Pattern JUL-AUGK

73 samples (WinXP (100%))


Ports
InfectionListenUpload
445 (96%)44445 (90%)
1032 (83%)
1033 (83%)
44445 (89%)
Filenames
ProcessesExecutables
MSMSGS.EXE (100%)
ftp.exe (81%)
index.dat (99%)
o (81%)
Snort IDs
1:2000032 (92%)
1:2000033 (92%)
1:2466 (92%)
1:99913 (92%)
1:3000004 (90%)
Network chatter
FTP
user=a (88%)
destport=1033 (86%)
pass=a (86%)
server=WinFtpd 1.2 (85%)
exec=resource32w.exe (83%)
destIP=10.2.32.214 (32%)
Static analysis
MD5
None (99%)