| | Infection | Listen | Egg-download |
|---|
| 139 (52%) | 1026 (69%)
135 (68%)
500 (68%) | 139 (100%)
73 (40%)
68 (38%) |
|
| | Processes |
|---|
MSMSGS.EXE (64%)
MSNGR32.com (47%)
Tilecomfree.com (41%) |
|
| ...CurrentVersion\RunServices (99%)
...Microsoft\OLE (99%)
...ProductName\ProductID (53%)
...Software\ProductName (53%)
...HKEY_CLASSES_ROOT\.key (39%)
...Classes\.key (39%)full list |
|
| 1:1390 (100%)
1:3000005 (100%)
1:5001684 (100%)
1:99998 (100%)
1:2001683 (62%) |
|
| | FTP | C&C |
|---|
pass=1 (100%)
server=fuckFtpd 0wns j0 (100%)
user=1 (100%)
exec=MSNGR32.com (53%)
exec=Tilecomfree.com (41%) | 63.173.172.98 (4%) |
|
| | MD5 | Antivirus labels |
|---|
| 829e9e... (6%) diversity: 27.5%
full list | rbot (100%)
ircbot (71%)
spybot (61%)
mybot (54%)
cakl (44%)
muldrop (44%)full list |
|
