| | Infection | Listen | Egg-download |
|---|
445 (28%)
135 (20%)
139 (13%) | 135 (67%)
500 (67%)
1026 (67%)
44445 (27%) | 1034 (32%)
445 (25%)
1028 (25%) |
|
| | Processes | Executables |
|---|
MSMSGS.EXE (62%)
random 8
character filename | index.dat (100%) |
|
| 1:5001684 (82%)
1:2001683 (57%)
1:1390 (46%)
1:99913 (46%)
1:99998 (46%)
1:2001944 (25%)full list |
|
| | FTP | C&C |
|---|
server=- (100%)
pass=1 (72%)
user=1 (66%)
pass=a (28%)
exec=resource32w.exe (25%)
user=a (25%) | 67.43.226.210 (4%) |
|
| | MD5 | Antivirus labels | Domain |
|---|
e0d355... (20%)
04af72... (15%)
1f79d9... (13%)
0a0261... (9%)diversity: 43.5%
full list | sdbot (100%)
ircbot (96%)
poebot (83%)
vanbot (80%)
linkbot (78%)
agobot (43%)full list | paypal.com (100%) |
|
