| Packed MD5 | 80205569e9e9d9e602d5a4f6dff699b2 |
| Priority | 1 |
| First | 06/27/2008 |
| Last | 08/15/2008 |
| Count | 6 |
| History | 6 hits: 06-27 to 08-15 |
| Unpacked MD5 | |
| AV Hits | 25 |
| AV Count | 32 |
| CC Servers | 67.149.121.39:13001 94.36.65.59:13001 |
| DNS Lookups | US:chat-shqip.org US:w3bs.chat-shqip.org |
| Failed Connects | US:69.247.147.113:12351 US:69.247.147.113:13001 |
| AV Name | AhnLab-V3:MISSED, AntiVir:WootBot.87882, Authentium:STZ_like!Generic, Avast:_Virut-C, AVG:MISSED, BitDefender:GenPack_Generic.Sdbot.9AD9796F, CAT-QuickHeal:Wootbot.gen, ClamAV:Virut.ca, DrWeb:Packed.494, eSafe:Virut.gen, eTrust-Vet:ForBot.WC, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:Virut.fam, F-Prot:STZ_like!Generic, F-Secure:Virut.n, Ikarus:Virut.d, Kaspersky:Virut.n, McAfee:Virut.remnants, Microsoft:Virut.dam, NOD32v2:MISSED, Norman:Virut.D, Panda:MISSED, Prevx1:MISSED, Rising:Virut.au, Sophos:MISSED, Sunbelt:MISSED, Symantec:Virut.B, TheHacker:BackdoorWootbot.gen, VBA32:MISSED, VirusBuster:Virut.Gen, Webwasher-Gateway:WootBot.87882 |
| WinXP Files | ctfmom.exe |
| WinXP Processes | CMD.EXE, CSRSS.EXE, ctfmom.exe, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE |
| WinXP Registries | HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...CurrentVersion\\RunOnce |
| WinXP Ports | 1034, 1062, 1195, 12045, 1305, 1378, 1383, 1588, 1654, 1833, 2151, 2157, 2164, 2336, 2748, 2871, 2884, 2912, 3013, 3022, 3098, 3107, 3193, 3261, 3313, 3526, 3527, 3528, 3529, 3530, 3531, 3532, 3533, 3534, 3535, 3536, 3537, 3538, 3539, 3540, 3541, 3542, 3543, 3544, 3545, 3546, 3547, 3548, 3549, 3550, 3551, 3552, 3553, 3554, 3555, 3556, 3557, 3558, 3559, 3560, 3561, 3562, 3563, 3564, 3565, 3566, 3567, 3568, 3569, 3570, 3571, 3572, 3573, 3574, 3575, 3576, 3577, 3578, 3579, 4576, 4861, 4865, 4976, 5566, 1029, 1092, 1113, 1122, 1214, 1218, 1567, 1570, 16635, 1767, 1826, 1881, 1890, 2087, 2096, 2127, 2131, 2133, 2145, 2334, 2461, 2462, 2463, 2464, 2465, 2466, 2467, 2468, 2469, 2470, 2471, 2472, 2473, 2474, 2475, 2476, 2477, 2478, 2479, 2480, 2481, 2482, 2483, 2484, 2485, 2486, 2487, 2488, 2489, 2490, 2491, 2492, 2493, 2494, 2495, 2496, 2497, 2498, 2499, 2500, 2501, 2502, 2503, 2504, 2505, 2506, 2507, 2508, 2509, 2510, 2511, 2512, 2513, 2514, 2515, 2516, 2517, 2518, 2519, 2520, 2521, 2522, 2523, 2524, 2525, 2526, 2527, 2528, 2529, 2530, 2531, 2532, 2533, 2534, 2535, 2536, 2537, 2538, 2539, 2783, 2874, 3393, 3467, 3875, 3884, 4032, 4299, 4603, 4659, 4773, 4888, 1040, 11461 |
| Win-2Kf Files | |
| Win-2Kf Processes | |
| Win-2Kf Registries | |
| Win-2Kf Ports | 12045 |
| Create Events | |
| Create Files | |
| Create RegKeys | |
| Open RegKeys | |
| Service Starts | |
| Service Deletes | |
| Service Creates | |
| Cluster | |
| Cluster Confidence | |
| Packer ID1 | none |
| Packer ID2 | none |
| Embedded DNS | |
| String Count | |
| String Link | text |
| String MD5 | |
| Timerange | 365 Days |
| Unpack Status | unknown () |
| Countries | 1 |
| Unpacked Link | none[none] |
| Callgraph | none:none |
| API Resolution | |
| Comment | none |