tag:blogger.com,1999:blog-1748276867318366161.post8045759674870239818..comments2023-09-28T05:07:03.484-07:00Comments on Computer Center: new codec malwaresjpritch25http://www.blogger.com/profile/00985356466422592346noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-1748276867318366161.post-7034120613074137922016-01-25T00:27:10.561-08:002016-01-25T00:27:10.561-08:00Nice Lines.............
Technical Support For Nort...Nice Lines.............<br /><a href="http://www.technosoftcom.com/support-for-norton.html" rel="nofollow">Technical Support For Norton</a><br /><a href="http://www.technosoftcom.com/support-for-kaspersky.html" rel="nofollow">Technical Support For Kaspersky Canada</a><br /><a href="http://www.technosoftcom.com/support-for-kaspersky.html" rel="nofollow">Technical Support For Kaspersky USA</a><br /><a href="http://www.technosoftcom.com/support-for-mcafee.html" rel="nofollow">Technical Support For McAfee Canada</a><br /><a href="http://www.technosoftcom.com/technical-support-for-brother-printer.html" rel="nofollow">Technical Support For Brother Printer Canada</a><br /><a href="http://www.technosoftcom.com/support-for-quicken.html" rel="nofollow">Technical Support For Quicken Canada</a><br /><a href="http://www.theapple.biz" rel="nofollow">Apple Repair Centre in Delhi</a><br /><a href="http://www.theapple.biz" rel="nofollow">Iphone Repair Delhi</a>Anonymoushttps://www.blogger.com/profile/13845823071184515539noreply@blogger.comtag:blogger.com,1999:blog-1748276867318366161.post-55660466891007602452007-09-10T17:17:00.000-07:002007-09-10T17:17:00.000-07:00DNS: CODEC-FUN.COMCreation: 16 April 2007http://ww...DNS: CODEC-FUN.COM<BR/>Creation: 16 April 2007<BR/>http://www.siteadvisor.com/sites/codec-fun.com<BR/><BR/>IP Range Monitoring: 64.28.184.1**<BR/>by the evil registrar ESTDOMAINS.<BR/><BR/>Source: infected://codec-fun.com/download/codec-fun4091.exe<BR/>Filename: codec-fun4091.exe<BR/>Compil on: Sat Jul 14 15:12:49 2007<BR/>Size: 207 727 octects<BR/>Packer: NullSoft PiMP SFX<BR/>MD5: 3c04ec7f05ccbfdab02e7452ad333866<BR/>SHA-1: 9c65d521d0556e10516808fce45c5b3114e9fda1<BR/>KAV: Win32.Trojan.DNSChanger.KA<BR/><BR/>An easy way for a quick analysis is to use a simple NSIS extractor tool for example, uniextrac.<BR/><BR/>Read the .NSI script:<BR/>Push "$TEMP\check.exe" e -o+ -pnLKQ3KC3DPFGgub1PP9bOEm0gg8CF package.tmp<BR/><BR/>$TEMP = %tmp%<BR/>check.exe = unrar.exe<BR/>e Extract files to current directory<BR/>-o Overwrite existing files<BR/>p[password] Set password<BR/>package.tmp = compressed files<BR/><BR/>Rename package.tmp in package.rar<BR/>Now, we can extract files on our virtual b0x.<BR/><BR/>71 205 tmp1.exe<BR/> 7 199 tmp2.exe<BR/><BR/>Regards,s€cUßø×https://www.blogger.com/profile/11598826845823248303noreply@blogger.com