[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1083510572.318.5.camel@Stargate.dlcty01.va.comcast.net>
From: nodialtone at comcast.net (Byron Copeland)
Subject: Unpacking Sasser
I'd like a copy as well.
Thanks in advance.
-b
On Sun, 2004-05-02 at 07:40, IndianZ wrote:
> Can you pls send me a copy for analysis?
> Thanx...
>
> GreetZ from IndianZ
>
> mailto:indianz@...ianz.ch
> http://www.indianz.ch
>
>
>
>
>
> On Sunday 02 May 2004 10.37, Tom K wrote:
> > Stupidly I was infected with Sasser last night and whilst trying to
> > identify the program I found that the code was packed and I could find no
> > way of idenifying the packer from the EXE (avserve.exe produced no relevant
> > hits on Google). Could anyone tell me what unpacker to use to analyse the
> > code? And how was this determined?
> >
> > Cheers in Advance.
> >
> > Tom
> >
> > P.S: If anyone would like a copy of the file to look at, feel free to ask.
> >
> > P.S.S: This is my first post, go easy. ;)
> >
> > _________________________________________________________________
> > FREE pop-up blocking with the new MSN Toolbar get it now!
> > http://toolbar.msn.com/go/onm00200415ave/direct/01/
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040502/093449a8/attachment.bin
Powered by blists - more mailing lists