| Packed MD5 | ab5e47bf8d488c45406d2aef7595fcd1 |
| Priority | 8 |
| First | 01/17/2008 |
| Last | 07/03/2008 |
| Count | 56 |
| History | 56 hits: 05-10 to 07-03 |
| Unpacked MD5 | |
| AV Hits | 29 |
| AV Count | 32 |
| CC Servers | |
| DNS Lookups | DE:siliconfireware.ru US:searchportal.information.com SE:kavkazcenter.com SE:kavkazcenter.net FI:kavkazchat.com US:chechenpress.info GB:chechenpress.co.uk US:shaheeds.org :daymohk.info :chripress.org DK:marsho.dk RU:www.shaheeds.by.ru FI:imgs2.kavkazcenter.com FI:static.kavkazchat.com :www.google.com GB:www.chechenpress.co.uk RU:www.bbin.ru :wpad EU:siliconfireware.ru US:www.jamaatshariat.com US:www.counterdata.com DE:m1.webstats.motigo.com US:www.islamicfinder.org US:www.vimeo.com US:www.youtube.com RU:grani-tv.ru RU:video.rutube.ru :www.google-analytics.com US:blip.tv US:video.google.com :www.proxy-socks.net US:flash.revver.com FR:www.dailymotion.com EU:ebookfinaltrash.ru RU:an.yandex.ru RU:bs.yandex.ru :pagead2.googlesyndication.com GB:new.egg.com EU:an.yandex.ru US:spi.domainsponsor.com US:ads.kw.revenue.net US:ads1.revenue.net CA:as.casalemedia.com US:activex.microsoft.com CA:codecs.microsoft.com US:daymohk.info |
| Failed Connects | DK:193.201.35.247:80 US:208.73.212.12:80 DE:217.11.54.126:80 RU:217.16.29.51:80 US:72.29.65.216:80 EU:78.47.200.154:80 FI:80.81.183.151:80 FI:80.81.183.162:80 RU:195.200.213.52:80 GB:217.194.210.198:80 US:69.25.142.48:80 SE:88.80.5.157:80 SE:88.80.5.15:80 DE:212.227.111.29:80 69.64.145.229:80 US:67.15.211.9:80 RU:217.16.29.50:80 FR:195.8.214.140:80 74.125.19.103:80 US:216.52.184.243:80 GB:217.145.225.22:80 RU:213.180.204.92:80 DE:62.146.88.122:80 US:66.39.25.242:80 EU:77.88.21.90:80 US:63.251.92.197:80 74.125.19.164:80 US:206.130.125.121:80 RU:213.180.204.90:80 US:208.65.153.251:80 US:208.65.153.253:80 |
| AV Name | AhnLab-V3:DropperAgent.57856.B, AntiVir:TRDrop.Padobot, Authentium:MISSED, Avast:_Trojano-2932, AVG:Dropper.Agent.CWJ, BitDefender:Qukart.A, CAT-QuickHeal:TrojanDropper.Agent.abh, ClamAV:Qukart, DrWeb:HangUp.32, eSafe:Agent.abh, eTrust-Vet:Berkor.A, Ewido:Dropper.Agent.abh, FileAdvisor:MISSED, Fortinet:BDoor.AXJ!tr.bdr, F-Prot:Berbew.M, F-Secure:MISSED, Ikarus:Trojan-Downloader.Small.AIP, Kaspersky:Trojan-Dropper.Agent.abh, McAfee:BackDoor-AXJ, Microsoft:Berbew.BN, NOD32v2:Spy.Qukart, Norman:Agent.LCU, Panda:Qukart.S.worm, Prevx1:MISSED, Rising:MISSED, Sophos:Doxpar-E, Sunbelt:Vxgame, Symantec:Dropper, TheHacker:Dropper.Agent.abh, VBA32:HangUp.32, VirusBuster:DR.Agent.SG, Webwasher-Gateway:Drop.Padobot |
| WinXP Files | Bppbnd32.dll, DCPROMO.LOG, emlatl32.dll, mdbdpdpe.htm, ndisrd.sys, srdny32.dll, Aionoj32.dll, higpjfol.htm, slyojn32.dll, wwlr32.dll, DCFBBDEI.exe, hpapmkgp.htm, Inknbjpm.dll, Onlgpe32.exe, system@kavkazchat2.txt, zwea32.dll, Kaafoono.dll, Nfebdn32.exe, zllsxe32.dll, Hmeofcoo.dll, kjoeagqc.htm, mzcxd32.dll, aurouo32.dll, cqniegqi.htm, index.dat, Jkbhdbjl.dll, rkxmwm32.dll, system@shaheeds.by1.txt, Hcncdb32.exe, hmxpmc32.dll, Nnmcoa32.dll, Ennmialk.exe, Llmoei32.dll, vxqsn32.dll, Bdogmj32.exe, Iifqfhpo.dll, nccdtl32.dll, rnpg32.dll, cvav32.dll, Diljafeq.dll, ophzu32.dll, Pencbkne.exe, gciediag.htm, Jhjihf32.dll, wtywl32.dll, indkkpif.htm, pmcpta32.dll, Ppfdbpmd.dll, qdlahpkp.htm, Qjngmooe.dll, ybnel32.dll, bzffqf32.dll, ekkiu32.dll, Ippifihl.dll, Pnkafp32.exe, Lodcpbjp.dll, Maoehdkg.exe, nsvena32.dll, system@casalemedia1.txt, system@revenue2.txt, system@searchportal.information1.txt, Aojfjf32.dll, oogfaw32.dll, Qmbidcla.exe |
| WinXP Processes | CMD.EXE, CSRSS.EXE, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE, DCFBBDEI.exe, dwwin.exe, Iexplore.exe, Onlgpe32.exe, Nfebdn32.exe, Hcncdb32.exe, Ennmialk.exe, Bdogmj32.exe, Pencbkne.exe, iexplore.exe, Pnkafp32.exe, Maoehdkg.exe, Qmbidcla.exe |
| WinXP Registries | HKEY_CURRENT_USER@...ActivatingDocument\\.Current, HKEY_CURRENT_USER@...CurrentVersion\\InternetSettings, HKEY_CURRENT_USER@...FeatureControl\\FEATURE_LOCALMACHINE_LOCKDOWN, HKEY_CURRENT_USER@...InternetSettings\\Zones, HKEY_CURRENT_USER@...Main\\FeatureControl, HKEY_CURRENT_USER@...Microsoft\\Windows, HKEY_CURRENT_USER@...Windows\\CurrentVersion, HKEY_CURRENT_USER@...Zones\\0, HKEY_CURRENT_USER@...Zones\\1, HKEY_CURRENT_USER@...Zones\\2, HKEY_CURRENT_USER@...Zones\\3, HKEY_CURRENT_USER@...Zones\\4, HKEY_LOCAL_MACHINE@...CurrentVersion\\InternetSettings, HKEY_LOCAL_MACHINE@...InternetSettings\\Zones, HKEY_LOCAL_MACHINE@...Reliability\\UserDefined, HKEY_LOCAL_MACHINE@...Windows\\CurrentVersion, HKEY_LOCAL_MACHINE@...Zones\\0, HKEY_LOCAL_MACHINE@...Zones\\1, HKEY_LOCAL_MACHINE@...Zones\\2, HKEY_LOCAL_MACHINE@...Zones\\3, HKEY_LOCAL_MACHINE@...Zones\\4, HKEY_USERS@...ActivatingDocument\\.Current, HKEY_USERS@...CurrentVersion\\InternetSettings, HKEY_USERS@...Explorer\\ActivatingDocument, HKEY_USERS@...Explorer\\CabinetState, HKEY_USERS@...Explorer\\RunMRU, HKEY_USERS@...FeatureControl\\FEATURE_LOCALMACHINE_LOCKDOWN, HKEY_USERS@...InternetExplorer\\Toolbar, HKEY_USERS@...InternetExplorer\\TypedURLs, HKEY_USERS@...InternetSettings\\Zones, HKEY_USERS@...Main\\FeatureControl, HKEY_USERS@...Microsoft\\Windows, HKEY_USERS@...Windows\\CurrentVersion, HKEY_USERS@...Zones\\0, HKEY_USERS@...Zones\\1, HKEY_USERS@...Zones\\2, HKEY_USERS@...Zones\\3, HKEY_USERS@...Zones\\4, HKEY_USERS@...International\\CpMRU, HKEY_USERS@...InternetExplorer\\International, HKEY_LOCAL_MACHINE@...Microsoft\\CodeStoreDatabase, HKEY_USERS@...5E6AB780-7743-11CF-A12B-00AA004AE837\\Count, HKEY_USERS@...75048700-EF1F-11D0-9888-006097DEACF9\\Count, HKEY_USERS@...Explorer\\UserAssist, HKEY_USERS@...InternetExplorer\\Media, HKEY_USERS@...Microsoft\\IEAK, HKEY_USERS@...Microsoft\\InternetConnectionWizard, HKEY_USERS@...UserAssist\\5E6AB780-7743-11CF-A12B-00AA004AE837, HKEY_USERS@...UserAssist\\75048700-EF1F-11D0-9888-006097DEACF9 |
| WinXP Ports | 80, 1038, 1087, 1102, 1112, 1029, 1042, 1952, 1706, 1763, 1728, 1804, 1806, 1809, 1726, 1789, 1047, 1693, 1766, 1743, 1746, 1747, 1748, 1767, 1768, 1678, 1749, 1732, 1788, 1750, 1684, 1044, 1106, 1129, 1132, 2758, 1093, 1688, 1783, 1786, 1815, 1816, 1791, 1793, 1794, 1838, 1714 |
| Win-2Kf Files | |
| Win-2Kf Processes | |
| Win-2Kf Registries | |
| Win-2Kf Ports | |
| Create Events | |
| Create Files | |
| Create RegKeys | |
| Open RegKeys | |
| Service Starts | |
| Service Deletes | |
| Service Creates | |
| Cluster | |
| Cluster Confidence | |
| Packer ID1 | ASPack |
| Packer ID2 | |
| Embedded DNS | |
| String Count | |
| String Link | text |
| String MD5 | |
| Timerange | 365 Days |
| Unpack Status | good (FAILED : 3 : No Unpacked Binary Generated) |
| Countries | 1 |
| Unpacked Link | 5a0ec6ef25 [0] |
| Callgraph | ASM:Graph |
| API Resolution | 72% |
| Comment | none |