Re: Using Magic Values along with filetype to find malicious files (was RE: [Full-disclosure] Google Malware Search)
- From: "Dude VanWinkle" <dudevanwinkle@xxxxxxxxx>
- Date: Mon, 17 Jul 2006 17:27:30 -0400
On 7/17/06, Debasis Mohanty <debasis.mohanty.listmails@xxxxxxxxx> wrote:
Nice .. Realy nice pointers H.D. !! :)
Really nice pointers yourself!
By searching for:
site:.il signature: 00004550 filetype:pif
I find a site with badtrans.b
www.arava.co.il/matan/svgalib/hypermail/att-1469/01-fun.MP3.pif
Hmm, any bets on who is the most infected TLD... :-)
-JP<who is betting on .ru>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- References:
- [Full-disclosure] Google Malware Search
- From: H D Moore
- Using Magic Values along with filetype to find malicious files (was RE: [Full-disclosure] Google Malware Search)
- From: Debasis Mohanty
- [Full-disclosure] Google Malware Search
- Prev by Date: [Full-disclosure] Outpost Firewall Pro secrately fixing security flaws?
- Next by Date: [Full-disclosure] anoNet: Cooperative Chaos
- Previous by thread: Using Magic Values along with filetype to find malicious files (was RE: [Full-disclosure] Google Malware Search)
- Next by thread: Re: Using Magic Values along with filetype to find malicious files (was RE: [Full-disclosure] Google Malware Search)
- Index(es):
Relevant Pages
|
