| | Infection | Listen | Egg-download | Upload |
|---|
| 445 (100%) | 1033 (48%)
113 (30%) | 445 (91%)
1032 (74%) | 1032 (74%) |
|
| | Processes | Executables |
|---|
MSMSGS.EXE (100%)
random 6/8
character filename | HelpCtr.exe (89%)
HelpHost.exe (89%)
HelpSvc.exe (89%)
NOTEPAD.EXE (89%)
UploadM.exe (89%)
accwiz.exe (89%)full list |
|
| |
| 1:2001683 (100%)
1:5001684 (100%)
1:2000032 (86%)
1:2000033 (86%)
1:2466 (86%)
1:99913 (86%)full list |
|
| | FTP |
|---|
pass=1 (83%)
server=StnyFtpd 0wns j0 (83%)
user=1 (83%)
exec=sertys.exe (50%)
destIP=130.107.209.120 (33%)
destIP=130.107.227.96 (33%)full list |
|
| | MD5 | Antivirus labels | Domain |
|---|
999e33... (11%)
175328... (6%)
388123... (6%)
4daafe... (6%)
628df4... (6%)
6df73d... (6%)full list | virut (100%)
vipre (93%)
virutas (89%)
korgo (85%)
gen33 (78%)
padobot (78%)full list | *@admin.com (50%)
PAYPAL.COM (50%)
broadway.ny.us.dal.net (50%)
brussels.be.eu.undernet.o... (50%)
caen.fr.eu.undernet.org (50%)
ced.dal.net (50%)full list |
|