Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

What the HEX?


  • Please log in to reply

#1
adqjohn

adqjohn

    Member

  • Member
  • PipPip
  • 42 posts
Hi guys and gals. I have isolated a nasty little file named winwow32. I have veiwed the contents and while I can't read much of it, some of the text mentions "my sk0r Days P2P worm copywrite sk0r alias Cyzbik". Seems to be ransomeware, "if you want files back contact..." I copied the file from another computer and have been very careful not to execute on mine. I used my Filelyzer to explore a bit and now I have a question concerning Hex strings. In the string list (quite long) there are a couple that stick out like:
skOr Days 00001E78 00000000 00000000 00007635
skOr Days P2P 00001A64 736B3072 20446179 73205032
What the heck do these mean and are what is the significance of ones like this?

Signed,
Hex Dummy
  • 0

Advertisements


#2
Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
Please follow the procedures outlined here: Malware Removal Guide

You will need a PC which can connect to the internet

Run all the programmes as advised then post a current Hijack This Log in a new topic in the Malware Forum

For the purpose of accurate malware analysis, Hijack This Logs are only dealt with in the Malware Forum. Posting them anywhere else will result in a delayed response

If you are unable to run any of the programmes, please ask for advice in the Malware Forum
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP