I've used hex rays to decompile a quiz application to C, it loads an external file with the questions and then decrypts it, just trying to figure out the algo to decrypt the file? signed int __cdecl sub_4033A0() { FILE *v1; // eax@1 char *v2; // ecx@15 char *v3; // ecx@17 FILE *v4; // eax@25 FILE *v5; // eax@26 signed int v6; // [sp+24h] [bp-Ch]@1 FILE *File; // [sp+20h] [bp-10h]@1 char DstBuf; // [sp+10h] [bp-20h]@3 char v9; // [sp+4h] [bp-2Ch]@3 char v10; // [sp+1Ch] [bp-14h]@3 char v11; // [sp+18h] [bp-18h]@3 int v12; // [sp+Ch] [bp-24h]@9 __int16 v13; // [sp+8h] [bp-28h]@11 int v14; // [sp+2Ch] [bp-4h]@18 signed int v15; // [sp+14h] [bp-1Ch]@25 size_t Count; // [sp+28h] [bp-8h]@30 v6 = 1; memset(Str1, 0, 0x2E4u); v1 = fopen("Question\\Question.dat", "rb"); File = v1; if ( !v1 ) { nullsub_2(); return 0; } fread(Str1, 1u, 6u, File); fread(byte_451E06, 1u, 2u, File); fread(byte_451E08, 1u, 0x200u, File); fread(&dword_452250, 1u, 4u, File); fread(&dword_4520E4, 1u, 4u, File); fread(&DstBuf, 1u, 4u, File); fread(&v9, 1u, 4u, File); fread(&v10, 1u, 4u, File); fread(&v11, 1u, 4u, File); if ( strncmp(Str1, "JPMBIN", 6u) ) return 0; if ( strncmp(byte_451E06, "12", 2u) ) return 0; if ( dword_452250 > 10 ) dword_452250 = 10; dword_43C91C = dword_452250; v12 = 0; while ( v12 < dword_452250 ) { fread(&stru_43C6CC[36 * v12], 1u, 0x24u, File); dword_452008[5 * v12] = (int)&stru_43C6CC[36 * v12]; v13 = 0; while ( v13 < 36 ) { *(&stru_43C6CC[36 * v12] + v13) = toupper(*(&stru_43C6CC[36 * v12] + v13)); ++v13; } if ( strncmp(&stru_43C6CC[36 * v12], "SCIENCE", 7u) ) { if ( !strncmp(&stru_43C6CC[36 * v12], "PEOPLE", 6u) ) { v3 = &stru_43C6CC[36 * v12]; *(_DWORD *)v3 = dword_43A320; *((_DWORD *)v3 + 1) = dword_43A324; *((_DWORD *)v3 + 2) = dword_43A328; *((_WORD *)v3 + 6) = word_43A32C; } } else { v2 = &stru_43C6CC[36 * v12]; *(_DWORD *)v2 = dword_43A338; *((_DWORD *)v2 + 1) = dword_43A33C; *((_DWORD *)v2 + 2) = dword_43A340; *((_WORD *)v2 + 6) = word_43A344; *(v2 + 14) = byte_43A346; } fread(&dword_45200C[5 * v12], 1u, 4u, File); v14 = 0; while ( v14 < dword_4520E4 && v14 < 6 ) fread((char *)&stru_452010[5 * v12] + 2 * v14++, 1u, 4u, File); ++v12; } if ( fclose(File) ) nullsub_2(); v15 = 1; v4 = fopen("Question\\Question.enc", "rb"); File = v4; if ( v4 ) { nullsub_2(); } else { nullsub_2(); v15 = 0; v5 = fopen("Question\\Question.bin", "rb"); File = v5; if ( !v5 ) { nullsub_2(); return 0; } nullsub_2(); } fseek(File, 0, 2); Count = ftell(File); fseek(File, 0, 0); DstBuf = malloc(Count); if ( DstBuf ) { if ( v15 ) { fclose(File); if ( !sub_42B590((int)DstBuf, "Question\\Question.enc", (int)&unk_42E558) ) { nullsub_2(); v6 = 0; } } else { fread(DstBuf, 1u, Count, File); fclose(File); } } else { fclose(File); nullsub_2(); v6 = 0; } return v6; } //----- (00403850) -------------------------------------------------------- signed int __cdecl sub_403850() { signed int v1; // [sp+0h] [bp-4h]@1 v1 = 0; if ( DstBuf ) { free(DstBuf); v1 = 1; } return v1; } //----- (00403890) -------------------------------------------------------- __int16 __cdecl sub_403890(int a1, __int16 a2, __int16 a3, __int16 a4) { __int16 result; // ax@7 int v5; // edx@11 int v6; // eax@12 int v7; // ecx@13 int v8; // edx@15 int v9; // ecx@16 void *v10; // [sp+4h] [bp-Ch]@8 __int16 v11; // [sp+8h] [bp-8h]@8 int v12; // [sp+Ch] [bp-4h]@12 signed int v13; // [sp+0h] [bp-10h]@16 if ( a2 >= 0 && a2 < dword_43C91C && a3 >= 0 && a3 <= 6 && a4 < (signed int)*((_WORD *)&stru_452010[5 * a2] + a3) && a4 >= 0 ) { v10 = (char *)DstBuf + dword_45200C[5 * a2]; v11 = 0; while ( v11 < a3 ) a4 += *((_WORD *)&stru_452010[5 * a2] + v11++); do { v11 = *(_BYTE *)v10; v5 = v11; v10 = (char *)v10 + 1; if ( !v11 ) { v10 = (char *)v10 - 1; v12 = ((signed int)((v5 & 0x1FFFF) + v10 - DstBuf) >> 17) + 1; v6 = (((signed int)((v5 & 0x1FFFF) + v10 - DstBuf) >> 17) + 1) << 17; v10 = (char *)DstBuf + v6; v11 = *((_BYTE *)DstBuf + v6); v10 = DstBuf + v6 + 1; } v10 = (char *)v10 + v11; v7 = a4--; } while ( v7 ); v10 = (char *)v10 - v11; Str = (char *)&unk_452100; while ( 1 ) { v8 = v11--; if ( !v8 ) break; v13 = *(_BYTE *)v10; v9 = (int)((char *)v10 + 1); v10 = (char *)v10 + 1; sub_403AA0(v9, v13); } *Str = 13; Str = (char *)&unk_452100; v11 = 0; while ( v11 < 5 ) { *(_DWORD *)(a1 + 4 * v11) = Str; Str = strchr(Str, 13); if ( !Str ) return 0; *Str++ = 0; ++v11; } result = 1; } else { result = 0; } return result; } //----- (00403AA0) -------------------------------------------------------- char *__thiscall sub_403AA0(int this, signed int a2) { char *result; // eax@1 int v3; // [sp+0h] [bp-4h]@1 v3 = this; result = (char *)(Str - (char *)&unk_452100); if ( (signed int)(Str - (char *)&unk_452100) <= 335 ) { if ( a2 >= 39 ) { sub_403AA0(byte_451E08[2 * a2]); result = (char *)sub_403AA0(byte_451E09[2 * a2]); } else { v3 = a2 - 1; if ( (unsigned int)(a2 - 1) > 5 ) { result = (char *)(dword_43A1FC + a2); *Str++ = (_BYTE)dword_43A1FC + (_BYTE)a2; dword_43A1FC = 89; } else { result = (char *)v3; switch ( v3 ) { case 0: dword_43A1FC -= 32; break; case 1: result = (char *)sub_42B2A0(Str, (int)off_43A1F4); Str += 8; break; case 2: dword_43A1FC -= 64; break; case 3: result = Str; *Str++ = 32; break; case 4: *Str = 13; result = Str++ + 1; break; case 5: *Str++ = 63; break; } } } } else { dword_43C918 = 1; } return result; } Code (markup): Any help at all much appreciated, I can upload the entire C file if something's missing