File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
8ed76ce9d20e747cbd221602ade4cace | 7d3628a7e3e2211255ccc901f9c00e52faa656de | 9fbf23e37d7fa462e7493e6cd466c12d5b24ce721949396c3395ead81f5828b0 | 12288:znlNzzaIItLfIJllLVcqoLqHrqoWqviqeLqgTnfUAT1Iqm6U3VOj46ONCEYv5zZf:5NpIBsllV | 505595 |
File Name |
---|
fotos%5FJPG.exe |
Snort Class | Snort Alert | Count |
---|---|---|
N/A | No snort alerts generated | 0 |
AV Alert | AV Vendor |
---|---|
N/A | Symantec |
Suspect-AJ!8ED76CE9D20E | McAfee |
Virus.Win32.Induc.a | Kaspersky |
Path | Folder Name |
---|
Path | File Name |
---|---|
c:/Program Files/Common Files | safemode |
c:/WINDOWS/Prefetch | SANDNET.EXE-2012C478.pf |
c: | netstat_post.txt |
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | 70 B2 F5 E3 32 83 95 C1 E2 E5 5D A5 08 95 66 DA EE C8 EF 8B 76 86 99 F1 27 4C FD | 9A AD 37 2A 55 CF 7C E5 11 D1 6B D2 62 6C F4 98 9C BE 69 91 1F B8 01 DD 82 4E 5 |
DNS | DNS Response |
---|---|
www.segurancavg.com | Standard query response A 72.249.105.199 |
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|---|---|---|---|
109.169.0.64 | 109.169.0.64 | /secret.php | Mozilla/3.0 (compatible; Indy Library) | 0x06 |
72.249.105.199 | www.segurancavg.com | /server.txt | Mozilla/3.0 (compatible; Indy Library) | 0x06 |
239.255.255.250 | 239.255.255.250:1900 | * | --blank-- | 0x11 |
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|
6 | 11 | 9 | 1656 | 1090 |
17 | 2 | 0 | 350 | 0 |
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|---|
80 | 6 | 11 | 9 | 1656 | 1090 |
1900 | 17 | 2 | 0 | 350 | 0 |
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|---|---|---|---|---|---|---|---|---|---|
21:53:15 | 2011-06-21 | 6 | 10.10.10.7 | 109.169.0.64 | -> | e | 249 | 80 | 11 | 1731 |
21:53:16 | 2011-06-21 | 6 | 10.10.10.7 | 72.249.105.199 | -> | e | 311 | 80 | 9 | 1015 |
21:58:50 | 2011-06-21 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|