|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ian Webb (iwebb_at_carolina.rr.com)
Date: Mon Jul 22 2002 - 00:34:56 CDT
The cmd.exe in cc.zip is the cmd.exe from NT4 SP6a. I just did a FC on a
copy extracted from the Service Pack and it's exactly the same.
-----Original Message-----
From: Richard Bartlett [mailto:richard
hackerimmunity.demon.co.uk]
Sent: Thursday, July 11, 2002 6:33 PM
To: Matt Andreko; incidentssecurityfocus.com
Subject: RE: Can anyone identify this backdoor?
Matt,
I've done a quick analysis on this and come up with the following;
<snip>
C:\recycler\CMD.EXE (possibley geniune cmd.exe from a version of
NT/2K/XP,
source unknown)
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]