API tools faq
paste
Advertisement
EddyCZ

Untitled

EddyCZ
Oct 5th, 2023
89
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.81 KB | None | 0 0
raw download clone embed print report
  1. hi! you can try #TinyTracer, it helped me a lot on this one
  2.  
  3. but you need to change some default settings in TinyTracer.ini
  4.  
  5. ```ENABLE_SHORT_LOGGING=True
  6. USE_DEBUG_SYMBOLS=False
  7. FOLLOW_SHELLCODES=3
  8. ;FOLLOW_SHELLCODES:
  9. ; 0 : trace only the main target module
  10. ; 1 : follow only the first shellcode called from the main module
  11. ; 2 : follow also the shellcodes called recursively from the the original shellcode
  12. ; 3 : follow any shellcodes
  13. TRACE_RDTSC=False
  14. TRACE_INT=False
  15. TRACE_SYSCALL=True
  16. LOG_SECTIONS_TRANSITIONS=True
  17. LOG_SHELLCODES_TRANSITIONS=False
  18. HEXDUMP_SIZE=8
  19. HOOK_SLEEP=False
  20. SLEEP_TIME=10
  21. ; ANTIDEBUG: (Windows only)
  22. ; 0 : Disabled
  23. ; 1 : Standard
  24. ; 2 : Deep (may lead to some false positives)
  25. ANTIDEBUG=0
  26. ANTIVM=0```
  27.  
  28. try with those settings
  29.  
  30. it should clarify a lot what is happening there
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!