[Owasp-Malaysia] pyew,python binary diassembler

Muhammad Najmi Ahmad Zabidi najmi.zabidi at gmail.com
Wed Mar 31 20:55:27 EDT 2010


Anyone is using pyew?


najmi at notre-dame:/var/lib/nepenthes/binaries$ ~/pyew/pyew.py
PE Information

    0x1000 0x20000 75776
    0x21000 0x2000 3584
    0x23000 0xf6000 36864
    0x119000 0x8000 30720

Entry Point at 0x1c85c
Virtual Address is 0x51905c
Code Analysis ...

[0x00000000]> vt
File 1f8a826b2ae94daa78f6542ad4ef173b with MD5 1f8a826b2ae94daa78f6542ad4ef173b

McAfee+Artemis           : W32/Sdbot.worm.gen.x
nProtect                 : Backdoor/W32.RBot.155648.W
CAT-QuickHeal            : I-Worm.Bobic.hq
McAfee                   : W32/Sdbot.worm.gen.x
K7AntiVirus              : Backdoor.Win32.Rbot
TheHacker                : Backdoor/Rbot.aftu
VirusBuster              : Worm.Rbot.AFAE
NOD32                    : Win32/Rbot
F-Prot                   : W32/Trojan5.DCW

And... the rest of the AV lines results.

More information about the Owasp-Malaysia mailing list