[Full-disclosure] undetected stuff downloaded by pnp worm
Willem Koenings
infsec at gmail.com
Sun Sep 4 02:20:20 BST 2005
Hi!
If anyone wants to play, then:
hxxp://www.darkfxp.net/dl/rootkit.exe
rar archive, inside is those files:
install.bat
xnet.exe
ssdpcl.dll
ssdpcl.exe
ssdpcl.exe creates the service SSDPCL, description
Provides Control for the SSDP Discovery Service,
display name SSDP Controller
As i have not time to analyze this, links to published
analyze or analyze sent to private mail is welcomed.
all the best,
W.
Full-Disclosure is hosted and sponsored by Secunia.