Full Disclosure mailing list archives
Re: MyDoom download info
From: "Puneet Arora" <puneet () tunmail com>
Date: Sat, 31 Jan 2004 14:39:07 +0530
I think Daniel E. Spisak is quite right .... why would anyone post a virus/backdoor creation of hiw own....................????????????? Also if he wanted......he would have disributed in Executable form.......not the xipped one.....right. ----- Original Message ----- From: "first last" <randnut () hotmail com> To: <full-disclosure () lists netsys com> Sent: Saturday, January 31, 2004 5:58 AM Subject: RE: [Full-disclosure] MyDoom download info
to successfully unpack the program. All they really needed to do was dump it from memory while it was running and they could'veanalyzedit immediately with any disassembler.Forgive me, I am no assembly hacker nor much of a programmer, but would it be possible for a program to 'react' in some way were one to try to dump it from memory?The program would have to use a device driver to protect itself from not being dumped from memory to disk. But there are ways around that as well. _________________________________________________________________ Get a FREE online virus check for your PC here, from McAfee. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: MyDoom download info, (continued)
- Re: MyDoom download info Roland Dobbins (Jan 31)
- mydoom.exe decyphering? Danny (Jan 31)
- Re: [Full-Disc]: mydoom.exe decyphering? Anders (Jan 31)
- RE: MyDoom download info first last (Jan 30)
- RE: MyDoom download info Steve Wray (Jan 30)
- Re: MyDoom download info Valdis . Kletnieks (Jan 31)
- Re: MyDoom download info Paul Schmehl (Jan 31)
- RE: MyDoom download info Steve Wray (Jan 31)
- RE: MyDoom download info Bojan Zdrnja (Jan 31)
- RE: MyDoom download info Steve Wray (Jan 30)
- Re: MyDoom download info Puneet Arora (Jan 31)
- RE: MyDoom download info Steve Wray (Jan 30)