As a side note I use Vmware workstation and GSX server edition to create enviroments that can be trashed and re-used at will, just wanted to add another secure way of testing malware etc...
Regards Lee @ STS http://www.seethrusec.co.uk Building Knowledge and Security.. ----- Original Message ----- From: "-" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, May 02, 2004 6:47 PM Subject: Re: [Full-Disclosure] Unpacking Sasser > I would like a copy fom Sasser, too. > > Thanks a lot.... > > Greets fom Germany... > > > >>Stupidly I was infected with Sasser last night and whilst trying to identify > >>the program I found that the code was packed and I could find no way of > >>idenifying the packer from the EXE (avserve.exe produced no relevant hits on > >>Google). Could anyone tell me what unpacker to use to analyse the code? And > >>how was this determined? > >> > >>Cheers in Advance. > >> > >>Tom > >> > >>P.S: If anyone would like a copy of the file to look at, feel free to ask. > >> > >>P.S.S: This is my first post, go easy. ;) > >> > >>_________________________________________________________________ > >>FREE pop-up blocking with the new MSN Toolbar get it now! > >>http://toolbar.msn.com/go/onm00200415ave/direct/01/ > >> > >>_______________________________________________ > >>Full-Disclosure - We believe in it. > >>Charter: http://lists.netsys.com/full-disclosure-charter.html > >> > >> > > > >_______________________________________________ > >Full-Disclosure - We believe in it. > >Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
