| | Infection | Listen | Egg-download | Upload |
|---|
| 445 (100%) | 80 (100%) | 1032 (94%) | 80 (91%) |
|
| | Processes | Executables |
|---|
| MSMSGS.EXE (100%) | DCPROMO.LOG (100%)
index.dat (100%)
ndisrd.sys (100%)
random 6/7/8
character filename |
|
| ...ActivatingDocument\.Current (100%)
...CurrentVersion\InternetSettings (100%)
...FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN (100%)
...InternetSettings\Zones (100%)
...Main\FeatureControl (100%)
...Microsoft\Windows (100%)full list |
|
| 1:2000032 (100%)
1:2000033 (100%)
1:2001683 (100%)
1:2466 (100%)
1:3000000 (100%)
1:5001684 (100%)full list |
|
| | MD5 | Antivirus labels | Domain |
|---|
a12cab... (79%)
df17a6... (9%)full list | berbew (100%)
berkor (100%)
doxpar (100%)
padobot (100%)
korgo (94%)
padodor (79%) | 53bank.com (100%)
acrolein-hawk.rubanking.h... (100%)
alfabank.ru (100%)
asmworm.com (100%)
atmacasoft.com (100%)
barclays.com (100%)full list |
|