Packed MD5 3e209ce7967911e457e77d6a430f0329 
Priority
First 06/19/2008 
Last 08/30/2008 
Count
History 3 hits: 06-19 to 08-30 
Unpacked MD5  
AV Hits 32 
AV Count 32 
CC Servers  
DNS Lookups  
Failed Connects  
AV Name AhnLab-V3:Virut.D, AntiVir:Sasser.C, Authentium:Sasser.C, Avast:_Sasser-C, AVG:I-Sasser.C, BitDefender:Sasser.C, CAT-QuickHeal:Virut.F, ClamAV:Virut.Gen.C-49, DrWeb:Virut.5, eSafe:MISSED, eTrust-Vet:Virut.10639.A, Ewido:Sasser.a, FileAdvisor:MISSED, Fortinet:MetaCrypt.1, F-Prot:Sasser.C, F-Secure:Sasser.a, Ikarus:Email-Plexus, Kaspersky:Sasser.a, McAfee:Virut.gen, Microsoft:Virut.AC, NOD32v2:Virut.Q, Norman:Virut.U, Panda:Sasser.C.worm, Prevx1:Suspicious, Rising:Virut.aw, Sophos:Vetor-A, Sunbelt:MISSED, Symantec:Virut.U, TheHacker:Virut.gen2, VBA32:Virut.q, VirusBuster:Sasser.C, Webwasher-Gateway:Sasser.C  
WinXP Files 10968_up.exe, 24161_up.exe, 24449_up.exe, 31354_up.exe, avserve2.exe  
WinXP Processes avserve2.exe, CMD.EXE, CSRSS.EXE, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE  
WinXP Registries HKEY_LOCAL_MACHINE@...Reliability\\UserDefined  
WinXP Ports 1031, 1049, 1233, 1248, 1369, 1440, 1459, 1700, 1715, 1719, 1745, 1747, 1753, 1773, 2036, 2062, 2120, 2237, 2250, 2331, 2416, 2723, 2731, 2861, 2885, 2886, 2887, 3927, 3938, 4028, 4044, 4120, 4142, 4147, 4247, 4261, 4263, 4760, 4763, 4804, 4822, 4846, 4864, 4876, 4963, 4984, 5554, 9996, 2124, 2125, 2884  
Win-2Kf Files  
Win-2Kf Processes  
Win-2Kf Registries  
Win-2Kf Ports  
Create Events  
Create Files  
Create RegKeys  
Open RegKeys  
Service Starts  
Service Deletes  
Service Creates  
Cluster  
Cluster Confidence  
Packer ID1 none 
Packer ID2 none 
Embedded DNS  
String Count  
String Link text
String MD5  
Timerange 365 Days 
Unpack Status unknown (FAILED : 4 : Unpacking Timed Out) 
Countries
Unpacked Link none[4
Callgraph none:none 
API Resolution  
Comment none