[sanesecurity] Re: decode .ldb?

• From: Steve Basford <steveb_clamav@xxxxxxxxxxxxxxxx>
• To: sanesecurity@xxxxxxxxxxxxx
• Date: Tue, 16 Jun 2009 19:55:50 +0100

McDonald, Dan wrote:

The clamav-unofficial-sigs.sh script has a nifty decoding tool for .ndb
signatures.  Can someone give me a procedure for decoding .ldb
signatures?  I've been seeing a lot of
Sanesecurity.Spam.ldb.21.UNOFFICIAL and would like to know what it is:

http://pastebin.ws/f31y4z

In a nutshell... it's a new image spam variant, stopping with the brilliant logical signatures database type :)

Cheers,

Steve
Sanesecurity

• Follow-Ups:
  • [sanesecurity] Re: decode .ldb?
    • From: McDonald, Dan

• References:
  • [sanesecurity] decode .ldb?
    • From: McDonald, Dan

Other related posts:

• » [sanesecurity] decode .ldb?- McDonald, Dan
• » [sanesecurity] Re: decode .ldb? - Steve Basford
• » [sanesecurity] Re: decode .ldb?- Bill Landry
• » [sanesecurity] Re: decode .ldb?- McDonald, Dan

1. Home
2. sanesecurity
3. Archive
4. 06-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---