| | Infection | Listen | Egg-download |
|---|
| 445 (82%) | 1026 (71%)
135 (64%)
500 (64%)
1028 (29%)
6388 (29%) | 445 (92%)
73 (58%)
68 (29%) |
|
| | Processes |
|---|
MSMSGS.EXE (68%)
random 7/9
character filename |
|
| ...CurrentVersion\RunServices (100%)
...Microsoft\OLE (100%)
...InternetSettings\5.0 (33%)
...InternetSettings\Connections (33%)full list |
|
| 1:1390 (100%)
1:2001683 (100%)
1:2001944 (100%)
1:3003 (100%)
1:5001684 (100%)
1:99998 (100%)full list |
|
| | FTP | C&C |
|---|
pass=1 (100%)
server=NzmxFtpd 0wns j0 (100%)
user=1 (100%)
exec=firstswin.exe (50%)
exec=yfiswin.exe (43%) | 211.233.7.66 (11%) |
|
| | MD5 | Antivirus labels |
|---|
6c9335... (32%)
5e25ca... (21%)
e15c1e... (7%)diversity: 46.2%
full list | sdbot (100%)
rbot (70%)
spybot (65%)
ircbot (60%)
dcom (50%)
eggdrop (50%)full list |
|
