Hi,
I'm analyzing stabuniq with MD5= f31b797831b36a4877aa0fd173a7a4a2
and it get cookie from "http://sovereutilizeignty.com/rssnews.php" , but after that it checks "response=" and then decode extracted response string to some data. After decoding it has some dynamic call relevant to these strings... can anybody help about how it decode strings or "what is exact string to be patched?"
I'm analyzing stabuniq with MD5= f31b797831b36a4877aa0fd173a7a4a2
and it get cookie from "http://sovereutilizeignty.com/rssnews.php" , but after that it checks "response=" and then decode extracted response string to some data. After decoding it has some dynamic call relevant to these strings... can anybody help about how it decode strings or "what is exact string to be patched?"
