Hi all,
I was giving a shot a psyb0t.
Some info about it are here: http://www.dronebl.org/blog and http://www.h-online.com/security/Botnet-based-on-home-network-routers--/news/112913

I downloaded the env file from here: http://nenolod.net/~nenolod/psyb0t/udhcpc.env

First, this binary is for MIPS-based processors, which are not X86.
Second, this binary IS packed with UPX, but author has stripped the headers necessary to decompress it. On the net it's reported that a little time with a hex editor can get you the decompressed binary, or a binary that upx accepts to decompress.

I did a moderate search on two things: instructions on how to restore upx information and information about upx specific header format.
I found none of both.

So the questions are:
1. could someone explain how to fix the header of this env file?
2. could someone point me to some specifications of the UPX header format?

thanks in advance.

find some ENV file, pack with upx & see how looks headers.

upx source code is on sourceforge, headers would be in there, along with everything you probably need..

'cmon was just a kindness I asked, not replies useful for noobs only. It's not a thing I couldn't do, it's a thing I would do faster or better find already done.

ok, accepted your sorryes :::::::: ))))))))))))))

well I'm usually kind, but f*k.

Supposedly that should've been enough, but upx still complained about "compressed data violation". So I just skipped the last check over in the debugger.

10x, placing the UPX! strings was what I did immediately, before posting, but apparently there's some field I am missing.