[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Need a simple perl (etc.) program, but I don't speak perl


I sure that worked because I see some interesting strings after the decode.

But how to I save that binary back out to a file?


On Thu, Jun 3, 2010 at 12:03 PM, James Sumners <james.sumners at gmail.com> wrote:
> Just paste the text into the field at
> http://ostermiller.org/calc/encode.html and click "Hex Decode". You'll
> quickly see what this thing does.
> On Thu, Jun 3, 2010 at 10:58 AM, Greg Freemyer <greg.freemyer at gmail.com> wrote:
>> All,
>> I'm looking at an intrusion and found the attached very suspicious
>> html file (I added a .bin extent so it would not be associated with a
>> browser etc.
>> Anyway, within it there is a string ?(see below) that I think is the
>> hex expression (see below) of malware that I need converted to binary.
>> ?Can someone help me out with a perl script to convert. ?Or even
>> better, convert it to binary and seal it up in a password protected
>> zip file. ?Use "infected" as the password. ?Thanks, Greg
>> == Potential malware representation
> --
> James Sumners
> http://james.roomfullofmirrors.com/
> "All governments suffer a recurring problem: Power attracts
> pathological personalities. It is not that power corrupts but that it
> is magnetic to the corruptible. Such people have a tendency to become
> drunk on violence, a condition to which they are quickly addicted."
> Missionaria Protectiva, Text QIV (decto)
> CH:D 59
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

Greg Freemyer
Head of EDD Tape Extraction and Processing team
Litigation Triage Solutions Specialist
CNN/TruTV Aired Forensic Imaging Demo -

The Norcross Group
The Intersection of Evidence & Technology