- Jan 7, 2014
- 45
I was doing comodo firewall testing using "comodo Leak Test" just before this happen.I am going to paste here the binary as a code.
Also I am curious to know that how I upload a suspicious file here for investigation.
Is this file may be a sandbox image? I used firefox in comodo sandbox before.
Code:
MZ ÿÿ ¸ @ È º ´ Í!¸LÍ!This program cannot be run in DOS mode.
$ yOÀï=.®¼=.®¼=.®¼=.¯¼7.®¼þ!ó¼:.®¼èܼ<.®¼èÖ¼<.®¼Rich=.®¼ PE L )jI à € @ @ À P @ 4 .text º `.rdata p @ @.data 0 @ À ‹FW‹= @ Pÿ׋NQÿ׋Rÿ×_ÃÌÌÌÌÌÌìD Wj j j j h\ @ ÿ @ …À‰„´ j<D$j Pèb ¸ ƒÄ‰D$‰D$4D$Pj j L$L”$P h” @ ÇD$< ‰L$$‰T$@ÿ @ ‹L$‹j j jj j QT$XRPÿ$ @ …À‹= @ ‰Ft8j h „j j j Œ$X Qj Pÿ @ …À‰Ft
¸ _ÄD ËVRÿ׋Pÿ×3À_ÄD ÃÌÌÌÌÌÌÌÌÌÌÌÌÌ̃ìV3ÀWt$‰D$‰D$‰D$3ÿèòþÿÿ…Àt>‹t$WWWWVÿ @ ‹ø‹D$Ph h 0@ Vÿ @ V‹5 @ ÿÖ‹L$QÿÖ‹T$RÿÖ‹Ç_^ƒÄ ÌÌÌÌÌÌQV3öhô ‰t$ÿ @ D$Pèsÿÿÿ…Àt9t$v¾# Vÿ @ ^ÿ%, @ Ú! è! ”! l! ¸! X! ¨! €! D! þ! )jI \ " Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) http://www.comodo.com/images/style/logo.gif ! Î! ! ð! <! " , Ú! è! ”! l! ¸! X! ¨! €! D! þ! o InternetConnectA q InternetCrackUrlA š InternetReadFile U HttpOpenRequestA Y HttpSendRequestA ’ InternetOpenA i InternetCloseHandle WININET.dll ¹ ExitProcess VSleep KERNEL32.dll Hmemset ntdll.dll RSDS"U+Æf'@IœãˆÝ[ræ; c:\stuff\projects\clt\trunk\src\Win32\Release\plugins\RunnerExe.pdb
Is this file may be a sandbox image? I used firefox in comodo sandbox before.