Hello incidents, We have analyzed a trojan that was spammed on us early this week. Not really a big news in itself as similar beasts are seen on a regular basis but since COM based hostile code is notoriously hard to analyze statically, we have published some details that could help other analysts facing similar trojans www.datarescue.com/idabase/greetings is the place. We have put a basic text description of the trojan and documented our in-depth analysis with a couple of IDA databases and their equivalent listings in pure text mode. -- Best regards, Pierre mailto:pierreat_private www.datarescue.com/idabase - home of the IDA Pro Disassembler IDA Pro: the undisputed leader in hostile code analysis ---------------------------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
This archive was generated by hypermail 2b30 : Fri Mar 21 2003 - 08:57:39 PST