Packed MD5 15d4d85dc0f7797c27dd36168d1b048f 
Priority
First 06/10/2008 
Last 08/26/2008 
Count 11 
History 11 hits: 06-10 to 08-26 
Unpacked MD5  
AV Hits 32 
AV Count 32 
CC Servers 194.109.11.65:6556 194.109.11.65:6556 194.109.11.65:1023 
DNS Lookups NL:0x80.online-software.org NL:0x80.martiansong.com :0xff.memzero.info :0x80.my-secure.name NL:0x80.goingformars.com NL:0x80.my1x1.com 
Failed Connects NL:194.109.11.65:1023 NL:194.109.11.65:6556 
AV Name AhnLab-V3:IRCBot.19968.B, AntiVir:SdBot.19968, Authentium:Sdbot.MIU, Avast:_Agent-IDE, AVG:Agent.10.BA, BitDefender:Generic.Sdbot.99B2E6B1, CAT-QuickHeal:SdBot.afu, ClamAV:Codbot-22, DrWeb:Detox.based, eSafe:SdBot.afu, eTrust-Vet:Toxbot!generic, Ewido:Agent.ri, FileAdvisor:MISSED, Fortinet:DcomRpc.AFU!tr.bdr, F-Prot:Sdbot.MIU, F-Secure:Horst.gen33, Ikarus:Agent.ri, Kaspersky:Agent.ri, McAfee:Sdbot.gen, Microsoft:Codbot.BU, NOD32v2:Codbot, Norman:SDBot.SML, Panda:Codbot.BS.worm, Prevx1:MISSED, Rising:Codbot.cr, Sophos:Codbot-AB, Sunbelt:MISSED, Symantec:IRCbot, TheHacker:BackdoorSdBot.afu, VBA32:SdBot.afu, VirusBuster:Rbot.Gen.15, Webwasher-Gateway:SdBot.19968  
WinXP Files DLLHOST.EXE, SVCHOST.EXE  
WinXP Processes CMD.EXE, CSRSS.EXE, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE, dfrgfat32.exe  
WinXP Registries  
WinXP Ports 1034, 8277, 8333, 69, 1035, 11726, 4995  
Win-2Kf Files  
Win-2Kf Processes dfrgfat32.exe  
Win-2Kf Registries HKEY_USERS@...InternetSettings\\5.0, HKEY_USERS@...InternetSettings\\Connections  
Win-2Kf Ports 1031, 22944, 47913, 69, 1032, 18759, 60121, 1027  
Create Events  
Create Files  
Create RegKeys  
Open RegKeys  
Service Starts  
Service Deletes  
Service Creates  
Cluster  
Cluster Confidence  
Packer ID1 StarForce 
Packer ID2  
Embedded DNS  
String Count  
String Link text
String MD5  
Timerange 365 Days 
Unpack Status unknown (FAILED : 4 : Unpacking Timed Out) 
Countries
Unpacked Link none[4
Callgraph none:none 
API Resolution  
Comment none