1

Тема: [FASM] Реверс ApLib 1.1.0 та "example\appack.c" на ассемблері

Приклад "урізаної" бібліотеки пакування виконавчих файлів ApLib v1.1.0, за рахунок видалення копірайтів та таблиці ініціалізації у crc32.

aplib.asm

;   INFO: aP_pack, func_1..._9 - реверс

    SIGN = 'SIGN'

;   =========================================================
;       size_t aP_pack( const void *source,
;                       void *destination,
;                       size_t length,
;                       void *workmem,
;                       int (*callback)(size_t, size_t, size_t, void *),
;                       void *cbparam );
;   =========================================================
proc aP_pack
    var_42C         = -42Ch
    source          = 4
    destination     = 8
    length          = 0Ch
    workmem         = 10h
    callback        = 14h
    cbparam         = 18h


    mov eax, [esp + length]
    sub esp, 42Ch
    test eax, eax
    jnz short @f
    add esp, 42Ch
    retn 18h

@@: mov ecx, [esp + 42Ch + cbparam]
    mov edx, [esp + 42Ch + callback]
    push ecx
    mov ecx, [esp + 430h + source]
    push edx
    push eax
    mov eax, [esp + 438h + destination]
    push eax
    mov eax, [esp + 43Ch + workmem]
    push ecx
    lea ecx, [esp + 440h + var_42C]
    call func_1
    add esp, 42Ch

    retn 18h
endp


proc func_1
    var_40          = -40h
    var_3C          = -3Ch
    var_38          = -38h
    var_34          = -34h
    var_30          = -30h
    var_2C          = -2Ch
    var_28          = -28h
    var_24          = -24h
    var_20          = -20h
    var_1C          = -1Ch
    var_18          = -18h
    var_14          = -14h
    var_10          = -10h
    var_C           = -0Ch
    var_8           = -8
    var_4           = -4
    source          = 8
    destination     = 0Ch
    length          = 10h
    callback        = 14h
    cbparam         = 18h

    push ebp
    mov ebp, esp
    and esp, 0FFFFFFF8h
    sub esp, 44h
    cmp dword[ebp + length], 0
    push ebx
    push esi
    push edi
    mov esi, ecx
    jnz short @f
    xor eax, eax
    pop edi
    pop esi
    pop ebx
    mov esp, ebp
    pop ebp
    retn 14h

@@: mov ecx, [ebp + source]
    test ecx, ecx
    jnz short loc_10001982

loc_10001976:
    or eax, -1
    pop edi
    pop esi
    pop ebx
    mov esp, ebp
    pop ebp
    retn 14h

loc_10001982:
    mov edx, [ebp + destination]
    test edx, edx
    jz short loc_10001976
    test eax, eax
    jz short loc_10001976
    mov [esi], ecx
    dec ecx
    lea ebx, [eax + 5A018h]
    mov [esi + 420h], ecx
    mov [esi + 10h], eax
    xor eax, eax
    mov ecx, 10000h
    mov edi, ebx
    mov [esi + 4], edx
    rep stosd
    lea edx, [esi + 14h]
    mov eax, 100h

loc_100019B5:
    mov [edx], ebx
    add edx, 4
    add ebx, 400h
    dec eax
    jnz short loc_100019B5
    mov eax, [esi]
    mov edx, [esi + 10h]
    mov edi, [esi + 4]
    xor ebx, ebx
    mov [esi + 418h], eax
    mov [edx], ebx
    mov dl, [eax]
    inc eax
    mov [esi], eax
    mov eax, [ebp + length]
    mov ecx, 1
    dec eax
    mov [edi], dl
    inc edi
    mov [esp + 50h + var_38], ebx
    mov [esp + 50h + var_3C], ebx
    mov dword [esi + 424h], -1
    mov [esp + 50h + var_30], ebx
    mov [esi + 414h], ecx
    mov [esi + 41Ch], ebx
    mov [esi + 428h], ebx
    mov [esi + 4], edi
    mov dword[esp + 50h + var_2C], -1
    mov [esi + 0Ch], ecx
    mov [esp + 50h + var_40], ecx
    mov [esp + 50h + var_24], eax
    cmp eax, ecx
    jbe loc_10001FFC
    lea esp, [esp + 0]

loc_10001A30:
    cmp dword[ebp + callback], 0
    jz short loc_10001A66
    mov eax, [esp + 50h + var_30]
    inc eax
    mov [esp + 50h + var_30], eax
    test eax, 0FFFh
    jnz short loc_10001A66
    mov ecx, [esi + 4]
    mov eax, [ebp + cbparam]
    sub ecx, [ebp + destination]
    mov edx, [esi]
    sub edx, [ebp + source]
    push eax
    mov eax, [ebp + length]
    push ecx
    push edx
    push eax
    call dword[ebp + callback]
    test eax, eax
    jz loc_10001976

loc_10001A66:
    mov ecx, [esp + 50h + var_2C]
    cmp [esp + 50h + var_40], ecx
    jnz short loc_10001A82
    mov edx, [esp + 50h + var_8]
    mov eax, [esp + 50h + var_4]
    mov [esp + 50h + var_20], edx
    mov [esp + 50h + var_1C], eax
    jmp short loc_10001A9A

loc_10001A82:
    mov eax, [esp + 50h + var_40]
    mov ecx, [ebp + length]
    mov edx, [esi]
    sub ecx, eax
    push ecx
    push eax
    push edx
    lea eax, [esp + 5Ch + var_20]
    push eax
    call func_2

loc_10001A9A:
    cmp dword[esp + 50h + var_20], 2
    jl loc_10001E35
    mov eax, [esi + 424h]
    cmp [esp + 50h + var_1C], eax
    jnz short loc_10001B15
    cmp ebx, 1
    jbe loc_10001C18
    mov edi, [esp + 50h + var_14]
    cmp edi, eax
    jz loc_10001C18
    mov ecx, [esp + 50h + var_40]
    mov eax, [esp + 50h + var_3C]
    sub ecx, ebx
    push ebx
    push ecx
    call func_5
    mov [esp + 58h + var_28], eax
    add esp, 8
    mov ecx, ebx
    mov eax, edi
    mov edx, esi
    call func_4
    cmp eax, [esp + 50h + var_28]
    jge loc_10001C18
    mov eax, edi
    cmp eax, 500h
    jl short loc_10001B05
    cmp ebx, 2
    jz loc_10001C18

loc_10001B05:
    cmp eax, 7D00h
    jl short loc_10001B15
    cmp ebx, 3
    jz loc_10001C18

loc_10001B15:
    mov eax, [esp + 50h + var_40]
    mov edi, [ebp + length]
    sub edi, eax
    inc eax
    lea edx, [edi-1]
    push edx
    push eax
    mov eax, [esi]
    inc eax
    push eax
    lea ecx, [esp + 5Ch + var_8]
    push ecx
    mov [esp + 60h + var_28], edi
    call func_2
    mov eax, [esp + 50h + var_40]
    inc eax
    push ebx
    mov [esp + 54h + var_2C], eax
    push esi
    lea ecx, [esp + 58h + var_8]
    lea eax, [esp + 58h + var_20]
    call func_3
    mov [esp + 50h + var_34], eax
    test ebx, ebx
    jnz short loc_10001B99
    mov ecx, [esp + 50h + var_8]
    cmp ecx, [esp + 50h + var_20]
    jge short loc_10001B99
    mov eax, [esp + 50h + var_4]
    mov edx, esi
    call func_4
    mov edx, [esp + 50h + var_40]
    mov edi, eax
    mov eax, [esi]
    push 1
    push edx
    call func_5
    mov ecx, [esp + 58h + var_20]
    lea edi, [edi + eax + 1]
    mov eax, [esp + 58h + var_1C]
    add esp, 8
    mov edx, esi
    call func_4
    cmp edi, eax
    mov edi, [esp + 50h + var_28]
    jg short loc_10001BA4

loc_10001B99:
    cmp dword[esp + 50h + var_34], 0
    jnz loc_10001E14

loc_10001BA4:
    cmp dword[esp + 50h + var_20], 2
    jle short loc_10001C18
    mov ecx, [esp + 50h + var_40]
    mov edx, [esi]
    lea eax, [edi-2]
    push eax
    add ecx, 2
    push ecx
    add edx, 2
    push edx
    lea eax, [esp + 5Ch + var_10]
    push eax
    call func_2
    push ebx
    push esi
    lea ecx, [esp + 58h + var_10]
    lea eax, [esp + 58h + var_20]
    call func_6
    test eax, eax
    jnz loc_10001E14
    cmp dword[esp + 50h + var_20], 3
    jle short loc_10001C18
    mov ecx, [esp + 50h + var_40]
    mov edx, [esi]
    add edi, 0FFFFFFFDh
    push edi
    add ecx, 3
    push ecx
    add edx, 3
    push edx
    lea eax, [esp + 5Ch + var_10]
    push eax
    call func_2
    push ebx
    push esi
    lea ecx, [esp + 58h + var_10]
    lea eax, [esp + 58h + var_20]
    call func_6
    test eax, eax
    jnz loc_10001E14

loc_10001C18:
    test ebx, ebx
    jz loc_10001D5E
    cmp ebx, 1
    jbe loc_10001D41
    mov edi, [esp + 50h + var_40]
    mov eax, ebx
    sub eax, edi
    add eax, [ebp + length]
    cmp eax, ebx
    jbe short loc_10001C3A
    mov eax, ebx

loc_10001C3A:
    push eax
    mov eax, [esp + 54h + var_3C]
    sub edi, ebx
    push edi
    push eax
    lea ecx, [esp + 5Ch + var_10]
    push ecx
    mov [esp + 60h + var_38], edi
    call func_2
    cmp [esp + 50h + var_10], ebx
    jb short loc_10001C8B
    mov eax, [esp + 50h + var_C]
    mov ecx, ebx
    mov edx, esi
    call func_4
    mov edi, eax
    mov eax, [esp + 50h + var_14]
    mov ecx, ebx
    mov edx, esi
    call func_4
    cmp eax, edi
    mov edi, [esp + 50h + var_38]
    jle short loc_10001C8B
    mov edx, [esp + 50h + var_C]
    mov eax, [esp + 50h + var_10]
    mov [esp + 50h + var_14], edx
    mov [esp + 50h + var_18], eax

loc_10001C8B:
    mov eax, [esp + 50h + var_3C]
    push ebx
    push edi
    call func_5
    mov [esp + 58h + var_28], eax
    mov eax, [esp + 58h + var_14]
    add esp, 8
    mov ecx, ebx
    mov edx, esi
    call func_4
    mov edi, eax
    cmp edi, [esp + 50h + var_28]
    jge short loc_10001D22
    mov ecx, [esp + 50h + var_1C]
    cmp ecx, [esi + 424h]
    jnz short loc_10001CEB
    mov eax, ecx
    mov ecx, [esp + 50h + var_20]
    inc eax
    mov edx, esi
    call func_4
    mov ecx, [esp + 50h + var_20]
    add eax, edi
    mov [esp + 50h + var_34], eax
    mov eax, [esp + 50h + var_1C]
    mov edx, esi
    call func_4
    add eax, [esp + 50h + var_28]
    cmp eax, [esp + 50h + var_34]
    jle short loc_10001D22

loc_10001CEB:
    mov eax, [esp + 50h + var_14]
    cmp eax, [esi + 424h]
    jnz short loc_10001D00
    cmp dword [esi + 428h], 0
    jz short loc_10001D18

loc_10001D00:
    cmp eax, 500h
    jl short loc_10001D0C
    cmp ebx, 2
    jz short loc_10001D22

loc_10001D0C:
    cmp eax, 7D00h
    jl short loc_10001D18
    cmp ebx, 3
    jz short loc_10001D22

loc_10001D18:
    push ebx
    mov ebx, eax
    call func_8
    jmp short loc_10001D52

loc_10001D22:
    mov edx, [esp + 50h + var_40]
    mov edi, [esp + 50h + var_3C]
    sub edx, ebx
    push edx
    mov eax, esi
    call func_7
    inc dword[esp + 50h + var_3C]
    dec ebx
    jnz short loc_10001D22
    mov [esp + 50h + var_38], ebx
    jmp short loc_10001D5E

loc_10001D41:
    mov eax, [esp + 50h + var_40]
    mov edi, [esp + 50h + var_3C]
    dec eax
    push eax
    mov eax, esi
    call func_7

loc_10001D52:
    mov dword[esp + 50h + var_38], 0
    mov ebx, [esp + 50h + var_38]

loc_10001D5E:
    mov eax, [esp + 50h + var_20]
    cmp eax, 3
    jg loc_10001DEE
    mov ecx, [esp + 50h + var_40]
    push eax
    mov eax, [esi]
    push ecx
    call func_5
    mov ecx, [esp + 58h + var_20]
    mov edi, eax
    mov eax, [esp + 58h + var_1C]
    add esp, 8
    mov edx, esi
    call func_4
    cmp eax, edi
    jg short loc_10001DBA
    mov eax, [esp + 50h + var_1C]
    cmp eax, [esi + 424h]
    jnz short loc_10001DA5
    cmp dword [esi + 428h], 0
    jz short loc_10001DEE

loc_10001DA5:
    cmp eax, 500h
    jl short loc_10001DB3
    cmp dword[esp + 50h + var_20], 2
    jz short loc_10001DBA

loc_10001DB3:
    cmp eax, 7D00h
    jl short loc_10001DEE

loc_10001DBA:
    mov eax, [esp + 50h + var_20]
    mov [esp + 50h + var_34], eax
    test eax, eax
    jz short loc_10001DDC

loc_10001DC6:
    mov edx, [esp + 50h + var_40]
    mov edi, [esi]
    push edx
    mov eax, esi
    call func_7
    inc dword [esi]
    dec dword[esp + 50h + var_34]
    jnz short loc_10001DC6

loc_10001DDC:
    mov eax, [esp + 50h + var_40]
    mov ecx, [esp + 50h + var_20]
    lea edx, [eax + ecx-1]
    mov [esp + 50h + var_40], edx
    jmp short loc_10001E50

loc_10001DEE:
    mov eax, [esp + 50h + var_20]
    mov ebx, [esp + 50h + var_1C]
    push eax
    call func_8
    mov eax, [esp + 50h + var_20]
    mov ecx, [esp + 50h + var_40]
    add [esi], eax
    mov ebx, [esp + 50h + var_38]
    lea edx, [ecx + eax-1]
    mov [esp + 50h + var_40], edx
    jmp short loc_10001E50

loc_10001E14:
    test ebx, ebx
    jnz short loc_10001E2E
    mov eax, [esp + 50h + var_20]
    mov ecx, [esp + 50h + var_1C]
    mov edx, [esi]
    mov [esp + 50h + var_18], eax
    mov [esp + 50h + var_14], ecx
    mov [esp + 50h + var_3C], edx

loc_10001E2E:
    inc ebx
    mov [esp + 50h + var_38], ebx
    jmp short loc_10001E4E

loc_10001E35:
    test ebx, ebx
    jz short loc_10001E40
    inc ebx
    mov [esp + 50h + var_38], ebx
    jmp short loc_10001E4E

loc_10001E40:
    mov eax, [esp + 50h + var_40]
    mov edi, [esi]
    push eax
    mov eax, esi
    call func_7

loc_10001E4E:
    inc dword [esi]

loc_10001E50:
    test ebx, ebx
    jz loc_10001F4D
    cmp ebx, [esp + 50h + var_18]
    jnz loc_10001F4D
    mov edi, [esp + 50h + var_40]
    mov eax, ebx
    sub eax, edi
    add eax, [ebp + length]
    cmp eax, ebx
    jbe short loc_10001E73
    mov eax, ebx

loc_10001E73:
    push eax
    mov eax, [esp + 54h + var_3C]
    sub edi, ebx
    push edi
    push eax
    lea ecx, [esp + 5Ch + var_10]
    push ecx
    mov [esp + 60h + var_38], edi
    call func_2
    cmp [esp + 50h + var_10], ebx
    jb short loc_10001EC4
    mov eax, [esp + 50h + var_C]
    mov ecx, ebx
    mov edx, esi
    call func_4
    mov edi, eax
    mov eax, [esp + 50h + var_14]
    mov ecx, ebx
    mov edx, esi
    call func_4
    cmp eax, edi
    mov edi, [esp + 50h + var_38]
    jle short loc_10001EC4
    mov edx, [esp + 50h + var_C]
    mov eax, [esp + 50h + var_10]
    mov [esp + 50h + var_14], edx
    mov [esp + 50h + var_18], eax

loc_10001EC4:
    mov eax, [esp + 50h + var_3C]
    push ebx
    push edi
    call func_5
    mov edi, eax
    mov eax, [esp + 58h + var_14]
    add esp, 8
    mov ecx, ebx
    mov edx, esi
    call func_4
    cmp eax, edi
    jge short loc_10001F30
    mov eax, [esp + 50h + var_14]
    cmp eax, [esi + 424h]
    jnz short loc_10001EFA
    cmp dword [esi + 428h], 0
    jz short loc_10001F12

loc_10001EFA:
    cmp eax, 500h
    jl short loc_10001F06
    cmp ebx, 2
    jz short loc_10001F30

loc_10001F06:
    cmp eax, 7D00h
    jl short loc_10001F12
    cmp ebx, 3
    jz short loc_10001F30

loc_10001F12:
    push ebx
    mov ebx, eax
    call func_8
    mov dword[esp + 50h + var_38], 0
    mov ebx, [esp + 50h + var_38]
    jmp short loc_10001F4D
    jmp short loc_10001F30
    align 10h

loc_10001F30:
    mov ecx, [esp + 50h + var_40]
    mov edi, [esp + 50h + var_3C]
    sub ecx, ebx
    push ecx
    mov eax, esi
    call func_7
    inc dword[esp + 50h + var_3C]
    dec ebx
    jnz short loc_10001F30
    mov [esp + 50h + var_38], ebx

loc_10001F4D:
    mov eax, [esp + 50h + var_40]
    inc eax
    mov [esp + 50h + var_40], eax
    cmp eax, [esp + 50h + var_24]
    jb loc_10001A30
    test ebx, ebx
    jz loc_10001FFC
    cmp ebx, 1
    jbe short loc_10001FEB
    mov edx, eax
    mov eax, [esp + 50h + var_3C]
    sub edx, ebx
    push ebx
    push edx
    call func_5
    mov edi, eax
    mov eax, [esp + 58h + var_14]
    add esp, 8
    mov ecx, ebx
    mov edx, esi
    call func_4
    cmp eax, edi
    jg short loc_10001FD0
    mov eax, [esp + 50h + var_14]
    cmp eax, [esi + 424h]
    jnz short loc_10001FA7
    cmp dword [esi + 428h], 0
    jz short loc_10001FBF

loc_10001FA7:
    cmp eax, 500h
    jl short loc_10001FB3
    cmp ebx, 2
    jz short loc_10001FD0

loc_10001FB3:
    cmp eax, 7D00h
    jl short loc_10001FBF
    cmp ebx, 3
    jz short loc_10001FD0

loc_10001FBF:
    push ebx
    mov ebx, eax
    call func_8
    jmp short loc_10001FFC
    align 10h

loc_10001FD0:
    mov eax, [esp + 50h + var_40]
    mov edi, [esp + 50h + var_3C]
    sub eax, ebx
    push eax
    mov eax, esi
    call func_7
    inc dword[esp + 50h + var_3C]
    dec ebx
    jnz short loc_10001FD0
    jmp short loc_10001FFC

loc_10001FEB:
    mov ecx, [esp + 50h + var_40]
    mov edi, [esp + 50h + var_3C]
    dec ecx
    push ecx
    mov eax, esi
    call func_7

loc_10001FFC:
    mov edx, [ebp + length]
    cmp [esp + 50h + var_40], edx
    jnb short loc_10002022
    mov ebx, [esp + 50h + var_40]
    lea esp, [esp + 0]

loc_10002010:
    mov edi, [esi]
    push ebx
    mov eax, esi
    call func_7
    inc dword [esi]
    inc ebx
    cmp ebx, [ebp + length]
    jb loc_10002010

loc_10002022:
    or edi, -1
    add [esi + 0Ch], edi
    lea ecx, [edi + 9]
    jnz short loc_1000203A
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], ecx
    mov [esi + 4], eax

loc_1000203A:
    mov eax, [esi + 8]
    mov dl, [eax]
    add dl, dl
    inc dl
    add [esi + 0Ch], edi
    mov [eax], dl
    jnz short loc_10002057
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], ecx
    mov [esi + 4], eax

loc_10002057:
    mov eax, [esi + 8]
    mov dl, [eax]
    add dl, dl
    inc dl
    add [esi + 0Ch], edi
    mov [eax], dl
    jnz short loc_10002074
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], ecx
    mov [esi + 4], eax

loc_10002074:
    mov eax, [esi + 8]
    mov ecx, [esi + 4]
    shl byte [eax], 1
    mov byte [ecx], 0
    lea edx, [ecx + 1]
    mov ecx, [esi + 0Ch]
    dec ecx
    shl byte [eax], cl
    mov eax, [ebp + callback]
    mov [esi + 4], edx
    test eax, eax
    jz short loc_100020B5
    sub edx, [ebp + destination]
    mov ecx, [ebp + cbparam]
    push ecx
    mov ecx, [ebp + length]
    push edx
    mov edx, [esi]
    sub edx, [ebp + source]
    push edx
    push ecx
    call eax
    test eax, eax
    jnz short loc_100020B5
    mov eax, edi
    pop edi
    pop esi
    pop ebx
    mov esp, ebp
    pop ebp
    retn 14h

loc_100020B5:
    mov eax, [esi + 4]
    sub eax, [ebp + destination]
    pop edi
    pop esi
    pop ebx
    mov esp, ebp
    pop ebp
    retn 14h
    endp


proc func_2
    var_14 = -14h
    var_10 = -10h
    var_C = -0Ch
    var_8 = -8
    var_4 = -4
    arg_0 = 4
    arg_4 = 8
    arg_8 = 0Ch
    arg_C = 10h

    sub esp, 14h
    xor eax, eax
    push ebx
    mov [esp + 18h + var_14], eax
    mov [esp + 18h + var_10], eax
    mov eax, [esi + 418h]
    push ebp
    push edi
    cmp eax, [esp + 20h + arg_4]
    jnb short loc_10001759
    mov ecx, [esi + 414h]
    mov edi, [esi + 41Ch]
    lea edx, [ecx + 16800h]
    mov [esp + 20h + var_C], edx

loc_100016F2:
    cmp [esp + 20h + var_C], ecx
    jbe short loc_10001708
    mov edx, ecx
    sub edx, edi
    cmp ecx, edi
    ja short loc_1000170A
    add edx, 16800h
    jmp short loc_1000170A

loc_10001708:
    xor edx, edx

loc_1000170A:
    movzx ebx, byte [eax]
    movzx ebp, byte [eax + 1]
    mov ebx, [esi + ebx*4 + 14h]
    mov ebp, [ebx + ebp*4]
    mov ebx, [esi + 10h]
    inc dword[esp + 20h + var_C]
    mov [ebx + edx*4], ebp
    movzx edx, byte [eax]
    mov edx, [esi + edx*4 + 14h]
    movzx ebx, byte [eax + 1]
    mov [edx + ebx*4], ecx
    inc ecx
    mov edx, ecx
    inc eax
    sub edx, edi
    mov [esi + 414h], ecx
    mov [esi + 418h], eax
    cmp edx, 16800h
    jbe short loc_10001753
    lea edi, [ecx-1]
    mov [esi + 41Ch], edi

loc_10001753:
    cmp eax, [esp + 20h + arg_4]
    jb short loc_100016F2

loc_10001759:
    mov eax, [esp + 20h + arg_C]
    mov ebx, 16700h
    cmp eax, ebx
    jbe short loc_1000176C
    mov [esp + 20h + arg_C], ebx
    jmp short loc_10001775

loc_1000176C:
    cmp eax, 1
    jbe loc_10001936

loc_10001775:
    mov ebp, [esp + 20h + arg_4]
    movzx eax, byte [ebp + 0]
    movzx ecx, byte [ebp + 1]
    mov edx, [esi + eax*4 + 14h]
    mov edi, [edx + ecx*4]
    test edi, edi
    jz loc_10001936
    mov edx, [esi + 420h]
    lea ecx, [edx + edi]
    mov dword[esp + 20h + var_8], 800h
    cmp ecx, ebp
    jb short loc_100017DE

loc_100017A5:
    test edi, edi
    jz short loc_100017DE
    lea eax, [edi + 16800h]
    cmp eax, [esi + 414h]
    jbe short loc_100017CF
    mov eax, [esi + 41Ch]
    cmp edi, eax
    jbe short loc_100017C5
    sub edi, eax
    jmp short loc_100017D1

loc_100017C5:
    sub edi, eax
    add edi, 16800h
    jmp short loc_100017D1

loc_100017CF:
    xor edi, edi

loc_100017D1:
    mov ecx, [esi + 10h]
    mov edi, [ecx + edi*4]
    lea ecx, [edx + edi]
    cmp ecx, ebp
    jnb short loc_100017A5

loc_100017DE:
    cmp [esp + 20h + arg_8], ebx
    jbe short loc_100017E8
    mov [esp + 20h + arg_8], ebx

loc_100017E8:
    test edi, edi
    jz loc_10001936
    jmp short loc_100017F6

loc_100017F2:
    mov ebp, [esp + 20h + arg_4]

loc_100017F6:
    mov eax, ebp
    sub eax, ecx
    mov [esp + 20h + var_C], eax
    cmp eax, [esp + 20h + arg_8]
    ja loc_10001936
    mov eax, [esp + 20h + var_14]
    mov dl, [ecx + eax]
    cmp dl, [eax + ebp]
    mov edx, [esp + 20h + var_C]
    mov ebx, 2
    jz short loc_10001829
    cmp edx, [esi + 424h]
    jnz loc_100018E8

loc_10001829:
    mov eax, [esp + 20h + arg_C]
    cmp eax, 2
    jbe short loc_10001851
    lea edx, [ebp + 2]
    mov ebp, ecx
    sub ebp, [esp + 20h + arg_4]
    jmp short loc_10001840
    align 10h

loc_10001840:
    mov cl, [edx + ebp]
    cmp cl, [edx]
    jnz short loc_1000184D
    inc ebx
    inc edx
    cmp ebx, eax
    jb short loc_10001840

loc_1000184D:
    mov edx, [esp + 20h + var_C]

loc_10001851:
    cmp ebx, eax
    jz loc_1000192E
    mov ebp, [esp + 20h + var_14]
    cmp ebx, ebp
    jbe short loc_1000189C
    mov eax, edx
    mov ecx, ebx
    mov edx, esi
    call func_4
    mov ecx, [esp + 20h + var_14]
    mov ebp, eax
    mov eax, [esp + 20h + var_10]
    mov edx, esi
    call func_4
    sub ebp, eax
    add ebp, ebp
    mov eax, 4EC4EC4Fh
    imul ebp
    sar edx, 2
    mov eax, edx
    shr eax, 1Fh
    add eax, edx
    add eax, [esp + 20h + var_14]
    cmp ebx, eax
    jbe short loc_100018E8
    jmp short loc_100018DC

loc_1000189C:
    cmp edx, [esi + 424h]
    jnz short loc_100018E8
    mov eax, edx
    mov ecx, ebx
    mov edx, esi
    call func_4
    mov [esp + 20h + var_4], eax
    mov eax, [esp + 20h + var_10]
    mov ecx, ebp
    mov edx, esi
    call func_4
    mov ecx, eax
    sub ecx, [esp + 20h + var_4]
    mov eax, 2AAAAAABh
    imul ecx
    mov eax, edx
    shr eax, 1Fh
    add eax, edx
    add eax, ebx
    cmp eax, [esp + 20h + var_14]
    jb short loc_100018E8

loc_100018DC:
    mov ecx, [esp + 20h + var_C]
    mov [esp + 20h + var_14], ebx
    mov [esp + 20h + var_10], ecx

loc_100018E8:
    lea edx, [edi + 16800h]
    cmp edx, [esi + 414h]
    jbe short loc_1000190E
    mov eax, [esi + 41Ch]
    cmp edi, eax
    jbe short loc_10001904
    sub edi, eax
    jmp short loc_10001910

loc_10001904:
    sub edi, eax
    add edi, 16800h
    jmp short loc_10001910

loc_1000190E:
    xor edi, edi

loc_10001910:
    mov eax, [esi + 10h]
    mov edi, [eax + edi*4]
    mov ecx, [esi + 420h]
    add ecx, edi
    dec dword[esp + 20h + var_8]
    jz short loc_10001936
    test edi, edi
    jnz loc_100017F2
    jmp short loc_10001936

loc_1000192E:
    mov [esp + 20h + var_10], edx
    mov [esp + 20h + var_14], ebx

loc_10001936:
    mov eax, [esp + 20h + arg_0]
    mov ecx, [esp + 20h + var_14]
    mov edx, [esp + 20h + var_10]
    pop edi
    pop ebp
    mov [eax], ecx
    mov [eax + 4], edx
    pop ebx
    add esp, 14h
    retn 10h
endp


proc func_3
    var_4 = -4
    arg_0 = 4
    arg_4 = 8

    push ecx
    mov edx, [esp + 4 + arg_0]
    push ebx
    mov ebx, [eax]
    push ebp
    push esi
    mov esi, [eax + 4]
    push edi
    mov edi, ecx
    mov ecx, ebx
    mov eax, esi
    call func_4
    mov ebp, [edi]
    mov edi, [edi + 4]
    mov edx, [esp + 14h + arg_0]
    mov [esp + 14h + var_4], eax
    mov ecx, ebp
    mov eax, edi
    call func_4
    mov ecx, eax
    mov dword[esp + 14h + arg_0], 0
    cmp edi, esi
    jl short loc_100021B2
    mov edx, [esp + 14h + var_4]
    sub edx, ecx
    add edx, edx
    mov eax, 38E38E39h
    imul edx
    sar edx, 1
    mov eax, edx
    shr eax, 1Fh
    add eax, edx
    add eax, ebp
    cmp ebx, eax
    jge short loc_100021CF
    mov eax, 1
    jmp short loc_100021D3

loc_100021B2:
    mov eax, [esp + 14h + var_4]
    sub eax, ecx
    cdq
    and edx, 3
    add eax, edx
    sar eax, 2
    add eax, ebp
    cmp ebx, eax
    jge short loc_100021CF
    mov dword[esp + 14h + arg_0], 1

loc_100021CF:
    mov eax, [esp + 14h + arg_0]

loc_100021D3:
    cmp dword[esp + 14h + arg_4], 0
    jbe short loc_100021E9
    cmp ebp, ebx
    jl short loc_100021E9
    cmp ecx, [esp + 14h + var_4]
    jge short loc_100021E9
    mov eax, 1

loc_100021E9:
    pop edi
    pop esi
    pop ebp
    pop ebx
    pop ecx
    retn 8
endp


proc func_4
    cmp eax, 80h
    jnb short loc_1000137F
    cmp ecx, 4
    jnb short loc_1000137F
    cmp eax, [edx + 424h]
    jz short loc_100013EC
    neg eax
    sbb eax, eax
    and eax, 6
    add eax, 5
    retn

loc_1000137F:
    cmp eax, [edx + 424h]
    jz short loc_100013EC
    cmp eax, 80h
    jnb short loc_10001393
    sub ecx, 2
    jmp short loc_100013A3

loc_10001393:
    cmp eax, 500h
    jb short loc_100013A3
    dec ecx
    cmp eax, 7D00h
    jb short loc_100013A3
    dec ecx

loc_100013A3:
    shr eax, 8
    add eax, 3
    cmp eax, 2
    jge short loc_100013B5
    mov edx, 64h
    jmp short loc_100013C7

loc_100013B5:
    xor edx, edx
    shr eax, 1
    jz short loc_100013C7
    jmp short loc_100013C0
    align 10h

loc_100013C0:
    add edx, 2
    shr eax, 1
    jnz short loc_100013C0

loc_100013C7:
    cmp ecx, 2
    jge short loc_100013D6
    mov eax, 64h
    lea eax, [eax + edx + 0Ah]
    retn

loc_100013D6:
    xor eax, eax
    shr ecx, 1
    jz short loc_100013E7
    lea esp, [esp + 0]

loc_100013E0:
    add eax, 2
    shr ecx, 1
    jnz short loc_100013E0

loc_100013E7:
    lea eax, [eax + edx + 0Ah]
    retn

loc_100013EC:
    cmp ecx, 2
    jge short loc_100013FA
    mov eax, 64h
    add eax, 4
    retn

loc_100013FA:
    xor eax, eax
    shr ecx, 1
    jz short loc_10001407

loc_10001400:
    add eax, 2
    shr ecx, 1
    jnz short loc_10001400

loc_10001407:
    add eax, 4
    retn
endp


proc func_5
    arg_0 = 4
    arg_4 = 8

    push ebx
    push ebp
    mov ebp, [esp + 8 + arg_0]
    push esi
    push edi
    mov edi, eax
    xor eax, eax
    cmp ebp, 0Fh
    jbe short loc_100010D6
    mov ebp, 0Fh

loc_100010D6:
    mov esi, edi
    sub esi, ebp
    lea ebx, [ebx + 0]

loc_100010E0:
    mov bl, [edi]
    test bl, bl
    jz short loc_10001105
    mov ecx, ebp
    mov edx, esi
    lea ebx, [ebx + 0]

loc_100010F0:
    cmp [edx], bl
    jz short loc_100010F8
    inc edx
    dec ecx
    jnz short loc_100010F0

loc_100010F8:
    xor edx, edx
    test ecx, ecx
    setz dl
    lea eax, [eax + edx*2 + 7]
    jmp short loc_10001108

loc_10001105:
    add eax, 7

loc_10001108:
    inc edi
    inc esi
    dec dword[esp + 10h + arg_4]
    jnz short loc_100010E0
    pop edi
    pop esi
    pop ebp
    pop ebx
    retn
endp


proc func_6
    var_4 = -4
    arg_0 = 4
    arg_4 = 8

    push ecx
    mov edx, [esp + 4 + arg_0]
    push ebx
    mov ebx, [eax]
    push ebp
    push esi
    mov esi, [eax + 4]
    push edi
    mov edi, ecx
    mov ecx, ebx
    mov eax, esi
    call func_4
    mov ebp, [edi]
    mov edi, [edi + 4]
    mov edx, [esp + 14h + arg_0]
    mov [esp + 14h + var_4], eax
    mov ecx, ebp
    mov eax, edi
    call func_4
    mov ecx, eax
    mov dword[esp + 14h + arg_0], 0
    cmp edi, esi
    jl short loc_10002259
    mov eax, [esp + 14h + var_4]
    sub eax, ecx
    cdq
    and edx, 3
    add eax, edx
    sar eax, 2
    add eax, ebp
    cmp ebx, eax
    jge short loc_1000227F
    mov eax, 1
    jmp short loc_10002283

loc_10002259:
    mov edx, [esp + 14h + var_4]
    sub edx, ecx
    add edx, edx
    mov eax, 2E8BA2E9h
    imul edx
    sar edx, 1
    mov eax, edx
    shr eax, 1Fh
    add eax, edx
    add eax, ebp
    cmp ebx, eax
    jge short loc_1000227F
    mov dword[esp + 14h + arg_0], 1

loc_1000227F:
    mov eax, [esp + 14h + arg_0]

loc_10002283:
    cmp dword[esp + 14h + arg_4], 0
    jbe short loc_10002299
    cmp ebp, ebx
    jl short loc_10002299
    cmp ecx, [esp + 14h + var_4]
    jge short loc_10002299
    mov eax, 1

loc_10002299:
    pop edi
    pop esi
    pop ebp
    pop ebx
    pop ecx
    retn 8
endp


proc func_7
    arg_0 = 4

    mov dl, [edi]
    push ebx
    push esi
    mov esi, [esp + 8 + arg_0]
    mov dword [eax + 428h], 0
    test dl, dl
    jz loc_10001295
    cmp esi, 0Fh
    jbe short loc_10001148
    mov esi, 0Fh
    mov [esp + 8 + arg_0], esi

loc_10001148:
    mov ecx, edi
    sub ecx, esi
    lea esp, [esp + 0]

loc_10001150:
    cmp [ecx], dl
    jz short loc_1000118D
    mov esi, [esp + 8 + arg_0]
    dec esi
    inc ecx
    mov [esp + 8 + arg_0], esi
    test esi, esi
    jnz short loc_10001150

loc_10001162:
    dec dword [eax + 0Ch]
    jnz short loc_10001178
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov dword [eax + 0Ch], 8
    mov [eax + 4], ecx

loc_10001178:
    mov ecx, [eax + 8]
    shl byte [ecx], 1
    mov ecx, [eax + 4]
    mov dl, [edi]
    mov [ecx], dl
    inc ecx
    pop esi
    mov [eax + 4], ecx
    pop ebx
    retn 4

loc_1000118D:
    cmp dword[esp + 8 + arg_0], 0
    jz short loc_10001162
    or esi, -1
    add [eax + 0Ch], esi
    lea edx, [esi + 9]
    jnz short loc_100011AC
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_100011AC:
    mov ecx, [eax + 8]
    mov bl, [ecx]
    add bl, bl
    inc bl
    add [eax + 0Ch], esi
    mov [ecx], bl
    jnz short loc_100011C9
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_100011C9:
    mov ecx, [eax + 8]
    mov bl, [ecx]
    add bl, bl
    inc bl
    add [eax + 0Ch], esi
    mov [ecx], bl
    jnz short loc_100011E6
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_100011E6:
    mov ecx, [eax + 8]
    mov bl, [ecx]
    add bl, bl
    inc bl
    add [eax + 0Ch], esi
    mov [ecx], bl
    jnz short loc_10001203
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_10001203:
    mov ecx, [eax + 8]
    test byte [esp + 8 + arg_0], dl
    jz short loc_10001216
    mov bl, [ecx]
    add bl, bl
    inc bl
    mov [ecx], bl
    jmp short loc_10001218

loc_10001216:
    shl byte [ecx], 1

loc_10001218:
    add [eax + 0Ch], esi
    jnz short loc_1000122A
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_1000122A:
    test byte [esp + 8 + arg_0], 4
    mov ecx, [eax + 8]
    jz short loc_1000123E
    mov bl, [ecx]
    add bl, bl
    inc bl
    mov [ecx], bl
    jmp short loc_10001240

loc_1000123E:
    shl byte [ecx], 1

loc_10001240:
    add [eax + 0Ch], esi
    jnz short loc_10001252
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_10001252:
    test byte [esp + 8 + arg_0], 2
    mov ecx, [eax + 8]
    jz short loc_10001266
    mov bl, [ecx]
    add bl, bl
    inc bl
    mov [ecx], bl
    jmp short loc_10001268

loc_10001266:
    shl byte [ecx], 1

loc_10001268:
    add [eax + 0Ch], esi
    jnz short loc_1000127A
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_1000127A:
    test byte [esp + 8 + arg_0], 1
    mov eax, [eax + 8]
    jz loc_1000134C
    mov cl, [eax]
    add cl, cl
    inc cl
    pop esi
    mov [eax], cl
    pop ebx
    retn 4

loc_10001295:
    or esi, -1
    add [eax + 0Ch], esi
    lea edx, [esi + 9]
    jnz short loc_100012AD
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_100012AD:
    mov ecx, [eax + 8]
    mov bl, [ecx]
    add bl, bl
    inc bl
    add [eax + 0Ch], esi
    mov [ecx], bl
    jnz short loc_100012CA
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_100012CA:
    mov ecx, [eax + 8]
    mov bl, [ecx]
    add bl, bl
    inc bl
    add [eax + 0Ch], esi
    mov [ecx], bl
    jnz short loc_100012E7
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_100012E7:
    mov ecx, [eax + 8]
    mov bl, [ecx]
    add bl, bl
    inc bl
    add [eax + 0Ch], esi
    mov [ecx], bl
    jnz short loc_10001304
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_10001304:
    mov ecx, [eax + 8]
    shl byte [ecx], 1
    add [eax + 0Ch], esi
    jnz short loc_1000131B
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_1000131B:
    mov ecx, [eax + 8]
    shl byte [ecx], 1
    add [eax + 0Ch], esi
    jnz short loc_10001332
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_10001332:
    mov ecx, [eax + 8]
    shl byte [ecx], 1
    add [eax + 0Ch], esi
    jnz short loc_10001349
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov [eax + 0Ch], edx
    mov [eax + 4], ecx

loc_10001349:
    mov eax, [eax + 8]

loc_1000134C:
    shl byte [eax], 1
    pop esi
    pop ebx
    retn 4
endp


proc func_8
    arg_0 = 4

    cmp dword [esi + 428h], 0
    push ebp
    push edi
    jz loc_1000153D
    cmp ebx, 80h
    jnb short loc_100014A4
    mov ecx, [esp + 8 + arg_0]
    cmp ecx, 4
    jnb short loc_100014A4
    or ebp, -1
    add [esi + 0Ch], ebp
    lea edx, [ebp + 9]
    jnz short loc_10001448
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_10001448:
    mov edi, [esi + 8]
    mov al, [edi]
    add al, al
    inc al
    add [esi + 0Ch], ebp
    mov [edi], al
    jnz short loc_10001465
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_10001465:
    mov edi, [esi + 8]
    mov al, [edi]
    add al, al
    inc al
    add [esi + 0Ch], ebp
    mov [edi], al
    jnz short loc_10001482
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_10001482:
    mov edi, [esi + 4]
    mov eax, [esi + 8]
    shl byte [eax], 1
    mov dl, bl
    and cl, 1
    add dl, dl
    or cl, dl
    mov [edi], cl
    inc edi
    mov [esi + 4], edi
    pop edi
    mov [esi + 424h], ebx
    pop ebp
    retn 4

loc_100014A4:
    or ebp, -1
    add [esi + 0Ch], ebp
    lea edx, [ebp + 9]
    jnz short loc_100014BC
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_100014BC:
    mov eax, [esi + 8]
    mov cl, [eax]
    add cl, cl
    inc cl
    add [esi + 0Ch], ebp
    mov [eax], cl
    jnz short loc_100014D9
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_100014D9:
    mov eax, [esi + 8]
    shl byte [eax], 1
    mov ecx, ebx
    shr ecx, 8
    add ecx, 2
    mov eax, esi
    call func_9
    mov eax, [esi + 4]
    mov [eax], bl
    inc eax
    mov [esi + 4], eax
    mov [esi + 424h], ebx
    cmp ebx, 80h
    jb loc_10001642
    cmp ebx, 500h
    jb loc_100016AD
    mov eax, 1
    sub [esp + 8 + arg_0], eax
    cmp ebx, 7D00h
    jb loc_100016AD
    sub [esp + 8 + arg_0], eax
    mov ecx, [esp + 8 + arg_0]
    mov eax, esi
    call func_9
    pop edi
    pop ebp
    retn 4

loc_1000153D:
    mov edi, 1
    mov [esi + 428h], edi
    cmp ebx, 80h
    jnb loc_100015DA
    cmp dword[esp + 8 + arg_0], 4
    jnb short loc_100015DA
    cmp ebx, [esi + 424h]
    jz short loc_100015DA
    or ebp, -1
    add [esi + 0Ch], ebp
    lea edx, [edi + 7]
    jnz short loc_1000157B
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_1000157B:
    mov eax, [esi + 8]
    mov cl, [eax]
    add cl, cl
    inc cl
    add [esi + 0Ch], ebp
    mov [eax], cl
    jnz short loc_10001598
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_10001598:
    mov eax, [esi + 8]
    mov cl, [eax]
    add cl, cl
    inc cl
    add [esi + 0Ch], ebp
    mov [eax], cl
    jnz short loc_100015B5
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_100015B5:
    mov eax, [esi + 8]
    shl byte [eax], 1
    mov al, byte [esp + 8 + arg_0]
    mov edi, [esi + 4]
    mov dl, bl
    and al, 1
    add dl, dl
    or al, dl
    mov [edi], al
    inc edi
    mov [esi + 4], edi
    pop edi
    mov [esi + 424h], ebx
    pop ebp
    retn 4

loc_100015DA:
    or ebp, -1
    add [esi + 0Ch], ebp
    lea edx, [ebp + 9]
    jnz short loc_100015F2
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_100015F2:
    mov eax, [esi + 8]
    mov cl, [eax]
    add cl, cl
    inc cl
    add [esi + 0Ch], ebp
    mov [eax], cl
    jnz short loc_1000160F
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_1000160F:
    mov eax, [esi + 8]
    shl byte [eax], 1
    cmp ebx, [esi + 424h]
    jz short loc_1000167F
    mov ecx, ebx
    shr ecx, 8
    add ecx, 3
    mov eax, esi
    call func_9
    mov eax, [esi + 4]
    mov [eax], bl
    inc eax
    mov [esi + 4], eax
    mov [esi + 424h], ebx
    cmp ebx, 80h
    jnb short loc_10001657

loc_10001642:
    sub dword[esp + 8 + arg_0], 2
    mov ecx, [esp + 8 + arg_0]
    mov eax, esi
    call func_9
    pop edi
    pop ebp
    retn 4

loc_10001657:
    cmp ebx, 500h
    jb short loc_100016AD
    sub [esp + 8 + arg_0], edi
    cmp ebx, 7D00h
    jb short loc_100016AD
    sub [esp + 8 + arg_0], edi
    mov ecx, [esp + 8 + arg_0]
    mov eax, esi
    call func_9
    pop edi
    pop ebp
    retn 4

loc_1000167F:
    add [esi + 0Ch], ebp
    jnz short loc_10001691
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_10001691:
    mov eax, [esi + 8]
    shl byte [eax], 1
    add [esi + 0Ch], ebp
    jnz short loc_100016A8
    mov eax, [esi + 4]
    mov [esi + 8], eax
    inc eax
    mov [esi + 0Ch], edx
    mov [esi + 4], eax

loc_100016A8:
    mov eax, [esi + 8]
    shl byte [eax], 1

loc_100016AD:
    mov ecx, [esp + 8 + arg_0]
    mov eax, esi
    call func_9
    pop edi
    pop ebp
    retn 4
endp


proc func_9
    var_4 = -4

    push ecx
    mov edx, [esp + 4 + var_4]
    push esi
    push edi
    xor edi, edi

loc_10001008:
    mov esi, ecx
    and esi, 1
    shr ecx, 1
    inc edi
    lea edx, [esi + edx*2]
    cmp ecx, 1
    ja short loc_10001008
    dec edi
    jz short loc_10001069
    mov esi, [eax + 0Ch]
    mov ecx, [eax + 8]
    push ebx

loc_10001022:
    dec esi
    jnz short loc_10001033
    mov ecx, [eax + 4]
    lea ebx, [ecx + 1]
    mov esi, 8
    mov [eax + 4], ebx

loc_10001033:
    test dl, 1
    jz short loc_10001042
    mov bl, [ecx]
    add bl, bl
    inc bl
    mov [ecx], bl
    jmp short loc_10001044

loc_10001042:
    shl byte [ecx], 1

loc_10001044:
    dec esi
    jnz short loc_10001055
    mov ecx, [eax + 4]
    lea ebx, [ecx + 1]
    mov esi, 8
    mov [eax + 4], ebx

loc_10001055:
    mov bl, [ecx]
    add bl, bl
    inc bl
    shr edx, 1
    dec edi
    mov [ecx], bl
    jnz short loc_10001022
    mov [eax + 0Ch], esi
    mov [eax + 8], ecx
    pop ebx

loc_10001069:
    or esi, -1
    add [eax + 0Ch], esi
    jnz short loc_10001082
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov dword [eax + 0Ch], 8
    mov [eax + 4], ecx

loc_10001082:
    mov ecx, [eax + 8]
    test dl, 1
    jz short loc_10001094
    mov dl, [ecx]
    add dl, dl
    inc dl
    mov [ecx], dl
    jmp short loc_10001096

loc_10001094:
    shl byte [ecx], 1

loc_10001096:
    add [eax + 0Ch], esi
    pop edi
    pop esi
    jnz short loc_100010AE
    mov ecx, [eax + 4]
    mov [eax + 8], ecx
    inc ecx
    mov dword [eax + 0Ch], 8
    mov [eax + 4], ecx

loc_100010AE:
    mov eax, [eax + 8]
    shl byte [eax], 1
    pop ecx
    retn
endp


;   =========================================================
;       size_t aP_max_packed_size( size_t input_size );
;   =========================================================
proc aP_max_packed_size, input_size
    mov eax, [input_size]
    mov ecx, eax
    shr ecx, 3
    lea eax, [ecx + eax + 0x40]
    ret
endp

;   =========================================================
;       unsigned int aP_crc32( const void *source,
;                              size_t length );
;   =========================================================
proc aP_crc32 uses ebx ecx edx esi, source, length
    mov edx, -1
    mov esi, [source]
    mov ecx, [length]
 
    xor eax, eax
calc_crc32:
    lodsb
    mov ebx, edx
    and ebx, 0xFF
    xor bl, al
 
    shr edx, 8
    and edx, 0xFFFFFF

    push ecx
 
    mov ecx, 8
do_polynom:
    shr ebx, 1
    jnc @f
    xor ebx, 0xEDB88320
@@: loop do_polynom
 
    pop ecx
 
    xor edx, ebx
    loop calc_crc32
 
    mov eax, edx

    xor eax, -1
    ret
endp 


;   =========================================================
;       size_t aPsafe_pack( const void *source,
;                           void *destination,
;                           size_t length,
;                           void *workmem,
;                           int (*callback)(size_t, size_t, size_t, void *),
;                           void *cbparam );
;   =========================================================
proc aPsafe_pack, source, destination, length, workmem, callback, cbparam
    mov esi, [source]
    mov edi, [destination]
    mov ecx, [length]

    or eax, -1
    test esi, esi
    jz .return_eax

    test edi, edi
    jz .return_eax

    test ecx, ecx
    jz .return_eax

    mov ebx, SIGN
    mov [edi], ebx
    mov ebx, 24
    mov [edi + 4], ebx
    add ebx, edi
    mov [edi + 16], ecx

    stdcall aP_crc32, esi, ecx
    ;invoke RtlComputeCrc32, 0, esi, ecx

    mov [edi + 20], eax

    stdcall aP_pack, esi, ebx, ecx, [workmem], [callback], [cbparam]

    cmp eax, -1
    je .return_eax
    
    mov [edi + 8], eax
    mov edx, eax

    stdcall aP_crc32, ebx, eax
    ;push edx
    ;invoke RtlComputeCrc32, 0, ebx, eax
    ;pop edx

    mov [edi + 12], eax
    lea eax, [edx + 24]
.return_eax:

    ret
endp


;   =========================================================
;       size_t aPsafe_get_orig_size( const void *source );
;   =========================================================
proc aPsafe_get_orig_size, source
    mov esi, [source]

    mov ebx, [esi]

    or eax, -1

    cmp ebx, SIGN
    jne .return_eax

    mov ebx, [esi + 4]
    cmp ebx, 24
    jb .return_eax
    mov eax, [esi + 16]

.return_eax:
    ret
endp


;   =========================================================
;       size_t aPsafe_depack( const void *source,
;                             size_t srclen,
;                             void *destination,
;                             size_t dstlen );
;   =========================================================
proc aPsafe_depack, source, srclen, destination, dstlen
    mov esi, [source]
    mov ecx, [srclen]
    mov edi, [destination]

    test esi, esi
    jz .return_error

    test edi, edi
    jz .return_error

    cmp ecx, 24
    jb .return_error

    mov ebx, [esi]

    cmp ebx, SIGN
    jne .return_error

    mov ebx, [esi + 4]
    cmp ebx, 24
    jb .return_error

    sub ecx, ebx
    jc .return_error

    cmp [esi + 8], ecx
    ja .return_error

    add ebx, esi

    stdcall aP_crc32, ebx, dword[esi + 8]
    ;invoke RtlComputeCrc32, 0, ebx, dword[esi + 8]

    cmp eax, [esi + 12]
    jne .return_error

    mov ecx, [dstlen]
    cmp [esi + 16], ecx
    ja .return_error

    stdcall aP_depack_asm_safe, ebx, dword[esi + 8], edi, ecx

    cmp eax, [esi + 16]
    jne .return_error

    mov ebx, eax

    stdcall aP_crc32, edi, eax
    ;invoke RtlComputeCrc32, 0, edi, eax

    cmp eax, [esi + 20]

    mov eax, ebx

    je .return_eax

.return_error:
    or eax, -1

.return_eax:

    ret
endp


;   =========================================================
;       size_t aP_depack_asm_safe( const void *source,
;                                  size_t srclen,
;                                  void *destination,
;                                  size_t dstlen );
;   =========================================================

macro getbitM {
    local .stillbitsleft
    add dl, dl
    jnz .stillbitsleft

    sub dword [esp + 4], 1
    jc return_error       ;

    mov dl, [esi]
    inc esi

    add dl, dl
    inc dl
  .stillbitsleft:
}

macro domatchM reg {
    push ecx
    mov ecx, [esp + 12 + _dlen$]
    sub ecx, [esp + 4]
    cmp reg, ecx
    pop ecx
    ja return_error

    sub [esp], ecx
    jc return_error

    push esi
    mov esi, edi
    sub esi, reg
    rep movsb
    pop esi
}

macro getgammaM reg {
    local .getmore
    mov reg, 1
  .getmore:
    getbitM
    adc reg, reg
    jc return_error
    getbitM
    jc .getmore
}

aP_depack_asm_safe:
    _ret$ equ 7*4
    _src$ equ 8*4 + 4
    _slen$ equ 8*4 + 8
    _dst$ equ 8*4 + 12
    _dlen$ equ 8*4 + 16

    pushad

    mov esi, [esp + _src$]
    mov eax, [esp + _slen$]
    mov edi, [esp + _dst$]
    mov ecx, [esp + _dlen$]

    push eax
    push ecx

    test esi, esi
    jz return_error

    test edi, edi
    jz return_error

    or ebp, -1

    cld
    xor edx, edx

literal:
    sub dword [esp + 4], 1
    jc return_error

    mov al, [esi]
    add esi, 1

    sub dword [esp], 1
    jc return_error

    mov [edi], al
    add edi, 1

    mov ebx, 2

nexttag:
    getbitM
    jnc literal

    getbitM
    jnc codepair

    xor eax, eax

    getbitM
    jnc shortmatch

    getbitM
    adc eax, eax
    getbitM
    adc eax, eax
    getbitM
    adc eax, eax
    getbitM
    adc eax, eax
    jz .thewrite

    mov ebx, [esp + 8 + _dlen$]
    sub ebx, [esp]
    cmp eax, ebx
    ja return_error

    mov ebx, edi
    sub ebx, eax
    mov al, [ebx]

  .thewrite:
    sub dword [esp], 1
    jc return_error

    mov [edi], al
    inc edi

    mov ebx, 2

    jmp nexttag

codepair:
    getgammaM eax

    sub eax, ebx

    mov ebx, 1

    jnz normalcodepair

    getgammaM ecx

    domatchM ebp

    jmp nexttag

normalcodepair:
    dec eax

    test eax, 0xff000000
    jnz return_error

    shl eax, 8

    sub dword [esp + 4], 1
    jc return_error

    mov al, [esi]
    inc esi

    mov ebp, eax

    getgammaM ecx
    jmp @f
    x dd 32000
@@: cmp eax, [x]
    sbb ecx, -1

    cmp eax, 1280
    sbb ecx, -1

    cmp eax, 128
    adc ecx, 0

    cmp eax, 128
    adc ecx, 0

    domatchM eax
    jmp nexttag

shortmatch:
    sub dword [esp + 4], 1
    jc return_error

    mov al, [esi]
    inc esi

    xor ecx, ecx
    db 0c0h, 0e8h, 001h
    jz donedepacking

    adc ecx, 2

    mov ebp, eax

    domatchM eax

    mov ebx, 1

    jmp nexttag

return_error:
    add esp, 8

    popad

    or eax, -1

    ret

donedepacking:
    add esp, 8

    sub edi, [esp + _dst$]
    mov [esp + _ret$], edi

    popad

    ret

appack.asm

;    - aP_pack                  (-)
;    - aP_workmem_size          (-)
;    - aP_max_packed_size       (-)
;    - aP_depack_asm            (+) - depack.asm
;    - aP_depack_asm_fast       (+) - depackf.asm
;    - aP_depack_asm_safe       (+) - depacks.asm
;    - aP_crc32                 (+) - crc32.asm
;    - aPsafe_pack              (+) - spack.asm
;    - aPsafe_check             (+) - scheck.asm
;    - aPsafe_get_orig_size     (+) - sgetsize.asm
;    - aPsafe_depack            (+) - sdepack.asm


    format PE console 5.0

;   =====================
    include 'win32ax.inc'
;   =====================

;   =========================================================
    section '.code' import code writeable executable readable
;   =========================================================

;   =========================================================
    library msvcrt, 'msvcrt.dll',\
            ntdll, 'ntdll.dll'

    import  msvcrt,\
            fopen, 'fopen',\
            printf, 'printf',\
            fseek, 'fseek',\
            ftell, 'ftell',\
            malloc, 'malloc',\
            fread, 'fread',\
            getchar, 'getchar',\
            fwrite, 'fwrite',\
            fclose, 'fclose',\
            free, 'free'

    import  ntdll,\
            RtlComputeCrc32, 'RtlComputeCrc32'
;   =========================================================


    SEEK_SET        = 0
    SEEK_END        = 2
    APLIB_ERROR     = -1

;   ======================
    include 'aplib.asm'
;   ======================


;   =========================================================
;       Сжать файл.
;   =========================================================
proc compress_file, oldname, packedname
    locals
        frmt                db "packed: %u -> %u", 0
        r                   db "rb", 0
        w                   db "wb", 0
        xoldfile            rd 1
        xpackedfile         rd 1
        xinsize             rd 1
        xoutsize            rd 1
        xdata               rd 1
        xpacked             rd 1
        xworkmem            rd 1
    endl

    cinvoke fopen, [oldname], addr r
    mov [xoldfile], eax

    cmp [xoldfile], 0
    je _cerr

    cinvoke fseek, [xoldfile], 0, SEEK_END
    cinvoke ftell, [xoldfile]
    mov [xinsize], eax
    cinvoke fseek, [xoldfile], 0, SEEK_SET

    cinvoke malloc, [xinsize]
    mov [xdata], eax

    stdcall aP_max_packed_size, [xinsize]
    cinvoke malloc, eax
    mov [xpacked], eax

    mov eax, 0xA0000            ; aP_workmem_size
    cinvoke malloc, eax
    mov [xworkmem], eax

    cmp [xdata], 0
    je _cerr
    cmp [xpacked], 0
    je _cerr
    cmp [xworkmem], 0
    je _cerr

    cinvoke fread, [xdata], 1, [xinsize], [xoldfile]

    cmp eax, [xinsize]
    jne _cerr

    stdcall aPsafe_pack, [xdata], [xpacked], [xinsize], [xworkmem], NULL, NULL
    mov [xoutsize], eax

    cmp [xoutsize], APLIB_ERROR
    je _cerr

    cinvoke fopen, [packedname], addr w
    mov [xpackedfile], eax

    cmp [xpackedfile], 0
    je _cerr

    cinvoke fwrite, [xpacked], 1, [xoutsize], [xpackedfile]

    cinvoke printf, addr frmt, [xinsize], [xoutsize]

    cinvoke fclose, [xpackedfile]
    cinvoke fclose, [xoldfile]

    cinvoke free, [xworkmem]
    cinvoke free, [xpacked]
    cinvoke free, [xdata]

    xor eax, eax
    ret

_cerr:
    xor eax, eax
    dec eax
    ret
endp

;   =========================================================
;       Распаковать файл.
;   =========================================================
proc decompress_file, packedname, newname
    locals
        frmt                db "unpacked: %u -> %u", 0
        r                   db "rb", 0
        w                   db "wb", 0
        xnewfile            rd 1
        xpackedfile         rd 1
        xinsize             rd 1
        xoutsize            rd 1
        xdata               rd 1
        xpacked             rd 1
        xdepackedsize       rd 1
    endl

    cinvoke fopen, [packedname], addr r
    mov [xpackedfile], eax

    cmp [xpackedfile], 0
    je _derr

    cinvoke fseek, [xpackedfile], 0, SEEK_END
    cinvoke ftell, [xpackedfile]
    mov [xinsize], eax
    cinvoke fseek, [xpackedfile], 0, SEEK_SET

    cinvoke malloc, [xinsize]
    mov [xpacked], eax

    cmp [xpacked], 0
    je _derr

    cinvoke fread, [xpacked], 1, [xinsize], [xpackedfile]
    cmp eax, [xinsize]
    jne _derr

    stdcall aPsafe_get_orig_size, [xpacked]
    mov [xdepackedsize], eax

    cmp [xdepackedsize], APLIB_ERROR
    je _derr

    cinvoke malloc, [xdepackedsize]
    mov [xdata], eax

    cmp [xdata], 0
    je _derr

    stdcall aPsafe_depack, [xpacked], [xinsize], [xdata], [xdepackedsize]
    mov [xoutsize], eax

    cmp eax, [xdepackedsize]
    jne _derr

    cinvoke fopen, [newname], addr w
    mov [xnewfile], eax

    cmp [xnewfile], 0
    je _derr

    cinvoke fwrite, [xdata], 1, [xoutsize], [xnewfile]

    cinvoke printf, addr frmt, [xinsize], [xoutsize]

    cinvoke fclose, [xpackedfile]
    cinvoke fclose, [xnewfile]

    cinvoke free, [xpacked]
    cinvoke free, [xdata]

    xor eax, eax
    ret

_derr:
    xor eax, eax
    dec eax
    ret    
endp


;   =========================================================
;       Точка входа
;   =========================================================
entry $
    
    stdcall compress_file, f, p

    cinvoke printf, next_line

    stdcall decompress_file, p, n

    cinvoke getchar
    xor eax, eax
    ret


    f               db "file.exe", 0
    p               db "file_packed.exe", 0
    n               db "file_unpacked.exe", 0
    next_line       db 10
Подякували: 0xDADA11C7, sheva7402

2

Re: [FASM] Реверс ApLib 1.1.0 та "example\appack.c" на ассемблері

update:
трохи причесаний код для v1.1.1

    use32

    SIGN = 'PACK'

aPsafe_depack:
    pushad
    mov esi, dword[esp + 24h]
    mov ecx, dword[esp + 28h]
    mov edi, dword[esp + 2Ch]
    test esi, esi
    je @002
    test edi, edi
    je @002
    cmp ecx, 18h
    jb @002
    mov ebx, dword[esi]
    cmp ebx, SIGN
    jne @002
    mov ebx, dword[esi + 4h]
    cmp ebx, 18h
    jb @002
    sub ecx, ebx
    jb @002
    cmp dword[esi + 8h], ecx
    ja @002
    add ebx, esi
    push dword[esi + 8h]
    push ebx
    call aP_crc32
    add esp, 8h
    cmp eax, dword[esi + 0Ch]
    jne @002
    mov ecx, dword[esp + 30h]
    cmp dword[esi + 10h], ecx
    ja @002
    push ecx
    push edi
    push dword[esi + 8h]
    push ebx
    call aP_depack_asm_safe
    add esp, 10h
    cmp eax, dword[esi + 10h]
    jne @002
    mov ebx, eax
    push eax
    push edi
    call aP_crc32
    add esp, 8h
    cmp eax, dword[esi + 14h]
    mov eax, ebx
    je @003

@002:
    or eax, 0FFFFFFFFh

@003:
    mov dword[esp + 1Ch], eax
    popad
    ret
    dec dword[ecx + 0Ch]
    jne @004
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], 8h
    mov dword[ecx + 4h], eax

@004:
    cmp dword[esp + 4h], 0h
    mov ecx, dword[ecx + 8h]
    je @005
    mov al, byte[ecx]
    add al, al
    inc al
    mov byte[ecx], al
    ret 4h

@005:
    shl byte[ecx], 1h
    ret 4h
    dec dword[ecx + 0Ch]
    jne @006
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], 8h
    mov dword[ecx + 4h], eax

@006:
    mov ecx, dword[ecx + 8h]
    shl byte[ecx], 1h
    ret

@007:
    dec dword[ecx + 0Ch]
    jne @008
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], 8h
    mov dword[ecx + 4h], eax

@008:
    mov ecx, dword[ecx + 8h]
    mov al, byte[ecx]
    add al, al
    inc al
    mov byte[ecx], al
    ret
    mov ecx, dword[esp + 4h]
    cmp ecx, 2h
    jge @009
    mov eax, 64h
    ret

@009:
    xor eax, eax
    shr ecx, 1h
    je @011

@010:
    add eax, 2h
    shr ecx, 1h
    jne @010

@011:
    ret

@012:
    mov eax, dword[esp + 4h]
    mov edx, dword[esp + 4h]
    push ebp
    push esi
    push edi
    xor esi, esi
    lea ecx, [ecx]

@013:
    mov edi, eax
    and edi, 00000001h
    shr eax, 1h
    inc esi
    lea edx, [edx * 2h + edi]
    cmp eax, 1h
    ja @013
    dec esi
    mov ebp,  -1h
    lea edi, [ebp + 9h]
    je @019
    push ebx
    lea esp, [esp]

@014:
    add dword[ecx + 0Ch], ebp
    jne @015
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edi
    mov dword[ecx + 4h], eax

@015:
    mov eax, dword[ecx + 8h]
    test dl, 01h
    je @016
    mov bl, byte[eax]
    add bl, bl
    inc bl
    mov byte[eax], bl
    jmp @017

@016:
    shl byte[eax], 1h

@017:
    add dword[ecx + 0Ch], ebp
    jne @018
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edi
    mov dword[ecx + 4h], eax

@018:
    mov eax, dword[ecx + 8h]
    mov bl, byte[eax]
    add bl, bl
    inc bl
    shr edx, 1h
    dec esi
    mov byte[eax], bl
    jne @014
    pop ebx

@019:
    add dword[ecx + 0Ch], ebp
    jne @020
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edi
    mov dword[ecx + 4h], eax

@020:
    mov eax, dword[ecx + 8h]
    test dl, 01h
    je @021
    mov dl, byte[eax]
    add dl, dl
    inc dl
    mov byte[eax], dl
    jmp @022

@021:
    shl byte[eax], 1h

@022:
    add dword[ecx + 0Ch], ebp
    jne @023
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edi
    mov dword[ecx + 4h], eax

@023:
    mov ecx, dword[ecx + 8h]
    shl byte[ecx], 1h
    pop edi
    pop esi
    pop ebp
    ret 4h

@024:
    push ebx
    push ebp
    mov ebp, dword[esp + 10h]
    push esi
    xor eax, eax
    push edi
    cmp ebp, 0Fh
    jbe @025
    mov ebp, 0Fh

@025:
    mov edi, dword[esp + 14h]
    mov esi, edi
    sub esi, ebp
    lea esp, [esp]

@026:
    mov bl, byte[edi]
    test bl, bl
    je @029
    mov ecx, ebp
    mov edx, esi
    lea ebx, [ebx]

@027:
    cmp byte[edx], bl
    je @028
    inc edx
    dec ecx
    jne @027

@028:
    xor edx, edx
    test ecx, ecx
    sete dl
    lea eax, [edx * 2h + eax + 7h]
    jmp @030

@029:
    add eax, 7h

@030:
    inc edi
    inc esi
    dec dword[esp + 1Ch]
    jne @026
    pop edi
    pop esi
    pop ebp
    pop ebx
    ret

@031:
    push ebx
    push esi
    push edi
    mov edi, dword[esp + 10h]
    mov dword[ecx + 428h], 0h
    mov dl, byte[edi]
    test dl, dl
    je @050
    mov esi, dword[esp + 14h]
    cmp esi, 0Fh
    jbe @032
    mov esi, 0Fh
    mov dword[esp + 14h], esi

@032:
    mov eax, edi
    sub eax, esi

@033:
    cmp byte[eax], dl
    je @036
    mov esi, dword[esp + 14h]
    dec esi
    inc eax
    mov dword[esp + 14h], esi
    test esi, esi
    jne @033

@034:
    dec dword[ecx + 0Ch]
    jne @035
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], 8h
    mov dword[ecx + 4h], eax

@035:
    mov eax, dword[ecx + 8h]
    shl byte[eax], 1h
    mov al, byte[edi]
    mov edx, dword[ecx + 4h]
    pop edi
    pop esi
    mov byte[edx], al
    inc dword[ecx + 4h]
    pop ebx
    ret 8h

@036:
    cmp dword[esp + 14h], 0h
    je @034
    or esi, 0FFFFFFFFh
    add dword[ecx + 0Ch], esi
    lea edx, [esi + 9h]
    jne @037
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@037:
    mov eax, dword[ecx + 8h]
    mov bl, byte[eax]
    add bl, bl
    inc bl
    mov byte[eax], bl
    add dword[ecx + 0Ch], esi
    jne @038
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@038:
    mov eax, dword[ecx + 8h]
    mov bl, byte[eax]
    add bl, bl
    inc bl
    mov byte[eax], bl
    add dword[ecx + 0Ch], esi
    jne @039
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@039:
    mov eax, dword[ecx + 8h]
    mov bl, byte[eax]
    add bl, bl
    inc bl
    mov byte[eax], bl
    add dword[ecx + 0Ch], esi
    jne @040
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@040:
    mov eax, dword[ecx + 8h]
    test byte[esp + 14h], dl
    je @041
    mov bl, byte[eax]
    add bl, bl
    inc bl
    mov byte[eax], bl
    jmp @042

@041:
    shl byte[eax], 1h

@042:
    add dword[ecx + 0Ch], esi
    jne @043
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@043:
    test byte[esp + 14h], 04h
    mov eax, dword[ecx + 8h]
    je @044
    mov bl, byte[eax]
    add bl, bl
    inc bl
    mov byte[eax], bl
    jmp @045

@044:
    shl byte[eax], 1h

@045:
    add dword[ecx + 0Ch], esi
    jne @046
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@046:
    test byte[esp + 14h], 02h
    mov eax, dword[ecx + 8h]
    je @047
    mov bl, byte[eax]
    add bl, bl
    inc bl
    mov byte[eax], bl
    jmp @048

@047:
    shl byte[eax], 1h

@048:
    add dword[ecx + 0Ch], esi
    jne @049
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@049:
    test byte[esp + 14h], 01h
    mov ecx, dword[ecx + 8h]
    je @058
    mov al, byte[ecx]
    pop edi
    add al, al
    inc al
    pop esi
    mov byte[ecx], al
    pop ebx
    ret 8h

@050:
    or esi, 0FFFFFFFFh
    add dword[ecx + 0Ch], esi
    lea edx, [esi + 9h]
    jne @051
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@051:
    mov eax, dword[ecx + 8h]
    mov bl, byte[eax]
    add bl, bl
    inc bl
    mov byte[eax], bl
    add dword[ecx + 0Ch], esi
    jne @052
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@052:
    mov eax, dword[ecx + 8h]
    mov bl, byte[eax]
    add bl, bl
    inc bl
    mov byte[eax], bl
    add dword[ecx + 0Ch], esi
    jne @053
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@053:
    mov eax, dword[ecx + 8h]
    mov bl, byte[eax]
    add bl, bl
    inc bl
    mov byte[eax], bl
    add dword[ecx + 0Ch], esi
    jne @054
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@054:
    mov eax, dword[ecx + 8h]
    shl byte[eax], 1h
    add dword[ecx + 0Ch], esi
    jne @055
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@055:
    mov eax, dword[ecx + 8h]
    shl byte[eax], 1h
    add dword[ecx + 0Ch], esi
    jne @056
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@056:
    mov eax, dword[ecx + 8h]
    shl byte[eax], 1h
    add dword[ecx + 0Ch], esi
    jne @057
    mov eax, dword[ecx + 4h]
    mov dword[ecx + 8h], eax
    inc eax
    mov dword[ecx + 0Ch], edx
    mov dword[ecx + 4h], eax

@057:
    mov ecx, dword[ecx + 8h]

@058:
    shl byte[ecx], 1h
    pop edi
    pop esi
    pop ebx
    ret 8h

@059:
    mov eax, dword[esp + 4h]
    mov edx, dword[esp + 8h]
    cmp eax, 80h
    jae @060
    cmp edx, 4h
    jae @060
    cmp eax, dword[ecx + 424h]
    je @069
    neg eax
    sbb eax, eax
    and eax, 00000006h
    add eax, 5h
    ret 8h

@060:
    cmp eax, dword[ecx + 424h]
    je @069
    cmp eax, 80h
    jae @061
    sub edx, 2h
    jmp @062

@061:
    cmp eax, 500h
    jb @062
    dec edx
    cmp eax, 7D00h
    jb @062
    dec edx

@062:
    shr eax, 8h
    add eax, 3h
    cmp eax, 2h
    jge @063
    mov ecx, 64h
    jmp @065

@063:
    xor ecx, ecx
    shr eax, 1h
    je @065

@064:
    add ecx, 2h
    shr eax, 1h
    jne @064

@065:
    cmp edx, 2h
    jge @066
    mov eax, 64h
    lea eax, [eax + ecx + 0Ah]
    ret 8h

@066:
    xor eax, eax
    shr edx, 1h
    je @068

@067:
    add eax, 2h
    shr edx, 1h
    jne @067

@068:
    lea eax, [eax + ecx + 0Ah]
    ret 8h

@069:
    cmp edx, 2h
    jge @070
    mov eax, 64h
    add eax, 4h
    ret 8h

@070:
    xor eax, eax
    shr edx, 1h
    je @072

@071:
    add eax, 2h
    shr edx, 1h
    jne @071

@072:
    add eax, 4h
    ret 8h

@073:
    push ebx
    mov ebx, dword[esp + 8h]
    push ebp
    push esi
    mov esi, ecx
    cmp dword[esi + 428h], 0h
    push edi
    je @082
    cmp ebx, 80h
    jae @077
    mov ecx, dword[esp + 18h]
    cmp ecx, 4h
    jae @077
    or edi, 0FFFFFFFFh
    add dword[esi + 0Ch], edi
    lea ebp, [edi + 9h]
    jne @074
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ebp
    mov dword[esi + 4h], eax

@074:
    mov eax, dword[esi + 8h]
    mov dl, byte[eax]
    add dl, dl
    inc dl
    mov byte[eax], dl
    add dword[esi + 0Ch], edi
    jne @075
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ebp
    mov dword[esi + 4h], eax

@075:
    mov eax, dword[esi + 8h]
    mov dl, byte[eax]
    add dl, dl
    inc dl
    mov byte[eax], dl
    add dword[esi + 0Ch], edi
    jne @076
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ebp
    mov dword[esi + 4h], eax

@076:
    mov eax, dword[esi + 8h]
    shl byte[eax], 1h
    mov edx, dword[esi + 4h]
    mov al, bl
    and cl, 01h
    add al, al
    or cl, al
    pop edi
    mov byte[edx], cl
    inc dword[esi + 4h]
    mov dword[esi + 424h], ebx
    pop esi
    pop ebp
    pop ebx
    ret 8h

@077:
    or edi, 0FFFFFFFFh
    add dword[esi + 0Ch], edi
    lea ebp, [edi + 9h]
    jne @078
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ebp
    mov dword[esi + 4h], eax

@078:
    mov eax, dword[esi + 8h]
    mov cl, byte[eax]
    add cl, cl
    inc cl
    mov byte[eax], cl
    add dword[esi + 0Ch], edi
    jne @079
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ebp
    mov dword[esi + 4h], eax

@079:
    mov eax, dword[esi + 8h]
    shl byte[eax], 1h
    mov edx, ebx
    shr edx, 8h
    add edx, 2h
    push edx
    mov ecx, esi
    call @012
    mov eax, dword[esi + 4h]
    mov byte[eax], bl
    mov eax, 1h
    add dword[esi + 4h], eax
    mov dword[esi + 424h], ebx
    cmp ebx, 80h
    jae @080
    sub dword[esp + 18h], 2h
    mov ecx, dword[esp + 18h]
    push ecx
    mov ecx, esi
    call @012
    pop edi
    pop esi
    pop ebp
    pop ebx
    ret 8h

@080:
    cmp ebx, 500h
    jb @081
    sub dword[esp + 18h], eax
    cmp ebx, 7D00h
    jb @081
    sub dword[esp + 18h], eax

@081:
    mov ecx, dword[esp + 18h]
    push ecx
    mov ecx, esi
    call @012
    pop edi
    pop esi
    pop ebp
    pop ebx
    ret 8h

@082:
    mov dword[esi + 428h], 1h
    cmp ebx, 80h
    jae @084
    cmp dword[esp + 18h], 4h
    jae @084
    cmp ebx, dword[esi + 424h]
    je @084
    call @007
    mov ecx, esi
    call @007
    dec dword[esi + 0Ch]
    jne @083
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], 8h
    mov dword[esi + 4h], eax

@083:
    mov eax, dword[esi + 8h]
    shl byte[eax], 1h
    mov al, byte[esp + 18h]
    mov ecx, dword[esi + 4h]
    mov dl, bl
    and al, 01h
    add dl, dl
    or al, dl
    pop edi
    mov byte[ecx], al
    inc dword[esi + 4h]
    mov dword[esi + 424h], ebx
    pop esi
    pop ebp
    pop ebx
    ret 8h

@084:
    or edi, 0FFFFFFFFh
    add dword[esi + 0Ch], edi
    lea ebp, [edi + 9h]
    jne @085
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ebp
    mov dword[esi + 4h], eax

@085:
    mov eax, dword[esi + 8h]
    mov dl, byte[eax]
    add dl, dl
    inc dl
    mov byte[eax], dl
    add dword[esi + 0Ch], edi
    jne @086
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ebp
    mov dword[esi + 4h], eax

@086:
    mov eax, dword[esi + 8h]
    shl byte[eax], 1h
    cmp ebx, dword[esi + 424h]
    je @088
    mov eax, ebx
    shr eax, 8h
    add eax, 3h
    push eax
    call @012
    mov ecx, dword[esi + 4h]
    mov byte[ecx], bl
    mov eax, 1h
    add dword[esi + 4h], eax
    mov dword[esi + 424h], ebx
    cmp ebx, 80h
    jae @087
    sub dword[esp + 18h], 2h
    mov edx, dword[esp + 18h]
    push edx
    mov ecx, esi
    call @012
    pop edi
    pop esi
    pop ebp
    pop ebx
    ret 8h

@087:
    cmp ebx, 500h
    jb @091
    sub dword[esp + 18h], eax
    cmp ebx, 7D00h
    jb @091
    sub dword[esp + 18h], eax
    mov edx, dword[esp + 18h]
    push edx
    mov ecx, esi
    call @012
    pop edi
    pop esi
    pop ebp
    pop ebx
    ret 8h

@088:
    add dword[esi + 0Ch], edi
    jne @089
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ebp
    mov dword[esi + 4h], eax

@089:
    mov eax, dword[esi + 8h]
    shl byte[eax], 1h
    add dword[esi + 0Ch], edi
    jne @090
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ebp
    mov dword[esi + 4h], eax

@090:
    mov eax, dword[esi + 8h]
    shl byte[eax], 1h

@091:
    mov edx, dword[esp + 18h]
    push edx
    mov ecx, esi
    call @012
    pop edi
    pop esi
    pop ebp
    pop ebx
    ret 8h
    mov eax, dword[esp + 4h]
    lea edx, [eax + 16800h]
    cmp edx, dword[ecx + 414h]
    jbe @093
    mov ecx, dword[ecx + 41Ch]
    cmp eax, ecx
    jbe @092
    sub eax, ecx
    ret 4h

@092:
    sub eax, ecx
    add eax, 16800h
    ret 4h

@093:
    xor eax, eax
    ret 4h

@094:
    sub esp, 10h
    push ebx
    push ebp
    mov ebp, dword[esp + 20h]
    push esi
    xor ebx, ebx
    mov esi, ecx
    push edi
    mov dword[esp + 10h], ebx
    mov dword[esp + 14h], ebx
    cmp dword[esi + 418h], ebp
    jae @100
    jmp @095
    lea esp, [esp]
    lea esp, [esp]

@095:
    mov eax, dword[esi + 414h]
    lea ecx, [eax + 16800h]
    cmp ecx, eax
    jbe @097
    mov ecx, dword[esi + 41Ch]
    cmp eax, ecx
    jbe @096
    sub eax, ecx
    jmp @098

@096:
    sub eax, ecx
    add eax, 16800h
    jmp @098

@097:
    xor eax, eax

@098:
    mov ecx, dword[esi + 418h]
    movzx edx, byte[ecx]
    movzx ecx, byte[ecx + 1h]
    mov edx, dword[edx * 4h + esi + 14h]
    mov ecx, dword[ecx * 4h + edx]
    mov edi, dword[esi + 10h]
    mov dword[eax * 4h + edi], ecx
    mov eax, dword[esi + 418h]
    movzx edx, byte[eax]
    movzx eax, byte[eax + 1h]
    mov ecx, dword[edx * 4h + esi + 14h]
    mov edx, dword[esi + 414h]
    mov dword[eax * 4h + ecx], edx
    mov ecx, 1h
    add dword[esi + 414h], ecx
    add dword[esi + 418h], ecx
    mov eax, dword[esi + 414h]
    mov ecx, eax
    sub ecx, dword[esi + 41Ch]
    cmp ecx, 16800h
    jbe @099
    dec eax
    mov dword[esi + 41Ch], eax

@099:
    cmp dword[esi + 418h], ebp
    jb @095

@100:
    mov eax, dword[esp + 30h]
    mov edx, 16700h
    cmp eax, edx
    jbe @101
    mov dword[esp + 30h], edx
    jmp @102

@101:
    cmp eax, 1h
    jbe @121

@102:
    movzx eax, byte[ebp]
    movzx ecx, byte[ebp + 1h]
    mov eax, dword[eax * 4h + esi + 14h]
    mov edi, dword[ecx * 4h + eax]
    cmp edi, ebx
    je @121
    mov ecx, dword[esi + 420h]
    lea eax, [ecx + edi]
    mov dword[esp + 1Ch], 800h
    cmp eax, ebp
    jb @107
    nop

@103:
    cmp edi, ebx
    je @107
    lea eax, [edi + 16800h]
    cmp eax, dword[esi + 414h]
    jbe @105
    mov eax, dword[esi + 41Ch]
    cmp edi, eax
    jbe @104
    sub edi, eax
    jmp @106

@104:
    sub edi, eax
    add edi, 16800h
    jmp @106

@105:
    xor edi, edi

@106:
    mov eax, dword[esi + 10h]
    mov edi, dword[edi * 4h + eax]
    lea eax, [ecx + edi]
    cmp eax, ebp
    jae @103

@107:
    cmp dword[esp + 2Ch], edx
    jbe @108
    mov dword[esp + 2Ch], edx

@108:
    cmp edi, ebx
    je @121
    add eax, 0h

@109:
    mov ecx, ebp
    sub ecx, eax
    mov dword[esp + 18h], ecx
    cmp ecx, dword[esp + 2Ch]
    ja @121
    mov ecx, dword[esp + 10h]
    mov dl, byte[eax + ecx]
    cmp dl, byte[ecx + ebp]
    mov ecx, dword[esp + 18h]
    mov ebx, 2h
    je @110
    cmp ecx, dword[esi + 424h]
    jne @116

@110:
    mov edx, dword[esp + 30h]
    cmp ebx, edx
    jae @113
    lea ecx, [ebp + 2h]
    mov ebp, eax
    sub ebp, dword[esp + 28h]

@111:
    mov al, byte[ecx + ebp]
    cmp al, byte[ecx]
    jne @112
    inc ebx
    inc ecx
    cmp ebx, edx
    jb @111

@112:
    mov ecx, dword[esp + 18h]
    mov ebp, dword[esp + 28h]
    cmp ebx, edx

@113:
    je @120
    cmp ebx, dword[esp + 10h]
    jbe @114
    push ebx
    push ecx
    mov ecx, esi
    call @059
    mov ecx, dword[esp + 10h]
    mov edx, dword[esp + 14h]
    push ecx
    push edx
    mov ecx, esi
    mov ebp, eax
    call @059
    sub ebp, eax
    add ebp, ebp
    mov eax, 4EC4EC4Fh
    imul ebp
    mov ebp, dword[esp + 28h]
    sar edx, 2h
    mov eax, edx
    shr eax, 1Fh
    add eax, edx
    add eax, dword[esp + 10h]
    cmp ebx, eax
    jbe @116
    mov ecx, dword[esp + 18h]
    mov dword[esp + 14h], ecx
    jmp @115

@114:
    cmp ecx, dword[esi + 424h]
    jne @116
    push ebx
    push ecx
    mov ecx, esi
    call @059
    mov edx, dword[esp + 10h]
    mov ebp, eax
    mov eax, dword[esp + 14h]
    push edx
    push eax
    mov ecx, esi
    call @059
    mov ecx, eax
    sub ecx, ebp
    mov ebp, dword[esp + 28h]
    mov eax, 2AAAAAABh
    imul ecx
    mov ecx, edx
    shr ecx, 1Fh
    add ecx, edx
    add ecx, ebx
    cmp ecx, dword[esp + 10h]
    jb @116
    mov edx, dword[esp + 18h]
    mov dword[esp + 14h], edx

@115:
    mov dword[esp + 10h], ebx

@116:
    lea eax, [edi + 16800h]
    cmp eax, dword[esi + 414h]
    jbe @118
    mov eax, dword[esi + 41Ch]
    cmp edi, eax
    jbe @117
    sub edi, eax
    jmp @119

@117:
    sub edi, eax
    add edi, 16800h
    jmp @119

@118:
    xor edi, edi

@119:
    mov ecx, dword[esi + 10h]
    mov edi, dword[edi * 4h + ecx]
    mov eax, dword[esi + 420h]
    add eax, edi
    dec dword[esp + 1Ch]
    je @121
    test edi, edi
    jne @109
    jmp @121

@120:
    mov dword[esp + 14h], ecx
    mov dword[esp + 10h], ebx

@121:
    mov eax, dword[esp + 24h]
    mov edx, dword[esp + 10h]
    mov ecx, dword[esp + 14h]
    pop edi
    pop esi
    pop ebp
    mov dword[eax], edx
    mov dword[eax + 4h], ecx
    pop ebx
    add esp, 10h
    ret 10h

aP_workmem_size:
    mov eax, 0A0000h
    ret

aP_max_packed_size:
    mov eax, dword[esp + 4h]
    mov ecx, eax
    shr ecx, 3h
    lea eax, [ecx + eax + 40h]
    ret

@124:
    push ecx
    mov eax, dword[esp + 8h]
    push ebx
    push ebp
    mov ebp, dword[eax]
    push esi
    push edi
    mov edi, dword[eax + 4h]
    push ebp
    push edi
    mov esi, ecx
    call @059
    mov dword[esp + 10h], eax
    mov eax, dword[esp + 1Ch]
    mov ecx, dword[eax]
    mov ebx, dword[eax + 4h]
    push ecx
    mov dword[esp + 20h], ecx
    push ebx
    mov ecx, esi
    call @059
    mov esi, eax
    mov dword[esp + 18h], 0h
    cmp ebx, edi
    jl @125
    mov ecx, dword[esp + 10h]
    sub ecx, esi
    add ecx, ecx
    mov eax, 38E38E39h
    imul ecx
    sar edx, 1h
    mov eax, edx
    shr eax, 1Fh
    add eax, edx
    jmp @126

@125:
    mov eax, dword[esp + 10h]
    sub eax, esi
    cdq
    and edx, 00000003h
    add eax, edx
    sar eax, 2h

@126:
    add eax, dword[esp + 1Ch]
    cmp ebp, eax
    jge @127
    mov dword[esp + 18h], 1h

@127:
    cmp dword[esp + 20h], 0h
    jbe @128
    cmp dword[esp + 1Ch], ebp
    jl @128
    mov eax, 1h
    cmp esi, dword[esp + 10h]
    jl @129

@128:
    mov eax, dword[esp + 18h]

@129:
    pop edi
    pop esi
    pop ebp
    pop ebx
    pop ecx
    ret 0Ch

@130:
    push ecx
    mov eax, dword[esp + 8h]
    push ebx
    push ebp
    mov ebp, dword[eax]
    push esi
    push edi
    mov edi, dword[eax + 4h]
    push ebp
    push edi
    mov esi, ecx
    call @059
    mov dword[esp + 10h], eax
    mov eax, dword[esp + 1Ch]
    mov ecx, dword[eax]
    mov ebx, dword[eax + 4h]
    push ecx
    mov dword[esp + 20h], ecx
    push ebx
    mov ecx, esi
    call @059
    mov esi, eax
    mov dword[esp + 18h], 0h
    cmp ebx, edi
    jl @131
    mov eax, dword[esp + 10h]
    sub eax, esi
    cdq
    and edx, 00000003h
    add eax, edx
    sar eax, 2h
    jmp @132

@131:
    mov ecx, dword[esp + 10h]
    sub ecx, esi
    add ecx, ecx
    mov eax, 2E8BA2E9h
    imul ecx
    sar edx, 1h
    mov eax, edx
    shr eax, 1Fh
    add eax, edx

@132:
    add eax, dword[esp + 1Ch]
    cmp ebp, eax
    jge @133
    mov dword[esp + 18h], 1h

@133:
    cmp dword[esp + 20h], 0h
    jbe @134
    cmp dword[esp + 1Ch], ebp
    jl @134
    mov eax, 1h
    cmp esi, dword[esp + 10h]
    jl @135

@134:
    mov eax, dword[esp + 18h]

@135:
    pop edi
    pop esi
    pop ebp
    pop ebx
    pop ecx
    ret 0Ch

@136:
    sub esp, 30h
    cmp dword[esp + 3Ch], 0h
    push esi
    mov esi, ecx
    jne @137
    xor eax, eax
    pop esi
    add esp, 30h
    ret 18h

@137:
    mov ecx, dword[esp + 38h]
    test ecx, ecx
    jne @139

@138:
    or eax, 0FFFFFFFFh
    pop esi
    add esp, 30h
    ret 18h

@139:
    mov edx, dword[esp + 3Ch]
    test edx, edx
    je @138
    mov eax, dword[esp + 44h]
    test eax, eax
    je @138
    push ebp
    mov dword[esi], ecx
    dec ecx
    push edi
    mov dword[esi + 420h], ecx
    mov dword[esi + 4h], edx
    mov dword[esi + 10h], eax
    lea ecx, [esi + 14h]
    lea edx, [eax + 5A018h]
    mov edi, 100h
    mov ebp, 1h
    push ebx
    lea ecx, [ecx]

@140:
    mov dword[ecx], edx
    xor eax, eax

@141:
    mov ebx, dword[ecx]
    mov dword[eax + ebx], 0h
    add eax, 4h
    cmp eax, 400h
    jb @141
    add ecx, 4h
    add edx, 400h
    sub edi, ebp
    jne @140
    mov ecx, dword[esi]
    mov edx, dword[esi + 10h]
    or eax, 0FFFFFFFFh
    mov dword[esi + 424h], eax
    mov dword[esi + 418h], ecx
    mov dword[esi + 414h], ebp
    mov dword[esi + 41Ch], edi
    mov dword[edx], edi
    mov ecx, dword[esi]
    mov edx, dword[esi + 4h]
    mov dword[esi + 428h], edi
    mov cl, byte[ecx]
    mov dword[esp + 18h], eax
    mov eax, dword[esp + 4Ch]
    mov byte[edx], cl
    add dword[esi + 4h], ebp
    add dword[esi], ebp
    dec eax
    mov dword[esp + 50h], edi
    mov dword[esp + 14h], edi
    mov dword[esi + 0Ch], ebp
    cmp eax, ebp
    jbe @192

@142:
    mov ecx, dword[esp + 54h]
    test ecx, ecx
    je @143
    mov eax, dword[esp + 14h]
    inc eax
    mov dword[esp + 14h], eax
    test eax, 00000FFFh
    jne @143
    mov edx, dword[esp + 58h]
    mov eax, dword[esi + 4h]
    sub eax, dword[esp + 48h]
    push edx
    mov edx, dword[esi]
    sub edx, dword[esp + 48h]
    push eax
    mov eax, dword[esp + 54h]
    push edx
    push eax
    call ecx
    add esp, 10h
    test eax, eax
    je @188

@143:
    cmp ebp, dword[esp + 18h]
    jne @144
    mov ecx, dword[esp + 38h]
    mov edx, dword[esp + 3Ch]
    mov dword[esp + 20h], ecx
    mov dword[esp + 24h], edx
    jmp @145

@144:
    mov eax, dword[esp + 4Ch]
    mov ecx, dword[esi]
    sub eax, ebp
    push eax
    push ebp
    push ecx
    lea edx, [esp + 2Ch]
    push edx
    mov ecx, esi
    call @094

@145:
    cmp dword[esp + 20h], 2h
    jl @173
    mov eax, dword[esi + 424h]
    cmp dword[esp + 24h], eax
    jne @147
    cmp edi, 1h
    jbe @150
    mov ebx, dword[esp + 2Ch]
    cmp ebx, eax
    je @150
    mov ecx, dword[esp + 50h]
    mov eax, ebp
    push edi
    sub eax, edi
    push eax
    push ecx
    call @024
    add esp, 0Ch
    push edi
    push ebx
    mov ecx, esi
    mov dword[esp + 24h], eax
    call @059
    cmp eax, dword[esp + 1Ch]
    jge @150
    mov eax, ebx
    cmp eax, 500h
    jl @146
    cmp edi, 2h
    je @150

@146:
    cmp eax, 7D00h
    jl @147
    cmp edi, 3h
    je @150

@147:
    mov ebx, dword[esp + 4Ch]
    sub ebx, ebp
    lea edx, [ebx - 1h]
    push edx
    lea eax, [ebp + 1h]
    push eax
    mov eax, dword[esi]
    inc eax
    push eax
    lea ecx, [esp + 44h]
    push ecx
    mov ecx, esi
    mov dword[esp + 2Ch], ebx
    call @094
    lea eax, [ebp + 1h]
    push edi
    lea edx, [esp + 3Ch]
    mov dword[esp + 1Ch], eax
    push edx
    lea eax, [esp + 28h]
    push eax
    mov ecx, esi
    call @124
    mov dword[esp + 10h], eax
    test edi, edi
    jne @148
    mov ecx, dword[esp + 20h]
    cmp dword[esp + 38h], ecx
    jge @148
    mov edx, dword[esp + 38h]
    mov eax, dword[esp + 3Ch]
    push edx
    push eax
    mov ecx, esi
    call @059
    mov ecx, dword[esi]
    push 1h
    push ebp
    push ecx
    mov ebx, eax
    call @024
    mov edx, dword[esp + 2Ch]
    add esp, 0Ch
    lea ebx, [ebx + eax + 1h]
    mov eax, dword[esp + 24h]
    push edx
    push eax
    mov ecx, esi
    call @059
    cmp ebx, eax
    mov ebx, dword[esp + 1Ch]
    jg @149

@148:
    cmp dword[esp + 10h], 0h
    jne @171

@149:
    cmp dword[esp + 20h], 2h
    jle @150
    mov eax, dword[esi]
    lea ecx, [ebx - 2h]
    push ecx
    lea edx, [ebp + 2h]
    push edx
    add eax, 2h
    push eax
    lea ecx, [esp + 3Ch]
    push ecx
    mov ecx, esi
    call @094
    push edi
    lea edx, [esp + 34h]
    push edx
    lea eax, [esp + 28h]
    push eax
    mov ecx, esi
    call @130
    test eax, eax
    jne @171
    cmp dword[esp + 20h], 3h
    jle @150
    mov edx, dword[esi]
    add ebx,  -3h
    push ebx
    lea ecx, [ebp + 3h]
    push ecx
    add edx, 3h
    push edx
    lea eax, [esp + 3Ch]
    push eax
    mov ecx, esi
    call @094
    push edi
    lea ecx, [esp + 34h]
    push ecx
    lea edx, [esp + 28h]
    push edx
    mov ecx, esi
    call @130
    test eax, eax
    jne @171

@150:
    test edi, edi
    je @161
    cmp edi, 1h
    jbe @159
    mov eax, edi
    sub eax, ebp
    add eax, dword[esp + 4Ch]
    cmp eax, edi
    jbe @151
    mov eax, edi

@151:
    mov edx, dword[esp + 50h]
    push eax
    mov ebx, ebp
    sub ebx, edi
    push ebx
    push edx
    lea eax, [esp + 3Ch]
    push eax
    mov ecx, esi
    mov dword[esp + 20h], ebx
    call @094
    cmp dword[esp + 30h], edi
    jb @152
    mov ecx, dword[esp + 34h]
    push edi
    push ecx
    mov ecx, esi
    call @059
    mov edx, dword[esp + 2Ch]
    push edi
    push edx
    mov ecx, esi
    mov ebx, eax
    call @059
    cmp eax, ebx
    mov ebx, dword[esp + 10h]
    jle @152
    mov eax, dword[esp + 34h]
    mov ecx, dword[esp + 30h]
    mov dword[esp + 2Ch], eax
    mov dword[esp + 28h], ecx

@152:
    mov edx, dword[esp + 50h]
    push edi
    push ebx
    push edx
    call @024
    add esp, 0Ch
    mov dword[esp + 1Ch], eax
    mov eax, dword[esp + 2Ch]
    push edi
    push eax
    mov ecx, esi
    call @059
    mov ebx, eax
    cmp ebx, dword[esp + 1Ch]
    jge @157
    mov ecx, dword[esp + 24h]
    cmp ecx, dword[esi + 424h]
    jne @153
    mov edx, dword[esp + 20h]
    mov eax, ecx
    push edx
    inc eax
    push eax
    mov ecx, esi
    call @059
    mov ecx, dword[esp + 20h]
    mov edx, dword[esp + 24h]
    push ecx
    add eax, ebx
    push edx
    mov ecx, esi
    mov dword[esp + 18h], eax
    call @059
    add eax, dword[esp + 1Ch]
    cmp eax, dword[esp + 10h]
    jle @157

@153:
    mov eax, dword[esp + 2Ch]
    cmp eax, dword[esi + 424h]
    jne @154
    cmp dword[esi + 428h], 0h
    je @156

@154:
    cmp eax, 500h
    jl @155
    cmp edi, 2h
    je @157

@155:
    cmp eax, 7D00h
    jl @156
    cmp edi, 3h
    je @157

@156:
    push edi
    push eax
    mov ecx, esi
    call @073
    jmp @160

@157:
    mov ebx, dword[esp + 50h]
    lea esp, [esp]

@158:
    mov eax, ebp
    sub eax, edi
    push eax
    push ebx
    mov ecx, esi
    call @031
    inc ebx
    dec edi
    jne @158
    mov dword[esp + 50h], ebx
    jmp @161

@159:
    mov edx, dword[esp + 50h]
    lea ecx, [ebp - 1h]
    push ecx
    push edx
    mov ecx, esi
    call @031

@160:
    xor edi, edi

@161:
    mov ebx, dword[esp + 20h]
    cmp ebx, 3h
    jg @169
    mov eax, dword[esi]
    push ebx
    push ebp
    push eax
    call @024
    mov ecx, dword[esp + 30h]
    add esp, 0Ch
    push ebx
    push ecx
    mov ecx, esi
    mov dword[esp + 24h], eax
    call @059
    cmp eax, dword[esp + 1Ch]
    jg @164
    mov eax, dword[esp + 24h]
    cmp eax, dword[esi + 424h]
    jne @162
    cmp dword[esi + 428h], 0h
    je @168

@162:
    mov ebx, dword[esp + 20h]
    cmp eax, 500h
    jl @163
    cmp ebx, 2h
    je @165

@163:
    cmp eax, 7D00h
    jl @170
    jmp @165

@164:
    mov ebx, dword[esp + 20h]

@165:
    mov dword[esp + 10h], ebx
    test ebx, ebx
    je @167

@166:
    mov edx, dword[esi]
    push ebp
    push edx
    mov ecx, esi
    call @031
    inc dword[esi]
    dec dword[esp + 10h]
    jne @166

@167:
    lea ebp, [ebx + ebp - 1h]
    jmp @176

@168:
    mov ebx, dword[esp + 20h]
    push ebx
    push eax
    mov ecx, esi
    call @073
    add dword[esi], ebx
    lea ebp, [ebx + ebp - 1h]
    jmp @176

@169:
    mov eax, dword[esp + 24h]

@170:
    push ebx
    push eax
    mov ecx, esi
    call @073
    add dword[esi], ebx
    lea ebp, [ebx + ebp - 1h]
    jmp @176

@171:
    test edi, edi
    jne @172
    mov eax, dword[esp + 20h]
    mov ecx, dword[esp + 24h]
    mov edx, dword[esi]
    mov dword[esp + 28h], eax
    mov dword[esp + 2Ch], ecx
    mov dword[esp + 50h], edx

@172:
    inc edi
    jmp @175

@173:
    test edi, edi
    je @174
    inc edi
    jmp @175

@174:
    mov eax, dword[esi]
    push ebp
    push eax
    mov ecx, esi
    call @031

@175:
    inc dword[esi]

@176:
    test edi, edi
    je @184
    cmp edi, dword[esp + 28h]
    jne @184
    mov eax, edi
    sub eax, ebp
    add eax, dword[esp + 4Ch]
    cmp eax, edi
    jbe @177
    mov eax, edi

@177:
    push eax
    mov eax, dword[esp + 54h]
    mov ebx, ebp
    sub ebx, edi
    push ebx
    push eax
    lea ecx, [esp + 3Ch]
    push ecx
    mov ecx, esi
    mov dword[esp + 20h], ebx
    call @094
    cmp dword[esp + 30h], edi
    jb @178
    mov edx, dword[esp + 34h]
    push edi
    push edx
    mov ecx, esi
    call @059
    mov ebx, eax
    mov eax, dword[esp + 2Ch]
    push edi
    push eax
    mov ecx, esi
    call @059
    cmp eax, ebx
    mov ebx, dword[esp + 10h]
    jle @178
    mov ecx, dword[esp + 34h]
    mov edx, dword[esp + 30h]
    mov dword[esp + 2Ch], ecx
    mov dword[esp + 28h], edx

@178:
    mov eax, dword[esp + 50h]
    push edi
    push ebx
    push eax
    call @024
    mov ecx, dword[esp + 38h]
    add esp, 0Ch
    push edi
    push ecx
    mov ecx, esi
    mov ebx, eax
    call @059
    cmp eax, ebx
    jge @182
    mov eax, dword[esp + 2Ch]
    cmp eax, dword[esi + 424h]
    jne @179
    cmp dword[esi + 428h], 0h
    je @181

@179:
    cmp eax, 500h
    jl @180
    cmp edi, 2h
    je @182

@180:
    cmp eax, 7D00h
    jl @181
    cmp edi, 3h
    je @182

@181:
    push edi
    push eax
    mov ecx, esi
    call @073
    xor edi, edi
    jmp @184

@182:
    mov ebx, dword[esp + 50h]
    lea ecx, [ecx]

@183:
    mov edx, ebp
    sub edx, edi
    push edx
    push ebx
    mov ecx, esi
    call @031
    inc ebx
    dec edi
    jne @183
    mov dword[esp + 50h], ebx

@184:
    mov eax, dword[esp + 4Ch]
    inc ebp
    dec eax
    cmp ebp, eax
    jb @142
    test edi, edi
    je @192
    cmp edi, 1h
    jbe @191
    mov ecx, dword[esp + 50h]
    mov eax, ebp
    push edi
    sub eax, edi
    push eax
    push ecx
    call @024
    mov edx, dword[esp + 38h]
    add esp, 0Ch
    push edi
    push edx
    mov ecx, esi
    mov ebx, eax
    call @059
    cmp eax, ebx
    jg @189
    mov eax, dword[esp + 2Ch]
    cmp eax, dword[esi + 424h]
    jne @185
    cmp dword[esi + 428h], 0h
    je @187

@185:
    cmp eax, 500h
    jl @186
    cmp edi, 2h
    je @189

@186:
    cmp eax, 7D00h
    jl @187
    cmp edi, 3h
    je @189

@187:
    push edi
    push eax
    mov ecx, esi
    call @073
    jmp @192

@188:
    pop ebx
    pop edi
    pop ebp
    or eax, 0FFFFFFFFh
    pop esi
    add esp, 30h
    ret 18h

@189:
    mov ebx, dword[esp + 50h]

@190:
    mov eax, ebp
    sub eax, edi
    push eax
    push ebx
    mov ecx, esi
    call @031
    inc ebx
    dec edi
    jne @190
    jmp @192

@191:
    mov edx, dword[esp + 50h]
    lea ecx, [ebp - 1h]
    push ecx
    push edx
    mov ecx, esi
    call @031

@192:
    mov edi, dword[esp + 4Ch]
    cmp ebp, edi
    jae @194
    mov edi, edi

@193:
    mov eax, dword[esi]
    push ebp
    push eax
    mov ecx, esi
    call @031
    inc dword[esi]
    inc ebp
    cmp ebp, edi
    jb @193

@194:
    or ebp, 0FFFFFFFFh
    add dword[esi + 0Ch], ebp
    lea ecx, [ebp + 9h]
    jne @195
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ecx
    mov dword[esi + 4h], eax

@195:
    mov eax, dword[esi + 8h]
    mov dl, byte[eax]
    add dl, dl
    inc dl
    mov byte[eax], dl
    add dword[esi + 0Ch], ebp
    jne @196
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ecx
    mov dword[esi + 4h], eax

@196:
    mov eax, dword[esi + 8h]
    mov dl, byte[eax]
    add dl, dl
    inc dl
    mov byte[eax], dl
    add dword[esi + 0Ch], ebp
    jne @197
    mov eax, dword[esi + 4h]
    mov dword[esi + 8h], eax
    inc eax
    mov dword[esi + 0Ch], ecx
    mov dword[esi + 4h], eax

@197:
    mov eax, dword[esi + 8h]
    shl byte[eax], 1h
    mov eax, dword[esi + 4h]
    mov byte[eax], 0h
    mov ecx, dword[esi + 0Ch]
    mov eax, dword[esi + 8h]
    inc dword[esi + 4h]
    dec ecx
    shl byte[eax], cl
    mov eax, dword[esp + 54h]
    test eax, eax
    je @198
    mov ecx, dword[esp + 58h]
    mov edx, dword[esi + 4h]
    sub edx, dword[esp + 48h]
    push ecx
    mov ecx, dword[esi]
    sub ecx, dword[esp + 48h]
    push edx
    push ecx
    push edi
    call eax
    add esp, 10h
    test eax, eax
    jne @198
    pop ebx
    pop edi
    mov eax, ebp
    pop ebp
    pop esi
    add esp, 30h
    ret 18h

@198:
    mov eax, dword[esi + 4h]
    sub eax, dword[esp + 48h]
    pop ebx
    pop edi
    pop ebp
    pop esi
    add esp, 30h
    ret 18h

aP_pack:
    mov eax, dword[esp + 0Ch]
    sub esp, 42Ch
    test eax, eax
    jne @200
    add esp, 42Ch
    ret

@200:
    mov ecx, dword[esp + 444h]
    mov edx, dword[esp + 440h]
    push ecx
    mov ecx, dword[esp + 440h]
    push edx
    mov edx, dword[esp + 43Ch]
    push ecx
    push eax
    mov eax, dword[esp + 440h]
    push edx
    push eax
    lea ecx, [esp + 18h]
    call @136
    add esp, 42Ch
    ret

aP_depack_asm:
    pushad
    mov esi, dword[esp + 24h]
    mov edi, dword[esp + 28h]
    cld
    mov dl, 80h
    xor ebx, ebx

@202:
    movsb
    mov bl, 2h

@203:
    call @213
    jae @202
    xor ecx, ecx
    call @213
    jae @205
    xor eax, eax
    call @213
    jae @206
    mov bl, 2h
    inc ecx
    mov al, 10h

@204:
    call @213
    adc al, al
    jae @204
    jne @212
    stosb
    jmp @203

@205:
    call @216
    sub ecx, ebx
    jne @207
    call @215
    jmp @211

@206:
    lodsb
    shr eax, 1h
    je @218
    adc ecx, ecx
    jmp @208

@207:
    xchg eax, ecx
    dec eax
    shl eax, 8h
    lodsb
    call @215
    cmp eax, 7D00h
    jae @208
    cmp ah, 5h
    jae @209
    cmp eax, 7Fh
    ja @210

@208:
    inc ecx

@209:
    inc ecx

@210:
    xchg eax, ebp

@211:
    mov eax, ebp
    mov bl, 1h

@212:
    push esi
    mov esi, edi
    sub esi, eax
    rep movsb
    pop esi
    jmp @203

@213:
    add dl, dl
    jne @214
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@214:
    ret

@215:
    xor ecx, ecx

@216:
    inc ecx

@217:
    call @213
    adc ecx, ecx
    call @213
    jb @217
    ret

@218:
    sub edi, dword[esp + 28h]
    mov dword[esp + 1Ch], edi
    popad
    ret

aP_depack_asm_fast:
    pushad
    mov esi, dword[esp + 24h]
    mov edi, dword[esp + 28h]
    cld
    mov dl, 80h

@220:
    mov al, byte[esi]
    add esi, 1h
    mov byte[edi], al
    add edi, 1h
    mov ebx, 2h

@221:
    add dl, dl
    jne @222
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@222:
    jae @220
    add dl, dl
    jne @223
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@223:
    jae @230
    xor eax, eax
    add dl, dl
    jne @224
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@224:
    jae @241
    add dl, dl
    jne @225
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@225:
    adc eax, eax
    add dl, dl
    jne @226
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@226:
    adc eax, eax
    add dl, dl
    jne @227
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@227:
    adc eax, eax
    add dl, dl
    jne @228
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@228:
    adc eax, eax
    je @229
    mov ebx, edi
    sub ebx, eax
    mov al, byte[ebx]

@229:
    mov byte[edi], al
    inc edi
    mov ebx, 2h
    jmp @221

@230:
    mov eax, 1h

@231:
    add dl, dl
    jne @232
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@232:
    adc eax, eax
    add dl, dl
    jne @233
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@233:
    jb @231
    sub eax, ebx
    mov ebx, 1h
    jne @237
    mov ecx, 1h

@234:
    add dl, dl
    jne @235
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@235:
    adc ecx, ecx
    add dl, dl
    jne @236
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@236:
    jb @234
    push esi
    mov esi, edi
    sub esi, ebp
    rep movsb
    pop esi
    jmp @221

@237:
    dec eax
    shl eax, 8h
    mov al, byte[esi]
    inc esi
    mov ebp, eax
    mov ecx, 1h

@238:
    add dl, dl
    jne @239
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@239:
    adc ecx, ecx
    add dl, dl
    jne @240
    mov dl, byte[esi]
    inc esi
    adc dl, dl

@240:
    jb @238
    cmp eax, 7D00h
    sbb ecx,  -1h
    cmp eax, 500h
    sbb ecx,  -1h
    cmp eax, 80h
    adc ecx, 0h
    cmp eax, 80h
    adc ecx, 0h
    push esi
    mov esi, edi
    sub esi, eax
    rep movsb
    pop esi
    jmp @221

@241:
    mov al, byte[esi]
    inc esi
    xor ecx, ecx
    shr al, 1h
    je @242
    adc ecx, 2h
    mov ebp, eax
    push esi
    mov esi, edi
    sub esi, eax
    rep movsb
    pop esi
    mov ebx, 1h
    jmp @221

@242:
    sub edi, dword[esp + 28h]
    mov dword[esp + 1Ch], edi
    popad
    ret

aPsafe_check:
    pushad
    mov esi, dword[esp + 24h]
    test esi, esi
    je @244
    mov ebx, dword[esi]
    cmp ebx, SIGN
    jne @244
    mov ebx, dword[esi + 4h]
    cmp ebx, 18h
    jb @244
    add ebx, esi
    push dword[esi + 8h]
    push ebx
    call aP_crc32
    add esp, 8h
    cmp eax, dword[esi + 0Ch]
    mov eax, dword[esi + 10h]
    je @245

@244:
    or eax, 0FFFFFFFFh

@245:
    mov dword[esp + 1Ch], eax
    popad
    ret

aP_depack_asm_safe:
    pushad
    mov esi, dword[esp + 24h]
    mov eax, dword[esp + 28h]
    mov edi, dword[esp + 2Ch]
    mov ecx, dword[esp + 30h]
    push eax
    push ecx
    test esi, esi
    je @269
    test edi, edi
    je @269
    or ebp, 0FFFFFFFFh
    cld
    xor edx, edx

@247:
    sub dword[esp + 4h], 1h
    jb @269
    mov al, byte[esi]
    add esi, 1h
    sub dword[esp], 1h
    jb @269
    mov byte[edi], al
    add edi, 1h
    mov ebx, 2h

@248:
    add dl, dl
    jne @249
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@249:
    jae @247
    add dl, dl
    jne @250
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@250:
    jae @257
    xor eax, eax
    add dl, dl
    jne @251
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@251:
    jae @268
    add dl, dl
    jne @252
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@252:
    adc eax, eax
    add dl, dl
    jne @253
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@253:
    adc eax, eax
    add dl, dl
    jne @254
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@254:
    adc eax, eax
    add dl, dl
    jne @255
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@255:
    adc eax, eax
    je @256
    mov ebx, dword[esp + 38h]
    sub ebx, dword[esp]
    cmp eax, ebx
    ja @269
    mov ebx, edi
    sub ebx, eax
    mov al, byte[ebx]

@256:
    sub dword[esp], 1h
    jb @269
    mov byte[edi], al
    inc edi
    mov ebx, 2h
    jmp @248

@257:
    mov eax, 1h

@258:
    add dl, dl
    jne @259
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@259:
    adc eax, eax
    jb @269
    add dl, dl
    jne @260
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@260:
    jb @258
    sub eax, ebx
    mov ebx, 1h
    jne @264
    mov ecx, 1h

@261:
    add dl, dl
    jne @262
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@262:
    adc ecx, ecx
    jb @269
    add dl, dl
    jne @263
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@263:
    jb @261
    push ecx
    mov ecx, dword[esp + 3Ch]
    sub ecx, dword[esp + 4h]
    cmp ebp, ecx
    pop ecx
    ja @269
    sub dword[esp], ecx
    jb @269
    push esi
    mov esi, edi
    sub esi, ebp
    rep movsb
    pop esi
    jmp @248

@264:
    dec eax
    test eax, 0FF000000h
    jne @269
    shl eax, 8h
    sub dword[esp + 4h], 1h
    jb @269
    mov al, byte[esi]
    inc esi
    mov ebp, eax
    mov ecx, 1h

@265:
    add dl, dl
    jne @266
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@266:
    adc ecx, ecx
    jb @269
    add dl, dl
    jne @267
    sub dword[esp + 4h], 1h
    jb @269
    mov dl, byte[esi]
    inc esi
    add dl, dl
    inc dl

@267:
    jb @265
    cmp eax, 7D00h
    sbb ecx,  -1h
    cmp eax, 500h
    sbb ecx,  -1h
    cmp eax, 80h
    adc ecx, 0h
    cmp eax, 80h
    adc ecx, 0h
    push ecx
    mov ecx, dword[esp + 3Ch]
    sub ecx, dword[esp + 4h]
    cmp eax, ecx
    pop ecx
    ja @269
    sub dword[esp], ecx
    jb @269
    push esi
    mov esi, edi
    sub esi, eax
    rep movsb
    pop esi
    jmp @248

@268:
    sub dword[esp + 4h], 1h
    jb @269
    mov al, byte[esi]
    inc esi
    xor ecx, ecx
    shr al, 1h
    je @270
    adc ecx, 2h
    mov ebp, eax
    push ecx
    mov ecx, dword[esp + 3Ch]
    sub ecx, dword[esp + 4h]
    cmp eax, ecx
    pop ecx
    ja @269
    sub dword[esp], ecx
    jb @269
    push esi
    mov esi, edi
    sub esi, eax
    rep movsb
    pop esi
    mov ebx, 1h
    jmp @248

@269:
    add esp, 8h
    popad
    or eax, 0FFFFFFFFh
    ret

@270:
    add esp, 8h
    sub edi, dword[esp + 2Ch]
    mov dword[esp + 1Ch], edi
    popad
    ret

aPsafe_pack:
    pushad
    mov ebp, esp
    mov esi, dword[ebp + 24h]
    mov edi, dword[ebp + 28h]
    mov ecx, dword[ebp + 2Ch]
    or eax, 0FFFFFFFFh
    test esi, esi
    je @272
    test edi, edi
    je @272
    test ecx, ecx
    je @272
    mov ebx, SIGN
    mov dword[edi], ebx
    mov ebx, 18h
    mov dword[edi + 4h], ebx
    add ebx, edi
    mov dword[edi + 10h], ecx
    push ecx
    push esi
    call aP_crc32
    add esp, 8h
    mov dword[edi + 14h], eax
    push dword[ebp + 38h]
    push dword[ebp + 34h]
    push dword[ebp + 30h]
    push ecx
    push ebx
    push esi
    call aP_pack
    add esp, 18h
    cmp eax,  -1h
    je @272
    mov dword[edi + 8h], eax
    mov edx, eax
    push eax
    push ebx
    call aP_crc32
    add esp, 8h
    mov dword[edi + 0Ch], eax
    lea eax, [edx + 18h]

@272:
    mov dword[esp + 1Ch], eax
    popad
    ret

aPsafe_get_orig_size:
    pushad
    mov esi, dword[esp + 24h]
    mov ebx, dword[esi]
    or eax, 0FFFFFFFFh
    cmp ebx, SIGN
    jne @274
    mov ebx, dword[esi + 4h]
    cmp ebx, 18h
    jb @274
    mov eax, dword[esi + 10h]

@274:
    mov dword[esp + 1Ch], eax
    popad
    ret

aP_crc32:
    pushad
    mov edx, dword[esp + 24h]
    mov ecx, dword[esp + 28h]
    xor eax, eax
    test ecx, ecx
    je @275
    not eax

@276:
    xor al, byte[edx]
    inc edx
    mov bl, 8h

@277:
    shr eax, 1h
    jae @278
    xor eax, 0EDB88320h

@278:
    dec bl
    jne @277
    dec ecx
    jne @276
    not eax

@275:
    mov dword[esp + 1Ch], eax
    popad
    ret
Подякували: reverse2500, HetmanNet, 0xDADA11C73

3

Re: [FASM] Реверс ApLib 1.1.0 та "example\appack.c" на ассемблері

Шкода що його юзають лиш на вінді, а то би пригодився :)

Віддамся на один вечір в хороші дівочі руки.. не дорого, в у.о. .. Якщо сподобається, то залишуся безкоштовно назавжди..