UNPACKING THE FILE
1.For unpacking the
2. Run the program (F9)
3. When we stay in the in 40FE78 execute one step (F7). And now we are in the Entry point.
4. Finaly we dump the executable with OllyDump pluggin to Unpacked.exe
Now we can disassembly and study the Unpacked.exe with IDA:
Debuggin all options and commands with Olly dbg.
And Sniffing the net traffic and different commands with Ethereal, and send the backdoor commands with telnet.
Olly dbg http://home.t-online.de/home/Ollydbg/
Ida evaluation versión www.datarescue.com