File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
67738ed6eedad5b814d8ecd1fc823b42 | 71e181f0ab6b0eba11c5dda31677a60178dfbeda | c612cba9b4943c74d0ad1c6b51246f38d16a6a2a32bc10388525d21839de878a | 1536:igYPhQXwIiPrrjThO+lUBrzCxry1ec7rUyj239au7538iJkZKd:FYP2XerzhOUxu/XUtauF8iJk | 94564 |
File Name |
---|
6h.exe |
Snort Class | Snort Alert | Count |
---|
AV Alert | AV Vendor |
---|---|
N/A | Symantec |
Artemis!67738ED6EEDA | McAfee |
Trojan.RAR.Qhost.c | Kaspersky |
Path | Folder Name |
---|
Path | File Name |
---|---|
c:/WINDOWS/Prefetch | 7Z.EXE-1A62CD19.pf |
c:/WINDOWS/Prefetch | SANDNET.EXE-2012C478.pf |
c: | netstat_post.txt |
c: | tasksvc_post.txt |
c: | taskv_post.txt |
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | D0 B6 2D 0B D1 BC 6E 44 91 28 81 72 D7 A2 E2 88 69 AB B4 A8 54 28 54 FF 60 9C B5 | 65 1F 3F 3E 3B D8 4B 16 2B EE 7D DD AD 23 2B 2C ED 2B CE 8A 66 BB 1B A9 86 D1 6 |
DNS | DNS Response |
---|
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|