Packed MD5 cd75030ece87b369b9024a2f138a37fd 
Priority
First 08/05/2008 
Last 08/26/2008 
Count 19 
History 19 hits: 07-29 to 08-26 
Unpacked MD5 fda109a6fdb8a53d76036870995c2068  
AV Hits 18 13 
AV Count 32 
CC Servers 69.42.216.108:9890 69.42.216.108:2010 69.42.216.90:9890 69.42.216.90:2010 
DNS Lookups :f.unicat.org FR:www.members.lycos.co.uk :adware.rxmods.net 
Failed Connects  
AV Name AhnLab-V3:MISSED, AntiVir:TRCrypt.TPM.Gen, Authentium:MISSED, Avast:MISSED, AVG:RBot.FA, BitDefender:DeepScan_Generic.Sdbot.EE8FDC31, CAT-QuickHeal:SdBot.gen, ClamAV:PUA.Packed.Themida, DrWeb:MISSED, eSafe:MISSED, eTrust-Vet:MISSED, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:MISSED, F-Prot:MISSED, F-Secure:SDBot.gen8, Ikarus:Generic.Sdbot, Kaspersky:MISSED, McAfee:MISSED, Microsoft:MISSED, NOD32v2:MISSED, Norman:SDBot.gen8, Panda:MISSED, Prevx1:Generic.Malware, Rising:MISSED, Sophos:SusComPack, Sunbelt:MISSED, Symantec:MISSED, TheHacker:Behav-Heuristic-064, VBA32:MISSED, VirusBuster:MISSED, Webwasher-Gateway:Crypt.TPM.Gen  
WinXP Files asGnda.com, igxdfdfds.com,  
WinXP Processes CMD.EXE, CSRSS.EXE, EXPLORER.EXE, igxdfdfds.com, LSASS.EXE, MSMSGS.EXE, rundll32.exe, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE  
WinXP Registries HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...CurrentVersion\\RunOnce, HKEY_USERS@...Software\\WinRARSFX  
WinXP Ports 1034, 14357, 23786, 3830, 3831, 3832, 3833, 3834, 3835, 3836, 3837, 3838, 3839, 3840, 3841, 3842, 3843, 3844, 3845, 3846, 3847, 3848, 3849, 3850, 3851, 3852, 3853, 3854, 3855, 3856, 3857, 3858, 3859, 3860, 3861, 3862, 3863, 3864, 3865, 3866, 3867, 3868, 3869, 3870, 3871, 3872, 3873, 2092, 2143, 2155, 2159, 2196, 2245, 2246, 3672, 3729, 3979, 3980, 4029, 1956, 1957, 1958, 1959, 1960, 1961, 1962, 1963, 1964, 1965, 1966, 1967, 1968, 1969, 1970, 1971, 1972, 1973, 1974, 1975, 1976, 1977, 1978, 1979, 1980, 1981, 1982, 1983, 1984, 1985, 1986, 1987, 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023, 2024, 2025, 2026, 2027, 2028, 2029, 2030, 2031, 2032, 2033, 2034, 2035, 2036, 2037, 2038, 23898, 4236, 8622, 1040, 1055, 1056, 1058, 1122, 1152, 1153, 2644, 2649, 2900, 2920, 2958  
Win-2Kf Files  
Win-2Kf Processes igxdfdfds.com, rundll32.exe  
Win-2Kf Registries HKEY_LOCAL_MACHINE@...CurrentVersion\RunServices, HKEY_USERS@...CurrentVersion\Run, HKEY_USERS@...InternetSettings\5.0, HKEY_USERS@...InternetSettings\Connections, HKEY_USERS@...Software\WinRARSFX  
Win-2Kf Ports 1030, 1030, 10997, 1640, 1640, 19182, 2863, 2864, 2865, 2866, 2867, 2868, 2869, 2870, 2871, 2872, 2873, 2874, 2875, 2876, 2877, 2878, 2879, 2880, 2881, 2882, 2883, 2884, 2885, 2886, 2887, 2888, 2889, 2890, 2891, 2892, 2893, 2894, 2895, 2896, 2897, 2898, 2899, 2900, 2901, 2902, 2903, 2904, 2905, 2906, 2907, 2908, 2909, 2910, 2911, 2912, 2913, 2914, 2915, 2916, 2917, 2918, 2919, 2920, 2921, 2922, 2923, 2924, 2925, 2926, 2927, 2928, 2929, 2930, 2931, 2932, 2933, 2934, 2935, 2936, 2937, 2938, 2939, 2940, 2941  
Create Events  
Create Files  
Create RegKeys  
Open RegKeys  
Service Starts  
Service Deletes  
Service Creates  
Cluster  
Cluster Confidence  
Packer ID1 ASProtect 
Packer ID2  
Embedded DNS igxdfdfds.com, f.unicat.org  
String Count 583 
String Link text
String MD5 dd1b998b5ada719f7a50d2898faf4d4d 
Timerange 365 Days 
Unpack Status unknown () 
Countries
Unpacked Link none[none]
none [none
Callgraph none:nonenone:none 
API Resolution  
Comment none