lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <BAY12-F1031KoxDt9Jy00002b00@hotmail.com>
From: randnut at hotmail.com (first last)
Subject: MyDoom download info.

>BTW, apparently there is a yet undiscovered bug in MyDoom.B code
>that prevents it from spreading effectively. Much of the code is
>encrypted, so dissecting processes sowly.

It's still UPX packed, but it won't unpack with "UPX -d" because the author 
used a simple UPX scrambler. Either undo what he did or unpack it manually 
and you'll see all the code. The easiest way for anyone inexperienced with 
this is just to dump the memory to a file when the virus is running. But you 
don't think the anti-virus companies already know everything about this 
virus? It's been a few days now and they should've found out everything they 
needed to know the very same day they got their first copy of MyDoom.B.

_________________________________________________________________
Let the new MSN Premium Internet Software make the most of your high-speed 
experience. http://join.msn.com/?pgmarket=en-us&page=byoa/prem&ST=1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ