lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1083510572.318.5.camel@Stargate.dlcty01.va.comcast.net>
From: nodialtone at comcast.net (Byron Copeland)
Subject: Unpacking Sasser

I'd like a copy as well.

Thanks in advance.

-b

On Sun, 2004-05-02 at 07:40, IndianZ wrote:
> Can you pls send me a copy for analysis?
> Thanx...
> 
> GreetZ from IndianZ
> 
> mailto:indianz@...ianz.ch
> http://www.indianz.ch
> 
> 
> 
> 
> 
> On Sunday 02 May 2004 10.37, Tom K wrote:
> > Stupidly I was infected with Sasser last night and whilst trying to
> > identify the program I found that the code was packed and I could find no
> > way of idenifying the packer from the EXE (avserve.exe produced no relevant
> > hits on Google). Could anyone tell me what unpacker to use to analyse the
> > code? And how was this determined?
> >
> > Cheers in Advance.
> >
> > Tom
> >
> > P.S: If anyone would like a copy of the file to look at, feel free to ask.
> >
> > P.S.S: This is my first post, go easy. ;)
> >
> > _________________________________________________________________
> > FREE pop-up blocking with the new MSN Toolbar  get it now!
> > http://toolbar.msn.com/go/onm00200415ave/direct/01/
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040502/093449a8/attachment.bin

Powered by blists - more mailing lists