Packed MD5 4f3df56c303ed88efd9c870c645aa0d2 
Priority
First 06/28/2008 
Last 08/12/2008 
Count 14 
History 14 hits: 06-28 to 08-12 
Unpacked MD5  
AV Hits 10 
AV Count 32 
CC Servers 190.174.67.119:13001 24.192.170.232:13001 67.149.121.39:13001 
DNS Lookups US:chat-shqip.org US:w3bs.chat-shqip.org JP:chat-shqip.org 
Failed Connects US:69.247.147.113:12351 US:69.247.147.113:13001 US:24.192.170.232:12351 US:24.192.170.232:13001 
AV Name AhnLab-V3:MISSED, AntiVir:Virut.X, Authentium:STZ_like!Generic, Avast:MISSED, AVG:MISSED, BitDefender:MISSED, CAT-QuickHeal:MISSED, ClamAV:MISSED, DrWeb:MISSED, eSafe:MISSED, eTrust-Vet:MISSED, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:Virut.fam, F-Prot:STZ_like!Generic, F-Secure:Virut.T, Ikarus:Virut.n, Kaspersky:MISSED, McAfee:MISSED, Microsoft:MISSED, NOD32v2:MISSED, Norman:Virut.T, Panda:MISSED, Prevx1:MISSED, Rising:Virut.GEN, Sophos:MISSED, Sunbelt:MISSED, Symantec:MISSED, TheHacker:MISSED, VBA32:MISSED, VirusBuster:MISSED, Webwasher-Gateway:Virut.X  
WinXP Files iexplorer.exe, c.bat  
WinXP Processes CMD.EXE, CSRSS.EXE, EXPLORER.EXE, iexplorer.exe, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE  
WinXP Registries HKEY_LOCAL_MACHINE@...CurrentVersion\RunServices, HKEY_USERS@...CurrentVersion\RunOnce, HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...CurrentVersion\\RunOnce  
WinXP Ports 1038, 12045, 17103, 1034, 1137, 1531, 1597, 1606, 1742, 1771, 1772, 1773, 1774, 1775, 1776, 1777, 1778, 1779, 1780, 1781, 1782, 1783, 1784, 1785, 1786, 1787, 1788, 1789, 1790, 1791, 1792, 1793, 1794, 1795, 1796, 1797, 1798, 1799, 1800, 1801, 1802, 1803, 1804, 1805, 1806, 1807, 1808, 1809, 1813, 1814, 1815, 1816, 1817, 1818, 1819, 1820, 1821, 1822, 1823, 1824, 1825, 1826, 2577, 2872, 3067, 3582, 3702, 4130, 4141, 4340, 4547, 4762, 4764, 4803, 4806, 4813, 4816, 4839, 4851, 4973, 4976, 1032, 1049, 1055, 1073, 1085, 1417, 1422, 1434, 1896, 1897, 1898, 1899, 1900, 1901, 1902, 1903, 1904, 1905, 1906, 1907, 1908, 1909, 1910, 1911, 1912, 1913, 1914, 1915, 1916, 1917, 1918, 1919, 1920, 1921, 1922, 1923, 1924, 1925, 1926, 1927, 1928, 1929, 1930, 1931, 1932, 1933, 1934, 9034, 17339, 1039, 18561, 12622  
Win-2Kf Files  
Win-2Kf Processes iexplorer.exe  
Win-2Kf Registries HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...CurrentVersion\\Run  
Win-2Kf Ports 1037, 12045, 1489, 1490, 1491, 1492, 1493, 1494, 1495, 1496, 1497, 1498, 1499, 1500, 1501, 1502, 1503, 1504, 1505, 1506, 1507, 1508, 1509, 1510, 1511, 1512, 1513, 1514, 1515, 1516, 1517, 1518, 1519, 1520, 1521, 1522, 1523, 1524, 1525, 1526, 1527, 1528, 1529, 1530, 1531, 1532, 1533, 1534, 1535, 1536, 1537, 1538, 1539, 1540, 1541, 1542, 1543, 1544, 1545, 1546, 1547, 1548, 1549, 1550, 1551, 1552, 1553, 1554, 1555, 1556, 1557, 1558, 1559, 1560, 1561, 1562, 1563, 1564, 1565, 1566, 1567, 1568, 1569, 1570, 1571, 1572, 1573, 1574, 1575, 1576, 1577, 1578, 1579, 1580, 1581, 1582, 1583, 1584, 1585, 1586, 1587, 1588, 1589, 1590, 1591, 1592, 1593, 1594, 1595, 1596, 1597, 1598, 1599, 1600, 1601, 1602, 1603, 1604, 1605, 1606, 1607, 1608, 1609, 1610, 1611, 1612, 1613, 1614, 1615, 1616, 1617, 1618, 1619, 1620, 1621, 1622, 1623, 1624, 1625, 1626, 1627, 1628, 1629, 1630, 1631, 1632, 1633, 1634, 1635, 1636, 1637, 1638, 1639, 1640, 1641, 1642, 1643, 1644, 1645, 1646, 1647, 1648, 1649, 1650, 1651, 1652, 1653, 2522, 1035, 7911, 1041, 7046, 1034, 13844, 5531, 1036, 6754, 1045, 14421, 10665  
Create Events  
Create Files  
Create RegKeys  
Open RegKeys  
Service Starts  
Service Deletes  
Service Creates  
Cluster  
Cluster Confidence  
Packer ID1 none 
Packer ID2 none 
Embedded DNS  
String Count  
String Link text
String MD5  
Timerange 365 Days 
Unpack Status unknown () 
Countries
Unpacked Link none[none
Callgraph none:none 
API Resolution  
Comment none