                 ͻ
                   This text files shows how I translated the dead listing to 'C' 
                 ͼ


:004010CC 8B4508                  mov eax, dword ptr [ebp+08]
:004010CF 50                      push eax
:004010D0 56                      push esi
:004010D1 E86AFFFFFF              call 00401040
:004010D6 8B8E30504000            mov ecx, dword ptr [esi+00405030]
:004010DC 83C408                  add esp, 00000008
:004010DF 33CF                    xor ecx, edi
:004010E1 03C1                    add eax, ecx
:004010E3 8945FC                  mov dword ptr [ebp-04], eax
:004010E6 C145FC07                rol dword ptr [ebp-04], 07
:004010EA 8B45FC                  mov eax, dword ptr [ebp-04]
:004010ED 83C604                  add esi, 00000004
:004010F0 33D8                    xor ebx, eax
:004010F2 47                      inc edi
:004010F3 83FE40                  cmp esi, 00000040
:004010F6 7CD4                    jl 004010CC

unsigned int edi=0;
for (int i=0;i<0x40;i=i+4)
{
	unsigned int eax = f401040(name,i);
	eax += buf_405030[i] ^ edi;
	hash ^= _lrotl(eax,7);
	edi++;
}



//////////////////////////////////////////////////////////////////////////////

* Referenced by a CALL at Addresses:
|:0040108E   , :004010D1   
|
:00401040 8B4C2404                mov ecx, dword ptr [esp+04]
:00401044 56                      push esi
:00401045 8B74240C                mov esi, dword ptr [esp+0C]
:00401049 33C0                    xor eax, eax
:0040104B 33D2                    xor edx, edx
:0040104D 8A443103                mov al, byte ptr [ecx+esi+03]
:00401051 8A543102                mov dl, byte ptr [ecx+esi+02]
:00401055 C1E008                  shl eax, 08
:00401058 03C2                    add eax, edx
:0040105A 33D2                    xor edx, edx
:0040105C 8A543101                mov dl, byte ptr [ecx+esi+01]
:00401060 C1E008                  shl eax, 08
:00401063 03C2                    add eax, edx
:00401065 33D2                    xor edx, edx
:00401067 8A1431                  mov dl, byte ptr [ecx+esi]
:0040106A 5E                      pop esi
:0040106B C1E008                  shl eax, 08
:0040106E 03C2                    add eax, edx
:00401070 C3                      ret

unsigned int f401040(const char* buffer,unsigned int offset)
{
	unsigned int value;

	value = buffer[offset+3];
	value = value << 8;
	value += buffer[offset+2];
	value = value << 8;
	value += buffer[offset+1];
	value = value << 8;
	value += buffer[offset];

	return value;
}



//////////////////////////////////////////////////////////////////////////////

:00401257 8B45FC                  mov eax, dword ptr [ebp-04] -> magic
:0040125A 33D2                    xor edx, edx
:0040125C BE1A000000              mov esi, 0000001A
:00401261 F7F6                    div esi
:00401263 8A941510FFFFFF          mov dl, byte ptr [ebp+edx-000000F0]
:0040126A 88540DC8                mov byte ptr [ebp+ecx-38], dl
:0040126E 8B45FC                  mov eax, dword ptr [ebp-04]
:00401271 C1E003                  shl eax, 03
:00401274 BA45230100              mov edx, 00012345
:00401279 F7E8                    imul eax
:0040127B 03C2                    add eax, edx
:0040127D 8945FC                  mov dword ptr [ebp-04], eax
:00401280 41                      inc ecx
:00401281 83F912                  cmp ecx, 00000012
:00401284 72D1                    jb 00401257

for (i=0;i<0x12;i++)
{
	ebpm38[i] = ebpmf0[(hash % 0x1A)];
	hash = hash << 3;
	__asm
	{
		mov eax, dword ptr[hash]
		mov edx,12345h
		imul eax
		add eax,edx
		mov dword ptr[hash],eax
	}
			
}

Yes, there is still some ASM... but seifer told me he was using ASM in his
sources too, so it's OK !



//////////////////////////////////////////////////////////////////////////////

* Referenced by a CALL at Address:
|:004012AD   
|
:00401110 8B4C2404                mov ecx, dword ptr [esp+04]
:00401114 33C0                    xor eax, eax

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00401122(C)
|
:00401116 8A1408                  mov dl, byte ptr [eax+ecx]
:00401119 32D0                    xor dl, al
:0040111B 881408                  mov byte ptr [eax+ecx], dl
:0040111E 40                      inc eax
:0040111F 83F812                  cmp eax, 00000012
:00401122 72F2                    jb 00401116
:00401124 C3                      ret


void f401110(char* buffer)
{
	for (int i=0;i<18;i++) buffer[i] = buffer[i] ^ i;
}
