PDA

View Full Version : Re: Suspicious File Packer



kitbeery
2006-09-17, 17:44
I still have the the d/l'ed codec file which I suspect was bogus and is causing me problems (http://forums.spybot.info/showthread.php?t=7416), can I use the SFP to send it to you for analysis?

-Kit

tashi
2006-09-17, 19:26
Hi there.

Please send the file zipped to: detections(AT)spybot.info

Put the name of the file/infection into subject matter, cheers. :)

kitbeery
2006-09-17, 19:50
OK, I have the file now in a .zip format (it was an .exe), and sent it that way to you.

I ran sfp.exe and it created a .cab, but I don't know what to do with the .cab folder??

LonnyRJones
2006-09-17, 21:33
Once you send the file (xxxx.cab) you can delete it and SFP to
Not quite sure what you mean by .cab folder
Thanks

kitbeery
2006-09-17, 21:43
Your small tool, the Suspicious File Packer, creates a cab folder on the desktop, it is not clear or obvious how to get the suspicious file into it, in order to send.

LonnyRJones
2006-09-17, 21:58
Hi
If you ran SPF and imput a file , example
c:\windows\badfile.dll
and click continue it will have put the file in the .cab that will appear on your desktop, understand ?

kitbeery
2006-09-17, 23:08
i've got the concept, like, put the file into the cab folder, but I don't know the mechanism re the SFP program . Any way I zipped the suspect file and sent it to detections.

Will that work?

LonnyRJones
2006-09-18, 02:57
Thats fine, Thanks
Continue in your topic in the malware section.