| | Infection | Listen | Egg-download | Upload |
|---|
| 445 (99%) | 44445 (98%)
135 (73%)
500 (73%)
1026 (73%) | 68 (65%) | 44445 (97%) |
|
| | Processes | Executables |
|---|
MSMSGS.EXE (35%)
random 9
character filename | Abort (61%)
random 17
character filename |
|
| ...CurrentVersion\RunServices (99%)
...Microsoft\OLE (97%)
...InternetSettings\5.0 (64%)
...InternetSettings\Connections (63%)full list |
|
| 1:2466 (98%)
1:2000032 (98%)
1:3000004 (98%)
1:5001684 (97%)
1:2001683 (95%)
555:5555005 (72%)full list |
|
| | FTP |
|---|
exec=resource32w.exe (96%)
pass=a (96%)
user=a (96%)
server=WinFtpd 1.2 (92%) |
|
| | MD5 | Antivirus labels | Domain |
|---|
7fdfe3... (65%)
None (21%)full list | sdbot (98%)
spybot (97%)
rbot (96%)
mybot (91%)
sdbo (89%) | *@celestial.org (94%) |
|