Full Disclosure mailing list archives
Re: Hello Mydoom
From: madsaxon <madsaxon () direcway com>
Date: Wed, 28 Jan 2004 17:21:24 -0600
At 05:39 PM 1/28/2004 -0500, Juari Bosnikovich wrote:
It was also unknown that the virus infects the BIOS of the computer it infects by injecting a 624bytes backdoor written in FORTH which will open port tcp when Mydoom will be executed AFTER febuary 12.
Nice analysis, Juari. Thanks. m5x _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Hello Mydoom Juari Bosnikovich (Jan 28)
- Re: Hello Mydoom madsaxon (Jan 28)
- <Possible follow-ups>
- Re: Hello Mydoom auto4751 (Jan 30)
- Re: Hello Mydoom jan . muenther (Jan 30)