Cluster Z
48 samples (WinXP (100%))
Ports
Infection
Listen
Upload
445 (100%)
44445 (69%)
44445 (69%)
Filenames
Processes
Executables
MSMSGS.EXE (100%)
index.dat (100%)
ftpupd.exe (31%)
Snort IDs
1:2000032 (100%)
1:2000033 (100%)
1:2466 (100%)
1:99913 (100%)
1:3000004 (69%)
1:2001683 (31%)
full list
Network chatter
FTP
user=a (100%)
Static analysis
MD5
diversity: N/A