] -push ref_00023772 ; push 0x23772 +push ref_00023802 ; push 0x23802 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f1aa: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f218: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f1c8 ; je 0xf1c8 +je short loc_0000f236 ; je 0xf236 push eax movzx eax, byte [esi + 0x7d] push eax -push ref_00023785 ; push 0x23785 +push ref_00023815 ; push 0x23815 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f1c8: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f236: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f1e6 ; je 0xf1e6 +je short loc_0000f254 ; je 0xf254 push eax movzx eax, byte [esi + 0x79] push eax -push ref_0002379b ; push 0x2379b +push ref_0002382b ; push 0x2382b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f1e6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f254: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f204 ; je 0xf204 +je short loc_0000f272 ; je 0xf272 push eax movzx eax, byte [esi + 0x7a] push eax -push ref_000237aa ; push 0x237aa +push ref_0002383a ; push 0x2383a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f204: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f272: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f222 ; je 0xf222 +je short loc_0000f290 ; je 0xf290 push eax movzx eax, byte [esi + 0x7b] push eax -push ref_000237bb ; push 0x237bb +push ref_0002384b ; push 0x2384b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f222: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f290: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f240 ; je 0xf240 +je short loc_0000f2ae ; je 0xf2ae push edi movzx eax, byte [esi + 0x7c] push eax -push ref_000237cd ; push 0x237cd +push ref_0002385d ; push 0x2385d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f240: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f2ae: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f25e ; je 0xf25e +je short loc_0000f2cc ; je 0xf2cc push ebx movzx eax, byte [esi + 0x7e] push eax -push ref_000237e0 ; push 0x237e0 +push ref_00023870 ; push 0x23870 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f25e: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f2cc: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f27c ; je 0xf27c +je short loc_0000f2ea ; je 0xf2ea push ecx movzx eax, byte [esi + 0x7f] push eax -push ref_000237fb ; push 0x237fb +push ref_0002388b ; push 0x2388b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f27c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f2ea: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f29d ; je 0xf29d +je short loc_0000f30b ; je 0xf30b push edx movzx eax, byte [esi + 0x80] push eax -push ref_0002381c ; push 0x2381c +push ref_000238ac ; push 0x238ac push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f29d: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f30b: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f2be ; je 0xf2be +je short loc_0000f32c ; je 0xf32c push eax movzx eax, byte [esi + 0x81] push eax -push ref_00023845 ; push 0x23845 +push ref_000238d5 ; push 0x238d5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f2be: ; not directly referenced +loc_0000f32c: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -24683,1100 +24726,1100 @@ pop edi pop ebp ret -fcn_0000f2c6: ; not directly referenced +fcn_0000f334: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f2e8 ; je 0xf2e8 +je short loc_0000f356 ; je 0xf356 push eax push eax -push ref_0002386a ; push 0x2386a +push ref_000238fa ; push 0x238fa push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f2e8: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f356: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f305 ; je 0xf305 +je short loc_0000f373 ; je 0xf373 push eax movzx eax, byte [ebx] push eax -push ref_000238a3 ; push 0x238a3 +push ref_00023933 ; push 0x23933 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f305: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f373: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f323 ; je 0xf323 +je short loc_0000f391 ; je 0xf391 push eax movzx eax, byte [ebx + 1] push eax -push ref_000238b2 ; push 0x238b2 +push ref_00023942 ; push 0x23942 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f323: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f391: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f341 ; je 0xf341 +je short loc_0000f3af ; je 0xf3af push eax movzx eax, byte [ebx + 2] push eax -push ref_000238c2 ; push 0x238c2 +push ref_00023952 ; push 0x23952 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f341: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f3af: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f35f ; je 0xf35f +je short loc_0000f3cd ; je 0xf3cd push eax movzx eax, byte [ebx + 3] push eax -push ref_00022f69 ; push 0x22f69 +push ref_00022ff9 ; push 0x22ff9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f35f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f3cd: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f37d ; je 0xf37d +je short loc_0000f3eb ; je 0xf3eb push ecx movzx eax, byte [ebx + 4] push eax -push ref_000238d5 ; push 0x238d5 +push ref_00023965 ; push 0x23965 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f37d: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f3eb: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f39b ; je 0xf39b +je short loc_0000f409 ; je 0xf409 push edx movzx eax, byte [ebx + 5] push eax -push ref_000238e4 ; push 0x238e4 +push ref_00023974 ; push 0x23974 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f39b: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f409: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f3b9 ; je 0xf3b9 +je short loc_0000f427 ; je 0xf427 push eax movzx eax, byte [ebx + 6] push eax -push ref_000238fa ; push 0x238fa +push ref_0002398a ; push 0x2398a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f3b9: ; not directly referenced +loc_0000f427: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_0000f3be: ; not directly referenced +fcn_0000f42c: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f3e0 ; je 0xf3e0 +je short loc_0000f44e ; je 0xf44e push eax push eax -push ref_00023911 ; push 0x23911 +push ref_000239a1 ; push 0x239a1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f3e0: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f44e: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f3fd ; je 0xf3fd +je short loc_0000f46b ; je 0xf46b push eax movzx eax, byte [ebx] push eax -push ref_00023948 ; push 0x23948 +push ref_000239d8 ; push 0x239d8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f3fd: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f46b: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f41b ; je 0xf41b +je short loc_0000f489 ; je 0xf489 push eax movzx eax, byte [ebx + 8] push eax -push ref_00023954 ; push 0x23954 +push ref_000239e4 ; push 0x239e4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f41b: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f489: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f439 ; je 0xf439 +je short loc_0000f4a7 ; je 0xf4a7 push eax movzx eax, byte [ebx + 1] push eax -push ref_00023962 ; push 0x23962 +push ref_000239f2 ; push 0x239f2 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f439: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f4a7: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f457 ; je 0xf457 +je short loc_0000f4c5 ; je 0xf4c5 push ecx movzx eax, byte [ebx + 2] push eax -push ref_00023971 ; push 0x23971 +push ref_00023a01 ; push 0x23a01 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f457: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f4c5: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f475 ; je 0xf475 +je short loc_0000f4e3 ; je 0xf4e3 push edx movzx eax, byte [ebx + 3] push eax -push ref_00023983 ; push 0x23983 +push ref_00023a13 ; push 0x23a13 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f475: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f4e3: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f491 ; je 0xf491 +je short loc_0000f4ff ; je 0xf4ff push eax push dword [ebx + 4] -push ref_00023997 ; push 0x23997 +push ref_00023a27 ; push 0x23a27 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f491: ; not directly referenced +loc_0000f4ff: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_0000f496: ; not directly referenced +fcn_0000f504: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f4b8 ; je 0xf4b8 +je short loc_0000f526 ; je 0xf526 push eax push eax -push ref_000239a1 ; push 0x239a1 +push ref_00023a31 ; push 0x23a31 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f4b8: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f526: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f4d7 ; je 0xf4d7 +je short loc_0000f545 ; je 0xf545 push eax mov al, byte [ebx] and eax, 1 push eax -push ref_000239dd ; push 0x239dd +push ref_00023a6d ; push 0x23a6d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f4d7: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f545: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f4f8 ; je 0xf4f8 +je short loc_0000f566 ; je 0xf566 push eax mov al, byte [ebx] shr al, 1 and eax, 1 push eax -push ref_000239ed ; push 0x239ed +push ref_00023a7d ; push 0x23a7d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f4f8: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f566: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f51a ; je 0xf51a +je short loc_0000f588 ; je 0xf588 push eax mov al, byte [ebx] shr al, 2 and eax, 1 push eax -push ref_00023a01 ; push 0x23a01 +push ref_00023a91 ; push 0x23a91 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f51a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f588: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f53c ; je 0xf53c +je short loc_0000f5aa ; je 0xf5aa push ecx mov al, byte [ebx] shr al, 3 and eax, 1 push eax -push ref_00023a14 ; push 0x23a14 +push ref_00023aa4 ; push 0x23aa4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f53c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f5aa: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f55e ; je 0xf55e +je short loc_0000f5cc ; je 0xf5cc push edx mov al, byte [ebx] shr al, 4 and eax, 1 push eax -push ref_00023a22 ; push 0x23a22 +push ref_00023ab2 ; push 0x23ab2 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f55e: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f5cc: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f580 ; je 0xf580 +je short loc_0000f5ee ; je 0xf5ee push eax mov al, byte [ebx] shr al, 5 and eax, 1 push eax -push ref_00023a31 ; push 0x23a31 +push ref_00023ac1 ; push 0x23ac1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f580: ; not directly referenced +loc_0000f5ee: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_0000f585: ; not directly referenced +fcn_0000f5f3: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 8] push ebx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f5a7 ; je 0xf5a7 +je short loc_0000f615 ; je 0xf615 push eax push eax -push ref_00023a3e ; push 0x23a3e +push ref_00023ace ; push 0x23ace push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f5a7: ; not directly referenced +loc_0000f615: ; not directly referenced xor ebx, ebx -loc_0000f5a9: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f617: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f5c9 ; je 0xf5c9 +je short loc_0000f637 ; je 0xf637 mov al, byte [esi + ebx*8] and eax, 1 push eax push ebx -push ref_00023a81 ; push 0x23a81 +push ref_00023b11 ; push 0x23b11 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f5c9: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f637: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f5eb ; je 0xf5eb +je short loc_0000f659 ; je 0xf659 mov al, byte [esi + ebx*8] shr al, 1 and eax, 1 push eax push ebx -push ref_00023aa1 ; push 0x23aa1 +push ref_00023b31 ; push 0x23b31 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f5eb: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f659: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f60a ; je 0xf60a +je short loc_0000f678 ; je 0xf678 movzx eax, word [esi + ebx*8 + 4] push eax push ebx -push ref_00023ac0 ; push 0x23ac0 +push ref_00023b50 ; push 0x23b50 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f60a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f678: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f629 ; je 0xf629 +je short loc_0000f697 ; je 0xf697 movzx eax, word [esi + ebx*8 + 6] push eax push ebx -push ref_00023ade ; push 0x23ade +push ref_00023b6e ; push 0x23b6e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f629: ; not directly referenced +loc_0000f697: ; not directly referenced inc ebx cmp ebx, 5 -jne loc_0000f5a9 ; jne 0xf5a9 +jne loc_0000f617 ; jne 0xf617 lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0000f63a: ; not directly referenced +fcn_0000f6a8: ; not directly referenced push ebp mov ebp, esp push esi push ebx mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f65c ; je 0xf65c +je short loc_0000f6ca ; je 0xf6ca push eax push eax -push ref_00023afb ; push 0x23afb +push ref_00023b8b ; push 0x23b8b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f65c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f6ca: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f679 ; je 0xf679 +je short loc_0000f6e7 ; je 0xf6e7 push eax movzx eax, byte [ebx] push eax -push ref_000233c4 ; push 0x233c4 +push ref_00023454 ; push 0x23454 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f679: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f6e7: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f697 ; je 0xf697 +je short loc_0000f705 ; je 0xf705 push eax movzx eax, word [ebx + 2] push eax -push ref_00023b33 ; push 0x23b33 +push ref_00023bc3 ; push 0x23bc3 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f697: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f705: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f6b5 ; je 0xf6b5 +je short loc_0000f723 ; je 0xf723 push esi movzx eax, byte [ebx + 7] push eax -push ref_00023b45 ; push 0x23b45 +push ref_00023bd5 ; push 0x23bd5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f6b5: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f723: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f6cf ; je 0xf6cf +je short loc_0000f73d ; je 0xf73d push ecx push ecx -push ref_00023b61 ; push 0x23b61 +push ref_00023bf1 ; push 0x23bf1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f6cf: ; not directly referenced +loc_0000f73d: ; not directly referenced xor esi, esi -loc_0000f6d1: ; not directly referenced +loc_0000f73f: ; not directly referenced movzx eax, byte [ebx + 7] cmp esi, eax -jae short loc_0000f6fb ; jae 0xf6fb -call fcn_000153e9 ; call 0x153e9 +jae short loc_0000f769 ; jae 0xf769 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f6f8 ; je 0xf6f8 +je short loc_0000f766 ; je 0xf766 push edx movzx eax, byte [ebx + esi + 8] push eax -push ref_00023b7b ; push 0x23b7b +push ref_00023c0b ; push 0x23c0b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f6f8: ; not directly referenced +loc_0000f766: ; not directly referenced inc esi -jmp short loc_0000f6d1 ; jmp 0xf6d1 +jmp short loc_0000f73f ; jmp 0xf73f -loc_0000f6fb: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f769: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f715 ; je 0xf715 +je short loc_0000f783 ; je 0xf783 push eax push eax -push ref_00023b82 ; push 0x23b82 +push ref_00023c12 ; push 0x23c12 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f715: ; not directly referenced +loc_0000f783: ; not directly referenced lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0000f71c: ; not directly referenced +fcn_0000f78a: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f73e ; je 0xf73e +je short loc_0000f7ac ; je 0xf7ac push eax push eax -push ref_00023b86 ; push 0x23b86 +push ref_00023c16 ; push 0x23c16 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f73e: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f7ac: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f75b ; je 0xf75b +je short loc_0000f7c9 ; je 0xf7c9 push eax movzx eax, byte [ebx] push eax -push ref_000233c4 ; push 0x233c4 +push ref_00023454 ; push 0x23454 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f75b: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f7c9: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f779 ; je 0xf779 +je short loc_0000f7e7 ; je 0xf7e7 push eax movzx eax, byte [ebx + 1] push eax -push ref_00023bbf ; push 0x23bbf +push ref_00023c4f ; push 0x23c4f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f779: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f7e7: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f797 ; je 0xf797 +je short loc_0000f805 ; je 0xf805 push ecx movzx eax, byte [ebx + 2] push eax -push ref_00023bc9 ; push 0x23bc9 +push ref_00023c59 ; push 0x23c59 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f797: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f805: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f7b5 ; je 0xf7b5 +je short loc_0000f823 ; je 0xf823 push edx movzx eax, byte [ebx + 2] push eax -push ref_00023bc9 ; push 0x23bc9 +push ref_00023c59 ; push 0x23c59 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f7b5: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f823: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f7d3 ; je 0xf7d3 +je short loc_0000f841 ; je 0xf841 push eax movzx eax, word [ebx + 4] push eax -push ref_00023bdb ; push 0x23bdb +push ref_00023c6b ; push 0x23c6b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f7d3: ; not directly referenced +loc_0000f841: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_0000f7d8: ; not directly referenced +fcn_0000f846: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f7fa ; je 0xf7fa +je short loc_0000f868 ; je 0xf868 push eax push eax -push ref_00023bf0 ; push 0x23bf0 +push ref_00023c80 ; push 0x23c80 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f7fa: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f868: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f819 ; je 0xf819 +je short loc_0000f887 ; je 0xf887 push eax mov al, byte [ebx] and eax, 1 push eax -push ref_00023c25 ; push 0x23c25 +push ref_00023cb5 ; push 0x23cb5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f819: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f887: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f83a ; je 0xf83a +je short loc_0000f8a8 ; je 0xf8a8 push eax mov al, byte [ebx] shr al, 1 and eax, 1 push eax -push ref_00023c4b ; push 0x23c4b +push ref_00023cdb ; push 0x23cdb push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f83a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f8a8: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f85c ; je 0xf85c +je short loc_0000f8ca ; je 0xf8ca push ecx mov al, byte [ebx] shr al, 2 and eax, 1 push eax -push ref_00023c75 ; push 0x23c75 +push ref_00023d05 ; push 0x23d05 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f85c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f8ca: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f87e ; je 0xf87e +je short loc_0000f8ec ; je 0xf8ec push edx mov al, byte [ebx] shr al, 3 and eax, 1 push eax -push ref_00023c9f ; push 0x23c9f +push ref_00023d2f ; push 0x23d2f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f87e: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f8ec: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f8a0 ; je 0xf8a0 +je short loc_0000f90e ; je 0xf90e push eax mov al, byte [ebx] shr al, 4 and eax, 1 push eax -push ref_00023cc9 ; push 0x23cc9 +push ref_00023d59 ; push 0x23d59 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f8a0: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f90e: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f8c0 ; je 0xf8c0 +je short loc_0000f92e ; je 0xf92e push eax mov al, byte [ebx + 4] and eax, 1 push eax -push ref_00023cf1 ; push 0x23cf1 +push ref_00023d81 ; push 0x23d81 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f8c0: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f92e: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f8e2 ; je 0xf8e2 +je short loc_0000f950 ; je 0xf950 push eax mov al, byte [ebx + 4] shr al, 1 and eax, 1 push eax -push ref_00023d0d ; push 0x23d0d +push ref_00023d9d ; push 0x23d9d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f8e2: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f950: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f905 ; je 0xf905 +je short loc_0000f973 ; je 0xf973 push eax mov al, byte [ebx + 4] shr al, 2 and eax, 1 push eax -push ref_00023d30 ; push 0x23d30 +push ref_00023dc0 ; push 0x23dc0 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f905: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f973: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f928 ; je 0xf928 +je short loc_0000f996 ; je 0xf996 push eax mov al, byte [ebx + 4] shr al, 3 and eax, 1 push eax -push ref_00023d54 ; push 0x23d54 +push ref_00023de4 ; push 0x23de4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f928: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f996: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f94b ; je 0xf94b +je short loc_0000f9b9 ; je 0xf9b9 push eax mov al, byte [ebx + 4] shr al, 4 and eax, 1 push eax -push ref_00023d78 ; push 0x23d78 +push ref_00023e08 ; push 0x23e08 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f94b: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f9b9: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f96e ; je 0xf96e +je short loc_0000f9dc ; je 0xf9dc push ecx mov al, byte [ebx + 4] shr al, 5 and eax, 1 push eax -push ref_00023d96 ; push 0x23d96 +push ref_00023e26 ; push 0x23e26 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f96e: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f9dc: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f98a ; je 0xf98a +je short loc_0000f9f8 ; je 0xf9f8 push edx push dword [ebx + 8] -push ref_00023dba ; push 0x23dba +push ref_00023e4a ; push 0x23e4a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f98a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000f9f8: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f9a6 ; je 0xf9a6 +je short loc_0000fa14 ; je 0xfa14 push eax push dword [ebx + 0xc] -push ref_00023dcd ; push 0x23dcd +push ref_00023e5d ; push 0x23e5d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f9a6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fa14: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f9c2 ; je 0xf9c2 +je short loc_0000fa30 ; je 0xfa30 push eax push dword [ebx + 0x10] -push ref_00023de5 ; push 0x23de5 +push ref_00023e75 ; push 0x23e75 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f9c2: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fa30: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f9de ; je 0xf9de +je short loc_0000fa4c ; je 0xfa4c push eax push dword [ebx + 0x14] -push ref_00023dfd ; push 0x23dfd +push ref_00023e8d ; push 0x23e8d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f9de: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fa4c: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000f9fa ; je 0xf9fa +je short loc_0000fa68 ; je 0xfa68 push eax push dword [ebx + 0x18] -push ref_00023e16 ; push 0x23e16 +push ref_00023ea6 ; push 0x23ea6 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000f9fa: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fa68: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fa1a ; je 0xfa1a +je short loc_0000fa88 ; je 0xfa88 push eax mov al, byte [ebx + 0x1c] and eax, 1 push eax -push ref_00023e2d ; push 0x23e2d +push ref_00023ebd ; push 0x23ebd push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fa1a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fa88: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fa3c ; je 0xfa3c +je short loc_0000faaa ; je 0xfaaa push eax mov al, byte [ebx + 0x1c] shr al, 1 and eax, 1 push eax -push ref_00023e3f ; push 0x23e3f +push ref_00023ecf ; push 0x23ecf push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fa3c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000faaa: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fa5f ; je 0xfa5f +je short loc_0000facd ; je 0xfacd push ecx mov al, byte [ebx + 0x1c] shr al, 2 and eax, 1 push eax -push ref_00023e53 ; push 0x23e53 +push ref_00023ee3 ; push 0x23ee3 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fa5f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000facd: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fa82 ; je 0xfa82 +je short loc_0000faf0 ; je 0xfaf0 push edx mov al, byte [ebx + 0x1c] shr al, 3 and eax, 1 push eax -push ref_00023e65 ; push 0x23e65 +push ref_00023ef5 ; push 0x23ef5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fa82: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000faf0: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000faa0 ; je 0xfaa0 +je short loc_0000fb0e ; je 0xfb0e push eax movzx eax, byte [ebx + 0x20] push eax -push ref_00023e7c ; push 0x23e7c +push ref_00023f0c ; push 0x23f0c push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000faa0: ; not directly referenced +loc_0000fb0e: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_0000faa5: ; not directly referenced +fcn_0000fb13: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fac7 ; je 0xfac7 +je short loc_0000fb35 ; je 0xfb35 push eax push eax -push ref_00023e8f ; push 0x23e8f +push ref_00023f1f ; push 0x23f1f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fac7: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fb35: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fae6 ; je 0xfae6 +je short loc_0000fb54 ; je 0xfb54 push eax mov al, byte [ebx] and eax, 1 push eax -push ref_00023ec5 ; push 0x23ec5 +push ref_00023f55 ; push 0x23f55 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fae6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fb54: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fb07 ; je 0xfb07 +je short loc_0000fb75 ; je 0xfb75 push eax mov al, byte [ebx] shr al, 1 and eax, 1 push eax -push ref_00023ed3 ; push 0x23ed3 +push ref_00023f63 ; push 0x23f63 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fb07: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fb75: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fb29 ; je 0xfb29 +je short loc_0000fb97 ; je 0xfb97 push eax mov al, byte [ebx] shr al, 2 and eax, 1 push eax -push ref_00023ee4 ; push 0x23ee4 +push ref_00023f74 ; push 0x23f74 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fb29: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fb97: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fb4b ; je 0xfb4b +je short loc_0000fbb9 ; je 0xfbb9 push ecx mov al, byte [ebx] shr al, 3 and eax, 1 push eax -push ref_000237cd ; push 0x237cd +push ref_0002385d ; push 0x2385d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fb4b: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fbb9: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fb6d ; je 0xfb6d +je short loc_0000fbdb ; je 0xfbdb push edx mov al, byte [ebx] shr al, 4 and eax, 1 push eax -push ref_00023ef1 ; push 0x23ef1 +push ref_00023f81 ; push 0x23f81 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fb6d: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fbdb: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fb8f ; je 0xfb8f +je short loc_0000fbfd ; je 0xfbfd push eax mov al, byte [ebx] shr al, 5 and eax, 1 push eax -push ref_00023f07 ; push 0x23f07 +push ref_00023f97 ; push 0x23f97 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fb8f: ; not directly referenced +loc_0000fbfd: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_0000fb94: ; not directly referenced +fcn_0000fc02: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fbb6 ; je 0xfbb6 +je short loc_0000fc24 ; je 0xfc24 push eax push eax -push ref_00023f1c ; push 0x23f1c +push ref_00023fac ; push 0x23fac push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fbb6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fc24: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fbd3 ; je 0xfbd3 +je short loc_0000fc41 ; je 0xfc41 push ecx movzx eax, byte [ebx] push eax -push ref_00023f57 ; push 0x23f57 +push ref_00023fe7 ; push 0x23fe7 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fbd3: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fc41: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fbef ; je 0xfbef +je short loc_0000fc5d ; je 0xfc5d push edx push dword [ebx + 4] -push ref_00023f68 ; push 0x23f68 +push ref_00023ff8 ; push 0x23ff8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fbef: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fc5d: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fc0b ; je 0xfc0b +je short loc_0000fc79 ; je 0xfc79 push eax push dword [ebx + 8] -push ref_00023f77 ; push 0x23f77 +push ref_00024007 ; push 0x24007 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fc0b: ; not directly referenced +loc_0000fc79: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_0000fc10: ; not directly referenced +fcn_0000fc7e: ; not directly referenced push ebp mov ebp, esp push esi push ebx mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fc32 ; je 0xfc32 +je short loc_0000fca0 ; je 0xfca0 push ecx push ecx -push ref_00023f8d ; push 0x23f8d +push ref_0002401d ; push 0x2401d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fc32: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fca0: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fc51 ; je 0xfc51 +je short loc_0000fcbf ; je 0xfcbf push edx mov al, byte [ebx] and eax, 1 push eax -push ref_00023fc7 ; push 0x23fc7 +push ref_00024057 ; push 0x24057 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fc51: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fcbf: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fc72 ; je 0xfc72 +je short loc_0000fce0 ; je 0xfce0 push eax mov al, byte [ebx] shr al, 1 and eax, 1 push eax -push ref_00023fe8 ; push 0x23fe8 +push ref_00024078 ; push 0x24078 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fc72: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fce0: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fc94 ; je 0xfc94 +je short loc_0000fd02 ; je 0xfd02 push eax mov al, byte [ebx] shr al, 2 and eax, 1 push eax -push ref_00024008 ; push 0x24008 +push ref_00024098 ; push 0x24098 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fc94: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fd02: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fcb6 ; je 0xfcb6 +je short loc_0000fd24 ; je 0xfd24 push eax mov al, byte [ebx] shr al, 3 and eax, 1 push eax -push ref_0002402b ; push 0x2402b +push ref_000240bb ; push 0x240bb push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fcb6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fd24: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fce0 ; je 0xfce0 +je short loc_0000fd4e ; je 0xfd4e push eax movzx eax, byte [ebx + 5] movzx edx, byte [ebx + 4] @@ -25784,15 +25827,15 @@ and eax, 1 shl eax, 8 or eax, edx push eax -push ref_0002404d ; push 0x2404d +push ref_000240dd ; push 0x240dd push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fce0: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fd4e: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fd0e ; je 0xfd0e +je short loc_0000fd7c ; je 0xfd7c push eax mov al, byte [ebx + 5] shr al, 1 @@ -25802,15 +25845,15 @@ and eax, 3 shl eax, 7 or eax, edx push eax -push ref_00024087 ; push 0x24087 +push ref_00024117 ; push 0x24117 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fd0e: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fd7c: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fd3d ; je 0xfd3d +je short loc_0000fdab ; je 0xfdab push eax mov al, byte [ebx + 6] shr al, 2 @@ -25820,1345 +25863,1359 @@ and eax, 7 shl eax, 6 or eax, edx push eax -push ref_000240c1 ; push 0x240c1 +push ref_00024151 ; push 0x24151 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fd3d: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fdab: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fd60 ; je 0xfd60 +je short loc_0000fdce ; je 0xfdce push esi mov al, byte [ebx + 7] shr al, 3 and eax, 1 push eax -push ref_000240fb ; push 0x240fb +push ref_0002418b ; push 0x2418b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fd60: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fdce: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fd83 ; je 0xfd83 +je short loc_0000fdf1 ; je 0xfdf1 push ecx mov al, byte [ebx + 7] shr al, 4 and eax, 1 push eax -push ref_00024124 ; push 0x24124 +push ref_000241b4 ; push 0x241b4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fd83: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fdf1: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fda6 ; je 0xfda6 +je short loc_0000fe14 ; je 0xfe14 push edx mov al, byte [ebx + 7] shr al, 5 and eax, 1 push eax -push ref_00024154 ; push 0x24154 +push ref_000241e4 ; push 0x241e4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fda6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fe14: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fdc9 ; je 0xfdc9 +je short loc_0000fe37 ; je 0xfe37 push eax mov al, byte [ebx + 7] shr al, 6 and eax, 1 push eax -push ref_0002417b ; push 0x2417b +push ref_0002420b ; push 0x2420b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fdc9: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fe37: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fdec ; je 0xfdec +je short loc_0000fe5a ; je 0xfe5a push eax mov al, byte [ebx + 7] shr al, 7 movzx eax, al push eax -push ref_000241ac ; push 0x241ac +push ref_0002423c ; push 0x2423c push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fdec: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fe5a: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fe0c ; je 0xfe0c +je short loc_0000fe7a ; je 0xfe7a push eax mov al, byte [ebx + 0xc] and eax, 1 push eax -push ref_000241df ; push 0x241df +push ref_0002426f ; push 0x2426f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fe0c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fe7a: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fe2c ; je 0xfe2c +je short loc_0000fe9a ; je 0xfe9a push eax mov al, byte [ebx + 0xd] and eax, 3 push eax -push ref_00024209 ; push 0x24209 +push ref_00024299 ; push 0x24299 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fe2c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fe9a: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fe4f ; je 0xfe4f +je short loc_0000febd ; je 0xfebd push eax mov al, byte [ebx + 0xd] shr al, 2 and eax, 3 push eax -push ref_0002422f ; push 0x2422f +push ref_000242bf ; push 0x242bf push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fe4f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000febd: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fe72 ; je 0xfe72 +je short loc_0000fee0 ; je 0xfee0 push eax mov al, byte [ebx + 0xd] shr al, 4 and eax, 3 push eax -push ref_00024255 ; push 0x24255 +push ref_000242e5 ; push 0x242e5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fe72: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fee0: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fe95 ; je 0xfe95 +je short loc_0000ff03 ; je 0xff03 push esi mov al, byte [ebx + 0xd] shr al, 6 movzx eax, al push eax -push ref_0002427b ; push 0x2427b +push ref_0002430b ; push 0x2430b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fe95: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ff03: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000feb7 ; je 0xfeb7 +je short loc_0000ff25 ; je 0xff25 push ecx mov al, byte [ebx + 0xc] shr al, 1 and eax, 1 push eax -push ref_000242a1 ; push 0x242a1 +push ref_00024331 ; push 0x24331 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000feb7: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ff25: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fed7 ; je 0xfed7 +je short loc_0000ff45 ; je 0xff45 push edx mov al, byte [ebx + 0x10] and eax, 3 push eax -push ref_000242d2 ; push 0x242d2 +push ref_00024362 ; push 0x24362 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fed7: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ff45: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000fefa ; je 0xfefa +je short loc_0000ff68 ; je 0xff68 push eax mov al, byte [ebx + 0x10] shr al, 2 and eax, 3 push eax -push ref_000242f6 ; push 0x242f6 +push ref_00024386 ; push 0x24386 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000fefa: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ff68: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ff1d ; je 0xff1d +je short loc_0000ff8b ; je 0xff8b push eax mov al, byte [ebx + 0x10] shr al, 4 and eax, 3 push eax -push ref_0002431a ; push 0x2431a +push ref_000243aa ; push 0x243aa push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ff1d: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ff8b: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ff40 ; je 0xff40 +je short loc_0000ffae ; je 0xffae push eax mov al, byte [ebx + 0x10] shr al, 6 movzx eax, al push eax -push ref_0002433e ; push 0x2433e +push ref_000243ce ; push 0x243ce push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ff40: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ffae: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ff60 ; je 0xff60 +je short loc_0000ffce ; je 0xffce push eax mov al, byte [ebx + 0x12] and eax, 3 push eax -push ref_00024364 ; push 0x24364 +push ref_000243f4 ; push 0x243f4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ff60: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000ffce: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ff83 ; je 0xff83 +je short loc_0000fff1 ; je 0xfff1 push eax mov al, byte [ebx + 0x12] shr al, 2 and eax, 1 push eax -push ref_0002438b ; push 0x2438b +push ref_0002441b ; push 0x2441b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ff83: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0000fff1: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ffa3 ; je 0xffa3 +je short loc_00010011 ; je 0x10011 push eax mov al, byte [ebx + 0x11] and eax, 3 push eax -push ref_000243b6 ; push 0x243b6 +push ref_00024446 ; push 0x24446 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ffa3: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010011: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ffc6 ; je 0xffc6 +je short loc_00010034 ; je 0x10034 push esi mov al, byte [ebx + 0x11] shr al, 2 and eax, 3 push eax -push ref_000243da ; push 0x243da +push ref_0002446a ; push 0x2446a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ffc6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010034: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0000ffe9 ; je 0xffe9 +je short loc_00010057 ; je 0x10057 push ecx mov al, byte [ebx + 0x11] shr al, 4 and eax, 3 push eax -push ref_000243fe ; push 0x243fe +push ref_0002448e ; push 0x2448e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0000ffe9: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010057: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001000c ; je 0x1000c +je short loc_0001007a ; je 0x1007a push edx mov al, byte [ebx + 0x11] shr al, 6 movzx eax, al push eax -push ref_00024422 ; push 0x24422 +push ref_000244b2 ; push 0x244b2 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001000c: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001007a: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001002f ; je 0x1002f +je short loc_0001009d ; je 0x1009d push eax mov al, byte [ebx + 0x12] shr al, 3 and eax, 3 push eax -push ref_00024448 ; push 0x24448 +push ref_000244d8 ; push 0x244d8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001002f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001009d: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010052 ; je 0x10052 +je short loc_000100c0 ; je 0x100c0 push eax mov al, byte [ebx + 0x12] shr al, 5 and eax, 1 push eax -push ref_0002446f ; push 0x2446f +push ref_000244ff ; push 0x244ff push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010052: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000100c0: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010075 ; je 0x10075 +je short loc_000100e3 ; je 0x100e3 push eax mov al, byte [ebx + 0x12] shr al, 6 and eax, 1 push eax -push ref_0002449a ; push 0x2449a +push ref_0002452a ; push 0x2452a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010075: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000100e3: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010095 ; je 0x10095 +je short loc_00010103 ; je 0x10103 push eax mov al, byte [ebx + 0x14] and eax, 1 push eax -push ref_000244c9 ; push 0x244c9 +push ref_00024559 ; push 0x24559 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010095: ; not directly referenced +loc_00010103: ; not directly referenced mov esi, 2 -loc_0001009a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010108: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000100bb ; je 0x100bb +je short loc_00010129 ; je 0x10129 push eax mov al, byte [ebx + esi*4 + 0x18] and eax, 1 push eax -push ref_000244e7 ; push 0x244e7 +push ref_00024577 ; push 0x24577 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000100bb: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010129: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000100de ; je 0x100de +je short loc_0001014c ; je 0x1014c push eax mov al, byte [ebx + esi*4 + 0x18] shr al, 1 and eax, 1 push eax -push ref_0002451c ; push 0x2451c +push ref_000245ac ; push 0x245ac push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000100de: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001014c: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010102 ; je 0x10102 +je short loc_00010170 ; je 0x10170 push ecx mov al, byte [ebx + esi*4 + 0x18] shr al, 2 and eax, 1 push eax -push ref_00024555 ; push 0x24555 +push ref_000245e5 ; push 0x245e5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010102: ; not directly referenced +loc_00010170: ; not directly referenced inc esi cmp esi, 4 -jne short loc_0001009a ; jne 0x1009a -call fcn_000153e9 ; call 0x153e9 +jne short loc_00010108 ; jne 0x10108 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010126 ; je 0x10126 +je short loc_00010194 ; je 0x10194 push edx movzx eax, word [ebx + 0x28] push eax -push ref_0002458a ; push 0x2458a +push ref_0002461a ; push 0x2461a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010126: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010194: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010144 ; je 0x10144 +je short loc_000101b2 ; je 0x101b2 push eax movzx eax, byte [ebx + 0x2a] push eax -push ref_0002459d ; push 0x2459d +push ref_0002462d ; push 0x2462d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010144: ; not directly referenced +loc_000101b2: ; not directly referenced lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0001014b: ; not directly referenced +fcn_000101b9: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001016d ; je 0x1016d +je short loc_000101db ; je 0x101db push eax push eax -push ref_000245bf ; push 0x245bf +push ref_0002464f ; push 0x2464f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001016d: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000101db: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001018a ; je 0x1018a +je short loc_000101f8 ; je 0x101f8 push eax movzx eax, word [ebx] push eax -push ref_000245f9 ; push 0x245f9 +push ref_00024689 ; push 0x24689 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001018a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000101f8: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000101a8 ; je 0x101a8 +je short loc_00010216 ; je 0x10216 push ecx movzx eax, word [ebx + 2] push eax -push ref_00024611 ; push 0x24611 +push ref_000246a1 ; push 0x246a1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000101a8: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010216: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000101c6 ; je 0x101c6 +je short loc_00010234 ; je 0x10234 push edx movzx eax, byte [ebx + 4] push eax -push ref_00024623 ; push 0x24623 +push ref_000246b3 ; push 0x246b3 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000101c6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010234: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000101e4 ; je 0x101e4 +je short loc_00010252 ; je 0x10252 push eax movzx eax, byte [ebx + 5] push eax -push ref_0002462e ; push 0x2462e +push ref_000246be ; push 0x246be push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000101e4: ; not directly referenced +loc_00010252: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_000101e9: ; not directly referenced +fcn_00010257: ; not directly referenced push ebp mov ebp, esp push ebx push ebx mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001020b ; je 0x1020b +je short loc_00010279 ; je 0x10279 push ecx push ecx -push ref_0002463a ; push 0x2463a +push ref_000246ca ; push 0x246ca push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001020b: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010279: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010228 ; je 0x10228 +je short loc_00010296 ; je 0x10296 push edx movzx eax, byte [ebx] push eax -push ref_000233c4 ; push 0x233c4 +push ref_00023454 ; push 0x23454 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010228: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010296: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010246 ; je 0x10246 +je short loc_000102b4 ; je 0x102b4 push eax movzx eax, byte [ebx + 1] push eax -push ref_0002300d ; push 0x2300d +push ref_0002309d ; push 0x2309d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010246: ; not directly referenced +loc_000102b4: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_0001024b: ; not directly referenced +fcn_000102b9: ; not directly referenced push ebp mov ebp, esp push ebx push edx mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001026d ; je 0x1026d +je short loc_000102db ; je 0x102db push eax push eax -push ref_00024670 ; push 0x24670 +push ref_00024700 ; push 0x24700 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001026d: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000102db: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010290 ; je 0x10290 +je short loc_000102fe ; je 0x102fe push eax mov al, byte [ebx + 8] shr al, 7 movzx eax, al push eax -push ref_000246ac ; push 0x246ac +push ref_0002473c ; push 0x2473c push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010290: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000102fe: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000102ad ; je 0x102ad +je short loc_0001031b ; je 0x1031b push eax movzx eax, byte [ebx] push eax -push ref_000246bf ; push 0x246bf +push ref_0002474f ; push 0x2474f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000102ad: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001031b: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000102cb ; je 0x102cb +je short loc_00010339 ; je 0x10339 push eax movzx eax, byte [ebx + 1] push eax -push ref_000246d1 ; push 0x246d1 +push ref_00024761 ; push 0x24761 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000102cb: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010339: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000102e9 ; je 0x102e9 +je short loc_00010357 ; je 0x10357 push eax movzx eax, byte [ebx + 2] push eax -push ref_000246e4 ; push 0x246e4 +push ref_00024774 ; push 0x24774 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000102e9: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010357: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010307 ; je 0x10307 +je short loc_00010375 ; je 0x10375 push eax movzx eax, byte [ebx + 3] push eax -push ref_000246f7 ; push 0x246f7 +push ref_00024787 ; push 0x24787 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010307: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010375: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010325 ; je 0x10325 +je short loc_00010393 ; je 0x10393 push ecx movzx eax, byte [ebx + 4] push eax -push ref_0002470a ; push 0x2470a +push ref_0002479a ; push 0x2479a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010325: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010393: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010343 ; je 0x10343 +je short loc_000103b1 ; je 0x103b1 push edx movzx eax, byte [ebx + 5] push eax -push ref_0002471d ; push 0x2471d +push ref_000247ad ; push 0x247ad push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010343: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000103b1: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010361 ; je 0x10361 +je short loc_000103cf ; je 0x103cf push eax movzx eax, byte [ebx + 6] push eax -push ref_00024731 ; push 0x24731 +push ref_000247c1 ; push 0x247c1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010361: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000103cf: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001037f ; je 0x1037f +je short loc_000103ed ; je 0x103ed push eax movzx eax, byte [ebx + 7] push eax -push ref_00024745 ; push 0x24745 +push ref_000247d5 ; push 0x247d5 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001037f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000103ed: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001039f ; je 0x1039f +je short loc_0001040d ; je 0x1040d push eax mov al, byte [ebx + 8] and eax, 1 push eax -push ref_00024758 ; push 0x24758 +push ref_000247e8 ; push 0x247e8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001039f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001040d: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000103c1 ; je 0x103c1 +je short loc_0001042f ; je 0x1042f push eax mov al, byte [ebx + 8] shr al, 1 and eax, 1 push eax -push ref_00024770 ; push 0x24770 +push ref_00024800 ; push 0x24800 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000103c1: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001042f: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000103e4 ; je 0x103e4 +je short loc_00010452 ; je 0x10452 push eax mov al, byte [ebx + 8] shr al, 2 and eax, 1 push eax -push ref_00024788 ; push 0x24788 +push ref_00024818 ; push 0x24818 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000103e4: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010452: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010407 ; je 0x10407 +je short loc_00010475 ; je 0x10475 push eax mov al, byte [ebx + 8] shr al, 3 and eax, 1 push eax -push ref_0002479b ; push 0x2479b +push ref_0002482b ; push 0x2482b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010407: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010475: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001042a ; je 0x1042a +je short loc_00010498 ; je 0x10498 push ecx mov al, byte [ebx + 8] shr al, 4 and eax, 1 push eax -push ref_000247b6 ; push 0x247b6 +push ref_00024846 ; push 0x24846 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001042a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010498: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001044d ; je 0x1044d +je short loc_000104bb ; je 0x104bb push edx mov al, byte [ebx + 8] shr al, 5 and eax, 1 push eax -push ref_000247cf ; push 0x247cf +push ref_0002485f ; push 0x2485f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001044d: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000104bb: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010470 ; je 0x10470 +je short loc_000104de ; je 0x104de push eax mov al, byte [ebx + 8] shr al, 6 and eax, 1 push eax -push ref_000247e9 ; push 0x247e9 +push ref_00024879 ; push 0x24879 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010470: ; not directly referenced +loc_000104de: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_00010475: ; not directly referenced +fcn_000104e3: ; not directly referenced push ebp mov ebp, esp push ebx -push eax +push edx mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010497 ; je 0x10497 +je short loc_00010505 ; je 0x10505 push eax push eax -push ref_000247fc ; push 0x247fc +push ref_0002488c ; push 0x2488c push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010497: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010505: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000104b6 ; je 0x104b6 +je short loc_00010524 ; je 0x10524 push eax mov al, byte [ebx] and eax, 1 push eax -push ref_000233c4 ; push 0x233c4 +push ref_00023454 ; push 0x23454 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000104b6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010524: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000104d7 ; je 0x104d7 +je short loc_00010545 ; je 0x10545 push eax mov al, byte [ebx] shr al, 1 and eax, 1 push eax -push ref_00024838 ; push 0x24838 +push ref_000248c8 ; push 0x248c8 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000104d7: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010545: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000104f9 ; je 0x104f9 +je short loc_00010567 ; je 0x10567 push eax mov al, byte [ebx] shr al, 2 and eax, 1 push eax -push ref_0002484f ; push 0x2484f +push ref_000248df ; push 0x248df push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000104f9: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010567: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001051b ; je 0x1051b +je short loc_00010589 ; je 0x10589 push eax mov al, byte [ebx] shr al, 5 and eax, 1 push eax -push ref_0002486b ; push 0x2486b +push ref_000248fb ; push 0x248fb push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001051b: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010589: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001053d ; je 0x1053d -push ecx +je short loc_000105ab ; je 0x105ab +push eax mov al, byte [ebx] shr al, 3 and eax, 1 push eax -push ref_00024889 ; push 0x24889 +push ref_00024919 ; push 0x24919 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001053d: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000105ab: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001055f ; je 0x1055f -push edx +je short loc_000105cd ; je 0x105cd +push ecx mov al, byte [ebx] shr al, 4 and eax, 1 push eax -push ref_000248a8 ; push 0x248a8 +push ref_00024938 ; push 0x24938 +push 0x40 +call fcn_00015487 ; call 0x15487 +add esp, 0x10 + +loc_000105cd: ; not directly referenced +call fcn_00015479 ; call 0x15479 +test al, al +je short loc_000105ef ; je 0x105ef +push edx +mov al, byte [ebx] +shr al, 6 +movzx eax, al +push eax +push ref_00024958 ; push 0x24958 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001055f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000105ef: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001057b ; je 0x1057b +je short loc_0001060b ; je 0x1060b push eax push dword [ebx + 4] -push ref_000248c8 ; push 0x248c8 +push ref_00024977 ; push 0x24977 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001057b: ; not directly referenced +loc_0001060b: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_00010580: ; not directly referenced +fcn_00010610: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000105a2 ; je 0x105a2 +je short loc_00010632 ; je 0x10632 push eax push eax -push ref_000248e2 ; push 0x248e2 +push ref_00024991 ; push 0x24991 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000105a2: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010632: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000105bf ; je 0x105bf +je short loc_0001064f ; je 0x1064f push eax movzx eax, byte [ebx] push eax -push ref_0002491b ; push 0x2491b +push ref_000249ca ; push 0x249ca push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000105bf: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001064f: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000105dd ; je 0x105dd +je short loc_0001066d ; je 0x1066d push eax movzx eax, byte [ebx + 1] push eax -push ref_0002492f ; push 0x2492f +push ref_000249de ; push 0x249de push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000105dd: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001066d: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000105fb ; je 0x105fb +je short loc_0001068b ; je 0x1068b push eax movzx eax, byte [ebx + 8] push eax -push ref_0002493f ; push 0x2493f +push ref_000249ee ; push 0x249ee push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000105fb: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001068b: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010619 ; je 0x10619 +je short loc_000106a9 ; je 0x106a9 push ecx movzx eax, byte [ebx + 9] push eax -push ref_00024953 ; push 0x24953 +push ref_00024a02 ; push 0x24a02 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010619: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000106a9: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010635 ; je 0x10635 +je short loc_000106c5 ; je 0x106c5 push edx push dword [ebx + 0xa] -push ref_00024967 ; push 0x24967 +push ref_00024a16 ; push 0x24a16 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010635: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000106c5: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010651 ; je 0x10651 +je short loc_000106e1 ; je 0x106e1 push eax push dword [ebx + 0xe] -push ref_0002497d ; push 0x2497d +push ref_00024a2c ; push 0x24a2c push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010651: ; not directly referenced +loc_000106e1: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_00010656: ; not directly referenced +fcn_000106e6: ; not directly referenced push ebp mov ebp, esp push esi push ebx mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010678 ; je 0x10678 +je short loc_00010708 ; je 0x10708 push eax push eax -push ref_0002498f ; push 0x2498f +push ref_00024a3e ; push 0x24a3e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010678: ; not directly referenced +loc_00010708: ; not directly referenced xor esi, esi -loc_0001067a: ; not directly referenced +loc_0001070a: ; not directly referenced mov eax, esi cmp al, byte [ebx + 0x48] -jae short loc_000106c7 ; jae 0x106c7 -call fcn_000153e9 ; call 0x153e9 +jae short loc_00010757 ; jae 0x10757 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000106a2 ; je 0x106a2 +je short loc_00010732 ; je 0x10732 mov eax, esi movzx eax, al push dword [ebx + eax*8] push eax -push ref_000249cb ; push 0x249cb +push ref_00024a7a ; push 0x24a7a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000106a2: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010732: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000106c4 ; je 0x106c4 +je short loc_00010754 ; je 0x10754 mov eax, esi movzx eax, al push dword [ebx + eax*8 + 4] push eax -push ref_000249e3 ; push 0x249e3 +push ref_00024a92 ; push 0x24a92 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000106c4: ; not directly referenced +loc_00010754: ; not directly referenced inc esi -jmp short loc_0001067a ; jmp 0x1067a +jmp short loc_0001070a ; jmp 0x1070a -loc_000106c7: ; not directly referenced +loc_00010757: ; not directly referenced xor esi, esi -loc_000106c9: ; not directly referenced +loc_00010759: ; not directly referenced mov eax, esi cmp al, byte [ebx + 0x75] -jae short loc_0001071b ; jae 0x1071b -call fcn_000153e9 ; call 0x153e9 +jae short loc_000107ab ; jae 0x107ab +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000106f4 ; je 0x106f4 +je short loc_00010784 ; je 0x10784 mov eax, esi movzx eax, al movzx edx, word [ebx + eax*4 + 0x49] push edx push eax -push ref_000249fd ; push 0x249fd +push ref_00024aac ; push 0x24aac push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000106f4: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010784: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010718 ; je 0x10718 +je short loc_000107a8 ; je 0x107a8 mov eax, esi movzx eax, al movzx edx, word [ebx + eax*4 + 0x4b] push edx push eax -push ref_00024a15 ; push 0x24a15 +push ref_00024ac4 ; push 0x24ac4 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010718: ; not directly referenced +loc_000107a8: ; not directly referenced inc esi -jmp short loc_000106c9 ; jmp 0x106c9 +jmp short loc_00010759 ; jmp 0x10759 -loc_0001071b: ; not directly referenced +loc_000107ab: ; not directly referenced lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_00010722: ; not directly referenced +fcn_000107b2: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010744 ; je 0x10744 +je short loc_000107d4 ; je 0x107d4 push eax push eax -push ref_00024a2f ; push 0x24a2f +push ref_00024ade ; push 0x24ade push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010744: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000107d4: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010761 ; je 0x10761 +je short loc_000107f1 ; je 0x107f1 push eax movzx eax, byte [ebx] push eax -push ref_00024a81 ; push 0x24a81 +push ref_00024b30 ; push 0x24b30 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010761: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000107f1: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001077f ; je 0x1077f +je short loc_0001080f ; je 0x1080f push eax movzx eax, byte [ebx + 1] push eax -push ref_000238b2 ; push 0x238b2 +push ref_00023942 ; push 0x23942 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001077f: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001080f: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001079b ; je 0x1079b +je short loc_0001082b ; je 0x1082b push eax push dword [ebx + 4] -push ref_00024a90 ; push 0x24a90 +push ref_00024b3f ; push 0x24b3f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001079b: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001082b: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000107b9 ; je 0x107b9 +je short loc_00010849 ; je 0x10849 push eax movzx eax, word [ebx + 8] push eax -push ref_00024a9b ; push 0x24a9b +push ref_00024b4a ; push 0x24b4a push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000107b9: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010849: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000107d7 ; je 0x107d7 +je short loc_00010867 ; je 0x10867 push ecx movzx eax, word [ebx + 0xa] push eax -push ref_00024aa8 ; push 0x24aa8 +push ref_00024b57 ; push 0x24b57 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000107d7: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010867: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000107f5 ; je 0x107f5 +je short loc_00010885 ; je 0x10885 push edx movzx eax, byte [ebx + 0xc] push eax -push ref_00024ab7 ; push 0x24ab7 +push ref_00024b66 ; push 0x24b66 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000107f5: ; not directly referenced +loc_00010885: ; not directly referenced sub esp, 0xc lea eax, [ebx + 0x10] push eax -call fcn_00010580 ; call 0x10580 +call fcn_00010610 ; call 0x10610 lea eax, [ebx + 0x36] mov dword [esp], eax -call fcn_0001014b ; call 0x1014b +call fcn_000101b9 ; call 0x101b9 lea eax, [ebx + 0x46] mov dword [esp], eax -call fcn_0000e6b1 ; call 0xe6b1 +call fcn_0000e71f ; call 0xe71f lea eax, [ebx + 0x1da] mov dword [esp], eax -call fcn_0000ebe1 ; call 0xebe1 +call fcn_0000ec4f ; call 0xec4f lea eax, [ebx + 0x284] mov dword [esp], eax -call fcn_0000e1fd ; call 0xe1fd +call fcn_0000e26b ; call 0xe26b lea eax, [ebx + 0x57c] mov dword [esp], eax -call fcn_0000e544 ; call 0xe544 +call fcn_0000e5b2 ; call 0xe5b2 lea eax, [ebx + 0x35c] mov dword [esp], eax -call fcn_0000f2c6 ; call 0xf2c6 +call fcn_0000f334 ; call 0xf334 lea eax, [ebx + 0x364] mov dword [esp], eax -call fcn_0000f3be ; call 0xf3be +call fcn_0000f42c ; call 0xf42c lea eax, [ebx + 0x370] mov dword [esp], eax -call fcn_0000f71c ; call 0xf71c +call fcn_0000f78a ; call 0xf78a lea eax, [ebx + 0x37e] mov dword [esp], eax -call fcn_000101e9 ; call 0x101e9 +call fcn_00010257 ; call 0x10257 lea eax, [ebx + 0x386] mov dword [esp], eax -call fcn_0000f63a ; call 0xf63a +call fcn_0000f6a8 ; call 0xf6a8 lea eax, [ebx + 0x40e] mov dword [esp], eax -call fcn_0000f496 ; call 0xf496 +call fcn_0000f504 ; call 0xf504 lea eax, [ebx + 0x554] mov dword [esp], eax -call fcn_0000f585 ; call 0xf585 +call fcn_0000f5f3 ; call 0xf5f3 lea eax, [ebx + 0x412] mov dword [esp], eax -call fcn_0000fc10 ; call 0xfc10 +call fcn_0000fc7e ; call 0xfc7e lea eax, [ebx + 0x442] mov dword [esp], eax -call fcn_0000f7d8 ; call 0xf7d8 +call fcn_0000f846 ; call 0xf846 lea eax, [ebx + 0x46a] mov dword [esp], eax -call fcn_0000faa5 ; call 0xfaa5 +call fcn_0000fb13 ; call 0xfb13 lea eax, [ebx + 0x476] mov dword [esp], eax -call fcn_0000fb94 ; call 0xfb94 +call fcn_0000fc02 ; call 0xfc02 lea eax, [ebx + 0x486] mov dword [esp], eax -call fcn_00010475 ; call 0x10475 +call fcn_000104e3 ; call 0x104e3 lea eax, [ebx + 0x496] add ebx, 0x4de mov dword [esp], eax -call fcn_0001024b ; call 0x1024b +call fcn_000102b9 ; call 0x102b9 mov dword [esp], ebx -call fcn_00010656 ; call 0x10656 -call fcn_000153e9 ; call 0x153e9 +call fcn_000106e6 ; call 0x106e6 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00010922 ; je 0x10922 +je short loc_000109b2 ; je 0x109b2 push eax push eax -push ref_00024ac9 ; push 0x24ac9 +push ref_00024b78 ; push 0x24b78 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010922: ; not directly referenced +loc_000109b2: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_00010927: ; not directly referenced +fcn_000109b7: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00010956 ; je 0x10956 +je short loc_000109e6 ; je 0x109e6 cmp dword [ebx + 4], 0 -jne short loc_00010956 ; jne 0x10956 +jne short loc_000109e6 ; jne 0x109e6 push eax -push ref_00024b1b ; push 0x24b1b -push 0x2bf -push ref_00024b38 ; push 0x24b38 -call fcn_000153fc ; call 0x153fc +push ref_00024bca ; push 0x24bca +push 0x2c0 +push ref_00024be7 ; push 0x24be7 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00010956: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_000109e6: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001097e ; je 0x1097e +je short loc_00010a0e ; je 0x10a0e cmp word [ebx + 8], 0 -jne short loc_0001097e ; jne 0x1097e +jne short loc_00010a0e ; jne 0x10a0e push eax -push ref_00024b63 ; push 0x24b63 -push 0x2c0 -push ref_00024b38 ; push 0x24b38 -call fcn_000153fc ; call 0x153fc +push ref_00024c12 ; push 0x24c12 +push 0x2c1 +push ref_00024be7 ; push 0x24be7 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001097e: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00010a0e: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000109a6 ; je 0x109a6 +je short loc_00010a36 ; je 0x10a36 cmp word [ebx + 0xa], 0 -jne short loc_000109a6 ; jne 0x109a6 +jne short loc_00010a36 ; jne 0x10a36 push eax -push ref_00024b82 ; push 0x24b82 -push 0x2c1 -push ref_00024b38 ; push 0x24b38 -call fcn_000153fc ; call 0x153fc +push ref_00024c31 ; push 0x24c31 +push 0x2c2 +push ref_00024be7 ; push 0x24be7 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000109a6: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00010a36: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000109cd ; je 0x109cd +je short loc_00010a5d ; je 0x10a5d cmp dword [ebx + 0x1a], 0 -jne short loc_000109cd ; jne 0x109cd +jne short loc_00010a5d ; jne 0x10a5d push eax -push ref_00024ba3 ; push 0x24ba3 -push 0x2c2 -push ref_00024b38 ; push 0x24b38 -call fcn_000153fc ; call 0x153fc +push ref_00024c52 ; push 0x24c52 +push 0x2c3 +push ref_00024be7 ; push 0x24be7 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000109cd: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00010a5d: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000109f7 ; je 0x109f7 +je short loc_00010a87 ; je 0x10a87 cmp dword [ebx + 0x1e], 0xffff -ja short loc_000109f7 ; ja 0x109f7 +ja short loc_00010a87 ; ja 0x10a87 push ecx -push ref_00024bd8 ; push 0x24bd8 -push 0x2c3 -push ref_00024b38 ; push 0x24b38 -call fcn_000153fc ; call 0x153fc +push ref_00024c87 ; push 0x24c87 +push 0x2c4 +push ref_00024be7 ; push 0x24be7 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000109f7: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00010a87: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00010a1f ; je 0x10a1f +je short loc_00010aaf ; je 0x10aaf cmp word [ebx + 0x22], 0 -jne short loc_00010a1f ; jne 0x10a1f +jne short loc_00010aaf ; jne 0x10aaf push edx -push ref_00024c0f ; push 0x24c0f -push 0x2c4 -push ref_00024b38 ; push 0x24b38 -call fcn_000153fc ; call 0x153fc +push ref_00024cbe ; push 0x24cbe +push 0x2c5 +push ref_00024be7 ; push 0x24be7 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00010a1f: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00010aaf: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00010a47 ; je 0x10a47 +je short loc_00010ad7 ; je 0x10ad7 cmp word [ebx + 0x24], 0xf -ja short loc_00010a47 ; ja 0x10a47 +ja short loc_00010ad7 ; ja 0x10ad7 push eax -push ref_00024c43 ; push 0x24c43 -push 0x2c5 -push ref_00024b38 ; push 0x24b38 -call fcn_000153fc ; call 0x153fc +push ref_00024cf2 ; push 0x24cf2 +push 0x2c6 +push ref_00024be7 ; push 0x24be7 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00010a47: ; not directly referenced +loc_00010ad7: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_00010a4c: ; not directly referenced +fcn_00010adc: ; not directly referenced push ebp mov ebp, esp push esi @@ -27173,49 +27230,49 @@ and edx, 0xf000000 or eax, 0x80000000 or eax, edx cmp cl, 1 -je short loc_00010a93 ; je 0x10a93 -jb short loc_00010a8b ; jb 0x10a8b +je short loc_00010b23 ; je 0x10b23 +jb short loc_00010b1b ; jb 0x10b1b cmp cl, 2 -je short loc_00010a9b ; je 0x10a9b +je short loc_00010b2b ; je 0x10b2b cmp cl, 3 -jne short loc_00010acd ; jne 0x10acd +jne short loc_00010b5d ; jne 0x10b5d add ebx, 0x2040 -jmp short loc_00010aa1 ; jmp 0x10aa1 +jmp short loc_00010b31 ; jmp 0x10b31 -loc_00010a8b: ; not directly referenced +loc_00010b1b: ; not directly referenced add ebx, 0x2014 -jmp short loc_00010aa1 ; jmp 0x10aa1 +jmp short loc_00010b31 ; jmp 0x10b31 -loc_00010a93: ; not directly referenced +loc_00010b23: ; not directly referenced add ebx, 0x2020 -jmp short loc_00010aa1 ; jmp 0x10aa1 +jmp short loc_00010b31 ; jmp 0x10b31 -loc_00010a9b: ; not directly referenced +loc_00010b2b: ; not directly referenced add ebx, 0x2030 -loc_00010aa1: ; not directly referenced +loc_00010b31: ; not directly referenced push edx xor esi, esi push eax push 0xf0ffff01 push ebx mov dword [ebp - 0xc], ecx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov ecx, dword [ebp - 0xc] add esp, 0x10 dec ecx cmp cl, 1 -ja short loc_00010ad2 ; ja 0x10ad2 +ja short loc_00010b62 ; ja 0x10b62 sub esp, 0xc push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 -jmp short loc_00010ad2 ; jmp 0x10ad2 +jmp short loc_00010b62 ; jmp 0x10b62 -loc_00010acd: ; not directly referenced +loc_00010b5d: ; not directly referenced mov esi, 0x80000002 -loc_00010ad2: ; not directly referenced +loc_00010b62: ; not directly referenced lea esp, [ebp - 8] mov eax, esi pop ebx @@ -27223,7 +27280,7 @@ pop esi pop ebp ret -fcn_00010adb: ; not directly referenced +fcn_00010b6b: ; not directly referenced push ebp mov ebp, esp push ebx @@ -27231,48 +27288,48 @@ push eax mov eax, dword [ebp + 0xc] mov ebx, dword [ebp + 8] cmp al, 1 -je short loc_00010b04 ; je 0x10b04 -jb short loc_00010afc ; jb 0x10afc +je short loc_00010b94 ; je 0x10b94 +jb short loc_00010b8c ; jb 0x10b8c cmp al, 2 -je short loc_00010b0c ; je 0x10b0c +je short loc_00010b9c ; je 0x10b9c cmp al, 3 -jne short loc_00010b24 ; jne 0x10b24 +jne short loc_00010bb4 ; jne 0x10bb4 add ebx, 0x2046 -jmp short loc_00010b12 ; jmp 0x10b12 +jmp short loc_00010ba2 ; jmp 0x10ba2 -loc_00010afc: ; not directly referenced +loc_00010b8c: ; not directly referenced add ebx, 0x201a -jmp short loc_00010b12 ; jmp 0x10b12 +jmp short loc_00010ba2 ; jmp 0x10ba2 -loc_00010b04: ; not directly referenced +loc_00010b94: ; not directly referenced add ebx, 0x2026 -jmp short loc_00010b12 ; jmp 0x10b12 +jmp short loc_00010ba2 ; jmp 0x10ba2 -loc_00010b0c: ; not directly referenced +loc_00010b9c: ; not directly referenced add ebx, 0x2036 -loc_00010b12: ; not directly referenced +loc_00010ba2: ; not directly referenced sub esp, 0xc push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 2 -jne short loc_00010b12 ; jne 0x10b12 -jmp short loc_00010b2b ; jmp 0x10b2b +jne short loc_00010ba2 ; jne 0x10ba2 +jmp short loc_00010bbb ; jmp 0x10bbb -loc_00010b24: ; not directly referenced +loc_00010bb4: ; not directly referenced mov eax, 0x80000002 -jmp short loc_00010b2d ; jmp 0x10b2d +jmp short loc_00010bbd ; jmp 0x10bbd -loc_00010b2b: ; not directly referenced +loc_00010bbb: ; not directly referenced xor eax, eax -loc_00010b2d: ; not directly referenced +loc_00010bbd: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_00010b32: ; not directly referenced +fcn_00010bc2: ; not directly referenced push ebp mov ebp, esp push edi @@ -27283,43 +27340,43 @@ lea eax, [ebp - 0x20] push eax push 0 push 0 -push ref_000290cc ; push 0x290cc +push ref_0002917c ; push 0x2917c mov dword [ebp - 0x1c], 0 -call fcn_00019699 ; call 0x19699 +call fcn_0001975d ; call 0x1975d mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00010b9b ; je 0x10b9b +je short loc_00010c2b ; je 0x10c2b test ebx, ebx -jns short loc_00010b9b ; jns 0x10b9b -call fcn_000153e9 ; call 0x153e9 +jns short loc_00010c2b ; jns 0x10c2b +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010b83 ; je 0x10b83 +je short loc_00010c13 ; je 0x10c13 push edi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010b83: ; not directly referenced +loc_00010c13: ; not directly referenced push esi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xa7 -push ref_00024c76 ; push 0x24c76 -call fcn_000153fc ; call 0x153fc +push ref_00024d25 ; push 0x24d25 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00010b9b: ; not directly referenced +loc_00010c2b: ; not directly referenced push ebx push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xf0 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0xc push 0x200000 push 0xff0fffff @@ -27327,38 +27384,38 @@ mov esi, eax and esi, 0xffffc000 lea edi, [esi + 0x50] push edi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebp - 0x20] add esp, 0x10 cmp byte [eax + 0x24], 1 -jne short loc_00010bee ; jne 0x10bee +jne short loc_00010c7e ; jne 0x10c7e push ecx push ecx push 0xa0000 push edi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_00010bee: ; not directly referenced +loc_00010c7e: ; not directly referenced sub esp, 0xc xor ebx, ebx push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 -loc_00010bfc: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010c8c: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010c1b ; je 0x10c1b +je short loc_00010cab ; je 0x10cab mov eax, dword [ebp - 0x20] push dword [eax + ebx*4] push ebx -push ref_00024c9f ; push 0x24c9f +push ref_00024d4e ; push 0x24d4e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010c1b: ; not directly referenced +loc_00010cab: ; not directly referenced mov eax, dword [ebp - 0x20] mov cl, bl mov edx, dword [eax + ebx*4] @@ -27367,14 +27424,14 @@ inc ebx shl eax, cl or byte [ebp + edx - 0x1c], al cmp ebx, 8 -jne short loc_00010bfc ; jne 0x10bfc +jne short loc_00010c8c ; jne 0x10c8c xor bl, bl -loc_00010c36: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010cc6: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al lea eax, [ebx + ebx] -je short loc_00010c6a ; je 0x10c6a +je short loc_00010cfa ; je 0x10cfa mov edx, eax sub esp, 0xc add edx, dword [ebp - 0x20] @@ -27384,54 +27441,54 @@ push ecx movzx edx, byte [edx + 0x21] push edx push ebx -push ref_00024caf ; push 0x24caf +push ref_00024d5e ; push 0x24d5e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 mov eax, dword [ebp - 0x2c] add esp, 0x20 -loc_00010c6a: ; not directly referenced +loc_00010cfa: ; not directly referenced add eax, dword [ebp - 0x20] cmp byte [eax + 0x20], 1 -jne short loc_00010c88 ; jne 0x10c88 +jne short loc_00010d18 ; jne 0x10d18 movzx edx, byte [ebp + ebx - 0x1c] push edx movzx eax, byte [eax + 0x21] push eax push ebx push esi -call fcn_00010a4c ; call 0x10a4c +call fcn_00010adc ; call 0x10adc add esp, 0x10 -loc_00010c88: ; not directly referenced +loc_00010d18: ; not directly referenced inc ebx cmp ebx, 4 -jne short loc_00010c36 ; jne 0x10c36 +jne short loc_00010cc6 ; jne 0x10cc6 push edx xor bl, bl push edx push 0x80000000 push edi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov dword [esp], edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 -loc_00010ca8: ; not directly referenced +loc_00010d38: ; not directly referenced mov eax, dword [ebp - 0x20] cmp byte [eax + ebx*2 + 0x20], 1 -jne short loc_00010cbe ; jne 0x10cbe +jne short loc_00010d4e ; jne 0x10d4e push eax push eax push ebx push esi -call fcn_00010adb ; call 0x10adb +call fcn_00010b6b ; call 0x10b6b add esp, 0x10 -loc_00010cbe: ; not directly referenced +loc_00010d4e: ; not directly referenced inc ebx cmp ebx, 4 -jne short loc_00010ca8 ; jne 0x10ca8 +jne short loc_00010d38 ; jne 0x10d38 lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -27440,67 +27497,67 @@ pop edi pop ebp ret -fcn_00010cce: ; not directly referenced +fcn_00010d5e: ; not directly referenced push ebp mov ebp, esp push ebx push eax -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb dec eax -jne loc_00010d64 ; jne 0x10d64 -call fcn_000153e9 ; call 0x153e9 +jne loc_00010df4 ; jne 0x10df4 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010cf9 ; je 0x10cf9 +je short loc_00010d89 ; je 0x10d89 push ebx push ebx -push ref_00024ccc ; push 0x24ccc +push ref_00024d7b ; push 0x24d7b push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010cf9: ; not directly referenced +loc_00010d89: ; not directly referenced push ecx push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xf0 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ebx, eax and ebx, 0xffffc000 lea eax, [ebx + 0x21a4] mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0xf cmp eax, 2 -jne short loc_00010d4a ; jne 0x10d4a +jne short loc_00010dda ; jne 0x10dda push edx add ebx, 0x21b0 push 2 push 0xf0 push ebx -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a add esp, 0x10 -loc_00010d4a: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00010dda: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010d64 ; je 0x10d64 +je short loc_00010df4 ; je 0x10df4 push eax push eax -push ref_00024ce4 ; push 0x24ce4 +push ref_00024d93 ; push 0x24d93 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010d64: ; not directly referenced +loc_00010df4: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_00010d69: +fcn_00010df9: push ebp mov ebp, esp push edi @@ -27511,127 +27568,127 @@ mov eax, dword [ebp + 0x14] mov ebx, dword [ebp + 0x10] add eax, 0x410 push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov byte [ebp - 0x1b], al cmp ebx, 0x22 -ja short loc_00010da4 ; ja 0x10da4 +ja short loc_00010e34 ; ja 0x10e34 cmp ebx, 0x20 -jae short loc_00010dae ; jae 0x10dae +jae short loc_00010e3e ; jae 0x10e3e cmp ebx, 1 -jb short loc_00010dc6 ; jb 0x10dc6 +jb short loc_00010e56 ; jb 0x10e56 cmp ebx, 3 -jbe short loc_00010dba ; jbe 0x10dba +jbe short loc_00010e4a ; jbe 0x10e4a cmp ebx, 0x10 -je short loc_00010dba ; je 0x10dba -jmp short loc_00010dc6 ; jmp 0x10dc6 +je short loc_00010e4a ; je 0x10e4a +jmp short loc_00010e56 ; jmp 0x10e56 -loc_00010da4: +loc_00010e34: lea eax, [ebx - 0x41] cmp eax, 2 -jbe short loc_00010dcc ; jbe 0x10dcc -jmp short loc_00010dc6 ; jmp 0x10dc6 +jbe short loc_00010e5c ; jbe 0x10e5c +jmp short loc_00010e56 ; jmp 0x10e56 -loc_00010dae: -mov esi, ref_000284d8 ; mov esi, 0x284d8 +loc_00010e3e: +mov esi, ref_00028588 ; mov esi, 0x28588 mov edi, 0x14 -jmp short loc_00010dd6 ; jmp 0x10dd6 +jmp short loc_00010e66 ; jmp 0x10e66 -loc_00010dba: -mov esi, ref_000275ec ; mov esi, 0x275ec +loc_00010e4a: +mov esi, ref_0002769c ; mov esi, 0x2769c mov edi, 0x24 -jmp short loc_00010dd6 ; jmp 0x10dd6 +jmp short loc_00010e66 ; jmp 0x10e66 -loc_00010dc6: +loc_00010e56: xor esi, esi xor edi, edi -jmp short loc_00010dd6 ; jmp 0x10dd6 +jmp short loc_00010e66 ; jmp 0x10e66 -loc_00010dcc: -mov esi, ref_00028ca4 ; mov esi, 0x28ca4 +loc_00010e5c: +mov esi, ref_00028d54 ; mov esi, 0x28d54 mov edi, 0x16 -loc_00010dd6: +loc_00010e66: add esi, 8 mov word [ebp - 0x1a], 0 -loc_00010ddf: +loc_00010e6f: cmp word [ebp - 0x1a], di -je short loc_00010e4a ; je 0x10e4a +je short loc_00010eda ; je 0x10eda push dword [esi] push dword [esi - 4] push dword [esi - 8] push dword [ebp + 0x18] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov dword [ebp - 0x20], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00010e41 ; je 0x10e41 +je short loc_00010ed1 ; je 0x10ed1 cmp dword [ebp - 0x20], 0 -jns short loc_00010e41 ; jns 0x10e41 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00010ed1 ; jns 0x10ed1 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010e29 ; je 0x10e29 +je short loc_00010eb9 ; je 0x10eb9 push eax push dword [ebp - 0x20] -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010e29: +loc_00010eb9: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x173 -push ref_00024c76 ; push 0x24c76 -call fcn_000153fc ; call 0x153fc +push ref_00024d25 ; push 0x24d25 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00010e41: +loc_00010ed1: inc word [ebp - 0x1a] add esi, 0xc -jmp short loc_00010ddf ; jmp 0x10ddf +jmp short loc_00010e6f ; jmp 0x10e6f -loc_00010e4a: +loc_00010eda: cmp ebx, 0x22 -ja short loc_00010e65 ; ja 0x10e65 +ja short loc_00010ef5 ; ja 0x10ef5 cmp ebx, 0x20 -jae short loc_00010e6f ; jae 0x10e6f +jae short loc_00010eff ; jae 0x10eff cmp ebx, 1 -jb short loc_00010e87 ; jb 0x10e87 +jb short loc_00010f17 ; jb 0x10f17 cmp ebx, 3 -jbe short loc_00010e7b ; jbe 0x10e7b +jbe short loc_00010f0b ; jbe 0x10f0b cmp ebx, 0x10 -je short loc_00010e7b ; je 0x10e7b -jmp short loc_00010e87 ; jmp 0x10e87 +je short loc_00010f0b ; je 0x10f0b +jmp short loc_00010f17 ; jmp 0x10f17 -loc_00010e65: +loc_00010ef5: sub ebx, 0x41 cmp ebx, 2 -jbe short loc_00010e8d ; jbe 0x10e8d -jmp short loc_00010e87 ; jmp 0x10e87 +jbe short loc_00010f1d ; jbe 0x10f1d +jmp short loc_00010f17 ; jmp 0x10f17 -loc_00010e6f: -mov edi, ref_000283d0 ; mov edi, 0x283d0 +loc_00010eff: +mov edi, ref_00028480 ; mov edi, 0x28480 mov esi, 0x16 -jmp short loc_00010e97 ; jmp 0x10e97 +jmp short loc_00010f27 ; jmp 0x10f27 -loc_00010e7b: -mov edi, ref_0002779c ; mov edi, 0x2779c +loc_00010f0b: +mov edi, ref_0002784c ; mov edi, 0x2784c mov esi, 0x14 -jmp short loc_00010e97 ; jmp 0x10e97 +jmp short loc_00010f27 ; jmp 0x10f27 -loc_00010e87: +loc_00010f17: xor edi, edi xor esi, esi -jmp short loc_00010e97 ; jmp 0x10e97 +jmp short loc_00010f27 ; jmp 0x10f27 -loc_00010e8d: -mov edi, ref_00028b84 ; mov edi, 0x28b84 +loc_00010f1d: +mov edi, ref_00028c34 ; mov edi, 0x28c34 mov esi, 0x18 -loc_00010e97: +loc_00010f27: mov dl, byte [ebp - 0x1b] imul esi, esi, 0xc mov al, dl @@ -27642,87 +27699,87 @@ mov al, dl and eax, 0xc mov byte [ebp - 0x20], al -loc_00010eaf: +loc_00010f3f: cmp edi, esi -je loc_00010f5a ; je 0x10f5a +je loc_00010fea ; je 0x10fea cmp dword [ebp + 0xc], 2 -jne short loc_00010ed4 ; jne 0x10ed4 +jne short loc_00010f64 ; jne 0x10f64 mov eax, dword [edi] and eax, 0xfe00 cmp eax, 0x2400 -je short loc_00010ef5 ; je 0x10ef5 +je short loc_00010f85 ; je 0x10f85 cmp eax, 0x2600 -jne short loc_00010efb ; jne 0x10efb -jmp short loc_00010ee8 ; jmp 0x10ee8 +jne short loc_00010f8b ; jne 0x10f8b +jmp short loc_00010f78 ; jmp 0x10f78 -loc_00010ed4: +loc_00010f64: cmp dword [ebp + 0xc], 1 -jne short loc_00010efb ; jne 0x10efb +jne short loc_00010f8b ; jne 0x10f8b mov eax, dword [edi] and eax, 0xfe00 cmp eax, 0x2c00 -jne short loc_00010eee ; jne 0x10eee +jne short loc_00010f7e ; jne 0x10f7e -loc_00010ee8: +loc_00010f78: cmp byte [ebp - 0x20], 8 -jmp short loc_00010ef9 ; jmp 0x10ef9 +jmp short loc_00010f89 ; jmp 0x10f89 -loc_00010eee: +loc_00010f7e: cmp eax, 0x2e00 -jne short loc_00010efb ; jne 0x10efb +jne short loc_00010f8b ; jne 0x10f8b -loc_00010ef5: +loc_00010f85: cmp byte [ebp - 0x1a], 2 -loc_00010ef9: -jne short loc_00010f52 ; jne 0x10f52 +loc_00010f89: +jne short loc_00010fe2 ; jne 0x10fe2 -loc_00010efb: +loc_00010f8b: push dword [edi + 8] push dword [edi + 4] push dword [edi] push dword [ebp + 0x18] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00010f52 ; je 0x10f52 +je short loc_00010fe2 ; je 0x10fe2 test ebx, ebx -jns short loc_00010f52 ; jns 0x10f52 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00010fe2 ; jns 0x10fe2 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010f3a ; je 0x10f3a +je short loc_00010fca ; je 0x10fca push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010f3a: +loc_00010fca: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x1a4 -push ref_00024c76 ; push 0x24c76 -call fcn_000153fc ; call 0x153fc +push ref_00024d25 ; push 0x24d25 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00010f52: +loc_00010fe2: add edi, 0xc -jmp near loc_00010eaf ; jmp 0x10eaf +jmp near loc_00010f3f ; jmp 0x10f3f -loc_00010f5a: +loc_00010fea: mov eax, dword [ebp + 8] xor ebx, ebx cmp byte [eax], 8 -ja short loc_00010f6b ; ja 0x10f6b +ja short loc_00010ffb ; ja 0x10ffb -loc_00010f64: +loc_00010ff4: xor eax, eax -jmp near loc_0001119f ; jmp 0x1119f +jmp near loc_0001122f ; jmp 0x1122f -loc_00010f6b: +loc_00010ffb: mov cl, byte [ebp - 0x1b] mov al, cl and eax, 0xc @@ -27731,198 +27788,198 @@ mov al, cl and eax, 3 mov byte [ebp - 0x20], al -loc_00010f7e: -call fcn_0001c234 ; call 0x1c234 +loc_0001100e: +call fcn_0001c2f8 ; call 0x1c2f8 movzx eax, al cmp ebx, eax -jae short loc_00010f64 ; jae 0x10f64 +jae short loc_00010ff4 ; jae 0x10ff4 cmp ebx, 2 -jne short loc_00010f95 ; jne 0x10f95 +jne short loc_00011025 ; jne 0x11025 cmp byte [ebp - 0x20], 2 -jmp short loc_00010f9e ; jmp 0x10f9e +jmp short loc_0001102e ; jmp 0x1102e -loc_00010f95: +loc_00011025: cmp ebx, 3 -jne short loc_00010fa4 ; jne 0x10fa4 +jne short loc_00011034 ; jne 0x11034 cmp byte [ebp - 0x1b], 8 -loc_00010f9e: -jne loc_00011199 ; jne 0x11199 +loc_0001102e: +jne loc_00011229 ; jne 0x11229 -loc_00010fa4: +loc_00011034: cmp dword [ebp + 0xc], 1 -jne short loc_00010fb3 ; jne 0x10fb3 -mov esi, dword [ebx*4 + ref_000203c0] ; mov esi, dword [ebx*4 + 0x203c0] -jmp short loc_00010fba ; jmp 0x10fba +jne short loc_00011043 ; jne 0x11043 +mov esi, dword [ebx*4 + ref_00020450] ; mov esi, dword [ebx*4 + 0x20450] +jmp short loc_0001104a ; jmp 0x1104a -loc_00010fb3: -mov esi, dword [ebx*4 + ref_000203a8] ; mov esi, dword [ebx*4 + 0x203a8] +loc_00011043: +mov esi, dword [ebx*4 + ref_00020438] ; mov esi, dword [ebx*4 + 0x20438] -loc_00010fba: +loc_0001104a: mov ecx, dword [ebp + 8] lea eax, [ebx + 0xae] test byte [ecx + eax*8 + 0x10], 1 -je short loc_00011029 ; je 0x11029 +je short loc_000110b9 ; je 0x110b9 movzx eax, byte [ecx + eax*8 + 0xc] lea edx, [eax - 0x69] cmp dl, 0x17 -jbe short loc_0001101f ; jbe 0x1101f -call fcn_000153e9 ; call 0x153e9 +jbe short loc_000110af ; jbe 0x110af +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00010ff4 ; je 0x10ff4 +je short loc_00011084 ; je 0x11084 push eax push eax -push ref_00024cfa ; push 0x24cfa +push ref_00024da9 ; push 0x24da9 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00010ff4: -call fcn_000153f0 ; call 0x153f0 +loc_00011084: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00011015 ; je 0x11015 +je short loc_000110a5 ; je 0x110a5 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x1bd -loc_00011008: -push ref_00024c76 ; push 0x24c76 -call fcn_000153fc ; call 0x153fc +loc_00011098: +push ref_00024d25 ; push 0x24d25 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00011015: +loc_000110a5: mov eax, 0x80000002 -jmp near loc_0001119f ; jmp 0x1119f +jmp near loc_0001122f ; jmp 0x1122f -loc_0001101f: +loc_000110af: shl eax, 0x10 mov edx, 0xff00ffff -jmp short loc_0001102e ; jmp 0x1102e +jmp short loc_000110be ; jmp 0x110be -loc_00011029: +loc_000110b9: xor eax, eax or edx, 0xffffffff -loc_0001102e: +loc_000110be: mov edi, dword [ebp + 8] lea ecx, [ebx + 0xae] test byte [edi + ecx*8 + 0x10], 2 -je short loc_0001108f ; je 0x1108f +je short loc_0001111f ; je 0x1111f mov cl, byte [edi + ecx*8 + 0xd] lea edi, [ecx - 0x80] mov byte [ebp - 0x1a], cl mov ecx, edi cmp cl, 0x1c -jbe short loc_00011082 ; jbe 0x11082 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_00011112 ; jbe 0x11112 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001106c ; je 0x1106c +je short loc_000110fc ; je 0x110fc push edi push edi -push ref_00024d29 ; push 0x24d29 +push ref_00024dd8 ; push 0x24dd8 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001106c: -call fcn_000153f0 ; call 0x153f0 +loc_000110fc: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00011015 ; je 0x11015 +je short loc_000110a5 ; je 0x110a5 push esi -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x1ca -jmp short loc_00011008 ; jmp 0x11008 +jmp short loc_00011098 ; jmp 0x11098 -loc_00011082: +loc_00011112: movzx ecx, byte [ebp - 0x1a] xor dh, dh shl ecx, 8 or eax, ecx -jmp short loc_00011094 ; jmp 0x11094 +jmp short loc_00011124 ; jmp 0x11124 -loc_0001108f: +loc_0001111f: cmp edx, 0xffffffff -je short loc_000110a8 ; je 0x110a8 +je short loc_00011138 ; je 0x11138 -loc_00011094: +loc_00011124: push eax push edx lea eax, [esi + 0x88] push eax push dword [ebp + 0x18] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x10 -loc_000110a8: +loc_00011138: mov ecx, dword [ebp + 8] lea eax, [ebx + 0xae] test byte [ecx + eax*8 + 0x10], 4 -je short loc_0001111a ; je 0x1111a +je short loc_000111aa ; je 0x111aa movzx eax, byte [ecx + eax*8 + 0xe] lea edx, [eax - 0x39] cmp dl, 0x47 -jbe short loc_000110ff ; jbe 0x110ff -call fcn_000153e9 ; call 0x153e9 +jbe short loc_0001118f ; jbe 0x1118f +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000110e2 ; je 0x110e2 +je short loc_00011172 ; je 0x11172 push ebx push ebx -push ref_00024d5b ; push 0x24d5b +push ref_00024e0a ; push 0x24e0a push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000110e2: -call fcn_000153f0 ; call 0x153f0 +loc_00011172: +call fcn_00015480 ; call 0x15480 test al, al -je loc_00011015 ; je 0x11015 +je loc_000110a5 ; je 0x110a5 push ecx -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x1e2 -jmp near loc_00011008 ; jmp 0x11008 +jmp near loc_00011098 ; jmp 0x11098 -loc_000110ff: +loc_0001118f: shl eax, 8 push eax push 0xffff00ff lea eax, [esi + 0x90] push eax push dword [ebp + 0x18] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x10 -loc_0001111a: +loc_000111aa: mov ecx, dword [ebp + 8] lea eax, [ebx + 0xae] test byte [ecx + eax*8 + 0x10], 8 -je short loc_00011199 ; je 0x11199 +je short loc_00011229 ; je 0x11229 mov cl, byte [ecx + eax*8 + 0xf] mov dl, cl shr dl, 1 lea eax, [edx + 0x43] and eax, 0x7f cmp al, 0xd -jbe short loc_00011176 ; jbe 0x11176 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_00011206 ; jbe 0x11206 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00011159 ; je 0x11159 +je short loc_000111e9 ; je 0x111e9 push edx push edx -push ref_00024d86 ; push 0x24d86 +push ref_00024e35 ; push 0x24e35 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00011159: -call fcn_000153f0 ; call 0x153f0 +loc_000111e9: +call fcn_00015480 ; call 0x15480 test al, al -je loc_00011015 ; je 0x11015 +je loc_000110a5 ; je 0x110a5 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x1f3 -jmp near loc_00011008 ; jmp 0x11008 +jmp near loc_00011098 ; jmp 0x11098 -loc_00011176: +loc_00011206: and ecx, 1 movzx edx, dl shl ecx, 7 @@ -27932,14 +27989,14 @@ push ecx push 0xffffff00 push esi push dword [ebp + 0x18] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x10 -loc_00011199: +loc_00011229: inc ebx -jmp near loc_00010f7e ; jmp 0x10f7e +jmp near loc_0001100e ; jmp 0x1100e -loc_0001119f: +loc_0001122f: lea esp, [ebp - 0xc] pop ebx pop esi @@ -27947,7 +28004,7 @@ pop edi pop ebp ret -fcn_000111a7: +fcn_00011237: push ebp mov ebp, esp push edi @@ -27961,190 +28018,190 @@ lea eax, [esi + 0x410] add esi, 0xfc push eax mov dword [ebp - 0x1c], ecx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov dword [esp], esi mov edi, eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ecx, dword [ebp - 0x1c] add esp, 0x10 cmp ecx, 0x22 -ja short loc_00011200 ; ja 0x11200 +ja short loc_00011290 ; ja 0x11290 cmp ecx, 0x20 -jae short loc_0001121a ; jae 0x1121a +jae short loc_000112aa ; jae 0x112aa cmp ecx, 1 -jb loc_000113d5 ; jb 0x113d5 +jb loc_00011465 ; jb 0x11465 cmp ecx, 3 -jbe short loc_00011213 ; jbe 0x11213 +jbe short loc_000112a3 ; jbe 0x112a3 cmp ecx, 0x10 -je short loc_00011213 ; je 0x11213 -jmp near loc_000113d5 ; jmp 0x113d5 +je short loc_000112a3 ; je 0x112a3 +jmp near loc_00011465 ; jmp 0x11465 -loc_00011200: +loc_00011290: sub ecx, 0x41 cmp ecx, 2 -ja loc_000113d5 ; ja 0x113d5 -mov ecx, ref_000287a0 ; mov ecx, 0x287a0 -jmp short loc_0001121f ; jmp 0x1121f +ja loc_00011465 ; ja 0x11465 +mov ecx, ref_00028850 ; mov ecx, 0x28850 +jmp short loc_000112af ; jmp 0x112af -loc_00011213: -mov ecx, ref_0002758c ; mov ecx, 0x2758c -jmp short loc_0001121f ; jmp 0x1121f +loc_000112a3: +mov ecx, ref_0002763c ; mov ecx, 0x2763c +jmp short loc_000112af ; jmp 0x112af -loc_0001121a: -mov ecx, ref_0002801c ; mov ecx, 0x2801c +loc_000112aa: +mov ecx, ref_000280cc ; mov ecx, 0x280cc -loc_0001121f: +loc_000112af: test eax, 0x80000 -je loc_000113d5 ; je 0x113d5 +je loc_00011465 ; je 0x11465 and eax, 0x70000 mov edx, eax shr edx, 0x10 cmp dword [ebp + 0xc], 2 -jne short loc_0001129d ; jne 0x1129d +jne short loc_0001132d ; jne 0x1132d cmp dl, 5 -ja loc_000113d5 ; ja 0x113d5 +ja loc_00011465 ; ja 0x11465 imul edx, edx, 0xc add ecx, edx push dword [ecx + 8] push dword [ecx + 4] push dword [ecx] push ebx -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je loc_000113d5 ; je 0x113d5 +je loc_00011465 ; je 0x11465 test ebx, ebx -jns loc_000113d5 ; jns 0x113d5 -call fcn_000153e9 ; call 0x153e9 +jns loc_00011465 ; jns 0x11465 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001128d ; je 0x1128d +je short loc_0001131d ; je 0x1131d push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001128d: +loc_0001131d: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x241 -jmp near loc_000113c8 ; jmp 0x113c8 +jmp near loc_00011458 ; jmp 0x11458 -loc_0001129d: +loc_0001132d: cmp dword [ebp + 0xc], 1 -jne loc_000113d5 ; jne 0x113d5 +jne loc_00011465 ; jne 0x11465 test dl, dl -jne short loc_00011312 ; jne 0x11312 +jne short loc_000113a2 ; jne 0x113a2 mov eax, edi and eax, 3 dec al -jne loc_000113d5 ; jne 0x113d5 +jne loc_00011465 ; jne 0x11465 imul edx, edx, 0xc add ecx, edx push dword [ecx + 8] push dword [ecx + 4] push dword [ecx] push ebx -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je loc_000113d5 ; je 0x113d5 +je loc_00011465 ; je 0x11465 test ebx, ebx -jns loc_000113d5 ; jns 0x113d5 -call fcn_000153e9 ; call 0x153e9 +jns loc_00011465 ; jns 0x11465 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00011302 ; je 0x11302 +je short loc_00011392 ; je 0x11392 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00011302: +loc_00011392: push edi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x24d -jmp near loc_000113c8 ; jmp 0x113c8 +jmp near loc_00011458 ; jmp 0x11458 -loc_00011312: +loc_000113a2: cmp dl, 1 -jne short loc_0001137b ; jne 0x1137b +jne short loc_0001140b ; jne 0x1140b mov eax, edi and eax, 0xc cmp al, 4 -jne loc_000113d5 ; jne 0x113d5 +jne loc_00011465 ; jne 0x11465 imul edx, edx, 0xc add ecx, edx push dword [ecx + 8] push dword [ecx + 4] push dword [ecx] push ebx -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je loc_000113d5 ; je 0x113d5 +je loc_00011465 ; je 0x11465 test ebx, ebx -jns loc_000113d5 ; jns 0x113d5 -call fcn_000153e9 ; call 0x153e9 +jns loc_00011465 ; jns 0x11465 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001136e ; je 0x1136e +je short loc_000113fe ; je 0x113fe push esi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001136e: +loc_000113fe: push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x257 -jmp short loc_000113c8 ; jmp 0x113c8 +jmp short loc_00011458 ; jmp 0x11458 -loc_0001137b: +loc_0001140b: imul edx, edx, 0xc add ecx, edx push dword [ecx + 8] push dword [ecx + 4] push dword [ecx] push ebx -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_000113d5 ; je 0x113d5 +je short loc_00011465 ; je 0x11465 test ebx, ebx -jns short loc_000113d5 ; jns 0x113d5 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00011465 ; jns 0x11465 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000113bd ; je 0x113bd +je short loc_0001144d ; je 0x1144d push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000113bd: +loc_0001144d: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x260 -loc_000113c8: -push ref_00024c76 ; push 0x24c76 -call fcn_000153fc ; call 0x153fc +loc_00011458: +push ref_00024d25 ; push 0x24d25 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000113d5: +loc_00011465: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -28153,14 +28210,14 @@ pop edi pop ebp ret -fcn_000113df: +fcn_0001146f: push ebp mov ebp, esp push edi push esi push ebx sub esp, 0x1c -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov esi, eax mov eax, dword [ebp + 8] mov ebx, dword [eax + 4] @@ -28168,24 +28225,24 @@ push edi push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0x1c push 0 mov edi, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc add edi, 2 push 0 push 0x14 push 0 mov dword [ebp - 0x20], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], edi mov dword [ebp - 0x24], eax -call fcn_00017cfe ; call 0x17cfe -call fcn_0001bb39 ; call 0x1bb39 +call fcn_00017dc2 ; call 0x17dc2 +call fcn_0001bbfd ; call 0x1bbfd movzx eax, al mov dword [ebp - 0x1c], eax pop eax @@ -28193,156 +28250,156 @@ pop edx lea eax, [ebx + 0x2088] push 0x109000 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f lea eax, [ebx + 0x20ac] pop ecx pop edi push 0x40000000 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 cmp esi, 1 -jne short loc_000114a2 ; jne 0x114a2 +jne short loc_00011532 ; jne 0x11532 push eax push eax push 0x1b lea edi, [ebx + 0x2340] push edi -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 add esp, 0xc push 0x3a0000 push 0xff00ffff push edi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 lea eax, [ebx + 0x2324] pop edx pop ecx push 0x854c74 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_000114a2: +loc_00011532: sub esp, 0xc push ebx push dword [ebp - 0x20] push dword [ebp - 0x1c] push esi push dword [ebp + 8] -call fcn_00010d69 ; call 0x10d69 +call fcn_00010df9 ; call 0x10df9 add esp, 0x20 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000114fc ; je 0x114fc +je short loc_0001158c ; je 0x1158c test edi, edi -jns short loc_000114fc ; jns 0x114fc -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001158c ; jns 0x1158c +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000114e4 ; je 0x114e4 +je short loc_00011574 ; je 0x11574 push eax push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000114e4: +loc_00011574: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x34e -push ref_00024c76 ; push 0x24c76 -call fcn_000153fc ; call 0x153fc +push ref_00024d25 ; push 0x24d25 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000114fc: +loc_0001158c: sub esp, 0xc push ebx push dword [ebp - 0x20] push dword [ebp - 0x1c] push esi push dword [ebp + 8] -call fcn_000111a7 ; call 0x111a7 +call fcn_00011237 ; call 0x11237 add esp, 0x20 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00011556 ; je 0x11556 +je short loc_000115e6 ; je 0x115e6 test esi, esi -jns short loc_00011556 ; jns 0x11556 -call fcn_000153e9 ; call 0x153e9 +jns short loc_000115e6 ; jns 0x115e6 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001153e ; je 0x1153e +je short loc_000115ce ; je 0x115ce push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001153e: +loc_000115ce: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x350 -push ref_00024c76 ; push 0x24c76 -call fcn_000153fc ; call 0x153fc +push ref_00024d25 ; push 0x24d25 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00011556: -call fcn_0001bef7 ; call 0x1bef7 +loc_000115e6: +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 2 -je short loc_0001156e ; je 0x1156e +je short loc_000115fe ; je 0x115fe -loc_00011560: -call fcn_0001bef7 ; call 0x1bef7 +loc_000115f0: +call fcn_0001bfbb ; call 0x1bfbb dec eax -jne loc_00011613 ; jne 0x11613 -jmp short loc_000115bb ; jmp 0x115bb +jne loc_000116a3 ; jne 0x116a3 +jmp short loc_0001164b ; jmp 0x1164b -loc_0001156e: +loc_000115fe: mov byte [ebp - 0x1c], 0 -loc_00011572: -call fcn_0001c0fb ; call 0x1c0fb +loc_00011602: +call fcn_0001c1bf ; call 0x1c1bf cmp byte [ebp - 0x1c], al -jae short loc_00011560 ; jae 0x11560 +jae short loc_000115f0 ; jae 0x115f0 push eax movzx eax, byte [ebp - 0x1c] push eax push 0x1c push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov edi, eax pop eax pop edx lea eax, [edi + 0x110] push 0x31c1 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 lea edx, [edi + 0x104] pop ecx pop eax push 0x17d010 push edx -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 inc byte [ebp - 0x1c] -jmp short loc_00011572 ; jmp 0x11572 +jmp short loc_00011602 ; jmp 0x11602 -loc_000115bb: +loc_0001164b: sub esp, 0xc lea eax, [ebx + 0x2320] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov edx, 0x20000 test al, 2 -jne short loc_000115fa ; jne 0x115fa +jne short loc_0001168a ; jne 0x1168a mov eax, dword [ebp - 0x20] sub esp, 0xc add eax, 0xf5 push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 and eax, 1 cmp al, 1 @@ -28350,71 +28407,71 @@ sbb edx, edx xor dx, dx add edx, 0x20000 -loc_000115fa: +loc_0001168a: or dh, 0x30 push eax push edx push 0xfffc0fff lea eax, [ebx + 0x21a4] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_00011613: +loc_000116a3: push edi push edi push 0xfffffffffffffff0 lea eax, [ebx + 0x2348] push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e mov eax, dword [ebp - 0x24] add esp, 0xc push 0x10000 push 0xffffff7f add eax, 0xb0 push eax -call fcn_00018aa4 ; call 0x18aa4 -call fcn_0001bef7 ; call 0x1bef7 +call fcn_00018b68 ; call 0x18b68 +call fcn_0001bfbb ; call 0x1bfbb add esp, 0x10 cmp eax, 2 -jne short loc_000116b7 ; jne 0x116b7 +jne short loc_00011747 ; jne 0x11747 push ecx push ecx push 0x10 lea eax, [ebx + 0x260c] push eax -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 push 0x3100 push 0xffffceff push 0xec000106 push ebx -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x20 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000116b7 ; je 0x116b7 +je short loc_00011747 ; je 0x11747 test esi, esi -jns short loc_000116b7 ; jns 0x116b7 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00011747 ; jns 0x11747 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001169f ; je 0x1169f +je short loc_0001172f ; je 0x1172f push edx push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001169f: +loc_0001172f: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x3b8 -push ref_00024c76 ; push 0x24c76 -call fcn_000153fc ; call 0x153fc +push ref_00024d25 ; push 0x24d25 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000116b7: +loc_00011747: lea esp, [ebp - 0xc] mov eax, esi pop ebx @@ -28423,7 +28480,7 @@ pop edi pop ebp ret -fcn_000116c1: +fcn_00011751: push ebp mov ebp, esp push edi @@ -28431,79 +28488,79 @@ push esi push ebx sub esp, 0x1c mov esi, dword [ebp + 0x14] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000116e7 ; je 0x116e7 +je short loc_00011777 ; je 0x11777 push eax push eax -push ref_00024db6 ; push 0x24db6 +push ref_00024e65 ; push 0x24e65 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000116e7: +loc_00011777: cmp dword [ebp + 8], 0 mov ebx, 0x80000002 -je loc_0001180f ; je 0x1180f -call fcn_000153e9 ; call 0x153e9 +je loc_0001189f ; je 0x1189f +call fcn_00015479 ; call 0x15479 test al, al mov eax, esi movzx ebx, al -je short loc_00011715 ; je 0x11715 +je short loc_000117a5 ; je 0x117a5 push eax push ebx -push ref_00024dd1 ; push 0x24dd1 +push ref_00024e80 ; push 0x24e80 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00011715: -call fcn_000153e9 ; call 0x153e9 +loc_000117a5: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00011731 ; je 0x11731 +je short loc_000117c1 ; je 0x117c1 push eax push dword [ebp + 0xc] -push ref_00024de2 ; push 0x24de2 +push ref_00024e91 ; push 0x24e91 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00011731: -call fcn_000153e9 ; call 0x153e9 +loc_000117c1: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001174d ; je 0x1174d +je short loc_000117dd ; je 0x117dd push eax push dword [ebp + 0x10] -push ref_00024dfa ; push 0x24dfa +push ref_00024ea9 ; push 0x24ea9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001174d: -call fcn_000153e9 ; call 0x153e9 +loc_000117dd: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00011767 ; je 0x11767 +je short loc_000117f7 ; je 0x117f7 push eax push eax -push ref_00021e91 ; push 0x21e91 +push ref_00021f21 ; push 0x21f21 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00011767: +loc_000117f7: push eax push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xf0 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edi, eax and edi, 0xffffc000 lea esi, [edi + 0x3418] mov dword [esp], esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0xc push ebx mov dword [ebp - 0x1c], eax @@ -28514,54 +28571,54 @@ push 0 push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] -call fcn_00015137 ; call 0x15137 +call fcn_000151c7 ; call 0x151c7 add esp, 0x20 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000117f9 ; je 0x117f9 +je short loc_00011889 ; je 0x11889 test ebx, ebx -jns short loc_000117f9 ; jns 0x117f9 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00011889 ; jns 0x11889 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000117e1 ; je 0x117e1 +je short loc_00011871 ; je 0x11871 push edi push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000117e1: +loc_00011871: push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x82 -push ref_00024e12 ; push 0x24e12 -call fcn_000153fc ; call 0x153fc +push ref_00024ec1 ; push 0x24ec1 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000117f9: +loc_00011889: push edx push edx push dword [ebp - 0x1c] push esi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov dword [esp], esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 -loc_0001180f: -call fcn_000153e9 ; call 0x153e9 +loc_0001189f: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00011829 ; je 0x11829 +je short loc_000118b9 ; je 0x118b9 push eax push eax -push ref_00024e3b ; push 0x24e3b +push ref_00024eea ; push 0x24eea push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00011829: +loc_000118b9: lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -28570,60 +28627,60 @@ pop edi pop ebp ret -fcn_00011833: ; not directly referenced +fcn_000118c3: ; not directly referenced push ebp mov ebp, esp push ebx sub esp, 0x14 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00011854 ; je 0x11854 +je short loc_000118e4 ; je 0x118e4 push edx push edx -push ref_00024e54 ; push 0x24e54 +push ref_00024f03 ; push 0x24f03 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00011854: ; not directly referenced +loc_000118e4: ; not directly referenced lea eax, [ebp - 0xc] push eax push 0 push 0 -push ref_0002910c ; push 0x2910c -call fcn_00019699 ; call 0x19699 +push ref_000291bc ; push 0x291bc +call fcn_0001975d ; call 0x1975d add esp, 0x10 mov ebx, eax test eax, eax -jne short loc_00011889 ; jne 0x11889 +jne short loc_00011919 ; jne 0x11919 mov eax, dword [ebp - 0xc] movzx edx, byte [eax] push edx push dword [eax + 0xe] push dword [eax + 6] push dword [eax + 1] -call fcn_000116c1 ; call 0x116c1 +call fcn_00011751 ; call 0x11751 add esp, 0x10 mov ebx, eax -loc_00011889: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00011919: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000118a3 ; je 0x118a3 +je short loc_00011933 ; je 0x11933 push eax push eax -push ref_00024e6a ; push 0x24e6a +push ref_00024f19 ; push 0x24f19 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000118a3: ; not directly referenced +loc_00011933: ; not directly referenced mov eax, ebx mov ebx, dword [ebp - 4] leave ret -fcn_000118aa: ; not directly referenced +fcn_0001193a: ; not directly referenced push ebp mov ebp, esp push edi @@ -28634,9 +28691,9 @@ mov eax, dword [ebp + 0x14] mov ebx, dword [ebp + 0xc] mov esi, dword [ebp + 8] mov dword [ebp - 0x28], eax -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov dword [ebp - 0x1c], eax -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd mov eax, dword [ebp + 0x10] movzx eax, byte [eax + 1] push ecx @@ -28647,38 +28704,38 @@ push eax push 0x1c push edi mov dword [ebp - 0x2c], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0x1f push edi mov ebx, eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [ebp - 0x38], eax pop eax pop edx push 0 push dword [ebp + 0x18] -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f add esp, 0xc movzx eax, al push eax push 0x1c push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a push 0x10 push dword [ebp - 0x2c] push 0x1c push edi mov dword [ebp - 0x20], eax -call fcn_00009f67 ; call 0x9f67 +call fcn_00009fd5 ; call 0x9fd5 add esp, 0x20 movzx eax, al mov ecx, eax mov dword [ebp - 0x3c], eax mov eax, 0x80000003 test ecx, ecx -je loc_00011ddc ; je 0x11ddc +je loc_00011e6c ; je 0x11e6c sub esp, 0xc mov eax, esi lea edx, [ebx + 0x64] @@ -28686,7 +28743,7 @@ movzx esi, al push edx imul esi, esi, 0x2c mov dword [ebp - 0x24], edx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edi, dword [ebp + 0x10] pop edx pop ecx @@ -28700,11 +28757,11 @@ cmovne ecx, eax and ecx, 0xfff3ffff push ecx push edx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f lea eax, [ebx + 0x68] mov dword [esp], eax mov dword [ebp - 0x24], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 pop edx pop ecx mov edx, eax @@ -28715,17 +28772,17 @@ cmovne edx, eax movzx edx, dx push edx push dword [ebp - 0x24] -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 add esp, 0xc push 0x14140000 push 0xffff lea eax, [ebx + 0x318] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov eax, dword [ebp - 0x20] add eax, 0xf5 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0xc mov edi, dword [ebp + 0x10] lea ecx, [ebx + 0x4c] @@ -28740,42 +28797,42 @@ add eax, 0x20000 push eax push 0xfffc7fff push ecx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x743a361b push 0 lea eax, [ebx + 0x314] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x18000 lea eax, [ebx + 0xd8] push 0xfffc7fff push eax mov dword [ebp - 0x20], eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x854c74 push 0xff000000 lea eax, [ebx + 0x33c] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x2000000 push 0xfdffffff push dword [ebp - 0x20] -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x8000008 push 0xf7fffff7 push dword [ebp - 0x20] -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx lea eax, [ebx + 0xf5] push 0xf push eax -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d mov al, byte [esi + 4] pop ecx pop edx @@ -28789,7 +28846,7 @@ cmove eax, edx push eax lea eax, [ebx + 0x100] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov dl, byte [edi + 6] add esp, 0xc and edx, 0x20 @@ -28807,63 +28864,63 @@ push edx push eax lea eax, [ebx + 0x50] push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 cmp dword [ebp - 0x1c], 2 -jne short loc_00011aff ; jne 0x11aff +jne short loc_00011b8f ; jne 0x11b8f push ecx push 0x1000c0 push 0xffcffe3f lea eax, [ebx + 0x320] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_00011aff: ; not directly referenced +loc_00011b8f: ; not directly referenced mov dl, byte [esi + 0xb] cmp dl, 9 -je short loc_00011b1d ; je 0x11b1d +je short loc_00011bad ; je 0x11bad sub edx, 3 xor eax, eax cmp dl, 3 -ja short loc_00011b22 ; ja 0x11b22 +ja short loc_00011bb2 ; ja 0x11bb2 movzx edx, dl -movzx eax, byte [edx + ref_000203d8] ; movzx eax, byte [edx + 0x203d8] -jmp short loc_00011b22 ; jmp 0x11b22 +movzx eax, byte [edx + ref_00020468] ; movzx eax, byte [edx + 0x20468] +jmp short loc_00011bb2 ; jmp 0x11bb2 -loc_00011b1d: ; not directly referenced +loc_00011bad: ; not directly referenced mov eax, 0x10 -loc_00011b22: ; not directly referenced +loc_00011bb2: ; not directly referenced push edx push eax push 0xffe0 push dword [ebp - 0x24] -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 mov dl, byte [edi + 6] add esp, 0x10 test dl, 4 -je short loc_00011ba8 ; je 0x11ba8 +je short loc_00011c38 ; je 0x11c38 sub esp, 0xc push dword [ebp - 0x30] shl edx, 0x1c sar edx, 0x1f and edx, 0x60 mov dword [ebp - 0x24], edx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov edx, dword [ebp - 0x24] and eax, 0x3f0 cmp eax, 0x10 -jne short loc_00011b68 ; jne 0x11b68 +jne short loc_00011bf8 ; jne 0x11bf8 or dh, 0xb2 -jmp short loc_00011b8c ; jmp 0x11b8c +jmp short loc_00011c1c ; jmp 0x11c1c -loc_00011b68: ; not directly referenced +loc_00011bf8: ; not directly referenced sub esp, 0xc push dword [ebp - 0x30] mov dword [ebp - 0x24], edx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x24] add esp, 0x10 mov ecx, edx @@ -28872,7 +28929,7 @@ and eax, 0x3f0 cmp eax, 0x10 cmova edx, ecx -loc_00011b8c: ; not directly referenced +loc_00011c1c: ; not directly referenced push eax movzx eax, byte [esi + 0xa] shl eax, 0x13 @@ -28881,10 +28938,10 @@ push eax push 0x6001f lea eax, [ebx + 0x54] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_00011ba8: ; not directly referenced +loc_00011c38: ; not directly referenced mov eax, dword [ebp + 0x10] sub esp, 0xc movzx eax, byte [eax + 0x19] @@ -28895,34 +28952,34 @@ push eax push dword [ebp - 0x2c] push 0x1c push dword [ebp - 0x34] -call fcn_0000bbe0 ; call 0xbbe0 +call fcn_0000bc4e ; call 0xbc4e add esp, 0x20 mov byte [ebp - 0x24], 1 test eax, eax -je short loc_00011bea ; je 0x11bea +je short loc_00011c7a ; je 0x11c7a push eax push eax push 2 lea eax, [ebx + 0xd4] push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 mov byte [ebp - 0x24], 0 -loc_00011bea: ; not directly referenced +loc_00011c7a: ; not directly referenced test byte [edi + 6], 8 -jne short loc_00011bfe ; jne 0x11bfe +jne short loc_00011c8e ; jne 0x11c8e mov cl, byte [ebp - 0x24] mov al, cl lea eax, [eax + eax - 3] lea edx, [ecx + ecx] -jmp short loc_00011c02 ; jmp 0x11c02 +jmp short loc_00011c92 ; jmp 0x11c92 -loc_00011bfe: ; not directly referenced +loc_00011c8e: ; not directly referenced mov al, 0xfd xor edx, edx -loc_00011c02: ; not directly referenced +loc_00011c92: ; not directly referenced movzx edx, dl movzx eax, al push ecx @@ -28930,7 +28987,7 @@ push edx push eax lea eax, [ebx + 0xe0] push eax -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a mov dl, byte [esi + 4] add esp, 0xc mov al, dl @@ -28956,7 +29013,7 @@ push eax push 0xfff0 lea eax, [ebx + 0x48] push eax -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 mov dl, byte [esi + 4] add esp, 0xc mov al, dl @@ -28982,66 +29039,66 @@ movzx eax, ax push eax push 0xfff0 push esi -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0x10 test byte [edi + 6], 0x10 -je loc_00011d3e ; je 0x11d3e +je loc_00011dce ; je 0x11dce push eax push eax push 0xfff7 push esi -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0xc push 0x80000000 push 0xfffffffffffffffe push dword [ebp - 0x20] -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp dword [ebp - 0x1c], 2 -jne short loc_00011ce6 ; jne 0x11ce6 +jne short loc_00011d76 ; jne 0x11d76 movzx esi, word [ebp - 0x28] add esi, 0x8c -jmp short loc_00011cf3 ; jmp 0x11cf3 +jmp short loc_00011d83 ; jmp 0x11d83 -loc_00011ce6: ; not directly referenced +loc_00011d76: ; not directly referenced cmp dword [ebp - 0x1c], 1 -jne short loc_00011d14 ; jne 0x11d14 +jne short loc_00011da4 ; jne 0x11da4 movzx esi, word [ebp - 0x28] add esi, 0x20 -loc_00011cf3: ; not directly referenced +loc_00011d83: ; not directly referenced sub esp, 0xc push esi -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 add esp, 0x10 test ah, 2 -je short loc_00011d14 ; je 0x11d14 +je short loc_00011da4 ; je 0x11da4 push eax push eax push 0x200 push esi -call fcn_00018ed3 ; call 0x18ed3 +call fcn_00018f97 ; call 0x18f97 add esp, 0x10 -loc_00011d14: ; not directly referenced +loc_00011da4: ; not directly referenced mov esi, dword [ebp - 0x38] sub esp, 0xc add esi, 0xa0 push esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test ah, 4 -jne short loc_00011d3e ; jne 0x11d3e +jne short loc_00011dce ; jne 0x11dce push eax push eax push 0x400 push esi -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_00011d3e: ; not directly referenced +loc_00011dce: ; not directly referenced test byte [edi + 6], 8 -je short loc_00011dc3 ; je 0x11dc3 +je short loc_00011e53 ; je 0x11e53 mov esi, dword [ebp - 0x3c] push eax push eax @@ -29050,64 +29107,64 @@ add esi, ebx lea eax, [esi + 0x1a] add esi, 0x18 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0xc push 9 push 0xffdf push esi -call fcn_000188bd ; call 0x188bd +call fcn_00018981 ; call 0x18981 add esp, 0xc push 0x40000000 push 0xfffffffffffffffd push dword [ebp - 0x20] -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp dword [ebp - 0x1c], 2 -jne short loc_00011d93 ; jne 0x11d93 +jne short loc_00011e23 ; jne 0x11e23 movzx eax, word [ebp - 0x28] push ecx push ecx push 2 add eax, 0x8c -jmp short loc_00011da4 ; jmp 0x11da4 +jmp short loc_00011e34 ; jmp 0x11e34 -loc_00011d93: ; not directly referenced +loc_00011e23: ; not directly referenced cmp dword [ebp - 0x1c], 1 -jne short loc_00011dad ; jne 0x11dad +jne short loc_00011e3d ; jne 0x11e3d movzx eax, word [ebp - 0x28] push edx push edx push 2 add eax, 0x20 -loc_00011da4: ; not directly referenced +loc_00011e34: ; not directly referenced push eax -call fcn_00018ed3 ; call 0x18ed3 +call fcn_00018f97 ; call 0x18f97 add esp, 0x10 -loc_00011dad: ; not directly referenced +loc_00011e3d: ; not directly referenced push eax add ebx, 0x108 push eax push 0x4000 push ebx -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_00011dc3: ; not directly referenced +loc_00011e53: ; not directly referenced cmp byte [ebp - 0x24], 1 -je short loc_00011dda ; je 0x11dda +je short loc_00011e6a ; je 0x11e6a mov al, byte [edi + 6] and eax, 8 cmp al, 1 sbb eax, eax and eax, 0x8000000e -jmp short loc_00011ddc ; jmp 0x11ddc +jmp short loc_00011e6c ; jmp 0x11e6c -loc_00011dda: ; not directly referenced +loc_00011e6a: ; not directly referenced xor eax, eax -loc_00011ddc: ; not directly referenced +loc_00011e6c: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -29115,7 +29172,7 @@ pop edi pop ebp ret -fcn_00011de4: ; not directly referenced +fcn_00011e74: ; not directly referenced push ebp mov ebp, esp push edi @@ -29126,88 +29183,88 @@ sub esp, 0x2c mov eax, dword [ebp + 8] mov dword [ebp - 0x2c], eax mov byte [ebp - 0x20], al -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov dword [ebp - 0x1c], eax -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd movzx edi, byte [ebp - 0x20] mov dword [ebp - 0x28], eax -loc_00011e0c: ; not directly referenced -call fcn_0001c0fb ; call 0x1c0fb +loc_00011e9c: ; not directly referenced +call fcn_0001c1bf ; call 0x1c1bf movzx eax, al cmp ebx, eax -jae loc_00011f11 ; jae 0x11f11 +jae loc_00011fa1 ; jae 0x11fa1 cmp dword [ebp - 0x1c], 2 mov byte [ebp - 0x21], 0 -jne short loc_00011e60 ; jne 0x11e60 +jne short loc_00011ef0 ; jne 0x11ef0 push ecx push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x48 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 and eax, 0xfffc lea eax, [eax + ebx*8 + 0x190] mov dword [esp], eax -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 add esp, 0x10 and eax, 1 xor eax, 1 and eax, 1 mov byte [ebp - 0x21], al -loc_00011e60: ; not directly referenced +loc_00011ef0: ; not directly referenced mov eax, 1 mov cl, bl shl eax, cl test dword [ebp + 0x10], eax -je loc_00012080 ; je 0x12080 +je loc_00012110 ; je 0x12110 test dword [ebp + 0x14], eax -jne loc_00012103 ; jne 0x12103 +jne loc_00012193 ; jne 0x12193 push esi push esi push ebx push dword [ebp + 0x18] -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f add esp, 0xc movzx eax, al push eax push 0x1c push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax pop eax pop edx lea eax, [esi + 0xe1] push 3 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 cmp dword [ebp - 0x1c], 2 -jne short loc_00011ed9 ; jne 0x11ed9 +jne short loc_00011f69 ; jne 0x11f69 push ecx push ecx push 0x40 lea eax, [esi + 0xe2] push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0xc push 8 push 0xf3 lea eax, [esi + 0xe8] push eax -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a add esp, 0x10 -loc_00011ed9: ; not directly referenced +loc_00011f69: ; not directly referenced push eax push eax push 3 lea eax, [esi + 0xe8] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 cmp dword [ebp - 0x28], 2 pop eax mov eax, 0x20 @@ -29217,173 +29274,173 @@ cmove eax, edx add esi, 0x324 push eax push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -jmp near loc_00012103 ; jmp 0x12103 +jmp near loc_00012193 ; jmp 0x12193 -loc_00011f11: ; not directly referenced +loc_00011fa1: ; not directly referenced xor ebx, ebx cmp dword [ebp - 0x1c], 2 -jne loc_00011ff4 ; jne 0x11ff4 +jne loc_00012084 ; jne 0x12084 mov eax, dword [ebp + 0x10] movzx edi, byte [ebp - 0x20] and eax, 0xf mov dword [ebp - 0x1c], eax -loc_00011f2a: ; not directly referenced -call fcn_0001c0fb ; call 0x1c0fb +loc_00011fba: ; not directly referenced +call fcn_0001c1bf ; call 0x1c1bf movzx eax, al cmp ebx, eax -jae short loc_00011fb4 ; jae 0x11fb4 +jae short loc_00012044 ; jae 0x12044 push esi push esi push ebx push dword [ebp + 0x18] -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f add esp, 0xc movzx eax, al push eax push 0x1c push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 mov edx, eax lea eax, [ebx - 4] cmp eax, 1 -jbe short loc_00011f61 ; jbe 0x11f61 +jbe short loc_00011ff1 ; jbe 0x11ff1 test ebx, ebx -jne short loc_00011fae ; jne 0x11fae +jne short loc_0001203e ; jne 0x1203e -loc_00011f61: ; not directly referenced +loc_00011ff1: ; not directly referenced push ecx push ecx lea esi, [edx + 0xe1] push 0x3c push esi mov dword [ebp - 0x20], edx -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 mov eax, dword [ebp - 0x1c] add esp, 0x10 mov edx, dword [ebp - 0x20] or eax, ebx -je short loc_00011f8e ; je 0x11f8e +je short loc_0001201e ; je 0x1201e mov eax, dword [ebp + 0x10] bt eax, ebx -jb short loc_00011fae ; jb 0x11fae +jb short loc_0001203e ; jb 0x1203e cmp ebx, 3 -jbe short loc_00011fae ; jbe 0x11fae +jbe short loc_0001203e ; jbe 0x1203e -loc_00011f8e: ; not directly referenced +loc_0001201e: ; not directly referenced push eax add edx, 0xe2 push eax push 1 push edx -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 pop eax pop edx push 0x80 push esi -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_00011fae: ; not directly referenced +loc_0001203e: ; not directly referenced inc ebx -jmp near loc_00011f2a ; jmp 0x11f2a +jmp near loc_00011fba ; jmp 0x11fba -loc_00011fb4: ; not directly referenced +loc_00012044: ; not directly referenced test byte [ebp + 0x10], 0x3f -jne loc_0001210b ; jne 0x1210b +jne loc_0001219b ; jne 0x1219b push ecx push ecx push 0 push dword [ebp + 0x18] -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f add esp, 0xc movzx eax, al push eax movzx eax, byte [ebp - 0x2c] push 0x1c push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop ebx pop esi push 0x40 add eax, 0xe1 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -jmp near loc_0001210b ; jmp 0x1210b +jmp near loc_0001219b ; jmp 0x1219b -loc_00011ff4: ; not directly referenced +loc_00012084: ; not directly referenced cmp dword [ebp - 0x1c], 1 -jne loc_0001210b ; jne 0x1210b +jne loc_0001219b ; jne 0x1219b movzx edi, byte [ebp - 0x20] -loc_00012002: ; not directly referenced -call fcn_0001c0fb ; call 0x1c0fb +loc_00012092: ; not directly referenced +call fcn_0001c1bf ; call 0x1c1bf movzx eax, al cmp ebx, eax -jae loc_0001210b ; jae 0x1210b +jae loc_0001219b ; jae 0x1219b mov eax, dword [ebp + 0x14] bt eax, ebx -jb short loc_0001207b ; jb 0x1207b +jb short loc_0001210b ; jb 0x1210b push esi push esi push ebx push dword [ebp + 0x18] -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f add esp, 0xc movzx eax, al push eax push 0x1c push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a lea esi, [eax + 0xe1] mov dword [ebp - 0x1c], eax pop eax pop edx push 0x3c push esi -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 mov eax, 0xf mov cl, bl shl eax, cl add esp, 0x10 mov edx, dword [ebp - 0x1c] test dword [ebp + 0x10], eax -jne short loc_0001207b ; jne 0x1207b +jne short loc_0001210b ; jne 0x1210b push eax add edx, 0xe2 push eax push 1 push edx -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 pop edx pop ecx push 0x80 push esi -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_0001207b: ; not directly referenced +loc_0001210b: ; not directly referenced add ebx, 4 -jmp short loc_00012002 ; jmp 0x12002 +jmp short loc_00012092 ; jmp 0x12092 -loc_00012080: ; not directly referenced +loc_00012110: ; not directly referenced cmp dword [ebp - 0x1c], 2 -jne short loc_000120fd ; jne 0x120fd +jne short loc_0001218d ; jne 0x1218d push esi push esi push ebx push dword [ebp + 0x18] -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f add esp, 0xc movzx eax, al push eax push 0x1c push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax pop eax pop edx @@ -29391,46 +29448,46 @@ lea eax, [esi + 0xe2] add esi, 0x420 push 0x30 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 pop ecx pop eax push 0x80000000 push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_000120c8: ; not directly referenced +loc_00012158: ; not directly referenced cmp byte [ebp - 0x21], 0 -je short loc_000120fd ; je 0x120fd +je short loc_0001218d ; je 0x1218d push eax push eax push ebx push dword [ebp + 0x18] -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f add esp, 0xc movzx eax, al push eax push 0x1c push edi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 0x60000000 add eax, 0x420 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_000120fd: ; not directly referenced +loc_0001218d: ; not directly referenced inc ebx -jmp near loc_00011e0c ; jmp 0x11e0c +jmp near loc_00011e9c ; jmp 0x11e9c -loc_00012103: ; not directly referenced +loc_00012193: ; not directly referenced cmp dword [ebp - 0x1c], 2 -jne short loc_000120fd ; jne 0x120fd -jmp short loc_000120c8 ; jmp 0x120c8 +jne short loc_0001218d ; jne 0x1218d +jmp short loc_00012158 ; jmp 0x12158 -loc_0001210b: ; not directly referenced +loc_0001219b: ; not directly referenced lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -29439,7 +29496,7 @@ pop edi pop ebp ret -fcn_00012115: ; not directly referenced +fcn_000121a5: ; not directly referenced push ebp mov ebp, esp push edi @@ -29450,75 +29507,75 @@ mov ebx, dword [ebp + 0xc] mov esi, dword [ebp + 8] mov edi, dword [ebp + 0x10] push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -jne short loc_00012151 ; jne 0x12151 -call fcn_000153e9 ; call 0x153e9 +jne short loc_000121e1 ; jne 0x121e1 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00012151 ; je 0x12151 +je short loc_000121e1 ; je 0x121e1 push edx push ebx -push ref_00024e7e ; push 0x24e7e +push ref_00024f2d ; push 0x24f2d push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00012151: ; not directly referenced +loc_000121e1: ; not directly referenced sub esp, 0xc add ebx, 0xfc push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and ax, 0xc000 cmp ax, 0x8000 -je short loc_00012182 ; je 0x12182 +je short loc_00012212 ; je 0x12212 cmp ax, 0xc000 -je short loc_0001217b ; je 0x1217b +je short loc_0001220b ; je 0x1220b xor ebx, ebx cmp ax, 0x4000 -jne short loc_00012187 ; jne 0x12187 +jne short loc_00012217 ; jne 0x12217 -loc_0001217b: ; not directly referenced +loc_0001220b: ; not directly referenced mov ebx, 2 -jmp short loc_00012187 ; jmp 0x12187 +jmp short loc_00012217 ; jmp 0x12217 -loc_00012182: ; not directly referenced +loc_00012212: ; not directly referenced mov ebx, 0x22 -loc_00012187: ; not directly referenced -call fcn_0001bef7 ; call 0x1bef7 +loc_00012217: ; not directly referenced +call fcn_0001bfbb ; call 0x1bfbb dec eax -jne short loc_000121d4 ; jne 0x121d4 +jne short loc_00012264 ; jne 0x12264 push eax push 4 push 0x1c movzx eax, byte [edi + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xfc mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and ax, 0xc000 cmp ax, 0x8000 -je short loc_000121cc ; je 0x121cc +je short loc_0001225c ; je 0x1225c cmp ax, 0xc000 -je short loc_000121d1 ; je 0x121d1 +je short loc_00012261 ; je 0x12261 mov edx, ebx or dh, 2 cmp ax, 0x4000 cmove ebx, edx -jmp short loc_000121d4 ; jmp 0x121d4 +jmp short loc_00012264 ; jmp 0x12264 -loc_000121cc: ; not directly referenced +loc_0001225c: ; not directly referenced or bh, 0x22 -jmp short loc_000121d4 ; jmp 0x121d4 +jmp short loc_00012264 ; jmp 0x12264 -loc_000121d1: ; not directly referenced +loc_00012261: ; not directly referenced or bh, 2 -loc_000121d4: ; not directly referenced +loc_00012264: ; not directly referenced movzx ebx, bx add esi, 0x103c mov dword [ebp + 0xc], ebx @@ -29528,27 +29585,27 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017d40 ; jmp 0x17d40 +jmp near fcn_00017e04 ; jmp 0x17e04 -fcn_000121ef: ; not directly referenced +fcn_0001227f: ; not directly referenced push ebp mov ebp, esp push edi push esi push ebx sub esp, 0x4c -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00012212 ; je 0x12212 +je short loc_000122a2 ; je 0x122a2 push esi push esi -push ref_00024e93 ; push 0x24e93 +push ref_00024f42 ; push 0x24f42 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00012212: ; not directly referenced -call fcn_0001bef7 ; call 0x1bef7 +loc_000122a2: ; not directly referenced +call fcn_0001bfbb ; call 0x1bfbb mov dword [ebp - 0x2c], eax push eax mov eax, dword [ebp + 8] @@ -29556,16 +29613,16 @@ push 0 push 0x1f movzx eax, byte [eax + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ebx, eax lea eax, [eax + 0xf0] add ebx, 0x40 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], ebx mov dword [ebp - 0x30], eax and dword [ebp - 0x30], 0xffffc000 -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov edi, dword [ebp - 0x30] mov word [ebp - 0x3e], ax pop eax @@ -29573,7 +29630,7 @@ pop edx and word [ebp - 0x3e], 0xfffc push 0 push edi -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f add esp, 0xc movzx eax, al push eax @@ -29581,14 +29638,14 @@ mov eax, dword [ebp + 8] push 0x1c movzx eax, byte [eax + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop ecx pop ebx push 4 push edi mov esi, eax mov dword [ebp - 0x34], eax -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f add esp, 0xc movzx eax, al push eax @@ -29596,9 +29653,9 @@ mov eax, dword [ebp + 8] push 0x1c movzx eax, byte [eax + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ebx, eax -call fcn_0001c0fb ; call 0x1c0fb +call fcn_0001c1bf ; call 0x1c1bf add esp, 0xc push 5 push 0xf5 @@ -29606,295 +29663,295 @@ mov byte [ebp - 0x39], al mov eax, esi add eax, 0xf5 push eax -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a add esp, 0xc push dword [ebp + 8] push esi push edi -call fcn_00012115 ; call 0x12115 +call fcn_000121a5 ; call 0x121a5 mov eax, esi add eax, 0xfc mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov esi, eax and eax, 0xc000 cmp eax, 0x8000 -je short loc_00012308 ; je 0x12308 +je short loc_00012398 ; je 0x12398 cmp eax, 0xc000 -je short loc_0001230f ; je 0x1230f +je short loc_0001239f ; je 0x1239f cmp eax, 0x4000 sete al movzx eax, al mov edi, eax add edi, eax -jmp short loc_00012314 ; jmp 0x12314 +jmp short loc_000123a4 ; jmp 0x123a4 -loc_00012308: ; not directly referenced +loc_00012398: ; not directly referenced mov edi, 0xa -jmp short loc_00012314 ; jmp 0x12314 +jmp short loc_000123a4 ; jmp 0x123a4 -loc_0001230f: ; not directly referenced +loc_0001239f: ; not directly referenced mov edi, 0xe -loc_00012314: ; not directly referenced +loc_000123a4: ; not directly referenced cmp dword [ebp - 0x2c], 1 -jne short loc_0001235c ; jne 0x1235c +jne short loc_000123ec ; jne 0x123ec sub esp, 0xc add ebx, 0xfc push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0xc000 cmp eax, 0x8000 -je short loc_0001234e ; je 0x1234e +je short loc_000123de ; je 0x123de cmp eax, 0xc000 -je short loc_00012356 ; je 0x12356 +je short loc_000123e6 ; je 0x123e6 mov edx, edi or edx, 0x20 cmp eax, 0x4000 cmove edi, edx -jmp short loc_0001235c ; jmp 0x1235c +jmp short loc_000123ec ; jmp 0x123ec -loc_0001234e: ; not directly referenced +loc_000123de: ; not directly referenced or edi, 0xa0 -jmp short loc_0001235c ; jmp 0x1235c +jmp short loc_000123ec ; jmp 0x123ec -loc_00012356: ; not directly referenced +loc_000123e6: ; not directly referenced or edi, 0xe0 -loc_0001235c: ; not directly referenced +loc_000123ec: ; not directly referenced mov eax, dword [ebp - 0x30] sub esp, 0xc mov bl, 0xff add eax, 0x3414 push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test esi, 0x80000 -je short loc_00012389 ; je 0x12389 +je short loc_00012419 ; je 0x12419 test al, 0x20 -jne short loc_00012389 ; jne 0x12389 +jne short loc_00012419 ; jne 0x12419 and esi, 0x70000 mov ebx, esi shr ebx, 0x10 -loc_00012389: ; not directly referenced +loc_00012419: ; not directly referenced cmp dword [ebp - 0x2c], 1 -jne short loc_000123b4 ; jne 0x123b4 +jne short loc_00012444 ; jne 0x12444 mov eax, dword [ebp - 0x34] sub esp, 0xc add eax, 0x410 push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 0x11 -je short loc_000123af ; je 0x123af +je short loc_0001243f ; je 0x1243f test bl, bl -jne short loc_000123f5 ; jne 0x123f5 +jne short loc_00012485 ; jne 0x12485 test al, 0x10 -jne short loc_000123f5 ; jne 0x123f5 +jne short loc_00012485 ; jne 0x12485 -loc_000123af: ; not directly referenced +loc_0001243f: ; not directly referenced or edi, 1 -jmp short loc_000123f5 ; jmp 0x123f5 +jmp short loc_00012485 ; jmp 0x12485 -loc_000123b4: ; not directly referenced +loc_00012444: ; not directly referenced cmp dword [ebp - 0x2c], 2 -jne short loc_00012405 ; jne 0x12405 +jne short loc_00012495 ; jne 0x12495 mov eax, dword [ebp - 0x34] sub esp, 0xc lea esi, [eax + 0x410] push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 3 -jne short loc_000123db ; jne 0x123db +jne short loc_0001246b ; jne 0x1246b -loc_000123d3: ; not directly referenced +loc_00012463: ; not directly referenced or edi, 1 -jmp near loc_00012b91 ; jmp 0x12b91 +jmp near loc_00012c21 ; jmp 0x12c21 -loc_000123db: ; not directly referenced +loc_0001246b: ; not directly referenced sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 3 cmp eax, 2 -jne loc_00012b91 ; jne 0x12b91 -jmp short loc_000123d3 ; jmp 0x123d3 +jne loc_00012c21 ; jne 0x12c21 +jmp short loc_00012463 ; jmp 0x12463 -loc_000123f5: ; not directly referenced +loc_00012485: ; not directly referenced test al, 0x24 -je short loc_00012402 ; je 0x12402 +je short loc_00012492 ; je 0x12492 cmp bl, 1 -jne short loc_00012405 ; jne 0x12405 +jne short loc_00012495 ; jne 0x12495 test al, 0x20 -loc_00012400: ; not directly referenced -jne short loc_00012405 ; jne 0x12405 +loc_00012490: ; not directly referenced +jne short loc_00012495 ; jne 0x12495 -loc_00012402: ; not directly referenced +loc_00012492: ; not directly referenced or edi, 2 -loc_00012405: ; not directly referenced +loc_00012495: ; not directly referenced cmp dword [ebp - 0x2c], 1 sete dl mov byte [ebp - 0x3b], dl cmp bl, 2 -jne short loc_0001241e ; jne 0x1241e +jne short loc_000124ae ; jne 0x124ae mov eax, edi or eax, 4 test dl, dl cmovne edi, eax -loc_0001241e: ; not directly referenced +loc_000124ae: ; not directly referenced cmp dword [ebp - 0x2c], 2 sete cl mov byte [ebp - 0x3c], cl test bl, bl -jne short loc_00012436 ; jne 0x12436 +jne short loc_000124c6 ; jne 0x124c6 mov eax, edi or eax, 4 test cl, cl cmovne edi, eax -loc_00012436: ; not directly referenced +loc_000124c6: ; not directly referenced cmp bl, 3 -jne short loc_00012447 ; jne 0x12447 +jne short loc_000124d7 ; jne 0x124d7 mov eax, edi or eax, 8 cmp byte [ebp - 0x3b], 0 cmovne edi, eax -loc_00012447: ; not directly referenced +loc_000124d7: ; not directly referenced cmp bl, 1 -jne short loc_00012458 ; jne 0x12458 +jne short loc_000124e8 ; jne 0x124e8 mov eax, edi or eax, 8 cmp byte [ebp - 0x3c], 0 cmovne edi, eax -loc_00012458: ; not directly referenced +loc_000124e8: ; not directly referenced cmp bl, 4 -jne short loc_00012468 ; jne 0x12468 +jne short loc_000124f8 ; jne 0x124f8 cmp byte [ebp - 0x3b], 0 -je short loc_00012468 ; je 0x12468 +je short loc_000124f8 ; je 0x124f8 or edi, 0x10 -jmp short loc_0001247c ; jmp 0x1247c +jmp short loc_0001250c ; jmp 0x1250c -loc_00012468: ; not directly referenced +loc_000124f8: ; not directly referenced cmp byte [ebp - 0x3c], 0 -je short loc_0001247c ; je 0x1247c +je short loc_0001250c ; je 0x1250c mov eax, edi lea edx, [ebx - 2] or eax, 0x10 cmp dl, 3 cmovbe edi, eax -loc_0001247c: ; not directly referenced +loc_0001250c: ; not directly referenced cmp bl, 5 -jne short loc_0001248c ; jne 0x1248c +jne short loc_0001251c ; jne 0x1251c cmp byte [ebp - 0x3b], 0 -je short loc_0001248c ; je 0x1248c +je short loc_0001251c ; je 0x1251c or edi, 0x20 -jmp short loc_000124b8 ; jmp 0x124b8 +jmp short loc_00012548 ; jmp 0x12548 -loc_0001248c: ; not directly referenced +loc_0001251c: ; not directly referenced cmp byte [ebp - 0x3c], 0 -je short loc_000124b2 ; je 0x124b2 +je short loc_00012542 ; je 0x12542 mov eax, dword [ebp - 0x34] sub esp, 0xc add eax, 0x410 push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, edi add esp, 0x10 or edx, 0x20 test al, 0xf0 cmove edi, edx -jmp short loc_000124cc ; jmp 0x124cc +jmp short loc_0001255c ; jmp 0x1255c -loc_000124b2: ; not directly referenced +loc_00012542: ; not directly referenced cmp byte [ebp - 0x3b], 0 -je short loc_000124cc ; je 0x124cc +je short loc_0001255c ; je 0x1255c -loc_000124b8: ; not directly referenced +loc_00012548: ; not directly referenced cmp bl, 6 -jne short loc_000124c2 ; jne 0x124c2 +jne short loc_00012552 ; jne 0x12552 or edi, 0x40 -jmp short loc_000124cc ; jmp 0x124cc +jmp short loc_0001255c ; jmp 0x1255c -loc_000124c2: ; not directly referenced +loc_00012552: ; not directly referenced mov eax, edi or al, 0x80 cmp bl, 7 cmove edi, eax -loc_000124cc: ; not directly referenced +loc_0001255c: ; not directly referenced mov eax, dword [ebp - 0x30] sub esp, 0xc add eax, 0x1030 push eax mov dword [ebp - 0x4c], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov dword [ebp - 0x48], 0xff test eax, 0x400000 -je short loc_0001250f ; je 0x1250f +je short loc_0001259f ; je 0x1259f mov eax, dword [ebp + 8] cmp byte [eax + 0x1a6], 0 -je short loc_0001250f ; je 0x1250f -call fcn_000153f0 ; call 0x153f0 +je short loc_0001259f ; je 0x1259f +call fcn_00015480 ; call 0x15480 mov eax, dword [ebp + 8] movzx eax, byte [eax + 0x1a7] mov dword [ebp - 0x48], eax -loc_0001250f: ; not directly referenced +loc_0001259f: ; not directly referenced xor ecx, ecx mov eax, 0x10000 mov dword [ebp - 0x34], 0 mov edx, 1 -loc_00012522: ; not directly referenced +loc_000125b2: ; not directly referenced cmp byte [ebp - 0x39], cl -jbe short loc_00012549 ; jbe 0x12549 +jbe short loc_000125d9 ; jbe 0x125d9 imul ebx, ecx, 0x2c mov esi, dword [ebp + 8] test byte [esi + ebx + 0x46], 1 -je short loc_00012546 ; je 0x12546 +je short loc_000125d6 ; je 0x125d6 mov esi, dword [ebp + 0xc] mov ebx, eax shl ebx, cl test dword [esi], ebx -jne short loc_00012546 ; jne 0x12546 +jne short loc_000125d6 ; jne 0x125d6 mov ebx, edx shl ebx, cl or dword [ebp - 0x34], ebx -loc_00012546: ; not directly referenced +loc_000125d6: ; not directly referenced inc ecx -jmp short loc_00012522 ; jmp 0x12522 +jmp short loc_000125b2 ; jmp 0x125b2 -loc_00012549: ; not directly referenced +loc_000125d9: ; not directly referenced cmp dword [ebp - 0x34], 0 -je short loc_00012556 ; je 0x12556 +je short loc_000125e6 ; je 0x125e6 mov eax, edi not eax and dword [ebp - 0x34], eax -loc_00012556: ; not directly referenced +loc_000125e6: ; not directly referenced mov eax, dword [ebp + 8] mov byte [ebp - 0x3a], 0xff cmp byte [eax + 0x1a9], 0 -jne short loc_000125bc ; jne 0x125bc +jne short loc_0001264c ; jne 0x1264c xor eax, eax -loc_00012568: ; not directly referenced +loc_000125f8: ; not directly referenced mov dl, al cmp al, byte [ebp - 0x39] -jae short loc_00012586 ; jae 0x12586 +jae short loc_00012616 ; jae 0x12616 imul ecx, eax, 0x2c mov esi, dword [ebp + 8] cmp byte [esi + ecx + 0x4f], 0 @@ -29902,65 +29959,65 @@ mov cl, byte [ebp - 0x3a] cmove ecx, edx inc eax mov byte [ebp - 0x3a], cl -jmp short loc_00012568 ; jmp 0x12568 +jmp short loc_000125f8 ; jmp 0x125f8 -loc_00012586: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00012616: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000125af ; je 0x125af +je short loc_0001263f ; je 0x1263f mov al, byte [ebp - 0x39] cmp byte [ebp - 0x3a], al -jbe short loc_000125af ; jbe 0x125af +jbe short loc_0001263f ; jbe 0x1263f push eax -push ref_00024ead ; push 0x24ead +push ref_00024f5c ; push 0x24f5c push 0x173 -push ref_00024ecc ; push 0x24ecc -call fcn_000153fc ; call 0x153fc +push ref_00024f7b ; push 0x24f7b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000125af: ; not directly referenced +loc_0001263f: ; not directly referenced mov cl, byte [ebp - 0x3a] mov eax, 1 shl eax, cl or dword [ebp - 0x34], eax -loc_000125bc: ; not directly referenced +loc_0001264c: ; not directly referenced sub esp, 0xc lea eax, [ebp - 0x20] push eax -call fcn_000196d3 ; call 0x196d3 +call fcn_00019797 ; call 0x19797 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001260f ; je 0x1260f +je short loc_0001269f ; je 0x1269f test ebx, ebx -jns short loc_0001260f ; jns 0x1260f -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001269f ; jns 0x1269f +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000125f7 ; je 0x125f7 +je short loc_00012687 ; je 0x12687 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000125f7: ; not directly referenced +loc_00012687: ; not directly referenced push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x181 -push ref_00024ecc ; push 0x24ecc -call fcn_000153fc ; call 0x153fc +push ref_00024f7b ; push 0x24f7b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001260f: ; not directly referenced +loc_0001269f: ; not directly referenced cmp dword [ebp - 0x20], 0x11 -je short loc_00012649 ; je 0x12649 +je short loc_000126d9 ; je 0x126d9 mov eax, dword [ebp + 8] mov dword [ebp - 0x38], 0 cmp byte [eax], 9 -jbe short loc_00012650 ; jbe 0x12650 +jbe short loc_000126e0 ; jbe 0x126e0 mov edx, dword [ebp + 8] mov al, byte [eax + 0x1aa] movzx ecx, byte [edx + 0x1ab] @@ -29970,28 +30027,28 @@ mov dword [ebp - 0x38], ecx and dword [ebp - 0x38], 7 shl dword [ebp - 0x38], 7 or dword [ebp - 0x38], eax -jmp short loc_00012650 ; jmp 0x12650 +jmp short loc_000126e0 ; jmp 0x126e0 -loc_00012649: ; not directly referenced +loc_000126d9: ; not directly referenced mov dword [ebp - 0x38], 0x3e8 -loc_00012650: ; not directly referenced +loc_000126e0: ; not directly referenced movzx eax, word [ebp - 0x3e] mov dword [ebp - 0x2c], 0 mov dword [ebp - 0x44], 0 mov dword [ebp - 0x58], eax -loc_00012665: ; not directly referenced +loc_000126f5: ; not directly referenced mov edx, dword [ebp - 0x2c] mov al, byte [ebp - 0x39] mov byte [ebp - 0x3e], dl cmp dl, al -jae loc_00012a30 ; jae 0x12a30 +jae loc_00012ac0 ; jae 0x12ac0 push eax push eax push dword [ebp - 0x2c] push dword [ebp - 0x30] -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f add esp, 0xc movzx eax, al push eax @@ -29999,18 +30056,18 @@ mov eax, dword [ebp + 8] push 0x1c movzx eax, byte [eax + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ebx, eax -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd add esp, 0x10 cmp eax, 2 -jne short loc_000126e4 ; jne 0x126e4 +jne short loc_00012774 ; jne 0x12774 cmp byte [ebp - 0x3c], 0 -je short loc_000126e4 ; je 0x126e4 +je short loc_00012774 ; je 0x12774 mov edx, dword [ebp + 8] mov eax, 0x2000430 cmp byte [edx], 7 -jbe short loc_000126d2 ; jbe 0x126d2 +jbe short loc_00012762 ; jbe 0x12762 imul eax, dword [ebp - 0x2c], 0x2c mov al, byte [edx + eax + 0x46] shr al, 7 @@ -30019,24 +30076,24 @@ sbb eax, eax and eax, 0xfffffffd add eax, 0x2000433 -loc_000126d2: ; not directly referenced +loc_00012762: ; not directly referenced push esi push esi push eax lea eax, [ebx + 0x418] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_000126e4: ; not directly referenced +loc_00012774: ; not directly referenced cmp byte [ebp - 0x3e], 0 -jne loc_000127d9 ; jne 0x127d9 +jne loc_00012869 ; jne 0x12869 mov esi, dword [ebp - 0x30] push eax push eax push 0 push esi -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f pop edx pop ecx lea edx, [ebp - 0x21] @@ -30049,40 +30106,40 @@ push eax push 4 push 0xe00000e0 push esi -call fcn_00009e5f ; call 0x9e5f +call fcn_00009ecd ; call 0x9ecd add esp, 0x20 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00012760 ; je 0x12760 +je short loc_000127f0 ; je 0x127f0 test esi, esi -jns short loc_00012760 ; jns 0x12760 -call fcn_000153e9 ; call 0x153e9 +jns short loc_000127f0 ; jns 0x127f0 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00012748 ; je 0x12748 +je short loc_000127d8 ; je 0x127d8 push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00012748: ; not directly referenced +loc_000127d8: ; not directly referenced push esi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x1ab -push ref_00024ecc ; push 0x24ecc -call fcn_000153fc ; call 0x153fc +push ref_00024f7b ; push 0x24f7b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00012760: ; not directly referenced +loc_000127f0: ; not directly referenced mov esi, dword [ebp - 0x30] push ecx push ecx push 0 push esi or dword [ebp - 0x1c], 0x300000 -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f pop edx pop ecx lea ecx, [ebp - 0x21] @@ -30095,161 +30152,161 @@ push eax push 5 push 0xe00000e0 push esi -call fcn_00009e5f ; call 0x9e5f +call fcn_00009ecd ; call 0x9ecd add esp, 0x20 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000127d9 ; je 0x127d9 +je short loc_00012869 ; je 0x12869 test esi, esi -jns short loc_000127d9 ; jns 0x127d9 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00012869 ; jns 0x12869 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000127c1 ; je 0x127c1 +je short loc_00012851 ; je 0x12851 push edx push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000127c1: ; not directly referenced +loc_00012851: ; not directly referenced push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x1b5 -push ref_00024ecc ; push 0x24ecc -call fcn_000153fc ; call 0x153fc +push ref_00024f7b ; push 0x24f7b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000127d9: ; not directly referenced +loc_00012869: ; not directly referenced mov cl, byte [ebp - 0x2c] mov esi, 1 shl esi, cl mov eax, esi and eax, edi mov dword [ebp - 0x50], eax -jne loc_00012bbc ; jne 0x12bbc +jne loc_00012c4c ; jne 0x12c4c push eax push eax push 0x100 lea eax, [ebx + 0x42] push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 lea edx, [ebx + 0x5a] mov dword [esp], edx mov dword [ebp - 0x54], edx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov edx, dword [ebp - 0x54] test al, 0x40 -jne loc_000128a9 ; jne 0x128a9 +jne loc_00012939 ; jne 0x12939 imul eax, dword [ebp - 0x2c], 0x2c mov ecx, dword [ebp + 8] test byte [ecx + eax + 0x46], 8 -jne short loc_000128a9 ; jne 0x128a9 +jne short loc_00012939 ; jne 0x12939 mov eax, dword [ebp - 0x48] cmp dword [ebp - 0x2c], eax -je short loc_000128a9 ; je 0x128a9 +je short loc_00012939 ; je 0x12939 push eax mov esi, 0x1f4 push eax push 0x4000000 lea eax, [ebx + 0x338] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 lea eax, [ebx + 0x328] add esp, 0x10 mov dword [ebp - 0x54], eax -loc_00012856: ; not directly referenced +loc_000128e6: ; not directly referenced sub esp, 0xc push dword [ebp - 0x54] -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0xff000000 cmp eax, 0x1000000 -jne short loc_00012897 ; jne 0x12897 +jne short loc_00012927 ; jne 0x12927 -loc_00012870: ; not directly referenced +loc_00012900: ; not directly referenced push eax push eax push 0x8000000 lea eax, [ebx + 0x408] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov cl, byte [ebp - 0x2c] mov eax, 0x10000 mov edx, dword [ebp + 0xc] shl eax, cl or dword [edx], eax -jmp near loc_000129c5 ; jmp 0x129c5 +jmp near loc_00012a55 ; jmp 0x12a55 -loc_00012897: ; not directly referenced +loc_00012927: ; not directly referenced sub esp, 0xc push 0x64 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 dec esi -jne short loc_00012856 ; jne 0x12856 -jmp short loc_00012870 ; jmp 0x12870 +jne short loc_000128e6 ; jne 0x128e6 +jmp short loc_00012900 ; jmp 0x12900 -loc_000128a9: ; not directly referenced +loc_00012939: ; not directly referenced test dword [ebp - 0x34], esi -jne short loc_000128e2 ; jne 0x128e2 +jne short loc_00012972 ; jne 0x12972 sub esp, 0xc push edx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 0x40 -je short loc_000128ce ; je 0x128ce +je short loc_0001295e ; je 0x1295e push eax push eax push 0x10 lea eax, [ebx + 0x50] push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_000128ce: ; not directly referenced +loc_0001295e: ; not directly referenced mov cl, byte [ebp - 0x2c] mov eax, 0x10000 mov edx, dword [ebp + 0xc] shl eax, cl or dword [edx], eax -jmp near loc_000129c8 ; jmp 0x129c8 +jmp near loc_00012a58 ; jmp 0x12a58 -loc_000128e2: ; not directly referenced +loc_00012972: ; not directly referenced sub esp, 0xc lea eax, [ebx + 0xe0] push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 cmp dword [ebp - 0x20], 0x11 -jne short loc_000128fe ; jne 0x128fe +jne short loc_0001298e ; jne 0x1298e test al, 2 -je short loc_0001292c ; je 0x1292c +je short loc_000129bc ; je 0x129bc -loc_000128fe: ; not directly referenced +loc_0001298e: ; not directly referenced lea esi, [ebx + 0x52] -loc_00012901: ; not directly referenced +loc_00012991: ; not directly referenced mov eax, dword [ebp - 0x38] cmp dword [ebp - 0x44], eax -jae short loc_0001292c ; jae 0x1292c +jae short loc_000129bc ; jae 0x129bc sub esp, 0xc push esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test ah, 0x20 -jne short loc_0001292c ; jne 0x1292c +jne short loc_000129bc ; jne 0x129bc sub esp, 0xc push 0x64 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 inc dword [ebp - 0x44] -jmp short loc_00012901 ; jmp 0x12901 +jmp short loc_00012991 ; jmp 0x12991 -loc_0001292c: ; not directly referenced +loc_000129bc: ; not directly referenced sub esp, 0xc mov eax, dword [ebp - 0x2c] push dword [ebp - 0x30] @@ -30257,109 +30314,109 @@ push dword [ebp - 0x58] push dword [ebp + 8] push eax push eax -call fcn_000118aa ; call 0x118aa +call fcn_0001193a ; call 0x1193a add esp, 0x20 test eax, eax -js short loc_0001296c ; js 0x1296c -call fcn_000153e9 ; call 0x153e9 +js short loc_000129fc ; js 0x129fc +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001296c ; je 0x1296c +je short loc_000129fc ; je 0x129fc mov eax, dword [ebp - 0x2c] push dword [ebp - 0x34] inc eax push eax -push ref_00024efa ; push 0x24efa +push ref_00024fa9 ; push 0x24fa9 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001296c: ; not directly referenced +loc_000129fc: ; not directly referenced imul eax, dword [ebp - 0x2c], 0x2c mov ecx, dword [ebp + 8] test byte [ecx + eax + 0x46], 0x40 -je short loc_000129c8 ; je 0x129c8 +je short loc_00012a58 ; je 0x12a58 sub esp, 0xc lea eax, [ebx + 0x328] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0x780000 cmp eax, 0x380000 -jne short loc_000129c8 ; jne 0x129c8 +jne short loc_00012a58 ; jne 0x12a58 push eax push eax push 0x10 lea esi, [ebx + 0x50] push esi -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 pop eax pop edx lea eax, [ebx + 0xe8] push 0x2000 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 pop ecx pop eax push 0xef push esi -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d -loc_000129c5: ; not directly referenced +loc_00012a55: ; not directly referenced add esp, 0x10 -loc_000129c8: ; not directly referenced +loc_00012a58: ; not directly referenced sub esp, 0xc push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 inc eax -je short loc_00012a28 ; je 0x12a28 +je short loc_00012ab8 ; je 0x12ab8 cmp byte [ebp - 0x3b], 0 -je short loc_000129e3 ; je 0x129e3 +je short loc_00012a73 ; je 0x12a73 test byte [ebp - 0x3e], 0xfb -jmp short loc_000129f7 ; jmp 0x129f7 +jmp short loc_00012a87 ; jmp 0x12a87 -loc_000129e3: ; not directly referenced +loc_00012a73: ; not directly referenced cmp byte [ebp - 0x3c], 0 -je short loc_00012a0f ; je 0x12a0f +je short loc_00012a9f ; je 0x12a9f mov cl, byte [ebp - 0x3e] mov al, cl sub eax, 4 cmp al, 1 -jbe short loc_000129f9 ; jbe 0x129f9 +jbe short loc_00012a89 ; jbe 0x12a89 test cl, cl -loc_000129f7: ; not directly referenced -jne short loc_00012a0f ; jne 0x12a0f +loc_00012a87: ; not directly referenced +jne short loc_00012a9f ; jne 0x12a9f -loc_000129f9: ; not directly referenced +loc_00012a89: ; not directly referenced push eax push eax push 0xf3 lea eax, [ebx + 0xf7] push eax -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d add esp, 0x10 -loc_00012a0f: ; not directly referenced +loc_00012a9f: ; not directly referenced cmp dword [ebp - 0x50], 0 -jne short loc_00012a28 ; jne 0x12a28 +jne short loc_00012ab8 ; jne 0x12ab8 push esi add ebx, 0xd4 push esi push 2 push ebx -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_00012a28: ; not directly referenced +loc_00012ab8: ; not directly referenced inc dword [ebp - 0x2c] -jmp near loc_00012665 ; jmp 0x12665 +jmp near loc_000126f5 ; jmp 0x126f5 -loc_00012a30: ; not directly referenced +loc_00012ac0: ; not directly referenced mov eax, dword [ebp + 8] cmp byte [eax + 0x1a9], 0 -jne short loc_00012a6e ; jne 0x12a6e +jne short loc_00012afe ; jne 0x12afe mov eax, dword [ebp + 0xc] mov ecx, 8 sub cl, byte [ebp - 0x39] @@ -30370,7 +30427,7 @@ mov ecx, edx shr ecx, 0x10 and ecx, eax cmp ecx, eax -je short loc_00012a6e ; je 0x12a6e +je short loc_00012afe ; je 0x12afe mov cl, byte [ebp - 0x3a] mov eax, 0x10000 shl eax, cl @@ -30379,26 +30436,26 @@ and eax, edx mov edx, dword [ebp + 0xc] mov dword [edx], eax -loc_00012a6e: ; not directly referenced +loc_00012afe: ; not directly referenced sub esp, 0xc push dword [ebp - 0x4c] -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, 0x400000 -je short loc_00012ad6 ; je 0x12ad6 +je short loc_00012b66 ; je 0x12b66 mov eax, dword [ebp + 8] cmp byte [eax + 0x1a6], 0 -je short loc_00012ad6 ; je 0x12ad6 +je short loc_00012b66 ; je 0x12b66 movzx eax, byte [eax + 0x1a7] mov ecx, dword [ebp + 8] imul edx, eax, 0x2c test byte [ecx + edx + 0x46], 1 -je short loc_00012ad6 ; je 0x12ad6 +je short loc_00012b66 ; je 0x12b66 push edx push edx push eax push dword [ebp - 0x30] -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f add esp, 0xc movzx eax, al push eax @@ -30406,21 +30463,21 @@ mov eax, dword [ebp + 8] push 0x1c movzx eax, byte [eax + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop ecx pop ebx push 3 add eax, 0xec push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_00012ad6: ; not directly referenced +loc_00012b66: ; not directly referenced mov edx, dword [ebp + 8] mov eax, dword [ebp + 0xc] cmp byte [edx + 0x1a8], 0 mov eax, dword [eax] -je short loc_00012b05 ; je 0x12b05 +je short loc_00012b95 ; je 0x12b95 sub esp, 0xc push dword [ebp - 0x30] shr eax, 0x10 @@ -30431,41 +30488,41 @@ push eax push edx movzx eax, byte [edx + 1] push eax -call fcn_00011de4 ; call 0x11de4 +call fcn_00011e74 ; call 0x11e74 add esp, 0x20 -loc_00012b05: ; not directly referenced +loc_00012b95: ; not directly referenced xor ebx, ebx -loc_00012b07: ; not directly referenced +loc_00012b97: ; not directly referenced cmp byte [ebp - 0x39], bl -jbe short loc_00012b47 ; jbe 0x12b47 +jbe short loc_00012bd7 ; jbe 0x12bd7 push eax mov eax, dword [ebp + 8] push ebx push 0x1c movzx eax, byte [eax + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [esp], eax mov esi, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 inc ax -je short loc_00012b44 ; je 0x12b44 +je short loc_00012bd4 ; je 0x12bd4 push edi add esi, 0x320 push edi push 0x1800000 push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_00012b44: ; not directly referenced +loc_00012bd4: ; not directly referenced inc ebx -jmp short loc_00012b07 ; jmp 0x12b07 +jmp short loc_00012b97 ; jmp 0x12b97 -loc_00012b47: ; not directly referenced +loc_00012bd7: ; not directly referenced mov edi, dword [ebp - 0x30] push edx push edx @@ -30473,50 +30530,50 @@ push 0x80000080 mov eax, edi add eax, 0x2314 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov eax, edi pop ecx add eax, 0x1114 pop ebx push 0xc000 push eax -call fcn_00018863 ; call 0x18863 -call fcn_000153e9 ; call 0x153e9 +call fcn_00018927 ; call 0x18927 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00012bd0 ; je 0x12bd0 +je short loc_00012c60 ; je 0x12c60 push eax push eax -push ref_00024f2c ; push 0x24f2c +push ref_00024fdb ; push 0x24fdb push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_00012bd0 ; jmp 0x12bd0 +jmp short loc_00012c60 ; jmp 0x12c60 -loc_00012b91: ; not directly referenced +loc_00012c21: ; not directly referenced sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 0xc -je loc_00012402 ; je 0x12402 +je loc_00012492 ; je 0x12492 sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0xc cmp eax, 8 -jmp near loc_00012400 ; jmp 0x12400 +jmp near loc_00012490 ; jmp 0x12490 -loc_00012bbc: ; not directly referenced +loc_00012c4c: ; not directly referenced mov cl, byte [ebp - 0x2c] mov eax, 0x10000 shl eax, cl mov ecx, dword [ebp + 0xc] or dword [ecx], eax -jmp near loc_000129c8 ; jmp 0x129c8 +jmp near loc_00012a58 ; jmp 0x12a58 -loc_00012bd0: ; not directly referenced +loc_00012c60: ; not directly referenced lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -30525,7 +30582,7 @@ pop edi pop ebp ret -fcn_00012bda: ; not directly referenced +fcn_00012c6a: ; not directly referenced push ebp mov ebp, esp push edi @@ -30536,27 +30593,27 @@ sub esp, 0xc mov edi, dword [ebp + 0xc] mov esi, dword [ebp + 0x10] -loc_00012bee: ; not directly referenced +loc_00012c7e: ; not directly referenced sub esp, 0xc push dword [ebp + 8] -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 and eax, edi cmp ax, si -je short loc_00012c1a ; je 0x12c1a +je short loc_00012caa ; je 0x12caa sub esp, 0xc push 0x64 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 dec ebx -jne short loc_00012bee ; jne 0x12bee +jne short loc_00012c7e ; jne 0x12c7e mov eax, 0x80000012 -jmp short loc_00012c1c ; jmp 0x12c1c +jmp short loc_00012cac ; jmp 0x12cac -loc_00012c1a: ; not directly referenced +loc_00012caa: ; not directly referenced xor eax, eax -loc_00012c1c: ; not directly referenced +loc_00012cac: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -30564,7 +30621,7 @@ pop edi pop ebp ret -fcn_00012c24: ; not directly referenced +fcn_00012cb4: ; not directly referenced push ebp mov ebp, esp push edi @@ -30578,85 +30635,85 @@ push 1 lea ebx, [esi + 0x68] push ebx mov dword [ebp - 0x1c], eax -call fcn_00012bda ; call 0x12bda +call fcn_00012c6a ; call 0x12c6a add esp, 0x10 test eax, eax -jns short loc_00012c60 ; jns 0x12c60 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00012cf0 ; jns 0x12cf0 +call fcn_00015479 ; call 0x15479 test al, al -je loc_00012cea ; je 0x12cea +je loc_00012d7a ; je 0x12d7a push eax push eax -push ref_00024f44 ; push 0x24f44 -jmp short loc_00012cdd ; jmp 0x12cdd +push ref_00024ff3 ; push 0x24ff3 +jmp short loc_00012d6d ; jmp 0x12d6d -loc_00012c60: ; not directly referenced +loc_00012cf0: ; not directly referenced mov eax, dword [ebp + 0xc] push ecx push ecx push dword [eax] lea eax, [esi + 0x60] push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop edi pop eax push 3 push ebx -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0xc push 0 push 1 push ebx -call fcn_00012bda ; call 0x12bda +call fcn_00012c6a ; call 0x12c6a add esp, 0x10 mov edi, eax test eax, eax -jns short loc_00012c9f ; jns 0x12c9f +jns short loc_00012d2f ; jns 0x12d2f push edx push edx push 0xfffe push ebx -call fcn_00018890 ; call 0x18890 -jmp short loc_00012cc8 ; jmp 0x12cc8 +call fcn_00018954 ; call 0x18954 +jmp short loc_00012d58 ; jmp 0x12d58 -loc_00012c9f: ; not directly referenced +loc_00012d2f: ; not directly referenced xor edi, edi cmp byte [ebp - 0x1c], 1 -jne short loc_00012cef ; jne 0x12cef +jne short loc_00012d7f ; jne 0x12d7f sub esp, 0xc push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 2 -je short loc_00012ccd ; je 0x12ccd +je short loc_00012d5d ; je 0x12d5d sub esp, 0xc add esi, 0x64 push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp + 0xc] mov dword [edx], eax -loc_00012cc8: ; not directly referenced +loc_00012d58: ; not directly referenced add esp, 0x10 -jmp short loc_00012cef ; jmp 0x12cef +jmp short loc_00012d7f ; jmp 0x12d7f -loc_00012ccd: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00012d5d: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00012cea ; je 0x12cea +je short loc_00012d7a ; je 0x12d7a push eax push eax -push ref_00024f73 ; push 0x24f73 +push ref_00025022 ; push 0x25022 -loc_00012cdd: ; not directly referenced +loc_00012d6d: ; not directly referenced push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00012cea: ; not directly referenced +loc_00012d7a: ; not directly referenced mov edi, 0x80000007 -loc_00012cef: ; not directly referenced +loc_00012d7f: ; not directly referenced lea esp, [ebp - 0xc] mov eax, edi pop ebx @@ -30665,7 +30722,7 @@ pop edi pop ebp ret -fcn_00012cf9: ; not directly referenced +fcn_00012d89: ; not directly referenced push ebp mov ebp, esp push edi @@ -30676,60 +30733,60 @@ mov al, byte [ebp + 0xc] mov byte [ebp - 0x29], al mov al, byte [ebp + 0x10] mov byte [ebp - 0x2a], al -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00012d35 ; je 0x12d35 +je short loc_00012dc5 ; je 0x12dc5 cmp dword [ebp + 8], 0 -jne short loc_00012d35 ; jne 0x12d35 +jne short loc_00012dc5 ; jne 0x12dc5 push eax -push ref_00024f96 ; push 0x24f96 +push ref_00025045 ; push 0x25045 push 0x96 -push ref_00024faa ; push 0x24faa -call fcn_000153fc ; call 0x153fc +push ref_00025059 ; push 0x25059 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00012d35: ; not directly referenced +loc_00012dc5: ; not directly referenced xor ebx, ebx lea esi, [ebp - 0x1c] -loc_00012d3a: ; not directly referenced +loc_00012dca: ; not directly referenced push esi push 0 push ebx -push ref_0002907c ; push 0x2907c +push ref_0002912c ; push 0x2912c mov dword [ebp - 0x1c], 0 -call fcn_00019699 ; call 0x19699 +call fcn_0001975d ; call 0x1975d add esp, 0x10 test eax, eax -jne short loc_00012d88 ; jne 0x12d88 +jne short loc_00012e18 ; jne 0x12e18 mov edx, dword [ebp - 0x1c] test edx, edx -je short loc_00012d88 ; je 0x12d88 +je short loc_00012e18 ; je 0x12e18 movzx ecx, word [edx] movzx edi, word [edx + 2] shl ecx, 0x10 or ecx, edi cmp ecx, dword [ebp + 8] -jne short loc_00012d88 ; jne 0x12d88 +jne short loc_00012e18 ; jne 0x12e18 mov cl, byte [edx + 4] cmp cl, 0xff -je short loc_00012d7b ; je 0x12d7b +je short loc_00012e0b ; je 0x12e0b cmp cl, byte [ebp - 0x29] -jne short loc_00012d88 ; jne 0x12d88 +jne short loc_00012e18 ; jne 0x12e18 -loc_00012d7b: ; not directly referenced +loc_00012e0b: ; not directly referenced mov dl, byte [edx + 5] cmp dl, 0xff -je short loc_00012d8d ; je 0x12d8d +je short loc_00012e1d ; je 0x12e1d cmp dl, byte [ebp - 0x2a] -je short loc_00012d8d ; je 0x12d8d +je short loc_00012e1d ; je 0x12e1d -loc_00012d88: ; not directly referenced +loc_00012e18: ; not directly referenced inc ebx test eax, eax -je short loc_00012d3a ; je 0x12d3a +je short loc_00012dca ; je 0x12dca -loc_00012d8d: ; not directly referenced +loc_00012e1d: ; not directly referenced mov eax, dword [ebp - 0x1c] lea esp, [ebp - 0xc] pop ebx @@ -30738,7 +30795,7 @@ pop edi pop ebp ret -fcn_00012d98: ; not directly referenced +fcn_00012e28: ; not directly referenced push ebp mov ebp, esp push esi @@ -30750,38 +30807,38 @@ push 0 push 0x1f movzx eax, byte [ebx + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 lea edx, [eax + 0x63bf] cmp dx, 6 -jbe short loc_00012dd6 ; jbe 0x12dd6 +jbe short loc_00012e66 ; jbe 0x12e66 add ax, 0x633f cmp ax, 0xa -ja short loc_00012e19 ; ja 0x12e19 +ja short loc_00012ea9 ; ja 0x12ea9 -loc_00012dd6: ; not directly referenced +loc_00012e66: ; not directly referenced push ecx push 0 push 0x1b movzx eax, byte [ebx + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ebx, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00012e04 ; je 0x12e04 +je short loc_00012e94 ; je 0x12e94 push edx push edx -push ref_00024fd2 ; push 0x24fd2 +push ref_00025081 ; push 0x25081 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00012e04: ; not directly referenced +loc_00012e94: ; not directly referenced push eax mov eax, esi movzx esi, al @@ -30789,10 +30846,10 @@ add ebx, 0x42 push esi push 0x3f push ebx -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a add esp, 0x10 -loc_00012e19: ; not directly referenced +loc_00012ea9: ; not directly referenced lea esp, [ebp - 8] xor eax, eax pop ebx @@ -30800,27 +30857,27 @@ pop esi pop ebp ret -fcn_00012e22: ; not directly referenced +fcn_00012eb2: ; not directly referenced push ebp mov ebp, esp push edi push esi push ebx sub esp, 0x4c -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00012e45 ; je 0x12e45 +je short loc_00012ed5 ; je 0x12ed5 push eax push eax -push ref_00025017 ; push 0x25017 +push ref_000250c6 ; push 0x250c6 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00012e45: ; not directly referenced +loc_00012ed5: ; not directly referenced mov eax, dword [ebp + 8] mov esi, dword [eax + 4] -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb lea edi, [esi + 0x2030] mov dword [ebp - 0x2c], eax push eax @@ -30829,7 +30886,7 @@ push 0 push 0x1b movzx eax, byte [eax + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0x1f @@ -30838,72 +30895,72 @@ mov eax, dword [ebp + 8] lea esi, [ebx + 0x120] movzx eax, byte [eax + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov dword [esp], edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, eax -jns short loc_00012edf ; jns 0x12edf +jns short loc_00012f6f ; jns 0x12f6f sub esp, 0xc push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0xc and eax, 0xfe or eax, 0x2000000 push eax push 0xf8ffff01 push esi -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp dword [ebp - 0x2c], 1 -jne short loc_00012edf ; jne 0x12edf +jne short loc_00012f6f ; jne 0x12f6f push eax push eax push 0xf7ff lea eax, [ebx + 0x78] push eax -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0x10 -loc_00012edf: ; not directly referenced +loc_00012f6f: ; not directly referenced sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, 0x7000000 -je short loc_00012f33 ; je 0x12f33 +je short loc_00012fc3 ; je 0x12fc3 push eax push eax push 0xffffff01 lea eax, [ebx + 0x114] push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 cmp dword [ebp - 0x2c], 1 -jne short loc_00012f1d ; jne 0x12f1d +jne short loc_00012fad ; jne 0x12fad push edi push edi push 0x80000000 push esi -call fcn_00018a50 ; call 0x18a50 -jmp short loc_00012f30 ; jmp 0x12f30 +call fcn_00018b14 ; call 0x18b14 +jmp short loc_00012fc0 ; jmp 0x12fc0 -loc_00012f1d: ; not directly referenced +loc_00012fad: ; not directly referenced cmp dword [ebp - 0x2c], 2 -jne short loc_00012f33 ; jne 0x12f33 +jne short loc_00012fc3 ; jne 0x12fc3 push ecx push ecx push 0x7fffffff push esi -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e -loc_00012f30: ; not directly referenced +loc_00012fc0: ; not directly referenced add esp, 0x10 -loc_00012f33: ; not directly referenced +loc_00012fc3: ; not directly referenced mov eax, dword [ebp + 8] lea ecx, [ebx + 0x10] mov dword [ebp - 0x40], ecx @@ -30913,149 +30970,149 @@ push edx push eax push ecx mov dword [ebp - 0x34], eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f lea eax, [ebx + 0x14] pop ecx pop esi mov dword [ebp - 0x44], eax push 0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f lea eax, [ebx + 4] pop edi pop edx mov dword [ebp - 0x48], eax push 2 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 cmp dword [ebp - 0x2c], 1 -jne short loc_00012f9e ; jne 0x12f9e +jne short loc_0001302e ; jne 0x1302e push esi push esi push 0x10 lea eax, [ebx + 0x43] push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 pop edi pop eax lea eax, [ebx + 0xc0] push 0x20000 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 mov eax, 0x4000 -jmp short loc_00012fbe ; jmp 0x12fbe +jmp short loc_0001304e ; jmp 0x1304e -loc_00012f9e: ; not directly referenced +loc_0001302e: ; not directly referenced xor eax, eax cmp dword [ebp - 0x2c], 2 -jne short loc_00012fbe ; jne 0x12fbe +jne short loc_0001304e ; jne 0x1304e push ecx push ecx push 0xbf lea eax, [ebx + 0x43] push eax -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d add esp, 0x10 mov eax, 0x1000000 -loc_00012fbe: ; not directly referenced +loc_0001304e: ; not directly referenced push edx push edx push eax lea eax, [ebx + 0xc4] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 cmp dword [ebp - 0x2c], 1 -jne short loc_00012fec ; jne 0x12fec +jne short loc_0001307c ; jne 0x1307c push eax push eax push 0x7fffffff lea eax, [ebx + 0xd0] push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_00012fec: ; not directly referenced +loc_0001307c: ; not directly referenced mov eax, dword [ebp + 8] cmp byte [eax + 0x372], 0 -jne short loc_00013007 ; jne 0x13007 +jne short loc_00013097 ; jne 0x13097 push eax push eax push 0x7f lea eax, [ebx + 0x4d] push eax -call fcn_00018699 ; call 0x18699 -jmp short loc_00013033 ; jmp 0x13033 +call fcn_0001875d ; call 0x1875d +jmp short loc_000130c3 ; jmp 0x130c3 -loc_00013007: ; not directly referenced +loc_00013097: ; not directly referenced mov eax, dword [ebp + 8] cmp byte [eax + 0x373], 0 -je short loc_00013036 ; je 0x13036 +je short loc_000130c6 ; je 0x130c6 sub esp, 0xc lea eax, [ebx + 0x4d] push eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 test al, 1 -jne short loc_00013036 ; jne 0x13036 +jne short loc_000130c6 ; jne 0x130c6 push edi push edi push 1 lea eax, [ebx + 0x4c] push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 -loc_00013033: ; not directly referenced +loc_000130c3: ; not directly referenced add esp, 0x10 -loc_00013036: ; not directly referenced +loc_000130c6: ; not directly referenced cmp dword [ebp - 0x2c], 2 -jne short loc_00013069 ; jne 0x13069 +jne short loc_000130f9 ; jne 0x130f9 push eax push eax mov eax, dword [ebp - 0x34] push 1 add eax, 0x12 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 pop eax pop edx lea eax, [ebx + 0x41] push 1 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 lea eax, [ebx + 0x42] pop ecx pop esi push 4 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 -loc_00013069: ; not directly referenced +loc_000130f9: ; not directly referenced mov edi, dword [ebp - 0x34] push eax push eax push 1 lea esi, [edi + 8] push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0xc push 1 push 1 push esi -call fcn_00012bda ; call 0x12bda +call fcn_00012c6a ; call 0x12c6a mov dword [esp], edi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 pop edx pop ecx movzx eax, ax push eax push edi -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 mov ecx, 3 cmp dword [ebp - 0x2c], 2 pop eax @@ -31066,62 +31123,62 @@ lea edx, [edi + 0xe] push eax push edx mov dword [ebp - 0x3c], edx -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 pop ecx pop edi push 0xfffffffffffffffe push esi -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0xc push 0 push 1 push esi -call fcn_00012bda ; call 0x12bda +call fcn_00012c6a ; call 0x12c6a add esp, 0x10 mov edi, eax test eax, eax -jns short loc_000130f0 ; jns 0x130f0 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00013180 ; jns 0x13180 +call fcn_00015479 ; call 0x15479 test al, al -je loc_00013407 ; je 0x13407 +je loc_00013497 ; je 0x13497 push eax push eax -push ref_0002502e ; push 0x2502e -jmp short loc_00013136 ; jmp 0x13136 +push ref_000250dd ; push 0x250dd +jmp short loc_000131c6 ; jmp 0x131c6 -loc_000130f0: ; not directly referenced +loc_00013180: ; not directly referenced push edi push edi push 1 push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov eax, dword [ebp + 8] movzx eax, word [eax + 0x374] mov dword [esp], eax -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0xc push 1 push 1 push esi -call fcn_00012bda ; call 0x12bda +call fcn_00012c6a ; call 0x12c6a add esp, 0x10 mov edi, eax test eax, eax -jns short loc_00013148 ; jns 0x13148 -call fcn_000153e9 ; call 0x153e9 +jns short loc_000131d8 ; jns 0x131d8 +call fcn_00015479 ; call 0x15479 test al, al -je loc_00013407 ; je 0x13407 +je loc_00013497 ; je 0x13497 push ecx push ecx -push ref_00025069 ; push 0x25069 +push ref_00025118 ; push 0x25118 -loc_00013136: ; not directly referenced +loc_000131c6: ; not directly referenced push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp near loc_00013407 ; jmp 0x13407 +jmp near loc_00013497 ; jmp 0x13497 -loc_00013148: ; not directly referenced +loc_000131d8: ; not directly referenced cmp dword [ebp - 0x2c], 2 mov edx, 3 mov eax, 0xf @@ -31130,11 +31187,11 @@ cmove eax, edx xor edx, edx mov word [ebp - 0x38], ax -loc_00013164: ; not directly referenced +loc_000131f4: ; not directly referenced sub esp, 0xc push dword [ebp - 0x3c] mov dword [ebp - 0x4c], edx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov edx, dword [ebp - 0x4c] add esp, 0x10 mov byte [ebp - 0x2d], al @@ -31142,56 +31199,56 @@ mov al, byte [ebp - 0x38] and byte [ebp - 0x2d], al mov al, byte [ebp - 0x2d] cmp al, dl -jne short loc_0001318c ; jne 0x1318c +jne short loc_0001321c ; jne 0x1321c test al, al -jne short loc_000131db ; jne 0x131db +jne short loc_0001326b ; jne 0x1326b -loc_0001318c: ; not directly referenced +loc_0001321c: ; not directly referenced sub esp, 0xc push 0x64 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 dec edi -je short loc_000131a1 ; je 0x131a1 +je short loc_00013231 ; je 0x13231 mov dl, byte [ebp - 0x2d] -jmp short loc_00013164 ; jmp 0x13164 +jmp short loc_000131f4 ; jmp 0x131f4 -loc_000131a1: ; not directly referenced +loc_00013231: ; not directly referenced cmp byte [ebp - 0x2d], 0 -jne short loc_000131db ; jne 0x131db -call fcn_000153e9 ; call 0x153e9 +jne short loc_0001326b ; jne 0x1326b +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000131c4 ; je 0x131c4 +je short loc_00013254 ; je 0x13254 push edx push edx -push ref_000250a4 ; push 0x250a4 +push ref_00025153 ; push 0x25153 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000131c4: ; not directly referenced +loc_00013254: ; not directly referenced push eax mov edi, 0x80000007 push eax push 0xfffffffffffffffe push esi -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -jmp near loc_00013407 ; jmp 0x13407 +jmp near loc_00013497 ; jmp 0x13497 -loc_000131db: ; not directly referenced +loc_0001326b: ; not directly referenced mov eax, dword [ebp + 8] cmp byte [eax + 0x371], 1 -jne short loc_000131fa ; jne 0x131fa +jne short loc_0001328a ; jne 0x1328a push eax add ebx, 0x54 push eax push 0x100 push ebx -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_000131fa: ; not directly referenced +loc_0001328a: ; not directly referenced xor eax, eax cmp dword [ebp - 0x2c], 2 mov byte [ebp - 0x2c], 0 @@ -31199,25 +31256,25 @@ setne al lea eax, [eax + eax + 2] mov word [ebp - 0x3c], ax -loc_0001320f: ; not directly referenced +loc_0001329f: ; not directly referenced movzx eax, byte [ebp - 0x2c] cmp ax, word [ebp - 0x3c] -jae loc_00013405 ; jae 0x13405 +jae loc_00013495 ; jae 0x13495 test byte [ebp - 0x2d], 1 -jne short loc_00013240 ; jne 0x13240 -call fcn_000153e9 ; call 0x153e9 +jne short loc_000132d0 ; jne 0x132d0 +call fcn_00015479 ; call 0x15479 test al, al -je loc_000133fa ; je 0x133fa +je loc_0001348a ; je 0x1348a push eax movzx eax, byte [ebp - 0x2c] push eax -push ref_000250c3 ; push 0x250c3 -jmp near loc_00013345 ; jmp 0x13345 +push ref_00025172 ; push 0x25172 +jmp near loc_000133d5 ; jmp 0x133d5 -loc_00013240: ; not directly referenced +loc_000132d0: ; not directly referenced mov eax, dword [ebp + 8] cmp byte [eax + 0x371], 0 -je short loc_0001326b ; je 0x1326b +je short loc_000132fb ; je 0x132fb mov cl, byte [ebp - 0x2c] push eax push eax @@ -31228,10 +31285,10 @@ push eax mov eax, dword [ebp - 0x34] add eax, 0xc push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_0001326b: ; not directly referenced +loc_000132fb: ; not directly referenced movzx ebx, byte [ebp - 0x2c] mov eax, ebx shl eax, 0x1c @@ -31243,20 +31300,20 @@ push 1 lea eax, [ebp - 0x24] push eax push dword [ebp - 0x34] -call fcn_00012c24 ; call 0x12c24 +call fcn_00012cb4 ; call 0x12cb4 add esp, 0x10 mov edi, eax test eax, eax -jns short loc_000132b0 ; jns 0x132b0 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00013340 ; jns 0x13340 +call fcn_00015479 ; call 0x15479 test al, al -je loc_00013407 ; je 0x13407 +je loc_00013497 ; je 0x13497 push eax push eax -push ref_000250e0 ; push 0x250e0 -jmp near loc_00013136 ; jmp 0x13136 +push ref_0002518f ; push 0x2518f +jmp near loc_000131c6 ; jmp 0x131c6 -loc_000132b0: ; not directly referenced +loc_00013340: ; not directly referenced mov eax, dword [ebp - 0x38] push esi push 1 @@ -31265,63 +31322,63 @@ mov dword [ebp - 0x20], eax lea eax, [ebp - 0x20] push eax push dword [ebp - 0x34] -call fcn_00012c24 ; call 0x12c24 +call fcn_00012cb4 ; call 0x12cb4 add esp, 0x10 mov edi, eax test eax, eax -jns short loc_000132ec ; jns 0x132ec -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001337c ; jns 0x1337c +call fcn_00015479 ; call 0x15479 test al, al -je loc_00013407 ; je 0x13407 +je loc_00013497 ; je 0x13497 push ecx push ecx -push ref_00025114 ; push 0x25114 -jmp near loc_00013136 ; jmp 0x13136 +push ref_000251c3 ; push 0x251c3 +jmp near loc_000131c6 ; jmp 0x131c6 -loc_000132ec: ; not directly referenced +loc_0001337c: ; not directly referenced mov eax, dword [ebp - 0x20] movzx eax, ah mov dword [ebp - 0x20], eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00013317 ; je 0x13317 +je short loc_000133a7 ; je 0x133a7 sub esp, 0xc push dword [ebp - 0x20] push dword [ebp - 0x24] push ebx -push ref_00025140 ; push 0x25140 +push ref_000251ef ; push 0x251ef push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00013317: ; not directly referenced +loc_000133a7: ; not directly referenced movzx eax, byte [ebp - 0x20] push edx push ebx push eax push dword [ebp - 0x24] -call fcn_00012cf9 ; call 0x12cf9 +call fcn_00012d89 ; call 0x12d89 add esp, 0x10 mov esi, eax test eax, eax -jne short loc_00013357 ; jne 0x13357 -call fcn_000153e9 ; call 0x153e9 +jne short loc_000133e7 ; jne 0x133e7 +call fcn_00015479 ; call 0x15479 test al, al -je loc_000133fa ; je 0x133fa +je loc_0001348a ; je 0x1348a push eax push dword [ebp - 0x24] -push ref_00025170 ; push 0x25170 +push ref_0002521f ; push 0x2521f -loc_00013345: ; not directly referenced +loc_000133d5: ; not directly referenced push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp near loc_000133fa ; jmp 0x133fa +jmp near loc_0001348a ; jmp 0x1348a -loc_00013357: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_000133e7: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00013388 ; je 0x13388 +je short loc_00013418 ; je 0x13418 push eax movzx eax, word [esi + 6] push eax @@ -31333,34 +31390,34 @@ movzx eax, word [esi + 2] push eax movzx eax, word [esi] push eax -push ref_000251b6 ; push 0x251b6 +push ref_00025265 ; push 0x25265 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_00013388: ; not directly referenced +loc_00013418: ; not directly referenced xor ebx, ebx -loc_0001338a: ; not directly referenced +loc_0001341a: ; not directly referenced movzx eax, word [esi + 6] cmp ebx, eax -jae short loc_000133fa ; jae 0x133fa +jae short loc_0001348a ; jae 0x1348a mov eax, dword [esi + ebx*4 + 0xc] mov dword [ebp - 0x1c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000133c2 ; je 0x133c2 +je short loc_00013452 ; je 0x13452 mov eax, dword [ebp - 0x1c] shr eax, 0x1c -je short loc_000133c2 ; je 0x133c2 +je short loc_00013452 ; je 0x13452 push eax -push ref_0002520c ; push 0x2520c +push ref_000252bb ; push 0x252bb push 0x26a -push ref_00024faa ; push 0x24faa -call fcn_000153fc ; call 0x153fc +push ref_00025059 ; push 0x25059 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000133c2: ; not directly referenced +loc_00013452: ; not directly referenced mov eax, dword [ebp - 0x38] or dword [ebp - 0x1c], eax push eax @@ -31368,59 +31425,59 @@ push 0 lea eax, [ebp - 0x1c] push eax push dword [ebp - 0x34] -call fcn_00012c24 ; call 0x12c24 +call fcn_00012cb4 ; call 0x12cb4 add esp, 0x10 mov edi, eax test eax, eax -jns short loc_000133f7 ; jns 0x133f7 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00013487 ; jns 0x13487 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00013407 ; je 0x13407 +je short loc_00013497 ; je 0x13497 push eax push dword [ebp - 0x24] -push ref_00025226 ; push 0x25226 -jmp near loc_00013136 ; jmp 0x13136 +push ref_000252d5 ; push 0x252d5 +jmp near loc_000131c6 ; jmp 0x131c6 -loc_000133f7: ; not directly referenced +loc_00013487: ; not directly referenced inc ebx -jmp short loc_0001338a ; jmp 0x1338a +jmp short loc_0001341a ; jmp 0x1341a -loc_000133fa: ; not directly referenced +loc_0001348a: ; not directly referenced inc byte [ebp - 0x2c] shr byte [ebp - 0x2d], 1 -jmp near loc_0001320f ; jmp 0x1320f +jmp near loc_0001329f ; jmp 0x1329f -loc_00013405: ; not directly referenced +loc_00013495: ; not directly referenced xor edi, edi -loc_00013407: ; not directly referenced +loc_00013497: ; not directly referenced push edx push edx push 0xfffd push dword [ebp - 0x48] -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 pop ecx pop ebx push 0 push dword [ebp - 0x40] -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop esi pop eax push 0 push dword [ebp - 0x44] -call fcn_00017dcb ; call 0x17dcb -call fcn_000153e9 ; call 0x153e9 +call fcn_00017e8f ; call 0x17e8f +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_0001344b ; je 0x1344b +je short loc_000134db ; je 0x134db push eax push eax -push ref_0002525a ; push 0x2525a +push ref_00025309 ; push 0x25309 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001344b: ; not directly referenced +loc_000134db: ; not directly referenced lea esp, [ebp - 0xc] mov eax, edi pop ebx @@ -31429,7 +31486,7 @@ pop edi pop ebp ret -fcn_00013455: +fcn_000134e5: push ebp mov ebp, esp push edi @@ -31440,27 +31497,27 @@ sub esp, 0xc mov esi, dword [ebp + 0xc] lea edi, [esi + 0x20] -loc_00013469: +loc_000134f9: sub esp, 0xc push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 2 -je short loc_00013489 ; je 0x13489 +je short loc_00013519 ; je 0x13519 sub esp, 0xc push 0x64 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 dec ebx -jne short loc_00013469 ; jne 0x13469 +jne short loc_000134f9 ; jne 0x134f9 -loc_00013489: +loc_00013519: sub esp, 0xc push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 2 -jne short loc_000134b2 ; jne 0x134b2 +jne short loc_00013542 ; jne 0x13542 add esi, 0x60 mov dword [ebp + 8], esi mov dword [ebp + 0xc], 1 @@ -31469,9 +31526,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -loc_000134b2: +loc_00013542: lea esp, [ebp - 0xc] pop ebx pop esi @@ -31479,7 +31536,7 @@ pop edi pop ebp ret -fcn_000134ba: +fcn_0001354a: push ebp mov ebp, esp push edi @@ -31489,18 +31546,18 @@ sub esp, 0x18 mov ebx, dword [ebp + 0x14] lea esi, [ebx + 0x84] push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 1 -je short loc_00013502 ; je 0x13502 +je short loc_00013592 ; je 0x13592 -loc_000134d9: +loc_00013569: sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 1 -je short loc_00013547 ; je 0x13547 +je short loc_000135d7 ; je 0x135d7 sub ebx, 0xffffff80 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], 2 @@ -31509,38 +31566,38 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018863 ; jmp 0x18863 +jmp near fcn_00018927 ; jmp 0x18927 -loc_00013502: +loc_00013592: sub esp, 0xc lea edi, [ebx + 0x80] push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edx pop ecx and eax, 0xfffffffe push eax push edi mov edi, 0xc8 -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_00013525: +loc_000135b5: sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 1 -jne short loc_000134d9 ; jne 0x134d9 +jne short loc_00013569 ; jne 0x13569 sub esp, 0xc push 0x64 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 dec edi -jne short loc_00013525 ; jne 0x13525 -jmp short loc_000134d9 ; jmp 0x134d9 +jne short loc_000135b5 ; jne 0x135b5 +jmp short loc_00013569 ; jmp 0x13569 -loc_00013547: +loc_000135d7: lea esp, [ebp - 0xc] pop ebx pop esi @@ -31548,7 +31605,7 @@ pop edi pop ebp ret -fcn_0001354f: +fcn_000135df: push ebp mov ebp, esp push edi @@ -31559,123 +31616,123 @@ movzx eax, byte [ebp + 0x10] mov byte [ebp - 0x19], 0 mov dword [ebp - 0x2c], eax -loc_00013563: -call fcn_0001c181 ; call 0x1c181 +loc_000135f3: +call fcn_0001c245 ; call 0x1c245 cmp byte [ebp - 0x19], al -jae loc_00013764 ; jae 0x13764 +jae loc_000137f4 ; jae 0x137f4 movzx esi, byte [ebp - 0x19] push ecx -movzx eax, byte [esi + esi + ref_00020461] ; movzx eax, byte [esi + esi + 0x20461] +movzx eax, byte [esi + esi + ref_000204f1] ; movzx eax, byte [esi + esi + 0x204f1] push eax -movzx eax, byte [esi + esi + ref_00020460] ; movzx eax, byte [esi + esi + 0x20460] +movzx eax, byte [esi + esi + ref_000204f0] ; movzx eax, byte [esi + esi + 0x204f0] push eax push dword [ebp - 0x2c] mov dword [ebp - 0x28], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 mov ebx, eax mov eax, dword [ebp + 8] lea eax, [eax + esi*8] cmp byte [eax], 0 mov dword [ebp - 0x24], eax -jne short loc_000135c0 ; jne 0x135c0 +jne short loc_00013650 ; jne 0x13650 push edi push edi push 0 lea eax, [ebx + 0x10] add ebx, 4 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax pop edx push 0 push ebx -jmp near loc_0001371f ; jmp 0x1371f +jmp near loc_000137af ; jmp 0x137af -loc_000135c0: +loc_00013650: mov eax, dword [ebp + 8] cmp byte [eax + 0x13], 1 -jne short loc_000135dc ; jne 0x135dc +jne short loc_0001366c ; jne 0x1366c push esi push esi push 0xfffc lea eax, [ebx + 0x78] push eax -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0x10 -loc_000135dc: +loc_0001366c: sub esp, 0xc lea edi, [ebx + 0x10] push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, eax -jne short loc_0001361f ; jne 0x1361f +jne short loc_000136af ; jne 0x136af sub esp, 0xc lea eax, [ebx + 4] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 2 -jne short loc_0001361f ; jne 0x1361f +jne short loc_000136af ; jne 0x136af push ecx push ecx push dword [ebp + 0xc] push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 mov esi, dword [ebp + 0xc] mov byte [ebp - 0x1a], 0 mov word [ebp - 0x1c], 0 -jmp short loc_00013640 ; jmp 0x13640 +jmp short loc_000136d0 ; jmp 0x136d0 -loc_0001361f: +loc_000136af: sub esp, 0xc push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov esi, eax lea eax, [ebx + 4] mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov byte [ebp - 0x1a], 1 mov word [ebp - 0x1c], ax -loc_00013640: +loc_000136d0: push edx push edx lea eax, [ebx + 4] push 6 push eax mov dword [ebp - 0x20], eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 cmp byte [ebp - 0x1a], 0 -jne short loc_00013669 ; jne 0x13669 +jne short loc_000136f9 ; jne 0x136f9 push eax push eax push 2 lea eax, [esi + 0x20] push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 -loc_00013669: +loc_000136f9: push eax push eax push 1 lea edx, [ebx + 0x80] push edx mov dword [ebp - 0x34], edx -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 lea ecx, [esi + 4] push 0 push 0xf push 0xc push ecx mov dword [ebp - 0x30], ecx -call fcn_00018b02 ; call 0x18b02 +call fcn_00018bc6 ; call 0x18bc6 mov eax, dword [ebp - 0x24] add esp, 0x20 mov ecx, dword [ebp - 0x30] @@ -31687,82 +31744,82 @@ push eax push 3 push 0 push ecx -call fcn_00018b02 ; call 0x18b02 +call fcn_00018bc6 ; call 0x18bc6 pop eax pop edx mov edx, dword [ebp - 0x34] push 0xfffe push edx -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 lea edx, [ebx + 0x78] mov dword [esp], edx mov dword [ebp - 0x24], edx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop ecx pop edx mov edx, dword [ebp - 0x24] or eax, 4 push eax push edx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop ecx pop eax lea eax, [ebx + 0x7c] add ebx, 0x8c push 0x4080 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov dword [esp], ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edx pop ecx and eax, 0xfbfff4ff or eax, 0x20400 push eax push ebx -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 cmp byte [ebp - 0x1a], 0 -je short loc_00013726 ; je 0x13726 +je short loc_000137b6 ; je 0x137b6 movzx eax, word [ebp - 0x1c] push esi push esi push eax push dword [ebp - 0x20] -loc_0001371f: -call fcn_00017d40 ; call 0x17d40 -jmp short loc_00013759 ; jmp 0x13759 +loc_000137af: +call fcn_00017e04 ; call 0x17e04 +jmp short loc_000137e9 ; jmp 0x137e9 -loc_00013726: +loc_000137b6: mov eax, dword [ebp + 8] cmp byte [eax + 0xb5], 0 -je short loc_00013740 ; je 0x13740 +je short loc_000137d0 ; je 0x137d0 push ebx push ebx push esi push dword [ebp - 0x28] -call fcn_00013455 ; call 0x13455 +call fcn_000134e5 ; call 0x134e5 add esp, 0x10 -loc_00013740: +loc_000137d0: push eax push eax push 0xfff9 push dword [ebp - 0x20] -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 pop edx pop ecx push 0 push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f -loc_00013759: +loc_000137e9: add esp, 0x10 inc byte [ebp - 0x19] -jmp near loc_00013563 ; jmp 0x13563 +jmp near loc_000135f3 ; jmp 0x135f3 -loc_00013764: +loc_000137f4: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -31771,7 +31828,7 @@ pop edi pop ebp ret -fcn_0001376e: +fcn_000137fe: push ebp mov ebp, esp push edi @@ -31784,59 +31841,59 @@ mov ebx, dword [ebp + 0xc] mov edi, dword [ebp + 0x18] mov dword [ebp - 0x24], ecx mov dword [ebp - 0x20], eax -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov esi, eax -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd mov dword [ebp - 0x1c], eax -call fcn_0001bb39 ; call 0x1bb39 +call fcn_0001bbfd ; call 0x1bbfd mov eax, dword [ebp - 0x20] cmp byte [eax + 0x10], 0 -je loc_00013ba6 ; je 0x13ba6 +je loc_00013c36 ; je 0x13c36 cmp esi, 1 -jne short loc_000137dc ; jne 0x137dc +jne short loc_0001386c ; jne 0x1386c sub esp, 0xc lea eax, [edi + 0xe0] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov edx, 0x15000000 and eax, 0x18 sub eax, 8 cmp eax, 0x10 -ja short loc_000137d8 ; ja 0x137d8 -mov edx, dword [eax*4 + ref_000203dc] ; mov edx, dword [eax*4 + 0x203dc] +ja short loc_00013868 ; ja 0x13868 +mov edx, dword [eax*4 + ref_0002046c] ; mov edx, dword [eax*4 + 0x2046c] -loc_000137d8: +loc_00013868: push eax push edx -jmp short loc_000137e8 ; jmp 0x137e8 +jmp short loc_00013878 ; jmp 0x13878 -loc_000137dc: +loc_0001386c: cmp dword [ebp - 0x1c], 2 -jne short loc_000137f9 ; jne 0x137f9 +jne short loc_00013889 ; jne 0x13889 push ecx push 0xf000000 -loc_000137e8: +loc_00013878: push 0xffffff lea eax, [ebx + 4] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_000137f9: +loc_00013889: push eax push eax push 0xc401 lea eax, [edi + 0x44] push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 pop eax pop edx lea eax, [edi + 0x46] push 0xf push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0xc mov edx, 0xe0000000 cmp esi, 1 @@ -31849,163 +31906,163 @@ push edx push eax lea eax, [edi + 0x50] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x200000a push 0xff00 lea eax, [ebx + 0xc] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x600 push 0xffffffffffffffdf lea eax, [ebx + 0x10] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 cmp esi, 2 -jne short loc_000138b6 ; jne 0x138b6 +jne short loc_00013946 ; jne 0x13946 cmp dword [ebp - 0x1c], 1 -jne short loc_00013891 ; jne 0x13891 +jne short loc_00013921 ; jne 0x13921 push eax add edi, 0xb0 push 0x20000 push 0xffff9fff push edi -call fcn_00018aa4 ; call 0x18aa4 -jmp short loc_000138ae ; jmp 0x138ae +call fcn_00018b68 ; call 0x18b68 +jmp short loc_0001393e ; jmp 0x1393e -loc_00013891: +loc_00013921: cmp dword [ebp - 0x1c], 2 -jne loc_000139ca ; jne 0x139ca +jne loc_00013a5a ; jne 0x13a5a push eax add edi, 0xa8 push eax push 0x22000 push edi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 -loc_000138ae: +loc_0001393e: add esp, 0x10 -jmp near loc_000139ca ; jmp 0x139ca +jmp near loc_00013a5a ; jmp 0x13a5a -loc_000138b6: +loc_00013946: cmp esi, 1 -jne short loc_000138ea ; jne 0x138ea +jne short loc_0001397a ; jne 0x1397a push eax push eax push 0xfff7ffff lea eax, [ebx + 0x8008] push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0xc push 0x110000 -loc_000138d6: +loc_00013966: push 0xfffffeff lea eax, [ebx + 0x8058] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_000138ea: +loc_0001397a: push ecx push ecx push 0x2040000 lea eax, [ebx + 0x8060] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 pop edi pop eax lea eax, [ebx + 0x8090] push 0x4100 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 pop eax pop edx lea eax, [ebx + 0x8094] push 0xa04000 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0xc push 0x40 push 0xfffeffff lea eax, [ebx + 0x80e0] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0xc00 push 0xffff8dff lea eax, [ebx + 0x80ec] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 lea eax, [ebx + 0x80f0] pop ecx pop edi push 0xffefffff push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 cmp esi, 2 -jne short loc_000139d5 ; jne 0x139d5 +jne short loc_00013a65 ; jne 0x13a65 push edi push edi push 0x2000000 lea eax, [ebx + 0x80fc] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0xc push 0x100800 push 0xfffffefb lea eax, [ebx + 0x8110] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0xff00f03c push 0 lea eax, [ebx + 0x8140] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx lea eax, [ebx + 0x8144] push 0x1c0 push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -jmp near loc_00013b97 ; jmp 0x13b97 +jmp near loc_00013c27 ; jmp 0x13c27 -loc_000139ca: +loc_00013a5a: push eax push 0x10000 -jmp near loc_000138d6 ; jmp 0x138d6 +jmp near loc_00013966 ; jmp 0x13966 -loc_000139d5: +loc_00013a65: cmp esi, 1 -jne loc_00013b97 ; jne 0x13b97 +jne loc_00013c27 ; jne 0x13c27 push ecx xor edi, edi push 0x100800 push 0xfffffffffffffffb lea eax, [ebx + 0x8110] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0xff03c132 push 0 lea eax, [ebx + 0x8140] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x100 push 0xffffff3f lea eax, [ebx + 0x8144] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 mov eax, 0x202000 -loc_00013a2b: +loc_00013abb: push ecx not eax push edi @@ -32013,104 +32070,104 @@ push eax lea edx, [ebx + 0x8154] push edx mov dword [ebp - 0x28], edx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx mov edx, dword [ebp - 0x28] push 0xfffffffffffffff7 push edx -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 cmp esi, 2 -jne loc_00013af0 ; jne 0x13af0 +jne loc_00013b80 ; jne 0x13b80 push ecx push ecx push 3 lea eax, [ebx + 0x8164] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov eax, dword [ebp - 0x1c] add esp, 0x10 cmp eax, 1 -je short loc_00013a80 ; je 0x13a80 +je short loc_00013b10 ; je 0x13b10 cmp eax, 2 mov eax, 0xe403f cmove edi, eax -jmp short loc_00013a85 ; jmp 0x13a85 +jmp short loc_00013b15 ; jmp 0x13b15 -loc_00013a80: +loc_00013b10: mov edi, 0xe0038 -loc_00013a85: +loc_00013b15: push eax push edi push 0xfff00000 lea eax, [ebx + 0x816c] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx lea eax, [ebx + 0x8174] push 0x1400c0a push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0xc push 0x33200a3 push 0 lea eax, [ebx + 0x817c] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0xcb0028 push 0 lea eax, [ebx + 0x8180] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc push 0x64001e push 0 lea eax, [ebx + 0x8184] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_00013af0: +loc_00013b80: cmp esi, 2 sete dl cmp dword [ebp - 0x1c], 1 -jne short loc_00013b05 ; jne 0x13b05 +jne short loc_00013b95 ; jne 0x13b95 mov eax, 0x5000000 test dl, dl -jne short loc_00013b16 ; jne 0x13b16 +jne short loc_00013ba6 ; jne 0x13ba6 -loc_00013b05: +loc_00013b95: cmp dword [ebp - 0x1c], 2 mov eax, 0x1000000 mov ecx, 0x5000000 cmove eax, ecx -loc_00013b16: +loc_00013ba6: push ecx push ecx push eax lea eax, [ebx + 0x8188] push eax mov dword [ebp - 0x28], edx -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 cmp dword [ebp - 0x1c], 2 -jne short loc_00013ba6 ; jne 0x13ba6 +jne short loc_00013c36 ; jne 0x13c36 mov edx, dword [ebp - 0x28] test dl, dl -je short loc_00013ba6 ; je 0x13ba6 +je short loc_00013c36 ; je 0x13c36 cmp byte [ebp - 0x24], 7 -jbe short loc_00013ba6 ; jbe 0x13ba6 +jbe short loc_00013c36 ; jbe 0x13c36 push edx push 2 push 0xfffffffffffffff9 lea eax, [ebx + 0x8098] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov ecx, dword [ebp - 0x20] add esp, 0xc mov edx, 0x1737d @@ -32122,7 +32179,7 @@ push 0xfffd8000 lea eax, [ebx + 0x8198] add ebx, 0x819c push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], 0xfffffff0 @@ -32131,14 +32188,14 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018a7a ; jmp 0x18a7a +jmp near fcn_00018b3e ; jmp 0x18b3e -loc_00013b97: +loc_00013c27: mov eax, 0x200000 mov edi, 0x2000 -jmp near loc_00013a2b ; jmp 0x13a2b +jmp near loc_00013abb ; jmp 0x13abb -loc_00013ba6: +loc_00013c36: lea esp, [ebp - 0xc] pop ebx pop esi @@ -32146,36 +32203,36 @@ pop edi pop ebp ret -fcn_00013bae: +fcn_00013c3e: push ebp mov ebp, esp push edi push esi push ebx sub esp, 0x1c -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov esi, eax -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd mov edi, eax -call fcn_0001bb39 ; call 0x1bb39 +call fcn_0001bbfd ; call 0x1bbfd mov eax, dword [ebp + 8] push ebx push 0 push 0x14 movzx eax, byte [eax + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a push 0xc0 push 0xffffffffffffffff push 0xe5004001 push dword [ebp + 0xc] mov ebx, eax -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x14 lea edx, [ebx + 0x40] push edx mov dword [ebp - 0x20], edx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edx mov edx, dword [ebp - 0x20] mov ecx, eax @@ -32186,7 +32243,7 @@ mov dword [ebp - 0x1c], ecx pop ecx push eax push edx -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 pop eax mov eax, dword [ebp - 0x1c] pop edx @@ -32196,52 +32253,52 @@ movzx eax, al push eax lea eax, [ebx + 0x42] push eax -call fcn_00017ce1 ; call 0x17ce1 +call fcn_00017da5 ; call 0x17da5 pop ecx pop eax lea eax, [ebx + 0x44] push 0x288 push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 cmp esi, 1 -je short loc_00013c6c ; je 0x13c6c +je short loc_00013cfc ; je 0x13cfc mov eax, 0xc0 cmp esi, 2 -jne short loc_00013c71 ; jne 0x13c71 +jne short loc_00013d01 ; jne 0x13d01 mov eax, 0x40040 cmp edi, 2 mov edx, 0x40000 cmovne eax, edx -jmp short loc_00013c71 ; jmp 0x13c71 +jmp short loc_00013d01 ; jmp 0x13d01 -loc_00013c6c: +loc_00013cfc: mov eax, 0x40 -loc_00013c71: +loc_00013d01: push ecx push ecx push eax lea eax, [ebx + 0xa0] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 cmp edi, 2 -jne short loc_00013c92 ; jne 0x13c92 +jne short loc_00013d22 ; jne 0x13d22 mov eax, 0x1800 cmp esi, 2 -je short loc_00013c94 ; je 0x13c94 +je short loc_00013d24 ; je 0x13d24 -loc_00013c92: +loc_00013d22: xor eax, eax -loc_00013c94: +loc_00013d24: push edx add ebx, 0xa4 push eax push 0xffffdfff push ebx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 lea esp, [ebp - 0xc] pop ebx @@ -32250,7 +32307,7 @@ pop edi pop ebp ret -fcn_00013cb2: +fcn_00013d42: push ebp mov ebp, esp push edi @@ -32261,110 +32318,110 @@ mov edx, dword [ebp + 0xc] mov esi, dword [ebp + 0x10] mov ebx, dword [ebp + 0x18] mov dword [ebp - 0x1c], edx -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov edi, eax -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd mov edx, dword [ebp - 0x1c] cmp eax, 1 sete cl cmp edi, 1 -jne loc_00013ddd ; jne 0x13ddd +jne loc_00013e6d ; jne 0x13e6d test cl, cl -je loc_00013ddd ; je 0x13ddd +je loc_00013e6d ; je 0x13e6d mov eax, dword [ebp + 8] sub esp, 0xc lea edi, [eax + 0xe0] push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov edx, dword [ebp - 0x1c] and eax, 6 cmp eax, 4 -je short loc_00013d2d ; je 0x13d2d +je short loc_00013dbd ; je 0x13dbd cmp eax, 6 -je short loc_00013d22 ; je 0x13d22 +je short loc_00013db2 ; je 0x13db2 cmp eax, 2 -jne short loc_00013d38 ; jne 0x13d38 +jne short loc_00013dc8 ; jne 0x13dc8 mov byte [edx], 0xc mov dword [ebx], 0x3f3f -jmp short loc_00013d41 ; jmp 0x13d41 +jmp short loc_00013dd1 ; jmp 0x13dd1 -loc_00013d22: +loc_00013db2: mov byte [edx], 8 mov dword [ebx], 0xf0f -jmp short loc_00013d41 ; jmp 0x13d41 +jmp short loc_00013dd1 ; jmp 0x13dd1 -loc_00013d2d: +loc_00013dbd: mov byte [edx], 0xa mov dword [ebx], 0xf3f -jmp short loc_00013d41 ; jmp 0x13d41 +jmp short loc_00013dd1 ; jmp 0x13dd1 -loc_00013d38: +loc_00013dc8: mov byte [edx], 0xe mov dword [ebx], 0x3fff -loc_00013d41: +loc_00013dd1: or dword [ebx], 0xf0 sub esp, 0xc push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0x18 cmp eax, 0x10 -je short loc_00013d87 ; je 0x13d87 +je short loc_00013e17 ; je 0x13e17 cmp eax, 0x18 -je short loc_00013d76 ; je 0x13d76 +je short loc_00013e06 ; je 0x13e06 cmp eax, 8 -jne short loc_00013d98 ; jne 0x13d98 +jne short loc_00013e28 ; jne 0x13e28 mov eax, dword [ebp + 0x14] mov byte [eax], 4 mov eax, dword [ebp + 0x1c] mov dword [eax], 0xf -jmp short loc_00013da7 ; jmp 0x13da7 +jmp short loc_00013e37 ; jmp 0x13e37 -loc_00013d76: +loc_00013e06: mov eax, dword [ebp + 0x14] mov byte [eax], 0 mov eax, dword [ebp + 0x1c] mov dword [eax], 0 -jmp short loc_00013da7 ; jmp 0x13da7 +jmp short loc_00013e37 ; jmp 0x13e37 -loc_00013d87: +loc_00013e17: mov eax, dword [ebp + 0x14] mov byte [eax], 2 mov eax, dword [ebp + 0x1c] mov dword [eax], 3 -jmp short loc_00013da7 ; jmp 0x13da7 +jmp short loc_00013e37 ; jmp 0x13e37 -loc_00013d98: +loc_00013e28: mov eax, dword [ebp + 0x14] mov byte [eax], 6 mov eax, dword [ebp + 0x1c] mov dword [eax], 0x3f -loc_00013da7: +loc_00013e37: sub esp, 0xc push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0x20 -je short loc_00013dcf ; je 0x13dcf +je short loc_00013e5f ; je 0x13e5f cmp eax, 0x20 -jne loc_00013ea5 ; jne 0x13ea5 +jne loc_00013f35 ; jne 0x13f35 mov byte [esi], 0 and dword [ebx], 0xffffbfff -jmp near loc_00013ea5 ; jmp 0x13ea5 +jmp near loc_00013f35 ; jmp 0x13f35 -loc_00013dcf: +loc_00013e5f: mov byte [esi], 1 or dword [ebx], 0x4000 -jmp near loc_00013ea5 ; jmp 0x13ea5 +jmp near loc_00013f35 ; jmp 0x13f35 -loc_00013ddd: +loc_00013e6d: cmp edi, 2 -jne short loc_00013e37 ; jne 0x13e37 +jne short loc_00013ec7 ; jne 0x13ec7 test cl, cl -je short loc_00013e37 ; je 0x13e37 +je short loc_00013ec7 ; je 0x13ec7 mov eax, dword [ebp + 0x14] sub esp, 0xc mov byte [edx], 8 @@ -32375,63 +32432,63 @@ mov dword [eax], 0xf mov eax, dword [ebp + 8] lea edi, [eax + 0xe0] push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0x20 -je short loc_00013e2c ; je 0x13e2c +je short loc_00013ebc ; je 0x13ebc cmp eax, 0x20 -jne loc_00013ea5 ; jne 0x13ea5 +jne loc_00013f35 ; jne 0x13f35 mov byte [esi], 0 and dword [ebx], 0xfffffeff -jmp short loc_00013ea5 ; jmp 0x13ea5 +jmp short loc_00013f35 ; jmp 0x13f35 -loc_00013e2c: +loc_00013ebc: mov byte [esi], 1 or dword [ebx], 0x100 -jmp short loc_00013ea5 ; jmp 0x13ea5 +jmp short loc_00013f35 ; jmp 0x13f35 -loc_00013e37: +loc_00013ec7: cmp eax, 2 -jne short loc_00013ea5 ; jne 0x13ea5 +jne short loc_00013f35 ; jne 0x13f35 mov eax, dword [ebp + 8] sub esp, 0xc mov dword [ebp - 0x1c], edx lea edi, [eax + 0xe0] push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov edx, dword [ebp - 0x1c] test al, 2 -je short loc_00013e69 ; je 0x13e69 +je short loc_00013ef9 ; je 0x13ef9 mov byte [edx], 8 mov dword [ebx], 0xff mov byte [esi], 0 -jmp short loc_00013e96 ; jmp 0x13e96 +jmp short loc_00013f26 ; jmp 0x13f26 -loc_00013e69: +loc_00013ef9: sub esp, 0xc mov byte [edx], 0xa mov dword [ebx], 0xff push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 0x20 -jne short loc_00013e8d ; jne 0x13e8d +jne short loc_00013f1d ; jne 0x13f1d mov byte [esi], 1 or dword [ebx], 0x400 -jmp short loc_00013e96 ; jmp 0x13e96 +jmp short loc_00013f26 ; jmp 0x13f26 -loc_00013e8d: +loc_00013f1d: mov byte [esi], 0 and dword [ebx], 0xfffffbff -loc_00013e96: +loc_00013f26: mov eax, dword [ebp + 0x14] mov byte [eax], 4 mov eax, dword [ebp + 0x1c] mov dword [eax], 0xf -loc_00013ea5: +loc_00013f35: lea esp, [ebp - 0xc] pop ebx pop esi @@ -32439,67 +32496,67 @@ pop edi pop ebp ret -fcn_00013ead: +fcn_00013f3d: push ebp mov ebp, esp push edi push esi push ebx sub esp, 0x3c -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd mov ebx, eax -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb cmp ebx, 1 -jne short loc_00013ee6 ; jne 0x13ee6 +jne short loc_00013f76 ; jne 0x13f76 cmp eax, 2 -je short loc_00013f02 ; je 0x13f02 -mov ecx, ref_0002731c ; mov ecx, 0x2731c +je short loc_00013f92 ; je 0x13f92 +mov ecx, ref_000273cc ; mov ecx, 0x273cc xor edx, edx mov edi, ecx dec eax -mov eax, ref_00027358 ; mov eax, 0x27358 +mov eax, ref_00027408 ; mov eax, 0x27408 cmovne edi, edx cmove edx, eax mov dword [ebp - 0x34], edx -jmp short loc_00013f0e ; jmp 0x13f0e +jmp short loc_00013f9e ; jmp 0x13f9e -loc_00013ee6: -mov edx, ref_000272d0 ; mov edx, 0x272d0 +loc_00013f76: +mov edx, ref_00027380 ; mov edx, 0x27380 xor eax, eax mov edi, edx cmp ebx, 2 -mov edx, ref_000272e0 ; mov edx, 0x272e0 +mov edx, ref_00027390 ; mov edx, 0x27390 cmovne edi, eax cmove eax, edx mov dword [ebp - 0x34], eax -jmp short loc_00013f0e ; jmp 0x13f0e +jmp short loc_00013f9e ; jmp 0x13f9e -loc_00013f02: -mov edi, ref_0002730c ; mov edi, 0x2730c -mov dword [ebp - 0x34], ref_00027334 ; mov dword [ebp - 0x34], 0x27334 +loc_00013f92: +mov edi, ref_000273bc ; mov edi, 0x273bc +mov dword [ebp - 0x34], ref_000273e4 ; mov dword [ebp - 0x34], 0x273e4 -loc_00013f0e: +loc_00013f9e: test edi, edi -je short loc_00013f18 ; je 0x13f18 +je short loc_00013fa8 ; je 0x13fa8 cmp dword [ebp - 0x34], 0 -jne short loc_00013f42 ; jne 0x13f42 +jne short loc_00013fd2 ; jne 0x13fd2 -loc_00013f18: -call fcn_000153f0 ; call 0x153f0 +loc_00013fa8: +call fcn_00015480 ; call 0x15480 test al, al -je loc_0001480b ; je 0x1480b +je loc_0001489b ; je 0x1489b push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x601 -push ref_0002526f ; push 0x2526f -call fcn_000153fc ; call 0x153fc +push ref_0002531e ; push 0x2531e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp near loc_0001480b ; jmp 0x1480b +jmp near loc_0001489b ; jmp 0x1489b -loc_00013f42: +loc_00013fd2: mov eax, dword [ebp + 8] cmp byte [eax + 0x10], 0 -je loc_0001480b ; je 0x1480b +je loc_0001489b ; je 0x1489b push eax push eax lea eax, [ebp - 0x20] @@ -32513,46 +32570,46 @@ push eax lea eax, [ebp - 0x27] push eax push dword [ebp + 0x18] -call fcn_00013cb2 ; call 0x13cb2 +call fcn_00013d42 ; call 0x13d42 mov eax, dword [ebp + 0xc] add esp, 0x14 add eax, 0x10 push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ecx, dword [ebp + 0xc] shr eax, 0x10 lea ebx, [ecx + eax*4] mov dword [esp], ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov esi, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00013faf ; je 0x13faf +je short loc_0001403f ; je 0x1403f push eax push ebx -push ref_0002529d ; push 0x2529d +push ref_0002534c ; push 0x2534c push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 -loc_00013fac: +loc_0001403c: add esp, 0x10 -loc_00013faf: +loc_0001403f: mov eax, esi cmp al, 0xa -jne short loc_00014033 ; jne 0x14033 +jne short loc_000140c3 ; jne 0x140c3 sub esp, 0xc lea eax, [ebx + 0x20] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 1 -je loc_0001404f ; je 0x1404f +je loc_000140df ; je 0x140df sub esp, 0xc add ebx, 0x24 push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e movzx edx, byte [ebp - 0x25] add esp, 0x10 mov dword [ebp - 0x2c], 0 @@ -32560,50 +32617,50 @@ shr eax, 0x18 add eax, 0x47 shl eax, 4 -loc_00013fef: +loc_0001407f: cmp dword [ebp - 0x2c], edx -jae short loc_00014026 ; jae 0x14026 +jae short loc_000140b6 ; jae 0x140b6 mov ecx, dword [ebp - 0x2c] cmp eax, dword [edi + ecx*4] -jne short loc_00014021 ; jne 0x14021 -call fcn_000153e9 ; call 0x153e9 +jne short loc_000140b1 ; jne 0x140b1 +call fcn_00015479 ; call 0x15479 mov byte [ebp - 0x2d], 1 test al, al -je short loc_0001405a ; je 0x1405a +je short loc_000140ea ; je 0x140ea push esi push dword [ebp - 0x2c] -push ref_000252ca ; push 0x252ca +push ref_00025379 ; push 0x25379 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_0001405a ; jmp 0x1405a +jmp short loc_000140ea ; jmp 0x140ea -loc_00014021: +loc_000140b1: inc dword [ebp - 0x2c] -jmp short loc_00013fef ; jmp 0x13fef +jmp short loc_0001407f ; jmp 0x1407f -loc_00014026: +loc_000140b6: mov dword [ebp - 0x2c], 0xffffffff mov byte [ebp - 0x2d], 1 -jmp short loc_0001405a ; jmp 0x1405a +jmp short loc_000140ea ; jmp 0x140ea -loc_00014033: +loc_000140c3: mov eax, esi movzx esi, ah test esi, esi -je short loc_0001404f ; je 0x1404f +je short loc_000140df ; je 0x140df lea ebx, [ebx + esi*4] sub esp, 0xc push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov esi, eax -jmp near loc_00013fac ; jmp 0x13fac +jmp near loc_0001403c ; jmp 0x1403c -loc_0001404f: +loc_000140df: mov dword [ebp - 0x2c], 0xffffffff mov byte [ebp - 0x2d], 0 -loc_0001405a: +loc_000140ea: mov eax, dword [ebp + 0x18] push ebx push dword [ebp - 0x24] @@ -32611,7 +32668,7 @@ add eax, 0xd4 mov dword [ebp - 0x38], eax push 0xffff8000 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0xc mov eax, dword [ebp + 0x18] push dword [ebp - 0x20] @@ -32619,53 +32676,53 @@ add eax, 0xdc push 0xffffffffffffffc0 push eax mov dword [ebp - 0x3c], eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 lea eax, [ebp - 0x1c] mov dword [esp], eax -call fcn_000196d3 ; call 0x196d3 +call fcn_00019797 ; call 0x19797 add esp, 0x10 cmp dword [ebp - 0x1c], 0x11 -je loc_0001480b ; je 0x1480b +je loc_0001489b ; je 0x1489b mov eax, dword [ebp + 0x1c] sub esp, 0xc add eax, 0xa2 push eax mov dword [ebp - 0x40], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 0x20 -je short loc_00014138 ; je 0x14138 +je short loc_000141c8 ; je 0x141c8 mov eax, dword [ebp + 0x1c] sub esp, 0xc add eax, 0xac push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, 0x10000 -je short loc_00014138 ; je 0x14138 +je short loc_000141c8 ; je 0x141c8 sub esp, 0xc push dword [ebp - 0x3c] -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0x3f cmp byte [ebp - 0x2d], 0 -je short loc_000140fe ; je 0x140fe +je short loc_0001418e ; je 0x1418e mov cl, byte [ebp - 0x2c] mov edx, 1 shl edx, cl or eax, edx -loc_000140fe: +loc_0001418e: push edx push eax mov eax, dword [ebp + 0x18] push 0xffffffffffffffc0 add eax, 0xd8 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop ecx push dword [ebp - 0x38] -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0xc and eax, 0x7fff push eax @@ -32673,162 +32730,162 @@ mov eax, dword [ebp + 0x18] push 0xffff8000 add eax, 0xd0 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_00014138: +loc_000141c8: mov eax, dword [ebp + 8] cmp byte [eax + 0xb5], 0 -jne short loc_0001415c ; jne 0x1415c +jne short loc_000141ec ; jne 0x141ec push eax push eax mov eax, dword [ebp + 0x1c] push 0xfffeffff add eax, 0xac push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_0001415c: +loc_000141ec: mov eax, dword [ebp + 8] mov esi, 1 mov al, byte [eax + 0x11] test al, al -je loc_00014240 ; je 0x14240 +je loc_000142d0 ; je 0x142d0 xor esi, esi dec al -jne loc_00014240 ; jne 0x14240 +jne loc_000142d0 ; jne 0x142d0 mov eax, dword [ebp + 8] mov al, byte [eax + 0x10] cmp al, 2 sete cl dec al mov esi, ecx -jne loc_00014240 ; jne 0x14240 +jne loc_000142d0 ; jne 0x142d0 sub esp, 0xc push dword [ebp - 0x40] -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 0x20 -jne short loc_000141aa ; jne 0x141aa +jne short loc_0001423a ; jne 0x1423a -loc_000141a0: +loc_00014230: mov esi, 2 -jmp near loc_00014240 ; jmp 0x14240 +jmp near loc_000142d0 ; jmp 0x142d0 -loc_000141aa: +loc_0001423a: mov bl, byte [ebp - 0x2d] xor esi, esi and ebx, 1 -loc_000141b2: +loc_00014242: movzx eax, byte [ebp - 0x25] cmp esi, eax -jae short loc_000141dd ; jae 0x141dd +jae short loc_0001426d ; jae 0x1426d cmp esi, dword [ebp - 0x2c] -jne short loc_000141c3 ; jne 0x141c3 +jne short loc_00014253 ; jne 0x14253 test bl, bl -jne short loc_000141da ; jne 0x141da +jne short loc_0001426a ; jne 0x1426a -loc_000141c3: +loc_00014253: push eax mov eax, dword [ebp + 0xc] push 0x80000000 push 0xfffffffffffffffd add eax, dword [edi + esi*4] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_000141da: +loc_0001426a: inc esi -jmp short loc_000141b2 ; jmp 0x141b2 +jmp short loc_00014242 ; jmp 0x14242 -loc_000141dd: +loc_0001426d: mov al, byte [ebp - 0x2d] mov ebx, 0xa and eax, 1 mov byte [ebp - 0x2e], al -loc_000141eb: +loc_0001427b: xor esi, esi xor edx, edx -loc_000141ef: +loc_0001427f: movzx eax, byte [ebp - 0x25] cmp edx, eax -jae short loc_0001421f ; jae 0x1421f +jae short loc_000142af ; jae 0x142af cmp edx, dword [ebp - 0x2c] -jne short loc_00014202 ; jne 0x14202 +jne short loc_00014292 ; jne 0x14292 cmp byte [ebp - 0x2e], 0 -jne short loc_0001421c ; jne 0x1421c +jne short loc_000142ac ; jne 0x142ac -loc_00014202: +loc_00014292: mov eax, dword [ebp + 0xc] sub esp, 0xc add eax, dword [edi + edx*4] mov dword [ebp - 0x44], edx push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x44] add esp, 0x10 or esi, eax -loc_0001421c: +loc_000142ac: inc edx -jmp short loc_000141ef ; jmp 0x141ef +jmp short loc_0001427f ; jmp 0x1427f -loc_0001421f: +loc_000142af: sub esp, 0xc push 0x2710 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 and esi, 0x10 -je loc_000141a0 ; je 0x141a0 +je loc_00014230 ; je 0x14230 dec ebx -jne short loc_000141eb ; jne 0x141eb -jmp near loc_000141a0 ; jmp 0x141a0 +jne short loc_0001427b ; jne 0x1427b +jmp near loc_00014230 ; jmp 0x14230 -loc_00014240: +loc_000142d0: cmp byte [ebp - 0x25], 0 -je loc_00014476 ; je 0x14476 +je loc_00014506 ; je 0x14506 mov eax, esi dec al -jne loc_00014476 ; jne 0x14476 +jne loc_00014506 ; jne 0x14506 mov eax, dword [ebp + 0x18] sub esp, 0xc lea ebx, [eax + 0xd0] push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, eax -je short loc_00014271 ; je 0x14271 +je short loc_00014301 ; je 0x14301 -loc_0001426d: +loc_000142fd: xor esi, esi -jmp short loc_000142bf ; jmp 0x142bf +jmp short loc_0001434f ; jmp 0x1434f -loc_00014271: +loc_00014301: mov eax, dword [ebp + 0x18] sub esp, 0xc add eax, 0xd8 push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test eax, eax -jne short loc_0001426d ; jne 0x1426d -jmp near loc_00014476 ; jmp 0x14476 +jne short loc_000142fd ; jne 0x142fd +jmp near loc_00014506 ; jmp 0x14506 -loc_0001428e: +loc_0001431e: mov ecx, dword [ebp - 0x34] sub esp, 0xc mov eax, dword [ebp + 0xc] add eax, dword [ecx + esi*4] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 1 -je short loc_000142be ; je 0x142be +je short loc_0001434e ; je 0x1434e mov ecx, dword [ebp - 0x34] push eax mov eax, dword [ebp + 0xc] @@ -32836,62 +32893,62 @@ push 0x10 push 0xfffffffffffffffd add eax, dword [ecx + esi*4] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_000142be: +loc_0001434e: inc esi -loc_000142bf: +loc_0001434f: movzx eax, byte [ebp - 0x27] cmp esi, eax -jb short loc_0001428e ; jb 0x1428e +jb short loc_0001431e ; jb 0x1431e mov dword [ebp - 0x38], 0xa -loc_000142ce: +loc_0001435e: xor esi, esi xor edx, edx -loc_000142d2: +loc_00014362: movzx eax, byte [ebp - 0x27] cmp edx, eax -jae short loc_000142fa ; jae 0x142fa +jae short loc_0001438a ; jae 0x1438a mov ecx, dword [ebp - 0x34] sub esp, 0xc mov eax, dword [ebp + 0xc] mov dword [ebp - 0x3c], edx add eax, dword [ecx + edx*4] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x3c] add esp, 0x10 inc edx or esi, eax -jmp short loc_000142d2 ; jmp 0x142d2 +jmp short loc_00014362 ; jmp 0x14362 -loc_000142fa: +loc_0001438a: sub esp, 0xc push 0x2710 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 and esi, 0x10 -je short loc_00014314 ; je 0x14314 +je short loc_000143a4 ; je 0x143a4 dec dword [ebp - 0x38] -jne short loc_000142ce ; jne 0x142ce +jne short loc_0001435e ; jne 0x1435e -loc_00014314: +loc_000143a4: push esi push esi push 0xffff8000 push ebx xor ebx, ebx -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_00014326: +loc_000143b6: movzx eax, byte [ebp - 0x27] cmp ebx, eax -jae short loc_0001434b ; jae 0x1434b +jae short loc_000143db ; jae 0x143db push ecx mov ecx, dword [ebp - 0x34] push 0xfe0000 @@ -32900,13 +32957,13 @@ push 0xfffffffffffffffd add eax, dword [ecx + ebx*4] inc ebx push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -jmp short loc_00014326 ; jmp 0x14326 +jmp short loc_000143b6 ; jmp 0x143b6 -loc_0001434b: +loc_000143db: cmp byte [ebp - 0x26], 0 -je short loc_0001436b ; je 0x1436b +je short loc_000143fb ; je 0x143fb push edx mov edx, dword [ebp - 0x34] push 0xfe0000 @@ -32914,47 +32971,47 @@ mov ecx, dword [ebp + 0xc] push 0xfffffffffffffffd add ecx, dword [edx + eax*4] push ecx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_0001436b: +loc_000143fb: mov bl, byte [ebp - 0x2d] xor esi, esi and ebx, 1 -loc_00014373: +loc_00014403: movzx eax, byte [ebp - 0x25] cmp esi, eax -jae short loc_0001439e ; jae 0x1439e +jae short loc_0001442e ; jae 0x1442e cmp esi, dword [ebp - 0x2c] -jne short loc_00014384 ; jne 0x14384 +jne short loc_00014414 ; jne 0x14414 test bl, bl -jne short loc_0001439b ; jne 0x1439b +jne short loc_0001442b ; jne 0x1442b -loc_00014384: +loc_00014414: push eax mov eax, dword [ebp + 0xc] push 0x80000000 push 0xfffffffffffffffd add eax, dword [edi + esi*4] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_0001439b: +loc_0001442b: inc esi -jmp short loc_00014373 ; jmp 0x14373 +jmp short loc_00014403 ; jmp 0x14403 -loc_0001439e: +loc_0001442e: cmp byte [ebp - 0x2d], 0 mov eax, 0xffffffc0 -je short loc_000143b6 ; je 0x143b6 +je short loc_00014446 ; je 0x14446 mov cl, byte [ebp - 0x2c] mov eax, 1 shl eax, cl or eax, 0xffffffc0 -loc_000143b6: +loc_00014446: push ebx push ebx mov ebx, 0xa @@ -32962,122 +33019,122 @@ push eax mov eax, dword [ebp + 0x18] add eax, 0xd8 push eax -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e mov al, byte [ebp - 0x2d] add esp, 0x10 and eax, 1 mov byte [ebp - 0x38], al -loc_000143d8: +loc_00014468: xor esi, esi xor edx, edx -loc_000143dc: +loc_0001446c: movzx eax, byte [ebp - 0x25] cmp edx, eax -jae short loc_0001440c ; jae 0x1440c +jae short loc_0001449c ; jae 0x1449c cmp edx, dword [ebp - 0x2c] -jne short loc_000143ef ; jne 0x143ef +jne short loc_0001447f ; jne 0x1447f cmp byte [ebp - 0x38], 0 -jne short loc_00014409 ; jne 0x14409 +jne short loc_00014499 ; jne 0x14499 -loc_000143ef: +loc_0001447f: mov eax, dword [ebp + 0xc] sub esp, 0xc add eax, dword [edi + edx*4] mov dword [ebp - 0x3c], edx push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x3c] add esp, 0x10 or esi, eax -loc_00014409: +loc_00014499: inc edx -jmp short loc_000143dc ; jmp 0x143dc +jmp short loc_0001446c ; jmp 0x1446c -loc_0001440c: +loc_0001449c: sub esp, 0xc push 0x2710 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 and esi, 0x10 -je short loc_00014424 ; je 0x14424 +je short loc_000144b4 ; je 0x144b4 dec ebx -jne short loc_000143d8 ; jne 0x143d8 +jne short loc_00014468 ; jne 0x14468 -loc_00014424: +loc_000144b4: mov bl, byte [ebp - 0x2d] xor esi, esi and ebx, 1 -loc_0001442c: +loc_000144bc: movzx eax, byte [ebp - 0x25] cmp esi, eax -jae short loc_00014457 ; jae 0x14457 +jae short loc_000144e7 ; jae 0x144e7 cmp esi, dword [ebp - 0x2c] -jne short loc_0001443d ; jne 0x1443d +jne short loc_000144cd ; jne 0x144cd test bl, bl -jne short loc_00014454 ; jne 0x14454 +jne short loc_000144e4 ; jne 0x144e4 -loc_0001443d: +loc_000144cd: push ecx mov eax, dword [ebp + 0xc] push 0xfe0000 push 0xfffffffffffffffd add eax, dword [edi + esi*4] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_00014454: +loc_000144e4: inc esi -jmp short loc_0001442c ; jmp 0x1442c +jmp short loc_000144bc ; jmp 0x144bc -loc_00014457: +loc_000144e7: mov eax, dword [ebp + 0xc] push esi push esi push 1 lea ebx, [eax + 0x80] push ebx -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 pop eax pop edx push 0xfffffffffffffffe push ebx -call fcn_00018a7a ; call 0x18a7a -jmp short loc_000144e0 ; jmp 0x144e0 +call fcn_00018b3e ; call 0x18b3e +jmp short loc_00014570 ; jmp 0x14570 -loc_00014476: +loc_00014506: cmp byte [ebp - 0x25], 0 -je loc_0001458f ; je 0x1458f +je loc_0001461f ; je 0x1461f mov eax, esi cmp al, 2 -jne short loc_000144e8 ; jne 0x144e8 +jne short loc_00014578 ; jne 0x14578 sub esp, 0xc push dword [ebp - 0x3c] -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0x3f cmp byte [ebp - 0x2d], 0 -je short loc_000144a9 ; je 0x144a9 +je short loc_00014539 ; je 0x14539 mov cl, byte [ebp - 0x2c] mov edx, 1 shl edx, cl or eax, edx -loc_000144a9: +loc_00014539: push edx push eax mov eax, dword [ebp + 0x18] push 0xffffffffffffffc0 add eax, 0xd8 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop ecx push dword [ebp - 0x38] -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0xc and eax, 0x7fff push eax @@ -33085,109 +33142,109 @@ mov eax, dword [ebp + 0x18] push 0xffff8000 add eax, 0xd0 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 -loc_000144e0: +loc_00014570: add esp, 0x10 -jmp near loc_0001458f ; jmp 0x1458f +jmp near loc_0001461f ; jmp 0x1461f -loc_000144e8: +loc_00014578: sub esp, 0xc push dword [ebp - 0x40] -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 test al, 0x20 -je loc_0001458f ; je 0x1458f +je loc_0001461f ; je 0x1461f mov bl, byte [ebp - 0x2d] xor esi, esi and ebx, 1 -loc_00014506: +loc_00014596: movzx eax, byte [ebp - 0x25] cmp esi, eax -jae short loc_00014531 ; jae 0x14531 +jae short loc_000145c1 ; jae 0x145c1 cmp esi, dword [ebp - 0x2c] -jne short loc_00014517 ; jne 0x14517 +jne short loc_000145a7 ; jne 0x145a7 test bl, bl -jne short loc_0001452e ; jne 0x1452e +jne short loc_000145be ; jne 0x145be -loc_00014517: +loc_000145a7: push eax mov eax, dword [ebp + 0xc] push 0x80000000 push 0xfffffffffffffffd add eax, dword [edi + esi*4] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_0001452e: +loc_000145be: inc esi -jmp short loc_00014506 ; jmp 0x14506 +jmp short loc_00014596 ; jmp 0x14596 -loc_00014531: +loc_000145c1: mov al, byte [ebp - 0x2d] mov dword [ebp - 0x38], 0 and eax, 1 mov byte [ebp - 0x3c], al -loc_00014541: +loc_000145d1: cmp esi, dword [ebp - 0x2c] -jne short loc_0001454e ; jne 0x1454e +jne short loc_000145de ; jne 0x145de xor ebx, ebx cmp byte [ebp - 0x3c], 0 -jne short loc_00014584 ; jne 0x14584 +jne short loc_00014614 ; jne 0x14614 -loc_0001454e: +loc_000145de: xor ebx, ebx xor esi, esi -loc_00014552: +loc_000145e2: movzx eax, byte [ebp - 0x25] cmp esi, eax -jae short loc_00014571 ; jae 0x14571 +jae short loc_00014601 ; jae 0x14601 mov eax, dword [ebp + 0xc] sub esp, 0xc add eax, dword [edi + esi*4] inc esi push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 or ebx, eax -jmp short loc_00014552 ; jmp 0x14552 +jmp short loc_000145e2 ; jmp 0x145e2 -loc_00014571: +loc_00014601: sub esp, 0xc push 0x2710 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 inc dword [ebp - 0x38] -loc_00014584: +loc_00014614: and bl, 0x10 -je short loc_0001458f ; je 0x1458f +je short loc_0001461f ; je 0x1461f cmp dword [ebp - 0x38], 9 -jbe short loc_00014541 ; jbe 0x14541 +jbe short loc_000145d1 ; jbe 0x145d1 -loc_0001458f: +loc_0001461f: mov eax, dword [ebp + 8] xor ebx, ebx cmp byte [eax + 0x13], 1 -jne loc_000147cc ; jne 0x147cc +jne loc_0001485c ; jne 0x1485c -loc_0001459e: +loc_0001462e: movzx eax, byte [ebp - 0x27] cmp ebx, eax -jae short loc_000145d9 ; jae 0x145d9 +jae short loc_00014669 ; jae 0x14669 mov ecx, dword [ebp - 0x34] sub esp, 0xc mov eax, dword [ebp + 0xc] add eax, dword [ecx + ebx*4] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 1 -je short loc_000145d6 ; je 0x145d6 +je short loc_00014666 ; je 0x14666 push ecx mov ecx, dword [ebp - 0x34] push 0x10 @@ -33195,68 +33252,68 @@ mov eax, dword [ebp + 0xc] push 0xfffffffffffffffd add eax, dword [ecx + ebx*4] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_000145d6: +loc_00014666: inc ebx -jmp short loc_0001459e ; jmp 0x1459e +jmp short loc_0001462e ; jmp 0x1462e -loc_000145d9: +loc_00014669: mov ebx, 0xa -loc_000145de: +loc_0001466e: xor esi, esi xor edx, edx -loc_000145e2: +loc_00014672: movzx eax, byte [ebp - 0x27] cmp edx, eax -jae short loc_0001460a ; jae 0x1460a +jae short loc_0001469a ; jae 0x1469a mov ecx, dword [ebp - 0x34] sub esp, 0xc mov eax, dword [ebp + 0xc] mov dword [ebp - 0x38], edx add eax, dword [ecx + edx*4] push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x38] add esp, 0x10 inc edx or esi, eax -jmp short loc_000145e2 ; jmp 0x145e2 +jmp short loc_00014672 ; jmp 0x14672 -loc_0001460a: +loc_0001469a: sub esp, 0xc push 0x2710 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 and esi, 0x10 -je short loc_00014622 ; je 0x14622 +je short loc_000146b2 ; je 0x146b2 dec ebx -jne short loc_000145de ; jne 0x145de +jne short loc_0001466e ; jne 0x1466e -loc_00014622: +loc_000146b2: movzx edx, byte [ebp - 0x27] xor eax, eax xor ecx, ecx mov ebx, 1 -loc_0001462f: +loc_000146bf: cmp ecx, edx -jae short loc_00014646 ; jae 0x14646 +jae short loc_000146d6 ; jae 0x146d6 mov esi, dword [ebp + 8] cmp byte [esi + ecx + 0x14], 1 -jne short loc_00014643 ; jne 0x14643 +jne short loc_000146d3 ; jne 0x146d3 mov esi, ebx shl esi, cl or eax, esi -loc_00014643: +loc_000146d3: inc ecx -jmp short loc_0001462f ; jmp 0x1462f +jmp short loc_000146bf ; jmp 0x146bf -loc_00014646: +loc_000146d6: push edx xor ebx, ebx push eax @@ -33264,13 +33321,13 @@ mov eax, dword [ebp + 0x18] push 0xffff8000 add eax, 0xd0 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_00014660: +loc_000146f0: movzx eax, byte [ebp - 0x27] cmp ebx, eax -jae short loc_00014685 ; jae 0x14685 +jae short loc_00014715 ; jae 0x14715 mov ecx, dword [ebp - 0x34] push esi mov eax, dword [ebp + 0xc] @@ -33279,13 +33336,13 @@ push 0xfffffffffffffffd add eax, dword [ecx + ebx*4] inc ebx push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -jmp short loc_00014660 ; jmp 0x14660 +jmp short loc_000146f0 ; jmp 0x146f0 -loc_00014685: +loc_00014715: cmp byte [ebp - 0x26], 0 -je short loc_000146a5 ; je 0x146a5 +je short loc_00014735 ; je 0x14735 mov edx, dword [ebp - 0x34] push ebx mov ecx, dword [ebp + 0xc] @@ -33293,65 +33350,65 @@ push 0xfe0000 push 0xfffffffffffffffd add ecx, dword [edx + eax*4] push ecx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_000146a5: +loc_00014735: mov bl, byte [ebp - 0x2d] xor esi, esi and ebx, 1 -loc_000146ad: +loc_0001473d: movzx edx, byte [ebp - 0x25] cmp esi, edx -jae short loc_000146d8 ; jae 0x146d8 +jae short loc_00014768 ; jae 0x14768 cmp esi, dword [ebp - 0x2c] -jne short loc_000146be ; jne 0x146be +jne short loc_0001474e ; jne 0x1474e test bl, bl -jne short loc_000146d5 ; jne 0x146d5 +jne short loc_00014765 ; jne 0x14765 -loc_000146be: +loc_0001474e: push ecx mov eax, dword [ebp + 0xc] push 0x80000000 push 0xfffffffffffffffd add eax, dword [edi + esi*4] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_000146d5: +loc_00014765: inc esi -jmp short loc_000146ad ; jmp 0x146ad +jmp short loc_0001473d ; jmp 0x1473d -loc_000146d8: +loc_00014768: xor eax, eax xor ecx, ecx mov ebx, 1 -loc_000146e1: +loc_00014771: cmp ecx, edx -je short loc_000146f8 ; je 0x146f8 +je short loc_00014788 ; je 0x14788 mov esi, dword [ebp + 8] cmp byte [esi + ecx + 0x22], 1 -jne short loc_000146f5 ; jne 0x146f5 +jne short loc_00014785 ; jne 0x14785 mov esi, ebx shl esi, cl or eax, esi -loc_000146f5: +loc_00014785: inc ecx -jmp short loc_000146e1 ; jmp 0x146e1 +jmp short loc_00014771 ; jmp 0x14771 -loc_000146f8: +loc_00014788: cmp byte [ebp - 0x2d], 0 -je short loc_0001470a ; je 0x1470a +je short loc_0001479a ; je 0x1479a mov cl, byte [ebp - 0x2c] mov edx, 1 shl edx, cl or eax, edx -loc_0001470a: +loc_0001479a: push edx mov ebx, 0xa push eax @@ -33359,101 +33416,101 @@ mov eax, dword [ebp + 0x18] push 0xffffffffffffffc0 add eax, 0xd8 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov al, byte [ebp - 0x2d] add esp, 0x10 and eax, 1 mov byte [ebp - 0x38], al -loc_0001472d: +loc_000147bd: xor esi, esi xor edx, edx -loc_00014731: +loc_000147c1: movzx eax, byte [ebp - 0x25] cmp edx, eax -jae short loc_00014761 ; jae 0x14761 +jae short loc_000147f1 ; jae 0x147f1 cmp edx, dword [ebp - 0x2c] -jne short loc_00014744 ; jne 0x14744 +jne short loc_000147d4 ; jne 0x147d4 cmp byte [ebp - 0x38], 0 -jne short loc_0001475e ; jne 0x1475e +jne short loc_000147ee ; jne 0x147ee -loc_00014744: +loc_000147d4: mov eax, dword [ebp + 0xc] sub esp, 0xc add eax, dword [edi + edx*4] mov dword [ebp - 0x3c], edx push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x3c] add esp, 0x10 or esi, eax -loc_0001475e: +loc_000147ee: inc edx -jmp short loc_00014731 ; jmp 0x14731 +jmp short loc_000147c1 ; jmp 0x147c1 -loc_00014761: +loc_000147f1: sub esp, 0xc push 0x2710 -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 and esi, 0x10 -je short loc_00014779 ; je 0x14779 +je short loc_00014809 ; je 0x14809 dec ebx -jne short loc_0001472d ; jne 0x1472d +jne short loc_000147bd ; jne 0x147bd -loc_00014779: +loc_00014809: mov bl, byte [ebp - 0x2d] xor esi, esi and ebx, 1 -loc_00014781: +loc_00014811: movzx eax, byte [ebp - 0x25] cmp esi, eax -jae short loc_000147ac ; jae 0x147ac +jae short loc_0001483c ; jae 0x1483c cmp esi, dword [ebp - 0x2c] -jne short loc_00014792 ; jne 0x14792 +jne short loc_00014822 ; jne 0x14822 test bl, bl -jne short loc_000147a9 ; jne 0x147a9 +jne short loc_00014839 ; jne 0x14839 -loc_00014792: +loc_00014822: push eax mov eax, dword [ebp + 0xc] push 0xfe0000 push 0xfffffffffffffffd add eax, dword [edi + esi*4] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 -loc_000147a9: +loc_00014839: inc esi -jmp short loc_00014781 ; jmp 0x14781 +jmp short loc_00014811 ; jmp 0x14811 -loc_000147ac: +loc_0001483c: mov eax, dword [ebp + 0xc] lea ebx, [eax + 0x80] push eax push eax push 1 push ebx -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 pop edx pop ecx push 0xfffffffffffffffe push ebx -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e add esp, 0x10 -loc_000147cc: +loc_0001485c: mov eax, dword [ebp + 8] test byte [eax + 0x10], 0xfd -je short loc_0001480b ; je 0x1480b +je short loc_0001489b ; je 0x1489b cmp byte [eax + 0x11], 0 -je short loc_0001480b ; je 0x1480b +je short loc_0001489b ; je 0x1489b cmp byte [eax + 0xb5], 0 -je short loc_0001480b ; je 0x1480b +je short loc_0001489b ; je 0x1489b movzx eax, byte [ebp - 0x25] push eax movzx eax, byte [ebp - 0x27] @@ -33467,10 +33524,10 @@ movzx eax, al push 0 push 0x14 push eax -call fcn_000134ba ; call 0x134ba +call fcn_0001354a ; call 0x1354a add esp, 0x20 -loc_0001480b: +loc_0001489b: lea esp, [ebp - 0xc] pop ebx pop esi @@ -33478,7 +33535,7 @@ pop edi pop ebp ret -fcn_00014813: +fcn_000148a3: push ebp mov ebp, esp push edi @@ -33488,187 +33545,187 @@ sub esp, 0x44 push 0x10 lea eax, [ebp - 0x38] push eax -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff pop eax pop edx lea eax, [ebp - 0x28] push 0x10 push eax -call fcn_00016f3b ; call 0x16f3b -call fcn_0001bef7 ; call 0x1bef7 +call fcn_00016fff ; call 0x16fff +call fcn_0001bfbb ; call 0x1bfbb mov dword [ebp - 0x40], eax -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd mov edx, dword [ebp + 8] add esp, 0x10 cmp byte [edx + 0x10], 0 -je loc_00014ac0 ; je 0x14ac0 +je loc_00014b50 ; je 0x14b50 cmp eax, 1 -jne loc_0001498b ; jne 0x1498b +jne loc_00014a1b ; jne 0x14a1b mov dword [ebp - 0x3c], 0 xor edi, edi xor ebx, ebx -loc_00014865: -call fcn_0001c19d ; call 0x1c19d +loc_000148f5: +call fcn_0001c261 ; call 0x1c261 movzx eax, al cmp ebx, eax -jae short loc_000148ea ; jae 0x148ea +jae short loc_0001497a ; jae 0x1497a mov eax, dword [ebp + 8] movzx ecx, byte [eax + ebx*8 + 0x2d] cmp cl, 8 -je short loc_000148e4 ; je 0x148e4 +je short loc_00014974 ; je 0x14974 cmp ebx, 7 -ja short loc_000148ac ; ja 0x148ac +ja short loc_0001493c ; ja 0x1493c cmp cl, 3 -jbe short loc_0001489e ; jbe 0x1489e -call fcn_000153f0 ; call 0x153f0 +jbe short loc_0001492e ; jbe 0x1492e +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000148e4 ; je 0x148e4 +je short loc_00014974 ; je 0x14974 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x9c4 -jmp short loc_000148c7 ; jmp 0x148c7 +jmp short loc_00014957 ; jmp 0x14957 -loc_0001489e: +loc_0001492e: lea ecx, [ebx + ecx*8] mov eax, 1 shl eax, cl or edi, eax -jmp short loc_000148e4 ; jmp 0x148e4 +jmp short loc_00014974 ; jmp 0x14974 -loc_000148ac: +loc_0001493c: lea eax, [ecx - 4] cmp al, 3 -jbe short loc_000148d6 ; jbe 0x148d6 -call fcn_000153f0 ; call 0x153f0 +jbe short loc_00014966 ; jbe 0x14966 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000148e4 ; je 0x148e4 +je short loc_00014974 ; je 0x14974 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x9d0 -loc_000148c7: -push ref_0002526f ; push 0x2526f -call fcn_000153fc ; call 0x153fc +loc_00014957: +push ref_0002531e ; push 0x2531e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp short loc_000148e4 ; jmp 0x148e4 +jmp short loc_00014974 ; jmp 0x14974 -loc_000148d6: +loc_00014966: lea ecx, [ebx + ecx*8 - 0x28] mov eax, 1 shl eax, cl or dword [ebp - 0x3c], eax -loc_000148e4: +loc_00014974: inc ebx -jmp near loc_00014865 ; jmp 0x14865 +jmp near loc_000148f5 ; jmp 0x148f5 -loc_000148ea: +loc_0001497a: xor ebx, ebx xor esi, esi xor edx, edx -loc_000148f0: +loc_00014980: mov dword [ebp - 0x44], edx -call fcn_0001c234 ; call 0x1c234 +call fcn_0001c2f8 ; call 0x1c2f8 mov edx, dword [ebp - 0x44] movzx eax, al cmp edx, eax -jae short loc_00014933 ; jae 0x14933 +jae short loc_000149c3 ; jae 0x149c3 mov eax, dword [ebp + 8] movzx eax, byte [eax + edx*4 + 0x9d] cmp al, 8 -je short loc_00014930 ; je 0x14930 +je short loc_000149c0 ; je 0x149c0 cmp al, 3 -ja short loc_00014923 ; ja 0x14923 +ja short loc_000149b3 ; ja 0x149b3 lea ecx, [edx + eax*8] mov eax, 1 shl eax, cl or esi, eax -jmp short loc_00014930 ; jmp 0x14930 +jmp short loc_000149c0 ; jmp 0x149c0 -loc_00014923: +loc_000149b3: lea ecx, [edx + eax*8 - 0x20] mov eax, 1 shl eax, cl or ebx, eax -loc_00014930: +loc_000149c0: inc edx -jmp short loc_000148f0 ; jmp 0x148f0 +jmp short loc_00014980 ; jmp 0x14980 -loc_00014933: +loc_000149c3: mov eax, dword [ebp + 0xc] push ecx push ecx push edi add eax, 0xc0 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop edi pop eax mov eax, dword [ebp + 0xc] push esi add eax, 0xc8 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 cmp dword [ebp - 0x40], 1 -jne loc_00014ac0 ; jne 0x14ac0 +jne loc_00014b50 ; jne 0x14b50 push eax push eax mov eax, dword [ebp + 0xc] push dword [ebp - 0x3c] add eax, 0xc4 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f pop eax mov eax, dword [ebp + 0xc] pop edx add eax, 0xcc push ebx push eax -call fcn_00017dcb ; call 0x17dcb -jmp near loc_00014abd ; jmp 0x14abd +call fcn_00017e8f ; call 0x17e8f +jmp near loc_00014b4d ; jmp 0x14b4d -loc_0001498b: +loc_00014a1b: xor ebx, ebx cmp eax, 2 -jne loc_00014a9f ; jne 0x14a9f +jne loc_00014b2f ; jne 0x14b2f -loc_00014996: -call fcn_0001c234 ; call 0x1c234 +loc_00014a26: +call fcn_0001c2f8 ; call 0x1c2f8 movzx eax, al cmp ebx, eax -jae short loc_000149e9 ; jae 0x149e9 +jae short loc_00014a79 ; jae 0x14a79 mov eax, dword [ebp + 8] mov al, byte [eax + ebx*4 + 0x9d] cmp al, 8 -je short loc_000149e6 ; je 0x149e6 +je short loc_00014a76 ; je 0x14a76 movzx esi, al -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000149d9 ; je 0x149d9 +je short loc_00014a69 ; je 0x14a69 cmp esi, 3 -jbe short loc_000149d9 ; jbe 0x149d9 +jbe short loc_00014a69 ; jbe 0x14a69 push eax -push ref_000252ee ; push 0x252ee +push ref_0002539d ; push 0x2539d push 0x9fd -push ref_0002526f ; push 0x2526f -call fcn_000153fc ; call 0x153fc +push ref_0002531e ; push 0x2531e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000149d9: +loc_00014a69: mov eax, 1 mov cl, bl shl eax, cl or dword [ebp + esi*4 - 0x28], eax -loc_000149e6: +loc_00014a76: inc ebx -jmp short loc_00014996 ; jmp 0x14996 +jmp short loc_00014a26 ; jmp 0x14a26 -loc_000149e9: +loc_00014a79: mov edx, dword [ebp + 0xc] mov eax, dword [ebp + 0xc] lea edi, [edx + 0xd0] @@ -33680,81 +33737,81 @@ mov esi, eax mov dword [ebp - 0x40], eax lea ebx, [ebp + edi - 0x28] -loc_00014a0a: +loc_00014a9a: push eax push eax push dword [ebx + esi - 0xc0] push esi add esi, 4 -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 cmp esi, dword [ebp - 0x3c] -jne short loc_00014a0a ; jne 0x14a0a +jne short loc_00014a9a ; jne 0x14a9a xor ebx, ebx -loc_00014a26: -call fcn_0001c1fd ; call 0x1c1fd +loc_00014ab6: +call fcn_0001c2c1 ; call 0x1c2c1 movzx eax, al cmp ebx, eax -jae short loc_00014a76 ; jae 0x14a76 +jae short loc_00014b06 ; jae 0x14b06 mov eax, dword [ebp + 8] mov al, byte [eax + ebx*8 + 0x2d] cmp al, 8 -je short loc_00014a73 ; je 0x14a73 +je short loc_00014b03 ; je 0x14b03 movzx esi, al -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00014a66 ; je 0x14a66 +je short loc_00014af6 ; je 0x14af6 cmp esi, 3 -jbe short loc_00014a66 ; jbe 0x14a66 +jbe short loc_00014af6 ; jbe 0x14af6 push ecx -push ref_000252ee ; push 0x252ee +push ref_0002539d ; push 0x2539d push 0xa0d -push ref_0002526f ; push 0x2526f -call fcn_000153fc ; call 0x153fc +push ref_0002531e ; push 0x2531e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00014a66: +loc_00014af6: mov eax, 1 mov cl, bl shl eax, cl or dword [ebp + esi*4 - 0x38], eax -loc_00014a73: +loc_00014b03: inc ebx -jmp short loc_00014a26 ; jmp 0x14a26 +jmp short loc_00014ab6 ; jmp 0x14ab6 -loc_00014a76: +loc_00014b06: mov eax, dword [ebp + 0xc] lea esi, [ebp + edi - 0x38] lea ebx, [eax + 0xb0] -loc_00014a83: +loc_00014b13: push edx push edx push dword [esi + ebx - 0xb0] push ebx add ebx, 4 -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 cmp ebx, dword [ebp - 0x40] -jne short loc_00014a83 ; jne 0x14a83 -jmp short loc_00014ac0 ; jmp 0x14ac0 +jne short loc_00014b13 ; jne 0x14b13 +jmp short loc_00014b50 ; jmp 0x14b50 -loc_00014a9f: -call fcn_000153f0 ; call 0x153f0 +loc_00014b2f: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00014ac0 ; je 0x14ac0 +je short loc_00014b50 ; je 0x14b50 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0xa16 -push ref_0002526f ; push 0x2526f -call fcn_000153fc ; call 0x153fc +push ref_0002531e ; push 0x2531e +call fcn_0001548c ; call 0x1548c -loc_00014abd: +loc_00014b4d: add esp, 0x10 -loc_00014ac0: +loc_00014b50: lea esp, [ebp - 0xc] pop ebx pop esi @@ -33762,7 +33819,7 @@ pop edi pop ebp ret -fcn_00014ac8: +fcn_00014b58: push ebp mov ebp, esp push edi @@ -33776,83 +33833,83 @@ mov esi, dword [ebp + 8] mov dword [ebp - 0x24], eax mov eax, dword [ebp + 0x10] mov dword [ebp - 0x28], eax -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov dword [ebp - 0x20], 0 mov dword [ebp - 0x1c], eax -loc_00014af3: -call fcn_0001c1d4 ; call 0x1c1d4 +loc_00014b83: +call fcn_0001c298 ; call 0x1c298 movzx eax, al cmp ebx, eax -jae short loc_00014b79 ; jae 0x14b79 +jae short loc_00014c09 ; jae 0x14c09 movzx ecx, byte [esi + ebx*8 + 0x2d] cmp cl, 8 -je short loc_00014b73 ; je 0x14b73 +je short loc_00014c03 ; je 0x14c03 cmp ebx, 7 -ja short loc_00014b37 ; ja 0x14b37 +ja short loc_00014bc7 ; ja 0x14bc7 cmp cl, 3 -jbe short loc_00014b29 ; jbe 0x14b29 -call fcn_000153f0 ; call 0x153f0 +jbe short loc_00014bb9 ; jbe 0x14bb9 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00014b73 ; je 0x14b73 +je short loc_00014c03 ; je 0x14c03 push ecx -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0xa69 -jmp short loc_00014b58 ; jmp 0x14b58 +jmp short loc_00014be8 ; jmp 0x14be8 -loc_00014b29: +loc_00014bb9: lea ecx, [ebx + ecx*8] mov eax, 1 shl eax, cl or edi, eax -jmp short loc_00014b73 ; jmp 0x14b73 +jmp short loc_00014c03 ; jmp 0x14c03 -loc_00014b37: +loc_00014bc7: cmp dword [ebp - 0x1c], 1 -jne short loc_00014b73 ; jne 0x14b73 +jne short loc_00014c03 ; jne 0x14c03 lea eax, [ecx - 4] cmp al, 3 -jbe short loc_00014b67 ; jbe 0x14b67 -call fcn_000153f0 ; call 0x153f0 +jbe short loc_00014bf7 ; jbe 0x14bf7 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00014b73 ; je 0x14b73 +je short loc_00014c03 ; je 0x14c03 push edx -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0xa76 -loc_00014b58: -push ref_0002526f ; push 0x2526f -call fcn_000153fc ; call 0x153fc +loc_00014be8: +push ref_0002531e ; push 0x2531e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp short loc_00014b73 ; jmp 0x14b73 +jmp short loc_00014c03 ; jmp 0x14c03 -loc_00014b67: +loc_00014bf7: mov eax, dword [ebp - 0x1c] lea ecx, [ebx + ecx*8 - 0x28] shl eax, cl or dword [ebp - 0x20], eax -loc_00014b73: +loc_00014c03: inc ebx -jmp near loc_00014af3 ; jmp 0x14af3 +jmp near loc_00014b83 ; jmp 0x14b83 -loc_00014b79: +loc_00014c09: cmp byte [esi], 1 -jne short loc_00014b90 ; jne 0x14b90 +jne short loc_00014c20 ; jne 0x14c20 push eax push eax mov eax, dword [ebp - 0x24] push edi add eax, 0x74 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 -loc_00014b90: +loc_00014c20: cmp dword [ebp - 0x1c], 1 -jne short loc_00014bb7 ; jne 0x14bb7 +jne short loc_00014c47 ; jne 0x14c47 cmp byte [esi + 8], 1 -jne short loc_00014bb7 ; jne 0x14bb7 +jne short loc_00014c47 ; jne 0x14c47 mov eax, dword [ebp - 0x20] mov dword [ebp + 0xc], eax mov eax, dword [ebp - 0x28] @@ -33863,9 +33920,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -loc_00014bb7: +loc_00014c47: lea esp, [ebp - 0xc] pop ebx pop esi @@ -33873,7 +33930,7 @@ pop edi pop ebp ret -fcn_00014bbf: +fcn_00014c4f: push ebp mov ebp, esp push edi @@ -33882,7 +33939,7 @@ push ebx xor ebx, ebx sub esp, 0x1c mov esi, dword [ebp + 8] -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov dword [ebp - 0x1c], eax mov eax, dword [ebp + 0xc] add eax, 0x64 @@ -33890,17 +33947,17 @@ mov dword [ebp - 0x20], eax mov eax, dword [ebp + 0x10] lea edi, [eax + 0x64] -loc_00014be4: -call fcn_0001c1d4 ; call 0x1c1d4 +loc_00014c74: +call fcn_0001c298 ; call 0x1c298 movzx eax, al cmp ebx, eax -jae loc_00014c81 ; jae 0x14c81 +jae loc_00014d11 ; jae 0x14d11 cmp ebx, 7 -ja short loc_00014c35 ; ja 0x14c35 +ja short loc_00014cc5 ; ja 0x14cc5 cmp byte [esi], 1 -jne short loc_00014c35 ; jne 0x14c35 +jne short loc_00014cc5 ; jne 0x14cc5 cmp byte [esi + ebx*8 + 0x2c], 0 -jne short loc_00014c1b ; jne 0x14c1b +jne short loc_00014cab ; jne 0x14cab push eax mov cl, bl push eax @@ -33908,10 +33965,10 @@ mov eax, 1 shl eax, cl push eax push dword [ebp - 0x20] -call fcn_0001866c ; call 0x1866c -jmp short loc_00014c32 ; jmp 0x14c32 +call fcn_00018730 ; call 0x18730 +jmp short loc_00014cc2 ; jmp 0x14cc2 -loc_00014c1b: +loc_00014cab: push ecx mov eax, 0xfffffffe push ecx @@ -33920,21 +33977,21 @@ rol eax, cl movzx eax, al push eax push dword [ebp - 0x20] -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d -loc_00014c32: +loc_00014cc2: add esp, 0x10 -loc_00014c35: +loc_00014cc5: cmp dword [ebp - 0x1c], 1 -jne short loc_00014c7b ; jne 0x14c7b +jne short loc_00014d0b ; jne 0x14d0b cmp ebx, 0xd -ja short loc_00014c7b ; ja 0x14c7b +ja short loc_00014d0b ; ja 0x14d0b cmp byte [esi + 8], 1 -jne short loc_00014c7b ; jne 0x14c7b +jne short loc_00014d0b ; jne 0x14d0b cmp byte [esi + ebx*8 + 0x2c], 0 lea ecx, [ebx - 8] -jne short loc_00014c63 ; jne 0x14c63 +jne short loc_00014cf3 ; jne 0x14cf3 mov eax, dword [ebp - 0x1c] push edx push edx @@ -33942,10 +33999,10 @@ shl eax, cl movzx ecx, al push ecx push edi -call fcn_0001866c ; call 0x1866c -jmp short loc_00014c78 ; jmp 0x14c78 +call fcn_00018730 ; call 0x18730 +jmp short loc_00014d08 ; jmp 0x14d08 -loc_00014c63: +loc_00014cf3: push eax push eax mov eax, dword [ebp - 0x1c] @@ -33955,16 +34012,16 @@ not ecx movzx ecx, cl push ecx push edi -call fcn_00018699 ; call 0x18699 +call fcn_0001875d ; call 0x1875d -loc_00014c78: +loc_00014d08: add esp, 0x10 -loc_00014c7b: +loc_00014d0b: inc ebx -jmp near loc_00014be4 ; jmp 0x14be4 +jmp near loc_00014c74 ; jmp 0x14c74 -loc_00014c81: +loc_00014d11: lea esp, [ebp - 0xc] pop ebx pop esi @@ -33972,7 +34029,7 @@ pop edi pop ebp ret -fcn_00014c89: +fcn_00014d19: push ebp mov ebp, esp push edi @@ -33981,89 +34038,89 @@ push ebx sub esp, 0x1c mov esi, dword [ebp + 8] mov edi, dword [ebp + 0xc] -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb cmp byte [esi + 0x10], 0 mov dword [ebp - 0x1c], eax -je loc_00014d7a ; je 0x14d7a +je loc_00014e0a ; je 0x14e0a lea eax, [edi + 0xe4] sub esp, 0xc push eax mov dword [ebp - 0x20], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 xor edx, edx mov ebx, eax and ebx, 0x7fff -loc_00014cc9: +loc_00014d59: mov dword [ebp - 0x24], edx -call fcn_0001c19d ; call 0x1c19d +call fcn_0001c261 ; call 0x1c261 mov edx, dword [ebp - 0x24] movzx eax, al cmp edx, eax -jae short loc_00014d08 ; jae 0x14d08 +jae short loc_00014d98 ; jae 0x14d98 cmp dword [ebp - 0x1c], 1 mov ecx, edx -jne short loc_00014cea ; jne 0x14cea -mov ecx, dword [edx*4 + ref_00020420] ; mov ecx, dword [edx*4 + 0x20420] +jne short loc_00014d7a ; jne 0x14d7a +mov ecx, dword [edx*4 + ref_000204b0] ; mov ecx, dword [edx*4 + 0x204b0] -loc_00014cea: +loc_00014d7a: cmp byte [esi + edx*8 + 0x2c], 0 -jne short loc_00014cfc ; jne 0x14cfc +jne short loc_00014d8c ; jne 0x14d8c mov eax, 1 shl eax, cl or ebx, eax -jmp short loc_00014d05 ; jmp 0x14d05 +jmp short loc_00014d95 ; jmp 0x14d95 -loc_00014cfc: +loc_00014d8c: mov eax, 0xfffffffe rol eax, cl and ebx, eax -loc_00014d05: +loc_00014d95: inc edx -jmp short loc_00014cc9 ; jmp 0x14cc9 +jmp short loc_00014d59 ; jmp 0x14d59 -loc_00014d08: +loc_00014d98: lea eax, [edi + 0xe8] sub esp, 0xc push eax mov dword [ebp - 0x1c], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 xor ecx, ecx mov edi, eax and edi, 0x3f -loc_00014d24: +loc_00014db4: mov dword [ebp - 0x24], ecx -call fcn_0001c234 ; call 0x1c234 +call fcn_0001c2f8 ; call 0x1c2f8 mov ecx, dword [ebp - 0x24] movzx eax, al cmp ecx, eax -jae short loc_00014d57 ; jae 0x14d57 +jae short loc_00014de7 ; jae 0x14de7 cmp byte [esi + ecx*4 + 0x9c], 0 -je short loc_00014d4b ; je 0x14d4b +je short loc_00014ddb ; je 0x14ddb mov eax, 0xfffffffe rol eax, cl and edi, eax -jmp short loc_00014d54 ; jmp 0x14d54 +jmp short loc_00014de4 ; jmp 0x14de4 -loc_00014d4b: +loc_00014ddb: mov eax, 1 shl eax, cl or edi, eax -loc_00014d54: +loc_00014de4: inc ecx -jmp short loc_00014d24 ; jmp 0x14d24 +jmp short loc_00014db4 ; jmp 0x14db4 -loc_00014d57: +loc_00014de7: push eax push eax push ebx push dword [ebp - 0x20] -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov eax, dword [ebp - 0x1c] add esp, 0x10 mov dword [ebp + 0xc], edi @@ -34073,9 +34130,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -loc_00014d7a: +loc_00014e0a: lea esp, [ebp - 0xc] pop ebx pop esi @@ -34083,7 +34140,7 @@ pop edi pop ebp ret -fcn_00014d82: +fcn_00014e12: push ebp mov ebp, esp sub esp, 0x10 @@ -34091,12 +34148,12 @@ mov eax, dword [ebp + 8] push 0x100 add eax, 0x7a push eax -call fcn_00018863 ; call 0x18863 +call fcn_00018927 ; call 0x18927 add esp, 0x10 leave ret -fcn_00014d9e: +fcn_00014e2e: push ebp mov ebp, esp push ebx @@ -34105,27 +34162,27 @@ mov edx, dword [ebp + 8] mov eax, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] cmp byte [edx + 0x10], 0 -je short loc_00014dd7 ; je 0x14dd7 +je short loc_00014e67 ; je 0x14e67 push edx push edx push eax lea eax, [ebx + 0x10] add ebx, 4 push eax -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f add esp, 0x10 mov dword [ebp + 8], ebx mov ebx, dword [ebp - 4] mov dword [ebp + 0xc], 6 leave -jmp near fcn_00018863 ; jmp 0x18863 +jmp near fcn_00018927 ; jmp 0x18927 -loc_00014dd7: +loc_00014e67: mov ebx, dword [ebp - 4] leave ret -fcn_00014ddc: +fcn_00014e6c: push ebp mov ebp, esp push ebx @@ -34133,27 +34190,27 @@ push edx mov eax, dword [ebp + 8] mov ebx, dword [ebp + 0x10] cmp byte [eax + 0x10], 0 -je short loc_00014e16 ; je 0x14e16 +je short loc_00014ea6 ; je 0x14ea6 push eax push eax push 0xfff9 lea eax, [ebx + 4] add ebx, 0x10 push eax -call fcn_00018890 ; call 0x18890 +call fcn_00018954 ; call 0x18954 add esp, 0x10 mov dword [ebp + 8], ebx mov ebx, dword [ebp - 4] mov dword [ebp + 0xc], 0 leave -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -loc_00014e16: +loc_00014ea6: mov ebx, dword [ebp - 4] leave ret -fcn_00014e1b: +fcn_00014eab: push ebp mov ebp, esp push edi @@ -34162,11 +34219,11 @@ push ebx sub esp, 0x1c mov esi, dword [ebp + 0x10] mov edi, dword [ebp + 8] -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov dword [ebp - 0x24], eax -call fcn_0001bb39 ; call 0x1bb39 +call fcn_0001bbfd ; call 0x1bbfd mov ebx, eax -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd cmp ebx, 0x40 seta byte [ebp - 0x19] cmp eax, 2 @@ -34181,14 +34238,14 @@ push eax push 0 push 0xe5007f04 push esi -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x10 -loc_00014e71: -call fcn_0001c19d ; call 0x1c19d +loc_00014f01: +call fcn_0001c261 ; call 0x1c261 movzx eax, al cmp ebx, eax -jae loc_00014f31 ; jae 0x14f31 +jae loc_00014fc1 ; jae 0x14fc1 inc ebx mov eax, ebx push 0 @@ -34198,38 +34255,38 @@ mov dword [ebp - 0x28], eax sub eax, 0x1affbff1 push eax push esi -call fcn_00009d54 ; call 0x9d54 -call fcn_000153f0 ; call 0x153f0 +call fcn_00009dc2 ; call 0x9dc2 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00014ec5 ; je 0x14ec5 +je short loc_00014f55 ; je 0x14f55 cmp byte [edi + ebx*8 + 0x27], 7 -jbe short loc_00014ec5 ; jbe 0x14ec5 +jbe short loc_00014f55 ; jbe 0x14f55 push edx -push ref_000252f8 ; push 0x252f8 +push ref_000253a7 ; push 0x253a7 push 0xc0b -push ref_0002526f ; push 0x2526f -call fcn_000153fc ; call 0x153fc +push ref_0002531e ; push 0x2531e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00014ec5: +loc_00014f55: mov al, byte [edi + ebx*8 + 0x27] and eax, 7 mov dword [ebp - 0x20], eax shl dword [ebp - 0x20], 0xb -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00014efb ; je 0x14efb +je short loc_00014f8b ; je 0x14f8b cmp byte [edi + ebx*8 + 0x26], 7 -jbe short loc_00014efb ; jbe 0x14efb +jbe short loc_00014f8b ; jbe 0x14f8b push eax -push ref_00025334 ; push 0x25334 +push ref_000253e3 ; push 0x253e3 push 0xc0d -push ref_0002526f ; push 0x2526f -call fcn_000153fc ; call 0x153fc +push ref_0002531e ; push 0x2531e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00014efb: +loc_00014f8b: mov al, byte [edi + ebx*8 + 0x26] and eax, 7 shl eax, 8 @@ -34244,27 +34301,27 @@ push 0xffff80ff sub eax, 0x1affc000 push eax push esi -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x10 -jmp near loc_00014e71 ; jmp 0x14e71 +jmp near loc_00014f01 ; jmp 0x14f01 -loc_00014f31: +loc_00014fc1: push 0x180000 push 0xffffffffffffffff push 0xe5007f14 push esi -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x10 cmp dword [ebp - 0x24], 2 -jne short loc_00014f61 ; jne 0x14f61 +jne short loc_00014ff1 ; jne 0x14ff1 push 0 push 0xff3fffff push 0xe5007f02 push esi -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x10 -loc_00014f61: +loc_00014ff1: lea esp, [ebp - 0xc] pop ebx pop esi @@ -34272,7 +34329,7 @@ pop edi pop ebp ret -fcn_00014f69: +fcn_00014ff9: push ebp mov ebp, esp push edi @@ -34281,42 +34338,42 @@ push ebx sub esp, 0x1c mov esi, dword [ebp + 8] mov ebx, dword [ebp + 0xc] -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 2 -jne short loc_00014f9e ; jne 0x14f9e +jne short loc_0001502e ; jne 0x1502e cmp byte [esi + 0x284], 0 -jne short loc_00014f9e ; jne 0x14f9e +jne short loc_0001502e ; jne 0x1502e push ecx push ecx push 5 lea eax, [ebx + 0x3a84] push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -loc_00014f9e: +loc_0001502e: push 0xc0 push 0xffffffffffffffff push 0xe5004001 push ebx xor ebx, ebx -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 add esp, 0x10 -loc_00014fb5: -call fcn_0001c181 ; call 0x1c181 +loc_00015045: +call fcn_0001c245 ; call 0x1c245 cmp bl, al -jae short loc_00015017 ; jae 0x15017 +jae short loc_000150a7 ; jae 0x150a7 movzx edi, bl push eax -movzx eax, byte [edi + edi + ref_00020461] ; movzx eax, byte [edi + edi + 0x20461] +movzx eax, byte [edi + edi + ref_000204f1] ; movzx eax, byte [edi + edi + 0x204f1] push eax -movzx eax, byte [edi + edi + ref_00020460] ; movzx eax, byte [edi + edi + 0x20460] +movzx eax, byte [edi + edi + ref_000204f0] ; movzx eax, byte [edi + edi + 0x204f0] add edi, 0x50 push eax movzx eax, byte [esi + 1] push eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a cmp byte [esi + edi*8 + 4], 1 pop edx sbb edx, edx @@ -34329,18 +34386,18 @@ lea eax, [ecx + 0xdc] mov dword [ebp - 0x1c], ecx push edx push eax -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov ecx, dword [ebp - 0x1c] pop eax pop edx add ecx, 0x78 push 3 push ecx -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 -jmp short loc_00014fb5 ; jmp 0x14fb5 +jmp short loc_00015045 ; jmp 0x15045 -loc_00015017: +loc_000150a7: lea esp, [ebp - 0xc] pop ebx pop esi @@ -34348,7 +34405,7 @@ pop edi pop ebp ret -fcn_0001501f: +fcn_000150af: push ebp mov ebp, esp push esi @@ -34359,7 +34416,7 @@ push eax push eax push esi push ebx -call fcn_00014f69 ; call 0x14f69 +call fcn_00014ff9 ; call 0x14ff9 add esp, 0x10 mov dword [ebp + 0xc], esi mov dword [ebp + 8], ebx @@ -34367,25 +34424,25 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00013bae ; jmp 0x13bae +jmp near fcn_00013c3e ; jmp 0x13c3e -fcn_00015047: +fcn_000150d7: push ebp mov edx, 0x18 mov ebp, esp push edi push esi -mov esi, ref_00027120 ; mov esi, 0x27120 +mov esi, ref_000271d0 ; mov esi, 0x271d0 push ebx mov ebx, 0x24 sub esp, 0x1c mov eax, dword [ebp + 0x10] mov edi, dword [ebp + 8] dec al -mov eax, ref_00027000 ; mov eax, 0x27000 +mov eax, ref_000270b0 ; mov eax, 0x270b0 cmovne ebx, edx cmovne esi, eax -call fcn_0001c234 ; call 0x1c234 +call fcn_0001c2f8 ; call 0x1c2f8 mov dword [ebp - 0x20], 0 movzx ecx, al mov eax, ebx @@ -34397,17 +34454,17 @@ mov word [ebp - 0x1c], ax lea eax, [edi + ecx*4 + 0x9e] mov dword [ebp - 0x24], eax -loc_0001509d: +loc_0001512d: cmp ebx, dword [ebp - 0x24] -je loc_0001512f ; je 0x1512f +je loc_000151bf ; je 0x151bf cmp byte [ebx], 1 -jne short loc_00015121 ; jne 0x15121 +jne short loc_000151b1 ; jne 0x151b1 mov byte [ebp - 0x19], 0 -loc_000150af: +loc_0001513f: movzx eax, byte [ebp - 0x19] cmp ax, word [ebp - 0x1c] -jae short loc_00015121 ; jae 0x15121 +jae short loc_000151b1 ; jae 0x151b1 movzx eax, byte [ebp - 0x19] add eax, dword [ebp - 0x20] imul eax, eax, 0xc @@ -34416,43 +34473,43 @@ push dword [eax + 8] push dword [eax + 4] push dword [eax] push dword [ebp + 0xc] -call fcn_00009d54 ; call 0x9d54 +call fcn_00009dc2 ; call 0x9dc2 mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001511c ; je 0x1511c +je short loc_000151ac ; je 0x151ac test edi, edi -jns short loc_0001511c ; jns 0x1511c -call fcn_000153e9 ; call 0x153e9 +jns short loc_000151ac ; jns 0x151ac +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00015104 ; je 0x15104 +je short loc_00015194 ; je 0x15194 push edx push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00015104: +loc_00015194: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xcbb -push ref_0002526f ; push 0x2526f -call fcn_000153fc ; call 0x153fc +push ref_0002531e ; push 0x2531e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001511c: +loc_000151ac: inc byte [ebp - 0x19] -jmp short loc_000150af ; jmp 0x150af +jmp short loc_0001513f ; jmp 0x1513f -loc_00015121: +loc_000151b1: mov eax, dword [ebp - 0x28] add ebx, 4 add dword [ebp - 0x20], eax -jmp near loc_0001509d ; jmp 0x1509d +jmp near loc_0001512d ; jmp 0x1512d -loc_0001512f: +loc_000151bf: lea esp, [ebp - 0xc] pop ebx pop esi @@ -34460,7 +34517,7 @@ pop edi pop ebp ret -fcn_00015137: +fcn_000151c7: push ebp mov ebp, esp push edi @@ -34472,18 +34529,18 @@ mov ebx, dword [ebp + 8] mov esi, dword [ebp + 0x14] mov edi, dword [ebp + 0x1c] mov dword [ebp - 0x34], eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00015169 ; je 0x15169 +je short loc_000151f9 ; je 0x151f9 push eax push eax -push ref_00025370 ; push 0x25370 +push ref_0002541f ; push 0x2541f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00015169: -call fcn_0001bef7 ; call 0x1bef7 +loc_000151f9: +call fcn_0001bfbb ; call 0x1bfbb mov edx, esi movzx esi, dl mov dword [ebp - 0x20], eax @@ -34491,61 +34548,61 @@ push eax push 0 push 0x1f push esi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0x14 push esi mov dword [ebp - 0x2c], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push 0 push 0x1d push esi mov dword [ebp - 0x24], eax -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 cmp dword [ebp - 0x20], 1 mov dword [ebp - 0x1c], 0 mov dword [ebp - 0x30], eax -jne short loc_000151c5 ; jne 0x151c5 +jne short loc_00015255 ; jne 0x15255 push ecx push 0 push 0x1a push esi -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0x10 mov dword [ebp - 0x1c], eax -loc_000151c5: +loc_00015255: mov eax, dword [ebp - 0x2c] sub esp, 0xc add eax, 0x40 push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov word [ebp - 0x48], ax mov eax, dword [ebp - 0x2c] add eax, 2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp byte [ebx], 0 -jne short loc_000151f4 ; jne 0x151f4 +jne short loc_00015284 ; jne 0x15284 or dword [edi], 0x8000 -loc_000151f4: +loc_00015284: cmp dword [ebp - 0x20], 1 -jne short loc_00015206 ; jne 0x15206 +jne short loc_00015296 ; jne 0x15296 cmp byte [ebx + 8], 0 -jne short loc_00015206 ; jne 0x15206 +jne short loc_00015296 ; jne 0x15296 or dword [edi], 0x2000 -loc_00015206: +loc_00015296: cmp byte [ebx + 0x10], 0 -jne short loc_00015212 ; jne 0x15212 +jne short loc_000152a2 ; jne 0x152a2 or dword [edi], 0x8000000 -loc_00015212: +loc_000152a2: push edx movzx edi, ax movzx eax, byte [ebp - 0x34] @@ -34557,31 +34614,31 @@ push eax push esi push dword [ebp + 0xc] push ebx -call fcn_0001354f ; call 0x1354f +call fcn_000135df ; call 0x135df mov esi, dword [ebp - 0x24] add esp, 0x1c push esi push dword [ebp + 0x10] push ebx -call fcn_00014d9e ; call 0x14d9e +call fcn_00014e2e ; call 0x14e2e mov dword [esp], esi push edi push dword [ebp - 0x28] push dword [ebp + 0x10] push ebx -call fcn_0001376e ; call 0x1376e +call fcn_000137fe ; call 0x137fe add esp, 0x20 cmp byte [ebp - 0x34], 7 -jbe short loc_00015268 ; jbe 0x15268 +jbe short loc_000152f8 ; jbe 0x152f8 movzx eax, byte [ebp - 0x20] push ecx push eax push dword [ebp + 0x18] push ebx -call fcn_00015047 ; call 0x15047 +call fcn_000150d7 ; call 0x150d7 add esp, 0x10 -loc_00015268: +loc_000152f8: push eax mov esi, dword [ebp - 0x24] push eax @@ -34591,31 +34648,31 @@ push edi push dword [ebp - 0x28] push dword [ebp + 0x10] push ebx -call fcn_00013ead ; call 0x13ead +call fcn_00013f3d ; call 0x13f3d add esp, 0x1c push dword [ebp - 0x1c] push dword [ebp - 0x30] push ebx -call fcn_00014ac8 ; call 0x14ac8 +call fcn_00014b58 ; call 0x14b58 pop eax pop edx push esi push ebx -call fcn_00014813 ; call 0x14813 +call fcn_000148a3 ; call 0x148a3 add esp, 0xc push dword [ebp + 0x18] push edi push ebx -call fcn_00014e1b ; call 0x14e1b +call fcn_00014eab ; call 0x14eab add esp, 0x10 cmp byte [ebx + 0xb4], 1 -jne short loc_00015303 ; jne 0x15303 +jne short loc_00015393 ; jne 0x15393 mov esi, dword [ebp - 0x48] sub esp, 0xc and esi, 0xfffc add esi, 0x3c push esi -call fcn_00018e32 ; call 0x18e32 +call fcn_00018ef6 ; call 0x18ef6 pop ecx mov edi, eax pop eax @@ -34625,64 +34682,64 @@ and edi, 0xfffd movzx eax, ax push eax push esi -call fcn_00018e63 ; call 0x18e63 +call fcn_00018f27 ; call 0x18f27 add esp, 0xc push dword [ebp - 0x1c] push dword [ebp - 0x30] push ebx -call fcn_00014bbf ; call 0x14bbf +call fcn_00014c4f ; call 0x14c4f pop eax pop edx push dword [ebp - 0x24] push ebx -call fcn_00014c89 ; call 0x14c89 +call fcn_00014d19 ; call 0x14d19 pop ecx pop eax push edi push esi -call fcn_00018e63 ; call 0x18e63 +call fcn_00018f27 ; call 0x18f27 add esp, 0x10 -loc_00015303: +loc_00015393: cmp byte [ebx + 1], 1 -jne short loc_0001531c ; jne 0x1531c +jne short loc_000153ac ; jne 0x153ac cmp byte [ebx], 1 -jne short loc_0001531c ; jne 0x1531c +jne short loc_000153ac ; jne 0x153ac sub esp, 0xc push dword [ebp - 0x30] -call fcn_00014d82 ; call 0x14d82 +call fcn_00014e12 ; call 0x14e12 add esp, 0x10 -loc_0001531c: +loc_000153ac: cmp dword [ebp - 0x20], 1 -jne short loc_0001533c ; jne 0x1533c +jne short loc_000153cc ; jne 0x153cc cmp byte [ebx + 9], 1 -jne short loc_0001533c ; jne 0x1533c +jne short loc_000153cc ; jne 0x153cc cmp byte [ebx + 8], 1 -jne short loc_0001533c ; jne 0x1533c +jne short loc_000153cc ; jne 0x153cc sub esp, 0xc push dword [ebp - 0x1c] -call fcn_00014d82 ; call 0x14d82 +call fcn_00014e12 ; call 0x14e12 add esp, 0x10 -loc_0001533c: +loc_000153cc: push edx push dword [ebp - 0x24] push dword [ebp + 0x10] push ebx -call fcn_00014ddc ; call 0x14ddc -call fcn_000153e9 ; call 0x153e9 +call fcn_00014e6c ; call 0x14e6c +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00015366 ; je 0x15366 +je short loc_000153f6 ; je 0x153f6 push eax push eax -push ref_00025389 ; push 0x25389 +push ref_00025438 ; push 0x25438 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00015366: +loc_000153f6: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -34691,7 +34748,7 @@ pop edi pop ebp ret -fcn_00015370: ; not directly referenced +fcn_00015400: ; not directly referenced push ebp mov ebp, esp push esi @@ -34700,18 +34757,18 @@ push ebx mov ebx, dword [ebp + 0xc] add esi, ebx -loc_0001537d: ; not directly referenced +loc_0001540d: ; not directly referenced cmp ebx, esi -je short loc_00015394 ; je 0x15394 +je short loc_00015424 ; je 0x15424 inc ebx movzx eax, byte [ebx - 1] sub esp, 0xc push eax -call fcn_0001638a ; call 0x1638a +call fcn_0001641a ; call 0x1641a add esp, 0x10 -jmp short loc_0001537d ; jmp 0x1537d +jmp short loc_0001540d ; jmp 0x1540d -loc_00015394: ; not directly referenced +loc_00015424: ; not directly referenced lea esp, [ebp - 8] or eax, 0xffffffff pop ebx @@ -34719,7 +34776,7 @@ pop esi pop ebp ret -fcn_0001539e: ; not directly referenced +fcn_0001542e: ; not directly referenced push ebp mov ebp, esp push ebx @@ -34729,18 +34786,18 @@ push 0x80 movzx eax, bx movzx ebx, bh push eax -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea pop eax pop edx push 0x90 push ebx -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea add esp, 0x10 mov ebx, dword [ebp - 4] leave ret -fcn_000153ce: +fcn_0001545e: push ebp mov ebp, esp sub esp, 8 @@ -34748,38 +34805,38 @@ lea eax, [ebp + 0xc] push eax push dword [ebp + 8] push 0 -push fcn_00015370 ; push 0x15370 -call fcn_0001551c ; call 0x1551c +push fcn_00015400 ; push 0x15400 +call fcn_000155ac ; call 0x155ac leave ret -fcn_000153e9: +fcn_00015479: push ebp xor eax, eax mov ebp, esp pop ebp ret -fcn_000153f0: +fcn_00015480: push ebp xor eax, eax mov ebp, esp pop ebp ret -fcn_000153f7: +fcn_00015487: push ebp mov ebp, esp pop ebp ret -fcn_000153fc: +fcn_0001548c: push ebp mov ebp, esp pop ebp ret -fcn_00015401: +fcn_00015491: push ebp mov ebp, esp push edi @@ -34789,9 +34846,9 @@ push ebx mov ebx, edx sub esp, 0x1c -loc_0001540e: +loc_0001549e: test ebx, ebx -jle short loc_0001543e ; jle 0x1543e +jle short loc_000154ce ; jle 0x154ce push eax mov eax, dword [ebp + 8] cmp ebx, 0x10 @@ -34807,19 +34864,19 @@ add esp, 0x10 mov ecx, dword [ebp - 0x1c] test eax, eax mov dword [edx], eax -jne short loc_00015442 ; jne 0x15442 +jne short loc_000154d2 ; jne 0x154d2 or eax, 0xffffffff -jmp short loc_00015446 ; jmp 0x15446 +jmp short loc_000154d6 ; jmp 0x154d6 -loc_0001543e: +loc_000154ce: xor eax, eax -jmp short loc_00015446 ; jmp 0x15446 +jmp short loc_000154d6 ; jmp 0x154d6 -loc_00015442: +loc_000154d2: sub ebx, esi -jmp short loc_0001540e ; jmp 0x1540e +jmp short loc_0001549e ; jmp 0x1549e -loc_00015446: +loc_000154d6: lea esp, [ebp - 0xc] pop ebx pop esi @@ -34827,7 +34884,7 @@ pop edi pop ebp ret -fcn_0001544e: +fcn_000154de: push ebp mov ebp, esp push edi @@ -34838,31 +34895,31 @@ push ebx mov ebx, edx sub esp, 0xc test ecx, ecx -jne short loc_0001546f ; jne 0x1546f +jne short loc_000154ff ; jne 0x154ff -loc_00015461: +loc_000154f1: cmp dword [ebp + 8], 0 -je short loc_000154a7 ; je 0x154a7 +je short loc_00015537 ; je 0x15537 cmp dword [ebp + 0xc], 0 -je short loc_000154a7 ; je 0x154a7 -jmp short loc_00015490 ; jmp 0x15490 +je short loc_00015537 ; je 0x15537 +jmp short loc_00015520 ; jmp 0x15520 -loc_0001546f: +loc_000154ff: sub esp, 0xc mov ecx, eax push edx -mov eax, ref_000204c8 ; mov eax, 0x204c8 +mov eax, ref_00020558 ; mov eax, 0x20558 mov edx, edi -call fcn_00015401 ; call 0x15401 +call fcn_00015491 ; call 0x15491 add esp, 0x10 test eax, eax -jns short loc_00015461 ; jns 0x15461 +jns short loc_000154f1 ; jns 0x154f1 -loc_00015488: +loc_00015518: or eax, 0xffffffff -jmp near loc_00015514 ; jmp 0x15514 +jmp near loc_000155a4 ; jmp 0x155a4 -loc_00015490: +loc_00015520: push edx push dword [ebp + 0xc] push dword [ebp + 8] @@ -34871,32 +34928,32 @@ call esi add esp, 0x10 mov dword [ebx], eax test eax, eax -je short loc_00015488 ; je 0x15488 +je short loc_00015518 ; je 0x15518 add edi, dword [ebp + 0xc] -loc_000154a7: +loc_00015537: cmp dword [ebp + 0x10], 0 -jne short loc_000154b8 ; jne 0x154b8 +jne short loc_00015548 ; jne 0x15548 -loc_000154ad: +loc_0001553d: add edi, dword [ebp + 0x10] cmp dword [ebp + 0x18], 0 -je short loc_000154e8 ; je 0x154e8 -jmp short loc_000154d4 ; jmp 0x154d4 +je short loc_00015578 ; je 0x15578 +jmp short loc_00015564 ; jmp 0x15564 -loc_000154b8: +loc_00015548: mov edx, dword [ebp + 0x10] sub esp, 0xc mov ecx, esi push ebx -mov eax, ref_000204b4 ; mov eax, 0x204b4 -call fcn_00015401 ; call 0x15401 +mov eax, ref_00020544 ; mov eax, 0x20544 +call fcn_00015491 ; call 0x15491 add esp, 0x10 test eax, eax -jns short loc_000154ad ; jns 0x154ad -jmp short loc_00015488 ; jmp 0x15488 +jns short loc_0001553d ; jns 0x1553d +jmp short loc_00015518 ; jmp 0x15518 -loc_000154d4: +loc_00015564: push eax push dword [ebp + 0x18] push dword [ebp + 0x14] @@ -34905,27 +34962,27 @@ call esi add esp, 0x10 mov dword [ebx], eax test eax, eax -je short loc_00015488 ; je 0x15488 +je short loc_00015518 ; je 0x15518 -loc_000154e8: +loc_00015578: add edi, dword [ebp + 0x18] cmp dword [ebp + 0x1c], 0 -je short loc_0001550f ; je 0x1550f +je short loc_0001559f ; je 0x1559f mov edx, dword [ebp + 0x1c] sub esp, 0xc mov ecx, esi push ebx -mov eax, ref_000204c8 ; mov eax, 0x204c8 -call fcn_00015401 ; call 0x15401 +mov eax, ref_00020558 ; mov eax, 0x20558 +call fcn_00015491 ; call 0x15491 add esp, 0x10 test eax, eax -js loc_00015488 ; js 0x15488 +js loc_00015518 ; js 0x15518 -loc_0001550f: +loc_0001559f: mov eax, dword [ebp + 0x1c] add eax, edi -loc_00015514: +loc_000155a4: lea esp, [ebp - 0xc] pop ebx pop esi @@ -34933,7 +34990,7 @@ pop edi pop ebp ret -fcn_0001551c: +fcn_000155ac: push ebp mov ebp, esp push edi @@ -34943,61 +35000,61 @@ sub esp, 0xec mov eax, dword [ebp + 0x10] mov ebx, dword [ebp + 0x14] test eax, eax -je short loc_00015580 ; je 0x15580 +je short loc_00015610 ; je 0x15610 mov dword [ebp - 0xe0], 0 mov dword [ebp - 0xd4], 0 -jmp short loc_000155a1 ; jmp 0x155a1 +jmp short loc_00015631 ; jmp 0x15631 -loc_00015548: +loc_000155d8: cmp dl, 0x2a -jne loc_000155dc ; jne 0x155dc +jne loc_0001566c ; jne 0x1566c mov ecx, dword [ebx] lea eax, [ebx + 4] mov dword [ebp - 0xc4], ecx test ecx, ecx -jns short loc_0001556d ; jns 0x1556d +jns short loc_000155fd ; jns 0x155fd neg dword [ebp - 0xc4] or dword [ebp - 0xb4], 4 -loc_0001556d: +loc_000155fd: inc edi mov ebx, eax -loc_00015570: +loc_00015600: cmp dword [ebp - 0xc4], 0x1f4 -jle loc_00015634 ; jle 0x15634 +jle loc_000156c4 ; jle 0x156c4 -loc_00015580: +loc_00015610: or eax, 0xffffffff -jmp near loc_000160e6 ; jmp 0x160e6 +jmp near loc_00016176 ; jmp 0x16176 -loc_00015588: +loc_00015618: test dl, dl -je short loc_00015594 ; je 0x15594 +je short loc_00015624 ; je 0x15624 inc esi -loc_0001558d: +loc_0001561d: mov dl, byte [esi] cmp dl, 0x25 -jne short loc_00015588 ; jne 0x15588 +jne short loc_00015618 ; jne 0x15618 -loc_00015594: +loc_00015624: mov edi, esi sub edi, eax -jne short loc_000155ae ; jne 0x155ae +jne short loc_0001563e ; jne 0x1563e -loc_0001559a: +loc_0001562a: cmp byte [esi], 0 -jne short loc_000155c9 ; jne 0x155c9 +jne short loc_00015659 ; jne 0x15659 mov eax, esi -loc_000155a1: +loc_00015631: cmp byte [eax], 0 -je loc_000160ab ; je 0x160ab +je loc_0001613b ; je 0x1613b mov esi, eax -jmp short loc_0001558d ; jmp 0x1558d +jmp short loc_0001561d ; jmp 0x1561d -loc_000155ae: +loc_0001563e: push edx push edi push eax @@ -35006,235 +35063,235 @@ call dword [ebp + 8] ; ucall add esp, 0x10 mov dword [ebp + 0xc], eax test eax, eax -je short loc_00015580 ; je 0x15580 +je short loc_00015610 ; je 0x15610 add dword [ebp - 0xd4], edi -jmp short loc_0001559a ; jmp 0x1559a +jmp short loc_0001562a ; jmp 0x1562a -loc_000155c9: +loc_00015659: lea edi, [esi + 1] mov dword [ebp - 0xb4], 0 -loc_000155d6: +loc_00015666: mov dl, byte [edi] test dl, dl -jne short loc_000155e8 ; jne 0x155e8 +jne short loc_00015678 ; jne 0x15678 -loc_000155dc: +loc_0001566c: mov dword [ebp - 0xc4], 0 -jmp short loc_00015624 ; jmp 0x15624 +jmp short loc_000156b4 ; jmp 0x156b4 -loc_000155e8: -mov eax, ref_000204ac ; mov eax, 0x204ac +loc_00015678: +mov eax, ref_0002053c ; mov eax, 0x2053c -loc_000155ed: +loc_0001567d: mov cl, byte [eax] cmp cl, dl -je loc_000160b3 ; je 0x160b3 +je loc_00016143 ; je 0x16143 test cl, cl -je loc_00015548 ; je 0x15548 +je loc_000155d8 ; je 0x155d8 inc eax -jmp short loc_000155ed ; jmp 0x155ed +jmp short loc_0001567d ; jmp 0x1567d -loc_00015602: +loc_00015692: cmp dword [ebp - 0xc4], 0x1f3 -jg loc_00015570 ; jg 0x15570 +jg loc_00015600 ; jg 0x15600 imul edx, dword [ebp - 0xc4], 0xa inc edi lea eax, [edx + eax - 0x30] mov dword [ebp - 0xc4], eax -loc_00015624: +loc_000156b4: movsx eax, byte [edi] lea edx, [eax - 0x30] cmp dl, 9 -jbe short loc_00015602 ; jbe 0x15602 -jmp near loc_00015570 ; jmp 0x15570 +jbe short loc_00015692 ; jbe 0x15692 +jmp near loc_00015600 ; jmp 0x15600 -loc_00015634: +loc_000156c4: cmp byte [edi], 0x2e mov dword [ebp - 0xc0], 0xffffffff -jne short loc_000156ad ; jne 0x156ad +jne short loc_0001573d ; jne 0x1573d cmp byte [edi + 1], 0x2a -je short loc_00015656 ; je 0x15656 +je short loc_000156e6 ; je 0x156e6 inc edi mov dword [ebp - 0xc0], 0 -jmp short loc_00015692 ; jmp 0x15692 +jmp short loc_00015722 ; jmp 0x15722 -loc_00015656: +loc_000156e6: lea eax, [ebx + 4] mov ebx, dword [ebx] mov dword [ebp - 0xc0], ebx cmp ebx, 0x1f4 -jg loc_00015580 ; jg 0x15580 +jg loc_00015610 ; jg 0x15610 add edi, 2 mov ebx, eax -jmp short loc_000156ad ; jmp 0x156ad +jmp short loc_0001573d ; jmp 0x1573d -loc_00015674: +loc_00015704: cmp dword [ebp - 0xc0], 0x1f3 -jg short loc_0001569d ; jg 0x1569d +jg short loc_0001572d ; jg 0x1572d imul edx, dword [ebp - 0xc0], 0xa inc edi lea eax, [edx + eax - 0x30] mov dword [ebp - 0xc0], eax -loc_00015692: +loc_00015722: movsx eax, byte [edi] lea edx, [eax - 0x30] cmp dl, 9 -jbe short loc_00015674 ; jbe 0x15674 +jbe short loc_00015704 ; jbe 0x15704 -loc_0001569d: +loc_0001572d: cmp dword [ebp - 0xc0], 0x1f4 -jg loc_00015580 ; jg 0x15580 +jg loc_00015610 ; jg 0x15610 -loc_000156ad: +loc_0001573d: cmp byte [edi], 0x3a mov dword [ebp - 0xb0], 0 -jne short loc_0001571f ; jne 0x1571f +jne short loc_000157af ; jne 0x157af cmp byte [edi + 1], 0x2a -jne short loc_00015706 ; jne 0x15706 +jne short loc_00015796 ; jne 0x15796 mov esi, dword [ebx] lea eax, [ebx + 4] mov dword [ebp - 0xb0], esi test esi, esi -js short loc_000156db ; js 0x156db +js short loc_0001576b ; js 0x1576b cmp esi, 0x24 -jle short loc_000156e5 ; jle 0x156e5 -jmp near loc_00015580 ; jmp 0x15580 +jle short loc_00015775 ; jle 0x15775 +jmp near loc_00015610 ; jmp 0x15610 -loc_000156db: +loc_0001576b: mov dword [ebp - 0xb0], 0 -loc_000156e5: +loc_00015775: add edi, 2 mov ebx, eax -jmp short loc_0001571f ; jmp 0x1571f +jmp short loc_000157af ; jmp 0x157af -loc_000156ec: +loc_0001577c: cmp dword [ebp - 0xb0], 0x23 -jg short loc_00015712 ; jg 0x15712 +jg short loc_000157a2 ; jg 0x157a2 imul ecx, dword [ebp - 0xb0], 0xa lea eax, [ecx + eax - 0x30] mov dword [ebp - 0xb0], eax -loc_00015706: +loc_00015796: inc edi movsx eax, byte [edi] lea edx, [eax - 0x30] cmp dl, 9 -jbe short loc_000156ec ; jbe 0x156ec +jbe short loc_0001577c ; jbe 0x1577c -loc_00015712: +loc_000157a2: cmp dword [ebp - 0xb0], 0x24 -jg loc_00015580 ; jg 0x15580 +jg loc_00015610 ; jg 0x15610 -loc_0001571f: +loc_000157af: cmp byte [edi], 0x5b mov dword [ebp - 0xcc], 0 -jne short loc_00015758 ; jne 0x15758 +jne short loc_000157e8 ; jne 0x157e8 lea eax, [edi + 1] not edi mov dword [ebp - 0xe0], eax mov esi, edi -loc_0001573b: +loc_000157cb: mov dl, byte [eax] lea edi, [eax + esi] mov dword [ebp - 0xcc], edi test dl, dl -je loc_00015580 ; je 0x15580 +je loc_00015610 ; je 0x15610 cmp dl, 0x5d lea eax, [eax + 1] -jne short loc_0001573b ; jne 0x1573b +jne short loc_000157cb ; jne 0x157cb mov edi, eax -loc_00015758: +loc_000157e8: mov al, byte [edi] -mov esi, ref_000253a0 ; mov esi, 0x253a0 +mov esi, ref_0002544f ; mov esi, 0x2544f test al, al -je short loc_00015790 ; je 0x15790 +je short loc_00015820 ; je 0x15820 -loc_00015763: +loc_000157f3: mov dl, byte [esi] cmp dl, al -je short loc_00015774 ; je 0x15774 +je short loc_00015804 ; je 0x15804 test dl, dl -je short loc_00015770 ; je 0x15770 +je short loc_00015800 ; je 0x15800 inc esi -jmp short loc_00015763 ; jmp 0x15763 +jmp short loc_000157f3 ; jmp 0x157f3 -loc_00015770: +loc_00015800: xor eax, eax -jmp short loc_00015790 ; jmp 0x15790 +jmp short loc_00015820 ; jmp 0x15820 -loc_00015774: +loc_00015804: mov dl, byte [edi + 1] lea esi, [edi + 1] test dl, dl -je loc_000160cb ; je 0x160cb +je loc_0001615b ; je 0x1615b cmp dl, al -jne loc_000160cb ; jne 0x160cb +jne loc_0001615b ; jne 0x1615b or eax, 1 add edi, 2 -loc_00015790: +loc_00015820: mov dl, byte [edi] test dl, dl -jne short loc_000157a0 ; jne 0x157a0 +jne short loc_00015830 ; jne 0x15830 mov eax, dword [ebx] add ebx, 4 -jmp near loc_000155a1 ; jmp 0x155a1 +jmp near loc_00015631 ; jmp 0x15631 -loc_000157a0: +loc_00015830: mov byte [ebp - 0xb8], 0 cmp dl, 0x43 -jne short loc_000157c2 ; jne 0x157c2 +jne short loc_00015852 ; jne 0x15852 mov cl, byte [edi + 1] lea esi, [edi + 1] mov byte [ebp - 0xb8], cl test cl, cl -je loc_00015580 ; je 0x15580 +je loc_00015610 ; je 0x15610 mov edi, esi -loc_000157c2: +loc_00015852: mov byte [ebp - 0xa3], dl cmp dl, 0x6e -jne short loc_00015823 ; jne 0x15823 +jne short loc_000158b3 ; jne 0x158b3 mov edx, dword [ebx] test edx, edx -je loc_000160df ; je 0x160df +je loc_0001616f ; je 0x1616f cmp al, 0x68 -jne short loc_000157e9 ; jne 0x157e9 +jne short loc_00015879 ; jne 0x15879 mov eax, dword [ebp - 0xd4] mov word [edx], ax -jmp near loc_000160df ; jmp 0x160df +jmp near loc_0001616f ; jmp 0x1616f -loc_000157e9: +loc_00015879: cmp al, 0x69 -jne short loc_000157fa ; jne 0x157fa +jne short loc_0001588a ; jne 0x1588a mov al, byte [ebp - 0xd4] mov byte [edx], al -jmp near loc_000160df ; jmp 0x160df +jmp near loc_0001616f ; jmp 0x1616f -loc_000157fa: +loc_0001588a: cmp al, 0x6c -je short loc_00015816 ; je 0x15816 +je short loc_000158a6 ; je 0x158a6 cmp al, 0x6a -jne short loc_00015816 ; jne 0x15816 +jne short loc_000158a6 ; jne 0x158a6 mov eax, dword [ebp - 0xd4] mov dword [edx + 4], 0 mov dword [edx], eax -jmp near loc_000160df ; jmp 0x160df +jmp near loc_0001616f ; jmp 0x1616f -loc_00015816: +loc_000158a6: mov eax, dword [ebp - 0xd4] mov dword [edx], eax -jmp near loc_000160df ; jmp 0x160df +jmp near loc_0001616f ; jmp 0x1616f -loc_00015823: +loc_000158b3: cmp dl, 0x25 -jne short loc_00015850 ; jne 0x15850 +jne short loc_000158e0 ; jne 0x158e0 push eax xor ecx, ecx push eax @@ -35247,28 +35304,28 @@ push 0 push 0 push 0 lea edx, [ebp + 0xc] -call fcn_0001544e ; call 0x1544e +call fcn_000154de ; call 0x154de add esp, 0x20 -jmp near loc_00016095 ; jmp 0x16095 +jmp near loc_00016125 ; jmp 0x16125 -loc_00015850: +loc_000158e0: mov esi, edx and esi, 0xffffffdf mov ecx, esi cmp cl, 0x43 -jne short loc_000158d4 ; jne 0x158d4 +jne short loc_00015964 ; jne 0x15964 cmp dl, 0x63 -jne short loc_0001586e ; jne 0x1586e +jne short loc_000158fe ; jne 0x158fe mov eax, dword [ebx] add ebx, 4 mov byte [ebp - 0x9a], al -jmp short loc_0001587a ; jmp 0x1587a +jmp short loc_0001590a ; jmp 0x1590a -loc_0001586e: +loc_000158fe: mov al, byte [ebp - 0xb8] mov byte [ebp - 0x9a], al -loc_0001587a: +loc_0001590a: mov esi, dword [ebp - 0xc0] mov eax, 1 test esi, esi @@ -35278,7 +35335,7 @@ cmovg eax, esi xor esi, esi mov dword [ebp - 0xb0], eax -loc_00015897: +loc_00015927: push eax xor ecx, ecx push eax @@ -35291,42 +35348,42 @@ push 0 push 0 push 0 lea edx, [ebp + 0xc] -call fcn_0001544e ; call 0x1544e +call fcn_000154de ; call 0x154de add esp, 0x20 cmp eax, 0xffffffff -je loc_00015580 ; je 0x15580 +je loc_00015610 ; je 0x15610 add esi, eax dec dword [ebp - 0xb0] -jne short loc_00015897 ; jne 0x15897 +jne short loc_00015927 ; jne 0x15927 mov eax, esi -jmp near loc_00016095 ; jmp 0x16095 +jmp near loc_00016125 ; jmp 0x16125 -loc_000158d4: +loc_00015964: cmp dl, 0x73 -jne loc_0001596b ; jne 0x1596b +jne loc_000159fb ; jne 0x159fb lea eax, [ebx + 4] -mov edx, ref_000253a7 ; mov edx, 0x253a7 +mov edx, ref_00025456 ; mov edx, 0x25456 mov dword [ebp - 0xb0], eax mov eax, dword [ebx] test eax, eax cmove eax, edx mov edx, eax -loc_000158f4: +loc_00015984: cmp byte [edx], 0 -je short loc_000158fc ; je 0x158fc +je short loc_0001598c ; je 0x1598c inc edx -jmp short loc_000158f4 ; jmp 0x158f4 +jmp short loc_00015984 ; jmp 0x15984 -loc_000158fc: +loc_0001598c: mov ebx, dword [ebp - 0xc0] sub edx, eax test ebx, ebx -js short loc_0001590d ; js 0x1590d +js short loc_0001599d ; js 0x1599d cmp edx, ebx cmovg edx, ebx -loc_0001590d: +loc_0001599d: mov esi, dword [ebp - 0xc4] xor ecx, ecx mov ebx, esi @@ -35336,13 +35393,13 @@ mov esi, dword [ebp - 0xb4] cmovl ecx, ebx xor ebx, ebx and esi, 4 -je short loc_0001592f ; je 0x1592f +je short loc_000159bf ; je 0x159bf mov ebx, ecx xor ecx, ecx -loc_0001592f: +loc_000159bf: test byte [ebp - 0xb4], 0x40 -je short loc_00015947 ; je 0x15947 +je short loc_000159d7 ; je 0x159d7 add ebx, ecx xor ecx, ecx test esi, esi @@ -35351,7 +35408,7 @@ add ecx, ebx sar ecx, 1 sub ebx, ecx -loc_00015947: +loc_000159d7: push esi push esi push ebx @@ -35362,47 +35419,47 @@ push 0 push 0 push 0 lea edx, [ebp + 0xc] -call fcn_0001544e ; call 0x1544e +call fcn_000154de ; call 0x154de add esp, 0x20 mov ebx, dword [ebp - 0xb0] -jmp near loc_00016095 ; jmp 0x16095 +jmp near loc_00016125 ; jmp 0x16125 -loc_0001596b: +loc_000159fb: cmp dl, 0x70 -jne short loc_00015997 ; jne 0x15997 +jne short loc_00015a27 ; jne 0x15a27 mov byte [ebp - 0xa3], 0x58 xor eax, eax mov dword [ebp - 0xc0], 8 mov dword [ebp - 0xc4], 8 mov dword [ebp - 0xb4], 0x28 -loc_00015997: +loc_00015a27: mov dl, byte [ebp - 0xa3] cmp dl, 0x69 sete cl mov byte [ebp - 0xc8], dl mov byte [ebp - 0xd8], cl cmp dl, 0x64 -je short loc_000159bf ; je 0x159bf +je short loc_00015a4f ; je 0x15a4f test cl, cl -jne short loc_000159bf ; jne 0x159bf +jne short loc_00015a4f ; jne 0x15a4f xor esi, esi cmp dl, 0x49 -jne short loc_000159ee ; jne 0x159ee +jne short loc_00015a7e ; jne 0x15a7e -loc_000159bf: +loc_00015a4f: mov dl, byte [ebp - 0xc8] mov esi, 0xa and dword [ebp - 0xb4], 0xfffffff7 or dword [ebp - 0xb4], 0x80 and edx, 0xffffffdf cmp dl, 0x49 -jne short loc_000159ee ; jne 0x159ee +jne short loc_00015a7e ; jne 0x15a7e mov ecx, dword [ebp - 0xb0] test ecx, ecx cmovne esi, ecx -loc_000159ee: +loc_00015a7e: mov dl, byte [ebp - 0xc8] and edx, 0xffffffdf cmp dl, 0x58 @@ -35412,68 +35469,68 @@ mov byte [ebp - 0xbc], cl mov ecx, 0x10 cmovne esi, ecx cmp dl, 0x55 -jne short loc_00015a22 ; jne 0x15a22 +jne short loc_00015ab2 ; jne 0x15ab2 mov ecx, dword [ebp - 0xb0] mov esi, 0xa test ecx, ecx cmovne esi, ecx -loc_00015a22: +loc_00015ab2: mov cl, byte [ebp - 0xc8] cmp cl, 0x6f -je short loc_00015a3c ; je 0x15a3c +je short loc_00015acc ; je 0x15acc cmp cl, 0x62 -je short loc_00015a43 ; je 0x15a43 +je short loc_00015ad3 ; je 0x15ad3 cmp esi, 1 -ja short loc_00015a48 ; ja 0x15a48 -jmp near loc_00015580 ; jmp 0x15580 +ja short loc_00015ad8 ; ja 0x15ad8 +jmp near loc_00015610 ; jmp 0x15610 -loc_00015a3c: +loc_00015acc: mov esi, 8 -jmp short loc_00015a48 ; jmp 0x15a48 +jmp short loc_00015ad8 ; jmp 0x15ad8 -loc_00015a43: +loc_00015ad3: mov esi, 2 -loc_00015a48: +loc_00015ad8: test byte [ebp - 0xb4], 0x80 -je loc_00015b0d ; je 0x15b0d +je loc_00015b9d ; je 0x15b9d cmp al, 0x6c -jne short loc_00015a5e ; jne 0x15a5e +jne short loc_00015aee ; jne 0x15aee lea eax, [ebx + 4] -jmp short loc_00015a65 ; jmp 0x15a65 +jmp short loc_00015af5 ; jmp 0x15af5 -loc_00015a5e: +loc_00015aee: cmp al, 0x6a -jne short loc_00015a6f ; jne 0x15a6f +jne short loc_00015aff ; jne 0x15aff lea eax, [ebx + 8] -loc_00015a65: +loc_00015af5: mov dword [ebp - 0xb8], eax -loc_00015a6b: +loc_00015afb: mov edx, dword [ebx] -jmp short loc_00015a93 ; jmp 0x15a93 +jmp short loc_00015b23 ; jmp 0x15b23 -loc_00015a6f: +loc_00015aff: lea edx, [ebx + 4] cmp al, 0x7a mov dword [ebp - 0xb8], edx -je short loc_00015a6b ; je 0x15a6b +je short loc_00015afb ; je 0x15afb mov edx, dword [ebx] cmp al, 0x74 -je short loc_00015a93 ; je 0x15a93 +je short loc_00015b23 ; je 0x15b23 cmp al, 0x68 -jne short loc_00015a8b ; jne 0x15a8b +jne short loc_00015b1b ; jne 0x15b1b movsx edx, dx -jmp short loc_00015a93 ; jmp 0x15a93 +jmp short loc_00015b23 ; jmp 0x15b23 -loc_00015a8b: +loc_00015b1b: movsx ecx, dl cmp al, 0x69 cmove edx, ecx -loc_00015a93: +loc_00015b23: mov ecx, edx sar ecx, 0x1f mov eax, ecx @@ -35483,158 +35540,158 @@ mov dword [ebp - 0xb0], eax sar eax, 0x1f mov dword [ebp - 0xac], eax test edx, edx -jns short loc_00015aba ; jns 0x15aba +jns short loc_00015b4a ; jns 0x15b4a mov byte [ebp - 0xa2], 0x2d -jmp short loc_00015ae0 ; jmp 0x15ae0 +jmp short loc_00015b70 ; jmp 0x15b70 -loc_00015aba: +loc_00015b4a: test byte [ebp - 0xb4], 2 -je short loc_00015acc ; je 0x15acc +je short loc_00015b5c ; je 0x15b5c mov byte [ebp - 0xa2], 0x2b -jmp short loc_00015ae0 ; jmp 0x15ae0 +jmp short loc_00015b70 ; jmp 0x15b70 -loc_00015acc: +loc_00015b5c: mov eax, dword [ebp - 0xb4] and eax, 1 neg eax and eax, 0x20 mov byte [ebp - 0xa2], al -loc_00015ae0: +loc_00015b70: cmp byte [ebp - 0xa2], 0 mov dword [ebp - 0xd0], 0 -je loc_00015bc4 ; je 0x15bc4 +je loc_00015c54 ; je 0x15c54 or dword [ebp - 0xb4], 8 mov dword [ebp - 0xd0], 1 -jmp near loc_00015bc4 ; jmp 0x15bc4 +jmp near loc_00015c54 ; jmp 0x15c54 -loc_00015b0d: +loc_00015b9d: cmp al, 0x6c -jne short loc_00015b20 ; jne 0x15b20 +jne short loc_00015bb0 ; jne 0x15bb0 lea eax, [ebx + 4] xor edx, edx mov dword [ebp - 0xb8], eax mov eax, dword [ebx] -jmp short loc_00015b32 ; jmp 0x15b32 +jmp short loc_00015bc2 ; jmp 0x15bc2 -loc_00015b20: +loc_00015bb0: cmp al, 0x6a -jne short loc_00015b40 ; jne 0x15b40 +jne short loc_00015bd0 ; jne 0x15bd0 lea eax, [ebx + 8] mov edx, dword [ebx + 4] mov dword [ebp - 0xb8], eax mov eax, dword [ebx] -loc_00015b32: +loc_00015bc2: mov dword [ebp - 0xb0], eax mov dword [ebp - 0xac], edx -jmp short loc_00015bb3 ; jmp 0x15bb3 +jmp short loc_00015c43 ; jmp 0x15c43 -loc_00015b40: +loc_00015bd0: lea edx, [ebx + 4] cmp al, 0x7a mov dword [ebp - 0xb8], edx -jne short loc_00015b60 ; jne 0x15b60 +jne short loc_00015bf0 ; jne 0x15bf0 mov eax, dword [ebx] mov dword [ebp - 0xb0], eax sar eax, 0x1f mov dword [ebp - 0xac], eax -jmp short loc_00015bb3 ; jmp 0x15bb3 +jmp short loc_00015c43 ; jmp 0x15c43 -loc_00015b60: +loc_00015bf0: cmp al, 0x74 -jne short loc_00015b77 ; jne 0x15b77 +jne short loc_00015c07 ; jne 0x15c07 mov eax, dword [ebx] mov dword [ebp - 0xb0], eax sar eax, 0x1f mov dword [ebp - 0xac], eax -jmp short loc_00015bb3 ; jmp 0x15bb3 +jmp short loc_00015c43 ; jmp 0x15c43 -loc_00015b77: +loc_00015c07: mov edx, dword [ebx] mov dword [ebp - 0xac], 0 mov dword [ebp - 0xb0], edx cmp al, 0x68 -jne short loc_00015b98 ; jne 0x15b98 +jne short loc_00015c28 ; jne 0x15c28 movzx edx, dx mov dword [ebp - 0xb0], edx -jmp short loc_00015ba9 ; jmp 0x15ba9 +jmp short loc_00015c39 ; jmp 0x15c39 -loc_00015b98: +loc_00015c28: cmp al, 0x69 -jne short loc_00015bb3 ; jne 0x15bb3 +jne short loc_00015c43 ; jne 0x15c43 movzx eax, byte [ebp - 0xb0] mov dword [ebp - 0xb0], eax -loc_00015ba9: +loc_00015c39: mov dword [ebp - 0xac], 0 -loc_00015bb3: +loc_00015c43: mov byte [ebp - 0xa2], 0x30 mov dword [ebp - 0xd0], 0 -loc_00015bc4: +loc_00015c54: mov eax, dword [ebp - 0xb0] mov edx, dword [ebp - 0xac] mov ebx, eax or ebx, edx setne al -je short loc_00015bf2 ; je 0x15bf2 +je short loc_00015c82 ; je 0x15c82 cmp byte [ebp - 0xc8], 0x6f mov edx, 1 cmovne edx, dword [ebp - 0xd0] mov dword [ebp - 0xd0], edx -loc_00015bf2: +loc_00015c82: cmp byte [ebp - 0xbc], 0 -jne short loc_00015c04 ; jne 0x15c04 +jne short loc_00015c94 ; jne 0x15c94 cmp byte [ebp - 0xc8], 0x62 -jne short loc_00015c32 ; jne 0x15c32 +jne short loc_00015cc2 ; jne 0x15cc2 -loc_00015c04: +loc_00015c94: test byte [ebp - 0xb4], 0x20 -jne short loc_00015c19 ; jne 0x15c19 +jne short loc_00015ca9 ; jne 0x15ca9 test al, al -je short loc_00015c32 ; je 0x15c32 +je short loc_00015cc2 ; je 0x15cc2 mov al, byte [ebp - 0xc8] -jmp short loc_00015c22 ; jmp 0x15c22 +jmp short loc_00015cb2 ; jmp 0x15cb2 -loc_00015c19: +loc_00015ca9: mov al, byte [ebp - 0xc8] or eax, 0x20 -loc_00015c22: +loc_00015cb2: mov byte [ebp - 0xa1], al mov dword [ebp - 0xd0], 2 -loc_00015c32: +loc_00015cc2: test byte [ebp - 0xb4], 8 -je short loc_00015c49 ; je 0x15c49 +je short loc_00015cd9 ; je 0x15cd9 lea eax, [ebp - 0xa2] mov dword [ebp - 0xec], eax -jmp short loc_00015c5d ; jmp 0x15c5d +jmp short loc_00015ced ; jmp 0x15ced -loc_00015c49: +loc_00015cd9: mov dword [ebp - 0xec], 0 mov dword [ebp - 0xd0], 0 -loc_00015c5d: +loc_00015ced: cmp esi, 0xa -jne short loc_00015cc8 ; jne 0x15cc8 +jne short loc_00015d58 ; jne 0x15d58 mov dword [ebp - 0xbc], 0 lea esi, [ebp - 0xa0] -loc_00015c72: +loc_00015d02: mov edx, dword [ebp - 0xac] mov eax, dword [ebp - 0xb0] mov ebx, edx or ebx, eax -je loc_00015e16 ; je 0x15e16 +je loc_00015ea6 ; je 0x15ea6 push esi push 0xa push dword [ebp - 0xac] push dword [ebp - 0xb0] -call fcn_0001743e ; call 0x1743e +call fcn_00017502 ; call 0x17502 mov bl, byte [ebp - 0xa0] add esp, 0x10 inc dword [ebp - 0xbc] @@ -35644,58 +35701,58 @@ mov dword [ebp - 0xac], edx lea edx, [ebx + 0x30] neg eax mov byte [eax + ebp - 0x18], dl -jmp short loc_00015c72 ; jmp 0x15c72 +jmp short loc_00015d02 ; jmp 0x15d02 -loc_00015cc8: +loc_00015d58: cmp byte [ebp - 0xc8], 0x75 sete byte [ebp - 0xdc] cmp esi, 8 sete dl cmp esi, 2 -je short loc_00015cf9 ; je 0x15cf9 +je short loc_00015d89 ; je 0x15d89 test dl, dl -jne short loc_00015cf9 ; jne 0x15cf9 +jne short loc_00015d89 ; jne 0x15d89 cmp esi, 0x10 -je short loc_00015cf9 ; je 0x15cf9 +je short loc_00015d89 ; je 0x15d89 mov dword [ebp - 0xbc], 0 -jmp near loc_00015dfd ; jmp 0x15dfd +jmp near loc_00015e8d ; jmp 0x15e8d -loc_00015cf9: +loc_00015d89: lea eax, [esi - 1] cmp esi, 0x10 -je short loc_00015d0e ; je 0x15d0e +je short loc_00015d9e ; je 0x15d9e cmp dl, 1 sbb ecx, ecx and ecx, 0xfffffffe add ecx, 3 -jmp short loc_00015d13 ; jmp 0x15d13 +jmp short loc_00015da3 ; jmp 0x15da3 -loc_00015d0e: +loc_00015d9e: mov ecx, 4 -loc_00015d13: +loc_00015da3: mov dword [ebp - 0xbc], 0 -loc_00015d1d: +loc_00015dad: mov esi, dword [ebp - 0xac] mov ebx, dword [ebp - 0xb0] mov edx, esi or edx, ebx -je loc_00015e16 ; je 0x15e16 +je loc_00015ea6 ; je 0x15ea6 mov edx, dword [ebp - 0xb0] and edx, eax cmp byte [ebp - 0xc8], 0x78 -mov dl, byte [edx + ref_00020464] ; mov dl, byte [edx + 0x20464] -je short loc_00015d5c ; je 0x15d5c +mov dl, byte [edx + ref_000204f4] ; mov dl, byte [edx + 0x204f4] +je short loc_00015dec ; je 0x15dec cmp byte [ebp - 0xd8], 0 -jne short loc_00015d5c ; jne 0x15d5c +jne short loc_00015dec ; jne 0x15dec cmp byte [ebp - 0xdc], 0 -je short loc_00015d5f ; je 0x15d5f +je short loc_00015def ; je 0x15def -loc_00015d5c: +loc_00015dec: or edx, 0x20 -loc_00015d5f: +loc_00015def: inc dword [ebp - 0xbc] mov esi, dword [ebp - 0xbc] mov ebx, dword [ebp - 0xb0] @@ -35710,22 +35767,22 @@ cmovne ebx, esi cmovne esi, edx mov dword [ebp - 0xb0], ebx mov dword [ebp - 0xac], esi -jmp short loc_00015d1d ; jmp 0x15d1d +jmp short loc_00015dad ; jmp 0x15dad -loc_00015d9b: +loc_00015e2b: push eax push esi push dword [ebp - 0xac] push dword [ebp - 0xb0] -call fcn_000173ac ; call 0x173ac +call fcn_00017470 ; call 0x17470 add esp, 0x10 cmp byte [ebp - 0xdc], 0 -mov al, byte [eax + ref_00020464] ; mov al, byte [eax + 0x20464] -jne short loc_00015e11 ; jne 0x15e11 +mov al, byte [eax + ref_000204f4] ; mov al, byte [eax + 0x204f4] +jne short loc_00015ea1 ; jne 0x15ea1 cmp byte [ebp - 0xd8], 0 -jne short loc_00015e11 ; jne 0x15e11 +jne short loc_00015ea1 ; jne 0x15ea1 -loc_00015dc9: +loc_00015e59: inc dword [ebp - 0xbc] mov edx, dword [ebp - 0xbc] neg edx @@ -35734,27 +35791,27 @@ push eax push esi push dword [ebp - 0xac] push dword [ebp - 0xb0] -call fcn_000173f5 ; call 0x173f5 +call fcn_000174b9 ; call 0x174b9 add esp, 0x10 mov dword [ebp - 0xb0], eax mov dword [ebp - 0xac], edx -loc_00015dfd: +loc_00015e8d: mov edx, dword [ebp - 0xac] mov eax, dword [ebp - 0xb0] mov ebx, edx or ebx, eax -jne short loc_00015d9b ; jne 0x15d9b -jmp short loc_00015e16 ; jmp 0x15e16 +jne short loc_00015e2b ; jne 0x15e2b +jmp short loc_00015ea6 ; jmp 0x15ea6 -loc_00015e11: +loc_00015ea1: or eax, 0x20 -jmp short loc_00015dc9 ; jmp 0x15dc9 +jmp short loc_00015e59 ; jmp 0x15e59 -loc_00015e16: +loc_00015ea6: cmp dword [ebp - 0xcc], 0 mov dword [ebp - 0xe8], 0 -je loc_00015fd0 ; je 0x15fd0 +je loc_00016060 ; je 0x16060 mov eax, dword [ebp - 0xe0] mov ebx, dword [ebp - 0xcc] mov ecx, dword [ebp - 0xbc] @@ -35766,41 +35823,41 @@ xor eax, eax mov dword [ebp - 0xb0], ecx mov byte [ebp - 0xe4], 0 -loc_00015e68: +loc_00015ef8: cmp dword [ebp - 0xb0], 0 -je loc_00015fd0 ; je 0x15fd0 +je loc_00016060 ; je 0x16060 cmp dword [ebp - 0xcc], 0 -je loc_000160d2 ; je 0x160d2 +je loc_00016162 ; je 0x16162 mov ebx, dword [ebp - 0xd8] mov al, byte [ebx] cmp al, 0x2d -je loc_00015fd0 ; je 0x15fd0 +je loc_00016060 ; je 0x16060 cmp al, 0x2a -je short loc_00015eb3 ; je 0x15eb3 +je short loc_00015f43 ; je 0x15f43 mov ecx, dword [ebp - 0xcc] mov edx, 1 xor eax, eax sub ebx, ecx mov dword [ebp - 0xdc], ecx mov dword [ebp - 0xe4], ebx -jmp short loc_00015f03 ; jmp 0x15f03 +jmp short loc_00015f93 ; jmp 0x15f93 -loc_00015eb3: +loc_00015f43: mov eax, dword [ebp - 0xb8] lea esi, [eax + 4] mov eax, dword [eax] test eax, eax -js loc_00015fca ; js 0x15fca +js loc_0001605a ; js 0x1605a mov ecx, dword [ebp - 0xd8] mov edx, dword [ebp - 0xcc] mov dword [ebp - 0xb8], esi dec ecx dec edx mov dword [ebp - 0xdc], edx -jne short loc_00015f39 ; jne 0x15f39 -jmp near loc_00015fd0 ; jmp 0x15fd0 +jne short loc_00015fc9 ; jne 0x15fc9 +jmp near loc_00016060 ; jmp 0x16060 -loc_00015ee7: +loc_00015f77: movsx esi, bl sub esi, 0x30 imul esi, edx @@ -35808,9 +35865,9 @@ imul ebx, edx, 0xa add eax, esi dec dword [ebp - 0xdc] mov edx, ebx -je loc_00015fd0 ; je 0x15fd0 +je loc_00016060 ; je 0x16060 -loc_00015f03: +loc_00015f93: mov ebx, dword [ebp - 0xdc] mov esi, dword [ebp - 0xe4] mov dword [ebp - 0xf0], eax @@ -35824,9 +35881,9 @@ sub esi, 0x30 mov eax, esi cmp al, 9 mov eax, dword [ebp - 0xf0] -jbe short loc_00015ee7 ; jbe 0x15ee7 +jbe short loc_00015f77 ; jbe 0x15f77 -loc_00015f39: +loc_00015fc9: mov dl, byte [ecx] lea ebx, [ecx - 1] mov ecx, dword [ebp - 0xdc] @@ -35835,26 +35892,26 @@ mov byte [ebp - 0xe4], dl dec ecx mov dword [ebp - 0xcc], ecx test eax, eax -je short loc_00015fbb ; je 0x15fbb +je short loc_0001604b ; je 0x1604b -loc_00015f5b: +loc_00015feb: mov esi, dword [ebp - 0xb0] cmp esi, eax -jle short loc_00015fd0 ; jle 0x15fd0 +jle short loc_00016060 ; jle 0x16060 lea ecx, [ebp - 0x9a] sub esi, eax add ecx, dword [ebp - 0xc8] xor edx, edx -loc_00015f75: +loc_00016005: cmp edx, esi -je short loc_00015f83 ; je 0x15f83 +je short loc_00016013 ; je 0x16013 mov bl, byte [ecx + edx] mov byte [ecx + edx - 1], bl inc edx -jmp short loc_00015f75 ; jmp 0x15f75 +jmp short loc_00016005 ; jmp 0x16005 -loc_00015f83: +loc_00016013: mov ecx, dword [ebp - 0xb0] dec dword [ebp - 0xc8] add ecx, dword [ebp - 0xc8] @@ -35864,26 +35921,26 @@ sub ecx, eax inc dword [ebp - 0xe8] mov byte [ebp + ecx - 0x9a], bl mov dword [ebp - 0xb0], edx -jmp near loc_00015e68 ; jmp 0x15e68 +jmp near loc_00015ef8 ; jmp 0x15ef8 -loc_00015fbb: +loc_0001604b: cmp dword [ebp - 0xcc], 0 -jne loc_00015e68 ; jne 0x15e68 -jmp short loc_00015fd0 ; jmp 0x15fd0 +jne loc_00015ef8 ; jne 0x15ef8 +jmp short loc_00016060 ; jmp 0x16060 -loc_00015fca: +loc_0001605a: mov dword [ebp - 0xb8], esi -loc_00015fd0: +loc_00016060: cmp dword [ebp - 0xc0], 0 -js short loc_00015fe2 ; js 0x15fe2 +js short loc_00016072 ; js 0x16072 and dword [ebp - 0xb4], 0xffffffef -jmp short loc_00015fec ; jmp 0x15fec +jmp short loc_0001607c ; jmp 0x1607c -loc_00015fe2: +loc_00016072: mov dword [ebp - 0xc0], 1 -loc_00015fec: +loc_0001607c: mov ebx, dword [ebp - 0xbc] mov eax, dword [ebp - 0xc0] add eax, dword [ebp - 0xe8] @@ -35901,13 +35958,13 @@ cmovl ecx, edx mov edx, dword [ebp - 0xb4] xor eax, eax and edx, 4 -je short loc_0001602f ; je 0x1602f +je short loc_000160bf ; je 0x160bf mov eax, ecx xor ecx, ecx -loc_0001602f: +loc_000160bf: test byte [ebp - 0xb4], 0x40 -je short loc_00016047 ; je 0x16047 +je short loc_000160d7 ; je 0x160d7 add eax, ecx xor ecx, ecx test edx, edx @@ -35916,15 +35973,15 @@ add ecx, eax sar ecx, 1 sub eax, ecx -loc_00016047: +loc_000160d7: sub esi, dword [ebp - 0xbc] mov edx, esi test byte [ebp - 0xb4], 0x10 -je short loc_0001605c ; je 0x1605c +je short loc_000160ec ; je 0x160ec add edx, ecx xor ecx, ecx -loc_0001605c: +loc_000160ec: mov esi, dword [ebp - 0xbc] push ebx push ebx @@ -35939,45 +35996,45 @@ push edx push dword [ebp - 0xd0] push dword [ebp - 0xec] lea edx, [ebp + 0xc] -call fcn_0001544e ; call 0x1544e +call fcn_000154de ; call 0x154de mov ebx, dword [ebp - 0xb8] add esp, 0x20 -loc_00016095: +loc_00016125: test eax, eax -js loc_00015580 ; js 0x15580 +js loc_00015610 ; js 0x15610 -loc_0001609d: +loc_0001612d: add dword [ebp - 0xd4], eax lea eax, [edi + 1] -jmp near loc_000155a1 ; jmp 0x155a1 +jmp near loc_00015631 ; jmp 0x15631 -loc_000160ab: +loc_0001613b: mov eax, dword [ebp - 0xd4] -jmp short loc_000160e6 ; jmp 0x160e6 +jmp short loc_00016176 ; jmp 0x16176 -loc_000160b3: -sub eax, ref_000204ac ; sub eax, 0x204ac +loc_00016143: +sub eax, ref_0002053c ; sub eax, 0x2053c inc edi -mov eax, dword [eax*4 + ref_0002048c] ; mov eax, dword [eax*4 + 0x2048c] +mov eax, dword [eax*4 + ref_0002051c] ; mov eax, dword [eax*4 + 0x2051c] or dword [ebp - 0xb4], eax -jmp near loc_000155d6 ; jmp 0x155d6 +jmp near loc_00015666 ; jmp 0x15666 -loc_000160cb: +loc_0001615b: mov edi, esi -jmp near loc_00015790 ; jmp 0x15790 +jmp near loc_00015820 ; jmp 0x15820 -loc_000160d2: +loc_00016162: test eax, eax -jne loc_00015f5b ; jne 0x15f5b -jmp near loc_00015fd0 ; jmp 0x15fd0 +jne loc_00015feb ; jne 0x15feb +jmp near loc_00016060 ; jmp 0x16060 -loc_000160df: +loc_0001616f: add ebx, 4 xor eax, eax -jmp short loc_0001609d ; jmp 0x1609d +jmp short loc_0001612d ; jmp 0x1612d -loc_000160e6: +loc_00016176: lea esp, [ebp - 0xc] pop ebx pop esi @@ -35985,9 +36042,9 @@ pop edi pop ebp ret -fcn_000160ee: ; not directly referenced +fcn_0001617e: ; not directly referenced push ebp -mov edx, dword [ref_00029b08] ; mov edx, dword [0x29b08] +mov edx, dword [ref_00029bb8] ; mov edx, dword [0x29bb8] mov ebp, esp mov eax, dword [ebp + 0xc] mov dword [eax], edx @@ -35995,37 +36052,37 @@ xor eax, eax pop ebp ret -fcn_00016100: ; not directly referenced +fcn_00016190: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0xc] pop ebp -mov dword [ref_00029b08], eax ; mov dword [0x29b08], eax +mov dword [ref_00029bb8], eax ; mov dword [0x29bb8], eax xor eax, eax ret -fcn_0001610f: ; not directly referenced +fcn_0001619f: ; not directly referenced push ebp xor eax, eax mov ebp, esp pop ebp ret -fcn_00016116: ; not directly referenced +fcn_000161a6: ; not directly referenced push ebp mov ebp, esp pop ebp -jmp near fcn_0001707a ; jmp 0x1707a +jmp near fcn_0001713e ; jmp 0x1713e -fcn_0001611f: ; not directly referenced +fcn_000161af: ; not directly referenced push ebp mov ebp, esp push ebx mov ebx, eax push edx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00016175 ; je 0x16175 +je short loc_00016205 ; je 0x16205 movzx eax, byte [ebx + 0xf] sub esp, 0xc push eax @@ -36048,17 +36105,17 @@ push eax movzx eax, word [ebx + 4] push eax push dword [ebx] -push ref_000253ae ; push 0x253ae +push ref_0002545d ; push 0x2545d push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x40 -loc_00016175: ; not directly referenced +loc_00016205: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_0001617a: ; not directly referenced +fcn_0001620a: ; not directly referenced push ebp mov ebp, esp push edi @@ -36067,82 +36124,82 @@ push ebx sub esp, 0xc mov ebx, dword [ebp + 0xc] -loc_00016186: ; not directly referenced -mov esi, ref_00029a8c ; mov esi, 0x29a8c +loc_00016216: ; not directly referenced +mov esi, ref_00029b3c ; mov esi, 0x29b3c xor edi, edi -loc_0001618d: ; not directly referenced -cmp edi, dword [ref_00029c00] ; cmp edi, dword [0x29c00] -jae short loc_000161d7 ; jae 0x161d7 +loc_0001621d: ; not directly referenced +cmp edi, dword [ref_00029cb0] ; cmp edi, dword [0x29cb0] +jae short loc_00016267 ; jae 0x16267 push eax add esi, 0xc push eax push dword [ebx + 4] push dword [esi + 0x7c] -call fcn_00016e24 ; call 0x16e24 +call fcn_00016ee8 ; call 0x16ee8 add esp, 0x10 test al, al -je short loc_000161d4 ; je 0x161d4 -call fcn_000153e9 ; call 0x153e9 +je short loc_00016264 ; je 0x16264 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000161ca ; je 0x161ca +je short loc_0001625a ; je 0x1625a push esi -push ref_000204f4 ; push 0x204f4 -push ref_000253e2 ; push 0x253e2 +push ref_00020584 ; push 0x20584 +push ref_00025491 ; push 0x25491 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000161ca: ; not directly referenced +loc_0001625a: ; not directly referenced mov eax, dword [ebx + 4] -call fcn_0001611f ; call 0x1611f -jmp short loc_000161d7 ; jmp 0x161d7 +call fcn_000161af ; call 0x161af +jmp short loc_00016267 ; jmp 0x16267 -loc_000161d4: ; not directly referenced +loc_00016264: ; not directly referenced inc edi -jmp short loc_0001618d ; jmp 0x1618d +jmp short loc_0001621d ; jmp 0x1621d -loc_000161d7: ; not directly referenced -cmp edi, dword [ref_00029c00] ; cmp edi, dword [0x29c00] -jne short loc_00016214 ; jne 0x16214 +loc_00016267: ; not directly referenced +cmp edi, dword [ref_00029cb0] ; cmp edi, dword [0x29cb0] +jne short loc_000162a4 ; jne 0x162a4 cmp edi, 0x13 -jbe short loc_0001620c ; jbe 0x1620c -call fcn_000153e9 ; call 0x153e9 +jbe short loc_0001629c ; jbe 0x1629c +call fcn_00015479 ; call 0x15479 mov ebx, 0x80000009 test al, al -je short loc_0001626c ; je 0x1626c +je short loc_000162fc ; je 0x162fc push ecx -push ref_000204f4 ; push 0x204f4 -push ref_000253f6 ; push 0x253f6 +push ref_00020584 ; push 0x20584 +push ref_000254a5 ; push 0x254a5 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_0001626c ; jmp 0x1626c +jmp short loc_000162fc ; jmp 0x162fc -loc_0001620c: ; not directly referenced +loc_0001629c: ; not directly referenced lea eax, [edi + 1] -mov dword [ref_00029c00], eax ; mov dword [0x29c00], eax +mov dword [ref_00029cb0], eax ; mov dword [0x29cb0], eax -loc_00016214: ; not directly referenced +loc_000162a4: ; not directly referenced imul edi, edi, 0xc mov ecx, 3 mov esi, ebx -add edi, ref_00029b10 ; add edi, 0x29b10 +add edi, ref_00029bc0 ; add edi, 0x29bc0 rep movsd ; rep movsd dword es:[edi], dword ptr [esi] -mov edi, ref_00029c04 ; mov edi, 0x29c04 +mov edi, ref_00029cb4 ; mov edi, 0x29cb4 xor esi, esi -loc_0001622d: ; not directly referenced -cmp esi, dword [ref_00029cf4] ; cmp esi, dword [0x29cf4] -jae short loc_0001625d ; jae 0x1625d +loc_000162bd: ; not directly referenced +cmp esi, dword [ref_00029da4] ; cmp esi, dword [0x29da4] +jae short loc_000162ed ; jae 0x162ed push edx push edx push dword [ebx + 4] push dword [edi + 4] -call fcn_00016e24 ; call 0x16e24 +call fcn_00016ee8 ; call 0x16ee8 add esp, 0x10 test al, al -je short loc_00016257 ; je 0x16257 +je short loc_000162e7 ; je 0x162e7 push eax push dword [ebx + 8] push edi @@ -36150,19 +36207,19 @@ push dword [ebp + 8] call dword [edi + 8] ; ucall add esp, 0x10 -loc_00016257: ; not directly referenced +loc_000162e7: ; not directly referenced inc esi add edi, 0xc -jmp short loc_0001622d ; jmp 0x1622d +jmp short loc_000162bd ; jmp 0x162bd -loc_0001625d: ; not directly referenced +loc_000162ed: ; not directly referenced mov eax, dword [ebx] add ebx, 0xc test eax, eax -jns loc_00016186 ; jns 0x16186 +jns loc_00016216 ; jns 0x16216 xor ebx, ebx -loc_0001626c: ; not directly referenced +loc_000162fc: ; not directly referenced lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -36171,56 +36228,56 @@ pop edi pop ebp ret -fcn_00016276: ; not directly referenced +fcn_00016306: ; not directly referenced push ebp mov ebp, esp push edi push esi -mov esi, ref_00029b10 ; mov esi, 0x29b10 +mov esi, ref_00029bc0 ; mov esi, 0x29bc0 push ebx xor ebx, ebx sub esp, 0xc -loc_00016286: ; not directly referenced -cmp ebx, dword [ref_00029c00] ; cmp ebx, dword [0x29c00] -jae short loc_000162b6 ; jae 0x162b6 +loc_00016316: ; not directly referenced +cmp ebx, dword [ref_00029cb0] ; cmp ebx, dword [0x29cb0] +jae short loc_00016346 ; jae 0x16346 push eax mov edi, esi push eax add esi, 0xc push dword [esi - 8] push dword [ebp + 0xc] -call fcn_00016e24 ; call 0x16e24 +call fcn_00016ee8 ; call 0x16ee8 add esp, 0x10 test al, al -je short loc_000162b3 ; je 0x162b3 +je short loc_00016343 ; je 0x16343 mov eax, dword [ebp + 0x18] mov edx, dword [edi + 8] mov dword [eax], edx xor eax, eax -jmp short loc_000162e4 ; jmp 0x162e4 +jmp short loc_00016374 ; jmp 0x16374 -loc_000162b3: ; not directly referenced +loc_00016343: ; not directly referenced inc ebx -jmp short loc_00016286 ; jmp 0x16286 +jmp short loc_00016316 ; jmp 0x16316 -loc_000162b6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_00016346: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_000162d7 ; je 0x162d7 +je short loc_00016367 ; je 0x16367 push ebx -push ref_000204dc ; push 0x204dc -push ref_00025411 ; push 0x25411 +push ref_0002056c ; push 0x2056c +push ref_000254c0 ; push 0x254c0 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_000162d7: ; not directly referenced +loc_00016367: ; not directly referenced mov eax, dword [ebp + 0xc] -call fcn_0001611f ; call 0x1611f +call fcn_000161af ; call 0x161af mov eax, 0x8000000e -loc_000162e4: ; not directly referenced +loc_00016374: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -36228,7 +36285,7 @@ pop edi pop ebp ret -fcn_000162ec: ; not directly referenced +fcn_0001637c: ; not directly referenced push ebp xor eax, eax mov ebp, esp @@ -36236,49 +36293,49 @@ push edi push esi push ebx sub esp, 0xc -mov ebx, dword [ref_00029cf4] ; mov ebx, dword [0x29cf4] +mov ebx, dword [ref_00029da4] ; mov ebx, dword [0x29da4] imul edx, ebx, 0xc -loc_00016300: ; not directly referenced +loc_00016390: ; not directly referenced cmp ebx, 0x13 -jbe short loc_00016325 ; jbe 0x16325 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_000163b5 ; jbe 0x163b5 +call fcn_00015479 ; call 0x15479 mov esi, 0x80000009 test al, al -je short loc_0001636c ; je 0x1636c +je short loc_000163fc ; je 0x163fc push eax -push ref_000204e8 ; push 0x204e8 -push ref_0002542e ; push 0x2542e +push ref_00020578 ; push 0x20578 +push ref_000254dd ; push 0x254dd push 0x80000000 -jmp short loc_00016364 ; jmp 0x16364 +jmp short loc_000163f4 ; jmp 0x163f4 -loc_00016325: ; not directly referenced +loc_000163b5: ; not directly referenced mov esi, dword [ebp + 0xc] inc ebx mov ecx, 3 -mov dword [ref_00029cf4], ebx ; mov dword [0x29cf4], ebx -lea edi, [eax + edx + ref_00029c04] ; lea edi, [eax + edx + 0x29c04] +mov dword [ref_00029da4], ebx ; mov dword [0x29da4], ebx +lea edi, [eax + edx + ref_00029cb4] ; lea edi, [eax + edx + 0x29cb4] add esi, eax rep movsd ; rep movsd dword es:[edi], dword ptr [esi] mov edi, dword [ebp + 0xc] mov ecx, dword [edi + eax] add eax, 0xc test ecx, ecx -jns short loc_00016300 ; jns 0x16300 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00016390 ; jns 0x16390 +call fcn_00015479 ; call 0x15479 xor esi, esi test al, al -je short loc_0001636c ; je 0x1636c +je short loc_000163fc ; je 0x163fc push ebx -push ref_000204e8 ; push 0x204e8 -push ref_0002544e ; push 0x2544e +push ref_00020578 ; push 0x20578 +push ref_000254fd ; push 0x254fd push 0x40 -loc_00016364: ; not directly referenced -call fcn_000153f7 ; call 0x153f7 +loc_000163f4: ; not directly referenced +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001636c: ; not directly referenced +loc_000163fc: ; not directly referenced lea esp, [ebp - 0xc] mov eax, esi pop ebx @@ -36287,37 +36344,37 @@ pop edi pop ebp ret -fcn_00016376: ; not directly referenced +fcn_00016406: ; not directly referenced push ebp -mov eax, ref_00029a8c ; mov eax, 0x29a8c +mov eax, ref_00029b3c ; mov eax, 0x29b3c mov ebp, esp pop ebp ret -fcn_00016380: +fcn_00016410: push ebp -mov eax, dword [ref_00029b0c] ; mov eax, dword [0x29b0c] +mov eax, dword [ref_00029bbc] ; mov eax, dword [0x29bbc] mov ebp, esp pop ebp ret -fcn_0001638a: ; not directly referenced -mov eax, dword [ref_00029cfc] ; mov eax, dword [0x29cfc] +fcn_0001641a: ; not directly referenced +mov eax, dword [ref_00029dac] ; mov eax, dword [0x29dac] push ebp mov ebp, esp mov edx, dword [ebp + 8] test eax, eax -je short loc_000163a2 ; je 0x163a2 +je short loc_00016432 ; je 0x16432 movzx edx, dl mov dword [ebp + 8], edx pop ebp jmp eax -loc_000163a2: ; not directly referenced +loc_00016432: ; not directly referenced pop ebp ret -fcn_000163a4: +fcn_00016434: push ebp mov ebp, esp push ebx @@ -36325,163 +36382,163 @@ push eax mov ebx, dword [ebp + 8] mov eax, dword [ebx] cmp eax, 0x16 -je short loc_000163cb ; je 0x163cb +je short loc_0001645b ; je 0x1645b push ebx push 0x16 push eax -push ref_0002545f ; push 0x2545f -call fcn_000153ce ; call 0x153ce +push ref_0002550e ; push 0x2550e +call fcn_0001545e ; call 0x1545e add esp, 0x10 xor eax, eax -jmp near loc_00016524 ; jmp 0x16524 +jmp near loc_000165b4 ; jmp 0x165b4 -loc_000163cb: +loc_0001645b: mov eax, dword [ebx + 0xca] push ecx push ecx push 0x270 -push ref_00029a8c ; push 0x29a8c -mov dword [ref_00029cfc], eax ; mov dword [0x29cfc], eax -call fcn_00016f3b ; call 0x16f3b +push ref_00029b3c ; push 0x29b3c +mov dword [ref_00029dac], eax ; mov dword [0x29dac], eax +call fcn_00016fff ; call 0x16fff add esp, 0x10 -mov dword [ref_00029b0c], ebx ; mov dword [0x29b0c], ebx +mov dword [ref_00029bbc], ebx ; mov dword [0x29bbc], ebx cmp dword [ebx + 8], 3 -mov dword [ref_00029a8c], 0xfeaddeaf ; mov dword [0x29a8c], 0xfeaddeaf -jne short loc_00016425 ; jne 0x16425 +mov dword [ref_00029b3c], 0xfeaddeaf ; mov dword [0x29b3c], 0xfeaddeaf +jne short loc_000164b5 ; jne 0x164b5 cmp dword [ebx + 0x8f6], 0 -je short loc_00016425 ; je 0x16425 +je short loc_000164b5 ; je 0x164b5 sub esp, 0xc -push ref_00025483 ; push 0x25483 -call fcn_000153ce ; call 0x153ce +push ref_00025532 ; push 0x25532 +call fcn_0001545e ; call 0x1545e add esp, 0x10 -mov dword [ref_00029b08], 0x11 ; mov dword [0x29b08], 0x11 -jmp short loc_0001642f ; jmp 0x1642f +mov dword [ref_00029bb8], 0x11 ; mov dword [0x29bb8], 0x11 +jmp short loc_000164bf ; jmp 0x164bf -loc_00016425: -mov dword [ref_00029b08], 6 ; mov dword [0x29b08], 6 +loc_000164b5: +mov dword [ref_00029bb8], 6 ; mov dword [0x29bb8], 6 -loc_0001642f: +loc_000164bf: sub esp, 0xc -push ref_00029a88 ; push 0x29a88 -mov dword [ref_00029b14], ref_00028fec ; mov dword [0x29b14], 0x28fec -mov dword [ref_00029c00], 1 ; mov dword [0x29c00], 1 -mov dword [ref_00029ab0], fcn_00016276 ; mov dword [0x29ab0], 0x16276 -mov dword [ref_00029ab8], fcn_000160ee ; mov dword [0x29ab8], 0x160ee -mov dword [ref_00029abc], fcn_00016100 ; mov dword [0x29abc], 0x16100 -mov dword [ref_00029ac0], fcn_0001d4a5 ; mov dword [0x29ac0], 0x1d4a5 -mov dword [ref_00029ac4], fcn_0001d3db ; mov dword [0x29ac4], 0x1d3db -mov dword [ref_00029ab4], fcn_000162ec ; mov dword [0x29ab4], 0x162ec -mov dword [ref_00029aa8], fcn_0001617a ; mov dword [0x29aa8], 0x1617a -mov dword [ref_00029adc], fcn_0001d351 ; mov dword [0x29adc], 0x1d351 -mov dword [ref_00029ae0], fcn_00016116 ; mov dword [0x29ae0], 0x16116 -mov dword [ref_00029b04], fcn_0001610f ; mov dword [0x29b04], 0x1610f -mov dword [ref_00029a88], ref_00029a90 ; mov dword [0x29a88], 0x29a90 -call fcn_00019a38 ; call 0x19a38 +push ref_00029b38 ; push 0x29b38 +mov dword [ref_00029bc4], ref_0002909c ; mov dword [0x29bc4], 0x2909c +mov dword [ref_00029cb0], 1 ; mov dword [0x29cb0], 1 +mov dword [ref_00029b60], fcn_00016306 ; mov dword [0x29b60], 0x16306 +mov dword [ref_00029b68], fcn_0001617e ; mov dword [0x29b68], 0x1617e +mov dword [ref_00029b6c], fcn_00016190 ; mov dword [0x29b6c], 0x16190 +mov dword [ref_00029b70], fcn_0001d569 ; mov dword [0x29b70], 0x1d569 +mov dword [ref_00029b74], fcn_0001d49f ; mov dword [0x29b74], 0x1d49f +mov dword [ref_00029b64], fcn_0001637c ; mov dword [0x29b64], 0x1637c +mov dword [ref_00029b58], fcn_0001620a ; mov dword [0x29b58], 0x1620a +mov dword [ref_00029b8c], fcn_0001d415 ; mov dword [0x29b8c], 0x1d415 +mov dword [ref_00029b90], fcn_000161a6 ; mov dword [0x29b90], 0x161a6 +mov dword [ref_00029bb4], fcn_0001619f ; mov dword [0x29bb4], 0x1619f +mov dword [ref_00029b38], ref_00029b40 ; mov dword [0x29b38], 0x29b40 +call fcn_00019afc ; call 0x19afc pop eax pop edx -push ref_00029a88 ; push 0x29a88 +push ref_00029b38 ; push 0x29b38 push 0 -call fcn_0001adbe ; call 0x1adbe -mov dword [esp], ref_00025493 ; mov dword [esp], 0x25493 -call fcn_000153ce ; call 0x153ce +call fcn_0001ae82 ; call 0x1ae82 +mov dword [esp], ref_00025542 ; mov dword [esp], 0x25542 +call fcn_0001545e ; call 0x1545e pop ecx pop ebx -push ref_00029a88 ; push 0x29a88 +push ref_00029b38 ; push 0x29b38 push 0 -call fcn_00016c36 ; call 0x16c36 -mov dword [esp], ref_000254a8 ; mov dword [esp], 0x254a8 -call fcn_000153ce ; call 0x153ce +call fcn_00016cfa ; call 0x16cfa +mov dword [esp], ref_00025557 ; mov dword [esp], 0x25557 +call fcn_0001545e ; call 0x1545e pop eax pop edx -push ref_00029a88 ; push 0x29a88 +push ref_00029b38 ; push 0x29b38 push 0 -call fcn_0001653b ; call 0x1653b +call fcn_000165cb ; call 0x165cb pop ecx pop ebx -push ref_00029a88 ; push 0x29a88 +push ref_00029b38 ; push 0x29b38 push 0 -call fcn_0001b8a7 ; call 0x1b8a7 +call fcn_0001b96b ; call 0x1b96b pop eax pop edx -push ref_00029a88 ; push 0x29a88 +push ref_00029b38 ; push 0x29b38 push 0 -call fcn_0001b002 ; call 0x1b002 +call fcn_0001b0c6 ; call 0x1b0c6 add esp, 0x10 -mov eax, ref_00029a88 ; mov eax, 0x29a88 +mov eax, ref_00029b38 ; mov eax, 0x29b38 -loc_00016524: +loc_000165b4: mov ebx, dword [ebp - 4] leave ret -fcn_00016529: ; not directly referenced +fcn_000165b9: ; not directly referenced push ebp mov ebp, esp sub esp, 0x14 push dword [ebp + 0x10] -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 xor eax, eax leave ret -fcn_0001653b: +fcn_000165cb: push ebp mov ebp, esp push ebx sub esp, 0x10 -push ref_00028f78 ; push 0x28f78 -call fcn_00019667 ; call 0x19667 +push ref_00029028 ; push 0x29028 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00016590 ; je 0x16590 +je short loc_00016620 ; je 0x16620 test ebx, ebx -jns short loc_00016590 ; jns 0x16590 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00016620 ; jns 0x16620 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001657b ; je 0x1657b +je short loc_0001660b ; je 0x1660b push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001657b: +loc_0001660b: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x42 -push ref_000254bf ; push 0x254bf -call fcn_000153fc ; call 0x153fc +push ref_0002556e ; push 0x2556e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016590: +loc_00016620: mov eax, ebx mov ebx, dword [ebp - 4] leave ret -fcn_00016597: +fcn_00016627: push ebp xor eax, eax mov ebp, esp pop ebp ret -fcn_0001659e: ; not directly referenced +fcn_0001662e: ; not directly referenced push ebp mov ebp, esp pop ebp ret -fcn_000165a3: ; not directly referenced +fcn_00016633: ; not directly referenced push ebp mov ebp, esp pop ebp ret -fcn_000165a8: ; not directly referenced +fcn_00016638: ; not directly referenced push ebp mov ebp, esp push edi @@ -36493,23 +36550,23 @@ mov edx, dword [ebp + 8] mov word [ebp - 0x2a], cx mov dword [ebp - 0x1c], 0x80000007 test esi, esi -je loc_00016671 ; je 0x16671 +je loc_00016701 ; je 0x16701 cmp cx, 0x1ff -ja loc_00016671 ; ja 0x16671 +ja loc_00016701 ; ja 0x16701 mov edi, edx movzx edx, dx add edx, ecx cmp edx, 0x1ff -jg loc_00016671 ; jg 0x16671 +jg loc_00016701 ; jg 0x16701 lea ecx, [edi + esi] movzx eax, al mov ebx, esi mov word [ebp - 0x2c], cx mov dword [ebp - 0x30], eax -loc_000165f6: ; not directly referenced +loc_00016686: ; not directly referenced cmp word [ebp - 0x2c], bx -je short loc_0001666a ; je 0x1666a +je short loc_000166fa ; je 0x166fa mov dx, word [ebp - 0x2a] mov edi, dword [ebp + 0xc] sub edx, esi @@ -36518,18 +36575,18 @@ add edx, ebx mov eax, edx shr ax, 8 cmp ax, cx -je short loc_0001661b ; je 0x1661b +je short loc_000166ab ; je 0x166ab mov byte [edi], al mov al, 1 -jmp short loc_0001661d ; jmp 0x1661d +jmp short loc_000166ad ; jmp 0x166ad -loc_0001661b: ; not directly referenced +loc_000166ab: ; not directly referenced xor eax, eax -loc_0001661d: ; not directly referenced +loc_000166ad: ; not directly referenced dec al movzx edi, dl -jne short loc_00016642 ; jne 0x16642 +jne short loc_000166d2 ; jne 0x166d2 mov eax, dword [ebp + 0xc] cmp byte [eax], 1 push edx @@ -36540,10 +36597,10 @@ and eax, 0xfffffffe push 0 add eax, 0x6e push eax -call fcn_0001a236 ; call 0x1a236 +call fcn_0001a2fa ; call 0x1a2fa add esp, 0x10 -loc_00016642: ; not directly referenced +loc_000166d2: ; not directly referenced shl edi, 8 push eax or edi, dword [ebp - 0x30] @@ -36553,18 +36610,18 @@ push eax push edi mov dword [ebp - 0x34], ebx inc ebx -call fcn_0001a1be ; call 0x1a1be +call fcn_0001a282 ; call 0x1a282 add esp, 0x10 mov edx, dword [ebp - 0x34] mov byte [ebx - 1], al cmp dword [ebp - 0x1c], 0 -je short loc_000165f6 ; je 0x165f6 +je short loc_00016686 ; je 0x16686 mov byte [edx], 0 -loc_0001666a: ; not directly referenced +loc_000166fa: ; not directly referenced mov dword [ebp - 0x1c], 0 -loc_00016671: ; not directly referenced +loc_00016701: ; not directly referenced mov eax, dword [ebp - 0x1c] lea esp, [ebp - 0xc] pop ebx @@ -36573,7 +36630,7 @@ pop edi pop ebp ret -fcn_0001667c: ; not directly referenced +fcn_0001670c: ; not directly referenced push ebp mov ecx, 2 mov ebp, esp @@ -36589,11 +36646,11 @@ push 1 lea edx, [esi + 2] mov byte [ebp - 0x19], 0xff mov dword [ebp - 0x30], eax -call fcn_000165a8 ; call 0x165a8 +call fcn_00016638 ; call 0x16638 add esp, 0x10 mov esi, eax test eax, eax -jne short loc_00016710 ; jne 0x16710 +jne short loc_000167a0 ; jne 0x167a0 mov eax, dword [ebp + 0x18] xor edx, edx mov ecx, dword [ebp + 8] @@ -36606,12 +36663,12 @@ lea eax, [eax + eax*4] add eax, ebx mov dword [ebp - 0x34], eax -loc_000166d3: ; not directly referenced +loc_00016763: ; not directly referenced cmp ebx, dword [ebp - 0x34] -je short loc_00016710 ; je 0x16710 +je short loc_000167a0 ; je 0x167a0 movzx eax, byte [ebx + 4] test dword [ebp - 0x2c], eax -je short loc_0001670b ; je 0x1670b +je short loc_0001679b ; je 0x1679b push eax mov edx, dword [ebp + 0x10] push eax @@ -36624,18 +36681,18 @@ sub ax, word [ebx] movzx eax, ax push eax mov eax, dword [ebp - 0x30] -call fcn_000165a8 ; call 0x165a8 +call fcn_00016638 ; call 0x16638 add esp, 0x10 test eax, eax -je short loc_0001670b ; je 0x1670b +je short loc_0001679b ; je 0x1679b mov esi, eax -jmp short loc_00016710 ; jmp 0x16710 +jmp short loc_000167a0 ; jmp 0x167a0 -loc_0001670b: ; not directly referenced +loc_0001679b: ; not directly referenced add ebx, 5 -jmp short loc_000166d3 ; jmp 0x166d3 +jmp short loc_00016763 ; jmp 0x16763 -loc_00016710: ; not directly referenced +loc_000167a0: ; not directly referenced test esi, esi sete al lea esp, [ebp - 0xc] @@ -36645,25 +36702,25 @@ pop edi pop ebp ret -fcn_0001671d: ; not directly referenced +fcn_000167ad: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001673e ; je 0x1673e +je short loc_000167ce ; je 0x167ce push eax push eax push dword [ebp + 8] push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001673e: ; not directly referenced +loc_000167ce: ; not directly referenced leave ret -fcn_00016740: ; not directly referenced +fcn_000167d0: ; not directly referenced push ebp mov ebp, esp mov edx, dword [ebp + 0x10] @@ -36682,7 +36739,7 @@ movzx edx, dx or eax, edx ret -fcn_0001676e: ; not directly referenced +fcn_000167fe: ; not directly referenced push ebp mov ebp, esp movzx eax, byte [ebp + 0x10] @@ -36698,7 +36755,7 @@ shl eax, 0x14 add eax, edx ret -fcn_00016792: ; not directly referenced +fcn_00016822: ; not directly referenced push ebp mov ebp, esp push ebx @@ -36715,16 +36772,16 @@ movzx eax, al sar bl, 7 push eax and ebx, 2 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea add ebx, 0x75 add esp, 0x10 movzx ebx, bl mov dword [ebp + 8], ebx mov ebx, dword [ebp - 4] leave -jmp near fcn_00018e1d ; jmp 0x18e1d +jmp near fcn_00018ee1 ; jmp 0x18ee1 -fcn_000167d1: ; not directly referenced +fcn_00016861: ; not directly referenced push ebp mov edx, 0xfffff mov ebp, esp @@ -36736,124 +36793,124 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] -loc_000167e8: ; not directly referenced +loc_00016878: ; not directly referenced push ecx push ecx push 0xa push 0x70 mov dword [ebp - 0x1c], edx -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov dword [esp], 0x71 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 add esp, 0x10 mov edx, dword [ebp - 0x1c] test al, al -jns short loc_00016811 ; jns 0x16811 +jns short loc_000168a1 ; jns 0x168a1 dec edx -jne short loc_000167e8 ; jne 0x167e8 -jmp short loc_00016815 ; jmp 0x16815 +jne short loc_00016878 ; jne 0x16878 +jmp short loc_000168a5 ; jmp 0x168a5 -loc_00016811: ; not directly referenced +loc_000168a1: ; not directly referenced test edx, edx -jne short loc_0001688b ; jne 0x1688b +jne short loc_0001691b ; jne 0x1691b -loc_00016815: ; not directly referenced +loc_000168a5: ; not directly referenced push eax push eax push 0xb push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea pop eax pop edx push 0x82 push 0x71 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea pop ecx pop eax push 0xa push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea pop eax pop edx push 0x26 push 0x71 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea pop ecx pop eax push 0xc push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov dword [esp], 0x71 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 pop eax pop edx push 0xd push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov dword [esp], 0x71 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 pop ecx pop eax push 0xb push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea pop eax pop edx push 2 push 0x71 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea add esp, 0x10 -loc_0001688b: ; not directly referenced +loc_0001691b: ; not directly referenced push eax push eax push 0 push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov dword [esp], 0x71 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 mov byte [edi], al pop edx pop ecx push 2 push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov dword [esp], 0x71 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 mov byte [esi], al pop eax pop edx push 4 push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov dword [esp], 0x71 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 mov byte [ebx], al pop ecx pop eax push 7 push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov dword [esp], 0x71 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 mov edx, dword [ebp + 0x14] mov byte [edx], al pop eax pop edx push 8 push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov dword [esp], 0x71 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 mov edx, dword [ebp + 0x18] mov byte [edx], al pop ecx pop eax push 9 push 0x70 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov dword [esp], 0x71 -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 mov edx, dword [ebp + 0x1c] movzx eax, al mov word [edx], ax @@ -36915,106 +36972,121 @@ pop edi pop ebp ret -fcn_000169be: ; not directly referenced +fcn_00016a4e: ; not directly referenced push ebp mov ebp, esp push ebx sub esp, 0x10 push 0xce -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc add esp, 0x10 xor edx, edx movzx ebx, ah xor eax, eax imul ebx, ebx, 0x186a0 test ebx, ebx -je short loc_000169f4 ; je 0x169f4 -call fcn_000177b2 ; call 0x177b2 +je short loc_00016a84 ; je 0x16a84 +call fcn_00017876 ; call 0x17876 push ecx push ebx push edx push eax -call fcn_000173f5 ; call 0x173f5 +call fcn_000174b9 ; call 0x174b9 add esp, 0x10 -loc_000169f4: ; not directly referenced +loc_00016a84: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_000169f9: ; not directly referenced +fcn_00016a89: ; not directly referenced push ebp xor edx, edx mov ebp, esp mov eax, dword [ebp + 8] mov ecx, dword [ebp + 0x10] -loc_00016a04: ; not directly referenced +loc_00016a94: ; not directly referenced cmp edx, dword [ebp + 0xc] -je short loc_00016a10 ; je 0x16a10 +je short loc_00016aa0 ; je 0x16aa0 mov word [eax + edx*2], cx inc edx -jmp short loc_00016a04 ; jmp 0x16a04 +jmp short loc_00016a94 ; jmp 0x16a94 -loc_00016a10: ; not directly referenced +loc_00016aa0: ; not directly referenced pop ebp ret -fcn_00016a12: ; not directly referenced +fcn_00016aa2: ; not directly referenced push ebp xor edx, edx mov ebp, esp mov eax, dword [ebp + 8] mov ecx, dword [ebp + 0x10] -loc_00016a1d: ; not directly referenced +loc_00016aad: ; not directly referenced cmp edx, dword [ebp + 0xc] -je short loc_00016a28 ; je 0x16a28 +je short loc_00016ab8 ; je 0x16ab8 mov dword [eax + edx*4], ecx inc edx -jmp short loc_00016a1d ; jmp 0x16a1d +jmp short loc_00016aad ; jmp 0x16aad -loc_00016a28: ; not directly referenced +loc_00016ab8: ; not directly referenced pop ebp ret -fcn_00016a2a: ; not directly referenced +fcn_00016aba: ; not directly referenced push ebp mov ebp, esp -sub esp, 0x20 -lea eax, [ebp - 8] -mov dword [ebp - 0x14], eax +push edi +sub esp, 0x24 mov eax, dword [ebp + 8] -movq qword [ebp - 0x10], mm0 -movq mm0, qword [eax] -movq qword [ebp - 0x14], mm0 -movq mm0, qword [ebp - 0x10] +mov dword [ebp - 0x18], 0 +mov dword [ebp - 0x14], 0 +mov dword [ebp - 0x20], eax +lea eax, [ebp - 0x10] +mov dword [ebp - 0x1c], eax +movq qword [ebp - 0x18], mm0 +mov edi, dword [ebp - 0x20] +movq mm0, qword [edi] +mov edi, dword [ebp - 0x1c] +movq qword [edi], mm0 +movq mm0, qword [ebp - 0x18] emms -mov eax, dword [ebp - 8] -mov edx, dword [ebp - 4] -leave +mov eax, dword [ebp - 0x10] +mov edx, dword [ebp - 0xc] +add esp, 0x24 +pop edi +pop ebp ret -fcn_00016a52: ; not directly referenced +fcn_00016afd: ; not directly referenced push ebp mov ebp, esp -sub esp, 0x18 +push edi +sub esp, 0x1c mov eax, dword [ebp + 0xc] -mov dword [ebp - 0x18], eax +mov dword [ebp - 0x10], 0 +mov dword [ebp - 0xc], 0 +mov dword [ebp - 0x20], eax mov eax, dword [ebp + 0x10] -mov dword [ebp - 0x14], eax +mov dword [ebp - 0x1c], eax mov eax, dword [ebp + 8] -movq qword [ebp - 8], mm0 -movq mm0, qword [ebp - 0x18] -movq qword [eax], mm0 -movq mm0, qword [ebp - 8] +mov dword [ebp - 0x14], eax +movq qword [ebp - 0x10], mm0 +mov edi, dword [ebp - 0x14] +movq mm0, qword [ebp - 0x20] +movq qword [edi], mm0 +movq mm0, qword [ebp - 0x10] emms -mov eax, dword [ebp - 0x18] -mov edx, dword [ebp - 0x14] -leave +mov eax, dword [ebp - 0x20] +mov edx, dword [ebp - 0x1c] +add esp, 0x1c +pop edi +pop ebp ret -fcn_00016a80: ; not directly referenced +fcn_00016b44: ; not directly referenced push ebp xor eax, eax mov ebp, esp @@ -37022,63 +37094,63 @@ push ebx mov ebx, 0x186a0 sub esp, 0x14 -loc_00016a8e: ; not directly referenced +loc_00016b52: ; not directly referenced test eax, eax -jne short loc_00016adb ; jne 0x16adb +jne short loc_00016b9f ; jne 0x16b9f test ebx, ebx -je short loc_00016adb ; je 0x16adb -call fcn_000153e9 ; call 0x153e9 +je short loc_00016b9f ; je 0x16b9f +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00016ab0 ; je 0x16ab0 +je short loc_00016b74 ; je 0x16b74 push edx push edx -push ref_000254c7 ; push 0x254c7 +push ref_00025576 ; push 0x25576 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016ab0: ; not directly referenced +loc_00016b74: ; not directly referenced clc -loc_00016ab1: ; not directly referenced +loc_00016b75: ; not directly referenced rdrand eax mov dword [ebp - 0xc], eax -jae short loc_00016ab1 ; jae 0x16ab1 -call fcn_000153e9 ; call 0x153e9 +jae short loc_00016b75 ; jae 0x16b75 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00016ad5 ; je 0x16ad5 +je short loc_00016b99 ; je 0x16b99 push eax push dword [ebp - 0xc] -push ref_000254e4 ; push 0x254e4 +push ref_00025593 ; push 0x25593 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016ad5: ; not directly referenced +loc_00016b99: ; not directly referenced mov eax, dword [ebp - 0xc] dec ebx -jmp short loc_00016a8e ; jmp 0x16a8e +jmp short loc_00016b52 ; jmp 0x16b52 -loc_00016adb: ; not directly referenced +loc_00016b9f: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_00016ae0: ; not directly referenced +fcn_00016ba4: ; not directly referenced push ebp xor eax, eax mov ebp, esp pop ebp ret -fcn_00016ae7: ; not directly referenced +fcn_00016bab: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0x14] pop ebp ret -fcn_00016aef: ; not directly referenced +fcn_00016bb3: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -37086,50 +37158,50 @@ mov eax, dword [ebp + 8] cmp dword [ebp + 0xc], 0x41 mov edx, dword [eax + 0x241b] mov edx, dword [edx + 0x1e] -jne short loc_00016b14 ; jne 0x16b14 +jne short loc_00016bd8 ; jne 0x16bd8 sub esp, 0xc push eax call dword [edx + 0xcc] ; ucall add esp, 0x10 -loc_00016b14: ; not directly referenced +loc_00016bd8: ; not directly referenced xor eax, eax leave ret -fcn_00016b18: ; not directly referenced +fcn_00016bdc: ; not directly referenced push ebp mov ebp, esp mov edx, dword [ebp + 8] mov eax, dword [ebp + 0xc] push esi push ebx -mov word [edx + 0x2467], ax +mov word [edx + 0x2468], ax movzx esi, ax mov ebx, eax push edx push edx push esi push 0x80 -call fcn_00018e63 ; call 0x18e63 -call fcn_000153e9 ; call 0x153e9 +call fcn_00018f27 ; call 0x18f27 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00016b59 ; je 0x16b59 +je short loc_00016c1d ; je 0x16c1d push eax push esi -push ref_00025502 ; push 0x25502 +push ref_000255b1 ; push 0x255b1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016b59: ; not directly referenced +loc_00016c1d: ; not directly referenced sub esp, 0xc push 0x48 -call fcn_00016792 ; call 0x16792 +call fcn_00016822 ; call 0x16822 mov dword [esp], 0x49 mov esi, eax -call fcn_00016792 ; call 0x16792 +call fcn_00016822 ; call 0x16822 add esp, 0x10 mov edx, eax mov eax, esi @@ -37137,28 +37209,28 @@ shl edx, 8 movzx esi, al or edx, esi cmp bx, dx -je short loc_00016b59 ; je 0x16b59 +je short loc_00016c1d ; je 0x16c1d lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_00016b8c: ; not directly referenced +fcn_00016c50: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00016bae ; je 0x16bae +je short loc_00016c72 ; je 0x16c72 push eax push dword [ebp + 0xc] -push ref_00025514 ; push 0x25514 +push ref_000255c3 ; push 0x255c3 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016bae: ; not directly referenced +loc_00016c72: ; not directly referenced push eax mov eax, 0x1000 in al, 0x99 @@ -37166,7 +37238,7 @@ pop eax leave ret -fcn_00016bb9: ; not directly referenced +fcn_00016c7d: ; not directly referenced push ebp mov ebp, esp push ebx @@ -37182,32 +37254,32 @@ pop ebx pop ebp ret -fcn_00016bd6: +fcn_00016c9a: push ebp mov ebp, esp push ebx push edx -call fcn_00016380 ; call 0x16380 +call fcn_00016410 ; call 0x16410 mov ebx, dword [eax + 0x14] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00016c19 ; je 0x16c19 +je short loc_00016cdd ; je 0x16cdd cmp dword [ebp + 8], 0xff -ja short loc_00016c01 ; ja 0x16c01 +ja short loc_00016cc5 ; ja 0x16cc5 cmp dword [ebp + 0xc], 0x1f -ja short loc_00016c01 ; ja 0x16c01 +ja short loc_00016cc5 ; ja 0x16cc5 cmp dword [ebp + 0x10], 7 -jbe short loc_00016c19 ; jbe 0x16c19 +jbe short loc_00016cdd ; jbe 0x16cdd -loc_00016c01: +loc_00016cc5: push eax -push ref_00025554 ; push 0x25554 -push 0x319 -push ref_0002558b ; push 0x2558b -call fcn_000153fc ; call 0x153fc +push ref_00025603 ; push 0x25603 +push 0x31a +push ref_0002563a ; push 0x2563a +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016c19: +loc_00016cdd: mov eax, dword [ebp + 0x10] mov edx, dword [ebp + 0xc] shl eax, 0xc @@ -37221,7 +37293,7 @@ shl edx, 0x14 add eax, edx ret -fcn_00016c36: +fcn_00016cfa: push ebp mov ebp, esp push esi @@ -37229,164 +37301,164 @@ push ebx mov ebx, dword [ebp + 0xc] sub esp, 0xc push ebx -call fcn_0001deee ; call 0x1deee +call fcn_0001dfb2 ; call 0x1dfb2 mov esi, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00016c66 ; je 0x16c66 +je short loc_00016d2a ; je 0x16d2a push ecx push ecx -push ref_000255a6 ; push 0x255a6 +push ref_00025655 ; push 0x25655 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016c66: -call fcn_000153f0 ; call 0x153f0 +loc_00016d2a: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00016ca5 ; je 0x16ca5 +je short loc_00016d69 ; je 0x16d69 test esi, esi -jns short loc_00016ca5 ; jns 0x16ca5 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00016d69 ; jns 0x16d69 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00016c90 ; je 0x16c90 +je short loc_00016d54 ; je 0x16d54 push edx push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016c90: +loc_00016d54: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x33 -push ref_000255d4 ; push 0x255d4 -call fcn_000153fc ; call 0x153fc +push ref_00025683 ; push 0x25683 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016ca5: +loc_00016d69: sub esp, 0xc push ebx -call fcn_0001ec6d ; call 0x1ec6d +call fcn_0001ecfb ; call 0x1ecfb mov esi, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00016ccd ; je 0x16ccd +je short loc_00016d91 ; je 0x16d91 push eax push eax -push ref_0002560a ; push 0x2560a +push ref_000256b9 ; push 0x256b9 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016ccd: -call fcn_000153f0 ; call 0x153f0 +loc_00016d91: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00016d0c ; je 0x16d0c +je short loc_00016dd0 ; je 0x16dd0 test esi, esi -jns short loc_00016d0c ; jns 0x16d0c -call fcn_000153e9 ; call 0x153e9 +jns short loc_00016dd0 ; jns 0x16dd0 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00016cf7 ; je 0x16cf7 +je short loc_00016dbb ; je 0x16dbb push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016cf7: +loc_00016dbb: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x3a -push ref_000255d4 ; push 0x255d4 -call fcn_000153fc ; call 0x153fc +push ref_00025683 ; push 0x25683 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016d0c: +loc_00016dd0: sub esp, 0xc push ebx -call fcn_0001eefd ; call 0x1eefd +call fcn_0001ef8b ; call 0x1ef8b mov esi, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00016d34 ; je 0x16d34 +je short loc_00016df8 ; je 0x16df8 push eax push eax -push ref_00025638 ; push 0x25638 +push ref_000256e7 ; push 0x256e7 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016d34: -call fcn_000153f0 ; call 0x153f0 +loc_00016df8: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00016d73 ; je 0x16d73 +je short loc_00016e37 ; je 0x16e37 test esi, esi -jns short loc_00016d73 ; jns 0x16d73 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00016e37 ; jns 0x16e37 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00016d5e ; je 0x16d5e +je short loc_00016e22 ; je 0x16e22 push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016d5e: +loc_00016e22: push esi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x43 -push ref_000255d4 ; push 0x255d4 -call fcn_000153fc ; call 0x153fc +push ref_00025683 ; push 0x25683 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016d73: +loc_00016e37: sub esp, 0xc push ebx -call fcn_0001d4c2 ; call 0x1d4c2 +call fcn_0001d586 ; call 0x1d586 mov ebx, eax -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_00016d9b ; je 0x16d9b +je short loc_00016e5f ; je 0x16e5f push ecx push ecx -push ref_00025665 ; push 0x25665 +push ref_00025714 ; push 0x25714 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016d9b: -call fcn_000153f0 ; call 0x153f0 +loc_00016e5f: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00016dda ; je 0x16dda +je short loc_00016e9e ; je 0x16e9e test ebx, ebx -jns short loc_00016dda ; jns 0x16dda -call fcn_000153e9 ; call 0x153e9 +jns short loc_00016e9e ; jns 0x16e9e +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00016dc5 ; je 0x16dc5 +je short loc_00016e89 ; je 0x16e89 push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00016dc5: +loc_00016e89: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x4a -push ref_000255d4 ; push 0x255d4 -call fcn_000153fc ; call 0x153fc +push ref_00025683 ; push 0x25683 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016dda: +loc_00016e9e: lea esp, [ebp - 8] mov eax, ebx pop ebx @@ -37394,7 +37466,7 @@ pop esi pop ebp ret -fcn_00016de3: +fcn_00016ea7: push ebp mov ebp, esp push esi @@ -37404,20 +37476,20 @@ mov ebx, dword [ebp + 8] sub esp, 0xc push esi add esi, 8 -call fcn_00017329 ; call 0x17329 +call fcn_000173ed ; call 0x173ed add esp, 0xc push edx push eax push ebx -call fcn_00017360 ; call 0x17360 +call fcn_00017424 ; call 0x17424 mov dword [esp], esi -call fcn_00017329 ; call 0x17329 +call fcn_000173ed ; call 0x173ed add esp, 0xc push edx push eax lea eax, [ebx + 8] push eax -call fcn_00017360 ; call 0x17360 +call fcn_00017424 ; call 0x17424 lea esp, [ebp - 8] mov eax, ebx pop ebx @@ -37425,7 +37497,7 @@ pop esi pop ebp ret -fcn_00016e24: +fcn_00016ee8: push ebp mov ebp, esp push edi @@ -37435,22 +37507,22 @@ sub esp, 0x28 mov esi, dword [ebp + 8] push esi add esi, 8 -call fcn_00017329 ; call 0x17329 +call fcn_000173ed ; call 0x173ed mov ebx, eax pop eax push dword [ebp + 0xc] mov dword [ebp - 0x1c], edx -call fcn_00017329 ; call 0x17329 +call fcn_000173ed ; call 0x173ed mov dword [esp], esi mov dword [ebp - 0x20], eax mov dword [ebp - 0x24], edx -call fcn_00017329 ; call 0x17329 +call fcn_000173ed ; call 0x173ed mov edi, eax mov eax, dword [ebp + 0xc] mov esi, edx add eax, 8 mov dword [esp], eax -call fcn_00017329 ; call 0x17329 +call fcn_000173ed ; call 0x173ed mov ecx, dword [ebp - 0x1c] add esp, 0x10 xor eax, edi @@ -37469,131 +37541,131 @@ pop edi pop ebp ret -fcn_00016e8b: ; not directly referenced +fcn_00016f4f: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00016ebc ; je 0x16ebc +je short loc_00016f80 ; je 0x16f80 test bl, 3 -je short loc_00016ebc ; je 0x16ebc +je short loc_00016f80 ; je 0x16f80 push eax -push ref_0002569b ; push 0x2569b +push ref_0002574a ; push 0x2574a push 0x81 -push ref_000256cd ; push 0x256cd -call fcn_000153fc ; call 0x153fc +push ref_0002577c ; push 0x2577c +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016ebc: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00016f80: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00016ee5 ; je 0x16ee5 +je short loc_00016fa9 ; je 0x16fa9 mov eax, ebx neg eax cmp esi, eax -jbe short loc_00016ee5 ; jbe 0x16ee5 +jbe short loc_00016fa9 ; jbe 0x16fa9 push ecx -push ref_0002570f ; push 0x2570f +push ref_000257be ; push 0x257be push 0x82 -push ref_000256cd ; push 0x256cd -call fcn_000153fc ; call 0x153fc +push ref_0002577c ; push 0x2577c +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016ee5: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00016fa9: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00016f0e ; je 0x16f0e +je short loc_00016fd2 ; je 0x16fd2 test esi, 0xf -je short loc_00016f0e ; je 0x16f0e +je short loc_00016fd2 ; je 0x16fd2 push edx -push ref_0002573a ; push 0x2573a +push ref_000257e9 ; push 0x257e9 push 0x83 -push ref_000256cd ; push 0x256cd -call fcn_000153fc ; call 0x153fc +push ref_0002577c ; push 0x2577c +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016f0e: ; not directly referenced +loc_00016fd2: ; not directly referenced and esi, 0xfffffff0 add esi, ebx -loc_00016f13: ; not directly referenced +loc_00016fd7: ; not directly referenced cmp ebx, esi -jae short loc_00016f2e ; jae 0x16f2e +jae short loc_00016ff2 ; jae 0x16ff2 push eax push eax push dword [ebp + 0x10] push ebx -call fcn_00016e24 ; call 0x16e24 +call fcn_00016ee8 ; call 0x16ee8 add esp, 0x10 test al, al -jne short loc_00016f32 ; jne 0x16f32 +jne short loc_00016ff6 ; jne 0x16ff6 add ebx, 0x10 -jmp short loc_00016f13 ; jmp 0x16f13 +jmp short loc_00016fd7 ; jmp 0x16fd7 -loc_00016f2e: ; not directly referenced +loc_00016ff2: ; not directly referenced xor eax, eax -jmp short loc_00016f34 ; jmp 0x16f34 +jmp short loc_00016ff8 ; jmp 0x16ff8 -loc_00016f32: ; not directly referenced +loc_00016ff6: ; not directly referenced mov eax, ebx -loc_00016f34: ; not directly referenced +loc_00016ff8: ; not directly referenced lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_00016f3b: +fcn_00016fff: push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00016f6c ; je 0x16f6c +je short loc_00017030 ; je 0x17030 test ebx, ebx -jne short loc_00016f6c ; jne 0x16f6c +jne short loc_00017030 ; jne 0x17030 test esi, esi -je short loc_00016f6c ; je 0x16f6c +je short loc_00017030 ; je 0x17030 push edx -push ref_00025762 ; push 0x25762 +push ref_00025811 ; push 0x25811 push 0x31 -push ref_0002578a ; push 0x2578a -call fcn_000153fc ; call 0x153fc +push ref_00025839 ; push 0x25839 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016f6c: -call fcn_000153f0 ; call 0x153f0 +loc_00017030: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00016f92 ; je 0x16f92 +je short loc_00017056 ; je 0x17056 mov eax, ebx neg eax cmp esi, eax -jbe short loc_00016f92 ; jbe 0x16f92 +jbe short loc_00017056 ; jbe 0x17056 push eax -push ref_0002570f ; push 0x2570f +push ref_000257be ; push 0x257be push 0x32 -push ref_0002578a ; push 0x2578a -call fcn_000153fc ; call 0x153fc +push ref_00025839 ; push 0x25839 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016f92: +loc_00017056: mov dword [ebp + 0xc], esi mov dword [ebp + 8], ebx lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near loc_00017158 ; jmp 0x17158 +jmp near loc_0001721c ; jmp 0x1721c -fcn_00016fa3: +fcn_00017067: push ebp mov ebp, esp push edi @@ -37604,67 +37676,67 @@ mov edi, dword [ebp + 0x10] mov ebx, dword [ebp + 8] mov esi, dword [ebp + 0xc] test edi, edi -je loc_00017070 ; je 0x17070 +je loc_00017134 ; je 0x17134 cmp ebx, esi -je loc_00017070 ; je 0x17070 -call fcn_000153f0 ; call 0x153f0 +je loc_00017134 ; je 0x17134 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00016fe7 ; je 0x16fe7 +je short loc_000170ab ; je 0x170ab test ebx, ebx -jne short loc_00016fe7 ; jne 0x16fe7 +jne short loc_000170ab ; jne 0x170ab push eax -push ref_000257d0 ; push 0x257d0 +push ref_0002587f ; push 0x2587f push 0x3c -push ref_000257f2 ; push 0x257f2 -call fcn_000153fc ; call 0x153fc +push ref_000258a1 ; push 0x258a1 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00016fe7: -call fcn_000153f0 ; call 0x153f0 +loc_000170ab: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017009 ; je 0x17009 +je short loc_000170cd ; je 0x170cd test esi, esi -jne short loc_00017009 ; jne 0x17009 +jne short loc_000170cd ; jne 0x170cd push ecx -push ref_0002583b ; push 0x2583b +push ref_000258ea ; push 0x258ea push 0x3d -push ref_000257f2 ; push 0x257f2 -call fcn_000153fc ; call 0x153fc +push ref_000258a1 ; push 0x258a1 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017009: -call fcn_000153f0 ; call 0x153f0 +loc_000170cd: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017032 ; je 0x17032 +je short loc_000170f6 ; je 0x170f6 mov eax, ebx lea edx, [edi - 1] not eax cmp edx, eax -jbe short loc_00017032 ; jbe 0x17032 +jbe short loc_000170f6 ; jbe 0x170f6 push edx -push ref_00025858 ; push 0x25858 +push ref_00025907 ; push 0x25907 push 0x3e -push ref_000257f2 ; push 0x257f2 -call fcn_000153fc ; call 0x153fc +push ref_000258a1 ; push 0x258a1 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017032: -call fcn_000153f0 ; call 0x153f0 +loc_000170f6: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001705b ; je 0x1705b +je short loc_0001711f ; je 0x1711f mov eax, esi lea edx, [edi - 1] not eax cmp edx, eax -jbe short loc_0001705b ; jbe 0x1705b +jbe short loc_0001711f ; jbe 0x1711f push eax -push ref_00025890 ; push 0x25890 +push ref_0002593f ; push 0x2593f push 0x3f -push ref_000257f2 ; push 0x257f2 -call fcn_000153fc ; call 0x153fc +push ref_000258a1 ; push 0x258a1 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001705b: +loc_0001711f: mov dword [ebp + 0x10], edi mov dword [ebp + 0xc], esi mov dword [ebp + 8], ebx @@ -37673,9 +37745,9 @@ pop ebx pop esi pop edi pop ebp -jmp near loc_00017105 ; jmp 0x17105 +jmp near loc_000171c9 ; jmp 0x171c9 -loc_00017070: +loc_00017134: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -37684,7 +37756,7 @@ pop edi pop ebp ret -fcn_0001707a: +fcn_0001713e: push ebp mov ebp, esp push edi @@ -37695,41 +37767,41 @@ mov esi, dword [ebp + 0x10] mov ebx, dword [ebp + 8] mov edi, dword [ebp + 0xc] test esi, esi -je short loc_000170fb ; je 0x170fb -call fcn_000153f0 ; call 0x153f0 +je short loc_000171bf ; je 0x171bf +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000170b9 ; je 0x170b9 +je short loc_0001717d ; je 0x1717d mov eax, ebx lea edx, [esi - 1] not eax cmp edx, eax -jbe short loc_000170b9 ; jbe 0x170b9 +jbe short loc_0001717d ; jbe 0x1717d push edx -push ref_00025858 ; push 0x25858 +push ref_00025907 ; push 0x25907 push 0x38 -push ref_000258c3 ; push 0x258c3 -call fcn_000153fc ; call 0x153fc +push ref_00025972 ; push 0x25972 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000170b9: -call fcn_000153f0 ; call 0x153f0 +loc_0001717d: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000170e2 ; je 0x170e2 +je short loc_000171a6 ; je 0x171a6 mov eax, edi lea edx, [esi - 1] not eax cmp edx, eax -jbe short loc_000170e2 ; jbe 0x170e2 +jbe short loc_000171a6 ; jbe 0x171a6 push eax -push ref_00025890 ; push 0x25890 +push ref_0002593f ; push 0x2593f push 0x39 -push ref_000258c3 ; push 0x258c3 -call fcn_000153fc ; call 0x153fc +push ref_00025972 ; push 0x25972 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000170e2: +loc_000171a6: cmp ebx, edi -je short loc_000170fb ; je 0x170fb +je short loc_000171bf ; je 0x171bf mov dword [ebp + 0x10], esi mov dword [ebp + 0xc], edi mov dword [ebp + 8], ebx @@ -37738,9 +37810,9 @@ pop ebx pop esi pop edi pop ebp -jmp near loc_00017122 ; jmp 0x17122 +jmp near loc_000171e6 ; jmp 0x171e6 -loc_000170fb: +loc_000171bf: lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -37749,7 +37821,7 @@ pop edi pop ebp ret -loc_00017105: +loc_000171c9: push esi push edi mov esi, dword [esp + 0xc] @@ -37763,37 +37835,37 @@ pop edi pop esi ret -loc_00017122: +loc_000171e6: push esi push edi mov esi, dword [esp + 0x10] mov edi, dword [esp + 0xc] mov edx, dword [esp + 0x14] cmp edi, esi -je short loc_00017151 ; je 0x17151 +je short loc_00017215 ; je 0x17215 cmp edx, 0 -je short loc_00017151 ; je 0x17151 +je short loc_00017215 ; je 0x17215 lea eax, [esi + edx - 1] cmp esi, edi -jae short loc_0001714c ; jae 0x1714c +jae short loc_00017210 ; jae 0x17210 cmp eax, edi -jb short loc_0001714c ; jb 0x1714c +jb short loc_00017210 ; jb 0x17210 mov esi, eax lea edi, [edi + edx - 1] std -loc_0001714c: +loc_00017210: mov ecx, edx rep movsb ; rep movsb byte es:[edi], byte ptr [esi] cld -loc_00017151: +loc_00017215: mov eax, dword [esp + 0xc] pop edi pop esi ret -loc_00017158: +loc_0001721c: push edi xor eax, eax mov edi, dword [esp + 8] @@ -37809,20 +37881,20 @@ pop eax pop edi ret -fcn_00017175: +fcn_00017239: push ebp mov ebp, esp sub esp, 0x10 mov dword [ebp - 4], 0 -loc_00017182: +loc_00017246: mov eax, dword [ebp - 4] test eax, eax -je short loc_00017182 ; je 0x17182 +je short loc_00017246 ; je 0x17246 leave ret -fcn_0001718b: +fcn_0001724f: push ebp mov ebp, esp push edi @@ -37832,19 +37904,19 @@ sub esp, 0xc mov esi, dword [ebp + 8] mov edi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000171c0 ; je 0x171c0 +je short loc_00017284 ; je 0x17284 cmp ebx, 0x3f -jbe short loc_000171c0 ; jbe 0x171c0 +jbe short loc_00017284 ; jbe 0x17284 push eax -push ref_00025909 ; push 0x25909 +push ref_000259b8 ; push 0x259b8 push 0x27 -push ref_00025914 ; push 0x25914 -call fcn_000153fc ; call 0x153fc +push ref_000259c3 ; push 0x259c3 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000171c0: +loc_00017284: mov dword [ebp + 0x10], ebx mov dword [ebp + 8], esi mov dword [ebp + 0xc], edi @@ -37853,52 +37925,52 @@ pop ebx pop esi pop edi pop ebp -jmp near loc_000177dc ; jmp 0x177dc +jmp near loc_000178a0 ; jmp 0x178a0 -fcn_000171d5: ; not directly referenced +fcn_00017299: ; not directly referenced push ebp mov ebp, esp push ebx push edx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000171ff ; je 0x171ff +je short loc_000172c3 ; je 0x172c3 test ebx, ebx -jne short loc_000171ff ; jne 0x171ff +jne short loc_000172c3 ; jne 0x172c3 push eax -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0x26 -push ref_00025949 ; push 0x25949 -call fcn_000153fc ; call 0x153fc +push ref_000259f8 ; push 0x259f8 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000171ff: ; not directly referenced +loc_000172c3: ; not directly referenced mov ax, word [ebx] mov ebx, dword [ebp - 4] leave ret -fcn_00017207: ; not directly referenced +fcn_000172cb: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 8] push ebx mov ebx, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017234 ; je 0x17234 +je short loc_000172f8 ; je 0x172f8 test esi, esi -jne short loc_00017234 ; jne 0x17234 +jne short loc_000172f8 ; jne 0x172f8 push eax -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0x41 -push ref_00025949 ; push 0x25949 -call fcn_000153fc ; call 0x153fc +push ref_000259f8 ; push 0x259f8 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017234: ; not directly referenced +loc_000172f8: ; not directly referenced mov word [esi], bx lea esp, [ebp - 8] mov eax, ebx @@ -37907,56 +37979,56 @@ pop esi pop ebp ret -fcn_00017240: ; not directly referenced +fcn_00017304: ; not directly referenced push ebp mov ebp, esp push ebx push edx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001726a ; je 0x1726a +je short loc_0001732e ; je 0x1732e test ebx, ebx -jne short loc_0001726a ; jne 0x1726a +jne short loc_0001732e ; jne 0x1732e push eax -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0x59 -push ref_00025949 ; push 0x25949 -call fcn_000153fc ; call 0x153fc +push ref_000259f8 ; push 0x259f8 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001726a: ; not directly referenced +loc_0001732e: ; not directly referenced mov eax, dword [ebx] mov ebx, dword [ebp - 4] leave and eax, 0xffffff ret -fcn_00017276: ; not directly referenced +fcn_0001733a: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000172a3 ; je 0x172a3 +je short loc_00017367 ; je 0x17367 test ebx, ebx -jne short loc_000172a3 ; jne 0x172a3 +jne short loc_00017367 ; jne 0x17367 push eax -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0x74 -push ref_00025949 ; push 0x25949 -call fcn_000153fc ; call 0x153fc +push ref_000259f8 ; push 0x259f8 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000172a3: ; not directly referenced +loc_00017367: ; not directly referenced push esi push 0x17 push 0 push dword [ebx] -call fcn_0001f920 ; call 0x1f920 +call fcn_0001f9ae ; call 0x1f9ae mov dword [ebx], eax lea esp, [ebp - 8] mov eax, esi @@ -37965,50 +38037,50 @@ pop esi pop ebp ret -fcn_000172ba: ; not directly referenced +fcn_0001737e: ; not directly referenced push ebp mov ebp, esp push ebx push edx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000172e7 ; je 0x172e7 +je short loc_000173ab ; je 0x173ab test ebx, ebx -jne short loc_000172e7 ; jne 0x172e7 +jne short loc_000173ab ; jne 0x173ab push eax -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0x8d -push ref_00025949 ; push 0x25949 -call fcn_000153fc ; call 0x153fc +push ref_000259f8 ; push 0x259f8 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000172e7: ; not directly referenced +loc_000173ab: ; not directly referenced mov eax, dword [ebx] mov ebx, dword [ebp - 4] leave ret -fcn_000172ee: ; not directly referenced +fcn_000173b2: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 8] push ebx mov ebx, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001731e ; je 0x1731e +je short loc_000173e2 ; je 0x173e2 test esi, esi -jne short loc_0001731e ; jne 0x1731e +jne short loc_000173e2 ; jne 0x173e2 push eax -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0xa8 -push ref_00025949 ; push 0x25949 -call fcn_000153fc ; call 0x153fc +push ref_000259f8 ; push 0x259f8 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001731e: ; not directly referenced +loc_000173e2: ; not directly referenced mov dword [esi], ebx lea esp, [ebp - 8] mov eax, ebx @@ -38017,32 +38089,32 @@ pop esi pop ebp ret -fcn_00017329: +fcn_000173ed: push ebp mov ebp, esp push ebx push edx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017356 ; je 0x17356 +je short loc_0001741a ; je 0x1741a test ebx, ebx -jne short loc_00017356 ; jne 0x17356 +jne short loc_0001741a ; jne 0x1741a push eax -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0xc0 -push ref_00025949 ; push 0x25949 -call fcn_000153fc ; call 0x153fc +push ref_000259f8 ; push 0x259f8 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017356: +loc_0001741a: mov eax, dword [ebx] mov edx, dword [ebx + 4] mov ebx, dword [ebp - 4] leave ret -fcn_00017360: +fcn_00017424: push ebp mov ebp, esp push edi @@ -38054,19 +38126,19 @@ mov edx, dword [ebp + 0x10] mov ebx, dword [ebp + 8] mov esi, eax mov edi, edx -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001739b ; je 0x1739b +je short loc_0001745f ; je 0x1745f test ebx, ebx -jne short loc_0001739b ; jne 0x1739b +jne short loc_0001745f ; jne 0x1745f push eax -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0xdb -push ref_00025949 ; push 0x25949 -call fcn_000153fc ; call 0x153fc +push ref_000259f8 ; push 0x259f8 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001739b: +loc_0001745f: mov dword [ebx], esi mov eax, esi mov edx, edi @@ -38078,7 +38150,7 @@ pop edi pop ebp ret -fcn_000173ac: +fcn_00017470: push ebp mov ebp, esp push edi @@ -38088,19 +38160,19 @@ sub esp, 0xc mov esi, dword [ebp + 8] mov edi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000173e0 ; je 0x173e0 +je short loc_000174a4 ; je 0x174a4 test ebx, ebx -jne short loc_000173e0 ; jne 0x173e0 +jne short loc_000174a4 ; jne 0x174a4 push eax -push ref_0002597e ; push 0x2597e +push ref_00025a2d ; push 0x25a2d push 0x2b -push ref_0002598b ; push 0x2598b -call fcn_000153fc ; call 0x153fc +push ref_00025a3a ; push 0x25a3a +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000173e0: +loc_000174a4: mov dword [ebp + 0x10], ebx mov dword [ebp + 8], esi mov dword [ebp + 0xc], edi @@ -38109,9 +38181,9 @@ pop ebx pop esi pop edi pop ebp -jmp near loc_00017493 ; jmp 0x17493 +jmp near loc_00017557 ; jmp 0x17557 -fcn_000173f5: +fcn_000174b9: push ebp mov ebp, esp push edi @@ -38121,19 +38193,19 @@ sub esp, 0xc mov esi, dword [ebp + 8] mov edi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017429 ; je 0x17429 +je short loc_000174ed ; je 0x174ed test ebx, ebx -jne short loc_00017429 ; jne 0x17429 +jne short loc_000174ed ; jne 0x174ed push eax -push ref_0002597e ; push 0x2597e +push ref_00025a2d ; push 0x25a2d push 0x2b -push ref_000259c0 ; push 0x259c0 -call fcn_000153fc ; call 0x153fc +push ref_00025a6f ; push 0x25a6f +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017429: +loc_000174ed: mov dword [ebp + 0x10], ebx mov dword [ebp + 8], esi mov dword [ebp + 0xc], edi @@ -38142,9 +38214,9 @@ pop ebx pop esi pop edi pop ebp -jmp near loc_000174a8 ; jmp 0x174a8 +jmp near loc_0001756c ; jmp 0x1756c -fcn_0001743e: +fcn_00017502: push ebp mov ebp, esp push edi @@ -38156,19 +38228,19 @@ mov esi, dword [ebp + 8] mov edi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] mov dword [ebp - 0x1c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017478 ; je 0x17478 +je short loc_0001753c ; je 0x1753c test ebx, ebx -jne short loc_00017478 ; jne 0x17478 +jne short loc_0001753c ; jne 0x1753c push eax -push ref_0002597e ; push 0x2597e +push ref_00025a2d ; push 0x25a2d push 0x2f -push ref_000259f5 ; push 0x259f5 -call fcn_000153fc ; call 0x153fc +push ref_00025aa4 ; push 0x25aa4 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017478: +loc_0001753c: mov eax, dword [ebp - 0x1c] mov dword [ebp + 0x10], ebx mov dword [ebp + 8], esi @@ -38179,9 +38251,9 @@ pop ebx pop esi pop edi pop ebp -jmp near loc_000174bd ; jmp 0x174bd +jmp near loc_00017581 ; jmp 0x17581 -loc_00017493: +loc_00017557: mov eax, dword [esp + 8] mov ecx, dword [esp + 0xc] xor edx, edx @@ -38191,7 +38263,7 @@ div ecx mov eax, edx ret -loc_000174a8: +loc_0001756c: mov eax, dword [esp + 8] mov ecx, dword [esp + 0xc] xor edx, edx @@ -38202,7 +38274,7 @@ div ecx pop edx ret -loc_000174bd: +loc_00017581: mov ecx, dword [esp + 0xc] mov eax, dword [esp + 8] xor edx, edx @@ -38211,48 +38283,48 @@ push eax mov eax, dword [esp + 8] div ecx mov ecx, dword [esp + 0x14] -jecxz loc_000174d8 ; jecxz 0x174d8 +jecxz loc_0001759c ; jecxz 0x1759c mov dword [ecx], edx -loc_000174d8: +loc_0001759c: pop edx ret -fcn_000174da: +fcn_0001759e: push ebp mov ebp, esp pop ebp ret -fcn_000174df: ; not directly referenced +fcn_000175a3: ; not directly referenced push ebp mov ebp, esp sti pop ebp ret -fcn_000174e5: ; not directly referenced +fcn_000175a9: ; not directly referenced push ebp mov ebp, esp cli pop ebp ret -fcn_000174eb: ; not directly referenced +fcn_000175af: ; not directly referenced push ebp mov ebp, esp pause pop ebp ret -fcn_000174f2: ; not directly referenced +fcn_000175b6: ; not directly referenced push ebp mov ebp, esp int3 pop ebp ret -fcn_000174f8: +fcn_000175bc: push ebp mov ebp, esp mov ecx, dword [ebp + 8] @@ -38260,7 +38332,7 @@ rdmsr pop ebp ret -fcn_00017502: +fcn_000175c6: push ebp mov ebp, esp mov eax, dword [ebp + 0xc] @@ -38270,7 +38342,7 @@ wrmsr pop ebp ret -fcn_00017512: ; not directly referenced +fcn_000175d6: ; not directly referenced push ebp mov ebp, esp pushfd @@ -38278,35 +38350,35 @@ pop eax pop ebp ret -fcn_00017519: ; not directly referenced +fcn_000175dd: ; not directly referenced push ebp mov ebp, esp mov eax, cr0 pop ebp ret -fcn_00017521: ; not directly referenced +fcn_000175e5: ; not directly referenced push ebp mov ebp, esp mov eax, cr2 pop ebp ret -fcn_00017529: ; not directly referenced +fcn_000175ed: ; not directly referenced push ebp mov ebp, esp mov eax, cr3 pop ebp ret -fcn_00017531: ; not directly referenced +fcn_000175f5: ; not directly referenced push ebp mov ebp, esp mov eax, cr4 pop ebp ret -fcn_00017539: ; not directly referenced +fcn_000175fd: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38314,7 +38386,7 @@ mov cr0, eax pop ebp ret -fcn_00017544: ; not directly referenced +fcn_00017608: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38322,7 +38394,7 @@ mov cr2, eax pop ebp ret -fcn_0001754f: ; not directly referenced +fcn_00017613: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38330,7 +38402,7 @@ mov cr3, eax pop ebp ret -fcn_0001755a: ; not directly referenced +fcn_0001761e: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38338,63 +38410,63 @@ mov cr4, eax pop ebp ret -fcn_00017565: ; not directly referenced +fcn_00017629: ; not directly referenced push ebp mov ebp, esp mov eax, dr0 pop ebp ret -fcn_0001756d: ; not directly referenced +fcn_00017631: ; not directly referenced push ebp mov ebp, esp mov eax, dr1 pop ebp ret -fcn_00017575: ; not directly referenced +fcn_00017639: ; not directly referenced push ebp mov ebp, esp mov eax, dr2 pop ebp ret -fcn_0001757d: ; not directly referenced +fcn_00017641: ; not directly referenced push ebp mov ebp, esp mov eax, dr3 pop ebp ret -fcn_00017585: ; not directly referenced +fcn_00017649: ; not directly referenced push ebp mov ebp, esp mov eax, dr4 pop ebp ret -fcn_0001758d: ; not directly referenced +fcn_00017651: ; not directly referenced push ebp mov ebp, esp mov eax, dr5 pop ebp ret -fcn_00017595: ; not directly referenced +fcn_00017659: ; not directly referenced push ebp mov ebp, esp mov eax, dr6 pop ebp ret -fcn_0001759d: ; not directly referenced +fcn_00017661: ; not directly referenced push ebp mov ebp, esp mov eax, dr7 pop ebp ret -fcn_000175a5: ; not directly referenced +fcn_00017669: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38402,7 +38474,7 @@ mov dr0, eax pop ebp ret -fcn_000175b0: ; not directly referenced +fcn_00017674: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38410,7 +38482,7 @@ mov dr1, eax pop ebp ret -fcn_000175bb: ; not directly referenced +fcn_0001767f: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38418,7 +38490,7 @@ mov dr2, eax pop ebp ret -fcn_000175c6: ; not directly referenced +fcn_0001768a: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38426,7 +38498,7 @@ mov dr3, eax pop ebp ret -fcn_000175d1: ; not directly referenced +fcn_00017695: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38434,7 +38506,7 @@ mov dr4, eax pop ebp ret -fcn_000175dc: ; not directly referenced +fcn_000176a0: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38442,7 +38514,7 @@ mov dr5, eax pop ebp ret -fcn_000175e7: ; not directly referenced +fcn_000176ab: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38450,7 +38522,7 @@ mov dr6, eax pop ebp ret -fcn_000175f2: ; not directly referenced +fcn_000176b6: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38458,56 +38530,56 @@ mov dr7, eax pop ebp ret -fcn_000175fd: ; not directly referenced +fcn_000176c1: ; not directly referenced push ebp mov ebp, esp mov ax, cs pop ebp ret -fcn_00017605: ; not directly referenced +fcn_000176c9: ; not directly referenced push ebp mov ebp, esp mov ax, ds pop ebp ret -fcn_0001760d: ; not directly referenced +fcn_000176d1: ; not directly referenced push ebp mov ebp, esp mov ax, es pop ebp ret -fcn_00017615: ; not directly referenced +fcn_000176d9: ; not directly referenced push ebp mov ebp, esp mov ax, fs pop ebp ret -fcn_0001761d: ; not directly referenced +fcn_000176e1: ; not directly referenced push ebp mov ebp, esp mov ax, gs pop ebp ret -fcn_00017625: ; not directly referenced +fcn_000176e9: ; not directly referenced push ebp mov ebp, esp mov ax, ds pop ebp ret -fcn_0001762d: ; not directly referenced +fcn_000176f1: ; not directly referenced push ebp mov ebp, esp str ax pop ebp ret -fcn_00017636: ; not directly referenced +fcn_000176fa: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38515,7 +38587,7 @@ sgdt [eax] pop ebp ret -fcn_00017641: ; not directly referenced +fcn_00017705: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38523,7 +38595,7 @@ lgdt [eax] pop ebp ret -fcn_0001764c: ; not directly referenced +fcn_00017710: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38531,7 +38603,7 @@ sidt [eax] pop ebp ret -fcn_00017657: ; not directly referenced +fcn_0001771b: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38539,21 +38611,21 @@ lidt [eax] pop ebp ret -fcn_00017662: ; not directly referenced +fcn_00017726: ; not directly referenced push ebp mov ebp, esp sldt ax pop ebp ret -fcn_0001766b: ; not directly referenced +fcn_0001772f: ; not directly referenced push ebp mov ebp, esp lldt word [ebp + 8] pop ebp ret -fcn_00017674: ; not directly referenced +fcn_00017738: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38561,7 +38633,7 @@ fxsave [eax] pop ebp ret -fcn_0001767f: ; not directly referenced +fcn_00017743: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38569,7 +38641,7 @@ fxrstor [eax] pop ebp ret -fcn_0001768a: ; not directly referenced +fcn_0001774e: ; not directly referenced push ebp mov ebp, esp push eax @@ -38580,7 +38652,7 @@ pop edx pop ebp ret -fcn_00017697: ; not directly referenced +fcn_0001775b: ; not directly referenced push ebp mov ebp, esp push eax @@ -38591,7 +38663,7 @@ pop edx pop ebp ret -fcn_000176a4: ; not directly referenced +fcn_00017768: ; not directly referenced push ebp mov ebp, esp push eax @@ -38602,7 +38674,7 @@ pop edx pop ebp ret -fcn_000176b1: ; not directly referenced +fcn_00017775: ; not directly referenced push ebp mov ebp, esp push eax @@ -38613,7 +38685,7 @@ pop edx pop ebp ret -fcn_000176be: ; not directly referenced +fcn_00017782: ; not directly referenced push ebp mov ebp, esp push eax @@ -38624,7 +38696,7 @@ pop edx pop ebp ret -fcn_000176cb: ; not directly referenced +fcn_0001778f: ; not directly referenced push ebp mov ebp, esp push eax @@ -38635,7 +38707,7 @@ pop edx pop ebp ret -fcn_000176d8: ; not directly referenced +fcn_0001779c: ; not directly referenced push ebp mov ebp, esp push eax @@ -38646,7 +38718,7 @@ pop edx pop ebp ret -fcn_000176e5: ; not directly referenced +fcn_000177a9: ; not directly referenced push ebp mov ebp, esp push eax @@ -38657,7 +38729,7 @@ pop edx pop ebp ret -fcn_000176f2: ; not directly referenced +fcn_000177b6: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -38669,7 +38741,7 @@ movq mm0, qword [ebp - 8] leave ret -fcn_0001770a: ; not directly referenced +fcn_000177ce: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -38681,7 +38753,7 @@ movq mm1, qword [ebp - 8] leave ret -fcn_00017722: ; not directly referenced +fcn_000177e6: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -38693,7 +38765,7 @@ movq mm2, qword [ebp - 8] leave ret -fcn_0001773a: ; not directly referenced +fcn_000177fe: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -38705,7 +38777,7 @@ movq mm3, qword [ebp - 8] leave ret -fcn_00017752: ; not directly referenced +fcn_00017816: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -38717,7 +38789,7 @@ movq mm4, qword [ebp - 8] leave ret -fcn_0001776a: ; not directly referenced +fcn_0001782e: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -38729,7 +38801,7 @@ movq mm5, qword [ebp - 8] leave ret -fcn_00017782: ; not directly referenced +fcn_00017846: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -38741,7 +38813,7 @@ movq mm6, qword [ebp - 8] leave ret -fcn_0001779a: ; not directly referenced +fcn_0001785e: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -38753,14 +38825,14 @@ movq mm7, qword [ebp - 8] leave ret -fcn_000177b2: ; not directly referenced +fcn_00017876: ; not directly referenced push ebp mov ebp, esp rdtsc pop ebp ret -fcn_000177b9: ; not directly referenced +fcn_0001787d: ; not directly referenced push ebp mov ebp, esp mov ecx, dword [ebp + 8] @@ -38768,21 +38840,21 @@ rdpmc pop ebp ret -fcn_000177c3: ; not directly referenced +fcn_00017887: ; not directly referenced push ebp mov ebp, esp wbinvd pop ebp ret -fcn_000177ca: ; not directly referenced +fcn_0001788e: ; not directly referenced push ebp mov ebp, esp invd pop ebp ret -fcn_000177d1: ; not directly referenced +fcn_00017895: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -38790,7 +38862,7 @@ clflush [eax] pop ebp ret -loc_000177dc: +loc_000178a0: mov cl, byte [esp + 0xc] xor edx, edx mov eax, dword [esp + 8] @@ -38801,16 +38873,16 @@ shrd eax, edx, cl shr edx, cl ret -fcn_000177f7: ; not directly referenced +fcn_000178bb: ; not directly referenced push ebp mov ebp, esp sub esp, 0x14 push dword [ebp + 8] -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc leave ret -fcn_00017807: ; not directly referenced +fcn_000178cb: ; not directly referenced push ebp xor edx, edx mov ebp, esp @@ -38819,11 +38891,11 @@ mov eax, dword [ebp + 0xc] push edx push eax push dword [ebp + 8] -call fcn_00017502 ; call 0x17502 +call fcn_000175c6 ; call 0x175c6 leave ret -fcn_0001781e: ; not directly referenced +fcn_000178e2: ; not directly referenced push ebp mov ebp, esp push esi @@ -38832,7 +38904,7 @@ push ebx mov ebx, dword [ebp + 0xc] sub esp, 0xc push dword [ebp + 8] -call fcn_000177f7 ; call 0x177f7 +call fcn_000178bb ; call 0x178bb add esp, 0x10 mov dword [ebp + 0x10], esi mov dword [ebp + 0xc], ebx @@ -38841,9 +38913,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_0001f726 ; jmp 0x1f726 +jmp near fcn_0001f7b4 ; jmp 0x1f7b4 -fcn_0001784b: ; not directly referenced +fcn_0001790f: ; not directly referenced push ebp mov ebp, esp push edi @@ -38854,7 +38926,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc add esp, 0x10 mov dword [ebp + 8], edi or eax, esi @@ -38866,9 +38938,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017502 ; jmp 0x17502 +jmp near fcn_000175c6 ; jmp 0x175c6 -fcn_0001787f: ; not directly referenced +fcn_00017943: ; not directly referenced push ebp xor edx, edx mov ebp, esp @@ -38877,11 +38949,11 @@ mov eax, dword [ebp + 0xc] push edx push eax push dword [ebp + 8] -call fcn_0001784b ; call 0x1784b +call fcn_0001790f ; call 0x1790f leave ret -fcn_00017896: ; not directly referenced +fcn_0001795a: ; not directly referenced push ebp mov ebp, esp push edi @@ -38892,7 +38964,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc add esp, 0x10 mov dword [ebp + 8], edi and eax, esi @@ -38904,9 +38976,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017502 ; jmp 0x17502 +jmp near fcn_000175c6 ; jmp 0x175c6 -fcn_000178ca: ; not directly referenced +fcn_0001798e: ; not directly referenced push ebp xor edx, edx mov ebp, esp @@ -38915,11 +38987,11 @@ mov eax, dword [ebp + 0xc] push edx push eax push dword [ebp + 8] -call fcn_00017896 ; call 0x17896 +call fcn_0001795a ; call 0x1795a leave ret -fcn_000178e1: ; not directly referenced +fcn_000179a5: ; not directly referenced push ebp mov ebp, esp push edi @@ -38934,7 +39006,7 @@ push ebx mov esi, dword [ebp + 0x10] mov dword [ebp - 0x1c], eax mov dword [ebp - 0x20], ecx -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc add esp, 0x10 mov dword [ebp + 8], ebx and eax, edi @@ -38948,9 +39020,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017502 ; jmp 0x17502 +jmp near fcn_000175c6 ; jmp 0x175c6 -fcn_00017927: ; not directly referenced +fcn_000179eb: ; not directly referenced push ebp xor edx, edx mov ebp, esp @@ -38963,25 +39035,25 @@ mov eax, dword [ebp + 0xc] push edx push eax push dword [ebp + 8] -call fcn_000178e1 ; call 0x178e1 +call fcn_000179a5 ; call 0x179a5 leave ret -fcn_00017945: ; not directly referenced +fcn_00017a09: ; not directly referenced push ebp mov ebp, esp sub esp, 0x14 push dword [ebp + 8] -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc push dword [ebp + 0x10] push dword [ebp + 0xc] push edx push eax -call fcn_0001f98f ; call 0x1f98f +call fcn_0001fa1d ; call 0x1fa1d leave ret -fcn_00017962: ; not directly referenced +fcn_00017a26: ; not directly referenced push ebp mov ebp, esp push edi @@ -38996,7 +39068,7 @@ push ecx mov esi, dword [ebp + 0x14] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x1c], eax -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc pop ecx pop ecx push edi @@ -39005,7 +39077,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fcc5 ; call 0x1fcc5 +call fcn_0001fd53 ; call 0x1fd53 mov ecx, dword [ebp - 0x20] add esp, 0x20 mov dword [ebp + 8], ecx @@ -39016,41 +39088,41 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017502 ; jmp 0x17502 +jmp near fcn_000175c6 ; jmp 0x175c6 -fcn_000179b0: ; not directly referenced +fcn_00017a74: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000179e1 ; je 0x179e1 +je short loc_00017aa5 ; je 0x17aa5 cmp ebx, 0x1f -jbe short loc_000179e1 ; jbe 0x179e1 +jbe short loc_00017aa5 ; jbe 0x17aa5 push edx -push ref_00025a33 ; push 0x25a33 +push ref_00025ae2 ; push 0x25ae2 push 0xe3 -push ref_00025a4f ; push 0x25a4f -call fcn_000153fc ; call 0x153fc +push ref_00025afe ; push 0x25afe +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000179e1: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00017aa5: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017a06 ; je 0x17a06 +je short loc_00017aca ; je 0x17aca cmp esi, ebx -jbe short loc_00017a06 ; jbe 0x17a06 +jbe short loc_00017aca ; jbe 0x17aca push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0xe4 -push ref_00025a4f ; push 0x25a4f -call fcn_000153fc ; call 0x153fc +push ref_00025afe ; push 0x25afe +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017a06: ; not directly referenced +loc_00017aca: ; not directly referenced mov eax, dword [ebp + 0x14] sub esp, 0xc xor edx, edx @@ -39059,14 +39131,14 @@ push eax push ebx push esi push dword [ebp + 8] -call fcn_00017962 ; call 0x17962 +call fcn_00017a26 ; call 0x17a26 lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_00017a21: ; not directly referenced +fcn_00017ae5: ; not directly referenced push ebp mov ebp, esp push edi @@ -39081,7 +39153,7 @@ push ecx mov esi, dword [ebp + 0x14] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x1c], eax -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc pop ecx pop ecx push edi @@ -39090,7 +39162,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fa1e ; call 0x1fa1e +call fcn_0001faac ; call 0x1faac mov ecx, dword [ebp - 0x20] add esp, 0x20 mov dword [ebp + 8], ecx @@ -39101,41 +39173,41 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017502 ; jmp 0x17502 +jmp near fcn_000175c6 ; jmp 0x175c6 -fcn_00017a6f: ; not directly referenced +fcn_00017b33: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017aa0 ; je 0x17aa0 +je short loc_00017b64 ; je 0x17b64 cmp ebx, 0x1f -jbe short loc_00017aa0 ; jbe 0x17aa0 +jbe short loc_00017b64 ; jbe 0x17b64 push edx -push ref_00025a94 ; push 0x25a94 +push ref_00025b43 ; push 0x25b43 push 0x10c -push ref_00025a4f ; push 0x25a4f -call fcn_000153fc ; call 0x153fc +push ref_00025afe ; push 0x25afe +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017aa0: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00017b64: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017ac5 ; je 0x17ac5 +je short loc_00017b89 ; je 0x17b89 cmp esi, ebx -jbe short loc_00017ac5 ; jbe 0x17ac5 +jbe short loc_00017b89 ; jbe 0x17b89 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x10d -push ref_00025a4f ; push 0x25a4f -call fcn_000153fc ; call 0x153fc +push ref_00025afe ; push 0x25afe +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017ac5: ; not directly referenced +loc_00017b89: ; not directly referenced mov eax, dword [ebp + 0x14] sub esp, 0xc xor edx, edx @@ -39144,14 +39216,14 @@ push eax push ebx push esi push dword [ebp + 8] -call fcn_00017a21 ; call 0x17a21 +call fcn_00017ae5 ; call 0x17ae5 lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_00017ae0: ; not directly referenced +fcn_00017ba4: ; not directly referenced push ebp mov ebp, esp push edi @@ -39166,7 +39238,7 @@ push ecx mov esi, dword [ebp + 0x14] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x1c], eax -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc pop ecx pop ecx push edi @@ -39175,7 +39247,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fb10 ; call 0x1fb10 +call fcn_0001fb9e ; call 0x1fb9e mov ecx, dword [ebp - 0x20] add esp, 0x20 mov dword [ebp + 8], ecx @@ -39186,41 +39258,41 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017502 ; jmp 0x17502 +jmp near fcn_000175c6 ; jmp 0x175c6 -fcn_00017b2e: ; not directly referenced +fcn_00017bf2: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017b5f ; je 0x17b5f +je short loc_00017c23 ; je 0x17c23 cmp ebx, 0x1f -jbe short loc_00017b5f ; jbe 0x17b5f +jbe short loc_00017c23 ; jbe 0x17c23 push edx -push ref_00025ab1 ; push 0x25ab1 +push ref_00025b60 ; push 0x25b60 push 0x135 -push ref_00025a4f ; push 0x25a4f -call fcn_000153fc ; call 0x153fc +push ref_00025afe ; push 0x25afe +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017b5f: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00017c23: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017b84 ; je 0x17b84 +je short loc_00017c48 ; je 0x17c48 cmp esi, ebx -jbe short loc_00017b84 ; jbe 0x17b84 +jbe short loc_00017c48 ; jbe 0x17c48 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x136 -push ref_00025a4f ; push 0x25a4f -call fcn_000153fc ; call 0x153fc +push ref_00025afe ; push 0x25afe +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017b84: ; not directly referenced +loc_00017c48: ; not directly referenced mov eax, dword [ebp + 0x14] sub esp, 0xc xor edx, edx @@ -39229,14 +39301,14 @@ push eax push ebx push esi push dword [ebp + 8] -call fcn_00017ae0 ; call 0x17ae0 +call fcn_00017ba4 ; call 0x17ba4 lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_00017b9f: ; not directly referenced +fcn_00017c63: ; not directly referenced push ebp mov ebp, esp push edi @@ -39255,7 +39327,7 @@ mov ebx, dword [ebp + 0xc] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x28], eax mov dword [ebp - 0x24], edx -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc push edi push esi push dword [ebp - 0x24] @@ -39264,7 +39336,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fc0e ; call 0x1fc0e +call fcn_0001fc9c ; call 0x1fc9c mov ecx, dword [ebp - 0x20] add esp, 0x30 mov dword [ebp + 8], ecx @@ -39275,41 +39347,41 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017502 ; jmp 0x17502 +jmp near fcn_000175c6 ; jmp 0x175c6 -fcn_00017bfd: ; not directly referenced +fcn_00017cc1: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017c2e ; je 0x17c2e +je short loc_00017cf2 ; je 0x17cf2 cmp ebx, 0x1f -jbe short loc_00017c2e ; jbe 0x17c2e +jbe short loc_00017cf2 ; jbe 0x17cf2 push ecx -push ref_00025ab1 ; push 0x25ab1 +push ref_00025b60 ; push 0x25b60 push 0x163 -push ref_00025a4f ; push 0x25a4f -call fcn_000153fc ; call 0x153fc +push ref_00025afe ; push 0x25afe +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017c2e: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00017cf2: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017c53 ; je 0x17c53 +je short loc_00017d17 ; je 0x17d17 cmp esi, ebx -jbe short loc_00017c53 ; jbe 0x17c53 +jbe short loc_00017d17 ; jbe 0x17d17 push edx -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x164 -push ref_00025a4f ; push 0x25a4f -call fcn_000153fc ; call 0x153fc +push ref_00025afe ; push 0x25afe +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017c53: ; not directly referenced +loc_00017d17: ; not directly referenced push eax mov eax, dword [ebp + 0x18] xor edx, edx @@ -39322,134 +39394,134 @@ push eax push ebx push esi push dword [ebp + 8] -call fcn_00017b9f ; call 0x17b9f +call fcn_00017c63 ; call 0x17c63 lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_00017c73: ; not directly referenced +fcn_00017d37: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017c97 ; je 0x17c97 +je short loc_00017d5b ; je 0x17d5b push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x26 -push ref_00025acf ; push 0x25acf -call fcn_000153fc ; call 0x153fc +push ref_00025b7e ; push 0x25b7e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017c97: ; not directly referenced +loc_00017d5b: ; not directly referenced xor eax, eax xor edx, edx leave ret -fcn_00017c9d: ; not directly referenced +fcn_00017d61: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017cc1 ; je 0x17cc1 +je short loc_00017d85 ; je 0x17d85 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x41 -push ref_00025acf ; push 0x25acf -call fcn_000153fc ; call 0x153fc +push ref_00025b7e ; push 0x25b7e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017cc1: ; not directly referenced +loc_00017d85: ; not directly referenced xor eax, eax xor edx, edx leave ret -fcn_00017cc7: +fcn_00017d8b: push ebp mov ebp, esp push ebx push eax -call fcn_000174da ; call 0x174da +call fcn_0001759e ; call 0x1759e mov eax, dword [ebp + 8] mov bl, byte [eax] -call fcn_000174da ; call 0x174da +call fcn_0001759e ; call 0x1759e pop edx mov al, bl pop ebx pop ebp ret -fcn_00017ce1: +fcn_00017da5: push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 0xc] -call fcn_000174da ; call 0x174da +call fcn_0001759e ; call 0x1759e mov eax, dword [ebp + 8] mov byte [eax], bl -call fcn_000174da ; call 0x174da +call fcn_0001759e ; call 0x1759e mov al, bl pop edx pop ebx pop ebp ret -fcn_00017cfe: +fcn_00017dc2: push ebp mov ebp, esp push ebx push edx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017d2c ; je 0x17d2c +je short loc_00017df0 ; je 0x17df0 test bl, 1 -je short loc_00017d2c ; je 0x17d2c +je short loc_00017df0 ; je 0x17df0 push eax -push ref_00025b0b ; push 0x25b0b +push ref_00025bba ; push 0x25bba push 0x97 -push ref_00025acf ; push 0x25acf -call fcn_000153fc ; call 0x153fc +push ref_00025b7e ; push 0x25b7e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017d2c: -call fcn_000174da ; call 0x174da +loc_00017df0: +call fcn_0001759e ; call 0x1759e mov bx, word [ebx] -call fcn_000174da ; call 0x174da +call fcn_0001759e ; call 0x1759e mov eax, ebx mov ebx, dword [ebp - 4] leave ret -fcn_00017d40: +fcn_00017e04: push ebp mov ebp, esp push esi mov esi, dword [ebp + 8] push ebx mov ebx, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017d74 ; je 0x17d74 +je short loc_00017e38 ; je 0x17e38 test esi, 1 -je short loc_00017d74 ; je 0x17d74 +je short loc_00017e38 ; je 0x17e38 push eax -push ref_00025b0b ; push 0x25b0b +push ref_00025bba ; push 0x25bba push 0xb7 -push ref_00025acf ; push 0x25acf -call fcn_000153fc ; call 0x153fc +push ref_00025b7e ; push 0x25b7e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017d74: -call fcn_000174da ; call 0x174da +loc_00017e38: +call fcn_0001759e ; call 0x1759e mov word [esi], bx -call fcn_000174da ; call 0x174da +call fcn_0001759e ; call 0x1759e lea esp, [ebp - 8] mov eax, ebx pop ebx @@ -39457,56 +39529,56 @@ pop esi pop ebp ret -fcn_00017d8a: +fcn_00017e4e: push ebp mov ebp, esp push ebx push edx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017db8 ; je 0x17db8 +je short loc_00017e7c ; je 0x17e7c test bl, 3 -je short loc_00017db8 ; je 0x17db8 +je short loc_00017e7c ; je 0x17e7c push eax -push ref_00025b1e ; push 0x25b1e +push ref_00025bcd ; push 0x25bcd push 0xd7 -push ref_00025acf ; push 0x25acf -call fcn_000153fc ; call 0x153fc +push ref_00025b7e ; push 0x25b7e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017db8: -call fcn_000174da ; call 0x174da +loc_00017e7c: +call fcn_0001759e ; call 0x1759e mov ebx, dword [ebx] -call fcn_000174da ; call 0x174da +call fcn_0001759e ; call 0x1759e mov eax, ebx mov ebx, dword [ebp - 4] leave ret -fcn_00017dcb: +fcn_00017e8f: push ebp mov ebp, esp push esi mov esi, dword [ebp + 8] push ebx mov ebx, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017dff ; je 0x17dff +je short loc_00017ec3 ; je 0x17ec3 test esi, 3 -je short loc_00017dff ; je 0x17dff +je short loc_00017ec3 ; je 0x17ec3 push eax -push ref_00025b1e ; push 0x25b1e +push ref_00025bcd ; push 0x25bcd push 0xf7 -push ref_00025acf ; push 0x25acf -call fcn_000153fc ; call 0x153fc +push ref_00025b7e ; push 0x25b7e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017dff: -call fcn_000174da ; call 0x174da +loc_00017ec3: +call fcn_0001759e ; call 0x1759e mov dword [esi], ebx -call fcn_000174da ; call 0x174da +call fcn_0001759e ; call 0x1759e lea esp, [ebp - 8] mov eax, ebx pop ebx @@ -39514,38 +39586,38 @@ pop esi pop ebp ret -fcn_00017e14: +fcn_00017ed8: push ebp mov ebp, esp push ebx sub esp, 0x14 mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017e44 ; je 0x17e44 +je short loc_00017f08 ; je 0x17f08 test bl, 7 -je short loc_00017e44 ; je 0x17e44 +je short loc_00017f08 ; je 0x17f08 push eax -push ref_00025b31 ; push 0x25b31 +push ref_00025be0 ; push 0x25be0 push 0x117 -push ref_00025acf ; push 0x25acf -call fcn_000153fc ; call 0x153fc +push ref_00025b7e ; push 0x25b7e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017e44: -call fcn_000174da ; call 0x174da +loc_00017f08: +call fcn_0001759e ; call 0x1759e mov eax, dword [ebx] mov edx, dword [ebx + 4] mov dword [ebp - 0x10], eax mov dword [ebp - 0xc], edx -call fcn_000174da ; call 0x174da +call fcn_0001759e ; call 0x1759e mov eax, dword [ebp - 0x10] mov edx, dword [ebp - 0xc] mov ebx, dword [ebp - 4] leave ret -fcn_00017e64: +fcn_00017f28: push ebp mov ebp, esp push edi @@ -39557,23 +39629,23 @@ mov edx, dword [ebp + 0x10] mov ebx, dword [ebp + 8] mov esi, eax mov edi, edx -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00017ea0 ; je 0x17ea0 +je short loc_00017f64 ; je 0x17f64 test bl, 7 -je short loc_00017ea0 ; je 0x17ea0 +je short loc_00017f64 ; je 0x17f64 push eax -push ref_00025b31 ; push 0x25b31 +push ref_00025be0 ; push 0x25be0 push 0x135 -push ref_00025acf ; push 0x25acf -call fcn_000153fc ; call 0x153fc +push ref_00025b7e ; push 0x25b7e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00017ea0: -call fcn_000174da ; call 0x174da +loc_00017f64: +call fcn_0001759e ; call 0x1759e mov dword [ebx], esi mov dword [ebx + 4], edi -call fcn_000174da ; call 0x174da +call fcn_0001759e ; call 0x1759e lea esp, [ebp - 0xc] mov eax, esi pop ebx @@ -39583,7 +39655,7 @@ pop edi pop ebp ret -fcn_00017ebb: +fcn_00017f7f: push ebp mov ebp, esp push esi @@ -39592,7 +39664,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 add esp, 0x10 mov dword [ebp + 8], ebx or eax, esi @@ -39602,9 +39674,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00018e26 ; jmp 0x18e26 +jmp near fcn_00018eea ; jmp 0x18eea -fcn_00017ee8: +fcn_00017fac: push ebp mov ebp, esp push esi @@ -39613,7 +39685,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 add esp, 0x10 mov dword [ebp + 8], ebx and eax, esi @@ -39623,9 +39695,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00018e26 ; jmp 0x18e26 +jmp near fcn_00018eea ; jmp 0x18eea -fcn_00017f15: ; not directly referenced +fcn_00017fd9: ; not directly referenced push ebp mov ebp, esp push edi @@ -39636,7 +39708,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 add esp, 0x10 mov dword [ebp + 8], edi and eax, esi @@ -39648,9 +39720,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018e26 ; jmp 0x18e26 +jmp near fcn_00018eea ; jmp 0x18eea -fcn_00017f49: ; not directly referenced +fcn_0001800d: ; not directly referenced push ebp mov ebp, esp push esi @@ -39659,7 +39731,7 @@ push ebx mov ebx, dword [ebp + 0xc] sub esp, 0xc push dword [ebp + 8] -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 add esp, 0x10 mov dword [ebp + 0x10], esi mov dword [ebp + 0xc], ebx @@ -39669,9 +39741,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_0001f228 ; jmp 0x1f228 +jmp near fcn_0001f2b6 ; jmp 0x1f2b6 -fcn_00017f79: ; not directly referenced +fcn_0001803d: ; not directly referenced push ebp mov ebp, esp push edi @@ -39684,7 +39756,7 @@ mov esi, dword [ebp + 0x14] mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 mov edx, dword [ebp - 0x1c] mov ecx, esi movzx esi, cl @@ -39693,7 +39765,7 @@ push edx push edi movzx eax, al push eax -call fcn_0001f42e ; call 0x1f42e +call fcn_0001f4bc ; call 0x1f4bc add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, al @@ -39703,9 +39775,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018e26 ; jmp 0x18e26 +jmp near fcn_00018eea ; jmp 0x18eea -fcn_00017fc3: ; not directly referenced +fcn_00018087: ; not directly referenced push ebp mov ebp, esp push edi @@ -39718,7 +39790,7 @@ mov esi, dword [ebp + 0x14] mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 mov edx, dword [ebp - 0x1c] mov ecx, esi movzx esi, cl @@ -39727,7 +39799,7 @@ push edx push edi movzx eax, al push eax -call fcn_0001f29b ; call 0x1f29b +call fcn_0001f329 ; call 0x1f329 add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, al @@ -39737,9 +39809,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018e26 ; jmp 0x18e26 +jmp near fcn_00018eea ; jmp 0x18eea -fcn_0001800d: ; not directly referenced +fcn_000180d1: ; not directly referenced push ebp mov ebp, esp push edi @@ -39752,7 +39824,7 @@ mov esi, dword [ebp + 0x14] mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 mov edx, dword [ebp - 0x1c] mov ecx, esi movzx esi, cl @@ -39761,7 +39833,7 @@ push edx push edi movzx eax, al push eax -call fcn_0001f316 ; call 0x1f316 +call fcn_0001f3a4 ; call 0x1f3a4 add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, al @@ -39771,9 +39843,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018e26 ; jmp 0x18e26 +jmp near fcn_00018eea ; jmp 0x18eea -fcn_00018057: ; not directly referenced +fcn_0001811b: ; not directly referenced push ebp mov ebp, esp push edi @@ -39788,7 +39860,7 @@ mov edi, dword [ebp + 0x18] push ebx mov dword [ebp - 0x20], edx mov dword [ebp - 0x1c], ecx -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 mov ecx, esi mov edx, edi movzx esi, cl @@ -39801,7 +39873,7 @@ push ecx push edx movzx eax, al push eax -call fcn_0001f391 ; call 0x1f391 +call fcn_0001f41f ; call 0x1f41f add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, al @@ -39811,9 +39883,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018e26 ; jmp 0x18e26 +jmp near fcn_00018eea ; jmp 0x18eea -fcn_000180b2: ; not directly referenced +fcn_00018176: ; not directly referenced push ebp mov ebp, esp push esi @@ -39822,7 +39894,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00018e32 ; call 0x18e32 +call fcn_00018ef6 ; call 0x18ef6 add esp, 0x10 mov dword [ebp + 8], ebx or eax, esi @@ -39832,9 +39904,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00018e63 ; jmp 0x18e63 +jmp near fcn_00018f27 ; jmp 0x18f27 -fcn_000180df: ; not directly referenced +fcn_000181a3: ; not directly referenced push ebp mov ebp, esp push esi @@ -39843,7 +39915,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00018e32 ; call 0x18e32 +call fcn_00018ef6 ; call 0x18ef6 add esp, 0x10 mov dword [ebp + 8], ebx and eax, esi @@ -39853,9 +39925,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00018e63 ; jmp 0x18e63 +jmp near fcn_00018f27 ; jmp 0x18f27 -fcn_0001810c: ; not directly referenced +fcn_000181d0: ; not directly referenced push ebp mov ebp, esp push edi @@ -39866,7 +39938,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_00018e32 ; call 0x18e32 +call fcn_00018ef6 ; call 0x18ef6 add esp, 0x10 mov dword [ebp + 8], edi and eax, esi @@ -39878,9 +39950,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018e63 ; jmp 0x18e63 +jmp near fcn_00018f27 ; jmp 0x18f27 -fcn_00018140: ; not directly referenced +fcn_00018204: ; not directly referenced push ebp mov ebp, esp push esi @@ -39889,7 +39961,7 @@ push ebx mov ebx, dword [ebp + 0xc] sub esp, 0xc push dword [ebp + 8] -call fcn_00018e32 ; call 0x18e32 +call fcn_00018ef6 ; call 0x18ef6 add esp, 0x10 mov dword [ebp + 0x10], esi mov dword [ebp + 0xc], ebx @@ -39899,9 +39971,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_0001f4ae ; jmp 0x1f4ae +jmp near fcn_0001f53c ; jmp 0x1f53c -fcn_00018170: ; not directly referenced +fcn_00018234: ; not directly referenced push ebp mov ebp, esp push edi @@ -39915,14 +39987,14 @@ mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx movzx esi, si -call fcn_00018e32 ; call 0x18e32 +call fcn_00018ef6 ; call 0x18ef6 mov edx, dword [ebp - 0x1c] push esi push edx push edi movzx eax, ax push eax -call fcn_0001f6aa ; call 0x1f6aa +call fcn_0001f738 ; call 0x1f738 add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, ax @@ -39932,9 +40004,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018e63 ; jmp 0x18e63 +jmp near fcn_00018f27 ; jmp 0x18f27 -fcn_000181b8: ; not directly referenced +fcn_0001827c: ; not directly referenced push ebp mov ebp, esp push edi @@ -39948,14 +40020,14 @@ mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx movzx esi, si -call fcn_00018e32 ; call 0x18e32 +call fcn_00018ef6 ; call 0x18ef6 mov edx, dword [ebp - 0x1c] push esi push edx push edi movzx eax, ax push eax -call fcn_0001f521 ; call 0x1f521 +call fcn_0001f5af ; call 0x1f5af add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, ax @@ -39965,9 +40037,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018e63 ; jmp 0x18e63 +jmp near fcn_00018f27 ; jmp 0x18f27 -fcn_00018200: ; not directly referenced +fcn_000182c4: ; not directly referenced push ebp mov ebp, esp push edi @@ -39981,14 +40053,14 @@ mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx movzx esi, si -call fcn_00018e32 ; call 0x18e32 +call fcn_00018ef6 ; call 0x18ef6 mov edx, dword [ebp - 0x1c] push esi push edx push edi movzx eax, ax push eax -call fcn_0001f598 ; call 0x1f598 +call fcn_0001f626 ; call 0x1f626 add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, ax @@ -39998,9 +40070,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018e63 ; jmp 0x18e63 +jmp near fcn_00018f27 ; jmp 0x18f27 -fcn_00018248: ; not directly referenced +fcn_0001830c: ; not directly referenced push ebp mov ebp, esp push edi @@ -40016,7 +40088,7 @@ mov edi, dword [ebp + 0x18] mov dword [ebp - 0x20], edx mov dword [ebp - 0x1c], ecx movzx esi, si -call fcn_00018e32 ; call 0x18e32 +call fcn_00018ef6 ; call 0x18ef6 mov ecx, dword [ebp - 0x1c] movzx edi, di mov edx, dword [ebp - 0x20] @@ -40026,7 +40098,7 @@ push ecx push edx movzx eax, ax push eax -call fcn_0001f60f ; call 0x1f60f +call fcn_0001f69d ; call 0x1f69d add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, ax @@ -40036,9 +40108,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018e63 ; jmp 0x18e63 +jmp near fcn_00018f27 ; jmp 0x18f27 -fcn_0001829f: +fcn_00018363: push ebp mov ebp, esp push esi @@ -40047,7 +40119,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 add esp, 0x10 mov dword [ebp + 8], ebx or eax, esi @@ -40056,9 +40128,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00018ed3 ; jmp 0x18ed3 +jmp near fcn_00018f97 ; jmp 0x18f97 -fcn_000182c9: +fcn_0001838d: push ebp mov ebp, esp push esi @@ -40067,7 +40139,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 add esp, 0x10 mov dword [ebp + 8], ebx and eax, esi @@ -40076,9 +40148,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00018ed3 ; jmp 0x18ed3 +jmp near fcn_00018f97 ; jmp 0x18f97 -fcn_000182f3: ; not directly referenced +fcn_000183b7: ; not directly referenced push ebp mov ebp, esp push edi @@ -40089,7 +40161,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 add esp, 0x10 mov dword [ebp + 8], edi and eax, esi @@ -40100,9 +40172,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018ed3 ; jmp 0x18ed3 +jmp near fcn_00018f97 ; jmp 0x18f97 -fcn_00018324: ; not directly referenced +fcn_000183e8: ; not directly referenced push ebp mov ebp, esp push esi @@ -40111,7 +40183,7 @@ push ebx mov ebx, dword [ebp + 0xc] sub esp, 0xc push dword [ebp + 8] -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 add esp, 0x10 mov dword [ebp + 0x10], esi mov dword [ebp + 0xc], ebx @@ -40120,9 +40192,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_0001f726 ; jmp 0x1f726 +jmp near fcn_0001f7b4 ; jmp 0x1f7b4 -fcn_00018351: ; not directly referenced +fcn_00018415: ; not directly referenced push ebp mov ebp, esp push edi @@ -40135,13 +40207,13 @@ mov esi, dword [ebp + 0xc] mov edi, dword [ebp + 0x10] push ebx mov dword [ebp - 0x1c], edx -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 mov edx, dword [ebp - 0x1c] push edx push edi push esi push eax -call fcn_0001f920 ; call 0x1f920 +call fcn_0001f9ae ; call 0x1f9ae add esp, 0x20 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], eax @@ -40150,9 +40222,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018ed3 ; jmp 0x18ed3 +jmp near fcn_00018f97 ; jmp 0x18f97 -fcn_00018390: ; not directly referenced +fcn_00018454: ; not directly referenced push ebp mov ebp, esp push edi @@ -40165,13 +40237,13 @@ mov esi, dword [ebp + 0xc] mov edi, dword [ebp + 0x10] push ebx mov dword [ebp - 0x1c], edx -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 mov edx, dword [ebp - 0x1c] push edx push edi push esi push eax -call fcn_0001f792 ; call 0x1f792 +call fcn_0001f820 ; call 0x1f820 add esp, 0x20 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], eax @@ -40180,9 +40252,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018ed3 ; jmp 0x18ed3 +jmp near fcn_00018f97 ; jmp 0x18f97 -fcn_000183cf: ; not directly referenced +fcn_00018493: ; not directly referenced push ebp mov ebp, esp push edi @@ -40195,13 +40267,13 @@ mov esi, dword [ebp + 0xc] mov edi, dword [ebp + 0x10] push ebx mov dword [ebp - 0x1c], edx -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 mov edx, dword [ebp - 0x1c] push edx push edi push esi push eax -call fcn_0001f810 ; call 0x1f810 +call fcn_0001f89e ; call 0x1f89e add esp, 0x20 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], eax @@ -40210,9 +40282,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018ed3 ; jmp 0x18ed3 +jmp near fcn_00018f97 ; jmp 0x18f97 -fcn_0001840e: ; not directly referenced +fcn_000184d2: ; not directly referenced push ebp mov ebp, esp push edi @@ -40227,7 +40299,7 @@ push ebx mov edi, dword [ebp + 0x10] mov dword [ebp - 0x20], edx mov dword [ebp - 0x1c], ecx -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 mov ecx, dword [ebp - 0x1c] mov edx, dword [ebp - 0x20] mov dword [esp], ecx @@ -40235,7 +40307,7 @@ push edx push edi push esi push eax -call fcn_0001f88e ; call 0x1f88e +call fcn_0001f91c ; call 0x1f91c add esp, 0x20 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], eax @@ -40244,9 +40316,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00018ed3 ; jmp 0x18ed3 +jmp near fcn_00018f97 ; jmp 0x18f97 -fcn_00018459: ; not directly referenced +fcn_0001851d: ; not directly referenced push ebp mov ebp, esp push edi @@ -40257,7 +40329,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_00017c73 ; call 0x17c73 +call fcn_00017d37 ; call 0x17d37 add esp, 0x10 mov dword [ebp + 8], edi or eax, esi @@ -40269,9 +40341,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017c9d ; jmp 0x17c9d +jmp near fcn_00017d61 ; jmp 0x17d61 -fcn_0001848d: ; not directly referenced +fcn_00018551: ; not directly referenced push ebp mov ebp, esp push edi @@ -40282,7 +40354,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_00017c73 ; call 0x17c73 +call fcn_00017d37 ; call 0x17d37 add esp, 0x10 mov dword [ebp + 8], edi and eax, esi @@ -40294,9 +40366,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017c9d ; jmp 0x17c9d +jmp near fcn_00017d61 ; jmp 0x17d61 -fcn_000184c1: ; not directly referenced +fcn_00018585: ; not directly referenced push ebp mov ebp, esp push edi @@ -40311,7 +40383,7 @@ push ebx mov esi, dword [ebp + 0x10] mov dword [ebp - 0x1c], eax mov dword [ebp - 0x20], ecx -call fcn_00017c73 ; call 0x17c73 +call fcn_00017d37 ; call 0x17d37 add esp, 0x10 mov dword [ebp + 8], ebx and eax, edi @@ -40325,23 +40397,23 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017c9d ; jmp 0x17c9d +jmp near fcn_00017d61 ; jmp 0x17d61 -fcn_00018507: ; not directly referenced +fcn_000185cb: ; not directly referenced push ebp mov ebp, esp sub esp, 0x14 push dword [ebp + 8] -call fcn_00017c73 ; call 0x17c73 +call fcn_00017d37 ; call 0x17d37 push dword [ebp + 0x10] push dword [ebp + 0xc] push edx push eax -call fcn_0001f98f ; call 0x1f98f +call fcn_0001fa1d ; call 0x1fa1d leave ret -fcn_00018524: ; not directly referenced +fcn_000185e8: ; not directly referenced push ebp mov ebp, esp push edi @@ -40356,7 +40428,7 @@ push ecx mov esi, dword [ebp + 0x14] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x1c], eax -call fcn_00017c73 ; call 0x17c73 +call fcn_00017d37 ; call 0x17d37 pop ecx pop ecx push edi @@ -40365,7 +40437,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fcc5 ; call 0x1fcc5 +call fcn_0001fd53 ; call 0x1fd53 mov ecx, dword [ebp - 0x20] add esp, 0x20 mov dword [ebp + 8], ecx @@ -40376,9 +40448,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017c9d ; jmp 0x17c9d +jmp near fcn_00017d61 ; jmp 0x17d61 -fcn_00018572: ; not directly referenced +fcn_00018636: ; not directly referenced push ebp mov ebp, esp push edi @@ -40393,7 +40465,7 @@ push ecx mov esi, dword [ebp + 0x14] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x1c], eax -call fcn_00017c73 ; call 0x17c73 +call fcn_00017d37 ; call 0x17d37 pop ecx pop ecx push edi @@ -40402,7 +40474,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fa1e ; call 0x1fa1e +call fcn_0001faac ; call 0x1faac mov ecx, dword [ebp - 0x20] add esp, 0x20 mov dword [ebp + 8], ecx @@ -40413,9 +40485,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017c9d ; jmp 0x17c9d +jmp near fcn_00017d61 ; jmp 0x17d61 -fcn_000185c0: ; not directly referenced +fcn_00018684: ; not directly referenced push ebp mov ebp, esp push edi @@ -40430,7 +40502,7 @@ push ecx mov esi, dword [ebp + 0x14] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x1c], eax -call fcn_00017c73 ; call 0x17c73 +call fcn_00017d37 ; call 0x17d37 pop ecx pop ecx push edi @@ -40439,7 +40511,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fb10 ; call 0x1fb10 +call fcn_0001fb9e ; call 0x1fb9e mov ecx, dword [ebp - 0x20] add esp, 0x20 mov dword [ebp + 8], ecx @@ -40450,9 +40522,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017c9d ; jmp 0x17c9d +jmp near fcn_00017d61 ; jmp 0x17d61 -fcn_0001860e: ; not directly referenced +fcn_000186d2: ; not directly referenced push ebp mov ebp, esp push edi @@ -40471,7 +40543,7 @@ mov ebx, dword [ebp + 0xc] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x28], eax mov dword [ebp - 0x24], edx -call fcn_00017c73 ; call 0x17c73 +call fcn_00017d37 ; call 0x17d37 push edi push esi push dword [ebp - 0x24] @@ -40480,7 +40552,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fc0e ; call 0x1fc0e +call fcn_0001fc9c ; call 0x1fc9c mov ecx, dword [ebp - 0x20] add esp, 0x30 mov dword [ebp + 8], ecx @@ -40491,9 +40563,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017c9d ; jmp 0x17c9d +jmp near fcn_00017d61 ; jmp 0x17d61 -fcn_0001866c: +fcn_00018730: push ebp mov ebp, esp push esi @@ -40502,7 +40574,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov dword [ebp + 8], ebx or eax, esi @@ -40512,9 +40584,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00017ce1 ; jmp 0x17ce1 +jmp near fcn_00017da5 ; jmp 0x17da5 -fcn_00018699: +fcn_0001875d: push ebp mov ebp, esp push esi @@ -40523,7 +40595,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov dword [ebp + 8], ebx and eax, esi @@ -40533,9 +40605,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00017ce1 ; jmp 0x17ce1 +jmp near fcn_00017da5 ; jmp 0x17da5 -fcn_000186c6: +fcn_0001878a: push ebp mov ebp, esp push edi @@ -40546,7 +40618,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov dword [ebp + 8], edi and eax, esi @@ -40558,9 +40630,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017ce1 ; jmp 0x17ce1 +jmp near fcn_00017da5 ; jmp 0x17da5 -fcn_000186fa: ; not directly referenced +fcn_000187be: ; not directly referenced push ebp mov ebp, esp push esi @@ -40569,7 +40641,7 @@ push ebx mov ebx, dword [ebp + 0xc] sub esp, 0xc push dword [ebp + 8] -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b add esp, 0x10 mov dword [ebp + 0x10], esi mov dword [ebp + 0xc], ebx @@ -40579,9 +40651,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_0001f228 ; jmp 0x1f228 +jmp near fcn_0001f2b6 ; jmp 0x1f2b6 -fcn_0001872a: ; not directly referenced +fcn_000187ee: ; not directly referenced push ebp mov ebp, esp push edi @@ -40594,7 +40666,7 @@ mov esi, dword [ebp + 0x14] mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov edx, dword [ebp - 0x1c] mov ecx, esi movzx esi, cl @@ -40603,7 +40675,7 @@ push edx push edi movzx eax, al push eax -call fcn_0001f42e ; call 0x1f42e +call fcn_0001f4bc ; call 0x1f4bc add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, al @@ -40613,9 +40685,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017ce1 ; jmp 0x17ce1 +jmp near fcn_00017da5 ; jmp 0x17da5 -fcn_00018774: ; not directly referenced +fcn_00018838: ; not directly referenced push ebp mov ebp, esp push edi @@ -40628,7 +40700,7 @@ mov esi, dword [ebp + 0x14] mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov edx, dword [ebp - 0x1c] mov ecx, esi movzx esi, cl @@ -40637,7 +40709,7 @@ push edx push edi movzx eax, al push eax -call fcn_0001f29b ; call 0x1f29b +call fcn_0001f329 ; call 0x1f329 add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, al @@ -40647,9 +40719,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017ce1 ; jmp 0x17ce1 +jmp near fcn_00017da5 ; jmp 0x17da5 -fcn_000187be: ; not directly referenced +fcn_00018882: ; not directly referenced push ebp mov ebp, esp push edi @@ -40662,7 +40734,7 @@ mov esi, dword [ebp + 0x14] mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov edx, dword [ebp - 0x1c] mov ecx, esi movzx esi, cl @@ -40671,7 +40743,7 @@ push edx push edi movzx eax, al push eax -call fcn_0001f316 ; call 0x1f316 +call fcn_0001f3a4 ; call 0x1f3a4 add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, al @@ -40681,9 +40753,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017ce1 ; jmp 0x17ce1 +jmp near fcn_00017da5 ; jmp 0x17da5 -fcn_00018808: ; not directly referenced +fcn_000188cc: ; not directly referenced push ebp mov ebp, esp push edi @@ -40698,7 +40770,7 @@ mov edi, dword [ebp + 0x18] push ebx mov dword [ebp - 0x20], edx mov dword [ebp - 0x1c], ecx -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov ecx, esi mov edx, edi movzx esi, cl @@ -40711,7 +40783,7 @@ push ecx push edx movzx eax, al push eax -call fcn_0001f391 ; call 0x1f391 +call fcn_0001f41f ; call 0x1f41f add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, al @@ -40721,9 +40793,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017ce1 ; jmp 0x17ce1 +jmp near fcn_00017da5 ; jmp 0x17da5 -fcn_00018863: +fcn_00018927: push ebp mov ebp, esp push esi @@ -40732,7 +40804,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov dword [ebp + 8], ebx or eax, esi @@ -40742,9 +40814,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00017d40 ; jmp 0x17d40 +jmp near fcn_00017e04 ; jmp 0x17e04 -fcn_00018890: +fcn_00018954: push ebp mov ebp, esp push esi @@ -40753,7 +40825,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov dword [ebp + 8], ebx and eax, esi @@ -40763,9 +40835,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00017d40 ; jmp 0x17d40 +jmp near fcn_00017e04 ; jmp 0x17e04 -fcn_000188bd: +fcn_00018981: push ebp mov ebp, esp push edi @@ -40776,7 +40848,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov dword [ebp + 8], edi and eax, esi @@ -40788,9 +40860,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017d40 ; jmp 0x17d40 +jmp near fcn_00017e04 ; jmp 0x17e04 -fcn_000188f1: ; not directly referenced +fcn_000189b5: ; not directly referenced push ebp mov ebp, esp push esi @@ -40799,7 +40871,7 @@ push ebx mov ebx, dword [ebp + 0xc] sub esp, 0xc push dword [ebp + 8] -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov dword [ebp + 0x10], esi mov dword [ebp + 0xc], ebx @@ -40809,9 +40881,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_0001f4ae ; jmp 0x1f4ae +jmp near fcn_0001f53c ; jmp 0x1f53c -fcn_00018921: ; not directly referenced +fcn_000189e5: ; not directly referenced push ebp mov ebp, esp push edi @@ -40825,14 +40897,14 @@ mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx movzx esi, si -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov edx, dword [ebp - 0x1c] push esi push edx push edi movzx eax, ax push eax -call fcn_0001f6aa ; call 0x1f6aa +call fcn_0001f738 ; call 0x1f738 add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, ax @@ -40842,9 +40914,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017d40 ; jmp 0x17d40 +jmp near fcn_00017e04 ; jmp 0x17e04 -fcn_00018969: ; not directly referenced +fcn_00018a2d: ; not directly referenced push ebp mov ebp, esp push edi @@ -40858,14 +40930,14 @@ mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx movzx esi, si -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov edx, dword [ebp - 0x1c] push esi push edx push edi movzx eax, ax push eax -call fcn_0001f521 ; call 0x1f521 +call fcn_0001f5af ; call 0x1f5af add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, ax @@ -40875,9 +40947,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017d40 ; jmp 0x17d40 +jmp near fcn_00017e04 ; jmp 0x17e04 -fcn_000189b1: ; not directly referenced +fcn_00018a75: ; not directly referenced push ebp mov ebp, esp push edi @@ -40891,14 +40963,14 @@ mov edi, dword [ebp + 0xc] push ebx mov dword [ebp - 0x1c], edx movzx esi, si -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov edx, dword [ebp - 0x1c] push esi push edx push edi movzx eax, ax push eax -call fcn_0001f598 ; call 0x1f598 +call fcn_0001f626 ; call 0x1f626 add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, ax @@ -40908,9 +40980,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017d40 ; jmp 0x17d40 +jmp near fcn_00017e04 ; jmp 0x17e04 -fcn_000189f9: ; not directly referenced +fcn_00018abd: ; not directly referenced push ebp mov ebp, esp push edi @@ -40926,7 +40998,7 @@ mov edi, dword [ebp + 0x18] mov dword [ebp - 0x20], edx mov dword [ebp - 0x1c], ecx movzx esi, si -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov ecx, dword [ebp - 0x1c] movzx edi, di mov edx, dword [ebp - 0x20] @@ -40936,7 +41008,7 @@ push ecx push edx movzx eax, ax push eax -call fcn_0001f60f ; call 0x1f60f +call fcn_0001f69d ; call 0x1f69d add esp, 0x20 mov dword [ebp + 8], ebx movzx eax, ax @@ -40946,9 +41018,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017d40 ; jmp 0x17d40 +jmp near fcn_00017e04 ; jmp 0x17e04 -fcn_00018a50: +fcn_00018b14: push ebp mov ebp, esp push esi @@ -40957,7 +41029,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov dword [ebp + 8], ebx or eax, esi @@ -40966,9 +41038,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_00018a7a: +fcn_00018b3e: push ebp mov ebp, esp push esi @@ -40977,7 +41049,7 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov dword [ebp + 8], ebx and eax, esi @@ -40986,9 +41058,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_00018aa4: +fcn_00018b68: push ebp mov ebp, esp push edi @@ -40999,7 +41071,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov dword [ebp + 8], edi and eax, esi @@ -41010,9 +41082,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_00018ad5: ; not directly referenced +fcn_00018b99: ; not directly referenced push ebp mov ebp, esp push esi @@ -41021,7 +41093,7 @@ push ebx mov ebx, dword [ebp + 0xc] sub esp, 0xc push dword [ebp + 8] -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov dword [ebp + 0x10], esi mov dword [ebp + 0xc], ebx @@ -41030,9 +41102,9 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_0001f726 ; jmp 0x1f726 +jmp near fcn_0001f7b4 ; jmp 0x1f7b4 -fcn_00018b02: +fcn_00018bc6: push ebp mov ebp, esp push edi @@ -41045,13 +41117,13 @@ mov esi, dword [ebp + 0xc] mov edi, dword [ebp + 0x10] push ebx mov dword [ebp - 0x1c], edx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x1c] push edx push edi push esi push eax -call fcn_0001f920 ; call 0x1f920 +call fcn_0001f9ae ; call 0x1f9ae add esp, 0x20 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], eax @@ -41060,9 +41132,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_00018b41: ; not directly referenced +fcn_00018c05: ; not directly referenced push ebp mov ebp, esp push edi @@ -41075,13 +41147,13 @@ mov esi, dword [ebp + 0xc] mov edi, dword [ebp + 0x10] push ebx mov dword [ebp - 0x1c], edx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x1c] push edx push edi push esi push eax -call fcn_0001f792 ; call 0x1f792 +call fcn_0001f820 ; call 0x1f820 add esp, 0x20 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], eax @@ -41090,9 +41162,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_00018b80: ; not directly referenced +fcn_00018c44: ; not directly referenced push ebp mov ebp, esp push edi @@ -41105,13 +41177,13 @@ mov esi, dword [ebp + 0xc] mov edi, dword [ebp + 0x10] push ebx mov dword [ebp - 0x1c], edx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x1c] push edx push edi push esi push eax -call fcn_0001f810 ; call 0x1f810 +call fcn_0001f89e ; call 0x1f89e add esp, 0x20 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], eax @@ -41120,9 +41192,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_00018bbf: ; not directly referenced +fcn_00018c83: ; not directly referenced push ebp mov ebp, esp push edi @@ -41137,7 +41209,7 @@ push ebx mov edi, dword [ebp + 0x10] mov dword [ebp - 0x20], edx mov dword [ebp - 0x1c], ecx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ecx, dword [ebp - 0x1c] mov edx, dword [ebp - 0x20] mov dword [esp], ecx @@ -41145,7 +41217,7 @@ push edx push edi push esi push eax -call fcn_0001f88e ; call 0x1f88e +call fcn_0001f91c ; call 0x1f91c add esp, 0x20 mov dword [ebp + 8], ebx mov dword [ebp + 0xc], eax @@ -41154,9 +41226,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_00018c0a: ; not directly referenced +fcn_00018cce: ; not directly referenced push ebp mov ebp, esp push edi @@ -41167,7 +41239,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 add esp, 0x10 mov dword [ebp + 8], edi or eax, esi @@ -41179,9 +41251,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017e64 ; jmp 0x17e64 +jmp near fcn_00017f28 ; jmp 0x17f28 -fcn_00018c3e: +fcn_00018d02: push ebp mov ebp, esp push edi @@ -41192,7 +41264,7 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] push edi -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 add esp, 0x10 mov dword [ebp + 8], edi and eax, esi @@ -41204,9 +41276,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017e64 ; jmp 0x17e64 +jmp near fcn_00017f28 ; jmp 0x17f28 -fcn_00018c72: ; not directly referenced +fcn_00018d36: ; not directly referenced push ebp mov ebp, esp push edi @@ -41221,7 +41293,7 @@ push ebx mov esi, dword [ebp + 0x10] mov dword [ebp - 0x1c], eax mov dword [ebp - 0x20], ecx -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 add esp, 0x10 mov dword [ebp + 8], ebx and eax, edi @@ -41235,23 +41307,23 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017e64 ; jmp 0x17e64 +jmp near fcn_00017f28 ; jmp 0x17f28 -fcn_00018cb8: ; not directly referenced +fcn_00018d7c: ; not directly referenced push ebp mov ebp, esp sub esp, 0x14 push dword [ebp + 8] -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 push dword [ebp + 0x10] push dword [ebp + 0xc] push edx push eax -call fcn_0001f98f ; call 0x1f98f +call fcn_0001fa1d ; call 0x1fa1d leave ret -fcn_00018cd5: ; not directly referenced +fcn_00018d99: ; not directly referenced push ebp mov ebp, esp push edi @@ -41266,7 +41338,7 @@ push ecx mov esi, dword [ebp + 0x14] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x1c], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 pop ecx pop ecx push edi @@ -41275,7 +41347,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fcc5 ; call 0x1fcc5 +call fcn_0001fd53 ; call 0x1fd53 mov ecx, dword [ebp - 0x20] add esp, 0x20 mov dword [ebp + 8], ecx @@ -41286,9 +41358,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017e64 ; jmp 0x17e64 +jmp near fcn_00017f28 ; jmp 0x17f28 -fcn_00018d23: ; not directly referenced +fcn_00018de7: ; not directly referenced push ebp mov ebp, esp push edi @@ -41303,7 +41375,7 @@ push ecx mov esi, dword [ebp + 0x14] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x1c], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 pop ecx pop ecx push edi @@ -41312,7 +41384,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fa1e ; call 0x1fa1e +call fcn_0001faac ; call 0x1faac mov ecx, dword [ebp - 0x20] add esp, 0x20 mov dword [ebp + 8], ecx @@ -41323,9 +41395,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017e64 ; jmp 0x17e64 +jmp near fcn_00017f28 ; jmp 0x17f28 -fcn_00018d71: ; not directly referenced +fcn_00018e35: ; not directly referenced push ebp mov ebp, esp push edi @@ -41340,7 +41412,7 @@ push ecx mov esi, dword [ebp + 0x14] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x1c], eax -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 pop ecx pop ecx push edi @@ -41349,7 +41421,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fb10 ; call 0x1fb10 +call fcn_0001fb9e ; call 0x1fb9e mov ecx, dword [ebp - 0x20] add esp, 0x20 mov dword [ebp + 8], ecx @@ -41360,9 +41432,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017e64 ; jmp 0x17e64 +jmp near fcn_00017f28 ; jmp 0x17f28 -fcn_00018dbf: ; not directly referenced +fcn_00018e83: ; not directly referenced push ebp mov ebp, esp push edi @@ -41381,7 +41453,7 @@ mov ebx, dword [ebp + 0xc] mov dword [ebp - 0x20], ecx mov dword [ebp - 0x28], eax mov dword [ebp - 0x24], edx -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 push edi push esi push dword [ebp - 0x24] @@ -41390,7 +41462,7 @@ push dword [ebp - 0x1c] push ebx push edx push eax -call fcn_0001fc0e ; call 0x1fc0e +call fcn_0001fc9c ; call 0x1fc9c mov ecx, dword [ebp - 0x20] add esp, 0x30 mov dword [ebp + 8], ecx @@ -41401,9 +41473,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00017e64 ; jmp 0x17e64 +jmp near fcn_00017f28 ; jmp 0x17f28 -fcn_00018e1d: +fcn_00018ee1: push ebp mov ebp, esp mov edx, dword [ebp + 8] @@ -41411,7 +41483,7 @@ in al, dx pop ebp ret -fcn_00018e26: +fcn_00018eea: push ebp mov ebp, esp mov eax, dword [ebp + 0xc] @@ -41420,47 +41492,47 @@ out dx, al pop ebp ret -fcn_00018e32: +fcn_00018ef6: push ebp mov ebp, esp sub esp, 8 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00018e5c ; je 0x18e5c +je short loc_00018f20 ; je 0x18f20 test byte [ebp + 8], 1 -je short loc_00018e5c ; je 0x18e5c +je short loc_00018f20 ; je 0x18f20 push eax -push ref_00025b44 ; push 0x25b44 +push ref_00025bf3 ; push 0x25bf3 push 0x69 -push ref_00025b54 ; push 0x25b54 -call fcn_000153fc ; call 0x153fc +push ref_00025c03 ; push 0x25c03 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00018e5c: +loc_00018f20: mov edx, dword [ebp + 8] in ax, dx leave ret -fcn_00018e63: +fcn_00018f27: push ebp mov ebp, esp push ebx push edx mov ebx, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00018e92 ; je 0x18e92 +je short loc_00018f56 ; je 0x18f56 test byte [ebp + 8], 1 -je short loc_00018e92 ; je 0x18e92 +je short loc_00018f56 ; je 0x18f56 push eax -push ref_00025b44 ; push 0x25b44 +push ref_00025bf3 ; push 0x25bf3 push 0x86 -push ref_00025b54 ; push 0x25b54 -call fcn_000153fc ; call 0x153fc +push ref_00025c03 ; push 0x25c03 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00018e92: +loc_00018f56: mov eax, ebx mov edx, dword [ebp + 8] out dx, ax @@ -41469,45 +41541,45 @@ mov ebx, dword [ebp - 4] leave ret -fcn_00018ea0: +fcn_00018f64: push ebp mov ebp, esp sub esp, 8 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00018ecd ; je 0x18ecd +je short loc_00018f91 ; je 0x18f91 test byte [ebp + 8], 3 -je short loc_00018ecd ; je 0x18ecd +je short loc_00018f91 ; je 0x18f91 push eax -push ref_00025b93 ; push 0x25b93 +push ref_00025c42 ; push 0x25c42 push 0xa3 -push ref_00025b54 ; push 0x25b54 -call fcn_000153fc ; call 0x153fc +push ref_00025c03 ; push 0x25c03 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00018ecd: +loc_00018f91: mov edx, dword [ebp + 8] in eax, dx leave ret -fcn_00018ed3: +fcn_00018f97: push ebp mov ebp, esp sub esp, 8 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00018f00 ; je 0x18f00 +je short loc_00018fc4 ; je 0x18fc4 test byte [ebp + 8], 3 -je short loc_00018f00 ; je 0x18f00 +je short loc_00018fc4 ; je 0x18fc4 push eax -push ref_00025b93 ; push 0x25b93 +push ref_00025c42 ; push 0x25c42 push 0xc0 -push ref_00025b54 ; push 0x25b54 -call fcn_000153fc ; call 0x153fc +push ref_00025c03 ; push 0x25c03 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00018f00: +loc_00018fc4: mov eax, dword [ebp + 0xc] mov edx, dword [ebp + 8] out dx, eax @@ -41515,207 +41587,207 @@ mov eax, dword [ebp + 0xc] leave ret -fcn_00018f0c: +fcn_00018fd0: push ebp mov ebp, esp push ebx sub esp, 0x20 lea eax, [ebp - 0xc] push eax -call fcn_00019703 ; call 0x19703 +call fcn_000197c7 ; call 0x197c7 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00018f60 ; je 0x18f60 +je short loc_00019024 ; je 0x19024 test ebx, ebx -jns short loc_00018f60 ; jns 0x18f60 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00019024 ; jns 0x19024 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00018f4b ; je 0x18f4b +je short loc_0001900f ; je 0x1900f push ecx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00018f4b: +loc_0001900f: push edx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x32 -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00018f60: -call fcn_000153f0 ; call 0x153f0 +loc_00019024: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00018f84 ; je 0x18f84 +je short loc_00019048 ; je 0x19048 cmp dword [ebp - 0xc], 0 -jne short loc_00018f84 ; jne 0x18f84 +jne short loc_00019048 ; jne 0x19048 push eax -push ref_00025bd7 ; push 0x25bd7 +push ref_00025c86 ; push 0x25c86 push 0x33 -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00018f84: +loc_00019048: mov eax, dword [ebp - 0xc] mov ebx, dword [ebp - 4] leave ret -fcn_00018f8c: +fcn_00019050: push ebp mov ebp, esp push esi mov esi, dword [ebp + 8] push ebx mov ebx, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00018fc6 ; je 0x18fc6 +je short loc_0001908a ; je 0x1908a test ebx, ebx -jne short loc_00018fc6 ; jne 0x18fc6 +jne short loc_0001908a ; jne 0x1908a push eax -push ref_00025bef ; push 0x25bef +push ref_00025c9e ; push 0x25c9e push 0x52 -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp short loc_00018fc6 ; jmp 0x18fc6 +jmp short loc_0001908a ; jmp 0x1908a -loc_00018fbb: +loc_0001907f: cmp ax, si -je short loc_00018fd3 ; je 0x18fd3 +je short loc_00019097 ; je 0x19097 movzx eax, word [ebx + 2] add ebx, eax -loc_00018fc6: +loc_0001908a: mov ax, word [ebx] cmp ax, 0xffff -jne short loc_00018fbb ; jne 0x18fbb +jne short loc_0001907f ; jne 0x1907f xor eax, eax -jmp short loc_00018fd5 ; jmp 0x18fd5 +jmp short loc_00019099 ; jmp 0x19099 -loc_00018fd3: +loc_00019097: mov eax, ebx -loc_00018fd5: +loc_00019099: lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_00018fdc: ; not directly referenced +fcn_000190a0: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_00018f0c ; call 0x18f0c +call fcn_00018fd0 ; call 0x18fd0 movzx ebx, bx push edx push edx push eax push ebx -call fcn_00018f8c ; call 0x18f8c +call fcn_00019050 ; call 0x19050 mov ebx, dword [ebp - 4] leave ret -fcn_00018ffa: +fcn_000190be: push ebp mov ebp, esp push ebx push ecx mov ebx, dword [ebp + 0xc] -loc_00019002: +loc_000190c6: push eax push eax push ebx push 4 -call fcn_00018f8c ; call 0x18f8c +call fcn_00019050 ; call 0x19050 add esp, 0x10 mov ebx, eax test eax, eax -je short loc_00019032 ; je 0x19032 +je short loc_000190f6 ; je 0x190f6 push edx push edx lea eax, [ebx + 8] push eax push dword [ebp + 8] -call fcn_00016e24 ; call 0x16e24 +call fcn_00016ee8 ; call 0x16ee8 add esp, 0x10 test al, al -jne short loc_00019032 ; jne 0x19032 +jne short loc_000190f6 ; jne 0x190f6 movzx eax, word [ebx + 2] add ebx, eax -jmp short loc_00019002 ; jmp 0x19002 +jmp short loc_000190c6 ; jmp 0x190c6 -loc_00019032: +loc_000190f6: mov eax, ebx mov ebx, dword [ebp - 4] leave ret -fcn_00019039: +fcn_000190fd: push ebp mov ebp, esp sub esp, 8 -call fcn_00018f0c ; call 0x18f0c +call fcn_00018fd0 ; call 0x18fd0 push edx push edx push eax push dword [ebp + 8] -call fcn_00018ffa ; call 0x18ffa +call fcn_000190be ; call 0x190be leave ret -fcn_00019051: ; not directly referenced +fcn_00019115: ; not directly referenced push ebp mov ebp, esp push ebx sub esp, 0x20 lea eax, [ebp - 0xc] push eax -call fcn_000196d3 ; call 0x196d3 +call fcn_00019797 ; call 0x19797 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_000190a8 ; je 0x190a8 +je short loc_0001916c ; je 0x1916c test ebx, ebx -jns short loc_000190a8 ; jns 0x190a8 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001916c ; jns 0x1916c +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00019090 ; je 0x19090 +je short loc_00019154 ; je 0x19154 push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00019090: ; not directly referenced +loc_00019154: ; not directly referenced push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xd8 -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000190a8: ; not directly referenced +loc_0001916c: ; not directly referenced mov eax, dword [ebp - 0xc] mov ebx, dword [ebp - 4] leave ret -fcn_000190b0: ; not directly referenced +fcn_00019174: ; not directly referenced push ebp mov ebp, esp sub esp, 0x1c @@ -41725,31 +41797,31 @@ movzx eax, word [ebp + 0xc] push eax movzx eax, word [ebp + 8] push eax -call fcn_0001971b ; call 0x1971b +call fcn_000197df ; call 0x197df add esp, 0x10 test eax, eax -jns short loc_000190d7 ; jns 0x190d7 +jns short loc_0001919b ; jns 0x1919b mov dword [ebp - 0xc], 0 -loc_000190d7: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001919b: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000190fe ; je 0x190fe +je short loc_000191c2 ; je 0x191c2 cmp dword [ebp - 0xc], 0 -jne short loc_000190fe ; jne 0x190fe +jne short loc_000191c2 ; jne 0x191c2 push eax -push ref_00025c08 ; push 0x25c08 +push ref_00025cb7 ; push 0x25cb7 push 0xfa -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000190fe: ; not directly referenced +loc_000191c2: ; not directly referenced mov eax, dword [ebp - 0xc] leave ret -fcn_00019103: ; not directly referenced +fcn_000191c7: ; not directly referenced push ebp mov ebp, esp push edi @@ -41766,38 +41838,38 @@ mov dword [ebp - 0x1c], edx mov dword [ebp - 0x28], eax mov eax, dword [ebp + 0x1c] mov dword [ebp - 0x20], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001915b ; je 0x1915b +je short loc_0001921f ; je 0x1921f test esi, 0xfff -jne short loc_00019143 ; jne 0x19143 +jne short loc_00019207 ; jne 0x19207 test ebx, 0xfff -je short loc_0001915b ; je 0x1915b +je short loc_0001921f ; je 0x1921f -loc_00019143: ; not directly referenced +loc_00019207: ; not directly referenced push eax -push ref_00025c1c ; push 0x25c1c +push ref_00025ccb ; push 0x25ccb push 0x11a -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001915b: ; not directly referenced +loc_0001921f: ; not directly referenced push edi push edi push 0x48 push 2 -call fcn_000190b0 ; call 0x190b0 +call fcn_00019174 ; call 0x19174 add esp, 0x10 mov edi, eax test eax, eax -je short loc_000191c2 ; je 0x191c2 +je short loc_00019286 ; je 0x19286 push eax push eax -push ref_00028fac ; push 0x28fac +push ref_0002905c ; push 0x2905c lea eax, [edi + 8] push eax -call fcn_00016de3 ; call 0x16de3 +call fcn_00016ea7 ; call 0x16ea7 mov eax, dword [ebp - 0x24] mov dword [edi + 0x18], esi mov dword [edi + 0x20], ebx @@ -41810,20 +41882,20 @@ pop edx pop ecx push 4 push eax -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff lea eax, [edi + 0x30] pop ebx pop esi push dword [ebp + 8] push eax -call fcn_00016de3 ; call 0x16de3 +call fcn_00016ea7 ; call 0x16ea7 mov eax, dword [ebp - 0x20] add esp, 0x10 mov edx, dword [ebp - 0x1c] mov dword [edi + 0x40], eax mov dword [edi + 0x44], edx -loc_000191c2: ; not directly referenced +loc_00019286: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -41831,7 +41903,7 @@ pop edi pop ebp ret -fcn_000191ca: ; not directly referenced +fcn_0001928e: ; not directly referenced push ebp mov ebp, esp push edi @@ -41845,10 +41917,10 @@ push 3 mov edi, dword [ebp + 0x14] mov dword [ebp - 0x10], eax mov dword [ebp - 0xc], edx -call fcn_000190b0 ; call 0x190b0 +call fcn_00019174 ; call 0x19174 add esp, 0x10 test eax, eax -je short loc_00019212 ; je 0x19212 +je short loc_000192d6 ; je 0x192d6 mov edx, dword [ebp + 8] mov dword [eax + 0x20], esi mov esi, dword [ebp - 0x10] @@ -41860,78 +41932,78 @@ mov dword [eax + 0x28], esi mov dword [eax + 0x2c], edi mov dword [eax + 0x1c], edx -loc_00019212: ; not directly referenced +loc_000192d6: ; not directly referenced lea esp, [ebp - 8] pop esi pop edi pop ebp ret -fcn_00019219: ; not directly referenced +fcn_000192dd: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 8] push ebx mov ebx, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019249 ; je 0x19249 +je short loc_0001930d ; je 0x1930d test esi, esi -jne short loc_00019249 ; jne 0x19249 +jne short loc_0001930d ; jne 0x1930d push eax -push ref_00025c7b ; push 0x25c7b +push ref_00025d2a ; push 0x25d2a push 0x176 -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019249: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001930d: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019272 ; je 0x19272 +je short loc_00019336 ; je 0x19336 cmp ebx, 0xffe0 -jbe short loc_00019272 ; jbe 0x19272 +jbe short loc_00019336 ; jbe 0x19336 push ecx -push ref_00025c90 ; push 0x25c90 +push ref_00025d3f ; push 0x25d3f push 0x17b -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019272: ; not directly referenced +loc_00019336: ; not directly referenced add ebx, 0x18 push edx movzx ebx, bx push edx push ebx push 4 -call fcn_000190b0 ; call 0x190b0 +call fcn_00019174 ; call 0x19174 add esp, 0x10 mov ebx, eax test eax, eax -je short loc_0001929f ; je 0x1929f +je short loc_00019363 ; je 0x19363 push eax push eax push esi lea eax, [ebx + 8] push eax -call fcn_00016de3 ; call 0x16de3 +call fcn_00016ea7 ; call 0x16ea7 lea eax, [ebx + 0x18] add esp, 0x10 -jmp short loc_000192a1 ; jmp 0x192a1 +jmp short loc_00019365 ; jmp 0x19365 -loc_0001929f: ; not directly referenced +loc_00019363: ; not directly referenced xor eax, eax -loc_000192a1: ; not directly referenced +loc_00019365: ; not directly referenced lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_000192a8: ; not directly referenced +fcn_0001936c: ; not directly referenced push ebp mov ebp, esp push edi @@ -41941,29 +42013,29 @@ sub esp, 0xc mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000192e3 ; je 0x192e3 +je short loc_000193a7 ; je 0x193a7 test esi, esi -jne short loc_000192e3 ; jne 0x192e3 +jne short loc_000193a7 ; jne 0x193a7 test ebx, ebx -je short loc_000192e3 ; je 0x192e3 +je short loc_000193a7 ; je 0x193a7 push edx -push ref_00025cc4 ; push 0x25cc4 +push ref_00025d73 ; push 0x25d73 push 0x1a8 -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000192e3: ; not directly referenced +loc_000193a7: ; not directly referenced push eax push eax push ebx push edi -call fcn_00019219 ; call 0x19219 +call fcn_000192dd ; call 0x192dd add esp, 0x10 test eax, eax -je short loc_00019308 ; je 0x19308 +je short loc_000193cc ; je 0x193cc mov dword [ebp + 0x10], ebx mov dword [ebp + 0xc], esi mov dword [ebp + 8], eax @@ -41972,9 +42044,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_0001707a ; jmp 0x1707a +jmp near fcn_0001713e ; jmp 0x1713e -loc_00019308: ; not directly referenced +loc_000193cc: ; not directly referenced lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -41983,7 +42055,7 @@ pop edi pop ebp ret -fcn_00019312: ; not directly referenced +fcn_000193d6: ; not directly referenced push ebp mov ebp, esp push edi @@ -41997,10 +42069,10 @@ push 5 mov edi, dword [ebp + 0xc] mov dword [ebp - 0x10], eax mov dword [ebp - 0xc], edx -call fcn_000190b0 ; call 0x190b0 +call fcn_00019174 ; call 0x19174 add esp, 0x10 test eax, eax -je short loc_0001934e ; je 0x1934e +je short loc_00019412 ; je 0x19412 mov edx, dword [ebp - 0x10] mov ecx, dword [ebp - 0xc] mov dword [eax + 8], esi @@ -42008,14 +42080,14 @@ mov dword [eax + 0xc], edi mov dword [eax + 0x10], edx mov dword [eax + 0x14], ecx -loc_0001934e: ; not directly referenced +loc_00019412: ; not directly referenced lea esp, [ebp - 8] pop esi pop edi pop ebp ret -fcn_00019355: ; not directly referenced +fcn_00019419: ; not directly referenced push ebp mov ebp, esp push edi @@ -42033,11 +42105,11 @@ mov ebx, dword [ebp + 0x1c] mov dword [ebp - 0x1c], edx mov dword [ebp - 0x20], eax mov dword [ebp - 0x24], ecx -call fcn_000190b0 ; call 0x190b0 +call fcn_00019174 ; call 0x19174 add esp, 0x10 mov edx, eax test eax, eax -je short loc_000193ca ; je 0x193ca +je short loc_0001948e ; je 0x1948e mov dword [eax + 8], esi mov esi, dword [ebp - 0x20] mov dword [eax + 0xc], edi @@ -42051,7 +42123,7 @@ push eax push ecx lea eax, [edx + 0x18] push eax -call fcn_00016de3 ; call 0x16de3 +call fcn_00016ea7 ; call 0x16ea7 mov edx, dword [ebp - 0x20] add esp, 0x10 mov dword [ebp + 0xc], ebx @@ -42062,9 +42134,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00016de3 ; jmp 0x16de3 +jmp near fcn_00016ea7 ; jmp 0x16ea7 -loc_000193ca: ; not directly referenced +loc_0001948e: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -42072,7 +42144,7 @@ pop edi pop ebp ret -fcn_000193d2: ; not directly referenced +fcn_00019496: ; not directly referenced push ebp mov ebp, esp push edi @@ -42086,10 +42158,10 @@ push 0xb mov edi, dword [ebp + 0xc] mov dword [ebp - 0x10], eax mov dword [ebp - 0xc], edx -call fcn_000190b0 ; call 0x190b0 +call fcn_00019174 ; call 0x19174 add esp, 0x10 test eax, eax -je short loc_0001940e ; je 0x1940e +je short loc_000194d2 ; je 0x194d2 mov edx, dword [ebp - 0x10] mov ecx, dword [ebp - 0xc] mov dword [eax + 8], esi @@ -42097,14 +42169,14 @@ mov dword [eax + 0xc], edi mov dword [eax + 0x10], edx mov dword [eax + 0x14], ecx -loc_0001940e: ; not directly referenced +loc_000194d2: ; not directly referenced lea esp, [ebp - 8] pop esi pop edi pop ebp ret -fcn_00019415: ; not directly referenced +fcn_000194d9: ; not directly referenced push ebp mov ebp, esp push esi @@ -42115,10 +42187,10 @@ push eax push eax push 0x10 push 6 -call fcn_000190b0 ; call 0x190b0 +call fcn_00019174 ; call 0x19174 add esp, 0x10 test eax, eax -je short loc_00019452 ; je 0x19452 +je short loc_00019516 ; je 0x19516 mov edx, esi add eax, 0xa mov byte [eax - 2], dl @@ -42129,16 +42201,16 @@ lea esp, [ebp - 8] pop ebx pop esi pop ebp -jmp near fcn_00016f3b ; jmp 0x16f3b +jmp near fcn_00016fff ; jmp 0x16fff -loc_00019452: ; not directly referenced +loc_00019516: ; not directly referenced lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_00019459: ; not directly referenced +fcn_0001951d: ; not directly referenced push ebp mov ebp, esp push edi @@ -42150,39 +42222,39 @@ mov esi, dword [ebp + 8] mov edi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] mov dword [ebp - 0x1c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_000194a2 ; je 0x194a2 +je short loc_00019566 ; je 0x19566 test esi, 0xfff -jne short loc_0001948a ; jne 0x1948a +jne short loc_0001954e ; jne 0x1954e test ebx, 0xfff -je short loc_000194a2 ; je 0x194a2 +je short loc_00019566 ; je 0x19566 -loc_0001948a: ; not directly referenced +loc_0001954e: ; not directly referenced push ecx -push ref_00025cec ; push 0x25cec +push ref_00025d9b ; push 0x25d9b push 0x251 -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000194a2: ; not directly referenced +loc_00019566: ; not directly referenced push edx push edx push 0x30 push 2 -call fcn_000190b0 ; call 0x190b0 +call fcn_00019174 ; call 0x19174 add esp, 0x10 mov edx, eax test eax, eax -je short loc_000194fe ; je 0x194fe +je short loc_000195c2 ; je 0x195c2 push eax push eax -push ref_00028f9c ; push 0x28f9c +push ref_0002904c ; push 0x2904c lea eax, [edx + 8] push eax mov dword [ebp - 0x20], edx -call fcn_00016de3 ; call 0x16de3 +call fcn_00016ea7 ; call 0x16ea7 mov edx, dword [ebp - 0x20] add esp, 0x10 mov eax, dword [ebp - 0x1c] @@ -42199,9 +42271,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00016f3b ; jmp 0x16f3b +jmp near fcn_00016fff ; jmp 0x16fff -loc_000194fe: ; not directly referenced +loc_000195c2: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -42209,7 +42281,7 @@ pop edi pop ebp ret -fcn_00019506: ; not directly referenced +fcn_000195ca: ; not directly referenced push ebp mov ebp, esp push edi @@ -42223,39 +42295,39 @@ mov ebx, dword [ebp + 0x10] mov dword [ebp - 0x20], eax mov eax, dword [ebp + 0x18] mov dword [ebp - 0x1c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019555 ; je 0x19555 +je short loc_00019619 ; je 0x19619 test esi, 0xfff -jne short loc_0001953d ; jne 0x1953d +jne short loc_00019601 ; jne 0x19601 test ebx, 0xfff -je short loc_00019555 ; je 0x19555 +je short loc_00019619 ; je 0x19619 -loc_0001953d: ; not directly referenced +loc_00019601: ; not directly referenced push ecx -push ref_00025cec ; push 0x25cec +push ref_00025d9b ; push 0x25d9b push 0x27c -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019555: ; not directly referenced +loc_00019619: ; not directly referenced push edx push edx push 0x30 push 2 -call fcn_000190b0 ; call 0x190b0 +call fcn_00019174 ; call 0x19174 add esp, 0x10 mov edx, eax test eax, eax -je short loc_000195b0 ; je 0x195b0 +je short loc_00019674 ; je 0x19674 push eax push eax -push ref_00028f8c ; push 0x28f8c +push ref_0002903c ; push 0x2903c lea eax, [edx + 8] push eax mov dword [ebp - 0x24], edx -call fcn_00016de3 ; call 0x16de3 +call fcn_00016ea7 ; call 0x16ea7 mov edx, dword [ebp - 0x24] add esp, 0x10 mov eax, dword [ebp - 0x20] @@ -42273,9 +42345,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00016f3b ; jmp 0x16f3b +jmp near fcn_00016fff ; jmp 0x16fff -loc_000195b0: ; not directly referenced +loc_00019674: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -42283,7 +42355,7 @@ pop edi pop ebp ret -fcn_000195b8: ; not directly referenced +fcn_0001967c: ; not directly referenced push ebp mov ebp, esp push edi @@ -42297,39 +42369,39 @@ mov ebx, dword [ebp + 0x10] mov dword [ebp - 0x20], eax mov eax, dword [ebp + 0x18] mov dword [ebp - 0x1c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019607 ; je 0x19607 +je short loc_000196cb ; je 0x196cb test esi, 0xfff -jne short loc_000195ef ; jne 0x195ef +jne short loc_000196b3 ; jne 0x196b3 test ebx, 0xfff -je short loc_00019607 ; je 0x19607 +je short loc_000196cb ; je 0x196cb -loc_000195ef: ; not directly referenced +loc_000196b3: ; not directly referenced push ecx -push ref_00025cec ; push 0x25cec +push ref_00025d9b ; push 0x25d9b push 0x2a7 -push ref_00025ba3 ; push 0x25ba3 -call fcn_000153fc ; call 0x153fc +push ref_00025c52 ; push 0x25c52 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019607: ; not directly referenced +loc_000196cb: ; not directly referenced push edx push edx push 0x30 push 2 -call fcn_000190b0 ; call 0x190b0 +call fcn_00019174 ; call 0x19174 add esp, 0x10 mov edx, eax test eax, eax -je short loc_0001965f ; je 0x1965f +je short loc_00019723 ; je 0x19723 push eax push eax push 0x10 lea eax, [edx + 8] push eax mov dword [ebp - 0x24], edx -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff mov edx, dword [ebp - 0x24] add esp, 0x10 mov eax, dword [ebp - 0x20] @@ -42347,9 +42419,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_00016f3b ; jmp 0x16f3b +jmp near fcn_00016fff ; jmp 0x16fff -loc_0001965f: ; not directly referenced +loc_00019723: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -42357,11 +42429,11 @@ pop edi pop ebp ret -fcn_00019667: +fcn_0001972b: push ebp mov ebp, esp sub esp, 8 -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 push edx push edx mov edx, dword [eax] @@ -42371,11 +42443,11 @@ call dword [edx + 0x18] ; ucall leave ret -fcn_0001967f: ; not directly referenced +fcn_00019743: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 push edx mov edx, dword [eax] push dword [ebp + 0xc] @@ -42385,11 +42457,11 @@ call dword [edx + 0x1c] ; ucall leave ret -fcn_00019699: +fcn_0001975d: push ebp mov ebp, esp sub esp, 8 -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 sub esp, 0xc mov edx, dword [eax] push dword [ebp + 0x14] @@ -42401,11 +42473,11 @@ call dword [edx + 0x20] ; ucall leave ret -fcn_000196bb: +fcn_0001977f: push ebp mov ebp, esp sub esp, 8 -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 push edx push edx mov edx, dword [eax] @@ -42415,11 +42487,11 @@ call dword [edx + 0x24] ; ucall leave ret -fcn_000196d3: +fcn_00019797: push ebp mov ebp, esp sub esp, 8 -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 push edx push edx mov edx, dword [eax] @@ -42429,11 +42501,11 @@ call dword [edx + 0x28] ; ucall leave ret -fcn_000196eb: ; not directly referenced +fcn_000197af: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 push edx push edx mov edx, dword [eax] @@ -42443,11 +42515,11 @@ call dword [edx + 0x2c] ; ucall leave ret -fcn_00019703: +fcn_000197c7: push ebp mov ebp, esp sub esp, 8 -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 push edx push edx mov edx, dword [eax] @@ -42457,14 +42529,14 @@ call dword [edx + 0x30] ; ucall leave ret -fcn_0001971b: +fcn_000197df: push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 8] -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 movzx esi, si movzx ebx, bx mov edx, dword [eax] @@ -42479,11 +42551,11 @@ pop esi pop ebp ret -fcn_00019743: ; not directly referenced +fcn_00019807: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 push edx mov edx, dword [eax] push dword [ebp + 0xc] @@ -42493,13 +42565,13 @@ call dword [edx + 0x38] ; ucall leave ret -fcn_0001975d: ; not directly referenced +fcn_00019821: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 movzx ebx, bl mov edx, dword [eax] push dword [ebp + 0x10] @@ -42511,13 +42583,13 @@ mov ebx, dword [ebp - 4] leave ret -fcn_0001977f: ; not directly referenced +fcn_00019843: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 movzx ebx, bl mov edx, dword [eax] push dword [ebp + 0x10] @@ -42529,7 +42601,7 @@ mov ebx, dword [ebp - 4] leave ret -fcn_000197a1: ; not directly referenced +fcn_00019865: ; not directly referenced push ebp mov ebp, esp push edi @@ -42541,7 +42613,7 @@ mov esi, dword [ebp + 0x10] mov edi, dword [ebp + 0x14] mov dword [ebp - 0xc], edx mov dword [ebp - 0x10], eax -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 sub esp, 0xc mov edx, dword [eax] push edi @@ -42556,11 +42628,11 @@ pop edi pop ebp ret -fcn_000197d8: ; not directly referenced +fcn_0001989c: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 mov edx, dword [eax] push dword [ebp + 0x10] push dword [ebp + 0xc] @@ -42570,11 +42642,11 @@ call dword [edx + 0x48] ; ucall leave ret -fcn_000197f4: +fcn_000198b8: push ebp mov ebp, esp sub esp, 8 -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 push edx mov edx, dword [eax] push dword [ebp + 0xc] @@ -42584,11 +42656,11 @@ call dword [edx + 0x4c] ; ucall leave ret -fcn_0001980e: ; not directly referenced +fcn_000198d2: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 sub esp, 0xc mov edx, dword [eax] push eax @@ -42596,13 +42668,13 @@ call dword [edx + 0x5c] ; ucall leave ret -fcn_00019824: +fcn_000198e8: push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 mov eax, dword [eax] mov dword [ebp + 8], ebx mov eax, dword [eax + 0x74] @@ -42616,7 +42688,7 @@ push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 8] -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 mov eax, dword [eax] mov dword [ebp + 0xc], esi mov dword [ebp + 8], ebx @@ -42634,7 +42706,7 @@ sub esp, 0xc mov ebx, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov edi, dword [ebp + 0x10] -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 mov eax, dword [eax] mov dword [ebp + 0x10], edi mov dword [ebp + 0xc], esi @@ -42652,7 +42724,7 @@ push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 8] -call fcn_00019a6d ; call 0x19a6d +call fcn_00019b31 ; call 0x19b31 mov eax, dword [eax] mov dword [ebp + 0xc], esi mov dword [ebp + 8], ebx @@ -42676,146 +42748,146 @@ mov eax, dword [ebp + 0x10] mov dword [ebp - 0x20], eax mov eax, dword [ebp + 0x18] mov dword [ebp - 0x24], eax -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_000198fe ; je 0x198fe +je short loc_000199c2 ; je 0x199c2 test ebx, ebx -jne short loc_000198fe ; jne 0x198fe +jne short loc_000199c2 ; jne 0x199c2 push eax -push ref_00025d3a ; push 0x25d3a +push ref_00025de9 ; push 0x25de9 push 0x23d -push ref_00025d54 ; push 0x25d54 -call fcn_000153fc ; call 0x153fc +push ref_00025e03 ; push 0x25e03 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000198fe: +loc_000199c2: test edi, edi -je short loc_00019907 ; je 0x19907 +je short loc_000199cb ; je 0x199cb push eax push eax push edi -jmp short loc_0001990e ; jmp 0x1990e +jmp short loc_000199d2 ; jmp 0x199d2 -loc_00019907: +loc_000199cb: push eax push eax -push ref_00028fbc ; push 0x28fbc +push ref_0002906c ; push 0x2906c -loc_0001990e: +loc_000199d2: push ebx -call fcn_00016de3 ; call 0x16de3 +call fcn_00016ea7 ; call 0x16ea7 mov eax, dword [ebp - 0x1c] add esp, 0x10 mov dword [ebx + 0x10], eax mov eax, dword [ebp - 0x20] mov dword [ebx + 0x14], eax test esi, esi -je short loc_0001995e ; je 0x1995e +je short loc_00019a22 ; je 0x19a22 push edi push edi push esi push 0x10 -call fcn_00019dcd ; call 0x19dcd +call fcn_00019e91 ; call 0x19e91 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001995b ; je 0x1995b +je short loc_00019a1f ; je 0x19a1f test esi, esi -jne short loc_0001995b ; jne 0x1995b +jne short loc_00019a1f ; jne 0x19a1f push ecx -push ref_00025d95 ; push 0x25d95 +push ref_00025e44 ; push 0x25e44 push 0x248 -push ref_00025d54 ; push 0x25d54 -call fcn_000153fc ; call 0x153fc +push ref_00025e03 ; push 0x25e03 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001995b: +loc_00019a1f: mov dword [ebx + 0x18], esi -loc_0001995e: +loc_00019a22: mov eax, dword [ebp - 0x24] test eax, eax -je short loc_0001999c ; je 0x1999c +je short loc_00019a60 ; je 0x19a60 push edx push edx push eax push 0x10 -call fcn_00019dcd ; call 0x19dcd +call fcn_00019e91 ; call 0x19e91 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00019999 ; je 0x19999 +je short loc_00019a5d ; je 0x19a5d test esi, esi -jne short loc_00019999 ; jne 0x19999 +jne short loc_00019a5d ; jne 0x19a5d push edi -push ref_00025db7 ; push 0x25db7 +push ref_00025e66 ; push 0x25e66 push 0x24d -push ref_00025d54 ; push 0x25d54 -call fcn_000153fc ; call 0x153fc +push ref_00025e03 ; push 0x25e03 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019999: +loc_00019a5d: mov dword [ebx + 0x1c], esi -loc_0001999c: +loc_00019a60: push ecx push ecx -push ref_00020504 ; push 0x20504 +push ref_00020594 ; push 0x20594 push 0xc -call fcn_00019dcd ; call 0x19dcd +call fcn_00019e91 ; call 0x19e91 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_000199d4 ; je 0x199d4 +je short loc_00019a98 ; je 0x19a98 test esi, esi -jne short loc_000199d4 ; jne 0x199d4 +jne short loc_00019a98 ; jne 0x19a98 push edx -push ref_00025ddb ; push 0x25ddb +push ref_00025e8a ; push 0x25e8a push 0x252 -push ref_00025d54 ; push 0x25d54 -call fcn_000153fc ; call 0x153fc +push ref_00025e03 ; push 0x25e03 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_000199d4: +loc_00019a98: sub esp, 0xc mov dword [esi + 8], ebx push esi -call fcn_00019667 ; call 0x19667 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_00019a30 ; je 0x19a30 +je short loc_00019af4 ; je 0x19af4 test ebx, ebx -jns short loc_00019a30 ; jns 0x19a30 -call fcn_000153e9 ; call 0x153e9 +jns short loc_00019af4 ; jns 0x19af4 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00019a0f ; je 0x19a0f +je short loc_00019ad3 ; je 0x19ad3 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00019a0f: -mov dword [ebp + 0x10], ref_00020664 ; mov dword [ebp + 0x10], 0x20664 +loc_00019ad3: +mov dword [ebp + 0x10], ref_000206f4 ; mov dword [ebp + 0x10], 0x206f4 mov dword [ebp + 0xc], 0x256 -mov dword [ebp + 8], ref_00025d54 ; mov dword [ebp + 8], 0x25d54 +mov dword [ebp + 8], ref_00025e03 ; mov dword [ebp + 8], 0x25e03 lea esp, [ebp - 0xc] pop ebx pop esi pop edi pop ebp -jmp near fcn_000153fc ; jmp 0x153fc +jmp near fcn_0001548c ; jmp 0x1548c -loc_00019a30: +loc_00019af4: lea esp, [ebp - 0xc] pop ebx pop esi @@ -42823,164 +42895,164 @@ pop edi pop ebp ret -fcn_00019a38: +fcn_00019afc: push ebp mov ebp, esp push ebx push edx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019a62 ; je 0x19a62 +je short loc_00019b26 ; je 0x19b26 test ebx, ebx -jne short loc_00019a62 ; jne 0x19a62 +jne short loc_00019b26 ; jne 0x19b26 push eax -push ref_00025dff ; push 0x25dff +push ref_00025eae ; push 0x25eae push 0x29 -push ref_00025e27 ; push 0x25e27 -call fcn_000153fc ; call 0x153fc +push ref_00025ed6 ; push 0x25ed6 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019a62: -mov dword [ref_00031240], ebx ; mov dword [0x31240], ebx +loc_00019b26: +mov dword [ref_000312f0], ebx ; mov dword [0x312f0], ebx mov ebx, dword [ebp - 4] leave ret -fcn_00019a6d: +fcn_00019b31: push ebp mov ebp, esp sub esp, 8 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019a9a ; je 0x19a9a -cmp dword [ref_00031240], 0 ; cmp dword [0x31240], 0 -jne short loc_00019a9a ; jne 0x19a9a +je short loc_00019b5e ; je 0x19b5e +cmp dword [ref_000312f0], 0 ; cmp dword [0x312f0], 0 +jne short loc_00019b5e ; jne 0x19b5e push eax -push ref_00025e7d ; push 0x25e7d +push ref_00025f2c ; push 0x25f2c push 0x3f -push ref_00025e27 ; push 0x25e27 -call fcn_000153fc ; call 0x153fc +push ref_00025ed6 ; push 0x25ed6 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019a9a: -mov eax, dword [ref_00031240] ; mov eax, dword [0x31240] +loc_00019b5e: +mov eax, dword [ref_000312f0] ; mov eax, dword [0x312f0] leave ret -fcn_00019aa1: ; not directly referenced +fcn_00019b65: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0xc] pop ebp -mov dword [ref_00031240], eax ; mov dword [0x31240], eax +mov dword [ref_000312f0], eax ; mov dword [0x312f0], eax xor eax, eax ret -fcn_00019ab0: ; not directly referenced +fcn_00019b74: ; not directly referenced push ebp mov ebp, esp sub esp, 0x18 mov eax, dword [ebp + 0xc] test eax, eax -jne short loc_00019ac1 ; jne 0x19ac1 +jne short loc_00019b85 ; jne 0x19b85 -loc_00019abd: ; not directly referenced +loc_00019b81: ; not directly referenced xor eax, eax -jmp short loc_00019ad9 ; jmp 0x19ad9 +jmp short loc_00019b9d ; jmp 0x19b9d -loc_00019ac1: ; not directly referenced +loc_00019b85: ; not directly referenced push edx lea edx, [ebp - 0x10] push edx push eax push dword [ebp + 8] -call fcn_000197d8 ; call 0x197d8 +call fcn_0001989c ; call 0x1989c add esp, 0x10 test eax, eax -js short loc_00019abd ; js 0x19abd +js short loc_00019b81 ; js 0x19b81 mov eax, dword [ebp - 0x10] -loc_00019ad9: ; not directly referenced +loc_00019b9d: ; not directly referenced leave ret -fcn_00019adb: ; not directly referenced +fcn_00019b9f: ; not directly referenced push ebp mov ebp, esp sub esp, 0x10 push dword [ebp + 8] push 4 -call fcn_00019ab0 ; call 0x19ab0 +call fcn_00019b74 ; call 0x19b74 leave ret -fcn_00019aed: ; not directly referenced +fcn_00019bb1: ; not directly referenced push ebp mov ebp, esp sub esp, 0x10 push dword [ebp + 8] push 6 -call fcn_00019ab0 ; call 0x19ab0 +call fcn_00019b74 ; call 0x19b74 leave ret -fcn_00019aff: ; not directly referenced +fcn_00019bc3: ; not directly referenced push ebp mov ebp, esp sub esp, 0x10 push dword [ebp + 8] push 0 -call fcn_00019ab0 ; call 0x19ab0 +call fcn_00019b74 ; call 0x19b74 leave ret -fcn_00019b11: ; not directly referenced +fcn_00019bd5: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019b3e ; je 0x19b3e +je short loc_00019c02 ; je 0x19c02 cmp dword [ebp + 0xc], 0 -jne short loc_00019b3e ; jne 0x19b3e +jne short loc_00019c02 ; jne 0x19c02 push eax -push ref_00025e9a ; push 0x25e9a +push ref_00025f49 ; push 0x25f49 push 0x95 -push ref_00025ea5 ; push 0x25ea5 -call fcn_000153fc ; call 0x153fc +push ref_00025f54 ; push 0x25f54 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019b3e: ; not directly referenced +loc_00019c02: ; not directly referenced leave ret -fcn_00019b40: ; not directly referenced +fcn_00019c04: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019b73 ; je 0x19b73 +je short loc_00019c37 ; je 0x19c37 lea eax, [ebx - 1] test eax, ebx -je short loc_00019b73 ; je 0x19b73 +je short loc_00019c37 ; je 0x19c37 push ecx -push ref_00025ef3 ; push 0x25ef3 +push ref_00025fa2 ; push 0x25fa2 push 0xba -push ref_00025ea5 ; push 0x25ea5 -call fcn_000153fc ; call 0x153fc +push ref_00025f54 ; push 0x25f54 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019b73: ; not directly referenced +loc_00019c37: ; not directly referenced test esi, esi -je short loc_00019be2 ; je 0x19be2 -call fcn_000153f0 ; call 0x153f0 +je short loc_00019ca6 ; je 0x19ca6 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019bb0 ; je 0x19bb0 +je short loc_00019c74 ; je 0x19c74 xor edx, edx mov eax, ebx test ebx, 0xfff @@ -42989,15 +43061,15 @@ shr eax, 0xc add eax, edx not eax cmp esi, eax -jbe short loc_00019bb0 ; jbe 0x19bb0 +jbe short loc_00019c74 ; jbe 0x19c74 push edx -push ref_00025f16 ; push 0x25f16 +push ref_00025fc5 ; push 0x25fc5 push 0xc2 -push ref_00025ea5 ; push 0x25ea5 -call fcn_000153fc ; call 0x153fc +push ref_00025f54 ; push 0x25f54 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019bb0: ; not directly referenced +loc_00019c74: ; not directly referenced push eax push eax mov eax, ebx @@ -43009,7 +43081,7 @@ setne al add esi, eax push esi push dword [ebp + 8] -call fcn_00019ab0 ; call 0x19ab0 +call fcn_00019b74 ; call 0x19b74 add esp, 0x10 cmp ebx, 1 adc ebx, 0xffffffff @@ -43017,12 +43089,12 @@ mov edx, ebx not edx add ebx, eax and edx, ebx -jmp short loc_00019be4 ; jmp 0x19be4 +jmp short loc_00019ca8 ; jmp 0x19ca8 -loc_00019be2: ; not directly referenced +loc_00019ca6: ; not directly referenced xor edx, edx -loc_00019be4: ; not directly referenced +loc_00019ca8: ; not directly referenced lea esp, [ebp - 8] mov eax, edx pop ebx @@ -43030,60 +43102,60 @@ pop esi pop ebp ret -fcn_00019bed: ; not directly referenced +fcn_00019cb1: ; not directly referenced push ebp mov ebp, esp sub esp, 0xc push dword [ebp + 0xc] push dword [ebp + 8] push 4 -call fcn_00019b40 ; call 0x19b40 +call fcn_00019c04 ; call 0x19c04 leave ret -fcn_00019c02: ; not directly referenced +fcn_00019cc6: ; not directly referenced push ebp mov ebp, esp sub esp, 0xc push dword [ebp + 0xc] push dword [ebp + 8] push 6 -call fcn_00019b40 ; call 0x19b40 +call fcn_00019c04 ; call 0x19c04 leave ret -fcn_00019c17: ; not directly referenced +fcn_00019cdb: ; not directly referenced push ebp mov ebp, esp sub esp, 0xc push dword [ebp + 0xc] push dword [ebp + 8] push 0 -call fcn_00019b40 ; call 0x19b40 +call fcn_00019c04 ; call 0x19c04 leave ret -fcn_00019c2c: ; not directly referenced +fcn_00019cf0: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019c59 ; je 0x19c59 +je short loc_00019d1d ; je 0x19d1d cmp dword [ebp + 0xc], 0 -jne short loc_00019c59 ; jne 0x19c59 +jne short loc_00019d1d ; jne 0x19d1d push eax -push ref_00025e9a ; push 0x25e9a +push ref_00025f49 ; push 0x25f49 push 0x13b -push ref_00025ea5 ; push 0x25ea5 -call fcn_000153fc ; call 0x153fc +push ref_00025f54 ; push 0x25f54 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019c59: ; not directly referenced +loc_00019d1d: ; not directly referenced leave ret -fcn_00019c5b: ; not directly referenced +fcn_00019d1f: ; not directly referenced push ebp xor edx, edx mov ebp, esp @@ -43094,47 +43166,47 @@ shr eax, 0xc add eax, edx mov dword [ebp + 0xc], eax pop ebp -jmp near fcn_00019ab0 ; jmp 0x19ab0 +jmp near fcn_00019b74 ; jmp 0x19b74 -fcn_00019c79: +fcn_00019d3d: push ebp mov ebp, esp sub esp, 0x20 lea eax, [ebp - 0xc] push eax push dword [ebp + 8] -call fcn_000197f4 ; call 0x197f4 +call fcn_000198b8 ; call 0x198b8 add esp, 0x10 test eax, eax -jns short loc_00019c99 ; jns 0x19c99 +jns short loc_00019d5d ; jns 0x19d5d mov dword [ebp - 0xc], 0 -loc_00019c99: +loc_00019d5d: mov eax, dword [ebp - 0xc] leave ret -fcn_00019c9e: ; not directly referenced +fcn_00019d62: ; not directly referenced push ebp mov ebp, esp sub esp, 0x10 push dword [ebp + 8] push 6 -call fcn_00019c5b ; call 0x19c5b +call fcn_00019d1f ; call 0x19d1f leave ret -fcn_00019cb0: ; not directly referenced +fcn_00019d74: ; not directly referenced push ebp mov ebp, esp sub esp, 0x10 push dword [ebp + 8] push 0 -call fcn_00019c5b ; call 0x19c5b +call fcn_00019d1f ; call 0x19d1f leave ret -fcn_00019cc2: ; not directly referenced +fcn_00019d86: ; not directly referenced push ebp mov ebp, esp push ebx @@ -43142,66 +43214,66 @@ sub esp, 0xc mov ebx, dword [ebp + 0xc] push ebx push dword [ebp + 8] -call fcn_00019c5b ; call 0x19c5b +call fcn_00019d1f ; call 0x19d1f add esp, 0x10 test eax, eax -je short loc_00019ceb ; je 0x19ceb +je short loc_00019daf ; je 0x19daf mov dword [ebp + 0xc], ebx mov ebx, dword [ebp - 4] mov dword [ebp + 8], eax leave -jmp near fcn_00016f3b ; jmp 0x16f3b +jmp near fcn_00016fff ; jmp 0x16fff -loc_00019ceb: ; not directly referenced +loc_00019daf: ; not directly referenced xor eax, eax mov ebx, dword [ebp - 4] leave ret -fcn_00019cf2: +fcn_00019db6: push ebp mov ebp, esp push ebx sub esp, 0x10 mov ebx, dword [ebp + 8] push ebx -call fcn_00019c79 ; call 0x19c79 +call fcn_00019d3d ; call 0x19d3d add esp, 0x10 test eax, eax -je short loc_00019d15 ; je 0x19d15 +je short loc_00019dd9 ; je 0x19dd9 push edx push edx push ebx push eax -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff add esp, 0x10 -loc_00019d15: +loc_00019dd9: mov ebx, dword [ebp - 4] leave ret -fcn_00019d1a: ; not directly referenced +fcn_00019dde: ; not directly referenced push ebp mov ebp, esp sub esp, 0x10 push dword [ebp + 8] push 6 -call fcn_00019cc2 ; call 0x19cc2 +call fcn_00019d86 ; call 0x19d86 leave ret -fcn_00019d2c: ; not directly referenced +fcn_00019df0: ; not directly referenced push ebp mov ebp, esp sub esp, 0x10 push dword [ebp + 8] push 0 -call fcn_00019cc2 ; call 0x19cc2 +call fcn_00019d86 ; call 0x19d86 leave ret -fcn_00019d3e: ; not directly referenced +fcn_00019e02: ; not directly referenced push ebp mov ebp, esp push edi @@ -43211,42 +43283,42 @@ sub esp, 0xc mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019d75 ; je 0x19d75 +je short loc_00019e39 ; je 0x19e39 test ebx, ebx -jne short loc_00019d75 ; jne 0x19d75 +jne short loc_00019e39 ; jne 0x19e39 push ecx -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0x221 -push ref_00025ea5 ; push 0x25ea5 -call fcn_000153fc ; call 0x153fc +push ref_00025f54 ; push 0x25f54 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019d75: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00019e39: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019d9e ; je 0x19d9e +je short loc_00019e62 ; je 0x19e62 mov eax, ebx neg eax cmp esi, eax -jbe short loc_00019d9e ; jbe 0x19d9e +jbe short loc_00019e62 ; jbe 0x19e62 push edx -push ref_00025f66 ; push 0x25f66 +push ref_00026015 ; push 0x26015 push 0x222 -push ref_00025ea5 ; push 0x25ea5 -call fcn_000153fc ; call 0x153fc +push ref_00025f54 ; push 0x25f54 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019d9e: ; not directly referenced +loc_00019e62: ; not directly referenced push eax push eax push esi push edi -call fcn_00019c5b ; call 0x19c5b +call fcn_00019d1f ; call 0x19d1f add esp, 0x10 test eax, eax -je short loc_00019dc3 ; je 0x19dc3 +je short loc_00019e87 ; je 0x19e87 mov dword [ebp + 0x10], esi mov dword [ebp + 0xc], ebx mov dword [ebp + 8], eax @@ -43255,9 +43327,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_0001707a ; jmp 0x1707a +jmp near fcn_0001713e ; jmp 0x1713e -loc_00019dc3: ; not directly referenced +loc_00019e87: ; not directly referenced lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -43266,84 +43338,84 @@ pop edi pop ebp ret -fcn_00019dcd: +fcn_00019e91: push ebp mov ebp, esp push esi mov esi, dword [ebp + 8] push ebx mov ebx, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019dfd ; je 0x19dfd +je short loc_00019ec1 ; je 0x19ec1 test ebx, ebx -jne short loc_00019dfd ; jne 0x19dfd +jne short loc_00019ec1 ; jne 0x19ec1 push eax -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0x245 -push ref_00025ea5 ; push 0x25ea5 -call fcn_000153fc ; call 0x153fc +push ref_00025f54 ; push 0x25f54 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019dfd: -call fcn_000153f0 ; call 0x153f0 +loc_00019ec1: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019e26 ; je 0x19e26 +je short loc_00019eea ; je 0x19eea mov eax, ebx neg eax cmp esi, eax -jbe short loc_00019e26 ; jbe 0x19e26 +jbe short loc_00019eea ; jbe 0x19eea push ecx -push ref_00025f66 ; push 0x25f66 +push ref_00026015 ; push 0x26015 push 0x246 -push ref_00025ea5 ; push 0x25ea5 -call fcn_000153fc ; call 0x153fc +push ref_00025f54 ; push 0x25f54 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019e26: +loc_00019eea: sub esp, 0xc push esi -call fcn_00019c79 ; call 0x19c79 +call fcn_00019d3d ; call 0x19d3d add esp, 0x10 test eax, eax -je short loc_00019e42 ; je 0x19e42 +je short loc_00019f06 ; je 0x19f06 push edx push esi push ebx push eax -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e add esp, 0x10 -loc_00019e42: +loc_00019f06: lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_00019e49: ; not directly referenced +fcn_00019f0d: ; not directly referenced push ebp mov ebp, esp sub esp, 0xc push dword [ebp + 0xc] push dword [ebp + 8] push 6 -call fcn_00019d3e ; call 0x19d3e +call fcn_00019e02 ; call 0x19e02 leave ret -fcn_00019e5e: ; not directly referenced +fcn_00019f22: ; not directly referenced push ebp mov ebp, esp sub esp, 0xc push dword [ebp + 0xc] push dword [ebp + 8] push 0 -call fcn_00019d3e ; call 0x19d3e +call fcn_00019e02 ; call 0x19e02 leave ret -fcn_00019e73: ; not directly referenced +fcn_00019f37: ; not directly referenced push ebp mov ebp, esp push edi @@ -43354,23 +43426,23 @@ mov ebx, dword [ebp + 0x10] mov esi, dword [ebp + 0x14] push ebx push dword [ebp + 8] -call fcn_00019cc2 ; call 0x19cc2 +call fcn_00019d86 ; call 0x19d86 add esp, 0x10 mov edi, eax test eax, eax -je short loc_00019eab ; je 0x19eab +je short loc_00019f6f ; je 0x19f6f test esi, esi -je short loc_00019eab ; je 0x19eab +je short loc_00019f6f ; je 0x19f6f cmp ebx, dword [ebp + 0xc] cmova ebx, dword [ebp + 0xc] push eax push ebx push esi push edi -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e add esp, 0x10 -loc_00019eab: ; not directly referenced +loc_00019f6f: ; not directly referenced lea esp, [ebp - 0xc] mov eax, edi pop ebx @@ -43379,7 +43451,7 @@ pop edi pop ebp ret -fcn_00019eb5: ; not directly referenced +fcn_00019f79: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -43387,11 +43459,11 @@ push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] push 4 -call fcn_00019e73 ; call 0x19e73 +call fcn_00019f37 ; call 0x19f37 leave ret -fcn_00019ecd: ; not directly referenced +fcn_00019f91: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -43399,11 +43471,11 @@ push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] push 6 -call fcn_00019e73 ; call 0x19e73 +call fcn_00019f37 ; call 0x19f37 leave ret -fcn_00019ee5: ; not directly referenced +fcn_00019fa9: ; not directly referenced push ebp mov ebp, esp sub esp, 8 @@ -43411,204 +43483,204 @@ push dword [ebp + 0x10] push dword [ebp + 0xc] push dword [ebp + 8] push 0 -call fcn_00019e73 ; call 0x19e73 +call fcn_00019f37 ; call 0x19f37 leave ret -fcn_00019efd: ; not directly referenced +fcn_00019fc1: ; not directly referenced push ebp mov ebp, esp pop ebp ret -fcn_00019f02: ; not directly referenced +fcn_00019fc6: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019f30 ; je 0x19f30 +je short loc_00019ff4 ; je 0x19ff4 test ebx, 0x400000 -je short loc_00019f30 ; je 0x19f30 +je short loc_00019ff4 ; je 0x19ff4 push eax -push ref_00025f9a ; push 0x25f9a +push ref_00026049 ; push 0x26049 push 0x33 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019f30: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_00019ff4: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019f55 ; je 0x19f55 +je short loc_0001a019 ; je 0x1a019 movzx eax, bh test eax, eax -je short loc_00019f55 ; je 0x19f55 +je short loc_0001a019 ; je 0x1a019 push ecx -push ref_0002600d ; push 0x2600d +push ref_000260bc ; push 0x260bc push 0x34 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019f55: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a019: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019f7b ; je 0x19f7b +je short loc_0001a03f ; je 0x1a03f test ebx, 0x3f0000 -je short loc_00019f7b ; je 0x19f7b +je short loc_0001a03f ; je 0x1a03f push edx -push ref_00026031 ; push 0x26031 +push ref_000260e0 ; push 0x260e0 push 0x35 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019f7b: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a03f: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019fa1 ; je 0x19fa1 +je short loc_0001a065 ; je 0x1a065 test ebx, 0xff800001 -je short loc_00019fa1 ; je 0x19fa1 +je short loc_0001a065 ; je 0x1a065 push eax -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0x36 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019fa1: ; not directly referenced +loc_0001a065: ; not directly referenced sub esp, 0xc push dword [ebp + 0xc] push 0 push 0 push ebx push 0 -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb add esp, 0x20 mov ebx, dword [ebp - 4] leave ret -fcn_00019fbb: ; not directly referenced +fcn_0001a07f: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_00019fe9 ; je 0x19fe9 +je short loc_0001a0ad ; je 0x1a0ad test ebx, 0x400000 -je short loc_00019fe9 ; je 0x19fe9 +je short loc_0001a0ad ; je 0x1a0ad push eax -push ref_00025f9a ; push 0x25f9a +push ref_00026049 ; push 0x26049 push 0x5c -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_00019fe9: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a0ad: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a00e ; je 0x1a00e +je short loc_0001a0d2 ; je 0x1a0d2 movzx eax, bh test eax, eax -je short loc_0001a00e ; je 0x1a00e +je short loc_0001a0d2 ; je 0x1a0d2 push ecx -push ref_0002600d ; push 0x2600d +push ref_000260bc ; push 0x260bc push 0x5d -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a00e: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a0d2: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a034 ; je 0x1a034 +je short loc_0001a0f8 ; je 0x1a0f8 test ebx, 0x3f0000 -je short loc_0001a034 ; je 0x1a034 +je short loc_0001a0f8 ; je 0x1a0f8 push edx -push ref_00026031 ; push 0x26031 +push ref_000260e0 ; push 0x260e0 push 0x5e -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a034: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a0f8: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a05a ; je 0x1a05a +je short loc_0001a11e ; je 0x1a11e test ebx, 0xff800001 -je short loc_0001a05a ; je 0x1a05a +je short loc_0001a11e ; je 0x1a11e push eax -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0x5f -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a05a: ; not directly referenced +loc_0001a11e: ; not directly referenced sub esp, 0xc push dword [ebp + 0xc] push 0 push 0 push ebx push 1 -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb add esp, 0x20 mov ebx, dword [ebp - 4] leave ret -fcn_0001a074: ; not directly referenced +fcn_0001a138: ; not directly referenced push ebp mov ebp, esp push ebx sub esp, 0x14 mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a0a6 ; je 0x1a0a6 +je short loc_0001a16a ; je 0x1a16a movzx eax, bh test eax, eax -je short loc_0001a0a6 ; je 0x1a0a6 +je short loc_0001a16a ; je 0x1a16a push ecx -push ref_0002600d ; push 0x2600d +push ref_000260bc ; push 0x260bc push 0x8a -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a0a6: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a16a: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a0cf ; je 0x1a0cf +je short loc_0001a193 ; je 0x1a193 test ebx, 0x3f0000 -je short loc_0001a0cf ; je 0x1a0cf +je short loc_0001a193 ; je 0x1a193 push edx -push ref_00026031 ; push 0x26031 +push ref_000260e0 ; push 0x260e0 push 0x8b -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a0cf: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a193: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a0f8 ; je 0x1a0f8 +je short loc_0001a1bc ; je 0x1a1bc test ebx, 0xff800001 -je short loc_0001a0f8 ; je 0x1a0f8 +je short loc_0001a1bc ; je 0x1a1bc push eax -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0x8c -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a0f8: ; not directly referenced +loc_0001a1bc: ; not directly referenced sub esp, 0xc push dword [ebp + 0xc] lea eax, [ebp - 9] @@ -43616,13 +43688,13 @@ push eax push 1 push ebx push 2 -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb mov al, byte [ebp - 9] mov ebx, dword [ebp - 4] leave ret -fcn_0001a114: ; not directly referenced +fcn_0001a1d8: ; not directly referenced push ebp mov ebp, esp push esi @@ -43630,46 +43702,46 @@ push ebx sub esp, 0x10 mov ebx, dword [ebp + 8] mov esi, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a14a ; je 0x1a14a +je short loc_0001a20e ; je 0x1a20e movzx eax, bh test eax, eax -je short loc_0001a14a ; je 0x1a14a +je short loc_0001a20e ; je 0x1a20e push ecx -push ref_0002600d ; push 0x2600d +push ref_000260bc ; push 0x260bc push 0xbb -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a14a: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a20e: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a173 ; je 0x1a173 +je short loc_0001a237 ; je 0x1a237 test ebx, 0x3f0000 -je short loc_0001a173 ; je 0x1a173 +je short loc_0001a237 ; je 0x1a237 push edx -push ref_00026031 ; push 0x26031 +push ref_000260e0 ; push 0x260e0 push 0xbc -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a173: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a237: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a19c ; je 0x1a19c +je short loc_0001a260 ; je 0x1a260 test ebx, 0xff800001 -je short loc_0001a19c ; je 0x1a19c +je short loc_0001a260 ; je 0x1a260 push eax -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0xbd -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a19c: ; not directly referenced +loc_0001a260: ; not directly referenced sub esp, 0xc mov eax, esi push dword [ebp + 0x10] @@ -43679,7 +43751,7 @@ push eax push 1 push ebx push 3 -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb lea esp, [ebp - 8] mov eax, esi pop ebx @@ -43687,38 +43759,38 @@ pop esi pop ebp ret -fcn_0001a1be: ; not directly referenced +fcn_0001a282: ; not directly referenced push ebp mov ebp, esp push ebx sub esp, 0x14 mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a1f1 ; je 0x1a1f1 +je short loc_0001a2b5 ; je 0x1a2b5 test ebx, 0x3f0000 -je short loc_0001a1f1 ; je 0x1a1f1 +je short loc_0001a2b5 ; je 0x1a2b5 push edx -push ref_00026031 ; push 0x26031 +push ref_000260e0 ; push 0x260e0 push 0xea -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a1f1: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a2b5: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a21a ; je 0x1a21a +je short loc_0001a2de ; je 0x1a2de test ebx, 0xff800001 -je short loc_0001a21a ; je 0x1a21a +je short loc_0001a2de ; je 0x1a2de push eax -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0xeb -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a21a: ; not directly referenced +loc_0001a2de: ; not directly referenced sub esp, 0xc push dword [ebp + 0xc] lea eax, [ebp - 9] @@ -43726,13 +43798,13 @@ push eax push 1 push ebx push 4 -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb mov al, byte [ebp - 9] mov ebx, dword [ebp - 4] leave ret -fcn_0001a236: ; not directly referenced +fcn_0001a2fa: ; not directly referenced push ebp mov ebp, esp push esi @@ -43740,32 +43812,32 @@ push ebx sub esp, 0x10 mov ebx, dword [ebp + 8] mov esi, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a26d ; je 0x1a26d +je short loc_0001a331 ; je 0x1a331 test ebx, 0x3f0000 -je short loc_0001a26d ; je 0x1a26d +je short loc_0001a331 ; je 0x1a331 push edx -push ref_00026031 ; push 0x26031 +push ref_000260e0 ; push 0x260e0 push 0x11a -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a26d: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a331: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a296 ; je 0x1a296 +je short loc_0001a35a ; je 0x1a35a test ebx, 0xff800001 -je short loc_0001a296 ; je 0x1a296 +je short loc_0001a35a ; je 0x1a35a push eax -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0x11b -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a296: ; not directly referenced +loc_0001a35a: ; not directly referenced sub esp, 0xc mov eax, esi push dword [ebp + 0x10] @@ -43775,7 +43847,7 @@ push eax push 1 push ebx push 5 -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb lea esp, [ebp - 8] mov eax, esi pop ebx @@ -43783,38 +43855,38 @@ pop esi pop ebp ret -fcn_0001a2b8: ; not directly referenced +fcn_0001a37c: ; not directly referenced push ebp mov ebp, esp push ebx sub esp, 0x14 mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a2eb ; je 0x1a2eb +je short loc_0001a3af ; je 0x1a3af test ebx, 0x3f0000 -je short loc_0001a2eb ; je 0x1a2eb +je short loc_0001a3af ; je 0x1a3af push edx -push ref_00026031 ; push 0x26031 +push ref_000260e0 ; push 0x260e0 push 0x148 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a2eb: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a3af: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a314 ; je 0x1a314 +je short loc_0001a3d8 ; je 0x1a3d8 test ebx, 0xff800001 -je short loc_0001a314 ; je 0x1a314 +je short loc_0001a3d8 ; je 0x1a3d8 push eax -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0x149 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a314: ; not directly referenced +loc_0001a3d8: ; not directly referenced sub esp, 0xc push dword [ebp + 0xc] lea eax, [ebp - 0xa] @@ -43822,13 +43894,13 @@ push eax push 2 push ebx push 6 -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb mov ax, word [ebp - 0xa] mov ebx, dword [ebp - 4] leave ret -fcn_0001a331: ; not directly referenced +fcn_0001a3f5: ; not directly referenced push ebp mov ebp, esp push esi @@ -43836,32 +43908,32 @@ push ebx sub esp, 0x10 mov ebx, dword [ebp + 8] mov esi, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a368 ; je 0x1a368 +je short loc_0001a42c ; je 0x1a42c test ebx, 0x3f0000 -je short loc_0001a368 ; je 0x1a368 +je short loc_0001a42c ; je 0x1a42c push edx -push ref_00026031 ; push 0x26031 +push ref_000260e0 ; push 0x260e0 push 0x178 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a368: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a42c: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a391 ; je 0x1a391 +je short loc_0001a455 ; je 0x1a455 test ebx, 0xff800001 -je short loc_0001a391 ; je 0x1a391 +je short loc_0001a455 ; je 0x1a455 push eax -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0x179 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a391: ; not directly referenced +loc_0001a455: ; not directly referenced sub esp, 0xc push dword [ebp + 0x10] lea eax, [ebp - 0xa] @@ -43870,7 +43942,7 @@ push eax push 2 push ebx push 7 -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb lea esp, [ebp - 8] mov eax, esi pop ebx @@ -43878,7 +43950,7 @@ pop esi pop ebp ret -fcn_0001a3b2: ; not directly referenced +fcn_0001a476: ; not directly referenced push ebp mov ebp, esp push ebx @@ -43886,32 +43958,32 @@ sub esp, 0x14 mov eax, dword [ebp + 0xc] mov ebx, dword [ebp + 8] mov word [ebp - 0xc], ax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a3ec ; je 0x1a3ec +je short loc_0001a4b0 ; je 0x1a4b0 test ebx, 0x3f0000 -je short loc_0001a3ec ; je 0x1a3ec +je short loc_0001a4b0 ; je 0x1a4b0 push edx -push ref_00026031 ; push 0x26031 +push ref_000260e0 ; push 0x260e0 push 0x1a7 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a3ec: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a4b0: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a415 ; je 0x1a415 +je short loc_0001a4d9 ; je 0x1a4d9 test ebx, 0xff800001 -je short loc_0001a415 ; je 0x1a415 +je short loc_0001a4d9 ; je 0x1a4d9 push eax -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0x1a8 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a415: ; not directly referenced +loc_0001a4d9: ; not directly referenced sub esp, 0xc push dword [ebp + 0x10] lea eax, [ebp - 0xc] @@ -43919,133 +43991,133 @@ push eax push 2 push ebx push 0xa -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb mov eax, dword [ebp - 0xc] mov ebx, dword [ebp - 4] leave ret -fcn_0001a431: ; not directly referenced +fcn_0001a4f5: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a461 ; je 0x1a461 +je short loc_0001a525 ; je 0x1a525 test esi, esi -jne short loc_0001a461 ; jne 0x1a461 +jne short loc_0001a525 ; jne 0x1a525 push ecx -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0x1d8 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a461: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a525: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a48a ; je 0x1a48a +je short loc_0001a54e ; je 0x1a54e test ebx, 0x3f0000 -je short loc_0001a48a ; je 0x1a48a +je short loc_0001a54e ; je 0x1a54e push edx -push ref_00026031 ; push 0x26031 +push ref_000260e0 ; push 0x260e0 push 0x1d9 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a48a: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a54e: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a4b3 ; je 0x1a4b3 +je short loc_0001a577 ; je 0x1a577 test ebx, 0xff800001 -je short loc_0001a4b3 ; je 0x1a4b3 +je short loc_0001a577 ; je 0x1a577 push eax -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0x1da -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a4b3: ; not directly referenced +loc_0001a577: ; not directly referenced sub esp, 0xc push dword [ebp + 0x10] push esi push 0x20 push ebx push 8 -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0001a4cb: ; not directly referenced +fcn_0001a58f: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a4fb ; je 0x1a4fb +je short loc_0001a5bf ; je 0x1a5bf test esi, esi -jne short loc_0001a4fb ; jne 0x1a4fb +jne short loc_0001a5bf ; jne 0x1a5bf push eax -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0x207 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a4fb: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a5bf: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a524 ; je 0x1a524 +je short loc_0001a5e8 ; je 0x1a5e8 test ebx, 0x3f0000 -jne short loc_0001a524 ; jne 0x1a524 +jne short loc_0001a5e8 ; jne 0x1a5e8 push ecx -push ref_00026080 ; push 0x26080 +push ref_0002612f ; push 0x2612f push 0x208 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a524: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a5e8: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a552 ; je 0x1a552 +je short loc_0001a616 ; je 0x1a616 mov eax, ebx shr eax, 0x10 and eax, 0x3f cmp eax, 0x20 -jbe short loc_0001a552 ; jbe 0x1a552 +jbe short loc_0001a616 ; jbe 0x1a616 push edx -push ref_000260a5 ; push 0x260a5 +push ref_00026154 ; push 0x26154 push 0x209 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a552: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a616: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a57b ; je 0x1a57b +je short loc_0001a63f ; je 0x1a63f test ebx, 0xff800001 -je short loc_0001a57b ; je 0x1a57b +je short loc_0001a63f ; je 0x1a63f push eax -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0x20a -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a57b: ; not directly referenced +loc_0001a63f: ; not directly referenced sub esp, 0xc mov eax, ebx push dword [ebp + 0x10] @@ -44055,14 +44127,14 @@ push esi push eax push ebx push 9 -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0001a59a: ; not directly referenced +fcn_0001a65e: ; not directly referenced push ebp mov ebp, esp push edi @@ -44071,74 +44143,74 @@ push ebx sub esp, 0xc mov ebx, dword [ebp + 8] mov edi, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a5ce ; je 0x1a5ce +je short loc_0001a692 ; je 0x1a692 test edi, edi -jne short loc_0001a5ce ; jne 0x1a5ce +jne short loc_0001a692 ; jne 0x1a692 push eax -push ref_000260cb ; push 0x260cb +push ref_0002617a ; push 0x2617a push 0x23c -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a5ce: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a692: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a5f5 ; je 0x1a5f5 +je short loc_0001a6b9 ; je 0x1a6b9 cmp dword [ebp + 0x10], 0 -jne short loc_0001a5f5 ; jne 0x1a5f5 +jne short loc_0001a6b9 ; jne 0x1a6b9 push eax -push ref_000260e7 ; push 0x260e7 +push ref_00026196 ; push 0x26196 push 0x23d -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a5f5: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a6b9: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a61e ; je 0x1a61e +je short loc_0001a6e2 ; je 0x1a6e2 test ebx, 0x3f0000 -jne short loc_0001a61e ; jne 0x1a61e +jne short loc_0001a6e2 ; jne 0x1a6e2 push eax -push ref_00026080 ; push 0x26080 +push ref_0002612f ; push 0x2612f push 0x23e -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a61e: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a6e2: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a64c ; je 0x1a64c +je short loc_0001a710 ; je 0x1a710 mov eax, ebx shr eax, 0x10 and eax, 0x3f cmp eax, 0x20 -jbe short loc_0001a64c ; jbe 0x1a64c +jbe short loc_0001a710 ; jbe 0x1a710 push esi -push ref_000260a5 ; push 0x260a5 +push ref_00026154 ; push 0x26154 push 0x23f -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a64c: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a710: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a675 ; je 0x1a675 +je short loc_0001a739 ; je 0x1a739 test ebx, 0xff800001 -je short loc_0001a675 ; je 0x1a675 +je short loc_0001a739 ; je 0x1a739 push ecx -push ref_00026056 ; push 0x26056 +push ref_00026105 ; push 0x26105 push 0x240 -push ref_00025fcc ; push 0x25fcc -call fcn_000153fc ; call 0x153fc +push ref_0002607b ; push 0x2607b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a675: ; not directly referenced +loc_0001a739: ; not directly referenced mov esi, ebx shr esi, 0x10 push eax @@ -44146,14 +44218,14 @@ and esi, 0x3f push esi push edi push dword [ebp + 0x10] -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e pop edx push dword [ebp + 0x14] push eax push esi push ebx push 0xb -call fcn_0001a727 ; call 0x1a727 +call fcn_0001a7eb ; call 0x1a7eb lea esp, [ebp - 0xc] pop ebx pop esi @@ -44161,7 +44233,7 @@ pop edi pop ebp ret -fcn_0001a69e: ; not directly referenced +fcn_0001a762: ; not directly referenced push ebp mov ebp, esp push ebx @@ -44170,60 +44242,60 @@ lea eax, [ebp - 0xc] push eax push 0 push 0 -push ref_0002900c ; push 0x2900c -call fcn_00019699 ; call 0x19699 +push ref_000290bc ; push 0x290bc +call fcn_0001975d ; call 0x1975d mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001a6fb ; je 0x1a6fb +je short loc_0001a7bf ; je 0x1a7bf test ebx, ebx -jns short loc_0001a6fb ; jns 0x1a6fb -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001a7bf ; jns 0x1a7bf +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001a6e6 ; je 0x1a6e6 +je short loc_0001a7aa ; je 0x1a7aa push ecx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001a6e6: ; not directly referenced +loc_0001a7aa: ; not directly referenced push edx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x24 -push ref_00026102 ; push 0x26102 -call fcn_000153fc ; call 0x153fc +push ref_000261b1 ; push 0x261b1 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a6fb: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001a7bf: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001a71f ; je 0x1a71f +je short loc_0001a7e3 ; je 0x1a7e3 cmp dword [ebp - 0xc], 0 -jne short loc_0001a71f ; jne 0x1a71f +jne short loc_0001a7e3 ; jne 0x1a7e3 push eax -push ref_00026146 ; push 0x26146 +push ref_000261f5 ; push 0x261f5 push 0x25 -push ref_00026102 ; push 0x26102 -call fcn_000153fc ; call 0x153fc +push ref_000261b1 ; push 0x261b1 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001a71f: ; not directly referenced +loc_0001a7e3: ; not directly referenced mov eax, dword [ebp - 0xc] mov ebx, dword [ebp - 4] leave ret -fcn_0001a727: ; not directly referenced +fcn_0001a7eb: ; not directly referenced push ebp mov ebp, esp push esi mov esi, dword [ebp + 0x18] push ebx mov ebx, dword [ebp + 0xc] -call fcn_0001a69e ; call 0x1a69e +call fcn_0001a762 ; call 0x1a762 mov ecx, ebx shr ecx, 1 and ecx, 0x7f @@ -44243,10 +44315,10 @@ push eax call dword [eax] ; ucall add esp, 0x20 test esi, esi -je short loc_0001a763 ; je 0x1a763 +je short loc_0001a827 ; je 0x1a827 mov dword [esi], eax -loc_0001a763: ; not directly referenced +loc_0001a827: ; not directly referenced mov eax, dword [ebp + 0x10] lea esp, [ebp - 8] pop ebx @@ -44254,77 +44326,77 @@ pop esi pop ebp ret -fcn_0001a76d: +fcn_0001a831: push ebp mov ebp, esp sub esp, 0x10 movzx eax, byte [ebp + 8] push eax push 0x80 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov eax, dword [ebp + 8] leave ret -fcn_0001a787: ; not directly referenced +fcn_0001a84b: ; not directly referenced push ebp mov ebp, esp sub esp, 0x10 movzx eax, byte [ebp + 8] push eax push 0x80 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea mov eax, dword [ebp + 8] leave ret -fcn_0001a7a1: ; not directly referenced +fcn_0001a865: ; not directly referenced push ebp xor eax, eax mov ebp, esp pop ebp ret -fcn_0001a7a8: ; not directly referenced +fcn_0001a86c: ; not directly referenced push ebp xor eax, eax mov ebp, esp pop ebp ret -fcn_0001a7af: ; not directly referenced +fcn_0001a873: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00017cc7 ; jmp 0x17cc7 +jmp near fcn_00017d8b ; jmp 0x17d8b -fcn_0001a7be: ; not directly referenced +fcn_0001a882: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00017cfe ; jmp 0x17cfe +jmp near fcn_00017dc2 ; jmp 0x17dc2 -fcn_0001a7cd: ; not directly referenced +fcn_0001a891: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00017d8a ; jmp 0x17d8a +jmp near fcn_00017e4e ; jmp 0x17e4e -fcn_0001a7dc: ; not directly referenced +fcn_0001a8a0: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00017e14 ; jmp 0x17e14 +jmp near fcn_00017ed8 ; jmp 0x17ed8 -fcn_0001a7eb: ; not directly referenced +fcn_0001a8af: ; not directly referenced push ebp mov ebp, esp movzx eax, byte [ebp + 0x18] @@ -44332,9 +44404,9 @@ mov dword [ebp + 0xc], eax mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00017ce1 ; jmp 0x17ce1 +jmp near fcn_00017da5 ; jmp 0x17da5 -fcn_0001a801: ; not directly referenced +fcn_0001a8c5: ; not directly referenced push ebp mov ebp, esp movzx eax, word [ebp + 0x18] @@ -44342,9 +44414,9 @@ mov dword [ebp + 0xc], eax mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00017d40 ; jmp 0x17d40 +jmp near fcn_00017e04 ; jmp 0x17e04 -fcn_0001a817: ; not directly referenced +fcn_0001a8db: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0x18] @@ -44352,9 +44424,9 @@ mov dword [ebp + 0xc], eax mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00017dcb ; jmp 0x17dcb +jmp near fcn_00017e8f ; jmp 0x17e8f -fcn_0001a82c: ; not directly referenced +fcn_0001a8f0: ; not directly referenced push ebp mov ebp, esp mov ecx, dword [ebp + 0x10] @@ -44364,33 +44436,33 @@ mov dword [ebp + 8], ecx mov dword [ebp + 0xc], eax mov dword [ebp + 0x10], edx pop ebp -jmp near fcn_00017e64 ; jmp 0x17e64 +jmp near fcn_00017f28 ; jmp 0x17f28 -fcn_0001a847: ; not directly referenced +fcn_0001a90b: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00018e1d ; jmp 0x18e1d +jmp near fcn_00018ee1 ; jmp 0x18ee1 -fcn_0001a856: ; not directly referenced +fcn_0001a91a: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00018e32 ; jmp 0x18e32 +jmp near fcn_00018ef6 ; jmp 0x18ef6 -fcn_0001a865: ; not directly referenced +fcn_0001a929: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00018ea0 ; jmp 0x18ea0 +jmp near fcn_00018f64 ; jmp 0x18f64 -fcn_0001a874: ; not directly referenced +fcn_0001a938: ; not directly referenced push ebp mov ebp, esp movzx eax, byte [ebp + 0x18] @@ -44398,9 +44470,9 @@ mov dword [ebp + 0xc], eax mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00018e26 ; jmp 0x18e26 +jmp near fcn_00018eea ; jmp 0x18eea -fcn_0001a88a: ; not directly referenced +fcn_0001a94e: ; not directly referenced push ebp mov ebp, esp movzx eax, word [ebp + 0x18] @@ -44408,9 +44480,9 @@ mov dword [ebp + 0xc], eax mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00018e63 ; jmp 0x18e63 +jmp near fcn_00018f27 ; jmp 0x18f27 -fcn_0001a8a0: ; not directly referenced +fcn_0001a964: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0x18] @@ -44418,17 +44490,17 @@ mov dword [ebp + 0xc], eax mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00018ed3 ; jmp 0x18ed3 +jmp near fcn_00018f97 ; jmp 0x18f97 -fcn_0001a8b5: ; not directly referenced +fcn_0001a979: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0x10] mov dword [ebp + 8], eax pop ebp -jmp near fcn_00017c73 ; jmp 0x17c73 +jmp near fcn_00017d37 ; jmp 0x17d37 -fcn_0001a8c4: ; not directly referenced +fcn_0001a988: ; not directly referenced push ebp mov ebp, esp mov ecx, dword [ebp + 0x10] @@ -44438,9 +44510,9 @@ mov dword [ebp + 8], ecx mov dword [ebp + 0xc], eax mov dword [ebp + 0x10], edx pop ebp -jmp near fcn_00017c9d ; jmp 0x17c9d +jmp near fcn_00017d61 ; jmp 0x17d61 -fcn_0001a8df: ; not directly referenced +fcn_0001a9a3: ; not directly referenced push ebp mov ebp, esp push edi @@ -44455,54 +44527,54 @@ mov dword [ebp - 0x1c], eax mov edi, dword [ebp + 0x14] mov eax, 0x80000002 mov ebx, dword [ebp + 0x18] -je loc_0001a98c ; je 0x1a98c +je loc_0001aa50 ; je 0x1aa50 cmp esi, 0xb -ja short loc_0001a98c ; ja 0x1a98c +ja short loc_0001aa50 ; ja 0x1aa50 lea edx, [esi - 4] cmp edx, 3 mov edx, 1 cmovbe ebx, edx and esi, 3 cmp esi, 3 -jne short loc_0001a928 ; jne 0x1a928 +jne short loc_0001a9ec ; jne 0x1a9ec test cl, cl -je short loc_0001a98c ; je 0x1a98c +je short loc_0001aa50 ; je 0x1aa50 -loc_0001a928: ; not directly referenced +loc_0001a9ec: ; not directly referenced mov eax, 0xffff xor edx, edx test cl, cl -je short loc_0001a938 ; je 0x1a938 +je short loc_0001a9fc ; je 0x1a9fc or eax, 0xffffffff xor edx, edx -loc_0001a938: ; not directly referenced +loc_0001a9fc: ; not directly referenced test ebx, ebx -jne short loc_0001a94e ; jne 0x1a94e +jne short loc_0001aa12 ; jne 0x1aa12 cmp edi, edx -jb short loc_0001a982 ; jb 0x1a982 -ja short loc_0001a947 ; ja 0x1a947 +jb short loc_0001aa46 ; jb 0x1aa46 +ja short loc_0001aa0b ; ja 0x1aa0b -loc_0001a942: ; not directly referenced +loc_0001aa06: ; not directly referenced cmp dword [ebp - 0x1c], eax -jbe short loc_0001a982 ; jbe 0x1a982 +jbe short loc_0001aa46 ; jbe 0x1aa46 -loc_0001a947: ; not directly referenced +loc_0001aa0b: ; not directly referenced mov eax, 0x80000003 -jmp short loc_0001a98c ; jmp 0x1a98c +jmp short loc_0001aa50 ; jmp 0x1aa50 -loc_0001a94e: ; not directly referenced +loc_0001aa12: ; not directly referenced push ecx push esi push edx push eax -call fcn_0001718b ; call 0x1718b +call fcn_0001724f ; call 0x1724f lea ecx, [ebx - 1] add esp, 0x10 cmp edx, 0 -jbe short loc_0001a986 ; jbe 0x1a986 +jbe short loc_0001aa4a ; jbe 0x1aa4a -loc_0001a962: ; not directly referenced +loc_0001aa26: ; not directly referenced push ecx mov ecx, ebx xor ebx, ebx @@ -44513,22 +44585,22 @@ push esi adc edx, 0 push edx push eax -call fcn_0001fd4c ; call 0x1fd4c +call fcn_0001fdda ; call 0x1fdda add esp, 0x10 cmp edi, edx -ja short loc_0001a947 ; ja 0x1a947 -jae short loc_0001a942 ; jae 0x1a942 +ja short loc_0001aa0b ; ja 0x1aa0b +jae short loc_0001aa06 ; jae 0x1aa06 -loc_0001a982: ; not directly referenced +loc_0001aa46: ; not directly referenced xor eax, eax -jmp short loc_0001a98c ; jmp 0x1a98c +jmp short loc_0001aa50 ; jmp 0x1aa50 -loc_0001a986: ; not directly referenced +loc_0001aa4a: ; not directly referenced cmp eax, ecx -jb short loc_0001a947 ; jb 0x1a947 -jmp short loc_0001a962 ; jmp 0x1a962 +jb short loc_0001aa0b ; jb 0x1aa0b +jmp short loc_0001aa26 ; jmp 0x1aa26 -loc_0001a98c: ; not directly referenced +loc_0001aa50: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -44536,7 +44608,7 @@ pop edi pop ebp ret -fcn_0001a994: ; not directly referenced +fcn_0001aa58: ; not directly referenced push ebp mov ebp, esp push edi @@ -44554,113 +44626,113 @@ push edi push esi push edx push 1 -call fcn_0001a8df ; call 0x1a8df +call fcn_0001a9a3 ; call 0x1a9a3 add esp, 0x20 test eax, eax -js loc_0001aab9 ; js 0x1aab9 +js loc_0001ab7d ; js 0x1ab7d mov edx, dword [ebp - 0x1c] mov dword [ebp - 0x24], 0 -mov al, byte [edx + ref_0002953c] ; mov al, byte [edx + 0x2953c] +mov al, byte [edx + ref_000295ec] ; mov al, byte [edx + 0x295ec] mov byte [ebp - 0x1e], al mov eax, edx and eax, 3 mov dword [ebp - 0x1c], eax -movzx eax, byte [eax + ref_00029548] ; movzx eax, byte [eax + 0x29548] +movzx eax, byte [eax + ref_000295f8] ; movzx eax, byte [eax + 0x295f8] dec eax test ebx, eax -movzx eax, byte [edx + ref_00029548] ; movzx eax, byte [edx + 0x29548] +movzx eax, byte [edx + ref_000295f8] ; movzx eax, byte [edx + 0x295f8] sete byte [ebp - 0x1d] mov dword [ebp - 0x28], eax -loc_0001a9f8: ; not directly referenced +loc_0001aabc: ; not directly referenced cmp dword [ebp + 0x1c], 0 -je loc_0001aab7 ; je 0x1aab7 +je loc_0001ab7b ; je 0x1ab7b cmp dword [ebp - 0x1c], 0 -jne short loc_0001aa18 ; jne 0x1aa18 +jne short loc_0001aadc ; jne 0x1aadc sub esp, 0xc push esi -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov byte [ebx], al -jmp near loc_0001aaa0 ; jmp 0x1aaa0 +jmp near loc_0001ab64 ; jmp 0x1ab64 -loc_0001aa18: ; not directly referenced +loc_0001aadc: ; not directly referenced cmp dword [ebp - 0x1c], 1 -jne short loc_0001aa49 ; jne 0x1aa49 +jne short loc_0001ab0d ; jne 0x1ab0d cmp byte [ebp - 0x1d], 0 -je short loc_0001aa32 ; je 0x1aa32 +je short loc_0001aaf6 ; je 0x1aaf6 sub esp, 0xc push esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov word [ebx], ax -jmp short loc_0001aaa0 ; jmp 0x1aaa0 +jmp short loc_0001ab64 ; jmp 0x1ab64 -loc_0001aa32: ; not directly referenced +loc_0001aaf6: ; not directly referenced sub esp, 0xc push esi -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 pop edx pop ecx movzx eax, ax push eax push ebx -call fcn_00017207 ; call 0x17207 -jmp short loc_0001aaa0 ; jmp 0x1aaa0 +call fcn_000172cb ; call 0x172cb +jmp short loc_0001ab64 ; jmp 0x1ab64 -loc_0001aa49: ; not directly referenced +loc_0001ab0d: ; not directly referenced cmp dword [ebp - 0x1c], 2 -jne short loc_0001aa76 ; jne 0x1aa76 +jne short loc_0001ab3a ; jne 0x1ab3a cmp byte [ebp - 0x1d], 0 -je short loc_0001aa62 ; je 0x1aa62 +je short loc_0001ab26 ; je 0x1ab26 sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [ebx], eax -jmp short loc_0001aaa0 ; jmp 0x1aaa0 +jmp short loc_0001ab64 ; jmp 0x1ab64 -loc_0001aa62: ; not directly referenced +loc_0001ab26: ; not directly referenced sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e pop edx pop ecx push eax push ebx -call fcn_000172ee ; call 0x172ee -jmp short loc_0001aaa0 ; jmp 0x1aaa0 +call fcn_000173b2 ; call 0x173b2 +jmp short loc_0001ab64 ; jmp 0x1ab64 -loc_0001aa76: ; not directly referenced +loc_0001ab3a: ; not directly referenced cmp byte [ebp - 0x1d], 0 -je short loc_0001aa8c ; je 0x1aa8c +je short loc_0001ab50 ; je 0x1ab50 sub esp, 0xc push esi -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 mov dword [ebx], eax mov dword [ebx + 4], edx -jmp short loc_0001aaa0 ; jmp 0x1aaa0 +jmp short loc_0001ab64 ; jmp 0x1ab64 -loc_0001aa8c: ; not directly referenced +loc_0001ab50: ; not directly referenced sub esp, 0xc push esi -call fcn_00017e14 ; call 0x17e14 +call fcn_00017ed8 ; call 0x17ed8 add esp, 0xc push edx push eax push ebx -call fcn_00017360 ; call 0x17360 +call fcn_00017424 ; call 0x17424 -loc_0001aaa0: ; not directly referenced +loc_0001ab64: ; not directly referenced movzx eax, byte [ebp - 0x1e] add esp, 0x10 add esi, dword [ebp - 0x28] adc edi, dword [ebp - 0x24] dec dword [ebp + 0x1c] add ebx, eax -jmp near loc_0001a9f8 ; jmp 0x1a9f8 +jmp near loc_0001aabc ; jmp 0x1aabc -loc_0001aab7: ; not directly referenced +loc_0001ab7b: ; not directly referenced xor eax, eax -loc_0001aab9: ; not directly referenced +loc_0001ab7d: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -44668,7 +44740,7 @@ pop edi pop ebp ret -fcn_0001aac1: ; not directly referenced +fcn_0001ab85: ; not directly referenced push ebp mov ebp, esp push edi @@ -44686,117 +44758,117 @@ push edi push esi push edx push 1 -call fcn_0001a8df ; call 0x1a8df +call fcn_0001a9a3 ; call 0x1a9a3 add esp, 0x20 test eax, eax -js loc_0001abce ; js 0x1abce +js loc_0001ac92 ; js 0x1ac92 mov edx, dword [ebp - 0x1c] mov dword [ebp - 0x24], 0 -mov al, byte [edx + ref_0002953c] ; mov al, byte [edx + 0x2953c] +mov al, byte [edx + ref_000295ec] ; mov al, byte [edx + 0x295ec] mov byte [ebp - 0x1e], al mov eax, edx and eax, 3 mov dword [ebp - 0x1c], eax -movzx eax, byte [eax + ref_00029548] ; movzx eax, byte [eax + 0x29548] +movzx eax, byte [eax + ref_000295f8] ; movzx eax, byte [eax + 0x295f8] dec eax test ebx, eax -movzx eax, byte [edx + ref_00029548] ; movzx eax, byte [edx + 0x29548] +movzx eax, byte [edx + ref_000295f8] ; movzx eax, byte [edx + 0x295f8] sete byte [ebp - 0x1d] mov dword [ebp - 0x28], eax -loc_0001ab25: ; not directly referenced +loc_0001abe9: ; not directly referenced cmp dword [ebp + 0x1c], 0 -je loc_0001abcc ; je 0x1abcc +je loc_0001ac90 ; je 0x1ac90 cmp dword [ebp - 0x1c], 0 -jne short loc_0001ab43 ; jne 0x1ab43 +jne short loc_0001ac07 ; jne 0x1ac07 push eax push eax movzx eax, byte [ebx] push eax push esi -call fcn_00017ce1 ; call 0x17ce1 -jmp short loc_0001abb5 ; jmp 0x1abb5 +call fcn_00017da5 ; call 0x17da5 +jmp short loc_0001ac79 ; jmp 0x1ac79 -loc_0001ab43: ; not directly referenced +loc_0001ac07: ; not directly referenced cmp dword [ebp - 0x1c], 1 -jne short loc_0001ab6d ; jne 0x1ab6d +jne short loc_0001ac31 ; jne 0x1ac31 cmp byte [ebp - 0x1d], 0 -je short loc_0001ab56 ; je 0x1ab56 +je short loc_0001ac1a ; je 0x1ac1a push eax push eax movzx eax, word [ebx] -jmp short loc_0001ab64 ; jmp 0x1ab64 +jmp short loc_0001ac28 ; jmp 0x1ac28 -loc_0001ab56: ; not directly referenced +loc_0001ac1a: ; not directly referenced sub esp, 0xc push ebx -call fcn_000171d5 ; call 0x171d5 +call fcn_00017299 ; call 0x17299 pop edx pop ecx movzx eax, ax -loc_0001ab64: ; not directly referenced +loc_0001ac28: ; not directly referenced push eax push esi -call fcn_00017d40 ; call 0x17d40 -jmp short loc_0001abb5 ; jmp 0x1abb5 +call fcn_00017e04 ; call 0x17e04 +jmp short loc_0001ac79 ; jmp 0x1ac79 -loc_0001ab6d: ; not directly referenced +loc_0001ac31: ; not directly referenced cmp dword [ebp - 0x1c], 2 -jne short loc_0001ab93 ; jne 0x1ab93 +jne short loc_0001ac57 ; jne 0x1ac57 cmp byte [ebp - 0x1d], 0 -je short loc_0001ab7f ; je 0x1ab7f +je short loc_0001ac43 ; je 0x1ac43 push eax push eax push dword [ebx] -jmp short loc_0001ab8b ; jmp 0x1ab8b +jmp short loc_0001ac4f ; jmp 0x1ac4f -loc_0001ab7f: ; not directly referenced +loc_0001ac43: ; not directly referenced sub esp, 0xc push ebx -call fcn_000172ba ; call 0x172ba +call fcn_0001737e ; call 0x1737e pop edx pop ecx push eax -loc_0001ab8b: ; not directly referenced +loc_0001ac4f: ; not directly referenced push esi -call fcn_00017dcb ; call 0x17dcb -jmp short loc_0001abb5 ; jmp 0x1abb5 +call fcn_00017e8f ; call 0x17e8f +jmp short loc_0001ac79 ; jmp 0x1ac79 -loc_0001ab93: ; not directly referenced +loc_0001ac57: ; not directly referenced cmp byte [ebp - 0x1d], 0 -je short loc_0001aba1 ; je 0x1aba1 +je short loc_0001ac65 ; je 0x1ac65 push eax push dword [ebx + 4] push dword [ebx] -jmp short loc_0001abaf ; jmp 0x1abaf +jmp short loc_0001ac73 ; jmp 0x1ac73 -loc_0001aba1: ; not directly referenced +loc_0001ac65: ; not directly referenced sub esp, 0xc push ebx -call fcn_00017329 ; call 0x17329 +call fcn_000173ed ; call 0x173ed add esp, 0xc push edx push eax -loc_0001abaf: ; not directly referenced +loc_0001ac73: ; not directly referenced push esi -call fcn_00017e64 ; call 0x17e64 +call fcn_00017f28 ; call 0x17f28 -loc_0001abb5: ; not directly referenced +loc_0001ac79: ; not directly referenced movzx eax, byte [ebp - 0x1e] add esp, 0x10 add esi, dword [ebp - 0x28] adc edi, dword [ebp - 0x24] dec dword [ebp + 0x1c] add ebx, eax -jmp near loc_0001ab25 ; jmp 0x1ab25 +jmp near loc_0001abe9 ; jmp 0x1abe9 -loc_0001abcc: ; not directly referenced +loc_0001ac90: ; not directly referenced xor eax, eax -loc_0001abce: ; not directly referenced +loc_0001ac92: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -44804,7 +44876,7 @@ pop edi pop ebp ret -fcn_0001abd6: ; not directly referenced +fcn_0001ac9a: ; not directly referenced push ebp mov ebp, esp push edi @@ -44822,94 +44894,94 @@ push edi push esi push edx push 0 -call fcn_0001a8df ; call 0x1a8df +call fcn_0001a9a3 ; call 0x1a9a3 add esp, 0x20 test eax, eax -js loc_0001accc ; js 0x1accc +js loc_0001ad90 ; js 0x1ad90 mov edx, dword [ebp - 0x1c] mov dword [ebp - 0x24], 0 -mov al, byte [edx + ref_0002953c] ; mov al, byte [edx + 0x2953c] +mov al, byte [edx + ref_000295ec] ; mov al, byte [edx + 0x295ec] mov byte [ebp - 0x1e], al mov eax, edx and eax, 3 mov dword [ebp - 0x1c], eax -movzx eax, byte [eax + ref_00029548] ; movzx eax, byte [eax + 0x29548] +movzx eax, byte [eax + ref_000295f8] ; movzx eax, byte [eax + 0x295f8] dec eax test ebx, eax -movzx eax, byte [edx + ref_00029548] ; movzx eax, byte [edx + 0x29548] +movzx eax, byte [edx + ref_000295f8] ; movzx eax, byte [edx + 0x295f8] sete byte [ebp - 0x1d] mov dword [ebp - 0x28], eax -loc_0001ac3a: ; not directly referenced +loc_0001acfe: ; not directly referenced cmp dword [ebp + 0x1c], 0 -je loc_0001acca ; je 0x1acca +je loc_0001ad8e ; je 0x1ad8e cmp dword [ebp - 0x1c], 0 -jne short loc_0001ac57 ; jne 0x1ac57 +jne short loc_0001ad1b ; jne 0x1ad1b sub esp, 0xc push esi -call fcn_00018e1d ; call 0x18e1d +call fcn_00018ee1 ; call 0x18ee1 mov byte [ebx], al -jmp short loc_0001acb3 ; jmp 0x1acb3 +jmp short loc_0001ad77 ; jmp 0x1ad77 -loc_0001ac57: ; not directly referenced +loc_0001ad1b: ; not directly referenced cmp dword [ebp - 0x1c], 1 -jne short loc_0001ac88 ; jne 0x1ac88 +jne short loc_0001ad4c ; jne 0x1ad4c cmp byte [ebp - 0x1d], 0 -je short loc_0001ac71 ; je 0x1ac71 +je short loc_0001ad35 ; je 0x1ad35 sub esp, 0xc push esi -call fcn_00018e32 ; call 0x18e32 +call fcn_00018ef6 ; call 0x18ef6 mov word [ebx], ax -jmp short loc_0001acb3 ; jmp 0x1acb3 +jmp short loc_0001ad77 ; jmp 0x1ad77 -loc_0001ac71: ; not directly referenced +loc_0001ad35: ; not directly referenced sub esp, 0xc push esi -call fcn_00018e32 ; call 0x18e32 +call fcn_00018ef6 ; call 0x18ef6 pop edx pop ecx movzx eax, ax push eax push ebx -call fcn_00017207 ; call 0x17207 -jmp short loc_0001acb3 ; jmp 0x1acb3 +call fcn_000172cb ; call 0x172cb +jmp short loc_0001ad77 ; jmp 0x1ad77 -loc_0001ac88: ; not directly referenced +loc_0001ad4c: ; not directly referenced cmp dword [ebp - 0x1c], 2 -jne short loc_0001acb6 ; jne 0x1acb6 +jne short loc_0001ad7a ; jne 0x1ad7a cmp byte [ebp - 0x1d], 0 -je short loc_0001aca1 ; je 0x1aca1 +je short loc_0001ad65 ; je 0x1ad65 sub esp, 0xc push esi -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 mov dword [ebx], eax -jmp short loc_0001acb3 ; jmp 0x1acb3 +jmp short loc_0001ad77 ; jmp 0x1ad77 -loc_0001aca1: ; not directly referenced +loc_0001ad65: ; not directly referenced sub esp, 0xc push esi -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 pop edx pop ecx push eax push ebx -call fcn_000172ee ; call 0x172ee +call fcn_000173b2 ; call 0x173b2 -loc_0001acb3: ; not directly referenced +loc_0001ad77: ; not directly referenced add esp, 0x10 -loc_0001acb6: ; not directly referenced +loc_0001ad7a: ; not directly referenced movzx eax, byte [ebp - 0x1e] add esi, dword [ebp - 0x28] adc edi, dword [ebp - 0x24] dec dword [ebp + 0x1c] add ebx, eax -jmp near loc_0001ac3a ; jmp 0x1ac3a +jmp near loc_0001acfe ; jmp 0x1acfe -loc_0001acca: ; not directly referenced +loc_0001ad8e: ; not directly referenced xor eax, eax -loc_0001accc: ; not directly referenced +loc_0001ad90: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -44917,7 +44989,7 @@ pop edi pop ebp ret -fcn_0001acd4: ; not directly referenced +fcn_0001ad98: ; not directly referenced push ebp mov ebp, esp push edi @@ -44935,98 +45007,98 @@ push edi push esi push edx push 0 -call fcn_0001a8df ; call 0x1a8df +call fcn_0001a9a3 ; call 0x1a9a3 add esp, 0x20 test eax, eax -js loc_0001adb6 ; js 0x1adb6 +js loc_0001ae7a ; js 0x1ae7a mov edx, dword [ebp - 0x1c] mov dword [ebp - 0x24], 0 -mov al, byte [edx + ref_0002953c] ; mov al, byte [edx + 0x2953c] +mov al, byte [edx + ref_000295ec] ; mov al, byte [edx + 0x295ec] mov byte [ebp - 0x1e], al mov eax, edx and eax, 3 mov dword [ebp - 0x1c], eax -movzx eax, byte [eax + ref_00029548] ; movzx eax, byte [eax + 0x29548] +movzx eax, byte [eax + ref_000295f8] ; movzx eax, byte [eax + 0x295f8] dec eax test ebx, eax -movzx eax, byte [edx + ref_00029548] ; movzx eax, byte [edx + 0x29548] +movzx eax, byte [edx + ref_000295f8] ; movzx eax, byte [edx + 0x295f8] sete byte [ebp - 0x1d] mov dword [ebp - 0x28], eax -loc_0001ad38: ; not directly referenced +loc_0001adfc: ; not directly referenced cmp dword [ebp + 0x1c], 0 -je short loc_0001adb4 ; je 0x1adb4 +je short loc_0001ae78 ; je 0x1ae78 cmp dword [ebp - 0x1c], 0 -jne short loc_0001ad52 ; jne 0x1ad52 +jne short loc_0001ae16 ; jne 0x1ae16 push eax push eax movzx eax, byte [ebx] push eax push esi -call fcn_00018e26 ; call 0x18e26 -jmp short loc_0001ada0 ; jmp 0x1ada0 +call fcn_00018eea ; call 0x18eea +jmp short loc_0001ae64 ; jmp 0x1ae64 -loc_0001ad52: ; not directly referenced +loc_0001ae16: ; not directly referenced cmp dword [ebp - 0x1c], 1 -jne short loc_0001ad7c ; jne 0x1ad7c +jne short loc_0001ae40 ; jne 0x1ae40 cmp byte [ebp - 0x1d], 0 -je short loc_0001ad65 ; je 0x1ad65 +je short loc_0001ae29 ; je 0x1ae29 push eax push eax movzx eax, word [ebx] -jmp short loc_0001ad73 ; jmp 0x1ad73 +jmp short loc_0001ae37 ; jmp 0x1ae37 -loc_0001ad65: ; not directly referenced +loc_0001ae29: ; not directly referenced sub esp, 0xc push ebx -call fcn_000171d5 ; call 0x171d5 +call fcn_00017299 ; call 0x17299 pop edx pop ecx movzx eax, ax -loc_0001ad73: ; not directly referenced +loc_0001ae37: ; not directly referenced push eax push esi -call fcn_00018e63 ; call 0x18e63 -jmp short loc_0001ada0 ; jmp 0x1ada0 +call fcn_00018f27 ; call 0x18f27 +jmp short loc_0001ae64 ; jmp 0x1ae64 -loc_0001ad7c: ; not directly referenced +loc_0001ae40: ; not directly referenced cmp dword [ebp - 0x1c], 2 -jne short loc_0001ada3 ; jne 0x1ada3 +jne short loc_0001ae67 ; jne 0x1ae67 cmp byte [ebp - 0x1d], 0 -je short loc_0001ad8e ; je 0x1ad8e +je short loc_0001ae52 ; je 0x1ae52 push eax push eax push dword [ebx] -jmp short loc_0001ad9a ; jmp 0x1ad9a +jmp short loc_0001ae5e ; jmp 0x1ae5e -loc_0001ad8e: ; not directly referenced +loc_0001ae52: ; not directly referenced sub esp, 0xc push ebx -call fcn_000172ba ; call 0x172ba +call fcn_0001737e ; call 0x1737e pop edx pop ecx push eax -loc_0001ad9a: ; not directly referenced +loc_0001ae5e: ; not directly referenced push esi -call fcn_00018ed3 ; call 0x18ed3 +call fcn_00018f97 ; call 0x18f97 -loc_0001ada0: ; not directly referenced +loc_0001ae64: ; not directly referenced add esp, 0x10 -loc_0001ada3: ; not directly referenced +loc_0001ae67: ; not directly referenced movzx eax, byte [ebp - 0x1e] add esi, dword [ebp - 0x28] adc edi, dword [ebp - 0x24] dec dword [ebp + 0x1c] add ebx, eax -jmp short loc_0001ad38 ; jmp 0x1ad38 +jmp short loc_0001adfc ; jmp 0x1adfc -loc_0001adb4: ; not directly referenced +loc_0001ae78: ; not directly referenced xor eax, eax -loc_0001adb6: ; not directly referenced +loc_0001ae7a: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -45034,67 +45106,67 @@ pop edi pop ebp ret -fcn_0001adbe: +fcn_0001ae82: push ebp mov ebp, esp push ebx sub esp, 0x10 push dword [ebp + 8] -call fcn_00019824 ; call 0x19824 +call fcn_000198e8 ; call 0x198e8 mov edx, dword [ebp + 0xc] add esp, 0x10 mov edx, dword [edx] -mov dword [edx + 0x60], ref_00029560 ; mov dword [edx + 0x60], 0x29560 +mov dword [edx + 0x60], ref_00029610 ; mov dword [edx + 0x60], 0x29610 cmp eax, 0x80000014 -jne short loc_0001ae00 ; jne 0x1ae00 -call fcn_000153e9 ; call 0x153e9 +jne short loc_0001aec4 ; jne 0x1aec4 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001ae54 ; je 0x1ae54 +je short loc_0001af18 ; je 0x1af18 push ecx -push ref_00029560 ; push 0x29560 -push ref_0002615f ; push 0x2615f +push ref_00029610 ; push 0x29610 +push ref_0002620e ; push 0x2620e push 0x40 -call fcn_000153f7 ; call 0x153f7 -jmp short loc_0001ae51 ; jmp 0x1ae51 +call fcn_00015487 ; call 0x15487 +jmp short loc_0001af15 ; jmp 0x1af15 -loc_0001ae00: +loc_0001aec4: sub esp, 0xc -push ref_00029554 ; push 0x29554 -call fcn_00019667 ; call 0x19667 +push ref_00029604 ; push 0x29604 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001ae54 ; je 0x1ae54 +je short loc_0001af18 ; je 0x1af18 test ebx, ebx -jns short loc_0001ae54 ; jns 0x1ae54 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001af18 ; jns 0x1af18 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001ae3c ; je 0x1ae3c +je short loc_0001af00 ; je 0x1af00 push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001ae3c: +loc_0001af00: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x35c -push ref_0002619d ; push 0x2619d -call fcn_000153fc ; call 0x153fc +push ref_0002624c ; push 0x2624c +call fcn_0001548c ; call 0x1548c -loc_0001ae51: +loc_0001af15: add esp, 0x10 -loc_0001ae54: +loc_0001af18: xor eax, eax mov ebx, dword [ebp - 4] leave ret -fcn_0001ae5b: ; not directly referenced +fcn_0001af1f: ; not directly referenced push ebp mov ebp, esp push edi @@ -45106,9 +45178,9 @@ mov esi, dword [ebp + 8] mov ebx, dword [ebp + 0x10] mov edi, dword [ebp + 0x18] mov byte [ebp - 0x28], al -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001ae9e ; je 0x1ae9e +je short loc_0001af62 ; je 0x1af62 mov eax, dword [ebp - 0x28] sub esp, 0xc push dword [ebp + 0x14] @@ -45116,29 +45188,29 @@ and eax, 0x7f push ebx add eax, eax push eax -push ref_000261ce ; push 0x261ce +push ref_0002627d ; push 0x2627d push 0x80000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_0001ae9e: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001af62: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001aec7 ; je 0x1aec7 +je short loc_0001af8b ; je 0x1af8b cmp dword [esi - 0x18], 0x626d7370 -je short loc_0001aec7 ; je 0x1aec7 +je short loc_0001af8b ; je 0x1af8b push ecx -push ref_00026219 ; push 0x26219 +push ref_000262c8 ; push 0x262c8 push 0x43 -push ref_0002622e ; push 0x2622e -call fcn_000153fc ; call 0x153fc +push ref_000262dd ; push 0x262dd +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp short loc_0001aeca ; jmp 0x1aeca +jmp short loc_0001af8e ; jmp 0x1af8e -loc_0001aec7: ; not directly referenced +loc_0001af8b: ; not directly referenced sub esi, 0x18 -loc_0001aeca: ; not directly referenced +loc_0001af8e: ; not directly referenced push edx mov eax, edi push edx @@ -45150,23 +45222,23 @@ push edi push dword [ebp + 0x14] push ebx push eax -call fcn_0001b324 ; call 0x1b324 +call fcn_0001b3e8 ; call 0x1b3e8 add esp, 0x14 push esi mov ebx, eax -call fcn_0001b1fc ; call 0x1b1fc -call fcn_000153e9 ; call 0x153e9 +call fcn_0001b2c0 ; call 0x1b2c0 +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_0001af10 ; je 0x1af10 +je short loc_0001afd4 ; je 0x1afd4 push eax push eax -push ref_00026258 ; push 0x26258 +push ref_00026307 ; push 0x26307 push 0x80000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001af10: ; not directly referenced +loc_0001afd4: ; not directly referenced lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -45175,7 +45247,7 @@ pop edi pop ebp ret -fcn_0001af1a: +fcn_0001afde: push ebp mov ebp, esp push esi @@ -45189,34 +45261,34 @@ lea eax, [ebp - 0xc] push eax push 0 push 0 -push ref_0002912c ; push 0x2912c -call fcn_00019699 ; call 0x19699 +push ref_000291dc ; push 0x291dc +call fcn_0001975d ; call 0x1975d mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001af8a ; je 0x1af8a +je short loc_0001b04e ; je 0x1b04e test esi, esi -jns short loc_0001af8a ; jns 0x1af8a -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001b04e ; jns 0x1b04e +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001af72 ; je 0x1af72 +je short loc_0001b036 ; je 0x1b036 push edx push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001af72: +loc_0001b036: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xee -push ref_0002622e ; push 0x2622e -call fcn_000153fc ; call 0x153fc +push ref_000262dd ; push 0x262dd +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001af8a: +loc_0001b04e: mov eax, dword [ebp - 0xc] movzx edx, word [eax + 0x388] add eax, 0x38e @@ -45225,16 +45297,16 @@ mov dl, byte [eax - 1] mov dword [ebx + 0xce], eax lea eax, [ebx + 0x18] mov dword [ebx + 0xc], 0x80000010 -mov dword [ebx + 0x10], ref_0002900c ; mov dword [ebx + 0x10], 0x2900c +mov dword [ebx + 0x10], ref_000290bc ; mov dword [ebx + 0x10], 0x290bc mov byte [ebx + 0xcd], dl mov dword [ebx + 0x14], eax -mov dword [ebx + 0x18], fcn_0001ae5b ; mov dword [ebx + 0x18], 0x1ae5b -mov dword [ebx + 0x1c], fcn_0001b1de ; mov dword [ebx + 0x1c], 0x1b1de -mov dword [ebx + 0x20], fcn_0001b1e8 ; mov dword [ebx + 0x20], 0x1b1e8 -mov dword [ebx + 0x24], fcn_0001b1f2 ; mov dword [ebx + 0x24], 0x1b1f2 +mov dword [ebx + 0x18], fcn_0001af1f ; mov dword [ebx + 0x18], 0x1af1f +mov dword [ebx + 0x1c], fcn_0001b2a2 ; mov dword [ebx + 0x1c], 0x1b2a2 +mov dword [ebx + 0x20], fcn_0001b2ac ; mov dword [ebx + 0x20], 0x1b2ac +mov dword [ebx + 0x24], fcn_0001b2b6 ; mov dword [ebx + 0x24], 0x1b2b6 mov dword [ebx + 0x38], 0x80000020 -mov dword [ebx + 0x3c], ref_00028fec ; mov dword [ebx + 0x3c], 0x28fec -mov dword [ebx + 0x40], fcn_0001b195 ; mov dword [ebx + 0x40], 0x1b195 +mov dword [ebx + 0x3c], ref_0002909c ; mov dword [ebx + 0x3c], 0x2909c +mov dword [ebx + 0x40], fcn_0001b259 ; mov dword [ebx + 0x40], 0x1b259 mov byte [ebx + 0x44], 0 mov byte [ebx + 0xd2], 0 lea esp, [ebp - 8] @@ -45243,157 +45315,157 @@ pop esi pop ebp ret -fcn_0001b002: +fcn_0001b0c6: push ebp mov ebp, esp push esi push ebx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001b021 ; je 0x1b021 +je short loc_0001b0e5 ; je 0x1b0e5 push eax push eax -push ref_00026270 ; push 0x26270 +push ref_0002631f ; push 0x2631f push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001b021: +loc_0001b0e5: sub esp, 0xc push 0x11b -call fcn_00019c79 ; call 0x19c79 +call fcn_00019d3d ; call 0x19d3d add esp, 0x10 mov ebx, eax test eax, eax -jne short loc_0001b05a ; jne 0x1b05a -call fcn_000153e9 ; call 0x153e9 +jne short loc_0001b11e ; jne 0x1b11e +call fcn_00015479 ; call 0x15479 mov ebx, 0x80000009 test al, al -je loc_0001b18c ; je 0x1b18c +je loc_0001b250 ; je 0x1b250 push eax push eax -push ref_00026290 ; push 0x26290 +push ref_0002633f ; push 0x2633f push 0x80000000 -jmp near loc_0001b184 ; jmp 0x1b184 +jmp near loc_0001b248 ; jmp 0x1b248 -loc_0001b05a: +loc_0001b11e: push eax push eax push ebx push dword [ebp + 0xc] -call fcn_0001af1a ; call 0x1af1a +call fcn_0001afde ; call 0x1afde add esp, 0xc push 3 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add esp, 0xc push dword [ebx + 8] push 0xffe0 mov esi, eax lea eax, [eax + 0x20] push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 pop eax pop edx lea eax, [esi + 4] add esi, 0x40 push 1 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 pop ecx pop eax push 0x10 push esi -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 pop eax pop edx push 8 push esi -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0xc push 1 push 0xf9 push esi -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a pop ecx pop esi push 0xff push 0 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b lea eax, [ebx + 0xc] mov dword [esp], eax -call fcn_00019667 ; call 0x19667 +call fcn_0001972b ; call 0x1972b mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001b11d ; je 0x1b11d +je short loc_0001b1e1 ; je 0x1b1e1 test esi, esi -jns short loc_0001b11d ; jns 0x1b11d -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001b1e1 ; jns 0x1b1e1 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001b105 ; je 0x1b105 +je short loc_0001b1c9 ; je 0x1b1c9 push eax push esi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001b105: +loc_0001b1c9: push esi -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xc4 -push ref_0002622e ; push 0x2622e -call fcn_000153fc ; call 0x153fc +push ref_000262dd ; push 0x262dd +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001b11d: +loc_0001b1e1: sub esp, 0xc add ebx, 0x38 push ebx -call fcn_000196bb ; call 0x196bb +call fcn_0001977f ; call 0x1977f mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001b170 ; je 0x1b170 +je short loc_0001b234 ; je 0x1b234 test ebx, ebx -jns short loc_0001b170 ; jns 0x1b170 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001b234 ; jns 0x1b234 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001b158 ; je 0x1b158 +je short loc_0001b21c ; je 0x1b21c push ecx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001b158: +loc_0001b21c: push edx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xca -push ref_0002622e ; push 0x2622e -call fcn_000153fc ; call 0x153fc +push ref_000262dd ; push 0x262dd +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001b170: -call fcn_000153e9 ; call 0x153e9 +loc_0001b234: +call fcn_00015479 ; call 0x15479 xor ebx, ebx test al, al -je short loc_0001b18c ; je 0x1b18c +je short loc_0001b250 ; je 0x1b250 push eax push eax -push ref_000262b9 ; push 0x262b9 +push ref_00026368 ; push 0x26368 push 0x40 -loc_0001b184: -call fcn_000153f7 ; call 0x153f7 +loc_0001b248: +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001b18c: +loc_0001b250: lea esp, [ebp - 8] mov eax, ebx pop ebx @@ -45401,67 +45473,67 @@ pop esi pop ebp ret -fcn_0001b195: ; not directly referenced +fcn_0001b259: ; not directly referenced push ebp mov ebp, esp push ebx push ecx mov ebx, dword [ebp + 0xc] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001b1c9 ; je 0x1b1c9 +je short loc_0001b28d ; je 0x1b28d cmp dword [ebx - 0x38], 0x626d7370 -je short loc_0001b1c9 ; je 0x1b1c9 +je short loc_0001b28d ; je 0x1b28d push edx -push ref_00026219 ; push 0x26219 +push ref_000262c8 ; push 0x262c8 push 0x120 -push ref_0002622e ; push 0x2622e -call fcn_000153fc ; call 0x153fc +push ref_000262dd ; push 0x262dd +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp short loc_0001b1cc ; jmp 0x1b1cc +jmp short loc_0001b290 ; jmp 0x1b290 -loc_0001b1c9: ; not directly referenced +loc_0001b28d: ; not directly referenced sub ebx, 0x38 -loc_0001b1cc: ; not directly referenced +loc_0001b290: ; not directly referenced push eax push eax push ebx push dword [ebp + 8] -call fcn_0001af1a ; call 0x1af1a +call fcn_0001afde ; call 0x1afde xor eax, eax mov ebx, dword [ebp - 4] leave ret -fcn_0001b1de: ; not directly referenced +fcn_0001b2a2: ; not directly referenced push ebp mov eax, 0x80000003 mov ebp, esp pop ebp ret -fcn_0001b1e8: ; not directly referenced +fcn_0001b2ac: ; not directly referenced push ebp mov eax, 0x80000003 mov ebp, esp pop ebp ret -fcn_0001b1f2: ; not directly referenced +fcn_0001b2b6: ; not directly referenced push ebp mov eax, 0x80000003 mov ebp, esp pop ebp ret -fcn_0001b1fc: ; not directly referenced +fcn_0001b2c0: ; not directly referenced push ebp mov ebp, esp pop ebp ret -fcn_0001b201: +fcn_0001b2c5: push ebp mov ebp, esp push ebx @@ -45469,58 +45541,58 @@ sub esp, 8 push 3 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x20 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 and ebx, 0xffe0 add esp, 0x10 test al, al -je short loc_0001b253 ; je 0x1b253 +je short loc_0001b317 ; je 0x1b317 test ebx, ebx -je short loc_0001b23e ; je 0x1b23e +je short loc_0001b302 ; je 0x1b302 cmp ebx, 0xffe0 -jne short loc_0001b253 ; jne 0x1b253 +jne short loc_0001b317 ; jne 0x1b317 -loc_0001b23e: +loc_0001b302: push eax -push ref_000262d7 ; push 0x262d7 +push ref_00026386 ; push 0x26386 push 0x2c -push ref_00026305 ; push 0x26305 -call fcn_000153fc ; call 0x153fc +push ref_000263b4 ; push 0x263b4 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001b253: +loc_0001b317: mov eax, ebx mov ebx, dword [ebp - 4] leave ret -fcn_0001b25a: ; not directly referenced +fcn_0001b31e: ; not directly referenced push ebp mov ebp, esp push ebx push eax mov ebx, dword [ebp + 8] -call fcn_0001b201 ; call 0x1b201 +call fcn_0001b2c5 ; call 0x1b2c5 movzx ebx, bl add eax, ebx mov dword [ebp + 8], eax pop edx pop ebx pop ebp -jmp near fcn_00018e1d ; jmp 0x18e1d +jmp near fcn_00018ee1 ; jmp 0x18ee1 -fcn_0001b277: +fcn_0001b33b: push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 8] -call fcn_0001b201 ; call 0x1b201 +call fcn_0001b2c5 ; call 0x1b2c5 mov edx, esi movzx ebx, bl movzx esi, dl @@ -45530,79 +45602,79 @@ mov dword [ebp + 8], eax pop ebx pop esi pop ebp -jmp near fcn_00018e26 ; jmp 0x18e26 +jmp near fcn_00018eea ; jmp 0x18eea -fcn_0001b29f: ; not directly referenced +fcn_0001b363: ; not directly referenced push ebp mov ebp, esp push ebx mov ebx, 0x186a0 push eax -loc_0001b2a9: ; not directly referenced +loc_0001b36d: ; not directly referenced sub esp, 0xc push 0 -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e mov edx, dword [ebp + 8] add esp, 0x10 mov byte [edx], al test al, 0x8e -jne short loc_0001b2d3 ; jne 0x1b2d3 +jne short loc_0001b397 ; jne 0x1b397 sub esp, 0xc push 0xa -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 dec ebx -jne short loc_0001b2a9 ; jne 0x1b2a9 +jne short loc_0001b36d ; jne 0x1b36d xor eax, eax -jmp short loc_0001b2d5 ; jmp 0x1b2d5 +jmp short loc_0001b399 ; jmp 0x1b399 -loc_0001b2d3: ; not directly referenced +loc_0001b397: ; not directly referenced mov al, 1 -loc_0001b2d5: ; not directly referenced +loc_0001b399: ; not directly referenced mov ebx, dword [ebp - 4] leave ret -fcn_0001b2da: ; not directly referenced +fcn_0001b39e: ; not directly referenced push ebp mov ebp, esp push ebx mov ebx, 0x80000012 sub esp, 0x10 push 0 -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e add esp, 0x10 test al, 0x40 -jne short loc_0001b31d ; jne 0x1b31d +jne short loc_0001b3e1 ; jne 0x1b3e1 test al, 1 -je short loc_0001b30b ; je 0x1b30b +je short loc_0001b3cf ; je 0x1b3cf push ecx push ecx push 0xff push 0 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b add esp, 0x10 -jmp short loc_0001b31d ; jmp 0x1b31d +jmp short loc_0001b3e1 ; jmp 0x1b3e1 -loc_0001b30b: ; not directly referenced +loc_0001b3cf: ; not directly referenced push edx movzx eax, al push edx xor ebx, ebx push eax push 0 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b add esp, 0x10 -loc_0001b31d: ; not directly referenced +loc_0001b3e1: ; not directly referenced mov eax, ebx mov ebx, dword [ebp - 4] leave ret -fcn_0001b324: ; not directly referenced +fcn_0001b3e8: ; not directly referenced push ebp mov ebp, esp push edi @@ -45613,44 +45685,44 @@ mov al, byte [ebp + 0x14] cmp dword [ebp + 0x10], 1 mov edi, dword [ebp + 0x18] mov byte [ebp - 0x2f], al -jbe short loc_0001b34e ; jbe 0x1b34e +jbe short loc_0001b412 ; jbe 0x1b412 cmp dword [ebp + 0x1c], 0 -je loc_0001b850 ; je 0x1b850 +je loc_0001b914 ; je 0x1b914 test edi, edi -je loc_0001b850 ; je 0x1b850 +je loc_0001b914 ; je 0x1b914 -loc_0001b34e: ; not directly referenced -call fcn_0001b2da ; call 0x1b2da +loc_0001b412: ; not directly referenced +call fcn_0001b39e ; call 0x1b39e test eax, eax -js loc_0001b855 ; js 0x1b855 +js loc_0001b919 ; js 0x1b919 mov al, byte [ebp + 8] mov dword [ebp - 0x34], 3 mov byte [ebp - 0x2d], 0 lea eax, [eax + eax + 1] mov byte [ebp - 0x2e], al -loc_0001b370: ; not directly referenced +loc_0001b434: ; not directly referenced mov al, byte [ebp - 0x2e] cmp dword [ebp + 0x10], 0xb mov byte [ebp - 0x2c], al mov al, byte [ebp + 0xc] mov byte [ebp - 0x30], al -ja loc_0001b525 ; ja 0x1b525 +ja loc_0001b5e9 ; ja 0x1b5e9 mov eax, dword [ebp + 0x10] -jmp dword [eax*4 + ref_00020510] ; ujmp: jmp dword [eax*4 + 0x20510] +jmp dword [eax*4 + ref_000205a0] ; ujmp: jmp dword [eax*4 + 0x205a0] -loc_0001b390: ; not directly referenced +loc_0001b454: ; not directly referenced mov al, byte [ebp - 0x2e] dec eax mov byte [ebp - 0x2c], al -loc_0001b397: ; not directly referenced +loc_0001b45b: ; not directly referenced cmp byte [ebp - 0x2f], 1 -je loc_0001b515 ; je 0x1b515 +je loc_0001b5d9 ; je 0x1b5d9 xor esi, esi -jmp near loc_0001b511 ; jmp 0x1b511 +jmp near loc_0001b5d5 ; jmp 0x1b5d5 -loc_0001b3a8: ; not directly referenced +loc_0001b46c: ; not directly referenced mov eax, dword [ebp + 0x1c] mov al, byte [eax] mov byte [ebp - 0x30], al @@ -45658,42 +45730,42 @@ mov al, byte [ebp - 0x2e] dec eax mov byte [ebp - 0x2c], al -loc_0001b3b7: ; not directly referenced +loc_0001b47b: ; not directly referenced cmp dword [edi], 1 mov esi, 4 mov dword [edi], 1 sbb ebx, ebx and ebx, 0x80000005 -jmp near loc_0001b4d3 ; jmp 0x1b4d3 +jmp near loc_0001b597 ; jmp 0x1b597 -loc_0001b3d2: ; not directly referenced +loc_0001b496: ; not directly referenced mov eax, dword [ebp + 0x1c] push ecx push ecx movzx eax, byte [eax] push eax push 5 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b mov al, byte [ebp - 0x2e] add esp, 0x10 mov dword [edi], 1 dec eax mov byte [ebp - 0x2c], al -loc_0001b3f2: ; not directly referenced +loc_0001b4b6: ; not directly referenced mov eax, dword [edi] test eax, eax -je loc_0001b502 ; je 0x1b502 +je loc_0001b5c6 ; je 0x1b5c6 cmp eax, 1 -je loc_0001b50c ; je 0x1b50c +je loc_0001b5d0 ; je 0x1b5d0 cmp eax, 0x100 -ja loc_0001b525 ; ja 0x1b525 +ja loc_0001b5e9 ; ja 0x1b5e9 cmp byte [ebp - 0x2f], 1 -je loc_0001b515 ; je 0x1b515 +je loc_0001b5d9 ; je 0x1b5d9 mov esi, 0x18 -jmp near loc_0001b511 ; jmp 0x1b511 +jmp near loc_0001b5d5 ; jmp 0x1b5d5 -loc_0001b424: ; not directly referenced +loc_0001b4e8: ; not directly referenced mov al, byte [ebp - 0x2e] dec eax mov byte [ebp - 0x2c], al @@ -45703,31 +45775,31 @@ mov eax, dword [ebp + 0x1c] movzx eax, byte [eax + 1] push eax push 6 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b pop eax mov eax, dword [ebp + 0x1c] pop edx movzx eax, byte [eax] push eax push 5 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b add esp, 0x10 -loc_0001b44f: ; not directly referenced +loc_0001b513: ; not directly referenced cmp dword [edi], 2 mov esi, 0xc mov dword [edi], 2 sbb ebx, ebx and ebx, 0x80000005 -jmp short loc_0001b4d3 ; jmp 0x1b4d3 +jmp short loc_0001b597 ; jmp 0x1b597 -loc_0001b467: ; not directly referenced +loc_0001b52b: ; not directly referenced push eax push eax movzx eax, byte [edi] push eax push 5 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b mov al, byte [ebp - 0x2e] add esp, 0x10 dec eax @@ -45735,22 +45807,22 @@ mov byte [ebp - 0x2c], al mov al, byte [edi] mov byte [ebp - 0x2d], al -loc_0001b483: ; not directly referenced +loc_0001b547: ; not directly referenced mov eax, dword [edi] dec eax cmp eax, 0x1f -ja loc_0001b525 ; ja 0x1b525 +ja loc_0001b5e9 ; ja 0x1b5e9 mov esi, 0x14 -jmp near loc_0001b51f ; jmp 0x1b51f +jmp near loc_0001b5e3 ; jmp 0x1b5e3 -loc_0001b499: ; not directly referenced +loc_0001b55d: ; not directly referenced mov eax, dword [ebp + 0x1c] push ebx push ebx movzx eax, byte [eax + 1] push eax push 6 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b pop esi mov esi, 0x10 pop eax @@ -45758,63 +45830,63 @@ mov eax, dword [ebp + 0x1c] movzx eax, byte [eax] push eax push 5 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b add esp, 0x10 cmp dword [edi], 2 mov dword [edi], 2 sbb ebx, ebx and ebx, 0x80000005 -loc_0001b4d3: ; not directly referenced +loc_0001b597: ; not directly referenced xor eax, eax test ebx, ebx -jns short loc_0001b52f ; jns 0x1b52f -jmp near loc_0001b825 ; jmp 0x1b825 +jns short loc_0001b5f3 ; jns 0x1b5f3 +jmp near loc_0001b8e9 ; jmp 0x1b8e9 -loc_0001b4de: ; not directly referenced +loc_0001b5a2: ; not directly referenced mov eax, dword [edi] dec eax cmp eax, 0x1f -ja short loc_0001b525 ; ja 0x1b525 +ja short loc_0001b5e9 ; ja 0x1b5e9 push ecx mov esi, 0x1c push ecx movzx eax, byte [edi] push eax push 5 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b mov al, byte [edi] add esp, 0x10 mov byte [ebp - 0x2d], al -jmp short loc_0001b51f ; jmp 0x1b51f +jmp short loc_0001b5e3 ; jmp 0x1b5e3 -loc_0001b502: ; not directly referenced +loc_0001b5c6: ; not directly referenced mov ebx, 0x80000005 -jmp near loc_0001b825 ; jmp 0x1b825 +jmp near loc_0001b8e9 ; jmp 0x1b8e9 -loc_0001b50c: ; not directly referenced +loc_0001b5d0: ; not directly referenced mov esi, 8 -loc_0001b511: ; not directly referenced +loc_0001b5d5: ; not directly referenced xor eax, eax -jmp short loc_0001b521 ; jmp 0x1b521 +jmp short loc_0001b5e5 ; jmp 0x1b5e5 -loc_0001b515: ; not directly referenced +loc_0001b5d9: ; not directly referenced mov ebx, 0x80000003 -jmp near loc_0001b825 ; jmp 0x1b825 +jmp near loc_0001b8e9 ; jmp 0x1b8e9 -loc_0001b51f: ; not directly referenced +loc_0001b5e3: ; not directly referenced mov al, 2 -loc_0001b521: ; not directly referenced +loc_0001b5e5: ; not directly referenced xor ebx, ebx -jmp short loc_0001b52f ; jmp 0x1b52f +jmp short loc_0001b5f3 ; jmp 0x1b5f3 -loc_0001b525: ; not directly referenced +loc_0001b5e9: ; not directly referenced mov ebx, 0x80000002 -jmp near loc_0001b825 ; jmp 0x1b825 +jmp near loc_0001b8e9 ; jmp 0x1b8e9 -loc_0001b52f: ; not directly referenced +loc_0001b5f3: ; not directly referenced mov dl, al or edx, 1 cmp byte [ebp - 0x2f], 1 @@ -45824,36 +45896,36 @@ movzx eax, al push edx push eax push 0xd -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b mov dword [esp], 2 -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e mov eax, dword [ebp + 0x10] add esp, 0x10 and eax, 0xfffffffd cmp eax, 9 -je short loc_0001b57f ; je 0x1b57f +je short loc_0001b643 ; je 0x1b643 -loc_0001b562: ; not directly referenced +loc_0001b626: ; not directly referenced movzx eax, byte [ebp - 0x2c] push ecx push ecx push eax push 4 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b add esp, 0x10 movzx eax, byte [ebp - 0x30] cmp dword [ebp + 0x10], 4 -jne short loc_0001b5b6 ; jne 0x1b5b6 -jmp short loc_0001b5aa ; jmp 0x1b5aa +jne short loc_0001b67a ; jne 0x1b67a +jmp short loc_0001b66e ; jmp 0x1b66e -loc_0001b57f: ; not directly referenced +loc_0001b643: ; not directly referenced movzx ecx, byte [ebp - 0x2d] xor eax, eax mov dword [ebp - 0x38], ecx -loc_0001b588: ; not directly referenced +loc_0001b64c: ; not directly referenced cmp eax, dword [ebp - 0x38] -jae short loc_0001b562 ; jae 0x1b562 +jae short loc_0001b626 ; jae 0x1b626 mov ecx, dword [ebp + 0x1c] push edx push edx @@ -45861,29 +45933,29 @@ movzx edx, byte [ecx + eax] mov dword [ebp - 0x3c], eax push edx push 7 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b mov eax, dword [ebp - 0x3c] add esp, 0x10 inc eax -jmp short loc_0001b588 ; jmp 0x1b588 +jmp short loc_0001b64c ; jmp 0x1b64c -loc_0001b5aa: ; not directly referenced +loc_0001b66e: ; not directly referenced cmp dword [edi], 1 -jbe short loc_0001b5b6 ; jbe 0x1b5b6 +jbe short loc_0001b67a ; jbe 0x1b67a push ecx push ecx push eax push 6 -jmp short loc_0001b5bb ; jmp 0x1b5bb +jmp short loc_0001b67f ; jmp 0x1b67f -loc_0001b5b6: ; not directly referenced +loc_0001b67a: ; not directly referenced push edx push edx push eax push 3 -loc_0001b5bb: ; not directly referenced -call fcn_0001b277 ; call 0x1b277 +loc_0001b67f: ; not directly referenced +call fcn_0001b33b ; call 0x1b33b add esp, 0x10 lea eax, [esi + 0x40] movzx esi, al @@ -45891,283 +45963,283 @@ push ecx push ecx push esi push 2 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b lea eax, [ebp - 0x19] mov dword [esp], eax -call fcn_0001b29f ; call 0x1b29f +call fcn_0001b363 ; call 0x1b363 add esp, 0x10 test al, al -je loc_0001b820 ; je 0x1b820 +je loc_0001b8e4 ; je 0x1b8e4 mov al, byte [ebp - 0x19] test al, 4 -je short loc_0001b612 ; je 0x1b612 +je short loc_0001b6d6 ; je 0x1b6d6 sub esp, 0xc push 0xc -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e add esp, 0x10 and eax, 1 cmp al, 1 sbb ebx, ebx and ebx, 0xffffffec sub ebx, 0x7fffffe5 -jmp near loc_0001b825 ; jmp 0x1b825 +jmp near loc_0001b8e9 ; jmp 0x1b8e9 -loc_0001b612: ; not directly referenced +loc_0001b6d6: ; not directly referenced test al, 8 -je short loc_0001b63a ; je 0x1b63a +je short loc_0001b6fe ; je 0x1b6fe push ebx push ebx push 8 push 0 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b pop esi pop eax push 0xff push 0 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b pop eax pop edx push 1 push 0xc -jmp near loc_0001b7fc ; jmp 0x1b7fc +jmp near loc_0001b8c0 ; jmp 0x1b8c0 -loc_0001b63a: ; not directly referenced +loc_0001b6fe: ; not directly referenced mov eax, dword [ebp + 0x10] sub eax, 2 cmp eax, 9 -ja loc_0001b7e8 ; ja 0x1b7e8 -jmp dword [eax*4 + ref_00020540] ; ujmp: jmp dword [eax*4 + 0x20540] +ja loc_0001b8ac ; ja 0x1b8ac +jmp dword [eax*4 + ref_000205d0] ; ujmp: jmp dword [eax*4 + 0x205d0] -loc_0001b650: ; not directly referenced +loc_0001b714: ; not directly referenced sub esp, 0xc push 6 -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e mov ecx, dword [ebp + 0x1c] mov byte [ecx + 1], al mov dword [esp], 5 -jmp near loc_0001b727 ; jmp 0x1b727 +jmp near loc_0001b7eb ; jmp 0x1b7eb -loc_0001b66c: ; not directly referenced +loc_0001b730: ; not directly referenced cmp dword [edi], 1 -jbe loc_0001b722 ; jbe 0x1b722 +jbe loc_0001b7e6 ; jbe 0x1b7e6 xor esi, esi -loc_0001b677: ; not directly referenced +loc_0001b73b: ; not directly referenced cmp esi, dword [edi] -jae loc_0001b7e8 ; jae 0x1b7e8 +jae loc_0001b8ac ; jae 0x1b8ac sub esp, 0xc push 7 -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e mov ecx, dword [ebp + 0x1c] add esp, 0x10 mov byte [ecx + esi], al mov eax, dword [edi] lea edx, [eax - 2] cmp esi, edx -jne short loc_0001b6af ; jne 0x1b6af +jne short loc_0001b773 ; jne 0x1b773 sub esp, 0xc push 2 -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e pop edx pop ecx or eax, 0x20 movzx eax, al -jmp short loc_0001b6c5 ; jmp 0x1b6c5 +jmp short loc_0001b789 ; jmp 0x1b789 -loc_0001b6af: ; not directly referenced +loc_0001b773: ; not directly referenced dec eax cmp esi, eax -jne short loc_0001b6d0 ; jne 0x1b6d0 +jne short loc_0001b794 ; jne 0x1b794 sub esp, 0xc push 2 -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e pop edx pop ecx and eax, 0xdf -loc_0001b6c5: ; not directly referenced +loc_0001b789: ; not directly referenced push eax push 2 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b add esp, 0x10 -loc_0001b6d0: ; not directly referenced +loc_0001b794: ; not directly referenced push eax push eax push 0x80 push 0 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b mov eax, dword [edi] add esp, 0x10 dec eax cmp esi, eax -jae short loc_0001b71c ; jae 0x1b71c +jae short loc_0001b7e0 ; jae 0x1b7e0 mov dword [ebp - 0x2c], 0x64 -loc_0001b6ef: ; not directly referenced +loc_0001b7b3: ; not directly referenced sub esp, 0xc push 0 -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e add esp, 0x10 test al, al -js short loc_0001b71c ; js 0x1b71c +js short loc_0001b7e0 ; js 0x1b7e0 sub esp, 0xc push 0xa -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 dec dword [ebp - 0x2c] -jne short loc_0001b6ef ; jne 0x1b6ef +jne short loc_0001b7b3 ; jne 0x1b7b3 mov ebx, 0x80000012 -jmp near loc_0001b7e8 ; jmp 0x1b7e8 +jmp near loc_0001b8ac ; jmp 0x1b8ac -loc_0001b71c: ; not directly referenced +loc_0001b7e0: ; not directly referenced inc esi -jmp near loc_0001b677 ; jmp 0x1b677 +jmp near loc_0001b73b ; jmp 0x1b73b -loc_0001b722: ; not directly referenced +loc_0001b7e6: ; not directly referenced sub esp, 0xc push 5 -loc_0001b727: ; not directly referenced -call fcn_0001b25a ; call 0x1b25a +loc_0001b7eb: ; not directly referenced +call fcn_0001b31e ; call 0x1b31e mov ecx, dword [ebp + 0x1c] mov byte [ecx], al -jmp short loc_0001b741 ; jmp 0x1b741 +jmp short loc_0001b805 ; jmp 0x1b805 -loc_0001b733: ; not directly referenced +loc_0001b7f7: ; not directly referenced push eax push eax push 0x80 push 0 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b -loc_0001b741: ; not directly referenced +loc_0001b805: ; not directly referenced add esp, 0x10 -jmp near loc_0001b7e8 ; jmp 0x1b7e8 +jmp near loc_0001b8ac ; jmp 0x1b8ac -loc_0001b749: ; not directly referenced +loc_0001b80d: ; not directly referenced sub esp, 0xc xor esi, esi push 5 -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e add esp, 0x10 mov byte [ebp - 0x2d], al movzx edx, al mov al, 1 cmp dword [edi], edx -jb short loc_0001b786 ; jb 0x1b786 +jb short loc_0001b84a ; jb 0x1b84a -loc_0001b764: ; not directly referenced +loc_0001b828: ; not directly referenced cmp esi, edx -jae short loc_0001b784 ; jae 0x1b784 +jae short loc_0001b848 ; jae 0x1b848 sub esp, 0xc push 7 mov dword [ebp - 0x2c], edx -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e mov ecx, dword [ebp + 0x1c] add esp, 0x10 mov edx, dword [ebp - 0x2c] mov byte [ecx + esi], al inc esi -jmp short loc_0001b764 ; jmp 0x1b764 +jmp short loc_0001b828 ; jmp 0x1b828 -loc_0001b784: ; not directly referenced +loc_0001b848: ; not directly referenced xor eax, eax -loc_0001b786: ; not directly referenced +loc_0001b84a: ; not directly referenced test al, al mov eax, 0x80000005 mov dword [edi], edx cmovne ebx, eax -jmp short loc_0001b7e8 ; jmp 0x1b7e8 +jmp short loc_0001b8ac ; jmp 0x1b8ac -loc_0001b794: ; not directly referenced +loc_0001b858: ; not directly referenced sub esp, 0xc push 5 -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e add esp, 0x10 mov byte [ebp - 0x2d], al test al, al -je short loc_0001b7dc ; je 0x1b7dc +je short loc_0001b8a0 ; je 0x1b8a0 movzx eax, byte [edi] xor esi, esi movzx edx, byte [ebp - 0x2d] add eax, edx cmp eax, 0x20 -jg short loc_0001b7e3 ; jg 0x1b7e3 +jg short loc_0001b8a7 ; jg 0x1b8a7 -loc_0001b7b8: ; not directly referenced +loc_0001b87c: ; not directly referenced cmp esi, edx -jae short loc_0001b7d8 ; jae 0x1b7d8 +jae short loc_0001b89c ; jae 0x1b89c sub esp, 0xc push 7 mov dword [ebp - 0x2c], edx -call fcn_0001b25a ; call 0x1b25a +call fcn_0001b31e ; call 0x1b31e mov ecx, dword [ebp + 0x1c] add esp, 0x10 mov edx, dword [ebp - 0x2c] mov byte [ecx + esi], al inc esi -jmp short loc_0001b7b8 ; jmp 0x1b7b8 +jmp short loc_0001b87c ; jmp 0x1b87c -loc_0001b7d8: ; not directly referenced +loc_0001b89c: ; not directly referenced mov dword [edi], edx -jmp short loc_0001b7e8 ; jmp 0x1b7e8 +jmp short loc_0001b8ac ; jmp 0x1b8ac -loc_0001b7dc: ; not directly referenced +loc_0001b8a0: ; not directly referenced mov ebx, 0x80000005 -jmp short loc_0001b7e8 ; jmp 0x1b7e8 +jmp short loc_0001b8ac ; jmp 0x1b8ac -loc_0001b7e3: ; not directly referenced +loc_0001b8a7: ; not directly referenced mov ebx, 0x80000007 -loc_0001b7e8: ; not directly referenced +loc_0001b8ac: ; not directly referenced test byte [ebp - 0x19], 8 -je short loc_0001b825 ; je 0x1b825 +je short loc_0001b8e9 ; je 0x1b8e9 cmp ebx, 0x80000005 -je short loc_0001b825 ; je 0x1b825 +je short loc_0001b8e9 ; je 0x1b8e9 push eax push eax push 8 push 0 -loc_0001b7fc: ; not directly referenced -call fcn_0001b277 ; call 0x1b277 +loc_0001b8c0: ; not directly referenced +call fcn_0001b33b ; call 0x1b33b mov dword [esp], 0xa -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 add esp, 0x10 dec dword [ebp - 0x34] -jne loc_0001b370 ; jne 0x1b370 +jne loc_0001b434 ; jne 0x1b434 mov ebx, 0x80000007 -jmp short loc_0001b825 ; jmp 0x1b825 +jmp short loc_0001b8e9 ; jmp 0x1b8e9 -loc_0001b820: ; not directly referenced +loc_0001b8e4: ; not directly referenced mov ebx, 0x80000012 -loc_0001b825: ; not directly referenced +loc_0001b8e9: ; not directly referenced push eax push eax push 0xff push 0 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b pop edx pop ecx push 1 push 0xc -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b pop esi pop edi push 0 push 0xd -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b add esp, 0x10 mov eax, ebx -jmp short loc_0001b855 ; jmp 0x1b855 +jmp short loc_0001b919 ; jmp 0x1b919 -loc_0001b850: ; not directly referenced +loc_0001b914: ; not directly referenced mov eax, 0x80000002 -loc_0001b855: ; not directly referenced +loc_0001b919: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -46175,7 +46247,7 @@ pop edi pop ebp ret -fcn_0001b85d: ; not directly referenced +fcn_0001b921: ; not directly referenced push ebp mov ebp, esp push ebx @@ -46183,7 +46255,7 @@ sub esp, 8 push 3 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a pop edx pop ecx push 1 @@ -46191,94 +46263,94 @@ mov ebx, eax lea eax, [eax + 4] add ebx, 0x40 push eax -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0xc push 1 push 0xf9 push ebx -call fcn_000186c6 ; call 0x186c6 +call fcn_0001878a ; call 0x1878a pop ebx pop eax push 0xff push 0 -call fcn_0001b277 ; call 0x1b277 +call fcn_0001b33b ; call 0x1b33b add esp, 0x10 mov ebx, dword [ebp - 4] leave ret -fcn_0001b8a7: +fcn_0001b96b: push ebp mov ebp, esp push esi push ebx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001b8c6 ; je 0x1b8c6 +je short loc_0001b98a ; je 0x1b98a push ebx push ebx -push ref_00026331 ; push 0x26331 +push ref_000263e0 ; push 0x263e0 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001b8c6: +loc_0001b98a: sub esp, 0xc mov esi, 0x80000009 push 0x20 -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 mov ebx, eax test eax, eax -je loc_0001b969 ; je 0x1b969 +je loc_0001ba2d ; je 0x1ba2d sub esp, 0xc lea eax, [eax + 0xc] push eax -call fcn_0001ff03 ; call 0x1ff03 +call fcn_0001ff91 ; call 0x1ff91 lea eax, [ebx + 0x14] mov dword [ebx], 0x80000010 -mov dword [ebx + 4], ref_0002908c ; mov dword [ebx + 4], 0x2908c +mov dword [ebx + 4], ref_0002913c ; mov dword [ebx + 4], 0x2913c mov dword [ebx + 8], eax mov dword [esp], ebx -call fcn_00019667 ; call 0x19667 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001b94d ; je 0x1b94d +je short loc_0001ba11 ; je 0x1ba11 test ebx, ebx -jns short loc_0001b94d ; jns 0x1b94d -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001ba11 ; jns 0x1ba11 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001b938 ; je 0x1b938 +je short loc_0001b9fc ; je 0x1b9fc push ecx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001b938: +loc_0001b9fc: push edx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x4c -push ref_0002634a ; push 0x2634a -call fcn_000153fc ; call 0x153fc +push ref_000263f9 ; push 0x263f9 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001b94d: -call fcn_000153e9 ; call 0x153e9 +loc_0001ba11: +call fcn_00015479 ; call 0x15479 mov esi, ebx test al, al -je short loc_0001b969 ; je 0x1b969 +je short loc_0001ba2d ; je 0x1ba2d push eax push eax -push ref_0002636f ; push 0x2636f +push ref_0002641e ; push 0x2641e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001b969: +loc_0001ba2d: lea esp, [ebp - 8] mov eax, esi pop ebx @@ -46286,7 +46358,7 @@ pop esi pop ebp ret -fcn_0001b972: ; not directly referenced +fcn_0001ba36: ; not directly referenced push ebp mov ebp, esp push edi @@ -46296,83 +46368,83 @@ sub esp, 0x1c mov eax, dword [ebp + 8] sub eax, 4 cmp eax, 1 -ja short loc_0001b9c5 ; ja 0x1b9c5 +ja short loc_0001ba89 ; ja 0x1ba89 push 0 push 0 push 0 -push ref_00028fec ; push 0x28fec -call fcn_00019699 ; call 0x19699 +push ref_0002909c ; push 0x2909c +call fcn_0001975d ; call 0x1975d add esp, 0x10 test eax, eax -jne short loc_0001b9c5 ; jne 0x1b9c5 -call fcn_000153e9 ; call 0x153e9 +jne short loc_0001ba89 ; jne 0x1ba89 +call fcn_00015479 ; call 0x15479 mov ebx, 0x80000003 test al, al -je loc_0001ba35 ; je 0x1ba35 +je loc_0001baf9 ; je 0x1baf9 push ecx push ecx -push ref_00026386 ; push 0x26386 +push ref_00026435 ; push 0x26435 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_0001ba35 ; jmp 0x1ba35 +jmp short loc_0001baf9 ; jmp 0x1baf9 -loc_0001b9c5: ; not directly referenced +loc_0001ba89: ; not directly referenced xor ebx, ebx lea edi, [ebp - 0x1c] -loc_0001b9ca: ; not directly referenced +loc_0001ba8e: ; not directly referenced push edi push 0 push ebx -push ref_000290ac ; push 0x290ac -call fcn_00019699 ; call 0x19699 +push ref_0002915c ; push 0x2915c +call fcn_0001975d ; call 0x1975d add esp, 0x10 mov esi, eax test eax, eax -jne short loc_0001b9ee ; jne 0x1b9ee +jne short loc_0001bab2 ; jne 0x1bab2 mov eax, dword [ebp - 0x1c] sub esp, 0xc push dword [ebp + 8] call dword [eax] ; ucall -jmp short loc_0001ba27 ; jmp 0x1ba27 +jmp short loc_0001baeb ; jmp 0x1baeb -loc_0001b9ee: ; not directly referenced +loc_0001bab2: ; not directly referenced cmp eax, 0x8000000e -jne short loc_0001ba10 ; jne 0x1ba10 +jne short loc_0001bad4 ; jne 0x1bad4 test ebx, ebx -jne short loc_0001ba10 ; jne 0x1ba10 -call fcn_000153e9 ; call 0x153e9 +jne short loc_0001bad4 ; jne 0x1bad4 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001ba2a ; je 0x1ba2a +je short loc_0001baee ; je 0x1baee push edx push edx -push ref_000263b0 ; push 0x263b0 +push ref_0002645f ; push 0x2645f push 0x80000040 -jmp short loc_0001ba22 ; jmp 0x1ba22 +jmp short loc_0001bae6 ; jmp 0x1bae6 -loc_0001ba10: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001bad4: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001ba2a ; je 0x1ba2a +je short loc_0001baee ; je 0x1baee push eax push eax -push ref_000263db ; push 0x263db +push ref_0002648a ; push 0x2648a push 0x40 -loc_0001ba22: ; not directly referenced -call fcn_000153f7 ; call 0x153f7 +loc_0001bae6: ; not directly referenced +call fcn_00015487 ; call 0x15487 -loc_0001ba27: ; not directly referenced +loc_0001baeb: ; not directly referenced add esp, 0x10 -loc_0001ba2a: ; not directly referenced +loc_0001baee: ; not directly referenced inc ebx cmp esi, 0x8000000e -jne short loc_0001b9ca ; jne 0x1b9ca +jne short loc_0001ba8e ; jne 0x1ba8e xor ebx, ebx -loc_0001ba35: ; not directly referenced +loc_0001baf9: ; not directly referenced lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -46381,7 +46453,7 @@ pop edi pop ebp ret -fcn_0001ba3f: +fcn_0001bb03: push ebp mov ebp, esp push edi @@ -46390,20 +46462,20 @@ push ebx sub esp, 0x1c mov edi, dword [ebp + 8] test edi, edi -je loc_0001badd ; je 0x1badd +je loc_0001bba1 ; je 0x1bba1 push eax push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x40 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov esi, eax and esi, 0xfffc add esi, 8 mov dword [esp], esi -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 mov ecx, 0x64 xor edx, edx add esp, 0x10 @@ -46416,37 +46488,37 @@ mov ecx, edi and edi, 0xffffff shr ecx, 0x18 -loc_0001baa6: +loc_0001bb6a: test ecx, ecx setne dl cmp edi, ebx -jbe short loc_0001bad9 ; jbe 0x1bad9 +jbe short loc_0001bb9d ; jbe 0x1bb9d -loc_0001baaf: +loc_0001bb73: sub esp, 0xc push esi mov dword [ebp - 0x20], edx mov dword [ebp - 0x1c], ecx -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 add esp, 0x10 mov ecx, dword [ebp - 0x1c] mov edx, dword [ebp - 0x20] and eax, 0xffffff cmp eax, ebx -jae short loc_0001bad5 ; jae 0x1bad5 +jae short loc_0001bb99 ; jae 0x1bb99 test dl, dl -je short loc_0001badd ; je 0x1badd +je short loc_0001bba1 ; je 0x1bba1 dec ecx -loc_0001bad5: +loc_0001bb99: mov ebx, eax -jmp short loc_0001baa6 ; jmp 0x1baa6 +jmp short loc_0001bb6a ; jmp 0x1bb6a -loc_0001bad9: +loc_0001bb9d: test dl, dl -jne short loc_0001baaf ; jne 0x1baaf +jne short loc_0001bb73 ; jne 0x1bb73 -loc_0001badd: +loc_0001bba1: lea esp, [ebp - 0xc] pop ebx pop esi @@ -46454,7 +46526,7 @@ pop edi pop ebp ret -fcn_0001bae5: +fcn_0001bba9: push ebp mov ebp, esp push ebx @@ -46462,31 +46534,31 @@ sub esp, 0x10 mov ebx, dword [ebp + 8] lea eax, [ebx + 0x3804] push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 xor edx, edx test ah, 0x40 -je short loc_0001bb32 ; je 0x1bb32 +je short loc_0001bbf6 ; je 0x1bbf6 push eax push 0 push 0xffff8003 lea eax, [ebx + 0x38b0] add ebx, 0x38b4 push eax -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 mov dword [esp], ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 cmp eax, 0xff0a55a sete dl -loc_0001bb32: +loc_0001bbf6: mov al, dl mov ebx, dword [ebp - 4] leave ret -fcn_0001bb39: +fcn_0001bbfd: push ebp mov ebp, esp push ebx @@ -46494,148 +46566,148 @@ sub esp, 0x18 push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov ebx, eax lea eax, [eax + 8] add ebx, 2 mov dword [esp], eax -call fcn_00017cc7 ; call 0x17cc7 +call fcn_00017d8b ; call 0x17d8b mov dword [esp], ebx mov dl, al mov dword [ebp - 0xc], edx -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov edx, dword [ebp - 0xc] mov ecx, eax and ecx, 0xfffffffd cmp cx, 0x8c44 -je short loc_0001bbbc ; je 0x1bbbc +je short loc_0001bc80 ; je 0x1bc80 lea ecx, [eax + 0x73b2] cmp cx, 2 -jbe short loc_0001bbbc ; jbe 0x1bbbc +jbe short loc_0001bc80 ; jbe 0x1bc80 lea ecx, [eax + 0x73b7] cmp cx, 3 -jbe short loc_0001bbbc ; jbe 0x1bbbc +jbe short loc_0001bc80 ; jbe 0x1bc80 lea ecx, [eax + 0x73bf] cmp cx, 1 -jbe short loc_0001bbbc ; jbe 0x1bbbc +jbe short loc_0001bc80 ; jbe 0x1bc80 cmp ax, 0x8c58 -je short loc_0001bbbc ; je 0x1bbbc +je short loc_0001bc80 ; je 0x1bc80 mov ecx, eax and ecx, 0xfffffffb cmp cx, 0x8c52 -je short loc_0001bbbc ; je 0x1bbbc +je short loc_0001bc80 ; je 0x1bc80 mov ecx, eax and ecx, 0xfffffff7 cmp cx, 0x8c54 -jne short loc_0001bbe3 ; jne 0x1bbe3 +jne short loc_0001bca7 ; jne 0x1bca7 -loc_0001bbbc: +loc_0001bc80: cmp dl, 4 -je loc_0001bc99 ; je 0x1bc99 +je loc_0001bd5d ; je 0x1bd5d cmp dl, 5 -je short loc_0001bbd9 ; je 0x1bbd9 +je short loc_0001bc9d ; je 0x1bc9d mov eax, 1 cmp dl, 3 -jne short loc_0001bbfc ; jne 0x1bbfc -jmp near loc_0001bcac ; jmp 0x1bcac +jne short loc_0001bcc0 ; jne 0x1bcc0 +jmp near loc_0001bd70 ; jmp 0x1bd70 -loc_0001bbd9: +loc_0001bc9d: mov eax, 3 -jmp near loc_0001bcac ; jmp 0x1bcac +jmp near loc_0001bd70 ; jmp 0x1bd70 -loc_0001bbe3: +loc_0001bca7: lea ecx, [eax + 0x733f] cmp cx, 5 -ja short loc_0001bc11 ; ja 0x1bc11 +ja short loc_0001bcd5 ; ja 0x1bcd5 mov eax, 0x10 test dl, dl -je loc_0001bcac ; je 0x1bcac +je loc_0001bd70 ; je 0x1bd70 -loc_0001bbfc: -call fcn_000153e9 ; call 0x153e9 +loc_0001bcc0: +call fcn_00015479 ; call 0x15479 test al, al -je loc_0001bc92 ; je 0x1bc92 +je loc_0001bd56 ; je 0x1bd56 push ecx -push ref_00026405 ; push 0x26405 -jmp short loc_0001bc80 ; jmp 0x1bc80 +push ref_000264b4 ; push 0x264b4 +jmp short loc_0001bd44 ; jmp 0x1bd44 -loc_0001bc11: +loc_0001bcd5: lea ecx, [eax + 0x63bf] cmp cx, 6 -ja short loc_0001bc4b ; ja 0x1bc4b +ja short loc_0001bd0f ; ja 0x1bd0f cmp dl, 3 -je short loc_0001bca0 ; je 0x1bca0 +je short loc_0001bd64 ; je 0x1bd64 cmp dl, 4 -je short loc_0001bc33 ; je 0x1bc33 +je short loc_0001bcf7 ; je 0x1bcf7 mov eax, 0x20 cmp dl, 2 -jne short loc_0001bc3a ; jne 0x1bc3a -jmp short loc_0001bcac ; jmp 0x1bcac +jne short loc_0001bcfe ; jne 0x1bcfe +jmp short loc_0001bd70 ; jmp 0x1bd70 -loc_0001bc33: +loc_0001bcf7: mov eax, 0x22 -jmp short loc_0001bcac ; jmp 0x1bcac +jmp short loc_0001bd70 ; jmp 0x1bd70 -loc_0001bc3a: -call fcn_000153e9 ; call 0x153e9 +loc_0001bcfe: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001bc92 ; je 0x1bc92 +je short loc_0001bd56 ; je 0x1bd56 push edx -push ref_0002640c ; push 0x2640c -jmp short loc_0001bc80 ; jmp 0x1bc80 +push ref_000264bb ; push 0x264bb +jmp short loc_0001bd44 ; jmp 0x1bd44 -loc_0001bc4b: +loc_0001bd0f: add ax, 0x633f cmp ax, 0xa -ja short loc_0001bc92 ; ja 0x1bc92 +ja short loc_0001bd56 ; ja 0x1bd56 cmp dl, 2 -je short loc_0001bca7 ; je 0x1bca7 +je short loc_0001bd6b ; je 0x1bd6b cmp dl, 3 -je short loc_0001bc6a ; je 0x1bc6a +je short loc_0001bd2e ; je 0x1bd2e dec dl -jne short loc_0001bc71 ; jne 0x1bc71 +jne short loc_0001bd35 ; jne 0x1bd35 mov eax, 0x41 -jmp short loc_0001bcac ; jmp 0x1bcac +jmp short loc_0001bd70 ; jmp 0x1bd70 -loc_0001bc6a: +loc_0001bd2e: mov eax, 0x43 -jmp short loc_0001bcac ; jmp 0x1bcac +jmp short loc_0001bd70 ; jmp 0x1bd70 -loc_0001bc71: -call fcn_000153e9 ; call 0x153e9 +loc_0001bd35: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001bc92 ; je 0x1bc92 +je short loc_0001bd56 ; je 0x1bd56 push eax -push ref_00026414 ; push 0x26414 +push ref_000264c3 ; push 0x264c3 -loc_0001bc80: -push ref_000295b0 ; push 0x295b0 +loc_0001bd44: +push ref_00029660 ; push 0x29660 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001bc92: +loc_0001bd56: mov eax, 0x44 -jmp short loc_0001bcac ; jmp 0x1bcac +jmp short loc_0001bd70 ; jmp 0x1bd70 -loc_0001bc99: +loc_0001bd5d: mov eax, 2 -jmp short loc_0001bcac ; jmp 0x1bcac +jmp short loc_0001bd70 ; jmp 0x1bd70 -loc_0001bca0: +loc_0001bd64: mov eax, 0x21 -jmp short loc_0001bcac ; jmp 0x1bcac +jmp short loc_0001bd70 ; jmp 0x1bd70 -loc_0001bca7: +loc_0001bd6b: mov eax, 0x42 -loc_0001bcac: +loc_0001bd70: mov ebx, dword [ebp - 4] leave ret -fcn_0001bcb1: +fcn_0001bd75: push ebp mov ebp, esp push esi @@ -46644,68 +46716,68 @@ push edx push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax lea eax, [eax + 2] mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov dword [esp], esi movzx ebx, ax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp ax, 0x8086 -jne short loc_0001bd5c ; jne 0x1bd5c +jne short loc_0001be20 ; jne 0x1be20 mov eax, ebx mov esi, 1 and eax, 0xfffffffd cmp ax, 0x8c44 -je loc_0001bd82 ; je 0x1bd82 +je loc_0001be46 ; je 0x1be46 lea eax, [ebx + 0x73b2] cmp ax, 2 -jbe short loc_0001bd82 ; jbe 0x1bd82 +jbe short loc_0001be46 ; jbe 0x1be46 lea eax, [ebx + 0x73b7] cmp ax, 3 -jbe short loc_0001bd82 ; jbe 0x1bd82 +jbe short loc_0001be46 ; jbe 0x1be46 lea eax, [ebx + 0x73bf] cmp ax, 1 -jbe short loc_0001bd82 ; jbe 0x1bd82 +jbe short loc_0001be46 ; jbe 0x1be46 cmp bx, 0x8c58 -je short loc_0001bd82 ; je 0x1bd82 +je short loc_0001be46 ; je 0x1be46 mov eax, ebx and eax, 0xfffffffb cmp ax, 0x8c52 -je short loc_0001bd7d ; je 0x1bd7d +je short loc_0001be41 ; je 0x1be41 mov eax, ebx and eax, 0xfffffff7 cmp ax, 0x8c54 -je short loc_0001bd7d ; je 0x1bd7d +je short loc_0001be41 ; je 0x1be41 lea eax, [ebx + 0x63bf] cmp ax, 6 -jbe short loc_0001bd82 ; jbe 0x1bd82 +jbe short loc_0001be46 ; jbe 0x1be46 lea eax, [ebx + 0x733f] cmp ax, 5 -jbe short loc_0001bd7d ; jbe 0x1bd7d +jbe short loc_0001be41 ; jbe 0x1be41 lea eax, [ebx + 0x633f] cmp ax, 0xa -jbe short loc_0001bd82 ; jbe 0x1bd82 +jbe short loc_0001be46 ; jbe 0x1be46 -loc_0001bd5c: -call fcn_000153e9 ; call 0x153e9 +loc_0001be20: +call fcn_00015479 ; call 0x15479 xor esi, esi test al, al -je short loc_0001bd82 ; je 0x1bd82 +je short loc_0001be46 ; je 0x1be46 push eax push ebx -push ref_0002641c ; push 0x2641c +push ref_000264cb ; push 0x264cb push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_0001bd82 ; jmp 0x1bd82 +jmp short loc_0001be46 ; jmp 0x1be46 -loc_0001bd7d: +loc_0001be41: mov esi, 1 -loc_0001bd82: +loc_0001be46: lea esp, [ebp - 8] mov eax, esi pop ebx @@ -46713,7 +46785,7 @@ pop esi pop ebp ret -fcn_0001bd8b: +fcn_0001be4f: push ebp mov ebp, esp push ebx @@ -46721,58 +46793,58 @@ push ebx mov eax, dword [ebp + 0xc] mov ebx, dword [ebp + 8] cmp al, 1 -je short loc_0001bda6 ; je 0x1bda6 +je short loc_0001be6a ; je 0x1be6a xor edx, edx cmp al, 1 sbb eax, eax and eax, 0xfffffff0 dec eax -jmp short loc_0001bdae ; jmp 0x1bdae +jmp short loc_0001be72 ; jmp 0x1be72 -loc_0001bda6: +loc_0001be6a: mov edx, 0x10 or eax, 0xffffffff -loc_0001bdae: +loc_0001be72: push ecx add ebx, 0x3410 push edx push eax push ebx -call fcn_00018aa4 ; call 0x18aa4 +call fcn_00018b68 ; call 0x18b68 add esp, 0x10 mov dword [ebp + 8], ebx mov ebx, dword [ebp - 4] leave -jmp near fcn_00017d8a ; jmp 0x17d8a +jmp near fcn_00017e4e ; jmp 0x17e4e -fcn_0001bdcc: +fcn_0001be90: push ebp mov ebp, esp push ebx sub esp, 0x10 mov ebx, dword [ebp + 8] push ebx -call fcn_0001bae5 ; call 0x1bae5 +call fcn_0001bba9 ; call 0x1bba9 add esp, 0x10 xor edx, edx dec al -jne short loc_0001bdff ; jne 0x1bdff +jne short loc_0001bec3 ; jne 0x1bec3 sub esp, 0xc add ebx, 0x3860 push ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 cmp eax, 0x7fff setne dl -loc_0001bdff: +loc_0001bec3: mov al, dl mov ebx, dword [ebp - 4] leave ret -fcn_0001be06: ; not directly referenced +fcn_0001beca: ; not directly referenced push ebp mov ebp, esp push edi @@ -46782,10 +46854,10 @@ sub esp, 0x10 push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xf0 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov esi, eax pop eax and esi, 0xffffc000 @@ -46794,36 +46866,36 @@ lea ebx, [esi + 0x38b0] add esi, 0x38b4 push 0xffff8003 push ebx -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e pop ecx pop edi push 0x4010 push ebx -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov dword [esp], esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edi, eax pop eax pop edx push 0xffff8003 push ebx -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e pop ecx pop eax push 0x403c push ebx -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov dword [esp], esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 xor edx, edx and edi, 3 -je short loc_0001be93 ; je 0x1be93 +je short loc_0001bf57 ; je 0x1bf57 shr eax, 6 mov edx, eax and edx, 1 -loc_0001be93: ; not directly referenced +loc_0001bf57: ; not directly referenced lea esp, [ebp - 0xc] mov al, dl pop ebx @@ -46832,7 +46904,7 @@ pop edi pop ebp ret -fcn_0001be9d: ; not directly referenced +fcn_0001bf61: ; not directly referenced push ebp mov ebp, esp push esi @@ -46840,38 +46912,38 @@ push ebx mov ebx, dword [ebp + 8] sub esp, 0xc push ebx -call fcn_0001bae5 ; call 0x1bae5 +call fcn_0001bba9 ; call 0x1bba9 add esp, 0x10 mov dl, al xor eax, eax test dl, dl -je short loc_0001bef0 ; je 0x1bef0 +je short loc_0001bfb4 ; je 0x1bfb4 push eax push eax push 0xffff8003 lea esi, [ebx + 0x38b0] add ebx, 0x38b4 push esi -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e pop edx pop ecx push 0x4024 push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 mov dword [esp], ebx -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 shr eax, 0xe and eax, 1 -loc_0001bef0: ; not directly referenced +loc_0001bfb4: ; not directly referenced lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0001bef7: +fcn_0001bfbb: push ebp mov ebp, esp push esi @@ -46881,72 +46953,72 @@ push ecx push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 movzx ebx, ax mov eax, ebx and eax, 0xfffffffd cmp ax, 0x8c44 -je loc_0001bff0 ; je 0x1bff0 +je loc_0001c0b4 ; je 0x1c0b4 lea eax, [ebx + 0x73b2] cmp ax, 2 -jbe loc_0001bff0 ; jbe 0x1bff0 +jbe loc_0001c0b4 ; jbe 0x1c0b4 lea eax, [ebx + 0x73b7] cmp ax, 3 -jbe loc_0001bff0 ; jbe 0x1bff0 +jbe loc_0001c0b4 ; jbe 0x1c0b4 lea eax, [ebx + 0x73bf] cmp ax, 1 -jbe loc_0001bff0 ; jbe 0x1bff0 +jbe loc_0001c0b4 ; jbe 0x1c0b4 cmp bx, 0x8c58 -je loc_0001bff0 ; je 0x1bff0 +je loc_0001c0b4 ; je 0x1c0b4 mov eax, ebx and eax, 0xfffffffb cmp ax, 0x8c52 -je short loc_0001bfeb ; je 0x1bfeb +je short loc_0001c0af ; je 0x1c0af mov eax, ebx and eax, 0xfffffff7 cmp ax, 0x8c54 -je short loc_0001bfeb ; je 0x1bfeb +je short loc_0001c0af ; je 0x1c0af lea eax, [ebx + 0x733f] cmp ax, 5 -jbe short loc_0001bff0 ; jbe 0x1bff0 +jbe short loc_0001c0b4 ; jbe 0x1c0b4 lea eax, [ebx + 0x63bf] mov si, 2 cmp ax, 6 -jbe short loc_0001bff0 ; jbe 0x1bff0 +jbe short loc_0001c0b4 ; jbe 0x1c0b4 lea eax, [ebx + 0x633f] cmp ax, 0xa -jbe short loc_0001bff0 ; jbe 0x1bff0 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_0001c0b4 ; jbe 0x1c0b4 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001bfc3 ; je 0x1bfc3 +je short loc_0001c087 ; je 0x1c087 push edx push ebx -push ref_0002644f ; push 0x2644f +push ref_000264fe ; push 0x264fe push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001bfc3: -call fcn_000153f0 ; call 0x153f0 +loc_0001c087: +call fcn_00015480 ; call 0x15480 mov esi, 3 test al, al -je short loc_0001bff0 ; je 0x1bff0 +je short loc_0001c0b4 ; je 0x1c0b4 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x1cd -push ref_0002647a ; push 0x2647a -call fcn_000153fc ; call 0x153fc +push ref_00026529 ; push 0x26529 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp short loc_0001bff0 ; jmp 0x1bff0 +jmp short loc_0001c0b4 ; jmp 0x1c0b4 -loc_0001bfeb: +loc_0001c0af: mov esi, 1 -loc_0001bff0: +loc_0001c0b4: lea esp, [ebp - 8] mov eax, esi pop ebx @@ -46954,7 +47026,7 @@ pop esi pop ebp ret -fcn_0001bff9: +fcn_0001c0bd: push ebp mov ebp, esp push esi @@ -46964,72 +47036,72 @@ push ecx push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 movzx ebx, ax mov eax, ebx and eax, 0xfffffffd cmp ax, 0x8c44 -je loc_0001c0f2 ; je 0x1c0f2 +je loc_0001c1b6 ; je 0x1c1b6 lea eax, [ebx + 0x73b2] cmp ax, 2 -jbe loc_0001c0f2 ; jbe 0x1c0f2 +jbe loc_0001c1b6 ; jbe 0x1c1b6 lea eax, [ebx + 0x73b7] cmp ax, 3 -jbe loc_0001c0f2 ; jbe 0x1c0f2 +jbe loc_0001c1b6 ; jbe 0x1c1b6 lea eax, [ebx + 0x73bf] cmp ax, 1 -jbe loc_0001c0f2 ; jbe 0x1c0f2 +jbe loc_0001c1b6 ; jbe 0x1c1b6 cmp bx, 0x8c58 -je loc_0001c0f2 ; je 0x1c0f2 +je loc_0001c1b6 ; je 0x1c1b6 mov eax, ebx and eax, 0xfffffffb cmp ax, 0x8c52 -je short loc_0001c0ed ; je 0x1c0ed +je short loc_0001c1b1 ; je 0x1c1b1 mov eax, ebx and eax, 0xfffffff7 cmp ax, 0x8c54 -je short loc_0001c0ed ; je 0x1c0ed +je short loc_0001c1b1 ; je 0x1c1b1 lea eax, [ebx + 0x63bf] cmp ax, 6 -jbe short loc_0001c0f2 ; jbe 0x1c0f2 +jbe short loc_0001c1b6 ; jbe 0x1c1b6 lea eax, [ebx + 0x733f] cmp ax, 5 -jbe short loc_0001c0f2 ; jbe 0x1c0f2 +jbe short loc_0001c1b6 ; jbe 0x1c1b6 lea eax, [ebx + 0x633f] mov si, 2 cmp ax, 0xa -jbe short loc_0001c0f2 ; jbe 0x1c0f2 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_0001c1b6 ; jbe 0x1c1b6 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001c0c5 ; je 0x1c0c5 +je short loc_0001c189 ; je 0x1c189 push edx push ebx -push ref_0002644f ; push 0x2644f +push ref_000264fe ; push 0x264fe push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001c0c5: -call fcn_000153f0 ; call 0x153f0 +loc_0001c189: +call fcn_00015480 ; call 0x15480 mov esi, 3 test al, al -je short loc_0001c0f2 ; je 0x1c0f2 +je short loc_0001c1b6 ; je 0x1c1b6 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x1ec -push ref_0002647a ; push 0x2647a -call fcn_000153fc ; call 0x153fc +push ref_00026529 ; push 0x26529 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp short loc_0001c0f2 ; jmp 0x1c0f2 +jmp short loc_0001c1b6 ; jmp 0x1c1b6 -loc_0001c0ed: +loc_0001c1b1: mov esi, 1 -loc_0001c0f2: +loc_0001c1b6: lea esp, [ebp - 8] mov eax, esi pop ebx @@ -47037,209 +47109,209 @@ pop esi pop ebp ret -fcn_0001c0fb: +fcn_0001c1bf: push ebp mov ebp, esp sub esp, 8 -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 1 -je short loc_0001c117 ; je 0x1c117 +je short loc_0001c1db ; je 0x1c1db xor edx, edx cmp eax, 2 mov al, 6 cmove edx, eax -jmp short loc_0001c119 ; jmp 0x1c119 +jmp short loc_0001c1dd ; jmp 0x1c1dd -loc_0001c117: +loc_0001c1db: mov dl, 8 -loc_0001c119: +loc_0001c1dd: mov al, dl leave ret -fcn_0001c11d: +fcn_0001c1e1: push ebp mov ebp, esp sub esp, 8 -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 1 -je short loc_0001c138 ; je 0x1c138 +je short loc_0001c1fc ; je 0x1c1fc cmp eax, 2 sete al shl eax, 2 -jmp short loc_0001c13a ; jmp 0x1c13a +jmp short loc_0001c1fe ; jmp 0x1c1fe -loc_0001c138: +loc_0001c1fc: mov al, 6 -loc_0001c13a: +loc_0001c1fe: leave ret -fcn_0001c13c: ; not directly referenced +fcn_0001c200: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 1 -je short loc_0001c154 ; je 0x1c154 +je short loc_0001c218 ; je 0x1c218 cmp eax, 2 sete al -jmp short loc_0001c156 ; jmp 0x1c156 +jmp short loc_0001c21a ; jmp 0x1c21a -loc_0001c154: ; not directly referenced +loc_0001c218: ; not directly referenced mov al, 2 -loc_0001c156: ; not directly referenced +loc_0001c21a: ; not directly referenced leave ret -fcn_0001c158: ; not directly referenced +fcn_0001c21c: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd cmp eax, 1 -jne short loc_0001c176 ; jne 0x1c176 -call fcn_0001bef7 ; call 0x1bef7 +jne short loc_0001c23a ; jne 0x1c23a +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 1 -jne short loc_0001c176 ; jne 0x1c176 +jne short loc_0001c23a ; jne 0x1c23a mov al, 0xe -jmp short loc_0001c17f ; jmp 0x1c17f +jmp short loc_0001c243 ; jmp 0x1c243 -loc_0001c176: ; not directly referenced +loc_0001c23a: ; not directly referenced cmp eax, 2 sete al shl eax, 3 -loc_0001c17f: ; not directly referenced +loc_0001c243: ; not directly referenced leave ret -fcn_0001c181: +fcn_0001c245: push ebp mov ebp, esp sub esp, 8 -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 1 -je short loc_0001c199 ; je 0x1c199 +je short loc_0001c25d ; je 0x1c25d cmp eax, 2 sete al -jmp short loc_0001c19b ; jmp 0x1c19b +jmp short loc_0001c25f ; jmp 0x1c25f -loc_0001c199: +loc_0001c25d: mov al, 2 -loc_0001c19b: +loc_0001c25f: leave ret -fcn_0001c19d: +fcn_0001c261: push ebp mov ebp, esp sub esp, 8 -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd cmp eax, 1 -jne short loc_0001c1c6 ; jne 0x1c1c6 -call fcn_0001bef7 ; call 0x1bef7 +jne short loc_0001c28a ; jne 0x1c28a +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 1 -je short loc_0001c1c2 ; je 0x1c1c2 +je short loc_0001c286 ; je 0x1c286 cmp eax, 2 sete dl shl edx, 3 -jmp short loc_0001c1d0 ; jmp 0x1c1d0 +jmp short loc_0001c294 ; jmp 0x1c294 -loc_0001c1c2: +loc_0001c286: mov dl, 0xe -jmp short loc_0001c1d0 ; jmp 0x1c1d0 +jmp short loc_0001c294 ; jmp 0x1c294 -loc_0001c1c6: +loc_0001c28a: cmp eax, 2 mov dl, 0xa mov al, 0 cmovne edx, eax -loc_0001c1d0: +loc_0001c294: mov al, dl leave ret -fcn_0001c1d4: +fcn_0001c298: push ebp mov ebp, esp sub esp, 8 -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd cmp eax, 1 -jne short loc_0001c1f2 ; jne 0x1c1f2 -call fcn_0001bef7 ; call 0x1bef7 +jne short loc_0001c2b6 ; jne 0x1c2b6 +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 1 -jne short loc_0001c1f2 ; jne 0x1c1f2 +jne short loc_0001c2b6 ; jne 0x1c2b6 mov al, 0xe -jmp short loc_0001c1fb ; jmp 0x1c1fb +jmp short loc_0001c2bf ; jmp 0x1c2bf -loc_0001c1f2: +loc_0001c2b6: cmp eax, 2 sete al shl eax, 3 -loc_0001c1fb: +loc_0001c2bf: leave ret -fcn_0001c1fd: +fcn_0001c2c1: push ebp mov ebp, esp sub esp, 8 -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd cmp eax, 1 -jne short loc_0001c226 ; jne 0x1c226 -call fcn_0001bef7 ; call 0x1bef7 +jne short loc_0001c2ea ; jne 0x1c2ea +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 1 -je short loc_0001c222 ; je 0x1c222 +je short loc_0001c2e6 ; je 0x1c2e6 cmp eax, 2 sete dl lea edx, [edx + edx*8] -jmp short loc_0001c230 ; jmp 0x1c230 +jmp short loc_0001c2f4 ; jmp 0x1c2f4 -loc_0001c222: +loc_0001c2e6: mov dl, 0xf -jmp short loc_0001c230 ; jmp 0x1c230 +jmp short loc_0001c2f4 ; jmp 0x1c2f4 -loc_0001c226: +loc_0001c2ea: cmp eax, 2 mov dl, 0xb mov al, 0 cmovne edx, eax -loc_0001c230: +loc_0001c2f4: mov al, dl leave ret -fcn_0001c234: +fcn_0001c2f8: push ebp mov ebp, esp sub esp, 8 -call fcn_0001bff9 ; call 0x1bff9 +call fcn_0001c0bd ; call 0x1c0bd cmp eax, 1 -jne short loc_0001c252 ; jne 0x1c252 -call fcn_0001bef7 ; call 0x1bef7 +jne short loc_0001c316 ; jne 0x1c316 +call fcn_0001bfbb ; call 0x1bfbb cmp eax, 1 -jne short loc_0001c252 ; jne 0x1c252 +jne short loc_0001c316 ; jne 0x1c316 mov al, 6 -jmp short loc_0001c25b ; jmp 0x1c25b +jmp short loc_0001c31f ; jmp 0x1c31f -loc_0001c252: +loc_0001c316: cmp eax, 2 sete al shl eax, 2 -loc_0001c25b: +loc_0001c31f: leave ret -fcn_0001c25d: +fcn_0001c321: push ebp mov ebp, esp push esi @@ -47248,58 +47320,58 @@ push eax push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov esi, eax lea eax, [eax + 0xa2] add esi, 0xa4 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov dword [esp], esi mov ebx, eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov ecx, dword [ebp + 8] add esp, 0x10 lea edx, [ecx - 1] cmp edx, 4 -ja short loc_0001c2d0 ; ja 0x1c2d0 -jmp dword [edx*4 + ref_00020568] ; ujmp: jmp dword [edx*4 + 0x20568] +ja short loc_0001c394 ; ja 0x1c394 +jmp dword [edx*4 + ref_000205f8] ; ujmp: jmp dword [edx*4 + 0x205f8] -loc_0001c2a3: +loc_0001c367: shr bx, 5 -jmp short loc_0001c2b3 ; jmp 0x1c2b3 +jmp short loc_0001c377 ; jmp 0x1c377 -loc_0001c2a9: +loc_0001c36d: shr ax, 1 mov edx, eax -jmp short loc_0001c2b9 ; jmp 0x1c2b9 +jmp short loc_0001c37d ; jmp 0x1c37d -loc_0001c2b0: +loc_0001c374: shr bx, 1 -loc_0001c2b3: +loc_0001c377: mov edx, ebx -jmp short loc_0001c2b9 ; jmp 0x1c2b9 +jmp short loc_0001c37d ; jmp 0x1c37d -loc_0001c2b7: +loc_0001c37b: mov dl, bl -loc_0001c2b9: +loc_0001c37d: and edx, 1 -jmp short loc_0001c2d2 ; jmp 0x1c2d2 +jmp short loc_0001c396 ; jmp 0x1c396 -loc_0001c2be: +loc_0001c382: xor edx, edx test al, 2 -je short loc_0001c2d2 ; je 0x1c2d2 +je short loc_0001c396 ; je 0x1c396 and ebx, 0x22 cmp bx, 2 sete dl -jmp short loc_0001c2d2 ; jmp 0x1c2d2 +jmp short loc_0001c396 ; jmp 0x1c396 -loc_0001c2d0: +loc_0001c394: xor edx, edx -loc_0001c2d2: +loc_0001c396: lea esp, [ebp - 8] mov al, dl pop ebx @@ -47307,7 +47379,7 @@ pop esi pop ebp ret -fcn_0001c2db: ; not directly referenced +fcn_0001c39f: ; not directly referenced push ebp mov ebp, esp push ebx @@ -47317,7 +47389,7 @@ mov ebx, dword [ebp + 0xc] add eax, 0x404 push eax movzx ebx, bl -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e lea ecx, [ebx*4] mov ebx, dword [ebp - 4] leave @@ -47325,7 +47397,7 @@ shr eax, cl and eax, 7 ret -fcn_0001c307: ; not directly referenced +fcn_0001c3cb: ; not directly referenced push ebp mov ebp, esp push edi @@ -47337,36 +47409,36 @@ mov eax, dword [ebp + 8] movzx edi, byte [ebp + 0xc] lea esi, [eax + 0x404] -loc_0001c31f: ; not directly referenced -call fcn_0001c0fb ; call 0x1c0fb +loc_0001c3e3: ; not directly referenced +call fcn_0001c1bf ; call 0x1c1bf cmp bl, al -jae short loc_0001c346 ; jae 0x1c346 +jae short loc_0001c40a ; jae 0x1c40a sub esp, 0xc push esi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e movzx ecx, bl add esp, 0x10 shl ecx, 2 shr eax, cl and eax, 7 cmp eax, edi -je short loc_0001c369 ; je 0x1c369 +je short loc_0001c42d ; je 0x1c42d inc ebx -jmp short loc_0001c31f ; jmp 0x1c31f +jmp short loc_0001c3e3 ; jmp 0x1c3e3 -loc_0001c346: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001c40a: ; not directly referenced +call fcn_00015480 ; call 0x15480 mov bl, 0xff test al, al -je short loc_0001c369 ; je 0x1c369 +je short loc_0001c42d ; je 0x1c42d push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x390 -push ref_0002647a ; push 0x2647a -call fcn_000153fc ; call 0x153fc +push ref_00026529 ; push 0x26529 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001c369: ; not directly referenced +loc_0001c42d: ; not directly referenced lea esp, [ebp - 0xc] mov al, bl pop ebx @@ -47375,7 +47447,7 @@ pop edi pop ebp ret -fcn_0001c373: ; not directly referenced +fcn_0001c437: ; not directly referenced push ebp mov ebp, esp push ebx @@ -47383,17 +47455,17 @@ sub esp, 0x18 push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xf0 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ebx, eax pop eax and ebx, 0xffffc000 pop edx push 0 push ebx -call fcn_0001c2db ; call 0x1c2db +call fcn_0001c39f ; call 0x1c39f pop ecx pop edx lea edx, [ebp - 0xd] @@ -47406,90 +47478,90 @@ push eax push 4 push 0xe00000fc push ebx -call fcn_00009e5f ; call 0x9e5f +call fcn_00009ecd ; call 0x9ecd add esp, 0x20 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001c409 ; je 0x1c409 +je short loc_0001c4cd ; je 0x1c4cd test ebx, ebx -jns short loc_0001c409 ; jns 0x1c409 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001c4cd ; jns 0x1c4cd +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001c3f1 ; je 0x1c3f1 +je short loc_0001c4b5 ; je 0x1c4b5 push eax push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001c3f1: ; not directly referenced +loc_0001c4b5: ; not directly referenced push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x3b7 -push ref_0002647a ; push 0x2647a -call fcn_000153fc ; call 0x153fc +push ref_00026529 ; push 0x26529 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001c409: ; not directly referenced +loc_0001c4cd: ; not directly referenced mov ebx, dword [ebp - 0xc] test ebx, 0x80000 -je short loc_0001c47f ; je 0x1c47f +je short loc_0001c543 ; je 0x1c543 and ebx, 0x70000 shr ebx, 0x10 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001c437 ; je 0x1c437 +je short loc_0001c4fb ; je 0x1c4fb push edx push ebx -push ref_000264b6 ; push 0x264b6 +push ref_00026565 ; push 0x26565 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001c437: ; not directly referenced -call fcn_0001bef7 ; call 0x1bef7 +loc_0001c4fb: ; not directly referenced +call fcn_0001bfbb ; call 0x1bfbb lea edx, [ebx + 1] cmp eax, 2 -jne short loc_0001c488 ; jne 0x1c488 +jne short loc_0001c54c ; jne 0x1c54c cmp ebx, 1 -je short loc_0001c483 ; je 0x1c483 -jb short loc_0001c457 ; jb 0x1c457 +je short loc_0001c547 ; je 0x1c547 +jb short loc_0001c51b ; jb 0x1c51b cmp ebx, 5 -ja short loc_0001c45e ; ja 0x1c45e +ja short loc_0001c522 ; ja 0x1c522 mov edx, 5 -jmp short loc_0001c488 ; jmp 0x1c488 +jmp short loc_0001c54c ; jmp 0x1c54c -loc_0001c457: ; not directly referenced +loc_0001c51b: ; not directly referenced mov edx, 3 -jmp short loc_0001c488 ; jmp 0x1c488 +jmp short loc_0001c54c ; jmp 0x1c54c -loc_0001c45e: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001c522: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001c47f ; je 0x1c47f +je short loc_0001c543 ; je 0x1c543 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x3c7 -push ref_0002647a ; push 0x2647a -call fcn_000153fc ; call 0x153fc +push ref_00026529 ; push 0x26529 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001c47f: ; not directly referenced +loc_0001c543: ; not directly referenced xor edx, edx -jmp short loc_0001c488 ; jmp 0x1c488 +jmp short loc_0001c54c ; jmp 0x1c54c -loc_0001c483: ; not directly referenced +loc_0001c547: ; not directly referenced mov edx, 4 -loc_0001c488: ; not directly referenced +loc_0001c54c: ; not directly referenced mov eax, edx mov ebx, dword [ebp - 4] leave ret -fcn_0001c48f: ; not directly referenced +fcn_0001c553: ; not directly referenced push ebp mov eax, 0x80000002 mov ebp, esp @@ -47501,30 +47573,30 @@ mov ebx, dword [ebp + 8] mov edi, dword [ebp + 0xc] mov esi, dword [ebp + 0x10] cmp ebx, 7 -ja short loc_0001c505 ; ja 0x1c505 +ja short loc_0001c5c9 ; ja 0x1c5c9 push eax push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0xf0 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 and eax, 0xffffc000 cmp ebx, 7 -je short loc_0001c4dd ; je 0x1c4dd +je short loc_0001c5a1 ; je 0x1c5a1 sub esp, 0xc lea eax, [eax + ebx*4 + 0x3854] -jmp short loc_0001c4e5 ; jmp 0x1c4e5 +jmp short loc_0001c5a9 ; jmp 0x1c5a9 -loc_0001c4dd: ; not directly referenced +loc_0001c5a1: ; not directly referenced sub esp, 0xc add eax, 0x3800 -loc_0001c4e5: ; not directly referenced +loc_0001c5a9: ; not directly referenced push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 mov edx, eax and ax, 0x7fff @@ -47534,7 +47606,7 @@ mov word [edi], dx mov word [esi], ax xor eax, eax -loc_0001c505: ; not directly referenced +loc_0001c5c9: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -47542,7 +47614,7 @@ pop edi pop ebp ret -fcn_0001c50d: +fcn_0001c5d1: push ebp mov ebp, esp push edi @@ -47551,53 +47623,53 @@ push ebx sub esp, 0xc mov edi, dword [ebp + 8] mov ebx, dword [ebp + 0xc] -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001c536 ; je 0x1c536 +je short loc_0001c5fa ; je 0x1c5fa push eax push eax -push ref_000264c5 ; push 0x264c5 +push ref_00026574 ; push 0x26574 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001c536: +loc_0001c5fa: dec bl lea esi, [edi + 0x3428] -jne short loc_0001c55c ; jne 0x1c55c +jne short loc_0001c620 ; jne 0x1c620 push ecx push ecx push 0x10 lea ebx, [edi + 0x3424] push ebx -call fcn_00017d40 ; call 0x17d40 +call fcn_00017e04 ; call 0x17e04 pop ebx pop edi push 1 push esi -call fcn_00018a50 ; call 0x18a50 -jmp short loc_0001c566 ; jmp 0x1c566 +call fcn_00018b14 ; call 0x18b14 +jmp short loc_0001c62a ; jmp 0x1c62a -loc_0001c55c: +loc_0001c620: push edx push edx push 0xfffffffffffffffe push esi -call fcn_00018a7a ; call 0x18a7a +call fcn_00018b3e ; call 0x18b3e -loc_0001c566: +loc_0001c62a: add esp, 0x10 -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001c583 ; je 0x1c583 +je short loc_0001c647 ; je 0x1c647 push eax push eax -push ref_000264df ; push 0x264df +push ref_0002658e ; push 0x2658e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001c583: +loc_0001c647: lea esp, [ebp - 0xc] xor eax, eax pop ebx @@ -47606,7 +47678,7 @@ pop edi pop ebp ret -fcn_0001c58d: +fcn_0001c651: push ebp mov ebp, esp sub esp, 0x24 @@ -47619,13 +47691,13 @@ push edx lea eax, [ebp - 0x18] push eax push 1 -call fcn_0001fe8d ; call 0x1fe8d +call fcn_0001ff1b ; call 0x1ff1b mov eax, dword [ebp - 0x18] leave and eax, 0xfff0ff0 ret -fcn_0001c5b4: +fcn_0001c678: push ebp mov ebp, esp sub esp, 0x24 @@ -47638,53 +47710,53 @@ push edx lea eax, [ebp - 0x18] push eax push 1 -call fcn_0001fe8d ; call 0x1fe8d +call fcn_0001ff1b ; call 0x1ff1b mov eax, dword [ebp - 0x18] leave and eax, 0xf ret -fcn_0001c5d9: ; not directly referenced +fcn_0001c69d: ; not directly referenced push ebp mov ebp, esp push edi push esi push ebx sub esp, 0xc -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov esi, eax -call fcn_0001c5b4 ; call 0x1c5b4 +call fcn_0001c678 ; call 0x1c678 lea edx, [eax + esi] mov edi, eax cmp edx, 0x306c3 -je short loc_0001c644 ; je 0x1c644 +je short loc_0001c708 ; je 0x1c708 cmp edx, 0x40651 -je short loc_0001c644 ; je 0x1c644 +je short loc_0001c708 ; je 0x1c708 cmp edx, 0x40661 -je short loc_0001c644 ; je 0x1c644 +je short loc_0001c708 ; je 0x1c708 lea eax, [edx - 0x306d3] cmp eax, 1 -jbe short loc_0001c644 ; jbe 0x1c644 +jbe short loc_0001c708 ; jbe 0x1c708 sub edx, 0x40670 mov bl, 1 cmp edx, 1 -jbe short loc_0001c646 ; jbe 0x1c646 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_0001c70a ; jbe 0x1c70a +call fcn_00015479 ; call 0x15479 xor ebx, ebx test al, al -je short loc_0001c646 ; je 0x1c646 +je short loc_0001c70a ; je 0x1c70a push esi push edi -push ref_000264f7 ; push 0x264f7 +push ref_000265a6 ; push 0x265a6 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_0001c646 ; jmp 0x1c646 +jmp short loc_0001c70a ; jmp 0x1c70a -loc_0001c644: ; not directly referenced +loc_0001c708: ; not directly referenced mov bl, 1 -loc_0001c646: ; not directly referenced +loc_0001c70a: ; not directly referenced lea esp, [ebp - 0xc] mov al, bl pop ebx @@ -47693,7 +47765,7 @@ pop edi pop ebp ret -fcn_0001c650: ; not directly referenced +fcn_0001c714: ; not directly referenced push ebp mov ebp, esp push ebx @@ -47707,66 +47779,66 @@ push edx lea eax, [ebp - 0x18] push eax push 1 -call fcn_0001fe8d ; call 0x1fe8d +call fcn_0001ff1b ; call 0x1ff1b mov eax, dword [ebp - 0x18] add esp, 0x20 and eax, 0xfff0ff0 cmp eax, 0x40650 -je short loc_0001c6a2 ; je 0x1c6a2 -ja short loc_0001c692 ; ja 0x1c692 +je short loc_0001c766 ; je 0x1c766 +ja short loc_0001c756 ; ja 0x1c756 cmp eax, 0x306c0 -je short loc_0001c6ed ; je 0x1c6ed +je short loc_0001c7b1 ; je 0x1c7b1 cmp eax, 0x306d0 -je short loc_0001c6a2 ; je 0x1c6a2 -jmp short loc_0001c6a6 ; jmp 0x1c6a6 +je short loc_0001c766 ; je 0x1c766 +jmp short loc_0001c76a ; jmp 0x1c76a -loc_0001c692: ; not directly referenced +loc_0001c756: ; not directly referenced cmp eax, 0x40660 -je short loc_0001c6ed ; je 0x1c6ed +je short loc_0001c7b1 ; je 0x1c7b1 cmp eax, 0x40670 -jne short loc_0001c6a6 ; jne 0x1c6a6 -jmp short loc_0001c6ed ; jmp 0x1c6ed +jne short loc_0001c76a ; jne 0x1c76a +jmp short loc_0001c7b1 ; jmp 0x1c7b1 -loc_0001c6a2: ; not directly referenced +loc_0001c766: ; not directly referenced xor ebx, ebx -jmp short loc_0001c6ef ; jmp 0x1c6ef +jmp short loc_0001c7b3 ; jmp 0x1c7b3 -loc_0001c6a6: ; not directly referenced -call fcn_000153e9 ; call 0x153e9 +loc_0001c76a: ; not directly referenced +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001c6cb ; je 0x1c6cb +je short loc_0001c78f ; je 0x1c78f mov eax, dword [ebp - 0x18] push edx and eax, 0xfff0ff0 push eax -push ref_00026531 ; push 0x26531 +push ref_000265e0 ; push 0x265e0 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001c6cb: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001c78f: ; not directly referenced +call fcn_00015480 ; call 0x15480 mov bl, 2 test al, al -je short loc_0001c6ef ; je 0x1c6ef +je short loc_0001c7b3 ; je 0x1c7b3 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x7f -push ref_0002655c ; push 0x2655c -call fcn_000153fc ; call 0x153fc +push ref_0002660b ; push 0x2660b +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp short loc_0001c6ef ; jmp 0x1c6ef +jmp short loc_0001c7b3 ; jmp 0x1c7b3 -loc_0001c6ed: ; not directly referenced +loc_0001c7b1: ; not directly referenced mov bl, 1 -loc_0001c6ef: ; not directly referenced +loc_0001c7b3: ; not directly referenced mov al, bl mov ebx, dword [ebp - 4] leave ret -fcn_0001c6f6: ; not directly referenced +fcn_0001c7ba: ; not directly referenced push ebp mov ebp, esp sub esp, 0x20 @@ -47777,45 +47849,45 @@ lea eax, [ebp - 0x18] push eax push 0 push 4 -call fcn_0001feb9 ; call 0x1feb9 +call fcn_0001ff47 ; call 0x1ff47 mov eax, dword [ebp - 0x18] add esp, 0x1c push 0x1a xor edx, edx push edx push eax -call fcn_0001718b ; call 0x1718b +call fcn_0001724f ; call 0x1724f leave and eax, 0x3f inc eax ret -fcn_0001c726: ; not directly referenced +fcn_0001c7ea: ; not directly referenced push ebp mov ebp, esp sub esp, 0xc push 0 push 0 push 0x8b -call fcn_00017502 ; call 0x17502 +call fcn_000175c6 ; call 0x175c6 mov dword [esp], 0 push 0 push 0 push 0 push 1 -call fcn_0001fe8d ; call 0x1fe8d +call fcn_0001ff1b ; call 0x1ff1b add esp, 0x14 push 0x8b -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc add esp, 0xc push 0x20 push edx push eax -call fcn_0001718b ; call 0x1718b +call fcn_0001724f ; call 0x1724f leave ret -fcn_0001c769: ; not directly referenced +fcn_0001c82d: ; not directly referenced push ebp mov ebp, esp push edi @@ -47828,37 +47900,37 @@ mov esi, dword [ebp + 8] mov edi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] mov dword [ebp - 0x24], eax -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc add esp, 0x10 mov dword [ebp - 0x20], eax mov dword [ebp - 0x1c], edx test edi, edi -jne short loc_0001c7b5 ; jne 0x1c7b5 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001c879 ; jne 0x1c879 +call fcn_00015480 ; call 0x15480 test al, al -je loc_0001c85c ; je 0x1c85c -mov dword [ebp + 0x10], ref_00026598 ; mov dword [ebp + 0x10], 0x26598 +je loc_0001c920 ; je 0x1c920 +mov dword [ebp + 0x10], ref_00026647 ; mov dword [ebp + 0x10], 0x26647 mov dword [ebp + 0xc], 0xc8 -jmp near loc_0001c841 ; jmp 0x1c841 +jmp near loc_0001c905 ; jmp 0x1c905 -loc_0001c7b5: ; not directly referenced +loc_0001c879: ; not directly referenced push ecx push 0x10 push dword [ebp - 0x1c] push dword [ebp - 0x20] -call fcn_0001718b ; call 0x1718b +call fcn_0001724f ; call 0x1724f add esp, 0x10 mov word [edi], ax test esi, esi -jne short loc_0001c7ea ; jne 0x1c7ea -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001c8ae ; jne 0x1c8ae +call fcn_00015480 ; call 0x15480 test al, al -je loc_0001c85c ; je 0x1c85c -mov dword [ebp + 0x10], ref_000265c3 ; mov dword [ebp + 0x10], 0x265c3 +je loc_0001c920 ; je 0x1c920 +mov dword [ebp + 0x10], ref_00026672 ; mov dword [ebp + 0x10], 0x26672 mov dword [ebp + 0xc], 0xd2 -jmp short loc_0001c841 ; jmp 0x1c841 +jmp short loc_0001c905 ; jmp 0x1c905 -loc_0001c7ea: ; not directly referenced +loc_0001c8ae: ; not directly referenced movzx eax, ax push edx xor edx, edx @@ -47866,42 +47938,42 @@ push eax movzx eax, word [ebp - 0x20] push edx push eax -call fcn_000173f5 ; call 0x173f5 +call fcn_000174b9 ; call 0x174b9 add esp, 0x10 mov word [esi], ax test ebx, ebx -jne short loc_0001c81f ; jne 0x1c81f -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001c8e3 ; jne 0x1c8e3 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001c85c ; je 0x1c85c -mov dword [ebp + 0x10], ref_000265f1 ; mov dword [ebp + 0x10], 0x265f1 +je short loc_0001c920 ; je 0x1c920 +mov dword [ebp + 0x10], ref_000266a0 ; mov dword [ebp + 0x10], 0x266a0 mov dword [ebp + 0xc], 0xdc -jmp short loc_0001c841 ; jmp 0x1c841 +jmp short loc_0001c905 ; jmp 0x1c905 -loc_0001c81f: ; not directly referenced +loc_0001c8e3: ; not directly referenced cmp dword [ebp - 0x24], 0 mov word [ebx], 1 -jne short loc_0001c854 ; jne 0x1c854 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001c918 ; jne 0x1c918 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001c85c ; je 0x1c85c -mov dword [ebp + 0x10], ref_00026618 ; mov dword [ebp + 0x10], 0x26618 +je short loc_0001c920 ; je 0x1c920 +mov dword [ebp + 0x10], ref_000266c7 ; mov dword [ebp + 0x10], 0x266c7 mov dword [ebp + 0xc], 0xe3 -loc_0001c841: ; not directly referenced -mov dword [ebp + 8], ref_0002655c ; mov dword [ebp + 8], 0x2655c +loc_0001c905: ; not directly referenced +mov dword [ebp + 8], ref_0002660b ; mov dword [ebp + 8], 0x2660b lea esp, [ebp - 0xc] pop ebx pop esi pop edi pop ebp -jmp near fcn_000153fc ; jmp 0x153fc +jmp near fcn_0001548c ; jmp 0x1548c -loc_0001c854: ; not directly referenced +loc_0001c918: ; not directly referenced mov eax, dword [ebp - 0x24] mov word [eax], 1 -loc_0001c85c: ; not directly referenced +loc_0001c920: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -47909,7 +47981,7 @@ pop edi pop ebp ret -fcn_0001c864: +fcn_0001c928: push ebp mov al, 1 mov ebp, esp @@ -47921,78 +47993,78 @@ sub esp, 0x2c lea esi, [ebp - 0x28] lea edi, [ebp - 0x20] -loc_0001c877: +loc_0001c93b: cmp dword [ebp + 8], 1 -je short loc_0001c8aa ; je 0x1c8aa +je short loc_0001c96e ; je 0x1c96e cmp dword [ebp + 8], 2 -jne short loc_0001c8d7 ; jne 0x1c8d7 +jne short loc_0001c99b ; jne 0x1c99b sub esp, 0xc push 0x150 -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc add esp, 0xc push 8 push esi push edi mov dword [ebp - 0x28], eax mov dword [ebp - 0x24], edx -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e mov al, byte [ebp - 0x19] shr al, 7 -jmp short loc_0001c8d4 ; jmp 0x1c8d4 +jmp short loc_0001c998 ; jmp 0x1c998 -loc_0001c8aa: +loc_0001c96e: push edx push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x48 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e and eax, 0xfffffffe add eax, 0x5da4 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e shr eax, 0x1f -loc_0001c8d4: +loc_0001c998: add esp, 0x10 -loc_0001c8d7: +loc_0001c99b: sub esp, 0xc inc ebx push 1 mov dword [ebp - 0x2c], eax -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 mov eax, dword [ebp - 0x2c] add esp, 0x10 mov dl, al and dl, 1 -je short loc_0001c8fd ; je 0x1c8fd +je short loc_0001c9c1 ; je 0x1c9c1 cmp bx, 0x3e7 -jbe loc_0001c877 ; jbe 0x1c877 +jbe loc_0001c93b ; jbe 0x1c93b -loc_0001c8fd: +loc_0001c9c1: cmp bx, 0x3e8 -jne short loc_0001c92c ; jne 0x1c92c +jne short loc_0001c9f0 ; jne 0x1c9f0 test dl, dl -je short loc_0001c92c ; je 0x1c92c -call fcn_000153e9 ; call 0x153e9 +je short loc_0001c9f0 ; je 0x1c9f0 +call fcn_00015479 ; call 0x15479 mov ebx, 0x80000012 test al, al -je short loc_0001c92e ; je 0x1c92e +je short loc_0001c9f2 ; je 0x1c9f2 push eax push eax -push ref_00026639 ; push 0x26639 +push ref_000266e8 ; push 0x266e8 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_0001c92e ; jmp 0x1c92e +jmp short loc_0001c9f2 ; jmp 0x1c9f2 -loc_0001c92c: +loc_0001c9f0: xor ebx, ebx -loc_0001c92e: +loc_0001c9f2: lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -48001,7 +48073,7 @@ pop edi pop ebp ret -fcn_0001c938: +fcn_0001c9fc: push ebp mov ebp, esp push edi @@ -48010,38 +48082,38 @@ push ebx sub esp, 0x48 mov edi, dword [ebp + 8] push edi -call fcn_0001c864 ; call 0x1c864 +call fcn_0001c928 ; call 0x1c928 add esp, 0x10 mov ebx, eax test eax, eax -js loc_0001cb41 ; js 0x1cb41 -call fcn_000153e9 ; call 0x153e9 +js loc_0001cc05 ; js 0x1cc05 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001c975 ; je 0x1c975 +je short loc_0001ca39 ; je 0x1ca39 movzx eax, byte [ebp + 0xc] push ecx push eax -push ref_00026661 ; push 0x26661 +push ref_00026710 ; push 0x26710 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001c975: +loc_0001ca39: cmp edi, 1 -je short loc_0001c988 ; je 0x1c988 +je short loc_0001ca4c ; je 0x1ca4c cmp edi, 2 -je loc_0001ca4f ; je 0x1ca4f -jmp near loc_0001cb01 ; jmp 0x1cb01 +je loc_0001cb13 ; je 0x1cb13 +jmp near loc_0001cbc5 ; jmp 0x1cbc5 -loc_0001c988: +loc_0001ca4c: push esi push 0 push 0 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x48 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edi, eax pop eax and edi, 0xfffffffe @@ -48050,58 +48122,58 @@ push dword [ebp + 0x10] lea esi, [edi + 0x5da0] add edi, 0x5da4 push esi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov eax, dword [ebp + 0xc] pop ecx pop edx or eax, 0x80000000 push eax push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov dword [esp], 1 -call fcn_0001c864 ; call 0x1c864 +call fcn_0001c928 ; call 0x1c928 mov dword [esp], edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], esi mov dword [ebp - 0x40], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], 0xa mov dword [ebp - 0x3c], eax -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 mov dword [esp], edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], esi mov edi, eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov ecx, dword [ebp - 0x40] add esp, 0x10 cmp ecx, edi -je short loc_0001ca42 ; je 0x1ca42 +je short loc_0001cb06 ; je 0x1cb06 cmp dword [ebp - 0x3c], eax -je short loc_0001ca42 ; je 0x1ca42 +je short loc_0001cb06 ; je 0x1cb06 -loc_0001ca1b: -call fcn_000153e9 ; call 0x153e9 +loc_0001cadf: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001ca38 ; je 0x1ca38 +je short loc_0001cafc ; je 0x1cafc push ebx push ebx -push ref_00026689 ; push 0x26689 +push ref_00026738 ; push 0x26738 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001ca38: +loc_0001cafc: mov ebx, 0x80000002 -jmp near loc_0001cb41 ; jmp 0x1cb41 +jmp near loc_0001cc05 ; jmp 0x1cc05 -loc_0001ca42: +loc_0001cb06: mov eax, dword [ebp + 0x14] movzx ecx, cl mov dword [eax], ecx -jmp near loc_0001cb23 ; jmp 0x1cb23 +jmp near loc_0001cbe7 ; jmp 0x1cbe7 -loc_0001ca4f: +loc_0001cb13: mov eax, dword [ebp + 0xc] lea edi, [ebp - 0x30] push ecx @@ -48114,16 +48186,16 @@ push edi or byte [ebp - 0x21], 0x80 mov dword [ebp - 0x3c], ecx mov dword [ebp - 0x28], eax -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e add esp, 0xc push dword [ebp - 0x2c] push dword [ebp - 0x30] push 0x150 -call fcn_00017502 ; call 0x17502 +call fcn_000175c6 ; call 0x175c6 mov dword [esp], 2 -call fcn_0001c864 ; call 0x1c864 +call fcn_0001c928 ; call 0x1c928 mov dword [esp], 0x150 -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc mov ecx, dword [ebp - 0x3c] add esp, 0xc push 8 @@ -48131,11 +48203,11 @@ push edi push ecx mov dword [ebp - 0x2c], edx mov dword [ebp - 0x30], eax -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e mov dword [esp], 0xa -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 mov dword [esp], 0x150 -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc add esp, 0xc push 8 push edi @@ -48143,46 +48215,46 @@ mov dword [ebp - 0x30], eax lea eax, [ebp - 0x20] push eax mov dword [ebp - 0x2c], edx -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e mov eax, dword [ebp - 0x1c] add esp, 0x10 cmp dword [ebp - 0x24], eax -je short loc_0001caf6 ; je 0x1caf6 +je short loc_0001cbba ; je 0x1cbba mov eax, dword [ebp - 0x20] cmp dword [ebp - 0x28], eax -jne loc_0001ca1b ; jne 0x1ca1b +jne loc_0001cadf ; jne 0x1cadf -loc_0001caf6: +loc_0001cbba: movzx eax, byte [ebp - 0x24] mov edx, dword [ebp + 0x14] mov dword [edx], eax -jmp short loc_0001cb23 ; jmp 0x1cb23 +jmp short loc_0001cbe7 ; jmp 0x1cbe7 -loc_0001cb01: -call fcn_000153e9 ; call 0x153e9 +loc_0001cbc5: +call fcn_00015479 ; call 0x15479 mov ebx, 0x80000003 test al, al -je short loc_0001cb23 ; je 0x1cb23 +je short loc_0001cbe7 ; je 0x1cbe7 push edx push edx -push ref_000266b4 ; push 0x266b4 +push ref_00026763 ; push 0x26763 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001cb23: -call fcn_000153e9 ; call 0x153e9 +loc_0001cbe7: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001cb41 ; je 0x1cb41 +je short loc_0001cc05 ; je 0x1cc05 push eax mov eax, dword [ebp + 0x14] push dword [eax] -push ref_000266da ; push 0x266da +push ref_00026789 ; push 0x26789 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001cb41: +loc_0001cc05: lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -48191,7 +48263,7 @@ pop edi pop ebp ret -fcn_0001cb4b: +fcn_0001cc0f: push ebp mov ebp, esp push edi @@ -48201,41 +48273,41 @@ sub esp, 0x38 mov edi, dword [ebp + 8] mov esi, dword [ebp + 0xc] push edi -call fcn_0001c864 ; call 0x1c864 +call fcn_0001c928 ; call 0x1c928 add esp, 0x10 mov ebx, eax test eax, eax -js loc_0001cd57 ; js 0x1cd57 -call fcn_000153e9 ; call 0x153e9 +js loc_0001ce1b ; js 0x1ce1b +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001cb8c ; je 0x1cb8c +je short loc_0001cc50 ; je 0x1cc50 mov eax, esi movzx eax, al push ecx push eax -push ref_000266fb ; push 0x266fb +push ref_000267aa ; push 0x267aa push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001cb8c: +loc_0001cc50: cmp edi, 1 -je short loc_0001cb9f ; je 0x1cb9f +je short loc_0001cc63 ; je 0x1cc63 cmp edi, 2 -je loc_0001cc60 ; je 0x1cc60 -jmp near loc_0001cd17 ; jmp 0x1cd17 +je loc_0001cd24 ; je 0x1cd24 +jmp near loc_0001cddb ; jmp 0x1cddb -loc_0001cb9f: +loc_0001cc63: push eax push 0 push 0 push 0 mov dword [ebp - 0x30], esi or byte [ebp - 0x2d], 0x80 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 0x48 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov esi, eax pop eax and esi, 0xfffffffe @@ -48244,54 +48316,54 @@ push dword [ebp - 0x30] lea edi, [esi + 0x5da4] add esi, 0x5da0 push edi -call fcn_00017dcb ; call 0x17dcb +call fcn_00017e8f ; call 0x17e8f mov dword [esp], 1 -call fcn_0001c864 ; call 0x1c864 +call fcn_0001c928 ; call 0x1c928 mov dword [esp], edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], esi mov dword [ebp - 0x30], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], 0xa mov dword [ebp - 0x2c], eax -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 mov dword [esp], edi -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov dword [esp], esi mov edi, eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e mov edx, dword [ebp - 0x30] add esp, 0x10 cmp edx, edi -je short loc_0001cc4f ; je 0x1cc4f +je short loc_0001cd13 ; je 0x1cd13 cmp dword [ebp - 0x2c], eax -je short loc_0001cc4f ; je 0x1cc4f +je short loc_0001cd13 ; je 0x1cd13 -loc_0001cc28: -call fcn_000153e9 ; call 0x153e9 +loc_0001ccec: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001cc45 ; je 0x1cc45 +je short loc_0001cd09 ; je 0x1cd09 push eax push eax -push ref_00026689 ; push 0x26689 +push ref_00026738 ; push 0x26738 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001cc45: +loc_0001cd09: mov ebx, 0x80000002 -jmp near loc_0001cd57 ; jmp 0x1cd57 +jmp near loc_0001ce1b ; jmp 0x1ce1b -loc_0001cc4f: +loc_0001cd13: mov eax, dword [ebp + 0x14] mov dword [eax], edx lea eax, [ebp - 0x2c] push edi push 4 push eax -jmp near loc_0001cd0d ; jmp 0x1cd0d +jmp near loc_0001cdd1 ; jmp 0x1cdd1 -loc_0001cc60: +loc_0001cd24: mov eax, dword [ebp + 0x10] lea edi, [ebp - 0x38] mov dword [ebp - 0x24], esi @@ -48303,27 +48375,27 @@ push esi push edi or byte [ebp - 0x21], 0x80 mov dword [ebp - 0x28], eax -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e add esp, 0xc push dword [ebp - 0x34] push dword [ebp - 0x38] push 0x150 -call fcn_00017502 ; call 0x17502 +call fcn_000175c6 ; call 0x175c6 mov dword [esp], 2 -call fcn_0001c864 ; call 0x1c864 +call fcn_0001c928 ; call 0x1c928 mov dword [esp], 0x150 -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc add esp, 0xc push 8 push edi push esi mov dword [ebp - 0x34], edx mov dword [ebp - 0x38], eax -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e mov dword [esp], 0xa -call fcn_0001ba3f ; call 0x1ba3f +call fcn_0001bb03 ; call 0x1bb03 mov dword [esp], 0x150 -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc add esp, 0xc push 8 push edi @@ -48331,16 +48403,16 @@ mov dword [ebp - 0x38], eax lea eax, [ebp - 0x20] push eax mov dword [ebp - 0x34], edx -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e mov eax, dword [ebp - 0x1c] add esp, 0x10 cmp dword [ebp - 0x24], eax -je short loc_0001cd00 ; je 0x1cd00 +je short loc_0001cdc4 ; je 0x1cdc4 mov eax, dword [ebp - 0x20] cmp dword [ebp - 0x28], eax -jne loc_0001cc28 ; jne 0x1cc28 +jne loc_0001ccec ; jne 0x1ccec -loc_0001cd00: +loc_0001cdc4: mov ecx, dword [ebp + 0x14] movzx eax, byte [ebp - 0x24] mov dword [ecx], eax @@ -48348,38 +48420,38 @@ push ecx push 4 push esi -loc_0001cd0d: +loc_0001cdd1: push dword [ebp + 0x10] -call fcn_0001707a ; call 0x1707a -jmp short loc_0001cd36 ; jmp 0x1cd36 +call fcn_0001713e ; call 0x1713e +jmp short loc_0001cdfa ; jmp 0x1cdfa -loc_0001cd17: -call fcn_000153e9 ; call 0x153e9 +loc_0001cddb: +call fcn_00015479 ; call 0x15479 mov ebx, 0x80000003 test al, al -je short loc_0001cd39 ; je 0x1cd39 +je short loc_0001cdfd ; je 0x1cdfd push edx push edx -push ref_000266b4 ; push 0x266b4 +push ref_00026763 ; push 0x26763 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 -loc_0001cd36: +loc_0001cdfa: add esp, 0x10 -loc_0001cd39: -call fcn_000153e9 ; call 0x153e9 +loc_0001cdfd: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001cd57 ; je 0x1cd57 +je short loc_0001ce1b ; je 0x1ce1b push eax mov eax, dword [ebp + 0x14] push dword [eax] -push ref_000266da ; push 0x266da +push ref_00026789 ; push 0x26789 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001cd57: +loc_0001ce1b: lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -48388,7 +48460,7 @@ pop edi pop ebp ret -fcn_0001cd61: ; not directly referenced +fcn_0001ce25: ; not directly referenced push ebp mov eax, 0x80000002 mov ebp, esp @@ -48398,82 +48470,82 @@ push ebx sub esp, 0x1c mov ebx, dword [ebp + 0xc] test ebx, ebx -je loc_0001ce4b ; je 0x1ce4b +je loc_0001cf0f ; je 0x1cf0f lea edi, [ebp - 0x1c] -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 lea esi, [ebp - 0x20] -call fcn_0001c5b4 ; call 0x1c5b4 +call fcn_0001c678 ; call 0x1c678 push edi push esi push 0x8000000a push 1 -call fcn_0001cb4b ; call 0x1cb4b -call fcn_000153e9 ; call 0x153e9 +call fcn_0001cc0f ; call 0x1cc0f +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_0001cdb7 ; je 0x1cdb7 +je short loc_0001ce7b ; je 0x1ce7b push edx push dword [ebp - 0x20] -push ref_00026722 ; push 0x26722 +push ref_000267d1 ; push 0x267d1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001cdb7: ; not directly referenced +loc_0001ce7b: ; not directly referenced cmp dword [ebp - 0x1c], 0 -je short loc_0001cdc7 ; je 0x1cdc7 +je short loc_0001ce8b ; je 0x1ce8b -loc_0001cdbd: ; not directly referenced +loc_0001ce81: ; not directly referenced mov eax, 0x8000000e -jmp near loc_0001ce4b ; jmp 0x1ce4b +jmp near loc_0001cf0f ; jmp 0x1cf0f -loc_0001cdc7: ; not directly referenced +loc_0001ce8b: ; not directly referenced mov edx, dword [ebp - 0x20] xor eax, eax -loc_0001cdcc: ; not directly referenced +loc_0001ce90: ; not directly referenced mov ecx, edx and edx, 0x3f mov byte [ebx + eax], dl inc eax shr ecx, 6 cmp eax, 4 -je short loc_0001cde1 ; je 0x1cde1 +je short loc_0001cea5 ; je 0x1cea5 mov edx, ecx -jmp short loc_0001cdcc ; jmp 0x1cdcc +jmp short loc_0001ce90 ; jmp 0x1ce90 -loc_0001cde1: ; not directly referenced +loc_0001cea5: ; not directly referenced cmp dword [ebp + 8], 4 mov dword [ebp - 0x20], ecx -ja short loc_0001cdee ; ja 0x1cdee +ja short loc_0001ceb2 ; ja 0x1ceb2 -loc_0001cdea: ; not directly referenced +loc_0001ceae: ; not directly referenced xor eax, eax -jmp short loc_0001ce4b ; jmp 0x1ce4b +jmp short loc_0001cf0f ; jmp 0x1cf0f -loc_0001cdee: ; not directly referenced -call fcn_0001c650 ; call 0x1c650 +loc_0001ceb2: ; not directly referenced +call fcn_0001c714 ; call 0x1c714 test al, al -jne short loc_0001cdea ; jne 0x1cdea +jne short loc_0001ceae ; jne 0x1ceae push edi push esi push 0x8000000b push 1 -call fcn_0001cb4b ; call 0x1cb4b -call fcn_000153e9 ; call 0x153e9 +call fcn_0001cc0f ; call 0x1cc0f +call fcn_00015479 ; call 0x15479 add esp, 0x10 test al, al -je short loc_0001ce24 ; je 0x1ce24 +je short loc_0001cee8 ; je 0x1cee8 push eax push dword [ebp - 0x20] -push ref_00026722 ; push 0x26722 +push ref_000267d1 ; push 0x267d1 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001ce24: ; not directly referenced +loc_0001cee8: ; not directly referenced cmp dword [ebp - 0x1c], 0 -jne short loc_0001cdbd ; jne 0x1cdbd +jne short loc_0001ce81 ; jne 0x1ce81 mov eax, dword [ebp - 0x20] mov edx, eax mov cl, al @@ -48485,9 +48557,9 @@ and eax, 0x3f mov byte [ebx + 4], cl mov byte [ebx + 5], dl mov byte [ebx + 6], al -jmp short loc_0001cdea ; jmp 0x1cdea +jmp short loc_0001ceae ; jmp 0x1ceae -loc_0001ce4b: ; not directly referenced +loc_0001cf0f: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -48495,23 +48567,23 @@ pop edi pop ebp ret -fcn_0001ce53: ; not directly referenced +fcn_0001cf17: ; not directly referenced push ebp mov ebp, esp sub esp, 0x14 push 0x1b -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc leave shrd eax, edx, 8 and eax, 1 ret -fcn_0001ce69: ; not directly referenced +fcn_0001cf2d: ; not directly referenced push ebp mov ebp, esp sub esp, 0x14 push 0x35 -call fcn_000174f8 ; call 0x174f8 +call fcn_000175bc ; call 0x175bc add esp, 0x10 leave mov edx, eax @@ -48522,7 +48594,7 @@ cmp al, 1 seta al ret -fcn_0001ce8a: +fcn_0001cf4e: push ebp mov ebp, esp push ebx @@ -48532,13 +48604,13 @@ mov ebx, dword [ebp + 0xc] mov eax, dword [ebp + 0x10] mov dword [ebp - 0xc], 0 test dx, dx -jne short loc_0001cead ; jne 0x1cead +jne short loc_0001cf71 ; jne 0x1cf71 mov word [ebx], 0 -jmp short loc_0001cf00 ; jmp 0x1cf00 +jmp short loc_0001cfc4 ; jmp 0x1cfc4 -loc_0001cead: +loc_0001cf71: test al, al -jne short loc_0001cecf ; jne 0x1cecf +jne short loc_0001cf93 ; jne 0x1cf93 lea eax, [ebp - 0xc] cmp dx, 0xfff push eax @@ -48547,35 +48619,35 @@ cmovbe eax, edx movzx eax, ax push 0x3e8 shl eax, 0xa -jmp short loc_0001cee5 ; jmp 0x1cee5 +jmp short loc_0001cfa9 ; jmp 0x1cfa9 -loc_0001cecf: +loc_0001cf93: dec al -jne short loc_0001cf00 ; jne 0x1cf00 +jne short loc_0001cfc4 ; jne 0x1cfc4 lea eax, [ebp - 0xc] push eax movzx eax, dx imul eax, eax, 0x3e8 push 0x400 -loc_0001cee5: +loc_0001cfa9: cdq push edx push eax -call fcn_0001743e ; call 0x1743e +call fcn_00017502 ; call 0x17502 add esp, 0x10 cmp dword [ebp - 0xc], 0x1f3 mov word [ebx], ax -jbe short loc_0001cf00 ; jbe 0x1cf00 +jbe short loc_0001cfc4 ; jbe 0x1cfc4 inc eax mov word [ebx], ax -loc_0001cf00: +loc_0001cfc4: mov ebx, dword [ebp - 4] leave ret -fcn_0001cf05: +fcn_0001cfc9: push ebp mov ebp, esp push esi @@ -48587,18 +48659,18 @@ mov ecx, dword [ebp + 0x10] mov dword [ebp - 0xc], 0 mov word [ebx], 0 test ax, ax -je loc_0001cfaf ; je 0x1cfaf +je loc_0001d073 ; je 0x1d073 mov edx, eax test cl, cl -jne short loc_0001cf60 ; jne 0x1cf60 +jne short loc_0001d024 ; jne 0x1d024 xor esi, esi test ax, ax -jns short loc_0001cf44 ; jns 0x1cf44 +jns short loc_0001d008 ; jns 0x1d008 neg edx mov esi, 1 and dx, 0x7fff -loc_0001cf44: +loc_0001d008: lea eax, [ebp - 0xc] cmp dx, 0x1f4 push eax @@ -48607,52 +48679,52 @@ cmovle eax, edx cwde push 0x3e8 shl eax, 0xa -jmp short loc_0001cf8b ; jmp 0x1cf8b +jmp short loc_0001d04f ; jmp 0x1d04f -loc_0001cf60: +loc_0001d024: dec cl -jne short loc_0001cfaf ; jne 0x1cfaf +jne short loc_0001d073 ; jne 0x1d073 xor esi, esi test ah, 4 -je short loc_0001cf79 ; je 0x1cf79 +je short loc_0001d03d ; je 0x1d03d mov edx, eax mov esi, 1 neg edx and dx, 0x3ff -loc_0001cf79: +loc_0001d03d: lea eax, [ebp - 0xc] push eax movsx eax, dx imul eax, eax, 0x3e8 push 0x400 -loc_0001cf8b: +loc_0001d04f: cdq push edx push eax -call fcn_0001743e ; call 0x1743e +call fcn_00017502 ; call 0x17502 add esp, 0x10 cmp dword [ebp - 0xc], 0x1f3 mov word [ebx], ax -jbe short loc_0001cfa6 ; jbe 0x1cfa6 +jbe short loc_0001d06a ; jbe 0x1d06a inc eax mov word [ebx], ax -loc_0001cfa6: +loc_0001d06a: mov eax, esi test al, al -je short loc_0001cfaf ; je 0x1cfaf +je short loc_0001d073 ; je 0x1d073 neg word [ebx] -loc_0001cfaf: +loc_0001d073: lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0001cfb6: +fcn_0001d07a: push ebp mov ebp, esp push edi @@ -48663,38 +48735,38 @@ mov ebx, dword [ebp + 0xc] push 8 mov esi, dword [ebp + 8] push ebx -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff mov eax, dword [ebp + 0x10] add esp, 0x10 dec eax cmp eax, 0x14 -ja loc_0001d10c ; ja 0x1d10c -jmp dword [eax*4 + ref_0002057c] ; ujmp: jmp dword [eax*4 + 0x2057c] +ja loc_0001d1d0 ; ja 0x1d1d0 +jmp dword [eax*4 + ref_0002060c] ; ujmp: jmp dword [eax*4 + 0x2060c] -loc_0001cfe4: +loc_0001d0a8: mov dword [ebx], 0 mov byte [ebx + 4], 1 mov al, byte [esi + 4] -jmp short loc_0001d019 ; jmp 0x1d019 +jmp short loc_0001d0dd ; jmp 0x1d0dd -loc_0001cff3: +loc_0001d0b7: mov dword [ebx], 0 mov byte [ebx + 4], 2 mov byte [ebx + 5], 0 mov al, byte [esi + 4] mov byte [ebx + 6], al -jmp near loc_0001d129 ; jmp 0x1d129 +jmp near loc_0001d1ed ; jmp 0x1d1ed -loc_0001d00c: +loc_0001d0d0: mov dword [ebx], 0 mov byte [ebx + 4], 0x10 mov al, byte [esi + 6] -loc_0001d019: +loc_0001d0dd: mov byte [ebx + 5], al -jmp near loc_0001d129 ; jmp 0x1d129 +jmp near loc_0001d1ed ; jmp 0x1d1ed -loc_0001d021: +loc_0001d0e5: mov al, byte [esi] lea edi, [ebp - 0x1e] push ecx @@ -48704,7 +48776,7 @@ mov byte [ebp - 0x1c], al movzx eax, word [esi + 2] mov word [ebp - 0x1e], 0 push eax -call fcn_0001ce8a ; call 0x1ce8a +call fcn_0001cf4e ; call 0x1cf4e movzx edx, word [ebp - 0x1e] add esp, 0xc mov eax, dword [ebp - 0x1c] @@ -48725,7 +48797,7 @@ or eax, edx mov byte [ebp - 0x1a], al movsx eax, word [esi + 4] push eax -call fcn_0001cf05 ; call 0x1cf05 +call fcn_0001cfc9 ; call 0x1cfc9 mov ax, word [ebp - 0x1a] add esp, 0xc mov dx, word [ebp - 0x1e] @@ -48737,25 +48809,25 @@ mov word [ebp - 0x1a], ax lea eax, [ebp - 0x1c] push eax push ebx -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e mov byte [ebx + 4], 0x11 mov al, byte [esi + 6] mov byte [ebx + 5], al -jmp short loc_0001d126 ; jmp 0x1d126 +jmp short loc_0001d1ea ; jmp 0x1d1ea -loc_0001d0b0: +loc_0001d174: mov dword [ebx], 0 mov byte [ebx + 4], 0x12 -jmp short loc_0001d106 ; jmp 0x1d106 +jmp short loc_0001d1ca ; jmp 0x1d1ca -loc_0001d0bc: +loc_0001d180: push edx push 0 lea eax, [ebp - 0x1e] push eax movzx eax, word [esi] push eax -call fcn_0001ce8a ; call 0x1ce8a +call fcn_0001cf4e ; call 0x1cf4e movzx eax, byte [esi + 2] movzx edx, word [ebp - 0x1e] mov byte [ebx + 4], 0x13 @@ -48763,14 +48835,14 @@ mov byte [ebx + 5], 0 shl eax, 0x1f or eax, edx mov dword [ebx], eax -jmp short loc_0001d126 ; jmp 0x1d126 +jmp short loc_0001d1ea ; jmp 0x1d1ea -loc_0001d0e5: +loc_0001d1a9: mov dword [ebx], 0 mov byte [ebx + 4], 0x14 -jmp short loc_0001d106 ; jmp 0x1d106 +jmp short loc_0001d1ca ; jmp 0x1d1ca -loc_0001d0f1: +loc_0001d1b5: mov al, byte [esi + 1] mov dl, byte [esi] mov byte [ebx + 4], 0x15 @@ -48780,24 +48852,24 @@ and edx, 1 or eax, edx mov dword [ebx], eax -loc_0001d106: +loc_0001d1ca: mov byte [ebx + 5], 0 -jmp short loc_0001d129 ; jmp 0x1d129 +jmp short loc_0001d1ed ; jmp 0x1d1ed -loc_0001d10c: -call fcn_000153e9 ; call 0x153e9 +loc_0001d1d0: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001d129 ; je 0x1d129 +je short loc_0001d1ed ; je 0x1d1ed push eax push eax -push ref_00026752 ; push 0x26752 +push ref_00026801 ; push 0x26801 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 -loc_0001d126: +loc_0001d1ea: add esp, 0x10 -loc_0001d129: +loc_0001d1ed: lea esp, [ebp - 0xc] pop ebx pop esi @@ -48805,7 +48877,7 @@ pop edi pop ebp ret -fcn_0001d131: +fcn_0001d1f5: push ebp mov ebp, esp push edi @@ -48817,22 +48889,22 @@ push 8 mov edi, dword [ebp + 0xc] lea esi, [ebp - 0x20] push esi -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff add esp, 0xc push 0x10 push esi push ebx -call fcn_0001cfb6 ; call 0x1cfb6 +call fcn_0001d07a ; call 0x1d07a push edi push esi push dword [ebp - 0x1c] push 2 -call fcn_0001cb4b ; call 0x1cb4b +call fcn_0001cc0f ; call 0x1cc0f add esp, 0x20 test eax, eax -jne short loc_0001d1b0 ; jne 0x1d1b0 +jne short loc_0001d274 ; jne 0x1d274 cmp dword [edi], 0 -jne short loc_0001d1b0 ; jne 0x1d1b0 +jne short loc_0001d274 ; jne 0x1d274 mov edx, dword [ebp - 0x20] mov dword [ebp - 0x2c], eax mov ecx, edx @@ -48847,18 +48919,18 @@ push eax push 1 push ecx push edx -call fcn_0001ce8a ; call 0x1ce8a +call fcn_0001cf4e ; call 0x1cf4e mov edx, dword [ebp - 0x20] add esp, 0xc push 1 push ebx shr edx, 0x15 push edx -call fcn_0001cf05 ; call 0x1cf05 +call fcn_0001cfc9 ; call 0x1cfc9 mov eax, dword [ebp - 0x2c] add esp, 0x10 -loc_0001d1b0: +loc_0001d274: lea esp, [ebp - 0xc] pop ebx pop esi @@ -48866,7 +48938,7 @@ pop edi pop ebp ret -fcn_0001d1b8: +fcn_0001d27c: push ebp mov ebp, esp sub esp, 0x1c @@ -48875,16 +48947,16 @@ lea eax, [ebp - 0x10] push eax lea eax, [ebp + 8] push eax -call fcn_0001cfb6 ; call 0x1cfb6 +call fcn_0001d07a ; call 0x1d07a push dword [ebp + 0x10] push dword [ebp - 0x10] push dword [ebp - 0xc] push 2 -call fcn_0001c938 ; call 0x1c938 +call fcn_0001c9fc ; call 0x1c9fc leave ret -fcn_0001d1df: ; not directly referenced +fcn_0001d2a3: ; not directly referenced push ebp mov ebp, esp push edi @@ -48896,22 +48968,22 @@ push 8 mov edi, dword [ebp + 0xc] lea esi, [ebp - 0x20] push esi -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff add esp, 0xc push 0x14 push esi push ebx -call fcn_0001cfb6 ; call 0x1cfb6 +call fcn_0001d07a ; call 0x1d07a push edi push esi push dword [ebp - 0x1c] push 2 -call fcn_0001cb4b ; call 0x1cb4b +call fcn_0001cc0f ; call 0x1cc0f add esp, 0x20 test eax, eax -jne short loc_0001d22f ; jne 0x1d22f +jne short loc_0001d2f3 ; jne 0x1d2f3 cmp dword [edi], 0 -jne short loc_0001d22f ; jne 0x1d22f +jne short loc_0001d2f3 ; jne 0x1d2f3 mov edx, dword [ebp - 0x20] mov cl, dl and edx, 2 @@ -48920,7 +48992,7 @@ shr edx, 1 mov byte [ebx], cl mov byte [ebx + 1], dl -loc_0001d22f: ; not directly referenced +loc_0001d2f3: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -48928,7 +49000,7 @@ pop edi pop ebp ret -fcn_0001d237: ; not directly referenced +fcn_0001d2fb: ; not directly referenced push ebp mov ebp, esp sub esp, 0x1c @@ -48937,16 +49009,16 @@ lea eax, [ebp - 0x10] push eax lea eax, [ebp + 8] push eax -call fcn_0001cfb6 ; call 0x1cfb6 +call fcn_0001d07a ; call 0x1d07a push dword [ebp + 0xc] push dword [ebp - 0x10] push dword [ebp - 0xc] push 2 -call fcn_0001c938 ; call 0x1c938 +call fcn_0001c9fc ; call 0x1c9fc leave ret -fcn_0001d25e: ; not directly referenced +fcn_0001d322: ; not directly referenced push ebp mov ebp, esp push edi @@ -48958,22 +49030,22 @@ push 8 mov edi, dword [ebp + 0xc] lea esi, [ebp - 0x20] push esi -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff add esp, 0xc push 0x12 push esi push ebx -call fcn_0001cfb6 ; call 0x1cfb6 +call fcn_0001d07a ; call 0x1d07a push edi push esi push dword [ebp - 0x1c] push 2 -call fcn_0001cb4b ; call 0x1cb4b +call fcn_0001cc0f ; call 0x1cc0f add esp, 0x20 test eax, eax -jne short loc_0001d2af ; jne 0x1d2af +jne short loc_0001d373 ; jne 0x1d373 cmp dword [edi], 0 -jne short loc_0001d2af ; jne 0x1d2af +jne short loc_0001d373 ; jne 0x1d373 mov edx, dword [ebp - 0x20] mov ecx, edx and cx, 0xfff @@ -48981,7 +49053,7 @@ shr edx, 0x1f mov word [ebx], cx mov byte [ebx + 2], dl -loc_0001d2af: ; not directly referenced +loc_0001d373: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -48989,7 +49061,7 @@ pop edi pop ebp ret -fcn_0001d2b7: ; not directly referenced +fcn_0001d37b: ; not directly referenced push ebp mov ebp, esp sub esp, 0x1c @@ -48998,16 +49070,16 @@ lea eax, [ebp - 0x10] push eax lea eax, [ebp + 8] push eax -call fcn_0001cfb6 ; call 0x1cfb6 +call fcn_0001d07a ; call 0x1d07a push dword [ebp + 0xc] push dword [ebp - 0x10] push dword [ebp - 0xc] push 2 -call fcn_0001c938 ; call 0x1c938 +call fcn_0001c9fc ; call 0x1c9fc leave ret -fcn_0001d2de: +fcn_0001d3a2: push ebp mov ebp, esp push edi @@ -49019,22 +49091,22 @@ push 8 mov edi, dword [ebp + 0xc] lea esi, [ebp - 0x20] push esi -call fcn_00016f3b ; call 0x16f3b +call fcn_00016fff ; call 0x16fff add esp, 0xc push 1 push esi push ebx -call fcn_0001cfb6 ; call 0x1cfb6 +call fcn_0001d07a ; call 0x1d07a push edi push esi push dword [ebp - 0x1c] push 2 -call fcn_0001cb4b ; call 0x1cb4b +call fcn_0001cc0f ; call 0x1cc0f add esp, 0x20 test eax, eax -jne short loc_0001d349 ; jne 0x1d349 +jne short loc_0001d40d ; jne 0x1d40d cmp dword [edi], 0 -jne short loc_0001d349 ; jne 0x1d349 +jne short loc_0001d40d ; jne 0x1d40d mov edx, dword [ebp - 0x20] mov ecx, edx and ecx, 0x100 @@ -49049,7 +49121,7 @@ shr edx, 0xa mov byte [ebx + 2], cl mov byte [ebx + 3], dl -loc_0001d349: +loc_0001d40d: lea esp, [ebp - 0xc] pop ebx pop esi @@ -49057,50 +49129,50 @@ pop edi pop ebp ret -fcn_0001d351: ; not directly referenced +fcn_0001d415: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -mov edx, dword [ref_00031230] ; mov edx, dword [0x31230] +mov edx, dword [ref_000312e0] ; mov edx, dword [0x312e0] mov eax, dword [ebp + 0xc] add eax, 3 and eax, 0xfffffffc test edx, edx -jne short loc_0001d376 ; jne 0x1d376 -mov dword [ref_00031234], ref_00029d00 ; mov dword [0x31234], 0x29d00 -jmp short loc_0001d39c ; jmp 0x1d39c +jne short loc_0001d43a ; jne 0x1d43a +mov dword [ref_000312e4], ref_00029db0 ; mov dword [0x312e4], 0x29db0 +jmp short loc_0001d460 ; jmp 0x1d460 -loc_0001d376: ; not directly referenced -mov ecx, dword [ref_00031234] ; mov ecx, dword [0x31234] +loc_0001d43a: ; not directly referenced +mov ecx, dword [ref_000312e4] ; mov ecx, dword [0x312e4] cmp dword [ecx + edx], 0x900ddea1 -je short loc_0001d39c ; je 0x1d39c +je short loc_0001d460 ; je 0x1d460 push eax push 0x3d -push ref_000205d0 ; push 0x205d0 -push ref_00026773 ; push 0x26773 -call fcn_000153ce ; call 0x153ce +push ref_00020660 ; push 0x20660 +push ref_00026822 ; push 0x26822 +call fcn_0001545e ; call 0x1545e add esp, 0x10 -loc_0001d39a: ; not directly referenced -jmp short loc_0001d39a ; jmp 0x1d39a +loc_0001d45e: ; not directly referenced +jmp short loc_0001d45e ; jmp 0x1d45e -loc_0001d39c: ; not directly referenced +loc_0001d460: ; not directly referenced lea ecx, [eax + edx] cmp ecx, 0x752c -jbe short loc_0001d3be ; jbe 0x1d3be +jbe short loc_0001d482 ; jbe 0x1d482 push eax push 0x4b -push ref_000205d0 ; push 0x205d0 -push ref_00026793 ; push 0x26793 -call fcn_000153ce ; call 0x153ce +push ref_00020660 ; push 0x20660 +push ref_00026842 ; push 0x26842 +call fcn_0001545e ; call 0x1545e add esp, 0x10 -loc_0001d3bc: ; not directly referenced -jmp short loc_0001d3bc ; jmp 0x1d3bc +loc_0001d480: ; not directly referenced +jmp short loc_0001d480 ; jmp 0x1d480 -loc_0001d3be: ; not directly referenced -mov eax, dword [ref_00031234] ; mov eax, dword [0x31234] -mov dword [ref_00031230], ecx ; mov dword [0x31230], ecx +loc_0001d482: ; not directly referenced +mov eax, dword [ref_000312e4] ; mov eax, dword [0x312e4] +mov dword [ref_000312e0], ecx ; mov dword [0x312e0], ecx mov dword [eax + ecx], 0x900ddea1 mov ecx, dword [ebp + 0x10] add edx, eax @@ -49109,7 +49181,7 @@ mov dword [ecx], edx leave ret -fcn_0001d3db: ; not directly referenced +fcn_0001d49f: ; not directly referenced push ebp mov ebp, esp push edi @@ -49120,31 +49192,31 @@ mov eax, dword [ebp + 0xc] mov edi, dword [ebp + 0x10] mov ebx, dword [ebp + 0x14] mov dword [ebp - 0x1c], eax -call fcn_00016376 ; call 0x16376 +call fcn_00016406 ; call 0x16406 movzx esi, di sub esp, 0xc mov dword [ebp - 0x20], eax lea eax, [esi + 0xc] push eax -call fcn_00019c79 ; call 0x19c79 +call fcn_00019d3d ; call 0x19d3d add esp, 0x10 mov ecx, dword [ebp - 0x20] test eax, eax mov edx, eax -jne short loc_0001d437 ; jne 0x1d437 -call fcn_000153e9 ; call 0x153e9 +jne short loc_0001d4fb ; jne 0x1d4fb +call fcn_00015479 ; call 0x15479 mov edi, 0x80000009 test al, al -je short loc_0001d49b ; je 0x1d49b +je short loc_0001d55f ; je 0x1d55f push eax push esi -push ref_000267b9 ; push 0x267b9 +push ref_00026868 ; push 0x26868 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -jmp short loc_0001d49b ; jmp 0x1d49b +jmp short loc_0001d55f ; jmp 0x1d55f -loc_0001d437: ; not directly referenced +loc_0001d4fb: ; not directly referenced lea eax, [eax + 4] mov dword [ebx], eax mov eax, dword [ebp - 0x1c] @@ -49162,20 +49234,20 @@ mov dword [eax + 4], 0 mov eax, dword [ecx + 0x26c] mov dword [edx], eax mov dword [ecx + 0x26c], edx -call fcn_000153e9 ; call 0x153e9 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001d49b ; je 0x1d49b +je short loc_0001d55f ; je 0x1d55f sub esp, 0xc movzx eax, word [ebp - 0x1c] push dword [ebx] push esi push eax -push ref_000267df ; push 0x267df +push ref_0002688e ; push 0x2688e push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x20 -loc_0001d49b: ; not directly referenced +loc_0001d55f: ; not directly referenced lea esp, [ebp - 0xc] mov eax, edi pop ebx @@ -49184,11 +49256,11 @@ pop edi pop ebp ret -fcn_0001d4a5: ; not directly referenced +fcn_0001d569: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_00016376 ; call 0x16376 +call fcn_00016406 ; call 0x16406 mov edx, dword [eax + 0x26c] mov eax, dword [ebp + 0xc] add edx, 4 @@ -49197,208 +49269,208 @@ xor eax, eax leave ret -fcn_0001d4c2: +fcn_0001d586: push ebp mov ebp, esp push edi push esi push ebx sub esp, 0x3c -call fcn_00016380 ; call 0x16380 +call fcn_00016410 ; call 0x16410 sub esp, 0xc push 0x27 mov edi, eax -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov dword [ebp - 0x1c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001d4fe ; je 0x1d4fe +je short loc_0001d5c2 ; je 0x1d5c2 cmp dword [ebp - 0x1c], 0 -jne short loc_0001d508 ; jne 0x1d508 +jne short loc_0001d5cc ; jne 0x1d5cc push edi -push ref_000267f9 ; push 0x267f9 +push ref_000268a8 ; push 0x268a8 push 0x41 -jmp near loc_0001d666 ; jmp 0x1d666 +jmp near loc_0001d72a ; jmp 0x1d72a -loc_0001d4fe: +loc_0001d5c2: cmp dword [ebp - 0x1c], 0 -je loc_0001d673 ; je 0x1d673 +je loc_0001d737 ; je 0x1d737 -loc_0001d508: +loc_0001d5cc: sub esp, 0xc push 0xc -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov dword [ebp - 0x20], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001d534 ; je 0x1d534 +je short loc_0001d5f8 ; je 0x1d5f8 cmp dword [ebp - 0x20], 0 -jne short loc_0001d53e ; jne 0x1d53e +jne short loc_0001d602 ; jne 0x1d602 push esi -push ref_00026839 ; push 0x26839 +push ref_000268e8 ; push 0x268e8 push 0x47 -jmp near loc_0001d666 ; jmp 0x1d666 +jmp near loc_0001d72a ; jmp 0x1d72a -loc_0001d534: +loc_0001d5f8: cmp dword [ebp - 0x20], 0 -je loc_0001d673 ; je 0x1d673 +je loc_0001d737 ; je 0x1d737 -loc_0001d53e: +loc_0001d602: sub esp, 0xc push 0x36 -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov dword [ebp - 0x24], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001d56a ; je 0x1d56a +je short loc_0001d62e ; je 0x1d62e cmp dword [ebp - 0x24], 0 -jne short loc_0001d574 ; jne 0x1d574 +jne short loc_0001d638 ; jne 0x1d638 push ebx -push ref_00026861 ; push 0x26861 +push ref_00026910 ; push 0x26910 push 0x4d -jmp near loc_0001d666 ; jmp 0x1d666 +jmp near loc_0001d72a ; jmp 0x1d72a -loc_0001d56a: +loc_0001d62e: cmp dword [ebp - 0x24], 0 -je loc_0001d673 ; je 0x1d673 +je loc_0001d737 ; je 0x1d737 -loc_0001d574: +loc_0001d638: sub esp, 0xc push 0xd -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov dword [ebp - 0x28], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001d5a0 ; je 0x1d5a0 +je short loc_0001d664 ; je 0x1d664 cmp dword [ebp - 0x28], 0 -jne short loc_0001d5aa ; jne 0x1d5aa +jne short loc_0001d66e ; jne 0x1d66e push ecx -push ref_0002687e ; push 0x2687e +push ref_0002692d ; push 0x2692d push 0x53 -jmp near loc_0001d666 ; jmp 0x1d666 +jmp near loc_0001d72a ; jmp 0x1d72a -loc_0001d5a0: +loc_0001d664: cmp dword [ebp - 0x28], 0 -je loc_0001d673 ; je 0x1d673 +je loc_0001d737 ; je 0x1d737 -loc_0001d5aa: +loc_0001d66e: sub esp, 0xc push 0x102 -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001d5d6 ; je 0x1d5d6 +je short loc_0001d69a ; je 0x1d69a test ebx, ebx -jne short loc_0001d5de ; jne 0x1d5de +jne short loc_0001d6a2 ; jne 0x1d6a2 push edx -push ref_00026897 ; push 0x26897 +push ref_00026946 ; push 0x26946 push 0x59 -jmp near loc_0001d666 ; jmp 0x1d666 +jmp near loc_0001d72a ; jmp 0x1d72a -loc_0001d5d6: +loc_0001d69a: test ebx, ebx -je loc_0001d673 ; je 0x1d673 +je loc_0001d737 ; je 0x1d737 -loc_0001d5de: +loc_0001d6a2: sub esp, 0xc push 0xdc -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001d607 ; je 0x1d607 +je short loc_0001d6cb ; je 0x1d6cb test esi, esi -jne short loc_0001d60b ; jne 0x1d60b +jne short loc_0001d6cf ; jne 0x1d6cf push eax -push ref_000268b1 ; push 0x268b1 +push ref_00026960 ; push 0x26960 push 0x5f -jmp short loc_0001d666 ; jmp 0x1d666 +jmp short loc_0001d72a ; jmp 0x1d72a -loc_0001d607: +loc_0001d6cb: test esi, esi -je short loc_0001d673 ; je 0x1d673 +je short loc_0001d737 ; je 0x1d737 -loc_0001d60b: +loc_0001d6cf: sub esp, 0xc push 0x6b -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov dword [ebp - 0x2c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 mov edx, dword [ebp - 0x2c] test al, al -je short loc_0001d635 ; je 0x1d635 +je short loc_0001d6f9 ; je 0x1d6f9 test edx, edx -jne short loc_0001d639 ; jne 0x1d639 +jne short loc_0001d6fd ; jne 0x1d6fd push eax -push ref_000268d0 ; push 0x268d0 +push ref_0002697f ; push 0x2697f push 0x65 -jmp short loc_0001d666 ; jmp 0x1d666 +jmp short loc_0001d72a ; jmp 0x1d72a -loc_0001d635: +loc_0001d6f9: test edx, edx -je short loc_0001d673 ; je 0x1d673 +je short loc_0001d737 ; je 0x1d737 -loc_0001d639: +loc_0001d6fd: sub esp, 0xc push 5 mov dword [ebp - 0x30], edx -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov dword [ebp - 0x2c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 mov edx, dword [ebp - 0x30] test al, al -je short loc_0001d67d ; je 0x1d67d +je short loc_0001d741 ; je 0x1d741 cmp dword [ebp - 0x2c], 0 -jne short loc_0001d683 ; jne 0x1d683 +jne short loc_0001d747 ; jne 0x1d747 push eax -push ref_000268eb ; push 0x268eb +push ref_0002699a ; push 0x2699a push 0x6b -loc_0001d666: -push ref_0002681d ; push 0x2681d -call fcn_000153fc ; call 0x153fc +loc_0001d72a: +push ref_000268cc ; push 0x268cc +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001d673: +loc_0001d737: mov edx, 0x80000009 -jmp near loc_0001dee4 ; jmp 0x1dee4 +jmp near loc_0001dfa8 ; jmp 0x1dfa8 -loc_0001d67d: +loc_0001d741: cmp dword [ebp - 0x2c], 0 -je short loc_0001d673 ; je 0x1d673 +je short loc_0001d737 ; je 0x1d737 -loc_0001d683: +loc_0001d747: sub esp, 0xc push 0x11 mov dword [ebp - 0x34], edx -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov dword [ebp - 0x30], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 mov edx, dword [ebp - 0x34] test al, al -je short loc_0001d6b2 ; je 0x1d6b2 +je short loc_0001d776 ; je 0x1d776 cmp dword [ebp - 0x30], 0 -jne short loc_0001d6b8 ; jne 0x1d6b8 +jne short loc_0001d77c ; jne 0x1d77c push eax -push ref_00026907 ; push 0x26907 +push ref_000269b6 ; push 0x269b6 push 0x71 -jmp short loc_0001d666 ; jmp 0x1d666 +jmp short loc_0001d72a ; jmp 0x1d72a -loc_0001d6b2: +loc_0001d776: cmp dword [ebp - 0x30], 0 -je short loc_0001d673 ; je 0x1d673 +je short loc_0001d737 ; je 0x1d737 -loc_0001d6b8: +loc_0001d77c: lea eax, [edi + 0xce] mov dword [esi + 0xd0], eax lea eax, [edi + 0x8ce] @@ -49410,14 +49482,14 @@ push 0 push 0x27 push dword [ebp - 0x1c] mov dword [ebp - 0x40], edx -call fcn_0001efeb ; call 0x1efeb +call fcn_0001f079 ; call 0x1f079 mov eax, dword [ebp - 0x20] mov ecx, dword [ebp - 0x1c] mov dword [eax], 0x80000010 mov dword [eax + 8], ecx -mov dword [eax + 4], ref_0002925c ; mov dword [eax + 4], 0x2925c +mov dword [eax + 4], ref_0002930c ; mov dword [eax + 4], 0x2930c mov byte [ecx], 0x13 -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 add esp, 0x10 mov edx, dword [ebp - 0x40] cmp eax, 0x306d0 @@ -49429,19 +49501,19 @@ mov byte [ebp - 0x34], al or al, cl mov byte [ebp - 0x39], cl mov byte [ebp - 0x3a], al -je short loc_0001d74d ; je 0x1d74d +je short loc_0001d811 ; je 0x1d811 push eax push 0 push 2 push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov edx, dword [ebp - 0x40] add esp, 0x10 -loc_0001d74d: +loc_0001d811: mov al, byte [edi + 0x42] mov dword [ebp - 0x40], edx mov edx, dword [ebp - 0x24] @@ -49525,14 +49597,14 @@ mov byte [ebx + 0x71], 0 mov byte [ebx + 0x72], 0 mov byte [ebx + 0x73], 0 mov byte [ebx + 0x74], 1 -jne short loc_0001d8ad ; jne 0x1d8ad +jne short loc_0001d971 ; jne 0x1d971 cmp byte [ebp - 0x34], 0 -je short loc_0001d8b1 ; je 0x1d8b1 +je short loc_0001d975 ; je 0x1d975 -loc_0001d8ad: +loc_0001d971: mov byte [ebx + 0x75], 0 -loc_0001d8b1: +loc_0001d975: mov al, byte [edi + 0x46] mov byte [ebx + 0x77], 1 mov byte [ebx + 0x78], 0 @@ -49592,15 +49664,15 @@ mov byte [ebx + 0xaf], 0 sete byte [ebx + 0xac] mov byte [ebx + 0xb0], 0x30 test cl, cl -jne short loc_0001da31 ; jne 0x1da31 +jne short loc_0001daf5 ; jne 0x1daf5 cmp byte [ebp - 0x34], 0 -je short loc_0001da3f ; je 0x1da3f +je short loc_0001db03 ; je 0x1db03 -loc_0001da31: +loc_0001daf5: mov byte [ebx + 0xb1], 1 mov byte [ebx + 0xb2], 0x40 -loc_0001da3f: +loc_0001db03: mov byte [ebx + 0x101], 0xff mov byte [ebx + 0x2e], 1 mov byte [ebx + 0x2f], 0 @@ -49655,15 +49727,15 @@ mov byte [ebx + 0xc7], 0 mov al, byte [edi + 0x4a] mov byte [ebx + 0x57], al test cl, cl -jne short loc_0001db3b ; jne 0x1db3b +jne short loc_0001dbff ; jne 0x1dbff cmp byte [ebp - 0x34], 0 -jmp short loc_0001db42 ; jmp 0x1db42 +jmp short loc_0001dc06 ; jmp 0x1dc06 -loc_0001db3b: +loc_0001dbff: cmp dword [ebp - 0x38], 0x40650 -loc_0001db42: -je short loc_0001dbc3 ; je 0x1dbc3 +loc_0001dc06: +je short loc_0001dc87 ; je 0x1dc87 mov byte [ebx + 0xfc], 0 mov byte [ebx + 0xd1], 0 mov dword [ebx + 0xd2], 0 @@ -49679,84 +49751,84 @@ mov dword [ebx + 0xf5], 0x320 mov word [ebx + 0xf9], 0x118 mov byte [ebx + 0xfb], 7 -loc_0001dbc3: +loc_0001dc87: push ecx push 0 push 0 push 0 mov dword [ebp - 0x24], edx -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 mov edx, dword [ebp - 0x24] mov ecx, eax and ch, 0xfe cmp cx, 0xc04 -je short loc_0001dc0a ; je 0x1dc0a +je short loc_0001dcce ; je 0x1dcce mov ecx, eax and ecx, 0xfffffff7 cmp cx, 0xa04 -je short loc_0001dc0a ; je 0x1dc0a +je short loc_0001dcce ; je 0x1dcce and eax, 0xffffffef cmp ax, 0x1604 sete al movzx eax, al -jmp short loc_0001dc0f ; jmp 0x1dc0f +jmp short loc_0001dcd3 ; jmp 0x1dcd3 -loc_0001dc0a: +loc_0001dcce: mov eax, 1 -loc_0001dc0f: +loc_0001dcd3: mov byte [ebx + 0xc6], al mov word [ebx + 0xc8], 0xcf8 mov word [ebx + 0xca], 0xcfc mov byte [ebx + 0xcc], 0xaa -mov dword [esi], fcn_00018e1d ; mov dword [esi], 0x18e1d -mov dword [esi + 4], fcn_00018e32 ; mov dword [esi + 4], 0x18e32 -mov dword [esi + 8], fcn_00018ea0 ; mov dword [esi + 8], 0x18ea0 -mov dword [esi + 0xc], fcn_00018e26 ; mov dword [esi + 0xc], 0x18e26 -mov dword [esi + 0x10], fcn_00018e63 ; mov dword [esi + 0x10], 0x18e63 -mov dword [esi + 0x14], fcn_00018ed3 ; mov dword [esi + 0x14], 0x18ed3 -mov dword [esi + 0x18], fcn_00017cc7 ; mov dword [esi + 0x18], 0x17cc7 -mov dword [esi + 0x1c], fcn_00017cfe ; mov dword [esi + 0x1c], 0x17cfe -mov dword [esi + 0x20], fcn_00017d8a ; mov dword [esi + 0x20], 0x17d8a -mov dword [esi + 0x24], fcn_00017e14 ; mov dword [esi + 0x24], 0x17e14 -mov dword [esi + 0x28], fcn_00017ce1 ; mov dword [esi + 0x28], 0x17ce1 -mov dword [esi + 0x2c], fcn_00017d40 ; mov dword [esi + 0x2c], 0x17d40 -mov dword [esi + 0x30], fcn_00017dcb ; mov dword [esi + 0x30], 0x17dcb -mov dword [esi + 0x34], fcn_00016a52 ; mov dword [esi + 0x34], 0x16a52 -mov dword [esi + 0x38], fcn_0001a1be ; mov dword [esi + 0x38], 0x1a1be -mov dword [esi + 0x3c], fcn_0001a2b8 ; mov dword [esi + 0x3c], 0x1a2b8 -mov dword [esi + 0x40], fcn_0001a236 ; mov dword [esi + 0x40], 0x1a236 -mov dword [esi + 0x44], fcn_0001a331 ; mov dword [esi + 0x44], 0x1a331 -mov dword [esi + 0x48], fcn_00016740 ; mov dword [esi + 0x48], 0x16740 -mov dword [esi + 0x4c], fcn_0001676e ; mov dword [esi + 0x4c], 0x1676e -mov dword [esi + 0x50], fcn_000167d1 ; mov dword [esi + 0x50], 0x167d1 -mov dword [esi + 0x54], fcn_000169be ; mov dword [esi + 0x54], 0x169be -mov dword [esi + 0x58], fcn_0001707a ; mov dword [esi + 0x58], 0x1707a -mov dword [esi + 0x5c], fcn_0001efeb ; mov dword [esi + 0x5c], 0x1efeb -mov dword [esi + 0x60], fcn_000169f9 ; mov dword [esi + 0x60], 0x169f9 -mov dword [esi + 0x64], fcn_00016a12 ; mov dword [esi + 0x64], 0x16a12 -mov dword [esi + 0x68], fcn_0001fd4c ; mov dword [esi + 0x68], 0x1fd4c -mov dword [esi + 0x6c], fcn_0001718b ; mov dword [esi + 0x6c], 0x1718b -mov dword [esi + 0x70], fcn_0001fd96 ; mov dword [esi + 0x70], 0x1fd96 -mov dword [esi + 0x74], fcn_0001fd9f ; mov dword [esi + 0x74], 0x1fd9f +mov dword [esi], fcn_00018ee1 ; mov dword [esi], 0x18ee1 +mov dword [esi + 4], fcn_00018ef6 ; mov dword [esi + 4], 0x18ef6 +mov dword [esi + 8], fcn_00018f64 ; mov dword [esi + 8], 0x18f64 +mov dword [esi + 0xc], fcn_00018eea ; mov dword [esi + 0xc], 0x18eea +mov dword [esi + 0x10], fcn_00018f27 ; mov dword [esi + 0x10], 0x18f27 +mov dword [esi + 0x14], fcn_00018f97 ; mov dword [esi + 0x14], 0x18f97 +mov dword [esi + 0x18], fcn_00017d8b ; mov dword [esi + 0x18], 0x17d8b +mov dword [esi + 0x1c], fcn_00017dc2 ; mov dword [esi + 0x1c], 0x17dc2 +mov dword [esi + 0x20], fcn_00017e4e ; mov dword [esi + 0x20], 0x17e4e +mov dword [esi + 0x24], fcn_00017ed8 ; mov dword [esi + 0x24], 0x17ed8 +mov dword [esi + 0x28], fcn_00017da5 ; mov dword [esi + 0x28], 0x17da5 +mov dword [esi + 0x2c], fcn_00017e04 ; mov dword [esi + 0x2c], 0x17e04 +mov dword [esi + 0x30], fcn_00017e8f ; mov dword [esi + 0x30], 0x17e8f +mov dword [esi + 0x34], fcn_00016afd ; mov dword [esi + 0x34], 0x16afd +mov dword [esi + 0x38], fcn_0001a282 ; mov dword [esi + 0x38], 0x1a282 +mov dword [esi + 0x3c], fcn_0001a37c ; mov dword [esi + 0x3c], 0x1a37c +mov dword [esi + 0x40], fcn_0001a2fa ; mov dword [esi + 0x40], 0x1a2fa +mov dword [esi + 0x44], fcn_0001a3f5 ; mov dword [esi + 0x44], 0x1a3f5 +mov dword [esi + 0x48], fcn_000167d0 ; mov dword [esi + 0x48], 0x167d0 +mov dword [esi + 0x4c], fcn_000167fe ; mov dword [esi + 0x4c], 0x167fe +mov dword [esi + 0x50], fcn_00016861 ; mov dword [esi + 0x50], 0x16861 +mov dword [esi + 0x54], fcn_00016a4e ; mov dword [esi + 0x54], 0x16a4e +mov dword [esi + 0x58], fcn_0001713e ; mov dword [esi + 0x58], 0x1713e +mov dword [esi + 0x5c], fcn_0001f079 ; mov dword [esi + 0x5c], 0x1f079 +mov dword [esi + 0x60], fcn_00016a89 ; mov dword [esi + 0x60], 0x16a89 +mov dword [esi + 0x64], fcn_00016aa2 ; mov dword [esi + 0x64], 0x16aa2 +mov dword [esi + 0x68], fcn_0001fdda ; mov dword [esi + 0x68], 0x1fdda +mov dword [esi + 0x6c], fcn_0001724f ; mov dword [esi + 0x6c], 0x1724f +mov dword [esi + 0x70], fcn_0001fe24 ; mov dword [esi + 0x70], 0x1fe24 +mov dword [esi + 0x74], fcn_0001fe2d ; mov dword [esi + 0x74], 0x1fe2d mov eax, dword [ebp - 0x1c] -mov dword [esi + 0x78], fcn_0001667c ; mov dword [esi + 0x78], 0x1667c -mov dword [esi + 0x7c], fcn_00016a80 ; mov dword [esi + 0x7c], 0x16a80 -mov dword [esi + 0x80], fcn_0001cb4b ; mov dword [esi + 0x80], 0x1cb4b -mov dword [esi + 0x84], fcn_0001c938 ; mov dword [esi + 0x84], 0x1c938 -mov dword [esi + 0x88], fcn_00016ae0 ; mov dword [esi + 0x88], 0x16ae0 -mov dword [esi + 0x8c], fcn_00016ae7 ; mov dword [esi + 0x8c], 0x16ae7 -mov dword [esi + 0x90], fcn_00016aef ; mov dword [esi + 0x90], 0x16aef -mov dword [esi + 0x94], fcn_00016b18 ; mov dword [esi + 0x94], 0x16b18 -mov dword [esi + 0x98], fcn_0001671d ; mov dword [esi + 0x98], 0x1671d -mov dword [esi + 0x9c], fcn_00016792 ; mov dword [esi + 0x9c], 0x16792 -mov dword [esi + 0xa0], fcn_000174f8 ; mov dword [esi + 0xa0], 0x174f8 -mov dword [esi + 0xa4], fcn_00017502 ; mov dword [esi + 0xa4], 0x17502 -mov dword [esi + 0xa8], fcn_00016b8c ; mov dword [esi + 0xa8], 0x16b8c +mov dword [esi + 0x78], fcn_0001670c ; mov dword [esi + 0x78], 0x1670c +mov dword [esi + 0x7c], fcn_00016b44 ; mov dword [esi + 0x7c], 0x16b44 +mov dword [esi + 0x80], fcn_0001cc0f ; mov dword [esi + 0x80], 0x1cc0f +mov dword [esi + 0x84], fcn_0001c9fc ; mov dword [esi + 0x84], 0x1c9fc +mov dword [esi + 0x88], fcn_00016ba4 ; mov dword [esi + 0x88], 0x16ba4 +mov dword [esi + 0x8c], fcn_00016bab ; mov dword [esi + 0x8c], 0x16bab +mov dword [esi + 0x90], fcn_00016bb3 ; mov dword [esi + 0x90], 0x16bb3 +mov dword [esi + 0x94], fcn_00016bdc ; mov dword [esi + 0x94], 0x16bdc +mov dword [esi + 0x98], fcn_000167ad ; mov dword [esi + 0x98], 0x167ad +mov dword [esi + 0x9c], fcn_00016822 ; mov dword [esi + 0x9c], 0x16822 +mov dword [esi + 0xa0], fcn_000175bc ; mov dword [esi + 0xa0], 0x175bc +mov dword [esi + 0xa4], fcn_000175c6 ; mov dword [esi + 0xa4], 0x175c6 +mov dword [esi + 0xa8], fcn_00016c50 ; mov dword [esi + 0xa8], 0x16c50 mov dword [eax + 9], ebx mov dword [eax + 0x1e], esi xor eax, eax @@ -49791,13 +49863,13 @@ mov byte [edx + 0x3f], 0xf mov byte [edx + 0x42], 0x14 mov word [edx + 0x50], 1 -loc_0001de05: +loc_0001dec9: mov byte [edx + eax + 9], 8 mov byte [edx + eax + 0x19], 7 mov byte [edx + eax + 0x29], 2 inc eax cmp eax, 0x10 -jne short loc_0001de05 ; jne 0x1de05 +jne short loc_0001dec9 ; jne 0x1dec9 mov eax, dword [ebp - 0x2c] mov byte [edx + 0x49], 0 mov byte [eax], 0 @@ -49805,11 +49877,11 @@ xor eax, eax mov byte [edx + 0x52], 0 mov byte [edx + 0x53], 0 -loc_0001de2e: +loc_0001def2: mov byte [edx + eax + 0x54], 8 inc eax cmp eax, 8 -jne short loc_0001de2e ; jne 0x1de2e +jne short loc_0001def2 ; jne 0x1def2 mov esi, dword [ebp - 0x30] sub esp, 0xc mov ecx, dword [ebp - 0x1c] @@ -49830,35 +49902,35 @@ mov byte [ecx + 0x22], 0 mov eax, dword [edi + 0x8f6] mov dword [ecx + 0x15], eax push dword [ebp - 0x20] -call fcn_00019667 ; call 0x19667 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 mov edx, ebx test al, al -je short loc_0001dee4 ; je 0x1dee4 +je short loc_0001dfa8 ; je 0x1dfa8 test ebx, ebx -jns short loc_0001dee4 ; jns 0x1dee4 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001dfa8 ; jns 0x1dfa8 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001deca ; je 0x1deca +je short loc_0001df8e ; je 0x1df8e push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001deca: +loc_0001df8e: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x237 -push ref_0002681d ; push 0x2681d -call fcn_000153fc ; call 0x153fc +push ref_000268cc ; push 0x268cc +call fcn_0001548c ; call 0x1548c add esp, 0x10 mov edx, ebx -loc_0001dee4: +loc_0001dfa8: lea esp, [ebp - 0xc] mov eax, edx pop ebx @@ -49867,64 +49939,64 @@ pop edi pop ebp ret -fcn_0001deee: +fcn_0001dfb2: push ebp mov ebp, esp push edi push esi push ebx sub esp, 0x1c -call fcn_00016380 ; call 0x16380 +call fcn_00016410 ; call 0x16410 mov esi, eax -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb sub esp, 0xc push 0x5ac mov dword [ebp - 0x1c], eax -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 mov ebx, eax test eax, eax -jne short loc_0001df47 ; jne 0x1df47 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001e00b ; jne 0x1e00b +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001df3d ; je 0x1df3d +je short loc_0001e001 ; je 0x1e001 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x129 -loc_0001df30: -push ref_00026920 ; push 0x26920 -call fcn_000153fc ; call 0x153fc +loc_0001dff4: +push ref_000269cf ; push 0x269cf +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001df3d: +loc_0001e001: mov edx, 0x80000009 -jmp near loc_0001e5b3 ; jmp 0x1e5b3 +jmp near loc_0001e677 ; jmp 0x1e677 -loc_0001df47: +loc_0001e00b: sub esp, 0xc push 0xc -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 mov dword [ebp - 0x20], eax test eax, eax -jne short loc_0001df71 ; jne 0x1df71 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001e035 ; jne 0x1e035 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001df3d ; je 0x1df3d +je short loc_0001e001 ; je 0x1e001 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x12f -jmp short loc_0001df30 ; jmp 0x1df30 +jmp short loc_0001dff4 ; jmp 0x1dff4 -loc_0001df71: +loc_0001e035: mov eax, dword [ebp - 0x20] xor edi, edi mov dword [eax], 0x80000010 -mov dword [eax + 4], ref_0002912c ; mov dword [eax + 4], 0x2912c +mov dword [eax + 4], ref_000291dc ; mov dword [eax + 4], 0x291dc mov dword [eax + 8], ebx lea eax, [ebx + 0x284] -mov byte [ebx], 0xb +mov byte [ebx], 0xc mov byte [ebx + 1], 0 mov dword [ebx + 4], 0xfed1c000 mov dword [ebp - 0x24], eax @@ -49957,17 +50029,17 @@ or byte [ebx + 0x41e], 2 or byte [ebx + 0x424], 0x40 mov byte [ebx + 0x43c], 1 -loc_0001e04a: -call fcn_0001c11d ; call 0x1c11d +loc_0001e10e: +call fcn_0001c1e1 ; call 0x1c1e1 movzx eax, al cmp edi, eax -jae short loc_0001e064 ; jae 0x1e064 +jae short loc_0001e128 ; jae 0x1e128 imul eax, edi, 0x12 inc edi or byte [ebx + eax + 0x1e1], 0x40 -jmp short loc_0001e04a ; jmp 0x1e04a +jmp short loc_0001e10e ; jmp 0x1e10e -loc_0001e064: +loc_0001e128: mov al, byte [ebx + 0x436] xor ecx, ecx and byte [ebx + 0x426], 0xfe @@ -49978,12 +50050,12 @@ mov word [ebx + 0x43a], 0 mov byte [ebx + 0x436], al mov byte [ebx + 0x1a8], 1 -loc_0001e096: +loc_0001e15a: mov dword [ebp - 0x28], ecx -call fcn_0001c0fb ; call 0x1c0fb +call fcn_0001c1bf ; call 0x1c1bf mov ecx, dword [ebp - 0x28] cmp cl, al -jae short loc_0001e0ce ; jae 0x1e0ce +jae short loc_0001e192 ; jae 0x1e192 movzx eax, cl imul eax, eax, 0x2c add eax, ebx @@ -49997,9 +50069,9 @@ and edx, 0x7f mov byte [eax + 0x57], 3 mov byte [eax + 0x4e], 0 mov byte [eax + 0x46], dl -jmp short loc_0001e096 ; jmp 0x1e096 +jmp short loc_0001e15a ; jmp 0x1e15a -loc_0001e0ce: +loc_0001e192: or byte [ebx + 0x17a], 8 sub esp, 0xc and byte [ebx + 0x1aa], 0xfe @@ -50007,61 +50079,61 @@ mov byte [ebx + 0x1a6], 0 mov byte [ebx + 0x1a7], 0 mov byte [ebx + 0x1a9], 1 push 0xc -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 test eax, eax -jne short loc_0001e118 ; jne 0x1e118 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001e1dc ; jne 0x1e1dc +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001e17c ; je 0x1e17c +je short loc_0001e240 ; je 0x1e240 push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0xf8 -jmp short loc_0001e16f ; jmp 0x1e16f +jmp short loc_0001e233 ; jmp 0x1e233 -loc_0001e118: +loc_0001e1dc: sub esp, 0xc mov dword [eax], 0x80000010 -mov dword [eax + 4], ref_0002906c ; mov dword [eax + 4], 0x2906c -mov dword [eax + 8], ref_00029698 ; mov dword [eax + 8], 0x29698 +mov dword [eax + 4], ref_0002911c ; mov dword [eax + 4], 0x2911c +mov dword [eax + 8], ref_00029748 ; mov dword [eax + 8], 0x29748 push eax -call fcn_00019667 ; call 0x19667 +call fcn_0001972b ; call 0x1972b mov edi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001e17c ; je 0x1e17c +je short loc_0001e240 ; je 0x1e240 test edi, edi -jns short loc_0001e17c ; jns 0x1e17c -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001e240 ; jns 0x1e240 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001e164 ; je 0x1e164 +je short loc_0001e228 ; je 0x1e228 push eax push edi -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001e164: +loc_0001e228: push ecx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x101 -loc_0001e16f: -push ref_00026920 ; push 0x26920 -call fcn_000153fc ; call 0x153fc +loc_0001e233: +push ref_000269cf ; push 0x269cf +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001e17c: +loc_0001e240: mov dword [ebx + 0x1db], 1 xor edi, edi -loc_0001e188: -call fcn_0001c11d ; call 0x1c11d +loc_0001e24c: +call fcn_0001c1e1 ; call 0x1c1e1 mov edx, edi cmp dl, al -jae loc_0001e217 ; jae 0x1e217 +jae loc_0001e2db ; jae 0x1e2db mov eax, edi inc edi movzx eax, al @@ -50085,9 +50157,9 @@ mov byte [eax + 0x1ea], 0 mov byte [eax + 0x1eb], 0 mov byte [eax + 0x1ec], 0 and byte [ecx + 0x13], 0xf0 -jmp near loc_0001e188 ; jmp 0x1e188 +jmp near loc_0001e24c ; jmp 0x1e24c -loc_0001e217: +loc_0001e2db: mov al, byte [ebx + 0x24c] mov byte [ebx + 0x24b], 0x7e mov byte [ebx + 0x253], 0 @@ -50102,14 +50174,14 @@ mov byte [ebx + 0x258], 0 mov byte [ebx + 0x259], 0 mov byte [ebx + 0x25a], 0 mov byte [ebx + 0x25b], 0x64 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 mov byte [ebx + 0x38d], 4 push eax push 4 -push ref_00029600 ; push 0x29600 +push ref_000296b0 ; push 0x296b0 lea eax, [ebx + 0x38e] push eax -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e mov word [ebx + 0x36], 0x8086 mov word [ebx + 0x38], 0x7270 mov byte [ebx + 0x3b], 0 @@ -50138,7 +50210,7 @@ pop edx lea eax, [ebx + 0x57c] push eax push dword [ebp - 0x24] -call fcn_0001e5bd ; call 0x1e5bd +call fcn_0001e681 ; call 0x1e681 mov al, byte [ebx + 0x40e] add esp, 0x10 or eax, 3 @@ -50146,13 +50218,13 @@ and eax, 0xffffffc3 mov byte [ebx + 0x40e], al xor eax, eax -loc_0001e340: +loc_0001e404: and byte [ebx + eax*8 + 0x554], 0xfc mov word [ebx + eax*8 + 0x558], 0 mov word [ebx + eax*8 + 0x55a], 0 inc eax cmp eax, 5 -jne short loc_0001e340 ; jne 0x1e340 +jne short loc_0001e404 ; jne 0x1e404 mov al, byte [ebx + 0x46a] xor ecx, ecx mov byte [ebx + 0x364], 1 @@ -50170,46 +50242,46 @@ mov byte [ebx + 0x46a], al mov byte [ebx + 0x37f], 0 mov byte [ebx + 0x256], 1 -loc_0001e3cc: +loc_0001e490: mov dword [ebp - 0x24], ecx -call fcn_0001c0fb ; call 0x1c0fb +call fcn_0001c1bf ; call 0x1c1bf mov ecx, dword [ebp - 0x24] cmp cl, al -jae short loc_0001e3e9 ; jae 0x1e3e9 +jae short loc_0001e4ad ; jae 0x1e4ad movzx eax, cl inc ecx imul eax, eax, 0x2c mov byte [ebx + eax + 0x58], 1 -jmp short loc_0001e3cc ; jmp 0x1e3cc +jmp short loc_0001e490 ; jmp 0x1e490 -loc_0001e3e9: +loc_0001e4ad: and byte [ebx + 0x45e], 0xf7 xor ecx, ecx -loc_0001e3f2: +loc_0001e4b6: mov dword [ebp - 0x24], ecx -call fcn_0001c0fb ; call 0x1c0fb +call fcn_0001c1bf ; call 0x1c1bf mov ecx, dword [ebp - 0x24] cmp cl, al -jae short loc_0001e460 ; jae 0x1e460 +jae short loc_0001e524 ; jae 0x1e524 cmp dword [ebp - 0x1c], 2 movzx eax, cl -jne short loc_0001e41f ; jne 0x1e41f +jne short loc_0001e4e3 ; jne 0x1e4e3 imul esi, eax, 0x2c lea esi, [ebx + esi + 0x50] mov word [esi + 0xa], 0x1003 mov word [esi + 0xc], 0x1003 -jmp short loc_0001e438 ; jmp 0x1e438 +jmp short loc_0001e4fc ; jmp 0x1e4fc -loc_0001e41f: +loc_0001e4e3: cmp dword [ebp - 0x1c], 1 -jne short loc_0001e438 ; jne 0x1e438 +jne short loc_0001e4fc ; jne 0x1e4fc imul esi, eax, 0x2c lea esi, [ebx + esi + 0x50] mov word [esi + 0xa], 0x846 mov word [esi + 0xc], 0x846 -loc_0001e438: +loc_0001e4fc: imul eax, eax, 0x2c inc ecx add eax, ebx @@ -50220,9 +50292,9 @@ mov word [eax + 0x60], 0x3c mov byte [eax + 0x62], 2 mov byte [eax + 0x63], 2 mov word [eax + 0x64], 0x3c -jmp short loc_0001e3f2 ; jmp 0x1e3f2 +jmp short loc_0001e4b6 ; jmp 0x1e4b6 -loc_0001e460: +loc_0001e524: mov al, byte [ebx + 0x446] or byte [ebx + 0x442], 7 and byte [ebx + 0x45e], 0xf9 @@ -50233,7 +50305,7 @@ mov al, byte [ebx + 0x486] mov dword [ebx + 0x44a], 0 mov dword [ebx + 0x44e], 2 mov dword [ebx + 0x452], 4 -and eax, 0xffffffc1 +and eax, 1 or eax, 0x32 mov byte [ebx + 0x486], al mov al, byte [ebx + 0x49e] @@ -50246,74 +50318,74 @@ mov byte [ebx + 0x49e], al xor eax, eax mov byte [ebx + 0x10], 0xdd -loc_0001e4e3: +loc_0001e5a7: mov dword [ebx + eax*4 + 0x1ba], 0 inc eax cmp eax, 8 -jne short loc_0001e4e3 ; jne 0x1e4e3 +jne short loc_0001e5a7 ; jne 0x1e5a7 cmp dword [ebp - 0x1c], 2 lea eax, [ebx + 0x4de] lea esi, [ebx + 0x527] -jne short loc_0001e52e ; jne 0x1e52e +jne short loc_0001e5f2 ; jne 0x1e5f2 mov byte [ebx + 0x526], 5 push edi push 0x28 -push ref_00029640 ; push 0x29640 +push ref_000296f0 ; push 0x296f0 push eax -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e add esp, 0xc mov byte [ebx + 0x553], 9 push 0x24 -push ref_00029604 ; push 0x29604 -jmp short loc_0001e554 ; jmp 0x1e554 +push ref_000296b4 ; push 0x296b4 +jmp short loc_0001e618 ; jmp 0x1e618 -loc_0001e52e: +loc_0001e5f2: mov byte [ebx + 0x526], 6 push ecx push 0x30 -push ref_00029668 ; push 0x29668 +push ref_00029718 ; push 0x29718 push eax -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e add esp, 0xc mov byte [ebx + 0x553], 6 push 0x18 -push ref_00029628 ; push 0x29628 +push ref_000296d8 ; push 0x296d8 -loc_0001e554: +loc_0001e618: push esi -call fcn_0001707a ; call 0x1707a +call fcn_0001713e ; call 0x1713e add esp, 0x10 sub esp, 0xc push dword [ebp - 0x20] -call fcn_00019667 ; call 0x19667 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 mov edx, ebx test al, al -je short loc_0001e5b3 ; je 0x1e5b3 +je short loc_0001e677 ; je 0x1e677 test ebx, ebx -jns short loc_0001e5b3 ; jns 0x1e5b3 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001e677 ; jns 0x1e677 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001e599 ; je 0x1e599 +je short loc_0001e65d ; je 0x1e65d push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001e599: +loc_0001e65d: push eax -push ref_00020664 ; push 0x20664 -push 0x2d4 -push ref_00026920 ; push 0x26920 -call fcn_000153fc ; call 0x153fc +push ref_000206f4 ; push 0x206f4 +push 0x2d5 +push ref_000269cf ; push 0x269cf +call fcn_0001548c ; call 0x1548c add esp, 0x10 mov edx, ebx -loc_0001e5b3: +loc_0001e677: lea esp, [ebp - 0xc] mov eax, edx pop ebx @@ -50322,7 +50394,7 @@ pop edi pop ebp ret -fcn_0001e5bd: +fcn_0001e681: push ebp mov ebp, esp push edi @@ -50330,72 +50402,72 @@ push esi push ebx sub esp, 0x1c mov ebx, dword [ebp + 8] -call fcn_00016380 ; call 0x16380 +call fcn_00016410 ; call 0x16410 test ebx, ebx -jne short loc_0001e5f9 ; jne 0x1e5f9 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001e6bd ; jne 0x1e6bd +call fcn_00015480 ; call 0x15480 test al, al -je loc_0001ec65 ; je 0x1ec65 +je loc_0001ecf3 ; je 0x1ecf3 push edx -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x35 -push ref_0002693d ; push 0x2693d -call fcn_000153fc ; call 0x153fc +push ref_000269ec ; push 0x269ec +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp near loc_0001ec65 ; jmp 0x1ec65 +jmp near loc_0001ecf3 ; jmp 0x1ecf3 -loc_0001e5f9: +loc_0001e6bd: mov esi, eax -call fcn_0001bef7 ; call 0x1bef7 +call fcn_0001bfbb ; call 0x1bfbb mov edi, eax push eax push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a add eax, 2 mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 -xor edx, edx +xor ecx, ecx mov byte [ebx], 0 mov byte [ebx + 8], 0 mov byte [ebx + 0x11], 1 mov byte [ebx + 0x10], 1 mov byte [ebx + 0x13], 0 -mov ecx, eax +mov edx, eax mov byte [ebx + 0x12], 1 -loc_0001e637: -mov dword [ebp - 0x20], ecx -mov dword [ebp - 0x1c], edx -call fcn_0001c19d ; call 0x1c19d -mov edx, dword [ebp - 0x1c] -mov ecx, dword [ebp - 0x20] +loc_0001e6fb: +mov dword [ebp - 0x20], edx +mov dword [ebp - 0x1c], ecx +call fcn_0001c261 ; call 0x1c261 +mov ecx, dword [ebp - 0x1c] +mov edx, dword [ebp - 0x20] movzx eax, al -cmp edx, eax -jae short loc_0001e657 ; jae 0x1e657 -mov byte [ebx + edx + 0x14], 0 -inc edx -jmp short loc_0001e637 ; jmp 0x1e637 +cmp ecx, eax +jae short loc_0001e71b ; jae 0x1e71b +mov byte [ebx + ecx + 0x14], 0 +inc ecx +jmp short loc_0001e6fb ; jmp 0x1e6fb -loc_0001e657: -xor edx, edx +loc_0001e71b: +xor ecx, ecx -loc_0001e659: -mov dword [ebp - 0x20], ecx -mov dword [ebp - 0x1c], edx -call fcn_0001c234 ; call 0x1c234 -mov edx, dword [ebp - 0x1c] -mov ecx, dword [ebp - 0x20] +loc_0001e71d: +mov dword [ebp - 0x20], edx +mov dword [ebp - 0x1c], ecx +call fcn_0001c2f8 ; call 0x1c2f8 +mov ecx, dword [ebp - 0x1c] +mov edx, dword [ebp - 0x20] movzx eax, al -cmp edx, eax -jae short loc_0001e679 ; jae 0x1e679 -mov byte [ebx + edx + 0x22], 0 -inc edx -jmp short loc_0001e659 ; jmp 0x1e659 +cmp ecx, eax +jae short loc_0001e73d ; jae 0x1e73d +mov byte [ebx + ecx + 0x22], 0 +inc ecx +jmp short loc_0001e71d ; jmp 0x1e71d -loc_0001e679: +loc_0001e73d: mov byte [ebx + 0x28], 0 mov byte [ebx + 1], 0 mov byte [ebx + 9], 0 @@ -50550,353 +50622,330 @@ mov byte [ebx + 0x92], al mov al, byte [esi + 0x9f] mov byte [ebx + 0x9a], al cmp edi, 1 -jne loc_0001ea89 ; jne 0x1ea89 -mov eax, ecx +jne loc_0001eb4c ; jne 0x1eb4c +mov eax, edx and eax, 0xfffffff7 cmp ax, 0x8c44 -je short loc_0001e96f ; je 0x1e96f -mov edx, ecx -and edx, 0xfffffffb -cmp cx, 0x8c50 -jne short loc_0001e976 ; jne 0x1e976 +je short loc_0001ea33 ; je 0x1ea33 +mov ecx, edx +and ecx, 0xfffffffb +cmp dx, 0x8c50 +jne short loc_0001ea3a ; jne 0x1ea3a -loc_0001e96f: +loc_0001ea33: lea edi, [ebx + 0x2f] xor edx, edx -jmp short loc_0001e9c6 ; jmp 0x1e9c6 +jmp short loc_0001ea8a ; jmp 0x1ea8a -loc_0001e976: -cmp cx, 0x8c5c -je short loc_0001e96f ; je 0x1e96f -mov edi, ecx +loc_0001ea3a: +cmp dx, 0x8c5c +je short loc_0001ea33 ; je 0x1ea33 +mov edi, edx and edi, 0xfffffff3 cmp di, 0x8c42 -je short loc_0001e96f ; je 0x1e96f -cmp cx, 0x8cc4 -je short loc_0001e96f ; je 0x1e96f -cmp dx, 0x8cc2 -jne short loc_0001e9df ; jne 0x1e9df -jmp short loc_0001e96f ; jmp 0x1e96f - -loc_0001e999: +je short loc_0001ea33 ; je 0x1ea33 +cmp dx, 0x8cc4 +je short loc_0001ea33 ; je 0x1ea33 +cmp cx, 0x8cc2 +jne short loc_0001eaa3 ; jne 0x1eaa3 +jmp short loc_0001ea33 ; jmp 0x1ea33 + +loc_0001ea5d: cmp byte [edi + 3], 1 sbb eax, eax not eax add eax, 4 cmp byte [edi + 3], 0 mov byte [edi - 1], al -jne short loc_0001e9da ; jne 0x1e9da +jne short loc_0001ea9e ; jne 0x1ea9e mov ax, word [edi + 1] cmp ax, 0x7f -jbe short loc_0001e9da ; jbe 0x1e9da +jbe short loc_0001ea9e ; jbe 0x1ea9e cmp ax, 0x130 sbb eax, eax add eax, 4 mov byte [edi], al -loc_0001e9c2: +loc_0001ea86: inc edx add edi, 8 -loc_0001e9c6: +loc_0001ea8a: mov dword [ebp - 0x1c], edx -call fcn_0001c19d ; call 0x1c19d +call fcn_0001c261 ; call 0x1c261 mov edx, dword [ebp - 0x1c] movzx eax, al cmp edx, eax -jb short loc_0001e999 ; jb 0x1e999 -jmp short loc_0001ea0a ; jmp 0x1ea0a +jb short loc_0001ea5d ; jb 0x1ea5d +jmp short loc_0001eacd ; jmp 0x1eacd -loc_0001e9da: +loc_0001ea9e: mov byte [edi], 2 -jmp short loc_0001e9c2 ; jmp 0x1e9c2 +jmp short loc_0001ea86 ; jmp 0x1ea86 -loc_0001e9df: -cmp dx, 0x8c4b -je short loc_0001ea22 ; je 0x1ea22 +loc_0001eaa3: +cmp cx, 0x8c4b +je short loc_0001eae5 ; je 0x1eae5 cmp ax, 0x8c41 -je short loc_0001ea22 ; je 0x1ea22 -lea eax, [ecx + 0x63bf] +je short loc_0001eae5 ; je 0x1eae5 +lea eax, [edx + 0x63bf] cmp ax, 6 -jbe short loc_0001ea22 ; jbe 0x1ea22 -cmp cx, 0x8cc5 -je short loc_0001ea22 ; je 0x1ea22 -mov eax, ecx -and eax, 0xfffffffd -cmp ax, 0x8cc1 -je short loc_0001ea22 ; je 0x1ea22 +jbe short loc_0001eae5 ; jbe 0x1eae5 +cmp dx, 0x8cc5 +je short loc_0001eae5 ; je 0x1eae5 +and edx, 0xfffffffd +cmp dx, 0x8cc1 +je short loc_0001eae5 ; je 0x1eae5 -loc_0001ea0a: +loc_0001eacd: cmp dword [esi + 0x10], 0 -je loc_0001eb9c ; je 0x1eb9c +je loc_0001ec26 ; je 0x1ec26 mov byte [ebx], 1 xor edi, edi mov byte [ebx + 0x13], 1 -jmp near loc_0001eb6a ; jmp 0x1eb6a +jmp near loc_0001ebf4 ; jmp 0x1ebf4 -loc_0001ea22: +loc_0001eae5: lea edi, [ebx + 0x2f] xor edx, edx -loc_0001ea27: +loc_0001eaea: mov dword [ebp - 0x1c], edx -call fcn_0001c19d ; call 0x1c19d +call fcn_0001c261 ; call 0x1c261 mov edx, dword [ebp - 0x1c] movzx eax, al cmp edx, eax -jae short loc_0001ea0a ; jae 0x1ea0a +jae short loc_0001eacd ; jae 0x1eacd mov al, byte [edi + 3] cmp al, 5 -jne short loc_0001ea46 ; jne 0x1ea46 +jne short loc_0001eb09 ; jne 0x1eb09 mov byte [edi - 1], 5 -jmp short loc_0001ea61 ; jmp 0x1ea61 +jmp short loc_0001eb24 ; jmp 0x1eb24 -loc_0001ea46: +loc_0001eb09: cmp al, 2 -jne short loc_0001ea50 ; jne 0x1ea50 +jne short loc_0001eb13 ; jne 0x1eb13 mov byte [edi - 1], 4 -jmp short loc_0001ea6a ; jmp 0x1ea6a +jmp short loc_0001eb2d ; jmp 0x1eb2d -loc_0001ea50: +loc_0001eb13: cmp word [edi + 1], 0x70 sbb ecx, ecx add ecx, 6 mov byte [edi - 1], cl cmp al, 5 -jne short loc_0001ea66 ; jne 0x1ea66 +jne short loc_0001eb29 ; jne 0x1eb29 -loc_0001ea61: +loc_0001eb24: mov byte [edi], 2 -jmp short loc_0001ea83 ; jmp 0x1ea83 +jmp short loc_0001eb46 ; jmp 0x1eb46 -loc_0001ea66: +loc_0001eb29: cmp al, 2 -jne short loc_0001ea76 ; jne 0x1ea76 +jne short loc_0001eb39 ; jne 0x1eb39 -loc_0001ea6a: +loc_0001eb2d: cmp word [edi + 1], 0x50 sbb eax, eax add eax, 2 -jmp short loc_0001ea81 ; jmp 0x1ea81 +jmp short loc_0001eb44 ; jmp 0x1eb44 -loc_0001ea76: +loc_0001eb39: cmp word [edi + 1], 0x100 sbb eax, eax add eax, 3 -loc_0001ea81: +loc_0001eb44: mov byte [edi], al -loc_0001ea83: +loc_0001eb46: inc edx add edi, 8 -jmp short loc_0001ea27 ; jmp 0x1ea27 +jmp short loc_0001eaea ; jmp 0x1eaea -loc_0001ea89: +loc_0001eb4c: cmp edi, 2 -jne loc_0001ea0a ; jne 0x1ea0a -lea eax, [ecx + 0x63bf] +jne loc_0001eacd ; jne 0x1eacd +lea eax, [edx + 0x63bf] +xor ecx, ecx +mov word [ebp - 0x1c], ax +lea eax, [edx + 0x633f] +lea edi, [ebx + 0x2f] mov word [ebp - 0x20], ax -lea eax, [ecx + 0x633f] -lea edi, [ebx + 0x2e] -mov dword [ebp - 0x1c], 0 -mov word [ebp - 0x22], ax -loc_0001eab0: -mov dword [ebp - 0x28], ecx -call fcn_0001c19d ; call 0x1c19d -mov ecx, dword [ebp - 0x28] +loc_0001eb6e: +mov dword [ebp - 0x24], ecx +call fcn_0001c261 ; call 0x1c261 +mov ecx, dword [ebp - 0x24] movzx eax, al -cmp dword [ebp - 0x1c], eax -jae loc_0001ea0a ; jae 0x1ea0a -cmp word [ebp - 0x20], 6 -ja short loc_0001eaef ; ja 0x1eaef -mov al, byte [edi + 4] +cmp ecx, eax +jae loc_0001eacd ; jae 0x1eacd +cmp word [ebp - 0x1c], 6 +ja short loc_0001ebad ; ja 0x1ebad +mov al, byte [edi + 3] cmp al, 3 -je short loc_0001ead9 ; je 0x1ead9 +je short loc_0001eb96 ; je 0x1eb96 test al, al -jne short loc_0001eae5 ; jne 0x1eae5 +jne short loc_0001eba2 ; jne 0x1eba2 -loc_0001ead9: -cmp word [edi + 2], 0x70 +loc_0001eb96: +cmp word [edi + 1], 0x70 sbb eax, eax add eax, 6 -jmp short loc_0001eaed ; jmp 0x1eaed +jmp short loc_0001ebaa ; jmp 0x1ebaa -loc_0001eae5: +loc_0001eba2: cmp al, 2 setne al add eax, 4 -loc_0001eaed: -mov byte [edi], al - -loc_0001eaef: -cmp word [ebp - 0x22], 2 -jbe short loc_0001eafd ; jbe 0x1eafd -cmp cx, 0x9cc5 -jne short loc_0001eb00 ; jne 0x1eb00 - -loc_0001eafd: -mov byte [edi], 6 - -loc_0001eb00: -lea eax, [ecx + 0x633a] -cmp ax, 1 -jbe short loc_0001eb13 ; jbe 0x1eb13 -cmp cx, 0x9cc9 -jne short loc_0001eb2a ; jne 0x1eb2a - -loc_0001eb13: -cmp byte [edi + 4], 0 -jne short loc_0001eb27 ; jne 0x1eb27 -cmp word [edi + 2], 0x70 -sbb eax, eax -add eax, 7 -mov byte [edi], al -jmp short loc_0001eb2a ; jmp 0x1eb2a +loc_0001ebaa: +mov byte [edi - 1], al -loc_0001eb27: -mov byte [edi], 6 +loc_0001ebad: +cmp word [ebp - 0x20], 0xa +ja short loc_0001ebb8 ; ja 0x1ebb8 +mov byte [edi - 1], 6 -loc_0001eb2a: -mov al, byte [edi + 4] +loc_0001ebb8: +mov al, byte [edi + 3] mov dl, al and edx, 0xfffffffb cmp dl, 3 -je short loc_0001eb3b ; je 0x1eb3b +je short loc_0001ebc9 ; je 0x1ebc9 test al, al -jne short loc_0001eb48 ; jne 0x1eb48 +jne short loc_0001ebd6 ; jne 0x1ebd6 -loc_0001eb3b: -cmp word [edi + 2], 0x100 +loc_0001ebc9: +cmp word [edi + 1], 0x100 sbb eax, eax add eax, 3 -jmp short loc_0001eb56 ; jmp 0x1eb56 +jmp short loc_0001ebe4 ; jmp 0x1ebe4 -loc_0001eb48: +loc_0001ebd6: cmp al, 2 -jne short loc_0001eb5b ; jne 0x1eb5b -cmp word [edi + 2], 0x50 +jne short loc_0001ebe8 ; jne 0x1ebe8 +cmp word [edi + 1], 0x50 sbb eax, eax add eax, 2 -loc_0001eb56: -mov byte [edi + 1], al -jmp short loc_0001eb5f ; jmp 0x1eb5f +loc_0001ebe4: +mov byte [edi], al +jmp short loc_0001ebeb ; jmp 0x1ebeb -loc_0001eb5b: -mov byte [edi + 1], 2 +loc_0001ebe8: +mov byte [edi], 2 -loc_0001eb5f: -inc dword [ebp - 0x1c] +loc_0001ebeb: +inc ecx add edi, 8 -jmp near loc_0001eab0 ; jmp 0x1eab0 +jmp near loc_0001eb6e ; jmp 0x1eb6e -loc_0001eb6a: -call fcn_0001c19d ; call 0x1c19d +loc_0001ebf4: +call fcn_0001c261 ; call 0x1c261 movzx eax, al cmp edi, eax -jae short loc_0001eb7e ; jae 0x1eb7e +jae short loc_0001ec08 ; jae 0x1ec08 mov byte [ebx + edi + 0x14], 1 inc edi -jmp short loc_0001eb6a ; jmp 0x1eb6a +jmp short loc_0001ebf4 ; jmp 0x1ebf4 -loc_0001eb7e: +loc_0001ec08: mov byte [ebx + 0x15], 0 xor edi, edi -loc_0001eb84: -call fcn_0001c234 ; call 0x1c234 +loc_0001ec0e: +call fcn_0001c2f8 ; call 0x1c2f8 movzx eax, al cmp edi, eax -jae short loc_0001eb98 ; jae 0x1eb98 +jae short loc_0001ec22 ; jae 0x1ec22 mov byte [ebx + edi + 0x22], 1 inc edi -jmp short loc_0001eb84 ; jmp 0x1eb84 +jmp short loc_0001ec0e ; jmp 0x1ec0e -loc_0001eb98: +loc_0001ec22: mov byte [ebx + 0x23], 0 -loc_0001eb9c: +loc_0001ec26: xor ebx, ebx -loc_0001eb9e: -call fcn_0001c234 ; call 0x1c234 +loc_0001ec28: +call fcn_0001c2f8 ; call 0x1c2f8 movzx eax, al cmp ebx, eax -jae loc_0001ec65 ; jae 0x1ec65 +jae loc_0001ecf3 ; jae 0x1ecf3 mov dl, byte [esi + ebx + 0xb2] mov eax, dword [ebp + 0xc] mov ecx, dword [ebp + 0xc] test dl, dl mov al, byte [eax + ebx*8 + 4] -je short loc_0001ebcb ; je 0x1ebcb +je short loc_0001ec55 ; je 0x1ec55 mov byte [ecx + ebx*8], dl or eax, 1 -jmp short loc_0001ebd2 ; jmp 0x1ebd2 +jmp short loc_0001ec5c ; jmp 0x1ec5c -loc_0001ebcb: +loc_0001ec55: mov byte [ecx + ebx*8], 0 and eax, 0xfffffffe -loc_0001ebd2: +loc_0001ec5c: mov byte [ecx + ebx*8 + 4], al mov dl, byte [esi + ebx + 0xb8] mov eax, dword [ebp + 0xc] mov ecx, dword [ebp + 0xc] test dl, dl mov al, byte [eax + ebx*8 + 4] -je short loc_0001ebf4 ; je 0x1ebf4 +je short loc_0001ec7e ; je 0x1ec7e mov byte [ecx + ebx*8 + 1], dl or eax, 2 -jmp short loc_0001ebfc ; jmp 0x1ebfc +jmp short loc_0001ec86 ; jmp 0x1ec86 -loc_0001ebf4: +loc_0001ec7e: mov byte [ecx + ebx*8 + 1], 0 and eax, 0xfffffffd -loc_0001ebfc: +loc_0001ec86: mov byte [ecx + ebx*8 + 4], al mov dl, byte [esi + ebx + 0xbe] mov eax, dword [ebp + 0xc] mov ecx, dword [ebp + 0xc] test dl, dl mov al, byte [eax + ebx*8 + 4] -je short loc_0001ec1e ; je 0x1ec1e -mov byte [ecx + ebx*8 + 2], dl +je short loc_0001ecac ; je 0x1ecac or eax, 4 -jmp short loc_0001ec26 ; jmp 0x1ec26 +mov byte [ecx + ebx*8 + 2], dl +mov byte [ecx + ebx*8 + 4], al +jmp short loc_0001ecb8 ; jmp 0x1ecb8 -loc_0001ec1e: -mov byte [ecx + ebx*8 + 2], 0 +loc_0001ecac: and eax, 0xfffffffb - -loc_0001ec26: +mov byte [ecx + ebx*8 + 2], 0 mov byte [ecx + ebx*8 + 4], al + +loc_0001ecb8: mov dl, byte [esi + ebx + 0xc4] mov eax, dword [ebp + 0xc] test dl, dl mov al, byte [eax + ebx*8 + 4] -je short loc_0001ec50 ; je 0x1ec50 +je short loc_0001ecde ; je 0x1ecde mov ecx, dword [ebp + 0xc] lea edx, [edx + edx + 1] or eax, 8 mov byte [ecx + ebx*8 + 3], dl mov byte [ecx + ebx*8 + 4], al -jmp short loc_0001ec5f ; jmp 0x1ec5f +jmp short loc_0001eced ; jmp 0x1eced -loc_0001ec50: -mov edx, dword [ebp + 0xc] +loc_0001ecde: +mov ecx, dword [ebp + 0xc] and eax, 0xfffffff7 -mov byte [edx + ebx*8 + 3], 0 -mov byte [edx + ebx*8 + 4], al +mov byte [ecx + ebx*8 + 3], 0 +mov byte [ecx + ebx*8 + 4], al -loc_0001ec5f: +loc_0001eced: inc ebx -jmp near loc_0001eb9e ; jmp 0x1eb9e +jmp near loc_0001ec28 ; jmp 0x1ec28 -loc_0001ec65: +loc_0001ecf3: lea esp, [ebp - 0xc] pop ebx pop esi @@ -50904,7 +50953,7 @@ pop edi pop ebp ret -fcn_0001ec6d: +fcn_0001ecfb: push ebp mov ebp, esp push edi @@ -50912,116 +50961,116 @@ push esi push ebx sub esp, 0x28 push 0x15 -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 mov edi, eax test eax, eax -jne short loc_0001ec9d ; jne 0x1ec9d -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001ed2b ; jne 0x1ed2b +call fcn_00015480 ; call 0x15480 test al, al -je loc_0001ed1d ; je 0x1ed1d +je loc_0001edab ; je 0x1edab push eax -push ref_0002695a ; push 0x2695a +push ref_00026a09 ; push 0x26a09 push 0x34 -jmp short loc_0001ed10 ; jmp 0x1ed10 +jmp short loc_0001ed9e ; jmp 0x1ed9e -loc_0001ec9d: +loc_0001ed2b: sub esp, 0xc push 0xc -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 mov dword [ebp - 0x1c], eax test eax, eax -jne short loc_0001ecc4 ; jne 0x1ecc4 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001ed52 ; jne 0x1ed52 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001ed1d ; je 0x1ed1d +je short loc_0001edab ; je 0x1edab push eax -push ref_0002699c ; push 0x2699c +push ref_00026a4b ; push 0x26a4b push 0x3a -jmp short loc_0001ed10 ; jmp 0x1ed10 +jmp short loc_0001ed9e ; jmp 0x1ed9e -loc_0001ecc4: +loc_0001ed52: sub esp, 0xc push 5 -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 test eax, eax -jne short loc_0001ece8 ; jne 0x1ece8 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001ed76 ; jne 0x1ed76 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001ed1d ; je 0x1ed1d +je short loc_0001edab ; je 0x1edab push edi -push ref_000269c5 ; push 0x269c5 +push ref_00026a74 ; push 0x26a74 push 0x40 -jmp short loc_0001ed10 ; jmp 0x1ed10 +jmp short loc_0001ed9e ; jmp 0x1ed9e -loc_0001ece8: +loc_0001ed76: sub esp, 0xc push 0xc mov dword [ebp - 0x20], eax -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 mov edx, dword [ebp - 0x20] test eax, eax -jne short loc_0001ed27 ; jne 0x1ed27 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001edb5 ; jne 0x1edb5 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001ed1d ; je 0x1ed1d +je short loc_0001edab ; je 0x1edab push esi -push ref_000269df ; push 0x269df +push ref_00026a8e ; push 0x26a8e push 0x46 -loc_0001ed10: -push ref_0002697f ; push 0x2697f -call fcn_000153fc ; call 0x153fc +loc_0001ed9e: +push ref_00026a2e ; push 0x26a2e +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001ed1d: +loc_0001edab: mov edx, 0x80000009 -jmp near loc_0001eef3 ; jmp 0x1eef3 +jmp near loc_0001ef81 ; jmp 0x1ef81 -loc_0001ed27: +loc_0001edb5: sub esp, 0xc push 0x1d mov dword [ebp - 0x20], edx mov dword [ebp - 0x24], eax -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 mov edx, dword [ebp - 0x20] mov ecx, dword [ebp - 0x24] test eax, eax mov ebx, eax -jne short loc_0001ed59 ; jne 0x1ed59 -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001ede7 ; jne 0x1ede7 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001ed1d ; je 0x1ed1d +je short loc_0001edab ; je 0x1edab push ebx -push ref_000269fe ; push 0x269fe +push ref_00026aad ; push 0x26aad push 0x4c -jmp short loc_0001ed10 ; jmp 0x1ed10 +jmp short loc_0001ed9e ; jmp 0x1ed9e -loc_0001ed59: +loc_0001ede7: sub esp, 0xc push 0x13 mov dword [ebp - 0x24], ecx mov dword [ebp - 0x20], edx -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 add esp, 0x10 mov edx, dword [ebp - 0x20] mov ecx, dword [ebp - 0x24] test eax, eax mov esi, eax -jne short loc_0001ed8b ; jne 0x1ed8b -call fcn_000153f0 ; call 0x153f0 +jne short loc_0001ee19 ; jne 0x1ee19 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001ed1d ; je 0x1ed1d +je short loc_0001edab ; je 0x1edab push ecx -push ref_00026907 ; push 0x26907 +push ref_000269b6 ; push 0x269b6 push 0x52 -jmp short loc_0001ed10 ; jmp 0x1ed10 +jmp short loc_0001ed9e ; jmp 0x1ed9e -loc_0001ed8b: +loc_0001ee19: mov dword [edi + 9], ecx mov byte [edi], 0xa mov dword [edi + 1], edx @@ -51051,27 +51100,27 @@ mov byte [ebx + 0xa], 0 mov byte [ebx + 0xb], 1 mov byte [ebx + 0xc], 0 mov byte [ebx + 0xd], 1 -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 cmp eax, 0x40650 -jne short loc_0001ee2f ; jne 0x1ee2f +jne short loc_0001eebd ; jne 0x1eebd -loc_0001ee0d: +loc_0001ee9b: mov byte [ebx + 0xe], 1 -call fcn_0001c58d ; call 0x1c58d +call fcn_0001c651 ; call 0x1c651 mov byte [ebx + 0x10], 0 mov byte [ebx + 0x16], 1 cmp eax, 0x306d0 setne al lea eax, [eax + eax*4 + 0x6a] mov byte [ebx + 0xf], al -jmp short loc_0001ee3b ; jmp 0x1ee3b +jmp short loc_0001eec9 ; jmp 0x1eec9 -loc_0001ee2f: -call fcn_0001c58d ; call 0x1c58d +loc_0001eebd: +call fcn_0001c651 ; call 0x1c651 cmp eax, 0x306d0 -je short loc_0001ee0d ; je 0x1ee0d +je short loc_0001ee9b ; je 0x1ee9b -loc_0001ee3b: +loc_0001eec9: mov eax, dword [ebp - 0x1c] sub esp, 0xc mov byte [ebx + 0x17], 0x14 @@ -51091,38 +51140,38 @@ mov word [esi + 0xe], 0 mov word [esi + 0x10], 0 mov byte [esi + 0x12], 0 mov dword [eax], 0x80000010 -mov dword [eax + 4], ref_000291dc ; mov dword [eax + 4], 0x291dc +mov dword [eax + 4], ref_0002928c ; mov dword [eax + 4], 0x2928c mov dword [eax + 8], edi push eax -call fcn_00019667 ; call 0x19667 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 mov edx, ebx test al, al -je short loc_0001eef3 ; je 0x1eef3 +je short loc_0001ef81 ; je 0x1ef81 test ebx, ebx -jns short loc_0001eef3 ; jns 0x1eef3 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001ef81 ; jns 0x1ef81 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001eed9 ; je 0x1eed9 +je short loc_0001ef67 ; je 0x1ef67 push edx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001eed9: +loc_0001ef67: push eax -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0xb3 -push ref_0002697f ; push 0x2697f -call fcn_000153fc ; call 0x153fc +push ref_00026a2e ; push 0x26a2e +call fcn_0001548c ; call 0x1548c add esp, 0x10 mov edx, ebx -loc_0001eef3: +loc_0001ef81: lea esp, [ebp - 0xc] mov eax, edx pop ebx @@ -51131,103 +51180,103 @@ pop edi pop ebp ret -fcn_0001eefd: +fcn_0001ef8b: push ebp mov ebp, esp push esi push ebx sub esp, 0xc push 2 -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov esi, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001ef28 ; je 0x1ef28 +je short loc_0001efb6 ; je 0x1efb6 test esi, esi -jne short loc_0001ef2c ; jne 0x1ef2c +jne short loc_0001efba ; jne 0x1efba push esi -push ref_00026a1e ; push 0x26a1e +push ref_00026acd ; push 0x26acd push 0x2d -jmp short loc_0001ef50 ; jmp 0x1ef50 +jmp short loc_0001efde ; jmp 0x1efde -loc_0001ef28: +loc_0001efb6: test esi, esi -je short loc_0001ef5d ; je 0x1ef5d +je short loc_0001efeb ; je 0x1efeb -loc_0001ef2c: +loc_0001efba: sub esp, 0xc push 0xc -call fcn_00019cf2 ; call 0x19cf2 +call fcn_00019db6 ; call 0x19db6 mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001ef64 ; je 0x1ef64 +je short loc_0001eff2 ; je 0x1eff2 test ebx, ebx -jne short loc_0001ef68 ; jne 0x1ef68 +jne short loc_0001eff6 ; jne 0x1eff6 push ebx -push ref_00026a5e ; push 0x26a5e +push ref_00026b0d ; push 0x26b0d push 0x33 -loc_0001ef50: -push ref_00026a42 ; push 0x26a42 -call fcn_000153fc ; call 0x153fc +loc_0001efde: +push ref_00026af1 ; push 0x26af1 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001ef5d: +loc_0001efeb: mov ebx, 0x80000009 -jmp short loc_0001efe2 ; jmp 0x1efe2 +jmp short loc_0001f070 ; jmp 0x1f070 -loc_0001ef64: +loc_0001eff2: test ebx, ebx -je short loc_0001ef5d ; je 0x1ef5d +je short loc_0001efeb ; je 0x1efeb -loc_0001ef68: +loc_0001eff6: sub esp, 0xc mov dword [ebx], 0x80000010 -mov dword [ebx + 4], ref_0002915c ; mov dword [ebx + 4], 0x2915c +mov dword [ebx + 4], ref_0002920c ; mov dword [ebx + 4], 0x2920c mov byte [esi], 1 mov dword [ebx + 8], esi push ebx -call fcn_00019667 ; call 0x19667 +call fcn_0001972b ; call 0x1972b mov ebx, eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001efc8 ; je 0x1efc8 +je short loc_0001f056 ; je 0x1f056 test ebx, ebx -jns short loc_0001efc8 ; jns 0x1efc8 -call fcn_000153e9 ; call 0x153e9 +jns short loc_0001f056 ; jns 0x1f056 +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001efb3 ; je 0x1efb3 +je short loc_0001f041 ; je 0x1f041 push ecx push ebx -push ref_00020643 ; push 0x20643 +push ref_000206d3 ; push 0x206d3 push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001efb3: +loc_0001f041: push edx -push ref_00020664 ; push 0x20664 +push ref_000206f4 ; push 0x206f4 push 0x4e -push ref_00026a42 ; push 0x26a42 -call fcn_000153fc ; call 0x153fc +push ref_00026af1 ; push 0x26af1 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001efc8: -call fcn_000153e9 ; call 0x153e9 +loc_0001f056: +call fcn_00015479 ; call 0x15479 test al, al -je short loc_0001efe2 ; je 0x1efe2 +je short loc_0001f070 ; je 0x1f070 push eax push eax -push ref_00026a86 ; push 0x26a86 +push ref_00026b35 ; push 0x26b35 push 0x40 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_0001efe2: +loc_0001f070: lea esp, [ebp - 8] mov eax, ebx pop ebx @@ -51235,7 +51284,7 @@ pop esi pop ebp ret -fcn_0001efeb: +fcn_0001f079: push ebp mov ebp, esp push edi @@ -51246,23 +51295,23 @@ mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 8] mov edi, dword [ebp + 0x10] test esi, esi -je short loc_0001f044 ; je 0x1f044 -call fcn_000153f0 ; call 0x153f0 +je short loc_0001f0d2 ; je 0x1f0d2 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f02a ; je 0x1f02a +je short loc_0001f0b8 ; je 0x1f0b8 mov eax, ebx lea edx, [esi - 1] not eax cmp edx, eax -jbe short loc_0001f02a ; jbe 0x1f02a +jbe short loc_0001f0b8 ; jbe 0x1f0b8 push eax -push ref_00026aac ; push 0x26aac +push ref_00026b5b ; push 0x26b5b push 0x36 -push ref_00026ad9 ; push 0x26ad9 -call fcn_000153fc ; call 0x153fc +push ref_00026b88 ; push 0x26b88 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f02a: +loc_0001f0b8: mov eax, edi movzx edi, al mov dword [ebp + 0x10], edi @@ -51273,9 +51322,9 @@ pop ebx pop esi pop edi pop ebp -jmp near loc_0001f127 ; jmp 0x1f127 +jmp near loc_0001f1b5 ; jmp 0x1f1b5 -loc_0001f044: +loc_0001f0d2: lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -51284,13 +51333,13 @@ pop edi pop ebp ret -fcn_0001f04e: ; not directly referenced +fcn_0001f0dc: ; not directly referenced push ebp mov ebp, esp pop ebp -jmp near fcn_0001f057 ; jmp 0x1f057 +jmp near fcn_0001f0e5 ; jmp 0x1f0e5 -fcn_0001f057: ; not directly referenced +fcn_0001f0e5: ; not directly referenced push ebp mov ebp, esp push edi @@ -51301,62 +51350,62 @@ mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 8] mov edi, dword [ebp + 0x10] test esi, esi -je loc_0001f11d ; je 0x1f11d -call fcn_000153f0 ; call 0x153f0 +je loc_0001f1ab ; je 0x1f1ab +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f093 ; je 0x1f093 +je short loc_0001f121 ; je 0x1f121 test ebx, ebx -jne short loc_0001f093 ; jne 0x1f093 +jne short loc_0001f121 ; jne 0x1f121 push eax -push ref_000260eb ; push 0x260eb +push ref_0002619a ; push 0x2619a push 0x3a -push ref_00026b1e ; push 0x26b1e -call fcn_000153fc ; call 0x153fc +push ref_00026bcd ; push 0x26bcd +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f093: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f121: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f0bc ; je 0x1f0bc +je short loc_0001f14a ; je 0x1f14a mov eax, ebx lea edx, [esi - 1] not eax cmp edx, eax -jbe short loc_0001f0bc ; jbe 0x1f0bc +jbe short loc_0001f14a ; jbe 0x1f14a push ecx -push ref_00026aac ; push 0x26aac +push ref_00026b5b ; push 0x26b5b push 0x3b -push ref_00026b1e ; push 0x26b1e -call fcn_000153fc ; call 0x153fc +push ref_00026bcd ; push 0x26bcd +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f0bc: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f14a: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f0df ; je 0x1f0df +je short loc_0001f16d ; je 0x1f16d test bl, 3 -je short loc_0001f0df ; je 0x1f0df +je short loc_0001f16d ; je 0x1f16d push edx -push ref_00026b65 ; push 0x26b65 +push ref_00026c14 ; push 0x26c14 push 0x3c -push ref_00026b1e ; push 0x26b1e -call fcn_000153fc ; call 0x153fc +push ref_00026bcd ; push 0x26bcd +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f0df: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f16d: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f105 ; je 0x1f105 +je short loc_0001f193 ; je 0x1f193 test esi, 3 -je short loc_0001f105 ; je 0x1f105 +je short loc_0001f193 ; je 0x1f193 push eax -push ref_00026b93 ; push 0x26b93 +push ref_00026c42 ; push 0x26c42 push 0x3d -push ref_00026b1e ; push 0x26b1e -call fcn_000153fc ; call 0x153fc +push ref_00026bcd ; push 0x26bcd +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f105: ; not directly referenced +loc_0001f193: ; not directly referenced shr esi, 2 mov dword [ebp + 0x10], edi mov dword [ebp + 0xc], esi @@ -51366,9 +51415,9 @@ pop ebx pop esi pop edi pop ebp -jmp near loc_0001f152 ; jmp 0x1f152 +jmp near loc_0001f1e0 ; jmp 0x1f1e0 -loc_0001f11d: ; not directly referenced +loc_0001f1ab: ; not directly referenced lea esp, [ebp - 0xc] mov eax, ebx pop ebx @@ -51377,7 +51426,7 @@ pop edi pop ebp ret -loc_0001f127: +loc_0001f1b5: push edi mov ecx, dword [esp + 0xc] mov al, byte [esp + 0x10] @@ -51395,7 +51444,7 @@ mov eax, dword [esp + 8] pop edi ret -loc_0001f152: ; not directly referenced +loc_0001f1e0: ; not directly referenced push edi mov eax, dword [esp + 0x10] mov edi, dword [esp + 8] @@ -51405,7 +51454,7 @@ mov eax, dword [esp + 8] pop edi ret -fcn_0001f167: ; not directly referenced +fcn_0001f1f5: ; not directly referenced push ebp mov eax, 0xfffffffe mov ebp, esp @@ -51418,13 +51467,13 @@ pop ebp shr eax, cl ret -fcn_0001f180: +fcn_0001f20e: push ebp mov ebp, esp sub esp, 8 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f1b8 ; je 0x1f1b8 +je short loc_0001f246 ; je 0x1f246 mov ecx, dword [ebp + 0x10] mov eax, dword [ebp + 0x14] sub ecx, dword [ebp + 0xc] @@ -51432,15 +51481,15 @@ shr eax, cl mov edx, eax and edx, 1 cmp eax, edx -je short loc_0001f1b8 ; je 0x1f1b8 +je short loc_0001f246 ; je 0x1f246 push eax -push ref_00026bb8 ; push 0x26bb8 +push ref_00026c67 ; push 0x26c67 push 0x4d -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f1b8: +loc_0001f246: mov cl, byte [ebp + 0x10] mov eax, 0xfffffffe mov edx, dword [ebp + 0x14] @@ -51453,13 +51502,13 @@ or eax, dword [ebp + 8] leave ret -fcn_0001f1d3: +fcn_0001f261: push ebp mov ebp, esp sub esp, 8 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f20b ; je 0x1f20b +je short loc_0001f299 ; je 0x1f299 mov ecx, dword [ebp + 0x10] mov eax, dword [ebp + 0x14] sub ecx, dword [ebp + 0xc] @@ -51467,15 +51516,15 @@ shr eax, cl mov edx, eax and edx, 1 cmp eax, edx -je short loc_0001f20b ; je 0x1f20b +je short loc_0001f299 ; je 0x1f299 push eax -push ref_00026c35 ; push 0x26c35 +push ref_00026ce4 ; push 0x26ce4 push 0x77 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f20b: +loc_0001f299: mov cl, byte [ebp + 0x10] mov edx, 0xfffffffe mov eax, dword [ebp + 0x14] @@ -51489,39 +51538,39 @@ and eax, dword [ebp + 8] leave ret -fcn_0001f228: ; not directly referenced +fcn_0001f2b6: ; not directly referenced push ebp mov ebp, esp push ebx push ecx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f257 ; je 0x1f257 +je short loc_0001f2e5 ; je 0x1f2e5 cmp dword [ebp + 0x10], 7 -jbe short loc_0001f257 ; jbe 0x1f257 +jbe short loc_0001f2e5 ; jbe 0x1f2e5 push edx -push ref_00026c80 ; push 0x26c80 +push ref_00026d2f ; push 0x26d2f push 0x9b -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f257: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f2e5: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f280 ; je 0x1f280 +je short loc_0001f30e ; je 0x1f30e mov eax, dword [ebp + 0x10] cmp dword [ebp + 0xc], eax -jbe short loc_0001f280 ; jbe 0x1f280 +jbe short loc_0001f30e ; jbe 0x1f30e push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x9c -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f280: ; not directly referenced +loc_0001f30e: ; not directly referenced mov cl, byte [ebp + 0x10] mov eax, 0xfffffffe movzx ebx, bl @@ -51534,7 +51583,7 @@ leave shr eax, cl ret -fcn_0001f29b: ; not directly referenced +fcn_0001f329: ; not directly referenced push ebp mov ebp, esp push edi @@ -51544,32 +51593,32 @@ sub esp, 0xc mov esi, dword [ebp + 8] mov ebx, dword [ebp + 0x10] mov edi, dword [ebp + 0x14] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f2d3 ; je 0x1f2d3 +je short loc_0001f361 ; je 0x1f361 cmp ebx, 7 -jbe short loc_0001f2d3 ; jbe 0x1f2d3 +jbe short loc_0001f361 ; jbe 0x1f361 push edx -push ref_00026c80 ; push 0x26c80 +push ref_00026d2f ; push 0x26d2f push 0xe6 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f2d3: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f361: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f2f9 ; je 0x1f2f9 +je short loc_0001f387 ; je 0x1f387 cmp dword [ebp + 0xc], ebx -jbe short loc_0001f2f9 ; jbe 0x1f2f9 +jbe short loc_0001f387 ; jbe 0x1f387 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0xe7 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f2f9: ; not directly referenced +loc_0001f387: ; not directly referenced mov eax, edi movzx edi, al mov eax, esi @@ -51578,7 +51627,7 @@ movzx esi, al push ebx push dword [ebp + 0xc] push esi -call fcn_0001f180 ; call 0x1f180 +call fcn_0001f20e ; call 0x1f20e lea esp, [ebp - 0xc] pop ebx pop esi @@ -51586,7 +51635,7 @@ pop edi pop ebp ret -fcn_0001f316: ; not directly referenced +fcn_0001f3a4: ; not directly referenced push ebp mov ebp, esp push edi @@ -51596,32 +51645,32 @@ sub esp, 0xc mov esi, dword [ebp + 8] mov ebx, dword [ebp + 0x10] mov edi, dword [ebp + 0x14] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f34e ; je 0x1f34e +je short loc_0001f3dc ; je 0x1f3dc cmp ebx, 7 -jbe short loc_0001f34e ; jbe 0x1f34e +jbe short loc_0001f3dc ; jbe 0x1f3dc push edx -push ref_00026c80 ; push 0x26c80 +push ref_00026d2f ; push 0x26d2f push 0x10c -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f34e: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f3dc: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f374 ; je 0x1f374 +je short loc_0001f402 ; je 0x1f402 cmp dword [ebp + 0xc], ebx -jbe short loc_0001f374 ; jbe 0x1f374 +jbe short loc_0001f402 ; jbe 0x1f402 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x10d -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f374: ; not directly referenced +loc_0001f402: ; not directly referenced mov eax, edi movzx edi, al mov eax, esi @@ -51630,7 +51679,7 @@ movzx esi, al push ebx push dword [ebp + 0xc] push esi -call fcn_0001f1d3 ; call 0x1f1d3 +call fcn_0001f261 ; call 0x1f261 lea esp, [ebp - 0xc] pop ebx pop esi @@ -51638,7 +51687,7 @@ pop edi pop ebp ret -fcn_0001f391: ; not directly referenced +fcn_0001f41f: ; not directly referenced push ebp mov ebp, esp push edi @@ -51652,32 +51701,32 @@ mov edi, dword [ebp + 0x14] mov dword [ebp - 0x1c], eax mov eax, dword [ebp + 0x18] mov dword [ebp - 0x20], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f3d5 ; je 0x1f3d5 +je short loc_0001f463 ; je 0x1f463 cmp ebx, 7 -jbe short loc_0001f3d5 ; jbe 0x1f3d5 +jbe short loc_0001f463 ; jbe 0x1f463 push edx -push ref_00026c80 ; push 0x26c80 +push ref_00026d2f ; push 0x26d2f push 0x136 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f3d5: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f463: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f3fa ; je 0x1f3fa +je short loc_0001f488 ; je 0x1f488 cmp esi, ebx -jbe short loc_0001f3fa ; jbe 0x1f3fa +jbe short loc_0001f488 ; jbe 0x1f488 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x137 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f3fa: ; not directly referenced +loc_0001f488: ; not directly referenced mov eax, edi movzx edi, al movzx eax, byte [ebp - 0x1c] @@ -51685,7 +51734,7 @@ push edi push ebx push esi push eax -call fcn_0001f316 ; call 0x1f316 +call fcn_0001f3a4 ; call 0x1f3a4 movzx edx, byte [ebp - 0x20] add esp, 0x10 mov dword [ebp + 0x10], ebx @@ -51698,9 +51747,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_0001f29b ; jmp 0x1f29b +jmp near fcn_0001f329 ; jmp 0x1f329 -fcn_0001f42e: ; not directly referenced +fcn_0001f4bc: ; not directly referenced push ebp mov ebp, esp push edi @@ -51710,32 +51759,32 @@ sub esp, 0xc mov esi, dword [ebp + 8] mov ebx, dword [ebp + 0x10] mov edi, dword [ebp + 0x14] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f466 ; je 0x1f466 +je short loc_0001f4f4 ; je 0x1f4f4 cmp ebx, 7 -jbe short loc_0001f466 ; jbe 0x1f466 +jbe short loc_0001f4f4 ; jbe 0x1f4f4 push edx -push ref_00026c80 ; push 0x26c80 +push ref_00026d2f ; push 0x26d2f push 0xc0 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f466: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f4f4: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f48c ; je 0x1f48c +je short loc_0001f51a ; je 0x1f51a cmp dword [ebp + 0xc], ebx -jbe short loc_0001f48c ; jbe 0x1f48c +jbe short loc_0001f51a ; jbe 0x1f51a push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0xc1 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f48c: ; not directly referenced +loc_0001f51a: ; not directly referenced mov eax, edi sub esp, 0xc movzx edi, al @@ -51746,7 +51795,7 @@ push 0 push ebx push dword [ebp + 0xc] push esi -call fcn_0001f391 ; call 0x1f391 +call fcn_0001f41f ; call 0x1f41f lea esp, [ebp - 0xc] pop ebx pop esi @@ -51754,39 +51803,39 @@ pop edi pop ebp ret -fcn_0001f4ae: ; not directly referenced +fcn_0001f53c: ; not directly referenced push ebp mov ebp, esp push ebx push ecx mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f4dd ; je 0x1f4dd +je short loc_0001f56b ; je 0x1f56b cmp dword [ebp + 0x10], 0xf -jbe short loc_0001f4dd ; jbe 0x1f4dd +jbe short loc_0001f56b ; jbe 0x1f56b push edx -push ref_00026c8b ; push 0x26c8b +push ref_00026d3a ; push 0x26d3a push 0x15b -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f4dd: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f56b: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f506 ; je 0x1f506 +je short loc_0001f594 ; je 0x1f594 mov eax, dword [ebp + 0x10] cmp dword [ebp + 0xc], eax -jbe short loc_0001f506 ; jbe 0x1f506 +jbe short loc_0001f594 ; jbe 0x1f594 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x15c -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f506: ; not directly referenced +loc_0001f594: ; not directly referenced mov cl, byte [ebp + 0x10] mov eax, 0xfffffffe movzx ebx, bx @@ -51799,7 +51848,7 @@ leave shr eax, cl ret -fcn_0001f521: ; not directly referenced +fcn_0001f5af: ; not directly referenced push ebp mov ebp, esp push edi @@ -51809,39 +51858,39 @@ sub esp, 0xc mov esi, dword [ebp + 8] mov ebx, dword [ebp + 0x10] mov edi, dword [ebp + 0x14] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f559 ; je 0x1f559 +je short loc_0001f5e7 ; je 0x1f5e7 cmp ebx, 0xf -jbe short loc_0001f559 ; jbe 0x1f559 +jbe short loc_0001f5e7 ; jbe 0x1f5e7 push edx -push ref_00026c8b ; push 0x26c8b +push ref_00026d3a ; push 0x26d3a push 0x1a6 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f559: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f5e7: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f57f ; je 0x1f57f +je short loc_0001f60d ; je 0x1f60d cmp dword [ebp + 0xc], ebx -jbe short loc_0001f57f ; jbe 0x1f57f +jbe short loc_0001f60d ; jbe 0x1f60d push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x1a7 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f57f: ; not directly referenced +loc_0001f60d: ; not directly referenced movzx edi, di movzx esi, si push edi push ebx push dword [ebp + 0xc] push esi -call fcn_0001f180 ; call 0x1f180 +call fcn_0001f20e ; call 0x1f20e lea esp, [ebp - 0xc] pop ebx pop esi @@ -51849,7 +51898,7 @@ pop edi pop ebp ret -fcn_0001f598: ; not directly referenced +fcn_0001f626: ; not directly referenced push ebp mov ebp, esp push edi @@ -51859,39 +51908,39 @@ sub esp, 0xc mov esi, dword [ebp + 8] mov ebx, dword [ebp + 0x10] mov edi, dword [ebp + 0x14] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f5d0 ; je 0x1f5d0 +je short loc_0001f65e ; je 0x1f65e cmp ebx, 0xf -jbe short loc_0001f5d0 ; jbe 0x1f5d0 +jbe short loc_0001f65e ; jbe 0x1f65e push edx -push ref_00026c8b ; push 0x26c8b +push ref_00026d3a ; push 0x26d3a push 0x1cc -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f5d0: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f65e: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f5f6 ; je 0x1f5f6 +je short loc_0001f684 ; je 0x1f684 cmp dword [ebp + 0xc], ebx -jbe short loc_0001f5f6 ; jbe 0x1f5f6 +jbe short loc_0001f684 ; jbe 0x1f684 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x1cd -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f5f6: ; not directly referenced +loc_0001f684: ; not directly referenced movzx edi, di movzx esi, si push edi push ebx push dword [ebp + 0xc] push esi -call fcn_0001f1d3 ; call 0x1f1d3 +call fcn_0001f261 ; call 0x1f261 lea esp, [ebp - 0xc] pop ebx pop esi @@ -51899,7 +51948,7 @@ pop edi pop ebp ret -fcn_0001f60f: ; not directly referenced +fcn_0001f69d: ; not directly referenced push ebp mov ebp, esp push edi @@ -51913,39 +51962,39 @@ mov edi, dword [ebp + 0x14] mov dword [ebp - 0x1c], eax mov eax, dword [ebp + 0x18] mov dword [ebp - 0x20], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f653 ; je 0x1f653 +je short loc_0001f6e1 ; je 0x1f6e1 cmp ebx, 0xf -jbe short loc_0001f653 ; jbe 0x1f653 +jbe short loc_0001f6e1 ; jbe 0x1f6e1 push edx -push ref_00026c8b ; push 0x26c8b +push ref_00026d3a ; push 0x26d3a push 0x1f6 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f653: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f6e1: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f678 ; je 0x1f678 +je short loc_0001f706 ; je 0x1f706 cmp esi, ebx -jbe short loc_0001f678 ; jbe 0x1f678 +jbe short loc_0001f706 ; jbe 0x1f706 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x1f7 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f678: ; not directly referenced +loc_0001f706: ; not directly referenced movzx eax, word [ebp - 0x1c] movzx edi, di push edi push ebx push esi push eax -call fcn_0001f598 ; call 0x1f598 +call fcn_0001f626 ; call 0x1f626 movzx edx, word [ebp - 0x20] add esp, 0x10 mov dword [ebp + 0x10], ebx @@ -51958,9 +52007,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_0001f521 ; jmp 0x1f521 +jmp near fcn_0001f5af ; jmp 0x1f5af -fcn_0001f6aa: ; not directly referenced +fcn_0001f738: ; not directly referenced push ebp mov ebp, esp push edi @@ -51970,32 +52019,32 @@ sub esp, 0xc mov esi, dword [ebp + 8] mov ebx, dword [ebp + 0x10] mov edi, dword [ebp + 0x14] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f6e2 ; je 0x1f6e2 +je short loc_0001f770 ; je 0x1f770 cmp ebx, 0xf -jbe short loc_0001f6e2 ; jbe 0x1f6e2 +jbe short loc_0001f770 ; jbe 0x1f770 push edx -push ref_00026c8b ; push 0x26c8b +push ref_00026d3a ; push 0x26d3a push 0x180 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f6e2: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f770: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f708 ; je 0x1f708 +je short loc_0001f796 ; je 0x1f796 cmp dword [ebp + 0xc], ebx -jbe short loc_0001f708 ; jbe 0x1f708 +jbe short loc_0001f796 ; jbe 0x1f796 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x181 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f708: ; not directly referenced +loc_0001f796: ; not directly referenced sub esp, 0xc movzx edi, di push edi @@ -52004,7 +52053,7 @@ push 0 push ebx push dword [ebp + 0xc] push esi -call fcn_0001f60f ; call 0x1f60f +call fcn_0001f69d ; call 0x1f69d lea esp, [ebp - 0xc] pop ebx pop esi @@ -52012,37 +52061,37 @@ pop edi pop ebp ret -fcn_0001f726: ; not directly referenced +fcn_0001f7b4: ; not directly referenced push ebp mov ebp, esp sub esp, 8 -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f753 ; je 0x1f753 +je short loc_0001f7e1 ; je 0x1f7e1 cmp dword [ebp + 0x10], 0x1f -jbe short loc_0001f753 ; jbe 0x1f753 +jbe short loc_0001f7e1 ; jbe 0x1f7e1 push edx -push ref_00026c97 ; push 0x26c97 +push ref_00026d46 ; push 0x26d46 push 0x21b -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f753: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001f7e1: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f77c ; je 0x1f77c +je short loc_0001f80a ; je 0x1f80a mov eax, dword [ebp + 0x10] cmp dword [ebp + 0xc], eax -jbe short loc_0001f77c ; jbe 0x1f77c +jbe short loc_0001f80a ; jbe 0x1f80a push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x21c -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f77c: ; not directly referenced +loc_0001f80a: ; not directly referenced mov cl, byte [ebp + 0x10] mov eax, 0xfffffffe shl eax, cl @@ -52053,7 +52102,7 @@ leave shr eax, cl ret -fcn_0001f792: +fcn_0001f820: push ebp mov ebp, esp push edi @@ -52065,32 +52114,32 @@ mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] mov edi, dword [ebp + 0x14] mov dword [ebp - 0x1c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f7d0 ; je 0x1f7d0 +je short loc_0001f85e ; je 0x1f85e cmp ebx, 0x1f -jbe short loc_0001f7d0 ; jbe 0x1f7d0 +jbe short loc_0001f85e ; jbe 0x1f85e push edx -push ref_00026c97 ; push 0x26c97 +push ref_00026d46 ; push 0x26d46 push 0x266 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f7d0: -call fcn_000153f0 ; call 0x153f0 +loc_0001f85e: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f7f5 ; je 0x1f7f5 +je short loc_0001f883 ; je 0x1f883 cmp esi, ebx -jbe short loc_0001f7f5 ; jbe 0x1f7f5 +jbe short loc_0001f883 ; jbe 0x1f883 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x267 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f7f5: +loc_0001f883: mov eax, dword [ebp - 0x1c] mov dword [ebp + 0x14], edi mov dword [ebp + 0x10], ebx @@ -52101,9 +52150,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_0001f180 ; jmp 0x1f180 +jmp near fcn_0001f20e ; jmp 0x1f20e -fcn_0001f810: +fcn_0001f89e: push ebp mov ebp, esp push edi @@ -52115,32 +52164,32 @@ mov esi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] mov edi, dword [ebp + 0x14] mov dword [ebp - 0x1c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f84e ; je 0x1f84e +je short loc_0001f8dc ; je 0x1f8dc cmp ebx, 0x1f -jbe short loc_0001f84e ; jbe 0x1f84e +jbe short loc_0001f8dc ; jbe 0x1f8dc push edx -push ref_00026c97 ; push 0x26c97 +push ref_00026d46 ; push 0x26d46 push 0x28c -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f84e: -call fcn_000153f0 ; call 0x153f0 +loc_0001f8dc: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f873 ; je 0x1f873 +je short loc_0001f901 ; je 0x1f901 cmp esi, ebx -jbe short loc_0001f873 ; jbe 0x1f873 +jbe short loc_0001f901 ; jbe 0x1f901 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x28d -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f873: +loc_0001f901: mov eax, dword [ebp - 0x1c] mov dword [ebp + 0x14], edi mov dword [ebp + 0x10], ebx @@ -52151,9 +52200,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_0001f1d3 ; jmp 0x1f1d3 +jmp near fcn_0001f261 ; jmp 0x1f261 -fcn_0001f88e: +fcn_0001f91c: push ebp mov ebp, esp push edi @@ -52167,37 +52216,37 @@ mov edi, dword [ebp + 0x14] mov dword [ebp - 0x1c], eax mov eax, dword [ebp + 0x18] mov dword [ebp - 0x20], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f8d2 ; je 0x1f8d2 +je short loc_0001f960 ; je 0x1f960 cmp ebx, 0x1f -jbe short loc_0001f8d2 ; jbe 0x1f8d2 +jbe short loc_0001f960 ; jbe 0x1f960 push edx -push ref_00026c97 ; push 0x26c97 +push ref_00026d46 ; push 0x26d46 push 0x2b6 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f8d2: -call fcn_000153f0 ; call 0x153f0 +loc_0001f960: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f8f7 ; je 0x1f8f7 +je short loc_0001f985 ; je 0x1f985 cmp esi, ebx -jbe short loc_0001f8f7 ; jbe 0x1f8f7 +jbe short loc_0001f985 ; jbe 0x1f985 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x2b7 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f8f7: +loc_0001f985: push edi push ebx push esi push dword [ebp - 0x1c] -call fcn_0001f810 ; call 0x1f810 +call fcn_0001f89e ; call 0x1f89e mov edx, dword [ebp - 0x20] add esp, 0x10 mov dword [ebp + 0x10], ebx @@ -52209,55 +52258,55 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_0001f792 ; jmp 0x1f792 +jmp near fcn_0001f820 ; jmp 0x1f820 -fcn_0001f920: +fcn_0001f9ae: push ebp mov ebp, esp push esi mov esi, dword [ebp + 0xc] push ebx mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f951 ; je 0x1f951 +je short loc_0001f9df ; je 0x1f9df cmp ebx, 0x1f -jbe short loc_0001f951 ; jbe 0x1f951 +jbe short loc_0001f9df ; jbe 0x1f9df push edx -push ref_00026c97 ; push 0x26c97 +push ref_00026d46 ; push 0x26d46 push 0x240 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f951: -call fcn_000153f0 ; call 0x153f0 +loc_0001f9df: +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f976 ; je 0x1f976 +je short loc_0001fa04 ; je 0x1fa04 cmp esi, ebx -jbe short loc_0001f976 ; jbe 0x1f976 +jbe short loc_0001fa04 ; jbe 0x1fa04 push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x241 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f976: +loc_0001fa04: sub esp, 0xc push dword [ebp + 0x14] push 0 push ebx push esi push dword [ebp + 8] -call fcn_0001f88e ; call 0x1f88e +call fcn_0001f91c ; call 0x1f91c lea esp, [ebp - 8] pop ebx pop esi pop ebp ret -fcn_0001f98f: ; not directly referenced +fcn_0001fa1d: ; not directly referenced push ebp mov ebp, esp push edi @@ -52269,37 +52318,37 @@ mov edi, dword [ebp + 8] mov esi, dword [ebp + 0x10] mov ebx, dword [ebp + 0x14] mov dword [ebp - 0x1c], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f9cd ; je 0x1f9cd +je short loc_0001fa5b ; je 0x1fa5b cmp ebx, 0x3f -jbe short loc_0001f9cd ; jbe 0x1f9cd +jbe short loc_0001fa5b ; jbe 0x1fa5b push ecx -push ref_00026ca3 ; push 0x26ca3 +push ref_00026d52 ; push 0x26d52 push 0x2db -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f9cd: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001fa5b: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001f9f2 ; je 0x1f9f2 +je short loc_0001fa80 ; je 0x1fa80 cmp esi, ebx -jbe short loc_0001f9f2 ; jbe 0x1f9f2 +jbe short loc_0001fa80 ; jbe 0x1fa80 push edx -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x2dc -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001f9f2: ; not directly referenced +loc_0001fa80: ; not directly referenced push eax push ebx push 0xffffffffffffffff push 0xfffffffffffffffe -call fcn_0001fd4c ; call 0x1fd4c +call fcn_0001fdda ; call 0x1fdda add esp, 0x10 mov dword [ebp + 0x10], esi not edx @@ -52313,9 +52362,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_0001718b ; jmp 0x1718b +jmp near fcn_0001724f ; jmp 0x1724f -fcn_0001fa1e: ; not directly referenced +fcn_0001faac: ; not directly referenced push ebp mov ebp, esp push edi @@ -52328,79 +52377,79 @@ mov edi, dword [ebp + 0x1c] mov dword [ebp - 0x20], eax mov eax, dword [ebp + 0xc] mov dword [ebp - 0x24], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fa60 ; je 0x1fa60 +je short loc_0001faee ; je 0x1faee cmp dword [ebp + 0x14], 0x3f -jbe short loc_0001fa60 ; jbe 0x1fa60 +jbe short loc_0001faee ; jbe 0x1faee push eax -push ref_00026ca3 ; push 0x26ca3 +push ref_00026d52 ; push 0x26d52 push 0x329 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fa60: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001faee: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fa89 ; je 0x1fa89 +je short loc_0001fb17 ; je 0x1fb17 mov eax, dword [ebp + 0x14] cmp dword [ebp + 0x10], eax -jbe short loc_0001fa89 ; jbe 0x1fa89 +jbe short loc_0001fb17 ; jbe 0x1fb17 push ebx -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x32a -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fa89: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001fb17: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fadc ; je 0x1fadc +je short loc_0001fb6a ; je 0x1fb6a mov ebx, dword [ebp + 0x14] sub ebx, dword [ebp + 0x10] push ecx push ebx push edi push esi -call fcn_0001718b ; call 0x1718b +call fcn_0001724f ; call 0x1724f add esp, 0xc push ebx push edi push esi mov dword [ebp - 0x1c], eax mov dword [ebp - 0x28], edx -call fcn_0001718b ; call 0x1718b +call fcn_0001724f ; call 0x1724f mov ecx, dword [ebp - 0x28] add esp, 0x10 and eax, 1 test ecx, ecx -jne short loc_0001fac4 ; jne 0x1fac4 +jne short loc_0001fb52 ; jne 0x1fb52 cmp dword [ebp - 0x1c], eax -je short loc_0001fadc ; je 0x1fadc +je short loc_0001fb6a ; je 0x1fb6a -loc_0001fac4: ; not directly referenced +loc_0001fb52: ; not directly referenced push edx -push ref_00026caf ; push 0x26caf +push ref_00026d5e ; push 0x26d5e push 0x331 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fadc: ; not directly referenced +loc_0001fb6a: ; not directly referenced push eax push dword [ebp + 0x10] push edi push esi -call fcn_0001fd4c ; call 0x1fd4c +call fcn_0001fdda ; call 0x1fdda add esp, 0xc push dword [ebp + 0x14] push 0xffffffffffffffff push 0xfffffffffffffffe mov esi, eax mov ebx, edx -call fcn_0001fd4c ; call 0x1fd4c +call fcn_0001fdda ; call 0x1fdda not eax not edx and eax, esi @@ -52414,7 +52463,7 @@ pop edi pop ebp ret -fcn_0001fb10: ; not directly referenced +fcn_0001fb9e: ; not directly referenced push ebp mov ebp, esp push edi @@ -52427,67 +52476,67 @@ mov edi, dword [ebp + 0x1c] mov dword [ebp - 0x20], eax mov eax, dword [ebp + 0xc] mov dword [ebp - 0x24], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fb52 ; je 0x1fb52 +je short loc_0001fbe0 ; je 0x1fbe0 cmp dword [ebp + 0x14], 0x3f -jbe short loc_0001fb52 ; jbe 0x1fb52 +jbe short loc_0001fbe0 ; jbe 0x1fbe0 push eax -push ref_00026ca3 ; push 0x26ca3 +push ref_00026d52 ; push 0x26d52 push 0x35d -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fb52: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001fbe0: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fb7b ; je 0x1fb7b +je short loc_0001fc09 ; je 0x1fc09 mov eax, dword [ebp + 0x14] cmp dword [ebp + 0x10], eax -jbe short loc_0001fb7b ; jbe 0x1fb7b +jbe short loc_0001fc09 ; jbe 0x1fc09 push ebx -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x35e -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fb7b: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001fc09: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fbce ; je 0x1fbce +je short loc_0001fc5c ; je 0x1fc5c mov ebx, dword [ebp + 0x14] sub ebx, dword [ebp + 0x10] push ecx push ebx push edi push esi -call fcn_0001718b ; call 0x1718b +call fcn_0001724f ; call 0x1724f add esp, 0xc push ebx push edi push esi mov dword [ebp - 0x1c], eax mov dword [ebp - 0x28], edx -call fcn_0001718b ; call 0x1718b +call fcn_0001724f ; call 0x1724f mov ecx, dword [ebp - 0x28] add esp, 0x10 and eax, 1 test ecx, ecx -jne short loc_0001fbb6 ; jne 0x1fbb6 +jne short loc_0001fc44 ; jne 0x1fc44 cmp dword [ebp - 0x1c], eax -je short loc_0001fbce ; je 0x1fbce +je short loc_0001fc5c ; je 0x1fc5c -loc_0001fbb6: ; not directly referenced +loc_0001fc44: ; not directly referenced push edx -push ref_00026d04 ; push 0x26d04 +push ref_00026db3 ; push 0x26db3 push 0x365 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fbce: ; not directly referenced +loc_0001fc5c: ; not directly referenced push eax mov ecx, esi push dword [ebp + 0x10] @@ -52495,14 +52544,14 @@ not edi not ecx push edi push ecx -call fcn_0001fd4c ; call 0x1fd4c +call fcn_0001fdda ; call 0x1fdda add esp, 0xc push dword [ebp + 0x14] push 0xffffffffffffffff push 0xfffffffffffffffe mov esi, eax mov ebx, edx -call fcn_0001fd4c ; call 0x1fd4c +call fcn_0001fdda ; call 0x1fdda not ebx mov ecx, eax or ebx, edx @@ -52519,7 +52568,7 @@ pop edi pop ebp ret -fcn_0001fc0e: ; not directly referenced +fcn_0001fc9c: ; not directly referenced push ebp mov ebp, esp push edi @@ -52539,32 +52588,32 @@ mov dword [ebp - 0x1c], eax mov eax, dword [ebp + 0x18] mov dword [ebp - 0x2c], edx mov dword [ebp - 0x30], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fc64 ; je 0x1fc64 +je short loc_0001fcf2 ; je 0x1fcf2 cmp ebx, 0x3f -jbe short loc_0001fc64 ; jbe 0x1fc64 +jbe short loc_0001fcf2 ; jbe 0x1fcf2 push ecx -push ref_00026ca3 ; push 0x26ca3 +push ref_00026d52 ; push 0x26d52 push 0x392 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fc64: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001fcf2: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fc8a ; je 0x1fc8a +je short loc_0001fd18 ; je 0x1fd18 cmp dword [ebp - 0x1c], ebx -jbe short loc_0001fc8a ; jbe 0x1fc8a +jbe short loc_0001fd18 ; jbe 0x1fd18 push edx -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x393 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fc8a: ; not directly referenced +loc_0001fd18: ; not directly referenced push eax push eax push dword [ebp - 0x2c] @@ -52573,7 +52622,7 @@ push ebx push dword [ebp - 0x1c] push dword [ebp - 0x24] push dword [ebp - 0x28] -call fcn_0001fb10 ; call 0x1fb10 +call fcn_0001fb9e ; call 0x1fb9e mov ecx, dword [ebp - 0x1c] add esp, 0x20 mov dword [ebp + 0x18], esi @@ -52587,9 +52636,9 @@ pop ebx pop esi pop edi pop ebp -jmp near fcn_0001fa1e ; jmp 0x1fa1e +jmp near fcn_0001faac ; jmp 0x1faac -fcn_0001fcc5: ; not directly referenced +fcn_0001fd53: ; not directly referenced push ebp mov ebp, esp push edi @@ -52603,32 +52652,32 @@ mov esi, dword [ebp + 0x18] mov dword [ebp - 0x20], eax mov edi, dword [ebp + 0x1c] mov dword [ebp - 0x1c], edx -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fd09 ; je 0x1fd09 +je short loc_0001fd97 ; je 0x1fd97 cmp ebx, 0x3f -jbe short loc_0001fd09 ; jbe 0x1fd09 +jbe short loc_0001fd97 ; jbe 0x1fd97 push edx -push ref_00026ca3 ; push 0x26ca3 +push ref_00026d52 ; push 0x26d52 push 0x300 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fd09: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_0001fd97: ; not directly referenced +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fd2f ; je 0x1fd2f +je short loc_0001fdbd ; je 0x1fdbd cmp dword [ebp + 0x10], ebx -jbe short loc_0001fd2f ; jbe 0x1fd2f +jbe short loc_0001fdbd ; jbe 0x1fdbd push eax -push ref_00025a81 ; push 0x25a81 +push ref_00025b30 ; push 0x25b30 push 0x301 -push ref_00026c01 ; push 0x26c01 -call fcn_000153fc ; call 0x153fc +push ref_00026cb0 ; push 0x26cb0 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fd2f: ; not directly referenced +loc_0001fdbd: ; not directly referenced push edi push esi push 0 @@ -52637,7 +52686,7 @@ push ebx push dword [ebp + 0x10] push dword [ebp - 0x1c] push dword [ebp - 0x20] -call fcn_0001fc0e ; call 0x1fc0e +call fcn_0001fc9c ; call 0x1fc9c lea esp, [ebp - 0xc] pop ebx pop esi @@ -52645,7 +52694,7 @@ pop edi pop ebp ret -fcn_0001fd4c: ; not directly referenced +fcn_0001fdda: ; not directly referenced push ebp mov ebp, esp push edi @@ -52655,19 +52704,19 @@ sub esp, 0xc mov esi, dword [ebp + 8] mov edi, dword [ebp + 0xc] mov ebx, dword [ebp + 0x10] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fd81 ; je 0x1fd81 +je short loc_0001fe0f ; je 0x1fe0f cmp ebx, 0x3f -jbe short loc_0001fd81 ; jbe 0x1fd81 +jbe short loc_0001fe0f ; jbe 0x1fe0f push eax -push ref_00025909 ; push 0x25909 +push ref_000259b8 ; push 0x259b8 push 0x27 -push ref_00026d5b ; push 0x26d5b -call fcn_000153fc ; call 0x153fc +push ref_00026e0a ; push 0x26e0a +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fd81: ; not directly referenced +loc_0001fe0f: ; not directly referenced mov dword [ebp + 0x10], ebx mov dword [ebp + 8], esi mov dword [ebp + 0xc], edi @@ -52676,15 +52725,15 @@ pop ebx pop esi pop edi pop ebp -jmp near loc_0001fee8 ; jmp 0x1fee8 +jmp near loc_0001ff76 ; jmp 0x1ff76 -fcn_0001fd96: ; not directly referenced +fcn_0001fe24: ; not directly referenced push ebp mov ebp, esp pop ebp -jmp near loc_0001fe02 ; jmp 0x1fe02 +jmp near loc_0001fe90 ; jmp 0x1fe90 -fcn_0001fd9f: ; not directly referenced +fcn_0001fe2d: ; not directly referenced push ebp mov ebp, esp push edi @@ -52698,20 +52747,20 @@ mov ebx, dword [ebp + 0x14] mov dword [ebp - 0x20], eax mov edi, dword [ebp + 0x18] mov dword [ebp - 0x1c], edx -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0001fde1 ; je 0x1fde1 +je short loc_0001fe6f ; je 0x1fe6f mov eax, ebx or eax, esi -jne short loc_0001fde1 ; jne 0x1fde1 +jne short loc_0001fe6f ; jne 0x1fe6f push eax -push ref_0002597e ; push 0x2597e +push ref_00025a2d ; push 0x25a2d push 0x2f -push ref_00026d90 ; push 0x26d90 -call fcn_000153fc ; call 0x153fc +push ref_00026e3f ; push 0x26e3f +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001fde1: ; not directly referenced +loc_0001fe6f: ; not directly referenced mov eax, dword [ebp - 0x20] mov edx, dword [ebp - 0x1c] mov dword [ebp + 0x18], edi @@ -52724,9 +52773,9 @@ pop ebx pop esi pop edi pop ebp -jmp near loc_0001fe14 ; jmp 0x1fe14 +jmp near loc_0001fea2 ; jmp 0x1fea2 -loc_0001fe02: ; not directly referenced +loc_0001fe90: ; not directly referenced mov ecx, dword [esp + 0xc] mov eax, ecx imul ecx, dword [esp + 8] @@ -52734,19 +52783,19 @@ mul dword [esp + 4] add edx, ecx ret -loc_0001fe14: ; not directly referenced +loc_0001fea2: ; not directly referenced mov ecx, dword [esp + 0x10] test ecx, ecx -jne short loc_0001fe2f ; jne 0x1fe2f +jne short loc_0001febd ; jne 0x1febd mov ecx, dword [esp + 0x14] -jecxz loc_0001fe2a ; jecxz 0x1fe2a +jecxz loc_0001feb8 ; jecxz 0x1feb8 and dword [ecx + 4], 0 mov dword [esp + 0x10], ecx -loc_0001fe2a: ; not directly referenced -jmp near loc_000174bd ; jmp 0x174bd +loc_0001feb8: ; not directly referenced +jmp near loc_00017581 ; jmp 0x17581 -loc_0001fe2f: ; not directly referenced +loc_0001febd: ; not directly referenced push ebx push esi push edi @@ -52756,12 +52805,12 @@ mov edi, edx mov esi, eax mov ebx, dword [esp + 0x18] -loc_0001fe42: ; not directly referenced +loc_0001fed0: ; not directly referenced shr edx, 1 rcr eax, 1 shrd ebx, ecx, 1 shr ecx, 1 -jne short loc_0001fe42 ; jne 0x1fe42 +jne short loc_0001fed0 ; jne 0x1fed0 div ebx mov ebx, eax mov ecx, dword [esp + 0x1c] @@ -52769,27 +52818,27 @@ mul dword [esp + 0x18] imul ecx, ebx add edx, ecx mov ecx, dword [esp + 0x20] -jb short loc_0001fe6f ; jb 0x1fe6f +jb short loc_0001fefd ; jb 0x1fefd cmp edi, edx -ja short loc_0001fe7a ; ja 0x1fe7a -jb short loc_0001fe6f ; jb 0x1fe6f +ja short loc_0001ff08 ; ja 0x1ff08 +jb short loc_0001fefd ; jb 0x1fefd cmp esi, eax -jae short loc_0001fe7a ; jae 0x1fe7a +jae short loc_0001ff08 ; jae 0x1ff08 -loc_0001fe6f: ; not directly referenced +loc_0001fefd: ; not directly referenced dec ebx -jecxz loc_0001fe85 ; jecxz 0x1fe85 +jecxz loc_0001ff13 ; jecxz 0x1ff13 sub eax, dword [esp + 0x18] sbb edx, dword [esp + 0x1c] -loc_0001fe7a: ; not directly referenced -jecxz loc_0001fe85 ; jecxz 0x1fe85 +loc_0001ff08: ; not directly referenced +jecxz loc_0001ff13 ; jecxz 0x1ff13 sub esi, eax sbb edi, edx mov dword [ecx], esi mov dword [ecx + 4], edi -loc_0001fe85: ; not directly referenced +loc_0001ff13: ; not directly referenced mov eax, ebx xor edx, edx pop edi @@ -52797,44 +52846,44 @@ pop esi pop ebx ret -fcn_0001fe8d: +fcn_0001ff1b: push ebx -fcn_0001fe8e: ; not directly referenced +fcn_0001ff1c: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0xc] cpuid push ecx mov ecx, dword [ebp + 0x10] -jecxz loc_0001fe9e ; jecxz 0x1fe9e +jecxz loc_0001ff2c ; jecxz 0x1ff2c mov dword [ecx], eax -loc_0001fe9e: +loc_0001ff2c: mov ecx, dword [ebp + 0x14] -jecxz loc_0001fea5 ; jecxz 0x1fea5 +jecxz loc_0001ff33 ; jecxz 0x1ff33 mov dword [ecx], ebx -loc_0001fea5: +loc_0001ff33: mov ecx, dword [ebp + 0x18] -jecxz loc_0001feac ; jecxz 0x1feac +jecxz loc_0001ff3a ; jecxz 0x1ff3a pop dword [ecx] -loc_0001feac: +loc_0001ff3a: mov ecx, dword [ebp + 0x1c] -jecxz loc_0001feb3 ; jecxz 0x1feb3 +jecxz loc_0001ff41 ; jecxz 0x1ff41 mov dword [ecx], edx -loc_0001feb3: +loc_0001ff41: mov eax, dword [ebp + 0xc] leave pop ebx ret -fcn_0001feb9: ; not directly referenced +fcn_0001ff47: ; not directly referenced push ebx -fcn_0001feba: ; not directly referenced +fcn_0001ff48: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 0xc] @@ -52842,31 +52891,31 @@ mov ecx, dword [ebp + 0x10] cpuid push ecx mov ecx, dword [ebp + 0x14] -jecxz loc_0001fecd ; jecxz 0x1fecd +jecxz loc_0001ff5b ; jecxz 0x1ff5b mov dword [ecx], eax -loc_0001fecd: ; not directly referenced +loc_0001ff5b: ; not directly referenced mov ecx, dword [ebp + 0x18] -jecxz loc_0001fed4 ; jecxz 0x1fed4 +jecxz loc_0001ff62 ; jecxz 0x1ff62 mov dword [ecx], ebx -loc_0001fed4: ; not directly referenced +loc_0001ff62: ; not directly referenced mov ecx, dword [ebp + 0x20] -jecxz loc_0001fedb ; jecxz 0x1fedb +jecxz loc_0001ff69 ; jecxz 0x1ff69 mov dword [ecx], edx -loc_0001fedb: ; not directly referenced +loc_0001ff69: ; not directly referenced mov ecx, dword [ebp + 0x1c] -jecxz loc_0001fee2 ; jecxz 0x1fee2 +jecxz loc_0001ff70 ; jecxz 0x1ff70 pop dword [ecx] -loc_0001fee2: ; not directly referenced +loc_0001ff70: ; not directly referenced mov eax, dword [ebp + 0xc] leave pop ebx ret -loc_0001fee8: ; not directly referenced +loc_0001ff76: ; not directly referenced mov cl, byte [esp + 0xc] xor eax, eax mov edx, dword [esp + 4] @@ -52877,7 +52926,7 @@ shld edx, eax, cl shl eax, cl ret -fcn_0001ff03: +fcn_0001ff91: push ebp mov ebp, esp push ebx @@ -52885,37 +52934,37 @@ sub esp, 8 mov ebx, dword [ebp + 8] mov dword [ebx], 0x53524549 mov dword [ebx + 4], 0 -mov dword [ebx + 8], fcn_00020069 ; mov dword [ebx + 8], 0x20069 +mov dword [ebx + 8], fcn_000200f7 ; mov dword [ebx + 8], 0x200f7 push 0 push 0x1f push 0 -call fcn_00016bd6 ; call 0x16bd6 +call fcn_00016c9a ; call 0x16c9a mov dword [ebx + 0x10], eax add eax, 0xf0 mov dword [esp], eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e and eax, 0xffffc000 mov dword [ebx + 0xc], eax -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 add esp, 0x10 test al, al -je short loc_0001ff6b ; je 0x1ff6b +je short loc_0001fff9 ; je 0x1fff9 cmp dword [ebx + 0xc], 0 -jne short loc_0001ff6b ; jne 0x1ff6b +jne short loc_0001fff9 ; jne 0x1fff9 push eax -push ref_00026dce ; push 0x26dce +push ref_00026e7d ; push 0x26e7d push 0x39 -push ref_00026df7 ; push 0x26df7 -call fcn_000153fc ; call 0x153fc +push ref_00026ea6 ; push 0x26ea6 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -loc_0001ff6b: +loc_0001fff9: xor eax, eax mov ebx, dword [ebp - 4] leave ret -fcn_0001ff72: ; not directly referenced +fcn_00020000: ; not directly referenced push ebp mov ebp, esp mov eax, dword [ebp + 8] @@ -52925,69 +52974,69 @@ push ebx sub esp, 0xc add eax, 2 push eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 movzx ebx, ax mov eax, ebx and eax, 0xfffffffd cmp ax, 0x8c44 -je loc_00020060 ; je 0x20060 +je loc_000200ee ; je 0x200ee lea eax, [ebx + 0x73b2] cmp ax, 2 -jbe loc_00020060 ; jbe 0x20060 +jbe loc_000200ee ; jbe 0x200ee lea eax, [ebx + 0x73b7] cmp ax, 3 -jbe loc_00020060 ; jbe 0x20060 +jbe loc_000200ee ; jbe 0x200ee lea eax, [ebx + 0x73bf] cmp ax, 1 -jbe loc_00020060 ; jbe 0x20060 +jbe loc_000200ee ; jbe 0x200ee cmp bx, 0x8c58 -je loc_00020060 ; je 0x20060 +je loc_000200ee ; je 0x200ee mov eax, ebx and eax, 0xfffffffb cmp ax, 0x8c52 -je short loc_0002005b ; je 0x2005b +je short loc_000200e9 ; je 0x200e9 mov eax, ebx and eax, 0xfffffff7 cmp ax, 0x8c54 -je short loc_0002005b ; je 0x2005b +je short loc_000200e9 ; je 0x200e9 lea eax, [ebx + 0x733f] cmp ax, 5 -jbe short loc_00020060 ; jbe 0x20060 +jbe short loc_000200ee ; jbe 0x200ee lea eax, [ebx + 0x63bf] mov si, 2 cmp ax, 6 -jbe short loc_00020060 ; jbe 0x20060 +jbe short loc_000200ee ; jbe 0x200ee lea eax, [ebx + 0x633f] cmp ax, 0xa -jbe short loc_00020060 ; jbe 0x20060 -call fcn_000153e9 ; call 0x153e9 +jbe short loc_000200ee ; jbe 0x200ee +call fcn_00015479 ; call 0x15479 test al, al -je short loc_00020036 ; je 0x20036 +je short loc_000200c4 ; je 0x200c4 push edx push ebx -push ref_0002644f ; push 0x2644f +push ref_000264fe ; push 0x264fe push 0x80000000 -call fcn_000153f7 ; call 0x153f7 +call fcn_00015487 ; call 0x15487 add esp, 0x10 -loc_00020036: ; not directly referenced -call fcn_000153f0 ; call 0x153f0 +loc_000200c4: ; not directly referenced +call fcn_00015480 ; call 0x15480 mov esi, 3 test al, al -je short loc_00020060 ; je 0x20060 +je short loc_000200ee ; je 0x200ee push eax -push ref_000221f1 ; push 0x221f1 +push ref_00022281 ; push 0x22281 push 0x57 -push ref_00026df7 ; push 0x26df7 -call fcn_000153fc ; call 0x153fc +push ref_00026ea6 ; push 0x26ea6 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp short loc_00020060 ; jmp 0x20060 +jmp short loc_000200ee ; jmp 0x200ee -loc_0002005b: ; not directly referenced +loc_000200e9: ; not directly referenced mov esi, 1 -loc_00020060: ; not directly referenced +loc_000200ee: ; not directly referenced lea esp, [ebp - 8] mov eax, esi pop ebx @@ -52995,7 +53044,7 @@ pop esi pop ebp ret -fcn_00020069: ; not directly referenced +fcn_000200f7: ; not directly referenced push ebp mov ebp, esp push edi @@ -53003,64 +53052,64 @@ push esi push ebx sub esp, 0x1c mov ebx, dword [ebp + 8] -call fcn_000153f0 ; call 0x153f0 +call fcn_00015480 ; call 0x15480 test al, al -je short loc_0002009e ; je 0x2009e +je short loc_0002012c ; je 0x2012c cmp dword [ebx - 8], 0x53524549 -je short loc_0002009e ; je 0x2009e +je short loc_0002012c ; je 0x2012c push eax -push ref_00026219 ; push 0x26219 +push ref_000262c8 ; push 0x262c8 push 0x79 -push ref_00026df7 ; push 0x26df7 -call fcn_000153fc ; call 0x153fc +push ref_00026ea6 ; push 0x26ea6 +call fcn_0001548c ; call 0x1548c add esp, 0x10 -jmp short loc_000200a1 ; jmp 0x200a1 +jmp short loc_0002012f ; jmp 0x2012f -loc_0002009e: ; not directly referenced +loc_0002012c: ; not directly referenced sub ebx, 8 -loc_000200a1: ; not directly referenced +loc_0002012f: ; not directly referenced mov esi, dword [ebx + 0x10] sub esp, 0xc push esi -call fcn_0001ff72 ; call 0x1ff72 +call fcn_00020000 ; call 0x20000 mov edi, eax mov eax, dword [ebx + 0xc] mov dword [ebp - 0x1c], eax lea eax, [esi + 0x40] mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 mov ebx, eax lea eax, [esi + 0x48] mov dword [esp], eax -call fcn_00017cfe ; call 0x17cfe +call fcn_00017dc2 ; call 0x17dc2 add esp, 0x10 cmp dword [ebp + 0xc], 5 -ja loc_000202fa ; ja 0x202fa +ja loc_00020388 ; ja 0x20388 mov edx, dword [ebp + 0xc] -jmp dword [edx*4 + ref_000205e0] ; ujmp: jmp dword [edx*4 + 0x205e0] +jmp dword [edx*4 + ref_00020670] ; ujmp: jmp dword [edx*4 + 0x20670] -loc_000200e4: ; not directly referenced +loc_00020172: ; not directly referenced push eax mov esi, 4 push eax push 0 push 0xcf9 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea add esp, 0x10 -jmp near loc_000202c1 ; jmp 0x202c1 +jmp near loc_0002034f ; jmp 0x2034f -loc_000200ff: ; not directly referenced +loc_0002018d: ; not directly referenced push eax mov esi, 6 push eax push 2 push 0xcf9 -call fcn_00018e26 ; call 0x18e26 +call fcn_00018eea ; call 0x18eea add esp, 0x10 -jmp near loc_000202c1 ; jmp 0x202c1 +jmp near loc_0002034f ; jmp 0x2034f -loc_0002011a: ; not directly referenced +loc_000201a8: ; not directly referenced push eax add esi, 0x44 push eax @@ -53068,47 +53117,47 @@ and ebx, 0xfffffffc push 0x80 movzx ebx, bx push esi -call fcn_0001866c ; call 0x1866c +call fcn_00018730 ; call 0x18730 add esp, 0x10 cmp edi, 2 -jne short loc_0002014a ; jne 0x2014a +jne short loc_000201d8 ; jne 0x201d8 push eax push eax push 0 lea eax, [ebx + 0x9c] push eax -call fcn_00018ed3 ; call 0x18ed3 -jmp short loc_00020167 ; jmp 0x20167 +call fcn_00018f97 ; call 0x18f97 +jmp short loc_000201f5 ; jmp 0x201f5 -loc_0002014a: ; not directly referenced +loc_000201d8: ; not directly referenced dec edi -jne short loc_0002016a ; jne 0x2016a +jne short loc_000201f8 ; jne 0x201f8 push ecx push ecx push 0 lea eax, [ebx + 0x28] push eax -call fcn_00018e63 ; call 0x18e63 +call fcn_00018f27 ; call 0x18f27 lea eax, [ebx + 0x2c] pop esi pop edi push 0 push eax -call fcn_00018e63 ; call 0x18e63 +call fcn_00018f27 ; call 0x18f27 -loc_00020167: ; not directly referenced +loc_000201f5: ; not directly referenced add esp, 0x10 -loc_0002016a: ; not directly referenced +loc_000201f8: ; not directly referenced push ecx push ecx push 0x100 lea eax, [ebx + 0x34] add ebx, 4 push eax -call fcn_00018e63 ; call 0x18e63 +call fcn_00018f27 ; call 0x18f27 mov dword [esp], ebx -call fcn_00018ea0 ; call 0x18ea0 +call fcn_00018f64 ; call 0x18f64 pop edi mov esi, eax and esi, 0xffffc3ff @@ -53118,17 +53167,17 @@ or ah, 0x1c or esi, 0x3c00 push eax push ebx -call fcn_00018ed3 ; call 0x18ed3 +call fcn_00018f97 ; call 0x18f97 pop eax pop edx push esi push ebx -call fcn_00018ed3 ; call 0x18ed3 +call fcn_00018f97 ; call 0x18f97 add esp, 0x10 xor eax, eax -jmp near loc_000202ff ; jmp 0x202ff +jmp near loc_0002038d ; jmp 0x2038d -loc_000201b4: ; not directly referenced +loc_00020242: ; not directly referenced mov ebx, eax push edx and ebx, 0xfffc @@ -53137,130 +53186,130 @@ push 0 lea eax, [ebx + 0x60] push eax mov dword [ebp - 0x20], eax -call fcn_00018ed3 ; call 0x18ed3 +call fcn_00018f97 ; call 0x18f97 pop ecx pop eax lea eax, [ebx + 0x64] push 0 push eax -call fcn_00018ed3 ; call 0x18ed3 +call fcn_00018f97 ; call 0x18f97 pop eax pop edx lea eax, [ebx + 0x68] push 0 push eax -call fcn_00018ed3 ; call 0x18ed3 +call fcn_00018f97 ; call 0x18f97 mov eax, dword [ebp + 0xc] add esp, 0x10 sub eax, 4 cmp eax, 1 -ja loc_000202bc ; ja 0x202bc +ja loc_0002034a ; ja 0x2034a push ecx add esi, 0xac push ecx push 0x100000 push esi -call fcn_00018a50 ; call 0x18a50 +call fcn_00018b14 ; call 0x18b14 add esp, 0x10 cmp dword [ebp + 0xc], 5 -jne loc_000202bc ; jne 0x202bc +jne loc_0002034a ; jne 0x2034a mov eax, dword [ebp - 0x1c] sub esp, 0xc add eax, 0x332c push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test al, 3 -jne loc_000202bc ; jne 0x202bc +jne loc_0002034a ; jne 0x2034a mov eax, dword [ebp - 0x1c] sub esp, 0xc add eax, 0x3330 push eax -call fcn_00017d8a ; call 0x17d8a +call fcn_00017e4e ; call 0x17e4e add esp, 0x10 test ah, 0xc0 -jne short loc_000202bc ; jne 0x202bc +jne short loc_0002034a ; jne 0x2034a cmp edi, 1 -jne short loc_0002027b ; jne 0x2027b +jne short loc_00020309 ; jne 0x20309 push ecx push ecx push 0x40000000 push ebx -call fcn_0001829f ; call 0x1829f +call fcn_00018363 ; call 0x18363 lea eax, [ebx + 4] add ebx, 0xc pop esi pop edi push 0xbfffffff push eax -call fcn_000182c9 ; call 0x182c9 +call fcn_0001838d ; call 0x1838d pop eax pop edx push 0xbfffffff -jmp short loc_000202a1 ; jmp 0x202a1 +jmp short loc_0002032f ; jmp 0x2032f -loc_0002027b: ; not directly referenced +loc_00020309: ; not directly referenced cmp edi, 2 -jne short loc_000202aa ; jne 0x202aa +jne short loc_00020338 ; jne 0x20338 push ecx add ebx, 0x1f0 push ecx push 1 push ebx -call fcn_0001829f ; call 0x1829f +call fcn_00018363 ; call 0x18363 pop esi pop edi push 0xfffffffffffffffb push ebx -call fcn_000182c9 ; call 0x182c9 +call fcn_0001838d ; call 0x1838d pop eax pop edx push 0x7fffffff -loc_000202a1: ; not directly referenced +loc_0002032f: ; not directly referenced push ebx -call fcn_000182c9 ; call 0x182c9 +call fcn_0001838d ; call 0x1838d add esp, 0x10 -loc_000202aa: ; not directly referenced +loc_00020338: ; not directly referenced push edx push edx push 0x40000000 push dword [ebp - 0x20] -call fcn_0001829f ; call 0x1829f +call fcn_00018363 ; call 0x18363 add esp, 0x10 -loc_000202bc: ; not directly referenced +loc_0002034a: ; not directly referenced mov esi, 0xe -loc_000202c1: ; not directly referenced +loc_0002034f: ; not directly referenced sub esp, 0xc push dword [ebp + 0xc] -call fcn_0001b972 ; call 0x1b972 +call fcn_0001ba36 ; call 0x1ba36 add esp, 0x10 mov ebx, eax cmp eax, 0x8000000e -je short loc_000202dc ; je 0x202dc +je short loc_0002036a ; je 0x2036a test ebx, ebx -jne short loc_000202ff ; jne 0x202ff +jne short loc_0002038d ; jne 0x2038d -loc_000202dc: ; not directly referenced +loc_0002036a: ; not directly referenced push eax push eax mov eax, esi movzx esi, al push esi push 0xcf9 -call fcn_00018e26 ; call 0x18e26 -call fcn_00017175 ; call 0x17175 +call fcn_00018eea ; call 0x18eea +call fcn_00017239 ; call 0x17239 add esp, 0x10 mov eax, ebx -jmp short loc_000202ff ; jmp 0x202ff +jmp short loc_0002038d ; jmp 0x2038d -loc_000202fa: ; not directly referenced +loc_00020388: ; not directly referenced mov eax, 0x80000002 -loc_000202ff: ; not directly referenced +loc_0002038d: ; not directly referenced lea esp, [ebp - 0xc] pop ebx pop esi @@ -53268,18 +53317,20 @@ pop edi pop ebp ret -loc_00020307: +loc_00020395: +db 0x66 +db 0x90 db 0x66 dd 0x66906690 dd 0x90906690 -ref_00020310: +ref_000203a0: dd 0x08000100 dd 0x01010000 dd 0x01000004 dd 0x00000202 -ref_00020320: +ref_000203b0: dd 0x00000100 dd 0x00001000 dd 0x00010101 @@ -53287,29 +53338,29 @@ dd 0x01000008 dd 0x04000202 dd 0x00000000 -ref_00020338: +ref_000203c8: dd 0x07000301 dd 0x0f000000 -ref_00020340: -dd loc_00009440 -dd loc_00009447 -dd loc_0000938c -dd loc_00009396 -dd loc_000093a0 -dd loc_000093d6 -dd loc_000093da -dd loc_000093e3 -dd loc_000093a7 -dd loc_000093ae - -ref_00020368: +ref_000203d0: +dd loc_000094ae +dd loc_000094b5 +dd loc_000093fa +dd loc_00009404 +dd loc_0000940e +dd loc_00009444 +dd loc_00009448 +dd loc_00009451 +dd loc_00009415 +dd loc_0000941c + +ref_000203f8: dd 0x00000002 dd 0x0000000a dd 0x00000064 dd 0x00000000 -ref_00020378: +ref_00020408: dd 0xea002600 dd 0xea002400 dd 0xea002200 @@ -53317,7 +53368,7 @@ dd 0xea002000 dd 0x00000000 dd 0x00000000 -ref_00020390: +ref_00020420: dd 0xea002400 dd 0xea002600 dd 0xea000800 @@ -53325,7 +53376,7 @@ dd 0xea000a00 dd 0xea002000 dd 0xea002200 -ref_000203a8: +ref_00020438: dd 0xe9002000 dd 0xe9002200 dd 0xe9002400 @@ -53333,7 +53384,7 @@ dd 0xe9002600 dd 0x00000000 dd 0x00000000 -ref_000203c0: +ref_00020450: dd 0xe9001600 dd 0xe9001400 dd 0xe9002e00 @@ -53341,10 +53392,10 @@ dd 0xe9002c00 dd 0xe9003200 dd 0xe9003000 -ref_000203d8: +ref_00020468: dd 0x0a090605 -ref_000203dc: +ref_0002046c: dd 0x13000000 dd 0x15000000 dd 0x15000000 @@ -53363,7 +53414,7 @@ dd 0x15000000 dd 0x15000000 dd 0x0f000000 -ref_00020420: +ref_000204b0: dd 0x00000000 dd 0x00000001 dd 0x00000002 @@ -53381,18 +53432,18 @@ dd 0x0000000b dd 0x0000000c dd 0x0000000d -ref_00020460: +ref_000204f0: db 0x1d -ref_00020461: +ref_000204f1: db 0x00 db 0x1a db 0x00 -ref_00020464: +ref_000204f4: db '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ',0x00,0x00,0x00,0x00 -ref_0002048c: +ref_0002051c: dd 0x00000001 dd 0x00000002 dd 0x00000004 @@ -53402,2308 +53453,2312 @@ dd 0x00000020 dd 0x00000040 dd 0x00000000 -ref_000204ac: +ref_0002053c: db ' +-#0!^',0x00 -ref_000204b4: +ref_00020544: db '0000000000000000',0x00,0x00,0x00,0x00 -ref_000204c8: +ref_00020558: dd 0x20202020 dd 0x20202020 dd 0x20202020 dd 0x20202020 dd 0x90906600 -ref_000204dc: +ref_0002056c: db 'CbLocatePpi',0x00 -ref_000204e8: +ref_00020578: db 'CbNotifyPpi',0x00 -ref_000204f4: +ref_00020584: dd 0x6e496243 dd 0x6c617473 dd 0x6970506c dd 0x90906600 -ref_00020504: +ref_00020594: dd 0x80000010 -dd ref_00028fcc -dd 0x00000000 - -ref_00020510: -dd loc_0001b397 -dd loc_0001b390 -dd loc_0001b3b7 -dd loc_0001b3a8 -dd loc_0001b3f2 -dd loc_0001b3d2 -dd loc_0001b44f -dd loc_0001b424 -dd loc_0001b483 -dd loc_0001b467 -dd loc_0001b499 -dd loc_0001b4de - -ref_00020540: -dd loc_0001b722 -dd loc_0001b7e8 -dd loc_0001b66c -dd loc_0001b7e8 -dd loc_0001b650 -dd loc_0001b7e8 -dd loc_0001b749 -dd loc_0001b733 -dd loc_0001b650 -dd loc_0001b794 - -ref_00020568: -dd loc_0001c2a3 -dd loc_0001c2be -dd loc_0001c2a9 -dd loc_0001c2b0 -dd loc_0001c2b7 - -ref_0002057c: -dd loc_0001cfe4 -dd loc_0001cff3 -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d10c -dd loc_0001d00c -dd loc_0001d021 -dd loc_0001d0b0 -dd loc_0001d0bc -dd loc_0001d0e5 -dd loc_0001d0f1 +dd ref_0002907c +dd 0x00000000 + +ref_000205a0: +dd loc_0001b45b +dd loc_0001b454 +dd loc_0001b47b +dd loc_0001b46c +dd loc_0001b4b6 +dd loc_0001b496 +dd loc_0001b513 +dd loc_0001b4e8 +dd loc_0001b547 +dd loc_0001b52b +dd loc_0001b55d +dd loc_0001b5a2 ref_000205d0: +dd loc_0001b7e6 +dd loc_0001b8ac +dd loc_0001b730 +dd loc_0001b8ac +dd loc_0001b714 +dd loc_0001b8ac +dd loc_0001b80d +dd loc_0001b7f7 +dd loc_0001b714 +dd loc_0001b858 + +ref_000205f8: +dd loc_0001c367 +dd loc_0001c382 +dd loc_0001c36d +dd loc_0001c374 +dd loc_0001c37b + +ref_0002060c: +dd loc_0001d0a8 +dd loc_0001d0b7 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d1d0 +dd loc_0001d0d0 +dd loc_0001d0e5 +dd loc_0001d174 +dd loc_0001d180 +dd loc_0001d1a9 +dd loc_0001d1b5 + +ref_00020660: dd 0x6c416243 dd 0x61636f6c dd 0x6f506574 dd 0x90006c6f -ref_000205e0: -dd loc_000200ff -dd loc_000200e4 -dd loc_0002011a -dd loc_000201b4 -dd loc_000201b4 -dd loc_000201b4 +ref_00020670: +dd loc_0002018d +dd loc_00020172 +dd loc_000201a8 +dd loc_00020242 +dd loc_00020242 +dd loc_00020242 -ref_000205f8: +ref_00020688: db 'PEI: Starting...',0x0a,0x00 -ref_0002060a: +ref_0002069a: db 'Initializing System Agent',0x0a,0x00 -ref_00020625: +ref_000206b5: db 'Initializing PCH',0x0a,0x00 -ref_00020637: +ref_000206c7: db 'PEI: Done.',0x0a,0x00 -ref_00020643: +ref_000206d3: db 0x0a,'ASSERT_EFI_ERROR (Status = %r)',0x0a,0x00 -ref_00020664: +ref_000206f4: db '!EFI_ERROR (Status)',0x00 -ref_00020678: +ref_00020708: db '../../intel/SystemAgent/SaInit/Pei/SaInitPeim.c',0x00 -ref_000206a8: +ref_00020738: db 'Set BIOS_RESET_CPL to indicate all configurations complete',0x0a,0x00 -ref_000206e4: +ref_00020774: db '[SA] Programming MSR 2E7',0x0a,0x00 -ref_000206fe: +ref_0002078e: db 'SA Data HOB installed',0x0a,0x00 -ref_00020715: +ref_000207a5: db '***************** System Agent PCIe code version *****************',0x0a,0x00 -ref_00020759: +ref_000207e9: db '** Major version number is: %3d **',0x0a,0x00 -ref_0002079d: +ref_0002082d: db '** Minor version number is: %3d **',0x0a,0x00 -ref_000207e1: +ref_00020871: db '** Rev version number is: %3d **',0x0a,0x00 -ref_00020825: +ref_000208b5: db '** Build number is: %3d **',0x0a,0x00 -ref_00020869: +ref_000208f9: db '******************************************************************',0x0a,0x00 -ref_000208ad: +ref_0002093d: db 'Programming SA Bars',0x0a,0x00 -ref_000208c2: +ref_00020952: db 'Reporting SA PCIe code version',0x0a,0x00 -ref_000208e2: +ref_00020972: db 'Initializing DMI',0x0a,0x00 -ref_000208f4: +ref_00020984: db 'Initializing SA PCIe',0x0a,0x00 -ref_0002090a: +ref_0002099a: db 'Initializing Graphics',0x0a,0x00 -ref_00020921: +ref_000209b1: db 'Initializing System Agent Overclocking',0x0a,0x00 -ref_00020949: +ref_000209d9: db 'Initializing DMI Tc/Vc mapping',0x0a,0x00 -ref_00020969: +ref_000209f9: db 'Early BIOS POST Programming',0x0a,0x00 -ref_00020986: +ref_00020a16: db '[SA] BootMode = %X',0x0a,0x00 -ref_0002099a: +ref_00020a2a: db '[SA] Install SA S3 Notify callback',0x0a,0x00 -ref_000209be: +ref_00020a4e: db '[SA] Install Notify callback for Rapid Start Resume',0x0a,0x00 -ref_000209f3: +ref_00020a83: db '(OC) Overclocking is disabled. Bypassing SA overclocking flow.',0x0a,0x00 -ref_00020a33: +ref_00020ac3: db '../../intel/SystemAgent/SaInit/Pei/SaOcInit.c',0x00 -ref_00020a61: +ref_00020af1: db '(OC) Updating EDRAM ratio value = %X',0x0a,0x00 -ref_00020a87: +ref_00020b17: db '(OC) Set Voltage Frequency failed. EFI Status = %X, Library Status = %X',0x0a,0x00 -ref_00020ad0: +ref_00020b60: db '(OC) No OC support for this Domain = %X',0x0a,0x00 -ref_00020af9: +ref_00020b89: db '(OC) GetOcCapabilities message failed. Library Status = %X, Domain = %X',0x0a,0x00 -ref_00020b42: +ref_00020bd2: db '../../intel/SystemAgent/SaInit/Pei/GraphicsInit.c',0x00 -ref_00020b74: +ref_00020c04: db 'PCH PCIe Graphics Card enabled.',0x0a,0x00 -ref_00020b95: +ref_00020c25: db 'PCIe card on PEG%x%x (%x:%x:%x) enabled as VGA.',0x0a,0x00 -ref_00020bc6: +ref_00020c56: db 'PEG%x%x (%x:%x:%x) ISAEN has been set.',0x0a,0x00 -ref_00020bee: +ref_00020c7e: db '(StallCount != 3000)',0x00 -ref_00020c03: +ref_00020c93: db 'Temporary GttMmAdr Bar is not initialized. Returning from GraphicsInit().',0x0a,0x00 -ref_00020c4e: +ref_00020cde: db 'GttMmAdr != 0',0x00 -ref_00020c5c: +ref_00020cec: db 'IGD enabled.',0x0a,0x00 -ref_00020c6a: +ref_00020cfa: db 'SaPlatformPolicyPpi->GtConfig->GttSize <= 3',0x00 -ref_00020c96: +ref_00020d26: db 'IGD VGA Decode is disabled because it',0x27,'s not a primary display.',0x0a,0x00 -ref_00020cd6: +ref_00020d66: db 'Disable IGD Device.',0x0a,0x00 -ref_00020ceb: +ref_00020d7b: db '../../intel/SystemAgent/SaInit/Pei/SaDmiPeim.c',0x00 -ref_00020d1a: +ref_00020daa: db 'Can',0x27,'t locate PchPlatformPolicy PPI - exiting.',0x0a,0x00 -ref_00020d49: +ref_00020dd9: db 'DMI Recipe...',0x0a,0x00 -ref_00020d58: +ref_00020de8: db 'Run AdditionalDmiProgramSteps!',0x0a,0x00 -ref_00020d78: +ref_00020e08: db 'DMI Gen2 is Disabled or not capable, staying at Gen1 !',0x0a,0x00 -ref_00020db0: +ref_00020e40: db 'DMI Link re-train to set GEN2',0x0a,0x00 -ref_00020dcf: +ref_00020e5f: db 'DMI trained to x%d at Gen%d',0x0a,0x00 -ref_00020dec: +ref_00020e7c: db 'PEG%x%x (%x:%x:%x) - ',0x00 -ref_00020e02: +ref_00020e92: db 'Trained to x%d at Gen%d.',0x00 -ref_00020e1b: +ref_00020eab: db ' VC0 Negotiation Pending = %d.',0x00 -ref_00020e3a: +ref_00020eca: db 'PEG%x%x (%x:%x:%x) - VC0 Negotiation Pending = %x after %d msec.',0x0a,0x00 -ref_00020e7c: +ref_00020f0c: db '../../intel/SystemAgent/SaInit/Pei/PciExpressInit.c',0x00 -ref_00020eb0: +ref_00020f40: db 'Previous Link Training Fail Mask 0x%2.2X',0x0a,0x00 -ref_00020eda: +ref_00020f6a: db 'New Link Training Fail Mask 0x%2.2X',0x0a,0x00 -ref_00020eff: +ref_00020f8f: db ' PEG%x%x (%x:%x:%x) - skipping due to furcation',0x0a,0x00 -ref_00020f30: +ref_00020fc0: db ' PEG%x%x (%x:%x:%x) - checking',0x0a,0x00 -ref_00020f50: +ref_00020fe0: db ' VC negotiation is complete',0x0a,0x00 -ref_00020f6e: +ref_00020ffe: db 'Total Stall: %d msec',0x0a,0x00 -ref_00020f84: +ref_00021014: db 'Returned PegLinkFailMask 0x%2.2X',0x0a,0x00 -ref_00020fa6: +ref_00021036: db 'Invalid input to ProgramPreset() function! PegFunc=%d, Lane=%d',0x0a,0x00 -ref_00020fe7: +ref_00021077: db '--- Sampler values before calibration ---',0x0a,0x00 -ref_00021012: +ref_000210a2: db 'ERROR: PEG dev=%d, lane=%d, sampler=%d, iteration=%d, found more than %d distinct codes!!!',0x0a,0x00 -ref_0002106e: +ref_000210fe: db '--- Sampler values after calibration ---',0x0a,0x00 -ref_00021098: +ref_00021128: db 'PEG Link Status after auto speed disable:',0x0a,0x00 -ref_000210c3: +ref_00021153: db 'Auto',0x0a,0x00 -ref_000210c9: +ref_00021159: db 'Speed From Setup %x',0x0a,0x00 -ref_000210de: +ref_0002116e: db 'PEG%x%x (%x:%x:%x) - Max Link Speed = Gen%d',0x0a,0x00 -ref_0002110b: +ref_0002119b: db 'ERROR: Attempted to reserve > %d IOTRK (Attempt = %d)! Skipping programming.',0x0a,0x00 -ref_00021159: +ref_000211e9: db 'IOTRK: Reserved = %d. Shared = %d. Total = %d.',0x0a,0x00 -ref_00021189: +ref_00021219: db 'ERROR: Attempted to reserve > %d RRTRK (Attempt = %d)! Skipping programming.',0x0a,0x00 -ref_000211d7: +ref_00021267: db 'RRTRK: Reserved = %d. Shared = %d. Total = %d.',0x0a,0x00 -ref_00021207: +ref_00021297: db 'Crdtctl4 Crdtctl6 Crdtctl8 Before = %x %x %x',0x0a,0x00 -ref_00021235: +ref_000212c5: db 'PEG10: LinkDisabled = %x. Width = %x',0x0a,0x00 -ref_0002125b: +ref_000212eb: db 'PEG11: LinkDisabled = %x. Width = %x',0x0a,0x00 -ref_00021281: +ref_00021311: db 'PEG12: LinkDisabled = %x. Width = %x',0x0a,0x00 -ref_000212a7: +ref_00021337: db 'Crdtctl4 Crdtctl6 Crdtctl8 After = %x %x %x',0x0a,0x00 -ref_000212d4: +ref_00021364: db 'VCU Busy Timeout after %d tries: MCHBAR=%8.8X. Interface=%8.8X. Data=%4.4X.',0x0a,0x00 -ref_00021321: +ref_000213b1: db 'ERROR: VCU Response Error after %d tries: MCHBAR=%8.8X. Interface=%4.4X. Data=%8.8X. ResponseCode=%4.4X',0x0a,0x00 -ref_0002138a: +ref_0002141a: db 'In GetMaxBundles procedure',0x0a,0x00 -ref_000213a6: +ref_00021436: db 'MaxBndlPwrdnCount = %d',0x0a,0x00 -ref_000213be: +ref_0002144e: db 'In PowerDownUnusedBundles sequence',0x0a,0x00 -ref_000213e2: +ref_00021472: db 'All lanes are used. Do nothing.',0x0a,0x00 -ref_00021403: +ref_00021493: db 'PegLaneReversal is true',0x0a,0x00 -ref_0002141c: +ref_000214ac: db 'BNDL_PWRDN PEG%d%d[%d:%d]',0x0a,0x00 -ref_00021437: +ref_000214c7: db 'PEG controller not detected',0x0a,0x00 -ref_00021454: +ref_000214e4: db 'PEG HW Strap value %x',0x0a,0x00 -ref_0002146b: +ref_000214fb: db 'PEG Gen3 Fused off',0x0a,0x00 -ref_0002147f: +ref_0002150f: db 0x0a,'Restore SA PEG DATA from previous boot: Size=%X',0x0a,0x00 -ref_000214b1: +ref_00021541: db 0x0a,'PegGen3PresetSearch is disabled, Clear old Preset data',0x0a,0x00 -ref_000214ea: +ref_0002157a: db 'PEG Recipe...',0x0a,0x00 -ref_000214f9: +ref_00021589: db 'PEG Gen3 Equalization...',0x0a,0x00 -ref_00021513: +ref_000215a3: db 'Presence detect table...',0x0a,0x00 -ref_0002152d: +ref_000215bd: db ' PEG%d%d PresenceDetect: %x. EndpointMaxLinkSpeed: %x.',0x0a,0x00 -ref_00021565: +ref_000215f5: db 'PEG SamplerCalibration...',0x0a,0x00 -ref_00021580: +ref_00021610: db 'PEG Ports Scanning starts.',0x0a,0x00 -ref_0002159c: +ref_0002162c: db 'PEG%d%d - Endpoint not responding to PCI config space access, assuming negotiated width (X%d) is max width',0x0a,0x00 -ref_00021608: +ref_00021698: db 'CtrlMLW[%d]. EpMLW[%d]. UnusedLanes[%d]. BndlPwrdnCount[%d].',0x0a,0x00 -ref_00021646: +ref_000216d6: db 'BndlPwrdnCount violation! Overriding BndlPwrdnCount! ' -ref_0002167b: +ref_0002170b: db 'BndlPwrdnCount[%d].',0x0a,0x00 -ref_00021690: +ref_00021720: db 'Run AdditionalPegProgramSteps on PEG%x%x!',0x0a,0x00 -ref_000216bb: +ref_0002174b: db 'PEG10 ' -ref_000216c1: +ref_00021751: db 'Disabled.',0x0a,0x00 -ref_000216cc: +ref_0002175c: db 'PEG11 Disabled.',0x0a,0x00 -ref_000216dd: +ref_0002176d: db 'PEG12 Disabled.',0x0a,0x00 -ref_000216ee: +ref_0002177e: db 'Original PegLinkFailMask=%X, Final PegLinkFailMask=%X',0x0a,0x00 -ref_00021725: +ref_000217b5: db 'Setting GPIO%d to %x',0x0a,0x00 -ref_0002173b: +ref_000217cb: db 'Asserting PEG slot reset.',0x0a,0x00 -ref_00021756: +ref_000217e6: db 'Deasserting PEG slot reset.',0x0a,0x00 -ref_00021773: +ref_00021803: db 'Toggling PEG slot reset.',0x0a,0x00 -ref_0002178d: +ref_0002181d: db 'SECONDARY BUS RESET!',0x0a,0x00 -ref_000217a3: +ref_00021833: db 'Reset Complete',0x0a,0x00 -ref_000217b3: +ref_00021843: db 'PHY LAYER RESET!',0x0a,0x00 -ref_000217c5: +ref_00021855: db 'Link retrain FAILED!!!',0x0a,0x00 -ref_000217dd: +ref_0002186d: db 'DOWNGRADE from x%d to x%d detected',0x0a,0x00 -ref_00021801: +ref_00021891: db 'Width Recovery Successful',0x0a,0x00 -ref_0002181c: +ref_000218ac: db 'Width Recovery FAILED!',0x0a,0x00 -ref_00021834: +ref_000218c4: db 'Error 0x%x.',0x0a,0x00 -ref_00021841: +ref_000218d1: db 'Success.',0x0a,0x00 -ref_0002184b: +ref_000218db: db 'Link Width DOWNGRADED!',0x0a,0x00 -ref_00021863: +ref_000218f3: db 'Link Speed DOWNGRADED!',0x0a,0x00 -ref_0002187b: +ref_0002190b: db 'Link speed downgrade detected',0x0a,0x00 -ref_0002189a: +ref_0002192a: db 'Link width downgrade detected',0x0a,0x00 -ref_000218b9: +ref_00021949: db 'DOWNGRADE from Gen %d to Gen %d detected',0x0a,0x00 -ref_000218e3: +ref_00021973: db 'Link Speed Recovery FAILED!',0x0a,0x00 -ref_00021900: +ref_00021990: db 'Link Speed Recovery Successful',0x0a,0x00 -ref_00021920: +ref_000219b0: db 'DOWNGRADE, Link is not in L0',0x0a,0x00 -ref_0002193e: +ref_000219ce: db '../../intel/SystemAgent/SaInit/Pei/PcieTrainingLinkRecovery.c',0x00 -ref_0002197c: +ref_00021a0c: db ' PcieControllerList Array Index Out of Bounds PortInfoListLength: %x',0x0a,0x00 -ref_000219c3: +ref_00021a53: db ' LaneList Array Index Out of Bounds LaneListLength%x',0x0a,0x00 -ref_000219f9: +ref_00021a89: db ' PEG%x%x (%x:%x:%x) - Root Port is not Gen3-capable. Max Link Speed = %d.',0x0a,0x00 -ref_00021a44: +ref_00021ad4: db ' PEG%x%x (%x:%x:%x) - Root Port is Gen3-capable.',0x0a,0x00 -ref_00021a76: +ref_00021b06: db ' PEG%x%x (%x:%x:%x) - VC0 negotiation is pending! Skipping endpoint.',0x0a,0x00 -ref_00021abc: +ref_00021b4c: db ' PEG%x%x (%x:%x:%x) - Endpoint is not Gen3-capable. No PCIe Capability found.',0x0a,0x00 -ref_00021b0b: +ref_00021b9b: db ' PEG%x%x (%x:%x:%x) - Endpoint is not Gen3-capable. Max Link Speed = %d.',0x0a,0x00 -ref_00021b55: +ref_00021be5: db ' PEG%x%x (%x:%x:%x) - Endpoint is Gen3-capable',0x0a,0x00 -ref_00021b85: +ref_00021c15: db '../../intel/SystemAgent/SaInit/Pei/PcieTraining.c',0x00 -ref_00021bb7: +ref_00021c47: db 'Invalid Margin Test Requested.',0x0a,0x00 -ref_00021bd7: +ref_00021c67: db 'Preset for Lane %2d: ',0x00 -ref_00021bed: +ref_00021c7d: db 'Search Result: P%d',0x00 -ref_00021c00: +ref_00021c90: db 'Applying Policy value: P%d' -ref_00021c1a: +ref_00021caa: db '. Saving value for next boot.',0x00 -ref_00021c38: +ref_00021cc8: db 'Applying Policy value: P%d',0x00 -ref_00021c53: +ref_00021ce3: db 'Restoring previous value: P%d',0x00 -ref_00021c71: +ref_00021d01: db 'Illegal Lane: %d',0x00 -ref_00021c82: +ref_00021d12: db 'PEG Gen3 Preset Search',0x0a,0x00 -ref_00021c9a: +ref_00021d2a: db ' Gen3 is disabled by policy',0x0a,0x00 -ref_00021cb7: +ref_00021d47: db 'Lane Reversal is Disabled',0x0a,0x00 -ref_00021cd2: +ref_00021d62: db 'Lane Reversal is Enabled',0x0a,0x00 -ref_00021cec: +ref_00021d7c: db '../../intel/SystemAgent/SaInit/Pei/PcieTrainingPhase3.c',0x00 -ref_00021d24: +ref_00021db4: db 'Calling CpuReplacementCheck',0x0a,0x00 -ref_00021d41: +ref_00021dd1: db ' ME reported CPU Replacement value: %x',0x0a,0x00 -ref_00021d69: +ref_00021df9: db ' PEG%x%x (%x:%x:%x) - LoadedSavedPreset = %d. EndpointDeviceChanged = %d.',0x0a,0x00 -ref_00021db4: +ref_00021e44: db 'Skipping Preset Search - No Gen3 capable links',0x0a,0x00 -ref_00021de4: +ref_00021e74: db 'Skipping PEG%d%d - Not Gen3 capable',0x0a,0x00 -ref_00021e09: +ref_00021e99: db 'Using Lane %2d',0x27,'s Best Preset for Lanes %2d-%2d.',0x0a,0x00 -ref_00021e3a: +ref_00021eca: db 'PEG%d%d - Not Gen3 capable, skip coefficient programming.',0x0a,0x00 -ref_00021e75: +ref_00021f05: db 'PEG Gen3 Preset Search done',0x0a -ref_00021e91: +ref_00021f21: db 0x0a db 0x00 -ref_00021e93: +ref_00021f23: db 'GetCoefficientsFromPreset(): Unsupported Preset Requested: P%d. Using P7.',0x0a,0x00 -ref_00021ede: +ref_00021f6e: db 'ConfigureTxJitterMux: System unsupported, no PEG.',0x0a,0x00 -ref_00021f11: +ref_00021fa1: db 'Unsupported CPU stepping!',0x0a,0x00 -ref_00021f2c: +ref_00021fbc: db 'TempValue >= 47',0x00 -ref_00021f3c: +ref_00021fcc: db '../../intel/SystemAgent/SaInit/Pei/PcieTrainingMargining.c',0x00 -ref_00021f77: +ref_00022007: db 'TempValue <= 17',0x00 -ref_00021f87: +ref_00022017: db 'ProgramIobp Read Error, Address:%x AndMask:%x OrMask:%x',0x0a,0x00 -ref_00021fc0: +ref_00022050: db '../../intel/Pch/Library/PchPlatformLib/IobpAccess.c',0x00 -ref_00021ff4: +ref_00022084: db 'ProgramIobp Write Error, Address:%x AndMask:%x OrMask:%x',0x0a,0x00 -ref_0002202e: +ref_000220be: db '(((*LatencyValue1) & (0x00000400 + 0x00000800 + 0x00001000)) >> 10) < 6',0x00 -ref_00022076: +ref_00022106: db '../../intel/Pch/Library/PchPciExpressHelpersLib/PchPciExpressHelpersLibrary.c',0x00 -ref_000220c4: +ref_00022154: db '(((LatencyValue2) & (0x00000400 + 0x00000800 + 0x00001000)) >> 10) < 6',0x00 -ref_0002210b: +ref_0002219b: db 'Endpoint Device %0x Capability ASPM: %0x',0x0a,0x00 -ref_00022135: +ref_000221c5: db 'Override root port ASPM to L1 for pre-1.1 devices',0x0a,0x00 -ref_00022168: +ref_000221f8: db 'Calculate Endpoint Device %0x Aspm Value: %0x',0x0a,0x00 -ref_00022197: +ref_00022227: db 'Program Endpoint Device %0x Aspm Value: %0x',0x0a,0x00 -ref_000221c4: +ref_00022254: db 'Check DownStreamBus:%d and no device found!',0x0a,0x00 -ref_000221f1: +ref_00022281: db '((BOOLEAN)(0==1))',0x00 -ref_00022203: +ref_00022293: db 'PchCpuStrapSet() - Start',0x0a,0x00 -ref_0002221d: +ref_000222ad: db 'PchCpuStrapSet() - End',0x0a,0x00 -ref_00022235: +ref_000222c5: db 'PchOnMemoryInstalled() Start',0x0a,0x00 -ref_00022253: +ref_000222e3: db 'PCH Installing PcieDeviceTable HOB (%d entries)',0x0a,0x00 -ref_00022284: +ref_00022314: db 'HobPtr != 0',0x00 -ref_00022290: +ref_00022320: db '../../intel/Pch/PchInit/Pei/PchInitPeim.c',0x00 -ref_000222ba: +ref_0002234a: db 'Index != 0',0x00 -ref_000222c5: +ref_00022355: db 'PCH Installing PchPlatformPolicy HOB (PCH bus = %d)',0x0a,0x00 -ref_000222fa: +ref_0002238a: db 'Disable Azalia: initialization error in Auto mode!',0x0a,0x00 -ref_0002232e: +ref_000223be: db 'PchOnMemoryInstalled() End',0x0a,0x00 -ref_0002234a: +ref_000223da: db 'Gen3TxOutVoltDnAmpAdj is out of valid range ',0x0a,0x00 -ref_00022378: +ref_00022408: db 'Gen12TxOutVoltDnAmpAdj is out of valid range ',0x0a,0x00 -ref_000223a7: +ref_00022437: db 'Gen3TxOutDeEmAdj is out of valid range ',0x0a,0x00 -ref_000223d0: +ref_00022460: db 'Gen12TxOutDeEmAdj is out of valid range ',0x0a,0x00 -ref_000223fa: +ref_0002248a: db 'PchSataInit() - Start',0x0a,0x00 -ref_00022411: +ref_000224a1: db 'Please do not enable any SATA port before SATA Hsio initialization is done.',0x0a,0x00 -ref_0002245f: +ref_000224ef: db 'PchSataInit() - End',0x0a,0x00 -ref_00022474: +ref_00022504: db 'PchGbeMandatedReset: resetting the board via CF9 to unlock LAN Disable register...',0x0a,0x00 -ref_000224c8: +ref_00022558: db 'PchGbeMandatedReset: resetting the board via CF9...',0x0a,0x00 -ref_000224fd: +ref_0002258d: db 'isCLK 0xED00015C Read warning: %r',0x0a,0x00 -ref_00022520: +ref_000225b0: db 'isCLK 0xED000118 Read warning: %r',0x0a,0x00 -ref_00022543: +ref_000225d3: db 'isCLK 0xED000120 Read warning: %r',0x0a,0x00 -ref_00022566: +ref_000225f6: db 'PchInitialize() - Start',0x0a,0x00 -ref_0002257f: +ref_0002260f: db '(PchPlatformPolicyPpi->Rcba & (UINT32) (~0xFFFFC000)) == 0',0x00 -ref_000225ba: +ref_0002264a: db '(MmioRead32 (AcpiBarAddress) & 0xFFFC) == PchPlatformPolicyPpi->PmBase',0x00 -ref_00022601: +ref_00022691: db '(MmioRead32 (GpioBarAddress) & 0xFFFC) == PchPlatformPolicyPpi->GpioBase',0x00 -ref_0002264a: +ref_000226da: db 'PchInitialize() - End',0x0a,0x00 -ref_00022661: +ref_000226f1: db 'PchConfigureInterruptRegister() Start',0x0a,0x00 -ref_00022688: +ref_00022718: db 'PchConfigureInterruptRegister() End',0x0a,0x00 -ref_000226ad: +ref_0002273d: db 'PchEarlyInit() - Start',0x0a,0x00 -ref_000226c5: +ref_00022755: db 'PchEarlyInit() - End',0x0a,0x00 -ref_000226db: +ref_0002276b: db 'InstallPchInitPpi() - Start',0x0a,0x00 -ref_000226f8: +ref_00022788: db 'PCH SKU is not supported due to no proper PCH LPC found!',0x0a,0x00 -ref_00022732: +ref_000227c2: db 'Rcba needs to be programmed before here',0x0a,0x00 -ref_0002275b: +ref_000227eb: db 'Failed to allocate memory for PchDmiTcVcMapPpiDesc! ',0x0a,0x00 -ref_00022791: +ref_00022821: db 'Failed to allocate memory for PchDmiTcVcMapPpi! ',0x0a,0x00 -ref_000227c3: +ref_00022853: db 'InstallPchInitPpi() - End',0x0a,0x00 -ref_000227de: +ref_0002286e: db '------------------ PCH USB Config ------------------',0x0a,0x00 -ref_00022814: +ref_000228a4: db ' UsbPerPortCtl= %x',0x0a,0x00 -ref_00022828: +ref_000228b8: db ' Ehci1Usbr= %x',0x0a,0x00 -ref_00022838: +ref_000228c8: db ' Ehci2Usbr= %x',0x0a,0x00 -ref_00022848: +ref_000228d8: db ' PortSettings[%d] Enabled= %x',0x0a,0x00 -ref_00022867: +ref_000228f7: db ' PortSettings[%d] Location = %x',0x0a,0x00 -ref_00022888: +ref_00022918: db ' Port30Settings[%d] Enabled= %x',0x0a,0x00 -ref_000228a9: +ref_00022939: db ' Usb20Settings[%d] Enabled= %x',0x0a,0x00 -ref_000228c9: +ref_00022959: db ' Usb30Settings.Mode= %x',0x0a,0x00 -ref_000228e2: +ref_00022972: db ' Usb30Settings.PreBootSupport= %x',0x0a,0x00 -ref_00022905: +ref_00022995: db ' Usb30Settings.Btcg= %x',0x0a,0x00 -ref_0002291e: +ref_000229ae: db ' Usb30Settings.ManualMode= %x',0x0a,0x00 -ref_0002293d: +ref_000229cd: db ' Usb30Settings.ManualModeUsb20PerPinRoute[%d]= EHCI',0x0a,0x00 -ref_00022972: +ref_00022a02: db ' Usb30Settings.ManualModeUsb20PerPinRoute[%d]= XHCI',0x0a,0x00 -ref_000229a7: +ref_00022a37: db ' Usb30Settings.ManualModeUsb30PerPinEnable[%d]= %x',0x0a,0x00 -ref_000229db: +ref_00022a6b: db ' PortUsb20[%d].OverCurrentPin= OC%x',0x0a,0x00 -ref_00022a00: +ref_00022a90: db ' PortUsb20[%d].Usb20EyeDiagramTuningParam1= %x',0x0a,0x00 -ref_00022a30: +ref_00022ac0: db ' PortUsb20[%d].Usb20EyeDiagramTuningParam2= %x',0x0a,0x00 -ref_00022a60: +ref_00022af0: db ' PortUsb30[%d].OverCurrentPin= OC%x',0x0a,0x00 -ref_00022a85: +ref_00022b15: db ' PortUsb30[%d].FixedEqualization = %x',0x0a,0x00 -ref_00022aac: +ref_00022b3c: db ' Usb20PortLength[%d]= %x.%0x',0x0a,0x00 -ref_00022aca: +ref_00022b5a: db '------------------ PCH USB 3.0 Iobp Config ------------------',0x0a,0x00 -ref_00022b09: +ref_00022b99: db ' Usb30IobpConfig[%d].Usb30TxOutVoltDnAmpAdj= %x',0x0a,0x00 -ref_00022b3a: +ref_00022bca: db ' Usb30IobpConfig[%d].Usb30TxOutImpScVoltAmpAdj= %x',0x0a,0x00 -ref_00022b6e: +ref_00022bfe: db ' Usb30IobpConfig[%d].Usb30TxOutDeEmpAdj= %x',0x0a,0x00 -ref_00022b9b: +ref_00022c2b: db ' Usb30IobpConfig[%d].Usb30TxOutAdjEn= %x',0x0a,0x00 -ref_00022bc5: +ref_00022c55: db ' Usb30IobpConfig[%d].Usb30TxOutImpAdjVoltAmp= %x',0x0a,0x00 -ref_00022bf7: +ref_00022c87: db ' Usb30IobpConfig[%d].Usb30TxOutVoltDnAmpAdjEnable= %x',0x0a,0x00 -ref_00022c2e: +ref_00022cbe: db ' Usb30IobpConfig[%d].Usb30TxOutImpScVoltAmpAdjEnable= %x',0x0a,0x00 -ref_00022c68: +ref_00022cf8: db ' Usb30IobpConfig[%d].Usb30TxOutDeEmpAdjEnable= %x',0x0a,0x00 -ref_00022c9b: +ref_00022d2b: db ' Usb30IobpConfig[%d].Usb30Ecrt98Enable= %x',0x0a,0x00 -ref_00022cc7: +ref_00022d57: db '------------------ PCH PCIE Config ------------------',0x0a,0x00 -ref_00022cfe: +ref_00022d8e: db ' RootPort[%d] Enabled= %x',0x0a,0x00 -ref_00022d19: +ref_00022da9: db ' RootPort[%d] Hide= %x',0x0a,0x00 -ref_00022d31: +ref_00022dc1: db ' RootPort[%d] SlotImplemented= %x',0x0a,0x00 -ref_00022d54: +ref_00022de4: db ' RootPort[%d] HotPlug= %x',0x0a,0x00 -ref_00022d6f: +ref_00022dff: db ' RootPort[%d] PmSci= %x',0x0a,0x00 -ref_00022d88: +ref_00022e18: db ' RootPort[%d] ExtSync= %x',0x0a,0x00 -ref_00022da3: +ref_00022e33: db ' RootPort[%d] UnsupportedRequestReport= %x',0x0a,0x00 -ref_00022dcf: +ref_00022e5f: db ' RootPort[%d] FatalErrorReport= %x',0x0a,0x00 -ref_00022df3: +ref_00022e83: db ' RootPort[%d] NoFatalErrorReport= %x',0x0a,0x00 -ref_00022e19: +ref_00022ea9: db ' RootPort[%d] CorrectableErrorReport= %x',0x0a,0x00 -ref_00022e43: +ref_00022ed3: db ' RootPort[%d] PmeInterrupt= %x',0x0a,0x00 -ref_00022e63: +ref_00022ef3: db ' RootPort[%d] SystemErrorOnFatalError= %x',0x0a,0x00 -ref_00022e8e: +ref_00022f1e: db ' RootPort[%d] SystemErrorOnNonFatalError= %x',0x0a,0x00 -ref_00022ebc: +ref_00022f4c: db ' RootPort[%d] SystemErrorOnCorrectableError= %x',0x0a,0x00 -ref_00022eed: +ref_00022f7d: db ' RootPort[%d] AdvancedErrorReporting= %x',0x0a,0x00 -ref_00022f17: +ref_00022fa7: db ' RootPort[%d] TransmitterHalfSwing= %x',0x0a,0x00 -ref_00022f3f: +ref_00022fcf: db ' RootPort[%d] PcieSpeed= %x',0x0a,0x00 -ref_00022f5c: +ref_00022fec: db ' RootPort[%d]' -ref_00022f69: +ref_00022ff9: db ' FunctionNumber= %x',0x0a,0x00 -ref_00022f7e: +ref_0002300e: db ' RootPort[%d] PhysicalSlotNumber= %x',0x0a,0x00 -ref_00022fa4: +ref_00023034: db ' RootPort[%d] CompletionTimeout= %x',0x0a,0x00 -ref_00022fc9: +ref_00023059: db ' RootPort[%d] Aspm= %x',0x0a,0x00 -ref_00022fe1: +ref_00023071: db ' RootPort[%d] L1Substates= %x',0x0a,0x00 -ref_00023000: +ref_00023090: db ' RootPort[%d]' -ref_0002300d: +ref_0002309d: db ' LtrEnable= %x',0x0a,0x00 -ref_0002301d: +ref_000230ad: db ' RootPort[%d] LtrConfigLock= %x',0x0a,0x00 -ref_0002303e: +ref_000230ce: db ' RootPort[%d] LtrMaxSnoopLatency= %x',0x0a,0x00 -ref_00023064: +ref_000230f4: db ' RootPort[%d] LtrMaxNoSnoopLatency= %x',0x0a,0x00 -ref_0002308c: +ref_0002311c: db ' RootPort[%d] SnoopLatencyOverrideMode= %x',0x0a,0x00 -ref_000230b8: +ref_00023148: db ' RootPort[%d] SnoopLatencyOverrideMultiplier= %x',0x0a,0x00 -ref_000230ea: +ref_0002317a: db ' RootPort[%d] SnoopLatencyOverrideValue= %x',0x0a,0x00 -ref_00023117: +ref_000231a7: db ' RootPort[%d] NonSnoopLatencyOverrideMode= %x',0x0a,0x00 -ref_00023146: +ref_000231d6: db ' RootPort[%d] NonSnoopLatencyOverrideMultiplier= %x',0x0a,0x00 -ref_0002317b: +ref_0002320b: db ' RootPort[%d] NonSnoopLatencyOverrideValue= %x',0x0a,0x00 -ref_000231ab: +ref_0002323b: db ' EnableSubDecode= %x',0x0a,0x00 -ref_000231c1: +ref_00023251: db ' PchPcieSbdePort= %x',0x0a,0x00 -ref_000231d7: +ref_00023267: db ' RootPortClockGating= %x',0x0a,0x00 -ref_000231f1: +ref_00023281: db ' RootPortFunctionSwapping= %x',0x0a,0x00 -ref_00023210: +ref_000232a0: db ' AllowNoLtrIccPllShutdown= %x',0x0a,0x00 -ref_0002322f: +ref_000232bf: db '------------------ PCH SATA Config ------------------',0x0a,0x00 -ref_00023266: +ref_000232f6: db ' SataMode= %x',0x0a,0x00 -ref_00023275: +ref_00023305: db ' PortSettings[%d] HotPlug= %x',0x0a,0x00 -ref_00023294: +ref_00023324: db ' PortSettings[%d] InterlockSw= %x',0x0a,0x00 -ref_000232b7: +ref_00023347: db ' PortSettings[%d] External= %x',0x0a,0x00 -ref_000232d7: +ref_00023367: db ' PortSettings[%d] SpinUp= %x',0x0a,0x00 -ref_000232f5: +ref_00023385: db ' PortSettings[%d] SolidStateDrive= %x',0x0a,0x00 -ref_0002331c: +ref_000233ac: db ' PortSettings[%d] DevSlp= %x',0x0a,0x00 -ref_0002333a: +ref_000233ca: db ' PortSettings[%d] EnableDitoConfig= %x',0x0a,0x00 -ref_00023362: +ref_000233f2: db ' PortSettings[%d] DmVal= %x',0x0a,0x00 -ref_0002337f: +ref_0002340f: db ' PortSettings[%d] DitoVal= %x',0x0a,0x00 -ref_0002339e: +ref_0002342e: db ' PortSettings[%d] PortRxEq GenSpeed[0]' -ref_000233c4: +ref_00023454: db ' Enable= %x',0x0a,0x00 -ref_000233d1: +ref_00023461: db ' PortSettings[%d] PortRxEq GenSpeed[0] RxEq= %x',0x0a,0x00 -ref_00023402: +ref_00023492: db ' PortSettings[%d] PortRxEq GenSpeed[1] Enable= %x',0x0a,0x00 -ref_00023435: +ref_000234c5: db ' PortSettings[%d] PortRxEq GenSpeed[1] RxEq= %x',0x0a,0x00 -ref_00023466: +ref_000234f6: db ' PortSettings[%d] PortRxEq GenSpeed[2] Enable= %x',0x0a,0x00 -ref_00023499: +ref_00023529: db ' PortSettings[%d] PortRxEq GenSpeed[2] RxEq= %x',0x0a,0x00 -ref_000234ca: +ref_0002355a: db ' PortSettings[%d] PortIobp Gen3TxOutVoltDnAmpAdj= %x',0x0a,0x00 -ref_00023500: +ref_00023590: db ' PortSettings[%d] PortIobp Gen12TxOutVoltDnAmpAdj= %x',0x0a,0x00 -ref_00023537: +ref_000235c7: db ' PortSettings[%d] PortIobp Gen3TxOutDeEmAdj= %x',0x0a,0x00 -ref_00023568: +ref_000235f8: db ' PortSettings[%d] PortIobp Gen12TxOutDeEmAdj= %x',0x0a,0x00 -ref_0002359a: +ref_0002362a: db ' PortSettings[%d] PortIobp Gen3TxOutVoltDnAmpAdjEnable= %x',0x0a,0x00 -ref_000235d6: +ref_00023666: db ' PortSettings[%d] PortIobp Gen12TxOutVoltDnAmpAdjEnable= %x',0x0a,0x00 -ref_00023613: +ref_000236a3: db ' PortSettings[%d] PortIobp Gen3TxOutDeEmAdjEnable= %x',0x0a,0x00 -ref_0002364a: +ref_000236da: db ' PortSettings[%d] PortIobp Gen12TxOutDeEmAdjEnable= %x',0x0a,0x00 -ref_00023682: +ref_00023712: db ' PortSettings[%d] Sata Thermal Throttling Enabled= %x',0x0a,0x00 -ref_000236b9: +ref_00023749: db ' RaidAlternateId= %x',0x0a,0x00 -ref_000236cf: +ref_0002375f: db ' Raid0= %x',0x0a,0x00 -ref_000236db: +ref_0002376b: db ' Raid1= %x',0x0a,0x00 -ref_000236e7: +ref_00023777: db ' Raid10= %x',0x0a,0x00 -ref_000236f4: +ref_00023784: db ' Raid5= %x',0x0a,0x00 -ref_00023700: +ref_00023790: db ' Irrt= %x',0x0a,0x00 -ref_0002370b: +ref_0002379b: db ' OromUiBanner= %x',0x0a,0x00 -ref_0002371e: +ref_000237ae: db ' OromUiDelay= %x',0x0a,0x00 -ref_00023730: +ref_000237c0: db ' HddUnlock= %x',0x0a,0x00 -ref_00023740: +ref_000237d0: db ' LedLocate= %x',0x0a,0x00 -ref_00023750: +ref_000237e0: db ' IrrtOnly= %x',0x0a,0x00 -ref_0002375f: +ref_000237ef: db ' SmartStorage= %x',0x0a,0x00 -ref_00023772: +ref_00023802: db ' SpeedSupport= %x',0x0a,0x00 -ref_00023785: +ref_00023815: db ' eSATASpeedLimit= %x',0x0a,0x00 -ref_0002379b: +ref_0002382b: db ' TestMode= %x',0x0a,0x00 -ref_000237aa: +ref_0002383a: db ' LegacyMode= %x',0x0a,0x00 -ref_000237bb: +ref_0002384b: db ' SalpSupport= %x',0x0a,0x00 -ref_000237cd: +ref_0002385d: db ' PwrOptEnable= %x',0x0a,0x00 -ref_000237e0: +ref_00023870: db ' PcieNandRemap Enable= %x',0x0a,0x00 -ref_000237fb: +ref_0002388b: db ' PcieNandRemap PcieNandPort= %x',0x0a,0x00 -ref_0002381c: +ref_000238ac: db ' PcieNandRemap ConfigAccessLockDown= %x',0x0a,0x00 -ref_00023845: +ref_000238d5: db ' PcieNandRemap DeviceResetDelay= %x',0x0a,0x00 -ref_0002386a: +ref_000238fa: db '------------------ PCH IOAPIC Config ------------------',0x0a,0x00 -ref_000238a3: +ref_00023933: db ' BdfValid= %x',0x0a,0x00 -ref_000238b2: +ref_00023942: db ' BusNumber= %x',0x0a,0x00 -ref_000238c2: +ref_00023952: db ' DeviceNumber= %x',0x0a,0x00 -ref_000238d5: +ref_00023965: db ' IoApicId= %x',0x0a,0x00 -ref_000238e4: +ref_00023974: db ' ApicRangeSelect= %x',0x0a,0x00 -ref_000238fa: +ref_0002398a: db ' IoApicEntry24_39= %x',0x0a,0x00 -ref_00023911: +ref_000239a1: db '------------------ PCH HPET Config ------------------',0x0a,0x00 -ref_00023948: +ref_000239d8: db ' Enable %x',0x0a,0x00 -ref_00023954: +ref_000239e4: db ' BdfValid %x',0x0a,0x00 -ref_00023962: +ref_000239f2: db ' BusNumber %x',0x0a,0x00 -ref_00023971: +ref_00023a01: db ' DeviceNumber %x',0x0a,0x00 -ref_00023983: +ref_00023a13: db ' FunctionNumber %x',0x0a,0x00 -ref_00023997: +ref_00023a27: db ' Base %x',0x0a,0x00 -ref_000239a1: +ref_00023a31: db '------------------ PCH Lock Down Config ------------------',0x0a,0x00 -ref_000239dd: +ref_00023a6d: db ' GlobalSmi= %x',0x0a,0x00 -ref_000239ed: +ref_00023a7d: db ' BiosInterface= %x',0x0a,0x00 -ref_00023a01: +ref_00023a91: db ' GpioLockDown= %x',0x0a,0x00 -ref_00023a14: +ref_00023aa4: db ' RtcLock= %x',0x0a,0x00 -ref_00023a22: +ref_00023ab2: db ' BiosLock= %x',0x0a,0x00 -ref_00023a31: +ref_00023ac1: db ' SmmBwp= %x',0x0a,0x00 -ref_00023a3e: +ref_00023ace: db '------------------ PCH Flash Protection Config ------------------',0x0a,0x00 -ref_00023a81: +ref_00023b11: db ' WriteProtectionEnable[%d]= %x',0x0a,0x00 -ref_00023aa1: +ref_00023b31: db ' ReadProtectionEnable[%d]= %x',0x0a,0x00 -ref_00023ac0: +ref_00023b50: db ' ProtectedRangeLimit[%d]= %x',0x0a,0x00 -ref_00023ade: +ref_00023b6e: db ' ProtectedRangeBase[%d]= %x',0x0a,0x00 -ref_00023afb: +ref_00023b8b: db '------------------ PCH SMBUS Config ------------------',0x0a,0x00 -ref_00023b33: +ref_00023bc3: db ' SmbusIoBase= %x',0x0a,0x00 -ref_00023b45: +ref_00023bd5: db ' NumRsvdSmbusAddresses= %x',0x0a,0x00 -ref_00023b61: +ref_00023bf1: db ' RsvdSmbusAddressTable= {',0x00 -ref_00023b7b: +ref_00023c0b: db ' %02xh',0x00 -ref_00023b82: +ref_00023c12: db ' }',0x0a,0x00 -ref_00023b86: +ref_00023c16: db '------------------ PCH Azalia Config ------------------',0x0a,0x00 -ref_00023bbf: +ref_00023c4f: db ' Pme= %x',0x0a,0x00 -ref_00023bc9: +ref_00023c59: db ' DockSupport= %x',0x0a,0x00 -ref_00023bdb: +ref_00023c6b: db ' ResetWaitTimer= %x',0x0a,0x00 -ref_00023bf0: +ref_00023c80: db '------------------ PCH PM Config ------------------',0x0a,0x00 -ref_00023c25: +ref_00023cb5: db ' PowerResetStatusClear MeWakeSts= %x',0x0a,0x00 -ref_00023c4b: +ref_00023cdb: db ' PowerResetStatusClear MeHrstColdSts= %x',0x0a,0x00 -ref_00023c75: +ref_00023d05: db ' PowerResetStatusClear MeHrstWarmSts= %x',0x0a,0x00 -ref_00023c9f: +ref_00023d2f: db ' PowerResetStatusClear MeHostPowerDn= %x',0x0a,0x00 -ref_00023cc9: +ref_00023d59: db ' PowerResetStatusClear WolOvrWkSts= %x',0x0a,0x00 -ref_00023cf1: +ref_00023d81: db ' WakeConfig PmeB0S5Dis= %x',0x0a,0x00 -ref_00023d0d: +ref_00023d9d: db ' WakeConfig WolEnableOverride= %x',0x0a,0x00 -ref_00023d30: +ref_00023dc0: db ' WakeConfig Gp27WakeFromDeepSx= %x',0x0a,0x00 -ref_00023d54: +ref_00023de4: db ' WakeConfig PcieWakeFromDeepSx= %x',0x0a,0x00 -ref_00023d78: +ref_00023e08: db ' WakeConfig WoWlanEnable= %x',0x0a,0x00 -ref_00023d96: +ref_00023e26: db ' WakeConfig WoWlanDeepSxEnable= %x',0x0a,0x00 -ref_00023dba: +ref_00023e4a: db ' PchDeepSxPol= %x',0x0a,0x00 -ref_00023dcd: +ref_00023e5d: db ' PchSlpS3MinAssert= %x',0x0a,0x00 -ref_00023de5: +ref_00023e75: db ' PchSlpS4MinAssert= %x',0x0a,0x00 -ref_00023dfd: +ref_00023e8d: db ' PchSlpSusMinAssert= %x',0x0a,0x00 -ref_00023e16: +ref_00023ea6: db ' PchSlpAMinAssert= %x',0x0a,0x00 -ref_00023e2d: +ref_00023ebd: db ' PciClockRun= %x',0x0a,0x00 -ref_00023e3f: +ref_00023ecf: db ' SlpStrchSusUp= %x',0x0a,0x00 -ref_00023e53: +ref_00023ee3: db ' SlpLanLowDc= %x',0x0a,0x00 -ref_00023e65: +ref_00023ef5: db ' LegacyDmaDisable= %x',0x0a,0x00 -ref_00023e7c: +ref_00023f0c: db ' PchPwrCycDur= %x',0x0a,0x00 -ref_00023e8f: +ref_00023f1f: db '------------------ PCH DMI Config ------------------',0x0a,0x00 -ref_00023ec5: +ref_00023f55: db ' DmiAspm= %x',0x0a,0x00 -ref_00023ed3: +ref_00023f63: db ' DmiExtSync= %x',0x0a,0x00 -ref_00023ee4: +ref_00023f74: db ' DmiIot= %x',0x0a,0x00 -ref_00023ef1: +ref_00023f81: db ' MemCloseStateEn= %x',0x0a,0x00 -ref_00023f07: +ref_00023f97: db ' InternalObffEn= %x',0x0a,0x00 -ref_00023f1c: +ref_00023fac: db '------------------ PCH LPC SIRQ Config ------------------',0x0a,0x00 -ref_00023f57: +ref_00023fe7: db ' SirqEnable= %x',0x0a,0x00 -ref_00023f68: +ref_00023ff8: db ' SirqMode= %x',0x0a,0x00 -ref_00023f77: +ref_00024007: db ' StartFramePulse= %x',0x0a,0x00 -ref_00023f8d: +ref_0002401d: db '------------------ PCH Thermal Config ------------------',0x0a,0x00 -ref_00023fc7: +ref_00024057: db ' ThermalAlertEnable TselLock %x',0x0a,0x00 -ref_00023fe8: +ref_00024078: db ' ThermalAlertEnable TscLock %x',0x0a,0x00 -ref_00024008: +ref_00024098: db ' ThermalAlertEnable TsmicLock= %x',0x0a,0x00 -ref_0002402b: +ref_000240bb: db ' ThermalAlertEnable PhlcLock= %x',0x0a,0x00 -ref_0002404d: +ref_000240dd: db ' ThermalThrottling TTLevels T0Level %x centigrade degree',0x0a,0x00 -ref_00024087: +ref_00024117: db ' ThermalThrottling TTLevels T1Level %x centigrade degree',0x0a,0x00 -ref_000240c1: +ref_00024151: db ' ThermalThrottling TTLevels T2Level %x centigrade degree',0x0a,0x00 -ref_000240fb: +ref_0002418b: db ' ThermalThrottling TTLevels TTEnable %x',0x0a,0x00 -ref_00024124: +ref_000241b4: db ' ThermalThrottling TTLevels TTState13Enable %x',0x0a,0x00 -ref_00024154: +ref_000241e4: db ' ThermalThrottling TTLevels TTLock %x',0x0a,0x00 -ref_0002417b: +ref_0002420b: db ' ThermalThrottling TTLevels SuggestedSetting %x',0x0a,0x00 -ref_000241ac: +ref_0002423c: db ' ThermalThrottling TTLevels PchCrossThrottling %x',0x0a,0x00 -ref_000241df: +ref_0002426f: db ' ThermalThrottling DmiHaAWC DmiTsawEn %x',0x0a,0x00 -ref_00024209: +ref_00024299: db ' ThermalThrottling DmiHaAWC TS0TW %x',0x0a,0x00 -ref_0002422f: +ref_000242bf: db ' ThermalThrottling DmiHaAWC TS1TW %x',0x0a,0x00 -ref_00024255: +ref_000242e5: db ' ThermalThrottling DmiHaAWC TS2TW %x',0x0a,0x00 -ref_0002427b: +ref_0002430b: db ' ThermalThrottling DmiHaAWC TS3TW %x',0x0a,0x00 -ref_000242a1: +ref_00024331: db ' ThermalThrottling DmiHaAWC SuggestedSetting %x',0x0a,0x00 -ref_000242d2: +ref_00024362: db ' ThermalThrottling SataTT P0T1M %x',0x0a,0x00 -ref_000242f6: +ref_00024386: db ' ThermalThrottling SataTT P0T2M %x',0x0a,0x00 -ref_0002431a: +ref_000243aa: db ' ThermalThrottling SataTT P0T3M %x',0x0a,0x00 -ref_0002433e: +ref_000243ce: db ' ThermalThrottling SataTT P0TDisp %x',0x0a,0x00 -ref_00024364: +ref_000243f4: db ' ThermalThrottling SataTT P0Tinact %x',0x0a,0x00 -ref_0002438b: +ref_0002441b: db ' ThermalThrottling SataTT P0TDispFinit %x',0x0a,0x00 -ref_000243b6: +ref_00024446: db ' ThermalThrottling SataTT P1T1M %x',0x0a,0x00 -ref_000243da: +ref_0002446a: db ' ThermalThrottling SataTT P1T2M %x',0x0a,0x00 -ref_000243fe: +ref_0002448e: db ' ThermalThrottling SataTT P1T3M %x',0x0a,0x00 -ref_00024422: +ref_000244b2: db ' ThermalThrottling SataTT P1TDisp %x',0x0a,0x00 -ref_00024448: +ref_000244d8: db ' ThermalThrottling SataTT P1Tinact %x',0x0a,0x00 -ref_0002446f: +ref_000244ff: db ' ThermalThrottling SataTT P1TDispFinit %x',0x0a,0x00 -ref_0002449a: +ref_0002452a: db ' ThermalThrottling SataTT SuggestedSetting %x',0x0a,0x00 -ref_000244c9: +ref_00024559: db ' MemoryThrottling Enable= %x',0x0a,0x00 -ref_000244e7: +ref_00024577: db ' MemoryThrottling TsGpioPinSetting PmsyncEnable= %x',0x0a,0x00 -ref_0002451c: +ref_000245ac: db ' MemoryThrottling TsGpioPinSetting C0TransmitEnable= %x',0x0a,0x00 -ref_00024555: +ref_000245e5: db ' MemoryThrottling TsGpioPinSetting PinSelection= %x',0x0a,0x00 -ref_0002458a: +ref_0002461a: db ' PchHotLevel = %x',0x0a,0x00 -ref_0002459d: +ref_0002462d: db ' ThermalDeviceEnable (D31:F6) %x',0x0a,0x00 -ref_000245bf: +ref_0002464f: db '------------------ PCH General Config ------------------',0x0a,0x00 -ref_000245f9: +ref_00024689: db ' SubSystemVendorId= %x',0x0a,0x00 -ref_00024611: +ref_000246a1: db ' SubSystemId= %x',0x0a,0x00 -ref_00024623: +ref_000246b3: db ' Crid= %x',0x0a,0x00 -ref_0002462e: +ref_000246be: db ' DciEn= %x',0x0a,0x00 -ref_0002463a: +ref_000246ca: db '------------------ PCH LAN Config ------------------',0x0a,0x00 -ref_00024670: +ref_00024700: db '------------------ PCH Serial IO Config ------------------',0x0a,0x00 -ref_000246ac: +ref_0002473c: db ' SerialIoGpio= %x',0x0a,0x00 -ref_000246bf: +ref_0002474f: db ' SerialIoDma= %x',0x0a,0x00 -ref_000246d1: +ref_00024761: db ' SerialIoI2c0= %x',0x0a,0x00 -ref_000246e4: +ref_00024774: db ' SerialIoI2c1= %x',0x0a,0x00 -ref_000246f7: +ref_00024787: db ' SerialIoSpi0= %x',0x0a,0x00 -ref_0002470a: +ref_0002479a: db ' SerialIoSpi1= %x',0x0a,0x00 -ref_0002471d: +ref_000247ad: db ' SerialIoUart0= %x',0x0a,0x00 -ref_00024731: +ref_000247c1: db ' SerialIoUart1= %x',0x0a,0x00 -ref_00024745: +ref_000247d5: db ' SerialIoSdio= %x',0x0a,0x00 -ref_00024758: +ref_000247e8: db ' I2c0VoltageSelect= %x',0x0a,0x00 -ref_00024770: +ref_00024800: db ' I2c1VoltageSelect= %x',0x0a,0x00 -ref_00024788: +ref_00024818: db ' GpioIrqRoute= %x',0x0a,0x00 -ref_0002479b: +ref_0002482b: db ' DriverModeTouchPanel= %x',0x0a,0x00 -ref_000247b6: +ref_00024846: db ' DriverModeTouchPad= %x',0x0a,0x00 -ref_000247cf: +ref_0002485f: db ' DriverModeSensorHub= %x',0x0a,0x00 -ref_000247e9: +ref_00024879: db ' Ddr50Support= %x',0x0a,0x00 -ref_000247fc: +ref_0002488c: db '------------------ PCH Audio DSP Config ------------------',0x0a,0x00 -ref_00024838: +ref_000248c8: db ' AudioDspAcpiMode= %x',0x0a,0x00 -ref_0002484f: +ref_000248df: db ' AudioDspD3PowerGating= %x',0x0a,0x00 -ref_0002486b: +ref_000248fb: db ' AudioDspSramPowerGating= %x',0x0a,0x00 -ref_00024889: +ref_00024919: db ' AudioDspBluetoothSupport= %x',0x0a,0x00 -ref_000248a8: +ref_00024938: db ' AudioDspAcpiInterruptMode= %x',0x0a,0x00 -ref_000248c8: +ref_00024958: +db ' AudioDspMclkOutputSelect= %x',0x0a,0x00 + +ref_00024977: db ' AudioDspFeatureMask= %x',0x0a,0x00 -ref_000248e2: +ref_00024991: db '------------------ PCH Platform Data ------------------',0x0a,0x00 -ref_0002491b: +ref_000249ca: db ' FviSmbiosType= %x',0x0a,0x00 -ref_0002492f: +ref_000249de: db ' EcPresent= %x',0x0a,0x00 -ref_0002493f: +ref_000249ee: db ' TempPciBusMin= %x',0x0a,0x00 -ref_00024953: +ref_00024a02: db ' TempPciBusMax= %x',0x0a,0x00 -ref_00024967: +ref_00024a16: db ' TempMemBaseAddr= %x',0x0a,0x00 -ref_0002497d: +ref_00024a2c: db ' TempMemSize= %x',0x0a,0x00 -ref_0002498f: +ref_00024a3e: db '------------------ PCH Interrupt Config ------------------',0x0a,0x00 -ref_000249cb: +ref_00024a7a: db ' DXXIP[%d] Offset = %x',0x0a,0x00 -ref_000249e3: +ref_00024a92: db ' DXXIP[%d] Settings = %x',0x0a,0x00 -ref_000249fd: +ref_00024aac: db ' DXXIR[%d] Offset = %x',0x0a,0x00 -ref_00024a15: +ref_00024ac4: db ' DXXIR[%d] Settings = %x',0x0a,0x00 -ref_00024a2f: +ref_00024ade: db '------------------------ PCH Dump Platform Policy Start ------------------------',0x0a,0x00 -ref_00024a81: +ref_00024b30: db ' Revision= %x',0x0a,0x00 -ref_00024a90: +ref_00024b3f: db ' Rcba= %x',0x0a,0x00 -ref_00024a9b: +ref_00024b4a: db ' PmBase= %x',0x0a,0x00 -ref_00024aa8: +ref_00024b57: db ' GpioBase= %x',0x0a,0x00 -ref_00024ab7: +ref_00024b66: db ' Port80Route= %x',0x0a,0x00 -ref_00024ac9: +ref_00024b78: db '------------------------ PCH Dump Platform Policy End --------------------------',0x0a,0x00 -ref_00024b1b: +ref_00024bca: db 'PchPlatformPolicy->Rcba != ' -ref_00024b36: +ref_00024be5: db 0x30 db 0x00 -ref_00024b38: +ref_00024be7: db '../../intel/Pch/PchInit/Pei/PchDebugDump.c',0x00 -ref_00024b63: +ref_00024c12: db 'PchPlatformPolicy->PmBase != 0',0x00 -ref_00024b82: +ref_00024c31: db 'PchPlatformPolicy->GpioBase != 0',0x00 -ref_00024ba3: +ref_00024c52: db 'PchPlatformPolicy->PlatformData.TempMemBaseAddr != 0',0x00 -ref_00024bd8: +ref_00024c87: db 'PchPlatformPolicy->PlatformData.TempMemSize >= 0x10000',0x00 -ref_00024c0f: +ref_00024cbe: db 'PchPlatformPolicy->PlatformData.TempIoBaseAddr != 0',0x00 -ref_00024c43: +ref_00024cf2: db 'PchPlatformPolicy->PlatformData.TempIoSize >= 0x10',0x00 -ref_00024c76: +ref_00024d25: db '../../intel/Pch/PchInit/Pei/PchDmiPeim.c',0x00 -ref_00024c9f: +ref_00024d4e: db 'TC:%0x VC:%0x!',0x0a,0x00 -ref_00024caf: +ref_00024d5e: db 'VC:%0x VCID:%0x Enable:%0x!',0x0a,0x00 -ref_00024ccc: +ref_00024d7b: db 'PchDmiGen2Prog() Start',0x0a,0x00 -ref_00024ce4: +ref_00024d93: db 'PchDmiGen2Prog() End',0x0a,0x00 -ref_00024cfa: +ref_00024da9: db 'Usb30TxOutVoltDnAmpAdj is out of valid range ',0x0a,0x00 -ref_00024d29: +ref_00024dd8: db 'Usb30TxOutImpScVoltAmpAdj is out of valid range ',0x0a,0x00 -ref_00024d5b: +ref_00024e0a: db 'Usb30TxOutDeEmpAdj is out of valid range ',0x0a,0x00 -ref_00024d86: +ref_00024e35: db 'Usb30TxOutImpAdjVoltAmp is out of valid range ',0x0a,0x00 -ref_00024db6: +ref_00024e65: db 'PchStartUsbInit() - Start',0x0a,0x00 -ref_00024dd1: +ref_00024e80: db 'Revision : 0x%x',0x0a,0x00 -ref_00024de2: +ref_00024e91: db 'EhciMemBaseAddr : 0x%x',0x0a,0x00 -ref_00024dfa: +ref_00024ea9: db 'XhciMemBaseAddr : 0x%x',0x0a,0x00 -ref_00024e12: +ref_00024ec1: db '../../intel/Pch/PchInit/Pei/PchUsbInit.c',0x00 -ref_00024e3b: +ref_00024eea: db 'PchStartUsbInit() - End',0x0a,0x00 -ref_00024e54: +ref_00024f03: db 'PchUsbInit() - Start',0x0a,0x00 -ref_00024e6a: +ref_00024f19: db 'PchUsbInit() - End',0x0a,0x00 -ref_00024e7e: +ref_00024f2d: db 'Invalid Vendor ID! ',0x0a,0x00 -ref_00024e93: +ref_00024f42: db 'PchInitRootPorts() Start',0x0a,0x00 -ref_00024ead: +ref_00024f5c: db 'Func0PortNum <= MaxPciePortNum',0x00 -ref_00024ecc: +ref_00024f7b: db '../../intel/Pch/PchInit/Pei/PchRootPortsPei.c',0x00 -ref_00024efa: +ref_00024fa9: db ' Root Port %x device enabled. RpEnableMask: 0x%x',0x0a,0x00 -ref_00024f2c: +ref_00024fdb: db 'PchInitRootPorts() End',0x0a,0x00 -ref_00024f44: +ref_00024ff3: db 'ICB bit is not zero before SendCodecCommand! ',0x0a,0x00 -ref_00024f73: +ref_00025022: db 'SendCodecCommand: ReadBack fail! ',0x0a,0x00 -ref_00024f96: +ref_00025045: db 'VendorDeviceId != 0',0x00 -ref_00024faa: +ref_00025059: db '../../intel/Pch/PchInit/Pei/PchHdaPei.c',0x00 -ref_00024fd2: +ref_00025081: db 'Set the ownership of I/O buffers to HD-Audio or Audio DSP subsystem',0x0a,0x00 -ref_00025017: +ref_000250c6: db 'PchAzaliaInit() Start',0x0a,0x00 -ref_0002502e: +ref_000250dd: db 'Reset High Definition Audio (Azalia) Codec Time Out - 1! ',0x0a,0x00 -ref_00025069: +ref_00025118: db 'Reset High Definition Audio (Azalia) Codec Time Out - 2! ',0x0a,0x00 -ref_000250a4: +ref_00025153: db 'No Azalia device is detected.',0x0a,0x00 -ref_000250c3: +ref_00025172: db 'SDI%d has no Azalia device.',0x0a,0x00 -ref_000250e0: +ref_0002518f: db 'Error: Reading the Codec Vendor ID/Device ID fail!',0x0a,0x00 -ref_00025114: +ref_000251c3: db 'Error: Reading the Codec Revision ID fail!',0x0a,0x00 -ref_00025140: +ref_000251ef: db 'SDI:%d Detected Azalia Codec 0x%08X rev 0x%02X',0x0a,0x00 -ref_00025170: +ref_0002521f: db 'Error: No matching Azalia codec verb table found for codec (0x%08X).',0x0a,0x00 -ref_000251b6: +ref_00025265: db 'Found verb table for vendor 0x%04X devId 0x%04X rev 0x%02X (SDI:%X, size: %d dwords)',0x0a,0x00 -ref_0002520c: +ref_000252bb: db '(CodecCmdData >> 28) == 0',0x00 -ref_00025226: +ref_000252d5: db 'Error loading verb table for Azalia Codec of 0x%08X',0x00 -ref_0002525a: +ref_00025309: db 'PchAzaliaInit() End',0x0a,0x00 -ref_0002526f: +ref_0002531e: db '../../intel/Pch/PchInit/Common/PchUsbCommon.c',0x00 -ref_0002529d: +ref_0002534c: db 'PchUsbCommon XHCI Capability Pointer = 0x%x',0x0a,0x00 -ref_000252ca: +ref_00025379: db 'PchUsbCommon DebugPortSsIndex = %d',0x0a,0x00 -ref_000252ee: +ref_0002539d: db 'OCPin < 4',0x00 -ref_000252f8: +ref_000253a7: db 'UsbConfig->PortUsb20[Index].Usb20EyeDiagramTuningParam2 < 8',0x00 -ref_00025334: +ref_000253e3: db 'UsbConfig->PortUsb20[Index].Usb20EyeDiagramTuningParam1 < 8',0x00 -ref_00025370: +ref_0002541f: db 'CommonUsbInit() - Start',0x0a,0x00 -ref_00025389: +ref_00025438: db 'CommonUsbInit() - End',0x0a,0x00 -ref_000253a0: +ref_0002544f: db 'hljztL',0x00 -ref_000253a7: +ref_00025456: db '(null)',0x00 -ref_000253ae: +ref_0002545d: db '{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}',0x0a,0x00 -ref_000253e2: +ref_00025491: db '%s: overwrite GUID ',0x00 -ref_000253f6: +ref_000254a5: db '%s: no room for a new PPI',0x0a,0x00 -ref_00025411: +ref_000254c0: db '%s: NOT_FOUND in %d entries ',0x00 -ref_0002542e: +ref_000254dd: db '%s: no room for a new notifier',0x0a,0x00 -ref_0002544e: +ref_000254fd: db '%s installed %d',0x0a,0x00 -ref_0002545f: +ref_0002550e: db 'Invalid PEI data version, %d != %d',0x0a,0x00 -ref_00025483: +ref_00025532: db 'MRC: S3 Resume',0x0a,0x00 -ref_00025493: +ref_00025542: db 'Initializing Policy',0x0a,0x00 -ref_000254a8: +ref_00025557: db 'Installing common PPI',0x0a,0x00 -ref_000254bf: +ref_0002556e: db 'stall.c',0x00 -ref_000254c7: +ref_00025576: db 'Generating Random number...',0x0a,0x00 -ref_000254e4: +ref_00025593: db 'Exiting Random number: %08Xh',0x0a,0x00 -ref_00025502: +ref_000255b1: db 'Post Code: %04Xh',0x0a,0x00 -ref_00025514: +ref_000255c3: db 'Returned From MrcStartMemoryConfiguration(). MrcStatus = %08Xh',0x0a,0x00 -ref_00025554: +ref_00025603: db '(Bus <= 0xFF) && (Device <= 0x1F) && (Function <= 0x7)',0x00 -ref_0002558b: +ref_0002563a: db '../policy/MrcOemPlatform.c',0x00 -ref_000255a6: +ref_00025655: db 'Pch PEI Platform Policy Initialization Done ',0x0a,0x00 -ref_000255d4: +ref_00025683: db '../../intel/SampleCode/PolicyInit/Pei/PolicyInitPei.c',0x00 -ref_0002560a: +ref_000256b9: db 'CPU PEI Platform Policy Initialization Done ',0x0a,0x00 -ref_00025638: +ref_000256e7: db 'Me PEI Platform Policy Initialization Done ',0x0a,0x00 -ref_00025665: +ref_00025714: db 'SystemAgent PEI Platform Policy Initialization Done ',0x0a,0x00 -ref_0002569b: +ref_0002574a: db '((UINTN)Buffer & (sizeof (Guid->Data1) - 1)) == 0',0x00 -ref_000256cd: +ref_0002577c: db '../../UDK2010.SR1/MdePkg/Library/BaseMemoryLibOptPei/MemLibGuid.c',0x00 -ref_0002570f: +ref_000257be: db 'Length <= (0xFFFFFFFF - (UINTN)Buffer + 1)',0x00 -ref_0002573a: +ref_000257e9: db '(Length & (sizeof (*GuidPtr) - 1)) == 0',0x00 -ref_00025762: +ref_00025811: db '!(Buffer == ((void *) 0) && Length > 0)',0x00 -ref_0002578a: +ref_00025839: db '../../UDK2010.SR1/MdePkg/Library/BaseMemoryLibOptPei/ZeroMemWrapper.c',0x00 -ref_000257d0: +ref_0002587f: db 'DestinationBuffer != ((void *) 0)',0x00 -ref_000257f2: +ref_000258a1: db '../../UDK2010.SR1/MdePkg/Library/BaseMemoryLibOptPei/CompareMemWrapper.c',0x00 -ref_0002583b: +ref_000258ea: db 'SourceBuffer != ((void *) 0)',0x00 -ref_00025858: +ref_00025907: db '(Length - 1) <= (0xFFFFFFFF - (UINTN)DestinationBuffer)',0x00 -ref_00025890: +ref_0002593f: db '(Length - 1) <= (0xFFFFFFFF - (UINTN)SourceBuffer)',0x00 -ref_000258c3: +ref_00025972: db '../../UDK2010.SR1/MdePkg/Library/BaseMemoryLibOptPei/CopyMemWrapper.c',0x00 -ref_00025909: +ref_000259b8: db 'Count < 64',0x00 -ref_00025914: +ref_000259c3: db '../../UDK2010.SR1/MdePkg/Library/BaseLib/RShiftU64.c',0x00 -ref_00025949: +ref_000259f8: db '../../UDK2010.SR1/MdePkg/Library/BaseLib/Unaligned.c',0x00 -ref_0002597e: +ref_00025a2d: db 'Divisor != 0',0x00 -ref_0002598b: +ref_00025a3a: db '../../UDK2010.SR1/MdePkg/Library/BaseLib/ModU64x32.c',0x00 -ref_000259c0: +ref_00025a6f: db '../../UDK2010.SR1/MdePkg/Library/BaseLib/DivU64x32.c',0x00 -ref_000259f5: +ref_00025aa4: db '../../UDK2010.SR1/MdePkg/Library/BaseLib/DivU64x32Remainder.c',0x00 -ref_00025a33: +ref_00025ae2: db 'EndBit < sizeof (Value) * 8',0x00 -ref_00025a4f: +ref_00025afe: db '../../UDK2010.SR1/MdePkg/Library/BaseLib/X86Msr.c',0x00 -ref_00025a81: +ref_00025b30: db 'StartBit <= EndBit',0x00 -ref_00025a94: +ref_00025b43: db 'EndBit < sizeof (OrData) * 8',0x00 -ref_00025ab1: +ref_00025b60: db 'EndBit < sizeof (AndData) * 8',0x00 -ref_00025acf: +ref_00025b7e: db '../../UDK2010.SR1/MdePkg/Library/BaseIoLibIntrinsic/IoLib.c',0x00 -ref_00025b0b: +ref_00025bba: db '(Address & 1) == 0',0x00 -ref_00025b1e: +ref_00025bcd: db '(Address & 3) == 0',0x00 -ref_00025b31: +ref_00025be0: db '(Address & 7) == 0',0x00 -ref_00025b44: +ref_00025bf3: db '(Port & 1) == 0',0x00 -ref_00025b54: +ref_00025c03: db '../../UDK2010.SR1/MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c',0x00 -ref_00025b93: +ref_00025c42: db '(Port & 3) == 0',0x00 -ref_00025ba3: +ref_00025c52: db '../../UDK2010.SR1/MdePkg/Library/PeiHobLib/HobLib.c',0x00 -ref_00025bd7: +ref_00025c86: db 'HobList != ((void *) 0)',0x00 -ref_00025bef: +ref_00025c9e: db 'HobStart != ((void *) 0)',0x00 -ref_00025c08: +ref_00025cb7: db 'Hob != ((void *) 0)',0x00 -ref_00025c1c: +ref_00025ccb: db '((MemoryAllocationModule & (0x00001000 - 1)) == 0) && ((ModuleLength & (0x00001000 - 1)) == 0)',0x00 -ref_00025c7b: +ref_00025d2a: db 'Guid != ((void *) 0)',0x00 -ref_00025c90: +ref_00025d3f: db 'DataLength <= (0xFFF8 - sizeof (EFI_HOB_GUID_TYPE))',0x00 -ref_00025cc4: +ref_00025d73: db 'Data != ((void *) 0) || DataLength == 0',0x00 -ref_00025cec: +ref_00025d9b: db '((BaseAddress & (0x00001000 - 1)) == 0) && ((Length & (0x00001000 - 1)) == 0)',0x00 -ref_00025d3a: +ref_00025de9: db 'FvInfoPpi != ((void *) 0)',0x00 -ref_00025d54: +ref_00025e03: db '../../UDK2010.SR1/MdePkg/Library/PeiServicesLib/PeiServicesLib.c',0x00 -ref_00025d95: +ref_00025e44: db 'ParentFvNameValue != ((void *) 0)',0x00 -ref_00025db7: +ref_00025e66: db 'ParentFileNameValue != ((void *) 0)',0x00 -ref_00025ddb: +ref_00025e8a: db 'FvInfoPpiDescriptor != ((void *) 0)',0x00 -ref_00025dff: +ref_00025eae: db 'PeiServicesTablePointer != ((void *) 0)',0x00 -ref_00025e27: +ref_00025ed6: db '../../UDK2010.SR1/MdePkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointer.c',0x00 -ref_00025e7d: +ref_00025f2c: db 'gPeiServices != ((void *) 0)',0x00 -ref_00025e9a: +ref_00025f49: db 'Pages != 0',0x00 -ref_00025ea5: +ref_00025f54: db '../../UDK2010.SR1/MdePkg/Library/PeiMemoryAllocationLib/MemoryAllocationLib.c',0x00 -ref_00025ef3: +ref_00025fa2: db '(Alignment & (Alignment - 1)) == 0',0x00 -ref_00025f16: +ref_00025fc5: db 'Pages <= (0xFFFFFFFF - (((Alignment) >> 12) + (((Alignment) & 0xFFF) ? 1 : 0)))',0x00 -ref_00025f66: +ref_00026015: db 'AllocationSize <= (0xFFFFFFFF - (UINTN) Buffer + 1)',0x00 -ref_00025f9a: +ref_00026049: db '!((BOOLEAN) (((SmBusAddress) & 0x00400000) != 0))',0x00 -ref_00025fcc: +ref_0002607b: db '../../UDK2010.SR1/MdePkg/Library/PeiSmbusLibSmbus2Ppi/SmbusLib.c',0x00 -ref_0002600d: +ref_000260bc: db '(((SmBusAddress) >> 8) & 0xff) == 0',0x00 -ref_00026031: +ref_000260e0: db '(((SmBusAddress) >> 16) & 0x3f) == 0',0x00 -ref_00026056: +ref_00026105: db '((SmBusAddress) & ~(0x00800000 - 2)) == 0',0x00 -ref_00026080: +ref_0002612f: db '(((SmBusAddress) >> 16) & 0x3f) >= 1',0x00 -ref_000260a5: +ref_00026154: db '(((SmBusAddress) >> 16) & 0x3f) <= 32',0x00 -ref_000260cb: +ref_0002617a: db 'WriteBuffer != ((void *) 0)',0x00 -ref_000260e7: +ref_00026196: db 'Read' -ref_000260eb: +ref_0002619a: db 'Buffer != ((void *) 0)',0x00 -ref_00026102: +ref_000261b1: db '../../UDK2010.SR1/MdePkg/Library/PeiSmbusLibSmbus2Ppi/PeiSmbusLib.c',0x00 -ref_00026146: +ref_000261f5: db 'SmbusPpi != ((void *) 0)',0x00 -ref_0002615f: +ref_0002620e: db 'CpuIO PPI has been loaded into memory. Reinstalled PPI=0x%x',0x0a,0x00 -ref_0002619d: +ref_0002624c: db '../../UDK2010.SR1/UefiCpuPkg/CpuIoPei/CpuIoPei.c',0x00 -ref_000261ce: +ref_0002627d: db 'PEI SmbusExecute() Start, SmbusDeviceAddress=%x, Command=%x, Operation=%x',0x0a,0x00 -ref_00026219: +ref_000262c8: db 'CR has Bad Signature',0x00 -ref_0002622e: +ref_000262dd: db '../../intel/Pch/Smbus/Pei/PchSmbusEntry.c',0x00 -ref_00026258: +ref_00026307: db 'PEI SmbusExecute() End',0x0a,0x00 -ref_00026270: +ref_0002631f: db 'InitializePchSmbusPeim() Start',0x0a,0x00 -ref_00026290: +ref_0002633f: db 'Failed to allocate memory for Private! ',0x0a,0x00 -ref_000262b9: +ref_00026368: db 'InitializePchSmbusPeim() End',0x0a,0x00 -ref_000262d7: +ref_00026386: db 'SmbusIoBase != 0x0000FFE0 && SmbusIoBase != 0',0x00 -ref_00026305: +ref_000263b4: db '../../intel/Pch/Smbus/Common/PchSmbusExec.c',0x00 -ref_00026331: +ref_000263e0: db 'InstallPchReset() Start',0x0a,0x00 -ref_0002634a: +ref_000263f9: db '../../intel/Pch/Reset/Pei/PchReset.c',0x00 -ref_0002636f: +ref_0002641e: db 'InstallPchReset() End',0x0a,0x00 -ref_00026386: +ref_00026435: db 'Please do the global reset through HECI ',0x0a,0x00 -ref_000263b0: +ref_0002645f: db 'None of Pch Reset Callback Ppi is found .',0x0a,0x00 -ref_000263db: +ref_0002648a: db 'Failed to locate Pch Reset Callback Ppi.',0x0a,0x00 -ref_00026405: +ref_000264b4: db 'LptHC0',0x00 -ref_0002640c: +ref_000264bb: db 'LptLpB0',0x00 -ref_00026414: +ref_000264c3: db 'WptLpB0',0x00 -ref_0002641c: +ref_000264cb: db 'PCH code doesn',0x27,'t support the LpcDeviceId: 0x%04x!',0x0a,0x00 -ref_0002644f: +ref_000264fe: db 'Unsupported PCH SKU, LpcDeviceId: 0x%04x!',0x0a,0x00 -ref_0002647a: +ref_00026529: db '../../intel/Pch/Library/PchPlatformLib/PchPlatformLibrary.c',0x00 -ref_000264b6: +ref_00026565: db 'GbePortSel=%d',0x0a,0x00 -ref_000264c5: +ref_00026574: db 'ConfigureDisplay() Start',0x0a,0x00 -ref_000264df: +ref_0002658e: db 'ConfigureDisplay() End',0x0a,0x00 -ref_000264f7: +ref_000265a6: db 'CPU stepping = %x and CpuFamily = %x is not supported !',0x0a,0x00 -ref_00026531: +ref_000265e0: db 'Unsupported CPU SKU, CpuFamilyId: 0x%08X!',0x0a,0x00 -ref_0002655c: +ref_0002660b: db '../../intel/Cpu/Library/CpuPlatformLib/CpuPlatformLibrary.c',0x00 -ref_00026598: +ref_00026647: db 'NumberOfEnabledCoresPerDie != ((void *) 0)',0x00 -ref_000265c3: +ref_00026672: db 'NumberOfEnabledThreadsPerCore != ((void *) 0)',0x00 -ref_000265f1: +ref_000266a0: db 'NumberOfDiesPerPackage != ((void *) 0)',0x00 -ref_00026618: +ref_000266c7: db 'NumberOfPackages != ((void *) 0)',0x00 -ref_00026639: +ref_000266e8: db '(MAILBOX) Mailbox interface timed out.',0x0a,0x00 -ref_00026661: +ref_00026710: db '(MAILBOX) Mailbox Write Command = %2Xh',0x0a,0x00 -ref_00026689: +ref_00026738: db '(MAILBOX) Mailbox read data is corrupted.',0x0a,0x00 -ref_000266b4: +ref_00026763: db '(MAILBOX) Unrecognized Mailbox Type.',0x0a,0x00 -ref_000266da: +ref_00026789: db '(MAILBOX) Mailbox Status = %2Xh',0x0a,0x00 -ref_000266fb: +ref_000267aa: db '(MAILBOX) Mailbox Read Command = %2Xh',0x0a,0x00 -ref_00026722: +ref_000267d1: db 'Read PCH Power Limit from PCODE Mail Box : %x ',0x0a,0x00 -ref_00026752: +ref_00026801: db '(OC MAILBOX) Unknown Command ID',0x0a,0x00 -ref_00026773: +ref_00026822: db '%s:%d pool cookie corrupted...',0x0a,0x00 -ref_00026793: +ref_00026842: db '%s:%d failed to allocate %d bytes...',0x0a,0x00 -ref_000267b9: +ref_00026868: db 'No memory to create HOB of %d bytes!',0x0a,0x00 -ref_000267df: +ref_0002688e: db 'Created hob: %x %u at %p',0x0a,0x00 -ref_000267f9: +ref_000268a8: db 'SaPlatformPolicyPpi != ((void *) 0)',0x00 -ref_0002681d: +ref_000268cc: db '../policy/SaPolicyInitPei.c',0x00 -ref_00026839: +ref_000268e8: db 'SaPlatformPolicyPpiDesc != ((void *) 0)',0x00 -ref_00026861: +ref_00026910: db 'PlatformData != ((void *) 0)',0x00 -ref_0002687e: +ref_0002692d: db 'GtConfig != ((void *) 0)',0x00 -ref_00026897: +ref_00026946: db 'MemConfig != ((void *) 0)',0x00 -ref_000268b1: +ref_00026960: db 'MemConfigNoCrc != ((void *) 0)',0x00 -ref_000268d0: +ref_0002697f: db 'PcieConfig != ((void *) 0)',0x00 -ref_000268eb: +ref_0002699a: db 'PegGpioData != ((void *) 0)',0x00 -ref_00026907: +ref_000269b6: db 'OcConfig != ((void *) 0)',0x00 -ref_00026920: +ref_000269cf: db '../policy/PchPolicyInitPei.c',0x00 -ref_0002693d: +ref_000269ec: db '../policy/PchPolicyInitUsb.c',0x00 -ref_0002695a: +ref_00026a09: db 'CpuPlatformPolicyPpi != ((void *) 0)',0x00 -ref_0002697f: +ref_00026a2e: db '../policy/CpuPolicyInitPei.c',0x00 -ref_0002699c: +ref_00026a4b: db 'CpuPlatformPolicyPpiDesc != ((void *) 0)',0x00 -ref_000269c5: +ref_00026a74: db 'CpuConfig != ((void *) 0)',0x00 -ref_000269df: +ref_00026a8e: db 'SecurityConfig != ((void *) 0)',0x00 -ref_000269fe: +ref_00026aad: db 'PowerMgmtConfig != ((void *) 0)',0x00 -ref_00026a1e: +ref_00026acd: db 'MePlatformPolicyPpi != ((void *) 0)',0x00 -ref_00026a42: +ref_00026af1: db '../policy/MePolicyInitPei.c',0x00 -ref_00026a5e: +ref_00026b0d: db 'MePlatformPolicyPpiDesc != ((void *) 0)',0x00 -ref_00026a86: +ref_00026b35: db 'ME PEI Platform Policy PPI Installed',0x0a,0x00 -ref_00026aac: +ref_00026b5b: db '(Length - 1) <= (0xFFFFFFFF - (UINTN)Buffer)',0x00 -ref_00026ad9: +ref_00026b88: db '../../UDK2010.SR1/MdePkg/Library/BaseMemoryLibOptPei/SetMemWrapper.c',0x00 -ref_00026b1e: +ref_00026bcd: db '../../UDK2010.SR1/MdePkg/Library/BaseMemoryLibOptPei/SetMem32Wrapper.c',0x00 -ref_00026b65: +ref_00026c14: db '(((UINTN)Buffer) & (sizeof (Value) - 1)) == 0',0x00 -ref_00026b93: +ref_00026c42: db '(Length & (sizeof (Value) - 1)) == 0',0x00 -ref_00026bb8: +ref_00026c67: db '(OrData >> (EndBit - StartBit)) == ((OrData >> (EndBit - StartBit)) & 1)',0x00 -ref_00026c01: +ref_00026cb0: db '../../UDK2010.SR1/MdePkg/Library/BaseLib/BitField.c',0x00 -ref_00026c35: +ref_00026ce4: db '(AndData >> (EndBit - StartBit)) == ((AndData >> (EndBit - StartBit)) & 1)',0x00 -ref_00026c80: +ref_00026d2f: db 'EndBit < 8',0x00 -ref_00026c8b: +ref_00026d3a: db 'EndBit < 16',0x00 -ref_00026c97: +ref_00026d46: db 'EndBit < 32',0x00 -ref_00026ca3: +ref_00026d52: db 'EndBit < 64',0x00 -ref_00026caf: +ref_00026d5e: db 'RShiftU64 (OrData, EndBit - StartBit) == (RShiftU64 (OrData, EndBit - StartBit) & 1)',0x00 -ref_00026d04: +ref_00026db3: db 'RShiftU64 (AndData, EndBit - StartBit) == (RShiftU64 (AndData, EndBit - StartBit) & 1)',0x00 -ref_00026d5b: +ref_00026e0a: db '../../UDK2010.SR1/MdePkg/Library/BaseLib/LShiftU64.c',0x00 -ref_00026d90: +ref_00026e3f: db '../../UDK2010.SR1/MdePkg/Library/BaseLib/DivU64x64Remainder.c',0x00 -ref_00026dce: +ref_00026e7d: db 'PchResetInstance->PchRootComplexBar != 0',0x00 -ref_00026df7: +ref_00026ea6: +db 0x2e db 0x2e -dd 0x2e2e2f2e -dd 0x746e692f -dd 0x502f6c65 -dd 0x522f6863 -dd 0x74657365 -dd 0x6d6f432f -dd 0x2f6e6f6d -dd 0x52686350 -dd 0x74657365 +dd 0x2f2e2e2f +dd 0x65746e69 +dd 0x63502f6c +dd 0x65522f68 +dd 0x2f746573 dd 0x6d6d6f43 -dd 0x632e6e6f -dd 0x90906600 - -ref_00026e28: +dd 0x502f6e6f +dd 0x65526863 +dd 0x43746573 +dd 0x6f6d6d6f +dd 0x00632e6e +dd 0x90669066 + +ref_00026ed8: dd 0x80000020 -dd ref_00028fdc +dd ref_0002908c dd fcn_00000197 -ref_00026e34: +ref_00026ee4: dd 0x80000020 -dd ref_00028fec +dd ref_0002909c dd fcn_000000ce -ref_00026e40: +ref_00026ef0: dd 0x80000010 -dd ref_0002926c +dd ref_0002931c dd 0x00000000 -ref_00026e4c: +ref_00026efc: dd 0x00014001 dd 0x00022101 dd 0x00034003 @@ -55729,31 +55784,31 @@ dd 0x0116e116 dd 0x0117f117 dd 0x0118f618 -ref_00026eac: +ref_00026f5c: dd 0x00000020 -dd ref_0002912c -dd fcn_0000d811 +dd ref_000291dc +dd fcn_0000d87f dd 0x80000040 -dd ref_00028fec -dd fcn_0000bdd3 +dd ref_0002909c +dd fcn_0000be41 -ref_00026ec4: +ref_00026f74: dd 0x80000010 -dd ref_0002909c +dd ref_0002914c dd 0x00000000 -ref_00026ed0: +ref_00026f80: dd 0x80000010 -dd ref_000290fc -dd ref_00026edc +dd ref_000291ac +dd ref_00026f8c -ref_00026edc: -dd fcn_00011833 -dd fcn_00010b32 -dd fcn_00010cce -dd fcn_0000bcca +ref_00026f8c: +dd fcn_000118c3 +dd fcn_00010bc2 +dd fcn_00010d5e +dd fcn_0000bd38 -ref_00026eec: +ref_00026f9c: dd 0x02353140 dd 0x20373144 dd 0x32103146 @@ -55764,7 +55819,7 @@ dd 0x00063158 dd 0x55443164 dd 0x00073168 -ref_00026f10: +ref_00026fc0: dd 0x02353140 dd 0x20373144 dd 0x32103146 @@ -55772,7 +55827,7 @@ dd 0x32163148 dd 0x3250314c dd 0x76543150 -ref_00026f28: +ref_00026fd8: dd 0x00003100 dd 0x03203200 dd 0x00003108 @@ -55784,7 +55839,7 @@ dd 0x00000001 dd 0x00003118 dd 0x00000001 -ref_00026f50: +ref_00027000: dd 0x00003100 dd 0x03203200 dd 0x00003108 @@ -55798,7 +55853,7 @@ dd 0x00000001 dd 0x00003118 dd 0x00000001 -ref_00026f80: +ref_00027030: dd 0x00000000 dd 0x00000001 dd 0x00000002 @@ -55832,7 +55887,7 @@ dd 0xe9002040 dd 0xea002040 dd 0xea002240 -ref_00027000: +ref_000270b0: dd 0xe9002168 dd 0xfeffffff dd 0x01000000 @@ -55906,7 +55961,7 @@ dd 0xe9002770 dd 0xffffff9f dd 0x00000000 -ref_00027120: +ref_000271d0: dd 0xe9001768 dd 0xfeffffff dd 0x01000000 @@ -56016,13 +56071,13 @@ dd 0xe9003170 dd 0xffffff9f dd 0x00000000 -ref_000272d0: +ref_00027380: dd 0x00000530 dd 0x00000540 dd 0x00000550 dd 0x00000560 -ref_000272e0: +ref_00027390: dd 0x00000480 dd 0x00000490 dd 0x000004a0 @@ -56035,13 +56090,13 @@ dd 0x00000500 dd 0x00000510 dd 0x00000520 -ref_0002730c: +ref_000273bc: dd 0x00000510 dd 0x00000520 dd 0x00000530 dd 0x00000540 -ref_0002731c: +ref_000273cc: dd 0x00000570 dd 0x00000580 dd 0x00000590 @@ -56049,7 +56104,7 @@ dd 0x000005a0 dd 0x000005b0 dd 0x000005c0 -ref_00027334: +ref_000273e4: dd 0x00000480 dd 0x00000490 dd 0x000004a0 @@ -56060,7 +56115,7 @@ dd 0x000004e0 dd 0x000004f0 dd 0x00000500 -ref_00027358: +ref_00027408: dd 0x00000480 dd 0x00000490 dd 0x000004a0 @@ -56077,7 +56132,7 @@ dd 0x00000540 dd 0x00000550 dd 0x00000560 -ref_00027394: +ref_00027444: dd 0x00000000 dd 0xea002554 dd 0xffffc0ff @@ -56139,7 +56194,7 @@ dd 0x00020003 dd 0xea000b54 dd 0xffc0ffff -ref_00027484: +ref_00027534: dd 0x00000004 dd 0xea002154 dd 0xffffc0ff @@ -56171,7 +56226,7 @@ dd 0x00020005 dd 0xea002354 dd 0xffc0ffff -ref_000274fc: +ref_000275ac: dd 0xea002490 dd 0xffff0000 dd 0x00003e67 @@ -56185,7 +56240,7 @@ dd 0xea000a90 dd 0xffff0000 dd 0x00003e67 -ref_0002752c: +ref_000275dc: dd 0xea002090 dd 0xffff0000 dd 0x00003e67 @@ -56193,7 +56248,7 @@ dd 0xea002290 dd 0xffff0000 dd 0x00003e67 -ref_00027544: +ref_000275f4: dd 0xea002490 dd 0xffff0000 dd 0x00004c5a @@ -56207,7 +56262,7 @@ dd 0xea000a90 dd 0xffff0000 dd 0x00004c5a -ref_00027574: +ref_00027624: dd 0xea002090 dd 0xffff0000 dd 0x00004c5a @@ -56215,7 +56270,7 @@ dd 0xea002290 dd 0xffff0000 dd 0x00004c5a -ref_0002758c: +ref_0002763c: dd 0xe9002e08 dd 0x0ffffeff dd 0xe0000100 @@ -56241,7 +56296,7 @@ dd 0xe9002008 dd 0x0ffffeff dd 0xe0000100 -ref_000275ec: +ref_0002769c: dd 0xe90031cc dd 0xffffebf8 dd 0x00001407 @@ -56351,7 +56406,7 @@ dd 0xe9001740 dd 0xff7fffff dd 0x00000000 -ref_0002779c: +ref_0002784c: dd 0xe9002c2c dd 0xfffff8ff dd 0x00000100 @@ -56413,7 +56468,7 @@ dd 0xe9002f40 dd 0xff7fffff dd 0x00000000 -ref_0002788c: +ref_0002793c: dd 0xea008008 dd 0x00ffffff dd 0x1c000000 @@ -56634,7 +56689,7 @@ dd 0xea000b0c dd 0xffc7fff0 dd 0x00000005 -ref_00027bf8: +ref_00027ca8: dd 0xea002008 dd 0x00039ef7 dd 0xea6c6108 @@ -56817,7 +56872,7 @@ dd 0x38ce0032 dd 0x32c038e9 dd 0xea38ce00 -ref_00027ecc: +ref_00027f7c: dd 0x00000003 dd 0xea002154 dd 0xffffc0ff @@ -56879,7 +56934,7 @@ dd 0x00020000 dd 0xea002754 dd 0xffc0ffff -ref_00027fbc: +ref_0002806c: dd 0xea002090 dd 0xffff0000 dd 0x00003e67 @@ -56893,7 +56948,7 @@ dd 0xea002690 dd 0xffff0000 dd 0x00003e67 -ref_00027fec: +ref_0002809c: dd 0xea002090 dd 0xffff0000 dd 0x00004c5a @@ -56907,7 +56962,7 @@ dd 0xea002690 dd 0xffff0000 dd 0x00004c5a -ref_0002801c: +ref_000280cc: dd 0xe9000808 dd 0x0ffffeff dd 0xe0000100 @@ -56927,7 +56982,7 @@ dd 0xe9001208 dd 0x0ffffeff dd 0xe0000100 -ref_00028064: +ref_00028114: dd 0xea008008 dd 0x00ffffff dd 0x1c000000 @@ -57148,7 +57203,7 @@ dd 0xea00270c dd 0xffc7fff0 dd 0x00000005 -ref_000283d0: +ref_00028480: dd 0xe90025cc dd 0xffffebf8 dd 0x00001407 @@ -57216,7 +57271,7 @@ dd 0xe9002740 dd 0xff7fffff dd 0x00000000 -ref_000284d8: +ref_00028588: dd 0xe90021cc dd 0xffffebf8 dd 0x00001407 @@ -57336,7 +57391,7 @@ dd 0xc00ce907 dd 0x07221709 dd 0x000000ea -ref_000286b0: +ref_00028760: dd 0x00000003 dd 0xea002154 dd 0xffffc0ff @@ -57398,7 +57453,7 @@ dd 0x00020000 dd 0xea002754 dd 0xffc0ffff -ref_000287a0: +ref_00028850: dd 0xe9000808 dd 0x0ffffeff dd 0xe0000100 @@ -57418,7 +57473,7 @@ dd 0xe9001208 dd 0x0ffffeff dd 0xe0000100 -ref_000287e8: +ref_00028898: dd 0xea008008 dd 0x00ffffff dd 0x1c000000 @@ -57651,7 +57706,7 @@ dd 0xea00270c dd 0xffc7fff0 dd 0x00000005 -ref_00028b84: +ref_00028c34: dd 0xe90025cc dd 0xffffebf8 dd 0x00001407 @@ -57725,7 +57780,7 @@ dd 0xe9002740 dd 0xff7fffff dd 0x00000000 -ref_00028ca4: +ref_00028d54: dd 0xe90021cc dd 0xffffebf8 dd 0x00001407 @@ -57896,13 +57951,13 @@ dd 0xcb000014 dd 0xffff9fff dd 0x00002000 -ref_00028f48: +ref_00028ff8: dd 0xb3e123d0 dd 0x4db47a1e dd 0xd4be66af dd 0x38669c1e -ref_00028f58: +ref_00029008: dd 0x524ed3ca dd 0x49f5b250 dd 0xbaa2d994 @@ -57912,70 +57967,70 @@ dd 0x446e1f65 dd 0x3584f5b3 dd 0xc4d1c7fc -ref_00028f78: +ref_00029028: dd 0x80000010 -dd ref_0002901c -dd ref_00028f84 +dd ref_000290cc +dd ref_00029034 -ref_00028f84: +ref_00029034: dd 0x00000000 -dd fcn_00016529 +dd fcn_000165b9 -ref_00028f8c: +ref_0002903c: dd 0x564b33cd dd 0x4593c92a dd 0x7324bf90 dd 0x22633ce4 -ref_00028f9c: +ref_0002904c: dd 0x4ed4bf27 dd 0x42e94092 dd 0x7b527d80 dd 0xbdc9001d -ref_00028fac: +ref_0002905c: dd 0xf8e21975 dd 0x4f580899 dd 0x2555bea4 dd 0x7ad7c6a9 -ref_00028fbc: +ref_0002906c: dd 0x8c8ce578 dd 0x4f1c8a3d dd 0x61893599 dd 0xd32dc385 -ref_00028fcc: +ref_0002907c: dd 0x49edb1c1 dd 0x4761bf21 dd 0x00eb12bb dd 0x39bbaa31 -ref_00028fdc: +ref_0002908c: dd 0x605ea650 dd 0x42e1c65c dd 0xa59180ba dd 0xc618b62a -ref_00028fec: +ref_0002909c: dd 0xf894643d dd 0x42d1c449 dd 0xbd85a88e dd 0xde5bc6d8 -ref_00028ffc: +ref_000290ac: dd 0xe6af1f7b dd 0x46dafc3f dd 0xb4a328a8 dd 0x8242a457 -ref_0002900c: +ref_000290bc: dd 0x9ca93627 dd 0x4324b65b dd 0xb4c002a2 dd 0x43457661 -ref_0002901c: +ref_000290cc: dd 0x1f4c6f90 dd 0x48d8b06b dd 0xe5ba01a2 @@ -57997,31 +58052,31 @@ dd 0x4489dc72 dd 0x9ee4c587 dd 0x52a473e7 -ref_0002906c: +ref_0002911c: dd 0xaf4a1998 dd 0x45454949 dd 0xe7c14c9c dd 0x56e042c0 -ref_0002907c: +ref_0002912c: dd 0x220307a4 dd 0x42a53670 dd 0x9d3201aa dd 0x6b913ecd -ref_0002908c: +ref_0002913c: dd 0x433e0f9f dd 0x410a05ae dd 0x29bfc3a0 dd 0xac25cb8e -ref_0002909c: +ref_0002914c: dd 0x1edcbdf9 dd 0x4bd4ffc6 dd 0x5d19f694 dd 0x5670e11d -ref_000290ac: +ref_0002915c: dd 0x17865dc0 dd 0x4da80b8b dd 0x467c428b @@ -58031,7 +58086,7 @@ dd 0x49c632bc dd 0xa1b7bd81 dd 0x6c1afea0 -ref_000290cc: +ref_0002917c: dd 0xed097352 dd 0x445a9041 dd 0x9db2b680 @@ -58041,19 +58096,19 @@ dd 0x4bdc4e55 dd 0x18d97baf dd 0x613f44ac -ref_000290ec: +ref_0002919c: dd 0xf38d1338 dd 0x4fb6af7a dd 0x9c1adb91 dd 0x0d578321 -ref_000290fc: +ref_000291ac: dd 0x908c7f8b dd 0x47fb5c48 dd 0xfdf55783 dd 0x7652234e -ref_0002910c: +ref_000291bc: dd 0xc02b0573 dd 0x4a312b4e dd 0x56941aa3 @@ -58063,7 +58118,7 @@ dd 0x4547693e dd 0x822100a3 dd 0xb220a43c -ref_0002912c: +ref_000291dc: dd 0x50031131 dd 0x43ef4f24 dd 0x3773afb7 @@ -58073,13 +58128,13 @@ dd 0x4b1ad425 dd 0x695f26bc dd 0x5aa18903 -ref_0002914c: +ref_000291fc: dd 0x794a0deb dd 0x4e7bc971 dd 0xbfd0f28a dd 0x9826ca3c -ref_0002915c: +ref_0002920c: dd 0x98191174 dd 0x41060b26 dd 0x45d002af @@ -58113,7 +58168,7 @@ dd 0x4dea790e dd 0x0538dc8b dd 0x44399816 -ref_000291dc: +ref_0002928c: dd 0xf8d5438e dd 0x481d26e1 dd 0xd6303cb6 @@ -58147,19 +58202,19 @@ dd 0x4d9be16c dd 0x35aa71bb dd 0x2f701a46 -ref_0002925c: +ref_0002930c: dd 0x573eaf99 dd 0x46b5f445 dd 0x4abcd5a5 dd 0xf3983593 -ref_0002926c: +ref_0002931c: dd 0x09ea8911 dd 0x4230be0d dd 0xc6ed03a0 dd 0x118eb493 -ref_0002927c: +ref_0002932c: dd 0x3e14d361 dd 0x42e4c7d7 dd 0xebb907ae @@ -58301,7 +58356,7 @@ dd 0x497e81e6 dd 0xfac8ff87 dd 0x28ec248f -ref_000294ac: +ref_0002955c: dd 0x4c10d934 dd 0x45a438e6 dd 0x792a249a @@ -58339,44 +58394,44 @@ dd 0x4642b3da dd 0x1cd0f595 dd 0xb8601c6c -ref_0002953c: +ref_000295ec: dd 0x08040201 dd 0x08040201 dd 0x00000000 -ref_00029548: +ref_000295f8: dd 0x08040201 dd 0x00000000 dd 0x08040201 -ref_00029554: +ref_00029604: dd 0x80000010 -dd ref_00028ffc -dd 0x00000000 - -ref_00029560: -dd fcn_0001a994 -dd fcn_0001aac1 -dd fcn_0001abd6 -dd fcn_0001acd4 -dd fcn_0001a847 -dd fcn_0001a856 -dd fcn_0001a865 -dd fcn_0001a8b5 -dd fcn_0001a874 -dd fcn_0001a88a +dd ref_000290ac +dd 0x00000000 + +ref_00029610: +dd fcn_0001aa58 +dd fcn_0001ab85 +dd fcn_0001ac9a +dd fcn_0001ad98 +dd fcn_0001a90b +dd fcn_0001a91a +dd fcn_0001a929 +dd fcn_0001a979 +dd fcn_0001a938 +dd fcn_0001a94e +dd fcn_0001a964 +dd fcn_0001a988 +dd fcn_0001a873 +dd fcn_0001a882 +dd fcn_0001a891 dd fcn_0001a8a0 -dd fcn_0001a8c4 -dd fcn_0001a7af -dd fcn_0001a7be -dd fcn_0001a7cd -dd fcn_0001a7dc -dd fcn_0001a7eb -dd fcn_0001a801 -dd fcn_0001a817 -dd fcn_0001a82c - -ref_000295b0: +dd fcn_0001a8af +dd fcn_0001a8c5 +dd fcn_0001a8db +dd fcn_0001a8f0 + +ref_00029660: dd 0x75736e55 dd 0x726f7070 dd 0x20646574 @@ -58398,10 +58453,10 @@ dd 0x6120646e dd 0x65766f62 dd 0x9066000a -ref_00029600: +ref_000296b0: dd 0xa6a4a2a0 -ref_00029604: +ref_000296b4: dd 0x02353140 dd 0x20373144 dd 0x32103146 @@ -58412,7 +58467,7 @@ dd 0x00063158 dd 0x55443164 dd 0x00073168 -ref_00029628: +ref_000296d8: dd 0x02353140 dd 0x20373144 dd 0x32103146 @@ -58420,7 +58475,7 @@ dd 0x32163148 dd 0x3250314c dd 0x76543150 -ref_00029640: +ref_000296f0: dd 0x00003100 dd 0x03203200 dd 0x00003108 @@ -58432,7 +58487,7 @@ dd 0x00000001 dd 0x00003118 dd 0x00000001 -ref_00029668: +ref_00029718: dd 0x00003100 dd 0x03203200 dd 0x00003108 @@ -58446,7 +58501,7 @@ dd 0x00000001 dd 0x00003118 dd 0x00000001 -ref_00029698: +ref_00029748: dd 0x422b8086 dd 0x02ffffff dd 0x00000001 @@ -58700,14 +58755,14 @@ dd 0x00000000 dd 0x00000000 dd 0x00000000 -;; The following should be the .bss section -ref_00029a88: +; .bss +ref_00029b38: dd 0x00000000 -ref_00029a8c: +ref_00029b3c: dd 0x00000000 -ref_00029a90: +ref_00029b40: dd 0x00000000 dd 0x00000000 dd 0x00000000 @@ -58715,26 +58770,26 @@ dd 0x00000000 dd 0x00000000 dd 0x00000000 -ref_00029aa8: +ref_00029b58: dd 0x00000000 dd 0x00000000 -ref_00029ab0: +ref_00029b60: dd 0x00000000 -ref_00029ab4: +ref_00029b64: dd 0x00000000 -ref_00029ab8: +ref_00029b68: dd 0x00000000 -ref_00029abc: +ref_00029b6c: dd 0x00000000 -ref_00029ac0: +ref_00029b70: dd 0x00000000 -ref_00029ac4: +ref_00029b74: dd 0x00000000 dd 0x00000000 dd 0x00000000 @@ -58742,10 +58797,10 @@ dd 0x00000000 dd 0x00000000 dd 0x00000000 -ref_00029adc: +ref_00029b8c: dd 0x00000000 -ref_00029ae0: +ref_00029b90: dd 0x00000000 dd 0x00000000 dd 0x00000000 @@ -58756,19 +58811,19 @@ dd 0x00000000 dd 0x00000000 dd 0x00000000 -ref_00029b04: +ref_00029bb4: dd 0x00000000 -ref_00029b08: +ref_00029bb8: dd 0x00000000 -ref_00029b0c: +ref_00029bbc: dd 0x00000000 -ref_00029b10: +ref_00029bc0: dd 0x00000000 -ref_00029b14: +ref_00029bc4: dd 0x00000000 dd 0x00000000 dd 0x00000000 @@ -58829,10 +58884,10 @@ dd 0x00000000 dd 0x00000000 dd 0x00000000 -ref_00029c00: +ref_00029cb0: dd 0x00000000 -ref_00029c04: +ref_00029cb4: dd 0x00000000 dd 0x00000000 dd 0x00000000 @@ -58894,14 +58949,14 @@ dd 0x00000000 dd 0x00000000 dd 0x00000000 -ref_00029cf4: +ref_00029da4: dd 0x00000000 dd 0x00000000 -ref_00029cfc: +ref_00029dac: dd 0x00000000 -ref_00029d00: +ref_00029db0: dd 0x00000000 dd 0x00000000 dd 0x00000000 @@ -66403,14 +66458,14 @@ dd 0x00000000 dd 0x00000000 dd 0x00000000 -ref_00031230: +ref_000312e0: dd 0x00000000 -ref_00031234: +ref_000312e4: dd 0x00000000 dd 0x00000000 dd 0x00000000 -ref_00031240: +ref_000312f0: dd 0x00000000 dd 0x00000000 |