Re: Suspicious File Packer

**kitbeery** · 2006-09-17, 16:44

I still have the the d/l'ed codec file which I suspect was bogus and is causing me problems (http://forums.spybot.info/showthread.php?t=7416), can I use the SFP to send it to you for analysis?

-Kit

**tashi** · 2006-09-17, 18:26

Hi there.

Please send the file zipped to: detections(AT)spybot.info

Put the name of the file/infection into subject matter, cheers.

**kitbeery** · 2006-09-17, 18:50

OK, I have the file now in a .zip format (it was an .exe), and sent it that way to you.

I ran sfp.exe and it created a .cab, but I don't know what to do with the .cab folder??

**LonnyRJones** · 2006-09-17, 20:33

Once you send the file (xxxx.cab) you can delete it and SFP to
Not quite sure what you mean by .cab folder
Thanks

**kitbeery** · 2006-09-17, 20:43

Your small tool, the Suspicious File Packer, creates a cab folder on the desktop, it is not clear or obvious how to get the suspicious file into it, in order to send.

**LonnyRJones** · 2006-09-17, 20:58

Hi
If you ran SPF and imput a file , example
c:\windows\badfile.dll
and click continue it will have put the file in the .cab that will appear on your desktop, understand ?

**kitbeery** · 2006-09-17, 22:08

i've got the concept, like, put the file into the cab folder, but I don't know the mechanism re the SFP program . Any way I zipped the suspect file and sent it to detections.

Will that work?

**LonnyRJones** · 2006-09-18, 01:57

Thats fine, Thanks
Continue in your topic in the malware section.

Thread: Re: Suspicious File Packer

Thread Tools

Display

Re: Suspicious File Packer

Posting Permissions