Skip to content

Instantly share code, notes, and snippets.

@AltimorTASDK

AltimorTASDK/ow_unpacker.c

Created October 10, 2018 04:25
Show Gist options
  • Save AltimorTASDK/3e137abb3b62a4451b26df64bd0ed462 to your computer and use it in GitHub Desktop.
Save AltimorTASDK/3e137abb3b62a4451b26df64bd0ed462 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ow_unpacker.c
void __usercall __noreturn start(__int64 a1@<rcx>, unsigned __int64 a2@<r13>, double _ST7@<st0>, __int64 a4, __int64 a5, __int64 a6, __int64 a7, __int64 a8, __int64 a9, __int64 a10, __int64 a11, __int64 a12, __int64 a13, __int64 a14, __int64 a15, __int64 a16, __int64 a17, __int64 a18, __int64 a19, __int64 a20, __int64 a21, __int64 a22, __int64 a23, __int64 a24, __int64 a25, __int64 a26, __int64 a27, __int64 a28, __int64 a29, __int64 a30, __int64 a31, __int64 a32, __int64 a33, __int64 a34, __int64 a35, __int64 a36, __int64 a37, __int64 a38, __int64 a39, __int64 a40, __int64 a41, __int64 a42, __int64 a43, __int64 a44, __int64 a45, __int64 a46, __int64 a47, __int64 a48, __int64 a49, __int64 a50, __int64 a51, __int64 a52, __int64 a53, __int64 a54, __int64 a55, __int64 a56, __int64 a57, __int64 a58, __int64 a59, __int64 a60, __int64 a61, __int64 a62, __int64 a63)
{
char *_RBP; // rbp@1
void (__fastcall *v66)(signed __int64); // r13@1
PLIST_ENTRY InMemoryOrderModuleList; // rbx@2
_LDR_DATA_TABLE_MEM_ENTRY *ModuleEntry; // r9@2
int NameHash; // edx@3
unsigned __int64 Idx; // rcx@3
int ByteVal; // eax@4
_IMAGE_NT_HEADERS *NtHeader; // rdx@10
ULONG_PTR ResourceRVA; // rax@12
ULONG_PTR ResourceDirectory; // rbx@14
__int64 v75; // rax@14
char *v76; // r15@15
__int64 v77; // rax@15
char *v78; // rdi@16
__int64 v79; // rax@16
char *v80; // r14@17
int v81; // er10@17
__int64 v82; // rcx@18
unsigned int v83; // edx@21
__int128 _XMM1; // xmm1@26
bool v89; // zf@26
char v90; // sf@26
char v91; // of@26
_DWORD *v92; // rax@26
__int64 v93; // rdi@30
__int64 v94; // rax@30
_QWORD *v95; // rbx@31
_QWORD *v96; // r9@31
unsigned __int16 *v97; // r8@32
int v98; // edx@32
unsigned __int64 v99; // rcx@32
int v100; // eax@33
_QWORD *v101; // r12@37
__int64 v102; // r15@37
__int16 v103; // cx@38
_DWORD *v104; // rdx@39
__int64 v105; // rax@41
__int64 v106; // rcx@41
__int64 v107; // rax@41
unsigned __int64 v108; // rbx@43
__int64 v109; // rax@43
unsigned __int64 v110; // rsi@44
__int64 v111; // rax@44
unsigned __int64 v112; // rdi@45
__int64 v113; // rax@45
unsigned __int64 v114; // r14@46
unsigned int v115; // er10@46
unsigned int v116; // eax@47
__int64 v117; // rcx@47
_BYTE *v118; // r9@48
_IMAGE_DOS_HEADER *DosHeader; // r11@60
unsigned int v124; // eax@62
unsigned __int64 v125; // r11@66
__int64 v126; // rax@70
__int64 v127; // rsi@78
__int64 v128; // rcx@79
signed int v129; // er8@81
signed int v130; // eax@84
signed int v131; // eax@91
int v132; // eax@96
int v133; // eax@103
int v134; // eax@109
__int64 v135; // rax@116
__int64 v136; // rcx@117
__int64 v137; // r14@118
__int64 v138; // rdx@119
unsigned __int64 v139; // r10@119
unsigned __int64 v140; // rbx@119
unsigned int v141; // eax@120
unsigned int v142; // edi@123
unsigned __int64 v143; // r11@123
int v144; // eax@125
__int16 v145; // cx@125
unsigned __int64 v146; // rdi@136
__int64 v147; // rdx@137
unsigned __int64 v148; // rcx@137
unsigned int v149; // ebx@137
unsigned __int64 v150; // rax@137
signed __int64 v151; // rax@140
int v152; // edx@140
unsigned __int64 v153; // rcx@140
unsigned __int64 v154; // rdi@140
int v155; // eax@141
unsigned __int64 v157; // rdi@144
__int64 v158; // rdx@144
__int64 _RAX; // rax@145
unsigned __int64 v160; // rcx@145
__int64 _RBX; // rbx@147
int _EAX; // eax@147
__int64 _RAX; // rax@147
__int64 _RAX; // rax@147
__int64 _RAX; // rax@147
unsigned __int64 v183; // rdi@148
unsigned __int64 v184; // rcx@148
int v185; // eax@149
int v186; // edx@151
unsigned __int64 v187; // rbx@152
int v188; // er8@152
__m128i v189; // xmm1@152
__m128i v190; // xmm2@152
unsigned __int64 v191; // rcx@153
unsigned __int64 v192; // r9@153
int v193; // eax@154
const __m128i *v194; // rax@157
unsigned __int64 v195; // rcx@157
__m128i v196; // xmm0@158
unsigned __int64 v197; // rcx@160
unsigned __int64 v198; // rdi@160
int v199; // eax@161
unsigned __int64 v200; // rcx@164
int v201; // eax@165
unsigned __int64 v202; // rdi@167
unsigned __int64 v203; // rdi@167
__int64 v204; // rax@167
__int64 v205; // rbx@167
__int64 v206; // r8@167
unsigned __int64 v207; // rdi@167
unsigned __int64 v208; // rdi@167
unsigned __int64 v209; // rdi@167
int v210; // [sp-8h] [bp-B0h]@26
__int64 v211; // [sp+20h] [bp-88h]@26
signed int v212; // [sp+28h] [bp-80h]@26
__int128 v213; // [sp+30h] [bp-78h]@26
__int128 v214; // [sp+40h] [bp-68h]@26
__int64 v215; // [sp+48h] [bp-60h]@1
__int128 v216; // [sp+50h] [bp-58h]@26
__int64 v217; // [sp+60h] [bp-48h]@26
__int64 v218; // [sp+68h] [bp-40h]@26
_RBP = (char *)&v215 + 1;
v66 = 0i64;
if ( *MK_FP(__GS__, 0x60i64) )
{
// &Teb->Peb->Ldr->InMemoryOrderModuleList
InMemoryOrderModuleList = (PLIST_ENTRY)(*(_QWORD *)(*MK_FP(__GS__, 0x60i64) + 0x18i64) + 0x20i64);
ModuleEntry = (_LDR_DATA_TABLE_MEM_ENTRY *)InMemoryOrderModuleList->Flink;
if ( InMemoryOrderModuleList->Flink != InMemoryOrderModuleList )
{
while ( 1 )
{
NameHash = 0x811C9DC5;
Idx = 0i64;
if ( ModuleEntry->BaseDllName.Length )
{
do
{
ByteVal = *((_BYTE *)ModuleEntry->BaseDllName.Buffer + Idx++);
NameHash = 0x1000193 * (NameHash ^ (ByteVal | 0x20));
}
while ( Idx < ModuleEntry->BaseDllName.Length );
}
if ( NameHash == 0x2A110E67 )
break;
ModuleEntry = (_LDR_DATA_TABLE_MEM_ENTRY *)ModuleEntry->InMemoryOrderLinks.Flink;
if ( (PLIST_ENTRY)ModuleEntry == InMemoryOrderModuleList )
goto exit2;
}
// if (true)
if ( ModuleEntry != (_LDR_DATA_TABLE_MEM_ENTRY *)16 )
{
DosHeader = (_IMAGE_DOS_HEADER *)ModuleEntry->DllBase;
if ( DosHeader )
{
if ( DosHeader )
{
if ( DosHeader->e_magic == 'ZM' )
{
NtHeader = (_IMAGE_NT_HEADERS *)((char *)DosHeader + DosHeader->e_lfanew);
if ( NtHeader )
{
if ( NtHeader->Signature == 'EP' )
{
// IMAGE_DIRECTORY_ENTRY_RESOURCE
ResourceRVA = NtHeader->OptionalHeader.DataDirectory[2].VirtualAddress;
if ( (_DWORD)ResourceRVA )
{
if ( NtHeader->OptionalHeader.DataDirectory[2].Size )
{
ResourceDirectory = (ULONG_PTR)&DosHeader->e_magic + ResourceRVA;
// ResourceDirectory + 0x1C
// 800000A0
v75 = *(_DWORD *)((char *)DosHeader->e_res + ResourceRVA);
if ( (_DWORD)v75 )
{
v76 = (char *)DosHeader + v75;
// 00000005
v77 = *(_DWORD *)(ResourceDirectory + 0x20);
if ( (_DWORD)v77 )
{
v78 = (char *)DosHeader + v77;
// 800000B8
v79 = *(_DWORD *)(ResourceDirectory + 0x24);
if ( (_DWORD)v79 )
{
v80 = (char *)DosHeader + v79;
v81 = 0;
// 00000004
if ( *(_DWORD *)(ResourceDirectory + 0x18) > 0u )
{
while ( 1 )
{
v82 = *(_DWORD *)&v78[4 * v81];
if ( (_DWORD)v82 )
{
if ( (_IMAGE_DOS_HEADER *)((char *)DosHeader + v82) )
v89 = *((_BYTE *)&DosHeader->e_magic + v82) == 0;
v83 = 0x811C9DC5;
if ( v83 == 0x3625758E )
break;
}
if ( (unsigned int)++v81 >= *(_DWORD *)(ResourceDirectory + 0x18) )
goto LABEL_25;
}
v124 = *(_DWORD *)&v76[4 * *(_WORD *)&v80[2 * v81]];
if ( v124 && (_IMAGE_DOS_HEADER *)((char *)DosHeader + v124) )
{
v211 = *(_QWORD *)L"ERROR";
v212 = 82;
LODWORD(v218) = *(_DWORD *)L"itialization Failed: #";
v213 = *(_OWORD *)L"Game Initialization Failed: #";
v214 = *(_OWORD *)L"me Initialization Failed: #";
_XMM1 = *(unsigned __int64 *)L"nitialization Failed: #";
v216 = *(_OWORD *)L" Initialization Failed: #";
v217 = *(_QWORD *)L"nitialization Failed: #";
LOWORD(v218) = word_14281D030;
LODWORD(v92) = ((int (__fastcall *)(_QWORD, __int128 *, __int64 *, signed __int64))((char *)DosHeader + v124))(
0i64,
&v213,
&v211,
16i64);
if ( (unsigned __int8)(v90 ^ v91) | v89
&& !((unsigned __int8)(v90 ^ v91) | v89)
&& (unsigned __int8)(v90 ^ v91) | v89 )
{
*v92 += (_DWORD)v92;
_RBP = (char *)(unsigned int)(v210 + 17);
}
*(_QWORD *)(_RBP + 103) = 255990157i64;
*(_QWORD *)(_RBP + 103) = *(_QWORD *)(_RBP + 103);
v93 = *(_QWORD *)(_RBP + 103);
*(_DWORD *)(_RBP + 103) = -3096;
*(_DWORD *)(_RBP + 103) = *(_DWORD *)(_RBP + 103);
*(_DWORD *)(_RBP + 103) += 2341;
*(_DWORD *)(_RBP + 103) += 851;
*(_DWORD *)(_RBP + 103) = *(_DWORD *)(_RBP + 103);
*(_DWORD *)(_RBP + 103) = *(_DWORD *)(_RBP + 103);
v94 = *(_DWORD *)(_RBP + 103);
if ( *MK_FP(__GS__, v94) )
{
v95 = (_QWORD *)(*(_QWORD *)(*MK_FP(__GS__, v94)
+ 24i64)
+ 32i64);
v96 = (_QWORD *)*v95;
if ( (_QWORD *)*v95 != v95 )
{
while ( 1 )
{
v97 = (unsigned __int16 *)*((_WORD *)v96 + 36);
v98 = -2128831035;
v99 = 0i64;
if ( *((_WORD *)v96 + 36) )
{
do
{
v100 = *(_BYTE *)(v99++ + v96[10]);
v98 = 16777619
* (v98 ^ (v100 | 0x20));
}
while ( v99 < (unsigned __int64)v97 );
}
if ( v98 == (_DWORD)v93 )
break;
v96 = (_QWORD *)*v96;
if ( v96 == v95 )
goto LABEL_36;
}
if ( v96 != (_QWORD *)16 )
{
v125 = v96[4];
if ( v125 )
{
*(_QWORD *)(_RBP + 119) = 1155i64;
*(_QWORD *)(_RBP + 119) ^= 0xC7ui64;
*(_QWORD *)(_RBP + 119) ^= 0x444ui64;
*(_QWORD *)(_RBP + 103) = 1386532519i64;
*(_QWORD *)(_RBP + 103) ^= 0xC32ui64;
*(_QWORD *)(_RBP + 103) += 3272i64;
*(_QWORD *)(_RBP + 103) -= 1040i64;
*(_QWORD *)(_RBP + 103) ^= 0x477ui64;
v101 = *(_QWORD **)(_RBP + 119);
v102 = *(_QWORD *)(_RBP + 103);
if ( !v125 )
goto LABEL_72;
*(_DWORD *)(_RBP + 103) = 18358;
*(_DWORD *)(_RBP + 103) ^= 0x9DCu;
*(_DWORD *)(_RBP + 103) += 4435;
v103 = *(_WORD *)v125;
*(_DWORD *)(_RBP + 103) -= 1392;
if ( v103 != (unsigned __int16)*(_DWORD *)(_RBP + 103) )
goto LABEL_72;
v104 = (_DWORD *)(v125
+ *(_DWORD *)(v125 + 60));
if ( !v104 )
goto LABEL_72;
*(_DWORD *)(_RBP + 103) = 12465;
*(_DWORD *)(_RBP + 103) ^= 0x9DCu;
*(_DWORD *)(_RBP + 103) += 4435;
*(_DWORD *)(_RBP + 103) -= 1392;
if ( *v104 != *(_DWORD *)(_RBP + 103) )
goto LABEL_72;
*(_DWORD *)(_RBP + 103) = -575;
*(_DWORD *)(_RBP + 103) ^= 0x9DCu;
*(_DWORD *)(_RBP + 103) += 4435;
*(_DWORD *)(_RBP + 103) -= 1392;
v105 = *(_DWORD *)(_RBP + 103);
v106 = v105;
v107 = v104[2 * v105 + 34];
if ( !(_DWORD)v107 )
goto LABEL_72;
if ( !v104[2 * v106 + 35] )
goto LABEL_72;
v108 = v125 + v107;
v109 = *(_DWORD *)(v125 + v107 + 28);
if ( !(_DWORD)v109 )
goto LABEL_72;
v110 = v125 + v109;
v111 = *(_DWORD *)(v108 + 32);
if ( !(_DWORD)v111 )
goto LABEL_72;
v112 = v125 + v111;
v113 = *(_DWORD *)(v108 + 36);
if ( !(_DWORD)v113 )
goto LABEL_72;
v114 = v125 + v113;
v115 = 0;
if ( *(_DWORD *)(v108 + 24) <= 0u )
goto LABEL_72;
while ( 1 )
{
v116 = v115;
v117 = *(_DWORD *)(v112 + 4i64 * v115);
if ( (_DWORD)v117 )
{
v118 = (_BYTE *)(v125 + v117);
if ( (signed int)v117 < 0
&& (signed int)v117 >= 0
&& (signed int)v117 < 0 )
{
BYTE1(v104) = -BYTE1(v104);
if ( !BYTE1(v104) )
{
if ( (_DWORD)v114 == 2 )
v116 = v112 ^ v115;
v127 = a65;
*((_DWORD *)_RBP + 2) = v116;
if ( *(_WORD *)v127 == (unsigned __int16)*((_DWORD *)_RBP + 2) )
{
v128 = v127 + *(_DWORD *)(v127 + 60);
if ( v128 )
{
if ( (_DWORD)v114 )
{
if ( (_DWORD)v114 == 1 )
{
v129 = 17744 - v112;
}
else
{
v130 = v112 ^ 0x4550;
if ( (_DWORD)v114 != 2 )
v130 = 17744;
v129 = v130;
}
}
else
{
v129 = v112 + 17744;
}
if ( (_DWORD)v101 )
{
if ( (_DWORD)v101 == 1 )
{
v97 = (unsigned __int16 *)(unsigned int)(v129 - v102);
}
else
{
v131 = v102 ^ v129;
if ( (_DWORD)v101 != 2 )
v131 = v129;
v97 = (unsigned __int16 *)(unsigned int)v131;
}
}
else
{
v97 = (unsigned __int16 *)(unsigned int)(v102 + v129);
}
if ( (_DWORD)v118 )
{
if ( (_DWORD)v118 != 1 )
{
v132 = (signed int)v97;
if ( (_DWORD)v118 != 2 )
v132 = (signed int)v97;
LODWORD(v97) = v132;
}
if ( (_DWORD)v118 == 1 )
{
v97 = (unsigned __int16 *)(unsigned int)v97;
}
else
{
v97 = (unsigned __int16 *)(unsigned int)v97;
if ( (_DWORD)v118 != 2 )
v97 = (unsigned __int16 *)(unsigned int)v97;
}
}
*((_DWORD *)_RBP + 2) = (_DWORD)v97;
v133 = *((_DWORD *)_RBP + 2);
if ( (_DWORD)v101 )
{
if ( (_DWORD)v101 == 1 )
{
v133 += v102;
}
else if ( (_DWORD)v101 == 2 )
{
v133 ^= v102;
}
}
else
{
v133 -= v102;
}
*((_DWORD *)_RBP + 2) = v133;
v134 = *((_DWORD *)_RBP + 2);
if ( (_DWORD)v114 )
{
if ( (_DWORD)v114 == 1 )
{
v134 += v112;
}
else if ( (_DWORD)v114 == 2 )
{
v134 ^= v112;
}
}
else
{
v134 -= v112;
}
*((_DWORD *)_RBP + 2) = v134;
if ( *(_DWORD *)v128 == *((_DWORD *)_RBP + 2) )
{
v135 = *(_DWORD *)(v128 + 176);
if ( (_DWORD)v135 )
{
v136 = *(_DWORD *)(v128 + 180);
if ( (_DWORD)v136 )
{
v137 = *((_QWORD *)_RBP + 4) - (_QWORD)v104;
if ( *((_DWORD **)_RBP + 4) != v104 )
{
v138 = (unsigned int)*((_QWORD *)_RBP + 11) - (unsigned int)v127;
v139 = v135 + v127;
v140 = v127 + v135 + v136;
*((_QWORD *)_RBP + 11) = v138;
v118 = (_BYTE *)(unsigned int)(v138 + 4096);
if ( v135 + v127 < v140 )
{
do
{
v141 = *(_DWORD *)v139;
if ( !*(_DWORD *)v139 )
break;
if ( v141 >= (unsigned int)v138 && v141 < (unsigned int)v118 )
{
v142 = 0;
v143 = ((unsigned __int64)*(_DWORD *)(v139 + 4) - 8) >> 1;
if ( (_DWORD)v143 )
{
v97 = (unsigned __int16 *)(v139 + 8);
do
{
v144 = *(_DWORD *)v139 + (*v97 & 0xFFF);
v145 = *v97 >> 12;
if ( v144 >= (unsigned int)v118 )
break;
if ( v145 == 3 )
{
if ( (unsigned __int64)(unsigned int)v144 + 4 <= (unsigned int)v118 )
*(_DWORD *)((unsigned int)v144 + v127) += v137;
}
else if ( v145 == 10 && (unsigned __int64)(unsigned int)v144 + 8 <= (unsigned int)v118 )
{
*(_QWORD *)((unsigned int)v144 + v127) += v137;
}
++v142;
++v97;
}
while ( v142 < (unsigned int)v143 );
v138 = *((_QWORD *)_RBP + 11);
}
}
v139 += *(_DWORD *)(v139 + 4);
}
while ( v139 < v140 );
v125 = 0i64;
}
}
}
}
}
}
}
*(_QWORD *)_RBP = 904i64;
*(_QWORD *)_RBP = *(_QWORD *)_RBP;
*(_QWORD *)_RBP += 2341i64;
*(_QWORD *)_RBP += 851i64;
*(_QWORD *)_RBP = *(_QWORD *)_RBP;
v146 = (unsigned int)*(_QWORD *)_RBP;
*((_QWORD *)_RBP + 4) = xmmword_1428215D0;
if ( (unsigned __int8)(*((_QWORD *)_RBP + 4) >> 48) == 1 )
{
v147 = *((_QWORD *)_RBP + 2);
v148 = v146 >> 3;
v149 = v125;
v150 = v125;
if ( v146 >> 3 )
{
do
v149 = _mm_crc32_u64(v149, *(_QWORD *)(v147 + 8 * v150++));
while ( v150 < v148 );
}
if ( v146 & 7 )
{
v151 = 8 * v148;
v97 = (unsigned __int16 *)(v148 + v147);
v152 = -2128831035;
v153 = v125;
v154 = v146 - v151;
if ( v154 )
{
do
{
v155 = *((_BYTE *)v97 + v153++);
v152 = 16777619 * (v152 ^ v155);
}
while ( v153 < v154 );
}
LABEL_142:
v149 ^= v152;
}
}
else if ( BYTE8(xmmword_1428215D0) == 1 )
{
__asm { vmovdqu ymm0, cs:ymmword_1423FF398 }
v97 = (unsigned __int16 *)(v146 & 0x1F);
v157 = v146 >> 5;
*((_QWORD *)_RBP + 18) = 0i64;
*((_QWORD *)_RBP + 19) = 0i64;
*((_QWORD *)_RBP + 20) = 0i64;
*((_QWORD *)_RBP + 21) = 0i64;
__asm
{
vmovdqu ymmword ptr [rbp+90h], ymm0
vzeroupper
}
v158 = *((_QWORD *)_RBP + 2);
if ( v157 )
{
_RAX = *((_QWORD *)_RBP + 2);
v160 = v157;
do
{
__asm
{
vmovdqu ymm0, ymmword ptr [rax]
vpxor ymm1, ymm0, ymmword ptr [rbp+90h]
vpmulld ymm0, ymm1, cs:ymmword_1423FF3D8
vmovdqu ymmword ptr [rbp+90h], ymm0
}
_RAX += 32i64;
--v160;
__asm { vzeroupper }
}
while ( v160 );
}
__asm
{
vmovdqu ymm1, ymmword ptr [rbp+90h]
vmovdqa xmm0, xmm1
vmovq rbx, xmm1
vpsrldq xmm0, xmm0, 4
vmovd eax, xmm0
vmovdqa xmm0, xmm1
vpsrldq xmm0, xmm0, 8
vmovdqu ymmword ptr [rbp+90h], ymm1
}
LODWORD(_RBX) = _EAX ^ _RBX;
__asm { vmovq rax, xmm0 }
LODWORD(_RBX) = _RAX ^ _RBX;
__asm
{
vmovdqa xmm0, xmm1
vpsrldq xmm0, xmm0, 0Ch
vmovd eax, xmm0
vextractf128 xmm0, ymm1, 1
}
LODWORD(_RBX) = _RAX ^ _RBX;
__asm { vmovq rax, xmm0 }
LODWORD(_RBX) = _RAX ^ _RBX;
__asm
{
vextractf128 xmm0, ymm1, 1
vpsrldq xmm0, xmm0, 4
vmovd eax, xmm0
vextractf128 xmm0, ymm1, 1
vpsrldq xmm0, xmm0, 8
}
LODWORD(_RBX) = _RAX ^ _RBX;
__asm { vmovq rax, xmm0 }
LODWORD(_RBX) = _RAX ^ _RBX;
__asm
{
vextractf128 xmm0, ymm1, 1
vpsrldq xmm0, xmm0, 0Ch
vmovd eax, xmm0
}
v149 = _RAX ^ _RBX;
__asm { vzeroupper }
if ( v97 )
{
v183 = v158 + v157;
v184 = v125;
v152 = -2128831035;
if ( !v97 )
goto LABEL_142;
do
{
v185 = *(_BYTE *)(v184++ + v183);
v152 = 16777619 * (v152 ^ v185);
}
while ( v184 < (unsigned __int64)v97 );
v149 ^= v152;
}
}
else
{
v186 = -2128831035;
if ( _RBP[39] == 1 )
{
v187 = *((_QWORD *)_RBP + 2);
*((_QWORD *)_RBP + 23) = 0i64;
v188 = v125;
*((_QWORD *)_RBP + 24) = 0i64;
v189 = _mm_loadu_si128((const __m128i *)&ymmword_1423FF398);
v190 = _mm_loadu_si128((const __m128i *)&xmmword_1423FF3B8);
if ( v187 & 0xF )
{
v188 = -2128831035;
v191 = v125;
v192 = (v187 & 0xFFFFFFFFFFFFFFF0ui64) + 16 - v187;
if ( (v187 & 0xFFFFFFFFFFFFFFF0ui64) + 16 != v187 )
{
do
{
v193 = *(_BYTE *)(v191++ + v187);
v188 = 16777619 * (v188 ^ v193);
}
while ( v191 < v192 );
}
v187 = (v187 & 0xFFFFFFFFFFFFFFF0ui64) + 16;
v146 -= v192;
}
v118 = (_BYTE *)(v146 >> 4);
if ( v146 >> 4 )
{
v194 = (const __m128i *)v187;
v195 = v146 >> 4;
do
{
v196 = _mm_load_si128(v194);
++v194;
v189 = _mm_mullo_epi16(_mm_xor_si128(v196, v189), v190);
--v195;
}
while ( v195 );
}
_mm_storeu_si128((__m128i *)(_RBP + 184), v189);
v97 = (unsigned __int16 *)(_mm_cvtsi128_si32(_mm_srli_si128(v189, 12)) ^ (unsigned int)*(_OWORD *)&_mm_srli_si128(v189, 8) ^ _mm_cvtsi128_si32(_mm_srli_si128(v189, 4)) ^ v189.m128i_i32[0] ^ v188);
if ( v146 & 0xF )
{
v118 = (_BYTE *)(16i64 * (_QWORD)v118);
v197 = v125;
v198 = v146 - (_QWORD)v118;
if ( v198 )
{
do
{
v199 = *(&v118[v187] + v197++);
v186 = 16777619 * (v186 ^ v199);
}
while ( v197 < v198 );
}
v97 = (unsigned __int16 *)(v186 ^ (unsigned int)v97);
}
v149 = (unsigned int)v97;
}
else
{
v200 = v125;
if ( v146 )
{
do
{
v201 = *(_BYTE *)(v200++ + *((_QWORD *)_RBP + 2));
v186 = 16777619 * (v186 ^ v201);
}
while ( v200 < v146 );
}
v149 = v186;
}
}
*((_QWORD *)_RBP + 7) = 0x768863165ACBAD1i64;
*((_QWORD *)_RBP + 14) = 0xCEF1BB784BE20FFCi64;
((void (__fastcall *)(char *, char *, unsigned __int16 *, _BYTE *))dword_1400B1C64)(
_RBP + 112,
_RBP + 56,
v97,
v118);
v202 = *((_QWORD *)_RBP + 14) ^ ((unsigned int)*(_QWORD *)(*((_QWORD *)_RBP + 8) + 72i64) | (((unsigned int)*(_QWORD *)(*((_QWORD *)_RBP + 8) + 72i64) ^ (unsigned int)~(*(_QWORD *)((char *)&_ImageBase + (*((_QWORD *)_RBP + 7) & 0xFFFi64) + 42074160) >> 32) ^ (((unsigned int)*(_QWORD *)(*((_QWORD *)_RBP + 8) + 72i64) | (((unsigned __int64)((unsigned int)*(_QWORD *)((char *)&_ImageBase + (*((_QWORD *)_RBP + 7) >> 52) + 42074160) - (unsigned int)*(_QWORD *)(*((_QWORD *)_RBP + 8) + 72i64)) ^ (*(_QWORD *)(*((_QWORD *)_RBP + 8) + 72i64) >> 32)) << 32)) >> 32)) << 32));
v203 = (unsigned int)v202 | (((unsigned int)v202 ^ 0xB41DF003 ^ (v202 >> 32)) << 32);
v204 = __ROL8__(-2411744209887138688i64, 1);
*(_DWORD *)(*((_QWORD *)_RBP + 15) + ((((unsigned int)((*(_QWORD *)((char *)&_ImageBase + (*((_QWORD *)_RBP + 7) >> 52) + 42074160) >> 32) - v203) ^ (v203 >> 32)) << 32) | (unsigned int)v203) + 4) = (qword_142820DC7 + v204) ^ v149;
v205 = *((_QWORD *)_RBP + 15);
*((_QWORD *)_RBP + 9) = 0x768863165ACBAD1i64;
*((_QWORD *)_RBP + 16) = 0xCEF1BB784BE20FFCi64;
((void (__fastcall *)(char *, char *))dword_1400B1C64)(
_RBP + 128,
_RBP + 72);
v206 = *((_QWORD *)_RBP + 8);
v207 = (unsigned int)*(_QWORD *)(v206 + 72) | ((((unsigned int)*(_QWORD *)((char *)&_ImageBase + (*((_QWORD *)_RBP + 9) >> 52) + 42074160) - (unsigned int)*(_QWORD *)(v206 + 72)) ^ (*(_QWORD *)(v206 + 72) >> 32)) << 32);
v208 = *((_QWORD *)_RBP + 16) ^ ((unsigned int)v207 | (((unsigned int)v207 ^ (unsigned int)~(*(_QWORD *)((char *)&_ImageBase + (*((_QWORD *)_RBP + 9) & 0xFFFi64) + 42074160) >> 32) ^ (v207 >> 32)) << 32));
v209 = (unsigned int)v208 | (((unsigned int)v208 ^ 0xB41DF003 ^ (v208 >> 32)) << 32);
*(_BYTE *)(((unsigned int)v209 | (((unsigned int)((*(_QWORD *)((char *)&_ImageBase + (*((_QWORD *)_RBP + 9) >> 52) + 42074160) >> 32) - v209) ^ (v209 >> 32)) << 32)) + v205) = (qword_142820E59 - _RBP[176]) ^ 1;
_InterlockedExchange(
(volatile signed __int32 *)(v206 + 3068),
0);
JUMPOUT(locret_1400B776C);
}
}
if ( v118 )
v89 = *v118 == 0;
v97 = 0i64;
v104 = (_DWORD *)0x811C9DC5;
if ( (_DWORD)v104 == (_DWORD)v102 )
{
if ( v101 )
*v101 = v110 + 4i64 * *(_WORD *)(v114 + 2i64 * v115);
v126 = *(_DWORD *)(v110 + 4i64 * *(_WORD *)(v114 + 2i64 * v115));
if ( (_DWORD)v126 )
v66 = (void (__fastcall *)(signed __int64))(v125 + v126);
LABEL_72:
if ( !*(_QWORD *)(_RBP + 111) )
__fastfail(0);
v66(1i64);
__fastfail(0);
}
}
if ( ++v115 >= *(_DWORD *)(v108 + 24) )
goto LABEL_72;
}
}
}
}
}
LABEL_36:
__fastfail(0);
}
}
}
}
}
}
}
}
}
}
}
LABEL_25:
__fastfail(0);
}
}
}
}
exit2:
__fastfail(0);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment