Cluster AL
21 samples (WinXP (100%))
Ports
Infection
Listen
Egg-download
Upload
445 (71%)
1028 (100%)
1032 (87%)
1032 (87%)
Filenames
Processes
Executables
MSMSGS.EXE (100%)
dwwin.exe (38%)
ftpupd.exe (100%)
Snort IDs
1:2000032 (100%)
1:2000033 (100%)
1:2001683 (100%)
1:2466 (100%)
1:3000000 (100%)
1:3000003 (100%)
full list
Static analysis
MD5
Antivirus labels
2e9c2f... (19%)
87a78a... (14%)
0313a9... (10%)
561de8... (10%)
76b306... (10%)
923941... (10%)
diversity: 57.1%
full list
korgo (100%)
pepatch (100%)
resourcer (100%)
horst (90%)
luder (90%)
lsabot (81%)
full list
