No sé, pero "infectar" en Notepad y hacer que muestre un msg box?
Inyecta esta shellcode (hello world):
C:
unsigned char data[140] = {
0x31, 0xF6, 0x56, 0x64, 0x8B, 0x76, 0x30, 0x8B, 0x76, 0x0C, 0x8B, 0x76, 0x1C, 0x8B, 0x6E, 0x08,
0x8B, 0x36, 0x8B, 0x5D, 0x3C, 0x8B, 0x5C, 0x1D, 0x78, 0x01, 0xEB, 0x8B, 0x4B, 0x18, 0x67, 0xE3,
0xEC, 0x8B, 0x7B, 0x20, 0x01, 0xEF, 0x8B, 0x7C, 0x8F, 0xFC, 0x01, 0xEF, 0x31, 0xC0, 0x99, 0x32,
0x17, 0x66, 0xC1, 0xCA, 0x01, 0xAE, 0x75, 0xF7, 0x66, 0x81, 0xFA, 0x2A, 0xB6, 0x74, 0x09, 0x66,
0x81, 0xFA, 0xAA, 0x1A, 0xE0, 0xDB, 0x75, 0xC5, 0x8B, 0x53, 0x24, 0x01, 0xEA, 0x0F, 0xB7, 0x14,
0x4A, 0x8B, 0x7B, 0x1C, 0x01, 0xEF, 0x03, 0x2C, 0x97, 0x85, 0xF6, 0x74, 0x15, 0x68, 0x33, 0x32,
0x20, 0x20, 0x68, 0x75, 0x73, 0x65, 0x72, 0x54, 0xFF, 0xD5, 0x95, 0x31, 0xF6, 0xE9, 0xA0, 0xFF,
0xFF, 0xFF, 0x56, 0x68, 0x72, 0x6C, 0x64, 0x21, 0x68, 0x6F, 0x20, 0x77, 0x6F, 0x68, 0x48, 0x65,
0x6C, 0x6C, 0x54, 0x87, 0x04, 0x24, 0x50, 0x50, 0x56, 0xFF, 0xD5, 0xCC
};
ASM:
data db 31h, 0F6h, 56h, 64h, 8Bh, 76h, 30h, 8Bh, 76h, 0Ch, 8Bh, 76h, 1Ch, 8Bh, 6Eh, 08h
db 8Bh, 36h, 8Bh, 5Dh, 3Ch, 8Bh, 5Ch, 1Dh, 78h, 01h, 0EBh, 8Bh, 4Bh, 18h, 67h, 0E3h
db 0ECh, 8Bh, 7Bh, 20h, 01h, 0EFh, 8Bh, 7Ch, 8Fh, 0FCh, 01h, 0EFh, 31h, 0C0h, 99h, 32h
db 17h, 66h, 0C1h, 0CAh, 01h, 0AEh, 75h, 0F7h, 66h, 81h, 0FAh, 2Ah, 0B6h, 74h, 09h, 66h
db 81h, 0FAh, 0AAh, 1Ah, 0E0h, 0DBh, 75h, 0C5h, 8Bh, 53h, 24h, 01h, 0EAh, 0Fh, 0B7h, 14h
db 4Ah, 8Bh, 7Bh, 1Ch, 01h, 0EFh, 03h, 2Ch, 97h, 85h, 0F6h, 74h, 15h, 68h, 33h, 32h
db 20h, 20h, 68h, 75h, 73h, 65h, 72h, 54h, 0FFh, 0D5h, 95h, 31h, 0F6h, 0E9h, 0A0h, 0FFh
db 0FFh, 0FFh, 56h, 68h, 72h, 6Ch, 64h, 21h, 68h, 6Fh, 20h, 77h, 6Fh, 68h, 48h, 65h
db 6Ch, 6Ch, 54h, 87h, 04h, 24h, 50h, 50h, 56h, 0FFh, 0D5h, 0CCh
Dis:
010F1901 31F6 XOR ESI,ESI
010F1903 56 PUSH ESI
010F1904 64:8B76 30 MOV ESI,DWORD PTR FS:[ESI+30]
010F1908 8B76 0C MOV ESI,DWORD PTR DS:[ESI+C]
010F190B 8B76 1C MOV ESI,DWORD PTR DS:[ESI+1C]
010F190E 8B6E 08 MOV EBP,DWORD PTR DS:[ESI+8]
010F1911 8B36 MOV ESI,DWORD PTR DS:[ESI]
010F1913 8B5D 3C MOV EBX,DWORD PTR SS:[EBP+3C]
010F1916 8B5C1D 78 MOV EBX,DWORD PTR SS:[EBP+EBX+78]
010F191A 01EB ADD EBX,EBP
010F191C 8B4B 18 MOV ECX,DWORD PTR DS:[EBX+18]
010F191F 67:E3 EC JCXZ SHORT CommandC.010F190E
010F1922 8B7B 20 MOV EDI,DWORD PTR DS:[EBX+20]
010F1925 01EF ADD EDI,EBP
010F1927 8B7C8F FC MOV EDI,DWORD PTR DS:[EDI+ECX*4-4]
010F192B 01EF ADD EDI,EBP
010F192D 31C0 XOR EAX,EAX
010F192F 99 CDQ
010F1930 3217 XOR DL,BYTE PTR DS:[EDI]
010F1932 66:C1CA 01 ROR DX,1
010F1936 AE SCAS BYTE PTR ES:[EDI]
010F1937 ^ 75 F7 JNZ SHORT CommandC.010F1930
010F1939 66:81FA 2AB6 CMP DX,0B62A
010F193E 74 09 JE SHORT CommandC.010F1949
010F1940 66:81FA AA1A CMP DX,1AAA
010F1945 ^ E0 DB LOOPDNE SHORT CommandC.010F1922
010F1947 ^ 75 C5 JNZ SHORT CommandC.010F190E
010F1949 8B53 24 MOV EDX,DWORD PTR DS:[EBX+24]
010F194C 01EA ADD EDX,EBP
010F194E 0FB7144A MOVZX EDX,WORD PTR DS:[EDX+ECX*2]
010F1952 8B7B 1C MOV EDI,DWORD PTR DS:[EBX+1C]
010F1955 01EF ADD EDI,EBP
010F1957 032C97 ADD EBP,DWORD PTR DS:[EDI+EDX*4]
010F195A 85F6 TEST ESI,ESI
010F195C 74 15 JE SHORT CommandC.010F1973
010F195E 68 33322020 PUSH 20203233
010F1963 68 75736572 PUSH 72657375
010F1968 54 PUSH ESP
010F1969 FFD5 CALL EBP
010F196B 95 XCHG EAX,EBP
010F196C 31F6 XOR ESI,ESI
010F196E ^ E9 A0FFFFFF JMP CommandC.010F1913
010F1973 56 PUSH ESI
010F1974 68 726C6421 PUSH 21646C72
010F1979 68 6F20776F PUSH 6F77206F
010F197E 68 48656C6C PUSH 6C6C6548
010F1983 54 PUSH ESP
010F1984 870424 XCHG DWORD PTR SS:[ESP],EAX
010F1987 50 PUSH EAX
010F1988 50 PUSH EAX
010F1989 56 PUSH ESI
010F198A FFD5 CALL EBP
010F198C CC INT3
Al final crashearia porque tiene un INT3 podes poner un RET