[Full-Disclosure] Unpacking Sasser
Tom K
keetch_tw at hotmail.com
Sun May 2 09:37:27 BST 2004
Stupidly I was infected with Sasser last night and whilst trying to identify
the program I found that the code was packed and I could find no way of
idenifying the packer from the EXE (avserve.exe produced no relevant hits on
Google). Could anyone tell me what unpacker to use to analyse the code? And
how was this determined?
Cheers in Advance.
Tom
P.S: If anyone would like a copy of the file to look at, feel free to ask.
P.S.S: This is my first post, go easy. ;)
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar – get it now!
http://toolbar.msn.com/go/onm00200415ave/direct/01/
Full-Disclosure is hosted and sponsored by Secunia.