unpacking UPX or PE-packed binaries
From: Karma (steve_at_frij.com)
Date: 04/23/04
- Previous message: Greg Kilford: "key material"
- Next in thread: Gadi Evron: "Re: unpacking UPX or PE-packed binaries"
- Reply: Gadi Evron: "Re: unpacking UPX or PE-packed binaries"
- Reply: Blue Boar: "Re: unpacking UPX or PE-packed binaries"
- Maybe reply: Kayne Ian (Softlab): "RE: unpacking UPX or PE-packed binaries"
- Reply: Henrik Bøgh: "Re: unpacking UPX or PE-packed binaries"
- Maybe reply: Suresh Ponnusami: "Re: unpacking UPX or PE-packed binaries"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <"Undisclosed-Recipient:;"@securityfocus.com> Date: Fri, 23 Apr 2004 12:25:38 +1000
Hi List,
Just interested in how AV R&D companies unpack worms with complex UPX and PE
pack protocols.
Been trying to disect the recent Gaobot variants and getting no where with
my generic UPX-unpacker. Since this is more and more commonly used, I
thought I would be wise to consult the Lists.
Cheers,
Karma
- Previous message: Greg Kilford: "key material"
- Next in thread: Gadi Evron: "Re: unpacking UPX or PE-packed binaries"
- Reply: Gadi Evron: "Re: unpacking UPX or PE-packed binaries"
- Reply: Blue Boar: "Re: unpacking UPX or PE-packed binaries"
- Maybe reply: Kayne Ian (Softlab): "RE: unpacking UPX or PE-packed binaries"
- Reply: Henrik Bøgh: "Re: unpacking UPX or PE-packed binaries"
- Maybe reply: Suresh Ponnusami: "Re: unpacking UPX or PE-packed binaries"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
