Labelmas.sub_02CD1954

02CD1954  /$ PUSH EBX 
02CD1955  |. PUSH ESI 
02CD1956  |. PUSH EDI 
02CD1957  |. MOV EDI,ECX 
02CD1959  |. MOV ESI,EDX 
02CD195B  |. CMP DWORD PTR DS:[2CDE724],0 
02CD1962  |. JNZ SHORT Labelmas.02CD198A 
02CD1964  |. MOV EDX,DWORD PTR DS:[2CE1670] 
02CD196A  |. CMP EDX,2 
02CD196D  |. JE SHORT Labelmas.02CD1974 
02CD196F  |. CMP EDX,1 
02CD1972  |. JNZ SHORT Labelmas.02CD1980 
02CD1974  |> MOV DWORD PTR DS:[2CDE724],100000 
02CD197E  |. JMP SHORT Labelmas.02CD198A 
02CD1980  |> MOV DWORD PTR DS:[2CDE724],400000         ;  ASCII "MZP"
02CD198A  |> MOV EDX,DWORD PTR DS:[2CDE724]            ;  OLLYDBG.00400000
02CD1990  |. MOV EBX,EDX 
02CD1992  |. ADD EBX,EAX 
02CD1994  |. DEC EBX 
02CD1995  |. DEC EDX 
02CD1996  |. NOT EDX 
02CD1998  |. AND EBX,EDX 
02CD199A  |. PUSH 1                                    ; /Protect = PAGE_NOACCESS
02CD199C  |. PUSH 2000                                 ; |AllocationType = MEM_RESERVE
02CD19A1  |. PUSH EBX                                  ; |Size
02CD19A2  |. PUSH 0                                    ; |Address = NULL
02CD19A4  |. CALL <JMP.&KERNEL32.VirtualAlloc>         ; \VirtualAlloc
02CD19A9  |. MOV DWORD PTR DS:[ESI],EAX 
02CD19AB  |. TEST EAX,EAX 
02CD19AD  |. JNZ SHORT Labelmas.02CD19B3 
02CD19AF  |. XOR EAX,EAX 
02CD19B1  |. JMP SHORT Labelmas.02CD19BA 
02CD19B3  |> MOV DWORD PTR DS:[EDI],EBX 
02CD19B5  |. MOV EAX,1 
02CD19BA  |> POP EDI 
02CD19BB  |. POP ESI 
02CD19BC  |. POP EBX 
02CD19BD  \. RETN 
02CD19BE     NOP 
02CD19BF     NOP