[spam][crazy] bomb malware

Karl gmkarl at gmail.com
Mon Dec 13 04:28:37 PST 2021 

0631
i'm on my truck laptop!  i'm kinda freaking out a bit, but being able
to stand up was great.
i'm not set up for reverse engineering, and i only have two systems
with large displays for extensive work like that if done manually.
this is one of them.  the other is [airgapped] but not set up
amazingly yet.
0632

i just want to build ghidra from source for fun :)  it can probably
run while other things are looke at.  this is redhat, switch to jdk 11
...

0648
well all this stuff takes ages to download.  but isn't it fun to plan
and desire to work on it!
ummmm while ghidra is downloading, maybe i'll download ida pro too.

0701
woohoo i booted up ghidra!  i'm running the binary package.  source is
still downloading dependencies.  hopefully it's just like ida pro but
with intuitive buttons that make things happen automatically.

0704
ooooh the code browser interface looks similar to ida!

[some text lost as i confusedly attempt to navigate my system]

0721
i found the curious hexadecimal strings in the ghidra disassembly.
they're used from a function still on the dissassembler queue.  oh no,
it seems to be dissasembled now.

the decompilation looks like garbage.  no transformer models in ghidra yet ;p.

0726
woahhh i have two edit windows for this email open, and they have
different content.  my mind doesn't want to find one from the other.
i just keep landing on them at separate moments.

0727
ok.  here are the missing spamloglines:

--
0715
the analysis progress meter is in the lower right in ghidra
codebrowser, not where one expects from ida!  sneaky!

let's see if we can find those hexadecimal strings ...

0726
the big content is
d8d5b3ead919ae8be99c725432686e4f69bd58f9fc1d6c08b2303b72062d55038ec6df0355b46e0731707e818480a87e832cbc7556c33f272b1856815b712a3cf06b6a3d96dbe2ca1ee8ce63e4d66049b4ef48c057c570e9718b06e4bcd6758c0eeaeaee186581382ad1c6c1abe2862b76ae39d9ee1f00fece695fd9abbf04404425c897e18fdb33b72058cdd30e80d30dd7ded3493191208191a63787e5be2a215caf9a43ebaddeb8df5592d0
--

end of missing spamlog lines.
gonna just send this spam

More information about the cypherpunks mailing list