File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
6c6d68afb8f29c205dbd40def0ef0d03 | 3e12c9ff2e4c82a16394aea9c6e9cf9217710076 | 087cdd7e0dc39858cf9b55a3ff24807020ddcb4d736d65413a86f953f504e1f9 | 1536:svcCF20IzYbPWdMCcl0CGs3GkKMS+Fk2sLD9iR7BTBwQIosfv8:8dI0IzXdRCr3GJMSwklvQd9B | 102400 |
File Name |
---|
my%5Ffacebook.exe |
Snort Class | Snort Alert | Count |
---|---|---|
N/A | No snort alerts generated | 0 |
AV Alert | AV Vendor |
---|---|
N/A | Symantec |
Artemis!6C6D68AFB8F2 | McAfee |
N/A | Kaspersky |
Path | Folder Name |
---|
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | 33 D2 F6 8D D2 F8 6A 6B 4E B2 6B 32 83 B4 80 8A E2 2B 5F F1 DC 2A 28 C1 6A 12 E1 | A3 0C 71 E9 7D EF FE 36 EC 10 13 48 D5 64 71 0B C6 D6 FD 40 E7 C2 79 13 80 C9 3 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | E0 1B 5D FE B5 4E 23 FC E7 5C 83 63 9E 92 DB F4 6B 5B CB 62 9B F5 CB BD E0 36 47 | 8C DD 43 C8 83 0D 9A 51 C9 94 92 57 49 C4 89 B1 4D F8 E9 1E 5D 69 2F EB 00 54 E |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | 87 06 2A A2 29 A1 64 47 7C AA 2E 2A 54 2C F2 81 3C 3D 90 A0 9C 7A FA 51 B0 AC 48 | 3E A3 80 59 66 12 A6 6A 0D 62 AB B0 94 19 BB 0C 8C C0 6E A7 7C 95 D4 0B B4 C2 3 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | 44 87 8C 08 06 31 69 43 36 4E 6A 6A 05 22 FE F9 23 C7 36 A1 A2 50 E4 91 E4 3F 8A | CB 13 41 7D 6A BC 91 A3 A1 66 48 DD 77 F3 42 AB AA DE 8D 62 99 EF B1 FC DD 28 8 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
DNS | DNS Response |
---|
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|---|---|---|---|
239.255.255.250 | 239.255.255.250:1900 | * | --blank-- | 0x11 |
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|
17 | 2 | 0 | 350 | 0 |
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|---|
1900 | 17 | 2 | 0 | 350 | 0 |
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|---|---|---|---|---|---|---|---|---|---|
17:02:52 | 2010-07-28 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
00:28:51 | 2010-07-29 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
09:06:56 | 2010-07-29 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
21:32:38 | 2010-07-29 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
21:32:44 | 2010-07-29 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 1 | 175 |
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|