funsec mailing list archives

Re: Re: Fwd: The program u ask me for

From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Thu, 6 Dec 2007 01:19:14 -0500

On Dec 6, 2007 1:08 AM, silky <michaelslists () gmail com> wrote:


On Dec 6, 2007 4:40 PM, Dude VanWinkle <dudevanwinkle () gmail com> wrote:

On Dec 6, 2007 12:26 AM, Andrew Haninger <ahaning () mindspring com> wrote:

On Dec 5, 2007 9:20 PM, Dude VanWinkle <dudevanwinkle () gmail com> wrote:

I didn't have time to do an analysis of it, but virustotal didn't pick up squat.

http://www.virustotal.com/resultado.html?0b6fa3cb50c94167a6ab4139b4a04274

Andy


Ohh they got better..


oddly, though, they are using md5 as their hashing/identification mechanism.


But they did add a cool feature where if you submit a file (assuming
the previous owner didn't check the "dont share" and "encrypt"
options) and its been scanned before, you can look at the original
assessment, or get a new scan.

Of course you are correct in your criticism in the fact if virustotal
bases their file sigs on md5, this might be useless even now.

-PJ errr JP
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: Fwd: The program u ask me for Onur Akgun (Dec 05)
- Re: Re: Fwd: The program u ask me for Dude VanWinkle (Dec 05)
  - Re: Re: Fwd: The program u ask me for Andrew Haninger (Dec 05)
    - Re: Re: Fwd: The program u ask me for Dude VanWinkle (Dec 05)
    - Re: Re: Fwd: The program u ask me for silky (Dec 05)
    - Re: Re: Fwd: The program u ask me for Dude VanWinkle (Dec 05)