| | Infection | Listen | Egg-download |
|---|
| 139 (45%) | 135 (65%)
500 (65%)
1026 (65%) | 139 (89%)
68 (44%)
73 (27%)
74 (27%) |
|
| | Processes | Executables |
|---|
MSMSGS.EXE (60%)
Tilecomnu.com (39%)
random 9
character filename | o (100%) |
|
| ...CurrentVersion\RunServices (99%)
...Microsoft\OLE (99%)
...InternetSettings\5.0 (40%)
...InternetSettings\Connections (35%)full list |
|
| 1:5001684 (100%)
1:1390 (89%)
1:99998 (89%)
1:3000005 (84%)
1:2001683 (79%) |
|
| | FTP | C&C |
|---|
pass=1 (100%)
user=1 (100%)
server=fuckFtpd 0wns j0 (83%)
exec=Tilecomnu.com (39%) | 63.173.172.98 (3%) |
|
| | MD5 | Antivirus labels | Domain |
|---|
| 2a7d99... (6%) diversity: 50.4%
full list | rbot (99%)
mybot (97%)
spybot (89%)
gaobot (85%)
ircbot (82%)
sdbot (73%)full list | clone.pm (83%)
box.cm (77%)
box.mv (77%)
box.net (77%)
box.ni (77%)
box.ps (77%)full list |
|
