| Packed MD5 | 57b907a4746350dcbcf19d43d97dcc4e |
| Priority | 0 |
| First | 08/12/2008 |
| Last | 08/23/2008 |
| Count | 3 |
| History | 3 hits: 08-09 to 08-23 |
| Unpacked MD5 | |
| AV Hits | 35 0 |
| AV Count | 32 |
| CC Servers | 72.10.172.218:9928 72.10.172.218:7382 |
| DNS Lookups | CA:teek.ihshsd8.com CA:done.blacktiehsbdcs.com CA:italian.swiifatecihno.com :preek.oihduhdd.net |
| Failed Connects | CA:72.10.169.26:3938 CA:72.10.172.218:7382 |
| AV Name | AhnLab-V3:MISSED, AntiVir:MISSED, Authentium:MISSED, Avast:MISSED, AVG:MISSED, BitDefender:MISSED, CAT-QuickHeal:MISSED, ClamAV:MISSED, DrWeb:MISSED, eSafe:MISSED, eTrust-Vet:MISSED, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:MISSED, F-Prot:MISSED, F-Secure:MISSED, Ikarus:MISSED, Kaspersky:MISSED, McAfee:MISSED, Microsoft:MISSED, NOD32v2:MISSED, Norman:MISSED, Panda:MISSED, Prevx1:MISSED, Rising:MISSED, Sophos:MISSED, Sunbelt:MISSED, Symantec:MISSED, TheHacker:MISSED, VBA32:MISSED, VirusBuster:MISSED, Webwasher-Gateway:MISSED |
| WinXP Files | SVCHOST.EXE |
| WinXP Processes | CMD.EXE, CSRSS.EXE, defrag.exe, DfrgFat.exe, EXPLORER.EXE, LSASS.EXE, lssas.exe, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE |
| WinXP Registries | |
| WinXP Ports | |
| Win-2Kf Files | |
| Win-2Kf Processes | lssas.exe |
| Win-2Kf Registries | |
| Win-2Kf Ports | 1031, 1031, 1169, 135, 1479, 1625, 1625, 2059, 2633, 3795, 3797, 3798, 3801, 3802, 3805, 3806, 3809, 3810, 3813, 3814, 3817, 3818, 3820, 3821, 3824, 3825, 3828, 3829, 3832, 3833, 3836, 3837, 3840, 3841, 3844, 3845, 3847, 3848, 3851, 3852, 3855, 3856, 3859, 3860, 3863, 3864, 3867, 3868, 3871, 3872, 3875, 3876, 3879, 3880, 3883, 3884, 3886, 3887, 3890, 3891, 3894, 3895, 3898, 3899, 3902, 3903, 3906, 3907, 3910, 3911, 3914, 3915, 3918, 3919, 3922, 3923, 3926, 3927, 3930, 3931, 3934, 3935, 3937, 3938, 3941, 3942, 3945, 3946, 3949, 3950, 3953, 3954, 3957, 3958, 3961, 3962, 3965, 3966, 3969, 3970, 3973, 3974, 3977, 3978, 3981, 3984, 3985, 3988, 3989, 3992, 3993, 3996, 3997, 4000, 4001, 4004, 4005, 4008, 4009, 4012, 4013, 4016, 4017, 4020, 4023, 4024, 4027, 4028, 4031, 4032, 4035, 4036, 4039, 4040, 4043, 4044, 4047, 4048, 4051, 4052, 4055, 4056, 4059, 4060, 4062, 4063, 4066, 4067, 4070, 4071, 4074, 4075, 4078, 4079, 4082, 4083, 4086, 4087, 4090, 4091, 4094, 4095, 4098, 4099, 4102, 4103, 4106, 4107, 4110, 4111, 4114, 4115, 4118, 4119, 4122, 4123, 4126, 4127, 4129, 4130, 4133, 4134, 4137, 4138, 4141, 4142, 4145, 4146, 4149, 4150, 4153, 4154, 4157, 4158, 4161, 4164, 4165, 4168, 4169, 4172, 4173, 4176, 4177, 4180, 4181, 4184, 4185, 4188, 4189, 4192, 4193, 4196, 4197, 4200, 4203, 4204, 4207, 4208, 4211, 4212, 4215, 4216, 4219, 4220, 4223, 4224, 4227, 4228, 4231, 4232, 4235, 4236, 4239, 4242, 4243, 4246, 4247, 4250, 4251, 4254, 4255, 4258, 4259, 4262, 4263, 4266, 4267, 4270, 4271, 4274, 4275, 4278, 4279, 4282, 4283, 4286, 4287, 4290, 4291, 4294, 4295, 4298, 4299, 4302, 4303, 64672, 69 |
| Create Events | |
| Create Files | |
| Create RegKeys | |
| Open RegKeys | |
| Service Starts | |
| Service Deletes | |
| Service Creates | |
| Cluster | |
| Cluster Confidence | |
| Packer ID1 | none |
| Packer ID2 | none |
| Embedded DNS | |
| String Count | |
| String Link | text |
| String MD5 | |
| Timerange | 365 Days |
| Unpack Status | unknown () |
| Countries | 1 |
| Unpacked Link | none[none] none [none] |
| Callgraph | none:nonenone:none |
| API Resolution | |
| Comment | none |