| Packed MD5 | 94d9f89ef5b07055209b56d0f1e8de0f |
| Priority | 0 |
| First | 06/27/2008 |
| Last | 07/03/2008 |
| Count | 2 |
| History | 2 hits: 06-27 to 07-03 |
| Unpacked MD5 | |
| AV Hits | 33 |
| AV Count | 32 |
| CC Servers | 4.244.57.246:21 4.244.198.27:21 |
| DNS Lookups | :irc.drxclusives.info CA:activestate.com US:acp.org.s7b1.psmtp.com :mail.activestate.com :smtp.activestate.com :mx1.activestate.com :mxs.activestate.com :mail1.activestate.com :relay.activestate.com :ns.activestate.com :gate.activestate.com US:maillnx-us311.fmr.com US:acp.org.s7b2.psmtp.com DE:mf0.ffm0.de.carpe.net US:maillnx-us312.fmr.com US:acp.org.s7a1.psmtp.com DE:convex.com US:fmrco.com.s8a1.psmtp.com US:acp.org.s7a2.psmtp.com :mx.convex.com :mail.convex.com :smtp.convex.com :mx1.convex.com US:fmrco.com.s8a2.psmtp.com US:mailaps.org US:b.mx.mail.yahoo.com US:c.mx.mail.yahoo.com US:d.mx.mail.yahoo.com US:cpan.mx.develooper.com US:e.mx.mail.yahoo.com FR:spool.mail.gandi.net US:cpan.org US:f.mx.mail.yahoo.com FR:fb.mail.gandi.net :mx.cpan.org :alcatel.at :msg.com.mx US:wamnet.com GB:opengroup.org US:jpmorgan.com :scalpel.netlabs.com |
| Failed Connects | US:192.223.178.26:25 US:192.223.178.27:25 CA:204.244.102.3:25 CA:204.244.102.6:25 US:209.191.118.103:25 US:209.191.88.239:25 US:209.191.88.247:25 DE:212.96.133.129:25 DE:212.96.133.20:25 US:216.39.53.1:25 US:216.39.53.2:25 US:64.18.6.10:25 US:64.18.6.11:25 US:64.18.6.13:25 US:64.18.6.14:25 US:64.18.7.10:25 US:66.196.82.7:25 NZ:132.181.2.61:25 NZ:132.181.2.71:25 US:216.52.237.216:25 FR:217.70.184.6:25 US:66.196.97.250:25 US:66.39.76.93:25 |
| AV Name | AhnLab-V3:Mytob.51200, AntiVir:Mytob.AI, Authentium:Mytob.AX@mm, Avast:_Mytob-AI, AVG:I-Mytob.AM, BitDefender:Mytob.AN, CAT-QuickHeal:MISSED, ClamAV:PUA.Packed.MEW-1, DrWeb:HLLM.MyDoom.based, eSafe:Stration, eTrust-Vet:Mytob.AC, Ewido:Mytob.t, FileAdvisor:MISSED, Fortinet:MyTob.AE@mm, F-Prot:Mytob.AX@mm, F-Secure:Mytob.t, Ikarus:IM-Sumom.C, Kaspersky:Mytob.t, McAfee:Mytob.gen@MM, Microsoft:Mytob.AB@mm, NOD32v2:Mytob.AG, Norman:Mytob.AH, Panda:Mytob.AO.worm, Prevx1:Suspicious, Rising:Mytob.GEN, Sophos:Mytob-E, Sunbelt:Agent.gen!C, Symantec:Mytob.AE@mm, TheHacker:Mytob.t, VBA32:Mytob.t, VirusBuster:I-Mytob.AN, Webwasher-Gateway:Mytob.AI |
| WinXP Files | |
| WinXP Processes | |
| WinXP Registries | |
| WinXP Ports | |
| Win-2Kf Files | |
| Win-2Kf Processes | hellmsn.exe, taskgmr.exe |
| Win-2Kf Registries | HKEY_LOCAL_MACHINE@...CurrentVersion\RunServices, HKEY_USERS@...Control\Lsa, HKEY_USERS@...CurrentControlSet\Control, HKEY_USERS@...CurrentVersion\Run, HKEY_USERS@....DEFAULT\SYSTEM, HKEY_USERS@...InternetSettings\5.0, HKEY_USERS@...InternetSettings\Connections, HKEY_USERS@...Microsoft\OLE, HKEY_USERS@...SYSTEM\CurrentControlSet, HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...Control\\Lsa, HKEY_USERS@...CurrentControlSet\\Control, HKEY_USERS@...CurrentVersion\\Run, HKEY_USERS@....DEFAULT\\SYSTEM, HKEY_USERS@...InternetSettings\\5.0, HKEY_USERS@...InternetSettings\\Connections, HKEY_USERS@...Microsoft\\OLE, HKEY_USERS@...SYSTEM\\CurrentControlSet |
| Win-2Kf Ports | 1027, 1031, 21, 44445, 4569, 4570, 4571, 4572, 4573, 4574, 4575, 4576, 4577, 4578, 4579, 4580, 4581, 4582, 4583, 4584, 4585, 4586, 4587, 4588, 4589, 4590, 4591, 4592, 4593, 4594, 4595, 4596, 4597, 4598, 4599, 4600, 4601, 4602, 4603, 4609, 4610, 4611, 4612, 4613, 4614, 4615, 4616, 4617, 4618, 4619, 4620, 4621, 4622, 4623, 4624, 4625, 4626, 4627, 4628, 4629, 4630, 4631, 4632, 4633, 4634, 4635, 4636, 4637, 4638, 4639, 4640, 4641, 4642, 4643, 4644, 4645, 4646, 4647, 4648, 4649, 4650, 4651, 4652, 4653, 4654, 4655, 4656, 4657, 4658, 4659, 4660, 4661, 4662, 4663, 4664, 4665, 4666, 4667, 4669, 4670, 4672, 4673, 4674, 4675, 3444, 3445, 3446, 3447, 3448, 3449, 3450, 3451, 3452, 3453, 3454, 3455, 3456, 3457, 3458, 3459, 3460, 3461, 3462, 3463, 3464, 3465, 3466, 3467, 3468, 3469, 3470, 3471, 3472, 3473, 3474, 3475, 3476, 3477, 3478, 3479, 3480, 3481, 3482, 3483, 3484, 3485, 3486, 3487, 3488, 3489, 3490, 3491, 3492, 3493, 3494, 3495, 3496, 3497, 3498, 3499, 3500, 3501, 3502, 3503, 3504, 3505, 3506, 3507, 3508, 3509, 3510, 3511, 3512, 3513, 3514, 3515, 3516, 3517, 3518, 3519, 3520, 3521, 3522, 3523, 3524, 3525, 3526, 3527, 3528, 3530, 3531, 3533, 3534, 3535, 3536, 3537, 3538, 3539, 3540, 3541, 3542, 3544, 3545, 3546, 3550, 3551 |
| Create Events | |
| Create Files | |
| Create RegKeys | |
| Open RegKeys | |
| Service Starts | |
| Service Deletes | |
| Service Creates | |
| Cluster | |
| Cluster Confidence | |
| Packer ID1 | none |
| Packer ID2 | none |
| Embedded DNS | |
| String Count | |
| String Link | text |
| String MD5 | |
| Timerange | 365 Days |
| Unpack Status | unknown () |
| Countries | 1 |
| Unpacked Link | none[none] |
| Callgraph | none:none |
| API Resolution | |
| Comment | none |