| | Infection | Listen | Egg-download | Upload |
|---|
| usually 139 | 135 (100%)
500 (100%)
1026 (100%)
1028 (92%)
1029 (83%) | 139 (92%)
29178 (83%) | 1028 (75%)
1050 (50%) |
|
| | Processes |
|---|
| winsvcmon.exe (100%) |
|
| HKEY_LOCAL_MACHINE@...Microsoft\securitycenter (100%)
HKEY_LOCAL_MACHINE@...Microsoft\windowsfirewall (100%)
HKEY_LOCAL_MACHINE@...windowsfirewall\domainprofile (100%)
HKEY_LOCAL_MACHINE@...windowsfirewall\standardprofile (100%)
HKEY_LOCAL_MACHINE@...Microsoft\DownloadManager (92%)
HKEY_USERS@...InternetSettings\5.0 (92%)
HKEY_USERS@...InternetSettings\Connections (92%) |
|
| 1:2001579 (92%)
1:99913 (92%)
555:5555005 (92%)
1:2002024 (83%)
1:2002025 (83%) |
|
| | MD5 |
|---|
| usually 0e4fdc1dca49bdf1dff7bca3750d4634 |
|