File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
3ea18be76d34b210a3fe56eb80c4d231 | b98d608453333bef01b78d60a46dc8d3f517eb1d | d9e264ae16640b15290c6089d660f1182e61076a739510b8ab00eab71678010a | 192:1QerK9y+sfumHpS+3D/0HMbDhe8lNcLvnKRUvX/sH+TrfKNQglGA461PHNtyQ0S0:DrK9sbHp/SM | 28926 |
File Name |
---|
182.exe |
Snort Class | Snort Alert | Count |
---|
AV Alert | AV Vendor |
---|
Path | Folder Name |
---|---|
c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5 | ITB2CJ0C |
c:/WINDOWS/system32 | jarinet |
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|---|---|---|
added | HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run | QQExtrenal | "c:/windows/system32/jarinet/QQExtrenal.exe" |
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | C8 2C 10 A5 06 DA 52 46 37 7D EA D7 B1 ED DA F8 3B B1 00 BE 8D 58 23 C9 19 E4 FB | 0D 02 A5 44 FA 4F B9 50 11 3D A8 60 2D 98 7B 06 26 B1 98 12 48 30 2E 53 45 8C A7 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections | SavedLegacySettings | 3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 | 3C 00 00 00 16 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 |
DNS | DNS Response |
---|
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|