File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
284b6c4c413c8b157f703ee57ffeec5e | 128f8ea0cae74e25d4f5eeb24898895052306091 | 802ff97092e09cd3d0aa7e7166b2d048828839b943c9690a140043bdfb376e48 | 24576:/b4ev9M090bZa1gJAomV9TrS7VxpNBVJQ:HMbZaeez6DBs | 889396 |
File Name |
---|
Extrato%5FPedencia%5FSerasa.exe |
Snort Class | Snort Alert | Count |
---|---|---|
N/A | No snort alerts generated | 0 |
AV Alert | AV Vendor |
---|---|
Backdoor.Trojan | Symantec |
Artemis!284B6C4C413C | McAfee |
Backdoor.Win32.Bifrose.dsvp | Kaspersky |
Path | Folder Name |
---|
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | B3 96 89 F2 72 69 85 36 92 37 5D BA 6D 39 31 26 2B 04 6C F6 93 1F 06 22 6A 04 E0 | 43 51 E2 71 96 F5 CA 1C A5 2A D7 9E C2 70 B2 BE E4 F6 CC A8 C6 67 95 7F 15 49 3 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
DNS | DNS Response |
---|---|
viva.is | Standard query response A 81.15.42.111 |
www.byggja.is | Standard query response CNAME byggja.is A 81.15.42.111 |
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|---|---|---|---|
81.15.42.111 | viva.is | /isa/wp-content/gallery/build.php | Mozilla/3.0 (compatible; Indy Library) | 0x06 |
81.15.42.111 | www.byggja.is | /php/smarty/templates_c/help.txt | Mozilla/3.0 (compatible; Indy Library) | 0x06 |
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|
6 | 11 | 9 | 1635 | 1090 |
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|---|
80 | 6 | 11 | 9 | 1635 | 1090 |
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|---|---|---|---|---|---|---|---|---|---|
05:43:27 | 2011-03-27 | 6 | 10.10.10.7 | 81.15.42.111 | -> | e | 127 | 80 | 11 | 1668 |
05:43:29 | 2011-03-27 | 6 | 10.10.10.7 | 81.15.42.111 | -> | e | 89 | 80 | 9 | 1057 |
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|