| Packed MD5 | 41ec9d69c825bac987fe2e874bad57f0 |
| Priority | 1 |
| First | 08/04/2008 |
| Last | 08/12/2008 |
| Count | 5 |
| History | 5 hits: 08-04 to 08-12 |
| Unpacked MD5 | |
| AV Hits | 22 |
| AV Count | 32 |
| CC Servers | 67.149.121.39:13001 94.36.65.59:13001 |
| DNS Lookups | US:chat-shqip.org US:w3bs.chat-shqip.org |
| Failed Connects | US:24.192.170.232:12351 US:24.192.170.232:13001 |
| AV Name | AhnLab-V3:MISSED, AntiVir:Virut.U, Authentium:MISSED, Avast:_Agent-AABV, AVG:Virut, BitDefender:Virtob.4.Gen, CAT-QuickHeal:MISSED, ClamAV:Virut.Gen.C-49, DrWeb:MISSED, eSafe:MISSED, eTrust-Vet:MISSED, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:MetaCrypt.1, F-Prot:MISSED, F-Secure:MISSED, Ikarus:Virut.n, Kaspersky:MISSED, McAfee:MISSED, Microsoft:Virut.AF, NOD32v2:Virut.Q, Norman:Virut.N, Panda:MISSED, Prevx1:MISSED, Rising:Virut.aw, Sophos:MalTibsPak, Sunbelt:MISSED, Symantec:MISSED, TheHacker:MISSED, VBA32:MISSED, VirusBuster:Virut.Gen.5, Webwasher-Gateway:Spy.Games.A |
| WinXP Files | iexplorer.exe |
| WinXP Processes | CMD.EXE, CSRSS.EXE, EXPLORER.EXE, iexplorer.exe, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE |
| WinXP Registries | HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...CurrentVersion\\RunOnce |
| WinXP Ports | 1034, 12045, 15465, 1086, 1185, 1425, 1445, 1479, 1604, 1684, 1708, 2222, 2275, 2370, 2388, 2401, 2535, 2646, 2987, 2995, 3073, 3076, 3114, 3130, 3136, 3139, 3148, 3151, 3157, 3177, 3253, 3513, 3514, 3661, 3686, 3687, 3688, 3689, 3690, 3691, 3692, 3693, 3694, 3695, 3696, 3697, 3698, 3699, 3700, 3701, 3702, 3703, 3704, 3705, 3706, 3707, 3708, 3709, 3710, 3711, 3712, 3713, 3714, 3715, 3716, 3717, 3718, 3719, 3720, 3721, 3722, 3723, 3724, 3725, 3726, 3727, 3728, 3729, 3730, 3731, 3732, 3733, 3734, 3735, 3736, 3737, 3738, 3739, 3740, 3741, 3742, 3743, 3744, 3745, 3746, 3747, 3748, 3749, 3750, 3751, 3752, 3753, 3754, 3755, 3756, 3757, 3758, 3759, 3760, 3761, 3762, 3763, 3764, 3765, 3766, 3767, 3768, 3900, 4029, 4080, 4100, 4171, 4347, 4498, 4500, 4516, 4561, 4653, 4834, 4840, 4904 |
| Win-2Kf Files | |
| Win-2Kf Processes | drwtsn32.exe, iexplorer.exe |
| Win-2Kf Registries | HKEY_LOCAL_MACHINE@...CurrentVersion\RunServices, HKEY_USERS@...CurrentVersion\Run, HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...CurrentVersion\\Run |
| Win-2Kf Ports | 1030, 1030, 12045, 1686, 1687, 1688, 1689, 1690, 1691, 1692, 1693, 1694, 1695, 1696, 1697, 1698, 1699, 1700, 1701, 1702, 1703, 1704, 1705, 1706, 1707, 1708, 1709, 1710, 1711, 1712, 1713, 1714, 1715, 1716, 1717, 1718, 1719, 1720, 1721, 1722, 1723, 1724, 1725, 1726, 1727, 1728, 1729, 1730, 9136, 20431, 2571, 2572, 2573, 2574, 2575, 2576, 2577, 2578, 2579, 2580, 2581, 2582, 2583, 2584, 2585, 2586, 2587, 2588, 2589, 2590, 2591, 2592, 2593, 2594, 2595, 2596, 2597, 2598, 2599, 2600, 2601, 2602, 2603, 2604, 2605, 2606, 2607, 2608, 2609, 2610, 2611, 2612, 2613, 2614, 2615, 2616, 2617, 2618, 2619, 2620, 2621, 2622, 2623, 2624, 2625, 2626, 2627, 2628, 2629, 2630, 2631, 2632, 2633, 2634, 2635, 2636, 2637, 2638, 2639, 2640, 2641, 2642, 2643, 2644, 2645, 2646, 2647, 2648, 2649, 2650, 2651, 2652, 1033, 12428 |
| Create Events | |
| Create Files | |
| Create RegKeys | |
| Open RegKeys | |
| Service Starts | |
| Service Deletes | |
| Service Creates | |
| Cluster | |
| Cluster Confidence | |
| Packer ID1 | none |
| Packer ID2 | none |
| Embedded DNS | |
| String Count | |
| String Link | text |
| String MD5 | |
| Timerange | 365 Days |
| Unpack Status | unknown () |
| Countries | 2 |
| Unpacked Link | none[none] |
| Callgraph | none:none |
| API Resolution | |
| Comment | none |