Packed MD5 01072594955174192f3af436df92ca16 
Priority
First 10/21/2009 
Last 10/21/2009 
Count  
History  
Unpacked MD5 4f6fcecea3cfaeca1086499e8b2d9aa1  
AV Hits 0 7 17 37 7 10 13 
AV Count 32 
CC Servers 91.212.220.75:65520 
DNS Lookups EU:proxim.ircgalaxy.pl CN:www.brans.pl :nenastiya.cn EU:sleepatnight.cn :bfkq.com :jsactivity.com CN:www.petdoso.com US:search.toptravellingtips.com :www.toptravellingtips.com US:search.articleswave.co.uk 
Failed Connects 173.45.105.218:8392 CN:202.97.184.196:81 CN:218.93.205.30:65520 
AV Name AhnLab-V3:MISSED, AntiVir:TRDldr.Agent.LF, Authentium:MISSED, Avast:MISSED, AVG:MISSED, BitDefender:MISSED, CAT-QuickHeal:MISSED, ClamAV:MISSED, DrWeb:Inject.6445, eSafe:MISSED, eTrust-Vet:MISSED, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:Krap.AH, F-Prot:MISSED, F-Secure:Suspicious_Malware!Gemini, Ikarus:Packed.Krap, Kaspersky:Packed.Krap.ah, McAfee:MISSED, Microsoft:VirTool_Obfuscator.HG, NOD32v2:MISSED, Norman:MISSED, Panda:MISSED, Prevx1:MISSED, Rising:MISSED, Sophos:MISSED, Sunbelt:MISSED, Symantec:Packed.Generic.258, TheHacker:MISSED, VBA32:MISSED, VirusBuster:MISSED, Webwasher-Gateway:MISSED  
WinXP Files 5.tmp, 6.tmp, accwiz.exe, actmovie.exe, agentsvr.exe, ahui.exe, alg.exe, arp.exe, asr_fmt.exe, asr_ldm.exe, at.exe, atmadm.exe, attrib.exe, bootcfg.exe, bootok.exe, bootvrfy.exe, cacls.exe, calc.exe, charmap.exe, chkdsk.exe, chkntfs.exe, cidaemon.exe, cipher.exe, cisvc.exe, ckcnv.exe, cleanmgr.exe, cliconfg.exe, clipbrd.exe, clipsrv.exe, cmd.exe, cmdl32.exe, cmmon32.exe, cmstp.exe, compact.exe, comp.exe, comrepl.exe, conime.exe, control.exe, convert.exe, cscript.exe, ctfmon.exe, dcomcnfg.exe, ddeshare.exe, defrag.exe, dfrgfat.exe, dfrgntfs.exe, diantz.exe, diskpart.exe, diskperf.exe, dllhost.exe, dllhst3g.exe, dmadmin.exe, dmremote.exe, doskey.exe, dplaysvr.exe, dpnsvr.exe, dpvsetup.exe, driverquery.exe, drwtsn32.exe, dumprep.exe, dvdplay.exe, dvdupgrd.exe, dxdiag.exe, esentutl.exe, eudcedit.exe, eventcreate.exe, eventtriggers.exe, eventvwr.exe, expand.exe, extrac32.exe, fc.exe, find.exe, findstr.exe, finger.exe, fixmapi.exe, fontview.exe, forcedos.exe, freecell.exe, fsutil.exe, ftp.exe, ftpupd.exe, getmac.exe, gpresult.exe, gpupdate.exe, grpconv.exe, HelpCtr.exe, help.exe, HelpHost.exe, HelpSvc.exe, hh.exe, hostname.exe, ie4uinit.exe, iexpress.exe, imapi.exe, Install.txt, ipconfig.exe, ipsec6.exe, ipv6.exe, ipxroute.exe, label.exe, lights.exe, lnkstub.exe, locator.exe, lodctr.exe, logagent.exe, logman.exe, logoff.exe, logon.scr, logonui.exe, lpq.exe, lpr.exe, lsm32.sys, magnify.exe, makecab.exe, migload.exe, migpwd.exe, migwiz_a.exe, migwiz.exe, mmc.exe, mnmsrvc.exe, mobsync.exe, mofcomp.exe, mountvol.exe, mplay32.exe, mpnotify.exe, mqbkup.exe, mqsvc.exe, mqtgsvc.exe, mrinfo.exe, msconfig.exe, msdtc.exe, msg.exe, mshearts.exe, mshta.exe, msiexec.exe, msoobe.exe, mspaint.exe, msswchx.exe, mstinit.exe, mstsc.exe, narrator.exe, nbtstat.exe, nddeapir.exe, net1.exe, netdde.exe, net.exe, netsetup.exe, netsh.exe, netstat.exe, NOTEPAD.EXE, notiflag.exe, nppagent.exe, nslookup.exe, ntbackup.exe, ntsd.exe, ntvdm.exe, nwscript.exe, odbcad32.exe, odbcconf.exe, oobebaln.exe, openfiles.exe, osk.exe, osuninst.exe, ounehcmd.exe, packager.exe, pathping.exe, pentnt.exe, perfmon.exe, ping6.exe, ping.exe, print.exe, progman.exe, proquota.exe, proxycfg.exe, qappsrv.exe, qprocess.exe, qwinsta.exe, rasautou.exe, rasdial.exe, rasphone.exe, rcimlby.exe, rcp.exe, rdpclip.exe, rdsaddin.exe, rdshost.exe, recover.exe, relog.exe, replace.exe, reset.exe, rexec.exe, route.exe, routemon.exe, rsh.exe, rsm.exe, rsmsink.exe, rsmui.exe, rsnotify.exe, rsopprov.exe, rstrui.exe, rsvp.exe, rtcshare.exe, runas.exe, rundll32.exe, runonce.exe, rwinsta.exe, savedump.exe, scardsvr.exe, sc.exe, schtasks.exe, scrcons.exe, scrnsave.scr, sdbinst.exe, secedit.exe, sessmgr.exe, sethc.exe, setup.exe, sfc.exe, shadow.exe, shmgrate.exe, shrpubw.exe, shutdown.exe, sigverif.exe, skeys.exe, smlogsvc.exe, sndrec32.exe, sndvol32.exe, sol.exe, sort.exe, spider.exe, srdiag.exe, ss3dfo.scr, ssbezier.scr, ssflwbox.scr, ssmarque.scr, ssmypics.scr, ssmyst.scr, sspipes.scr, ssstars.scr, sstext3d.scr, stimon.exe, subst.exe, syncapp.exe, syskey.exe, sysocmgr.exe, systeminfo.exe, systray.exe, taskkill.exe, tasklist.exe, taskman.exe, taskmgr.exe, tcmsetup.exe, tcpsvcs.exe, telnet.exe, tftp.exe, tlntadmn.exe, tlntsess.exe, tlntsvr.exe, tourstart.exe, tracerpt.exe, tracert6.exe, tracert.exe, tscon.exe, tscupgrd.exe, tsdiscon.exe, tskill.exe, tsshutdn.exe, twunk_32.exe, typeperf.exe, unlodctr.exe, unsecapp.exe, UploadM.exe, upnpcont.exe, ups.exe, userinit.exe, usrmlnka.exe, usrprbda.exe, usrshuta.exe, utilman.exe, verifier.exe, VRT2.tmp, VRT3.tmp, vssadmin.exe, vssvc.exe, w32tm.exe, wbemtest.exe, wextract.exe, wiaacmgr.exe, winhlp32.exe, winmgmt.exe, winmine.exe, winmsd.exe, winver.exe, wmiadap.exe, wmiapsrv.exe, wmic.exe, wmiprvse.exe, wmpstub.exe, wpabaln.exe, wpnpinst.exe, write.exe, wscript.exe, wuauclt.exe, wupdmgr.exe, x1c87269.dll, xcopy.exe  
WinXP Processes CMD.EXE, CSRSS.EXE, dwwin.exe, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, SPOOLSV.EXE, SVCHOST.EXE, VRT3.tmp, WINLOGON.EXE  
WinXP Registries HKEY_LOCAL_MACHINE@...Microsoft\DownloadManager, HKEY_LOCAL_MACHINE@...Microsoft\Wireless, HKEY_USERS@...InternetExplorer\International  
WinXP Ports 1036, 1036, 1041, 1064, 1065, 1070, 1039, 1043, 1053  
Win-2Kf Files  
Win-2Kf Processes  
Win-2Kf Registries  
Win-2Kf Ports  
Create Events  
Create Files  
Create RegKeys  
Open RegKeys  
Service Starts  
Service Deletes  
Service Creates  
Cluster  
Cluster Confidence  
Packer ID1 tElock 
Packer ID2  
Embedded DNS  
String Count 134 
String Link text
String MD5 a2b39fdd1532728cb1b1c41d960b8a07 
Timerange 365 Days 
Unpack Status unknown (FAILED : 4 : Unpacking Timed Out) 
Countries
Unpacked Link  
Callgraph  
API Resolution  
Comment none