Cshell/Crossfire UnpackedNo idea who the minion is so someone will need to mention him if you want it. VirusTotal Jotti CF Dumped_mpgh.net.zip
Hmm, opening with OllyDbg will be the same, as opening the Original CShell... Aren't you just copied the Byte Array from the memory ?
Originally Posted by rabir007 Hmm, opening with OllyDbg will be the same, as opening the Original CShell... Aren't you just copied the Byte Array from the memory ? What you talking about? The original cshell is encrypted, this one isn't because it's been dumped.
Originally Posted by Pingo What you talking about? The original cshell is encrypted, this one isn't because it's been dumped. Hmm... I still can't open with Olly... At least, it don't find any string, except the ones which in the crypted...
Originally Posted by rabir007
Originally Posted by Pingo