File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
2121f9e582e63f86983235e8578585d4 | 338a6e7981bbaace769ae9f28d5fcb8d2512398c | 1d9ef9c77b639a51e8ed3426a34c9c6b498e549afde575b849b3564e63cdb53d | 768:4Vv0GWm/aTwgHxKXxuAzyJJlpc4793gEXB29:4Zi82wgH0Xy1J/R29 | 45056 |
File Name |
---|
phi666.exe |
fct23rg.exe |
Snort Class | Snort Alert | Count |
---|---|---|
N/A | No snort alerts generated | 0 |
AV Alert | AV Vendor |
---|---|
Suspicious.Insight | Symantec |
N/A | McAfee |
N/A | Kaspersky |
potentially | McAfee |
Path | Folder Name |
---|
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | EE C2 EA B3 79 D6 50 4C A0 C4 0C C4 0E 18 15 2E B4 F6 C7 E0 6E 92 A4 4A C4 C2 1E | A0 34 C0 40 BA 5A B2 40 C9 3B 3C 0A 28 5B 3F BC F1 38 2A 75 AC B3 57 94 C8 FA 5 |
modified | HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/ProfileList/S-1-5-20 | RefCount | 0x00000002 | 0x00000001 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | A1 E4 4A 49 FE 0A 0F EE B1 2F D4 E3 B3 8D C0 00 CB C1 B1 04 D8 30 62 DA 3A 0C 2E | 4E A1 C4 74 F1 70 B4 8B DA 47 DC C2 83 7D 32 DF 76 B1 58 05 81 E1 CF 44 B3 7A 9 |
modified | HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/ProfileList/S-1-5-20 | RefCount | 0x00000002 | 0x00000001 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
DNS | DNS Response |
---|
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|---|---|---|---|
239.255.255.250 | 239.255.255.250:1900 | * | --blank-- | 0x11 |
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|
17 | 2 | 0 | 350 | 0 |
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|---|
1900 | 17 | 2 | 0 | 350 | 0 |
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|---|---|---|---|---|---|---|---|---|---|
23:13:40 | 2010-04-20 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
09:21:05 | 2010-06-16 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
09:21:11 | 2010-06-16 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 1 | 175 |
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|