Thursday, November 6, 2008

Win32/MS08-067!exploit payload

Nothing much to say ....
Just an image of the decrypted payload ...



Basically, the APIs are for downloading and executing the downloaded file.


Now some packet-talk ...




Make sure your systems are patched to prevent infection of this malware.

No comments: