Gauss: Abnormal Distribution
Tags
Common Information
| Type | Value |
|---|---|
| UUID | b540a7f0-24e9-4bb2-875f-2eb4bd313ddb |
| Fingerprint | b635da53ed962199 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 9, 2012, 5:01 p.m. |
| Added to db | Jan. 18, 2023, 9:39 p.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | Gauss: Abnormal Distribution |
| Title | Gauss: Abnormal Distribution |
| Detected Hints/Tags/Attributes | 126/3/332 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://securelist.com/analysis/36620/gauss-abnormal-distribution/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 48 | cve-2010-2568 |
|
| Details | Domain | 454 | www.google.com |
|
| Details | Domain | 2 | www.update.windows.com |
|
| Details | Domain | 3 | gowin7.com |
|
| Details | Domain | 3 | secuurity.net |
|
| Details | Domain | 3 | datajunction.org |
|
| Details | Domain | 3 | bestcomputeradvisor.com |
|
| Details | Domain | 3 | dotnetadvisor.info |
|
| Details | Domain | 3 | guest-access.net |
|
| Details | Domain | 2 | bestcomputeradvisor.info |
|
| Details | Domain | 1 | bestcomputeradvisro.info |
|
| Details | Domain | 2 | dataspotlight.net |
|
| Details | File | 2 | wmiqry32.dll |
|
| Details | File | 2 | wmihlp32.dll |
|
| Details | File | 3 | hub001.dat |
|
| Details | File | 143 | thumbs.db |
|
| Details | File | 1 | %system32%wbemwmiqry32.dll |
|
| Details | File | 1 | %system32%wbemwmihlp32.dll |
|
| Details | File | 2 | shw.tmp |
|
| Details | File | 2 | stm.tmp |
|
| Details | File | 478 | lsass.exe |
|
| Details | File | 1 | %system32%wbemwbemsvc.dll |
|
| Details | File | 3 | wbemsvc.dll |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 4 | lmon.exe |
|
| Details | File | 4 | sagui.exe |
|
| Details | File | 4 | rdtask.exe |
|
| Details | File | 7 | kpf4gui.exe |
|
| Details | File | 12 | alsvc.exe |
|
| Details | File | 5 | pxagent.exe |
|
| Details | File | 7 | fsma32.exe |
|
| Details | File | 3 | licwiz.exe |
|
| Details | File | 25 | savservice.exe |
|
| Details | File | 4 | prevxcsi.exe |
|
| Details | File | 4 | alertwall.exe |
|
| Details | File | 3 | livehelp.exe |
|
| Details | File | 19 | savadminservice.exe |
|
| Details | File | 2 | csi-eui.exe |
|
| Details | File | 5 | mpf.exe |
|
| Details | File | 3 | lookout.exe |
|
| Details | File | 4 | savprogress.exe |
|
| Details | File | 4 | lpfw.exe |
|
| Details | File | 4 | mpfcm.exe |
|
| Details | File | 4 | emlproui.exe |
|
| Details | File | 4 | savmain.exe |
|
| Details | File | 11 | outpost.exe |
|
| Details | File | 6 | fameh32.exe |
|
| Details | File | 6 | emlproxy.exe |
|
| Details | File | 3 | savcleanup.exe |
|
| Details | File | 29 | filemon.exe |
|
| Details | File | 4 | antihook.exe |
|
| Details | File | 3 | endtaskpro.exe |
|
| Details | File | 3 | savcli.exe |
|
| Details | File | 74 | procmon.exe |
|
| Details | File | 3 | xfilter.exe |
|
| Details | File | 3 | netguardlite.exe |
|
| Details | File | 3 | backgroundscanclient.exe |
|
| Details | File | 6 | sniffer.exe |
|
| Details | File | 6 | scfservice.exe |
|
| Details | File | 4 | oasclnt.exe |
|
| Details | File | 4 | sdcservice.exe |
|
| Details | File | 11 | acs.exe |
|
| Details | File | 4 | scfmanager.exe |
|
| Details | File | 3 | omnitray.exe |
|
| Details | File | 3 | sdcdevconx.exe |
|
| Details | File | 5 | aupdrun.exe |
|
| Details | File | 1 | atorshield.exe |
|
| Details | File | 9 | onlinent.exe |
|
| Details | File | 3 | sdcdevconia.exe |
|
| Details | File | 4 | sppfw.exe |
|
| Details | File | 156 | 1.exe |
|
| Details | File | 3 | opf.exe |
|
| Details | File | 3 | sdcdevcon.exe |
|
| Details | File | 4 | spfirewallsvc.exe |
|
| Details | File | 3 | ssupdate.exe |
|
| Details | File | 3 | pctavsvc.exe |
|
| Details | File | 3 | configuresav.exe |
|
| Details | File | 4 | fwsrv.exe |
|
| Details | File | 3 | terminet.exe |
|
| Details | File | 4 | pctav.exe |
|
| Details | File | 7 | alupdate.exe |
|
| Details | File | 4 | opfsvc.exe |
|
| Details | File | 3 | tscutynt.exe |
|
| Details | File | 3 | pcviper.exe |
|
| Details | File | 3 | instlsp.exe |
|
| Details | File | 3 | uwcdsvr.exe |
|
| Details | File | 3 | umxtray.exe |
|
| Details | File | 9 | persfw.exe |
|
| Details | File | 3 | cmain.exe |
|
| Details | File | 5 | dfw.exe |
|
| Details | File | 3 | updclient.exe |
|
| Details | File | 3 | pgaccount.exe |
|
| Details | File | 3 | cavaud.exe |
|
| Details | File | 4 | ipatrol.exe |
|
| Details | File | 3 | webwall.exe |
|
| Details | File | 4 | privatefirewall3.exe |
|
| Details | File | 3 | cavemsrv.exe |
|
| Details | File | 4 | pcipprev.exe |
|
| Details | File | 4 | winroute.exe |
|
| Details | File | 8 | protect.exe |
|
| Details | File | 3 | cavmr.exe |
|
| Details | File | 4 | prifw.exe |
|
| Details | File | 8 | apvxdwin.exe |
|
| Details | File | 4 | rtt_crc_service.exe |
|
| Details | File | 3 | cavvl.exe |
|
| Details | File | 4 | tzpfw.exe |
|
| Details | File | 3 | as3pf.exe |
|
| Details | File | 4 | schedulerdaemon.exe |
|
| Details | File | 3 | cavapp.exe |
|
| Details | File | 4 | avas.exe |
|
| Details | File | 4 | sdtrayapp.exe |
|
| Details | File | 3 | cavcons.exe |
|
| Details | File | 4 | pfft.exe |
|
| Details | File | 3 | avcom.exe |
|
| Details | File | 8 | siteadv.exe |
|
| Details | File | 3 | cavmud.exe |
|
| Details | File | 4 | armorwall.exe |
|
| Details | File | 6 | avkproxy.exe |
|
| Details | File | 5 | sndsrvc.exe |
|
| Details | File | 3 | cavumas.exe |
|
| Details | File | 4 | app_firewall.exe |
|
| Details | File | 7 | avkservice.exe |
|
| Details | File | 3 | snsmcon.exe |
|
| Details | File | 3 | uupd.exe |
|
| Details | File | 9 | blackd.exe |
|
| Details | File | 8 | avktray.exe |
|
| Details | File | 3 | snsupd.exe |
|
| Details | File | 3 | cavasm.exe |
|
| Details | File | 7 | blackice.exe |
|
| Details | File | 3 | avkwctrl.exe |
|
| Details | File | 4 | procguard.exe |
|
| Details | File | 3 | cavsub.exe |
|
| Details | File | 4 | umxagent.exe |
|
| Details | File | 3 | avmgma.exe |
|
| Details | File | 4 | dcsuserprot.exe |
|
| Details | File | 3 | cavuserupd.exe |
|
| Details | File | 6 | kpf4ss.exe |
|
| Details | File | 6 | avtask.exe |
|
| Details | File | 8 | avkwctl.exe |
|
| Details | File | 3 | cavq.exe |
|
| Details | File | 4 | tppfdmn.exe |
|
| Details | File | 4 | aws.exe |
|
| Details | File | 9 | firewall.exe |
|
| Details | File | 3 | cavoar.exe |
|
| Details | File | 4 | blinksvc.exe |
|
| Details | File | 3 | bgctl.exe |
|
| Details | File | 4 | thguard.exe |
|
| Details | File | 3 | cemrep.exe |
|
| Details | File | 3 | sp_rsser.exe |
|
| Details | File | 3 | bgnt.exe |
|
| Details | File | 6 | spybotsd.exe |
|
| Details | File | 3 | onaccessinstaller.exe |
|
| Details | File | 6 | op_mon.exe |
|
| Details | File | 3 | bootsafe.exe |
|
| Details | File | 3 | xauth_service.exe |
|
| Details | File | 3 | softact.exe |
|
| Details | File | 23 | cmdagent.exe |
|
| Details | File | 10 | bullguard.exe |
|
| Details | File | 3 | cavsn.exe |
|
| Details | File | 3 | vcatch.exe |
|
| Details | File | 3 | cdas2.exe |
|
| Details | File | 6 | zlh.exe |
|
| Details | File | 4 | packetizer.exe |
|
| Details | File | 4 | spyhunter3.exe |
|
| Details | File | 6 | cmgrdian.exe |
|
| Details | File | 4 | adoronsfirewall.exe |
|
| Details | File | 4 | packetyzer.exe |
|
| Details | File | 4 | wwasher.exe |
|
| Details | File | 3 | configmgr.exe |
|
| Details | File | 6 | zanda.exe |
|
| Details | File | 4 | authfw.exe |
|
| Details | File | 6 | cpd.exe |
|
| Details | File | 3 | zerospywarele.exe |
|
| Details | File | 3 | dvpapi.exe |
|
| Details | File | 3 | espwatch.exe |
|
| Details | File | 5 | dltray.exe |
|
| Details | File | 4 | zerospywarelite_installer.exe |
|
| Details | File | 5 | clamd.exe |
|
| Details | File | 3 | fgui.exe |
|
| Details | File | 5 | dlservice.exe |
|
| Details | File | 71 | wireshark.exe |
|
| Details | File | 4 | sab_wab.exe |
|
| Details | File | 3 | filedeleter.exe |
|
| Details | File | 3 | ashwebsv.exe |
|
| Details | File | 9 | tshark.exe |
|
| Details | File | 9 | superantispyware.exe |
|
| Details | File | 13 | ashdisp.exe |
|
| Details | File | 6 | rawshark.exe |
|
| Details | File | 4 | vdtask.exe |
|
| Details | File | 3 | firewall2004.exe |
|
| Details | File | 3 | ashmaisv.exe |
|
| Details | File | 17 | ethereal.exe |
|
| Details | File | 4 | asr.exe |
|
| Details | File | 5 | firewallgui.exe |
|
| Details | File | 8 | ashserv.exe |
|
| Details | File | 4 | tethereal.exe |
|
| Details | File | 3 | gateway.exe |
|
| Details | File | 4 | aswupdsv.exe |
|
| Details | File | 22 | windump.exe |
|
| Details | File | 4 | nstzerospywarelite.exe |
|
| Details | File | 3 | hpf_.exe |
|
| Details | File | 41 | avastui.exe |
|
| Details | File | 22 | tcpdump.exe |
|
| Details | File | 4 | cdinstx.exe |
|
| Details | File | 4 | iface.exe |
|
| Details | File | 41 | avastsvc.exe |
|
| Details | File | 4 | netcap.exe |
|
| Details | File | 4 | cdas17.exe |
|
| Details | File | 3 | invent.exe |
|
| Details | File | 19 | netmon.exe |
|
| Details | File | 4 | fsrt.exe |
|
| Details | File | 3 | ipcserver.exe |
|
| Details | File | 6 | cv.exe |
|
| Details | File | 4 | vsdesktop.exe |
|
| Details | File | 3 | ipctray.exe |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 32 | prefs.js |
|
| Details | File | 4 | userhome.php |
|
| Details | File | 2 | gdl.tmp |
|
| Details | File | 2 | wabdat.dat |
|
| Details | File | 196 | desktop.ini |
|
| Details | File | 2 | system32.dat |
|
| Details | File | 2 | system32.bin |
|
| Details | File | 2 | catroot.tmp |
|
| Details | File | 4 | gdfirewalltray.exe |
|
| Details | File | 4 | gdfwsvc.exe |
|
| Details | File | 18 | gdscan.exe |
|
| Details | File | 2 | abcd.exe |
|
| Details | File | 119 | avp.exe |
|
| Details | File | 4 | fch32.exe |
|
| Details | File | 2 | fsar32.exe |
|
| Details | File | 7 | fsav32.exe |
|
| Details | File | 14 | fsdfwd.exe |
|
| Details | File | 6 | fsgk32.exe |
|
| Details | File | 4 | fsgk32st.exe |
|
| Details | File | 5 | fsguidll.exe |
|
| Details | File | 3 | fshdll32.exe |
|
| Details | File | 8 | fsm32.exe |
|
| Details | File | 4 | fsmb32.exe |
|
| Details | File | 6 | fsorsp.exe |
|
| Details | File | 3 | fspc.exe |
|
| Details | File | 3 | fsqh.exe |
|
| Details | File | 7 | fssm32.exe |
|
| Details | File | 2 | fsus.exe |
|
| Details | File | 2 | gsava.exe |
|
| Details | File | 2 | gssm32.exe |
|
| Details | File | 8 | vsmon.exe |
|
| Details | File | 2 | zapro.exe |
|
| Details | File | 10 | zlclient.exe |
|
| Details | File | 1 | %commonprogramfiles%systemwabdat.dat |
|
| Details | File | 533 | ntdll.dll |
|
| Details | File | 2 | mdk.tmp |
|
| Details | File | 1 | %temp%md.bak |
|
| Details | File | 1 | %systemroot%temps61cs3.dat |
|
| Details | File | 2 | savedwnetworkconnectionswin5.cpp |
|
| Details | File | 1 | utilsmywlanapi.cpp |
|
| Details | File | 2 | savedwnetworkconnectionswin6.cpp |
|
| Details | File | 2 | visiblenetworks.cpp |
|
| Details | File | 12 | wlanapi.dll |
|
| Details | File | 2 | zm6ad3.tmp |
|
| Details | File | 1 | %temp%ws1bin.dat |
|
| Details | File | 3 | browser.js |
|
| Details | File | 2 | fileio.js |
|
| Details | File | 2 | lppd.dat |
|
| Details | File | 2 | rssf.dat |
|
| Details | File | 2 | lfm.dat |
|
| Details | File | 2 | mppd.dat |
|
| Details | File | 2 | pddp.dat |
|
| Details | File | 2 | history.cpp |
|
| Details | File | 2 | firefoxplugininstaller.cpp |
|
| Details | File | 3 | telemetry.cpp |
|
| Details | File | 2 | storage.cpp |
|
| Details | File | 2 | osutils.cpp |
|
| Details | File | 2 | processsnapshot.cpp |
|
| Details | File | 2 | event.cpp |
|
| Details | File | 2 | gaussthread.cpp |
|
| Details | File | 2 | buffer.cpp |
|
| Details | File | 2 | remotememorybuffer.cpp |
|
| Details | File | 2 | file.cpp |
|
| Details | File | 2 | mutex.cpp |
|
| Details | File | 2 | waiter.cpp |
|
| Details | File | 2 | everyonesecurityattributes.cpp |
|
| Details | File | 2 | catcher.cpp |
|
| Details | File | 2 | browserconnector.cpp |
|
| Details | File | 2 | assigner.cpp |
|
| Details | File | 2 | ieabstractelements.cpp |
|
| Details | File | 2 | formextractor.cpp |
|
| Details | File | 2 | comabstractdatatypes.cpp |
|
| Details | File | 1 | %systemroot%tempws1bin.dat |
|
| Details | File | 2 | ws1bin.dat |
|
| Details | File | 24 | evil.exe |
|
| Details | File | 1 | %systemroot%explorer.exe |
|
| Details | File | 2 | lddp.dat |
|
| Details | File | 3 | dotnetadvisor.inf |
|
| Details | File | 2 | bestcomputeradvisor.inf |
|
| Details | File | 1 | bestcomputeradvisro.inf |
|
| Details | File | 2 | c.dot |
|
| Details | File | 2 | netadvisor.inf |
|
| Details | File | 4 | c.dat |
|
| Details | File | 14 | d.dat |
|
| Details | File | 1206 | index.php |
|
| Details | File | 9 | md.bak |
|
| Details | File | 2 | s61cs3.dat |
|
| Details | md5 | 2 | C3B8AD4ECA93114947C777B19D3C6059 |
|
| Details | md5 | 2 | 08D7DDB11E16B86544E0C3E677A60E10 |
|
| Details | md5 | 2 | 055AE6B8070DF0B3521D78E1B8D2FCE4 |
|
| Details | md5 | 2 | FA54A8D31E1434539FBB9A412F4D32FF |
|
| Details | md5 | 2 | 01567CA73862056304BB87CBF797B899 |
|
| Details | md5 | 2 | 23D956C297C67D94F591FCB574D9325F |
|
| Details | md5 | 2 | ED5559B0C554055380D75C1D7F9C4424 |
|
| Details | md5 | 2 | E379270F53BA148D333134011AA3600C |
|
| Details | md5 | 2 | EF83394D9600F6D2808E0E99B5F932CA |
|
| Details | md5 | 3 | 9CA4A49135BCCDB09931CF0DBE25B5A9 |
|
| Details | md5 | 2 | ED2B439708F204666370337AF2A9E18F |
|
| Details | md5 | 2 | CBB982032AED60B133225A2715D94458 |
|
| Details | md5 | 2 | 4FB4D2EB303160C5F419CEC2E9F57850 |
|
| Details | md5 | 2 | DE2D0D6C340C75EB415F726338835125 |
|
| Details | sha256 | 1 | 5604a86ce596a239dd5b232ae32e02c690f5c45420c295c73067af44028ce0dd |
|
| Details | sha256 | 1 | ef6451fde3751f698b49c8d4975a58b57ac2799b5337b4be54e5d5b03b214572 |
|
| Details | IPv4 | 2 | 109.71.45.115 |
|
| Details | IPv4 | 2 | 182.18.166.116 |
|
| Details | IPv4 | 2 | 173.204.235.204 |
|
| Details | IPv4 | 2 | 173.204.235.196 |
|
| Details | IPv4 | 2 | 173.204.235.201 |
|
| Details | Windows Registry Key | 3 | HKCRCLSID |
|
| Details | Windows Registry Key | 1 | HKLMSOFTWAREMicrosoftWindowsCurrentVersionReliability |
|
| Details | Windows Registry Key | 1 | HKLMSYSTEMCurrentControlSetServicesDiskEnum |
|
| Details | Windows Registry Key | 1 | HKLMSOFTWAREMicrosoftWZCSVCParametersInterfaces |
|
| Details | Windows Registry Key | 1 | HKLMHARDWAREDESCRIPTIONSystem |
|
| Details | Windows Registry Key | 1 | HKLMSOFTWAREKasperskyLabAVP6 |
|
| Details | Windows Registry Key | 1 | HKLMSOFTWAREKasperskyLabprotectedAVP7 |
|
| Details | Windows Registry Key | 7 | HKLMSOFTWAREMicrosoftWindows |