format PE
entry start

section '.data' data readable writeable

cs_string DB "copy me", 0
r_string  DB "        "

section '.text' code readable executable

start:
 push cs_string
 push r_string
 call strcpy
 add esp, 8
 int 3

strcpy:
 jmp skip_new_byte
 db 0B8h
skip_new_byte:
 push 0F4DCE10h
 push edx
 call do_nothing_2
 jmp moved1

bebacksoon:
 jmp goingback

back1:
 shl edx, 10h
 add esp, ebx
 jmp skip_moved2_chain

moved2_chain:
 jmp moved2

skip_moved2_chain:
 mov dh, [ebp+09h]
 push dword [ebp+0Ch]
 mov dl, [ebp+08h]
 jmp skip_moved2

do_nothing_2:
 push ebp
 mov ebp, esp
 push ecx
 mov ecx, 0
 repe cmpsw
 pop ecx
 pop ebp
 retn 4

moved2:
 smsw bp
 xor byte [edi], 5Fh
 and ebp, 1
 add esi, ebp
 jnc bebacksoon
 push 1E3D22h
 call do_nothing_2
goingback:
 sub edi, eax
 stc
 retn

skip_moved2:
 pop esi
 push edx
 jmp skip_new_word
 db 05h, 12h
skip_new_word:

 lea edx, [ebp+08h]
 mov edi, [edx]
 pop edx
copy:
 mov ah, [esi]
 mov byte [edi], 5Fh
 xchg ah, al
 xor [edi], al
 push ebp
 call moved2_chain
 pop ebp
 adc edi, eax
 add al, ch
 cmp al, ch
 jmp moved3
back3:
 jmp copy_chain

moved1:
 mov [esp], ebp
 sub esp, ebx
 jmp skip_new_dword
 db 66h, 81h, 34h, 9Ch
skip_new_dword:
 mov ebp, esp
 add ebp, ebx
 mov dx, [ebp+0Ah]
 jmp back1

finished:
 xor eax, edx
 push ebp
 call do_nothing_2
 xor edx, eax
 jmp skip_moved3

moved3:
 ja copy
 jnb finished
 jmp back3

copy_chain:
 jmp copy

skip_moved3:
 mov ebp, [esp]
 pop dword [esp+4]
 push 80001h
 call do_nothing_2
 pop ecx
 xor eax, edx
 jmp ecx