Your Peace of Mind is our Commitment

Contact Us English Recent Articles

August Honeypot Report

First published: 31st August 2013

Technical problems prevented the publication of a June report. This is the nineteenth monthly report from West Coast Labs's honeypot in Hong Kong, providing some indication of the type and level of malware threat in Hong Kong, but it is only based on a single honeypot, so the conclusions should be treated with caution. The number of attacks remains at a low level.

Average Time To Infect: 30 hours

The average time to infect is an indication of how long it would be before a vulnerable computer connected to the internet in Hong Kong became infected.

Summary

Source of Attacks

The following breaks down where these attacks have come from by use of IP geolocation.

7United_States
3China
3Taiwan
2Japan
2Venezuela
1Russia
1Germany
1Israel
1Netherlands
1Spain
1Sweden
1Vietnam

Malware

Checksum (md5)This monthPrevious countDetection*
0152fe5f6bd7ca1a99d3cfbfe7da45fc1 0 ***NEWY (W32/RAHack.A.gen!Eldorado ,Net-Worm.Win32.Allaple.b , , )
3875b6257d4d21d51ec13247ee4c1cdb350Y (W32/Sdbot.AEFV W32/Malware!44f4 , Backdoor.Win32.Rbot.bni , W32Rbot!I2663.exe , )
9107c0f3a3749f4495e190a790bda9641 0 ***NEWY (w32/allaple.a.gen!eldorado , Net-Worm.Win32.Allaple.e , , )
f4f4a89637f123324efcad3e4225edfe2 XY (w32/virut.7116 , Backdoor.Win32.Rbot.adqd , , )
fc09612173236ba724837546ef2b5f821 0 ***NEWY (w32/virut.7116 , backdoor.win32.rbot.adqd , , )
0f51974913a4f5be110ab1069c93e13f2 XY (W32/Virut.AG , , Backdoor.Win32.Rbot.adqd , )
405594052cc451d83c1bb33bf8df68461 0 ***NEWY (W32/Endom.A , Net-Worm.Win32.Allaple.a , , )
644ea081625064565c7e9816f235f2641 1Y (w32/virut.7116 , Backdoor.Win32.Rbot.adqd , , )
dca8713db4f5b7b84a66b51d925e7f9c1 3Y (w32/sdbot.aefv , Virus.Win32.Virut.n Backdoor.Win32.Rb ot.vqt , , )
64b4345a946bc9388412fedd53fb21cf1 1Y (W32/Trojan-Sml-SDCW!Eldorado , Email-Worm.Win32.Update r.k , , )
6e92036c8ed5b0824f9ba48ae4922ed11 0 ***NEWN (, , , )
b37f561aaa4cd24259197f3cd228eae71 3Y (W32/Sdbot.AEFV , Backdoor.Win32.Rbot.adqd , , )
532a46e3f70dc640344f68e9c3908d901 2Y (w32/virut.7205 , Backdoor.Win32.Rbot.adqd , , )
fd28c5e1c38caa35bf5e1987e6167f4c1 1Y (W32/Trojan5.DCW w32/backdoor.zzr , Net-Worm.Win32.Kola bc.dls Backdoor.Win32.Rbot.aftu , , )
ac78b607517e12904fc29d2582571b111 2Y (w32/virut.7116 , Backdoor.Win32.Rbot.adqd , , )
c5ff7232868333107fa3efe895f123611 4Y (W32/Sdbot.OTR , Net-Worm.Win32.Kolab.aefe Backdoor.Win32.Rbot.bqj , , )
1f8a826b2ae94daa78f6542ad4ef173b1 7Y (W32/Trojan5.DCW w32/backdoor.zzr , Backdoor.Win32.Rbot.aftu Backdoor.Win32.Rbot.phv Backdoor.Win32.Rbot.ion , , )
6f06e39cb6df0908d5ab6e661c6b03861 2Y (W32/Sdbot.OTR , Backdoor.Win32.Rbot.adqd , )
382fdcff132b058cfe50065b84fd8a4c1 2Y (w32/virut.7116 W32/Sdbot.AEFV , Backdoor.Win32.Rbot.adqd , , )
c97f4c7d3ed204c21225432e4c4be6af1 0 ***NEWY (W32/Trojan.MEX , Backdoor.Win32.Rbot.bni , , )

Note:

The parameter 'Detection' here relates to whether one or more scanners was able to associate a name with this checksum.


More Information