| | Infection | Listen | Egg-download | Upload |
|---|
| usually 445 | 135 (100%)
500 (100%)
1026 (100%)
1027 (100%)
1028 (100%)
44445 (55%) | 445 (36%) | 44445 (54%) |
|
| |
| 1:3000004 (57%)
1:2000032 (55%)
1:99906 (55%)
1:2000046 (54%)
1:2466 (54%)
1:1390 (43%)
1:99998 (43%)
1:2001944 (36%)
1:3000006 (36%)
1:3003 (34%) |
|
| | FTP |
|---|
destport=1028 (96%)
exec=resource32w.exe (54%)
pass=a (53%)
user=a (53%)
server=WinFtpd 1.2 (52%)
destIP=10.2.32.201 (48%)
pass=1 (46%)
user=1 (46%)
server=StnyFtpd 0wns j0 (37%) |
|
| |