| Packed MD5 | da7aac0dc4ffb3037666229b078dea7a |
| Priority | 3 |
| First | 06/27/2008 |
| Last | 08/10/2008 |
| Count | 11 |
| History | 11 hits: 06-27 to 08-10 |
| Unpacked MD5 | |
| AV Hits | 30 |
| AV Count | 32 |
| CC Servers | 94.36.65.59:12351 69.247.147.113:13001 190.174.67.119:13001 24.192.170.232:12351 |
| DNS Lookups | US:chat-shqip.org US:w3bs.chat-shqip.org JP:chat-shqip.org JP:w3bs.chat-shqip.org |
| Failed Connects | US:69.247.147.113:12351 US:69.247.147.113:13001 94.36.65.59:12351 94.36.65.59:13001 190.174.67.119:12351 190.174.67.119:13001 US:24.192.170.232:13001 |
| AV Name | AhnLab-V3:Virut.D, AntiVir:Virut.W, Authentium:Backdoor2.BHJW, Avast:_Virut, AVG:PolyCrypt, BitDefender:Wootbot.ABQ, CAT-QuickHeal:Virut.D, ClamAV:Virut.Gen.C-158, DrWeb:Virut.5, eSafe:MISSED, eTrust-Vet:Virut.10639.A, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:MetaCrypt.1, F-Prot:Backdoor2.BHJW, F-Secure:Virut.q, Ikarus:Virut.n, Kaspersky:Virut.q, McAfee:Virut.gen, Microsoft:Virut.gen!AI, NOD32v2:Virut.Q, Norman:Virut.U, Panda:Virutas.gen, Prevx1:MISSED, Rising:Virut.GEN, Sophos:Vetor-A, Sunbelt:MISSED, Symantec:Virut.U, TheHacker:Virut.gen2, VBA32:Virut.q, VirusBuster:Wootbot.YZ, Webwasher-Gateway:Virut.W |
| WinXP Files | exlorers.exe |
| WinXP Processes | CMD.EXE, CSRSS.EXE, defrag.exe, DfrgFat.exe, exlorers.exe, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE |
| WinXP Registries | HKEY_LOCAL_MACHINE@...CurrentVersion\RunServices, HKEY_USERS@...CurrentVersion\RunOnce, HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...CurrentVersion\\RunOnce |
| WinXP Ports | 1042, 12045, 17708, 1034, 11321, 1142, 1153, 1189, 1468, 1469, 1479, 1518, 1529, 1538, 1547, 1549, 1550, 1551, 1552, 1553, 1554, 1555, 1556, 1557, 1558, 1559, 1560, 1561, 1562, 1563, 1564, 1565, 1566, 1567, 1568, 1569, 1570, 1571, 1572, 1573, 1574, 1575, 1576, 1577, 1578, 1579, 1580, 1581, 1582, 1583, 1584, 1585, 1586, 1587, 1588, 1589, 1590, 1591, 1592, 1593, 1594, 1595, 1596, 1597, 1598, 1599, 1600, 1601, 1602, 1603, 1604, 1605, 1606, 1607, 1608, 1609, 1610, 1611, 1612, 1613, 1614, 445, 1036, 1126, 1130, 1234, 1651, 1662, 1890, 2046, 2302, 2303, 2304, 2305, 2306, 2307, 2308, 2309, 2310, 2311, 2312, 2313, 2314, 2315, 2316, 2317, 2318, 2319, 2320, 2321, 2322, 2323, 2324, 2325, 2326, 2327, 2328, 2329, 2330, 2331, 2332, 2333, 2334, 2335, 2336, 2337, 2338, 2339, 2340, 2341, 2342, 2343, 2344, 2345, 2346, 2347, 2348, 2349, 2350, 2351, 2352, 2353, 2354, 2355, 2356, 2357, 2358, 2359, 2360, 2361, 2362, 2363, 2364, 2365, 2366, 2367, 2368, 2369, 2370, 2371, 2372, 2373, 2374, 2375, 2376, 2377, 2378, 2379, 2380, 2381, 2382, 2383, 2384, 2385, 2386, 2387, 2388, 2389, 2390, 2391, 2392, 2393, 2394, 2395, 2396, 2397, 2398, 3610, 4056, 4277, 7377, 1044, 21444 |
| Win-2Kf Files | |
| Win-2Kf Processes | |
| Win-2Kf Registries | |
| Win-2Kf Ports | 12045 |
| Create Events | |
| Create Files | |
| Create RegKeys | |
| Open RegKeys | |
| Service Starts | |
| Service Deletes | |
| Service Creates | |
| Cluster | |
| Cluster Confidence | |
| Packer ID1 | none |
| Packer ID2 | none |
| Embedded DNS | |
| String Count | |
| String Link | text |
| String MD5 | |
| Timerange | 365 Days |
| Unpack Status | unknown () |
| Countries | 2 |
| Unpacked Link | none[none] |
| Callgraph | none:none |
| API Resolution | |
| Comment | none |