|Main Archive Page > Month Archives > clamav-users archives|
On 04/13/2010 05:22 PM, Andre Hübner wrote:
> Sorry, i read digest version and answering creates a new unthreaded mail...
>>> Create a signature for some unique code sequence specific to it for
> yes, i do this for textfiles of all kindes but how to find unique code
> sequence in a binary file.
> i think editing/copy/paste with binaries is not recommended way. What is
> preferred procedure?
> iam not dealing with binaries this way very often...
I don't think that ELF files are that much different in this regard from
PE files: you need to analyze the executable code.
The way you usually do that is by disassembling with some tool (objdump
-d should work for ELF).
You need to understand x86 assembly language though...
Teaching you how to do that is out of scope for this mailing list.
So why don't you just submit the sample at clamav.net/sendvirus?