unpacking UPX or PE-packed binaries

From: Karma (steve_at_frij.com)
Date: 04/23/04

  • Next message: Kevin Partridge: "cobol language vulnerabilities"
    To: <"Undisclosed-Recipient:;"@securityfocus.com>
    Date: Fri, 23 Apr 2004 12:25:38 +1000
    
    

    Hi List,

    Just interested in how AV R&D companies unpack worms with complex UPX and PE
    pack protocols.

    Been trying to disect the recent Gaobot variants and getting no where with
    my generic UPX-unpacker. Since this is more and more commonly used, I
    thought I would be wise to consult the Lists.

    Cheers,

    Karma


  • Next message: Kevin Partridge: "cobol language vulnerabilities"