[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Where to submit a suspected trojan or virus?
- To: Scenobro <scenobro@xxxxxxxxxx>
- Subject: Re: [Full-Disclosure] Where to submit a suspected trojan or virus?
- From: Kyle Maxwell <krmaxwell@xxxxxxxxx>
- Date: Fri, 3 Sep 2004 11:22:54 -0500
On Fri, 03 Sep 2004 06:00:27 +0200, Scenobro <scenobro@xxxxxxxxxx> wrote:
> I found an explorer.exe in my system32 folder which I believe take
> precedence over the real explorer.exe located in c:\windows.
> It's a 92K file that seems to be a visual basic program. Among the
> strings contained in it there is a "C:\TestDL.exe" which I didn't find
> on my disk and a url "http://www.getupdate.com/TestDownload.exe"; which
> does't exists. (the home page of that site is a textfile containing only
> "SB2").
> I sent the file to virustotal.com and they found nothing.
> Where I can send this file for analysis?
The Internet Storm Center also has a malware analysis group, and they
coordinate with the major AV vendors; you can submit the file and
relevant information at http://isc.sans.org/contact.php or via email
to isc@xxxxxxxx (I think).
--
Kyle Maxwell
[krmaxwell@xxxxxxxxx]
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html