Skip navigation.

Need a researcher for this virus


I need someone to analysis this virus
it's md5:

I'm waiting for replies

Simple skeletal analysis for "f5c6b935e47b6a8da4c5337f8dc84f76"

This is a simple file which
1. Erases the contents of "\\.\PhysicalDrive%d" (25 to 2, 1, 0) bootsector first 64 bytes with the string "Memory of the independence day".
2. Then it enumerates everydrive (z: thro A:) to check for a valid drive, finds files of extension

password protects it with random 8 character word and number and saves it in the .gz extension. It is actually a zip file. There is some error in this routine, where it deletes the complete file so that you will never obtain the original file.

Hope this info helps!!!

**** Sriram ****

Nice info, but i think it is

Nice info, but i think it is better make a full reverse (and port it to C). This way you can know very well what system its uses.

I am reversing actually, :)