**** Malware_Report_-_Results ****
This report shows all the different areas TAZER analyzes for the sample: Host, Network Activity, and Detection.

Malware Search Criteria:
MD5 =75d4d437c5dff63085279696fb8eff63

**** Malware_Report_-_Results ****
 _______________________________________________________________________________________________________________________________________________________________________________________________________________
|File_MD5Sum_____________________|SHA1SUM_________________________________|SHA256SUM_______________________________________________________|FUZZY_HASH________________________________________________|File_Size|
|75d4d437c5dff63085279696fb8eff63|6fd2c1f5afb5236a92c20cd818fbda1e60a416d5|23b2a151fb0fd662686058cab7914914dd88b9ccc7ce1198ff4932b6f2cf240d|768:IRGuY2P0Vo6r7SiAwyrMRjb5nnbcuyD7U5:GPcVo6r7S/rabNnouy8|90624____|
**** File_Results ****
 _________
|File_Name|
|makat.exe|
**** SNORT_Results ****
 ___________________________________________
|Snort_Class|Snort_Alert______________|Count|
|N/A________|No_snort_alerts_generated|0____|
**** AV_Results ****
 ______________________________
|AV_Alert____________|AV_Vendor|
|WS.Reputation.1_____|Symantec_|
|Artemis!75D4D437C5DF|McAfee___|
|N/A_________________|Kaspersky|
**** Folders_(Added)_-_ICC_Results ****
 ________________
|Path|Folder_Name|
**** Files_(Added)_-_ICC_Results ****
 ____________________________________________
|Path________________|File_Name______________|
|c:/DELL/VIDEO/OUTPUT|netstat_base.txt_______|
|c:/DELL/VIDEO/OUTPUT|netstat_post.txt_______|
|c:/DELL/VIDEO/OUTPUT|tasksvc_base.txt_______|
|c:/DELL/VIDEO/OUTPUT|tasksvc_post.txt_______|
|c:/DELL/VIDEO/OUTPUT|taskv_base.txt_________|
|c:/DELL/VIDEO/OUTPUT|taskv_post.txt_________|
|c:/WINDOWS/Prefetch_|7Z.EXE-1A62CD19.pf_____|
|c:/WINDOWS/Prefetch_|NET.EXE-01A53C2F.pf____|
|c:/WINDOWS/Prefetch_|NET1.EXE-029B9DB4.pf___|
|c:/WINDOWS/Prefetch_|SANDNET.EXE-2012C478.pf|
|c:/WINDOWS/Prefetch_|WSCRIPT.EXE-32960AB9.pf|
|c:/WINDOWS__________|dns.vbs________________|
|c:/WINDOWS__________|message.vbs____________|
**** Files_(Deleted)_-_ICC_Results ****
 _____________________
|Action|Path|File_Name|
**** Files_(Changed)_-_ICC_Results ****
 ________________________________________________________________________
|Action__|Path__________________________________|File_Name_______________|
|modified|c:/Documents_and_Settings/dmc73144____|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________|ATTRIB.EXE-39EAFB02.pf__|
|modified|c:/WINDOWS/Prefetch___________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch___________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch___________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/config____________|system.LOG______________|
|modified|c:/WINDOWS/system32/drivers/etc_______|hosts___________________|
|modified|c:/WINDOWS/system32/wbem/Logs_________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Logs_________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS|INDEX.BTR_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS|MAPPING1.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS|OBJECTS.DATA____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS|OBJECTS.MAP_____________|
**** Registry_Keys_(Added)_-_ICC_Results ****
 ___________
|Action|Path|
**** Registry_Values_(Added)_-_ICC_Results ****
 _____________________________
|Action|Path|Val_Name|Val_Data|
**** Registry_Values_(Deleted)_-_ICC_Results ****
 ________________________________________________________________
|Action|Path|Val_Name|Val_Type|Mod_Val_Type|Val_Data|Mod_Val_Data|
**** Registry_Values_(Changed)_-_ICC_Results ****
 ______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________
|Action__|Path_____________________________________________________________________________________________________|Val_Name__|Val_Data________________________________________________________________________|Mod_Val_Data___________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG_________________________________________________________________|Seed______|F8_CD_13_79_03_5D_30_92_7E_A8_6E_25_C4_08_CE_DF_8B_23_73_BE_69_95_BC_33_C5_79_7F|BD_5A_E1_A1_73_AC_CD_66_4E_65_B3_BA_74_EF_1F_78_F9_6C_CA_22_39_A7_D8_B6_52_A4_7|
|modified|HKLM/SYSTEM/ControlSet001/Services/SharedAccess/Epoch____________________________________________________|Epoch_____|0x00000104______________________________________________________________________|0x00000108_____________________________________________________________________|
|modified|HKLM/SYSTEM/ControlSet001/Services/Tcpip/Parameters/Interfaces/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}____|NameServer|"10.10.10.2"____________________________________________________________________|"8.8.8.8,8.8.4.4,10.10.10.2"___________________________________________________|
|modified|HKLM/SYSTEM/CurrentControlSet/Services/SharedAccess/Epoch________________________________________________|Epoch_____|0x00000104______________________________________________________________________|0x00000108_____________________________________________________________________|
|modified|HKLM/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters/Interfaces/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}|NameServer|"10.10.10.2"____________________________________________________________________|"8.8.8.8,8.8.4.4,10.10.10.2"___________________________________________________|
**** DNS_Results ****
 ________________
|DNS|DNS_Response|
**** URL_Results ****
 _________________________________________________________
|DstIP|HTTP_HOST|HTTP_REQUEST_URI|HTTP_USER_AGENT|PROTOCOL|
**** ARGUS_PROTOCOL_Results ****
 ______________________________________________
|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
**** ARGUS_DPORT_Results ****
 ____________________________________________________
|DPORT|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
**** ARGUS_DATA_Results ****
 _______________________________________________________________
|Time|Date|Protocol|SrcIP|DstIP|Dir|Flags|Sport|Dport|Pkts|Bytes|
**** Packer_Results ****
 ___________
|Packer_Name|
**** HoneyTrap_Results ****
 ____________________________
|Honey_Trap_Log_File_Location|
**** PTFB_Results ****
 ______________________
|PTFB_Log_File_Location|