File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
2c8f3943d1aa7331ad068b0099b46f1c | d8b85802a76c0ea3e1a901a1f05d368c49468b81 | 36ea123c7ae6ff6b2995b047a2d06ad671203e834efa052effebfcfd768ea886 | 6144:EcWMJJhqryYP/daqlzAFV9X3J5+qNBEA0HAcjdQ5YQFXCdwdWJXWKD:EczJJhqrVPldApX55+qz | 281310 |
File Name |
---|
callistointgoup.exe |
Snort Class | Snort Alert | Count |
---|---|---|
N/A | No snort alerts generated | 0 |
AV Alert | AV Vendor |
---|---|
N/A | Symantec |
Artemis!212F78522E8E | McAfee |
Trojan.Win32.FakeTest.g | Kaspersky |
Fakesurvey | Symantec |
Artemis!2C8F3943D1AA | McAfee |
Path | Folder Name |
---|---|
c:/Documents and Settings/dmc73144 | test |
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | 9E AD 9E 5B 48 97 CD FD 2F AC F0 43 41 FB D9 FB 83 10 3D C1 7A 42 FA 23 7A FA 58 | E8 EC CA 21 E5 1E 6C A6 7E 61 91 35 5C 53 27 AD 17 0F FC 0A D8 D9 B3 F0 21 B1 D |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000003 |
DNS | DNS Response |
---|
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|---|---|---|---|
239.255.255.250 | 239.255.255.250:1900 | * | --blank-- | 0x11 |
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|
17 | 1 | 0 | 175 | 0 |
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|---|
1900 | 17 | 1 | 0 | 175 | 0 |
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|---|---|---|---|---|---|---|---|---|---|
03:29:52 | 2011-03-23 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 3631 | 1900 | 1 | 175 |
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|