| | Infection | Listen | Egg-download | Upload |
|---|
| 445 (99%) | 44445 (100%)
135 (76%)
500 (76%)
1026 (76%) | 68 (71%) | 44445 (100%) |
|
| | Processes | Executables |
|---|
MSMSGS.EXE (31%)
random 9
character filename | Abort (78%)
random 17
character filename |
|
| ...CurrentVersion\RunServices (99%)
...Microsoft\OLE (99%)
...InternetSettings\5.0 (68%)
...InternetSettings\Connections (68%)full list |
|
| 1:2000032 (100%)
1:2466 (100%)
1:3000004 (100%)
1:5001684 (100%)
1:2001683 (98%)
1:2000046 (75%)full list |
|
| | FTP |
|---|
exec=resource32w.exe (100%)
pass=a (99%)
user=a (99%)
server=WinFtpd 1.2 (96%) |
|
| | MD5 | Antivirus labels | Domain |
|---|
7fdfe3... (69%)
None (21%)full list | sdbot (98%)
spybot (98%)
rbot (97%)
mybot (91%)
sdbo (90%) | *@celestial.org (94%) |
|