Pattern AUGUST-C

Ports	Infection Listen Egg-download 445 (98%) 113 (78%) 135 (54%) 500 (54%) 1026 (54%) 445 (97%) 74 (47%) 68 (46%)
Filenames	Processes Executables MSMSGS.EXE (53%) random 6/8/9/10 character filename o (99%)
Registry keys	...CurrentVersion\RunServices (100%) ...InternetSettings\5.0 (48%) ...CurrentVersion\Run (35%) full list
Snort IDs	1:1390 (100%) 1:99998 (100%) 1:2001944 (99%) 1:2001683 (98%) 1:3000006 (97%) 1:5001684 (97%) full list
Network chatter	FTP pass=1 (100%) user=1 (100%) server=StnyFtpd 0wns j0 (80%)
Static analysis	MD5 Antivirus labels Domain 2f965d... (5%) full list vipre (93%) sdbot (82%) sheur (52%) heur (41%) spybot (36%) rbot (34%) full list *@admin.com (98%) paypal.com (79%) PAYPAL.COM (77%) de.yahoo.com (77%) nitro.ucsc.edu (77%) reconnect.in (77%) full list