[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [Full-Disclosure] RE: [Full-Disclosure]Not into Refuting tall-tales and stories abo ut the Mydoo
From: jan.muenther () nruns ! com
Date: 2004-01-30 23:47:14
Message-ID: 20040130234714.GA975 () ergo ! nruns ! com
[Download RAW message or body]
> the possibility? There is plenty of unanalyzed code and looking at the
> dissassembled code there are fingerprints of a tsr and forth in my opinion,
Plenty, eh? After de-UPX-ization, this thing is about 56k.
TSR in Windows?
And where do you see the Forth traces?
Looks a heck of a lot more like VC++ to me.
> Were the int
> calls
> examined for suspicious behavior?
Int calls, eh? You're aware that this is a PE binary?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic