To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
Tron wrote:
> Presumably, this means that whoever compressed this binary used an
> altered version of upx?
There are a number of UPX manglers. If it's just a modified UPX-packed
binary, those are pretty easy to manually unpack. I've also seen at
least one other packer (I want to say one of the Yodas) that creates a
UPX segment, I assume to give the appearance that it's just UPX packed.
In any case, binaries in the state you describe are pretty common, in my
experience.
BB
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
