| Packed MD5 | a894e6640a6e45d36fa7e7c1ba5d7a25 |
| Priority | 1 |
| First | 06/29/2009 |
| Last | 10/30/2009 |
| Count | |
| History | |
| Unpacked MD5 | 2a62540340ece7cb489f71bfc2410230 |
| AV Hits | 38 |
| AV Count | 32 |
| CC Servers | 67.43.236.66:8080 72.10.172.211:8080 |
| DNS Lookups | CA:xx.ka3ek.com :idfc.info :zone2tech.info :xx.enterhere.biz |
| Failed Connects | 67.215.1.206:80 CA:67.43.226.242:8080 CA:67.43.236.66:8080 |
| AV Name | AhnLab-V3:Win-Packed.6656, AntiVir:BDSBackdoor.Gen, Authentium:Backdoor!395f, Avast:_Rbot-GBK, AVG:Agobot.CFA, BitDefender:Vanbot.CQ, CAT-QuickHeal:Rbot.bnh, ClamAV:Mybot-8395, DrWeb:IRC.Sdbot.945, eSafe:VanBot.ax, eTrust-Vet:Linkbot!generic, Ewido:MISSED, FileAdvisor:MISSED, Fortinet:MS06040.A!tr.bdr, F-Prot:Backdoor!395f, F-Secure:VanBot.oj, Ikarus:Trojan-Spy.Pophot, Kaspersky:VanBot.oj, McAfee:Gaobot.gen, Microsoft:Poebot.gen, NOD32v2:MISSED, Norman:Packed_Upack.A, Panda:MISSED, Prevx1:MISSED, Rising:VanBot.cv, Sophos:Poebot-KG, Sunbelt:SDBot, Symantec:IRCBot.Gen, TheHacker:BackdoorVanBot.ax, VBA32:VanBot.dt, VirusBuster:Poebot.BR, Webwasher-Gateway:MISSED |
| WinXP Files | SVCHOST.EXE |
| WinXP Processes | CMD.EXE, CSRSS.EXE, EXPLORER.EXE, LSASS.EXE, MSMSGS.EXE, SERVICES.EXE, spooIsv.exe, SPOOLSV.EXE, SVCHOST.EXE, WINLOGON.EXE |
| WinXP Registries | |
| WinXP Ports | 1031, 1034, 135, 2182, 2183, 2184, 2185, 2186, 2187, 2188, 2189, 2190, 2191, 2192, 2193, 2194, 2195, 2196, 2197, 2198, 2199, 2200, 2201, 2202, 2203, 2204, 2205, 2206, 2207, 2208, 2209, 2210, 2211, 2212, 2213, 2214, 2215, 2216, 2217, 2218, 2219, 2220, 32284 |
| Win-2Kf Files | |
| Win-2Kf Processes | winamp.exe |
| Win-2Kf Registries | |
| Win-2Kf Ports | 1027, 1031, 1031, 135, 1803, 1804, 1805, 1806, 1807, 1808, 1809, 1810, 1811, 1812, 1813, 1814, 1815, 1816, 1817, 1818, 1819, 1820, 1821, 1822, 1823, 1824, 1825, 1826, 1827, 1828, 1829, 1830, 1831, 1832, 1833, 1834, 1835, 1836, 1837, 1838, 1839, 1840, 1841, 1842, 1843, 1844, 1845, 1846, 1847, 1848, 1849, 1850, 1851, 1852, 1853, 1854, 1855, 1856, 1857, 1858, 1859, 1860, 1861, 1862, 1863, 1864, 1865, 1866, 1867, 1868, 1869, 1870, 1871, 1872, 1873, 1874, 1875, 1876, 1877, 1878, 1879, 1880, 1881, 1882, 1883, 1884, 1885, 1886, 1887, 1888, 1889, 1890, 1891, 1892, 1893, 1894, 1895, 1896, 1897, 1898, 1899, 1900, 1901, 1902, 1903, 1904, 1905, 1906, 1907, 1908, 1909, 1910, 1911, 1912, 1913, 1914, 1915, 1916, 1917, 1918, 1919, 1920, 1921, 1922, 1923, 1924, 1925, 1926, 1927, 1928, 1929, 1930, 1931, 1932, 1933, 1934, 1935, 1936, 1937, 1938, 1939, 1940, 1941, 1942, 1943, 1944, 1945, 1946, 1947, 1948, 1949, 1950, 1951, 1952, 1953, 1954, 1955, 1956, 1957, 1958, 1959, 1960, 1961, 1962, 1963, 1964, 1965, 1966, 1967, 1968, 1969, 1970, 1971, 1972, 1973, 1974, 1975, 1976, 1977, 1978, 1979, 1980, 1981, 1982, 1983, 1984, 1985, 1986, 1987, 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023, 2024, 2025, 2026, 2027, 2028, 2029, 2030, 2031, 2032, 2033, 2034, 2035, 2036, 2037, 2038, 2039, 2040, 2041, 2042, 2043, 2044, 2045, 2046, 2047, 2048, 2049, 2050, 2051, 2052, 2053, 2054, 2055, 2056, 2057, 2058, 42237 |
| Create Events | |
| Create Files | |
| Create RegKeys | |
| Open RegKeys | |
| Service Starts | |
| Service Deletes | |
| Service Creates | |
| Cluster | |
| Cluster Confidence | |
| Packer ID1 | PolyEnE |
| Packer ID2 | |
| Embedded DNS | |
| String Count | |
| String Link | text |
| String MD5 | |
| Timerange | 365 Days |
| Unpack Status | unknown ( : 0 : Unpacking Provided Binary. (Code,Data) = (, )) |
| Countries | 1 |
| Unpacked Link | |
| Callgraph | |
| API Resolution | |
| Comment | none |