Malware Report

Malware Report - Results

This report shows all the different areas TAZER analyzes for the sample: Host, Network Activity, and Detection.

Malware Search Criteria:

MD5 =6ac989fbb46fbb726c9ce8b5ebd07c30

Malware Report - Results

File MD5Sum	SHA1SUM	SHA256SUM	FUZZY HASH	File Size
6ac989fbb46fbb726c9ce8b5ebd07c30	480e2a8bd30a5753692643965ca99bb83186ef09	e0ffe2912f1d9bf21ab7f745b5298ce574968b46c926c9e0cb6abf2d91a9ac95	768:pvKG4xBLjPsW0qKZmnX4LESpyxHl8ixYQOeb1hhToRm0oCaHqAg0tSarRWtOdsnZ:p2/50qKZdLo	41472

File Results

File Name
Play%5FVideo%5FClick%5FRun.exe
faq.txt.exe
build.exe
bottan.exe
bgd2.txt.exe
bgd2.txt%3Ft%3D0.3953301.exe

SNORT Results

Snort Class	Snort Alert	Count
Misc Attack	ET RBN Known Russian Business Network IP TCP (5)	4

AV Results

AV Alert	AV Vendor
Trojan.Gen	Symantec
N/A	McAfee
Backdoor.Win32.VB.lvn	Kaspersky
Artemis!6AC989FBB46F	McAfee
Generic	McAfee

Folders (Added) - ICC Results

Path	Folder Name

Files (Added) - ICC Results

Path	File Name
c:/Documents and Settings/dmc73144/Local Settings/Temp	2488.exe
c:/Documents and Settings/dmc73144/Local Settings/Temp	yq4yr18ww.bat
c:/Documents and Settings/dmc73144/Local Settings/Temp	~DF708E.tmp
c:/WINDOWS/Prefetch	2488.EXE-2190F40D.pf
c:/WINDOWS/Prefetch	NET.EXE-01A53C2F.pf
c:/WINDOWS/Prefetch	NET1.EXE-029B9DB4.pf
c:/WINDOWS/Prefetch	SANDNET.EXE-2012C478.pf
c:/WINDOWS/Prefetch	SC.EXE-012262AF.pf
c:/WINDOWS/system32	87ghd.log
c:	netstat_post.txt
c:	tasksvc_post.txt
c:	taskv_post.txt
c:/Documents and Settings/dmc73144/Local Settings/Temp	2488.exe
c:/Documents and Settings/dmc73144/Local Settings/Temp	oguohrym.bat
c:/Documents and Settings/dmc73144/Local Settings/Temp	~DF8D8E.tmp
c:/WINDOWS/Prefetch	2488.EXE-2190F40D.pf
c:/WINDOWS/Prefetch	NET.EXE-01A53C2F.pf
c:/WINDOWS/Prefetch	NET1.EXE-029B9DB4.pf
c:/WINDOWS/Prefetch	SANDNET.EXE-2012C478.pf
c:/WINDOWS/Prefetch	SC.EXE-012262AF.pf
c:/WINDOWS/system32	87ghd.log
c:	netstat_post.txt
c:	tasksvc_post.txt
c:	taskv_post.txt
c:/Documents and Settings/dmc73144/Local Settings/Temp	2488.exe
c:/Documents and Settings/dmc73144/Local Settings/Temp	80e81bi6.bat
c:/Documents and Settings/dmc73144/Local Settings/Temp	~DF704D.tmp
c:/WINDOWS/Prefetch	2488.EXE-2190F40D.pf
c:/WINDOWS/Prefetch	NET.EXE-01A53C2F.pf
c:/WINDOWS/Prefetch	NET1.EXE-029B9DB4.pf
c:/WINDOWS/Prefetch	SANDNET.EXE-2012C478.pf
c:/WINDOWS/Prefetch	SC.EXE-012262AF.pf
c:/WINDOWS/system32	87ghd.log
c:	netstat_post.txt
c:	tasksvc_post.txt
c:	taskv_post.txt
c:/Documents and Settings/dmc73144/Local Settings/Temp	2488.exe
c:/Documents and Settings/dmc73144/Local Settings/Temp	80e81bi6.bat
c:/Documents and Settings/dmc73144/Local Settings/Temp	~DF8BA1.tmp
c:/WINDOWS/Prefetch	2488.EXE-2190F40D.pf
c:/WINDOWS/Prefetch	NET.EXE-01A53C2F.pf
c:/WINDOWS/Prefetch	NET1.EXE-029B9DB4.pf
c:/WINDOWS/Prefetch	SANDNET.EXE-2012C478.pf
c:/WINDOWS/Prefetch	SC.EXE-012262AF.pf
c:/WINDOWS/system32	87ghd.log
c:	netstat_post.txt
c:	tasksvc_post.txt
c:	taskv_post.txt
c:/Documents and Settings/dmc73144/Local Settings/Temp	2488.exe
c:/Documents and Settings/dmc73144/Local Settings/Temp	ohvoiryn.bat
c:/Documents and Settings/dmc73144/Local Settings/Temp	~DF8DF2.tmp
c:/WINDOWS/Prefetch	2488.EXE-2190F40D.pf
c:/WINDOWS/Prefetch	NET.EXE-01A53C2F.pf
c:/WINDOWS/Prefetch	NET1.EXE-029B9DB4.pf
c:/WINDOWS/Prefetch	SANDNET.EXE-2012C478.pf
c:/WINDOWS/Prefetch	SC.EXE-012262AF.pf
c:/WINDOWS/system32	87ghd.log
c:	netstat_post.txt
c:	tasksvc_post.txt
c:	taskv_post.txt
c:/Documents and Settings/dmc73144/Local Settings/Temp	2488.exe
c:/Documents and Settings/dmc73144/Local Settings/Temp	3v93w6d11.bat
c:/Documents and Settings/dmc73144/Local Settings/Temp	~DF714C.tmp
c:/WINDOWS/Prefetch	2488.EXE-2190F40D.pf
c:/WINDOWS/Prefetch	NET.EXE-01A53C2F.pf
c:/WINDOWS/Prefetch	NET1.EXE-029B9DB4.pf
c:/WINDOWS/Prefetch	SANDNET.EXE-2012C478.pf
c:/WINDOWS/Prefetch	SC.EXE-012262AF.pf
c:/WINDOWS/system32	87ghd.log
c:	netstat_post.txt
c:	tasksvc_post.txt
c:	taskv_post.txt
c:/Documents and Settings/dmc73144/Local Settings/Temp	2488.exe
c:/Documents and Settings/dmc73144/Local Settings/Temp	91f92cj7.bat
c:/Documents and Settings/dmc73144/Local Settings/Temp	~DF7FE4.tmp
c:/WINDOWS/Prefetch	2488.EXE-2190F40D.pf
c:/WINDOWS/Prefetch	NET.EXE-01A53C2F.pf
c:/WINDOWS/Prefetch	NET1.EXE-029B9DB4.pf
c:/WINDOWS/Prefetch	SANDNET.EXE-2012C478.pf
c:/WINDOWS/Prefetch	SC.EXE-012262AF.pf
c:/WINDOWS/system32	87ghd.log
c:	netstat_post.txt
c:	taskv_post.txt
c:/Documents and Settings/dmc73144/Local Settings/Temp	2488.exe
c:/Documents and Settings/dmc73144/Local Settings/Temp	oguohrym.bat
c:/Documents and Settings/dmc73144/Local Settings/Temp	~DF641E.tmp
c:/WINDOWS/Prefetch	2488.EXE-2190F40D.pf
c:/WINDOWS/Prefetch	NET.EXE-01A53C2F.pf
c:/WINDOWS/Prefetch	NET1.EXE-029B9DB4.pf
c:/WINDOWS/Prefetch	SANDNET.EXE-2012C478.pf
c:/WINDOWS/Prefetch	SC.EXE-012262AF.pf
c:/WINDOWS/system32	87ghd.log
c:	netstat_post.txt
c:	tasksvc_post.txt
c:	taskv_post.txt
c:/Documents and Settings/dmc73144/Local Settings/Temp	2488.exe
c:/Documents and Settings/dmc73144/Local Settings/Temp	7zd70ah5.bat
c:/Documents and Settings/dmc73144/Local Settings/Temp	~DF9547.tmp
c:/WINDOWS/Prefetch	2488.EXE-2190F40D.pf
c:/WINDOWS/Prefetch	NET.EXE-01A53C2F.pf
c:/WINDOWS/Prefetch	NET1.EXE-029B9DB4.pf
c:/WINDOWS/Prefetch	SANDNET.EXE-2012C478.pf
c:/WINDOWS/Prefetch	SC.EXE-012262AF.pf
c:/WINDOWS/system32	87ghd.log
c:	netstat_post.txt
c:	tasksvc_post.txt
c:	taskv_post.txt

Files (Deleted) - ICC Results

Action	Path	File Name

Files (Changed) - ICC Results

Action	Path	File Name
modified	c:/Documents and Settings/dmc73144/Cookies	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/History/History.IE5	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5	index.dat
modified	c:/Documents and Settings/dmc73144	ntuser.dat.LOG
modified	c:/Documents and Settings/LocalService	ntuser.dat.LOG
modified	c:/WINDOWS/Prefetch	CMD.EXE-087B4001.pf
modified	c:/WINDOWS/Prefetch	HSTART.EXE-221D72BF.pf
modified	c:/WINDOWS/Prefetch	NETSTAT.EXE-2B2B4428.pf
modified	c:/WINDOWS/Prefetch	SH.EXE-00254D2B.pf
modified	c:/WINDOWS/Prefetch	SLEEP.EXE-094A3D2A.pf
modified	c:/WINDOWS/Prefetch	SSHD.EXE-298CA236.pf
modified	c:/WINDOWS/Prefetch	SWITCH.EXE-0496EC21.pf
modified	c:/WINDOWS/Prefetch	TASKLIST.EXE-10D94B23.pf
modified	c:/WINDOWS/system32/config	software.LOG
modified	c:/WINDOWS/system32/config	system.LOG
modified	c:/WINDOWS/system32/drivers/etc	hosts
modified	c:/WINDOWS/system32/wbem/Logs	wbemess.log
modified	c:/Documents and Settings/dmc73144/Cookies	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/History/History.IE5	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5	index.dat
modified	c:/Documents and Settings/dmc73144	ntuser.dat.LOG
modified	c:/Documents and Settings/LocalService	ntuser.dat.LOG
modified	c:/WINDOWS/Prefetch	CMD.EXE-087B4001.pf
modified	c:/WINDOWS/Prefetch	HSTART.EXE-221D72BF.pf
modified	c:/WINDOWS/Prefetch	NETSTAT.EXE-2B2B4428.pf
modified	c:/WINDOWS/Prefetch	SH.EXE-00254D2B.pf
modified	c:/WINDOWS/Prefetch	SLEEP.EXE-094A3D2A.pf
modified	c:/WINDOWS/Prefetch	SSHD.EXE-298CA236.pf
modified	c:/WINDOWS/Prefetch	SWITCH.EXE-0496EC21.pf
modified	c:/WINDOWS/Prefetch	TASKLIST.EXE-10D94B23.pf
modified	c:/WINDOWS/system32/config	software.LOG
modified	c:/WINDOWS/system32/config	system.LOG
modified	c:/WINDOWS/system32/drivers/etc	hosts
modified	c:/WINDOWS/system32/wbem/Logs	wbemess.log
modified	c:/WINDOWS/system32/wbem/Logs	wmiprov.log
modified	c:/Documents and Settings/dmc73144/Cookies	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/History/History.IE5	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5	index.dat
modified	c:/Documents and Settings/dmc73144	ntuser.dat.LOG
modified	c:/Documents and Settings/LocalService	ntuser.dat.LOG
modified	c:/WINDOWS/Prefetch	CMD.EXE-087B4001.pf
modified	c:/WINDOWS/Prefetch	HSTART.EXE-221D72BF.pf
modified	c:/WINDOWS/Prefetch	NETSTAT.EXE-2B2B4428.pf
modified	c:/WINDOWS/Prefetch	SH.EXE-00254D2B.pf
modified	c:/WINDOWS/Prefetch	SLEEP.EXE-094A3D2A.pf
modified	c:/WINDOWS/Prefetch	SSHD.EXE-298CA236.pf
modified	c:/WINDOWS/Prefetch	SWITCH.EXE-0496EC21.pf
modified	c:/WINDOWS/Prefetch	TASKLIST.EXE-10D94B23.pf
modified	c:/WINDOWS/system32/config	software.LOG
modified	c:/WINDOWS/system32/config	system.LOG
modified	c:/WINDOWS/system32/drivers/etc	hosts
modified	c:/WINDOWS/system32/wbem/Logs	wbemess.log
modified	c:/Documents and Settings/dmc73144/Cookies	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/History/History.IE5	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5	index.dat
modified	c:/Documents and Settings/dmc73144	ntuser.dat.LOG
modified	c:/Documents and Settings/LocalService	ntuser.dat.LOG
modified	c:/WINDOWS/Prefetch	CMD.EXE-087B4001.pf
modified	c:/WINDOWS/Prefetch	HSTART.EXE-221D72BF.pf
modified	c:/WINDOWS/Prefetch	NETSTAT.EXE-2B2B4428.pf
modified	c:/WINDOWS/Prefetch	SH.EXE-00254D2B.pf
modified	c:/WINDOWS/Prefetch	SLEEP.EXE-094A3D2A.pf
modified	c:/WINDOWS/Prefetch	SSHD.EXE-298CA236.pf
modified	c:/WINDOWS/Prefetch	SWITCH.EXE-0496EC21.pf
modified	c:/WINDOWS/Prefetch	TASKLIST.EXE-10D94B23.pf
modified	c:/WINDOWS/system32/config	software.LOG
modified	c:/WINDOWS/system32/config	system.LOG
modified	c:/WINDOWS/system32/drivers/etc	hosts
modified	c:/WINDOWS/system32/wbem/Logs	wbemess.log
modified	c:/Documents and Settings/dmc73144/Cookies	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/History/History.IE5	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5	index.dat
modified	c:/Documents and Settings/dmc73144	ntuser.dat.LOG
modified	c:/Documents and Settings/LocalService	ntuser.dat.LOG
modified	c:/WINDOWS/Prefetch	CMD.EXE-087B4001.pf
modified	c:/WINDOWS/Prefetch	HSTART.EXE-221D72BF.pf
modified	c:/WINDOWS/Prefetch	NETSTAT.EXE-2B2B4428.pf
modified	c:/WINDOWS/Prefetch	SH.EXE-00254D2B.pf
modified	c:/WINDOWS/Prefetch	SLEEP.EXE-094A3D2A.pf
modified	c:/WINDOWS/Prefetch	SSHD.EXE-298CA236.pf
modified	c:/WINDOWS/Prefetch	SWITCH.EXE-0496EC21.pf
modified	c:/WINDOWS/Prefetch	TASKLIST.EXE-10D94B23.pf
modified	c:/WINDOWS/system32/config	software.LOG
modified	c:/WINDOWS/system32/config	system.LOG
modified	c:/WINDOWS/system32/drivers/etc	hosts
modified	c:/WINDOWS/system32/wbem/Logs	wbemess.log
modified	c:/WINDOWS/system32/wbem/Logs	wmiprov.log
modified	c:/Documents and Settings/dmc73144/Cookies	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/History/History.IE5	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5	index.dat
modified	c:/Documents and Settings/dmc73144	ntuser.dat.LOG
modified	c:/Documents and Settings/LocalService	ntuser.dat.LOG
modified	c:/WINDOWS/Prefetch	CMD.EXE-087B4001.pf
modified	c:/WINDOWS/Prefetch	HSTART.EXE-221D72BF.pf
modified	c:/WINDOWS/Prefetch	NETSTAT.EXE-2B2B4428.pf
modified	c:/WINDOWS/Prefetch	SH.EXE-00254D2B.pf
modified	c:/WINDOWS/Prefetch	SLEEP.EXE-094A3D2A.pf
modified	c:/WINDOWS/Prefetch	SSHD.EXE-298CA236.pf
modified	c:/WINDOWS/Prefetch	SWITCH.EXE-0496EC21.pf
modified	c:/WINDOWS/Prefetch	TASKLIST.EXE-10D94B23.pf
modified	c:/WINDOWS/system32/config	software.LOG
modified	c:/WINDOWS/system32/config	system.LOG
modified	c:/WINDOWS/system32/drivers/etc	hosts
modified	c:/WINDOWS/system32/wbem/Logs	wbemess.log
modified	c:/WINDOWS/system32/wbem/Logs	wmiprov.log
modified	c:/Documents and Settings/dmc73144/Cookies	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/History/History.IE5	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5	index.dat
modified	c:/Documents and Settings/dmc73144	ntuser.dat.LOG
modified	c:/Documents and Settings/LocalService	ntuser.dat.LOG
modified	c:/WINDOWS/Prefetch	CMD.EXE-087B4001.pf
modified	c:/WINDOWS/Prefetch	HSTART.EXE-221D72BF.pf
modified	c:/WINDOWS/Prefetch	NETSTAT.EXE-2B2B4428.pf
modified	c:/WINDOWS/Prefetch	SH.EXE-00254D2B.pf
modified	c:/WINDOWS/Prefetch	SLEEP.EXE-094A3D2A.pf
modified	c:/WINDOWS/Prefetch	SSHD.EXE-298CA236.pf
modified	c:/WINDOWS/Prefetch	SWITCH.EXE-0496EC21.pf
modified	c:/WINDOWS/Prefetch	TASKLIST.EXE-10D94B23.pf
modified	c:/WINDOWS/system32/config	software.LOG
modified	c:/WINDOWS/system32/config	system.LOG
modified	c:/WINDOWS/system32/drivers/etc	hosts
modified	c:/WINDOWS/system32/wbem/Logs	wbemess.log
modified	c:/WINDOWS/system32/wbem/Logs	wmiprov.log
modified	c:/Documents and Settings/dmc73144/Cookies	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/History/History.IE5	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5	index.dat
modified	c:/Documents and Settings/dmc73144	ntuser.dat.LOG
modified	c:/Documents and Settings/LocalService	ntuser.dat.LOG
modified	c:/WINDOWS/Prefetch	CMD.EXE-087B4001.pf
modified	c:/WINDOWS/Prefetch	HSTART.EXE-221D72BF.pf
modified	c:/WINDOWS/Prefetch	NETSTAT.EXE-2B2B4428.pf
modified	c:/WINDOWS/Prefetch	SH.EXE-00254D2B.pf
modified	c:/WINDOWS/Prefetch	SLEEP.EXE-094A3D2A.pf
modified	c:/WINDOWS/Prefetch	SSHD.EXE-298CA236.pf
modified	c:/WINDOWS/Prefetch	SWITCH.EXE-0496EC21.pf
modified	c:/WINDOWS/Prefetch	TASKLIST.EXE-10D94B23.pf
modified	c:/WINDOWS/system32/config	software.LOG
modified	c:/WINDOWS/system32/config	system.LOG
modified	c:/WINDOWS/system32/drivers/etc	hosts
modified	c:/WINDOWS/system32/wbem/Logs	wbemess.log
modified	c:/WINDOWS/system32/wbem/Logs	wmiprov.log
modified	c:/Documents and Settings/dmc73144/Cookies	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/History/History.IE5	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5	index.dat
modified	c:/Documents and Settings/dmc73144	ntuser.dat.LOG
modified	c:/Documents and Settings/LocalService	ntuser.dat.LOG
modified	c:/WINDOWS/Prefetch	CMD.EXE-087B4001.pf
modified	c:/WINDOWS/Prefetch	HSTART.EXE-221D72BF.pf
modified	c:/WINDOWS/Prefetch	NETSTAT.EXE-2B2B4428.pf
modified	c:/WINDOWS/Prefetch	SH.EXE-00254D2B.pf
modified	c:/WINDOWS/Prefetch	SLEEP.EXE-094A3D2A.pf
modified	c:/WINDOWS/Prefetch	SSHD.EXE-298CA236.pf
modified	c:/WINDOWS/Prefetch	SWITCH.EXE-0496EC21.pf
modified	c:/WINDOWS/Prefetch	TASKLIST.EXE-10D94B23.pf
modified	c:/WINDOWS/system32/config	software.LOG
modified	c:/WINDOWS/system32/config	system.LOG
modified	c:/WINDOWS/system32/drivers/etc	hosts
modified	c:/WINDOWS/system32/wbem/Logs	wbemess.log
modified	c:/WINDOWS/system32/wbem/Logs	wmiprov.log

Registry Keys (Added) - ICC Results

Action	Path

Registry Values (Added) - ICC Results

Action	Path	Val_Name	Val_Data

Registry Values (Deleted) - ICC Results

Action	Path	Val_Name	Val_Type	Mod_Val_Type	Val_Data	Mod_Val_Data

Registry Values (Changed) - ICC Results

Action	Path	Val_Name	Val_Data	Mod_Val_Data
modified	HKLM/SOFTWARE/Microsoft/Cryptography/RNG	Seed	25 06 F9 D2 4F C6 8B 20 54 6C 05 A1 7B 6F 88 AC 83 DF 17 A3 B7 F3 9D BB 93 0A EF	FF 53 68 84 7F E5 6A BC 4C CE 48 49 F5 49 C7 ED 7B F1 99 2C B0 E0 72 7E 60 17 2
modified	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/ProfileList/S-1-5-19	RefCount	0x00000002	0x00000001
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/ControlSet001/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/CurrentControlSet/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00	3C 00 00 00 17 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation	ProgramCount	0x00000002	0x00000001
modified	HKLM/SOFTWARE/Microsoft/Cryptography/RNG	Seed	43 2E F1 76 34 86 57 1D 53 5C 5E CD A0 22 53 39 C5 37 FB 4C 4B 77 78 99 3C 3C 4E	6F 7A 90 81 28 E1 C1 7E C8 DF C6 0D D1 A3 B2 8E 90 00 BD 76 31 B4 F0 E1 E7 B1 A
modified	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/ProfileList/S-1-5-19	RefCount	0x00000002	0x00000001
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/ControlSet001/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/CurrentControlSet/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00	3C 00 00 00 17 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation	ProgramCount	0x00000002	0x00000001
modified	HKLM/SOFTWARE/Microsoft/Cryptography/RNG	Seed	DE D8 04 F5 0E FF 48 D4 4F A9 D9 D1 C7 31 49 3C ED F4 64 2F 69 40 3F 1C 4C 62 C5	08 F3 A8 97 1E 3C 17 7D 77 C5 4D 46 7C 8B 3D 33 D3 83 6B F0 05 0D 2C EA C9 C7 E
modified	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/ProfileList/S-1-5-19	RefCount	0x00000002	0x00000001
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/ControlSet001/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/CurrentControlSet/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00	3C 00 00 00 17 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation	ProgramCount	0x00000002	0x00000001
modified	HKLM/SOFTWARE/Microsoft/Cryptography/RNG	Seed	56 F2 84 A7 5E 04 A8 60 CB 9A 7C 12 27 8B 79 2A CF 28 72 15 52 02 6E 2A 55 94 33	C7 D9 18 6A 54 92 4A CE 8F ED 30 8F CF B6 88 2A 12 D9 26 DE A9 4F FC F7 B6 45 4
modified	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/ProfileList/S-1-5-19	RefCount	0x00000002	0x00000001
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/ControlSet001/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/CurrentControlSet/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00	3C 00 00 00 17 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation	ProgramCount	0x00000002	0x00000001
modified	HKLM/SOFTWARE/Microsoft/Cryptography/RNG	Seed	3C AB 4D C4 29 E9 72 09 57 9D 6E 71 CD DE 27 89 CD 2E D6 15 D4 42 12 E2 1F AF 3B	78 72 14 2B 9F 0D 28 6F 92 9F 46 D7 AD 47 33 66 4E 99 DF C3 E6 56 97 B9 27 5B 1
modified	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/ProfileList/S-1-5-19	RefCount	0x00000002	0x00000001
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/ControlSet001/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/CurrentControlSet/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00	3C 00 00 00 17 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation	ProgramCount	0x00000002	0x00000001
modified	HKLM/SOFTWARE/Microsoft/Cryptography/RNG	Seed	B0 51 1B 05 7D 39 27 94 B8 62 CC 69 53 5A 8A 64 9D D7 B4 0A FB 94 72 A8 A4 0F F8	57 7F 56 7E E4 AC A5 89 F9 DF 83 E4 65 78 9A C4 C8 04 1B 19 48 03 D9 1F CC C7 2
modified	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/ProfileList/S-1-5-19	RefCount	0x00000002	0x00000001
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/ControlSet001/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/CurrentControlSet/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00	3C 00 00 00 17 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation	ProgramCount	0x00000002	0x00000001
modified	HKLM/SOFTWARE/Microsoft/Cryptography/RNG	Seed	21 A7 79 42 32 E5 2C DD CC 61 FC 30 27 DC EF 6C 44 A2 6B 3E DE 04 21 1F 77 44 9A	E9 71 37 6D 32 D9 16 11 47 85 B0 AD AA C5 CF B7 F8 5E BD 21 76 66 24 1F C7 FE A
modified	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/ProfileList/S-1-5-19	RefCount	0x00000002	0x00000001
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess/Epoch	Epoch	0x00000106	0x00000107
modified	HKLM/SYSTEM/ControlSet001/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess/Epoch	Epoch	0x00000106	0x00000107
modified	HKLM/SYSTEM/CurrentControlSet/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00	3C 00 00 00 17 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation	ProgramCount	0x00000002	0x00000001
modified	HKLM/SOFTWARE/Microsoft/Cryptography/RNG	Seed	0A 13 95 50 91 9A C4 87 60 D5 89 AF C9 2E 42 AA C2 BE A5 7A 30 B1 65 AB 9E DB E1	E8 33 0B 5E 5D 3A EA 9E 94 0F 4A 36 C7 20 74 67 D2 A5 14 7A 6C EE ED DC BB C5 C
modified	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/ProfileList/S-1-5-19	RefCount	0x00000002	0x00000001
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/ControlSet001/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/CurrentControlSet/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00	3C 00 00 00 17 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation	ProgramCount	0x00000002	0x00000001
modified	HKLM/SOFTWARE/Microsoft/Cryptography/RNG	Seed	CC 39 B2 30 79 2C 74 0D E5 11 73 94 F5 56 2E 90 F0 B0 55 69 EC 95 19 DB 29 EE 0F	8F 06 0C 26 1E D3 DF 26 A8 3E 1A 28 96 2A AD 7A 51 FE EA 2F F8 15 D2 17 89 00 A
modified	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/ProfileList/S-1-5-19	RefCount	0x00000002	0x00000001
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/ControlSet001/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/ControlSet001/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess	Start	0x00000002	0x00000004
modified	HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess/Epoch	Epoch	0x00000104	0x00000105
modified	HKLM/SYSTEM/CurrentControlSet/Services/wscsvc	Start	0x00000002	0x00000004
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00	3C 00 00 00 17 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation	ProgramCount	0x00000002	0x00000001

DNS Results

DNS	DNS Response
exe.perfectexe.com	Standard query response A 122.224.6.48

URL Results

DstIP	HTTP_HOST	HTTP_REQUEST_URI	HTTP_USER_AGENT	PROTOCOL
239.255.255.250	239.255.255.250:1900	*	--blank--	0x11

ARGUS PROTOCOL Results

PROTOCOL	SRC_PKTS	DST_PKTS	SRC_BYTES	DST_BYTES
6	60	56	4892	3368
17	3	0	525	0

ARGUS DPORT Results

DPORT	PROTOCOL	SRC_PKTS	DST_PKTS	SRC_BYTES	DST_BYTES
255	6	60	56	4892	3368
1900	17	3	0	525	0

ARGUS DATA Results

Time	Date	Protocol	SrcIP	DstIP	Dir	Flags	Sport	Dport	Pkts	Bytes
15:10:50	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	30	255	13	1105
15:10:55	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	30	255	10	600
15:11:00	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	30	255	6	360
15:12:03	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	99	255	13	1105
15:12:08	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	99	255	10	600
15:12:13	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	99	255	6	360
15:13:17	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	417	255	14	1165
15:13:22	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	417	255	10	600
15:13:27	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	417	255	5	300
15:14:30	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	103	255	13	1105
15:14:35	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	103	255	11	660
15:14:40	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	103	255	5	300
15:16:14	2010-07-14	17	10.10.10.7	239.255.255.250	->	e	8	1900	2	350
15:16:20	2010-07-14	17	10.10.10.7	239.255.255.250	->	e	8	1900	1	175
21:05:25	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	29	255	13	1105
21:05:30	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	29	255	11	660
21:05:35	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	29	255	5	300
21:06:38	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	388	255	13	1105
21:06:43	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	388	255	11	660
21:06:48	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	388	255	5	300
21:07:52	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	503	255	13	1105
21:07:57	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	503	255	11	660
21:08:02	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	503	255	5	300
21:09:05	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	197	255	14	1165
21:09:10	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	197	255	11	660
21:09:16	2010-07-14	6	10.10.10.7	122.224.6.48	->	e	197	255	4	240
21:10:49	2010-07-14	17	10.10.10.7	239.255.255.250	->	e	8	1900	2	350
21:10:55	2010-07-14	17	10.10.10.7	239.255.255.250	->	e	8	1900	1	175
12:57:33	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	63	255	13	1105
12:57:38	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	63	255	11	660
12:57:43	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	63	255	5	300
12:58:46	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	241	255	13	1108
12:58:51	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	241	255	11	660
12:58:57	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	241	255	5	300
13:00:00	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	142	255	13	1105
13:00:05	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	142	255	11	660
13:00:10	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	142	255	5	300
13:01:13	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	195	255	13	1105
13:01:18	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	195	255	11	660
13:01:23	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	195	255	5	300
13:01:30	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	195	255	1	60
13:01:36	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	195	255	1	60
13:01:48	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	195	255	1	60
13:02:12	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	195	255	1	60
20:52:16	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	32	255	13	1105
20:52:21	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	32	255	10	600
20:52:26	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	32	255	6	360
20:53:29	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	434	255	13	1105
20:53:34	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	434	255	11	660
20:53:39	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	434	255	5	300
20:54:42	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	311	255	13	1108
20:54:47	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	311	255	10	600
20:54:53	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	311	255	6	360
20:55:57	2010-07-15	6	10.10.10.7	122.224.6.48	->	e	49	255	13	1105
20:56:02	2010-07-15	6	10.10.10.7	122.224.6.48	->	e d	49	255	6	360
20:56:08	2010-07-15	6	10.10.10.7	122.224.6.48	->	e d	49	255	2	120
20:56:16	2010-07-15	6	10.10.10.7	122.224.6.48	->	e d	49	255	1	60
20:56:31	2010-07-15	6	10.10.10.7	122.224.6.48	->	e d	49	255	1	60
20:56:59	2010-07-15	6	10.10.10.7	122.224.6.48	->	e d	49	255	1	60
13:02:56	2010-07-15	17	10.10.10.7	239.255.255.250	->	e	8	1900	2	350
20:57:36	2010-07-15	17	10.10.10.7	239.255.255.250	->	e	8	1900	2	350
05:05:08	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	11	255	14	1165
05:05:13	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	11	255	10	600
05:05:18	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	11	255	5	300
05:06:22	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	17	255	13	1105
05:06:27	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	17	255	11	660
05:06:32	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	17	255	5	300
05:07:35	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	379	255	14	1165
05:07:40	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	379	255	10	600
05:07:45	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	379	255	5	300
05:08:48	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	639	255	13	1105
05:08:53	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	639	255	10	600
05:08:58	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	639	255	6	360
05:09:04	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	639	255	1	60
05:09:10	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	639	255	1	60
05:09:21	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	639	255	1	60
05:09:44	2010-07-16	6	10.10.10.7	122.224.6.48	->	e	639	255	1	60
05:10:31	2010-07-16	17	10.10.10.7	239.255.255.250	->	e	8	1900	2	350
11:36:25	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	11	255	14	1165
11:36:30	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	11	255	10	600
11:36:35	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	11	255	5	300
11:37:38	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	37	255	13	1105
11:37:43	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	37	255	10	600
11:37:48	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	37	255	6	360
11:38:52	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	42	255	13	1108
11:38:57	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	42	255	11	660
11:39:02	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	42	255	5	300
11:40:05	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	357	255	13	1105
11:40:10	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	357	255	11	660
11:40:15	2010-07-17	6	10.10.10.7	122.224.6.48	->	e	357	255	5	300
07:40:55	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	12	255	13	1105
07:41:00	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	12	255	10	600
07:41:05	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	12	255	6	360
07:42:10	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	487	255	13	1105
07:42:15	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	487	255	11	660
07:42:20	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	487	255	5	300
07:43:22	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	90	255	13	1105
07:43:27	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	90	255	10	600
07:43:32	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	90	255	6	360
07:44:35	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	24	255	13	1105
07:44:40	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	24	255	11	660
07:44:46	2010-07-18	6	10.10.10.7	122.224.6.48	->	e	24	255	5	300
11:41:52	2010-07-17	17	10.10.10.7	239.255.255.250	->	e	8	1900	2	350
07:46:25	2010-07-18	17	10.10.10.7	239.255.255.250	->	e	8	1900	2	350
12:52:23	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	122	255	13	1108
12:52:28	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	122	255	11	660
12:52:33	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	122	255	5	300
12:53:36	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	99	255	13	1105
12:53:41	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	99	255	11	660
12:53:46	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	99	255	5	300
12:54:49	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	190	255	14	1165
12:54:54	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	190	255	10	600
12:54:59	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	190	255	5	300
12:56:02	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	177	255	13	1105
12:56:07	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	177	255	11	660
12:56:12	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	177	255	5	300
12:56:19	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	177	255	1	60
12:56:25	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	177	255	1	60
12:56:37	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	177	255	1	60
12:57:02	2010-07-21	6	10.10.10.7	122.224.6.48	->	e	177	255	1	60
12:57:45	2010-07-21	17	10.10.10.7	239.255.255.250	->	e	8	1900	2	350
17:38:09	2010-07-24	6	10.10.10.7	122.224.6.48	->	e	284	255	13	1105
17:38:14	2010-07-24	6	10.10.10.7	122.224.6.48	->	e	284	255	10	600
17:38:19	2010-07-24	6	10.10.10.7	122.224.6.48	->	e	284	255	6	360
17:39:22	2010-07-24	6	10.10.10.7	122.224.6.48	->	e	566	255	14	1164
17:39:28	2010-07-24	6	10.10.10.7	122.224.6.48	->	e	566	255	10	600
17:39:33	2010-07-24	6	10.10.10.7	122.224.6.48	->	e	566	255	5	300
17:40:35	2010-07-24	6	10.10.10.7	122.224.6.48	->	e	624	255	13	1108
17:40:40	2010-07-24	6	10.10.10.7	122.224.6.48	->	e	624	255	10	600
17:40:45	2010-07-24	6	10.10.10.7	122.224.6.48	->	e	624	255	6	360
17:41:50	2010-07-24	6	10.10.10.7	122.224.6.48	->	e d	758	255	13	1105
17:41:55	2010-07-24	6	10.10.10.7	122.224.6.48	->	e d	758	255	2	120
17:43:26	2010-07-24	17	10.10.10.7	239.255.255.250	->	e	8	1900	2	350

Packer Results

Packer Name

HoneyTrap Results

Honey Trap Log File Location

PTFB Results

PTFB Log File Location