Full Disclosure mailing list archives
Re: Unpacking Sasser
From: "Lee" <cheekypeople () sec33 com>
Date: Sun, 2 May 2004 21:52:40 +0100
As a side note I use Vmware workstation and GSX server edition to create enviroments that can be trashed and re-used at will, just wanted to add another secure way of testing malware etc... Regards Lee @ STS http://www.seethrusec.co.uk Building Knowledge and Security.. ----- Original Message ----- From: "-" <dsx_news () web de> To: <full-disclosure () lists netsys com> Sent: Sunday, May 02, 2004 6:47 PM Subject: Re: [Full-disclosure] Unpacking Sasser
I would like a copy fom Sasser, too. Thanks a lot.... Greets fom Germany...Stupidly I was infected with Sasser last night and whilst trying to
identify
the program I found that the code was packed and I could find no way of idenifying the packer from the EXE (avserve.exe produced no relevant
hits on
Google). Could anyone tell me what unpacker to use to analyse the code?
And
how was this determined? Cheers in Advance. Tom P.S: If anyone would like a copy of the file to look at, feel free to
ask.
P.S.S: This is my first post, go easy. ;) _________________________________________________________________ FREE pop-up blocking with the new MSN Toolbar get it now! http://toolbar.msn.com/go/onm00200415ave/direct/01/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Unpacking Sasser Tom K (May 02)
- Re: Unpacking Sasser IndianZ (May 02)
- Re: Unpacking Sasser Byron Copeland (May 02)
- Re: Unpacking Sasser Andrew Ruef (May 02)
- Re: Unpacking Sasser - (May 02)
- Re: Unpacking Sasser Lee (May 02)
- Re: Unpacking Sasser Nick FitzGerald (May 02)
- Re: Unpacking Sasser Lee (May 03)
- Determinig VMWare environment (was: Unpacking Sasser) Spiro Trikaliotis (May 03)
- Re: Determinig VMWare environment (was: Unpacking Sasser) Lee (May 03)
- Re: Unpacking Sasser Gary E. Miller (May 03)
- Catching Sasser Shashank Rai (May 04)
- Re: Unpacking Sasser - (May 02)
- Re: Unpacking Sasser IndianZ (May 02)
- <Possible follow-ups>
- RE: Unpacking Sasser Angelaix (May 02)