| Packed MD5 | 89d021262bdd12d02f775ac6a9526503 |
| Priority | 2 |
| First | 07/29/2008 |
| Last | 08/15/2008 |
| Count | 8 |
| History | 8 hits: 07-29 to 08-15 |
| Unpacked MD5 | |
| AV Hits | 26 |
| AV Count | 32 |
| CC Servers | 63.173.172.98:6667 |
| DNS Lookups | |
| Failed Connects | US:63.173.172.98:6667 |
| AV Name | AhnLab-V3:MISSED, AntiVir:TRCrypt.NSPI.Gen, Authentium:Threat-HLLIN-Slipper-based!Maximus, Avast:MISSED, AVG:RBot.KA, BitDefender:GenPack_Generic.Sdbot.A3243F01, CAT-QuickHeal:Rbot.aus, ClamAV:PUA.Packed.NPack-3, DrWeb:MISSED, eSafe:MISSED, eTrust-Vet:MISSED, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:MISSED, F-Prot:Threat-HLLIN-Slipper-based!Maximus, F-Secure:Rbot.aus, Ikarus:Packed.Klone.af, Kaspersky:Rbot.aus, McAfee:MISSED, Microsoft:MISSED, NOD32v2:MISSED, Norman:Suspicious_N.gen, Panda:MISSED, Prevx1:MISSED, Rising:Rbot.GEN, Sophos:MalPacker, Sunbelt:MISSED, Symantec:Spybot.Worm, TheHacker:Behav-Heuristic-063, VBA32:MISSED, VirusBuster:PackedNSPack, Webwasher-Gateway:Crypt.NSPI.Gen |
| WinXP Files | |
| WinXP Processes | CMD.EXE, CSRSS.EXE, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, Tilesys.com, WINLOGON.EXE, defrag.exe, DfrgFat.exe |
| WinXP Registries | HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\.key, HKEY_LOCAL_MACHINE@...Classes\.key, HKEY_LOCAL_MACHINE@...CurrentVersion\RunServices, HKEY_USERS@...Microsoft\OLE, HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\\.key, HKEY_LOCAL_MACHINE@...Classes\\.key, HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...Microsoft\\OLE |
| WinXP Ports | 1034, 1034, 34843, 4838, 4839, 4840, 4841, 4842, 4843, 4844, 4845, 4846, 4847, 4848, 4849, 4850, 4851, 4852, 4853, 4854, 4855, 4856, 4857, 4858, 4859, 4860, 4861, 4862, 4863, 4864, 4865, 4866, 4867, 4868, 4869, 4870, 4871, 4872, 4873, 4874, 4875, 4876, 3278, 3031, 3032, 3033, 3034, 3035, 3036, 3037, 3038, 3039, 3040, 3041, 3042, 3043, 3044, 3045, 3046, 3047, 3048, 3049, 3050, 3051, 3052, 3053, 3054, 3055, 3056, 3057, 3058, 3059, 3060, 3061, 3062, 3063, 3064, 3065, 3066, 3067, 3068, 3069, 3070, 3071, 3072, 3073, 3074, 3075, 3076, 3077, 3078, 3079, 3080, 3081, 3082, 3083, 43568, 1044, 4283, 4284, 4285, 4286, 4287, 4288, 4289, 4290, 4291, 4292, 4293, 4294, 4295, 4296, 4297, 4298, 4299, 4300, 4301, 4302, 4303, 4304, 4305, 4306, 4307, 4308, 4309, 4310, 4311, 4312, 4313, 4314, 4315, 4316, 4317, 4318, 4319, 4320, 4321, 4322, 4323, 4324, 4325, 4326, 4327, 4328, 4329, 4330, 4331, 4332, 4333, 4334, 4335, 4336, 4337, 4338, 4339, 4340, 4341, 4342, 43424, 4343, 4344, 4345, 4346, 4347 |
| Win-2Kf Files | |
| Win-2Kf Processes | Tilesys.com |
| Win-2Kf Registries | HKEY_CLASSES_ROOT@...HKEY_CLASSES_ROOT\\.key, HKEY_LOCAL_MACHINE@...Classes\\.key, HKEY_LOCAL_MACHINE@...CurrentVersion\\RunServices, HKEY_USERS@...InternetSettings\\5.0, HKEY_USERS@...InternetSettings\\Connections, HKEY_USERS@...Microsoft\\OLE |
| Win-2Kf Ports | 1029, 2040, 2041, 2042, 2043, 2044, 2045, 2046, 2047, 2048, 2049, 2050, 2051, 2052, 2053, 2054, 2055, 2056, 2057, 2058, 2059, 2060, 2061, 2062, 2063, 2064, 2065, 2066, 2067, 2068, 2069, 2070, 2071, 2072, 2073, 2074, 2075, 2076, 2077, 2078, 2079, 2080, 2081, 2082, 2083, 2084, 2085, 2086, 2087, 2088, 2089, 2090, 2091, 2092, 2093, 2094, 2095, 2096, 2097, 2098, 2099, 2100, 2101, 2102, 2103, 2104, 54122, 3278, 1031, 32119, 3332, 3333, 3334, 3335, 3336, 3337, 3338, 3339, 3340, 3341, 3342, 3343, 3344, 3345, 3346, 3347, 3348, 3349, 3350, 3351, 3352, 3353, 3354, 3355, 3356, 3357, 3358, 3359, 3360, 3361, 3362, 3363, 3364, 3365, 3366, 3367, 3368, 3369, 3370, 3371, 3372, 3373, 3374, 3375, 3376, 3377, 3378, 3379, 3380, 3381, 3382, 3383, 3384, 1047, 2219, 2220, 2221, 2222, 2223, 2224, 2225, 2226, 2227, 2228, 2229, 2230, 2231, 2232, 2233, 2234, 2235, 2236, 2237, 2238, 2239, 2240, 2241, 2242, 2243, 2244, 2245, 2246, 2247, 2248, 2249, 2250, 2251, 48865 |
| Create Events | |
| Create Files | |
| Create RegKeys | |
| Open RegKeys | |
| Service Starts | |
| Service Deletes | |
| Service Creates | |
| Cluster | |
| Cluster Confidence | |
| Packer ID1 | none |
| Packer ID2 | none |
| Embedded DNS | |
| String Count | |
| String Link | text |
| String MD5 | |
| Timerange | 365 Days |
| Unpack Status | unknown () |
| Countries | 4 |
| Unpacked Link | none[none] |
| Callgraph | none:none |
| API Resolution | |
| Comment | none |