| Infection | Listen | Egg-download | Upload |
---|
445 (92%) | 135 (52%)
500 (52%)
1026 (52%)
44445 (31%)
69 (28%) | 445 (70%)
1028 (35%) | 44445 (27%) |
|
| Processes | Executables |
---|
MSMSGS.EXE (60%)
random 6/8/9 character filename | index.dat (50%)
ftpupd.exe (40%)
o (40%) |
|
| ...Microsoft\Wireless (62%)
...CurrentVersion\RunServices (38%)full list |
|
| 1:5001684 (76%)
1:2001683 (62%)
1:2000032 (49%)
1:2466 (49%)
555:5555005 (49%)
1:1390 (46%)full list |
|
| FTP |
---|
server=- (78%)
pass=1 (63%)
user=1 (44%)
exec=resource32w.exe (37%)
pass=a (37%)
user=a (33%) |
|
| MD5 | Antivirus labels | Domain |
---|
2aa59b... (14%)
7d99b0... (14%)
04af72... (8%)
0a0261... (8%)
97ac56... (8%)
6f4858... (5%)full list | sdbot (67%)
linkbot (56%)
rbot (47%)
poebot (42%)
ircbot (36%)
possiblethreat (31%)full list | SOFTWARE\Classes\Applicat... (100%)
paypal.com (100%)
..έ..Π..Z..\ΠΡΡΡΡ..ΠΡΡX... (43%)full list |
|