[33280] in bugtraq
information and reverse engineering bits of the Mydoom worm
daemon@ATHENA.MIT.EDU (Gadi Evron)
Tue Jan 27 23:32:06 2004
Message-ID: <4016DE6F.5040008@egotistical.reprehensible.net>
Date: Tue, 27 Jan 2004 23:55:59 +0200
From: Gadi Evron <ge@egotistical.reprehensible.net>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Cc: full-disclosure@lists.netsys.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
We've released a digest of a few of the messages that passed through
TH-Research about this new worm.
In it is information about the worm that is not included in the
different vendors web pages, and requires a higher understanding of
assembly and reverse engineering.
We release it for the purpose of assisting sysadmins and security
researchers by making the information available publicly.
You can find the digest at: http://www.math.org.il/newworm-digest1.txt.
As always, this information is released with the agreement of the
different authors, according to the list's FAQ guidelines.
Gadi Evron.
The Trojan Horses Research Maling List - http://ecompute.org/th-list
