Cluster AJ
24 samples (Win2K-f (71%)
WinXP (29%))
Ports
Infection
Egg-download
Upload
445 (62%)
1028 (75%)
44445 (81%)
Snort IDs
1:2001683 (100%)
1:5001684 (100%)
1:2000032 (94%)
1:2466 (94%)
1:3000004 (81%)
1:2000046 (69%)
full list
Network chatter
FTP
server=- (100%)
exec=resource32w.exe (94%)
pass=a (94%)
user=a (89%)
Static analysis
MD5
Antivirus labels
94f008... (12%)
7c0547... (8%)
diversity: 87.5%
full list
bobax (91%)
bobic (91%)
vipre (65%)
baxbo (61%)
proxed (57%)
mytob (43%)
full list
