your emails are very difficult to understand. Please explain better and
give some more context.
Thank you
On Mon, Mar 14, 2016 at 8:59 PM, 林威任 wrote:
> Excuse me,
> (Windows Malware: Trojan Dropper.
> File: C:\Users\IEUser\AppData\Local\Temp\AcroRD32.exe. Reference:
>
*Dear All*
*I want to share between two virtual machine. I need C code for this. Could
any one help me please?*
*Thanks and Regards,*
Zakira Inayat
Ph.D Scholar in University of Malaya, Malaysia
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list"
Excuse me,
(Windows Malware: Trojan Dropper.
File: C:\Users\IEUser\AppData\Local\Temp\AcroRD32.exe. Reference:
0A37D49E798F50C8F1010D5CFDE0E851 )
After I edited win_malware_rcl.txt , this code didn't appear.
However,which aspect haven't I done?
thank you!!!
--
---
You received this message
It looks like the configuration for rootcheck doesn't have the right
format. I think you are inserting some extra line breaks.
It should look like this:
[Trojan Dropper] [all] [0A37D49E798F50C8F1010D5CFDE0E851]
f:C:\Users\IEUser\AppData\Local\Temp\AcroRD32.exe;
I have included ossec.conf of server and agent. Also the script command for
active response when key word is detected in the agent log file. Thanks.
2016/03/14 17:00:41 ossec-agentlessd: INFO: ssh_integrity_check_linux:
ossec@10.2.219.142: Started.
2016/03/14 17:00:45 ossec-agentlessd: INFO:
Excuse me, I want to ask something.
Why it don't appear ideal result after I input the code ?
code:
[Trojan Dropper] [all] [0A37D49E798F50C8F1010D5CFDE0E851]
f:C:\Users\agent05\AppData\Local\Temp\AcroRD32.exe;
r:HKEY_USERS\S-1-5-21-3463664321-2923530833-3546627382-1000\Software\Microsoft
Excuse me, I want to ask something.
Why it don't appear ideal result after I input the code ?
code:
[Trojan Dropper] [all] [0A37D49E798F50C8F1010D5CFDE0E851]
f:C:UsersIEUserAppDataLocalTempAcroRD32.exe;
r:HKEY_USERSS-1-5-21-3463664321-2923530833-3546627382-1000
SoftwareMicrosoftWin$
Thank you very much!!!
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit
Here you go (just created the github repo)
https://github.com/santiago-bassett/malware-samples/blob/master/0A37D49E798F50C8F1010D5CFDE0E851.zip
Password: "malware"
On Sun, Mar 13, 2016 at 10:20 PM, wrote:
> I really need it.
> How can I get it ? for email?
>
> --
>
>