Packed MD5 03f912899b3d90f9915d72fc9abb91be 
Priority 35 
First 04/16/2008 
Last 08/27/2008 
Count 109 
History 109 hits: 01-08 to 08-27 
Unpacked MD5 83893bd25d41883e93d539544ef892f9  
AV Hits 32 
AV Count 32 
CC Servers  
DNS Lookups  
Failed Connects  
AV Name AhnLab-V3:Sasser.16384, AntiVir:Sasser.D, Authentium:Sasser.D, Avast:_Sasser-D, AVG:Generic.BG, BitDefender:Sasser.D, CAT-QuickHeal:Sasser.D, ClamAV:Sasser.D, DrWeb:HLLW.Jobaka.4, eSafe:Sasser.d, eTrust-Vet:Sasser.D, Ewido:Sasser.c, FileAdvisor:MISSED, Fortinet:Sasser.D!worm, F-Prot:Sasser.D, F-Secure:Sasser.c, Ikarus:Email-Plexus, Kaspersky:Sasser.c, McAfee:Sasser.d, Microsoft:Sasser.dam, NOD32v2:Sasser.D, Norman:Sasser.D, Panda:Sasser.D.worm, Prevx1:Generic.Malware, Rising:Sasser.d, Sophos:Sasser-D, Sunbelt:MISSED, Symantec:Sasser.D, TheHacker:Sasser.gen.worm, VBA32:Sasser.c, VirusBuster:Sasser.D, Webwasher-Gateway:Malware.gen  
WinXP Files 10733_up.exe, 11877_up.exe, 11888_up.exe, 1194_up.exe, 13531_up.exe, 142_up.exe, 15724_up.exe, 15814_up.exe, 16275_up.exe, 16357_up.exe, 17071_up.exe, 17672_up.exe, 18033_up.exe, 1875_up.exe, 18765_up.exe, 20796_up.exe, 21837_up.exe, 21971_up.exe, 22621_up.exe, 22828_up.exe, 23388_up.exe, 23419_up.exe, 234_up.exe, 25276_up.exe, 26623_up.exe, 2714_up.exe, 27491_up.exe, 29400_up.exe, 29452_up.exe, 294_up.exe, 31174_up.exe, 32256_up.exe, 32615_up.exe, 366_up.exe, 4183_up.exe, 5868_up.exe, 6653_up.exe, 8466_up.exe, 9059_up.exe, skynetave.exe, 3519_up.exe, 4877_up.exe, 10803_up.exe, 11244_up.exe, 12489_up.exe, 15604_up.exe, 15867_up.exe, 16836_up.exe, 20263_up.exe, 23592_up.exe, 27570_up.exe, 2815_up.exe, 29195_up.exe, 30295_up.exe, 32082_up.exe, 3231_up.exe  
WinXP Processes CMD.EXE, CSRSS.EXE, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, skynetave.exe, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE, dwwin.exe, ftp.exe, DLLHOST.EXE  
WinXP Registries HKEY_LOCAL_MACHINE@...Reliability\\UserDefined, HKEY_LOCAL_MACHINE@...Microsoft\\DownloadManager, HKEY_USERS@...InternetSettings\\5.0, HKEY_USERS@...InternetSettings\\Connections  
WinXP Ports 1031, 1172, 1173, 1174, 1176, 1177, 1183, 1185, 1187, 1191, 1192, 1193, 1194, 1195, 1204, 1205, 1206, 1210, 1211, 1212, 1213, 1214, 1215, 1217, 1219, 1220, 1222, 1223, 1229, 1230, 1232, 1234, 1242, 1249, 1250, 1252, 1253, 1254, 1255, 1256, 1258, 1259, 1262, 1263, 1265, 1266, 1275, 1283, 1284, 1285, 1286, 1287, 1289, 1290, 1292, 1293, 1298, 1299, 1301, 1303, 1309, 1317, 1318, 1320, 1321, 1323, 1324, 1325, 1326, 1327, 1329, 1331, 1333, 1335, 1338, 1339, 1347, 1356, 1357, 1359, 1360, 1361, 1362, 1363, 1365, 1366, 1369, 1371, 1373, 1374, 1378, 1379, 1385, 1395, 1396, 1398, 1399, 1400, 1401, 1402, 1405, 1406, 1409, 1410, 1417, 1422, 1425, 1428, 1429, 1431, 1432, 1434, 1435, 1437, 1438, 1440, 1442, 1448, 1458, 1459, 1461, 1462, 1463, 1464, 1465, 1466, 1468, 1469, 1471, 1473, 1474, 1482, 1483, 1489, 1497, 1498, 1500, 1501, 1502, 1503, 1504, 1506, 1507, 1511, 1512, 1514, 1516, 1523, 1531, 1532, 1533, 1534, 1535, 1536, 1537, 1540, 1541, 1544, 1545, 1547, 1550, 1551, 1553, 1557, 1562, 1567, 1575, 1576, 1578, 1579, 1580, 1581, 1582, 1584, 1585, 1588, 1589, 1592, 1593, 1597, 1600, 1606, 1614, 1615, 1617, 1618, 1619, 1620, 1621, 1622, 1624, 1626, 1627, 1631, 1632, 1637, 1638, 1645, 1653, 1654, 1655, 1656, 1657, 1659, 1660, 1662, 1663, 1666, 1668, 1669, 1671, 1673, 1675, 1678, 1679, 1685, 1697, 1698, 1700, 1701, 1703, 1704, 1705, 1706, 1707, 1711, 1712, 1715, 1716, 1718, 1721, 1726, 1736, 1737, 1738, 1739, 1740, 1742, 1743, 1746, 1748, 1750, 1751, 1758, 1765, 1766, 1768, 1769, 1771, 1772, 1773, 1775, 1776, 1778, 1779, 1782, 1783, 1791, 1799, 1800, 1801, 1802, 1803, 1805, 1806, 1807, 1809, 1811, 1812, 1815, 1816, 1819, 1821, 1829, 1838, 1839, 1841, 1842, 1843, 1844, 1846, 1848, 1849, 1850, 1852, 1853, 1854, 445, 5554, 9995, 1036, 1038, 1026, 1132, 1138, 1139, 1141, 1142, 1143, 1144, 1145, 1147, 1148, 1151, 1153, 1154, 1156, 1158, 1159, 1162, 1163, 1166, 1169, 1175, 1188, 1190, 1197, 1198, 1199, 1201, 1203, 1221, 1224, 1225, 1227, 1228, 1231, 1233, 1237, 1238, 1239, 1241, 1247, 1267, 1268, 1269, 1270, 1271, 1273, 1274, 1276, 1277, 1281, 1282, 1291, 1310, 1312, 1313, 1314, 1315, 1316, 1319, 1322, 1334, 1341, 1342, 1353, 1354, 1358, 1364, 1367, 1368, 1370, 1372, 1375, 1382, 1392, 1393, 1394, 1397, 1404, 1408, 1411, 1414, 1423, 1433, 1436, 1441, 1443, 1444, 1450, 1451, 1472, 1475, 1477, 1479, 1481, 1487, 1495, 1505, 1508, 1509, 1510, 1513, 1519, 1521, 1524, 1526, 1528, 1543, 1546, 1548, 1549, 1556, 1558, 1560, 1561, 1563, 1564, 1566, 1587, 1590, 1591, 1594, 1595, 1598, 1601, 1604, 1612, 1625, 1628, 1629, 1634, 1636, 1640, 1646, 1658, 1661, 1664, 1665, 1676, 1681, 1682, 1688, 1699, 1702, 1708, 1709, 1720, 1724, 1725, 1732, 1744, 1747, 1753, 1754, 1756, 1757, 1760, 1761, 1767, 1777, 1780, 1781, 1784, 1786, 1787, 1793, 1795, 1796, 1797, 1817, 1820, 1822, 1824, 1826, 1827, 1830, 1845, 1847, 1042, 1043, 1077, 1025, 1029, 1039, 1041, 1044, 1045, 1046, 1047, 1049, 1050, 1052, 1053, 1055, 1056, 1067, 1073, 1074, 1076, 1079, 1080, 1081, 1082, 1083, 1085, 1086, 1087, 1089, 1093, 1099, 1101, 1107, 1109, 1114, 1119, 1120, 1122, 1125, 1129, 1131, 1133, 1134, 1135, 1146, 1149, 1150, 1160, 1179, 1180, 1181, 1182, 1186, 1189, 1196, 1200, 1218, 1235, 1245, 1257, 1280, 1294, 1295, 1296, 1297, 1302, 1328, 1330, 1332, 1337, 1343, 1344, 1349, 1351, 1355, 1376, 1377, 1380, 1383, 1386, 1403, 1413, 1427, 1439, 1445, 1446, 1457, 1490, 1491, 1493, 1494, 1496, 1499, 1515, 1517, 1520, 1522, 1525, 1527, 1538, 1554, 1555, 1559, 1569, 1570, 1571, 1573, 1596, 1599, 1602, 1603, 1609, 1623, 1633, 1643, 1647, 1649, 1650, 1652, 1667, 1670, 1672, 1690, 1691, 1692, 1693, 1694, 1727, 1072, 1027, 1033  
Win-2Kf Files  
Win-2Kf Processes  
Win-2Kf Registries  
Win-2Kf Ports  
Create Events  
Create Files  
Create RegKeys  
Open RegKeys SOFTWARE\Microsoft\Windows\CurrentVersion\Run 
Service Starts  
Service Deletes  
Service Creates  
Cluster  
Cluster Confidence  
Packer ID1 none 
Packer ID2 none 
Embedded DNS  
String Count 65 
String Link text
String MD5 8d18d17d13b60e0b1170d7c5bf8fdd0a 
Timerange 365 Days 
Unpack Status good (unpacked : 0 : Unpacking Provided Binary. (Code,Data) = (72.64%, 21.08%)) 
Countries 15 
Unpacked Link 83893bd25d [0
Callgraph ASM:Graph 
API Resolution 100% 
Comment none