-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdisassembly1.txt
More file actions
6558 lines (5125 loc) · 143 KB
/
disassembly1.txt
File metadata and controls
6558 lines (5125 loc) · 143 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Disassembling: dist/entry_point/entry_point...
--------------------------------------------------
Top Address of .text Section: 0x401a40
Program Entry Point Address: 0x401a45
Address Offset: 0x5
Section header for .text : Container({'sh_name': 132, 'sh_type': 'SHT_PROGBITS', 'sh_flags': 6, 'sh_addr': 4201024, 'sh_offset': 6720, 'sh_size': 14802, 'sh_link': 0, 'sh_info': 0, 'sh_addralign': 16, 'sh_entsize': 0})
Program header: Container({'e_ident': Container({'EI_MAG': [127, 69, 76, 70], 'EI_CLASS': 'ELFCLASS64', 'EI_DATA': 'ELFDATA2LSB', 'EI_VERSION': 'EV_CURRENT', 'EI_OSABI': 'ELFOSABI_SYSV', 'EI_ABIVERSION': 0}), 'e_type': 'ET_EXEC', 'e_machine': 'EM_X86_64', 'e_version': 'EV_CURRENT', 'e_entry': 4201029, 'e_phoff': 64, 'e_shoff': 1877768, 'e_flags': 0, 'e_ehsize': 64, 'e_phentsize': 56, 'e_phnum': 8, 'e_shentsize': 64, 'e_shnum': 29, 'e_shstrndx': 28})
--------------------------------------------------
0x401a45: xor ebp, ebp
0x401a47: mov r9, rdx
0x401a4a: pop rsi
Instruction group(s): [145]
0x401a4b: mov rdx, rsp
0x401a4e: and rsp, 0xfffffffffffffff0
0x401a52: push rax
Instruction group(s): [145]
0x401a53: push rsp
Instruction group(s): [145]
0x401a54: mov r8, 0x405410
0x401a5b: mov rcx, 0x4053a0
0x401a62: mov rdi, 0x401a40
0x401a69: call 0x4017a0
Instruction group(s): [2, 7, 145]
0x401a6e: hlt
Instruction group(s): [6]
0x401a6f: nop
0x401a70: mov eax, 0x607a17
0x401a75: push rbp
Instruction group(s): [145]
0x401a76: sub rax, 0x607a10
0x401a7c: cmp rax, 0xe
0x401a80: mov rbp, rsp
0x401a83: jbe 0x401aa0
Instruction group(s): [7, 1]
0x401a85: mov eax, 0
0x401a8a: test rax, rax
0x401a8d: je 0x401aa0
Instruction group(s): [7, 1]
0x401a8f: pop rbp
Instruction group(s): [145]
0x401a90: mov edi, 0x607a10
0x401a95: jmp rax
Instruction group(s): [145, 1]
0x401a97: nop word ptr [rax + rax]
0x401aa0: pop rbp
Instruction group(s): [145]
0x401aa1: ret
Instruction group(s): [3, 145]
0x401aa2: nop word ptr cs:[rax + rax]
0x401ab0: mov esi, 0x607a10
0x401ab5: push rbp
Instruction group(s): [145]
0x401ab6: sub rsi, 0x607a10
0x401abd: sar rsi, 3
0x401ac1: mov rbp, rsp
0x401ac4: mov rax, rsi
0x401ac7: shr rax, 0x3f
0x401acb: add rsi, rax
0x401ace: sar rsi, 1
0x401ad1: je 0x401ae8
Instruction group(s): [7, 1]
0x401ad3: mov eax, 0
0x401ad8: test rax, rax
0x401adb: je 0x401ae8
Instruction group(s): [7, 1]
0x401add: pop rbp
Instruction group(s): [145]
0x401ade: mov edi, 0x607a10
0x401ae3: jmp rax
Instruction group(s): [145, 1]
0x401ae5: nop dword ptr [rax]
0x401ae8: pop rbp
Instruction group(s): [145]
0x401ae9: ret
Instruction group(s): [3, 145]
0x401aea: nop word ptr [rax + rax]
0x401af0: cmp byte ptr [rip + 0x205f61], 0
0x401af7: jne 0x401b0a
Instruction group(s): [7, 1]
0x401af9: push rbp
Instruction group(s): [145]
0x401afa: mov rbp, rsp
0x401afd: call 0x401a70
Instruction group(s): [2, 7, 145]
0x401b02: pop rbp
Instruction group(s): [145]
0x401b03: mov byte ptr [rip + 0x205f4e], 1
0x401b0a: ret
Instruction group(s): [3, 145]
0x401b0c: nop dword ptr [rax]
0x401b10: mov edi, 0x6075a0
0x401b15: cmp qword ptr [rdi], 0
0x401b19: jne 0x401b20
Instruction group(s): [7, 1]
0x401b1b: jmp 0x401ab0
Instruction group(s): [7, 1]
0x401b1d: nop dword ptr [rax]
0x401b20: mov eax, 0
0x401b25: test rax, rax
0x401b28: je 0x401b1b
Instruction group(s): [7, 1]
0x401b2a: push rbp
Instruction group(s): [145]
0x401b2b: mov rbp, rsp
0x401b2e: call rax
Instruction group(s): [2, 145]
0x401b30: pop rbp
Instruction group(s): [145]
0x401b31: jmp 0x401ab0
Instruction group(s): [7, 1]
0x401b36: nop word ptr cs:[rax + rax]
0x401b40: push r12
Instruction group(s): [145]
0x401b42: push rbp
Instruction group(s): [145]
0x401b43: mov rbp, rdi
0x401b46: push rbx
Instruction group(s): [145]
0x401b47: mov ebx, esi
0x401b49: lea esi, [rsi - 0x1058]
Instruction group(s): [145]
0x401b4f: xor edx, edx
0x401b51: sub rsp, 0x1060
0x401b58: mov rdi, qword ptr [rdi]
0x401b5b: movsxd rsi, esi
Instruction group(s): [145]
0x401b5e: call 0x4018f0
Instruction group(s): [2, 7, 145]
0x401b63: test eax, eax
0x401b65: jne 0x401c50
Instruction group(s): [7, 1]
0x401b6b: mov rcx, qword ptr [rbp]
0x401b6f: mov edx, 1
0x401b74: mov esi, 0x1058
0x401b79: mov rdi, rsp
0x401b7c: mov r12, rsp
0x401b7f: call 0x401680
Instruction group(s): [2, 7, 145]
0x401b84: test rax, rax
0x401b87: je 0x401c50
Instruction group(s): [7, 1]
0x401b8d: lea rdx, [rsp + 0x1000]
0x401b95: mov r10d, 0x405424
0x401b9b: mov r9d, 8
0x401ba1: lea r11, [rsp - 1]
0x401ba6: jmp 0x401bbd
Instruction group(s): [7, 1]
0x401ba8: nop dword ptr [rax + rax]
0x401bb0: sub rdx, 1
0x401bb4: cmp rdx, r11
0x401bb7: je 0x401c50
Instruction group(s): [7, 1]
0x401bbd: mov rsi, r10
0x401bc0: mov rdi, rdx
0x401bc3: mov rcx, r9
0x401bc6: repe cmpsb byte ptr [rsi], byte ptr [rdi]
0x401bc8: seta al
0x401bcb: setb r8b
0x401bcf: sub eax, r8d
0x401bd2: movsx eax, al
0x401bd5: test eax, eax
0x401bd7: jne 0x401bb0
Instruction group(s): [7, 1]
0x401bd9: mov rdi, qword ptr [rdx + 0x10]
0x401bdd: mov rsi, qword ptr [rdx]
0x401be0: mov qword ptr [rbp + 0x30], rdi
0x401be4: mov rdi, qword ptr [rdx + 0x18]
0x401be8: mov qword ptr [rbp + 0x20], rsi
0x401bec: mov rsi, qword ptr [rdx + 8]
0x401bf0: mov qword ptr [rbp + 0x38], rdi
0x401bf4: mov rdi, qword ptr [rdx + 0x20]
0x401bf8: mov qword ptr [rbp + 0x28], rsi
0x401bfc: bswap esi
0x401bfe: sub ebx, esi
0x401c00: mov qword ptr [rbp + 0x40], rdi
0x401c04: mov rdi, qword ptr [rdx + 0x28]
0x401c08: mov qword ptr [rbp + 0x48], rdi
0x401c0c: mov rdi, qword ptr [rdx + 0x30]
0x401c10: mov qword ptr [rbp + 0x50], rdi
0x401c14: mov rdi, qword ptr [rdx + 0x38]
0x401c18: mov qword ptr [rbp + 0x58], rdi
0x401c1c: mov rdi, qword ptr [rdx + 0x40]
0x401c20: mov qword ptr [rbp + 0x60], rdi
0x401c24: mov rdi, qword ptr [rdx + 0x48]
0x401c28: mov qword ptr [rbp + 0x68], rdi
0x401c2c: mov rdi, qword ptr [rdx + 0x50]
0x401c30: sub rdx, r12
0x401c33: lea edx, [rbx + rdx - 0x1000]
Instruction group(s): [145]
0x401c3a: mov qword ptr [rbp + 0x70], rdi
0x401c3e: mov dword ptr [rbp + 8], edx
0x401c41: add rsp, 0x1060
0x401c48: pop rbx
Instruction group(s): [145]
0x401c49: pop rbp
Instruction group(s): [145]
0x401c4a: pop r12
Instruction group(s): [145]
0x401c4c: ret
Instruction group(s): [3, 145]
0x401c4d: nop dword ptr [rax]
0x401c50: add rsp, 0x1060
0x401c57: mov eax, 0xffffffff
0x401c5c: pop rbx
Instruction group(s): [145]
0x401c5d: pop rbp
Instruction group(s): [145]
0x401c5e: pop r12
Instruction group(s): [145]
0x401c60: ret
Instruction group(s): [3, 145]
0x401c61: nop word ptr cs:[rax + rax]
0x401c70: mov eax, dword ptr [rsi]
0x401c72: bswap eax
0x401c74: mov eax, eax
0x401c76: add rax, rsi
0x401c79: cmp rax, qword ptr [rdi + 0x10]
0x401c7d: jb 0x401c80
Instruction group(s): [7, 1]
0x401c7f: ret
Instruction group(s): [3, 145]
0x401c80: push rbx
Instruction group(s): [145]
0x401c81: xor eax, eax
0x401c83: mov rbx, rdi
0x401c86: mov edi, 0x405500
0x401c8b: call 0x4023a0
Instruction group(s): [2, 7, 145]
0x401c90: mov rax, qword ptr [rbx + 0x18]
0x401c94: pop rbx
Instruction group(s): [145]
0x401c95: ret
Instruction group(s): [3, 145]
0x401c96: nop word ptr cs:[rax + rax]
0x401ca0: push r15
Instruction group(s): [145]
0x401ca2: push r14
Instruction group(s): [145]
0x401ca4: push r13
Instruction group(s): [145]
0x401ca6: push r12
Instruction group(s): [145]
0x401ca8: mov r12, rdi
0x401cab: push rbp
Instruction group(s): [145]
0x401cac: push rbx
Instruction group(s): [145]
0x401cad: mov r13, rsi
0x401cb0: sub rsp, 0x78
0x401cb4: mov rdi, qword ptr [rdi]
0x401cb7: test rdi, rdi
0x401cba: je 0x401dd8
Instruction group(s): [7, 1]
0x401cc0: mov esi, dword ptr [r13 + 4]
0x401cc4: xor edx, edx
0x401cc6: bswap esi
0x401cc8: add esi, dword ptr [r12 + 8]
0x401ccd: call 0x4018f0
Instruction group(s): [2, 7, 145]
0x401cd2: mov ebx, dword ptr [r13 + 8]
0x401cd6: bswap ebx
0x401cd8: mov ebx, ebx
0x401cda: mov rdi, rbx
0x401cdd: call 0x4018c0
Instruction group(s): [2, 7, 145]
0x401ce2: test rax, rax
0x401ce5: mov rbp, rax
0x401ce8: je 0x401e29
Instruction group(s): [7, 1]
0x401cee: mov rcx, qword ptr [r12]
0x401cf2: mov edx, 1
0x401cf7: mov rsi, rbx
0x401cfa: mov rdi, rbp
0x401cfd: call 0x401680
Instruction group(s): [2, 7, 145]
0x401d02: test rax, rax
0x401d05: je 0x401e10
Instruction group(s): [7, 1]
0x401d0b: cmp byte ptr [r13 + 0x10], 1
0x401d10: je 0x401d40
Instruction group(s): [7, 1]
0x401d12: mov rdi, qword ptr [r12]
0x401d16: test rdi, rdi
0x401d19: je 0x401d28
Instruction group(s): [7, 1]
0x401d1b: call 0x4016c0
Instruction group(s): [2, 7, 145]
0x401d20: mov qword ptr [r12], 0
0x401d28: add rsp, 0x78
0x401d2c: mov rax, rbp
0x401d2f: pop rbx
Instruction group(s): [145]
0x401d30: pop rbp
Instruction group(s): [145]
0x401d31: pop r12
Instruction group(s): [145]
0x401d33: pop r13
Instruction group(s): [145]
0x401d35: pop r14
Instruction group(s): [145]
0x401d37: pop r15
Instruction group(s): [145]
0x401d39: ret
Instruction group(s): [3, 145]
0x401d3a: nop word ptr [rax + rax]
0x401d40: mov ebx, dword ptr [r13 + 0xc]
0x401d44: mov r14d, dword ptr [r13 + 8]
0x401d48: bswap ebx
0x401d4a: mov edi, ebx
0x401d4c: call 0x4018c0
Instruction group(s): [2, 7, 145]
0x401d51: test rax, rax
0x401d54: mov r15, rax
0x401d57: je 0x401e83
Instruction group(s): [7, 1]
0x401d5d: bswap r14d
0x401d60: mov edx, 0x70
0x401d65: mov esi, 0x40544a
0x401d6a: mov rdi, rsp
0x401d6d: mov qword ptr [rsp + 0x40], 0
0x401d76: mov qword ptr [rsp + 0x48], 0
0x401d7f: mov qword ptr [rsp + 0x50], 0
0x401d88: mov qword ptr [rsp], rbp
0x401d8c: mov dword ptr [rsp + 8], r14d
0x401d91: mov qword ptr [rsp + 0x18], rax
0x401d96: mov dword ptr [rsp + 0x20], ebx
0x401d9a: call 0x401960
Instruction group(s): [2, 7, 145]
0x401d9f: test eax, eax
0x401da1: js 0x401e3c
Instruction group(s): [7, 1]
0x401da7: mov esi, 4
0x401dac: mov rdi, rsp
0x401daf: call 0x401650
Instruction group(s): [2, 7, 145]
0x401db4: test eax, eax
0x401db6: js 0x401e6e
Instruction group(s): [7, 1]
0x401dbc: mov rdi, rsp
0x401dbf: call 0x401840
Instruction group(s): [2, 7, 145]
0x401dc4: mov rdi, rbp
0x401dc7: mov rbp, r15
0x401dca: call 0x4015f0
Instruction group(s): [2, 7, 145]
0x401dcf: jmp 0x401d12
Instruction group(s): [7, 1]
0x401dd4: nop dword ptr [rax]
0x401dd8: lea rdi, [r12 + 0x78]
0x401ddd: mov esi, 0x40542d
0x401de2: call 0x401980
Instruction group(s): [2, 7, 145]
0x401de7: test rax, rax
0x401dea: mov rdi, rax
0x401ded: mov qword ptr [r12], rax
0x401df1: jne 0x401cc0
Instruction group(s): [7, 1]
0x401df7: mov edi, 0x40546b
0x401dfc: xor eax, eax
0x401dfe: xor ebp, ebp
0x401e00: call 0x4023a0
Instruction group(s): [2, 7, 145]
0x401e05: jmp 0x401d28
Instruction group(s): [7, 1]
0x401e0a: nop word ptr [rax + rax]
0x401e10: mov edi, 0x405430
0x401e15: call 0x4023a0
Instruction group(s): [2, 7, 145]
0x401e1a: mov rdi, rbp
0x401e1d: xor ebp, ebp
0x401e1f: call 0x4015f0
Instruction group(s): [2, 7, 145]
0x401e24: jmp 0x401d28
Instruction group(s): [7, 1]
0x401e29: mov edi, 0x405520
0x401e2e: xor eax, eax
0x401e30: xor ebp, ebp
0x401e32: call 0x4023a0
Instruction group(s): [2, 7, 145]
0x401e37: jmp 0x401d28
Instruction group(s): [7, 1]
0x401e3c: mov rdx, qword ptr [rsp + 0x30]
0x401e41: mov esi, eax
0x401e43: mov edi, 0x405568
0x401e48: xor eax, eax
0x401e4a: call 0x4023a0
Instruction group(s): [2, 7, 145]
0x401e4f: mov rdi, rbp
0x401e52: xor ebp, ebp
0x401e54: call 0x4015f0
Instruction group(s): [2, 7, 145]
0x401e59: lea rsi, [r13 + 0x12]
0x401e5d: mov edi, 0x405485
0x401e62: xor eax, eax
0x401e64: call 0x4023a0
Instruction group(s): [2, 7, 145]
0x401e69: jmp 0x401d28
Instruction group(s): [7, 1]
0x401e6e: mov rdx, qword ptr [rsp + 0x30]
0x401e73: mov esi, eax
0x401e75: mov edi, 0x405450
0x401e7a: xor eax, eax
0x401e7c: call 0x4023a0
Instruction group(s): [2, 7, 145]
0x401e81: jmp 0x401e4f
Instruction group(s): [7, 1]
0x401e83: mov edi, 0x405540
0x401e88: xor eax, eax
0x401e8a: call 0x4023a0
Instruction group(s): [2, 7, 145]
0x401e8f: jmp 0x401e4f
Instruction group(s): [7, 1]
0x401e91: nop word ptr cs:[rax + rax]
0x401ea0: push r14
Instruction group(s): [145]
0x401ea2: push r13
Instruction group(s): [145]
0x401ea4: mov r14, rsi
0x401ea7: push r12
Instruction group(s): [145]
0x401ea9: push rbp
Instruction group(s): [145]
0x401eaa: push rbx
Instruction group(s): [145]
0x401eab: mov rbx, rdi
0x401eae: call 0x401ca0
Instruction group(s): [2, 7, 145]
0x401eb3: mov rdi, rbx
0x401eb6: mov rbp, rax
0x401eb9: call 0x404bc0
Instruction group(s): [2, 7, 145]
0x401ebe: cmp eax, -1
0x401ec1: je 0x401f2a
Instruction group(s): [7, 1]
0x401ec3: lea r12, [r14 + 0x12]
0x401ec7: lea rdi, [rbx + 0x2078]
0x401ece: mov rsi, r12
0x401ed1: call 0x404e40
Instruction group(s): [2, 7, 145]
0x401ed6: mov ebx, dword ptr [r14 + 0xc]
0x401eda: test rax, rax
0x401edd: mov r13, rax
0x401ee0: bswap ebx
0x401ee2: mov ebx, ebx
0x401ee4: je 0x401f53
Instruction group(s): [7, 1]
0x401ee6: mov rcx, rax
0x401ee9: mov edx, 1
0x401eee: mov rsi, rbx
0x401ef1: mov rdi, rbp
0x401ef4: call 0x4019e0
Instruction group(s): [2, 7, 145]
0x401ef9: cmp rax, 1
0x401efd: je 0x401f04
Instruction group(s): [7, 1]
0x401eff: test rbx, rbx
0x401f02: jne 0x401f38
Instruction group(s): [7, 1]
0x401f04: mov rdi, r13
0x401f07: call 0x401870
Instruction group(s): [2, 7, 145]
0x401f0c: mov esi, 0x1c0
0x401f11: mov edi, eax
0x401f13: call 0x401950
Instruction group(s): [2, 7, 145]
0x401f18: mov rdi, r13
0x401f1b: call 0x4016c0
Instruction group(s): [2, 7, 145]
0x401f20: mov rdi, rbp
0x401f23: call 0x4015f0
Instruction group(s): [2, 7, 145]
0x401f28: xor eax, eax
0x401f2a: pop rbx
Instruction group(s): [145]
0x401f2b: pop rbp
Instruction group(s): [145]
0x401f2c: pop r12
Instruction group(s): [145]
0x401f2e: pop r13
Instruction group(s): [145]
0x401f30: pop r14
Instruction group(s): [145]
0x401f32: ret
Instruction group(s): [3, 145]
0x401f33: nop dword ptr [rax + rax]
0x401f38: xor eax, eax
0x401f3a: mov rdx, r12
0x401f3d: mov esi, 0x405588
0x401f42: mov edi, 0x4054bf
0x401f47: call 0x402470
Instruction group(s): [2, 7, 145]
0x401f4c: mov eax, 0xffffffff
0x401f51: jmp 0x401f2a
Instruction group(s): [7, 1]
0x401f53: xor eax, eax
0x401f55: mov rdx, r12
0x401f58: mov esi, 0x40549d
0x401f5d: mov edi, 0x4054b9
0x401f62: call 0x402470
Instruction group(s): [2, 7, 145]
0x401f67: mov eax, 0xffffffff
0x401f6c: jmp 0x401f2a
Instruction group(s): [7, 1]
0x401f6e: nop
0x401f70: push rbp
Instruction group(s): [145]
0x401f71: push rbx
Instruction group(s): [145]
0x401f72: mov rbx, rdi
0x401f75: sub rsp, 8
0x401f79: mov rdi, qword ptr [rdi]
0x401f7c: test rdi, rdi
0x401f7f: je 0x402048
Instruction group(s): [7, 1]
0x401f85: xor esi, esi
0x401f87: mov edx, 2
0x401f8c: call 0x4018f0
Instruction group(s): [2, 7, 145]
0x401f91: mov rdi, qword ptr [rbx]
0x401f94: call 0x4017f0
Instruction group(s): [2, 7, 145]
0x401f99: mov rdi, rbx
0x401f9c: mov esi, eax
0x401f9e: call 0x401b40
Instruction group(s): [2, 7, 145]
0x401fa3: cmp eax, -1
0x401fa6: je 0x402068
Instruction group(s): [7, 1]
0x401fac: mov esi, dword ptr [rbx + 0x2c]
0x401faf: mov eax, dword ptr [rbx + 0x34]
0x401fb2: xor edx, edx
0x401fb4: mov rdi, qword ptr [rbx]
0x401fb7: mov dword ptr [rbx + 0x407c], 0
0x401fc1: bswap esi
0x401fc3: add esi, dword ptr [rbx + 8]
0x401fc6: bswap eax
0x401fc8: mov dword ptr [rip + 0x205a8e], eax
0x401fce: call 0x4018f0
Instruction group(s): [2, 7, 145]
0x401fd3: mov ebp, dword ptr [rbx + 0x30]
0x401fd6: bswap ebp
0x401fd8: mov ebp, ebp
0x401fda: mov rdi, rbp
0x401fdd: call 0x4018c0
Instruction group(s): [2, 7, 145]
0x401fe2: test rax, rax
0x401fe5: mov qword ptr [rbx + 0x10], rax
0x401fe9: je 0x40209e
Instruction group(s): [7, 1]
0x401fef: mov rcx, qword ptr [rbx]
0x401ff2: mov edx, 1
0x401ff7: mov rsi, rbp
0x401ffa: mov rdi, rax
0x401ffd: call 0x401680
Instruction group(s): [2, 7, 145]
0x402002: test rax, rax
0x402005: je 0x402070
Instruction group(s): [7, 1]
0x402007: mov eax, dword ptr [rbx + 0x30]
0x40200a: mov rdi, qword ptr [rbx]
0x40200d: bswap eax
0x40200f: mov eax, eax
0x402011: add rax, qword ptr [rbx + 0x10]
0x402015: mov qword ptr [rbx + 0x18], rax
0x402019: call 0x401670
Instruction group(s): [2, 7, 145]
0x40201e: test eax, eax
0x402020: mov ebp, eax
0x402022: jne 0x402090
Instruction group(s): [7, 1]
0x402024: mov rdi, qword ptr [rbx]
0x402027: test rdi, rdi
0x40202a: je 0x402038
Instruction group(s): [7, 1]
0x40202c: call 0x4016c0
Instruction group(s): [2, 7, 145]
0x402031: mov qword ptr [rbx], 0
0x402038: add rsp, 8
0x40203c: mov eax, ebp
0x40203e: pop rbx
Instruction group(s): [145]
0x40203f: pop rbp
Instruction group(s): [145]
0x402040: ret
Instruction group(s): [3, 145]
0x402041: nop dword ptr [rax]
0x402048: lea rdi, [rbx + 0x78]
0x40204c: mov esi, 0x40542d
0x402051: call 0x401980
Instruction group(s): [2, 7, 145]
0x402056: test rax, rax
0x402059: mov rdi, rax
0x40205c: mov qword ptr [rbx], rax
0x40205f: jne 0x401f85
Instruction group(s): [7, 1]
0x402065: nop dword ptr [rax]
0x402068: mov ebp, 0xffffffff
0x40206d: jmp 0x402038
Instruction group(s): [7, 1]
0x40206f: nop
0x402070: mov esi, 0x4054cd
0x402075: mov edi, 0x4054e7
0x40207a: mov ebp, 0xffffffff
0x40207f: call 0x402470
Instruction group(s): [2, 7, 145]
0x402084: jmp 0x402038
Instruction group(s): [7, 1]
0x402086: nop word ptr cs:[rax + rax]
0x402090: mov edi, 0x4054ed
0x402095: xor eax, eax
0x402097: call 0x4023a0
Instruction group(s): [2, 7, 145]
0x40209c: jmp 0x402068
Instruction group(s): [7, 1]
0x40209e: mov esi, 0x4055b0
0x4020a3: mov edi, 0x4054c6
0x4020a8: mov ebp, 0xffffffff
0x4020ad: call 0x402470
Instruction group(s): [2, 7, 145]
0x4020b2: jmp 0x402038
Instruction group(s): [7, 1]
0x4020b4: nop word ptr cs:[rax + rax]
0x4020c0: push r13
Instruction group(s): [145]
0x4020c2: push r12
Instruction group(s): [145]
0x4020c4: mov r12, rdx
0x4020c7: push rbp
Instruction group(s): [145]
0x4020c8: push rbx
Instruction group(s): [145]
0x4020c9: mov rbp, rsi
0x4020cc: mov rbx, rdi
0x4020cf: mov esi, 0x1000
0x4020d4: mov rdi, rbp
0x4020d7: sub rsp, 8
0x4020db: call 0x401750
Instruction group(s): [2, 7, 145]
0x4020e0: mov esi, 0x1000
0x4020e5: mov r13, rax
0x4020e8: mov rdi, r12
0x4020eb: call 0x401750
Instruction group(s): [2, 7, 145]
0x4020f0: lea rdx, [r13 + rax + 1]
0x4020f5: mov eax, 0xffffffff
0x4020fa: cmp rdx, 0x1000
0x402101: ja 0x40215b
Instruction group(s): [7, 1]
0x402103: lea rdi, [rbx + 0x78]
0x402107: mov edx, 0x1000
0x40210c: mov rsi, rbp
0x40210f: call 0x401880
Instruction group(s): [2, 7, 145]
0x402114: mov rsi, r12
0x402117: lea r12, [rbx + 0x1078]
0x40211e: mov edx, 0x1000
0x402123: mov rdi, rax
0x402126: call 0x401920
Instruction group(s): [2, 7, 145]
0x40212b: mov edx, 0x1000
0x402130: mov rsi, rbp
0x402133: mov rdi, r12
0x402136: call 0x401920
Instruction group(s): [2, 7, 145]
0x40213b: lea rdi, [rbx + 0x3078]
0x402142: mov dword ptr [rbx + 0x4078], 0
0x40214c: mov edx, 0x1000
0x402151: mov rsi, r12
0x402154: call 0x401920
Instruction group(s): [2, 7, 145]
0x402159: xor eax, eax
0x40215b: add rsp, 8
0x40215f: pop rbx
Instruction group(s): [145]
0x402160: pop rbp
Instruction group(s): [145]
0x402161: pop r12
Instruction group(s): [145]
0x402163: pop r13
Instruction group(s): [145]
0x402165: ret
Instruction group(s): [3, 145]
0x402166: nop word ptr cs:[rax + rax]
0x402170: push rbx
Instruction group(s): [145]
0x402171: mov rbx, rdi
0x402174: call 0x4020c0
Instruction group(s): [2, 7, 145]
0x402179: test eax, eax
0x40217b: jne 0x40219d
Instruction group(s): [7, 1]
0x40217d: mov rdi, rbx
0x402180: call 0x401f70
Instruction group(s): [2, 7, 145]
0x402185: test eax, eax
0x402187: je 0x4021a2
Instruction group(s): [7, 1]
0x402189: mov rdi, qword ptr [rbx]
0x40218c: test rdi, rdi
0x40218f: je 0x40219d
Instruction group(s): [7, 1]
0x402191: call 0x4016c0
Instruction group(s): [2, 7, 145]
0x402196: mov qword ptr [rbx], 0
0x40219d: mov eax, 0xffffffff
0x4021a2: pop rbx
Instruction group(s): [145]
0x4021a3: ret
Instruction group(s): [3, 145]
0x4021a4: nop word ptr cs:[rax + rax]
0x4021b0: mov rax, qword ptr [rdi + 0x10]
0x4021b4: ret
Instruction group(s): [3, 145]
0x4021b5: nop word ptr cs:[rax + rax]
0x4021c0: mov eax, dword ptr [rsi]
0x4021c2: bswap eax
0x4021c4: mov eax, eax
0x4021c6: add rsi, rax
0x4021c9: cmp rsi, qword ptr [rdi + 0x18]
0x4021cd: mov eax, 0
0x4021d2: cmovb rax, rsi
Instruction group(s): [137]
0x4021d6: ret
Instruction group(s): [3, 145]
0x4021d7: nop word ptr [rax + rax]
0x4021e0: mov eax, dword ptr [rdi + 0x34]
0x4021e3: bswap eax
0x4021e5: ret
Instruction group(s): [3, 145]
0x4021e6: nop word ptr cs:[rax + rax]
0x4021f0: test rdi, rdi
0x4021f3: je 0x402220
Instruction group(s): [7, 1]
0x4021f5: push rbx
Instruction group(s): [145]
0x4021f6: mov rbx, rdi
0x4021f9: mov rdi, qword ptr [rdi + 0x10]
0x4021fd: test rdi, rdi
0x402200: je 0x402207
Instruction group(s): [7, 1]
0x402202: call 0x4015f0
Instruction group(s): [2, 7, 145]
0x402207: mov rdi, qword ptr [rbx]
0x40220a: test rdi, rdi
0x40220d: je 0x402214
Instruction group(s): [7, 1]
0x40220f: call 0x4016c0
Instruction group(s): [2, 7, 145]
0x402214: mov rdi, rbx
0x402217: pop rbx
Instruction group(s): [145]
0x402218: jmp 0x4015f0
Instruction group(s): [7, 1]
0x40221d: nop dword ptr [rax]
0x402220: ret
Instruction group(s): [3, 145]
0x402222: nop word ptr cs:[rax + rax]
0x402230: push r14
Instruction group(s): [145]
0x402232: push r13
Instruction group(s): [145]
0x402234: mov r13, rdi
0x402237: push r12
Instruction group(s): [145]
0x402239: push rbp
Instruction group(s): [145]
0x40223a: mov r12, rsi
0x40223d: push rbx
Instruction group(s): [145]
0x40223e: mov rbx, qword ptr [rdi + 0x10]
0x402242: mov rdi, rsi
0x402245: call 0x401700
Instruction group(s): [2, 7, 145]
0x40224a: mov r14, qword ptr [r13 + 0x18]
0x40224e: movsxd rbp, eax
Instruction group(s): [145]
0x402251: nop dword ptr [rax]
0x402258: cmp rbx, r14
0x40225b: jae 0x40228a
Instruction group(s): [7, 1]
0x40225d: cmp byte ptr [rbx + 0x11], 0x6f
0x402261: je 0x402298
Instruction group(s): [7, 1]
0x402263: mov ecx, dword ptr [rbx]
0x402265: bswap ecx
0x402267: mov ecx, ecx