Herbert Kleebauer on Sat, 22 Sep 2018 08:04:13 +0200
typed in alt.windows7.general the following:
On 22.09.2018 03:08, Paul wrote:

This is the base64 stuff decoded.

https://i.postimg.cc/9FkYL8cn/hexdump.gif

I used this for base64 to binary.

https://www.base64decode.org/#decodefiles

No need to use an external decoder, the batch does the
decoding itself. cerutil is part of Windows since XP.

And this for trying a few opcodes to sync up to what
might be the code portion.

https://defuse.ca/online-x86-assembler.htm#disassembly2

No idea what it does, but that's a start at analysis.

I already posted the few lines of source code. Here the
listing from the assembler which explains the meaning
of every byte in the 1024 byte exe:

Wow.

One more reason I don't like programming at the assembler level.
B-)


--
pyotr filipivich
Next month's Panel: Graft - Boon or blessing?