[Full-Disclosure] Unpacking Sasser
IndianZ
indianz at indianz.ch
Sun May 2 12:40:18 BST 2004
Can you pls send me a copy for analysis?
Thanx...
GreetZ from IndianZ
mailto:indianz at indianz.ch
http://www.indianz.ch
On Sunday 02 May 2004 10.37, Tom K wrote:
> Stupidly I was infected with Sasser last night and whilst trying to
> identify the program I found that the code was packed and I could find no
> way of idenifying the packer from the EXE (avserve.exe produced no relevant
> hits on Google). Could anyone tell me what unpacker to use to analyse the
> code? And how was this determined?
>
> Cheers in Advance.
>
> Tom
>
> P.S: If anyone would like a copy of the file to look at, feel free to ask.
>
> P.S.S: This is my first post, go easy. ;)
>
> _________________________________________________________________
> FREE pop-up blocking with the new MSN Toolbar – get it now!
> http://toolbar.msn.com/go/onm00200415ave/direct/01/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure is hosted and sponsored by Secunia.