; ; +-------------------------------------------------------------------------+ ; | This file has been generated by The Interactive Disassembler (IDA) | ; | Copyright (c) 2017 Hex-Rays, | ; +-------------------------------------------------------------------------+ ; ; Input SHA256 : AE20166A94E4F59AD1CFD4FB1A243C4D49448A33AFB5C156D25AF39B0C5DD9A6 ; Input MD5 : FA91C98711E5D6BA89B5D0CFA438874A ; Input CRC32 : 68D06C22 ; File Name : C:\Users\IEUser\Desktop\animdll_ba_1.dll ; Format : New Executable (NE) Windows ; Title 'animdll.dll' ; Target operating system MS Windows ; File Load CRC 000000000h ; Program Entry Point (CS:IP) 0000:0000 ; Initial Stack Pointer (SS:SP) 0000:0000 ; Auto Data Segment Index 0002h ( 2. ) ; Initial Local Heap Size 0400h ( 1024. ) ; Initial Stack Size 2000h ( 8192. ) ; Linker Version 5.1 ; Minimum code swap area size 0 ; Expected Windows Version 3.0 ; Program Flags (8201): DLL Single data Compatible with PM ; Other EXE Flags (0000): ; ---------------------------------------------------------------------------- ; Segment Number : 1 ; Alloc Size : 0344h ; Offset in the file: 01B0h Length: 0344h ; Attributes (0D60): CODE Pure Preloaded Relocations DPL: 3 .686p .mmx .model flat ; Segment type: Pure code cseg01 segment para public 'CODE' use16 assume cs:cseg01 assume es:nothing, ss:nothing, ds:dseg02, fs:nothing, gs:nothing push ds pop ax nop inc bp push bp mov bp, sp push ds mov ds, ax mov ax, 1 pop ds pop bp dec bp retf 0Ah db 89h, 0C0h db 89h, 0C0h db 89h, 0C0h db 89h, 0C0h db 89h, 0C0h db 89h, 0C0h cld ; ; External Entry #1 into the Module ; Attributes (0023): Fixed Exported Shared dataseg Ring transactions ; public TIMERDLL_PROC TIMERDLL_PROC proc far push ds ; animdll_1 pop ax nop inc bp push bp mov bp, sp push ds mov ds, ax push si push di mov bx, [bp+0Eh] mov es, word ptr [bp+10h] mov di, bx mov dx, es:[bx+0Eh] mov cx, es:[bx+0Ch] cmp dx, 'MI' jnz short loc_81 cmp cx, 'NA' jnz short loc_81 mov dx, es:[bx+4] mov ax, es:[bx+6] add es:[bx], dx mov dx, es:[di+2] mov si, es:[bx+8] adc dx, ax mov cx, es:[bx+0Ah] mov es:[di+2], dx mov ax, es:[bx+4] mov bx, es:[bx+6] mov es, cx mov di, es:[si] add di, ax mov ax, es:[si+2] mov es:[si], di adc ax, bx mov es:[si+2], ax loc_81: pop di pop si pop ds pop bp dec bp retf 10h TIMERDLL_PROC endp db 89h, 0C0h db 89h, 0C0h db 89h, 0C0h cld ; ; External Entry #2 into the Module ; Attributes (0003): Fixed Exported Shared dataseg ; public TIMERDLL_TEST TIMERDLL_TEST proc far push ds ; animdll_2 pop ax nop inc bp push bp mov bp, sp push ds mov ds, ax push 0 push ds push offset aTestRunning ; "Test Running" push ds push offset aAnimdll16 ; "AnimDLL16" push 2000h ; MB_TASKMODAL call MESSAGEBOX pop ds pop bp dec bp retf TIMERDLL_TEST endp ; ; External Entry #3 into the Module ; Attributes (000B): Fixed Exported Shared dataseg Ring transactions ; public LOAD_SOUND LOAD_SOUND proc far push ds ; animdll_3 pop ax nop inc bp push bp mov bp, sp push ds mov ds, ax push si push di sub sp, 6 mov dx, [bp+8] push dx mov bx, [bp+6] push bx push 0 push 0 push 0 push 0 call MMIOOPEN mov si, ax mov [bp-0Ch], ax test ax, ax jz loc_17C push ax push 0 push 0 push 2 call MMIOSEEK push si push 0 push 0 mov di, ax push 0 mov [bp-8], dx call MMIOSEEK push 2002h mov ax, [bp-8] push ax push di call GLOBALALLOC mov [bp-0Ah], ax test ax, ax jz short loc_14E push ax call GLOBALLOCK test dx, dx jnz short loc_11E test ax, ax jz short loc_12D loc_11E: push si push dx push ax mov ax, [bp-8] push ax push di call MMIOREAD jmp short loc_143 loc_12D: push 0 mov cx, [bp+8] push cx mov si, [bp+6] push si push ds push offset aCouldNotLockSo ; "Could not lock sound" push 2000h ; MB_TASKMODAL call MESSAGEBOX loc_143: mov dx, [bp-0Ah] push dx call GLOBALUNLOCK jmp short loc_163 loc_14E: push ax mov dx, [bp+8] push dx mov bx, [bp+6] push bx push ds push offset aCouldNotAllocS ; "Could not alloc sound" push 2000h ; MB_TASKMODAL call MESSAGEBOX loc_163: mov bx, [bp-0Ch] push bx push 0 call MMIOCLOSE mov ax, [bp-0Ah] lea sp, [bp-6] pop di pop si pop ds pop bp dec bp retf 4 loc_17C: push ax mov cx, [bp+8] push cx mov si, [bp+6] push si push ds push offset aCouldNotLoadSo ; "Could not load sound" push 2000h ; MB_TASKMODAL call MESSAGEBOX xor ax, ax lea sp, [bp-6] pop di pop si pop ds pop bp dec bp retf 4 LOAD_SOUND endp align 4 ; ; External Entry #4 into the Module ; Attributes (0007): Fixed Exported Shared dataseg ; public UNLOAD_SOUND UNLOAD_SOUND proc far push ds ; animdll_4 pop ax nop inc bp push bp mov bp, sp push ds mov ds, ax mov ax, [bp+6] test ax, ax jz short loc_1B7 push ax call GLOBALFREE loc_1B7: xor ax, ax pop ds pop bp dec bp retf 2 UNLOAD_SOUND endp cld ; ; External Entry #5 into the Module ; Attributes (000B): Fixed Exported Shared dataseg Ring transactions ; public PLAY_SOUND PLAY_SOUND proc far push ds ; animdll_5 pop ax nop inc bp push bp mov bp, sp push ds mov ds, ax mov ax, [bp+8] test ax, ax jz short loc_1FF push ax call GLOBALLOCK mov bx, ax mov ax, dx test dx, dx jnz short loc_1E3 test bx, bx jz short loc_1FC loc_1E3: cmp word ptr [bp+6], 0 jz short loc_1EF push ax push bx push 0Dh ; fuSound = SND_ASYNC | SND_MEMORY | SND_LOOP jmp short loc_1F3 loc_1EF: push ax push bx push 5 ; fuSound = SND_ASYNC | SND_MEMORY loc_1F3: call SNDPLAYSOUND xor ax, ax jmp short loc_1FF loc_1FC: mov ax, 1 loc_1FF: pop ds pop bp dec bp retf 4 PLAY_SOUND endp db 89h, 0C0h db 89h, 0C0h db 89h, 0C0h db 89h, 0C0h db 89h, 0C0h cld ; ; External Entry #6 into the Module ; Attributes (000B): Fixed Exported Shared dataseg Ring transactions ; public OPEN_IPMA_DLL OPEN_IPMA_DLL proc far push ds ; animdll_6 pop ax nop inc bp push bp mov bp, sp push ds mov ds, ax push si push 'cd' ; fccType = vidc push 'iv' push 'AM' ; fccHandler = IPMA push 'PI' push 2 ; wMode = ICMODE_DECOMPRESS call ICOPEN mov si, ax test ax, ax jnz short loc_247 push ax push ds push offset aInstallBlownAw ; "Install Blown Away from CD-ROM" push ds push offset aBlownAway ; "Blown Away" push 2000h ; MB_TASKMODAL call MESSAGEBOX jmp short loc_262 loc_247: push ax push 5001h ; ICM_SETSTATE mov es, word ptr [bp+8] push es mov bx, [bp+6] push bx push 0 push 22h ; '"' ; size of configuration data block mov word ptr es:[bx+4], 1 call ICSENDMESSAGE loc_262: mov ax, si pop si pop ds pop bp dec bp retf 4 OPEN_IPMA_DLL endp db 89h, 0C0h db 89h, 0C0h cld ; ; External Entry #7 into the Module ; Attributes (000F): Fixed Exported Shared dataseg Ring transactions ; public CLOSE_IPMA_DLL CLOSE_IPMA_DLL proc far push ds ; animdll_7 pop ax nop inc bp push bp mov bp, sp push ds mov ds, ax push si les bx, [bp+6] mov si, [bp+0Ah] test si, si jz short loc_2A0 push si push 5001h ; ICM_SETSTATE push es push bx push 0 push 22h ; '"' ; size of configuration data block mov word ptr es:[bx+4], 2 call ICSENDMESSAGE push si call ICCLOSE loc_2A0: xor ax, ax pop si pop ds pop bp dec bp retf 6 CLOSE_IPMA_DLL endp db 89h, 0C0h db 89h, 0C0h db 89h, 0C0h cld ; ; External Entry #8 into the Module ; Attributes (0003): Fixed Exported Shared dataseg ; public TEST_VIDEO_DLL TEST_VIDEO_DLL proc far push ds ; animdll_8 pop ax nop inc bp push bp mov bp, sp push ds mov ds, ax push 'cd' ; fccType = vidc push 'iv' push '23' ; fccHandler = IV32 push 'VI' push 2 ; wMode = ICMODE_DECOMPRESS call ICOPEN test ax, ax jnz short loc_2E6 push ax push ds push offset aInstallVideoFo ; "Install Video For Windows from Game CD-"... push ds push offset aBlownAway ; "Blown Away" push 2000h ; MB_TASKMODAL call MESSAGEBOX xor ax, ax jmp short loc_323 loc_2E6: push ax call ICCLOSE push 'cd' ; fccType = vidc push 'iv' push 'AM' ; fccHandler = IPMA push 'PI' push 2 ; wMode = ICMODE_DECOMPRESS call ICOPEN test ax, ax jnz short loc_31A push ax push ds push offset aInstallBlownAw_0 ; "Install Blown Away from CD-ROM" push ds push offset aBlownAway ; "Blown Away" push 2000h ; MB_TASKMODAL call MESSAGEBOX xor ax, ax pop ds pop bp dec bp retf loc_31A: push ax call ICCLOSE mov ax, 1 loc_323: pop ds pop bp dec bp retf TEST_VIDEO_DLL endp db 89h, 0C0h db 89h, 0C0h db 89h, 0C0h db 89h, 0C0h cld ; ; External Entry #9 into the Module ; Attributes (0007): Fixed Exported Shared dataseg ; public WEP WEP proc far push ds ; animdll_9 pop ax nop inc bp push bp mov bp, sp push ds mov ds, ax mov ax, 1 pop ds pop bp dec bp retf 2 WEP endp align 2 align 10h cseg01 ends ; Segment Number : 2 ; Alloc Size : 00E4h ; Offset in the file: 05C6h Length: 00D0h ; Attributes (0C61): DATA Pure Preloaded DPL: 3 ; Segment type: Pure data dseg02 segment para public 'DATA' use16 assume cs:dseg02 aTestRunning db 'Test Running',0 db 7Bh ; { aAnimdll16 db 'AnimDLL16',0 aCouldNotLockSo db 'Could not lock sound',0 db 71h ; q aCouldNotAllocS db 'Could not alloc sound',0 aCouldNotLoadSo db 'Could not load sound',0 db 83h aInstallBlownAw db 'Install Blown Away from CD-ROM',0 db 7Ah ; z aBlownAway db 'Blown Away',0 db 80h aInstallVideoFo db 'Install Video For Windows from Game' db ' CD-ROM',0 db 70h ; p aInstallBlownAw_0 db 'Install Blown Away from CD-ROM',0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 db 0 align 10h dseg02 ends ; Segment type: Externs ; MMSYSTEM extrn SNDPLAYSOUND:far extrn MMIOOPEN:far extrn MMIOCLOSE:far extrn MMIOREAD:far extrn MMIOSEEK:far ; Segment type: Externs ; USER extrn MESSAGEBOX:far ; Segment type: Externs ; KERNEL extrn GLOBALALLOC:far extrn GLOBALFREE:far extrn GLOBALLOCK:far extrn GLOBALUNLOCK:far ; Segment type: Externs ; MSVIDEO extrn ICOPEN:far extrn ICCLOSE:far extrn ICSENDMESSAGE:far end