[Full-Disclosure] Unpacking Sasser
Andrew Ruef
jabberwocky at mediasoft.net
Sun May 2 17:22:31 BST 2004
I would also like a copy, please.
Thank you.
On Sun, 2004-05-02 at 04:37, Tom K wrote:
> Stupidly I was infected with Sasser last night and whilst trying to identify
> the program I found that the code was packed and I could find no way of
> idenifying the packer from the EXE (avserve.exe produced no relevant hits on
> Google). Could anyone tell me what unpacker to use to analyse the code? And
> how was this determined?
>
> Cheers in Advance.
>
> Tom
>
> P.S: If anyone would like a copy of the file to look at, feel free to ask.
>
> P.S.S: This is my first post, go easy. ;)
>
> _________________________________________________________________
> FREE pop-up blocking with the new MSN Toolbar get it now!
> http://toolbar.msn.com/go/onm00200415ave/direct/01/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure is hosted and sponsored by Secunia.