ghoulgy/ghidra_decompiled_wmi_process_call.c

## ghidra_decompiled_wmi_process_call.c
void FUN_140001070(int param_1,longlong param_2,undefined8 param_3,undefined8 param_4)

{
  u_short uVar1;
  HRESULT HVar2;
  int iVar3;
  basic_ostream<char,struct_std::char_traits<char>_> *this;
  longlong *plVar4;
  undefined8 uVar5;
  wchar_t *pwVar6;
  undefined8 uVar7;
  wchar_t *pwVar8;
  undefined *puVar9;
  longlong **pplVar10;
  undefined auStackY744 [32];
  longlong *local_298;
  longlong *local_290;
  longlong *local_288;
  longlong *wbemLocator;
  longlong *local_278;
  longlong *local_270;
  longlong *local_268;
  undefined8 local_260;
  undefined2 local_258;
  wchar_t *local_250;
  undefined2 local_240;
  longlong *local_238;
  wchar_t local_228 [264];
  ulonglong local_18;

  local_18 = DAT_140005008 ^ (ulonglong)auStackY744;
  if (param_1 == 2) {
    uVar1 = htons(0x4081);
    this = std::basic_ostream<char,struct_std::char_traits<char>_>::operator<<
                     ((basic_ostream<char,struct_std::char_traits<char>_> *)cout_exref,(uint)uVar1);
    std::basic_ostream<char,struct_std::char_traits<char>_>::operator<<(this,FUN_140001400);
    CoInitializeEx((LPVOID)0x0,0);
    puVar9 = &DAT_1400032c0;
    wbemLocator = (longlong *)0x0;
    uVar5 = 0;
    uVar7 = 1;
    HVar2 = CoCreateInstance((IID *)&DAT_1400032b0,(LPUNKNOWN)0x0,1,(IID *)&DAT_1400032c0,
                             &wbemLocator);
    if (HVar2 < 0) {
      CoUninitialize();
      FUN_140001010("failed1\n",uVar5,uVar7,puVar9);
    }
    else {
      pplVar10 = (longlong **)0x0;
      pwVar6 = L"ROOT\\CIMV2";
      local_298 = (longlong *)0x0;
      pwVar8 = (wchar_t *)0x0;
      iVar3 = (**(code **)(*wbemLocator + 0x18))();
      plVar4 = wbemLocator;
      if (-1 < iVar3) {
        pplVar10 = (longlong **)0x0;
        pwVar8 = (wchar_t *)0x0;
        pwVar6 = (wchar_t *)0xa;
        HVar2 = CoSetProxyBlanket((IUnknown *)0x0,10,0,(OLECHAR *)0x0,3,3,
                                  (RPC_AUTH_IDENTITY_HANDLE)0x0,0);
        plVar4 = wbemLocator;
        if (-1 < HVar2) {
          local_288 = (longlong *)0x0;
          pplVar10 = (longlong **)0x0;
          pwVar8 = (wchar_t *)0x0;
          pwVar6 = L"Win32_ProcessStartup";
          iVar3 = (**(code **)(lRam0000000000000000 + 0x30))();
          plVar4 = local_288;
          if (-1 < iVar3) {
            local_268 = (longlong *)0x0;
            pwVar8 = (wchar_t *)&local_268;
            pwVar6 = (wchar_t *)0x0;
            iVar3 = (**(code **)(*local_288 + 0x78))();
            plVar4 = local_288;
            if (-1 < iVar3) {
              local_278 = (longlong *)0x0;
              pplVar10 = (longlong **)0x0;
              pwVar8 = (wchar_t *)0x0;
              pwVar6 = L"Win32_Process";
              iVar3 = (**(code **)(lRam0000000000000000 + 0x30))();
              plVar4 = local_298;
              if (-1 < iVar3) {
                pplVar10 = &local_270;
                local_270 = (longlong *)0x0;
                pwVar6 = L"Create";
                pwVar8 = (wchar_t *)0x0;
                iVar3 = (**(code **)(*local_278 + 0x98))();
                plVar4 = local_278;
                if (-1 < iVar3) {
                  pwVar8 = (wchar_t *)&local_290;
                  local_290 = (longlong *)0x0;
                  pwVar6 = (wchar_t *)0x0;
                  iVar3 = (**(code **)(*local_270 + 0x78))();
                  plVar4 = local_270;
                  if (-1 < iVar3) {
                    wcscpy_s(local_228,0x105,*(wchar_t **)(param_2 + 8));
                    VariantInit((VARIANTARG *)&local_258);
                    pplVar10 = (longlong **)&local_258;
                    local_258 = 8;
                    pwVar6 = L"CommandLine";
                    local_250 = local_228;
                    pwVar8 = (wchar_t *)0x0;
                    iVar3 = (**(code **)(*local_290 + 0x28))();
                    plVar4 = local_290;
                    if (-1 < iVar3) {
                      VariantInit((VARIANTARG *)&local_240);
                      pplVar10 = (longlong **)&local_240;
                      local_240 = 9;
                      pwVar6 = L"ProcessStartupInformation";
                      pwVar8 = (wchar_t *)0x0;
                      local_238 = local_268;
                      iVar3 = (**(code **)(*local_290 + 0x28))();
                      plVar4 = local_290;
                      if (-1 < iVar3) {
                        pwVar8 = L"Create";
                        pwVar6 = L"Win32_Process";
                        pplVar10 = (longlong **)0x0;
                        local_260 = 0;
                        iVar3 = (**(code **)(lRam0000000000000000 + 0xc0))();
                        plVar4 = local_298;
                        if (-1 < iVar3) {
                          (**(code **)(*local_290 + 0x10))();
                          (**(code **)(*local_278 + 0x10))();
                          (**(code **)(*local_288 + 0x10))();
                          (**(code **)(*local_268 + 0x10))();
                          (**(code **)(lRam0000000000000000 + 0x10))();
                          (**(code **)(*wbemLocator + 0x10))();
                          CoUninitialize();
                          goto LAB_1400013d2;
                        }
                      }
                    }
                  }
                }
              }
            }
          }
        }
      }
      (**(code **)(*plVar4 + 0x10))();
      FUN_140001010("failed1\n",pwVar6,pwVar8,pplVar10);
    }
  }
  else {
    FUN_140001010("Usage: binary.exe <command>",param_2,param_3,param_4);
  }
LAB_1400013d2:
  FUN_140001450(local_18 ^ (ulonglong)auStackY744);
  return;
}
	void FUN_140001070(int param_1,longlong param_2,undefined8 param_3,undefined8 param_4)

	{
	u_short uVar1;
	HRESULT HVar2;
	int iVar3;
	basic_ostream<char,struct_std::char_traits<char>_> *this;
	longlong *plVar4;
	undefined8 uVar5;
	wchar_t *pwVar6;
	undefined8 uVar7;
	wchar_t *pwVar8;
	undefined *puVar9;
	longlong **pplVar10;
	undefined auStackY744 [32];
	longlong *local_298;
	longlong *local_290;
	longlong *local_288;
	longlong *wbemLocator;
	longlong *local_278;
	longlong *local_270;
	longlong *local_268;
	undefined8 local_260;
	undefined2 local_258;
	wchar_t *local_250;
	undefined2 local_240;
	longlong *local_238;
	wchar_t local_228 [264];
	ulonglong local_18;

	local_18 = DAT_140005008 ^ (ulonglong)auStackY744;
	if (param_1 == 2) {
	uVar1 = htons(0x4081);
	this = std::basic_ostream<char,struct_std::char_traits<char>_>::operator<<
	((basic_ostream<char,struct_std::char_traits<char>_> *)cout_exref,(uint)uVar1);
	std::basic_ostream<char,struct_std::char_traits<char>_>::operator<<(this,FUN_140001400);
	CoInitializeEx((LPVOID)0x0,0);
	puVar9 = &DAT_1400032c0;
	wbemLocator = (longlong *)0x0;
	uVar5 = 0;
	uVar7 = 1;
	HVar2 = CoCreateInstance((IID )&DAT_1400032b0,(LPUNKNOWN)0x0,1,(IID )&DAT_1400032c0,
	&wbemLocator);
	if (HVar2 < 0) {
	CoUninitialize();
	FUN_140001010("failed1\n",uVar5,uVar7,puVar9);
	}
	else {
	pplVar10 = (longlong **)0x0;
	pwVar6 = L"ROOT\\CIMV2";
	local_298 = (longlong *)0x0;
	pwVar8 = (wchar_t *)0x0;
	iVar3 = ((code )(*wbemLocator + 0x18))();
	plVar4 = wbemLocator;
	if (-1 < iVar3) {
	pplVar10 = (longlong **)0x0;
	pwVar8 = (wchar_t *)0x0;
	pwVar6 = (wchar_t *)0xa;
	HVar2 = CoSetProxyBlanket((IUnknown )0x0,10,0,(OLECHAR )0x0,3,3,
	(RPC_AUTH_IDENTITY_HANDLE)0x0,0);
	plVar4 = wbemLocator;
	if (-1 < HVar2) {
	local_288 = (longlong *)0x0;
	pplVar10 = (longlong **)0x0;
	pwVar8 = (wchar_t *)0x0;
	pwVar6 = L"Win32_ProcessStartup";
	iVar3 = ((code )(lRam0000000000000000 + 0x30))();
	plVar4 = local_288;
	if (-1 < iVar3) {
	local_268 = (longlong *)0x0;
	pwVar8 = (wchar_t *)&local_268;
	pwVar6 = (wchar_t *)0x0;
	iVar3 = ((code )(*local_288 + 0x78))();
	plVar4 = local_288;
	if (-1 < iVar3) {
	local_278 = (longlong *)0x0;
	pplVar10 = (longlong **)0x0;
	pwVar8 = (wchar_t *)0x0;
	pwVar6 = L"Win32_Process";
	iVar3 = ((code )(lRam0000000000000000 + 0x30))();
	plVar4 = local_298;
	if (-1 < iVar3) {
	pplVar10 = &local_270;
	local_270 = (longlong *)0x0;
	pwVar6 = L"Create";
	pwVar8 = (wchar_t *)0x0;
	iVar3 = ((code )(*local_278 + 0x98))();
	plVar4 = local_278;
	if (-1 < iVar3) {
	pwVar8 = (wchar_t *)&local_290;
	local_290 = (longlong *)0x0;
	pwVar6 = (wchar_t *)0x0;
	iVar3 = ((code )(*local_270 + 0x78))();
	plVar4 = local_270;
	if (-1 < iVar3) {
	wcscpy_s(local_228,0x105,(wchar_t *)(param_2 + 8));
	VariantInit((VARIANTARG *)&local_258);
	pplVar10 = (longlong **)&local_258;
	local_258 = 8;
	pwVar6 = L"CommandLine";
	local_250 = local_228;
	pwVar8 = (wchar_t *)0x0;
	iVar3 = ((code )(*local_290 + 0x28))();
	plVar4 = local_290;
	if (-1 < iVar3) {
	VariantInit((VARIANTARG *)&local_240);
	pplVar10 = (longlong **)&local_240;
	local_240 = 9;
	pwVar6 = L"ProcessStartupInformation";
	pwVar8 = (wchar_t *)0x0;
	local_238 = local_268;
	iVar3 = ((code )(*local_290 + 0x28))();
	plVar4 = local_290;
	if (-1 < iVar3) {
	pwVar8 = L"Create";
	pwVar6 = L"Win32_Process";
	pplVar10 = (longlong **)0x0;
	local_260 = 0;
	iVar3 = ((code )(lRam0000000000000000 + 0xc0))();
	plVar4 = local_298;
	if (-1 < iVar3) {
	((code )(*local_290 + 0x10))();
	((code )(*local_278 + 0x10))();
	((code )(*local_288 + 0x10))();
	((code )(*local_268 + 0x10))();
	((code )(lRam0000000000000000 + 0x10))();
	((code )(*wbemLocator + 0x10))();
	CoUninitialize();
	goto LAB_1400013d2;
	}
	}
	}
	}
	}
	}
	}
	}
	}
	}
	((code )(*plVar4 + 0x10))();
	FUN_140001010("failed1\n",pwVar6,pwVar8,pplVar10);
	}
	}
	else {
	FUN_140001010("Usage: binary.exe <command>",param_2,param_3,param_4);
	}
	LAB_1400013d2:
	FUN_140001450(local_18 ^ (ulonglong)auStackY744);
	return;
	}