File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
1dd47683c694f269ccef56c84986cc8e | 962886be592f716bc5fcf59fdbeada265d4371a2 | a3a8fd81fb0c8a55bc031c8ca2747d4b54d76051e1da933dc1b665f741054f1b | 6144:0cg0lBvbaAG0hdhW0B3tcVBrG8MD4JWjIJsUH2yWO4/e1mbzqtW5GTyPQJQlpB7y:HBvbaAG0hW | 500224 |
File Name |
---|
comprovante.scr.exe |
Snort Class | Snort Alert | Count |
---|---|---|
N/A | No snort alerts generated | 0 |
AV Alert | AV Vendor |
---|---|
Adware.Websearch | Symantec |
Artemis!1DD47683C694 | McAfee |
Trojan.Win32.Buzus.hldn | Kaspersky |
Downloader | Symantec |
Generic | McAfee |
Trojan-Downloader.Win32.Delf.aq | Kaspersky |
Path | Folder Name |
---|
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | 01 01 FC 5A C6 9F 98 E3 1A D5 B4 2F AB 07 45 8C 24 31 50 41 18 D2 17 BD 0A 57 1A | 9C 40 03 C8 2F 30 90 A0 FB 3A 5C B3 82 3C D1 64 F3 B8 06 2A 4E 9F 98 E4 A6 82 4 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
DNS | DNS Response |
---|
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|---|---|---|---|
70.39.93.38 | 70.39.93.38 | /play.txt | Mozilla/3.0 (compatible; Indy Library) | 0x06 |
70.39.93.38 | 70.39.93.38 | /play.php | Mozilla/3.0 (compatible; Indy Library) | 0x06 |
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|
6 | 10 | 8 | 884 | 1030 |
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|---|
80 | 6 | 10 | 8 | 884 | 1030 |
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|---|---|---|---|---|---|---|---|---|---|
06:30:14 | 2011-04-25 | 6 | 10.10.10.7 | 70.39.93.38 | -> | e | 87 | 80 | 9 | 957 |
06:30:15 | 2011-04-25 | 6 | 10.10.10.7 | 70.39.93.38 | -> | e | 100 | 80 | 9 | 957 |
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|