| Address
| Opcode
| Mnemonics
| Comment
|
| 00419EB0
| 83EC 1C
| SUB ESP,1C
|
| 00419EB3
| 53
| PUSH EBX
|
| 00419EB4
| 56
| PUSH ESI
|
| 00419EB5
| 57
| PUSH EDI
|
| 00419EB6
| 8BF1
| MOV ESI,ECX
| ; Store "this" pointer (???)
|
| 00419EB8
| 55
| PUSH EBP
|
| 00419EB9
| 8B7E 18
| MOV EDI,DWORD PTR DS:[ESI+18]
| ; Load this.???
|
| 00419EBC
| 85FF
| TEST EDI,EDI
|
| 00419EBE
| 74 10
| JE SHORT Outpost2.00419ED0
|
| 00419EC0
| 8BCF
| MOV ECX,EDI
|
| 00419EC2
| E8 F9090900
| CALL Outpost2.004AA8C0
|
| 00419EC7
| 57
| PUSH EDI
|
| 00419EC8
| E8 63700A00
| CALL Outpost2.004C0F30
|
| 00419ECD
| 83C4 04
| ADD ESP,4
|
| 00419ED0
| 8B46 14
| MOV EAX,DWORD PTR DS:[ESI+14]
|
| 00419ED3
| 85C0
| TEST EAX,EAX
|
| 00419ED5
| 74 11
| JE SHORT Outpost2.00419EE8
|
| 00419ED7
| 8B4E 1C
| MOV ECX,DWORD PTR DS:[ESI+1C]
|
| 00419EDA
| F6C1 08
| TEST CL,8
|
| 00419EDD
| 74 09
| JE SHORT Outpost2.00419EE8
|
| 00419EDF
| 50
| PUSH EAX
|
| 00419EE0
| E8 4B700A00
| CALL Outpost2.004C0F30
|
| 00419EE5
| 83C4 04
| ADD ESP,4
|
| 00419EE8
| BD FEFFFFFF
| MOV EBP,-2
|
| 00419EED
| 8B7C24 30
| MOV EDI,DWORD PTR SS:[ESP+30]
| ; Load param1 (StreamIO*)
|
| 00419EF1
| C746
| 14 000000>MOV DWORD PTR DS:[ESI+14],0
|
| 00419EF8
| C746
| 18 000000>MOV DWORD PTR DS:[ESI+18],0
|
| 00419EFF
| C746
| 1C 000000>MOV DWORD PTR DS:[ESI+1C],0
|
| 00419F06
| 8B07
| MOV EAX,DWORD PTR DS:[EDI]
| ; Load StreamIO.vtbl pointer
|
| 00419F08
| 8B58 1C
| MOV EBX,DWORD PTR DS:[EAX+1C]
| ; Load &StreamIO.Read(int size, char *buffer)
|
| 00419F0B
| 8D4424 14
| /LEA EAX,DWORD PTR SS:[ESP+14]
| ; Load &local2 (readBuffer)
|
| 00419F0F
| 8BCF
| MOV ECX,EDI
| ; Load "this" pointer (StreamIO)
|
| 00419F11
| 50
| PUSH EAX
| ; Arg2 - &local2 (readBuffer)
|
| 00419F12
| 6A 04
| PUSH 4
| ; Arg1 - 4 (bufferSize)
|
| 00419F14
| FFD3
| CALL EBX
| ; StreamIO.Read(int size, char *buffer) virtual function call
|
| 00419F16
| 8D4424 10
| LEA EAX,DWORD PTR SS:[ESP+10]
| ; Load &local1 (readBuffer)
|
| 00419F1A
| 8BCF
| MOV ECX,EDI
| ; Load "this" pointer (StreamIO)
|
| 00419F1C
| 50
| PUSH EAX
| ; Arg2 - &local1 (readBuffer)
|
| 00419F1D
| 6A 04
| PUSH 4
| ; Arg1 - 4 (bufferSize)
|
| 00419F1F
| FFD3
| CALL EBX
| ; StreamIO.Read(int size, char *buffer) virtual function call
|
| 00419F21
| 85ED
| TEST EBP,EBP
|
| 00419F23
| 7D 14
| JGE SHORT Outpost2.00419F39
|
| 00419F25
| 8B4424 14
| MOV EAX,DWORD PTR SS:[ESP+14]
| ; Load local2 (readBuffer - first read)
|
| 00419F29
| 25 FFFF0000
| AND EAX,0FFFF
|
| 00419F2E
| 3D 424D0000
| CMP EAX,4D42
| ; Check for "BM" tag in first 2 byes
|
| 00419F33
| 0F84 0E010000
| JE Outpost2.0041A047
| ; -> "BM"
|
| 00419F39
| 8B4424 14
| MOV EAX,DWORD PTR SS:[ESP+14]
| ; Load local2 (readBuffer - first read)
|
| 00419F3D
| 3D 50424D50
| CMP EAX,504D4250
| ; Check for "PBMP" tag in first 4 bytes
|
| 00419F42
| 77 0F
| JA SHORT Outpost2.00419F53
|
| 00419F44
| 0F84 E3000000
| JE Outpost2.0041A02D
| ; -> "PBMP"
|
| 00419F4A
| 3D 5050414C
| CMP EAX,4C415050
| ; Check for "PPAL" tag
|
| 00419F4F
| 74 37
| JE SHORT Outpost2.00419F88
| ; -> "PPAL"
|
| 00419F51
| EB 12
| JMP SHORT Outpost2.00419F65
|
| 00419F53
| 3D 64617461
| CMP EAX,61746164
| ; Check for "data" tag
|
| 00419F58
| 74 5E
| JE SHORT Outpost2.00419FB8
| ; -> "data"
|
| 00419F5A
| 3D 68656164
| CMP EAX,64616568
| ; Check for "head" tag
|
| 00419F5F
| 0F84 8C000000
| JE Outpost2.00419FF1
| ; -> "head"
|
| 00419F65
| 83FD FF
| CMP EBP,-1
|
| 00419F68
| 0F84 F0000000
| JE Outpost2.0041A05E
|
| 00419F6E
| 8BCF
| MOV ECX,EDI
| ; Load "this" pointer (StreamIO)
|
| 00419F70
| 8B07
| MOV EAX,DWORD PTR DS:[EDI]
| ; Load StreamIO.vtbl pointer
|
| 00419F72
| FF50 08
| CALL DWORD PTR DS:[EAX+8]
|
| 00419F75
| 8B4C24 10
| MOV ECX,DWORD PTR SS:[ESP+10]
| ; Load local1 (readBuffer - second read)
|
| 00419F79
| 03C8
| ADD ECX,EAX
|
| 00419F7B
| 8B07
| MOV EAX,DWORD PTR DS:[EDI]
| ; Load StreamIO.vtbl pointer
|
| 00419F7D
| 51
| PUSH ECX
|
| 00419F7E
| 8BCF
| MOV ECX,EDI
| ; Load "this" pointer (StreamIO)
|
| 00419F80
| FF50 0C
| CALL DWORD PTR DS:[EAX+C]
|
| 00419F83
| E9 A5000000
| JMP Outpost2.0041A02D
|
| 00419F88
| 8B4424 34
| MOV EAX,DWORD PTR SS:[ESP+34]
| ; Load param2 (???) :"PPAL":
|
| 00419F8C
| A8 01
| TEST AL,1
|
| 00419F8E
| 74 11
| JE SHORT Outpost2.00419FA1
|
| 00419F90
| 33D2
| XOR EDX,EDX
|
| 00419F92
| 8BCF
| MOV ECX,EDI
| ; Load "this" pointer (StreamIO)
|
| 00419F94
| E8 670B0900
| CALL Outpost2.004AAB00
|
| 00419F99
| 8946 18
| MOV DWORD PTR DS:[ESI+18],EAX
|
| 00419F9C
| E9 8C000000
| JMP Outpost2.0041A02D
|
| 00419FA1
| 8BCF
| MOV ECX,EDI
| ; Load "this" pointer (StreamIO)
|
| 00419FA3
| 8B07
| MOV EAX,DWORD PTR DS:[EDI]
| ; Load StreamIO.vtbl pointer
|
| 00419FA5
| FF50 08
| CALL DWORD PTR DS:[EAX+8]
|
| 00419FA8
| 8B4C24 10
| MOV ECX,DWORD PTR SS:[ESP+10]
| ; Load local1 (second read)
|
| 00419FAC
| 03C8
| ADD ECX,EAX
|
| 00419FAE
| 8B07
| MOV EAX,DWORD PTR DS:[EDI]
| ; Load StreamIO.vtbl
|
| 00419FB0
| 51
| PUSH ECX
|
| 00419FB1
| 8BCF
| MOV ECX,EDI
| ; Load "this" pointer (StreamIO)
|
| 00419FB3
| FF50 0C
| CALL DWORD PTR DS:[EAX+C]
|
| 00419FB6
| EB 75
| JMP SHORT Outpost2.0041A02D
|
| 00419FB8
| 83FD FF
| CMP EBP,-1
| ; :"data":
|
| 00419FBB
| 0F84 ED000000
| JE Outpost2.0041A0AE
| ; -> Return 0 (Error) (EBP == -1)
|
| 00419FC1
| 8B4424 10
| MOV EAX,DWORD PTR SS:[ESP+10]
| ; Load local1 (second read)
|
| 00419FC5
| 50
| PUSH EAX
| ; Arg1 - numBytesToAlloc
|
| 00419FC6
| 8946 10
| MOV DWORD PTR DS:[ESI+10],EAX
| ; Store length of section
|
| 00419FC9
| E8 726F0A00
| CALL Outpost2.004C0F40
| ; MemAlloc
|
| 00419FCE
| 83C4 04
| ADD ESP,4
| ; Cleanup parameters from stack
|
| 00419FD1
| 8946 14
| MOV DWORD PTR DS:[ESI+14],EAX
| ; Store returned pointer to allocated memory
|
| 00419FD4
| 85C0
| TEST EAX,EAX
| ; Check if MemAlloc was successful
|
| 00419FD6
| 0F84 DE000000
| JE Outpost2.0041A0BA
| ; -> Failed to allocate memory
|
| 00419FDC
| 8B4E 1C
| MOV ECX,DWORD PTR DS:[ESI+1C]
| ; (Set bit)
|
| 00419FDF
| 50
| PUSH EAX
| ; Arg2 - newBuffer* (destBuffer)
|
| 00419FE0
| 83C9 08
| OR ECX,8
|
| 00419FE3
| 8B5424 14
| MOV EDX,DWORD PTR SS:[ESP+14]
| ; Load local1 (length of section)
|
| 00419FE7
| 52
| PUSH EDX
| ; Arg1 - lengthOfSection (bufferSize)
|
| 00419FE8
| 894E 1C
| MOV DWORD PTR DS:[ESI+1C],ECX
|
| 00419FEB
| 8BCF
| MOV ECX,EDI
| ; Load "this" pointer (StreamIO)
|
| 00419FED
| FFD3
| CALL EBX
| ; StreamIO.Read(int size, char *buffer) virtual function call
|
| 00419FEF
| EB 3C
| JMP SHORT Outpost2.0041A02D
|
| 00419FF1
| 8D4424 18
| LEA EAX,DWORD PTR SS:[ESP+18]
| ; :"head": Load &local3 (readBuffer) :"head":
|
| 00419FF5
| 8B4C24 10
| MOV ECX,DWORD PTR SS:[ESP+10]
| ; Load local1 (readBuffer - second read)
|
| 00419FF9
| 50
| PUSH EAX
| ; Arg2 - &local3 (readBuffer)
|
| 00419FFA
| 51
| PUSH ECX
| ; Arg1 - ECX (first read) (bufferSize) - Note: Max of 5 DWORDs allowed before buffer space is exhausted
|
| 00419FFB
| 8BCF
| MOV ECX,EDI
| ; Load "this" pointer (StreamIO)
|
| 00419FFD
| FFD3
| CALL EBX
| ; StreamIO.Read(int size, char *buffer) virtual function call
|
| 00419FFF
| 8B6C24 18
| MOV EBP,DWORD PTR SS:[ESP+18]
| ; Load local3 (readBuffer)
|
| 0041A003
| 8B4424 1C
| MOV EAX,DWORD PTR SS:[ESP+1C]
| ; Load local4 (???)
|
| 0041A007
| 81E5 FFFFFF00
| AND EBP,0FFFFFF
|
| 0041A00D
| 8B4C24 20
| MOV ECX,DWORD PTR SS:[ESP+20]
| ; Load local5 (???)
|
| 0041A011
| 8B5424 24
| MOV EDX,DWORD PTR SS:[ESP+24]
| ; Load local6 (???)
|
| 0041A015
| 8906
| MOV DWORD PTR DS:[ESI],EAX
|
| 0041A017
| 83C0 03
| ADD EAX,3
| ; (Rounding up to DWORD boundary)
|
| 0041A01A
| 894E 04
| MOV DWORD PTR DS:[ESI+4],ECX
|
| 0041A01D
| 83E0 FC
| AND EAX,FFFFFFFC
| ; Round to DWORD boundary
|
| 0041A020
| 8956 0C
| MOV DWORD PTR DS:[ESI+C],EDX
|
| 0041A023
| 8946 08
| MOV DWORD PTR DS:[ESI+8],EAX
|
| 0041A026
| 8B4424 28
| MOV EAX,DWORD PTR SS:[ESP+28]
| ; Load local7 (???)
|
| 0041A02A
| 8946 1C
| MOV DWORD PTR DS:[ESI+1C],EAX
|
| 0041A02D
| 8BC5
| MOV EAX,EBP
| ; Store LoopCounter :"PBMP":
|
| 0041A02F
| 4D
| DEC EBP
| ; LoopCounter--
|
| 0041A030
| 85C0
| TEST EAX,EAX
| ; Check if LoopCounter == 0
|
| 0041A032
| 0F85 D3FEFFFF
| \JNZ Outpost2.00419F0B
|
| 0041A038
| B8 01000000
| MOV EAX,1
| ; Return 1 (Success)
|
| 0041A03D
| 5D
| POP EBP
|
| 0041A03E
| 5F
| POP EDI
|
| 0041A03F
| 5E
| POP ESI
|
| 0041A040
| 5B
| POP EBX
|
| 0041A041
| 83C4 1C
| ADD ESP,1C
|
| 0041A044
| C2 0800
| RETN 8
|
| 0041A047
| 8B4424 34
| MOV EAX,DWORD PTR SS:[ESP+34]
| ; Load param2 (???) :"BM":
|
| 0041A04B
| 8BCE
| MOV ECX,ESI
| ; Load "this" pointer (???)
|
| 0041A04D
| 50
| PUSH EAX
| ; /Arg2 - param2 (???)
|
| 0041A04E
| 57
| PUSH EDI
| Arg1 - SteamIO*
| 0041A04F
| E8 BC000000
| CALL Outpost2.0041A110
| ; \Outpost2.0041A110
|
| 0041A054
| 5D
| POP EBP
| ; Return EAX (Success or Failure)
|
| 0041A055
| 5F
| POP EDI
|
| 0041A056
| 5E
| POP ESI
|
| 0041A057
| 5B
| POP EBX
|
| 0041A058
| 83C4 1C
| ADD ESP,1C
|
| 0041A05B
| C2 0800
| RETN 8
|
| 0041A05E
| 8B7E 18
| MOV EDI,DWORD PTR DS:[ESI+18]
|
| 0041A061
| 85FF
| TEST EDI,EDI
|
| 0041A063
| 74 10
| JE SHORT Outpost2.0041A075
|
| 0041A065
| 8BCF
| MOV ECX,EDI
|
| 0041A067
| E8 54080900
| CALL Outpost2.004AA8C0
|
| 0041A06C
| 57
| PUSH EDI
|
| 0041A06D
| E8 BE6E0A00
| CALL Outpost2.004C0F30
|
| 0041A072
| 83C4 04
| ADD ESP,4
|
| 0041A075
| 8B46 14
| MOV EAX,DWORD PTR DS:[ESI+14]
|
| 0041A078
| 85C0
| TEST EAX,EAX
|
| 0041A07A
| 74 11
| JE SHORT Outpost2.0041A08D
|
| 0041A07C
| 8B4E 1C
| MOV ECX,DWORD PTR DS:[ESI+1C]
|
| 0041A07F
| F6C1 08
| TEST CL,8
|
| 0041A082
| 74 09
| JE SHORT Outpost2.0041A08D
|
| 0041A084
| 50
| PUSH EAX
|
| 0041A085
| E8 A66E0A00
| CALL Outpost2.004C0F30
|
| 0041A08A
| 83C4 04
| ADD ESP,4
|
| 0041A08D
| 33C0
| XOR EAX,EAX
| ; Return 0 (Error)
|
| 0041A08F
| 5D
| POP EBP
|
| 0041A090
| C746 14 000000>MOV DWORD PTR DS:[ESI+14],0
|
| ; Reinitialize object to blank
|
| 0041A097
| C746
| 18 000000>MOV DWORD PTR DS:[ESI+18],0
|
| 0041A09E
| C746
| 1C 000000>MOV DWORD PTR DS:[ESI+1C],0
|
| 0041A0A5
| 5F
| POP EDI
|
| 0041A0A6
| 5E
| POP ESI
|
| 0041A0A7
| 5B
| POP EBX
|
| 0041A0A8
| 83C4 1C
| ADD ESP,1C
|
| 0041A0AB
| C2 0800
| RETN 8
|
| 0041A0AE
| 33C0
| XOR EAX,EAX
| ; Return 0 (Error)
|
| 0041A0B0
| 5D
| POP EBP
|
| 0041A0B1
| 5F
| POP EDI
|
| 0041A0B2
| 5E
| POP ESI
|
| 0041A0B3
| 5B
| POP EBX
|
| 0041A0B4
| 83C4 1C
| ADD ESP,1C
|
| 0041A0B7
| C2 0800
| RETN 8
|
| 0041A0BA
| 8B7E 18
| MOV EDI,DWORD PTR DS:[ESI+18]
|
| 0041A0BD
| 85FF
| TEST EDI,EDI
|
| 0041A0BF
| 74 10
| JE SHORT Outpost2.0041A0D1
|
| 0041A0C1
| 8BCF
| MOV ECX,EDI
|
| 0041A0C3
| E8 F8070900
| CALL Outpost2.004AA8C0
|
| 0041A0C8
| 57
| PUSH EDI
|
| 0041A0C9
| E8 626E0A00
| CALL Outpost2.004C0F30
|
| 0041A0CE
| 83C4 04
| ADD ESP,4
|
| 0041A0D1
| 8B46 14
| MOV EAX,DWORD PTR DS:[ESI+14]
|
| 0041A0D4
| 85C0
| TEST EAX,EAX
|
| 0041A0D6
| 74 11
| JE SHORT Outpost2.0041A0E9
| ; -> Return 0 (Error)
|
| 0041A0D8
| 8B4E 1C
| MOV ECX,DWORD PTR DS:[ESI+1C]
|
| 0041A0DB
| F6C1 08
| TEST CL,8
|
| 0041A0DE
| 74 09
| JE SHORT Outpost2.0041A0E9
| ; -> Return 0 (Error)
|
| 0041A0E0
| 50
| PUSH EAX
| ; Arg1 - pointer to memory to free
|
| 0041A0E1
| E8 4A6E0A00
| CALL Outpost2.004C0F30
| ; FreeMemory
|
| 0041A0E6
| 83C4 04
| ADD ESP,4
| ; Cleanup parameters from stack
|
| 0041A0E9
| 33C0
| XOR EAX,EAX
| ; Return 0 (Error)
|
| 0041A0EB
| 5D
| POP EBP
|
| 0041A0EC
| C746 14 000000>MOV DWORD PTR DS:[ESI+14],0
|
| ; Reinitialize object to blank
|
| 0041A0F3
| C746
| 18 000000>MOV DWORD PTR DS:[ESI+18],0
|
| 0041A0FA
| C746
| 1C 000000>MOV DWORD PTR DS:[ESI+1C],0
|
| 0041A101
| 5F
| POP EDI
|
| 0041A102
| 5E
| POP ESI
|
| 0041A103
| 5B
| POP EBX
|
| 0041A104
| 83C4 1C
| ADD ESP,1C
|
| 0041A107
| C2 0800
| RETN 8
|
| Address
| Opcode
| Mnemonics
| Comment
|
