Printable View
i would like to see that source, i think it'd be interestingQuote:
Originally posted here by whizkid2300
yea... this thing has been going on for a little while. It seems like most end users just look at it and save it.
I was trying to get the source to it to check it out and see everything it does.
Hi guys,
I am afraid my last post was a little brief..........................like what I gave you were the ONLY three AVs that recognised it....................everything else thought it was OK :eek:
I am afraid that I do not have time at the moment to put it on a "labrat" and decompile it, or to go on the "darkside" and get the source.................if you do, please be careful............thanks
:)
Couldn't get a good decompilation of this file..
Most decompilers just seem to sigsev on it.
Some did get some info out of it (mostly obscured)..
Did get something out of PEDasm
attached is the output (in a zip)..
It's not all that usefull with a copletely stripped binary like this..
Perhaps someone with IDApro or something can get more out of it..
(F-Secure detects the worm btw)