**** Malware_Report_-_Results ****
This report shows all the different areas TAZER analyzes for the sample: Host, Network Activity, and Detection.

Malware Search Criteria:
MD5 =5f6f015258a389abcd1323132745b7b2

**** Malware_Report_-_Results ****
 _____________________________________________________________________________________________________________________________________________________________________________________________________________________________________
|File_MD5Sum_____________________|SHA1SUM_________________________________|SHA256SUM_______________________________________________________|FUZZY_HASH______________________________________________________________________|File_Size|
|5f6f015258a389abcd1323132745b7b2|7a0d4126bb5886a1d4033b789af56600d51032ff|513799d90c802dba6d418aada13d4ec8cec6e2fa87efa784185a3ba7793bc2a0|384:FvDpFWRADvRlUSa0wFJIaKYmaVaR+lj7yWIehMDkVAyVva3W8Kr:FvD6RSvRldRumaVa4lXyreiD|19750____|
**** File_Results ****
 _________
|File_Name|
|kiss.exe_|
**** SNORT_Results ****
 ___________________________________________
|Snort_Class|Snort_Alert______________|Count|
|N/A________|No_snort_alerts_generated|0____|
**** AV_Results ****
 __________________
|AV_Alert|AV_Vendor|
**** Folders_(Added)_-_ICC_Results ****
 __________________________________________________________________________________________________
|Path__________________________________________________________________________________|Folder_Name|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|87IMY4XV___|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C___|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|MILJGV5B___|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|WO4JPI86___|
|c:/WINDOWS____________________________________________________________________________|srftcet____|
**** Files_(Added)_-_ICC_Results ****
 _______________________________________________________________________________________________________________________
|Path___________________________________________________________________________________________|File_Name______________|
|c:/Documents_and_Settings/dmc73144/Desktop_____________________________________________________|Internet_Explorer.lnk__|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~DF6D3B.tmp____________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/87IMY4XV|desktop.ini____________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/87IMY4XV|xx[1].htm______________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini____________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|ie[1].htm______________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/MILJGV5B|desktop.ini____________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/MILJGV5B|iebat[1].htm___________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/WO4JPI86|desktop.ini____________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/WO4JPI86|h[1].htm_______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|CACLS.EXE-25504E4A.pf__|
|c:/WINDOWS/Prefetch____________________________________________________________________________|SANDNET.EXE-2012C478.pf|
|c:_____________________________________________________________________________________________|netstat_post.txt_______|
|c:_____________________________________________________________________________________________|tasksvc_post.txt_______|
|c:_____________________________________________________________________________________________|taskv_post.txt_________|
**** Files_(Deleted)_-_ICC_Results ****
 _____________________
|Action|Path|File_Name|
**** Files_(Changed)_-_ICC_Results ****
 ________________________________________________________________________________________________________________________
|Action__|Path__________________________________________________________________________________|File_Name_______________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|ATTRIB.EXE-39EAFB02.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|HSTART.EXE-221D72BF.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/system32/drivers/etc_______________________________________________________|hosts___________________|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
**** Registry_Keys_(Added)_-_ICC_Results ****
 ___________
|Action|Path|
**** Registry_Values_(Added)_-_ICC_Results ****
 _____________________________
|Action|Path|Val_Name|Val_Data|
**** Registry_Values_(Deleted)_-_ICC_Results ****
 ________________________________________________________________
|Action|Path|Val_Name|Val_Type|Mod_Val_Type|Val_Data|Mod_Val_Data|
**** Registry_Values_(Changed)_-_ICC_Results ****
 ______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________
|Action__|Path____________________________________________________________________________________________________________________|Val_Name___________|Val_Data________________________________________________________________________|Mod_Val_Data___________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|82_1F_99_66_1D_62_4F_AA_3E_CD_1C_14_35_85_0D_6C_9F_2A_78_8D_83_C8_35_5C_3C_9A_5E|4E_78_24_C4_61_AA_D5_C6_30_23_7E_AB_64_79_2A_2D_C1_9C_16_C1_AD_B7_CF_4E_B8_EE_4|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000003_____________________________________________________________________|
**** DNS_Results ****
 ________________________________________________________
|DNS_____________|DNS_Response___________________________|
|www.66bv.com____|Standard_query_response_A_210.56.59.220|
|angzang.7766.org|Standard_query_response_A_127.0.0.1____|
**** URL_Results ****
 ______________________________________________________________________________________________________________________
|DstIP__________|HTTP_HOST___________|HTTP_REQUEST_URI|HTTP_USER_AGENT________________________________________|PROTOCOL|
|210.56.59.220__|www.66bv.com________|/ie.txt_________|Mozilla/4.0_(compatible;_MSIE_6.0;_Windows_NT_5.1;_SV1)|0x06____|
|210.56.59.220__|www.66bv.com________|/h.txt__________|Mozilla/4.0_(compatible;_MSIE_6.0;_Windows_NT_5.1;_SV1)|0x06____|
|210.56.59.220__|www.66bv.com________|/xx.txt_________|Mozilla/4.0_(compatible;_MSIE_6.0;_Windows_NT_5.1;_SV1)|0x06____|
|210.56.59.220__|www.66bv.com________|/iebat.txt______|Mozilla/4.0_(compatible;_MSIE_6.0;_Windows_NT_5.1;_SV1)|0x06____|
|239.255.255.250|239.255.255.250:1900|*_______________|--blank--______________________________________________|0x11____|
**** ARGUS_PROTOCOL_Results ****
 ______________________________________________
|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
|6_______|20______|16______|2014_____|2060_____|
|17______|2_______|0_______|350______|0________|
**** ARGUS_DPORT_Results ****
 ____________________________________________________
|DPORT|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
|80___|6_______|20______|16______|2014_____|2060_____|
|1900_|17______|2_______|0_______|350______|0________|
**** ARGUS_DATA_Results ****
 ________________________________________________________________________________________
|Time____|Date______|Protocol|SrcIP_____|DstIP__________|Dir|Flags|Sport|Dport|Pkts|Bytes|
|22:11:33|2011-05-01|6_______|10.10.10.7|210.56.59.220__|->_|e____|39___|80___|9___|1018_|
|22:11:40|2011-05-01|6_______|10.10.10.7|210.56.59.220__|->_|e____|43___|80___|9___|1017_|
|22:11:42|2011-05-01|6_______|10.10.10.7|210.56.59.220__|->_|e____|56___|80___|9___|1018_|
|22:11:44|2011-05-01|6_______|10.10.10.7|210.56.59.220__|->_|e____|20___|80___|9___|1021_|
|22:17:10|2011-05-01|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
**** Packer_Results ****
 ___________
|Packer_Name|
**** HoneyTrap_Results ****
 ____________________________
|Honey_Trap_Log_File_Location|
**** PTFB_Results ****
 ______________________
|PTFB_Log_File_Location|