Full Disclosure mailing list archives

Re: MyDoom download info

From: Nico Golde <nion () gmx net>
Date: Sat, 31 Jan 2004 23:31:58 +0100

Hallo Steve,

* Steve Wray <steve.wray () paradise net nz> [2004-01-31 23:00]:

You can always disassemble the virus, which is what people 
will do if it's a real "popular" one such as MyDoom.


IIRC there are viruses that are encrypted and are almost impossible
to disassemble?

Would that be true?

 
i think not forever.
there is a good phrack article about binary encription.
nico
-- 
Nico Golde nico <at> ngolde <dot> de
public key available on:
http://www.ngolde.de/gpg.html

Attachment: _bin
Description:

Current thread:

Re: MyDoom download info Nico Golde (Jan 31)
- <Possible follow-ups>
- Re: MyDoom download info Valdis . Kletnieks (Jan 31)
- Re: MyDoom download info Nick FitzGerald (Jan 31)
  - Re[2]: MyDoom download info Thierry (Jan 31)
    - Re[2]: MyDoom download info J.A. Terranson (Jan 31)
    - Re: MyDoom download info B$H (Feb 13)
    - Re: MyDoom download info Ron DuFresne (Feb 13)
  - Re: MyDoom download info Roland Dobbins (Jan 31)
- RE: MyDoom download info Nick FitzGerald (Feb 01)
  - RE: MyDoom download info Steve Wray (Feb 02)