| | Infection | Listen | Egg-download |
|---|
| usually 445 | 113 (49%)
135 (45%)
500 (45%)
1026 (45%) | 445 (71%)
73 (49%)
68 (44%) |
|
| | Processes |
|---|
MSMSGS.EXE (55%)
random 8/9/10 character filename |
|
| HKEY_LOCAL_MACHINE@...CurrentVersion\RunServices (95%)
HKEY_USERS@...Microsoft\OLE (45%)
HKEY_USERS@...InternetSettings\5.0 (45%) |
|
| 1:5001684 (95%)
1:2001683 (91%)
1:1390 (79%)
1:99998 (79%)
1:2001944 (69%)
1:3003 (68%)
1:3000006 (68%) |
|
| | FTP |
|---|
pass=1 (79%)
user=1 (79%)
server=StnyFtpd 0wns j0 (51%) |
|
| |