Caveats of MD5 Naming
by log0 on January 18th, 2010
Brief note…
You might have noticed that I used md5 as filenames in the previous (old!) post. In most cases, it is fine.
However, what if the malware depends on a file called hgz.dll? You can calculate hgz.dll as md5, then find the filename out, now put that in the VM again – fine. But you see it is a troublesome process… that you can’t easily automate. There are other cases… of course.
Well, you get the point!
English
Recent Comments