File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
958cc36c3bb2d217c9231a178a952f74 | a18e1ab6fdc598a2142ea68fe104f52660408d6c | cf79afe4af59b20abb8e0d810503db5bcbbda68745bca43849081998d06f4b5e | 384:/TTzIQ6d4XIXGnld+TNiPVuT6IMp4v8y4kxuXlJVxj3LhKlXux0JLy8IlfWAUEzn:/HMd4Y2luNM | 151552 |
File Name |
---|
load.exe |
Snort Class | Snort Alert | Count |
---|---|---|
N/A | No snort alerts generated | 0 |
AV Alert | AV Vendor |
---|
Path | Folder Name |
---|
Path | File Name |
---|---|
c:/WINDOWS/Prefetch | SANDNET.EXE-2012C478.pf |
c: | netstat_post.txt |
c: | taskv_post.txt |
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | EC 9B DC 64 78 49 56 D0 94 D8 88 9E 18 64 E8 8D 95 CB F5 23 29 7F 04 32 14 A8 B7 | 42 77 AE F1 05 B1 97 41 1E 26 AB 15 7D 59 4A 8F 90 12 5A 6E 31 96 E4 53 4E 2C A |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Internet Explorer/Main | Start Page | "about | "http |
DNS | DNS Response |
---|
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|---|---|---|---|
239.255.255.250 | 239.255.255.250:1900 | * | --blank-- | 0x11 |
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|
17 | 3 | 0 | 525 | 0 |
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|---|
1900 | 17 | 3 | 0 | 525 | 0 |
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|---|---|---|---|---|---|---|---|---|---|
23:38:46 | 2011-01-08 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
23:38:52 | 2011-01-08 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 1 | 175 |
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|