[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-Disclosure] MyDoom download info.
From:       jan.muenther () nruns ! com
Date:       2004-01-31 12:38:55
Message-ID: 20040131123855.GA1253 () ergo ! nruns ! com
[Download RAW message or body]

> >It actually un-UPX-ed just fine for me. What version have you been trying?
> 
> MyDoom.B as posted by someone else on this list. UPX -d doesn't work so you 
> have to do it manually which shouldn't be a problem.

Oh, that clarifies it - I've just been looking at a copy of .A as it came to
me amass. Of course de-UPX'ing manually is not a problem. 

> Anyone with basic assembler knowledge could understand MyDoom and any other 
> virus.

Well, I'd be a tad bit careful with the 'any' bit, but the recent stuff or
your everyday malware is really not at all hard to understand, which is why
large part of the discussions here sort of amazed me. 
What I want to say: My point exactly.

Cheers, J.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[prev in list] [next in list] [prev in thread] [next in thread]