[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] undetected stuff downloaded by pnp worm

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] undetected stuff downloaded by pnp worm
From: Willem Koenings <infsec@xxxxxxxxx>
Date: Sun, 4 Sep 2005 04:20:20 +0300

Hi!

If anyone wants to play, then:

hxxp://www.darkfxp.net/dl/rootkit.exe

rar archive, inside is those files:

install.bat
xnet.exe
ssdpcl.dll
ssdpcl.exe

ssdpcl.exe creates the service SSDPCL, description
Provides Control for the SSDP Discovery Service,
display name SSDP Controller

As i have not time to analyze this, links to published
analyze or analyze sent to private mail is welcomed.

all the best,

W.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- [Full-disclosure] Re: undetected stuff downloaded by pnp worm
  - From: Willem Koenings

Prev by Date: [Full-disclosure] Multiple PBX Systems Vulnerable to BBQ Overflows
Next by Date: RE: [Full-disclosure] Multiple PBX Systems Vulnerable to BBQ Overflows
Previous by thread: RE: [Full-disclosure] Multiple PBX Systems Vulnerable to BBQ Overflows
Next by thread: [Full-disclosure] Re: undetected stuff downloaded by pnp worm
Index(es):
- Date
- Thread