f7521317149b9327e2dfb0b550dc2891

Packed MD5	f7521317149b9327e2dfb0b550dc2891
Priority	0
First	08/10/2008
Last	08/11/2008
Count	2
History	2 hits: 08-10 to 08-11
Unpacked MD5
AV Hits	29
AV Count	32
CC Servers	67.149.121.39:12351 24.192.170.232:13001
DNS Lookups	US:chat-shqip.org US:w3bs.chat-shqip.org
Failed Connects	US:67.149.121.39:13001
AV Name	AhnLab-V3:IRCBot.variant, AntiVir:WootBot.85322, Authentium:Backdoor2.BHJW, Avast:_VanBot-HR, AVG:Agobot.GPG, BitDefender:Wootbot.ABQ, CAT-QuickHeal:Wootbot.gen, ClamAV:Virut.da, DrWeb:Packed.494, eSafe:MISSED, eTrust-Vet:ForBot.WA, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:MetaCrypt.7, F-Prot:Backdoor2.BHJW, F-Secure:Virut.n, Ikarus:Virut.d, Kaspersky:Virut.n, McAfee:Virut.remnants, Microsoft:Wootbot.EE, NOD32v2:MISSED, Norman:Virut.D, Panda:MISSED, Prevx1:MISSED, Rising:Virut.at, Sophos:MalGeneric-A, Sunbelt:MISSED, Symantec:Virut.H, TheHacker:BackdoorWootbot.gen, VBA32:MISSED, VirusBuster:Wootbot.YZ, Webwasher-Gateway:WootBot.85322
WinXP Files	exlorers.exe
WinXP Processes	CMD.EXE, CSRSS.EXE, exlorers.exe, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE
WinXP Registries	HKEY_LOCAL_MACHINE@...CurrentVersion\RunServices, HKEY_USERS@...CurrentVersion\RunOnce, HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...CurrentVersion\\RunOnce
WinXP Ports	1035, 12045, 1779, 2037, 20850, 2091, 2295, 2470, 2832, 2903, 3243, 3252, 3324, 3361, 3452, 3749, 3923, 3929, 4038, 4298, 4762, 4830, 4831, 4832, 4833, 4834, 4835, 4836, 4837, 4838, 4839, 4840, 4841, 4842, 4843, 4844, 4845, 4846, 4847, 4848, 4849, 4850, 4851, 4852, 4853, 4854, 4855, 4856, 4857, 4858, 4859, 4860, 4861, 4862, 4863, 4864, 4865, 4866, 4867, 4868, 4869, 4870, 4871, 4872, 4873, 4874, 4875, 4876, 4877, 4878, 4879, 4880, 4881, 4882, 4883, 4884, 4885, 4886, 4887, 4888, 4889, 4890, 4891, 4892, 4893, 4894, 4895, 4896, 4897, 4898, 4899, 4900, 4901, 4902, 4903, 4904, 4905, 4906, 4907, 4908, 4909, 4910, 1034, 1146, 1150, 1355, 1439, 1472, 1602, 1649, 1665, 1951, 1967, 2197, 2308, 2413, 2868, 3317, 3460, 3514, 3519, 3520, 3525, 3588, 3605, 3752, 3773, 3832, 3952, 4114, 4247, 4248, 4249, 4250, 4251, 4252, 4253, 4254, 4255, 4256, 4257, 4258, 4259, 4260, 4261, 4262, 4263, 4264, 4265, 4266, 4267, 4268, 4269, 4270, 4271, 4272, 4273, 4274, 4275, 4276, 4277, 4278, 4279, 4280, 4281, 4282, 4283, 4284, 4285, 4286, 4287, 4288, 4289, 4290, 4291, 4292, 4293, 4294, 4295, 4296, 4297, 4299, 4300, 4301, 4302, 4303, 4304, 4305, 4306, 4307, 4308, 4309, 4310, 4311, 4312, 4313, 4314, 4315, 4316, 4317, 4318, 4319, 4320, 4321, 4322, 4323, 4324, 4325, 4326, 4327, 4328, 4329, 4330, 4331, 4332, 4333, 4334, 4335, 4336, 4337, 4338, 4339, 4340, 4341, 4342, 4374, 445, 4539, 4550, 4573, 4654, 4818, 4999, 9205
Win-2Kf Files
Win-2Kf Processes
Win-2Kf Registries
Win-2Kf Ports
Create Events
Create Files
Create RegKeys
Open RegKeys
Service Starts
Service Deletes
Service Creates
Cluster
Cluster Confidence
Packer ID1	none
Packer ID2	none
Embedded DNS
String Count
String Link	text
String MD5
Timerange	365 Days
Unpack Status	unknown ()
Countries	2
Unpacked Link	none[none]
Callgraph	none:none
API Resolution
Comment	none