Cluster L
113 samples (Win2K-f (100%))
Ports
Infection
Listen
Egg-download
445 (100%)
135 (100%)
500 (100%)
1026 (100%)
445 (99%)
68 (52%)
Filenames
Processes
winamper.exe (67%)
Snort IDs
1:1390 (100%)
1:2001944 (100%)
1:99998 (100%)
1:3000006 (99%)
1:3003 (87%)
1:5001684 (53%)
full list
Network chatter
FTP
user=1 (92%)
pass=1 (91%)
server=StnyFtpd 0wns j0 (79%)
Static analysis
MD5
diversity: 50.0%
