-861530 to this issue.
APPENDIX A. - Vendor Information
http://www.vmware.com/
APPENDIX B. - References
NONE
CONTACT:
*mike king
[EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS
___
Full-Disclosure - We
oworldhelloworldhelloworldhelloworldhelloworldhellow
orldhelloworldhelloworl REG_SZ
E:\
After removing the key from the registry with Reglyzer
E:\ reg query HKEY_LOCAL_MACHINE\SOFTWARE\empty
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\empty
E:\
Best of luck mike king
time® is a trademark of Universe©
Public use
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thanks for all the feedback. I have always taken the poor mans
approach to this since its not really my job, but a fun hobby on
the side.
regards mike
On Fri, 05 Aug 2005 02:49:49 -0700 Peter Kruse [EMAIL PROTECTED] wrote:
Hey,
These were not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Here you go; I got this malware from a friends machine that had
been infected. This was about 2 months ago so there about. Use a
hex editer to give you what it was packed with and then just go
from there. Good luck and have fun.
download it from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
the src code to these bots are traded around a great deal. most
likley either the irc owner changed the port /banner in which the
bot is to listen or they have coded it with a different port and
banner. this is not at all uncommon. so chances are its