[unisog] Decompiling virus binaries
m.sapsed at bangor.ac.uk
Tue Jul 22 08:34:32 GMT 2003
Jeff Bollinger wrote:
> We received what we believed to be a recent/(new to us) virus
> attachment, and short of running `strings` against the binary, what
> other methods/tools have y'all used to determine the contents of a virus
> binary? I guess what I'm really asking is, do you know of any good
> de-compilers (hopefully for x86 Linux, GCC 3) that would be useful in
> this instance, or can I use an existing compiler to break the virus down
> to its source code?
Way too complicated for me - I just send it on to my Anti-Virus company
(currently Sophos) and ask them to check it out. With all the encryption
and stuff I'd doubt that strings would help much?
Information Services "Who do you say I am?"
University of Wales, Bangor Jesus of Nazareth
More information about the unisog