Packed MD5 2aa59ba4251795deda72738d1c67be7c 
Priority
First 06/19/2008 
Last 08/19/2008 
Count
History 9 hits: 02-10 to 08-19 
Unpacked MD5 2aa59ba4251795deda72738d1c67be7c  
AV Hits 28 
AV Count 32 
CC Servers 72.10.172.218:2938 72.10.172.218:7382 72.10.172.218:9928 
DNS Lookups CA:done.blacktiehsbdcs.com CA:japan.youngpeyatech.info CA:italian.swiifatecihno.com CA:fuck.urpal43sourpalhuh.com :preek.oihduhdd.net CA:dong.nagitiriheiwu.net CA:teek.ihshsd8.com 
Failed Connects CA:72.10.172.218:2938 CA:72.10.169.26:3938 CA:72.10.172.218:7382 CA:72.10.172.218:7763 CA:72.10.169.26:2293 
AV Name AhnLab-V3:DropperSramler.39936, AntiVir:TRAgent.143360.4, Authentium:Dropper.ENK, Avast:_Agent-IVV, AVG:Generic4.RPN, BitDefender:Dropper.Sramler.C, CAT-QuickHeal:TrojanDropper.Sramler.c, ClamAV:SdBot-5909, DrWeb:MulDrop.7432, eSafe:Sramler.c, eTrust-Vet:Linkbot.LO, Ewido:Downloader.Delf.ain, FileAdvisor:MISSED, Fortinet:PossibleThreat, F-Prot:Dropper.ENK, F-Secure:Agent.arc, Ikarus:BehavesLikeProcessHijack, Kaspersky:Agent.arc, McAfee:Generic.dx, Microsoft:Exploit_MS06040.gen, NOD32v2:MISSED, Norman:Agent.BVPZ, Panda:BckEggdrop.T, Prevx1:MISSED, Rising:MISSED, Sophos:Poebot-MH, Sunbelt:Trojan-Dropper.Sramler.c, Symantec:MISSED, TheHacker:MISSED, VBA32:MulDrop.6367, VirusBuster:RBot.NRF, Webwasher-Gateway:Agent.143360.4  
WinXP Files SVCHOST.EXE, o, wge23.exe  
WinXP Processes CMD.EXE, csrs.exe, CSRSS.EXE, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE, spooIsv.exe, defrag.exe, DfrgFat.exe  
WinXP Registries  
WinXP Ports 1034, 1034, 1171, 1481, 2061, 2574, 3026, 3027, 3029, 3030, 3032, 3033, 3036, 3037, 3040, 3041, 3044, 3045, 3048, 3049, 3052, 3053, 3056, 3057, 3060, 3061, 3064, 3065, 3068, 3069, 3071, 3072, 3075, 3076, 3079, 3080, 3083, 3084, 3087, 3088, 3090, 3091, 3094, 3095, 3098, 3099, 3102, 3103, 3106, 3107, 3110, 3111, 3114, 3115, 3118, 3119, 3122, 3123, 3126, 3127, 3130, 3131, 3134, 3135, 3138, 3139, 3142, 3143, 3146, 3147, 3150, 3151, 3154, 3155, 3158, 3159, 3162, 3163, 3166, 3167, 3170, 3171, 3174, 3175, 3178, 3179, 3182, 3183, 3186, 3187, 3190, 3191, 3194, 3195, 3198, 3199, 3202, 3203, 3206, 3207, 3210, 3211, 3214, 3215, 3218, 3219, 3222, 3225, 3226, 3229, 3230, 3233, 3234, 3237, 3238, 3241, 3242, 3245, 3246, 3249, 3250, 3253, 3255, 3256, 3257, 3260, 3261, 3263, 3264, 3267, 3268, 3271, 3272, 3275, 3276, 3279, 3280, 3283, 3284, 3287, 3288, 3291, 3292, 3295, 3296, 3299, 3300, 3302, 3303, 3306, 3307, 3310, 3311, 3314, 3315, 3318, 3319, 3322, 3323, 3326, 3327, 3330, 3331, 3334, 3335, 3338, 3339, 3342, 3343, 3346, 3347, 3350, 3351, 3354, 3355, 3358, 3359, 3362, 3365, 3366, 3369, 3370, 3373, 3374, 3377, 3378, 3381, 3382, 3385, 3386, 3389, 3392, 3393, 3396, 3397, 3400, 3403, 3404, 3407, 3408, 3411, 3412, 3415, 3416, 3419, 3420, 3423, 3424, 3427, 3428, 3431, 3432, 3435, 3436, 3439, 3440, 3443, 3444, 3447, 3448, 3451, 3452, 3454, 3455, 3458, 3459, 3462, 3463, 3466, 3467, 3470, 3471, 3474, 3475, 3478, 3479, 3482, 3483, 3486, 3487, 3490, 3491, 3494, 3495, 3497, 3498, 3501, 3502, 3505, 3506, 3509, 3510, 3513, 3514, 3517, 3518, 3520, 3521, 3524, 3525, 3528, 3529, 3532, 4450, 54216, 9996, 69  
Win-2Kf Files  
Win-2Kf Processes csrs.exe, winamp.exe, spooIsv.exe, Isass.exe  
Win-2Kf Registries  
Win-2Kf Ports 1033, 1170, 135, 1480, 2060, 2310, 2313, 2314, 2317, 2318, 2321, 2322, 2325, 2326, 2328, 2329, 2332, 2333, 2336, 2337, 2340, 2341, 2344, 2345, 2348, 2349, 2352, 2353, 2356, 2357, 2359, 2360, 2363, 2364, 2367, 2368, 2371, 2372, 2375, 2376, 2379, 2380, 2383, 2384, 2387, 2388, 2391, 2392, 2395, 2396, 2399, 2400, 2403, 2404, 2406, 2407, 2410, 2411, 2414, 2415, 2418, 2419, 2422, 2423, 2426, 2429, 2430, 2433, 2434, 2437, 2438, 2441, 2442, 2445, 2446, 2449, 2450, 2453, 2454, 2456, 2457, 2460, 2461, 2464, 2465, 2468, 2469, 2472, 2473, 2476, 2477, 2480, 2481, 2484, 2487, 2488, 2491, 2492, 2495, 2496, 2499, 2500, 2503, 2504, 2507, 2508, 2511, 2512, 2515, 2516, 2518, 2519, 2522, 2523, 2526, 2527, 2530, 2531, 2534, 2535, 2538, 2539, 2542, 2543, 2546, 2547, 2550, 2553, 2554, 2557, 2558, 2561, 2562, 2565, 2566, 2569, 2570, 2573, 2574, 2577, 2578, 2581, 2582, 2585, 2586, 2589, 2590, 2593, 2594, 2597, 2598, 2601, 2602, 2605, 2608, 2609, 2612, 2613, 2616, 2617, 2620, 2621, 2624, 2625, 2628, 2629, 2632, 2633, 2636, 2637, 2640, 2641, 2643, 2644, 2647, 2648, 2651, 2652, 2655, 2656, 2659, 2660, 2663, 2664, 2667, 2668, 2671, 2672, 2675, 2678, 2679, 2682, 2683, 2686, 2687, 2690, 2691, 2694, 2695, 2698, 2699, 2702, 2703, 2706, 2709, 2710, 2713, 2714, 2717, 2718, 2721, 2722, 2725, 2726, 2729, 2730, 2733, 2734, 2737, 2740, 2741, 2744, 2745, 2748, 2749, 2752, 2753, 2756, 2757, 2760, 2761, 2764, 2765, 2768, 2769, 2772, 2775, 2776, 2779, 2780, 2783, 2784, 2787, 2788, 2791, 2792, 2795, 2796, 2799, 2800, 2803, 2804, 2806, 2807, 2810, 2811, 2814, 2815, 2818, 2819, 2822, 3224, 56186, 44445, 1031, 1169, 1479, 2059, 2879, 2880, 2882, 2883, 2886, 2887, 2890, 2891, 2894, 2895, 2898, 2899, 2902, 2903, 2906, 2907, 2910, 2911, 2914, 2915, 2918, 2919, 2922, 2923, 2926, 2927, 2930, 2931, 2934, 2935, 2938, 2939, 2942, 2945, 2946, 2949, 2950, 2953, 2954, 2957, 2958, 2961, 2962, 2965, 2966, 2969, 2970, 2973, 2974, 2977, 2978, 2981, 2982, 2985, 2986, 2989, 2990, 2993, 2994, 2996, 2998, 2999, 3002, 3003, 3005, 3006, 3009, 3010, 3013, 3014, 3017, 3018, 3021, 3022, 3025, 3026, 3029, 3030, 3033, 3034, 3036, 3037, 3040, 3041, 3044, 3045, 3048, 3049, 3052, 3053, 3056, 3057, 3060, 3061, 3064, 3065, 3068, 3069, 3072, 3073, 3076, 3077, 3080, 3081, 3084, 3085, 3088, 3089, 3092, 3093, 3096, 3097, 3100, 3101, 3104, 3105, 3108, 3109, 3111, 3112, 3115, 3116, 3119, 3120, 3123, 3124, 3127, 3128, 3131, 3132, 3135, 3136, 3139, 3140, 3143, 3146, 3147, 3150, 3151, 3154, 3155, 3158, 3159, 3162, 3163, 3166, 3167, 3170, 3171, 3174, 3175, 3178, 3179, 3182, 3185, 3186, 3189, 3190, 3193, 3194, 3197, 3198, 3201, 3202, 3205, 3206, 3209, 3210, 3213, 3216, 3217, 3220, 3221, 3225, 3228, 3229, 3232, 3233, 3236, 3237, 3240, 3241, 3244, 3245, 3248, 3251, 3252, 3255, 3256, 3259, 3260, 3263, 3264, 3267, 3268, 3271, 3272, 3275, 3276, 3279, 3280, 3283, 3284, 3287, 3290, 3291, 3294, 3295, 3298, 3299, 3302, 3303, 3306, 3307, 3310, 3311, 3314, 3315, 3318, 3319, 3322, 3323, 3326, 3327, 3330, 3331, 3334, 3335, 3338, 3339, 3342, 3343, 3346, 3347, 3350, 3351, 3354, 3355, 3358, 3359, 3362, 3363, 3366, 3369, 3370, 3373, 3374, 3377, 3378, 3381, 3382, 3385, 3386, 3389, 3390, 3393, 53249  
Create Events  
Create Files  
Create RegKeys  
Open RegKeys  
Service Starts  
Service Deletes  
Service Creates  
Cluster  
Cluster Confidence  
Packer ID1 ASPack 
Packer ID2  
Embedded DNS  
String Count 10 
String Link text
String MD5 0e6333b0c5a5a6cb822bd2e11466e5ce 
Timerange 365 Days 
Unpack Status good (unpacked : 1 : Already Unpacked. (Code,Data) = (79.51%, 2.85%)) 
Countries
Unpacked Link 2aa59ba425 [1
Callgraph ASM:Graph 
API Resolution  
Comment none