Full Disclosure mailing list archives

Re: Online Script Decoder

From: Feher Tamas <etomcat () freemail hu>
Date: Mon, 13 Dec 2004 11:14:18 +0100 (CET)

Hello,

Is anyone able to decode this malware/exploit script-encoded :
http://www.antiblock.biz/user256/2DimensionOfExploitsEnc.php


It's a trojan-dropper called VBS.Zerolin and it tries to
download an executable file also belonging to the
trojan-downloader family. It is called malware Win32.Zdesnado.Y

What that exe file tries to download, I don't know.

The place in the above URL should be CERTed down for sure.

Sincerely: Tamas Feher.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Online Script Decoder GreyMagic Security (Dec 07)
- <Possible follow-ups>
- Re: Online Script Decoder Paul Szabo (Dec 07)
- Re: Online Script Decoder Elia Florio (Dec 07)
- Re: Online Script Decoder Feher Tamas (Dec 13)
  - Re: Re: Online Script Decoder Willem Koenings (Dec 13)