File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
6b31d1b536dcff82726760e845d605d6 | d7c5e5a8b9950a675b667f76a70d2617a21b430e | 42b06bee061ff190c0d3a9c5be888e8c594be5d4eeed4ae149d5ccf6a2101847 | 768:hAkoR1Ug9htELff73pV+nDpXT1EYlcWp3hC+hjiIKyrA9sYMeEdpMz5TE:hCT9htcfzf+nlXT/Bh | 73728 |
File Name |
---|
5.gif.exe |
Snort Class | Snort Alert | Count |
---|---|---|
N/A | No snort alerts generated | 0 |
AV Alert | AV Vendor |
---|---|
N/A | Symantec |
N/A | McAfee |
N/A | Kaspersky |
Suspicious.Insight | Symantec |
Suspect-02!6B72610E89F5 | McAfee |
Heur.Trojan.Generic | Kaspersky |
Suspect-1B!6C1052C2DCAD | McAfee |
Packed.Generic.265 | Symantec |
Packed.Win32.Krap.x | Kaspersky |
Trojan.Zbot!gen2 | Symantec |
PWS-Zbot.gen.x | McAfee |
Packed.Win32.Krap.ae | Kaspersky |
Path | Folder Name |
---|---|
c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5 | ITB2CJ0C |
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | B3 44 4B 06 94 EA 4D BA 77 28 9F 03 F7 5C 7D 81 CF E4 CF 88 E5 DB E0 28 64 D1 65 | EE A7 6D 64 49 8C 5B 41 EB E7 E5 70 F5 67 72 98 BA 0B 17 2F AA 94 92 BA A8 A3 C |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections | SavedLegacySettings | 3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 | 3C 00 00 00 16 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0 |
DNS | DNS Response |
---|---|
acpbdf.com.br | Standard query response A 200.219.214.6 |
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|---|---|---|---|
200.219.214.6 | acpbdf.com.br | /images/atual.txt | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) | 0x06 |
239.255.255.250 | 239.255.255.250:1900 | * | --blank-- | 0x11 |
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|
6 | 5 | 4 | 489 | 515 |
17 | 2 | 0 | 350 | 0 |
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|---|
80 | 6 | 5 | 4 | 489 | 515 |
1900 | 17 | 2 | 0 | 350 | 0 |
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|---|---|---|---|---|---|---|---|---|---|
15:58:31 | 2010-05-02 | 6 | 10.10.10.7 | 200.219.214.6 | -> | e | 12 | 80 | 9 | 1004 |
16:03:52 | 2010-05-02 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|