no sample post tonight
So theres no sample post tonight. Im busy trying to understand the 700 unknown "shellcode" i have from my mwcollect. I dont really understand how that part works. Nepenthes has a page http://nepenthes.sourceforge.net/howto:reversing_windows32_shellcodes that kind of explains what to do with them but its incomplete. If anyone has suggestions that would help.
also i need samples of like the pnp worm / dasher / etc. my collectors seem to be running dry lately.
ps we seem to be linked on Halvars blog wooo! thanks Halvar!