| Packed MD5 | e0dc02ee4b6bab8df417e6264911b665 |
| Priority | 1 |
| First | 01/05/2010 |
| Last | 01/16/2010 |
| Count | |
| History | |
| Unpacked MD5 | |
| AV Hits | 40 |
| AV Count | 32 |
| CC Servers | |
| DNS Lookups | TW:m.drd3h.com |
| Failed Connects | TW:122.117.146.70:6668 |
| AV Name | AhnLab-V3:IRCBot.variant, AntiVir:TRDownloader.Gen, Authentium:Trojan3.AQU, Avast:_Rootkit-gen, AVG:IRCBackDoor.SdBot4.JKI, BitDefender:IRC-Generic.7016, CAT-QuickHeal:Rbot.aus, ClamAV:MISSED, DrWeb:HLLW.MyBot.7, eSafe:TRDownloader, eTrust-Vet:Rbot.JOJ, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:RBot.AUS!tr.bdr, F-Prot:Trojan3.AQU, F-Secure:IRC-Generic.7016, Ikarus:Rbot, Kaspersky:Packed.Black.d, McAfee:Sdbot.worm, Microsoft:Rbot.gen, NOD32v2:MISSED, Norman:DLoader.NSZX, Panda:Gaobot.OXI.worm, Prevx1:MISSED, Rising:Rbot.GEN, Sophos:MalGeneric-A, Sunbelt:SDBot, Symantec:IRCBot, TheHacker:BackdoorRbot.aus, VBA32:OScope.Backdoor.Sdbot.Cgen, VirusBuster:Rbot.AJBY, Webwasher-Gateway:MISSED |
| WinXP Files | |
| WinXP Processes | CMD.EXE, CSRSS.EXE, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, myreceve.com, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE |
| WinXP Registries | HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\.key, HKEY_LOCAL_MACHINE@...Classes\.key, HKEY_LOCAL_MACHINE@...CurrentVersion\RunServices, HKEY_USERS@...Microsoft\OLE |
| WinXP Ports | 1040, 1040, 42404, 4794, 4795, 4796, 4797, 4798, 4799, 4800, 4801, 4802, 4803, 4804, 4805, 4806, 4807, 4808, 4809, 4810, 4811, 4812, 4813, 4814, 4815, 4816, 4817, 4818, 4819, 4820, 4821, 4822, 4823, 4824, 4825, 4826, 4827, 4828, 4829, 3728 |
| Win-2Kf Files | |
| Win-2Kf Processes | myreceve.com |
| Win-2Kf Registries | HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\\.key, HKEY_LOCAL_MACHINE@...Classes\\.key, HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...InternetSettings\\5.0, HKEY_USERS@...InternetSettings\\Connections, HKEY_USERS@...Microsoft\\OLE |
| Win-2Kf Ports | 1032, 10600, 3615, 3616, 3617, 3618, 3619, 3620, 3621, 3622, 3623, 3624, 3625, 3626, 3627, 3628, 3629, 3630, 3631, 3632, 3633, 3634, 3635, 3636, 3637, 3638, 3639, 3640, 3641, 3642, 3643, 3644, 3645, 3646, 3728 |
| Create Events | |
| Create Files | |
| Create RegKeys | |
| Open RegKeys | |
| Service Starts | |
| Service Deletes | |
| Service Creates | |
| Cluster | |
| Cluster Confidence | |
| Packer ID1 | none |
| Packer ID2 | none |
| Embedded DNS | |
| String Count | |
| String Link | text |
| String MD5 | |
| Timerange | 365 Days |
| Unpack Status | unknown () |
| Countries | 3 |
| Unpacked Link | |
| Callgraph | |
| API Resolution | |
| Comment | none |