Vuln Dev
Suspecious JPEG Files Feb 01 2008 05:10PM
poddima yahoo com (2 replies)
Re: Suspecious JPEG Files Feb 06 2008 06:13AM
Geoffrey Gowey (gjgowey gmail com)
1) Install sandboxie on your system.
2) install filemon and regmon on your system
3) disconnect system from network
4) run filemon and regmon
5) run suspect program in sandbox
6) wait a little then kill, but don't delete sandbox.

Now you can look at regmon and filemon to see what the program was
trying to access/do without it killing your system.

On 1 Feb 2008 17:10:13 -0000, poddima (at) yahoo (dot) com [email concealed] <poddima (at) yahoo (dot) com [email concealed]> wrote:
> Hello,
>
>
> I recieved via e-mail two JPEG files, one of them was not opened properly
> (Default error message was displayed on the Windows Picture Viewer).
>
> The sender is known to me, and I suspect he was trying to attack my computer
> (I recieved also an infected executable file from him just a short time
> before, and I didn't opened it).
>
>
> If anyone is interested in trying to analyse the files, I'd be mostly
> grateful. Please contact me and I will send you the files.
>
>
> Thanks!
>

--
Kindest Regards,

Geoff

[ reply ]
Re: Suspecious JPEG Files Feb 05 2008 09:33PM
Valdis Kletnieks vt edu


 

Privacy Statement
Copyright 2010, SecurityFocus