Full Disclosure mailing list archives

undetected stuff downloaded by pnp worm

From: Willem Koenings <infsec () gmail com>
Date: Sun, 4 Sep 2005 04:20:20 +0300

Hi!

If anyone wants to play, then:

hxxp://www.darkfxp.net/dl/rootkit.exe

rar archive, inside is those files:

install.bat
xnet.exe
ssdpcl.dll
ssdpcl.exe

ssdpcl.exe creates the service SSDPCL, description
Provides Control for the SSDP Discovery Service,
display name SSDP Controller

As i have not time to analyze this, links to published
analyze or analyze sent to private mail is welcomed.

all the best,

W.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

undetected stuff downloaded by pnp worm Willem Koenings (Sep 03)
- Re: undetected stuff downloaded by pnp worm Willem Koenings (Sep 04)
- <Possible follow-ups>
- Re: undetected stuff downloaded by pnp worm Feher Tamas (Sep 06)