| Packed MD5 | ff06f98413469911153fa723cef81313 |
| Priority | 0 |
| First | 08/18/2008 |
| Last | 08/21/2008 |
| Count | 4 |
| History | 4 hits: 08-14 to 08-21 |
| Unpacked MD5 | |
| AV Hits | 14 |
| AV Count | 32 |
| CC Servers | |
| DNS Lookups | CA:dong.nagitiriheiwu.net |
| Failed Connects | |
| AV Name | AhnLab-V3:DropperMulDrop.30720, AntiVir:TRSmall.xpj.3, Authentium:MISSED, Avast:MISSED, AVG:Downloader.Agent.AJGB, BitDefender:Kobcka.EX, CAT-QuickHeal:Small.xpj, ClamAV:MISSED, DrWeb:MulDrop.17530, eSafe:MISSED, eTrust-Vet:MISSED, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:MISSED, F-Prot:MISSED, F-Secure:Small.xpj, Ikarus:Small.xpj, Kaspersky:Small.xpj, McAfee:MISSED, Microsoft:MISSED, NOD32v2:MISSED, Norman:MISSED, Panda:MISSED, Prevx1:MISSED, Rising:MISSED, Sophos:MISSED, Sunbelt:MISSED, Symantec:MISSED, TheHacker:MISSED, VBA32:MISSED, VirusBuster:MISSED, Webwasher-Gateway:Small.xpj.3 |
| WinXP Files | |
| WinXP Processes | CMD.EXE, CSRSS.EXE, explorer.exe, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE |
| WinXP Registries | HKEY_USERS@...Explorer\Advanced |
| WinXP Ports | 1032, 1032, 1170, 135, 1480, 1733, 2061, 2457, 2769, 3122, 3123, 3124, 3126, 3127, 3130, 3131, 3134, 3135, 3138, 3139, 3142, 3143, 3146, 3147, 3150, 3151, 3154, 3155, 3158, 3159, 3161, 3162, 3165, 3166, 3169, 3170, 3173, 3174, 3177, 3178, 3181, 3182, 3185, 3186, 3188, 3189, 3192, 3193, 3196, 3197, 3200, 3201, 3204, 3205, 3208, 3209, 3212, 3213, 3216, 3217, 3220, 3221, 3224, 3225, 3227, 3228, 3231, 3232, 3235, 3236, 3239, 3240, 3243, 3244, 3247, 3248, 3251, 3252, 3255, 3256, 3258, 3260, 3261, 3264, 3265, 3268, 3269, 3272, 3273, 3276, 3277, 3280, 3281, 3284, 3285, 3288, 3289, 3292, 3293, 3296, 3297, 3300, 3301, 3304, 3305, 3308, 3309, 3312, 3313, 3316, 3319, 3320, 3323, 3324, 3327, 3328, 3331, 3332, 3335, 3338, 3339, 3342, 3343, 3346, 3347, 3350, 3351, 3354, 3355, 3358, 3359, 3362, 3363, 3366, 3367, 3370, 3371, 3374, 3375, 3378, 3379, 3382, 3383, 3386, 3387, 3390, 3391, 3394, 3395, 3398, 3399, 3401, 3402, 3405, 3406, 3409, 3410, 3413, 3414, 3417, 3418, 3421, 3422, 3425, 3426, 3429, 3432, 3433, 3436, 3437, 3440, 3441, 3444, 3445, 3448, 3449, 3452, 3453, 3456, 3457, 3460, 3461, 3464, 3465, 3468, 3469, 3472, 3475, 3476, 3479, 3480, 3483, 3484, 3487, 3488, 3491, 3492, 3495, 3496, 3499, 3500, 3503, 3504, 3507, 3508, 3511, 3512, 3515, 3516, 3519, 3520, 3523, 3524, 3527, 3528, 3531, 3532, 3535, 3536, 3539, 3540, 3543, 3544, 3547, 3548, 3551, 3552, 3555, 3556, 3559, 3562, 3563, 3566, 3567, 3570, 3571, 3574, 3575, 3578, 3579, 3582, 3583, 3586, 3587, 3590, 3591, 3594, 3595, 3598, 3599, 3602, 3603, 3606, 3607, 3610, 3611, 3614, 3615, 3618, 3619, 3622, 3623, 3626, 3627, 3630, 3631, 69 |
| Win-2Kf Files | |
| Win-2Kf Processes | winIogon.exe |
| Win-2Kf Registries | |
| Win-2Kf Ports | 1029, 1074, 1075, 1078, 1079, 1082, 1083, 1086, 1087, 1090, 1091, 1094, 1095, 1097, 1098, 1101, 1102, 1105, 1106, 1108, 1109, 1111, 1112, 1115, 1116, 1119, 1120, 1123, 1124, 1127, 1128, 1131, 1132, 1135, 1136, 1139, 1140, 1142, 1143, 1146, 1147, 1150, 1151, 1154, 1155, 1158, 1159, 1162, 1163, 1166, 1167, 1170, 1171, 1174, 1175, 1177, 1178, 1181, 1182, 1184, 1187, 1188, 1191, 1192, 1194, 1477, 2057, 3250, 56922 |
| Create Events | |
| Create Files | |
| Create RegKeys | |
| Open RegKeys | |
| Service Starts | |
| Service Deletes | |
| Service Creates | |
| Cluster | |
| Cluster Confidence | |
| Packer ID1 | none |
| Packer ID2 | none |
| Embedded DNS | |
| String Count | |
| String Link | text |
| String MD5 | |
| Timerange | 365 Days |
| Unpack Status | unknown () |
| Countries | 1 |
| Unpacked Link | none[none] none [none] |
| Callgraph | none:nonenone:none |
| API Resolution | |
| Comment | none |