Pattern JULYL

Ports	Infection Listen Egg-download Upload 445 (76%) 1033 (24%) 9996 (100%) 1032 (72%) 1033 (72%) 9996 (100%) 9996 (90%)
Filenames	Processes Executables MSMSGS.EXE (100%) ftp.exe (72%) random 8 character filename index.dat (100%) cmd.ftp (72%) random 8 character filename
Snort IDs	1:2000047 (100%) 1:2466 (100%) 1:99913 (100%) 1:3000004 (90%)
Network chatter	FTP user=anonymous (100%) pass=bin (97%) server=OK (97%) destport=1033 (72%) destIP=10.2.32.214 (28%)
Static analysis	MD5 Antivirus labels None (76%) 1a2c0e... (21%) full list jobaka (100%)