Herbert Kleebauer on Sat, 22 Sep 2018 08:04:13 +0200
typed in alt.windows7.general the following:
On 22.09.2018 03:08, Paul wrote:
This is the base64 stuff decoded.
https://i.postimg.cc/9FkYL8cn/hexdump.gif
I used this for base64 to binary.
https://www.base64decode.org/#decodefiles
No need to use an external decoder, the batch does the
decoding itself. cerutil is part of Windows since XP.
And this for trying a few opcodes to sync up to what
might be the code portion.
https://defuse.ca/online-x86-assembler.htm#disassembly2
No idea what it does, but that's a start at analysis.
I already posted the few lines of source code. Here the
listing from the assembler which explains the meaning
of every byte in the 1024 byte exe:
Wow.
One more reason I don't like programming at the assembler level.
B-)
--
pyotr filipivich
Next month's Panel: Graft - Boon or blessing?