| Packed MD5 | 29e0d3d46bf3a9ad272129a1fd74c24b |
| Priority | 3 |
| First | 08/03/2008 |
| Last | 08/03/2008 |
| Count | |
| History | |
| Unpacked MD5 | fda109a6fdb8a53d76036870995c2068 |
| AV Hits | 26 28 13 |
| AV Count | 32 |
| CC Servers | 69.42.216.90:9890 69.42.216.90:9890 194.14.236.50:6667 194.68.45.50:6669 194.68.45.50:6666 194.68.45.50:6665 194.68.45.50:6668 69.42.216.90:9890 194.14.236.50:6667 149.9.1.16:6669 194.68.45.50:6667 149.9.1.16:6666 149.9.1.16:6667 |
| DNS Lookups | :f.unicat.org FR:www.members.lycos.co.uk SE:slimey.uk.eu.dal.net SE:irc.dal.net SE:rangers.ix.us.dal.net DE:arcor.de.eu.dal.net SE:broadway.ny.us.dal.net US:irc.dal.net |
| Failed Connects | KW:212.43.23.103:6667 SE:194.68.45.50:6660 SE:194.68.45.50:6667 FR:213.193.4.11:80 |
| AV Name | AhnLab-V3:MISSED, AntiVir:TRCrypt.TPM.Gen, Authentium:MISSED, Avast:MISSED, AVG:RBot.FA, BitDefender:DeepScan_Generic.Sdbot.EE8FDC31, CAT-QuickHeal:SdBot.gen, ClamAV:PUA.Packed.Themida, DrWeb:MISSED, eSafe:MISSED, eTrust-Vet:MISSED, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:MISSED, F-Prot:MISSED, F-Secure:SDBot.gen8, Ikarus:Generic.Sdbot, Kaspersky:MISSED, McAfee:MISSED, Microsoft:MISSED, NOD32v2:MISSED, Norman:SDBot.gen8, Panda:MISSED, Prevx1:Generic.Malware, Rising:MISSED, Sophos:SusComPack, Sunbelt:MISSED, Symantec:MISSED, TheHacker:Behav-Heuristic-064, VBA32:MISSED, VirusBuster:MISSED, Webwasher-Gateway:Crypt.TPM.Gen |
| WinXP Files | g.com, igxdfdfds.com |
| WinXP Processes | CMD.EXE, CSRSS.EXE, EXPLORER.EXE, igxdfdfds.com, kiss.exe, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE, defrag.exe, DfrgFat.exe |
| WinXP Registries | HKEY_CLASSES_ROOT@...ChatFile\\DefaultIcon, HKEY_CLASSES_ROOT@...ChatFile\\Shell, HKEY_CLASSES_ROOT@...ddeexec\\Application, HKEY_CLASSES_ROOT@...ddeexec\\ifexec, HKEY_CLASSES_ROOT@...ddeexec\\Topic, HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\\.cha, HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\\.chat, HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\\ChatFile, HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\\irc, HKEY_CLASSES_ROOT@...irc\\DefaultIcon, HKEY_CLASSES_ROOT@...irc\\Shell, HKEY_CLASSES_ROOT@...open\\command, HKEY_CLASSES_ROOT@...open\\ddeexec, HKEY_CLASSES_ROOT@...Shell\\open, HKEY_LOCAL_MACHINE@...ChatFile\\DefaultIcon, HKEY_LOCAL_MACHINE@...ChatFile\\Shell, HKEY_LOCAL_MACHINE@...Classes\\.cha, HKEY_LOCAL_MACHINE@...Classes\\.chat, HKEY_LOCAL_MACHINE@...Classes\\ChatFile, HKEY_LOCAL_MACHINE@...Classes\\irc, HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_LOCAL_MACHINE@...ddeexec\\Application, HKEY_LOCAL_MACHINE@...ddeexec\\ifexec, HKEY_LOCAL_MACHINE@...ddeexec\\Topic, HKEY_LOCAL_MACHINE@...irc\\DefaultIcon, HKEY_LOCAL_MACHINE@...irc\\Shell, HKEY_LOCAL_MACHINE@...open\\command, HKEY_LOCAL_MACHINE@...open\\ddeexec, HKEY_LOCAL_MACHINE@...Shell\\open, HKEY_LOCAL_MACHINE@...Uninstall\\mIRC, HKEY_USERS@...CurrentVersion\\RunOnce, HKEY_USERS@...mIRC\\DateUsed, HKEY_USERS@...Software\\mIRC, HKEY_USERS@...Software\\WinRARSFX |
| WinXP Ports | 1034, 113, 1401, 1402, 1403, 1404, 1405, 1406, 1407, 1408, 1409, 1410, 1411, 1412, 1413, 1414, 1415, 1416, 1417, 1418, 1419, 1420, 1421, 1422, 1423, 1424, 1425, 1426, 1427, 1428, 1429, 1430, 1431, 1432, 1433, 1434, 1435, 1436, 1437, 1438, 1439, 1440, 1441, 1442, 1443, 1444, 1445, 1446, 1447, 1448, 1449, 1450, 1451, 1452, 1453, 1454, 1455, 1456, 1457, 1458, 1459, 1460, 1461, 1462, 1463, 1464, 1465, 1466, 1467, 1468, 1469, 1470, 1471, 1472, 1473, 1474, 1475, 2265, 44564, 1836, 4529, 4530, 4531, 4532, 4533, 4534, 4535, 4536, 4537, 4538, 4539, 4540, 4541, 4542, 4543, 4544, 4545, 4546, 4547, 4548, 4549, 4550, 4551, 4552, 4553, 4554, 4555, 4556, 4557, 4558, 4559, 4560, 4561, 4562, 7795, 13059, 2285, 2286, 2287, 2288, 2289, 2290, 2291, 2292, 2293, 2294, 2295, 2296, 2297, 2298, 2299, 2300, 2301, 2302, 2303, 2304, 2305, 2306, 2307, 2308, 2309, 2310, 2311, 2312, 2313, 2314, 2315, 2316, 2317, 2318, 2319, 2320, 2321, 2322, 2323, 2324, 2325, 2326, 2327, 2328, 2329, 2330, 2331, 2332, 2333, 2334, 2335, 2336, 2337, 2338, 2340, 2341, 2342, 2343, 2344, 2345, 2346, 2347, 2348, 2349, 2350, 2351, 2352, 2353, 2354, 2355, 2356, 2357, 2358, 2359, 2360, 2361, 2362, 2363, 2364, 2365, 2366, 2367, 2368, 2369, 2370, 2371, 2372, 2373, 3365, 4261, 4262, 4263, 4264, 4265, 4266, 4267, 4268, 4269, 4270, 4271, 4272, 4273, 4274, 4275, 4276, 4277, 4278, 4279, 4280, 4281, 4282, 4283, 4285, 4286, 4287, 4288, 4289, 4290, 4291, 4292, 4293, 4294, 4295, 4296, 4297, 5937, 17604, 4378, 4379, 4380, 4381, 4382, 4383, 4384, 4385, 4386, 4387, 4388, 4390, 4391, 4392, 4393, 4394, 4395, 4396, 4397, 4398, 4399, 4400, 4401, 4402, 4403, 4404, 4405, 4406, 4407, 4408, 4409, 4410, 4411, 4412, 4413, 4414, 4415, 4416, 4417, 1125, 1767, 1768, 1947, 1948, 1949, 1950, 1951, 1952, 1953, 1954, 1955, 1956, 1957, 1958, 1959, 1960, 1961, 1962, 1963, 1964, 1965, 1966, 1967, 1968, 1969, 1970, 1971, 1972, 1973, 1974, 1975, 1976, 1977, 1978, 1979, 1980, 1981, 1982, 19836 |
| Win-2Kf Files | |
| Win-2Kf Processes | igxdfdfds.com, kiss.exe |
| Win-2Kf Registries | HKEY_CLASSES_ROOT@...ChatFile\\DefaultIcon, HKEY_CLASSES_ROOT@...ChatFile\\Shell, HKEY_CLASSES_ROOT@...ddeexec\\Application, HKEY_CLASSES_ROOT@...ddeexec\\ifexec, HKEY_CLASSES_ROOT@...ddeexec\\Topic, HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\\.cha, HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\\.chat, HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\\ChatFile, HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\\irc, HKEY_CLASSES_ROOT@...irc\\DefaultIcon, HKEY_CLASSES_ROOT@...irc\\Shell, HKEY_CLASSES_ROOT@...open\\command, HKEY_CLASSES_ROOT@...open\\ddeexec, HKEY_CLASSES_ROOT@...Shell\\open, HKEY_LOCAL_MACHINE@...ChatFile\\DefaultIcon, HKEY_LOCAL_MACHINE@...ChatFile\\Shell, HKEY_LOCAL_MACHINE@...Classes\\.cha, HKEY_LOCAL_MACHINE@...Classes\\.chat, HKEY_LOCAL_MACHINE@...Classes\\ChatFile, HKEY_LOCAL_MACHINE@...Classes\\irc, HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_LOCAL_MACHINE@...ddeexec\\Application, HKEY_LOCAL_MACHINE@...ddeexec\\ifexec, HKEY_LOCAL_MACHINE@...ddeexec\\Topic, HKEY_LOCAL_MACHINE@...irc\\DefaultIcon, HKEY_LOCAL_MACHINE@...irc\\Shell, HKEY_LOCAL_MACHINE@...open\\command, HKEY_LOCAL_MACHINE@...open\\ddeexec, HKEY_LOCAL_MACHINE@...Shell\\open, HKEY_LOCAL_MACHINE@...Uninstall\\mIRC, HKEY_USERS@...CurrentVersion\\Run, HKEY_USERS@...Microsoft\\MicrosoftAgent, HKEY_USERS@...mIRC\\DateUsed, HKEY_USERS@...Software\\mIRC, HKEY_USERS@...Software\\WinRARSFX |
| Win-2Kf Ports | 1030, 113, 1881, 1882, 1883, 1884, 1885, 1886, 1887, 1888, 1889, 1890, 1891, 1892, 1893, 1894, 1895, 1896, 1897, 1898, 1899, 1900, 1901, 1902, 1903, 1904, 1905, 1906, 1907, 1908, 1909, 1910, 1911, 1912, 1913, 1914, 1915, 1916, 1917, 1918, 1919, 1920, 1921, 1922, 1923, 1924, 1925, 1926, 1928, 1929, 1930, 1931, 1932, 1933, 1934, 1935, 3437, 44564, 4550, 4551, 4639, 7523 |
| Create Events | |
| Create Files | |
| Create RegKeys | |
| Open RegKeys | |
| Service Starts | |
| Service Deletes | |
| Service Creates | |
| Cluster | |
| Cluster Confidence | |
| Packer ID1 | ASProtect |
| Packer ID2 | |
| Embedded DNS | igxdfdfds.com, f.unicat.org |
| String Count | 583 |
| String Link | text |
| String MD5 | dd1b998b5ada719f7a50d2898faf4d4d |
| Timerange | 365 Days |
| Unpack Status | unknown () |
| Countries | 5 |
| Unpacked Link | |
| Callgraph | |
| API Resolution | |
| Comment | none |