please tell me how to get the sobif.f virus program.
i want to analysising .
Printable View
please tell me how to get the sobif.f virus program.
i want to analysising .
Drop an unpatched win2k box on the net for a few hours - you're almost guaranteed to get it
Slarty
slarty that will only get you blaster.. sobig is a mail virus
so just post your mail addy on a public site and open up your outlook (express)..
be sure to enable the preview function.. and you'll be sure to get infected..
here kitty kitty... here kitty kitty..
bang..
easier captured dead.. they don't bite that way!
Oi! Don't hurt the Kitty :P
deadforg,
Please be careful!.......this really is not a game. You should not attempt to analyse a live virus on a production machine, one that you share or one that is owned by someone else...........you will damage yourself and others!
You need a dedicated "laboratory" or "sacrificial goat" box, that does not matter if it gets killed.
Another point is, that if your defences are any good, they should not let you do such a thing? So you need to be running an undefended (sacrificial) system.............please do not do this on a network :)
I am put in mind of the tale in Greek mythology about Pandora's Box?.............if you let one of these things loose you harm others, so be CAREFUL!!!
I would recommend going to the AV sites such as Symantec, Nai, Panda, Kaspersky and so on; and reading up their analyses first. You then need to set yoursef up with the proper hardware and software environments..........hey, a lot of this stuff is encrypted, polymorphic, compressed etc.........?
Once again.......please be careful...these things are dangerous, and you might harm innocent bystanders.
Cheers
Sobig.F doesn't exploit any flaw in Outlook. So enabling the preview will not get you infected. For Sobig.F to infect your machine the user must run it. But you don't have to infect your machine to analyse it. Just be on the lookout for emails with an attachment that ends in .pif or .scr. Save this attachment and start analyzing.Quote:
Originally posted here by the_JinX
slarty that will only get you blaster.. sobig is a mail virus
so just post your mail addy on a public site and open up your outlook (express)..
be sure to enable the preview function.. and you'll be sure to get infected..
See the Virus Information Library for more details on how to recognise Sobig.F.
havent u got mails containing it....i wonder....pass it on to some AV company they have a lot of clients being infected..........they may provide u one :)